Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cloudwatch_metric_alarm - Changes to alarms always report 'changed' due to dimensions #1750

Closed
1 task done
jmisset-cb opened this issue Sep 8, 2023 · 3 comments · Fixed by #1865
Closed
1 task done

cloudwatch_metric_alarm - Changes to alarms always report 'changed' due to dimensions #1750

jmisset-cb opened this issue Sep 8, 2023 · 3 comments · Fixed by #1865
Labels
needs_verified Some one might want to take a look at this and reproduce it to confirm

Comments

@jmisset-cb
Copy link
Contributor

jmisset-cb commented Sep 8, 2023
edited
Loading

Summary

When running CloudWatch metric alarm playbooks, existing alarms without dimensions report 'changed' even when no changes have been made to the alarm settings/props.

After debugging the cloudwatch_metric_alarm module code, looks like there is an issue with the Dimensions field.

If the alarm does not contain dimenions, it returns "Dimensions": [] to the module.
If dimensions is not present in the task, it is absent from the parameters. This causes the comparison in the module to return Changed.

Issue Type

Bug Report

Component Name

cloudwatch_metric_alarm

Ansible Version

ansible [core 2.15.0]
  config file = /home/jmisset/git/ca-host-config/ansible.cfg
  configured module search path = ['/home/jmisset/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /home/jmisset/git/ca-host-config/.venv/lib/python3.10/site-packages/ansible
  ansible collection location = /home/jmisset/git/ca-host-config/.venv/lib/python3.10/site-packages
  executable location = /home/jmisset/git/ca-host-config/.venv/bin/ansible
  python version = 3.10.12 (main, Jun 11 2023, 05:26:28) [GCC 11.4.0] (/home/jmisset/git/ca-host-config/.venv/bin/python)
  jinja version = 3.1.2
  libyaml = True

Collection Versions

# /home/jmisset/git/ca-host-config/.venv/lib/python3.10/site-packages/ansible_collections
Collection                    Version
----------------------------- -------
amazon.aws                    6.4.0  
ansible.netcommon             5.1.1  
ansible.posix                 1.5.4  
ansible.utils                 2.10.3 
ansible.windows               1.14.0 
arista.eos                    6.0.1  
awx.awx                       22.2.0 
azure.azcollection            1.15.0 
check_point.mgmt              5.0.0  
chocolatey.chocolatey         1.4.0  
cisco.aci                     2.6.0  
cisco.asa                     4.0.0  
cisco.dnac                    6.7.2  
cisco.intersight              1.0.27 
cisco.ios                     4.5.0  
cisco.iosxr                   5.0.2  
cisco.ise                     2.5.12 
cisco.meraki                  2.15.1 
cisco.mso                     2.4.0  
cisco.nso                     1.0.3  
cisco.nxos                    4.3.0  
cisco.ucs                     1.8.0  
cloud.common                  2.1.3  
cloudscale_ch.cloud           2.2.4  
community.aws                 6.3.0  
community.azure               2.0.0  
community.ciscosmb            1.0.5  
community.crypto              2.15.1 
community.digitalocean        1.23.0 
community.dns                 2.5.4  
community.docker              3.4.6  
community.fortios             1.0.0  
community.general             7.3.0  
community.google              1.0.0  
community.grafana             1.5.4  
community.hashi_vault         5.0.0  
community.hrobot              1.8.0  
community.libvirt             1.2.0  
community.mongodb             1.5.2  
community.mysql               3.7.1  
community.network             5.0.0  
community.okd                 2.3.0  
community.postgresql          2.4.1  
community.proxysql            1.5.1  
community.rabbitmq            1.2.3  
community.routeros            2.8.0  
community.sap                 1.0.0  
community.sap_libs            1.4.1  
community.skydive             1.0.0  
community.sops                1.6.1  
community.vmware              3.6.0  
community.windows             1.13.0 
community.zabbix              2.0.0  
containers.podman             1.10.1 
cyberark.conjur               1.2.0  
cyberark.pas                  1.0.19 
dellemc.enterprise_sonic      2.0.0  
dellemc.openmanage            7.5.0  
dellemc.powerflex             1.6.0  
dellemc.unity                 1.6.0  
devsec.hardening              8.7.0  
f5networks.f5_modules         1.24.0 
fortinet.fortimanager         2.1.7  
fortinet.fortios              2.2.3  
frr.frr                       2.0.2  
gluster.gluster               1.0.2  
google.cloud                  1.1.3  
grafana.grafana               2.0.0  
hetzner.hcloud                1.11.0 
hpe.nimble                    1.1.4  
ibm.qradar                    2.1.0  
ibm.spectrum_virtualize       1.12.0 
infinidat.infinibox           1.3.12 
infoblox.nios_modules         1.5.0  
inspur.ispim                  1.3.0  
inspur.sm                     2.3.0  
junipernetworks.junos         5.1.0  
kubernetes.core               2.4.0  
lowlydba.sqlserver            2.0.0  
microsoft.ad                  1.1.0  
netapp.aws                    21.7.0 
netapp.azure                  21.10.0
netapp.cloudmanager           21.22.0
netapp.elementsw              21.7.0 
netapp.ontap                  22.6.0 
netapp.storagegrid            21.11.1
netapp.um_info                21.8.0 
netapp_eseries.santricity     1.4.0  
netbox.netbox                 3.13.0 
ngine_io.cloudstack           2.3.0  
ngine_io.exoscale             1.0.0  
ngine_io.vultr                1.1.3  
openstack.cloud               2.1.0  
openvswitch.openvswitch       2.1.1  
ovirt.ovirt                   3.1.2  
purestorage.flasharray        1.18.0 
purestorage.flashblade        1.11.0 
purestorage.fusion            1.4.2  
sensu.sensu_go                1.13.2 
servicenow.servicenow         1.0.6  
splunk.es                     2.1.0  
t_systems_mms.icinga_director 1.32.2 
theforeman.foreman            3.10.0 
vmware.vmware_rest            2.3.1  
vultr.cloud                   1.7.1  
vyos.vyos                     4.0.2  
wti.remote                    1.0.4

AWS SDK versions

WARNING: Package(s) not found: boto
Name: boto3
Version: 1.28.43
Summary: The AWS SDK for Python
Home-page: https://github.com/boto/boto3
Author: Amazon Web Services
Author-email: 
License: Apache License 2.0
Location: /home/jmisset/git/ca-host-config/.venv/lib/python3.10/site-packages
Requires: botocore, jmespath, s3transfer
Required-by: 
---
Name: botocore
Version: 1.31.43
Summary: Low-level, data-driven core of boto 3.
Home-page: https://github.com/boto/botocore
Author: Amazon Web Services
Author-email: 
License: Apache License 2.0
Location: /home/jmisset/git/ca-host-config/.venv/lib/python3.10/site-packages
Requires: jmespath, python-dateutil, urllib3
Required-by: boto3, s3transfer

Configuration

ANSIBLE_PIPELINING(/home/jmisset/git/ca-host-config/ansible.cfg) = True
COLLECTIONS_PATHS(/home/jmisset/git/ca-host-config/ansible.cfg) = ['/home/jmisset/git/ca-host-config/.venv/lib/python3.10/site-packages']
CONFIG_FILE() = /home/jmisset/git/ca-host-config/ansible.cfg
DEFAULT_FORKS(/home/jmisset/git/ca-host-config/ansible.cfg) = 16
DEFAULT_ROLES_PATH(/home/jmisset/git/ca-host-config/ansible.cfg) = ['/home/jmisset/git/ca-host-config/.ansible']
DEFAULT_VAULT_PASSWORD_FILE(/home/jmisset/git/ca-host-config/ansible.cfg) = /home/jmisset/git/ca-host-config/vaultfile

OS / Environment

No response

Steps to Reproduce

---
- name: Create test alarm
  hosts: localhost
  become: false
  gather_facts: false
  connection: local
  tasks:
    - name: Create test alarm
      amazon.aws.cloudwatch_metric_alarm:
        profile: default
        state: present
        region: "eu-central-1"
        name: "test-alarm-always-changed"
        metric: "abcd"
        namespace: "LogMetrics"
        statistic: Sum
        comparison: GreaterThanOrEqualToThreshold
        threshold: "1"
        period: 300
        evaluation_periods: 3
        unit: "Count"
        description: "This alarm is always changed in ansible if dimensions is absent."
        # dimensions:
        #   InstanceId: i-0ab0ffee41dcf8a52
        alarm_actions: []
        ok_actions: []
        treat_missing_data: notBreaching

If you uncomment the dimensions and the key/value pair it contains, and run it more than once, it does not return Changed.

Expected Results

After the initial run of above playbook, future runs should report no changes (changed=0) unless settings/props are modified.

Actual Results

After initial playbook run, future playbook runs always report that changes are necessary and makes AWS call to create alarm again.

