adding container registry facts #43325
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,264 @@ | ||
| #!/usr/bin/python | ||
| # | ||
| # Copyright (c) 2018 Zim Kalinowski, <zikalino@microsoft.com> | ||
| # | ||
| # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) | ||
|
|
||
| from __future__ import absolute_import, division, print_function | ||
| __metaclass__ = type | ||
|
|
||
|
|
||
| ANSIBLE_METADATA = {'metadata_version': '1.1', | ||
| 'status': ['preview'], | ||
| 'supported_by': 'community'} | ||
|
|
||
|
|
||
| DOCUMENTATION = ''' | ||
| --- | ||
| module: azure_rm_containerregistry_facts | ||
| version_added: "2.7" | ||
| short_description: Get Azure Container Registry facts. | ||
| description: | ||
| - Get facts for Container Registry. | ||
|
|
||
| options: | ||
| resource_group: | ||
| description: | ||
| - The name of the resource group to which the container registry belongs. | ||
| required: True | ||
| name: | ||
| description: | ||
| - The name of the container registry. | ||
| retrieve_credentials: | ||
| description: | ||
| - Retrieve credentials for container registry. | ||
| type: bool | ||
| default: no | ||
| tags: | ||
| description: | ||
| - Limit results by providing a list of tags. Format tags as 'key' or 'key:value'. | ||
|
|
||
| extends_documentation_fragment: | ||
| - azure | ||
|
|
||
| author: | ||
| - "Zim Kalinowski (@zikalino)" | ||
|
|
||
| ''' | ||
|
|
||
| EXAMPLES = ''' | ||
| - name: Get instance of Registry | ||
| azure_rm_containerregistry_facts: | ||
| resource_group: sampleresourcegroup | ||
| name: sampleregistry | ||
|
|
||
| - name: List instances of Registry | ||
| azure_rm_containerregistry_facts: | ||
| resource_group: sampleresourcegroup | ||
| ''' | ||
|
|
||
| RETURN = ''' | ||
| registries: | ||
| description: A list of dictionaries containing facts for registries. | ||
| returned: always | ||
| type: complex | ||
| contains: | ||
| id: | ||
| description: | ||
| - The resource ID. | ||
| returned: always | ||
| type: str | ||
| sample: "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/myResourceGroup/providers/Microsoft.ContainerRegistry/registr | ||
| ies/myRegistry" | ||
| name: | ||
| description: | ||
| - The name of the resource. | ||
| returned: always | ||
| type: str | ||
| sample: myRegistry | ||
| location: | ||
| description: | ||
| - The location of the resource. This cannot be changed after the resource is created. | ||
| returned: always | ||
| type: str | ||
| sample: westus | ||
| admin_user_enabled: | ||
| description: | ||
| - Is admin user enabled. | ||
| returned: always | ||
| type: bool | ||
| sample: yes | ||
| sku: | ||
| description: | ||
| - The SKU name of the container registry. | ||
| returned: always | ||
| type: str | ||
| sample: classic | ||
| provisioning_state: | ||
| description: | ||
| - Provisioning state of the container registry | ||
| returned: always | ||
| type: str | ||
| sample: Succeeded | ||
| login_server: | ||
| description: | ||
| - Login server for the registry. | ||
| returned: always | ||
| type: str | ||
| sample: acrd08521b.azurecr.io | ||
| credentials: | ||
| description: | ||
| - Credentials, fields will be empty if admin user is not enabled for ACR | ||
| return: when C(retrieve_credentials) is set and C(admin_user_enabled) is set on ACR | ||
|
There was a problem hiding this comment. returned :( will lint fail? There was a problem hiding this comment. ok, I will recheck this once again |
||
| type: complex | ||
| contains: | ||
| username: | ||
| description: | ||
| - The user name for container registry. | ||
| returned: when registry exists and C(admin_user_enabled) is set | ||
| type: str | ||
| sample: zim | ||
| password: | ||
|
There was a problem hiding this comment. jordan mentioned to add no_log to returned value this morning. do you know how to add it? There was a problem hiding this comment. not really, we can search... but I guess I we have option to specifically enable passwords, we can skip it for now There was a problem hiding this comment. don't think so. the option is weak, just make it little difficult to get credential. no_log is really make it not available in another other place other than ansible There was a problem hiding this comment. @yungezz no_log can be placed in the playbook, we do not have to do anything in the module itself |
||
| description: | ||
| - password value | ||
| returned: when registry exists and C(admin_user_enabled) is set | ||
| type: str | ||
| sample: pass1value | ||
| password2: | ||
| description: | ||
| - password2 value | ||
| returned: when registry exists and C(admin_user_enabled) is set | ||
| type: str | ||
| sample: pass2value | ||
| ''' | ||
|
|
||
| from ansible.module_utils.azure_rm_common import AzureRMModuleBase | ||
|
|
||
| try: | ||
| from msrestazure.azure_exceptions import CloudError | ||
