3 files changed, 277 insertions, 0 deletions

diff --git a/library/kubeclient_ca.py b/library/kubeclient_ca.py
new file mode 100644
index 000000000..a89a5574f
--- /dev/null
+++ b/library/kubeclient_ca.py
@@ -0,0 +1,88 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+''' kubeclient_ca ansible module '''
+
+import base64
+import yaml
+from ansible.module_utils.basic import AnsibleModule
+
+
+DOCUMENTATION = '''
+---
+module: kubeclient_ca
+short_description: Modify kubeclient certificate-authority-data
+author: Andrew Butcher
+requirements: [ ]
+'''
+EXAMPLES = '''
+- kubeclient_ca:
+    client_path: /etc/origin/master/admin.kubeconfig
+    ca_path: /etc/origin/master/ca-bundle.crt
+
+- slurp:
+    src: /etc/origin/master/ca-bundle.crt
+  register: ca_data
+- kubeclient_ca:
+    client_path: /etc/origin/master/admin.kubeconfig
+    ca_data: "{{ ca_data.content }}"
+'''
+
+
+def main():
+    ''' Modify kubeconfig located at `client_path`, setting the
+        certificate authority data to specified `ca_data` or contents of
+        `ca_path`.
+    '''
+
+    module = AnsibleModule(  # noqa: F405
+        argument_spec=dict(
+            client_path=dict(required=True),
+            ca_data=dict(required=False, default=None),
+            ca_path=dict(required=False, default=None),
+            backup=dict(required=False, default=True, type='bool'),
+        ),
+        supports_check_mode=True,
+        mutually_exclusive=[['ca_data', 'ca_path']],
+        required_one_of=[['ca_data', 'ca_path']]
+    )
+
+    client_path = module.params['client_path']
+    ca_data = module.params['ca_data']
+    ca_path = module.params['ca_path']
+    backup = module.params['backup']
+
+    try:
+        with open(client_path) as client_config_file:
+            client_config_data = yaml.safe_load(client_config_file.read())
+
+        if ca_data is None:
+            with open(ca_path) as ca_file:
+                ca_data = base64.standard_b64encode(ca_file.read())
+
+        changes = []
+        # Naively update the CA information for each cluster in the
+        # kubeconfig.
+        for cluster in client_config_data['clusters']:
+            if cluster['cluster']['certificate-authority-data'] != ca_data:
+                cluster['cluster']['certificate-authority-data'] = ca_data
+                changes.append(cluster['name'])
+
+        if not module.check_mode:
+            if len(changes) > 0 and backup:
+                module.backup_local(client_path)
+
+            with open(client_path, 'w') as client_config_file:
+                client_config_string = yaml.dump(client_config_data, default_flow_style=False)
+                client_config_string = client_config_string.replace('\'\'', '""')
+                client_config_file.write(client_config_string)
+
+        return module.exit_json(changed=(len(changes) > 0))
+
+    # ignore broad-except error to avoid stack trace to ansible user
+    # pylint: disable=broad-except
+    except Exception as error:
+        return module.fail_json(msg=str(error))
+
+
+if __name__ == '__main__':
+    main()
diff --git a/library/modify_yaml.py b/library/modify_yaml.py
new file mode 100755
index 000000000..9b8f9ba33
--- /dev/null
+++ b/library/modify_yaml.py
@@ -0,0 +1,117 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+''' modify_yaml ansible module '''
+
+import yaml
+
+# ignore pylint errors related to the module_utils import
+# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import
+from ansible.module_utils.basic import *  # noqa: F402,F403
+
+
+DOCUMENTATION = '''
+---
+module: modify_yaml
+short_description: Modify yaml key value pairs
+author: Andrew Butcher
+requirements: [ ]
+'''
+EXAMPLES = '''
+- modify_yaml:
+    dest: /etc/origin/master/master-config.yaml
+    yaml_key: 'kubernetesMasterConfig.masterCount'
+    yaml_value: 2
+'''
+
+
+def set_key(yaml_data, yaml_key, yaml_value):
+    ''' Updates a parsed yaml structure setting a key to a value.
+
+        :param yaml_data: yaml structure to modify.
+        :type yaml_data: dict
+        :param yaml_key: Key to modify.
+        :type yaml_key: mixed
+        :param yaml_value: Value use for yaml_key.
+        :type yaml_value: mixed
+        :returns: Changes to the yaml_data structure
+        :rtype: dict(tuple())
+    '''
+    changes = []
+    ptr = yaml_data
+    final_key = yaml_key.split('.')[-1]
+    for key in yaml_key.split('.'):
+        # Key isn't present and we're not on the final key. Set to empty dictionary.
