search

ansible-collections / netapp.ontap

Ansible collection to support NetApp ONTAP configuration.
https://galaxy.ansible.com/netapp/ontap
GNU General Public License v3.0
57 stars 37 forks source link

na_ontap_ldap_client: Not idempotent? #136

Closed stackprotector closed 1 year ago

stackprotector commented 1 year ago

Summary

The na_ontap_ldap_client module does not seem to be idempotent. If I run it once, everything is fine and it creates the LDAP connection. But if I run it a second time without any changes, the module throws an error saying "duplicate entry", instead of just saying "OK" (no changes needed). So it looks like it tries to create the same LDAP connection a second time instead of checking the already existing one correctly.

Component Name

na_ontap_ldap_client

Ansible Version

$ ansible --version
ansible [core 2.14.1]
  config file = None
  configured module search path = ['/home/username/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /home/username/.local/lib/python3.9/site-packages/ansible
  ansible collection location = /home/username/.ansible/collections:/usr/share/ansible/collections
  executable location = /home/username/.local/bin/ansible
  python version = 3.9.14 (main, Dec  5 2022, 13:41:22) [GCC 8.5.0 20210514 (Red Hat 8.5.0-17)] (/usr/bin/python3)
  jinja version = 3.1.2
  libyaml = True

ONTAP Collection Version

$ ansible-galaxy collection list
Collection                    Version
----------------------------- -------
amazon.aws                    5.1.0  
ansible.netcommon             4.1.0  
ansible.posix                 1.4.0  
ansible.utils                 2.8.0  
ansible.windows               1.12.0 
arista.eos                    6.0.0  
awx.awx                       21.10.0
azure.azcollection            1.14.0 
check_point.mgmt              4.0.0  
chocolatey.chocolatey         1.3.1  
cisco.aci                     2.3.0  
cisco.asa                     4.0.0  
cisco.dnac                    6.6.1  
cisco.intersight              1.0.22 
cisco.ios                     4.0.0  
cisco.iosxr                   4.0.3  
cisco.ise                     2.5.9  
cisco.meraki                  2.13.0 
cisco.mso                     2.1.0  
cisco.nso                     1.0.3  
cisco.nxos                    4.0.1  
cisco.ucs                     1.8.0  
cloud.common                  2.1.2  
cloudscale_ch.cloud           2.2.3  
community.aws                 5.0.0  
community.azure               2.0.0  
community.ciscosmb            1.0.5  
community.crypto              2.9.0  
community.digitalocean        1.22.0 
community.dns                 2.4.2  
community.docker              3.3.1  
community.fortios             1.0.0  
community.general             6.1.0  
community.google              1.0.0  
community.grafana             1.5.3  
community.hashi_vault         4.0.0  
community.hrobot              1.6.0  
community.libvirt             1.2.0  
community.mongodb             1.4.2  
community.mysql               3.5.1  
community.network             5.0.0  
community.okd                 2.2.0  
community.postgresql          2.3.1  
community.proxysql            1.4.0  
community.rabbitmq            1.2.3  
community.routeros            2.5.0  
community.sap                 1.0.0  
community.sap_libs            1.4.0  
community.skydive             1.0.0  
community.sops                1.5.0  
community.vmware              3.2.0  
community.windows             1.11.1 
community.zabbix              1.9.0  
containers.podman             1.10.1 
cyberark.conjur               1.2.0  
cyberark.pas                  1.0.14 
dellemc.enterprise_sonic      2.0.0  
dellemc.openmanage            6.3.0  
dellemc.os10                  1.1.1  
dellemc.os6                   1.0.7  
dellemc.os9                   1.0.4  
f5networks.f5_modules         1.21.0 
fortinet.fortimanager         2.1.7  
fortinet.fortios              2.2.1  
frr.frr                       2.0.0  
gluster.gluster               1.0.2  
google.cloud                  1.0.2  
grafana.grafana               1.1.0  
hetzner.hcloud                1.9.0  
hpe.nimble                    1.1.4  
ibm.qradar                    2.1.0  
ibm.spectrum_virtualize       1.10.0 
infinidat.infinibox           1.3.12 
infoblox.nios_modules         1.4.1  
inspur.ispim                  1.2.0  
inspur.sm                     2.3.0  
junipernetworks.junos         4.1.0  
kubernetes.core               2.3.2  
lowlydba.sqlserver            1.2.1  
mellanox.onyx                 1.0.0  
netapp.aws                    21.7.0 
netapp.azure                  21.10.0
netapp.cloudmanager           21.21.0
netapp.elementsw              21.7.0 
netapp.ontap                  22.0.1 
netapp.storagegrid            21.11.1
netapp.um_info                21.8.0 
netapp_eseries.santricity     1.3.1  
netbox.netbox                 3.9.0  
ngine_io.cloudstack           2.3.0  
ngine_io.exoscale             1.0.0  
ngine_io.vultr                1.1.2  
openstack.cloud               1.10.0 
openvswitch.openvswitch       2.1.0  
ovirt.ovirt                   2.4.1  
purestorage.flasharray        1.15.0 
purestorage.flashblade        1.10.0 
purestorage.fusion            1.2.0  
sensu.sensu_go                1.13.1 
splunk.es                     2.1.0  
t_systems_mms.icinga_director 1.31.4 
theforeman.foreman            3.7.0  
vmware.vmware_rest            2.2.0  
vultr.cloud                   1.3.1  
vyos.vyos                     4.0.0  
wti.remote                    1.0.4

ONTAP Version

sridharc-vsim34::> version
NetApp Release 9.11.1: Tue Jul 12 10:21:46 UTC 2022

Playbook

- name: Connect LDAP
  netapp.ontap.na_ontap_ldap_client:
    base_dn: 'DC=domain,DC=tld'
    bind_dn: username
    bind_password: password
    ldaps_enabled: no
    min_bind_level: sasl
    port: 389
    schema: MS-AD-BIS
    servers:
      - 192.168.1.10
      - 192.168.1.20
    vserver: clustername

Steps to Reproduce

  1. Run the above task.
  2. At the first run, it will work and successfully create the LDAP connection. (Well, you need LDAP servers for that, or use skip_config_validation: yes)
  3. Run the above task without any changes a second time.
  4. The task fails with an error (see actual result).

Expected Results

I expect to get no error message, but an "OK" status (no changes needed) instead.

Actual Results

Error on creating ldap client: calling: name-services/ldap: got {'message': 'duplicate entry', 'code': '1', 'target': 'svm.uuid'}.
carchi8py commented 1 year ago

@stackprotector i believe we have a fix for this already in our dev instance (which is scheduled for release as part of 22.4.0. I"ll double check with the team. https://github.com/ansible-collections/netapp.ontap#bug-fixes

carchi8py commented 1 year ago

This was fixed in 22.4.0