Refactors main() function and module manager in multiple modules in line with recent changes (#53974)

Adds variable types to docs
Refactors unit tests to remove deprecated parameters

lib/ansible/modules/network/f5/bigip_dns_cache_resolver.py

@@ -24,6 +24,7 @@ options:
   name:
     description:
       - Specifies the name of the cache.
+    type: str
     required: True
   answer_default_zones:
     description:
@@ -40,6 +41,7 @@ options:
       name:
         description:
           - Specifies a FQDN for the forward zone.
+        type: str
         required: True
       nameservers:
         description:
@@ -50,25 +52,32 @@ options:
           address:
             description:
               - Address of recursive nameserver.
+            type: str
           port:
             description:
               - Port of recursive nameserver.
               - When specifying new nameservers, if this value is not provided, the
                 default is C(53).
+            type: int
+        type: list
+    type: raw
   route_domain:
     description:
       - Specifies the route domain the resolver uses for outbound traffic.
+    type: str
   state:
     description:
       - When C(present), ensures that the resource exists.
       - When C(absent), ensures the resource is removed.
-    default: present
+    type: str
     choices:
       - present
       - absent
+    default: present
   partition:
     description:
       - Device partition to manage resources on.
+    type: str
     default: Common
 extends_documentation_fragment: f5
 author:
@@ -114,22 +123,16 @@ try:
     from library.module_utils.network.f5.bigip import F5RestClient
     from library.module_utils.network.f5.common import F5ModuleError
     from library.module_utils.network.f5.common import AnsibleF5Parameters
-    from library.module_utils.network.f5.common import cleanup_tokens
     from library.module_utils.network.f5.common import fq_name
     from library.module_utils.network.f5.common import f5_argument_spec
-    from library.module_utils.network.f5.common import exit_json
-    from library.module_utils.network.f5.common import fail_json
     from library.module_utils.network.f5.common import flatten_boolean
     from library.module_utils.network.f5.common import transform_name
 except ImportError:
     from ansible.module_utils.network.f5.bigip import F5RestClient
     from ansible.module_utils.network.f5.common import F5ModuleError
     from ansible.module_utils.network.f5.common import AnsibleF5Parameters
-    from ansible.module_utils.network.f5.common import cleanup_tokens
     from ansible.module_utils.network.f5.common import fq_name
     from ansible.module_utils.network.f5.common import f5_argument_spec
-    from ansible.module_utils.network.f5.common import exit_json
-    from ansible.module_utils.network.f5.common import fail_json
     from ansible.module_utils.network.f5.common import flatten_boolean
     from ansible.module_utils.network.f5.common import transform_name
 
@@ -307,7 +310,7 @@ class Difference(object):
 class ModuleManager(object):
     def __init__(self, *args, **kwargs):
         self.module = kwargs.get('module', None)
-        self.client = kwargs.get('client', None)
+        self.client = F5RestClient(**self.module.params)
         self.want = ModuleParameters(params=self.module.params)
         self.have = ApiParameters()
         self.changes = UsableChanges()
@@ -533,14 +536,11 @@ def main():
     )
 
     try:
-        client = F5RestClient(**module.params)
+        mm = ModuleManager(module=module)
-        mm = ModuleManager(module=module, client=client)
         results = mm.exec_module()
-        cleanup_tokens(client)
+        module.exit_json(**results)
-        exit_json(module, results, client)
     except F5ModuleError as ex:
-        cleanup_tokens(client)
+        module.fail_json(msg=str(ex))
-        fail_json(module, ex, client)
 
 
 if __name__ == '__main__':

lib/ansible/modules/network/f5/bigip_dns_nameserver.py

@@ -26,6 +26,7 @@ options:
   name:
     description:
       - Specifies the name of the nameserver.
+    type: str
     required: True
   address:
     description:
@@ -33,18 +34,21 @@ options:
         authoritative server (DNS Express server) listens for DNS messages.
       - When creating a new nameserver, if this value is not specified, the default
         is C(127.0.0.1).
+    type: str
   service_port:
     description:
       - Specifies the service port on which the DNS nameserver (client) or back-end DNS
         authoritative server (DNS Express server) listens for DNS messages.
       - When creating a new nameserver, if this value is not specified, the default
         is C(53).
+    type: str
   route_domain:
     description:
       - Specifies the local route domain that the DNS nameserver (client) or back-end
         DNS authoritative server (DNS Express server) uses for outbound traffic.
       - When creating a new nameserver, if this value is not specified, the default
         is C(0).
+    type: str
   tsig_key:
     description:
       - Specifies the TSIG key the system uses to communicate with this DNS nameserver
@@ -54,17 +58,20 @@ options:
         request and sign the response.
       - If this nameserver is a DNS Express server, then this TSIG key must match the
         TSIG key for the zone on the back-end DNS authoritative server.
+    type: str
   state:
     description:
       - When C(present), ensures that the resource exists.
       - When C(absent), ensures the resource is removed.
-    default: present
+    type: str
     choices:
       - present
       - absent
+    default: present
   partition:
     description:
       - Device partition to manage resources on.
+    type: str
     default: Common
 extends_documentation_fragment: f5
 author:
@@ -105,21 +112,15 @@ try:
     from library.module_utils.network.f5.bigip import F5RestClient
     from library.module_utils.network.f5.common import F5ModuleError
     from library.module_utils.network.f5.common import AnsibleF5Parameters
-    from library.module_utils.network.f5.common import cleanup_tokens
     from library.module_utils.network.f5.common import fq_name
     from library.module_utils.network.f5.common import f5_argument_spec
-    from library.module_utils.network.f5.common import exit_json
-    from library.module_utils.network.f5.common import fail_json
     from library.module_utils.network.f5.common import transform_name
 except ImportError:
     from ansible.module_utils.network.f5.bigip import F5RestClient
     from ansible.module_utils.network.f5.common import F5ModuleError
     from ansible.module_utils.network.f5.common import AnsibleF5Parameters
-    from ansible.module_utils.network.f5.common import cleanup_tokens
     from ansible.module_utils.network.f5.common import fq_name
     from ansible.module_utils.network.f5.common import f5_argument_spec
-    from ansible.module_utils.network.f5.common import exit_json
-    from ansible.module_utils.network.f5.common import fail_json
     from ansible.module_utils.network.f5.common import transform_name
 
 
@@ -236,7 +237,7 @@ class Difference(object):
 class ModuleManager(object):
     def __init__(self, *args, **kwargs):
         self.module = kwargs.get('module', None)
-        self.client = kwargs.get('client', None)
+        self.client = F5RestClient(**self.module.params)
         self.want = ModuleParameters(params=self.module.params)
         self.have = ApiParameters()
         self.changes = UsableChanges()
@@ -455,16 +456,12 @@ def main():
         supports_check_mode=spec.supports_check_mode,
     )
 
