codeaffen
Issue with creating subnet folder when multiple folders have the same name
We have our ipam structured like this
And in each dc we have nester folder like this.
This seems to cause some errors since there are a few folders named the same
When i try to create a subnet
- name: "Create subnet"
codeaffen.phpipam.subnet:
app_id: "ansible"
description: "{{item.description}}"
username: "API"
password: "{{apipassword}}"
server_url: "https://phpipam"
vlan: "{{item.vlan}}"
vrf: "PROD"
folder: "PROD"
location: "DC1"
validate_certs: no
section: "xxx"
routing_domain: "{{item.routing_domain}}"
with_items: "{{subnetconfig.list}}"
It places all the subnets in the same folder
Is there any way to specify the master_folder somehow when creating a subnet?
Hi @ishuguru,
Thank you for bringing this to our attention. As we support in all our modules names instead of ID's, there is no way to support entities with the same name. Maybe a change in the notation could be a way out.
I can imagine something like root_folder/sub_folder/folder where a slash would be a delimiter. As this needs a deeper refactoring of the complete resolve logic, this will not be available soon.
As I do not have so much time to invest the needed effort, we need to search for volunteers to help to implement this feature.
For now, there is only the possibility to avoid duplicate names.
Hi @ishuguru,
Thank you for bringing this to our attention. As we support in all our modules names instead of ID's, there is no way to support entities with the same name. Maybe a change in the notation could be a way out.
I can imagine something like
root_folder/sub_folder/folderwhere a slash would be a delimiter. As this needs a deeper refactoring of the complete resolve logic, this will not be available soon.As I do not have so much time to invest the needed effort, we need to search for volunteers to help to implement this feature.
For now, there is only the possibility to avoid duplicate names.
Thanks for the fast response, our structure is what it is so i cant change that. A quite fast thing to change the folder manualy however so i can work around it.
I took a quick look into the api responses, and it looks promising:
$ curl -sk -XGET -H "phpipam-token: ${PHPIPAM_TOKEN}" ${PHPIPAM_API_URL}/folders | jq '.data[] | {id: .id, masterSubnetId: .masterSubnetId, description: .description}'
{
"id": "7",
"masterSubnetId": "0",
"description": "root_folder"
}
{
"id": "8",
"masterSubnetId": "7",
"description": "sub_folder"
}
{
"id": "9",
"masterSubnetId": "8",
"description": "folder"
}
You could see that the structure is depicted via masterSubnetId.
Unfortunately, I did not find a character which is not allowed in the folder name, yet.
curl -sk -XGET -H "phpipam-token: ${PHPIPAM_TOKEN}" ${PHPIPAM_API_URL}/folders | jq '.data[] | {id: .id, masterSubnetId: .masterSubnetId, description: .description}'
{
"id": "10",
"masterSubnetId": "0",
"description": "a/b/c"
}
{
"id": "11",
"masterSubnetId": "0",
"description": "a.b.c"
}
{
"id": "12",
"masterSubnetId": "0",
"description": "a%b%c"
}
This makes it more difficult to implement it in a simple way.
Proposal for a possible implementation:
---
codeaffen.phpipam.subnet:
username: "admin"
password: "s3cr3t"
server_url: "https://ipam.example.com"
cidr: "192.0.2.128/28"
folder: "com.example.folder"
folder_path_delimiter: "."
1. Checking the delimiter
As there are no characters forbidden for folder names, we need to take care of not having a folder name that consists of the selected delimiter. To check it, we need a pre-query if there are folders with delimiter in the name.
$ curl -sk -XGET -H "phpipam-token: ${PHPIPAM_TOKEN}" -H "Content-Type: application/json" ${PHPIPAM_API_URL}/folders -d '{"filter_by": "description","filter_value": ".","filter_match":"partial"}' | jq '.data[] | {id: .id, masterSubnetId: .masterSubnetId, description: .description}'
{
"id": "11",
"masterSubnetId": "0",
"description": "folder.name"
}
The result needs to be null. In the upper example, we found an element, why the delimiter is not usable for our purpose. In case we do not have such a folder, the result looks as followed.
$ curl -sk -XGET -H "phpipam-token: ${PHPIPAM_TOKEN}" -H "Content-Type: application/json" ${PHPIPAM_API_URL}/folders -d '{"filter_by": "description","filter_value": ".","filter_match":"partial"}'
{"code":404,"success":false,"message":"No results (filter applied)","time":0.005}
While we made use of the phpypam library, the above query will result in a PHPyPAMEntityNotFoundException and we can react to it.
2. Resolving path
After we can guarantee that the delimiter could be used for our purpose, we can resolve the complete path to its ID's, and finally find the correct ID for the folder where the subnet is part of.
Conditions and risks
Finally, some though on conditions and risks.
- This solution implies that the delimiter must never be used as a character in folder names
- To achieve this, a manual management of folders should be avoided, as a manually created folder name with the delimiter character in the folder name could make automation stop working
- May be a kind of override mechanism could be worthwhile
Concluded, this feature needs a profound look at how to protect the automation against failures.