diff --git a/.ansible-lint b/.ansible-lint index 0c5e6689..e76ae9cd 100644 --- a/.ansible-lint +++ b/.ansible-lint @@ -1,10 +1,5 @@ --- profile: production parseable: true -skip_list: - - ANSIBLE0010 use_default_rules: true verbosity: 1 -exclude_paths: - # Ignore submodule https://github.com/GoogleCloudPlatform/google-cloud-ops-agents-ansible - - roles/google_cloud_ops_agents/ diff --git a/.github/workflows/ansible-integration-tests.yml b/.github/workflows/ansible-integration-tests.yml index ce18e0e2..8ff37f85 100644 --- a/.github/workflows/ansible-integration-tests.yml +++ b/.github/workflows/ansible-integration-tests.yml @@ -27,6 +27,7 @@ jobs: ansible_version: - stable-2.16 - stable-2.17 + - stable-2.18 steps: - name: check out code uses: actions/checkout@v4 diff --git a/.github/workflows/ansible-test.yml b/.github/workflows/ansible-test.yml index e9fea6a3..29f70c94 100644 --- a/.github/workflows/ansible-test.yml +++ b/.github/workflows/ansible-test.yml @@ -1,71 +1,119 @@ --- +# Should be kept up to date with https://github.com/ansible-collections/collection_template/blob/main/.github/workflows/ansible-test.yml +# Integration tests are run separately from the ansible-integration-tests.yml workflow. name: Run tests for the cloud.google collection -on: [pull_request] +on: + # Run CI against all pushes (direct commits, also merged PRs), Pull Requests + push: + branches: + - main + - stable-* + pull_request: + # Run CI once per day (at 06:00 UTC) + # This ensures that even if there haven't been commits that we are still + # testing against latest version of ansible-test for each ansible-core + # version + schedule: + - cron: '0 6 * * *' + +concurrency: + group: >- + ${{ github.workflow }}-${{ + github.event.pull_request.number || github.sha + }} + cancel-in-progress: true + jobs: - sanity-and-lint: - runs-on: ubuntu-latest - defaults: - run: - working-directory: ansible_collections/google/cloud + +### +# Sanity tests (REQUIRED) +# +# https://docs.ansible.com/ansible/latest/dev_guide/testing_sanity.html + + sanity: + name: Sanity (Ⓐ${{ matrix.ansible }}) strategy: matrix: - # Our version strategy is to test against the current and previous version - # of ansible-core and each major version of Python supported by both. - # https://docs.ansible.com/ansible/latest/reference_appendices/release_and_maintenance.html#ansible-core-support-matrix - ansible_version: + ansible: + # It's important that Sanity is tested against all stable-X.Y branches + # Testing against `devel` may fail as new tests are added. + # An alternative to `devel` is the `milestone` branch with + # gets synchronized with `devel` every few weeks and therefore + # tends to be a more stable target. Be aware that it is not updated + # around creation of a new stable branch, this might cause a problem + # that two different versions of ansible-test use the same sanity test + # ignore.txt file. + # Add new versions announced in + # https://github.com/ansible-collections/news-for-maintainers in a timely manner, + # consider dropping testing against EOL versions and versions you don't support. - stable-2.16 - stable-2.17 - python_version: - - '3.10' - - '3.11' - - '3.12' - steps: - - name: check out code - uses: actions/checkout@v4 - with: - path: ansible_collections/google/cloud - submodules: 'true' - - name: Set up Python - uses: actions/setup-python@v4 - with: - python-version: ${{ matrix.python_version }} - - name: Install ansible-base (${{ matrix.ansible_version }}) - run: pip install https://github.com/ansible/ansible/archive/${{ matrix.ansible_version }}.tar.gz --disable-pip-version-check - - name: Run ansible-test sanity - # validate-modules cannot be turned on until #498 is resolved. - run: ansible-test sanity -v --color --skip validate-modules - - name: Install ansible-lint - run: pip install ansible-lint==24.7.0 - - name: Run ansible-lint - run: ansible-lint --exclude roles/google_cloud_ops_agents/ - unit: + - stable-2.18 + - devel + # - milestone + runs-on: ubuntu-latest - defaults: - run: - working-directory: ansible_collections/google/cloud + + steps: + # Run sanity tests inside a Docker container. + # The docker container has all the pinned dependencies that are + # required and all Python versions Ansible supports. + - name: Perform sanity testing + # See the documentation for the following GitHub action on + # https://github.com/ansible-community/ansible-test-gh-action/blob/main/README.md + uses: ansible-community/ansible-test-gh-action@release/v1 + with: + ansible-core-version: ${{ matrix.ansible }} + testing-type: sanity + # OPTIONAL If your sanity tests require code + # from other collections, install them like this + # test-deps: >- + # ansible.netcommon + # ansible.utils + # OPTIONAL If set to true, will test only against changed files, + # which should improve CI performance. See limitations on + # https://github.com/ansible-community/ansible-test-gh-action#pull-request-change-detection + pull-request-change-detection: false + +### +# Unit tests (OPTIONAL) +# +# https://docs.ansible.com/ansible/latest/dev_guide/testing_units.html + + units: + runs-on: ubuntu-latest + + name: Units (Ⓐ${{ matrix.ansible }}) strategy: + # As soon as the first unit test fails, cancel the others to free up the CI queue + fail-fast: true matrix: - ansible_version: + ansible: + # Add new versions announced in + # https://github.com/ansible-collections/news-for-maintainers in a timely manner, + # consider dropping testing against EOL versions and versions you don't support. - stable-2.16 - stable-2.17 - python_version: - - '3.10' - - '3.11' - - '3.12' + - stable-2.18 + - devel + # - milestone + steps: - - name: check out code - uses: actions/checkout@v4 + - name: >- + Perform unit testing against + Ansible version ${{ matrix.ansible }} + # See the documentation for the following GitHub action on + # https://github.com/ansible-community/ansible-test-gh-action/blob/main/README.md + uses: ansible-community/ansible-test-gh-action@release/v1 with: - path: ansible_collections/google/cloud - - name: Set up Python - uses: actions/setup-python@v4 - with: - python-version: ${{ matrix.python_version }} - - name: Install dependencies - run: pip install -r requirements.txt - - name: Install test dependencies - run: pip install -r requirements-test.txt - - name: Install ansible-base (${{ matrix.ansible_version }}) - run: pip install https://github.com/ansible/ansible/archive/${{ matrix.ansible_version }}.tar.gz --disable-pip-version-check - - name: Run unit tests - run: ansible-test units -v --color --python "${{ matrix.python_version }}" + ansible-core-version: ${{ matrix.ansible }} + testing-type: units + # OPTIONAL If your unit tests require code + # from other collections, install them like this + test-deps: >- + ansible.netcommon + ansible.utils + # OPTIONAL If set to true, will test only against changed files, + # which should improve CI performance. See limitations on + # https://github.com/ansible-community/ansible-test-gh-action#pull-request-change-detection + pull-request-change-detection: false diff --git a/.github/workflows/gcloud.yml b/.github/workflows/gcloud.yml index 711ef940..c1819b86 100644 --- a/.github/workflows/gcloud.yml +++ b/.github/workflows/gcloud.yml @@ -31,10 +31,10 @@ jobs: with: path: ansible_collections/google/cloud - - name: Set up Python 3.10 + - name: Set up Python 3.11 uses: actions/setup-python@v4 with: - python-version: '3.10' + python-version: '3.11' - name: Install dependencies run: | diff --git a/.github/workflows/gcsfuse.yml b/.github/workflows/gcsfuse.yml index 8898703d..bd918441 100644 --- a/.github/workflows/gcsfuse.yml +++ b/.github/workflows/gcsfuse.yml @@ -26,10 +26,10 @@ jobs: with: path: ansible_collections/google/cloud - - name: Set up Python 3.10 + - name: Set up Python 3.11 uses: actions/setup-python@v4 with: - python-version: '3.10' + python-version: '3.11' - name: Install dependencies run: | diff --git a/.gitmodules b/.gitmodules index d2424a0a..e69de29b 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,3 +0,0 @@ -[submodule "roles/google_cloud_ops_agents"] - path = roles/google_cloud_ops_agents - url = https://github.com/GoogleCloudPlatform/google-cloud-ops-agents-ansible.git diff --git a/.yamllint b/.yamllint index 88276760..a473cdc6 100644 --- a/.yamllint +++ b/.yamllint @@ -15,7 +15,8 @@ rules: commas: max-spaces-after: -1 level: error - comments: disable + comments: + min-spaces-from-content: 1 comments-indentation: disable document-start: disable empty-lines: @@ -29,5 +30,8 @@ rules: new-line-at-end-of-file: disable new-lines: type: unix + octal-values: + forbid-implicit-octal: true + forbid-explicit-octal: true trailing-spaces: disable truthy: disable diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 7e76c68a..fdb4c8fd 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -4,6 +4,70 @@ Google.Cloud Release Notes .. contents:: Topics +v1.6.0 +====== + +Minor Changes +------------- + +- gcp_compute - added GVNIC support to compute instance (https://github.com/ansible-collections/google.cloud/pull/688). +- gcp_compute - added ``discard_local_ssd`` flag to compute instance (https://github.com/ansible-collections/google.cloud/pull/686). +- gcp_compute - added hostname support to dynamic inventory (https://github.com/ansible-collections/google.cloud/pull/689). +- gcp_secret_manager - added support for regional secret manager (https://github.com/ansible-collections/google.cloud/pull/685). + +Bugfixes +-------- + +- gcp_secret_manager - cleaned up error responses (https://github.com/ansible-collections/google.cloud/pull/690). +- gcp_serviceusage_service - updated documentation (https://github.com/ansible-collections/google.cloud/pull/691). + +v1.5.3 +====== + +Bugfixes +-------- + +- updated README to match required format (https://github.com/ansible-collections/google.cloud/pull/682). + +v1.5.2 +====== + +Bugfixes +-------- + +- gcp_compute - fixed get_project_disks to process all responses (https://github.com/ansible-collections/google.cloud/pull/677). + +v1.5.1 +====== + +Bugfixes +-------- + +- run integration test with Ansible 2.16 to match `requires_ansible` version + +v1.5.0 +====== + +Major Changes +------------- + +- google_cloud_ops_agents - role submodule removed because it prevents the collection from passing sanity and lint tests + +Minor Changes +------------- + +- gcp_pubsub_subscription - allows to create GCS subscription + +Bugfixes +-------- + +- ansible - 2.17 is now the minimum version supported +- ansible - 3.11 is now the minimum Python version +- ansible-test - fixed sanity tests +- ansible-test - integration tests are now run against 2.17 and 2.18 +- gcp_bigquery_table - properly handle BigQuery table clustering fields +- gcp_pubsub_subscription - fixed improper subscription uprade PATCH request + v1.4.1 ====== diff --git a/README.md b/README.md index 5c3f7dae..44be3715 100644 --- a/README.md +++ b/README.md @@ -1,9 +1,248 @@ # Google Cloud Platform Ansible Collection -This collection provides a series of Ansible modules and plugins for interacting with the [Google Cloud Platform](https://cloud.google.com) -This collection works with Ansible 2.16+ +This collection provides a series of Ansible modules and plugins for +interacting with the [Google Cloud Platform](https://cloud.google.com) -# Communication +## Description + +The google.cloud collection provides a way to automate provisioning, +configuration, and management of Google Cloud resources using Ansible +playbooks. This collection includes modules for managing various +Google Cloud services such as Compute Engine instances, Cloud Storage +buckets, Cloud SQL instances, and more. + +### Resources Supported + +* App Engine FirewallRule (gcp_appengine_firewall_rule, gcp_appengine_firewall_rule_info) +* BigQuery Dataset (gcp_bigquery_dataset, gcp_bigquery_dataset_info) +* BigQuery Table (gcp_bigquery_table, gcp_bigquery_table_info) +* Cloud Bigtable Instance (gcp_bigtable_instance, gcp_bigtable_instance_info) +* Cloud Build Trigger (gcp_cloudbuild_trigger, gcp_cloudbuild_trigger_info) +* Cloud Functions CloudFunction (gcp_cloudfunctions_cloud_function, gcp_cloudfunctions_cloud_function_info) +* Cloud Scheduler Job (gcp_cloudscheduler_job, gcp_cloudscheduler_job_info) +* Cloud Tasks Queue (gcp_cloudtasks_queue, gcp_cloudtasks_queue_info) +* Compute Engine Address (gcp_compute_address, gcp_compute_address_info) +* Compute Engine Autoscaler (gcp_compute_autoscaler, gcp_compute_autoscaler_info) +* Compute Engine BackendBucket (gcp_compute_backend_bucket, gcp_compute_backend_bucket_info) +* Compute Engine BackendService (gcp_compute_backend_service, gcp_compute_backend_service_info) +* Compute Engine RegionBackendService (gcp_compute_region_backend_service, gcp_compute_region_backend_service_info) +* Compute Engine Disk (gcp_compute_disk, gcp_compute_disk_info) +* Compute Engine Firewall (gcp_compute_firewall, gcp_compute_firewall_info) +* Compute Engine ForwardingRule (gcp_compute_forwarding_rule, gcp_compute_forwarding_rule_info) +* Compute Engine GlobalAddress (gcp_compute_global_address, gcp_compute_global_address_info) +* Compute Engine GlobalForwardingRule (gcp_compute_global_forwarding_rule, gcp_compute_global_forwarding_rule_info) +* Compute Engine HttpHealthCheck (gcp_compute_http_health_check, gcp_compute_http_health_check_info) +* Compute Engine HttpsHealthCheck (gcp_compute_https_health_check, gcp_compute_https_health_check_info) +* Compute Engine HealthCheck (gcp_compute_health_check, gcp_compute_health_check_info) +* Compute Engine InstanceTemplate (gcp_compute_instance_template, gcp_compute_instance_template_info) +* Compute Engine Image (gcp_compute_image, gcp_compute_image_info) +* Compute Engine Instance (gcp_compute_instance, gcp_compute_instance_info) +* Compute Engine InstanceGroup (gcp_compute_instance_group, gcp_compute_instance_group_info) +* Compute Engine InstanceGroupManager (gcp_compute_instance_group_manager, gcp_compute_instance_group_manager_info) +* Compute Engine RegionInstanceGroupManager (gcp_compute_region_instance_group_manager, gcp_compute_region_instance_group_manager_info) +* Compute Engine InterconnectAttachment (gcp_compute_interconnect_attachment, gcp_compute_interconnect_attachment_info) +* Compute Engine Network (gcp_compute_network, gcp_compute_network_info) +* Compute Engine NetworkEndpointGroup (gcp_compute_network_endpoint_group, gcp_compute_network_endpoint_group_info) +* Compute Engine NodeGroup (gcp_compute_node_group, gcp_compute_node_group_info) +* Compute Engine NodeTemplate (gcp_compute_node_template, gcp_compute_node_template_info) +* Compute Engine RegionAutoscaler (gcp_compute_region_autoscaler, gcp_compute_region_autoscaler_info) +* Compute Engine RegionDisk (gcp_compute_region_disk, gcp_compute_region_disk_info) +* Compute Engine RegionUrlMap (gcp_compute_region_url_map, gcp_compute_region_url_map_info) +* Compute Engine RegionHealthCheck (gcp_compute_region_health_check, gcp_compute_region_health_check_info) +* Compute Engine ResourcePolicy (gcp_compute_resource_policy, gcp_compute_resource_policy_info) +* Compute Engine Route (gcp_compute_route, gcp_compute_route_info) +* Compute Engine Router (gcp_compute_router, gcp_compute_router_info) +* Compute Engine Snapshot (gcp_compute_snapshot, gcp_compute_snapshot_info) +* Compute Engine SslCertificate (gcp_compute_ssl_certificate, gcp_compute_ssl_certificate_info) +* Compute Engine Reservation (gcp_compute_reservation, gcp_compute_reservation_info) +* Compute Engine SslPolicy (gcp_compute_ssl_policy, gcp_compute_ssl_policy_info) +* Compute Engine Subnetwork (gcp_compute_subnetwork, gcp_compute_subnetwork_info) +* Compute Engine TargetHttpProxy (gcp_compute_target_http_proxy, gcp_compute_target_http_proxy_info) +* Compute Engine TargetHttpsProxy (gcp_compute_target_https_proxy, gcp_compute_target_https_proxy_info) +* Compute Engine RegionTargetHttpProxy (gcp_compute_region_target_http_proxy, gcp_compute_region_target_http_proxy_info) +* Compute Engine RegionTargetHttpsProxy (gcp_compute_region_target_https_proxy, gcp_compute_region_target_https_proxy_info) +* Compute Engine TargetInstance (gcp_compute_target_instance, gcp_compute_target_instance_info) +* Compute Engine TargetPool (gcp_compute_target_pool, gcp_compute_target_pool_info) +* Compute Engine TargetSslProxy (gcp_compute_target_ssl_proxy, gcp_compute_target_ssl_proxy_info) +* Compute Engine TargetTcpProxy (gcp_compute_target_tcp_proxy, gcp_compute_target_tcp_proxy_info) +* Compute Engine TargetVpnGateway (gcp_compute_target_vpn_gateway, gcp_compute_target_vpn_gateway_info) +* Compute Engine UrlMap (gcp_compute_url_map, gcp_compute_url_map_info) +* Compute Engine VpnTunnel (gcp_compute_vpn_tunnel, gcp_compute_vpn_tunnel_info) +* Google Kubernetes Engine Cluster (gcp_container_cluster, gcp_container_cluster_info) +* Google Kubernetes Engine NodePool (gcp_container_node_pool, gcp_container_node_pool_info) +* Cloud DNS ManagedZone (gcp_dns_managed_zone, gcp_dns_managed_zone_info) +* Cloud DNS ResourceRecordSet (gcp_dns_resource_record_set, gcp_dns_resource_record_set_info) +* Filestore Instance (gcp_filestore_instance, gcp_filestore_instance_info) +* Cloud IAM Role (gcp_iam_role, gcp_iam_role_info) +* Cloud IAM ServiceAccount (gcp_iam_service_account, gcp_iam_service_account_info) +* Cloud IAM ServiceAccountKey (gcp_iam_service_account_key, gcp_iam_service_account_key_info) +* Cloud Key Management Service KeyRing (gcp_kms_key_ring, gcp_kms_key_ring_info) +* Cloud Key Management Service CryptoKey (gcp_kms_crypto_key, gcp_kms_crypto_key_info) +* Cloud (Stackdriver) Logging Metric (gcp_logging_metric, gcp_logging_metric_info) +* ML Engine Model (gcp_mlengine_model, gcp_mlengine_model_info) +* ML Engine Version (gcp_mlengine_version, gcp_mlengine_version_info) +* Cloud Pub/Sub Topic (gcp_pubsub_topic, gcp_pubsub_topic_info) +* Cloud Pub/Sub Subscription (gcp_pubsub_subscription, gcp_pubsub_subscription_info) +* Memorystore (Redis) Instance (gcp_redis_instance, gcp_redis_instance_info) +* Resource Manager Project (gcp_resourcemanager_project, gcp_resourcemanager_project_info) +* Runtime Configurator Config (gcp_runtimeconfig_config, gcp_runtimeconfig_config_info) +* Runtime Configurator Variable (gcp_runtimeconfig_variable, gcp_runtimeconfig_variable_info) +* Service Usage Service (gcp_serviceusage_service, gcp_serviceusage_service_info) +* Cloud Source Repositories Repository (gcp_sourcerepo_repository, gcp_sourcerepo_repository_info) +* Cloud Spanner Instance (gcp_spanner_instance, gcp_spanner_instance_info) +* Cloud Spanner Database (gcp_spanner_database, gcp_spanner_database_info) +* Cloud SQL Instance (gcp_sql_instance, gcp_sql_instance_info) +* Cloud SQL Database (gcp_sql_database, gcp_sql_database_info) +* Cloud SQL User (gcp_sql_user, gcp_sql_user_info) +* Cloud SQL SslCert (gcp_sql_ssl_cert, gcp_sql_ssl_cert_info) +* Cloud Storage Bucket (gcp_storage_bucket, gcp_storage_bucket_info) +* Cloud Storage BucketAccessControl (gcp_storage_bucket_access_control, gcp_storage_bucket_access_control_info) +* Cloud Storage DefaultObjectACL (gcp_storage_default_object_acl, gcp_storage_default_object_acl_info) +* Cloud TPU Node (gcp_tpu_node, gcp_tpu_node_info) +* Secret Manager (gcp_secret_manager) + +## Requirements + +### Ansible version compatibility + +This collection is tested to work with Ansible 2.16+. + +### Python version compatibility + +This collection is tested with to work Python 3.10+ + +## Installation + +Before using this collection, you need to install it with the Ansible Galaxy +command-line tool: + +``` +ansible-galaxy collection install google.cloud +``` + +You can also include it in a requirements.yml file and install it with +ansible-galaxy collection install -r requirements.yml, using the format: + + +```yaml +collections: + - name: google.cloud +``` + +Note that if you install any collections from Ansible Galaxy, they will not be +upgraded automatically when you upgrade the Ansible package. +To upgrade the collection to the latest available version, run the following +command: + +``` +ansible-galaxy collection install google.cloud --upgrade +``` + +You can also install a specific version of the collection, for example, if you +need to downgrade when something is broken in the latest version (please +report an issue in this repository). Use the following syntax to install +version 1.5.1: + +``` +ansible-galaxy collection install google.cloud:==1.5.1 +``` + +See [using Ansible collections](https://docs.ansible.com/ansible/devel/user_guide/collections_using.html) for more details. + +If you are using the google.cloud collection locally you will likely need +to install the [gcloud command line tool](https://cloud.google.com/sdk/docs/install#rpm) +in order to perform authentication The easiest way to +authenticate to GCP is using [application default credentials](https://cloud.google.com/sdk/docs/authorizing#adc). + +Once you have installed `gcloud` and performed basic initialization +(via `gcloud init`) run: + +```shell +gcloud auth application-default login +``` + +For more authentication options see the Use Cases section below. + +## Use Cases + +The google.cloud collection supports multiple methods to authenticate to Google +Cloud: + +* Application Default Credentials (`auth_kind: "application"`) +* Service Account Key (`auth_kind: "serviceaccount"`) +* OAuth Credentials (`auth_kind: "accesstoken"`) + +To use Application default credentials configured using `gcloud`: + +```yaml +- name: Create a Google Cloud Storage bucket + google.cloud.gcp_storage_bucket: + name: "{{ bucket_name }}" + project: "{{ gcp_project }}" + auth_kind: "application" + state: present +- name: Delete a Google Cloud Storage bucket + google.cloud.gcp_storage_bucket: + name: "{{ bucket_name }}" + project: "{{ gcp_project }}" + auth_kind: "application" + state: absent +``` + +For unattended operation it is common to use service account keys. To use +these, set `auth_kind` to `serviceaccount` and `service_account_file` to +the path to the file containing your service account key. + +```yaml +- name: Create a Google Cloud Storage bucket + google.cloud.gcp_storage_bucket: + name: "{{ bucket_name }}" + project: "{{ gcp_project }}" + auth_kind: "serviceaccount" + service_account_file: "{{ gcp_cred_file }}" + state: present +- name: Delete a Google Cloud Storage bucket + google.cloud.gcp_storage_bucket: + name: "{{ bucket_name }}" + project: "{{ gcp_project }}" + auth_kind: "serviceaccount" + service_account_file: "{{ gcp_cred_file }}" + state: absent +``` + +In place of `service_account_file` you may instead use +`service_account_contents` which contains the service account key +directly. + +Read the [best practices for managing service account keys](https://cloud.google.com/iam/docs/best-practices-for-managing-service-account-keys) +to learn how to keep your service account key and your GCP resources safe. + +Common options can also be set using environment variables, simplifying +automated operations. The available variables are: + +```shell +export GCP_PROJECT= +export GCP_AUTH_KIND= +export GCP_SERVICE_ACCOUNT_FILE= +export GCP_SERVICE_ACCOUNT_CONTENTS= +export GCP_SCOPES= +export GCP_REGION= +export GCP_ZONE= +``` + +## Testing + +The google.cloud collection is tested with the two most recent releases of +Ansible with the versions of Python supported by those releases. The +current version matrix can be seen in the +[GitHub action configuration](https://github.com/ansible-collections/google.cloud/blob/master/.github/workflows/ansible-integration-tests.yml). + +To learn how to run the tests locally, read +[CONTRIBUTING.md](https://github.com/ansible-collections/google.cloud/blob/master/CONTRIBUTING.md). + +## Support + +There are several avenues of commuication available for google.cloud users: * Join the Ansible forum: * [Get Help](https://forum.ansible.com/c/help/6): get help or help others. Please use appropriate tags, for example `cloud`. @@ -14,96 +253,19 @@ This collection works with Ansible 2.16+ For more information about communication, see the [Ansible communication guide](https://docs.ansible.com/ansible/devel/community/communication.html). -# Installation -```bash -ansible-galaxy collection install google.cloud -``` +## Release Notes -# Resources Supported - * App Engine FirewallRule (gcp_appengine_firewall_rule, gcp_appengine_firewall_rule_info) - * BigQuery Dataset (gcp_bigquery_dataset, gcp_bigquery_dataset_info) - * BigQuery Table (gcp_bigquery_table, gcp_bigquery_table_info) - * Cloud Bigtable Instance (gcp_bigtable_instance, gcp_bigtable_instance_info) - * Cloud Build Trigger (gcp_cloudbuild_trigger, gcp_cloudbuild_trigger_info) - * Cloud Functions CloudFunction (gcp_cloudfunctions_cloud_function, gcp_cloudfunctions_cloud_function_info) - * Cloud Scheduler Job (gcp_cloudscheduler_job, gcp_cloudscheduler_job_info) - * Cloud Tasks Queue (gcp_cloudtasks_queue, gcp_cloudtasks_queue_info) - * Compute Engine Address (gcp_compute_address, gcp_compute_address_info) - * Compute Engine Autoscaler (gcp_compute_autoscaler, gcp_compute_autoscaler_info) - * Compute Engine BackendBucket (gcp_compute_backend_bucket, gcp_compute_backend_bucket_info) - * Compute Engine BackendService (gcp_compute_backend_service, gcp_compute_backend_service_info) - * Compute Engine RegionBackendService (gcp_compute_region_backend_service, gcp_compute_region_backend_service_info) - * Compute Engine Disk (gcp_compute_disk, gcp_compute_disk_info) - * Compute Engine Firewall (gcp_compute_firewall, gcp_compute_firewall_info) - * Compute Engine ForwardingRule (gcp_compute_forwarding_rule, gcp_compute_forwarding_rule_info) - * Compute Engine GlobalAddress (gcp_compute_global_address, gcp_compute_global_address_info) - * Compute Engine GlobalForwardingRule (gcp_compute_global_forwarding_rule, gcp_compute_global_forwarding_rule_info) - * Compute Engine HttpHealthCheck (gcp_compute_http_health_check, gcp_compute_http_health_check_info) - * Compute Engine HttpsHealthCheck (gcp_compute_https_health_check, gcp_compute_https_health_check_info) - * Compute Engine HealthCheck (gcp_compute_health_check, gcp_compute_health_check_info) - * Compute Engine InstanceTemplate (gcp_compute_instance_template, gcp_compute_instance_template_info) - * Compute Engine Image (gcp_compute_image, gcp_compute_image_info) - * Compute Engine Instance (gcp_compute_instance, gcp_compute_instance_info) - * Compute Engine InstanceGroup (gcp_compute_instance_group, gcp_compute_instance_group_info) - * Compute Engine InstanceGroupManager (gcp_compute_instance_group_manager, gcp_compute_instance_group_manager_info) - * Compute Engine RegionInstanceGroupManager (gcp_compute_region_instance_group_manager, gcp_compute_region_instance_group_manager_info) - * Compute Engine InterconnectAttachment (gcp_compute_interconnect_attachment, gcp_compute_interconnect_attachment_info) - * Compute Engine Network (gcp_compute_network, gcp_compute_network_info) - * Compute Engine NetworkEndpointGroup (gcp_compute_network_endpoint_group, gcp_compute_network_endpoint_group_info) - * Compute Engine NodeGroup (gcp_compute_node_group, gcp_compute_node_group_info) - * Compute Engine NodeTemplate (gcp_compute_node_template, gcp_compute_node_template_info) - * Compute Engine RegionAutoscaler (gcp_compute_region_autoscaler, gcp_compute_region_autoscaler_info) - * Compute Engine RegionDisk (gcp_compute_region_disk, gcp_compute_region_disk_info) - * Compute Engine RegionUrlMap (gcp_compute_region_url_map, gcp_compute_region_url_map_info) - * Compute Engine RegionHealthCheck (gcp_compute_region_health_check, gcp_compute_region_health_check_info) - * Compute Engine ResourcePolicy (gcp_compute_resource_policy, gcp_compute_resource_policy_info) - * Compute Engine Route (gcp_compute_route, gcp_compute_route_info) - * Compute Engine Router (gcp_compute_router, gcp_compute_router_info) - * Compute Engine Snapshot (gcp_compute_snapshot, gcp_compute_snapshot_info) - * Compute Engine SslCertificate (gcp_compute_ssl_certificate, gcp_compute_ssl_certificate_info) - * Compute Engine Reservation (gcp_compute_reservation, gcp_compute_reservation_info) - * Compute Engine SslPolicy (gcp_compute_ssl_policy, gcp_compute_ssl_policy_info) - * Compute Engine Subnetwork (gcp_compute_subnetwork, gcp_compute_subnetwork_info) - * Compute Engine TargetHttpProxy (gcp_compute_target_http_proxy, gcp_compute_target_http_proxy_info) - * Compute Engine TargetHttpsProxy (gcp_compute_target_https_proxy, gcp_compute_target_https_proxy_info) - * Compute Engine RegionTargetHttpProxy (gcp_compute_region_target_http_proxy, gcp_compute_region_target_http_proxy_info) - * Compute Engine RegionTargetHttpsProxy (gcp_compute_region_target_https_proxy, gcp_compute_region_target_https_proxy_info) - * Compute Engine TargetInstance (gcp_compute_target_instance, gcp_compute_target_instance_info) - * Compute Engine TargetPool (gcp_compute_target_pool, gcp_compute_target_pool_info) - * Compute Engine TargetSslProxy (gcp_compute_target_ssl_proxy, gcp_compute_target_ssl_proxy_info) - * Compute Engine TargetTcpProxy (gcp_compute_target_tcp_proxy, gcp_compute_target_tcp_proxy_info) - * Compute Engine TargetVpnGateway (gcp_compute_target_vpn_gateway, gcp_compute_target_vpn_gateway_info) - * Compute Engine UrlMap (gcp_compute_url_map, gcp_compute_url_map_info) - * Compute Engine VpnTunnel (gcp_compute_vpn_tunnel, gcp_compute_vpn_tunnel_info) - * Google Kubernetes Engine Cluster (gcp_container_cluster, gcp_container_cluster_info) - * Google Kubernetes Engine NodePool (gcp_container_node_pool, gcp_container_node_pool_info) - * Cloud DNS ManagedZone (gcp_dns_managed_zone, gcp_dns_managed_zone_info) - * Cloud DNS ResourceRecordSet (gcp_dns_resource_record_set, gcp_dns_resource_record_set_info) - * Filestore Instance (gcp_filestore_instance, gcp_filestore_instance_info) - * Cloud IAM Role (gcp_iam_role, gcp_iam_role_info) - * Cloud IAM ServiceAccount (gcp_iam_service_account, gcp_iam_service_account_info) - * Cloud IAM ServiceAccountKey (gcp_iam_service_account_key, gcp_iam_service_account_key_info) - * Cloud Key Management Service KeyRing (gcp_kms_key_ring, gcp_kms_key_ring_info) - * Cloud Key Management Service CryptoKey (gcp_kms_crypto_key, gcp_kms_crypto_key_info) - * Cloud (Stackdriver) Logging Metric (gcp_logging_metric, gcp_logging_metric_info) - * ML Engine Model (gcp_mlengine_model, gcp_mlengine_model_info) - * ML Engine Version (gcp_mlengine_version, gcp_mlengine_version_info) - * Cloud Pub/Sub Topic (gcp_pubsub_topic, gcp_pubsub_topic_info) - * Cloud Pub/Sub Subscription (gcp_pubsub_subscription, gcp_pubsub_subscription_info) - * Memorystore (Redis) Instance (gcp_redis_instance, gcp_redis_instance_info) - * Resource Manager Project (gcp_resourcemanager_project, gcp_resourcemanager_project_info) - * Runtime Configurator Config (gcp_runtimeconfig_config, gcp_runtimeconfig_config_info) - * Runtime Configurator Variable (gcp_runtimeconfig_variable, gcp_runtimeconfig_variable_info) - * Service Usage Service (gcp_serviceusage_service, gcp_serviceusage_service_info) - * Cloud Source Repositories Repository (gcp_sourcerepo_repository, gcp_sourcerepo_repository_info) - * Cloud Spanner Instance (gcp_spanner_instance, gcp_spanner_instance_info) - * Cloud Spanner Database (gcp_spanner_database, gcp_spanner_database_info) - * Cloud SQL Instance (gcp_sql_instance, gcp_sql_instance_info) - * Cloud SQL Database (gcp_sql_database, gcp_sql_database_info) - * Cloud SQL User (gcp_sql_user, gcp_sql_user_info) - * Cloud SQL SslCert (gcp_sql_ssl_cert, gcp_sql_ssl_cert_info) - * Cloud Storage Bucket (gcp_storage_bucket, gcp_storage_bucket_info) - * Cloud Storage BucketAccessControl (gcp_storage_bucket_access_control, gcp_storage_bucket_access_control_info) - * Cloud Storage DefaultObjectACL (gcp_storage_default_object_acl, gcp_storage_default_object_acl_info) - * Cloud TPU Node (gcp_tpu_node, gcp_tpu_node_info) - * Secret Manager (gcp_secret_manager) +See [CHANGELOG.md](https://github.com/ansible-collections/google.cloud/blob/master/CHANGELOG.rst). + +## Related Information + +Documentation for Google Cloud Platform can be found at [cloud.google.com](https://cloud.google.com/docs/). + +Documentation for google.cloud resources can be found on the [Ansible Galaxy site](https://galaxy.ansible.com/ui/repo/published/google/cloud/docs/). + +## License Information + +GNU General Public License v3.0 or later. + +See [LICENSE](https://github.com/ansible-collections/google.cloud/blob/master/LICENSE) +to view the full text. diff --git a/changelogs/changelog.yaml b/changelogs/changelog.yaml index 738da7bc..3e8b9ad8 100644 --- a/changelogs/changelog.yaml +++ b/changelogs/changelog.yaml @@ -100,3 +100,63 @@ releases: fragments: - release-1-4-1.yml