forked from rundeck-plugins/py-winrm-plugin
-
Notifications
You must be signed in to change notification settings - Fork 0
/
plugin.yaml
515 lines (515 loc) · 20 KB
/
plugin.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
name: "@name@"
rundeckPluginVersion: 2.0
author: "@author@"
date: "@date@"
version: "@version@"
url: "@url@"
description: "Python WINRM node executor and file copier"
rundeckCompatibilityVersion: "3.x"
targetHostCompatibility: "all"
license: "Apache 2.0"
tags:
- script
- NodeExecutor
- FileCopier
providers:
- name: WinRMPython
title: WinRM Node Executor Python
description: Executing Scripts or Commands on remote Windows computer
service: NodeExecutor
plugin-type: script
script-interpreter: ${config.interpreter} -u
script-file: winrm-exec.py
script-args: ${node.hostname}
config:
- name: interpreter
title: Python Interpreter
description: "Python Interpreter (Default: python)"
type: Select
values: "python,python2,python3"
default: "python"
required: true
scope: Instance
- name: authtype
title: Authentication Type
description: "Authentication Type. It can be overwriting at node level using `winrm-authtype`"
type: Select
values: "basic,credssp,ntlm,kerberos"
default: "basic"
required: true
scope: Instance
renderingOptions:
groupName: Authentication
instance-scope-node-attribute: "winrm-authtype"
- name: nossl
title: No SSL Verification
description: "When set to true ssl certificate validation is not performed. It can be overwriting at node level using `winrm-nossl`"
type: Select
values: "true, false"
default: "false"
required: true
scope: Instance
renderingOptions:
groupName: Connection
instance-scope-node-attribute: "winrm-nossl"
- name: disabletls12
title: Disable TLS 1.2
description: "Disable TLS 1.2 in order to run over TLS 1.0"
type: Boolean
default: "false"
required: true
scope: Instance
renderingOptions:
groupName: Connection
instance-scope-node-attribute: "winrm-disable-tls-12"
- name: winrmtransport
title: WinRM Transport Protocol
description: "WinRM transport protocol (http or https). It can be overwriting at node level using `winrm-transport`"
type: Select
default: "http"
values: "http, https"
required: true
scope: Instance
renderingOptions:
groupName: Connection
instance-scope-node-attribute: "winrm-transport"
- name: winrmport
title: WinRM Port
description: "WinRM port (Default: 5985/5986 for http/https). It can be overwriting at node level using `winrm-port`"
type: String
default: "5985"
required: true
scope: Instance
renderingOptions:
groupName: Connection
instance-scope-node-attribute: "winrm-port"
- name: certpath
title: Certificate Path
description: "Certificate path for ssl verification. It can be overwriting at node level using `winrm-certpath`"
type: String
required: false
scope: Instance
renderingOptions:
groupName: Connection
instance-scope-node-attribute: "winrm-certpath"
- name: readtimeout
title: connect/read times out
description: "maximum seconds to wait before an HTTP connect/read times out (default 30). This value should be slightly higher than operation timeout, as the server can block *at least* that long. It can be overwriting at node level using `winrm-readtimeout`"
type: String
required: false
scope: Instance
renderingOptions:
groupName: Connection
instance-scope-node-attribute: "winrm-readtimeout"
- name: winrmproxy
title: Proxy
description: "Specify a proxy address for communicating with Windows nodes. Example HTTP proxy strings are http://server:port and http://user:pass@server:port. An example SOCKS5 proxy string is socks5://user:pass@server:port."
type: String
required: false
scope: Instance
renderingOptions:
groupName: Connection
instance-scope-node-attribute: "winrm-proxy"
- name: operationtimeout
title: operation timeout
description: "maximum allowed time in seconds for any single wsman HTTP operation (default 20). Note that operation timeouts while receiving output (the only wsman operation that should take any significant time, and where these timeouts are expected) will be silently retried indefinitely. It can be overwriting at node level using `winrm-operationtimeout`"
type: String
required: false
scope: Instance
renderingOptions:
groupName: Connection
instance-scope-node-attribute: "winrm-operationtimeout"
- name: shell
title: Shell
description: "Windows Shell interpreter. It can be overwriting at node level using `winrm-shell`"
type: Select
values: "cmd, powershell"
default: 'powershell'
required: true
scope: Instance
renderingOptions:
groupName: Connection
instance-scope-node-attribute: "winrm-shell"
- name: exitbehaviour
title: Script Exit Behaviour
description: "Script Exit Behaviour. console: if the std error console has data (default), the process fails. exitcode: script won't fail by default, the user must control the exit code (eg: using try/catch block). See https://github.com/rundeck-plugins/py-winrm-plugin/tree/master#running-scripts"
type: Select
values: "console, exitcode"
default: "console"
required: true
renderingOptions:
groupName: Connection
- name: username
title: Username
type: String
required: false
description: "Optional username. The username can be set at node level (using the attribute `username`) or at job level (using an input option called `username`)."
scope: Instance
renderingOptions:
groupName: Authentication
- name: password_storage_path
title: Password Storage Path
type: String
required: false
description: "Optional storage password path. Can contain property references to node attributes. A node attribute named winrm-password-storage-path will override this value. Also, it can be set at job level using the option name `winrmpassword`"
scope: Instance
renderingOptions:
groupName: Authentication
selectionAccessor: "STORAGE_PATH"
valueConversion: "STORAGE_PATH_AUTOMATIC_READ"
storage-path-root: "keys"
instance-scope-node-attribute: "winrm-password-storage-path"
- name: krb5config
title: krb5 Config File
description: "Path of krb5.conf file"
type: String
default: '/etc/krb5.conf'
required: false
renderingOptions:
groupName: Kerberos
- name: kinit
title: Kinit Command
description: "Kinit Command"
type: String
default: 'kinit'
required: false
renderingOptions:
groupName: Kerberos
- name: krbdelegation
title: Kerberos Delegations
description: "Kerberos Delegation: if True, TGT is sent to target server to allow multiple hops"
type: Boolean
default: "false"
required: false
renderingOptions:
groupName: Kerberos
- name: cleanescaping
title: Clean Escaping
description: "Cleans unnecessarily Escaped characters on commands"
type: Boolean
default: "false"
required: false
renderingOptions:
groupName: Misc
instance-scope-node-attribute: "clean-escaping"
- name: enabledhttpdebug
title: Enable HTTP logging in debug mode
description: "Print extra http logging in debug mode"
type: Boolean
default: "false"
required: true
scope: Instance
renderingOptions:
groupName: Connection
instance-scope-node-attribute: "winrm-enable-http-logging"
- name: retryconnection
title: Retry connection
description: "Retry the connection to the node if the connection fails. It can be overwriting at node level using `winrm-retry-connection`"
type: Integer
default: "1"
required: false
scope: Instance
renderingOptions:
groupName: Connection
instance-scope-node-attribute: "winrm-retry-connection"
- name: retryconnectiondelay
title: Retry connection delay
description: "Delay between each retry atten (seconds). It can be overwriting at node level using `winrm-retry-connection-delay`"
type: Integer
default: "10"
required: false
scope: Instance
renderingOptions:
groupName: Connection
instance-scope-node-attribute: "winrm-retry-connection-delay"
- name: WinRMcpPython
title: WinRM Python File Copier
description: Copying files to remote Windows computer
service: FileCopier
plugin-type: script
script-interpreter: ${config.interpreter} -u
script-file: winrm-filecopier.py
script-args: ${node.hostname} ${file-copy.file} ${file-copy.destination}
config:
- name: interpreter
title: Python Interpreter
description: "Python Interpreter (Default: python)"
type: Select
values: "python,python2,python3"
default: "python"
required: true
scope: Instance
- name: authtype
title: Authentication Type
description: "Authentication Type. It can be overwriting at node level using `winrm-authtype`"
