Skip to content

Commit aee8474

Browse files
yurnovabikouo
yurnov
and
abikouo
authored
helm_registry_auth module to authenticate in OCI registry (ansible-collections#800)
* new module helm_registry_auth * Initial integration tests * final update copyright and integration test before pr * update link to pr in changelog fragment * reformat plugins/module_utils/helm.py with black to fix linters in actions * attempt to fix unit test unit test was missing initially * fix https://pycqa.github.io/isort/ linter * next attemp to fix unit-test * remove unused and unsupported helm_args_common * remove unused imports and fix other linters errors * another fix for unit test * fix issue introducied by commit ff02893 * add binary_path to arg_spec * return helm_cmd in the output of check mode remove changlog fragment * description suggestion from reviewer/maintainer Co-authored-by: Bikouo Aubin <[email protected]> * description suggestion from reviewer/maintainer Co-authored-by: Bikouo Aubin <[email protected]> * description suggestion from reviewer/maintainer Co-authored-by: Bikouo Aubin <[email protected]> * description suggestion from reviewer/maintainer Co-authored-by: Bikouo Aubin <[email protected]> * description suggestion from reviewer/maintainer Co-authored-by: Bikouo Aubin <[email protected]> * description suggestion from reviewer/maintainer Co-authored-by: Bikouo Aubin <[email protected]> * description suggestion from reviewer/maintainer Co-authored-by: Bikouo Aubin <[email protected]> * description suggestion from reviewer/maintainer Co-authored-by: Bikouo Aubin <[email protected]> * remove changed from module return Co-authored-by: Bikouo Aubin <[email protected]> * remove redundant code Co-authored-by: Bikouo Aubin <[email protected]> * Update plugins/modules/helm_registry_auth.py Co-authored-by: Bikouo Aubin <[email protected]> * consider support of logout when user is not logged in Co-authored-by: Bikouo Aubin <[email protected]> * consider support helm < 3.0.0 * Revert "consider support helm < 3.0.0" This reverts commit f20004d. * reintroduce support of helm version less than 3.8.0 reference: https://helm.sh/docs/topics/registries/#enabling-oci-support-prior-to-v380 * revert reintroducing support of helm < 3.8.0 reason: didn't find a quick way to deal with tests * update documentation with the recent module updates * Update plugins/modules/helm_registry_auth.py Co-authored-by: Bikouo Aubin <[email protected]> * add test of logout impendency Co-authored-by: Bikouo Aubin <[email protected]> * fix linters * fix intendations in the integration tests * create tests/integration/targets/helm_registry_auth/aliases * fix integration test (typo) * fix integration tests (test wrong cred) * add stderr when module fail * another attempt to fix integration test * fix assertion in integration test to be not affceted by the ansible-collections#830 --------- Co-authored-by: Bikouo Aubin <[email protected]>
1 parent 6609abd commit aee8474

File tree

20 files changed

+807
-10
lines changed

20 files changed

+807
-10
lines changed

README.md

Lines changed: 7 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -21,7 +21,7 @@ For more information about communication, see the [Ansible communication guide](
2121
## Requirements
2222

2323
<!--start requires_ansible-->
24-
### Ansible version compatibility
24+
## Ansible version compatibility
2525

2626
This collection has been tested against following Ansible versions: **>=2.15.0**.
2727

@@ -47,35 +47,36 @@ This collection supports Kubernetes versions >= 1.24.
4747
Click on the name of a plugin or module to view that content's documentation:
4848

4949
<!--start collection content-->
50-
#### Connection plugins
50+
### Connection plugins
5151
Name | Description
5252
--- | ---
5353
[kubernetes.core.kubectl](https://github.com/ansible-collections/kubernetes.core/blob/main/docs/kubernetes.core.kubectl_connection.rst)|Execute tasks in pods running on Kubernetes.
5454

55-
#### K8s filter plugins
55+
### K8s filter plugins
5656
Name | Description
5757
--- | ---
5858
kubernetes.core.k8s_config_resource_name|Generate resource name for the given resource of type ConfigMap, Secret
5959

60-
#### Inventory plugins
60+
### Inventory plugins
6161
Name | Description
6262
--- | ---
6363
[kubernetes.core.k8s](https://github.com/ansible-collections/kubernetes.core/blob/main/docs/kubernetes.core.k8s_inventory.rst)|Kubernetes (K8s) inventory source
6464

