diff --git a/lib/ansible/modules/network/f5/bigip_node.py b/lib/ansible/modules/network/f5/bigip_node.py index 7255227f3d..a83c8ffc1a 100644 --- a/lib/ansible/modules/network/f5/bigip_node.py +++ b/lib/ansible/modules/network/f5/bigip_node.py @@ -34,16 +34,18 @@ options: cannot be resolved. These situations disable your ability to change their C(state) to C(disabled) or C(offline). They will remain in an *Unavailable - Enabled* state. - default: present + type: str choices: - present - absent - enabled - disabled - offline + default: present name: description: - Specifies the name of the node. + type: str required: True monitor_type: description: @@ -55,21 +57,28 @@ options: or it has a list of one. Where they differ is in the extra guards that C(single) provides; namely that it only allows a single monitor. version_added: "1.3" - choices: ['and_list', 'm_of_n', 'single'] + type: str + choices: + - and_list + - m_of_n + - single quorum: description: - Monitor quorum value when C(monitor_type) is C(m_of_n). + type: int version_added: 2.2 monitors: description: - Specifies the health monitors that the system currently uses to monitor this node. + type: list version_added: 2.2 address: description: - IP address of the node. This can be either IPv4 or IPv6. When creating a new node, one of either C(address) or C(fqdn) must be provided. This parameter cannot be updated after it is set. + type: str aliases: - ip - host @@ -84,6 +93,7 @@ options: - FQDN names must end with a letter or a number. - When creating a new node, one of either C(address) or C(fqdn) must be provided. This parameter cannot be updated after it is set. + type: str aliases: - hostname version_added: 2.5 @@ -93,6 +103,7 @@ options: - When creating a new node, if this parameter is not specified and C(fqdn) is specified, this parameter will default to C(ipv4). - This parameter cannot be changed after it has been set. + type: str choices: - ipv4 - ipv6 @@ -124,6 +135,7 @@ options: the FQDN. The default TTL interval is akin to specifying C(3600). - When creating a new node, if this parameter is not specified and C(fqdn) is specified, this parameter will default to C(3600). + type: str version_added: 2.6 fqdn_down_interval: description: @@ -131,31 +143,37 @@ options: The associated monitor continues polling as long as the DNS server is down. - When creating a new node, if this parameter is not specified and C(fqdn) is specified, this parameter will default to C(5). + type: int version_added: 2.6 description: description: - Specifies descriptive text that identifies the node. - You can remove a description by either specifying an empty string, or by specifying the special value C(none). + type: str connection_limit: description: - Node connection limit. Setting this to 0 disables the limit. + type: int version_added: 2.7 rate_limit: description: - Node rate limit (connections-per-second). Setting this to 0 disables the limit. + type: int version_added: 2.7 ratio: description: - Node ratio weight. Valid values range from 1 through 100. - When creating a new node, if this parameter is not specified, the default of C(1) will be used. + type: int version_added: 2.7 dynamic_ratio: description: - The dynamic ratio number for the node. Used for dynamic ratio load balancing. - When creating a new node, if this parameter is not specified, the default of C(1) will be used. + type: int version_added: 2.7 availability_requirements: description: @@ -168,17 +186,22 @@ options: - Monitor rule type when C(monitors) is specified. - When creating a new pool, if this value is not specified, the default of 'all' will be used. - choices: ['all', 'at_least'] + choices: + - all + - at_least at_least: description: - Specifies the minimum number of active health monitors that must be successful before the link is considered up. - This parameter is only relevant when a C(type) of C(at_least) is used. - This parameter will be ignored if a type of C(all) is used. + type: int + type: dict version_added: 2.8 partition: description: - Device partition to manage resources on. + type: str default: Common version_added: 2.5 extends_documentation_fragment: f5 @@ -765,11 +788,10 @@ class Difference(object): class ModuleManager(object): def __init__(self, *args, **kwargs): self.module = kwargs.get('module', None) - self.client = kwargs.get('client', None) + self.client = F5RestClient(**self.module.params) self.have = None self.want = ModuleParameters(params=self.module.params) self.changes = UsableChanges() - self.client = F5RestClient(**self.module.params) def _set_changed_options(self): changed = {} @@ -1157,6 +1179,7 @@ def main(): module = AnsibleModule( argument_spec=spec.argument_spec, supports_check_mode=spec.supports_check_mode, + mutually_exclusive=spec.mutually_exclusive ) try: diff --git a/lib/ansible/modules/network/f5/bigip_partition.py b/lib/ansible/modules/network/f5/bigip_partition.py index bf11f849ea..6a8caa0cf5 100644 --- a/lib/ansible/modules/network/f5/bigip_partition.py +++ b/lib/ansible/modules/network/f5/bigip_partition.py @@ -23,22 +23,26 @@ options: name: description: - Name of the partition + type: str required: True description: description: - The description to attach to the Partition. + type: str route_domain: description: - The default Route Domain to assign to the Partition. If no route domain is specified, then the default route domain for the system (typically zero) will be used only when creating a new partition. + type: int state: description: - Whether the partition should exist or not. - default: present + type: str choices: - present - absent + default: present notes: - Requires BIG-IP software version >= 12 extends_documentation_fragment: f5 @@ -118,18 +122,12 @@ try: from library.module_utils.network.f5.common import F5ModuleError from library.module_utils.network.f5.common import AnsibleF5Parameters from library.module_utils.network.f5.common import f5_argument_spec - from library.module_utils.network.f5.common import cleanup_tokens - from library.module_utils.network.f5.common import exit_json - from library.module_utils.network.f5.common import fail_json from library.module_utils.network.f5.compare import cmp_str_with_none except ImportError: from ansible.module_utils.network.f5.bigip import F5RestClient from ansible.module_utils.network.f5.common import F5ModuleError from ansible.module_utils.network.f5.common import AnsibleF5Parameters from ansible.module_utils.network.f5.common import f5_argument_spec - from ansible.module_utils.network.f5.common import cleanup_tokens - from ansible.module_utils.network.f5.common import exit_json - from ansible.module_utils.network.f5.common import fail_json from ansible.module_utils.network.f5.compare import cmp_str_with_none @@ -238,7 +236,7 @@ class Difference(object): class ModuleManager(object): def __init__(self, *args, **kwargs): self.module = kwargs.get('module', None) - self.client = kwargs.get('client', None) + self.client = F5RestClient(**self.module.params) self.want = ModuleParameters(params=self.module.params) self.have = ApiParameters() self.changes = UsableChanges() @@ -486,16 +484,12 @@ def main(): supports_check_mode=spec.supports_check_mode ) - client = F5RestClient(**module.params) - try: - mm = ModuleManager(module=module, client=client) + mm = ModuleManager(module=module) results = mm.exec_module() - cleanup_tokens(client) - exit_json(module, results, client) + module.exit_json(**results) except F5ModuleError as ex: - cleanup_tokens(client) - fail_json(module, ex, client) + module.fail_json(msg=str(ex)) if __name__ == '__main__': diff --git a/lib/ansible/modules/network/f5/bigip_password_policy.py b/lib/ansible/modules/network/f5/bigip_password_policy.py index 49c3dfd87e..d291fad17a 100644 --- a/lib/ansible/modules/network/f5/bigip_password_policy.py +++ b/lib/ansible/modules/network/f5/bigip_password_policy.py @@ -25,21 +25,26 @@ options: - Specifies the number of days before a password expires. - Based on this value, the BIG-IP system automatically warns users when their password is about to expire. + type: int max_duration: description: - Specifies the maximum number of days a password is valid. + type: int max_login_failures: description: - Specifies the number of consecutive unsuccessful login attempts that the system allows before locking out the user. - Specify zero (0) to disable this parameter. + type: int min_duration: description: - Specifies the minimum number of days a password is valid. + type: int min_length: description: - Specifies the minimum number of characters in a valid password. - This value must be between 6 and 255. + type: int policy_enforcement: description: - Enables or disables the password policy on the BIG-IP system. @@ -48,23 +53,28 @@ options: description: - Specifies the number of lowercase alpha characters that must be present in a password for the password to be valid. + type: int required_numeric: description: - Specifies the number of numeric characters that must be present in a password for the password to be valid. + type: int required_special: description: - Specifies the number of special characters that must be present in a password for the password to be valid. + type: int required_uppercase: description: - Specifies the number of uppercase alpha characters that must be present in a password for the password to be valid. + type: int password_memory: description: - Specifies whether the user has configured the BIG-IP system to remember a password on a specific computer and how many passwords to remember. + type: int extends_documentation_fragment: f5 author: - Tim Rupp (@caphrim007) @@ -145,23 +155,17 @@ try: from library.module_utils.network.f5.bigip import F5RestClient from library.module_utils.network.f5.common import F5ModuleError from library.module_utils.network.f5.common import AnsibleF5Parameters - from library.module_utils.network.f5.common import cleanup_tokens from library.module_utils.network.f5.common import fq_name from library.module_utils.network.f5.common import transform_name from library.module_utils.network.f5.common import f5_argument_spec - from library.module_utils.network.f5.common import exit_json - from library.module_utils.network.f5.common import fail_json from library.module_utils.network.f5.common import flatten_boolean except ImportError: from ansible.module_utils.network.f5.bigip import F5RestClient from ansible.module_utils.network.f5.common import F5ModuleError from ansible.module_utils.network.f5.common import AnsibleF5Parameters - from ansible.module_utils.network.f5.common import cleanup_tokens from ansible.module_utils.network.f5.common import fq_name from ansible.module_utils.network.f5.common import transform_name from ansible.module_utils.network.f5.common import f5_argument_spec - from ansible.module_utils.network.f5.common import exit_json - from ansible.module_utils.network.f5.common import fail_json from ansible.module_utils.network.f5.common import flatten_boolean @@ -288,7 +292,7 @@ class Difference(object): class ModuleManager(object): def __init__(self, *args, **kwargs): self.module = kwargs.get('module', None) - self.client = kwargs.get('client', None) + self.client = F5RestClient(**self.module.params) self.want = ModuleParameters(params=self.module.params) self.have = ApiParameters() self.changes = UsableChanges() @@ -423,16 +427,12 @@ def main(): supports_check_mode=spec.supports_check_mode, ) - client = F5RestClient(**module.params) - try: - mm = ModuleManager(module=module, client=client) + mm = ModuleManager(module=module) results = mm.exec_module() - cleanup_tokens(client) - exit_json(module, results, client) + module.exit_json(**results) except F5ModuleError as ex: - cleanup_tokens(client) - fail_json(module, ex, client) + module.fail_json(msg=str(ex)) if __name__ == '__main__': diff --git a/lib/ansible/modules/network/f5/bigip_policy.py b/lib/ansible/modules/network/f5/bigip_policy.py index 61ae7abef7..ea82ed8483 100644 --- a/lib/ansible/modules/network/f5/bigip_policy.py +++ b/lib/ansible/modules/network/f5/bigip_policy.py @@ -30,9 +30,11 @@ options: - The description to attach to the policy. - This parameter is only supported on versions of BIG-IP >= 12.1.0. On earlier versions it will simply be ignored. + type: str name: description: - The name of the policy to create. + type: str required: True state: description: @@ -43,6 +45,7 @@ options: When modifying rules, it is required that policies first be in a draft. - Drafting is only supported on versions of BIG-IP >= 12.1.0. On versions prior to that, specifying a C(state) of C(draft) will raise an error. + type: str choices: - present - absent @@ -55,6 +58,7 @@ options: policies, the default is C(first). - This module does not allow you to specify the C(best) strategy to use. It will choose the system default (C(/Common/best-match)) for you instead. + type: str choices: - first - all @@ -69,9 +73,11 @@ options: - The C(actions) for a default rule are C(ignore). - The C(bigip_policy_rule) module can be used to create and edit existing and new rules. + type: list partition: description: - Device partition to manage resources on. + type: str default: Common extends_documentation_fragment: f5 author: @@ -197,23 +203,17 @@ try: from library.module_utils.network.f5.bigip import F5RestClient from library.module_utils.network.f5.common import F5ModuleError from library.module_utils.network.f5.common import AnsibleF5Parameters - from library.module_utils.network.f5.common import cleanup_tokens from library.module_utils.network.f5.common import fq_name from library.module_utils.network.f5.common import f5_argument_spec from library.module_utils.network.f5.common import transform_name - from library.module_utils.network.f5.common import exit_json - from library.module_utils.network.f5.common import fail_json from library.module_utils.network.f5.icontrol import tmos_version except ImportError: from ansible.module_utils.network.f5.bigip import F5RestClient from ansible.module_utils.network.f5.common import F5ModuleError from ansible.module_utils.network.f5.common import AnsibleF5Parameters - from ansible.module_utils.network.f5.common import cleanup_tokens from ansible.module_utils.network.f5.common import fq_name from ansible.module_utils.network.f5.common import f5_argument_spec from ansible.module_utils.network.f5.common import transform_name - from ansible.module_utils.network.f5.common import exit_json - from ansible.module_utils.network.f5.common import fail_json from ansible.module_utils.network.f5.icontrol import tmos_version @@ -343,7 +343,7 @@ class ComplexChanges(ComplexParameters): class BaseManager(object): def __init__(self, *args, **kwargs): self.module = kwargs.get('module', None) - self.client = kwargs.get('client', None) + self.client = F5RestClient(**self.module.params) self.have = None self.want = Parameters(params=self.module.params) @@ -1058,7 +1058,7 @@ class Difference(object): class ModuleManager(object): def __init__(self, *args, **kwargs): self.module = kwargs.get('module', None) - self.client = kwargs.get('client', None) + self.client = F5RestClient(**self.module.params) self.kwargs = kwargs def exec_module(self): @@ -1116,16 +1116,12 @@ def main(): supports_check_mode=spec.supports_check_mode ) - client = F5RestClient(**module.params) - try: - mm = ModuleManager(module=module, client=client) + mm = ModuleManager(module=module) results = mm.exec_module() - cleanup_tokens(client) - exit_json(module, results, client) + module.exit_json(**results) except F5ModuleError as ex: - cleanup_tokens(client) - fail_json(module, ex, client) + module.fail_json(msg=str(ex)) if __name__ == '__main__': diff --git a/lib/ansible/modules/network/f5/bigip_policy_rule.py b/lib/ansible/modules/network/f5/bigip_policy_rule.py index 5080961d81..4c696cbf05 100644 --- a/lib/ansible/modules/network/f5/bigip_policy_rule.py +++ b/lib/ansible/modules/network/f5/bigip_policy_rule.py @@ -23,6 +23,7 @@ options: description: description: - Description of the policy rule. + type: str actions: description: - The actions that you want the policy rule to perform. @@ -41,31 +42,43 @@ options: - When C(type) is C(ignore), will remove all existing actions from this rule. - When C(type) is C(redirect), will redirect an HTTP request to a different URL. + type: str required: true - choices: ['forward', 'enable', 'ignore', 'redirect'] + choices: + - forward + - enable + - ignore + - redirect pool: description: - Pool that you want to forward traffic to. - This parameter is only valid with the C(forward) type. + type: str virtual: description: - Virtual Server that you want to forward traffic to. - This parameter is only valid with the C(forward) type. + type: str asm_policy: description: - ASM policy to enable. - This parameter is only valid with the C(enable) type. + type: str location: description: - The new URL for which a redirect response will be sent. - A Tcl command substitution can be used for this field. + type: str + type: list policy: description: - The name of the policy that you want to associate this rule with. + type: str required: True name: description: - The name of the rule. + type: str required: True conditions: description: @@ -86,32 +99,42 @@ options: list will provide a match. - When C(type) is C(all_traffic), will remove all existing conditions from this rule. + type: str required: True - choices: [ 'http_uri', 'all_traffic', 'http_host' ] + choices: + - http_uri + - all_traffic + - http_host path_begins_with_any: description: - A list of strings of characters that the HTTP URI should start with. - This parameter is only valid with the C(http_uri) type. + type: str host_is_any: description: - A list of strings of characters that the HTTP Host should match. - This parameter is only valid with the C(http_host) type. + type: str host_begins_with_any: description: - A list of strings of characters that the HTTP Host should start with. - This parameter is only valid with the C(http_host) type. + type: str + type: list state: description: - When C(present), ensures that the key is uploaded to the device. When C(absent), ensures that the key is removed from the device. If the key is currently in use, the module will not be able to remove the key. - default: present + type: str choices: - present - absent + default: present partition: description: - Device partition to manage resources on. + type: str default: Common extends_documentation_fragment: f5 requirements: @@ -238,22 +261,16 @@ try: from library.module_utils.network.f5.bigip import F5RestClient from library.module_utils.network.f5.common import F5ModuleError from library.module_utils.network.f5.common import AnsibleF5Parameters - from library.module_utils.network.f5.common import cleanup_tokens from library.module_utils.network.f5.common import fq_name from library.module_utils.network.f5.common import f5_argument_spec from library.module_utils.network.f5.common import transform_name - from library.module_utils.network.f5.common import exit_json - from library.module_utils.network.f5.common import fail_json except ImportError: from ansible.module_utils.network.f5.bigip import F5RestClient from ansible.module_utils.network.f5.common import F5ModuleError from ansible.module_utils.network.f5.common import AnsibleF5Parameters - from ansible.module_utils.network.f5.common import cleanup_tokens from ansible.module_utils.network.f5.common import fq_name from ansible.module_utils.network.f5.common import f5_argument_spec from ansible.module_utils.network.f5.common import transform_name - from ansible.module_utils.network.f5.common import exit_json - from ansible.module_utils.network.f5.common import fail_json class Parameters(AnsibleF5Parameters): @@ -694,7 +711,7 @@ class Difference(object): class ModuleManager(object): def __init__(self, *args, **kwargs): self.module = kwargs.get('module', None) - self.client = kwargs.get('client', None) + self.client = F5RestClient(**self.module.params) self.want = ModuleParameters(params=self.module.params) self.have = ApiParameters() self.changes = UsableChanges() @@ -1039,16 +1056,12 @@ def main(): supports_check_mode=spec.supports_check_mode ) - client = F5RestClient(**module.params) - try: - mm = ModuleManager(module=module, client=client) + mm = ModuleManager(module=module) results = mm.exec_module() - cleanup_tokens(client) - exit_json(module, results, client) + module.exit_json(**results) except F5ModuleError as ex: - cleanup_tokens(client) - fail_json(module, ex, client) + module.fail_json(msg=str(ex)) if __name__ == '__main__': diff --git a/lib/ansible/modules/network/f5/bigip_pool.py b/lib/ansible/modules/network/f5/bigip_pool.py index 105a2a55c0..55033198f3 100644 --- a/lib/ansible/modules/network/f5/bigip_pool.py +++ b/lib/ansible/modules/network/f5/bigip_pool.py @@ -23,10 +23,12 @@ options: description: description: - Specifies descriptive text that identifies the pool. + type: str version_added: 2.3 name: description: - Pool name + type: str required: True aliases: - pool @@ -34,6 +36,7 @@ options: description: - Load balancing method. When creating a new pool, if this value is not specified, the default of C(round-robin) will be used. + type: str version_added: 1.3 choices: - dynamic-ratio-member @@ -69,40 +72,50 @@ options: or already existing on the device. - Both C(single) and C(and_list) are functionally identical since BIG-IP considers all monitors as "a list". + type: str + choices: + - and_list + - m_of_n + - single version_added: 1.3 - choices: ['and_list', 'm_of_n', 'single'] quorum: description: - Monitor quorum value when C(monitor_type) is C(m_of_n). - Quorum must be a value of 1 or greater when C(monitor_type) is C(m_of_n). + type: int version_added: 1.3 monitors: description: - Monitor template name list. If the partition is not provided as part of the monitor name, then the C(partition) option will be used instead. + type: list version_added: 1.3 slow_ramp_time: description: - Sets the ramp-up time (in seconds) to gradually ramp up the load on newly added or freshly detected up pool members. + type: int version_added: 1.3 reselect_tries: description: - Sets the number of times the system tries to contact a pool member after a passive failure. + type: int version_added: 2.2 service_down_action: description: - Sets the action to take when node goes down in pool. - version_added: 1.3 + type: str choices: - none - reset - drop - reselect + version_added: 1.3 partition: description: - Device partition to manage resources on. + type: str default: Common version_added: 2.5 state: @@ -110,10 +123,11 @@ options: - When C(present), guarantees that the pool exists with the provided attributes. - When C(absent), removes the pool from the system. - default: present + type: str choices: - absent - present + default: present version_added: 2.5 metadata: description: @@ -123,6 +137,7 @@ options: - Values for all of the keys will be stored as strings; this includes values that are numbers. - Data will be persisted, not ephemeral. + type: raw version_added: 2.5 priority_group_activation: description: @@ -140,12 +155,14 @@ options: priority group. - When a sufficient number of members become available in the higher priority group, the system again directs traffic to the higher priority group. + type: int aliases: - minimum_active_members version_added: 2.6 aggregate: description: - List of pool definitions to be created, modified or removed. + type: list aliases: - pools version_added: 2.8 @@ -154,8 +171,8 @@ options: - Remove pools not defined in the C(aggregate) parameter. - This operation is all or none, meaning that it will stop if there are some pools that cannot be removed. - default: no type: bool + default: no aliases: - purge version_added: 2.8 @@ -395,24 +412,18 @@ try: from library.module_utils.network.f5.bigip import F5RestClient from library.module_utils.network.f5.common import F5ModuleError from library.module_utils.network.f5.common import AnsibleF5Parameters - from library.module_utils.network.f5.common import cleanup_tokens from library.module_utils.network.f5.common import fq_name from library.module_utils.network.f5.common import f5_argument_spec from library.module_utils.network.f5.common import transform_name - from library.module_utils.network.f5.common import exit_json - from library.module_utils.network.f5.common import fail_json from library.module_utils.network.f5.compare import cmp_str_with_none from library.module_utils.network.f5.icontrol import TransactionContextManager except ImportError: from ansible.module_utils.network.f5.bigip import F5RestClient from ansible.module_utils.network.f5.common import F5ModuleError from ansible.module_utils.network.f5.common import AnsibleF5Parameters - from ansible.module_utils.network.f5.common import cleanup_tokens from ansible.module_utils.network.f5.common import fq_name from ansible.module_utils.network.f5.common import f5_argument_spec from ansible.module_utils.network.f5.common import transform_name - from ansible.module_utils.network.f5.common import exit_json - from ansible.module_utils.network.f5.common import fail_json from ansible.module_utils.network.f5.compare import cmp_str_with_none from ansible.module_utils.network.f5.icontrol import TransactionContextManager @@ -799,7 +810,7 @@ class Difference(object): class ModuleManager(object): def __init__(self, *args, **kwargs): self.module = kwargs.get('module', None) - self.client = kwargs.get('client', None) + self.client = F5RestClient(**self.module.params) self.want = None self.have = None self.changes = None @@ -1248,16 +1259,12 @@ def main(): required_one_of=spec.required_one_of ) - client = F5RestClient(**module.params) - try: - mm = ModuleManager(module=module, client=client) + mm = ModuleManager(module=module) results = mm.exec_module() - cleanup_tokens(client) - exit_json(module, results, client) + module.exit_json(**results) except F5ModuleError as ex: - cleanup_tokens(client) - fail_json(module, ex, client) + module.fail_json(msg=str(ex)) if __name__ == '__main__': diff --git a/lib/ansible/modules/network/f5/bigip_pool_member.py b/lib/ansible/modules/network/f5/bigip_pool_member.py index 9a9b60b476..24a9b99604 100644 --- a/lib/ansible/modules/network/f5/bigip_pool_member.py +++ b/lib/ansible/modules/network/f5/bigip_pool_member.py @@ -27,31 +27,36 @@ options: - This parameter is optional and, if not specified, a node name will be created automatically from either the specified C(address) or C(fqdn). - The C(enabled) state is an alias of C(present). + type: str version_added: 2.6 state: description: - Pool member state. + type: str required: True - default: present choices: - present - absent - enabled - disabled - forced_offline + default: present pool: description: - Pool name. This pool must exist. + type: str required: True partition: description: - - Partition + - Partition to manage resources on. + type: str default: Common address: description: - IP address of the pool member. This can be either IPv4 or IPv6. When creating a new pool member, one of either C(address) or C(fqdn) must be provided. This parameter cannot be updated after it is set. + type: str aliases: - ip - host @@ -66,6 +71,7 @@ options: - FQDN names must end with a letter or a number. - When creating a new pool member, one of either C(address) or C(fqdn) must be provided. This parameter cannot be updated after it is set. + type: str aliases: - hostname version_added: 2.6 @@ -73,22 +79,27 @@ options: description: - Pool member port. - This value cannot be changed after it has been set. + type: int required: True connection_limit: description: - Pool member connection limit. Setting this to 0 disables the limit. + type: int description: description: - Pool member description. + type: str rate_limit: description: - Pool member rate limit (connections-per-second). Setting this to 0 disables the limit. + type: int ratio: description: - Pool member ratio weight. Valid values range from 1 through 100. New pool members -- unless overridden with this value -- default to 1. + type: int preserve_node: description: - When state is C(absent) attempts to remove the node that the pool @@ -108,6 +119,7 @@ options: assigned to the pool member. - The higher the number, the higher the priority, so a member with a priority of 3 has higher priority than a member with a priority of 1. + type: int version_added: 2.5 fqdn_auto_populate: description: @@ -128,13 +140,14 @@ options: reuse_nodes: description: - Reuses node definitions if requested. - default: yes type: bool + default: yes version_added: 2.6 monitors: description: - Specifies the health monitors that the system currently uses to monitor this resource. + type: list version_added: 2.8 availability_requirements: description: @@ -147,13 +160,18 @@ options: - Monitor rule type when C(monitors) is specified. - When creating a new pool, if this value is not specified, the default of 'all' will be used. - choices: ['all', 'at_least'] + type: str + choices: + - all + - at_least at_least: description: - Specifies the minimum number of active health monitors that must be successful before the link is considered up. - This parameter is only relevant when a C(type) of C(at_least) is used. - This parameter will be ignored if a type of C(all) is used. + type: int + type: dict version_added: 2.8 ip_encapsulation: description: @@ -163,10 +181,12 @@ options: - When C(none), disables IP encapsulation. - When C(inherit), inherits IP encapsulation setting from the member's pool. - When any other value, Options are None, Inherit from Pool, and Member Specific. + type: str version_added: 2.8 aggregate: description: - List of pool member definitions to be created, modified or removed. + type: list aliases: - members version_added: 2.8 @@ -175,8 +195,8 @@ options: - Remove members not defined in the C(aggregate) parameter. - This operation is all or none, meaning that it will stop if there are some pool members that cannot be removed. - default: no type: bool + default: no aliases: - purge version_added: 2.8 @@ -257,16 +277,16 @@ EXAMPLES = ''' password: secret delegate_to: localhost loop: - - host: 1.1.1.1 + - address: 1.1.1.1 name: web1 priority_group: 4 - - host: 2.2.2.2 + - address: 2.2.2.2 name: web2 priority_group: 3 - - host: 3.3.3.3 + - address: 3.3.3.3 name: web3 priority_group: 2 - - host: 4.4.4.4 + - address: 4.4.4.4 name: web4 priority_group: 1 @@ -403,10 +423,7 @@ try: from library.module_utils.network.f5.common import F5ModuleError from library.module_utils.network.f5.common import AnsibleF5Parameters from library.module_utils.network.f5.common import fq_name - from library.module_utils.network.f5.common import cleanup_tokens from library.module_utils.network.f5.common import transform_name - from library.module_utils.network.f5.common import exit_json - from library.module_utils.network.f5.common import fail_json from library.module_utils.network.f5.common import f5_argument_spec from library.module_utils.network.f5.common import is_valid_hostname from library.module_utils.network.f5.common import flatten_boolean @@ -419,13 +436,9 @@ except ImportError: from ansible.module_utils.network.f5.common import F5ModuleError from ansible.module_utils.network.f5.common import AnsibleF5Parameters from ansible.module_utils.network.f5.common import fq_name - from ansible.module_utils.network.f5.common import cleanup_tokens from ansible.module_utils.network.f5.common import transform_name - from ansible.module_utils.network.f5.common import exit_json - from ansible.module_utils.network.f5.common import fail_json from ansible.module_utils.network.f5.common import f5_argument_spec from ansible.module_utils.network.f5.common import is_valid_hostname - from ansible.module_utils.network.f5.common import f5_argument_spec from ansible.module_utils.network.f5.common import flatten_boolean from ansible.module_utils.network.f5.compare import cmp_str_with_none from ansible.module_utils.network.f5.ipaddress import is_valid_ip @@ -990,7 +1003,7 @@ class Difference(object): class ModuleManager(object): def __init__(self, *args, **kwargs): self.module = kwargs.get('module', None) - self.client = kwargs.get('client', None) + self.client = F5RestClient(**self.module.params) self.want = None self.have = None self.changes = None @@ -1618,16 +1631,12 @@ def main(): required_one_of=spec.required_one_of, ) - client = F5RestClient(**module.params) - try: - mm = ModuleManager(module=module, client=client) + mm = ModuleManager(module=module) results = mm.exec_module() - cleanup_tokens(client) - exit_json(module, results, client) + module.exit_json(**results) except F5ModuleError as ex: - cleanup_tokens(client) - fail_json(module, ex, client) + module.fail_json(msg=str(ex)) if __name__ == '__main__': diff --git a/lib/ansible/modules/network/f5/bigip_profile_analytics.py b/lib/ansible/modules/network/f5/bigip_profile_analytics.py index a7e6fb843d..3b8f9f1c3e 100644 --- a/lib/ansible/modules/network/f5/bigip_profile_analytics.py +++ b/lib/ansible/modules/network/f5/bigip_profile_analytics.py @@ -23,15 +23,18 @@ options: name: description: - Specifies the name of the profile. + type: str required: True parent: description: - Specifies the profile from which this profile inherits settings. - When creating a new profile, if this parameter is not specified, the default is the system-supplied C(analytics) profile. + type: str description: description: - Description of the profile. + type: str collect_geo: description: - Enables or disables the collection of the names of the countries @@ -77,6 +80,7 @@ options: description: - Specifies the external logging publisher used to send statistical data to one or more destinations. + type: str notification_by_syslog: description: - Enables or disables logging of the analytics alerts into the @@ -90,18 +94,21 @@ options: description: - Specifies which email addresses receive alerts by email when C(notification_by_email) is enabled. + type: list partition: description: - Device partition to manage resources on. + type: str default: Common state: description: - When C(present), ensures that the profile exists. - When C(absent), ensures the profile is removed. - default: present + type: str choices: - present - absent + default: present extends_documentation_fragment: f5 author: - Tim Rupp (@caphrim007) @@ -138,24 +145,18 @@ try: from library.module_utils.network.f5.bigip import F5RestClient from library.module_utils.network.f5.common import F5ModuleError from library.module_utils.network.f5.common import AnsibleF5Parameters - from library.module_utils.network.f5.common import cleanup_tokens from library.module_utils.network.f5.common import fq_name from library.module_utils.network.f5.common import transform_name from library.module_utils.network.f5.common import f5_argument_spec - from library.module_utils.network.f5.common import exit_json - from library.module_utils.network.f5.common import fail_json from library.module_utils.network.f5.common import flatten_boolean from library.module_utils.network.f5.compare import cmp_simple_list except ImportError: from ansible.module_utils.network.f5.bigip import F5RestClient from ansible.module_utils.network.f5.common import F5ModuleError from ansible.module_utils.network.f5.common import AnsibleF5Parameters - from ansible.module_utils.network.f5.common import cleanup_tokens from ansible.module_utils.network.f5.common import fq_name from ansible.module_utils.network.f5.common import transform_name from ansible.module_utils.network.f5.common import f5_argument_spec - from ansible.module_utils.network.f5.common import exit_json - from ansible.module_utils.network.f5.common import fail_json from ansible.module_utils.network.f5.common import flatten_boolean from ansible.module_utils.network.f5.compare import cmp_simple_list @@ -523,7 +524,7 @@ class Difference(object): class ModuleManager(object): def __init__(self, *args, **kwargs): self.module = kwargs.get('module', None) - self.client = kwargs.get('client', None) + self.client = F5RestClient(**self.module.params) self.want = ModuleParameters(params=self.module.params) self.have = ApiParameters() self.changes = UsableChanges() @@ -748,16 +749,12 @@ def main(): supports_check_mode=spec.supports_check_mode, ) - client = F5RestClient(**module.params) - try: - mm = ModuleManager(module=module, client=client) + mm = ModuleManager(module=module) results = mm.exec_module() - cleanup_tokens(client) - exit_json(module, results, client) + module.exit_json(**results) except F5ModuleError as ex: - cleanup_tokens(client) - fail_json(module, ex, client) + module.fail_json(msg=str(ex)) if __name__ == '__main__': diff --git a/lib/ansible/modules/network/f5/bigip_profile_client_ssl.py b/lib/ansible/modules/network/f5/bigip_profile_client_ssl.py index e9bc3f5318..671a62da49 100644 --- a/lib/ansible/modules/network/f5/bigip_profile_client_ssl.py +++ b/lib/ansible/modules/network/f5/bigip_profile_client_ssl.py @@ -23,17 +23,20 @@ options: name: description: - Specifies the name of the profile. + type: str required: True parent: description: - The parent template of this monitor template. Once this value has been set, it cannot be changed. By default, this value is the C(clientssl) parent on the C(Common) partition. + type: str default: /Common/clientssl ciphers: description: - Specifies the list of ciphers that the system supports. When creating a new profile, the default cipher list is provided by the parent profile. + type: str cert_key_chain: description: - One or more certificates and keys to associate with the SSL profile. This @@ -47,25 +50,31 @@ options: cert: description: - Specifies a cert name for use. + type: str required: True key: description: - Contains a key name. + type: str required: True chain: description: - Contains a certificate chain that is relevant to the certificate and key mentioned earlier. - This key is optional. + type: str passphrase: description: - Contains the passphrase of the key file, should it require one. - Passphrases are encrypted on the remote BIG-IP device. Therefore, there is no way to compare them when updating a client SSL profile. Due to this, if you specify a passphrase, this module will always register a C(changed) event. + type: str + type: list partition: description: - Device partition to manage resources on. + type: str default: Common version_added: 2.5 options: @@ -73,6 +82,7 @@ options: - Options that the system uses for SSL processing in the form of a list. When creating a new profile, the list is provided by the parent profile. - When a C('') or C(none) value is provided all options for SSL processing are disabled. + type: list choices: - netscape-reuse-cipher-change-bug - microsoft-big-sslv3-buffer @@ -111,6 +121,7 @@ options: - The C(require-strict) setting the system requires strict renegotiation of SSL connections. In this mode the system refuses connections to insecure servers, and terminates existing SSL connections to insecure servers. + type: str choices: - require - require-strict @@ -138,8 +149,15 @@ options: version_added: 2.8 sni_require: description: - - Requires that the network peers also provide SNI support. This setting only takes effect when C(sni_default) is - set to C(true). When creating a new profile, the setting is provided by the parent profile. + - Requires that the network peers also provide SNI support, this setting only takes effect when C(sni_default) is + set to C(true). + - When creating a new profile, the setting is provided by the parent profile. + type: bool + version_added: 2.8 + strict_resume: + description: + - Enables or disables the resumption of SSL sessions after an unclean shutdown. + - When creating a new profile, the setting is provided by the parent profile. type: bool version_added: 2.8 client_certificate: @@ -151,6 +169,7 @@ options: valid certificate. - When C(request), specifies that the system requests a valid certificate from a client but always authenticate the client. + type: str choices: - ignore - require @@ -163,10 +182,17 @@ options: SSL session. - When C(always), specifies that the system authenticates the client once for an SSL session and also upon reuse of that session. + type: str choices: - once - always version_added: 2.8 + renegotiation: + description: + - Enables or disables SSL renegotiation. + - When creating a new profile, the setting is provided by the parent profile. + type: bool + version_added: 2.8 retain_certificate: description: - When C(yes), client certificate is retained in SSL session. @@ -176,19 +202,23 @@ options: description: - Specifies the maximum number of certificates to be traversed in a client certificate chain. + type: int version_added: 2.8 trusted_cert_authority: description: - Specifies a client CA that the system trusts. + type: str version_added: 2.8 advertised_cert_authority: description: - Specifies that the CAs that the system advertises to clients is being trusted by the profile. + type: str version_added: 2.8 client_auth_crl: description: - Specifies the name of a file containing a list of revoked client certificates. + type: str version_added: 2.8 allow_expired_crl: description: @@ -199,10 +229,11 @@ options: description: - When C(present), ensures that the profile exists. - When C(absent), ensures the profile is removed. - default: present + type: str choices: - present - absent + default: present version_added: 2.5 notes: - Requires BIG-IP software version >= 12 @@ -251,7 +282,7 @@ EXAMPLES = r''' bigip_profile_client_ssl: state: present name: my_profile - secure_renegotation: request + secure_renegotiation: request provider: server: lb.mydomain.com user: admin @@ -284,7 +315,7 @@ options: returned: changed type: list sample: ['no-sslv2', 'no-sslv3'] -secure_renegotation: +secure_renegotiation: description: The method of secure SSL renegotiation. returned: changed type: str @@ -294,6 +325,16 @@ allow_non_ssl: returned: changed type: bool sample: yes +strict_resume: + description: Resumption of SSL sessions after an unclean shutdown. + returned: changed + type: bool + sample: yes +renegotiation: + description: Renegotiation of SSL sessions. + returned: changed + type: bool + sample: yes ''' import os @@ -306,25 +347,19 @@ try: from library.module_utils.network.f5.bigip import F5RestClient from library.module_utils.network.f5.common import F5ModuleError from library.module_utils.network.f5.common import AnsibleF5Parameters - from library.module_utils.network.f5.common import cleanup_tokens from library.module_utils.network.f5.common import fq_name from library.module_utils.network.f5.common import f5_argument_spec from library.module_utils.network.f5.common import flatten_boolean from library.module_utils.network.f5.common import transform_name - from library.module_utils.network.f5.common import exit_json - from library.module_utils.network.f5.common import fail_json from library.module_utils.network.f5.common import is_empty_list except ImportError: from ansible.module_utils.network.f5.bigip import F5RestClient from ansible.module_utils.network.f5.common import F5ModuleError from ansible.module_utils.network.f5.common import AnsibleF5Parameters - from ansible.module_utils.network.f5.common import cleanup_tokens from ansible.module_utils.network.f5.common import fq_name from ansible.module_utils.network.f5.common import f5_argument_spec from ansible.module_utils.network.f5.common import flatten_boolean from ansible.module_utils.network.f5.common import transform_name - from ansible.module_utils.network.f5.common import exit_json - from ansible.module_utils.network.f5.common import fail_json from ansible.module_utils.network.f5.common import is_empty_list @@ -346,6 +381,8 @@ class Parameters(AnsibleF5Parameters): 'clientCertCa': 'advertised_cert_authority', 'crlFile': 'client_auth_crl', 'allowExpiredCrl': 'allow_expired_crl', + 'strictResume': 'strict_resume', + 'renegotiation': 'renegotiation', } api_attributes = [ @@ -366,6 +403,8 @@ class Parameters(AnsibleF5Parameters): 'clientCertCa', 'crlFile', 'allowExpiredCrl', + 'strictResume', + 'renegotiation', ] returnables = [ @@ -386,6 +425,8 @@ class Parameters(AnsibleF5Parameters): 'advertised_cert_authority', 'client_auth_crl', 'allow_expired_crl', + 'strict_resume', + 'renegotiation', ] updatables = [ @@ -405,6 +446,8 @@ class Parameters(AnsibleF5Parameters): 'advertised_cert_authority', 'client_auth_crl', 'allow_expired_crl', + 'strict_resume', + 'renegotiation', ] @property @@ -485,6 +528,24 @@ class ModuleParameters(Parameters): return 'enabled' return 'disabled' + @property + def strict_resume(self): + result = flatten_boolean(self._values['strict_resume']) + if result is None: + return None + if result == 'yes': + return 'enabled' + return 'disabled' + + @property + def renegotiation(self): + result = flatten_boolean(self._values['renegotiation']) + if result is None: + return None + if result == 'yes': + return 'enabled' + return 'disabled' + @property def options(self): options = self._values['options'] @@ -634,6 +695,14 @@ class ReportableChanges(Changes): return 'yes' return 'no' + @property + def strict_resume(self): + if self._values['strict_resume'] is None: + return None + elif self._values['strict_resume'] == 'enabled': + return 'yes' + return 'no' + @property def retain_certificate(self): return flatten_boolean(self._values['retain_certificate']) @@ -757,7 +826,7 @@ class Difference(object): class ModuleManager(object): def __init__(self, *args, **kwargs): self.module = kwargs.get('module', None) - self.client = kwargs.get('client', None) + self.client = F5RestClient(**self.module.params) self.want = ModuleParameters(params=self.module.params) self.have = ApiParameters() self.changes = UsableChanges() @@ -1008,6 +1077,8 @@ class ArgumentSpec(object): advertised_cert_authority=dict(), client_auth_crl=dict(), allow_expired_crl=dict(type='bool'), + strict_resume=dict(type='bool'), + renegotiation=dict(type='bool'), partition=dict( default='Common', fallback=(env_fallback, ['F5_PARTITION']) @@ -1026,16 +1097,12 @@ def main(): supports_check_mode=spec.supports_check_mode, ) - client = F5RestClient(**module.params) - try: - mm = ModuleManager(module=module, client=client) + mm = ModuleManager(module=module) results = mm.exec_module() - cleanup_tokens(client) - exit_json(module, results, client) + module.exit_json(**results) except F5ModuleError as ex: - cleanup_tokens(client) - fail_json(module, ex, client) + module.fail_json(msg=str(ex)) if __name__ == '__main__': diff --git a/lib/ansible/modules/network/f5/bigip_profile_dns.py b/lib/ansible/modules/network/f5/bigip_profile_dns.py index 6ea03c7c5f..b3fee050df 100644 --- a/lib/ansible/modules/network/f5/bigip_profile_dns.py +++ b/lib/ansible/modules/network/f5/bigip_profile_dns.py @@ -26,12 +26,14 @@ options: name: description: - Specifies the name of the DNS profile. + type: str required: True parent: description: - Specifies the profile from which this profile inherits settings. - When creating a new profile, if this parameter is not specified, the default is the system-supplied C(dns) profile. + type: str enable_dns_express: description: - Specifies whether the DNS Express engine is enabled. @@ -112,6 +114,7 @@ options: - Specifies the user-created cache that the system uses to cache DNS responses. - When you select a cache for the system to use, you must also set C(enable_dns_cache) to C(yes) + type: str version_added: 2.7 unhandled_query_action: description: @@ -125,6 +128,7 @@ options: - When C(no-error), the BIG-IP system returns the query with the NOERROR return code. - When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. + type: str choices: - allow - drop @@ -135,15 +139,17 @@ options: partition: description: - Device partition to manage resources on. + type: str default: Common state: description: - When C(present), ensures that the profile exists. - When C(absent), ensures the profile is removed. - default: present + type: str choices: - present - absent + default: present extends_documentation_fragment: f5 author: - Tim Rupp (@caphrim007) @@ -226,7 +232,6 @@ try: from library.module_utils.network.f5.bigip import F5RestClient from library.module_utils.network.f5.common import F5ModuleError from library.module_utils.network.f5.common import AnsibleF5Parameters - from library.module_utils.network.f5.common import cleanup_tokens from library.module_utils.network.f5.common import fq_name from library.module_utils.network.f5.common import f5_argument_spec from library.module_utils.network.f5.common import transform_name @@ -234,7 +239,6 @@ except ImportError: from ansible.module_utils.network.f5.bigip import F5RestClient from ansible.module_utils.network.f5.common import F5ModuleError from ansible.module_utils.network.f5.common import AnsibleF5Parameters - from ansible.module_utils.network.f5.common import cleanup_tokens from ansible.module_utils.network.f5.common import fq_name from ansible.module_utils.network.f5.common import f5_argument_spec from ansible.module_utils.network.f5.common import transform_name @@ -503,7 +507,7 @@ class Difference(object): class ModuleManager(object): def __init__(self, *args, **kwargs): self.module = kwargs.get('module', None) - self.client = kwargs.get('client', None) + self.client = F5RestClient(**self.module.params) self.want = ModuleParameters(params=self.module.params) self.have = ApiParameters() self.changes = UsableChanges() @@ -735,15 +739,11 @@ def main(): supports_check_mode=spec.supports_check_mode ) - client = F5RestClient(**module.params) - try: - mm = ModuleManager(module=module, client=client) + mm = ModuleManager(module=module) results = mm.exec_module() - cleanup_tokens(client) module.exit_json(**results) except F5ModuleError as ex: - cleanup_tokens(client) module.fail_json(msg=str(ex)) diff --git a/lib/ansible/modules/network/f5/bigip_profile_fastl4.py b/lib/ansible/modules/network/f5/bigip_profile_fastl4.py index c0ca335268..ce5f8deaf2 100644 --- a/lib/ansible/modules/network/f5/bigip_profile_fastl4.py +++ b/lib/ansible/modules/network/f5/bigip_profile_fastl4.py @@ -23,12 +23,14 @@ options: name: description: - Specifies the name of the profile. + type: str required: True parent: description: - Specifies the profile from which this profile inherits settings. - When creating a new profile, if this parameter is not specified, the default is the system-supplied C(fastL4) profile. + type: str idle_timeout: description: - Specifies the length of time that a connection is idle (has no traffic) before @@ -42,6 +44,7 @@ options: regardless of how long they remain idle. - When C(0), or C(immediate), specifies that the system deletes connections immediately when they become idle. + type: str client_timeout: description: - Specifies a timeout for Late Binding. @@ -53,9 +56,11 @@ options: transmission. - When C(indefinite), disables the limit. This allows the client unlimited time to send the sender and target information. + type: str description: description: - Description of the profile. + type: str explicit_flow_migration: description: - Specifies whether a qualified late-binding connection requires an explicit iRule @@ -75,6 +80,7 @@ options: Header DF bit. - When C(set), sets the outgoing packet's IP Header DF bit. - When C(clear), clears the outgoing packet's IP Header DF bit. + type: str choices: - pmtu - preserve @@ -89,6 +95,7 @@ options: - When C(pass-through), specifies that the IP ToS setting remains unchanged. - When C(mimic), specifies that the system sets the ToS level of outgoing packets to the same ToS level of the most-recently received incoming packet. + type: str ip_tos_to_server: description: - Specifies, for IP traffic passing through the system to back-end servers, whether @@ -98,6 +105,7 @@ options: - When C(pass-through), specifies that the IP ToS setting remains unchanged. - When C(mimic), specifies that the system sets the ToS level of outgoing packets to the same ToS level of the most-recently received incoming packet. + type: str ip_ttl_mode: description: - Specifies the outgoing TCP packet's IP Header TTL mode. @@ -108,6 +116,7 @@ options: incoming TTL value. - When C(set), sets the outgoing IP Header TTL value to a specific value(as specified by C(ip_ttl_v4) or C(ip_ttl_v6). + type: str choices: - proxy - preserve @@ -117,13 +126,16 @@ options: description: - Specifies the outgoing packet's IP Header TTL value for IPv4 traffic. - Maximum TTL value that can be specified is 255. + type: int ip_ttl_v6: description: - Specifies the outgoing packet's IP Header TTL value for IPv6 traffic. - Maximum TTL value that can be specified is 255. + type: int keep_alive_interval: description: - Specifies the keep-alive probe interval, in seconds. + type: int late_binding: description: - Enables intelligent selection of a back-end server or pool, using an @@ -140,6 +152,7 @@ options: - When a number, specifies the link QoS setting that the system inserts in the IP packet header. - When C(pass-through), specifies that the link QoS setting remains unchanged. + type: str link_qos_to_server: description: - Specifies, for IP traffic passing through the system to back-end servers, @@ -151,6 +164,7 @@ options: - When a number, specifies the link QoS setting that the system inserts in the IP packet header. - When C(pass-through), specifies that the link QoS setting remains unchanged. + type: str loose_close: description: - When C(yes), specifies, that the system closes a loosely-initiated connection @@ -166,6 +180,7 @@ options: description: - Specifies a maximum segment size (MSS) override for server-side connections. - Valid range is 256 to 9162 or 0 to disable. + type: int reassemble_fragments: description: - When C(yes), specifies that the system reassembles IP fragments. @@ -174,6 +189,7 @@ options: description: - Specifies the amount of data the BIG-IP system can accept without acknowledging the server. + type: int reset_on_timeout: description: - When C(yes), specifies that the system sends a reset packet (RST) in addition @@ -204,9 +220,11 @@ options: - Specifies a value that overrides the SYN cookie maximum segment size (MSS) value in the SYN-ACK packet that is returned to the client. - Valid values are 0, and values from 256 through 9162. + type: int tcp_close_timeout: description: - Specifies the length of time a connection can remain idle before deletion. + type: str tcp_generate_isn: description: - When C(yes), specifies that the system generates initial sequence numbers @@ -223,6 +241,7 @@ options: - When C(disabled), specifies that the system does not apply a timeout to a TCP handshake. - When C(indefinite), specifies that attempting a TCP handshake never times out. + type: str tcp_strip_sack: description: - When C(yes), specifies that the system blocks a TCP selective ACK SackOK @@ -232,9 +251,11 @@ options: description: - Specifies the number of milliseconds that a connection is in the TIME-WAIT state before closing. + type: int tcp_timestamp_mode: description: - Specifies the action that the system should take on TCP timestamps. + type: str choices: - preserve - rewrite @@ -242,6 +263,7 @@ options: tcp_wscale_mode: description: - Specifies the action that the system should take on TCP windows. + type: str choices: - preserve - rewrite @@ -254,21 +276,24 @@ options: - When C(fallback), reverts the connection to normal FastL4 load-balancing, based on the client's TCP header. This causes the BIG-IP system to choose a back-end server based only on the source address and port. + type: str choices: - disconnect - fallback partition: description: - Device partition to manage resources on. + type: str default: Common state: description: - When C(present), ensures that the profile exists. - When C(absent), ensures the profile is removed. - default: present + type: str choices: - present - absent + default: present extends_documentation_fragment: f5 author: - Tim Rupp (@caphrim007) @@ -460,22 +485,16 @@ try: from library.module_utils.network.f5.bigip import F5RestClient from library.module_utils.network.f5.common import F5ModuleError from library.module_utils.network.f5.common import AnsibleF5Parameters - from library.module_utils.network.f5.common import cleanup_tokens from library.module_utils.network.f5.common import fq_name from library.module_utils.network.f5.common import f5_argument_spec - from library.module_utils.network.f5.common import exit_json - from library.module_utils.network.f5.common import fail_json from library.module_utils.network.f5.common import transform_name from library.module_utils.network.f5.common import flatten_boolean except ImportError: from ansible.module_utils.network.f5.bigip import F5RestClient from ansible.module_utils.network.f5.common import F5ModuleError from ansible.module_utils.network.f5.common import AnsibleF5Parameters - from ansible.module_utils.network.f5.common import cleanup_tokens from ansible.module_utils.network.f5.common import fq_name from ansible.module_utils.network.f5.common import f5_argument_spec - from ansible.module_utils.network.f5.common import exit_json - from ansible.module_utils.network.f5.common import fail_json from ansible.module_utils.network.f5.common import transform_name from ansible.module_utils.network.f5.common import flatten_boolean @@ -1115,7 +1134,7 @@ class Difference(object): class ModuleManager(object): def __init__(self, *args, **kwargs): self.module = kwargs.get('module', None) - self.client = kwargs.get('client', None) + self.client = F5RestClient(**self.module.params) self.want = ModuleParameters(params=self.module.params) self.have = ApiParameters() self.changes = UsableChanges() @@ -1368,16 +1387,12 @@ def main(): supports_check_mode=spec.supports_check_mode, ) - client = F5RestClient(**module.params) - try: - mm = ModuleManager(module=module, client=client) + mm = ModuleManager(module=module) results = mm.exec_module() - cleanup_tokens(client) - exit_json(module, results, client) + module.exit_json(**results) except F5ModuleError as ex: - cleanup_tokens(client) - fail_json(module, ex, client) + module.fail_json(msg=str(ex)) if __name__ == '__main__': diff --git a/lib/ansible/modules/network/f5/bigip_profile_http.py b/lib/ansible/modules/network/f5/bigip_profile_http.py index ff496f916d..32639aa92b 100644 --- a/lib/ansible/modules/network/f5/bigip_profile_http.py +++ b/lib/ansible/modules/network/f5/bigip_profile_http.py @@ -23,21 +23,25 @@ options: name: description: - Specifies the name of the profile. + type: str required: True parent: description: - Specifies the profile from which this profile inherits settings. - When creating a new profile, if this parameter is not specified, the default is the system-supplied C(http) profile. + type: str default: /Common/http description: description: - Description of the profile. + type: str proxy_type: description: - Specifies the proxy mode for the profile. - When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. + type: str choices: - reverse - transparent @@ -50,6 +54,7 @@ options: just as an object name (C(foo)). - To remove the entry a value of C(none) or C('') can be set, however the profile C(proxy_type) must not be set as C(explicit). + type: str insert_xforwarded_for: description: - When specified system inserts an X-Forwarded-For header in an HTTP request @@ -70,6 +75,7 @@ options: the system changes it to the virtual server address. - When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. + type: str choices: - none - all @@ -87,14 +93,16 @@ options: - Passphrase for cookie encryption. - When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. + type: str update_password: description: - C(always) will update passwords if the C(encrypt_cookie_secret) is specified. - C(on_create) will only set the password for newly created profiles. - default: always + type: str choices: - always - on_create + default: always header_erase: description: - The name of a header, in an HTTP request, which the system removes from request. @@ -102,6 +110,7 @@ options: - The format of the header must be in C(KEY:VALUE) format, otherwise error is raised. - When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. + type: str version_added: 2.8 header_insert: description: @@ -110,6 +119,7 @@ options: - The format of the header must be in C(KEY:VALUE) format, otherwise error is raised. - When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. + type: str version_added: 2.8 server_agent_name: description: @@ -117,6 +127,7 @@ options: - To remove the entry completely a value of C(none) or C('') should be set. - When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. + type: str version_added: 2.8 include_subdomains: description: @@ -134,6 +145,7 @@ options: re-enables plaintext HTTP access, while specifying C(indefinite) will set it to the maximum value. - When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. + type: str version_added: 2.8 hsts_mode: description: @@ -145,15 +157,17 @@ options: partition: description: - Device partition to manage resources on. + type: str default: Common state: description: - When C(present), ensures that the profile exists. - When C(absent), ensures the profile is removed. - default: present + type: str choices: - present - absent + default: present extends_documentation_fragment: f5 author: - Wojciech Wypior (@wojtek0806) @@ -233,25 +247,19 @@ try: from library.module_utils.network.f5.bigip import F5RestClient from library.module_utils.network.f5.common import F5ModuleError from library.module_utils.network.f5.common import AnsibleF5Parameters - from library.module_utils.network.f5.common import cleanup_tokens from library.module_utils.network.f5.common import fq_name from library.module_utils.network.f5.common import f5_argument_spec from library.module_utils.network.f5.common import flatten_boolean from library.module_utils.network.f5.common import transform_name - from library.module_utils.network.f5.common import exit_json - from library.module_utils.network.f5.common import fail_json from library.module_utils.network.f5.urls import check_header_validity except ImportError: from ansible.module_utils.network.f5.bigip import F5RestClient from ansible.module_utils.network.f5.common import F5ModuleError from