From ec7521cbb2fa68b30b73438a950bf6b51a42d198 Mon Sep 17 00:00:00 2001 From: Tim Cragg Date: Tue, 25 Jan 2022 10:15:56 +0000 Subject: [PATCH 1/4] Module and tests for pod policy group --- .../modules/aci_fabric_pod_policy_group.py | 309 +++++++++++++++++ .../aci_fabric_pod_policy_group/aliases | 2 + .../tasks/main.yml | 310 ++++++++++++++++++ 3 files changed, 621 insertions(+) create mode 100644 plugins/modules/aci_fabric_pod_policy_group.py create mode 100644 tests/integration/targets/aci_fabric_pod_policy_group/aliases create mode 100644 tests/integration/targets/aci_fabric_pod_policy_group/tasks/main.yml diff --git a/plugins/modules/aci_fabric_pod_policy_group.py b/plugins/modules/aci_fabric_pod_policy_group.py new file mode 100644 index 000000000..10e0a6be2 --- /dev/null +++ b/plugins/modules/aci_fabric_pod_policy_group.py @@ -0,0 +1,309 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright: (c) 2022, Tim Cragg (@timcragg) +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + +ANSIBLE_METADATA = {'metadata_version': '1.1', + 'status': ['preview'], + 'supported_by': 'community'} + +DOCUMENTATION = r''' +--- +module: aci_fabric_pod_policy_group +short_description: Manage Fabric Pod Policy Groups. +description: +- Fabric Pod Policy Group (fabricPodPGrp) configuration on Cisco ACI fabrics. +options: + name: + description: + - Name of the policy group + type: str + aliases: [ policy_group, policy_group_name, pod_policy_group ] + date_time_policy: + description: + - NTP policy to bind to the policy group + type: str + aliases: [ ntp_policy ] + isis_policy: + description: + - IS-IS policy to bind to the policy group + type: str + coop_group_policy: + description: + - COOP group policy to bind to the policy group + type: str + aliases: [ coop_policy ] + bgp_rr_policy: + decription: + - BGP route reflector policy to bind to the policy group + type: str + management_access_policy: + description: + - Management access policy to bind to the policy group + type: str + aliases: [ management_policy, mgmt_policy ] + snmp_policy: + description: + - SNMP policy to bind to the policy group + type: str + macsec_policy: + description: + - MACSec policy to bind to the policy group + type: str + state: + description: + - Use C(present) or C(absent) for adding or removing. + - Use C(query) for listing an object or multiple objects. + type: str + choices: [ absent, present, query ] + default: present +extends_documentation_fragment: +- cisco.aci.aci + +seealso: +- name: APIC Management Information Model reference + description: More information about the internal APIC class B(fabricPodPGrp). + link: https://developer.cisco.com/docs/apic-mim-ref/ +author: +- Tim Cragg (@timcragg) +''' + +EXAMPLES = r''' +- name: Add a new fabric pod policy group + cisco.aci.aci_fabric_pod_policy_group: + host: apic + username: admin + password: SomeSecretPassword + name: my_pod_pol_grp + snmp_policy: my_snmp_pol + bgp_rr_policy: my_bgp_rr_pol + state: present + delegate_to: localhost + +- name: Remove a fabric pod policy group + cisco.aci.aci_fabric_pod_policy_group: + host: apic + username: admin + password: SomeSecretPassword + name: my_pod_pol_grp + state: absent + delegate_to: localhost + +- name: Query a fabric pod policy group + cisco.aci.aci_fabric_pod_policy_group: + host: apic + username: admin + password: SomeSecretPassword + name: my_pod_pol_grp + state: query + delegate_to: localhost + register: query_result + +- name: Query all fabric pod policy groups + cisco.aci.aci_fabric_pod_policy_group: + host: apic + username: admin + password: SomeSecretPassword + state: query + delegate_to: localhost + register: query_result +''' + +RETURN = r''' + current: + description: The existing configuration from the APIC after the module has finished + returned: success + type: list + sample: + [ + { + "fvTenant": { + "attributes": { + "descr": "Production environment", + "dn": "uni/tn-production", + "name": "production", + "nameAlias": "", + "ownerKey": "", + "ownerTag": "" + } + } + } + ] + error: + description: The error information as returned from the APIC + returned: failure + type: dict + sample: + { + "code": "122", + "text": "unknown managed object class foo" + } + raw: + description: The raw output returned by the APIC REST API (xml or json) + returned: parse error + type: str + sample: '' + sent: + description: The actual/minimal configuration pushed to the APIC + returned: info + type: list + sample: + { + "fvTenant": { + "attributes": { + "descr": "Production environment" + } + } + } + previous: + description: The original configuration from the APIC before the module has started + returned: info + type: list + sample: + [ + { + "fvTenant": { + "attributes": { + "descr": "Production", + "dn": "uni/tn-production", + "name": "production", + "nameAlias": "", + "ownerKey": "", + "ownerTag": "" + } + } + } + ] + proposed: + description: The assembled configuration from the user-provided parameters + returned: info + type: dict + sample: + { + "fvTenant": { + "attributes": { + "descr": "Production environment", + "name": "production" + } + } + } + filter_string: + description: The filter string used for the request + returned: failure or debug + type: str + sample: ?rsp-prop-include=config-only + method: + description: The HTTP method used for the request to the APIC + returned: failure or debug + type: str + sample: POST + response: + description: The HTTP response from the APIC + returned: failure or debug + type: str + sample: OK (30 bytes) + status: + description: The HTTP status from the APIC + returned: failure or debug + type: int + sample: 200 + url: + description: The HTTP url used for the request to the APIC + returned: failure or debug + type: str + sample: https://10.11.12.13/api/mo/uni/tn-production.json + ''' + +from ansible.module_utils.basic import