added new functionality to asa_command
* commands argument now accepts a dict arguments * only show commands are allowd when check mode is specified * config mode is no longer allowed in the command stack * add argument match with valid values any, all
This commit is contained in:
parent
8e45ec9734
commit
283cc51fdb
1 changed files with 101 additions and 49 deletions
|
@ -21,7 +21,7 @@ DOCUMENTATION = """
|
||||||
---
|
---
|
||||||
module: asa_command
|
module: asa_command
|
||||||
version_added: "2.2"
|
version_added: "2.2"
|
||||||
author: "Peter Sprygada (@privateip) & Patrick Ogenstad (@ogenstad)"
|
author: "Peter Sprygada (@privateip), Patrick Ogenstad (@ogenstad)"
|
||||||
short_description: Run arbitrary commands on Cisco ASA devices.
|
short_description: Run arbitrary commands on Cisco ASA devices.
|
||||||
description:
|
description:
|
||||||
- Sends arbitrary commands to an ASA node and returns the results
|
- Sends arbitrary commands to an ASA node and returns the results
|
||||||
|
@ -32,27 +32,39 @@ extends_documentation_fragment: asa
|
||||||
options:
|
options:
|
||||||
commands:
|
commands:
|
||||||
description:
|
description:
|
||||||
- List of commands to send to the remote ios device over the
|
- List of commands to send to the remote device over the
|
||||||
configured provider. The resulting output from the command
|
configured provider. The resulting output from the command
|
||||||
is returned. If the I(waitfor) argument is provided, the
|
is returned. If the I(wait_for) argument is provided, the
|
||||||
module is not returned until the condition is satisfied or
|
module is not returned until the condition is satisfied or
|
||||||
the number of retires as expired.
|
the number of retires as expired.
|
||||||
required: true
|
required: true
|
||||||
waitfor:
|
wait_for:
|
||||||
description:
|
description:
|
||||||
- List of conditions to evaluate against the output of the
|
- List of conditions to evaluate against the output of the
|
||||||
command. The task will wait for a each condition to be true
|
command. The task will wait for each condition to be true
|
||||||
before moving forward. If the conditional is not true
|
before moving forward. If the conditional is not true
|
||||||
within the configured number of retries, the task fails.
|
within the configured number of retries, the task fails.
|
||||||
See examples.
|
See examples.
|
||||||
required: false
|
required: false
|
||||||
default: null
|
default: null
|
||||||
|
aliases: ['waitfor']
|
||||||
|
match:
|
||||||
|
description:
|
||||||
|
- The I(match) argument is used in conjunction with the
|
||||||
|
I(wait_for) argument to specify the match policy. Valid
|
||||||
|
values are C(all) or C(any). If the value is set to C(all)
|
||||||
|
then all conditionals in the wait_for must be satisfied. If
|
||||||
|
the value is set to C(any) then only one of the values must be
|
||||||
|
satisfied.
|
||||||
|
required: false
|
||||||
|
default: all
|
||||||
|
choices: ['any', 'all']
|
||||||
retries:
|
retries:
|
||||||
description:
|
description:
|
||||||
- Specifies the number of retries a command should by tried
|
- Specifies the number of retries a command should by tried
|
||||||
before it is considered failed. The command is run on the
|
before it is considered failed. The command is run on the
|
||||||
target device every retry and evaluated against the
|
target device every retry and evaluated against the
|
||||||
waitfor conditions.
|
I(wait_for) conditions.
|
||||||
required: false
|
required: false
|
||||||
default: 10
|
default: 10
|
||||||
interval:
|
interval:
|
||||||
|
@ -63,25 +75,36 @@ options:
|
||||||
trying the command again.
|
trying the command again.
|
||||||
required: false
|
required: false
|
||||||
default: 1
|
default: 1
|
||||||
|
|
||||||
"""
|
"""
|
||||||
|
|
||||||
EXAMPLES = """
|
EXAMPLES = """
|
||||||
|
# Note: examples below use the following provider dict to handle
|
||||||
|
# transport and authentication to the node.
|
||||||
|
vars:
|
||||||
|
cli:
|
||||||
|
host: "{{ inventory_hostname }}"
|
||||||
|
username: cisco
|
||||||
|
password: cisco
|
||||||
|
authorize: yes
|
||||||
|
auth_pass: cisco
|
||||||
|
transport: cli
|
||||||
|
|
||||||
|
|
||||||
- asa_command:
|
- asa_command:
|
||||||
commands:
|
commands:
|
||||||
- show version
|
- show version
|
||||||
register: output
|
provider: "{{ cli }}"
|
||||||
|
|
||||||
- asa_command:
|
- asa_command:
|
||||||
commands:
|
commands:
|
||||||
- show asp drop
|
- show asp drop
|
||||||
- show memory
|
- show memory
|
||||||
register: output
|
provider: "{{ cli }}"
|
||||||
|
|
||||||
- asa_command:
|
- asa_command:
|
||||||
commands:
|
commands:
|
||||||
- show version
|
- show version
|
||||||
|
provider: "{{ cli }}"
|
||||||
context: system
|
context: system
|
||||||
"""
|
"""
|
||||||
|
|
||||||
|
@ -104,11 +127,12 @@ failed_conditions:
|
||||||
type: list
|
type: list
|
||||||
sample: ['...', '...']
|
sample: ['...', '...']
