From de85b5775e19136b1703b0f32d1fc23bf09a8c34 Mon Sep 17 00:00:00 2001 From: acichon Date: Thu, 8 Aug 2024 16:36:27 +0200 Subject: [PATCH 1/5] scorecard, readme, reqs --- .github/workflows/ansible-doc-validation.yml | 6 ++++-- .github/workflows/galaxy-importer.yml | 6 ++++-- .github/workflows/linters.yml | 10 ++++++---- .github/workflows/release-from-tag.yml | 6 ++++-- .github/workflows/scorecard.yml | 2 +- README.md | 2 +- docs/CONTRIBUTING.md | 10 +++++++++- pyproject.toml | 2 +- requirements.txt | 2 +- 9 files changed, 31 insertions(+), 15 deletions(-) diff --git a/.github/workflows/ansible-doc-validation.yml b/.github/workflows/ansible-doc-validation.yml index f7ab2f0..abaafc1 100644 --- a/.github/workflows/ansible-doc-validation.yml +++ b/.github/workflows/ansible-doc-validation.yml @@ -11,15 +11,17 @@ env: COLLECTION_NAMESPACE: cisco COLLECTION_NAME: catalystwan +permissions: read-all + jobs: documentation-check: runs-on: ubuntu-latest steps: - name: Check out the repository - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1 with: python-version: '3.10' diff --git a/.github/workflows/galaxy-importer.yml b/.github/workflows/galaxy-importer.yml index 29a959c..47ba7b4 100644 --- a/.github/workflows/galaxy-importer.yml +++ b/.github/workflows/galaxy-importer.yml @@ -12,6 +12,8 @@ on: branches: - main +permissions: read-all + jobs: galaxy-importer: runs-on: @@ -19,10 +21,10 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1 with: python-version: '3.10' diff --git a/.github/workflows/linters.yml b/.github/workflows/linters.yml index 2ad7ba3..aab86a8 100644 --- a/.github/workflows/linters.yml +++ b/.github/workflows/linters.yml @@ -7,6 +7,8 @@ on: branches: - master +permissions: read-all + jobs: analyze-code: runs-on: ubuntu-latest @@ -19,10 +21,10 @@ jobs: steps: - name: Check out the repository - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1 with: python-version: '3.10' @@ -37,10 +39,10 @@ jobs: run: pycln --all . - name: Run check-yaml, end-of-file-fixer, trailing-whitespace - uses: pre-commit/action@v3.0.0 + uses: pre-commit/action@2c7b3805fd2a0fd8c1884dcaebf91fc102a13ecd # v3.0.1 - name: Run ansible-lint - uses: ansible/ansible-lint@main # or version tag instead of 'main' + uses: ansible/ansible-lint@95382d398ea1744bf6bfa47b030f14c38b3f6957 # v24.7.0 - name: Install detect-secrets run: pip install detect-secrets==1.4.0 diff --git a/.github/workflows/release-from-tag.yml b/.github/workflows/release-from-tag.yml index 65ab392..7155864 100644 --- a/.github/workflows/release-from-tag.yml +++ b/.github/workflows/release-from-tag.yml @@ -5,6 +5,8 @@ on: tags: - 'v*.*.*' +permissions: read-all + jobs: publish-release: runs-on: @@ -12,10 +14,10 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1 with: python-version: '3.10' diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 532cc5c..c0ae37c 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -23,7 +23,7 @@ jobs: permissions: id-token: write security-events: write - secrets: inherit + secrets: inherit # pragma: allowlist secret with: # Publish results of Scorecard analysis publish-results: true diff --git a/README.md b/README.md index 401d9fd..ad7d49f 100644 --- a/README.md +++ b/README.md @@ -5,7 +5,7 @@ Reusable Ansible modules and roles that will help to automate Cisco SD-WAN management (post bringup operations, day0, day1). -All modules are based on [catalystwan](https://github.com/CiscoDevNet/catalystwan). +All modules are based on [catalystwan](https://github.com/cisco-open/cisco-catalyst-wan-sdk). Collection available on Ansible Galaxy: [cisco.catalystwan](https://galaxy.ansible.com/ui/repo/published/cisco/catalystwan/) diff --git a/docs/CONTRIBUTING.md b/docs/CONTRIBUTING.md index 53edbbc..76e718f 100644 --- a/docs/CONTRIBUTING.md +++ b/docs/CONTRIBUTING.md @@ -54,8 +54,16 @@ testing your code. ### Dependencies in requirements.txt -Dependencies defined for development are later used to generate `requirements.txt` file with command: +All dependencies are updated via `poetry` tool. Dependencies defined for development are later used to generate `requirements.txt` file with command: ```bash poetry export --without-hashes --format=requirements.txt > requirements.txt ``` + +--- + +## Release process + +According to [release workflow inside .github workflows](../.github/workflows/release-from-tag.yml) collection publication to Ansible Galaxy will happen when admin of the repository will push new tag. +This tag