search

Venafi / ansible-collection-venafi

Ansible collection for managing machine identities (certificates and keys) using Venafi
Apache License 2.0
13 stars 7 forks source link

venafi.machine_identity.policy always fails on autoinstalled #28

Open peterjakobs opened 2 years ago

peterjakobs commented 2 years ago

PROBLEM SUMMARY Trying to create a policy with role: venafi.machine_identity.policy but it always fails

STEPS TO REPRODUCE AnsiblePlaybook:

sample_policy_spec.json: { "policy": { "domains": [ "" ], "wildcardAllowed": true, "autoInstalled": false, "maxValidDays": 0, "certificateAuthority": "", "subject": { "orgs": [ "" ], "orgUnits": [ "" ], "localities": [ "" ], "states": [ "" ], "countries": [ "EU" ] }, "keyPair": { "keyTypes": [ "RSA" ], "rsaKeySizes": [ 2048 ], "ellipticCurves": [ "P256" ], "serviceGenerated": false, "reuseAllowed": false }, "subjectAltNames": { "dnsAllowed": false, "ipAllowed": false, "emailAllowed": false, "uriAllowed": false, "upnAllowed": false } }, "defaults": { "domain": "", "subject": { "org": "eu-LISA", "orgUnits": [ "" ], "locality": "", "state": "", "country": "EU" }, "keyPair": { "keyType": "", "rsaKeySize": 0, "ellipticCurve": "", "serviceGenerated": false } } }

EXPECTED RESULTS Policy creation

ACTUAL RESULTS TASK [venafi.machine_identity.policy : Create Policy on Venafi platform] ** fatal: [localhost]: FAILED! => {"changed": false, "msg": "Failed to set policy at VED\Policy\Installed. Error: default value does not mach with policy value for [autoinstalled].\nDefault: None\nPolicy value: False"}

Changing "autoInstalled": "None", TASK [venafi.machine_identity.policy : Create Policy on Venafi platform] ** fatal: [localhost]: FAILED! => {"changed": false, "msg": "Failed to set policy at VED\Policy\Installed. Error: default value does not mach with policy value for [autoinstalled].\nDefault: None\nPolicy value: None"}

Changing: "autoInstalled": "False", TASK [venafi.machine_identity.policy : Create Policy on Venafi platform] ** fatal: [localhost]: FAILED! => {"changed": false, "msg": "Failed to set policy at VED\Policy\Installed. Error: default value does not mach with policy value for [autoinstalled].\nDefault: None\nPolicy value: False"}

ENVIRONMENT DETAILS ansible-playbook [core 2.12.1] python version = 3.10.0 (default, Dec 21 2021, 15:13:04) [Clang 13.0.0 (clang-1300.0.29.3)] jinja version = 3.0.3 libyaml = True

python3.10 -m pip list Package Version

ansible 5.1.0 ansible-core 2.12.1 ansible-lint 5.3.1 asn1crypto 1.5.1 bracex 2.2.1 certifi 2021.10.8 certvalidator 0.11.1 cffi 1.15.0 charset-normalizer 2.0.9 colorama 0.4.4 commonmark 0.9.1 cryptography 36.0.1 enrich 1.2.6 et-xmlfile 1.1.0 idna 3.3 Jinja2 3.0.3 jmespath 0.10.0 lxml 4.7.1 MarkupSafe 2.0.1 nsx-policy-python-sdk 3.1.3.2.0 nsx-python-sdk 3.1.3.2.0 nsx-vmc-aws-integration-python-sdk 3.1.3.2.0 nsx-vmc-policy-python-sdk 3.1.3.2.0 ntlm-auth 1.5.0 numpy 1.21.5 openpyxl 3.0.9 oscrypto 1.3.0 packaging 21.3 pandas 1.3.5 pip 21.3.1 pyasn1 0.4.8 pyasn1-modules 0.2.8 pycparser 2.21 Pygments 2.11.1 PyNaCl 1.5.0 pyOpenSSL 21.0.0 pyparsing 3.0.6 pypsrp 0.7.0 pyspnego 0.3.1 python-dateutil 2.8.2 python-ldap 3.4.2 python-tss-sdk 1.1.0 pytz 2021.3 pyvmomi 7.0.3 pywinrm 0.4.2 PyYAML 6.0 requests 2.27.1 requests-ntlm 1.1.0 resolvelib 0.5.4 rich 10.16.2 ruamel.yaml 0.17.20 ruamel.yaml.clib 0.2.6 setuptools 60.5.0 six 1.16.0 tenacity 8.0.1 urllib3 1.26.7 vapi-client-bindings 3.7.0 vapi-common-client 2.30.0 vapi-runtime 2.30.0 vcert 0.15.0 vmc-client-bindings 1.54.0 vmc-draas-client-bindings 1.18.0 vSphere-Automation-SDK 1.71.0 wcmatch 8.3 xmltodict 0.12.0

COMMENTS/WORKAROUNDS