-    client = F5RestClient(**module.params)
-
     try:
-        mm = ModuleManager(module=module, client=client)
+        mm = ModuleManager(module=module)
         results = mm.exec_module()
-        cleanup_tokens(client)
+        module.exit_json(**results)
-        exit_json(module, results, client)
     except F5ModuleError as ex:
-        cleanup_tokens(client)
+        module.fail_json(msg=str(ex))
-        fail_json(module, ex, client)
 
 
 if __name__ == '__main__':

lib/ansible/modules/network/f5/bigip_dns_resolver.py

@@ -23,10 +23,12 @@ options:
   name:
     description:
       - Specifies the name of the DNS resolver.
+    type: str
     required: True
   route_domain:
     description:
       - Specifies the route domain the resolver uses for outbound traffic.
+    type: int
   cache_size:
     description:
       - Specifies the size of the internal DNS resolver cache.
@@ -34,6 +36,7 @@ options:
         is 5767168 bytes.
       - After the cache reaches this size, when new or refreshed content arrives, the
         system removes expired and older content and caches the new or updated content.
+    type: int
   answer_default_zones:
     description:
       - Specifies whether the system answers DNS queries for the default zones localhost,
@@ -80,13 +83,15 @@ options:
     description:
       - When C(present), ensures that the resource exists.
       - When C(absent), ensures the resource is removed.
-    default: present
+    type: str
     choices:
       - present
       - absent
+    default: present
   partition:
     description:
       - Device partition to manage resources on.
+    type: str
     default: Common
 extends_documentation_fragment: f5
 author:
@@ -154,22 +159,16 @@ try:
     from library.module_utils.network.f5.bigip import F5RestClient
     from library.module_utils.network.f5.common import F5ModuleError
     from library.module_utils.network.f5.common import AnsibleF5Parameters
-    from library.module_utils.network.f5.common import cleanup_tokens
     from library.module_utils.network.f5.common import fq_name
     from library.module_utils.network.f5.common import f5_argument_spec
-    from library.module_utils.network.f5.common import exit_json
-    from library.module_utils.network.f5.common import fail_json
     from library.module_utils.network.f5.common import transform_name
     from library.module_utils.network.f5.common import flatten_boolean
 except ImportError:
     from ansible.module_utils.network.f5.bigip import F5RestClient
     from ansible.module_utils.network.f5.common import F5ModuleError
     from ansible.module_utils.network.f5.common import AnsibleF5Parameters
-    from ansible.module_utils.network.f5.common import cleanup_tokens
     from ansible.module_utils.network.f5.common import fq_name
     from ansible.module_utils.network.f5.common import f5_argument_spec
-    from ansible.module_utils.network.f5.common import exit_json
-    from ansible.module_utils.network.f5.common import fail_json
     from ansible.module_utils.network.f5.common import transform_name
     from ansible.module_utils.network.f5.common import flatten_boolean
 
@@ -308,7 +307,7 @@ class Difference(object):
 class ModuleManager(object):
     def __init__(self, *args, **kwargs):
         self.module = kwargs.get('module', None)
-        self.client = kwargs.get('client', None)
+        self.client = F5RestClient(**self.module.params)
         self.want = ModuleParameters(params=self.module.params)
         self.have = ApiParameters()
         self.changes = UsableChanges()
@@ -525,16 +524,12 @@ def main():
         supports_check_mode=spec.supports_check_mode,
     )
 
-    client = F5RestClient(**module.params)
-
     try:
-        mm = ModuleManager(module=module, client=client)
+        mm = ModuleManager(module=module)
         results = mm.exec_module()
-        cleanup_tokens(client)
+        module.exit_json(**results)
-        exit_json(module, results, client)
     except F5ModuleError as ex:
-        cleanup_tokens(client)
+        module.fail_json(msg=str(ex))
-        fail_json(module, ex, client)
 
 
 if __name__ == '__main__':

lib/ansible/modules/network/f5/bigip_dns_zone.py

@@ -27,15 +27,18 @@ options:
       - Specifies the name of the DNS zone.
       - The name must begin with a letter and contain only letters, numbers,
         and the underscore character.
+    type: str
     required: True
   dns_express:
     description:
       - DNS express related settings.
+    type: dict
     suboptions:
       server:
         description:
           - Specifies the back-end authoritative DNS server from which the BIG-IP
             system receives AXFR zone transfers for the DNS Express zone.
+        type: str
       enabled:
         description:
           - Specifies the current status of the DNS Express zone.
@@ -53,6 +56,7 @@ options:
             listener that handles the DNS request).
           - When C(repeat), the NOTIFY message goes to both DNS Express and any
             back-end DNS server.
+        type: str
         choices:
           - consume
           - bypass
@@ -61,6 +65,7 @@ options:
         description:
           - Specifies the IP addresses from which the system accepts NOTIFY messages
             for this DNS Express zone.
+        type: list
       verify_tsig:
         description:
           - Specifies whether the system verifies the identity of the authoritative
@@ -73,21 +78,25 @@ options:
   nameservers:
     description:
       - Specifies the DNS nameservers to which the system sends NOTIFY messages.
+    type: list
   tsig_server_key:
     description:
       - Specifies the TSIG key the system uses to authenticate the back-end DNS
         authoritative server that sends AXFR zone transfers to the BIG-IP system.
+    type: str
   state:
     description:
       - When C(present), ensures that the resource exists.
       - When C(absent), ensures the resource is removed.
-    default: present
+    type: str
     choices:
       - present
       - absent
+    default: present
   partition:
     description:
       - Device partition to manage resources on.
+    type: str
     default: Common
 extends_documentation_fragment: f5
 author:
@@ -163,11 +172,8 @@ try:
     from library.module_utils.network.f5.bigip import F5RestClient
     from library.module_utils.network.f5.common import F5ModuleError
     from library.module_utils.network.f5.common import AnsibleF5Parameters
-    from library.module_utils.network.f5.common import cleanup_tokens
     from library.module_utils.network.f5.common import fq_name
     from library.module_utils.network.f5.common import f5_argument_spec
-    from library.module_utils.network.f5.common import exit_json
-    from library.module_utils.network.f5.common import fail_json
     from library.module_utils.network.f5.common import transform_name
     from library.module_utils.network.f5.common import flatten_boolean
     from library.module_utils.network.f5.compare import cmp_simple_list
@@ -175,11 +181,8 @@ except ImportError:
     from ansible.module_utils.network.f5.bigip import F5RestClient
     from ansible.module_utils.network.f5.common import F5ModuleError
     from ansible.module_utils.network.f5.common import AnsibleF5Parameters
-    from ansible.module_utils.network.f5.common import cleanup_tokens
     from ansible.module_utils.network.f5.common import fq_name
     from ansible.module_utils.network.f5.common import f5_argument_spec
-    from ansible.module_utils.network.f5.common import exit_json
-    from ansible.module_utils.network.f5.common import fail_json
     from ansible.module_utils.network.f5.common import transform_name
     from ansible.module_utils.network.f5.common import flatten_boolean
     from ansible.module_utils.network.f5.compare import cmp_simple_list
@@ -375,7 +378,7 @@ class Difference(object):
 class ModuleManager(object):
     def __init__(self, *args, **kwargs):
         self.module = kwargs.get('module', None)
-        self.client = kwargs.get('client', None)
+        self.client = F5RestClient(**self.module.params)
         self.want = ModuleParameters(params=self.module.params)
         self.have = ApiParameters()
         self.changes = UsableChanges()
@@ -599,16 +602,12 @@ def main():
         supports_check_mode=spec.supports_check_mode,
     )
 
-    client = F5RestClient(**module.params)
-
     try:
-        mm = ModuleManager(module=module, client=client)
+        mm = ModuleManager(module=module)
         results = mm.exec_module()
-        cleanup_tokens(client)
+        module.exit_json(**results)
-        exit_json(module, results, client)
     except F5ModuleError as ex:
-        cleanup_tokens(client)
+        module.fail_json(msg=str(ex))
-        fail_json(module, ex, client)
 
 
 if __name__ == '__main__':