ansible.module_utils.network.f5.common import AnsibleF5Parameters - from ansible.module_utils.network.f5.common import cleanup_tokens from ansible.module_utils.network.f5.common import fq_name from ansible.module_utils.network.f5.common import f5_argument_spec from ansible.module_utils.network.f5.common import flatten_boolean from ansible.module_utils.network.f5.common import transform_name - from ansible.module_utils.network.f5.common import exit_json - from ansible.module_utils.network.f5.common import fail_json from ansible.module_utils.network.f5.urls import check_header_validity @@ -639,7 +647,7 @@ class Difference(object): class ModuleManager(object): def __init__(self, *args, **kwargs): self.module = kwargs.get('module', None) - self.client = kwargs.get('client', None) + self.client = F5RestClient(**self.module.params) self.want = ModuleParameters(params=self.module.params) self.have = ApiParameters() self.changes = UsableChanges() @@ -880,16 +888,12 @@ def main(): supports_check_mode=spec.supports_check_mode, ) - client = F5RestClient(**module.params) - try: - mm = ModuleManager(module=module, client=client) + mm = ModuleManager(module=module) results = mm.exec_module() - cleanup_tokens(client) - exit_json(module, results, client) + module.exit_json(**results) except F5ModuleError as ex: - cleanup_tokens(client) - fail_json(module, ex, client) + module.fail_json(msg=str(ex)) if __name__ == '__main__': diff --git a/lib/ansible/modules/network/f5/bigip_profile_http2.py b/lib/ansible/modules/network/f5/bigip_profile_http2.py index 9b2067a039..32c1566f85 100644 --- a/lib/ansible/modules/network/f5/bigip_profile_http2.py +++ b/lib/ansible/modules/network/f5/bigip_profile_http2.py @@ -23,16 +23,19 @@ options: name: description: - Specifies the name of the profile. + type: str required: True parent: description: - Specifies the profile from which this profile inherits settings. - When creating a new profile, if this parameter is not specified, the default is the system-supplied C(http2) profile. + type: str default: /Common/http2 description: description: - Description of the profile. + type: str streams: description: - Specifies the number of outstanding concurrent requests that are allowed on a single HTTP/2 connection. @@ -54,6 +57,7 @@ options: description: - Specifies the name of the HTTP header controlled by C(insert_header) parameter. - When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. + type: str enforce_tls_requirements: description: - Specifies whether the system requires TLS for communications between specified senders and recipients. @@ -64,10 +68,10 @@ options: - Specifies what will cause an incoming connection to be handled as a HTTP/2 connection. - The C(alpn) and C(always) are mutually exclusive. - When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. + type: list choices: - alpn - always - type: list frame_size: description: - Specifies the size of data frames, in bytes, that HTTP/2 sends to the client. @@ -95,15 +99,17 @@ options: partition: description: - Device partition to manage resources on. + type: str default: Common state: description: - When C(present), ensures that the profile exists. - When C(absent), ensures the profile is removed. - default: present + type: str choices: - present - absent + default: present extends_documentation_fragment: f5 author: - Wojciech Wypior (@wojtek0806) @@ -184,26 +190,20 @@ try: from library.module_utils.network.f5.bigip import F5RestClient from library.module_utils.network.f5.common import F5ModuleError from library.module_utils.network.f5.common import AnsibleF5Parameters - from library.module_utils.network.f5.common import cleanup_tokens from library.module_utils.network.f5.common import fq_name from library.module_utils.network.f5.common import transform_name from library.module_utils.network.f5.common import flatten_boolean from library.module_utils.network.f5.common import is_empty_list from library.module_utils.network.f5.common import f5_argument_spec - from library.module_utils.network.f5.common import exit_json - from library.module_utils.network.f5.common import fail_json except ImportError: from ansible.module_utils.network.f5.bigip import F5RestClient from ansible.module_utils.network.f5.common import F5ModuleError from ansible.module_utils.network.f5.common import AnsibleF5Parameters - from ansible.module_utils.network.f5.common import cleanup_tokens from ansible.module_utils.network.f5.common import fq_name from ansible.module_utils.network.f5.common import transform_name from ansible.module_utils.network.f5.common import flatten_boolean from ansible.module_utils.network.f5.common import is_empty_list from ansible.module_utils.network.f5.common import f5_argument_spec - from ansible.module_utils.network.f5.common import exit_json - from ansible.module_utils.network.f5.common import fail_json class Parameters(AnsibleF5Parameters): @@ -440,7 +440,7 @@ class Difference(object): class ModuleManager(object): def __init__(self, *args, **kwargs): self.module = kwargs.get('module', None) - self.client = kwargs.get('client', None) + self.client = F5RestClient(**self.module.params) self.want = ModuleParameters(params=self.module.params) self.have = ApiParameters() self.changes = UsableChanges() @@ -667,16 +667,12 @@ def main(): supports_check_mode=spec.supports_check_mode, ) - client = F5RestClient(**module.params) - try: - mm = ModuleManager(module=module, client=client) + mm = ModuleManager(module=module) results = mm.exec_module() - cleanup_tokens(client) - exit_json(module, results, client) + module.exit_json(**results) except F5ModuleError as ex: - cleanup_tokens(client) - fail_json(module, ex, client) + module.fail_json(msg=str(ex)) if __name__ == '__main__': diff --git a/lib/ansible/modules/network/f5/bigip_profile_http_compression.py b/lib/ansible/modules/network/f5/bigip_profile_http_compression.py index 6ba2bcd3db..a68b883269 100644 --- a/lib/ansible/modules/network/f5/bigip_profile_http_compression.py +++ b/lib/ansible/modules/network/f5/bigip_profile_http_compression.py @@ -23,27 +23,32 @@ options: name: description: - Specifies the name of the compression profile. + type: str required: True parent: description: - Specifies the profile from which this profile inherits settings. - When creating a new profile, if this parameter is not specified, the default is the system-supplied C(httpcompression) profile. + type: str description: description: - Description of the HTTP compression profile. + type: str buffer_size: description: - Maximum number of compressed bytes that the system buffers before inserting a Content-Length header (which specifies the compressed size) into the response. - When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. + type: int gzip_level: description: - Specifies the degree to which the system compresses the content. - Higher compression levels cause the compression process to be slower. - Valid values are between 1 (least compression and fastest) to 9 (most compression and slowest). + type: int choices: - 1 - 2 @@ -58,6 +63,7 @@ options: description: - Number of kilobytes of memory that the system uses for internal compression buffers when compressing a server response. + type: int choices: - 1 - 2 @@ -72,6 +78,7 @@ options: description: - Number of kilobytes in the window size that the system uses when compressing a server response. + type: int choices: - 1 - 2 @@ -84,15 +91,17 @@ options: partition: description: - Device partition to manage resources on. + type: str default: Common state: description: - When C(present), ensures that the profile exists. - When C(absent), ensures the profile is removed. - default: present + type: str choices: - present - absent + default: present extends_documentation_fragment: f5 author: - Tim Rupp (@caphrim007) @@ -149,21 +158,15 @@ try: from library.module_utils.network.f5.bigip import F5RestClient from library.module_utils.network.f5.common import F5ModuleError from library.module_utils.network.f5.common import AnsibleF5Parameters - from library.module_utils.network.f5.common import cleanup_tokens from library.module_utils.network.f5.common import fq_name from library.module_utils.network.f5.common import f5_argument_spec - from library.module_utils.network.f5.common import exit_json - from library.module_utils.network.f5.common import fail_json from library.module_utils.network.f5.common import transform_name except ImportError: from ansible.module_utils.network.f5.bigip import F5RestClient from ansible.module_utils.network.f5.common import F5ModuleError from ansible.module_utils.network.f5.common import AnsibleF5Parameters - from ansible.module_utils.network.f5.common import cleanup_tokens from ansible.module_utils.network.f5.common import fq_name from ansible.module_utils.network.f5.common import f5_argument_spec - from ansible.module_utils.network.f5.common import exit_json - from ansible.module_utils.network.f5.common import fail_json from ansible.module_utils.network.f5.common import transform_name @@ -303,7 +306,7 @@ class Difference(object): class ModuleManager(object): def __init__(self, *args, **kwargs): self.module = kwargs.get('module', None) - self.client = kwargs.get('client', None) + self.client = F5RestClient(**self.module.params) self.want = ModuleParameters(params=self.module.params) self.have = ApiParameters() self.changes = UsableChanges() @@ -527,16 +530,12 @@ def main(): supports_check_mode=spec.supports_check_mode, ) - client = F5RestClient(**module.params) - try: - mm = ModuleManager(module=module, client=client) + mm = ModuleManager(module=module) results = mm.exec_module() - cleanup_tokens(client) - exit_json(module, results, client) + module.exit_json(**results) except F5ModuleError as ex: - cleanup_tokens(client) - fail_json(module, ex, client) + module.fail_json(msg=str(ex)) if __name__ == '__main__': diff --git a/lib/ansible/modules/network/f5/bigip_profile_oneconnect.py b/lib/ansible/modules/network/f5/bigip_profile_oneconnect.py index 2a97cc3628..42e0da6f30 100644 --- a/lib/ansible/modules/network/f5/bigip_profile_oneconnect.py +++ b/lib/ansible/modules/network/f5/bigip_profile_oneconnect.py @@ -23,12 +23,14 @@ options: name: description: - Specifies the name of the OneConnect profile. + type: str required: True parent: description: - Specifies the profile from which this profile inherits settings. - When creating a new profile, if this parameter is not specified, the default is the system-supplied C(oneconnect) profile. + type: str source_mask: description: - Specifies a value that the system applies to the source address to determine @@ -42,9 +44,11 @@ options: connections originating from the same source address. - When you are using a SNAT or SNAT pool, the server-side source address is translated first and then the OneConnect mask is applied to the translated address. + type: str description: description: - Description of the profile. + type: str maximum_size: description: - Specifies the maximum number of connections that the system holds in the @@ -53,6 +57,7 @@ options: response is completed. - When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. + type: int maximum_age: description: - Specifies the maximum number of seconds allowed for a connection in the connection @@ -61,11 +66,13 @@ options: connection from the re-use pool. - When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. + type: int maximum_reuse: description: - Specifies the maximum number of times that a server-side connection can be reused. - When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. + type: int idle_timeout_override: description: - Specifies the number of seconds that a connection is idle before the connection @@ -76,6 +83,7 @@ options: - When C(disabled), specifies that there is no timeout override for the connection. - When C(indefinite), Specifies that a connection may be idle with no timeout override. + type: str limit_type: description: - When C(none), simultaneous in-flight requests and responses over TCP connections @@ -91,6 +99,7 @@ options: short expiration timeouts. - When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. + type: str choices: - none - idle @@ -107,15 +116,17 @@ options: partition: description: - Device partition to manage resources on. + type: str default: Common state: description: - When C(present), ensures that the profile exists. - When C(absent), ensures the profile is removed. - default: present + type: str choices: - present - absent + default: present extends_documentation_fragment: f5 author: - Tim Rupp (@caphrim007) @@ -183,23 +194,17 @@ try: from library.module_utils.network.f5.bigip import F5RestClient from library.module_utils.network.f5.common import F5ModuleError from library.module_utils.network.f5.common import AnsibleF5Parameters - from library.module_utils.network.f5.common import cleanup_tokens from library.module_utils.network.f5.common import fq_name from library.module_utils.network.f5.common import f5_argument_spec from library.module_utils.network.f5.common import transform_name - from library.module_utils.network.f5.common import exit_json - from library.module_utils.network.f5.common import fail_json from library.module_utils.network.f5.ipaddress import is_valid_ip except ImportError: from ansible.module_utils.network.f5.bigip import F5RestClient from ansible.module_utils.network.f5.common import F5ModuleError from ansible.module_utils.network.f5.common import AnsibleF5Parameters - from ansible.module_utils.network.f5.common import cleanup_tokens from ansible.module_utils.network.f5.common import fq_name from ansible.module_utils.network.f5.common import f5_argument_spec from ansible.module_utils.network.f5.common import transform_name - from ansible.module_utils.network.f5.common import exit_json - from ansible.module_utils.network.f5.common import fail_json from ansible.module_utils.network.f5.ipaddress import is_valid_ip @@ -379,7 +384,7 @@ class Difference(object): class ModuleManager(object): def __init__(self, *args, **kwargs): self.module = kwargs.get('module', None) - self.client = kwargs.get('client', None) + self.client = F5RestClient(**self.module.params) self.want = ModuleParameters(params=self.module.params) self.have = ApiParameters() self.changes = UsableChanges() @@ -600,16 +605,12 @@ def main(): supports_check_mode=spec.supports_check_mode, ) - client = F5RestClient(**module.params) - try: - mm = ModuleManager(module=module, client=client) + mm = ModuleManager(module=module) results = mm.exec_module() - cleanup_tokens(client) - exit_json(module, results, client) + module.exit_json(**results) except F5ModuleError as ex: - cleanup_tokens(client) - fail_json(module, ex, client) + module.fail_json(msg=str(ex)) if __name__ == '__main__': diff --git a/lib/ansible/modules/network/f5/bigip_profile_persistence_cookie.py b/lib/ansible/modules/network/f5/bigip_profile_persistence_cookie.py index f46ed20f7e..7af5ac9c5e 100644 --- a/lib/ansible/modules/network/f5/bigip_profile_persistence_cookie.py +++ b/lib/ansible/modules/network/f5/bigip_profile_persistence_cookie.py @@ -23,15 +23,18 @@ options: name: description: - Specifies the name of the profile. + type: str required: True description: description: - Description of the profile. + type: str parent: description: - Specifies the profile from which this profile inherits settings. - When creating a new profile, if this parameter is not specified, the default is the system-supplied C(cookie) profile. + type: str default: cookie cookie_method: description: @@ -47,6 +50,7 @@ options: - When