Merge pull request #11326 from jstuever/byoh222

Consolidate everything into openshift_node role

playbooks/init/base_packages.yml

@@ -1,46 +0,0 @@
----
-# l_base_packages_hosts may be passed in via prerequisites.yml during scaleup plays
-# and upgrade_control_plane.yml upgrade plays.
-
-- name: Install packages necessary for installer
-  hosts: "{{ l_base_packages_hosts | default('oo_all_hosts') }}"
-  any_errors_fatal: true
-  tasks:
-  - name: Determine if chrony is installed
-    command: rpm -q chrony
-    failed_when: false
-    register: chrony_installed
-
-  - name: Install ntp package
-    package:
-      name: ntp
-      state: present
-    when:
-    - openshift_clock_enabled | default(True) | bool
-    - chrony_installed.rc != 0
-    register: result
-    until: result is succeeded
-
-  - name: Start and enable ntpd/chronyd
-    command: timedatectl set-ntp true
-    when: openshift_clock_enabled | default(True) | bool
-
-  - name: Ensure openshift-ansible installer package deps are installed
-    package:
-      name: "{{ pkg_list | join(',') }}"
-      state: present
-    vars:
-      pkg_list_temp:
-      - iproute
-      - "{{ 'python3-dbus' if ansible_distribution == 'Fedora' else 'dbus-python' }}"
-      - "{{ 'python3-PyYAML' if ansible_distribution == 'Fedora' else 'PyYAML' }}"
-      - libsemanage-python
-      - yum-utils
-      - "{{ 'python3-docker' if ansible_distribution == 'Fedora' else 'python-docker-py' }}"
-      - systemd-journal-gateway
-      pkg_list_non_fedora:
-      - 'python-ipaddress'
-      pkg_list_use_non_fedora: "{{ ansible_distribution != 'Fedora' | bool }}"
-      pkg_list: "{{ pkg_list_non_fedora | ternary(pkg_list_non_fedora, []) + pkg_list_temp }}"
-    register: result
-    until: result is succeeded

playbooks/init/basic_facts.yml

@@ -1,96 +0,0 @@
----
-- name: Ensure that all non-node hosts are accessible
-  hosts: oo_masters_to_config:oo_etcd_to_config:oo_lb_to_config:oo_nfs_to_config
-  any_errors_fatal: true
-  tasks:
-
-- name: Initialize basic host facts
-  # l_init_fact_hosts is passed in via play during control-plane-only
-  # upgrades and scale-up plays; otherwise oo_all_hosts is used.
-  hosts: "{{ l_init_fact_hosts | default('oo_all_hosts') }}"
-  tasks:
-
-  - name: Detect OS Variant from /etc/os-release
-    fail:
-      msg: Atomic Host installations are no longer supported
-    when: lookup('ini', 'VARIANT_ID type=properties file=/etc/os-release') == 'atomic.host'
-
-  # TODO(michaelgugino) remove this line once CI is updated.
-  - name: set openshift_deployment_type if unset
-    set_fact:
-      openshift_deployment_type: "{{ deployment_type }}"
-      openshift_is_atomic: False
-    when:
-    - openshift_deployment_type is undefined
-    - deployment_type is defined
-
-- name: Read API URL from infra config
-  hosts: "{{ l_init_fact_hosts | default('nodes') }}"
-  tasks:
-  - name: Read cluster config
-    k8s_facts:
-      kubeconfig: "{{ kubeconfig_path }}"
-      kind: Infrastructure
-      name: cluster
-    register: clustercfg
-    when: kubeconfig_path is defined
-    until:
-    - clustercfg.resources is defined
-    - clustercfg.resources | length > 0
-    - clustercfg.resources[0].status is defined
-    - clustercfg.resources[0].status.apiServerURL is defined
-    retries: 36
-    delay: 5
-    delegate_to: localhost
-  - name: Set fact openshift_api_prefix
-    set_fact:
-      openshift_api_prefix: "{{ clustercfg.resources[0].status.apiServerURL.split(':')[0:-1] | join(':') }}"
-
-- name: Set worker openshift_bootstrap_endpoint if not already defined
-  hosts: "{{ l_init_fact_hosts | default('nodes') }}:!masters:!bootstrap"
-  tasks:
-  - set_fact:
-      openshift_bootstrap_endpoint: "{{ openshift_api_prefix }}:22623/config/worker"
-    when:
-    - kubeconfig_path is defined
-    - openshift_bootstrap_endpoint is not defined
-
-- name: Set master openshift_bootstrap_endpoint if not already defined
-  hosts: "{{ l_init_fact_hosts | default('nodes') }}:&masters"
-  tasks:
-  - set_fact:
-      openshift_bootstrap_endpoint: "{{ openshift_api_prefix }}:22623/config/master"
-    when:
-    - kubeconfig_path is defined
-    - openshift_bootstrap_endpoint is not defined
-
-- name: Read in openshift-install
-  hosts: "{{ l_init_fact_hosts | default('nodes') }}"
-  tasks:
-  - slurp:
-      src: "{{ openshift_install_config_path }}"
-    register: openshift_install_config_reg
-    delegate_to: localhost
-    when: openshift_install_config_path is defined
-  - name: 'set openshift_install_config if path is defined'
-    set_fact:
-      openshift_install_config: "{{ openshift_install_config_reg['content'] | b64decode | from_yaml }}"
-    when: openshift_install_config_path is defined
-
-- name: Set worker openshift_bootstrap_endpoint if not already defined
-  hosts: "{{ l_init_fact_hosts | default('nodes') }}:!masters:!bootstrap"
-  tasks:
-  - set_fact:
-      openshift_bootstrap_endpoint: "https://api.{{ openshift_install_config['metadata']['name'] }}.{{ openshift_install_config['baseDomain'] }}:22623/config/worker"
-    when:
-    - openshift_install_config_path is defined
-    - openshift_bootstrap_endpoint is not defined
-
-- name: Set master openshift_bootstrap_endpoint if not already defined
-  hosts: "{{ l_init_fact_hosts | default('nodes') }}:&masters"
-  tasks:
-  - set_fact:
-      openshift_bootstrap_endpoint: "https://api.{{ openshift_install_config['metadata']['name'] }}.{{ openshift_install_config['baseDomain'] }}:22623/config/master"
-    when:
-    - openshift_install_config_path is defined
-    - openshift_bootstrap_endpoint is not defined

playbooks/init/evaluate_groups.yml

@@ -1,138 +0,0 @@
----
-- name: Populate config host groups
-  hosts: localhost
-  connection: local
-  gather_facts: no
-  tasks:
-  - name: Load group name mapping variables
-    include_vars: vars/cluster_hosts.yml
-
-  - name: Evaluate groups - g_nfs_hosts is single host
-    fail:
-      msg: The nfs group must be limited to one host
-    when: g_nfs_hosts | length > 1
-
-  - name: Evaluate oo_all_hosts
-    add_host:
-      name: "{{ item }}"
-      groups: oo_all_hosts
-      ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
-      ansible_become: "{{ g_sudo | default(omit) }}"
-    with_items: "{{ g_all_hosts | default([]) }}"
-    changed_when: no
-
-  - name: Evaluate oo_masters
-    add_host:
-      name: "{{ item }}"
-      groups: oo_masters
-      ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
-      ansible_become: "{{ g_sudo | default(omit) }}"
-    with_items: "{{ g_master_hosts | union(g_new_master_hosts) | default([]) }}"
-    changed_when: no
-
-  - name: Evaluate oo_first_master
-    add_host:
-      name: "{{ g_master_hosts[0] }}"
-      groups: oo_first_master
-      ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
-      ansible_become: "{{ g_sudo | default(omit) }}"
-    when: g_master_hosts|length > 0
-    changed_when: no
-
-  - name: Evaluate oo_new_etcd_to_config
-    add_host:
-      name: "{{ item }}"
-      groups: oo_new_etcd_to_config
-      ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
-      ansible_become: "{{ g_sudo | default(omit) }}"
-    with_items: "{{ g_new_etcd_hosts | default([]) }}"
-    changed_when: no
-
-  - name: Evaluate oo_masters_to_config
-    add_host:
-      name: "{{ item }}"
-      groups: oo_masters_to_config
-      ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
-      ansible_become: "{{ g_sudo | default(omit) }}"
-    with_items: "{{ g_new_master_hosts | default(g_master_hosts | default([], true), true) }}"
-    changed_when: no
-
-  - name: Evaluate oo_etcd_to_config
-    add_host:
-      name: "{{ item }}"
-      groups: oo_etcd_to_config
-      ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
-      ansible_become: "{{ g_sudo | default(omit) }}"
-    with_items: "{{ g_etcd_hosts | default([]) }}"
-    changed_when: no
-
-  - name: Evaluate oo_first_etcd
-    add_host:
-      name: "{{ g_etcd_hosts[0] }}"
-      groups: oo_first_etcd
-      ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
-      ansible_become: "{{ g_sudo | default(omit) }}"
-    when: g_etcd_hosts|length > 0
-    changed_when: no
-
-  # We use two groups one for hosts we're upgrading which doesn't include embedded etcd
-  # The other for backing up which includes the embedded etcd host, there's no need to
-  # upgrade embedded etcd that just happens when the master is updated.
-  - name: Evaluate oo_etcd_hosts_to_upgrade
-    add_host:
-      name: "{{ item }}"
-      groups: oo_etcd_hosts_to_upgrade
-    with_items: "{{ groups.oo_etcd_to_config if groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config | length > 0 else [] }}"
-    changed_when: False
-
-  - name: Evaluate oo_etcd_hosts_to_backup
-    add_host:
-      name: "{{ item }}"
-      groups: oo_etcd_hosts_to_backup
-    with_items: "{{ groups.oo_etcd_to_config if groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config | length > 0 else (groups.oo_first_master | default([])) }}"
-    changed_when: False
-
-  - name: Evaluate oo_nodes_to_config
-    add_host:
-      name: "{{ item }}"
-      groups: oo_nodes_to_config
-      ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
-      ansible_become: "{{ g_sudo | default(omit) }}"
-    with_items: "{{ g_new_node_hosts | default(g_node_hosts | default([], true), true) }}"
-    changed_when: no
-
-  - name: Evaluate oo_lb_to_config
-    add_host:
-      name: "{{ item }}"
-      groups: oo_lb_to_config
-      ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
-      ansible_become: "{{ g_sudo | default(omit) }}"
-    with_items: "{{ g_lb_hosts | default([]) }}"
-    changed_when: no
-
-  - name: Evaluate oo_nfs_to_config
-    add_host:
-      name: "{{ item }}"
-      groups: oo_nfs_to_config
-      ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
-      ansible_become: "{{ g_sudo | default(omit) }}"
-    with_items: "{{ g_nfs_hosts | default([]) }}"
-    changed_when: no
-
-  - name: Evaluate oo_glusterfs_to_config
-    add_host:
-      name: "{{ item }}"
-      groups: oo_glusterfs_to_config
-      ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
-      ansible_become: "{{ g_sudo | default(omit) }}"
-    with_items: "{{ g_glusterfs_hosts | union(g_glusterfs_registry_hosts | default([])) }}"
-    changed_when: no
-
-  - name: Evaluate oo_etcd_to_migrate
-    add_host:
-      name: "{{ item }}"
-      groups: oo_etcd_to_migrate
-      ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
-      ansible_become: "{{ g_sudo | default(omit) }}"
-    with_items: "{{ groups.oo_etcd_to_config if groups.oo_etcd_to_config | default([]) | length != 0 else (groups.oo_first_master |default([]))}}"
-    changed_when: no

playbooks/init/main.yml

@@ -1,17 +0,0 @@
----
-# l_install_base_packages is passed in via prerequistes.yml.
-# skip_sanity_checks is passed in via openshift-node/private/image_prep.yml
-
-- import_playbook: evaluate_groups.yml
-
-- import_playbook: basic_facts.yml
-
-# NOTE: we must call init repos before installing base packages
-# because they may come from the repos.
-- import_playbook: repos.yml
-
-# base_packages needs to be setup for openshift_facts.py to run correctly.
-- import_playbook: base_packages.yml
-  when: l_install_base_packages | default(False) | bool
-
-- import_playbook: version.yml

playbooks/init/repos.yml

@@ -1,17 +0,0 @@
----
-# l_repo_hosts is passed in via prerequisites.yml.
-
-- name: Setup yum repositories for all hosts
-  hosts: "{{ l_repo_hosts | default('all:!all') }}"
-  gather_facts: no
-  tasks:
-  - name: subscribe instances to Red Hat Subscription Manager
-    import_role:
-      name: rhel_subscribe
-    when:
-    - ansible_distribution == 'RedHat'
-    - openshift_deployment_type == 'openshift-enterprise'
-    - (rhsub_user is defined and rhsub_pass is defined) or (rhsub_ak is defined and rhsub_orgid is defined)
-  - name: initialize openshift repos
-    import_role:
-      name: openshift_repos

playbooks/init/roles

@@ -1 +0,0 @@
-../../roles

playbooks/init/vars/cluster_hosts.yml

@@ -1,25 +0,0 @@
----
-g_etcd_hosts: "{{ groups.etcd | default([]) }}"
-
-g_new_etcd_hosts: "{{ groups.new_etcd | default([]) }}"
-
-g_lb_hosts: "{{ groups.lb | default([]) }}"
-
-g_master_hosts: "{{ groups.masters | default([]) }}"
-
-g_new_master_hosts: "{{ groups.new_masters | default([]) }}"
-
-g_node_hosts: "{{ groups.nodes | default([]) }}"
-
-g_new_node_hosts: "{{ groups.new_nodes | default([]) }}"
-
-g_nfs_hosts: "{{ groups.nfs | default([]) }}"
-
-g_glusterfs_hosts: "{{ groups.glusterfs | default([]) }}"
-
-g_glusterfs_registry_hosts: "{{ groups.glusterfs_registry | default(g_glusterfs_hosts) }}"
-
-g_all_hosts: "{{ g_master_hosts | union(g_node_hosts) | union(g_etcd_hosts)
-                 | union(g_new_etcd_hosts) | union(g_lb_hosts) | union(g_nfs_hosts)
-                 | union(g_new_node_hosts)| union(g_new_master_hosts)
-                 | default([]) }}"

playbooks/init/version.yml

@@ -1,48 +0,0 @@
----
-- name: Determine openshift_version to configure
-  hosts: oo_nodes_to_config
-  tasks:
-  - name: Set openshift_version to openshift_release if undefined
-    set_fact:
-      openshift_version: "4.0"
-    when:
-    - openshift_version is not defined or openshift_version == ""
-
-  - block:
-    - debug:
-        msg: "openshift_pkg_version was not defined. Falling back to -{{ openshift_version }}"
-    - set_fact:
-        # We append an '*' here because yum is not flexible.
-        openshift_pkg_version: "-{{ openshift_version }}*"
-    when:
-    - openshift_pkg_version is not defined
-
-  - block:
-    - debug:
-        msg: "openshift_image_tag was not defined. Falling back to v{{ openshift_version }}"
-    - set_fact:
-        openshift_image_tag: "v{{ openshift_version }}"
-    when: openshift_image_tag is not defined
-
-  - name: assert openshift_release in openshift_image_tag
-    assert:
-      that: openshift_release in openshift_image_tag
-      msg: >
-        openshift_image_tag must match same major version as openshift_release.
-        You provided: {{ openshift_release }} and {{ openshift_image_tag }}
-
-  - name: assert openshift_release in openshift_pkg_version
-    assert:
-      that: openshift_release in openshift_pkg_version
-      msg: >
-        openshift_pkg_version must match same major version as openshift_release.
-        You provided: {{ openshift_release }} and {{ openshift_pkg_version }}
-
-  # The end result of these variables is quite important so make sure they are displayed and logged:
-  - debug: var=openshift_release
-
-  - debug: var=openshift_image_tag
-
-  - debug: var=openshift_pkg_version
-
-  - debug: var=openshift_version

playbooks/openshift-node/scaleup.yml

@@ -10,53 +10,7 @@
         new_workers host group to add nodes.
     when: groups.new_workers | default([]) | length == 0
 