release_date: '2024-08-22' + 1.5.0: + changes: + bugfixes: + - ansible - 2.17 is now the minimum version supported + - ansible - 3.11 is now the minimum Python version + - ansible-test - fixed sanity tests + - ansible-test - integration tests are now run against 2.17 and 2.18 + - gcp_bigquery_table - properly handle BigQuery table clustering fields + - gcp_pubsub_subscription - fixed improper subscription uprade PATCH request + major_changes: + - google_cloud_ops_agents - role submodule removed because it prevents the collection + from passing sanity and lint tests + minor_changes: + - gcp_pubsub_subscription - allows to create GCS subscription + fragments: + - fix-bigquery-table-create-clustering.yml + - gcp_pubsub_subscription_bugfix.yaml + - gcp_pubsub_subscription_gcs_feature.yaml + - remove-google_cloud_ops_agents-role.yml + - upgrade_anisble.yml + release_date: '2025-01-14' + 1.5.1: + changes: + bugfixes: + - run integration test with Ansible 2.16 to match `requires_ansible` version + fragments: + - 667-include-2-16-in-ci.yml + release_date: '2025-01-30' + 1.5.2: + changes: + bugfixes: + - gcp_compute - fixed get_project_disks to process all responses (https://github.com/ansible-collections/google.cloud/pull/677). + fragments: + - 677-get-project-disks.yaml + release_date: '2025-04-18' + 1.5.3: + changes: + bugfixes: + - updated README to match required format (https://github.com/ansible-collections/google.cloud/pull/682). + fragments: + - 682-update-readme.yaml + release_date: '2025-04-30' + 1.6.0: + changes: + bugfixes: + - gcp_secret_manager - cleaned up error responses (https://github.com/ansible-collections/google.cloud/pull/690). + - gcp_serviceusage_service - updated documentation (https://github.com/ansible-collections/google.cloud/pull/691). + minor_changes: + - gcp_compute - added GVNIC support to compute instance (https://github.com/ansible-collections/google.cloud/pull/688). + - gcp_compute - added ``discard_local_ssd`` flag to compute instance (https://github.com/ansible-collections/google.cloud/pull/686). + - gcp_compute - added hostname support to dynamic inventory (https://github.com/ansible-collections/google.cloud/pull/689). + - gcp_secret_manager - added support for regional secret manager (https://github.com/ansible-collections/google.cloud/pull/685). + fragments: + - 685-support-for-regional-secret-manager.yaml + - 686-add-discard_local_ssd-flag-to-compute-instance.yaml + - 688-add-gvnic-support.yaml + - 689-hostname-support-for-dynamic-inventory.yaml + - 690-clear-up-error-responses-from-gcp_secret_manager-lookup.yaml + - 691-updated-documentation-for-gcp_serviceusage_service.yaml + release_date: '2025-06-20' diff --git a/changelogs/fragments/fix-bigquery-table-create-clustering.yml b/changelogs/fragments/fix-bigquery-table-create-clustering.yml deleted file mode 100644 index 02e073a6..00000000 --- a/changelogs/fragments/fix-bigquery-table-create-clustering.yml +++ /dev/null @@ -1,2 +0,0 @@ -bugfixes: - - gcp_bigquery_table - properly handle BigQuery table clustering fields diff --git a/changelogs/gcp_pubsub_subscription_bugfix.yaml b/changelogs/gcp_pubsub_subscription_bugfix.yaml deleted file mode 100644 index 355570d4..00000000 --- a/changelogs/gcp_pubsub_subscription_bugfix.yaml +++ /dev/null @@ -1,2 +0,0 @@ -bugfixes: - - gcp_pubsub_subscription - improper subscription uprade PATCH request \ No newline at end of file diff --git a/changelogs/gcp_pubsub_subscription_gcs_feature.yaml b/changelogs/gcp_pubsub_subscription_gcs_feature.yaml deleted file mode 100644 index c1362897..00000000 --- a/changelogs/gcp_pubsub_subscription_gcs_feature.yaml +++ /dev/null @@ -1,2 +0,0 @@ -features: - - gcp_pubsub_subscription - allows to create GCS subscription \ No newline at end of file diff --git a/codecov.yml b/codecov.yml new file mode 100644 index 00000000..bfdc9877 --- /dev/null +++ b/codecov.yml @@ -0,0 +1,8 @@ +coverage: + status: + project: + default: + informational: true + patch: + default: + informational: true diff --git a/galaxy.yml b/galaxy.yml index abd99cb4..ecc5be87 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -10,7 +10,7 @@ namespace: google name: cloud # The version of the collection. Must be compatible with semantic versioning -version: 1.4.1 +version: 1.6.0 # The path to the Markdown (.md) readme file. This path is relative to the root of the collection readme: README.md @@ -33,7 +33,7 @@ license: # The path to the license file for the collection. This path is relative to the root of the collection. This key is # mutually exclusive with 'license' -#license_file: '' +# license_file: '' # A list of tags you want to associate with the collection for indexing/searching. A tag name has the same character # requirements as 'namespace' and 'name' @@ -48,13 +48,13 @@ tags: # collection label 'namespace.name'. The value is a version range # L(specifiers,https://python-semanticversion.readthedocs.io/en/latest/#requirement-specification). Multiple version # range specifiers can be set and are separated by ',' -#dependencies: {} +# dependencies: {} # The URL of the originating SCM repository repository: https://github.com/ansible-collections/google.cloud # The URL to any online docs -#documentation: http://docs.example.com +# documentation: http://docs.example.com # The URL to the homepage of the collection/project homepage: http://cloud.google.com diff --git a/molecule/gcloud/Dockerfile.j2 b/molecule/gcloud/Dockerfile.j2 index 5c2401ca..c246fd91 100644 --- a/molecule/gcloud/Dockerfile.j2 +++ b/molecule/gcloud/Dockerfile.j2 @@ -46,7 +46,7 @@ RUN yum -y install python-pip {% endif %} {# Install of Python3 #} -{% if item.image in ["ubuntu:18.04", "ubuntu:20.04", "debian:10"] %} +{% if item.image in ["ubuntu:18.04", "ubuntu:20.04", "ubuntu:24.04", "debian:10", "debian:11", "debian:12"] %} RUN apt-get update \ && apt-get install -y --no-install-recommends \ apt-utils python3-setuptools python3-pip @@ -99,13 +99,13 @@ RUN locale-gen en_US.UTF-8 RUN mkdir -p /etc/ansible RUN echo "[local]\nlocalhost ansible_connection=local" > /etc/ansible/hosts -{% if item.image in ["centos:7", "centos:8", "debian:9", "debian:10"] %} +{% if item.image in ["centos:7", "centos:8", "debian:9", "debian:10", "debian:11", "debian:12"] %} VOLUME ["/sys/fs/cgroup"] -{% elif item.image in ["ubuntu:16.04", "ubuntu:18.04", "ubuntu:20.04"] %} +{% elif item.image in ["ubuntu:16.04", "ubuntu:18.04", "ubuntu:20.04", "ubuntu:24.04"] %} VOLUME ["/sys/fs/cgroup", "/tmp", "/run"] {% endif %} {% if item.image in ["centos:7", "centos:8"] %} CMD ["/usr/sbin/init"] -{% elif item.image in ["ubuntu:16.04", "ubuntu:18.04", "ubuntu:20.04", "debian:9", "debian:10"] %} +{% elif item.image in ["ubuntu:16.04", "ubuntu:18.04", "ubuntu:20.04", "ubuntu:24.04", "debian:9", "debian:10", "debian:11", "debian:12"] %} CMD ["/lib/systemd/systemd"] {% endif %} diff --git a/molecule/gcloud/molecule.yml b/molecule/gcloud/molecule.yml index 707639af..1fa069d1 100644 --- a/molecule/gcloud/molecule.yml +++ b/molecule/gcloud/molecule.yml @@ -9,13 +9,13 @@ lint: | ansible-lint platforms: - name: instance - image: ubuntu:20.04 + image: ubuntu:24.04 privileged: true ansible.builtin.command: /lib/systemd/systemd volumes: - /sys/fs/cgroup:/sys/fs/cgroup:ro - name: instance - image: debian:10 + image: debian:12 privileged: true ansible.builtin.command: /lib/systemd/systemd volumes: diff --git a/molecule/gcsfuse/Dockerfile.j2 b/molecule/gcsfuse/Dockerfile.j2 index 5c2401ca..c246fd91 100644 --- a/molecule/gcsfuse/Dockerfile.j2 +++ b/molecule/gcsfuse/Dockerfile.j2 @@ -46,7 +46,7 @@ RUN yum -y install python-pip {% endif %} {# Install of Python3 #} -{% if item.image in ["ubuntu:18.04", "ubuntu:20.04", "debian:10"] %} +{% if item.image in ["ubuntu:18.04", "ubuntu:20.04", "ubuntu:24.04", "debian:10", "debian:11", "debian:12"] %} RUN apt-get update \ && apt-get install -y --no-install-recommends \ apt-utils python3-setuptools python3-pip @@ -99,13 +99,13 @@ RUN locale-gen en_US.UTF-8 RUN mkdir -p /etc/ansible RUN echo "[local]\nlocalhost ansible_connection=local" > /etc/ansible/hosts -{% if item.image in ["centos:7", "centos:8", "debian:9", "debian:10"] %} +{% if item.image in ["centos:7", "centos:8", "debian:9", "debian:10", "debian:11", "debian:12"] %} VOLUME ["/sys/fs/cgroup"] -{% elif item.image in ["ubuntu:16.04", "ubuntu:18.04", "ubuntu:20.04"] %} +{% elif item.image in ["ubuntu:16.04", "ubuntu:18.04", "ubuntu:20.04", "ubuntu:24.04"] %} VOLUME ["/sys/fs/cgroup", "/tmp", "/run"] {% endif %} {% if item.image in ["centos:7", "centos:8"] %} CMD ["/usr/sbin/init"] -{% elif item.image in ["ubuntu:16.04", "ubuntu:18.04", "ubuntu:20.04", "debian:9", "debian:10"] %} +{% elif item.image in ["ubuntu:16.04", "ubuntu:18.04", "ubuntu:20.04", "ubuntu:24.04", "debian:9", "debian:10", "debian:11", "debian:12"] %} CMD ["/lib/systemd/systemd"] {% endif %} diff --git a/molecule/gcsfuse/molecule.yml b/molecule/gcsfuse/molecule.yml index 707639af..1fa069d1 100644 --- a/molecule/gcsfuse/molecule.yml +++ b/molecule/gcsfuse/molecule.yml @@ -9,13 +9,13 @@ lint: | ansible-lint platforms: - name: instance - image: ubuntu:20.04 + image: ubuntu:24.04 privileged: true ansible.builtin.command: /lib/systemd/systemd volumes: - /sys/fs/cgroup:/sys/fs/cgroup:ro - name: instance - image: debian:10 + image: debian:12 privileged: true ansible.builtin.command: /lib/systemd/systemd volumes: diff --git a/plugins/inventory/gcp_compute.py b/plugins/inventory/gcp_compute.py index f4743b29..9a7cde80 100644 --- a/plugins/inventory/gcp_compute.py +++ b/plugins/inventory/gcp_compute.py @@ -7,7 +7,6 @@ __metaclass__ = type DOCUMENTATION = """ name: gcp_compute - plugin_type: inventory short_description: Google Cloud Compute Engine inventory source requirements: - requests >= 2.18.4 @@ -24,17 +23,20 @@ DOCUMENTATION = """ required: True choices: ['google.cloud.gcp_compute', 'gcp_compute'] zones: - description: A list of regions in which to describe GCE instances. + description: A list of zones in which to describe GCE instances. If none provided, it defaults to all zones available to a given project. type: list + elements: string folders: description: A folder that contains many projects type: list required: False + elements: string projects: description: A list of projects in which to describe GCE instances. type: list required: False + elements: string filters: description: > A list of filter value pairs. Available filters are listed here @@ -42,12 +44,14 @@ DOCUMENTATION = """ Each additional filter in the list will be added as an AND condition (filter1 and filter2) type: list + elements: string hostnames: description: A list of options that describe the ordering for which hostnames should be assigned. Currently supported hostnames are - 'public_ip', 'private_ip', 'name' or 'labels.vm_name'. + 'public_ip', 'private_ip', 'name', 'hostname' or 'labels.vm_name'. default: ['public_ip', 'private_ip', 'name'] type: list + elements: string name_suffix: description: Custom domain suffix. If set, this string will be appended to all hosts. default: "" @@ -63,6 +67,7 @@ DOCUMENTATION = """ scopes: description: list of authentication scopes type: list + elements: string default: ['https://www.googleapis.com/auth/compute'] env: - name: GCP_SCOPES @@ -116,7 +121,7 @@ DOCUMENTATION = """ EXAMPLES = """ plugin: google.cloud.gcp_compute -zones: # populate inventory with instances in these regions +zones: # populate inventory with instances in these zones - us-east1-a projects: - gcp-prod-gke-100 @@ -243,6 +248,8 @@ class GcpInstance(object): name = self._get_publicip() elif order == "private_ip": name = self._get_privateip() + elif order == "hostname": + name = self.json.get("hostname", self.json["name"] + self.name_suffix) elif order == "name": name = self.json["name"] + self.name_suffix else: @@ -482,38 +489,38 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable): session_responses.append(response_json) page_token = "pageToken" in request_params - for response in session_responses: - if "items" in response: - # example k would be a zone or region name - # example v would be { "disks" : [], "otherkey" : "..." } - for zone_or_region, aggregate in response["items"].items(): - if "zones" in zone_or_region: - if "disks" in aggregate: - zone = zone_or_region.replace("zones/", "") - for disk in aggregate["disks"]: - if ( - "zones" in config_data - and zone in config_data["zones"] - ): - # If zones specified, only store those zones' data - if "sourceImage" in disk: - self._project_disks[ - disk["selfLink"] - ] = disk["sourceImage"].split("/")[-1] - else: - self._project_disks[ - disk["selfLink"] - ] = disk["selfLink"].split("/")[-1] + for response in session_responses: + if "items" in response: + # example k would be a zone or region name + # example v would be { "disks" : [], "otherkey" : "..." } + for zone_or_region, aggregate in response["items"].items(): + if "zones" in zone_or_region: + if "disks" in aggregate: + zone = zone_or_region.replace("zones/", "") + for disk in aggregate["disks"]: + if ( + "zones" in config_data + and zone in config_data["zones"] + ): + # If zones specified, only store those zones' data + if "sourceImage" in disk: + self._project_disks[ + disk["selfLink"] + ] = disk["sourceImage"].split("/")[-1] + else: + self._project_disks[ + disk["selfLink"] + ] = disk["selfLink"].split("/")[-1] - else: - if "sourceImage" in disk: - self._project_disks[ - disk["selfLink"] - ] = disk["sourceImage"].split("/")[-1] else: - self._project_disks[ - disk["selfLink"] - ] = disk["selfLink"].split("/")[-1] + if "sourceImage" in disk: + self._project_disks[ + disk["selfLink"] + ] = disk["sourceImage"].split("/")[-1] + else: + self._project_disks[ + disk["selfLink"] + ] = disk["selfLink"].split("/")[-1] return self._project_disks diff --git a/plugins/lookup/gcp_parameter_manager.py b/plugins/lookup/gcp_parameter_manager.py new file mode 100644 index 00000000..43cae101 --- /dev/null +++ b/plugins/lookup/gcp_parameter_manager.py @@ -0,0 +1,315 @@ +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +from __future__ import (absolute_import, division, print_function) +__metaclass__ = type + +DOCUMENTATION = ''' + name: gcp_parameter_manager + author: Google Inc. (@googlecloudplatform) + + short_description: Get Parameters from Google Cloud as a Lookup plugin + description: + - retrieve parameter keys in parameter Manager for use in playbooks + - see https://cloud.google.com/iam/docs/service-account-creds for details on creating + credentials for Google Cloud and the format of such credentials + - once a parameter value is retreived, it is returned decoded. It is up to the developer + to maintain secrecy of this value once returned. + - if location option is defined, then it deals with the regional parameters of the + location + + options: + key: + description: + - the name of the parameter to look up in parameter Manager + type: str + required: True + aliases: + - name + - parameter + - parameter_id + project: + description: + - The name of the google cloud project + - defaults to OS env variable GCP_PROJECT if not present + type: str + location: + description: + - If provided, it defines the location of the regional parameter. + type: str + render_secret: + description: + - support for rendering secrets + - defaults to false if not present + type: bool + auth_kind: + description: + - the type of authentication to use with Google Cloud (i.e. serviceaccount or machineaccount) + - defaults to OS env variable GCP_AUTH_KIND if not present + type: str + version: + description: + - the version name of your parameter to retrieve + type: str + required: False + service_account_email: + description: + - email associated with the service account + - defaults to OS env variable GCP_SERVICE_ACCOUNT_EMAIL if not present + type: str + required: False + service_account_file: + description: + - JSON Credential file obtained from Google Cloud + - defaults to OS env variable GCP_SERVICE_ACCOUNT_FILE if not present + - see https://cloud.google.com/iam/docs/service-account-creds for details + type: str + required: False + service_account_info: + description: + - JSON Object representing the contents of a service_account_file obtained from Google Cloud + - defaults to OS env variable GCP_SERVICE_ACCOUNT_INFO if not present + type: dict + required: False + access_token: + description: + - support for GCP Access Token + - defaults to OS env variable GCP_ACCESS_TOKEN if not present + type: str + required: False + on_error: + description: + - how to handle errors + - strict means raise an exception + - warn means warn, and return none + - ignore means just return none + type: str + required: False + choices: + - 'strict' + - 'warn' + - 'ignore' + default: 'strict' + scopes: + description: + - Authenticaiton scopes for Google parameter Manager + type: list + elements: str + default: ["https://www.googleapis.com/auth/cloud-platform"] +''' + + +EXAMPLES = ''' +- name: Test parameter using env variables for credentials + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_parameter_manager', key='parameter_key', version='test_version') }}" + +- name: Test parameter using explicit credentials + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_parameter_manager', key='parameter_key', version='test_version', project='project', auth_kind='serviceaccount', + service_account_file='file.json') }}" + +- name: Test getting specific version of a parameter + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_parameter_manager', key='parameter_key', version='test-version') }}" + +- name: Test getting latest version of a parameter + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_parameter_manager', key='parameter_key') }}" + +- name: Test render specific version of a parameter + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_parameter_manager', key='parameter_key', version='test-version', render_secret=True) }}" + +- name: Test render latest version of a parameter + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_parameter_manager', key='parameter_key', render_secret=True) }}" + +- name: Test regional parameter using env variables for credentials + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_parameter_manager', key='parameter_key', location='us-central1', version='test_version') }}" + +- name: Test regional parameter using explicit credentials + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_parameter_manager', key='parameter_key', location='us-central1', version='test_version', project='project', + auth_kind='serviceaccount', service_account_file='file.json') }}" + +- name: Test getting specific version of a regional parameter + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_parameter_manager', key='parameter_key', location='us-central1', version='test_version') }}" + +- name: Test getting latest version of a regional parameter + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_parameter_manager', key='parameter_key', location='us-central1') }}" + +- name: Test render specific version of a regional parameter + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_parameter_manager', key='parameter_key', location='us-central1', version='test_version', render_secret=True) }}" + +- name: Test render latest version of a regional parameter + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_parameter_manager', key='parameter_key', location='us-central1', render_secret=True) }}" +''' + +RETURN = ''' + _raw: + description: the contents of the parameter requested (please use "no_log" to not expose this parameter) + type: list + elements: str +''' + + +################################################################################ +# Imports +################################################################################ + +import os +import base64 + +from ansible.plugins.lookup import LookupBase +from ansible.errors import AnsibleError +from ansible.utils.display import Display + +try: + import requests + HAS_REQUESTS = True +except ImportError: + HAS_REQUESTS = False + +try: + from ansible_collections.google.cloud.plugins.module_utils.gcp_utils import ( + GcpSession, + ) + HAS_GOOGLE_CLOUD_COLLECTION = True +except ImportError: + HAS_GOOGLE_CLOUD_COLLECTION = False + + +class GcpLookupException(Exception): + pass + + +class GcpMockModule(object): + def __init__(self, params): + self.params = params + + def fail_json(self, *args, **kwargs): + raise AnsibleError(kwargs["msg"]) + + def raise_for_status(self, response): + try: + response.raise_for_status() + except getattr(requests.exceptions, "RequestException"): + self.fail_json(msg="GCP returned error: %s" % response.json()) + + +class LookupModule(LookupBase): + def run(self, terms=None, variables=None, **kwargs): + self._display = Display() + if not HAS_GOOGLE_CLOUD_COLLECTION: + raise AnsibleError( + """gcp_parameter lookup needs a supported version of the google.cloud + collection installed. Use `ansible-galaxy collection install google.cloud` + to install it""" + ) + self.set_options(var_options=variables, direct=kwargs) + params = { + "key": self.get_option("key"), + "location": self.get_option("location"), + "version": self.get_option("version"), + "access_token": self.get_option("access_token"), + "scopes": self.get_option("scopes"), + "render_secret": self.get_option("render_secret"), + "on_error": self.get_option("on_error") + } + + params['name'] = params['key'] + + # support GCP_* env variables for some parameters + for param in ["project", "auth_kind", "service_account_file", "service_account_info", "service_account_email", "access_token"]: + params[param] = self.fallback_from_env(param) + + self._display.vvv(msg=f"Module Parameters: {params}") + fake_module = GcpMockModule(params) + result = self.get_parameter(fake_module) + return [base64.b64decode(result)] + + def fallback_from_env(self, arg): + if self.get_option(arg): + return self.get_option(arg) + else: + env_name = f"GCP_{arg.upper()}" + if env_name in os.environ: + self.set_option(arg, os.environ[env_name]) + return self.get_option(arg) + + def raise_error(self, module, msg): + if module.params.get('on_error') == 'strict': + raise GcpLookupException(msg) + elif module.params.get('on_error') == 'warn': + self._display.warning(msg) + + return None + + def get_latest_version(self, module, auth): + url = (self.make_url_prefix(module) + "parameters/{name}/versions?orderBy=create_time desc&filter=disabled=false").format( + **module.params + ) + response = auth.get(url) + self._display.vvv(msg=f"List Version Response: {response.status_code} for {response.request.url}: {response.json()}") + if response.status_code != 200: + self.raise_error(module, f"unable to list versions of parameter {response.status_code}") + version_list = response.json() + if "parameterVersions" in version_list and len(version_list["parameterVersions"]) > 0: + # Extract name from the first index + version_name = version_list["parameterVersions"][0]["name"] + return version_name.split('/')[-1] + else: + self.raise_error(module, f"unable to list parameter versions via {response.request.url}: {response.json()}") + + def get_parameter(self, module): + auth = GcpSession(module, "parametermanager") + + if module.params.get('project') is None: + self.raise_error(module, "The project is required. Please specify the Google Cloud project to use.") + + if module.params.get('version') == 'latest' or module.params.get('version') is None: + module.params['version'] = self.get_latest_version(module, auth) + + if module.params.get('render_secret') is None: + module.params['render_secret'] = False + + # there was an error listing parameter versions + if module.params.get('version') is None: + return '' + + if module.params.get('render_secret') is not None: + url = (self.make_url_prefix(module) + "parameters/{name}/versions/{version}:render").format( + **module.params + ) + else: + url = (self.make_url_prefix(module) + "parameters/{name}/versions/{version}").format( + **module.params + ) + response = auth.get(url) + self._display.vvv(msg=f"Response: {response.status_code} for {response.request.url}: {response.json()}") + if response.status_code != 200: + self.raise_error(module, f"Failed to lookup parameter value via {response.request.url} {response.status_code}") + return '' + + response_json = response.json() + if module.params.get('render_secret') is not None: + if 'renderedPayload' not in response_json: + self.raise_error(module, "The parameter version is disabled or the response does not contain the 'renderedPayload' field.") + return '' + return response_json['renderedPayload'] + else: + if 'payload' not in response_json or 'data' not in response_json['payload']: + self.raise_error(module, "The parameter version is disabled or the response does not contain the 'data' field.") + return '' + return response_json['payload']['data'] + + def make_url_prefix(self, module): + if module.params.get('location') and module.params.get('location') != 'global': + return "https://parametermanager.{location}.rep.googleapis.com/v1/projects/{project}/locations/{location}/" + return "https://parametermanager.googleapis.com/v1/projects/{project}/locations/global/" diff --git a/plugins/lookup/gcp_secret_manager.py b/plugins/lookup/gcp_secret_manager.py index b3eeaf93..8537eff4 100644 --- a/plugins/lookup/gcp_secret_manager.py +++ b/plugins/lookup/gcp_secret_manager.py @@ -5,8 +5,7 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type DOCUMENTATION = ''' - author: - - Dave Costakos + author: Google Inc. (@googlecloudplatform) name: gcp_secret_manager short_description: Get Secrets from Google Cloud as a Lookup plugin description: @@ -15,6 +14,8 @@ DOCUMENTATION = ''' credentials for Google Cloud and the format of such credentials - once a secret value is retreived, it is returned decoded. It is up to the developer to maintain secrecy of this value once returned. + - if location option is defined, then it deals with the regional secrets of the + location options: key: @@ -31,6 +32,10 @@ DOCUMENTATION = ''' - The name of the google cloud project - defaults to OS env variable GCP_PROJECT if not present type: str + location: + description: + - If provided, it defines the location of the regional secret. + type: str auth_kind: description: - the type of authentication to use with Google Cloud (i.e. serviceaccount or machineaccount) @@ -59,7 +64,7 @@ DOCUMENTATION = ''' description: - JSON Object representing the contents of a service_account_file obtained from Google Cloud - defaults to OS env variable GCP_SERVICE_ACCOUNT_INFO if not present - type: jsonarg + type: str required: False access_token: description: @@ -84,6 +89,7 @@ DOCUMENTATION = ''' description: - Authenticaiton scopes for Google Secret Manager type: list + elements: str default: ["https://www.googleapis.com/auth/cloud-platform"] ''' @@ -103,6 +109,23 @@ EXAMPLES = ''' - name: Test getting specific version of a secret (new version) ansible.builtin.debug: msg: "{{ lookup('google.cloud.gcp_secret_manager', key='secret_key', version='2') }}" + +- name: Test regional secret using env variables for credentials + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_secret_manager', key='secret_key', location='us-central1') }}" + +- name: Test regional secret using explicit credentials + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_secret_manager', key='secret_key', location='us-central1', project='project', auth_kind='serviceaccount', + service_account_file='file.json') }}" + +- name: Test getting specific version of a regional secret (old version) + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_secret_manager', key='secret_key', location='us-central1', version='1') }}" + +- name: Test getting specific version of a regional secret (new version) + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_secret_manager', key='secret_key', location='us-central1', version='2') }}" ''' RETURN = ''' @@ -168,6 +191,7 @@ class LookupModule(LookupBase): self.set_options(var_options=variables, direct=kwargs) params = { "key": self.get_option("key"), + "location": self.get_option("location"), "version": self.get_option("version"), "access_token": self.get_option("access_token"), "scopes": self.get_option("scopes"), @@ -199,13 +223,28 @@ class LookupModule(LookupBase): # to be set if secret versions get disabled # see https://issuetracker.google.com/issues/286489671 def get_latest_version(self, module, auth): - url = "https://secretmanager.googleapis.com/v1/projects/{project}/secrets/{name}/versions?filter=state:ENABLED".format( + url = (self.make_url_prefix(module) + "secrets/{name}/versions?filter=state:ENABLED").format( **module.params ) response = auth.get(url) self._display.vvv(msg=f"List Version Response: {response.status_code} for {response.request.url}: {response.json()}") - if response.status_code != 200: - self.raise_error(module, f"unable to list versions of secret {response.status_code}") + if response.status_code >= 500: # generic server error + self.raise_error( + module, + f"server error encountered while looking for secret '{module.params['name']}', code: {response.status_code}" + ) + elif response.status_code >= 400: # generic client request error + self.raise_error( + module, + f"client error encountered while looking for secret '{module.params['name']}', code: {response.status_code}" + ) + elif response.status_code >= 300: # all other possible errors + self.raise_error( + module, + f"unable to list versions for secret '{module.params['name']}', code: {response.status_code}" + ) + else: + pass version_list = response.json() if "versions" in version_list: versions_numbers = [] @@ -234,7 +273,7 @@ class LookupModule(LookupBase): if module.params['calc_version'] is None: return '' - url = "https://secretmanager.googleapis.com/v1/projects/{project}/secrets/{name}/versions/{calc_version}:access".format( + url = (self.make_url_prefix(module) + "secrets/{name}/versions/{calc_version}:access").format( **module.params ) response = auth.get(url) @@ -244,3 +283,8 @@ class LookupModule(LookupBase): return '' return response.json()['payload']['data'] + + def make_url_prefix(self, module): + if module.params['location']: + return "https://secretmanager.