diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-26 04:05:57 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-26 04:05:57 +0000 |
| commit | 0dcbb2c58231264c2f0a0374733b5e9cf8747e1f (patch) | |
| tree | 7f133117f9ebecefdc96e42e01ee7557247d5d8a /ansible_collections/netapp/ontap/plugins | |
| parent | Adding debian version 9.4.0+dfsg-1. (diff) | |
| download | ansible-0dcbb2c58231264c2f0a0374733b5e9cf8747e1f.tar.xz ansible-0dcbb2c58231264c2f0a0374733b5e9cf8747e1f.zip | |
Merging upstream version 9.5.1+dfsg.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'ansible_collections/netapp/ontap/plugins')
8 files changed, 163 insertions, 17 deletions
diff --git a/ansible_collections/netapp/ontap/plugins/module_utils/netapp.py b/ansible_collections/netapp/ontap/plugins/module_utils/netapp.py index f41139423..fe1e89214 100644 --- a/ansible_collections/netapp/ontap/plugins/module_utils/netapp.py +++ b/ansible_collections/netapp/ontap/plugins/module_utils/netapp.py @@ -48,7 +48,7 @@ try: except ImportError: ANSIBLE_VERSION = 'unknown' -COLLECTION_VERSION = "22.10.0" +COLLECTION_VERSION = "22.11.0" CLIENT_APP_VERSION = "%s/%s" % ("%s", COLLECTION_VERSION) IMPORT_EXCEPTION = None diff --git a/ansible_collections/netapp/ontap/plugins/modules/na_ontap_cifs.py b/ansible_collections/netapp/ontap/plugins/modules/na_ontap_cifs.py index b04a37110..ea978f8f1 100644 --- a/ansible_collections/netapp/ontap/plugins/modules/na_ontap_cifs.py +++ b/ansible_collections/netapp/ontap/plugins/modules/na_ontap_cifs.py @@ -178,6 +178,14 @@ options: type: bool version_added: 22.5.0 + offline_files: + choices: ['none', 'manual', 'documents', 'programs'] + description: + - Allows Windows clients to cache data on this share. + - This option is only supported with REST and requires ONTAP 9.10 or later. + type: str + version_added: 22.11.0 + short_description: NetApp ONTAP Manage cifs-share version_added: 2.6.0 @@ -287,7 +295,8 @@ class NetAppONTAPCifsShare: namespace_caching=dict(required=False, type='bool'), continuously_available=dict(required=False, type='bool'), browsable=dict(required=False, type='bool'), - show_previous_versions=dict(required=False, type='bool') + show_previous_versions=dict(required=False, type='bool'), + offline_files=dict(required=False, type='str', choices=['none', 'manual', 'documents', 'programs']), )) self.module = AnsibleModule( @@ -301,13 +310,13 @@ class NetAppONTAPCifsShare: # Set up Rest API self.rest_api = netapp_utils.OntapRestAPI(self.module) partially_supported_rest_properties = [['continuously_available', (9, 10, 1)], ['namespace_caching', (9, 10, 1)], - ['show_snapshot', (9, 10, 1)], ['allow_unencrypted_access', (9, 11)], + ['show_snapshot', (9, 10, 1)], ['offline_files', (9, 10, 1)], ['allow_unencrypted_access', (9, 11)], ['browsable', (9, 13, 1)], ['show_previous_versions', (9, 13, 1)]] unsupported_rest_properties = ['share_properties', 'symlink_properties', 'vscan_fileop_profile'] self.use_rest = self.rest_api.is_rest_supported_properties(self.parameters, unsupported_rest_properties, partially_supported_rest_properties) self.unsupported_zapi_properties = ['unix_symlink', 'access_based_enumeration', 'change_notify', 'encryption', 'home_directory', 'oplocks', 'continuously_available', 'show_snapshot', 'namespace_caching', 'allow_unencrypted_access', - 'browsable', 'show_previous_versions'] + 'browsable', 'show_previous_versions', 'offline_files'] self.svm_uuid = None if not self.use_rest: if not netapp_utils.has_netapp_lib(): @@ -447,7 +456,7 @@ class NetAppONTAPCifsShare: 'encryption,' 'oplocks,'} if self.rest_api.meets_rest_minimum_version(self.use_rest, 9, 10, 1): - options['fields'] += 'show_snapshot,namespace_caching,continuously_available,' + options['fields'] += 'show_snapshot,namespace_caching,continuously_available,offline_files,' if self.rest_api.meets_rest_minimum_version(self.use_rest, 9, 11, 0): options['fields'] += 'allow_unencrypted_access,' if self.rest_api.meets_rest_minimum_version(self.use_rest, 9, 13, 1): @@ -467,6 +476,7 @@ class NetAppONTAPCifsShare: 'encryption': record.get('encryption'), 