Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add option proxy_headers for k8s modules #58

Merged
merged 50 commits into from
Apr 28, 2021
Merged
Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
50 commits
Select commit Hold shift + click to select a range
4094c30
add option proxy_headers for k8s modules
abikouo Apr 14, 2021
9e065f5
Update and rename 50-add-support-for-proxy_headers-on-authentication …
abikouo Apr 14, 2021
4063e51
update proxy_headers details
abikouo Apr 19, 2021
312470d
sanity test
abikouo Apr 19, 2021
2b8fef6
Update .gitignore
abikouo Apr 20, 2021
1b7bb56
Update molecule.yml
abikouo Apr 20, 2021
d66f84a
Update plugins/doc_fragments/k8s_auth_options.py
abikouo Apr 20, 2021
c6b0b9e
Update plugins/doc_fragments/k8s_auth_options.py
abikouo Apr 20, 2021
2c49612
deploy proxy on ci workflow
abikouo Apr 20, 2021
de5163d
proxy testing
abikouo Apr 20, 2021
fe431dc
linting
abikouo Apr 20, 2021
0732eb4
Update ci.yml
abikouo Apr 20, 2021
419ce8b
Update ci.yml
abikouo Apr 20, 2021
467c947
Merge branch 'main' into proxy_55
abikouo Apr 20, 2021
a40a659
Update ci.yml
abikouo Apr 20, 2021
ac782f2
add checks
abikouo Apr 20, 2021
ffbb0b5
Update ci.yml
abikouo Apr 20, 2021
2286fab
Update ci.yml
abikouo Apr 20, 2021
7880c5c
Update ci.yml
abikouo Apr 20, 2021
7e06935
Update ci.yml
abikouo Apr 20, 2021
62113c2
Update ci.yml
abikouo Apr 20, 2021
56f59d0
Update ci.yml
abikouo Apr 20, 2021
9b098f2
Update ci.yml
abikouo Apr 20, 2021
4d710dd
Update ci.yml
abikouo Apr 20, 2021
bbc2286
Update ci.yml
abikouo Apr 20, 2021
e5c1cc4
lint
abikouo Apr 20, 2021
85bf728
test docker port
abikouo Apr 21, 2021
12afaa4
bind local port
abikouo Apr 21, 2021
b9f0212
Merge remote-tracking branch 'master/main' into proxy_55
abikouo Apr 23, 2021
e6a5743
molecule for proxy
abikouo Apr 23, 2021
1518896
test
abikouo Apr 26, 2021
1c9f78d
remove curl validation
abikouo Apr 26, 2021
5893d00
remove curl validation
abikouo Apr 26, 2021
1f06e72
remove curl validation
abikouo Apr 26, 2021
346607a
remove curl validation
abikouo Apr 26, 2021
9739413
listen ports
abikouo Apr 26, 2021
0dc2081
listen ports
abikouo Apr 26, 2021
ce010eb
fake
abikouo Apr 26, 2021
4bd7413
test using script
abikouo Apr 26, 2021
d808270
add mandatory lib
abikouo Apr 26, 2021
fdac755
fix api call
abikouo Apr 26, 2021
2c28488
remove useless curl
abikouo Apr 26, 2021
5dcf570
proxy
abikouo Apr 26, 2021
72763cf
direct call
abikouo Apr 26, 2021
4a0e071
direct call
abikouo Apr 26, 2021
89bbc9d
testing full col name
abikouo Apr 26, 2021
7a5fec8
testing full col name
abikouo Apr 26, 2021
c8bee39
integration
abikouo Apr 26, 2021
e639d24
remove useless
abikouo Apr 26, 2021
ec66b67
remove integration
abikouo Apr 26, 2021
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -12,3 +12,4 @@ changelogs/.plugin-cache.yaml
# Temporary test files.
tests/output
tests/integration/cloud-config-*
.cache
abikouo marked this conversation as resolved.
Show resolved Hide resolved
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
---
minor_changes:
- add ``proxy_headers`` option for authentication on k8s_xxx modules (https://github.com/ansible-collections/kubernetes.core/pull/58).
10 changes: 10 additions & 0 deletions molecule/default/molecule.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,16 @@ lint: |
flake8
platforms:
- name: instance-kind
image: sameersbn/squid:3.5.27-2
abikouo marked this conversation as resolved.
Show resolved Hide resolved
exposed_ports:
- 3128/tcp
published_ports:
- 0.0.0.0:3128:3128/tcp
volumes:
- squid.passwd:/etc/squid/passwd
- squid.conf:/etc/squid/squid.conf
privileged: true

