From 45e990c5f8384ae68f532b6d7ebf704eec426ba1 Mon Sep 17 00:00:00 2001 From: Tim Rupp Date: Fri, 2 Nov 2018 22:28:18 -0700 Subject: [PATCH] Remove the f5-sdk from snmp community module (#48028) --- .../network/f5/bigip_snmp_community.py | 337 +++++++++++++----- .../network/f5/test_bigip_snmp_community.py | 21 +- 2 files changed, 257 insertions(+), 101 deletions(-) diff --git a/lib/ansible/modules/network/f5/bigip_snmp_community.py b/lib/ansible/modules/network/f5/bigip_snmp_community.py index 17947d1d4b..e883236260 100644 --- a/lib/ansible/modules/network/f5/bigip_snmp_community.py +++ b/lib/ansible/modules/network/f5/bigip_snmp_community.py @@ -147,6 +147,7 @@ options: extends_documentation_fragment: f5 author: - Tim Rupp (@caphrim007) + - Wojciech Wypior (@wojtek0806) ''' EXAMPLES = r''' @@ -157,10 +158,10 @@ EXAMPLES = r''' source: all oid: .1 access: ro - password: secret - server: lb.mydomain.com - state: present - user: admin + provider: + password: secret + server: lb.mydomain.com + user: admin delegate_to: localhost - name: Create an SMNP v3 read-write community @@ -174,61 +175,98 @@ EXAMPLES = r''' snmp_privacy_password: secret oid: .1 access: rw - password: secret - server: lb.mydomain.com - state: present - user: admin + provider: + password: secret + server: lb.mydomain.com + user: admin delegate_to: localhost - name: Remove the default 'public' SNMP community bigip_snmp_community: name: public source: default - password: secret - server: lb.mydomain.com state: absent - user: admin + provider: + password: secret + server: lb.mydomain.com + user: admin delegate_to: localhost ''' RETURN = r''' -param1: - description: The new param1 value of the resource. - returned: changed - type: bool - sample: true -param2: - description: The new param2 value of the resource. +community: + description: The new community value. returned: changed type: string - sample: Foo is bar + sample: community1 +oid: + description: The new OID value. + returned: changed + type: string + sample: .1 +ip_version: + description: The new IP version value. + returned: changed + type: string + sample: .1 +snmp_auth_protocol: + description: The new SNMP auth protocol. + returned: changed + type: string + sample: sha +snmp_privacy_protocol: + description: The new SNMP privacy protocol. + returned: changed + type: string + sample: aes +access: + description: The new access level for the MIB. + returned: changed + type: string + sample: ro +source: + description: The new source address to access the MIB. + returned: changed + type: string + sample: 1.1.1.1 +snmp_username: + description: The new SNMP username. + returned: changed + type: string + sample: user1 +snmp_auth_password: + description: The new password of the given snmp_username. + returned: changed + type: string + sample: secret1 +snmp_privacy_password: + description: The new password of the given snmp_username. + returned: changed + type: string + sample: secret2 ''' from ansible.module_utils.basic import AnsibleModule from ansible.module_utils.basic import env_fallback try: - from library.module_utils.network.f5.bigip import HAS_F5SDK - from library.module_utils.network.f5.bigip import F5Client + from library.module_utils.network.f5.bigip import F5RestClient from library.module_utils.network.f5.common import F5ModuleError from library.module_utils.network.f5.common import AnsibleF5Parameters from library.module_utils.network.f5.common import cleanup_tokens from library.module_utils.network.f5.common import f5_argument_spec - try: - from library.module_utils.network.f5.common import iControlUnexpectedHTTPError - except ImportError: - HAS_F5SDK = False + from library.module_utils.network.f5.common import transform_name + from library.module_utils.network.f5.common import exit_json + from library.module_utils.network.f5.common import fail_json except ImportError: - from ansible.module_utils.network.f5.bigip import HAS_F5SDK - from ansible.module_utils.network.f5.bigip