must much version used in [galaxy.yml](../galaxy.yml) file. +Release will happen only if desired version was not published on Ansible Galaxy yet. diff --git a/pyproject.toml b/pyproject.toml index d452061..63235f4 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -9,7 +9,7 @@ readme = "README.md" python = "^3.10" ansible-core = "^2.16.6" ansible = "^9.4.0" -catalystwan = "v0.33.8dev7" +catalystwan = "v0.34.0dev2" flake8 = "^5.0.4" black = "^23.12.1" pre-commit = "3.7" diff --git a/requirements.txt b/requirements.txt index d3d7c7c..7eb4a36 100644 --- a/requirements.txt +++ b/requirements.txt @@ -7,7 +7,7 @@ args==0.1.0 ; python_version >= "3.10" and python_version < "4.0" attrs==21.4.0 ; python_version >= "3.10" and python_version < "4.0" black==23.12.1 ; python_version >= "3.10" and python_version < "4.0" bracex==2.4 ; python_version >= "3.10" and python_version < "4.0" and platform_system != "Windows" -catalystwan==0.33.6.post0 ; python_version >= "3.10" and python_version < "4.0" +catalystwan==0.34.0.dev1 ; python_version >= "3.10" and python_version < "4.0" certifi==2024.2.2 ; python_version >= "3.10" and python_version < "4.0" cffi==1.16.0 ; python_version >= "3.10" and python_version < "4.0" and platform_python_implementation != "PyPy" cfgv==3.4.0 ; python_version >= "3.10" and python_version < "4.0" From 962ae1605de507575e2c19b198b664edf0a67c94 Mon Sep 17 00:00:00 2001 From: acichon Date: Thu, 8 Aug 2024 16:41:16 +0200 Subject: [PATCH 2/5] newest catalystwan --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 7eb4a36..04a0fd0 100644 --- a/requirements.txt +++ b/requirements.txt @@ -7,7 +7,7 @@ args==0.1.0 ; python_version >= "3.10" and python_version < "4.0" attrs==21.4.0 ; python_version >= "3.10" and python_version < "4.0" black==23.12.1 ; python_version >= "3.10" and python_version < "4.0" bracex==2.4 ; python_version >= "3.10" and python_version < "4.0" and platform_system != "Windows" -catalystwan==0.34.0.dev1 ; python_version >= "3.10" and python_version < "4.0" +catalystwan==0.34.0.dev2 ; python_version >= "3.10" and python_version < "4.0" certifi==2024.2.2 ; python_version >= "3.10" and python_version < "4.0" cffi==1.16.0 ; python_version >= "3.10" and python_version < "4.0" and platform_python_implementation != "PyPy" cfgv==3.4.0 ; python_version >= "3.10" and python_version < "4.0" From ef9ca6d3b9c6c5b1ca810ec09ba4351f58a995fd Mon Sep 17 00:00:00 2001 From: acichon Date: Thu, 8 Aug 2024 16:46:06 +0200 Subject: [PATCH 3/5] updated packages for dependabot --- pyproject.toml | 4 +++- requirements.txt | 6 +++--- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index 63235f4..dfeeda9 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -11,9 +11,11 @@ ansible-core = "^2.16.6" ansible = "^9.4.0" catalystwan = "v0.34.0dev2" flake8 = "^5.0.4" -black = "^23.12.1" +black = "^24.3.0" pre-commit = "3.7" pydantic = "2.7" +requests = "2.32.2" +urllib3 = "2.2.2" ansible-lint = { version = "6.22.2", markers = "platform_system != 'Windows'" } [tool.poetry.group.dev.dependencies] diff --git a/requirements.txt b/requirements.txt index 04a0fd0..050805b 100644 --- a/requirements.txt +++ b/requirements.txt @@ -5,7 +5,7 @@ ansible-lint==6.22.2 ; python_version >= "3.10" and python_version < "4.0" and p ansible==9.4.0 ; python_version >= "3.10" and python_version < "4.0" args==0.1.0 ; python_version >= "3.10" and python_version < "4.0" attrs==21.4.0 ; python_version >= "3.10" and python_version < "4.0" -black==23.12.1 ; python_version >= "3.10" and python_version < "4.0" +black==24.8.0 ; python_version >= "3.10" and python_version < "4.0" bracex==2.4 ; python_version >= "3.10" and python_version < "4.0" and platform_system != "Windows" catalystwan==0.34.0.dev2 ; python_version >= "3.10" and python_version < "4.0" certifi==2024.2.2 ; python_version >= "3.10" and python_version < "4.0" @@ -50,7 +50,7 @@ pyrsistent==0.20.0 ; python_version >= "3.10" and python_version < "4.0" and pla python-dateutil==2.9.0.post0 ; python_version >= "3.10" and python_version < "4.0" pyyaml==6.0.1 ; python_version >= "3.10" and python_version < "4.0" requests-toolbelt==1.0.0 ; python_version >= "3.10" and python_version < "4.0" -requests==2.31.0 ; python_version >= "3.10" and python_version < "4.0" +requests==2.32.2 ; python_version >= "3.10" and python_version < "4.0" resolvelib==1.0.1 ; python_version >= "3.10" and python_version < "4.0" rich==13.7.1 ; python_version >= "3.10" and python_version < "4.0" and