summaryrefslogtreecommitdiffstats
path: root/collections-debian-merged/ansible_collections/community/grafana/plugins
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-14 20:03:01 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-14 20:03:01 +0000
commita453ac31f3428614cceb99027f8efbdb9258a40b (patch)
treef61f87408f32a8511cbd91799f9cececb53e0374 /collections-debian-merged/ansible_collections/community/grafana/plugins
parentInitial commit. (diff)
downloadansible-upstream.tar.xz
ansible-upstream.zip
Adding upstream version 2.10.7+merged+base+2.10.8+dfsg.upstream/2.10.7+merged+base+2.10.8+dfsgupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'collections-debian-merged/ansible_collections/community/grafana/plugins')
-rw-r--r--collections-debian-merged/ansible_collections/community/grafana/plugins/callback/__init__.py0
-rw-r--r--collections-debian-merged/ansible_collections/community/grafana/plugins/callback/grafana_annotations.py271
-rw-r--r--collections-debian-merged/ansible_collections/community/grafana/plugins/doc_fragments/__init__.py0
-rw-r--r--collections-debian-merged/ansible_collections/community/grafana/plugins/doc_fragments/api_key.py18
-rw-r--r--collections-debian-merged/ansible_collections/community/grafana/plugins/doc_fragments/basic_auth.py52
-rw-r--r--collections-debian-merged/ansible_collections/community/grafana/plugins/lookup/__init__.py0
-rw-r--r--collections-debian-merged/ansible_collections/community/grafana/plugins/lookup/grafana_dashboard.py168
-rw-r--r--collections-debian-merged/ansible_collections/community/grafana/plugins/module_utils/base.py47
-rw-r--r--collections-debian-merged/ansible_collections/community/grafana/plugins/modules/__init__.py0
-rw-r--r--collections-debian-merged/ansible_collections/community/grafana/plugins/modules/grafana_dashboard.py563
-rw-r--r--collections-debian-merged/ansible_collections/community/grafana/plugins/modules/grafana_datasource.py752
-rw-r--r--collections-debian-merged/ansible_collections/community/grafana/plugins/modules/grafana_folder.py274
-rw-r--r--collections-debian-merged/ansible_collections/community/grafana/plugins/modules/grafana_notification_channel.py816
-rw-r--r--collections-debian-merged/ansible_collections/community/grafana/plugins/modules/grafana_plugin.py264
-rw-r--r--collections-debian-merged/ansible_collections/community/grafana/plugins/modules/grafana_team.py335
-rw-r--r--collections-debian-merged/ansible_collections/community/grafana/plugins/modules/grafana_user.py299
16 files changed, 3859 insertions, 0 deletions
diff --git a/collections-debian-merged/ansible_collections/community/grafana/plugins/callback/__init__.py b/collections-debian-merged/ansible_collections/community/grafana/plugins/callback/__init__.py
new file mode 100644
index 00000000..e69de29b
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/grafana/plugins/callback/__init__.py
diff --git a/collections-debian-merged/ansible_collections/community/grafana/plugins/callback/grafana_annotations.py b/collections-debian-merged/ansible_collections/community/grafana/plugins/callback/grafana_annotations.py
new file mode 100644
index 00000000..04b61f25
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/grafana/plugins/callback/grafana_annotations.py
@@ -0,0 +1,271 @@
+# -*- coding: utf-8 -*-
+# This file is part of Ansible
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+
+from __future__ import (absolute_import, division, print_function)
+__metaclass__ = type
+
+DOCUMENTATION = '''
+ name: grafana_annotations
+ type: notification
+ short_description: send ansible events as annotations on charts to grafana over http api.
+ author: "Rémi REY (@rrey)"
+ description:
+ - This callback will report start, failed and stats events to Grafana as annotations (https://grafana.com)
+ requirements:
+ - whitelisting in configuration
+ options:
+ grafana_url:
+ description: Grafana annotations api URL
+ required: True
+ env:
+ - name: GRAFANA_URL
+ ini:
+ - section: callback_grafana_annotations
+ key: grafana_url
+ type: string
+ validate_certs:
+ description: validate the SSL certificate of the Grafana server. (For HTTPS url)
+ env:
+ - name: GRAFANA_VALIDATE_CERT
+ ini:
+ - section: callback_grafana_annotations
+ key: validate_grafana_certs
+ - section: callback_grafana_annotations
+ key: validate_certs
+ default: True
+ type: bool
+ aliases: [ validate_grafana_certs ]
+ http_agent:
+ description: The HTTP 'User-agent' value to set in HTTP requets.
+ env:
+ - name: HTTP_AGENT
+ ini:
+ - section: callback_grafana_annotations
+ key: http_agent
+ default: 'Ansible (grafana_annotations callback)'
+ type: string
+ grafana_api_key:
+ description: Grafana API key, allowing to authenticate when posting on the HTTP API.
+ If not provided, grafana_login and grafana_password will
+ be required.
+ env:
+ - name: GRAFANA_API_KEY
+ ini:
+ - section: callback_grafana_annotations
+ key: grafana_api_key
+ type: string
+ grafana_user:
+ description: Grafana user used for authentication. Ignored if grafana_api_key is provided.
+ env:
+ - name: GRAFANA_USER
+ ini:
+ - section: callback_grafana_annotations
+ key: grafana_user
+ default: ansible
+ type: string
+ grafana_password:
+ description: Grafana password used for authentication. Ignored if grafana_api_key is provided.
+ env:
+ - name: GRAFANA_PASSWORD
+ ini:
+ - section: callback_grafana_annotations
+ key: grafana_password
+ default: ansible
+ type: string
+ grafana_dashboard_id:
+ description: The grafana dashboard id where the annotation shall be created.
+ env:
+ - name: GRAFANA_DASHBOARD_ID
+ ini:
+ - section: callback_grafana_annotations
+ key: grafana_dashboard_id
+ type: integer
+ grafana_panel_ids:
+ description: The grafana panel ids where the annotation shall be created.
+ Give a single integer or a comma-separated list of integers.
+ env:
+ - name: GRAFANA_PANEL_IDS
+ ini:
+ - section: callback_grafana_annotations
+ key: grafana_panel_ids
+ default: []
+ type: list
+'''
+
+import json
+import socket
+import getpass
+from datetime import datetime
+
+from ansible.module_utils._text import to_text
+from ansible.module_utils.urls import open_url
+from ansible.plugins.callback import CallbackBase
+
+
+PLAYBOOK_START_TXT = """\
+Started playbook {playbook}
+
+From '{hostname}'
+By user '{username}'
+"""
+
+PLAYBOOK_ERROR_TXT = """\
+Playbook {playbook} Failure !
+
+From '{hostname}'
+By user '{username}'
+
+'{task}' failed on {host}
+
+debug: {result}
+"""
+
+PLAYBOOK_STATS_TXT = """\
+Playbook {playbook}
+Duration: {duration}
+Status: {status}
+
+From '{hostname}'
+By user '{username}'
+
+Result:
+{summary}
+"""
+
+
+def to_millis(dt):
+ return int(dt.strftime('%s')) * 1000
+
+
+class CallbackModule(CallbackBase):
+ """
+ ansible grafana callback plugin
+ ansible.cfg:
+ callback_plugins = <path_to_callback_plugins_folder>
+ callback_whitelist = grafana_annotations
+ and put the plugin in <path_to_callback_plugins_folder>
+ """
+
+ CALLBACK_VERSION = 2.0
+ CALLBACK_TYPE = 'aggregate'
+ CALLBACK_NAME = 'community.grafana.grafana_annotations'
+ CALLBACK_NEEDS_WHITELIST = True
+
+ def __init__(self, display=None):
+
+ super(CallbackModule, self).__init__(display=display)
+
+ self.headers = {'Content-Type': 'application/json'}
+ self.force_basic_auth = False
+ self.hostname = socket.gethostname()
+ self.username = getpass.getuser()
+ self.start_time = datetime.now()
+ self.errors = 0
+
+ def set_options(self, task_keys=None, var_options=None, direct=None):
+
+ super(CallbackModule, self).set_options(task_keys=task_keys, var_options=var_options, direct=direct)
+
+ self.grafana_api_key = self.get_option('grafana_api_key')
+ self.grafana_url = self.get_option('grafana_url')
+ self.validate_grafana_certs = self.get_option('validate_certs')
+ self.http_agent = self.get_option('http_agent')
+ self.grafana_user = self.get_option('grafana_user')
+ self.grafana_password = self.get_option('grafana_password')
+ self.dashboard_id = self.get_option('grafana_dashboard_id')
+ self.panel_ids = self.get_option('grafana_panel_ids')
+
+ if self.grafana_api_key:
+ self.headers['Authorization'] = "Bearer %s" % self.grafana_api_key
+ else:
+ self.force_basic_auth = True
+
+ if self.grafana_url is None:
+ self.disabled = True
+ self._display.warning('Grafana URL was not provided. The '
+ 'Grafana URL can be provided using '
+ 'the `GRAFANA_URL` environment variable.')
+ self._display.debug('Grafana URL: %s' % self.grafana_url)
+
+ def v2_playbook_on_start(self, playbook):
+ self.playbook = playbook._file_name
+ text = PLAYBOOK_START_TXT.format(playbook=self.playbook, hostname=self.hostname,
+ username=self.username)
+ data = {
+ 'time': to_millis(self.start_time),
+ 'text': text,
+ 'tags': ['ansible', 'ansible_event_start', self.playbook, self.hostname]
+ }
+ self._send_annotation(data)
+
+ def v2_playbook_on_stats(self, stats):
+ end_time = datetime.now()
+ duration = end_time - self.start_time
+ summarize_stat = {}
+ for host in stats.processed.keys():
+ summarize_stat[host] = stats.summarize(host)
+
+ status = "FAILED"
+ if self.errors == 0:
+ status = "OK"
+
+ text = PLAYBOOK_STATS_TXT.format(playbook=self.playbook, hostname=self.hostname,
+ duration=duration.total_seconds(),
+ status=status, username=self.username,
+ summary=json.dumps(summarize_stat))
+
+ data = {
+ 'time': to_millis(self.start_time),
+ 'timeEnd': to_millis(end_time),
+ 'isRegion': True,
+ 'text': text,
+ 'tags': ['ansible', 'ansible_report', self.playbook, self.hostname]
+ }
+ self._send_annotations(data)
+
+ def v2_runner_on_failed(self, result, ignore_errors=False, **kwargs):
+ text = PLAYBOOK_ERROR_TXT.format(playbook=self.playbook, hostname=self.hostname,
+ username=self.username, task=result._task,
+ host=result._host.name, result=self._dump_results(result._result))
+ if ignore_errors:
+ return
+ data = {
+ 'time': to_millis(datetime.now()),
+ 'text': text,
+ 'tags': ['ansible', 'ansible_event_failure', self.playbook, self.hostname]
+ }
+ self.errors += 1
+ self._send_annotations(data)
+
+ def _send_annotations(self, data):
+ if self.dashboard_id:
+ data["dashboardId"] = int(self.dashboard_id)
+ if self.panel_ids:
+ for panel_id in self.panel_ids:
+ data["panelId"] = int(panel_id)
+ self._send_annotation(data)
+ else:
+ self._send_annotation(data)
+
+ def _send_annotation(self, annotation):
+ try:
+ open_url(self.grafana_url, data=json.dumps(annotation), headers=self.headers,
+ method="POST",
+ validate_certs=self.validate_grafana_certs,
+ url_username=self.grafana_user, url_password=self.grafana_password,
+ http_agent=self.http_agent, force_basic_auth=self.force_basic_auth)
+ except Exception as e:
+ self._display.error(u'Could not submit message to Grafana: %s' % to_text(e))
diff --git a/collections-debian-merged/ansible_collections/community/grafana/plugins/doc_fragments/__init__.py b/collections-debian-merged/ansible_collections/community/grafana/plugins/doc_fragments/__init__.py
new file mode 100644
index 00000000..e69de29b
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/grafana/plugins/doc_fragments/__init__.py
diff --git a/collections-debian-merged/ansible_collections/community/grafana/plugins/doc_fragments/api_key.py b/collections-debian-merged/ansible_collections/community/grafana/plugins/doc_fragments/api_key.py
new file mode 100644
index 00000000..ffea714e
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/grafana/plugins/doc_fragments/api_key.py
@@ -0,0 +1,18 @@
+# -*- coding: utf-8 -*-
+# Copyright: (c) 2019, Rémi REY (@rrey)
+# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt)
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+
+class ModuleDocFragment(object):
+
+ DOCUMENTATION = r'''options:
+ grafana_api_key:
+ description:
+ - The Grafana API key.
+ - If set, C(url_username) and C(url_password) will be ignored.
+ type: str
+ '''
diff --git a/collections-debian-merged/ansible_collections/community/grafana/plugins/doc_fragments/basic_auth.py b/collections-debian-merged/ansible_collections/community/grafana/plugins/doc_fragments/basic_auth.py
new file mode 100644
index 00000000..8c41acdb
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/grafana/plugins/doc_fragments/basic_auth.py
@@ -0,0 +1,52 @@
+# -*- coding: utf-8 -*-
+# Copyright: (c) 2019, Rémi REY (@rrey)
+# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt)
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+
+class ModuleDocFragment(object):
+
+ DOCUMENTATION = r'''options:
+ url:
+ description:
+ - The Grafana URL.
+ required: true
+ type: str
+ aliases: [ grafana_url ]
+ url_username:
+ description:
+ - The Grafana user for API authentication.
+ default: admin
+ type: str
+ aliases: [ grafana_user ]
+ url_password:
+ description:
+ - The Grafana password for API authentication.
+ default: admin
+ type: str
+ aliases: [ grafana_password ]
+ use_proxy:
+ description:
+ - If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
+ type: bool
+ default: yes
+ client_cert:
+ description:
+ - PEM formatted certificate chain file to be used for SSL client authentication.
+ - This file can also include the key as well, and if the key is included, I(client_key) is not required
+ type: path
+ client_key:
+ description:
+ - PEM formatted file that contains your private key to be used for SSL client authentication.
+ - If I(client_cert) contains both the certificate and key, this option is not required.
+ type: path
+ validate_certs:
+ description:
+ - If C(no), SSL certificates will not be validated.
+ - This should only set to C(no) used on personally controlled sites using self-signed certificates.
+ type: bool
+ default: yes
+ '''
diff --git a/collections-debian-merged/ansible_collections/community/grafana/plugins/lookup/__init__.py b/collections-debian-merged/ansible_collections/community/grafana/plugins/lookup/__init__.py
new file mode 100644
index 00000000..e69de29b
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/grafana/plugins/lookup/__init__.py
diff --git a/collections-debian-merged/ansible_collections/community/grafana/plugins/lookup/grafana_dashboard.py b/collections-debian-merged/ansible_collections/community/grafana/plugins/lookup/grafana_dashboard.py
new file mode 100644
index 00000000..e0432861
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/grafana/plugins/lookup/grafana_dashboard.py
@@ -0,0 +1,168 @@
+# (c) 2018 Ansible Project
+# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt)
+from __future__ import (absolute_import, division, print_function)
+__metaclass__ = type
+
+DOCUMENTATION = '''
+name: grafana_dashboard
+author: Thierry Salle (@seuf)
+short_description: list or search grafana dashboards
+description:
+ - This lookup returns a list of grafana dashboards with possibility to filter them by query.
+options:
+ grafana_url:
+ description: url of grafana.
+ env:
+ - name: GRAFANA_URL
+ default: http://127.0.0.1:3000
+ grafana_api_key:
+ description:
+ - api key of grafana.
+ - when C(grafana_api_key) is set, the options C(grafan_user), C(grafana_password) and C(grafana_org_id) are ignored.
+ - Attention, please remove the two == at the end of the grafana_api_key
+ - because ansible lookup plugins options are split on = (see example).
+ env:
+ - name: GRAFANA_API_KEY
+ grafana_user:
+ description: grafana authentication user.
+ env:
+ - name: GRAFANA_USER
+ default: admin
+ grafana_password:
+ description: grafana authentication password.
+ env:
+ - name: GRAFANA_PASSWORD
+ default: admin
+ grafana_org_id:
+ description: grafana organisation id.
+ env:
+ - name: GRAFANA_ORG_ID
+ default: 1
+ search:
+ description: optional filter for dashboard search.
