search

netascode / ansible-dc-vxlan

Ansible Collection for configuring a VXLAN Fabric using Direct to Controller (DTC) or Direct To Device (DTD) workflows.
https://galaxy.ansible.com/ui/repo/published/cisco/nac_dc_vxlan/
MIT License
6 stars 6 forks source link

Lookup of NDFC password environment variable fails #111

Closed marehler closed 2 months ago

marehler commented 3 months ago

The task "Retrieve NDFC Device Username and Password from Group Vars and update inv_config" fails to lookup and insert the NDFC password variable.

connection.yaml:

---
# Credentials for devices in Inventory
ndfc_device_username: admin
ndfc_device_password: "{{ lookup('env', 'ndfc_device_password') }}"

Instead the lookup command is inserted as the password:

TASK [cisco.nac_dc_vxlan.common : Retrieve NDFC Device Username and Password from Group Vars and update inv_config] *********************************
ok: [marehler_vnd2] => {"changed": false, "updated_inv_list": [{"auth_proto": "MD5", "max_hops": 0, "password": "{{ lookup('env', 'ndfc_device_password') }}", "preserve_config": false, "role": "spine", "seed_ip": "22.1.172.13", "user_name": "admin"}, {"auth_proto": "MD5", "max_hops": 0, "password": "{{ lookup('env', 'ndfc_device_password') }}", "preserve_config": false, "role": "leaf", "seed_ip": "22.1.172.23", "user_name": "admin"}]}

Depending tasks fail:

TASK [cisco.nac_dc_vxlan.create : Manage Devices Entry Point] ***************************************************************************************
ok: [marehler_vnd2] => {
    "msg": [
        "----------------------------------------------------------------",
        "+     Manage Devices Fabric VXLAN-FABRIC-2",
        "----------------------------------------------------------------"
    ]
}

TASK [cisco.nac_dc_vxlan.create : Manage Devices Discovery] *****************************************************************************************
included: /Users/marehler/nac-vxlan/ansible-dc-vxlan-example/collections/ansible_collections/cisco/nac_dc_vxlan/roles/dtc/create/tasks/devices_discovery.yml for marehler_vnd2

TASK [cisco.nac_dc_vxlan.create : Add NDFC Fabric Devices VXLAN-FABRIC-2] ***************************************************************************
[WARNING]: Managing fabric switches can take a while.  Please be patient...
fatal: [marehler_vnd2]: FAILED! => {"changed": false, "msg": "Invalid parameters in playbook: password:******** : The string exceeds the allowed range of max 32 char\npassword:******** : The string exceeds the allowed range of max 32 char"}

I've verified the environment variable ndfc_device_password is actually set. If I enter a password directly into the connection.yaml, it works fine. Besides, ansible_password: "{{ lookup('env', 'ansible_password') }}" works fine.

marehler commented 2 months ago

Verified. Thanks for fixing.