mirror of
https://github.com/ansible-collections/community.general.git
synced 2025-04-24 11:21:25 -07:00
bc4ef99533
* openstack: standardize tls params * tower: tower_verify_ssl->validate_certs * docker: use standard tls config params - cacert_path -> ca_cert - cert_path -> client_cert - key_path -> client_key - tls_verify -> validate_certs * k8s: standardize tls connection params - verify_ssl -> validate_certs - ssl_ca_cert -> ca_cert - cert_file -> client_cert - key_file -> client_key * ingate: verify_ssl -> validate_certs * manageiq: standardize tls params - verify_ssl -> validate_certs - ca_bundle_path -> ca_cert * mysql: standardize tls params - ssl_ca -> ca_cert - ssl_cert -> client_cert - ssl_key -> client_key * nios: ssl_verify -> validate_certs * postgresql: ssl_rootcert -> ca_cert * rabbitmq: standardize tls params - cacert -> ca_cert - cert -> client_cert - key -> client_key * rackspace: verify_ssl -> validate_certs * vca: verify_certs -> validate_certs * kubevirt_cdi_upload: upload_host_verify_ssl -> upload_host_validate_certs * lxd: standardize tls params - key_file -> client_key - cert_file -> client_cert * get_certificate: ca_certs -> ca_cert * get_certificate.py: clarify one or more certs in a file Co-Authored-By: jamescassell <code@james.cassell.me> * zabbix: tls_issuer -> ca_cert * bigip_device_auth_ldap: standardize tls params - ssl_check_peer -> validate_certs - ssl_client_cert -> client_cert - ssl_client_key -> client_key - ssl_ca_cert -> ca_cert * vdirect: vdirect_validate_certs -> validate_certs * mqtt: standardize tls params - ca_certs -> ca_cert - certfile -> client_cert - keyfile -> client_key * pulp_repo: standardize tls params remove `importer_ssl` prefix * rhn_register: sslcacert -> ca_cert * yum_repository: standardize tls params The fix for yum_repository is not straightforward since this module is only a thin wrapper for the underlying commands and config. In this case, we add the new values as aliases, keeping the old as primary, only due to the internal structure of the module. Aliases added: - sslcacert -> ca_cert - sslclientcert -> client_cert - sslclientkey -> client_key - sslverify -> validate_certs * gitlab_hook: enable_ssl_verification -> hook_validate_certs * Adjust arguments for docker_swarm inventory plugin. * foreman callback: standardize tls params - ssl_cert -> client_cert - ssl_key -> client_key * grafana_annotations: validate_grafana_certs -> validate_certs * nrdp callback: validate_nrdp_certs -> validate_certs * kubectl connection: standardize tls params - kubectl_cert_file -> client_cert - kubectl_key_file -> client_key - kubectl_ssl_ca_cert -> ca_cert - kubectl_verify_ssl -> validate_certs * oc connection: standardize tls params - oc_cert_file -> client_cert - oc_key_file -> client_key - oc_ssl_ca_cert -> ca_cert - oc_verify_ssl -> validate_certs * psrp connection: cert_trust_path -> ca_cert TODO: cert_validation -> validate_certs (multi-valued vs bool) * k8s inventory: standardize tls params - cert_file -> client_cert - key_file -> client_key - ca_cert -> ca_cert - verify_ssl -> validate_certs * openshift inventory: standardize tls params - cert_file -> client_cert - key_file -> client_key - ca_cert -> ca_cert - verify_ssl -> validate_certs * tower inventory: verify_ssl -> validate_certs * hashi_vault lookup: cacert -> ca_cert * k8s lookup: standardize tls params - cert_file -> client_cert - key_file -> client_key - ca_cert -> ca_cert - verify_ssl -> validate_certs * laps_passord lookup: cacert_file -> ca_cert * changelog for TLS parameter standardization
77 lines
2.4 KiB
Python
77 lines
2.4 KiB
Python
# -*- coding: utf-8 -*-
|
|
|
|
# Copyright: (c) 2015, Jonathan Mainguy <jon@soh.re>
|
|
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
|
|
|
|
|
|
class ModuleDocFragment(object):
|
|
|
|
# Standard mysql documentation fragment
|
|
DOCUMENTATION = r'''
|
|
options:
|
|
login_user:
|
|
description:
|
|
- The username used to authenticate with.
|
|
type: str
|
|
login_password:
|
|
description:
|
|
- The password used to authenticate with.
|
|
type: str
|
|
login_host:
|
|
description:
|
|
- Host running the database.
|
|
type: str
|
|
default: localhost
|
|
login_port:
|
|
description:
|
|
- Port of the MySQL server. Requires I(login_host) be defined as other than localhost if login_port is used.
|
|
type: int
|
|
default: 3306
|
|
login_unix_socket:
|
|
description:
|
|
- The path to a Unix domain socket for local connections.
|
|
type: str
|
|
connect_timeout:
|
|
description:
|
|
- The connection timeout when connecting to the MySQL server.
|
|
type: int
|
|
default: 30
|
|
version_added: "2.1"
|
|
config_file:
|
|
description:
|
|
- Specify a config file from which user and password are to be read.
|
|
type: path
|
|
default: '~/.my.cnf'
|
|
version_added: "2.0"
|
|
ca_cert:
|
|
description:
|
|
- The path to a Certificate Authority (CA) certificate. This option, if used, must specify the same certificate
|
|
as used by the server.
|
|
type: path
|
|
version_added: "2.0"
|
|
aliases: [ ssl_ca ]
|
|
client_cert:
|
|
description:
|
|
- The path to a client public key certificate.
|
|
type: path
|
|
version_added: "2.0"
|
|
aliases: [ ssl_cert ]
|
|
client_key:
|
|
description:
|
|
- The path to the client private key.
|
|
type: path
|
|
version_added: "2.0"
|
|
aliases: [ ssl_key ]
|
|
requirements:
|
|
- PyMySQL (Python 2.7 and Python 3.X), or
|
|
- MySQLdb (Python 2.x)
|
|
notes:
|
|
- Requires the PyMySQL (Python 2.7 and Python 3.X) or MySQL-python (Python 2.X) package on the remote host.
|
|
The Python package may be installed with apt-get install python-pymysql (Ubuntu; see M(apt)) or
|
|
yum install python2-PyMySQL (RHEL/CentOS/Fedora; see M(yum)). You can also use dnf install python2-PyMySQL
|
|
for newer versions of Fedora; see M(dnf).
|
|
- Both C(login_password) and C(login_user) are required when you are
|
|
passing credentials. If none are present, the module will attempt to read
|
|
the credentials from C(~/.my.cnf), and finally fall back to using the MySQL
|
|
default login of 'root' with no password.
|
|
'''
|