generated from ansible-collections/collection_template
-
Notifications
You must be signed in to change notification settings - Fork 135
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
helm - new module to perform helm pull (#410)
helm - new module to perform helm pull Depends-On: ansible/ansible-zuul-jobs#1586 SUMMARY #355 new module to manage chart downloading helm pull ISSUE TYPE Feature Pull Request COMPONENT NAME helm_pull Reviewed-by: Mike Graves <mgraves@redhat.com> Reviewed-by: Bikouo Aubin <None>
- Loading branch information
Showing
5 changed files
with
553 additions
and
5 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,310 @@ | ||
#!/usr/bin/python | ||
# -*- coding: utf-8 -*- | ||
|
||
# Copyright: (c) 2022, Ansible Project | ||
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) | ||
from __future__ import absolute_import, division, print_function | ||
|
||
__metaclass__ = type | ||
|
||
|
||
DOCUMENTATION = r""" | ||
--- | ||
module: helm_pull | ||
short_description: download a chart from a repository and (optionally) unpack it in local directory. | ||
version_added: "2.4.0" | ||
author: | ||
- Aubin Bikouo (@abikouo) | ||
description: | ||
- Retrieve a package from a package repository, and download it locally. | ||
- It can also be used to perform cryptographic verification of a chart without installing the chart. | ||
- There are options for unpacking the chart after download. | ||
requirements: | ||
- "helm >= 3.0 (https://github.com/helm/helm/releases)" | ||
options: | ||
chart_ref: | ||
description: | ||
- chart name on chart repository. | ||
- absolute URL. | ||
required: true | ||
type: str | ||
chart_version: | ||
description: | ||
- Specify a version constraint for the chart version to use. | ||
- This constraint can be a specific tag (e.g. 1.1.1) or it may reference a valid range (e.g. ^2.0.0). | ||
- Mutually exclusive with C(chart_devel). | ||
type: str | ||
verify_chart: | ||
description: | ||
- Verify the package before using it. | ||
default: False | ||
type: bool | ||
verify_chart_keyring: | ||
description: | ||
- location of public keys used for verification. | ||
type: path | ||
provenance: | ||
description: | ||
- Fetch the provenance file, but don't perform verification. | ||
type: bool | ||
default: False | ||
repo_url: | ||
description: | ||
- chart repository url where to locate the requested chart. | ||
type: str | ||
aliases: [ url, chart_repo_url ] | ||
repo_username: | ||
description: | ||
- Chart repository username where to locate the requested chart. | ||
- Required if C(repo_password) is specified. | ||
type: str | ||
aliases: [ username, chart_repo_username ] | ||
repo_password: | ||
description: | ||
- Chart repository password where to locate the requested chart. | ||
- Required if C(repo_username) is specified. | ||
type: str | ||
aliases: [ password, chart_repo_password ] | ||
pass_credentials: | ||
description: | ||
- Pass credentials to all domains. | ||
default: False | ||
type: bool | ||
skip_tls_certs_check: | ||
description: | ||
- Whether or not to check tls certificate for the chart download. | ||
- Requires helm >= 3.3.0. | ||
type: bool | ||
default: False | ||
chart_devel: | ||
description: | ||
- Use development versions, too. Equivalent to version '>0.0.0-0'. | ||
- Mutually exclusive with C(chart_version). | ||
type: bool | ||
untar_chart: | ||
description: | ||
- if set to true, will untar the chart after downloading it. | ||
type: bool | ||
default: False | ||
