Drop OPNsense 23.1 support (#168)

DonGiovanni83 · web-flow · commit 3ea6e9e59808 · 2025-02-19T09:19:23.000+01:00
* Remove 23.1 from molecule tests

* Remove 23.1 from module index

* Remove conditional alias checks for 23.1

* Add changelog for 23.1 deprecation

* Fix unused import
diff --git a/changelogs/fragments/168-drop-23.1.yml b/changelogs/fragments/168-drop-23.1.yml
@@ -0,0 +1,3 @@
+---
+deprecated_features:
+  - OPNsense 23.1 support has been deprecated
diff --git a/molecule/firewall_alias/molecule.yml b/molecule/firewall_alias/molecule.yml
@@ -16,16 +16,6 @@ driver:
     parallel: true
 
 platforms:
-    - name: "23.1"
-      box: puzzle/opnsense
-      hostname: false
-      box_version: "23.1"
-      memory: 1024
-      cpus: 2
-      instance_raw_config_args:
-          - 'vm.guest = :freebsd'
-          - 'ssh.sudo_command = "%c"'
-          - 'ssh.shell = "/bin/sh"'
     - name: "23.7"
       box: puzzle/opnsense
       hostname: false
diff --git a/molecule/firewall_rules/molecule.yml b/molecule/firewall_rules/molecule.yml
@@ -16,16 +16,6 @@ driver:
   parallel: true
 
 platforms:
-  - name: "23.1"
-    box: puzzle/opnsense
-    hostname: false
-    box_version: "23.1"
-    memory: 1024
-    cpus: 2
-    instance_raw_config_args:
-      - 'vm.guest = :freebsd'
-      - 'ssh.sudo_command = "%c"'
-      - 'ssh.shell = "/bin/sh"'
   - name: "23.7"
     box: puzzle/opnsense
     hostname: false
diff --git a/molecule/interfaces_assignments/molecule.yml b/molecule/interfaces_assignments/molecule.yml
@@ -16,16 +16,6 @@ driver:
     parallel: true
 
 platforms:
-    - name: "23.1"
-      box: puzzle/opnsense
-      hostname: false
-      box_version: "23.1"
-      memory: 1024
-      cpus: 2
-      instance_raw_config_args:
-          - 'vm.guest = :freebsd'
-          - 'ssh.sudo_command = "%c"'
-          - 'ssh.shell = "/bin/sh"'
     - name: "23.7"
       box: puzzle/opnsense
       hostname: false
diff --git a/molecule/opnsense_config/molecule.yml b/molecule/opnsense_config/molecule.yml
@@ -16,16 +16,6 @@ driver:
     parallel: true
 
 platforms:
-    - name: "23.1"
-      box: puzzle/opnsense
-      hostname: false
-      box_version: "23.1"
-      memory: 1024
-      cpus: 2
-      instance_raw_config_args:
-          - 'vm.guest = :freebsd'
-          - 'ssh.sudo_command = "%c"'
-          - 'ssh.shell = "/bin/sh"'
     - name: "23.7"
       box: puzzle/opnsense
       hostname: false
diff --git a/molecule/system_access_users/molecule.yml b/molecule/system_access_users/molecule.yml
@@ -18,16 +18,6 @@ driver:
     parallel: true
 
 platforms:
-    - name: "23.1"
-      box: puzzle/opnsense
-      hostname: false
-      box_version: "23.1"
-      memory: 1024
-      cpus: 2
-      instance_raw_config_args:
-          - 'vm.guest = :freebsd'
-          - 'ssh.sudo_command = "%c"'
-          - 'ssh.shell = "/bin/sh"'
     - name: "23.7"
       box: puzzle/opnsense
       hostname: false
diff --git a/molecule/system_high_availability_settings/molecule.yml b/molecule/system_high_availability_settings/molecule.yml
@@ -15,16 +15,6 @@ driver:
     parallel: true
 
 platforms:
-    - name: "23.1"
-      box: puzzle/opnsense
-      hostname: false
-      box_version: "23.1"
-      memory: 1024
-      cpus: 2
-      instance_raw_config_args:
-          - 'vm.guest = :freebsd'
-          - 'ssh.sudo_command = "%c"'
-          - 'ssh.shell = "/bin/sh"'
     - name: "23.7"
       box: puzzle/opnsense
       hostname: false
diff --git a/molecule/system_settings_general/molecule.yml b/molecule/system_settings_general/molecule.yml
@@ -16,16 +16,6 @@ driver:
     parallel: true
 