'oplocks': record.get('oplocks'), 'continuously_available': record.get('continuously_available'), + 'offline_files': record.get('offline_files'), 'show_snapshot': record.get('show_snapshot'), 'namespace_caching': record.get('namespace_caching'), 'allow_unencrypted_access': record.get('allow_unencrypted_access'), @@ -481,7 +491,7 @@ class NetAppONTAPCifsShare: if params is None: params = self.parameters options = ['path', 'comment', 'unix_symlink', 'access_based_enumeration', 'change_notify', 'encryption', - 'home_directory', 'oplocks', 'continuously_available', 'show_snapshot', 'namespace_caching', + 'home_directory', 'oplocks', 'continuously_available', 'offline_files', 'show_snapshot', 'namespace_caching', 'allow_unencrypted_access', 'browsable', 'show_previous_versions'] for key in options: if key in params: diff --git a/ansible_collections/netapp/ontap/plugins/modules/na_ontap_dns.py b/ansible_collections/netapp/ontap/plugins/modules/na_ontap_dns.py index 3c46b0084..1bea08120 100644 --- a/ansible_collections/netapp/ontap/plugins/modules/na_ontap_dns.py +++ b/ansible_collections/netapp/ontap/plugins/modules/na_ontap_dns.py @@ -259,10 +259,12 @@ class NetAppOntapDns: if error: self.module.fail_json(msg="Error getting DNS service: %s" % error) if record: - if params.get('scope') == 'cluster': + if params.get('scope') == 'cluster' or not self.na_helper.safe_get(record, ['svm', 'uuid']): uuid = record.get('uuid') else: uuid = self.na_helper.safe_get(record, ['svm', 'uuid']) + if uuid is None: + self.module.fail_json(msg="Error getting DNS service: could not retrieve UUID of the DNS object") return { 'domains': record.get('domains'), 'nameservers': record.get('servers'), diff --git a/ansible_collections/netapp/ontap/plugins/modules/na_ontap_fpolicy_policy.py b/ansible_collections/netapp/ontap/plugins/modules/na_ontap_fpolicy_policy.py index 47d9143cb..a99c76d76 100644 --- a/ansible_collections/netapp/ontap/plugins/modules/na_ontap_fpolicy_policy.py +++ b/ansible_collections/netapp/ontap/plugins/modules/na_ontap_fpolicy_policy.py @@ -1,6 +1,6 @@ #!/usr/bin/python -# (c) 2021, NetApp, Inc +# (c) 2021-2023, NetApp, Inc # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) from __future__ import absolute_import, division, print_function @@ -181,11 +181,12 @@ class NetAppOntapFpolicyPolicy(): 'vserver': message['records'][0]['vserver'], 'name': message['records'][0]['policy_name'], 'events': message['records'][0]['events'], - 'allow_privileged_access': message['records'][0]['allow_privileged_access'], 'engine': message['records'][0]['engine'], 'is_mandatory': message['records'][0]['is_mandatory'], 'is_passthrough_read_enabled': message['records'][0]['is_passthrough_read_enabled'] } + allow_privileged_access = True if message['records'][0]['allow_privileged_access'] == 'yes' else False + return_value['allow_privileged_access'] = allow_privileged_access if 'privileged_user_name' in message['records'][0]: return_value['privileged_user_name'] = message['records'][0]['privileged_user_name'] diff --git a/ansible_collections/netapp/ontap/plugins/modules/na_ontap_net_ifgrp.py b/ansible_collections/netapp/ontap/plugins/modules/na_ontap_net_ifgrp.py index 45035ed64..4a596ae12 100644 --- a/ansible_collections/netapp/ontap/plugins/modules/na_ontap_net_ifgrp.py +++ b/ansible_collections/netapp/ontap/plugins/modules/na_ontap_net_ifgrp.py @@ -36,7 +36,7 @@ options: name: description: - Specifies the interface group name. - - Not supported with REST, use C(ports) or C(from_lag_ports). + - Not supported with REST, use C(ports) or C(from_lag_ports). LAG names are automatically created in REST and returned in module output. - Required with ZAPI. type: str diff --git a/ansible_collections/netapp/ontap/plugins/modules/na_ontap_quotas.py b/ansible_collections/netapp/ontap/plugins/modules/na_ontap_quotas.py index 1aca89feb..d4b13ea47 100644 --- a/ansible_collections/netapp/ontap/plugins/modules/na_ontap_quotas.py +++ b/ansible_collections/netapp/ontap/plugins/modules/na_ontap_quotas.py @@ -594,6 +594,7 @@ class NetAppONTAPQuotas: 'files.soft_limit,' 'volume.uuid,' 