fix: validation to work with inventory in different directory than playbook

[lumean]

Related Issue(s)

Fixes #678

Related Collection Role

• cisco.nac_dc_vxlan.validate
• cisco.nac_dc_vxlan.dtc.create
• cisco.nac_dc_vxlan.dtc.deploy
• cisco.nac_dc_vxlan.dtc.remove
• other

Related Data Model Element

• vxlan.fabric
• vxlan.global
• vxlan.topology
• vxlan.underlay
• vxlan.overlay
• vxlan.overlay_extensions
• vxlan.policy
• vxlan.multisite
• defaults.vxlan
• other

Proposed Changes

Make the data folder lookup relative to the inventory_dir rather than the playbook_dir.
This enables using the same playbook with multiple inventories / fabrics (e.g. when using with vxlan multi-site we have at least 3 inventories - site1, site2 and msite)

Test Notes

Cisco Nexus Dashboard Version

Tested against ND 4.1.1g

Checklist

• Latest commit is rebased from develop with merge conflicts resolved
• New or updates to documentation has been made accordingly
• Assigned the proper reviewers

[dacasti2mx]

Peer Review: PR #679 — Fix validation with separate inventory directory

• PR: fix: validation to work with inventory in different directory than playbook #679
• Issue: Model Validation fails when ansible inventory dir is not equal playbook dir #678
• Date: 2026-03-24
• Branch: test/issue-678 (lab_repo)
• Collection tested: cisco.nac_dc_vxlan @ commit babf6d3 (pr-679)
• Base collection: cisco.nac_dc_vxlan @ commit 791b61e (develop, Release 0.7.1 Prep (#746))

Bug Summary

When the Ansible inventory directory is in a different path than the playbook directory, the validate role fails because it constructs the data model path using playbook_dir instead of inventory_dir.

Error message:

fatal: [FAB1 -> localhost]: FAILED! => {"changed": false, "msg": "The data directory
(/Users/dacasti2/Documents/NAC_contri/homelab_repo/bug678_case/host_vars/FAB1)
for this fabric does not appear to exist!"}

Fix

File: roles/validate/tasks/sub_main.yml — 2 lines changed (lines 72 and 82):

# Before:
data_path: "{{ playbook_dir }}/host_vars/{{ inventory_hostname }}"

# After:
data_path: "{{ inventory_dir }}/host_vars/{{ inventory_hostname }}"

No other production code paths use playbook_dir for host_vars resolution. The remaining playbook_dir references (40+) are in tests/integration/ and are scoped to test-only layouts.

Reproduction Setup

Isolated directory separating playbook from inventory:

bug678_case/
├── vxlan.yaml                          ← playbook_dir (no host_vars/ here)
└── fab1_inventory/
    ├── inventory.yaml                  ← inventory_dir (host_vars/ lives here)
    ├── group_vars/ndfc/
    └── host_vars/
        ├── FAB1/   (VXLAN_EVPN, 13 data model files)
        └── L3_WAN/ (External, 4 data model files)

Path resolution:

• playbook_dir = bug678_case/ — does not contain host_vars/
• inventory_dir = bug678_case/fab1_inventory/ — contains host_vars/

Command pattern:

ansible-playbook bug678_case/vxlan.yaml \
  -i bug678_case/fab1_inventory/inventory.yaml \
  --limit <FABRIC> --tags <role_tag>

Test Results

Phase 1: Baseline without fix (collection @ develop)

Fabric	Tag	Result	Detail
FAB1	role_create	FAIL	data directory ... does not appear to exist

This confirms the bug is reproducible. The validate role looks for bug678_case/host_vars/FAB1, which does not exist.

Phase 2: Single-fabric validation with fix (collection @ pr-679)

Fabric	Tag	Result	Detail
FAB1	role_create	PASS	ok=255 changed=34 failed=0
FAB1	role_deploy	PASS	Full deployment to NDFC
FAB1	role_remove	PASS	Clean removal

Phase 3: Multi-fabric validation with fix (collection @ pr-679)

Deploy order: L3_WAN first, then FAB1 (per NDFC best practice).

Step	Fabric	Type	Tag	Result
1	L3_WAN	External	role_create	PASS
2	L3_WAN	External	role_deploy	PASS
3	L3_WAN	External	role_remove	PASS
4	FAB1	VXLAN_EVPN	role_create	PASS
5	FAB1	VXLAN_EVPN	role_deploy	PASS
6	FAB1	VXLAN_EVPN	role_remove	PASS

Additional Validation Notes

create, deploy, and remove all exercise validate because those roles depend on cisco.nac_dc_vxlan.validate through role dependencies. Running the full workflow therefore verifies the fix not only in isolation, but also in the normal end-to-end execution path.

Conclusion

• PR fix: validation to work with inventory in different directory than playbook #679 fixes issue Model Validation fails when ansible inventory dir is not equal playbook dir #678: confirmed through direct attribution (baseline fail → PR pass).
• No regressions detected in the tested scenarios: create, deploy, and remove passed for both tested fabric types (VXLAN_EVPN and External) using a separated inventory layout.
• Fix scope is complete for the reported bug: the two modified lines are the current production call sites that build data_path for validation.
• Fix is minimal and correct: it changes only playbook_dir → inventory_dir where service model files are loaded, without affecting unrelated path handling.

Environment

• NDFC: 4.11g cluster
• Ansible: 2.16.3
• Python: 3.14.0
• cisco.dcnm: 3.11.0
• cisco.nac_dc_vxlan: 0.7.1-dev (develop + PR fix: validation to work with inventory in different directory than playbook #679)

[dacasti2mx]

LGTM