From 98692ab35084c16f59120a77797e71e61f1e20c1 Mon Sep 17 00:00:00 2001 From: Abhijeet Kasurde Date: Wed, 10 Apr 2019 08:09:21 +0530 Subject: [PATCH] VMware: Add check for valid VLAN id range (#55023) Check allows vmware_dvs_portgroup to fail early if user specified invalid range in VLAN id(s). Fixes: #54927 Signed-off-by: Abhijeet Kasurde --- .../cloud/vmware/vmware_dvs_portgroup.py | 7 ++++-- .../vmware_dvs_portgroup/tasks/main.yml | 25 ++++++++++++++++++- 2 files changed, 29 insertions(+), 3 deletions(-) diff --git a/lib/ansible/modules/cloud/vmware/vmware_dvs_portgroup.py b/lib/ansible/modules/cloud/vmware/vmware_dvs_portgroup.py index daa39a47329..823e4bbefc4 100644 --- a/lib/ansible/modules/cloud/vmware/vmware_dvs_portgroup.py +++ b/lib/ansible/modules/cloud/vmware/vmware_dvs_portgroup.py @@ -43,6 +43,7 @@ options: description: - The VLAN ID that should be configured with the portgroup, use 0 for no VLAN. - 'If C(vlan_trunk) is configured to be I(true), this can be a combination of multiple ranges and numbers, example: 1-200, 205, 400-4094.' + - The valid C(vlan_id) range is from 0 to 4094. Overlapping ranges are allowed. required: True num_ports: description: @@ -260,8 +261,10 @@ class VMwareDvsPortgroup(PyVmomi): vlan_id_list = [] for vlan_id_splitted in self.module.params['vlan_id'].split(','): try: - vlan_id_start, vlan_id_end = vlan_id_splitted.split('-') - vlan_id_list.append(vim.NumericRange(start=int(vlan_id_start.strip()), end=int(vlan_id_end.strip()))) + vlan_id_start, vlan_id_end = map(int, vlan_id_splitted.split('-')) + if vlan_id_start not in range(0, 4095) or vlan_id_end not in range(0, 4095): + self.module.fail_json(msg="vlan_id range %s specified is incorrect. The valid vlan_id range is from 0 to 4094." % vlan_id_splitted) + vlan_id_list.append(vim.NumericRange(start=vlan_id_start, end=vlan_id_end)) except ValueError: vlan_id_list.append(vim.NumericRange(start=int(vlan_id_splitted.strip()), end=int(vlan_id_splitted.strip()))) config.defaultPortConfig.vlan.vlanId = vlan_id_list diff --git a/test/integration/targets/vmware_dvs_portgroup/tasks/main.yml b/test/integration/targets/vmware_dvs_portgroup/tasks/main.yml index fd5807f7448..ae49e25c635 100644 --- a/test/integration/targets/vmware_dvs_portgroup/tasks/main.yml +++ b/test/integration/targets/vmware_dvs_portgroup/tasks/main.yml @@ -98,7 +98,7 @@ password: "{{ vcsim_instance['json']['password'] }}" switch_name: "{{ new_dvs_0001['json'][0] | basename }}" portgroup_name: "basic-trunk" - vlan_id: 1-4096 + vlan_id: 1-4094 vlan_trunk: True num_ports: 32 portgroup_type: earlyBinding @@ -231,3 +231,26 @@ assert: that: - "{{ dvs_pg_result_0008.changed == false }}" + +# Testcase 0009: Check valid VLAN id range in DVS Portgroup +- name: Check valid VLAN id range in DVS Portgroup + vmware_dvs_portgroup: + validate_certs: False + hostname: "{{ vcsim }}" + username: "{{ vcsim_instance['json']['username'] }}" + password: "{{ vcsim_instance['json']['password'] }}" + switch_name: "{{ new_dvs_0001['json'][0] | basename }}" + portgroup_name: "basic_trunk_0001" + vlan_id: 1-4096 + vlan_trunk: True + num_ports: 32 + portgroup_type: earlyBinding + state: present + register: dvs_pg_result_0009 + ignore_errors: True + +- name: Ensure module fails for invalid VLAN id + assert: + that: + - not dvs_pg_result_0009.changed + - "'vlan_id range 1-4096 specified is incorrect. The valid vlan_id range is from 0 to 4094.' == '{{ dvs_pg_result_0009.msg }}'"