`aci_domain_to_vlan_pool` "absent" state removes the whole domain and not only the binding (DCNE-207)

edudppaz commented 1 month ago

Community Note

Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

Setting state "absent" on a aci_domain_to_vlan_pool task removes the whole domain and not only the binding to the vlan pool

Affected Module Name(s):

aci_domain_to_vlan_pool

APIC version and APIC Platform

V 5.2(8e) and on-prem.

Collection versions

cisco.aci 2.10.1

Output/ Error message

*

Expected Behavior

Setting an "absent" state on the task should only remove the vlan_pool to domain binding, not the whole domain

Actual Behavior

The whole domain is removed from the APIC

Playbook tasks to Reproduce

First:

- name: Bind a physical domain to VLAN pool
  cisco.aci.aci_domain_to_vlan_pool:
    host: apic
    username: admin
    password: SomeSecretPassword
    domain: phys_dom
    domain_type: phys
    pool: phys_pool
    pool_allocation_mode: static
    state: present
  delegate_to: localhost

Then:

- name: Remove binding from physical domain to VLAN pool
  cisco.aci.aci_domain_to_vlan_pool:
    host: apic
    username: admin
    password: SomeSecretPassword
    domain: phys_dom
    domain_type: phys
    pool: phys_pool
    pool_allocation_mode: static
    state: absent
  delegate_to: localhost

Important Factoids

From the code i can see that on the module, the url endpoint is being build using the whole domain as an object:

    aci.construct_url(
        root_class=dict(
            aci_class=domain_class,
            aci_rn=domain_rn,
            module_object=domain_mo,
            target_filter={"name": domain},
        ),
        child_classes=["infraRsVlanNs"],
    )

So it makes sense that setting "absent" and running aci.delete_config() deletes the whole domain The state absent should be a new payload that removes the binding, something like this (just writing it on the fly, must be checked and tested:

    elif state == "absent":
        aci.payload(
            aci_class=domain_class,
            class_config=dict(name=domain),
            child_configs=[
                {"infraRsVlanNs": {"status": "deleted" }},
            ],
        )
        aci.post_config()

This is based on a test done directly on the GUI with the API inspector:

method: POST
url: https://10.10.10.10/api/node/mo/uni/phys-phydom_ep_test/rsvlanNs.json
payload{"infraRsVlanNs":{"attributes":{"dn":"uni/phys-phydom_ep_test/rsvlanNs","status":"deleted"},"children":[]}}

References

0000

akinross commented 1 month ago

Hi @edudppaz,

Thank you for raising this issue, I have added it to the backlog. If you would like to work on it yourself and push a PR please let me know.

edudppaz commented 1 month ago

Hi @akinross , i have created this pr #695 , tested on my local environment and seems to be working as expected.

CiscoDevNet / ansible-aci