diff --git a/lib/ansible/module_utils/aireos.py b/lib/ansible/module_utils/aireos.py
index 00b7a9c61c..972f4734e1 100644
--- a/lib/ansible/module_utils/aireos.py
+++ b/lib/ansible/module_utils/aireos.py
@@ -48,6 +48,15 @@ ARGS_DEFAULT_VALUE = {
}
+def sanitize(resp):
+ # Takes config from device and strips whitespace from all lines
+ # Aireos adds in extra preceding whitespace which netcfg parses as children/parents, which Aireos does not do
+ cleaned = []
+ for line in resp.splitlines():
+ cleaned.append(line.strip())
+ return '\n'.join(cleaned).strip()
+
+
def get_argspec():
return aireos_argument_spec
@@ -82,7 +91,7 @@ def get_config(module, flags=[]):
rc, out, err = exec_command(module, cmd)
if rc != 0:
module.fail_json(msg='unable to retrieve current config', stderr=to_text(err, errors='surrogate_then_replace'))
- cfg = to_text(out, errors='surrogate_then_replace').strip()
+ cfg = sanitize(to_text(out, errors='surrogate_then_replace').strip())
_DEVICE_CONFIGS[cmd] = cfg
return cfg
diff --git a/lib/ansible/modules/network/aireos/aireos_config.py b/lib/ansible/modules/network/aireos/aireos_config.py
new file mode 100644
index 0000000000..7d9ce8f42d
--- /dev/null
+++ b/lib/ansible/modules/network/aireos/aireos_config.py
@@ -0,0 +1,325 @@
+#!/usr/bin/python
+#
+# This file is part of Ansible
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see .
+#
+
+ANSIBLE_METADATA = {'metadata_version': '1.0',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: aireos_config
+version_added: "2.4"
+author: "James Mighion (@jmighion)"
+short_description: Manage Cisco WLC configurations
+description:
+ - AireOS does not use a block indent file syntax, so there are no sections or parents.
+ This module provides an implementation for working with AireOS configurations in
+ a deterministic way.
+extends_documentation_fragment: aireos
+options:
+ lines:
+ description:
+ - The ordered set of commands that should be configured.
+ The commands must be the exact same commands as found
+ in the device run-config. Be sure to note the configuration
+ command syntax as some commands are automatically modified by the
+ device config parser.
+ required: false
+ default: null
+ aliases: ['commands']
+ src:
+ description:
+ - Specifies the source path to the file that contains the configuration
+ or configuration template to load. The path to the source file can
+ either be the full path on the Ansible control host or a relative
+ path from the playbook or role root directory. This argument is mutually
+ exclusive with I(lines).
+ required: false
+ default: null
+ before:
+ description:
+ - The ordered set of commands to push on to the command stack if
+ a change needs to be made. This allows the playbook designer
+ the opportunity to perform configuration commands prior to pushing
+ any changes without affecting how the set of commands are matched
+ against the system.
+ required: false
+ default: null
+ after:
+ description:
+ - The ordered set of commands to append to the end of the command
+ stack if a change needs to be made. Just like with I(before) this
+ allows the playbook designer to append a set of commands to be
+ executed after the command set.
+ required: false
+ default: null
+ match:
+ description:
+ - Instructs the module on the way to perform the matching of
+ the set of commands against the current device config. If
+ match is set to I(line), commands are matched line by line.
+ If match is set to I(none), the module will not attempt to
+ compare the source configuration with the running
+ configuration on the remote device.
+ required: false
+ default: line
+ choices: ['line', 'none']
+ backup:
+ description:
+ - This argument will cause the module to create a full backup of
+ the current C(running-config) from the remote device before any
+ changes are made. The backup file is written to the C(backup)
+ folder in the playbook root directory. If the directory does not
+ exist, it is created.
+ required: false
+ default: no
+ type: bool
+ running_config:
+ description:
+ - The module, by default, will connect to the remote device and
+ retrieve the current running-config to use as a base for comparing
+ against the contents of source. There are times when it is not
+ desirable to have the task get the current running-config for
+ every task in a playbook. The I(running_config) argument allows the
+ implementer to pass in the configuration to use as the base
+ config for comparison.
