Resolving comments

ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/dot1x.md

@@ -61,7 +61,6 @@ interface Management1
 
 | Authentication Attribute | Value |
 | ------------------------ | ----- |
-| Captive-portal | Enabled |
 | URL | http://portal-nacm08/captiveredirect/ |
 | SSL profile | Profile1 |
 | Access-list IPv4 | ACL |
@@ -80,3 +79,4 @@ interface Management1
 | ------- | ---------- | -------- | ----------- |
 | Profile1 | tls | user_id1 | PF1 |
 | Profile2 | - | user_id2 | - |
+| Profile3 | - | - | PF2 |

ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/dot1x.cfg

@@ -16,7 +16,6 @@ dot1x system-auth-control
 dot1x protocol lldp bypass
 dot1x dynamic-authorization
 dot1x
-   !
    supplicant profile Profile1
       identity user_id1
       eap-method tls
@@ -26,6 +25,9 @@ dot1x
    supplicant profile Profile2
       identity user_id2
       passphrase 7 1048080A01
+   !
+   supplicant profile Profile3
+      ssl profile PF2
    aaa unresponsive phone action apply cached-results timeout 10 hours else traffic allow
    aaa unresponsive action traffic allow vlan 10
    aaa unresponsive eap response success
@@ -36,7 +38,6 @@ dot1x
    radius av-pair service-type
    radius av-pair framed-mtu 1500
    supplicant disconnect cached-results timeout 79 seconds
-   captive-portal
    captive-portal url http://portal-nacm08/captiveredirect/ ssl profile Profile1
    captive-portal access-list ipv4 ACL
    captive-portal start limit infinite

ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/dot1x.yml

@@ -41,5 +41,7 @@ dot1x:
       - name: Profile2
         identity: user_id2
         passphrase: 1048080A01
+      - name: Profile3
+        ssl_profile: PF2
     logging: true
     disconnect_cached_results_timeout: 79

ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/dot1x.md

@@ -39,9 +39,9 @@
     | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;recovery_action_reauthenticate</samp>](## "dot1x.aaa.unresponsive.recovery_action_reauthenticate") | Boolean |  |  |  |  |
     | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;accounting_update_interval</samp>](## "dot1x.aaa.accounting_update_interval") | Integer |  |  | Min: 5<br>Max: 65535 | Interval period in seconds. |
     | [<samp>&nbsp;&nbsp;captive_portal</samp>](## "dot1x.captive_portal") | Dictionary |  |  |  | Web authentication feature authenticates a supplicant through a web page, referred to as a captive portal. |
-    | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;enabled</samp>](## "dot1x.captive_portal.enabled") | Boolean |  |  |  |  |
+    | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;enabled</samp>](## "dot1x.captive_portal.enabled") | Boolean |  |  |  | The `enabled` key is mutually exclusive with `url` and `ssl_profile`. |
     | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;url</samp>](## "dot1x.captive_portal.url") | String |  |  |  | Supported URL type:<br>  - http: http://<hostname>[:<port>]<br>  - https: https://<hostname>[:<port>] |
-    | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;ssl_profile</samp>](## "dot1x.captive_portal.ssl_profile") | String |  |  |  | SSL profile name. |
+    | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;ssl_profile</samp>](## "dot1x.captive_portal.ssl_profile") | String |  |  |  |  |
     | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;start_limit_infinite</samp>](## "dot1x.captive_portal.start_limit_infinite") | Boolean |  |  |  | Set captive-portal start limit to infinte. |
     | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;access_list_ipv4</samp>](## "dot1x.captive_portal.access_list_ipv4") | String |  |  |  | Standard access-list name. |
     | [<samp>&nbsp;&nbsp;supplicant</samp>](## "dot1x.supplicant") | Dictionary |  |  |  |  |
@@ -51,7 +51,7 @@
     | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;identity</samp>](## "dot1x.supplicant.profiles.[].identity") | String |  |  |  | User identity. |
     | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;passphrase_type</samp>](## "dot1x.supplicant.profiles.[].passphrase_type") | String |  | `7` | Valid Values:<br>- <code>0</code><br>- <code>7</code><br>- <code>8a</code> |  |
     | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;passphrase</samp>](## "dot1x.supplicant.profiles.[].passphrase") | String |  |  |  | Extensible Authentication Protocol password. |
-    | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;ssl_profile</samp>](## "dot1x.supplicant.profiles.[].ssl_profile") | String |  |  |  | SSL profile name. |
+    | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;ssl_profile</samp>](## "dot1x.supplicant.profiles.[].ssl_profile") | String |  |  |  |  |
     | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;logging</samp>](## "dot1x.supplicant.logging") | Boolean |  |  |  | Enable supplicant logging. |
     | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;disconnect_cached_results_timeout</samp>](## "dot1x.supplicant.disconnect_cached_results_timeout") | Integer |  |  | Min: 60<br>Max: 65535 | Timeout in seconds for removing a disconnected supplicant. |
 
@@ -130,14 +130,14 @@
 
       # Web authentication feature authenticates a supplicant through a web page, referred to as a captive portal.
       captive_portal:
+
+        # The `enabled` key is mutually exclusive with `url` and `ssl_profile`.
         enabled: <bool>
 
         # Supported URL type:
         #   - http: http://<hostname>[:<port>]
         #   - https: https://<hostname>[:<port>]
         url: <str>
-
-        # SSL profile name.
         ssl_profile: <str>
 
