cmueller/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Fixes bigip_asm_policy (#35154)

Browse source 
This module had been unable to successfully create policies
on different partitions. This appears to be fixed now
This commit is contained in:
Tim Rupp 2018-01-21 10:11:27 -08:00 committed by GitHub
parent 347b5d1e50
commit bff862b05d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 113 additions and 46 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

30
lib/ansible/module_utils/network/f5/bigip.py
View file

@ -7,6 +7,8 @@ from __future__ import absolute_import, division, print_function
__metaclass__ = type __metaclass__ = type
import time
try: try:
from f5.bigip import ManagementRoot from f5.bigip import ManagementRoot
from icontrol.exceptions import iControlUnexpectedHTTPError from icontrol.exceptions import iControlUnexpectedHTTPError
@ -25,18 +27,24 @@ except ImportError:
class F5Client(F5BaseClient): class F5Client(F5BaseClient):
@property @property
def api(self): def api(self):
try: result = None
result = ManagementRoot( for x in range(0, 10):
self.params['server'], try:
self.params['user'], result = ManagementRoot(
self.params['password'], self.params['server'],
port=self.params['server_port'], self.params['user'],
verify=self.params['validate_certs'], self.params['password'],
token='tmos' port=self.params['server_port'],
) verify=self.params['validate_certs'],
except Exception: token='tmos'
)
break
except Exception:
time.sleep(3)
if result:
return result
else:
raise F5ModuleError( raise F5ModuleError(
'Unable to connect to {0} on port {1}. ' 'Unable to connect to {0} on port {1}. '
'Is "validate_certs" preventing this?'.format(self.params['server'], self.params['server_port']) 'Is "validate_certs" preventing this?'.format(self.params['server'], self.params['server_port'])
) )
return result

30
lib/ansible/module_utils/network/f5/bigiq.py
View file

@ -7,6 +7,8 @@ from __future__ import absolute_import, division, print_function
__metaclass__ = type __metaclass__ = type
import time
try: try:
from f5.bigiq import ManagementRoot from f5.bigiq import ManagementRoot
from icontrol.exceptions import iControlUnexpectedHTTPError from icontrol.exceptions import iControlUnexpectedHTTPError
@ -25,18 +27,24 @@ except ImportError:
class F5Client(F5BaseClient): class F5Client(F5BaseClient):
@property @property
def api(self): def api(self):
try: result = None
result = ManagementRoot( for x in range(0, 10):
self.params['server'], try:
self.params['user'], result = ManagementRoot(
self.params['password'], self.params['server'],
port=self.params['server_port'], self.params['user'],
verify=self.params['validate_certs'], self.params['password'],
token='local' port=self.params['server_port'],
) verify=self.params['validate_certs'],
except Exception: token='local'
)
break
except Exception:
time.sleep(3)
if result:
return result
else:
raise F5ModuleError( raise F5ModuleError(
'Unable to connect to {0} on port {1}. ' 'Unable to connect to {0} on port {1}. '
'Is "validate_certs" preventing this?'.format(self.params['server'], self.params['server_port']) 'Is "validate_certs" preventing this?'.format(self.params['server'], self.params['server_port'])
) )
return result

30
lib/ansible/module_utils/network/f5/iworkflow.py
View file

@ -7,6 +7,8 @@ from __future__ import absolute_import, division, print_function
__metaclass__ = type __metaclass__ = type
import time
try: try:
from f5.iworkflow import ManagementRoot from f5.iworkflow import ManagementRoot
from icontrol.exceptions import iControlUnexpectedHTTPError from icontrol.exceptions import iControlUnexpectedHTTPError
@ -25,18 +27,24 @@ except ImportError:
class F5Client(F5BaseClient): class F5Client(F5BaseClient):
@property @property
def api(self): def api(self):
try: result = None
result = ManagementRoot( for x in range(0, 10):
self.params['server'], try:
self.params['user'], result = ManagementRoot(
self.params['password'], self.params['server'],
port=self.params['server_port'], self.params['user'],
verify=self.params['validate_certs'], self.params['password'],
token='local' port=self.params['server_port'],
) verify=self.params['validate_certs'],
except Exception: token='local'
)
break
except Exception:
time.sleep(3)
if result:
return result
else:
raise F5ModuleError( raise F5ModuleError(
'Unable to connect to {0} on port {1}. ' 'Unable to connect to {0} on port {1}. '
'Is "validate_certs" preventing this?'.format(self.params['server'], self.params['server_port']) 'Is "validate_certs" preventing this?'.format(self.params['server'], self.params['server_port'])
) )
return result