+ required: false
+ default: null
+ aliases: ['config']
+ save:
+ description:
+ - The C(save) argument instructs the module to save the running-
+ config to the startup-config at the conclusion of the module
+ running. If check mode is specified, this argument is ignored.
+ required: false
+ default: no
+ type: bool
+ diff_against:
+ description:
+ - When using the C(ansible-playbook --diff) command line argument
+ the module can generate diffs against different sources.
+ - When this option is configured as I(intended), the module will
+ return the diff of the running-config against the configuration
+ provided in the C(intended_config) argument.
+ - When this option is configured as I(running), the module will
+ return the before and after diff of the running-config with respect
+ to any changes made to the device configuration.
+ required: false
+ choices: ['intended', 'running']
+ diff_ignore_lines:
+ description:
+ - Use this argument to specify one or more lines that should be
+ ignored during the diff. This is used for lines in the configuration
+ that are automatically updated by the system. This argument takes
+ a list of regular expressions or exact line matches.
+ required: false
+ intended_config:
+ description:
+ - The C(intended_config) provides the master configuration that
+ the node should conform to and is used to check the final
+ running-config against. This argument will not modify any settings
+ on the remote device and is strictly used to check the compliance
+ of the current device's configuration against. When specifying this
+ argument, the task should also modify the C(diff_against) value and
+ set it to I(intended).
+ required: false
+"""
+
+EXAMPLES = """
+- name: configure configuration
+ aireos_config:
+ lines: sysname testDevice
+
+- name: diff the running-config against a provided config
+ aireos_config:
+ diff_against: intended
+ intended: "{{ lookup('file', 'master.cfg') }}"
+
+- name: load new acl into device
+ aireos_config:
+ lines:
+ - acl create testACL
+ - acl rule protocol testACL 1 any
+ - acl rule direction testACL 3 in
+ before: acl delete testACL
+"""
+
+RETURN = """
+commands:
+ description: The set of commands that will be pushed to the remote device
+ returned: always
+ type: list
+ sample: ['hostname foo', 'vlan 1', 'name default']
+updates:
+ description: The set of commands that will be pushed to the remote device
+ returned: always
+ type: list
+ sample: ['hostname foo', 'vlan 1', 'name default']
+backup_path:
+ description: The full path to the backup file
+ returned: when backup is yes
+ type: string
+ sample: /playbooks/ansible/backup/aireos_config.2016-07-16@22:28:34
+"""
+import re
+import time
+
+from ansible.module_utils.aireos import run_commands, get_config, load_config, sanitize
+from ansible.module_utils.aireos import aireos_argument_spec
+from ansible.module_utils.aireos import check_args as aireos_check_args
+from ansible.module_utils.basic import AnsibleModule
+from ansible.module_utils.netcli import Conditional
+from ansible.module_utils.netcfg import NetworkConfig, dumps
+from ansible.module_utils.six import iteritems
+
+
+def get_running_config(module, config=None):
+ contents = module.params['running_config']
+ if not contents:
+ if config:
+ contents = config
+ else:
+ contents = get_config(module)
+ return NetworkConfig(indent=1, contents=contents)
+
+
+def get_candidate(module):
+ candidate = NetworkConfig(indent=1)
+
+ if module.params['src']:
+ candidate.load(module.params['src'])
+ elif module.params['lines']:
+ candidate.add(module.params['lines'])
+ return candidate
+
+
+def main():
+ """ main entry point for module execution
+ """
+ argument_spec = dict(
+ src=dict(type='path'),
+
+ lines=dict(aliases=['commands'], type='list'),
+
+ before=dict(type='list'),
+ after=dict(type='list'),
+
+ match=dict(default='line', choices=['line', 'none']),
+
+ running_config=dict(aliases=['config']),
+ intended_config=dict(),
+
+ backup=dict(type='bool', default=False),