         # Set captive-portal start limit to infinte.
@@ -162,8 +162,6 @@
 
             # Extensible Authentication Protocol password.
             passphrase: <str>
-
-            # SSL profile name.
             ssl_profile: <str>
 
         # Enable supplicant logging.

ansible_collections/arista/avd/roles/eos_cli_config_gen/schemas/schema_fragments/dot1x.schema.yml

@@ -153,6 +153,7 @@ keys:
         keys:
           enabled:
             type: bool
+            description: The `enabled` key is mutually exclusive with `url` and `ssl_profile`.
           url:
             type: str
             description: |-
@@ -161,7 +162,6 @@ keys:
                 - https: https://<hostname>[:<port>]
           ssl_profile:
             type: str
-            description: SSL profile name.
           start_limit_infinite:
             type: bool
             description: Set captive-portal start limit to infinte.
@@ -206,7 +206,6 @@ keys:
                   description: Extensible Authentication Protocol password.
                 ssl_profile:
                   type: str
-                  description: SSL profile name.
           logging:
             type: bool
             description: Enable supplicant logging.

ansible_collections/arista/avd/roles/eos_cli_config_gen/templates/documentation/dot1x.j2

@@ -51,14 +51,15 @@
 
 | Authentication Attribute | Value |
 | ------------------------ | ----- |
-{%             if dot1x.captive_portal.enabled is arista.avd.defined(true) %}
-| Captive-portal | Enabled |
-{%             endif %}
-{%             if dot1x.captive_portal.url is arista.avd.defined %}
+{%             if dot1x.captive_portal.url is arista.avd.defined or dot1x.captive_portal.ssl_profile is arista.avd.defined %}
+{%                 if dot1x.captive_portal.url is arista.avd.defined %}
 | URL | {{ dot1x.captive_portal.url }} |
-{%             endif %}
-{%             if dot1x.captive_portal.ssl_profile is arista.avd.defined %}
+{%                 endif %}
+{%                 if dot1x.captive_portal.ssl_profile is arista.avd.defined %}
 | SSL profile | {{ dot1x.captive_portal.ssl_profile }} |
+{%                 endif %}
+{%             elif dot1x.captive_portal.enabled is arista.avd.defined %}
+| Captive-portal enabled | {{ dot1x.captive_portal.enabled }} |
 {%             endif %}
 {%             if dot1x.captive_portal.access_list_ipv4 is arista.avd.defined %}
 | Access-list IPv4 | {{ dot1x.captive_portal.access_list_ipv4 }} |
@@ -73,8 +74,8 @@
 
 | Attribute | Value |
 | --------- | ----- |
-{%             if dot1x.supplicant.logging is arista.avd.defined(true) %}
-| Logging | True |
+{%             if dot1x.supplicant.logging is arista.avd.defined %}
+| Logging | {{ dot1x.supplicant.logging }} |
 {%             endif %}
 {%             if dot1x.supplicant.disconnect_cached_results_timeout is arista.avd.defined %}
 | Disconnect cached-results timeout | {{ dot1x.supplicant.disconnect_cached_results_timeout }} seconds |

ansible_collections/arista/avd/roles/eos_cli_config_gen/templates/eos/dot1x.j2

@@ -23,7 +23,6 @@ dot1x dynamic-authorization
          or dot1x.supplicant is arista.avd.defined %}
 dot1x
 {%         for profile in dot1x.supplicant.profiles | arista.avd.natural_sort("name") %}
-   !
    supplicant profile {{ profile.name }}
 {%             if profile.identity is arista.avd.defined %}
       identity {{ profile.identity }}
@@ -37,6 +36,9 @@ dot1x
 {%             if profile.ssl_profile is arista.avd.defined %}
       ssl profile {{ profile.ssl_profile }}
 {%             endif %}
+{%             if not loop.last %}
+   !
+{%             endif %}
 {%         endfor %}
 {%         if dot1x.aaa.unresponsive is arista.avd.defined %}
 {%             set aaa_config = "aaa unresponsive" %}
@@ -100,9 +102,6 @@ dot1x
 {%         if dot1x.supplicant.disconnect_cached_results_timeout is arista.avd.defined %}
    supplicant disconnect cached-results timeout {{ dot1x.supplicant.disconnect_cached_results_timeout }} seconds
 {%         endif %}
-{%         if dot1x.captive_portal.enabled is arista.avd.defined(true) %}
-   captive-portal
-{%         endif %}
 {%         if dot1x.captive_portal.url is arista.avd.defined or dot1x.captive_portal.ssl_profile is arista.avd.defined %}
 {%             set captive_portal_cli = "captive-portal" %}
 {%             if dot1x.captive_portal.url is arista.avd.defined %}
@@ -112,6 +111,8 @@ dot1x
 {%                 set captive_portal_cli = captive_portal_cli ~ " ssl profile " ~ dot1x.captive_portal.ssl_profile %}
 {%             endif %}
    {{ captive_portal_cli }}
+{%         elif dot1x.captive_portal.enabled is arista.avd.defined(true) %}
+   captive-portal
 {%         endif %}
 {%         if dot1x.captive_portal.access_list_ipv4 is arista.avd.defined %}
    captive-portal access-list ipv4 {{ dot1x.captive_portal.access_list_ipv4 }}