[ios_acls] Fix replaced state, to consider ace entries with remarks (#…

…1032) * fix replaced state * [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci * remove debug * [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci * fix comments * [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci --------- Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
ansible-collections · Feb 14, 2024 · 6b8ed8b · 6b8ed8b
1 parent 018bf84
commit 6b8ed8b
Show file tree

Hide file tree

Showing 3 changed files with 58 additions and 6 deletions.
diff --git a/changelogs/fragments/ios_acls_replaced_state.yml b/changelogs/fragments/ios_acls_replaced_state.yml
@@ -0,0 +1,3 @@
+---
+bugfixes:
+  - ios_acls - Fix replaced state to consider remarks and ace entries while comparing configuration.
diff --git a/plugins/module_utils/network/ios/config/acls/acls.py b/plugins/module_utils/network/ios/config/acls/acls.py
@@ -221,7 +221,10 @@ def pop_remark(r_entry, afi):
                     for k_wrems, wrems in rem_wentry.get("remarks").items():
                         if k_wrems not in rem_hentry.get("remarks", {}).keys():
                             self.addcmd(
-                                {"remarks": wrems, "sequence": hentry.get("sequence", "")},
+                                {
+                                    "remarks": wrems,
+                                    "sequence": hentry.get("sequence", ""),
+                                },
                                 "remarks",
                             )
                         else:
@@ -247,8 +250,12 @@ def pop_remark(r_entry, afi):
                         "remarks",
                         negate=True,
                     )
-            else:  # remove extra aces
-                self.addcmd(add_afi(hseq, afi), "aces", negate=True)
+                hseq.pop("remarks")
+            self.addcmd(
+                add_afi(hseq, afi),
+                "aces",
+                negate=True,
+            )  # deal with the rest of ace entry
 
     def sanitize_protocol_options(self, wace, hace):
         """handles protocol and protocol options as optional attribute"""
@@ -291,7 +298,9 @@ def list_to_dict(self, param):
                         temp_aces = {}
                         if acl.get("aces"):
                             rem_idx = 0  # remarks if defined in an ace
-                            for count, ace in enumerate(acl.get("aces")):  # each ace turned to dict
+                            for count, ace in enumerate(
+                                acl.get("aces"),
+                            ):  # each ace turned to dict
                                 if (
                                     ace.get("destination")
                                     and ace.get("destination", {}).get(
@@ -346,7 +355,12 @@ def list_to_dict(self, param):
 
                         if acl.get("acl_type"):  # update acl dict with req info
                             temp_acls.update(
-                                {acl.get("name"): {"aces": temp_aces, "acl_type": acl["acl_type"]}},
+                                {
+                                    acl.get("name"): {
+                                        "aces": temp_aces,
+                                        "acl_type": acl["acl_type"],
+                                    },
+                                },
                             )
                         else:  # if no acl type then here eg: ipv6
                             temp_acls.update({acl.get("name"): {"aces": temp_aces}})

diff --git a/tests/unit/modules/network/ios/test_ios_acls.py b/tests/unit/modules/network/ios/test_ios_acls.py
@@ -561,7 +561,6 @@ def test_ios_acls_merged_idempotent(self):
         )
         result = self.execute_module(changed=False)
         self.assertEqual(sorted(result["commands"]), [])
-        # self.execute_module(changed=False, commands=[], sort=True)
 
     def test_ios_acls_replaced(self):
         self.execute_show_command.return_value = dedent(
@@ -575,11 +574,23 @@ def test_ios_acls_replaced(self):
             ip access-list standard test_acl
                 remark remark check 1
                 remark some random remark 2
+            ip access-list standard testRobustReplace
+                10 remark Remarks for 10
+                10 permit 192.168.1.0 0.0.0.255
+                20 remark Remarks for 20
+                20 permit 0.0.0.0 255.0.0.0
+                30 remark Remarks for 30
+                30 permit 172.16.0.0 0.15.255.255
+                40 remark Remarks for 40
+                40 permit 192.0.2.0 0.0.0.255
+                50 remark Remarks for 50
+                50 permit 198.51.100.0 0.0.0.255
             """,
         )
         self.execute_show_command_name.return_value = dedent(
             """\
             Standard IP access list test_acl
+            Standard IP access list testRobustReplace
             """,
         )
         set_module_args(
@@ -613,6 +624,21 @@ def test_ios_acls_replaced(self):
                                 acl_type="standard",
                                 aces=[dict(remarks=["Another remark here"])],
                             ),
+                            dict(
+                                name="testRobustReplace",
+                                acl_type="standard",
+                                aces=[
+                                    dict(
+                                        sequence=10,
+                                        grant="permit",
+                                        remarks=["Remarks for 10"],
+                                        source=dict(
+                                            address="192.168.1.0",
+                                            wildcard_bits="0.0.0.255",
+                                        ),
+                                    ),
+                                ],
+                            ),
                         ],
                     ),
                 ],
@@ -627,6 +653,15 @@ def test_ios_acls_replaced(self):
             "no remark remark check 1",
             "no remark some random remark 2",
             "remark Another remark here",
+            "ip access-list standard testRobustReplace",
+            "no 20 remark Remarks for 20",
+            "no 20 permit 0.0.0.0 255.0.0.0",
+            "no 30 remark Remarks for 30",
+            "no 30 permit 172.16.0.0 0.15.255.255",
+            "no 40 remark Remarks for 40",
+            "no 40 permit 192.0.2.0 0.0.0.255",
+            "no 50 remark Remarks for 50",
+            "no 50 permit 198.51.100.0 0.0.0.255",
         ]
         self.assertEqual(sorted(result["commands"]), sorted(commands))