Release fortianalyzer galaxy collection:1.5.0

Signed-off-by: FTNT-HQCM <[email protected]>
fortinet-ansible-dev · May 21, 2024 · a62dd38 · a62dd38
1 parent d83cf35
commit a62dd38
Show file tree

Hide file tree

Showing 218 changed files with 16,630 additions and 6,453 deletions.
diff --git a/.github/workflows/sanity_test.yml b/.github/workflows/sanity_test.yml
@@ -0,0 +1,35 @@
+name: Sanity tests
+on:
+  push:
+    branches:
+      - main
+  schedule:
+    - cron: '0 0 1,15 * *'
+
+concurrency:
+  group: >-
+    ${{ github.workflow }}-${{
+      github.event.pull_request.number || github.sha
+    }}
+  cancel-in-progress: true
+
+jobs:
+  sanity:
+    name: Sanity (${{ matrix.ansible }})
+    strategy:
+      matrix:
+        ansible:
+          - stable-2.15
+          - stable-2.16
+          - devel
+    runs-on: >-
+      ${{ contains(fromJson(
+          '["stable-2.9", "stable-2.10", "stable-2.11"]'
+      ), matrix.ansible) && 'ubuntu-20.04' || 'ubuntu-latest' }}
+    steps:
+      - name: Perform sanity testing
+        uses: ansible-community/ansible-test-gh-action@release/v1
+        with:
+          ansible-core-version: ${{ matrix.ansible }}
+          testing-type: sanity
+          pull-request-change-detection: false
diff --git a/CHANGELOG.rst b/CHANGELOG.rst
@@ -5,6 +5,61 @@ Fortinet.Fortianalyzer Release Notes
 .. contents:: Topics
 
 
+v1.5.0
+======
+
+Release Summary
+---------------
+
+Release fortinet.fortianalyzer 1.5.0
+
+Minor Changes
+-------------
+
+- Added report serial modules.
+- Supported FortiAnalyzer 7.0.12, 7.2.5.
+
+Bugfixes
+--------
+
+- Improved 10 modules to support "state:absent".
+- Improved bypass_validation. If you now set bypass_validation to true, it will allow you to send parameters that are not defined in the schema.
+- Improved documentation, added description for all "no description" modules.
+- Improved faz_fact, it can support selectors start with "report".
+
+New Modules
+-----------
+
+- fortinet.fortianalyzer.faz_report_config_chart - Config chart.
+- fortinet.fortianalyzer.faz_report_config_chart_drilldowntable - Config drill-down-table.
+- fortinet.fortianalyzer.faz_report_config_chart_tablecolumns - Config table-columns.
+- fortinet.fortianalyzer.faz_report_config_chart_variabletemplate - Config variable-template.
+- fortinet.fortianalyzer.faz_report_config_dataset - Config dataset.
+- fortinet.fortianalyzer.faz_report_config_dataset_variable - Config variable.
+- fortinet.fortianalyzer.faz_report_config_layout - Config layout.
+- fortinet.fortianalyzer.faz_report_config_layout_component - Config component.
+- fortinet.fortianalyzer.faz_report_config_layout_component_variable - Config variable.
+- fortinet.fortianalyzer.faz_report_config_layout_footer - Config footer.
+- fortinet.fortianalyzer.faz_report_config_layout_header - Config header.
+- fortinet.fortianalyzer.faz_report_config_layoutfolder - Config layout-folder.
+- fortinet.fortianalyzer.faz_report_config_macro - Config macro.
+- fortinet.fortianalyzer.faz_report_config_output - Config output.
+- fortinet.fortianalyzer.faz_report_config_output_emailrecipients - Config email-recipients.
+- fortinet.fortianalyzer.faz_report_config_schedule - Config schedule.
+- fortinet.fortianalyzer.faz_report_config_schedule_addressfilter - Config address-filter.
+- fortinet.fortianalyzer.faz_report_config_schedule_devices - Config devices.
+- fortinet.fortianalyzer.faz_report_config_schedule_filter - Config filter.
+- fortinet.fortianalyzer.faz_report_config_schedule_reportlayout - Config report-layout.
+- fortinet.fortianalyzer.faz_report_configfile_import - Import report config files.
+- fortinet.fortianalyzer.faz_report_graphfile - Handle graph files.
+- fortinet.fortianalyzer.faz_report_graphfile_delete - Handle graph files.
+- fortinet.fortianalyzer.faz_report_reports_data_delete - Handle generated reports.
+- fortinet.fortianalyzer.faz_report_run - Start report requests.
+- fortinet.fortianalyzer.faz_report_run_delete - Handle report requests by task ID.
+- fortinet.fortianalyzer.faz_report_template_delete - Delete report template language package files.
+- fortinet.fortianalyzer.faz_report_template_import - Import report templates.
+- fortinet.fortianalyzer.faz_report_template_install - Install report template language packages from files.
+
 v1.4.0
 ======
 

