ciscoise_network_device_group missing other namen

larsrei commented 1 year ago

Prerequisites

[x] Have you tested the operation in the API directly?
[x] Do you have the latest Terraform provider version?
[x] Review the compatibility matrix ISE 3.1 patch 6before opening an issue.

Describe the bug Try to build a network devices group

resource "ciscoise_network_device_group" "example" {
  provider = ciscoise
  parameters {

    description = "string"
    id          = "string"
    name        = "string"
    ndgtype     = "string"
  }
}

Then you become follow error:

Error: Failure when executing CreateNetworkDeviceGroup
│ 
│   with ciscoise_network_device_group.device_group_create["Device Type#All Device Types#LRTest#SuperDev"],
│   on main.tf line 2, in resource "ciscoise_network_device_group" "device_group_create":
│    2: resource "ciscoise_network_device_group" "device_group_create" {
│ 
│ error with operation CreateNetworkDeviceGroup
│ {
│   "ERSResponse" : {
│     "operation" : "POST-create-networkdevicegroup",
│     "messages" : [ {
│       "title" : "Validation Error - Mandatory fields missing: [othername]",
│       "type" : "ERROR",
│       "code" : "Application resource validation exception"
│     } ],
│     "link" : {
│       "rel" : "related",
│       "href" : "https://myServerMask:9060/ers/config/networkdevicegroup",
│       "type" : "application/xml"
│     }
│   }
│ }

The ERS API say you need the paramter:

Attribute	Type	Required	Description
name	String	Yes	Resource name
id	String	No	Resource UUID, mandatory for update
description	String	No
othername	String	Yes	This field holds the Network Device Group Hierarchy (A.K.A NDG Type)

Expected behavior ndgtype = "string" ist the othername paramater but this is not working. Not really shure what ndgtype should be maybe "Location" or "Type"

Taking ndgtype as othername is not working

│ Error: Failure when executing UpdateNetworkDeviceGroupByID
│ 
│   with ciscoise_network_device_group.device_group_create["Device Type#All Device Types#LRTest"],
│   on main.tf line 2, in resource "ciscoise_network_device_group" "device_group_create":
│    2: resource "ciscoise_network_device_group" "device_group_create" {
│ 
│ error with operation UpdateNetworkDeviceGroupById
│ {
│   "ERSResponse" : {
│     "operation" : "PUT-update-networkdevicegroup",
│     "messages" : [ {
│       "title" : "Resource Initialization Failed: Invalid JSON: Unrecognized field \"ndgtype\" (Class network.NetworkDeviceGroup), not marked as ignorable\n ",
│       "type" : "ERROR",
│       "code" : "Application resource validation exception"
│     } ],
│     "link" : {
│       "rel" : "related",
│       "href" : "https://isekonvdcmas01.ka.de.dm-drogeriemarkt.com:9060/ers/config/networkdevicegroup/28ccc190-0b54-11ee-921f-8edba861ae07",
│       "type" : "application/xml"
│     }
│   }
│ }

Environment (please complete the following information):

ISE version and patch: 3.1 patch 6
Terraform version: v1.2.9
ISE provider version: 0.6.18-beta
OS version: MAC OS

fmunozmiranda commented 1 year ago

@larsrei please try it again with 0.6.20-beta and let us know how does it go.

larsrei commented 1 year ago

@fmunozmiranda I try it but not working. Not sure if I use all option rigth:

terraform apply ciscoise_network_device_group.device_group_create["Device Type#All Device Types#LRTest"]: Refreshing state... [id=id:=28ccc190-0b54-11ee-921f-8edba861ae07\name:=Device Type#All Device Types#LRTest] ╷ │ Error: Failure when setting GetNetworkDeviceGroupByID response │ │ with ciscoise_network_device_group.device_group_create["Device Type#All Device Types#LRTest"], │ on main.tf line 2, in resource "ciscoise_network_device_group" "device_group_create": │ 2: resource "ciscoise_network_device_group" "device_group_create" { │ │ Invalid address to set: []string{"parameters", "0", "ndgtype"}

Terraform code:

resource "ciscoise_network_device_group" "device_group_create" { provider = ciscoise for_each = var.device_groups parameters { description = each.value["description"] name = each.key othername = each.value["othername"] } } Variable:

variable "device_groups" { type = map(object({ description = string othername = string })) default = { "Device Type#All Device Types#LRTest" = { description : "Lars Test", othername : "Device Type#All Device Types" } "Device Type#All Device Types#LRTest#SuperDev" = { description : "Super Device", othername : "Device Type#All Device Types#LRTest" } } }

KubaMazurkiewicz commented 1 year ago

@fmunozmiranda I tested that also with 0.6.20-beta and im getting same error as @larsrei

I used following TF code:

resource "ciscoise_network_device_group" "test8" {
  provider = ciscoise
  parameters {

    description = "Test8"
    name        = "Location#All Locations#Test8"
    othername   = "Location"
  }
}

Network Device Group was created in ISE, but i got error when TF try to execute GetNetworkDeviceGroupByID:

╷
│ Error: Failure when setting GetNetworkDeviceGroupByID response
│ 
│   with ciscoise_network_device_group.test8,
│   on main.tf line 1, in resource "ciscoise_network_device_group" "test8":
│    1: resource "ciscoise_network_device_group" "test8" {
│ 
│ Invalid address to set: []string{"parameters", "0", "ndgtype"}
╵

In ERS API that works fine.

Im using:

ISE version and patch: 3.1 patch 7 Terraform version: v1.5.1 ISE provider version: 0.6.20-beta OS version: MAC OS 13.4

fmunozmiranda commented 1 year ago

Hi, @larsrei please try it again with the new provider version and let me know how does it go.

larsrei commented 1 year ago

Hi,

still error: `Plan: 1 to add, 1 to change, 0 to destroy.

Do you want to perform these actions? Terraform will perform the actions described above. Only 'yes' will be accepted to approve.

Enter a value: yes

ciscoise_network_device_group.device_group_create["Device Type#All Device Types#LRTest#SuperDev"]: Creating... ciscoise_network_device_group.device_group_create["Device Type#All Device Types#LRTest"]: Modifying... [id=id:=28ccc190-0b54-11ee-921f-8edba861ae07\name:=Device Type#All Device Types#LRTest] ╷ │ Error: Failure when executing UpdateNetworkDeviceGroupByID │ │ with ciscoise_network_device_group.device_group_create["Device Type#All Device Types#LRTest"], │ on main.tf line 2, in resource "ciscoise_network_device_group" "device_group_create": │ 2: resource "ciscoise_network_device_group" "device_group_create" { │ │ error with operation UpdateNetworkDeviceGroupById │ { │ "ERSResponse" : { │ "operation" : "PUT-update-networkdevicegroup", │ "messages" : [ { │ "title" : "Validation Error - Illegal values: [The request content has an invalid type(othername). Please verify type(othername) contains alphanumeric characters, underscore, minus signs, dot only., The name's first part (before the first pound sign delimiter) should be equal to group's type(othername) provided.]", │ "type" : "ERROR", │ "code" : "Application resource validation exception" │ } ], │ "link" : { │ "rel" : "related", │ "href" : "https://server:9060/ers/config/networkdevicegroup/28ccc190-0b54-11ee-921f-8edba861ae07", │ "type" : "application/xml" │ } │ } │ } ╵ ╷ │ Error: Failure when executing CreateNetworkDeviceGroup │ │ with ciscoise_network_device_group.device_group_create["Device Type#All Device Types#LRTest#SuperDev"], │ on main.tf line 2, in resource "ciscoise_network_device_group" "device_group_create": │ 2: resource "ciscoise_network_device_group" "device_group_create" { │ │ error with operation CreateNetworkDeviceGroup │ { │ "ERSResponse" : { │ "operation" : "POST-create-networkdevicegroup", │ "messages" : [ { │ "title" : "Validation Error - Illegal values: [The request content has an invalid type(othername). Please verify type(othername) contains alphanumeric characters, underscore, minus signs, dot only., The name's first part (before the first pound sign delimiter) should be equal to group's type(othername) provided.]", │ "type" : "ERROR", │ "code" : "Application resource validation exception" │ } ], │ "link" : { │ "rel" : "related", │ "href" : "https://server:9060/ers/config/networkdevicegroup", │ "type" : "application/xml" │ } │ } │ } `

KubaMazurkiewicz commented 1 year ago

@larsrei error you are getting is coming not from TF provider, but from ISE ERS API.

It looks like ERS API is doing validation of othername attribute and in othername you cannot use # sings there. I'm not an expert in ISE, but when i did some checks in POSTMAN it turns out that you can only use the name's first part (before the first pound sign delimiter) in othername.

