diff --git a/plugins/modules/hcloud_certificate_info.py b/plugins/modules/hcloud_certificate_info.py new file mode 100644 index 0000000..67c4fd0 --- /dev/null +++ b/plugins/modules/hcloud_certificate_info.py @@ -0,0 +1,173 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright: (c) 2020, Hetzner Cloud GmbH +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type + +ANSIBLE_METADATA = { + "metadata_version": "1.1", + "status": ["preview"], + "supported_by": "community", +} + +DOCUMENTATION = ''' +--- +module: hcloud_certificate_info +short_description: Gather infos about your Hetzner Cloud certificates. +description: + - Gather facts about your Hetzner Cloud certificates. +author: + - Lukas Kämmerling (@LKaemmerling) +options: + id: + description: + - The ID of the certificate you want to get. + type: int + name: + description: + - The name of the certificate you want to get. + type: str + label_selector: + description: + - The label selector for the certificate you want to get. + type: str +extends_documentation_fragment: +- hetzner.hcloud.hcloud + +''' + +EXAMPLES = """ +- name: Gather hcloud sshkey infos + hcloud_certificate_info: + register: output +- name: Print the gathered infos + debug: + var: output.hcloud_certificate_info +""" + +RETURN = """ +hcloud_certificate_info: + description: The certificate instances + returned: Always + type: complex + contains: + id: + description: Numeric identifier of the certificate + returned: always + type: int + sample: 1937415 + name: + description: Name of the certificate + returned: always + type: str + sample: my website cert + fingerprint: + description: Fingerprint of the certificate + returned: always + type: str + sample: 03:c7:55:9b:2a:d1:04:17:09:f6:d0:7f:18:34:63:d4:3e:5f + certificate: + description: Certificate and chain in PEM format, in order so that each record directly certifies the one preceding + returned: always + type: str + sample: "-----BEGIN CERTIFICATE-----\n..." + domain_names: + description: List of Domains and Subdomains covered by the Certificate + returned: always + type: dict + not_valid_before: + description: Point in time when the Certificate becomes valid (in ISO-8601 format) + returned: always + type: str + not_valid_after: + description: Point in time when the Certificate stops being valid (in ISO-8601 format) + returned: always + type: str + labels: + description: User-defined labels (key-value pairs) + returned: always + type: dict +""" +from ansible.module_utils.basic import AnsibleModule +from ansible.module_utils._text import to_native +from ansible_collections.hetzner.hcloud.plugins.module_utils.hcloud import Hcloud + +try: + from hcloud import APIException +except ImportError: + pass + + +class AnsibleHcloudSSHKeyInfo(Hcloud): + def __init__(self, module): + Hcloud.__init__(self, module, "hcloud_certificate_info") + self.hcloud_certificate_info = None + + def _prepare_result(self): + certificates = [] + + for certificate in self.hcloud_certificate_info: + if certificate: + certificates.append({ + "id": to_native(certificate.id), + "name": to_native(certificate.name), + "fingerprint": to_native(certificate.fingerprint), + "certificate": to_native(certificate.certificate), + "not_valid_before": to_native(certificate.not_valid_before), + "not_valid_after": to_native(certificate.not_valid_after), + "domain_names": [to_native(domain) for domain in certificate.domain_names], + "labels": certificate.labels + }) + return certificates + + def get_certificates(self): + try: + if self.module.params.get("id") is not None: + self.hcloud_certificate_info = [self.client.certificates.get_by_id( + self.module.params.get("id") + )] + elif self.module.params.get("name") is not None: + self.hcloud_certificate_info = [self.client.certificates.get_by_name( + self.module.params.get("name") + )] + elif self.module.params.get("label_selector") is not None: + self.hcloud_certificate_info = self.client.certificates.get_all( + label_selector=self.module.params.get("label_selector")) + else: + self.hcloud_certificate_info = self.client.certificates.get_all() + + except APIException as e: + self.module.fail_json(msg=e.message) + + @staticmethod + def define_module(): + return AnsibleModule( + argument_spec=dict( + id={"type": "int"}, + name={"type": "str"}, + label_selector={"type": "str"}, + **Hcloud.base_module_arguments() + ), + supports_check_mode=True, + ) + + +def main(): + module = AnsibleHcloudSSHKeyInfo.define_module() + + hcloud = AnsibleHcloudSSHKeyInfo(module) + hcloud.get_certificates() + result = hcloud.get_result() + + ansible_info = { + 'hcloud_certificate_info': result['hcloud_certificate_info'] + } + module.exit_json(**ansible_info) + + +if __name__ == "__main__": + main() diff --git a/tests/integration/targets/hcloud_certificate_info/aliases b/tests/integration/targets/hcloud_certificate_info/aliases new file mode 100644 index 0000000..55ec821 --- /dev/null +++ b/tests/integration/targets/hcloud_certificate_info/aliases @@ -0,0 +1,2 @@ +cloud/hcloud +shippable/hcloud/group2 diff --git a/tests/integration/targets/hcloud_certificate_info/defaults/main.yml b/tests/integration/targets/hcloud_certificate_info/defaults/main.yml new file mode 100644 index 0000000..6205b19 --- /dev/null +++ b/tests/integration/targets/hcloud_certificate_info/defaults/main.yml @@ -0,0 +1,5 @@ +# Copyright: (c) 2019, Hetzner Cloud GmbH +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +hcloud_prefix: "tests" +hcloud_certificate_name: "always-there-cert" diff --git a/tests/integration/targets/hcloud_certificate_info/meta/main.yml b/tests/integration/targets/hcloud_certificate_info/meta/main.yml new file mode 100644 index 0000000..f830a9d --- /dev/null +++ b/tests/integration/targets/hcloud_certificate_info/meta/main.yml @@ -0,0 +1,2 @@ +collections: + - hetzner.cloud diff --git a/tests/integration/targets/hcloud_certificate_info/tasks/main.yml b/tests/integration/targets/hcloud_certificate_info/tasks/main.yml new file mode 100644 index 0000000..7dc4eb7 --- /dev/null +++ b/tests/integration/targets/hcloud_certificate_info/tasks/main.yml @@ -0,0 +1,39 @@ +# Copyright: (c) 2019, Hetzner Cloud GmbH +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- + +- name: test gather hcloud certificate infos in check mode + hcloud_certificate_info: + register: hcloud_certificate + check_mode: yes +- name: verify test gather hcloud certificate infos in check mode + assert: + that: + - hcloud_certificate.hcloud_certificate_info| list | count >= 1 + +- name: test gather hcloud certificate infos + hcloud_certificate_info: + register: hcloud_certificate + check_mode: yes +- name: verify test gather hcloud certificate infos + assert: + that: + - hcloud_certificate.hcloud_certificate_info| list | count >= 1 + +- name: test gather hcloud certificate infos with correct label selector + hcloud_certificate_info: + label_selector: "key=value" + register: hcloud_certificate +- name: verify test gather hcloud certificate infos with correct label selector + assert: + that: + - hcloud_certificate.hcloud_certificate_info|selectattr('name','equalto','{{ hcloud_certificate_name }}') | list | count == 1 + +- name: test gather hcloud certificate infos with wrong label selector + hcloud_certificate_info: + label_selector: "key!=value" + register: hcloud_certificate +- name: verify test gather hcloud certificate infos with wrong label selector + assert: + that: + - hcloud_certificate.hcloud_certificate_info | list | count == 0