cisco firepower : Make API endpoints configurable via hostvars (#44952)

* httpapi host vars * Make configurable end-points for firepower * pep8 fix
2025-07-22 21:00:22 -07:00 · 2018-08-31 18:38:16 +05:30 · 2018-08-31 18:38:16 +05:30 · 50c7702e46
commit 50c7702e46
parent 276ad32a45
3 changed files with 56 additions and 13 deletions
--- a/lib/ansible/constants.py
+++ b/lib/ansible/constants.py
@ -104,7 +104,7 @@ DEFAULT_REMOTE_PASS = None
 DEFAULT_SUBSET = None
 DEFAULT_SU_PASS = None
 # FIXME: expand to other plugins, but never doc fragments
-CONFIGURABLE_PLUGINS = ('cache', 'callback', 'connection', 'inventory', 'lookup', 'shell', 'cliconf')
+CONFIGURABLE_PLUGINS = ('cache', 'callback', 'connection', 'inventory', 'lookup', 'shell', 'cliconf', 'httpapi')
 # NOTE: always update the docs/docsite/Makefile to match
 DOCUMENTABLE_PLUGINS = CONFIGURABLE_PLUGINS + ('module', 'strategy', 'vars')
 IGNORE_FILES = ("COPYING", "CONTRIBUTING", "LICENSE", "README", "VERSION", "GUIDELINES")  # ignore during module search
--- a/lib/ansible/plugins/httpapi/ftd.py
+++ b/lib/ansible/plugins/httpapi/ftd.py
@ -20,6 +20,33 @@ from __future__ import (absolute_import, division, print_function)

 __metaclass__ = type

+DOCUMENTATION = """
+---
+author: Ansible Networking Team
+httpapi : ftd
+short_description: HttpApi Plugin for Cisco ASA Firepower device
+description:
+  - This HttpApi plugin provides methods to connect to Cisco ASA firepower
+    devices over a HTTP(S)-based api.
+version_added: "2.7"
+options:
+  token_path:
+    type: str
+    description:
+      - Specifies the api token path of the FTD device
+    default: '/api/fdm/v2/fdm/token'
+    vars:
+      - name: ansible_httpapi_ftd_token_path
+
+  spec_path:
+    type: str
+    description:
+      - Specifies the api spec path of the FTD device
+    default: '/apispec/ngfw.json'
+    vars:
+      - name: ansible_httpapi_ftd_spec_path
+"""
+
 import json
 import os
 import re
@ -39,9 +66,6 @@ BASE_HEADERS = {
    'Content-Type': 'application/json',
    'Accept': 'application/json'
 }
-API_TOKEN_PATH_ENV_VAR = 'FTD_API_TOKEN_PATH'
-DEFAULT_API_TOKEN_PATH = '/api/fdm/v2/fdm/token'
-API_SPEC_PATH = '/apispec/ngfw.json'

 TOKEN_EXPIRATION_STATUS_CODE = 408
 UNAUTHORIZED_STATUS_CODE = 401
@ -49,6 +73,7 @@ UNAUTHORIZED_STATUS_CODE = 401

 class HttpApi(HttpApiBase):
    def __init__(self, connection):
+        super(HttpApi, self).__init__(connection)
        self.connection = connection
        self.access_token = None
        self.refresh_token = None
@ -168,9 +193,11 @@ class HttpApi(HttpApiBase):
        headers['Authorization'] = 'Bearer %s' % self.access_token
        return headers

-    @staticmethod
-    def _get_api_token_path():
-        return os.environ.get(API_TOKEN_PATH_ENV_VAR, DEFAULT_API_TOKEN_PATH)
+    def _get_api_spec_path(self):
+        return self.get_option('spec_path')
+
+    def _get_api_token_path(self):
+        return self.get_option('token_path')

    @staticmethod
    def _response_to_json(response_data):
@ -199,7 +226,8 @@ class HttpApi(HttpApiBase):
    @property
    def api_spec(self):
        if self._api_spec is None:
-            response = self.send_request(url_path=API_SPEC_PATH, http_method=HTTPMethod.GET)
+            spec_path_url = self._get_api_spec_path()
+            response = self.send_request(url_path=spec_path_url, http_method=HTTPMethod.GET)
            if response[ResponseParams.SUCCESS]:
                self._api_spec = FdmSwaggerParser().parse_spec(response[ResponseParams.RESPONSE])
            else: