Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add replaced and overridden states support for TACACS server resource module #235

Merged
merged 4 commits into from
May 12, 2023
Merged

Add replaced and overridden states support for TACACS server resource module #235

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
6acab5e
Add replaced and overridden states support for TACACS server resource…
mingjunzhang2019 Apr 14, 2023
e93ac97
Add more change
mingjunzhang2019 Apr 18, 2023
2162b67
Address review comments
mingjunzhang2019 May 9, 2023
689c677
Address review comment
mingjunzhang2019 May 12, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions plugins/module_utils/network/sonic/argspec/tacacs_server/tacacs_server.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -69,12 +69,12 @@ def __init__(self, **kwargs):
'type': 'dict'
},
'source_interface': {'type': 'str'},
'timeout': {'type': 'int'}
'timeout': {'type': 'int', 'default': 5}
},
'type': 'dict'
},
'state': {
'choices': ['merged', 'deleted'],
'choices': ['merged', 'replaced', 'overridden', 'deleted'],
'default': 'merged'
}
} # pylint: disable=C0301
62 changes: 62 additions & 0 deletions plugins/module_utils/network/sonic/config/tacacs_server/tacacs_server.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@
from ansible_collections.dellemc.enterprise_sonic.plugins.module_utils.network.sonic.utils.utils import (
update_states,
get_diff,
get_replaced_config,
get_normalize_interface_name,
)

Expand Down Expand Up @@ -180,6 +181,67 @@ def _state_deleted(self, want, have, diff):

return commands, requests

def _state_replaced(self, want, have, diff):
""" The command generator when state is replaced

:param want: the desired configuration as a dictionary
:param have: the current configuration as a dictionary
:param diff: the difference between want and have
:rtype: A list
:returns: the commands necessary to migrate the current configuration
to the desired configuration
"""
commands = []
requests = []
replaced_config = get_replaced_config(want, have, TEST_KEYS)

add_commands = []
if replaced_config:
del_requests = self.get_delete_tacacs_server_requests(replaced_config, have)
requests.extend(del_requests)
commands.extend(update_states(replaced_config, "deleted"))
add_commands = want
else:
add_commands = diff

if add_commands:
add_requests = self.get_modify_tacacs_server_requests(add_commands, have)
if len(add_requests) > 0:
requests.extend(add_requests)
commands.extend(update_states(add_commands, "replaced"))

return commands, requests

def _state_overridden(self, want, have, diff):
""" The command generator when state is overridden

:param want: the desired configuration as a dictionary
:param have: the current configuration as a dictionary
:param diff: the difference between want and have
:rtype: A list
:returns: the commands necessary to migrate the current configuration
to the desired configuration
"""
commands = []
requests = []

r_diff = get_diff(have, want, TEST_KEYS)
if have and (diff or r_diff):
del_requests = self.get_delete_tacacs_server_requests(have, have)
requests.extend(del_requests)
commands.extend(update_states(have, "deleted"))
have = []

if not have and want:
want_commands = want
want_requests = self.get_modify_tacacs_server_requests(want_commands, have)

if len(want_requests) > 0:
requests.extend(want_requests)
commands.extend(update_states(want_commands, "overridden"))

return commands, requests

def get_tacacs_global_payload(self, conf):
payload = {}
global_cfg = {}
Expand Down
111 changes: 108 additions & 3 deletions plugins/modules/sonic_tacacs_server.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -64,6 +64,7 @@
description:
- Specifies the timeout of the tacacs server.
type: int
default: 5
source_interface:
description:
- Specifies the source interface of the tacacs server.
Expand Down Expand Up @@ -122,8 +123,10 @@
- Specifies the operation to be performed on the tacacs server configured on the device.
- In case of merged, the input mode configuration will be merged with the existing tacacs server configuration on the device.
- In case of deleted the existing tacacs server mode configuration will be removed from the device.
- In case of replaced, the existing tacacs server configuration will be replaced with provided configuration.
- In case of overridden, the existing tacacs server configuration will be overridden with the provided configuration.
default: merged
stalabi1 marked this conversation as resolved.
Show resolved Hide resolved
choices: ['merged', 'deleted']
choices: ['merged', 'replaced', 'overridden', 'deleted']
type: str
"""
EXAMPLES = """
Expand Down Expand Up @@ -249,8 +252,110 @@
#HOST AUTH-TYPE KEY PORT PRIORITY TIMEOUT VRF
#------------------------------------------------------------------------------------------------
#1.2.3.4 pap 1234 49 1 5 default


