aws_codecommit: Fix integration tests and Add support for updating the description (#61263)

* Update DevOps AWS policy
- Fix typos in permission names
- While AWS claims you can use 'arn:aws:codecommit:*' it errors unless you use '*'

* aws_codecommit: (integration tests) Migrate to module_defaults

* aws_codecommit: (integration tests) Fix integration tests

* aws_codecommit: (integration tests) Add tests for updating the description

* aws_codecommit: Add support for updating the description and rename "comment" option to "description"
This commit is contained in:
Mark Chappell 2019-08-30 20:25:37 +02:00 committed by Jill R
parent 0e1ec04efb
commit 35359959de
4 changed files with 112 additions and 41 deletions

View file

@ -0,0 +1,2 @@
minor_changes:
- aws_codecommit - Support updating the description

View file

@ -6,11 +6,11 @@
"Effect": "Allow", "Effect": "Allow",
"Action": [ "Action": [
"codecommit:ListRepositories", "codecommit:ListRepositories",
"codecommit:CreateRepositories", "codecommit:*Repository",
"codecommit:DeleteRpositories" "codecommit:*RepositoryDescription"
], ],
"Resource": [ "Resource": [
"arn:aws:codecommit:*" "*"
] ]
} }
] ]

View file

@ -27,10 +27,12 @@ options:
description: description:
- name of repository. - name of repository.
required: true required: true
comment: description:
description: description:
- description or comment of repository. - description or comment of repository.
required: false required: false
aliases:
- comment
state: state:
description: description:
- Specifies the state of repository. - Specifies the state of repository.
@ -150,12 +152,20 @@ class CodeCommit(object):
def process(self): def process(self):
result = dict(changed=False) result = dict(changed=False)
if self._module.params['state'] == 'present' and not self._repository_exists(): if self._module.params['state'] == 'present':
if not self._module.check_mode: if not self._repository_exists():
if not self._check_mode:
result = self._create_repository() result = self._create_repository()
result['changed'] = True result['changed'] = True
else:
metadata = self._get_repository()['repositoryMetadata']
if metadata['repositoryDescription'] != self._module.params['description']:
if not self._check_mode:
self._update_repository()
result['changed'] = True
result.update(self._get_repository())
if self._module.params['state'] == 'absent' and self._repository_exists(): if self._module.params['state'] == 'absent' and self._repository_exists():
if not self._module.check_mode: if not self._check_mode:
result = self._delete_repository() result = self._delete_repository()
result['changed'] = True result['changed'] = True
return result return result
@ -172,11 +182,30 @@ class CodeCommit(object):
self._module.fail_json_aws(e, msg="couldn't get repository") self._module.fail_json_aws(e, msg="couldn't get repository")
return False return False
def _get_repository(self):
try:
result = self._client.get_repository(
repositoryName=self._module.params['name']
)
except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e:
self._module.fail_json_aws(e, msg="couldn't get repository")
return result
def _update_repository(self):
try:
result = self._client.update_repository_description(
repositoryName=self._module.params['name'],
repositoryDescription=self._module.params['description']
)
except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e:
self._module.fail_json_aws(e, msg="couldn't create repository")
return result
def _create_repository(self): def _create_repository(self):
try: try:
result = self._client.create_repository( result = self._client.create_repository(
repositoryName=self._module.params['name'], repositoryName=self._module.params['name'],
repositoryDescription=self._module.params['comment'] repositoryDescription=self._module.params['description']
) )
except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e:
self._module.fail_json_aws(e, msg="couldn't create repository") self._module.fail_json_aws(e, msg="couldn't create repository")
@ -196,7 +225,7 @@ def main():
argument_spec = dict( argument_spec = dict(
name=dict(required=True), name=dict(required=True),
state=dict(choices=['present', 'absent'], required=True), state=dict(choices=['present', 'absent'], required=True),
comment=dict(default='') description=dict(default='', aliases=['comment'])
) )
ansible_aws_module = AnsibleAWSModule( ansible_aws_module = AnsibleAWSModule(

View file

@ -1,65 +1,105 @@
--- ---
- block: - module_defaults:
# ============================================================ group/aws:
- name: set connection information for all tasks
set_fact:
aws_connection_info: &aws_connection_info
aws_access_key: "{{ aws_access_key }}" aws_access_key: "{{ aws_access_key }}"
aws_secret_key: "{{ aws_secret_key }}" aws_secret_key: "{{ aws_secret_key }}"
security_token: "{{ security_token }}" security_token: "{{ security_token | default(omit) }}"
region: "{{ aws_region }}" region: "{{ aws_region }}"
no_log: true block:
# ============================================================
- name: Create a repository
aws_codecommit:
name: "{{ resource_prefix }}_repo"
comment: original comment
state: present
<<: *aws_connection_info
register: output
- assert:
that:
- output is changed
- output['repository_metadata'].repository_name == '{{ resource_prefix }}_repo'
- output['repository_metadata'].repository_description == 'original comment'
# ============================================================ # ============================================================
- name: Create a repository (CHECK MODE) - name: Create a repository (CHECK MODE)
aws_codecommit: aws_codecommit:
name: "{{ resource_prefix }}_check_repo" name: "{{ resource_prefix }}_repo"
comment: original comment description: original comment
state: present state: present
<<: *aws_connection_info
register: output register: output
check_mode: yes check_mode: yes
- assert: - assert:
that: that:
- output is changed - output is changed
- name: Create a repository
aws_codecommit:
name: "{{ resource_prefix }}_repo"
description: original comment
state: present
register: output
- assert:
that:
- output is changed
- output.repository_metadata.repository_name == '{{ resource_prefix }}_repo'
- output.repository_metadata.repository_description == 'original comment'
- name: No-op update to repository
aws_codecommit:
name: "{{ resource_prefix }}_repo"
description: original comment
state: present
register: output
- assert:
that:
- output is not changed
- output.repository_metadata.repository_name == '{{ resource_prefix }}_repo'
- output.repository_metadata.repository_description == 'original comment'
- name: Update repository description (CHECK MODE)
aws_codecommit:
name: "{{ resource_prefix }}_repo"
description: new comment
state: present
register: output
check_mode: yes
- assert:
that:
- output is changed
- output.repository_metadata.repository_name == '{{ resource_prefix }}_repo'
- output.repository_metadata.repository_description == 'original comment'
- name: Update repository description
aws_codecommit:
name: "{{ resource_prefix }}_repo"
description: new comment
state: present
register: output
- assert:
that:
- output is changed
- output.repository_metadata.repository_name == '{{ resource_prefix }}_repo'
- output.repository_metadata.repository_description == 'new comment'
# ============================================================ # ============================================================
- name: Delete a repository (CHECK MODE) - name: Delete a repository (CHECK MODE)
aws_codecommit: aws_codecommit:
name: "{{ resource_prefix }}_repo" name: "{{ resource_prefix }}_repo"
state: absent state: absent
<<: *aws_connection_info
register: output register: output
check_mode: yes check_mode: yes
- assert: - assert:
that: that:
- output is changed - output is changed
- name: Delete a repository - name: Delete a repository
aws_codecommit: aws_codecommit:
name: "{{ resource_prefix }}_repo" name: "{{ resource_prefix }}_repo"
state: absent state: absent
<<: *aws_connection_info
register: output register: output
- assert: - assert:
that: that:
- output is changed - output is changed
- name: Delete a non-existent repository
aws_codecommit:
name: "{{ resource_prefix }}_repo"
state: absent
register: output
- assert:
that:
- output is not changed
always: always:
###### TEARDOWN STARTS HERE ###### ###### TEARDOWN STARTS HERE ######
- name: Delete a repository - name: Delete a repository
aws_codecommit: aws_codecommit:
name: "{{ resource_prefix }}_repo" name: "{{ resource_prefix }}_repo"
state: absent state: absent
<<: *aws_connection_info
ignore_errors: yes ignore_errors: yes