+ env:
+ - name: GRAFANA_DASHBOARD_SEARCH
+'''
+
+EXAMPLES = """
+- name: get project foo grafana dashboards
+ set_fact:
+ grafana_dashboards: "{{ lookup('grafana_dashboard', 'grafana_url=http://grafana.company.com grafana_user=admin grafana_password=admin search=foo') }}"
+
+- name: get all grafana dashboards
+ set_fact:
+ grafana_dashboards: "{{ lookup('grafana_dashboard', 'grafana_url=http://grafana.company.com grafana_api_key=' ~ grafana_api_key|replace('==', '')) }}"
+"""
+
+import json
+import os
+from ansible.errors import AnsibleError
+from ansible.plugins.lookup import LookupBase
+from ansible.module_utils.urls import basic_auth_header, open_url
+from ansible.module_utils._text import to_native
+from ansible.module_utils.six.moves.urllib.error import HTTPError
+from ansible.utils.display import Display
+
+display = Display()
+
+
+ANSIBLE_GRAFANA_URL = 'http://127.0.0.1:3000'
+ANSIBLE_GRAFANA_API_KEY = None
+ANSIBLE_GRAFANA_USER = 'admin'
+ANSIBLE_GRAFANA_PASSWORD = 'admin'
+ANSIBLE_GRAFANA_ORG_ID = 1
+ANSIBLE_GRAFANA_DASHBOARD_SEARCH = None
+
+if os.getenv('GRAFANA_URL') is not None:
+ ANSIBLE_GRAFANA_URL = os.environ['GRAFANA_URL']
+
+if os.getenv('GRAFANA_API_KEY') is not None:
+ ANSIBLE_GRAFANA_API_KEY = os.environ['GRAFANA_API_KEY']
+
+if os.getenv('GRAFANA_USER') is not None:
+ ANSIBLE_GRAFANA_USER = os.environ['GRAFANA_USER']
+
+if os.getenv('GRAFANA_PASSWORD') is not None:
+ ANSIBLE_GRAFANA_PASSWORD = os.environ['GRAFANA_PASSWORD']
+
+if os.getenv('GRAFANA_ORG_ID') is not None:
+ ANSIBLE_GRAFANA_ORG_ID = os.environ['GRAFANA_ORG_ID']
+
+if os.getenv('GRAFANA_DASHBOARD_SEARCH') is not None:
+ ANSIBLE_GRAFANA_DASHBOARD_SEARCH = os.environ['GRAFANA_DASHBOARD_SEARCH']
+
+
+class GrafanaAPIException(Exception):
+ pass
+
+
+class GrafanaAPI:
+ def __init__(self, **kwargs):
+ self.grafana_url = kwargs.get('grafana_url', ANSIBLE_GRAFANA_URL)
+ self.grafana_api_key = kwargs.get('grafana_api_key', ANSIBLE_GRAFANA_API_KEY)
+ self.grafana_user = kwargs.get('grafana_user', ANSIBLE_GRAFANA_USER)
+ self.grafana_password = kwargs.get('grafana_password', ANSIBLE_GRAFANA_PASSWORD)
+ self.grafana_org_id = kwargs.get('grafana_org_id', ANSIBLE_GRAFANA_ORG_ID)
+ self.search = kwargs.get('search', ANSIBLE_GRAFANA_DASHBOARD_SEARCH)
+
+ def grafana_switch_organisation(self, headers):
+ try:
+ r = open_url('%s/api/user/using/%s' % (self.grafana_url, self.grafana_org_id), headers=headers, method='POST')
+ except HTTPError as e:
+ raise GrafanaAPIException('Unable to switch to organization %s : %s' % (self.grafana_org_id, to_native(e)))
+ if r.getcode() != 200:
+ raise GrafanaAPIException('Unable to switch to organization %s : %s' % (self.grafana_org_id, str(r.getcode())))
+
+ def grafana_headers(self):
+ headers = {'content-type': 'application/json; charset=utf8'}
+ if self.grafana_api_key:
+ headers['Authorization'] = "Bearer %s==" % self.grafana_api_key
+ else:
+ headers['Authorization'] = basic_auth_header(self.grafana_user, self.grafana_password)
+ self.grafana_switch_organisation(headers)
+
+ return headers
+
+ def grafana_list_dashboards(self):
+ # define http headers
+ headers = self.grafana_headers()
+
+ dashboard_list = []
+ try:
+ if self.search:
+ r = open_url('%s/api/search?query=%s' % (self.grafana_url, self.search), headers=headers, method='GET')
+ else:
+ r = open_url('%s/api/search/' % self.grafana_url, headers=headers, method='GET')
+ except HTTPError as e:
+ raise GrafanaAPIException('Unable to search dashboards : %s' % to_native(e))
+ if r.getcode() == 200:
+ try:
+ dashboard_list = json.loads(r.read())
+ except Exception as e:
+ raise GrafanaAPIException('Unable to parse json list %s' % to_native(e))
+ else:
+ raise GrafanaAPIException('Unable to list grafana dashboards : %s' % str(r.getcode()))
+
+ return dashboard_list
+
+
+class LookupModule(LookupBase):
+
+ def run(self, terms, variables=None, **kwargs):
+
+ grafana_args = terms[0].split(' ')
+ grafana_dict = {}
+ ret = []
+
+ for param in grafana_args:
+ try:
+ key, value = param.split('=')
+ except ValueError:
+ raise AnsibleError("grafana_dashboard lookup plugin needs key=value pairs, but received %s" % terms)
+ grafana_dict[key] = value
+
+ grafana = GrafanaAPI(**grafana_dict)
+
+ ret = grafana.grafana_list_dashboards()
+
+ return ret
diff --git a/collections-debian-merged/ansible_collections/community/grafana/plugins/module_utils/base.py b/collections-debian-merged/ansible_collections/community/grafana/plugins/module_utils/base.py
new file mode 100644
index 00000000..75ec3c08
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/grafana/plugins/module_utils/base.py
@@ -0,0 +1,47 @@
+# -*- coding: utf-8 -*-
+# This file is part of Ansible
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+# Copyright: (c) 2019, Rémi REY (@rrey)
+
+from __future__ import (absolute_import, division, print_function)
+from ansible.module_utils.urls import url_argument_spec
+
+__metaclass__ = type
+
+
+def grafana_argument_spec():
+ argument_spec = url_argument_spec()
+
+ del argument_spec['force']
+ del argument_spec['force_basic_auth']
+ del argument_spec['http_agent']
+
+ argument_spec.update(
+ state=dict(choices=['present', 'absent'], default='present'),
+ url=dict(aliases=['grafana_url'], type='str', required=True),
+ grafana_api_key=dict(type='str', no_log=True),
+ url_username=dict(aliases=['grafana_user'], default='admin'),
+ url_password=dict(aliases=['grafana_password'], default='admin', no_log=True),
+ )
+ return argument_spec
+
+
+def grafana_required_together():
+ return [['url_username', 'url_password']]
+
+
+def grafana_mutually_exclusive():
+ return [['url_username', 'grafana_api_key']]
diff --git a/collections-debian-merged/ansible_collections/community/grafana/plugins/modules/__init__.py b/collections-debian-merged/ansible_collections/community/grafana/plugins/modules/__init__.py
new file mode 100644
index 00000000..e69de29b
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/grafana/plugins/modules/__init__.py
diff --git a/collections-debian-merged/ansible_collections/community/grafana/plugins/modules/grafana_dashboard.py b/collections-debian-merged/ansible_collections/community/grafana/plugins/modules/grafana_dashboard.py
new file mode 100644
index 00000000..0bb53d39
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/grafana/plugins/modules/grafana_dashboard.py
@@ -0,0 +1,563 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+
+# Copyright: (c) 2017, Thierry Sallé (@seuf)
+# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt)
+
+from __future__ import absolute_import, division, print_function
+
+DOCUMENTATION = '''
+---
+module: grafana_dashboard
+author:
+ - Thierry Sallé (@seuf)
+version_added: "1.0.0"
+short_description: Manage Grafana dashboards
+description:
+ - Create, update, delete, export Grafana dashboards via API.
+options:
+ org_id:
+ description:
+ - The Grafana Organisation ID where the dashboard will be imported / exported.
+ - Not used when I(grafana_api_key) is set, because the grafana_api_key only belongs to one organisation..
+ default: 1
+ type: int
+ folder:
+ description:
+ - The Grafana folder where this dashboard will be imported to.
+ default: General
+ version_added: "1.0.0"
+ type: str
+ state:
+ description:
+ - State of the dashboard.
+ choices: [ absent, export, present ]
+ default: present
+ type: str
+ slug:
+ description:
+ - Deprecated since Grafana 5. Use grafana dashboard uid instead.
+ - slug of the dashboard. It's the friendly url name of the dashboard.
+ - When C(state) is C(present), this parameter can override the slug in the meta section of the json file.
+ - If you want to import a json dashboard exported directly from the interface (not from the api),
+ you have to specify the slug parameter because there is no meta section in the exported json.
+ type: str
+ uid:
+ version_added: "1.0.0"
+ description:
+ - uid of the dashboard to export when C(state) is C(export) or C(absent).
+ type: str
+ path:
+ description:
+ - The path to the json file containing the Grafana dashboard to import or export.
+ - A http URL is also accepted (since 2.10).
+ - Required if C(state) is C(export) or C(present).
+ aliases: [ dashboard_url ]
+ type: str
+ overwrite:
+ description:
+ - Override existing dashboard when state is present.
+ type: bool
+ default: 'no'
+ dashboard_id:
+ description:
+ - Public Grafana.com dashboard id to import
+ version_added: "1.0.0"
+ type: str
+ dashboard_revision:
+ description:
+ - Revision of the public grafana dashboard to import
+ default: 1
+ version_added: "1.0.0"
+ type: str
+ commit_message:
+ description:
+ - Set a commit message for the version history.
+ - Only used when C(state) is C(present).
+ - C(message) alias is deprecated in Ansible 2.10, since it is used internally by Ansible Core Engine.
+ aliases: [ 'message' ]
+ type: str
+extends_documentation_fragment:
+- community.grafana.basic_auth
+- community.grafana.api_key
+'''
+
+EXAMPLES = '''
+- hosts: localhost
+ connection: local
+ tasks:
+ - name: Import Grafana dashboard foo
+ community.grafana.grafana_dashboard:
+ grafana_url: http://grafana.company.com
+ grafana_api_key: "{{ grafana_api_key }}"
+ state: present
+ commit_message: Updated by ansible
+ overwrite: yes
+ path: /path/to/dashboards/foo.json
+
+ - name: Import Grafana dashboard Zabbix
+ community.grafana.grafana_dashboard:
+ grafana_url: http://grafana.company.com
+ grafana_api_key: "{{ grafana_api_key }}"
+ folder: zabbix
+ dashboard_id: 6098
+ dashbord_revision: 1
+
+ - name: Import Grafana dashboard zabbix
+ community.grafana.grafana_dashboard:
+ grafana_url: http://grafana.company.com
+ grafana_api_key: "{{ grafana_api_key }}"
+ folder: public
+ dashboard_url: https://grafana.com/api/dashboards/6098/revisions/1/download
+
+ - name: Export dashboard
+ community.grafana.grafana_dashboard:
+ grafana_url: http://grafana.company.com
+ grafana_user: "admin"
+ grafana_password: "{{ grafana_password }}"
+ org_id: 1
+ state: export
+ uid: "000000653"
+ path: "/path/to/dashboards/000000653.json"
+'''
+
+RETURN = '''
+---
+uid:
+ description: uid or slug of the created / deleted / exported dashboard.
+ returned: success
+ type: str
+ sample: 000000063
+'''
+
+import json
+from ansible.module_utils.basic import AnsibleModule
+from ansible.module_utils.urls import fetch_url
+from ansible.module_utils.six.moves.urllib.parse import urlencode
+from ansible.module_utils._text import to_native
+from ansible.module_utils._text import to_text
+from ansible_collections.community.grafana.plugins.module_utils.base import grafana_argument_spec
+
+__metaclass__ = type
+
+
+class GrafanaAPIException(Exception):
+ pass
+
+
+class GrafanaMalformedJson(Exception):
+ pass
+
+
+class GrafanaExportException(Exception):
+ pass
+
+
+class GrafanaDeleteException(Exception):
+ pass
+
+
+def grafana_switch_organisation(module, grafana_url, org_id, headers):
+ r, info = fetch_url(module, '%s/api/user/using/%s' % (grafana_url, org_id), headers=headers, method='POST')
+ if info['status'] != 200:
+ raise GrafanaAPIException('Unable to switch to organization %s : %s' % (org_id, info))
+
+
+def grafana_headers(module, data):
+ headers = {'content-type': 'application/json; charset=utf8'}
+ if 'grafana_api_key' in data and data['grafana_api_key']:
+ headers['Authorization'] = "Bearer %s" % data['grafana_api_key']
+ else:
+ module.params['force_basic_auth'] = True
+ grafana_switch_organisation(module, data['grafana_url'], data['org_id'], headers)
+
+ return headers
+
+
+def get_grafana_version(module, grafana_url, headers):
+ grafana_version = None
+ r, info = fetch_url(module, '%s/api/frontend/settings' % grafana_url, headers=headers, method='GET')
+ if info['status'] == 200:
+ try:
+ settings = json.loads(to_text(r.read()))
+ grafana_version = settings['buildInfo']['version'].split('.')[0]
+ except UnicodeError as e:
+ raise GrafanaAPIException('Unable to decode version string to Unicode')
+ except Exception as e:
+ raise GrafanaAPIException(e)
+ else:
+ raise GrafanaAPIException('Unable to get grafana version : %s' % info)
+
+ return int(grafana_version)
+
+
+def grafana_folder_exists(module, grafana_url, folder_name, headers):
+ # the 'General' folder is a special case, it's ID is always '0'
+ if folder_name == 'General':
+ return True, 0
+
+ try:
+ r, info = fetch_url(module, '%s/api/folders' % grafana_url, headers=headers, method='GET')
+
+ if info['status'] != 200:
+ raise GrafanaAPIException("Unable to query Grafana API for folders (name: %s): %d" % (folder_name, info['status']))
+
+ folders = json.loads(r.read())
+
+ for folder in folders:
+ if folder['title'] == folder_name:
+ return True, folder['id']
+ except Exception as e:
+ raise GrafanaAPIException(e)
+
+ return False, 0
+
+
+def grafana_dashboard_exists(module, grafana_url, uid, headers):
+ dashboard_exists = False
+ dashboard = {}
+
+ grafana_version = get_grafana_version(module, grafana_url, headers)
+ if grafana_version >= 5:
+ uri = '%s/api/dashboards/uid/%s' % (grafana_url, uid)
+ else:
+ uri = '%s/api/dashboards/db/%s' % (grafana_url, uid)
+
+ r, info = fetch_url(module, uri, headers=headers, method='GET')
+
+ if info['status'] == 200:
+ dashboard_exists = True
+ try:
+ dashboard = json.loads(r.read())
+ except Exception as e:
+ raise GrafanaAPIException(e)
+ elif info['status'] == 404:
+ dashboard_exists = False
+ else:
+ raise GrafanaAPIException('Unable to get dashboard %s : %s' % (uid, info))
+
+ return dashboard_exists, dashboard
+
+
+def grafana_dashboard_search(module, grafana_url, folder_id, title, headers):
+
+ # search by title
+ uri = '%s/api/search?%s' % (grafana_url, urlencode({
+ 'folderIds': folder_id,
+ 'query': title,
+ 'type': 'dash-db'
+ }))
+ r, info = fetch_url(module, uri, headers=headers, method='GET')
+
+ if info['status'] == 200:
+ try:
+ dashboards = json.loads(r.read())
+ for d in dashboards:
+ if d['title'] == title:
+ return grafana_dashboard_exists(module, grafana_url, d['uid'], headers)
+ except Exception as e:
+ raise GrafanaAPIException(e)
+ else:
+ raise GrafanaAPIException('Unable to search dashboard %s : %s' % (title, info))
+
+ return False, None
+
+
+# for comparison, we sometimes need to ignore a few keys
+def grafana_dashboard_changed(payload, dashboard):