provisioner:
name: ansible
log: true
Expand Down
22 changes: 22 additions & 0 deletions plugins/doc_fragments/k8s_auth_options.py
Original file line number Diff line number Diff line change
Expand Up @@ -75,6 +75,28 @@ class ModuleDocFragment(object):
- The URL of an HTTP proxy to use for the connection. Can also be specified via K8S_AUTH_PROXY environment variable.
- Please note that this module does not pick up typical proxy settings from the environment (e.g. HTTP_PROXY).
type: str
proxy_headers:
description:
- The login for the HTTP proxy.
abikouo marked this conversation as resolved.
Show resolved Hide resolved
- Documentation can be found here 'https://urllib3.readthedocs.io/en/latest/reference/urllib3.util.html?highlight=proxy_headers#urllib3.util.make_headers'
abikouo marked this conversation as resolved.
Show resolved Hide resolved
type: dict
version_added: 2.0.0
suboptions:
proxy_basic_auth:
type: str
description:
- Colon-separated username:password string for ‘proxy-authorization: basic …’ auth header.
- Can also be specified via K8S_AUTH_PROXY_HEADERS_PROXY_BASIC_AUTH environment.
basic_auth:
type: str
description:
- Colon-separated username:password string for ‘authorization: basic …’ auth header.
- Can also be specified via K8S_AUTH_PROXY_HEADERS_BASIC_AUTH environment.
user_agent:
type: str
description:
- String representing the user-agent you want, such as “foo/1.0”.
- Can also be specified via K8S_AUTH_PROXY_HEADERS_USER_AGENT environment.
persist_config:
description:
- Whether or not to save the kube config refresh tokens.
Expand Down
11 changes: 11 additions & 0 deletions plugins/module_utils/args_common.py
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,12 @@ def list_dict_str(value):
raise TypeError


AUTH_PROXY_HEADERS_SPEC = dict(
proxy_basic_auth=dict(type='str', no_log=True),
basic_auth=dict(type='str', no_log=True),
user_agent=dict(type='str')
)

AUTH_ARG_SPEC = {
'kubeconfig': {
'type': 'path',
Expand Down Expand Up @@ -43,6 +49,10 @@ def list_dict_str(value):
'proxy': {
'type': 'str',
},
'proxy_headers': {
'type': 'dict',
'options': AUTH_PROXY_HEADERS_SPEC
},
'persist_config': {
'type': 'bool',
},
Expand Down Expand Up @@ -76,6 +86,7 @@ def list_dict_str(value):
'cert_file': 'client_cert',
'key_file': 'client_key',
'proxy': 'proxy',
'proxy_headers': 'proxy_headers',
'persist_config': 'persist_config',
}

Expand Down
17 changes: 15 additions & 2 deletions plugins/module_utils/common.py
Original file line number Diff line number Diff line change
Expand Up @@ -26,15 +26,14 @@
from datetime import datetime
from distutils.version import LooseVersion

from ansible_collections.kubernetes.core.plugins.module_utils.args_common import (AUTH_ARG_MAP, AUTH_ARG_SPEC)
from ansible_collections.kubernetes.core.plugins.module_utils.args_common import (AUTH_ARG_MAP, AUTH_ARG_SPEC, AUTH_PROXY_HEADERS_SPEC)

from ansible.module_utils.basic import AnsibleModule, missing_required_lib
from ansible.module_utils.six import iteritems, string_types
from ansible.module_utils._text import to_native, to_bytes, to_text
from ansible.module_utils.common.dict_transformations import dict_merge
from ansible.module_utils.parsing.convert_bool import boolean


K8S_IMP_ERR = None
try:
import kubernetes
Expand Down Expand Up @@ -133,6 +132,17 @@ def _raise_or_fail(exc, msg):
auth[true_name] = module.params.get(arg_name)
elif arg_name in kwargs and kwargs.get(arg_name) is not None:
auth[true_name] = kwargs.get(arg_name)
elif arg_name == "proxy_headers":
# specific case for 'proxy_headers' which is a dictionary
proxy_headers = {}
for key in AUTH_PROXY_HEADERS_SPEC.keys():
env_value = os.getenv('K8S_AUTH_PROXY_HEADERS_{0}'.format(key.upper()), None)
if env_value is not None:
if AUTH_PROXY_HEADERS_SPEC[key].get('type') == 'bool':
env_value = env_value.lower() not in ['0', 'false', 'no']
proxy_headers[key] = env_value
if proxy_headers is not {}:
auth[true_name] = proxy_headers
else:
env_value = os.getenv('K8S_AUTH_{0}'.format(arg_name.upper()), None) or os.getenv('K8S_AUTH_{0}'.format(true_name.upper()), None)
if env_value is not None:
Expand Down Expand Up @@ -173,6 +183,9 @@ def auth_set(*names):
if key in AUTH_ARG_MAP.keys() and value is not None:
if key == 'api_key':
setattr(configuration, key, {'authorization': "Bearer {0}".format(value)})
elif key == 'proxy_headers':
headers = urllib3.make_headers(**value)
setattr(configuration, key, headers)
else:
setattr(configuration, key, value)

Expand Down