'users.name,' + 'users.id,' 'group.name,'} # set qtree name in query for type user and group if not ''. @@ -601,8 +602,17 @@ class NetAppONTAPQuotas: query['qtree.name'] = self.parameters['qtree'] if self.parameters.get('quota_target'): type = self.parameters['type'] - field_name = 'users.name' if type == 'user' else 'group.name' if type == 'group' else 'qtree.name' - query[field_name] = self.parameters['quota_target'] + if type == 'user': + users_names = [target for target in self.parameters['quota_target'].split(',') if not target.isdigit()] + users_ids = [target for target in self.parameters['quota_target'].split(',') if target.isdigit()] + if users_names: + query['users.name'] = ",".join(users_names) + if users_ids: + query['users.id'] = ",".join(users_ids) + else: + field_name = 'group.name' if type == 'group' else 'qtree.name' + query[field_name] = self.parameters['quota_target'] + api = 'storage/quota/rules' # If type: user, get quota rules api returns users which has name starts with input target user names. # Example of users list in a record: @@ -622,9 +632,11 @@ class NetAppONTAPQuotas: if desired_qtree != current_qtree: continue if type == 'user': - desired_users = self.parameters['quota_target'].split(',') - current_users = [user['name'] for user in item['users']] - if set(current_users) == set(desired_users): + current_users = {} + current_users['names'] = [user['name'] for user in item['users'] if user.get('name')] + current_users['ids'] = [user['id'] for user in item['users'] if user.get('id')] + if set(current_users['names']) == set(users_names) and \ + set(current_users['ids']) == set(users_ids): record = item break elif item['group']['name'] == self.parameters['quota_target']: diff --git a/ansible_collections/netapp/ontap/plugins/modules/na_ontap_security_config.py b/ansible_collections/netapp/ontap/plugins/modules/na_ontap_security_config.py index aac0ea1d5..28f0f6576 100644 --- a/ansible_collections/netapp/ontap/plugins/modules/na_ontap_security_config.py +++ b/ansible_collections/netapp/ontap/plugins/modules/na_ontap_security_config.py @@ -264,11 +264,23 @@ class NetAppOntapSecurityConfig: if error: self.module.fail_json(msg="Error on modifying security config: %s" % error) + def cipher_suites_warning_rest(self, modify): + current = self.get_security_config() + suites_for_idempotency = [] + for current_suite in list(current.get('supported_cipher_suites')): + if current_suite not in self.parameters.get('supported_cipher_suites'): + suites_for_idempotency.append(current_suite) + if len(suites_for_idempotency) > 0: + self.module.warn("To achieve idempotency the mentioned cipher_suites must be included.") + self.module.warn(", ".join(suites_for_idempotency)) + def apply(self): current = self.get_security_config() modify = self.na_helper.get_modified_attributes(current, self.parameters) if self.na_helper.changed and not self.module.check_mode: self.modify_security_config(modify) + if 'supported_cipher_suites' in modify: + self.cipher_suites_warning_rest(modify) result = netapp_utils.generate_result(self.na_helper.changed, modify=modify) self.module.exit_json(**result) diff --git a/ansible_collections/netapp/ontap/plugins/modules/na_ontap_vserver_audit.py b/ansible_collections/netapp/ontap/plugins/modules/na_ontap_vserver_audit.py index fc3dc3bed..3f52f918c 100644 --- a/ansible_collections/netapp/ontap/plugins/modules/na_ontap_vserver_audit.py +++ b/ansible_collections/netapp/ontap/plugins/modules/na_ontap_vserver_audit.py @@ -114,6 +114,38 @@ options: - Rotates logs based on log size in bytes. - Default value is 104857600. type: int + schedule: + description: + - Rotates the audit logs based on a schedule by using the time-based rotation parameters in any combination. + - The rotation schedule is calculated by using all the time-related values. + type: dict + version_added: '22.11.0' + suboptions: + days: + description: + - Specifies the day of the month schedule to rotate audit log. Specify -1 to rotate the audit logs all days of a month. + type: list + elements: int + hours: + description: + - Specifies the hourly