import F5Client + from ansible.module_utils.network.f5.bigip import F5RestClient from ansible.module_utils.network.f5.common import F5ModuleError from ansible.module_utils.network.f5.common import AnsibleF5Parameters from ansible.module_utils.network.f5.common import cleanup_tokens from ansible.module_utils.network.f5.common import f5_argument_spec - try: - from ansible.module_utils.network.f5.common import iControlUnexpectedHTTPError - except ImportError: - HAS_F5SDK = False + from ansible.module_utils.network.f5.common import transform_name + from ansible.module_utils.network.f5.common import exit_json + from ansible.module_utils.network.f5.common import fail_json class Parameters(AnsibleF5Parameters): @@ -241,23 +279,48 @@ class Parameters(AnsibleF5Parameters): 'username': 'snmp_username', 'securityLevel': 'security_level', 'authPassword': 'snmp_auth_password', - 'privacyPassword': 'snmp_privacy_password' + 'privacyPassword': 'snmp_privacy_password', } api_attributes = [ - 'source', 'oidSubset', 'ipv6', 'communityName', 'access', 'authPassword', - 'authProtocol', 'username', 'securityLevel', 'privacyProtocol', 'privacyPassword' + 'source', + 'oidSubset', + 'ipv6', + 'communityName', + 'access', + 'authPassword', + 'authProtocol', + 'username', + 'securityLevel', + 'privacyProtocol', + 'privacyPassword', ] returnables = [ - 'community', 'oid', 'ip_version', 'snmp_auth_protocol', 'snmp_privacy_protocol', - 'access', 'source', 'snmp_username', 'snmp_auth_password', 'snmp_privacy_password' + 'community', + 'oid', + 'ip_version', + 'snmp_auth_protocol', + 'snmp_privacy_protocol', + 'access', + 'source', + 'snmp_username', + 'snmp_auth_password', + 'snmp_privacy_password', ] updatables = [ - 'community', 'oid', 'ip_version', 'snmp_auth_protocol', 'snmp_privacy_protocol', - 'access', 'source', 'snmp_auth_password', 'snmp_privacy_password', 'security_level', - 'snmp_username' + 'community', + 'oid', + 'ip_version', + 'snmp_auth_protocol', + 'snmp_privacy_protocol', + 'access', + 'source', + 'snmp_auth_password', + 'snmp_privacy_password', + 'security_level', + 'snmp_username', ] @property @@ -499,13 +562,10 @@ class BaseManager(object): result = dict() state = self.want.state - try: - if state == "present": - changed = self.present() - elif state == "absent": - changed = self.absent() - except iControlUnexpectedHTTPError as e: - raise F5ModuleError(str(e)) + if state == "present": + changed = self.present() + elif state == "absent": + changed = self.absent() reportable = ReportableChanges(params=self.changes.to_return()) changes = reportable.to_return() @@ -571,43 +631,87 @@ class V1Manager(BaseManager): return True def exists(self): - result = self.client.api.tm.sys.snmp.communities_s.community.exists( - name=self.want.name, - partition=self.want.partition + uri = "https://{0}:{1}/mgmt/tm/sys/snmp/communities/{2}".format( + self.client.provider['server'], + self.client.provider['server_port'], + transform_name(self.want.partition, self.want.name) ) - return result + resp = self.client.api.get(uri) + try: + response = resp.json() + except ValueError: + return False + if resp.status == 404 or 'code' in response and response['code'] == 404: + return False + return True def create_on_device(self): params = self.changes.api_params() - self.client.api.tm.sys.snmp.communities_s.community.create( - name=self.want.name, - partition=self.want.partition, - **params + params['name'] = self.want.name + params['partition'] = self.want.partition + uri = "https://{0}:{1}/mgmt/tm/sys/snmp/communities/".format( + self.client.provider['server'], + self.client.provider['server_port'], ) + resp = self.client.api.post(uri, json=params) + try: + response = resp.json() + except ValueError as ex: + raise F5ModuleError(str(ex)) + + if 'code' in response and response['code'] in [400, 403]: + if 'message' in response: + raise F5ModuleError(response['message']) + else: + raise F5ModuleError(resp.content) def