diff options
Diffstat (limited to 'roles/openshift_facts')
-rwxr-xr-x | roles/openshift_facts/library/openshift_facts.py | 99 |
1 files changed, 95 insertions, 4 deletions
diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 911a684fc..be2818dce 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -628,7 +628,7 @@ def set_deployment_facts_if_unset(facts): facts['common']['service_type'] = service_type if 'config_base' not in facts['common']: config_base = '/etc/origin' - if deployment_type in ['enterprise', 'online']: + if deployment_type in ['enterprise']: config_base = '/etc/openshift' # Handle upgrade scenarios when symlinks don't yet exist: if not os.path.exists(config_base) and os.path.exists('/etc/openshift'): @@ -636,7 +636,7 @@ def set_deployment_facts_if_unset(facts): facts['common']['config_base'] = config_base if 'data_dir' not in facts['common']: data_dir = '/var/lib/origin' - if deployment_type in ['enterprise', 'online']: + if deployment_type in ['enterprise']: data_dir = '/var/lib/openshift' # Handle upgrade scenarios when symlinks don't yet exist: if not os.path.exists(data_dir) and os.path.exists('/var/lib/openshift'): @@ -715,6 +715,26 @@ def set_version_facts_if_unset(facts): return facts +def set_manageiq_facts_if_unset(facts): + """ Set manageiq facts. This currently includes common.use_manageiq. + + Args: + facts (dict): existing facts + Returns: + dict: the facts dict updated with version facts. + Raises: + OpenShiftFactsInternalError: + """ + if 'common' not in facts: + if 'version_greater_than_3_1_or_1_1' not in facts['common']: + raise OpenShiftFactsInternalError( + "Invalid invocation: The required facts are not set" + ) + if 'use_mangeiq' not in facts['common']: + facts['common']['use_manageiq'] = facts['common']['version_greater_than_3_1_or_1_1'] + + return facts + def set_sdn_facts_if_unset(facts, system_facts): """ Set sdn facts if not already present in facts dict @@ -1021,6 +1041,11 @@ def set_container_facts_if_unset(facts): return facts +class OpenShiftFactsInternalError(Exception): + """Origin Facts Error""" + pass + + class OpenShiftFactsUnsupportedRoleError(Exception): """Origin Facts Unsupported Role Error""" pass @@ -1043,6 +1068,7 @@ class OpenShiftFacts(object): facts (dict): facts for the host Args: + module (AnsibleModule): an AnsibleModule object role (str): role for setting local facts filename (str): local facts file to use local_facts (dict): local facts to set @@ -1096,6 +1122,7 @@ class OpenShiftFacts(object): facts = set_sdn_facts_if_unset(facts, self.system_facts) facts = set_deployment_facts_if_unset(facts) facts = set_version_facts_if_unset(facts) + facts = set_manageiq_facts_if_unset(facts) facts = set_aggregate_facts(facts) facts = set_etcd_facts_if_unset(facts) facts = set_container_facts_if_unset(facts) @@ -1121,7 +1148,7 @@ class OpenShiftFacts(object): common = dict(use_openshift_sdn=True, ip=ip_addr, public_ip=ip_addr, deployment_type='origin', hostname=hostname, - public_hostname=hostname, use_manageiq=True) + public_hostname=hostname) common['client_binary'] = 'oc' common['admin_binary'] = 'oadm' common['dns_domain'] = 'cluster.local' @@ -1263,14 +1290,78 @@ class OpenShiftFacts(object): del facts[key] if new_local_facts != local_facts: + self.validate_local_facts(new_local_facts) changed = True - if not module.check_mode: save_local_facts(self.filename, new_local_facts) self.changed = changed return new_local_facts + def validate_local_facts(self, facts=None): + """ Validate local facts + + Args: + facts (dict): local facts to validate + """ + invalid_facts = dict() + invalid_facts = self.validate_master_facts(facts, invalid_facts) + if invalid_facts: + msg = 'Invalid facts detected:\n' + for key in invalid_facts.keys(): + msg += '{0}: {1}\n'.format(key, invalid_facts[key]) + module.fail_json(msg=msg, + changed=self.changed) + + # disabling pylint errors for line-too-long since we're dealing + # with best effort reduction of error messages here. + # disabling errors for too-many-branches since we require checking + # many conditions. + # pylint: disable=line-too-long, too-many-branches + @staticmethod + def validate_master_facts(facts, invalid_facts): + """ Validate master facts + + Args: + facts (dict): local facts to validate + invalid_facts (dict): collected invalid_facts + + Returns: + dict: Invalid facts + """ + if 'master' in facts: + # openshift.master.session_auth_secrets + if 'session_auth_secrets' in facts['master']: + session_auth_secrets = facts['master']['session_auth_secrets'] + if not issubclass(type(session_auth_secrets), list): + invalid_facts['session_auth_secrets'] = 'Expects session_auth_secrets is a list.' + elif 'session_encryption_secrets' not in facts['master']: + invalid_facts['session_auth_secrets'] = ('openshift_master_session_encryption secrets must be set ' + 'if openshift_master_session_auth_secrets is provided.') + elif len(session_auth_secrets) != len(facts['master']['session_encryption_secrets']): + invalid_facts['session_auth_secrets'] = ('openshift_master_session_auth_secrets and ' + 'openshift_master_session_encryption_secrets must be ' + 'equal length.') + else: + for secret in session_auth_secrets: + if len(secret) < 32: + invalid_facts['session_auth_secrets'] = ('Invalid secret in session_auth_secrets. ' + 'Secrets must be at least 32 characters in length.') + # openshift.master.session_encryption_secrets + if 'session_encryption_secrets' in facts['master']: + session_encryption_secrets = facts['master']['session_encryption_secrets'] + if not issubclass(type(session_encryption_secrets), list): + invalid_facts['session_encryption_secrets'] = 'Expects session_encryption_secrets is a list.' + elif 'session_auth_secrets' not in facts['master']: + invalid_facts['session_encryption_secrets'] = ('openshift_master_session_auth_secrets must be ' + 'set if openshift_master_session_encryption_secrets ' + 'is provided.') + else: + for secret in session_encryption_secrets: + if len(secret) not in [16, 24, 32]: + invalid_facts['session_encryption_secrets'] = ('Invalid secret in session_encryption_secrets. ' + 'Secrets must be 16, 24, or 32 characters in length.') + return invalid_facts def main(): """ main """ |