def sync_domain_bindings(client, module):
log('sync_domain_bindings')
actual_domain_bindings = get_actual_domain_bindings(client, module)
configured_domain_proxys = get_configured_domain_bindings_proxys(client, module)
# Delete actual bindings not in configured bindings
for domainname, actual_domain_binding in actual_domain_bindings.items():
if domainname not in configured_domain_proxys.keys():
log('Deleting absent binding for domain %s' % domainname)
gslbvserver_domain_binding.delete(client, actual_domain_binding)
# Delete actual bindings that differ from configured
for proxy_key, binding_proxy in configured_domain_proxys.items():
if proxy_key in actual_domain_bindings:
actual_binding = actual_domain_bindings[proxy_key]
if not binding_proxy.has_equal_attributes(actual_binding):
log('Deleting differing binding for domain %s' % binding_proxy.domainname)
gslbvserver_domain_binding.delete(client, actual_binding)
log('Adding anew binding for domain %s' % binding_proxy.domainname)
binding_proxy.add()
# Add configured domains that are missing from actual
for proxy_key, binding_proxy in configured_domain_proxys.items():
if proxy_key not in actual_domain_bindings.keys():
log('Adding domain binding for domain %s' % binding_proxy.domainname)
binding_proxy.add()
def delete(self):
log('ModuleExecutor.delete()')
if self.signatures_exists():
self.module_result['changed'] = True
if not self.module.check_mode:
self.delete_signatures()
def delete(self):
log('ModuleExecutor.delete()')
if self.binding_exists():
self.module_result['changed'] = True
if not self.module.check_mode:
self.delete_binding()
def binding_delete(self):
log('ModuleExecutor.binding_delete()')
args = {}
for key in self.module.params['workflow']['delete_id_attributes']:
if key in self.configured_object:
# Bool args values need to be lower case otherwise NITRO errors
if isinstance(self.configured_object[key], bool):
if self.configured_object[key]:
args_value = 'true'
else:
args_value = 'false'
else:
args_value = self.configured_object[key]
args[key] = args_value
result = self.fetcher.delete(resource=self.endpoint,
id=self.id,
args=args)
log('delete result %s' % result)
if result['nitro_errorcode'] != 0:
raise NitroException(
errorcode=result['nitro_errorcode'],
message=result.get('nitro_message'),
severity=result.get('nitro_severity'),
)
def delete(self):
log('ModuleExecutor.delete()')
if self.nspartition_exists():
self.module_result['changed'] = True
if not self.module.check_mode:
self.delete_nspartition()
def systemfile_identical(self):
log('ModuleExecutor.systemfile_identical()')
diff_list = []
# Only the filecontents is considered for equality
# systemfile_exists has already tested filelocation and filename for equality to be true
bytes_received = codecs.encode(self.retrieved_systemfile['filecontent'])
retrieved_filecontent = codecs.decode(base64.b64decode(bytes_received))
configured_filecontent = self.configured_systemfile['filecontent']
if retrieved_filecontent != configured_filecontent:
str_tuple = (
'filecontent',
type(configured_filecontent),
configured_filecontent,
type(retrieved_filecontent),
retrieved_filecontent,
)
diff_list.append('Attribute "%s" differs. Playbook parameter: (%s) %s. Retrieved NITRO object: (%s) %s' % str_tuple)
log('Attribute "%s" differs. Playbook parameter: (%s) %s. Retrieved NITRO object: (%s) %s' % str_tuple)
self.module_result['diff_list'] = diff_list
if diff_list != []:
return False
else:
return True
def lbmonitor_get(client, module):
log('Getting lb monitor')
try:
lbmonitor_inst = lbmonitor.get(client, module.params['monitorname'])
return True, lbmonitor_inst
except nitro_exception:
return False, None
def ssl_certkey_identical(self):
log('ModuleExecutor.ssl_certkey_identical()')
result = self.fetcher.get('sslcertkey', self.configured_ssl_certkey['certkey'])
self.retrieved_ssl_certkey = result['data']['sslcertkey'][0]
# Keep track of what keys are different for update and change operations
self.differing_keys = []
diff_list = []
for attribute in self._get_configured_for_identical_comparison():
retrieved_value = self.retrieved_ssl_certkey.get(attribute)
configured_value = self.configured_ssl_certkey.get(attribute)
if retrieved_value != configured_value:
str_tuple = (
attribute,
type(configured_value),
configured_value,
type(retrieved_value),
retrieved_value,
)
self.differing_keys.append(attribute)
diff_list.append('Attribute "%s" differs. Playbook parameter: (%s) %s. Retrieved NITRO object: (%s) %s' % str_tuple)