lib/ansible/modules/network/f5/bigip_file_copy.py

@@ -25,10 +25,12 @@ options:
       - The name of the file as it should reside on the BIG-IP.
       - If this is not specified, then the filename provided in the C(source)
         parameter is used instead.
+    type: str
   source:
     description:
       - Specifies the path of the file to upload.
       - This parameter is required if C(state) is C(present).
+    type: path
     aliases:
       - src
   datastore:
@@ -42,6 +44,7 @@ options:
       - When C(lw4o6-table), the specified file will be store as an Lightweight 4
         over 6 (lw4o6) tunnel binding table, which include an IPv6 address for the
         lwB4, public IPv4 address, and restricted port set.
+    type: str
     choices:
       - external-monitor
       - ifile
@@ -59,15 +62,17 @@ options:
   partition:
     description:
       - Device partition to manage resources on.
+    type: str
     default: Common
   state:
     description:
       - When C(present), ensures that the resource exists.
       - When C(absent), ensures the resource is removed.
-    default: present
+    type: str
     choices:
       - present
       - absent
+    default: present
 extends_documentation_fragment: f5
 author:
   - Tim Rupp (@caphrim007)
@@ -129,22 +134,16 @@ try:
     from library.module_utils.network.f5.bigip import F5RestClient
     from library.module_utils.network.f5.common import F5ModuleError
     from library.module_utils.network.f5.common import AnsibleF5Parameters
-    from library.module_utils.network.f5.common import cleanup_tokens
     from library.module_utils.network.f5.common import fq_name
     from library.module_utils.network.f5.common import f5_argument_spec
-    from library.module_utils.network.f5.common import exit_json
-    from library.module_utils.network.f5.common import fail_json
     from library.module_utils.network.f5.common import transform_name
     from library.module_utils.network.f5.icontrol import upload_file
 except ImportError:
     from ansible.module_utils.network.f5.bigip import F5RestClient
     from ansible.module_utils.network.f5.common import F5ModuleError
     from ansible.module_utils.network.f5.common import AnsibleF5Parameters
-    from ansible.module_utils.network.f5.common import cleanup_tokens
     from ansible.module_utils.network.f5.common import fq_name
     from ansible.module_utils.network.f5.common import f5_argument_spec
-    from ansible.module_utils.network.f5.common import exit_json
-    from ansible.module_utils.network.f5.common import fail_json
     from ansible.module_utils.network.f5.common import transform_name
     from ansible.module_utils.network.f5.icontrol import upload_file
 
@@ -261,7 +260,7 @@ class Difference(object):
 class BaseManager(object):
     def __init__(self, *args, **kwargs):
         self.module = kwargs.get('module', None)
-        self.client = kwargs.get('client', None)
+        self.client = F5RestClient(**self.module.params)
         self.want = ModuleParameters(params=self.module.params)
         self.have = ApiParameters()
         self.changes = UsableChanges()
@@ -672,16 +671,12 @@ def main():
         required_if=spec.required_if,
     )
 
-    client = F5RestClient(**module.params)
-
     try:
-        mm = ModuleManager(module=module, client=client)
+        mm = ModuleManager(module=module)
         results = mm.exec_module()
-        cleanup_tokens(client)
+        module.exit_json(**results)
-        exit_json(module, results, client)
     except F5ModuleError as ex:
-        cleanup_tokens(client)
+        module.fail_json(msg=str(ex))
-        fail_json(module, ex, client)
 
 
 if __name__ == '__main__':

lib/ansible/modules/network/f5/bigip_firewall_address_list.py

@@ -24,14 +24,17 @@ options:
   name:
     description:
       - Specifies the name of the address list.
+    type: str
     required: True
   partition:
     description:
       - Device partition to manage resources on.
+    type: str
     default: Common
   description:
     description:
       - Description of the address list
+    type: str
   geo_locations:
     description:
       - List of geolocations specified by their C(country) and C(region).
@@ -42,19 +45,23 @@ options:
           - In addition to the country full names, you may also specify their abbreviated
             form, such as C(US) instead of C(United States).
           - Valid country codes can be found here https://countrycode.org/.
-        required: true
+        type: str
+        required: True
         choices:
           - Any valid 2 character ISO country code.
           - Any valid country name.
       region:
         description:
           - Region name of the country to use.
+        type: str
+    type: list
   addresses:
     description:
       - Individual addresses that you want to add to the list. These addresses differ
         from ranges, and lists of lists such as what can be used in C(address_ranges)
         and C(address_lists) respectively.
       - This list can also include networks that have CIDR notation.
+    type: list
   address_ranges:
     description:
       - A list of address ranges where the range starts with a port number, is followed
@@ -62,12 +69,14 @@ options:
       - If the first address is greater than the second number, the numbers will be
         reversed so-as to be properly formatted. ie, C(2.2.2.2-1.1.1). would become
         C(1.1.1.1-2.2.2.2).
+    type: list
   address_lists:
     description:
       - Simple list of existing address lists to add to this list. Address lists can be
         specified in either their fully qualified name (/Common/foo) or their short
         name (foo). If a short name is used, the C(partition) argument will automatically
         be prepended to the short name.
+    type: list
   fqdns:
     description:
       - A list of fully qualified domain names (FQDNs).
@@ -77,14 +86,16 @@ options:
         of BIG-IP. If using C(bigip_command), this can be done with C(tmsh modify security
         firewall global-fqdn-policy FOO) where C(FOO) is a DNS resolver configured
         at C(tmsh create net dns-resolver FOO).
+    type: list
   state:
     description:
       - When C(present), ensures that the address list and entries exists.
       - When C(absent), ensures the address list is removed.
-    default: present
+    type: str
     choices:
       - present
       - absent
+    default: present
 extends_documentation_fragment: f5
 author:
   - Tim Rupp (@caphrim007)
@@ -158,11 +169,8 @@ try:
     from library.module_utils.network.f5.bigip import F5RestClient
     from library.module_utils.network.f5.common import F5ModuleError
     from library.module_utils.network.f5.common import AnsibleF5Parameters
-    from library.module_utils.network.f5.common import cleanup_tokens
     from library.module_utils.network.f5.common import fq_name
     from library.module_utils.network.f5.common import f5_argument_spec
-    from library.module_utils.network.f5.common import exit_json
-    from library.module_utils.network.f5.common import fail_json
     from library.module_utils.network.f5.common import transform_name
     from library.module_utils.compat.ipaddress import ip_address
     from library.module_utils.compat.ipaddress import ip_interface
@@ -172,11 +180,8 @@ except ImportError:
     from ansible.module_utils.network.f5.bigip import F5RestClient
     from ansible.module_utils.network.f5.common import F5ModuleError
     from ansible.module_utils.network.f5.common import AnsibleF5Parameters
-    from ansible.module_utils.network.f5.common import cleanup_tokens
     from ansible.module_utils.network.f5.common import fq_name
     from ansible.module_utils.network.f5.common import f5_argument_spec
-    from ansible.module_utils.network.f5.common import exit_json
-    from ansible.module_utils.network.f5.common import fail_json
     from ansible.module_utils.network.f5.common import transform_name
     from ansible.module_utils.compat.ipaddress import ip_address
     from ansible.module_utils.compat.ipaddress import ip_interface
@@ -744,7 +749,7 @@ class Difference(object):
 class ModuleManager(object):
     def __init__(self, *args, **kwargs):
         self.module = kwargs.get('module', None)
-        self.client = kwargs.get('client', None)
+        self.client = F5RestClient(**self.module.params)
         self.want = ModuleParameters(params=self.module.params)
         self.have = ApiParameters()
         self.changes = UsableChanges()
@@ -961,16 +966,12 @@ def main():
         supports_check_mode=spec.supports_check_mode
     )
 