+        if key not in ptr and key != final_key:
+            ptr[key] = {}
+            ptr = ptr[key]
+        # Current key is the final key. Update value.
+        elif key == final_key:
+            if (key in ptr and module.safe_eval(ptr[key]) != yaml_value) or (key not in ptr):  # noqa: F405
+                ptr[key] = yaml_value
+                changes.append((yaml_key, yaml_value))
+        else:
+            # Next value is None and we're not on the final key.
+            # Turn value into an empty dictionary.
+            if ptr[key] is None and key != final_key:
+                ptr[key] = {}
+            ptr = ptr[key]
+    return changes
+
+
+def main():
+    ''' Modify key (supplied in jinja2 dot notation) in yaml file, setting
+        the key to the desired value.
+    '''
+
+    # disabling pylint errors for global-variable-undefined and invalid-name
+    # for 'global module' usage, since it is required to use ansible_facts
+    # pylint: disable=global-variable-undefined, invalid-name,
+    # redefined-outer-name
+    global module
+
+    module = AnsibleModule(  # noqa: F405
+        argument_spec=dict(
+            dest=dict(required=True),
+            yaml_key=dict(required=True),
+            yaml_value=dict(required=True),
+            backup=dict(required=False, default=True, type='bool'),
+        ),
+        supports_check_mode=True,
+    )
+
+    dest = module.params['dest']
+    yaml_key = module.params['yaml_key']
+    yaml_value = module.safe_eval(module.params['yaml_value'])
+    backup = module.params['backup']
+
+    # Represent null values as an empty string.
+    # pylint: disable=missing-docstring, unused-argument
+    def none_representer(dumper, data):
+        return yaml.ScalarNode(tag=u'tag:yaml.org,2002:null', value=u'')
+
+    yaml.add_representer(type(None), none_representer)
+
+    try:
+        with open(dest) as yaml_file:
+            yaml_data = yaml.safe_load(yaml_file.read())
+
+        changes = set_key(yaml_data, yaml_key, yaml_value)
+
+        if len(changes) > 0:
+            if backup:
+                module.backup_local(dest)
+            with open(dest, 'w') as yaml_file:
+                yaml_string = yaml.dump(yaml_data, default_flow_style=False)
+                yaml_string = yaml_string.replace('\'\'', '""')
+                yaml_file.write(yaml_string)
+
+        return module.exit_json(changed=(len(changes) > 0), changes=changes)
+
+    # ignore broad-except error to avoid stack trace to ansible user
+    # pylint: disable=broad-except
+    except Exception as error:
+        return module.fail_json(msg=str(error))
+
+
+if __name__ == '__main__':
+    main()
diff --git a/library/rpm_q.py b/library/rpm_q.py
new file mode 100644
index 000000000..3dec50fc2
--- /dev/null
+++ b/library/rpm_q.py
@@ -0,0 +1,72 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+
+# (c) 2015, Tobias Florek <tob@butter.sh>
+# Licensed under the terms of the MIT License
+"""
+An ansible module to query the RPM database. For use, when yum/dnf are not
+available.
+"""
+
+# pylint: disable=redefined-builtin,wildcard-import,unused-wildcard-import
+from ansible.module_utils.basic import *  # noqa: F403
+
+DOCUMENTATION = """
+---
+module: rpm_q
+short_description: Query the RPM database
+author: Tobias Florek
+options:
+  name:
+    description:
+    - The name of the package to query
+    required: true
+  state:
+    description:
+    - Whether the package is supposed to be installed or not
+    choices: [present, absent]
+    default: present
+"""
+
+EXAMPLES = """
+- rpm_q: name=ansible state=present
+- rpm_q: name=ansible state=absent
+"""
+
+RPM_BINARY = '/bin/rpm'
+
+
+def main():
+    """
+    Checks rpm -q for the named package and returns the installed packages
+    or None if not installed.
+    """
+    module = AnsibleModule(  # noqa: F405
+        argument_spec=dict(
+            name=dict(required=True),
+            state=dict(default='present', choices=['present', 'absent'])
+        ),
+        supports_check_mode=True
+    )
+
+    name = module.params['name']
+    state = module.params['state']
+
+    # pylint: disable=invalid-name
+    rc, out, err = module.run_command([RPM_BINARY, '-q', name])
+
+    installed = out.rstrip('\n').split('\n')
+
+    if rc != 0:
+        if state == 'present':
+            module.fail_json(msg="%s is not installed" % name, stdout=out, stderr=err, rc=rc)
+        else:
+            module.exit_json(changed=False)
+    elif state == 'present':
+        module.exit_json(changed=False, installed_versions=installed)
+    else:
+        module.fail_json(msg="%s is installed", installed_versions=installed)
+
+
+if __name__ == '__main__':
+    main()