schedule to rotate audit log. Specify -1 to rotate the audit logs every hour. + type: list + elements: int + minutes: + description: + - Specifies the minutes schedule to rotate the audit log. + type: list + elements: int + months: + description: + - Specifies the months schedule to rotate audit log. Specify -1 to rotate the audit logs every month. + type: list + elements: int + weekdays: + description: + - Specifies the weekdays schedule to rotate audit log. Specify -1 to rotate the audit logs every day. + type: list + elements: int notes: - This module supports REST only. @@ -180,6 +212,66 @@ EXAMPLES = """ hostname: "{{ netapp_hostname }}" username: "{{ netapp_username }}" password: "{{ netapp_password }}" + + # The audit logs are rotated in January and March on Monday, Wednesday, and Friday, + # at 6:15, 6:30, 6:45, 12:15, 12:30, 12:45, 18:15, 18:30, and 18:45 + # The last 6 audit logs are retained + - name: Create vserver audit configuration + netapp.ontap.na_ontap_vserver_audit: + state: present + vserver: ansible + enabled: True + events: + authorization_policy: False + cap_staging: False + cifs_logon_logoff: True + file_operations: True + file_share: False + security_group: False + user_account: False + log_path: "/" + log: + format: xml + retention: + count: 6 + rotation: + schedule: + hours: [6,12,18] + minutes: [15,30,45] + months: [1,3] + weekdays: [1,3,5] + guarantee: False + hostname: "{{ netapp_hostname }}" + username: "{{ netapp_username }}" + password: "{{ netapp_password }}" + + # The audit logs are rotated monthly, all days of the week, at 12:30 + - name: Modify vserver audit configuration + netapp.ontap.na_ontap_vserver_audit: + state: present + vserver: ansible + enabled: True + events: + authorization_policy: False + cap_staging: False + cifs_logon_logoff: True + file_operations: True + file_share: False + security_group: False + user_account: False + log_path: "/" + log: + format: xml + rotation: + schedule: + hours: [12] + minutes: [30] + months: [-1] + weekdays: [-1] + guarantee: False + hostname: "{{ netapp_hostname }}" + username: "{{ netapp_username }}" + password: "{{ netapp_password }}" """ RETURN = """ @@ -214,6 +306,13 @@ class NetAppONTAPVserverAudit: )), rotation=dict(type='dict', options=dict( size=dict(type='int'), + schedule=dict(type='dict', options=dict( + days=dict(type='list', elements='int'), + hours=dict(type='list', elements='int'), + minutes=dict(type='list', elements='int'), + months=dict(type='list', elements='int'), + weekdays=dict(type='list', elements='int'), + )), )), )), events=dict(type='dict', options=dict( @@ -270,6 +369,10 @@ class NetAppONTAPVserverAudit: } return record + def schedule_rotation_key_value(self, key): + value = self.na_helper.safe_get(self.parameters, ['log', 'rotation', 'schedule', key]) + return [] if -1 in value else value + def create_vserver_audit_config_body_rest(self): """ Vserver audit config body for create and modify with rest API. @@ -283,8 +386,14 @@ class NetAppONTAPVserverAudit: body['log.retention.count'] = self.parameters['log']['retention']['count'] if self.na_helper.safe_get(self.parameters, ['log', 'retention', 'duration']): body['log.retention.duration'] = self.parameters['log']['retention']['duration'] - if self.na_helper.safe_get(self.parameters, ['log', 'rotation', 'size']): - body['log.rotation.size'] = self.parameters['log']['rotation']['size'] + if self.na_helper.safe_get(self.parameters, ['log', 'rotation']): + if self.na_helper.safe_get(self.parameters, ['log', 'rotation', 'size']): + body['log.rotation.size'] = self.parameters['log']['rotation']['size'] + else: + for schedule_rotation_key in ['days', 'hours', 'minutes', 'months', 'weekdays']: + if self.na_helper.safe_get(self.parameters, ['log', 'rotation', 'schedule', schedule_rotation_key]) is not None: + key = 'log.rotation.schedule.' + schedule_rotation_key + body[key] = self.schedule_rotation_key_value(schedule_rotation_key) if self.na_helper.safe_get(self.parameters, ['log', 'format']): body['log.format'] = self.parameters['log']['format'] if 'log_path' in self.parameters: |