Add ACL manage module for Routing Policies#266
Draft
skaszlik wants to merge 2 commits intoCiscoDevNet:developfrom
Draft
Add ACL manage module for Routing Policies#266skaszlik wants to merge 2 commits intoCiscoDevNet:developfrom
skaszlik wants to merge 2 commits intoCiscoDevNet:developfrom
Conversation
…ists (ACLs) - Implemented the nd_acl module to manage ACLs on Cisco Nexus Dashboard, supporting create, update, delete, and query operations for both IPv4 and IPv6 ACLs. - Added comprehensive integration tests for the nd_acl module, ensuring functionality for creating, merging, replacing, and deleting ACLs, along with idempotency checks. - Included version checks to ensure compatibility with ND 4.1 or later.
- Added new endpoints for managing Access Control Lists (ACLs) in the ND Manage API, including GET, POST, PUT, and DELETE operations. - Introduced AclModel for ACL configuration, supporting serialization and validation. - Created ManageAclOrchestrator to handle ACL operations, including state management and input validation. - Updated integration tests to reflect changes in ACL management. - Modified inventory configuration for testing with specific credentials and host details.
allenrobel
requested changes
May 1, 2026
Collaborator
allenrobel
left a comment
allenrobel
left a comment
There was a problem hiding this comment.
Good work Sławomir! Just a few comments, please:
- Replace legacy annotations with modern equivalents
- Remove
__metaclass__ = typewhere present - Remove
from __future__ import absolute_import, annotations, division, print_functionand for files that need it, replace withfrom __future__ import annotations - Add return type annotations to all methods that lack them
| (DELETE /api/v1/manage/fabrics/{fabricName}/accessControlLists/{aclName}) | ||
| """ | ||
|
|
||
| from __future__ import absolute_import, annotations, division, print_function |
Collaborator
There was a problem hiding this comment.
No longer needed. Please remove.
Instead replace with the following so that modern annotations are accepted:
from __future__ import annotationsComment applies to all files introduced in this PR.
|
|
||
| from __future__ import absolute_import, annotations, division, print_function | ||
|
|
||
| from typing import ClassVar, Literal, Optional |
Collaborator
There was a problem hiding this comment.
Remove Optional i.e.:
from typing import ClassVar, LiteralWe should be using modern annotations throughout i.e.:
Dict->dictList->listSet->setOptional->str | None(for example)Union->str | int(for example)
Please replace all legacy annotions (if any) with the above across all files commited in this PR.
| Item-level endpoints also require an acl_name path parameter. | ||
| """ | ||
|
|
||
| acl_name: Optional[str] = Field(default=None, description="ACL name") |
Collaborator
There was a problem hiding this comment.
Should be:
acl_name: str | None = Field(default=None, description="ACL name")|
|
||
| acl_name: Optional[str] = Field(default=None, description="ACL name") | ||
|
|
||
| def set_identifiers(self, identifier: IdentifierKey = None): |
Collaborator
There was a problem hiding this comment.
If a method has no return value signal that with an annotation.
def set_identifiers(self, identifier: IdentifierKey = None) -> None:Comment applies to all methods.
|
|
||
| from __future__ import absolute_import, division, print_function | ||
|
|
||
| __metaclass__ = type |
Collaborator
There was a problem hiding this comment.
__metaclass__ = type is no longer needed. Remove.
Same comment applies to all files in this PR where this is present.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
New module to support Routing Policies - available in ND 4.1 and above.
Example playbook:
Related Issue(s)
#240
Proposed Changes
New module cisco.nd.nd_acl
Test Notes
All test phases passed:
[OK] Merged state - create, merge, check mode
[OK] Replaced state - replace, check mode
[OK] Query state - all, specific, missing ACL
[OK] Deleted state - specific, bulk, check mode
Cisco Nexus Dashboard Version
ND4.2
Related ND API Resource Category
Checklist