Release fortios galaxy collection:2.3.7

Signed-off-by: FTNT-HQCM <hq-devops-admin@fortinet.com>

.github/workflows/sanity_test.yml

@@ -0,0 +1,36 @@
+name: Sanity tests
+on:
+  push:
+    branches:
+      - main
+  schedule:
+    - cron: "0 6 * * *"
+
+concurrency:
+  group: >-
+    ${{ github.workflow }}-${{
+      github.event.pull_request.number || github.sha
+    }}
+  cancel-in-progress: true
+
+jobs:
+  sanity:
+    name: Sanity (${{ matrix.ansible }})
+    strategy:
+      matrix:
+        ansible:
+          - stable-2.15
+          - stable-2.16
+          - stable-2.17
+          - devel
+    runs-on: >-
+      ${{ contains(fromJson(
+          '["stable-2.9", "stable-2.10", "stable-2.11"]'
+      ), matrix.ansible) && 'ubuntu-20.04' || 'ubuntu-latest' }}
+    steps:
+      - name: Perform sanity testing
+        uses: ansible-community/ansible-test-gh-action@release/v1
+        with:
+          ansible-core-version: ${{ matrix.ansible }}
+          testing-type: sanity
+          pull-request-change-detection: false

CHANGELOG.rst

@@ -5,6 +5,37 @@ Fortinet.Fortios Release Notes
 .. contents:: Topics
 
 
+v2.3.7
+======
+
+Release Summary
+---------------
+
+patch release of 2.3.7
+
+Major Changes
+-------------
+
+- Add a sanity_test.yaml file to trigger CI tests in GitHub.
+- Support Ansible-core 2.17.
+- Support new FOS versions 7.4.4.
+
+Bugfixes
+--------
+
+- Fix some issues in sanity test.
+- Github issue
+- Github issue
+- Github issue
+- Github issue
+- Github issue
+- Github issue
+- Github issue
+- Github issue
+- mantis issue
+- mantis issue
+- mantis issue
+
 v2.3.6
 ======
 

README.md

@@ -8,16 +8,16 @@ The collection is the FortiOS Ansible Automation project. It includes the module
 ## Installation
 This collection is distributed via [ansible-galaxy](https://galaxy.ansible.com/), the installation steps are as follows:
 
-1. Install or upgrade to Ansible 2.14+
-2. Download this collection from galaxy: `ansible-galaxy collection install fortinet.fortios:2.3.6`
+1. Install or upgrade to Ansible 2.15+
+2. Download this collection from galaxy: `ansible-galaxy collection install fortinet.fortios:2.3.7`
 
 ## Requirements
-* Ansible 2.14+ is required to support the newer Ansible Collections format
+* Ansible 2.15+ is required to support the newer Ansible Collections format
 
 ## Supported FortiOS Versions
 From `v2.0.0` on, FortiOS galaxy collections are unified, and cover FortiOS 6.0, 6.2, 6.4, 7.0, 7.2 versions. There is only one sequential collection at any moment. users who install these collections are expected to find the version compatibility information for each module and its parameters.
 
-The latest version is 2.3.6, path to install: `ansible-galaxy collection install fortinet.fortios:2.3.6`
+The latest version is 2.3.7, path to install: `ansible-galaxy collection install fortinet.fortios:2.3.7`
 
 Prior to FortiOS collection `v2.0.0`, FortiOS Galaxy collections were built over three FOS major versions, i.e. `v6.0`, `v6.2` and `v6.4`, thus, users are expected to install the collection according to the following table to avoid potential compatibility issues.
 
