Adding a control parameter `use_desc_as_key` to the `dcnm_policy` module

[dsx1123]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

The policy in DCNM/NDFC is using policy ID as the key in the backend which creates the problem of idempotency for Ansible, we created a parameter called create_additional_policy which can be used to prevent duplicated policy get created if the policy is not changed. However, if the user would like to modify or delete the policy, the user must use the policy ID to identify the policy that he/she would like to modify.

The notion of this proposal is to treat the description of policy as key to identifying the policy within the switch scope.

New or Affected modules(s):

• dcnm_policy

NDFC version

• V 12.x

Potential ansible task config

# Copy-paste your ansible playbook
    - name: Create policy for k8s subnet peering
      cisco.dcnm.dcnm_policy:
        fabric: "{{ fabric }}"
        state: merged
        use_desc_as_key: true     #  default is false
        config:
          - name: switch_freeform
            description: "bgp peer {{ k8s_node_subnet }}"
            policy_vars:
              CONF: "{{ lookup('template', 'templates/k8s_ibgp_peer.tmpl.j2') }}"
          - switch:
            - ip: 172.31.217.122
            - ip: 172.31.217.123
            - ip: 172.31.219.7
            - ip: 172.31.217.102

behavior:

• use_desc_as_key is a global level config, and should affect all the policies listed in the config section
• When use_desc_as_key is false, the behavior of the module doesn't change
• When use_desc_as_key is true, the behavior should be as below:
  • the description must not be empty, error the module when any of the policies defined in the playbook is empty or not defined
  • the unicity of the description is in the switch scope
  • the unicity of the description is maintained by the user, when the user creates the policies, the user needs to make sure the description of the policy is unique
  • However, the module should check if there is duplication in the description of the NDFC, If there is more than one policy having the same description, the module should exit with an error
  • The module should search the existing policies associated with the switch, if found, and policy_vars is changed, the module should modify the existing policy, if not found, module should create a new one
  • if the name(template name) is changed, module should delete the existing one and create a new one with the new template

References

Additional context Add any other context or screenshots about the feature request here.