Add EdgeOS config module (#35867)

* Add edgeos_config module

* Add edgeos_config module

* Remove debugging statements

* Add future import and correct module name in docs

lib/ansible/modules/network/edgeos/edgeos_config.py

@@ -0,0 +1,276 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+# Copyright (c) 2018 Ansible Project
+# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
+
+from __future__ import absolute_import, division, print_function
+__metaclass__ = type
+
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+                    'status': ['preview'],
+                    'supported_by': 'network'}
+
+DOCUMENTATION = """
+---
+module: edgeos_config
+version_added: "2.5"
+author:
+    - "Nathaniel Case (@qalthos)"
+    - "Sam Doran (@samdoran)"
+short_description: Manage EdgeOS configuration on remote device
+description:
+  - This module provides configuration file management of EdgeOS
+    devices. It provides arguments for managing both the
+    configuration file and state of the active configuration. All
+    configuration statements are based on `set` and `delete` commands
+    in the device configuration.
+notes:
+  - Tested against EdgeOS 1.9.7
+options:
+  lines:
+    description:
+      - The ordered set of configuration lines to be managed and
+        compared with the existing configuration on the remote
+        device.
+    required: false
+    default: null
+  src:
+    description:
+      - The C(src) argument specifies the path to the source config
+        file to load. The source config file can either be in
+        bracket format or set format. The source file can include
+        Jinja2 template variables.
+    required: no
+    default: null
+  match:
+    description:
+      - The C(match) argument controls the method used to match
+        against the current active configuration. By default, the
+        desired config is matched against the active config and the
+        deltas are loaded. If the C(match) argument is set to C(none)
+        the active configuration is ignored and the configuration is
+        always loaded.
+    required: false
+    default: line
+    choices: ['line', 'none']
+  backup:
+    description:
+      - The C(backup) argument will backup the current devices active
+        configuration to the Ansible control host prior to making any
+        changes. The backup file will be located in the backup folder
+        in the root of the playbook
+    required: false
+    default: false
+    choices: ['yes', 'no']
+  comment:
+    description:
+      - Allows a commit description to be specified to be included
+        when the configuration is committed. If the configuration is
+        not changed or committed, this argument is ignored.
+    required: false
+    default: 'configured by edgeos_config'
+  config:
+    description:
+      - The C(config) argument specifies the base configuration to use
+        to compare against the desired configuration. If this value
+        is not specified, the module will automatically retrieve the
+        current active configuration from the remote device.
+    required: false
+    default: null
+  save:
+    description:
+      - The C(save) argument controls whether or not changes made
+        to the active configuration are saved to disk. This is
+        independent of committing the config. When set to C(True), the
+        active configuration is saved.
+    required: false
+    default: false
+    choices: ['yes', 'no']
+"""
+
+EXAMPLES = """
+- name: configure the remote device
+  edgeos_config:
+    lines:
+      - set system host-name {{ inventory_hostname }}
+      - set service lldp
+      - delete service dhcp-server
+
+- name: backup and load from file
+  edgeos_config:
+    src: edgeos.cfg
+    backup: yes
+"""
+
+RETURN = """
+commands:
+  description: The list of configuration commands sent to the device
+  returned: always
+  type: list
+  sample: ['...', '...']
+filtered:
+  description: The list of configuration commands removed to avoid a load failure
+  returned: always
+  type: list
+  sample: ['...', '...']
+backup_path:
+  description: The full path to the backup file
+  returned: when backup is yes
+  type: string
+  sample: /playbooks/ansible/backup/edgeos_config.2016-07-16@22:28:34
+"""
+
+import re
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible.module_utils.network.common.config import NetworkConfig