+
+ save=dict(type='bool', default=False),
+
+ diff_against=dict(choices=['running', 'intended']),
+ diff_ignore_lines=dict(type='list')
+ )
+
+ argument_spec.update(aireos_argument_spec)
+
+ mutually_exclusive = [('lines', 'src')]
+
+ required_if = [('diff_against', 'intended', ['intended_config'])]
+
+ module = AnsibleModule(argument_spec=argument_spec,
+ mutually_exclusive=mutually_exclusive,
+ required_if=required_if,
+ supports_check_mode=True)
+
+ warnings = list()
+ aireos_check_args(module, warnings)
+ result = {'changed': False, 'warnings': warnings}
+
+ config = None
+
+ if module.params['backup'] or (module._diff and module.params['diff_against'] == 'running'):
+ contents = get_config(module)
+ config = NetworkConfig(indent=1, contents=contents)
+ if module.params['backup']:
+ result['__backup__'] = contents
+
+ if any((module.params['src'], module.params['lines'])):
+ match = module.params['match']
+
+ candidate = get_candidate(module)
+
+ if match != 'none':
+ config = get_running_config(module, config)
+ configobjs = candidate.difference(config, match=match)
+ else:
+ configobjs = candidate.items
+
+ if configobjs:
+ commands = dumps(configobjs, 'commands').split('\n')
+
+ if module.params['before']:
+ commands[:0] = module.params['before']
+
+ if module.params['after']:
+ commands.extend(module.params['after'])
+
+ result['commands'] = commands
+ result['updates'] = commands
+
+ if not module.check_mode:
+ load_config(module, commands)
+
+ result['changed'] = True
+
+ diff_ignore_lines = module.params['diff_ignore_lines']
+
+ if module.params['save']:
+ result['changed'] = True
+ if not module.check_mode:
+ command = {"command": "save config", "prompt": "Are you sure you want to save", "answer": "y"}
+ run_commands(module, command)
+ else:
+ module.warn('Skipping command `save config` due to check_mode. Configuration not copied to non-volatile storage')
+
+ if module._diff:
+ output = run_commands(module, 'show run-config commands')
+ contents = sanitize(output[0])
+
+ # recreate the object in order to process diff_ignore_lines
+ running_config = NetworkConfig(indent=1, contents=contents, ignore_lines=diff_ignore_lines)
+
+ if module.params['diff_against'] == 'running':
+ if module.check_mode:
+ module.warn("unable to perform diff against running-config due to check mode")
+ contents = None
+ else:
+ contents = config.config_text
+ elif module.params['diff_against'] == 'intended':
+ contents = module.params['intended_config']
+
+ if contents is not None:
+ base_config = NetworkConfig(indent=1, contents=contents, ignore_lines=diff_ignore_lines)
+
+ if running_config.sha1 != base_config.sha1:
+ result.update({
+ 'changed': True,
+ 'diff': {'before': str(base_config), 'after': str(running_config)}
+ })
+
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/lib/ansible/plugins/action/aireos_config.py b/lib/ansible/plugins/action/aireos_config.py
new file mode 100644
index 0000000000..c92276846e
--- /dev/null
+++ b/lib/ansible/plugins/action/aireos_config.py
@@ -0,0 +1,112 @@
+#
+# (c) 2017, Red Hat, Inc.
+#
+# This file is part of Ansible
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see .
+#
+from __future__ import (absolute_import, division, print_function)
+__metaclass__ = type
+
+import os
+import re
+import time
+import glob
+
+from ansible.plugins.action.aireos import ActionModule as _ActionModule
+from ansible.module_utils._text import to_text
+from ansible.module_utils.six.moves.urllib.parse import urlsplit
+from ansible.utils.vars import merge_hash
+
+PRIVATE_KEYS_RE = re.compile('__.+__')
+
+
+class ActionModule(_ActionModule):
+
+ def run(self, tmp=None, task_vars=None):
+
+ if self._task.args.get('src'):
+ try:
+ self._handle_template()
+ except ValueError as exc:
+ return dict(failed=True, msg=exc.message)
+
+ result = super(ActionModule, self).run(tmp, task_vars)
+
+ if self._task.args.get('backup') and result.get('__backup__'):
+ # User requested backup and no error occurred in module.
