diff options
| author | Tim Bielawa <tbielawa@redhat.com> | 2017-10-09 16:14:38 -0400 |
|---|---|---|
| committer | Tim Bielawa <tbielawa@redhat.com> | 2017-10-20 16:02:55 -0400 |
| commit | f3741a05097f1848d2b3e9a01f03e76a33487e01 (patch) | |
| tree | e0013c33bfcb2364f2928b949f1f66617ab3c1c0 /filter_plugins | |
| parent | 30d3fc6ed990c8e9f13b4e96e6e7acff13500e1e (diff) | |
| download | openshift-f3741a05097f1848d2b3e9a01f03e76a33487e01.tar.gz openshift-f3741a05097f1848d2b3e9a01f03e76a33487e01.tar.bz2 openshift-f3741a05097f1848d2b3e9a01f03e76a33487e01.tar.xz openshift-f3741a05097f1848d2b3e9a01f03e76a33487e01.zip | |
Management Cleanup and Provider Integration
* Add container provider integration
* General cleanup
* Poll until service fully starts
* Add notes on multiple-provider additions
Diffstat (limited to 'filter_plugins')
| -rw-r--r-- | filter_plugins/oo_filters.py | 70 |
1 files changed, 69 insertions, 1 deletions
diff --git a/filter_plugins/oo_filters.py b/filter_plugins/oo_filters.py index 2fbd23450..f9564499d 100644 --- a/filter_plugins/oo_filters.py +++ b/filter_plugins/oo_filters.py @@ -1125,6 +1125,73 @@ of items as ['region=infra', 'zone=primary'] return selectors +def oo_filter_sa_secrets(sa_secrets, secret_hint='-token-'): + """Parse the Service Account Secrets list, `sa_secrets`, (as from +oc_serviceaccount_secret:state=list) and return the name of the secret +containing the `secret_hint` string. For example, by default this will +return the name of the secret holding the SA bearer token. + +Only provide the 'results' object to this filter. This filter expects +to receive a list like this: + + [ + { + "name": "management-admin-dockercfg-p31s2" + }, + { + "name": "management-admin-token-bnqsh" + } + ] + + +Returns: + +* `secret_name` [string] - The name of the secret matching the + `secret_hint` parameter. By default this is the secret holding the + SA's bearer token. + +Example playbook usage: + +Register a return value from oc_serviceaccount_secret with and pass +that result to this filter plugin. + + - name: Get all SA Secrets + oc_serviceaccount_secret: + state: list + service_account: management-admin + namespace: management-infra + register: sa + + - name: Save the SA bearer token secret name + set_fact: + management_token: "{{ sa.results | oo_filter_sa_secrets }}" + + - name: Get the SA bearer token value + oc_secret: + state: list + name: "{{ management_token }}" + namespace: management-infra + decode: true + register: sa_secret + + - name: Print the bearer token value + debug: + var: sa_secret.results.decoded.token + + """ + secret_name = None + + for secret in sa_secrets: + # each secret is a hash + if secret['name'].find(secret_hint) == -1: + continue + else: + secret_name = secret['name'] + break + + return secret_name + + class FilterModule(object): """ Custom ansible filter mapping """ @@ -1167,5 +1234,6 @@ class FilterModule(object): "to_padded_yaml": to_padded_yaml, "oo_random_word": oo_random_word, "oo_contains_rule": oo_contains_rule, - "oo_selector_to_string_list": oo_selector_to_string_list + "oo_selector_to_string_list": oo_selector_to_string_list, + "oo_filter_sa_secrets": oo_filter_sa_secrets, } |