Try SpotterCreate OAuth access tokens for accessing the Quay Container Registry API
| "added in version" 0.0.12 of herve4m.quay"
Authors: Herve Quatremain (@herve4m)
Install with ansible-galaxy collection install herve4m.quay:==1.2.0
collections:
- name: herve4m.quay
version: 1.2.0Create OAuth access tokens for authenticating with the API.
- name: Generate an OAuth access token
herve4m.quay.quay_api_token:
quay_username: lvasquez
quay_password: vs9mrD55NP
# The OAuth application must exist. See the following example that shows
# how to create an organization and an application.
client_id: PZ6F80R1LCVPGYNZGSZQ
rights:
- org:admin
- user:admin
quay_host: https://quay.example.com
register: token_details
- name: Display the new OAuth access token
debug:
msg: "The OAuth access token is: {{ token_details['access_token'] }}"
# The following example creates an organization, an OAuth application, a user
# account, and then generates an OAuth access token for that user account.
# The OAuth access token of an existing super user is required to create the
# organization, the application, and the user account.
- name: Ensure the organization exists
herve4m.quay.quay_organization:
name: production
email: prodlist@example.com
state: present
quay_host: https://quay.example.com
quay_token: vgfH9zH5q6eV16Con7SvDQYSr0KPYQimMHVehZv7
- name: Ensure the application extapp exists
herve4m.quay.quay_application:
organization: production
name: extapp
state: present
quay_host: https://quay.example.com
quay_token: vgfH9zH5q6eV16Con7SvDQYSr0KPYQimMHVehZv7
register: app_details
- name: Ensure the user exists
herve4m.quay.quay_user:
username: jziglar
password: i45fR38GhY
email: jziglar@example.com
state: present
quay_host: https://quay.example.com
quay_token: vgfH9zH5q6eV16Con7SvDQYSr0KPYQimMHVehZv7
- name: Generate an OAuth access token for the user
herve4m.quay.quay_api_token:
quay_username: jziglar
quay_password: i45fR38GhY
client_id: "{{ app_details['client_id'] }}"
rights:
- all
quay_host: https://quay.example.com
register: token_details
- name: Display the new OAuth access token
debug:
msg: "The OAuth access token is: {{ token_details['access_token'] }}"
rights:
choices:
- org:admin
- repo:admin
- repo:create
- repo:read
- repo:write
- super:user
- user:admin
- user:read
- all
default: repo:read
description:
- List of permissions to grant to the user account. C(all) means all the permissions.
elements: str
type: list
client_id:
description:
- The client ID associated with the OAuth application to use for generating the OAuth
access token.
- See the M(herve4m.quay.quay_application) module to create an application object
and to retrieve the associated client ID.
required: true
type: str
quay_host:
default: http://127.0.0.1
description:
- URL for accessing the API. U(https://quay.example.com:8443) for example.
- If you do not set the parameter, then the module uses the C(QUAY_HOST) environment
variable.
- If you do no set the environment variable either, then the module uses the U(http://127.0.0.1)
URL.
type: str
quay_password:
description:
- The password to use for authenticating against the API.
- If you do not set the parameter, then the module tries the C(QUAY_PASSWORD) environment
variable.
required: true
type: str
quay_username:
description:
- The username to use for authenticating against the API.
- If you do not set the parameter, then the module tries the C(QUAY_USERNAME) environment
variable.
required: true
type: str
validate_certs:
aliases:
- verify_ssl
default: true
description:
- Whether to allow insecure connections to the API.
- If C(no), then the module does not validate SSL certificates.
- If you do not set the parameter, then the module tries the C(QUAY_VERIFY_SSL) environment
variable (C(yes), C(1), and C(True) mean yes, and C(no), C(0), C(False), and no
value mean no).
type: bool
access_token: description: The OAuth access token. returned: always sample: CywbRGkh1ttYkRRy9VL0Aw0yU9q7J62vIeo7WCFw type: str