Bug fixes for gcp_compute_target_https_proxy (#42824)

This commit is contained in:
Alex Stephen 2018-08-14 06:52:25 -07:00 committed by Ryan Brown
parent 763d66ff9c
commit eaacda42f5
2 changed files with 104 additions and 111 deletions

View file

@ -60,6 +60,16 @@ options:
must be a dash, lowercase letter, or digit, except the last character, which cannot must be a dash, lowercase letter, or digit, except the last character, which cannot
be a dash. be a dash.
required: true required: true
quic_override:
description:
- Specifies the QUIC override policy for this resource. This determines whether the
load balancer will attempt to negotiate QUIC with clients or not. Can specify one
of NONE, ENABLE, or DISABLE. If NONE is specified, uses the QUIC policy with no
user overrides, which is equivalent to DISABLE. Not specifying this field is equivalent
to specifying NONE.
required: false
version_added: 2.7
choices: ['NONE', 'ENABLE', 'DISABLE']
ssl_certificates: ssl_certificates:
description: description:
- A list of SslCertificate resources that are used to authenticate connections between - A list of SslCertificate resources that are used to authenticate connections between
@ -67,27 +77,28 @@ options:
required: true required: true
url_map: url_map:
description: description:
- A reference to UrlMap resource. - A reference to the UrlMap resource that defines the mapping from URL to the BackendService.
required: true required: true
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
notes:
- "API Reference: U(https://cloud.google.com/compute/docs/reference/latest/targetHttpsProxies)"
- "Official Documentation: U(https://cloud.google.com/compute/docs/load-balancing/http/target-proxies)"
''' '''
EXAMPLES = ''' EXAMPLES = '''
- name: create a instance group - name: create a instance group
gcp_compute_instance_group: gcp_compute_instance_group:
name: 'instancegroup-targethttpsproxy' name: "instancegroup-targethttpsproxy"
zone: 'us-central1-a' zone: us-central1-a
project: "{{ gcp_project }}" project: "{{ gcp_project }}"
auth_kind: "{{ gcp_cred_kind }}" auth_kind: "{{ gcp_cred_kind }}"
service_account_file: "{{ gcp_cred_file }}" service_account_file: "{{ gcp_cred_file }}"
scopes:
- https://www.googleapis.com/auth/compute
state: present state: present
register: instancegroup register: instancegroup
- name: create a http health check - name: create a http health check
gcp_compute_http_health_check: gcp_compute_http_health_check:
name: 'httphealthcheck-targethttpsproxy' name: "httphealthcheck-targethttpsproxy"
healthy_threshold: 10 healthy_threshold: 10
port: 8080 port: 8080
timeout_sec: 2 timeout_sec: 2
@ -95,44 +106,37 @@ EXAMPLES = '''
project: "{{ gcp_project }}" project: "{{ gcp_project }}"
auth_kind: "{{ gcp_cred_kind }}" auth_kind: "{{ gcp_cred_kind }}"
service_account_file: "{{ gcp_cred_file }}" service_account_file: "{{ gcp_cred_file }}"
scopes:
- https://www.googleapis.com/auth/compute
state: present state: present
register: healthcheck register: healthcheck
- name: create a backend service - name: create a backend service
gcp_compute_backend_service: gcp_compute_backend_service:
name: 'backendservice-targethttpsproxy' name: "backendservice-targethttpsproxy"
backends: backends:
- group: "{{ instancegroup }}" - group: "{{ instancegroup }}"
health_checks: health_checks:
- "{{ healthcheck.selfLink }}" - "{{ healthcheck.selfLink }}"