{location}.rep.googleapis.com/v1/projects/{project}/locations/{location}/" + return "https://secretmanager.googleapis.com/v1/projects/{project}/" diff --git a/plugins/modules/gcp_appengine_firewall_rule_info.py b/plugins/modules/gcp_appengine_firewall_rule_info.py index 7206b157..ad9a22a9 100644 --- a/plugins/modules/gcp_appengine_firewall_rule_info.py +++ b/plugins/modules/gcp_appengine_firewall_rule_info.py @@ -150,7 +150,7 @@ import json def main(): - module = GcpModule(argument_spec=dict()) + module = GcpModule(argument_spec=dict(), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform'] diff --git a/plugins/modules/gcp_bigquery_dataset_info.py b/plugins/modules/gcp_bigquery_dataset_info.py index ca689a63..d972b37f 100644 --- a/plugins/modules/gcp_bigquery_dataset_info.py +++ b/plugins/modules/gcp_bigquery_dataset_info.py @@ -311,7 +311,7 @@ import json def main(): - module = GcpModule(argument_spec=dict()) + module = GcpModule(argument_spec=dict(), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/bigquery'] diff --git a/plugins/modules/gcp_bigquery_table.py b/plugins/modules/gcp_bigquery_table.py index 7136fa67..0eaebb1d 100644 --- a/plugins/modules/gcp_bigquery_table.py +++ b/plugins/modules/gcp_bigquery_table.py @@ -253,6 +253,7 @@ options: data . required: false type: int + default: 0 source_format: description: - The data format. @@ -328,6 +329,7 @@ options: when reading the data. required: false type: int + default: 0 csv_options: description: - Additional properties to set if sourceFormat is set to CSV. @@ -368,6 +370,7 @@ options: when reading the data. required: false type: int + default: 0 bigtable_options: description: - Additional options if sourceFormat is set to BIGTABLE. diff --git a/plugins/modules/gcp_bigquery_table_info.py b/plugins/modules/gcp_bigquery_table_info.py index a67af959..40d0ae23 100644 --- a/plugins/modules/gcp_bigquery_table_info.py +++ b/plugins/modules/gcp_bigquery_table_info.py @@ -590,7 +590,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(dataset=dict(type='str'))) + module = GcpModule(argument_spec=dict(dataset=dict(type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/bigquery'] diff --git a/plugins/modules/gcp_bigtable_instance_info.py b/plugins/modules/gcp_bigtable_instance_info.py index 6c8f4160..5336f9e4 100644 --- a/plugins/modules/gcp_bigtable_instance_info.py +++ b/plugins/modules/gcp_bigtable_instance_info.py @@ -188,7 +188,7 @@ import json def main(): - module = GcpModule(argument_spec=dict()) + module = GcpModule(argument_spec=dict(), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform'] diff --git a/plugins/modules/gcp_cloudbuild_trigger.py b/plugins/modules/gcp_cloudbuild_trigger.py index b252f86f..218135a8 100644 --- a/plugins/modules/gcp_cloudbuild_trigger.py +++ b/plugins/modules/gcp_cloudbuild_trigger.py @@ -1536,7 +1536,7 @@ def main(): ), ), pubsub_config=dict(type='dict', options=dict(topic=dict(required=True, type='str'), service_account_email=dict(type='str'))), - webhook_config=dict(type='dict', options=dict(secret=dict(required=True, type='str'))), + webhook_config=dict(type='dict', options=dict(secret=dict(required=True, type='str', no_log=True))), build=dict( type='dict', options=dict( @@ -1568,7 +1568,11 @@ def main(): queue_ttl=dict(type='str'), logs_bucket=dict(type='str'), timeout=dict(default='600s', type='str'), - secrets=dict(type='list', elements='dict', options=dict(kms_key_name=dict(required=True, type='str'), secret_env=dict(type='dict'))), + secrets=dict( + type='list', + elements='dict', + no_log=True, + options=dict(kms_key_name=dict(required=True, type='str'), secret_env=dict(type='dict', no_log=True))), steps=dict( required=True, type='list', @@ -1580,7 +1584,7 @@ def main(): id=dict(type='str'), entrypoint=dict(type='str'), dir=dict(type='str'), - secret_env=dict(type='list', elements='str'), + secret_env=dict(type='list', elements='str', no_log=True), timeout=dict(type='str'), timing=dict(type='str'), volumes=dict( @@ -1609,7 +1613,7 @@ def main(): worker_pool=dict(type='str'), logging=dict(type='str'), env=dict(type='list', elements='str'), - secret_env=dict(type='list', elements='str'), + secret_env=dict(type='list', elements='str', no_log=True), volumes=dict(type='list', elements='dict', options=dict(name=dict(type='str'), path=dict(type='str'))), ), ), diff --git a/plugins/modules/gcp_cloudbuild_trigger_info.py b/plugins/modules/gcp_cloudbuild_trigger_info.py index c8a9202d..2f6fcfd2 100644 --- a/plugins/modules/gcp_cloudbuild_trigger_info.py +++ b/plugins/modules/gcp_cloudbuild_trigger_info.py @@ -814,7 +814,7 @@ import json def main(): - module = GcpModule(argument_spec=dict()) + module = GcpModule(argument_spec=dict(), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform'] diff --git a/plugins/modules/gcp_cloudfunctions_cloud_function_info.py b/plugins/modules/gcp_cloudfunctions_cloud_function_info.py index 075fd863..778f2b51 100644 --- a/plugins/modules/gcp_cloudfunctions_cloud_function_info.py +++ b/plugins/modules/gcp_cloudfunctions_cloud_function_info.py @@ -273,7 +273,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(location=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(location=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform'] diff --git a/plugins/modules/gcp_cloudscheduler_job.py b/plugins/modules/gcp_cloudscheduler_job.py index 8a930535..e2adf59e 100644 --- a/plugins/modules/gcp_cloudscheduler_job.py +++ b/plugins/modules/gcp_cloudscheduler_job.py @@ -681,8 +681,8 @@ def main(): http_method=dict(type='str'), body=dict(type='str'), headers=dict(type='dict'), - oauth_token=dict(type='dict', options=dict(service_account_email=dict(required=True, type='str'), scope=dict(type='str'))), - oidc_token=dict(type='dict', options=dict(service_account_email=dict(required=True, type='str'), audience=dict(type='str'))), + oauth_token=dict(type='dict', no_log=True, options=dict(service_account_email=dict(required=True, type='str'), scope=dict(type='str'))), + oidc_token=dict(type='dict', no_log=True, options=dict(service_account_email=dict(required=True, type='str'), audience=dict(type='str'))), ), ), region=dict(required=True, type='str'), diff --git a/plugins/modules/gcp_cloudscheduler_job_info.py b/plugins/modules/gcp_cloudscheduler_job_info.py index 29ba1236..0c03f714 100644 --- a/plugins/modules/gcp_cloudscheduler_job_info.py +++ b/plugins/modules/gcp_cloudscheduler_job_info.py @@ -379,7 +379,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(region=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(region=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform'] diff --git a/plugins/modules/gcp_cloudtasks_queue_info.py b/plugins/modules/gcp_cloudtasks_queue_info.py index 631b10de..f006fe85 100644 --- a/plugins/modules/gcp_cloudtasks_queue_info.py +++ b/plugins/modules/gcp_cloudtasks_queue_info.py @@ -279,7 +279,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(location=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(location=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform'] diff --git a/plugins/modules/gcp_compute_address_info.py b/plugins/modules/gcp_compute_address_info.py index 247d8927..b919a303 100644 --- a/plugins/modules/gcp_compute_address_info.py +++ b/plugins/modules/gcp_compute_address_info.py @@ -235,7 +235,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_autoscaler_info.py b/plugins/modules/gcp_compute_autoscaler_info.py index 110c10da..f908fece 100644 --- a/plugins/modules/gcp_compute_autoscaler_info.py +++ b/plugins/modules/gcp_compute_autoscaler_info.py @@ -320,7 +320,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_backend_bucket_info.py b/plugins/modules/gcp_compute_backend_bucket_info.py index aaf40e32..8a504294 100644 --- a/plugins/modules/gcp_compute_backend_bucket_info.py +++ b/plugins/modules/gcp_compute_backend_bucket_info.py @@ -252,7 +252,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_backend_service.py b/plugins/modules/gcp_compute_backend_service.py index b259848f..6decbc8c 100644 --- a/plugins/modules/gcp_compute_backend_service.py +++ b/plugins/modules/gcp_compute_backend_service.py @@ -88,7 +88,7 @@ options: completely drained, offering 0% of its available Capacity. Valid range is [0.0,1.0]. required: false - default: '1.0' + default: '1' type: str description: description: @@ -422,6 +422,11 @@ options: elements: str required: false type: list + fingerprint: + description: + - Fingerprint of this resource. A hash of the contents stored in this object. This + field is used in optimistic locking. + type: str description: description: - An optional description of this resource. @@ -478,7 +483,7 @@ options: - The load balancing algorithm used within the scope of the locality. - The possible values are - * ROUND_ROBIN - This is a simple policy in which each healthy backend is selected in round robin order. - - "* LEAST_REQUEST - An O(1) algorithm which selects two random healthy hosts + - "* LEAST_REQUEST - An algorithm which selects two random healthy hosts and picks the host which has fewer active requests." - "* RING_HASH - The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host @@ -566,6 +571,7 @@ options: be used to disable ejection or to ramp it up slowly. Defaults to 0. required: false type: int + default: 0 enforcing_success_rate: description: - The percentage chance that a host will be actually ejected when an outlier @@ -1210,7 +1216,7 @@ localityLbPolicy: - The load balancing algorithm used within the scope of the locality. - The possible values are - * ROUND_ROBIN - This is a simple policy in which each healthy backend is selected in round robin order. - - "* LEAST_REQUEST - An O(1) algorithm which selects two random healthy hosts and + - "* LEAST_REQUEST - An algorithm which selects two random healthy hosts and picks the host which has fewer active requests." - "* RING_HASH - The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host @@ -1490,6 +1496,7 @@ def main(): options=dict( cache_key_policy=dict( type="dict", + no_log=False, options=dict( include_host=dict(type="bool"), include_protocol=dict(type="bool"), diff --git a/plugins/modules/gcp_compute_backend_service_info.py b/plugins/modules/gcp_compute_backend_service_info.py index 5e715778..54171d62 100644 --- a/plugins/modules/gcp_compute_backend_service_info.py +++ b/plugins/modules/gcp_compute_backend_service_info.py @@ -549,7 +549,7 @@ resources: - The load balancing algorithm used within the scope of the locality. - The possible values are - * ROUND_ROBIN - This is a simple policy in which each healthy backend is selected in round robin order. - - "* LEAST_REQUEST - An O(1) algorithm which selects two random healthy hosts + - "* LEAST_REQUEST - An algorithm which selects two random healthy hosts and picks the host which has fewer active requests." - "* RING_HASH - The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a @@ -762,7 +762,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_disk.py b/plugins/modules/gcp_compute_disk.py index 8409cac7..d3880eed 100644 --- a/plugins/modules/gcp_compute_disk.py +++ b/plugins/modules/gcp_compute_disk.py @@ -570,14 +570,20 @@ def main(): provisioned_iops=dict(type='int'), zone=dict(required=True, type='str'), source_image_encryption_key=dict( - type='dict', no_log=True, options=dict(raw_key=dict(type='str'), kms_key_name=dict(type='str'), kms_key_service_account=dict(type='str')) + type='dict', + no_log=True, + options=dict(raw_key=dict(type='str', no_log=True), kms_key_name=dict(type='str'), kms_key_service_account=dict(type='str')) ), disk_encryption_key=dict( - type='dict', no_log=True, options=dict(raw_key=dict(type='str'), kms_key_name=dict(type='str'), kms_key_service_account=dict(type='str')) + type='dict', + no_log=True, + options=dict(raw_key=dict(type='str', no_log=True), kms_key_name=dict(type='str'), kms_key_service_account=dict(type='str')) ), source_snapshot=dict(type='dict', no_log=True), source_snapshot_encryption_key=dict( - type='dict', no_log=True, options=dict(raw_key=dict(type='str'), kms_key_name=dict(type='str'), kms_key_service_account=dict(type='str')) + type='dict', + no_log=True, + options=dict(raw_key=dict(type='str', no_log=True), kms_key_name=dict(type='str'), kms_key_service_account=dict(type='str')) ), ) ) diff --git a/plugins/modules/gcp_compute_disk_info.py b/plugins/modules/gcp_compute_disk_info.py index 8e364682..c8e4be1d 100644 --- a/plugins/modules/gcp_compute_disk_info.py +++ b/plugins/modules/gcp_compute_disk_info.py @@ -375,7 +375,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_external_vpn_gateway_info.py b/plugins/modules/gcp_compute_external_vpn_gateway_info.py index 6e2e0d0f..ffd36e42 100644 --- a/plugins/modules/gcp_compute_external_vpn_gateway_info.py +++ b/plugins/modules/gcp_compute_external_vpn_gateway_info.py @@ -175,7 +175,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_firewall_info.py b/plugins/modules/gcp_compute_firewall_info.py index dfc105ee..e5cb8306 100644 --- a/plugins/modules/gcp_compute_firewall_info.py +++ b/plugins/modules/gcp_compute_firewall_info.py @@ -322,7 +322,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_forwarding_rule_info.py b/plugins/modules/gcp_compute_forwarding_rule_info.py index 87dcb899..d8a8e581 100644 --- a/plugins/modules/gcp_compute_forwarding_rule_info.py +++ b/plugins/modules/gcp_compute_forwarding_rule_info.py @@ -314,7 +314,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_global_address_info.py b/plugins/modules/gcp_compute_global_address_info.py index 34aa1755..377b5f48 100644 --- a/plugins/modules/gcp_compute_global_address_info.py +++ b/plugins/modules/gcp_compute_global_address_info.py @@ -205,7 +205,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_global_forwarding_rule_info.py b/plugins/modules/gcp_compute_global_forwarding_rule_info.py index 735d622a..68f9de4c 100644 --- a/plugins/modules/gcp_compute_global_forwarding_rule_info.py +++ b/plugins/modules/gcp_compute_global_forwarding_rule_info.py @@ -289,7 +289,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_health_check.py b/plugins/modules/gcp_compute_health_check.py index ca4c6428..54ab3000 100644 --- a/plugins/modules/gcp_compute_health_check.py +++ b/plugins/modules/gcp_compute_health_check.py @@ -457,7 +457,6 @@ options: - Indicates whether or not to export logs. This is false by default, which means no health check logging will be done. required: false - default: 'false' type: bool project: description: diff --git a/plugins/modules/gcp_compute_health_check_info.py b/plugins/modules/gcp_compute_health_check_info.py index b6876f25..78662af3 100644 --- a/plugins/modules/gcp_compute_health_check_info.py +++ b/plugins/modules/gcp_compute_health_check_info.py @@ -527,7 +527,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_http_health_check_info.py b/plugins/modules/gcp_compute_http_health_check_info.py index 547fdc9a..cfd394db 100644 --- a/plugins/modules/gcp_compute_http_health_check_info.py +++ b/plugins/modules/gcp_compute_http_health_check_info.py @@ -204,7 +204,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_https_health_check_info.py b/plugins/modules/gcp_compute_https_health_check_info.py index 58af6d45..4597ca3a 100644 --- a/plugins/modules/gcp_compute_https_health_check_info.py +++ b/plugins/modules/gcp_compute_https_health_check_info.py @@ -204,7 +204,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_image.py b/plugins/modules/gcp_compute_image.py index 66d897a3..741536e8 100644 --- a/plugins/modules/gcp_compute_image.py +++ b/plugins/modules/gcp_compute_image.py @@ -545,13 +545,13 @@ def main(): disk_size_gb=dict(type='int'), family=dict(type='str'), guest_os_features=dict(type='list', elements='dict', options=dict(type=dict(required=True, type='str'))), - image_encryption_key=dict(type='dict', no_log=True, options=dict(raw_key=dict(type='str'))), + image_encryption_key=dict(type='dict', no_log=True, options=dict(raw_key=dict(type='str', no_log=True))), labels=dict(type='dict'), licenses=dict(type='list', elements='str'), name=dict(required=True, type='str'), raw_disk=dict(type='dict', options=dict(container_type=dict(type='str'), sha1_checksum=dict(type='str'), source=dict(required=True, type='str'))), source_disk=dict(type='dict'), - source_disk_encryption_key=dict(type='dict', no_log=True, options=dict(raw_key=dict(type='str'))), + source_disk_encryption_key=dict(type='dict', no_log=True, options=dict(raw_key=dict(type='str', no_log=True))), source_disk_id=dict(type='str'), source_image=dict(type='dict'), source_snapshot=dict(type='dict'), diff --git a/plugins/modules/gcp_compute_image_info.py b/plugins/modules/gcp_compute_image_info.py index 2f1acd14..dff5da92 100644 --- a/plugins/modules/gcp_compute_image_info.py +++ b/plugins/modules/gcp_compute_image_info.py @@ -351,7 +351,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_instance.py b/plugins/modules/gcp_compute_instance.py index 9e7d77cd..9da98a85 100644 --- a/plugins/modules/gcp_compute_instance.py +++ b/plugins/modules/gcp_compute_instance.py @@ -61,6 +61,13 @@ options: - Whether the resource should be protected against deletion. required: false type: bool + discard_local_ssd: + description: + - Discards the contents of any attached Local SSD disks when changing status + to TERMINATED. + default: True + required: false + type: bool disks: description: - An array of disks that are associated with the instances that are created from @@ -388,6 +395,19 @@ options: field to "{{ name-of-resource }}"' required: false type: dict + nic_type: + description: + - Type of network interface card attached to instance. + - If unspecified it will use the default provided by GCP. + - As the next generation network interface which succeeds VirtIO, gVNIC + replaces VirtIO-Net as the only supported network interface in Compute + Engine for all new machine types (Generation 3 and onwards). + - Newer machine series and networking features require gVNIC instead of VirtIO. + required: false + type: str + choices: + - VIRTIO_NET + - GVNIC scheduling: description: - Sets the scheduling options for this instance. @@ -1117,6 +1137,7 @@ def main(): state=dict(default='present', choices=['present', 'absent'], type='str'), can_ip_forward=dict(type='bool', aliases=['ip_forward']), deletion_protection=dict(type='bool'), + discard_local_ssd=dict(type='bool', required=False, default=True), disks=dict( type='list', elements='dict', @@ -1124,7 +1145,9 @@ def main(): auto_delete=dict(type='bool'), boot=dict(type='bool'), device_name=dict(type='str'), - disk_encryption_key=dict(type='dict', options=dict(raw_key=dict(type='str'), rsa_encrypted_key=dict(type='str'))), + disk_encryption_key=dict(type='dict', + no_log=True, + options=dict(raw_key=dict(type='str', no_log=True), rsa_encrypted_key=dict(type='str', no_log=True))), index=dict(type='int'), initialize_params=dict( type='dict', @@ -1133,7 +1156,7 @@ def main(): disk_size_gb=dict(type='int'), disk_type=dict(type='str'), source_image=dict(type='str', aliases=['image', 'image_family']), - source_image_encryption_key=dict(type='dict', options=dict(raw_key=dict(type='str'))), + source_image_encryption_key=dict(type='dict', no_log=True, options=dict(raw_key=dict(type='str', no_log=True))), ), ), interface=dict(type='str'), @@ -1170,6 +1193,7 @@ def main(): network_ip=dict(type='str'), subnetwork=dict(type='dict'), stack_type=dict(type='str'), + nic_type=dict(type='str', choices=['VIRTIO_NET', 'GVNIC']), ), ), scheduling=dict( @@ -1510,7 +1534,9 @@ class InstancePower(object): return "https://www.googleapis.com/compute/v1/projects/{project}/zones/{zone}/instances/{name}/start".format(**self.module.params) def _stop_url(self): - return "https://www.googleapis.com/compute/v1/projects/{project}/zones/{zone}/instances/{name}/stop".format(**self.module.params) + return "https://www.googleapis.com/compute/v1/projects/{project}/zones/{zone}/instances/{name}/stop?discardLocalSsd={discard_local_ssd}".format( + **self.module.params + ) def deletion_protection_update(module, request, response): @@ -1710,6 +1736,7 @@ class InstanceNetworkinterfacesArray(object): u'networkIP': item.get('network_ip'), u'stackType': item.get('stack_type'), u'subnetwork': replace_resource_dict(item.get(u'subnetwork', {}), 'selfLink'), + u'nicType': item.get('nic_type'), } ) @@ -1722,6 +1749,7 @@ class InstanceNetworkinterfacesArray(object): u'networkIP': item.get(u'networkIP'), u'stackType': item.get('stackType'), u'subnetwork': item.get(u'subnetwork'), + u'nicType': item.get(u'nicType'), } ) diff --git a/plugins/modules/gcp_compute_instance_group_info.py b/plugins/modules/gcp_compute_instance_group_info.py index a8d30456..da030c52 100644 --- a/plugins/modules/gcp_compute_instance_group_info.py +++ b/plugins/modules/gcp_compute_instance_group_info.py @@ -213,7 +213,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_instance_group_manager_info.py b/plugins/modules/gcp_compute_instance_group_manager_info.py index 16a6e576..5caf7c29 100644 --- a/plugins/modules/gcp_compute_instance_group_manager_info.py +++ b/plugins/modules/gcp_compute_instance_group_manager_info.py @@ -288,7 +288,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_instance_info.py b/plugins/modules/gcp_compute_instance_info.py index e12b957a..22d87e9a 100644 --- a/plugins/modules/gcp_compute_instance_info.py +++ b/plugins/modules/gcp_compute_instance_info.py @@ -621,7 +621,8 @@ def main(): argument_spec=dict( filters=dict(type="list", elements="str"), zone=dict(required=True, type="str"), - ) + ), + supports_check_mode=True ) if not module.params["scopes"]: diff --git a/plugins/modules/gcp_compute_instance_template.py b/plugins/modules/gcp_compute_instance_template.py index ce4a8eb4..4eb1a7ce 100644 --- a/plugins/modules/gcp_compute_instance_template.py +++ b/plugins/modules/gcp_compute_instance_template.py @@ -1019,7 +1019,9 @@ def main(): auto_delete=dict(type='bool'), boot=dict(type='bool'), device_name=dict(type='str'), - disk_encryption_key=dict(type='dict', no_log=True, options=dict(raw_key=dict(type='str'), rsa_encrypted_key=dict(type='str'))), + disk_encryption_key=dict(type='dict', + no_log=True, + options=dict(raw_key=dict(type='str', no_log=True), rsa_encrypted_key=dict(type='str', no_log=True))), index=dict(type='int'), initialize_params=dict( type='dict', @@ -1028,7 +1030,7 @@ def main(): disk_size_gb=dict(type='int'), disk_type=dict(type='str'), source_image=dict(type='str'), - source_image_encryption_key=dict(type='dict', no_log=True, options=dict(raw_key=dict(type='str'))), + source_image_encryption_key=dict(type='dict', no_log=True, options=dict(raw_key=dict(type='str', no_log=True))), ), ), interface=dict(type='str'), diff --git a/plugins/modules/gcp_compute_instance_template_info.py b/plugins/modules/gcp_compute_instance_template_info.py index 2d337cf1..943cf021 100644 --- a/plugins/modules/gcp_compute_instance_template_info.py +++ b/plugins/modules/gcp_compute_instance_template_info.py @@ -560,7 +560,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_interconnect_attachment_info.py b/plugins/modules/gcp_compute_interconnect_attachment_info.py index 20b90beb..0d30dba1 100644 --- a/plugins/modules/gcp_compute_interconnect_attachment_info.py +++ b/plugins/modules/gcp_compute_interconnect_attachment_info.py @@ -320,7 +320,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_network_endpoint_group_info.py b/plugins/modules/gcp_compute_network_endpoint_group_info.py index b36afb09..e34941a1 100644 --- a/plugins/modules/gcp_compute_network_endpoint_group_info.py +++ b/plugins/modules/gcp_compute_network_endpoint_group_info.py @@ -192,7 +192,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_network_info.py b/plugins/modules/gcp_compute_network_info.py index 7896facb..854687ee 100644 --- a/plugins/modules/gcp_compute_network_info.py +++ b/plugins/modules/gcp_compute_network_info.py @@ -202,7 +202,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_node_group_info.py b/plugins/modules/gcp_compute_node_group_info.py index 6864c281..a09934ef 100644 --- a/plugins/modules/gcp_compute_node_group_info.py +++ b/plugins/modules/gcp_compute_node_group_info.py @@ -219,7 +219,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_node_template_info.py b/plugins/modules/gcp_compute_node_template_info.py index 5219bc60..0a5a53ee 100644 --- a/plugins/modules/gcp_compute_node_template_info.py +++ b/plugins/modules/gcp_compute_node_template_info.py @@ -220,7 +220,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_region_autoscaler_info.py b/plugins/modules/gcp_compute_region_autoscaler_info.py index 64114af2..6775944c 100644 --- a/plugins/modules/gcp_compute_region_autoscaler_info.py +++ b/plugins/modules/gcp_compute_region_autoscaler_info.py @@ -320,7 +320,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_region_backend_service.py b/plugins/modules/gcp_compute_region_backend_service.py index 557e92d2..832cfe54 100644 --- a/plugins/modules/gcp_compute_region_backend_service.py +++ b/plugins/modules/gcp_compute_region_backend_service.py @@ -476,7 +476,7 @@ options: - The load balancing algorithm used within the scope of the locality. - The possible values are - * ROUND_ROBIN - This is a simple policy in which each healthy backend is selected in round robin order. - - "* LEAST_REQUEST - An O(1) algorithm which selects two random healthy hosts + - "* LEAST_REQUEST - An algorithm which selects two random healthy hosts and picks the host which has fewer active requests." - "* RING_HASH - The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host @@ -566,6 +566,7 @@ options: be used to disable ejection or to ramp it up slowly. Defaults to 0. required: false type: int + default: 0 enforcing_success_rate: description: - The percentage chance that a host will be actually ejected when an outlier @@ -1222,7 +1223,7 @@ localityLbPolicy: - The load balancing algorithm used within the scope of the locality. - The possible values are - * ROUND_ROBIN - This is a simple policy in which each healthy backend is selected in round robin order. - - "* LEAST_REQUEST - An O(1) algorithm which selects two random healthy hosts and + - "* LEAST_REQUEST - An algorithm which selects two random healthy hosts and picks the host which has fewer active requests." - "* RING_HASH - The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host @@ -1507,6 +1508,7 @@ def main(): options=dict( cache_key_policy=dict( type='dict', + no_log=False, options=dict( include_host=dict(type='bool'), include_protocol=dict(type='bool'), diff --git a/plugins/modules/gcp_compute_region_backend_service_info.py b/plugins/modules/gcp_compute_region_backend_service_info.py index 685f48ff..99c2b750 100644 --- a/plugins/modules/gcp_compute_region_backend_service_info.py +++ b/plugins/modules/gcp_compute_region_backend_service_info.py @@ -559,7 +559,7 @@ resources: - The load balancing algorithm used within the scope of the locality. - The possible values are - * ROUND_ROBIN - This is a simple policy in which each healthy backend is selected in round robin order. - - "* LEAST_REQUEST - An O(1) algorithm which selects two random healthy hosts + - "* LEAST_REQUEST - An algorithm which selects two random healthy hosts and picks the host which has fewer active requests." - "* RING_HASH - The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a @@ -787,7 +787,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_region_disk.py b/plugins/modules/gcp_compute_region_disk.py index 673d925a..705f7aab 100644 --- a/plugins/modules/gcp_compute_region_disk.py +++ b/plugins/modules/gcp_compute_region_disk.py @@ -430,9 +430,9 @@ def main(): replica_zones=dict(required=True, type='list', elements='str'), type=dict(type='str'), region=dict(required=True, type='str'), - disk_encryption_key=dict(type='dict', no_log=True, options=dict(raw_key=dict(type='str'))), + disk_encryption_key=dict(type='dict', no_log=True, options=dict(raw_key=dict(type='str', no_log=True))), source_snapshot=dict(type='dict'), - source_snapshot_encryption_key=dict(type='dict', no_log=True, options=dict(raw_key=dict(type='str'))), + source_snapshot_encryption_key=dict(type='dict', no_log=True, options=dict(raw_key=dict(type='str', no_log=True))), ) ) diff --git a/plugins/modules/gcp_compute_region_disk_info.py b/plugins/modules/gcp_compute_region_disk_info.py index 6e70b4da..76d4a706 100644 --- a/plugins/modules/gcp_compute_region_disk_info.py +++ b/plugins/modules/gcp_compute_region_disk_info.py @@ -293,7 +293,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_region_health_check.py b/plugins/modules/gcp_compute_region_health_check.py index fcbad213..2e489c18 100644 --- a/plugins/modules/gcp_compute_region_health_check.py +++ b/plugins/modules/gcp_compute_region_health_check.py @@ -452,7 +452,6 @@ options: - Indicates whether or not to export logs. This is false by default, which means no health check logging will be done. required: false - default: 'false' type: bool region: description: diff --git a/plugins/modules/gcp_compute_region_health_check_info.py b/plugins/modules/gcp_compute_region_health_check_info.py index 38b4a7ca..8367f32b 100644 --- a/plugins/modules/gcp_compute_region_health_check_info.py +++ b/plugins/modules/gcp_compute_region_health_check_info.py @@ -538,7 +538,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_region_instance_group_manager_info.py b/plugins/modules/gcp_compute_region_instance_group_manager_info.py index 43816fd2..fa5be229 100644 --- a/plugins/modules/gcp_compute_region_instance_group_manager_info.py +++ b/plugins/modules/gcp_compute_region_instance_group_manager_info.py @@ -301,7 +301,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_region_target_http_proxy_info.py b/plugins/modules/gcp_compute_region_target_http_proxy_info.py index f53beca5..6537b310 100644 --- a/plugins/modules/gcp_compute_region_target_http_proxy_info.py +++ b/plugins/modules/gcp_compute_region_target_http_proxy_info.py @@ -176,7 +176,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_region_target_https_proxy_info.py b/plugins/modules/gcp_compute_region_target_https_proxy_info.py index fdb9f99a..f28c3826 100644 --- a/plugins/modules/gcp_compute_region_target_https_proxy_info.py +++ b/plugins/modules/gcp_compute_region_target_https_proxy_info.py @@ -183,7 +183,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_region_url_map.py b/plugins/modules/gcp_compute_region_url_map.py index 1d8c9c31..94284889 100644 --- a/plugins/modules/gcp_compute_region_url_map.py +++ b/plugins/modules/gcp_compute_region_url_map.py @@ -302,7 +302,6 @@ options: is considered a match if the match criteria above are NOT met. Defaults to false. required: false - default: 'false' type: bool prefix_match: description: @@ -364,7 +363,6 @@ options: - Specifies that prefixMatch and fullPathMatch matches are case sensitive. - Defaults to false. required: false - default: 'false' type: bool metadata_filters: description: @@ -499,7 +497,6 @@ options: to the Access- Control-Allow-Credentials header. Defaults to false. required: false - default: 'false' type: bool allow_headers: description: @@ -535,7 +532,6 @@ options: - which indicates that the CORS policy is in effect. Defaults to false. required: false - default: 'false' type: bool expose_headers: description: @@ -882,7 +878,6 @@ options: used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false. required: false - default: 'false' type: bool path_redirect: description: @@ -926,7 +921,6 @@ options: query portion of the original URL is retained. The default value is false. required: false - default: 'false' type: bool path_rules: description: @@ -993,7 +987,6 @@ options: to the Access- Control-Allow-Credentials header. Defaults to false. required: false - default: 'false' type: bool allow_headers: description: @@ -1373,7 +1366,6 @@ options: used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false. required: false - default: 'false' type: bool path_redirect: description: @@ -1416,7 +1408,6 @@ options: is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. required: false - default: 'false' type: bool default_url_redirect: description: @@ -1441,7 +1432,6 @@ options: in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false. required: false - default: 'false' type: bool path_redirect: description: @@ -1483,7 +1473,6 @@ options: removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. required: false - default: 'false' type: bool tests: description: @@ -1541,7 +1530,6 @@ options: Setting this true for TargetHttpsProxy is not permitted. The default is set to false. required: false - default: 'false' type: bool path_redirect: description: @@ -1582,7 +1570,6 @@ options: prior to redirecting the request. If set to false, the query portion of the original URL is retained. required: false - default: 'false' type: bool region: description: diff --git a/plugins/modules/gcp_compute_region_url_map_info.py b/plugins/modules/gcp_compute_region_url_map_info.py index 3b5cdb71..8bcb5204 100644 --- a/plugins/modules/gcp_compute_region_url_map_info.py +++ b/plugins/modules/gcp_compute_region_url_map_info.py @@ -1604,7 +1604,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_reservation.py b/plugins/modules/gcp_compute_reservation.py index c0a9dd02..b8cc710b 100644 --- a/plugins/modules/gcp_compute_reservation.py +++ b/plugins/modules/gcp_compute_reservation.py @@ -73,7 +73,6 @@ options: this reservation. Otherwise, it can be consumed by VMs with affinity for any reservation. Defaults to false. required: false - default: 'false' type: bool specific_reservation: description: diff --git a/plugins/modules/gcp_compute_reservation_info.py b/plugins/modules/gcp_compute_reservation_info.py index ba42f85f..e6c2197e 100644 --- a/plugins/modules/gcp_compute_reservation_info.py +++ b/plugins/modules/gcp_compute_reservation_info.py @@ -258,7 +258,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_resource_policy_info.py b/plugins/modules/gcp_compute_resource_policy_info.py index 545a3bfe..2cec554e 100644 --- a/plugins/modules/gcp_compute_resource_policy_info.py +++ b/plugins/modules/gcp_compute_resource_policy_info.py @@ -346,7 +346,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_route_info.py b/plugins/modules/gcp_compute_route_info.py index 86e9ab49..e0a5c4db 100644 --- a/plugins/modules/gcp_compute_route_info.py +++ b/plugins/modules/gcp_compute_route_info.py @@ -217,7 +217,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_router_info.py b/plugins/modules/gcp_compute_router_info.py index d595d199..057a0b6b 100644 --- a/plugins/modules/gcp_compute_router_info.py +++ b/plugins/modules/gcp_compute_router_info.py @@ -222,7 +222,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_snapshot.py b/plugins/modules/gcp_compute_snapshot.py index 5759fbfa..494b2aca 100644 --- a/plugins/modules/gcp_compute_snapshot.py +++ b/plugins/modules/gcp_compute_snapshot.py @@ -388,10 +388,14 @@ def main(): source_disk=dict(required=True, type='dict'), zone=dict(type='str'), snapshot_encryption_key=dict( - type='dict', no_log=True, options=dict(raw_key=dict(type='str'), kms_key_name=dict(type='str'), kms_key_service_account=dict(type='str')) + type='dict', + no_log=True, + options=dict(raw_key=dict(type='str', no_log=True), kms_key_name=dict(type='str'), kms_key_service_account=dict(type='str')) ), source_disk_encryption_key=dict( - type='dict', no_log=True, options=dict(raw_key=dict(type='str'), kms_key_name=dict(type='str'), kms_key_service_account=dict(type='str')) + type='dict', + no_log=True, + options=dict(raw_key=dict(type='str', no_log=True), kms_key_name=dict(type='str'), kms_key_service_account=dict(type='str')) ), ) ) diff --git a/plugins/modules/gcp_compute_snapshot_info.py b/plugins/modules/gcp_compute_snapshot_info.py index 26963f3c..d885e890 100644 --- a/plugins/modules/gcp_compute_snapshot_info.py +++ b/plugins/modules/gcp_compute_snapshot_info.py @@ -260,7 +260,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_ssl_certificate_info.py b/plugins/modules/gcp_compute_ssl_certificate_info.py index 27b4ce26..87b80fa9 100644 --- a/plugins/modules/gcp_compute_ssl_certificate_info.py +++ b/plugins/modules/gcp_compute_ssl_certificate_info.py @@ -171,7 +171,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_ssl_policy_info.py b/plugins/modules/gcp_compute_ssl_policy_info.py index 04219c88..0fd69eb2 100644 --- a/plugins/modules/gcp_compute_ssl_policy_info.py +++ b/plugins/modules/gcp_compute_ssl_policy_info.py @@ -207,7 +207,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_subnetwork_info.py b/plugins/modules/gcp_compute_subnetwork_info.py index 5b126f29..d8ae2c25 100644 --- a/plugins/modules/gcp_compute_subnetwork_info.py +++ b/plugins/modules/gcp_compute_subnetwork_info.py @@ -226,7 +226,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_target_http_proxy_info.py b/plugins/modules/gcp_compute_target_http_proxy_info.py index 6a78af42..21f30904 100644 --- a/plugins/modules/gcp_compute_target_http_proxy_info.py +++ b/plugins/modules/gcp_compute_target_http_proxy_info.py @@ -171,7 +171,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_target_https_proxy_info.py b/plugins/modules/gcp_compute_target_https_proxy_info.py index b4186a9e..36fab9e9 100644 --- a/plugins/modules/gcp_compute_target_https_proxy_info.py +++ b/plugins/modules/gcp_compute_target_https_proxy_info.py @@ -193,7 +193,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_target_instance_info.py b/plugins/modules/gcp_compute_target_instance_info.py index 791fb0a4..5fe4415c 100644 --- a/plugins/modules/gcp_compute_target_instance_info.py +++ b/plugins/modules/gcp_compute_target_instance_info.py @@ -178,7 +178,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_target_pool_info.py b/plugins/modules/gcp_compute_target_pool_info.py index 54345a1b..58c2db55 100644 --- a/plugins/modules/gcp_compute_target_pool_info.py +++ b/plugins/modules/gcp_compute_target_pool_info.py @@ -224,7 +224,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_target_ssl_proxy_info.py b/plugins/modules/gcp_compute_target_ssl_proxy_info.py index e23e8417..ff6b11dc 100644 --- a/plugins/modules/gcp_compute_target_ssl_proxy_info.py +++ b/plugins/modules/gcp_compute_target_ssl_proxy_info.py @@ -183,7 +183,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_target_tcp_proxy_info.py b/plugins/modules/gcp_compute_target_tcp_proxy_info.py index 65cc7759..c4e0619d 100644 --- a/plugins/modules/gcp_compute_target_tcp_proxy_info.py +++ b/plugins/modules/gcp_compute_target_tcp_proxy_info.py @@ -175,7 +175,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_target_vpn_gateway_info.py b/plugins/modules/gcp_compute_target_vpn_gateway_info.py index 8d9763bb..67f71be7 100644 --- a/plugins/modules/gcp_compute_target_vpn_gateway_info.py +++ b/plugins/modules/gcp_compute_target_vpn_gateway_info.py @@ -186,7 +186,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_url_map.py b/plugins/modules/gcp_compute_url_map.py index 2856e596..f71ea3ed 100644 --- a/plugins/modules/gcp_compute_url_map.py +++ b/plugins/modules/gcp_compute_url_map.py @@ -70,6 +70,11 @@ options: the resource. required: false type: str + fingerprint: + description: + - Fingerprint of this resource. A hash of the contents stored in this object. This + field is used in optimistic locking. + type: str header_action: description: - Specifies changes to request and response headers that need to take effect for @@ -357,7 +362,6 @@ options: to the Access- Control-Allow-Credentials header. Defaults to false. required: false - default: 'false' type: bool allow_headers: description: @@ -737,7 +741,6 @@ options: used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false. required: false - default: 'false' type: bool path_redirect: description: @@ -780,7 +783,6 @@ options: is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. required: false - default: 'false' type: bool route_rules: description: @@ -948,7 +950,6 @@ options: is considered a match if the match criteria above are NOT met. Defaults to false. required: false - default: 'false' type: bool prefix_match: description: @@ -1010,7 +1011,6 @@ options: - Specifies that prefixMatch and fullPathMatch matches are case sensitive. - Defaults to false. required: false - default: 'false' type: bool metadata_filters: description: @@ -1145,7 +1145,6 @@ options: to the Access- Control-Allow-Credentials header. Defaults to false. required: false - default: 'false' type: bool allow_headers: description: @@ -1181,7 +1180,6 @@ options: - which indicates that the CORS policy is in effect. Defaults to false. required: false - default: 'false' type: bool expose_headers: description: @@ -1531,7 +1529,6 @@ options: - Setting this true for TargetHttpsProxy is not permitted. Defaults to false. required: false - default: 'false' type: bool path_redirect: description: @@ -1569,7 +1566,6 @@ options: is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. Defaults to false. required: false - default: 'false' type: bool default_url_redirect: description: @@ -1594,7 +1590,6 @@ options: in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false. required: false - default: 'false' type: bool path_redirect: description: @@ -1636,7 +1631,6 @@ options: removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. required: false - default: 'false' type: bool default_route_action: description: @@ -1733,7 +1727,6 @@ options: - If true, headerValue is set for the header, discarding any values that were set for that header. required: false - default: 'false' type: bool response_headers_to_remove: description: @@ -1767,7 +1760,6 @@ options: - If true, headerValue is set for the header, discarding any values that were set for that header. required: false - default: 'false' type: bool url_rewrite: description: @@ -1960,14 +1952,12 @@ options: that the actual request can include user credentials. - This translates to the Access-Control-Allow-Credentials header. required: false - default: 'false' type: bool disabled: description: - If true, specifies the CORS policy is disabled. The default value is false, which indicates that the CORS policy is in effect. required: false - default: 'false' type: bool fault_injection_policy: description: @@ -2095,7 +2085,6 @@ options: Setting this true for TargetHttpsProxy is not permitted. The default is set to false. required: false - default: 'false' type: bool path_redirect: description: @@ -2136,7 +2125,6 @@ options: prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false. required: false - default: 'false' type: bool default_route_action: description: @@ -2231,8 +2219,6 @@ options: exist for the header. - If true, headerValue is set for the header, discarding any values that were set for that header. - required: false - default: 'false' type: bool response_headers_to_remove: description: @@ -2266,7 +2252,6 @@ options: - If true, headerValue is set for the header, discarding any values that were set for that header. required: false - default: 'false' type: bool url_rewrite: description: @@ -2456,14 +2441,12 @@ options: the actual request can include user credentials. - This translates to the Access-Control-Allow-Credentials header. required: false - default: 'false' type: bool disabled: description: - If true, specifies the CORS policy is disabled. The default value is false, which indicates that the CORS policy is in effect. required: false - default: 'false' type: bool fault_injection_policy: description: diff --git a/plugins/modules/gcp_compute_url_map_info.py b/plugins/modules/gcp_compute_url_map_info.py index fa5431a1..8ee58d7e 100644 --- a/plugins/modules/gcp_compute_url_map_info.py +++ b/plugins/modules/gcp_compute_url_map_info.py @@ -2487,7 +2487,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_vpn_tunnel_info.py b/plugins/modules/gcp_compute_vpn_tunnel_info.py index 7b3430aa..9cf5e163 100644 --- a/plugins/modules/gcp_compute_vpn_tunnel_info.py +++ b/plugins/modules/gcp_compute_vpn_tunnel_info.py @@ -247,7 +247,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_container_cluster.py b/plugins/modules/gcp_container_cluster.py index 0a5d9493..34596a57 100644 --- a/plugins/modules/gcp_container_cluster.py +++ b/plugins/modules/gcp_container_cluster.py @@ -1528,7 +1528,9 @@ def main(): accelerators=dict(type='list', elements='dict', options=dict(accelerator_count=dict(type='str'), accelerator_type=dict(type='str'))), disk_type=dict(type='str'), min_cpu_platform=dict(type='str'), - taints=dict(type='list', elements='dict', options=dict(key=dict(type='str'), value=dict(type='str'), effect=dict(type='str'))), + taints=dict(type='list', + elements='dict', + options=dict(key=dict(type='str', no_log=False), value=dict(type='str'), effect=dict(type='str'))), shielded_instance_config=dict( type='dict', options=dict(enable_secure_boot=dict(type='bool'), enable_integrity_monitoring=dict(type='bool')) ), @@ -1538,7 +1540,7 @@ def main(): type='dict', options=dict( username=dict(type='str'), - password=dict(type='str'), + password=dict(type='str', no_log=True), client_certificate_config=dict(type='dict', options=dict(issue_client_certificate=dict(type='bool'))), ), ), diff --git a/plugins/modules/gcp_container_cluster_info.py b/plugins/modules/gcp_container_cluster_info.py index 0b90433c..d94e5647 100644 --- a/plugins/modules/gcp_container_cluster_info.py +++ b/plugins/modules/gcp_container_cluster_info.py @@ -859,7 +859,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(location=dict(required=True, type='str', aliases=['region', 'zone']))) + module = GcpModule(argument_spec=dict(location=dict(required=True, type='str', aliases=['region', 'zone'])), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform'] diff --git a/plugins/modules/gcp_container_node_pool.py b/plugins/modules/gcp_container_node_pool.py index 17408376..a0b9c714 100644 --- a/plugins/modules/gcp_container_node_pool.py +++ b/plugins/modules/gcp_container_node_pool.py @@ -764,7 +764,9 @@ def main(): accelerators=dict(type='list', elements='dict', options=dict(accelerator_count=dict(type='int'), accelerator_type=dict(type='str'))), disk_type=dict(type='str'), min_cpu_platform=dict(type='str'), - taints=dict(type='list', elements='dict', options=dict(key=dict(type='str'), value=dict(type='str'), effect=dict(type='str'))), + taints=dict(type='list', + elements='dict', + options=dict(key=dict(type='str', no_log=False), value=dict(type='str'), effect=dict(type='str'))), shielded_instance_config=dict( type='dict', options=dict(enable_secure_boot=dict(type='bool'), enable_integrity_monitoring=dict(type='bool')) ), diff --git a/plugins/modules/gcp_container_node_pool_info.py b/plugins/modules/gcp_container_node_pool_info.py index e27412ab..a3de8acc 100644 --- a/plugins/modules/gcp_container_node_pool_info.py +++ b/plugins/modules/gcp_container_node_pool_info.py @@ -450,7 +450,8 @@ import json def main(): - module = GcpModule(argument_spec=dict(location=dict(required=True, type='str', aliases=['region', 'zone']), cluster=dict(required=True, type='dict'))) + module = GcpModule(argument_spec=dict(location=dict(required=True, type='str', aliases=['region', 'zone']), cluster=dict(required=True, type='dict')), + supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform'] diff --git a/plugins/modules/gcp_dns_managed_zone.py b/plugins/modules/gcp_dns_managed_zone.py index 83c327a8..8aec272b 100644 --- a/plugins/modules/gcp_dns_managed_zone.py +++ b/plugins/modules/gcp_dns_managed_zone.py @@ -508,8 +508,12 @@ def main(): default_key_specs=dict( type='list', elements='dict', + no_log=False, options=dict( - algorithm=dict(type='str'), key_length=dict(type='int'), key_type=dict(type='str'), kind=dict(default='dns#dnsKeySpec', type='str') + algorithm=dict(type='str'), + key_length=dict(type='int', no_log=False), + key_type=dict(type='str'), + kind=dict(default='dns#dnsKeySpec', type='str') ), ), ), diff --git a/plugins/modules/gcp_dns_managed_zone_info.py b/plugins/modules/gcp_dns_managed_zone_info.py index 333bfcee..d39aef26 100644 --- a/plugins/modules/gcp_dns_managed_zone_info.py +++ b/plugins/modules/gcp_dns_managed_zone_info.py @@ -308,7 +308,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(dns_name=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(dns_name=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/ndev.clouddns.readwrite'] diff --git a/plugins/modules/gcp_dns_resource_record_set_info.py b/plugins/modules/gcp_dns_resource_record_set_info.py index 622c3102..1dba0a71 100644 --- a/plugins/modules/gcp_dns_resource_record_set_info.py +++ b/plugins/modules/gcp_dns_resource_record_set_info.py @@ -160,7 +160,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(managed_zone=dict(required=True, type='dict'))) + module = GcpModule(argument_spec=dict(managed_zone=dict(required=True, type='dict')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/ndev.clouddns.readwrite'] diff --git a/plugins/modules/gcp_filestore_instance_info.py b/plugins/modules/gcp_filestore_instance_info.py index 55ab27ca..af81ccd1 100644 --- a/plugins/modules/gcp_filestore_instance_info.py +++ b/plugins/modules/gcp_filestore_instance_info.py @@ -213,7 +213,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(zone=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(zone=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform'] diff --git a/plugins/modules/gcp_iam_role_info.py b/plugins/modules/gcp_iam_role_info.py index 35874cc2..879bd089 100644 --- a/plugins/modules/gcp_iam_role_info.py +++ b/plugins/modules/gcp_iam_role_info.py @@ -156,7 +156,7 @@ import json def main(): - module = GcpModule(argument_spec=dict()) + module = GcpModule(argument_spec=dict(), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/iam'] diff --git a/plugins/modules/gcp_iam_service_account_info.py b/plugins/modules/gcp_iam_service_account_info.py index b2017181..6e330237 100644 --- a/plugins/modules/gcp_iam_service_account_info.py +++ b/plugins/modules/gcp_iam_service_account_info.py @@ -155,7 +155,7 @@ import json def main(): - module = GcpModule(argument_spec=dict()) + module = GcpModule(argument_spec=dict(), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/iam'] diff --git a/plugins/modules/gcp_kms_crypto_key.py b/plugins/modules/gcp_kms_crypto_key.py index 40bfae95..4829081f 100644 --- a/plugins/modules/gcp_kms_crypto_key.py +++ b/plugins/modules/gcp_kms_crypto_key.py @@ -104,6 +104,7 @@ options: - If set to true, the request will create a CryptoKey without any CryptoKeyVersions. You must use the `google_kms_key_ring_import_job` resource to import the CryptoKeyVersion. required: false + default: false type: bool project: description: @@ -284,7 +285,7 @@ def main(): purpose=dict(default='ENCRYPT_DECRYPT', type='str'), rotation_period=dict(type='str'), version_template=dict(type='dict', options=dict(algorithm=dict(required=True, type='str'), protection_level=dict(type='str'))), - key_ring=dict(required=True, type='str'), + key_ring=dict(required=True, type='str', no_log=False), skip_initial_version_creation=dict(type='bool', default=False), ) ) diff --git a/plugins/modules/gcp_kms_crypto_key_info.py b/plugins/modules/gcp_kms_crypto_key_info.py index bc40b484..621b84a4 100644 --- a/plugins/modules/gcp_kms_crypto_key_info.py +++ b/plugins/modules/gcp_kms_crypto_key_info.py @@ -198,7 +198,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(key_ring=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(key_ring=dict(required=True, type='str', no_log=False)), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/cloudkms'] diff --git a/plugins/modules/gcp_kms_key_ring_info.py b/plugins/modules/gcp_kms_key_ring_info.py index 39d3de92..d0b1fc70 100644 --- a/plugins/modules/gcp_kms_key_ring_info.py +++ b/plugins/modules/gcp_kms_key_ring_info.py @@ -151,7 +151,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(location=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(location=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/cloudkms'] diff --git a/plugins/modules/gcp_logging_metric.py b/plugins/modules/gcp_logging_metric.py index f8973240..262895de 100644 --- a/plugins/modules/gcp_logging_metric.py +++ b/plugins/modules/gcp_logging_metric.py @@ -528,7 +528,8 @@ def main(): labels=dict( type='list', elements='dict', - options=dict(key=dict(required=True, type='str'), description=dict(type='str'), value_type=dict(default='STRING', type='str')), + options=dict(key=dict(required=True, type='str', no_log=False), + description=dict(type='str'), value_type=dict(default='STRING', type='str')), ), display_name=dict(type='str'), ), diff --git a/plugins/modules/gcp_logging_metric_info.py b/plugins/modules/gcp_logging_metric_info.py index 76c323c3..c1a3cded 100644 --- a/plugins/modules/gcp_logging_metric_info.py +++ b/plugins/modules/gcp_logging_metric_info.py @@ -302,7 +302,7 @@ import json def main(): - module = GcpModule(argument_spec=dict()) + module = GcpModule(argument_spec=dict(), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform'] diff --git a/plugins/modules/gcp_mlengine_model_info.py b/plugins/modules/gcp_mlengine_model_info.py index 11f28aee..33289272 100644 --- a/plugins/modules/gcp_mlengine_model_info.py +++ b/plugins/modules/gcp_mlengine_model_info.py @@ -169,7 +169,7 @@ import json def main(): - module = GcpModule(argument_spec=dict()) + module = GcpModule(argument_spec=dict(), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform'] diff --git a/plugins/modules/gcp_mlengine_version_info.py b/plugins/modules/gcp_mlengine_version_info.py index ecf92817..04523a75 100644 --- a/plugins/modules/gcp_mlengine_version_info.py +++ b/plugins/modules/gcp_mlengine_version_info.py @@ -260,7 +260,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(model=dict(required=True, type='dict'))) + module = GcpModule(argument_spec=dict(model=dict(required=True, type='dict')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform'] diff --git a/plugins/modules/gcp_parameter_manager.py b/plugins/modules/gcp_parameter_manager.py new file mode 100644 index 00000000..fbc07ae2 --- /dev/null +++ b/plugins/modules/gcp_parameter_manager.py @@ -0,0 +1,649 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt +# or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +################################################################################ +# Documentation +################################################################################ + + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type + +ANSIBLE_METADATA = {'metadata_version': '1.1', 'status': ["preview"], 'supported_by': 'community'} + +DOCUMENTATION = ''' +--- +module: gcp_parameter_manager +description: +- Access and Update Google Cloud Parameter Manager objects +- Create new parameters. +- Create new parameters with format. +- Create new parameters with labels. +- Create new parameters with format and labels. +- Add/Remove parameter version. +- Remove parameter. +short_description: Access and Update Google Cloud Parameter Manager objects +author: Google Inc. (@googlecloudplatform) +requirements: +- python >= 3.7 +- requests >= 2.32.3 +- google-auth >= 2.39.0 +options: + project: + description: + - The Google Cloud Platform project to use. Defaults to OS env variable + GCP_PROJECT if not present + type: str + auth_kind: + description: + - The type of credential used. + type: str + required: true + choices: + - application + - machineaccount + - serviceaccount + - accesstoken + service_account_contents: + description: + - The contents of a Service Account JSON file, either in a dictionary or as a + JSON string that represents it. + type: jsonarg + service_account_file: + description: + - The path of a Service Account JSON file if serviceaccount is selected as type. + type: path + service_account_email: + description: + - An optional service account email address if machineaccount is selected and + the user does not wish to use the default email. + type: str + access_token: + description: + - An OAuth2 access token if credential type is accesstoken. + type: str + scopes: + description: + - Array of scopes to be used + type: list + elements: str + env_type: + description: + - Specifies which Ansible environment you're running this module within. + - This should not be set unless you know what you're doing. + - This only alters the User Agent string for any API requests. + type: str + name: + description: + - Name of the parameter to be used + type: str + required: true + aliases: + - key + - parameter + - parameter_id + format: + description: + - Format of the parameter to be used. + type: str + default: UNFORMATTED + choices: + - UNFORMATTED + - JSON + - YAML + location: + description: + - Location of the parameter to be used + type: str + default: global + version: + description: + - Name of the parameter to be used + type: str + required: false + aliases: + - version_id + - parameter_version_id + value: + description: + - The parameter value that the parameter should have + - this will be set upon create + - If the parameter value is not this, a new version will be added with this value + type: str + state: + description: + - whether the parameter should exist + default: present + choices: + - absent + - present + type: str + return_value: + description: + - if true, the value of the parameter will be returned unencrypted to Ansible + - if false, no value will be returned or decrypted + type: bool + default: true + labels: + description: + - A set of key-value pairs to assign as labels to a parameter + - only used in creation + - Note that the "value" piece of a label must contain only readable chars + type: dict + default: {} +''' + +EXAMPLES = ''' +- name: Create a new parameter + google.cloud.gcp_parameter_manager: + name: parameter_key + state: present + auth_kind: serviceaccount + service_account_file: service_account_creds.json + +- name: Create a new parameter with version + google.cloud.gcp_parameter_manager: + name: parameter_key + version: version_key + value: super_parameter + state: present + auth_kind: serviceaccount + service_account_file: service_account_creds.json + +- name: Create a new structured parameter + google.cloud.gcp_parameter_manager: + name: parameter_key + version: version_key + format: JSON + value: '{"key":"value"}' + state: present + auth_kind: serviceaccount + service_account_file: service_account_creds.json + +- name: Create a parameter with labels + google.cloud.gcp_parameter_manager: + name: parameter_key + version: version_key + value: super_parameter + state: present + auth_kind: serviceaccount + service_account_file: service_account_creds.json + labels: + key_name: "ansible_rox" + +- name: Create a structured parameter with labels + google.cloud.gcp_parameter_manager: + name: parameter_key + version: version_key + format: JSON + value: '{"key":"value"}' + state: present + auth_kind: serviceaccount + service_account_file: service_account_creds.json + labels: + key_name: "ansible_rox" + +- name: Ensure the parameter exists, fail otherwise and return the value + google.cloud.gcp_parameter_manager: + name: parameter_key + state: present + +- name: Ensure parameter exists but don't return the value + google.cloud.gcp_parameter_manager: + name: parameter_key + state: present + return_value: false + +- name: Add a new version of a parameter + google.cloud.gcp_parameter_manager: + name: parameter_key + version: version_key + value: updated super parameter + state: present + +- name: Delete version 1 of a parameter (but not the parameter itself) + google.cloud.gcp_parameter_manager: + name: parameter_key + version: version_key + state: absent + +- name: Delete parameter + google.cloud.gcp_parameter_manager: + name: parameter_key + state: absent + +- name: Create a new regional parameter + google.cloud.gcp_parameter_manager: + name: parameter_key + state: present + auth_kind: serviceaccount + service_account_file: service_account_creds.json + +- name: Create a new regional parameter with version + google.cloud.gcp_parameter_manager: + name: parameter_key + version: version_key + value: super_parameter + state: present + auth_kind: serviceaccount + service_account_file: service_account_creds.json + +- name: Create a new structured regional parameter + google.cloud.gcp_parameter_manager: + name: parameter_key + version: version_key + format: JSON + value: '{"key":"value"}' + state: present + auth_kind: serviceaccount + service_account_file: service_account_creds.json + +- name: Create a regional parameter with labels + google.cloud.gcp_parameter_manager: + name: parameter_key + version: version_key + value: super_parameter + state: present + auth_kind: serviceaccount + service_account_file: service_account_creds.json + labels: + key_name: "ansible_rox" + +- name: Create a structured regional parameter with labels + google.cloud.gcp_parameter_manager: + name: parameter_key + version: version_key + format: JSON + value: '{"key":"value"}' + state: present + auth_kind: serviceaccount + service_account_file: service_account_creds.json + labels: + key_name: "ansible_rox" + +- name: Ensure the regional parameter exists, fail otherwise and return the value + google.cloud.gcp_parameter_manager: + name: parameter_key + state: present + +- name: Ensure regional parameter exists but don't return the value + google.cloud.gcp_parameter_manager: + name: parameter_key + state: present + return_value: false + +- name: Add a new version of a regional parameter + google.cloud.gcp_parameter_manager: + name: parameter_key + version: version_key + value: updated super parameter + state: present + +- name: Delete version 1 of a regional parameter (but not the regional parameter itself) + google.cloud.gcp_parameter_manager: + name: parameter_key + version: version_key + state: absent + +- name: Delete parameter + google.cloud.gcp_parameter_manager: + name: parameter_key + state: absent +''' + +RETURN = ''' +resources: + description: List of resources + returned: always + type: complex + contains: + name: + description: + - The name of the parameter + returned: success + type: str + location: + description: + - The location of the regional parameter + returned: success + type: str + version: + description: + - the version of the parameter returned + returned: success + type: str + url: + description: + - the Google Cloud URL used to make the request + returned: success + type: str + status_code: + description: + - the HTTP status code of the response to Google Cloud + returned: success + type: str + msg: + description: + - A message indicating what was done (or not done) + returned: success, failure + type: str + value: + description: + - The decrypted parameter data value, please use care with this + returned: success + type: str + payload: + description: + - The base 64 parameter payload + returned: success + type: dict +''' + + +################################################################################ +# Imports +################################################################################ + +from ansible_collections.google.cloud.plugins.module_utils.gcp_utils import ( + navigate_hash, + GcpSession, + GcpModule +) + +# for decoding and validating parameters +import json +import base64 + + +def get_auth(module): + return GcpSession(module, 'parameter-manager') + + +def make_url_prefix(module): + if module.params.get('location') is not None and module.params.get('location') != 'global': + return "https://parametermanager.