Compliance Status does not refresh

[damn42]

Environment

• Python version: 3.8
• Nautobot version: 2.3.1
• nautobot-golden-config version: 2.1.1

General description

A feature that is compliant does not go into "Non-Compliant" state when the configuration on the device changes.

The screenshot shows the issue. A line of extra configuration is found but does not change the feature to "Non-Compliant". The same happens if I restore a compliant state, the Feature stays non-compliant.

If I delete the Compliance Rule a recreate it exactly as it was and run the jobs again, it works correctly again (for one time only).

The Remediation part of a Rule also behaves incorrectly, please let me know if I should provide more details on that side.

Steps to Reproduce

1. Make a fresh install of Nautobot and the Golden Config App
2. Take all necessary steps to be able to use the Golden Config App (in my case, custom Napalm driver, Git Repos, etc.)
3. Create a template (for simplicity a 1:1 copy of the running config) and generate an intended config
4. Create a backup of the device
5. Create a Feature and a Rule, run the compliance job => Feature is compliant
6. Add an extra line on the device
7. Run all Golden Config jobs on the device
8. Feature is still compliant but extra line is (rightly) shown (as per screenshot)

[itdependsnetworks]

Can you show the compliance detail view, by hitting the "NTP" link in your screen shot? As an example: https://demo.nautobot.com/plugins/golden-config/config-compliance/66c18f78-cd3e-4c1b-a6c7-e237daa800bf/?tab=main

[damn42]

Sure:

It's not in the same state as the screenshot above, does that matter for you?

[itdependsnetworks]

Yes, it does.

[damn42]

Ok, fair enough. I'll get back to you with that screenshot tomorrow, I can't access the environment until then, sorry.

But what I can tell you now: whenever I delete the Compliance Rule, recreate it and rerun all jobs, the Feature on the device is correct, no matter if the current state is compliant or not. Then, say it's compliant and I add an unwanted line and rerun all jobs, the state stays Compliant (which is incorrect) but the extra line is shown. When I delete and recreate the Rule an rerun all jobs it's good again (in this case non-compliant with the extra line).

Hope this helps for now and I'll get you the screenshot and whatever else you need tomorrow.

Thanks for your help!

[damn42]

Here's the screenshot with the state I described in the beginning. What I just noticed now, "Ordered" is activated. It is not in the rule though: Do you need anything else?

[itdependsnetworks]

I think that should be good, I think you likely hit the point that matters with ordered.

[baldy2811]

It seems i hitted the same issue:

[itdependsnetworks]

The issue is likely from: https://docs.djangoproject.com/en/5.1/releases/4.2/#setting-update-fields-in-model-save-may-now-be-required will get something out soon.

[itdependsnetworks]

Fix should be here: https://github.com/nautobot/nautobot-app-golden-config/pull/798/commits/8e6ed07836c911c41b77da51b6f00af6a9404aad

[baldy2811]

@itdependsnetworks Issue is fixed with that updates. Thank you!

[damn42]

Looking good.. do you want me to do something with the GitHub issue or is that something you do on your side? Sorry, this is the first issue I created.. :)