mirror of
				https://github.com/ansible-collections/community.general.git
				synced 2025-10-26 05:50:36 -07:00 
			
		
		
		
	
		
			Some checks are pending
		
		
	
	EOL CI / EOL Sanity (Ⓐ2.16) (push) Waiting to run
				
			EOL CI / EOL Units (Ⓐ2.16+py2.7) (push) Waiting to run
				
			EOL CI / EOL Units (Ⓐ2.16+py3.11) (push) Waiting to run
				
			EOL CI / EOL Units (Ⓐ2.16+py3.6) (push) Waiting to run
				
			EOL CI / EOL I (Ⓐ2.16+alpine3+py:azp/posix/1/) (push) Waiting to run
				
			EOL CI / EOL I (Ⓐ2.16+alpine3+py:azp/posix/2/) (push) Waiting to run
				
			EOL CI / EOL I (Ⓐ2.16+alpine3+py:azp/posix/3/) (push) Waiting to run
				
			EOL CI / EOL I (Ⓐ2.16+fedora38+py:azp/posix/1/) (push) Waiting to run
				
			EOL CI / EOL I (Ⓐ2.16+fedora38+py:azp/posix/2/) (push) Waiting to run
				
			EOL CI / EOL I (Ⓐ2.16+fedora38+py:azp/posix/3/) (push) Waiting to run
				
			EOL CI / EOL I (Ⓐ2.16+opensuse15+py:azp/posix/1/) (push) Waiting to run
				
			EOL CI / EOL I (Ⓐ2.16+opensuse15+py:azp/posix/2/) (push) Waiting to run
				
			EOL CI / EOL I (Ⓐ2.16+opensuse15+py:azp/posix/3/) (push) Waiting to run
				
			nox / Run extra sanity tests (push) Waiting to run
				
			* doc style adjustments: modules c* * doc style adjustments: modules d* * Update plugins/modules/consul_agent_check.py Co-authored-by: Felix Fontein <felix@fontein.de> --------- Co-authored-by: Felix Fontein <felix@fontein.de>
		
			
				
	
	
		
			106 lines
		
	
	
	
		
			3.1 KiB
		
	
	
	
		
			Python
		
	
	
	
	
	
			
		
		
	
	
			106 lines
		
	
	
	
		
			3.1 KiB
		
	
	
	
		
			Python
		
	
	
	
	
	
| #!/usr/bin/python
 | |
| # -*- coding: utf-8 -*-
 | |
| #
 | |
| # Copyright (c) 2024, Florian Apolloner (@apollo13)
 | |
| # GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
 | |
| # SPDX-License-Identifier: GPL-3.0-or-later
 | |
| 
 | |
| from __future__ import absolute_import, division, print_function
 | |
| 
 | |
| __metaclass__ = type
 | |
| 
 | |
| DOCUMENTATION = r"""
 | |
| module: consul_acl_bootstrap
 | |
| short_description: Bootstrap ACLs in Consul
 | |
| version_added: 8.3.0
 | |
| description:
 | |
|   - Allows bootstrapping of ACLs in a Consul cluster, see U(https://developer.hashicorp.com/consul/api-docs/acl#bootstrap-acls)
 | |
|     for details.
 | |
| author:
 | |
|   - Florian Apolloner (@apollo13)
 | |
| extends_documentation_fragment:
 | |
|   - community.general.consul
 | |
|   - community.general.attributes
 | |
| attributes:
 | |
|   check_mode:
 | |
|     support: none
 | |
|   diff_mode:
 | |
|     support: none
 | |
| options:
 | |
|   state:
 | |
|     description:
 | |
|       - Whether the token should be present or absent.
 | |
|     choices: ['present', 'bootstrapped']
 | |
|     default: present
 | |
|     type: str
 | |
|   bootstrap_secret:
 | |
|     description:
 | |
|       - The secret to be used as secret ID for the initial token.
 | |
|       - Needs to be an UUID.
 | |
|     type: str
 | |
| """
 | |
| 
 | |
| EXAMPLES = r"""
 | |
| - name: Bootstrap the ACL system
 | |
|   community.general.consul_acl_bootstrap:
 | |
|     bootstrap_secret: 22eaeed1-bdbd-4651-724e-42ae6c43e387
 | |
| """
 | |
| 
 | |
| RETURN = r"""
 | |
| result:
 | |
|   description:
 | |
|     - The bootstrap result as returned by the Consul HTTP API.
 | |
|     - B(Note:) If O(bootstrap_secret) has been specified the C(SecretID) and C(ID) do not contain the secret but C(VALUE_SPECIFIED_IN_NO_LOG_PARAMETER).
 | |
|       If you pass O(bootstrap_secret), make sure your playbook/role does not depend on this return value!
 | |
|   returned: changed
 | |
|   type: dict
 | |
|   sample:
 | |
|     AccessorID: 834a5881-10a9-a45b-f63c-490e28743557
 | |
|     CreateIndex: 25
 | |
|     CreateTime: '2024-01-21T20:26:27.114612038+01:00'
 | |
|     Description: Bootstrap Token (Global Management)
 | |
|     Hash: X2AgaFhnQGRhSSF/h0m6qpX1wj/HJWbyXcxkEM/5GrY=
 | |
|     ID: VALUE_SPECIFIED_IN_NO_LOG_PARAMETER
 | |
|     Local: false
 | |
|     ModifyIndex: 25
 | |
|     Policies:
 | |
|       - ID: 00000000-0000-0000-0000-000000000001
 | |
|         Name: global-management
 | |
|     SecretID: VALUE_SPECIFIED_IN_NO_LOG_PARAMETER
 | |
| """
 | |
| 
 | |
| from ansible.module_utils.basic import AnsibleModule
 | |
| from ansible_collections.community.general.plugins.module_utils.consul import (
 | |
|     AUTH_ARGUMENTS_SPEC,
 | |
|     RequestError,
 | |
|     _ConsulModule,
 | |
| )
 | |
| 
 | |
| _ARGUMENT_SPEC = {
 | |
|     "state": dict(type="str", choices=["present", "bootstrapped"], default="present"),
 | |
|     "bootstrap_secret": dict(type="str", no_log=True),
 | |
| }
 | |
| _ARGUMENT_SPEC.update(AUTH_ARGUMENTS_SPEC)
 | |
| _ARGUMENT_SPEC.pop("token")
 | |
| 
 | |
| 
 | |
| def main():
 | |
|     module = AnsibleModule(_ARGUMENT_SPEC)
 | |
|     consul_module = _ConsulModule(module)
 | |
| 
 | |
|     data = {}
 | |
|     if "bootstrap_secret" in module.params:
 | |
|         data["BootstrapSecret"] = module.params["bootstrap_secret"]
 | |
| 
 | |
|     try:
 | |
|         response = consul_module.put("acl/bootstrap", data=data)
 | |
|     except RequestError as e:
 | |
|         if e.status == 403 and b"ACL bootstrap no longer allowed" in e.response_data:
 | |
|             return module.exit_json(changed=False)
 | |
|         raise
 | |
|     else:
 | |
|         return module.exit_json(changed=True, result=response)
 | |
| 
 | |
| 
 | |
| if __name__ == "__main__":
 | |
|     main()
 |