{location}.rep.googleapis.com/v1/projects/{project}/locations/{location}/" + return "https://parametermanager.googleapis.com/v1/projects/{project}/locations/global/" + + +def self_parameter_link(module): + return (make_url_prefix(module) + "parameters/{name}").format(**module.params) + + +def self_parameter_version_link(module): + return (make_url_prefix(module) + "parameters/{name}/versions/{version}").format(**module.params) + + +def self_parameter_list_link(module): + return (make_url_prefix(module) + "parameters").format(**module.params) + + +def self_parameter_version_list_link(module): + return (make_url_prefix(module) + "parameters/{name}/versions").format(**module.params) + + +def check_parameter_exist(module, allow_not_found=True): + auth = get_auth(module) + param_list = list_parameters(module) + if param_list is None: + return None + + link = self_parameter_link(module) + access_obj = return_if_object(module, auth.get(link), allow_not_found) + if access_obj is None: + return None + return access_obj + + +def check_parameter_version_exist(module, allow_not_found=True): + auth = get_auth(module) + version_list = list_parameter_versions(module) + if version_list is None: + return None + + link = self_parameter_version_link(module) + access_obj = return_if_object(module, auth.get(link), allow_not_found) + if access_obj is None: + return None + return access_obj + + +def create_parameter(module): + # build the payload + payload = dict() + if module.params.get('format'): + payload['format'] = module.params.get('format') + if module.params.get('labels'): + payload['labels'] = module.params.get('labels') + + url = (make_url_prefix(module) + "parameters?parameter_id={name}").format(**module.params) + auth = get_auth(module) + # validate create + return return_if_object(module, auth.post(url, payload), False) + + +def create_parameter_version(module): + # build the payload + b64_value = base64.b64encode(module.params.get('value').encode("utf-8")).decode("utf-8") + payload = { + u'payload': { + u'data': b64_value + } + } + auth = get_auth(module) + url = (make_url_prefix(module) + "parameters/{name}/versions?parameter_version_id={version}").format(**module.params) + # validate create + return return_if_object(module, auth.post(url, payload), False) + + +def list_parameters(module): + url = self_parameter_list_link(module) + auth = get_auth(module) + return return_if_object(module, auth.get(url), True) + + +def list_parameter_versions(module): + # filter by only enabled parameter version + url = self_parameter_version_list_link(module) + auth = get_auth(module) + return return_if_object(module, auth.get(url), True) + + +def delete_parameter(module): + auth = get_auth(module) + url = self_parameter_link(module) + return return_if_object(module, auth.delete(url), True) + + +def delete_parameter_version(module): + auth = get_auth(module) + url = self_parameter_version_link(module) + return return_if_object(module, auth.delete(url), True) + + +def return_if_object(module, response, allow_not_found=False): + # If not found, return nothing. + if allow_not_found and response.status_code == 404: + return None + + if response.status_code == 409: + module.params['info'] = "exists already" + return None + + # probably a code error + if response.status_code == 400: + module.fail_json(msg="unexpected REST failure: %s" % response.json()['error']) + + # If no content, return nothing. + if response.status_code == 204: + return None + + try: + module.raise_for_status(response) + result = response.json() + result['url'] = response.request.url + result['status_code'] = response.status_code + if "name" in result: + result['location'] = result['name'].split("/")[3] + result['name'] = result['name'].split("/")[5] + if len(result['name'].split("/")) == 8: + result['version'] = result['name'].split("/")[-1] + + # base64 decode the value + if "payload" in result and "data" in result['payload']: + result['value'] = base64.b64decode(result['payload']['data']).decode("utf-8") + + except getattr(json.decoder, 'JSONDecodeError', ValueError): + module.fail_json(msg="Invalid JSON response with error: %s" % response.text) + + if navigate_hash(result, ['error', 'errors']): + module.fail_json(msg=navigate_hash(result, ['error', 'errors'])) + + return result + + +def main(): + module = GcpModule( + argument_spec=dict( + state=dict(default='present', choices=['present', 'absent'], type='str'), + name=dict(required=True, type='str', aliases=['key', 'parameter', 'parameter_id']), + version=dict(required=False, type='str', aliases=['version_id', 'parameter_version_id']), + location=dict(required=False, type='str', default='global'), + value=dict(required=False, type='str'), + format=dict(required=False, type='str', default='UNFORMATTED', choices=['UNFORMATTED', 'JSON', 'YAML']), + return_value=dict(required=False, type='bool', default=True), + labels=dict(required=False, type='dict', default=dict()) + ) + ) + + try : + if module.params.get('scopes') is None: + module.params['scopes'] = ["https://www.googleapis.com/auth/cloud-platform"] + + if module.params.get('project') is None: + module.fail_json(msg="The project is required. Please specify the Google Cloud project to use.") + + state = module.params.get('state') + changed = False + fetch = check_parameter_exist(module, allow_not_found=True) + fetch_version = None + if fetch: + fetch_version = check_parameter_version_exist(module, allow_not_found=True) + + if state == 'present': + # if parameter not exist + if not fetch: + # doesn't exist, must create + if module.params.get('version') and module.params.get('value'): + # create a new parameter + fetch = create_parameter(module) + fetch = create_parameter_version(module) + changed = True + # specified present and verison is provided but value is not provided + elif module.params.get('version') and module.params.get('value') is None: + module.fail_json( + msg="parameter '{name}' not present in '{project}' and no value for the parameter version is provided".format(**module.params) + ) + # specified present and verison is not provided + # that no parameter could be created without a version + elif module.params.get('value'): + module.fail_json(msg="parameter '{name}' not present in '{project}' and no version for the parameter is provided".format(**module.params)) + # specified present but no value + # that no parameter version could be created without a value to encrypt + else: + fetch = create_parameter(module) + changed = True + + elif not fetch_version: + # doesn't exist, must create + if module.params.get('version') and module.params.get('value'): + fetch = create_parameter_version(module) + changed = True + # specified present and verison is provided but value is not provided + elif module.params.get('version') and module.params.get('value') is None: + module.fail_json(msg="parameter '{name}' present in '{project}' and no value for the parameter version is provided".format(**module.params)) + # specified present and verison is not provided + # that no parameter could be created without a version + elif module.params.get('value'): + module.fail_json(msg="parameter '{name}' present in '{project}' and no version for the parameter is provided".format(**module.params)) + # specified present but no value + # that no parameter could be created without a value to encrypt + else: + module.fail_json( + msg="parameter '{name}' present in '{project}' and no value and version for the parameter is provided".format(**module.params) + ) + + else: + # parameter and parameter version both exist + # check if the value is the same + # if not, delete the version and create new one + # if the value is the same, do nothing + if "value" in fetch_version and module.params.get('value', '') is not None: + if fetch_version['value'] != module.params.get('value'): + fetch['msg'] = 'values not identical, but parameter version name is same' + # Delete existing version and create new one + fetch = delete_parameter_version(module) + fetch = create_parameter_version(module) + changed = True + else: + module.exit_json(msg="parameter '{name}' is already exist and value is the same".format(**module.params)) + elif module.params.get('value', '') is None: + module.fail_json(msg="parameter '{name}' present in '{project}' and no value for the parameter version is provided".format(**module.params)) + + else: + if fetch is None: + fetch = {} + module.exit_json(msg="parameter {name} is not exist".format(**module.params)) + + if fetch_version is None and module.params.get('version'): + fetch = {} + module.exit_json(msg="parameter version {version} is not exist".format(**module.params)) + + if module.params.get('version'): + version = delete_parameter_version(module) + if version is not None: + fetch = version + changed = True + else: + module.exit_json(msg="parameter version {version} is already deleted".format(**module.params)) + else: + versions = list_parameter_versions(module) + if versions is not None: + version = versions.get('parameterVersions', None) + if version is None: + param = delete_parameter(module) + if param is not None: + changed = True + fetch = param + else: + module.exit_json(msg="parameter {name} is already deleted".format(**module.params)) + else: + module.fail_json(msg="parameter {name} has nested version resources".format(**module.params)) + else: + module.exit_json(msg="parameter {name} is not exist".format(**module.params)) + + # # pop value data if return_value == false + if module.params.get('return_value') is False: + if "value" in fetch: + fetch.pop('value') + if "payload" in fetch: + fetch.pop('payload') + if "msg" in fetch: + fetch['msg'] = "{} | not returning parameter value since 'return_value' is set to false".format(fetch['msg']) + else: + fetch['msg'] = "not returning parameter value since 'return_value' is set to false" + + fetch['changed'] = changed + fetch['name'] = module.params.get('name') + except Exception as e: + module.fail_json(msg=f"An unexpected error occurred: {str(e)}") + + module.exit_json(**fetch) + + +if __name__ == "__main__": + main() diff --git a/plugins/modules/gcp_pubsub_subscription.py b/plugins/modules/gcp_pubsub_subscription.py index 41a0c2d9..af101c8a 100644 --- a/plugins/modules/gcp_pubsub_subscription.py +++ b/plugins/modules/gcp_pubsub_subscription.py @@ -93,7 +93,7 @@ options: max_duration: description: - Subscription writes a new output file if the specified value of max duration is exceeded. Min 60s, max 600s. - required: true + required: false type: str max_bytes: description: @@ -108,7 +108,7 @@ options: output_format: description: - Specify the format of the output files that are to be stored in a Cloud Storage bucket as text or avro. - required: true + required: false type: str write_metadata: description: @@ -654,7 +654,9 @@ def main(): push_config=dict( type='dict', options=dict( - oidc_token=dict(type='dict', options=dict(service_account_email=dict(required=True, type='str'), audience=dict(type='str'))), + oidc_token=dict(type='dict', + no_log=False, + options=dict(service_account_email=dict(required=True, type='str'), audience=dict(type='str'))), push_endpoint=dict(required=True, type='str'), attributes=dict(type='dict'), ), diff --git a/plugins/modules/gcp_pubsub_subscription_info.py b/plugins/modules/gcp_pubsub_subscription_info.py index b911131d..dd20c935 100644 --- a/plugins/modules/gcp_pubsub_subscription_info.py +++ b/plugins/modules/gcp_pubsub_subscription_info.py @@ -333,7 +333,7 @@ import json def main(): - module = GcpModule(argument_spec=dict()) + module = GcpModule(argument_spec=dict(), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/pubsub'] diff --git a/plugins/modules/gcp_pubsub_topic_info.py b/plugins/modules/gcp_pubsub_topic_info.py index 0dc6f4e0..7b8627db 100644 --- a/plugins/modules/gcp_pubsub_topic_info.py +++ b/plugins/modules/gcp_pubsub_topic_info.py @@ -180,7 +180,7 @@ import json def main(): - module = GcpModule(argument_spec=dict()) + module = GcpModule(argument_spec=dict(), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/pubsub'] diff --git a/plugins/modules/gcp_redis_instance.py b/plugins/modules/gcp_redis_instance.py index ac8724a0..cef6ecac 100644 --- a/plugins/modules/gcp_redis_instance.py +++ b/plugins/modules/gcp_redis_instance.py @@ -60,7 +60,6 @@ options: to "true" AUTH is enabled on the instance. - Default value is "false" meaning AUTH is disabled. required: false - default: 'false' type: bool authorized_network: description: diff --git a/plugins/modules/gcp_redis_instance_info.py b/plugins/modules/gcp_redis_instance_info.py index 33a9241a..593b063f 100644 --- a/plugins/modules/gcp_redis_instance_info.py +++ b/plugins/modules/gcp_redis_instance_info.py @@ -291,7 +291,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(region=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(region=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform'] diff --git a/plugins/modules/gcp_resourcemanager_project_info.py b/plugins/modules/gcp_resourcemanager_project_info.py index 7d978299..1e747b75 100644 --- a/plugins/modules/gcp_resourcemanager_project_info.py +++ b/plugins/modules/gcp_resourcemanager_project_info.py @@ -86,7 +86,7 @@ options: description: - Indicates the number of projects that should be returned by the API request - type: str + type: int notes: - for authentication, you can set service_account_file using the C(GCP_SERVICE_ACCOUNT_FILE) env variable. @@ -190,7 +190,7 @@ import json def main(): module = GcpModule(argument_spec=dict( page_size=dict(type='int') - )) + ), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform'] diff --git a/plugins/modules/gcp_runtimeconfig_config_info.py b/plugins/modules/gcp_runtimeconfig_config_info.py index 063c1cee..c0821402 100644 --- a/plugins/modules/gcp_runtimeconfig_config_info.py +++ b/plugins/modules/gcp_runtimeconfig_config_info.py @@ -135,7 +135,7 @@ import json def main(): - module = GcpModule(argument_spec=dict()) + module = GcpModule(argument_spec=dict(), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/cloudruntimeconfig'] diff --git a/plugins/modules/gcp_runtimeconfig_variable_info.py b/plugins/modules/gcp_runtimeconfig_variable_info.py index ec1adb92..0e619dc7 100644 --- a/plugins/modules/gcp_runtimeconfig_variable_info.py +++ b/plugins/modules/gcp_runtimeconfig_variable_info.py @@ -151,7 +151,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(config=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(config=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/cloudruntimeconfig'] diff --git a/plugins/modules/gcp_secret_manager.py b/plugins/modules/gcp_secret_manager.py index a02a402d..bff1d07d 100644 --- a/plugins/modules/gcp_secret_manager.py +++ b/plugins/modules/gcp_secret_manager.py @@ -1,4 +1,5 @@ #!/usr/bin/python +# -*- coding: utf-8 -*- # GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt # or https://www.gnu.org/licenses/gpl-3.0.txt) @@ -24,8 +25,9 @@ description: - Create new secret values. - Add/remove versions of secrets. - Please note that other features like etags, replication, annontation expected to be managed outside of Ansible. +- Deals with regional secrets if location option is defined. short_description: Access and Update Google Cloud Secrets Manager objects -author: Dave Costakos @RedHat +author: Google Inc. (@googlecloudplatform) requirements: - python >= 2.6 - requests >= 2.18.4 @@ -44,6 +46,7 @@ options: - application - machineaccount - serviceaccount + - accesstoken service_account_contents: description: - The contents of a Service Account JSON file, either in a dictionary or as a @@ -58,11 +61,21 @@ options: - An optional service account email address if machineaccount is selected and the user does not wish to use the default email. type: str + access_token: + description: + - An OAuth2 access token if credential type is accesstoken. + type: str scopes: description: - Array of scopes to be used type: list elements: str + env_type: + description: + - Specifies which Ansible environment you're running this module within. + - This should not be set unless you know what you're doing. + - This only alters the User Agent string for any API requests. + type: str name: description: - Name of the secret to be used @@ -72,6 +85,10 @@ options: - key - secret - secret_id + location: + description: + - If provided, it defines the location of the regional secret. + type: str value: description: - The secret value that the secret should have @@ -105,6 +122,7 @@ options: - only used in creation - Note that the "value" piece of a label must contain only readable chars type: dict + default: {} notes: - 'API Reference: U(https://cloud.google.com/secret-manager/docs/reference/rests)' - 'Official Documentation: U(https://cloud.google.com/secret-manager/docs/overview)' @@ -120,7 +138,7 @@ notes: - The I(service_account_email) and I(service_account_file) options are mutually exclusive. ''' -EXAMPLES = r''' +EXAMPLES = ''' - name: Create a new secret google.cloud.gcp_secret_manager: name: secret_key @@ -164,48 +182,105 @@ EXAMPLES = r''' value: super_secret labels: key_name: "ansible_rox" + +- name: Create a new regional secret + google.cloud.gcp_secret_manager: + name: secret_key + location: us-central1 + value: super_secret + state: present + auth_kind: serviceaccount + service_account_file: service_account_creds.json + +- name: Ensure the regional secret exists, fail otherwise and return the value + google.cloud.gcp_secret_manager: + name: secret_key + location: us-central1 + state: present + +- name: Ensure regional secret exists but don't return the value + google.cloud.gcp_secret_manager: + name: secret_key + location: us-central1 + state: present + return_value: false + +- name: Add a new version of a regional secret + google.cloud.gcp_secret_manager: + name: secret_key + location: us-central1 + value: updated super secret + state: present + +- name: Delete version 1 of a regional secret (but not the secret itself) + google.cloud.gcp_secret_manager: + name: secret_key + location: us-central1 + version: 1 + state: absent + +- name: Delete all versions of a regional secret + google.cloud.gcp_secret_manager: + name: secret_key + location: us-central1 + version: all + state: absent + +- name: Create a regional secret with labels + google.cloud.gcp_secret_manager: + name: secret_key + location: us-central1 + value: super_secret + labels: + key_name: "ansible_rox" ''' -RETURN = r''' +RETURN = ''' resources: description: List of resources returned: always type: complex - name: - description: - - The name of the secret - returned: success - type: str - version: - description: - - the version number of the secret returned - returned: success - type: str - url: - description: - - the Google Cloud URL used to make the request - returned: success - type: str - status_code: - description: - - the HTTP status code of the response to Google Cloud - returned: success - type: str - msg: - description: - - A message indicating what was done (or not done) - returned: success, failure - type: str - value: - description: - - The decrypted secret value, please use care with this - returned: success - type: str - payload: - description: - - The base 64 secret payload including CRC for validation - retunred: success - type: dict + contains: + name: + description: + - The name of the secret + returned: success + type: str + location: + description: + - The location of the regional secret. + returned: success + type: str + version: + description: + - The version number of the secret returned + returned: success + type: str + url: + description: + - The Google Cloud URL used to make the request + returned: success + type: str + status_code: + description: + - The HTTP status code of the response to Google Cloud + returned: success + type: str + msg: + description: + - A message indicating what was done (or not done) + returned: success, failure + type: str + value: + description: + - The decrypted secret value, please use care with this + returned: success + type: str + payload: + description: + - The base 64 secret payload including CRC for validation + returned: success + type: dict ''' ################################################################################ @@ -228,24 +303,30 @@ def get_auth(module): return GcpSession(module, 'secret-manager') +def make_url_prefix(module): + if module.params['location']: + return "https://secretmanager.{location}.rep.googleapis.com/v1/projects/{project}/locations/{location}/" + return "https://secretmanager.googleapis.com/v1/projects/{project}/" + + def self_access_link(module): - return "https://secretmanager.googleapis.com/v1/projects/{project}/secrets/{name}/versions/{calc_version}:access".format(**module.params) + return (make_url_prefix(module) + "secrets/{name}/versions/{calc_version}:access").format(**module.params) def self_get_link(module): - return "https://secretmanager.googleapis.com/v1/projects/{project}/secrets/{name}/versions/{calc_version}".format(**module.params) + return (make_url_prefix(module) + "secrets/{name}/versions/{calc_version}").format(**module.params) def self_update_link(module): - return "https://secretmanager.googleapis.com/v1/projects/{project}/secrets/{name}/versions/{calc_version:version}".format(**module.params) + return (make_url_prefix(module) + "secrets/{name}/versions/{calc_version:version}").format(**module.params) def self_list_link(module): - return "https://secretmanager.googleapis.com/v1/projects/{project}/secrets/{name}/versions?filter=state:ENABLED".format(**module.params) + return (make_url_prefix(module) + "secrets/{name}/versions?filter=state:ENABLED").format(**module.params) def self_delete_link(module): - return "https://secretmanager.googleapis.com/v1/projects/{project}/secrets/{name}".format(**module.params) + return (make_url_prefix(module) + "secrets/{name}").format(**module.params) def fetch_resource(module, allow_not_found=True): @@ -294,10 +375,12 @@ def merge_dicts(x, y): def create_secret(module): # build the payload payload = {"replication": {"automatic": {}}} + if module.params['location']: + payload = dict() if module.params['labels']: payload['labels'] = module.params['labels'] - url = "https://secretmanager.googleapis.com/v1/projects/{project}/secrets".format(**module.params) + url = (make_url_prefix(module) + "secrets").format(**module.params) auth = get_auth(module) post_response = auth.post(url, body=payload, params={'secretId': module.params['name']}) # validate create @@ -314,7 +397,7 @@ def update_secret(module): } } auth = get_auth(module) - url = "https://secretmanager.googleapis.com/v1/projects/{project}/secrets/{name}:addVersion".format(**module.params) + url = (make_url_prefix(module) + "secrets/{name}:addVersion").format(**module.params) return return_if_object(module, auth.post(url, payload), False) @@ -363,7 +446,11 @@ def return_if_object(module, response, allow_not_found=False): result['status_code'] = response.status_code if "name" in result: result['version'] = result['name'].split("/")[-1] - result['name'] = result['name'].split("/")[3] + if 'locations' in result['name'].split("/"): + result['location'] = result['name'].split("/")[3] + result['name'] = result['name'].split("/")[5] + else: + result['name'] = result['name'].split("/")[3] # base64 decode the value if "payload" in result and "data" in result['payload']: @@ -388,6 +475,7 @@ def main(): argument_spec=dict( state=dict(default='present', choices=['present', 'absent'], type='str'), name=dict(required=True, type='str', aliases=['key', 'secret', 'secret_id']), + location=dict(required=False, type='str'), value=dict(required=False, type='str'), version=dict(required=False, type='str', default='latest'), return_value=dict(required=False, type='bool', default=True), diff --git a/plugins/modules/gcp_serviceusage_service.py b/plugins/modules/gcp_serviceusage_service.py index 221f7b6c..40a10cd2 100644 --- a/plugins/modules/gcp_serviceusage_service.py +++ b/plugins/modules/gcp_serviceusage_service.py @@ -103,6 +103,8 @@ options: type: str notes: - 'Getting Started: U(https://cloud.google.com/service-usage/docs/getting-started)' +- For this module to work, the serviceusage.googleapis.com service must be enabled + U(https://cloud.google.com/service-usage/docs/enable-disable#gcloud) already. - for authentication, you can set service_account_file using the C(GCP_SERVICE_ACCOUNT_FILE) env variable. - for authentication, you can set service_account_contents using the C(GCP_SERVICE_ACCOUNT_CONTENTS) diff --git a/plugins/modules/gcp_serviceusage_service_info.py b/plugins/modules/gcp_serviceusage_service_info.py index 1c49512e..b5c88d38 100644 --- a/plugins/modules/gcp_serviceusage_service_info.py +++ b/plugins/modules/gcp_serviceusage_service_info.py @@ -178,7 +178,7 @@ import json def main(): - module = GcpModule(argument_spec=dict()) + module = GcpModule(argument_spec=dict(), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform'] diff --git a/plugins/modules/gcp_sourcerepo_repository_info.py b/plugins/modules/gcp_sourcerepo_repository_info.py index 4a0d809b..607e6243 100644 --- a/plugins/modules/gcp_sourcerepo_repository_info.py +++ b/plugins/modules/gcp_sourcerepo_repository_info.py @@ -142,7 +142,7 @@ import json def main(): - module = GcpModule(argument_spec=dict()) + module = GcpModule(argument_spec=dict(), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform'] diff --git a/plugins/modules/gcp_spanner_database_info.py b/plugins/modules/gcp_spanner_database_info.py index 2f45553d..84a7b47d 100644 --- a/plugins/modules/gcp_spanner_database_info.py +++ b/plugins/modules/gcp_spanner_database_info.py @@ -167,7 +167,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(instance=dict(required=True, type='dict'))) + module = GcpModule(argument_spec=dict(instance=dict(required=True, type='dict')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/spanner.admin'] diff --git a/plugins/modules/gcp_spanner_instance_info.py b/plugins/modules/gcp_spanner_instance_info.py index 90e25dda..64bc7a00 100644 --- a/plugins/modules/gcp_spanner_instance_info.py +++ b/plugins/modules/gcp_spanner_instance_info.py @@ -165,7 +165,7 @@ import json def main(): - module = GcpModule(argument_spec=dict()) + module = GcpModule(argument_spec=dict(), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/spanner.admin'] diff --git a/plugins/modules/gcp_sql_database_info.py b/plugins/modules/gcp_sql_database_info.py index dfc9bc9c..adb90460 100644 --- a/plugins/modules/gcp_sql_database_info.py +++ b/plugins/modules/gcp_sql_database_info.py @@ -158,7 +158,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(instance=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(instance=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/sqlservice.admin'] diff --git a/plugins/modules/gcp_sql_instance.py b/plugins/modules/gcp_sql_instance.py index 9f18a2f6..9999dd18 100644 --- a/plugins/modules/gcp_sql_instance.py +++ b/plugins/modules/gcp_sql_instance.py @@ -848,11 +848,11 @@ def main(): options=dict( ca_certificate=dict(type='str'), client_certificate=dict(type='str'), - client_key=dict(type='str'), + client_key=dict(type='str', no_log=True), connect_retry_interval=dict(type='int'), dump_file_path=dict(type='str'), master_heartbeat_period=dict(type='int'), - password=dict(type='str'), + password=dict(type='str', no_log=True), ssl_cipher=dict(type='str'), username=dict(type='str'), verify_server_certificate=dict(type='bool'), diff --git a/plugins/modules/gcp_sql_instance_info.py b/plugins/modules/gcp_sql_instance_info.py index afbc7c30..8f734c36 100644 --- a/plugins/modules/gcp_sql_instance_info.py +++ b/plugins/modules/gcp_sql_instance_info.py @@ -519,7 +519,7 @@ import json def main(): - module = GcpModule(argument_spec=dict()) + module = GcpModule(argument_spec=dict(), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/sqlservice.admin'] diff --git a/plugins/modules/gcp_sql_ssl_cert.py b/plugins/modules/gcp_sql_ssl_cert.py index 02519b30..4d06ce28 100644 --- a/plugins/modules/gcp_sql_ssl_cert.py +++ b/plugins/modules/gcp_sql_ssl_cert.py @@ -234,7 +234,7 @@ def main(): expiration_time=dict(type='str'), instance=dict(required=True, type='dict'), sha1_fingerprint=dict(type='str'), - private_key=dict(type='str'), + private_key=dict(type='str', no_log=False), ) ) diff --git a/plugins/modules/gcp_sql_user.py b/plugins/modules/gcp_sql_user.py index ca2cbf4f..b0494105 100644 --- a/plugins/modules/gcp_sql_user.py +++ b/plugins/modules/gcp_sql_user.py @@ -195,7 +195,7 @@ def main(): host=dict(required=True, type='str'), name=dict(required=True, type='str'), instance=dict(required=True, type='dict'), - password=dict(type='str'), + password=dict(type='str', no_log=True), ) ) diff --git a/plugins/modules/gcp_sql_user_info.py b/plugins/modules/gcp_sql_user_info.py index 762a7356..b03048d6 100644 --- a/plugins/modules/gcp_sql_user_info.py +++ b/plugins/modules/gcp_sql_user_info.py @@ -158,7 +158,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(instance=dict(required=True, type='dict'))) + module = GcpModule(argument_spec=dict(instance=dict(required=True, type='dict')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/sqlservice.admin'] diff --git a/plugins/modules/gcp_storage_default_object_acl.py b/plugins/modules/gcp_storage_default_object_acl.py index 5bfea2f7..45c615f0 100644 --- a/plugins/modules/gcp_storage_default_object_acl.py +++ b/plugins/modules/gcp_storage_default_object_acl.py @@ -62,6 +62,10 @@ options: - The name of the bucket. required: true type: dict + object: + description: + - The target of the ACL. + type: str entity: description: - 'The entity holding the permission, in one of the following forms: * user-{{userId}} diff --git a/plugins/modules/gcp_storage_object.py b/plugins/modules/gcp_storage_object.py index 1411d0ff..aef08296 100644 --- a/plugins/modules/gcp_storage_object.py +++ b/plugins/modules/gcp_storage_object.py @@ -43,7 +43,6 @@ options: src: description: - Source location of file (may be local machine or cloud depending on action). Cloud locations need to be urlencoded including slashes. - required: true type: path dest: description: diff --git a/plugins/modules/gcp_tpu_node.py b/plugins/modules/gcp_tpu_node.py index 32d599e9..87bcc477 100644 --- a/plugins/modules/gcp_tpu_node.py +++ b/plugins/modules/gcp_tpu_node.py @@ -94,7 +94,6 @@ options: to peer the TPU Node to is a Shared VPC network, the node must be created with this this field enabled. required: false - default: 'false' type: bool scheduling_config: description: diff --git a/plugins/modules/gcp_tpu_node_info.py b/plugins/modules/gcp_tpu_node_info.py index a01d08af..5c8007ef 100644 --- a/plugins/modules/gcp_tpu_node_info.py +++ b/plugins/modules/gcp_tpu_node_info.py @@ -227,7 +227,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(zone=dict(type='str'))) + module = GcpModule(argument_spec=dict(zone=dict(type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform'] diff --git a/roles/gcloud/defaults/main.yml b/roles/gcloud/defaults/main.yml index deeec699..6e279329 100644 --- a/roles/gcloud/defaults/main.yml +++ b/roles/gcloud/defaults/main.yml @@ -12,7 +12,7 @@ gcloud_yum_baseurl: https://packages.cloud.google.com/yum/repos/cloud-sdk-el7-x8 gcloud_yum_key: https://packages.cloud.google.com/yum/doc/yum-key.gpg # default values for gcloud archive installation -gcloud_version: 268.0.0 +gcloud_version: 505.0.0 gcloud_archive_name: google-cloud-sdk-{{ gcloud_version }}-linux-{{ ansible_architecture }}.tar.gz gcloud_archive_url: https://dl.google.com/dl/cloudsdk/channels/rapid/downloads/{{ gcloud_archive_name }} gcloud_archive_path: /usr/lib diff --git a/roles/gcloud/meta/main.yml b/roles/gcloud/meta/main.yml index 049ed0ea..25671877 100644 --- a/roles/gcloud/meta/main.yml +++ b/roles/gcloud/meta/main.yml @@ -8,6 +8,9 @@ galaxy_info: platforms: - name: Ubuntu versions: + - focal + - jammy + - noble - precise - trusty - xenial diff --git a/roles/gcloud/tasks/package/debian.yml b/roles/gcloud/tasks/package/debian.yml index 726c79ee..7fc58673 100644 --- a/roles/gcloud/tasks/package/debian.yml +++ b/roles/gcloud/tasks/package/debian.yml @@ -9,20 +9,20 @@ ansible.builtin.apt_repository: repo: deb {{ gcloud_apt_url }} {{ gcloud_apt_repo }} main state: present - filename: google-cloud-sdk + filename: google-cloud-cli -- name: Gcloud | Debian | Install the google-cloud-sdk package +- name: Gcloud | Debian | Install the google-cloud-cli package ansible.builtin.apt: - name: google-cloud-sdk + name: google-cloud-cli update_cache: "yes" register: task_result until: task_result is success retries: 10 delay: 2 -- name: Gcloud | Debian | Install the google-cloud-sdk additional components +- name: Gcloud | Debian | Install the google-cloud-cli additional components ansible.builtin.apt: - name: google-cloud-sdk-{{ item }} + name: google-cloud-cli-{{ item }} update_cache: "yes" register: task_result until: task_result is success diff --git a/roles/gcp_http_lb/meta/main.yml b/roles/gcp_http_lb/meta/main.yml index 98cccc5c..82e2fdaa 100644 --- a/roles/gcp_http_lb/meta/main.yml +++ b/roles/gcp_http_lb/meta/main.yml @@ -27,7 +27,7 @@ galaxy_info: # this branch. If Travis integration is configured, only notifications for this # branch will be accepted. Otherwise, in all cases, the repo's default branch # (usually master) will be used. - #github_branch: + # github_branch: # # Provide a list of supported platforms, and for each platform a list of versions. diff --git a/roles/google_cloud_ops_agents b/roles/google_cloud_ops_agents deleted file mode 160000 index 99adb1ed..00000000 --- a/roles/google_cloud_ops_agents +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 99adb1edafb02c3573eaf680266205295ba7f159 diff --git a/tests/integration/targets/gcp_appengine_firewall_rule/tasks/autogen.yml b/tests/integration/targets/gcp_appengine_firewall_rule/tasks/autogen.yml index a38d9a7f..1ec0c251 100644 --- a/tests/integration/targets/gcp_appengine_firewall_rule/tasks/autogen.yml +++ b/tests/integration/targets/gcp_appengine_firewall_rule/tasks/autogen.yml @@ -22,7 +22,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a firewall rule google.cloud.gcp_appengine_firewall_rule: priority: 1000 @@ -64,7 +64,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a firewall rule google.cloud.gcp_appengine_firewall_rule: priority: 1000 diff --git a/tests/integration/targets/gcp_bigquery_dataset/tasks/autogen.yml b/tests/integration/targets/gcp_bigquery_dataset/tasks/autogen.yml index 71484a34..6483a721 100644 --- a/tests/integration/targets/gcp_bigquery_dataset/tasks/autogen.yml +++ b/tests/integration/targets/gcp_bigquery_dataset/tasks/autogen.yml @@ -22,7 +22,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a dataset google.cloud.gcp_bigquery_dataset: name: my_example_dataset @@ -64,7 +64,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a dataset google.cloud.gcp_bigquery_dataset: name: my_example_dataset diff --git a/tests/integration/targets/gcp_bigquery_table/tasks/autogen.yml b/tests/integration/targets/gcp_bigquery_table/tasks/autogen.yml index 1e42d655..1b94a8ad 100644 --- a/tests/integration/targets/gcp_bigquery_table/tasks/autogen.yml +++ b/tests/integration/targets/gcp_bigquery_table/tasks/autogen.yml @@ -35,7 +35,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a table google.cloud.gcp_bigquery_table: name: example_table @@ -84,7 +84,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a table google.cloud.gcp_bigquery_table: name: example_table @@ -133,7 +133,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a dataset diff --git a/tests/integration/targets/gcp_bigtable_instance/tasks/autogen.yml b/tests/integration/targets/gcp_bigtable_instance/tasks/autogen.yml index 7406950d..a8a54ca3 100644 --- a/tests/integration/targets/gcp_bigtable_instance/tasks/autogen.yml +++ b/tests/integration/targets/gcp_bigtable_instance/tasks/autogen.yml @@ -25,7 +25,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a instance google.cloud.gcp_bigtable_instance: name: my-instance @@ -71,7 +71,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a instance google.cloud.gcp_bigtable_instance: name: my-instance diff --git a/tests/integration/targets/gcp_cloudfunctions_cloud_function/tasks/autogen.yml b/tests/integration/targets/gcp_cloudfunctions_cloud_function/tasks/autogen.yml index da43b215..e86e5055 100644 --- a/tests/integration/targets/gcp_cloudfunctions_cloud_function/tasks/autogen.yml +++ b/tests/integration/targets/gcp_cloudfunctions_cloud_function/tasks/autogen.yml @@ -25,7 +25,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a cloud function google.cloud.gcp_cloudfunctions_cloud_function: name: "{{ resource_name }}" @@ -76,7 +76,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a cloud function google.cloud.gcp_cloudfunctions_cloud_function: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_cloudscheduler_job/tasks/autogen.yml b/tests/integration/targets/gcp_cloudscheduler_job/tasks/autogen.yml index 917e323a..247b4e8a 100644 --- a/tests/integration/targets/gcp_cloudscheduler_job/tasks/autogen.yml +++ b/tests/integration/targets/gcp_cloudscheduler_job/tasks/autogen.yml @@ -32,7 +32,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a job google.cloud.gcp_cloudscheduler_job: name: job @@ -95,7 +95,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a job google.cloud.gcp_cloudscheduler_job: name: job diff --git a/tests/integration/targets/gcp_cloudtasks_queue/tasks/autogen.yml