+ # NOTE: If there is a parameter error, _backup key may not be in results.
+ filepath = self._write_backup(task_vars['inventory_hostname'],
+ result['__backup__'])
+
+ result['backup_path'] = filepath
+
+ # strip out any keys that have two leading and two trailing
+ # underscore characters
+ for key in result.keys():
+ if PRIVATE_KEYS_RE.match(key):
+ del result[key]
+
+ return result
+
+ def _get_working_path(self):
+ cwd = self._loader.get_basedir()
+ if self._task._role is not None:
+ cwd = self._task._role._role_path
+ return cwd
+
+ def _write_backup(self, host, contents):
+ backup_path = self._get_working_path() + '/backup'
+ if not os.path.exists(backup_path):
+ os.mkdir(backup_path)
+ for fn in glob.glob('%s/%s*' % (backup_path, host)):
+ os.remove(fn)
+ tstamp = time.strftime("%Y-%m-%d@%H:%M:%S", time.localtime(time.time()))
+ filename = '%s/%s_config.%s' % (backup_path, host, tstamp)
+ open(filename, 'w').write(contents)
+ return filename
+
+ def _handle_template(self):
+ src = self._task.args.get('src')
+ working_path = self._get_working_path()
+
+ if os.path.isabs(src) or urlsplit('src').scheme:
+ source = src
+ else:
+ source = self._loader.path_dwim_relative(working_path, 'templates', src)
+ if not source:
+ source = self._loader.path_dwim_relative(working_path, src)
+
+ if not os.path.exists(source):
+ raise ValueError('path specified in src not found')
+
+ try:
+ with open(source, 'r') as f:
+ template_data = to_text(f.read())
+ except IOError:
+ return dict(failed=True, msg='unable to load src file')
+
+ # Create a template search path in the following order:
+ # [working_path, self_role_path, dependent_role_paths, dirname(source)]
+ searchpath = [working_path]
+ if self._task._role is not None:
+ searchpath.append(self._task._role._role_path)
+ if hasattr(self._task, "_block:"):
+ dep_chain = self._task._block.get_dep_chain()
+ if dep_chain is not None:
+ for role in dep_chain:
+ searchpath.append(role._role_path)
+ searchpath.append(os.path.dirname(source))
+ self._templar.environment.loader.searchpath = searchpath
+ self._task.args['src'] = self._templar.template(template_data)
diff --git a/test/units/modules/network/aireos/fixtures/aireos_config_config.cfg b/test/units/modules/network/aireos/fixtures/aireos_config_config.cfg
new file mode 100644
index 0000000000..883f36cf05
--- /dev/null
+++ b/test/units/modules/network/aireos/fixtures/aireos_config_config.cfg
@@ -0,0 +1,9 @@
+sysname router
+
+interface create mtc-1 1
+interface address dynamic-interface mtc-1 10.33.20.4 255.255.255.0 10.33.20.1
+interface vlan mtc-1 1
+
+interface create mtc-2 2
+interface address dynamic-interface mtc-2 10.33.26.4 255.255.255.0 10.33.26.1
+interface vlan mtc-2 2
\ No newline at end of file
diff --git a/test/units/modules/network/aireos/fixtures/aireos_config_src.cfg b/test/units/modules/network/aireos/fixtures/aireos_config_src.cfg
new file mode 100644
index 0000000000..69db36b252
--- /dev/null
+++ b/test/units/modules/network/aireos/fixtures/aireos_config_src.cfg
@@ -0,0 +1,9 @@
+sysname foo
+
+interface create mtc-1 1
+interface address dynamic-interface mtc-1 10.33.20.4 255.255.255.0 10.33.20.2
+interface vlan mtc-1 1
+
+interface create mtc-2 2
+interface address dynamic-interface mtc-2 10.33.26.4 255.255.255.0 10.33.26.1
+interface vlan mtc-2 2
\ No newline at end of file
diff --git a/test/units/modules/network/aireos/test_aireos_config.py b/test/units/modules/network/aireos/test_aireos_config.py
new file mode 100644
index 0000000000..311d7398e3
--- /dev/null
+++ b/test/units/modules/network/aireos/test_aireos_config.py
@@ -0,0 +1,103 @@
+#
+# (c) 2016 Red Hat Inc.