+from ansible.module_utils.network.edgeos.edgeos import load_config, get_config, run_commands
+
+DEFAULT_COMMENT = 'configured by edgeos_config'
+
+CONFIG_FILTERS = [
+    re.compile(r'set system login user \S+ authentication encrypted-password')
+]
+
+
+def config_to_commands(config):
+    set_format = config.startswith('set') or config.startswith('delete')
+    candidate = NetworkConfig(indent=4, contents=config)
+    if not set_format:
+        candidate = [c.line for c in candidate.items]
+        commands = list()
+        # this filters out less specific lines
+        for item in candidate:
+            for index, entry in enumerate(commands):
+                if item.startswith(entry):
+                    del commands[index]
+                    break
+            commands.append(item)
+
+        commands = ['set %s' % cmd.replace(' {', '') for cmd in commands]
+
+    else:
+        commands = str(candidate).split('\n')
+
+    return commands
+
+
+def get_candidate(module):
+    contents = module.params['src'] or module.params['lines']
+
+    if module.params['lines']:
+        contents = '\n'.join(contents)
+
+    return config_to_commands(contents)
+
+
+def diff_config(commands, config):
+    config = [str(c).replace("'", '') for c in config.splitlines()]
+
+    updates = list()
+    visited = set()
+
+    for line in commands:
+        item = str(line).replace("'", '')
+
+        if not item.startswith('set') and not item.startswith('delete'):
+            raise ValueError('line must start with either `set` or `delete`')
+
+        elif item.startswith('set') and item not in config:
+            updates.append(line)
+
+        elif item.startswith('delete'):
+            if not config:
+                updates.append(line)
+            else:
+                item = re.sub(r'delete', 'set', item)
+                for entry in config:
+                    if entry.startswith(item) and line not in visited:
+                        updates.append(line)
+                        visited.add(line)
+
+    return list(updates)
+
+
+def sanitize_config(config, result):
+    result['filtered'] = list()
+    for regex in CONFIG_FILTERS:
+        for index, line in enumerate(list(config)):
+            if regex.search(line):
+                result['filtered'].append(line)
+                del config[index]
+
+
+def run(module, result):
+    # get the current active config from the node or passed in via
+    # the config param
+    config = module.params['config'] or get_config(module)
+
+    # create the candidate config object from the arguments
+    candidate = get_candidate(module)
+
+    # create loadable config that includes only the configuration updates
+    commands = diff_config(candidate, config)
+    sanitize_config(commands, result)
+
+    result['commands'] = commands
+
+    commit = not module.check_mode
+    comment = module.params['comment']
+
+    if commands:
+        load_config(module, commands, commit=commit, comment=comment)
+
+        if result.get('filtered'):
+            result['warnings'].append('Some configuration commands were '
+                                      'removed, please see the filtered key')
+
+        result['changed'] = True
+
+
+def main():
+    spec = dict(
+        src=dict(type='path'),
+        lines=dict(type='list'),
+
+        match=dict(default='line', choices=['line', 'none']),
+
+        comment=dict(default=DEFAULT_COMMENT),
+
+        config=dict(),
+
+        backup=dict(type='bool', default=False),
+        save=dict(type='bool', default=False),
+    )
+
+    mutually_exclusive = [('lines', 'src')]
+
+    module = AnsibleModule(
+        argument_spec=spec,
+        mutually_exclusive=mutually_exclusive,
+        supports_check_mode=True
+    )
+
+    warnings = list()
+
+    result = dict(changed=False, warnings=warnings)
+
+    if module.params['backup']:
+        result['__backup__'] = get_config(module=module)
+
+    if any((module.params['src'], module.params['lines'])):
+        run(module, result)
+
+    if module.params['save']:
+        diff = run_commands(module, commands=['configure', 'compare saved'])[1]
+        if diff != '[edit]':
+            run_commands(module, commands=['save'])
+            result['changed'] = True
+        run_commands(module, commands=['exit'])
+
+    module.exit_json(**result)
+
+
+if __name__ == '__main__':
+    main()

