ansible/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2026-02-04 07:51:50 +00:00
Code Activity

Reformat everything.

Browse source
This commit is contained in:
Felix Fontein 2025-11-01 12:08:41 +01:00
parent 3f2213791a
commit 340ff8586d
1008 changed files with 61301 additions and 58309 deletions
Download patch file Download diff file Expand all files Collapse all files

173
plugins/modules/gitlab_project_access_token.py
View file

@ -158,7 +158,10 @@ from ansible.module_utils.api import basic_auth_argument_spec
from ansible.module_utils.basic import AnsibleModule
from ansible_collections.community.general.plugins.module_utils.gitlab import (
auth_argument_spec, find_project, gitlab_authentication, gitlab
auth_argument_spec,
find_project,
gitlab_authentication,
gitlab,
)
ACCESS_LEVELS = dict(guest=10, planner=15, reporter=20, developer=30, maintainer=40, owner=50)
@ -170,10 +173,11 @@ class GitLabProjectAccessToken:
self._gitlab = gitlab_instance
self.access_token_object = None
'''
"""
@param project Project Object
@param arguments Attributes of the access_token
'''
"""
def create_access_token(self, project, arguments):
changed = False
if self._module.check_mode:
@ -182,17 +186,18 @@ class GitLabProjectAccessToken:
try:
self.access_token_object = project.access_tokens.create(arguments)
changed = True
except (gitlab.exceptions.GitlabCreateError) as e:
except gitlab.exceptions.GitlabCreateError as e:
self._module.fail_json(msg=f"Failed to create access token: {e}")
return changed
'''
"""
@param project Project object
@param name of the access token
'''
"""
def find_access_token(self, project, name):
access_tokens = [x for x in project.access_tokens.list(all=True) if not getattr(x, 'revoked', False)]
access_tokens = [x for x in project.access_tokens.list(all=True) if not getattr(x, "revoked", False)]
for access_token in access_tokens:
if access_token.name == name:
self.access_token_object = access_token
@ -207,19 +212,19 @@ class GitLabProjectAccessToken:
try:
self.access_token_object.delete()
changed = True
except (gitlab.exceptions.GitlabCreateError) as e:
except gitlab.exceptions.GitlabCreateError as e:
self._module.fail_json(msg=f"Failed to revoke access token: {e}")
return changed
def access_tokens_equal(self):
if self.access_token_object.name != self._module.params['name']:
if self.access_token_object.name != self._module.params["name"]:
return False
if self.access_token_object.scopes != self._module.params['scopes']:
if self.access_token_object.scopes != self._module.params["scopes"]:
return False
if self.access_token_object.access_level != ACCESS_LEVELS[self._module.params['access_level']]:
if self.access_token_object.access_level != ACCESS_LEVELS[self._module.params["access_level"]]:
return False
if self.access_token_object.expires_at != self._module.params['expires_at']:
if self.access_token_object.expires_at != self._module.params["expires_at"]:
return False
return True
@ -227,60 +232,66 @@ class GitLabProjectAccessToken:
def main():
argument_spec = basic_auth_argument_spec()
argument_spec.update(auth_argument_spec())
argument_spec.update(dict(
state=dict(type='str', default="present", choices=["absent", "present"]),
project=dict(type='str', required=True),
name=dict(type='str', required=True),
scopes=dict(type='list',
required=True,
aliases=['scope'],
elements='str',
choices=['api',
'read_api',
'read_registry',
'write_registry',
'read_repository',
'write_repository',
'create_runner',
'manage_runner',
'ai_features',
'k8s_proxy',
'self_rotate']),
access_level=dict(type='str', default='maintainer', choices=['guest', 'planner', 'reporter', 'developer', 'maintainer', 'owner']),
expires_at=dict(type='str', required=True),
recreate=dict(type='str', default='never', choices=['never', 'always', 'state_change'])
))
argument_spec.update(
dict(
state=dict(type="str", default="present", choices=["absent", "present"]),
project=dict(type="str", required=True),
name=dict(type="str", required=True),
scopes=dict(
type="list",
required=True,
aliases=["scope"],
elements="str",
choices=[
"api",
"read_api",
"read_registry",
"write_registry",
"read_repository",
"write_repository",
"create_runner",
"manage_runner",
"ai_features",
"k8s_proxy",
"self_rotate",
],
),
access_level=dict(
type="str",
default="maintainer",
choices=["guest", "planner", "reporter", "developer", "maintainer", "owner"],
),
expires_at=dict(type="str", required=True),
recreate=dict(type="str", default="never", choices=["never", "always", "state_change"]),
)
)
module = AnsibleModule(