Code of Conduct

  • I agree to follow the Ansible Code of Conduct
@gravesm gravesm added needs_verified Some one might want to take a look at this and reproduce it to confirm and removed needs_triage labels Sep 12, 2023
@KamilBlaz
Copy link

Hello, can I take this issue and open PR if necessary?

@gravesm
Copy link
Member

gravesm commented Sep 29, 2023

@KamilBlaz yes, thank you for volunteering to help!

abikouo added a commit to abikouo/amazon.aws that referenced this issue Oct 24, 2023
@abikouo
automatically update variables (ansible-collections#1750)
7829c60
@jmisset-cb
Copy link
Contributor Author

Hi @KamilBlaz, is this something you are still planning on picking up?
I'm asking because I have also looked into this issue and found a possible solution.

@jmisset-cb jmisset-cb mentioned this issue Nov 18, 2023
Merged
patchback bot pushed a commit that referenced this issue Aug 28, 2024
@jmisset-cb @patchback
cloudwatch_metric_alarm: fix idempotency for alarm without dimensions (
43a84ac 
…#1865)

SUMMARY
A metric alarm in Cloudwatch can optionally have Dimensions. When a metric alarm in Cloudwatch does not have any dimensions, it returns: "Dimensions": [] when queried via boto3.
When configuring a metric alarm without Dimensions in Cloudwatch using the cloudwatch_metric_alarm plugin, Dimensions must be absent from the parameters.
Because "Dimensions": [] does not match Dimensions: None, the result is always Changed.
This Pull Request fixes this by setting Dimensions from the returned alarm parameters to None when the field is empty.
Fixes #1750
ISSUE TYPE

Bugfix Pull Request

COMPONENT NAME
cloudwatch_metric_alarm
ADDITIONAL INFORMATION

Reviewed-by: GomathiselviS
Reviewed-by: Jasper Misset
Reviewed-by: Alina Buzachis
Reviewed-by: Mark Chappell
(cherry picked from commit dc574ca)
@patchback patchback bot mentioned this issue Aug 28, 2024
Merged
softwarefactory-project-zuul bot pushed a commit that referenced this issue Aug 28, 2024
@patchback
cloudwatch_metric_alarm: fix idempotency for alarm without dimensions (
268de3b 
…#1865) (#2256)

This is a backport of PR #1865 as merged into main (dc574ca).
SUMMARY
A metric alarm in Cloudwatch can optionally have Dimensions. When a metric alarm in Cloudwatch does not have any dimensions, it returns: "Dimensions": [] when queried via boto3.
When configuring a metric alarm without Dimensions in Cloudwatch using the cloudwatch_metric_alarm plugin, Dimensions must be absent from the parameters.
Because "Dimensions": [] does not match Dimensions: None, the result is always Changed.
This Pull Request fixes this by setting Dimensions from the returned alarm parameters to None when the field is empty.
Fixes #1750
ISSUE TYPE

Bugfix Pull Request

COMPONENT NAME
cloudwatch_metric_alarm
ADDITIONAL INFORMATION

Reviewed-by: Mark Chappell
braydencw1 pushed a commit to braydencw1/amazon.aws that referenced this issue Aug 29, 2024
@jmisset-cb @braydencw1
cloudwatch_metric_alarm: fix idempotency for alarm without dimensions (
7aae9e7 
…ansible-collections#1865)

SUMMARY
A metric alarm in Cloudwatch can optionally have Dimensions. When a metric alarm in Cloudwatch does not have any dimensions, it returns: "Dimensions": [] when queried via boto3.
When configuring a metric alarm without Dimensions in Cloudwatch using the cloudwatch_metric_alarm plugin, Dimensions must be absent from the parameters.
Because "Dimensions": [] does not match Dimensions: None, the result is always Changed.
This Pull Request fixes this by setting Dimensions from the returned alarm parameters to None when the field is empty.
Fixes ansible-collections#1750
ISSUE TYPE

Bugfix Pull Request

COMPONENT NAME
cloudwatch_metric_alarm
ADDITIONAL INFORMATION

Reviewed-by: GomathiselviS
Reviewed-by: Jasper Misset
Reviewed-by: Alina Buzachis
Reviewed-by: Mark Chappell
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
needs_verified Some one might want to take a look at this and reproduce it to confirm
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

cloudwatch_metric_alarm: fix idempotency for alarm without dimensions jmisset-cb/amazon.aws
3 participants
@gravesm @KamilBlaz @jmisset-cb