mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
Adds bigip_device_httpd module (#33924)
this module can be used to adjust the details of the server that hosts the BIG-IP web ui.
This commit is contained in:
parent
0b9f1f7982
commit
22059cbe67
3 changed files with 635 additions and 0 deletions
477
lib/ansible/modules/network/f5/bigip_device_httpd.py
Normal file
477
lib/ansible/modules/network/f5/bigip_device_httpd.py
Normal file
|
@ -0,0 +1,477 @@
|
||||||
|
#!/usr/bin/python
|
||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
#
|
||||||
|
# Copyright: (c) 2017, F5 Networks Inc.
|
||||||
|
# GNU General Public License v3.0 (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||||
|
|
||||||
|
from __future__ import absolute_import, division, print_function
|
||||||
|
__metaclass__ = type
|
||||||
|
|
||||||
|
|
||||||
|
ANSIBLE_METADATA = {'metadata_version': '1.1',
|
||||||
|
'status': ['preview'],
|
||||||
|
'supported_by': 'community'}
|
||||||
|
|
||||||
|
DOCUMENTATION = r'''
|
||||||
|
---
|
||||||
|
module: bigip_device_httpd
|
||||||
|
short_description: Manage HTTPD related settings on BIG-IP
|
||||||
|
description:
|
||||||
|
- Manages HTTPD related settings on the BIG-IP. These settings are interesting
|
||||||
|
to change when you want to set GUI timeouts and other TMUI related settings.
|
||||||
|
version_added: "2.5"
|
||||||
|
options:
|
||||||
|
auth_name:
|
||||||
|
description:
|
||||||
|
- Sets the BIG-IP authentication realm name
|
||||||
|
auth_pam_idle_timeout:
|
||||||
|
description:
|
||||||
|
- Sets the GUI timeout for automatic logout, in seconds.
|
||||||
|
auth_pam_validate_ip:
|
||||||
|
description:
|
||||||
|
- Sets the authPamValidateIp setting.
|
||||||
|
choices: ['on', 'off']
|
||||||
|
auth_pam_dashboard_timeout:
|
||||||
|
description:
|
||||||
|
- Sets whether or not the BIG-IP dashboard will timeout.
|
||||||
|
choices: ['on', 'off']
|
||||||
|
fast_cgi_timeout:
|
||||||
|
description:
|
||||||
|
- Sets the timeout of FastCGI.
|
||||||
|
hostname_lookup:
|
||||||
|
description:
|
||||||
|
- Sets whether or not to display the hostname, if possible.
|
||||||
|
choices: ['on', 'off']
|
||||||
|
log_level:
|
||||||
|
description:
|
||||||
|
- Sets the minimum httpd log level.
|
||||||
|
choices: ['alert', 'crit', 'debug', 'emerg', 'error', 'info', 'notice', 'warn']
|
||||||
|
max_clients:
|
||||||
|
description:
|
||||||
|
- Sets the maximum number of clients that can connect to the GUI at once.
|
||||||
|
redirect_http_to_https:
|
||||||
|
description:
|
||||||
|
- Whether or not to redirect http requests to the GUI to https.
|
||||||
|
choices: ['yes', 'no']
|
||||||
|
ssl_port:
|
||||||
|
description:
|
||||||
|
- The HTTPS port to listen on.
|
||||||
|
notes:
|
||||||
|
- Requires the f5-sdk Python package on the host. This is as easy as pip
|
||||||
|
install f5-sdk.
|
||||||
|
- Requires the requests Python package on the host. This is as easy as
|
||||||
|
pip install requests.