-- name: run the init
-  import_playbook: ../init/main.yml
-  vars:
-    l_init_fact_hosts: "new_workers"
-    l_openshift_version_set_hosts: "new_workers"
-    l_install_base_packages: True
-    l_repo_hosts: "new_workers"
-    l_base_packages_hosts: "new_workers"
-
-- name: Get release image
-  hosts: localhost
-  connection: local
-  gather_facts: no
-  tasks:
-  - name: Get release image
-    k8s_facts:
-      kubeconfig: "{{ kubeconfig_path }}"
-      kind: ClusterVersion
-      name: version
-    register: clusterversion
-    until:
-    - clusterversion.resources is defined
-    - clusterversion.resources | length > 0
-    - clusterversion.resources[0].status is defined
-    - clusterversion.resources[0].status.desired is defined
-    - clusterversion.resources[0].status.desired.image is defined
-    retries: 36
-    delay: 5
-
 - name: install nodes
   hosts: new_workers
-  tasks:
-  - import_role:
-      name: openshift_node40
-      tasks_from: install.yml
-  - name: Wait for bootstrap endpoint to show up
-    uri:
-      url: "{{ openshift_bootstrap_endpoint }}"
-      validate_certs: false
-    delay: 10
-    retries: 60
-    register: result
-    until:
-    - "'status' in result"
-    - result.status == 200
-  - import_role:
-      name: openshift_node40
-      tasks_from: config.yml
-    vars:
-      openshift_release_image: "{{ hostvars['localhost'].clusterversion.resources[0].status.desired.image }}"
+  roles:
+  - openshift_node40

roles/lib_utils/library/os_firewall_manage_iptables.py

@@ -1,283 +0,0 @@
-#!/usr/bin/python
-# -*- coding: utf-8 -*-
-# pylint: disable=fixme, missing-docstring
-import subprocess
-
-DOCUMENTATION = '''
----
-module: os_firewall_manage_iptables
-short_description: This module manages iptables rules for a given chain
-author: Jason DeTiberus
-requirements: [ ]
-'''
-EXAMPLES = '''
-'''
-
-
-class IpTablesError(Exception):
-    def __init__(self, msg, cmd, exit_code, output):
-        super(IpTablesError, self).__init__(msg)
-        self.msg = msg
-        self.cmd = cmd
-        self.exit_code = exit_code
-        self.output = output
-
-
-class IpTablesAddRuleError(IpTablesError):
-    pass
-
-
-class IpTablesRemoveRuleError(IpTablesError):
-    def __init__(self, chain, msg, cmd, exit_code, output):  # pylint: disable=too-many-arguments, line-too-long, redefined-outer-name
-        super(IpTablesRemoveRuleError, self).__init__(msg, cmd, exit_code,
-                                                      output)
-        self.chain = chain
-
-
-class IpTablesSaveError(IpTablesError):
-    pass
-
-
-class IpTablesCreateChainError(IpTablesError):
-    def __init__(self, chain, msg, cmd, exit_code, output):  # pylint: disable=too-many-arguments, line-too-long, redefined-outer-name
-        super(IpTablesCreateChainError, self).__init__(msg, cmd, exit_code,
-                                                       output)
-        self.chain = chain
-
-
-class IpTablesCreateJumpRuleError(IpTablesError):
-    def __init__(self, chain, msg, cmd, exit_code, output):  # pylint: disable=too-many-arguments, line-too-long, redefined-outer-name
-        super(IpTablesCreateJumpRuleError, self).__init__(msg, cmd, exit_code,
-                                                          output)
-        self.chain = chain
-
-
-# TODO: implement rollbacks for any events that were successful and an
-# exception was thrown later. For example, when the chain is created
-# successfully, but the add/remove rule fails.
-class IpTablesManager(object):  # pylint: disable=too-many-instance-attributes
-    def __init__(self, module):
-        self.module = module
-        self.ip_version = module.params['ip_version']
-        self.check_mode = module.check_mode
-        self.chain = module.params['chain']
-        self.create_jump_rule = module.params['create_jump_rule']
-        self.jump_rule_chain = module.params['jump_rule_chain']
-        self.cmd = self.gen_cmd()
-        self.save_cmd = self.gen_save_cmd()
-        self.output = []
-        self.changed = False
-
-    def save(self):
-        try:
-            self.output.append(subprocess.check_output(self.save_cmd, stderr=subprocess.STDOUT))
-        except subprocess.CalledProcessError as ex:
-            raise IpTablesSaveError(
-                msg="Failed to save iptables rules",
-                cmd=ex.cmd, exit_code=ex.returncode, output=ex.output)
-
-    def verify_chain(self):
-        if not self.chain_exists():
-            self.create_chain()
-        if self.create_jump_rule and not self.jump_rule_exists():
-            self.create_jump()
-
-    def add_rule(self, port, proto):
-        rule = self.gen_rule(port, proto)
-        if not self.rule_exists(rule):
-            self.verify_chain()
-
-            if self.check_mode:
-                self.changed = True
-                self.output.append("Create rule for %s %s" % (proto, port))
-            else:
-                cmd = self.cmd + ['-A'] + rule
-                try:
-                    self.output.append(subprocess.check_output(cmd))
-                    self.changed = True
-                    self.save()
-                except subprocess.CalledProcessError as ex:
-                    raise IpTablesCreateChainError(
-                        chain=self.chain,
-                        msg="Failed to create rule for "
-                            "%s %s" % (proto, port),
-                        cmd=ex.cmd, exit_code=ex.returncode,
-                        output=ex.output)
-
-    def remove_rule(self, port, proto):
-        rule = self.gen_rule(port, proto)
-        if self.rule_exists(rule):
-            if self.check_mode:
-                self.changed = True
-                self.output.append("Remove rule for %s %s" % (proto, port))
-            else:
-                cmd = self.cmd + ['-D'] + rule
-                try:
-                    self.output.append(subprocess.check_output(cmd))
-                    self.changed = True
-                    self.save()
-                except subprocess.CalledProcessError as ex:
-                    raise IpTablesRemoveRuleError(
-                        chain=self.chain,
-                        msg="Failed to remove rule for %s %s" % (proto, port),
-                        cmd=ex.cmd, exit_code=ex.returncode, output=ex.output)
-
-    def rule_exists(self, rule):
-        check_cmd = self.cmd + ['-C'] + rule
-        return True if subprocess.call(check_cmd) == 0 else False
-
-    @staticmethod
-    def port_as_argument(port):
-        if isinstance(port, int):
-            return str(port)
-        if isinstance(port, basestring):  # noqa: F405
-            return port.replace('-', ":")
-        return port
-
-    def gen_rule(self, port, proto):
-        return [self.chain, '-p', proto, '-m', 'state', '--state', 'NEW',
-                '-m', proto, '--dport', IpTablesManager.port_as_argument(port), '-j', 'ACCEPT']
-
-    def create_jump(self):
-        if self.check_mode:
-            self.changed = True
-            self.output.append("Create jump rule for chain %s" % self.chain)
-        else:
-            try:
-                cmd = self.cmd + ['-L', self.jump_rule_chain, '--line-numbers']
-                output = subprocess.check_output(cmd, stderr=subprocess.STDOUT)
-
-                # break the input rules into rows and columns
-                input_rules = [s.split() for s in to_native(output).split('\n')]
-
-                # Find the last numbered rule
-                last_rule_num = None
-                last_rule_target = None
-                for rule in input_rules[:-1]:
-                    if rule:
-                        try:
-                            last_rule_num = int(rule[0])
-                        except ValueError:
-                            continue
-                        last_rule_target = rule[1]
-
-                # Naively assume that if the last row is a REJECT or DROP rule,
-                # then we can insert our rule right before it, otherwise we
-                # assume that we can just append the rule.
-                if (last_rule_num and last_rule_target and last_rule_target in ['REJECT', 'DROP']):
-                    # insert rule
-                    cmd = self.cmd + ['-I', self.jump_rule_chain,
-                                      str(last_rule_num)]
-                else:
-                    # append rule
-                    cmd = self.cmd + ['-A', self.jump_rule_chain]
-                cmd += ['-j', self.chain]
-                output = subprocess.check_output(cmd, stderr=subprocess.STDOUT)
-                self.changed = True
-                self.output.append(output)
-                self.save()
-            except subprocess.CalledProcessError as ex:
-                if '--line-numbers' in ex.cmd:
-                    raise IpTablesCreateJumpRuleError(
-                        chain=self.chain,
-                        msg=("Failed to query existing " +
-                             self.jump_rule_chain +
-                             " rules to determine jump rule location"),
-                        cmd=ex.cmd, exit_code=ex.returncode,
-                        output=ex.output)
-                else:
-                    raise IpTablesCreateJumpRuleError(
-                        chain=self.chain,
-                        msg=("Failed to create jump rule for chain " +
-                             self.chain),
-                        cmd=ex.cmd, exit_code=ex.returncode,
-                        output=ex.output)
-
-    def create_chain(self):
-        if self.check_mode:
-            self.changed = True
-            self.output.append("Create chain %s" % self.chain)
-        else:
-            try:
-                cmd = self.cmd + ['-N', self.chain]
-                self.output.append(subprocess.check_output(cmd, stderr=subprocess.STDOUT))
-                self.changed = True
-                self.output.append("Successfully created chain %s" %
-                                   self.chain)
-                self.save()
-            except subprocess.CalledProcessError as ex:
-                raise IpTablesCreateChainError(
-                    chain=self.chain,
-                    msg="Failed to create chain: %s" % self.chain,
-                    cmd=ex.cmd, exit_code=ex.returncode, output=ex.output
-                )
-
-    def jump_rule_exists(self):
-        cmd = self.cmd + ['-C', self.jump_rule_chain, '-j', self.chain]
-        return True if subprocess.call(cmd) == 0 else False
-
-    def chain_exists(self):
-        cmd = self.cmd + ['-L', self.chain]
-        return True if subprocess.call(cmd) == 0 else False
-
-    def gen_cmd(self):
-        cmd = 'iptables' if self.ip_version == 'ipv4' else 'ip6tables'
-        # Include -w (wait for xtables lock) in default arguments.
-        default_args = ['-w']
-        return ["/usr/sbin/%s" % cmd] + default_args
-
-    def gen_save_cmd(self):  # pylint: disable=no-self-use
-        return ['/usr/libexec/iptables/iptables.init', 'save']
-
-
-def main():
-    module = AnsibleModule(  # noqa: F405
-        argument_spec=dict(
-            name=dict(required=True),
-            action=dict(required=True, choices=['add', 'remove',
-                                                'verify_chain']),
-            chain=dict(required=False, default='OS_FIREWALL_ALLOW'),
-            create_jump_rule=dict(required=False, type='bool', default=True),
-            jump_rule_chain=dict(required=False, default='INPUT'),
-            protocol=dict(required=False, choices=['tcp', 'udp']),
-            port=dict(required=False, type='str'),
-            ip_version=dict(required=False, default='ipv4',
-                            choices=['ipv4', 'ipv6']),
-        ),
-        supports_check_mode=True
-    )
-
-    action = module.params['action']
-    protocol = module.params['protocol']
-    port = module.params['port']
-
-    if action in ['add', 'remove']:
-        if not protocol:
-            error = "protocol is required when action is %s" % action
-            module.fail_json(msg=error)
-        if not port:
-            error = "port is required when action is %s" % action
-            module.fail_json(msg=error)
-
-    iptables_manager = IpTablesManager(module)
-
-    try:
-        if action == 'add':
-            iptables_manager.add_rule(port, protocol)
-        elif action == 'remove':
-            iptables_manager.remove_rule(port, protocol)
-        elif action == 'verify_chain':
-            iptables_manager.verify_chain()
-    except IpTablesError as ex:
-        module.fail_json(msg=ex.msg)
-
-    return module.exit_json(changed=iptables_manager.changed,
-                            output=iptables_manager.output)
-
-
-# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import,  wrong-import-position
-# import module snippets
-from ansible.module_utils.basic import *  # noqa: F403,E402
-from ansible.module_utils._text import to_native  # noqa: E402
-if __name__ == '__main__':
-    main()

