Adds more token cleanup (#34207)

Token cleanup assists in preventing the ansible modules from overwhelming the existing tokens in bigip api
2017-12-22 12:54:56 -08:00 · 2017-12-22 12:54:56 -08:00 · d19108e592
commit d19108e592
parent 75fbfb9e36
7 changed files with 103 additions and 28 deletions
--- a/lib/ansible/modules/network/f5/bigip_config.py
+++ b/lib/ansible/modules/network/f5/bigip_config.py
@ -339,6 +339,16 @@ class ArgumentSpec(object):
        self.f5_product_name = 'bigip'


+def cleanup_tokens(client):
+    try:
+        resource = client.api.shared.authz.tokens_s.token.load(
+            name=client.api.icrs.token
+        )
+        resource.delete()
+    except Exception:
+        pass
+
+
 def main():
    if not HAS_F5SDK:
        raise F5ModuleError("The python f5-sdk module is required")
@ -354,8 +364,10 @@ def main():
    try:
        mm = ModuleManager(client)
        results = mm.exec_module()
+        cleanup_tokens(client)
        client.module.exit_json(**results)
    except F5ModuleError as e:
+        cleanup_tokens(client)
        client.module.fail_json(msg=str(e))


--- a/lib/ansible/modules/network/f5/bigip_configsync_action.py
+++ b/lib/ansible/modules/network/f5/bigip_configsync_action.py
@ -347,6 +347,16 @@ class ArgumentSpec(object):
        ]


+def cleanup_tokens(client):
+    try:
+        resource = client.api.shared.authz.tokens_s.token.load(
+            name=client.api.icrs.token
+        )
+        resource.delete()
+    except Exception:
+        pass
+
+
 def main():
    if not HAS_F5SDK:
        raise F5ModuleError(
@ -371,8 +381,10 @@ def main():
    try:
        mm = ModuleManager(client)
        results = mm.exec_module()
+        cleanup_tokens(client)
        client.module.exit_json(**results)
    except F5ModuleError as e:
+        cleanup_tokens(client)
        client.module.fail_json(msg=str(e))


--- a/lib/ansible/modules/network/f5/bigip_device_connectivity.py
+++ b/lib/ansible/modules/network/f5/bigip_device_connectivity.py
@ -565,6 +565,16 @@ class ArgumentSpec(object):
        ]


+def cleanup_tokens(client):
+    try:
+        resource = client.api.shared.authz.tokens_s.token.load(
+            name=client.api.icrs.token
+        )
+        resource.delete()
+    except Exception:
+        pass
+
+
 def main():
    if not HAS_F5SDK:
        raise F5ModuleError("The python f5-sdk module is required")
@ -583,9 +593,12 @@ def main():
    try:
        mm = ModuleManager(client)
        results = mm.exec_module()
+        cleanup_tokens(client)
        client.module.exit_json(**results)
    except F5ModuleError as e:
+        cleanup_tokens(client)
        client.module.fail_json(msg=str(e))

+
 if __name__ == '__main__':
    main()
--- a/lib/ansible/modules/network/f5/bigip_device_dns.py
+++ b/lib/ansible/modules/network/f5/bigip_device_dns.py
@ -366,6 +366,16 @@ class ArgumentSpec(object):
        self.f5_product_name = 'bigip'


+def cleanup_tokens(client):
+    try:
+        resource = client.api.shared.authz.tokens_s.token.load(
+            name=client.api.icrs.token
+        )
+        resource.delete()
+    except Exception:
+        pass
+
+
 def main():
    if not HAS_F5SDK:
        raise F5ModuleError("The python f5-sdk module is required")
@ -382,9 +392,12 @@ def main():
    try:
        mm = ModuleManager(client)
        results = mm.exec_module()
+        cleanup_tokens(client)
        client.module.exit_json(**results)
    except F5ModuleError as e:
+        cleanup_tokens(client)
        client.module.fail_json(msg=str(e))

+
 if __name__ == '__main__':
    main()
--- a/lib/ansible/modules/network/f5/bigip_device_ntp.py
+++ b/lib/ansible/modules/network/f5/bigip_device_ntp.py
@ -251,6 +251,16 @@ class ArgumentSpec(object):
        self.f5_product_name = 'bigip'


