datacenter
diff --git a/‎aci-preupgrade-validation-script.py‎
Lines changed: 33 additions & 4 deletions b/‎aci-preupgrade-validation-script.py‎
Lines changed: 33 additions & 4 deletions
diff --git a/‎docs/docs/validations.md‎
Lines changed: 31 additions & 8 deletions b/‎docs/docs/validations.md‎
Lines changed: 31 additions & 8 deletions
diff --git a/‎tests/checks/apic_disk_space_faults_check/Fault_combination.json‎
Lines changed: 92 additions & 0 deletions b/‎tests/checks/apic_disk_space_faults_check/Fault_combination.json‎
Lines changed: 92 additions & 0 deletions
diff --git a/‎tests/checks/apic_disk_space_faults_check/Fault_exists_not_raised.json‎
Lines changed: 91 additions & 0 deletions b/‎tests/checks/apic_disk_space_faults_check/Fault_exists_not_raised.json‎
Lines changed: 91 additions & 0 deletions
@@ -2991,25 +2991,29 @@ def apic_disk_space_faults_check(cversion, **kwargs):
     doc_url = "https://datacenter.github.io/ACI-Pre-Upgrade-Validation-Script/validations/#apic-disk-space-usage"
     recommended_action = {
         '/firmware': 'Remove unneeded images',
-        '/techsupport': 'Remove unneeded techsupports/cores'
+        '/techsupport': 'Remove unneeded techsupports/cores',
+        '/data/log': 'Remove unneeded logs in var/log/dme/log'
     }
     default_action = 'Contact Cisco TAC.'
     if cversion.same_as('4.0(1h)') or cversion.older_than('3.2(6i)'):
         default_action += ' A typical issue is CSCvn13119.'
 
     dn_regex = node_regex + r'/.+p-\[(?P<mountpoint>.+)\]-f'
-    desc_regex = r'is (?P<usage>\d{2}%) full'
+    desc_regex = r'is (?P<usage>\d{2,3}%) full'
 
     faultInsts = icurl('class',
                        'faultInst.json?query-target-filter=or(eq(faultInst.code,"F1527"),eq(faultInst.code,"F1528"),eq(faultInst.code,"F1529"))')
     for faultInst in faultInsts:
+        lc = faultInst['faultInst']['attributes']['lc']
+        if lc not in ["raised", "soaking"]:
+            continue
         fc = faultInst['faultInst']['attributes']['code']
         dn = re.search(dn_regex, faultInst['faultInst']['attributes']['dn'])
         desc = re.search(desc_regex, faultInst['faultInst']['attributes']['descr'])
         if dn and desc:
             data.append([fc, dn.group('pod'), dn.group('node'), dn.group('mountpoint'),
-                         desc.group('usage'),
-                         recommended_action.get(dn.group('mountpoint'), default_action)])
+                        desc.group('usage'),
+                        recommended_action.get(dn.group('mountpoint'), default_action)])
         else:
             unformatted_data.append([fc, faultInst['faultInst']['attributes']['dn'], default_action])
     if not data and not unformatted_data:
@@ -6026,6 +6030,30 @@ def apic_downgrade_compat_warning_check(cversion, tversion, **kwargs):
     return Result(result=result, headers=headers, data=data, recommended_action=recommended_action, doc_url=doc_url)
 
 
+@check_wrapper(check_title='Auto Firmware Update on Switch Discovery')
+def auto_firmware_update_on_switch_check(cversion, tversion, **kwargs):
+    result = PASS
+    headers = ["Auto Firmware Update Status", "Default Firmware Version", "Upgrade Target Version"]
+    data = []
+    recommended_action = 'Disable Auto Firmware Update before the upgrade as a precaution. See the reference doc for details.'
+    doc_url = 'https://datacenter.github.io/ACI-Pre-Upgrade-Validation-Script/validations/#auto-firmware-update-on-switch-discovery'
+
+    if not tversion or not cversion:
+        return Result(result=MANUAL, msg=TVER_MISSING)
+
+    if tversion.older_than("6.0(3a)") or (
+        cversion.newer_than("6.0(3a)") or (cversion.major1 == "5" and cversion.newer_than("5.2(8a)"))
+    ):
+        return Result(result=NA, msg=VER_NOT_AFFECTED)
+
+    fwrepop = icurl("mo", "uni/fabric/fwrepop.json")
+    if fwrepop and fwrepop[0]["firmwareRepoP"]["attributes"]["enforceBootscriptVersionValidation"] == "yes":
+        data.append(["Enabled", fwrepop[0]["firmwareRepoP"]["attributes"]["defaultSwitchVersion"], str(tversion)])
+        result = MANUAL
+
+    return Result(result=result, headers=headers, data=data, recommended_action=recommended_action, doc_url=doc_url)
+
+
 @check_wrapper(check_title="Inband Management Policy Misconfiguration")
 def inband_management_policy_misconfig_check(cversion, tversion, **kwargs):
 
@@ -6217,6 +6245,7 @@ class CheckManager:
         standby_sup_sync_check,
         isis_database_byte_check,
         configpush_shard_check,
+        auto_firmware_update_on_switch_check,
         inband_management_policy_misconfig_check,
 
     ]
 
@@ -192,8 +192,9 @@ Items                                           | Defect       | This Script
 [Observer Database Size][d25]                   | CSCvw45531   | :white_check_mark: | :no_entry_sign:
 [Stale pconsRA Object][d26]                     | CSCwp22212   | :warning:{title="Deprecated"} | :no_entry_sign:
 [ISIS DTEPs Byte Size][d27]                     | CSCwp15375   | :white_check_mark: | :no_entry_sign:
-[Policydist configpushShardCont Crash][d28]     | CSCwp95515   | :white_check_mark: | 
-[Inband Management Policy Misconfiguration][d29]| CSCwd40071   | :white_check_mark: | :no_entry_sign:
+[Policydist configpushShardCont Crash][d28]     | CSCwp95515   | :white_check_mark: | :no_entry_sign:
+[Auto Firmware Update on Switch Discovery][d29] | CSCwe83941   | :white_check_mark: | :no_entry_sign:
+[Inband Management Policy Misconfiguration][d30]| CSCwd40071   | :white_check_mark: | :no_entry_sign:
 
 [d1]: #ep-announce-compatibility
 [d2]: #eventmgr-db-size-defect-susceptibility
@@ -223,7 +224,8 @@ Items                                           | Defect       | This Script
 [d26]: #stale-pconsra-object
 [d27]: #isis-dteps-byte-size
 [d28]: #policydist-configpushshardcont-crash
-[d29]: #inband-management-policy-misconfiguration
+[d29]: #auto-firmware-update-on-switch-discovery
+[d30]: #inband-management-policy-misconfiguration
 
 
 ## General Check Details
@@ -2649,16 +2651,35 @@ Due to [CSCwp95515][59], upgrading to an affected version while having any `conf
 
 If any instances of `configpushShardCont` are flagged by this script, Cisco TAC must be contacted to identify and resolve the underlying issue before performing the upgrade.
 
+### Auto Firmware Update on Switch Discovery
+
+[Auto Firmware Update on Switch Discovery][63] automatically upgrades a new switch to the target firmware version before registering it to the ACI fabric. This feature activates in three scenarios:
+
+* when adding a new switch to expand the fabric
+* when replacing an existing switch
+* when initializing and rediscovering an existing switch
+
+It does not activate during regular upgrades initiated through the APIC.
+
+Due to [CSCwe83941][62], if a new switch is running 6.0(1), 6.0(2) or any version older than 5.2(8), attempting to upgrade it to 6.0(3)+ using Auto Firmware Update will fail. The switch will become unusable until a manual recovery procedure is performed directly on the device.
+
+While this issue does not occur during standard upgrades, it is important to be aware of the risk when your target version is 6.0(3) or newer and the switch is running 6.0(1), 6.0(2), or a version older than 5.2(8). Auto Firmware Update may get triggered and hit this issue during switch replacement in an upgrade window or if you need to re-initialize a switch after a failed upgrade.
+
+To avoid this risk, consider disabling Auto Firmware Update before upgrading to 6.0(3)+ if any switches are running the affected older versions. In the future, ensure that any new switch is running a compatible version before re-enabling Auto Firmware Update and registering it to the fabric.
+
+!!! note
+    This issue occurs because older switch firmware versions are not compatible with switch images 6.0(3) or newer. The APIC version is not a factor.
+
 
