From 8b32150095258de2bc1b25d94d62c96e069ea34f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E2=80=9Cdsoper2=E2=80=9D?= <“dsoper@cisco.com”> Date: Mon, 5 Mar 2018 11:33:27 -0600 Subject: [PATCH 1/2] ucs device type for newer imcs supporting xml sessions --- examples/claim_device.py | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/examples/claim_device.py b/examples/claim_device.py index 8e9fb98a..bc071ec4 100644 --- a/examples/claim_device.py +++ b/examples/claim_device.py @@ -41,12 +41,15 @@ elif device['read_only'] == 'False' or device['read_only'] == 'false': device['read_only'] = False # create device connector object based on device type - if device['device_type'] == 'ucsm' or device['device_type'] == 'ucspe': + if device['device_type'] == 'ucs' or device['device_type'] == 'ucsm' or device['device_type'] == 'ucspe': dc_obj = device_connector.UcsDeviceConnector(device) elif device['device_type'] == 'hx': dc_obj = device_connector.HxDeviceConnector(device) elif device['device_type'] == 'imc': - dc_obj = device_connector.ImcDeviceConnector(device) + # attempt ucs connection and if that doesn't login revert to older imc login + dc_obj = device_connector.UcsDeviceConnector(device) + if not dc_obj.logged_in: + dc_obj = device_connector.ImcDeviceConnector(device) else: result['msg'] += " Unknown device_type %s" % device['device_type'] return_code = 1 From 97c1f0f6cd06448eeb291985d1b2a7755defd54e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E2=80=9Cdsoper2=E2=80=9D?= <“dsoper@cisco.com”> Date: Thu, 24 May 2018 13:42:40 -0500 Subject: [PATCH 2/2] add user changed to function allow hostnames as ips or hostnames six and generic requirement --- examples/add_user.py | 129 ++++++++++++++++++++----------------- examples/example_claim.yml | 4 ++ requirements.txt | 2 +- setup.py | 2 +- 4 files changed, 76 insertions(+), 61 deletions(-) diff --git a/examples/add_user.py b/examples/add_user.py index 2f564265..c3a5dc1e 100644 --- a/examples/add_user.py +++ b/examples/add_user.py @@ -10,6 +10,74 @@ from intersight.apis import iam_end_point_role_api from intersight.apis import iam_permission_api + +def add_user(intersight_api_params, username, user_role='Account Administrator'): + # Create Intersight API instance + # ---------------------- + api_instance = IntersightApiClient( + host=intersight_api_params['api_base_uri'], + private_key=intersight_api_params['api_private_key_file'], + api_key_id=intersight_api_params['api_key_id'], + ) + + # GET Users + users_handle = iam_user_api.IamUserApi(api_instance) + kwargs = dict(filter="Name eq '%s'" % username) + users_result = users_handle.iam_users_get(**kwargs) + + # GET Accounts + accounts_handle = iam_account_api.IamAccountApi(api_instance) + accounts_result = accounts_handle.iam_accounts_get() + + if not users_result.results: + # POST Users with Idpreference + users_body = { + 'Name': username, + 'Idpreference': accounts_result.results[0].idpreferences[0], + } + users_result = users_handle.iam_users_post(users_body) + result['changed'] = True + + # GET Users again + kwargs = dict(filter="Name eq '%s'" % username) + users_result = users_handle.iam_users_get(**kwargs) + + # GET Roles + roles_handle = iam_role_api.IamRoleApi(api_instance) + roles_result = roles_handle.iam_roles_get() + for role in roles_result.results: + if role.name == user_role: + # GET EndPointRoles + end_point_roles_handle = iam_end_point_role_api.IamEndPointRoleApi(api_instance) + endpoint_roles = {} + endpoint_roles['Read-Only'] = 'endpoint-readonly' + endpoint_roles['Account Administrator'] = 'endpoint-admin' + kwargs = dict(filter="RoleType eq '%s'" % endpoint_roles[user_role]) + end_point_roles_result = end_point_roles_handle.iam_end_point_roles_get(**kwargs) + + permissions_handle = iam_permission_api.IamPermissionApi(api_instance) + kwargs = dict(filter="Subject eq '%s'" % users_result.results[0].moid) + permissions_result = permissions_handle.iam_permissions_get(**kwargs) + + permissions_body = { + 'Subject': users_result.results[0].moid, + 'Type': 'User', + 'Account': accounts_result.results[0].account_moid, + 'EndPointRoles': end_point_roles_result.results, + 'Roles': [role], + } + if permissions_result.results: + # PATCH Permissions with EndPointRoles + permissions_result = permissions_handle.iam_permissions_moid_patch(permissions_result.results[0].moid, permissions_body) + else: + # POST Permissions with EndPointRoles + permissions_result = permissions_handle.iam_permissions_post(permissions_body) + break + else: + # for loop completed without finding a role + print("Role not found:", user_role) + + if __name__ == "__main__": result = dict(changed=False) @@ -25,65 +93,8 @@ with open(args.api_params, 'r') as api_file: intersight_api_params = json.load(api_file) - # Create Intersight API instance - # ---------------------- - api_instance = IntersightApiClient( - host=intersight_api_params['api_base_uri'], - private_key=intersight_api_params['api_private_key_file'], - api_key_id=intersight_api_params['api_key_id'], - ) - - # GET Users - users_handle = iam_user_api.IamUserApi(api_instance) - kwargs = dict(filter="Name eq '%s'" % args.id) - users_result = users_handle.iam_users_get(**kwargs) - if users_result.results: - print("User already exists:", args.id) - else: - # GET Accounts - accounts_handle = iam_account_api.IamAccountApi(api_instance) - accounts_result = accounts_handle.iam_accounts_get() - - # POST Users with Idpreference - users_body = { - 'Name': args.id, - 'Idpreference': accounts_result.results[0].idpreferences[0], - } - users_result = users_handle.iam_users_post(users_body) - result['changed'] = True - - # GET Users - kwargs = dict(filter="Name eq '%s'" % args.id) - users_result = users_handle.iam_users_get(**kwargs) - - # GET Roles - roles_handle = iam_role_api.IamRoleApi(api_instance) - roles_result = roles_handle.iam_roles_get() - for role in roles_result.results: - if role.name == args.role: - # GET EndPointRoles - end_point_roles_handle = iam_end_point_role_api.IamEndPointRoleApi(api_instance) - endpoint_roles = {} - endpoint_roles['Read-Only'] = 'endpoint-readonly' - endpoint_roles['Account Administrator'] = 'endpoint-admin' - kwargs = dict(filter="RoleType eq '%s'" % endpoint_roles[args.role]) - end_point_roles_result = end_point_roles_handle.iam_end_point_roles_get(**kwargs) - - # POST Permissions with EndPointRoles - permissions_handle = iam_permission_api.IamPermissionApi(api_instance) - permissions_body = { - 'Subject': users_result.results[0].moid, - 'Type': 'User', - 'Account': accounts_result.results[0].account_moid, - 'EndPointRoles': end_point_roles_result.results, - 'Roles': [role], - } - permissions_result = permissions_handle.iam_permissions_post(permissions_body) - break - else: - # for loop completed without finding a role - print("Role not found:", args.role) - + add_user(intersight_api_params, args.id, args.role) + except Exception as err: print("Exception:", str(err)) import traceback diff --git a/examples/example_claim.yml b/examples/example_claim.yml index 35058e3b..39ff5229 100644 --- a/examples/example_claim.yml +++ b/examples/example_claim.yml @@ -10,6 +10,10 @@ PYTHONPATH: "{{ playbook_dir }}" tasks: # default values that can be overridden in inventory + - name: Set hostname + set_fact: + hostname: "{{ inventory_hostname }}" + when: hostname is not defined - name: Default to no proxy settings set_fact: proxy_host: '' diff --git a/requirements.txt b/requirements.txt index 4c87294b..d3eb9a99 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,6 +1,6 @@ certifi >= 14.05.14 pycrypto >= 2.6.1 -six >= 1.10 +six python_dateutil >= 2.5.3 setuptools >= 21.0.0 urllib3 >= 1.15.1 diff --git a/setup.py b/setup.py index 2dc5ba7e..23ecb472 100644 --- a/setup.py +++ b/setup.py @@ -23,7 +23,7 @@ # prerequisite: setuptools # http://pypi.python.org/pypi/setuptools -REQUIRES = ["urllib3 >= 1.15", "six >= 1.10", "certifi", "python-dateutil", "pycrypto >= 2.6.1", "requests"] +REQUIRES = ["urllib3 >= 1.15", "six", "certifi", "python-dateutil", "pycrypto >= 2.6.1", "requests"] setup( name=NAME,