-    client = F5RestClient(**module.params)
-
     try:
-        mm = ModuleManager(module=module, client=client)
+        mm = ModuleManager(module=module)
         results = mm.exec_module()
-        cleanup_tokens(client)
+        module.exit_json(**results)
-        exit_json(module, results, client)
     except F5ModuleError as ex:
-        cleanup_tokens(client)
+        module.fail_json(msg=str(ex))
-        fail_json(module, ex, client)
 
 
 if __name__ == '__main__':

lib/ansible/modules/network/f5/bigip_firewall_dos_profile.py

@@ -24,10 +24,12 @@ options:
   name:
     description:
       - Specifies the name of the profile.
+    type: str
     required: True
   description:
     description:
       - The description of the DoS profile.
+    type: str
   default_whitelist:
     description:
       - The default whitelist address list for the system to use to determine which
@@ -35,6 +37,7 @@ options:
       - The system does not examine traffic from the IP addresses in the list when
         performing DoS prevention.
       - To define a new whitelist, use the C(bigip_firewall_address_list) module.
+    type: str
   threshold_sensitivity:
     description:
       - Specifies the threshold sensitivity for the DoS profile.
@@ -42,6 +45,7 @@ options:
         lower when sensitivity is C(high).
       - When creating a new profile, if this parameter is not specified, the default
         is C(medium).
+    type: str
     choices:
       - low
       - medium
@@ -49,15 +53,17 @@ options:
   partition:
     description:
       - Device partition to manage resources on.
+    type: str
     default: Common
   state:
     description:
       - When C(present), ensures that the resource exists.
       - When C(absent), ensures the resource is removed.
-    default: present
+    type: str
     choices:
       - present
       - absent
+    default: present
 extends_documentation_fragment: f5
 author:
   - Tim Rupp (@caphrim007)
@@ -100,21 +106,15 @@ try:
     from library.module_utils.network.f5.bigip import F5RestClient
     from library.module_utils.network.f5.common import F5ModuleError
     from library.module_utils.network.f5.common import AnsibleF5Parameters
-    from library.module_utils.network.f5.common import cleanup_tokens
     from library.module_utils.network.f5.common import fq_name
     from library.module_utils.network.f5.common import f5_argument_spec
-    from library.module_utils.network.f5.common import exit_json
-    from library.module_utils.network.f5.common import fail_json
     from library.module_utils.network.f5.common import transform_name
 except ImportError:
     from ansible.module_utils.network.f5.bigip import F5RestClient
     from ansible.module_utils.network.f5.common import F5ModuleError
     from ansible.module_utils.network.f5.common import AnsibleF5Parameters
-    from ansible.module_utils.network.f5.common import cleanup_tokens
     from ansible.module_utils.network.f5.common import fq_name
     from ansible.module_utils.network.f5.common import f5_argument_spec
-    from ansible.module_utils.network.f5.common import exit_json
-    from ansible.module_utils.network.f5.common import fail_json
     from ansible.module_utils.network.f5.common import transform_name
 
 
@@ -200,7 +200,7 @@ class Difference(object):
 class ModuleManager(object):
     def __init__(self, *args, **kwargs):
         self.module = kwargs.get('module', None)
-        self.client = kwargs.get('client', None)
+        self.client = F5RestClient(**self.module.params)
         self.want = ModuleParameters(params=self.module.params)
         self.have = ApiParameters()
         self.changes = UsableChanges()
@@ -414,16 +414,12 @@ def main():
         supports_check_mode=spec.supports_check_mode,
     )
 
-    client = F5RestClient(**module.params)
-
     try:
-        mm = ModuleManager(module=module, client=client)
+        mm = ModuleManager(module=module)
         results = mm.exec_module()
-        cleanup_tokens(client)
+        module.exit_json(**results)
-        exit_json(module, results, client)
     except F5ModuleError as ex:
-        cleanup_tokens(client)
+        module.fail_json(msg=str(ex))
-        fail_json(module, ex, client)
 
 
 if __name__ == '__main__':

lib/ansible/modules/network/f5/bigip_firewall_dos_vector.py

@@ -95,6 +95,7 @@ options:
       - When C(sip-malformed), configures the "sip-malformed" SIP Protocol Security vector.
       - When C(subscribe), configures the "SIP SUBSCRIBE Method" SIP Protocol Security vector.
       - When C(uri-limit), configures the "uri-limit" SIP Protocol Security vector.
+    type: str
     choices:
       - ext-hdr-too-large
       - hop-cnt-low
@@ -157,6 +158,7 @@ options:
       - Vectors can be managed in either DoS Profiles, or Device Configuration. By
         specifying a profile of 'device-config', this module will specifically tailor
         configuration of the provided vectors to the Device Configuration.
+    type: str
     required: True
   auto_blacklist:
     description:
@@ -179,6 +181,7 @@ options:
         specified.
       - To set no hard limit and allow automatic thresholds to manage all rate limiting,
         set this to C(infinite).
+    type: str
   attack_floor:
     description:
       - Specifies packets per second to identify an attack.
@@ -187,6 +190,7 @@ options:
       - As the automatic detection thresholds adjust to traffic and CPU usage on the
         system over time, this attack floor becomes less relevant.
       - This value may not exceed the value in C(attack_floor).
+    type: str
   allow_advertisement:
     description:
       - Specifies that addresses that are identified for blacklisting are advertised to
@@ -201,28 +205,34 @@ options:
   blacklist_detection_seconds:
     description:
       - Detection, in seconds, before blacklisting occurs.
+    type: int
   blacklist_duration:
     description:
       - Duration, in seconds, that the blacklist will last.
+    type: int
   per_source_ip_detection_threshold:
     description:
       - Specifies the number of packets per second to identify an IP address as a bad
         actor.
+    type: str
   per_source_ip_mitigation_threshold:
     description:
       - Specifies the rate limit applied to a source IP that is identified as a bad
         actor.
+    type: str
   detection_threshold_percent:
     description:
       - Lists the threshold percent increase over time that the system must detect in
         traffic in order to detect this attack.
       - The C(tcp-half-open) vector does not support this parameter.
+    type: str
     aliases:
       - rate_increase
   detection_threshold_eps:
     description:
       - Lists how many packets per second the system must discover in traffic in order
         to detect this attack.
+    type: str
     aliases:
       - rate_threshold
   mitigation_threshold_eps:
@@ -230,6 +240,7 @@ options:
       - Specify the maximum number of this type of packet per second the system allows
         for a vector.
       - The system drops packets once the traffic level exceeds the rate limit.
+    type: str
     aliases:
       - rate_limit
   threshold_mode:
@@ -240,6 +251,7 @@ options:
         for this parameter.
       - The C(sip-malformed) vector does not support C(fully-automatic), or C(stress-based-mitigation)
         for this parameter.
+    type: str
     choices:
       - manual
       - stress-based-mitigation
@@ -254,6 +266,7 @@ options:
         and thresholds, but is still tracked in logs and statistics.
       - When C(state) is C(learn-only), ensures that the vector does not "detect" any attacks.
         Only learning and stat collecting is performed.
+    type: str
     choices:
       - mitigate
       - detect-only
@@ -263,6 +276,7 @@ options:
   partition:
     description:
       - Device partition to manage resources on.
+    type: str
     default: Common
 extends_documentation_fragment: f5
 requirements:
@@ -374,22 +388,16 @@ try:
     from library.module_utils.network.f5.bigip import F5RestClient
     from library.module_utils.network.f5.common import F5ModuleError
     from library.module_utils.network.f5.common import AnsibleF5Parameters
-    from library.module_utils.network.f5.common import cleanup_tokens
     from library.module_utils.network.f5.common import fq_name
     from library.module_utils.network.f5.common import f5_argument_spec
-    from library.module_utils.network.f5.common import exit_json
-    from library.module_utils.network.f5.common import fail_json
     from library.module_utils.network.f5.common import transform_name
     from library.module_utils.network.f5.common import flatten_boolean
 except ImportError:
     from ansible.module_utils.network.f5.bigip import F5RestClient
     from ansible.module_utils.network.f5.common import F5ModuleError
     from ansible.module_utils.network.f5.common import AnsibleF5Parameters
-    from ansible.module_utils.network.f5.common import cleanup_tokens
     from ansible.module_utils.network.f5.common import fq_name
     from ansible.module_utils.network.f5.common import f5_argument_spec
-    from ansible.module_utils.network.f5.common import exit_json
-    from ansible.module_utils.network.f5.common import fail_json
     from ansible.module_utils.network.f5.common import transform_name
     from ansible.module_utils.network.f5.common import flatten_boolean
 