roles/lib_utils/library/yedit.py

@@ -1,983 +0,0 @@
-#!/usr/bin/env python
-# pylint: disable=missing-docstring
-#     ___ ___ _  _ ___ ___    _ _____ ___ ___
-#    / __| __| \| | __| _ \  /_\_   _| __|   \
-#   | (_ | _|| .` | _||   / / _ \| | | _|| |) |
-#    \___|___|_|\_|___|_|_\/_/_\_\_|_|___|___/_ _____
-#   |   \ / _ \  | \| |/ _ \_   _| | __|   \_ _|_   _|
-#   | |) | (_) | | .` | (_) || |   | _|| |) | |  | |
-#   |___/ \___/  |_|\_|\___/ |_|   |___|___/___| |_|
-#
-# Copyright 2016 Red Hat, Inc. and/or its affiliates
-# and other contributors as indicated by the @author tags.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#    http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-# -*- -*- -*- Begin included fragment: lib/import.py -*- -*- -*-
-
-# pylint: disable=wrong-import-order,wrong-import-position,unused-import
-
-from __future__ import print_function  # noqa: F401
-import copy  # noqa: F401
-import fcntl  # noqa: F401
-import json   # noqa: F401
-import os  # noqa: F401
-import re  # noqa: F401
-import shutil  # noqa: F401
-import tempfile  # noqa: F401
-import time  # noqa: F401
-
-try:
-    import ruamel.yaml as yaml  # noqa: F401
-except ImportError:
-    import yaml  # noqa: F401
-
-from ansible.module_utils.basic import AnsibleModule
-
-# -*- -*- -*- End included fragment: lib/import.py -*- -*- -*-
-
-# -*- -*- -*- Begin included fragment: doc/yedit -*- -*- -*-
-
-DOCUMENTATION = '''
----
-module: yedit
-short_description: Create, modify, and idempotently manage yaml files.
-description:
-  - Modify yaml files programmatically.
-options:
-  state:
-    description:
-    - State represents whether to create, modify, delete, or list yaml
-    required: true
-    default: present
-    choices: ["present", "absent", "list"]
-    aliases: []
-  debug:
-    description:
-    - Turn on debug information.
-    required: false
-    default: false
-    aliases: []
-  src:
-    description:
-    - The file that is the target of the modifications.
-    required: false
-    default: None
-    aliases: []
-  content:
-    description:
-    - Content represents the yaml content you desire to work with.  This
-    - could be the file contents to write or the inmemory data to modify.
-    required: false
-    default: None
-    aliases: []
-  content_type:
-    description:
-    - The python type of the content parameter.
-    required: false
-    default: 'dict'
-    aliases: []
-  key:
-    description:
-    - The path to the value you wish to modify. Emtpy string means the top of
-    - the document.
-    required: false
-    default: ''
-    aliases: []
-  value:
-    description:
-    - The incoming value of parameter 'key'.
-    required: false
-    default:
-    aliases: []
-  value_type:
-    description:
-    - The python type of the incoming value.
-    required: false
-    default: ''
-    aliases: []
-  update:
-    description:
-    - Whether the update should be performed on a dict/hash or list/array
-    - object.
-    required: false
-    default: false
-    aliases: []
-  append:
-    description:
-    - Whether to append to an array/list. When the key does not exist or is
-    - null, a new array is created. When the key is of a non-list type,
-    - nothing is done.
-    required: false
-    default: false
-    aliases: []
-  index:
-    description:
-    - Used in conjunction with the update parameter.  This will update a
-    - specific index in an array/list.
-    required: false
-    default: false
-    aliases: []
-  curr_value:
-    description:
-    - Used in conjunction with the update parameter.  This is the current
-    - value of 'key' in the yaml file.
-    required: false
-    default: false
-    aliases: []
-  curr_value_format:
-    description:
-    - Format of the incoming current value.
-    choices: ["yaml", "json", "str"]
-    required: false
-    default: false
-    aliases: []
-  backup_ext:
-    description:
-    - The backup file's appended string.
-    required: false
-    default: .orig
-    aliases: []
-  backup:
-    description:
-    - Whether to make a backup copy of the current file when performing an
-    - edit.
-    required: false
-    default: true
-    aliases: []
-  separator:
-    description:
-    - The separator being used when parsing strings.
-    required: false
-    default: '.'
-    aliases: []
-author:
-- "Kenny Woodson <kwoodson@redhat.com>"
-extends_documentation_fragment: []
-'''
-
-EXAMPLES = '''
-# Simple insert of key, value
-- name: insert simple key, value
-  yedit:
-    src: somefile.yml
-    key: test
-    value: somevalue
-    state: present
-# Results:
-# test: somevalue
-
-# Multilevel insert of key, value
-- name: insert simple key, value
-  yedit:
-    src: somefile.yml
-    key: a#b#c
-    value: d
-    state: present
-# Results:
-# a:
-#   b:
-#     c: d
-#
-# multiple edits at the same time
-- name: perform multiple edits
-  yedit:
-    src: somefile.yml
-    edits:
-    - key: a#b#c
-      value: d
-    - key: a#b#c#d
-      value: e
-    state: present
-# Results:
-# a:
-#   b:
-#     c:
-#       d: e
-'''
-
-# -*- -*- -*- End included fragment: doc/yedit -*- -*- -*-
-
-# -*- -*- -*- Begin included fragment: class/yedit.py -*- -*- -*-
-
-
-class YeditException(Exception):
-    ''' Exception class for Yedit '''
-    pass
-
-
-# pylint: disable=too-many-public-methods,too-many-instance-attributes
-class Yedit(object):
-    ''' Class to modify yaml files '''
-    re_valid_key = r"(((\[-?\d+\])|([0-9a-zA-Z%s/_-]+)).?)+$"
-    re_key = r"(?:\[(-?\d+)\])|([0-9a-zA-Z{}/_-]+)"
-    com_sep = set(['.', '#', '|', ':'])
-
-    # pylint: disable=too-many-arguments
-    def __init__(self,
-                 filename=None,
-                 content=None,
-                 content_type='yaml',
-                 separator='.',
-                 backup_ext=None,
-                 backup=False):
-        self.content = content
-        self._separator = separator
-        self.filename = filename
-        self.__yaml_dict = content
-        self.content_type = content_type
-        self.backup = backup
-        if backup_ext is None:
-            self.backup_ext = ".{}".format(time.strftime("%Y%m%dT%H%M%S"))
-        else:
-            self.backup_ext = backup_ext
-
-        self.load(content_type=self.content_type)
-        if self.__yaml_dict is None:
-            self.__yaml_dict = {}
-
-    @property
-    def separator(self):
-        ''' getter method for separator '''
-        return self._separator
-
-    @separator.setter
-    def separator(self, inc_sep):
-        ''' setter method for separator '''
-        self._separator = inc_sep
-
-    @property
-    def yaml_dict(self):
-        ''' getter method for yaml_dict '''
-        return self.__yaml_dict
-
-    @yaml_dict.setter
-    def yaml_dict(self, value):
-        ''' setter method for yaml_dict '''
-        self.__yaml_dict = value
-
-    @staticmethod
-    def parse_key(key, sep='.'):
-        '''parse the key allowing the appropriate separator'''
-        common_separators = list(Yedit.com_sep - set([sep]))
-        return re.findall(Yedit.re_key.format(''.join(common_separators)), key)
-
-    @staticmethod
-    def valid_key(key, sep='.'):
-        '''validate the incoming key'''
-        common_separators = list(Yedit.com_sep - set([sep]))
-        if not re.match(Yedit.re_valid_key.format(''.join(common_separators)), key):
-            return False
-
-        return True
-
-    # pylint: disable=too-many-return-statements,too-many-branches
-    @staticmethod
-    def remove_entry(data, key, index=None, value=None, sep='.'):
-        ''' remove data at location key '''
-        if key == '' and isinstance(data, dict):
-            if value is not None:
-                data.pop(value)
-            elif index is not None:
-                raise YeditException("remove_entry for a dictionary does not have an index {}".format(index))
-            else:
-                data.clear()
-
-            return True
-
-        elif key == '' and isinstance(data, list):
-            ind = None
-            if value is not None:
-                try:
-                    ind = data.index(value)
-                except ValueError:
-                    return False
-            elif index is not None:
-                ind = index
-            else:
-                del data[:]
-
-            if ind is not None:
-                data.pop(ind)
-
-            return True
-
-        if not (key and Yedit.valid_key(key, sep)) and \
-           isinstance(data, (list, dict)):
-            return None
-
-        key_indexes = Yedit.parse_key(key, sep)
-        for arr_ind, dict_key in key_indexes[:-1]:
-            if dict_key and isinstance(data, dict):
-                data = data.get(dict_key)
-            elif (arr_ind and isinstance(data, list) and
-                  int(arr_ind) <= len(data) - 1):
-                data = data[int(arr_ind)]
-            else:
-                return None
-
-        # process last index for remove
-        # expected list entry
-        if key_indexes[-1][0]:
-            if isinstance(data, list) and int(key_indexes[-1][0]) <= len(data) - 1:  # noqa: E501
-                del data[int(key_indexes[-1][0])]
-                return True
-
-        # expected dict entry
-        elif key_indexes[-1][1]:
-            if isinstance(data, dict):
-                del data[key_indexes[-1][1]]
-                return True
-
-    @staticmethod
-    def add_entry(data, key, item=None, sep='.'):
-        ''' Get an item from a dictionary with key notation a.b.c
-            d = {'a': {'b': 'c'}}}
-            key = a#b
-            return c
-        '''
-        if key == '':
-            pass
-        elif (not (key and Yedit.valid_key(key, sep)) and
-              isinstance(data, (list, dict))):
-            return None
-
-        key_indexes = Yedit.parse_key(key, sep)
-        for arr_ind, dict_key in key_indexes[:-1]:
-            if dict_key:
-                if isinstance(data, dict) and dict_key in data and data[dict_key]:  # noqa: E501
-                    data = data[dict_key]
-                    continue
-
-                elif data and not isinstance(data, dict):
-                    raise YeditException("Unexpected item type found while going through key " +
-                                         "path: {} (at key: {})".format(key, dict_key))
-
-                data[dict_key] = {}
-                data = data[dict_key]
-
-            elif (arr_ind and isinstance(data, list) and
-                  int(arr_ind) <= len(data) - 1):
-                data = data[int(arr_ind)]
-            else:
-                raise YeditException("Unexpected item type found while going through key path: {}".format(key))
-
-        if key == '':
-            data = item
-
-        # process last index for add
-        # expected list entry
-        elif key_indexes[-1][0] and isinstance(data, list) and int(key_indexes[-1][0]) <= len(data) - 1:  # noqa: E501
-            data[int(key_indexes[-1][0])] = item
-
-        # expected dict entry
-        elif key_indexes[-1][1] and isinstance(data, dict):
-            data[key_indexes[-1][1]] = item
-
-        # didn't add/update to an existing list, nor add/update key to a dict
-        # so we must have been provided some syntax like a.b.c[<int>] = "data" for a
-        # non-existent array
-        else:
-            raise YeditException("Error adding to object at path: {}".format(key))
-
-        return data
-
-    @staticmethod
-    def get_entry(data, key, sep='.'):
-        ''' Get an item from a dictionary with key notation a.b.c
-            d = {'a': {'b': 'c'}}}
-            key = a.b
-            return c
-        '''
-        if key == '':
-            pass
-        elif (not (key and Yedit.valid_key(key, sep)) and
-              isinstance(data, (list, dict))):
-            return None
-
-        key_indexes = Yedit.parse_key(key, sep)
-        for arr_ind, dict_key in key_indexes:
-            if dict_key and isinstance(data, dict):
-                data = data.get(dict_key)
-            elif (arr_ind and isinstance(data, list) and
-                  int(arr_ind) <= len(data) - 1):
-                data = data[int(arr_ind)]
-            else:
-                return None
-
-        return data
-
-    @staticmethod
-    def _write(filename, contents):
-        ''' Actually write the file contents to disk. This helps with mocking. '''
-
-        tmp_filename = filename + '.yedit'
-
-        with open(tmp_filename, 'w') as yfd:
-            fcntl.flock(yfd, fcntl.LOCK_EX | fcntl.LOCK_NB)
-            yfd.write(contents)
-            fcntl.flock(yfd, fcntl.LOCK_UN)
-
-        os.rename(tmp_filename, filename)
-
-    def write(self):
-        ''' write to file '''
-        if not self.filename:
-            raise YeditException('Please specify a filename.')
-
-        if self.backup and self.file_exists():
-            shutil.copy(self.filename, '{}{}'.format(self.filename, self.backup_ext))
-
-        # Try to set format attributes if supported
-        try:
-            self.yaml_dict.fa.set_block_style()
-        except AttributeError:
-            pass
-
-        # Try to use RoundTripDumper if supported.
-        if self.content_type == 'yaml':
-            try:
-                Yedit._write(self.filename, yaml.dump(self.yaml_dict, Dumper=yaml.RoundTripDumper))
-            except AttributeError:
-                Yedit._write(self.filename, yaml.safe_dump(self.yaml_dict, default_flow_style=False))
-        elif self.content_type == 'json':
-            Yedit._write(self.filename, json.dumps(self.yaml_dict, indent=4, sort_keys=True))
-        else:
-            raise YeditException('Unsupported content_type: {}.'.format(self.content_type) +
-                                 'Please specify a content_type of yaml or json.')
-
-        return (True, self.yaml_dict)
-
-    def read(self):
-        ''' read from file '''
-        # check if it exists
-        if self.filename is None or not self.file_exists():
-            return None
-
-        contents = None
-        with open(self.filename) as yfd:
-            contents = yfd.read()
-
-        return contents
-
-    def file_exists(self):
-        ''' return whether file exists '''
-        if os.path.exists(self.filename):
-            return True
-
-        return False
-
-    def load(self, content_type='yaml'):
-        ''' return yaml file '''
-        contents = self.read()
-
-        if not contents and not self.content:
-            return None
-
-        if self.content:
-            if isinstance(self.content, dict):
-                self.yaml_dict = self.content
-                return self.yaml_dict
-            elif isinstance(self.content, str):
-                contents = self.content
-
-        # check if it is yaml
-        try:
-            if content_type == 'yaml' and contents:
-                # Try to set format attributes if supported
-                try:
-                    self.yaml_dict.fa.set_block_style()
-                except AttributeError:
-                    pass
-
-                # Try to use RoundTripLoader if supported.
-                try:
-                    self.yaml_dict = yaml.load(contents, yaml.RoundTripLoader)
-                except AttributeError:
-                    self.yaml_dict = yaml.safe_load(contents)
-
-                # Try to set format attributes if supported
-                try:
-                    self.yaml_dict.fa.set_block_style()
-                except AttributeError:
-                    pass
-
-            elif content_type == 'json' and contents:
-                self.yaml_dict = json.loads(contents)
-        except yaml.YAMLError as err:
-            # Error loading yaml or json
-            raise YeditException('Problem with loading yaml file. {}'.format(err))
-
-        return self.yaml_dict
-
-    def get(self, key):
-        ''' get a specified key'''
-        try:
-            entry = Yedit.get_entry(self.yaml_dict, key, self.separator)
-        except KeyError:
-            entry = None
-
-        return entry
-
-    def pop(self, path, key_or_item):
-        ''' remove a key, value pair from a dict or an item for a list'''
-        try:
-            entry = Yedit.get_entry(self.yaml_dict, path, self.separator)
-        except KeyError:
-            entry = None
-
-        if entry is None:
-            return (False, self.yaml_dict)
-
-        if isinstance(entry, dict):
-            # AUDIT:maybe-no-member makes sense due to fuzzy types
-            # pylint: disable=maybe-no-member
-            if key_or_item in entry:
-                entry.pop(key_or_item)
-                return (True, self.yaml_dict)
-            return (False, self.yaml_dict)
-
-        elif isinstance(entry, list):
-            # AUDIT:maybe-no-member makes sense due to fuzzy types
-            # pylint: disable=maybe-no-member
-            ind = None
-            try:
-                ind = entry.index(key_or_item)
-            except ValueError:
-                return (False, self.yaml_dict)
-
-            entry.pop(ind)
-            return (True, self.yaml_dict)
-
-        return (False, self.yaml_dict)
-
-    def delete(self, path, index=None, value=None):
-        ''' remove path from a dict'''
-        try:
-            entry = Yedit.get_entry(self.yaml_dict, path, self.separator)
-        except KeyError:
-            entry = None
-
-        if entry is None:
-            return (False, self.yaml_dict)
-
-        result = Yedit.remove_entry(self.yaml_dict, path, index, value, self.separator)
-        if not result:
-            return (False, self.yaml_dict)
-
-        return (True, self.yaml_dict)
-
-    def exists(self, path, value):
-        ''' check if value exists at path'''
-        try:
-            entry = Yedit.get_entry(self.yaml_dict, path, self.separator)
-        except KeyError:
-            entry = None
-
-        if isinstance(entry, list):
-            if value in entry:
-                return True
-            return False
-
-        elif isinstance(entry, dict):
-            if isinstance(value, dict):
-                rval = False
-                for key, val in value.items():
-                    if entry[key] != val:
-                        rval = False
-                        break
-                else:
-                    rval = True
-                return rval
-
-            return value in entry
-
-        return entry == value
-
-    def append(self, path, value):
-        '''append value to a list'''
-        try:
-            entry = Yedit.get_entry(self.yaml_dict, path, self.separator)
-        except KeyError:
-            entry = None
-
-        if entry is None:
-            self.put(path, [])
-            entry = Yedit.get_entry(self.yaml_dict, path, self.separator)
-        if not isinstance(entry, list):
-            return (False, self.yaml_dict)
-
-        # AUDIT:maybe-no-member makes sense due to loading data from
-        # a serialized format.
-        # pylint: disable=maybe-no-member
-        entry.append(value)
-        return (True, self.yaml_dict)
-
-    # pylint: disable=too-many-arguments
-    def update(self, path, value, index=None, curr_value=None):
-        ''' put path, value into a dict '''
-        try:
-            entry = Yedit.get_entry(self.yaml_dict, path, self.separator)
-        except KeyError:
-            entry = None
-
-        if isinstance(entry, dict):
-            # AUDIT:maybe-no-member makes sense due to fuzzy types
-            # pylint: disable=maybe-no-member
-            if not isinstance(value, dict):
-                raise YeditException('Cannot replace key, value entry in dict with non-dict type. ' +
-                                     'value=[{}] type=[{}]'.format(value, type(value)))
-
-            entry.update(value)
-            return (True, self.yaml_dict)
-
-        elif isinstance(entry, list):
-            # AUDIT:maybe-no-member makes sense due to fuzzy types
-            # pylint: disable=maybe-no-member
-            ind = None
-            if curr_value:
-                try:
-                    ind = entry.index(curr_value)
-                except ValueError:
-                    return (False, self.yaml_dict)
-
-            elif index is not None:
-                ind = index
-
-            if ind is not None and entry[ind] != value:
-                entry[ind] = value
-                return (True, self.yaml_dict)
-
-            # see if it exists in the list
-            try:
-                ind = entry.index(value)
-            except ValueError:
-                # doesn't exist, append it
-                entry.append(value)
-                return (True, self.yaml_dict)
-
-            # already exists, return
-            if ind is not None:
-                return (False, self.yaml_dict)
-        return (False, self.yaml_dict)
-
-    def put(self, path, value):
-        ''' put path, value into a dict '''
-        try:
-            entry = Yedit.get_entry(self.yaml_dict, path, self.separator)
-        except KeyError:
-            entry = None
-
-        if entry == value:
-            return (False, self.yaml_dict)
-
-        # deepcopy didn't work
-        # Try to use ruamel.yaml and fallback to pyyaml
-        try:
-            tmp_copy = yaml.load(yaml.round_trip_dump(self.yaml_dict,
-                                                      default_flow_style=False),
-                                 yaml.RoundTripLoader)
-        except AttributeError:
-            tmp_copy = copy.deepcopy(self.yaml_dict)
-
-        # set the format attributes if available
-        try:
-            tmp_copy.fa.set_block_style()
-        except AttributeError:
-            pass
-
-        result = Yedit.add_entry(tmp_copy, path, value, self.separator)
-        if result is None:
-            return (False, self.yaml_dict)
-
-        # When path equals "" it is a special case.
-        # "" refers to the root of the document
-        # Only update the root path (entire document) when its a list or dict
-        if path == '':
-            if isinstance(result, list) or isinstance(result, dict):
-                self.yaml_dict = result
-                return (True, self.yaml_dict)
-
-            return (False, self.yaml_dict)
-
-        self.yaml_dict = tmp_copy
-
-        return (True, self.yaml_dict)
-
-    def create(self, path, value):
-        ''' create a yaml file '''
-        if not self.file_exists():
-            # deepcopy didn't work
-            # Try to use ruamel.yaml and fallback to pyyaml
-            try:
-                tmp_copy = yaml.load(yaml.round_trip_dump(self.yaml_dict,
-                                                          default_flow_style=False),
-                                     yaml.RoundTripLoader)
-            except AttributeError:
-                tmp_copy = copy.deepcopy(self.yaml_dict)
-
-            # set the format attributes if available
-            try:
-                tmp_copy.fa.set_block_style()
-            except AttributeError:
-                pass
-
-            result = Yedit.add_entry(tmp_copy, path, value, self.separator)
-            if result is not None:
-                self.yaml_dict = tmp_copy
-                return (True, self.yaml_dict)
-
-        return (False, self.yaml_dict)
-
-    @staticmethod
-    def get_curr_value(invalue, val_type):
-        '''return the current value'''
-        if invalue is None:
-            return None
-
-        curr_value = invalue
-        if val_type == 'yaml':
-            curr_value = yaml.safe_load(str(invalue))
-        elif val_type == 'json':
-            curr_value = json.loads(invalue)
-
-        return curr_value
-
-    @staticmethod
-    def parse_value(inc_value, vtype=''):
-        '''determine value type passed'''
-        true_bools = ['y', 'Y', 'yes', 'Yes', 'YES', 'true', 'True', 'TRUE',
-                      'on', 'On', 'ON', ]
-        false_bools = ['n', 'N', 'no', 'No', 'NO', 'false', 'False', 'FALSE',
-                       'off', 'Off', 'OFF']
-
-        # It came in as a string but you didn't specify value_type as string
-        # we will convert to bool if it matches any of the above cases
-        if isinstance(inc_value, str) and 'bool' in vtype:
-            if inc_value not in true_bools and inc_value not in false_bools:
-                raise YeditException('Not a boolean type. str=[{}] vtype=[{}]'.format(inc_value, vtype))
-        elif isinstance(inc_value, bool) and 'str' in vtype:
-            inc_value = str(inc_value)
-
-        # There is a special case where '' will turn into None after yaml loading it so skip
-        if isinstance(inc_value, str) and inc_value == '':
-            pass
-        # If vtype is not str then go ahead and attempt to yaml load it.
-        elif isinstance(inc_value, str) and 'str' not in vtype:
-            try:
-                inc_value = yaml.safe_load(inc_value)
-            except Exception:
-                raise YeditException('Could not determine type of incoming value. ' +
-                                     'value=[{}] vtype=[{}]'.format(type(inc_value), vtype))
-
-        return inc_value
-
-    @staticmethod
-    def process_edits(edits, yamlfile):
-        '''run through a list of edits and process them one-by-one'''
-        results = []
-        for edit in edits:
-            value = Yedit.parse_value(edit['value'], edit.get('value_type', ''))
-            if edit.get('action') == 'update':
-                # pylint: disable=line-too-long
-                curr_value = Yedit.get_curr_value(
-                    Yedit.parse_value(edit.get('curr_value')),
-                    edit.get('curr_value_format'))
-
-                rval = yamlfile.update(edit['key'],
-                                       value,
-                                       edit.get('index'),
-                                       curr_value)
-
-            elif edit.get('action') == 'append':
-                rval = yamlfile.append(edit['key'], value)
-
-            else:
-                rval = yamlfile.put(edit['key'], value)
-
-            if rval[0]:
-                results.append({'key': edit['key'], 'edit': rval[1]})
-
-        return {'changed': len(results) > 0, 'results': results}
-
-    # pylint: disable=too-many-return-statements,too-many-branches
-    @staticmethod
-    def run_ansible(params):
-        '''perform the idempotent crud operations'''
-        yamlfile = Yedit(filename=params['src'],
-                         backup=params['backup'],
-                         content_type=params['content_type'],
-                         backup_ext=params['backup_ext'],
-                         separator=params['separator'])
-
-        state = params['state']
-
-        if params['src']:
-            rval = yamlfile.load()
-
-            if yamlfile.yaml_dict is None and state != 'present':
-                return {'failed': True,
-                        'msg': 'Error opening file [{}].  Verify that the '.format(params['src']) +
-                               'file exists, that it is has correct permissions, and is valid yaml.'}
-
-        if state == 'list':
-            if params['content']:
-                content = Yedit.parse_value(params['content'], params['content_type'])
-                yamlfile.yaml_dict = content
-
-            if params['key']:
-                rval = yamlfile.get(params['key'])
-
-            return {'changed': False, 'result': rval, 'state': state}
-
-        elif state == 'absent':
-            if params['content']:
-                content = Yedit.parse_value(params['content'], params['content_type'])
-                yamlfile.yaml_dict = content
-
-            if params['update']:
-                rval = yamlfile.pop(params['key'], params['value'])
-            else:
-                rval = yamlfile.delete(params['key'], params['index'], params['value'])
-
-            if rval[0] and params['src']:
-                yamlfile.write()
-
-            return {'changed': rval[0], 'result': rval[1], 'state': state}
-
-        elif state == 'present':
-            # check if content is different than what is in the file
-            if params['content']:
-                content = Yedit.parse_value(params['content'], params['content_type'])
-
-                # We had no edits to make and the contents are the same
-                if yamlfile.yaml_dict == content and \
-                   params['value'] is None:
-                    return {'changed': False, 'result': yamlfile.yaml_dict, 'state': state}
-
-                yamlfile.yaml_dict = content
-
-            # If we were passed a key, value then
-            # we enapsulate it in a list and process it
-            # Key, Value passed to the module : Converted to Edits list #
-            edits = []
-            _edit = {}
-            if params['value'] is not None:
-                _edit['value'] = params['value']
-                _edit['value_type'] = params['value_type']
-                _edit['key'] = params['key']
-
-                if params['update']:
-                    _edit['action'] = 'update'
-                    _edit['curr_value'] = params['curr_value']
-                    _edit['curr_value_format'] = params['curr_value_format']
-                    _edit['index'] = params['index']
-
-                elif params['append']:
-                    _edit['action'] = 'append'
-
-                edits.append(_edit)
-
-            elif params['edits'] is not None:
-                edits = params['edits']
-
-            if edits:
-                results = Yedit.process_edits(edits, yamlfile)
-
-                # if there were changes and a src provided to us we need to write
-                if results['changed'] and params['src']:
-                    yamlfile.write()
-
-                return {'changed': results['changed'], 'result': results['results'], 'state': state}
-
-            # no edits to make
-            if params['src']:
-                # pylint: disable=redefined-variable-type
-                rval = yamlfile.write()
-                return {'changed': rval[0],
-                        'result': rval[1],
-                        'state': state}
-
-            # We were passed content but no src, key or value, or edits.  Return contents in memory
-            return {'changed': False, 'result': yamlfile.yaml_dict, 'state': state}
-        return {'failed': True, 'msg': 'Unkown state passed'}
-
-# -*- -*- -*- End included fragment: class/yedit.py -*- -*- -*-
-
-# -*- -*- -*- Begin included fragment: ansible/yedit.py -*- -*- -*-
-
-
-# pylint: disable=too-many-branches
-def main():
-    ''' ansible oc module for secrets '''
-
-    module = AnsibleModule(
-        argument_spec=dict(
-            state=dict(default='present', type='str',
-                       choices=['present', 'absent', 'list']),
-            debug=dict(default=False, type='bool'),
-            src=dict(default=None, type='str'),
-            content=dict(default=None),
-            content_type=dict(default='yaml', choices=['yaml', 'json']),
-            key=dict(default='', type='str'),
-            value=dict(),
-            value_type=dict(default='', type='str'),
-            update=dict(default=False, type='bool'),
-            append=dict(default=False, type='bool'),
-            index=dict(default=None, type='int'),
-            curr_value=dict(default=None, type='str'),
-            curr_value_format=dict(default='yaml',
-                                   choices=['yaml', 'json', 'str'],
-                                   type='str'),
-            backup=dict(default=False, type='bool'),
-            backup_ext=dict(default=".{}".format(time.strftime("%Y%m%dT%H%M%S")), type='str'),
-            separator=dict(default='.', type='str'),
-            edits=dict(default=None, type='list'),
-        ),
-        mutually_exclusive=[["curr_value", "index"], ['update', "append"]],
-        required_one_of=[["content", "src"]],
-    )
-
-    # Verify we recieved either a valid key or edits with valid keys when receiving a src file.
-    # A valid key being not None or not ''.
-    if module.params['src'] is not None:
-        key_error = False
-        edit_error = False
-
-        if module.params['key'] in [None, '']:
-            key_error = True
-
-        if module.params['edits'] in [None, []]:
-            edit_error = True
-
-        else:
-            for edit in module.params['edits']:
-                if edit.get('key') in [None, '']:
-                    edit_error = True
-                    break
-
-        if key_error and edit_error:
-            module.fail_json(failed=True, msg='Empty value for parameter key not allowed.')
-
-    rval = Yedit.run_ansible(module.params)
-    if 'failed' in rval and rval['failed']:
-        module.fail_json(**rval)
-
-    module.exit_json(**rval)
-
-
-if __name__ == '__main__':
-    main()
-
-# -*- -*- -*- End included fragment: ansible/yedit.py -*- -*- -*-

