fixes asa_config to allow config to include passwords, defaults or none (#3102)

The fix allows the asa_config module to request the config to contain all default statements or password information necessary for vpn tunnel endpoints
2024-09-14 20:13:21 +02:00 · 2016-10-05 22:09:18 -04:00 · 2016-10-05 22:09:18 -04:00 · d698a9b5f7
commit d698a9b5f7
parent 817881d64f
1 changed files with 21 additions and 6 deletions
--- a/lib/ansible/modules/extras/network/asa/asa_config.py
+++ b/lib/ansible/modules/extras/network/asa/asa_config.py
@ -137,7 +137,7 @@ options:
        will not download the running-config from the remote node.
    required: false
    default: null
-  default:
+  defaults:
    description:
      - This argument specifies whether or not to collect all defaults
        when getting the remote device running config.  When enabled,
@ -146,6 +146,15 @@ options:
    required: false
    default: no
    choices: ['yes', 'no']
+  passwords:
+    description:
+      - This argument specifies to include passwords in the config
+        when retrieving the running-config from the remote device.  This
+        includes passwords related to VPN endpoints.  This argument is
+        mutually exclusive with I(defaults).
+    required: false
+    default: no
+    choices: ['yes', 'no']
  save:
    description:
      - The C(save) argument instructs the module to save the running-
@ -190,10 +199,10 @@ vars:
    context: ansible

 - asa_config:
-    show_command: 'more system:running-config'
    lines:
      - ikev1 pre-shared-key MyS3cretVPNK3y
    parents: tunnel-group 1.1.1.1 ipsec-attributes
+    passwords: yes
    provider: "{{ cli }}"

 """
@ -226,8 +235,13 @@ from ansible.module_utils.netcfg import NetworkConfig, dumps
 def get_config(module):
    contents = module.params['config']
    if not contents:
-        defaults = module.params['default']
-        contents = module.config.get_config(include_defaults=defaults)
+        if module.params['defaults']:
+            include = 'defaults'
+        elif module.params['passwords']:
+            include = 'passwords'
+        else:
+            include = None
+        contents = module.config.get_config(include=include)
    return NetworkConfig(indent=1, contents=contents)

 def get_candidate(module):
@ -292,13 +306,14 @@ def main():
        replace=dict(default='line', choices=['line', 'block']),

        config=dict(),
-        default=dict(type='bool', default=False),
+        defaults=dict(type='bool', default=False),
+        passwords=dict(type='bool', default=False),

        backup=dict(type='bool', default=False),
        save=dict(type='bool', default=False),
    )

-    mutually_exclusive = [('lines', 'src')]
+    mutually_exclusive = [('lines', 'src'), ('defaults', 'passwords')]

    required_if = [('match', 'strict', ['lines']),
                   ('match', 'exact', ['lines']),