From 22804f0cdcdbdfb389ce7ca80ee216641f4deeaf Mon Sep 17 00:00:00 2001 From: Chris Hawk Date: Mon, 4 Nov 2024 10:18:57 -0800 Subject: [PATCH 01/51] Fix lint errors in the gcp_compute lookup plugin --- plugins/inventory/gcp_compute.py | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/plugins/inventory/gcp_compute.py b/plugins/inventory/gcp_compute.py index f4743b29..69fb4b72 100644 --- a/plugins/inventory/gcp_compute.py +++ b/plugins/inventory/gcp_compute.py @@ -7,7 +7,6 @@ __metaclass__ = type DOCUMENTATION = """ name: gcp_compute - plugin_type: inventory short_description: Google Cloud Compute Engine inventory source requirements: - requests >= 2.18.4 @@ -27,14 +26,17 @@ DOCUMENTATION = """ description: A list of regions in which to describe GCE instances. If none provided, it defaults to all zones available to a given project. type: list + elements: string folders: description: A folder that contains many projects type: list required: False + elements: string projects: description: A list of projects in which to describe GCE instances. type: list required: False + elements: string filters: description: > A list of filter value pairs. Available filters are listed here @@ -42,12 +44,14 @@ DOCUMENTATION = """ Each additional filter in the list will be added as an AND condition (filter1 and filter2) type: list + elements: string hostnames: description: A list of options that describe the ordering for which hostnames should be assigned. Currently supported hostnames are 'public_ip', 'private_ip', 'name' or 'labels.vm_name'. default: ['public_ip', 'private_ip', 'name'] type: list + elements: string name_suffix: description: Custom domain suffix. If set, this string will be appended to all hosts. default: "" @@ -63,6 +67,7 @@ DOCUMENTATION = """ scopes: description: list of authentication scopes type: list + elements: string default: ['https://www.googleapis.com/auth/compute'] env: - name: GCP_SCOPES From 78b36fe3b6097ca34eb1e9cd7c22e33330b54eb0 Mon Sep 17 00:00:00 2001 From: Chris Hawk Date: Mon, 4 Nov 2024 10:28:23 -0800 Subject: [PATCH 02/51] Fix lint errors in the gcp_secret_manager lookup plugin --- plugins/lookup/gcp_secret_manager.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/plugins/lookup/gcp_secret_manager.py b/plugins/lookup/gcp_secret_manager.py index b3eeaf93..14824a92 100644 --- a/plugins/lookup/gcp_secret_manager.py +++ b/plugins/lookup/gcp_secret_manager.py @@ -5,9 +5,8 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type DOCUMENTATION = ''' - author: - - Dave Costakos name: gcp_secret_manager + author: Dave Costakos (@davecostakos) short_description: Get Secrets from Google Cloud as a Lookup plugin description: - retrieve secret keys in Secret Manager for use in playbooks @@ -59,7 +58,7 @@ DOCUMENTATION = ''' description: - JSON Object representing the contents of a service_account_file obtained from Google Cloud - defaults to OS env variable GCP_SERVICE_ACCOUNT_INFO if not present - type: jsonarg + type: str required: False access_token: description: @@ -84,6 +83,7 @@ DOCUMENTATION = ''' description: - Authenticaiton scopes for Google Secret Manager type: list + elements: str default: ["https://www.googleapis.com/auth/cloud-platform"] ''' From 1a7d4e3cdaaa0f3f6816eb7cfecd0336328965b7 Mon Sep 17 00:00:00 2001 From: Chris Hawk Date: Tue, 5 Nov 2024 14:06:56 -0800 Subject: [PATCH 03/51] Add many no_log attributes --- plugins/modules/gcp_appengine_firewall_rule_info.py | 2 +- plugins/modules/gcp_bigquery_dataset_info.py | 2 +- plugins/modules/gcp_bigquery_table.py | 3 +++ plugins/modules/gcp_bigquery_table_info.py | 2 +- plugins/modules/gcp_bigtable_instance_info.py | 2 +- plugins/modules/gcp_cloudbuild_trigger.py | 12 ++++++++---- plugins/modules/gcp_cloudbuild_trigger_info.py | 2 +- .../gcp_cloudfunctions_cloud_function_info.py | 2 +- plugins/modules/gcp_cloudscheduler_job.py | 4 ++-- plugins/modules/gcp_cloudscheduler_job_info.py | 2 +- plugins/modules/gcp_cloudtasks_queue_info.py | 2 +- plugins/modules/gcp_compute_address_info.py | 2 +- plugins/modules/gcp_compute_autoscaler_info.py | 2 +- plugins/modules/gcp_compute_backend_bucket_info.py | 2 +- plugins/modules/gcp_compute_backend_service.py | 1 + plugins/modules/gcp_compute_backend_service_info.py | 2 +- plugins/modules/gcp_compute_disk.py | 12 +++++++++--- plugins/modules/gcp_compute_disk_info.py | 2 +- .../modules/gcp_compute_external_vpn_gateway_info.py | 2 +- plugins/modules/gcp_compute_firewall_info.py | 2 +- plugins/modules/gcp_compute_forwarding_rule_info.py | 2 +- plugins/modules/gcp_compute_global_address_info.py | 2 +- .../gcp_compute_global_forwarding_rule_info.py | 2 +- plugins/modules/gcp_compute_health_check_info.py | 2 +- .../modules/gcp_compute_http_health_check_info.py | 2 +- .../modules/gcp_compute_https_health_check_info.py | 2 +- plugins/modules/gcp_compute_image.py | 4 ++-- plugins/modules/gcp_compute_image_info.py | 2 +- plugins/modules/gcp_compute_instance.py | 6 ++++-- plugins/modules/gcp_compute_instance_group_info.py | 2 +- .../gcp_compute_instance_group_manager_info.py | 2 +- plugins/modules/gcp_compute_instance_info.py | 3 ++- plugins/modules/gcp_compute_instance_template.py | 6 ++++-- .../modules/gcp_compute_instance_template_info.py | 2 +- .../gcp_compute_interconnect_attachment_info.py | 2 +- .../gcp_compute_network_endpoint_group_info.py | 2 +- plugins/modules/gcp_compute_network_info.py | 2 +- plugins/modules/gcp_compute_node_group_info.py | 2 +- plugins/modules/gcp_compute_node_template_info.py | 2 +- .../modules/gcp_compute_region_autoscaler_info.py | 2 +- .../modules/gcp_compute_region_backend_service.py | 1 + .../gcp_compute_region_backend_service_info.py | 2 +- plugins/modules/gcp_compute_region_disk.py | 4 ++-- plugins/modules/gcp_compute_region_disk_info.py | 2 +- .../modules/gcp_compute_region_health_check_info.py | 2 +- ...gcp_compute_region_instance_group_manager_info.py | 2 +- .../gcp_compute_region_target_http_proxy_info.py | 2 +- .../gcp_compute_region_target_https_proxy_info.py | 2 +- plugins/modules/gcp_compute_region_url_map_info.py | 2 +- plugins/modules/gcp_compute_reservation_info.py | 2 +- plugins/modules/gcp_compute_resource_policy_info.py | 2 +- plugins/modules/gcp_compute_route_info.py | 2 +- plugins/modules/gcp_compute_router_info.py | 2 +- plugins/modules/gcp_compute_snapshot.py | 8 ++++++-- plugins/modules/gcp_compute_snapshot_info.py | 2 +- plugins/modules/gcp_compute_ssl_certificate_info.py | 2 +- plugins/modules/gcp_compute_ssl_policy_info.py | 2 +- plugins/modules/gcp_compute_subnetwork_info.py | 2 +- .../modules/gcp_compute_target_http_proxy_info.py | 2 +- .../modules/gcp_compute_target_https_proxy_info.py | 2 +- plugins/modules/gcp_compute_target_instance_info.py | 2 +- plugins/modules/gcp_compute_target_pool_info.py | 2 +- plugins/modules/gcp_compute_target_ssl_proxy_info.py | 2 +- plugins/modules/gcp_compute_target_tcp_proxy_info.py | 2 +- .../modules/gcp_compute_target_vpn_gateway_info.py | 2 +- plugins/modules/gcp_compute_url_map_info.py | 2 +- plugins/modules/gcp_compute_vpn_tunnel_info.py | 2 +- plugins/modules/gcp_container_cluster.py | 6 ++++-- plugins/modules/gcp_container_cluster_info.py | 2 +- plugins/modules/gcp_container_node_pool.py | 4 +++- plugins/modules/gcp_container_node_pool_info.py | 3 ++- plugins/modules/gcp_dns_managed_zone.py | 6 +++++- plugins/modules/gcp_dns_managed_zone_info.py | 2 +- plugins/modules/gcp_dns_resource_record_set_info.py | 2 +- plugins/modules/gcp_filestore_instance_info.py | 2 +- plugins/modules/gcp_iam_role_info.py | 2 +- plugins/modules/gcp_iam_service_account_info.py | 2 +- plugins/modules/gcp_kms_crypto_key.py | 2 +- plugins/modules/gcp_kms_crypto_key_info.py | 2 +- plugins/modules/gcp_kms_key_ring_info.py | 2 +- plugins/modules/gcp_logging_metric.py | 3 ++- plugins/modules/gcp_logging_metric_info.py | 2 +- plugins/modules/gcp_mlengine_model_info.py | 2 +- plugins/modules/gcp_mlengine_version_info.py | 2 +- plugins/modules/gcp_pubsub_subscription.py | 4 +++- plugins/modules/gcp_pubsub_subscription_info.py | 2 +- plugins/modules/gcp_pubsub_topic_info.py | 2 +- plugins/modules/gcp_redis_instance_info.py | 2 +- plugins/modules/gcp_resourcemanager_project_info.py | 2 +- plugins/modules/gcp_runtimeconfig_config_info.py | 2 +- plugins/modules/gcp_runtimeconfig_variable_info.py | 2 +- plugins/modules/gcp_serviceusage_service_info.py | 2 +- plugins/modules/gcp_sourcerepo_repository_info.py | 2 +- plugins/modules/gcp_spanner_database_info.py | 2 +- plugins/modules/gcp_spanner_instance_info.py | 2 +- plugins/modules/gcp_sql_database_info.py | 2 +- plugins/modules/gcp_sql_instance.py | 4 ++-- plugins/modules/gcp_sql_instance_info.py | 2 +- plugins/modules/gcp_sql_ssl_cert.py | 2 +- plugins/modules/gcp_sql_user.py | 2 +- plugins/modules/gcp_tpu_node_info.py | 2 +- 101 files changed, 147 insertions(+), 111 deletions(-) diff --git a/plugins/modules/gcp_appengine_firewall_rule_info.py b/plugins/modules/gcp_appengine_firewall_rule_info.py index 7206b157..ad9a22a9 100644 --- a/plugins/modules/gcp_appengine_firewall_rule_info.py +++ b/plugins/modules/gcp_appengine_firewall_rule_info.py @@ -150,7 +150,7 @@ import json def main(): - module = GcpModule(argument_spec=dict()) + module = GcpModule(argument_spec=dict(), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform'] diff --git a/plugins/modules/gcp_bigquery_dataset_info.py b/plugins/modules/gcp_bigquery_dataset_info.py index ca689a63..d972b37f 100644 --- a/plugins/modules/gcp_bigquery_dataset_info.py +++ b/plugins/modules/gcp_bigquery_dataset_info.py @@ -311,7 +311,7 @@ import json def main(): - module = GcpModule(argument_spec=dict()) + module = GcpModule(argument_spec=dict(), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/bigquery'] diff --git a/plugins/modules/gcp_bigquery_table.py b/plugins/modules/gcp_bigquery_table.py index b0021e21..5751cd35 100644 --- a/plugins/modules/gcp_bigquery_table.py +++ b/plugins/modules/gcp_bigquery_table.py @@ -253,6 +253,7 @@ options: data . required: false type: int + default: 0 source_format: description: - The data format. @@ -328,6 +329,7 @@ options: when reading the data. required: false type: int + default: 0 csv_options: description: - Additional properties to set if sourceFormat is set to CSV. @@ -368,6 +370,7 @@ options: when reading the data. required: false type: int + default: 0 bigtable_options: description: - Additional options if sourceFormat is set to BIGTABLE. diff --git a/plugins/modules/gcp_bigquery_table_info.py b/plugins/modules/gcp_bigquery_table_info.py index a67af959..40d0ae23 100644 --- a/plugins/modules/gcp_bigquery_table_info.py +++ b/plugins/modules/gcp_bigquery_table_info.py @@ -590,7 +590,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(dataset=dict(type='str'))) + module = GcpModule(argument_spec=dict(dataset=dict(type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/bigquery'] diff --git a/plugins/modules/gcp_bigtable_instance_info.py b/plugins/modules/gcp_bigtable_instance_info.py index 6c8f4160..5336f9e4 100644 --- a/plugins/modules/gcp_bigtable_instance_info.py +++ b/plugins/modules/gcp_bigtable_instance_info.py @@ -188,7 +188,7 @@ import json def main(): - module = GcpModule(argument_spec=dict()) + module = GcpModule(argument_spec=dict(), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform'] diff --git a/plugins/modules/gcp_cloudbuild_trigger.py b/plugins/modules/gcp_cloudbuild_trigger.py index b252f86f..218135a8 100644 --- a/plugins/modules/gcp_cloudbuild_trigger.py +++ b/plugins/modules/gcp_cloudbuild_trigger.py @@ -1536,7 +1536,7 @@ def main(): ), ), pubsub_config=dict(type='dict', options=dict(topic=dict(required=True, type='str'), service_account_email=dict(type='str'))), - webhook_config=dict(type='dict', options=dict(secret=dict(required=True, type='str'))), + webhook_config=dict(type='dict', options=dict(secret=dict(required=True, type='str', no_log=True))), build=dict( type='dict', options=dict( @@ -1568,7 +1568,11 @@ def main(): queue_ttl=dict(type='str'), logs_bucket=dict(type='str'), timeout=dict(default='600s', type='str'), - secrets=dict(type='list', elements='dict', options=dict(kms_key_name=dict(required=True, type='str'), secret_env=dict(type='dict'))), + secrets=dict( + type='list', + elements='dict', + no_log=True, + options=dict(kms_key_name=dict(required=True, type='str'), secret_env=dict(type='dict', no_log=True))), steps=dict( required=True, type='list', @@ -1580,7 +1584,7 @@ def main(): id=dict(type='str'), entrypoint=dict(type='str'), dir=dict(type='str'), - secret_env=dict(type='list', elements='str'), + secret_env=dict(type='list', elements='str', no_log=True), timeout=dict(type='str'), timing=dict(type='str'), volumes=dict( @@ -1609,7 +1613,7 @@ def main(): worker_pool=dict(type='str'), logging=dict(type='str'), env=dict(type='list', elements='str'), - secret_env=dict(type='list', elements='str'), + secret_env=dict(type='list', elements='str', no_log=True), volumes=dict(type='list', elements='dict', options=dict(name=dict(type='str'), path=dict(type='str'))), ), ), diff --git a/plugins/modules/gcp_cloudbuild_trigger_info.py b/plugins/modules/gcp_cloudbuild_trigger_info.py index c8a9202d..2f6fcfd2 100644 --- a/plugins/modules/gcp_cloudbuild_trigger_info.py +++ b/plugins/modules/gcp_cloudbuild_trigger_info.py @@ -814,7 +814,7 @@ import json def main(): - module = GcpModule(argument_spec=dict()) + module = GcpModule(argument_spec=dict(), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform'] diff --git a/plugins/modules/gcp_cloudfunctions_cloud_function_info.py b/plugins/modules/gcp_cloudfunctions_cloud_function_info.py index 075fd863..778f2b51 100644 --- a/plugins/modules/gcp_cloudfunctions_cloud_function_info.py +++ b/plugins/modules/gcp_cloudfunctions_cloud_function_info.py @@ -273,7 +273,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(location=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(location=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform'] diff --git a/plugins/modules/gcp_cloudscheduler_job.py b/plugins/modules/gcp_cloudscheduler_job.py index 8a930535..e2adf59e 100644 --- a/plugins/modules/gcp_cloudscheduler_job.py +++ b/plugins/modules/gcp_cloudscheduler_job.py @@ -681,8 +681,8 @@ def main(): http_method=dict(type='str'), body=dict(type='str'), headers=dict(type='dict'), - oauth_token=dict(type='dict', options=dict(service_account_email=dict(required=True, type='str'), scope=dict(type='str'))), - oidc_token=dict(type='dict', options=dict(service_account_email=dict(required=True, type='str'), audience=dict(type='str'))), + oauth_token=dict(type='dict', no_log=True, options=dict(service_account_email=dict(required=True, type='str'), scope=dict(type='str'))), + oidc_token=dict(type='dict', no_log=True, options=dict(service_account_email=dict(required=True, type='str'), audience=dict(type='str'))), ), ), region=dict(required=True, type='str'), diff --git a/plugins/modules/gcp_cloudscheduler_job_info.py b/plugins/modules/gcp_cloudscheduler_job_info.py index 29ba1236..0c03f714 100644 --- a/plugins/modules/gcp_cloudscheduler_job_info.py +++ b/plugins/modules/gcp_cloudscheduler_job_info.py @@ -379,7 +379,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(region=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(region=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform'] diff --git a/plugins/modules/gcp_cloudtasks_queue_info.py b/plugins/modules/gcp_cloudtasks_queue_info.py index 631b10de..f006fe85 100644 --- a/plugins/modules/gcp_cloudtasks_queue_info.py +++ b/plugins/modules/gcp_cloudtasks_queue_info.py @@ -279,7 +279,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(location=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(location=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform'] diff --git a/plugins/modules/gcp_compute_address_info.py b/plugins/modules/gcp_compute_address_info.py index 247d8927..b919a303 100644 --- a/plugins/modules/gcp_compute_address_info.py +++ b/plugins/modules/gcp_compute_address_info.py @@ -235,7 +235,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_autoscaler_info.py b/plugins/modules/gcp_compute_autoscaler_info.py index 110c10da..f908fece 100644 --- a/plugins/modules/gcp_compute_autoscaler_info.py +++ b/plugins/modules/gcp_compute_autoscaler_info.py @@ -320,7 +320,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_backend_bucket_info.py b/plugins/modules/gcp_compute_backend_bucket_info.py index aaf40e32..8a504294 100644 --- a/plugins/modules/gcp_compute_backend_bucket_info.py +++ b/plugins/modules/gcp_compute_backend_bucket_info.py @@ -252,7 +252,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_backend_service.py b/plugins/modules/gcp_compute_backend_service.py index b259848f..e311fcc8 100644 --- a/plugins/modules/gcp_compute_backend_service.py +++ b/plugins/modules/gcp_compute_backend_service.py @@ -1490,6 +1490,7 @@ def main(): options=dict( cache_key_policy=dict( type="dict", + no_log=False, options=dict( include_host=dict(type="bool"), include_protocol=dict(type="bool"), diff --git a/plugins/modules/gcp_compute_backend_service_info.py b/plugins/modules/gcp_compute_backend_service_info.py index 5e715778..c16f6572 100644 --- a/plugins/modules/gcp_compute_backend_service_info.py +++ b/plugins/modules/gcp_compute_backend_service_info.py @@ -762,7 +762,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_disk.py b/plugins/modules/gcp_compute_disk.py index 8409cac7..d3880eed 100644 --- a/plugins/modules/gcp_compute_disk.py +++ b/plugins/modules/gcp_compute_disk.py @@ -570,14 +570,20 @@ def main(): provisioned_iops=dict(type='int'), zone=dict(required=True, type='str'), source_image_encryption_key=dict( - type='dict', no_log=True, options=dict(raw_key=dict(type='str'), kms_key_name=dict(type='str'), kms_key_service_account=dict(type='str')) + type='dict', + no_log=True, + options=dict(raw_key=dict(type='str', no_log=True), kms_key_name=dict(type='str'), kms_key_service_account=dict(type='str')) ), disk_encryption_key=dict( - type='dict', no_log=True, options=dict(raw_key=dict(type='str'), kms_key_name=dict(type='str'), kms_key_service_account=dict(type='str')) + type='dict', + no_log=True, + options=dict(raw_key=dict(type='str', no_log=True), kms_key_name=dict(type='str'), kms_key_service_account=dict(type='str')) ), source_snapshot=dict(type='dict', no_log=True), source_snapshot_encryption_key=dict( - type='dict', no_log=True, options=dict(raw_key=dict(type='str'), kms_key_name=dict(type='str'), kms_key_service_account=dict(type='str')) + type='dict', + no_log=True, + options=dict(raw_key=dict(type='str', no_log=True), kms_key_name=dict(type='str'), kms_key_service_account=dict(type='str')) ), ) ) diff --git a/plugins/modules/gcp_compute_disk_info.py b/plugins/modules/gcp_compute_disk_info.py index 8e364682..c8e4be1d 100644 --- a/plugins/modules/gcp_compute_disk_info.py +++ b/plugins/modules/gcp_compute_disk_info.py @@ -375,7 +375,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_external_vpn_gateway_info.py b/plugins/modules/gcp_compute_external_vpn_gateway_info.py index 6e2e0d0f..ffd36e42 100644 --- a/plugins/modules/gcp_compute_external_vpn_gateway_info.py +++ b/plugins/modules/gcp_compute_external_vpn_gateway_info.py @@ -175,7 +175,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_firewall_info.py b/plugins/modules/gcp_compute_firewall_info.py index dfc105ee..e5cb8306 100644 --- a/plugins/modules/gcp_compute_firewall_info.py +++ b/plugins/modules/gcp_compute_firewall_info.py @@ -322,7 +322,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_forwarding_rule_info.py b/plugins/modules/gcp_compute_forwarding_rule_info.py index 87dcb899..d8a8e581 100644 --- a/plugins/modules/gcp_compute_forwarding_rule_info.py +++ b/plugins/modules/gcp_compute_forwarding_rule_info.py @@ -314,7 +314,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_global_address_info.py b/plugins/modules/gcp_compute_global_address_info.py index 34aa1755..377b5f48 100644 --- a/plugins/modules/gcp_compute_global_address_info.py +++ b/plugins/modules/gcp_compute_global_address_info.py @@ -205,7 +205,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_global_forwarding_rule_info.py b/plugins/modules/gcp_compute_global_forwarding_rule_info.py index 735d622a..68f9de4c 100644 --- a/plugins/modules/gcp_compute_global_forwarding_rule_info.py +++ b/plugins/modules/gcp_compute_global_forwarding_rule_info.py @@ -289,7 +289,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_health_check_info.py b/plugins/modules/gcp_compute_health_check_info.py index b6876f25..78662af3 100644 --- a/plugins/modules/gcp_compute_health_check_info.py +++ b/plugins/modules/gcp_compute_health_check_info.py @@ -527,7 +527,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_http_health_check_info.py b/plugins/modules/gcp_compute_http_health_check_info.py index 547fdc9a..cfd394db 100644 --- a/plugins/modules/gcp_compute_http_health_check_info.py +++ b/plugins/modules/gcp_compute_http_health_check_info.py @@ -204,7 +204,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_https_health_check_info.py b/plugins/modules/gcp_compute_https_health_check_info.py index 58af6d45..4597ca3a 100644 --- a/plugins/modules/gcp_compute_https_health_check_info.py +++ b/plugins/modules/gcp_compute_https_health_check_info.py @@ -204,7 +204,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_image.py b/plugins/modules/gcp_compute_image.py index 66d897a3..741536e8 100644 --- a/plugins/modules/gcp_compute_image.py +++ b/plugins/modules/gcp_compute_image.py @@ -545,13 +545,13 @@ def main(): disk_size_gb=dict(type='int'), family=dict(type='str'), guest_os_features=dict(type='list', elements='dict', options=dict(type=dict(required=True, type='str'))), - image_encryption_key=dict(type='dict', no_log=True, options=dict(raw_key=dict(type='str'))), + image_encryption_key=dict(type='dict', no_log=True, options=dict(raw_key=dict(type='str', no_log=True))), labels=dict(type='dict'), licenses=dict(type='list', elements='str'), name=dict(required=True, type='str'), raw_disk=dict(type='dict', options=dict(container_type=dict(type='str'), sha1_checksum=dict(type='str'), source=dict(required=True, type='str'))), source_disk=dict(type='dict'), - source_disk_encryption_key=dict(type='dict', no_log=True, options=dict(raw_key=dict(type='str'))), + source_disk_encryption_key=dict(type='dict', no_log=True, options=dict(raw_key=dict(type='str', no_log=True))), source_disk_id=dict(type='str'), source_image=dict(type='dict'), source_snapshot=dict(type='dict'), diff --git a/plugins/modules/gcp_compute_image_info.py b/plugins/modules/gcp_compute_image_info.py index 2f1acd14..dff5da92 100644 --- a/plugins/modules/gcp_compute_image_info.py +++ b/plugins/modules/gcp_compute_image_info.py @@ -351,7 +351,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_instance.py b/plugins/modules/gcp_compute_instance.py index 1d7f56e9..3c30338e 100644 --- a/plugins/modules/gcp_compute_instance.py +++ b/plugins/modules/gcp_compute_instance.py @@ -1119,7 +1119,9 @@ def main(): auto_delete=dict(type='bool'), boot=dict(type='bool'), device_name=dict(type='str'), - disk_encryption_key=dict(type='dict', options=dict(raw_key=dict(type='str'), rsa_encrypted_key=dict(type='str'))), + disk_encryption_key=dict(type='dict', + no_log=True, + options=dict(raw_key=dict(type='str', no_log=True), rsa_encrypted_key=dict(type='str', no_log=True))), index=dict(type='int'), initialize_params=dict( type='dict', @@ -1128,7 +1130,7 @@ def main(): disk_size_gb=dict(type='int'), disk_type=dict(type='str'), source_image=dict(type='str', aliases=['image', 'image_family']), - source_image_encryption_key=dict(type='dict', options=dict(raw_key=dict(type='str'))), + source_image_encryption_key=dict(type='dict', no_log=True, options=dict(raw_key=dict(type='str', no_log=True))), ), ), interface=dict(type='str'), diff --git a/plugins/modules/gcp_compute_instance_group_info.py b/plugins/modules/gcp_compute_instance_group_info.py index a8d30456..da030c52 100644 --- a/plugins/modules/gcp_compute_instance_group_info.py +++ b/plugins/modules/gcp_compute_instance_group_info.py @@ -213,7 +213,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_instance_group_manager_info.py b/plugins/modules/gcp_compute_instance_group_manager_info.py index 16a6e576..5caf7c29 100644 --- a/plugins/modules/gcp_compute_instance_group_manager_info.py +++ b/plugins/modules/gcp_compute_instance_group_manager_info.py @@ -288,7 +288,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_instance_info.py b/plugins/modules/gcp_compute_instance_info.py index e12b957a..22d87e9a 100644 --- a/plugins/modules/gcp_compute_instance_info.py +++ b/plugins/modules/gcp_compute_instance_info.py @@ -621,7 +621,8 @@ def main(): argument_spec=dict( filters=dict(type="list", elements="str"), zone=dict(required=True, type="str"), - ) + ), + supports_check_mode=True ) if not module.params["scopes"]: diff --git a/plugins/modules/gcp_compute_instance_template.py b/plugins/modules/gcp_compute_instance_template.py index ce4a8eb4..4eb1a7ce 100644 --- a/plugins/modules/gcp_compute_instance_template.py +++ b/plugins/modules/gcp_compute_instance_template.py @@ -1019,7 +1019,9 @@ def main(): auto_delete=dict(type='bool'), boot=dict(type='bool'), device_name=dict(type='str'), - disk_encryption_key=dict(type='dict', no_log=True, options=dict(raw_key=dict(type='str'), rsa_encrypted_key=dict(type='str'))), + disk_encryption_key=dict(type='dict', + no_log=True, + options=dict(raw_key=dict(type='str', no_log=True), rsa_encrypted_key=dict(type='str', no_log=True))), index=dict(type='int'), initialize_params=dict( type='dict', @@ -1028,7 +1030,7 @@ def main(): disk_size_gb=dict(type='int'), disk_type=dict(type='str'), source_image=dict(type='str'), - source_image_encryption_key=dict(type='dict', no_log=True, options=dict(raw_key=dict(type='str'))), + source_image_encryption_key=dict(type='dict', no_log=True, options=dict(raw_key=dict(type='str', no_log=True))), ), ), interface=dict(type='str'), diff --git a/plugins/modules/gcp_compute_instance_template_info.py b/plugins/modules/gcp_compute_instance_template_info.py index 2d337cf1..943cf021 100644 --- a/plugins/modules/gcp_compute_instance_template_info.py +++ b/plugins/modules/gcp_compute_instance_template_info.py @@ -560,7 +560,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_interconnect_attachment_info.py b/plugins/modules/gcp_compute_interconnect_attachment_info.py index 20b90beb..0d30dba1 100644 --- a/plugins/modules/gcp_compute_interconnect_attachment_info.py +++ b/plugins/modules/gcp_compute_interconnect_attachment_info.py @@ -320,7 +320,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_network_endpoint_group_info.py b/plugins/modules/gcp_compute_network_endpoint_group_info.py index b36afb09..e34941a1 100644 --- a/plugins/modules/gcp_compute_network_endpoint_group_info.py +++ b/plugins/modules/gcp_compute_network_endpoint_group_info.py @@ -192,7 +192,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_network_info.py b/plugins/modules/gcp_compute_network_info.py index 7896facb..854687ee 100644 --- a/plugins/modules/gcp_compute_network_info.py +++ b/plugins/modules/gcp_compute_network_info.py @@ -202,7 +202,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_node_group_info.py b/plugins/modules/gcp_compute_node_group_info.py index 6864c281..a09934ef 100644 --- a/plugins/modules/gcp_compute_node_group_info.py +++ b/plugins/modules/gcp_compute_node_group_info.py @@ -219,7 +219,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_node_template_info.py b/plugins/modules/gcp_compute_node_template_info.py index 5219bc60..0a5a53ee 100644 --- a/plugins/modules/gcp_compute_node_template_info.py +++ b/plugins/modules/gcp_compute_node_template_info.py @@ -220,7 +220,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_region_autoscaler_info.py b/plugins/modules/gcp_compute_region_autoscaler_info.py index 64114af2..6775944c 100644 --- a/plugins/modules/gcp_compute_region_autoscaler_info.py +++ b/plugins/modules/gcp_compute_region_autoscaler_info.py @@ -320,7 +320,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_region_backend_service.py b/plugins/modules/gcp_compute_region_backend_service.py index 557e92d2..b01a4f52 100644 --- a/plugins/modules/gcp_compute_region_backend_service.py +++ b/plugins/modules/gcp_compute_region_backend_service.py @@ -1507,6 +1507,7 @@ def main(): options=dict( cache_key_policy=dict( type='dict', + no_log=False, options=dict( include_host=dict(type='bool'), include_protocol=dict(type='bool'), diff --git a/plugins/modules/gcp_compute_region_backend_service_info.py b/plugins/modules/gcp_compute_region_backend_service_info.py index 685f48ff..4f5ba3bf 100644 --- a/plugins/modules/gcp_compute_region_backend_service_info.py +++ b/plugins/modules/gcp_compute_region_backend_service_info.py @@ -787,7 +787,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_region_disk.py b/plugins/modules/gcp_compute_region_disk.py index 673d925a..705f7aab 100644 --- a/plugins/modules/gcp_compute_region_disk.py +++ b/plugins/modules/gcp_compute_region_disk.py @@ -430,9 +430,9 @@ def main(): replica_zones=dict(required=True, type='list', elements='str'), type=dict(type='str'), region=dict(required=True, type='str'), - disk_encryption_key=dict(type='dict', no_log=True, options=dict(raw_key=dict(type='str'))), + disk_encryption_key=dict(type='dict', no_log=True, options=dict(raw_key=dict(type='str', no_log=True))), source_snapshot=dict(type='dict'), - source_snapshot_encryption_key=dict(type='dict', no_log=True, options=dict(raw_key=dict(type='str'))), + source_snapshot_encryption_key=dict(type='dict', no_log=True, options=dict(raw_key=dict(type='str', no_log=True))), ) ) diff --git a/plugins/modules/gcp_compute_region_disk_info.py b/plugins/modules/gcp_compute_region_disk_info.py index 6e70b4da..76d4a706 100644 --- a/plugins/modules/gcp_compute_region_disk_info.py +++ b/plugins/modules/gcp_compute_region_disk_info.py @@ -293,7 +293,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_region_health_check_info.py b/plugins/modules/gcp_compute_region_health_check_info.py index 38b4a7ca..8367f32b 100644 --- a/plugins/modules/gcp_compute_region_health_check_info.py +++ b/plugins/modules/gcp_compute_region_health_check_info.py @@ -538,7 +538,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_region_instance_group_manager_info.py b/plugins/modules/gcp_compute_region_instance_group_manager_info.py index 43816fd2..fa5be229 100644 --- a/plugins/modules/gcp_compute_region_instance_group_manager_info.py +++ b/plugins/modules/gcp_compute_region_instance_group_manager_info.py @@ -301,7 +301,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_region_target_http_proxy_info.py b/plugins/modules/gcp_compute_region_target_http_proxy_info.py index f53beca5..6537b310 100644 --- a/plugins/modules/gcp_compute_region_target_http_proxy_info.py +++ b/plugins/modules/gcp_compute_region_target_http_proxy_info.py @@ -176,7 +176,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_region_target_https_proxy_info.py b/plugins/modules/gcp_compute_region_target_https_proxy_info.py index fdb9f99a..f28c3826 100644 --- a/plugins/modules/gcp_compute_region_target_https_proxy_info.py +++ b/plugins/modules/gcp_compute_region_target_https_proxy_info.py @@ -183,7 +183,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_region_url_map_info.py b/plugins/modules/gcp_compute_region_url_map_info.py index 3b5cdb71..8bcb5204 100644 --- a/plugins/modules/gcp_compute_region_url_map_info.py +++ b/plugins/modules/gcp_compute_region_url_map_info.py @@ -1604,7 +1604,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_reservation_info.py b/plugins/modules/gcp_compute_reservation_info.py index ba42f85f..e6c2197e 100644 --- a/plugins/modules/gcp_compute_reservation_info.py +++ b/plugins/modules/gcp_compute_reservation_info.py @@ -258,7 +258,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_resource_policy_info.py b/plugins/modules/gcp_compute_resource_policy_info.py index 545a3bfe..2cec554e 100644 --- a/plugins/modules/gcp_compute_resource_policy_info.py +++ b/plugins/modules/gcp_compute_resource_policy_info.py @@ -346,7 +346,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_route_info.py b/plugins/modules/gcp_compute_route_info.py index 86e9ab49..e0a5c4db 100644 --- a/plugins/modules/gcp_compute_route_info.py +++ b/plugins/modules/gcp_compute_route_info.py @@ -217,7 +217,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_router_info.py b/plugins/modules/gcp_compute_router_info.py index d595d199..057a0b6b 100644 --- a/plugins/modules/gcp_compute_router_info.py +++ b/plugins/modules/gcp_compute_router_info.py @@ -222,7 +222,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_snapshot.py b/plugins/modules/gcp_compute_snapshot.py index 5759fbfa..494b2aca 100644 --- a/plugins/modules/gcp_compute_snapshot.py +++ b/plugins/modules/gcp_compute_snapshot.py @@ -388,10 +388,14 @@ def main(): source_disk=dict(required=True, type='dict'), zone=dict(type='str'), snapshot_encryption_key=dict( - type='dict', no_log=True, options=dict(raw_key=dict(type='str'), kms_key_name=dict(type='str'), kms_key_service_account=dict(type='str')) + type='dict', + no_log=True, + options=dict(raw_key=dict(type='str', no_log=True), kms_key_name=dict(type='str'), kms_key_service_account=dict(type='str')) ), source_disk_encryption_key=dict( - type='dict', no_log=True, options=dict(raw_key=dict(type='str'), kms_key_name=dict(type='str'), kms_key_service_account=dict(type='str')) + type='dict', + no_log=True, + options=dict(raw_key=dict(type='str', no_log=True), kms_key_name=dict(type='str'), kms_key_service_account=dict(type='str')) ), ) ) diff --git a/plugins/modules/gcp_compute_snapshot_info.py b/plugins/modules/gcp_compute_snapshot_info.py index 26963f3c..d885e890 100644 --- a/plugins/modules/gcp_compute_snapshot_info.py +++ b/plugins/modules/gcp_compute_snapshot_info.py @@ -260,7 +260,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_ssl_certificate_info.py b/plugins/modules/gcp_compute_ssl_certificate_info.py index 27b4ce26..87b80fa9 100644 --- a/plugins/modules/gcp_compute_ssl_certificate_info.py +++ b/plugins/modules/gcp_compute_ssl_certificate_info.py @@ -171,7 +171,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_ssl_policy_info.py b/plugins/modules/gcp_compute_ssl_policy_info.py index 04219c88..0fd69eb2 100644 --- a/plugins/modules/gcp_compute_ssl_policy_info.py +++ b/plugins/modules/gcp_compute_ssl_policy_info.py @@ -207,7 +207,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_subnetwork_info.py b/plugins/modules/gcp_compute_subnetwork_info.py index 5b126f29..d8ae2c25 100644 --- a/plugins/modules/gcp_compute_subnetwork_info.py +++ b/plugins/modules/gcp_compute_subnetwork_info.py @@ -226,7 +226,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_target_http_proxy_info.py b/plugins/modules/gcp_compute_target_http_proxy_info.py index 6a78af42..21f30904 100644 --- a/plugins/modules/gcp_compute_target_http_proxy_info.py +++ b/plugins/modules/gcp_compute_target_http_proxy_info.py @@ -171,7 +171,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_target_https_proxy_info.py b/plugins/modules/gcp_compute_target_https_proxy_info.py index b4186a9e..36fab9e9 100644 --- a/plugins/modules/gcp_compute_target_https_proxy_info.py +++ b/plugins/modules/gcp_compute_target_https_proxy_info.py @@ -193,7 +193,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_target_instance_info.py b/plugins/modules/gcp_compute_target_instance_info.py index 791fb0a4..5fe4415c 100644 --- a/plugins/modules/gcp_compute_target_instance_info.py +++ b/plugins/modules/gcp_compute_target_instance_info.py @@ -178,7 +178,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_target_pool_info.py b/plugins/modules/gcp_compute_target_pool_info.py index 54345a1b..58c2db55 100644 --- a/plugins/modules/gcp_compute_target_pool_info.py +++ b/plugins/modules/gcp_compute_target_pool_info.py @@ -224,7 +224,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_target_ssl_proxy_info.py b/plugins/modules/gcp_compute_target_ssl_proxy_info.py index e23e8417..ff6b11dc 100644 --- a/plugins/modules/gcp_compute_target_ssl_proxy_info.py +++ b/plugins/modules/gcp_compute_target_ssl_proxy_info.py @@ -183,7 +183,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_target_tcp_proxy_info.py b/plugins/modules/gcp_compute_target_tcp_proxy_info.py index 65cc7759..c4e0619d 100644 --- a/plugins/modules/gcp_compute_target_tcp_proxy_info.py +++ b/plugins/modules/gcp_compute_target_tcp_proxy_info.py @@ -175,7 +175,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_target_vpn_gateway_info.py b/plugins/modules/gcp_compute_target_vpn_gateway_info.py index 8d9763bb..67f71be7 100644 --- a/plugins/modules/gcp_compute_target_vpn_gateway_info.py +++ b/plugins/modules/gcp_compute_target_vpn_gateway_info.py @@ -186,7 +186,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_url_map_info.py b/plugins/modules/gcp_compute_url_map_info.py index fa5431a1..8ee58d7e 100644 --- a/plugins/modules/gcp_compute_url_map_info.py +++ b/plugins/modules/gcp_compute_url_map_info.py @@ -2487,7 +2487,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_compute_vpn_tunnel_info.py b/plugins/modules/gcp_compute_vpn_tunnel_info.py index 7b3430aa..9cf5e163 100644 --- a/plugins/modules/gcp_compute_vpn_tunnel_info.py +++ b/plugins/modules/gcp_compute_vpn_tunnel_info.py @@ -247,7 +247,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] diff --git a/plugins/modules/gcp_container_cluster.py b/plugins/modules/gcp_container_cluster.py index 0a5d9493..34596a57 100644 --- a/plugins/modules/gcp_container_cluster.py +++ b/plugins/modules/gcp_container_cluster.py @@ -1528,7 +1528,9 @@ def main(): accelerators=dict(type='list', elements='dict', options=dict(accelerator_count=dict(type='str'), accelerator_type=dict(type='str'))), disk_type=dict(type='str'), min_cpu_platform=dict(type='str'), - taints=dict(type='list', elements='dict', options=dict(key=dict(type='str'), value=dict(type='str'), effect=dict(type='str'))), + taints=dict(type='list', + elements='dict', + options=dict(key=dict(type='str', no_log=False), value=dict(type='str'), effect=dict(type='str'))), shielded_instance_config=dict( type='dict', options=dict(enable_secure_boot=dict(type='bool'), enable_integrity_monitoring=dict(type='bool')) ), @@ -1538,7 +1540,7 @@ def main(): type='dict', options=dict( username=dict(type='str'), - password=dict(type='str'), + password=dict(type='str', no_log=True), client_certificate_config=dict(type='dict', options=dict(issue_client_certificate=dict(type='bool'))), ), ), diff --git a/plugins/modules/gcp_container_cluster_info.py b/plugins/modules/gcp_container_cluster_info.py index 0b90433c..d94e5647 100644 --- a/plugins/modules/gcp_container_cluster_info.py +++ b/plugins/modules/gcp_container_cluster_info.py @@ -859,7 +859,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(location=dict(required=True, type='str', aliases=['region', 'zone']))) + module = GcpModule(argument_spec=dict(location=dict(required=True, type='str', aliases=['region', 'zone'])), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform'] diff --git a/plugins/modules/gcp_container_node_pool.py b/plugins/modules/gcp_container_node_pool.py index 17408376..a0b9c714 100644 --- a/plugins/modules/gcp_container_node_pool.py +++ b/plugins/modules/gcp_container_node_pool.py @@ -764,7 +764,9 @@ def main(): accelerators=dict(type='list', elements='dict', options=dict(accelerator_count=dict(type='int'), accelerator_type=dict(type='str'))), disk_type=dict(type='str'), min_cpu_platform=dict(type='str'), - taints=dict(type='list', elements='dict', options=dict(key=dict(type='str'), value=dict(type='str'), effect=dict(type='str'))), + taints=dict(type='list', + elements='dict', + options=dict(key=dict(type='str', no_log=False), value=dict(type='str'), effect=dict(type='str'))), shielded_instance_config=dict( type='dict', options=dict(enable_secure_boot=dict(type='bool'), enable_integrity_monitoring=dict(type='bool')) ), diff --git a/plugins/modules/gcp_container_node_pool_info.py b/plugins/modules/gcp_container_node_pool_info.py index e27412ab..a3de8acc 100644 --- a/plugins/modules/gcp_container_node_pool_info.py +++ b/plugins/modules/gcp_container_node_pool_info.py @@ -450,7 +450,8 @@ import json def main(): - module = GcpModule(argument_spec=dict(location=dict(required=True, type='str', aliases=['region', 'zone']), cluster=dict(required=True, type='dict'))) + module = GcpModule(argument_spec=dict(location=dict(required=True, type='str', aliases=['region', 'zone']), cluster=dict(required=True, type='dict')), + supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform'] diff --git a/plugins/modules/gcp_dns_managed_zone.py b/plugins/modules/gcp_dns_managed_zone.py index 83c327a8..8aec272b 100644 --- a/plugins/modules/gcp_dns_managed_zone.py +++ b/plugins/modules/gcp_dns_managed_zone.py @@ -508,8 +508,12 @@ def main(): default_key_specs=dict( type='list', elements='dict', + no_log=False, options=dict( - algorithm=dict(type='str'), key_length=dict(type='int'), key_type=dict(type='str'), kind=dict(default='dns#dnsKeySpec', type='str') + algorithm=dict(type='str'), + key_length=dict(type='int', no_log=False), + key_type=dict(type='str'), + kind=dict(default='dns#dnsKeySpec', type='str') ), ), ), diff --git a/plugins/modules/gcp_dns_managed_zone_info.py b/plugins/modules/gcp_dns_managed_zone_info.py index 333bfcee..d39aef26 100644 --- a/plugins/modules/gcp_dns_managed_zone_info.py +++ b/plugins/modules/gcp_dns_managed_zone_info.py @@ -308,7 +308,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(dns_name=dict(type='list', elements='str'))) + module = GcpModule(argument_spec=dict(dns_name=dict(type='list', elements='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/ndev.clouddns.readwrite'] diff --git a/plugins/modules/gcp_dns_resource_record_set_info.py b/plugins/modules/gcp_dns_resource_record_set_info.py index 622c3102..1dba0a71 100644 --- a/plugins/modules/gcp_dns_resource_record_set_info.py +++ b/plugins/modules/gcp_dns_resource_record_set_info.py @@ -160,7 +160,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(managed_zone=dict(required=True, type='dict'))) + module = GcpModule(argument_spec=dict(managed_zone=dict(required=True, type='dict')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/ndev.clouddns.readwrite'] diff --git a/plugins/modules/gcp_filestore_instance_info.py b/plugins/modules/gcp_filestore_instance_info.py index 55ab27ca..af81ccd1 100644 --- a/plugins/modules/gcp_filestore_instance_info.py +++ b/plugins/modules/gcp_filestore_instance_info.py @@ -213,7 +213,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(zone=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(zone=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform'] diff --git a/plugins/modules/gcp_iam_role_info.py b/plugins/modules/gcp_iam_role_info.py index 35874cc2..879bd089 100644 --- a/plugins/modules/gcp_iam_role_info.py +++ b/plugins/modules/gcp_iam_role_info.py @@ -156,7 +156,7 @@ import json def main(): - module = GcpModule(argument_spec=dict()) + module = GcpModule(argument_spec=dict(), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/iam'] diff --git a/plugins/modules/gcp_iam_service_account_info.py b/plugins/modules/gcp_iam_service_account_info.py index b2017181..6e330237 100644 --- a/plugins/modules/gcp_iam_service_account_info.py +++ b/plugins/modules/gcp_iam_service_account_info.py @@ -155,7 +155,7 @@ import json def main(): - module = GcpModule(argument_spec=dict()) + module = GcpModule(argument_spec=dict(), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/iam'] diff --git a/plugins/modules/gcp_kms_crypto_key.py b/plugins/modules/gcp_kms_crypto_key.py index 40bfae95..f10d7ba2 100644 --- a/plugins/modules/gcp_kms_crypto_key.py +++ b/plugins/modules/gcp_kms_crypto_key.py @@ -284,7 +284,7 @@ def main(): purpose=dict(default='ENCRYPT_DECRYPT', type='str'), rotation_period=dict(type='str'), version_template=dict(type='dict', options=dict(algorithm=dict(required=True, type='str'), protection_level=dict(type='str'))), - key_ring=dict(required=True, type='str'), + key_ring=dict(required=True, type='str', no_log=False), skip_initial_version_creation=dict(type='bool', default=False), ) ) diff --git a/plugins/modules/gcp_kms_crypto_key_info.py b/plugins/modules/gcp_kms_crypto_key_info.py index bc40b484..621b84a4 100644 --- a/plugins/modules/gcp_kms_crypto_key_info.py +++ b/plugins/modules/gcp_kms_crypto_key_info.py @@ -198,7 +198,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(key_ring=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(key_ring=dict(required=True, type='str', no_log=False)), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/cloudkms'] diff --git a/plugins/modules/gcp_kms_key_ring_info.py b/plugins/modules/gcp_kms_key_ring_info.py index 39d3de92..d0b1fc70 100644 --- a/plugins/modules/gcp_kms_key_ring_info.py +++ b/plugins/modules/gcp_kms_key_ring_info.py @@ -151,7 +151,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(location=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(location=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/cloudkms'] diff --git a/plugins/modules/gcp_logging_metric.py b/plugins/modules/gcp_logging_metric.py index f8973240..262895de 100644 --- a/plugins/modules/gcp_logging_metric.py +++ b/plugins/modules/gcp_logging_metric.py @@ -528,7 +528,8 @@ def main(): labels=dict( type='list', elements='dict', - options=dict(key=dict(required=True, type='str'), description=dict(type='str'), value_type=dict(default='STRING', type='str')), + options=dict(key=dict(required=True, type='str', no_log=False), + description=dict(type='str'), value_type=dict(default='STRING', type='str')), ), display_name=dict(type='str'), ), diff --git a/plugins/modules/gcp_logging_metric_info.py b/plugins/modules/gcp_logging_metric_info.py index 76c323c3..c1a3cded 100644 --- a/plugins/modules/gcp_logging_metric_info.py +++ b/plugins/modules/gcp_logging_metric_info.py @@ -302,7 +302,7 @@ import json def main(): - module = GcpModule(argument_spec=dict()) + module = GcpModule(argument_spec=dict(), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform'] diff --git a/plugins/modules/gcp_mlengine_model_info.py b/plugins/modules/gcp_mlengine_model_info.py index 11f28aee..33289272 100644 --- a/plugins/modules/gcp_mlengine_model_info.py +++ b/plugins/modules/gcp_mlengine_model_info.py @@ -169,7 +169,7 @@ import json def main(): - module = GcpModule(argument_spec=dict()) + module = GcpModule(argument_spec=dict(), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform'] diff --git a/plugins/modules/gcp_mlengine_version_info.py b/plugins/modules/gcp_mlengine_version_info.py index ecf92817..04523a75 100644 --- a/plugins/modules/gcp_mlengine_version_info.py +++ b/plugins/modules/gcp_mlengine_version_info.py @@ -260,7 +260,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(model=dict(required=True, type='dict'))) + module = GcpModule(argument_spec=dict(model=dict(required=True, type='dict')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform'] diff --git a/plugins/modules/gcp_pubsub_subscription.py b/plugins/modules/gcp_pubsub_subscription.py index f39583be..1b1e4fa4 100644 --- a/plugins/modules/gcp_pubsub_subscription.py +++ b/plugins/modules/gcp_pubsub_subscription.py @@ -580,7 +580,9 @@ def main(): push_config=dict( type='dict', options=dict( - oidc_token=dict(type='dict', options=dict(service_account_email=dict(required=True, type='str'), audience=dict(type='str'))), + oidc_token=dict(type='dict', + no_log=False, + options=dict(service_account_email=dict(required=True, type='str'), audience=dict(type='str'))), push_endpoint=dict(required=True, type='str'), attributes=dict(type='dict'), ), diff --git a/plugins/modules/gcp_pubsub_subscription_info.py b/plugins/modules/gcp_pubsub_subscription_info.py index b911131d..dd20c935 100644 --- a/plugins/modules/gcp_pubsub_subscription_info.py +++ b/plugins/modules/gcp_pubsub_subscription_info.py @@ -333,7 +333,7 @@ import json def main(): - module = GcpModule(argument_spec=dict()) + module = GcpModule(argument_spec=dict(), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/pubsub'] diff --git a/plugins/modules/gcp_pubsub_topic_info.py b/plugins/modules/gcp_pubsub_topic_info.py index 0dc6f4e0..7b8627db 100644 --- a/plugins/modules/gcp_pubsub_topic_info.py +++ b/plugins/modules/gcp_pubsub_topic_info.py @@ -180,7 +180,7 @@ import json def main(): - module = GcpModule(argument_spec=dict()) + module = GcpModule(argument_spec=dict(), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/pubsub'] diff --git a/plugins/modules/gcp_redis_instance_info.py b/plugins/modules/gcp_redis_instance_info.py index 33a9241a..593b063f 100644 --- a/plugins/modules/gcp_redis_instance_info.py +++ b/plugins/modules/gcp_redis_instance_info.py @@ -291,7 +291,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(region=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(region=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform'] diff --git a/plugins/modules/gcp_resourcemanager_project_info.py b/plugins/modules/gcp_resourcemanager_project_info.py index 7d978299..de30d657 100644 --- a/plugins/modules/gcp_resourcemanager_project_info.py +++ b/plugins/modules/gcp_resourcemanager_project_info.py @@ -190,7 +190,7 @@ import json def main(): module = GcpModule(argument_spec=dict( page_size=dict(type='int') - )) + ), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform'] diff --git a/plugins/modules/gcp_runtimeconfig_config_info.py b/plugins/modules/gcp_runtimeconfig_config_info.py index 063c1cee..c0821402 100644 --- a/plugins/modules/gcp_runtimeconfig_config_info.py +++ b/plugins/modules/gcp_runtimeconfig_config_info.py @@ -135,7 +135,7 @@ import json def main(): - module = GcpModule(argument_spec=dict()) + module = GcpModule(argument_spec=dict(), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/cloudruntimeconfig'] diff --git a/plugins/modules/gcp_runtimeconfig_variable_info.py b/plugins/modules/gcp_runtimeconfig_variable_info.py index ec1adb92..0e619dc7 100644 --- a/plugins/modules/gcp_runtimeconfig_variable_info.py +++ b/plugins/modules/gcp_runtimeconfig_variable_info.py @@ -151,7 +151,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(config=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(config=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/cloudruntimeconfig'] diff --git a/plugins/modules/gcp_serviceusage_service_info.py b/plugins/modules/gcp_serviceusage_service_info.py index 1c49512e..b5c88d38 100644 --- a/plugins/modules/gcp_serviceusage_service_info.py +++ b/plugins/modules/gcp_serviceusage_service_info.py @@ -178,7 +178,7 @@ import json def main(): - module = GcpModule(argument_spec=dict()) + module = GcpModule(argument_spec=dict(), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform'] diff --git a/plugins/modules/gcp_sourcerepo_repository_info.py b/plugins/modules/gcp_sourcerepo_repository_info.py index 4a0d809b..607e6243 100644 --- a/plugins/modules/gcp_sourcerepo_repository_info.py +++ b/plugins/modules/gcp_sourcerepo_repository_info.py @@ -142,7 +142,7 @@ import json def main(): - module = GcpModule(argument_spec=dict()) + module = GcpModule(argument_spec=dict(), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform'] diff --git a/plugins/modules/gcp_spanner_database_info.py b/plugins/modules/gcp_spanner_database_info.py index 2f45553d..84a7b47d 100644 --- a/plugins/modules/gcp_spanner_database_info.py +++ b/plugins/modules/gcp_spanner_database_info.py @@ -167,7 +167,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(instance=dict(required=True, type='dict'))) + module = GcpModule(argument_spec=dict(instance=dict(required=True, type='dict')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/spanner.admin'] diff --git a/plugins/modules/gcp_spanner_instance_info.py b/plugins/modules/gcp_spanner_instance_info.py index 90e25dda..64bc7a00 100644 --- a/plugins/modules/gcp_spanner_instance_info.py +++ b/plugins/modules/gcp_spanner_instance_info.py @@ -165,7 +165,7 @@ import json def main(): - module = GcpModule(argument_spec=dict()) + module = GcpModule(argument_spec=dict(), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/spanner.admin'] diff --git a/plugins/modules/gcp_sql_database_info.py b/plugins/modules/gcp_sql_database_info.py index dfc9bc9c..adb90460 100644 --- a/plugins/modules/gcp_sql_database_info.py +++ b/plugins/modules/gcp_sql_database_info.py @@ -158,7 +158,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(instance=dict(required=True, type='str'))) + module = GcpModule(argument_spec=dict(instance=dict(required=True, type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/sqlservice.admin'] diff --git a/plugins/modules/gcp_sql_instance.py b/plugins/modules/gcp_sql_instance.py index 9f18a2f6..9999dd18 100644 --- a/plugins/modules/gcp_sql_instance.py +++ b/plugins/modules/gcp_sql_instance.py @@ -848,11 +848,11 @@ def main(): options=dict( ca_certificate=dict(type='str'), client_certificate=dict(type='str'), - client_key=dict(type='str'), + client_key=dict(type='str', no_log=True), connect_retry_interval=dict(type='int'), dump_file_path=dict(type='str'), master_heartbeat_period=dict(type='int'), - password=dict(type='str'), + password=dict(type='str', no_log=True), ssl_cipher=dict(type='str'), username=dict(type='str'), verify_server_certificate=dict(type='bool'), diff --git a/plugins/modules/gcp_sql_instance_info.py b/plugins/modules/gcp_sql_instance_info.py index afbc7c30..8f734c36 100644 --- a/plugins/modules/gcp_sql_instance_info.py +++ b/plugins/modules/gcp_sql_instance_info.py @@ -519,7 +519,7 @@ import json def main(): - module = GcpModule(argument_spec=dict()) + module = GcpModule(argument_spec=dict(), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/sqlservice.admin'] diff --git a/plugins/modules/gcp_sql_ssl_cert.py b/plugins/modules/gcp_sql_ssl_cert.py index 02519b30..4d06ce28 100644 --- a/plugins/modules/gcp_sql_ssl_cert.py +++ b/plugins/modules/gcp_sql_ssl_cert.py @@ -234,7 +234,7 @@ def main(): expiration_time=dict(type='str'), instance=dict(required=True, type='dict'), sha1_fingerprint=dict(type='str'), - private_key=dict(type='str'), + private_key=dict(type='str', no_log=False), ) ) diff --git a/plugins/modules/gcp_sql_user.py b/plugins/modules/gcp_sql_user.py index ca2cbf4f..b0494105 100644 --- a/plugins/modules/gcp_sql_user.py +++ b/plugins/modules/gcp_sql_user.py @@ -195,7 +195,7 @@ def main(): host=dict(required=True, type='str'), name=dict(required=True, type='str'), instance=dict(required=True, type='dict'), - password=dict(type='str'), + password=dict(type='str', no_log=True), ) ) diff --git a/plugins/modules/gcp_tpu_node_info.py b/plugins/modules/gcp_tpu_node_info.py index a01d08af..5c8007ef 100644 --- a/plugins/modules/gcp_tpu_node_info.py +++ b/plugins/modules/gcp_tpu_node_info.py @@ -227,7 +227,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(zone=dict(type='str'))) + module = GcpModule(argument_spec=dict(zone=dict(type='str')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform'] From 608a8486e35f8792b4da12c4a9c9ad851469695f Mon Sep 17 00:00:00 2001 From: Chris Hawk Date: Tue, 5 Nov 2024 14:58:14 -0800 Subject: [PATCH 04/51] Fix many documentation lint errors --- .../modules/gcp_compute_backend_service.py | 12 ++- .../gcp_compute_backend_service_info.py | 2 +- plugins/modules/gcp_compute_health_check.py | 1 - .../gcp_compute_region_backend_service.py | 5 +- ...gcp_compute_region_backend_service_info.py | 2 +- .../gcp_compute_region_health_check.py | 1 - plugins/modules/gcp_compute_region_url_map.py | 13 --- plugins/modules/gcp_compute_reservation.py | 1 - plugins/modules/gcp_compute_url_map.py | 27 ++---- plugins/modules/gcp_kms_crypto_key.py | 1 + plugins/modules/gcp_redis_instance.py | 1 - .../gcp_resourcemanager_project_info.py | 2 +- plugins/modules/gcp_secret_manager.py | 85 +++++++++++-------- plugins/modules/gcp_sql_user_info.py | 2 +- .../modules/gcp_storage_default_object_acl.py | 4 + plugins/modules/gcp_storage_object.py | 1 - plugins/modules/gcp_tpu_node.py | 1 - 17 files changed, 75 insertions(+), 86 deletions(-) diff --git a/plugins/modules/gcp_compute_backend_service.py b/plugins/modules/gcp_compute_backend_service.py index e311fcc8..6339e6e1 100644 --- a/plugins/modules/gcp_compute_backend_service.py +++ b/plugins/modules/gcp_compute_backend_service.py @@ -422,6 +422,11 @@ options: elements: str required: false type: list + fingerprint: + description: + - Fingerprint of this resource. A hash of the contents stored in this object. This + field is used in optimistic locking. + type: str description: description: - An optional description of this resource. @@ -478,7 +483,7 @@ options: - The load balancing algorithm used within the scope of the locality. - The possible values are - * ROUND_ROBIN - This is a simple policy in which each healthy backend is selected in round robin order. - - "* LEAST_REQUEST - An O(1) algorithm which selects two random healthy hosts + - "* LEAST_REQUEST - An algorithm which selects two random healthy hosts and picks the host which has fewer active requests." - "* RING_HASH - The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host @@ -566,6 +571,7 @@ options: be used to disable ejection or to ramp it up slowly. Defaults to 0. required: false type: int + default: 0 enforcing_success_rate: description: - The percentage chance that a host will be actually ejected when an outlier @@ -1210,7 +1216,7 @@ localityLbPolicy: - The load balancing algorithm used within the scope of the locality. - The possible values are - * ROUND_ROBIN - This is a simple policy in which each healthy backend is selected in round robin order. - - "* LEAST_REQUEST - An O(1) algorithm which selects two random healthy hosts and + - "* LEAST_REQUEST - An algorithm which selects two random healthy hosts and picks the host which has fewer active requests." - "* RING_HASH - The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host @@ -1442,7 +1448,7 @@ def main(): # TODO: capacity_scaler does some value normalization # server-side, so there needs to be a way to do proper # value comparison. - capacity_scaler=dict(default="1", type="str"), + capacity_scaler=dict(default="1.0", type="str"), description=dict(type="str"), group=dict(required=True, type="str"), max_connections=dict(type="int"), diff --git a/plugins/modules/gcp_compute_backend_service_info.py b/plugins/modules/gcp_compute_backend_service_info.py index c16f6572..54171d62 100644 --- a/plugins/modules/gcp_compute_backend_service_info.py +++ b/plugins/modules/gcp_compute_backend_service_info.py @@ -549,7 +549,7 @@ resources: - The load balancing algorithm used within the scope of the locality. - The possible values are - * ROUND_ROBIN - This is a simple policy in which each healthy backend is selected in round robin order. - - "* LEAST_REQUEST - An O(1) algorithm which selects two random healthy hosts + - "* LEAST_REQUEST - An algorithm which selects two random healthy hosts and picks the host which has fewer active requests." - "* RING_HASH - The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a diff --git a/plugins/modules/gcp_compute_health_check.py b/plugins/modules/gcp_compute_health_check.py index ca4c6428..54ab3000 100644 --- a/plugins/modules/gcp_compute_health_check.py +++ b/plugins/modules/gcp_compute_health_check.py @@ -457,7 +457,6 @@ options: - Indicates whether or not to export logs. This is false by default, which means no health check logging will be done. required: false - default: 'false' type: bool project: description: diff --git a/plugins/modules/gcp_compute_region_backend_service.py b/plugins/modules/gcp_compute_region_backend_service.py index b01a4f52..832cfe54 100644 --- a/plugins/modules/gcp_compute_region_backend_service.py +++ b/plugins/modules/gcp_compute_region_backend_service.py @@ -476,7 +476,7 @@ options: - The load balancing algorithm used within the scope of the locality. - The possible values are - * ROUND_ROBIN - This is a simple policy in which each healthy backend is selected in round robin order. - - "* LEAST_REQUEST - An O(1) algorithm which selects two random healthy hosts + - "* LEAST_REQUEST - An algorithm which selects two random healthy hosts and picks the host which has fewer active requests." - "* RING_HASH - The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host @@ -566,6 +566,7 @@ options: be used to disable ejection or to ramp it up slowly. Defaults to 0. required: false type: int + default: 0 enforcing_success_rate: description: - The percentage chance that a host will be actually ejected when an outlier @@ -1222,7 +1223,7 @@ localityLbPolicy: - The load balancing algorithm used within the scope of the locality. - The possible values are - * ROUND_ROBIN - This is a simple policy in which each healthy backend is selected in round robin order. - - "* LEAST_REQUEST - An O(1) algorithm which selects two random healthy hosts and + - "* LEAST_REQUEST - An algorithm which selects two random healthy hosts and picks the host which has fewer active requests." - "* RING_HASH - The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host diff --git a/plugins/modules/gcp_compute_region_backend_service_info.py b/plugins/modules/gcp_compute_region_backend_service_info.py index 4f5ba3bf..99c2b750 100644 --- a/plugins/modules/gcp_compute_region_backend_service_info.py +++ b/plugins/modules/gcp_compute_region_backend_service_info.py @@ -559,7 +559,7 @@ resources: - The load balancing algorithm used within the scope of the locality. - The possible values are - * ROUND_ROBIN - This is a simple policy in which each healthy backend is selected in round robin order. - - "* LEAST_REQUEST - An O(1) algorithm which selects two random healthy hosts + - "* LEAST_REQUEST - An algorithm which selects two random healthy hosts and picks the host which has fewer active requests." - "* RING_HASH - The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a diff --git a/plugins/modules/gcp_compute_region_health_check.py b/plugins/modules/gcp_compute_region_health_check.py index fcbad213..2e489c18 100644 --- a/plugins/modules/gcp_compute_region_health_check.py +++ b/plugins/modules/gcp_compute_region_health_check.py @@ -452,7 +452,6 @@ options: - Indicates whether or not to export logs. This is false by default, which means no health check logging will be done. required: false - default: 'false' type: bool region: description: diff --git a/plugins/modules/gcp_compute_region_url_map.py b/plugins/modules/gcp_compute_region_url_map.py index 1d8c9c31..94284889 100644 --- a/plugins/modules/gcp_compute_region_url_map.py +++ b/plugins/modules/gcp_compute_region_url_map.py @@ -302,7 +302,6 @@ options: is considered a match if the match criteria above are NOT met. Defaults to false. required: false - default: 'false' type: bool prefix_match: description: @@ -364,7 +363,6 @@ options: - Specifies that prefixMatch and fullPathMatch matches are case sensitive. - Defaults to false. required: false - default: 'false' type: bool metadata_filters: description: @@ -499,7 +497,6 @@ options: to the Access- Control-Allow-Credentials header. Defaults to false. required: false - default: 'false' type: bool allow_headers: description: @@ -535,7 +532,6 @@ options: - which indicates that the CORS policy is in effect. Defaults to false. required: false - default: 'false' type: bool expose_headers: description: @@ -882,7 +878,6 @@ options: used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false. required: false - default: 'false' type: bool path_redirect: description: @@ -926,7 +921,6 @@ options: query portion of the original URL is retained. The default value is false. required: false - default: 'false' type: bool path_rules: description: @@ -993,7 +987,6 @@ options: to the Access- Control-Allow-Credentials header. Defaults to false. required: false - default: 'false' type: bool allow_headers: description: @@ -1373,7 +1366,6 @@ options: used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false. required: false - default: 'false' type: bool path_redirect: description: @@ -1416,7 +1408,6 @@ options: is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. required: false - default: 'false' type: bool default_url_redirect: description: @@ -1441,7 +1432,6 @@ options: in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false. required: false - default: 'false' type: bool path_redirect: description: @@ -1483,7 +1473,6 @@ options: removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. required: false - default: 'false' type: bool tests: description: @@ -1541,7 +1530,6 @@ options: Setting this true for TargetHttpsProxy is not permitted. The default is set to false. required: false - default: 'false' type: bool path_redirect: description: @@ -1582,7 +1570,6 @@ options: prior to redirecting the request. If set to false, the query portion of the original URL is retained. required: false - default: 'false' type: bool region: description: diff --git a/plugins/modules/gcp_compute_reservation.py b/plugins/modules/gcp_compute_reservation.py index c0a9dd02..b8cc710b 100644 --- a/plugins/modules/gcp_compute_reservation.py +++ b/plugins/modules/gcp_compute_reservation.py @@ -73,7 +73,6 @@ options: this reservation. Otherwise, it can be consumed by VMs with affinity for any reservation. Defaults to false. required: false - default: 'false' type: bool specific_reservation: description: diff --git a/plugins/modules/gcp_compute_url_map.py b/plugins/modules/gcp_compute_url_map.py index 2856e596..f71ea3ed 100644 --- a/plugins/modules/gcp_compute_url_map.py +++ b/plugins/modules/gcp_compute_url_map.py @@ -70,6 +70,11 @@ options: the resource. required: false type: str + fingerprint: + description: + - Fingerprint of this resource. A hash of the contents stored in this object. This + field is used in optimistic locking. + type: str header_action: description: - Specifies changes to request and response headers that need to take effect for @@ -357,7 +362,6 @@ options: to the Access- Control-Allow-Credentials header. Defaults to false. required: false - default: 'false' type: bool allow_headers: description: @@ -737,7 +741,6 @@ options: used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false. required: false - default: 'false' type: bool path_redirect: description: @@ -780,7 +783,6 @@ options: is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. required: false - default: 'false' type: bool route_rules: description: @@ -948,7 +950,6 @@ options: is considered a match if the match criteria above are NOT met. Defaults to false. required: false - default: 'false' type: bool prefix_match: description: @@ -1010,7 +1011,6 @@ options: - Specifies that prefixMatch and fullPathMatch matches are case sensitive. - Defaults to false. required: false - default: 'false' type: bool metadata_filters: description: @@ -1145,7 +1145,6 @@ options: to the Access- Control-Allow-Credentials header. Defaults to false. required: false - default: 'false' type: bool allow_headers: description: @@ -1181,7 +1180,6 @@ options: - which indicates that the CORS policy is in effect. Defaults to false. required: false - default: 'false' type: bool expose_headers: description: @@ -1531,7 +1529,6 @@ options: - Setting this true for TargetHttpsProxy is not permitted. Defaults to false. required: false - default: 'false' type: bool path_redirect: description: @@ -1569,7 +1566,6 @@ options: is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. Defaults to false. required: false - default: 'false' type: bool default_url_redirect: description: @@ -1594,7 +1590,6 @@ options: in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false. required: false - default: 'false' type: bool path_redirect: description: @@ -1636,7 +1631,6 @@ options: removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. required: false - default: 'false' type: bool default_route_action: description: @@ -1733,7 +1727,6 @@ options: - If true, headerValue is set for the header, discarding any values that were set for that header. required: false - default: 'false' type: bool response_headers_to_remove: description: @@ -1767,7 +1760,6 @@ options: - If true, headerValue is set for the header, discarding any values that were set for that header. required: false - default: 'false' type: bool url_rewrite: description: @@ -1960,14 +1952,12 @@ options: that the actual request can include user credentials. - This translates to the Access-Control-Allow-Credentials header. required: false - default: 'false' type: bool disabled: description: - If true, specifies the CORS policy is disabled. The default value is false, which indicates that the CORS policy is in effect. required: false - default: 'false' type: bool fault_injection_policy: description: @@ -2095,7 +2085,6 @@ options: Setting this true for TargetHttpsProxy is not permitted. The default is set to false. required: false - default: 'false' type: bool path_redirect: description: @@ -2136,7 +2125,6 @@ options: prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false. required: false - default: 'false' type: bool default_route_action: description: @@ -2231,8 +2219,6 @@ options: exist for the header. - If true, headerValue is set for the header, discarding any values that were set for that header. - required: false - default: 'false' type: bool response_headers_to_remove: description: @@ -2266,7 +2252,6 @@ options: - If true, headerValue is set for the header, discarding any values that were set for that header. required: false - default: 'false' type: bool url_rewrite: description: @@ -2456,14 +2441,12 @@ options: the actual request can include user credentials. - This translates to the Access-Control-Allow-Credentials header. required: false - default: 'false' type: bool disabled: description: - If true, specifies the CORS policy is disabled. The default value is false, which indicates that the CORS policy is in effect. required: false - default: 'false' type: bool fault_injection_policy: description: diff --git a/plugins/modules/gcp_kms_crypto_key.py b/plugins/modules/gcp_kms_crypto_key.py index f10d7ba2..4829081f 100644 --- a/plugins/modules/gcp_kms_crypto_key.py +++ b/plugins/modules/gcp_kms_crypto_key.py @@ -104,6 +104,7 @@ options: - If set to true, the request will create a CryptoKey without any CryptoKeyVersions. You must use the `google_kms_key_ring_import_job` resource to import the CryptoKeyVersion. required: false + default: false type: bool project: description: diff --git a/plugins/modules/gcp_redis_instance.py b/plugins/modules/gcp_redis_instance.py index ac8724a0..cef6ecac 100644 --- a/plugins/modules/gcp_redis_instance.py +++ b/plugins/modules/gcp_redis_instance.py @@ -60,7 +60,6 @@ options: to "true" AUTH is enabled on the instance. - Default value is "false" meaning AUTH is disabled. required: false - default: 'false' type: bool authorized_network: description: diff --git a/plugins/modules/gcp_resourcemanager_project_info.py b/plugins/modules/gcp_resourcemanager_project_info.py index de30d657..1e747b75 100644 --- a/plugins/modules/gcp_resourcemanager_project_info.py +++ b/plugins/modules/gcp_resourcemanager_project_info.py @@ -86,7 +86,7 @@ options: description: - Indicates the number of projects that should be returned by the API request - type: str + type: int notes: - for authentication, you can set service_account_file using the C(GCP_SERVICE_ACCOUNT_FILE) env variable. diff --git a/plugins/modules/gcp_secret_manager.py b/plugins/modules/gcp_secret_manager.py index a02a402d..a1e325e4 100644 --- a/plugins/modules/gcp_secret_manager.py +++ b/plugins/modules/gcp_secret_manager.py @@ -25,7 +25,7 @@ description: - Add/remove versions of secrets. - Please note that other features like etags, replication, annontation expected to be managed outside of Ansible. short_description: Access and Update Google Cloud Secrets Manager objects -author: Dave Costakos @RedHat +author: Dave Costakos (@davecostakos) requirements: - python >= 2.6 - requests >= 2.18.4 @@ -44,6 +44,7 @@ options: - application - machineaccount - serviceaccount + - accesstoken service_account_contents: description: - The contents of a Service Account JSON file, either in a dictionary or as a @@ -58,11 +59,21 @@ options: - An optional service account email address if machineaccount is selected and the user does not wish to use the default email. type: str + access_token: + description: + - An OAuth2 access token if credential type is accesstoken. + type: str scopes: description: - Array of scopes to be used type: list elements: str + env_type: + description: + - Specifies which Ansible environment you're running this module within. + - This should not be set unless you know what you're doing. + - This only alters the User Agent string for any API requests. + type: str name: description: - Name of the secret to be used @@ -105,6 +116,7 @@ options: - only used in creation - Note that the "value" piece of a label must contain only readable chars type: dict + default: {} notes: - 'API Reference: U(https://cloud.google.com/secret-manager/docs/reference/rests)' - 'Official Documentation: U(https://cloud.google.com/secret-manager/docs/overview)' @@ -171,41 +183,42 @@ resources: description: List of resources returned: always type: complex - name: - description: - - The name of the secret - returned: success - type: str - version: - description: - - the version number of the secret returned - returned: success - type: str - url: - description: - - the Google Cloud URL used to make the request - returned: success - type: str - status_code: - description: - - the HTTP status code of the response to Google Cloud - returned: success - type: str - msg: - description: - - A message indicating what was done (or not done) - returned: success, failure - type: str - value: - description: - - The decrypted secret value, please use care with this - returned: success - type: str - payload: - description: - - The base 64 secret payload including CRC for validation - retunred: success - type: dict + contains: + name: + description: + - The name of the secret + returned: success + type: str + version: + description: + - the version number of the secret returned + returned: success + type: str + url: + description: + - the Google Cloud URL used to make the request + returned: success + type: str + status_code: + description: + - the HTTP status code of the response to Google Cloud + returned: success + type: str + msg: + description: + - A message indicating what was done (or not done) + returned: success, failure + type: str + value: + description: + - The decrypted secret value, please use care with this + returned: success + type: str + payload: + description: + - The base 64 secret payload including CRC for validation + returned: success + type: dict ''' ################################################################################ diff --git a/plugins/modules/gcp_sql_user_info.py b/plugins/modules/gcp_sql_user_info.py index 762a7356..b03048d6 100644 --- a/plugins/modules/gcp_sql_user_info.py +++ b/plugins/modules/gcp_sql_user_info.py @@ -158,7 +158,7 @@ import json def main(): - module = GcpModule(argument_spec=dict(instance=dict(required=True, type='dict'))) + module = GcpModule(argument_spec=dict(instance=dict(required=True, type='dict')), supports_check_mode=True) if not module.params['scopes']: module.params['scopes'] = ['https://www.googleapis.com/auth/sqlservice.admin'] diff --git a/plugins/modules/gcp_storage_default_object_acl.py b/plugins/modules/gcp_storage_default_object_acl.py index 5bfea2f7..45c615f0 100644 --- a/plugins/modules/gcp_storage_default_object_acl.py +++ b/plugins/modules/gcp_storage_default_object_acl.py @@ -62,6 +62,10 @@ options: - The name of the bucket. required: true type: dict + object: + description: + - The target of the ACL. + type: str entity: description: - 'The entity holding the permission, in one of the following forms: * user-{{userId}} diff --git a/plugins/modules/gcp_storage_object.py b/plugins/modules/gcp_storage_object.py index 1411d0ff..aef08296 100644 --- a/plugins/modules/gcp_storage_object.py +++ b/plugins/modules/gcp_storage_object.py @@ -43,7 +43,6 @@ options: src: description: - Source location of file (may be local machine or cloud depending on action). Cloud locations need to be urlencoded including slashes. - required: true type: path dest: description: diff --git a/plugins/modules/gcp_tpu_node.py b/plugins/modules/gcp_tpu_node.py index 32d599e9..87bcc477 100644 --- a/plugins/modules/gcp_tpu_node.py +++ b/plugins/modules/gcp_tpu_node.py @@ -94,7 +94,6 @@ options: to peer the TPU Node to is a Shared VPC network, the node must be created with this this field enabled. required: false - default: 'false' type: bool scheduling_config: description: From 84c42e129bcec10b418f8ba718833ba151c20b52 Mon Sep 17 00:00:00 2001 From: Chris Hawk Date: Wed, 6 Nov 2024 14:44:21 -0800 Subject: [PATCH 05/51] Add an ignore for a no-illegal-filenames lint error in the roles/google_cloud_ops_agents submodule --- tests/sanity/ignore-2.17.txt | 1 + 1 file changed, 1 insertion(+) create mode 100644 tests/sanity/ignore-2.17.txt diff --git a/tests/sanity/ignore-2.17.txt b/tests/sanity/ignore-2.17.txt new file mode 100644 index 00000000..bd7763cd --- /dev/null +++ b/tests/sanity/ignore-2.17.txt @@ -0,0 +1 @@ +roles/google_cloud_ops_agents/./ no-illegal-filenames \ No newline at end of file From 4b7f31c000dafeb8ade6da9438a7257d0ea2c835 Mon Sep 17 00:00:00 2001 From: Chris Hawk Date: Wed, 6 Nov 2024 15:03:59 -0800 Subject: [PATCH 06/51] Remove submodule ignore file --- tests/sanity/ignore-2.17.txt | 1 - 1 file changed, 1 deletion(-) delete mode 100644 tests/sanity/ignore-2.17.txt diff --git a/tests/sanity/ignore-2.17.txt b/tests/sanity/ignore-2.17.txt deleted file mode 100644 index bd7763cd..00000000 --- a/tests/sanity/ignore-2.17.txt +++ /dev/null @@ -1 +0,0 @@ -roles/google_cloud_ops_agents/./ no-illegal-filenames \ No newline at end of file From 537707deef8e9306b0fd28465482dbd761677fbe Mon Sep 17 00:00:00 2001 From: Chris Hawk Date: Wed, 6 Nov 2024 16:16:00 -0800 Subject: [PATCH 07/51] Fix a compute_backend_service permadiff --- plugins/modules/gcp_compute_backend_service.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/plugins/modules/gcp_compute_backend_service.py b/plugins/modules/gcp_compute_backend_service.py index 6339e6e1..6decbc8c 100644 --- a/plugins/modules/gcp_compute_backend_service.py +++ b/plugins/modules/gcp_compute_backend_service.py @@ -88,7 +88,7 @@ options: completely drained, offering 0% of its available Capacity. Valid range is [0.0,1.0]. required: false - default: '1.0' + default: '1' type: str description: description: @@ -1448,7 +1448,7 @@ def main(): # TODO: capacity_scaler does some value normalization # server-side, so there needs to be a way to do proper # value comparison. - capacity_scaler=dict(default="1.0", type="str"), + capacity_scaler=dict(default="1", type="str"), description=dict(type="str"), group=dict(required=True, type="str"), max_connections=dict(type="int"), From 5ebc615a482a9f91856d2dbee67935d8f4443ac6 Mon Sep 17 00:00:00 2001 From: Chris Hawk Date: Fri, 10 Jan 2025 14:52:33 -0800 Subject: [PATCH 08/51] Fix doc lint errors in gcp_pubsub_subscription --- plugins/modules/gcp_pubsub_subscription.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/plugins/modules/gcp_pubsub_subscription.py b/plugins/modules/gcp_pubsub_subscription.py index 9a1425f6..af101c8a 100644 --- a/plugins/modules/gcp_pubsub_subscription.py +++ b/plugins/modules/gcp_pubsub_subscription.py @@ -93,7 +93,7 @@ options: max_duration: description: - Subscription writes a new output file if the specified value of max duration is exceeded. Min 60s, max 600s. - required: true + required: false type: str max_bytes: description: @@ -108,7 +108,7 @@ options: output_format: description: - Specify the format of the output files that are to be stored in a Cloud Storage bucket as text or avro. - required: true + required: false type: str write_metadata: description: From 7cee2e87b03a9b01e08dc274970722b7dffefa6c Mon Sep 17 00:00:00 2001 From: Chris Hawk Date: Fri, 10 Jan 2025 15:01:28 -0800 Subject: [PATCH 09/51] Make 2.17 the min Ansible version --- .github/workflows/ansible-integration-tests.yml | 4 ++-- .github/workflows/ansible-test.yml | 8 ++++---- meta/runtime.yml | 2 +- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/ansible-integration-tests.yml b/.github/workflows/ansible-integration-tests.yml index ce18e0e2..96052495 100644 --- a/.github/workflows/ansible-integration-tests.yml +++ b/.github/workflows/ansible-integration-tests.yml @@ -25,8 +25,8 @@ jobs: # and test against the minimum version of Python supported by both. If/when we change # the integration tests to support parallelism we can revisit. ansible_version: - - stable-2.16 - stable-2.17 + - stable-2.18 steps: - name: check out code uses: actions/checkout@v4 @@ -35,7 +35,7 @@ jobs: - name: Set up Python uses: actions/setup-python@v4 with: - python-version: '3.10' # this is the minimum version required for Ansible 2.16 + python-version: '3.11' # this is the minimum version required for Ansible 2.17 - name: Install dependencies run: pip install -r requirements.txt - name: Install ansible-base (${{ matrix.ansible_version }}) diff --git a/.github/workflows/ansible-test.yml b/.github/workflows/ansible-test.yml index e9fea6a3..29bc3880 100644 --- a/.github/workflows/ansible-test.yml +++ b/.github/workflows/ansible-test.yml @@ -13,12 +13,12 @@ jobs: # of ansible-core and each major version of Python supported by both. # https://docs.ansible.com/ansible/latest/reference_appendices/release_and_maintenance.html#ansible-core-support-matrix ansible_version: - - stable-2.16 - stable-2.17 + - stable-2.18 python_version: - - '3.10' - '3.11' - '3.12' + - '3.13' steps: - name: check out code uses: actions/checkout@v4 @@ -46,12 +46,12 @@ jobs: strategy: matrix: ansible_version: - - stable-2.16 - stable-2.17 + - stable-2.18 python_version: - - '3.10' - '3.11' - '3.12' + - '3.13' steps: - name: check out code uses: actions/checkout@v4 diff --git a/meta/runtime.yml b/meta/runtime.yml index 0f2f2a5b..2034d6a3 100644 --- a/meta/runtime.yml +++ b/meta/runtime.yml @@ -1,5 +1,5 @@ --- -requires_ansible: ">=2.16.0" +requires_ansible: ">=2.17.0" action_groups: gcp: From 38146cdc9b76ddffcca4c5436dd24a1735e635d5 Mon Sep 17 00:00:00 2001 From: Chris Hawk Date: Fri, 10 Jan 2025 15:03:59 -0800 Subject: [PATCH 10/51] Back off Python versions as Ansible 2.17 is not supported with Python 3.13 --- .github/workflows/ansible-test.