roles/lib_utils/meta/main.yml

@@ -1,14 +0,0 @@
----
-galaxy_info:
-  author: various
-  description: OpenShift Repositories
-  company: Red Hat, Inc.
-  license: Apache License, Version 2.0
-  min_ansible_version: 1.7
-  platforms:
-  - name: EL
-    versions:
-    - 7
-  categories:
-  - cloud
-dependencies: []

roles/lib_utils/src/ansible/yedit.py

@@ -1,65 +0,0 @@
-# flake8: noqa
-# pylint: skip-file
-
-
-# pylint: disable=too-many-branches
-def main():
-    ''' ansible oc module for secrets '''
-
-    module = AnsibleModule(
-        argument_spec=dict(
-            state=dict(default='present', type='str',
-                       choices=['present', 'absent', 'list']),
-            debug=dict(default=False, type='bool'),
-            src=dict(default=None, type='str'),
-            content=dict(default=None),
-            content_type=dict(default='yaml', choices=['yaml', 'json']),
-            key=dict(default='', type='str'),
-            value=dict(),
-            value_type=dict(default='', type='str'),
-            update=dict(default=False, type='bool'),
-            append=dict(default=False, type='bool'),
-            index=dict(default=None, type='int'),
-            curr_value=dict(default=None, type='str'),
-            curr_value_format=dict(default='yaml',
-                                   choices=['yaml', 'json', 'str'],
-                                   type='str'),
-            backup=dict(default=False, type='bool'),
-            backup_ext=dict(default=".{}".format(time.strftime("%Y%m%dT%H%M%S")), type='str'),
-            separator=dict(default='.', type='str'),
-            edits=dict(default=None, type='list'),
-        ),
-        mutually_exclusive=[["curr_value", "index"], ['update', "append"]],
-        required_one_of=[["content", "src"]],
-    )
-
-    # Verify we recieved either a valid key or edits with valid keys when receiving a src file.
-    # A valid key being not None or not ''.
-    if module.params['src'] is not None:
-        key_error = False
-        edit_error = False
-
-        if module.params['key'] in [None, '']:
-            key_error = True
-
-        if module.params['edits'] in [None, []]:
-            edit_error = True
-
-        else:
-            for edit in module.params['edits']:
-                if edit.get('key') in [None, '']:
-                    edit_error = True
-                    break
-
-        if key_error and edit_error:
-            module.fail_json(failed=True, msg='Empty value for parameter key not allowed.')
-
-    rval = Yedit.run_ansible(module.params)
-    if 'failed' in rval and rval['failed']:
-        module.fail_json(**rval)
-
-    module.exit_json(**rval)
-
-
-if __name__ == '__main__':
-    main()