|
||||||
|
requirements:
|
||||||
|
- f5-sdk >= 3.0.4
|
||||||
|
- requests
|
||||||
|
extends_documentation_fragment: f5
|
||||||
|
author:
|
||||||
|
- Joe Reifel (@JoeReifel)
|
||||||
|
- Tim Rupp (@caphrim007)
|
||||||
|
'''
|
||||||
|
|
||||||
|
EXAMPLES = r'''
|
||||||
|
- name: Set the BIG-IP authentication realm name
|
||||||
|
bigip_device_httpd:
|
||||||
|
auth_name: BIG-IP
|
||||||
|
password: secret
|
||||||
|
server: lb.mydomain.com
|
||||||
|
user: admin
|
||||||
|
delegate_to: localhost
|
||||||
|
|
||||||
|
- name: Set the auth pam timeout to 3600 seconds
|
||||||
|
bigip_device_httpd:
|
||||||
|
auth_pam_idle_timeout: 1200
|
||||||
|
password: secret
|
||||||
|
server: lb.mydomain.com
|
||||||
|
user: admin
|
||||||
|
delegate_to: localhost
|
||||||
|
|
||||||
|
- name: Set the validate IP settings
|
||||||
|
bigip_device_httpd:
|
||||||
|
auth_pam_validate_ip: on
|
||||||
|
password: secret
|
||||||
|
server: lb.mydomain.com
|
||||||
|
user: admin
|
||||||
|
delegate_to: localhost
|
||||||
|
'''
|
||||||
|
|
||||||
|
RETURN = r'''
|
||||||
|
auth_pam_idle_timeout:
|
||||||
|
description: The new number of seconds for GUI timeout.
|
||||||
|
returned: changed
|
||||||
|
type: string
|
||||||
|
sample: 1200
|
||||||
|
'''
|
||||||
|
|
||||||
|
import time
|
||||||
|
|
||||||
|
from ansible.module_utils.f5_utils import AnsibleF5Client
|
||||||
|
from ansible.module_utils.f5_utils import AnsibleF5Parameters
|
||||||
|
from ansible.module_utils.f5_utils import HAS_F5SDK
|
||||||
|
from ansible.module_utils.f5_utils import F5ModuleError
|
||||||
|
from ansible.module_utils.six import iteritems
|
||||||
|
from collections import defaultdict
|
||||||
|
|
||||||
|
try:
|
||||||
|
from ansible.module_utils.f5_utils import iControlUnexpectedHTTPError
|
||||||
|
except ImportError:
|
||||||
|
HAS_F5SDK = False
|
||||||
|
|
||||||
|
try:
|
||||||
|
from requests.exceptions import ConnectionError
|
||||||
|
HAS_REQUESTS = True
|
||||||
|
except ImportError:
|
||||||
|
HAS_REQUESTS = False
|
||||||
|
|
||||||
|
|
||||||
|
class Parameters(AnsibleF5Parameters):
|
||||||
|
api_map = {
|
||||||
|
'authPamIdleTimeout': 'auth_pam_idle_timeout',
|
||||||
|
'authPamValidateIp': 'auth_pam_validate_ip',
|
||||||
|
'authName': 'auth_name',
|
||||||
|
'authPamDashboardTimeout': 'auth_pam_dashboard_timeout',
|
||||||
|
'fastcgiTimeout': 'fast_cgi_timeout',
|
||||||
|
'hostnameLookup': 'hostname_lookup',
|
||||||
|
'logLevel': 'log_level',
|
||||||
|
'maxClients': 'max_clients',
|
||||||
|
'redirectHttpToHttps': 'redirect_http_to_https',
|
||||||
|
'sslPort': 'ssl_port'
|
||||||
|
}
|
||||||
|
|
||||||
|
api_attributes = [
|
||||||
|
'authPamIdleTimeout', 'authPamValidateIp', 'authName', 'authPamDashboardTimeout',
|
||||||
|
'fastcgiTimeout', 'hostnameLookup', 'logLevel', 'maxClients', 'sslPort',
|
||||||
|
'redirectHttpToHttps'
|
||||||
|
]
|
||||||
|
|
||||||
|
returnables = [
|
||||||
|
'auth_pam_idle_timeout', 'auth_pam_validate_ip', 'auth_name',
|
||||||
|
'auth_pam_dashboard_timeout', 'fast_cgi_timeout', 'hostname_lookup',
|
||||||
|
'log_level', 'max_clients', 'redirect_http_to_https', 'ssl_port'
|
||||||
|
]
|
||||||
|
|
||||||
|
updatables = [
|
||||||
|
'auth_pam_idle_timeout', 'auth_pam_validate_ip', 'auth_name',
|
||||||
|
'auth_pam_dashboard_timeout', 'fast_cgi_timeout', 'hostname_lookup',
|
||||||
|
'log_level', 'max_clients', 'redirect_http_to_https', 'ssl_port'
|
||||||
|
]
|
||||||
|
|
||||||
|
def __init__(self, params=None):
|
||||||
|
self._values = defaultdict(lambda: None)
|
||||||
|
self._values['__warnings'] = []
|
||||||
|
if params:
|
