Reject configuring ipv6 disabled if not supported in NM

In NM, the property `NM_SETTING_IP6_CONFIG_METHOD_DISABLED` is only
supported since NM 1.20, therefore, the role should reject configuring
`ipv6 disabled` if `NM_SETTING_IP6_CONFIG_METHOD_DISABLED` is not
supported by the running version of NM.

Signed-off-by: Wen Liang <liangwen12year@gmail.com>

module_utils/network_lsr/argument_validator.py

@@ -2216,6 +2216,17 @@ class ArgValidator_ListConnections(ArgValidatorList):
                     idx,
                     "ip.ipv6_disabled is not supported by initscripts.",
                 )
+            if not hasattr(Util.NM(), "SETTING_IP6_CONFIG_METHOD_DISABLED"):
+                raise ValidationError.from_connection(
+                    idx,
+                    "ip.ipv6_disabled is not supported by the running version of "
+                    "NetworkManager, it requires at least version 1.20. But you can "
+                    "disable IPv6 auto configuration by setting ip.auto6 to False. "
+                    "Then NetworkManager will ignore IPv6 for this connection. This "
+                    "will still leave the sysctl value 'disable_ipv6' unchanged, but "
+                    "setting ip.ipv6_disabled to True in the role will set the sysctl "
+                    "value 'disable_ipv6' to True ",
+                )
         # Setting ip.dns is not allowed when corresponding IP method for that
         # nameserver is disabled
         for nameserver in connection["ip"]["dns"]:

tests/ensure_provider_tests.py

@@ -70,9 +70,7 @@ ibution_major_version | int < 9",
     "playbooks/tests_bond_options.yml": {},
     "playbooks/tests_eth_dns_support.yml": {},
     "playbooks/tests_dummy.yml": {},
-    "playbooks/tests_ipv6_disabled.yml": {
-        EXTRA_RUN_CONDITION: "ansible_distribution_major_version == '8'",
-    },
+    "playbooks/tests_ipv6_disabled.yml": {},
     "playbooks/tests_ipv6_dns_search.yml": {},
     "playbooks/tests_provider.yml": {
         MINIMUM_VERSION: "'1.20.0'",

tests/playbooks/tests_ipv6_disabled.yml

@@ -19,6 +19,10 @@
         state: present
     - include_tasks: tasks/assert_device_present.yml
 
+    - name: Initialize the connection_failed flag
+      set_fact:
+        connection_failed: false
+
     - name: Import network role
       import_role:
         name: linux-system-roles.network
@@ -29,6 +33,21 @@
             type: ethernet
             ip:
               ipv6_disabled: true
+        __header: "# Ansible managed test header"
+      ignore_errors: true  # noqa ignore-errors
+      changed_when: false
+
+    - name: Assert that configuring `ipv6_disabled` will only fail when the
+            running version of NetworKManager does not support it
+      assert:
+        that:
+          - __network_connections_result.stderr is
+            search("ip.ipv6_disabled is not supported by the running version
+            of NetworkManager")
+        msg: Reconfiguring network connection is not failed with the error
+             "ip.ipv6_disabled is not supported by the running version of
+             NetworkManger"
+      when: __network_connections_result.failed
 
     - name: Verify nmcli connection ipv6.method
       shell: |
@@ -37,23 +56,33 @@
       register: ipv6_method
       ignore_errors: yes
       changed_when: false
+      when: not __network_connections_result.failed
 
     - name: "Assert that ipv6.method disabled is configured correctly"
       assert:
         that:
           - "'disabled' in ipv6_method.stdout"
         msg: "ipv6.method disabled is configured incorrectly"
+      when: not __network_connections_result.failed
 
-- import_playbook: down_profile+delete_interface.yml
+    - name: set the connection_failed flag
+      set_fact:
+        connection_failed: true
+      when: __network_connections_result.failed
+
+- import_playbook: down_profile.yml
   vars:
     profile: "{{ interface }}"
+  when: not connection_failed
+
 # FIXME: assert profile/device down
 - import_playbook: remove_profile.yml
   vars:
     profile: "{{ interface }}"
-- name: Assert device and profile are absent
+- name: Delete the interface, then assert that device and profile are absent
   hosts: all
   tasks:
+    - include_tasks: tasks/delete_interface.yml
     - include_tasks: tasks/assert_profile_absent.yml
       vars:
         profile: "{{ interface }}"

tests/tests_ipv6_disabled_nm.yml

@@ -18,4 +18,3 @@
 - import_playbook: playbooks/tests_ipv6_disabled.yml
   when:
     - ansible_distribution_major_version != '6'
-    - ansible_distribution_major_version == '8'

tests/unit/test_network_connections.py

@@ -10,8 +10,10 @@ import unittest
 
 try:
     from unittest import mock
+    from unittest.mock import MagicMock
 except ImportError:  # py2
     import mock
+    from mock import MagicMock
 
 sys.modules["ansible.module_utils.basic"] = mock.Mock()
 
@@ -3723,6 +3725,8 @@ class TestValidator(Python26CompatTestCase):
                 },
             }
         ]
+        old_util_nm = Util.NM
+        Util.NM = MagicMock(spec=["SETTING_IP6_CONFIG_METHOD_DISABLED"])
         self.assertRaisesRegex(
             ValidationError,
             "IPv6 needs to be enabled to support IPv6 nameservers.",
@@ -3731,6 +3735,7 @@ class TestValidator(Python26CompatTestCase):
             validator.validate(ipv6_dns_with_ipv6_disabled),
             0,
         )
+        Util.NM = old_util_nm
 
     def test_ipv6_dns_with_static_ipv6_configuration(self):
         """
@@ -3804,6 +3809,8 @@ class TestValidator(Python26CompatTestCase):
                 },
             }
         ]
+        old_util_nm = Util.NM
+        Util.NM = MagicMock(spec=["SETTING_IP6_CONFIG_METHOD_DISABLED"])
         self.assertRaises(
             ValidationError,
             validator.validate_connection_one,
@@ -3811,6 +3818,7 @@ class TestValidator(Python26CompatTestCase):
             validator.validate(ipv6_dns_options_without_ipv6_config),
             0,
         )
+        Util.NM = old_util_nm
 
     def test_dns_search_without_ipv4_and_ipv6_configuration(self):
         """