roles/lib_utils/src/class/yedit.py

@@ -1,704 +0,0 @@
-# flake8: noqa
-# pylint: skip-file
-
-
-class YeditException(Exception):
-    ''' Exception class for Yedit '''
-    pass
-
-
-# pylint: disable=too-many-public-methods,too-many-instance-attributes
-class Yedit(object):
-    ''' Class to modify yaml files '''
-    re_valid_key = r"(((\[-?\d+\])|([0-9a-zA-Z%s/_-]+)).?)+$"
-    re_key = r"(?:\[(-?\d+)\])|([0-9a-zA-Z{}/_-]+)"
-    com_sep = set(['.', '#', '|', ':'])
-
-    # pylint: disable=too-many-arguments
-    def __init__(self,
-                 filename=None,
-                 content=None,
-                 content_type='yaml',
-                 separator='.',
-                 backup_ext=None,
-                 backup=False):
-        self.content = content
-        self._separator = separator
-        self.filename = filename
-        self.__yaml_dict = content
-        self.content_type = content_type
-        self.backup = backup
-        if backup_ext is None:
-            self.backup_ext = ".{}".format(time.strftime("%Y%m%dT%H%M%S"))
-        else:
-            self.backup_ext = backup_ext
-
-        self.load(content_type=self.content_type)
-        if self.__yaml_dict is None:
-            self.__yaml_dict = {}
-
-    @property
-    def separator(self):
-        ''' getter method for separator '''
-        return self._separator
-
-    @separator.setter
-    def separator(self, inc_sep):
-        ''' setter method for separator '''
-        self._separator = inc_sep
-
-    @property
-    def yaml_dict(self):
-        ''' getter method for yaml_dict '''
-        return self.__yaml_dict
-
-    @yaml_dict.setter
-    def yaml_dict(self, value):
-        ''' setter method for yaml_dict '''
-        self.__yaml_dict = value
-
-    @staticmethod
-    def parse_key(key, sep='.'):
-        '''parse the key allowing the appropriate separator'''
-        common_separators = list(Yedit.com_sep - set([sep]))
-        return re.findall(Yedit.re_key.format(''.join(common_separators)), key)
-
-    @staticmethod
-    def valid_key(key, sep='.'):
-        '''validate the incoming key'''
-        common_separators = list(Yedit.com_sep - set([sep]))
-        if not re.match(Yedit.re_valid_key.format(''.join(common_separators)), key):
-            return False
-
-        return True
-
-    # pylint: disable=too-many-return-statements,too-many-branches
-    @staticmethod
-    def remove_entry(data, key, index=None, value=None, sep='.'):
-        ''' remove data at location key '''
-        if key == '' and isinstance(data, dict):
-            if value is not None:
-                data.pop(value)
-            elif index is not None:
-                raise YeditException("remove_entry for a dictionary does not have an index {}".format(index))
-            else:
-                data.clear()
-
-            return True
-
-        elif key == '' and isinstance(data, list):
-            ind = None
-            if value is not None:
-                try:
-                    ind = data.index(value)
-                except ValueError:
-                    return False
-            elif index is not None:
-                ind = index
-            else:
-                del data[:]
-
-            if ind is not None:
-                data.pop(ind)
-
-            return True
-
-        if not (key and Yedit.valid_key(key, sep)) and \
-           isinstance(data, (list, dict)):
-            return None
-
-        key_indexes = Yedit.parse_key(key, sep)
-        for arr_ind, dict_key in key_indexes[:-1]:
-            if dict_key and isinstance(data, dict):
-                data = data.get(dict_key)
-            elif (arr_ind and isinstance(data, list) and
-                  int(arr_ind) <= len(data) - 1):
-                data = data[int(arr_ind)]
-            else:
-                return None
-
-        # process last index for remove
-        # expected list entry
-        if key_indexes[-1][0]:
-            if isinstance(data, list) and int(key_indexes[-1][0]) <= len(data) - 1:  # noqa: E501
-                del data[int(key_indexes[-1][0])]
-                return True
-
-        # expected dict entry
-        elif key_indexes[-1][1]:
-            if isinstance(data, dict):
-                del data[key_indexes[-1][1]]
-                return True
-
-    @staticmethod
-    def add_entry(data, key, item=None, sep='.'):
-        ''' Get an item from a dictionary with key notation a.b.c
-            d = {'a': {'b': 'c'}}}
-            key = a#b
-            return c
-        '''
-        if key == '':
-            pass
-        elif (not (key and Yedit.valid_key(key, sep)) and
-              isinstance(data, (list, dict))):
-            return None
-
-        key_indexes = Yedit.parse_key(key, sep)
-        for arr_ind, dict_key in key_indexes[:-1]:
-            if dict_key:
-                if isinstance(data, dict) and dict_key in data and data[dict_key]:  # noqa: E501
-                    data = data[dict_key]
-                    continue
-
-                elif data and not isinstance(data, dict):
-                    raise YeditException("Unexpected item type found while going through key " +
-                                         "path: {} (at key: {})".format(key, dict_key))
-
-                data[dict_key] = {}
-                data = data[dict_key]
-
-            elif (arr_ind and isinstance(data, list) and
-                  int(arr_ind) <= len(data) - 1):
-                data = data[int(arr_ind)]
-            else:
-                raise YeditException("Unexpected item type found while going through key path: {}".format(key))
-
-        if key == '':
-            data = item
-
-        # process last index for add
-        # expected list entry
-        elif key_indexes[-1][0] and isinstance(data, list) and int(key_indexes[-1][0]) <= len(data) - 1:  # noqa: E501
-            data[int(key_indexes[-1][0])] = item
-
-        # expected dict entry
-        elif key_indexes[-1][1] and isinstance(data, dict):
-            data[key_indexes[-1][1]] = item
-
-        # didn't add/update to an existing list, nor add/update key to a dict
-        # so we must have been provided some syntax like a.b.c[<int>] = "data" for a
-        # non-existent array
-        else:
-            raise YeditException("Error adding to object at path: {}".format(key))
-
-        return data
-
-    @staticmethod
-    def get_entry(data, key, sep='.'):
-        ''' Get an item from a dictionary with key notation a.b.c
-            d = {'a': {'b': 'c'}}}
-            key = a.b
-            return c
-        '''
-        if key == '':
-            pass
-        elif (not (key and Yedit.valid_key(key, sep)) and
-              isinstance(data, (list, dict))):
-            return None
-
-        key_indexes = Yedit.parse_key(key, sep)
-        for arr_ind, dict_key in key_indexes:
-            if dict_key and isinstance(data, dict):
-                data = data.get(dict_key)
-            elif (arr_ind and isinstance(data, list) and
-                  int(arr_ind) <= len(data) - 1):
-                data = data[int(arr_ind)]
-            else:
-                return None
-
-        return data
-
-    @staticmethod
-    def _write(filename, contents):
-        ''' Actually write the file contents to disk. This helps with mocking. '''
-
-        tmp_filename = filename + '.yedit'
-
-        with open(tmp_filename, 'w') as yfd:
-            fcntl.flock(yfd, fcntl.LOCK_EX | fcntl.LOCK_NB)
-            yfd.write(contents)
-            fcntl.flock(yfd, fcntl.LOCK_UN)
-
-        os.rename(tmp_filename, filename)
-
-    def write(self):
-        ''' write to file '''
-        if not self.filename:
-            raise YeditException('Please specify a filename.')
-
-        if self.backup and self.file_exists():
-            shutil.copy(self.filename, '{}{}'.format(self.filename, self.backup_ext))
-
-        # Try to set format attributes if supported
-        try:
-            self.yaml_dict.fa.set_block_style()
-        except AttributeError:
-            pass
-
-        # Try to use RoundTripDumper if supported.
-        if self.content_type == 'yaml':
-            try:
-                Yedit._write(self.filename, yaml.dump(self.yaml_dict, Dumper=yaml.RoundTripDumper))
-            except AttributeError:
-                Yedit._write(self.filename, yaml.safe_dump(self.yaml_dict, default_flow_style=False))
-        elif self.content_type == 'json':
-            Yedit._write(self.filename, json.dumps(self.yaml_dict, indent=4, sort_keys=True))
-        else:
-            raise YeditException('Unsupported content_type: {}.'.format(self.content_type) +
-                                 'Please specify a content_type of yaml or json.')
-
-        return (True, self.yaml_dict)
-
-    def read(self):
-        ''' read from file '''
-        # check if it exists
-        if self.filename is None or not self.file_exists():
-            return None
-
-        contents = None
-        with open(self.filename) as yfd:
-            contents = yfd.read()
-
-        return contents
-
-    def file_exists(self):
-        ''' return whether file exists '''
-        if os.path.exists(self.filename):
-            return True
-
-        return False
-
-    def load(self, content_type='yaml'):
-        ''' return yaml file '''
-        contents = self.read()
-
-        if not contents and not self.content:
-            return None
-
-        if self.content:
-            if isinstance(self.content, dict):
-                self.yaml_dict = self.content
-                return self.yaml_dict
-            elif isinstance(self.content, str):
-                contents = self.content
-
-        # check if it is yaml
-        try:
-            if content_type == 'yaml' and contents:
-                # Try to set format attributes if supported
-                try:
-                    self.yaml_dict.fa.set_block_style()
-                except AttributeError:
-                    pass
-
-                # Try to use RoundTripLoader if supported.
-                try:
-                    self.yaml_dict = yaml.load(contents, yaml.RoundTripLoader)
-                except AttributeError:
-                    self.yaml_dict = yaml.safe_load(contents)
-
-                # Try to set format attributes if supported
-                try:
-                    self.yaml_dict.fa.set_block_style()
-                except AttributeError:
-                    pass
-
-            elif content_type == 'json' and contents:
-                self.yaml_dict = json.loads(contents)
-        except yaml.YAMLError as err:
-            # Error loading yaml or json
-            raise YeditException('Problem with loading yaml file. {}'.format(err))
-
-        return self.yaml_dict
-
-    def get(self, key):
-        ''' get a specified key'''
-        try:
-            entry = Yedit.get_entry(self.yaml_dict, key, self.separator)
-        except KeyError:
-            entry = None
-
-        return entry
-
-    def pop(self, path, key_or_item):
-        ''' remove a key, value pair from a dict or an item for a list'''
-        try:
-            entry = Yedit.get_entry(self.yaml_dict, path, self.separator)
-        except KeyError:
-            entry = None
-
-        if entry is None:
-            return (False, self.yaml_dict)
-
-        if isinstance(entry, dict):
-            # AUDIT:maybe-no-member makes sense due to fuzzy types
-            # pylint: disable=maybe-no-member
-            if key_or_item in entry:
-                entry.pop(key_or_item)
-                return (True, self.yaml_dict)
-            return (False, self.yaml_dict)
-
-        elif isinstance(entry, list):
-            # AUDIT:maybe-no-member makes sense due to fuzzy types
-            # pylint: disable=maybe-no-member
-            ind = None
-            try:
-                ind = entry.index(key_or_item)
-            except ValueError:
-                return (False, self.yaml_dict)
-
-            entry.pop(ind)
-            return (True, self.yaml_dict)
-
-        return (False, self.yaml_dict)
-
-    def delete(self, path, index=None, value=None):
-        ''' remove path from a dict'''
-        try:
-            entry = Yedit.get_entry(self.yaml_dict, path, self.separator)
-        except KeyError:
-            entry = None
-
-        if entry is None:
-            return (False, self.yaml_dict)
-
-        result = Yedit.remove_entry(self.yaml_dict, path, index, value, self.separator)
-        if not result:
-            return (False, self.yaml_dict)
-
-        return (True, self.yaml_dict)
-
-    def exists(self, path, value):
-        ''' check if value exists at path'''
-        try:
-            entry = Yedit.get_entry(self.yaml_dict, path, self.separator)
-        except KeyError:
-            entry = None
-
-        if isinstance(entry, list):
-            if value in entry:
-                return True
-            return False
-
-        elif isinstance(entry, dict):
-            if isinstance(value, dict):
-                rval = False
-                for key, val in value.items():
-                    if entry[key] != val:
-                        rval = False
-                        break
-                else:
-                    rval = True
-                return rval
-
-            return value in entry
-
-        return entry == value
-
-    def append(self, path, value):
-        '''append value to a list'''
-        try:
-            entry = Yedit.get_entry(self.yaml_dict, path, self.separator)
-        except KeyError:
-            entry = None
-
-        if entry is None:
-            self.put(path, [])
-            entry = Yedit.get_entry(self.yaml_dict, path, self.separator)
-        if not isinstance(entry, list):
-            return (False, self.yaml_dict)
-
-        # AUDIT:maybe-no-member makes sense due to loading data from
-        # a serialized format.
-        # pylint: disable=maybe-no-member
-        entry.append(value)
-        return (True, self.yaml_dict)
-
-    # pylint: disable=too-many-arguments
-    def update(self, path, value, index=None, curr_value=None):
-        ''' put path, value into a dict '''
-        try:
-            entry = Yedit.get_entry(self.yaml_dict, path, self.separator)
-        except KeyError:
-            entry = None
-
-        if isinstance(entry, dict):
-            # AUDIT:maybe-no-member makes sense due to fuzzy types
-            # pylint: disable=maybe-no-member
-            if not isinstance(value, dict):
-                raise YeditException('Cannot replace key, value entry in dict with non-dict type. ' +
-                                     'value=[{}] type=[{}]'.format(value, type(value)))
-
-            entry.update(value)
-            return (True, self.yaml_dict)
-
-        elif isinstance(entry, list):
-            # AUDIT:maybe-no-member makes sense due to fuzzy types
-            # pylint: disable=maybe-no-member
-            ind = None
-            if curr_value:
-                try:
-                    ind = entry.index(curr_value)
-                except ValueError:
-                    return (False, self.yaml_dict)
-
-            elif index is not None:
-                ind = index
-
-            if ind is not None and entry[ind] != value:
-                entry[ind] = value
-                return (True, self.yaml_dict)
-
-            # see if it exists in the list
-            try:
-                ind = entry.index(value)
-            except ValueError:
-                # doesn't exist, append it
-                entry.append(value)
-                return (True, self.yaml_dict)
-
-            # already exists, return
-            if ind is not None:
-                return (False, self.yaml_dict)
-        return (False, self.yaml_dict)
-
-    def put(self, path, value):
-        ''' put path, value into a dict '''
-        try:
-            entry = Yedit.get_entry(self.yaml_dict, path, self.separator)
-        except KeyError:
-            entry = None
-
-        if entry == value:
-            return (False, self.yaml_dict)
-
-        # deepcopy didn't work
-        # Try to use ruamel.yaml and fallback to pyyaml
-        try:
-            tmp_copy = yaml.load(yaml.round_trip_dump(self.yaml_dict,
-                                                      default_flow_style=False),
-                                 yaml.RoundTripLoader)
-        except AttributeError:
-            tmp_copy = copy.deepcopy(self.yaml_dict)
-
-        # set the format attributes if available
-        try:
-            tmp_copy.fa.set_block_style()
-        except AttributeError:
-            pass
-
-        result = Yedit.add_entry(tmp_copy, path, value, self.separator)
-        if result is None:
-            return (False, self.yaml_dict)
-
-        # When path equals "" it is a special case.
-        # "" refers to the root of the document
-        # Only update the root path (entire document) when its a list or dict
-        if path == '':
-            if isinstance(result, list) or isinstance(result, dict):
-                self.yaml_dict = result
-                return (True, self.yaml_dict)
-
-            return (False, self.yaml_dict)
-
-        self.yaml_dict = tmp_copy
-
-        return (True, self.yaml_dict)
-
-    def create(self, path, value):
-        ''' create a yaml file '''
-        if not self.file_exists():
-            # deepcopy didn't work
-            # Try to use ruamel.yaml and fallback to pyyaml
-            try:
-                tmp_copy = yaml.load(yaml.round_trip_dump(self.yaml_dict,
-                                                          default_flow_style=False),
-                                     yaml.RoundTripLoader)
-            except AttributeError:
-                tmp_copy = copy.deepcopy(self.yaml_dict)
-
-            # set the format attributes if available
-            try:
-                tmp_copy.fa.set_block_style()
-            except AttributeError:
-                pass
-
-            result = Yedit.add_entry(tmp_copy, path, value, self.separator)
-            if result is not None:
-                self.yaml_dict = tmp_copy
-                return (True, self.yaml_dict)
-
-        return (False, self.yaml_dict)
-
-    @staticmethod
-    def get_curr_value(invalue, val_type):
-        '''return the current value'''
-        if invalue is None:
-            return None
-
-        curr_value = invalue
-        if val_type == 'yaml':
-            curr_value = yaml.safe_load(str(invalue))
-        elif val_type == 'json':
-            curr_value = json.loads(invalue)
-
-        return curr_value
-
-    @staticmethod
-    def parse_value(inc_value, vtype=''):
-        '''determine value type passed'''
-        true_bools = ['y', 'Y', 'yes', 'Yes', 'YES', 'true', 'True', 'TRUE',
-                      'on', 'On', 'ON', ]
-        false_bools = ['n', 'N', 'no', 'No', 'NO', 'false', 'False', 'FALSE',
-                       'off', 'Off', 'OFF']
-
-        # It came in as a string but you didn't specify value_type as string
-        # we will convert to bool if it matches any of the above cases
-        if isinstance(inc_value, str) and 'bool' in vtype:
-            if inc_value not in true_bools and inc_value not in false_bools:
-                raise YeditException('Not a boolean type. str=[{}] vtype=[{}]'.format(inc_value, vtype))
-        elif isinstance(inc_value, bool) and 'str' in vtype:
-            inc_value = str(inc_value)
-
-        # There is a special case where '' will turn into None after yaml loading it so skip
-        if isinstance(inc_value, str) and inc_value == '':
-            pass
-        # If vtype is not str then go ahead and attempt to yaml load it.
-        elif isinstance(inc_value, str) and 'str' not in vtype:
-            try:
-                inc_value = yaml.safe_load(inc_value)
-            except Exception:
-                raise YeditException('Could not determine type of incoming value. ' +
-                                     'value=[{}] vtype=[{}]'.format(type(inc_value), vtype))
-
-        return inc_value
-
-    @staticmethod
-    def process_edits(edits, yamlfile):
-        '''run through a list of edits and process them one-by-one'''
-        results = []
-        for edit in edits:
-            value = Yedit.parse_value(edit['value'], edit.get('value_type', ''))
-            if edit.get('action') == 'update':
-                # pylint: disable=line-too-long
-                curr_value = Yedit.get_curr_value(
-                    Yedit.parse_value(edit.get('curr_value')),
-                    edit.get('curr_value_format'))
-
-                rval = yamlfile.update(edit['key'],
-                                       value,
-                                       edit.get('index'),
-                                       curr_value)
-
-            elif edit.get('action') == 'append':
-                rval = yamlfile.append(edit['key'], value)
-
-            else:
-                rval = yamlfile.put(edit['key'], value)
-
-            if rval[0]:
-                results.append({'key': edit['key'], 'edit': rval[1]})
-
-        return {'changed': len(results) > 0, 'results': results}
-
-    # pylint: disable=too-many-return-statements,too-many-branches
-    @staticmethod
-    def run_ansible(params):
-        '''perform the idempotent crud operations'''
-        yamlfile = Yedit(filename=params['src'],
-                         backup=params['backup'],
-                         content_type=params['content_type'],
-                         backup_ext=params['backup_ext'],
-                         separator=params['separator'])
-
-        state = params['state']
-
-        if params['src']:
-            rval = yamlfile.load()
-
-            if yamlfile.yaml_dict is None and state != 'present':
-                return {'failed': True,
-                        'msg': 'Error opening file [{}].  Verify that the '.format(params['src']) +
-                               'file exists, that it is has correct permissions, and is valid yaml.'}
-
-        if state == 'list':
-            if params['content']:
-                content = Yedit.parse_value(params['content'], params['content_type'])
-                yamlfile.yaml_dict = content
-
-            if params['key']:
-                rval = yamlfile.get(params['key'])
-
-            return {'changed': False, 'result': rval, 'state': state}
-
-        elif state == 'absent':
-            if params['content']:
-                content = Yedit.parse_value(params['content'], params['content_type'])
-                yamlfile.yaml_dict = content
-
-            if params['update']:
-                rval = yamlfile.pop(params['key'], params['value'])
-            else:
-                rval = yamlfile.delete(params['key'], params['index'], params['value'])
-
-            if rval[0] and params['src']:
-                yamlfile.write()
-
-            return {'changed': rval[0], 'result': rval[1], 'state': state}
-
-        elif state == 'present':
-            # check if content is different than what is in the file
-            if params['content']:
-                content = Yedit.parse_value(params['content'], params['content_type'])
-
-                # We had no edits to make and the contents are the same
-                if yamlfile.yaml_dict == content and \
-                   params['value'] is None:
-                    return {'changed': False, 'result': yamlfile.yaml_dict, 'state': state}
-
-                yamlfile.yaml_dict = content
-
-            # If we were passed a key, value then
-            # we enapsulate it in a list and process it
-            # Key, Value passed to the module : Converted to Edits list #
-            edits = []
-            _edit = {}
-            if params['value'] is not None:
-                _edit['value'] = params['value']
-                _edit['value_type'] = params['value_type']
-                _edit['key'] = params['key']
-
-                if params['update']:
-                    _edit['action'] = 'update'
-                    _edit['curr_value'] = params['curr_value']
-                    _edit['curr_value_format'] = params['curr_value_format']
-                    _edit['index'] = params['index']
-
-                elif params['append']:
-                    _edit['action'] = 'append'
-
-                edits.append(_edit)
-
-            elif params['edits'] is not None:
-                edits = params['edits']
-
-            if edits:
-                results = Yedit.process_edits(edits, yamlfile)
-
-                # if there were changes and a src provided to us we need to write
-                if results['changed'] and params['src']:
-                    yamlfile.write()
-
-                return {'changed': results['changed'], 'result': results['results'], 'state': state}
-
-            # no edits to make
-            if params['src']:
-                # pylint: disable=redefined-variable-type
-                rval = yamlfile.write()
-                return {'changed': rval[0],
-                        'result': rval[1],
-                        'state': state}
-
-            # We were passed content but no src, key or value, or edits.  Return contents in memory
-            return {'changed': False, 'result': yamlfile.yaml_dict, 'state': state}
-        return {'failed': True, 'msg': 'Unkown state passed'}