platform_system != "Windows" ruamel-yaml-clib==0.2.8 ; platform_python_implementation == "CPython" and python_version < "3.13" and python_version >= "3.10" and platform_system != "Windows" @@ -62,7 +62,7 @@ tenacity==8.2.3 ; python_version >= "3.10" and python_version < "4.0" toml==0.10.2 ; python_version >= "3.10" and python_version < "4.0" tomli==2.0.1 ; python_version >= "3.10" and python_version < "3.11" typing-extensions==4.11.0 ; python_version >= "3.10" and python_version < "4.0" -urllib3==2.2.1 ; python_version >= "3.10" and python_version < "4.0" +urllib3==2.2.2 ; python_version >= "3.10" and python_version < "4.0" virtualenv==20.25.3 ; python_version >= "3.10" and python_version < "4.0" wcmatch==8.5.1 ; python_version >= "3.10" and python_version < "4.0" and platform_system != "Windows" win32-setctime==1.1.0 ; python_version >= "3.10" and python_version < "4.0" and sys_platform == "win32" From 931d6901c02ddc07e260f52e5ca7a17de9024821 Mon Sep 17 00:00:00 2001 From: acichon Date: Thu, 8 Aug 2024 17:06:07 +0200 Subject: [PATCH 4/5] include dir for tests --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index 7abcbf0..4bfb996 100644 --- a/.gitignore +++ b/.gitignore @@ -21,3 +21,4 @@ playbooks/tests/payload* playbooks/tests/response* playbooks/tests/backup playbooks/tests/templates +playbooks/tests/templates_export From 535a6e5a7bea409fdd35ed29a644cee71f0e733b Mon Sep 17 00:00:00 2001 From: acichon Date: Thu, 8 Aug 2024 17:30:27 +0200 Subject: [PATCH 5/5] fix filters docs --- playbooks/tests/test_module_device_templates_recovery.yml | 7 ++++--- plugins/modules/device_templates_info.py | 4 ++-- plugins/modules/device_templates_recovery.py | 4 ++-- plugins/modules/feature_templates_info.py | 2 +- 4 files changed, 9 insertions(+), 8 deletions(-) diff --git a/playbooks/tests/test_module_device_templates_recovery.yml b/playbooks/tests/test_module_device_templates_recovery.yml index 573a3a9..b5263c4 100644 --- a/playbooks/tests/test_module_device_templates_recovery.yml +++ b/playbooks/tests/test_module_device_templates_recovery.yml @@ -21,15 +21,16 @@ - name: 1. Perform backup of all non factory default Device Templates cisco.catalystwan.device_templates_recovery: mode: backup - backup_dir_path: "/Users/acichon/Work/cisco-open/ansible-collection-catalystwan/templates_export" + backup_dir_path: "./templates_export" manager_credentials: <<: *manager_authentication - - name: 2. Get all Device Templates that are not attached to any device + - name: 2. Get all Device Templates that are not attached to any device and are Feature based cisco.catalystwan.device_templates_info: filters: devices_attached: 0 factory_default: false + config_type: template manager_credentials: <<: *manager_authentication register: device_templates @@ -68,6 +69,6 @@ - name: 6. Restore Templates from backup directory cisco.catalystwan.device_templates_recovery: mode: restore - backup_dir_path: "/Users/acichon/Work/cisco-open/ansible-collection-catalystwan/templates_export" + backup_dir_path: "./templates_export" manager_credentials: <<: *manager_authentication diff --git a/plugins/modules/device_templates_info.py b/plugins/modules/device_templates_info.py index 0811d2c..e13366f 100644 --- a/plugins/modules/device_templates_info.py +++ b/plugins/modules/device_templates_info.py @@ -20,9 +20,9 @@ type: dict required: false suboptions: - template_type: + config_type: description: - - The type of template, eg. "system-vsmart + - The type of template, file == cli, template == feature required: false default: null type: str diff --git a/plugins/modules/device_templates_recovery.py b/plugins/modules/device_templates_recovery.py index dbc2aed..be5b78e 100644 --- a/plugins/modules/device_templates_recovery.py +++ b/plugins/modules/device_templates_recovery.py @@ -36,9 +36,9 @@ type: dict required: false suboptions: - template_type: + config_type: description: - - The type of template, eg. "system-vsmart + - The type of template, file == cli, template == feature required: false default: null type: str diff --git a/plugins/modules/feature_templates_info.py b/plugins/modules/feature_templates_info.py index 23aa483..f56fd96 100644 --- a/plugins/modules/feature_templates_info.py +++ b/plugins/modules/feature_templates_info.py @@ -21,7 +21,7 @@ suboptions: template_type: description: - - The type of template, eg. "system-vsmart + - The type of template, file == cli, template == feature required: false default: null type: str