cmueller/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

feat: add security_group to scaleway compute resource (#45699)

Browse source 
feat: add more tests
This commit is contained in:
abarbare 2018-10-24 23:33:40 +02:00 committed by John R Barker
parent 0661f2f213
commit b4a9b29ab2
3 changed files with 218 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

92
lib/ansible/modules/cloud/scaleway/scaleway_compute.py
View file

@ -127,6 +127,13 @@ options:
- Time to wait before every attempt to check the state of the server - Time to wait before every attempt to check the state of the server
required: false required: false
default: 3 default: 3
security_group:
description:
- Security group unique identifier
- If no value provided, the default security group or current security group will be used
required: false
version_added: "2.8"
''' '''
EXAMPLES = ''' EXAMPLES = '''
@ -142,6 +149,19 @@ EXAMPLES = '''
- test - test
- www - www
- name: Create a server attached to a security group
scaleway_compute:
name: foobar
state: present
image: 89ee4018-f8c3-4dc4-a6b5-bca14f985ebe
organization: 951df375-e094-4d26-97c1-ba548eeb9c42
region: ams1
commercial_type: VC1S
security_group: 4a31b633-118e-4900-bd52-facf1085fc8d
tags:
- test
- www
- name: Destroy it right after - name: Destroy it right after
scaleway_compute: scaleway_compute:
name: foobar name: foobar
@ -272,16 +292,19 @@ def public_ip_payload(compute_api, public_ip):
def create_server(compute_api, server): def create_server(compute_api, server):
compute_api.module.debug("Starting a create_server") compute_api.module.debug("Starting a create_server")
target_server = None target_server = None
payload = {"enable_ipv6": server["enable_ipv6"], data = {"enable_ipv6": server["enable_ipv6"],
"tags": server["tags"], "tags": server["tags"],
"commercial_type": server["commercial_type"], "commercial_type": server["commercial_type"],
"image": server["image"], "image": server["image"],
"dynamic_ip_required": server["dynamic_ip_required"], "dynamic_ip_required": server["dynamic_ip_required"],
"name": server["name"], "name": server["name"],
"organization": server["organization"]} "organization": server["organization"]
}
response = compute_api.post(path="servers", if server["security_group"]:
data=payload) data["security_group"] = server["security_group"]
response = compute_api.post(path="servers", data=data)
if not response.ok: if not response.ok:
msg = 'Error during server creation: (%s) %s' % (response.status_code, response.json) msg = 'Error during server creation: (%s) %s' % (response.status_code, response.json)
@ -354,7 +377,7 @@ def present_strategy(compute_api, wished_server):
if compute_api.module.check_mode: if compute_api.module.check_mode:
return changed, {"status": "Server %s attributes would be changed." % target_server["id"]} return changed, {"status": "Server %s attributes would be changed." % target_server["id"]}
server_change_attributes(compute_api=compute_api, target_server=target_server, wished_server=wished_server) target_server = server_change_attributes(compute_api=compute_api, target_server=target_server, wished_server=wished_server)
return changed, target_server return changed, target_server
@ -417,7 +440,7 @@ def running_strategy(compute_api, wished_server):
if compute_api.module.check_mode: if compute_api.module.check_mode:
return changed, {"status": "Server %s attributes would be changed before running it." % target_server["id"]} return changed, {"status": "Server %s attributes would be changed before running it." % target_server["id"]}
server_change_attributes(compute_api=compute_api, target_server=target_server, wished_server=wished_server) target_server = server_change_attributes(compute_api=compute_api, target_server=target_server, wished_server=wished_server)
current_state = fetch_state(compute_api=compute_api, server=target_server) current_state = fetch_state(compute_api=compute_api, server=target_server)
if current_state not in ("running", "starting"): if current_state not in ("running", "starting"):
@ -461,7 +484,7 @@ def stop_strategy(compute_api, wished_server):
return changed, { return changed, {
"status": "Server %s attributes would be changed before stopping it." % target_server["id"]} "status": "Server %s attributes would be changed before stopping it." % target_server["id"]}
server_change_attributes(compute_api=compute_api, target_server=target_server, wished_server=wished_server) target_server = server_change_attributes(compute_api=compute_api, target_server=target_server, wished_server=wished_server)
wait_to_complete_state_transition(compute_api=compute_api, server=target_server) wait_to_complete_state_transition(compute_api=compute_api, server=target_server)
@ -508,7 +531,7 @@ def restart_strategy(compute_api, wished_server):
return changed, { return changed, {