||||||
|
self.update(params=params)
|
||||||
|
|
||||||
|
def update(self, params=None):
|
||||||
|
if params:
|
||||||
|
for k, v in iteritems(params):
|
||||||
|
if self.api_map is not None and k in self.api_map:
|
||||||
|
map_key = self.api_map[k]
|
||||||
|
else:
|
||||||
|
map_key = k
|
||||||
|
|
||||||
|
# Handle weird API parameters like `dns.proxy.__iter__` by
|
||||||
|
# using a map provided by the module developer
|
||||||
|
class_attr = getattr(type(self), map_key, None)
|
||||||
|
if isinstance(class_attr, property):
|
||||||
|
# There is a mapped value for the api_map key
|
||||||
|
if class_attr.fset is None:
|
||||||
|
# If the mapped value does not have
|
||||||
|
# an associated setter
|
||||||
|
self._values[map_key] = v
|
||||||
|
else:
|
||||||
|
# The mapped value has a setter
|
||||||
|
setattr(self, map_key, v)
|
||||||
|
else:
|
||||||
|
# If the mapped value is not a @property
|
||||||
|
self._values[map_key] = v
|
||||||
|
|
||||||
|
def api_params(self):
|
||||||
|
result = {}
|
||||||
|
for api_attribute in self.api_attributes:
|
||||||
|
if self.api_map is not None and api_attribute in self.api_map:
|
||||||
|
result[api_attribute] = getattr(self, self.api_map[api_attribute])
|
||||||
|
else:
|
||||||
|
result[api_attribute] = getattr(self, api_attribute)
|
||||||
|
result = self._filter_params(result)
|
||||||
|
return result
|
||||||
|
|
||||||
|
@property
|
||||||
|
def auth_pam_idle_timeout(self):
|
||||||
|
if self._values['auth_pam_idle_timeout'] is None:
|
||||||
|
return None
|
||||||
|
return int(self._values['auth_pam_idle_timeout'])
|
||||||
|
|
||||||
|
@property
|
||||||
|
def fast_cgi_timeout(self):
|
||||||
|
if self._values['fast_cgi_timeout'] is None:
|
||||||
|
return None
|
||||||
|
return int(self._values['fast_cgi_timeout'])
|
||||||
|
|
||||||
|
@property
|
||||||
|
def max_clients(self):
|
||||||
|
if self._values['max_clients'] is None:
|
||||||
|
return None
|
||||||
|
return int(self._values['max_clients'])
|
||||||
|
|
||||||
|
@property
|
||||||
|
def ssl_port(self):
|
||||||
|
if self._values['ssl_port'] is None:
|
||||||
|
return None
|
||||||
|
return int(self._values['ssl_port'])
|
||||||
|
|
||||||
|
|
||||||
|
class ModuleParameters(Parameters):
|
||||||
|
@property
|
||||||
|
def auth_pam_validate_ip(self):
|
||||||
|
if self._values['auth_pam_validate_ip'] is None:
|
||||||
|
return None
|
||||||
|
if self._values['auth_pam_validate_ip']:
|
||||||
|
return "on"
|
||||||
|
return "off"
|
||||||
|
|
||||||
|
@property
|
||||||
|
def auth_pam_dashboard_timeout(self):
|
||||||
|
if self._values['auth_pam_dashboard_timeout'] is None:
|
||||||
|
return None
|
||||||
|
if self._values['auth_pam_dashboard_timeout']:
|
||||||
|
return "on"
|
||||||
|
return "off"
|
||||||
|
|
||||||
|
@property
|
||||||
|
def hostname_lookup(self):
|
||||||
|
if self._values['hostname_lookup'] is None:
|
||||||
|
return None
|
||||||
|
if self._values['hostname_lookup']:
|
||||||
|
return "on"
|
||||||
|
return "off"
|
||||||
|
|
||||||
|
@property
|
||||||
|
def redirect_http_to_https(self):
|
||||||
|
if self._values['redirect_http_to_https'] is None:
|
||||||
|
return None
|
||||||
|
if self._values['redirect_http_to_https']:
|
||||||
|
return "enabled"
|
||||||
|
return "disabled"
|
||||||
|
|
||||||
|
|
||||||
|
class ApiParameters(Parameters):
|
||||||
|
pass
|
||||||
|
|
||||||
|
|
||||||
|
class Changes(Parameters):
|
||||||
|
def to_return(self):
|
||||||
|
result = {}
|
||||||
|
try:
|
||||||
|
for returnable in self.returnables:
|
||||||
|
result[returnable] = getattr(self, returnable)
|
||||||
|