enable_cdn: true enable_cdn: true
project: "{{ gcp_project }}" project: "{{ gcp_project }}"
auth_kind: "{{ gcp_cred_kind }}" auth_kind: "{{ gcp_cred_kind }}"
service_account_file: "{{ gcp_cred_file }}" service_account_file: "{{ gcp_cred_file }}"
scopes:
- https://www.googleapis.com/auth/compute
state: present state: present
register: backendservice register: backendservice
- name: create a url map - name: create a url map
gcp_compute_url_map: gcp_compute_url_map:
name: 'urlmap-targethttpsproxy' name: "urlmap-targethttpsproxy"
default_service: "{{ backendservice }}" default_service: "{{ backendservice }}"
project: "{{ gcp_project }}" project: "{{ gcp_project }}"
auth_kind: "{{ gcp_cred_kind }}" auth_kind: "{{ gcp_cred_kind }}"
service_account_file: "{{ gcp_cred_file }}" service_account_file: "{{ gcp_cred_file }}"
scopes:
- https://www.googleapis.com/auth/compute
state: present state: present
register: urlmap register: urlmap
- name: create a ssl certificate - name: create a ssl certificate
gcp_compute_ssl_certificate: gcp_compute_ssl_certificate:
name: 'sslcert-targethttpsproxy' name: "sslcert-targethttpsproxy"
description: | description: A certificate for testing. Do not use this certificate in production
"A certificate for testing. Do not use this certificate in production"
certificate: | certificate: |
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIICqjCCAk+gAwIBAgIJAIuJ+0352Kq4MAoGCCqGSM49BAMCMIGwMQswCQYDVQQG MIICqjCCAk+gAwIBAgIJAIuJ+0352Kq4MAoGCCqGSM49BAMCMIGwMQswCQYDVQQG
@ -160,22 +164,18 @@ EXAMPLES = '''
project: "{{ gcp_project }}" project: "{{ gcp_project }}"
auth_kind: "{{ gcp_cred_kind }}" auth_kind: "{{ gcp_cred_kind }}"
service_account_file: "{{ gcp_cred_file }}" service_account_file: "{{ gcp_cred_file }}"
scopes:
- https://www.googleapis.com/auth/compute
state: present state: present
register: sslcert register: sslcert
- name: create a target https proxy - name: create a target https proxy
gcp_compute_target_https_proxy: gcp_compute_target_https_proxy:
name: testObject name: "test_object"
ssl_certificates: ssl_certificates:
- "{{ sslcert }}" - "{{ sslcert }}"
url_map: "{{ urlmap }}" url_map: "{{ urlmap }}"
project: testProject project: "test_project"
auth_kind: service_account auth_kind: "service_account"
service_account_file: /tmp/auth.pem service_account_file: "/tmp/auth.pem"
scopes:
- https://www.googleapis.com/auth/compute
state: present state: present
''' '''
@ -205,6 +205,15 @@ RETURN = '''
be a dash. be a dash.
returned: success returned: success
type: str type: str
quic_override:
description:
- Specifies the QUIC override policy for this resource. This determines whether the
load balancer will attempt to negotiate QUIC with clients or not. Can specify one
of NONE, ENABLE, or DISABLE. If NONE is specified, uses the QUIC policy with no
user overrides, which is equivalent to DISABLE. Not specifying this field is equivalent
to specifying NONE.
returned: success
type: str
ssl_certificates: ssl_certificates:
description: description:
- A list of SslCertificate resources that are used to authenticate connections between - A list of SslCertificate resources that are used to authenticate connections between
@ -213,7 +222,7 @@ RETURN = '''
type: list type: list
url_map: url_map:
description: description:
- A reference to UrlMap resource. - A reference to the UrlMap resource that defines the mapping from URL to the BackendService.