update_on_device(self): params = self.changes.api_params() - resource = self.client.api.tm.sys.snmp.communities_s.community.load( - name=self.want.name, - partition=self.want.partition + uri = "https://{0}:{1}/mgmt/tm/sys/snmp/communities/{2}".format( + self.client.provider['server'], + self.client.provider['server_port'], + transform_name(self.want.partition, self.want.name) ) - resource.modify(**params) + resp = self.client.api.patch(uri, json=params) + try: + response = resp.json() + except ValueError as ex: + raise F5ModuleError(str(ex)) + + if 'code' in response and response['code'] == 400: + if 'message' in response: + raise F5ModuleError(response['message']) + else: + raise F5ModuleError(resp.content) def remove_from_device(self): - resource = self.client.api.tm.sys.snmp.communities_s.community.load( - name=self.want.name, - partition=self.want.partition + uri = "https://{0}:{1}/mgmt/tm/sys/snmp/communities/{2}".format( + self.client.provider['server'], + self.client.provider['server_port'], + transform_name(self.want.partition, self.want.name) ) - if resource: - resource.delete() + resp = self.client.api.delete(uri) + if resp.status == 200: + return True def read_current_from_device(self): - resource = self.client.api.tm.sys.snmp.communities_s.community.load( - name=self.want.name, - partition=self.want.partition + uri = "https://{0}:{1}/mgmt/tm/sys/snmp/communities/{2}".format( + self.client.provider['server'], + self.client.provider['server_port'], + transform_name(self.want.partition, self.want.name) ) - result = resource.attrs - return ApiParameters(params=result) + resp = self.client.api.get(uri) + try: + response = resp.json() + except ValueError as ex: + raise F5ModuleError(str(ex)) + + if 'code' in response and response['code'] == 400: + if 'message' in response: + raise F5ModuleError(response['message']) + else: + raise F5ModuleError(resp.content) + return ApiParameters(params=response) class V2Manager(BaseManager): @@ -648,43 +752,87 @@ class V2Manager(BaseManager): return True def exists(self): - result = self.client.api.tm.sys.snmp.users_s.user.exists( - name=self.want.snmp_username, - partition=self.want.partition + uri = "https://{0}:{1}/mgmt/tm/sys/snmp/users/{2}".format( + self.client.provider['server'], + self.client.provider['server_port'], + transform_name(self.want.partition, self.want.snmp_username) ) - return result + resp = self.client.api.get(uri) + try: + response = resp.json() + except ValueError: + return False + if resp.status == 404 or 'code' in response and response['code'] == 404: + return False + return True def create_on_device(self): params = self.changes.api_params() - self.client.api.tm.sys.snmp.users_s.user.create( - name=self.want.snmp_username, - partition=self.want.partition, - **params + params['name'] = self.want.snmp_username + params['partition'] = self.want.partition + uri = "https://{0}:{1}/mgmt/tm/sys/snmp/users/".format( + self.client.provider['server'], + self.client.provider['server_port'], ) + resp = self.client.api.post(uri, json=params) + try: + response = resp.json() + except ValueError as ex: + raise F5ModuleError(str(ex)) + + if 'code' in response and response['code'] in [400, 403]: + if 'message' in response: + raise F5ModuleError(response['message']) + else: + raise F5ModuleError(resp.content) def update_on_device(self): params = self.changes.api_params() - resource = self.client.api.tm.sys.snmp.users_s.user.load( - name=self.want.snmp_username, - partition=self.want.partition + uri = "https://{0}:{1}/mgmt/tm/sys/snmp/users/{2}".format( + self.client.provider['server'], + self.client.provider['server_port'], + transform_name(self.want.partition, self.want.snmp_username) ) - resource.modify(**params) + resp = self.client.api.patch(uri, json=params) + try: + response = resp.json() + except ValueError as ex: + raise F5ModuleError(str(ex)) + + if 'code' in response and response['code'] == 400: + if 'message' in