2 # Copyright (c) 2017 Intel Corporation
4 # Licensed under the Apache License, Version 2.0 (the "License");
5 # you may not use this file except in compliance with the License.
6 # You may obtain a copy of the License at
8 # http://www.apache.org/licenses/LICENSE-2.0
10 # Unless required by applicable law or agreed to in writing, software
11 # distributed under the License is distributed on an "AS IS" BASIS,
12 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 # See the License for the specific language governing permissions and
14 # limitations under the License.
18 module: fetch_url_and_verify
19 short_description: Fetch image and verify against a SHA256SUM URL
21 - Download a URL and check it against a remote SHA256SUMS file
24 image_dest: Image filename
25 sha256_url: SHA256SUMS URL
26 dest: python file mode (w, wb, a, ab)
27 retries: fetch retries
32 module = AnsibleModule(
34 'url': {'required': True, 'type': 'str'},
35 'sha256url': {'required': True, 'type': 'str'},
36 'dest': {'required': True, 'type': 'path'},
37 'retries': {'required': False, 'type': 'int', 'default': 3},
40 params = module.params
43 sha256url = params['sha256url']
44 retries = params['retries']
46 image_dir, image_filename = os.path.split(dest)
47 rc, stdout, stderr = module.run_command(['curl', '-sS', sha256url])
48 if rc == 0 and stdout:
50 (l for l in stdout.splitlines() if image_filename in l), "")
53 msg="Unable to find SHA256SUMS line for file {}".format(
56 module.run_command(['sha256sum', '-c'], data=sha256line, cwd=image_dir)[0]
58 sha256sum = sha256line.split()[0]
59 module.exit_json(changed=False, dest=dest, url=url,
62 for retry in range(retries):
63 curl_rc, stdout, stderr = module.run_command(
64 ['curl', '-sS', '-o', dest, url], cwd=image_dir)
66 sha256_rc, stdout, stderr = module.run_command(['sha256sum', '-c'],
70 module.exit_json(changed=True)
72 module.fail_json(msg="Unable to download {}".format(url), stdout=stdout,
76 # <<INCLUDE_ANSIBLE_MODULE_COMMON>>
77 from ansible.module_utils.basic import * # noqa
79 if __name__ == '__main__':