roles/lib_utils/src/doc/generated

@@ -1,9 +0,0 @@
-#!/usr/bin/env python
-# pylint: disable=missing-docstring
-#     ___ ___ _  _ ___ ___    _ _____ ___ ___
-#    / __| __| \| | __| _ \  /_\_   _| __|   \
-#   | (_ | _|| .` | _||   / / _ \| | | _|| |) |
-#    \___|___|_|\_|___|_|_\/_/_\_\_|_|___|___/_ _____
-#   |   \ / _ \  | \| |/ _ \_   _| | __|   \_ _|_   _|
-#   | |) | (_) | | .` | (_) || |   | _|| |) | |  | |
-#   |___/ \___/  |_|\_|\___/ |_|   |___|___/___| |_|

roles/lib_utils/src/doc/license

@@ -1,16 +0,0 @@
-#
-# Copyright 2016 Red Hat, Inc. and/or its affiliates
-# and other contributors as indicated by the @author tags.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#    http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#

roles/lib_utils/src/doc/yedit

@@ -1,160 +0,0 @@
-# flake8: noqa
-# pylint: skip-file
-
-DOCUMENTATION = '''
----
-module: yedit
-short_description: Create, modify, and idempotently manage yaml files.
-description:
-  - Modify yaml files programmatically.
-options:
-  state:
-    description:
-    - State represents whether to create, modify, delete, or list yaml
-    required: true
-    default: present
-    choices: ["present", "absent", "list"]
-    aliases: []
-  debug:
-    description:
-    - Turn on debug information.
-    required: false
-    default: false
-    aliases: []
-  src:
-    description:
-    - The file that is the target of the modifications.
-    required: false
-    default: None
-    aliases: []
-  content:
-    description:
-    - Content represents the yaml content you desire to work with.  This
-    - could be the file contents to write or the inmemory data to modify.
-    required: false
-    default: None
-    aliases: []
-  content_type:
-    description:
-    - The python type of the content parameter.
-    required: false
-    default: 'dict'
-    aliases: []
-  key:
-    description:
-    - The path to the value you wish to modify. Emtpy string means the top of
-    - the document.
-    required: false
-    default: ''
-    aliases: []
-  value:
-    description:
-    - The incoming value of parameter 'key'.
-    required: false
-    default:
-    aliases: []
-  value_type:
-    description:
-    - The python type of the incoming value.
-    required: false
-    default: ''
-    aliases: []
-  update:
-    description:
-    - Whether the update should be performed on a dict/hash or list/array
-    - object.
-    required: false
-    default: false
-    aliases: []
-  append:
-    description:
-    - Whether to append to an array/list. When the key does not exist or is
-    - null, a new array is created. When the key is of a non-list type,
-    - nothing is done.
-    required: false
-    default: false
-    aliases: []
-  index:
-    description:
-    - Used in conjunction with the update parameter.  This will update a
-    - specific index in an array/list.
-    required: false
-    default: false
-    aliases: []
-  curr_value:
-    description:
-    - Used in conjunction with the update parameter.  This is the current
-    - value of 'key' in the yaml file.
-    required: false
-    default: false
-    aliases: []
-  curr_value_format:
-    description:
-    - Format of the incoming current value.
-    choices: ["yaml", "json", "str"]
-    required: false
-    default: false
-    aliases: []
-  backup_ext:
-    description:
-    - The backup file's appended string.
-    required: false
-    default: .orig
-    aliases: []
-  backup:
-    description:
-    - Whether to make a backup copy of the current file when performing an
-    - edit.
-    required: false
-    default: true
-    aliases: []
-  separator:
-    description:
-    - The separator being used when parsing strings.
-    required: false
-    default: '.'
-    aliases: []
-author:
-- "Kenny Woodson <kwoodson@redhat.com>"
-extends_documentation_fragment: []
-'''
-
-EXAMPLES = '''
-# Simple insert of key, value
-- name: insert simple key, value
-  yedit:
-    src: somefile.yml
-    key: test
-    value: somevalue
-    state: present
-# Results:
-# test: somevalue
-
-# Multilevel insert of key, value
-- name: insert simple key, value
-  yedit:
-    src: somefile.yml
-    key: a#b#c
-    value: d
-    state: present
-# Results:
-# a:
-#   b:
-#     c: d
-#
-# multiple edits at the same time
-- name: perform multiple edits
-  yedit:
-    src: somefile.yml
-    edits:
-    - key: a#b#c
-      value: d
-    - key: a#b#c#d
-      value: e
-    state: present
-# Results:
-# a:
-#   b:
-#     c:
-#       d: e
-'''

roles/lib_utils/src/generate.py

@@ -1,110 +0,0 @@
-#!/usr/bin/env python
-'''
-  Generate the openshift-ansible/roles/lib_openshift_cli/library/ modules.
-'''
-
-import argparse
-import os
-import yaml
-import six
-
-OPENSHIFT_ANSIBLE_PATH = os.path.dirname(os.path.realpath(__file__))
-OPENSHIFT_ANSIBLE_SOURCES_PATH = os.path.join(OPENSHIFT_ANSIBLE_PATH, 'sources.yml')  # noqa: E501
-LIBRARY = os.path.join(OPENSHIFT_ANSIBLE_PATH, '..', 'library/')
-
-
-class GenerateAnsibleException(Exception):
-    '''General Exception for generate function'''
-    pass
-
-
-def parse_args():
-    '''parse arguments to generate'''
-    parser = argparse.ArgumentParser(description="Generate ansible modules.")
-    parser.add_argument('--verify', action='store_true', default=False,
-                        help='Verify library code matches the generated code.')
-
-    return parser.parse_args()
-
-
-def fragment_banner(fragment_path, side, data):
-    """Generate a banner to wrap around file fragments
-
-:param string fragment_path: A path to a module fragment
-:param string side: ONE OF: "header", "footer"
-:param StringIO data: A StringIO object to write the banner to
-"""
-    side_msg = {
-        "header": "Begin included fragment: {}",
-        "footer": "End included fragment: {}"
-    }
-    annotation = side_msg[side].format(fragment_path)
-
-    banner = """
-# -*- -*- -*- {} -*- -*- -*-
-""".format(annotation)
-
-    # Why skip?
-    #
-    # * 'generated' - This is the head of the script, we don't want to
-    #   put comments before the #!shebang
-    #
-    # * 'license' - Wrapping this just seemed like gratuitous extra
-    if ("generated" not in fragment_path) and ("license" not in fragment_path):
-        data.write(banner)
-
-    # Make it self-contained testable
-    return banner
-
-
-def generate(parts):
-    '''generate the source code for the ansible modules
-
-:param Array parts: An array of paths (strings) to module fragments
-    '''
-
-    data = six.StringIO()
-    for fpart in parts:
-        # first line is pylint disable so skip it
-        with open(os.path.join(OPENSHIFT_ANSIBLE_PATH, fpart)) as pfd:
-            fragment_banner(fpart, "header", data)
-            for idx, line in enumerate(pfd):
-                if idx in [0, 1] and 'flake8: noqa' in line or 'pylint: skip-file' in line:  # noqa: E501
-                    continue
-
-                data.write(line)
-
-            fragment_banner(fpart, "footer", data)
-    return data
-
-
-def get_sources():
-    '''return the path to the generate sources'''
-    return yaml.load(open(OPENSHIFT_ANSIBLE_SOURCES_PATH).read())
-
-
-def verify():
-    '''verify if the generated code matches the library code'''
-    for fname, parts in get_sources().items():
-        data = generate(parts)
-        fname = os.path.join(LIBRARY, fname)
-        if not open(fname).read() == data.getvalue():
-            raise GenerateAnsibleException('Generated content does not match for %s' % fname)
-
-
-def main():
-    ''' combine the necessary files to create the ansible module '''
-    args = parse_args()
-    if args.verify:
-        verify()
-
-    for fname, parts in get_sources().items():
-        data = generate(parts)
-        fname = os.path.join(LIBRARY, fname)
-        with open(fname, 'w') as afd:
-            afd.seek(0)
-            afd.write(data.getvalue())
-
-
-if __name__ == '__main__':
-    main()

roles/lib_utils/src/lib/import.py

@@ -1,21 +0,0 @@
-# flake8: noqa
-# pylint: skip-file
-
-# pylint: disable=wrong-import-order,wrong-import-position,unused-import
-
-from __future__ import print_function  # noqa: F401
-import copy  # noqa: F401
-import fcntl  # noqa: F401
-import json   # noqa: F401
-import os  # noqa: F401
-import re  # noqa: F401
-import shutil  # noqa: F401
-import tempfile  # noqa: F401
-import time  # noqa: F401
-
-try:
-    import ruamel.yaml as yaml  # noqa: F401
-except ImportError:
-    import yaml  # noqa: F401
-
-from ansible.module_utils.basic import AnsibleModule

roles/lib_utils/src/sources.yml

@@ -1,8 +0,0 @@
----
-yedit.py:
-- doc/generated
-- doc/license
-- lib/import.py
-- doc/yedit
-- class/yedit.py
-- ansible/yedit.py

roles/lib_utils/src/test/generate-and-run-tests.sh

@@ -1,42 +0,0 @@
-#!/bin/bash -e
-
-
-# Put us in the same dir as the script.
-cd $(dirname $0)
-
-echo
-echo "Running lib_openshift generate"
-echo "------------------------------"
-../generate.py
-
-
-echo
-echo "Running lib_utils Unit Tests"
-echo "----------------------------"
-cd unit
-
-for test in *.py; do
-    echo
-    echo "--------------------------------------------------------------------------------"
-    echo
-    echo "Running $test..."
-    ./$test
-done
-
-
-echo
-echo "Running lib_utils Integration Tests"
-echo "-----------------------------------"
-cd ../integration
-
-for test in *.yml; do
-    echo
-    echo "--------------------------------------------------------------------------------"
-    echo
-    echo "Running $test..."
-    ./$test -vvv
-done
-
-# Clean up this damn file
-# TODO: figure out why this is being written and clean it up.
-rm kube-manager-test.yaml

roles/lib_utils/src/test/integration/files/kube-manager.yaml

@@ -1,39 +0,0 @@
----
-apiVersion: v1
-kind: Pod
-metadata:
-  name: kube-controller-manager
-  namespace: kube-system
-spec:
-  hostNetwork: true
-  containers:
-  - name: kube-controller-manager
-    image: openshift/kube:v1.0.0
-    command:
-    - /hyperkube
-    - controller-manager
-    - --master=http://127.0.0.1:8080
-    - --leader-elect=true
-    - --service-account-private-key-file=/etc/kubernetes/ssl/apiserver-key.pem
-    - --root-ca-file=/etc/kubernetes/ssl/ca.pem
-    livenessProbe:
-      httpGet:
-        host: 127.0.0.1
-        path: /healthz
-        port: 10252
-      initialDelaySeconds: 15
-      timeoutSeconds: 1
-    volumeMounts:
-    - mountPath: /etc/kubernetes/ssl
-      name: ssl-certs-kubernetes
-      readOnly: true
-    - mountPath: /etc/ssl/certs
-      name: ssl-certs-host
-      readOnly: true
-  volumes:
-  - hostPath:
-      path: /etc/kubernetes/ssl
-    name: ssl-certs-kubernetes
-  - hostPath:
-      path: /usr/share/ca-certificates
-    name: ssl-certs-host