argument_spec=argument_spec,
mutually_exclusive=[
['api_username', 'api_token'],
['api_username', 'api_oauth_token'],
['api_username', 'api_job_token'],
['api_token', 'api_oauth_token'],
['api_token', 'api_job_token']
["api_username", "api_token"],
["api_username", "api_oauth_token"],
["api_username", "api_job_token"],
["api_token", "api_oauth_token"],
["api_token", "api_job_token"],
],
required_together=[
['api_username', 'api_password']
],
required_one_of=[
['api_username', 'api_token', 'api_oauth_token', 'api_job_token']
],
supports_check_mode=True
required_together=[["api_username", "api_password"]],
required_one_of=[["api_username", "api_token", "api_oauth_token", "api_job_token"]],
supports_check_mode=True,
)
state = module.params['state']
project_identifier = module.params['project']
name = module.params['name']
scopes = module.params['scopes']
access_level_str = module.params['access_level']
expires_at = module.params['expires_at']
recreate = module.params['recreate']
state = module.params["state"]
project_identifier = module.params["project"]
name = module.params["name"]
scopes = module.params["scopes"]
access_level_str = module.params["access_level"]
expires_at = module.params["expires_at"]
recreate = module.params["recreate"]
access_level = ACCESS_LEVELS[access_level_str]
try:
datetime.strptime(expires_at, '%Y-%m-%d')
datetime.strptime(expires_at, "%Y-%m-%d")
except ValueError:
module.fail_json(msg="Argument expires_at is not in required format YYYY-MM-DD")
@ -297,36 +308,62 @@ def main():
if gitlab_access_token.access_token_object is not None:
gitlab_access_token_exists = True
if state == 'absent':
if state == "absent":
if gitlab_access_token_exists:
gitlab_access_token.revoke_access_token()
module.exit_json(changed=True, msg=f"Successfully deleted access token {name}")
else:
module.exit_json(changed=False, msg="Access token does not exists")
if state == 'present':
if state == "present":
if gitlab_access_token_exists:
if gitlab_access_token.access_tokens_equal():
if recreate == 'always':
if recreate == "always":
gitlab_access_token.revoke_access_token()
gitlab_access_token.create_access_token(project, {'name': name, 'scopes': scopes, 'access_level': access_level, 'expires_at': expires_at})
module.exit_json(changed=True, msg="Successfully recreated access token", access_token=gitlab_access_token.access_token_object._attrs)
gitlab_access_token.create_access_token(
project,
{"name": name, "scopes": scopes, "access_level": access_level, "expires_at": expires_at},
)
module.exit_json(
changed=True,
msg="Successfully recreated access token",
access_token=gitlab_access_token.access_token_object._attrs,
)
else:
module.exit_json(changed=False, msg="Access token already exists", access_token=gitlab_access_token.access_token_object._attrs)
module.exit_json(
changed=False,
msg="Access token already exists",
access_token=gitlab_access_token.access_token_object._attrs,
)
else:
if recreate == 'never':
module.fail_json(msg="Access token already exists and its state is different. It can not be updated without recreating.")
if recreate == "never":
module.fail_json(
msg="Access token already exists and its state is different. It can not be updated without recreating."
)
else:
gitlab_access_token.revoke_access_token()
gitlab_access_token.create_access_token(project, {'name': name, 'scopes': scopes, 'access_level': access_level, 'expires_at': expires_at})
module.exit_json(changed=True, msg="Successfully recreated access token", access_token=gitlab_access_token.access_token_object._attrs)
gitlab_access_token.create_access_token(
project,
{"name": name, "scopes": scopes, "access_level": access_level, "expires_at": expires_at},
)
module.exit_json(
changed=True,
msg="Successfully recreated access token",
access_token=gitlab_access_token.access_token_object._attrs,
)
else:
gitlab_access_token.create_access_token(project, {'name': name, 'scopes': scopes, 'access_level': access_level, 'expires_at': expires_at})
gitlab_access_token.create_access_token(
project, {"name": name, "scopes": scopes, "access_level": access_level, "expires_at": expires_at}
)
if module.check_mode:
module.exit_json(changed=True, msg="Successfully created access token", access_token={})
else:
module.exit_json(changed=True, msg="Successfully created access token", access_token=gitlab_access_token.access_token_object._attrs)
module.exit_json(
changed=True,
msg="Successfully created access token",
access_token=gitlab_access_token.access_token_object._attrs,
)
if __name__ == '__main__':
if __name__ == "__main__":
main()