def exec_module(self): changed = False result = dict() state = self.want.state if state == 'present': changed = self.present() elif state == 'fetch': if self.want.subscription_id is None and self.want.service_instance_name is None: self.read_subscriptions_from_cloud() elif self.exists() is False: raise F5ModuleError('subscription not found') elif state == 'absent': if self.exists(): changed = self.retire() elif state == 'active': if self.exists(): changed = self.activate() elif state == 'suspended': if self.exists(): changed = self.suspend() reportable = ReportableChanges(params=self.changes.to_return()) changes = reportable.to_return() result.update(**changes) result.update(dict(changed=changed)) self._announce_deprecations(result) return result
def get_catalog_from_cloud(self): services = self.get_catalog_services() service = ( [x for x in services if x['catalog_id'] == self.want.catalog_id] or [None])[0] if service is None: raise F5ModuleError('service not found') self.have = ApiParameters(params=service) self._update_changed_options()
def activate(self): state = self.client.activate_subscription(subscription_id=self.have.subscription_id) for retry in range(0, 12): time.sleep(10) state = self.client.get_subscription_status(subscription_id=self.have.subscription_id) if state['status'] == 'ACTIVE': break if state['status'] != 'ACTIVE': raise F5ModuleError('cannot activate subscription: ' + state.status)
def activate(self, subscription_id): state = self.client.activate_subscription(subscription_id) if not self.want.wait_status_change: return True for retry in range(0, 100): state = self.client.get_subscription_status(subscription_id) if state['status'] == 'ACTIVE' and state[ 'service_state'] == 'DEPLOYED': break time.sleep(15) if state['status'] != 'ACTIVE' or state['service_state'] != 'DEPLOYED': raise F5ModuleError('cannot activate subscription: ' + state.status)
def activate(self): state = self.client.activate_subscription( subscription_id=self.want.subscription_id) for retry in range(0, 12): time.sleep(10) state = self.client.get_subscription_status( subscription_id=self.want.subscription_id) if state['status'] == 'ACTIVE': break if state['status'] != 'ACTIVE': raise F5ModuleError('cannot activate subscription: ' + state.status) self.have = ApiParameters(params=state) self._update_changed_options() return True
def suspend(self): state = self.client.activate_subscription( subscription_id=self.want.subscription_id) for retry in range(0, 12): time.sleep(10) state = self.client.get_subscription_status( subscription_id=self.want.subscription_id) if state['status'] == 'DISABLED' and state[ 'service_state'] == 'UNDEPLOYED': break if state['status'] != 'DISABLED' or state[ 'service_state'] != 'UNDEPLOYED': raise F5ModuleError('cannot suspend subscription: ' + state.status) self.have = ApiParameters(params=state) self._update_changed_options() return True
def activate(self): if self.have.status == 'ACTIVE': return False state = self.client.activate_subscription(self.have.subscription_id) for retry in range(0, 100): state = self.client.get_subscription_status( self.have.subscription_id) if state['status'] == 'ACTIVE': break time.sleep(15) if state['status'] != 'ACTIVE': raise F5ModuleError('cannot activate subscription: ' + state.status) self.have.update(dict(status=state['status'])) return True
def suspend(self): if self.have.status == 'DISABLED': return False state = self.client.suspend_subscription( subscription_id=self.want.subscription_id) for retry in range(0, 100): state = self.client.get_subscription_status( subscription_id=self.want.subscription_id) if state['status'] == 'DISABLED' and state[ 'service_state'] == 'UNDEPLOYED': break time.sleep(15) if state['status'] != 'DISABLED' or state[ 'service_state'] != 'UNDEPLOYED': raise F5ModuleError('cannot suspend subscription: ' + state.status) self.have.update(dict(status=state['status'])) return True
def auto_discover(self, account_id, catalog_id): payload = { 'account_id': account_id, 'catalog_id': catalog_id, 'service_instance_name': self.want.service_instance_name, 'service_type': 'waf', 'configuration': { 'waf_service': { 'application': { 'description': '', 'fqdn': self.want.fqdn, 'http': { 'enabled': True, 'port': 80, }, }, 'policy': { 'encoding': 'utf-8', }, }, }, } self.create_on_cloud(payload) discovery = None for retry in range(0, 5): subscription = self.client.get_subscription_by_id( self.have.subscription_id) if subscription['configuration'].get('details'): if subscription['configuration']['details']['discovery'] \ and subscription['configuration']['details']['discovery']['ipGeolocations']: discovery = subscription['configuration']['details'][ 'discovery'] break time.sleep(15) if discovery is None: raise F5ModuleError('Auto discovery failed') return { 'waf_service': { 'application': { 'description': '', 'fqdn': self.want.fqdn, 'http': { 'enabled': True, 'port': 80, }, 'https': { 'enabled': False, 'port': 443, 'tls': { 'certificate_id': '', } }, 'waf_regions': { discovery['cloudProvider']: { discovery['cloudRegion']: { 'endpoint': { 'http': { 'port': 80, 'enabled': discovery["isHTTP"], }, 'https': { 'port': 443, 'enabled': discovery["isHTTPS"], }, 'ips': [discovery['ipGeolocations'][0]['ip']] } } } }, }, 'policy': f5_cs_eap_default_policy, } }
def get_role_id_by_name(self, name): roles = self.get_roles() role = ([x for x in roles if x['name'] == name] or [None])[0] if role is None: raise F5ModuleError('role not found') return role['id']
def exec_module(self): result = dict() changed = False if self.want.state == "present": certificate_id = self.want.certificate_id assigned_subscriptions = self.want.assigned_subscriptions if certificate_id is None: certificate_id = self.find_existing_certificate() if certificate_id is None: certificate_id = self.upload_certificate() changed = True if assigned_subscriptions: for subscription in assigned_subscriptions: params = dict( certificate_id=certificate_id, subscription_id=subscription['subscription_id'], enabled=subscription['enabled'], https_port=subscription['https_port'], https_redirect=subscription['https_redirect'], tls_version=subscription['tls_version'], update_comment=subscription['update_comment'], ) changed = self.update_subscription_on_cloud(params) self.find_certificate_usage_on_cloud(certificate_id) elif self.want.state == "fetch": if self.want.certificate_id: self.find_certificate_usage_on_cloud(self.want.certificate_id) elif self.want.subscription_id: certificate_id = self.get_certificate_id_by_subscription_id( self.want.subscription_id) if certificate_id: self.find_certificate_usage_on_cloud(certificate_id) else: raise F5ModuleError('certificate not found') else: response = self.get_certificates() self.have = ApiParameters(params=dict(certificates=response)) changed = False elif self.want.state == "absent": if self.want.certificate_id: certificates = self.get_certificates() certificate = ([ x for x in certificates if x['id'] == self.want.certificate_id ] or [None])[0] if certificate: self.remove_certificate(self.want.certificate_id) changed = True elif self.want.subscription_id: certificate = self.get_certificate_id_by_subscription_id( self.want.subscription_id) if certificate: self.remove_certificate_from_eap(self.want.subscription_id) changed = True self._update_changed_options() reportable = ReportableChanges(params=self.changes.to_return()) changes = reportable.to_return() result.update(**changes) result.update(dict(changed=changed)) self._announce_deprecations(result) return result