diff --git a/README.md b/README.md
@@ -1,6 +1,6 @@
 ![Fortinet logo|](https://upload.wikimedia.org/wikipedia/commons/thumb/6/62/Fortinet_logo.svg/320px-Fortinet_logo.svg.png)
 
-# Ansible Collection - fortinet.fortianalyzer:1.4.0
+# Ansible Collection - fortinet.fortianalyzer:1.5.0
 
 FortiAnalyzer Ansible Collection includes the modules that are able to configure FortiAnalyzer.
 
@@ -14,21 +14,21 @@ FortiAnalyzer Ansible Collection includes the modules that are able to configure
 This collection is distributed via [ansible-galaxy](https://galaxy.ansible.com/fortinet/fortianalyzer), the installation steps are as follows:
 
 1. Install or upgrade to Ansible >= 2.15.0
-2. Download this collection from galaxy: `ansible-galaxy collection install fortinet.fortianalyzer:1.4.0`
+2. Download this collection from galaxy: `ansible-galaxy collection install fortinet.fortianalyzer:1.5.0`
 
 ## Modules
 The collection provides the following modules:
 
-* `faz_cli_exec_fgfm_reclaimdevtunnel`  Reclaim management tunnel to device.
+* `faz_cli_exec_fgfm_reclaimdevtunnel`  Reclaim management tunnel to device.Request without device name specified will reclaim tunnels for all managed devices.
 * `faz_cli_fmupdate_analyzer_virusreport`  Send virus detection notification to FortiGuard.
 * `faz_cli_fmupdate_avips_advancedlog`  Enable/disable logging of FortiGuard antivirus and IPS update packages received by FortiManagers built-in FortiGuard.
 * `faz_cli_fmupdate_avips_webproxy`  Configure the web proxy for use with FortiGuard antivirus and IPS updates.
 * `faz_cli_fmupdate_customurllist`  Configure the URL database for rating and filtering.
 * `faz_cli_fmupdate_diskquota`  Configure disk space available for use by the Upgrade Manager.
 * `faz_cli_fmupdate_fctservices`  Configure FortiGuard to provide services to FortiClient installations.
 * `faz_cli_fmupdate_fdssetting`  Configure FortiGuard settings.
-* `faz_cli_fmupdate_fdssetting_pushoverride`  Enable/disable push updates, and override the default IP address and port used by FortiGuard to send antivirus and IPS push messages for...
-* `faz_cli_fmupdate_fdssetting_pushoverridetoclient`  Enable/disable push updates, and override the default IP address and port used by FortiGuard to send antivirus and IPS push messages for...
+* `faz_cli_fmupdate_fdssetting_pushoverride`  Enable/disable push updates, and override the default IP address and port used by FortiGuard to send antivirus and IPS push messages...
+* `faz_cli_fmupdate_fdssetting_pushoverridetoclient`  Enable/disable push updates, and override the default IP address and port used by FortiGuard to send antivirus and IPS push messages...
 * `faz_cli_fmupdate_fdssetting_pushoverridetoclient_announceip`  Announce IP addresses for the device.
 * `faz_cli_fmupdate_fdssetting_serveroverride`  Server override configure.
 * `faz_cli_fmupdate_fdssetting_serveroverride_servlist`  Override server.
@@ -45,7 +45,7 @@ The collection provides the following modules:
 * `faz_cli_fmupdate_webspam_fgdsetting_serveroverride`  Server override configure.