returned: success returned: success
type: dict type: dict
''' '''
@ -239,11 +248,15 @@ def main():
state=dict(default='present', choices=['present', 'absent'], type='str'), state=dict(default='present', choices=['present', 'absent'], type='str'),
description=dict(type='str'), description=dict(type='str'),
name=dict(required=True, type='str'), name=dict(required=True, type='str'),
quic_override=dict(type='str', choices=['NONE', 'ENABLE', 'DISABLE']),
ssl_certificates=dict(required=True, type='list', elements='dict'), ssl_certificates=dict(required=True, type='list', elements='dict'),
url_map=dict(required=True, type='dict') url_map=dict(required=True, type='dict')
) )
) )
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']
state = module.params['state'] state = module.params['state']
kind = 'compute#targetHttpsProxy' kind = 'compute#targetHttpsProxy'
@ -291,6 +304,7 @@ def resource_to_request(module):
u'kind': 'compute#targetHttpsProxy', u'kind': 'compute#targetHttpsProxy',
u'description': module.params.get('description'), u'description': module.params.get('description'),
u'name': module.params.get('name'), u'name': module.params.get('name'),
u'quicOverride': module.params.get('quic_override'),
u'sslCertificates': replace_resource_dict(module.params.get('ssl_certificates', []), 'selfLink'), u'sslCertificates': replace_resource_dict(module.params.get('ssl_certificates', []), 'selfLink'),
u'urlMap': replace_resource_dict(module.params.get(u'url_map', {}), 'selfLink') u'urlMap': replace_resource_dict(module.params.get(u'url_map', {}), 'selfLink')
} }
@ -361,9 +375,10 @@ def is_different(module, response):
def response_to_hash(module, response): def response_to_hash(module, response):
return { return {
u'creationTimestamp': response.get(u'creationTimestamp'), u'creationTimestamp': response.get(u'creationTimestamp'),
u'description': response.get(u'description'), u'description': module.params.get('description'),
u'id': response.get(u'id'), u'id': response.get(u'id'),
u'name': response.get(u'name'), u'name': module.params.get('name'),
u'quicOverride': response.get(u'quicOverride'),
u'sslCertificates': response.get(u'sslCertificates'), u'sslCertificates': response.get(u'sslCertificates'),
u'urlMap': response.get(u'urlMap') u'urlMap': response.get(u'urlMap')
} }
@ -381,7 +396,7 @@ def async_op_url(module, extra_data=None):
def wait_for_operation(module, response): def wait_for_operation(module, response):
op_result = return_if_object(module, response, 'compute#operation') op_result = return_if_object(module, response, 'compute#operation')
if op_result is None: if op_result is None:
return None return {}
status = navigate_hash(op_result, ['status']) status = navigate_hash(op_result, ['status'])
wait_done = wait_for_completion(status, op_result, module) wait_done = wait_for_completion(status, op_result, module)
return fetch_resource(module, navigate_hash(wait_done, ['targetLink']), 'compute#targetHttpsProxy') return fetch_resource(module, navigate_hash(wait_done, ['targetLink']), 'compute#targetHttpsProxy')

View file

@ -15,18 +15,16 @@
# Pre-test setup # Pre-test setup
- name: create a instance group - name: create a instance group
gcp_compute_instance_group: gcp_compute_instance_group:
name: 'instancegroup-targethttpsproxy' name: "instancegroup-targethttpsproxy"
zone: 'us-central1-a' zone: us-central1-a
project: "{{ gcp_project }}" project: "{{ gcp_project }}"
auth_kind: "{{ gcp_cred_kind }}" auth_kind: "{{ gcp_cred_kind }}"
service_account_file: "{{ gcp_cred_file }}" service_account_file: "{{ gcp_cred_file }}"
scopes:
- https://www.googleapis.com/auth/compute
state: present state: present
register: instancegroup register: instancegroup
- name: create a http health check - name: create a http health check
gcp_compute_http_health_check: gcp_compute_http_health_check:
name: 'httphealthcheck-targethttpsproxy' name: "httphealthcheck-targethttpsproxy"
