summaryrefslogtreecommitdiffstats
path: root/roles/lib_openshift/library
diff options
context:
space:
mode:
Diffstat (limited to 'roles/lib_openshift/library')
-rw-r--r--roles/lib_openshift/library/oc_route.py112
1 files changed, 68 insertions, 44 deletions
diff --git a/roles/lib_openshift/library/oc_route.py b/roles/lib_openshift/library/oc_route.py
index 6ee34bafb..ab42820b9 100644
--- a/roles/lib_openshift/library/oc_route.py
+++ b/roles/lib_openshift/library/oc_route.py
@@ -145,6 +145,12 @@ options:
required: false
default: None
aliases: []
+ port:
+ description:
+ - The Name of the service port or number of the container port the route will route traffic to
+ required: false
+ default: None
+ aliases: []
author:
- "Kenny Woodson <kwoodson@redhat.com>"
extends_documentation_fragment: []
@@ -1313,7 +1319,8 @@ class RouteConfig(object):
tls_termination=None,
service_name=None,
wildcard_policy=None,
- weight=None):
+ weight=None,
+ port=None):
''' constructor for handling route options '''
self.kubeconfig = kubeconfig
self.name = sname
@@ -1325,6 +1332,7 @@ class RouteConfig(object):
self.cert = cert
self.key = key
self.service_name = service_name
+ self.port = port
self.data = {}
self.wildcard_policy = wildcard_policy
if wildcard_policy is None:
@@ -1349,12 +1357,15 @@ class RouteConfig(object):
if self.tls_termination:
self.data['spec']['tls'] = {}
+ self.data['spec']['tls']['termination'] = self.tls_termination
+
+ if self.tls_termination != 'passthrough':
+ self.data['spec']['tls']['key'] = self.key
+ self.data['spec']['tls']['caCertificate'] = self.cacert
+ self.data['spec']['tls']['certificate'] = self.cert
+
if self.tls_termination == 'reencrypt':
self.data['spec']['tls']['destinationCACertificate'] = self.destcacert
- self.data['spec']['tls']['key'] = self.key
- self.data['spec']['tls']['caCertificate'] = self.cacert
- self.data['spec']['tls']['certificate'] = self.cert
- self.data['spec']['tls']['termination'] = self.tls_termination
self.data['spec']['to'] = {'kind': 'Service',
'name': self.service_name,
@@ -1362,11 +1373,16 @@ class RouteConfig(object):
self.data['spec']['wildcardPolicy'] = self.wildcard_policy
+ if self.port:
+ self.data['spec']['port'] = {}
+ self.data['spec']['port']['targetPort'] = self.port
+
# pylint: disable=too-many-instance-attributes,too-many-public-methods
class Route(Yedit):
''' Class to wrap the oc command line tools '''
wildcard_policy = "spec.wildcardPolicy"
host_path = "spec.host"
+ port_path = "spec.port.targetPort"
service_path = "spec.to.name"
weight_path = "spec.to.weight"
cert_path = "spec.tls.certificate"
@@ -1412,6 +1428,10 @@ class Route(Yedit):
''' return host '''
return self.get(Route.host_path)
+ def get_port(self):
+ ''' return port '''
+ return self.get(Route.port_path)
+
def get_wildcard_policy(self):
''' return wildcardPolicy '''
return self.get(Route.wildcard_policy)
@@ -1483,9 +1503,23 @@ class OCRoute(OpenShiftCLI):
skip = []
return not Utils.check_def_equal(self.config.data, self.route.yaml_dict, skip_keys=skip, debug=True)
+ @staticmethod
+ def get_cert_data(path, content):
+ '''get the data for a particular value'''
+ if not path and not content:
+ return None
+
+ rval = None
+ if path and os.path.exists(path) and os.access(path, os.R_OK):
+ rval = open(path).read()
+ elif content:
+ rval = content
+
+ return rval
+
# pylint: disable=too-many-return-statements,too-many-branches
@staticmethod
- def run_ansible(params, files, check_mode=False):
+ def run_ansible(params, check_mode=False):
''' run the idempotent asnible code
params comes from the ansible portion for this module
@@ -1497,6 +1531,30 @@ class OCRoute(OpenShiftCLI):
}
check_mode: does the module support check mode. (module.check_mode)
'''
+ files = {'destcacert': {'path': params['dest_cacert_path'],
+ 'content': params['dest_cacert_content'],
+ 'value': None, },
+ 'cacert': {'path': params['cacert_path'],
+ 'content': params['cacert_content'],
+ 'value': None, },
+ 'cert': {'path': params['cert_path'],
+ 'content': params['cert_content'],
+ 'value': None, },
+ 'key': {'path': params['key_path'],
+ 'content': params['key_content'],
+ 'value': None, }, }
+
+ if params['tls_termination'] and params['tls_termination'].lower() != 'passthrough': # E501
+
+ for key, option in files.items():
+ if key == 'destcacert' and params['tls_termination'] != 'reencrypt':
+ continue
+
+ option['value'] = OCRoute.get_cert_data(option['path'], option['content']) # E501
+
+ if not option['value']:
+ return {'failed': True,
+ 'msg': 'Verify that you pass a value for %s' % key}
rconfig = RouteConfig(params['name'],
params['namespace'],
@@ -1509,7 +1567,8 @@ class OCRoute(OpenShiftCLI):
params['tls_termination'],
params['service_name'],
params['wildcard_policy'],
- params['weight'])
+ params['weight'],
+ params['port'])
oc_route = OCRoute(rconfig, verbose=params['debug'])
@@ -1593,20 +1652,6 @@ class OCRoute(OpenShiftCLI):
# -*- -*- -*- Begin included fragment: ansible/oc_route.py -*- -*- -*-
-def get_cert_data(path, content):
- '''get the data for a particular value'''
- if not path and not content:
- return None
-
- rval = None
- if path and os.path.exists(path) and os.access(path, os.R_OK):
- rval = open(path).read()
- elif content:
- rval = content
-
- return rval
-
-
# pylint: disable=too-many-branches
def main():
'''
@@ -1633,6 +1678,7 @@ def main():
host=dict(default=None, type='str'),
wildcard_policy=dict(default=None, type='str'),
weight=dict(default=None, type='int'),
+ port=dict(default=None, type='int'),
),
mutually_exclusive=[('dest_cacert_path', 'dest_cacert_content'),
('cacert_path', 'cacert_content'),
@@ -1640,30 +1686,8 @@ def main():
('key_path', 'key_content'), ],
supports_check_mode=True,
)
- files = {'destcacert': {'path': module.params['dest_cacert_path'],
- 'content': module.params['dest_cacert_content'],
- 'value': None, },
- 'cacert': {'path': module.params['cacert_path'],
- 'content': module.params['cacert_content'],
- 'value': None, },
- 'cert': {'path': module.params['cert_path'],
- 'content': module.params['cert_content'],
- 'value': None, },
- 'key': {'path': module.params['key_path'],
- 'content': module.params['key_content'],
- 'value': None, }, }
-
- if module.params['tls_termination']:
- for key, option in files.items():
- if key == 'destcacert' and module.params['tls_termination'] != 'reencrypt':
- continue
-
- option['value'] = get_cert_data(option['path'], option['content'])
-
- if not option['value']:
- module.fail_json(msg='Verify that you pass a value for %s' % key)
- results = OCRoute.run_ansible(module.params, files, module.check_mode)
+ results = OCRoute.run_ansible(module.params, module.check_mode)
if 'failed' in results:
module.fail_json(**results)