roles/lib_utils/src/test/integration/yedit.yml

@@ -1,334 +0,0 @@
-#!/usr/bin/ansible-playbook --module-path=../../../library/
-#
-# Yedit test so that we can quickly determine if features are working
-# Ensure that the kube-manager.yaml file exists
-#
-# ./yedit_test.yml
-#
----
-- hosts: localhost
-  gather_facts: no
-  vars:
-    test_file: kube-manager-test.yaml
-    test: test
-
-  post_tasks:
-  - name: copy the kube-manager.yaml file so that we have a pristine copy each time
-    copy:
-      src: kube-manager.yaml
-      dest: "./{{ test_file }}"
-    changed_when: False
-
-  ####### add key to top level #####
-  - name: add a key at the top level
-    yedit:
-      src: "{{ test_file }}"
-      key: yedittest
-      value: yedittest
-
-  - name: retrieve the inserted key
-    yedit:
-      src: "{{ test_file }}"
-      state: list
-      key: yedittest
-    register: results
-
-  - name: Assert that key is at top level
-    assert:
-      that: results.result == 'yedittest'
-      msg: 'Test: add a key to top level failed.  yedittest != [{{ results.result }}]'
-  ###### end add key to top level #####
-
-  ###### modify multilevel key, value #####
-  - name: modify multilevel key, value
-    yedit:
-      src: "{{ test_file }}"
-      key: metadata-namespace
-      value: openshift-is-awesome
-      separator: '-'
-
-  - name: retrieve the inserted key
-    yedit:
-      src: "{{ test_file }}"
-      state: list
-      key: metadata-namespace
-      separator: '-'
-    register: results
-
-  - name: Assert that key is as expected
-    assert:
-      that: results.result == 'openshift-is-awesome'
-      msg: 'Test: multilevel key, value modification:  openshift-is-awesome != [{{ results.result }}]'
-  ###### end modify multilevel key, value #####
-
-  ###### test a string boolean #####
-  - name: test a string boolean
-    yedit:
-      src: "{{ test_file }}"
-      key: spec.containers[0].volumeMounts[1].readOnly
-      value: 'true'
-      value_type: str
-
-  - name: retrieve the inserted key
-    yedit:
-      src: "{{ test_file }}"
-      state: list
-      key: spec.containers[0].volumeMounts[1].readOnly
-    register: results
-
-  - name: Assert that key is a string
-    assert:
-      that: results.result == "true"
-      msg: "Test: boolean str:  'true' != [{{ results.result }}]"
-
-  - name: Assert that key is not bool
-    assert:
-      that: results.result != true
-      msg: "Test: boolean str:  true != [{{ results.result }}]"
-  ###### end test boolean string #####
-
-  ###### test array append #####
-  - name: test array append
-    yedit:
-      src: "{{ test_file }}"
-      key: spec.containers[0].command
-      value: --my-new-parameter=openshift
-      append: True
-
-  - name: retrieve the array
-    yedit:
-      src: "{{ test_file }}"
-      state: list
-      key: spec.containers[0].command
-    register: results
-
-  - name: Assert that the last element in array is our value
-    assert:
-      that: results.result[-1] == "--my-new-parameter=openshift"
-      msg: "Test: '--my-new-parameter=openshift' != [{{ results.result[-1] }}]"
-  ###### end test array append #####
-
-  ###### test non-existing array append #####
-  - name: test array append to non-existing key
-    yedit:
-      src: "{{ test_file }}"
-      key: nonexistingkey
-      value: --my-new-parameter=openshift
-      append: True
-
-  - name: retrieve the array
-    yedit:
-      src: "{{ test_file }}"
-      state: list
-      key: nonexistingkey
-    register: results
-
-  - name: Assert that the last element in array is our value
-    assert:
-      that: results.result[-1] == "--my-new-parameter=openshift"
-      msg: "Test: '--my-new-parameter=openshift' != [{{ results.result[-1] }}]"
-  ###### end test non-existing array append #####
-
-  ###### test array update modify #####
-  - name: test array update modify
-    yedit:
-      src: "{{ test_file }}"
-      key: spec.containers[0].command
-      value: --root-ca-file=/etc/k8s/ssl/my.pem
-      curr_value: --root-ca-file=/etc/kubernetes/ssl/ca.pem
-      curr_value_format: str
-      update: True
-
-  - name: retrieve the array
-    yedit:
-      src: "{{ test_file }}"
-      state: list
-      key: spec.containers[0].command
-    register: results
-
-  - name: Assert that the element in array is our value
-    assert:
-      that: results.result[5] == "--root-ca-file=/etc/k8s/ssl/my.pem"
-      msg: "Test: '--root-ca-file=/etc/k8s/ssl/my.pem' != [{{ results.result[5] }}]"
-  ###### end test array update modify#####
-
-  ###### test dict create #####
-  - name: test dict create
-    yedit:
-      src: "{{ test_file }}"
-      key: a.b.c
-      value: d
-
-  - name: retrieve the key
-    yedit:
-      src: "{{ test_file }}"
-      state: list
-      key: a.b.c
-    register: results
-
-  - name: Assert that the key was created
-    assert:
-      that: results.result == "d"
-      msg: "Test: 'd' != [{{ results.result }}]"
-  ###### end test dict create #####
-
-  ###### test create dict value #####
-  - name: test create dict value
-    yedit:
-      src: "{{ test_file }}"
-      key: e.f.g
-      value:
-        h:
-          i:
-            j: k
-
-  - name: retrieve the key
-    yedit:
-      src: "{{ test_file }}"
-      state: list
-      key: e.f.g.h.i.j
-    register: results
-
-  - name: Assert that the key was created
-    assert:
-      that: results.result == "k"
-      msg: "Test: 'k' != [{{ results.result }}]"
-  ###### end test dict create #####
-
-  ###### test create list value #####
-  - name: test create list value
-    yedit:
-      src: "{{ test_file }}"
-      key: z.x.y
-      value:
-      - 1
-      - 2
-      - 3
-
-  - name: retrieve the key
-    yedit:
-      src: "{{ test_file }}"
-      state: list
-      key: z#x#y
-      separator: '#'
-    register: results
-  - debug: var=results
-
-  - name: Assert that the key was created
-    assert:
-      that: results.result == [1, 2, 3]
-      msg: "Test: '[1, 2, 3]' != [{{ results.result }}]"
-  ###### end test create list value #####
-
-  ###### test create multiple list value #####
-  - name: test multiple edits
-    yedit:
-      src: "{{ test_file }}"
-      edits:
-      - key: z.x.y
-        value:
-        - 1
-        - 2
-        - 3
-      - key: z.x.y
-        value: 4
-        action: append
-
-  - name: retrieve the key
-    yedit:
-      src: "{{ test_file }}"
-      state: list
-      key: z#x#y
-      separator: '#'
-    register: results
-  - debug: var=results
-
-  - name: Assert that the key was created
-    assert:
-      that: results.result == [1, 2, 3, 4]
-      msg: "Test: '[1, 2, 3, 4]' != [{{ results.result }}]"
-      ###### end test create multiple list value #####
-
-  ###### test state absent on list item #####
-  - name: test state absent on a list item
-    yedit:
-      state: absent
-      content: ['oranges', 'apples']
-      value: apples
-    register: absentout
-
-  - debug: var=absentout
-  - assert:
-      that:
-      - absentout.result == ['oranges']
-      - absentout.result|length == 1
-
-  - name: test state absent on a list item
-    yedit:
-      state: absent
-      content: ['oranges', 'apples']
-      index: 1
-    register: absentout
-
-  - debug: var=absentout
-  - assert:
-      that:
-      - absentout.result == ['oranges']
-      - absentout.result|length == 1
-      ###### end test state absent on list item ####
-
-
-  ###### test backup ext on filename #####
-  - name: test backup ext on file
-    yedit:
-      state: present
-      src: "{{ test_file }}"
-      key: test
-      backup: true
-      backup_ext: .orig
-      value: "{{ lookup('pipe', 'date +%s') }}"
-
-  - name: second call which should be noop
-    yedit:
-      state: present
-      src: "{{ test_file }}"
-      key: test
-      backup: true
-      value: "{{ lookup('pipe', 'date +%s') }}"
-
-  - name: stat file
-    stat:
-      path: "{{ test_file }}.orig"
-      get_checksum: false
-      get_attributes: false
-      get_mime: false
-    register: statout
-
-  - assert:
-      that:
-      - statout.stat.exists
-
-  - name: set the date string for backup_ext
-    set_fact:
-      date_str: "{{ lookup('pipe', 'date +%s') }}"
-
-  - yedit:
-      state: present
-      src: "{{ test_file }}"
-      key: test
-      backup: true
-      backup_ext: "{{ date_str }}"
-      value: "{{ lookup('pipe', 'date +%s') }}"
-
-  - name: stat file
-    stat:
-      path: "{{ test_file }}{{ date_str }}"
-      get_checksum: false
-      get_attributes: false
-      get_mime: false
-    register: statout
-
-  - assert:
-      that:
-      - statout.stat.exists
-      ###### end test state absent on list item ####

roles/lib_utils/src/test/unit/test_yedit.py

@@ -1,412 +0,0 @@
-'''
- Unit tests for yedit
-'''
-
-import os
-import sys
-import unittest
-import mock
-
-# Removing invalid variable names for tests so that I can
-# keep them brief
-# pylint: disable=invalid-name,no-name-in-module
-# Disable import-error b/c our libraries aren't loaded in jenkins
-# pylint: disable=import-error
-# place yedit in our path
-yedit_path = os.path.join('/'.join(os.path.realpath(__file__).split('/')[:-4]), 'library')  # noqa: E501
-sys.path.insert(0, yedit_path)
-
-from yedit import Yedit, YeditException  # noqa: E402
-
-# pylint: disable=too-many-public-methods
-# Silly pylint, moar tests!
-
-
-class YeditTest(unittest.TestCase):
-    '''
-     Test class for yedit
-    '''
-    data = {'a': 'a',
-            'b': {'c': {'d': [{'e': 'x'}, 'f', 'g']}},
-           }  # noqa: E124
-
-    filename = 'yedit_test.yml'
-
-    def setUp(self):
-        ''' setup method will create a file and set to known configuration '''
-        yed = Yedit(YeditTest.filename)
-        yed.yaml_dict = YeditTest.data
-        yed.write()
-
-    def test_load(self):
-        ''' Testing a get '''
-        yed = Yedit('yedit_test.yml')
-        self.assertEqual(yed.yaml_dict, self.data)
-
-    def test_write(self):
-        ''' Testing a simple write '''
-        yed = Yedit('yedit_test.yml')
-        yed.put('key1', 1)
-        yed.write()
-        self.assertTrue('key1' in yed.yaml_dict)
-        self.assertEqual(yed.yaml_dict['key1'], 1)
-
-    def test_write_x_y_z(self):
-        '''Testing a write of multilayer key'''
-        yed = Yedit('yedit_test.yml')
-        yed.put('x.y.z', 'modified')
-        yed.write()
-        yed.load()
-        self.assertEqual(yed.get('x.y.z'), 'modified')
-
-    def test_delete_a(self):
-        '''Testing a simple delete '''
-        yed = Yedit('yedit_test.yml')
-        yed.delete('a')
-        yed.write()
-        yed.load()
-        self.assertTrue('a' not in yed.yaml_dict)
-
-    def test_delete_b_c(self):
-        '''Testing delete of layered key '''
-        yed = Yedit('yedit_test.yml', separator=':')
-        yed.delete('b:c')
-        yed.write()
-        yed.load()
-        self.assertTrue('b' in yed.yaml_dict)
-        self.assertFalse('c' in yed.yaml_dict['b'])
-
-    def test_create(self):
-        '''Testing a create '''
-        os.unlink(YeditTest.filename)
-        yed = Yedit('yedit_test.yml')
-        yed.create('foo', 'bar')
-        yed.write()
-        yed.load()
-        self.assertTrue('foo' in yed.yaml_dict)
-        self.assertTrue(yed.yaml_dict['foo'] == 'bar')
-
-    def test_create_content(self):
-        '''Testing a create with content '''
-        content = {"foo": "bar"}
-        yed = Yedit("yedit_test.yml", content)
-        yed.write()
-        yed.load()
-        self.assertTrue('foo' in yed.yaml_dict)
-        self.assertTrue(yed.yaml_dict['foo'], 'bar')
-
-    def test_array_insert(self):
-        '''Testing a create with content '''
-        yed = Yedit("yedit_test.yml", separator=':')
-        yed.put('b:c:d[0]', 'inject')
-        self.assertTrue(yed.get('b:c:d[0]') == 'inject')
-
-    def test_array_insert_first_index(self):
-        '''Testing a create with content '''
-        yed = Yedit("yedit_test.yml", separator=':')
-        yed.put('b:c:d[0]', 'inject')
-        self.assertTrue(yed.get('b:c:d[1]') == 'f')
-
-    def test_array_insert_second_index(self):
-        '''Testing a create with content '''
-        yed = Yedit("yedit_test.yml", separator=':')
-        yed.put('b:c:d[0]', 'inject')
-        self.assertTrue(yed.get('b:c:d[2]') == 'g')
-
-    def test_dict_array_dict_access(self):
-        '''Testing a create with content'''
-        yed = Yedit("yedit_test.yml", separator=':')
-        yed.put('b:c:d[0]', [{'x': {'y': 'inject'}}])
-        self.assertTrue(yed.get('b:c:d[0]:[0]:x:y') == 'inject')
-
-    def test_dict_array_dict_replace(self):
-        '''Testing multilevel delete'''
-        yed = Yedit("yedit_test.yml", separator=':')
-        yed.put('b:c:d[0]', [{'x': {'y': 'inject'}}])
-        yed.put('b:c:d[0]:[0]:x:y', 'testing')
-        self.assertTrue('b' in yed.yaml_dict)
-        self.assertTrue('c' in yed.yaml_dict['b'])
-        self.assertTrue('d' in yed.yaml_dict['b']['c'])
-        self.assertTrue(isinstance(yed.yaml_dict['b']['c']['d'], list))
-        self.assertTrue(isinstance(yed.yaml_dict['b']['c']['d'][0], list))
-        self.assertTrue(isinstance(yed.yaml_dict['b']['c']['d'][0][0], dict))
-        self.assertTrue('y' in yed.yaml_dict['b']['c']['d'][0][0]['x'])
-        self.assertTrue(yed.yaml_dict['b']['c']['d'][0][0]['x']['y'] == 'testing')  # noqa: E501
-
-    def test_dict_array_dict_remove(self):
-        '''Testing multilevel delete'''
-        yed = Yedit("yedit_test.yml", separator=':')
-        yed.put('b:c:d[0]', [{'x': {'y': 'inject'}}])
-        yed.delete('b:c:d[0]:[0]:x:y')
-        self.assertTrue('b' in yed.yaml_dict)
-        self.assertTrue('c' in yed.yaml_dict['b'])
-        self.assertTrue('d' in yed.yaml_dict['b']['c'])
-        self.assertTrue(isinstance(yed.yaml_dict['b']['c']['d'], list))
-        self.assertTrue(isinstance(yed.yaml_dict['b']['c']['d'][0], list))
-        self.assertTrue(isinstance(yed.yaml_dict['b']['c']['d'][0][0], dict))
-        self.assertFalse('y' in yed.yaml_dict['b']['c']['d'][0][0]['x'])
-
-    def test_key_exists_in_dict(self):
-        '''Testing exist in dict'''
-        yed = Yedit("yedit_test.yml", separator=':')
-        yed.put('b:c:d[0]', [{'x': {'y': 'inject'}}])
-        self.assertTrue(yed.exists('b:c', 'd'))
-
-    def test_key_exists_in_list(self):
-        '''Testing exist in list'''
-        yed = Yedit("yedit_test.yml", separator=':')
-        yed.put('b:c:d[0]', [{'x': {'y': 'inject'}}])
-        self.assertTrue(yed.exists('b:c:d', [{'x': {'y': 'inject'}}]))
-        self.assertFalse(yed.exists('b:c:d', [{'x': {'y': 'test'}}]))
-
-    def test_update_to_list_with_index(self):
-        '''Testing update to list with index'''
-        yed = Yedit("yedit_test.yml", separator=':')
-        yed.put('x:y:z', [1, 2, 3])
-        yed.update('x:y:z', [5, 6], index=2)
-        self.assertTrue(yed.get('x:y:z') == [1, 2, [5, 6]])
-        self.assertTrue(yed.exists('x:y:z', [5, 6]))
-        self.assertFalse(yed.exists('x:y:z', 4))
-
-    def test_update_to_list_with_curr_value(self):
-        '''Testing update to list with index'''
-        yed = Yedit("yedit_test.yml", separator=':')
-        yed.put('x:y:z', [1, 2, 3])
-        yed.update('x:y:z', [5, 6], curr_value=3)
-        self.assertTrue(yed.get('x:y:z') == [1, 2, [5, 6]])
-        self.assertTrue(yed.exists('x:y:z', [5, 6]))
-        self.assertFalse(yed.exists('x:y:z', 4))
-
-    def test_update_to_list(self):
-        '''Testing update to list'''
-        yed = Yedit("yedit_test.yml", separator=':')
-        yed.put('x:y:z', [1, 2, 3])
-        yed.update('x:y:z', [5, 6])
-        self.assertTrue(yed.get('x:y:z') == [1, 2, 3, [5, 6]])
-        self.assertTrue(yed.exists('x:y:z', [5, 6]))
-        self.assertFalse(yed.exists('x:y:z', 4))
-
-    def test_append_twice_to_list(self):
-        '''Testing append to list'''
-        yed = Yedit("yedit_test.yml", separator=':')
-        yed.put('x:y:z', [1, 2, 3])
-        yed.append('x:y:z', [5, 6])
-        yed.append('x:y:z', [5, 6])
-        self.assertTrue(yed.get('x:y:z') == [1, 2, 3, [5, 6], [5, 6]])
-        self.assertFalse(yed.exists('x:y:z', 4))
-
-    def test_add_item_to_dict(self):
-        '''Testing update to dict'''
-        yed = Yedit("yedit_test.yml", separator=':')
-        yed.put('x:y:z', {'a': 1, 'b': 2})
-        yed.update('x:y:z', {'c': 3, 'd': 4})
-        self.assertTrue(yed.get('x:y:z') == {'a': 1, 'b': 2, 'c': 3, 'd': 4})
-        self.assertTrue(yed.exists('x:y:z', {'c': 3}))
-
-    def test_first_level_dict_with_none_value(self):
-        '''test dict value with none value'''
-        yed = Yedit(content={'a': None}, separator=":")
-        yed.put('a:b:c', 'test')
-        self.assertTrue(yed.get('a:b:c') == 'test')
-        self.assertTrue(yed.get('a:b'), {'c': 'test'})
-
-    def test_adding_yaml_variable(self):
-        '''test dict value with none value'''
-        yed = Yedit("yedit_test.yml", separator=':')
-        yed.put('z:y', '{{test}}')
-        self.assertTrue(yed.get('z:y') == '{{test}}')
-
-    def test_keys_with_underscore(self):
-        '''test dict value with none value'''
-        yed = Yedit("yedit_test.yml", separator=':')
-        yed.put('z_:y_y', {'test': '{{test}}'})
-        self.assertTrue(yed.get('z_:y_y') == {'test': '{{test}}'})
-
-    def test_first_level_array_update(self):
-        '''test update on top level array'''
-        yed = Yedit(content=[{'a': 1}, {'b': 2}, {'b': 3}], separator=':')
-        yed.update('', {'c': 4})
-        self.assertTrue({'c': 4} in yed.get(''))
-
-    def test_first_level_array_delete(self):
-        '''test remove top level key'''
-        yed = Yedit(content=[{'a': 1}, {'b': 2}, {'b': 3}])
-        yed.delete('')
-        self.assertTrue({'b': 3} not in yed.get(''))
-
-    def test_first_level_array_get(self):
-        '''test dict value with none value'''
-        yed = Yedit(content=[{'a': 1}, {'b': 2}, {'b': 3}])
-        yed.get('')
-        self.assertTrue([{'a': 1}, {'b': 2}, {'b': 3}] == yed.yaml_dict)
-
-    def test_pop_list_item(self):
-        '''test dict value with none value'''
-        yed = Yedit(content=[{'a': 1}, {'b': 2}, {'b': 3}], separator=':')
-        yed.pop('', {'b': 2})
-        self.assertTrue([{'a': 1}, {'b': 3}] == yed.yaml_dict)
-
-    def test_pop_list_item_2(self):
-        '''test dict value with none value'''
-        z = list(range(10))
-        yed = Yedit(content=z, separator=':')
-        yed.pop('', 5)
-        z.pop(5)
-        self.assertTrue(z == yed.yaml_dict)
-
-    def test_pop_dict_key(self):
-        '''test dict value with none value'''
-        yed = Yedit(content={'a': {'b': {'c': 1, 'd': 2}}}, separator='#')
-        yed.pop('a#b', 'c')
-        self.assertTrue({'a': {'b': {'d': 2}}} == yed.yaml_dict)
-
-    def test_accessing_path_with_unexpected_objects(self):
-        '''test providing source path objects that differ from current object state'''
-        yed = Yedit(content={'a': {'b': {'c': ['d', 'e']}}})
-        with self.assertRaises(YeditException):
-            yed.put('a.b.c.d', 'x')
-
-    def test_creating_new_objects_with_embedded_list(self):
-        '''test creating new objects with an embedded list in the creation path'''
-        yed = Yedit(content={'a': {'b': 12}})
-        with self.assertRaises(YeditException):
-            yed.put('new.stuff[0].here', 'value')
-
-    def test_creating_new_objects_with_trailing_list(self):
-        '''test creating new object(s) where the final piece is a list'''
-        yed = Yedit(content={'a': {'b': 12}})
-        with self.assertRaises(YeditException):
-            yed.put('new.stuff.here[0]', 'item')
-
-    def test_empty_key_with_int_value(self):
-        '''test editing top level with not list or dict'''
-        yed = Yedit(content={'a': {'b': 12}})
-        result = yed.put('', 'b')
-        self.assertFalse(result[0])
-
-    def test_setting_separator(self):
-        '''test editing top level with not list or dict'''
-        yed = Yedit(content={'a': {'b': 12}})
-        yed.separator = ':'
-        self.assertEqual(yed.separator, ':')
-
-    def test_remove_all(self):
-        '''test removing all data'''
-        data = Yedit.remove_entry({'a': {'b': 12}}, '')
-        self.assertTrue(data)
-
-    def test_remove_dict_entry(self):
-        '''test removing dict entry'''
-        data = {'a': {'b': [{'c': 3, 'd': 4, 'e': 5}]}}
-        results = Yedit.remove_entry(data, 'a.b[0].c')
-        self.assertTrue(results)
-        self.assertEqual(data, {'a': {'b': [{'d': 4, 'e': 5}]}})
-
-    def test_remove_dict_entry_top_all(self):
-        '''test removing dict entry top all'''
-        data = {'a': 1, 'b': 2}
-        results = Yedit.remove_entry(data, '')
-        self.assertTrue(results)
-        self.assertEqual(data, {})
-
-    def test_remove_dict_entry_top(self):
-        '''test removing dict entry top'''
-        data = {'a': 1, 'b': 2}
-        results = Yedit.remove_entry(data, '', value='b')
-        self.assertTrue(results)
-        self.assertEqual(data, {'a': 1})
-
-    def test_remove_list_entry(self):
-        '''test removing list entry'''
-        data = {'a': {'b': [{'c': 3}]}}
-        results = Yedit.remove_entry(data, 'a.b[0]')
-        self.assertTrue(results)
-        self.assertEqual(data, {'a': {'b': []}})
-
-    def test_remove_list_entry_value_top(self):
-        '''test removing top list entry'''
-        data = ['c', 'd', 'e']
-        results = Yedit.remove_entry(data, '', value='d')
-        self.assertTrue(results)
-        self.assertEqual(data, ['c', 'e'])
-
-    def test_remove_list_entry_index_top(self):
-        '''test removing top list entry'''
-        data = ['c', 'd', 'e']
-        results = Yedit.remove_entry(data, '', 2)
-        self.assertTrue(results)
-        self.assertEqual(data, ['c', 'd'])
-
-    def test_remove_list_entry_index(self):
-        '''test removing list entry 1 index'''
-        data = {'a': {'b': ['c', 'd', 'e']}}
-        results = Yedit.remove_entry(data, 'a.b[1]')
-        self.assertTrue(results)
-        self.assertEqual(data, {'a': {'b': ['c', 'e']}})
-
-    def test_parse_value_string_true(self):
-        '''test parse_value'''
-        results = Yedit.parse_value('true', 'str')
-        self.assertEqual(results, 'true')
-
-    def test_parse_value_bool_true(self):
-        '''test parse_value'''
-        results = Yedit.parse_value('true', 'bool')
-        self.assertTrue(results)
-
-    def test_parse_value_bool_exception(self):
-        '''test parse_value'''
-        with self.assertRaises(YeditException):
-            Yedit.parse_value('TTT', 'bool')
-
-    @mock.patch('yedit.Yedit.write')
-    def test_run_ansible_basic(self, mock_write):
-        '''test parse_value'''
-        params = {
-            'src': None,
-            'backup': False,
-            'backup_ext': '',
-            'separator': '.',
-            'state': 'present',
-            'edits': [],
-            'value': None,
-            'key': None,
-            'content': {'a': {'b': {'c': 1}}},
-            'content_type': '',
-        }
-
-        results = Yedit.run_ansible(params)
-
-        mock_write.side_effect = [
-            (True, params['content']),
-        ]
-
-        self.assertFalse(results['changed'])
-
-    @mock.patch('yedit.Yedit.write')
-    def test_run_ansible_and_write(self, mock_write):
-        '''test parse_value'''
-        params = {
-            'src': '/tmp/test',
-            'backup': False,
-            'backup_ext': '',
-            'separator': '.',
-            'state': 'present',
-            'edits': [],
-            'value': None,
-            'key': None,
-            'content': {'a': {'b': {'c': 1}}},
-            'content_type': '',
-        }
-
-        results = Yedit.run_ansible(params)
-
-        mock_write.side_effect = [
-            (True, params['content']),
-        ]
-
-        self.assertTrue(results['changed'])
-
-    def tearDown(self):
-        '''TearDown method'''
-        os.unlink(YeditTest.filename)