+ # you don't need to set the version, but '0' is incremented to '1' by Grafana's API
+ if 'version' in payload['dashboard']:
+ del(payload['dashboard']['version'])
+ if 'version' in dashboard['dashboard']:
+ del(dashboard['dashboard']['version'])
+
+ # remove meta key if exists for compare
+ if 'meta' in dashboard:
+ del(dashboard['meta'])
+ if 'meta' in payload:
+ del(payload['meta'])
+
+ # if folderId is not provided in dashboard, set default folderId
+ if 'folderId' not in dashboard:
+ dashboard['folderId'] = 0
+
+ # Ignore dashboard ids since real identifier is uuid
+ if 'id' in dashboard['dashboard']:
+ del(dashboard['dashboard']['id'])
+ if 'id' in payload['dashboard']:
+ del(payload['dashboard']['id'])
+
+ if payload == dashboard:
+ return False
+ return True
+
+
+def grafana_create_dashboard(module, data):
+
+ # define data payload for grafana API
+ payload = {}
+ if data.get('dashboard_id'):
+ data['path'] = "https://grafana.com/api/dashboards/%s/revisions/%s/download" % (data['dashboard_id'], data['dashboard_revision'])
+ if data['path'].startswith('http'):
+ r, info = fetch_url(module, data['path'])
+ if info['status'] != 200:
+ raise GrafanaAPIException('Unable to download grafana dashboard from url %s : %s' % (data['path'], info))
+ payload = json.loads(r.read())
+ else:
+ try:
+ with open(data['path'], 'r') as json_file:
+ payload = json.load(json_file)
+ except Exception as e:
+ raise GrafanaAPIException("Can't load json file %s" % to_native(e))
+
+ # Check that the dashboard JSON is nested under the 'dashboard' key
+ if 'dashboard' not in payload:
+ payload = {'dashboard': payload}
+
+ # define http header
+ headers = grafana_headers(module, data)
+
+ grafana_version = get_grafana_version(module, data['grafana_url'], headers)
+ if grafana_version < 5:
+ if data.get('slug'):
+ uid = data['slug']
+ elif 'meta' in payload and 'slug' in payload['meta']:
+ uid = payload['meta']['slug']
+ else:
+ raise GrafanaMalformedJson('No slug found in json. Needed with grafana < 5')
+ else:
+ if data.get('uid'):
+ uid = data['uid']
+ elif 'uid' in payload['dashboard']:
+ uid = payload['dashboard']['uid']
+ else:
+ uid = None
+
+ result = {}
+
+ # test if the folder exists
+ if grafana_version >= 5:
+ folder_exists, folder_id = grafana_folder_exists(module, data['grafana_url'], data['folder'], headers)
+ if folder_exists is False:
+ result['msg'] = "Dashboard folder '%s' does not exist." % data['folder']
+ result['uid'] = uid
+ result['changed'] = False
+ return result
+
+ payload['folderId'] = folder_id
+
+ # test if dashboard already exists
+ if uid:
+ dashboard_exists, dashboard = grafana_dashboard_exists(
+ module, data['grafana_url'], uid, headers=headers)
+ else:
+ dashboard_exists, dashboard = grafana_dashboard_search(
+ module, data['grafana_url'], folder_id, payload['dashboard']['title'], headers=headers)
+
+ if dashboard_exists is True:
+ if grafana_dashboard_changed(payload, dashboard):
+ # update
+ if 'overwrite' in data and data['overwrite']:
+ payload['overwrite'] = True
+ if 'commit_message' in data and data['commit_message']:
+ payload['message'] = data['commit_message']
+
+ r, info = fetch_url(module, '%s/api/dashboards/db' % data['grafana_url'],
+ data=json.dumps(payload), headers=headers, method='POST')
+ if info['status'] == 200:
+ if grafana_version >= 5:
+ try:
+ dashboard = json.loads(r.read())
+ uid = dashboard['uid']
+ except Exception as e:
+ raise GrafanaAPIException(e)
+ result['uid'] = uid
+ result['msg'] = "Dashboard %s updated" % payload['dashboard']['title']
+ result['changed'] = True
+ else:
+ body = json.loads(info['body'])
+ raise GrafanaAPIException('Unable to update the dashboard %s : %s (HTTP: %d)' %
+ (uid, body['commit_message'], info['status']))
+ else:
+ # unchanged
+ result['uid'] = uid
+ result['msg'] = "Dashboard %s unchanged." % payload['dashboard']['title']
+ result['changed'] = False
+ else:
+ # create
+ if folder_exists is True:
+ payload['folderId'] = folder_id
+
+ # Ensure there is no id in payload
+ if 'id' in payload['dashboard']:
+ del payload['dashboard']['id']
+
+ r, info = fetch_url(module, '%s/api/dashboards/db' % data['grafana_url'],
+ data=json.dumps(payload), headers=headers, method='POST')
+ if info['status'] == 200:
+ result['msg'] = "Dashboard %s created" % payload['dashboard']['title']
+ result['changed'] = True
+ if grafana_version >= 5:
+ try:
+ dashboard = json.loads(r.read())
+ uid = dashboard['uid']
+ except Exception as e:
+ raise GrafanaAPIException(e)
+ result['uid'] = uid
+ else:
+ raise GrafanaAPIException('Unable to create the new dashboard %s : %s - %s. (headers : %s)' %
+ (payload['dashboard']['title'], info['status'], info, headers))
+
+ return result
+
+
+def grafana_delete_dashboard(module, data):
+
+ # define http headers
+ headers = grafana_headers(module, data)
+
+ grafana_version = get_grafana_version(module, data['grafana_url'], headers)
+ if grafana_version < 5:
+ if data.get('slug'):
+ uid = data['slug']
+ else:
+ raise GrafanaMalformedJson('No slug parameter. Needed with grafana < 5')
+ else:
+ if data.get('uid'):
+ uid = data['uid']
+ else:
+ raise GrafanaDeleteException('No uid specified %s')
+
+ # test if dashboard already exists
+ dashboard_exists, dashboard = grafana_dashboard_exists(module, data['grafana_url'], uid, headers=headers)
+
+ result = {}
+ if dashboard_exists is True:
+ # delete
+ if grafana_version < 5:
+ r, info = fetch_url(module, '%s/api/dashboards/db/%s' % (data['grafana_url'], uid), headers=headers, method='DELETE')
+ else:
+ r, info = fetch_url(module, '%s/api/dashboards/uid/%s' % (data['grafana_url'], uid), headers=headers, method='DELETE')
+ if info['status'] == 200:
+ result['msg'] = "Dashboard %s deleted" % uid
+ result['changed'] = True
+ result['uid'] = uid
+ else:
+ raise GrafanaAPIException('Unable to update the dashboard %s : %s' % (uid, info))
+ else:
+ # dashboard does not exist, do nothing
+ result = {'msg': "Dashboard %s does not exist." % uid,
+ 'changed': False,
+ 'uid': uid}
+
+ return result
+
+
+def grafana_export_dashboard(module, data):
+
+ # define http headers
+ headers = grafana_headers(module, data)
+
+ grafana_version = get_grafana_version(module, data['grafana_url'], headers)
+ if grafana_version < 5:
+ if data.get('slug'):
+ uid = data['slug']
+ else:
+ raise GrafanaMalformedJson('No slug parameter. Needed with grafana < 5')
+ else:
+ if data.get('uid'):
+ uid = data['uid']
+ else:
+ raise GrafanaExportException('No uid specified')
+
+ # test if dashboard already exists
+ dashboard_exists, dashboard = grafana_dashboard_exists(module, data['grafana_url'], uid, headers=headers)
+
+ if dashboard_exists is True:
+ try:
+ with open(data['path'], 'w') as f:
+ f.write(json.dumps(dashboard))
+ except Exception as e:
+ raise GrafanaExportException("Can't write json file : %s" % to_native(e))
+ result = {'msg': "Dashboard %s exported to %s" % (uid, data['path']),
+ 'uid': uid,
+ 'changed': True}
+ else:
+ result = {'msg': "Dashboard %s does not exist." % uid,
+ 'uid': uid,
+ 'changed': False}
+
+ return result
+
+
+def main():
+ # use the predefined argument spec for url
+ argument_spec = grafana_argument_spec()
+ argument_spec.update(
+ state=dict(choices=['present', 'absent', 'export'], default='present'),
+ org_id=dict(default=1, type='int'),
+ folder=dict(type='str', default='General'),
+ uid=dict(type='str'),
+ slug=dict(type='str'),
+ path=dict(aliases=['dashboard_url'], type='str'),
+ dashboard_id=dict(type='str'),
+ dashboard_revision=dict(type='str', default='1'),
+ overwrite=dict(type='bool', default=False),
+ commit_message=dict(type='str', aliases=['message'],
+ deprecated_aliases=[dict(name='message',
+ version='2.0.0', collection_name="community.grafana")]),
+ )
+ module = AnsibleModule(
+ argument_spec=argument_spec,
+ supports_check_mode=False,
+ required_if=[
+ ['state', 'export', ['path']],
+ ],
+ required_together=[['url_username', 'url_password', 'org_id']],
+ mutually_exclusive=[['url_username', 'grafana_api_key'], ['uid', 'slug'], ['path', 'dashboard_id']],
+ )
+
+ if 'message' in module.params:
+ module.fail_json(msg="'message' is reserved keyword, please change this parameter to 'commit_message'")
+
+ try:
+ if module.params['state'] == 'present':
+ result = grafana_create_dashboard(module, module.params)
+ elif module.params['state'] == 'absent':
+ result = grafana_delete_dashboard(module, module.params)
+ else:
+ result = grafana_export_dashboard(module, module.params)
+ except GrafanaAPIException as e:
+ module.fail_json(
+ failed=True,
+ msg="error : %s" % to_native(e)
+ )
+ return
+ except GrafanaMalformedJson as e:
+ module.fail_json(
+ failed=True,
+ msg="error : %s" % to_native(e)
+ )
+ return
+ except GrafanaDeleteException as e:
+ module.fail_json(
+ failed=True,
+ msg="error : Can't delete dashboard : %s" % to_native(e)
+ )
+ return
+ except GrafanaExportException as e:
+ module.fail_json(
+ failed=True,
+ msg="error : Can't export dashboard : %s" % to_native(e)
+ )
+ return
+
+ module.exit_json(
+ failed=False,
+ **result
+ )
+ return
+
+
+if __name__ == '__main__':
+ main()
diff --git a/collections-debian-merged/ansible_collections/community/grafana/plugins/modules/grafana_datasource.py b/collections-debian-merged/ansible_collections/community/grafana/plugins/modules/grafana_datasource.py
new file mode 100644
index 00000000..65276d47
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/grafana/plugins/modules/grafana_datasource.py
@@ -0,0 +1,752 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+
+# Copyright: (c) 2017, Thierry Sallé (@seuf)
+# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt)
+
+from __future__ import absolute_import, division, print_function
+__metaclass__ = type
+
+DOCUMENTATION = '''
+module: grafana_datasource
+author:
+- Thierry Sallé (@seuf)
+- Martin Wang (@martinwangjian)
+- Rémi REY (@rrey)
+short_description: Manage Grafana datasources
+description:
+- Create/update/delete Grafana datasources via API.
+options:
+ name:
+ description:
+ - The name of the datasource.
+ required: true
+ type: str
+ ds_type:
+ description:
+ - The type of the datasource.
+ required: true
+ choices:
+ - graphite
+ - prometheus
+ - elasticsearch
+ - influxdb
+ - opentsdb
+ - mysql
+ - postgres
+ - cloudwatch
+ - alexanderzobnin-zabbix-datasource
+ - sni-thruk-datasource
+ - camptocamp-prometheus-alertmanager-datasource
+ - loki
+ type: str
+ ds_url:
+ description:
+ - The URL of the datasource.
+ required: true
+ type: str
+ access:
+ description:
+ - The access mode for this datasource.
+ choices:
+ - direct
+ - proxy
+ default: proxy
+ type: str
+ database:
+ description:
+ - Name of the database for the datasource.
+ - This options is required when the C(ds_type) is C(influxdb), C(elasticsearch)
+ (index name), C(mysql) or C(postgres).
+ required: false
+ type: str
+ user:
+ description:
+ - The datasource login user for influxdb datasources.
+ type: str
+ password:
+ description:
+ - The datasource password.
+ - For encrypted password use C(additional_secure_json_data.password).
+ type: str
+ basic_auth_user:
+ description:
+ - The datasource basic auth user.
+ - Setting this option with basic_auth_password will enable basic auth.
+ type: str
+ basic_auth_password:
+ description:
+ - The datasource basic auth password, when C(basic auth) is C(yes).
+ type: str
+ with_credentials:
+ description:
+ - Whether credentials such as cookies or auth headers should be sent with cross-site
+ requests.
+ type: bool
+ default: 'no'
+ tls_client_cert:
+ description:
+ - The client TLS certificate.
+ - If C(tls_client_cert) and C(tls_client_key) are set, this will enable TLS authentication.
+ - Starts with ----- BEGIN CERTIFICATE -----
+ - Stored as secure data, see C(enforce_secure_data) and notes!
+ type: str
+ tls_client_key:
+ description:
+ - The client TLS private key
+ - Starts with ----- BEGIN RSA PRIVATE KEY -----
+ - Stored as secure data, see C(enforce_secure_data) and notes!
+ type: str
+ tls_ca_cert:
+ description:
+ - The TLS CA certificate for self signed certificates.
+ - Only used when C(tls_client_cert) and C(tls_client_key) are set.
+ - Stored as secure data, see C(enforce_secure_data) and notes!
+ type: str
+ tls_skip_verify:
+ description:
+ - Skip the TLS datasource certificate verification.
+ type: bool
+ default: false
+ is_default:
+ description:
+ - Make this datasource the default one.
+ type: bool
+ default: 'no'
+ org_id:
+ description:
+ - Grafana Organisation ID in which the datasource should be created.
+ - Not used when C(grafana_api_key) is set, because the C(grafana_api_key) only
+ belong to one organisation.
+ default: 1
+ type: int
+ state:
+ description:
+ - Status of the datasource
+ choices:
+ - absent
+ - present
+ default: present
+ type: str
+ es_version:
+ description:
+ - Elasticsearch version (for C(ds_type = elasticsearch) only)
+ - Version 56 is for elasticsearch 5.6+ where you can specify the C(max_concurrent_shard_requests)
+ option.
+ choices:
+ - 2
+ - 5
+ - 56
+ - 60
+ - 70
+ default: 5
+ type: int
+ max_concurrent_shard_requests:
+ description:
+ - Starting with elasticsearch 5.6, you can specify the max concurrent shard per
+ requests.
+ default: 256
+ type: int
+ time_field:
+ description:
+ - Name of the time field in elasticsearch ds.
+ - For example C(@timestamp).
+ type: str
+ default: '@timestamp'
+ time_interval:
+ description:
+ - Minimum group by interval for C(influxdb) or C(elasticsearch) datasources.
+ - for example C(>10s).
+ type: str
+ interval:
+ description:
+ - For elasticsearch C(ds_type), this is the index pattern used.
+ choices:
+ - ''
+ - Hourly
+ - Daily
+ - Weekly
+ - Monthly
+ - Yearly
+ type: str
+ tsdb_version:
+ description:
+ - The opentsdb version.
+ - Use C(1) for <=2.1, C(2) for ==2.2, C(3) for ==2.3.
+ choices:
+ - 1
+ - 2
+ - 3
+ default: 1
+ type: int
+ tsdb_resolution:
+ description:
+ - The opentsdb time resolution.
+ choices:
+ - millisecond
+ - second
+ default: second
+ type: str
+ sslmode:
+ description:
+ - SSL mode for C(postgres) datasource type.
+ choices:
+ - disable
+ - require
+ - verify-ca
+ - verify-full
+ type: str
+ default: disable
+ trends:
+ required: false
+ description:
+ - Use trends or not for zabbix datasource type.
