new file mode 100644

@@ -0,0 +1,35 @@

+# Rudder external inventory script settings

+#

+

+[rudder]

+

+# Your Rudder server API URL, typically:

+# https://rudder.local/rudder/api

+uri = https://rudder.local/rudder/api

+

+# By default, Rudder uses a self-signed certificate. Set this to True

+# to disable certificate validation.

+disable_ssl_certificate_validation = True

+

+# Your Rudder API token, created in the Web interface.

+token = aaabbbccc

+

+# Rudder API version to use, use "latest" for lastest available 

+# version.

+version = latest

+

+# Property to use as group name in the output.

+# Can generally be "id" or "displayName".

+group_name = displayName

+

+# Fail if there are two groups with the same name or two hosts with the

+# same hostname in the output. 

+fail_if_name_collision = True

+

+# We cache the results of Rudder API in a local file

+cache_path = /tmp/ansible-rudder.cache

+

+# The number of seconds a cache file is considered valid. After this many

+# seconds, a new API call will be made, and the cache file will be updated.

+# Set to 0 to disable cache.

+cache_max_age = 500

new file mode 100755

@@ -0,0 +1,302 @@

+#!/usr/bin/env python

+

+# Copyright (c) 2015, Normation SAS

+#

+# Inspired by the EC2 inventory plugin:

+# https://github.com/ansible/ansible/blob/devel/contrib/inventory/ec2.py

+#

+# This file is part of Ansible,

+#

+# Ansible is free software: you can redistribute it and/or modify

+# it under the terms of the GNU General Public License as published by

+# the Free Software Foundation, either version 3 of the License, or

+# (at your option) any later version.

+#

+# Ansible is distributed in the hope that it will be useful,

+# but WITHOUT ANY WARRANTY; without even the implied warranty of

+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

+# GNU General Public License for more details.

+#

+# You should have received a copy of the GNU General Public License

+# along with Ansible.  If not, see <http://www.gnu.org/licenses/>.

+

+######################################################################

+

+'''

+Rudder external inventory script

+=================================

+

+Generates inventory that Ansible can understand by making API request to

+a Rudder server. This script is compatible with Rudder 2.10 or later.

+

+The output JSON includes all your Rudder groups, containing the hostnames of

+their nodes. Groups and nodes have a variable called rudder_group_id and

+rudder_node_id, which is the Rudder internal id of the item, allowing to identify

+them uniquely. Hosts variables also include your node properties, which are

+key => value properties set by the API and specific to each node.

+

+This script assumes there is an rudder.ini file alongside it. To specify a

+different path to rudder.ini, define the RUDDER_INI_PATH environment variable:

+

+    export RUDDER_INI_PATH=/path/to/my_rudder.ini

+

+You have to configure your Rudder server information, either in rudder.ini or

+by overriding it with environment variables:

+

+    export RUDDER_API_VERSION='latest'

+    export RUDDER_API_TOKEN='my_token'

+    export RUDDER_API_URI='https://rudder.local/rudder/api'

+'''

+

+

+import sys

+import os

+import re

+import argparse

+import six

+import httplib2 as http

+from time import time

+from six.moves import configparser

+

+try:

+    from urlparse import urlparse

+except ImportError:

+    from urllib.parse import urlparse

+

+try:

+    import json

+except ImportError:

+    import simplejson as json

+

+

+class RudderInventory(object):

+    def __init__(self):

+        ''' Main execution path '''

+

+        # Empty inventory by default

+        self.inventory = {}

+

+        # Read settings and parse CLI arguments

+        self.read_settings()

+        self.parse_cli_args()

+

+        # Create connection

+        self.conn = http.Http(disable_ssl_certificate_validation=self.disable_ssl_validation)

+

+        # Cache

+        if self.args.refresh_cache:

+            self.update_cache()

+        elif not self.is_cache_valid():

+            self.update_cache()

+        else:

+            self.load_cache()

+

+        data_to_print = {}

+

+        if self.args.host:

+            data_to_print = self.get_host_info(self.args.host)

+        elif self.args.list:

+            data_to_print = self.get_list_info()

+

+        print(self.json_format_dict(data_to_print, True))

+

+    def read_settings(self):

+        ''' Reads the settings from the rudder.ini file '''

+        if six.PY2:

+            config = configparser.SafeConfigParser()

+        else:

+            config = configparser.ConfigParser()

+        rudder_default_ini_path = os.path.join(os.path.dirname(os.path.realpath(__file__)), 'rudder.ini')

+        rudder_ini_path = os.path.expanduser(os.path.expandvars(os.environ.get('RUDDER_INI_PATH', rudder_default_ini_path)))

+        config.read(rudder_ini_path)

+

+        self.token = os.environ.get('RUDDER_API_TOKEN', config.get('rudder', 'token'))

+        self.version = os.environ.get('RUDDER_API_VERSION', config.get('rudder', 'version'))

+        self.uri = os.environ.get('RUDDER_API_URI', config.get('rudder', 'uri'))

+

+        self.disable_ssl_validation = config.getboolean('rudder', 'disable_ssl_certificate_validation')

+        self.group_name = config.get('rudder', 'group_name')

+        self.fail_if_name_collision = config.getboolean('rudder', 'fail_if_name_collision')

+

+        self.cache_path = config.get('rudder', 'cache_path')

+        self.cache_max_age = config.getint('rudder', 'cache_max_age')

+

+    def parse_cli_args(self):

+        ''' Command line argument processing '''

+

+        parser = argparse.ArgumentParser(description='Produce an Ansible Inventory file based on Rudder inventory')

+        parser.add_argument('--list', action='store_true', default=True,

+                            help='List instances (default: True)')

+        parser.add_argument('--host', action='store',

+                            help='Get all the variables about a specific instance')

