-
Notifications
You must be signed in to change notification settings - Fork 342
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Refacter lookup plugins Depends-On: #1248 SUMMARY Refacters the lookup plugins to use common code for common boto3/botocore operations ISSUE TYPE Feature Pull Request COMPONENT NAME plugins/lookup/aws_account_attribute.py plugins/lookup/aws_secret.py plugins/lookup/aws_ssm.py plugins/module_utils/botocore.py plugins/module_utils/core.py plugins/module_utils/exceptions.py plugins/module_utils/modules.py ADDITIONAL INFORMATION Reviewed-by: Alina Buzachis <None> Reviewed-by: Mark Chappell <None>
- Loading branch information
Showing
24 changed files
with
1,083 additions
and
252 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
minor_changes: | ||
- aws_secret - the ``aws_secret`` lookup plugin has been renamed ``secretsmanager_secret``, ``aws_secret`` remains as an alias | ||
(https://github.com/ansible-collections/amazon.aws/pull/1225). | ||
- aws_ssm - the ``aws_ssm`` lookup plugin has been renamed ``ssm_parameter``, ``aws_ssm`` remains as an alias | ||
(https://github.com/ansible-collections/amazon.aws/pull/1225). | ||
|
||
- aws_account_attribute - the ``aws_account_attribute`` lookup plugin has been refactored to use | ||
``AWSLookupBase`` as its base class | ||
(https://github.com/ansible-collections/amazon.aws/pull/1225). | ||
- aws_secret - the ``aws_secret`` lookup plugin has been refactored to use | ||
``AWSLookupBase`` as its base class | ||
(https://github.com/ansible-collections/amazon.aws/pull/1225). | ||
- aws_ssm - the ``aws_ssm`` lookup plugin has been refactored to use | ||
``AWSLookupBase`` as its base class | ||
(https://github.com/ansible-collections/amazon.aws/pull/1225). | ||
|
||
- amazon.aws lookup plugins - ``aws_profile`` has been renamed to ``profile`` for consistency | ||
between modules and plugins, ``aws_profile`` remains as an alias. | ||
This change should have no observable effect for users outside the module/plugin documentation | ||
(https://github.com/ansible-collections/amazon.aws/pull/1225). | ||
- amazon.aws lookup plugins - ``aws_access_key`` has been renamed to ``access_key`` for consistency | ||
between modules and plugins, ``aws_access_key`` remains as an alias. | ||
This change should have no observable effect for users outside the module/plugin documentation | ||
(https://github.com/ansible-collections/amazon.aws/pull/1225). | ||
- amazon.aws lookup plugins - ``aws_secret_key`` has been renamed to ``secret_key`` for consistency | ||
between modules and plugins, ``aws_secret_key`` remains as an alias. | ||
This change should have no observable effect for users outside the module/plugin documentation | ||
(https://github.com/ansible-collections/amazon.aws/pull/1225). | ||
- amazon.aws lookup plugins - ``aws_security_token`` has been renamed to ``session_token`` for consistency | ||
between modules and plugins, ``aws_security_token`` remains as an alias. | ||
This change should have no observable effect for users outside the module/plugin documentation | ||
(https://github.com/ansible-collections/amazon.aws/pull/1225). | ||
|
||
deprecated_features: | ||
- amazon.aws lookup plugins - the ``boto3_profile`` alias for the ``profile`` option has been deprecated, please use ``profile`` instead | ||
(https://github.com/ansible-collections/amazon.aws/pull/1225). |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -3,14 +3,10 @@ | |
from __future__ import (absolute_import, division, print_function) | ||
__metaclass__ = type | ||
|
||
DOCUMENTATION = ''' | ||
DOCUMENTATION = r""" | ||
name: aws_account_attribute | ||
author: | ||
- Sloane Hertel (@s-hertel) <[email protected]> | ||
extends_documentation_fragment: | ||
- amazon.aws.boto3 | ||
- amazon.aws.aws_credentials | ||
- amazon.aws.region.plugins | ||
short_description: Look up AWS account attributes | ||
description: | ||
- Describes attributes of your AWS account. You can specify one of the listed | ||