AnsibleModule +from ansible_collections.cisco.aci.plugins.module_utils.aci import ACIModule, aci_argument_spec + + +def main(): + argument_spec = aci_argument_spec() + argument_spec.update( + name=dict(type='str', aliases=['policy_group', 'policy_group_name', 'pod_policy_group']), + date_time_policy=dict(type='str', aliases=['ntp_policy']), + isis_policy=dict(type='str'), + coop_group_policy=dict(type='str', aliases=['coop_policy']), + bgp_rr_policy=dict(type='str'), + management_access_policy=dict(type='str', aliases=['management_policy', 'mgmt_policy']), + snmp_policy=dict(type='str'), + macsec_policy=dict(type='str'), + state=dict(type='str', default='present', choices=['absent', 'present', 'query']), + ) + + module = AnsibleModule( + argument_spec=argument_spec, + supports_check_mode=True, + required_if=[ + ['state', 'absent', ['name']], + ['state', 'present', ['name']], + ], + ) + aci = ACIModule(module) + + name = module.params.get('name') + date_time_policy = module.params.get('date_time_policy') + isis_policy = module.params.get('isis_policy') + coop_group_policy = module.params.get('coop_group_policy') + bgp_rr_policy = module.params.get('bgp_rr_policy') + management_access_policy = module.params.get('management_access_policy') + snmp_policy = module.params.get('snmp_policy') + macsec_policy = module.params.get('macsec_policy') + state = module.params.get('state') + child_classes = ['fabricRsSnmpPol', 'fabricRsPodPGrpIsisDomP', + 'fabricRsPodPGrpCoopP', 'fabricRsPodPGrpBGPRRP', + 'fabricRsTimePol', 'fabricRsMacsecPol', 'fabricRsCommPol'] + + aci.construct_url( + root_class=dict( + aci_class='fabricPodPGrp', + aci_rn='fabric/funcprof/podpgrp-{0}'.format(name), + module_object=name, + target_filter={'name': name}, + ), + child_classes=child_classes, + ) + + aci.get_existing() + + if state == 'present': + child_configs = [] + if date_time_policy is not None: + child_configs.append(dict(fabricRsTimePol=dict(attributes=dict(tnDatetimePolName=date_time_policy)))) + if isis_policy is not None: + child_configs.append(dict(fabricRsPodPGrpIsisDomP=dict(attributes=dict(tnIsisDomPolName=isis_policy)))) + if coop_group_policy is not None: + child_configs.append(dict(fabricRsPodPGrpCoopP=dict(attributes=dict(tnCoopPolName=coop_group_policy)))) + if bgp_rr_policy is not None: + child_configs.append(dict(fabricRsPodPGrpBGPRRP=dict(attributes=dict(tnBgpInstPolName=bgp_rr_policy)))) + if management_access_policy is not None: + child_configs.append(dict(fabricRsCommPol=dict(attributes=dict(tnCommPolName=management_access_policy)))) + if snmp_policy is not None: + child_configs.append(dict(fabricRsSnmpPol=dict(attributes=dict(tnSnmpPolName=snmp_policy)))) + if macsec_policy is not None: + child_configs.append(dict(fabricRsMacsecPol=dict(attributes=dict(tnMacsecFabIfPolName=macsec_policy)))) + aci.payload( + aci_class='fabricPodPGrp', + class_config=dict( + name=name + ), + child_configs=child_configs, + ) + + aci.get_diff(aci_class='fabricPodPGrp') + + aci.post_config() + + elif state == 'absent': + aci.delete_config() + + aci.exit_json() + + +if __name__ == "__main__": + main() diff --git a/tests/integration/targets/aci_fabric_pod_policy_group/aliases b/tests/integration/targets/aci_fabric_pod_policy_group/aliases new file mode 100644 index 000000000..209b793f9 --- /dev/null +++ b/tests/integration/targets/aci_fabric_pod_policy_group/aliases @@ -0,0 +1,2 @@ +# No ACI simulator yet, so not enabled +# unsupported diff --git a/tests/integration/targets/aci_fabric_pod_policy_group/tasks/main.yml b/tests/integration/targets/aci_fabric_pod_policy_group/tasks/main.yml new file mode 100644 index 000000000..000bbad40 --- /dev/null +++ b/tests/integration/targets/aci_fabric_pod_policy_group/tasks/main.yml @@ -0,0 +1,310 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright: (c) 2022, Tim Cragg (@timcragg) +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + +ANSIBLE_METADATA = {'metadata_version': '1.1', + 'status': ['preview'], + 'supported_by': 'community'} + +DOCUMENTATION = r''' +--- +module: aci_fabric_pod_policy_group +short_description: Manage Fabric Pod Policy Groups. +description: +- Fabric Pod Policy Group (fabricPodPGrp) configuration on Cisco ACI fabrics. +options: + name: + description: + - Name of the policy group + type: str + aliases: [ policy_group, policy_group_name, pod_policy_group ] + date_time_policy: + description: + - NTP policy to bind to the policy group + type: str + aliases: [ ntp_policy ] + isis_policy: + description: + - IS-IS policy to bind to the policy group + type: str + coop_group_policy: + description: + - COOP group policy to bind to the policy group + type: str + aliases: [ coop_policy ] + bgp_rr_policy: + decription: + - BGP route reflector policy to bind to the policy group + type: str + management_access_policy: + description: + - Management access policy to bind to the policy group + type: str + aliases: [ management_policy, mgmt_policy ] + snmp_policy: + description: + - SNMP policy to bind to the policy group + type: str + macsec_policy: + description: + - MACSec policy to bind to the policy group + type: str + state: + description: + - Use C(present) or C(absent) for adding or removing. + - Use C(query) for listing an object or multiple objects. + type: str + choices: [ absent, present, query ] + default: present +extends_documentation_fragment: +- cisco.aci.aci + +seealso: +- name: APIC Management Information Model reference + description: More information about the internal APIC class B(fabricPodPGrp). + link: https://developer.cisco.com/docs/apic-mim-ref/ +author: +- Tim Cragg (@timcragg) +''' + +EXAMPLES = r''' +- name: Add a new fabric pod policy group + cisco.aci.aci_fabric_pod_policy_group: + host: apic + username: admin + password: SomeSecretPassword + name: my_pod_pol_grp + snmp_policy: my_snmp_pol + bgp_rr_policy: my_bgp_rr_pol + state: present + delegate_to: localhost + +- name: Remove a fabric pod policy group + cisco.aci.aci_fabric_pod_policy_group: + host: apic + username: admin + password: SomeSecretPassword + name: my_pod_pol_grp + state: absent + delegate_to: localhost + +- name: Query a fabric pod policy group + cisco.aci.aci_fabric_pod_policy_group: + host: apic + username: admin + password: SomeSecretPassword + name: my_pod_pol_grp + state: query + delegate_to: localhost + register: query_result + +- name: Query all fabric pod policy groups + cisco.aci.aci_fabric_pod_policy_group: + host: apic + username: admin + password: SomeSecretPassword + state: query + delegate_to: localhost + register: query_result +''' + +RETURN = r''' + current: + description: The existing configuration from the APIC after the module has finished + returned: success + type: list + sample: + [ + { + "fvTenant": { + "attributes": { + "descr": "Production environment", + "dn": "uni/tn-production", + "name": "production", + "nameAlias": "", + "ownerKey": "", + "ownerTag": "" + } + } + } + ] + error: + description: The error information as returned from the APIC + returned: failure + type: dict + sample: + { + "code": "122", + "text": "unknown managed object class foo" + } + raw: + description: The raw output returned by the APIC REST API (xml or json) + returned: parse error + type: str + sample: '' + sent: + description: The actual/minimal configuration pushed to the APIC + returned: info + type: list + sample: + { + "fvTenant": { + "attributes": { + "descr": "Production environment" + } + } + } + previous: + description: The original configuration from the APIC before the module has started + returned: info + type: list + sample: + [ + { + "fvTenant": { + "attributes": { + "descr": "Production", + "dn": "uni/tn-production", + "name": "production", + "nameAlias": "", + "ownerKey": "", + "ownerTag": "" + } + } + } + ] + proposed: + description: The assembled configuration from the user-provided parameters + returned: info + type: dict + sample: + { + "fvTenant": { + "attributes": { + "descr": "Production environment", + "name": "production" + } + } + } + filter_string: + description: The filter string used for the request + returned: failure or debug + type: str + sample: ?rsp-prop-include=config-only + method: + description: The HTTP method used for the request to the APIC + returned: failure or debug + type: str + sample: POST + response: + description: The HTTP response from the APIC + returned: failure or debug + type: str + sample: OK (30 bytes) + status: + description: The HTTP status from the APIC + returned: failure or debug + type: int + sample: 200 + url: + description: The HTTP url used for the request to the APIC + returned: failure or debug + type: str + sample: https://10.11.12.13/api/mo/uni/tn-production.json + ''' + +from ansible.module_utils.basic import AnsibleModule +from ansible_collections.cisco.aci.plugins.module_utils.aci import ACIModule, aci_argument_spec + + +def main(): + argument_spec = aci_argument_spec() + argument_spec.update( + name=dict(type='str', aliases=['policy_group', 'policy_group_name', 'pod_policy_group']), + date_time_policy=dict(type='str', aliases=['ntp_policy']), + isis_policy=dict(type='str'), + coop_group_policy=dict(type='str', aliases=['coop_policy']), + bgp_rr_policy=dict(type='str'), + management_access_policy=dict(type='str', aliases=['management_policy', 'mgmt_policy']), + snmp_policy=dict(type='str'), + macsec_policy=dict(type='str'), + state=dict(type='str', default='present', choices=['absent', 'present', 'query']), + ) + + module = AnsibleModule( + argument_spec=argument_spec, + supports_check_mode=True, + required_if=[ + ['state', 'absent', ['name']], + ['state', 'present', ['name']], + ], + ) + aci = ACIModule(module) + + name = module.params.get('name') + date_time_policy = module.params.get('date_time_policy') + isis_policy = module.params.get('isis_policy') + coop_group_policy = module.params.get('coop_group_policy') + bgp_rr_policy = module.params.get('bgp_rr_policy') + management_access_policy = module.params.get('management_access_policy') + snmp_policy = module.params.get('snmp_policy') + macsec_policy = module.params.get('macsec_policy') + state = module.params.get('state') + child_classes = ['fabricRsSnmpPol', 'fabricRsPodPGrpIsisDomP', + 'fabricRsPodPGrpCoopP', 'fabricRsPodPGrpBGPRRP', + 'fabricRsTimePol', 'fabricRsMacsecPol', 'fabricRsCommPol'] + + aci.construct_url( + root_class=dict( + aci_class='fabricPodPGrp', + aci_rn='fabric/funcprof/podpgrp-{0}'.format(name), + module_object=name, + target_filter={'name': name}, + ), + child_classes=child_classes, + ) + + aci.get_existing() + + if state == 'present': + child_configs = [] + if date_time_policy is not None: + child_configs.append(dict(fabricRsTimePol=dict(attributes=dict(tnDatetimePolName=date_time_policy)))) + if isis_policy is not None: + child_configs.append(dict(fabricRsPodPGrpIsisDomP=dict(attributes=dict(tnIsisDomPolName=isis_policy)))) + if coop_group_policy is not None: + child_configs.append(dict(fabricRsPodPGrpCoopP=dict(attributes=dict(tnCoopPolName=coop_group_policy)))) + if bgp_rr_policy is not None: + child_configs.append(dict(fabricRsPodPGrpBGPRRP=dict(attributes=dict(tnBgpInstPolName=bgp_rr_policy)))) + if management_access_policy is not None: + child_configs.append(dict(fabricRsCommPol=dict(attributes=dict(tnCommPolName=management_access_policy)))) + if snmp_policy is not None: + child_configs.append(dict(fabricRsSnmpPol=dict(attributes=dict(tnSnmpPolName=snmp_policy)))) + if macsec_policy is not None: + child_configs.append(dict(fabricRsMacsecPol=dict(attributes=dict(tnMacsecFabIfPolName=macsec_policy)))) + aci.payload( + aci_class='fabricPodPGrp', + class_config=dict( + name=name + ), + child_configs=child_configs, + ) + + aci.get_diff(aci_class='fabricPodPGrp') + + aci.post_config() + + elif state == 'absent': + aci.delete_config() + + aci.exit_json() + + +if __name__ == "__main__": + main() + From 1b30679e69d697750d2cd598588e8a382a89a0e1 Mon Sep 17 00:00:00 2001 From: Tim Cragg Date: Tue, 25 Jan 2022 10:43:18 +0000 Subject: [PATCH 2/4] Correct integration test --- .../tasks/main.yml | 513 ++++++++---------- 1 file changed, 225 insertions(+), 288 deletions(-) diff --git a/tests/integration/targets/aci_fabric_pod_policy_group/tasks/main.yml b/tests/integration/targets/aci_fabric_pod_policy_group/tasks/main.yml index 000bbad40..74761438f 100644 --- a/tests/integration/targets/aci_fabric_pod_policy_group/tasks/main.yml +++ b/tests/integration/targets/aci_fabric_pod_policy_group/tasks/main.yml @@ -1,310 +1,247 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -# Copyright: (c) 2022, Tim Cragg (@timcragg) +# Test code for the ACI modules +# Copyright: (c) 2022, Tim Cragg (timcragg) +# # GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) -from __future__ import absolute_import, division, print_function -__metaclass__ = type +- name: Test that we have an ACI APIC host, ACI username and ACI password + fail: + msg: 'Please define the following variables: aci_hostname, aci_username and aci_password.' + when: aci_hostname is not defined or aci_username is not defined or aci_password is not defined + + +# CLEAN ENVIRONMENT +- name: Remove any pre-existing pod policy group + cisco.aci.aci_fabric_pod_policy_group: &group_absent + host: '{{ aci_hostname }}' + username: '{{ aci_username }}' + password: '{{ aci_password }}' + validate_certs: '{{ aci_validate_certs | default(false) }}' + use_ssl: '{{ aci_use_ssl | default(true) }}' + use_proxy: '{{ aci_use_proxy | default(true) }}' + output_level: '{{ aci_output_level | default("info") }}' + name: ansible_pod_policy_group + state: absent -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} +# ADD POD POLICY GROUP +- name: Add pod policy group (check mode) + cisco.aci.aci_fabric_pod_policy_group: &group_present + host: '{{ aci_hostname }}' + username: '{{ aci_username }}' + password: '{{ aci_password }}' + validate_certs: '{{ aci_validate_certs | default(false) }}' + use_ssl: '{{ aci_use_ssl | default(true) }}' + use_proxy: '{{ aci_use_proxy | default(true) }}' + output_level: '{{ aci_output_level | default("info") }}' + name: ansible_pod_policy_group + date_time_policy: default + isis_policy: default + coop_group_policy: default + bgp_rr_policy: default + management_access_policy: default + snmp_policy: default + macsec_policy: default + state: present + check_mode: yes + register: cm_add_group -DOCUMENTATION = r''' ---- -module: aci_fabric_pod_policy_group -short_description: Manage Fabric Pod Policy Groups. -description: -- Fabric Pod Policy Group (fabricPodPGrp) configuration on Cisco ACI fabrics. -options: - name: - description: - - Name of the policy group - type: str - aliases: [ policy_group, policy_group_name, pod_policy_group ] - date_time_policy: - description: - - NTP policy to bind to the policy group - type: str - aliases: [ ntp_policy ] - isis_policy: - description: - - IS-IS policy to bind to the policy group - type: str - coop_group_policy: - description: - - COOP group policy to bind to the policy group - type: str - aliases: [ coop_policy ] - bgp_rr_policy: - decription: - - BGP route reflector policy to bind to the policy group - type: str - management_access_policy: - description: - - Management access policy to bind to the policy group - type: str - aliases: [ management_policy, mgmt_policy ] - snmp_policy: - description: - - SNMP policy to bind to the policy group - type: str - macsec_policy: - description: - - MACSec policy to bind to the policy group - type: str - state: - description: - - Use C(present) or C(absent) for adding or removing. - - Use C(query) for listing an object or multiple objects. - type: str - choices: [ absent, present, query ] - default: present -extends_documentation_fragment: -- cisco.aci.aci +- name: Add pod policy group (normal mode) + cisco.aci.aci_fabric_pod_policy_group: + <<: *group_present + register: nm_add_group -seealso: -- name: APIC Management Information Model reference - description: More information about the internal APIC class B(fabricPodPGrp). - link: https://developer.cisco.com/docs/apic-mim-ref/ -author: -- Tim Cragg (@timcragg) -''' +- name: Add pod policy group again (check mode) + cisco.aci.aci_fabric_pod_policy_group: + <<: *group_present + check_mode: yes + register: cm_add_group_again -EXAMPLES = r''' -- name: Add a new fabric pod policy group +- name: Add pod policy group again (normal mode) cisco.aci.aci_fabric_pod_policy_group: - host: apic - username: admin - password: SomeSecretPassword - name: my_pod_pol_grp - snmp_policy: my_snmp_pol - bgp_rr_policy: my_bgp_rr_pol + <<: *group_present + register: nm_add_group_again + +- name: Verify add policy group + assert: + that: + - cm_add_group is changed + - nm_add_group is changed + - nm_add_group.current.0.fabricPodPGrp.attributes.dn == 'uni/fabric/funcprof/podpgrp-ansible_pod_policy_group' + - nm_add_group.current.0.fabricPodPGrp.attributes.name == 'ansible_pod_policy_group' + - nm_add_group.current.0.fabricPodPGrp.children.0.fabricRsSnmpPol.attributes.tnSnmpPolName == 'default' + - nm_add_group.current.0.fabricPodPGrp.children.1.fabricRsPodPGrpCoopP.attributes.tnCoopPolName == 'default' + - nm_add_group.current.0.fabricPodPGrp.children.2.fabricRsCommPol.attributes.tnCommPolName == 'default' + - nm_add_group.current.0.fabricPodPGrp.children.3.fabricRsMacsecPol.attributes.tnMacsecFabIfPolName == 'default' + - nm_add_group.current.0.fabricPodPGrp.children.4.fabricRsTimePol.attributes.tnDatetimePolName == 'default' + - nm_add_group.current.0.fabricPodPGrp.children.5.fabricRsPodPGrpBGPRRP.attributes.tnBgpInstPolName == 'default' + - nm_add_group.current.0.fabricPodPGrp.children.6.fabricRsPodPGrpIsisDomP.attributes.tnIsisDomPolName == 'default' + - cm_add_group_again is not changed + - nm_add_group_again is not changed + - nm_add_group_again.current.0.fabricPodPGrp.attributes.dn == 'uni/fabric/funcprof/podpgrp-ansible_pod_policy_group' + - nm_add_group_again.current.0.fabricPodPGrp.attributes.name == 'ansible_pod_policy_group' + - nm_add_group_again.current.0.fabricPodPGrp.children.0.fabricRsSnmpPol.attributes.tnSnmpPolName == 'default' + - nm_add_group_again.current.0.fabricPodPGrp.children.1.fabricRsPodPGrpCoopP.attributes.tnCoopPolName == 'default' + - nm_add_group_again.current.0.fabricPodPGrp.children.2.fabricRsCommPol.attributes.tnCommPolName == 'default' + - nm_add_group_again.current.0.fabricPodPGrp.children.3.fabricRsMacsecPol.attributes.tnMacsecFabIfPolName == 'default' + - nm_add_group_again.current.0.fabricPodPGrp.children.4.fabricRsTimePol.attributes.tnDatetimePolName == 'default' + - nm_add_group_again.current.0.fabricPodPGrp.children.5.fabricRsPodPGrpBGPRRP.attributes.tnBgpInstPolName == 'default' + - nm_add_group_again.current.0.fabricPodPGrp.children.6.fabricRsPodPGrpIsisDomP.attributes.tnIsisDomPolName == 'default' + +# MODIFY POLICY GROUP +- name: Modify pod policy group (check mode) + cisco.aci.aci_fabric_pod_policy_group: &group_changed + host: '{{ aci_hostname }}' + username: '{{ aci_username }}' + password: '{{ aci_password }}' + validate_certs: '{{ aci_validate_certs | default(false) }}' + use_ssl: '{{ aci_use_ssl | default(true) }}' + use_proxy: '{{ aci_use_proxy | default(true) }}' + output_level: '{{ aci_output_level | default("info") }}' + name: ansible_pod_policy_group + date_time_policy: '' + isis_policy: '' + coop_group_policy: '' + bgp_rr_policy: '' + management_access_policy: '' + snmp_policy: '' + macsec_policy: '' state: present - delegate_to: localhost + check_mode: yes + register: cm_modify_group -- name: Remove a fabric pod policy group +- name: Modify pod policy group (normal mode) cisco.aci.aci_fabric_pod_policy_group: - host: apic - username: admin - password: SomeSecretPassword - name: my_pod_pol_grp - state: absent - delegate_to: localhost + <<: *group_changed + register: nm_modify_group -- name: Query a fabric pod policy group +- name: Modify policy group again (check mode) cisco.aci.aci_fabric_pod_policy_group: - host: apic - username: admin - password: SomeSecretPassword - name: my_pod_pol_grp - state: query - delegate_to: localhost - register: query_result + <<: *group_changed + check_mode: yes + register: cm_modify_group_again -- name: Query all fabric pod policy groups +- name: Modify policy group again (normal mode) cisco.aci.aci_fabric_pod_policy_group: - host: apic - username: admin - password: SomeSecretPassword + <<: *group_changed + register: nm_modify_group_again + +- name: Verify modify policy + assert: + that: + - cm_modify_group is changed + - nm_modify_group is changed + - nm_modify_group.current.0.fabricPodPGrp.attributes.dn == 'uni/fabric/funcprof/podpgrp-ansible_pod_policy_group' + - nm_modify_group.current.0.fabricPodPGrp.attributes.name == 'ansible_pod_policy_group' + - nm_modify_group.current.0.fabricPodPGrp.children.0.fabricRsSnmpPol.attributes.tnSnmpPolName == '' + - nm_modify_group.current.0.fabricPodPGrp.children.1.fabricRsPodPGrpCoopP.attributes.tnCoopPolName == '' + - nm_modify_group.current.0.fabricPodPGrp.children.2.fabricRsCommPol.attributes.tnCommPolName == '' + - nm_modify_group.current.0.fabricPodPGrp.children.3.fabricRsMacsecPol.attributes.tnMacsecFabIfPolName == '' + - nm_modify_group.current.0.fabricPodPGrp.children.4.fabricRsTimePol.attributes.tnDatetimePolName == '' + - nm_modify_group.current.0.fabricPodPGrp.children.5.fabricRsPodPGrpBGPRRP.attributes.tnBgpInstPolName == '' + - nm_modify_group.current.0.fabricPodPGrp.children.6.fabricRsPodPGrpIsisDomP.attributes.tnIsisDomPolName == '' + - cm_modify_group_again is not changed + - nm_modify_group_again is not changed + - nm_modify_group_again.current.0.fabricPodPGrp.attributes.dn == 'uni/fabric/funcprof/podpgrp-ansible_pod_policy_group' + - nm_modify_group_again.current.0.fabricPodPGrp.attributes.name == 'ansible_pod_policy_group' + - nm_modify_group_again.current.0.fabricPodPGrp.children.0.fabricRsSnmpPol.attributes.tnSnmpPolName == '' + - nm_modify_group_again.current.0.fabricPodPGrp.children.1.fabricRsPodPGrpCoopP.attributes.tnCoopPolName == '' + - nm_modify_group_again.current.0.fabricPodPGrp.children.2.fabricRsCommPol.attributes.tnCommPolName == '' + - nm_modify_group_again.current.0.fabricPodPGrp.children.3.fabricRsMacsecPol.attributes.tnMacsecFabIfPolName == '' + - nm_modify_group_again.current.0.fabricPodPGrp.children.4.fabricRsTimePol.attributes.tnDatetimePolName == '' + - nm_modify_group_again.current.0.fabricPodPGrp.children.5.fabricRsPodPGrpBGPRRP.attributes.tnBgpInstPolName == '' + - nm_modify_group_again.current.0.fabricPodPGrp.children.6.fabricRsPodPGrpIsisDomP.attributes.tnIsisDomPolName == '' + +# QUERY ALL POLICY GROUPS +- name: Query all policy groups (check_mode) + cisco.aci.aci_fabric_pod_policy_group: &group_query_all + host: '{{ aci_hostname }}' + username: '{{ aci_username }}' + password: '{{ aci_password }}' + validate_certs: '{{ aci_validate_certs | default(false) }}' + use_ssl: '{{ aci_use_ssl | default(true) }}' + use_proxy: '{{ aci_use_proxy | default(true) }}' + output_level: '{{ aci_output_level | default("info") }}' state: query - delegate_to: localhost - register: query_result -''' - -RETURN = r''' - current: - description: The existing configuration from the APIC after the module has finished - returned: success - type: list - sample: - [ - { - "fvTenant": { - "attributes": { - "descr": "Production