feat: added score to enable snmp_server on brocade switch and a working example

brocade/src/fast_iron.rs

@@ -1,7 +1,8 @@
 use super::BrocadeClient;
 use crate::{
     BrocadeInfo, Error, ExecutionMode, InterSwitchLink, InterfaceInfo, MacAddressEntry,
-    PortChannelId, PortOperatingMode, parse_brocade_mac_address, shell::BrocadeShell,
+    PortChannelId, PortOperatingMode, SecurityLevel, parse_brocade_mac_address,
+    shell::BrocadeShell,
 };
 
 use async_trait::async_trait;
@@ -209,4 +210,20 @@ impl BrocadeClient for FastIronClient {
         info!("[Brocade] Port-channel '{channel_name}' cleared.");
         Ok(())
     }
+
+    async fn enable_snmp(&self, user_name: &str, auth: &str, des: &str) -> Result<(), Error> {
+        let commands = vec![
+            "configure terminal".into(),
+            "snmp-server view ALL 1 included".into(),
+            "snmp-server group public v3 priv read ALL".into(),
+            format!(
+                "snmp-server user {user_name} groupname public auth md5 auth-password {auth} priv des priv-password {des}"
+            ),
+            "exit".into(),
+        ];
+        self.shell
+            .run_commands(commands, ExecutionMode::Regular)
+            .await?;
+        Ok(())
+    }
 }

brocade/src/lib.rs

@@ -237,6 +237,15 @@ pub trait BrocadeClient: std::fmt::Debug {
         ports: &[PortLocation],
     ) -> Result<(), Error>;
 
+    /// Enables Simple Network Management Protocol (SNMP) server for switch
+    ///
+    /// # Parameters
+    ///
+    ///  * `user_name`: The user name for the snmp server
+    ///  * `auth`: The password for authentication process for verifying the identity of a device
+    ///  * `des`: The Data Encryption Standard algorithm key
+    async fn enable_snmp(&self, user_name: &str, auth: &str, des: &str) -> Result<(), Error>;
+
     /// Removes all configuration associated with the specified Port-Channel name.
     ///
     /// This operation should be idempotent; attempting to clear a non-existent
@@ -300,6 +309,11 @@ fn parse_brocade_mac_address(value: &str) -> Result<MacAddress, String> {
     Ok(MacAddress(bytes))
 }
 
+#[derive(Debug)]
+pub enum SecurityLevel {
+    AuthPriv(String),
+}
+
 #[derive(Debug)]
 pub enum Error {
     NetworkError(String),

brocade/src/network_operating_system.rs

@@ -8,7 +8,7 @@ use regex::Regex;
 use crate::{
     BrocadeClient, BrocadeInfo, Error, ExecutionMode, InterSwitchLink, InterfaceInfo,
     InterfaceStatus, InterfaceType, MacAddressEntry, PortChannelId, PortOperatingMode,
-    parse_brocade_mac_address, shell::BrocadeShell,
+    SecurityLevel, parse_brocade_mac_address, shell::BrocadeShell,
 };
 
 #[derive(Debug)]
@@ -330,4 +330,20 @@ impl BrocadeClient for NetworkOperatingSystemClient {
         info!("[Brocade] Port-channel '{channel_name}' cleared.");
         Ok(())
     }
+
+    async fn enable_snmp(&self, user_name: &str, auth: &str, des: &str) -> Result<(), Error> {
+        let commands = vec![
+            "configure terminal".into(),
+            "snmp-server view ALL 1 included".into(),
+            "snmp-server group public v3 priv read ALL".into(),
+            format!(
+                "snmp-server user {user_name} groupname public auth md5 auth-password {auth} priv des priv-password {des}"
+            ),
+            "exit".into(),
+        ];
+        self.shell
+            .run_commands(commands, ExecutionMode::Regular)
+            .await?;
+        Ok(())
+    }
 }

examples/brocade_snmp_server/Cargo.toml

@@ -0,0 +1,20 @@
+[package]
+name = "brocade-snmp-server"
+edition = "2024"
+version.workspace = true
+readme.workspace = true
+license.workspace = true
+
+[dependencies]
+harmony = { path = "../../harmony" }
+brocade = { path = "../../brocade" }
+harmony_secret = { path = "../../harmony_secret" }
+harmony_cli = { path = "../../harmony_cli" }
+harmony_types = { path = "../../harmony_types" }
+harmony_macros = { path = "../../harmony_macros" }
+tokio = { workspace = true }
+log = { workspace = true }
+env_logger = { workspace = true }
+url = { workspace = true }
+base64.workspace = true
+serde.workspace = true