type: Select
values: "basic,credssp,ntlm,kerberos"
default: "basic"
required: true
scope: Instance
renderingOptions:
groupName: Authentication
instance-scope-node-attribute: "winrm-authtype"
- name: nossl
title: No SSL Verification
description: "When set to true ssl certificate validation is not performed. It can be overwriting at node level using `winrm-nossl`"
type: Select
values: "true, false"
default: "false"
required: true
scope: Instance
renderingOptions:
groupName: Connection
instance-scope-node-attribute: "winrm-nossl"
- name: disabletls12
title: Disable TLS 1.2
description: "Disable TLS 1.2 in order to run over TLS 1.0"
type: Boolean
default: "false"
required: true
scope: Instance
renderingOptions:
groupName: Connection
instance-scope-node-attribute: "winrm-disable-tls-12"
- name: winrmtransport
title: WinRM Transport Protocol
description: "WinRM transport protocol (Default: http or https when ssl is selected for Authentication type). It can be overwriting at node level using `winrm-transport`"
type: Select
default: "http"
values: "http, https"
required: true
scope: Instance
renderingOptions:
groupName: Connection
instance-scope-node-attribute: "winrm-transport"
- name: winrmport
title: WinRM Port
description: "WinRM port (Default: 5985/5986 for http/https). It can be overwriting at node level using `winrm-port`"
type: String
default: "5985"
required: true
scope: Instance
renderingOptions:
groupName: Connection
instance-scope-node-attribute: "winrm-port"
- name: certpath
title: Certificate Path
description: "Certificate path for ssl verification. It can be overwriting at node level using `winrm-certpath`"
type: String
required: false
scope: Instance
renderingOptions:
groupName: Connection
instance-scope-node-attribute: "winrm-certpath"
- name: readtimeout
title: connect/read times out
description: "maximum seconds to wait before an HTTP connect/read times out (default 30). This value should be slightly higher than operation timeout, as the server can block *at least* that long. It can be overwriting at node level using `winrm-readtimeout`"
type: String
required: false
scope: Instance
renderingOptions:
groupName: Connection
instance-scope-node-attribute: "winrm-readtimeout"
- name: operationtimeout
title: operation timeout
description: "maximum allowed time in seconds for any single wsman HTTP operation (default 20). Note that operation timeouts while receiving output (the only wsman operation that should take any significant time, and where these timeouts are expected) will be silently retried indefinitely. It can be overwriting at node level using `winrm-operationtimeout`"
type: String
required: false
scope: Instance
renderingOptions:
groupName: Connection
instance-scope-node-attribute: "winrm-operationtimeout"
- name: username
title: Username
type: String
required: false
description: "Optional username. The username can be set at node level (using the attribute `username`) or at job level (using an input option called `username`)."
scope: Instance
renderingOptions:
groupName: Authentication
- name: password_storage_path
title: Password Storage Path
type: String
required: false
description: "Optional storage password path. Can contain property references to node attributes. A node attribute named winrm-password-storage-path will override this value. Also, it can be set at job level using the option name `winrmpassword`"
scope: Instance
renderingOptions:
groupName: Authentication
selectionAccessor: "STORAGE_PATH"
valueConversion: "STORAGE_PATH_AUTOMATIC_READ"
storage-path-root: "keys"
instance-scope-node-attribute: "winrm-password-storage-path"
- type: Boolean
name: debug
title: Debug?
description: 'Write debug messages'
- type: Boolean
name: override
title: Override?
description: 'Overrides the file on the remote server if it already exists'
- name: krb5config
title: krb5 Config File
description: "Path of krb5.conf file"
type: String
default: '/etc/krb5.conf'
required: false
renderingOptions:
groupName: Kerberos
- name: kinit
title: Kinit Command
description: "Kinit Command"
type: String
default: 'kinit'
required: false
renderingOptions:
groupName: Kerberos
- name: krbdelegation
title: Kerberos Delegations
description: "Kerberos Delegation: if True, TGT is sent to target server to allow multiple hops"
type: Boolean
default: "false"
required: false
renderingOptions:
groupName: Kerberos
- name: winrmproxy
title: Proxy
description: "Specify a proxy address for communicating with Windows nodes. Example HTTP proxy strings are http://server:port and http://user:pass@server:port. An example SOCKS5 proxy string is socks5://user:pass@server:port."
