Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feat(eos_designs): Underlay OSPF authentication #4169

Merged
merged 13 commits into from
Jul 26, 2024
Merged

Feat(eos_designs): Underlay OSPF authentication #4169

merged 13 commits into from
Jul 26, 2024

Conversation

jonxstill
Copy link
Contributor

Change Summary

Automatic encryption of underlay OSPF message digest keys for use in underlay.

Component(s) name

arista.avd.eos_designs

Proposed changes

Because OSPF message-digest keys are encrypted in EOS configurations, using the interface name as the key, it requires inline Jinja2 (or offline encryption of keys) to generate the type 7 passwords required. This PR automates this process.

Schema Changes:

underlay_ospf_authentication:
  enabled: true
  message_digest_keys:
    - id: 1
      hash_algorithm: sha512
      key: arista123

How to test

Molecule tests added in eos_designs_unit_tests and evpn_underlay_ospf_overlay_ebgp.
Test manually by adding above YAML at fabric level with ospf configured as the underlay.

Checklist

Repository Checklist

  • My code has been rebased from devel before I start
  • I have read the CONTRIBUTING document.
  • My change requires a change to the documentation and documentation have been updated accordingly.
  • I have updated molecule CI testing accordingly. (check the box if not applicable)

@github-actions GitHub Actions
Copy link

github-actions bot commented Jul 1, 2024

Review docs on Read the Docs

To test this pull request:

# Create virtual environment for this testing below the current directory
python -m venv test-avd-pr-4169
# Activate the virtual environment
source test-avd-pr-4169/bin/activate
# Install all requirements including PyAVD
pip install "pyavd[ansible] @ git+https://github.com/jonxstill/ansible-avd.git@underlay_ospf_auth#subdirectory=python-avd" --force
# Install Ansible collection
ansible-galaxy collection install git+https://github.com/jonxstill/ansible-avd.git#/ansible_collections/arista/avd/,underlay_ospf_auth --force
# Optional: Install AVD examples
cd test-avd-pr-4169
ansible-playbook arista.avd.install_examples

@github-actions github-actions bot added state: CI Updated CI scenario have been updated in the PR state: Documentation role Updated role: eos_designs issue related to eos_designs role labels Jul 1, 2024
@github-actions GitHub Actions
Copy link

github-actions bot commented Jul 2, 2024

Review docs on Read the Docs

To test this pull request:

# Create virtual environment for this testing below the current directory
python -m venv test-avd-pr-4169
# Activate the virtual environment
source test-avd-pr-4169/bin/activate
# Install all requirements including PyAVD
pip install "pyavd[ansible] @ git+https://github.com/jonxstill/ansible-avd.git@underlay_ospf_auth#subdirectory=python-avd" --force
# Install Ansible collection
ansible-galaxy collection install git+https://github.com/jonxstill/ansible-avd.git#/ansible_collections/arista/avd/,underlay_ospf_auth --force
# Optional: Install AVD examples
cd test-avd-pr-4169
ansible-playbook arista.avd.install_examples

@jonxstill jonxstill marked this pull request as ready for review July 2, 2024 17:53
@jonxstill jonxstill requested review from a team as code owners July 2, 2024 17:53
@gmuloc gmuloc added this to the v4.10.0 milestone Jul 26, 2024
ClausHolbechArista
ClausHolbechArista approved these changes Jul 26, 2024
View reviewed changes
Copy link
Contributor

@ClausHolbechArista ClausHolbechArista left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me overall. Suggesting improving the test a bit for two keys but otherwise all good.

...lections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/MLAG_OSPF_TESTS.yml Outdated Show resolved Hide resolved
python-avd/pyavd/_eos_designs/schema/schema_fragments/underlay_ospf_authentication_schema.yml Outdated Show resolved Hide resolved
@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Jul 26, 2024

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

gmuloc
gmuloc approved these changes Jul 26, 2024
View reviewed changes
Copy link
Contributor

@gmuloc gmuloc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@gmuloc gmuloc added the one approval This PR has one approval and is only missing one more. label Jul 26, 2024
@gmuloc gmuloc merged commit 46a1528 into aristanetworks:devel Jul 26, 2024
41 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ClausHolbechArista ClausHolbechArista ClausHolbechArista approved these changes

@gmuloc gmuloc gmuloc approved these changes

Assignees

@jonxstill jonxstill

Labels
one approval This PR has one approval and is only missing one more. rn: Feat(eos_designs) role: eos_designs issue related to eos_designs role state: CI Updated CI scenario have been updated in the PR state: Documentation role Updated
Projects
None yet
Milestone
v4.10.0
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@jonxstill @gmuloc @ClausHolbechArista