search

CiscoDevNet / FMCAnsible

GNU General Public License v3.0
20 stars 24 forks source link

Task idempotency does not appear to be working. #56

Open ibplayn opened 1 year ago

ibplayn commented 1 year ago

Task idempotency does not appear to be working, at least not for what i would expect are commonly used operations.

Example error from re-using the same object name: fatal: [firewall.example.com]: FAILED! => {"changed": false, "msg": "Server returned an error trying to execute createMultipleHostObject operation. Status code: 400. Server response: The object name testansible02 already exists. Enter a new name."}

fatal: [firewall.example.com]: FAILED! => {"changed": false, "msg": "Server returned an error trying to execute upsertHostObject operation. Status code: 400. Server response: The object name testansible02 already exists. Enter a new name."}

xibriz commented 1 year ago

How does your task look like?

I'm not having any idempotency issues with the following tasks:

- name: Create Network Objects
  cisco.fmcansible.fmc_configuration:
    operation: upsertNetworkObject
    data:
      name: test.v0000.net.subnet
      value: 10.10.0.0/16
      type: Network
    path_params:
      domainUUID: "{{ domain_result.0.uuid }}"
- name: Create Host Objects
  cisco.fmcansible.fmc_configuration:
    operation: upsertHostObject
    data:
      name: test.ksat.v0254.fw-1.r1
      value: 10.10.254.115
      type: Host
    path_params:
      domainUUID: "{{ domain_result.0.uuid }}"
ibplayn commented 1 year ago

So I copied your tasks and ran them. The upsertNetworkObject idempotency works, but the upsertHostObject does not. Playbook:

---
- name: Firepower - TEST Create objects
  hosts: firepower
  connection: httpapi
  tasks:
    - name: Get Domain UUID
      cisco.fmcansible.fmc_configuration:
        operation: getAllDomain
        register_as: domain_result

    - name: Create Network Objects
      cisco.fmcansible.fmc_configuration:
        operation: upsertNetworkObject
        data:
          name: test.v0000.net.subnet
          value: 10.10.0.0/16
          type: Network
        path_params:
          domainUUID: "{{ domain_result.0.uuid }}"

    - name: Create Host Objects
      cisco.fmcansible.fmc_configuration:
        operation: upsertHostObject
        data:
          name: test.ksat.v0254.fw-1.r1
          value: 10.10.254.115
          type: Host
        path_params:
          domainUUID: "{{ domain_result.0.uuid }}"

Output from first run through:

PLAY [Firepower - TEST Create objects] *******************************************************************************************************************************************************************************

TASK [Gathering Facts] ***********************************************************************************************************************************************************************************************
ok: [firewall.example.com]

TASK [Get Domain UUID] ***********************************************************************************************************************************************************************************************
ok: [firewall.example.com]

TASK [Create Network Objects] ****************************************************************************************************************************************************************************************
changed: [firewall.example.com]

TASK [Create Host Objects] *******************************************************************************************************************************************************************************************
changed: [firewall.example.com]

PLAY RECAP ***********************************************************************************************************************************************************************************************************
firewall.example.com      : ok=4    changed=2    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

Output from the 2nd time through, host object updating did not work:

PLAY [Firepower - TEST Create objects] *******************************************************************************************************************************************************************************

TASK [Gathering Facts] ***********************************************************************************************************************************************************************************************
ok: [firewall.example.com]

TASK [Get Domain UUID] ***********************************************************************************************************************************************************************************************
ok: [firewall.example.com]

TASK [Create Network Objects] ****************************************************************************************************************************************************************************************
ok: [firewall.example.com]

TASK [Create Host Objects] *******************************************************************************************************************************************************************************************
fatal: [firewall.example.com]: FAILED! => {"changed": false, "msg": "Server returned an error trying to execute upsertHostObject operation. Status code: 400. Server response: The object name test.ksat.v0254.fw-1.r1 already exists. Enter a new name."}

PLAY RECAP ***********************************************************************************************************************************************************************************************************
firewall.example.com      : ok=3    changed=0    unreachable=0    failed=1    skipped=0    rescued=0    ignored=0
xibriz commented 1 year ago

@ibplayn Strange. What version of FMC do you have?

I have tried this on version 7.2, and I always get the following result:

First run:

TASK [Create Network Objects] *********************************************************************************************************************************************************************************
changed: [172.22.253.60]

TASK [Create Host Objects] ************************************************************************************************************************************************************************************
changed: [172.22.253.60]

Second run:

TASK [Create Network Objects] *********************************************************************************************************************************************************************************
ok: [172.22.253.60]

TASK [Create Host Objects] ************************************************************************************************************************************************************************************
ok: [172.22.253.60]
ibplayn commented 1 year ago

@xibriz I am running FMC 7.2.4 and using ansible [core 2.13.6]

xibriz commented 1 year ago

I'm using:

FMC 7.2.4 build 169 ansible [core 2.13.11] cisco.fmcansible 0.9.1

ibplayn commented 1 year ago

Confirmed my FMC version build is the same as well as fmcansible collection version matches. I updated my ansible version to match yours and also tested with the lasted (2.15.3), both seem to have the same issue.