Ansible ND 4.X | WIP | ND Manage Policies Module + Pydantic Models + Smart Endpoints #216
Open
nikhilsrikrishna wants to merge 11 commits intoCiscoDevNet:nd42_integrationfrom
Open
Ansible ND 4.X | WIP | ND Manage Policies Module + Pydantic Models + Smart Endpoints #216nikhilsrikrishna wants to merge 11 commits intoCiscoDevNet:nd42_integrationfrom
nikhilsrikrishna wants to merge 11 commits intoCiscoDevNet:nd42_integrationfrom
Conversation
added 10 commits
April 1, 2026 16:30
nikhilsrikrishna
requested review from
akinross,
anvitha-jain,
gmicol,
lhercot,
sajagana,
samiib and
shrsr
as code owners
…ts logging, remove RETURN docstring
nikhilsrikrishna
requested review from
allenrobel,
mikewiebe and
mtarking
as code owners
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR adds the nd_policy module for switch policy management in the cisco.nd collection, including the core resource handler, endpoint wrappers, and Pydantic models.
What's Included
Policy resource handler —
nd_policy_resources.pysupportsgathered,merged, anddeletedstates. Uses bulk create, bulk delete with 207 response handling, the mark-delete → push-config → remove pipeline, and deploy through switch actions.Endpoint definitions — Three endpoint classes:
manage_fabrics_policies.py,manage_fabrics_policy_actions.py,manage_fabrics_switch_actions.py.Pydantic model layer — Model classes:
config_models.py,gathered_models.py,policy_actions.py,policy_base.py,policy_crud.py. These cover input validation, API response parsing, and gathered output formatting.Input aliasing —
switch_idis aliased asswitch_ipin the argument spec, allowing users to specify either name interchangeably. Pydantic validators normalize both to the field expected by the API.Template inputs validation — User-provided
template_inputsare validated at runtime against the template's parameter schema fetched from the controller, checking for unknown keys, missing required parameters, and basic type correctness. System-injected keys are stripped from gathered output so only user-defined variables are returned.Unit tests — Endpoint-level tests covering all three endpoint classes.
Notes
Delete workflow — Delete follows a 3-step flow: markDelete → pushConfig → remove. PYTHON content-type templates (e.g., switch_freeform, Ext_VRF_Lite_SVI) fail on markDelete with "Content type is PYTHON, cannot mark for deletion". Instead of maintaining a hardcoded list of these template names, the module inspects the 207 response — any policy that fails with this specific message is automatically retried via direct DELETE /policies/{policyId}, then deployed via switchActions/deploy to push the config removal to the switch.
Gathered state and policy_id — The gathered output includes a policy_id field (e.g., POLICY-28440) alongside the template name. When this output is fed back into state=merged, the policy_id can be directly used to identify the exact policy.
Work In Progress