From 43ebccf7fcbfd7efe0c14981675d44c9a6f04b48 Mon Sep 17 00:00:00 2001
From: Aleksandr Kurbatov <aleksandr.kurbatov@GL1342-AKURBATOV.local>
Date: Fri, 12 Jul 2024 14:05:51 +0100
Subject: [PATCH] Add validation steps to the `iptrunk` deploy

---
 .../roles/iptrunk/tasks/deploy_object.yaml    | 30 ++++++++++++++-----
 1 file changed, 22 insertions(+), 8 deletions(-)

diff --git a/geant/gap_ansible/roles/iptrunk/tasks/deploy_object.yaml b/geant/gap_ansible/roles/iptrunk/tasks/deploy_object.yaml
index 67870f41..44856221 100644
--- a/geant/gap_ansible/roles/iptrunk/tasks/deploy_object.yaml
+++ b/geant/gap_ansible/roles/iptrunk/tasks/deploy_object.yaml
@@ -6,11 +6,22 @@
     src_format: text
     check_commit: true
   diff: true
+  register: output
   when: >
     verb == "deploy" and
     local_side.iptrunk_side_node.vendor == "juniper" and
     dry_run | ansible.builtin.bool
 
+- name: Fail if there is any diff
+  ansible.builtin.fail:
+    msg: Trunk config drift detected!!!
+  when: >
+    output.changed | ansible.builtin.bool
+    and
+    is_verification_workflow | ansible.builtin.bool
+    and
+    local_side.iptrunk_side_node.vendor == "juniper"
+
 - name: Deploy "{{ config_object }}" on "{{ inventory_hostname }}" [AND COMMIT][JUNIPER]
   junipernetworks.junos.junos_config:
     update: 'replace'
@@ -23,14 +34,6 @@
     local_side.iptrunk_side_node.vendor == "juniper" and
     not (dry_run | ansible.builtin.bool)
 
-# - name: Show real diff of "{{ config_object }}"
-#   ansible.builtin.debug:
-#     msg: "{{ response }}"
-#   when: >
-#     verb == "deploy" and
-#     local_side.iptrunk_side_node.vendor == "juniper" and
-#     not (dry_run | ansible.builtin.bool)
-
 - name: Deploy "{{ config_object }}" on "{{ inventory_hostname }}" [CHECK ONLY][NOKIA]
   # ansible.netcommon.netconf_config:
   geant.gap_ansible.nokia_netconf_config:
@@ -39,12 +42,23 @@
     content: "{{ lookup('ansible.builtin.template', '{{ local_side.iptrunk_side_node.vendor }}/{{ config_object }}.j2') }}"
     commit: true
   diff: true
+  register: output
   check_mode: true
   when: >
     verb == "deploy" and
     ( dry_run | ansible.builtin.bool ) is true and
     local_side.iptrunk_side_node.vendor == "nokia"
 
+- name: Fail if there is any diff
+  ansible.builtin.fail:
+    msg: Trunk config drift detected!!!
+  when: >
+    output.changed | ansible.builtin.bool
+    and
+    is_verification_workflow | ansible.builtin.bool
+    and
+    local_side.iptrunk_side_node.vendor == "nokia"
+
 - name: Deploy "{{ config_object }}"on "{{ inventory_hostname }}" [AND COMMIT][NOKIA]
   # ansible.netcommon.netconf_config:
   geant.gap_ansible.nokia_netconf_config:
-- 
GitLab