log('Attribute "%s" differs. Playbook parameter: (%s) %s. Retrieved NITRO object: (%s) %s' % str_tuple)
self.module_result['diff_list'] = diff_list
if diff_list != []:
return False
else:
return True
def delete_monitor_binding(self, configured_dict):
log('ModuleExecutor.delete_monitor_binding()')
monitor_binding = copy.deepcopy(configured_dict)
args = {}
for attribute in self.attribute_config['monitor_bindings']['delete_id_attributes']:
value = monitor_binding.get(attribute)
if value is not None:
args[attribute] = value
result = self.fetcher.delete(
resource='service_lbmonitor_binding',
id=self.configured_service['name'],
args=args
)
log('delete result %s' % result)
if result['nitro_errorcode'] != 0:
raise NitroException(
errorcode=result['nitro_errorcode'],
message=result.get('nitro_message'),
severity=result.get('nitro_severity'),
)
def delete(self):
log('ModuleExecutor.delete()')
if self.ssl_certkey_exists():
self.module_result['changed'] = True
if not self.module.check_mode:
self.delete_ssl_certkey()
def delete_ssl_certkey(self):
log('ModuleExecutor.delete_ssl_certkey()')
args = {}
# Add delete flag if defined
if 'deletefromdevice' in self.configured_ssl_certkey:
if self.configured_ssl_certkey['deletefromdevice']:
args['deletefromdevice'] = 'true'
else:
args['deletefromdevice'] = 'false'
result = self.fetcher.delete(
resource='sslcertkey',
id=self.configured_ssl_certkey['certkey'],
args=args,
)
log('delete result %s' % result)
if result['nitro_errorcode'] != 0:
raise NitroException(
errorcode=result['nitro_errorcode'],
message=result.get('nitro_message'),
severity=result.get('nitro_severity'),
)
def policy_exists(client, module):
log('Checking if policy exists')
try:
cspolicy.get(client, module.params['policyname'])
return True
except Exception:
return False
def get_nitro_api_info(module):
log('In get_nitro_api_info')
fetcher = NitroAPIFetcher(module=module)
endpoint = module.params.get('endpoint')
args = module.params.get('args', None)
attrs = module.params.get('attrs', None)
filter = module.params.get('filter', None)
nitro_info_key = module.params.get('nitro_info_key', None)
if nitro_info_key is None:
nitro_info_key = endpoint
module_result = dict(
changed=False,
failed=False,
loglines=loglines,
)
get_result = fetcher.get(resource=endpoint,
args=args,
attrs=attrs,
filter=filter)
log("get_result: %s" % get_result)
data = get_result.get('data')
# data key is always expected from a NITRO request
if data is None:
module_result['failed'] = True
module.fail_json(msg='There is no data key in get result',
**module_result)
nitro_empty_errorcodes = module.params.get('nitro_empty_errorcodes')
if nitro_empty_errorcodes is None:
nitro_empty_errorcodes = []
# Resource does not exist and appropriate errorcode returned
errorcode = data.get('errorcode', 0)
if errorcode in nitro_empty_errorcodes:
module.exit_json(nitro_info=[], **module_result)
acceptable_errorcodes = [0]
acceptable_errorcodes.extend(nitro_empty_errorcodes)
# Errorcode that signifies actual error
if errorcode not in acceptable_errorcodes:
msg = 'NITRO error %s. message: %s' % (errorcode, data.get('message'))
module.fail_json(msg=msg, **module_result)
nitro_info = data.get(nitro_info_key)
# Fail if the data do not contain expected key
if nitro_info is None:
module_result['failed'] = True
module.fail_json(msg='There is no nitro_info_key "%s"' %
nitro_info_key,
**module_result)
module.exit_json(nitro_info=nitro_info, **module_result)
def parameter_object_exists(self):
log('ModuleExecutor.parameter_object_exists()')
result = self.fetcher.get(self.endpoint)
log('get result %s' % result)
if result['nitro_errorcode'] == 0:
if self.endpoint not in result['data']:
msg = 'Parameter object does not exist'
self.fail_json(msg=msg, **self.module_result)
else:
self.retrieved_object = result['data'][self.endpoint]
if not isinstance(self.retrieved_object, dict):
msg = 'Expected dict. Got instead %s' % type(
self.retrieved_object)
self.fail_json(msg=msg, **self.module_result)
# Fallthrough
return True
else:
raise NitroException(
errorcode=result['nitro_errorcode'],
message=result.get('nitro_message'),
severity=result.get('nitro_severity'),
)
# Parameter object always exists
# We just adjust some values through the update method
return True
def non_updateable_object_identical(self):
log('ModuleExecutor.non_updateable_object_identical()')
ret_val = True
if self.retrieved_object is None:
raise Exception('Should have a retrieved object by now.')
