community.general.gitlab_user – Creates/updates/deletes/blocks/unblocks GitLab Users
Note
This plugin is part of the community.general collection (version 3.8.3).
You might already have this collection installed if you are using the ansible
package.
It is not included in ansible-core
.
To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install community.general
.
To use it in a playbook, specify: community.general.gitlab_user
.
Synopsis
When the user does not exist in GitLab, it will be created.
When the user exists and state=absent, the user will be deleted.
When the user exists and state=blocked, the user will be blocked.
When changes are made to user, the user will be updated.
Requirements
The below requirements are needed on the host that executes this module.
python >= 2.7
python-gitlab python module
administrator rights on the GitLab server
Parameters
Parameter |
Comments |
---|---|
The access level to the group. One of the following can be used. guest reporter developer master (alias for maintainer) maintainer owner Choices:
|
|
The password to use for authentication against the API |
|
GitLab token for logging in. |
|
The resolvable endpoint for the API |
|
The username to use for authentication against the API |
|
Require confirmation. Choices:
|
|
The email that belongs to the user. Required only if |
|
Define external parameter for this user. Choices:
|
|
Id or Full path of parent group in the form of group/name. Add user as a member to this group. |
|
List of identities to be added/updated for this user. To remove all other identities from this user, set overwrite_identities=true. |
|
User ID for external identity. |
|
The name of the external identity provider |
|
Grant admin privileges to the user. Choices:
|
|
Name of the user you want to create. Required only if |
|
Overwrite identities with identities added in this module. This means that all identities that the user has and that are not listed in identities are removed from the user. This is only done if a list is provided for identities. To remove all identities, provide an empty list. Choices:
|
|
The password of the user. GitLab server enforces minimum password length to 8, set this value with 8 or more characters. Required only if |
|
Whether the user can change its password or not. Choices:
|
|
The expiration date of the SSH public key in ISO 8601 format This is only used when adding new SSH public keys. |
|
The SSH public key itself. |
|
The name of the SSH public key. |
|
Create, delete or block a user. Choices:
|
|
The username of the user. |
|
Whether or not to validate SSL certs when supplying a https endpoint. Choices:
|
Notes
Note
From community.general 0.2.0 and onwards, name, email and password are optional while deleting the user.
Examples
- name: "Delete GitLab User"
community.general.gitlab_user:
api_url: https://gitlab.example.com/
api_token: "{{ access_token }}"
validate_certs: False
username: myusername
state: absent
- name: "Create GitLab User"
community.general.gitlab_user:
api_url: https://gitlab.example.com/
validate_certs: True
api_username: dj-wasabi
api_password: "MySecretPassword"
name: My Name
username: myusername
password: mysecretpassword
email: [email protected]
sshkey_name: MySSH
sshkey_file: ssh-rsa AAAAB3NzaC1yc...
state: present
group: super_group/mon_group
access_level: owner
- name: "Create GitLab User using external identity provider"
community.general.gitlab_user:
api_url: https://gitlab.example.com/
validate_certs: True
api_token: "{{ access_token }}"
name: My Name
username: myusername
password: mysecretpassword
email: [email protected]
identities:
- provider: Keycloak
extern_uid: f278f95c-12c7-4d51-996f-758cc2eb11bc
state: present
group: super_group/mon_group
access_level: owner
- name: "Block GitLab User"
community.general.gitlab_user:
api_url: https://gitlab.example.com/
api_token: "{{ access_token }}"
validate_certs: False
username: myusername
state: blocked
- name: "Unblock GitLab User"
community.general.gitlab_user:
api_url: https://gitlab.example.com/
api_token: "{{ access_token }}"
validate_certs: False
username: myusername
state: unblocked
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
---|---|
the error message returned by the GitLab API Returned: failed Sample: “400: path is already in use” |
|
Success or failure message Returned: always Sample: “Success” |
|
json parsed response from the server Returned: always |
|
API object Returned: always |
Authors
Werner Dijkerman (@dj-wasabi)
Guillaume Martinez (@Lunik)
Lennert Mertens (@LennertMertens)
Stef Graces (@stgrace)