+ type: bool
+ aws_auth_type:
+ description:
+ - Type for AWS authentication for CloudWatch datasource type (authType of grafana
+ api)
+ default: keys
+ choices:
+ - keys
+ - credentials
+ - arn
+ type: str
+ aws_default_region:
+ description:
+ - AWS default region for CloudWatch datasource type
+ default: us-east-1
+ type: str
+ choices:
+ - ap-northeast-1
+ - ap-northeast-2
+ - ap-southeast-1
+ - ap-southeast-2
+ - ap-south-1
+ - ca-central-1
+ - cn-north-1
+ - cn-northwest-1
+ - eu-central-1
+ - eu-west-1
+ - eu-west-2
+ - eu-west-3
+ - sa-east-1
+ - us-east-1
+ - us-east-2
+ - us-gov-west-1
+ - us-west-1
+ - us-west-2
+ aws_credentials_profile:
+ description:
+ - Profile for AWS credentials for CloudWatch datasource type when C(aws_auth_type)
+ is C(credentials)
+ default: ''
+ required: false
+ type: str
+ aws_access_key:
+ description:
+ - AWS access key for CloudWatch datasource type when C(aws_auth_type) is C(keys)
+ default: ''
+ required: false
+ type: str
+ aws_secret_key:
+ description:
+ - AWS secret key for CloudWatch datasource type when C(aws_auth_type) is C(keys)
+ default: ''
+ required: false
+ type: str
+ aws_assume_role_arn:
+ description:
+ - AWS IAM role arn to assume for CloudWatch datasource type when C(aws_auth_type)
+ is C(arn)
+ default: ''
+ required: false
+ type: str
+ aws_custom_metrics_namespaces:
+ description:
+ - Namespaces of Custom Metrics for CloudWatch datasource type
+ default: ''
+ required: false
+ type: str
+ zabbix_user:
+ description:
+ - User for Zabbix API
+ required: false
+ type: str
+ zabbix_password:
+ description:
+ - Password for Zabbix API
+ required: false
+ type: str
+ additional_json_data:
+ description:
+ - Defined data is used for datasource jsonData
+ - Data may be overridden by specifically defined parameters (like zabbix_user)
+ required: false
+ type: dict
+ default: {}
+ additional_secure_json_data:
+ description:
+ - Defined data is used for datasource secureJsonData
+ - Data may be overridden by specifically defined parameters (like tls_client_cert)
+ - Stored as secure data, see C(enforce_secure_data) and notes!
+ required: false
+ type: dict
+ default: {}
+ enforce_secure_data:
+ description:
+ - Secure data is not updated per default (see notes!)
+ - To update secure data you have to enable this option!
+ - Enabling this, the task will always report changed=True
+ required: false
+ type: bool
+ default: false
+extends_documentation_fragment:
+- community.grafana.basic_auth
+- community.grafana.api_key
+notes:
+- Secure data will get encrypted by the Grafana API, thus it can not be compared on subsequent runs. To workaround this, secure
+ data will not be updated after initial creation! To force the secure data update you have to set I(enforce_secure_data=True).
+- Hint, with the C(enforce_secure_data) always reporting changed=True, you might just do one Task updating the datasource without
+ any secure data and make a separate playbook/task also changing the secure data. This way it will not break any workflow.
+'''
+
+EXAMPLES = '''
+---
+- name: Create elasticsearch datasource
+ community.grafana.grafana_datasource:
+ name: "datasource-elastic"
+ grafana_url: "https://grafana.company.com"
+ grafana_user: "admin"
+ grafana_password: "xxxxxx"
+ org_id: "1"
+ ds_type: "elasticsearch"
+ ds_url: "https://elastic.company.com:9200"
+ database: "[logstash_]YYYY.MM.DD"
+ basic_auth_user: "grafana"
+ basic_auth_password: "******"
+ time_field: "@timestamp"
+ time_interval: "1m"
+ interval: "Daily"
+ es_version: 56
+ max_concurrent_shard_requests: 42
+ tls_ca_cert: "/etc/ssl/certs/ca.pem"
+
+- name: Create influxdb datasource
+ community.grafana.grafana_datasource:
+ name: "datasource-influxdb"
+ grafana_url: "https://grafana.company.com"
+ grafana_user: "admin"
+ grafana_password: "xxxxxx"
+ org_id: "1"
+ ds_type: "influxdb"
+ ds_url: "https://influx.company.com:8086"
+ database: "telegraf"
+ time_interval: ">10s"
+ tls_ca_cert: "/etc/ssl/certs/ca.pem"
+
+- name: Create postgres datasource
+ community.grafana.grafana_datasource:
+ name: "datasource-postgres"
+ grafana_url: "https://grafana.company.com"
+ grafana_user: "admin"
+ grafana_password: "xxxxxx"
+ org_id: "1"
+ ds_type: "postgres"
+ ds_url: "postgres.company.com:5432"
+ database: "db"
+ user: "postgres"
+ sslmode: "verify-full"
+ additional_json_data:
+ timescaledb: false
+ additional_secure_json_data:
+ password: "iampgroot"
+
+- name: Create cloudwatch datasource
+ community.grafana.grafana_datasource:
+ name: "datasource-cloudwatch"
+ grafana_url: "https://grafana.company.com"
+ grafana_user: "admin"
+ grafana_password: "xxxxxx"
+ org_id: "1"
+ ds_type: "cloudwatch"
+ ds_url: "http://monitoring.us-west-1.amazonaws.com"
+ aws_auth_type: "keys"
+ aws_default_region: "us-west-1"
+ aws_access_key: "speakFriendAndEnter"
+ aws_secret_key: "mel10n"
+ aws_custom_metrics_namespaces: "n1,n2"
+
+- name: grafana - add thruk datasource
+ community.grafana.grafana_datasource:
+ name: "datasource-thruk"
+ grafana_url: "https://grafana.company.com"
+ grafana_user: "admin"
+ grafana_password: "xxxxxx"
+ org_id: "1"
+ ds_type: "sni-thruk-datasource"
+ ds_url: "https://thruk.company.com/sitename/thruk"
+ basic_auth_user: "thruk-user"
+ basic_auth_password: "******"
+
+# handle secure data - workflow example
+# this will create/update the datasource but dont update the secure data on updates
+# so you can assert if all tasks are changed=False
+- name: create prometheus datasource
+ community.grafana.grafana_datasource:
+ name: openshift_prometheus
+ ds_type: prometheus
+ ds_url: https://openshift-monitoring.company.com
+ access: proxy
+ tls_skip_verify: true
+ additional_json_data:
+ httpHeaderName1: "Authorization"
+ additional_secure_json_data:
+ httpHeaderValue1: "Bearer ihavenogroot"
+
+# in a separate task or even play you then can force to update
+# and assert if each datasource is reporting changed=True
+- name: update prometheus datasource
+ community.grafana.grafana_datasource:
+ name: openshift_prometheus
+ ds_type: prometheus
+ ds_url: https://openshift-monitoring.company.com
+ access: proxy
+ tls_skip_verify: true
+ additional_json_data:
+ httpHeaderName1: "Authorization"
+ additional_secure_json_data:
+ httpHeaderValue1: "Bearer ihavenogroot"
+ enforce_secure_data: true
+'''
+
+RETURN = '''
+---
+datasource:
+ description: datasource created/updated by module
+ returned: changed
+ type: dict
+ sample: { "access": "proxy",
+ "basicAuth": false,
+ "database": "test_*",
+ "id": 1035,
+ "isDefault": false,
+ "jsonData": {
+ "esVersion": 5,
+ "timeField": "@timestamp",
+ "timeInterval": "10s",
+ },
+ "secureJsonFields": {
+ "JustASecureTest": true,
+ },
+ "name": "grafana_datasource_test",
+ "orgId": 1,
+ "type": "elasticsearch",
+ "url": "http://elastic.company.com:9200",
+ "user": "",
+ "password": "",
+ "withCredentials": false }
+'''
+
+import json
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible.module_utils.six.moves.urllib.parse import quote
+from ansible.module_utils.urls import fetch_url, url_argument_spec, basic_auth_header
+from ansible_collections.community.grafana.plugins.module_utils.base import grafana_argument_spec, grafana_required_together, grafana_mutually_exclusive
+
+
+def compare_datasources(new, current, compareSecureData=True):
+ del current['typeLogoUrl']
+ del current['id']
+ if 'version' in current:
+ del current['version']
+ if 'readOnly' in current:
+ del current['readOnly']
+ if current['basicAuth'] is False:
+ del current['basicAuthUser']
+ del current['basicAuthPassword']
+
+ # check if secureJsonData should be compared
+ if not compareSecureData:
+ # if we should ignore it just drop alltogether
+ new.pop('secureJsonData', None)
+ new.pop('secureJsonFields', None)
+ current.pop('secureJsonData', None)
+ current.pop('secureJsonFields', None)
+ else:
+ # handle secureJsonData/secureJsonFields, some current facts:
+ # - secureJsonFields is reporting each field set as true
+ # - secureJsonFields once set cant be removed (DS has to be deleted)
+ if not new.get('secureJsonData'):
+ # secureJsonData is not provided so just remove both for comparision
+ new.pop('secureJsonData', None)
+ current.pop('secureJsonFields', None)
+ else:
+ # we have some secure data so just "rename" secureJsonFields for comparison as it will change anyhow everytime
+ current['secureJsonData'] = current.pop('secureJsonFields')
+
+ return dict(before=current, after=new)
+
+
+def get_datasource_payload(data):
+ payload = {
+ 'orgId': data['org_id'],
+ 'name': data['name'],
+ 'type': data['ds_type'],
+ 'access': data['access'],
+ 'url': data['ds_url'],
+ 'database': data['database'],
+ 'withCredentials': data['with_credentials'],
+ 'isDefault': data['is_default'],
+ 'user': data['user'],
+ 'password': data['password'],
+ 'jsonData': data['additional_json_data'],
+ 'secureJsonData': data['additional_secure_json_data']
+ }
+
+ # define basic auth
+ if 'basic_auth_user' in data and data['basic_auth_user'] and 'basic_auth_password' in data and data['basic_auth_password']:
+ payload['basicAuth'] = True
+ payload['basicAuthUser'] = data['basic_auth_user']
+ payload['basicAuthPassword'] = data['basic_auth_password']
+ else:
+ payload['basicAuth'] = False
+
+ # define tls auth
+ json_data = payload['jsonData']
+ secure_json_data = payload['secureJsonData']
+ if data.get('tls_client_cert') and data.get('tls_client_key'):
+ json_data['tlsAuth'] = True
+ if data.get('tls_ca_cert'):
+ secure_json_data['tlsCACert'] = data['tls_ca_cert']
+ secure_json_data['tlsClientCert'] = data['tls_client_cert']
+ secure_json_data['tlsClientKey'] = data['tls_client_key']
+ json_data['tlsAuthWithCACert'] = True
+ else:
+ secure_json_data['tlsClientCert'] = data['tls_client_cert']
+ secure_json_data['tlsClientKey'] = data['tls_client_key']
+ else:
+ json_data['tlsAuth'] = False
+ json_data['tlsAuthWithCACert'] = False
+ if data.get('tls_ca_cert'):
+ secure_json_data['tlsCACert'] = data['tls_ca_cert']
+
+ if data.get('tls_skip_verify'):
+ json_data['tlsSkipVerify'] = True
+
+ # datasource type related parameters
+ if data['ds_type'] == 'elasticsearch':
+ json_data['esVersion'] = data['es_version']
+ json_data['timeField'] = data['time_field']
+ if data.get('interval'):
+ json_data['interval'] = data['interval']
+ if data['es_version'] >= 56:
+ json_data['maxConcurrentShardRequests'] = data['max_concurrent_shard_requests']
+
+ if data['ds_type'] == 'elasticsearch' or data['ds_type'] == 'influxdb':
+ if data.get('time_interval'):
+ json_data['timeInterval'] = data['time_interval']
+
+ if data['ds_type'] == 'opentsdb':
+ json_data['tsdbVersion'] = data['tsdb_version']
+ if data['tsdb_resolution'] == 'second':
+ json_data['tsdbResolution'] = 1
+ else:
+ json_data['tsdbResolution'] = 2
+
+ if data['ds_type'] == 'postgres':
+ json_data['sslmode'] = data['sslmode']
+
+ if data['ds_type'] == 'alexanderzobnin-zabbix-datasource':
+ if data.get('trends'):
+ json_data['trends'] = True
+ json_data['username'] = data['zabbix_user']
+ json_data['password'] = data['zabbix_password']
+
+ if data['ds_type'] == 'cloudwatch':
+ if data.get('aws_credentials_profile'):
+ payload['database'] = data.get('aws_credentials_profile')
+
+ json_data['authType'] = data['aws_auth_type']
+ json_data['defaultRegion'] = data['aws_default_region']
+
+ if data.get('aws_custom_metrics_namespaces'):
+ json_data['customMetricsNamespaces'] = data.get('aws_custom_metrics_namespaces')
+ if data.get('aws_assume_role_arn'):
+ json_data['assumeRoleArn'] = data.get('aws_assume_role_arn')
+ if data.get('aws_access_key') and data.get('aws_secret_key'):
+ secure_json_data['accessKey'] = data.get('aws_access_key')
+ secure_json_data['secretKey'] = data.get('aws_secret_key')
+
+ payload['jsonData'] = json_data
+ payload['secureJsonData'] = secure_json_data
+ return payload
+
+
+class GrafanaInterface(object):
+
+ def __init__(self, module):
+ self._module = module
+ self.grafana_url = module.params.get("url")
+ # {{{ Authentication header
+ self.headers = {"Content-Type": "application/json"}
+ if module.params.get('grafana_api_key', None):
+ self.headers["Authorization"] = "Bearer %s" % module.params['grafana_api_key']
+ else:
+ self.headers["Authorization"] = basic_auth_header(module.params['url_username'], module.params['url_password'])
+ self.switch_organisation(module.params['org_id'])
+ # }}}
+
+ def _send_request(self, url, data=None, headers=None, method="GET"):
+ if data is not None:
+ data = json.dumps(data, sort_keys=True)
+ if not headers:
+ headers = []
+
+ full_url = "{grafana_url}{path}".format(grafana_url=self.grafana_url, path=url)
+ resp, info = fetch_url(self._module, full_url, data=data, headers=headers, method=method)
+ status_code = info["status"]
+ if status_code == 404:
+ return None
+ elif status_code == 401:
+ self._module.fail_json(failed=True, msg="Unauthorized to perform action '%s' on '%s'" % (method, full_url))
+ elif status_code == 403:
+ self._module.fail_json(failed=True, msg="Permission Denied")
+ elif status_code == 200:
+ return self._module.from_json(resp.read())
+ self._module.fail_json(failed=True, msg="Grafana API answered with HTTP %d for url %s and data %s" % (status_code, url, data))
+
+ def switch_organisation(self, org_id):
+ url = "/api/user/using/%d" % org_id
+ response = self._send_request(url, headers=self.headers, method='POST')
+
+ def datasource_by_name(self, name):
+ datasource_exists = False
+ ds = {}
+ url = "/api/datasources/name/%s" % quote(name)
+ return self._send_request(url, headers=self.headers, method='GET')
+
+ def delete_datasource(self, name):
+ url = "/api/datasources/name/%s" % quote(name)
+ self._send_request(url, headers=self.headers, method='DELETE')
+
+ def update_datasource(self, ds_id, data):
+ url = "/api/datasources/%d" % ds_id
+ self._send_request(url, data=data, headers=self.headers, method='PUT')
+
+ def create_datasource(self, data):
+ url = "/api/datasources"
+ self._send_request(url, data=data, headers=self.headers, method='POST')
+
+
+def main():
+ # use the predefined argument spec for url
+ argument_spec = grafana_argument_spec()
+
+ argument_spec.update(
+ name=dict(required=True, type='str'),
+ ds_type=dict(choices=['graphite',
+ 'prometheus',
+ 'elasticsearch',
+ 'influxdb',
+ 'opentsdb',
+ 'mysql',
+ 'postgres',
+ 'cloudwatch',
+ 'alexanderzobnin-zabbix-datasource',
+ 'camptocamp-prometheus-alertmanager-datasource',
+ 'sni-thruk-datasource',
+ 'loki'], required=True),
+ ds_url=dict(required=True, type='str'),
+ access=dict(default='proxy', choices=['proxy', 'direct']),
+ database=dict(type='str', default=""),
+ user=dict(default='', type='str'),
+ password=dict(default='', no_log=True, type='str'),
+ basic_auth_user=dict(type='str'),
+ basic_auth_password=dict(type='str', no_log=True),
+ with_credentials=dict(default=False, type='bool'),
+ tls_client_cert=dict(type='str', no_log=True),
+ tls_client_key=dict(type='str', no_log=True),
+ tls_ca_cert=dict(type='str', no_log=True),
+ tls_skip_verify=dict(type='bool', default=False),
+ is_default=dict(default=False, type='bool'),
+ org_id=dict(default=1, type='int'),
+ es_version=dict(type='int', default=5, choices=[2, 5, 56, 60, 70]),
+ max_concurrent_shard_requests=dict(type='int', default=256),
+ time_field=dict(default='@timestamp', type='str'),
+ time_interval=dict(type='str'),
+ interval=dict(type='str', choices=['', 'Hourly', 'Daily', 'Weekly', 'Monthly', 'Yearly'], default=''),
+ tsdb_version=dict(type='int', default=1, choices=[1, 2, 3]),
+ tsdb_resolution=dict(type='str', default='second', choices=['second', 'millisecond']),
+ sslmode=dict(default='disable', choices=['disable', 'require', 'verify-ca', 'verify-full']),
+ trends=dict(default=False, type='bool'),
+ aws_auth_type=dict(default='keys', choices=['keys', 'credentials', 'arn']),
+ aws_default_region=dict(default='us-east-1', choices=['ap-northeast-1', 'ap-northeast-2', 'ap-southeast-1', 'ap-southeast-2', 'ap-south-1',
+ 'ca-central-1',
+ 'cn-north-1', 'cn-northwest-1',
+ 'eu-central-1', 'eu-west-1', 'eu-west-2', 'eu-west-3',
+ 'sa-east-1',
+ 'us-east-1', 'us-east-2', 'us-gov-west-1', 'us-west-1', 'us-west-2']),
+ aws_access_key=dict(default='', no_log=True, type='str'),
+ aws_secret_key=dict(default='', no_log=True, type='str'),
+ aws_credentials_profile=dict(default='', type='str'),
+ aws_assume_role_arn=dict(default='', type='str'),
+ aws_custom_metrics_namespaces=dict(type='str'),
+ zabbix_user=dict(type='str'),
+ zabbix_password=dict(type='str', no_log=True),
+ additional_json_data=dict(type='dict', default={}, required=False),
+ additional_secure_json_data=dict(type='dict', default={}, required=False),
+ enforce_secure_data=dict(type='bool', default=False, required=False)
+ )
+
+ module = AnsibleModule(
+ argument_spec=argument_spec,
+ supports_check_mode=False,
+ required_together=[['url_username', 'url_password', 'org_id'], ['tls_client_cert', 'tls_client_key']],
+ mutually_exclusive=[['url_username', 'grafana_api_key'], ['tls_ca_cert', 'tls_skip_verify']],
+ required_if=[
+ ['ds_type', 'opentsdb', ['tsdb_version', 'tsdb_resolution']],
+ ['ds_type', 'influxdb', ['database']],
+ ['ds_type', 'elasticsearch', ['database', 'es_version', 'time_field', 'interval']],
+ ['ds_type', 'mysql', ['database']],
+ ['ds_type', 'postgres', ['database', 'sslmode']],
+ ['ds_type', 'cloudwatch', ['aws_auth_type', 'aws_default_region']],
+ ['es_version', 56, ['max_concurrent_shard_requests']],
+ ['es_version', 60, ['max_concurrent_shard_requests']],
+ ['es_version', 70, ['max_concurrent_shard_requests']]
+ ],
+ )
+
+ state = module.params['state']
+ name = module.params['name']
+ enforce_secure_data = module.params['enforce_secure_data']
+
+ grafana_iface = GrafanaInterface(module)
+ ds = grafana_iface.datasource_by_name(name)
+
+ if state == 'present':
+ payload = get_datasource_payload(module.params)
+ if ds is None:
+ grafana_iface.create_datasource(payload)
+ ds = grafana_iface.datasource_by_name(name)
+ module.exit_json(changed=True, datasource=ds, msg='Datasource %s created' % name)
+ else:
+ diff = compare_datasources(payload.copy(), ds.copy(), enforce_secure_data)
+ if diff.get('before') == diff.get('after'):
+ module.exit_json(changed=False, datasource=ds, msg='Datasource %s unchanged' % name)
+ grafana_iface.update_datasource(ds.get('id'), payload)
+ ds = grafana_iface.datasource_by_name(name)
+ if diff.get('before') == diff.get('after'):
+ module.exit_json(changed=False, datasource=ds, msg='Datasource %s unchanged' % name)
+
+ module.exit_json(changed=True, diff=diff, datasource=ds, msg='Datasource %s updated' % name)
+ else:
+ if ds is None:
+ module.exit_json(changed=False, datasource=None, msg='Datasource %s does not exist.' % name)
+ grafana_iface.delete_datasource(name)
+ module.exit_json(changed=True, datasource=None, msg='Datasource %s deleted.' % name)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/collections-debian-merged/ansible_collections/community/grafana/plugins/modules/grafana_folder.py b/collections-debian-merged/ansible_collections/community/grafana/plugins/modules/grafana_folder.py
new file mode 100644
index 00000000..5f305250
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/grafana/plugins/modules/grafana_folder.py
@@ -0,0 +1,274 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+# This file is part of Ansible
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+# Copyright: (c) 2019, Rémi REY (@rrey)
+
+from __future__ import absolute_import, division, print_function
+
+DOCUMENTATION = '''
+---
+module: grafana_folder
+author:
+ - Rémi REY (@rrey)
+version_added: "1.0.0"
+short_description: Manage Grafana Folders
+description:
+ - Create/update/delete Grafana Folders through the Folders API.