#
# Using replaced
#
# Before state:
# -------------
#
#sonic(config)# do show tacacs-server
#---------------------------------------------------------
#TACACS Global Configuration
#---------------------------------------------------------
#source-interface : Ethernet12
#timeout : 10
#auth-type : pap
#key configured : Yes
#--------------------------------------------------------------------------------------
#HOST AUTH-TYPE KEY-CONFIG PORT PRIORITY TIMEOUT VRF
#--------------------------------------------------------------------------------------
#1.2.3.4 pap No 49 1 5 default
#
- name: Replace tacacs configurations
sonic_tacacs_server:
config:
auth_type: pap
key: pap
source_interface: Ethernet12
timeout: 10
servers:
- host:
name: 1.2.3.4
auth_type: mschap
key: 1234
state: replaced
#
# After state:
# ------------
#
#sonic(config)# do show tacacs-server
#---------------------------------------------------------
#TACACS Global Configuration
#---------------------------------------------------------
#source-interface : Ethernet12
#timeout : 10
#auth-type : pap
#key configured : Yes
#--------------------------------------------------------------------------------------
#HOST AUTH-TYPE KEY-CONFIG PORT PRIORITY TIMEOUT VRF
#--------------------------------------------------------------------------------------
#1.2.3.4 mschap Yes 49 1 5 default
#
# Using overridden
#
# Before state:
# -------------
#
#sonic(config)# do show tacacs-server
#---------------------------------------------------------
#TACACS Global Configuration
#---------------------------------------------------------
#source-interface : Ethernet12
#timeout : 10
#auth-type : pap
#key configured : Yes
#--------------------------------------------------------------------------------------
#HOST AUTH-TYPE KEY-CONFIG PORT PRIORITY TIMEOUT VRF
#--------------------------------------------------------------------------------------
#1.2.3.4 pap No 49 1 5 default
#11.12.13.14 chap Yes 49 10 5 default
#
- name: Override tacacs configurations
sonic_tacacs_server:
config:
auth_type: mschap
key: mschap
source_interface: Ethernet12
timeout: 20
servers:
- host:
name: 1.2.3.4
auth_type: mschap
key: mschap
- host:
name: 10.10.11.12
auth_type: chap
timeout: 30
priority: 2
state: overridden
#
# After state:
# ------------
#
#sonic(config)# do show tacacs-server
#---------------------------------------------------------
#TACACS Global Configuration
#---------------------------------------------------------
#source-interface : Ethernet12
#timeout : 20
#auth-type : mschap
#key configured : Yes
#--------------------------------------------------------------------------------------
#HOST AUTH-TYPE KEY-CONFIG PORT PRIORITY TIMEOUT VRF
#--------------------------------------------------------------------------------------
#1.2.3.4 mschap Yes 49 1 5 default
#10.10.11.12 chap No 49 2 30 default
#
"""
RETURN = """
before:
Expand Down
66 changes: 63 additions & 3 deletions tests/regression/roles/sonic_tacacs_server/defaults/main.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -64,7 +64,7 @@ tests:
servers:
host:
- name: test_case_05
description: merge parameter of tacacs servers
description: Merge parameter of tacacs servers
state: merged
input:
servers:
Expand All @@ -85,7 +85,67 @@ tests:
timeout: 14
priority: 4

test_delete_all:
- name: test_case_06
description: delete all the configurations of tacacs server
description: Replace some parameter of tacacs servers
state: replaced
input:
auth_type: mschap
source_interface: "{{ interface3 }}"
timeout: 36
servers:
host:
- name: my_host
auth_type: chap
port: 55
timeout: 12
priority: 3

- name: test_case_07
description: Replace hosts of tacacs servers
state: replaced
input:
auth_type: mschap
source_interface: "{{ interface3 }}"
timeout: 36
servers:
host:
- name: my_host
auth_type: chap
port: 55
timeout: 12
priority: 3
- name: 20.21.22.23
auth_type: login
port: 50
timeout: 38
priority: 4
- name: 18.21.22.23
auth_type: chap
port: 20
timeout: 19
priority: 8

- name: test_case_08
description: Override parameter of tacacs servers
state: overridden
input:
auth_type: chap
source_interface: "{{ interface2 }}"
timeout: 20
servers:
host:
- name: 10.11.11.11
auth_type: pap
port: 55
timeout: 12
priority: 3
- name: your_host
auth_type: login
port: 50
timeout: 30
priority: 6

test_delete_all:
- name: test_case_09
description: Delete all the configurations of tacacs server
state: deleted