b/tests/integration/targets/gcp_cloudtasks_queue/tasks/autogen.yml index 6e1f70f2..73b3dab9 100644 --- a/tests/integration/targets/gcp_cloudtasks_queue/tasks/autogen.yml +++ b/tests/integration/targets/gcp_cloudtasks_queue/tasks/autogen.yml @@ -21,7 +21,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a queue google.cloud.gcp_cloudtasks_queue: name: "{{ resource_name }}" @@ -62,7 +62,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a queue google.cloud.gcp_cloudtasks_queue: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_compute_address/tasks/autogen.yml b/tests/integration/targets/gcp_compute_address/tasks/autogen.yml index b4e9634d..f595dcfd 100644 --- a/tests/integration/targets/gcp_compute_address/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_address/tasks/autogen.yml @@ -21,7 +21,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a address google.cloud.gcp_compute_address: name: test-address1 @@ -64,7 +64,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a address google.cloud.gcp_compute_address: name: test-address1 diff --git a/tests/integration/targets/gcp_compute_autoscaler/tasks/autogen.yml b/tests/integration/targets/gcp_compute_autoscaler/tasks/autogen.yml index 4e1ad768..792e8a54 100644 --- a/tests/integration/targets/gcp_compute_autoscaler/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_autoscaler/tasks/autogen.yml @@ -79,7 +79,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a autoscaler google.cloud.gcp_compute_autoscaler: name: "{{ resource_name }}" @@ -136,7 +136,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a autoscaler google.cloud.gcp_compute_autoscaler: name: "{{ resource_name }}" @@ -193,7 +193,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a instance group manager diff --git a/tests/integration/targets/gcp_compute_backend_bucket/tasks/autogen.yml b/tests/integration/targets/gcp_compute_backend_bucket/tasks/autogen.yml index c54b0227..f4d51bfc 100644 --- a/tests/integration/targets/gcp_compute_backend_bucket/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_backend_bucket/tasks/autogen.yml @@ -31,7 +31,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a backend bucket google.cloud.gcp_compute_backend_bucket: name: "{{ resource_name }}" @@ -77,7 +77,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a backend bucket google.cloud.gcp_compute_backend_bucket: name: "{{ resource_name }}" @@ -123,7 +123,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a bucket diff --git a/tests/integration/targets/gcp_compute_backend_service/tasks/autogen.yml b/tests/integration/targets/gcp_compute_backend_service/tasks/autogen.yml index 011a5d4c..939cc64b 100644 --- a/tests/integration/targets/gcp_compute_backend_service/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_backend_service/tasks/autogen.yml @@ -46,7 +46,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a backend service google.cloud.gcp_compute_backend_service: name: "{{ resource_name }}" @@ -96,7 +96,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a backend service google.cloud.gcp_compute_backend_service: name: "{{ resource_name }}" @@ -146,7 +146,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a HTTP health check diff --git a/tests/integration/targets/gcp_compute_disk/tasks/autogen.yml b/tests/integration/targets/gcp_compute_disk/tasks/autogen.yml index 96379724..f77418f2 100644 --- a/tests/integration/targets/gcp_compute_disk/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_disk/tasks/autogen.yml @@ -24,7 +24,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a disk google.cloud.gcp_compute_disk: name: "{{ resource_name }}" @@ -73,7 +73,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a disk google.cloud.gcp_compute_disk: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_compute_external_vpn_gateway/tasks/autogen.yml b/tests/integration/targets/gcp_compute_external_vpn_gateway/tasks/autogen.yml index f6fd6da7..0e092c8b 100644 --- a/tests/integration/targets/gcp_compute_external_vpn_gateway/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_external_vpn_gateway/tasks/autogen.yml @@ -25,7 +25,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a external vpn gateway google.cloud.gcp_compute_external_vpn_gateway: name: "{{ resource_name }}" @@ -75,7 +75,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a external vpn gateway google.cloud.gcp_compute_external_vpn_gateway: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_compute_firewall/tasks/autogen.yml b/tests/integration/targets/gcp_compute_firewall/tasks/autogen.yml index bf51839d..f956734c 100644 --- a/tests/integration/targets/gcp_compute_firewall/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_firewall/tasks/autogen.yml @@ -29,7 +29,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a firewall google.cloud.gcp_compute_firewall: name: "{{ resource_name }}" @@ -87,7 +87,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a firewall google.cloud.gcp_compute_firewall: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_compute_firewall/tasks/update.yml b/tests/integration/targets/gcp_compute_firewall/tasks/update.yml index 3a2f73a9..3bee9adb 100644 --- a/tests/integration/targets/gcp_compute_firewall/tasks/update.yml +++ b/tests/integration/targets/gcp_compute_firewall/tasks/update.yml @@ -42,7 +42,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a firewall google.cloud.gcp_compute_firewall: name: "{{ resource_name }}" @@ -119,7 +119,7 @@ ansible.builtin.assert: that: - results['resources'][0]['allowed'][0]['ports'][0] == '55' -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a firewall google.cloud.gcp_compute_firewall: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_compute_forwarding_rule/tasks/autogen.yml b/tests/integration/targets/gcp_compute_forwarding_rule/tasks/autogen.yml index c26206fe..fd70aae6 100644 --- a/tests/integration/targets/gcp_compute_forwarding_rule/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_forwarding_rule/tasks/autogen.yml @@ -43,7 +43,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a forwarding rule google.cloud.gcp_compute_forwarding_rule: name: "{{ resource_name }}" @@ -94,7 +94,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a forwarding rule google.cloud.gcp_compute_forwarding_rule: name: "{{ resource_name }}" @@ -145,7 +145,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a target pool diff --git a/tests/integration/targets/gcp_compute_global_address/tasks/autogen.yml b/tests/integration/targets/gcp_compute_global_address/tasks/autogen.yml index 3333e3f5..6d6849a3 100644 --- a/tests/integration/targets/gcp_compute_global_address/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_global_address/tasks/autogen.yml @@ -20,7 +20,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a global address google.cloud.gcp_compute_global_address: name: "{{ resource_name }}" @@ -60,7 +60,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a global address google.cloud.gcp_compute_global_address: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_compute_global_forwarding_rule/tasks/autogen.yml b/tests/integration/targets/gcp_compute_global_forwarding_rule/tasks/autogen.yml index 93bab3af..afc395fb 100644 --- a/tests/integration/targets/gcp_compute_global_forwarding_rule/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_global_forwarding_rule/tasks/autogen.yml @@ -84,7 +84,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a global forwarding rule google.cloud.gcp_compute_global_forwarding_rule: name: "{{ resource_name }}" @@ -132,7 +132,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a global forwarding rule google.cloud.gcp_compute_global_forwarding_rule: name: "{{ resource_name }}" @@ -180,7 +180,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a target HTTP proxy diff --git a/tests/integration/targets/gcp_compute_health_check/tasks/autogen.yml b/tests/integration/targets/gcp_compute_health_check/tasks/autogen.yml index d529ec68..30d44672 100644 --- a/tests/integration/targets/gcp_compute_health_check/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_health_check/tasks/autogen.yml @@ -28,7 +28,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a health check google.cloud.gcp_compute_health_check: name: "{{ resource_name }}" @@ -84,7 +84,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a health check google.cloud.gcp_compute_health_check: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_compute_http_health_check/tasks/autogen.yml b/tests/integration/targets/gcp_compute_http_health_check/tasks/autogen.yml index 1ff3b89d..d40d7c41 100644 --- a/tests/integration/targets/gcp_compute_http_health_check/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_http_health_check/tasks/autogen.yml @@ -24,7 +24,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a HTTP health check google.cloud.gcp_compute_http_health_check: name: "{{ resource_name }}" @@ -72,7 +72,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a HTTP health check google.cloud.gcp_compute_http_health_check: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_compute_https_health_check/tasks/autogen.yml b/tests/integration/targets/gcp_compute_https_health_check/tasks/autogen.yml index c79968c0..21259acb 100644 --- a/tests/integration/targets/gcp_compute_https_health_check/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_https_health_check/tasks/autogen.yml @@ -24,7 +24,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a HTTPS health check google.cloud.gcp_compute_https_health_check: name: "{{ resource_name }}" @@ -72,7 +72,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a HTTPS health check google.cloud.gcp_compute_https_health_check: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_compute_image/tasks/autogen.yml b/tests/integration/targets/gcp_compute_image/tasks/autogen.yml index e44f0102..72b1fa31 100644 --- a/tests/integration/targets/gcp_compute_image/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_image/tasks/autogen.yml @@ -30,7 +30,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a image google.cloud.gcp_compute_image: name: "{{ resource_name }}" @@ -72,7 +72,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a image google.cloud.gcp_compute_image: name: "{{ resource_name }}" @@ -114,7 +114,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a disk diff --git a/tests/integration/targets/gcp_compute_instance/tasks/autogen.yml b/tests/integration/targets/gcp_compute_instance/tasks/autogen.yml index fbec1e16..863da290 100644 --- a/tests/integration/targets/gcp_compute_instance/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_instance/tasks/autogen.yml @@ -70,7 +70,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a instance google.cloud.gcp_compute_instance: name: "{{ resource_name }}" @@ -153,7 +153,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a instance google.cloud.gcp_compute_instance: name: "{{ resource_name }}" @@ -236,7 +236,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a address diff --git a/tests/integration/targets/gcp_compute_instance/tasks/gvnic.yml b/tests/integration/targets/gcp_compute_instance/tasks/gvnic.yml new file mode 100644 index 00000000..bc5db37c --- /dev/null +++ b/tests/integration/targets/gcp_compute_instance/tasks/gvnic.yml @@ -0,0 +1,76 @@ +--- +- name: Debug + ansible.builtin.debug: + msg: "Testing {{ item.key }} scenario" + +- name: Test GVNIC scenarios + block: + - name: Create disk + google.cloud.gcp_compute_disk: + name: "{{ resource_prefix }}-{{ item.key }}" + size_gb: 50 + source_image: projects/rhel-cloud/global/images/rhel-9-v20250513 + zone: us-central1-a + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: _disk + + - name: Create instance + google.cloud.gcp_compute_instance: + name: "{{ resource_name }}-{{ item.key }}" + machine_type: n1-standard-1 + disks: + - auto_delete: "true" + boot: "true" + source: "{{ _disk }}" + network_interfaces: + - network: "{{ _network }}" + nic_type: "{{ item.value if item.value != 'default' else omit }}" + zone: us-central1-a + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: _result + + - name: Verify instance was created + google.cloud.gcp_compute_instance_info: + filters: + - name = {{ resource_name }}-{{ item.key }} + zone: us-central1-a + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + scopes: + - https://www.googleapis.com/auth/compute + register: _info + + # The default option won't expose nicType via API, param will be missing + - name: Pass assertions + ansible.builtin.assert: + that: + - _result.changed == true + - _result.networkInterfaces[0].nicType | default('default') == item.value + - _info.resources[0].networkInterfaces[0].nicType | default('default') == item.value + + always: + - name: Delete instance + google.cloud.gcp_compute_instance: + name: "{{ resource_name }}-{{ item.key }}" + machine_type: n1-standard-1 + zone: us-central1-a + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + + - name: Delete disk + google.cloud.gcp_compute_disk: + name: "{{ resource_prefix }}-{{ item.key }}" + zone: us-central1-a + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent diff --git a/tests/integration/targets/gcp_compute_instance/tasks/main.yml b/tests/integration/targets/gcp_compute_instance/tasks/main.yml index fe47378c..1cd682ce 100644 --- a/tests/integration/targets/gcp_compute_instance/tasks/main.yml +++ b/tests/integration/targets/gcp_compute_instance/tasks/main.yml @@ -1,3 +1,34 @@ --- - name: Generated tests ansible.builtin.include_tasks: autogen.yml + +- name: Test nic_type scenarios + block: + - name: Create network + google.cloud.gcp_compute_network: + name: "{{ resource_prefix }}" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + auto_create_subnetworks: true + state: present + register: _network + + - name: Loop over testcase + ansible.builtin.include_tasks: gvnic.yml + loop: "{{ testcases | dict2items }}" + vars: + testcases: + gvnic: GVNIC + virtio: VIRTIO_NET + default: default + + always: + - name: Delete network + google.cloud.gcp_compute_network: + name: "{{ resource_prefix }}" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + auto_create_subnetworks: true + state: absent diff --git a/tests/integration/targets/gcp_compute_instance_group/tasks/autogen.yml b/tests/integration/targets/gcp_compute_instance_group/tasks/autogen.yml index 340c8ca0..59932abf 100644 --- a/tests/integration/targets/gcp_compute_instance_group/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_instance_group/tasks/autogen.yml @@ -34,7 +34,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a instance group google.cloud.gcp_compute_instance_group: name: "{{ resource_name }}" @@ -85,7 +85,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a instance group google.cloud.gcp_compute_instance_group: name: "{{ resource_name }}" @@ -136,7 +136,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a network diff --git a/tests/integration/targets/gcp_compute_instance_group_manager/tasks/autogen.yml b/tests/integration/targets/gcp_compute_instance_group_manager/tasks/autogen.yml index a60441e2..6c6f0dda 100644 --- a/tests/integration/targets/gcp_compute_instance_group_manager/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_instance_group_manager/tasks/autogen.yml @@ -63,7 +63,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a instance group manager google.cloud.gcp_compute_instance_group_manager: name: "{{ resource_name }}" @@ -112,7 +112,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a instance group manager google.cloud.gcp_compute_instance_group_manager: name: "{{ resource_name }}" @@ -161,7 +161,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a instance template diff --git a/tests/integration/targets/gcp_compute_instance_template/tasks/autogen.yml b/tests/integration/targets/gcp_compute_instance_template/tasks/autogen.yml index 72fb8098..6db4c44b 100644 --- a/tests/integration/targets/gcp_compute_instance_template/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_instance_template/tasks/autogen.yml @@ -51,7 +51,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a instance template google.cloud.gcp_compute_instance_template: name: "{{ resource_name }}" @@ -117,7 +117,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a instance template google.cloud.gcp_compute_instance_template: name: "{{ resource_name }}" @@ -183,7 +183,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a address diff --git a/tests/integration/targets/gcp_compute_network/tasks/autogen.yml b/tests/integration/targets/gcp_compute_network/tasks/autogen.yml index b887e2b1..f4b7a053 100644 --- a/tests/integration/targets/gcp_compute_network/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_network/tasks/autogen.yml @@ -21,7 +21,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a network google.cloud.gcp_compute_network: name: "{{ resource_name }}" @@ -63,7 +63,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a network google.cloud.gcp_compute_network: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_compute_network_endpoint_group/tasks/autogen.yml b/tests/integration/targets/gcp_compute_network_endpoint_group/tasks/autogen.yml index 81f46d27..fd55eee9 100644 --- a/tests/integration/targets/gcp_compute_network_endpoint_group/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_network_endpoint_group/tasks/autogen.yml @@ -44,7 +44,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a network endpoint group google.cloud.gcp_compute_network_endpoint_group: name: "{{ resource_name }}" @@ -93,7 +93,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a network endpoint group google.cloud.gcp_compute_network_endpoint_group: name: "{{ resource_name }}" @@ -142,7 +142,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a subnetwork diff --git a/tests/integration/targets/gcp_compute_node_group/tasks/autogen.yml b/tests/integration/targets/gcp_compute_node_group/tasks/autogen.yml index 25d46afa..2ccf5146 100644 --- a/tests/integration/targets/gcp_compute_node_group/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_node_group/tasks/autogen.yml @@ -34,7 +34,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a node group google.cloud.gcp_compute_node_group: name: "{{ resource_name }}" @@ -83,7 +83,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a node group google.cloud.gcp_compute_node_group: name: "{{ resource_name }}" @@ -132,7 +132,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a node template diff --git a/tests/integration/targets/gcp_compute_node_template/tasks/autogen.yml b/tests/integration/targets/gcp_compute_node_template/tasks/autogen.yml index f21ce636..944fefa6 100644 --- a/tests/integration/targets/gcp_compute_node_template/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_node_template/tasks/autogen.yml @@ -22,7 +22,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a node template google.cloud.gcp_compute_node_template: name: "{{ resource_name }}" @@ -67,7 +67,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a node template google.cloud.gcp_compute_node_template: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_compute_region_autoscaler/tasks/autogen.yml b/tests/integration/targets/gcp_compute_region_autoscaler/tasks/autogen.yml index 5a986a9f..03df99ee 100644 --- a/tests/integration/targets/gcp_compute_region_autoscaler/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_region_autoscaler/tasks/autogen.yml @@ -79,7 +79,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a region autoscaler google.cloud.gcp_compute_region_autoscaler: name: my-region-autoscaler @@ -136,7 +136,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a region autoscaler google.cloud.gcp_compute_region_autoscaler: name: my-region-autoscaler @@ -193,7 +193,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a region instance group manager diff --git a/tests/integration/targets/gcp_compute_region_backend_service/tasks/autogen.yml b/tests/integration/targets/gcp_compute_region_backend_service/tasks/autogen.yml index beb644a7..7267a924 100644 --- a/tests/integration/targets/gcp_compute_region_backend_service/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_region_backend_service/tasks/autogen.yml @@ -39,7 +39,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a region backend service google.cloud.gcp_compute_region_backend_service: name: "{{ resource_name }}" @@ -92,7 +92,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a region backend service google.cloud.gcp_compute_region_backend_service: name: "{{ resource_name }}" @@ -145,7 +145,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a health check diff --git a/tests/integration/targets/gcp_compute_region_disk/tasks/autogen.yml b/tests/integration/targets/gcp_compute_region_disk/tasks/autogen.yml index 1b04a50d..fc75b5fa 100644 --- a/tests/integration/targets/gcp_compute_region_disk/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_region_disk/tasks/autogen.yml @@ -27,7 +27,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a region disk google.cloud.gcp_compute_region_disk: name: "{{ resource_name }}" @@ -82,7 +82,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a region disk google.cloud.gcp_compute_region_disk: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_compute_region_health_check/tasks/autogen.yml b/tests/integration/targets/gcp_compute_region_health_check/tasks/autogen.yml index badcfb84..63fdc2e1 100644 --- a/tests/integration/targets/gcp_compute_region_health_check/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_region_health_check/tasks/autogen.yml @@ -29,7 +29,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a region health check google.cloud.gcp_compute_region_health_check: name: "{{ resource_name }}" @@ -88,7 +88,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a region health check google.cloud.gcp_compute_region_health_check: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_compute_region_instance_group_manager/tasks/autogen.yml b/tests/integration/targets/gcp_compute_region_instance_group_manager/tasks/autogen.yml index e6064642..5a285414 100644 --- a/tests/integration/targets/gcp_compute_region_instance_group_manager/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_region_instance_group_manager/tasks/autogen.yml @@ -63,7 +63,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a region instance group manager google.cloud.gcp_compute_region_instance_group_manager: name: "{{ resource_name }}" @@ -112,7 +112,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a region instance group manager google.cloud.gcp_compute_region_instance_group_manager: name: "{{ resource_name }}" @@ -161,7 +161,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a instance template diff --git a/tests/integration/targets/gcp_compute_region_target_http_proxy/tasks/autogen.yml b/tests/integration/targets/gcp_compute_region_target_http_proxy/tasks/autogen.yml index 9c1da53d..1c7927f4 100644 --- a/tests/integration/targets/gcp_compute_region_target_http_proxy/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_region_target_http_proxy/tasks/autogen.yml @@ -44,7 +44,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a region target HTTP proxy google.cloud.gcp_compute_region_target_http_proxy: name: "{{ resource_name }}" @@ -89,7 +89,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a region target HTTP proxy google.cloud.gcp_compute_region_target_http_proxy: name: "{{ resource_name }}" @@ -134,7 +134,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a URL map diff --git a/tests/integration/targets/gcp_compute_region_target_https_proxy/tasks/autogen.yml b/tests/integration/targets/gcp_compute_region_target_https_proxy/tasks/autogen.yml index ac02c562..198d5642 100644 --- a/tests/integration/targets/gcp_compute_region_target_https_proxy/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_region_target_https_proxy/tasks/autogen.yml @@ -102,7 +102,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a region target HTTPS proxy google.cloud.gcp_compute_region_target_https_proxy: name: "{{ resource_name }}" @@ -151,7 +151,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a region target HTTPS proxy google.cloud.gcp_compute_region_target_https_proxy: name: "{{ resource_name }}" @@ -200,7 +200,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a SSL certificate diff --git a/tests/integration/targets/gcp_compute_region_url_map/tasks/autogen.yml b/tests/integration/targets/gcp_compute_region_url_map/tasks/autogen.yml index 1cbfae96..f859cb4d 100644 --- a/tests/integration/targets/gcp_compute_region_url_map/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_region_url_map/tasks/autogen.yml @@ -33,7 +33,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a region URL map google.cloud.gcp_compute_region_url_map: name: "{{ resource_name }}" @@ -78,7 +78,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a region URL map google.cloud.gcp_compute_region_url_map: name: "{{ resource_name }}" @@ -123,7 +123,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a region backend service diff --git a/tests/integration/targets/gcp_compute_reservation/tasks/autogen.yml b/tests/integration/targets/gcp_compute_reservation/tasks/autogen.yml index 7663bf5b..aba1e6a2 100644 --- a/tests/integration/targets/gcp_compute_reservation/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_reservation/tasks/autogen.yml @@ -26,7 +26,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a reservation google.cloud.gcp_compute_reservation: name: "{{ resource_name }}" @@ -79,7 +79,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a reservation google.cloud.gcp_compute_reservation: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_compute_resource_policy/tasks/autogen.yml b/tests/integration/targets/gcp_compute_resource_policy/tasks/autogen.yml index 86647db0..4bc6393c 100644 --- a/tests/integration/targets/gcp_compute_resource_policy/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_resource_policy/tasks/autogen.yml @@ -26,7 +26,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a resource policy google.cloud.gcp_compute_resource_policy: name: "{{ resource_name }}" @@ -79,7 +79,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a resource policy google.cloud.gcp_compute_resource_policy: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_compute_route/tasks/autogen.yml b/tests/integration/targets/gcp_compute_route/tasks/autogen.yml index 347c503c..27139828 100644 --- a/tests/integration/targets/gcp_compute_route/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_route/tasks/autogen.yml @@ -35,7 +35,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a route google.cloud.gcp_compute_route: name: "{{ resource_name }}" @@ -106,7 +106,7 @@ ansible.builtin.assert: that: - result.changed == true -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a route google.cloud.gcp_compute_route: name: "{{ resource_name }}" @@ -158,7 +158,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a network diff --git a/tests/integration/targets/gcp_compute_router/tasks/autogen.yml b/tests/integration/targets/gcp_compute_router/tasks/autogen.yml index 07acc693..a69ef79f 100644 --- a/tests/integration/targets/gcp_compute_router/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_router/tasks/autogen.yml @@ -39,7 +39,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a router google.cloud.gcp_compute_router: name: "{{ resource_name }}" @@ -100,7 +100,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a router google.cloud.gcp_compute_router: name: "{{ resource_name }}" @@ -161,7 +161,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a network diff --git a/tests/integration/targets/gcp_compute_snapshot/tasks/autogen.yml b/tests/integration/targets/gcp_compute_snapshot/tasks/autogen.yml index 435284e0..6df909ae 100644 --- a/tests/integration/targets/gcp_compute_snapshot/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_snapshot/tasks/autogen.yml @@ -33,7 +33,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a snapshot google.cloud.gcp_compute_snapshot: name: "{{ resource_name }}" @@ -81,7 +81,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a snapshot google.cloud.gcp_compute_snapshot: name: "{{ resource_name }}" @@ -129,7 +129,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a disk diff --git a/tests/integration/targets/gcp_compute_ssl_certificate/tasks/autogen.yml b/tests/integration/targets/gcp_compute_ssl_certificate/tasks/autogen.yml index 9d36683d..a3bb3fe8 100644 --- a/tests/integration/targets/gcp_compute_ssl_certificate/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_ssl_certificate/tasks/autogen.yml @@ -45,7 +45,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a SSL certificate google.cloud.gcp_compute_ssl_certificate: name: "{{ resource_name }}" @@ -135,7 +135,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a SSL certificate google.cloud.gcp_compute_ssl_certificate: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_compute_ssl_policy/tasks/autogen.yml b/tests/integration/targets/gcp_compute_ssl_policy/tasks/autogen.yml index adbba9f3..71fa905f 100644 --- a/tests/integration/targets/gcp_compute_ssl_policy/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_ssl_policy/tasks/autogen.yml @@ -25,7 +25,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a SSL policy google.cloud.gcp_compute_ssl_policy: name: "{{ resource_name }}" @@ -75,7 +75,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a SSL policy google.cloud.gcp_compute_ssl_policy: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_compute_subnetwork/tasks/autogen.yml b/tests/integration/targets/gcp_compute_subnetwork/tasks/autogen.yml index 6849ccac..48f5d33c 100644 --- a/tests/integration/targets/gcp_compute_subnetwork/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_subnetwork/tasks/autogen.yml @@ -32,7 +32,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a subnetwork google.cloud.gcp_compute_subnetwork: name: ansiblenet @@ -79,7 +79,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a subnetwork google.cloud.gcp_compute_subnetwork: name: ansiblenet @@ -126,7 +126,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a network diff --git a/tests/integration/targets/gcp_compute_target_http_proxy/tasks/autogen.yml b/tests/integration/targets/gcp_compute_target_http_proxy/tasks/autogen.yml index 1c48c9db..b9010246 100644 --- a/tests/integration/targets/gcp_compute_target_http_proxy/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_target_http_proxy/tasks/autogen.yml @@ -64,7 +64,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a target HTTP proxy google.cloud.gcp_compute_target_http_proxy: name: "{{ resource_name }}" @@ -106,7 +106,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a target HTTP proxy google.cloud.gcp_compute_target_http_proxy: name: "{{ resource_name }}" @@ -148,7 +148,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a URL map diff --git a/tests/integration/targets/gcp_compute_target_https_proxy/tasks/autogen.yml b/tests/integration/targets/gcp_compute_target_https_proxy/tasks/autogen.yml index 5731d087..a0084870 100644 --- a/tests/integration/targets/gcp_compute_target_https_proxy/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_target_https_proxy/tasks/autogen.yml @@ -99,7 +99,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a target HTTPS proxy google.cloud.gcp_compute_target_https_proxy: name: "{{ resource_name }}" @@ -145,7 +145,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a target HTTPS proxy google.cloud.gcp_compute_target_https_proxy: name: "{{ resource_name }}" @@ -191,7 +191,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a SSL certificate diff --git a/tests/integration/targets/gcp_compute_target_instance/tasks/autogen.yml b/tests/integration/targets/gcp_compute_target_instance/tasks/autogen.yml index 74a01f61..51e3cf7c 100644 --- a/tests/integration/targets/gcp_compute_target_instance/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_target_instance/tasks/autogen.yml @@ -50,7 +50,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a target instance google.cloud.gcp_compute_target_instance: name: target @@ -95,7 +95,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a target instance google.cloud.gcp_compute_target_instance: name: target @@ -140,7 +140,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a instance diff --git a/tests/integration/targets/gcp_compute_target_pool/tasks/autogen.yml b/tests/integration/targets/gcp_compute_target_pool/tasks/autogen.yml index 59a46d21..38248817 100644 --- a/tests/integration/targets/gcp_compute_target_pool/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_target_pool/tasks/autogen.yml @@ -21,7 +21,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a target pool google.cloud.gcp_compute_target_pool: name: "{{ resource_name }}" @@ -64,7 +64,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a target pool google.cloud.gcp_compute_target_pool: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_compute_target_ssl_proxy/tasks/autogen.yml b/tests/integration/targets/gcp_compute_target_ssl_proxy/tasks/autogen.yml index 6142ec91..eaf99aca 100644 --- a/tests/integration/targets/gcp_compute_target_ssl_proxy/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_target_ssl_proxy/tasks/autogen.yml @@ -94,7 +94,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a target SSL proxy google.cloud.gcp_compute_target_ssl_proxy: name: "{{ resource_name }}" @@ -140,7 +140,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a target SSL proxy google.cloud.gcp_compute_target_ssl_proxy: name: "{{ resource_name }}" @@ -186,7 +186,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a SSL certificate diff --git a/tests/integration/targets/gcp_compute_target_tcp_proxy/tasks/autogen.yml b/tests/integration/targets/gcp_compute_target_tcp_proxy/tasks/autogen.yml index 82e3e551..005d6550 100644 --- a/tests/integration/targets/gcp_compute_target_tcp_proxy/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_target_tcp_proxy/tasks/autogen.yml @@ -60,7 +60,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a target TCP proxy google.cloud.gcp_compute_target_tcp_proxy: name: "{{ resource_name }}" @@ -104,7 +104,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a target TCP proxy google.cloud.gcp_compute_target_tcp_proxy: name: "{{ resource_name }}" @@ -148,7 +148,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a backend service diff --git a/tests/integration/targets/gcp_compute_target_vpn_gateway/tasks/autogen.yml b/tests/integration/targets/gcp_compute_target_vpn_gateway/tasks/autogen.yml index a14a1493..c8753a84 100644 --- a/tests/integration/targets/gcp_compute_target_vpn_gateway/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_target_vpn_gateway/tasks/autogen.yml @@ -40,7 +40,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a target vpn gateway google.cloud.gcp_compute_target_vpn_gateway: name: "{{ resource_name }}" @@ -85,7 +85,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a target vpn gateway google.cloud.gcp_compute_target_vpn_gateway: name: "{{ resource_name }}" @@ -130,7 +130,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a network diff --git a/tests/integration/targets/gcp_compute_url_map/tasks/autogen.yml b/tests/integration/targets/gcp_compute_url_map/tasks/autogen.yml index ead14fef..8f398653 100644 --- a/tests/integration/targets/gcp_compute_url_map/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_url_map/tasks/autogen.yml @@ -55,7 +55,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a URL map google.cloud.gcp_compute_url_map: name: "{{ resource_name }}" @@ -97,7 +97,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a URL map google.cloud.gcp_compute_url_map: name: "{{ resource_name }}" @@ -139,7 +139,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a backend service diff --git a/tests/integration/targets/gcp_compute_vpn_tunnel/tasks/autogen.yml b/tests/integration/targets/gcp_compute_vpn_tunnel/tasks/autogen.yml index 79d4e055..c4a3c44d 100644 --- a/tests/integration/targets/gcp_compute_vpn_tunnel/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_vpn_tunnel/tasks/autogen.yml @@ -158,7 +158,7 @@ service_account_file: "{{ gcp_cred_file | default(omit) }}" peer_ip: "{{ address.address }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a vpn tunnel google.cloud.gcp_compute_vpn_tunnel: name: "{{ resource_name }}" @@ -209,7 +209,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a vpn tunnel google.cloud.gcp_compute_vpn_tunnel: name: "{{ resource_name }}" @@ -260,7 +260,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown - name: Delete a UDP-4500 forwarding rule google.cloud.gcp_compute_forwarding_rule: diff --git a/tests/integration/targets/gcp_container_cluster/tasks/autogen.yml b/tests/integration/targets/gcp_container_cluster/tasks/autogen.yml index f3c1d127..9c7f9f76 100644 --- a/tests/integration/targets/gcp_container_cluster/tasks/autogen.yml +++ b/tests/integration/targets/gcp_container_cluster/tasks/autogen.yml @@ -25,7 +25,7 @@ auth_kind: serviceaccount service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a cluster google.cloud.gcp_container_cluster: name: my-cluster @@ -74,7 +74,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a cluster google.cloud.gcp_container_cluster: name: my-cluster diff --git a/tests/integration/targets/gcp_container_node_pool/tasks/autogen.yml b/tests/integration/targets/gcp_container_node_pool/tasks/autogen.yml index 84fe978a..734707eb 100644 --- a/tests/integration/targets/gcp_container_node_pool/tasks/autogen.yml +++ b/tests/integration/targets/gcp_container_node_pool/tasks/autogen.yml @@ -33,7 +33,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a node pool google.cloud.gcp_container_node_pool: name: my-pool @@ -79,7 +79,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a node pool google.cloud.gcp_container_node_pool: name: my-pool @@ -125,7 +125,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a cluster diff --git a/tests/integration/targets/gcp_dns_managed_zone/tasks/autogen.yml b/tests/integration/targets/gcp_dns_managed_zone/tasks/autogen.yml index 2e7b2bfb..6e16c494 100644 --- a/tests/integration/targets/gcp_dns_managed_zone/tasks/autogen.yml +++ b/tests/integration/targets/gcp_dns_managed_zone/tasks/autogen.yml @@ -22,7 +22,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a managed zone google.cloud.gcp_dns_managed_zone: name: "{{ resource_name }}" @@ -65,7 +65,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a managed zone google.cloud.gcp_dns_managed_zone: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_dns_resource_record_set/tasks/autogen.yml b/tests/integration/targets/gcp_dns_resource_record_set/tasks/autogen.yml index c8ca5354..5c6ba660 100644 --- a/tests/integration/targets/gcp_dns_resource_record_set/tasks/autogen.yml +++ b/tests/integration/targets/gcp_dns_resource_record_set/tasks/autogen.yml @@ -36,7 +36,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a resource record set google.cloud.gcp_dns_resource_record_set: name: www.testzone-4.com. @@ -87,7 +87,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a resource record set google.cloud.gcp_dns_resource_record_set: name: www.testzone-4.com. @@ -138,7 +138,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a managed zone diff --git a/tests/integration/targets/gcp_filestore_instance/tasks/autogen.yml b/tests/integration/targets/gcp_filestore_instance/tasks/autogen.yml index 20a7bde7..581af9d2 100644 --- a/tests/integration/targets/gcp_filestore_instance/tasks/autogen.yml +++ b/tests/integration/targets/gcp_filestore_instance/tasks/autogen.yml @@ -29,7 +29,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a instance google.cloud.gcp_filestore_instance: name: "{{ resource_name }}" @@ -86,7 +86,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a instance google.cloud.gcp_filestore_instance: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_iam_role/tasks/autogen.yml b/tests/integration/targets/gcp_iam_role/tasks/autogen.yml index d4afe357..c2737f86 100644 --- a/tests/integration/targets/gcp_iam_role/tasks/autogen.yml +++ b/tests/integration/targets/gcp_iam_role/tasks/autogen.yml @@ -26,7 +26,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a role google.cloud.gcp_iam_role: name: "{{ resource_prefix[0:30].replace('-', '_') }}" @@ -96,7 +96,7 @@ ansible.builtin.assert: that: - result.changed == true -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a role google.cloud.gcp_iam_role: name: "{{ resource_prefix[0:30].replace('-', '_') }}" diff --git a/tests/integration/targets/gcp_iam_service_account/tasks/autogen.yml b/tests/integration/targets/gcp_iam_service_account/tasks/autogen.yml index 9a4106dc..d4273cb6 100644 --- a/tests/integration/targets/gcp_iam_service_account/tasks/autogen.yml +++ b/tests/integration/targets/gcp_iam_service_account/tasks/autogen.yml @@ -21,7 +21,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a service account google.cloud.gcp_iam_service_account: name: service-{{ resource_name.split("-")[-1] }}@{{ gcp_project }}.iam.gserviceaccount.com @@ -62,7 +62,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a service account google.cloud.gcp_iam_service_account: name: service-{{ resource_name.split("-")[-1] }}@{{ gcp_project }}.iam.gserviceaccount.com diff --git a/tests/integration/targets/gcp_kms_crypto_key/tasks/autogen.yml b/tests/integration/targets/gcp_kms_crypto_key/tasks/autogen.yml index 0e270778..96a63699 100644 --- a/tests/integration/targets/gcp_kms_crypto_key/tasks/autogen.yml +++ b/tests/integration/targets/gcp_kms_crypto_key/tasks/autogen.yml @@ -30,7 +30,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a crypto key google.cloud.gcp_kms_crypto_key: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_kms_key_ring/tasks/autogen.yml b/tests/integration/targets/gcp_kms_key_ring/tasks/autogen.yml index b0af43c1..1555647c 100644 --- a/tests/integration/targets/gcp_kms_key_ring/tasks/autogen.yml +++ b/tests/integration/targets/gcp_kms_key_ring/tasks/autogen.yml @@ -21,7 +21,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a key ring google.cloud.gcp_kms_key_ring: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_logging_metric/tasks/autogen.yml b/tests/integration/targets/gcp_logging_metric/tasks/autogen.yml index 90a77b05..0d34f20a 100644 --- a/tests/integration/targets/gcp_logging_metric/tasks/autogen.yml +++ b/tests/integration/targets/gcp_logging_metric/tasks/autogen.yml @@ -37,7 +37,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a metric google.cloud.gcp_logging_metric: name: "{{ resource_name }}" @@ -109,7 +109,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a metric google.cloud.gcp_logging_metric: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_mlengine_model/tasks/autogen.yml b/tests/integration/targets/gcp_mlengine_model/tasks/autogen.yml index 619a49c1..0e7f01a0 100644 --- a/tests/integration/targets/gcp_mlengine_model/tasks/autogen.yml +++ b/tests/integration/targets/gcp_mlengine_model/tasks/autogen.yml @@ -23,7 +23,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a model google.cloud.gcp_mlengine_model: name: "{{ resource_name | replace('-', '_') }}" @@ -67,7 +67,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a model google.cloud.gcp_mlengine_model: name: "{{ resource_name | replace('-', '_') }}" diff --git a/tests/integration/targets/gcp_mlengine_version/tasks/autogen.yml b/tests/integration/targets/gcp_mlengine_version/tasks/autogen.yml index d68bad0b..d97aa73c 100644 --- a/tests/integration/targets/gcp_mlengine_version/tasks/autogen.yml +++ b/tests/integration/targets/gcp_mlengine_version/tasks/autogen.yml @@ -38,7 +38,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a version google.cloud.gcp_mlengine_version: name: "{{ resource_name | replace('-', '_') }}" @@ -87,7 +87,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a version google.cloud.gcp_mlengine_version: name: "{{ resource_name | replace('-', '_') }}" @@ -136,7 +136,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a model diff --git a/tests/integration/targets/gcp_parameter_manager/aliases b/tests/integration/targets/gcp_parameter_manager/aliases new file mode 100644 index 00000000..0e4419e3 --- /dev/null +++ b/tests/integration/targets/gcp_parameter_manager/aliases @@ -0,0 +1 @@ +cloud/gcp \ No newline at end of file diff --git a/tests/integration/targets/gcp_parameter_manager/defaults/main.yml b/tests/integration/targets/gcp_parameter_manager/defaults/main.yml new file mode 100644 index 00000000..61fa8b04 --- /dev/null +++ b/tests/integration/targets/gcp_parameter_manager/defaults/main.yml @@ -0,0 +1,3 @@ +--- +resource_name: "{{ resource_prefix }}" +lookup_resource_name: "{{ resource_prefix }}_lookup" diff --git a/tests/integration/targets/gcp_parameter_manager/meta/main.yml b/tests/integration/targets/gcp_parameter_manager/meta/main.yml new file mode 100644 index 00000000..e69de29b diff --git a/tests/integration/targets/gcp_parameter_manager/tasks/main.yml b/tests/integration/targets/gcp_parameter_manager/tasks/main.yml new file mode 100644 index 00000000..5083cdee --- /dev/null +++ b/tests/integration/targets/gcp_parameter_manager/tasks/main.yml @@ -0,0 +1,9 @@ +--- +- name: Parameters tests + ansible.builtin.include_tasks: parameters.yml +- name: Regional Parameters tests + ansible.builtin.include_tasks: regionalparameters.yml +- name: Parameters lookup tests + ansible.builtin.include_tasks: parameterslookup.yml +- name: Regional Parameters lookup tests + ansible.builtin.include_tasks: regionalparameterslookup.yml diff --git a/tests/integration/targets/gcp_parameter_manager/tasks/parameters.yml b/tests/integration/targets/gcp_parameter_manager/tasks/parameters.yml new file mode 100644 index 00000000..38f7c13f --- /dev/null +++ b/tests/integration/targets/gcp_parameter_manager/tasks/parameters.yml @@ -0,0 +1,343 @@ +# Copyright 2025 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +# Pre-test setup +- name: Delete the test parameter if it exists + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent +# ---------------------------------------------------------- +- name: Create a parameter + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Create a parameter with version + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-1" + version: "test_version" + value: "ansible-test-parameter-value" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Create a parameter with labels + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-2" + version: "test_version" + value: "ansible-test-parameter-value" + labels: + key1: "val1" + key2: "val2" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Create a parameter with format + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-3" + version: "test_version" + format: JSON + value: "{\"key\":\"ansible-test-parameter-value\"}" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Create a parameter with format and labels + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-4" + version: "test_version" + value: "{\"key\":\"ansible-test-parameter-value\"}" + labels: + key1: "val1" + key2: "val2" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Create a parameter that already exists + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-1" + version: "test_version" + value: "ansible-test-parameter-value" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is false + ansible.builtin.assert: + that: + - result.changed == false +# ---------------------------------------------------------- +- name: Add a new version to a parameter + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}" + version: "test_version" + value: "ansible-test-parameter-value-updated" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Add a new version to a parameter with same version name but different value + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}" + version: "test_version" + value: "ansible-test-parameter-value-new-updated" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Add a new version to a parameter with same value but different version name + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}" + version: "test_version_1" + value: "ansible-test-parameter-value-updated" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Add a version that exists to a parameter + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}" + project: "{{ gcp_project }}" + version: "test_version" + value: "ansible-test-parameter-value-new-updated" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is false + ansible.builtin.assert: + that: + - result.changed == false +# ---------------------------------------------------------- +- name: Ensure the parameter version exists + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}" + version: "test_version" + value: "ansible-test-parameter-value-new-updated" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is false + ansible.builtin.assert: + that: + - result.changed == false +# ---------------------------------------------------------- +# CLEANUP +# ---------------------------------------------------------- +- name: Delete the parameter version + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}" + version: "test_version_1" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the parameter version + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}" + version: "test_version" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the parameter + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the parameter version + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-1" + version: "test_version" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the parameter + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-1" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the parameter version with labels + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-2" + version: "test_version" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the parameter with labels + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-2" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the parameter version with format + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-3" + version: "test_version" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the parameter with format + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-3" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the parameter version with format and labels + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-4" + version: "test_version" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the parameter with format and labels + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-4" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true diff --git a/tests/integration/targets/gcp_parameter_manager/tasks/parameterslookup.yml b/tests/integration/targets/gcp_parameter_manager/tasks/parameterslookup.yml new file mode 100644 index 00000000..d352a7e9 --- /dev/null +++ b/tests/integration/targets/gcp_parameter_manager/tasks/parameterslookup.yml @@ -0,0 +1,108 @@ +# Copyright 2025 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +# Pre-test setup +- name: Delete the test parameter if it exists + google.cloud.gcp_parameter_manager: + name: "{{ lookup_resource_name }}" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent +- name: Create a parameter + google.cloud.gcp_parameter_manager: + name: "{{ lookup_resource_name }}" + version: "test_version" + value: "ansible lookup test parameter value" + labels: + key1: "val1" + key2: "val2" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present +- name: Add a new version to a parameter + google.cloud.gcp_parameter_manager: + name: "{{ lookup_resource_name }}" + version: "test_version_1" + value: "ansible lookup test parameter value updated" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present +# ---------------------------------------------------------- +- name: Retrieve the latest parameter version of a parameter + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_parameter_manager', key=lookup_resource_name, project=gcp_project, auth_kind=gcp_cred_kind, service_account_file=gcp_cred_file | default(omit)) }}" + register: result +- name: Assert parameter value + ansible.builtin.assert: + that: + - result.msg == "ansible lookup test parameter value updated" +# ---------------------------------------------------------- +- name: Retrieve the specified parameter version of a parameter + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_parameter_manager', key=lookup_resource_name, version='test_version', project=gcp_project, auth_kind=gcp_cred_kind, service_account_file=gcp_cred_file | default(omit)) }}" + register: result +- name: Assert parameter value + ansible.builtin.assert: + that: + - result.msg == "ansible lookup test parameter value" +# --------------------------------------------------------- +- name: Render the latest parameter version of a parameter + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_parameter_manager', key=lookup_resource_name, project=gcp_project, auth_kind=gcp_cred_kind, render_secret=True, service_account_file=gcp_cred_file | default(omit)) }}" + register: result +- name: Assert parameter value + ansible.builtin.assert: + that: + - result.msg == "ansible lookup test parameter value updated" +# ---------------------------------------------------------- +- name: Render the specified parameter version of a parameter + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_parameter_manager', key=lookup_resource_name, version='test_version', project=gcp_project, auth_kind=gcp_cred_kind, render_secret=True, service_account_file=gcp_cred_file | default(omit)) }}" + register: result +- name: Assert parameter value + ansible.builtin.assert: + that: + - result.msg == "ansible lookup test parameter value" +# --------------------------------------------------------- +# Post-test teardown +# If errors happen, don't crash the playbook! +- name: Delete the test parameter version + google.cloud.gcp_parameter_manager: + name: "{{ lookup_resource_name }}" + project: "{{ gcp_project }}" + version: "test_version" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + ignore_errors: true +- name: Delete the test parameter version + google.cloud.gcp_parameter_manager: + name: "{{ lookup_resource_name }}" + project: "{{ gcp_project }}" + version: "test_version_1" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + ignore_errors: true +- name: Delete the test parameter + google.cloud.gcp_parameter_manager: + name: "{{ lookup_resource_name }}" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + ignore_errors: true diff --git a/tests/integration/targets/gcp_parameter_manager/tasks/regionalparameters.yml b/tests/integration/targets/gcp_parameter_manager/tasks/regionalparameters.yml new file mode 100644 index 00000000..45066850 --- /dev/null +++ b/tests/integration/targets/gcp_parameter_manager/tasks/regionalparameters.yml @@ -0,0 +1,366 @@ +# Copyright 2025 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +# Pre-test setup +- name: Delete the test parameter if it exists + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}" + project: "{{ gcp_project }}" + location: "us-central1" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent +# ---------------------------------------------------------- +- name: Create a parameter + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}" + project: "{{ gcp_project }}" + location: "us-central1" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Create a parameter with version + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-1" + version: "test_version" + value: "ansible-test-parameter-value" + location: "us-central1" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Create a parameter with lables + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-2" + location: "us-central1" + version: "test_version" + value: "ansible-test-parameter-value" + labels: + key1: "val1" + key2: "val2" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Create a parameter with format + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-3" + location: "us-central1" + version: "test_version" + format: JSON + value: "{\"key\":\"ansible-test-parameter-value\"}" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Create a parameter with format and lables + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-4" + version: "test_version" + location: "us-central1" + value: "{\"key\":\"ansible-test-parameter-value\"}" + labels: + key1: "val1" + key2: "val2" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Create a parameter that already exists + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-1" + version: "test_version" + location: "us-central1" + value: "ansible-test-parameter-value" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is false + ansible.builtin.assert: + that: + - result.changed == false +# ---------------------------------------------------------- +- name: Add a new version to a parameter + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}" + version: "test_version" + location: "us-central1" + value: "ansible-test-parameter-value-updated" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Add a new version to a parameter with same version name but different value + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}" + version: "test_version" + location: "us-central1" + value: "ansible-test-parameter-value-new-updated" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Add a new version to a parameter with same value but different version name + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}" + location: "us-central1" + version: "test_version_1" + value: "ansible-test-parameter-value-updated" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Add a version that exists to a parameter + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}" + location: "us-central1" + project: "{{ gcp_project }}" + version: "test_version" + value: "ansible-test-parameter-value-new-updated" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is false + ansible.builtin.assert: + that: + - result.changed == false +# ---------------------------------------------------------- +- name: Ensure the parameter version exists + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}" + location: "us-central1" + version: "test_version" + value: "ansible-test-parameter-value-new-updated" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is false + ansible.builtin.assert: + that: + - result.changed == false +# ---------------------------------------------------------- +# CLEANUP +# ---------------------------------------------------------- +- name: Delete the parameter version + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}" + location: "us-central1" + version: "test_version_1" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the parameter version + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}" + location: "us-central1" + version: "test_version" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the parameter + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}" + location: "us-central1" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the parameter version + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-1" + location: "us-central1" + version: "test_version" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the parameter + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-1" + location: "us-central1" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the parameter version with labels + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-2" + location: "us-central1" + version: "test_version" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the parameter with labels + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-2" + location: "us-central1" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the parameter version with format + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-3" + location: "us-central1" + version: "test_version" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the parameter with format + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-3" + location: "us-central1" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the parameter version with format and labels + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-4" + location: "us-central1" + version: "test_version" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the parameter with format and labels + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-4" + location: "us-central1" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true diff --git a/tests/integration/targets/gcp_parameter_manager/tasks/regionalparameterslookup.yml b/tests/integration/targets/gcp_parameter_manager/tasks/regionalparameterslookup.yml new file mode 100644 index 00000000..2cd3c745 --- /dev/null +++ b/tests/integration/targets/gcp_parameter_manager/tasks/regionalparameterslookup.yml @@ -0,0 +1,114 @@ +# Copyright 2025 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +# Pre-test setup +- name: Delete the test regional parameter if it exists + google.cloud.gcp_parameter_manager: + name: "{{ lookup_resource_name }}" + project: "{{ gcp_project }}" + location: "us-central1" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent +- name: Create a regional parameter + google.cloud.gcp_parameter_manager: + name: "{{ lookup_resource_name }}" + version: "test_version" + value: "ansible lookup test regional parameter value" + labels: + key1: "val1" + key2: "val2" + project: "{{ gcp_project }}" + location: "us-central1" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present +- name: Add a new version to a regional parameter + google.cloud.gcp_parameter_manager: + name: "{{ lookup_resource_name }}" + version: "test_version_1" + value: "ansible lookup test regional parameter value updated" + project: "{{ gcp_project }}" + location: "us-central1" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present +# ---------------------------------------------------------- +- name: Retrieve the latest regional parameter version of a regional parameter + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_parameter_manager', key=lookup_resource_name, project=gcp_project, location='us-central1', auth_kind=gcp_cred_kind, service_account_file=gcp_cred_file | default(omit)) }}" + register: result +- name: Assert regional parameter value + ansible.builtin.assert: + that: + - result.msg == "ansible lookup test regional parameter value updated" +# ---------------------------------------------------------- +- name: Retrieve the specified regional parameter version of a regional parameter + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_parameter_manager', key=lookup_resource_name, version='test_version', location='us-central1', project=gcp_project, auth_kind=gcp_cred_kind, service_account_file=gcp_cred_file | default(omit)) }}" + register: result +- name: Assert regional parameter value + ansible.builtin.assert: + that: + - result.msg == "ansible lookup test regional parameter value" +# --------------------------------------------------------- +- name: Render the latest regional parameter version of a regional parameter + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_parameter_manager', key=lookup_resource_name, project=gcp_project, location='us-central1', auth_kind=gcp_cred_kind, render_secret=True, service_account_file=gcp_cred_file | default(omit)) }}" + register: result +- name: Assert regional parameter value + ansible.builtin.assert: + that: + - result.msg == "ansible lookup test regional parameter value updated" +# ---------------------------------------------------------- +- name: Render the specified regional parameter version of a regional parameter + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_parameter_manager', key=lookup_resource_name, version='test_version', location='us-central1', project=gcp_project, auth_kind=gcp_cred_kind, render_secret=True, service_account_file=gcp_cred_file | default(omit)) }}" + register: result +- name: Assert regional parameter value + ansible.builtin.assert: + that: + - result.msg == "ansible lookup test regional parameter value" +# --------------------------------------------------------- +# Post-test teardown +# If errors happen, don't crash the playbook! +- name: Delete the test regional parameter version + google.cloud.gcp_parameter_manager: + name: "{{ lookup_resource_name }}" + version: "test_version" + project: "{{ gcp_project }}" + location: "us-central1" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + ignore_errors: true +- name: Delete the test regional parameter version + google.cloud.gcp_parameter_manager: + name: "{{ lookup_resource_name }}" + version: "test_version_1" + project: "{{ gcp_project }}" + location: "us-central1" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + ignore_errors: true +- name: Delete the test regional parameter + google.cloud.gcp_parameter_manager: + name: "{{ lookup_resource_name }}" + project: "{{ gcp_project }}" + location: "us-central1" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + ignore_errors: true diff --git a/tests/integration/targets/gcp_pubsub_subscription/tasks/autogen.yml b/tests/integration/targets/gcp_pubsub_subscription/tasks/autogen.yml index 395f50ac..8f93c733 100644 --- a/tests/integration/targets/gcp_pubsub_subscription/tasks/autogen.yml +++ b/tests/integration/targets/gcp_pubsub_subscription/tasks/autogen.yml @@ -37,7 +37,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a subscription google.cloud.gcp_pubsub_subscription: name: "{{ resource_name }}" @@ -79,7 +79,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Update a subscription google.cloud.gcp_pubsub_subscription: name: "{{ resource_name }}" @@ -94,7 +94,7 @@ ansible.builtin.assert: that: - result.changed == true -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Update cloudStorageConfig of a subscription that already exists google.cloud.gcp_pubsub_subscription: name: "{{ resource_name }}" @@ -118,7 +118,7 @@ ansible.builtin.assert: that: - result.changed == true -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a subscription google.cloud.gcp_pubsub_subscription: name: "{{ resource_name }}" @@ -160,7 +160,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a topic diff --git a/tests/integration/targets/gcp_pubsub_topic/tasks/autogen.yml b/tests/integration/targets/gcp_pubsub_topic/tasks/autogen.yml index d9f3cd3d..c95face9 100644 --- a/tests/integration/targets/gcp_pubsub_topic/tasks/autogen.yml +++ b/tests/integration/targets/gcp_pubsub_topic/tasks/autogen.yml @@ -20,7 +20,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a topic google.cloud.gcp_pubsub_topic: name: test-topic1 @@ -58,7 +58,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a topic google.cloud.gcp_pubsub_topic: name: test-topic1 diff --git a/tests/integration/targets/gcp_redis_instance/tasks/autogen.yml b/tests/integration/targets/gcp_redis_instance/tasks/autogen.yml index cea48d6b..fde94955 100644 --- a/tests/integration/targets/gcp_redis_instance/tasks/autogen.yml +++ b/tests/integration/targets/gcp_redis_instance/tasks/autogen.yml @@ -39,7 +39,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a instance google.cloud.gcp_redis_instance: name: instance37 @@ -98,7 +98,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a instance google.cloud.gcp_redis_instance: name: instance37 @@ -157,7 +157,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a network diff --git a/tests/integration/targets/gcp_resourcemanager_project/tasks/autogen.yml b/tests/integration/targets/gcp_resourcemanager_project/tasks/autogen.yml index 5545d0ed..3c28f98c 100644 --- a/tests/integration/targets/gcp_resourcemanager_project/tasks/autogen.yml +++ b/tests/integration/targets/gcp_resourcemanager_project/tasks/autogen.yml @@ -23,7 +23,7 @@ type: folder id: "{{ gcp_folder_id }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a project google.cloud.gcp_resourcemanager_project: name: "{{ resource_prefix[0:30] }}" @@ -73,7 +73,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a project google.cloud.gcp_resourcemanager_project: name: "{{ resource_prefix[0:30] }}" diff --git a/tests/integration/targets/gcp_runtimeconfig_config/tasks/autogen.yml b/tests/integration/targets/gcp_runtimeconfig_config/tasks/autogen.yml index 3eebf1be..517d2fea 100644 --- a/tests/integration/targets/gcp_runtimeconfig_config/tasks/autogen.yml +++ b/tests/integration/targets/gcp_runtimeconfig_config/tasks/autogen.yml @@ -21,7 +21,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a config google.cloud.gcp_runtimeconfig_config: name: "{{ resource_name }}" @@ -61,7 +61,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a config google.cloud.gcp_runtimeconfig_config: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_runtimeconfig_variable/tasks/autogen.yml b/tests/integration/targets/gcp_runtimeconfig_variable/tasks/autogen.yml index 4a790dce..804f905d 100644 --- a/tests/integration/targets/gcp_runtimeconfig_variable/tasks/autogen.yml +++ b/tests/integration/targets/gcp_runtimeconfig_variable/tasks/autogen.yml @@ -31,7 +31,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a variable google.cloud.gcp_runtimeconfig_variable: name: prod-variables/hostname @@ -74,7 +74,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a variable google.cloud.gcp_runtimeconfig_variable: name: prod-variables/hostname @@ -117,7 +117,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a config diff --git a/tests/integration/targets/gcp_secret_manager/aliases b/tests/integration/targets/gcp_secret_manager/aliases new file mode 100644 index 00000000..0e4419e3 --- /dev/null +++ b/tests/integration/targets/gcp_secret_manager/aliases @@ -0,0 +1 @@ +cloud/gcp \ No newline at end of file diff --git a/tests/integration/targets/gcp_secret_manager/defaults/main.yml b/tests/integration/targets/gcp_secret_manager/defaults/main.yml new file mode 100644 index 00000000..61fa8b04 --- /dev/null +++ b/tests/integration/targets/gcp_secret_manager/defaults/main.yml @@ -0,0 +1,3 @@ +--- +resource_name: "{{ resource_prefix }}" +lookup_resource_name: "{{ resource_prefix }}_lookup" diff --git a/tests/integration/targets/gcp_secret_manager/meta/main.yml b/tests/integration/targets/gcp_secret_manager/meta/main.yml new file mode 100644 index 00000000..e69de29b diff --git a/tests/integration/targets/gcp_secret_manager/tasks/main.yml b/tests/integration/targets/gcp_secret_manager/tasks/main.yml new file mode 100644 index 00000000..37aace00 --- /dev/null +++ b/tests/integration/targets/gcp_secret_manager/tasks/main.yml @@ -0,0 +1,9 @@ +--- +- name: Secrets tests + ansible.builtin.include_tasks: secrets.yml +- name: Secrets lookup tests + ansible.builtin.include_tasks: secretslookup.yml +- name: Regional Secrets tests + ansible.builtin.include_tasks: regionalsecrets.yml +- name: Regional Secrets lookup tests + ansible.builtin.include_tasks: regionalsecretslookup.yml diff --git a/tests/integration/targets/gcp_secret_manager/tasks/regionalsecrets.yml b/tests/integration/targets/gcp_secret_manager/tasks/regionalsecrets.yml new file mode 100644 index 00000000..02abbe35 --- /dev/null +++ b/tests/integration/targets/gcp_secret_manager/tasks/regionalsecrets.yml @@ -0,0 +1,146 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +# Pre-test setup +- name: Delete the regional test secret if it exists + google.cloud.gcp_secret_manager: + name: "{{ resource_name }}" + version: "all" + location: "us-central1" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent +# ---------------------------------------------------------- +- name: Create a regional secret + google.cloud.gcp_secret_manager: + name: "{{ resource_name }}" + location: "us-central1" + value: "ansible-test-regional-secret-value" + labels: + key1: "val1" + key2: "val2" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Create a regional secret that already exists + google.cloud.gcp_secret_manager: + name: "{{ resource_name }}" + location: "us-central1" + value: "ansible-test-regional-secret-value" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is false + ansible.builtin.assert: + that: + - result.changed == false +# ---------------------------------------------------------- +- name: Add a new version to a regional secret + google.cloud.gcp_secret_manager: + name: "{{ resource_name }}" + location: "us-central1" + value: "ansible-test-regional-secret-value-updated" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Add a version that exists to a regional secret + google.cloud.gcp_secret_manager: + name: "{{ resource_name }}" + location: "us-central1" + value: "ansible-test-regional-secret-value-updated" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is false + ansible.builtin.assert: + that: + - result.changed == false +# ---------------------------------------------------------- +- name: Ensure the regional secret exists + google.cloud.gcp_secret_manager: + name: "{{ resource_name }}" + location: "us-central1" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is false + ansible.builtin.assert: + that: + - result.changed == false +# ---------------------------------------------------------- +- name: Delete the regional secret version + google.cloud.gcp_secret_manager: + name: "{{ resource_name }}" + location: "us-central1" + version: "1" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the regional secret + google.cloud.gcp_secret_manager: + name: "{{ resource_name }}" + location: "us-central1" + version: "all" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the regional secret that does not exist + google.cloud.gcp_secret_manager: + name: "{{ resource_name }}" + location: "us-central1" + version: "all" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is false + ansible.builtin.assert: + that: + - result.changed == false diff --git a/tests/integration/targets/gcp_secret_manager/tasks/regionalsecretslookup.yml b/tests/integration/targets/gcp_secret_manager/tasks/regionalsecretslookup.yml new file mode 100644 index 00000000..1a9c3a52 --- /dev/null +++ b/tests/integration/targets/gcp_secret_manager/tasks/regionalsecretslookup.yml @@ -0,0 +1,76 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +# Pre-test setup +- name: Delete the regional test secret if it exists + google.cloud.gcp_secret_manager: + name: "{{ lookup_resource_name }}" + version: "all" + location: "us-central1" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent +- name: Create a regional secret + google.cloud.gcp_secret_manager: + name: "{{ lookup_resource_name }}" + location: "us-central1" + value: "ansible lookup test regional secret value" + labels: + key1: "val1" + key2: "val2" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present +- name: Add a new version to a regional secret + google.cloud.gcp_secret_manager: + name: "{{ lookup_resource_name }}" + location: "us-central1" + value: "ansible lookup test regional secret value updated" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present +# ---------------------------------------------------------- +- name: Retrieve the latest secret version of a regional secret + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_secret_manager', key=lookup_resource_name, location='us-central1', project=gcp_project, auth_kind=gcp_cred_kind, service_account_file=gcp_cred_file | default(omit)) }}" + register: result +- name: Assert secret value + ansible.builtin.assert: + that: + - result.msg == "ansible lookup test regional secret value updated" +# ---------------------------------------------------------- +- name: Retrieve the specified secret version of a regional secret + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_secret_manager', key=lookup_resource_name, location='us-central1', version='1', project=gcp_project, auth_kind=gcp_cred_kind, service_account_file=gcp_cred_file | default(omit)) }}" + register: result +- name: Assert secret value + ansible.builtin.assert: + that: + - result.msg == "ansible lookup test regional secret value" +# --------------------------------------------------------- +# Post-test teardown +# If errors happen, don't crash the playbook! +- name: Delete the regional test secret + google.cloud.gcp_secret_manager: + name: "{{ lookup_resource_name }}" + location: "us-central1" + version: "all" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + ignore_errors: true diff --git a/tests/integration/targets/gcp_secret_manager/tasks/secrets.yml b/tests/integration/targets/gcp_secret_manager/tasks/secrets.yml new file mode 100644 index 00000000..16d656db --- /dev/null +++ b/tests/integration/targets/gcp_secret_manager/tasks/secrets.yml @@ -0,0 +1,137 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +# Pre-test setup +- name: Delete the test secret if it exists + google.cloud.gcp_secret_manager: + name: "{{ resource_name }}" + version: "all" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent +# ---------------------------------------------------------- +- name: Create a secret + google.cloud.gcp_secret_manager: + name: "{{ resource_name }}" + value: "ansible-test-secret-value" + labels: + key1: "val1" + key2: "val2" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Create a secret that already exists + google.cloud.gcp_secret_manager: + name: "{{ resource_name }}" + value: "ansible-test-secret-value" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is false + ansible.builtin.assert: + that: + - result.changed == false +# ---------------------------------------------------------- +- name: Add a new version to a secret + google.cloud.gcp_secret_manager: + name: "{{ resource_name }}" + value: "ansible-test-secret-value-updated" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Add a version that exists to a secret + google.cloud.gcp_secret_manager: + name: "{{ resource_name }}" + value: "ansible-test-secret-value-updated" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is false + ansible.builtin.assert: + that: + - result.changed == false +# ---------------------------------------------------------- +- name: Ensure the secret exists + google.cloud.gcp_secret_manager: + name: "{{ resource_name }}" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is false + ansible.builtin.assert: + that: + - result.changed == false +# ---------------------------------------------------------- +- name: Delete the secret version + google.cloud.gcp_secret_manager: + name: "{{ resource_name }}" + version: "1" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the secret + google.cloud.gcp_secret_manager: + name: "{{ resource_name }}" + version: "all" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the secret that does not exist + google.cloud.gcp_secret_manager: + name: "{{ resource_name }}" + version: "all" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is false + ansible.builtin.assert: + that: + - result.changed == false diff --git a/tests/integration/targets/gcp_secret_manager/tasks/secretslookup.yml b/tests/integration/targets/gcp_secret_manager/tasks/secretslookup.yml new file mode 100644 index 00000000..2ba9c2f3 --- /dev/null +++ b/tests/integration/targets/gcp_secret_manager/tasks/secretslookup.yml @@ -0,0 +1,72 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +# Pre-test setup +- name: Delete the test secret if it exists + google.cloud.gcp_secret_manager: + name: "{{ lookup_resource_name }}" + version: "all" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent +- name: Create a secret + google.cloud.gcp_secret_manager: + name: "{{ lookup_resource_name }}" + value: "ansible lookup test secret value" + labels: + key1: "val1" + key2: "val2" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present +- name: Add a new version to a secret + google.cloud.gcp_secret_manager: + name: "{{ lookup_resource_name }}" + value: "ansible lookup test secret value updated" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present +# ---------------------------------------------------------- +- name: Retrieve the latest secret version of a secret + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_secret_manager', key=lookup_resource_name, project=gcp_project, auth_kind=gcp_cred_kind, service_account_file=gcp_cred_file | default(omit)) }}" + register: result +- name: Assert secret value + ansible.builtin.assert: + that: + - result.msg == "ansible lookup test secret value updated" +# ---------------------------------------------------------- +- name: Retrieve the specified secret version of a secret + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_secret_manager', key=lookup_resource_name, version='1', project=gcp_project, auth_kind=gcp_cred_kind, service_account_file=gcp_cred_file | default(omit)) }}" + register: result +- name: Assert secret value + ansible.builtin.assert: + that: + - result.msg == "ansible lookup test secret value" +# --------------------------------------------------------- +# Post-test teardown +# If errors happen, don't crash the playbook! +- name: Delete the test secret + google.cloud.gcp_secret_manager: + name: "{{ lookup_resource_name }}" + version: "all" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + ignore_errors: true diff --git a/tests/integration/targets/gcp_serviceusage_service/tasks/autogen.yml b/tests/integration/targets/gcp_serviceusage_service/tasks/autogen.yml index 666da8f6..88b146e8 100644 --- a/tests/integration/targets/gcp_serviceusage_service/tasks/autogen.yml +++ b/tests/integration/targets/gcp_serviceusage_service/tasks/autogen.yml @@ -20,7 +20,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a service google.cloud.gcp_serviceusage_service: name: alloydb.googleapis.com @@ -58,7 +58,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a service google.cloud.gcp_serviceusage_service: name: alloydb.googleapis.com diff --git a/tests/integration/targets/gcp_sourcerepo_repository/tasks/autogen.yml b/tests/integration/targets/gcp_sourcerepo_repository/tasks/autogen.yml index 0bc80581..857e3f9b 100644 --- a/tests/integration/targets/gcp_sourcerepo_repository/tasks/autogen.yml +++ b/tests/integration/targets/gcp_sourcerepo_repository/tasks/autogen.yml @@ -20,7 +20,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a repository google.cloud.gcp_sourcerepo_repository: name: "{{ resource_name }}" @@ -58,7 +58,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a repository google.cloud.gcp_sourcerepo_repository: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_spanner_database/tasks/autogen.yml b/tests/integration/targets/gcp_spanner_database/tasks/autogen.yml index a3aa4cca..cc1258f7 100644 --- a/tests/integration/targets/gcp_spanner_database/tasks/autogen.yml +++ b/tests/integration/targets/gcp_spanner_database/tasks/autogen.yml @@ -34,7 +34,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a database google.cloud.gcp_spanner_database: name: webstore @@ -75,7 +75,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a database google.cloud.gcp_spanner_database: name: webstore @@ -120,7 +120,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a instance diff --git a/tests/integration/targets/gcp_spanner_instance/tasks/autogen.yml b/tests/integration/targets/gcp_spanner_instance/tasks/autogen.yml index daae5c89..f69f2364 100644 --- a/tests/integration/targets/gcp_spanner_instance/tasks/autogen.yml +++ b/tests/integration/targets/gcp_spanner_instance/tasks/autogen.yml @@ -25,7 +25,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a instance google.cloud.gcp_spanner_instance: name: testinstance @@ -73,7 +73,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a instance google.cloud.gcp_spanner_instance: name: testinstance diff --git a/tests/integration/targets/gcp_sql_database/tasks/autogen.yml b/tests/integration/targets/gcp_sql_database/tasks/autogen.yml index a84096fb..1b55bbbe 100644 --- a/tests/integration/targets/gcp_sql_database/tasks/autogen.yml +++ b/tests/integration/targets/gcp_sql_database/tasks/autogen.yml @@ -37,7 +37,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a database google.cloud.gcp_sql_database: name: "{{ resource_name }}" @@ -80,7 +80,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a database google.cloud.gcp_sql_database: name: "{{ resource_name }}" @@ -123,7 +123,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a instance diff --git a/tests/integration/targets/gcp_sql_instance/tasks/autogen.yml b/tests/integration/targets/gcp_sql_instance/tasks/autogen.yml index c57de05a..32434af9 100644 --- a/tests/integration/targets/gcp_sql_instance/tasks/autogen.yml +++ b/tests/integration/targets/gcp_sql_instance/tasks/autogen.yml @@ -27,7 +27,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a instance google.cloud.gcp_sql_instance: name: "{{ resource_name }}-2" @@ -79,7 +79,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a instance google.cloud.gcp_sql_instance: name: "{{ resource_name }}-2" diff --git a/tests/integration/targets/gcp_sql_ssl_cert/tasks/autogen.yml b/tests/integration/targets/gcp_sql_ssl_cert/tasks/autogen.yml index c24746df..bf89c4a2 100644 --- a/tests/integration/targets/gcp_sql_ssl_cert/tasks/autogen.yml +++ b/tests/integration/targets/gcp_sql_ssl_cert/tasks/autogen.yml @@ -38,7 +38,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create an SSL cert google.cloud.gcp_sql_ssl_cert: common_name: "{{ resource_name }}" @@ -67,7 +67,7 @@ ansible.builtin.assert: that: - updates.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete an SSL cert google.cloud.gcp_sql_ssl_cert: common_name: "{{ resource_name }}" @@ -83,7 +83,7 @@ ansible.builtin.assert: that: - result.changed == true -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a instance diff --git a/tests/integration/targets/gcp_sql_user/tasks/autogen.yml b/tests/integration/targets/gcp_sql_user/tasks/autogen.yml index 0a820cf5..a9bbb858 100644 --- a/tests/integration/targets/gcp_sql_user/tasks/autogen.yml +++ b/tests/integration/targets/gcp_sql_user/tasks/autogen.yml @@ -38,7 +38,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a user google.cloud.gcp_sql_user: name: test-user @@ -83,7 +83,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a user google.cloud.gcp_sql_user: name: test-user @@ -128,7 +128,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a instance diff --git a/tests/integration/targets/gcp_storage_bucket/tasks/autogen.yml b/tests/integration/targets/gcp_storage_bucket/tasks/autogen.yml index f5ccacab..9ac71255 100644 --- a/tests/integration/targets/gcp_storage_bucket/tasks/autogen.yml +++ b/tests/integration/targets/gcp_storage_bucket/tasks/autogen.yml @@ -20,7 +20,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a bucket google.cloud.gcp_storage_bucket: name: "{{ resource_name }}" @@ -46,7 +46,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a bucket google.cloud.gcp_storage_bucket: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_storage_bucket_access_control/tasks/autogen.yml b/tests/integration/targets/gcp_storage_bucket_access_control/tasks/autogen.yml index 762e0f6c..a3ef2784 100644 --- a/tests/integration/targets/gcp_storage_bucket_access_control/tasks/autogen.yml +++ b/tests/integration/targets/gcp_storage_bucket_access_control/tasks/autogen.yml @@ -30,7 +30,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a bucket access control google.cloud.gcp_storage_bucket_access_control: bucket: "{{ bucket }}" @@ -60,7 +60,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a bucket access control google.cloud.gcp_storage_bucket_access_control: bucket: "{{ bucket }}" @@ -90,7 +90,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a bucket diff --git a/tests/integration/targets/gcp_storage_default_object_acl/tasks/autogen.yml b/tests/integration/targets/gcp_storage_default_object_acl/tasks/autogen.yml index 6f436843..c330abff 100644 --- a/tests/integration/targets/gcp_storage_default_object_acl/tasks/autogen.yml +++ b/tests/integration/targets/gcp_storage_default_object_acl/tasks/autogen.yml @@ -30,7 +30,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a default object acl google.cloud.gcp_storage_default_object_acl: bucket: "{{ bucket }}" @@ -60,7 +60,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a default object acl google.cloud.gcp_storage_default_object_acl: bucket: "{{ bucket }}" @@ -90,7 +90,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a bucket diff --git a/tests/integration/targets/gcp_storage_object/tasks/main.yml b/tests/integration/targets/gcp_storage_object/tasks/main.yml index 4d6d31f3..81995409 100644 --- a/tests/integration/targets/gcp_storage_object/tasks/main.yml +++ b/tests/integration/targets/gcp_storage_object/tasks/main.yml @@ -12,7 +12,7 @@ ansible.builtin.copy: content: Ansible GCS test file dest: "{{ upload_temp.path }}" - mode: 0644 + mode: "0644" - name: Create a bucket google.cloud.gcp_storage_bucket: name: "{{ resource_name }}" @@ -21,7 +21,7 @@ service_account_file: "{{ gcp_cred_file | default(omit) }}" state: present register: bucket -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Upload the object to gcs google.cloud.gcp_storage_object: action: upload diff --git a/tests/integration/targets/gcp_tpu_node/tasks/autogen.yml b/tests/integration/targets/gcp_tpu_node/tasks/autogen.yml index 196aa6a9..85768983 100644 --- a/tests/integration/targets/gcp_tpu_node/tasks/autogen.yml +++ b/tests/integration/targets/gcp_tpu_node/tasks/autogen.yml @@ -24,7 +24,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a node google.cloud.gcp_tpu_node: name: "{{ resource_name }}" @@ -71,7 +71,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a node google.cloud.gcp_tpu_node: name: "{{ resource_name }}" diff --git a/tests/integration/targets/inventory_gce/aliases b/tests/integration/targets/inventory_gce/aliases new file mode 100644 index 00000000..0e4419e3 --- /dev/null +++ b/tests/integration/targets/inventory_gce/aliases @@ -0,0 +1 @@ +cloud/gcp \ No newline at end of file diff --git a/tests/integration/targets/inventory_gce/playbooks/setup.yml b/tests/integration/targets/inventory_gce/playbooks/setup.yml new file mode 100644 index 00000000..78fbf3cd --- /dev/null +++ b/tests/integration/targets/inventory_gce/playbooks/setup.yml @@ -0,0 +1,51 @@ +--- +- name: Setup test suite + hosts: localhost + connection: local + gather_facts: false + vars_files: + - ../vars.yml + tasks: + - name: SETUP | Create network + google.cloud.gcp_compute_network: + name: "{{ prefix }}" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file }}" + auto_create_subnetworks: true + state: present + register: _network + + - name: SETUP | Create disks + google.cloud.gcp_compute_disk: + name: "{{ prefix }}-{{ item.name }}" + size_gb: 20 + zone: "{{ gcp_zone }}" + project: "{{ gcp_project }}" + service_account_file: "{{ gcp_cred_file }}" + source_image: "{{ gcp_disk_image }}" + auth_kind: "{{ gcp_cred_kind }}" + state: present + register: _disks + loop: "{{ sut }}" + + - name: SETUP | Create instance + google.cloud.gcp_compute_instance: + name: "{{ prefix }}-{{ item.name }}" + machine_type: n1-standard-1 + disks: + - auto_delete: true + boot: true + source: "{{ _disks.results[idx] }}" + network_interfaces: + - network: "{{ _network }}" + labels: "{{ item.labels | default({}) }}" + hostname: "{{ item.hostname | default(omit) }}" + zone: "{{ gcp_zone }}" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file }}" + state: present + loop: "{{ sut }}" + loop_control: + index_var: idx diff --git a/tests/integration/targets/inventory_gce/playbooks/teardown.yml b/tests/integration/targets/inventory_gce/playbooks/teardown.yml new file mode 100644 index 00000000..44cf14c4 --- /dev/null +++ b/tests/integration/targets/inventory_gce/playbooks/teardown.yml @@ -0,0 +1,38 @@ +--- +- name: Teardown test suite + hosts: localhost + connection: local + gather_facts: false + vars_files: + - ../vars.yml + tasks: + - name: TEARDOWN | Delete instance # noqa: ignore-errors + google.cloud.gcp_compute_instance: + name: "{{ prefix }}-{{ item.name }}" + zone: "{{ gcp_zone }}" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file }}" + state: absent + loop: "{{ sut }}" + ignore_errors: true # try to delete as much as possible + + - name: TEARDOWN | Delete disk # noqa: ignore-errors + google.cloud.gcp_compute_disk: + name: "{{ prefix }}-{{ item.name }}" + zone: "{{ gcp_zone }}" + project: "{{ gcp_project }}" + service_account_file: "{{ gcp_cred_file }}" + source_image: "{{ gcp_disk_image }}" + auth_kind: "{{ gcp_cred_kind }}" + state: absent + loop: "{{ sut }}" + ignore_errors: true # try to delete as much as possible + + - name: TEARDOWN | Delete network + google.cloud.gcp_compute_network: + name: "{{ prefix }}" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file }}" + state: absent diff --git a/tests/integration/targets/inventory_gce/playbooks/test.yml b/tests/integration/targets/inventory_gce/playbooks/test.yml new file mode 100644 index 00000000..25feba39 --- /dev/null +++ b/tests/integration/targets/inventory_gce/playbooks/test.yml @@ -0,0 +1,30 @@ +--- +- name: Test + hosts: localhost + connection: local + gather_facts: false + vars_files: + - ../vars.yml + tasks: + - name: TEST | render inventory file + ansible.builtin.copy: + dest: "../{{ inventory_filename }}" + content: "{{ lookup('template', '../templates/inventory.yml.j2') }}" + mode: preserve + + - name: TEST | slurp + ansible.builtin.slurp: + src: "../{{ inventory_filename }}" + register: _inv + + - name: TEST | debug + ansible.builtin.debug: + msg: "{{ _inv.content | b64decode }}" + verbosity: 3 + + - name: TEST | refresh inventory + ansible.builtin.meta: refresh_inventory + + - name: TEST | run test case + ansible.builtin.include_tasks: + file: "../testcase_{{ testcase }}.yml" diff --git a/tests/integration/targets/inventory_gce/runme.sh b/tests/integration/targets/inventory_gce/runme.sh new file mode 100755 index 00000000..175dab85 --- /dev/null +++ b/tests/integration/targets/inventory_gce/runme.sh @@ -0,0 +1,28 @@ +#!/usr/bin/env bash + +set -eux + +# test infra +ansible-playbook playbooks/setup.yml "$@" + +export ANSIBLE_INVENTORY=test.gcp_compute.yml + +RC=0 +# we want to run teardown regardless of playbook exit status, so catch the +# exit code of ansible-playbook manually +set +e +for ts in testcase_*.yml; +do + testcase=$( basename "$ts" | sed -e 's/testcase_//' | sed -e 's/.yml//' ) + ansible-playbook playbooks/test.yml "$@" --extra-vars "testcase=${testcase}" + RC=$? + test $RC -ne 0 && break +done +set -e + +unset ANSIBLE_INVENTORY + +# delete test infra +ansible-playbook playbooks/teardown.yml "$@" + +exit $RC diff --git a/tests/integration/targets/inventory_gce/templates/inventory.yml.j2 b/tests/integration/targets/inventory_gce/templates/inventory.yml.j2 new file mode 100644 index 00000000..ff0d3ec0 --- /dev/null +++ b/tests/integration/targets/inventory_gce/templates/inventory.yml.j2 @@ -0,0 +1,27 @@ +--- +plugin: google.cloud.gcp_compute + +zones: +{{ gcp_zones | to_nice_yaml }} +projects: +- {{ gcp_project }} + +auth_kind: {{ gcp_cred_kind }} + +service_account_file: {{ gcp_cred_file }} + +scopes: +- 'https://www.googleapis.com/auth/cloud-platform' +- 'https://www.googleapis.com/auth/compute.readonly' + +keyed_groups: +- prefix: gcp + key: labels + +name_suffix: .{{ prefix }}.com + +filters: +{{ testcases[testcase]['filters'] | default(testcases['basic']['filters']) | default([]) | to_nice_yaml }} + +hostnames: +{{ testcases[testcase]['hostnames'] | default(testcases['basic']['hostnames']) | default([]) | to_nice_yaml }} diff --git a/tests/integration/targets/inventory_gce/test.gcp_compute.yml b/tests/integration/targets/inventory_gce/test.gcp_compute.yml new file mode 100644 index 00000000..7c6a5ed2 --- /dev/null +++ b/tests/integration/targets/inventory_gce/test.gcp_compute.yml @@ -0,0 +1 @@ +# keep empty diff --git a/tests/integration/targets/inventory_gce/testcase_basic.yml b/tests/integration/targets/inventory_gce/testcase_basic.yml new file mode 100644 index 00000000..0f0841ee --- /dev/null +++ b/tests/integration/targets/inventory_gce/testcase_basic.yml @@ -0,0 +1,16 @@ +--- +- name: TEST | print hosts + ansible.builtin.debug: + var: groups + +- name: TEST | assert instances exist + ansible.builtin.assert: + that: + - groups['all'] | length > 0 + +- name: TEST | assert grouping works + ansible.builtin.assert: + that: + - groups['gcp_env_prod'] | length == 2 + - groups['gcp_cluster_db'] | length == 1 + - groups['gcp_cluster_web'] | length == 1 diff --git a/tests/integration/targets/inventory_gce/testcase_hostname.yml b/tests/integration/targets/inventory_gce/testcase_hostname.yml new file mode 100644 index 00000000..1bcf3224 --- /dev/null +++ b/tests/integration/targets/inventory_gce/testcase_hostname.yml @@ -0,0 +1,22 @@ +--- +- name: TEST | print hosts + ansible.builtin.debug: + var: groups + +- name: TEST | fetch instance info for vm1 + google.cloud.gcp_compute_instance_info: + filters: + - name = {{ prefix }}-vm1 + zone: "{{ gcp_zone }}" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file }}" + scopes: + - https://www.googleapis.com/auth/compute + register: _vm + +- name: TEST | compare API vs inventory hostnames + ansible.builtin.assert: + that: + - _vm.resources | length > 0 + - _vm.resources[0].hostname in groups['gcp_dns_static'] diff --git a/tests/integration/targets/inventory_gce/vars.yml b/tests/integration/targets/inventory_gce/vars.yml new file mode 100644 index 00000000..87e8d04d --- /dev/null +++ b/tests/integration/targets/inventory_gce/vars.yml @@ -0,0 +1,38 @@ +--- +gcp_region: us-central1 +gcp_zones: + - "{{ gcp_region }}-a" + - "{{ gcp_region }}-b" + - "{{ gcp_region }}-c" + - "{{ gcp_region }}-f" +gcp_zone: "{{ gcp_zones | first }}" +gcp_disk_image: projects/centos-cloud/global/images/centos-stream-9-v20250513 + +prefix: "{{ resource_prefix | default('d3adb33f') }}" +sut: + - name: vm1 + hostname: "vm1.static.{{ prefix }}.com" + labels: + dns: static + - name: vm2 + labels: + cluster: db + env: prod + - name: vm3 + labels: + cluster: web + env: prod + +testcase: basic +testcases: + basic: + filters: + - status = RUNNING + hostnames: + - name + hostname: + hostnames: + - hostname + - name + +inventory_filename: test.gcp_compute.yml