|
@@ -26,9 +22,13 @@ | |
- max-elastic-ips | ||
- vpc-max-elastic-ips | ||
- has-ec2-classic | ||
''' | ||
extends_documentation_fragment: | ||
- amazon.aws.boto3 | ||
- amazon.aws.common.plugins | ||
- amazon.aws.region.plugins | ||
""" | ||
|
||
EXAMPLES = """ | ||
EXAMPLES = r""" | ||
vars: | ||
has_ec2_classic: "{{ lookup('aws_account_attribute', attribute='has-ec2-classic') }}" | ||
# true | false | ||
|
@@ -42,71 +42,34 @@ | |
""" | ||
|
||
RETURN = """ | ||
RETURN = r""" | ||
_raw: | ||
description: | ||
Returns a boolean when I(attribute) is check_ec2_classic. Otherwise returns the value(s) of the attribute | ||
(or all attributes if one is not specified). | ||
""" | ||
|
||
try: | ||
import boto3 | ||
import botocore | ||
except ImportError: | ||
pass # will be captured by imported HAS_BOTO3 | ||
pass # Handled by AWSLookupBase | ||
|
||
from ansible.errors import AnsibleError | ||
from ansible.errors import AnsibleLookupError | ||
from ansible.module_utils._text import to_native | ||
from ansible.module_utils.basic import missing_required_lib | ||
from ansible.plugins.lookup import LookupBase | ||
|
||
from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry | ||
from ansible_collections.amazon.aws.plugins.module_utils.ec2 import HAS_BOTO3 | ||
|
||
from ansible_collections.amazon.aws.plugins.module_utils.retries import AWSRetry | ||
from ansible_collections.amazon.aws.plugins.plugin_utils.lookup import AWSLookupBase | ||
|
||
def _boto3_conn(region, credentials): | ||
boto_profile = credentials.pop('aws_profile', None) | ||
|
||
try: | ||
connection = boto3.session.Session(profile_name=boto_profile).client('ec2', region, **credentials) | ||
except (botocore.exceptions.ProfileNotFound, botocore.exceptions.PartialCredentialsError): | ||
if boto_profile: | ||
try: | ||
connection = boto3.session.Session(profile_name=boto_profile).client('ec2', region) | ||
except (botocore.exceptions.ProfileNotFound, botocore.exceptions.PartialCredentialsError): | ||
raise AnsibleError("Insufficient credentials found.") | ||
else: | ||
raise AnsibleError("Insufficient credentials found.") | ||
return connection | ||
|
||
|
||
def _get_credentials(options): | ||
credentials = {} | ||
credentials['aws_profile'] = options['aws_profile'] | ||
credentials['aws_secret_access_key'] = options['aws_secret_key'] | ||
credentials['aws_access_key_id'] = options['aws_access_key'] | ||
if options['aws_security_token']: | ||
credentials['aws_session_token'] = options['aws_security_token'] | ||
|
||
return credentials | ||
|
||
|
||
@AWSRetry.jittered_backoff(retries=10) | ||
def _describe_account_attributes(client, **params): | ||
return client.describe_account_attributes(**params) | ||
return client.describe_account_attributes(aws_retry=True, **params) | ||
|
||
|
||
class LookupModule(LookupBase): | ||
class LookupModule(AWSLookupBase): | ||
def run(self, terms, variables, **kwargs): | ||
super(LookupModule, self).run(terms, variables, **kwargs) | ||
|
||
if not HAS_BOTO3: | ||
raise AnsibleError(missing_required_lib('botocore and boto3')) | ||
|
||
self.set_options(var_options=variables, direct=kwargs) | ||
boto_credentials = _get_credentials(self._options) | ||
|
||
region = self._options['region'] | ||
client = _boto3_conn(region, boto_credentials) | ||
client = self.client('ec2', AWSRetry.jittered_backoff()) | ||
|
||
attribute = kwargs.get('attribute') | ||
params = {'AttributeNames': []} | ||
|
@@ -120,7 +83,7 @@ def run(self, terms, variables, **kwargs): | |
try: | ||
response = _describe_account_attributes(client, **params)['AccountAttributes'] | ||
except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: | ||
raise AnsibleError("Failed to describe account attributes: %s" % to_native(e)) | ||
raise AnsibleLookupError("Failed to describe account attributes: {0}".format(to_native(e))) | ||
|
||
if check_ec2_classic: | ||
attr = response[0] | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.