diff --git a/changelogs/fragments/snmp_idempotancy_fix.yml b/changelogs/fragments/snmp_idempotancy_fix.yml new file mode 100644 index 000000000..ce420963e --- /dev/null +++ b/changelogs/fragments/snmp_idempotancy_fix.yml @@ -0,0 +1,3 @@ +--- +bugfixes: + - ios_snmp_server - fixed config issue with snmp user password update being idempotent on consecutive runs. diff --git a/plugins/module_utils/network/ios/config/snmp_server/snmp_server.py b/plugins/module_utils/network/ios/config/snmp_server/snmp_server.py index 187d0779d..d61a70a10 100644 --- a/plugins/module_utils/network/ios/config/snmp_server/snmp_server.py +++ b/plugins/module_utils/network/ios/config/snmp_server/snmp_server.py @@ -237,39 +237,20 @@ def _compare(self, want, have): def _compare_lists_attrs(self, want, have): """Compare list of dict""" for _parser in self.list_parsers: - if _parser == "users": - i_want = want.get(_parser, {}) - i_have = have.get(_parser, {}) - for key, wanting in iteritems(i_want): - wanting_compare = deepcopy(wanting) - if ( - "authentication" in wanting_compare - and "password" in wanting_compare["authentication"] - ): - wanting_compare["authentication"].pop("password") - if ( - "encryption" in wanting_compare - and "password" in wanting_compare["encryption"] - ): - wanting_compare["encryption"].pop("password") - haveing = i_have.pop(key, {}) - if wanting_compare != haveing: - if haveing and self.state in ["overridden", "replaced"]: + i_want = want.get(_parser, {}) + i_have = have.get(_parser, {}) + for key, wanting in iteritems(i_want): + haveing = i_have.pop(key, {}) + if wanting != haveing: + if haveing and self.state in ["overridden", "replaced"]: + if not ( + _parser == "users" + and wanting.get("username") == haveing.get("username") + ): self.addcmd(haveing, _parser, negate=True) - self.addcmd(wanting, _parser) - for key, haveing in iteritems(i_have): - self.addcmd(haveing, _parser, negate=True) - else: - i_want = want.get(_parser, {}) - i_have = have.get(_parser, {}) - for key, wanting in iteritems(i_want): - haveing = i_have.pop(key, {}) - if wanting != haveing: - if haveing and self.state in ["overridden", "replaced"]: - self.addcmd(haveing, _parser, negate=True) - self.addcmd(wanting, _parser) - for key, haveing in iteritems(i_have): - self.addcmd(haveing, _parser, negate=True) + self.addcmd(wanting, _parser) + for key, haveing in iteritems(i_have): + self.addcmd(haveing, _parser, negate=True) def _snmp_list_to_dict(self, data): """Convert all list of dicts to dicts of dicts""" diff --git a/tests/unit/modules/network/ios/test_ios_snmp_server.py b/tests/unit/modules/network/ios/test_ios_snmp_server.py index 905371b03..28a11fd7c 100644 --- a/tests/unit/modules/network/ios/test_ios_snmp_server.py +++ b/tests/unit/modules/network/ios/test_ios_snmp_server.py @@ -1933,10 +1933,11 @@ def test_ios_snmpv3_user_server_overridden(self): }, } overridden = [ - "no snmp-server user flow mfamily v3 access 27", + "snmp-server user replaceUser replaceUser v3 auth md5 replaceUser access 22", "snmp-server user flow mfamily v3 access 27", "no snmp-server user newuser newfamily v1 access 24", ] + playbook["state"] = "overridden" set_module_args(playbook) result = self.execute_module(changed=True)