@@ -740,7 +748,7 @@ class Difference(object):
 class BaseManager(object):
     def __init__(self, *args, **kwargs):
         self.module = kwargs.get('module', None)
-        self.client = kwargs.get('client', None)
+        self.client = F5RestClient(**self.module.params)
 
         # A list of all the vectors queried from the API when reading current info
         # from the device. This is used when updating the API as the value that needs
@@ -1287,16 +1295,12 @@ def main():
         supports_check_mode=spec.supports_check_mode,
     )
 
-    client = F5RestClient(**module.params)
-
     try:
-        mm = ModuleManager(module=module, client=client)
+        mm = ModuleManager(module=module)
         results = mm.exec_module()
-        cleanup_tokens(client)
+        module.exit_json(**results)
-        exit_json(module, results, client)
     except F5ModuleError as ex:
-        cleanup_tokens(client)
+        module.fail_json(msg=str(ex))
-        fail_json(module, ex, client)
 
 
 if __name__ == '__main__':

lib/ansible/modules/network/f5/bigip_firewall_global_rules.py

@@ -27,6 +27,7 @@ options:
     description:
       - Specifies an enforced firewall policy.
       - C(enforced_policy) rules are enforced globally.
+    type: str
   service_policy:
     description:
       - Specifies a service policy that would apply to traffic globally.
@@ -39,15 +40,18 @@ options:
         policy setting at the global level.
       - The service policy associated here can be created using the
         C(bigip_service_policy) module.
+    type: str
   staged_policy:
     description:
       - Specifies a staged firewall policy.
       - C(staged_policy) rules are not enforced while all the visibility
         aspects namely statistics, reporting and logging function as if
         the staged-policy rules were enforced globally.
+    type: str
   description:
     description:
       - Description for the global list of firewall rules.
+    type: str
 extends_documentation_fragment: f5
 author:
   - Tim Rupp (@caphrim007)
@@ -93,21 +97,15 @@ try:
     from library.module_utils.network.f5.bigip import F5RestClient
     from library.module_utils.network.f5.common import F5ModuleError
     from library.module_utils.network.f5.common import AnsibleF5Parameters
-    from library.module_utils.network.f5.common import cleanup_tokens
     from library.module_utils.network.f5.common import fq_name
     from library.module_utils.network.f5.common import f5_argument_spec
-    from library.module_utils.network.f5.common import exit_json
-    from library.module_utils.network.f5.common import fail_json
     from library.module_utils.network.f5.compare import cmp_str_with_none
 except ImportError:
     from ansible.module_utils.network.f5.bigip import F5RestClient
     from ansible.module_utils.network.f5.common import F5ModuleError
     from ansible.module_utils.network.f5.common import AnsibleF5Parameters
-    from ansible.module_utils.network.f5.common import cleanup_tokens
     from ansible.module_utils.network.f5.common import fq_name
     from ansible.module_utils.network.f5.common import f5_argument_spec
-    from ansible.module_utils.network.f5.common import exit_json
-    from ansible.module_utils.network.f5.common import fail_json
     from ansible.module_utils.network.f5.compare import cmp_str_with_none
 
 
@@ -243,7 +241,7 @@ class Difference(object):
 class ModuleManager(object):
     def __init__(self, *args, **kwargs):
         self.module = kwargs.get('module', None)
-        self.client = kwargs.get('client', None)
+        self.client = F5RestClient(**self.module.params)
         self.want = ModuleParameters(params=self.module.params)
         self.have = ApiParameters()
         self.changes = UsableChanges()
@@ -371,16 +369,12 @@ def main():
         supports_check_mode=spec.supports_check_mode,
     )
 
-    client = F5RestClient(**module.params)
-
     try:
-        mm = ModuleManager(module=module, client=client)
+        mm = ModuleManager(module=module)
         results = mm.exec_module()
-        cleanup_tokens(client)
+        module.exit_json(**results)
-        exit_json(module, results, client)
     except F5ModuleError as ex:
-        cleanup_tokens(client)
+        module.fail_json(msg=str(ex))
-        fail_json(module, ex, client)
 
 
 if __name__ == '__main__':

lib/ansible/modules/network/f5/bigip_firewall_policy.py

@@ -23,16 +23,19 @@ options:
   name:
     description:
       - The name of the policy to create.
+    type: str
     required: True
   description:
     description:
       - The description to attach to the policy.
       - This parameter is only supported on versions of BIG-IP >= 12.1.0. On earlier
         versions it will simply be ignored.
+    type: str
   state:
     description:
       - When C(state) is C(present), ensures that the policy exists.
       - When C(state) is C(absent), ensures that the policy is removed.
+    type: str
     choices:
       - present
       - absent
@@ -48,9 +51,11 @@ options:
         configuration for these rules.
       - The C(bigip_firewall_rule) module can be used to also create, as well as
         edit, existing and new rules.
+    type: list
   partition:
     description:
       - Device partition to manage resources on.
+    type: str
     default: Common
 extends_documentation_fragment: f5
 author:
@@ -92,19 +97,13 @@ try:
     from library.module_utils.network.f5.bigip import F5RestClient
     from library.module_utils.network.f5.common import F5ModuleError
     from library.module_utils.network.f5.common import AnsibleF5Parameters
-    from library.module_utils.network.f5.common import cleanup_tokens
     from library.module_utils.network.f5.common import f5_argument_spec
-    from library.module_utils.network.f5.common import fail_json
-    from library.module_utils.network.f5.common import exit_json
     from library.module_utils.network.f5.common import transform_name
 except ImportError:
     from ansible.module_utils.network.f5.bigip import F5RestClient
     from ansible.module_utils.network.f5.common import F5ModuleError
     from ansible.module_utils.network.f5.common import AnsibleF5Parameters
-    from ansible.module_utils.network.f5.common import cleanup_tokens
     from ansible.module_utils.network.f5.common import f5_argument_spec
-    from ansible.module_utils.network.f5.common import fail_json
-    from ansible.module_utils.network.f5.common import exit_json
     from ansible.module_utils.network.f5.common import transform_name
 
 
@@ -206,7 +205,7 @@ class Difference(object):
 class ModuleManager(object):
     def __init__(self, *args, **kwargs):
         self.module = kwargs.get('module', None)
-        self.client = kwargs.get('client', None)
+        self.client = F5RestClient(**self.module.params)
         self.want = ModuleParameters(params=self.module.params)
         self.have = ApiParameters()
         self.changes = UsableChanges()
@@ -521,16 +520,12 @@ def main():
         supports_check_mode=spec.supports_check_mode,
     )
 
-    client = F5RestClient(**module.params)
-
     try:
-        mm = ModuleManager(module=module, client=client)
+        mm = ModuleManager(module=module)
         results = mm.exec_module()
-        cleanup_tokens(client)
+        module.exit_json(**results)
-        exit_json(module, results, client)
     except F5ModuleError as ex:
-        cleanup_tokens(client)
+        module.fail_json(msg=str(ex))
-        fail_json(module, ex, client)
 
 
 if __name__ == '__main__':