|
||||||
"""
|
"""
|
||||||
|
from ansible.module_utils.basic import get_exception
|
||||||
|
from ansible.module_utils.netcli import CommandRunner
|
||||||
|
from ansible.module_utils.netcli import AddCommandError, FailedConditionsError
|
||||||
|
from ansible.module_utils.asa import NetworkModule, NetworkError
|
||||||
|
|
||||||
import time
|
VALID_KEYS = ['command', 'prompt', 'response']
|
||||||
import shlex
|
|
||||||
import re
|
|
||||||
|
|
||||||
|
|
||||||
def to_lines(stdout):
|
def to_lines(stdout):
|
||||||
for item in stdout:
|
for item in stdout:
|
||||||
|
@ -116,57 +140,85 @@ def to_lines(stdout):
|
||||||
item = str(item).split('\n')
|
item = str(item).split('\n')
|
||||||
yield item
|
yield item
|
||||||
|
|
||||||
|
def parse_commands(module):
|
||||||
|
for cmd in module.params['commands']:
|
||||||
|
if isinstance(cmd, basestring):
|
||||||
|
cmd = dict(command=cmd, output=None)
|
||||||
|
elif 'command' not in cmd:
|
||||||
|
module.fail_json(msg='command keyword argument is required')
|
||||||
|
elif not set(cmd.keys()).issubset(VALID_KEYS):
|
||||||
|
module.fail_json(msg='unknown keyword specified')
|
||||||
|
yield cmd
|
||||||
|
|
||||||
def main():
|
def main():
|
||||||
spec = dict(
|
spec = dict(
|
||||||
commands=dict(type='list'),
|
# { command: <str>, prompt: <str>, response: <str> }
|
||||||
waitfor=dict(type='list'),
|
commands=dict(type='list', required=True),
|
||||||
|
|
||||||
|
wait_for=dict(type='list', aliases=['waitfor']),
|
||||||
|
match=dict(default='all', choices=['all', 'any']),
|
||||||
|
|
||||||
retries=dict(default=10, type='int'),
|
retries=dict(default=10, type='int'),
|
||||||
interval=dict(default=1, type='int')
|
interval=dict(default=1, type='int')
|
||||||
)
|
)
|
||||||
|
|
||||||
module = get_module(argument_spec=spec,
|
module = NetworkModule(argument_spec=spec,
|
||||||
|
connect_on_load=False,
|
||||||
supports_check_mode=True)
|
supports_check_mode=True)
|
||||||
|
|
||||||
commands = module.params['commands']
|
commands = list(parse_commands(module))
|
||||||
|
conditionals = module.params['wait_for'] or list()
|
||||||
|
|
||||||
retries = module.params['retries']
|
warnings = list()
|
||||||
interval = module.params['interval']
|
|
||||||
|
runner = CommandRunner(module)
|
||||||
|
|
||||||
|
for cmd in commands:
|
||||||
|
if module.check_mode and not cmd['command'].startswith('show'):
|
||||||
|
warnings.append('only show commands are supported when using '
|
||||||
|
'check mode, not executing `%s`' % cmd['command'])
|
||||||
|
else:
|
||||||
|
if cmd['command'].startswith('conf'):
|
||||||
|
module.fail_json(msg='asa_command does not support running '
|
||||||
|
'config mode commands. Please use '
|
||||||
|
'asa_config instead')
|
||||||
|
try:
|
||||||
|
runner.add_command(**cmd)
|
||||||
|
except AddCommandError:
|
||||||
|
exc = get_exception()
|
||||||
|
warnings.append('duplicate command detected: %s' % cmd)
|
||||||
|
|
||||||
|
for item in conditionals:
|
||||||
|
runner.add_conditional(item)
|
||||||
|
|
||||||
|
runner.retries = module.params['retries']
|
||||||
|
runner.interval = module.params['interval']
|
||||||
|
runner.match = module.params['match']
|
||||||
|
|
||||||
try:
|
try:
|
||||||
queue = set()
|
runner.run()
|
||||||
for entry in (module.params['waitfor'] or list()):
|
except FailedConditionsError:
|
||||||
queue.add(Conditional(entry))
|
|
||||||
except AttributeError:
|
|
||||||
exc = get_exception()
|
exc = get_exception()
|
||||||
module.fail_json(msg=exc.message)
|
module.fail_json(msg=str(exc), failed_conditions=exc.failed_conditions)
|
||||||
|
except NetworkError:
|
||||||
|
exc = get_exception()
|
||||||
|
module.fail_json(msg=str(exc))
|
||||||
|
|
||||||
result = dict(changed=False)
|
result = dict(changed=False, stdout=list())
|
||||||
|
|
||||||
while retries > 0:
|
for cmd in commands:
|
||||||
response = module.execute(commands)
|
try:
|
||||||
result['stdout'] = response
|
output = runner.get_command(cmd['command'])
|
||||||
|
except ValueError:
|
||||||
for item in list(queue):
|
output = 'command not executed due to check_mode, see warnings'
|
||||||
if item(response):
|
result['stdout'].append(output)
|
||||||
queue.remove(item)
|
|
||||||
|
|
||||||
if not queue:
|
|
||||||
break
|
|
||||||
|
|
||||||
time.sleep(interval)
|
|
||||||
retries -= 1
|
|
||||||
else:
|
|
||||||
failed_conditions = [item.raw for item in queue]
|
|
||||||
module.fail_json(msg='timeout waiting for value', failed_conditions=failed_conditions)
|
|
||||||
|
|
||||||
|
result['warnings'] = warnings
|
||||||
result['stdout_lines'] = list(to_lines(result['stdout']))
|
result['stdout_lines'] = list(to_lines(result['stdout']))
|
||||||
return module.exit_json(**result)
|
|
||||||
|
|
||||||
from ansible.module_utils.basic import *
|
module.exit_json(**result)
|
||||||
from ansible.module_utils.urls import *
|
|
||||||
from ansible.module_utils.shell import *
|
|
||||||
from ansible.module_utils.netcfg import *
|
|
||||||
from ansible.module_utils.asa import *
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
main()
|
main()
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue