search

fortinet-ansible-dev / ansible-galaxy-fortimanager-collection

GNU General Public License v3.0
16 stars 15 forks source link

fmgr_dvm_cmd_add_device does not support fortiOS v6 #1

Closed mooky31 closed 4 years ago

mooky31 commented 4 years ago

Hello,

I can't provision fortiOS v6 devices using fmgr_dvm_cmd_add_device : An exception occurred during task execution. To see the full traceback, use -vvv. The error was: ansible_collections.fortinet.fortimanager.plugins.module_utils.common.FMGBaseException: parameter validation fails: param:6.0 does not match schema:{'type': 'string', 'enum': ['unknown', '0.0', '1.0', '2.0', '3.0', '4.0', '5.0']}, detail:type mismatch

I tried to edit the module and add '6.0' to that list, but it's not enough: fatal: [1.0.0.253]: FAILED! => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python"}, "changed": false, "module_stderr": "Traceback (most recent call last):\n File \"/home/bzjr2686/.ansible/tmp/ansible-local-6642beoSwA/ansible-tmp-1584608292.75-102108040147241/AnsiballZ_fmgr_dvm_cmd_add_device.py\", line 102, in <module>\n _ansiballz_main()\n File \"/home/bzjr2686/.ansible/tmp/ansible-local-6642beoSwA/ansible-tmp-1584608292.75-102108040147241/AnsiballZ_fmgr_dvm_cmd_add_device.py\", line 94, in _ansiballz_main\n invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n File \"/home/bzjr2686/.ansible/tmp/ansible-local-6642beoSwA/ansible-tmp-1584608292.75-102108040147241/AnsiballZ_fmgr_dvm_cmd_add_device.py\", line 40, in invoke_module\n runpy.run_module(mod_name='ansible_collections.fortinet.fortimanager.plugins.modules.fmgr_dvm_cmd_add_device', init_globals=None, run_name='__main__', alter_sys=True)\n File \"/usr/lib/python3.7/runpy.py\", line 205, in run_module\n return _run_module_code(code, init_globals, run_name, mod_spec)\n File \"/usr/lib/python3.7/runpy.py\", line 96, in _run_module_code\n mod_name, mod_spec, pkg_name, script_name)\n File \"/usr/lib/python3.7/runpy.py\", line 85, in _run_code\n exec(code, run_globals)\n File \"/tmp/ansible_fmgr_dvm_cmd_add_device_payload_wjm9uwhd/ansible_fmgr_dvm_cmd_add_device_payload.zip/ansible_collections/fortinet/fortimanager/plugins/modules/fmgr_dvm_cmd_add_device.py\", line 611, in <module>\n File \"/tmp/ansible_fmgr_dvm_cmd_add_device_payload_wjm9uwhd/ansible_fmgr_dvm_cmd_add_device_payload.zip/ansible_collections/fortinet/fortimanager/plugins/modules/fmgr_dvm_cmd_add_device.py\", line 592, in main\n File \"/tmp/ansible_fmgr_dvm_cmd_add_device_payload_wjm9uwhd/ansible_fmgr_dvm_cmd_add_device_payload.zip/ansible_collections/fortinet/fortimanager/plugins/module_utils/common.py\", line 493, in get_full_url_path\nTypeError: argument of type 'NoneType' is not iterable\n", "module_stdout": "", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 1}

Ansible v2.9.4 on debian buster Fortimanager collection v1.0.0

chillancezen commented 4 years ago

hi, thanks for filing this issue.

can you share your playbook and the fortimananger version ?

currently the collection will only support fortimanager 6.0. newer version has different schema.

thanks, Link

mooky31 commented 4 years ago

Thank you for looking into it :)

I'm currently testing with fortimanager 6.2.3, but production version will be 6.4. I heard we need ZTP features which will only be avaliable in this version...

Here is the playbook :

bzjr2686@ansible:~/ansible$ cat play-fmgr3.yml
- name: Test API
  hosts: FortiManager
  gather_facts: no
  connection: httpapi

  collections:
    - fortinet.fortimanager

  tasks:
    - name: Provisioning
      fmgr_dvm_cmd_add_device:
         method: exec
         params:
            -
               data:
                  adom: root
                  device:
                     desc: Provisioned by ansible
                     device action: add_model
                     mgmt_mode: fmg
                     mr: 2
                     name: fortiVM01
                     os_type: fos
                     os_ver: '6.0'
                     sn: FGXXXXXXXXXXXX
                  flags:
                    - none
chillancezen commented 4 years ago

hi @mooky31 , the root cause is the schema of 6.0(even 6.2) doesn't include higher os version constant. we have a fix to address such inconsistency issue and it will be available in next release very soon.

however you are still able to preview the fix by installing the collection which contain the fix: https://github.com/fortinet-ansible-dev/ansible-galaxy-fortimanager-collection/releases/tag/v1.0.1

ansible-galaxy collection install -f https://github.com/fortinet-ansible-dev/ansible-galaxy-fortimanager-collection/releases/download/v1.0.1/fortinet-fortimanager-1.0.1.tar.gz

in addition, you have to specify loose_validation in your playbook.

- name: Test API
  hosts: FortiManager
  gather_facts: no
  connection: httpapi

  collections:
    - fortinet.fortimanager

  tasks:
    - name: Provisioning
      fmgr_dvm_cmd_add_device:
         loose_validation: true
         method: exec
         params:
            -
               data:
                  adom: root
                  device:
                     desc: Provisioned by ansible
                     device action: add_model
                     mgmt_mode: fmg
                     mr: 2
                     name: fortiVM01
                     os_type: fos
                     os_ver: '6.0'
                     sn: FGXXXXXXXXXXXX
                  flags:
                    - none

I will keep the issue until next release is done.

thanks, Link

mooky31 commented 4 years ago

Thank you for the followup, my test setup is broken due to lack of licences. I'll keep you posted when I get fresh ones.

chillancezen commented 4 years ago

fixed in latest FMG 2.0.0

https://ansible-galaxy-fortimanager-docs.readthedocs.io/en/latest/daemon_docgen/fmgr_dvm_cmd_add_device.html

loose_validation --> bypass_validation in FMG collection since 2.0.0

thanks, Link.