for attribute in self.module.params['resource'].keys():
configured_value = self.module.params['resource'][attribute]
retrieved_value = self.retrieved_object.get(attribute)
if configured_value != retrieved_value:
ret_val = False
str_tuple = (
attribute,
type(configured_value),
configured_value,
type(retrieved_value),
retrieved_value,
)
self.differing_attributes.append(attribute)
log('Attribute "%s" differs. Playbook parameter: (%s) %s. Retrieved NITRO object: (%s) %s'
% str_tuple)
entry = 'Attribute "%s" differs. Playbook parameter: "%s". Retrieved NITRO object: "%s"' % (
attribute, configured_value, retrieved_value)
self.prepared_list.append(entry)
return ret_val
def _do_update_action(self, post_data):
log('ModuleExecutor._do_update_action()')
post_data = {'appfwsignatures': post_data}
result = self.fetcher.post(
resource='appfwsignatures',
post_data=post_data,
action='update',
)
if result['http_response_data']['status'] == 200:
if result.get('nitro_errorcode') is not None:
if result['nitro_errorcode'] != 0:
raise NitroException(
errorcode=result['nitro_errorcode'],
message=result.get('nitro_message'),
severity=result.get('nitro_severity'),
)
elif 400 <= result['http_response_data']['status'] <= 599:
raise NitroException(
errorcode=result.get('nitro_errorcode'),
message=result.get('nitro_message'),
severity=result.get('nitro_severity'),
)
else:
raise Exception(
'Did not get nitro errorcode and http status was not 200 or 4xx (%s)'
% result['http_response_data']['status'])
def delete(self):
log('ModuleExecutor.delete()')
if self.dnsnsrec_exists():
self.module_result['changed'] = True
if not self.module.check_mode:
self.delete_dnsnsrec()
def nspartition_identical(self):
log('ModuleExecutor.nspartition_identical()')
diff_list = []
non_updateable_list = []
for attribute in self.configured_nspartition.keys():
retrieved_value = self.retrieved_nspartition.get(attribute)
configured_value = self.configured_nspartition.get(attribute)
if retrieved_value != configured_value:
str_tuple = (
attribute,
type(configured_value),
configured_value,
type(retrieved_value),
retrieved_value,
)
diff_list.append('Attribute "%s" differs. Playbook parameter: (%s) %s. Retrieved NITRO object: (%s) %s' % str_tuple)
log('Attribute "%s" differs. Playbook parameter: (%s) %s. Retrieved NITRO object: (%s) %s' % str_tuple)
entry = 'Attribute "%s" differs. Playbook parameter: "%s". Retrieved NITRO object: "%s"' % (attribute, configured_value, retrieved_value)
# Also append changed values to the non updateable list
if attribute in self.attribute_config['nspartition']['non_updateable_attributes']:
non_updateable_list.append(attribute)
self.module_result['diff_list'] = diff_list
if non_updateable_list != []:
msg = 'Cannot change value for the following non updateable attributes %s' % non_updateable_list
self.module.fail_json(msg=msg, **self.module_result)
if diff_list != []:
return False
else:
return True
def main():
argument_spec = copy.deepcopy(netscaler_common_arguments)
# Delete common arguments irrelevant to this module
del argument_spec['state']
del argument_spec['save_config']
del argument_spec['bearer_token']
del argument_spec['is_cloud']
del argument_spec['instance_id']
del argument_spec['instance_name']
del argument_spec['api_path']
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=False,
)
module_result = dict(
changed=False,
failed=False,
loglines=loglines,
)
# Fail the module if imports failed
if not PYTHON_SDK_IMPORTED:
module.fail_json(msg='Could not load nitro python sdk')
# Fallthrough to rest of execution
client = get_nitro_client(module)
if not module.params['mas_proxy_call']:
try:
client.login()
except nitro_exception as e:
msg = "nitro exception during login. errorcode=%s, message=%s" % (
str(e.errorcode), e.message)
module.fail_json(msg=msg)
except Exception as e:
if str(type(e)) == "<class 'requests.exceptions.ConnectionError'>":
module.fail_json(msg='Connection error %s' % str(e))
elif str(type(e)) == "<class 'requests.exceptions.SSLError'>":
module.fail_json(msg='SSL Error %s' % str(e))
else:
module.fail_json(msg='Unexpected error during login %s' %
str(e))
try:
log('Saving configuration')
client.save_config()
except nitro_exception as e:
msg = "nitro exception errorcode=" + str(
e.errorcode) + ",message=" + e.message
module.fail_json(msg=msg, **module_result)
if not module.params['mas_proxy_call']:
client.logout()
module.exit_json(**module_result)
def update_signatures(self):
log('ModuleExecutor.update_signatures()')
self.download_native_singatures_file()