| from msrestazure.azure_operation import AzureOperationPoller | ||
| from azure.mgmt.containerregistry import ContainerRegistryManagementClient | ||
| from msrest.serialization import Model | ||
| except ImportError: | ||
| # This is handled in azure_rm_common | ||
| pass | ||
|
|
||
|
|
||
| class AzureRMContainerRegistryFacts(AzureRMModuleBase): | ||
| def __init__(self): | ||
| # define user inputs into argument | ||
| self.module_arg_spec = dict( | ||
| resource_group=dict( | ||
| type='str', | ||
| required=True | ||
| ), | ||
| name=dict( | ||
| type='str' | ||
| ), | ||
| tags=dict( | ||
| type='list' | ||
| ), | ||
| retrieve_credentials=dict( | ||
| type='bool', | ||
| default=False | ||
| ) | ||
| ) | ||
| # store the results of the module operation | ||
| self.results = dict( | ||
| changed=False | ||
| ) | ||
| self.resource_group = None | ||
| self.name = None | ||
| self.retrieve_credentials = False | ||
| super(AzureRMContainerRegistryFacts, self).__init__(self.module_arg_spec, supports_tags=False) | ||
|
|
||
| def exec_module(self, **kwargs): | ||
| for key in self.module_arg_spec: | ||
| setattr(self, key, kwargs[key]) | ||
|
|
||
| if self.name: | ||
| self.results['registries'] = self.get() | ||
| elif self.resource_group: | ||
| self.results['registries'] = self.list_by_resource_group() | ||
| else: | ||
| self.results['registries'] = self.list_all() | ||
|
|
||
| return self.results | ||
|
|
||
| def get(self): | ||
| response = None | ||
| results = [] | ||
| try: | ||
| response = self.containerregistry_client.registries.get(resource_group_name=self.resource_group, | ||
| registry_name=self.name) | ||
| self.log("Response : {0}".format(response)) | ||
| except CloudError as e: | ||
| self.log('Could not get facts for Registries.') | ||
|
|
||
| if response is not None: | ||
| if self.has_tags(response.tags, self.tags): | ||
| results.append(self.format_item(response)) | ||
|
|
||
| return results | ||
|
|
||
| def list_all(self): | ||
| response = None | ||
| results = [] | ||
| try: | ||
| response = self.containerregistry_client.registries.list() | ||
| self.log("Response : {0}".format(response)) | ||
| except CloudError as e: | ||
| self.fail('Could not get facts for Registries.') | ||
|
|
||
| if response is not None: | ||
| for item in response: | ||
| if self.has_tags(item.tags, self.tags): | ||
| results.append(self.format_item(item)) | ||
| return results | ||
|
|
||
| def list_by_resource_group(self): | ||
| response = None | ||
| results = [] | ||
| try: | ||
| response = self.containerregistry_client.registries.list_by_resource_group(resource_group_name=self.resource_group) | ||
| self.log("Response : {0}".format(response)) | ||
| except CloudError as e: | ||
| self.fail('Could not get facts for Registries.') | ||
|
|
||
| if response is not None: | ||
| for item in response: | ||
| if self.has_tags(item.tags, self.tags): | ||
| results.append(self.format_item(item)) | ||
| return results | ||
|
|
||
| def format_item(self, item): | ||
| d = item.as_dict() | ||
| resource_group = d['id'].split('resourceGroups/')[1].split('/')[0] | ||
| name = d['name'] | ||
| credentials = {} | ||
| admin_user_enabled = d['admin_user_enabled'] | ||
|
|
||
| if self.retrieve_credentials and admin_user_enabled: | ||
| credentials = self.containerregistry_client.registries.list_credentials(resource_group, name) | ||
|
|
||
| d = { | ||
| 'resource_group': resource_group, | ||
| 'name': d['name'], | ||
| 'location': d['location'], | ||
| 'admin_user_enabled': admin_user_enabled, | ||
| 'sku': d['sku']['tier'].lower(), | ||
| 'provisioning_state': d['provisioning_state'], | ||
| 'login_server': d['login_server'], | ||
| 'id': d['id'], | ||
| 'tags': d.get('tags', None), | ||
| 'credentials': credentials | ||
| } | ||
| return d | ||
|
|
||
|
|
||
| def main(): | ||
| AzureRMContainerRegistryFacts() | ||
|
|
||
|
|
||
| if __name__ == '__main__': | ||
| main() | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
is there way to get login credentials? i want to login to my container registry to push some image in next step
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yes, in fact there is, but there is a separate api for that, also an api to regenerate credentials. do you think we should include credentials here?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just checked azure_rm_containerregistry module, there's no way to set username/password there. So if not returned in facts, user has no way to push image to the registry if provisioned by ansible. If you could provide interface in main module to let user set username/password, it would be better, then maybe we don't need username/password returned in facts.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
just followed exactly the same way of returning it as in container registry module