roles/openshift_node40/defaults/main.yml

@@ -1,4 +1,10 @@
 ---
+openshift_node_kubeconfig: "{{ lookup('file', kubeconfig_path) | from_yaml }}"
+openshift_node_bootstrap_port: 22623
+openshift_node_bootstrap_machineconfigpool: 'worker'
+openshift_node_bootstrap_server: "{{ openshift_node_kubeconfig.clusters.0.cluster.server.split(':')[0:-1] | join(':') }}:{{ openshift_node_bootstrap_port }}"
+openshift_node_bootstrap_endpoint: "{{ openshift_node_bootstrap_server }}/config/{{ openshift_node_bootstrap_machineconfigpool }}"
+
 openshift_release_image: "registry.svc.ci.openshift.org/openshift/origin-release:v4.0"
 ign_file: "/tmp/bootstrap.ign"
 pull_secret: "{{ files_dir }}/pull-secret"
@@ -10,6 +16,16 @@ openshift_service_type_dict:
 openshift_service_type: "{{ openshift_service_type_dict[openshift_deployment_type] }}"
 
 openshift_node_install_packages:
+  # Packages from old init/base_packages
+  - iproute
+  - dbus-python
+  - PyYAML
+  - libsemanage-python
+  - yum-utils
+  - python-docker-py
+  - systemd-journal-gateway
+  - python-ipaddress
+  # Packages from old roles/container_runtime
   - cri-o
   - cri-tools
   - podman

roles/openshift_node40/meta/main.yml

@@ -11,5 +11,4 @@ galaxy_info:
     - 7
   categories:
   - cloud
-dependencies:
-- role: lib_utils
+dependencies: []

roles/openshift_node40/tasks/config.yml

@@ -1,7 +1,7 @@
 ---
 #### Disable SWAP #####
 # https://docs.openshift.com/container-platform/3.4/admin_guide/overcommit.html#disabling-swap-memory
-# swapoff is a custom module in lib_utils that comments out swap entries in
+# swapoff is a custom module that comments out swap entries in
 # /etc/fstab and runs swapoff -a, if necessary.
 - name: Disable swap
   swapoff: {}
@@ -22,6 +22,23 @@
     state: yes
     persistent: yes
 
+- name: Wait for bootstrap endpoint to show up
+  uri:
+    url: "{{ openshift_node_bootstrap_endpoint }}"
+    validate_certs: false
+  delay: 10
+  retries: 60
+  register: result
+  until:
+  - "'status' in result"
+  - result.status == 200
+
+- name: Fetch bootstrap ignition file locally
+  uri:
+    url: "{{ openshift_node_bootstrap_endpoint }}"
+    dest: "{{ ign_file }}"
+    validate_certs: false
+
 - name: create temp directory
   tempfile:
     state: directory
@@ -32,6 +49,26 @@
     src: "{{ pull_secret }}"
     dest: "{{ tempfile.path }}/pull-secret.json"
 
+- name: Get release image
+  k8s_facts:
+    kubeconfig: "{{ kubeconfig_path }}"
+    kind: ClusterVersion
+    name: version
+  delegate_to: localhost
+  register: clusterversion
+  until:
+  - clusterversion.resources is defined
+  - clusterversion.resources | length > 0
+  - clusterversion.resources[0].status is defined
+  - clusterversion.resources[0].status.desired is defined
+  - clusterversion.resources[0].status.desired.image is defined
+  retries: 36
+  delay: 5
+
+- name: Set openshift_release_image fact
+  set_fact:
+    openshift_release_image: "{{ clusterversion.resources[0].status.desired.image }}"
+
 - name: Pull release image
   command: "podman pull --tls-verify={{ tls_verify }} --authfile {{ tempfile.path }}/pull-secret.json {{ openshift_release_image }}"
 
@@ -39,19 +76,6 @@
   command: "podman run --rm {{ openshift_release_image }} image machine-config-daemon"
   register: release_image_mcd
 
-- name: Copy bootstrap ignition file locally
-  copy:
-    src: "{{ openshift_ignition_file_path }}"
-    dest: "{{ ign_file }}"
-  when: openshift_ignition_file_path is defined
-
-- name: Fetch bootstrap ignition file locally
-  uri:
-    url: "{{ openshift_bootstrap_endpoint }}"
-    dest: "{{ ign_file }}"
-    validate_certs: false
-  when: openshift_bootstrap_endpoint is defined
-
 - block:
   - name: Pull MCD image
     command: "podman pull --tls-verify={{ tls_verify }} --authfile {{ tempfile.path }}/pull-secret.json {{ release_image_mcd.stdout }}"

roles/openshift_node40/tasks/main.yml

@@ -0,0 +1,3 @@
+---
+- include_tasks: install.yml
+- include_tasks: config.yml

roles/rhel_subscribe/README.md

@@ -1,43 +0,0 @@
-RHEL Subscribe
-==============
-
-Subscribes the RHEL servers and add the OpenShift enterprise repos.
-
-Role variables
---------------
-
-**NOTE**: `rhsub_user`/`rhsub_pass` and `rhsub_ak`/`rhsub_orgid` are mutually exclusive:
-* If you want to use user/password to register the instance, it is required to
-configure the `rhsub_user` and `rhsub_pass`.
-* If you want to use an activation key to register the instance, it is required to
-configure the `rhsub_ak` and `rhsub_orgid`.
-
-### `rhsub_user`
-
-Username for the subscription-manager.
-
-### `rhsub_pass`
-
-Password for the subscription-manager.
-
-### `rhsub_ak`
-
-Activation key for the subscription-manager.
-
-### `rhsub_orgid`
-
-Organization ID for the subscription-manager.
-
-### `rhsub_pool`
-
-Name of the pool to attach (optional).
-
-### `rhsub_server`
-
-Custom hostname for the Satellite server (optional).
-
-### `openshift_release`
-
-Version for the OpenShift Container Platform repositories.
-
-Example: `3.6`

roles/rhel_subscribe/defaults/main.yml

@@ -1,2 +0,0 @@
----
-rhsub_pool: 'Red Hat OpenShift Container Platform, Premium*'

roles/rhel_subscribe/meta/main.yml

@@ -1,2 +0,0 @@
----
-dependencies: []

roles/rhel_subscribe/tasks/main.yml

@@ -1,55 +0,0 @@
----
-- fail:
-    msg: "This role is only supported for Red Hat hosts"
-  when: ansible_distribution != 'RedHat'
-
-- name: Install Red Hat Subscription manager
-  yum:
-    name: subscription-manager
-    state: present
-  register: result
-  until: result is succeeded
-
-- name: Is host already registered?
-  command: "subscription-manager version"
-  register: rh_subscribed
-  changed_when: False
-
-- name: Register host using user/password
-  redhat_subscription:
-    username: "{{ rhsub_user }}"
-    password: "{{ rhsub_pass }}"
-  register: rh_subscription
-  until: rh_subscription is succeeded
-  when:
-    - "'not registered' in rh_subscribed.stdout"
-    - rhsub_user is defined
-    - rhsub_pass is defined
-
-- name: Register host using activation key
-  redhat_subscription:
-    activationkey: "{{ rhsub_ak }}"
-    org_id: "{{ rhsub_orgid }}"
-  register: rh_subscription
-  until: rh_subscription is succeeded
-  when:
-    - "'not registered' in rh_subscribed.stdout"
-    - rhsub_ak is defined
-    - rhsub_orgid is defined
-
-- name: Determine if OpenShift Pool Already Attached
-  command: "subscription-manager list --consumed --pool-only --matches '*OpenShift*'"
-  register: openshift_pool_attached
-  changed_when: False
-  ignore_errors: yes
-
-- name: Attach to OpenShift Pool
-  command: "subscription-manager attach --pool {{ rhsub_pool }}"
-  register: openshift_pool_attached
-  changed_when: "'Successfully attached a subscription' in openshift_pool_attached.stdout"
-  when: rhsub_pool not in openshift_pool_attached.stdout
-
-- import_tasks: satellite.yml
-  when:
-    - rhsub_server is defined
-    - rhsub_server

roles/rhel_subscribe/tasks/satellite.yml

@@ -1,5 +0,0 @@
----
-- name: Satellite preparation
-  command: "rpm -Uvh http://{{ rhsub_server }}/pub/katello-ca-consumer-latest.noarch.rpm"
-  args:
-    creates: /etc/rhsm/ca/katello-server-ca.pem

test/aws/scaleup.yml

@@ -1,10 +1,4 @@
 ---
-- name: run the init
-  import_playbook: ../../playbooks/init/main.yml
-  vars:
-    l_init_fact_hosts: "all:!all"
-    l_openshift_version_set_hosts: "all:!all"
-
 - name: create new nodes
   hosts: localhost
   connection: local
@@ -32,6 +26,11 @@
       owner: root
       group: root
       mode: 0644
+  - name: Initialize openshift repos
+    import_role:
+      name: openshift_repos
+    vars:
+      openshift_version: "4.0"
 
 - import_playbook: ../../playbooks/openshift-node/scaleup.yml
 

tox.ini

@@ -1,8 +1,8 @@
 [tox]
 minversion=2.3.1
 envlist =
-    py{27,35}-{flake8,pylint,unit}
-    py27-{yamllint,ansible_syntax,generate_validation}
+    py{27,35}-{flake8,pylint}
+    py27-{yamllint,ansible_syntax}
 skipsdist=True
 skip_missing_interpreters=True