search

fortinet-ansible-dev / ansible-galaxy-fortios-collection

GNU General Public License v3.0
85 stars 49 forks source link

KeyError: 'management_ip' in check mode #318

Closed mtak closed 3 months ago

mtak commented 3 months ago

When running fortinet.fortios collection 2.3.6 on Ansible 2.16.7, when running the following task with --check:

- name: Interface port1 (Management)
  fortinet.fortios.fortios_system_interface:
    state: "present"
    system_interface:
      name: port1
      status: up
      description: "Management"
      management_ip: "192.168.0.1 255.255.255.0"
      mode: static
      allowaccess:
        - ssh
        - https
        - snmp
        - ping

(Similar happens with management_ip: "192.168.0.1/24")

I get the following error:

An exception occurred during task execution. To see the full traceback, use -vvv. The error was: KeyError: 'management_ip'
fatal: [vm-vpn-prod-0001a]: FAILED! => {"changed": false, "module_stderr": "Traceback (most recent call last):
  File \"/home/app/.ansible/tmp/ansible-local-3817q6c60lbd/ansible-tmp-1718351619.2599387-4056-192647574794807/AnsiballZ_fortios_system_interface.py\", line 107, in <module>
    _ansiballz_main()
  File \"/home/app/.ansible/tmp/ansible-local-3817q6c60lbd/ansible-tmp-1718351619.2599387-4056-192647574794807/AnsiballZ_fortios_system_interface.py\", line 99, in _ansiballz_main
    invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)
  File \"/home/app/.ansible/tmp/ansible-local-3817q6c60lbd/ansible-tmp-1718351619.2599387-4056-192647574794807/AnsiballZ_fortios_system_interface.py\", line 47, in invoke_module
    runpy.run_module(mod_name='ansible_collections.fortinet.fortios.plugins.modules.fortios_system_interface', init_globals=dict(_module_fqn='ansible_collections.fortinet.fortios.plugins.modules.fortios_system_interface', _modlib_path=modlib_path),
  File \"<frozen runpy>\", line 226, in run_module
  File \"<frozen runpy>\", line 98, in _run_module_code
  File \"<frozen runpy>\", line 88, in _run_code
  File \"/tmp/ansible_fortinet.fortios.fortios_system_interface_payload_dqunl187/ansible_fortinet.fortios.fortios_system_interface_payload.zip/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_interface.py\", line 5077, in <module>
  File \"/tmp/ansible_fortinet.fortios.fortios_system_interface_payload_dqunl187/ansible_fortinet.fortios.fortios_system_interface_payload.zip/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_interface.py\", line 5043, in main
  File \"/tmp/ansible_fortinet.fortios.fortios_system_interface_payload_dqunl187/ansible_fortinet.fortios.fortios_system_interface_payload.zip/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_interface.py\", line 3228, in fortios_system
  File \"/tmp/ansible_fortinet.fortios.fortios_system_interface_payload_dqunl187/ansible_fortinet.fortios.fortios_system_interface_payload.zip/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_interface.py\", line 3170, in system_interface
  File \"/tmp/ansible_fortinet.fortios.fortios_system_interface_payload_dqunl187/ansible_fortinet.fortios.fortios_system_interface_payload.zip/ansible_collections/fortinet/fortios/plugins/module_utils/fortios/comparison.py\", line 107, in find_current_values
KeyError: 'management_ip'
", "module_stdout": "", "msg": "MODULE FAILURE
See stdout/stderr for the exact error", "rc": 1}
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: KeyError: 'management_ip'

Current (before the --check run) config on the Fortigate is:

    edit "port1"
        set vdom "root"
        set management-ip 192.168.0.1 255.255.255.0
        set allowaccess ping https ssh snmp
        set type physical
        set description "Management"
        set snmp-index 1
    next

This error does not occur when running Ansible without --check.

I figured it was something with the hyphen/underscore conversion, but I tried with snmp-index, and that seems to work fine.

app@infra-network-vpn:~/infra-network-vpn/ansible$ ansible-playbook --version
ansible-playbook [core 2.16.7]
  config file = /home/app/infra-network-vpn/ansible/ansible.cfg
  configured module search path = ['/home/app/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/local/lib/python3.12/site-packages/ansible
  ansible collection location = /home/app/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/local/bin/ansible-playbook
  python version = 3.12.4 (main, Jun  7 2024, 19:06:40) [GCC 12.2.0] (/usr/local/bin/python)
  jinja version = 3.1.4
  libyaml = True
app@infra-network-vpn:~/infra-network-vpn/ansible$ ansible-galaxy collection list | grep forti
fortinet.fortimanager                    2.5.0  
fortinet.fortios                         2.3.6
MaxxLiu22 commented 3 months ago

Hi @mtak ,

Thank you for bringing this issue to our attention. We have received similar feedback from other customers, and we are actively working on a solution. We anticipate this will be resolved in the next release. We apologize for any inconvenience this may have caused.

Thanks, Maxx

mtak commented 3 months ago

That works for me, thanks.