Ensure `wait_condition`s with `Status: Unknown` actually
complete
Return k8s object after wait rather than k8s object before
wait when object is patched.
* Add proper k8s *List kind support
* set defaults more intelligently
* reimplement list support so that it will work in all versions of the client
* clean up debugging code
* k8s wait - don't try to call to_dict on None
Need to ensure that the resource dict is correctly returned for absent
resources
* Cope with resources without a namespace
Some resources (e.g. ClusterRoleBinding) do not have a Namespace.
Handle the lack of a namespace key.
Warnings get printed at the end of loops, which means that if you're
running validation against a bunch of resources, the warning message
gets printed after a number of potentially unrelated resources.
Adding extra info about the resource failing validation will help
find the validation issues.
* Always check envvars when auth parameter is not provided
This will make it so that all code using the get_api_client
method will make use of the environment variables, instead of
silently ignoring them if default values haven't been set. This
affects at least the k8s lookup plugin.
* Add changelog
* Bubble up import exception content for k8s module
Signed-off-by: Fabian von Feilitzsch <fabian@fabianism.us>
* Track down other places import exception is reported
* Add changelog fragment
* k8s: add k8s_kind arg to KubernetesRawModule
Single–kind k8s modules (e.g. k8s_service) do not have a module
parameter called 'kind' and need to pass a static 'kind' on
KubernetesRawModule class creation. Hence this change.
* k8s: make 'validate' and 'wait' mod params optional
Not all k8s modules utilizing KubernetesRawModule will use these.
* k8s_service: new k8s module for handling Services
* Add append_hash functionality to k8s module
append_hash adds a hash based on the contents of a ConfigMap
or Secret to the name - this enables immutable ConfigMaps and
Secrets.
* Provide k8s_config_resource_name plugin
The k8s_config_resource_name filter plugin provides a means of determining
the name of ConfigMaps and Secrets created with append_hash
* Add changelog fragment
* fix failing tests
* Update openshift version needed for append_hash
* Provide Kubernetes resource validation to k8s module
Use kubernetes-validate to validate Kubernetes resource
definitions against the published schema
* Additional tests for kubernetes-validate
* Improve k8s error messages on exceptions
Parse the response body for the message rather than returning
a JSON blob
If we've validated and there are warnings, return those too - they
can be more helpful
```
"msg": "Failed to patch object: {\"kind\":\"Status\",\"apiVersion\":\"v1\",\"metadata\":{},
\"status\":\"Failure\",\"message\":\"[pos 334]: json: decNum: got first char 'h'\",\"code\":500}\n",
```
vs
```
"msg": "Failed to patch object: [pos 334]: json: decNum: got first char 'h'\nresource
validation error at spec.replicas: 'hello' is not of type u'integer'",
```
* Update versions used
In particular openshift/origin:3.9.0
* Add changelog for k8s validate change
kubeconfig should be loaded if *either* or both of context
or kubeconfig is set (this allows picking a context and default
kubeconfig or picking a kubeconfig with default context)
Fixes#47149
* openshift inventory: fix exception when auth fails
Fix 'ForbiddenError' object has no attribute 'message':
[WARNING]: * Failed to parse test.yml with openshift plugin: 'ForbiddenError' object has no attribute 'message'
File "ansible/lib/ansible/inventory/manager.py", line 270, in parse_source
plugin.parse(self._inventory, self._loader, source, cache=cache)
File "ansible/lib/ansible/plugins/inventory/openshift.py", line 122, in parse
self.setup(config_data, cache, cache_key)
File "ansible/lib/ansible/module_utils/k8s/inventory.py", line 58, in setup
self.fetch_objects(connections)
File "ansible/lib/ansible/module_utils/k8s/inventory.py", line 250, in fetch_objects
super(OpenShiftInventoryHelper, self).fetch_objects(connections)
File "ansible/lib/ansible/module_utils/k8s/inventory.py", line 81, in fetch_objects
namespaces = self.get_available_namespaces(client)
File "ansible/lib/ansible/module_utils/k8s/inventory.py", line 95, in get_available_namespaces
raise K8sInventoryException('Error fetching Namespace list: {0}'.format(exc.message))
Don't try to get 'message' attribute from:
- K8sInventoryException instances
- Exception instances
- KubernetesException instances (because KubernetesException can be
Exception)
* move k8s/OpenShift inventory plugin dedicated code
inventory plugin specific code should not be located in
lib/ansible/module_utils directory. Then ansible.utils methods can be
reused (for example Display).
* Remove unused class variables 'helper'
unused since 4d77878654.
* Use a sensible default for k8s merge_type
The sensible default for merge_type is `['strategic-merge', 'merge'].
However, we can't make this the default default, as we need to support
users who are using openshift 0.6.0, where the merge_type parameter is
unsupported.
* Refactor k8s test suite for merge_type tests
Allow tests with pre-merge-type openshift and post-merge-type
openshift.
* Make merge_type a list and apply merge_type in order
Allow use case of preferring strategic-merge and failing
back to merge, or just preferring a different merge type
* Improve k8s module test coverage
`items` is a *terrible* return key for ansible as Jinja
will often think it refers to the `items()` function.
Even though you can typically work around this with
`results['items']`, sometimes even that doesn't work:
```
- name: Resources should exist
assert:
that: item.status.phase == 'Active'
loop: "{{ k8s_namespaces['items'] }}"
```
```
fatal: [testhost]: FAILED! => {"msg": "Invalid data passed to 'loop', it
requires a list, got this instead: <built-in method items of dict object
at 0x109dc9c58>. Hint: If you passed a list/dict of just one element,
try adding wantlist=True to your lookup invocation or use q/query
instead of lookup."}
```
Change it now while we still can.
Allows patching of custom Kubernetes resources that
don't support strategic merge patching
Check that openshift module supports content_type param
(requires version newer than 0.6.0)
Move dict_merge from azure_rm_resource module to
module_utils.common.dict_transformations and add tests.
Use dict_merge to provide a fairly realistic, reliable
diff output when k8s-based modules are run in check_mode.
Rename unit tests so that they actually run and reflect
the module_utils they're based on.
* allow user to pass list of resources in to definition parameter
* Add new validator for list|dict|string
* use string_types instead of string
* state/force information is lost after the first item in the list
* Add tests
* Appease ansibot
* Move k8s modules to dynamic backend
* update required openshift version
* update -> patch
* use new dynamic client exceptions
* style
* guard urllib3 import
* guard ansibleerror import
* give more information about error cause
* format in variable
* style
* rename tests
* Search for provided kind in a few more places to match old behavior, properly handle failure
* make common code use fail instead of fail_json, to work for lookup plugins as well
* update docs
* move openshift_raw tests into k8s tests
* fix typo
* Use diff of response and resource to determine change, don't do any checking client-side before making requests
* remove duplicate yaml blocks
* Update porting guide for k8s module
* remove invalid doc refs
* If fuzzy searching finds a resource, update resource_definition to match proper kind and version
* remote unsupported openshift_raw variables
* properly check environment variables when determining auth method:
Node port field is not populated on K8S pods, and it's certainely the most useful port to use in pod when we need to interact with ansible outside of the cluster
Fabrice
Will Thames
Abhijeet Kasurde
Gerrit
James Cassell
Fabian von Feilitzsch
Jordan Borean
Mariusz Mazur
Pilou
Joren Vrancken
Pavel Eremeev
Will Thames
Adam Miller
Pierre-Louis Bonicoli
Loïc Blot
Chris Houseknecht