 platforms:
-    - name: "23.1"
-      box: puzzle/opnsense
-      hostname: false
-      box_version: "23.1"
-      memory: 1024
-      cpus: 2
-      instance_raw_config_args:
-          - 'vm.guest = :freebsd'
-          - 'ssh.sudo_command = "%c"'
-          - 'ssh.shell = "/bin/sh"'
     - name: "23.7"
       box: puzzle/opnsense
       hostname: false
diff --git a/molecule/system_settings_logging/molecule.yml b/molecule/system_settings_logging/molecule.yml
@@ -16,16 +16,6 @@ driver:
     parallel: true
 
 platforms:
-    - name: "23.1"
-      box: puzzle/opnsense
-      hostname: false
-      box_version: "23.1"
-      memory: 1024
-      cpus: 2
-      instance_raw_config_args:
-          - 'vm.guest = :freebsd'
-          - 'ssh.sudo_command = "%c"'
-          - 'ssh.shell = "/bin/sh"'
     - name: "23.7"
       box: puzzle/opnsense
       hostname: false
diff --git a/plugins/module_utils/firewall_alias_utils.py b/plugins/module_utils/firewall_alias_utils.py
@@ -14,7 +14,6 @@
 from ansible_collections.puzzle.opnsense.plugins.module_utils import xml_utils
 from ansible_collections.puzzle.opnsense.plugins.module_utils.config_utils import (
     OPNsenseModuleConfig,
-    UnsupportedModuleSettingError,
 )
 from ansible_collections.puzzle.opnsense.plugins.module_utils.system_access_users_utils import (
     Group,
@@ -659,18 +658,7 @@ def add_or_update(self, alias: FirewallAlias) -> None:
             self.is_interface(alias.interface)
 
         if alias.type == FirewallAliasType.OPNVPNGROUP:
-            if self.opnsense_version > "23.1":
-                self.set_authgroup(type_opnvpngroup_alias=alias)
-            else:
-                raise UnsupportedModuleSettingError(
-                    f"OPNVPNGROUP type is not supported in OPNsense {self.opnsense_version}"
-                )
-
-        if alias.type in [FirewallAliasType.DYNAMICIPV6HOST, FirewallAliasType.BGPASN]:
-            if self.opnsense_version < "23.7":
-                raise UnsupportedModuleSettingError(
-                    f"{alias.type} type is not supported in OPNsense {self.opnsense_version}"
-                )
+            self.set_authgroup(type_opnvpngroup_alias=alias)
 