environment", - "dn": "uni/tn-production", - "name": "production", - "nameAlias": "", - "ownerKey": "", - "ownerTag": "" - } - } - } - ] - error: - description: The error information as returned from the APIC - returned: failure - type: dict - sample: - { - "code": "122", - "text": "unknown managed object class foo" - } - raw: - description: The raw output returned by the APIC REST API (xml or json) - returned: parse error - type: str - sample: '' - sent: - description: The actual/minimal configuration pushed to the APIC - returned: info - type: list - sample: - { - "fvTenant": { - "attributes": { - "descr": "Production environment" - } - } - } - previous: - description: The original configuration from the APIC before the module has started - returned: info - type: list - sample: - [ - { - "fvTenant": { - "attributes": { - "descr": "Production", - "dn": "uni/tn-production", - "name": "production", - "nameAlias": "", - "ownerKey": "", - "ownerTag": "" - } - } - } - ] - proposed: - description: The assembled configuration from the user-provided parameters - returned: info - type: dict - sample: - { - "fvTenant": { - "attributes": { - "descr": "Production environment", - "name": "production" - } - } - } - filter_string: - description: The filter string used for the request - returned: failure or debug - type: str - sample: ?rsp-prop-include=config-only - method: - description: The HTTP method used for the request to the APIC - returned: failure or debug - type: str - sample: POST - response: - description: The HTTP response from the APIC - returned: failure or debug - type: str - sample: OK (30 bytes) - status: - description: The HTTP status from the APIC - returned: failure or debug - type: int - sample: 200 - url: - description: The HTTP url used for the request to the APIC - returned: failure or debug - type: str - sample: https://10.11.12.13/api/mo/uni/tn-production.json - ''' - -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.cisco.aci.plugins.module_utils.aci import ACIModule, aci_argument_spec - - -def main(): - argument_spec = aci_argument_spec() - argument_spec.update( - name=dict(type='str', aliases=['policy_group', 'policy_group_name', 'pod_policy_group']), - date_time_policy=dict(type='str', aliases=['ntp_policy']), - isis_policy=dict(type='str'), - coop_group_policy=dict(type='str', aliases=['coop_policy']), - bgp_rr_policy=dict(type='str'), - management_access_policy=dict(type='str', aliases=['management_policy', 'mgmt_policy']), - snmp_policy=dict(type='str'), - macsec_policy=dict(type='str'), - state=dict(type='str', default='present', choices=['absent', 'present', 'query']), - ) - - module = AnsibleModule( - argument_spec=argument_spec, - supports_check_mode=True, - required_if=[ - ['state', 'absent', ['name']], - ['state', 'present', ['name']], - ], - ) - aci = ACIModule(module) + check_mode: yes + register: cm_query_all_groups - name = module.params.get('name') - date_time_policy = module.params.get('date_time_policy') - isis_policy = module.params.get('isis_policy') - coop_group_policy = module.params.get('coop_group_policy') - bgp_rr_policy = module.params.get('bgp_rr_policy') - management_access_policy = module.params.get('management_access_policy') - snmp_policy = module.params.get('snmp_policy') - macsec_policy = module.params.get('macsec_policy') - state = module.params.get('state') - child_classes = ['fabricRsSnmpPol', 'fabricRsPodPGrpIsisDomP', - 'fabricRsPodPGrpCoopP', 'fabricRsPodPGrpBGPRRP', - 'fabricRsTimePol', 'fabricRsMacsecPol', 'fabricRsCommPol'] - - aci.construct_url( - root_class=dict( - aci_class='fabricPodPGrp', - aci_rn='fabric/funcprof/podpgrp-{0}'.format(name), - module_object=name, - target_filter={'name': name}, - ), - child_classes=child_classes, - ) - - aci.get_existing() - - if state == 'present': - child_configs = [] - if date_time_policy is not None: - child_configs.append(dict(fabricRsTimePol=dict(attributes=dict(tnDatetimePolName=date_time_policy)))) - if isis_policy is not None: - child_configs.append(dict(fabricRsPodPGrpIsisDomP=dict(attributes=dict(tnIsisDomPolName=isis_policy)))) - if coop_group_policy is not None: - child_configs.append(dict(fabricRsPodPGrpCoopP=dict(attributes=dict(tnCoopPolName=coop_group_policy)))) - if bgp_rr_policy is not None: - child_configs.append(dict(fabricRsPodPGrpBGPRRP=dict(attributes=dict(tnBgpInstPolName=bgp_rr_policy)))) - if management_access_policy is not None: - child_configs.append(dict(fabricRsCommPol=dict(attributes=dict(tnCommPolName=management_access_policy)))) - if snmp_policy is not None: - child_configs.append(dict(fabricRsSnmpPol=dict(attributes=dict(tnSnmpPolName=snmp_policy)))) - if macsec_policy is not None: - child_configs.append(dict(fabricRsMacsecPol=dict(attributes=dict(tnMacsecFabIfPolName=macsec_policy)))) - aci.payload( - aci_class='fabricPodPGrp', - class_config=dict( - name=name - ), - child_configs=child_configs, - ) - - aci.get_diff(aci_class='fabricPodPGrp') +- name: Query all groups (normal mode) + cisco.aci.aci_fabric_pod_policy_group: + <<: *group_query_all + register: nm_query_all_groups - aci.post_config() +- name: Verify query_all_groups + assert: + that: + - cm_query_all_groups is not changed + - nm_query_all_groups is not changed - elif state == 'absent': - aci.delete_config() +# QUERY OUR SERVER +- name: Query our group (check_mode) + cisco.aci.aci_fabric_pod_policy_group: + <<: *group_query_all + name: ansible_pod_policy_group + check_mode: yes + register: cm_query_group - aci.exit_json() +- name: Query our server (normal mode) + cisco.aci.aci_fabric_pod_policy_group: + <<: *group_query_all + name: ansible_pod_policy_group + register: nm_query_group + +- name: Verify query_server + assert: + that: + - cm_query_group is not changed + - nm_query_group is not changed + - cm_query_group == nm_query_group + - nm_query_group.current.0.fabricPodPGrp.attributes.dn == 'uni/fabric/funcprof/podpgrp-ansible_pod_policy_group' + - nm_query_group.current.0.fabricPodPGrp.attributes.name == 'ansible_pod_policy_group' + - nm_query_group.current.0.fabricPodPGrp.children.0.fabricRsSnmpPol.attributes.tnSnmpPolName == '' + - nm_query_group.current.0.fabricPodPGrp.children.1.fabricRsPodPGrpCoopP.attributes.tnCoopPolName == '' + - nm_query_group.current.0.fabricPodPGrp.children.2.fabricRsCommPol.attributes.tnCommPolName == '' + - nm_query_group.current.0.fabricPodPGrp.children.3.fabricRsMacsecPol.attributes.tnMacsecFabIfPolName == '' + - nm_query_group.current.0.fabricPodPGrp.children.4.fabricRsTimePol.attributes.tnDatetimePolName == '' + - nm_query_group.current.0.fabricPodPGrp.children.5.fabricRsPodPGrpBGPRRP.attributes.tnBgpInstPolName == '' + - nm_query_group.current.0.fabricPodPGrp.children.6.fabricRsPodPGrpIsisDomP.attributes.tnIsisDomPolName == '' + +# REMOVE POLICY GROUP +- name: Remove policy group (check mode) + cisco.aci.aci_fabric_pod_policy_group: + <<: *group_absent + check_mode: yes + register: cm_remove_group +- name: Remove policy group (normal mode) + cisco.aci.aci_fabric_pod_policy_group: + <<: *group_absent + register: nm_remove_group -if __name__ == "__main__": - main() +- name: Remove policy group again (check mode) + cisco.aci.aci_fabric_pod_policy_group: + <<: *group_absent + check_mode: yes + register: cm_remove_group_again +- name: Remove policy group again (normal mode) + cisco.aci.aci_fabric_pod_policy_group: + <<: *group_absent + register: nm_remove_group_again + +- name: Verify remove_server + assert: + that: + - cm_remove_group is changed + - nm_remove_group is changed + - nm_remove_group.current == [] + - nm_remove_group.previous.0.fabricPodPGrp.attributes.dn == 'uni/fabric/funcprof/podpgrp-ansible_pod_policy_group' + - nm_remove_group.previous.0.fabricPodPGrp.attributes.name == 'ansible_pod_policy_group' + - nm_remove_group.previous.0.fabricPodPGrp.children.0.fabricRsSnmpPol.attributes.tnSnmpPolName == '' + - nm_remove_group.previous.0.fabricPodPGrp.children.1.fabricRsPodPGrpCoopP.attributes.tnCoopPolName == '' + - nm_remove_group.previous.0.fabricPodPGrp.children.2.fabricRsCommPol.attributes.tnCommPolName == '' + - nm_remove_group.previous.0.fabricPodPGrp.children.3.fabricRsMacsecPol.attributes.tnMacsecFabIfPolName == '' + - nm_remove_group.previous.0.fabricPodPGrp.children.4.fabricRsTimePol.attributes.tnDatetimePolName == '' + - nm_remove_group.previous.0.fabricPodPGrp.children.5.fabricRsPodPGrpBGPRRP.attributes.tnBgpInstPolName == '' + - nm_remove_group.previous.0.fabricPodPGrp.children.6.fabricRsPodPGrpIsisDomP.attributes.tnIsisDomPolName == '' + - cm_remove_group_again is not changed + - nm_remove_group_again is not changed From e858500c12053a024f25caee44971741dda305b0 Mon Sep 17 00:00:00 2001 From: Tim Cragg Date: Tue, 25 Jan 2022 10:53:07 +0000 Subject: [PATCH 3/4] Correct docs --- plugins/modules/aci_fabric_pod_policy_group.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/modules/aci_fabric_pod_policy_group.py b/plugins/modules/aci_fabric_pod_policy_group.py index 10e0a6be2..b4f6b5528 100644 --- a/plugins/modules/aci_fabric_pod_policy_group.py +++ b/plugins/modules/aci_fabric_pod_policy_group.py @@ -38,7 +38,7 @@ type: str aliases: [ coop_policy ] bgp_rr_policy: - decription: + description: - BGP route reflector policy to bind to the policy group type: str management_access_policy: From ab65cea6388149164ce908d3693365deb766c114 Mon Sep 17 00:00:00 2001 From: Lionel Hercot Date: Fri, 21 Oct 2022 16:19:14 -0700 Subject: [PATCH 4/4] [ignore] Fix few comments in aci_fabric_pod_policy_group and added test for better coverage --- .../modules/aci_fabric_pod_policy_group.py | 19 ++++- .../tasks/main.yml | 77 +++++++++++-------- 2 files changed, 62 insertions(+), 34 deletions(-) diff --git a/plugins/modules/aci_fabric_pod_policy_group.py b/plugins/modules/aci_fabric_pod_policy_group.py index b4f6b5528..2d5180219 100644 --- a/plugins/modules/aci_fabric_pod_policy_group.py +++ b/plugins/modules/aci_fabric_pod_policy_group.py @@ -14,9 +14,9 @@ DOCUMENTATION = r''' --- module: aci_fabric_pod_policy_group -short_description: Manage Fabric Pod Policy Groups. +short_description: Manage Fabric Pod Policy Groups (fabric:PodPGrp) description: -- Fabric Pod Policy Group (fabricPodPGrp) configuration on Cisco ACI fabrics. +- Fabric Pod Policy Group (fabric:PodPGrp) configuration on Cisco ACI fabrics. options: name: description: @@ -54,6 +54,10 @@ description: - MACSec policy to bind to the policy group type: str + name_alias: + description: + - The alias for the current object. This relates to the nameAlias field in ACI. + type: str state: description: - Use C(present) or C(absent) for adding or removing. @@ -63,6 +67,8 @@ default: present extends_documentation_fragment: - cisco.aci.aci +- cisco.aci.annotation +- cisco.aci.owner seealso: - name: APIC Management Information Model reference @@ -219,11 +225,13 @@ ''' from ansible.module_utils.basic import AnsibleModule -from ansible_collections.cisco.aci.plugins.module_utils.aci import ACIModule, aci_argument_spec +from ansible_collections.cisco.aci.plugins.module_utils.aci import ACIModule, aci_argument_spec, aci_annotation_spec, aci_owner_spec def main(): argument_spec = aci_argument_spec() + argument_spec.update(aci_annotation_spec()) + argument_spec.update(aci_owner_spec()) argument_spec.update( name=dict(type='str', aliases=['policy_group', 'policy_group_name', 'pod_policy_group']), date_time_policy=dict(type='str', aliases=['ntp_policy']), @@ -233,6 +241,7 @@ def main(): management_access_policy=dict(type='str', aliases=['management_policy', 'mgmt_policy']), snmp_policy=dict(type='str'), macsec_policy=dict(type='str'), + name_alias=dict(type="str"), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), ) @@ -254,6 +263,7 @@ def main(): management_access_policy = module.params.get('management_access_policy') snmp_policy = module.params.get('snmp_policy') macsec_policy = module.params.get('macsec_policy') + name_alias = module.params.get("name_alias") state = module.params.get('state') child_classes = ['fabricRsSnmpPol', 'fabricRsPodPGrpIsisDomP', 'fabricRsPodPGrpCoopP', 'fabricRsPodPGrpBGPRRP', @@ -290,7 +300,8 @@ def main(): aci.payload( aci_class='fabricPodPGrp', class_config=dict( - name=name + name=name, + nameAlias=name_alias ), child_configs=child_configs, ) diff --git a/tests/integration/targets/aci_fabric_pod_policy_group/tasks/main.yml b/tests/integration/targets/aci_fabric_pod_policy_group/tasks/main.yml index 74761438f..11973e504 100644 --- a/tests/integration/targets/aci_fabric_pod_policy_group/tasks/main.yml +++ b/tests/integration/targets/aci_fabric_pod_policy_group/tasks/main.yml @@ -8,30 +8,31 @@ msg: 'Please define the following variables: aci_hostname, aci_username and aci_password.' when: aci_hostname is not defined or aci_username is not defined or aci_password is not defined +- name: Set vars + set_fact: + aci_info: &aci_info + host: "{{ aci_hostname }}" + username: "{{ aci_username }}" + password: "{{ aci_password }}" + validate_certs: '{{ aci_validate_certs | default(false) }}' + use_ssl: '{{ aci_use_ssl | default(true) }}' + use_proxy: '{{ aci_use_proxy | default(true) }}' + output_level: '{{ aci_output_level | default("info") }}' # CLEAN ENVIRONMENT - name: Remove any pre-existing pod policy group - cisco.aci.aci_fabric_pod_policy_group: &group_absent - host: '{{ aci_hostname }}' - username: '{{ aci_username }}' - password: '{{ aci_password }}' - validate_certs: '{{ aci_validate_certs | default(false) }}' - use_ssl: '{{ aci_use_ssl | default(true) }}' - use_proxy: '{{ aci_use_proxy | default(true) }}' - output_level: '{{ aci_output_level | default("info") }}' - name: ansible_pod_policy_group + cisco.aci.aci_fabric_pod_policy_group: + <<: *aci_info + name: '{{ item }}' state: absent + loop: + - "ansible_pod_policy_group" + - "ansible_empty_pod_policy_group" # ADD POD POLICY GROUP - name: Add pod policy group (check mode) cisco.aci.aci_fabric_pod_policy_group: &group_present - host: '{{ aci_hostname }}' - username: '{{ aci_username }}' - password: '{{ aci_password }}' - validate_certs: '{{ aci_validate_certs | default(false) }}' - use_ssl: '{{ aci_use_ssl | default(true) }}' - use_proxy: '{{ aci_use_proxy | default(true) }}' - output_level: '{{ aci_output_level | default("info") }}' + <<: *aci_info name: ansible_pod_policy_group date_time_policy: default isis_policy: default @@ -86,16 +87,31 @@ - nm_add_group_again.current.0.fabricPodPGrp.children.5.fabricRsPodPGrpBGPRRP.attributes.tnBgpInstPolName == 'default' - nm_add_group_again.current.0.fabricPodPGrp.children.6.fabricRsPodPGrpIsisDomP.attributes.tnIsisDomPolName == 'default' +- name: Add empty pod policy group (normal mode) + cisco.aci.aci_fabric_pod_policy_group: + <<: *aci_info + name: ansible_empty_pod_policy_group + state: present + register: nm_add_empty_group + +- name: Verify add empty policy group + assert: + that: + - nm_add_empty_group is changed + - nm_add_empty_group.current.0.fabricPodPGrp.attributes.dn == 'uni/fabric/funcprof/podpgrp-ansible_empty_pod_policy_group' + - nm_add_empty_group.current.0.fabricPodPGrp.attributes.name == 'ansible_empty_pod_policy_group' + - nm_add_empty_group.current.0.fabricPodPGrp.children.0.fabricRsSnmpPol.attributes.tnSnmpPolName == '' + - nm_add_empty_group.current.0.fabricPodPGrp.children.1.fabricRsPodPGrpCoopP.attributes.tnCoopPolName == '' + - nm_add_empty_group.current.0.fabricPodPGrp.children.2.fabricRsCommPol.attributes.tnCommPolName == '' + - nm_add_empty_group.current.0.fabricPodPGrp.children.3.fabricRsMacsecPol.attributes.tnMacsecFabIfPolName == '' + - nm_add_empty_group.current.0.fabricPodPGrp.children.4.fabricRsTimePol.attributes.tnDatetimePolName == '' + - nm_add_empty_group.current.0.fabricPodPGrp.children.5.fabricRsPodPGrpBGPRRP.attributes.tnBgpInstPolName == '' + - nm_add_empty_group.current.0.fabricPodPGrp.children.6.fabricRsPodPGrpIsisDomP.attributes.tnIsisDomPolName == '' + # MODIFY POLICY GROUP - name: Modify pod policy group (check mode) cisco.aci.aci_fabric_pod_policy_group: &group_changed - host: '{{ aci_hostname }}' - username: '{{ aci_username }}' - password: '{{ aci_password }}' - validate_certs: '{{ aci_validate_certs | default(false) }}' - use_ssl: '{{ aci_use_ssl | default(true) }}' - use_proxy: '{{ aci_use_proxy | default(true) }}' - output_level: '{{ aci_output_level | default("info") }}' + <<: *aci_info name: ansible_pod_policy_group date_time_policy: '' isis_policy: '' @@ -175,21 +191,21 @@ - cm_query_all_groups is not changed - nm_query_all_groups is not changed -# QUERY OUR SERVER -- name: Query our group (check_mode) +# QUERY A POD POLICY GROUP +- name: Query a specific pod policy (check_mode) cisco.aci.aci_fabric_pod_policy_group: <<: *group_query_all name: ansible_pod_policy_group check_mode: yes register: cm_query_group -- name: Query our server (normal mode) +- name: Query a specific pod policy (normal mode) cisco.aci.aci_fabric_pod_policy_group: <<: *group_query_all name: ansible_pod_policy_group register: nm_query_group -- name: Verify query_server +- name: Verify query_group assert: that: - cm_query_group is not changed @@ -207,8 +223,9 @@ # REMOVE POLICY GROUP - name: Remove policy group (check mode) - cisco.aci.aci_fabric_pod_policy_group: - <<: *group_absent + cisco.aci.aci_fabric_pod_policy_group: &group_absent + <<: *group_present + state: absent check_mode: yes register: cm_remove_group @@ -228,7 +245,7 @@ <<: *group_absent register: nm_remove_group_again -- name: Verify remove_server +- name: Verify remove_group and remove_group_again assert: that: - cm_remove_group is changed