"status": "Server %s attributes would be changed before rebooting it." % target_server["id"]} "status": "Server %s attributes would be changed before rebooting it." % target_server["id"]}
server_change_attributes(compute_api=compute_api, target_server=target_server, wished_server=wished_server) target_server = server_change_attributes(compute_api=compute_api, target_server=target_server, wished_server=wished_server)
changed = True changed = True
if compute_api.module.check_mode: if compute_api.module.check_mode:
@ -564,6 +587,7 @@ PATCH_MUTABLE_SERVER_ATTRIBUTES = (
"tags", "tags",
"name", "name",
"dynamic_ip_required", "dynamic_ip_required",
"security_group",
) )
@ -575,29 +599,51 @@ def server_attributes_should_be_changed(compute_api, target_server, wished_serve
for x in PATCH_MUTABLE_SERVER_ATTRIBUTES for x in PATCH_MUTABLE_SERVER_ATTRIBUTES
if x in target_server and x in wished_server) if x in target_server and x in wished_server)
compute_api.module.debug("Debug dict %s" % debug_dict) compute_api.module.debug("Debug dict %s" % debug_dict)
try: try:
return any([target_server[x] != wished_server[x] for key in PATCH_MUTABLE_SERVER_ATTRIBUTES:
for x in PATCH_MUTABLE_SERVER_ATTRIBUTES if key in target_server and key in wished_server:
if x in target_server and x in wished_server]) # When you are working with dict, only ID matter as we ask user to put only the resource ID in the playbook
if isinstance(target_server[key], dict) and wished_server[key] and "id" in target_server[key].keys(
) and target_server[key]["id"] != wished_server[key]:
return True
# Handling other structure compare simply the two objects content
elif not isinstance(target_server[key], dict) and target_server[key] != wished_server[key]:
return True
return False
except AttributeError: except AttributeError:
compute_api.module.fail_json(msg="Error while checking if attributes should be changed") compute_api.module.fail_json(msg="Error while checking if attributes should be changed")
def server_change_attributes(compute_api, target_server, wished_server): def server_change_attributes(compute_api, target_server, wished_server):
compute_api.module.debug("Starting patching server attributes") compute_api.module.debug("Starting patching server attributes")
patch_payload = dict((x, wished_server[x]) patch_payload = dict()
for x in PATCH_MUTABLE_SERVER_ATTRIBUTES
if x in wished_server and x in target_server) for key in PATCH_MUTABLE_SERVER_ATTRIBUTES:
if key in target_server and key in wished_server:
# When you are working with dict, only ID matter as we ask user to put only the resource ID in the playbook
if isinstance(target_server[key], dict) and "id" in target_server[key] and wished_server[key]:
# Setting all key to current value except ID
key_dict = dict((x, target_server[key][x]) for x in target_server[key].keys() if x != "id")
# Setting ID to the user specified ID
key_dict["id"] = wished_server[key]
patch_payload[key] = key_dict
elif not isinstance(target_server[key], dict):
patch_payload[key] = wished_server[key]
response = compute_api.patch(path="servers/%s" % target_server["id"], response = compute_api.patch(path="servers/%s" % target_server["id"],
data=patch_payload) data=patch_payload)
if not response.ok: if not response.ok:
msg = 'Error during server attributes patching: (%s) %s' % (response.status_code, response.json) msg = 'Error during server attributes patching: (%s) %s' % (response.status_code, response.json)
compute_api.module.fail_json(msg=msg) compute_api.module.fail_json(msg=msg)
try:
target_server = response.json["server"]
except KeyError:
compute_api.module.fail_json(msg="Error in getting the server information from: %s" % response.json)
wait_to_complete_state_transition(compute_api=compute_api, server=target_server) wait_to_complete_state_transition(compute_api=compute_api, server=target_server)
return response return target_server
def core(module): def core(module):
@ -609,7 +655,8 @@ def core(module):
"commercial_type": module.params["commercial_type"], "commercial_type": module.params["commercial_type"],
"enable_ipv6": module.params["enable_ipv6"], "enable_ipv6": module.params["enable_ipv6"],
"tags": module.params["tags"], "tags": module.params["tags"],
"organization": module.params["organization"] "organization": module.params["organization"],
"security_group": module.params["security_group"]
} }
module.params['api_url'] = SCALEWAY_LOCATION[region]["api_endpoint"] module.params['api_url'] = SCALEWAY_LOCATION[region]["api_endpoint"]
@ -638,6 +685,7 @@ def main():
wait=dict(type="bool", default=False), wait=dict(type="bool", default=False),
wait_timeout=dict(type="int", default=300), wait_timeout=dict(type="int", default=300),
wait_sleep_time=dict(type="int", default=3), wait_sleep_time=dict(type="int", default=3),
security_group=dict(),
)) ))
module = AnsibleModule( module = AnsibleModule(
argument_spec=argument_spec, argument_spec=argument_spec,

