-
Notifications
You must be signed in to change notification settings - Fork 10
/
solita_jenkins_user
74 lines (60 loc) · 2.12 KB
/
solita_jenkins_user
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
#!/usr/bin/python
SCRIPT="""
import groovy.json.*
import jenkins.model.*
import hudson.security.*
import org.jenkinsci.main.modules.cli.auth.ssh.UserPropertyImpl
jsonSlurper = new JsonSlurper()
def params = jsonSlurper.parseText('%s')
result = [
changed: false
]
def jenkins = Jenkins.getInstance()
def securityRealm = jenkins.getSecurityRealm()
def authorizationStrategy = jenkins.getAuthorizationStrategy()
if (!(securityRealm instanceof HudsonPrivateSecurityRealm)) {
throw new RuntimeException('solita_jenkins_user requires solita_jenkins_security_realm: realm=jenkins')
}
def currentUsers = securityRealm.getAllUsers().collect { it.getId() }
if (params.state == 'present') {
if (!(params.name in currentUsers)) {
user = securityRealm.createAccount(params.name, params.password)
user.save()
result.changed = true
}
if (!(authorizationStrategy.hasPermission(params.name, Jenkins.ADMINISTER))) {
authorizationStrategy.add(Jenkins.ADMINISTER, params.name)
result.changed = true
}
} else {
if (params.name in currentUsers) {
user = securityRealm.getUser(params.name)
user.delete()
result.changed = true
}
}
jenkins.save()
println JsonOutput.toJson(result)
"""
import json
def main():
module = AnsibleModule(
argument_spec = dict(
solita_jenkins_cli=dict(type='str', required=True),
name=dict(type='str', required=True),
state=dict(choices=['present', 'absent'], default='present'),
password=dict(type='str')
)
)
script_args_json = json.dumps(dict(name=module.params["name"],
state=module.params["state"],
password=module.params["password"]))
rc, stdout, stderr = module.run_command("%(solita_jenkins_cli)s groovy =" % module.params,
data=(SCRIPT % script_args_json))
if (rc != 0):
module.fail_json(msg=stderr)
if (rc == 0):
module.exit_json(msg=stdout)
from ansible.module_utils.basic import *
if __name__ == '__main__':
main()