Get ACL policy with Ansible or with python

19 views
Skip to first unread message

Omar Abdelgawad

unread,
Feb 10, 2024, 9:07:43 AMFeb 10
to rundeck-discuss
Hi,

I am trying to retrieve ACL policies of my projects. not through the GUI but with an API call.

This is what i am doing:

Ansible:
- name: authenticate to Rundeck to retrieve the policies
  uri:
    url: "{{ rundeck_url }}/api/14/system/acl/"
    method: GET
    headers:
      Content-Type: application/json
      Accept: application/json
      X-Rundeck-Auth-Token: "{{ rundeck_vars.token }}"
    return_content: yes
    validate_certs: true
  ignore_errors: true
  no_log: true
  register: rundeck_api_result
  delegate_to: localhost

- name: print results
  debug:
    var: rundeck_api_result.content

Or Python:
import requests
import os
 
def get_rundeck_policy(api_url, api_token, policy_name, verify_ssl=True):
    # Construct the URL for the specific policy
    policy_url = f"{api_url}/api/18/system/acl/{policy_name}"
 
    # Set up headers with the API token
    headers = {
        "Content-Type": "application/json",
        "X-Rundeck-Auth-Token": api_token,
    }
 
    try:
        # Make a GET request to the Rundeck API
        response = requests.get(policy_url, headers=headers, verify=verify_ssl)
 
        # Check if the request was successful (status code 200)
        if response.status_code == 200:
            # Return the JSON response
            return response.json()
        else:
            # Print an error message if the request was not successful
            print(f"Error: {response.status_code} - {response.text}")
    except Exception as e:
        print(f"Error: {e}")
 
if __name__ == "__main__":
    # Get the Rundeck URL and API token from environment variables
    rundeck_api_url = os.getenv("RUNDECK_API_URL")
    rundeck_api_token = os.getenv("RUNDECK_API_TOKEN")
 
    if not rundeck_api_url or not rundeck_api_token:
        print("Error: RUNDECK_API_URL or RUNDECK_API_TOKEN environment variables not set.")
        exit(1)

    policy_name = "control_plane.aclpolicy"
 
    # Call the function to get the policy details with SSL verification set to False
    policy_details = get_rundeck_policy(rundeck_api_url, rundeck_api_token, policy_name, verify_ssl=False)
 
    # Print the policy details
    print(policy_details)

But both approach return only the stored policy. Whch is 0. i want to retriev those policies:

19 ACL Policies on local filesystem /etc/rundeck

I can't get it done.

Any help would me much appriciated.

Thanks.

rac...@rundeck.com

unread,
Feb 10, 2024, 9:16:40 AMFeb 10
to rundeck-discuss
Hi Omar,

Take a look at this.

The files managed via the API do not include the files located on disk, however these policy files will be merged with any policy files in the normal filesystem locations (e.g. $RDECK_BASE/etc).

A good approach could be to change the code to get/print/save the files from the /etc/rundeck directory.

Regards.
Reply all
Reply to author
Forward
0 new messages