open-iscsi: adding mutual authentication support and updating authentication parameters description (#3422)

* Adding mutual athentication support and changing doucumentation about authentication credentials * Removing blank line with whitspaces * Update plugins/modules/system/open_iscsi.py Adding version_added to node_user_in parameter Co-authored-by: Ajpantuso <ajpantuso@gmail.com> * Update plugins/modules/system/open_iscsi.py adding version_added attibute to new parameter password_in Co-authored-by: Ajpantuso <ajpantuso@gmail.com> * Update plugins/modules/system/open_iscsi.py Co-authored-by: Ajpantuso <ajpantuso@gmail.com> * Adding changelog fragment for #3422 * Rename 3422-open-iscsi-mutual-authentication-support.yam to 3422-open-iscsi-mutual-authentication-support.yaml * Update changelogs/fragments/3422-open-iscsi-mutual-authentication-support.yaml Co-authored-by: Ajpantuso <ajpantuso@gmail.com> * Update changelogs/fragments/3422-open-iscsi-mutual-authentication-support.yaml Co-authored-by: Ajpantuso <ajpantuso@gmail.com> Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
2024-09-14 20:13:21 +02:00 · 2021-09-26 13:38:17 +02:00 · 2021-09-26 13:38:17 +02:00 · 43a9f09a17
commit 43a9f09a17
parent 147ca2fe66
2 changed files with 28 additions and 4 deletions
--- a/changelogs/fragments/3422-open-iscsi-mutual-authentication-support.yaml
+++ b/changelogs/fragments/3422-open-iscsi-mutual-authentication-support.yaml
@ -0,0 +1,3 @@
+---
+minor_changes:
+  - open-iscsi - adding support for mutual authentication between target and initiator (https://github.com/ansible-collections/community.general/pull/3422).
--- a/plugins/modules/system/open_iscsi.py
+++ b/plugins/modules/system/open_iscsi.py
@ -41,17 +41,27 @@ options:
        aliases: [ state ]
    node_auth:
        description:
-        - The value for C(discovery.sendtargets.auth.authmethod).
+        - The value for C(node.session.auth.authmethod).
        type: str
        default: CHAP
    node_user:
        description:
-        - The value for C(discovery.sendtargets.auth.username).
+        - The value for C(node.session.auth.username).
        type: str
    node_pass:
        description:
-        - The value for C(discovery.sendtargets.auth.password).
+        - The value for C(node.session.auth.password).
        type: str
+    node_user_in:
+        description:
+        - The value for C(node.session.auth.username_in).
+        type: str
+        version_added: 3.8.0
+    node_pass_in:
+        description:
+        - The value for C(node.session.auth.password_in).
+        type: str
+        version_added: 3.8.0
    auto_node_startup:
        description:
        - Whether the target node should be automatically connected at startup.
@ -191,6 +201,8 @@ def target_login(module, target, portal=None, port=None):
    node_auth = module.params['node_auth']
    node_user = module.params['node_user']
    node_pass = module.params['node_pass']
+    node_user_in = module.params['node_user_in']
+    node_pass_in = module.params['node_pass_in']

    if node_user:
        params = [('node.session.auth.authmethod', node_auth),
@ -200,6 +212,13 @@ def target_login(module, target, portal=None, port=None):
            cmd = [iscsiadm_cmd, '--mode', 'node', '--targetname', target, '--op=update', '--name', name, '--value', value]
            module.run_command(cmd, check_rc=True)

+    if node_user_in:
+        params = [('node.session.auth.username_in', node_user_in),
+                  ('node.session.auth.password_in', node_pass_in)]
+        for (name, value) in params:
+            cmd = '%s --mode node --targetname %s --op=update --name %s --value %s' % (iscsiadm_cmd, target, name, value)
+            module.run_command(cmd, check_rc=True)
+
    cmd = [iscsiadm_cmd, '--mode', 'node', '--targetname', target, '--login']
    if portal is not None and port is not None:
        cmd.append('--portal')
@ -277,6 +296,8 @@ def main():
            node_auth=dict(type='str', default='CHAP'),
            node_user=dict(type='str'),
            node_pass=dict(type='str', no_log=True),
+            node_user_in=dict(type='str'),
+            node_pass_in=dict(type='str', no_log=True),

            # actions
            login=dict(type='bool', aliases=['state']),
@ -286,7 +307,7 @@ def main():
            show_nodes=dict(type='bool', default=False),
        ),

-        required_together=[['node_user', 'node_pass']],
+        required_together=[['node_user', 'node_pass'], ['node_user_in', 'node_pass_in']],
        required_if=[('discover', True, ['portal'])],
        supports_check_mode=True,
    )