65-
#### Lookup plugins
65+
### Lookup plugins
6666
Name | Description
6767
--- | ---
6868
[kubernetes.core.k8s](https://github.com/ansible-collections/kubernetes.core/blob/main/docs/kubernetes.core.k8s_lookup.rst)|Query the K8s API
6969
[kubernetes.core.kustomize](https://github.com/ansible-collections/kubernetes.core/blob/main/docs/kubernetes.core.kustomize_lookup.rst)|Build a set of kubernetes resources using a 'kustomization.yaml' file.
7070

71-
#### Modules
71+
### Modules
7272
Name | Description
7373
--- | ---
7474
[kubernetes.core.helm](https://github.com/ansible-collections/kubernetes.core/blob/main/docs/kubernetes.core.helm_module.rst)|Manages Kubernetes packages with the Helm package manager
7575
[kubernetes.core.helm_info](https://github.com/ansible-collections/kubernetes.core/blob/main/docs/kubernetes.core.helm_info_module.rst)|Get information from Helm package deployed inside the cluster
7676
[kubernetes.core.helm_plugin](https://github.com/ansible-collections/kubernetes.core/blob/main/docs/kubernetes.core.helm_plugin_module.rst)|Manage Helm plugins
7777
[kubernetes.core.helm_plugin_info](https://github.com/ansible-collections/kubernetes.core/blob/main/docs/kubernetes.core.helm_plugin_info_module.rst)|Gather information about Helm plugins
7878
[kubernetes.core.helm_pull](https://github.com/ansible-collections/kubernetes.core/blob/main/docs/kubernetes.core.helm_pull_module.rst)|download a chart from a repository and (optionally) unpack it in local directory.
79+
[kubernetes.core.helm_registry_auth](https://github.com/ansible-collections/kubernetes.core/blob/main/docs/kubernetes.core.helm_registry_auth_module.rst)|Helm registry authentication module
7980
[kubernetes.core.helm_repository](https://github.com/ansible-collections/kubernetes.core/blob/main/docs/kubernetes.core.helm_repository_module.rst)|Manage Helm repositories.
8081
[kubernetes.core.helm_template](https://github.com/ansible-collections/kubernetes.core/blob/main/docs/kubernetes.core.helm_template_module.rst)|Render chart templates
8182
[kubernetes.core.k8s](https://github.com/ansible-collections/kubernetes.core/blob/main/docs/kubernetes.core.k8s_module.rst)|Manage Kubernetes (K8s) objects

docs/kubernetes.core.helm_registry_auth_module.rst

Lines changed: 332 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,332 @@
1+
.. _kubernetes.core.helm_registry_auth_module:
2+
3+
4+
**********************************
5+
kubernetes.core.helm_registry_auth
6+
**********************************
7+
8+
**Helm registry authentication module**
9+
10+
11+
Version added: 5.1.0
12+
13+
.. contents::
14+
:local:
15+
:depth: 1
16+
17+
18+
Synopsis
19+
--------
20+
- Helm registry authentication module allows you to login ``helm registry login`` and logout ``helm registry logout`` from a Helm registry.
21+
22+
23+
24+
Requirements
25+
------------
26+
The below requirements are needed on the host that executes this module.
27+
28+
- helm (https://github.com/helm/helm/releases) => 3.8.0
29+
30+
31+
Parameters
32+
----------
33+
34+
.. raw:: html
35+
36+
<table border=0 cellpadding=0 class="documentation-table">
37+
<tr>
38+
<th colspan="1">Parameter</th>
39+
<th>Choices/<font color="blue">Defaults</font></th>
40+
<th width="100%">Comments</th>
41+
</tr>
42+
<tr>
43+
<td colspan="1">
44+
<div class="ansibleOptionAnchor" id="parameter-"></div>
45+
<b>binary_path</b>
46+
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
47+
<div style="font-size: small">
48+
<span style="color: purple">path</span>
49+
</div>
50+
</td>
51+
<td>
52+
</td>
53+
<td>
54+
<div>The path of a helm binary to use.</div>
55+
</td>
56+
</tr>
57+
<tr>
58+
<td colspan="1">
59+
<div class="ansibleOptionAnchor" id="parameter-"></div>
60+
<b>ca_file</b>
61+
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
62+
<div style="font-size: small">
63+
<span style="color: purple">path</span>
64+
</div>
65+
</td>
66+
<td>
67+
</td>
68+
<td>
69+
<div>Path to the CA certificate SSL file for verify registry server certificate.</div>
70+
</td>
71+
</tr>
72+
<tr>
73+
<td colspan="1">
74+
<div class="ansibleOptionAnchor" id="parameter-"></div>
75+
<b>cert_file</b>
76+
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
77+
<div style="font-size: small">
78+
<span style="color: purple">path</span>
79+
</div>
80+
</td>
81+
<td>
82+
</td>
83+
<td>
84+
<div>Path to the client certificate SSL file for identify registry client using this certificate file.</div>
85+
</td>
86+
</tr>
87+
<tr>
88+
<td colspan="1">
89+
<div class="ansibleOptionAnchor" id="parameter-"></div>
90+
<b>host</b>
91+
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
92+
<div style="font-size: small">
93+
<span style="color: purple">string</span>
94+
/ <span style="color: red">required</span>
95+
</div>
96+
</td>
97+
<td>
98+
</td>
99+
<td>
100+
<div>Provide a URL for accessing the registry.</div>
101+
<div style="font-size: small; color: darkgreen"><br/>aliases: registry_url</div>
102+
</td>
103+
</tr>
104+
<tr>
105+
<td colspan="1">
106+
<div class="ansibleOptionAnchor" id="parameter-"></div>
107+
<b>insecure</b>
108+
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
109+
<div style="font-size: small">
110+
<span style="color: purple">boolean</span>
111+
</div>
112+
</td>
113+
<td>
114+
<ul style="margin: 0; padding: 0"><b>Choices:</b>
115+
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
116+
<li>yes</li>
117+
</ul>
118+
</td>
119+
<td>
120+
<div>Allow connections to SSL sites without certs.</div>
121+
</td>
122+
</tr>
123+
<tr>
124+
<td colspan="1">
125+
<div class="ansibleOptionAnchor" id="parameter-"></div>
126+
<b>key_file</b>
127+
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
128+
<div style="font-size: small">
129+
<span style="color: purple">path</span>
130+
</div>
131+
</td>
132+
<td>
133+
</td>
134+
<td>
135+
<div>Path to the client key SSL file for identify registry client using this key file.</div>
136+
</td>
137+
</tr>
138+
<tr>
139+
<td colspan="1">
140+
<div class="ansibleOptionAnchor" id="parameter-"></div>
141+
<b>password</b>
142+
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
143+
<div style="font-size: small">
144+
<span style="color: purple">string</span>
145+
</div>
146+
</td>
147+
<td>
148+
</td>
149+
<td>
150+
<div>Password for the registry.</div>
151+
<div style="font-size: small; color: darkgreen"><br/>aliases: repo_password</div>
152+
</td>
153+
</tr>
154+
<tr>
155+
<td colspan="1">
156+
<div class="ansibleOptionAnchor" id="parameter-"></div>
157+
<b>state</b>
158+
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
159+
<div style="font-size: small">
160+
<span style="color: purple">string</span>
161+
</div>
162+
</td>
163+
<td>
164+
<ul style="margin: 0; padding: 0"><b>Choices:</b>
165+
<li><div style="color: blue"><b>present</b>&nbsp;&larr;</div></li>
166+
<li>absent</li>
167+
</ul>
168+
</td>
169+
<td>
170+
<div>Desired state of the registry.</div>
171+
<div>If set to V(present) attempt to log in to the remote registry server using the URL specified in O(host).</div>
172+
<div>If set to V(absent) attempt to log out from the remote registry server using the URL specified in O(host).</div>
173+
</td>
174+
</tr>
175+
<tr>
176+
<td colspan="1">
177+
<div class="ansibleOptionAnchor" id="parameter-"></div>
178+
<b>username</b>
179+
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
180+