destination: | ||
description: | ||
- location to write the chart. | ||
type: path | ||
required: True | ||
chart_ca_cert: | ||
description: | ||
- Verify certificates of HTTPS-enabled servers using this CA bundle. | ||
- Requires helm >= 3.1.0. | ||
type: path | ||
chart_ssl_cert_file: | ||
description: | ||
- Identify HTTPS client using this SSL certificate file. | ||
- Requires helm >= 3.1.0. | ||
type: path | ||
chart_ssl_key_file: | ||
description: | ||
- Identify HTTPS client using this SSL key file | ||
- Requires helm >= 3.1.0. | ||
type: path | ||
binary_path: | ||
description: | ||
- The path of a helm binary to use. | ||
required: false | ||
type: path | ||
""" | ||
|
||
EXAMPLES = r""" | ||
- name: Download chart using chart url | ||
kubernetes.core.helm_pull: | ||
chart_ref: https://github.com/grafana/helm-charts/releases/download/grafana-5.6.0/grafana-5.6.0.tgz | ||
destination: /path/to/chart | ||
- name: Download Chart using chart_name and repo_url | ||
kubernetes.core.helm_pull: | ||
chart_ref: redis | ||
repo_url: https://charts.bitnami.com/bitnami | ||
untar_chart: yes | ||
destination: /path/to/chart | ||
- name: Download Chart (skip tls certificate check) | ||
kubernetes.core.helm_pull: | ||
chart_ref: redis | ||
repo_url: https://charts.bitnami.com/bitnami | ||
untar_chart: yes | ||
destination: /path/to/chart | ||
skip_tls_certs_check: yes | ||
- name: Download Chart using chart registry credentials | ||
kubernetes.core.helm_pull: | ||
chart_ref: redis | ||
repo_url: https://charts.bitnami.com/bitnami | ||
untar_chart: yes | ||
destination: /path/to/chart | ||
username: myuser | ||
password: mypassword123 | ||
""" | ||
|
||
RETURN = r""" | ||
stdout: | ||
type: str | ||
description: Full `helm pull` command stdout, in case you want to display it or examine the event log | ||
returned: always | ||
sample: '' | ||
stderr: | ||
type: str | ||
description: Full `helm pull` command stderr, in case you want to display it or examine the event log | ||
returned: always | ||
sample: '' | ||
command: | ||
type: str | ||
description: Full `helm pull` command built by this module, in case you want to re-run the command outside the module or debug a problem. | ||
returned: always | ||
sample: helm pull --repo test ... | ||
rc: | ||
type: int | ||
description: Helm pull command return code | ||
returned: always | ||
sample: 1 | ||
""" | ||
|
||
from ansible.module_utils.basic import AnsibleModule | ||
from ansible_collections.kubernetes.core.plugins.module_utils.helm import ( | ||
run_helm, | ||
get_helm_version, | ||
) | ||
from ansible_collections.kubernetes.core.plugins.module_utils.version import ( | ||
LooseVersion, | ||
) | ||
|
||
|
||
def main(): | ||
argspec = dict( | ||
chart_ref=dict(type="str", required=True), | ||
chart_version=dict(type="str"), | ||
verify_chart=dict(type="bool", default=False), | ||
verify_chart_keyring=dict(type="path"), | ||
provenance=dict(type="bool", default=False), | ||
repo_url=dict(type="str", aliases=["url", "chart_repo_url"]), | ||
repo_username=dict(type="str", aliases=["username", "chart_repo_username"]), | ||
repo_password=dict( | ||
type="str", no_log=True, aliases=["password", "chart_repo_password"] | ||
), | ||
pass_credentials=dict(type="bool", default=False), | ||
skip_tls_certs_check=dict(type="bool", default=False), | ||
chart_devel=dict(type="bool"), | ||
untar_chart=dict(type="bool", default=False), | ||
destination=dict(type="path", required=True), | ||
chart_ca_cert=dict(type="path"), | ||
