Request for mkey usage in examples

Question

Request for mkey usage in examples

Shasties opened this issue 6 years ago · 2 comments

I am using the following tasks to configure snmp communities on a virtual fortigate appliance:

---
- name: Get community
  connection: local
  fortiosconfig:
    https: False
    action: "get"
    host:  "{{ fw_vars['ip'] }}"
    username: "{{ fw_username }}"
    password: "{{ fw_password }}"
    config: "system.snmp community"
    https: False
  register: config

- debug:
    var: config

- name: Edit community 1
  connection: local
  fortiosconfig:
    https: False
    action: "set"
    host:  "{{ fw_vars['ip'] }}"
    username: "{{ fw_username }}"
    password: "{{ fw_password }}"
    config: "system.snmp community"
    https: False
    mkey: 1
    config_parameters:
      name: "{{ fw_vars['ans_snmp_ro'] }}"

I have manually created two entries in the snmp community table. On the appliance side of things I can see the following:

config system snmp community
    edit 1
        set name "test"
    next
    edit 2
        set name "number 2"
    next
end

And from the Ansible debug statement I see:

ok: [localhost] => {
    "config": {
        "changed": false,
        "failed": false,
        "meta": {
            "results": [
                {
                    "events": "cpu-high mem-low log-full intf-ip vpn-tun-up vpn-tun-down ha-switch ha-hb-failure ips-signature ips-anomaly av-virus av-oversize av-pattern av-fragmented fm-if-change bgp-established bgp-backward-transition ha-member-up ha-member-down ent-conf-change av-conserve av-bypass av-oversize-passed av-oversize-blocked ips-pkg-update ips-fail-open faz-disconnect wc-ap-up wc-ap-down fswctl-session-up fswctl-session-down load-balance-real-server-down per-cpu-high",
                    "hosts": [],
                    "hosts6": [],
                    "id": 1,
                    "name": "test",
                    "q_origin_key": 1,
                    "query-v1-port": 161,
                    "query-v1-status": "enable",
                    "query-v2c-port": 161,
                    "query-v2c-status": "enable",
                    "status": "enable",
                    "trap-v1-lport": 162,
                    "trap-v1-rport": 162,
                    "trap-v1-status": "enable",
                    "trap-v2c-lport": 162,
                    "trap-v2c-rport": 162,
                    "trap-v2c-status": "enable"
                },
                {
                    "events": "cpu-high mem-low log-full intf-ip vpn-tun-up vpn-tun-down ha-switch ha-hb-failure ips-signature ips-anomaly av-virus av-oversize av-pattern av-fragmented fm-if-change bgp-established bgp-backward-transition ha-member-up ha-member-down ent-conf-change av-conserve av-bypass av-oversize-passed av-oversize-blocked ips-pkg-update ips-fail-open faz-disconnect wc-ap-up wc-ap-down fswctl-session-up fswctl-session-down load-balance-real-server-down per-cpu-high",
                    "hosts": [],
                    "hosts6": [],
                    "id": 2,
                    "name": "number 2",
                    "q_origin_key": 2,
                    "query-v1-port": 161,
                    "query-v1-status": "enable",
                    "query-v2c-port": 161,
                    "query-v2c-status": "enable",
                    "status": "enable",
                    "trap-v1-lport": 162,
                    "trap-v1-rport": 162,
                    "trap-v1-status": "enable",
                    "trap-v2c-lport": 162,
                    "trap-v2c-rport": 162,
                    "trap-v2c-status": "enable"
                }
            ],
            "status": "success",
            "version": "v6.0.3"
        }
    }
}

I would ideally like to edit one of the entries and based on fortios api reference doc I read, I figured that specifying the mkey would be the same as referencing the id. Here I'm trying to change the name of the first entry from "test" to the variable fw_vars['ans_snmp_ro'] however I get the following error on the Edit Community 1 task:
File \"/usr/local/lib/python2.7/dist-packages/fortiosapi/fortiosapi.py\", line 440, in set\n mkey = self.get_mkey(path, name, data, vdom=vdom)\n File \"/usr/local/lib/python2.7/dist-packages/fortiosapi/fortiosapi.py\", line 259, in get_mkey\n LOG.warning(\"mkey %s not set in the data\", mkey)\nUnboundLocalError: local variable 'mkey' referenced before assignment\n"

However, when I do not try to use the mkey and instead add the line id: 1 under the config_parameters section the module does what I expect it to (change the name of the entry).

I'm not sure what the mkey value is functionally used for. I tried looking through the examples but I do not see any that use that parameter. If someone could add an example on how to use that parameter that would probably clear up my confusion on what it actually does. Thanks!

Answer 1 · 2019-03-25T16:12:28.000Z

Hi @Shasties ,
thanks for your comment and sorry for the late reply. The mkey is normally used internally in some methods, to guess the master key of the table being updated without requiring user intervention. Thus, you shouldn't worry about it.

I see anyway that it is still present as input parameter in 'choice_map' and this seems to be a leftover from old modifications. I'll create a PR in the next days to remove it.

Thanks!

Answer 2 · 2019-05-14T13:28:03.000Z

Since this has no more activity and the issue is solved I'm closing it.