 ### Inband Management Policy Misconfiguration
 
 RCA:
 
-Due to the defect [CSCwh80837][62], starting from version 6.0(4c), an implicit deletion of `fvRsCustQosPol` was introduced under InBand EPG as QoS configuration is not applicable to management inband EPG and it was raising an invalid fault under it. This implicit deletion triggers a re-processing and pushes updates to `fvInBEpP` (Inband Endpoint Profile) on leaf nodes where the inband management policy is deployed.
+Due to the defect [CSCwh80837][64], starting from version 6.0(4c), an implicit deletion of `fvRsCustQosPol` was introduced under InBand EPG as QoS configuration is not applicable to management inband EPG and it was raising an invalid fault under it. This implicit deletion triggers a re-processing and pushes updates to `fvInBEpP` (Inband Endpoint Profile) on leaf nodes where the inband management policy is deployed.
 
 Impact:
 
-When upgrading from versions prior to 6.0(4c) to versions 6.0(4c) or later, if there is a misconfiguration in the inband management policies (`mgmtRsInBStNode`) with invalid values, the re-processing triggered by [CSCwh80837][62] will expose the underlying [CSCwd40071][63] defect. This results in continuous policyelem core dumps and switch reboot when attempting to add any access policies configuration to a leaf switch (such as VLANs tied to leaf profiles via physical domain, AAEP, interface policy group, or port selector).
+When upgrading from versions prior to 6.0(4c) to versions 6.0(4c) or later, if there is a misconfiguration in the inband management policies (`mgmtRsInBStNode`) with invalid values, the re-processing triggered by [CSCwh80837][64] will expose the underlying [CSCwd40071][65] defect. This results in continuous policyelem core dumps and switch reboot when attempting to add any access policies configuration to a leaf switch (such as VLANs tied to leaf profiles via physical domain, AAEP, interface policy group, or port selector).
 
 The invalid configuration occurs when `mgmtRsInBStNode` has "0.0.0.0" values (with no mask) for either the "addr" or "gw" fields.
 
@@ -2667,7 +2688,7 @@ Suggestion:
 This check identifies misconfigured `mgmtRsInBStNode` objects where either "addr" or "gw" attributes are set to "0.0.0.0" when the upgrade crosses the 6.0(4c) release boundary. Contact Cisco TAC to remove any identified misconfigured objects before performing the upgrade to prevent policyelem crashes.
 
 !!! note
-    The [CSCwd40071][63] defect affects versions 5.2(5c) and later, with a fix available in 6.0(1g). However, the issue will only be triggered during upgrades crossing 6.0(4c) due to [CSCwh80837][62].
+    The [CSCwd40071][65] defect affects versions 5.2(5c) and later, with a fix available in 6.0(1g). However, the issue will only be triggered during upgrades crossing 6.0(4c) due to [CSCwh80837][64].
 