Which in your case running code would look like this:

resource "ciscoise_network_device_group" "device_group_create" {
  provider = ciscoise
  for_each = var.device_groups
  parameters {
    description = each.value["description"]
    name        = each.key
    othername   = each.value["othername"]
  }
}

variable "device_groups" {
  type = map(object({
    description = string
    othername   = string
  }))
  default = {
    "Device Type#All Device Types#LRTest"          = { description : "Lars Test", othername : "Device Type" }
    "Device Type#All Device Types#LRTest#SuperDev" = { description : "Super Device", othername : "Device Type" }
  }
}

Because those 2 groups are nested you might sometimes get some ERRORS from ERS API when creating those groups. It works fine with option: -parallelism=1

terraform plan

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # ciscoise_network_device_group.device_group_create["Device Type#All Device Types#LRTest"] will be created
  + resource "ciscoise_network_device_group" "device_group_create" {
      + id           = (known after apply)
      + item         = (known after apply)
      + last_updated = (known after apply)

      + parameters {
          + description = "Lars Test"
          + id          = (known after apply)
          + link        = (known after apply)
          + name        = "Device Type#All Device Types#LRTest"
          + othername   = "Device Type"
        }
    }

  # ciscoise_network_device_group.device_group_create["Device Type#All Device Types#LRTest#SuperDev"] will be created
  + resource "ciscoise_network_device_group" "device_group_create" {
      + id           = (known after apply)
      + item         = (known after apply)
      + last_updated = (known after apply)

      + parameters {
          + description = "Super Device"
          + id          = (known after apply)
          + link        = (known after apply)
          + name        = "Device Type#All Device Types#LRTest#SuperDev"
          + othername   = "Device Type"
        }
    }

Plan: 2 to add, 0 to change, 0 to destroy.

terraform apply -parallelism=1  

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # ciscoise_network_device_group.device_group_create["Device Type#All Device Types#LRTest"] will be created
  + resource "ciscoise_network_device_group" "device_group_create" {
      + id           = (known after apply)
      + item         = (known after apply)
      + last_updated = (known after apply)

      + parameters {
          + description = "Lars Test"
          + id          = (known after apply)
          + link        = (known after apply)
          + name        = "Device Type#All Device Types#LRTest"
          + othername   = "Device Type"
        }
    }

  # ciscoise_network_device_group.device_group_create["Device Type#All Device Types#LRTest#SuperDev"] will be created
  + resource "ciscoise_network_device_group" "device_group_create" {
      + id           = (known after apply)
      + item         = (known after apply)
      + last_updated = (known after apply)

      + parameters {
          + description = "Super Device"
          + id          = (known after apply)
          + link        = (known after apply)
          + name        = "Device Type#All Device Types#LRTest#SuperDev"
          + othername   = "Device Type"
        }
    }

Plan: 2 to add, 0 to change, 0 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

ciscoise_network_device_group.device_group_create["Device Type#All Device Types#LRTest"]: Creating...
ciscoise_network_device_group.device_group_create["Device Type#All Device Types#LRTest"]: Creation complete after 0s [id=id:=d34cb970-15ec-11ee-a056-4248683d5372\name:=Device Type#All Device Types#LRTest]
ciscoise_network_device_group.device_group_create["Device Type#All Device Types#LRTest#SuperDev"]: Creating...
ciscoise_network_device_group.device_group_create["Device Type#All Device Types#LRTest#SuperDev"]: Creation complete after 1s [id=id:=d37947b0-15ec-11ee-a056-4248683d5372\name:=Device Type#All Device Types#LRTest#SuperDev]

Apply complete! Resources: 2 added, 0 changed, 0 destroyed.

larsrei commented 1 year ago

@fmunozmiranda you are right!

terraform apply -parallelism=1

is important.

Result: `Plan: 2 to add, 0 to change, 0 to destroy.

Do you want to perform these actions? Terraform will perform the actions described above. Only 'yes' will be accepted to approve.

Enter a value: yes

ciscoise_network_device_group.device_group_create["Device Type#All Device Types#LRTest"]: Creating... ciscoise_network_device_group.device_group_create["Device Type#All Device Types#LRTest"]: Creation complete after 1s [id=id:=4ef9e1b0-1683-11ee-9793-660220509ceb\name:=Device Type#All Device Types#LRTest] ciscoise_network_device_group.device_group_create["Device Type#All Device Types#LRTest#SuperDev"]: Creating... ciscoise_network_device_group.device_group_create["Device Type#All Device Types#LRTest#SuperDev"]: Creation complete after 0s [id=id:=4f3786f0-1683-11ee-9793-660220509ceb\name:=Device Type#All Device Types#LRTest#SuperDev]

Apply complete! Resources: 2 added, 0 changed, 0 destroyed. `

CiscoISE / terraform-provider-ciscoise

ciscoise_network_device_group missing other namen #94