adds new module to manage bigip devices on the BIGIQ (#53987)

This commit is contained in:
Wojciech Wypior 2019-03-19 23:15:43 +01:00 committed by Tim Rupp
parent 9a135fbcef
commit dcf833d31c
3 changed files with 1560 additions and 0 deletions

File diff suppressed because it is too large Load diff

View file

@ -0,0 +1,187 @@
{
"uuid": "4dd9f559-c1b9-4e05-8d17-2345a6a3d459",
"deviceUri": "https://10.144.74.229:443",
"machineId": "4dd9f559-c1b9-4e05-8d17-2345a6a3d459",
"state": "ACTIVE",
"address": "10.144.74.229",
"httpsPort": 443,
"hostname": "ansible_test_lab12.lab.local",
"version": "12.1.3",
"product": "BIG-IP",
"edition": "Final",
"build": "0.0.378",
"restFrameworkVersion": "12.1.3-0.0.378",
"managementAddress": "10.144.74.229",
"mcpDeviceName": "/Common/ansible_test_lab12.lab.local",
"trustDomainGuid": "44135337-f809-480d-ab6ffa163edc9ff6",
"properties": {
"cm:gui:module": [
"asmsecurity",
"adc",
"BigIPDevice",
"sharedsecurity"
],
"modules": [
"Web Application Security Group",
"Security"
],
"cm-bigip-allBigIpDevices": {
"cm:gui:module": [
"asmsecurity",
"adc",
"BigIPDevice",
"sharedsecurity"
],
"shared:resolver:device-groups:discoverer": "13446925-efb3-47f4-b32c-ed705d29e878",
"modules": [
"Web Application Security Group",
"Security"
]
},
"cm-asm-allDevices": {
"cm:gui:module": [],
"modules": []
},
"cm-bigip-allDevices": {
"shared:resolver:device-groups:discoverer": "13446925-efb3-47f4-b32c-ed705d29e878",
"cm:gui:module": [],
"modules": []
},
"cm-adccore-allDevices": {
"cm:gui:module": [],
"modules": []
},
"cm-security-shared-allSharedDevices": {
"discovered": true,
"imported": true,
"supportsAlpineDosDeviceConfig": true,
"supports_14_0_Enhs": false,
"supportsRest": true,
"supportsAlpineDosProfileEnhs": true,
"requiresDhcpProfileInDhcpVirtualServer": true,
"supportsAfmSubscribers": false,
"supportsAlpineEnhs": true,
"supports_13_0_Enhs": false,
"supportsFirewallRuleIdentifiers": false,
"supportsBadgerEnhs": true,
"supportsAlpineDosDeviceWhitelistIpProcotol": true,
"supportsSshProfile": true,
"supportsPortMisusePolicy": true,
"supportsAlpineLogProfileEnhs": true,
"supportsCascadeEnhs": true,
"supportUdpPortList": true,
"supports_13_1_Enhs": false,
"supportsIncrementalDiscovery": false,
"lastDiscoveredDateTime": "2019-02-12T13:53:06.541Z",
"lastUserDiscoveredDateTime": "2019-02-12T13:53:06.541Z",
"importedDateTime": "2019-02-12T13:53:24.885Z",
"discoveryStatus": "FINISHED",
"importStatus": "FINISHED",
"cm:gui:module": [
"sharedsecurity"
],
"modules": [
"Security"
]
},
"cm-adccore-allbigipDevices": {
"discovered": true,
"imported": true,
"supportsRest": true,
"requiresDhcpProfileInDhcpVirtualServer": true,
"supportsAlpineEnhs": true,
"supports_13_0_Enhs": false,
"supportsFirewallRuleIdentifiers": false,
"supportsBadgerEnhs": true,
"restrictsPortTranslationStatelessVirtual": true,
"supportsClassification": true,
"supports_13_1_Enhs": false,
"supportsIncrementalDiscovery": false,
"supports_12_1_2_Enhs": true,
"lastDiscoveredDateTime": "2019-02-12T13:53:03.963Z",
"lastUserDiscoveredDateTime": "2019-02-12T13:53:03.963Z",
"importedDateTime": "2019-02-12T13:53:18.975Z",
"discoveryStatus": "FINISHED",
"importStatus": "FINISHED",
"cm:gui:module": [
"adc"
],
"modules": []
},
"cm-security-shared-allDevices": {
"cm:gui:module": [],
"modules": []
},
"cm-asm-allAsmDevices": {
"discovered": true,
"imported": true,
"supportsHostNameEnforcementMode": false,
"supportsRest": true,
"supportsServerTechnologies": false,
"supportsCpb": false,
"supportsUrlCascadeFeatures": true,
"supportsSessionTrackingAllLoginPagesUsernameSource": true,
"supportsLoginEnforcementCascadeFeatures": true,
"suppportsXmlValidationFiles": true,
"supportsExtractions": true,
"supportsWebSocketSecurity": true,
"supportsWhitelistIpBlockRequestAlways": false,
"supportsSessionTrackingSessionHijackingByDeviceId": true,
"supportsLoginPagesHeaderOmits": false,
"supportsBruteForceAttackPreventionsCascadeFeatures": true,
"supportsPlainTextProfile": true,
"supportsIncrementalDiscovery": false,
"supportsRedirectionProtection": true,
"supportsHeaderSignaturesOverride": false,
"supportsIpIntelligence": true,
"supports_13_0_Enhs": false,
"supportsFirewallRuleIdentifiers": false,
"supportsSessionTrackingDeviceIdThresholds": true,
"supportsLoginEnforcement": true,
"supportsCsrfProtection": true,
"supportsSessionTracking": true,
"supportsJsonProfiles": true,
"supportsBruteForceAttackPreventions": true,
"supportsWebScraping": true,
"supportsLoginPagesCascadeFeatures": true,
"supportsGwtProfiles": true,
"supportsXmlProfiles": true,
"supportsAsmDisallowedGeolocation": true,
"supportsCsrfUrls": false,
"supportsDataProtection": false,
"supportsLoginPages": true,
"supportsBruteForceAttackPreventionsBadgerFeatures": true,
"supportsUrlSignaturesOverride": false,
"signatureAutoUpdateState": true,
"signatureFileVersion": 1.450112674E12,
"signatureFilename": "Attack Signature Database packaged with version 12.1.3",
"lastDiscoveredDateTime": "2019-02-12T13:53:09.188Z",
"lastUserDiscoveredDateTime": "2019-02-12T13:53:09.188Z",
"importedDateTime": "2019-02-12T13:53:29.730Z",
"discoveryStatus": "FINISHED",
"importStatus": "FINISHED",
"cm:gui:module": [
"asmsecurity"
],
"modules": [
"Web Application Security Group"
]
}
},
"isClustered": false,
"isVirtual": true,
"isLicenseExpired": false,
"slots": [
{
"volume": "HD1.1",
"product": "BIG-IP",
"version": "12.1.3",
"build": "0.0.378",
"isActive": true
}
],
"generation": 4,
"lastUpdateMicros": 1549979318078796,
"kind": "shared:resolver:device-groups:restdeviceresolverdevicestate",
"selfLink": "https://localhost/mgmt/cm/system/machineid-resolver/4dd9f559-c1b9-4e05-8d17-2345a6a3d459"
}