 
 [0]: https://github.com/datacenter/ACI-Pre-Upgrade-Validation-Script
@@ -2732,5 +2753,7 @@ This check identifies misconfigured `mgmtRsInBStNode` objects where either "addr
 [59]: https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwp95515
 [60]: https://www.cisco.com/c/en/us/solutions/collateral/data-center-virtualization/application-centric-infrastructure/white-paper-c11-743951.html#Inter
 [61]: https://www.cisco.com/c/en/us/solutions/collateral/data-center-virtualization/application-centric-infrastructure/white-paper-c11-743951.html#EnablePolicyCompression
-[62]: https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwh80837
-[63]: https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwd40071
+[62]: https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwe83941
+[63]: https://www.cisco.com/c/en/us/td/docs/dcn/aci/apic/all/apic-installation-aci-upgrade-downgrade/Cisco-APIC-Installation-ACI-Upgrade-Downgrade-Guide/m-auto-firmware-update.html
+[64]: https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwh80837
+[65]: https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwd40071
@@ -0,0 +1,92 @@
+[
+        {
+            "faultInst": {
+                "attributes": {
+                    "ack": "no",
+                    "alert": "no",
+                    "cause": "equipment-full",
+                    "changeSet": "available (Old: 1501496, New: 240908), capUtilized (Old: 29, New: 89), inodesFree (Old: 12148991, New: 12148990), inodesUsed (Old: 721, New: 722), used (Old: 595656, New: 1856244)",
+                    "childAction": "",
+                    "code": "F1529",
+                    "created": "2026-01-12T06:44:26.382+00:00",
+                    "delegated": "no",
+                    "descr": "Storage unit /data/log on Node 1 with hostname fab3-apic1 mounted at /data/log is 94% full",
+                    "dn": "topology/pod-1/node-1/sys/ch/p-[/data/log]-f-[tmpfs]/fault-F1529",
+                    "domain": "infra",
+                    "highestSeverity": "major",
+                    "lastTransition": "2026-01-12T06:44:26.382+00:00",
+                    "lc": "raised",
+                    "occur": "1",
+                    "origSeverity": "major",
+                    "prevSeverity": "major",
+                    "rule": "eqpt-storage-full-major",
+                    "severity": "major",
+                    "status": "",
+                    "subject": "equipment-full",
+                    "title": "",
+                    "type": "operational"
+                }
+            }
+        },
+
+        
+        {
+            "faultInst": {
+                "attributes": {
+                    "ack": "no",
+                    "alert": "no",
+                    "cause": "equipment-full",
+                    "changeSet": "available (Old: 1501496, New: 240908), capUtilized (Old: 29, New: 89), inodesFree (Old: 12148991, New: 12148990), inodesUsed (Old: 721, New: 722), used (Old: 595656, New: 1856244)",
+                    "childAction": "",
+                    "code": "F1528",
+                    "created": "2026-01-12T06:44:26.382+00:00",
+                    "delegated": "no",
+                    "descr": "Storage unit /firmware on Node 1 with hostname fab3-apic1 mounted at /firmware is 89% full",
+                    "dn": "topology/pod-1/node-1/sys/ch/p-[/firmware]-f-[/dev/mapper/vg_ifc0-firmware]/fault-F1528",
+                    "domain": "infra",
+                    "highestSeverity": "major",
+                    "lastTransition": "2026-01-12T06:44:26.382+00:00",
+                    "lc": "soaking",
+                    "occur": "1",
+                    "origSeverity": "major",
+                    "prevSeverity": "major",
+                    "rule": "eqpt-storage-full-major",
+                    "severity": "major",
+                    "status": "",
+                    "subject": "equipment-full",
+                    "title": "",
+                    "type": "operational"
+                }
+            }
+        },
+
+        {
+            "faultInst": {
+                "attributes": {
+                    "ack": "no",
+                    "alert": "no",
+                    "cause": "equipment-full",
+                    "changeSet": "available (Old: 1501496, New: 240908), capUtilized (Old: 29, New: 89), inodesFree (Old: 12148991, New: 12148990), inodesUsed (Old: 721, New: 722), used (Old: 595656, New: 1856244)",
+                    "childAction": "",
+                    "code": "F1528",
+                    "created": "2026-01-12T06:44:26.382+00:00",
+                    "delegated": "no",
+                    "descr": "Storage unit /techsupport on Node 1 with hostname fab3-apic1 mounted at /techsupport is 89% full",
+                    "dn": "topology/pod-1/node-1/sys/ch/p-[/techsupport]-f-[/dev/mapper/vg_ifc0-techsupport]/fault-F1528",
+                    "domain": "infra",
+                    "highestSeverity": "major",
+                    "lastTransition": "2026-01-12T06:44:26.382+00:00",
+                    "lc": "raised-clearing",
+                    "occur": "1",
+                    "origSeverity": "major",
+                    "prevSeverity": "major",
+                    "rule": "eqpt-storage-full-major",
+                    "severity": "major",
+                    "status": "",
+                    "subject": "equipment-full",
+                    "title": "",
+                    "type": "operational"
+                }
+            }
+        }
+    ]
@@ -0,0 +1,91 @@
+[
+        {
+            "faultInst": {
+                "attributes": {
+                    "ack": "no",
+                    "alert": "no",
+                    "cause": "equipment-full",
+                    "changeSet": "available (Old: 1501496, New: 240908), capUtilized (Old: 29, New: 89), inodesFree (Old: 12148991, New: 12148990), inodesUsed (Old: 721, New: 722), used (Old: 595656, New: 1856244)",
+                    "childAction": "",
+                    "code": "F1528",
+                    "created": "2026-01-12T06:44:26.382+00:00",
+                    "delegated": "no",
+                    "descr": "Storage unit /data/log on Node 1 with hostname fab3-apic1 mounted at /data/log is 89% full",
+                    "dn": "topology/pod-1/node-1/sys/ch/p-[/data/log]-f-[tmpfs]/fault-F1528",
+                    "domain": "infra",
+                    "highestSeverity": "major",
+                    "lastTransition": "2026-01-12T06:44:26.382+00:00",
+                    "lc": "retaining",
+                    "occur": "1",
+                    "origSeverity": "major",
+                    "prevSeverity": "major",
+                    "rule": "eqpt-storage-full-major",
+                    "severity": "cleared",
+                    "status": "",
+                    "subject": "equipment-full",
+                    "title": "",
+                    "type": "operational"
+                }
+            }
+        },
+
+        {
+            "faultInst": {
+                "attributes": {
+                    "ack": "no",
+                    "alert": "no",
+                    "cause": "equipment-full",
+                    "changeSet": "available (Old: 1501496, New: 240908), capUtilized (Old: 29, New: 89), inodesFree (Old: 12148991, New: 12148990), inodesUsed (Old: 721, New: 722), used (Old: 595656, New: 1856244)",
+                    "childAction": "",
+                    "code": "F1528",
+                    "created": "2026-01-12T06:44:26.382+00:00",
+                    "delegated": "no",
+                    "descr": "Storage unit /firmware on Node 1 with hostname fab3-apic1 mounted at /firmware is 89% full",
+                    "dn": "topology/pod-1/node-1/sys/ch/p-[/firmware]-f-[/dev/mapper/vg_ifc0-firmware]/fault-F1528",
+                    "domain": "infra",
+                    "highestSeverity": "major",
+                    "lastTransition": "2026-01-12T06:44:26.382+00:00",
+                    "lc": "soaking-clearing",
+                    "occur": "1",
+                    "origSeverity": "major",
+                    "prevSeverity": "major",
+                    "rule": "eqpt-storage-full-major",
+                    "severity": "major",
+                    "status": "",
+                    "subject": "equipment-full",
+                    "title": "",
+                    "type": "operational"
+                }
+            }
+        },
+
+        {
+            "faultInst": {
+                "attributes": {
+                    "ack": "no",
+                    "alert": "no",
+                    "cause": "equipment-full",
+                    "changeSet": "available (Old: 1501496, New: 240908), capUtilized (Old: 29, New: 89), inodesFree (Old: 12148991, New: 12148990), inodesUsed (Old: 721, New: 722), used (Old: 595656, New: 1856244)",
+                    "childAction": "",
+                    "code": "F1528",
+                    "created": "2026-01-12T06:44:26.382+00:00",
+                    "delegated": "no",
+                    "descr": "Storage unit /techsupport on Node 1 with hostname fab3-apic1 mounted at /techsupport is 89% full",
+                    "dn": "topology/pod-1/node-1/sys/ch/p-[/techsupport]-f-[/dev/mapper/vg_ifc0-techsupport]/fault-F1528",
+                    "domain": "infra",
+                    "highestSeverity": "major",
+                    "lastTransition": "2026-01-12T06:44:26.382+00:00",
+                    "lc": "raised-clearing",
+                    "occur": "1",
+                    "origSeverity": "major",
+                    "prevSeverity": "major",
+                    "rule": "eqpt-storage-full-major",
+                    "severity": "major",
+                    "status": "",
+                    "subject": "equipment-full",
+                    "title": "",
+                    "type": "operational"
+                }
+            }
+        }
+    ]