diff --git a/.github/workflows/ee.yml b/.github/workflows/ee.yml index cc3411392..d557fe0c3 100644 --- a/.github/workflows/ee.yml +++ b/.github/workflows/ee.yml @@ -49,17 +49,17 @@ jobs: # outputs tag name as v1.2.3 and version as 1.2.3 run: | if [[ "${{ github.event_name }}" == "push" && - "${{ inputs.release }}" == "true" ]]; then - if [[ "${{ inputs.release_tag }}" != "v"* ]]; then - echo "release_tag (${{ inputs.release_tag }}) must be provided when workflow_call called with release." + "${RELEASE}" == "true" ]]; then + if [[ "${RELEASE_TAG}" != "v"* ]]; then + echo "release_tag (${RELEASE_TAG}) must be provided when workflow_call called with release." exit 1 fi - TAG_VERSION=$(echo "${{inputs.release_tag}}" | sed 's#v##') - echo "name=${{inputs.release_tag}}" >> $GITHUB_OUTPUT + TAG_VERSION=$(echo "${RELEASE_TAG}" | sed 's#v##') + echo "name=${RELEASE_TAG}" >> $GITHUB_OUTPUT echo "version=$TAG_VERSION" >> $GITHUB_OUTPUT - echo "Ansible EE will be prepared for release ${{ inputs.release_tag }}" + echo "Ansible EE will be prepared for release ${RELEASE_TAG}" elif [[ "${{ github.event_name }}" == "workflow_dispatch" && - "${{ inputs.release }}" == "true" ]]; then + "${RELEASE}" == "true" ]]; then if [[ "${GITHUB_REF}" != "refs/tags/v"* ]]; then echo "workflow_dispatch must be run on a release tag when release is selected - run on ${GITHUB_REF}" exit 1 @@ -74,6 +74,8 @@ jobs: fi env: GITHUB_REF: ${{ github.ref }} + RELEASE_TAG: ${{ inputs.release_tag }} + RELEASE: ${{ inputs.release }} build_awx: name: AWX Ansible EE @@ -203,6 +205,7 @@ jobs: - name: awx.awx - community.general - name: ansible.posix + - name: ansible.utils EOF echo "::group::requirements.yml" cat requirements.yml @@ -224,6 +227,7 @@ jobs: - name: awx.awx - community.general - name: ansible.posix + - name: ansible.utils EOF echo "::group::requirements.yml" cat requirements.yml @@ -380,6 +384,7 @@ jobs: type: file - name: community.general - name: ansible.posix + - name: ansible.utils EOF echo "::group::requirements.yml" cat requirements.yml @@ -400,6 +405,7 @@ jobs: version: ${{needs.prepare.outputs.version}} - name: community.general - name: ansible.posix + - name: ansible.utils EOF echo "::group::requirements.yml" cat requirements.yml diff --git a/plugins/modules/panos_ldap_profile.py b/plugins/modules/panos_ldap_profile.py new file mode 100644 index 000000000..291c434eb --- /dev/null +++ b/plugins/modules/panos_ldap_profile.py @@ -0,0 +1,149 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright 2019 Palo Alto Networks, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type + +DOCUMENTATION = """ +--- +module: panos_ldap_profile +short_description: Manage LDAP server profiles. +description: + - Manages LDAP server profiles. +author: "Garfield Lee Freeman (@shinmog)" +version_added: '1.0.0' +requirements: + - pan-python + - pandevice >= 0.11.1 +notes: + - Panorama is supported. + - Check mode is supported. +extends_documentation_fragment: + - paloaltonetworks.panos.fragments.transitional_provider + - paloaltonetworks.panos.fragments.network_resource_module_state + - paloaltonetworks.panos.fragments.gathered_filter + - paloaltonetworks.panos.fragments.vsys_shared + - paloaltonetworks.panos.fragments.device_group +options: + name: + description: + - Name of the LDAP server profile. + type: str + ldap_type: + description: + - Ldap profile type. + type: str + choices: + - other + - active-directory + - e-directory + - sun + default: other + base_dn: + description: + - Base DN. + type: str + bind_dn: + description: + - Bind DN. + type: str + bind_password: + description: + - Bind password. + type: str + bind_timelimit: + description: + - Bind timeout. + type: int + timelimit: + description: + - Search timeout. + type: int + retry_interval : + description: + - Retry interval. + type: int + require_ssl: + description: + - Require ssl/ttls secured connection. + type: bool + verify_server_certificate: + description: + - Verify server certificate for ssl sessions. + type: bool + disabled: + description: + - Disabled or not. + type: bool +""" + +EXAMPLES = """ +# Create an LDAP profile +- name: Create LDAP profile + paloaltonetworks.panos.panos_ldap_profile: + provider: '{{ provider }}' + name: 'my-profile' +""" + +RETURN = """ +# Default return values +""" + +from ansible.module_utils.basic import AnsibleModule +from ansible_collections.paloaltonetworks.panos.plugins.module_utils.panos import ( + get_connection, +) + + +def main(): + helper = get_connection( + vsys_shared=True, + device_group=True, + with_network_resource_module_state=True, + with_gathered_filter=True, + with_classic_provider_spec=True, + min_pandevice_version=(0, 11, 1), + min_panos_version=(7, 0, 0), + sdk_cls=("device", "LdapServerProfile"), + sdk_params=dict( + name=dict(), + ldap_type=dict(choices=["other", "active-directory", "e-directory", "sun"], default="other"), + base_dn=dict(sdk_param="base"), + bind_dn=dict(), + bind_password=dict(no_log=True), + bind_timelimit=dict(type="int"), + timelimit=dict(type="int"), + retry_interval=dict(type="int"), + require_ssl=dict(type="bool", sdk_param="ssl"), + verify_server_certificate=dict(type="bool"), + disabled=dict(type="bool") + + ), + ) + + module = AnsibleModule( + argument_spec=helper.argument_spec, + supports_check_mode=True, + required_one_of=helper.required_one_of, + ) + + helper.process(module) + + +if __name__ == "__main__": + main() diff --git a/plugins/modules/panos_ldap_server.py b/plugins/modules/panos_ldap_server.py new file mode 100644 index 000000000..ebea21ea9 --- /dev/null +++ b/plugins/modules/panos_ldap_server.py @@ -0,0 +1,111 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright 2019 Palo Alto Networks, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type + +DOCUMENTATION = """ +--- +module: panos_ldap_server +short_description: Manage LDAP servers in an LDAP profile. +description: + - Manages LDAP servers in an LDAP server profile. +author: "Garfield Lee Freeman (@shinmog)" +version_added: '1.0.0' +requirements: + - pan-python + - pandevice >= 0.11.1 +notes: + - Panorama is supported. + - Check mode is supported. +extends_documentation_fragment: + - paloaltonetworks.panos.fragments.transitional_provider + - paloaltonetworks.panos.fragments.vsys_shared + - paloaltonetworks.panos.fragments.device_group + - paloaltonetworks.panos.fragments.network_resource_module_state + - paloaltonetworks.panos.fragments.gathered_filter +options: + ldap_profile: + description: + - Name of the LDAP server profile. + type: str + required: True + name: + description: + - Name of the LDAP server profile. + type: str + ldap_server_address: + description: + - IP address or FQDN of ldap server to use. + type: str + ldap_port: + description: + - Port number + type: str +""" + +EXAMPLES = """ +# Create an LDAP server and assign to 'my-profile' LDAP Server Profile +- name: Create LDAP server in an LDAP profile + paloaltonetworks.panos.panos_ldap_server: + provider: '{{ provider }}' + ldap_profile: 'my-profile' + name: 'my-ldap-server' + ldap_server_address: 'lldap.example.com' + port: '637' +""" + +RETURN = """ +# Default return values +""" + +from ansible.module_utils.basic import AnsibleModule +from ansible_collections.paloaltonetworks.panos.plugins.module_utils.panos import ( + get_connection, +) + + +def main(): + helper = get_connection( + vsys_shared=True, + device_group=True, + with_network_resource_module_state=True, + with_gathered_filter=True, + with_classic_provider_spec=True, + min_pandevice_version=(0, 11, 1), + min_panos_version=(7, 0, 0), + parents=(("device", "LdapServerProfile", "ldap_profile"),), + sdk_cls=("device", "LdapServer"), + sdk_params=dict( + name=dict(), + ldap_server_address=dict(type="str", sdk_param="address"), + ldap_port=dict(type="str", sdk_param="port"), + ), + ) + + module = AnsibleModule( + argument_spec=helper.argument_spec, + supports_check_mode=True, + required_one_of=helper.required_one_of, + ) + + helper.process(module) + + +if __name__ == "__main__": + main()