diff --git a/changelogs/fragments/7129-adding_set_secure_boot_command_to_redfish_config.yml b/changelogs/fragments/7129-adding_set_secure_boot_command_to_redfish_config.yml new file mode 100644 index 0000000000..195dd7df5a --- /dev/null +++ b/changelogs/fragments/7129-adding_set_secure_boot_command_to_redfish_config.yml @@ -0,0 +1,2 @@ +minor_changes: + - redfish_config - adding ``SetSecureBoot`` command (https://github.com/ansible-collections/community.general/pull/7129). diff --git a/plugins/module_utils/redfish_utils.py b/plugins/module_utils/redfish_utils.py index 6557dac5bd..fc6e11b3e7 100644 --- a/plugins/module_utils/redfish_utils.py +++ b/plugins/module_utils/redfish_utils.py @@ -3432,6 +3432,25 @@ class RedfishUtils(object): return self.patch_request(self.root_uri + secure_boot_url, body, check_pyld=True) + def set_secure_boot(self, secure_boot_enable): + # This function enable Secure Boot on an OOB controller + + response = self.get_request(self.root_uri + self.systems_uri) + if response["ret"] is False: + return response + + server_details = response["data"] + secure_boot_url = server_details["SecureBoot"]["@odata.id"] + + response = self.get_request(self.root_uri + secure_boot_url) + if response["ret"] is False: + return response + + body = {} + body["SecureBootEnable"] = secure_boot_enable + + return self.patch_request(self.root_uri + secure_boot_url, body, check_pyld=True) + def get_hpe_thermal_config(self): result = {} key = "Thermal" diff --git a/plugins/modules/redfish_config.py b/plugins/modules/redfish_config.py index c17dabe0e7..65d933bdbd 100644 --- a/plugins/modules/redfish_config.py +++ b/plugins/modules/redfish_config.py @@ -145,6 +145,13 @@ options: default: [] elements: str version_added: '7.3.0' + secure_boot_enable: + required: false + description: + - Setting parameter to enable or disable SecureBoot. + type: bool + default: True + version_added: '7.5.0' author: - "Jose Delarosa (@jose-delarosa)" - "T S Kushal (@TSKushal)" @@ -287,6 +294,15 @@ EXAMPLES = ''' username: "{{ username }}" password: "{{ password }}" + - name: Set SecureBoot + community.general.redfish_config: + category: Systems + command: SetSecureBoot + baseuri: "{{ baseuri }}" + username: "{{ username }}" + password: "{{ password }}" + secure_boot_enable: True + - name: Delete All Volumes community.general.redfish_config: category: Systems @@ -314,7 +330,7 @@ from ansible.module_utils.common.text.converters import to_native # More will be added as module features are expanded CATEGORY_COMMANDS_ALL = { "Systems": ["SetBiosDefaultSettings", "SetBiosAttributes", "SetBootOrder", - "SetDefaultBootOrder", "EnableSecureBoot", "DeleteVolumes"], + "SetDefaultBootOrder", "EnableSecureBoot", "SetSecureBoot", "DeleteVolumes"], "Manager": ["SetNetworkProtocols", "SetManagerNic", "SetHostInterface"], "Sessions": ["SetSessionService"], } @@ -348,7 +364,8 @@ def main(): hostinterface_id=dict(), sessions_config=dict(type='dict', default={}), storage_subsystem_id=dict(type='str', default=''), - volume_ids=dict(type='list', default=[], elements='str') + volume_ids=dict(type='list', default=[], elements='str'), + secure_boot_enable=dict(type='bool', default=True) ), required_together=[ ('username', 'password'), @@ -402,6 +419,9 @@ def main(): storage_subsystem_id = module.params['storage_subsystem_id'] volume_ids = module.params['volume_ids'] + # Set SecureBoot options + secure_boot_enable = module.params['secure_boot_enable'] + # Build root URI root_uri = "https://" + module.params['baseuri'] rf_utils = RedfishUtils(creds, root_uri, timeout, module, @@ -435,6 +455,8 @@ def main(): result = rf_utils.set_default_boot_order() elif command == "EnableSecureBoot": result = rf_utils.enable_secure_boot() + elif command == "SetSecureBoot": + result = rf_utils.set_secure_boot(secure_boot_enable) elif command == "DeleteVolumes": result = rf_utils.delete_volumes(storage_subsystem_id, volume_ids)