result = self._filter_params(result)
|
||||||
|
except Exception:
|
||||||
|
pass
|
||||||
|
return result
|
||||||
|
|
||||||
|
|
||||||
|
class UsableChanges(Changes):
|
||||||
|
pass
|
||||||
|
|
||||||
|
|
||||||
|
class ReportableChanges(Changes):
|
||||||
|
pass
|
||||||
|
|
||||||
|
|
||||||
|
class Difference(object):
|
||||||
|
def __init__(self, want, have=None):
|
||||||
|
self.want = want
|
||||||
|
self.have = have
|
||||||
|
|
||||||
|
def compare(self, param):
|
||||||
|
try:
|
||||||
|
result = getattr(self, param)
|
||||||
|
return result
|
||||||
|
except AttributeError:
|
||||||
|
return self.__default(param)
|
||||||
|
|
||||||
|
def __default(self, param):
|
||||||
|
attr1 = getattr(self.want, param)
|
||||||
|
try:
|
||||||
|
attr2 = getattr(self.have, param)
|
||||||
|
if attr1 != attr2:
|
||||||
|
return attr1
|
||||||
|
except AttributeError:
|
||||||
|
return attr1
|
||||||
|
|
||||||
|
|
||||||
|
class ModuleManager(object):
|
||||||
|
def __init__(self, client):
|
||||||
|
self.client = client
|
||||||
|
self.want = ModuleParameters(params=self.client.module.params)
|
||||||
|
self.have = ApiParameters()
|
||||||
|
self.changes = UsableChanges()
|
||||||
|
|
||||||
|
def _set_changed_options(self):
|
||||||
|
changed = {}
|
||||||
|
for key in Parameters.returnables:
|
||||||
|
if getattr(self.want, key) is not None:
|
||||||
|
changed[key] = getattr(self.want, key)
|
||||||
|
if changed:
|
||||||
|
self.changes = Changes(changed)
|
||||||
|
|
||||||
|
def _update_changed_options(self):
|
||||||
|
diff = Difference(self.want, self.have)
|
||||||
|
updatables = Parameters.updatables
|
||||||
|
changed = dict()
|
||||||
|
for k in updatables:
|
||||||
|
change = diff.compare(k)
|
||||||
|
if change is None:
|
||||||
|
continue
|
||||||
|
else:
|
||||||
|
if isinstance(change, dict):
|
||||||
|
changed.update(change)
|
||||||
|
else:
|
||||||
|
changed[k] = change
|
||||||
|
if changed:
|
||||||
|
self.changes = UsableChanges(changed)
|
||||||
|
return True
|
||||||
|
return False
|
||||||
|
|
||||||
|
def should_update(self):
|
||||||
|
result = self._update_changed_options()
|
||||||
|
if result:
|
||||||
|
return True
|
||||||
|
return False
|
||||||
|
|
||||||
|
def exec_module(self):
|
||||||
|
result = dict()
|
||||||
|
|
||||||
|
try:
|
||||||
|
changed = self.present()
|
||||||
|
except iControlUnexpectedHTTPError as e:
|
||||||
|
raise F5ModuleError(str(e))
|
||||||
|
|
||||||
|
reportable = ReportableChanges(self.changes.to_return())
|
||||||
|
changes = reportable.to_return()
|
||||||
|
result.update(**changes)
|
||||||
|
result.update(dict(changed=changed))
|
||||||
|
self._announce_deprecations(result)
|
||||||
|
return result
|
||||||
|
|
||||||
|
def _announce_deprecations(self, result):
|
||||||
|
warnings = result.pop('__warnings', [])
|
||||||
|
for warning in warnings:
|
||||||
|
self.client.module.deprecate(
|
||||||
|
msg=warning['msg'],
|
||||||
|
version=warning['version']
|
||||||
|
)
|
||||||
|
|
||||||
|
def present(self):
|
||||||
|
return self.update()
|
||||||
|
|
||||||
|
def update(self):
|
||||||
|
self.have = self.read_current_from_device()
|
||||||
|
if not self.should_update():
|
||||||
|
return False
|
||||||
|
if self.client.check_mode:
|
||||||
|
return True
|
||||||
|
self.update_on_device()
|
||||||
|
return True
|
||||||
|
|
||||||
|
def update_on_device(self):
|
||||||
|
params = self.changes.api_params()
|
||||||
|
resource = self.client.api.tm.sys.httpd.load()
|
||||||
|
|
||||||
|
try:
|
||||||
|
resource.modify(**params)
|
||||||
|
return True
|
||||||
|
except ConnectionError as ex:
|
||||||
|
pass
|
||||||
|
|
||||||
|
# BIG-IP will kill your management connection when you change the HTTP
|
||||||
|
# redirect setting. So this catches that and handles it gracefully.
|
||||||
|
if 'Connection aborted' in str(ex) and 'redirectHttpToHttps' in params:
|
||||||
|
# Wait for BIG-IP web server to settle after changing this
|
||||||
|
time.sleep(2)
|
||||||
|
return True
|
||||||
|
raise F5ModuleError(str(ex))
|
||||||
|
|
||||||
|
def read_current_from_device(self):
|
||||||
|
resource = self.client.api.tm.sys.httpd.load()
|
||||||
|
return ApiParameters(params=resource.attrs)
|
||||||
|
|
||||||
|
|
||||||
|
class ArgumentSpec(object):
|
||||||
|
def __init__(self):
|
||||||
|
self.supports_check_mode = True
|
||||||
|
self.argument_spec = dict(
|
||||||
|
auth_name=dict(),
|
||||||
|
auth_pam_idle_timeout=dict(
|
||||||
|
type='int'
|
||||||
|
),
|
||||||
|
fast_cgi_timeout=dict(
|
||||||
|
type='int'
|
||||||
|
),
|
||||||
|
max_clients=dict(
|
||||||
|
type='int'
|
||||||
|
),
|
||||||
|
ssl_port=dict(
|
||||||
|
type='int'
|
||||||
|
),
|
||||||
|
auth_pam_validate_ip=dict(
|
||||||
|
type='bool'
|
||||||
|
),
|
||||||
|
auth_pam_dashboard_timeout=dict(
|
||||||
|
type='bool'
|
||||||
|
),
|
||||||
|
hostname_lookup=dict(
|
||||||
|
type='bool'
|
||||||
|
),
|
||||||
|
log_level=dict(
|
||||||
|
choices=[
|
||||||
|
'alert', 'crit', 'debug', 'emerg',
|
||||||
|
'error', 'info', 'notice', 'warn'
|
||||||
|
]
|
||||||
|
),
|
||||||
|
redirect_http_to_https=dict(
|
||||||
|
type='bool'
|
||||||
|
)
|
||||||
|
)
|
||||||
|
self.f5_product_name = 'bigip'
|
||||||
|
|
||||||
|
|
||||||
|
def cleanup_tokens(client):
|
||||||
|
try:
|
||||||
|
resource = client.api.shared.authz.tokens_s.token.load(
|
||||||
|
name=client.api.icrs.token
|
||||||
|
)
|
||||||
|
resource.delete()
|
||||||
|
except Exception:
|
||||||
|
pass
|
||||||
|
|
||||||
|
|
||||||
|
def main():
|
||||||
|
if not HAS_F5SDK:
|
||||||
|
raise F5ModuleError("The python f5-sdk module is required")
|
||||||
|
|
||||||
|
if not HAS_REQUESTS:
|
||||||
|
raise F5ModuleError("The python requests module is required")
|
||||||
|
|
||||||
|
spec = ArgumentSpec()
|
||||||
|
|
||||||
|
client = AnsibleF5Client(
|
||||||
|
argument_spec=spec.argument_spec,
|
||||||
|
supports_check_mode=spec.supports_check_mode,
|
||||||
|
f5_product_name=spec.f5_product_name
|
||||||
|
)
|
||||||
|
|
||||||
|
try:
|
||||||
|
mm = ModuleManager(client)
|
||||||
|
results = mm.exec_module()
|
||||||
|
cleanup_tokens(client)
|
||||||
|
client.module.exit_json(**results)
|
||||||
|
except F5ModuleError as e:
|
||||||
|
cleanup_tokens(client)
|
||||||
|
client.module.fail_json(msg=str(e))
|
||||||
|
|
||||||
|
|
||||||
|
if __name__ == '__main__':
|
||||||
|
main()
|
36
test/units/modules/network/f5/fixtures/load_sys_httpd.json
Normal file
36
test/units/modules/network/f5/fixtures/load_sys_httpd.json
Normal file
|
@ -0,0 +1,36 @@
|
||||||
|
{
|
||||||
|
"kind": "tm:sys:httpd:httpdstate",
|
||||||
|
"selfLink": "https://localhost/mgmt/tm/sys/httpd?ver=12.1.2",