type: String
required: false
scope: Instance
renderingOptions:
groupName: Connection
instance-scope-node-attribute: "winrm-proxy"
- name: enabledhttpdebug
title: Enable HTTP logging in debug mode
description: "Print extra http logging in debug mode"
type: Boolean
default: "false"
required: true
scope: Instance
renderingOptions:
groupName: Connection
instance-scope-node-attribute: "winrm-enable-http-logging"
- name: retryconnection
title: Retry connection
description: "Retry the connection to the node if the connection fails. It can be overwriting at node level using `winrm-retry-connection`"
type: Integer
default: "1"
required: false
scope: Instance
renderingOptions:
groupName: Connection
instance-scope-node-attribute: "winrm-retry-connection"
- name: retryconnectiondelay
title: Retry connection delay
description: "Delay between each retry atten (seconds). It can be overwriting at node level using `winrm-retry-connection-delay`"
type: Integer
default: "10"
required: false
scope: Instance
renderingOptions:
groupName: Connection
instance-scope-node-attribute: "winrm-retry-connection-delay"
- name: WinRMCheck
title: WinRM Check Step
description: Check the connection with a remote node using winrm-python
service: WorkflowStep
plugin-type: script
script-interpreter: ${config.interpreter} -u
script-file: winrm-check.py
script-args: --username ${config.username} --hostname ${config.hostname} --password ${config.password_storage_path} --authentication ${config.authtype} --transport ${config.winrmtransport} --port ${config.winrmport} --nossl ${config.nossl} --debug ${config.debug} --certpath ${config.certpath}
config:
- name: interpreter
title: Python Interpreter
description: "Python Interpreter (Default: python)"
type: Select
values: "python,python2,python3"
default: "python"
required: true
scope: Instance
- name: hostname
title: Hostname
description: "Window's Hostname"
type: String
required: true
- name: authtype
title: Authentication Type
description: "Authentication Type"
type: Select
values: "basic,credssp,ntlm,kerberos"
default: "basic"
required: true
- name: winrmtransport
title: WinRM Transport Protocol
description: "WinRM transport protocol (http or https)"
type: Select
default: "http"
values: "http, https"
required: true
scope: Instance
- name: nossl
title: No SSL Verification
description: "When set to true ssl certificate validation is not performed"
type: Select
values: "true, false"
default: "false"
required: true
- name: disabletls12
title: Disable TLS 1.2
description: "Disable TLS 1.2 in order to run over TLS 1.0"
type: Boolean
default: "false"
required: true
- name: winrmport
title: WinRM Port
description: "WinRM port (Default: 5985/5986 for http/https)"
type: String
default: "5985"
required: true
- name: certpath
title: Certificate Path
description: "Certificate path for ssl verification"
type: String
required: false
- name: username
title: Username
description: "Username from window box"
type: String
required: true
- name: password_storage_path
title: Password Storage Path
type: String
required: true
description: "Password storage password path."
renderingOptions:
selectionAccessor: "STORAGE_PATH"
valueConversion: "STORAGE_PATH_AUTOMATIC_READ"
storage-path-root: "keys"
- type: Boolean
name: debug
title: Debug?
description: 'Write debug messages'
- name: krb5config
title: krb5 Config File
description: "Path of krb5.conf file"
type: String
default: '/etc/krb5.conf'
required: false
renderingOptions:
groupName: Kerberos
- name: kinit
title: Kinit Command
description: "Kinit Command"
type: String
default: 'kinit'
required: false
renderingOptions:
groupName: Kerberos
- name: krbdelegation
title: Kerberos Delegations
description: "Kerberos Delegation: if True, TGT is sent to target server to allow multiple hops"
type: Boolean
default: "false"
required: false
renderingOptions:
groupName: Kerberos