ansible-roles/common#7 New module to create repos for etckeeper on each host

8a0adde5 · jurgenhaas · ceb8059a · 8a0adde5
Commit 8a0adde5 authored 6 years ago by jurgenhaas
--- a/gitlab_host.py
+++ b/gitlab_host.py
+#!/usr/bin/python
+RETURN = '''# '''
+from subprocess import call
+import string
+try:
+    import gitlab
+    HAS_GITLAB_PACKAGE = True
+except:
+    HAS_GITLAB_PACKAGE = False
+def main():
+    module = AnsibleModule(
+        argument_spec=dict(
+            server_url=dict(required=True),
+            validate_certs=dict(required=False, default=True, type='bool', aliases=['verify_ssl']),
+            login_user=dict(required=False, no_log=True),
+            login_password=dict(required=False, no_log=True),
+            login_token=dict(required=False, no_log=True),
+            company=dict(required=True),
+            hostname=dict(required=True),
+        ),
+        supports_check_mode=True
+    )
+    if not HAS_GITLAB_PACKAGE:
+        module.fail_json(msg="Missing required gitlab module (check docs or install with: pip install python-gitlab")
+    server_url = module.params['server_url']
+    verify_ssl = module.params['validate_certs']
+    login_user = module.params['login_user']
+    login_password = module.params['login_password']
+    login_token = module.params['login_token']
+    company = module.params['company']
+    hostname = module.params['hostname']
+    # We need both login_user and login_password or login_token, otherwise we fail.
+    if login_user is not None and login_password is not None:
+        use_credentials = True
+    elif login_token is not None:
+        use_credentials = False
+    else:
+        module.fail_json(msg="No login credentials are given. Use login_user with login_password, or login_token")
+        return
+    # Lets make a connection to the Gitlab server_url, with either login_user and login_password
+    # or with login_token
+    try:
+        if use_credentials:
+            git = gitlab.Gitlab(server_url, email=login_user, password=login_password, ssl_verify=verify_ssl) # type: gitlab
+        else:
+            git = gitlab.Gitlab(server_url, login_token, ssl_verify=verify_ssl) # type: gitlab
+        git.auth()
+    except Exception, e:
+        module.fail_json(msg="Failed to connect to Gitlab server: %s " % e)
+        return
+    try:
+        group = git.groups.get('ansible-inventories') # type: gitlab.Group
+        hgroup = git.groups.get(group.subgroups.list(search='hosts')[0].id) # type: gitlab.Group
+        cgroup = git.groups.get(hgroup.subgroups.list(search=company)[0].id) # type: gitlab.Group
+        projects = cgroup.projects.list(search=hostname)
+        if projects:
+            changed = False
+            gproject = projects[0]
+        else:
+            changed = True
+            gproject = git.projects.create({
+                'name': hostname,
+                'namespace_id': cgroup.id,
+            })
+            # Add remote repo to etckeeper git repo
+            cmd = ['git', 'remote', 'add', 'origin', '%s:ansible-inventories/hosts/%s/%s.git' % (string.replace(server_url, 'https://', 'git@'), company, hostname)]
+            call(cmd, cwd='/etc')
+        project = git.projects.get(gproject.id) # type: gitlab.Project
+        project.keys.create({
+            'title': 'root@%s' % hostname,
+            'key': open('/root/.ssh/id_rsa.pub').read(),
+            'can_push': True,
+        })
+    except Exception, e:
+        module.fail_json(msg="Creating new host project failed: %s" % e.message, response=e)
+        return
+    module.exit_json(changed=changed, result="Successfully created project %s/ansible-inventories/hosts/%s/%s" % (server_url, company, hostname))
+from ansible.module_utils.basic import *
+if __name__ == '__main__':
+    main()