search

fortinet-ansible-dev / ansible-galaxy-fortios-collection

GNU General Public License v3.0
84 stars 47 forks source link

Feature Request module_defaults group #320

Open AndreiSucu opened 3 weeks ago

AndreiSucu commented 3 weeks ago

Hello,

I've stumbled upon the need to sometimes use access_token within my tasks. After doing some research I've found out that I can use the "access_token" parameter with module defaults like this:

- hosts: localhost
  gather_facts: false
  tasks:
    - fortinet.fortios.fortios_alertemail_setting
  module_defaults: 
      - fortios_alertemail_setting: 
          access_token:  "{{ api_token }}"
      - fortinet.fortios.fortios_system_sdwan: 
          access_token:  "{{ api_token `}}"`
      - fortinet.fortios.fortios_configuration_fact: 
          access_token:  "{{ api_token }}"
      - fortios_firewall_address: 
          access_token:  "{{ api_token }}"
      - fortios_firewall_addrgrp: 
          access_token:  "{{ api_token }}"
      - fortinet.fortios.fortios_firewall_dos_policy: 
          access_token:  "{{ api_token }}"
      - fortios_firewall_local_in_policy: 
          access_token:  "{{ api_token }}"
      - fortios_firewall_policy: 
          access_token:  "{{ api_token }}"
                   .
                   .
                   .

But as you can see, this is really inconvenient, so I would suggest a feature request to create a module defaults group as described here:

https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_module_defaults.html#module-defaults-groups

This implementation would consist of defining "fortios" group as "action_groups" in:

/site-packages/ansible_collections/fortinet/fortios/meta/runtime.yml 

action_groups:
  fortios:
    - fortios_alertemail_setting
    - fortios_antivirus_exempt_list
    - fortios_antivirus_heuristic
    - fortios_antivirus_mms_checksum
    - fortios_antivirus_notification
    - fortios_antivirus_profile
                  .
                  .
                  .

So the playbook would look like this:

- hosts: localhost
  gather_facts: false
  tasks:
    - fortinet.fortios.fortios_alertemail_setting
  module_defaults:
    group/fortinet.fortios.fortios:
      access_token: "{{ api_token }}"

Pull request 'added "fortios" action_group with all fortios modules #321' opened.

Thank you.

MaxxLiu22 commented 3 weeks ago

Hi @AndreiSucu ,

Thank you for your valuable suggestion. I have communicated your needs to our development team for further improvement. At present, the Ansible logic allows you to provide the access_token only in the first task, with no need to provide it for the following tasks in the same playbook. However, your suggestion is still under consideration.

  tasks:
  - name: Interface port2
    fortinet.fortios.fortios_system_interface:
      state: "present"
      access_token: "7Qmrjtng910sQzm0bbckfwNy4GQQ9n"
      system_interface:
        name: port2
        status: up
  - name: Interface port3
    fortinet.fortios.fortios_system_interface:
      state: "present"
      system_interface:
        name: port3
        status: down

Thanks, Maxx