 * `faz_cli_fmupdate_webspam_fgdsetting_serveroverride_servlist`  Override server.
 * `faz_cli_fmupdate_webspam_webproxy`  Configure the web proxy for use with FortiGuard antivirus and IPS updates.
-* `faz_cli_metafields_system_admin_user`  no description.
+* `faz_cli_metafields_system_admin_user`  Cli meta fields system admin user.
 * `faz_cli_system_admin_group`  User group.
 * `faz_cli_system_admin_group_member`  Group members.
 * `faz_cli_system_admin_ldap`  LDAP server entry configuration.
@@ -186,9 +186,38 @@ The collection provides the following modules:
 * `faz_dvmdb_adom_objectmember`  ADOM table, most attributes are read-only and can only be changed internally.
 * `faz_dvmdb_device`  Device table, most attributes are read-only and can only be changed internally.
 * `faz_dvmdb_device_vdom`  Device VDOM table.
-* `faz_dvmdb_folder`  no description.
+* `faz_dvmdb_folder`  Device manager database folder.
 * `faz_dvmdb_group`  Device group table.
 * `faz_dvmdb_group_objectmember`  Device group table.
+* `faz_report_config_chart`  Config chart.
+* `faz_report_config_chart_drilldowntable`  Config drill-down-table.
+* `faz_report_config_chart_tablecolumns`  Config table-columns.
+* `faz_report_config_chart_variabletemplate`  Config variable-template.
+* `faz_report_config_dataset`  Config dataset.
+* `faz_report_config_dataset_variable`  Config variable.
+* `faz_report_config_layout`  Config layout.
+* `faz_report_config_layout_component`  Config component.
+* `faz_report_config_layout_component_variable`  Config variable.
+* `faz_report_config_layout_footer`  Config footer.
+* `faz_report_config_layout_header`  Config header.
+* `faz_report_config_layoutfolder`  Config layout-folder.
+* `faz_report_config_macro`  Config macro.
+* `faz_report_config_output`  Config output.
+* `faz_report_config_output_emailrecipients`  Config email-recipients.
+* `faz_report_config_schedule`  Config schedule.
+* `faz_report_config_schedule_addressfilter`  Config address-filter.
+* `faz_report_config_schedule_devices`  Config devices.
+* `faz_report_config_schedule_filter`  Config filter.
+* `faz_report_config_schedule_reportlayout`  Config report-layout.
+* `faz_report_configfile_import`  Import report config files.
+* `faz_report_graphfile`  Handle graph files.
+* `faz_report_graphfile_delete`  Handle graph files.
+* `faz_report_reports_data_delete`  Handle generated reports.
+* `faz_report_run`  Start report requests.
+* `faz_report_run_delete`  Handle report requests by task ID.
+* `faz_report_template_delete`  Delete report template language package files.
+* `faz_report_template_import`  Import report templates.
+* `faz_report_template_install`  Install report template language packages from files.
 * `faz_sys_api_sdnconnector`  Query SDN connector data.
 * `faz_sys_generate_wsdl`  Generate WSDL for specific module and objects.
 * `faz_sys_login_challenge`  Answer a log in challenge question, used following a login/user or login/challenge command.

