Bug fixes for gcp_compute_ssl_certificate (#42821)

This commit is contained in:
Alex Stephen 2018-08-13 09:15:15 -07:00 committed by Ryan Brown
parent c38e1e5631
commit fbfea59d7d
2 changed files with 36 additions and 41 deletions

View file

@ -76,9 +76,8 @@ extends_documentation_fragment: gcp
EXAMPLES = '''
- name: create a ssl certificate
gcp_compute_ssl_certificate:
name: testObject
description: |
"A certificate for testing. Do not use this certificate in production"
name: "test_object"
description: A certificate for testing. Do not use this certificate in production
certificate: |
-----BEGIN CERTIFICATE-----
MIICqjCCAk+gAwIBAgIJAIuJ+0352Kq4MAoGCCqGSM49BAMCMIGwMQswCQYDVQQG
@ -103,11 +102,9 @@ EXAMPLES = '''
AwEHoUQDQgAEHGzpcRJ4XzfBJCCPMQeXQpTXwlblimODQCuQ4mzkzTv0dXyB750f
OGN02HtkpBOZzzvUARTR10JQoSe2/5PIwQ==
-----END EC PRIVATE KEY-----
project: testProject
auth_kind: service_account
service_account_file: /tmp/auth.pem
scopes:
- https://www.googleapis.com/auth/compute
project: "test_project"
auth_kind: "service_account"
service_account_file: "/tmp/auth.pem"
state: present
'''
@ -177,6 +174,9 @@ def main():
)
)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']
state = module.params['state']
kind = 'compute#sslCertificate'
@ -186,10 +186,10 @@ def main():
if fetch:
if state == 'present':
if is_different(module, fetch):
fetch = update(module, self_link(module), kind, fetch)
fetch = update(module, self_link(module), kind)
changed = True
else:
delete(module, self_link(module), kind, fetch)
delete(module, self_link(module), kind)
fetch = {}
changed = True
else:
@ -209,12 +209,12 @@ def create(module, link, kind):
return wait_for_operation(module, auth.post(link, resource_to_request(module)))
def update(module, link, kind, fetch):
def update(module, link, kind):
auth = GcpSession(module, 'compute')
return wait_for_operation(module, auth.put(link, resource_to_request(module)))
def delete(module, link, kind, fetch):
def delete(module, link, kind):
auth = GcpSession(module, 'compute')
return wait_for_operation(module, auth.delete(link))
@ -314,7 +314,7 @@ def async_op_url(module, extra_data=None):
def wait_for_operation(module, response):
op_result = return_if_object(module, response, 'compute#operation')
if op_result is None:
return None
return {}
status = navigate_hash(op_result, ['status'])
wait_done = wait_for_completion(status, op_result, module)
return fetch_resource(module, navigate_hash(wait_done, ['targetLink']), 'compute#sslCertificate')

