From 53b2a261de1b32b2aaa50f1b86a435eed05c541b Mon Sep 17 00:00:00 2001 From: Chris Archibald Date: Wed, 28 Aug 2019 21:21:45 -0700 Subject: [PATCH] new module: Cloud Volumes for AWS, active Directory (#61342) * new module * fixes * update --- .../amazon/aws_netapp_cvs_active_directory.py | 270 ++++++++++++++++++ .../test_aws_netapp_cvs_active_directory.py | 124 ++++++++ 2 files changed, 394 insertions(+) create mode 100644 lib/ansible/modules/cloud/amazon/aws_netapp_cvs_active_directory.py create mode 100644 test/units/modules/cloud/amazon/test_aws_netapp_cvs_active_directory.py diff --git a/lib/ansible/modules/cloud/amazon/aws_netapp_cvs_active_directory.py b/lib/ansible/modules/cloud/amazon/aws_netapp_cvs_active_directory.py new file mode 100644 index 00000000000..07dd4a33756 --- /dev/null +++ b/lib/ansible/modules/cloud/amazon/aws_netapp_cvs_active_directory.py @@ -0,0 +1,270 @@ +#!/usr/bin/python + +# (c) 2019, NetApp Inc. +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +"""AWS Cloud Volumes Services - Manage ActiveDirectory""" + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type + +ANSIBLE_METADATA = {'metadata_version': '1.1', + 'status': ['preview'], + 'supported_by': 'certified'} + + +DOCUMENTATION = ''' + +module: aws_netapp_cvs_active_directory + +short_description: NetApp AWS CloudVolumes Service Manage Active Directory. +extends_documentation_fragment: + - netapp.awscvs +version_added: '2.9' +author: NetApp Ansible Team (@carchi8py) +description: + - Create, Update, Delete ActiveDirectory on AWS Cloud Volumes Service. + +options: + state: + description: + - Whether the specified ActiveDirectory should exist or not. + choices: ['present', 'absent'] + required: true + type: str + + region: + description: + - The region to which the Active Directory credentials are associated. + required: true + type: str + + domain: + description: + - Name of the Active Directory domain + required: true + type: str + + DNS: + description: + - DNS server address for the Active Directory domain + - Required when C(state=present) + - Required when C(state=present), to modify ActiveDirectory properties. + type: str + + netBIOS: + description: + - NetBIOS name of the server. + type: str + + username: + description: + - Username of the Active Directory domain administrator + type: str + + password: + description: + - Password of the Active Directory domain administrator + type: str +''' + +EXAMPLES = """ + - name: Create Active Directory + aws_netapp_cvs_active_directory.py: + state: present + region: us-east-1 + DNS: 101.102.103.123 + domain: mydomain.com + password: netapp1! + netBIOS: testing + username: user1 + api_url : My_CVS_Hostname + api_key: My_API_Key + secret_key : My_Secret_Key + + - name: Update Active Directory + aws_netapp_cvs_active_directory.py: + state: present + region: us-east-1 + DNS: 101.102.103.123 + domain: mydomain.com + password: netapp2! + netBIOS: testingBIOS + username: user2 + api_url : My_CVS_Hostname + api_key: My_API_Key + secret_key : My_Secret_Key + + - name: Delete Active Directory + aws_netapp_cvs_active_directory.py: + state: absent + region: us-east-1 + domain: mydomain.com + api_url : My_CVS_Hostname + api_key: My_API_Key + secret_key : My_Secret_Key +""" + +RETURN = ''' +''' + +import ansible.module_utils.netapp as netapp_utils +from ansible.module_utils.basic import AnsibleModule +from ansible.module_utils.netapp_module import NetAppModule +from ansible.module_utils.netapp import AwsCvsRestAPI + + +class AwsCvsNetappActiveDir(object): + """ + Contains methods to parse arguments, + derive details of AWS_CVS objects + and send requests to AWS CVS via + the restApi + """ + + def __init__(self): + """ + Parse arguments, setup state variables, + check paramenters and ensure request module is installed + """ + self.argument_spec = netapp_utils.aws_cvs_host_argument_spec() + self.argument_spec.update(dict( + state=dict(required=True, choices=['present', 'absent'], type='str'), + region=dict(required=True, type='str'), + DNS=dict(required=False, type='str'), + domain=dict(required=False, type='str'), + password=dict(required=False, type='str', no_log=True), + netBIOS=dict(required=False, type='str'), + username=dict(required=False, type='str') + )) + + self.module = AnsibleModule( + argument_spec=self.argument_spec, + required_if=[ + ('state', 'present', ['region', 'domain']), + ], + supports_check_mode=True + ) + + self.na_helper = NetAppModule() + + # set up state variables + self.parameters = self.na_helper.set_parameters(self.module.params) + # Calling generic AWSCVS restApi class + self.restApi = AwsCvsRestAPI(self.module) + + def get_activedirectoryId(self): + # Check if ActiveDirectory exists + # Return UUID for ActiveDirectory is found, None otherwise + try: + list_activedirectory, error = self.restApi.get('Storage/ActiveDirectory') + except Exception as e: + return None + + for ActiveDirectory in list_activedirectory: + if ActiveDirectory['region'] == self.parameters['region']: + return ActiveDirectory['UUID'] + return None + + def get_activedirectory(self, activeDirectoryId=None): + if activeDirectoryId is None: + return None + else: + ActiveDirectoryInfo, error = self.restApi.get('Storage/ActiveDirectory/%s' % activeDirectoryId) + if not error: + return ActiveDirectoryInfo + return None + + def create_activedirectory(self): + # Create ActiveDirectory + api = 'Storage/ActiveDirectory' + data = {"region": self.parameters['region'], "DNS": self.parameters['DNS'], "domain": self.parameters['domain'], + "username": self.parameters['username'], "password": self.parameters['password'], "netBIOS": self.parameters['netBIOS']} + + response, error = self.restApi.post(api, data) + + if not error: + return response + else: + self.module.fail_json(msg=response['message']) + + def delete_activedirectory(self): + activedirectoryId = self.get_activedirectoryId() + # Delete ActiveDirectory + + if activedirectoryId: + api = 'Storage/ActiveDirectory/' + activedirectoryId + data = None + response, error = self.restApi.delete(api, data) + if not error: + return response + else: + self.module.fail_json(msg=response['message']) + + else: + self.module.fail_json(msg="Active Directory does not exist") + + def update_activedirectory(self, activedirectoryId, updated_activedirectory): + # Update ActiveDirectory + api = 'Storage/ActiveDirectory/' + activedirectoryId + data = { + "region": self.parameters['region'], + "DNS": updated_activedirectory['DNS'], + "domain": updated_activedirectory['domain'], + "username": updated_activedirectory['username'], + "password": updated_activedirectory['password'], + "netBIOS": updated_activedirectory['netBIOS'] + } + + response, error = self.restApi.put(api, data) + if not error: + return response + else: + self.module.fail_json(msg=response['message']) + + def apply(self): + """ + Perform pre-checks, call functions and exit + """ + modify = False + activeDirectoryId = self.get_activedirectoryId() + current = self.get_activedirectory(activeDirectoryId) + cd_action = self.na_helper.get_cd_action(current, self.parameters) + + if current and self.parameters['state'] != 'absent': + keys_to_check = ['DNS', 'domain', 'username', 'password', 'netBIOS'] + updated_active_directory, modify = self.na_helper.compare_and_update_values(current, self.parameters, keys_to_check) + + if modify is True: + self.na_helper.changed = True + if 'domain' in self.parameters and self.parameters['domain'] is not None: + ad_exists = self.get_activedirectory(updated_active_directory['domain']) + if ad_exists: + modify = False + self.na_helper.changed = False + + if self.na_helper.changed: + if self.module.check_mode: + pass + else: + if modify is True: + self.update_activedirectory(activeDirectoryId, updated_active_directory) + elif cd_action == 'create': + self.create_activedirectory() + elif cd_action == 'delete': + self.delete_activedirectory() + + self.module.exit_json(changed=self.na_helper.changed) + + +def main(): + """ + Main function + """ + aws_netapp_cvs_active_directory = AwsCvsNetappActiveDir() + aws_netapp_cvs_active_directory.apply() + + +if __name__ == '__main__': + main() diff --git a/test/units/modules/cloud/amazon/test_aws_netapp_cvs_active_directory.py b/test/units/modules/cloud/amazon/test_aws_netapp_cvs_active_directory.py