test/units/modules/network/edgeos/fixtures/edgeos_config_config.cfg

@@ -0,0 +1,10 @@
+set system host-name 'router'
+set system domain-name 'acme.com'
+set system domain-search domain 'acme.com'
+set system name-server '208.67.220.220'
+set system name-server '208.67.222.222'
+set interfaces ethernet eth0 address '1.2.3.4/24'
+set interfaces ethernet eth0 description 'Outside'
+set interfaces ethernet eth1 address '10.77.88.1/24'
+set interfaces ethernet eth1 description 'Inside'
+set interfaces ethernet eth1 disable

test/units/modules/network/edgeos/fixtures/edgeos_config_src.cfg

@@ -0,0 +1,5 @@
+set system host-name er01
+delete interfaces ethernet eth0 address
+set interfaces ethernet eth1 address '10.77.88.1/24'
+set interfaces ethernet eth1 description 'Inside'
+set interfaces ethernet eth1 disable

test/units/modules/network/edgeos/fixtures/edgeos_config_src_brackets.cfg

@@ -0,0 +1,13 @@
+interfaces {
+    ethernet eth0 {
+        address 10.10.10.10/24
+    }
+    ethernet eth1 {
+        address 10.77.88.1/24
+        description Inside
+        disable
+    }
+}
+system {
+    host-name er01
+}

test/units/modules/network/edgeos/test_edgeos_config.py

@@ -0,0 +1,94 @@
+#
+# (c) 2018 Red Hat Inc.
+#
+# This file is part of Ansible
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible.  If not, see <http://www.gnu.org/licenses/>.
+
+# Make coding more python3-ish
+from __future__ import (absolute_import, division, print_function)
+__metaclass__ = type
+
+from ansible.compat.tests.mock import patch
+from ansible.modules.network.edgeos import edgeos_config
+from units.modules.utils import set_module_args
+from .edgeos_module import TestEdgeosModule, load_fixture
+
+
+class TestEdgeosConfigModule(TestEdgeosModule):
+
+    module = edgeos_config
+
+    def setUp(self):
+        super(TestEdgeosConfigModule, self).setUp()
+
+        self.mock_get_config = patch('ansible.modules.network.edgeos.edgeos_config.get_config')
+        self.get_config = self.mock_get_config.start()
+
+        self.mock_load_config = patch('ansible.modules.network.edgeos.edgeos_config.load_config')
+        self.load_config = self.mock_load_config.start()
+
+        self.mock_run_commands = patch('ansible.modules.network.edgeos.edgeos_config.run_commands')
+        self.run_commands = self.mock_run_commands.start()
+
+    def tearDown(self):
+        super(TestEdgeosConfigModule, self).tearDown()
+
+        self.mock_get_config.stop()
+        self.mock_load_config.stop()
+        self.mock_run_commands.stop()
+
+    def load_fixtures(self, commands=None):
+        config_file = 'edgeos_config_config.cfg'
+        self.get_config.return_value = load_fixture(config_file)
+        self.load_config.return_value = None
+
+    def test_edgeos_config_unchanged(self):
+        src = load_fixture('edgeos_config_config.cfg')
+        set_module_args(dict(src=src))
+        self.execute_module()
+
+    def test_edgeos_config_src(self):
+        src = load_fixture('edgeos_config_src.cfg')
+        set_module_args(dict(src=src))
+        commands = ['set system host-name er01', 'delete interfaces ethernet eth0 address']
+        self.execute_module(changed=True, commands=commands)
+
+    def test_edgeos_config_src_brackets(self):
+        src = load_fixture('edgeos_config_src_brackets.cfg')
+        set_module_args(dict(src=src))
+        commands = ['set interfaces ethernet eth0 address 10.10.10.10/24', 'set system host-name er01']
+        self.execute_module(changed=True, commands=commands)
+
+    def test_edgeos_config_backup(self):
+        set_module_args(dict(backup=True))
+        result = self.execute_module()
+        self.assertIn('__backup__', result)
+
+    def test_edgeos_config_lines(self):
+        commands = ['set system host-name er01']
+        set_module_args(dict(lines=commands))
+        self.execute_module(changed=True, commands=commands)
+
+    def test_edgeos_config_config(self):
+        config = 'set system host-name localhost'
+        new_config = ['set system host-name er01']
+        set_module_args(dict(lines=new_config, config=config))
+        self.execute_module(changed=True, commands=new_config)
+
+    def test_edgeos_config_match_none(self):
+        lines = ['set system interfaces ethernet eth0 address 1.2.3.4/24',
+                 'set system interfaces ethernet eth0 description Outside']
+        set_module_args(dict(lines=lines, match='none'))
+        self.execute_module(changed=True, commands=lines, sort=False)