<div style="font-size: small">
181+
<span style="color: purple">string</span>
182+
</div>
183+
</td>
184+
<td>
185+
</td>
186+
<td>
187+
<div>Username for the registry.</div>
188+
<div style="font-size: small; color: darkgreen"><br/>aliases: repo_username</div>
189+
</td>
190+
</tr>
191+
</table>
192+
<br/>
193+
194+
195+
196+
197+
Examples
198+
--------
199+
200+
.. code-block:: yaml
201+
202+
- name: Login to remote registry
203+
kubernetes.core.helm_registry_auth:
204+
username: admin
205+
password: "sample_password"
206+
host: localhost:5000
207+
208+
- name: Logout from remote registry
209+
kubernetes.core.helm_registry_auth:
210+
state: absent
211+
host: localhost:5000
212+
213+
214+
215+
Return Values
216+
-------------
217+
Common return values are documented `here <https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values>`_, the following are the fields unique to this module:
218+
219+
.. raw:: html
220+
221+
<table border=0 cellpadding=0 class="documentation-table">
222+
<tr>
223+
<th colspan="1">Key</th>
224+
<th>Returned</th>
225+
<th width="100%">Description</th>
226+
</tr>
227+
<tr>
228+
<td colspan="1">
229+
<div class="ansibleOptionAnchor" id="return-"></div>
230+
<b>command</b>
231+
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
232+
<div style="font-size: small">
233+
<span style="color: purple">string</span>
234+
</div>
235+
</td>
236+
<td>always</td>
237+
<td>
238+
<div>Full <code>helm</code> command executed</div>
239+
<br/>
240+
<div style="font-size: smaller"><b>Sample:</b></div>
241+
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">/usr/local/bin/helm registry login oci-registry.domain.example --username=admin --password-stdin --insecure</div>
242+
</td>
243+
</tr>
244+
<tr>
245+
<td colspan="1">
246+
<div class="ansibleOptionAnchor" id="return-"></div>
247+
<b>failed</b>
248+
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
249+
<div style="font-size: small">
250+
<span style="color: purple">boolean</span>
251+
</div>
252+
</td>
253+
<td>always</td>
254+
<td>
255+
<div>Indicate if the <code>helm</code> command failed</div>
256+
<br/>
257+
</td>
258+
</tr>
259+
<tr>
260+
<td colspan="1">
261+
<div class="ansibleOptionAnchor" id="return-"></div>
262+
<b>stderr</b>
263+
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
264+
<div style="font-size: small">
265+
<span style="color: purple">string</span>
266+
</div>
267+
</td>
268+
<td>always</td>
269+
<td>
270+
<div>Full <code>helm</code> command stderr, in case you want to display it or examine the event log. Please be note that helm binnary may print messages to stderr even if the command is successful.</div>
271+
<br/>
272+
<div style="font-size: smaller"><b>Sample:</b></div>
273+
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">Login Succeeded\n</div>
274+
</td>
275+
</tr>
276+
<tr>
277+
<td colspan="1">
278+
<div class="ansibleOptionAnchor" id="return-"></div>
279+
<b>stderr_lines</b>
280+
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
281+
<div style="font-size: small">
282+
<span style="color: purple">list</span>
283+
</div>
284+
</td>
285+
<td>always</td>
286+
<td>
287+
<div>Full <code>helm</code> command stderr, in case you want to display it or examine the event log</div>
288+
<br/>
289+
</td>
290+
</tr>
291+
<tr>
292+
<td colspan="1">
293+
<div class="ansibleOptionAnchor" id="return-"></div>
294+
<b>stdout</b>
295+
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
296+
<div style="font-size: small">
297+
<span style="color: purple">string</span>
298+
</div>
299+
</td>
300+
<td>always</td>
301+
<td>
302+
<div>Full <code>helm</code> command stdout, in case you want to display it or examine the event log</div>
303+
<br/>
304+
</td>
305+
</tr>
306+
<tr>
307+
<td colspan="1">
308+
<div class="ansibleOptionAnchor" id="return-"></div>
309+
<b>stout_lines</b>
310+
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
311+
<div style="font-size: small">
312+
<span style="color: purple">list</span>
313+
</div>
314+
</td>
315+
<td>always</td>
316+
<td>
317+
<div>Full <code>helm</code> command stdout, in case you want to display it or examine the event log</div>
318+
<br/>
319+
</td>
320+
</tr>
321+
</table>
322+
<br/><br/>
323+
324+
325+
Status
326+
------
327+
328+
329+
Authors
330+
~~~~~~~
331+
332+
- Yuriy Novostavskiy (@yurnov)

plugins/module_utils/helm.py

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -159,11 +159,13 @@ def env_update(self):
159159
self.helm_env = self._prepare_helm_environment()
160160
return self.helm_env
161161

162-
def run_helm_command(self, command, fails_on_error=True):
162+
def run_helm_command(self, command, fails_on_error=True, data=None):
163163
if not HAS_YAML:
164164
self.fail_json(msg=missing_required_lib("PyYAML"), exception=YAML_IMP_ERR)
165165

166-
rc, out, err = self.run_command(command, environ_update=self.env_update)
166+
rc, out, err = self.run_command(
167+
command, environ_update=self.env_update, data=data
168+
)
167169
if fails_on_error and rc != 0:
168170
self.fail_json(
169171
msg="Failure when executing Helm command. Exited {0}.\nstdout: {1}\nstderr: {2}".format(

0 commit comments

Comments
 (0)