Description of problem: It's not possible to unset GPG keys and/or sync plans when I use the theforeman.foreman.product module (and it's the same with the satellite modules as well. I have the following product defined as a variable: product_list: - name: test_product label: prod_test_product description: "Test Product" gpg_key: MyCustomGPG sync_play: Daily I have a task in a playbook defined as follows: - name: Manage Satellite products theforeman.foreman.product: username: "{{ rhs_satellite_admin }}" password: "{{ rhs_satellite_admin_password }}" server_url: "{{ rhs_satellite_server_url }}" organization: "{{ rhs_org }}" validate_certs: "{{ rhs_validate_certs }}" gpg_key: "{{ item.gpg_key | default(omit) }}" name: "{{ item.product_name }}" label: "{{ item.label | default (omit) }}" description: "{{ item.description | default(omit) }}" sync_plan: "{{ item.sync_plan | default(omit) }}" ssl_ca_cert: "{{ item.ssl_ca_cert | default(omit) }}" ssl_client_cert: "{{ item.ssl_client_cert | default(omit) }}" ssl_client_key: "{{ item.ssl_client_key | default(omit) }}" state: "{{ item.state | default('present_with_defaults') }}" loop: "{{ product_list }}" Provided that the GPG Key and/or the sync plan we define in the variable exist, the task will be completed successfully. Now, if for any reason I want to modify the product and disassociate the defined GPG key, or the sync plan, I change the variable as follows: product_list: - name: test_product label: prod_test_product description: "Test Product" gpg_key: "" sync_play: "" Now when I run the playbook, the specific task fails with the following error: ----- msg: 'Error while performing update on products: gpg_key_id can''t be None' ----- How reproducible: Always Steps to Reproduce: 1. Create a new playbook with a single task as above 2. Define the variable as above 3. Run the playbook against a Satellite/Katello server Actual results: Error Expected results: Product is updated and the sync plan/GPG key is disassociated. Additional info: I don't know if the the SSL options have the same issue, but it is quite possible. I haven't tested them.
Moving over to "Repositories" component, as that's the one responsible for the "Products" model and API. The API doc for the products update call looks like this (abbreviated): { "doc_url": "/apidoc/v2/products/update", "name": "update", "apis": [ { "api_url": "/katello/api/products/:id", "http_method": "PUT", "short_description": "Updates a product", "deprecated": null } ], "formats": null, "full_description": "", "errors": [], "params": [ … { "name": "gpg_key_id", "full_name": "gpg_key_id", "description": "\n<p>Identifier of the GPG key</p>\n", "required": false, "allow_nil": false, "allow_blank": false, "validator": "Must be a number.", "expected_type": "numeric", "metadata": null, "show": true, "validations": [], "deprecated": false }, { "name": "ssl_ca_cert_id", "full_name": "ssl_ca_cert_id", "description": "\n<p>Idenifier of the SSL CA Cert</p>\n", "required": false, "allow_nil": false, "allow_blank": false, "validator": "Must be a number.", "expected_type": "numeric", "metadata": null, "show": true, "validations": [], "deprecated": false }, { "name": "ssl_client_cert_id", "full_name": "ssl_client_cert_id", "description": "\n<p>Identifier of the SSL Client Cert</p>\n", "required": false, "allow_nil": false, "allow_blank": false, "validator": "Must be a number.", "expected_type": "numeric", "metadata": null, "show": true, "validations": [], "deprecated": false }, { "name": "ssl_client_key_id", "full_name": "ssl_client_key_id", "description": "\n<p>Identifier of the SSL Client Key</p>\n", "required": false, "allow_nil": false, "allow_blank": false, "validator": "Must be a number.", "expected_type": "numeric", "metadata": null, "show": true, "validations": [], "deprecated": false }, … because of the `allow_nil: false`, compliant API clients (like the Ansible Collection) refuse to unset the parameter once set.
Created redmine issue https://projects.theforeman.org/issues/36497 from this bug
Upstream bug assigned to egolov
Moving this bug to POST for triage into Satellite since the upstream issue https://projects.theforeman.org/issues/36497 has been resolved.