examples/brocade_snmp_server/src/main.rs

@@ -0,0 +1,22 @@
+use std::net::{IpAddr, Ipv4Addr};
+
+use harmony::{
+    inventory::Inventory, modules::brocade::BrocadeEnableSnmpScore, topology::K8sAnywhereTopology,
+};
+
+#[tokio::main]
+async fn main() {
+    let brocade_snmp_server = BrocadeEnableSnmpScore {
+        server_ips: vec![IpAddr::V4(Ipv4Addr::new(192, 168, 1, 111))],
+        dry_run: true,
+    };
+
+    harmony_cli::run(
+        Inventory::autoload(),
+        K8sAnywhereTopology::from_env(),
+        vec![Box::new(brocade_snmp_server)],
+        None,
+    )
+    .await
+    .unwrap();
+}

harmony/src/infra/brocade.rs

@@ -121,7 +121,7 @@ mod tests {
     use async_trait::async_trait;
     use brocade::{
         BrocadeClient, BrocadeInfo, Error, InterSwitchLink, InterfaceInfo, InterfaceStatus,
-        InterfaceType, MacAddressEntry, PortChannelId, PortOperatingMode,
+        InterfaceType, MacAddressEntry, PortChannelId, PortOperatingMode, SecurityLevel,
     };
     use harmony_types::switch::PortLocation;
 
@@ -279,6 +279,10 @@ mod tests {
         async fn clear_port_channel(&self, _channel_name: &str) -> Result<(), Error> {
             todo!()
         }
+
+        async fn enable_snmp(&self, user_name: &str, auth: &str, des: &str) -> Result<(), Error> {
+            todo!()
+        }
     }
 
     impl FakeBrocadeClient {

harmony/src/infra/network_manager.rs

@@ -135,6 +135,8 @@ impl OpenShiftNmStateNetworkManager {
                 description: Some(format!("Member of bond {bond_name}")),
                 r#type: nmstate::InterfaceType::Ethernet,
                 state: "up".to_string(),
+                mtu: Some(switch_port.interface.mtu),
+                mac_address: Some(switch_port.interface.mac_address.to_string()),
                 ipv4: Some(nmstate::IpStackSpec {
                     enabled: Some(false),
                     ..Default::default()
@@ -160,7 +162,7 @@ impl OpenShiftNmStateNetworkManager {
 
         interfaces.push(nmstate::Interface {
             name: bond_name.to_string(),
-            description: Some(format!("HARMONY - Network bond for host {host}")),
+            description: Some(format!("Network bond for host {host}")),
             r#type: nmstate::InterfaceType::Bond,
             state: "up".to_string(),
             copy_mac_from,

harmony/src/modules/brocade.rs

@@ -0,0 +1,117 @@
+use std::net::{IpAddr, Ipv4Addr};
+
+use async_trait::async_trait;
+use brocade::BrocadeOptions;
+use harmony_secret::{Secret, SecretManager};
+use harmony_types::id::Id;
+use serde::{Deserialize, Serialize};
+
+use crate::{
+    data::Version,
+    interpret::{Interpret, InterpretError, InterpretName, InterpretStatus, Outcome},
+    inventory::Inventory,
+    score::Score,
+    topology::Topology,
+};
+
+#[derive(Debug, Clone, Serialize)]
+pub struct BrocadeEnableSnmpScore {
+    pub server_ips: Vec<IpAddr>,
+    pub dry_run: bool,
+}
+
+impl<T: Topology> Score<T> for BrocadeEnableSnmpScore {
+    fn name(&self) -> String {
+        "BrocadeEnableSnmpScore".to_string()
+    }
+
+    fn create_interpret(&self) -> Box<dyn Interpret<T>> {
+        Box::new(BrocadeEnableSnmpInterpret {
+            score: self.clone(),
+        })
+    }
+}
+
+#[derive(Debug, Clone, Serialize)]
+pub struct BrocadeEnableSnmpInterpret {
+    score: BrocadeEnableSnmpScore,
+}
+
+#[derive(Secret, Clone, Debug, Serialize, Deserialize)]
+struct BrocadeSwitchAuth {
+    username: String,
+    password: String,
+}
+
+#[derive(Secret, Clone, Debug, Serialize, Deserialize)]
+struct BrocadeSnmpAuth {
+    username: String,
+    auth_password: String,
+    des_password: String,
+}
+
+#[async_trait]
+impl<T: Topology> Interpret<T> for BrocadeEnableSnmpInterpret {
+    async fn execute(
+        &self,
+        _inventory: &Inventory,
+        _topology: &T,
+    ) -> Result<Outcome, InterpretError> {
+        let switch_addresses = &self.score.server_ips;
+
+        let snmp_auth = SecretManager::get_or_prompt::<BrocadeSnmpAuth>()
+            .await
+            .unwrap();
+
+        let config = SecretManager::get_or_prompt::<BrocadeSwitchAuth>()
+            .await
+            .unwrap();
+
+        let brocade = brocade::init(
+            &switch_addresses,
+            22,
+            &config.username,
+            &config.password,
+            Some(BrocadeOptions {
+                dry_run: self.score.dry_run,
+                ..Default::default()
+            }),
+        )
+        .await
+        .expect("Brocade client failed to connect");
+
+        brocade
+            .enable_snmp(
+                &snmp_auth.username,
+                &snmp_auth.auth_password,
+                &snmp_auth.des_password,
+            )
+            .await
+            .map_err(|e| InterpretError::new(e.to_string()))?;
+
+        Ok(Outcome::success(format!(
+            "Activated snmp server for Brocade at {}",
+            switch_addresses
+                .iter()
+                .map(|s| s.to_string())
+                .collect::<Vec<_>>()
+                .join(", ")
+        )))
+    }
+
+    fn get_name(&self) -> InterpretName {
+        InterpretName::Custom("BrocadeEnableSnmpInterpret")
+    }
+
+    fn get_version(&self) -> Version {
+        todo!()
+    }
+
+    fn get_status(&self) -> InterpretStatus {
+        todo!()
+    }
+
+    fn get_children(&self) -> Vec<Id> {
+        todo!()
+    }
+}

harmony/src/modules/mod.rs

@@ -1,4 +1,5 @@
 pub mod application;
+pub mod brocade;
 pub mod cert_manager;
 pub mod dhcp;
 pub mod dns;

harmony/src/modules/okd/crd/nmstate.rs

@@ -417,7 +417,6 @@ pub struct EthernetSpec {
 #[serde(rename_all = "kebab-case")]
 pub struct BondSpec {
     pub mode: String,
-    #[serde(alias = "port")]
     pub ports: Vec<String>,
     #[serde(skip_serializing_if = "Option::is_none")]
     pub options: Option<BTreeMap<String, Value>>,

harmony_types/src/net.rs

@@ -1,6 +1,6 @@
 use serde::{Deserialize, Serialize};
 
-#[derive(Copy, Clone, PartialEq, Eq, Hash, Serialize, Deserialize, PartialOrd, Ord)]
+#[derive(Copy, Clone, Debug, PartialEq, Eq, Hash, Serialize, Deserialize, PartialOrd, Ord)]
 pub struct MacAddress(pub [u8; 6]);
 
 impl MacAddress {
@@ -19,14 +19,6 @@ impl From<&MacAddress> for String {
     }
 }
 
-impl std::fmt::Debug for MacAddress {
-    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
-        f.debug_tuple("MacAddress")
-            .field(&String::from(self))
-            .finish()
-    }
-}
-
 impl std::fmt::Display for MacAddress {
     fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
         f.write_str(&String::from(self))

opnsense-config-xml/src/data/haproxy.rs

@@ -106,37 +106,11 @@ pub struct HAProxy {
     pub groups: MaybeString,
     pub users: MaybeString,
     pub cpus: MaybeString,
-    pub resolvers: HAProxyResolvers,
+    pub resolvers: MaybeString,
     pub mailers: MaybeString,
     pub maintenance: Maintenance,
 }
 
-#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
-pub struct HAProxyResolvers {
-    #[yaserde(rename = "resolver")]
-    pub resolver: Resolver,
-}
-
-#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
-pub struct Resolver {
-    pub id: String,
-    pub enabled: i32,
-    pub name: String,
-    pub description: MaybeString,
-    pub nameservers: String,
-    pub parse_resolv_conf: String,
-    pub resolve_retries: i32,
-    pub timeout_resolve: String,
-    pub timeout_retry: String,
-    pub accepted_payload_size: MaybeString,
-    pub hold_valid: MaybeString,
-    pub hold_obsolete: MaybeString,
-    pub hold_refused: MaybeString,
-    pub hold_nx: MaybeString,
-    pub hold_timeout: MaybeString,
-    pub hold_other: MaybeString,
-}
-
 #[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
 pub struct Maintenance {
     #[yaserde(rename = "cronjobs")]

opnsense-config-xml/src/data/opnsense.rs

@@ -216,7 +216,7 @@ pub struct System {
     pub maximumfrags: Option<MaybeString>,
     pub aliasesresolveinterval: Option<MaybeString>,
     pub maximumtableentries: Option<MaybeString>,
-    pub language: Option<String>,
+    pub language: String,
     pub dnsserver: Option<MaybeString>,
     pub dns1gw: Option<String>,
     pub dns2gw: Option<String>,
@@ -1291,7 +1291,6 @@ pub struct WireguardServerItem {
     pub gateway: MaybeString,
     pub carp_depend_on: MaybeString,
     pub peers: String,
-    pub debug: MaybeString,
     pub endpoint: MaybeString,
     pub peer_dns: MaybeString,
 }