Merging upstream version 1.2.0.

Signed-off-by: Daniel Baumann <daniel@debian.org>
2025-02-05 11:55:22 +01:00 · 2025-02-05 11:55:22 +01:00 · afeccccd6a
commit afeccccd6a
parent ae7b7df396
154 changed files with 7346 additions and 5000 deletions
--- a/docs/cli/debug.md
+++ b/docs/cli/debug.md
@ -61,6 +61,7 @@ Options:
  --help                    Show this message and exit.
 ```

+> [!TIP]
 > `username`, `password`, `enable-password`, `enable`, `timeout` and `insecure` values are the same for all devices

 ### Example
@ -162,8 +163,8 @@ Run templated command 'show vlan {vlan_id}' with {'vlan_id': '10'} on DC1-LEAF1A

 ### Example of multiple arguments

-!!! warning
-    If multiple arguments of the same key are provided, only the last argument value will be kept in the template parameters.
+> [!WARNING]
+> If multiple arguments of the same key are provided, only the last argument value will be kept in the template parameters.

 ```bash
 anta -log DEBUG debug run-template --template "ping {dst} source {src}" dst "8.8.8.8" src Loopback0 --device DC1-SPINE1    
--- a/docs/cli/exec.md
+++ b/docs/cli/exec.md
@ -64,6 +64,7 @@ Options:
  --help                  Show this message and exit.
 ```

+> [!TIP]
 > `username`, `password`, `enable-password`, `enable`, `timeout` and `insecure` values are the same for all devices

 ### Example
@ -235,12 +236,14 @@ Options:
                          tag1,tag2,tag3.  [env var: ANTA_TAGS]
  -o, --output PATH       Path for test catalog  [default: ./tech-support]
  --latest INTEGER        Number of scheduled show-tech to retrieve
-  --configure             Ensure devices have 'aaa authorization exec default
-                          local' configured (required for SCP on EOS). THIS
-                          WILL CHANGE THE CONFIGURATION OF YOUR NETWORK.
+  --configure             [DEPRECATED] Ensure devices have 'aaa authorization
+                          exec default local' configured (required for SCP on
+                          EOS). THIS WILL CHANGE THE CONFIGURATION OF YOUR
+                          NETWORK.
  --help                  Show this message and exit.
 ```

+> [!TIP]
 > `username`, `password`, `enable-password`, `enable`, `timeout` and `insecure` values are the same for all devices

 When executed, this command fetches tech-support files and downloads them locally into a device-specific subfolder within the designated folder. You can specify the output folder with the `--output` option.
@ -248,13 +251,18 @@ When executed, this command fetches tech-support files and downloads them locall
 ANTA uses SCP to download files from devices and will not trust unknown SSH hosts by default. Add the SSH public keys of your devices to your `known_hosts` file or use the `anta --insecure` option to ignore SSH host keys validation.

 The configuration `aaa authorization exec default` must be present on devices to be able to use SCP.
-ANTA can automatically configure `aaa authorization exec default local` using the `anta exec collect-tech-support --configure` option.
+
+> [!CAUTION]
+> **Deprecation**
+>
+> ANTA can automatically configure `aaa authorization exec default local` using the `anta exec collect-tech-support --configure` option but this option is deprecated and will be removed in ANTA 2.0.0.
+
 If you require specific AAA configuration for `aaa authorization exec default`, like `aaa authorization exec default none` or `aaa authorization exec default group tacacs+`, you will need to configure it manually.

 The `--latest` option allows retrieval of a specific number of the most recent tech-support files.

-!!! warning
-    By default **all** the tech-support files present on the devices are retrieved.
+> [!WARNING]
+> By default **all** the tech-support files present on the devices are retrieved.