lib/ansible/modules/network/f5/bigip_firewall_port_list.py

@@ -24,37 +24,44 @@ options:
   name:
     description:
       - Specifies the name of the port list.
+    type: str
     required: True
   partition:
     description:
       - Device partition to manage resources on.
+    type: str
     default: Common
   description:
     description:
       - Description of the port list
+    type: str
   ports:
     description:
       - Simple list of port values to add to the list
+    type: list
   port_ranges:
     description:
       - A list of port ranges where the range starts with a port number, is followed
         by a dash (-) and then a second number.
       - If the first number is greater than the second number, the numbers will be
         reversed so-as to be properly formatted. ie, 90-78 would become 78-90.
+    type: list
   port_lists:
     description:
       - Simple list of existing port lists to add to this list. Port lists can be
         specified in either their fully qualified name (/Common/foo) or their short
         name (foo). If a short name is used, the C(partition) argument will automatically
         be prepended to the short name.
+    type: list
   state:
     description:
       - When C(present), ensures that the address list and entries exists.
       - When C(absent), ensures the address list is removed.
-    default: present
+    type: str
     choices:
       - present
       - absent
+    default: present
 extends_documentation_fragment: f5
 author:
   - Tim Rupp (@caphrim007)
@@ -172,23 +179,17 @@ try:
     from library.module_utils.network.f5.bigip import F5RestClient
     from library.module_utils.network.f5.common import F5ModuleError
     from library.module_utils.network.f5.common import AnsibleF5Parameters
-    from library.module_utils.network.f5.common import cleanup_tokens
     from library.module_utils.network.f5.common import fq_name
     from library.module_utils.network.f5.common import f5_argument_spec
     from library.module_utils.network.f5.common import transform_name
-    from library.module_utils.network.f5.common import exit_json
-    from library.module_utils.network.f5.common import fail_json
     from library.module_utils.network.f5.icontrol import module_provisioned
 except ImportError:
     from ansible.module_utils.network.f5.bigip import F5RestClient
     from ansible.module_utils.network.f5.common import F5ModuleError
     from ansible.module_utils.network.f5.common import AnsibleF5Parameters
-    from ansible.module_utils.network.f5.common import cleanup_tokens
     from ansible.module_utils.network.f5.common import fq_name
     from ansible.module_utils.network.f5.common import f5_argument_spec
     from ansible.module_utils.network.f5.common import transform_name
-    from ansible.module_utils.network.f5.common import exit_json
-    from ansible.module_utils.network.f5.common import fail_json
     from ansible.module_utils.network.f5.icontrol import module_provisioned
 
 
@@ -413,7 +414,7 @@ class Difference(object):
 class ModuleManager(object):
     def __init__(self, *args, **kwargs):
         self.module = kwargs.get('module', None)
-        self.client = kwargs.get('client', None)
+        self.client = F5RestClient(**self.module.params)
         self.want = ModuleParameters(params=self.module.params)
         self.have = ApiParameters()
         self.changes = UsableChanges()
@@ -632,16 +633,12 @@ def main():
         supports_check_mode=spec.supports_check_mode
     )
 
-    client = F5RestClient(**module.params)
-
     try:
-        mm = ModuleManager(module=module, client=client)
+        mm = ModuleManager(module=module)
         results = mm.exec_module()
-        cleanup_tokens(client)
+        module.exit_json(**results)
-        exit_json(module, results, client)
     except F5ModuleError as ex:
-        cleanup_tokens(client)
+        module.fail_json(msg=str(ex))
-        fail_json(module, ex, client)
 
 
 if __name__ == '__main__':

lib/ansible/modules/network/f5/bigip_firewall_rule.py

@@ -26,15 +26,18 @@ options:
   name:
     description:
       - Specifies the name of the rule.
+    type: str
     required: True
   parent_policy:
     description:
       - The policy which contains the rule to be managed.
       - One of either C(parent_policy) or C(parent_rule_list) is required.
+    type: str
   parent_rule_list:
     description:
       - The rule list which contains the rule to be managed.
       - One of either C(parent_policy) or C(parent_rule_list) is required.
+    type: str
   action:
     description:
       - Specifies the action for the firewall rule.
@@ -56,6 +59,7 @@ options:
         or self IP firewall rule, then Accept Decisively is equivalent to Accept.
       - When creating a new rule, if this parameter is not provided, the default is
         C(reject).
+    type: str
     choices:
       - accept
       - drop
@@ -71,6 +75,7 @@ options:
         according to the specified schedule.
       - When creating a new rule, if this parameter is not provided, the default
         is C(enabled).
+    type: str
     choices:
       - enabled
       - disabled
@@ -80,19 +85,23 @@ options:
       - Specifies a schedule for the firewall rule.
       - You configure schedules to define days and times when the firewall rule is
         made active.
+    type: str
   description:
     description:
       - The rule description.
+    type: str
   irule:
     description:
-      - Specifies an iRule that is applied to the rule.
+      - Specifies an iRule that is applied to the firewall rule.
       - An iRule can be started when the firewall rule matches traffic.
+    type: str
   protocol:
     description:
       - Specifies the protocol to which the rule applies.
       - Protocols may be specified by either their name or numeric value.
       - A special protocol value C(any) can be specified to match any protocol. The
         numeric equivalent of this protocol is C(255).
+    type: str
   source:
     description:
       - Specifies packet sources to which the rule applies.
@@ -105,29 +114,42 @@ options:
       address:
         description:
           - Specifies a specific IP address.
+        type: str
       address_list:
         description:
           - Specifies an existing address list.
+        type: str
       address_range:
         description:
           - Specifies an address range.
+        type: str
       country:
         description:
           - Specifies a country code.
+        type: str
       port:
         description:
           - Specifies a single numeric port.
           - This option is only valid when C(protocol) is C(tcp)(6) or C(udp)(17).
+        type: int
       port_list:
         description:
           - Specifes an existing port list.
           - This option is only valid when C(protocol) is C(tcp)(6) or C(udp)(17).
+        type: str
       port_range:
         description:
           - Specifies a range of ports, which is two port values separated by
             a hyphen. The port to the left of the hyphen should be less than the
             port to the right.
           - This option is only valid when C(protocol) is C(tcp)(6) or C(udp)(17).
+        type: str
+      vlan:
+        description:
+          - Specifies VLANs to which the rule applies.
+          - The VLAN source refers to the packet's source.
+        type: str
+    type: list
   destination:
     description:
       - Specifies packet destinations to which the rule applies.
@@ -140,29 +162,37 @@ options:
       address:
         description:
           - Specifies a specific IP address.
+        type: str
       address_list:
         description:
           - Specifies an existing address list.
+        type: str
       address_range:
         description:
           - Specifies an address range.
+        type: str
       country:
         description:
           - Specifies a country code.
+        type: str
       port:
         description:
           - Specifies a single numeric port.
           - This option is only valid when C(protocol) is C(tcp)(6) or C(udp)(17).
+        type: int
       port_list:
         description:
           - Specifes an existing port list.
           - This option is only valid when C(protocol) is C(tcp)(6) or C(udp)(17).
+        type: str
       port_range:
         description:
           - Specifies a range of ports, which is two port values separated by
             a hyphen. The port to the left of the hyphen should be less than the
             port to the right.
           - This option is only valid when C(protocol) is C(tcp)(6) or C(udp)(17).
+        type: str
+    type: list
   logging:
     description:
       - Specifies whether logging is enabled or disabled for the firewall rule.
@@ -175,6 +205,7 @@ options:
       - This parameter is mutually exclusive with many of the other individual-rule
         specific settings. This includes C(logging), C(action), C(source),
         C(destination), C(irule'), C(protocol) and C(logging).
+    type: str
   icmp_message:
     description:
       - Specifies the Internet Control Message Protocol (ICMP) or ICMPv6 message
@@ -191,6 +222,7 @@ options:
           - You can also specify an arbitrary ICMP message.
           - The ICMP protocol contains definitions for the existing message type and
             number pairs.
+        type: str
       code:
         description:
           - Specifies the code returned in response to the specified ICMP message type.
@@ -202,14 +234,18 @@ options:
           - You can also specify an arbitrary code.
           - The ICMP protocol contains definitions for the existing message code and
             number pairs.
+        type: str
+    type: list
   partition:
     description:
       - Device partition to manage resources on.
+    type: str
     default: Common
   state:
     description:
       - When C(state) is C(present), ensures that the rule exists.
       - When C(state) is C(absent), ensures that the rule is removed.
+    type: str
     choices:
       - present
       - absent
@@ -217,6 +253,7 @@ options:
 extends_documentation_fragment: f5
 author:
   - Tim Rupp (@caphrim007)
+  - Wojciech Wypior (@wojtek0806)
 '''
 