+ - The Folders API is only available starting Grafana 5 and the module will fail if the server version is lower than version 5.
+options:
+ name:
+ description:
+ - The title of the Grafana Folder.
+ required: true
+ type: str
+ aliases: [ title ]
+ state:
+ description:
+ - Delete the members not found in the C(members) parameters from the
+ - list of members found on the Folder.
+ default: present
+ type: str
+ choices: ["present", "absent"]
+extends_documentation_fragment:
+- community.grafana.basic_auth
+- community.grafana.api_key
+'''
+
+EXAMPLES = '''
+---
+- name: Create a folder
+ community.grafana.grafana_folder:
+ url: "https://grafana.example.com"
+ grafana_api_key: "{{ some_api_token_value }}"
+ title: "grafana_working_group"
+ state: present
+
+- name: Delete a folder
+ community.grafana.grafana_folder:
+ url: "https://grafana.example.com"
+ grafana_api_key: "{{ some_api_token_value }}"
+ title: "grafana_working_group"
+ state: absent
+'''
+
+RETURN = '''
+---
+folder:
+ description: Information about the Folder
+ returned: On success
+ type: complex
+ contains:
+ id:
+ description: The Folder identifier
+ returned: always
+ type: int
+ sample:
+ - 42
+ uid:
+ description: The Folder uid
+ returned: always
+ type: str
+ sample:
+ - "nErXDvCkzz"
+ title:
+ description: The Folder title
+ returned: always
+ type: str
+ sample:
+ - "Department ABC"
+ url:
+ description: The Folder url
+ returned: always
+ type: str
+ sample:
+ - "/dashboards/f/nErXDvCkzz/department-abc"
+ hasAcl:
+ description: Boolean specifying if folder has acl
+ returned: always
+ type: bool
+ sample:
+ - false
+ canSave:
+ description: Boolean specifying if current user can save in folder
+ returned: always
+ type: bool
+ sample:
+ - false
+ canEdit:
+ description: Boolean specifying if current user can edit in folder
+ returned: always
+ type: bool
+ sample:
+ - false
+ canAdmin:
+ description: Boolean specifying if current user can admin in folder
+ returned: always
+ type: bool
+ sample:
+ - false
+ createdBy:
+ description: The name of the user who created the folder
+ returned: always
+ type: str
+ sample:
+ - "admin"
+ created:
+ description: The folder creation date
+ returned: always
+ type: str
+ sample:
+ - "2018-01-31T17:43:12+01:00"
+ updatedBy:
+ description: The name of the user who last updated the folder
+ returned: always
+ type: str
+ sample:
+ - "admin"
+ updated:
+ description: The date the folder was last updated
+ returned: always
+ type: str
+ sample:
+ - "2018-01-31T17:43:12+01:00"
+ version:
+ description: The folder version
+ returned: always
+ type: int
+ sample:
+ - 1
+'''
+
+import json
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible.module_utils.urls import fetch_url, basic_auth_header
+from ansible_collections.community.grafana.plugins.module_utils.base import grafana_argument_spec, grafana_required_together, grafana_mutually_exclusive
+from ansible.module_utils.six.moves.urllib.parse import quote
+from ansible.module_utils._text import to_text
+
+__metaclass__ = type
+
+
+class GrafanaFolderInterface(object):
+
+ def __init__(self, module):
+ self._module = module
+ # {{{ Authentication header
+ self.headers = {"Content-Type": "application/json"}
+ if module.params.get('grafana_api_key', None):
+ self.headers["Authorization"] = "Bearer %s" % module.params['grafana_api_key']
+ else:
+ self.headers["Authorization"] = basic_auth_header(module.params['url_username'], module.params['url_password'])
+ # }}}
+ self.grafana_url = module.params.get("url")
+ grafana_version = self.get_version()
+ if grafana_version["major"] < 5:
+ self._module.fail_json(failed=True, msg="Folders API is available starting Grafana v5")
+
+ def _send_request(self, url, data=None, headers=None, method="GET"):
+ if data is not None:
+ data = json.dumps(data, sort_keys=True)
+ if not headers:
+ headers = []
+
+ full_url = "{grafana_url}{path}".format(grafana_url=self.grafana_url, path=url)
+ resp, info = fetch_url(self._module, full_url, data=data, headers=headers, method=method)
+ status_code = info["status"]
+ if status_code == 404:
+ return None
+ elif status_code == 401:
+ self._module.fail_json(failed=True, msg="Unauthorized to perform action '%s' on '%s'" % (method, full_url))
+ elif status_code == 403:
+ self._module.fail_json(failed=True, msg="Permission Denied")
+ elif status_code == 412:
+ error_msg = resp.read()['message']
+ self._module.fail_json(failed=True, msg=error_msg)
+ elif status_code == 200:
+ return self._module.from_json(resp.read())
+ self._module.fail_json(failed=True, msg="Grafana Folders API answered with HTTP %d" % status_code)
+
+ def get_version(self):
+ url = "/api/health"
+ response = self._send_request(url, data=None, headers=self.headers, method="GET")
+ version = response.get("version")
+ major, minor, rev = version.split(".")
+ return {"major": int(major), "minor": int(minor), "rev": int(rev)}
+
+ def create_folder(self, title):
+ url = "/api/folders"
+ folder = dict(title=title)
+ response = self._send_request(url, data=folder, headers=self.headers, method="POST")
+ return response
+
+ def get_folder(self, title):
+ url = "/api/search?type=dash-folder&query={title}".format(title=quote(title))
+ response = self._send_request(url, headers=self.headers, method="GET")
+ for item in response:
+ if item.get("title") == to_text(title):
+ return item
+ return None
+
+ def delete_folder(self, folder_uid):
+ url = "/api/folders/{folder_uid}".format(folder_uid=folder_uid)
+ response = self._send_request(url, headers=self.headers, method="DELETE")
+ return response
+
+
+def setup_module_object():
+ module = AnsibleModule(
+ argument_spec=argument_spec,
+ supports_check_mode=False,
+ required_together=grafana_required_together(),
+ mutually_exclusive=grafana_mutually_exclusive(),
+ )
+ return module
+
+
+argument_spec = grafana_argument_spec()
+argument_spec.update(
+ name=dict(type='str', aliases=['title'], required=True),
+ state=dict(type='str', default='present', choices=['present', 'absent']),
+)
+
+
+def main():
+
+ module = setup_module_object()
+ state = module.params['state']
+ title = module.params['name']
+
+ grafana_iface = GrafanaFolderInterface(module)
+
+ changed = False
+ if state == 'present':
+ folder = grafana_iface.get_folder(title)
+ if folder is None:
+ grafana_iface.create_folder(title)
+ folder = grafana_iface.get_folder(title)
+ changed = True
+ folder = grafana_iface.get_folder(title)
+ module.exit_json(changed=changed, folder=folder)
+ elif state == 'absent':
+ folder = grafana_iface.get_folder(title)
+ if folder is None:
+ module.exit_json(changed=False, message="No folder found")
+ result = grafana_iface.delete_folder(folder.get("uid"))
+ module.exit_json(changed=True, message=result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/collections-debian-merged/ansible_collections/community/grafana/plugins/modules/grafana_notification_channel.py b/collections-debian-merged/ansible_collections/community/grafana/plugins/modules/grafana_notification_channel.py
new file mode 100644
index 00000000..2985fb4c
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/grafana/plugins/modules/grafana_notification_channel.py
@@ -0,0 +1,816 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+# This file is part of Ansible
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+
+from __future__ import absolute_import, division, print_function
+__metaclass__ = type
+
+DOCUMENTATION = '''
+---
+module: grafana_notification_channel
+author:
+ - Aliaksandr Mianzhynski (@amenzhinsky)
+version_added: "1.1.0"
+short_description: Manage Grafana Notification Channels
+description:
+ - Create/Update/Delete Grafana Notification Channels via API.
+options:
+ org_id:
+ description:
+ - The Grafana Organisation ID where the dashboard will be imported / exported.
+ - Not used when I(grafana_api_key) is set, because the grafana_api_key only belongs to one organisation..
+ default: 1
+ type: int
+ state:
+ type: str
+ default: present
+ choices:
+ - present
+ - absent
+ description:
+ - Status of the notification channel.
+ uid:
+ type: str
+ description:
+ - The channel unique identifier.
+ name:
+ type: str
+ description:
+ - The name of the notification channel.
+ - Required when I(state) is C(present).
+ type:
+ type: str
+ choices:
+ - dingding
+ - discord
+ - email
+ - googlechat
+ - hipchat
+ - kafka
+ - line
+ - teams
+ - opsgenie
+ - pagerduty
+ - prometheus
+ - pushover
+ - sensu
+ - slack
+ - telegram
+ - threema
+ - victorops
+ - webhook
+ description:
+ - The channel notification type.
+ - Required when I(state) is C(present).
+ is_default:
+ type: bool
+ default: 'no'
+ description:
+ - Use this channel for all alerts.
+ include_image:
+ type: bool
+ default: 'no'
+ description:
+ - Capture a visualization image and attach it to notifications.
+ disable_resolve_message:
+ type: bool
+ default: 'no'
+ description:
+ - Disable the resolve message.
+ reminder_frequency:
+ type: str
+ description:
+ - Additional notifications interval for triggered alerts.
+ - For example C(15m).
+ dingding_url:
+ type: str
+ description:
+ - DingDing webhook URL.
+ dingding_message_type:
+ type: list
+ elements: str
+ choices:
+ - link
+ - action_card
+ description:
+ - DingDing message type.
+ discord_url:
+ type: str
+ description:
+ - Discord webhook URL.
+ discord_message_content:
+ type: str
+ description:
+ - Overrides message content.
+ email_addresses:
+ type: list
+ elements: str
+ description:
+ - List of recipients.
+ email_single:
+ type: bool
+ description:
+ - Send single email to all recipients.
+ googlechat_url:
+ type: str
+ description:
+ - Google Hangouts webhook URL.
+ hipchat_url:
+ type: str
+ description:
+ - HipChat webhook URL.
+ hipchat_api_key:
+ type: str
+ description:
+ - HipChat API key.
+ hipchat_room_id:
+ type: str
+ description:
+ - HipChat room ID.
+ kafka_url:
+ type: str
+ description:
+ - Kafka REST proxy URL.
+ kafka_topic:
+ type: str
+ description:
+ - Kafka topic name.
+ line_token:
+ type: str
+ description:
+ - LINE token.
+ teams_url:
+ type: str
+ description:
+ - Microsoft Teams webhook URL.
+ opsgenie_url:
+ type: str
+ description:
+ - OpsGenie webhook URL.
+ opsgenie_api_key:
+ type: str
+ description:
+ - OpsGenie API key.
+ opsgenie_auto_close:
+ type: bool
+ description:
+ - Automatically close alerts in OpsGenie once the alert goes back to ok.
+ opsgenie_override_priority:
+ type: bool
+ description:
+ - Allow the alert priority to be set using the og_priority tag.
+ pagerduty_integration_key:
+ type: str
+ description:
+ - PagerDuty integration key.
+ pagerduty_severity:
+ type: list
+ elements: str
+ choices:
+ - critical
+ - error
+ - warning
+ - info
+ description:
+ - Alert severity in PagerDuty.
+ pagerduty_auto_resolve:
+ type: bool
+ description:
+ - Resolve incidents in PagerDuty once the alert goes back to ok.
+ pagerduty_message_in_details:
+ type: bool
+ description:
+ - Move the alert message from the PD summary into the custom details.
+ - This changes the custom details object and may break event rules you have configured.
+ prometheus_url:
+ type: str
+ description:
+ - Prometheus API URL.
+ prometheus_username:
+ type: str
+ description:
+ - Prometheus username.