1
test/legacy/roles/scaleway_compute/tasks/main.yml
View file

@ -2,3 +2,4 @@
- include_tasks: state.yml - include_tasks: state.yml
- include_tasks: ip.yml - include_tasks: ip.yml
- include_tasks: security_group.yml

147
test/legacy/roles/scaleway_compute/tasks/security_group.yml Normal file
View file

@ -0,0 +1,147 @@
- name: Create a scaleway security_group
scaleway_security_group:
state: present
region: '{{ scaleway_region }}'
name: test_compute
description: test_compute
organization: '{{ scaleway_organization }}'
stateful: true
inbound_default_policy: accept
outbound_default_policy: accept
organization_default: false
register: security_group
- debug: var=security_group
- block:
- name: Create a server with security_group (Check)
check_mode: yes
scaleway_compute:
name: '{{ scaleway_name }}'
state: present
image: '{{ scaleway_image_id }}'
organization: '{{ scaleway_organization }}'
region: '{{ scaleway_region }}'
commercial_type: '{{ scaleway_commerial_type }}'
security_group: '{{ security_group.scaleway_security_group.id }}'
register: server_creation_check_task
- debug: var=server_creation_check_task
- assert:
that:
- server_creation_check_task is success
- server_creation_check_task is changed
- name: Create a server
scaleway_compute:
name: '{{ scaleway_name }}'
state: present
image: '{{ scaleway_image_id }}'
organization: '{{ scaleway_organization }}'
region: '{{ scaleway_region }}'
commercial_type: '{{ scaleway_commerial_type }}'
security_group: '{{ security_group.scaleway_security_group.id }}'
wait: true
register: server_creation_task
- debug: var=server_creation_task
- assert:
that:
- server_creation_task is success
- server_creation_task is changed
- name: Create a server with security_group (Confirmation)
scaleway_compute:
name: '{{ scaleway_name }}'
state: present
image: '{{ scaleway_image_id }}'
organization: '{{ scaleway_organization }}'
region: '{{ scaleway_region }}'
commercial_type: '{{ scaleway_commerial_type }}'
security_group: '{{ security_group.scaleway_security_group.id }}'
wait: true
register: server_creation_confirmation_task
- debug: var=server_creation_confirmation_task
- assert:
that:
- server_creation_confirmation_task is success
- server_creation_confirmation_task is not changed
- name: Keep current security_group (Check)
check_mode: yes
scaleway_compute:
name: '{{ scaleway_name }}'
state: present
image: '{{ scaleway_image_id }}'
organization: '{{ scaleway_organization }}'
region: '{{ scaleway_region }}'
commercial_type: '{{ scaleway_commerial_type }}'
security_group: '{{ security_group.scaleway_security_group.id }}'
wait: true
register: server_creation_confirmation_task
- debug: var=server_creation_confirmation_task
- assert:
that:
- server_creation_confirmation_task is success
- server_creation_confirmation_task is not changed
- name: Keep current security_group
scaleway_compute:
name: '{{ scaleway_name }}'
state: present
image: '{{ scaleway_image_id }}'
organization: '{{ scaleway_organization }}'
region: '{{ scaleway_region }}'
commercial_type: '{{ scaleway_commerial_type }}'
wait: true
register: server_creation_confirmation_task
- debug: var=server_creation_confirmation_task
- assert:
that:
- server_creation_confirmation_task is success
- server_creation_confirmation_task is not changed
always:
- name: Destroy it
scaleway_compute:
name: '{{ scaleway_name }}'
state: absent
image: '{{ scaleway_image_id }}'
organization: '{{ scaleway_organization }}'
region: '{{ scaleway_region }}'
commercial_type: '{{ scaleway_commerial_type }}'
wait: true
register: server_destroy_task
- debug: var=server_destroy_task
- assert:
that:
- server_destroy_task is success
- server_destroy_task is changed
- name: Create a scaleway security_group
scaleway_security_group:
state: absent
region: '{{ scaleway_region }}'
name: test_compute
description: test_compute
organization: '{{ scaleway_organization }}'
stateful: true
inbound_default_policy: accept
outbound_default_policy: accept
organization_default: false