Adding EnableSecureBoot functionality (ansible-collections#5899)

* rebase merge * Sanity fixes * Optimizing code as suggested by PR comments * Optimizing code as suggested by PR comments * PR comment changes * Adding changelog fragment * Update changelogs/fragments/5899-adding-enablesecureboot-functionality-to-redfish-config.yml Agreed Co-authored-by: Felix Fontein <felix@fontein.de> --------- Co-authored-by: Kushal <t-s.kushal@hpe.com> Co-authored-by: Felix Fontein <felix@fontein.de>
jikamens · Feb 25, 2023 · 9eddc69 · 9eddc69
1 parent 98ac2a2
commit 9eddc69
Show file tree

Hide file tree

Showing 3 changed files with 35 additions and 2 deletions.
diff --git a/changelogs/fragments/5899-adding-enablesecureboot-functionality-to-redfish-config.yml b/changelogs/fragments/5899-adding-enablesecureboot-functionality-to-redfish-config.yml
@@ -0,0 +1,2 @@
+minor_changes:
+  - redfish_command - adding ``EnableSecureBoot`` functionality (https://github.com/ansible-collections/community.general/pull/5899).
diff --git a/plugins/module_utils/redfish_utils.py b/plugins/module_utils/redfish_utils.py
@@ -3198,3 +3198,22 @@ def verify_bios_attributes(self, bios_attributes):
             "changed": False,
             "msg": "BIOS verification completed"
         }
+
+    def enable_secure_boot(self):
+        # This function enable Secure Boot on an OOB controller
+
+        response = self.get_request(self.root_uri + self.systems_uri)
+        if response["ret"] is False:
+            return response
+
+        server_details = response["data"]
+        secure_boot_url = server_details["SecureBoot"]["@odata.id"]
+
+        response = self.get_request(self.root_uri + secure_boot_url)
+        if response["ret"] is False:
+            return response
+
+        body = {}
+        body["SecureBootEnable"] = True
+
+        return self.patch_request(self.root_uri + secure_boot_url, body, check_pyld=True)
diff --git a/plugins/modules/redfish_config.py b/plugins/modules/redfish_config.py
@@ -124,7 +124,9 @@
     default: {}
     version_added: '5.7.0'
 
-author: "Jose Delarosa (@jose-delarosa)"
+author:
+  - "Jose Delarosa (@jose-delarosa)"
+  - "T S Kushal (@TSKushal)"
 '''
 
 EXAMPLES = '''
@@ -255,6 +257,14 @@
       baseuri: "{{ baseuri }}"
       username: "{{ username }}"
       password: "{{ password }}"
+
+  - name: Enable SecureBoot
+    community.general.redfish_config:
+      category: Systems
+      command: EnableSecureBoot
+      baseuri: "{{ baseuri }}"
+      username: "{{ username }}"
+      password: "{{ password }}"
 '''
 
 RETURN = '''
@@ -273,7 +283,7 @@
 # More will be added as module features are expanded
 CATEGORY_COMMANDS_ALL = {
     "Systems": ["SetBiosDefaultSettings", "SetBiosAttributes", "SetBootOrder",
-                "SetDefaultBootOrder"],
+                "SetDefaultBootOrder", "EnableSecureBoot"],
     "Manager": ["SetNetworkProtocols", "SetManagerNic", "SetHostInterface"],
     "Sessions": ["SetSessionService"],
 }
@@ -386,6 +396,8 @@ def main():
                 result = rf_utils.set_boot_order(boot_order)
             elif command == "SetDefaultBootOrder":
                 result = rf_utils.set_default_boot_order()
+            elif command == "EnableSecureBoot":
+                result = rf_utils.enable_secure_boot()
 
     elif category == "Manager":
         # execute only if we find a Manager service resource