diff --git a/changelogs/changelog.yaml b/changelogs/changelog.yaml
@@ -131,3 +131,107 @@ releases:
         name: faz_cli_system_admin_profile_writepasswduserlist
         namespace: ""
     release_date: "2024-03-07"
+  1.5.0:
+    changes:
+      bugfixes:
+        - Improved 10 modules to support "state:absent".
+        - Improved bypass_validation. If you now set bypass_validation to true, it will
+          allow you to send parameters that are not defined in the schema.
+        - Improved documentation, added description for all "no description" modules.
+        - Improved faz_fact, it can support selectors start with "report".
+      minor_changes:
+        - Added report serial modules.
+        - Supported FortiAnalyzer 7.0.12, 7.2.5.
+        - Added parameter version_check. If set to True, it will check whether the parameters used are supported by the corresponding version of FortiAnazlyer.
+      release_summary: Release fortinet.fortianalyzer 1.5.0
+    fragments:
+      - 1.5.0.yml
+    modules:
+      - description: Config chart.
+        name: faz_report_config_chart
+        namespace: ""
+      - description: Config drill-down-table.
+        name: faz_report_config_chart_drilldowntable
+        namespace: ""
+      - description: Config table-columns.
+        name: faz_report_config_chart_tablecolumns
+        namespace: ""
+      - description: Config variable-template.
+        name: faz_report_config_chart_variabletemplate
+        namespace: ""
+      - description: Config dataset.
+        name: faz_report_config_dataset
+        namespace: ""
+      - description: Config variable.
+        name: faz_report_config_dataset_variable
+        namespace: ""
+      - description: Config layout.
+        name: faz_report_config_layout
+        namespace: ""
+      - description: Config component.
+        name: faz_report_config_layout_component
+        namespace: ""
+      - description: Config variable.
+        name: faz_report_config_layout_component_variable
+        namespace: ""
+      - description: Config footer.
+        name: faz_report_config_layout_footer
+        namespace: ""
+      - description: Config header.
+        name: faz_report_config_layout_header
+        namespace: ""
+      - description: Config layout-folder.
+        name: faz_report_config_layoutfolder
+        namespace: ""
+      - description: Config macro.
+        name: faz_report_config_macro
+        namespace: ""
+      - description: Config output.
+        name: faz_report_config_output
+        namespace: ""
+      - description: Config email-recipients.
+        name: faz_report_config_output_emailrecipients
+        namespace: ""
+      - description: Config schedule.
+        name: faz_report_config_schedule
+        namespace: ""
+      - description: Config address-filter.
+        name: faz_report_config_schedule_addressfilter
+        namespace: ""
+      - description: Config devices.
+        name: faz_report_config_schedule_devices
+        namespace: ""
+      - description: Config filter.
+        name: faz_report_config_schedule_filter
+        namespace: ""
+      - description: Config report-layout.
+        name: faz_report_config_schedule_reportlayout
+        namespace: ""
+      - description: Import report config files.
+        name: faz_report_configfile_import
+        namespace: ""
+      - description: Handle graph files.
+        name: faz_report_graphfile
+        namespace: ""
+      - description: Handle graph files.
+        name: faz_report_graphfile_delete
+        namespace: ""
+      - description: Handle generated reports.
+        name: faz_report_reports_data_delete
+        namespace: ""
+      - description: Start report requests.
+        name: faz_report_run
+        namespace: ""
+      - description: Handle report requests by task ID.
+        name: faz_report_run_delete
+        namespace: ""
+      - description: Delete report template language package files.
+        name: faz_report_template_delete
+        namespace: ""
+      - description: Import report templates.
+        name: faz_report_template_import
+        namespace: ""
+      - description: Install report template language packages from files.
+        name: faz_report_template_install
+        namespace: ""
+    release_date: "2024-05-21"
diff --git a/galaxy.yml b/galaxy.yml
@@ -9,7 +9,7 @@ namespace: fortinet
 name: fortianalyzer
 
 # The version of the collection. Must be compatible with semantic versioning
-version: 1.4.0
+version: 1.5.0
 
 # The path to the Markdown (.md) readme file. This path is relative to the root of the collection
 readme: README.md
@@ -58,3 +58,6 @@ homepage: https://fortinet.com
 