response: + raise F5ModuleError(response['message']) + else: + raise F5ModuleError(resp.content) def remove_from_device(self): - resource = self.client.api.tm.sys.snmp.users_s.user.load( - name=self.want.snmp_username, - partition=self.want.partition + uri = "https://{0}:{1}/mgmt/tm/sys/snmp/users/{2}".format( + self.client.provider['server'], + self.client.provider['server_port'], + transform_name(self.want.partition, self.want.snmp_username) ) - if resource: - resource.delete() + resp = self.client.api.delete(uri) + if resp.status == 200: + return True def read_current_from_device(self): - resource = self.client.api.tm.sys.snmp.users_s.user.load( - name=self.want.snmp_username, - partition=self.want.partition + uri = "https://{0}:{1}/mgmt/tm/sys/snmp/users/{2}".format( + self.client.provider['server'], + self.client.provider['server_port'], + transform_name(self.want.partition, self.want.snmp_username) ) - result = resource.attrs - return ApiParameters(params=result) + resp = self.client.api.get(uri) + try: + response = resp.json() + except ValueError as ex: + raise F5ModuleError(str(ex)) + + if 'code' in response and response['code'] == 400: + if 'message' in response: + raise F5ModuleError(response['message']) + else: + raise F5ModuleError(resp.content) + return ApiParameters(params=response) class ArgumentSpec(object): @@ -743,18 +891,17 @@ def main(): supports_check_mode=spec.supports_check_mode, required_if=spec.required_if ) - if not HAS_F5SDK: - module.fail_json(msg="The python f5-sdk module is required") + + client = F5RestClient(**module.params) try: - client = F5Client(**module.params) mm = ModuleManager(module=module, client=client) results = mm.exec_module() cleanup_tokens(client) - module.exit_json(**results) + exit_json(module, results, client) except F5ModuleError as ex: cleanup_tokens(client) - module.fail_json(msg=str(ex)) + fail_json(module, ex, client) if __name__ == '__main__': diff --git a/test/units/modules/network/f5/test_bigip_snmp_community.py b/test/units/modules/network/f5/test_bigip_snmp_community.py index a40f6d6031..f8599df1df 100644 --- a/test/units/modules/network/f5/test_bigip_snmp_community.py +++ b/test/units/modules/network/f5/test_bigip_snmp_community.py @@ -15,9 +15,6 @@ from nose.plugins.skip import SkipTest if sys.version_info < (2, 7): raise SkipTest("F5 Ansible modules require Python >= 2.7") -from units.compat import unittest -from units.compat.mock import Mock -from units.compat.mock import patch from ansible.module_utils.basic import AnsibleModule try: @@ -27,9 +24,15 @@ try: from library.modules.bigip_snmp_community import V1Manager from library.modules.bigip_snmp_community import V2Manager from library.modules.bigip_snmp_community import ArgumentSpec + from library.module_utils.network.f5.common import F5ModuleError - from library.module_utils.network.f5.common import iControlUnexpectedHTTPError - from test.unit.modules.utils import set_module_args + + # In Ansible 2.8, Ansible changed import paths. + from test.units.compat import unittest + from test.units.compat.mock import Mock + from test.units.compat.mock import patch + + from test.units.modules.utils import set_module_args except ImportError: try: from ansible.modules.network.f5.bigip_snmp_community import ApiParameters @@ -38,8 +41,14 @@ except ImportError: from ansible.modules.network.f5.bigip_snmp_community import V1Manager from ansible.modules.network.f5.bigip_snmp_community import V2Manager from ansible.modules.network.f5.bigip_snmp_community import ArgumentSpec + from ansible.module_utils.network.f5.common import F5ModuleError - from ansible.module_utils.network.f5.common import iControlUnexpectedHTTPError + + # Ansible 2.8 imports + from units.compat import unittest + from units.compat.mock import Mock + from units.compat.mock import patch + from units.modules.utils import set_module_args except ImportError: raise SkipTest("F5 Ansible modules require the f5-sdk Python library")