Ansible ND 4.X | WIP | ND Manage Policies Module + Pydantic Models + Smart Endpoints #216
Open
nikhilsrikrishna wants to merge 61 commits intoCiscoDevNet:developfrom
Open
Ansible ND 4.X | WIP | ND Manage Policies Module + Pydantic Models + Smart Endpoints #216nikhilsrikrishna wants to merge 61 commits intoCiscoDevNet:developfrom
nikhilsrikrishna wants to merge 61 commits intoCiscoDevNet:developfrom
Conversation
… Nexus Dashboard v4.1.0 and higher.
…nherited from future class models. Modify class models for local_user.
…e.py based on comments. Add a get method and get_identifier_value function to NDBaseModel.
…tion of core design adding new methods which will be used in NDConfigCollection and NDNetworkResourceModule classes as well as basic error handling and simple docstrings.
…ign changing existing methods and adding new ones which will be used in NDNetworkResourceModule class as well as basic error handling and simple docstrings.
…of core design changing existing methods and adding new ones which will be used in future as a based for ND network resource modules as well as basic error handling and simple docstrings.
…anges added to NDNetworkResourceModule.
…s for orchestrating crud api operations with model instances and endpoints.
… built-in functionalities. Slightly modify models/base.py to enforce identifiers definitions in NDBaseModel subclasses. Added multiple notes to assert next steps.
…rt endpoints and Pydantic models modification (works for merge and replace states). Add comments for next steps.
…nts and changes to models/local_user.py and api_endpoints/base.py
…ons methods that work for single_identifier strategy (meant to be overridden if needed).
…or NDNestedModel. Add types.file. Various Renaming and small Modifications across the repo. WIP.
…i_endpoints. Adapt api_endpoints, models, orchestrators accordingly. Integration Tests passing for nd_local_user module. Still WIP.
…ome sanity issues.
…teration of (Mock Pydantic objects/methods) to pass sanity checks for Pydantic importation.
…NDStateMachineand add custom Exception for it in common/exceptions dir. Set json mode for to_diff_dict method in NDBaseModel.
nikhilsrikrishna
requested review from
akinross,
anvitha-jain,
gmicol,
lhercot,
sajagana,
samiib and
shrsr
as code owners
…ts logging, remove RETURN docstring
nikhilsrikrishna
requested review from
allenrobel,
mikewiebe and
mtarking
as code owners
Collaborator
|
I see sanity test and formatting failures. Make sure to run the following commands locally and fix any issues |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
6 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR adds the nd_policy module for switch policy management in the cisco.nd collection, including the core resource handler, endpoint wrappers, and Pydantic models.
What's Included
Policy resource handler —
nd_policy_resources.pysupportsgathered,merged, anddeletedstates. Uses bulk create, bulk delete with 207 response handling, the mark-delete → push-config → remove pipeline, and deploy through switch actions.Endpoint definitions — Three endpoint classes:
manage_fabrics_policies.py,manage_fabrics_policy_actions.py,manage_fabrics_switch_actions.py.Pydantic model layer — Model classes:
config_models.py,gathered_models.py,policy_actions.py,policy_base.py,policy_crud.py. These cover input validation, API response parsing, and gathered output formatting.Input aliasing —
switch_idis aliased asswitch_ipin the argument spec, allowing users to specify either name interchangeably. Pydantic validators normalize both to the field expected by the API.Template inputs validation — User-provided
template_inputsare validated at runtime against the template's parameter schema fetched from the controller, checking for unknown keys, missing required parameters, and basic type correctness. System-injected keys are stripped from gathered output so only user-defined variables are returned.Unit tests — Endpoint-level tests covering all three endpoint classes.
Notes
Delete workflow — Delete follows a 3-step flow: markDelete → pushConfig → remove. PYTHON content-type templates (e.g., switch_freeform, Ext_VRF_Lite_SVI) fail on markDelete with "Content type is PYTHON, cannot mark for deletion". Instead of maintaining a hardcoded list of these template names, the module inspects the 207 response — any policy that fails with this specific message is automatically retried via direct DELETE /policies/{policyId}, then deployed via switchActions/deploy to push the config removal to the switch.
Gathered state and policy_id — The gathered output includes a policy_id field (e.g., POLICY-28440) alongside the template name. When this output is fed back into state=merged, the policy_id can be directly used to identify the exact policy.
Work In Progress