|
||||||
|
"allow": [
|
||||||
|
"All"
|
||||||
|
],
|
||||||
|
"authName": "BIG-IP",
|
||||||
|
"authPamDashboardTimeout": "off",
|
||||||
|
"authPamIdleTimeout": 1200,
|
||||||
|
"authPamValidateIp": "on",
|
||||||
|
"fastcgiTimeout": 300,
|
||||||
|
"fipsCipherVersion": 0,
|
||||||
|
"hostnameLookup": "off",
|
||||||
|
"logLevel": "warn",
|
||||||
|
"maxClients": 10,
|
||||||
|
"redirectHttpToHttps": "disabled",
|
||||||
|
"requestBodyMaxTimeout": 0,
|
||||||
|
"requestBodyMinRate": 500,
|
||||||
|
"requestBodyTimeout": 60,
|
||||||
|
"requestHeaderMaxTimeout": 40,
|
||||||
|
"requestHeaderMinRate": 500,
|
||||||
|
"requestHeaderTimeout": 20,
|
||||||
|
"sslCertfile": "/etc/httpd/conf/ssl.crt/server.crt",
|
||||||
|
"sslCertkeyfile": "/etc/httpd/conf/ssl.key/server.key",
|
||||||
|
"sslCiphersuite": "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:AES128-SHA256:AES256-SHA256:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:DES-CBC3-SHA",
|
||||||
|
"sslOcspDefaultResponder": "http://127.0.0.1",
|
||||||
|
"sslOcspEnable": "off",
|
||||||
|
"sslOcspOverrideResponder": "off",
|
||||||
|
"sslOcspResponderTimeout": 300,
|
||||||
|
"sslOcspResponseMaxAge": -1,
|
||||||
|
"sslOcspResponseTimeSkew": 300,
|
||||||
|
"sslPort": 443,
|
||||||
|
"sslProtocol": "all -SSLv2 -SSLv3",
|
||||||
|
"sslVerifyClient": "no",
|
||||||
|
"sslVerifyDepth": 10
|
||||||
|
}
|
122
test/units/modules/network/f5/test_bigip_device_httpd.py
Normal file
122
test/units/modules/network/f5/test_bigip_device_httpd.py
Normal file
|
@ -0,0 +1,122 @@
|
||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
#
|
||||||
|
# Copyright: (c) 2017, F5 Networks Inc.
|
||||||
|
# GNU General Public License v3.0 (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||||
|
|
||||||
|
from __future__ import (absolute_import, division, print_function)
|
||||||
|
__metaclass__ = type
|
||||||
|
|
||||||
|
import os
|
||||||
|
import json
|
||||||
|
import sys
|
||||||
|
|
||||||
|
from nose.plugins.skip import SkipTest
|
||||||
|
if sys.version_info < (2, 7):
|
||||||
|
raise SkipTest("F5 Ansible modules require Python >= 2.7")
|
||||||
|
|
||||||
|
from ansible.compat.tests import unittest
|
||||||
|
from ansible.compat.tests.mock import Mock
|
||||||
|
from ansible.compat.tests.mock import patch
|
||||||
|
from ansible.module_utils.f5_utils import AnsibleF5Client
|
||||||
|
|
||||||
|
try:
|
||||||
|
from library.bigip_device_httpd import Parameters
|
||||||
|
from library.bigip_device_httpd import ModuleManager
|
||||||
|
from library.bigip_device_httpd import ArgumentSpec
|
||||||
|
from ansible.module_utils.f5_utils import iControlUnexpectedHTTPError
|
||||||
|
from test.unit.modules.utils import set_module_args
|
||||||
|
except ImportError:
|
||||||
|
try:
|
||||||
|
from ansible.modules.network.f5.bigip_device_httpd import Parameters
|
||||||
|
from ansible.modules.network.f5.bigip_device_httpd import ModuleManager
|
||||||
|
from ansible.modules.network.f5.bigip_device_httpd import ArgumentSpec
