1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
|
# flake8: noqa
# pylint: skip-file
DOCUMENTATION = '''
---
module: oc_user
short_description: Create, modify, and idempotently manage openshift users.
description:
- Modify openshift users programmatically.
options:
state:
description:
- State controls the action that will be taken with resource
- 'present' will create or update a user to the desired state
- 'absent' will ensure user is removed
- 'list' will read and return a list of users
default: present
choices: ["present", "absent", "list"]
aliases: []
kubeconfig:
description:
- The path for the kubeconfig file to use for authentication
required: false
default: /etc/origin/master/admin.kubeconfig
aliases: []
debug:
description:
- Turn on debug output.
required: false
default: False
aliases: []
username:
description:
- Short username to query/modify.
required: false
default: None
aliases: []
full_name:
description:
- String with the full name/description of the user.
required: false
default: None
aliases: []
groups:
description:
- List of groups the user should be a member of. This does not add/update the legacy 'groups' field in the OpenShift user object, but makes user entries into the appropriate OpenShift group object for the given user.
required: false
default: []
aliases: []
author:
- "Joel Diaz <jdiaz@redhat.com>"
extends_documentation_fragment: []
'''
EXAMPLES = '''
- name: Ensure user exists
oc_user:
state: present
username: johndoe
full_name "John Doe"
groups:
- dedicated-admins
register: user_johndoe
user_johndoe variable will have contents like:
ok: [ded-int-aws-master-61034] => {
"user_johndoe": {
"changed": true,
"results": {
"cmd": "oc -n default get users johndoe -o json",
"results": [
{
"apiVersion": "v1",
"fullName": "John DOe",
"groups": null,
"identities": null,
"kind": "User",
"metadata": {
"creationTimestamp": "2017-02-28T15:09:21Z",
"name": "johndoe",
"resourceVersion": "848781",
"selfLink": "/oapi/v1/users/johndoe",
"uid": "e23d3300-fdc7-11e6-9e3e-12822d6b7656"
}
}
],
"returncode": 0
},
"state": "present"
}
}
'groups' is empty because this field is the OpenShift user object's 'group' field.
- name: Ensure user does not exist
oc_user:
state: absent
username: johndoe
- name: List user's info
oc_user:
state: list
username: johndoe
register: user_johndoe
user_johndoe will have contents similar to:
ok: [ded-int-aws-master-61034] => {
"user_johndoe": {
"changed": false,
"results": [
{
"apiVersion": "v1",
"fullName": "John Doe",
"groups": null,
"identities": null,
"kind": "User",
"metadata": {
"creationTimestamp": "2017-02-28T15:04:44Z",
"name": "johndoe",
"resourceVersion": "848280",
"selfLink": "/oapi/v1/users/johndoe",
"uid": "3d479ad2-fdc7-11e6-9e3e-12822d6b7656"
}
}
],
"state": "list"
}
}
'''
|