@@ -115,6 +115,7 @@ The collection provides the following modules:
 * `fortios_extender_sys_info` Display detailed FortiExtender system information in Fortinet's FortiOS and FortiGate.
 * `fortios_extension_controller_dataplan` FortiExtender dataplan configuration in Fortinet's FortiOS and FortiGate.
 * `fortios_extension_controller_extender_profile` FortiExtender extender profile configuration in Fortinet's FortiOS and FortiGate.
+* `fortios_extension_controller_extender_vap` FortiExtender wifi vap configuration in Fortinet's FortiOS and FortiGate.
 * `fortios_extension_controller_extender` Extender controller configuration in Fortinet's FortiOS and FortiGate.
 * `fortios_extension_controller_fortigate_profile` FortiGate connector profile configuration in Fortinet's FortiOS and FortiGate.
 * `fortios_extension_controller_fortigate` FortiGate controller configuration in Fortinet's FortiOS and FortiGate.
@@ -177,6 +178,7 @@ The collection provides the following modules:
 * `fortios_firewall_multicast_policy6` Configure IPv6 multicast NAT policies in Fortinet's FortiOS and FortiGate.
 * `fortios_firewall_multicast_policy` Configure multicast NAT policies in Fortinet's FortiOS and FortiGate.
 * `fortios_firewall_network_service_dynamic` Configure Dynamic Network Services in Fortinet's FortiOS and FortiGate.
+* `fortios_firewall_on_demand_sniffer` Configure on-demand packet sniffer in Fortinet's FortiOS and FortiGate.
 * `fortios_firewall_pfcp` Configure PFCP in Fortinet's FortiOS and FortiGate.
 * `fortios_firewall_policy46` Configure IPv4 to IPv6 policies in Fortinet's FortiOS and FortiGate.
 * `fortios_firewall_policy64` Configure IPv6 to IPv4 policies in Fortinet's FortiOS and FortiGate.
@@ -546,6 +548,7 @@ The collection provides the following modules:
 * `fortios_system_speed_test_schedule` Speed test schedule for each interface in Fortinet's FortiOS and FortiGate.
 * `fortios_system_speed_test_server` Configure speed test server list in Fortinet's FortiOS and FortiGate.
 * `fortios_system_speed_test_setting` Configure speed test setting in Fortinet's FortiOS and FortiGate.
+* `fortios_system_ssh_config` Configure SSH config in Fortinet's FortiOS and FortiGate.
 * `fortios_system_sso_admin` Configure SSO admin users in Fortinet's FortiOS and FortiGate.
 * `fortios_system_sso_forticloud_admin` Configure FortiCloud SSO admin users in Fortinet's FortiOS and FortiGate.
 * `fortios_system_sso_fortigate_cloud_admin` Configure FortiCloud SSO admin users in Fortinet's FortiOS and FortiGate.

changelogs/.plugin-cache.yaml

@@ -25,4 +25,4 @@ plugins:
   strategy: {}
   test: {}
   vars: {}
-version: 2.3.6
+version: 2.3.7

changelogs/changelog.yaml

@@ -303,3 +303,26 @@ releases:
     fragments:
       - 2.3.6_relase.yml
     release_date: "2024-04-03"
+  2.3.7:
+    changes:
+      bugfixes:
+        - Fix some issues in sanity test.
+        - Github issue
+        - Github issue
+        - Github issue
+        - Github issue
+        - Github issue
+        - Github issue
+        - Github issue
+        - Github issue
+        - mantis issue
+        - mantis issue
+        - mantis issue
+      major_changes:
+        - Add a sanity_test.yaml file to trigger CI tests in GitHub.
+        - Support Ansible-core 2.17.
+        - Support new FOS versions 7.4.4.
+      release_summary: patch release of 2.3.7
+    fragments:
+      - release_2.3.7.yml
+    release_date: "2024-07-10"

galaxy.yml

@@ -1,6 +1,6 @@
 namespace: "fortinet"
 name: "fortios"
-version: "2.3.6"
+version: "2.3.7"
 description: "A collection of Ansible Modules for FortiOS v6"
 readme: "README.md"
 authors:

plugins/httpapi/fortios.py

@@ -36,25 +36,33 @@ def __init__(self, connection):
         self._conn = connection
         self._system_version = None
         self._ansible_fos_version = 'v6.0.0'
-        self._ansible_galaxy_version = '2.3.5'
+        self._ansible_galaxy_version = '2.3.7'
         self._log = None
         self._logged_in = False
         self._session_key = ''
 
