From c106d700e3de96ae9b30744de694dca1225f0a83 Mon Sep 17 00:00:00 2001
From: Aleksandr Kurbatov <ak@geant.org>
Date: Wed, 16 Oct 2024 17:58:50 +0200
Subject: [PATCH] Enable config_mode=private in all roles

---
 .../roles/base_config/tasks/deploy_base_config.yaml      | 2 ++
 geant/gap_ansible/roles/ibgp_update/tasks/deploy.yaml    | 2 ++
 geant/gap_ansible/roles/iptrunk/tasks/deploy_object.yaml | 2 ++
 geant/gap_ansible/roles/iptrunk/tasks/remove_trunk.yaml  | 9 +++++++--
 .../iptrunk_migration/tasks/deactivate_trunk_side.yaml   | 2 ++
 .../roles/iptrunk_migration/tasks/deploy_object.yaml     | 2 ++
 .../roles/iptrunk_twamp/tasks/deploy_object.yaml         | 2 ++
 .../gap_ansible/roles/promote_p_to_pe/tasks/deploy.yaml  | 8 ++++++++
 8 files changed, 27 insertions(+), 2 deletions(-)

diff --git a/geant/gap_ansible/roles/base_config/tasks/deploy_base_config.yaml b/geant/gap_ansible/roles/base_config/tasks/deploy_base_config.yaml
index 8803e445..c29a2a04 100644
--- a/geant/gap_ansible/roles/base_config/tasks/deploy_base_config.yaml
+++ b/geant/gap_ansible/roles/base_config/tasks/deploy_base_config.yaml
@@ -36,6 +36,7 @@
     content: "{{ lookup('ansible.builtin.template', 'routers/{{ wfo_router.router.vendor }}/base_config.j2') }}"
     commit: true
     validate: true
+    config_mode: private
   diff: true
   register: output
   check_mode: true
@@ -75,6 +76,7 @@
     content: "{{ lookup('ansible.builtin.template', 'routers/{{ wfo_router.router.vendor }}/base_config.j2') }}"
     commit: true
     commit_comment: "{{ commit_comment }}"
+    config_mode: private
   diff: true
   check_mode: false
   when: >
diff --git a/geant/gap_ansible/roles/ibgp_update/tasks/deploy.yaml b/geant/gap_ansible/roles/ibgp_update/tasks/deploy.yaml
index 26e38d19..5d60a579 100644
--- a/geant/gap_ansible/roles/ibgp_update/tasks/deploy.yaml
+++ b/geant/gap_ansible/roles/ibgp_update/tasks/deploy.yaml
@@ -29,6 +29,7 @@
     content: "{{ lookup('ansible.builtin.template', '{{ vendor }}/{{ verb }}.j2') }}"
     commit: true
     validate: true
+    config_mode: private
   diff: true
   register: output
   check_mode: true
@@ -53,6 +54,7 @@
     content: "{{ lookup('ansible.builtin.template', '{{ vendor }}/{{ verb }}.j2') }}"
     commit: true
     commit_comment: "{{ commit_comment }}"
+    config_mode: private
   diff: true
   check_mode: false
   when: >
diff --git a/geant/gap_ansible/roles/iptrunk/tasks/deploy_object.yaml b/geant/gap_ansible/roles/iptrunk/tasks/deploy_object.yaml
index 44856221..acbaade5 100644
--- a/geant/gap_ansible/roles/iptrunk/tasks/deploy_object.yaml
+++ b/geant/gap_ansible/roles/iptrunk/tasks/deploy_object.yaml
@@ -41,6 +41,7 @@
     default_operation: merge
     content: "{{ lookup('ansible.builtin.template', '{{ local_side.iptrunk_side_node.vendor }}/{{ config_object }}.j2') }}"
     commit: true
+    config_mode: private
   diff: true
   register: output
   check_mode: true
@@ -67,6 +68,7 @@
     content: "{{ lookup('ansible.builtin.template', '{{ local_side.iptrunk_side_node.vendor }}/{{ config_object }}.j2') }}"
     commit: true
     commit_comment: "{{ commit_comment }}"
+    config_mode: private
   diff: true
   check_mode: false
   when: >
diff --git a/geant/gap_ansible/roles/iptrunk/tasks/remove_trunk.yaml b/geant/gap_ansible/roles/iptrunk/tasks/remove_trunk.yaml
index 590a534b..271c8efe 100644
--- a/geant/gap_ansible/roles/iptrunk/tasks/remove_trunk.yaml
+++ b/geant/gap_ansible/roles/iptrunk/tasks/remove_trunk.yaml
@@ -24,11 +24,13 @@
     local_side.iptrunk_side_node.vendor == "juniper"
 
 - name: Remove "{{ config_object }}" on "{{ inventory_hostname }}" [CHECK ONLY][NOKIA]
-  ansible.netcommon.netconf_config:
+  # ansible.netcommon.netconf_config:
+  geant.gap_ansible.nokia_netconf_config:
     format: xml
     default_operation: merge
     content: "{{ lookup('ansible.builtin.template', '{{ local_side.iptrunk_side_node.vendor }}/{{ config_object }}.j2') }}"
     commit: true
+    config_mode: private
   diff: true
   check_mode: true
   when: >
@@ -37,11 +39,14 @@
     local_side.iptrunk_side_node.vendor == "nokia"
 
 - name: Remove base_config on "{{ inventory_hostname }}" [AND COMMIT][NOKIA]
-  ansible.netcommon.netconf_config:
+  # ansible.netcommon.netconf_config:
+  geant.gap_ansible.nokia_netconf_config:
     format: xml
     default_operation: merge
     content: "{{ lookup('ansible.builtin.template', '{{ local_side.iptrunk_side_node.vendor }}/{{ config_object }}.j2') }}"
     commit: true
+    commit_comment: "{{ commit_comment }}"
+    config_mode: private
   diff: true
   check_mode: false
   when: >
diff --git a/geant/gap_ansible/roles/iptrunk_migration/tasks/deactivate_trunk_side.yaml b/geant/gap_ansible/roles/iptrunk_migration/tasks/deactivate_trunk_side.yaml
index a368daf9..2eb8ec6c 100644
--- a/geant/gap_ansible/roles/iptrunk_migration/tasks/deactivate_trunk_side.yaml
+++ b/geant/gap_ansible/roles/iptrunk_migration/tasks/deactivate_trunk_side.yaml
@@ -39,6 +39,7 @@
     default_operation: merge
     content: "{{ lookup('ansible.builtin.template', '{{ local_side.iptrunk_side_node.vendor }}/{{ config_object }}.j2') }}"
     commit: true
+    config_mode: private
   diff: true
   check_mode: true
 
@@ -55,5 +56,6 @@
     content: "{{ lookup('ansible.builtin.template', '{{ local_side.iptrunk_side_node.vendor }}/{{ config_object }}.j2') }}"
     commit: true
     commit_comment: "{{ commit_comment }}"
+    config_mode: private
   diff: true
   check_mode: false
diff --git a/geant/gap_ansible/roles/iptrunk_migration/tasks/deploy_object.yaml b/geant/gap_ansible/roles/iptrunk_migration/tasks/deploy_object.yaml
index ca9d0085..e9fd1683 100644
--- a/geant/gap_ansible/roles/iptrunk_migration/tasks/deploy_object.yaml
+++ b/geant/gap_ansible/roles/iptrunk_migration/tasks/deploy_object.yaml
@@ -29,6 +29,7 @@
     default_operation: merge
     content: "{{ lookup('ansible.builtin.template', '{{ new_node.router.vendor }}/{{ config_object }}.j2') }}"
     commit: true
+    config_mode: private
   diff: true
   check_mode: true
   when: >
@@ -43,6 +44,7 @@
     content: "{{ lookup('ansible.builtin.template', '{{ new_node.router.vendor }}/{{ config_object }}.j2') }}"
     commit: true
     commit_comment: "{{ commit_comment }}"
+    config_mode: private
   diff: true
   check_mode: false
   when: >
diff --git a/geant/gap_ansible/roles/iptrunk_twamp/tasks/deploy_object.yaml b/geant/gap_ansible/roles/iptrunk_twamp/tasks/deploy_object.yaml
index 72336382..b67902ad 100644
--- a/geant/gap_ansible/roles/iptrunk_twamp/tasks/deploy_object.yaml
+++ b/geant/gap_ansible/roles/iptrunk_twamp/tasks/deploy_object.yaml
@@ -41,6 +41,7 @@
     default_operation: merge
     content: "{{ lookup('ansible.builtin.template', '{{ local_side.iptrunk_side_node.vendor }}/{{ config_object }}.j2') }}"
     commit: true
+    config_mode: private
   diff: true
   register: output
   check_mode: true
@@ -67,6 +68,7 @@
     content: "{{ lookup('ansible.builtin.template', '{{ local_side.iptrunk_side_node.vendor }}/{{ config_object }}.j2') }}"
     commit: true
     commit_comment: "{{ commit_comment }}"
+    config_mode: private
   diff: true
   check_mode: false
   when: >
diff --git a/geant/gap_ansible/roles/promote_p_to_pe/tasks/deploy.yaml b/geant/gap_ansible/roles/promote_p_to_pe/tasks/deploy.yaml
index 1533f134..8d7019f0 100644
--- a/geant/gap_ansible/roles/promote_p_to_pe/tasks/deploy.yaml
+++ b/geant/gap_ansible/roles/promote_p_to_pe/tasks/deploy.yaml
@@ -8,6 +8,7 @@
     content: "{{ lookup('ansible.builtin.template', 'routers/{{ subscription.router.vendor }}/pe_promotion_base_config.j2') }}"
     commit: true
     validate: true
+    config_mode: private
   diff: true
   register: output
   check_mode: true
@@ -22,6 +23,7 @@
     content: "{{ lookup('ansible.builtin.template', 'routers/{{ subscription.router.vendor }}/pe_promotion_base_vprn.j2') }}"
     commit: true
     validate: true
+    config_mode: private
   diff: true
   register: output
   check_mode: true
@@ -36,6 +38,7 @@
     content: "{{ lookup('ansible.builtin.template', 'routers/{{ subscription.router.vendor }}/pe_update_sdp.j2') }}"
     commit: true
     validate: true
+    config_mode: private
   diff: true
   register: output
   check_mode: true
@@ -50,6 +53,7 @@
     content: "{{ lookup('ansible.builtin.template', 'routers/{{ subscription.router.vendor }}/router/delete_default_static_routes.j2') }}"
     commit: true
     validate: true
+    config_mode: private
   diff: true
   register: output
   check_mode: true
@@ -72,6 +76,7 @@
     content: "{{ lookup('ansible.builtin.template', 'routers/{{ subscription.router.vendor }}/pe_promotion_base_config.j2') }}"
     commit: true
     commit_comment: "{{ commit_comment }}"
+    config_mode: private
   diff: true
   check_mode: false
 
@@ -85,6 +90,7 @@
     content: "{{ lookup('ansible.builtin.template', 'routers/{{ subscription.router.vendor }}/pe_promotion_base_vprn.j2') }}"
     commit: true
     commit_comment: "{{ commit_comment }}"
+    config_mode: private
   diff: true
   check_mode: false
 
@@ -98,6 +104,7 @@
     content: "{{ lookup('ansible.builtin.template', 'routers/{{ subscription.router.vendor }}/pe_update_sdp.j2') }}"
     commit: true
     commit_comment: "{{ commit_comment }}"
+    config_mode: private
   diff: true
   check_mode: false
 
@@ -111,5 +118,6 @@
     content: "{{ lookup('ansible.builtin.template', 'routers/{{ subscription.router.vendor }}/router/delete_default_static_routes.j2') }}"
     commit: true
     commit_comment: "{{ commit_comment }}"
+    config_mode: private
   diff: true
   check_mode: false
-- 
GitLab