|
||||||
|
from ansible.module_utils.f5_utils import iControlUnexpectedHTTPError
|
||||||
|
from units.modules.utils import set_module_args
|
||||||
|
except ImportError:
|
||||||
|
raise SkipTest("F5 Ansible modules require the f5-sdk Python library")
|
||||||
|
|
||||||
|
fixture_path = os.path.join(os.path.dirname(__file__), 'fixtures')
|
||||||
|
fixture_data = {}
|
||||||
|
|
||||||
|
|
||||||
|
def load_fixture(name):
|
||||||
|
path = os.path.join(fixture_path, name)
|
||||||
|
|
||||||
|
if path in fixture_data:
|
||||||
|
return fixture_data[path]
|
||||||
|
|
||||||
|
with open(path) as f:
|
||||||
|
data = f.read()
|
||||||
|
|
||||||
|
try:
|
||||||
|
data = json.loads(data)
|
||||||
|
except Exception:
|
||||||
|
pass
|
||||||
|
|
||||||
|
fixture_data[path] = data
|
||||||
|
return data
|
||||||
|
|
||||||
|
|
||||||
|
class TestParameters(unittest.TestCase):
|
||||||
|
def test_module_parameters(self):
|
||||||
|
args = dict(
|
||||||
|
auth_name='BIG-IP',
|
||||||
|
auth_pam_idle_timeout=1200,
|
||||||
|
auth_pam_validate_ip='on'
|
||||||
|
)
|
||||||
|
|
||||||
|
p = Parameters(args)
|
||||||
|
assert p.auth_name == 'BIG-IP'
|
||||||
|
assert p.auth_pam_idle_timeout == 1200
|
||||||
|
assert p.auth_pam_validate_ip == 'on'
|
||||||
|
|
||||||
|
def test_api_parameters(self):
|
||||||
|
args = load_fixture('load_sys_httpd.json')
|
||||||
|
p = Parameters(args)
|
||||||
|
assert p.auth_name == 'BIG-IP'
|
||||||
|
assert p.auth_pam_idle_timeout == 1200
|
||||||
|
|
||||||
|
|
||||||
|
@patch('ansible.module_utils.f5_utils.AnsibleF5Client._get_mgmt_root',
|
||||||
|
return_value=True)
|
||||||
|
class TestModuleManager(unittest.TestCase):
|
||||||
|
|
||||||
|
def setUp(self):
|
||||||
|
self.spec = ArgumentSpec()
|
||||||
|
|
||||||
|
def test_update(self, *args):
|
||||||
|
set_module_args(
|
||||||
|
dict(
|
||||||
|
auth_name='foo',
|
||||||
|
auth_pam_idle_timeout='1000',
|
||||||
|
auth_pam_validate_ip='off',
|
||||||
|
auth_pam_dashboard_timeout='on',
|
||||||
|
fast_cgi_timeout=200,
|
||||||
|
hostname_lookup='on',
|
||||||
|
log_level='error',
|
||||||
|
max_clients='20',
|
||||||
|
redirect_http_to_https='yes',
|
||||||
|
ssl_port=8443,
|
||||||
|
server='localhost',
|
||||||
|
user='admin',
|
||||||
|
password='password'
|
||||||
|
)
|
||||||
|
)
|
||||||
|
|
||||||
|
current = Parameters(
|
||||||
|
load_fixture('load_sys_httpd.json')
|
||||||
|
)
|
||||||
|
|
||||||
|
client = AnsibleF5Client(
|
||||||
|
argument_spec=self.spec.argument_spec,
|
||||||
|
supports_check_mode=self.spec.supports_check_mode,
|
||||||
|
f5_product_name=self.spec.f5_product_name
|
||||||
|
)
|
||||||
|
mm = ModuleManager(client)
|
||||||
|
|
||||||
|
# Override methods to force specific logic in the module to happen
|
||||||
|
mm.update_on_device = Mock(return_value=True)
|
||||||
|
mm.read_current_from_device = Mock(return_value=current)
|
||||||
|
|
||||||
|
results = mm.exec_module()
|
||||||
|
assert results['changed'] is True
|
Loading…
Reference in a new issue