View file

@ -16,8 +16,7 @@
- name: delete a ssl certificate
gcp_compute_ssl_certificate:
name: "{{ resource_name }}"
description: |
"A certificate for testing. Do not use this certificate in production"
description: A certificate for testing. Do not use this certificate in production
certificate: |
-----BEGIN CERTIFICATE-----
MIICqjCCAk+gAwIBAgIJAIuJ+0352Kq4MAoGCCqGSM49BAMCMIGwMQswCQYDVQQG
@ -45,15 +44,12 @@
project: "{{ gcp_project }}"
auth_kind: "{{ gcp_cred_kind }}"
service_account_file: "{{ gcp_cred_file }}"
scopes:
- https://www.googleapis.com/auth/compute
state: absent
#----------------------------------------------------------
- name: create a ssl certificate
gcp_compute_ssl_certificate:
name: "{{ resource_name }}"
description: |
"A certificate for testing. Do not use this certificate in production"
description: A certificate for testing. Do not use this certificate in production
certificate: |
-----BEGIN CERTIFICATE-----
MIICqjCCAk+gAwIBAgIJAIuJ+0352Kq4MAoGCCqGSM49BAMCMIGwMQswCQYDVQQG
@ -81,8 +77,6 @@
project: "{{ gcp_project }}"
auth_kind: "{{ gcp_cred_kind }}"
service_account_file: "{{ gcp_cred_file }}"
scopes:
- https://www.googleapis.com/auth/compute
state: present
register: result
- name: assert changed is true
@ -91,19 +85,24 @@
- result.changed == true
- "result.kind == 'compute#sslCertificate'"
- name: verify that ssl_certificate was created
shell: |
gcloud compute ssl-certificates describe --project="{{ gcp_project}}" "{{ resource_name }}"
gcp_compute_ssl_certificate_facts:
filters:
- name = {{ resource_name }}
project: "{{ gcp_project }}"
auth_kind: "{{ gcp_cred_kind }}"
service_account_file: "{{ gcp_cred_file }}"
scopes:
- https://www.googleapis.com/auth/compute
register: results
- name: verify that command succeeded
assert:
that:
- results.rc == 0
- results['items'] | length == 1
# ----------------------------------------------------------------------------
- name: create a ssl certificate that already exists
gcp_compute_ssl_certificate:
name: "{{ resource_name }}"
description: |
"A certificate for testing. Do not use this certificate in production"
description: A certificate for testing. Do not use this certificate in production
certificate: |
-----BEGIN CERTIFICATE-----
MIICqjCCAk+gAwIBAgIJAIuJ+0352Kq4MAoGCCqGSM49BAMCMIGwMQswCQYDVQQG
@ -131,8 +130,6 @@
project: "{{ gcp_project }}"
auth_kind: "{{ gcp_cred_kind }}"
service_account_file: "{{ gcp_cred_file }}"
scopes:
- https://www.googleapis.com/auth/compute
state: present
register: result
- name: assert changed is false
@ -144,8 +141,7 @@
- name: delete a ssl certificate
gcp_compute_ssl_certificate:
name: "{{ resource_name }}"
description: |
"A certificate for testing. Do not use this certificate in production"
description: A certificate for testing. Do not use this certificate in production
certificate: |
-----BEGIN CERTIFICATE-----
MIICqjCCAk+gAwIBAgIJAIuJ+0352Kq4MAoGCCqGSM49BAMCMIGwMQswCQYDVQQG
@ -173,8 +169,6 @@
project: "{{ gcp_project }}"
auth_kind: "{{ gcp_cred_kind }}"
service_account_file: "{{ gcp_cred_file }}"
scopes:
- https://www.googleapis.com/auth/compute
state: absent
register: result
- name: assert changed is true
@ -183,21 +177,24 @@
- result.changed == true
- result.has_key('kind') == False
- name: verify that ssl_certificate was deleted
shell: |
gcloud compute ssl-certificates describe --project="{{ gcp_project}}" "{{ resource_name }}"
gcp_compute_ssl_certificate_facts:
filters:
- name = {{ resource_name }}
project: "{{ gcp_project }}"
auth_kind: "{{ gcp_cred_kind }}"
service_account_file: "{{ gcp_cred_file }}"
scopes:
- https://www.googleapis.com/auth/compute
register: results
failed_when: results.rc == 0
- name: verify that command succeeded
assert:
that:
- results.rc == 1
- "\"'projects/{{ gcp_project }}/global/sslCertificates/{{ resource_name }}' was not found\" in results.stderr"
- results['items'] | length == 0
# ----------------------------------------------------------------------------
- name: delete a ssl certificate that does not exist
gcp_compute_ssl_certificate:
name: "{{ resource_name }}"
description: |
"A certificate for testing. Do not use this certificate in production"
description: A certificate for testing. Do not use this certificate in production
certificate: |
-----BEGIN CERTIFICATE-----
MIICqjCCAk+gAwIBAgIJAIuJ+0352Kq4MAoGCCqGSM49BAMCMIGwMQswCQYDVQQG
@ -225,8 +222,6 @@
project: "{{ gcp_project }}"
auth_kind: "{{ gcp_cred_kind }}"
service_account_file: "{{ gcp_cred_file }}"
scopes:
- https://www.googleapis.com/auth/compute
state: absent
register: result
- name: assert changed is false