search

fortinet / ansible-fortimanager-generic

8 stars 6 forks source link

Added error checking code #3

Closed chillancezen closed 4 years ago

chillancezen commented 4 years ago

added basic error checking code in fmgr_generic modue.

chillancezen commented 4 years ago

case 1: invalid payload:

the data1 is not valid.

- hosts: fortimanager01
  connection: httpapi
  vars:
    adom: "root"
    ansible_httpapi_use_ssl: True
    ansible_httpapi_validate_certs: False
    ansible_httpapi_port: 443
  tasks:
    -   name: 'create a script on fortimanager'
        fmgr_generic:
             json: |
                  {
                   "method":"set",
                   "params":[
                    {
                         "url":"/dvmdb/adom/root/script",
                         "data1":[
                            {
                               "name": "user_script1",
                               "type": "cli",
                               "desc": "The script is created by ansible",
                               "content": "the script content to be executed"
                            }
                          ]
                     }
                    ]
                  }

we have ansible output:

fatal: [fortimanager01]: FAILED! => {
    "ansible_facts": {
        "ansible_params": {
            "json": "{\n \"method\":\"set\",\n \"params\":[\n  {\n       \"url\":\"/dvmdb/adom/root/script\",\n       \"data1\":[\n          {\n             \"name\": \"user_script1\",\n             \"type\": \"cli\",\n             \"desc\": \"The script is created by ansible\",\n             \"content\": \"the script content to be executed\"\n          }\n        ]\n   }\n  ]\n}\n"
        },
        "connected_fmgr": {
            "Admin Domain Configuration": "Disabled",
            "BIOS version": "04000002",
            "Branch Point": "0255",
            "Build": "0255",
            "Current Time": "Tue Jan 14 07:17:58 PST 2020",
            "Daylight Time Saving": "Yes",
            "FIPS Mode": "Disabled",
            "HA Mode": "Stand Alone",
            "Hostname": "FMG-VM64",
            "License Status": "Valid",
            "Major": 6,
            "Max Number of Admin Domains": 10000,
            "Max Number of Device Groups": 10000,
            "Minor": 0,
            "Offline Mode": "Disabled",
            "Patch": 3,
            "Platform Full Name": "FortiManager-VM64",
            "Platform Type": "FMG-VM64",
            "Release Version Information": " (GA)",
            "Serial Number": "FMG-VMTM19008442",
            "Time Zone": "(GMT-8:00) Pacific Time (US & Canada).",
            "Version": "v6.0.3-build0255 181102 (GA)",
            "x86-64 Applications": "Yes"
        },
        "paramgram": {
            "json": "{\n \"method\":\"set\",\n \"params\":[\n  {\n       \"url\":\"/dvmdb/adom/root/script\",\n       \"data1\":[\n          {\n             \"name\": \"user_script1\",\n             \"type\": \"cli\",\n             \"desc\": \"The script is created by ansible\",\n             \"content\": \"the script content to be executed\"\n          }\n        ]\n   }\n  ]\n}\n"
        },
        "response": [
            -1,
            {
                "status": {
                    "code": -1,
                    "message": "runtime error 0: invalid value"
                },
                "url": "/dvmdb/adom/root/script"
            }
        ]
    },
    "ansible_module_results": {
        "status": {
            "code": -1,
            "message": "runtime error 0: invalid value"
        },
        "url": "/dvmdb/adom/root/script"
    },
    "changed": false,
    "invocation": {
        "module_args": {
            "json": "{\n \"method\":\"set\",\n \"params\":[\n  {\n       \"url\":\"/dvmdb/adom/root/script\",\n       \"data1\":[\n          {\n             \"name\": \"user_script1\",\n             \"type\": \"cli\",\n             \"desc\": \"The script is created by ansible\",\n             \"content\": \"the script content to be executed\"\n          }\n        ]\n   }\n  ]\n}\n"
        }
    },
    "msg": "Operation Finished",
    "rc": -1,
    "unreachable": false
}

PLAY RECAP ***************************************************************************************************************************************************************************************************************
fortimanager01             : ok=1    changed=0    unreachable=0    failed=1    skipped=0    rescued=0    ignored=0
chillancezen commented 4 years ago

case 2: objects already present.

ADD to create an object

- hosts: fortimanager01
  connection: httpapi
  vars:
    adom: "root"
    ansible_httpapi_use_ssl: True
    ansible_httpapi_validate_certs: False
    ansible_httpapi_port: 443
  tasks:
    -   name: 'create a script on fortimanager'
        fmgr_generic:
             json: |
                  {
                   "method":"add",
                   "params":[
                    {
                         "url":"/dvmdb/adom/root/script",
                         "data":[
                            {
                               "name": "user_script1",
                               "type": "cli",
                               "desc": "The script is created by ansible",
                               "content": "the script content to be executed"
                            }
                          ]
                     }
                    ]
                  }

it returns status code -2 which is further mapped to ansible output changed=0. This is considered Not Error.

ok: [fortimanager01] => {
    "changed": false,
    "invocation": {
        "module_args": {
            "json": "{\n \"method\":\"add\",\n \"params\":[\n  {\n       \"url\":\"/dvmdb/adom/root/script\",\n       \"data\":[\n          {\n             \"name\": \"user_script1\",\n             \"type\": \"cli\",\n             \"desc\": \"The script is created by ansible\",\n             \"content\": \"the script content to be executed\"\n          }\n        ]\n   }\n  ]\n}\n",
            "method": null,
            "params": null
        }
    },
    "response": {
        "status": {
            "code": -2,
            "message": "Object already exists"
        },
        "url": "/dvmdb/adom/root/script"
    }
}
META: ran handlers
META: ran handlers

