community.general/lib/ansible/modules/web_infrastructure/jenkins_script.py

#!/usr/bin/python

# encoding: utf-8

# (c) 2016, James Hogarth <james.hogarth@gmail.com>
#
# This file is part of Ansible
#
# Ansible is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# Ansible is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Ansible.  If not, see <http://www.gnu.org/licenses/>.


ANSIBLE_METADATA = {'metadata_version': '1.0',
                    'status': ['preview'],
                    'supported_by': 'community'}


DOCUMENTATION = '''
---
author: James Hogarth
module: jenkins_script
short_description: Executes a groovy script in the jenkins instance
version_added: '2.3'
description:
    - The C(jenkins_script) module takes a script plus a dict of values
      to use within the script and returns the result of the script being run.

options:
  script:
    description:
      - The groovy script to be executed.
        This gets passed as a string Template if args is defined.
    required: true
    default: null
  url:
    description:
      - The jenkins server to execute the script against. The default is a local
        jenkins instance that is not being proxied through a webserver.
    required: false
    default: http://localhost:8080
  validate_certs:
    description:
      - If set to C(no), the SSL certificates will not be validated.
        This should only set to C(no) used on personally controlled sites
        using self-signed certificates as it avoids verifying the source site.
    required: false
    default: True
  user:
    description:
      - The username to connect to the jenkins server with.
    required: false
    default: null
  password:
    description:
      - The password to connect to the jenkins server with.
    required: false
    default: null
  timeout:
    description:
      - The request timeout in seconds
    required: false
    default: 10
    version_added: "2.4"
  args:
    description:
      - A dict of key-value pairs used in formatting the script using string.Template (see https://docs.python.org/2/library/string.html#template-strings).
    required: false
    default: null

notes:
    - Since the script can do anything this does not report on changes.
      Knowing the script is being run it's important to set changed_when
      for the ansible output to be clear on any alterations made.

'''

EXAMPLES = '''
- name: Obtaining a list of plugins
  jenkins_script:
    script: 'println(Jenkins.instance.pluginManager.plugins)'
    user: admin
    password: admin

- name: Setting master using a variable to hold a more complicate script
  vars:
    setmaster_mode: |
        import jenkins.model.*
        instance = Jenkins.getInstance()
        instance.setMode(${jenkins_mode})
        instance.save()

- name: use the variable as the script
  jenkins_script:
    script: "{{ setmaster_mode }}"
    args:
      jenkins_mode: Node.Mode.EXCLUSIVE

- name: interacting with an untrusted HTTPS connection
  jenkins_script:
    script: "println(Jenkins.instance.pluginManager.plugins)"
    user: admin
    password: admin
    url: https://localhost
    validate_certs: no
'''

RETURN = '''
output:
    description: Result of script
    returned: success
    type: string
    sample: 'Result: true'
'''

import json

from ansible.module_utils.basic import AnsibleModule
from ansible.module_utils.six.moves.urllib.parse import urlencode
from ansible.module_utils.urls import fetch_url


def is_csrf_protection_enabled(module):
    resp, info = fetch_url(module,
                           module.params['url'] + '/api/json',
                           method='GET')
    if info["status"] != 200:
        module.fail_json(msg="HTTP error " + str(info["status"]) + " " + info["msg"])

    content = resp.read()
    return json.loads(content).get('useCrumbs', False)


def get_crumb(module):
    resp, info = fetch_url(module,
                           module.params['url'] + '/crumbIssuer/api/json',
                           method='GET')
    if info["status"] != 200:
        module.fail_json(msg="HTTP error " + str(info["status"]) + " " + info["msg"])

    content = resp.read()
    return json.loads(content)


def main():

    module = AnsibleModule(
        argument_spec=dict(
            script=dict(required=True, type="str"),
            url=dict(required=False, type="str", default="http://localhost:8080"),
            validate_certs=dict(required=False, type="bool", default=True),
            user=dict(required=False, no_log=True, type="str", default=None),
            password=dict(required=False, no_log=True, type="str", default=None),
            timeout=dict(required=False, type="int", default=10),
            args=dict(required=False, type="dict", default=None)
        )
    )

    if module.params['user'] is not None:
        if module.params['password'] is None:
            module.fail_json(msg="password required when user provided")
        module.params['url_username'] = module.params['user']
        module.params['url_password'] = module.params['password']
        module.params['force_basic_auth'] = True