57
lib/ansible/modules/network/f5/bigip_asm_policy.py
View file

@ -530,7 +530,6 @@ class BaseManager(object):
policies = self.client.api.tm.asm.policies_s.get_collection() policies = self.client.api.tm.asm.policies_s.get_collection()
if any(p.name == self.want.name and p.partition == self.want.partition for p in policies): if any(p.name == self.want.name and p.partition == self.want.partition for p in policies):
return True return True
return False return False
def _file_is_missing(self): def _file_is_missing(self):
@ -541,7 +540,6 @@ class BaseManager(object):
return False return False
def create(self): def create(self):
task = None
if self.want.active is None: if self.want.active is None:
self.want.update(dict(active=False)) self.want.update(dict(active=False))
if self._file_is_missing(): if self._file_is_missing():
@ -556,13 +554,9 @@ class BaseManager(object):
self.create_blank() self.create_blank()
else: else:
if self.want.template is not None: if self.want.template is not None:
task = self.create_from_template_on_device() self.create_from_template()
elif self.want.file is not None: elif self.want.file is not None:
task = self.import_to_device() self.create_from_file()
if not task:
return False
if not self.wait_for_task(task):
raise F5ModuleError('Import policy task failed.')
if self.want.active: if self.want.active:
self.activate() self.activate()
@ -670,6 +664,7 @@ class BaseManager(object):
partition=self.want.partition, partition=self.want.partition,
policyTemplateReference=self.want.template_link policyTemplateReference=self.want.template_link
) )
time.sleep(2)
return result return result
def create_on_device(self): def create_on_device(self):
@ -721,6 +716,38 @@ class V1Manager(BaseManager):
super(V1Manager, self).__init__(client=client, module=module) super(V1Manager, self).__init__(client=client, module=module)
self.want = V1Parameters(params=module.params, client=client) self.want = V1Parameters(params=module.params, client=client)
def create_from_file(self):
self.import_to_device()
self.remove_temp_policy_from_device()
def create_from_template(self):
self.create_from_template_on_device()
def create_from_template_on_device(self):
full_name = fqdn_name(self.want.partition, self.want.name)
cmd = 'tmsh create asm policy {0} policy-template {1}'.format(full_name, self.want.template)
self.client.api.tm.util.bash.exec_cmd(
'run',
utilCmdArgs='-c "{0}"'.format(cmd)
)
def remove_temp_policy_from_device(self):
name = os.path.split(self.want.file)[1]
tpath_name = '/var/config/rest/downloads/{0}'.format(name)
self.client.api.tm.util.unix_rm.exec_cmd('run', utilCmdArgs=tpath_name)
def import_to_device(self):
self.client.api.shared.file_transfer.uploads.upload_file(self.want.file)
time.sleep(2)
name = os.path.split(self.want.file)[1]
full_name = fqdn_name(self.want.partition, self.want.name)
cmd = 'tmsh load asm policy {0} file /var/config/rest/downloads/{1}'.format(full_name, name)
self.client.api.tm.util.bash.exec_cmd(
'run',
utilCmdArgs='-c "{0}"'.format(cmd)
)
return True
class V2Manager(BaseManager): class V2Manager(BaseManager):
def __init__(self, *args, **kwargs): def __init__(self, *args, **kwargs):
@ -729,6 +756,20 @@ class V2Manager(BaseManager):
super(V2Manager, self).__init__(client=client, module=module) super(V2Manager, self).__init__(client=client, module=module)
self.want = V2Parameters(params=module.params, client=client) self.want = V2Parameters(params=module.params, client=client)
def create_from_template(self):
task = self.create_from_template_on_device()
if not task:
return False
if not self.wait_for_task(task):
raise F5ModuleError('Import policy task failed.')
def create_from_file(self):
task = self.import_to_device()
if not task:
return False
if not self.wait_for_task(task):
raise F5ModuleError('Import policy task failed.')
class ArgumentSpec(object): class ArgumentSpec(object):
def __init__(self): def __init__(self):

12
test/units/modules/network/f5/test_bigip_asm_policy.py
View file

@ -113,6 +113,7 @@ class TestManager(unittest.TestCase):
v1.wait_for_task = Mock(side_effect=[True, True]) v1.wait_for_task = Mock(side_effect=[True, True])
v1.read_current_from_device = Mock(return_value=current) v1.read_current_from_device = Mock(return_value=current)
v1.apply_on_device = Mock(return_value=True) v1.apply_on_device = Mock(return_value=True)
v1.remove_temp_policy_from_device = Mock(return_value=True)
# Override methods to force specific logic in the module to happen # Override methods to force specific logic in the module to happen
mm = ModuleManager(module=module) mm = ModuleManager(module=module)
@ -348,6 +349,7 @@ class TestManager(unittest.TestCase):
v1.import_to_device = Mock(return_value=True) v1.import_to_device = Mock(return_value=True)
v1.wait_for_task = Mock(side_effect=[True, True]) v1.wait_for_task = Mock(side_effect=[True, True])
v1.read_current_from_device = Mock(return_value=current) v1.read_current_from_device = Mock(return_value=current)
v1.remove_temp_policy_from_device = Mock(return_value=True)
# Override methods to force specific logic in the module to happen # Override methods to force specific logic in the module to happen
mm = ModuleManager(module=module) mm = ModuleManager(module=module)
@ -478,15 +480,15 @@ class TestManager(unittest.TestCase):
msg = 'Import policy task failed.' msg = 'Import policy task failed.'
# Override methods to force specific logic in the module to happen # Override methods to force specific logic in the module to happen
v1 = V1Manager(module=module) v2 = V2Manager(module=module)
v1.exists = Mock(return_value=False) v2.exists = Mock(return_value=False)
v1.import_to_device = Mock(return_value=True) v2.import_to_device = Mock(return_value=True)
v1.wait_for_task = Mock(return_value=False) v2.wait_for_task = Mock(return_value=False)
# Override methods to force specific logic in the module to happen # Override methods to force specific logic in the module to happen
mm = ModuleManager(module=module) mm = ModuleManager(module=module)
mm.version_is_less_than_13 = Mock(return_value=False) mm.version_is_less_than_13 = Mock(return_value=False)
mm.get_manager = Mock(return_value=v1) mm.get_manager = Mock(return_value=v2)
with pytest.raises(F5ModuleError) as err: with pytest.raises(F5ModuleError) as err:
mm.exec_module() mm.exec_module()