View file

@ -0,0 +1,134 @@
# -*- coding: utf-8 -*-
#
# Copyright: (c) 2019, F5 Networks Inc.
# GNU General Public License v3.0 (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
import os
import json
import pytest
import sys
if sys.version_info < (2, 7):
pytestmark = pytest.mark.skip("F5 Ansible modules require Python >= 2.7")
from ansible.module_utils.basic import AnsibleModule
try:
from library.modules.bigiq_device_discovery import ApiParameters
from library.modules.bigiq_device_discovery import ModuleParameters
from library.modules.bigiq_device_discovery import ModuleManager
from library.modules.bigiq_device_discovery import ArgumentSpec
# In Ansible 2.8, Ansible changed import paths.
from test.units.compat import unittest
from test.units.compat.mock import Mock
from test.units.compat.mock import patch
from test.units.modules.utils import set_module_args
except ImportError:
from ansible.modules.network.f5.bigiq_device_discovery import ApiParameters
from ansible.modules.network.f5.bigiq_device_discovery import ModuleParameters
from ansible.modules.network.f5.bigiq_device_discovery import ModuleManager
from ansible.modules.network.f5.bigiq_device_discovery import ArgumentSpec
# Ansible 2.8 imports
from units.compat import unittest
from units.compat.mock import Mock
from units.compat.mock import patch
from units.modules.utils import set_module_args
fixture_path = os.path.join(os.path.dirname(__file__), 'fixtures')
fixture_data = {}
def load_fixture(name):
path = os.path.join(fixture_path, name)
if path in fixture_data:
return fixture_data[path]
with open(path) as f:
data = f.read()
try:
data = json.loads(data)
except Exception:
pass
fixture_data[path] = data
return data
class TestParameters(unittest.TestCase):
def test_module_parameters(self):
args = dict(
device_address='192.168.1.1',
device_username='admin',
device_password='admin',
device_port=10443,
ha_name='bazfoo',
use_bigiq_sync='yes',
modules=['asm', 'ltm', 'security_shared']
)
p = ModuleParameters(params=args)
assert p.device_address == '192.168.1.1'
assert p.device_username == 'admin'
assert p.device_password == 'admin'
assert p.device_port == 10443
assert p.ha_name == 'bazfoo'
assert p.use_bigiq_sync is True
assert p.modules == ['asm', 'adc_core', 'security_shared']
def test_api_parameters(self):
args = load_fixture('load_machine_resolver.json')
p = ApiParameters(params=args)
assert sorted(p.modules) == sorted(['asm', 'adc_core', 'security_shared'])
class TestManager(unittest.TestCase):
def setUp(self):
self.spec = ArgumentSpec()
self.patcher1 = patch('time.sleep')
self.patcher1.start()
def tearDown(self):
self.patcher1.stop()
def test_create(self, *args):
set_module_args(dict(
device_address='192.168.1.1',
device_username='admin',
device_password='admin',
modules=['asm', 'ltm', 'security_shared'],
provider=dict(
password='password',
server='localhost',
user='admin'
)
))
module = AnsibleModule(
argument_spec=self.spec.argument_spec,
supports_check_mode=self.spec.supports_check_mode,
required_if=self.spec.required_if
)
mm = ModuleManager(module=module)
# Override methods to force specific logic in the module to happen
mm.exists = Mock(side_effect=[False, True])
mm.set_trust_with_device = Mock(return_value=True)
mm.discover_on_device = Mock(return_value=True)
mm.import_modules_on_device = Mock(return_value=True)
mm.check_bigiq_version = Mock(return_value=True)
results = mm.exec_module()
assert results['changed'] is True