#!/usr/bin/python DOCUMENTATION = r''' --- module: decort_pfw description: See L(Module Documentation,https://repository.basistech.ru/BASIS/decort-ansible/wiki/Home). ''' from ansible.module_utils.basic import AnsibleModule from ansible.module_utils.decort_utils import * class decort_pfw(DecortController): def __init__(self): super(decort_pfw, self).__init__(AnsibleModule(**self.amodule_init_args)) @property def amodule_init_args(self) -> dict: return self.pack_amodule_init_args( argument_spec=dict( compute_id=dict( type='int', required=True, ), rules=dict( type='list', ), state=dict( type='str', default='present', choices=[ 'absent', 'present', ], ), vins_id=dict( type='int', required=True, ), ), supports_check_mode=True, ) def decort_pfw_package_facts(self, comp_facts, vins_facts, pfw_facts, check_mode=False): """Package a dictionary of PFW rules facts according to the decort_pfw module specification. This dictionary will be returned to the upstream Ansible engine at the completion of the module run. @param (dict) pfw_facts: dictionary with PFW facts as returned by API call to .../???/get @param (bool) check_mode: boolean that tells if this Ansible module is run in check mode """ ret_dict = dict(state="CHECK_MODE", compute_id=0, public_ip="", rules=[], vins_id=0, ) if check_mode: # in check mode return immediately with the default values return ret_dict if pfw_facts is None: # if void facts provided - change state value to ABSENT and return ret_dict['state'] = "ABSENT" return ret_dict ret_dict['compute_id'] = comp_facts['id'] ret_dict['vins_id'] = vins_facts['id'] ret_dict['public_ip'] = vins_facts['vnfs']['GW']['config']['ext_net_ip'] if len(pfw_facts) != 0: ret_dict['state'] = 'PRESENT' ret_dict['rules'] = pfw_facts else: ret_dict['state'] = 'ABSENT' return ret_dict def decort_pfw_parameters(self): """Build and return a dictionary of parameters expected by decort_pfw module in a form accepted by AnsibleModule utility class.""" return def main(): decon = decort_pfw() amodule = decon.amodule pfw_facts = None # will hold PFW facts as returned by pfw_configure # # Validate module arguments: # 1) specified Compute instance exists in correct state # 2) specified ViNS exists # 3) ViNS has GW function # 4) Compute is connected to this ViNS # validated_comp_id, comp_facts, rg_id = decon.compute_find(amodule.params['compute_id']) if not validated_comp_id: decon.result['failed'] = True decon.result['msg'] = "Cannot find specified Compute ID {}.".format(amodule.params['compute_id']) amodule.fail_json(**decon.result) validated_vins_id, vins_facts = decon.vins_find(amodule.params['vins_id']) if not validated_vins_id: decon.result['failed'] = True decon.result['msg'] = "Cannot find specified ViNS ID {}.".format(amodule.params['vins_id']) amodule.fail_json(**decon.result) gw_vnf_facts = vins_facts['vnfs'].get('GW') if not gw_vnf_facts or gw_vnf_facts['status'] == "DESTROYED": decon.result['failed'] = True decon.result['msg'] = "ViNS ID {} does not have a configured external connection.".format(validated_vins_id) amodule.fail_json(**decon.result) # # Initial validation of module arguments is complete # if amodule.params['state'] == 'absent': # ignore amodule.params['rules'] and remove all rules associated with this Compute pfw_facts = decon.pfw_configure(comp_facts, vins_facts, None) elif amodule.params['rules'] is not None: # manage PFW rules accodring to the module arguments pfw_facts = decon.pfw_configure(comp_facts, vins_facts, amodule.params['rules']) else: pfw_facts = decon._pfw_get(comp_facts['id'], vins_facts['id']) # # complete module run # if decon.result['failed']: amodule.fail_json(**decon.result) else: # prepare PFW facts to be returned as part of decon.result and then call exit_json(...) decon.result['facts'] = decon.decort_pfw_package_facts(comp_facts, vins_facts, pfw_facts, amodule.check_mode) amodule.exit_json(**decon.result) if __name__ == "__main__": main()