healthy_threshold: 10 healthy_threshold: 10
port: 8080 port: 8080
timeout_sec: 2 timeout_sec: 2
@ -34,41 +32,34 @@
project: "{{ gcp_project }}" project: "{{ gcp_project }}"
auth_kind: "{{ gcp_cred_kind }}" auth_kind: "{{ gcp_cred_kind }}"
service_account_file: "{{ gcp_cred_file }}" service_account_file: "{{ gcp_cred_file }}"
scopes:
- https://www.googleapis.com/auth/compute
state: present state: present
register: healthcheck register: healthcheck
- name: create a backend service - name: create a backend service
gcp_compute_backend_service: gcp_compute_backend_service:
name: 'backendservice-targethttpsproxy' name: "backendservice-targethttpsproxy"
backends: backends:
- group: "{{ instancegroup }}" - group: "{{ instancegroup }}"
health_checks: health_checks:
- "{{ healthcheck.selfLink }}" - "{{ healthcheck.selfLink }}"
enable_cdn: true enable_cdn: true
project: "{{ gcp_project }}" project: "{{ gcp_project }}"
auth_kind: "{{ gcp_cred_kind }}" auth_kind: "{{ gcp_cred_kind }}"
service_account_file: "{{ gcp_cred_file }}" service_account_file: "{{ gcp_cred_file }}"
scopes:
- https://www.googleapis.com/auth/compute
state: present state: present
register: backendservice register: backendservice
- name: create a url map - name: create a url map
gcp_compute_url_map: gcp_compute_url_map:
name: 'urlmap-targethttpsproxy' name: "urlmap-targethttpsproxy"
default_service: "{{ backendservice }}" default_service: "{{ backendservice }}"
project: "{{ gcp_project }}" project: "{{ gcp_project }}"
auth_kind: "{{ gcp_cred_kind }}" auth_kind: "{{ gcp_cred_kind }}"
service_account_file: "{{ gcp_cred_file }}" service_account_file: "{{ gcp_cred_file }}"
scopes:
- https://www.googleapis.com/auth/compute
state: present state: present
register: urlmap register: urlmap
- name: create a ssl certificate - name: create a ssl certificate
gcp_compute_ssl_certificate: gcp_compute_ssl_certificate:
name: 'sslcert-targethttpsproxy' name: "sslcert-targethttpsproxy"
description: | description: A certificate for testing. Do not use this certificate in production
"A certificate for testing. Do not use this certificate in production"
certificate: | certificate: |
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIICqjCCAk+gAwIBAgIJAIuJ+0352Kq4MAoGCCqGSM49BAMCMIGwMQswCQYDVQQG MIICqjCCAk+gAwIBAgIJAIuJ+0352Kq4MAoGCCqGSM49BAMCMIGwMQswCQYDVQQG
@ -96,34 +87,28 @@
project: "{{ gcp_project }}" project: "{{ gcp_project }}"
auth_kind: "{{ gcp_cred_kind }}" auth_kind: "{{ gcp_cred_kind }}"
service_account_file: "{{ gcp_cred_file }}" service_account_file: "{{ gcp_cred_file }}"
scopes:
- https://www.googleapis.com/auth/compute
state: present state: present
register: sslcert register: sslcert
- name: delete a target https proxy - name: delete a target https proxy
gcp_compute_target_https_proxy: gcp_compute_target_https_proxy:
name: "{{ resource_name }}" name: "{{ resource_name }}"
ssl_certificates: ssl_certificates:
- "{{ sslcert }}" - "{{ sslcert }}"
url_map: "{{ urlmap }}" url_map: "{{ urlmap }}"
project: "{{ gcp_project }}" project: "{{ gcp_project }}"
auth_kind: "{{ gcp_cred_kind }}" auth_kind: "{{ gcp_cred_kind }}"
service_account_file: "{{ gcp_cred_file }}" service_account_file: "{{ gcp_cred_file }}"
scopes:
- https://www.googleapis.com/auth/compute
state: absent state: absent
#---------------------------------------------------------- #----------------------------------------------------------
- name: create a target https proxy - name: create a target https proxy
gcp_compute_target_https_proxy: gcp_compute_target_https_proxy:
name: "{{ resource_name }}" name: "{{ resource_name }}"
ssl_certificates: ssl_certificates:
- "{{ sslcert }}" - "{{ sslcert }}"
url_map: "{{ urlmap }}" url_map: "{{ urlmap }}"
project: "{{ gcp_project }}" project: "{{ gcp_project }}"
auth_kind: "{{ gcp_cred_kind }}" auth_kind: "{{ gcp_cred_kind }}"
service_account_file: "{{ gcp_cred_file }}" service_account_file: "{{ gcp_cred_file }}"
scopes:
- https://www.googleapis.com/auth/compute
state: present state: present
register: result register: result
- name: assert changed is true - name: assert changed is true
@ -132,25 +117,29 @@
- result.changed == true - result.changed == true
- "result.kind == 'compute#targetHttpsProxy'" - "result.kind == 'compute#targetHttpsProxy'"
- name: verify that target_https_proxy was created - name: verify that target_https_proxy was created
shell: | gcp_compute_target_https_proxy_facts:
gcloud compute target-https-proxies describe --project="{{ gcp_project}}" "{{ resource_name }}" filters:
register: results - name = {{ resource_name }}
- name: verify that command succeeded
assert:
that:
- results.rc == 0
# ----------------------------------------------------------------------------
- name: create a target https proxy that already exists
gcp_compute_target_https_proxy:
name: "{{ resource_name }}"
ssl_certificates:
- "{{ sslcert }}"
url_map: "{{ urlmap }}"
project: "{{ gcp_project }}" project: "{{ gcp_project }}"
auth_kind: "{{ gcp_cred_kind }}" auth_kind: "{{ gcp_cred_kind }}"
service_account_file: "{{ gcp_cred_file }}" service_account_file: "{{ gcp_cred_file }}"
scopes: scopes:
- https://www.googleapis.com/auth/compute - https://www.googleapis.com/auth/compute
register: results
- name: verify that command succeeded
assert:
that:
- results['items'] | length == 1
# ----------------------------------------------------------------------------
- name: create a target https proxy that already exists
gcp_compute_target_https_proxy:
name: "{{ resource_name }}"
ssl_certificates:
- "{{ sslcert }}"
url_map: "{{ urlmap }}"
project: "{{ gcp_project }}"
auth_kind: "{{ gcp_cred_kind }}"
service_account_file: "{{ gcp_cred_file }}"
state: present state: present
register: result register: result
- name: assert changed is false - name: assert changed is false
@ -163,13 +152,11 @@
gcp_compute_target_https_proxy: gcp_compute_target_https_proxy:
name: "{{ resource_name }}" name: "{{ resource_name }}"
ssl_certificates: ssl_certificates:
- "{{ sslcert }}" - "{{ sslcert }}"
url_map: "{{ urlmap }}" url_map: "{{ urlmap }}"
project: "{{ gcp_project }}" project: "{{ gcp_project }}"
auth_kind: "{{ gcp_cred_kind }}" auth_kind: "{{ gcp_cred_kind }}"
service_account_file: "{{ gcp_cred_file }}" service_account_file: "{{ gcp_cred_file }}"
scopes:
- https://www.googleapis.com/auth/compute
state: absent state: absent
register: result register: result
- name: assert changed is true - name: assert changed is true
@ -178,27 +165,29 @@
- result.changed == true - result.changed == true
- result.has_key('kind') == False - result.has_key('kind') == False
- name: verify that target_https_proxy was deleted - name: verify that target_https_proxy was deleted
shell: | gcp_compute_target_https_proxy_facts:
gcloud compute target-https-proxies describe --project="{{ gcp_project}}" "{{ resource_name }}" filters:
register: results - name = {{ resource_name }}
failed_when: results.rc == 0
- name: verify that command succeeded
assert:
that:
- results.rc == 1
- "\"'projects/{{ gcp_project }}/global/targetHttpsProxies/{{ resource_name }}' was not found\" in results.stderr"
# ----------------------------------------------------------------------------
- name: delete a target https proxy that does not exist
gcp_compute_target_https_proxy:
name: "{{ resource_name }}"
ssl_certificates:
- "{{ sslcert }}"
url_map: "{{ urlmap }}"
project: "{{ gcp_project }}" project: "{{ gcp_project }}"
auth_kind: "{{ gcp_cred_kind }}" auth_kind: "{{ gcp_cred_kind }}"
service_account_file: "{{ gcp_cred_file }}" service_account_file: "{{ gcp_cred_file }}"
scopes: scopes:
- https://www.googleapis.com/auth/compute - https://www.googleapis.com/auth/compute
register: results
- name: verify that command succeeded
assert:
that:
- results['items'] | length == 0
# ----------------------------------------------------------------------------
- name: delete a target https proxy that does not exist
