Adds more token cleanup (#34207)

Token cleanup assists in preventing the ansible modules from
overwhelming the existing tokens in bigip api

lib/ansible/modules/network/f5/bigip_config.py

@@ -339,6 +339,16 @@ class ArgumentSpec(object):
         self.f5_product_name = 'bigip'
 
 
+def cleanup_tokens(client):
+    try:
+        resource = client.api.shared.authz.tokens_s.token.load(
+            name=client.api.icrs.token
+        )
+        resource.delete()
+    except Exception:
+        pass
+
+
 def main():
     if not HAS_F5SDK:
         raise F5ModuleError("The python f5-sdk module is required")
@@ -354,8 +364,10 @@ def main():
     try:
         mm = ModuleManager(client)
         results = mm.exec_module()
+        cleanup_tokens(client)
         client.module.exit_json(**results)
     except F5ModuleError as e:
+        cleanup_tokens(client)
         client.module.fail_json(msg=str(e))
 
 

lib/ansible/modules/network/f5/bigip_configsync_action.py

@@ -347,6 +347,16 @@ class ArgumentSpec(object):
         ]
 
 
+def cleanup_tokens(client):
+    try:
+        resource = client.api.shared.authz.tokens_s.token.load(
+            name=client.api.icrs.token
+        )
+        resource.delete()
+    except Exception:
+        pass
+
+
 def main():
     if not HAS_F5SDK:
         raise F5ModuleError(
@@ -371,8 +381,10 @@ def main():
     try:
         mm = ModuleManager(client)
         results = mm.exec_module()
+        cleanup_tokens(client)
         client.module.exit_json(**results)
     except F5ModuleError as e:
+        cleanup_tokens(client)
         client.module.fail_json(msg=str(e))
 
 

lib/ansible/modules/network/f5/bigip_device_connectivity.py

@@ -565,6 +565,16 @@ class ArgumentSpec(object):
         ]
 
 
+def cleanup_tokens(client):
+    try:
+        resource = client.api.shared.authz.tokens_s.token.load(
+            name=client.api.icrs.token
+        )
+        resource.delete()
+    except Exception:
+        pass
+
+
 def main():
     if not HAS_F5SDK:
         raise F5ModuleError("The python f5-sdk module is required")
@@ -583,9 +593,12 @@ def main():
     try:
         mm = ModuleManager(client)
         results = mm.exec_module()
+        cleanup_tokens(client)
         client.module.exit_json(**results)
     except F5ModuleError as e:
+        cleanup_tokens(client)
         client.module.fail_json(msg=str(e))
 
+
 if __name__ == '__main__':
     main()

lib/ansible/modules/network/f5/bigip_device_dns.py

@@ -366,6 +366,16 @@ class ArgumentSpec(object):
         self.f5_product_name = 'bigip'
 
 
+def cleanup_tokens(client):
+    try:
+        resource = client.api.shared.authz.tokens_s.token.load(
+            name=client.api.icrs.token
+        )
+        resource.delete()
+    except Exception:
+        pass
+
+
 def main():
     if not HAS_F5SDK:
         raise F5ModuleError("The python f5-sdk module is required")
@@ -382,9 +392,12 @@ def main():
     try:
         mm = ModuleManager(client)
         results = mm.exec_module()
+        cleanup_tokens(client)
         client.module.exit_json(**results)
     except F5ModuleError as e:
+        cleanup_tokens(client)
         client.module.fail_json(msg=str(e))
 
+
 if __name__ == '__main__':
     main()

lib/ansible/modules/network/f5/bigip_device_ntp.py

@@ -251,6 +251,16 @@ class ArgumentSpec(object):
         self.f5_product_name = 'bigip'
 