+ prometheus_password:
+ type: str
+ description:
+ - Prometheus password.
+ pushover_api_token:
+ type: str
+ description:
+ - Pushover API token.
+ pushover_user_key:
+ type: str
+ description:
+ - Pushover user key.
+ pushover_devices:
+ type: list
+ elements: str
+ description:
+ - Devices list in Pushover.
+ pushover_priority:
+ type: list
+ elements: str
+ choices:
+ - emergency
+ - high
+ - normal
+ - low
+ - lowest
+ description:
+ - Alert priority in Pushover.
+ pushover_retry:
+ type: int
+ description:
+ - Retry in C(n) minutes.
+ - Only when priority is C(emergency).
+ pushover_expire:
+ type: int
+ description:
+ - Expire alert in C(n) minutes.
+ - Only when priority is C(emergency).
+ pushover_alert_sound:
+ type: str
+ description:
+ - Alert sound in Pushover.
+ - L(https://pushover.net/api#sounds)
+ pushover_ok_sound:
+ type: str
+ description:
+ - OK sound in Pushover.
+ - L(https://pushover.net/api#sounds)
+ sensu_url:
+ type: str
+ description:
+ - Sensu webhook URL.
+ sensu_source:
+ type: str
+ description:
+ - Source in Sensu.
+ sensu_handler:
+ type: str
+ description:
+ - Sensu handler name.
+ sensu_username:
+ type: str
+ description:
+ - Sensu user.
+ sensu_password:
+ type: str
+ description:
+ - Sensu password.
+ slack_url:
+ type: str
+ description:
+ - Slack webhook URL.
+ slack_recipient:
+ type: str
+ description:
+ - Override default Slack channel or user.
+ slack_username:
+ type: str
+ description:
+ - Set the username for the bot's message.
+ slack_icon_emoji:
+ type: str
+ description:
+ - An emoji to use for the bot's message.
+ slack_icon_url:
+ type: str
+ description:
+ - URL to an image to use as the icon for the bot's message
+ slack_mention_users:
+ type: list
+ elements: str
+ description:
+ - Mention users list.
+ slack_mention_groups:
+ type: list
+ elements: str
+ description:
+ - Mention groups list.
+ slack_mention_channel:
+ type: list
+ elements: str
+ choices:
+ - here
+ - channel
+ description:
+ - Mention whole channel or just active members.
+ slack_token:
+ type: str
+ description:
+ - Slack token.
+ telegram_bot_token:
+ type: str
+ description:
+ - Telegram bot token;
+ telegram_chat_id:
+ type: str
+ description:
+ - Telegram chat id.
+ threema_gateway_id:
+ type: str
+ description:
+ - 8 character Threema Gateway ID (starting with a *).
+ threema_recepient_id:
+ type: str
+ description:
+ - 8 character Threema ID that should receive the alerts.
+ threema_api_secret:
+ type: str
+ description:
+ - Threema Gateway API secret.
+ victorops_url:
+ type: str
+ description:
+ - VictorOps webhook URL.
+ victorops_auto_resolve:
+ type: bool
+ description:
+ - Resolve incidents in VictorOps once the alert goes back to ok.
+ webhook_url:
+ type: str
+ description:
+ - Webhook URL
+ webhook_username:
+ type: str
+ description:
+ - Webhook username.
+ webhook_password:
+ type: str
+ description:
+ - Webhook password.
+ webhook_http_method:
+ type: list
+ elements: str
+ choices:
+ - POST
+ - PUT
+ description:
+ - Webhook HTTP verb to use.
+
+extends_documentation_fragment:
+ - community.grafana.basic_auth
+ - community.grafana.api_key
+'''
+
+
+EXAMPLES = '''
+- name: Create slack notification channel
+ register: result
+ grafana_notification_channel:
+ uid: slack
+ name: slack
+ type: slack
+ slack_url: https://hooks.slack.com/services/xxx/yyy/zzz
+ grafana_url: "{{ grafana_url }}"
+ grafana_user: "{{ grafana_username }}"
+ grafana_password: "{{ grafana_password}}"
+
+- name: Delete slack notification channel
+ register: result
+ grafana_notification_channel:
+ state: absent
+ uid: slack
+ grafana_url: "{{ grafana_url }}"
+ grafana_user: "{{ grafana_username }}"
+ grafana_password: "{{ grafana_password}}"
+'''
+
+RETURN = '''
+notification_channel:
+ description: Notification channel created or updated by the module.
+ returned: changed
+ type: dict
+ sample: |
+ {
+ "created": "2020-11-10T21:10:19.675308051+03:00",
+ "disableResolveMessage": false,
+ "frequency": "",
+ "id": 37,
+ "isDefault": false,
+ "name": "Oops",
+ "secureFields": {},
+ "sendReminder": false,
+ "settings": {
+ "uploadImage": false,
+ "url": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER"
+ },
+ "type": "slack",
+ "uid": "slack-oops",
+ "updated": "2020-11-10T21:10:19.675308112+03:00"
+ }
+'''
+
+import json
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible.module_utils.urls import fetch_url
+from ansible.module_utils._text import to_text
+from ansible_collections.community.grafana.plugins.module_utils.base import grafana_argument_spec
+
+
+class GrafanaAPIException(Exception):
+ pass
+
+
+def grafana_switch_organisation(module, grafana_url, org_id, headers):
+ r, info = fetch_url(module, '%s/api/user/using/%s' % (grafana_url, org_id),
+ headers=headers, method='POST')
+ if info['status'] != 200:
+ raise GrafanaAPIException('Unable to switch to organization %s : %s' %
+ (org_id, info))
+
+
+def grafana_headers(module, data):
+ headers = {'content-type': 'application/json; charset=utf8'}
+ if 'grafana_api_key' in data and data['grafana_api_key']:
+ headers['Authorization'] = "Bearer %s" % data['grafana_api_key']
+ else:
+ module.params['force_basic_auth'] = True
+ grafana_switch_organisation(module, data['grafana_url'], data['org_id'], headers)
+ return headers
+
+
+def grafana_notification_channel_payload(data):
+ payload = {
+ 'uid': data['uid'],
+ 'name': data['name'],
+ 'type': data['type'],
+ 'isDefault': data['is_default'],
+ 'disableResolveMessage': data['disable_resolve_message'],
+ 'settings': {
+ 'uploadImage': data['include_image']
+ }
+ }
+
+ if data.get('reminder_frequency'):
+ payload['sendReminder'] = True
+ payload['frequency'] = data['reminder_frequency']
+
+ if data['type'] == 'dingding':
+ payload['settings']['url'] = data['dingding_url']
+ if data.get('dingding_message_type'):
+ payload['settings']['msgType'] = {
+ 'link': 'link',
+ 'action_card': 'actionCard',
+ }[data['dingding_message_type']]
+
+ elif data['type'] == 'discord':
+ payload['settings']['url'] = data['discord_url']
+ if data.get('discord_message_content'):
+ payload['settings']['content'] = data['discord_message_content']
+
+ elif data['type'] == 'email':
+ payload['settings']['addresses'] = ';'.join(data['email_addresses'])
+ if data.get('email_single'):
+ payload['settings']['singleEmail'] = data['email_single']
+
+ elif data['type'] == 'googlechat':
+ payload['settings']['url'] = data['googlechat_url']
+
+ elif data['type'] == 'hipchat':
+ payload['settings']['url'] = data['hipchat_url']
+ if data.get('hipchat_api_key'):
+ payload['settings']['apiKey'] = data['hipchat_api_key']
+ if data.get('hipchat_room_id'):
+ payload['settings']['roomid'] = data['hipchat_room_id']
+
+ elif data['type'] == 'kafka':
+ payload['settings']['kafkaRestProxy'] = data['kafka_url']
+ payload['settings']['kafkaTopic'] = data['kafka_topic']
+
+ elif data['type'] == 'line':
+ payload['settings']['token'] = data['line_token']
+
+ elif data['type'] == 'teams':
+ payload['settings']['url'] = data['teams_url']
+
+ elif data['type'] == 'opsgenie':
+ payload['settings']['apiUrl'] = data['opsgenie_url']
+ payload['settings']['apiKey'] = data['opsgenie_api_key']
+
+ elif data['type'] == 'pagerduty':
+ payload['settings']['integrationKey'] = data['pagerduty_integration_key']
+ if data.get('pagerduty_severity'):
+ payload['settings']['severity'] = data['pagerduty_severity']
+ if data.get('pagerduty_auto_resolve'):
+ payload['settings']['autoResolve'] = data['pagerduty_auto_resolve']
+ if data.get('pagerduty_message_in_details'):
+ payload['settings']['messageInDetails'] = data['pagerduty_message_in_details']
+
+ elif data['type'] == 'prometheus':
+ payload['type'] = 'prometheus-alertmanager'
+ payload['settings']['url'] = data['prometheus_url']
+ if data.get('prometheus_username'):
+ payload['settings']['basicAuthUser'] = data['prometheus_username']
+ if data.get('prometheus_password'):
+ payload['settings']['basicAuthPassword'] = data['prometheus_password']
+
+ elif data['type'] == 'pushover':
+ payload['settings']['apiToken'] = data['pushover_api_token']
+ payload['settings']['userKey'] = data['pushover_user_key']
+ if data.get('pushover_devices'):
+ payload['settings']['device'] = ';'.join(data['pushover_devices'])
+ if data.get('pushover_priority'):
+ payload['settings']['priority'] = {
+ 'emergency': '2',
+ 'high': '1',
+ 'normal': '0',
+ 'low': '-1',
+ 'lowest': '-2'
+ }[data['pushover_priority']]
+ if data.get('pushover_retry'):
+ payload['settings']['retry'] = str(data['pushover_retry'])
+ if data.get('pushover_expire'):
+ payload['settings']['expire'] = str(data['pushover_expire'])
+ if data.get('pushover_alert_sound'):
+ payload['settings']['sound'] = data['pushover_alert_sound']
+ if data.get('pushover_ok_sound'):
+ payload['settings']['okSound'] = data['pushover_ok_sound']
+
+ elif data['type'] == 'sensu':
+ payload['settings']['url'] = data['sensu_url']
+ if data.get('sensu_source'):
+ payload['settings']['source'] = data['sensu_source']
+ if data.get('sensu_handler'):
+ payload['settings']['handler'] = data['sensu_handler']
+ if data.get('sensu_username'):
+ payload['settings']['username'] = data['sensu_username']
+ if data.get('sensu_password'):
+ payload['settings']['password'] = data['sensu_password']
+
+ elif data['type'] == 'slack':
+ payload['settings']['url'] = data['slack_url']
+ if data.get('slack_recipient'):
+ payload['settings']['recipient'] = data['slack_recipient']
+ if data.get('slack_username'):
+ payload['settings']['username'] = data['slack_username']
+ if data.get('slack_icon_emoji'):
+ payload['settings']['iconEmoji'] = data['slack_icon_emoji']
+ if data.get('slack_icon_url'):
+ payload['settings']['iconUrl'] = data['slack_icon_url']
+ if data.get('slack_mention_users'):
+ payload['settings']['mentionUsers'] = ','.join(data['slack_mention_users'])
+ if data.get('slack_mention_groups'):
+ payload['settings']['mentionGroups'] = ','.join(data['slack_mention_groups'])
+ if data.get('slack_mention_channel'):
+ payload['settings']['mentionChannel'] = data['slack_mention_channel']
+ if data.get('slack_token'):
+ payload['settings']['token'] = data['slack_token']
+
+ elif data['type'] == 'telegram':
+ payload['settings']['bottoken'] = data['telegram_bot_token']
+ payload['settings']['chatid'] = data['telegram_chat_id']
+
+ elif data['type'] == 'treema':
+ payload['settings']['gateway_id'] = data['settings_gateway_id']
+ payload['settings']['recipient_id'] = data['settings_recipient_id']
+ payload['settings']['api_secret'] = data['settings_api_secret']
+
+ elif data['type'] == 'victorops':
+ payload['settings']['url'] = data['victorops_url']
+ if data.get('victorops_auto_resolve'):
+ payload['settings']['autoResolve'] = data['victorops_auto_resolve']
+
+ elif data['type'] == 'webhook':
+ payload['settings']['url'] = data['webhook_url']
+ if data.get('webhook_http_method'):
+ payload['settings']['httpMethod'] = data['webhook_http_method']
+ if data.get('webhook_username'):
+ payload['settings']['username'] = data['webhook_username']
+ if data.get('webhook_password'):
+ payload['settings']['password'] = data['webhook_password']
+
+ return payload
+
+
+def grafana_create_notification_channel(module, data, headers, payload):
+ r, info = fetch_url(module, '%s/api/alert-notifications' % data['grafana_url'],
+ data=json.dumps(payload), headers=headers, method='POST')
+ if info['status'] == 200:
+ return {
+ 'state': 'present',
+ 'changed': True,
+ 'channel': json.loads(to_text(r.read())),
+ }
+ else:
+ raise GrafanaAPIException("Unable to create notification channel: %s" % info)
+
+
+def grafana_update_notification_channel(module, data, headers, payload, before):
+ r, info = fetch_url(module, '%s/api/alert-notifications/uid/%s' %
+ (data['grafana_url'], data['uid']),
+ data=json.dumps(payload), headers=headers, method='PUT')
+ if info['status'] == 200:
+ del before['created']
+ del before['updated']
+
+ channel = json.loads(to_text(r.read()))
+ after = channel.copy()
+ del after['created']
+ del after['updated']
+
+ if before == after:
+ return {
+ 'changed': False
+ }
+ else:
+ return {
+ 'changed': True,
+ 'diff': {
+ 'before': before,
+ 'after': after,
+ },
+ 'channel': channel,
+ }
+ else:
+ raise GrafanaAPIException("Unable to update notification channel %s : %s" %
+ (data['uid'], info))
+
+
+def grafana_create_or_update_notification_channel(module, data):
+ headers = grafana_headers(module, data)
+ payload = grafana_notification_channel_payload(data)
+ r, info = fetch_url(module, '%s/api/alert-notifications/uid/%s' %
+ (data['grafana_url'], data['uid']), headers=headers)
+ if info['status'] == 200:
+ before = json.loads(to_text(r.read()))
+ return grafana_update_notification_channel(module, data, headers, payload, before)
+ elif info['status'] == 404:
+ return grafana_create_notification_channel(module, data, headers, payload)
+ else:
+ raise GrafanaAPIException("Unable to get notification channel %s : %s" %
+ (data['uid'], info))
+
+
+def grafana_delete_notification_channel(module, data):
+ headers = grafana_headers(module, data)
+ r, info = fetch_url(module, '%s/api/alert-notifications/uid/%s' %
+ (data['grafana_url'], data['uid']),
+ headers=headers, method='DELETE')
+ if info['status'] == 200:
+ return {
+ 'state': 'absent',
+ 'changed': True
+ }
+ elif info['status'] == 404:
+ return {
+ 'changed': False
+ }
+ else:
+ raise GrafanaAPIException("Unable to delete notification channel %s : %s" %
+ (data['uid'], info))
+
+
+def main():
+ argument_spec = grafana_argument_spec()
+ argument_spec.update(
+ org_id=dict(type='int', default=1),
+ uid=dict(type='str'),
+ name=dict(type='str'),
+ type=dict(type='str',
+ choices=['dingding', 'discord', 'email', 'googlechat', 'hipchat',
+ 'kafka', 'line', 'teams', 'opsgenie', 'pagerduty',
+ 'prometheus', 'pushover', 'sensu', 'slack', 'telegram',
+ 'threema', 'victorops', 'webhook']),
+ is_default=dict(type='bool', default=False),
+ include_image=dict(type='bool', default=False),
+ disable_resolve_message=dict(type='bool', default=False),
+ reminder_frequency=dict(type='str'),
+
+ dingding_url=dict(type='str'),
+ dingding_message_type=dict(type='list', elements='str',
+ choices=['link', 'action_card']),
+
+ discord_url=dict(type='str'),
+ discord_message_content=dict(type='str'),
+
+ email_addresses=dict(type='list', elements='str'),
+ email_single=dict(type='bool'),
+
+ googlechat_url=dict(type='str'),
+
+ hipchat_url=dict(type='str'),
+ hipchat_api_key=dict(type='str', no_log=True),
+ hipchat_room_id=dict(type='str'),
+
+ kafka_url=dict(type='str'),
+ kafka_topic=dict(type='str'),
+
+ line_token=dict(type='str', no_log=True),
+
+ teams_url=dict(type='str'),
+
+ opsgenie_url=dict(type='str'),
+ opsgenie_api_key=dict(type='str', no_log=True),
+ opsgenie_auto_close=dict(type='bool'),
+ opsgenie_override_priority=dict(type='bool'),
+
+ pagerduty_integration_key=dict(type='str', no_log=True),
+ pagerduty_severity=dict(type='list', elements='str',
+ choices=['critical', 'error', 'warning', 'info']),
+ pagerduty_auto_resolve=dict(type='bool'),