gcp_compute_target_https_proxy:
name: "{{ resource_name }}"
ssl_certificates:
- "{{ sslcert }}"
url_map: "{{ urlmap }}"
project: "{{ gcp_project }}"
auth_kind: "{{ gcp_cred_kind }}"
service_account_file: "{{ gcp_cred_file }}"
state: absent state: absent
register: result register: result
- name: assert changed is false - name: assert changed is false
@ -210,9 +199,8 @@
# Post-test teardown # Post-test teardown
- name: delete a ssl certificate - name: delete a ssl certificate
gcp_compute_ssl_certificate: gcp_compute_ssl_certificate:
name: 'sslcert-targethttpsproxy' name: "sslcert-targethttpsproxy"
description: | description: A certificate for testing. Do not use this certificate in production
"A certificate for testing. Do not use this certificate in production"
certificate: | certificate: |
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIICqjCCAk+gAwIBAgIJAIuJ+0352Kq4MAoGCCqGSM49BAMCMIGwMQswCQYDVQQG MIICqjCCAk+gAwIBAgIJAIuJ+0352Kq4MAoGCCqGSM49BAMCMIGwMQswCQYDVQQG
@ -240,39 +228,33 @@
project: "{{ gcp_project }}" project: "{{ gcp_project }}"
auth_kind: "{{ gcp_cred_kind }}" auth_kind: "{{ gcp_cred_kind }}"
service_account_file: "{{ gcp_cred_file }}" service_account_file: "{{ gcp_cred_file }}"
scopes:
- https://www.googleapis.com/auth/compute
state: absent state: absent
register: sslcert register: sslcert
- name: delete a url map - name: delete a url map
gcp_compute_url_map: gcp_compute_url_map:
name: 'urlmap-targethttpsproxy' name: "urlmap-targethttpsproxy"
default_service: "{{ backendservice }}" default_service: "{{ backendservice }}"
project: "{{ gcp_project }}" project: "{{ gcp_project }}"
auth_kind: "{{ gcp_cred_kind }}" auth_kind: "{{ gcp_cred_kind }}"
service_account_file: "{{ gcp_cred_file }}" service_account_file: "{{ gcp_cred_file }}"
scopes:
- https://www.googleapis.com/auth/compute
state: absent state: absent
register: urlmap register: urlmap
- name: delete a backend service - name: delete a backend service
gcp_compute_backend_service: gcp_compute_backend_service:
name: 'backendservice-targethttpsproxy' name: "backendservice-targethttpsproxy"
backends: backends:
- group: "{{ instancegroup }}" - group: "{{ instancegroup }}"
health_checks: health_checks:
- "{{ healthcheck.selfLink }}" - "{{ healthcheck.selfLink }}"
enable_cdn: true enable_cdn: true
project: "{{ gcp_project }}" project: "{{ gcp_project }}"
auth_kind: "{{ gcp_cred_kind }}" auth_kind: "{{ gcp_cred_kind }}"
service_account_file: "{{ gcp_cred_file }}" service_account_file: "{{ gcp_cred_file }}"
scopes:
- https://www.googleapis.com/auth/compute
state: absent state: absent
register: backendservice register: backendservice
- name: delete a http health check - name: delete a http health check
gcp_compute_http_health_check: gcp_compute_http_health_check:
name: 'httphealthcheck-targethttpsproxy' name: "httphealthcheck-targethttpsproxy"
healthy_threshold: 10 healthy_threshold: 10
port: 8080 port: 8080
timeout_sec: 2 timeout_sec: 2
@ -280,18 +262,14 @@
project: "{{ gcp_project }}" project: "{{ gcp_project }}"
auth_kind: "{{ gcp_cred_kind }}" auth_kind: "{{ gcp_cred_kind }}"
service_account_file: "{{ gcp_cred_file }}" service_account_file: "{{ gcp_cred_file }}"
scopes:
- https://www.googleapis.com/auth/compute
state: absent state: absent
register: healthcheck register: healthcheck
- name: delete a instance group - name: delete a instance group
gcp_compute_instance_group: gcp_compute_instance_group:
name: 'instancegroup-targethttpsproxy' name: "instancegroup-targethttpsproxy"
zone: 'us-central1-a' zone: us-central1-a
project: "{{ gcp_project }}" project: "{{ gcp_project }}"
auth_kind: "{{ gcp_cred_kind }}" auth_kind: "{{ gcp_cred_kind }}"
service_account_file: "{{ gcp_cred_file }}" service_account_file: "{{ gcp_cred_file }}"
scopes:
- https://www.googleapis.com/auth/compute
state: absent state: absent
register: instancegroup register: instancegroup