Adds token cleanup for bigip_partition (#34415)

Tokens need to be cleaned up or else the bigip may wedge itself over time if not enough tokens auto-expire.
2018-01-03 12:34:54 -08:00 · 2018-01-03 12:34:54 -08:00 · b40c779e46
commit b40c779e46
parent 38a31d3156
4 changed files with 59 additions and 11 deletions
--- a/lib/ansible/modules/network/f5/bigip_partition.py
+++ b/lib/ansible/modules/network/f5/bigip_partition.py
@ -356,23 +356,35 @@ class ArgumentSpec(object):
        self.f5_product_name = 'bigip'


-def main():
+def cleanup_tokens(client):
    try:
-        spec = ArgumentSpec()
-
-        client = AnsibleF5Client(
-            argument_spec=spec.argument_spec,
-            supports_check_mode=spec.supports_check_mode,
-            f5_product_name=spec.f5_product_name
+        resource = client.api.shared.authz.tokens_s.token.load(
+            name=client.api.icrs.token
        )
+        resource.delete()
+    except Exception:
+        pass

-        if not HAS_F5SDK:
-            raise F5ModuleError("The python f5-sdk module is required")

+def main():
+    if not HAS_F5SDK:
+        raise F5ModuleError("The python f5-sdk module is required")
+
+    spec = ArgumentSpec()
+
+    client = AnsibleF5Client(
+        argument_spec=spec.argument_spec,
+        supports_check_mode=spec.supports_check_mode,
+        f5_product_name=spec.f5_product_name
+    )
+
+    try:
        mm = ModuleManager(client)
        results = mm.exec_module()
+        cleanup_tokens(client)
        client.module.exit_json(**results)
    except F5ModuleError as e:
+        cleanup_tokens(client)
        client.module.fail_json(msg=str(e))


--- a/lib/ansible/modules/network/f5/bigip_user.py
+++ b/lib/ansible/modules/network/f5/bigip_user.py
@ -194,10 +194,10 @@ import re
 from distutils.version import LooseVersion
 from ansible.module_utils.f5_utils import AnsibleF5Client
 from ansible.module_utils.f5_utils import AnsibleF5Parameters
-from ansible.module_utils.f5_utils import defaultdict
 from ansible.module_utils.f5_utils import HAS_F5SDK
 from ansible.module_utils.f5_utils import F5ModuleError
 from ansible.module_utils.six import iteritems
+from collections import defaultdict

 try:
    from StringIO import StringIO
@ -669,6 +669,16 @@ class ArgumentSpec(object):
        self.f5_product_name = 'bigip'


+def cleanup_tokens(client):
+    try:
+        resource = client.api.shared.authz.tokens_s.token.load(
+            name=client.api.icrs.token
+        )
+        resource.delete()
+    except Exception:
+        pass
+
+
 def main():
    if not HAS_F5SDK:
        raise F5ModuleError("The python f5-sdk module is required")
@ -684,8 +694,10 @@ def main():
    try:
        mm = ModuleManager(client)
        results = mm.exec_module()
+        cleanup_tokens(client)
        client.module.exit_json(**results)
    except F5ModuleError as e:
+        cleanup_tokens(client)
        client.module.fail_json(msg=str(e))


--- a/lib/ansible/modules/network/f5/bigip_vcmp_guest.py
+++ b/lib/ansible/modules/network/f5/bigip_vcmp_guest.py
@ -688,6 +688,16 @@ class ArgumentSpec(object):
        ]


+def cleanup_tokens(client):
+    try:
+        resource = client.api.shared.authz.tokens_s.token.load(
+            name=client.api.icrs.token
+        )
+        resource.delete()
+    except Exception:
+        pass
+
+
 def main():
    if not HAS_F5SDK:
        raise F5ModuleError("The python f5-sdk module is required")
@ -706,9 +716,12 @@ def main():
    try:
        mm = ModuleManager(client)
        results = mm.exec_module()
+        cleanup_tokens(client)
        client.module.exit_json(**results)
    except F5ModuleError as e:
+        cleanup_tokens(client)
        client.module.fail_json(msg=str(e))

+
 if __name__ == '__main__':
    main()
--- a/lib/ansible/modules/network/f5/bigip_wait.py
+++ b/lib/ansible/modules/network/f5/bigip_wait.py
@ -121,7 +121,6 @@ class AnsibleF5ClientStub(AnsibleF5Client):
    the result will replace this work here.

    """
-
    def __init__(self, argument_spec=None, supports_check_mode=False,
                 mutually_exclusive=None, required_together=None,
                 required_if=None, required_one_of=None, add_file_common_args=False,
@ -396,6 +395,16 @@ class ArgumentSpec(object):
        self.f5_product_name = 'bigip'


+def cleanup_tokens(client):
+    try:
+        resource = client.api.shared.authz.tokens_s.token.load(
+            name=client.api.icrs.token
+        )
+        resource.delete()
+    except Exception:
+        pass
+
+
 def main():
    if not HAS_F5SDK:
        raise F5ModuleError("The python f5-sdk module is required")
@ -411,8 +420,10 @@ def main():
    try:
        mm = ModuleManager(client)
        results = mm.exec_module()
+        cleanup_tokens(client)
        client.module.exit_json(**results)
    except F5ModuleError as e:
+        cleanup_tokens(client)
        client.module.fail_json(msg=str(e))