When deactivating a profile in libNM, we should:
* Check `NM.ActionConnection` existence
* Check `NM.ActionConnection.props.state` not DEACTIVATED
* Use signal `state-changed` of `NM.ActionConnection`.
* Only invoke `NM.Client.deactivate_connection_async()` if not
in DEACTIVATING state.
* Ignore `NM.ManagerError.CONNECTIONNOTACTIVE` error.
This patch also introduced a new class `NetworkManagerProvider`
in `module_utils/network_lsr/nm`:
* Independent from Ansible but need to use absolute import due to
limitation of ansible 2.8.
* Provide sync function wrapping async calls of libNM.
* Use stable logging method of python.
* Only load this module when provider is nm.
This patch also changed how logging is handling in
`Cmd_nm.run_action_down()` as initial step on isolate ansible log
mechanism from provider module.
By moving provider codes to `module_utils` folder, we can eventually
simplify the bloated `library/network_connections.py`.
Signed-off-by: Gris Ge <fge@redhat.com>
The task 56586 is for adding tests against the collection converted
format to the tox/travis CI to capture a problem before merging the
pr, if any. It'd be helpful to find out bugs in the conversion tool
lsr_role2collection.py, as well. The source of this commit is located
in linux-system-roles/template. They are synced by auto-maintenance/
sync-template.sh, then manually adjusted to the network role.
.travis/runcollection.sh is the test script. tox.ini is modified to run
it in the tox/travis CI. The script downloads lsr_role2collection.py,
then converts the network role into the conversion format in the working
directory .tox. In the collection, it runs a set of tests black, flake8,
yamllint, py38 to check the converted result.
Since the order of the actions list does not matter anymore because the
role iterates over all actions in a defined order, simplify the
handling for persistent states.
When a profile is specified as absent, ignore state requests if the
profile is already removed or not completely specified to improve
idempotence.
Also restructure the states test. This introduces a clear structure for
the individual test steps, properly assigns tags for each test from the
file and provides a clear error message with a description of the test
that failed in case of errors. Support for tests that expect a failure
is still missing.
When persistent_state is present and state is set to present or absent, a
ValidationError raises. A unit test validating this has been added. The
test_802_1x.yml test was updated so as to follow this rule.
Signed-off-by: Elvira Garcia Ruiz <elviragr@riseup.net>
WPA-PSK and WPA-EAP are supported. Uses existing 802.1x features of the role.
Added extra functionality to ArgValidatorStr to enforce a min and max length.
Ethtool features should use underscores instead of dashes. A
warning shows in case dashes used, and it fails if underscore and dashes are
mixed. Unit tests and integration tests have been added. Since nm already
needed underscores, the string processing that was made in nm_provider is now
unneeded and therefore removed.
This patch implements the ETHTOOL_GPERMADDR command in order to retrieve
the permanent address from ethtool instead using command line tool.
Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net>
According to PEP8 [1], the import are always put at the top of the file,
just after any module comments and docstrings, and before module globals
and constants.
[1] https://www.python.org/dev/peps/pep-0008/#imports
Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net>
Role now supports validating the domain name of the EAP server certificate.
Regenerated the CA certificate as the private key for the original CA has been lost.
Updated test certificates to include a domain name in the CN so the domain-suffix-match
feature can be tested.
It was rather confusing whether the boolean return value meant
that the timeout was reached or the opposite.
Rename the internal variable, I think now it's quite clear.
The name is actually not ever used, because
ArgValidator_DictConnection() is never validated directly.
Instead, it is always nested inside ArgValidator_ListConnections()
which passes "connections[$IDX]" as name to self.nested._validate().
Anyway, still when looking at the name of a ArgValidator_DictConnection
instance, it makes slightly more sense to call it just "connection".
The "name" argument is an implementation detail, that is used
by ArgValidatorDict and ArgValidatorList to pass a complex (nested)
name of what is currently parsed.
Callers are not supposed to see or use this argument.
Hide it, by adding an internal helper method _validate().
- persistent_state represents whether a profile is stored on disk
- persistent_state defaults to 'present'
- When there is no type specified for the profile, it is enough for a
profile with the same name to be stored on the target's systems file
system. Otherwise the role will fail
- state now represents the runtime state and can be up, down or
unspecified
- translate the state definitions into actions that will be performed.
The actions correspond to the previous states.
- add the possibility to write unit tests to only verify parts of the
resulting connection dictionary to only check for the expected changes
instead of the full connection that can also contain unrelated defaults
