Output of Dry-Run/Check invalid when Status Absent

[richwats]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

I'm using the output and dry-run/check option with the Cisco ACI collection. I then pass that the output file to the Nexus Dashboard Insights Pre-Change Validation (PCV) module (nd_pcv).

It appears that when the objects are to be deleted using the "state: absent" parameter, that resulting output is missing the a required parameter ("name") and is rejected by Nexus Dashboard.

Affected Module Name(s):

• cisco.aci.aci_tenant

• cisco.aci.aci_bd
  (probably others...)

• cisco.nd.nd_pcv

APIC version and APIC Platform

• 6.0(2h)

Collection versions

• cisco.aci 2.6
• cisco.nd 0.3

Output/ Error message

When removing/deleting a bridge domain the aci_bd, the output is missing the "name" attribute

    {
      "fvBD": {
        "attributes": {
          "dn": "uni/tn-Ansible-Demo-Internal/BD-AN-Development",
          "status": "deleted"
        }
      }
    }

The error from Nexus Dashboard Insights is a follows. The error message is 'ND Error 4011 (ERROR): Required attribute \"name\" missing for type \"fvBD\".' I have also seen the same problem when removing tenants using the aci_tenant module.

{
  "changed": false,
  "data": {
    "allowUnsupportedObjectModification": "true",
    "analysisSubmissionTime": 1684382309569,
    "baseEpochId": "0e5604f9-70c4f7a9-811b-3473-a2f7-468a30630349",
    "baseEpochCollectionTimestamp": 1684381877000,
    "fabricUuid": "228fb4d5-4dff-4855-9ff0-d7a520bbcb19",
    "description": "Pre-Changed Validation job created by Ansible CI/CD Workflow",
    "name": "ANSIBLE-CICD-PCV",
    "assuranceEntityName": "MEL-SE-LAB-ACI"
  },
  "socket": "/home/runner/.ansible/pc/78f5432481",
  "status": 400,
  "current": {},
  "info": {
    "url": "https://nd-n1.mel.ciscolabs.com:443/sedgeapi/v1/cisco-nir/api/api/telemetry/v2/config/insightsGroup/MEL-SE-LAB-ACI/fabric/MEL-SE-LAB-ACI/prechangeAnalysis/fileChanges",
    "msg": "OK (445 bytes)",
    "status": 400,
    "access-control-allow-origin": "*",
    "content-length": "445",
    "content-type": "application/json",
    "referrer-policy": "strict-origin-when-cross-origin",
    "server": "Werkzeug/2.0.2 Python/3.8.10",
    "strict-transport-security": "max-age=31536000; includeSubDomains",
    "x-content-type-options": "nosniff",
    "x-frame-options": "SAMEORIGIN",
    "x-ratelimit-limit": "-1",
    "x-ratelimit-remaining": "-1",
    "x-ratelimit-reset": "1559582945",
    "x-xss-protection": "1; mode=block",
    "connection": "close",
    "method": "POST",
    "error": {
      "code": -1,
      "message": {
        "success": false,
        "messages": [
          {
            "code": 4011,
            "severity": "ERROR",
            "message": "Required attribute \"name\" missing for type \"fvBD\"."
          }
        ],
        "value": {
          "namespaces": {
            "default": "https://www.cisco.com/api/schema"
          },
          "dataSummary": {
            "links": [],
            "totalCount": 0,
            "hasMoreData": false
          }
        }
      }
    },
    "body": {
      "success": false,
      "messages": [
        {
          "code": 4011,
          "severity": "ERROR",
          "message": "Required attribute \"name\" missing for type \"fvBD\"."
        }
      ],
      "value": {
        "namespaces": {
          "default": "https://www.cisco.com/api/schema"
        },
        "dataSummary": {
          "links": [],
          "totalCount": 0,
          "hasMoreData": false
        }
      }
    }
  },
  "payload": {
    "success": false,
    "messages": [
      {
        "code": 4011,
        "severity": "ERROR",
        "message": "Required attribute \"name\" missing for type \"fvBD\"."
      }
    ],
    "value": {
      "namespaces": {
        "default": "https://www.cisco.com/api/schema"
      },
      "dataSummary": {
        "links": [],
        "totalCount": 0,
        "hasMoreData": false
      }
    }
  },
  "msg": "ND Error 4011 (ERROR): Required attribute \"name\" missing for type \"fvBD\".",
  "invocation": {
    "module_args": {
      "insights_group": "MEL-SE-LAB-ACI",
      "name": "ANSIBLE-CICD-PCV",
      "site_name": "MEL-SE-LAB-ACI",
      "description": "Pre-Changed Validation job created by Ansible CI/CD Workflow",
      "file": "config.json",
      "state": "present",
      "output_level": "normal",
      "timeout": 30,
      "host": null,
      "port": null,
      "username": null,
      "password": null,
      "use_proxy": null,
      "use_ssl": null,
      "validate_certs": null,
      "login_domain": null,
      "manual": null
    }
  },
  "_ansible_no_log": false
}

Expected Behavior

That when the "state: absent" parameter is used the output / check option that the resulting JSON code is valid to be taken into the Nexus Dashboard Insights Pre-Change Validation service. It appears that either the JSON code generated by the ACI collection should add the name parameter or the Nexus Dashboard Insights code should be modified to not expect the "name" parameter when the DN parameter is present.

Actual Behavior

Nexus Dashboard rejects the request to create a new PCV analysis job as above.

Playbook tasks to Reproduce

Playbook are available (internally) here https://wwwin-github.cisco.com/richwats/ansible-awx-aci-ndi-demo

[akinross]

Issue will be resolved in new version of NDI where the output created by the ansible collection is sufficient and the identifiers are not required. Decided to not make changes to the ansible collection, because the output generated is valid ACI config.