self.process_native_signatures_file()
self.upload_and_update_native_signatures_file()
def do_state_change(client, module, gslb_vserver_proxy):
if module.params['disabled']:
log('Disabling glsb_vserver')
result = gslbvserver.disable(client, gslb_vserver_proxy.actual)
else:
log('Enabling gslbvserver')
result = gslbvserver.enable(client, gslb_vserver_proxy.actual)
return result
def delete(self):
log('ModuleExecutor.delete()')
if self.service_exists():
self.module_result['changed'] = True
self.prepared_list.append('Delete service')
if not self.module.check_mode:
self.delete_service()
def process_enabled(self, rule):
log('ModuleExecutor.process_enabled()')
want_enabled = self._rule_want_enabled(rule)
if want_enabled:
rule.attrib['enabled'] = 'ON'
else:
if 'enabled' in rule.attrib:
del rule.attrib['enabled']
def create_signatures(self):
log('ModuleExecutor.create_signatures()')
if self.use_builtin_xslt:
self.copy_builtin_xslt_to_vartmp()
self.initial_create_signatures()
self.update_signatures()
def _get_binding_key_tuple(self, binding_dict):
log('ModuleExecutor._get_binding_key_tuple()')
ret_val = []
# Order of attribute values is determined by ordering of self.key_attributes_present
for attribute in self.key_attributes_present:
if attribute in binding_dict:
attribute_value = binding_dict[attribute]
ret_val.append(attribute_value)
return tuple(ret_val)
def download_native_singatures_file(self):
log('ModuleExecutor.download_native_singatures_file()')
remote_path = os.path.join('/var/download/custom',
self.configured_signatures['name'])
local_path = self.local_native_signatures
if os.path.exists(local_path):
return
# Fallthrough to download
self._download_file(remote_path=remote_path, local_path=local_path)
def delete_service(self):
result = self.fetcher.delete(resource='service', id=self.module.params['name'])
log('delete result %s' % result)
if result['nitro_errorcode'] != 0:
raise NitroException(
errorcode=result['nitro_errorcode'],
message=result.get('nitro_message'),
severity=result.get('nitro_severity'),
)
def update_or_create(self):
log('ModuleExecutor.update_or_create()')
# sslcipher only valid attribute is its ciphergroupname
# It either exists or not. ugdate is not sensible
if not self.cipher_exists():
self.module_result['changed'] = True
if not self.module.check_mode:
log('cipher does not exist. Will create.')
self.create_cipher()
else:
self.module_result['changed'] = False
def get_actual_domain_bindings(client, module):
log('get_actual_domain_bindings')
# Get actual domain bindings and index them by domainname
actual_domain_bindings = {}
if gslbvserver_domain_binding.count(client, name=module.params['name']) != 0:
# Get all domain bindings associated with the named gslb vserver
fetched_domain_bindings = gslbvserver_domain_binding.get(client, name=module.params['name'])
# index by domainname
for binding in fetched_domain_bindings:
complete_missing_attributes(binding, gslbvserver_domain_binding_rw_attrs, fill_value=None)
actual_domain_bindings[binding.domainname] = binding
return actual_domain_bindings
def sync_binding_with_data(self, data):
binding_key = data['binding_key']
binding_object = data['binding_object']
if self.module.params.get(binding_key) is None:
return
log('ModuleExecutor syncing binding %s' % binding_key)
mode = self.module.params[binding_key]['mode']
# Make a list of config objects for configured bindings
configured_bindings = []
for bind_values in self.module.params[binding_key]['attributes']:
all_bind_values = copy.deepcopy(bind_values)
configured_binding = NitroResourceConfig(
module=self.module,
resource=binding_object,
attribute_values_dict=all_bind_values,
attributes_list=self.attribute_config[binding_key]
['attributes_list'],
transforms=self.attribute_config[binding_key]['transforms'],
)
configured_bindings.append(configured_binding)
if mode == 'bind':
for configured_binding in configured_bindings:
self.module_result['changed'] = True
try:
configured_binding.create()
except NitroException as e:
if e.errorcode != 273:
raise
elif mode == 'unbind':
for configured_binding in configured_bindings:
self.module_result['changed'] = True
try:
configured_binding.delete(
delete_id_attributes=self.attribute_config[binding_key]
['delete_id_attributes'])
except NitroException as e:
# Handle exceptions when trying to unbind objects that are not bound
# Every binding has its own errorcode
if binding_object == 'appfwglobal_appfwpolicy_binding':
if e.errorcode == 3093:
log('Ignoring nitro_errocode 3093 for appfwglobal_appfwpolicy_binding'
)
else:
raise
