Open stmps opened 2 months ago
@stmps, thank you for submitting this feature request. I have added it to the backlog.
@stmps, Force firmware overwrite feature cannot be added to idrac_firmware module due to the limitation on API.
The other way to achieve this is to roll back the firmware (redfish_firmware_rollback) to the previously installed version and then apply the required version. Find the sample playbook below for your reference. Note: Rollback can be done only if the component has any previous installed version available as in below screen shot.
---
- name: Force firmware update
hosts: localhost
gather_facts: false
vars:
baseuri: x.x.x.x
username: username
password: password
component_name: "Backplane 1"
idrac_ip: x.x.x.x
idrac_user: username
idrac_password: password
firmware_repository: "https://downloads.dell.com"
tasks:
- name: Check if the firmware rollback is available
dellemc.openmanage.redfish_firmware_rollback:
baseuri: "{{ baseuri }}"
username: "{{ username }}"
password: "{{ password }}"
validate_certs: false
name: "{{ component_name }}"
check_mode: true
register: rollback_check_result
- name: Rollback the firmware
dellemc.openmanage.redfish_firmware_rollback:
baseuri: "{{ baseuri }}"
username: "{{ username }}"
password: "{{ password }}"
validate_certs: false
name: "{{ component_name }}"
register: rollback_result
when:
- rollback_check_result.changed
- rollback_check_result.msg == "Changes found to be applied."
- name: Update firmware from the repository
dellemc.openmanage.idrac_firmware:
idrac_ip: "{{ idrac_ip }}"
idrac_user: "{{ idrac_user }}"
idrac_password: "{{ idrac_password }}"
validate_certs: false
share_name: "{{ firmware_repository }}"
reboot: true
job_wait: true
apply_update: true
when:
- rollback_result.changed
- rollback_result.msg == "Successfully completed the job for firmware rollback."
Describe the solution you'd like
Hi folks,
When using
idrac_firmware
, there are no firmware changes in the event that the device is already at the latest version.We would like to be able to force the firmware to be overwritten.
I believe that this is possible when booting from an ISO and using the Server Update Utility (e.g. when no update is required for a given component, the "check box" is un-checked. But you can manually check the box for each component in order to force that firmware to be installed.)
This comes from a security requirement in our organisation where all devices must have their factory firmware overwritten with a "known good" firmware.
Describe alternatives you've considered
Our alternatives are:
Additional context
Possible implementation:
Community Note