 EXAMPLES = r'''
@@ -281,16 +318,164 @@ EXAMPLES = r'''
 '''
 
 RETURN = r'''
-param1:
+name:
-  description: The new param1 value of the resource.
+  description: Name of the rule.
+  returned: changed
+  type: str
+  sample: FooRule
+parent_policy:
+  description: The policy which contains the rule to be managed.
+  returned: changed
+  type: str
+  sample: FooPolicy
+parent_rule_list:
+  description: The rule list which contains the rule to be managed.
+  returned: changed
+  type: str
+  sample: FooRuleList
+action:
+  description: The action for the firewall rule.
+  returned: changed
+  type: str
+  sample: drop
+status:
+  description: The activity state of the rule or rule list.
+  returned: changed
+  type: str
+  sample: scheduled
+schedule:
+  description: The schedule for the firewall rule.
+  returned: changed
+  type: str
+  sample: Foo_schedule
+description:
+  description: The rule description.
+  returned: changed
+  type: str
+  sample: MyRule
+irule:
+  description: The iRule that is applied to the firewall rule.
+  returned: changed
+  type: str
+  sample: _sys_auth_radius
+protocol:
+  description: The protocol to which the rule applies.
+  returned: changed
+  type: str
+  sample: any
+source:
+  description: The packet sources to which the rule applies
+  returned: changed
+  type: complex
+  contains:
+    address:
+      description: A specific IP address.
+      returned: changed
+      type: str
+      sample: 192.168.1.1
+    address_list:
+      description: An existing address list.
+      returned: changed
+      type: str
+      sample: foo-list1
+    address_range:
+      description: The address range.
+      returned: changed
+      type: str
+      sample: 1.1.1.1-2.2.2.2
+    country:
+      description: A country code.
+      returned: changed
+      type: str
+      sample: US
+    port:
+      description: Single numeric port.
+      returned: changed
+      type: int
+      sample: 8080
+    port_list:
+      description: An existing port list.
+      returned: changed
+      type: str
+      sample: port-list1
+    port_range:
+      description: The port range.
+      returned: changed
+      type: str
+      sample: 80-443
+    vlan:
+      description: Source VLANs for the packets.
+      returned: changed
+      type: str
+      sample: vlan1
+  sample: hash/dictionary of values
+destination:
+  description: The packet destinations to which the rule applies.
+  returned: changed
+  type: complex
+  contains:
+    address:
+      description: A specific IP address.
+      returned: changed
+      type: str
+      sample: 192.168.1.1
+    address_list:
+      description: An existing address list.
+      returned: changed
+      type: str
+      sample: foo-list1
+    address_range:
+      description: The address range.
+      returned: changed
+      type: str
+      sample: 1.1.1.1-2.2.2.2
+    country:
+      description: A country code.
+      returned: changed
+      type: str
+      sample: US
+    port:
+      description: Single numeric port.
+      returned: changed
+      type: int
+      sample: 8080
+    port_list:
+      description: An existing port list.
+      returned: changed
+      type: str
+      sample: port-list1
+    port_range:
+      description: The port range.
+      returned: changed
+      type: str
+      sample: 80-443
+  sample: hash/dictionary of values
+logging:
+  description: Enable or Disable logging for the firewall rule.
   returned: changed
   type: bool
-  sample: true
+  sample: yes
-param2:
+rule_list:
-  description: The new param2 value of the resource.
+  description: An existing rule list to use in the rule.
   returned: changed
   type: str
-  sample: Foo is bar
+  sample: rule-list-1
+icmp_message:
+  description: The (ICMP) or ICMPv6 message C(type) and C(code) that the rule uses.
+  returned: changed
+  type: complex
+  contains:
+    type:
+      description: The type of ICMP message.
+      returned: changed
+      type: str
+      sample: 0
+    code:
+      description: The code returned in response to the specified ICMP message type.
+      returned: changed
+      type: str
+      sample: 1
+  sample: hash/dictionary of values
 '''
 
 from ansible.module_utils.basic import AnsibleModule
@@ -300,24 +485,16 @@ try:
     from library.module_utils.network.f5.bigip import F5RestClient
     from library.module_utils.network.f5.common import F5ModuleError
     from library.module_utils.network.f5.common import AnsibleF5Parameters
-    from library.module_utils.network.f5.common import cleanup_tokens
     from library.module_utils.network.f5.common import fq_name
     from library.module_utils.network.f5.common import f5_argument_spec
-    from library.module_utils.network.f5.common import exit_json
-    from library.module_utils.network.f5.common import fail_json
     from library.module_utils.network.f5.common import transform_name
-    from library.module_utils.network.f5.common import fq_name
 except ImportError:
     from ansible.module_utils.network.f5.bigip import F5RestClient
     from ansible.module_utils.network.f5.common import F5ModuleError
     from ansible.module_utils.network.f5.common import AnsibleF5Parameters
-    from ansible.module_utils.network.f5.common import cleanup_tokens
     from ansible.module_utils.network.f5.common import fq_name
     from ansible.module_utils.network.f5.common import f5_argument_spec
-    from ansible.module_utils.network.f5.common import exit_json
-    from ansible.module_utils.network.f5.common import fail_json
     from ansible.module_utils.network.f5.common import transform_name
-    from ansible.module_utils.network.f5.common import fq_name
 
 
 class Parameters(AnsibleF5Parameters):
@@ -752,7 +929,7 @@ class Difference(object):
 class ModuleManager(object):
     def __init__(self, *args, **kwargs):
         self.module = kwargs.get('module', None)
-        self.client = kwargs.get('client', None)
+        self.client = F5RestClient(**self.module.params)
         self.want = ModuleParameters(params=self.module.params)
         self.have = ApiParameters()
         self.changes = UsableChanges()
@@ -1102,16 +1279,12 @@ def main():
         required_one_of=spec.required_one_of
     )
 
-    client = F5RestClient(**module.params)
-
     try:
-        mm = ModuleManager(module=module, client=client)
+        mm = ModuleManager(module=module)
         results = mm.exec_module()
-        cleanup_tokens(client)
+        module.exit_json(**results)
-        exit_json(module, results, client)
     except F5ModuleError as ex:
-        cleanup_tokens(client)
+        module.fail_json(msg=str(ex))
-        fail_json(module, ex, client)
 
 
 if __name__ == '__main__':

lib/ansible/modules/network/f5/bigip_firewall_rule_list.py

@@ -23,16 +23,19 @@ options:
   name:
     description:
       - The name of the policy to create.
+    type: str
     required: True
   description:
     description:
       - The description to attach to the policy.
       - This parameter is only supported on versions of BIG-IP >= 12.1.0. On earlier
         versions it will simply be ignored.
+    type: str
   state:
     description:
       - When C(state) is C(present), ensures that the rule list exists.
       - When C(state) is C(absent), ensures that the rule list is removed.
+    type: str
     choices:
       - present
       - absent
@@ -48,9 +51,11 @@ options:
         configuration for these rules.
       - The C(bigip_firewall_rule) module can be used to also create, as well as
         edit, existing and new rules.
+    type: list
   partition:
     description:
       - Device partition to manage resources on.
+    type: str
     default: Common
 extends_documentation_fragment: f5
 author:
@@ -92,19 +97,13 @@ try:
     from library.module_utils.network.f5.bigip import F5RestClient
     from library.module_utils.network.f5.common import F5ModuleError
     from library.module_utils.network.f5.common import AnsibleF5Parameters
-    from library.module_utils.network.f5.common import cleanup_tokens
     from library.module_utils.network.f5.common import f5_argument_spec
-    from library.module_utils.network.f5.common import fail_json
-    from library.module_utils.network.f5.common import exit_json
     from library.module_utils.network.f5.common import transform_name
 except ImportError:
     from ansible.module_utils.network.f5.bigip import F5RestClient
     from ansible.module_utils.network.f5.common import F5ModuleError
     from ansible.module_utils.network.f5.common import AnsibleF5Parameters
-    from ansible.module_utils.network.f5.common import cleanup_tokens
     from ansible.module_utils.network.f5.common import f5_argument_spec
-    from ansible.module_utils.network.f5.common import fail_json
-    from ansible.module_utils.network.f5.common import exit_json
     from ansible.module_utils.network.f5.common import transform_name
 