+ pagerduty_message_in_details=dict(type='bool'),
+
+ prometheus_url=dict(type='str'),
+ prometheus_username=dict(type='str'),
+ prometheus_password=dict(type='str', no_log=True),
+
+ pushover_api_token=dict(type='str', no_log=True),
+ pushover_user_key=dict(type='str', no_log=True),
+ pushover_devices=dict(type='list', elements='str'),
+ pushover_priority=dict(type='list', elements='str',
+ choices=['emergency', 'high', 'normal', 'low', 'lowest']),
+ pushover_retry=dict(type='int'), # TODO: only when priority==emergency
+ pushover_expire=dict(type='int'), # TODO: only when priority==emergency
+ pushover_alert_sound=dict(type='str'), # TODO: add sound choices
+ pushover_ok_sound=dict(type='str'), # TODO: add sound choices
+
+ sensu_url=dict(type='str'),
+ sensu_source=dict(type='str'),
+ sensu_handler=dict(type='str'),
+ sensu_username=dict(type='str'),
+ sensu_password=dict(type='str', no_log=True),
+
+ slack_url=dict(type='str', no_log=True),
+ slack_recipient=dict(type='str'),
+ slack_username=dict(type='str'),
+ slack_icon_emoji=dict(type='str'),
+ slack_icon_url=dict(type='str'),
+ slack_mention_users=dict(type='list', elements='str'),
+ slack_mention_groups=dict(type='list', elements='str'),
+ slack_mention_channel=dict(type='list', elements='str',
+ choices=['here', 'channel']),
+ slack_token=dict(type='str', no_log=True),
+
+ telegram_bot_token=dict(type='str'),
+ telegram_chat_id=dict(type='str'),
+
+ threema_gateway_id=dict(type='str'),
+ threema_recepient_id=dict(type='str'),
+ threema_api_secret=dict(type='str', no_log=True),
+
+ victorops_url=dict(type='str'),
+ victorops_auto_resolve=dict(type='bool'),
+
+ webhook_url=dict(type='str'),
+ webhook_username=dict(type='str'),
+ webhook_password=dict(type='str', no_log=True),
+ webhook_http_method=dict(type='list', elements='str', choices=['POST', 'PUT'])
+ )
+
+ module = AnsibleModule(
+ argument_spec=argument_spec,
+ supports_check_mode=False,
+ required_together=[['url_username', 'url_password', 'org_id'],
+ ['prometheus_username', 'prometheus_password'],
+ ['sensu_username', 'sensu_password']],
+ mutually_exclusive=[['url_username', 'grafana_api_key']],
+ required_if=[
+ ['state', 'present', ['name', 'type']],
+ ['type', 'dingding', ['dingding_url']],
+ ['type', 'discord', ['discord_url']],
+ ['type', 'email', ['email_addresses']],
+ ['type', 'googlechat', ['googlechat_url']],
+ ['type', 'hipchat', ['hipchat_url']],
+ ['type', 'kafka', ['kafka_url', 'kafka_topic']],
+ ['type', 'line', ['line_token']],
+ ['type', 'teams', ['teams_url']],
+ ['type', 'opsgenie', ['opsgenie_url', 'opsgenie_api_key']],
+ ['type', 'pagerduty', ['pagerduty_integration_key']],
+ ['type', 'prometheus', ['prometheus_url']],
+ ['type', 'pushover', ['pushover_api_token', 'pushover_user_key']],
+ ['type', 'sensu', ['sensu_url']],
+ ['type', 'slack', ['slack_url']],
+ ['type', 'telegram', ['telegram_bot_token', 'telegram_chat_id']],
+ ['type', 'threema', ['threema_gateway_id', 'threema_recepient_id',
+ 'threema_api_secret']],
+ ['type', 'victorops', ['victorops_url']],
+ ['type', 'webhook', ['webhook_url']]
+ ]
+ )
+
+ if module.params['state'] == 'present':
+ result = grafana_create_or_update_notification_channel(module, module.params)
+ module.exit_json(failed=False, **result)
+ else:
+ result = grafana_delete_notification_channel(module, module.params)
+ module.exit_json(failed=False, **result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/collections-debian-merged/ansible_collections/community/grafana/plugins/modules/grafana_plugin.py b/collections-debian-merged/ansible_collections/community/grafana/plugins/modules/grafana_plugin.py
new file mode 100644
index 00000000..222165c8
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/grafana/plugins/modules/grafana_plugin.py
@@ -0,0 +1,264 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+
+# Copyright: (c) 2017, Thierry Sallé (@seuf)
+# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt)
+
+from __future__ import absolute_import, division, print_function
+
+DOCUMENTATION = '''module: grafana_plugin
+author:
+- Thierry Sallé (@seuf)
+short_description: Manage Grafana plugins via grafana-cli
+description:
+- Install and remove Grafana plugins.
+- See U(https://grafana.com/docs/plugins/installation/) for upstream documentation.
+options:
+ name:
+ description:
+ - Name of the plugin.
+ required: true
+ type: str
+ version:
+ description:
+ - Version of the plugin to install.
+ - Defaults to C(latest).
+ type: str
+ grafana_plugins_dir:
+ description:
+ - Directory where the Grafana plugin will be installed.
+ - If omitted, defaults to C(/var/lib/grafana/plugins).
+ type: str
+ grafana_repo:
+ description:
+ - URL to the Grafana plugin repository.
+ - 'If omitted, grafana-cli will use the default value: U(https://grafana.com/api/plugins).'
+ type: str
+ grafana_plugin_url:
+ description:
+ - Full URL to the plugin zip file instead of downloading the file from U(https://grafana.com/api/plugins).
+ - Requires grafana 4.6.x or later.
+ type: str
+ state:
+ description:
+ - Whether the plugin should be installed.
+ choices:
+ - present
+ - absent
+ default: present
+ type: str
+'''
+
+EXAMPLES = '''
+---
+- name: Install/update Grafana piechart panel plugin
+ community.grafana.grafana_plugin:
+ name: grafana-piechart-panel
+ version: latest
+ state: present
+'''
+
+RETURN = '''
+---
+version:
+ description: version of the installed/removed/updated plugin.
+ type: str
+ returned: always
+'''
+
+import os
+from ansible.module_utils.basic import AnsibleModule
+
+__metaclass__ = type
+
+
+class GrafanaCliException(Exception):
+ pass
+
+
+def parse_version(string):
+ name, version = string.split('@')
+ return name.strip(), version.strip()
+
+
+def grafana_cli_bin(params):
+ '''
+ Get the grafana-cli binary path with global options.
+ Raise a GrafanaCliException if the grafana-cli is not present or not in PATH
+
+ :param params: ansible module params. Used to fill grafana-cli global params.
+ '''
+ program = 'grafana-cli'
+ grafana_cli = None
+
+ def is_exe(fpath):
+ return os.path.isfile(fpath) and os.access(fpath, os.X_OK)
+
+ fpath, fname = os.path.split(program)
+ if fpath:
+ if is_exe(program):
+ grafana_cli = program
+ else:
+ for path in os.environ["PATH"].split(os.pathsep):
+ path = path.strip('"')
+ exe_file = os.path.join(path, program)
+ if is_exe(exe_file):
+ grafana_cli = exe_file
+ break
+
+ if grafana_cli is None:
+ raise GrafanaCliException('grafana-cli binary is not present or not in PATH')
+ else:
+ if 'grafana_plugin_url' in params and params['grafana_plugin_url']:
+ grafana_cli = '{0} {1} {2}'.format(grafana_cli, '--pluginUrl', params['grafana_plugin_url'])
+ if 'grafana_plugins_dir' in params and params['grafana_plugins_dir']:
+ grafana_cli = '{0} {1} {2}'.format(grafana_cli, '--pluginsDir', params['grafana_plugins_dir'])
+ if 'grafana_repo' in params and params['grafana_repo']:
+ grafana_cli = '{0} {1} {2}'.format(grafana_cli, '--repo', params['grafana_repo'])
+ if 'validate_certs' in params and params['validate_certs'] is False:
+ grafana_cli = '{0} {1}'.format(grafana_cli, '--insecure')
+
+ return '{0} {1}'.format(grafana_cli, 'plugins')
+
+
+def get_grafana_plugin_version(module, params):
+ '''
+ Fetch grafana installed plugin version. Return None if plugin is not installed.
+
+ :param module: ansible module object. used to run system commands.
+ :param params: ansible module params.
+ '''
+ grafana_cli = grafana_cli_bin(params)
+ rc, stdout, stderr = module.run_command('{0} ls'.format(grafana_cli))
+ stdout_lines = stdout.split("\n")
+ for line in stdout_lines:
+ if line.find(' @ ') != -1:
+ line = line.rstrip()
+ plugin_name, plugin_version = parse_version(line)
+ if plugin_name == params['name']:
+ return plugin_version
+ return None
+
+
+def get_grafana_plugin_version_latest(module, params):
+ '''
+ Fetch the latest version available from grafana-cli.
+ Return the newest version number or None not found.
+
+ :param module: ansible module object. used to run system commands.
+ :param params: ansible module params.
+ '''
+ grafana_cli = grafana_cli_bin(params)
+ rc, stdout, stderr = module.run_command('{0} list-versions {1}'.format(grafana_cli,
+ params['name']))
+ stdout_lines = stdout.split("\n")
+ if stdout_lines[0]:
+ return stdout_lines[0].rstrip()
+ return None
+
+
+def grafana_plugin(module, params):
+ '''
+ Install update or remove grafana plugin
+
+ :param module: ansible module object. used to run system commands.
+ :param params: ansible module params.
+ '''
+ grafana_cli = grafana_cli_bin(params)
+
+ if params['state'] == 'present':
+ grafana_plugin_version = get_grafana_plugin_version(module, params)
+ if grafana_plugin_version is not None:
+ if 'version' in params and params['version']:
+ if params['version'] == grafana_plugin_version:
+ return {'msg': 'Grafana plugin already installed',
+ 'changed': False,
+ 'version': grafana_plugin_version}
+ else:
+ if params['version'] == 'latest' or params['version'] is None:
+ latest_version = get_grafana_plugin_version_latest(module, params)
+ if latest_version == grafana_plugin_version:
+ return {'msg': 'Grafana plugin already installed',
+ 'changed': False,
+ 'version': grafana_plugin_version}
+ cmd = '{0} update {1}'.format(grafana_cli, params['name'])
+ else:
+ cmd = '{0} install {1} {2}'.format(grafana_cli, params['name'], params['version'])
+ else:
+ return {'msg': 'Grafana plugin already installed',
+ 'changed': False,
+ 'version': grafana_plugin_version}
+ else:
+ if 'version' in params:
+ if params['version'] == 'latest' or params['version'] is None:
+ cmd = '{0} install {1}'.format(grafana_cli, params['name'])
+ else:
+ cmd = '{0} install {1} {2}'.format(grafana_cli, params['name'], params['version'])
+ else:
+ cmd = '{0} install {1}'.format(grafana_cli, params['name'])
+ else:
+ cmd = '{0} uninstall {1}'.format(grafana_cli, params['name'])
+
+ rc, stdout, stderr = module.run_command(cmd)
+ if rc == 0:
+ stdout_lines = stdout.split("\n")
+ for line in stdout_lines:
+ if line.find(params['name']):
+ if line.find(' @ ') != -1:
+ line = line.rstrip()
+ plugin_name, plugin_version = parse_version(line)
+ else:
+ plugin_version = None
+
+ if params['state'] == 'present':
+ return {'msg': 'Grafana plugin {0} installed : {1}'.format(params['name'], cmd),
+ 'changed': True,
+ 'version': plugin_version}
+ else:
+ return {'msg': 'Grafana plugin {0} uninstalled : {1}'.format(params['name'], cmd),
+ 'changed': True}
+ else:
+ if params['state'] == 'absent' and stdout.find("plugin does not exist"):
+ return {'msg': 'Grafana plugin {0} already uninstalled : {1}'.format(params['name'], cmd), 'changed': False}
+ raise GrafanaCliException("'{0}' execution returned an error : [{1}] {2} {3}".format(cmd, rc, stdout, stderr))
+
+
+def main():
+ module = AnsibleModule(
+ argument_spec=dict(
+ name=dict(required=True,
+ type='str'),
+ version=dict(type='str'),
+ grafana_plugins_dir=dict(type='str'),
+ grafana_repo=dict(type='str'),
+ grafana_plugin_url=dict(type='str'),
+ state=dict(choices=['present', 'absent'],
+ default='present')
+ ),
+ supports_check_mode=False
+ )
+
+ try:
+ result = grafana_plugin(module, module.params)
+ except GrafanaCliException as e:
+ module.fail_json(
+ failed=True,
+ msg="{0}".format(e)
+ )
+ return
+ except Exception as e:
+ module.fail_json(
+ failed=True,
+ msg="{0} : {1} ".format(type(e), e)
+ )
+ return
+
+ module.exit_json(
+ failed=False,
+ **result
+ )
+ return
+
+
+if __name__ == '__main__':
+ main()
diff --git a/collections-debian-merged/ansible_collections/community/grafana/plugins/modules/grafana_team.py b/collections-debian-merged/ansible_collections/community/grafana/plugins/modules/grafana_team.py
new file mode 100644
index 00000000..be9b7210
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/grafana/plugins/modules/grafana_team.py
@@ -0,0 +1,335 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+# This file is part of Ansible
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+# Copyright: (c) 2019, Rémi REY (@rrey)
+
+from __future__ import absolute_import, division, print_function
+
+DOCUMENTATION = '''
+---
+module: grafana_team
+author:
+ - Rémi REY (@rrey)
+version_added: "1.0.0"
+short_description: Manage Grafana Teams
+description:
+ - Create/update/delete Grafana Teams through the Teams API.
+ - Also allows to add members in the team (if members exists).
+ - The Teams API is only available starting Grafana 5 and the module will fail if the server version is lower than version 5.
+options:
+ name:
+ description:
+ - The name of the Grafana Team.
+ required: true
+ type: str
+ email:
+ description:
+ - The mail address associated with the Team.
+ required: true
+ type: str
+ members:
+ description:
+ - List of team members (emails).
+ - The list can be enforced with C(enforce_members) parameter.
+ type: list
+ elements: str
+ state:
+ description:
+ - Delete the members not found in the C(members) parameters from the
+ - list of members found on the Team.
+ default: present
+ type: str
+ choices: ["present", "absent"]
+ enforce_members:
+ description:
+ - Delete the members not found in the C(members) parameters from the
+ - list of members found on the Team.
+ default: False
+ type: bool
+extends_documentation_fragment:
+- community.grafana.basic_auth
+- community.grafana.api_key
+'''
+
+EXAMPLES = '''
+---
+- name: Create a team
+ community.grafana.grafana_team:
+ url: "https://grafana.example.com"
+ grafana_api_key: "{{ some_api_token_value }}"
+ name: "grafana_working_group"
+ email: "foo.bar@example.com"
+ state: present
+
+- name: Create a team with members
+ community.grafana.grafana_team:
+ url: "https://grafana.example.com"
+ grafana_api_key: "{{ some_api_token_value }}"
+ name: "grafana_working_group"
+ email: "foo.bar@example.com"
+ members:
+ - john.doe@example.com
+ - jane.doe@example.com
+ state: present
+
+- name: Create a team with members and enforce the list of members
+ community.grafana.grafana_team:
+ url: "https://grafana.example.com"
+ grafana_api_key: "{{ some_api_token_value }}"
+ name: "grafana_working_group"
+ email: "foo.bar@example.com"
+ members:
+ - john.doe@example.com
+ - jane.doe@example.com
+ enforce_members: yes
+ state: present
+
+- name: Delete a team
+ community.grafana.grafana_team:
+ url: "https://grafana.example.com"
+ grafana_api_key: "{{ some_api_token_value }}"
+ name: "grafana_working_group"
+ email: "foo.bar@example.com"
+ state: absent
+'''
+
+RETURN = '''
+---
+team:
+ description: Information about the Team
+ returned: On success
+ type: complex
+ contains:
+ avatarUrl:
+ description: The url of the Team avatar on Grafana server
+ returned: always
+ type: str
+ sample:
+ - "/avatar/a7440323a684ea47406313a33156e5e9"
+ email:
+ description: The Team email address
+ returned: always
+ type: str
+ sample:
+ - "foo.bar@example.com"
+ id:
+ description: The Team email address
+ returned: always
+ type: int
+ sample:
+ - 42
+ memberCount:
+ description: The number of Team members
+ returned: always
+ type: int
+ sample:
+ - 42
+ name:
+ description: The name of the team.
