Merge pull request #167 from CiscoISE/develop

Develop

Author: bvargasre

README.md

@@ -53,7 +53,7 @@ The following table shows the supported versions.
 | 3.1_Patch_1       | 2.5.16                       | 2.0.10                       |
 | 3.2_beta          | 2.8.0                        | 2.1.1                        |
 | 3.3_patch_1       | 2.10.0                       | 2.2.3                        |
-| 3.5.0             | 3.0.0                        | 2.4.0                        |
+| 3.5.0             | 3.0.1                        | 2.4.0                        |
 
 If your Ansible collection is older please consider updating it first.
 *Notes*:
@@ -90,7 +90,7 @@ export ISE_HOSTNAME=<A.B.C.D>
 export ISE_USERNAME=<username>
 export ISE_PASSWORD=<password>
 export ISE_VERIFY=False # optional, defaults to True
-export ISE_VERSION=3.3_patch_1 # optional, defaults to 3.3_patch_1
+export ISE_VERSION=3.5.0 # optional, defaults to 3.5.0
 export ISE_WAIT_ON_RATE_LIMIT=True # optional, defaults to True
 export ISE_USES_API_GATEWAY=True # optional, defaults to True
 export ISE_DEBUG=False # optional, defaults to False

changelogs/changelog.yaml

@@ -1621,3 +1621,10 @@ releases:
         - Updated .gitignore with additional exclusion patterns.
         - Fixed galaxy.yml metadata for compatibility
           with newer Ansible versions.
+  3.0.1:
+    release_date: "2025-11-20"
+    changes:
+      release_summary: Update ISE version to 3.5.0
+      bugfixes:
+        - networkdevice add support for 'absent' state, implement update and delete methods
+        - update ISE version to 3.5.0 for improved functionality.

galaxy.yml

@@ -1,7 +1,7 @@
 ---
 namespace: cisco
 name: ise
-version: 3.0.0
+version: 3.0.1
 readme: README.md
 authors:
   - William Astorga <[email protected]>

playbooks/group_vars/ise_servers

@@ -1,11 +1,10 @@
 # Consider using ansible-vault
 ---
 # ise_hostname: "198.18.133.27"
-ise_hostname: "stopping-contribution-destiny-kick.trycloudflare.com"
-ise_username: "admin"
-ise_password: "C1sco12345"
-ise_version: "3.3_patch_1"
-ise_verify: False
-ise_debug: True
-ise_uses_api_gateway: True
-ise_uses_csrf_token: False
+# ise_username: "admin"
+# ise_password: "C1sco12345"
+# ise_version: "3.5.0"
+# ise_verify: False
+# ise_debug: True
+# ise_uses_api_gateway: True
+# ise_uses_csrf_token: False

plugins/action/networkdevice.py

@@ -32,7 +32,7 @@
 argument_spec = ise_argument_spec()
 # Add arguments specific for this module
 argument_spec.update(dict(
-    state=dict(type="str", default="present", choices=["present"]),
+    state=dict(type="str", default="present", choices=["present", "absent"]),
     authenticationSettings=dict(type="dict"),
     coaPort=dict(type="float"),
     dtlsDnsName=dict(type="str"),
@@ -51,7 +51,8 @@
 ))
 
 required_if = [
-    ("state", "present", ["name"], True),
+    ("state", "present", ["id", "name"], True),
+    ("state", "absent", ["id", "name"], True),
 ]
 required_one_of = []
 mutually_exclusive = []
@@ -108,14 +109,31 @@ def get_object_by_name(self, name):
         return result
 
     def get_object_by_id(self, id):
-        # NOTICE: Does not have a get by id method or it is in another action
-        result = None
+        try:
+            result = self.ise.exec(
+                family="networkdevice",
+                function="get_networkdevice_by_id",
+                handle_func_exception=False,
+                params={"id": id}
+            ).response['NetworkDevice']
+        except (TypeError, AttributeError) as e:
+            self.ise.fail_json(
+                msg=(
+                    "An error occured when executing operation."
+                    " Check the configuration of your API Settings and API Gateway settings on your ISE server."
+                    " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled."
+                    " You may want to enable the (ise_debug: True) argument."
+                    " The error was: {error}"
+                ).format(error=e)
+            )
+        except Exception:
+            result = None
         return result
 
