This repository was archived by the owner on Nov 11, 2020. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathlandesk.py
170 lines (142 loc) · 5.3 KB
/
landesk.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
DOCUMENTATION = r"""
name: landesk
plugin_type: inventory
author:
- Matthew Howle <matthew@howle.org>
short_description: LANDESK inventory source
requirements:
- python >= 2.7
- requests
optional:
- request_kerberos
- requests_ntlm
description:
- Read inventory using LANDESK query.
- Uses landesk.(yml|yaml) YAML configuration file to configure the inventory plugin.
options:
plugin:
description: Marks this as an instance of the 'landesk' plugin.
required: true
choices: ['landesk']
server:
description: The LANDESK Core server name
required: true
protocol:
description: Protocol over which to interact with the core server
required: false
choices: ['http', 'https']
default: https
validate_cert:
description: Validate certificate if protocol is set to 'HTTPS'
required: false
default: true
authentication:
description: Authentication method to use
choices: ['basic', 'ntlm', 'kerberos']
default: basic
username:
description: Username to use if 'basic' or 'ntlm' is selected as the authentication method
required: false
password:
description: Password to use if 'basic' or 'ntlm' is selected as the authentication method
query:
description: LANDESK BNF query for machines
required: true
"""
EXAMPLES = r"""
# Minimal example.
plugin: landesk
server: landesk.example.com
query: Computer.OS.Name LIKE "%Debian%"
# Example with all values assigned
plugin: landesk
server: dc.example.com
protocol: https
validate_cert: true
authentication: ntlm
username: ExampleUser
password: "SecurePassword"
query: Computer.OS.Name LIKE "%Debian%"
"""
import xml.etree.ElementTree as ET
from ansible.errors import AnsibleError
from ansible.plugins.inventory import BaseInventoryPlugin
try:
import requests
except ImportError:
raise AnsibleError("The LANDESK dynamic inventory plugin requires 'requests' library")
try:
from requests_kerberos import HTTPKerberosAuth
HAS_REQKRB_AUTH = True
except ImportError:
HAS_REQKRB_AUTH = False
try:
from requests_ntlm import HttpNtlmAuth as HTTPNTLMAuth
HAS_REQNTLM_AUTH = True
except ImportError:
HAS_REQKRB_AUTH = False
class InventoryModule(BaseInventoryPlugin):
NAME = 'landesk'
def __init__(self):
super(InventoryModule, self).__init__()
def verify_file(self, path):
if super(InventoryModule, self).verify_file(path):
filenames = ('landesk.yaml', 'landesk.yml')
return any((path.endswith(filename) for filename in filenames))
return False
def parse(self, inventory, loader, path, cache=True):
super(InventoryModule, self).parse(inventory, loader, path)
self.config_data = self._read_config_data(path)
auth_type = self.get_option("authentication")
if auth_type in ("basic", "ntlm"):
username = self.get_option("username")
password = self.get_option("password")
if not (username and password):
raise AnsibleError(
("Username and password are required for "
"{} authentication.").format(auth_type)
)
if auth_type == "basic":
self._auth = (username, password)
elif auth_type == "ntlm":
if HAS_REQNTLM_AUTH:
self._auth = HTTPNTLMAuth(username, password)
else:
raise AnsibleError("The library 'requests_ntlm' is required for "
"NTLM authentication.")
elif auth_type == "kerberos":
if HAS_REQKRB_AUTH:
self._auth = HTTPKerberosAuth()
else:
raise AnsibleError("The library 'requests_kerberos' is required for "
"Kerberos authentication.")
self._build_inventory()
def _build_inventory(self):
server = self.get_option("server")
protocol = self.get_option("protocol")
query = self.get_option("query")
if protocol == "https":
validate_cert = self.get_option("validate_cert")
if not validate_cert:
import urllib3
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
else:
validate_cert = False
endpoint = "{}://{}/mbsdkservice/msgsdk.asmx/ListMachines".format(
protocol, server
)
payload = {"Filter": query}
result = requests.get(endpoint, params=payload, verify=validate_cert,
auth=self._auth)
result.raise_for_status()
data = result.text
root = ET.fromstring(data)
namespaces = {
"ld": "http://landesk.com/MBSDKService/MBSDK/"
}
for device_node in root.findall("./ld:Devices/ld:Device", namespaces):
name_tag = device_node.find("ld:DeviceName", namespaces)
host = name_tag.text
self.inventory.add_host(host)