Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

jenkins_job - added validate_certs parameter, setting the PYTHONHTTPSVERIFY env var #1977

Merged
merged 4 commits into from
Mar 11, 2021
Merged

jenkins_job - added validate_certs parameter, setting the PYTHONHTTPSVERIFY env var #1977

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
859e0d9
added validate_certs parameter, setting the PYTHONHTTPSVERIFY env var
russoz Mar 7, 2021
22c9632
added changelog fragment
russoz Mar 7, 2021
c0d7d2c
Update plugins/modules/web_infrastructure/jenkins_job.py
russoz Mar 7, 2021
04b16df
Update plugins/modules/web_infrastructure/jenkins_job.py
russoz Mar 11, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions changelogs/fragments/1977-jenkinsjob-validate-certs.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
minor_changes:
- jenkins_job - add a ``validate_certs`` parameter that allows disabling TLS/SSL certificate validation (https://github.com/ansible-collections/community.general/issues/255).
29 changes: 19 additions & 10 deletions plugins/modules/web_infrastructure/jenkins_job.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@
from __future__ import absolute_import, division, print_function
__metaclass__ = type


DOCUMENTATION = '''
---
module: jenkins_job
Expand Down Expand Up @@ -65,6 +64,14 @@
description:
- User to authenticate with the Jenkins server.
required: false
validate_certs:
type: bool
default: yes
description:
- If set to C(no), the SSL certificates will not be validated.
This should only set to C(no) used on personally controlled sites
using self-signed certificates as it avoids verifying the source site.
- The C(python-jenkins) library only handles this by using the environment variable C(PYTHONHTTPSVERIFY).
russoz marked this conversation as resolved.
Show resolved Hide resolved
'''

EXAMPLES = '''
Expand Down Expand Up @@ -146,6 +153,7 @@
sample: https://jenkins.mydomain.com
'''

import os
import traceback
import xml.etree.ElementTree as ET

Expand All @@ -161,7 +169,7 @@
from ansible.module_utils._text import to_native


class JenkinsJob:
class JenkinsJob(object):

def __init__(self, module):
self.module = module
Expand Down Expand Up @@ -189,14 +197,16 @@ def __init__(self, module):
}

self.EXCL_STATE = "excluded state"
if not module.params['validate_certs']:
os.environ['PYTHONHTTPSVERIFY'] = '0'

def get_jenkins_connection(self):
try:
if (self.user and self.password):
if self.user and self.password:
return jenkins.Jenkins(self.jenkins_url, self.user, self.password)
elif (self.user and self.token):
elif self.user and self.token:
return jenkins.Jenkins(self.jenkins_url, self.user, self.token)
elif (self.user and not (self.password or self.token)):
elif self.user and not (self.password or self.token):
return jenkins.Jenkins(self.jenkins_url, self.user)
else:
return jenkins.Jenkins(self.jenkins_url)
Expand Down Expand Up @@ -256,9 +266,7 @@ def has_state_changed(self, status):
if self.enabled is None:
return False

if ((self.enabled is False and status != "disabled") or (self.enabled is True and status == "disabled")):
return True
return False
return (self.enabled is False and status != "disabled") or (self.enabled is True and status == "disabled")
russoz marked this conversation as resolved.
Show resolved Hide resolved

def switch_state(self):
if self.enabled is False:
Expand All @@ -277,7 +285,7 @@ def update_job(self):
self.server.reconfig_job(self.name, self.get_config())

# Handle job disable/enable
elif (status != self.EXCL_STATE and self.has_state_changed(status)):
elif status != self.EXCL_STATE and self.has_state_changed(status):
self.result['changed'] = True
if not self.module.check_mode:
self.switch_state()
Expand Down Expand Up @@ -342,7 +350,8 @@ def main():
enabled=dict(required=False, type='bool'),
token=dict(type='str', required=False, no_log=True),
url=dict(type='str', required=False, default="http://localhost:8080"),
user=dict(type='str', required=False)
user=dict(type='str', required=False),
validate_certs=dict(type='bool', default=True),
),
mutually_exclusive=[
['password', 'token'],
Expand Down