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ansible-test.yml b/.github/workflows/ansible-test.yml index 29bc3880..50c76fc8 100644 --- a/.github/workflows/ansible-test.yml +++ b/.github/workflows/ansible-test.yml @@ -16,9 +16,9 @@ jobs: - stable-2.17 - stable-2.18 python_version: + - '3.10' - '3.11' - '3.12' - - '3.13' steps: - name: check out code uses: actions/checkout@v4 @@ -49,9 +49,9 @@ jobs: - stable-2.17 - stable-2.18 python_version: + - '3.10' - '3.11' - '3.12' - - '3.13' steps: - name: check out code uses: actions/checkout@v4 From c819fc798d9e16db32a8406d6ee844770faa9394 Mon Sep 17 00:00:00 2001 From: Chris Hawk Date: Fri, 10 Jan 2025 15:06:25 -0800 Subject: [PATCH 11/51] Test with Python 3.11 and 3.12, the two versions compatible with Ansible 2.17 and 2.18 --- .github/workflows/ansible-integration-tests.yml | 2 +- .github/workflows/ansible-test.yml | 2 -- .github/workflows/gcloud.yml | 4 ++-- .github/workflows/gcsfuse.yml | 4 ++-- 4 files changed, 5 insertions(+), 7 deletions(-) diff --git a/.github/workflows/ansible-integration-tests.yml b/.github/workflows/ansible-integration-tests.yml index 96052495..990354ea 100644 --- a/.github/workflows/ansible-integration-tests.yml +++ b/.github/workflows/ansible-integration-tests.yml @@ -70,4 +70,4 @@ jobs: # run tests - name: Run integration tests # Add the -vvv flag to print out more output - run: ansible-test integration -v --color --python 3.10 --venv-system-site-packages + run: ansible-test integration -v --color --python 3.11 --venv-system-site-packages diff --git a/.github/workflows/ansible-test.yml b/.github/workflows/ansible-test.yml index 50c76fc8..cfdb2d0b 100644 --- a/.github/workflows/ansible-test.yml +++ b/.github/workflows/ansible-test.yml @@ -16,7 +16,6 @@ jobs: - stable-2.17 - stable-2.18 python_version: - - '3.10' - '3.11' - '3.12' steps: @@ -49,7 +48,6 @@ jobs: - stable-2.17 - stable-2.18 python_version: - - '3.10' - '3.11' - '3.12' steps: diff --git a/.github/workflows/gcloud.yml b/.github/workflows/gcloud.yml index 711ef940..c1819b86 100644 --- a/.github/workflows/gcloud.yml +++ b/.github/workflows/gcloud.yml @@ -31,10 +31,10 @@ jobs: with: path: ansible_collections/google/cloud - - name: Set up Python 3.10 + - name: Set up Python 3.11 uses: actions/setup-python@v4 with: - python-version: '3.10' + python-version: '3.11' - name: Install dependencies run: | diff --git a/.github/workflows/gcsfuse.yml b/.github/workflows/gcsfuse.yml index 8898703d..bd918441 100644 --- a/.github/workflows/gcsfuse.yml +++ b/.github/workflows/gcsfuse.yml @@ -26,10 +26,10 @@ jobs: with: path: ansible_collections/google/cloud - - name: Set up Python 3.10 + - name: Set up Python 3.11 uses: actions/setup-python@v4 with: - python-version: '3.10' + python-version: '3.11' - name: Install dependencies run: | From d1cf030d936a60473e5649d98ffadcfc7250fba3 Mon Sep 17 00:00:00 2001 From: Chris Hawk Date: Fri, 10 Jan 2025 15:44:30 -0800 Subject: [PATCH 12/51] Try updating gcloud molecule test docker image versions --- molecule/gcloud/Dockerfile.j2 | 8 ++++---- molecule/gcloud/molecule.yml | 4 ++-- molecule/gcsfuse/molecule.yml | 4 ++-- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/molecule/gcloud/Dockerfile.j2 b/molecule/gcloud/Dockerfile.j2 index 5c2401ca..c246fd91 100644 --- a/molecule/gcloud/Dockerfile.j2 +++ b/molecule/gcloud/Dockerfile.j2 @@ -46,7 +46,7 @@ RUN yum -y install python-pip {% endif %} {# Install of Python3 #} -{% if item.image in ["ubuntu:18.04", "ubuntu:20.04", "debian:10"] %} +{% if item.image in ["ubuntu:18.04", "ubuntu:20.04", "ubuntu:24.04", "debian:10", "debian:11", "debian:12"] %} RUN apt-get update \ && apt-get install -y --no-install-recommends \ apt-utils python3-setuptools python3-pip @@ -99,13 +99,13 @@ RUN locale-gen en_US.UTF-8 RUN mkdir -p /etc/ansible RUN echo "[local]\nlocalhost ansible_connection=local" > /etc/ansible/hosts -{% if item.image in ["centos:7", "centos:8", "debian:9", "debian:10"] %} +{% if item.image in ["centos:7", "centos:8", "debian:9", "debian:10", "debian:11", "debian:12"] %} VOLUME ["/sys/fs/cgroup"] -{% elif item.image in ["ubuntu:16.04", "ubuntu:18.04", "ubuntu:20.04"] %} +{% elif item.image in ["ubuntu:16.04", "ubuntu:18.04", "ubuntu:20.04", "ubuntu:24.04"] %} VOLUME ["/sys/fs/cgroup", "/tmp", "/run"] {% endif %} {% if item.image in ["centos:7", "centos:8"] %} CMD ["/usr/sbin/init"] -{% elif item.image in ["ubuntu:16.04", "ubuntu:18.04", "ubuntu:20.04", "debian:9", "debian:10"] %} +{% elif item.image in ["ubuntu:16.04", "ubuntu:18.04", "ubuntu:20.04", "ubuntu:24.04", "debian:9", "debian:10", "debian:11", "debian:12"] %} CMD ["/lib/systemd/systemd"] {% endif %} diff --git a/molecule/gcloud/molecule.yml b/molecule/gcloud/molecule.yml index 707639af..1fa069d1 100644 --- a/molecule/gcloud/molecule.yml +++ b/molecule/gcloud/molecule.yml @@ -9,13 +9,13 @@ lint: | ansible-lint platforms: - name: instance - image: ubuntu:20.04 + image: ubuntu:24.04 privileged: true ansible.builtin.command: /lib/systemd/systemd volumes: - /sys/fs/cgroup:/sys/fs/cgroup:ro - name: instance - image: debian:10 + image: debian:12 privileged: true ansible.builtin.command: /lib/systemd/systemd volumes: diff --git a/molecule/gcsfuse/molecule.yml b/molecule/gcsfuse/molecule.yml index 707639af..1fa069d1 100644 --- a/molecule/gcsfuse/molecule.yml +++ b/molecule/gcsfuse/molecule.yml @@ -9,13 +9,13 @@ lint: | ansible-lint platforms: - name: instance - image: ubuntu:20.04 + image: ubuntu:24.04 privileged: true ansible.builtin.command: /lib/systemd/systemd volumes: - /sys/fs/cgroup:/sys/fs/cgroup:ro - name: instance - image: debian:10 + image: debian:12 privileged: true ansible.builtin.command: /lib/systemd/systemd volumes: From b1a75cf3833d0f4fada040730d261965b096890d Mon Sep 17 00:00:00 2001 From: Chris Hawk Date: Fri, 10 Jan 2025 15:58:54 -0800 Subject: [PATCH 13/51] Install google-cloud-cli instead of google-cloud-sdk --- roles/gcloud/meta/main.yml | 3 +++ roles/gcloud/tasks/package/debian.yml | 10 +++++----- 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/roles/gcloud/meta/main.yml b/roles/gcloud/meta/main.yml index 049ed0ea..25671877 100644 --- a/roles/gcloud/meta/main.yml +++ b/roles/gcloud/meta/main.yml @@ -8,6 +8,9 @@ galaxy_info: platforms: - name: Ubuntu versions: + - focal + - jammy + - noble - precise - trusty - xenial diff --git a/roles/gcloud/tasks/package/debian.yml b/roles/gcloud/tasks/package/debian.yml index 726c79ee..7fc58673 100644 --- a/roles/gcloud/tasks/package/debian.yml +++ b/roles/gcloud/tasks/package/debian.yml @@ -9,20 +9,20 @@ ansible.builtin.apt_repository: repo: deb {{ gcloud_apt_url }} {{ gcloud_apt_repo }} main state: present - filename: google-cloud-sdk + filename: google-cloud-cli -- name: Gcloud | Debian | Install the google-cloud-sdk package +- name: Gcloud | Debian | Install the google-cloud-cli package ansible.builtin.apt: - name: google-cloud-sdk + name: google-cloud-cli update_cache: "yes" register: task_result until: task_result is success retries: 10 delay: 2 -- name: Gcloud | Debian | Install the google-cloud-sdk additional components +- name: Gcloud | Debian | Install the google-cloud-cli additional components ansible.builtin.apt: - name: google-cloud-sdk-{{ item }} + name: google-cloud-cli-{{ item }} update_cache: "yes" register: task_result until: task_result is success From 237f50e8af2a5c5b31574cb8b6816fb2179744cd Mon Sep 17 00:00:00 2001 From: Chris Hawk Date: Fri, 10 Jan 2025 16:23:45 -0800 Subject: [PATCH 14/51] Upgrade archive version of gcloud --- roles/gcloud/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/gcloud/defaults/main.yml b/roles/gcloud/defaults/main.yml index deeec699..6e279329 100644 --- a/roles/gcloud/defaults/main.yml +++ b/roles/gcloud/defaults/main.yml @@ -12,7 +12,7 @@ gcloud_yum_baseurl: https://packages.cloud.google.com/yum/repos/cloud-sdk-el7-x8 gcloud_yum_key: https://packages.cloud.google.com/yum/doc/yum-key.gpg # default values for gcloud archive installation -gcloud_version: 268.0.0 +gcloud_version: 505.0.0 gcloud_archive_name: google-cloud-sdk-{{ gcloud_version }}-linux-{{ ansible_architecture }}.tar.gz gcloud_archive_url: https://dl.google.com/dl/cloudsdk/channels/rapid/downloads/{{ gcloud_archive_name }} gcloud_archive_path: /usr/lib From 42dca7bb1783fb419e0c68553b51c9247a9e349c Mon Sep 17 00:00:00 2001 From: Chris Hawk Date: Fri, 10 Jan 2025 16:36:21 -0800 Subject: [PATCH 15/51] Update gcsfuse molecule test docker image versions --- molecule/gcsfuse/Dockerfile.j2 | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/molecule/gcsfuse/Dockerfile.j2 b/molecule/gcsfuse/Dockerfile.j2 index 5c2401ca..c246fd91 100644 --- a/molecule/gcsfuse/Dockerfile.j2 +++ b/molecule/gcsfuse/Dockerfile.j2 @@ -46,7 +46,7 @@ RUN yum -y install python-pip {% endif %} {# Install of Python3 #} -{% if item.image in ["ubuntu:18.04", "ubuntu:20.04", "debian:10"] %} +{% if item.image in ["ubuntu:18.04", "ubuntu:20.04", "ubuntu:24.04", "debian:10", "debian:11", "debian:12"] %} RUN apt-get update \ && apt-get install -y --no-install-recommends \ apt-utils python3-setuptools python3-pip @@ -99,13 +99,13 @@ RUN locale-gen en_US.UTF-8 RUN mkdir -p /etc/ansible RUN echo "[local]\nlocalhost ansible_connection=local" > /etc/ansible/hosts -{% if item.image in ["centos:7", "centos:8", "debian:9", "debian:10"] %} +{% if item.image in ["centos:7", "centos:8", "debian:9", "debian:10", "debian:11", "debian:12"] %} VOLUME ["/sys/fs/cgroup"] -{% elif item.image in ["ubuntu:16.04", "ubuntu:18.04", "ubuntu:20.04"] %} +{% elif item.image in ["ubuntu:16.04", "ubuntu:18.04", "ubuntu:20.04", "ubuntu:24.04"] %} VOLUME ["/sys/fs/cgroup", "/tmp", "/run"] {% endif %} {% if item.image in ["centos:7", "centos:8"] %} CMD ["/usr/sbin/init"] -{% elif item.image in ["ubuntu:16.04", "ubuntu:18.04", "ubuntu:20.04", "debian:9", "debian:10"] %} +{% elif item.image in ["ubuntu:16.04", "ubuntu:18.04", "ubuntu:20.04", "ubuntu:24.04", "debian:9", "debian:10", "debian:11", "debian:12"] %} CMD ["/lib/systemd/systemd"] {% endif %} From 623c78f1318f63b901d24120b260159ea6c949a4 Mon Sep 17 00:00:00 2001 From: Chris Hawk Date: Tue, 14 Jan 2025 14:02:54 -0800 Subject: [PATCH 16/51] Bump version to 1.5.0 --- CHANGELOG.rst | 18 ++++++++++++++++++ changelogs/changelog.yaml | 17 +++++++++++++++++ .../fix-bigquery-table-create-clustering.yml | 2 -- changelogs/gcp_pubsub_subscription_bugfix.yaml | 2 -- .../gcp_pubsub_subscription_gcs_feature.yaml | 2 -- galaxy.yml | 2 +- 6 files changed, 36 insertions(+), 7 deletions(-) delete mode 100644 changelogs/fragments/fix-bigquery-table-create-clustering.yml delete mode 100644 changelogs/gcp_pubsub_subscription_bugfix.yaml delete mode 100644 changelogs/gcp_pubsub_subscription_gcs_feature.yaml diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 7e76c68a..d7fe8d76 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -4,6 +4,24 @@ Google.Cloud Release Notes .. contents:: Topics +v1.5.0 +====== + +Minor Changes +------------- + +- gcp_pubsub_subscription - allows to create GCS subscription + +Bugfixes +-------- + +- ansible - 2.17 is now the minimum version supported +- ansible - 3.11 is now the minimum Python version +- ansible-test - fixed sanity tests +- ansible-test - integration tests are now run against 2.17 and 2.18 +- gcp_bigquery_table - properly handle BigQuery table clustering fields +- gcp_pubsub_subscription - fixed improper subscription uprade PATCH request + v1.4.1 ====== diff --git a/changelogs/changelog.yaml b/changelogs/changelog.yaml index 738da7bc..bc0d85b5 100644 --- a/changelogs/changelog.yaml +++ b/changelogs/changelog.yaml @@ -100,3 +100,20 @@ releases: fragments: - release-1-4-1.yml release_date: '2024-08-22' + 1.5.0: + changes: + bugfixes: + - ansible - 2.17 is now the minimum version supported + - ansible - 3.11 is now the minimum Python version + - ansible-test - fixed sanity tests + - ansible-test - integration tests are now run against 2.17 and 2.18 + - gcp_bigquery_table - properly handle BigQuery table clustering fields + - gcp_pubsub_subscription - fixed improper subscription uprade PATCH request + minor_changes: + - gcp_pubsub_subscription - allows to create GCS subscription + fragments: + - fix-bigquery-table-create-clustering.yml + - gcp_pubsub_subscription_bugfix.yaml + - gcp_pubsub_subscription_gcs_feature.yaml + - upgrade_anisble.yml + release_date: '2025-01-14' diff --git a/changelogs/fragments/fix-bigquery-table-create-clustering.yml b/changelogs/fragments/fix-bigquery-table-create-clustering.yml deleted file mode 100644 index 02e073a6..00000000 --- a/changelogs/fragments/fix-bigquery-table-create-clustering.yml +++ /dev/null @@ -1,2 +0,0 @@ -bugfixes: - - gcp_bigquery_table - properly handle BigQuery table clustering fields diff --git a/changelogs/gcp_pubsub_subscription_bugfix.yaml b/changelogs/gcp_pubsub_subscription_bugfix.yaml deleted file mode 100644 index 355570d4..00000000 --- a/changelogs/gcp_pubsub_subscription_bugfix.yaml +++ /dev/null @@ -1,2 +0,0 @@ -bugfixes: - - gcp_pubsub_subscription - improper subscription uprade PATCH request \ No newline at end of file diff --git a/changelogs/gcp_pubsub_subscription_gcs_feature.yaml b/changelogs/gcp_pubsub_subscription_gcs_feature.yaml deleted file mode 100644 index c1362897..00000000 --- a/changelogs/gcp_pubsub_subscription_gcs_feature.yaml +++ /dev/null @@ -1,2 +0,0 @@ -features: - - gcp_pubsub_subscription - allows to create GCS subscription \ No newline at end of file diff --git a/galaxy.yml b/galaxy.yml index abd99cb4..b8471c9f 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -10,7 +10,7 @@ namespace: google name: cloud # The version of the collection. Must be compatible with semantic versioning -version: 1.4.1 +version: 1.5.0 # The path to the Markdown (.md) readme file. This path is relative to the root of the collection readme: README.md From 3de16da36a43a337238aef0e176f5f33ae3c7661 Mon Sep 17 00:00:00 2001 From: Chris Hawk Date: Tue, 14 Jan 2025 14:24:58 -0800 Subject: [PATCH 17/51] Remove google_cloud_ops_agents submodule --- .ansible-lint | 3 --- .github/workflows/ansible-test.yml | 5 ++--- .gitmodules | 3 --- CHANGELOG.rst | 5 +++++ changelogs/changelog.yaml | 4 ++++ roles/google_cloud_ops_agents | 1 - 6 files changed, 11 insertions(+), 10 deletions(-) delete mode 160000 roles/google_cloud_ops_agents diff --git a/.ansible-lint b/.ansible-lint index 0c5e6689..e5e7a171 100644 --- a/.ansible-lint +++ b/.ansible-lint @@ -5,6 +5,3 @@ skip_list: - ANSIBLE0010 use_default_rules: true verbosity: 1 -exclude_paths: - # Ignore submodule https://github.com/GoogleCloudPlatform/google-cloud-ops-agents-ansible - - roles/google_cloud_ops_agents/ diff --git a/.github/workflows/ansible-test.yml b/.github/workflows/ansible-test.yml index cfdb2d0b..c632899d 100644 --- a/.github/workflows/ansible-test.yml +++ b/.github/workflows/ansible-test.yml @@ -31,12 +31,11 @@ jobs: - name: Install ansible-base (${{ matrix.ansible_version }}) run: pip install https://github.com/ansible/ansible/archive/${{ matrix.ansible_version }}.tar.gz --disable-pip-version-check - name: Run ansible-test sanity - # validate-modules cannot be turned on until #498 is resolved. - run: ansible-test sanity -v --color --skip validate-modules + run: ansible-test sanity -v --color - name: Install ansible-lint run: pip install ansible-lint==24.7.0 - name: Run ansible-lint - run: ansible-lint --exclude roles/google_cloud_ops_agents/ + run: ansible-lint unit: runs-on: ubuntu-latest defaults: diff --git a/.gitmodules b/.gitmodules index d2424a0a..e69de29b 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,3 +0,0 @@ -[submodule "roles/google_cloud_ops_agents"] - path = roles/google_cloud_ops_agents - url = https://github.com/GoogleCloudPlatform/google-cloud-ops-agents-ansible.git diff --git a/CHANGELOG.rst b/CHANGELOG.rst index d7fe8d76..99681e3f 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -7,6 +7,11 @@ Google.Cloud Release Notes v1.5.0 ====== +Major Changes +------------- + +- google_cloud_ops_agents - role submodule removed because it prevents the collection from passing sanity and lint tests + Minor Changes ------------- diff --git a/changelogs/changelog.yaml b/changelogs/changelog.yaml index bc0d85b5..9ce44389 100644 --- a/changelogs/changelog.yaml +++ b/changelogs/changelog.yaml @@ -109,11 +109,15 @@ releases: - ansible-test - integration tests are now run against 2.17 and 2.18 - gcp_bigquery_table - properly handle BigQuery table clustering fields - gcp_pubsub_subscription - fixed improper subscription uprade PATCH request + major_changes: + - google_cloud_ops_agents - role submodule removed because it prevents the collection + from passing sanity and lint tests minor_changes: - gcp_pubsub_subscription - allows to create GCS subscription fragments: - fix-bigquery-table-create-clustering.yml - gcp_pubsub_subscription_bugfix.yaml - gcp_pubsub_subscription_gcs_feature.yaml + - remove-google_cloud_ops_agents-role.yml - upgrade_anisble.yml release_date: '2025-01-14' diff --git a/roles/google_cloud_ops_agents b/roles/google_cloud_ops_agents deleted file mode 160000 index 99adb1ed..00000000 --- a/roles/google_cloud_ops_agents +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 99adb1edafb02c3573eaf680266205295ba7f159 From 4ee4cc60b52fe0f67299b322b53d9bfbd0f3e597 Mon Sep 17 00:00:00 2001 From: Chris Hawk Date: Tue, 14 Jan 2025 15:15:59 -0800 Subject: [PATCH 18/51] Enable required YAML lint rules and fix results --- .ansible-lint | 2 -- .github/workflows/ansible-test.yml | 2 +- .yamllint | 6 +++++- galaxy.yml | 6 +++--- roles/gcp_http_lb/meta/main.yml | 2 +- .../gcp_appengine_firewall_rule/tasks/autogen.yml | 4 ++-- .../targets/gcp_bigquery_dataset/tasks/autogen.yml | 4 ++-- .../targets/gcp_bigquery_table/tasks/autogen.yml | 6 +++--- .../targets/gcp_bigtable_instance/tasks/autogen.yml | 4 ++-- .../tasks/autogen.yml | 4 ++-- .../targets/gcp_cloudscheduler_job/tasks/autogen.yml | 4 ++-- .../targets/gcp_cloudtasks_queue/tasks/autogen.yml | 4 ++-- .../targets/gcp_compute_address/tasks/autogen.yml | 4 ++-- .../targets/gcp_compute_autoscaler/tasks/autogen.yml | 6 +++--- .../gcp_compute_backend_bucket/tasks/autogen.yml | 6 +++--- .../gcp_compute_backend_service/tasks/autogen.yml | 6 +++--- .../targets/gcp_compute_disk/tasks/autogen.yml | 4 ++-- .../gcp_compute_external_vpn_gateway/tasks/autogen.yml | 4 ++-- .../targets/gcp_compute_firewall/tasks/autogen.yml | 4 ++-- .../targets/gcp_compute_firewall/tasks/update.yml | 4 ++-- .../gcp_compute_forwarding_rule/tasks/autogen.yml | 6 +++--- .../gcp_compute_global_address/tasks/autogen.yml | 4 ++-- .../tasks/autogen.yml | 6 +++--- .../targets/gcp_compute_health_check/tasks/autogen.yml | 4 ++-- .../gcp_compute_http_health_check/tasks/autogen.yml | 4 ++-- .../gcp_compute_https_health_check/tasks/autogen.yml | 4 ++-- .../targets/gcp_compute_image/tasks/autogen.yml | 6 +++--- .../targets/gcp_compute_instance/tasks/autogen.yml | 6 +++--- .../gcp_compute_instance_group/tasks/autogen.yml | 6 +++--- .../tasks/autogen.yml | 6 +++--- .../gcp_compute_instance_template/tasks/autogen.yml | 6 +++--- .../targets/gcp_compute_network/tasks/autogen.yml | 4 ++-- .../tasks/autogen.yml | 6 +++--- .../targets/gcp_compute_node_group/tasks/autogen.yml | 6 +++--- .../gcp_compute_node_template/tasks/autogen.yml | 4 ++-- .../gcp_compute_region_autoscaler/tasks/autogen.yml | 6 +++--- .../tasks/autogen.yml | 6 +++--- .../targets/gcp_compute_region_disk/tasks/autogen.yml | 4 ++-- .../gcp_compute_region_health_check/tasks/autogen.yml | 4 ++-- .../tasks/autogen.yml | 6 +++--- .../tasks/autogen.yml | 6 +++--- .../tasks/autogen.yml | 6 +++--- .../gcp_compute_region_url_map/tasks/autogen.yml | 6 +++--- .../targets/gcp_compute_reservation/tasks/autogen.yml | 4 ++-- .../gcp_compute_resource_policy/tasks/autogen.yml | 4 ++-- .../targets/gcp_compute_route/tasks/autogen.yml | 6 +++--- .../targets/gcp_compute_router/tasks/autogen.yml | 6 +++--- .../targets/gcp_compute_snapshot/tasks/autogen.yml | 6 +++--- .../gcp_compute_ssl_certificate/tasks/autogen.yml | 4 ++-- .../targets/gcp_compute_ssl_policy/tasks/autogen.yml | 4 ++-- .../targets/gcp_compute_subnetwork/tasks/autogen.yml | 6 +++--- .../gcp_compute_target_http_proxy/tasks/autogen.yml | 6 +++--- .../gcp_compute_target_https_proxy/tasks/autogen.yml | 6 +++--- .../gcp_compute_target_instance/tasks/autogen.yml | 6 +++--- .../targets/gcp_compute_target_pool/tasks/autogen.yml | 4 ++-- .../gcp_compute_target_ssl_proxy/tasks/autogen.yml | 6 +++--- .../gcp_compute_target_tcp_proxy/tasks/autogen.yml | 6 +++--- .../gcp_compute_target_vpn_gateway/tasks/autogen.yml | 6 +++--- .../targets/gcp_compute_url_map/tasks/autogen.yml | 6 +++--- .../targets/gcp_compute_vpn_tunnel/tasks/autogen.yml | 6 +++--- .../targets/gcp_container_cluster/tasks/autogen.yml | 4 ++-- .../targets/gcp_container_node_pool/tasks/autogen.yml | 6 +++--- .../targets/gcp_dns_managed_zone/tasks/autogen.yml | 4 ++-- .../gcp_dns_resource_record_set/tasks/autogen.yml | 6 +++--- .../targets/gcp_filestore_instance/tasks/autogen.yml | 4 ++-- .../integration/targets/gcp_iam_role/tasks/autogen.yml | 4 ++-- .../targets/gcp_iam_service_account/tasks/autogen.yml | 4 ++-- .../targets/gcp_kms_crypto_key/tasks/autogen.yml | 2 +- .../targets/gcp_kms_key_ring/tasks/autogen.yml | 2 +- .../targets/gcp_logging_metric/tasks/autogen.yml | 4 ++-- .../targets/gcp_mlengine_model/tasks/autogen.yml | 4 ++-- .../targets/gcp_mlengine_version/tasks/autogen.yml | 6 +++--- .../targets/gcp_pubsub_subscription/tasks/autogen.yml | 10 +++++----- .../targets/gcp_pubsub_topic/tasks/autogen.yml | 4 ++-- .../targets/gcp_redis_instance/tasks/autogen.yml | 6 +++--- .../gcp_resourcemanager_project/tasks/autogen.yml | 4 ++-- .../targets/gcp_runtimeconfig_config/tasks/autogen.yml | 4 ++-- .../gcp_runtimeconfig_variable/tasks/autogen.yml | 6 +++--- .../targets/gcp_serviceusage_service/tasks/autogen.yml | 4 ++-- .../gcp_sourcerepo_repository/tasks/autogen.yml | 4 ++-- .../targets/gcp_spanner_database/tasks/autogen.yml | 6 +++--- .../targets/gcp_spanner_instance/tasks/autogen.yml | 4 ++-- .../targets/gcp_sql_database/tasks/autogen.yml | 6 +++--- .../targets/gcp_sql_instance/tasks/autogen.yml | 4 ++-- .../targets/gcp_sql_ssl_cert/tasks/autogen.yml | 6 +++--- .../integration/targets/gcp_sql_user/tasks/autogen.yml | 6 +++--- .../targets/gcp_storage_bucket/tasks/autogen.yml | 4 ++-- .../tasks/autogen.yml | 6 +++--- .../gcp_storage_default_object_acl/tasks/autogen.yml | 6 +++--- .../targets/gcp_storage_object/tasks/main.yml | 4 ++-- .../integration/targets/gcp_tpu_node/tasks/autogen.yml | 4 ++-- 91 files changed, 225 insertions(+), 223 deletions(-) diff --git a/.ansible-lint b/.ansible-lint index e5e7a171..e76ae9cd 100644 --- a/.ansible-lint +++ b/.ansible-lint @@ -1,7 +1,5 @@ --- profile: production parseable: true -skip_list: - - ANSIBLE0010 use_default_rules: true verbosity: 1 diff --git a/.github/workflows/ansible-test.yml b/.github/workflows/ansible-test.yml index c632899d..0c7cf634 100644 --- a/.github/workflows/ansible-test.yml +++ b/.github/workflows/ansible-test.yml @@ -33,7 +33,7 @@ jobs: - name: Run ansible-test sanity run: ansible-test sanity -v --color - name: Install ansible-lint - run: pip install ansible-lint==24.7.0 + run: pip install ansible-lint - name: Run ansible-lint run: ansible-lint unit: diff --git a/.yamllint b/.yamllint index 88276760..a473cdc6 100644 --- a/.yamllint +++ b/.yamllint @@ -15,7 +15,8 @@ rules: commas: max-spaces-after: -1 level: error - comments: disable + comments: + min-spaces-from-content: 1 comments-indentation: disable document-start: disable empty-lines: @@ -29,5 +30,8 @@ rules: new-line-at-end-of-file: disable new-lines: type: unix + octal-values: + forbid-implicit-octal: true + forbid-explicit-octal: true trailing-spaces: disable truthy: disable diff --git a/galaxy.yml b/galaxy.yml index b8471c9f..f015ca36 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -33,7 +33,7 @@ license: # The path to the license file for the collection. This path is relative to the root of the collection. This key is # mutually exclusive with 'license' -#license_file: '' +# license_file: '' # A list of tags you want to associate with the collection for indexing/searching. A tag name has the same character # requirements as 'namespace' and 'name' @@ -48,13 +48,13 @@ tags: # collection label 'namespace.name'. The value is a version range # L(specifiers,https://python-semanticversion.readthedocs.io/en/latest/#requirement-specification). Multiple version # range specifiers can be set and are separated by ',' -#dependencies: {} +# dependencies: {} # The URL of the originating SCM repository repository: https://github.com/ansible-collections/google.cloud # The URL to any online docs -#documentation: http://docs.example.com +# documentation: http://docs.example.com # The URL to the homepage of the collection/project homepage: http://cloud.google.com diff --git a/roles/gcp_http_lb/meta/main.yml b/roles/gcp_http_lb/meta/main.yml index 98cccc5c..82e2fdaa 100644 --- a/roles/gcp_http_lb/meta/main.yml +++ b/roles/gcp_http_lb/meta/main.yml @@ -27,7 +27,7 @@ galaxy_info: # this branch. If Travis integration is configured, only notifications for this # branch will be accepted. Otherwise, in all cases, the repo's default branch # (usually master) will be used. - #github_branch: + # github_branch: # # Provide a list of supported platforms, and for each platform a list of versions. diff --git a/tests/integration/targets/gcp_appengine_firewall_rule/tasks/autogen.yml b/tests/integration/targets/gcp_appengine_firewall_rule/tasks/autogen.yml index a38d9a7f..1ec0c251 100644 --- a/tests/integration/targets/gcp_appengine_firewall_rule/tasks/autogen.yml +++ b/tests/integration/targets/gcp_appengine_firewall_rule/tasks/autogen.yml @@ -22,7 +22,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a firewall rule google.cloud.gcp_appengine_firewall_rule: priority: 1000 @@ -64,7 +64,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a firewall rule google.cloud.gcp_appengine_firewall_rule: priority: 1000 diff --git a/tests/integration/targets/gcp_bigquery_dataset/tasks/autogen.yml b/tests/integration/targets/gcp_bigquery_dataset/tasks/autogen.yml index 71484a34..6483a721 100644 --- a/tests/integration/targets/gcp_bigquery_dataset/tasks/autogen.yml +++ b/tests/integration/targets/gcp_bigquery_dataset/tasks/autogen.yml @@ -22,7 +22,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a dataset google.cloud.gcp_bigquery_dataset: name: my_example_dataset @@ -64,7 +64,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a dataset google.cloud.gcp_bigquery_dataset: name: my_example_dataset diff --git a/tests/integration/targets/gcp_bigquery_table/tasks/autogen.yml b/tests/integration/targets/gcp_bigquery_table/tasks/autogen.yml index 1e42d655..1b94a8ad 100644 --- a/tests/integration/targets/gcp_bigquery_table/tasks/autogen.yml +++ b/tests/integration/targets/gcp_bigquery_table/tasks/autogen.yml @@ -35,7 +35,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a table google.cloud.gcp_bigquery_table: name: example_table @@ -84,7 +84,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a table google.cloud.gcp_bigquery_table: name: example_table @@ -133,7 +133,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a dataset diff --git a/tests/integration/targets/gcp_bigtable_instance/tasks/autogen.yml b/tests/integration/targets/gcp_bigtable_instance/tasks/autogen.yml index 7406950d..a8a54ca3 100644 --- a/tests/integration/targets/gcp_bigtable_instance/tasks/autogen.yml +++ b/tests/integration/targets/gcp_bigtable_instance/tasks/autogen.yml @@ -25,7 +25,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a instance google.cloud.gcp_bigtable_instance: name: my-instance @@ -71,7 +71,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a instance google.cloud.gcp_bigtable_instance: name: my-instance diff --git a/tests/integration/targets/gcp_cloudfunctions_cloud_function/tasks/autogen.yml b/tests/integration/targets/gcp_cloudfunctions_cloud_function/tasks/autogen.yml index da43b215..e86e5055 100644 --- a/tests/integration/targets/gcp_cloudfunctions_cloud_function/tasks/autogen.yml +++ b/tests/integration/targets/gcp_cloudfunctions_cloud_function/tasks/autogen.yml @@ -25,7 +25,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a cloud function google.cloud.gcp_cloudfunctions_cloud_function: name: "{{ resource_name }}" @@ -76,7 +76,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a cloud function google.cloud.gcp_cloudfunctions_cloud_function: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_cloudscheduler_job/tasks/autogen.yml b/tests/integration/targets/gcp_cloudscheduler_job/tasks/autogen.yml index 917e323a..247b4e8a 100644 --- a/tests/integration/targets/gcp_cloudscheduler_job/tasks/autogen.yml +++ b/tests/integration/targets/gcp_cloudscheduler_job/tasks/autogen.yml @@ -32,7 +32,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a job google.cloud.gcp_cloudscheduler_job: name: job @@ -95,7 +95,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a job google.cloud.gcp_cloudscheduler_job: name: job diff --git a/tests/integration/targets/gcp_cloudtasks_queue/tasks/autogen.yml b/tests/integration/targets/gcp_cloudtasks_queue/tasks/autogen.yml index 6e1f70f2..73b3dab9 100644 --- a/tests/integration/targets/gcp_cloudtasks_queue/tasks/autogen.yml +++ b/tests/integration/targets/gcp_cloudtasks_queue/tasks/autogen.yml @@ -21,7 +21,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a queue google.cloud.gcp_cloudtasks_queue: name: "{{ resource_name }}" @@ -62,7 +62,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a queue google.cloud.gcp_cloudtasks_queue: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_compute_address/tasks/autogen.yml b/tests/integration/targets/gcp_compute_address/tasks/autogen.yml index b4e9634d..f595dcfd 100644 --- a/tests/integration/targets/gcp_compute_address/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_address/tasks/autogen.yml @@ -21,7 +21,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a address google.cloud.gcp_compute_address: name: test-address1 @@ -64,7 +64,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a address google.cloud.gcp_compute_address: name: test-address1 diff --git a/tests/integration/targets/gcp_compute_autoscaler/tasks/autogen.yml b/tests/integration/targets/gcp_compute_autoscaler/tasks/autogen.yml index 4e1ad768..792e8a54 100644 --- a/tests/integration/targets/gcp_compute_autoscaler/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_autoscaler/tasks/autogen.yml @@ -79,7 +79,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a autoscaler google.cloud.gcp_compute_autoscaler: name: "{{ resource_name }}" @@ -136,7 +136,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a autoscaler google.cloud.gcp_compute_autoscaler: name: "{{ resource_name }}" @@ -193,7 +193,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a instance group manager diff --git a/tests/integration/targets/gcp_compute_backend_bucket/tasks/autogen.yml b/tests/integration/targets/gcp_compute_backend_bucket/tasks/autogen.yml index c54b0227..f4d51bfc 100644 --- a/tests/integration/targets/gcp_compute_backend_bucket/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_backend_bucket/tasks/autogen.yml @@ -31,7 +31,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a backend bucket google.cloud.gcp_compute_backend_bucket: name: "{{ resource_name }}" @@ -77,7 +77,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a backend bucket google.cloud.gcp_compute_backend_bucket: name: "{{ resource_name }}" @@ -123,7 +123,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a bucket diff --git a/tests/integration/targets/gcp_compute_backend_service/tasks/autogen.yml b/tests/integration/targets/gcp_compute_backend_service/tasks/autogen.yml index 011a5d4c..939cc64b 100644 --- a/tests/integration/targets/gcp_compute_backend_service/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_backend_service/tasks/autogen.yml @@ -46,7 +46,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a backend service google.cloud.gcp_compute_backend_service: name: "{{ resource_name }}" @@ -96,7 +96,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a backend service google.cloud.gcp_compute_backend_service: name: "{{ resource_name }}" @@ -146,7 +146,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a HTTP health check diff --git a/tests/integration/targets/gcp_compute_disk/tasks/autogen.yml b/tests/integration/targets/gcp_compute_disk/tasks/autogen.yml index 96379724..f77418f2 100644 --- a/tests/integration/targets/gcp_compute_disk/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_disk/tasks/autogen.yml @@ -24,7 +24,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a disk google.cloud.gcp_compute_disk: name: "{{ resource_name }}" @@ -73,7 +73,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a disk google.cloud.gcp_compute_disk: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_compute_external_vpn_gateway/tasks/autogen.yml b/tests/integration/targets/gcp_compute_external_vpn_gateway/tasks/autogen.yml index f6fd6da7..0e092c8b 100644 --- a/tests/integration/targets/gcp_compute_external_vpn_gateway/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_external_vpn_gateway/tasks/autogen.yml @@ -25,7 +25,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a external vpn gateway google.cloud.gcp_compute_external_vpn_gateway: name: "{{ resource_name }}" @@ -75,7 +75,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a external vpn gateway google.cloud.gcp_compute_external_vpn_gateway: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_compute_firewall/tasks/autogen.yml b/tests/integration/targets/gcp_compute_firewall/tasks/autogen.yml index bf51839d..f956734c 100644 --- a/tests/integration/targets/gcp_compute_firewall/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_firewall/tasks/autogen.yml @@ -29,7 +29,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a firewall google.cloud.gcp_compute_firewall: name: "{{ resource_name }}" @@ -87,7 +87,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a firewall google.cloud.gcp_compute_firewall: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_compute_firewall/tasks/update.yml b/tests/integration/targets/gcp_compute_firewall/tasks/update.yml index 3a2f73a9..3bee9adb 100644 --- a/tests/integration/targets/gcp_compute_firewall/tasks/update.yml +++ b/tests/integration/targets/gcp_compute_firewall/tasks/update.yml @@ -42,7 +42,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a firewall google.cloud.gcp_compute_firewall: name: "{{ resource_name }}" @@ -119,7 +119,7 @@ ansible.builtin.assert: that: - results['resources'][0]['allowed'][0]['ports'][0] == '55' -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a firewall google.cloud.gcp_compute_firewall: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_compute_forwarding_rule/tasks/autogen.yml