+ returned: always
+ type: str
+ sample:
+ - "grafana_working_group"
+ members:
+ description: The list of Team members
+ returned: always
+ type: list
+ sample:
+ - ["john.doe@exemple.com"]
+ orgId:
+ description: The organization id that the team is part of.
+ returned: always
+ type: int
+ sample:
+ - 1
+'''
+
+import json
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible.module_utils.urls import fetch_url, basic_auth_header
+from ansible_collections.community.grafana.plugins.module_utils.base import grafana_argument_spec, grafana_required_together, grafana_mutually_exclusive
+
+__metaclass__ = type
+
+
+class GrafanaTeamInterface(object):
+
+ def __init__(self, module):
+ self._module = module
+ # {{{ Authentication header
+ self.headers = {"Content-Type": "application/json"}
+ if module.params.get('grafana_api_key', None):
+ self.headers["Authorization"] = "Bearer %s" % module.params['grafana_api_key']
+ else:
+ self.headers["Authorization"] = basic_auth_header(module.params['url_username'], module.params['url_password'])
+ # }}}
+ self.grafana_url = module.params.get("url")
+ grafana_version = self.get_version()
+ if grafana_version["major"] < 5:
+ self._module.fail_json(failed=True, msg="Teams API is available starting Grafana v5")
+
+ def _send_request(self, url, data=None, headers=None, method="GET"):
+ if data is not None:
+ data = json.dumps(data, sort_keys=True)
+ if not headers:
+ headers = []
+
+ full_url = "{grafana_url}{path}".format(grafana_url=self.grafana_url, path=url)
+ resp, info = fetch_url(self._module, full_url, data=data, headers=headers, method=method)
+ status_code = info["status"]
+ if status_code == 404:
+ return None
+ elif status_code == 401:
+ self._module.fail_json(failed=True, msg="Unauthorized to perform action '%s' on '%s'" % (method, full_url))
+ elif status_code == 403:
+ self._module.fail_json(failed=True, msg="Permission Denied")
+ elif status_code == 409:
+ self._module.fail_json(failed=True, msg="Team name is taken")
+ elif status_code == 200:
+ return self._module.from_json(resp.read())
+ self._module.fail_json(failed=True, msg="Grafana Teams API answered with HTTP %d" % status_code)
+
+ def get_version(self):
+ url = "/api/health"
+ response = self._send_request(url, data=None, headers=self.headers, method="GET")
+ version = response.get("version")
+ major, minor, rev = version.split(".")
+ return {"major": int(major), "minor": int(minor), "rev": int(rev)}
+
+ def create_team(self, name, email):
+ url = "/api/teams"
+ team = dict(email=email, name=name)
+ response = self._send_request(url, data=team, headers=self.headers, method="POST")
+ return response
+
+ def get_team(self, name):
+ url = "/api/teams/search?name={team}".format(team=name)
+ response = self._send_request(url, headers=self.headers, method="GET")
+ if not response.get("totalCount") <= 1:
+ raise AssertionError("Expected 1 team, got %d" % response["totalCount"])
+
+ if len(response.get("teams")) == 0:
+ return None
+ return response.get("teams")[0]
+
+ def update_team(self, team_id, name, email):
+ url = "/api/teams/{team_id}".format(team_id=team_id)
+ team = dict(email=email, name=name)
+ response = self._send_request(url, data=team, headers=self.headers, method="PUT")
+ return response
+
+ def delete_team(self, team_id):
+ url = "/api/teams/{team_id}".format(team_id=team_id)
+ response = self._send_request(url, headers=self.headers, method="DELETE")
+ return response
+
+ def get_team_members(self, team_id):
+ url = "/api/teams/{team_id}/members".format(team_id=team_id)
+ response = self._send_request(url, headers=self.headers, method="GET")
+ members = [item.get("email") for item in response]
+ return members
+
+ def add_team_member(self, team_id, email):
+ url = "/api/teams/{team_id}/members".format(team_id=team_id)
+ data = {"userId": self.get_user_id_from_mail(email)}
+ self._send_request(url, data=data, headers=self.headers, method="POST")
+
+ def delete_team_member(self, team_id, email):
+ user_id = self.get_user_id_from_mail(email)
+ url = "/api/teams/{team_id}/members/{user_id}".format(team_id=team_id, user_id=user_id)
+ self._send_request(url, headers=self.headers, method="DELETE")
+
+ def get_user_id_from_mail(self, email):
+ url = "/api/users/lookup?loginOrEmail={email}".format(email=email)
+ user = self._send_request(url, headers=self.headers, method="GET")
+ if user is None:
+ self._module.fail_json(failed=True, msg="User '%s' does not exists" % email)
+ return user.get("id")
+
+
+def setup_module_object():
+ module = AnsibleModule(
+ argument_spec=argument_spec,
+ supports_check_mode=False,
+ required_together=grafana_required_together(),
+ mutually_exclusive=grafana_mutually_exclusive(),
+ )
+ return module
+
+
+argument_spec = grafana_argument_spec()
+argument_spec.update(
+ name=dict(type='str', required=True),
+ email=dict(type='str', required=True),
+ members=dict(type='list', elements='str', required=False),
+ enforce_members=dict(type='bool', default=False),
+)
+
+
+def main():
+
+ module = setup_module_object()
+ state = module.params['state']
+ name = module.params['name']
+ email = module.params['email']
+ members = module.params['members']
+ enforce_members = module.params['enforce_members']
+
+ grafana_iface = GrafanaTeamInterface(module)
+
+ changed = False
+ if state == 'present':
+ team = grafana_iface.get_team(name)
+ if team is None:
+ grafana_iface.create_team(name, email)
+ team = grafana_iface.get_team(name)
+ changed = True
+ if members is not None:
+ cur_members = grafana_iface.get_team_members(team.get("id"))
+ plan = diff_members(members, cur_members)
+ for member in plan.get("to_add"):
+ grafana_iface.add_team_member(team.get("id"), member)
+ changed = True
+ if enforce_members:
+ for member in plan.get("to_del"):
+ grafana_iface.delete_team_member(team.get("id"), member)
+ changed = True
+ team = grafana_iface.get_team(name)
+ team['members'] = grafana_iface.get_team_members(team.get("id"))
+ module.exit_json(failed=False, changed=changed, team=team)
+ elif state == 'absent':
+ team = grafana_iface.get_team(name)
+ if team is None:
+ module.exit_json(failed=False, changed=False, message="No team found")
+ result = grafana_iface.delete_team(team.get("id"))
+ module.exit_json(failed=False, changed=True, message=result.get("message"))
+
+
+def diff_members(target, current):
+ diff = {"to_del": [], "to_add": []}
+ for member in target:
+ if member not in current:
+ diff["to_add"].append(member)
+ for member in current:
+ if member not in target:
+ diff["to_del"].append(member)
+ return diff
+
+
+if __name__ == '__main__':
+ main()
diff --git a/collections-debian-merged/ansible_collections/community/grafana/plugins/modules/grafana_user.py b/collections-debian-merged/ansible_collections/community/grafana/plugins/modules/grafana_user.py
new file mode 100644
index 00000000..c56e6bcb
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/grafana/plugins/modules/grafana_user.py
@@ -0,0 +1,299 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+# This file is part of Ansible
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+# Copyright: (c) 2020, Antoine Tanzilli (@Tailzip), Hong Viet Lê (@pomverte), Julien Alexandre (@jual), Marc Cyprien (@LeFameux)
+
+from __future__ import absolute_import, division, print_function
+
+DOCUMENTATION = '''
+---
+module: grafana_user
+author:
+ - Antoine Tanzilli (@Tailzip)
+ - Hong Viet LE (@pomverte)
+ - Julien Alexandre (@jual)
+ - Marc Cyprien (@LeFameux)
+version_added: "1.0.0"
+short_description: Manage Grafana User
+description:
+ - Create/update/delete Grafana User through the users and admin API.
+ - Tested with Grafana v6.4.3
+ - Password update is not supported at the time
+options:
+ name:
+ description:
+ - The name of the Grafana User.
+ required: false
+ type: str
+ email:
+ description:
+ - The email of the Grafana User.
+ required: false
+ type: str
+ login:
+ description:
+ - The login of the Grafana User.
+ required: true
+ type: str
+ password:
+ description:
+ - The password of the Grafana User.
+ - At the moment, this field is not updated yet.
+ required: false
+ type: str
+ is_admin:
+ description:
+ - The Grafana User is an admin.
+ required: false
+ type: bool
+ default: false
+ state:
+ description:
+ - State if the user should be present in Grafana or not
+ default: present
+ type: str
+ choices: ["present", "absent"]
+extends_documentation_fragment:
+- community.grafana.basic_auth
+'''
+
+EXAMPLES = '''
+---
+- name: Create or update a Grafana user
+ community.grafana.grafana_user:
+ url: "https://grafana.example.com"
+ url_username: admin
+ url_password: changeme
+ name: "Bruce Wayne"
+ email: batman@gotham.city
+ login: batman
+ password: robin
+ is_admin: true
+ state: present
+
+- name: Delete a Grafana user
+ community.grafana.grafana_user:
+ url: "https://grafana.example.com"
+ url_username: admin
+ url_password: changeme
+ login: batman
+ state: absent
+'''
+
+RETURN = '''
+---
+user:
+ description: Information about the User
+ returned: when state present
+ type: complex
+ contains:
+ id:
+ description: The User id
+ returned: always
+ type: int
+ sample:
+ - 42
+ email:
+ description: The User email address
+ returned: always
+ type: str
+ sample:
+ - "foo.bar@example.com"
+ login:
+ description: The User login
+ returned: always
+ type: str
+ sample:
+ - "batman"
+ theme:
+ description: The Grafana theme
+ returned: always
+ type: str
+ sample:
+ - "light"
+ orgId:
+ description: The organization id that the team is part of.
+ returned: always
+ type: int
+ sample:
+ - 1
+ isGrafanaAdmin:
+ description: The Grafana user permission for admin
+ returned: always
+ type: bool
+ sample:
+ - false
+ isDisabled:
+ description: The Grafana account status
+ returned: always
+ type: bool
+ sample:
+ - false
+ isExternal:
+ description: The Grafana account information on external user provider
+ returned: always
+ type: bool
+ sample:
+ - false
+'''
+
+import json
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible.module_utils.urls import fetch_url, basic_auth_header
+from ansible_collections.community.grafana.plugins.module_utils.base import grafana_argument_spec, grafana_required_together, grafana_mutually_exclusive
+
+__metaclass__ = type
+
+
+class GrafanaUserInterface(object):
+
+ def __init__(self, module):
+ self._module = module
+ # {{{ Authentication header
+ self.headers = {"Content-Type": "application/json"}
+ self.headers["Authorization"] = basic_auth_header(module.params['url_username'], module.params['url_password'])
+ # }}}
+ self.grafana_url = module.params.get("url")
+
+ def _send_request(self, url, data=None, headers=None, method="GET"):
+ if data is not None:
+ data = json.dumps(data, sort_keys=True)
+ if not headers:
+ headers = []
+
+ full_url = "{grafana_url}{path}".format(grafana_url=self.grafana_url, path=url)
+ resp, info = fetch_url(self._module, full_url, data=data, headers=headers, method=method)
+ status_code = info["status"]
+ if status_code == 404:
+ return None
+ elif status_code == 401:
+ self._module.fail_json(failed=True, msg="Unauthorized to perform action '%s' on '%s' header: %s" % (method, full_url, self.headers))
+ elif status_code == 403:
+ self._module.fail_json(failed=True, msg="Permission Denied")
+ elif status_code == 200:
+ return self._module.from_json(resp.read())
+ self._module.fail_json(failed=True, msg="Grafana Users API answered with HTTP %d" % status_code, body=self._module.from_json(resp.read()))
+
+ def create_user(self, name, email, login, password):
+ # https://grafana.com/docs/http_api/admin/#global-users
+ if not password:
+ self._module.fail_json(failed=True, msg="missing required arguments: password")
+ url = "/api/admin/users"
+ user = dict(name=name, email=email, login=login, password=password)
+ self._send_request(url, data=user, headers=self.headers, method="POST")
+ return self.get_user_from_login(login)
+
+ def get_user_from_login(self, login):
+ # https://grafana.com/docs/http_api/user/#get-single-user-by-username-login-or-email
+ url = "/api/users/lookup?loginOrEmail={login}".format(login=login)
+ return self._send_request(url, headers=self.headers, method="GET")
+
+ def update_user(self, user_id, email, name, login):
+ # https://grafana.com/docs/http_api/user/#user-update
+ url = "/api/users/{user_id}".format(user_id=user_id)
+ user = dict(email=email, name=name, login=login)
+ self._send_request(url, data=user, headers=self.headers, method="PUT")
+ return self.get_user_from_login(login)
+
+ def update_user_permissions(self, user_id, is_admin):
+ # https://grafana.com/docs/http_api/admin/#permissions
+ url = "/api/admin/users/{user_id}/permissions".format(user_id=user_id)
+ permissions = dict(isGrafanaAdmin=is_admin)
+ return self._send_request(url, data=permissions, headers=self.headers, method="PUT")
+
+ def delete_user(self, user_id):
+ # https://grafana.com/docs/http_api/admin/#delete-global-user
+ url = "/api/admin/users/{user_id}".format(user_id=user_id)
+ return self._send_request(url, headers=self.headers, method="DELETE")
+
+
+def is_user_update_required(target_user, email, name, login, is_admin):
+ # compare value before in target_user object and param
+ target_user_dict = dict(
+ email=target_user.get("email"),
+ name=target_user.get("name"),
+ login=target_user.get("login"),
+ is_admin=target_user.get("isGrafanaAdmin")
+ )
+ param_dict = dict(email=email, name=name, login=login, is_admin=is_admin)
+ return target_user_dict != param_dict
+
+
+def setup_module_object():
+ module = AnsibleModule(
+ argument_spec=argument_spec,
+ supports_check_mode=False,
+ required_if=[
+ ['state', 'present', ['name', 'email']],
+ ],
+ required_together=grafana_required_together()
+ )
+ return module
+
+
+argument_spec = grafana_argument_spec()
+argument_spec.update(
+ state=dict(choices=['present', 'absent'], default='present'),
+ name=dict(type='str', required=False),
+ email=dict(type='str', required=False),
+ login=dict(type='str', required=True),
+ password=dict(type='str', required=False, no_log=True),
+ is_admin=dict(type='bool', default=False),
+)
+argument_spec.pop('grafana_api_key')
+
+
+def main():
+ module = setup_module_object()
+ state = module.params['state']
+ name = module.params['name']
+ email = module.params['email']
+ login = module.params['login']
+ password = module.params['password']
+ is_admin = module.params['is_admin']
+
+ grafana_iface = GrafanaUserInterface(module)
+
+ # search user by login
+ target_user = grafana_iface.get_user_from_login(login)
+ if state == 'present':
+
+ if target_user is None:
+ # create new user
+ user = grafana_iface.create_user(name, email, login, password)
+ module.exit_json(changed=True, user=user)
+
+ if is_user_update_required(target_user, email, name, login, is_admin):
+ # update found user
+ target_user_id = target_user.get("id")
+ if is_admin != target_user.get("isGrafanaAdmin"):
+ grafana_iface.update_user_permissions(target_user_id, is_admin)
+ user = grafana_iface.update_user(target_user_id, email, name, login)
+ module.exit_json(changed=True, user=user)
+
+ module.exit_json(user=target_user)
+
+ elif state == 'absent':
+ if target_user is None:
+ module.exit_json(message="No user found, nothing to do")
+ result = grafana_iface.delete_user(target_user.get("id"))
+ module.exit_json(changed=True, message=result.get("message"))
+
+
+if __name__ == '__main__':
+ main()