PLAY RECAP ***************************************************************************************************************************************************************************************************************
fortimanager01             : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

UPDATE/SET to update an object

- hosts: fortimanager01
  connection: httpapi
  vars:
    adom: "root"
    ansible_httpapi_use_ssl: True
    ansible_httpapi_validate_certs: False
    ansible_httpapi_port: 443
  tasks:
    -   name: 'create a script on fortimanager'
        fmgr_generic:
             json: |
                  {
                   "method":"set",
                   "params":[
                    {
                         "url":"/dvmdb/adom/root/script",
                         "data":[
                            {
                               "name": "user_script1",
                               "type": "cli",
                               "desc": "The script is created by ansible",
                               "content": "the script content to be executed"
                            }
                          ]
                     }
                    ]
                  }

usually it always succeeds, with changed=1

changed: [fortimanager01] => {
    "ansible_facts": {
        "ansible_params": {
            "json": "{\n \"method\":\"set\",\n \"params\":[\n  {\n       \"url\":\"/dvmdb/adom/root/script\",\n       \"data\":[\n          {\n             \"name\": \"user_script1\",\n             \"type\": \"cli\",\n             \"desc\": \"The script is created by ansible\",\n             \"content\": \"the script content to be executed\"\n          }\n        ]\n   }\n  ]\n}\n"
        },
        "connected_fmgr": {
            "Admin Domain Configuration": "Disabled",
            "BIOS version": "04000002",
            "Branch Point": "0255",
            "Build": "0255",
            "Current Time": "Tue Jan 14 07:32:12 PST 2020",
            "Daylight Time Saving": "Yes",
            "FIPS Mode": "Disabled",
            "HA Mode": "Stand Alone",
            "Hostname": "FMG-VM64",
            "License Status": "Valid",
            "Major": 6,
            "Max Number of Admin Domains": 10000,
            "Max Number of Device Groups": 10000,
            "Minor": 0,
            "Offline Mode": "Disabled",
            "Patch": 3,
            "Platform Full Name": "FortiManager-VM64",
            "Platform Type": "FMG-VM64",
            "Release Version Information": " (GA)",
            "Serial Number": "FMG-VMTM19008442",
            "Time Zone": "(GMT-8:00) Pacific Time (US & Canada).",
            "Version": "v6.0.3-build0255 181102 (GA)",
            "x86-64 Applications": "Yes"
        },
        "paramgram": {
            "json": "{\n \"method\":\"set\",\n \"params\":[\n  {\n       \"url\":\"/dvmdb/adom/root/script\",\n       \"data\":[\n          {\n             \"name\": \"user_script1\",\n             \"type\": \"cli\",\n             \"desc\": \"The script is created by ansible\",\n             \"content\": \"the script content to be executed\"\n          }\n        ]\n   }\n  ]\n}\n"
        },
        "response": [
            0,
            {
                "status": {
                    "code": 0,
                    "message": "OK"
                },
                "url": "/dvmdb/adom/root/script"
            }
        ]
    },
    "ansible_module_results": {
        "status": {
            "code": 0,
            "message": "OK"
        },
        "url": "/dvmdb/adom/root/script"
    },
    "changed": true,
    "invocation": {
        "module_args": {
            "json": "{\n \"method\":\"set\",\n \"params\":[\n  {\n       \"url\":\"/dvmdb/adom/root/script\",\n       \"data\":[\n          {\n             \"name\": \"user_script1\",\n             \"type\": \"cli\",\n             \"desc\": \"The script is created by ansible\",\n             \"content\": \"the script content to be executed\"\n          }\n        ]\n   }\n  ]\n}\n"
        }
    },
    "msg": "Operation Finished",
    "rc": 0,
    "success": true,
    "unreachable": false
}
META: ran handlers
META: ran handlers

PLAY RECAP ***************************************************************************************************************************************************************************************************************
fortimanager01             : ok=2    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
chillancezen commented 4 years ago

case 3: unsupported methods.

the method nop is not a valid method.

- hosts: fortimanager01
  connection: httpapi
  vars:
    adom: "root"
    ansible_httpapi_use_ssl: True
    ansible_httpapi_validate_certs: False
    ansible_httpapi_port: 443
  tasks:
    -   name: 'create a script on fortimanager'
        fmgr_generic:
             json: |
                  {
                   "method":"nop",
                   "params":[
                    {
                         "url":"/dvmdb/adom/root/script",
                         "data":[
                            {
                               "name": "user_script2",
                               "type": "cli",
                               "desc": "The script is created by ansible",
                               "content": "the script content to be executed"
                            }
                          ]
                     }
                    ]
                  }

we have ansible output:

fatal: [fortimanager01]: FAILED! => {
    "changed": false,
    "invocation": {
        "module_args": {
            "json": "{\n \"method\":\"nop\",\n \"params\":[\n  {\n       \"url\":\"/dvmdb/adom/root/script\",\n       \"data\":[\n          {\n             \"name\": \"user_script2\",\n             \"type\": \"cli\",\n             \"desc\": \"The script is created by ansible\",\n             \"content\": \"the script content to be executed\"\n          }\n        ]\n   }\n  ]\n}\n",
            "method": null,
            "params": null
        }
    },
    "msg": "method:nop not supported"
}

PLAY RECAP ***************************************************************************************************************************************************************************************************************
fortimanager01             : ok=1    changed=0    unreachable=0    failed=1    skipped=0    rescued=0    ignored=0