+def cleanup_tokens(client):
+    try:
+        resource = client.api.shared.authz.tokens_s.token.load(
+            name=client.api.icrs.token
+        )
+        resource.delete()
+    except Exception:
+        pass
+
+
 def main():
    if not HAS_F5SDK:
        raise F5ModuleError("The python f5-sdk module is required")
@ -267,9 +277,12 @@ def main():
    try:
        mm = ModuleManager(client)
        results = mm.exec_module()
+        cleanup_tokens(client)
        client.module.exit_json(**results)
    except F5ModuleError as e:
+        cleanup_tokens(client)
        client.module.fail_json(msg=str(e))

+
 if __name__ == '__main__':
    main()
--- a/lib/ansible/modules/network/f5/bigip_device_sshd.py
+++ b/lib/ansible/modules/network/f5/bigip_device_sshd.py
@ -217,7 +217,9 @@ class Parameters(AnsibleF5Parameters):
        if self._values['allow'] is None:
            return None
        allow = self._values['allow']
-        return list(set([str(x) for x in allow]))
+        result = list(set([str(x) for x in allow]))
+        result = sorted(result)
+        return result


 class ModuleManager(object):
@ -289,37 +291,22 @@ class ArgumentSpec(object):
        self.supports_check_mode = True
        self.argument_spec = dict(
            allow=dict(
-                required=False,
-                default=None,
                type='list'
            ),
            banner=dict(
-                required=False,
-                default=None,
                choices=self.choices
            ),
-            banner_text=dict(
-                required=False,
-                default=None
-            ),
+            banner_text=dict(),
            inactivity_timeout=dict(
-                required=False,
-                default=None,
                type='int'
            ),
            log_level=dict(
-                required=False,
-                default=None,
                choices=self.levels
            ),
            login=dict(
-                required=False,
-                default=None,
                choices=self.choices
            ),
            port=dict(
-                required=False,
-                default=None,
                type='int'
            ),
            state=dict(
@ -330,6 +317,16 @@ class ArgumentSpec(object):
        self.f5_product_name = 'bigip'


+def cleanup_tokens(client):
+    try:
+        resource = client.api.shared.authz.tokens_s.token.load(
+            name=client.api.icrs.token
+        )
+        resource.delete()
+    except Exception:
+        pass
+
+
 def main():
    if not HAS_F5SDK:
        raise F5ModuleError("The python f5-sdk module is required")
@ -345,9 +342,12 @@ def main():
    try:
        mm = ModuleManager(client)
        results = mm.exec_module()
+        cleanup_tokens(client)
        client.module.exit_json(**results)
    except F5ModuleError as e:
+        cleanup_tokens(client)
        client.module.fail_json(msg=str(e))

+
 if __name__ == '__main__':
    main()
--- a/lib/ansible/modules/network/f5/bigip_device_trust.py
+++ b/lib/ansible/modules/network/f5/bigip_device_trust.py
@ -297,8 +297,23 @@ class ArgumentSpec(object):
        self.f5_product_name = 'bigip'


-def main():
+def cleanup_tokens(client):
    try:
+        resource = client.api.shared.authz.tokens_s.token.load(
+            name=client.api.icrs.token
+        )
+        resource.delete()
+    except Exception:
+        pass
+
+
+def main():
+    if not HAS_F5SDK:
+        raise F5ModuleError("The python f5-sdk module is required")
+
+    if not HAS_NETADDR:
+        raise F5ModuleError("The python netaddr module is required")
+
    spec = ArgumentSpec()

    client = AnsibleF5Client(
@ -307,16 +322,13 @@ def main():
        f5_product_name=spec.f5_product_name
    )

-        if not HAS_F5SDK:
-            raise F5ModuleError("The python f5-sdk module is required")
-
-        if not HAS_NETADDR:
-            raise F5ModuleError("The python netaddr module is required")
-
+    try:
        mm = ModuleManager(client)
        results = mm.exec_module()
+        cleanup_tokens(client)
        client.module.exit_json(**results)
    except F5ModuleError as e:
+        cleanup_tokens(client)
        client.module.fail_json(msg=str(e))