+    def set_custom_option(self, k, v):
+        # _options is defined at https://github.com/ansible/ansible/blob/devel/lib/ansible/plugins/__init__.py#L60
+        # seems to be an ansible bug that the value can be defined in the doc above but not set/get
+        self._options[k] = v
+
     def log(self, msg):
-        log_enabled = self._conn.get_option('enable_log')
+        log_enabled = self._options.get('enable_log', False)
         if not log_enabled:
             return
         if not self._log:
             self._log = open("/tmp/fortios.ansible.log", "w")
+            self._log.write('All set options:')
+            self._log.write(str(self.get_options()) + '\n')
         log_message = str(datetime.now())
         log_message += ": " + str(msg) + '\n'
         self._log.write(log_message)
         self._log.flush()
 
     def get_access_token(self):
         '''get pre issued access token for API access or session_key from API based authentication.'''
-        token = self._conn.get_option('access_token') if 'access_token' in self._conn._options else None
+        # token = self._options.get('access_token') if 'access_token' in self._options else None
+        token = self._options.get('access_token', None)
 
         if not token and self._session_key:
             token = self._session_key
@@ -245,7 +253,7 @@ def update_system_version(self):
         retrieve the system status of fortigate device
         """
         self.log('checking system_version')
-        check_system_status = self._conn.get_option('check_system_status') if 'check_system_status' in self._conn._options else True
+        check_system_status = self._options.get('check_system_status', True)
         if not check_system_status or self._system_version:
             return
         url = '/api/v2/monitor/system/status?vdom=root'

plugins/module_utils/fortios/comparison.py

@@ -64,23 +64,24 @@ def is_same_ip_address(current_ip, applied_ip):
 
 def is_same_comparison(reorder_current, reorder_filtered):
     for key, value in reorder_filtered.items():
-        if key not in reorder_current:
+        if key.replace("_", "-") not in reorder_current:
             return False
+
         if isinstance(value, dict):
-            if not is_same_comparison(reorder_current[key], value):
+            if not is_same_comparison(reorder_current[key.replace("_", "-")], value):
                 return False
         elif isinstance(value, list):
-            if len(value) != len(reorder_current[key]):
+            if len(value) != len(reorder_current[key.replace("_", "-")]):
                 return False
             if len(value) and isinstance(value[0], dict):
-                for current_dict in reorder_current[key]:
+                for current_dict in reorder_current[key.replace("_", "-")]:
                     if not is_same_comparison(current_dict, value[0]):
                         return False
-            elif reorder_current[key] != value:
+            elif reorder_current[key.replace("_", "-")] != value:
                 return False
         elif isinstance(value, str) and IP_PREFIX.match(value):
-            return is_same_ip_address(reorder_current[key], value)
-        elif reorder_current[key] != value:
+            return is_same_ip_address(reorder_current[key.replace("_", "-")], value)
+        elif reorder_current[key.replace("_", "-")] != value:
             return False
 
     return True
@@ -90,17 +91,21 @@ def find_current_values(reorder_current, reorder_filtered):
     '''Find keyvalues in current according to keys from filtered'''
     result = {}
     for key, value in reorder_filtered.items():
+        if key.replace("_", "-") not in reorder_current:
+            result[key] = None  # Handle missing key
+            continue
+
         if isinstance(value, dict):
-            result[key] = find_current_values(reorder_current[key], value)
+            result[key] = find_current_values(reorder_current[key.replace("_", "-")], value)
         elif isinstance(value, list):
             result[key] = []
             for i in range(len(value)):
                 if isinstance(value[i], dict):
-                    result[key].append(find_current_values(reorder_current[key][i], value[i]))
+                    result[key].append(find_current_values(reorder_current[key.replace("_", "-")][i], value[i]))
                 else:
-                    result[key].append(reorder_current[key])
+                    result[key].append(reorder_current[key.replace("_", "-")])
         elif isinstance(value, str):
-            result[key] = reorder_current[key]
+            result[key] = reorder_current[key.replace("_", "-")]
 
     return result