         existing_alias: Optional[FirewallAlias] = next(
             (a for a in self._aliases if a.name == alias.name), None
diff --git a/plugins/module_utils/module_index.py b/plugins/module_utils/module_index.py
@@ -29,159 +29,6 @@
 """
 # pylint: disable=duplicate-code; Since this is rewritten in some tests.
 VERSION_MAP = {
-    "23.1": {
-        "system_settings_general": {
-            "hostname": "system/hostname",
-            "domain": "system/domain",
-            "timezone": "system/timezone",
-            # Add other mappings here
-            "php_requirements": [
-                "/usr/local/etc/inc/config.inc",
-                "/usr/local/etc/inc/util.inc",
-                "/usr/local/etc/inc/filter.inc",
-                "/usr/local/etc/inc/system.inc",
-                "/usr/local/etc/inc/interfaces.inc",
-            ],
-            "configure_functions": {
-                "system_timezone_configure": {
-                    "name": "system_timezone_configure",
-                    "configure_params": ["true"],
-                },
-                "system_trust_configure": {
-                    "name": "system_trust_configure",
-                    "configure_params": ["true"],
-                },
-                "system_hostname_configure": {
-                    "name": "system_hostname_configure",
-                    "configure_params": ["true"],
-                },
-                "system_hosts_generate": {
-                    "name": "system_hosts_generate",
-                    "configure_params": ["true"],
-                },
-                "system_resolvconf_generate": {
-                    "name": "system_resolvconf_generate",
-                    "configure_params": ["true"],
-                },
-                "plugins_configure_dns": {
-                    "name": "plugins_configure",
-                    "configure_params": ["'dns'", "true"],
-                },
-                "plugins_configure_dhcp": {
-                    "name": "plugins_configure",
-                    "configure_params": ["'dhcp'", "true"],
-                },
-                "filter_configure": {
-                    "name": "filter_configure",
-                    "configure_params": ["true"],
-                },
-            },
-        },
-        "system_settings_logging": {
-            "preserve_logs": "syslog/preservelogs",
-            # Add other mappings here
-            "php_requirements": [
-                "/usr/local/etc/inc/config.inc",
-                "/usr/local/etc/inc/util.inc",
-                "/usr/local/etc/inc/system.inc",
-            ],
-            "configure_functions": {
-                "system_settings_logging": {
-                    "name": "system_syslog_start",
-                    "configure_params": ["true"],
-                },
-            },
-        },
-        "system_access_users": {
-            "users": "system/user",
-            "uid": "system/nextuid",
-            "gid": "system/nextgid",
-            "system": "system",
-            "maximumtableentries": "system/maximumtableentries",
-            "php_requirements": [
-                "/usr/local/etc/inc/system.inc",
-            ],
-            "configure_functions": {},
-        },
-        "password": {
-            "php_requirements": [
-                "/usr/local/etc/inc/auth.inc",
-            ],
-            "configure_functions": {
-                "password": {
-                    "name": "echo password_hash",
-                    "configure_params": [
-                        "'password'",
-                        "PASSWORD_BCRYPT",
-                        "[ 'cost' => 11 ]",
-                    ],
-                },
-            },
-        },
-        "firewall_rules": {
-            "rules": "filter",
-            "php_requirements": [
-                "/usr/local/etc/inc/config.inc",
-                "/usr/local/etc/inc/util.inc",  # required for the service_log utility
-                "/usr/local/etc/inc/interfaces.inc",
-                "/usr/local/etc/inc/filter.inc",
-                "/usr/local/etc/inc/system.inc",
-            ],
-            "configure_functions": {
-                "system_cron_configure": {
-                    "name": "system_cron_configure",
-                    "configure_params": ["true"],
-                },
-                "filter_configure": {
-                    "name": "filter_configure",
-                    "configure_params": [],
-                },
-            },
-        },
-        "interfaces_assignments": {
-            "interfaces": "interfaces",
-            # Add other mappings here.
-            "php_requirements": [
-                "/usr/local/etc/inc/config.inc",
-                "/usr/local/etc/inc/util.inc",
-                "/usr/local/etc/inc/filter.inc",
-                "/usr/local/etc/inc/system.inc",
-                "/usr/local/etc/inc/rrd.inc",
-                "/usr/local/etc/inc/interfaces.inc",
-            ],
-            "configure_functions": {
-                "filter_configure": {
-                    "name": "filter_configure",
-                    "configure_params": [],
-                },
-            },
-        },
-        "system_high_availability_settings": {
-            # Add other mappings here
-            "hasync": "hasync",
-            "synchronize_states": "hasync/pfsyncenabled",
-            "synchronize_interface": "hasync/pfsyncinterface",
-            "synchronize_peer_ip": "hasync/pfsyncpeerip",
-            "synchronize_config_to_ip": "hasync/synchronizetoip",
-            "remote_system_username": "hasync/username",
-            "remote_system_password": "hasync/password",
-            "disable_preempt": "hasync/disablepreempt",
-            "disconnect_dialup_interfaces": "hasync/disconnectppps",
-            "php_requirements": [
-                "/usr/local/etc/inc/interfaces.inc",
-                "/usr/local/etc/inc/util.inc",
-                "/usr/local/etc/inc/config.inc",
-                "/usr/local/etc/inc/plugins.inc",
-            ],
-            "configure_functions": {},
-        },
-        "firewall_alias": {
-            "alias": "OPNsense/Firewall/Alias/aliases",
-            "geoip": "OPNsense/Firewall/Alias/geoip",
-            "php_requirements": [],
-            "configure_functions": {},
-        },
-    },
     "23.7": {
         "system_settings_general": {
             "hostname": "system/hostname",
diff --git a/plugins/modules/firewall_alias.py b/plugins/modules/firewall_alias.py
@@ -47,11 +47,10 @@
       - networkgroup (Combine different network type aliases into one)
       - macaddress (MAC address or partial mac addresses like f4:90:ea)
       - bgpasn (Maps autonomous system (AS) numbers to networks where they
-        are responsible for) supported >= version 23.7
+        are responsible for) supported
       - dynamicipv6host (A Host entry that will auto update on a
-        prefixchange) supported >= version 23.7
-      - opnvpngroup (Map user groups to logged in OpenVPN users) supported
-        >= version 23.1
+        prefixchange) supported
+      - opnvpngroup (Map user groups to logged in OpenVPN users)
       - internal (Internal aliases which are managed by the product)
       - external (Externally managed alias, this only handles the
         placeholder. Content is set from another source (plugin, api call,

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+---`
	`2`	`+deprecated_features:`
	`3`	`+ - OPNsense 23.1 support has been deprecated`