+#
+# This file is part of Ansible
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see .
+
+# Make coding more python3-ish
+from __future__ import (absolute_import, division, print_function)
+__metaclass__ = type
+
+import json
+
+from ansible.compat.tests.mock import patch
+from ansible.modules.network.aireos import aireos_config
+from .aireos_module import TestCiscoWlcModule, load_fixture, set_module_args
+
+
+class TestCiscoWlcConfigModule(TestCiscoWlcModule):
+
+ module = aireos_config
+
+ def setUp(self):
+ self.mock_get_config = patch('ansible.modules.network.aireos.aireos_config.get_config')
+ self.get_config = self.mock_get_config.start()
+
+ self.mock_load_config = patch('ansible.modules.network.aireos.aireos_config.load_config')
+ self.load_config = self.mock_load_config.start()
+
+ self.mock_run_commands = patch('ansible.modules.network.aireos.aireos_config.run_commands')
+ self.run_commands = self.mock_run_commands.start()
+
+ def tearDown(self):
+ self.mock_get_config.stop()
+ self.mock_load_config.stop()
+ self.mock_run_commands.stop()
+
+ def load_fixtures(self, commands=None):
+ config_file = 'aireos_config_config.cfg'
+ self.get_config.return_value = load_fixture(config_file)
+ self.load_config.return_value = None
+
+ def test_aireos_config_unchanged(self):
+ src = load_fixture('aireos_config_config.cfg')
+ set_module_args(dict(src=src))
+ self.execute_module()
+
+ def test_aireos_config_src(self):
+ src = load_fixture('aireos_config_src.cfg')
+ set_module_args(dict(src=src))
+ commands = ['sysname foo', 'interface address dynamic-interface mtc-1 10.33.20.4 255.255.255.0 10.33.20.2']
+ self.execute_module(changed=True, commands=commands)
+
+ def test_aireos_config_backup(self):
+ set_module_args(dict(backup=True))
+ result = self.execute_module()
+ self.assertIn('__backup__', result)
+
+ def test_aireos_config_save(self):
+ self.run_commands.return_value = "sysname foo"
+ set_module_args(dict(save=True))
+ self.execute_module(changed=True)
+ self.assertEqual(self.run_commands.call_count, 1)
+ self.assertEqual(self.get_config.call_count, 0)
+ self.assertEqual(self.load_config.call_count, 0)
+
+ def test_aireos_config_before(self):
+ set_module_args(dict(lines=['sysname foo'], before=['test1', 'test2']))
+ commands = ['test1', 'test2', 'sysname foo']
+ self.execute_module(changed=True, commands=commands, sort=False)
+
+ def test_aireos_config_after(self):
+ set_module_args(dict(lines=['sysname foo'], after=['test1', 'test2']))
+ commands = ['sysname foo', 'test1', 'test2']
+ self.execute_module(changed=True, commands=commands, sort=False)
+
+ def test_aireos_config_before_after_no_change(self):
+ set_module_args(dict(lines=['sysname router'],
+ before=['test1', 'test2'],
+ after=['test3', 'test4']))
+ self.execute_module()
+
+ def test_aireos_config_config(self):
+ config = 'sysname localhost'
+ set_module_args(dict(lines=['sysname router'], config=config))
+ commands = ['sysname router']
+ self.execute_module(changed=True, commands=commands)
+
+ def test_aireos_config_match_none(self):
+ lines = ['sysname router', 'interface create mtc-1 1']
+ set_module_args(dict(lines=lines, match='none'))
+ self.execute_module(changed=True, commands=lines, sort=False)