From 1e6d1e66d89ddd19026f249986cd988a458cb201 Mon Sep 17 00:00:00 2001 From: Vincent Lafeychine Date: Mon, 6 Oct 2025 12:53:21 +0200 Subject: [PATCH] aruba: Add login support, but hangs --- host_vars/sw-ec-1.yml | 2 -- httpapi/aruba.py | 15 ++++++++++----- library/switch_config.py | 17 +++++++++-------- playbooks/switch.yml | 4 ++-- roles/switch-system/tasks/main.yml | 11 ----------- 5 files changed, 21 insertions(+), 28 deletions(-) diff --git a/host_vars/sw-ec-1.yml b/host_vars/sw-ec-1.yml index b832ad3..dd589c3 100644 --- a/host_vars/sw-ec-1.yml +++ b/host_vars/sw-ec-1.yml @@ -4,8 +4,6 @@ switch_vars: location: "Local_de_Brassage_EdC" host: 10.130.4.11 port: 80 - username: "{{ vault_switch.username }}" - password: "{{ vault_switch.password }}" delete_vlans: [] vlans: - id: 40 diff --git a/httpapi/aruba.py b/httpapi/aruba.py index eede10c..f7fe398 100644 --- a/httpapi/aruba.py +++ b/httpapi/aruba.py @@ -3,6 +3,8 @@ from ansible_collections.ansible.netcommon.plugins.plugin_utils.httpapi_base imp HttpApiBase, ) +import json + class HttpApi(HttpApiBase): def login(self, username, password): @@ -11,7 +13,7 @@ class HttpApi(HttpApiBase): Return True if the connection has succeeded and False otherwise. """ data = {"userName": username, "password": password} - response = self.send_request(json.dumps(data), path="/login-sessions") + response = self.send_request("login-sessions", data, method="POST") if response.status_code != 201: return AnsibleAuthentificationFailure(message="Plop!") @@ -34,12 +36,15 @@ class HttpApi(HttpApiBase): self.headers.pop("cookie") return True - def send_request(self, data, path, method="POST"): + def send_request(self, path, data, method="GET"): headers = {"Content-Type": "application/json"} - uri = self.get_option("uri_root_path") + "/" + path + api = self.connection.get_option("api") + uri = f"/rest/{api}/{path}" - if data is not None: - content = json.dumps(data) + if not data: + data = {} + + content = json.dumps(data) try: response, content = self.connection.send(uri, content, method=method, headers=headers) diff --git a/library/switch_config.py b/library/switch_config.py index 04b1ca6..8cb23ed 100644 --- a/library/switch_config.py +++ b/library/switch_config.py @@ -145,7 +145,7 @@ def throw_err(msg, url, status, response): def configure(connection, config, check_mode, current_path="", create_method=None): - path = "/" + str(config["path"]) + path = str(config["path"]) url = current_path + path changed = False before = {"path": path} @@ -157,7 +157,7 @@ def configure(connection, config, check_mode, current_path="", create_method=Non # If removing configuration if "delete" in config and config["delete"]: # Get the configuration - status, response = connection.send_request(None, url, method="GET") + status, response = connection.send_request(url, None, method="GET") if status == 404: before["delete"] = True elif status in (200, 201, 202, 203, 204): @@ -206,7 +206,7 @@ def configure(connection, config, check_mode, current_path="", create_method=Non # If create or edit elif "data" in config and type(config["data"]) is dict: # Get the configuration - status, response = connection.send_request(None, url, method="GET") + status, response = connection.send_request(url, None, method="GET") new_data = {} if status == 404: before["delete"] = True @@ -287,7 +287,7 @@ def configure(connection, config, check_mode, current_path="", create_method=Non connection, subconf, api, - current_path=url, + current_path=url + "/", create_method=create_method, ) changed = changed or response["changed"] @@ -300,8 +300,6 @@ def configure(connection, config, check_mode, current_path="", create_method=Non def run_module(): module_args = { "config": {"type": "dict", "required": True}, - "username": {"type": "str", "required": True}, - "password": {"type": "str", "required": True, "no_log": True}, "port": {"type": "int", "required": True}, "host": {"type": "str", "required": True}, "version": {"type": "str", "required": False, "default": "v1"}, @@ -309,9 +307,12 @@ def run_module(): } module = AnsibleModule(argument_spec=module_args, supports_check_mode=True) - connection = Connection(module._socket_path) - connection.set_option("uri_root_path", module.params["host"]) + + connection.set_option("host", module.params["host"]) + connection.set_option("port", module.params["port"]) + connection.set_option("api", module.params["version"]) + connection.set_option("use_proxy", module.params["use_proxy"]) result = { "changed": False, diff --git a/playbooks/switch.yml b/playbooks/switch.yml index 9128da9..b1c6c3f 100755 --- a/playbooks/switch.yml +++ b/playbooks/switch.yml @@ -12,8 +12,8 @@ vars: ansible_network_os: aruba - ansible_user: vault_switch.username - ansible_httpapi_password: vault_switch.password + ansible_user: "{{ vault_switch.username }}" + ansible_password: "{{ vault_switch.password }}" ansible_httpapi_use_ssl: false ansible_httpapi_validate_certs: false diff --git a/roles/switch-system/tasks/main.yml b/roles/switch-system/tasks/main.yml index dcafaef..372aec2 100644 --- a/roles/switch-system/tasks/main.yml +++ b/roles/switch-system/tasks/main.yml @@ -1,8 +1,6 @@ --- - name: Configure switch switch_config: - username: "{{ switch_vars.username }}" - password: "{{ switch_vars.password }}" port: "{{ switch_vars.port }}" host: "{{ switch_vars.host }}" use_proxy: "{{ switch.use_proxy }}" @@ -15,8 +13,6 @@ - name: Configure sntp switch_config: - username: "{{ switch_vars.username }}" - password: "{{ switch_vars.password }}" port: "{{ switch_vars.port }}" host: "{{ switch_vars.host }}" use_proxy: "{{ switch.use_proxy }}" @@ -29,8 +25,6 @@ - name: Configure sntp servers switch_config: - username: "{{ switch_vars.username }}" - password: "{{ switch_vars.password }}" port: "{{ switch_vars.port }}" host: "{{ switch_vars.host }}" use_proxy: "{{ switch.use_proxy }}" @@ -53,11 +47,6 @@ - name: Configure loop-protect switch_config: - username: "{{ switch_vars.username }}" - password: "{{ switch_vars.password }}" - port: "{{ switch_vars.port }}" - host: "{{ switch_vars.host }}" - use_proxy: "{{ switch.use_proxy }}" version: v7 config: path: loop_protect