     def exists(self):
-        prev_obj = None
         id_exists = False
         name_exists = False
+        prev_obj = None
         o_id = self.new_object.get("id")
         name = self.new_object.get("name")
         if o_id:
@@ -128,6 +146,8 @@ def exists(self):
             _id = prev_obj.get("id")
             if id_exists and name_exists and o_id != _id:
                 raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object")
+            if _id:
+                prev_obj = self.get_object_by_id(_id)
         it_exists = prev_obj is not None and isinstance(prev_obj, dict)
         return (it_exists, prev_obj)
 
@@ -165,6 +185,34 @@ def create(self):
         ).response
         return result
 
+    def update(self):
+        id = self.new_object.get("id")
+        name = self.new_object.get("name")
+        result = None
+        if not id:
+            id_ = self.get_object_by_name(name).get("id")
+            self.new_object.update(dict(id=id_))
+        result = self.ise.exec(
+            family="networkdevice",
+            function="update_networkdevice_by_id",
+            params=self.new_object
+        ).response
+        return result
+
+    def delete(self):
+        id = self.new_object.get("id")
+        name = self.new_object.get("name")
+        result = None
+        if not id:
+            id_ = self.get_object_by_name(name).get("id")
+            self.new_object.update(dict(id=id_))
+        result = self.ise.exec(
+            family="networkdevice",
+            function="delete_networkdevice_by_id",
+            params=self.new_object
+        ).response
+        return result
+
 
 class ActionModule(ActionBase):
     def __init__(self, *args, **kwargs):
@@ -205,12 +253,16 @@ def run(self, tmp=None, task_vars=None):
         state = self._task.args.get("state")
 
         response = None
+
         if state == "present":
             (obj_exists, prev_obj) = obj.exists()
             if obj_exists:
                 if obj.requires_update(prev_obj):
-                    response = prev_obj
-                    ise.object_present_and_different()
+                    ise_update_response = obj.update()
+                    self._result.update(dict(ise_update_response=ise_update_response))
+                    (obj_exists, updated_obj) = obj.exists()
+                    response = updated_obj
+                    ise.object_updated()
                 else:
                     response = prev_obj
                     ise.object_already_present()
@@ -220,6 +272,15 @@ def run(self, tmp=None, task_vars=None):
                 response = created_obj
                 ise.object_created()
 
+        elif state == "absent":
+            (obj_exists, prev_obj) = obj.exists()
+            if obj_exists:
+                obj.delete()
+                response = prev_obj
+                ise.object_deleted()
+            else:
+                ise.object_already_absent()
+
         self._result.update(dict(ise_response=response))
         self._result.update(ise.exit_json())
         return self._result

plugins/plugin_utils/ise.py

@@ -133,7 +133,7 @@ def ise_argument_spec():
         ise_username=dict(type="str", fallback=(env_fallback, ['ISE_USERNAME']), required=True),
         ise_password=dict(type="str", fallback=(env_fallback, ['ISE_PASSWORD']), required=True, no_log=True),
         ise_verify=dict(type="bool", default=True, fallback=(env_fallback, ['ISE_VERIFY'])),
-        ise_version=dict(type="str", default="3.3_patch_1", fallback=(env_fallback, ['ISE_VERSION'])),
+        ise_version=dict(type="str", default="3.5.0", fallback=(env_fallback, ['ISE_VERSION'])),
         ise_wait_on_rate_limit=dict(type="bool", default=True, fallback=(env_fallback, ['ISE_WAIT_ON_RATE_LIMIT'])),
         ise_uses_api_gateway=dict(type="bool", default=True, fallback=(env_fallback, ['ISE_USES_API_GATEWAY'])),
         ise_uses_csrf_token=dict(type="bool", default=False, fallback=(env_fallback, ['ISE_USES_CSRF_TOKEN'])),