Merge branch 'content-selectors'

CloudKrafter · Nov 10, 2024 · 24a3341 · 24a3341
2 parents 6dcb4ec + 04d5524
commit 24a3341
Show file tree

Hide file tree

Showing 5 changed files with 126 additions and 0 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,4 +1,6 @@
 # Changelog
+## [v1.3.0] - 2024-11-09
+- Added support for Content Selectors API endpoint
 
 ## [v1.2.0] - 2024-11-09
 ### Added

diff --git a/defaults/main.yml b/defaults/main.yml
@@ -88,3 +88,5 @@ nexus_user_tokens_capability:
   protectContent: true
   expirationEnabled: true
   expirationDays: 30
+
+nexus_content_selectors: []
diff --git a/molecule/default/group_vars/all.yml b/molecule/default/group_vars/all.yml
@@ -6,6 +6,20 @@ nexus_admin_username: admin
 nexus_admin_password: changeme
 nexus_enable_pro: true
 
+nexus_content_selectors:
+  - name: raw-selector
+    type: csel
+    description: raw-selectorrr
+    expression: format == "raw"
+  - name: maven-org-selector
+    type: csel
+    description: maven-org-selectorrr
+    expression: format == "maven2" and path =^ "/org"
+  - name: maven-com-selector
+    type: csel
+    description: maven-com-selector
+    expression: format == "maven2" and path =^ "/com"
+
 nexus_user_tokens_capability:
   enabled: true
   protectContent: true

diff --git a/tasks/content-selectors-api.yml b/tasks/content-selectors-api.yml
@@ -0,0 +1,24 @@
+---
+- name: Construct API url
+  set_fact:
+    api_url: >
+      {% if method in ['POST'] %}
+        {{ nexus_protocol }}://{{ nexus_hostname }}:{{ nexus_port }}/service/rest/v1/security/content-selectors
+      {% elif method in ['PUT', 'DELETE'] %}
+        {{ nexus_protocol }}://{{ nexus_hostname }}:{{ nexus_port }}/service/rest/v1/security/content-selectors/{{ item.name }}
+      {% endif %}
+  tags: content-selectors
+
+- name: "{{ method }} {{ item.name }} content seelctor"
+  uri:
+    url: "{{ api_url }}"
+    method: "{{ method }}"
+    validate_certs: false
+    status_code: 204
+    user: "{{ nexus_admin_username }}"
+    password: "{{ nexus_admin_password }}"
+    force_basic_auth: true
+    body: "{{ item }}"
+    body_format: json
+  changed_when: true
+  tags: content-selectors
diff --git a/tasks/main.yml b/tasks/main.yml
@@ -12,6 +12,90 @@
     nexus_repos_cleanup_policies_to_update: []
     nexus_routing_rules_to_update: []
     nexus_users_to_update: []
+    nexus_content_selectors_to_update: []
+  tags: always
+
+########### Content Selectors ###########
+
+- name: Get all Content Selectors
+  uri:
+    url: "{{ nexus_protocol }}://{{ nexus_hostname }}:{{ nexus_port }}/service/rest/v1/security/content-selectors"
+    method: GET
+    validate_certs: false
+    status_code: 200
+    user: "{{ nexus_admin_username }}"
+    password: "{{ nexus_admin_password }}"
+    force_basic_auth: true
+  register: __nexus_content_selectors__
+  tags: content-selectors
+
+- name: Determine content selectors to create
+  set_fact:
+    nexus_content_selectors_to_create: "{{ nexus_content_selectors | rejectattr('name', 'in', __nexus_content_selectors__.json | map(attribute='name') | list) | list }}"
+  tags: content-selectors
+
+- name: Determine content selectors to delete
+  set_fact:
+    nexus_content_selectors_to_delete: "{{ __nexus_content_selectors__.json | rejectattr('name', 'in', nexus_content_selectors | map(attribute='name') | list) | list }}"
+  tags: content-selectors
+
+- name: Compare content selectors for changes
+  set_fact:
+    nexus_content_selectors_to_update: "{{ nexus_content_selectors_to_update + [ item ] }}"
+  loop: "{{ nexus_content_selectors | list }}"
+  when: >
+    ( __nexus_content_selectors__.json | selectattr('name', 'equalto', item.name) | first) is not defined or
+    ( __nexus_content_selectors__.json | selectattr('name', 'equalto', item.name) | first).description | default(omit) != item.description | default(omit) or
+    ( __nexus_content_selectors__.json | selectattr('name', 'equalto', item.name) | first).type | default(omit) != item.type | default(omit) or
+    ( __nexus_content_selectors__.json | selectattr('name', 'equalto', item.name) | first).expression | default(omit) != item.expression | default(omit)
+  tags: content-selectors
+
+- name: Show nexus_content_selectors_to_create
+  debug:
+    var: nexus_content_selectors_to_create | length
+  tags: content-selectors
+
+- name: Show nexus_content_selectors_to_update
+  debug:
+    var: nexus_content_selectors_to_update | length
+  tags: content-selectors
+
+- name: Show nexus_content_selectors_to_delete
+  debug:
+    var: nexus_content_selectors_to_delete | length
+  tags: content-selectors
+
+- name: Create configured Content Selectors using Nexus API
+  ansible.builtin.include_tasks: content-selectors-api.yml
+  vars:
+    selectors: "{{ item | default([]) }}"
+    method: POST
+  with_items:
+    - "{{ nexus_content_selectors_to_create | default([]) }}"
+  when: nexus_content_selectors_to_create | length > 0
+  tags: content-selectors
+
+- name: Update configured Content Selectors using Nexus API
+  ansible.builtin.include_tasks: content-selectors-api.yml
+  vars:
+    selectors: "{{ item | default([]) }}"
+    method: PUT
+  with_items:
+    - "{{ nexus_content_selectors_to_update | default([]) }}"
+  when: nexus_content_selectors_to_update | length > 0
+  tags: content-selectors
+
+- name: Delete Content Selectors using Nexus API
+  ansible.builtin.include_tasks: content-selectors-api.yml
+  vars:
+    selectors: "{{ item | default([]) }}"
+    method: DELETE
+  with_items:
+    - "{{ nexus_content_selectors_to_delete | default([]) }}"
+  when: nexus_content_selectors_to_delete | length > 0
+  tags: content-selectors
+
+############ End Content Selectors ############
 
 ########### Users ############