diff options
| author | Peter Sprygada <privateip@users.noreply.github.com> | 2016-10-05 22:09:18 -0400 |
|---|---|---|
| committer | Peter Sprygada <psprygada@ansible.com> | 2016-10-05 22:10:09 -0400 |
| commit | 8785594b6088ee934933cd4620f8d61b43709929 (patch) | |
| tree | 32e97e977500eea962e8613aa1cd3ffb83244399 | |
| parent | 6ba851653c0f427ec48a1f3d38a5b9ed267468aa (diff) | |
| download | ansible-modules-extras-8785594b6088ee934933cd4620f8d61b43709929.tar.gz | |
fixes asa_config to allow config to include passwords, defaults or none (#3102)
The fix allows the asa_config module to request the config to contain
all default statements or password information necessary for vpn
tunnel endpoints
(cherry picked from commit 49dde162f66e86c2b30f7d0affad1abf7b463798)
| -rw-r--r-- | network/asa/asa_config.py | 27 |
1 files changed, 21 insertions, 6 deletions
diff --git a/network/asa/asa_config.py b/network/asa/asa_config.py index e90f5fbf..320255b4 100644 --- a/network/asa/asa_config.py +++ b/network/asa/asa_config.py @@ -137,7 +137,7 @@ options: will not download the running-config from the remote node. required: false default: null - default: + defaults: description: - This argument specifies whether or not to collect all defaults when getting the remote device running config. When enabled, @@ -146,6 +146,15 @@ options: required: false default: no choices: ['yes', 'no'] + passwords: + description: + - This argument specifies to include passwords in the config + when retrieving the running-config from the remote device. This + includes passwords related to VPN endpoints. This argument is + mutually exclusive with I(defaults). + required: false + default: no + choices: ['yes', 'no'] save: description: - The C(save) argument instructs the module to save the running- @@ -190,10 +199,10 @@ vars: context: ansible - asa_config: - show_command: 'more system:running-config' lines: - ikev1 pre-shared-key MyS3cretVPNK3y parents: tunnel-group 1.1.1.1 ipsec-attributes + passwords: yes provider: "{{ cli }}" """ @@ -226,8 +235,13 @@ from ansible.module_utils.netcfg import NetworkConfig, dumps def get_config(module): contents = module.params['config'] if not contents: - defaults = module.params['default'] - contents = module.config.get_config(include_defaults=defaults) + if module.params['defaults']: + include = 'defaults' + elif module.params['passwords']: + include = 'passwords' + else: + include = None + contents = module.config.get_config(include=include) return NetworkConfig(indent=1, contents=contents) def get_candidate(module): @@ -292,13 +306,14 @@ def main(): replace=dict(default='line', choices=['line', 'block']), config=dict(), - default=dict(type='bool', default=False), + defaults=dict(type='bool', default=False), + passwords=dict(type='bool', default=False), backup=dict(type='bool', default=False), save=dict(type='bool', default=False), ) - mutually_exclusive = [('lines', 'src')] + mutually_exclusive = [('lines', 'src'), ('defaults', 'passwords')] required_if = [('match', 'strict', ['lines']), ('match', 'exact', ['lines']), |