 
+def cleanup_tokens(client):
+    try:
+        resource = client.api.shared.authz.tokens_s.token.load(
+            name=client.api.icrs.token
+        )
+        resource.delete()
+    except Exception:
+        pass
+
+
 def main():
     if not HAS_F5SDK:
         raise F5ModuleError("The python f5-sdk module is required")
@@ -267,9 +277,12 @@ def main():
     try:
         mm = ModuleManager(client)
         results = mm.exec_module()
+        cleanup_tokens(client)
         client.module.exit_json(**results)
     except F5ModuleError as e:
+        cleanup_tokens(client)
         client.module.fail_json(msg=str(e))
 
+
 if __name__ == '__main__':
     main()

lib/ansible/modules/network/f5/bigip_device_sshd.py

@@ -217,7 +217,9 @@ class Parameters(AnsibleF5Parameters):
         if self._values['allow'] is None:
             return None
         allow = self._values['allow']
-        return list(set([str(x) for x in allow]))
+        result = list(set([str(x) for x in allow]))
+        result = sorted(result)
+        return result
 
 
 class ModuleManager(object):
@@ -289,37 +291,22 @@ class ArgumentSpec(object):
         self.supports_check_mode = True
         self.argument_spec = dict(
             allow=dict(
-                required=False,
-                default=None,
                 type='list'
             ),
             banner=dict(
-                required=False,
-                default=None,
                 choices=self.choices
             ),
-            banner_text=dict(
-                required=False,
-                default=None
-            ),
+            banner_text=dict(),
             inactivity_timeout=dict(
-                required=False,
-                default=None,
                 type='int'
             ),
             log_level=dict(
-                required=False,
-                default=None,
                 choices=self.levels
             ),
             login=dict(
-                required=False,
-                default=None,
                 choices=self.choices
             ),
             port=dict(
-                required=False,
-                default=None,
                 type='int'
             ),
             state=dict(
@@ -330,6 +317,16 @@ class ArgumentSpec(object):
         self.f5_product_name = 'bigip'
 
 
+def cleanup_tokens(client):
+    try:
+        resource = client.api.shared.authz.tokens_s.token.load(
+            name=client.api.icrs.token
+        )
+        resource.delete()
+    except Exception:
+        pass
+
+
 def main():
     if not HAS_F5SDK:
         raise F5ModuleError("The python f5-sdk module is required")
@@ -345,9 +342,12 @@ def main():
     try:
         mm = ModuleManager(client)
         results = mm.exec_module()
+        cleanup_tokens(client)
         client.module.exit_json(**results)
     except F5ModuleError as e:
+        cleanup_tokens(client)
         client.module.fail_json(msg=str(e))
 
+
 if __name__ == '__main__':
     main()

lib/ansible/modules/network/f5/bigip_device_trust.py

@@ -297,26 +297,38 @@ class ArgumentSpec(object):
         self.f5_product_name = 'bigip'
 
 
-def main():
+def cleanup_tokens(client):
     try:
-        spec = ArgumentSpec()
-
-        client = AnsibleF5Client(
-            argument_spec=spec.argument_spec,
-            supports_check_mode=spec.supports_check_mode,
-            f5_product_name=spec.f5_product_name
+        resource = client.api.shared.authz.tokens_s.token.load(
+            name=client.api.icrs.token
         )
+        resource.delete()
+    except Exception:
+        pass
 
-        if not HAS_F5SDK:
-            raise F5ModuleError("The python f5-sdk module is required")
 
-        if not HAS_NETADDR:
-            raise F5ModuleError("The python netaddr module is required")
+def main():
+    if not HAS_F5SDK:
+        raise F5ModuleError("The python f5-sdk module is required")
+
+    if not HAS_NETADDR:
+        raise F5ModuleError("The python netaddr module is required")
 
+    spec = ArgumentSpec()
+
+    client = AnsibleF5Client(
+        argument_spec=spec.argument_spec,
+        supports_check_mode=spec.supports_check_mode,
+        f5_product_name=spec.f5_product_name
+    )
+
+    try:
         mm = ModuleManager(client)
         results = mm.exec_module()
+        cleanup_tokens(client)
         client.module.exit_json(**results)
     except F5ModuleError as e:
+        cleanup_tokens(client)
         client.module.fail_json(msg=str(e))