chart_ssl_cert_file=dict(type="path"), | ||
chart_ssl_key_file=dict(type="path"), | ||
binary_path=dict(type="path"), | ||
) | ||
module = AnsibleModule( | ||
argument_spec=argspec, | ||
supports_check_mode=True, | ||
required_by=dict( | ||
repo_username=("repo_password"), | ||
repo_password=("repo_username"), | ||
), | ||
mutually_exclusive=[("chart_version", "chart_devel")], | ||
) | ||
|
||
bin_path = module.params.get("binary_path") | ||
if bin_path is not None: | ||
helm_cmd_common = bin_path | ||
else: | ||
helm_cmd_common = "helm" | ||
|
||
helm_cmd_common = module.get_bin_path(helm_cmd_common, required=True) | ||
|
||
helm_version = get_helm_version(module, helm_cmd_common) | ||
if LooseVersion(helm_version) < LooseVersion("3.0.0"): | ||
module.fail_json( | ||
msg="This module requires helm >= 3.0.0, current version is {0}".format( | ||
helm_version | ||
) | ||
) | ||
|
||
helm_pull_opt_versionning = dict( | ||
skip_tls_certs_check="3.3.0", | ||
chart_ca_cert="3.1.0", | ||
chart_ssl_cert_file="3.1.0", | ||
chart_ssl_key_file="3.1.0", | ||
) | ||
|
||
def test_version_requirement(opt): | ||
req_version = helm_pull_opt_versionning.get(opt) | ||
if req_version and LooseVersion(helm_version) < LooseVersion(req_version): | ||
module.fail_json( | ||
msg="Parameter {0} requires helm >= {1}, current version is {2}".format( | ||
opt, req_version, helm_version | ||
) | ||
) | ||
|
||
# Set `helm pull` arguments requiring values | ||
helm_pull_opts = [] | ||
|
||
helm_value_args = dict( | ||
chart_version="version", | ||
verify_chart_keyring="keyring", | ||
repo_url="repo", | ||
repo_username="username", | ||
repo_password="password", | ||
destination="destination", | ||
chart_ca_cert="ca-file", | ||
chart_ssl_cert_file="cert-file", | ||
chart_ssl_key_file="key-file", | ||
) | ||
|
||
for opt, cmdkey in helm_value_args.items(): | ||
if module.params.get(opt): | ||
test_version_requirement(opt) | ||
helm_pull_opts.append("--{0} {1}".format(cmdkey, module.params.get(opt))) | ||
|
||
# Set `helm pull` arguments flags | ||
helm_flag_args = dict( | ||
verify_chart=dict(key="verify"), | ||
provenance=dict(key="prov"), | ||
pass_credentials=dict(key="pass-credentials"), | ||
skip_tls_certs_check=dict(key="insecure-skip-tls-verify"), | ||
chart_devel=dict(key="devel"), | ||
untar_chart=dict(key="untar"), | ||
) | ||
|
||
for k, v in helm_flag_args.items(): | ||
if module.params.get(k): | ||
test_version_requirement(k) | ||
helm_pull_opts.append("--{0}".format(v["key"])) | ||
|
||
helm_cmd_common = "{0} pull {1} {2}".format( | ||
helm_cmd_common, module.params.get("chart_ref"), " ".join(helm_pull_opts) | ||
) | ||
if not module.check_mode: | ||
rc, out, err = run_helm(module, helm_cmd_common, fails_on_error=False) | ||
else: | ||
rc, out, err = (0, "", "") | ||
|
||
if rc == 0: | ||
module.exit_json( | ||
failed=False, | ||
changed=True, | ||
command=helm_cmd_common, | ||
stdout=out, | ||
stderr=err, | ||
rc=rc, | ||
) | ||
else: | ||
module.fail_json( | ||
msg="Failure when executing Helm command.", | ||
command=helm_cmd_common, | ||
changed=False, | ||
stdout=out, | ||
stderr=err, | ||
rc=rc, | ||
) | ||
|
||
|
||
if __name__ == "__main__": | ||
main() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,8 +1,9 @@ | ||
# slow - 11min | ||
slow | ||
time=313 | ||
time=334 | ||
helm_info | ||
helm_plugin | ||
helm_plugin_info | ||
helm_repository | ||
helm_template | ||
helm_pull |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.