 ### Example

--- a/docs/cli/get-inventory-information.md
+++ b/docs/cli/get-inventory-information.md
@ -52,8 +52,8 @@ Options:
  --help                         Show this message and exit.
 ```

-!!! tip
-    By default, `anta get inventory` only provides information that doesn't rely on a device connection. If you are interested in obtaining connection-dependent details, like the hardware model, use the `--connected` option.
+> [!TIP]
+> By default, `anta get inventory` only provides information that doesn't rely on a device connection. If you are interested in obtaining connection-dependent details, like the hardware model, use the `--connected` option.

 ### Example

--- a/docs/cli/get-tests.md
+++ b/docs/cli/get-tests.md
@ -0,0 +1,120 @@
+---
+anta_title: Retrieving Tests information
+---
+<!--
+  ~ Copyright (c) 2023-2024 Arista Networks, Inc.
+  ~ Use of this source code is governed by the Apache License 2.0
+  ~ that can be found in the LICENSE file.
+  -->
+
+`anta get tests` commands help you discover available tests in ANTA.
+
+### Command overview
+
+```bash
+Usage: anta get tests [OPTIONS]
+
+  Show all builtin ANTA tests with an example output retrieved from each test
+  documentation.
+
+Options:
+  --module TEXT  Filter tests by module name.  [default: anta.tests]
+  --test TEXT    Filter by specific test name. If module is specified,
+                 searches only within that module.
+  --short        Display test names without their inputs.
+  --count        Print only the number of tests found.
+  --help         Show this message and exit.
+```
+
+> [!TIP]
+> By default, `anta get tests` will retrieve all tests available in ANTA.
+
+### Examples
+
+#### Default usage
+
+``` yaml title="anta get tests"
+anta.tests.aaa:
+  - VerifyAcctConsoleMethods:
+      # Verifies the AAA accounting console method lists for different accounting types (system, exec, commands, dot1x).
+      methods:
+        - local
+        - none
+        - logging
+      types:
+        - system
+        - exec
+        - commands
+        - dot1x
+  - VerifyAcctDefaultMethods:
+      # Verifies the AAA accounting default method lists for different accounting types (system, exec, commands, dot1x).
+      methods:
+        - local
+        - none
+        - logging
+      types:
+        - system
+        - exec
+        - commands
+        - dot1x
+[...]
+```
+
+#### Module usage
+
+To retrieve all the tests from `anta.tests.stun`.
+
+``` yaml title="anta get tests --module anta.tests.stun"
+anta.tests.stun:
+  - VerifyStunClient:
+      # Verifies STUN client settings, including local IP/port and optionally public IP/port.
+      stun_clients:
+        - source_address: 172.18.3.2
+          public_address: 172.18.3.21
+          source_port: 4500
+          public_port: 6006
+        - source_address: 100.64.3.2
+          public_address: 100.64.3.21
+          source_port: 4500
+          public_port: 6006
+  - VerifyStunServer:
+      # Verifies the STUN server status is enabled and running.
+```
+
+#### Test usage
+
+``` yaml title="anta get tests --test VerifyTacacsSourceIntf"
+anta.tests.aaa:
+  - VerifyTacacsSourceIntf:
+      # Verifies TACACS source-interface for a specified VRF.
+      intf: Management0
+      vrf: MGMT
+```
+
+> [!TIP]
+> You can filter tests by providing a prefix - ANTA will return all tests that start with your specified string.
+
+```yaml title="anta get tests --test VerifyTacacs"
+anta.tests.aaa:
+  - VerifyTacacsServerGroups:
+      # Verifies if the provided TACACS server group(s) are configured.
+      groups:
+        - TACACS-GROUP1
+        - TACACS-GROUP2
+  - VerifyTacacsServers:
+      # Verifies TACACS servers are configured for a specified VRF.
+      servers:
+        - 10.10.10.21
+        - 10.10.10.22
+      vrf: MGMT
+  - VerifyTacacsSourceIntf:
+      # Verifies TACACS source-interface for a specified VRF.
+      intf: Management0
+      vrf: MGMT
+```
+
+#### Count the tests
+
+```bash title="anta get tests --count"
+There are 155 tests available in `anta.tests`.
+```
--- a/docs/cli/inv-from-ansible.md
+++ b/docs/cli/inv-from-ansible.md
@ -31,26 +31,13 @@ Options:
  --help                    Show this message and exit.
 ```

-!!! warning
-
- `anta get from-ansible` does not support inline vaulted variables, comment them out to generate your inventory.
- If the vaulted variable is necessary to build the inventory (e.g. `ansible_host`), it needs to be unvaulted for `from-ansible` command to work."
-
-The output is an inventory where the name of the container is added as a tag for each host:
-
-```yaml
-anta_inventory:
-  hosts:
-  - host: 10.73.252.41
-    name: srv-pod01
-  - host: 10.73.252.42
-    name: srv-pod02
-  - host: 10.73.252.43
-    name: srv-pod03
-```
-
-!!! warning
-    The current implementation only considers devices directly attached to a specific Ansible group and does not support inheritance when using the `--ansible-group` option.
+> [!WARNING]
+>
+> - `anta get from-ansible` does not support inline vaulted variables, comment them out to generate your inventory.
+>
+> - If the vaulted variable is necessary to build the inventory (e.g. `ansible_host`), it needs to be unvaulted for `from-ansible` command to work."
+>
+> - The current implementation only considers devices directly attached to a specific Ansible group and does not support inheritance when using the `--ansible-group` option.

 By default, if user does not provide `--output` file, anta will save output to configured anta inventory (`anta --inventory`). If the output file has content, anta will ask user to overwrite when running in interactive console. This mechanism can be controlled by triggers in case of CI usage: `--overwrite` to force anta to overwrite file. If not set, anta will exit

@ -60,7 +47,7 @@ By default, if user does not provide `--output` file, anta will save output to c

 ```yaml
 ---
-tooling:
+all:
  children:
    endpoints:
      hosts:
@ -80,3 +67,16 @@ tooling:
          ansible_host: 10.73.252.43
          type: endpoint
 ```
+
+The output is an inventory where the name of the container is added as a tag for each host:
+
+```yaml
+anta_inventory:
+  hosts:
+  - host: 10.73.252.41
+    name: srv-pod01
+  - host: 10.73.252.42
+    name: srv-pod02
+  - host: 10.73.252.43
+    name: srv-pod03
+```
--- a/docs/cli/inv-from-cvp.md
+++ b/docs/cli/inv-from-cvp.md
@ -52,8 +52,8 @@ anta_inventory:
    - pod2
 ```

-!!! warning
-    The current implementation only considers devices directly attached to a specific container when using the `--cvp-container` option.
+> [!WARNING]
+> The current implementation only considers devices directly attached to a specific container when using the `--cvp-container` option.

 ## Creating an inventory from multiple containers

--- a/docs/cli/nrfu.md
+++ b/docs/cli/nrfu.md
@ -26,8 +26,8 @@ ANTA provides a set of commands for performing NRFU tests on devices. These comm

 All commands under the `anta nrfu` namespace require a catalog yaml file specified with the `--catalog` option and a device inventory file specified with the `--inventory` option.

-!!! info
-    Issuing the command `anta nrfu` will run `anta nrfu table` without any option.
+> [!TIP]
+> Issuing the command `anta nrfu` will run `anta nrfu table` without any option.

 ### Tag management

--- a/docs/cli/overview.md
+++ b/docs/cli/overview.md
@ -45,9 +45,10 @@ Then, run the CLI without options:
 anta nrfu
 ```

-!!! note
-    All environment variables may not be needed for every commands.
-    Refer to `<command> --help` for the comprehensive environment variables names.
+> [!NOTE]
+> All environment variables may not be needed for every commands.
+>
+> Refer to `<command> --help` for the comprehensive environment variables names.

 Below are the environment variables usable with the `anta nrfu` command:

@ -63,8 +64,8 @@ Below are the environment variables usable with the `anta nrfu` command:
 | ANTA_ENABLE | Whether it is necessary to go to enable mode on devices. |  No  |
 | ANTA_ENABLE_PASSWORD | The optional enable password, when this variable is set, ANTA_ENABLE or `--enable` is required. |  No  |

-!!! info
-    Caching can be disabled with the global parameter `--disable-cache`. For more details about how caching is implemented in ANTA, please refer to [Caching in ANTA](../advanced_usages/caching.md).
+> [!NOTE]
+> Caching can be disabled with the global parameter `--disable-cache`. For more details about how caching is implemented in ANTA, please refer to [Caching in ANTA](../advanced_usages/caching.md).

 ## ANTA Exit Codes

--- a/docs/cli/tag-management.md
+++ b/docs/cli/tag-management.md
@ -4,9 +4,7 @@
  ~ that can be found in the LICENSE file.
  -->

-ANTA commands can be used with a `--tags` option. This option **filters the inventory** with the specified tag(s) when running the command.
-
-Tags can also be used to **restrict a specific test** to a set of devices when using `anta nrfu`.
+ANTA uses tags to define test-to-device mappings (tests run on devices with matching tags) and the `--tags` CLI option acts as a filter to execute specific test/device combinations.

 ## Defining tags

@ -94,10 +92,11 @@ anta.tests.interfaces:
        tags: ['spine']
 ```

-> A tag used to filter a test can also be a device name
-
-!!! tip "Use different input values for a specific test"
-    Leverage tags to define different input values for a specific test. See the `VerifyUptime` example above.
+> [!TIP]
+>
+> - A tag used to filter a test can also be a device name
+>
+> - **Use different input values for a specific test**: Leverage tags to define different input values for a specific test. See the `VerifyUptime` example above.

 ## Using tags