C(rewrite), specifies that the system intercepts the BIGipCookie header, sent from the server, and overwrites the name and value of that cookie. + type: str choices: - hash - insert @@ -55,6 +59,7 @@ options: cookie_name: description: - Specifies a unique name for the cookie. + type: str http_only: description: - Specifies whether the httponly attribute should be enabled or @@ -87,6 +92,7 @@ options: - When C(disabled), generates the cookie format unencrypted. - When C(preferred), generate an encrypted cookie, but accepts both encrypted and unencrypted formats. - When C(required), cookie format must be encrypted. + type: str choices: - disabled - preferred @@ -114,33 +120,62 @@ options: encryption_passphrase: description: - Specifies a passphrase to be used for cookie encryption. + type: str update_password: description: - C(always) will allow to update passphrases if the user chooses to do so. C(on_create) will only set the passphrase for newly created profiles. - default: always + type: str choices: - always - on_create + default: always + expiration: + description: + - Specifies the expiration time of the cookie. By default the system generates and uses session cookie. + This cookie expires when the user session expires, that is when the browser is closed. + suboptions: + days: + description: + - Cookie expiration time in days, the value must be in range from C(0) to C(24855) days. + type: int + hours: + description: + - Cookie expiration time in hours, the value must be in the range from C(0) to C(23) hours. + type: int + minutes: + description: + - Cookie expiration time in minutes, the value must be in the range from C(0) to C(59) minutes. + type: int + seconds: + description: + - Cookie expiration time in seconds, the value must be in the range from C(0) to C(59) seconds. + type: int + default: 0 + type: dict + version_added: 2.8 partition: description: - Device partition to manage resources on. + type: str default: Common state: description: - When C(present), ensures that the profile exists. - When C(absent), ensures the profile is removed. - default: present + type: str choices: - present - absent + default: present extends_documentation_fragment: f5 author: - Tim Rupp (@caphrim007) + - Wojciech Wypior (@wojtek0806) ''' EXAMPLES = r''' -- name: Create a ... +- name: Create a persistence cookie profile bigip_profile_persistence_cookie: name: foo provider: @@ -148,6 +183,18 @@ EXAMPLES = r''' server: lb.mydomain.com user: admin delegate_to: localhost +- name: Create a persistence cookie profile with expiration time + bigip_profile_persistence_cookie: + name: foo + expiration: + days: 7 + hours: 12 + minutes: 30 + provider: + password: secret + server: lb.mydomain.com + user: admin + delegate_to: localhost ''' RETURN = r''' @@ -216,6 +263,32 @@ secure: returned: changed type: bool sample: no +expiration: + description: The expiration time of the cookie. + returned: changed + type: complex + contains: + days: + description: Cookie expiration time in days. + returned: changed + type: int + sample: 125 + hours: + description: Cookie expiration time in hours. + returned: changed + type: int + sample: 22 + minutes: + description: Cookie expiration time in minutes. + returned: changed + type: int + sample: 58 + seconds: + description: Cookie expiration time in seconds. + returned: changed + type: int + sample: 20 + sample: hash/dictionary of values ''' from ansible.module_utils.basic import AnsibleModule @@ -225,11 +298,8 @@ try: from library.module_utils.network.f5.bigip import F5RestClient from library.module_utils.network.f5.common import F5ModuleError from library.module_utils.network.f5.common import AnsibleF5Parameters - from library.module_utils.network.f5.common import cleanup_tokens from library.module_utils.network.f5.common import fq_name from library.module_utils.network.f5.common import f5_argument_spec - from library.module_utils.network.f5.common import exit_json - from library.module_utils.network.f5.common import fail_json from library.module_utils.network.f5.common import transform_name from library.module_utils.network.f5.common import flatten_boolean from library.module_utils.network.f5.compare import cmp_str_with_none @@ -237,11 +307,8 @@ except ImportError: from ansible.module_utils.network.f5.bigip import F5RestClient from ansible.module_utils.network.f5.common import F5ModuleError from ansible.module_utils.network.f5.common import AnsibleF5Parameters - from ansible.module_utils.network.f5.common import cleanup_tokens from ansible.module_utils.network.f5.common import fq_name from ansible.module_utils.network.f5.common import f5_argument_spec - from ansible.module_utils.network.f5.common import exit_json - from ansible.module_utils.network.f5.common import fail_json from ansible.module_utils.network.f5.common import transform_name from ansible.module_utils.network.f5.common import flatten_boolean from ansible.module_utils.network.f5.compare import cmp_str_with_none @@ -278,6 +345,7 @@ class Parameters(AnsibleF5Parameters): 'secure', 'cookieEncryptionPassphrase', 'method', + 'expiration' ] returnables = [ @@ -295,6 +363,7 @@ class Parameters(AnsibleF5Parameters): 'encryption_passphrase', 'description', 'secure', + 'expiration', ] updatables = [ @@ -312,6 +381,7 @@ class Parameters(AnsibleF5Parameters): 'encryption_passphrase', 'description', 'secure', + 'expiration', ] @property @@ -371,6 +441,86 @@ class ModuleParameters(Parameters): return '' return self._values['description'] + @property + def expiration(self): + if self._values['expiration'] is None: + return None + + days = self.days + hours = self.hours + minutes = self.minutes + seconds = self.seconds + + if days is not None: + if hours is None: + raise F5ModuleError( + "Incorrect format, 'hours' parameter is missing value." + ) + if minutes is None: + raise F5ModuleError( + "Incorrect format, 'minutes' parameter is missing value." + ) + + expiry_time = '{0}:{1}:{2}:{3}'.format(days, hours, minutes, seconds) + return expiry_time + + if hours is not None: + if minutes is None: + raise F5ModuleError( + "Incorrect format, 'minutes' parameter is missing value." + ) + + expiry_time = '{0}:{1}:{2}'.format(hours, minutes, seconds) + return expiry_time + + if minutes is not None: + expiry_time = '{0}:{1}'.format(minutes, seconds) + return expiry_time + + return str(seconds) + + @property + def days(self): + days = self._values['expiration']['days'] + if days is None: + return None + if days < 0 or days >= 24856: + raise F5ModuleError( + 'The provided value is invalid, the correct value range is: 0 - 24855 days.' + ) + return days + + @property + def hours(self): + hours = self._values['expiration']['hours'] + if hours is None: + return None + if hours < 0 or hours > 23: + raise F5ModuleError( + 'The provided value is invalid, the correct value range is: 0 - 23 hours.' + ) + return hours + + @property + def minutes(self): + minutes = self._values['expiration']['minutes'] + if minutes is None: + return None + if minutes < 0 or minutes > 59: + raise F5ModuleError( + 'The provided value is invalid, the correct value range is: 0 - 59 minutes.' + ) + return minutes + + @property + def seconds(self): + seconds = self._values['expiration']['seconds'] + if seconds < 0 or seconds > 59: + raise F5ModuleError( + 'The provided value is invalid, the correct value range is: 0 - 59 seconds.' + ) + return seconds + class Changes(Parameters): def to_return(self): @@ -487,6 +637,32 @@ class ReportableChanges(Changes): def encryption_passphrase(self): return None + @property + def expiration(self): + expire = self._values['expiration'] + result = dict() + + if expire is None: + return None + tmp = expire.split(':') + + if len(tmp) == 1: + result['seconds'] = int(tmp[0]) + if len(tmp) == 2: + result['minutes'] = int(tmp[0]) + result['seconds'] = int(tmp[1]) + if len(tmp) == 3: + result['hours'] = int(tmp[0]) + result['minutes'] = int(tmp[1]) + result['seconds'] = int(tmp[2]) + if len(tmp) == 4: + result['days'] = int(tmp[0]) + result['hours'] = int(tmp[1]) + result['minutes'] = int(tmp[2]) + result['seconds'] = int(tmp[3]) + + return result + class Difference(object): def __init__(self, want, have=None): @@ -524,7 +700,7 @@ class Difference(object): class ModuleManager(object): def __init__(self, *args, **kwargs): self.module = kwargs.get('module', None) - self.client = kwargs.get('client', None) + self.client = F5RestClient(**self.module.params) self.want = ModuleParameters(params=self.module.params) self.have = ApiParameters() self.changes = UsableChanges() @@ -744,6 +920,24 @@ class ArgumentSpec(object): default='always', choices=['always', 'on_create'] ), + expiration=dict( + type='dict', + options=dict( + days=dict( + type='int' + ), + hours=dict( + type='int' + ), + minutes=dict( + type='int' + ), + seconds=dict( + type='int', + default=0 + ) + ) + ), state=dict( default='present', choices=['present', 'absent'] @@ -766,16 +960,12 @@ def main(): supports_check_mode=spec.supports_check_mode, ) - client = F5RestClient(**module.params) - try: - mm = ModuleManager(module=module, client=client) + mm = ModuleManager(module=module) results = mm.exec_module() - cleanup_tokens(client) - exit_json(module, results, client) + module.exit_json(**results) except F5ModuleError as ex: - cleanup_tokens(client) - fail_json(module, ex, client) + module.fail_json(msg=str(ex)) if __name__ == '__main__': diff --git a/lib/ansible/modules/network/f5/bigip_profile_persistence_src_addr.py b/lib/ansible/modules/network/f5/bigip_profile_persistence_src_addr.py index 711fbd250e..47fe483252 100644 --- a/lib/ansible/modules/network/f5/bigip_profile_persistence_src_addr.py +++ b/lib/ansible/modules/network/f5/bigip_profile_persistence_src_addr.py @@ -23,12 +23,14 @@ options: name: description: - Specifies the name of the profile. + type: str required: True parent: description: - Specifies the profile from which this profile inherits settings. - When creating a new profile, if this parameter is not specified, the default is the system-supplied C(source_addr) profile. + type: str match_across_services: description: - When C(yes), specifies that all persistent connections from a client IP address that go @@ -60,6 +62,7 @@ options: to obtain the hash result for the input to the algorithm. - When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. + type: str choices: - default - carp @@ -70,6 +73,7 @@ options: default is provided by the parent profile. - To specify an indefinite timeout, use the value C(indefinite). - If specifying a numeric timeout, the value must be between C(1) and C(4294967295). + type: str override_connection_limit: description: - When C(yes), specifies that the system allows you to specify that pool member connection @@ -79,15 +83,17 @@ options: partition: description: - Device partition to manage resources on. + type: str default: Common state: description: - When C(present), ensures that the profile exists. - When C(absent), ensures the profile is removed. - default: present + type: str choices: - present - absent + default: present extends_documentation_fragment: f5 author: - Tim Rupp (@caphrim007) @@ -128,24 +134,18 @@ try: from library.module_utils.network.f5.bigip import F5RestClient from library.module_utils.network.f5.common import F5ModuleError from library.module_utils.network.f5.common import AnsibleF5Parameters - from library.module_utils.network.f5.common import cleanup_tokens from library.module_utils.network.f5.common import fq_name from library.module_utils.network.f5.common import f5_argument_spec from library.module_utils.network.f5.common import flatten_boolean from library.module_utils.network.f5.common import transform_name - from library.module_utils.network.f5.common import exit_json - from library.module_utils.network.f5.common import fail_json except ImportError: from ansible.module_utils.network.f5.bigip import F5RestClient from ansible.module_utils.network.f5.common import F5ModuleError from ansible.module_utils.network.f5.common import AnsibleF5Parameters - from ansible.module_utils.network.f5.common import cleanup_tokens from ansible.module_utils.network.f5.common import fq_name from ansible.module_utils.network.f5.common import f5_argument_spec from ansible.module_utils.network.f5.common import flatten_boolean from ansible.module_utils.network.f5.common import transform_name - from ansible.module_utils.network.f5.common import exit_json - from ansible.module_utils.network.f5.common import fail_json class Parameters(AnsibleF5Parameters): @@ -328,7 +328,7 @@ class Difference(object): class ModuleManager(object): def __init__(self, *args, **kwargs): self.module = kwargs.get('module', None) - self.client = kwargs.get('client', None) + self.client = F5RestClient(**self.module.params) self.want = ModuleParameters(params=self.module.params) self.have = ApiParameters() self.changes = UsableChanges() @@ -544,16 +544,12 @@ def main(): supports_check_mode=spec.supports_check_mode, ) - client = F5RestClient(**module.params) - try: - mm = ModuleManager(module=module, client=client) + mm = ModuleManager(module=module) results = mm.exec_module() - cleanup_tokens(client) - exit_json(module, results, client) + module.exit_json(**results) except F5ModuleError as ex: - cleanup_tokens(client) - fail_json(module, ex, client) + module.fail_json(msg=str(ex)) if __name__ == '__main__': diff --git a/lib/ansible/modules/network/f5/bigip_profile_server_ssl.py b/lib/ansible/modules/network/f5/bigip_profile_server_ssl.py index 6782282bab..a82ba7a1f1 100644 --- a/lib/ansible/modules/network/f5/bigip_profile_server_ssl.py +++ b/lib/ansible/modules/network/f5/bigip_profile_server_ssl.py @@ -23,16 +23,19 @@ options: name: description: - Specifies the name of the profile. + type: str required: True parent: description: - The parent template of this monitor template. Once this value has been set, it cannot be changed. + type: str default: /Common/serverssl ciphers: description: - Specifies the list of ciphers that the system supports. When creating a new profile, the default cipher list is provided by the parent profile. + type: str secure_renegotiation: description: - Specifies the method of secure renegotiations for SSL connections. When @@ -44,6 +47,7 @@ options: - The C(require-strict) setting the system requires strict renegotiation of SSL connections. In this mode the system refuses connections to insecure servers, and terminates existing SSL connections to insecure servers. + type: str choices: - require - require-strict @@ -53,6 +57,7 @@ options: - Specifies the fully qualified DNS hostname of the server used in Server Name Indication communications. When creating a new profile, the setting is provided by the parent profile. + type: str sni_default: description: - Indicates that the system uses this profile as the default SSL profile when there @@ -62,9 +67,9 @@ options: type: bool sni_require: description: - - Requires that the network peers also provide SNI support. This setting only takes - effect when C(sni_default) is C(yes). When creating a new profile, the setting - is provided by the parent profile. + - Requires that the network peers also provide SNI support, setting only takes + effect when C(sni_default) is C(yes). + - When creating a new profile, the setting is provided by the parent profile. type: bool server_certificate: description: @@ -72,6 +77,7 @@ options: - When C(ignore), specifies that the system ignores certificates from server systems. - When C(require), specifies that the system requires a server to