new file mode 100644 index 00000000000..bc420d566c0 --- /dev/null +++ b/test/units/modules/cloud/amazon/test_aws_netapp_cvs_active_directory.py @@ -0,0 +1,124 @@ +# (c) 2019, NetApp, Inc +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +''' unit tests ONTAP Ansible module: ''' + +from __future__ import (absolute_import, division, print_function) +__metaclass__ = type +import json +import pytest + +from units.compat import unittest +from units.compat.mock import patch, Mock +from ansible.module_utils import basic +from ansible.module_utils._text import to_bytes +from requests import Response + + +from ansible.module_utils.netapp import AwsCvsRestAPI +from ansible.modules.cloud.amazon.aws_netapp_cvs_active_directory \ + import AwsCvsNetappActiveDir as ad_module + + +def set_module_args(args): + """prepare arguments so that they will be picked up during module creation""" + args = json.dumps({'ANSIBLE_MODULE_ARGS': args}) + basic._ANSIBLE_ARGS = to_bytes(args) # pylint: disable=protected-access + + +class AnsibleExitJson(Exception): + """Exception class to be raised by module.exit_json and caught by the test case""" + pass + + +class AnsibleFailJson(Exception): + """Exception class to be raised by module.fail_json and caught by the test case""" + pass + + +def exit_json(*args, **kwargs): # pylint: disable=unused-argument + """function to patch over exit_json; package return data into an exception""" + if 'changed' not in kwargs: + kwargs['changed'] = False + raise AnsibleExitJson(kwargs) + + +def fail_json(*args, **kwargs): # pylint: disable=unused-argument + """function to patch over fail_json; package return data into an exception""" + kwargs['failed'] = True + raise AnsibleFailJson(kwargs) + + +class TestMyModule(unittest.TestCase): + ''' a group of related Unit Tests ''' + + def setUp(self): + self.mock_module_helper = patch.multiple(basic.AnsibleModule, + exit_json=exit_json, + fail_json=fail_json) + self.mock_module_helper.start() + self.addCleanup(self.mock_module_helper.stop) + + def set_default_args_fail_check(self): + return dict({ + 'state': 'present', + 'DNS': '101.102.103.123', + 'domain': 'mydomain.com', + 'password': 'netapp1!', + 'username': 'myuser', + 'api_url': 'myapiurl.com', + 'secret_key': 'mysecretkey', + 'api_key': 'myapikey' + }) + + def set_default_args_pass_check(self): + return dict({ + 'state': 'present', + 'DNS': '101.102.103.123', + 'domain': 'mydomain.com', + 'password': 'netapp1!', + 'region': 'us-east-1', + 'netBIOS': 'testing', + 'username': 'myuser', + 'api_url': 'myapiurl.com', + 'secret_key': 'mysecretkey', + 'api_key': 'myapikey' + }) + + def test_module_fail_when_required_args_missing(self): + ''' required arguments are reported as errors ''' + with pytest.raises(AnsibleFailJson) as exc: + set_module_args(self.set_default_args_fail_check()) + ad_module() + print('Info: %s' % exc.value.args[0]['msg']) + + def test_module_fail_when_required_args_present(self): + ''' required arguments are reported as errors ''' + with pytest.raises(AnsibleExitJson) as exc: + set_module_args(self.set_default_args_pass_check()) + ad_module() + exit_json(changed=True, msg="TestCase Fail when required ars are present") + assert exc.value.args[0]['changed'] + + @patch('ansible.modules.cloud.amazon.aws_netapp_cvs_active_directory.AwsCvsNetappActiveDir.get_activedirectoryId') + @patch('ansible.modules.cloud.amazon.aws_netapp_cvs_active_directory.AwsCvsNetappActiveDir.get_activedirectory') + @patch('ansible.module_utils.netapp.AwsCvsRestAPI.post') + def test_create_aws_netapp_cvs_activedir(self, get_post_api, get_aws_api, get_ad_id): + set_module_args(self.set_default_args_pass_check()) + my_obj = ad_module() + my_ad = { + 'region': 'us-east-1', + 'DNS': '101.102.103.123', + 'domain': 'mydomain.com', + 'password': 'netapp1!', + 'netBIOS': 'testing', + 'username': 'myuser' + } + + get_aws_api.return_value = None + get_post_api.return_value = None, None + get_ad_id.return_value = "123" + with pytest.raises(AnsibleExitJson) as exc: + my_obj.apply() + print('Info: test_create_aws_netapp_cvs_active_directory: %s' % repr(exc.value)) + assert exc.value.args[0]['changed']