    if module.params['args'] is not None:
        from string import Template
        script_contents = Template(module.params['script']).substitute(module.params['args'])
    else:
        script_contents = module.params['script']

    headers = {}
    if is_csrf_protection_enabled(module):
        crumb = get_crumb(module)
        headers = {crumb['crumbRequestField']: crumb['crumb']}

    resp, info = fetch_url(module,
                           module.params['url'] + "/scriptText",
                           data=urlencode({'script': script_contents}),
                           headers=headers,
                           method="POST",
                           timeout=module.params['timeout'])

    if info["status"] != 200:
        module.fail_json(msg="HTTP error " + str(info["status"]) + " " + info["msg"])

    result = resp.read()

    if 'Exception:' in result and 'at java.lang.Thread' in result:
        module.fail_json(msg="script failed with stacktrace:\n " + result)

    module.exit_json(
        output=result,
    )


if __name__ == '__main__':
    main()
add jenkins_script module for running arbitrary jenkins console scripts against a jenkins instance (#19640) 2017-01-06 15:12:24 +00:00			`#!/usr/bin/python`

			`# encoding: utf-8`

			`# (c) 2016, James Hogarth <james.hogarth@gmail.com>`
			`#`
			`# This file is part of Ansible`
			`#`
			`# Ansible is free software: you can redistribute it and/or modify`
			`# it under the terms of the GNU General Public License as published by`
			`# the Free Software Foundation, either version 3 of the License, or`
			`# (at your option) any later version.`
			`#`
			`# Ansible is distributed in the hope that it will be useful,`
			`# but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`# GNU General Public License for more details.`
			`#`
			`# You should have received a copy of the GNU General Public License`
			`# along with Ansible. If not, see <http://www.gnu.org/licenses/>.`


New metadata 1.0 (#22587) Changes to the metadata format were approved here: https://github.com/ansible/proposals/issues/54 * Update documentation to the new metadata format * Changes to metadata-tool to account for new metadata * Add GPL license header * Add upgrade subcommand to upgrade metadata version * Change default metadata to the new format * Fix exclusion of non-modules from the metadata report * Fix ansible-doc for new module metadata * Exclude metadata version from ansible-doc output * Fix website docs generation for the new metadata * Update metadata schema in valiate-modules test * Update the metadata in all modules to the new version 2017-03-14 16:07:22 +00:00			`ANSIBLE_METADATA = {'metadata_version': '1.0',`
			`'status': ['preview'],`
			`'supported_by': 'community'}`

Update validate-modules (#20932) * Update validate-modules * Validates ANSIBLE_METADATA * Ensures imports happen after documentation vars * Some pep8 cleanup * Clean up some left over unneeded code * Update modules for new module guidelines and validate-modules checks * Update imports for ec2_vpc_route_table and ec2_vpc_nat_gateway 2017-02-02 19:45:22 +00:00
add jenkins_script module for running arbitrary jenkins console scripts against a jenkins instance (#19640) 2017-01-06 15:12:24 +00:00			`DOCUMENTATION = '''`
			`---`
			`author: James Hogarth`
			`module: jenkins_script`
			`short_description: Executes a groovy script in the jenkins instance`
			`version_added: '2.3'`
			`description:`
Avoid having module documentation links to itself (#21329) * Avoid having module documentation links to itself A lot of modules use M(own_module) in their documentation causing a link in the documentation to itself. * Make note more clear now 2017-02-13 14:02:34 +00:00			`- The C(jenkins_script) module takes a script plus a dict of values`
add jenkins_script module for running arbitrary jenkins console scripts against a jenkins instance (#19640) 2017-01-06 15:12:24 +00:00			`to use within the script and returns the result of the script being run.`

			`options:`
			`script:`
			`description:`
			`- The groovy script to be executed.`
			`This gets passed as a string Template if args is defined.`
			`required: true`
			`default: null`
			`url:`
			`description:`
			`- The jenkins server to execute the script against. The default is a local`
			`jenkins instance that is not being proxied through a webserver.`
			`required: false`
			`default: http://localhost:8080`
			`validate_certs:`
			`description:`
			`- If set to C(no), the SSL certificates will not be validated.`
			`This should only set to C(no) used on personally controlled sites`
			`using self-signed certificates as it avoids verifying the source site.`
			`required: false`
			`default: True`
			`user:`
			`description:`
			`- The username to connect to the jenkins server with.`
			`required: false`
			`default: null`
			`password:`
			`description:`
			`- The password to connect to the jenkins server with.`
Fix invalid fields in module DOCUMENATION (#22297) * fix module doc fields * More module docs corrections * More module docs corrections * More module docs corrections * More module docs corrections * correct aliases * Review comments * Must quote ':' * More authors * Use suboptions: * restore type: bool * type should be in the same place * More tidyups * authors * Use suboptions * revert * remove duplicate author * More issues post rebase 2017-03-09 16:20:25 +00:00			`required: false`
add jenkins_script module for running arbitrary jenkins console scripts against a jenkins instance (#19640) 2017-01-06 15:12:24 +00:00			`default: null`
Added timeout to jenkins_script POST request (#24924) * Added timeout to jenkins_script POST request The timeout value is passed to fetch_url to allow a custom timeout bigger than the predefined 10 seconds. * Added version, removed no_log 2017-05-24 10:16:05 +00:00			`timeout:`
			`description:`
			`- The request timeout in seconds`
			`required: false`
			`default: 10`
			`version_added: "2.4"`
add jenkins_script module for running arbitrary jenkins console scripts against a jenkins instance (#19640) 2017-01-06 15:12:24 +00:00			`args:`
			`description:`
Clarify how formatting would be done. (#26474) The current description doesn't say this, so there a chance for the user to think that Jinja formatting is what can be used. 2017-07-06 20:41:08 +00:00			`- A dict of key-value pairs used in formatting the script using string.Template (see https://docs.python.org/2/library/string.html#template-strings).`
add jenkins_script module for running arbitrary jenkins console scripts against a jenkins instance (#19640) 2017-01-06 15:12:24 +00:00			`required: false`
			`default: null`

			`notes:`
			`- Since the script can do anything this does not report on changes.`
			`Knowing the script is being run it's important to set changed_when`
			`for the ansible output to be clear on any alterations made.`

			`'''`

			`EXAMPLES = '''`
			`- name: Obtaining a list of plugins`
			`jenkins_script:`
			`script: 'println(Jenkins.instance.pluginManager.plugins)'`
			`user: admin`
			`password: admin`

			`- name: Setting master using a variable to hold a more complicate script`
			`vars:`
			`setmaster_mode: \|`
			`import jenkins.model.*`
			`instance = Jenkins.getInstance()`
			`instance.setMode(${jenkins_mode})`
			`instance.save()`

			`- name: use the variable as the script`
			`jenkins_script:`
			`script: "{{ setmaster_mode }}"`
			`args:`
			`jenkins_mode: Node.Mode.EXCLUSIVE`

			`- name: interacting with an untrusted HTTPS connection`
			`jenkins_script:`
			`script: "println(Jenkins.instance.pluginManager.plugins)"`
			`user: admin`
			`password: admin`
			`url: https://localhost`
			`validate_certs: no`
			`'''`

			`RETURN = '''`
			`output:`
			`description: Result of script`
			`returned: success`
			`type: string`
			`sample: 'Result: true'`
			`'''`

Pass CSRF token along with Jenkins POST requests (#23250) 2017-04-06 09:03:57 +00:00			`import json`

add jenkins_script module for running arbitrary jenkins console scripts against a jenkins instance (#19640) 2017-01-06 15:12:24 +00:00			`from ansible.module_utils.basic import AnsibleModule`
Fixed import of urlencode and pathname2url from urllib for python3 (#24424) 2017-05-19 17:22:16 +00:00			`from ansible.module_utils.six.moves.urllib.parse import urlencode`
add jenkins_script module for running arbitrary jenkins console scripts against a jenkins instance (#19640) 2017-01-06 15:12:24 +00:00			`from ansible.module_utils.urls import fetch_url`

Pep8 fixes for jenkins_* module (#24154) Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com> 2017-05-01 15:01:25 +00:00
Pass CSRF token along with Jenkins POST requests (#23250) 2017-04-06 09:03:57 +00:00			`def is_csrf_protection_enabled(module):`
			`resp, info = fetch_url(module,`
			`module.params['url'] + '/api/json',`
			`method='GET')`
			`if info["status"] != 200:`
			`module.fail_json(msg="HTTP error " + str(info["status"]) + " " + info["msg"])`

			`content = resp.read()`
			`return json.loads(content).get('useCrumbs', False)`

Pep8 fixes for jenkins_* module (#24154) Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com> 2017-05-01 15:01:25 +00:00
Pass CSRF token along with Jenkins POST requests (#23250) 2017-04-06 09:03:57 +00:00			`def get_crumb(module):`
			`resp, info = fetch_url(module,`
			`module.params['url'] + '/crumbIssuer/api/json',`
			`method='GET')`
			`if info["status"] != 200:`
			`module.fail_json(msg="HTTP error " + str(info["status"]) + " " + info["msg"])`

			`content = resp.read()`
			`return json.loads(content)`

Pep8 fixes for jenkins_* module (#24154) Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com> 2017-05-01 15:01:25 +00:00
add jenkins_script module for running arbitrary jenkins console scripts against a jenkins instance (#19640) 2017-01-06 15:12:24 +00:00			`def main():`

			`module = AnsibleModule(`
Pep8 fixes for jenkins_* module (#24154) Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com> 2017-05-01 15:01:25 +00:00			`argument_spec=dict(`
			`script=dict(required=True, type="str"),`
			`url=dict(required=False, type="str", default="http://localhost:8080"),`
			`validate_certs=dict(required=False, type="bool", default=True),`
			`user=dict(required=False, no_log=True, type="str", default=None),`
			`password=dict(required=False, no_log=True, type="str", default=None),`
Added timeout to jenkins_script POST request (#24924) * Added timeout to jenkins_script POST request The timeout value is passed to fetch_url to allow a custom timeout bigger than the predefined 10 seconds. * Added version, removed no_log 2017-05-24 10:16:05 +00:00			`timeout=dict(required=False, type="int", default=10),`
Pep8 fixes for jenkins_* module (#24154) Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com> 2017-05-01 15:01:25 +00:00			`args=dict(required=False, type="dict", default=None)`
add jenkins_script module for running arbitrary jenkins console scripts against a jenkins instance (#19640) 2017-01-06 15:12:24 +00:00			`)`
			`)`

			`if module.params['user'] is not None:`
			`if module.params['password'] is None:`
			`module.fail_json(msg="password required when user provided")`
			`module.params['url_username'] = module.params['user']`
			`module.params['url_password'] = module.params['password']`
			`module.params['force_basic_auth'] = True`

			`if module.params['args'] is not None:`
			`from string import Template`
			`script_contents = Template(module.params['script']).substitute(module.params['args'])`
			`else:`
			`script_contents = module.params['script']`

Pass CSRF token along with Jenkins POST requests (#23250) 2017-04-06 09:03:57 +00:00			`headers = {}`
			`if is_csrf_protection_enabled(module):`
			`crumb = get_crumb(module)`
			`headers = {crumb['crumbRequestField']: crumb['crumb']}`
add jenkins_script module for running arbitrary jenkins console scripts against a jenkins instance (#19640) 2017-01-06 15:12:24 +00:00
			`resp, info = fetch_url(module,`
			`module.params['url'] + "/scriptText",`
			`data=urlencode({'script': script_contents}),`
Pep8 fixes for jenkins_* module (#24154) Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com> 2017-05-01 15:01:25 +00:00			`headers=headers,`
Added timeout to jenkins_script POST request (#24924) * Added timeout to jenkins_script POST request The timeout value is passed to fetch_url to allow a custom timeout bigger than the predefined 10 seconds. * Added version, removed no_log 2017-05-24 10:16:05 +00:00			`method="POST",`
			`timeout=module.params['timeout'])`
add jenkins_script module for running arbitrary jenkins console scripts against a jenkins instance (#19640) 2017-01-06 15:12:24 +00:00
			`if info["status"] != 200:`
			`module.fail_json(msg="HTTP error " + str(info["status"]) + " " + info["msg"])`

			`result = resp.read()`

			`if 'Exception:' in result and 'at java.lang.Thread' in result:`
			`module.fail_json(msg="script failed with stacktrace:\n " + result)`

			`module.exit_json(`
Pep8 fixes for jenkins_* module (#24154) Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com> 2017-05-01 15:01:25 +00:00			`output=result,`
add jenkins_script module for running arbitrary jenkins console scripts against a jenkins instance (#19640) 2017-01-06 15:12:24 +00:00			`)`


			`if __name__ == '__main__':`
			`main()`