search

oracle / oci-ansible-collection

Oracle Cloud Infrastructure Ansible Collection provides an easy way to provision and manage resources in Oracle Cloud using Ansible.
https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/ansible.htm
Other
173 stars 97 forks source link

[management_certificate] dict is not subset because attribute 'certificate_config' is not in target dict #283

Open xkoomy opened 6 months ago

xkoomy commented 6 months ago

Issue Report

Describe the issue

The module oracle.oci.oci_certificates_management_certificate having issue with idempotence. It always applies update even there are no changes in module config (and no changes in OCI resource). In result it creates a new certificate version after each playbook run.

Expected behavior

Update should not happen when there is no changes in oracle.oci.oci_certificates_management_certificate module config and no changes in the OCI resource.

Environment

Red Hat Enterprise Linux release 8.8 (Ootpa)

ansible [core 2.15.11]
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/home/opc/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /home/opc/.local/lib/python3.9/site-packages/ansible
  ansible collection location = /home/opc/.ansible/collections:/usr/share/ansible/collections
  executable location = /home/opc/.local/bin/ansible
  python version = 3.9.16 (main, Jul  4 2023, 06:14:41) [GCC 8.5.0 20210514 (Red Hat 8.5.0-18.0.2)] (/usr/bin/python3.9)
  jinja version = 3.1.2
  libyaml = True
# /home/opc/.ansible/collections/ansible_collections
Collection                    Version
----------------------------- -------
oracle.oci                    5.0.0

Ansible playbook to reproduce the issue

---
- name: Create certificate Playbook
  hosts: localhost
  become: false
  gather_facts: false

  environment:
    OCI_USE_NAME_AS_IDENTIFIER: "1"

  tasks:
    - name: Create certificate from import
      oracle.oci.oci_certificates_management_certificate:
        # required
        name: tw_test_import
        compartment_id: "ocid1.compartment.oc1..**********************************"
        certificate_config:
          # required
          config_type: IMPORTED
          cert_chain_pem: "{{ lookup('ansible.builtin.file', 'cert/cert-chain.pem') }}"
          certificate_pem: "{{ lookup('ansible.builtin.file', 'cert/certificate.pem') }}"
          private_key_pem: "{{ lookup('ansible.builtin.file', 'cert/private.pem') }}"

        # optional
        description: description_example

Relevant Debug Logs:

"2024-05-15,08:57:15 DEBUG oci_common_utils.py:303 dict is not subset because attribute 'certificate_config' is not in target dict",
"2024-05-15,08:57:15 DEBUG oci_resource_utils.py:936 is update necessary for certificate: True"

Full debug log: debug.log