#!/usr/bin/python # -*- coding: utf-8 -*- # Copyright: (c) 2021, Ansible Project # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) # template: header.j2 # This module is autogenerated using the ansible.content_builder. # See: https://github.com/ansible-community/ansible.content_builder DOCUMENTATION = r""" module: appliance_system_globalfips short_description: Enable/Disable Global FIPS mode for the appliance description: 'Enable/Disable Global FIPS mode for the appliance. ' deprecated: removed_in: 5.0.0 why: This module has been moved to the L(new vmware.vmware collection,https://forum.ansible.com/t/5880) alternative: Use M(vmware.vmware.vcsa_settings) instead. options: enabled: description: - FIPS setting state. - If unset, the value is unchanged. type: bool session_timeout: description: - 'Timeout settings for client session. ' - 'The maximal number of seconds for the whole operation including connection establishment, request sending and response. ' - The default value is 300s. type: float version_added: 2.1.0 state: choices: - present default: present description: [] type: str vcenter_hostname: description: - The hostname or IP address of the vSphere vCenter - If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead. required: true type: str vcenter_password: description: - The vSphere vCenter password - If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead. required: true type: str vcenter_rest_log_file: description: - 'You can use this optional parameter to set the location of a log file. ' - 'This file will be used to record the HTTP REST interaction. ' - 'The file will be stored on the host that runs the module. ' - 'If the value is not specified in the task, the value of ' - environment variable C(VMWARE_REST_LOG_FILE) will be used instead. type: str vcenter_username: description: - The vSphere vCenter username - If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead. required: true type: str vcenter_validate_certs: default: true description: - Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted. - If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead. type: bool author: - Ansible Cloud Team (@ansible-collections) version_added: 2.0.0 requirements: - vSphere 7.0.3 or greater - python >= 3.6 - aiohttp notes: - Tested on vSphere 7.0.3 """ EXAMPLES = r""" """ RETURN = r""" """ # This structure describes the format of the data expected by the end-points PAYLOAD_FORMAT = { "update": {"query": {}, "body": {"enabled": "enabled"}, "path": {}} } # pylint: disable=line-too-long from ansible.module_utils.basic import env_fallback try: from ansible_collections.cloud.common.plugins.module_utils.turbo.exceptions import ( EmbeddedModuleFailure, ) from ansible_collections.cloud.common.plugins.module_utils.turbo.module import ( AnsibleTurboModule as AnsibleModule, ) AnsibleModule.collection_name = "vmware.vmware_rest" except ImportError: from ansible.module_utils.basic import AnsibleModule from ansible_collections.vmware.vmware_rest.plugins.module_utils.vmware_rest import ( open_session, prepare_payload, session_timeout, update_changed_flag, ) def prepare_argument_spec(): argument_spec = { "vcenter_hostname": dict( type="str", required=True, fallback=(env_fallback, ["VMWARE_HOST"]), ), "vcenter_username": dict( type="str", required=True, fallback=(env_fallback, ["VMWARE_USER"]), ), "vcenter_password": dict( type="str", required=True, no_log=True, fallback=(env_fallback, ["VMWARE_PASSWORD"]), ), "vcenter_validate_certs": dict( type="bool", required=False, default=True, fallback=(env_fallback, ["VMWARE_VALIDATE_CERTS"]), ), "vcenter_rest_log_file": dict( type="str", required=False, fallback=(env_fallback, ["VMWARE_REST_LOG_FILE"]), ), "session_timeout": dict( type="float", required=False, fallback=(env_fallback, ["VMWARE_SESSION_TIMEOUT"]), ), } argument_spec["enabled"] = {"type": "bool"} argument_spec["state"] = { "type": "str", "choices": ["present"], "default": "present", } return argument_spec async def main(): required_if = list([]) module_args = prepare_argument_spec() module = AnsibleModule( argument_spec=module_args, required_if=required_if, supports_check_mode=True ) if not module.params["vcenter_hostname"]: module.fail_json("vcenter_hostname cannot be empty") if not module.params["vcenter_username"]: module.fail_json("vcenter_username cannot be empty") if not module.params["vcenter_password"]: module.fail_json("vcenter_password cannot be empty") try: session = await open_session( vcenter_hostname=module.params["vcenter_hostname"], vcenter_username=module.params["vcenter_username"], vcenter_password=module.params["vcenter_password"], validate_certs=module.params["vcenter_validate_certs"], log_file=module.params["vcenter_rest_log_file"], ) except EmbeddedModuleFailure as err: module.fail_json(err.get_message()) result = await entry_point(module, session) module.exit_json(**result) # template: default_module.j2 def build_url(params): return ("https://{vcenter_hostname}" "/api/appliance/system/global-fips").format( **params ) async def entry_point(module, session): if module.params["state"] == "present": if "_create" in globals(): operation = "create" else: operation = "update" elif module.params["state"] == "absent": operation = "delete" else: operation = module.params["state"] func = globals()["_" + operation] return await func(module.params, session) async def _update(params, session): payload = prepare_payload(params, PAYLOAD_FORMAT["update"]) _url = ("https://{vcenter_hostname}" "/api/appliance/system/global-fips").format( **params ) async with session.get(_url, **session_timeout(params)) as resp: _json = await resp.json() if "value" in _json: value = _json["value"] else: # 7.0.2 and greater value = _json for k, v in value.items(): if k in payload: if isinstance(payload[k], dict) and isinstance(v, dict): to_delete = True for _k in list(payload[k].keys()): if payload[k][_k] != v.get(_k): to_delete = False if to_delete: del payload[k] elif payload[k] == v: del payload[k] elif payload[k] == {}: del payload[k] if payload == {} or payload == {"spec": {}}: # Nothing has changed if "value" not in _json: # 7.0.2 _json = {"value": _json} _json["id"] = params.get("None") return await update_changed_flag(_json, resp.status, "get") async with session.put(_url, json=payload, **session_timeout(params)) as resp: try: if resp.headers["Content-Type"] == "application/json": _json = await resp.json() except KeyError: _json = {} if "value" not in _json: # 7.0.2 _json = {"value": _json} # e.g: content_configuration if not _json and resp.status == 204: async with session.get(_url, **session_timeout(params)) as resp_get: _json_get = await resp_get.json() if _json_get: _json = _json_get _json["id"] = params.get("None") return await update_changed_flag(_json, resp.status, "update") if __name__ == "__main__": import asyncio current_loop = asyncio.new_event_loop() try: asyncio.set_event_loop(current_loop) current_loop.run_until_complete(main()) finally: current_loop.close()