 
@@ -206,7 +205,7 @@ class Difference(object):
 class ModuleManager(object):
     def __init__(self, *args, **kwargs):
         self.module = kwargs.get('module', None)
-        self.client = kwargs.get('client', None)
+        self.client = F5RestClient(**self.module.params)
         self.want = ModuleParameters(params=self.module.params)
         self.have = ApiParameters()
         self.changes = UsableChanges()
@@ -521,16 +520,12 @@ def main():
         supports_check_mode=spec.supports_check_mode,
     )
 
-    client = F5RestClient(**module.params)
-
     try:
-        mm = ModuleManager(module=module, client=client)
+        mm = ModuleManager(module=module)
         results = mm.exec_module()
-        cleanup_tokens(client)
+        module.exit_json(**results)
-        exit_json(module, results, client)
     except F5ModuleError as ex:
-        cleanup_tokens(client)
+        module.fail_json(msg=str(ex))
-        fail_json(module, ex, client)
 
 
 if __name__ == '__main__':

test/units/modules/network/f5/test_bigip_dns_cache_resolver.py

@@ -93,9 +93,11 @@ class TestManager(unittest.TestCase):
             name='foo',
             route_domain=20,
             partition='Common',
-            server='localhost',
+            provider=dict(
-            password='password',
+                server='localhost',
-            user='admin'
+                password='password',
+                user='admin'
+            )
         ))
 
         module = AnsibleModule(

test/units/modules/network/f5/test_bigip_dns_nameserver.py

@@ -106,9 +106,11 @@ class TestManager(unittest.TestCase):
             route_domain=20,
             tsig_key='key1',
             partition='Common',
-            server='localhost',
+            provider=dict(
-            password='password',
+                server='localhost',
-            user='admin'
+                password='password',
+                user='admin'
+            )
         ))
 
         module = AnsibleModule(

test/units/modules/network/f5/test_bigip_dns_resolver.py

@@ -104,9 +104,11 @@ class TestManager(unittest.TestCase):
         # Configure the arguments that would be sent to the Ansible module
         set_module_args(dict(
             name='foo',
-            password='password',
+            provider=dict(
-            server='localhost',
+                server='localhost',
-            user='admin'
+                password='password',
+                user='admin'
+            )
         ))
 
         module = AnsibleModule(

test/units/modules/network/f5/test_bigip_dns_zone.py

@@ -108,9 +108,11 @@ class TestManager(unittest.TestCase):
         # Configure the arguments that would be sent to the Ansible module
         set_module_args(dict(
             name='foo',
-            password='password',
+            provider=dict(
-            server='localhost',
+                server='localhost',
-            user='admin'
+                password='password',
+                user='admin'
+            )
         ))
 
         module = AnsibleModule(

test/units/modules/network/f5/test_bigip_file_copy.py

@@ -95,14 +95,17 @@ class TestManager(unittest.TestCase):
         set_module_args(dict(
             name='foo',
             source='file.txt',
-            password='password',
+            provider=dict(
-            server='localhost',
+                server='localhost',
-            user='admin'
+                password='password',
+                user='admin'
+            )
         ))
 
         module = AnsibleModule(
             argument_spec=self.spec.argument_spec,
-            supports_check_mode=self.spec.supports_check_mode
+            supports_check_mode=self.spec.supports_check_mode,
+            required_if=self.spec.required_if
         )
 
         tm = IFileManager(module=module)

test/units/modules/network/f5/test_bigip_firewall_address_list.py

@@ -113,9 +113,11 @@ class TestManager(unittest.TestCase):
                 dict(country='EU')
             ],
             fqdns=['google.com', 'mit.edu'],
-            password='password',
+            provider=dict(
-            server='localhost',
+                server='localhost',
-            user='admin'
+                password='password',
+                user='admin'
+            )
         ))
 
         module = AnsibleModule(

test/units/modules/network/f5/test_bigip_firewall_dos_profile.py

@@ -91,9 +91,11 @@ class TestManager(unittest.TestCase):
             description='this is a description',
             threshold_sensitivity='low',
             default_whitelist='whitelist1',
-            password='password',
+            provider=dict(
-            server='localhost',
+                server='localhost',
-            user='admin'
+                password='password',
+                user='admin'
+            )
         ))
 
         module = AnsibleModule(

test/units/modules/network/f5/test_bigip_firewall_dos_vector.py

@@ -88,9 +88,11 @@ class TestManager(unittest.TestCase):
             name='aaaa',
             state='mitigate',
             profile='foo',
-            password='password',
+            provider=dict(
-            server='localhost',
+                server='localhost',
-            user='admin'
+                password='password',
+                user='admin'
+            )
         ))
 
         module = AnsibleModule(

test/units/modules/network/f5/test_bigip_firewall_global_rules.py

@@ -93,9 +93,11 @@ class TestUntypedManager(unittest.TestCase):
             enforced_policy='enforced1',
             staged_policy='staged1',
             service_policy='service1',
-            password='password',
+            provider=dict(
-            server='localhost',
+                server='localhost',
-            user='admin'
+                password='password',
+                user='admin'
+            )
         ))
 
         module = AnsibleModule(

test/units/modules/network/f5/test_bigip_firewall_policy.py

@@ -96,9 +96,11 @@ class TestManager(unittest.TestCase):
             name='foo',
             description='this is a description',
             rules=['rule1', 'rule2', 'rule3'],
-            password='password',
+            provider=dict(
-            server='localhost',
+                server='localhost',
-            user='admin'
+                password='password',
+                user='admin'
+            )
         ))
 
         module = AnsibleModule(

test/units/modules/network/f5/test_bigip_firewall_port_list.py

@@ -117,9 +117,11 @@ class TestManager(unittest.TestCase):
             ports=[1, 2, 3, 4],
             port_ranges=['10-20', '30-40', '50-60'],
             port_lists=['/Common/foo', 'foo'],
-            password='password',
+            provider=dict(
-            server='localhost',
+                server='localhost',
-            user='admin'
+                password='password',
+                user='admin'
+            )
         ))
 
         module = AnsibleModule(

test/units/modules/network/f5/test_bigip_firewall_rule.py

@@ -136,11 +136,18 @@ class TestManager(unittest.TestCase):
             irule='irule1',
             action='accept',
             logging='yes',
+            provider=dict(
+                server='localhost',
+                password='password',
+                user='admin'
+            )
         ))
 
         module = AnsibleModule(
             argument_spec=self.spec.argument_spec,
-            supports_check_mode=self.spec.supports_check_mode
+            supports_check_mode=self.spec.supports_check_mode,
+            mutually_exclusive=self.spec.mutually_exclusive,
+            required_one_of=self.spec.required_one_of
         )
 
         # Override methods in the specific type of manager

test/units/modules/network/f5/test_bigip_firewall_rule_list.py

@@ -88,9 +88,11 @@ class TestManager(unittest.TestCase):
             name='foo',
             description='this is a description',
             rules=['rule1', 'rule2', 'rule3'],
-            password='password',
+            provider=dict(
-            server='localhost',
+                server='localhost',
-            user='admin'
+                password='password',
+                user='admin'
+            )
         ))
 
         module = AnsibleModule(