present a valid certificate. + type: str choices: - ignore - require @@ -79,39 +85,47 @@ options: description: - Specifies the name of the certificate that the system uses for server-side SSL processing. + type: str key: description: - Specifies the file name of the SSL key. + type: str chain: description: - Specifies the certificates-key chain to associate with the SSL profile. + type: str passphrase: description: - Specifies a passphrase used to encrypt the key. + type: str update_password: description: - C(always) will allow to update passwords if the user chooses to do so. C(on_create) will only set the password for newly created profiles. - default: always + type: str choices: - always - on_create + default: always ocsp_profile: description: - Specifies the name of the OCSP profile for purpose of validating status of server certificate. + type: str partition: description: - Device partition to manage resources on. + type: str default: Common state: description: - When C(present), ensures that the profile exists. - When C(absent), ensures the profile is removed. - default: present + type: str choices: - present - absent + default: present extends_documentation_fragment: f5 author: - Tim Rupp (@caphrim007) @@ -134,7 +148,7 @@ ciphers: returned: changed type: str sample: "!SSLv3:!SSLv2:ECDHE+AES-GCM+SHA256:ECDHE-RSA-AES128-CBC-SHA" -secure_renegotation: +secure_renegotiation: description: The method of secure SSL renegotiation. returned: changed type: str @@ -148,22 +162,16 @@ try: from library.module_utils.network.f5.bigip import F5RestClient from library.module_utils.network.f5.common import F5ModuleError from library.module_utils.network.f5.common import AnsibleF5Parameters - from library.module_utils.network.f5.common import cleanup_tokens from library.module_utils.network.f5.common import fq_name from library.module_utils.network.f5.common import f5_argument_spec - from library.module_utils.network.f5.common import exit_json - from library.module_utils.network.f5.common import fail_json from library.module_utils.network.f5.common import flatten_boolean from library.module_utils.network.f5.common import transform_name except ImportError: from ansible.module_utils.network.f5.bigip import F5RestClient from ansible.module_utils.network.f5.common import F5ModuleError from ansible.module_utils.network.f5.common import AnsibleF5Parameters - from ansible.module_utils.network.f5.common import cleanup_tokens from ansible.module_utils.network.f5.common import fq_name from ansible.module_utils.network.f5.common import f5_argument_spec - from ansible.module_utils.network.f5.common import exit_json - from ansible.module_utils.network.f5.common import fail_json from ansible.module_utils.network.f5.common import flatten_boolean from ansible.module_utils.network.f5.common import transform_name @@ -404,7 +412,7 @@ class Difference(object): class ModuleManager(object): def __init__(self, *args, **kwargs): self.module = kwargs.get('module', None) - self.client = kwargs.get('client', None) + self.client = F5RestClient(**self.module.params) self.want = ModuleParameters(params=self.module.params) self.have = ApiParameters() self.changes = UsableChanges() @@ -645,16 +653,12 @@ def main(): required_together=spec.required_together, ) - client = F5RestClient(**module.params) - try: - mm = ModuleManager(module=module, client=client) + mm = ModuleManager(module=module) results = mm.exec_module() - cleanup_tokens(client) - exit_json(module, results, client) + module.exit_json(**results) except F5ModuleError as ex: - cleanup_tokens(client) - fail_json(module, ex, client) + module.fail_json(msg=str(ex)) if __name__ == '__main__': diff --git a/lib/ansible/modules/network/f5/bigip_profile_tcp.py b/lib/ansible/modules/network/f5/bigip_profile_tcp.py index 1ecd9dd59b..919ef91427 100644 --- a/lib/ansible/modules/network/f5/bigip_profile_tcp.py +++ b/lib/ansible/modules/network/f5/bigip_profile_tcp.py @@ -26,12 +26,14 @@ options: name: description: - Specifies the name of the profile. + type: str required: True parent: description: - Specifies the profile from which this profile inherits settings. - When creating a new profile, if this parameter is not specified, the default is the system-supplied C(tcp) profile. + type: str idle_timeout: description: - Specifies the length of time that a connection is idle (has no traffic) before @@ -43,6 +45,7 @@ options: connection can remain idle before the system deletes it. - When C(0), or C(indefinite), specifies that the system does not delete TCP connections regardless of how long they remain idle. + type: str time_wait_recycle: description: - Specifies that connections in a TIME-WAIT state are reused, if a SYN packet, @@ -55,15 +58,17 @@ options: partition: description: - Device partition to manage resources on. + type: str default: Common state: description: - When C(present), ensures that the profile exists. - When C(absent), ensures the profile is removed. - default: present + type: str choices: - present - absent + default: present extends_documentation_fragment: f5 author: - Tim Rupp (@caphrim007) @@ -110,24 +115,18 @@ try: from library.module_utils.network.f5.bigip import F5RestClient from library.module_utils.network.f5.common import F5ModuleError from library.module_utils.network.f5.common import AnsibleF5Parameters - from library.module_utils.network.f5.common import cleanup_tokens from library.module_utils.network.f5.common import fq_name from library.module_utils.network.f5.common import f5_argument_spec from library.module_utils.network.f5.common import flatten_boolean from library.module_utils.network.f5.common import transform_name - from library.module_utils.network.f5.common import exit_json - from library.module_utils.network.f5.common import fail_json except ImportError: from ansible.module_utils.network.f5.bigip import F5RestClient from ansible.module_utils.network.f5.common import F5ModuleError from ansible.module_utils.network.f5.common import AnsibleF5Parameters - from ansible.module_utils.network.f5.common import cleanup_tokens from ansible.module_utils.network.f5.common import fq_name from ansible.module_utils.network.f5.common import f5_argument_spec from ansible.module_utils.network.f5.common import flatten_boolean from ansible.module_utils.network.f5.common import transform_name - from ansible.module_utils.network.f5.common import exit_json - from ansible.module_utils.network.f5.common import fail_json class Parameters(AnsibleF5Parameters): @@ -254,7 +253,7 @@ class Difference(object): class ModuleManager(object): def __init__(self, *args, **kwargs): self.module = kwargs.get('module', None) - self.client = kwargs.get('client', None) + self.client = F5RestClient(**self.module.params) self.want = ModuleParameters(params=self.module.params) self.have = ApiParameters() self.changes = UsableChanges() @@ -469,16 +468,12 @@ def main(): supports_check_mode=spec.supports_check_mode, ) - client = F5RestClient(**module.params) - try: - mm = ModuleManager(module=module, client=client) + mm = ModuleManager(module=module) results = mm.exec_module() - cleanup_tokens(client) - exit_json(module, results, client) + module.exit_json(**results) except F5ModuleError as ex: - cleanup_tokens(client) - fail_json(module, ex, client) + module.fail_json(msg=str(ex)) if __name__ == '__main__': diff --git a/lib/ansible/modules/network/f5/bigip_profile_udp.py b/lib/ansible/modules/network/f5/bigip_profile_udp.py index b524788552..e64a110a3c 100644 --- a/lib/ansible/modules/network/f5/bigip_profile_udp.py +++ b/lib/ansible/modules/network/f5/bigip_profile_udp.py @@ -26,12 +26,14 @@ options: name: description: - Specifies the name of the profile. + type: str required: True parent: description: - Specifies the profile from which this profile inherits settings. - When creating a new profile, if this parameter is not specified, the default is the system-supplied C(udp) profile. + type: str idle_timeout: description: - Specifies the length of time that a connection is idle (has no traffic) before @@ -45,6 +47,7 @@ options: indefinitely. - When C(immediate), specifies that you do not want the UDP connection to remain idle, and that it is therefore immediately eligible for deletion. + type: str datagram_load_balancing: description: - Specifies, when C(yes), that the system load balances UDP traffic @@ -53,15 +56,17 @@ options: partition: description: - Device partition to manage resources on. + type: str default: Common state: description: - When C(present), ensures that the profile exists. - When C(absent), ensures the profile is removed. - default: present + type: str choices: - present - absent + default: present extends_documentation_fragment: f5 author: - Tim Rupp (@caphrim007) @@ -107,22 +112,16 @@ try: from library.module_utils.network.f5.bigip import F5RestClient from library.module_utils.network.f5.common import F5ModuleError from library.module_utils.network.f5.common import AnsibleF5Parameters - from library.module_utils.network.f5.common import cleanup_tokens from library.module_utils.network.f5.common import fq_name from library.module_utils.network.f5.common import f5_argument_spec from library.module_utils.network.f5.common import transform_name - from library.module_utils.network.f5.common import exit_json - from library.module_utils.network.f5.common import fail_json except ImportError: from ansible.module_utils.network.f5.bigip import F5RestClient from ansible.module_utils.network.f5.common import F5ModuleError from ansible.module_utils.network.f5.common import AnsibleF5Parameters - from ansible.module_utils.network.f5.common import cleanup_tokens from ansible.module_utils.network.f5.common import fq_name from ansible.module_utils.network.f5.common import f5_argument_spec from ansible.module_utils.network.f5.common import transform_name - from ansible.module_utils.network.f5.common import exit_json - from ansible.module_utils.network.f5.common import fail_json class Parameters(AnsibleF5Parameters): @@ -235,7 +234,7 @@ class Difference(object): class ModuleManager(object): def __init__(self, *args, **kwargs): self.module = kwargs.get('module', None) - self.client = kwargs.get('client', None) + self.client = F5RestClient(**self.module.params) self.want = ModuleParameters(params=self.module.params) self.have = ApiParameters() self.changes = UsableChanges() @@ -448,16 +447,12 @@ def main(): supports_check_mode=spec.supports_check_mode, ) - client = F5RestClient(**module.params) - try: - mm = ModuleManager(module=module, client=client) + mm = ModuleManager(module=module) results = mm.exec_module() - cleanup_tokens(client) - exit_json(module, results, client) + module.exit_json(**results) except F5ModuleError as ex: - cleanup_tokens(client) - fail_json(module, ex, client) + module.fail_json(msg=str(ex)) if __name__ == '__main__': diff --git a/lib/ansible/modules/network/f5/bigip_provision.py b/lib/ansible/modules/network/f5/bigip_provision.py index dc9c910009..6832b6261b 100644 --- a/lib/ansible/modules/network/f5/bigip_provision.py +++ b/lib/ansible/modules/network/f5/bigip_provision.py @@ -24,7 +24,8 @@ options: module: description: - The module to provision in BIG-IP. - required: true + type: str + required: True choices: - am - afm @@ -52,11 +53,12 @@ options: the module is not activated. - This parameter is not relevant to C(cgnat) and will not be applied to the C(cgnat) module. - default: nominal + type: str choices: - dedicated - nominal - minimum + default: nominal state: description: - The state of the provisioned module on the system. When C(present), @@ -64,10 +66,11 @@ options: level provided that there are sufficient resources on the device (such as physical RAM) to support the provisioned module. When C(absent), de-provision the module. - default: present + type: str choices: - present - absent + default: present extends_documentation_fragment: f5 author: - Tim Rupp (@caphrim007) @@ -111,19 +114,13 @@ try: from library.module_utils.network.f5.bigip import F5RestClient from library.module_utils.network.f5.common import F5ModuleError from library.module_utils.network.f5.common import AnsibleF5Parameters - from library.module_utils.network.f5.common import cleanup_tokens from library.module_utils.network.f5.common import f5_argument_spec - from library.module_utils.network.f5.common import exit_json - from library.module_utils.network.f5.common import fail_json from library.module_utils.network.f5.icontrol import TransactionContextManager except ImportError: from ansible.module_utils.network.f5.bigip import F5RestClient from ansible.module_utils.network.f5.common import F5ModuleError from ansible.module_utils.network.f5.common import AnsibleF5Parameters - from ansible.module_utils.network.f5.common import cleanup_tokens from ansible.module_utils.network.f5.common import f5_argument_spec - from ansible.module_utils.network.f5.common import exit_json - from ansible.module_utils.network.f5.common import fail_json from ansible.module_utils.network.f5.icontrol import TransactionContextManager @@ -205,7 +202,7 @@ class Difference(object): class ModuleManager(object): def __init__(self, *args, **kwargs): self.module = kwargs.get('module', None) - self.client = kwargs.get('client', None) + self.client = F5RestClient(**self.module.params) self.have = None self.want = ModuleParameters(params=self.module.params) self.changes = UsableChanges() @@ -883,14 +880,12 @@ def main(): mutually_exclusive=spec.mutually_exclusive ) - client = F5RestClient(**module.params) - try: - mm = ModuleManager(module=module, client=client) + mm = ModuleManager(module=module) results = mm.exec_module() - exit_json(module, results, client) + module.exit_json(**results) except F5ModuleError as ex: - fail_json(module, ex, client) + module.fail_json(msg=str(ex)) if __name__ == '__main__': diff --git a/test/units/modules/network/f5/test_bigip_node.py b/test/units/modules/network/f5/test_bigip_node.py index ef47e736ea..90cb425376 100644 --- a/test/units/modules/network/f5/test_bigip_node.py +++ b/test/units/modules/network/f5/test_bigip_node.py @@ -98,14 +98,17 @@ class TestManager(unittest.TestCase): ], partition='Common', state='present', - password='password', - server='localhost', - user='admin' + provider=dict( + server='localhost', + password='password', + user='admin' + ) )) module = AnsibleModule( argument_spec=self.spec.argument_spec, - supports_check_mode=self.spec.supports_check_mode + supports_check_mode=self.spec.supports_check_mode, + mutually_exclusive=self.spec.mutually_exclusive ) mm = ModuleManager(module=module) @@ -126,16 +129,19 @@ class TestManager(unittest.TestCase): ], partition='Common', state='present', - password='password', - server='localhost', - user='admin' + provider=dict( + server='localhost', + password='password', + user='admin' + ) )) current = ApiParameters(params=load_fixture('load_ltm_node_3.json')) module = AnsibleModule( argument_spec=self.spec.argument_spec, - supports_check_mode=self.spec.supports_check_mode + supports_check_mode=self.spec.supports_check_mode, + mutually_exclusive=self.spec.mutually_exclusive ) mm = ModuleManager(module=module) @@ -156,14 +162,17 @@ class TestManager(unittest.TestCase): ], partition='Common', state='present', - password='password', - server='localhost', - user='admin' + provider=dict( + server='localhost', + password='password', + user='admin' + ) )) module = AnsibleModule( argument_spec=self.spec.argument_spec, - supports_check_mode=self.spec.supports_check_mode + supports_check_mode=self.spec.supports_check_mode, + mutually_exclusive=self.spec.mutually_exclusive ) mm = ModuleManager(module=module) @@ -185,15 +194,18 @@ class TestManager(unittest.TestCase): ], partition='Common', state='present', - password='password', - server='localhost', - user='admin' + provider=dict( + server='localhost', + password='password', + user='admin' + ) )) current = ApiParameters(params=load_fixture('load_ltm_node_2.json')) module = AnsibleModule( argument_spec=self.spec.argument_spec, - supports_check_mode=self.spec.supports_check_mode + supports_check_mode=self.spec.supports_check_mode, + mutually_exclusive=self.spec.mutually_exclusive ) mm = ModuleManager(module=module) @@ -217,15 +229,18 @@ class TestManager(unittest.TestCase): ], partition='Common', state='present', - password='password', - server='localhost', - user='admin' + provider=dict( + server='localhost', + password='password', + user='admin' + ) )) current = ApiParameters(params=load_fixture('load_ltm_node_2.json')) module = AnsibleModule( argument_spec=self.spec.argument_spec, - supports_check_mode=self.spec.supports_check_mode + supports_check_mode=self.spec.supports_check_mode, + mutually_exclusive=self.spec.mutually_exclusive ) mm = ModuleManager(module=module) diff --git a/test/units/modules/network/f5/test_bigip_partition.py b/test/units/modules/network/f5/test_bigip_partition.py index 68e21c7f50..8446f7728b 100644 --- a/test/units/modules/network/f5/test_bigip_partition.py +++ b/test/units/modules/network/f5/test_bigip_partition.py @@ -109,9 +109,11 @@ class TestManagerEcho(unittest.TestCase): set_module_args(dict( name='foo', description='my description', - server='localhost', - password='password', - user='admin' + provider=dict( + server='localhost', + password='password', + user='admin' + ) )) module = AnsibleModule( @@ -133,9 +135,11 @@ class TestManagerEcho(unittest.TestCase): set_module_args(dict( name='foo', description='my description', - server='localhost', - password='password', - user='admin' + provider=dict( + server='localhost', + password='password', + user='admin' + ) )) current = ApiParameters(params=load_fixture('load_tm_auth_partition.json')) @@ -158,9 +162,11 @@ class TestManagerEcho(unittest.TestCase): set_module_args(dict( name='foo', description='another description', - server='localhost', - password='password', - user='admin' + provider=dict( + server='localhost', + password='password', + user='admin' + ) )) current = ApiParameters(params=load_fixture('load_tm_auth_partition.json')) @@ -185,9 +191,11 @@ class TestManagerEcho(unittest.TestCase): set_module_args(dict( name='foo', route_domain=1, - server='localhost', - password='password', - user='admin' + provider=dict( + server='localhost', + password='password', + user='admin' + ) )) current = ApiParameters(params=load_fixture('load_tm_auth_partition.json')) diff --git a/test/units/modules/network/f5/test_bigip_password_policy.py b/test/units/modules/network/f5/test_bigip_password_policy.py index bfa5bfaf69..bf7ff8b935 100644 --- a/test/units/modules/network/f5/test_bigip_password_policy.py +++ b/test/units/modules/network/f5/test_bigip_password_policy.py @@ -128,9 +128,11 @@ class TestManager(unittest.TestCase): required_numeric=0, required_special=0, required_uppercase=0, - server='localhost', - password='password', - user='admin' + provider=dict( + server='localhost', + password='password', + user='admin' + ) )) current = ApiParameters(params=load_fixture('load_tm_auth_password_policy_1.json')) diff --git a/test/units/modules/network/f5/test_bigip_policy.py b/test/units/modules/network/f5/test_bigip_policy.py index 0807980a04..39650e1990 100644 --- a/test/units/modules/network/f5/test_bigip_policy.py +++ b/test/units/modules/network/f5/test_bigip_policy.py @@ -71,9 +71,6 @@ class TestParameters(unittest.TestCase): args = dict( name='foo', description='asdf asdf asdf', - password='password', - server='localhost', - user='admin' ) p = Parameters(params=args) assert p.name == 'foo' @@ -84,10 +81,7 @@ class TestParameters(unittest.TestCase): args = dict( name='foo', description='asdf asdf asdf', - password='password', - server='localhost', strategy='foo', - user='admin', partition='Common' ) p = Parameters(params=args) @@ -99,10 +93,7 @@ class TestParameters(unittest.TestCase): args = dict( name='foo', description='asdf asdf asdf', - password='password', - server='localhost', strategy='/Common/foo', - user='admin', partition='Common' ) p = Parameters(params=args) @@ -114,10 +105,7 @@ class TestParameters(unittest.TestCase): args = dict( name='foo', description='asdf asdf asdf', - password='password', - server='localhost', strategy='/Foo/bar', - user='admin', partition='Common' ) p = Parameters(params=args) @@ -147,9 +135,11 @@ class TestSimpleTrafficPolicyManager(unittest.TestCase): name="Policy-Foo", state='present', strategy='best', - password='password', - server='localhost', - user='admin' + provider=dict( + server='localhost', + password='password', + user='admin' + ) )) module = AnsibleModule( diff --git a/test/units/modules/network/f5/test_bigip_policy_rule.py b/test/units/modules/network/f5/test_bigip_policy_rule.py index 11a4e302f7..13869392df 100644 --- a/test/units/modules/network/f5/test_bigip_policy_rule.py +++ b/test/units/modules/network/f5/test_bigip_policy_rule.py @@ -134,9 +134,11 @@ class TestManager(unittest.TestCase): path_begins_with_any=['/ABC'] ) ], - password='password', - server='localhost', - user='admin' + provider=dict( + server='localhost', + password='password', + user='admin' + ) )) module = AnsibleModule( @@ -173,9 +175,11 @@ class TestManager(unittest.TestCase): path_begins_with_any=['/ABC'] ) ], - password='password', - server='localhost', - user='admin' + provider=dict( + server='localhost', + password='password', + user='admin' + ) )) current = ApiParameters(params=load_fixture('load_ltm_policy_draft_rule_http-uri_forward.json')) diff --git a/test/units/modules/network/f5/test_bigip_profile_analytics.py b/test/units/modules/network/f5/test_bigip_profile_analytics.py index 9d191a96df..ad158f8fb2 100644 --- a/test/units/modules/network/f5/test_bigip_profile_analytics.py +++ b/test/units/modules/network/f5/test_bigip_profile_analytics.py @@ -101,9 +101,11 @@ class TestManager(unittest.TestCase): description='foo', collect_geo=True, collect_ip=True, - password='password', - server='localhost', - user='admin' + provider=dict( + server='localhost', + password='password', + user='admin' + ) )) module = AnsibleModule( diff --git a/test/units/modules/network/f5/test_bigip_profile_client_ssl.py b/test/units/modules/network/f5/test_bigip_profile_client_ssl.py index fdbe8ceadd..d633237faf 100644 --- a/test/units/modules/network/f5/test_bigip_profile_client_ssl.py +++ b/test/units/modules/network/f5/test_bigip_profile_client_ssl.py @@ -109,9 +109,11 @@ class TestManager(unittest.TestCase): chain='bigip_ssl_cert1' ) ], - password='password', - server='localhost', - user='admin' + provider=dict( + server='localhost', + password='password', + user='admin' + ) )) module = AnsibleModule( diff --git a/test/units/modules/network/f5/test_bigip_profile_dns.py b/test/units/modules/network/f5/test_bigip_profile_dns.py index e954729b35..b87a8e8b1f 100644 --- a/test/units/modules/network/f5/test_bigip_profile_dns.py +++ b/test/units/modules/network/f5/test_bigip_profile_dns.py @@ -120,9 +120,11 @@ class TestManager(unittest.TestCase): process_recursion_desired=True, use_local_bind=True, enable_dns_firewall=True, - password='password', - server='localhost', - user='admin' + provider=dict( + server='localhost', + password='password', + user='admin' + ) )) module = AnsibleModule( diff --git a/test/units/modules/network/f5/test_bigip_profile_fastl4.py b/test/units/modules/network/f5/test_bigip_profile_fastl4.py index f7b88b179e..32b184713d 100644 --- a/test/units/modules/network/f5/test_bigip_profile_fastl4.py +++ b/test/units/modules/network/f5/test_bigip_profile_fastl4.py @@ -158,9 +158,11 @@ class TestManager(unittest.TestCase): set_module_args(dict( name='foo', parent='bar', - password='password', - server='localhost', - user='admin' + provider=dict( + server='localhost', + password='password', + user='admin' + ) )) module = AnsibleModule( diff --git a/test/units/modules/network/f5/test_bigip_profile_http.py b/test/units/modules/network/f5/test_bigip_profile_http.py index b37b04520f..1a625dbd86 100644 --- a/test/units/modules/network/f5/test_bigip_profile_http.py +++ b/test/units/modules/network/f5/test_bigip_profile_http.py @@ -106,9 +106,11 @@ class TestManager(unittest.TestCase): name='foo', insert_xforwarded_for='yes', parent='bar', - password='password', - server='localhost', - user='admin' + provider=dict( + server='localhost', + password='password', + user='admin' + ) )) module = AnsibleModule( diff --git a/test/units/modules/network/f5/test_bigip_profile_http2.py b/test/units/modules/network/f5/test_bigip_profile_http2.py index 8eeceffb87..9ecf87ea00 100644 --- a/test/units/modules/network/f5/test_bigip_profile_http2.py +++ b/test/units/modules/network/f5/test_bigip_profile_http2.py @@ -109,9 +109,11 @@ class TestManager(unittest.TestCase): name='foo', enforce_tls_requirements='yes', parent='bar', - password='password', - server='localhost', - user='admin' + provider=dict( + server='localhost', + password='password', + user='admin' + ) )) module = AnsibleModule( diff --git a/test/units/modules/network/f5/test_bigip_profile_http_compression.py b/test/units/modules/network/f5/test_bigip_profile_http_compression.py index 7d4cca8b24..8f2a3dc12e 100644 --- a/test/units/modules/network/f5/test_bigip_profile_http_compression.py +++ b/test/units/modules/network/f5/test_bigip_profile_http_compression.py @@ -109,9 +109,11 @@ class TestManager(unittest.TestCase): gzip_memory_level=64, gzip_level=2, gzip_window_size=128, - password='password', - server='localhost', - user='admin' + provider=dict( + server='localhost', + password='password', + user='admin' + ) )) module = AnsibleModule( diff --git a/test/units/modules/network/f5/test_bigip_profile_oneconnect.py b/test/units/modules/network/f5/test_bigip_profile_oneconnect.py index 718b668924..0294c51cc1 100644 --- a/test/units/modules/network/f5/test_bigip_profile_oneconnect.py +++ b/test/units/modules/network/f5/test_bigip_profile_oneconnect.py @@ -103,9 +103,11 @@ class TestManager(unittest.TestCase): name='foo', parent='bar', maximum_reuse=1000, - password='password', - server='localhost', - user='admin' + provider=dict( + server='localhost', + password='password', + user='admin' + ) )) module = AnsibleModule( diff --git a/test/units/modules/network/f5/test_bigip_profile_persistence_cookie.py b/test/units/modules/network/f5/test_bigip_profile_persistence_cookie.py index 19a088c53f..26dc06c819 100644 --- a/test/units/modules/network/f5/test_bigip_profile_persistence_cookie.py +++ b/test/units/modules/network/f5/test_bigip_profile_persistence_cookie.py @@ -103,9 +103,11 @@ class TestManager(unittest.TestCase): name='foo', match_across_virtuals='yes', parent='bar', - password='password', - server='localhost', - user='admin' + provider=dict( + server='localhost', + password='password', + user='admin' + ) )) module = AnsibleModule( diff --git a/test/units/modules/network/f5/test_bigip_profile_persistence_src_addr.py b/test/units/modules/network/f5/test_bigip_profile_persistence_src_addr.py index cd549f270a..cd383af2b5 100644 --- a/test/units/modules/network/f5/test_bigip_profile_persistence_src_addr.py +++ b/test/units/modules/network/f5/test_bigip_profile_persistence_src_addr.py @@ -107,9 +107,11 @@ class TestManager(unittest.TestCase): name='foo', match_across_virtuals='yes', parent='bar', - password='password', - server='localhost', - user='admin' + provider=dict( + server='localhost', + password='password', + user='admin' + ) )) module = AnsibleModule( diff --git a/test/units/modules/network/f5/test_bigip_profile_server_ssl.py b/test/units/modules/network/f5/test_bigip_profile_server_ssl.py index a84a7c8b57..029072f80c 100644 --- a/test/units/modules/network/f5/test_bigip_profile_server_ssl.py +++ b/test/units/modules/network/f5/test_bigip_profile_server_ssl.py @@ -94,14 +94,17 @@ class TestManager(unittest.TestCase): set_module_args(dict( name='foo', server_name='foo.bar.com', - password='password', - server='localhost', - user='admin' + provider=dict( + server='localhost', + password='password', + user='admin' + ) )) module = AnsibleModule( argument_spec=self.spec.argument_spec, - supports_check_mode=self.spec.supports_check_mode + supports_check_mode=self.spec.supports_check_mode, + required_together=self.spec.required_together ) mm = ModuleManager(module=module) diff --git a/test/units/modules/network/f5/test_bigip_profile_tcp.py b/test/units/modules/network/f5/test_bigip_profile_tcp.py index c1d2988360..ec94227220 100644 --- a/test/units/modules/network/f5/test_bigip_profile_tcp.py +++ b/test/units/modules/network/f5/test_bigip_profile_tcp.py @@ -95,9 +95,11 @@ class TestManager(unittest.TestCase): name='foo', parent='bar', idle_timeout=500, - password='password', - server='localhost', - user='admin' + provider=dict( + server='localhost', + password='password', + user='admin' + ) )) module = AnsibleModule( diff --git a/test/units/modules/network/f5/test_bigip_profile_udp.py b/test/units/modules/network/f5/test_bigip_profile_udp.py index 5b1468f3a6..d98b519659 100644 --- a/test/units/modules/network/f5/test_bigip_profile_udp.py +++ b/test/units/modules/network/f5/test_bigip_profile_udp.py @@ -98,9 +98,11 @@ class TestManager(unittest.TestCase): parent='bar', idle_timeout=500, datagram_load_balancing=True, - password='password', - server='localhost', - user='admin' + provider=dict( + server='localhost', + password='password', + user='admin' + ) )) module = AnsibleModule( diff --git a/test/units/modules/network/f5/test_bigip_provision.py b/test/units/modules/network/f5/test_bigip_provision.py index ccbbd73dda..bbbc013959 100644 --- a/test/units/modules/network/f5/test_bigip_provision.py +++ b/test/units/modules/network/f5/test_bigip_provision.py @@ -66,9 +66,6 @@ class TestParameters(unittest.TestCase): def test_module_parameters(self): args = dict( module='gtm', - password='password', - server='localhost', - user='admin' ) p = Parameters(params=args) assert p.module == 'gtm' @@ -88,9 +85,11 @@ class TestManager(unittest.TestCase): # Configure the arguments that would be sent to the Ansible module set_module_args(dict( module='gtm', - password='password', - server='localhost', - user='admin' + provider=dict( + server='localhost', + password='password', + user='admin' + ) )) # Configure the parameters that would be returned by querying the @@ -103,7 +102,8 @@ class TestManager(unittest.TestCase): ) module = AnsibleModule( argument_spec=self.spec.argument_spec, - supports_check_mode=self.spec.supports_check_mode + supports_check_mode=self.spec.supports_check_mode, + mutually_exclusive=self.spec.mutually_exclusive ) mm = ModuleManager(module=module) @@ -133,14 +133,17 @@ class TestManager(unittest.TestCase): # Configure the arguments that would be sent to the Ansible module set_module_args(dict( module=module, - password='password', - server='localhost', - user='admin' + provider=dict( + server='localhost', + password='password', + user='admin' + ) )) with patch('ansible.module_utils.basic.AnsibleModule.fail_json') as mo: AnsibleModule( argument_spec=self.spec.argument_spec, supports_check_mode=self.spec.supports_check_mode, + mutually_exclusive=self.spec.mutually_exclusive ) mo.assert_not_called()