Incorrect lint error for cisco.ios.ios_command and cisco.ios.ios_config modules in Ansible-Lint 24.5.0

[fnateghi]

Summary

The latest version of Ansible-Lint (24.5.0) incorrectly identifies the cisco.ios.ios_command and cisco.ios.ios_config modules as lint errors, although the FQCN names are correct according to the Cisco Ansible documentation.

Issue Type

• Bug Report

OS / ENVIRONMENT

WARNING  Listing 1 violation(s) that are fatal
fqcn[canonical]: You should use canonical module name `cisco.ios.ios` instead of `cisco.ios.ios_config`.

ansible-lint --version 24.5.0

• ansible installation method: one of source, pip, OS package
• ansible-lint installation method: one of source, pip, OS package

STEPS TO REPRODUCE

Create a playbook with tasks using cisco.ios.ios_command and cisco.ios.ios_config modules. Run ansible-lint 24.5.0 on the playbook. Expected Behavior: Ansible-Lint should recognize cisco.ios.ios_command and cisco.ios.ios_config as valid FQCNs and not flag them as errors.

Actual Behavior: Ansible-Lint incorrectly flags these modules as errors, suggesting the use of cisco.ios.ios instead, which is not a valid module name according to the Cisco Ansible documentation.

Environment:

Ansible-Lint version: 24.2.3 Ansible version: 2.16.6 Operating System: debian 12 Additional Context: The documentation from Cisco Ansible clearly states the use of cisco.ios.ios_command and cisco.ios.ios_config as correct module names. This lint error seems to be a false positive.

References:

Cisco Ansible Documentation: [link to the relevant documentation] Please let me know if you need any further information.

Thank you for your attention to this issue.

---
- name: Configure top level configuration
  cisco.ios.ios_config:
    lines: hostname {{ inventory_hostname }}

- name: delete anyconnect from flash
  cisco.ios.ios_config:
    lines: "no crypto vpn anyconnect flash:/webvpn/{{ cisco_anyconnect }}"

- name: "Check Boot path"
  cisco.ios.ios_command:
    commands: 'show run | i boot system flash:'

Desired Behavior

ansbible-lint should not recognize the cisco.ios.ios_command and other module names as conflict or lint violations

Possible security bugs should be reported via email to security@ansible.com

Actual Behavior

Ansible-Lint incorrectly flags these modules as errors, suggesting the use of cisco.ios.ios instead, which is not a valid module name according to the Cisco Ansible documentation.

Please give some details of what is happening. Include a [minimum complete verifiable example] with:

• minimized playbook to reproduce the error
• the output of running ansible-lint including the command line used
• if you're getting a stack trace, also the output of ansible-playbook --syntax-check playbook

[phbo-dec]

I can confirm this, different module, same behaviour:

fqcn[canonical]: You should use canonical module name `dellemc.enterprise_sonic.sonic` instead of `dellemc.enterprise_sonic.sonic_interfaces`.
roles/sonic_ports/tasks/main.yml:68 Task/Handler: Configure interfaces

fqcn[canonical]: You should use canonical module name `dellemc.enterprise_sonic.sonic` instead of `dellemc.enterprise_sonic.sonic_l2_interfaces`.
roles/sonic_ports/tasks/main.yml:72 Task/Handler: Configure Interfaces Layer 2

fqcn[canonical]: You should use canonical module name `dellemc.enterprise_sonic.sonic` instead of `dellemc.enterprise_sonic.sonic_l3_interfaces`.
roles/sonic_ports/tasks/main.yml:76 Task/Handler: Configure intrefaces layer 3

ansible-lint --version
ansible-lint 24.5.0 using ansible-core:2.17.0 ansible-compat:24.5.1 ruamel-yaml:0.18.6 ruamel-yaml-clib:0.2.8

[fnateghi]

It appears that this behavior is not limited to the Cisco FQCN, as you have confirmed with the "dellemc.enterprise_sonic.sonic" module. The workaround my colleague suggested is to add this to the ansible-lint ignore list. But this not a solution. I hope someone has an Idea or there is a fix for it.

[Magnus-Scania]

Had same issue (with cisco.nxos). I downgraded to 24.2.0 and it works fine again. Awaiting some kind of fix.

[MallocArray]

Same with the dellemc.os10 collection

fqcn[canonical]: You should use canonical module name `dellemc.os10.os10` instead of `dellemc.os10.os10_command`.

[kaeraali-flutterint]

Not sure if it's the same issue, but I'm seeing similar in 24.5.0 but bizarely it's suggesting I use ansible.builtin.yum instead of ansible.builtin.yum but only in GitHub Actions - I can't reproduce this locally.

[xibriz]

Got the same on cisco.ios.ios and cisco.nxos.nxos.

Had to change container image from registry.gitlab.com/pipeline-components/ansible-lint:latest to registry.gitlab.com/pipeline-components/ansible-lint:0.68.0 in my GitLab pipeline.

fqcn[canonical]: You should use canonical module name `cisco.ios.ios` instead of `cisco.ios.ios_command`.
playbooks/tasks/ios_interfaces.yaml:169 Task/Handler: Get interfaces transceiver detail
fqcn[canonical]: You should use canonical module name `cisco.nxos.nxos` instead of `cisco.nxos.nxos_command`.
playbooks/tasks/nxos_interface.yaml:9 Task/Handler: Get interface short name

[MallocArray]

Any update on this? I was trying to not put a # noqa on these lines since it does seem like a bug that should be fixed, but a month later and it is still present and causing false errors in our pipeline

[fnateghi]

@MallocArray, temporarily you can put them in your Ansible-lint ignore list. Nevertheless, this is a bug, and it seems that it's affect multiple collections, and it should be fixed soon IMHO

[crytectobi]

I just tested 24.7.0 and this is still broken for anyone using cisco.xxx modules. You should use canonical module namecisco.nxos.nxosinstead ofcisco.nxos.nxos_command.ansible-lint[fqcn[canonical]](https://ansible.readthedocs.io/projects/lint/rules/fqcn/) You should use canonical module namecisco.ios.iosinstead ofcisco.ios.ios_command.ansible-lint[fqcn[canonical]](https://ansible.readthedocs.io/projects/lint/rules/fqcn/)

[btravouillon]

Indeed, same issue with dellemc.enterprise_sonic.sonic. A workaround is to pin ansible-lint==24.2.3.