+        parser.add_argument('--refresh-cache', action='store_true', default=False,

+                            help='Force refresh of cache by making API requests to Rudder (default: False - use cache files)')

+        self.args = parser.parse_args()

+

+    def is_cache_valid(self):

+        ''' Determines if the cache files have expired, or if it is still valid '''

+

+        if os.path.isfile(self.cache_path):

+            mod_time = os.path.getmtime(self.cache_path)

+            current_time = time()

+            if (mod_time + self.cache_max_age) > current_time:

+                return True

+

+        return False

+

+    def load_cache(self):

+        ''' Reads the cache from the cache file sets self.cache '''

+

+        cache = open(self.cache_path, 'r')

+        json_cache = cache.read()

+

+        try:

+            self.inventory = json.loads(json_cache)

+        except ValueError, e:

+            self.fail_with_error('Could not parse JSON response from local cache', 'parsing local cache')

+

+    def write_cache(self):

+        ''' Writes data in JSON format to a file '''

+

+        json_data = self.json_format_dict(self.inventory, True)

+        cache = open(self.cache_path, 'w')

+        cache.write(json_data)

+        cache.close()

+

+    def get_nodes(self):

+        ''' Gets the nodes list from Rudder '''

+

+        path = '/nodes?select=nodeAndPolicyServer'

+        result = self.api_call(path)

+

+        nodes = {}

+

+        for node in result['data']['nodes']:

+            nodes[node['id']] = {}

+            nodes[node['id']]['hostname'] = node['hostname']

+            if 'properties' in node:

+                nodes[node['id']]['properties'] = node['properties']

+            else:

+                nodes[node['id']]['properties'] = []

+

+        return nodes

+

+    def get_groups(self):

+        ''' Gets the groups list from Rudder '''

+

+        path = '/groups'

+        result = self.api_call(path)

+

+        groups = {}

+

+        for group in result['data']['groups']:

+            groups[group['id']] = {'hosts': group['nodeIds'], 'name': self.to_safe(group[self.group_name])}

+

+        return groups

+

+    def update_cache(self):

+        ''' Fetches the inventory information from Rudder and creates the inventory '''

+

+        nodes = self.get_nodes()

+        groups = self.get_groups()

+

+        inventory = {}

+

+        for group in groups:

+            # Check for name collision

+            if self.fail_if_name_collision:

+                if groups[group]['name'] in inventory:

+                    self.fail_with_error('Name collision on groups: "%s" appears twice' % groups[group]['name'], 'creating groups')

+            # Add group to inventory

+            inventory[groups[group]['name']] = {}

+            inventory[groups[group]['name']]['hosts'] = []

+            inventory[groups[group]['name']]['vars'] = {}

+            inventory[groups[group]['name']]['vars']['rudder_group_id'] = group

+            for node in groups[group]['hosts']:

+                # Add node to group

+                inventory[groups[group]['name']]['hosts'].append(nodes[node]['hostname'])

+

+        properties = {}

+

+        for node in nodes:

+            # Check for name collision

+            if self.fail_if_name_collision:

+                if nodes[node]['hostname'] in properties:

+                    self.fail_with_error('Name collision on hosts: "%s" appears twice' % nodes[node]['hostname'], 'creating hosts')

+            # Add node properties to inventory

+            properties[nodes[node]['hostname']] = {}

+            properties[nodes[node]['hostname']]['rudder_node_id'] = node

+            for node_property in nodes[node]['properties']:

+                properties[nodes[node]['hostname']][self.to_safe(node_property['name'])] = node_property['value']

+

+        inventory['_meta'] = {}

+        inventory['_meta']['hostvars'] = properties

+

+        self.inventory = inventory

+

+        if self.cache_max_age > 0:

+            self.write_cache()

+

+    def get_list_info(self):

+        ''' Gets inventory information from local cache '''

+

+        return self.inventory

+

+    def get_host_info(self, hostname):

+        ''' Gets information about a specific host from local cache '''

+

+        if hostname in self.inventory['_meta']['hostvars']:

+            return self.inventory['_meta']['hostvars'][hostname]

+        else:

+            return {}

+

+    def api_call(self, path):

+        ''' Performs an API request '''

+

+        headers = {

+            'X-API-Token': self.token,

+            'X-API-Version': self.version,

+            'Content-Type': 'application/json;charset=utf-8'

+        }

+

+        target = urlparse(self.uri + path)

+        method = 'GET'

+        body = ''

+

+        try:

+            response, content = self.conn.request(target.geturl(), method, body, headers)

+        except:

+            self.fail_with_error('Error connecting to Rudder server')

+

+        try:

+            data = json.loads(content)

+        except ValueError, e:

+            self.fail_with_error('Could not parse JSON response from Rudder API', 'reading API response')

+

+        return data

+

+    def fail_with_error(self, err_msg, err_operation=None):

+        ''' Logs an error to std err for ansible-playbook to consume and exit '''

+        if err_operation:

+            err_msg = 'ERROR: "{err_msg}", while: {err_operation}'.format(

+                err_msg=err_msg, err_operation=err_operation)

+        sys.stderr.write(err_msg)

+        sys.exit(1)

+

+    def json_format_dict(self, data, pretty=False):

+        ''' Converts a dict to a JSON object and dumps it as a formatted

+        string '''

+

+        if pretty:

+            return json.dumps(data, sort_keys=True, indent=2)

+        else:

+            return json.dumps(data)

+

+    def to_safe(self, word):

+        ''' Converts 'bad' characters in a string to underscores so they can be

+        used as Ansible variable names '''

+

+        return re.sub('[^A-Za-z0-9\_]', '_', word)

+

+# Run the script

+RudderInventory()