 # The URL to the collection issue tracker
 issues: https://github.com/fortinet-ansible-dev/ansible-galaxy-fortianalyzer-collection/issues
+
+build_ignore:
+    - ".github"
diff --git a/plugins/httpapi/fortianalyzer.py b/plugins/httpapi/fortianalyzer.py
@@ -160,7 +160,7 @@ def logout(self):
             self.sid = None
             return rc, response
 
-    def send_request(self, method, params):
+    def send_request(self, method, params, jsonrpc2=False):
         """
         Responsible for actual sending of data to the connection httpapi base plugin. Does some formatting as well.
         :param params: A formatted dictionary that was returned by self.common_datagram_params()
@@ -170,10 +170,11 @@ def send_request(self, method, params):
 
         :return: Dictionary of status, if it logged in or not.
         """
-        if self.sid is None and params[0]["url"] != "sys/login/user":
+        request_url = params[0]["url"]
+        if self.sid is None and request_url != "sys/login/user":
             if not self.connection._connected:
                 self.connection._connect()
-        if params[0]["url"] == "sys/login/user" and "data" in params[0] and "passwd" in params[0]["data"]:
+        if request_url == "sys/login/user" and "data" in params[0] and "passwd" in params[0]["data"]:
             params[0]["data"]["passwd"] = str(params[0]["data"]["passwd"])
         self._update_request_id()
         json_request = {
@@ -183,13 +184,16 @@ def send_request(self, method, params):
             "id": self.req_id,
             "verbose": 1
         }
+        # FortiAnalyzer handle report API
+        if request_url.startswith("/report/") or jsonrpc2:
+            json_request["jsonrpc"] = "2.0"
+            json_request["params"][0]["apiver"] = 3
         data = json.dumps(json_request, ensure_ascii=False).replace('\\\\', '\\')
 
-        # Don't log sensitive information
-        if params[0]["url"] == "sys/login/user" and "data" in params[0] and "passwd" in params[0]["data"]:
+        # Log debug data, don't log sensitive information
+        if request_url == "sys/login/user" and "data" in params[0] and "passwd" in params[0]["data"]:
             json_request["params"][0]["data"]["passwd"] = "******"
-        if "session" in params[0]:
-            json_request["params"][0]["session"] = "******"
+        json_request["session"] = "******"
         log_data = json.dumps(json_request, ensure_ascii=False).replace("\\\\", "\\")
         self.log("request: %s" % (log_data))
 
@@ -199,13 +203,14 @@ def send_request(self, method, params):
         if self._login_method == "access_token":
             access_token_str = '?access_token=' + self._access_token
             header_data["Authorization"] = "Bearer " + self._access_token
-        self.log('header: %s' % (str(header_data)))
         rc, response_data = self.connection.send(path=to_text(self._url) + access_token_str, data=to_text(data), headers=header_data)
+        header_data["Authorization"] = "******"
+        self.log('header: %s' % (str(header_data)))
 
         # Get Unicode Response - Must convert from StringIO to unicode first so we can do a replace function below
         result = json.loads(to_text(response_data.getvalue()))
         self.log('response: %s' % (str(self._jsonize(result))))
-        return self._handle_response(result)
+        return self._handle_response(result, request_url)
 
     def _jsonize(self, data):
         ret = None
@@ -215,13 +220,22 @@ def _jsonize(self, data):
             pass
         return ret
 
-    def _handle_response(self, response):
+    def _handle_response(self, response, request_url):
         self._set_sid(response)
+        error_code = 0
+        if "result" not in response or response.get("jsonrpc", None) == "2.0":
+            if "error" in response and "code" in response["error"]:
+                error_code = response["error"]["code"]
+            if "url" not in response:
+                response["url"] = request_url
+            return error_code, response
         if isinstance(response["result"], list):
             result = response["result"][0]
         else:
             result = response["result"]
-        return result["status"]["code"], result
+        if "status" in result and "code" in result["status"]:
+            error_code = result["status"]["code"]
+        return error_code, result
 
     def _set_sid(self, response):
         if self.sid is None and "session" in response: