diff --git a/.ansible-lint b/.ansible-lint new file mode 100644 index 000000000..8d9bb70b8 --- /dev/null +++ b/.ansible-lint @@ -0,0 +1,5 @@ +--- +profile: production + +exclude_paths: + - changelogs/changelog.yaml diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml new file mode 100644 index 000000000..853e4b69c --- /dev/null +++ b/.github/workflows/lint.yml @@ -0,0 +1,12 @@ +--- +name: ansible-lint +on: # yamllint disable-line rule:truthy + pull_request: + branches: ["main"] +jobs: + build: + name: Ansible Lint + runs-on: ubuntu-latest + steps: + - name: Run ansible-lint + uses: ansible/ansible-lint@main diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 810680051..0fb4cc0cf 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -14,8 +14,6 @@ on: # yamllint disable-line rule:truthy jobs: - ansible-lint: - uses: ansible-network/github_actions/.github/workflows/ansible-lint.yml@main changelog: uses: ansible-network/github_actions/.github/workflows/changelog.yml@main if: github.event_name != 'schedule' @@ -32,7 +30,6 @@ jobs: all_green: if: ${{ always() && (github.event_name != 'schedule') }} needs: - - ansible-lint - changelog - sanity - unit-galaxy @@ -42,7 +39,6 @@ jobs: - run: >- python -c "assert 'failure' not in set([ - '${{ needs.ansible-lint.result }}', '${{ needs.changelog.result }}', '${{ needs.sanity.result }}', '${{ needs.unit-galaxy.result }}', diff --git a/README.md b/README.md index 18c333bd9..ac061831b 100644 --- a/README.md +++ b/README.md @@ -11,7 +11,7 @@ This collection has been tested against Cisco IOS XE Version 17.3 on CML. ## Ansible version compatibility -This collection has been tested against following Ansible versions: **>=2.9.10**. +This collection has been tested against following Ansible versions: **>=2.13.11**. For collections that support Ansible 2.9, please ensure you update your `network_os` to use the fully qualified collection name (for example, `cisco.ios.ios`). diff --git a/changelogs/fragments/ios_acls_fix.yaml b/changelogs/fragments/ios_acls_fix.yaml new file mode 100644 index 000000000..112c0347e --- /dev/null +++ b/changelogs/fragments/ios_acls_fix.yaml @@ -0,0 +1,6 @@ +--- +doc_changes: + - "ios_command - Fix formatting of examples." +bugfixes: + - "ios_acls - Fix standard acls rendering." + - "ios_acls - Fix protocol_options rendering corrects processing of overridden/ replaced state." diff --git a/docs/cisco.ios.ios_command_module.rst b/docs/cisco.ios.ios_command_module.rst index 305641a9a..51437902e 100644 --- a/docs/cisco.ios.ios_command_module.rst +++ b/docs/cisco.ios.ios_command_module.rst @@ -141,7 +141,7 @@ Examples - name: Run show version on remote devices cisco.ios.ios_command: - commands: show version' + commands: show version # output- diff --git a/meta/runtime.yml b/meta/runtime.yml index 55584b22f..14d31cd1c 100644 --- a/meta/runtime.yml +++ b/meta/runtime.yml @@ -206,4 +206,4 @@ plugin_routing: redirect: cisco.ios.ios_vlans vrf: redirect: cisco.ios.ios_vrf -requires_ansible: ">=2.9.10" +requires_ansible: ">=2.13.11" diff --git a/plugins/module_utils/network/ios/config/acls/acls.py b/plugins/module_utils/network/ios/config/acls/acls.py index 9d29555cc..c40157c28 100644 --- a/plugins/module_utils/network/ios/config/acls/acls.py +++ b/plugins/module_utils/network/ios/config/acls/acls.py @@ -192,6 +192,7 @@ def sanitize_protocol_options(self, wace, hace): list(wace.get("protocol_options"))[0] == hace.get("protocol") ): hace.pop("protocol") + hace["protocol_options"] = wace.get("protocol_options") return hace def acl_name_cmd(self, name, afi, acl_type): @@ -226,9 +227,15 @@ def list_to_dict(self, param): if acl.get("aces"): temp_rem = [] # remarks if defined in an ace for ace in acl.get("aces"): # each ace turned to dict - if ace.get("destination") and ace.get("destination", {}).get( - "port_protocol", - {}, + if ( + ace.get("destination") + and ace.get("destination", {}).get( + "port_protocol", + {}, + ) + and not ace.get("destination", {}) + .get("port_protocol", {}) + .get("range") ): for k, v in ( ace.get("destination", {}).get("port_protocol", {}).items() diff --git a/plugins/module_utils/network/ios/rm_templates/acls.py b/plugins/module_utils/network/ios/rm_templates/acls.py index 164c93caf..a67b53d0b 100644 --- a/plugins/module_utils/network/ios/rm_templates/acls.py +++ b/plugins/module_utils/network/ios/rm_templates/acls.py @@ -149,7 +149,7 @@ def __init__(self, lines=None): r"""^(ip|ipv6) (\s(access-list)) (\s(standard|extended)) - (\s(?P\S+))? + (\s(?P\S+)) $""", re.VERBOSE, ), @@ -159,13 +159,12 @@ def __init__(self, lines=None): "shared": True, }, { - "name": "_mac_acls_name", # + "name": "_mac_acls_name", # mac acls to be removed "getval": re.compile( - r"""^(?PStandard|Extended|Reflexive)* - \s*(?PMAC)* - \s*access - \s*list* - \s*(?P.+)* + r"""^(?PStandard|Extended|Reflexive) + (\s(?PMAC)) + (\saccess\slist) + (\s(?P.+)) $""", re.VERBOSE, ), @@ -204,8 +203,8 @@ def __init__(self, lines=None): "name": "remarks_type_linear", "getval": re.compile( r"""^(access-list) - (\s(?P\S+))? - (\sremark\s(?P.+))? + (\s(?P\S+)) + (\sremark\s(?P.+)) $""", re.VERBOSE, ), @@ -224,7 +223,7 @@ def __init__(self, lines=None): "getval": re.compile( r"""\s*(?P\d+)* \s(?Pdeny|permit)? - (\s+(?P
(?!ahp|eigrp|esp|gre|icmp|igmp|ipv6|ipinip|ip|nos|object-group|ospf|pcp|pim|sctp|tcp|udp)\S+|\S+,))? + (\s+(?P
(?!ahp|any|eigrp|esp|gre|icmp|igmp|ipv6|ipinip|ip|nos|object-group|ospf|pcp|pim|sctp|tcp|udp)\S+|\S+,))? (\s*(?Pany))? (\swildcard\sbits\s(?P\S+))? (\shost\s(?P\S+))? @@ -266,19 +265,27 @@ def __init__(self, lines=None): (\sobject-group\s(?P\S+))| (\shost\s(?P\S+))| (\s(?P(\d{1,3}.\d{1,3}.\d{1,3}.\d{1,3})\s\S+)))? - (\s(?P(eq|gts|gt|lt|neq)\s(\S+|\d+)))? + (\seq\s(?P(\S+|\d+)))? + (\sgt\s(?P(\S+|\d+)))? + (\slt\s(?P(\S+|\d+)))? + (\sneq\s(?P(\S+|\d+)))? (\srange\s(?P\d+)\s(?P\d+))? (\s(?Pany))? (\sobject-group\s(?P\S+))? (\shost\s(?P\S+))? (\s(?P(\d{1,3}.\d{1,3}.\d{1,3}.\d{1,3})\s\S+))? - (\s(?P(eq|gts|lt|neq)\s(\S+|\d+)))? + (\seq\s(?P(\S+|\d+)))? + (\sgt\s(?P(\S+|\d+)))? + (\slt\s(?P(\S+|\d+)))? + (\sneq\s(?P(\S+|\d+)))? (\srange\s(?P\d+)\s(?P\d+))? (\s(?Padministratively-prohibited|alternate-address|conversion-error|dod-host-prohibited|dod-net-prohibited|echo-reply|echo|general-parameter-problem|host-isolated|host-precedence-unreachable|host-redirect|host-tos-redirect|host-tos-unreachable|host-unknown|host-unreachable|information-reply|information-request|mask-reply|mask-request|mobile-redirect|net-redirect|net-tos-redirect|net-tos-unreachable|net-unreachable|network-unknown|no-room-for-option|option-missing|packet-too-big|parameter-problem|port-unreachable|precedence-unreachable|protocol-unreachable|reassembly-timeout|redirect|router-advertisement|router-solicitation|source-quench|source-route-failed|time-exceeded|timestamp-reply|timestamp-request|traceroute|ttl-exceeded|unreachable|dvmrp|host-query|mtrace-resp|mtrace-route|pim|trace|v1host-report|v2host-report|v2leave-group|v3host-report|ack|established|fin|psh|rst|syn|urg))? (\sdscp\s(?P\S+))? (\s(?Pfragments))? - (\s(?Plog-input\s\(tag\s=\s\S+\)|log-input))? - (\s(?Plog\s\(tag\s=\s\S+\)|log))? + (\slog-input\s\(tag\s=\s(?P\S+\)|log-input))? + (\s(?Plog-input))? + (\slog\s\(tag\s=\s(?P\S+\)|log))? + (\s(?Plog))? (\soption\s(?P