b/tests/integration/targets/gcp_compute_forwarding_rule/tasks/autogen.yml index c26206fe..fd70aae6 100644 --- a/tests/integration/targets/gcp_compute_forwarding_rule/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_forwarding_rule/tasks/autogen.yml @@ -43,7 +43,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a forwarding rule google.cloud.gcp_compute_forwarding_rule: name: "{{ resource_name }}" @@ -94,7 +94,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a forwarding rule google.cloud.gcp_compute_forwarding_rule: name: "{{ resource_name }}" @@ -145,7 +145,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a target pool diff --git a/tests/integration/targets/gcp_compute_global_address/tasks/autogen.yml b/tests/integration/targets/gcp_compute_global_address/tasks/autogen.yml index 3333e3f5..6d6849a3 100644 --- a/tests/integration/targets/gcp_compute_global_address/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_global_address/tasks/autogen.yml @@ -20,7 +20,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a global address google.cloud.gcp_compute_global_address: name: "{{ resource_name }}" @@ -60,7 +60,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a global address google.cloud.gcp_compute_global_address: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_compute_global_forwarding_rule/tasks/autogen.yml b/tests/integration/targets/gcp_compute_global_forwarding_rule/tasks/autogen.yml index 93bab3af..afc395fb 100644 --- a/tests/integration/targets/gcp_compute_global_forwarding_rule/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_global_forwarding_rule/tasks/autogen.yml @@ -84,7 +84,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a global forwarding rule google.cloud.gcp_compute_global_forwarding_rule: name: "{{ resource_name }}" @@ -132,7 +132,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a global forwarding rule google.cloud.gcp_compute_global_forwarding_rule: name: "{{ resource_name }}" @@ -180,7 +180,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a target HTTP proxy diff --git a/tests/integration/targets/gcp_compute_health_check/tasks/autogen.yml b/tests/integration/targets/gcp_compute_health_check/tasks/autogen.yml index d529ec68..30d44672 100644 --- a/tests/integration/targets/gcp_compute_health_check/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_health_check/tasks/autogen.yml @@ -28,7 +28,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a health check google.cloud.gcp_compute_health_check: name: "{{ resource_name }}" @@ -84,7 +84,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a health check google.cloud.gcp_compute_health_check: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_compute_http_health_check/tasks/autogen.yml b/tests/integration/targets/gcp_compute_http_health_check/tasks/autogen.yml index 1ff3b89d..d40d7c41 100644 --- a/tests/integration/targets/gcp_compute_http_health_check/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_http_health_check/tasks/autogen.yml @@ -24,7 +24,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a HTTP health check google.cloud.gcp_compute_http_health_check: name: "{{ resource_name }}" @@ -72,7 +72,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a HTTP health check google.cloud.gcp_compute_http_health_check: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_compute_https_health_check/tasks/autogen.yml b/tests/integration/targets/gcp_compute_https_health_check/tasks/autogen.yml index c79968c0..21259acb 100644 --- a/tests/integration/targets/gcp_compute_https_health_check/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_https_health_check/tasks/autogen.yml @@ -24,7 +24,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a HTTPS health check google.cloud.gcp_compute_https_health_check: name: "{{ resource_name }}" @@ -72,7 +72,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a HTTPS health check google.cloud.gcp_compute_https_health_check: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_compute_image/tasks/autogen.yml b/tests/integration/targets/gcp_compute_image/tasks/autogen.yml index e44f0102..72b1fa31 100644 --- a/tests/integration/targets/gcp_compute_image/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_image/tasks/autogen.yml @@ -30,7 +30,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a image google.cloud.gcp_compute_image: name: "{{ resource_name }}" @@ -72,7 +72,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a image google.cloud.gcp_compute_image: name: "{{ resource_name }}" @@ -114,7 +114,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a disk diff --git a/tests/integration/targets/gcp_compute_instance/tasks/autogen.yml b/tests/integration/targets/gcp_compute_instance/tasks/autogen.yml index fbec1e16..863da290 100644 --- a/tests/integration/targets/gcp_compute_instance/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_instance/tasks/autogen.yml @@ -70,7 +70,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a instance google.cloud.gcp_compute_instance: name: "{{ resource_name }}" @@ -153,7 +153,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a instance google.cloud.gcp_compute_instance: name: "{{ resource_name }}" @@ -236,7 +236,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a address diff --git a/tests/integration/targets/gcp_compute_instance_group/tasks/autogen.yml b/tests/integration/targets/gcp_compute_instance_group/tasks/autogen.yml index 340c8ca0..59932abf 100644 --- a/tests/integration/targets/gcp_compute_instance_group/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_instance_group/tasks/autogen.yml @@ -34,7 +34,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a instance group google.cloud.gcp_compute_instance_group: name: "{{ resource_name }}" @@ -85,7 +85,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a instance group google.cloud.gcp_compute_instance_group: name: "{{ resource_name }}" @@ -136,7 +136,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a network diff --git a/tests/integration/targets/gcp_compute_instance_group_manager/tasks/autogen.yml b/tests/integration/targets/gcp_compute_instance_group_manager/tasks/autogen.yml index a60441e2..6c6f0dda 100644 --- a/tests/integration/targets/gcp_compute_instance_group_manager/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_instance_group_manager/tasks/autogen.yml @@ -63,7 +63,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a instance group manager google.cloud.gcp_compute_instance_group_manager: name: "{{ resource_name }}" @@ -112,7 +112,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a instance group manager google.cloud.gcp_compute_instance_group_manager: name: "{{ resource_name }}" @@ -161,7 +161,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a instance template diff --git a/tests/integration/targets/gcp_compute_instance_template/tasks/autogen.yml b/tests/integration/targets/gcp_compute_instance_template/tasks/autogen.yml index 72fb8098..6db4c44b 100644 --- a/tests/integration/targets/gcp_compute_instance_template/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_instance_template/tasks/autogen.yml @@ -51,7 +51,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a instance template google.cloud.gcp_compute_instance_template: name: "{{ resource_name }}" @@ -117,7 +117,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a instance template google.cloud.gcp_compute_instance_template: name: "{{ resource_name }}" @@ -183,7 +183,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a address diff --git a/tests/integration/targets/gcp_compute_network/tasks/autogen.yml b/tests/integration/targets/gcp_compute_network/tasks/autogen.yml index b887e2b1..f4b7a053 100644 --- a/tests/integration/targets/gcp_compute_network/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_network/tasks/autogen.yml @@ -21,7 +21,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a network google.cloud.gcp_compute_network: name: "{{ resource_name }}" @@ -63,7 +63,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a network google.cloud.gcp_compute_network: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_compute_network_endpoint_group/tasks/autogen.yml b/tests/integration/targets/gcp_compute_network_endpoint_group/tasks/autogen.yml index 81f46d27..fd55eee9 100644 --- a/tests/integration/targets/gcp_compute_network_endpoint_group/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_network_endpoint_group/tasks/autogen.yml @@ -44,7 +44,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a network endpoint group google.cloud.gcp_compute_network_endpoint_group: name: "{{ resource_name }}" @@ -93,7 +93,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a network endpoint group google.cloud.gcp_compute_network_endpoint_group: name: "{{ resource_name }}" @@ -142,7 +142,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a subnetwork diff --git a/tests/integration/targets/gcp_compute_node_group/tasks/autogen.yml b/tests/integration/targets/gcp_compute_node_group/tasks/autogen.yml index 25d46afa..2ccf5146 100644 --- a/tests/integration/targets/gcp_compute_node_group/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_node_group/tasks/autogen.yml @@ -34,7 +34,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a node group google.cloud.gcp_compute_node_group: name: "{{ resource_name }}" @@ -83,7 +83,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a node group google.cloud.gcp_compute_node_group: name: "{{ resource_name }}" @@ -132,7 +132,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a node template diff --git a/tests/integration/targets/gcp_compute_node_template/tasks/autogen.yml b/tests/integration/targets/gcp_compute_node_template/tasks/autogen.yml index f21ce636..944fefa6 100644 --- a/tests/integration/targets/gcp_compute_node_template/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_node_template/tasks/autogen.yml @@ -22,7 +22,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a node template google.cloud.gcp_compute_node_template: name: "{{ resource_name }}" @@ -67,7 +67,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a node template google.cloud.gcp_compute_node_template: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_compute_region_autoscaler/tasks/autogen.yml b/tests/integration/targets/gcp_compute_region_autoscaler/tasks/autogen.yml index 5a986a9f..03df99ee 100644 --- a/tests/integration/targets/gcp_compute_region_autoscaler/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_region_autoscaler/tasks/autogen.yml @@ -79,7 +79,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a region autoscaler google.cloud.gcp_compute_region_autoscaler: name: my-region-autoscaler @@ -136,7 +136,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a region autoscaler google.cloud.gcp_compute_region_autoscaler: name: my-region-autoscaler @@ -193,7 +193,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a region instance group manager diff --git a/tests/integration/targets/gcp_compute_region_backend_service/tasks/autogen.yml b/tests/integration/targets/gcp_compute_region_backend_service/tasks/autogen.yml index beb644a7..7267a924 100644 --- a/tests/integration/targets/gcp_compute_region_backend_service/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_region_backend_service/tasks/autogen.yml @@ -39,7 +39,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a region backend service google.cloud.gcp_compute_region_backend_service: name: "{{ resource_name }}" @@ -92,7 +92,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a region backend service google.cloud.gcp_compute_region_backend_service: name: "{{ resource_name }}" @@ -145,7 +145,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a health check diff --git a/tests/integration/targets/gcp_compute_region_disk/tasks/autogen.yml b/tests/integration/targets/gcp_compute_region_disk/tasks/autogen.yml index 1b04a50d..fc75b5fa 100644 --- a/tests/integration/targets/gcp_compute_region_disk/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_region_disk/tasks/autogen.yml @@ -27,7 +27,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a region disk google.cloud.gcp_compute_region_disk: name: "{{ resource_name }}" @@ -82,7 +82,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a region disk google.cloud.gcp_compute_region_disk: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_compute_region_health_check/tasks/autogen.yml b/tests/integration/targets/gcp_compute_region_health_check/tasks/autogen.yml index badcfb84..63fdc2e1 100644 --- a/tests/integration/targets/gcp_compute_region_health_check/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_region_health_check/tasks/autogen.yml @@ -29,7 +29,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a region health check google.cloud.gcp_compute_region_health_check: name: "{{ resource_name }}" @@ -88,7 +88,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a region health check google.cloud.gcp_compute_region_health_check: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_compute_region_instance_group_manager/tasks/autogen.yml b/tests/integration/targets/gcp_compute_region_instance_group_manager/tasks/autogen.yml index e6064642..5a285414 100644 --- a/tests/integration/targets/gcp_compute_region_instance_group_manager/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_region_instance_group_manager/tasks/autogen.yml @@ -63,7 +63,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a region instance group manager google.cloud.gcp_compute_region_instance_group_manager: name: "{{ resource_name }}" @@ -112,7 +112,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a region instance group manager google.cloud.gcp_compute_region_instance_group_manager: name: "{{ resource_name }}" @@ -161,7 +161,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a instance template diff --git a/tests/integration/targets/gcp_compute_region_target_http_proxy/tasks/autogen.yml b/tests/integration/targets/gcp_compute_region_target_http_proxy/tasks/autogen.yml index 9c1da53d..1c7927f4 100644 --- a/tests/integration/targets/gcp_compute_region_target_http_proxy/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_region_target_http_proxy/tasks/autogen.yml @@ -44,7 +44,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a region target HTTP proxy google.cloud.gcp_compute_region_target_http_proxy: name: "{{ resource_name }}" @@ -89,7 +89,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a region target HTTP proxy google.cloud.gcp_compute_region_target_http_proxy: name: "{{ resource_name }}" @@ -134,7 +134,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a URL map diff --git a/tests/integration/targets/gcp_compute_region_target_https_proxy/tasks/autogen.yml b/tests/integration/targets/gcp_compute_region_target_https_proxy/tasks/autogen.yml index ac02c562..198d5642 100644 --- a/tests/integration/targets/gcp_compute_region_target_https_proxy/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_region_target_https_proxy/tasks/autogen.yml @@ -102,7 +102,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a region target HTTPS proxy google.cloud.gcp_compute_region_target_https_proxy: name: "{{ resource_name }}" @@ -151,7 +151,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a region target HTTPS proxy google.cloud.gcp_compute_region_target_https_proxy: name: "{{ resource_name }}" @@ -200,7 +200,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a SSL certificate diff --git a/tests/integration/targets/gcp_compute_region_url_map/tasks/autogen.yml b/tests/integration/targets/gcp_compute_region_url_map/tasks/autogen.yml index 1cbfae96..f859cb4d 100644 --- a/tests/integration/targets/gcp_compute_region_url_map/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_region_url_map/tasks/autogen.yml @@ -33,7 +33,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a region URL map google.cloud.gcp_compute_region_url_map: name: "{{ resource_name }}" @@ -78,7 +78,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a region URL map google.cloud.gcp_compute_region_url_map: name: "{{ resource_name }}" @@ -123,7 +123,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a region backend service diff --git a/tests/integration/targets/gcp_compute_reservation/tasks/autogen.yml b/tests/integration/targets/gcp_compute_reservation/tasks/autogen.yml index 7663bf5b..aba1e6a2 100644 --- a/tests/integration/targets/gcp_compute_reservation/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_reservation/tasks/autogen.yml @@ -26,7 +26,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a reservation google.cloud.gcp_compute_reservation: name: "{{ resource_name }}" @@ -79,7 +79,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a reservation google.cloud.gcp_compute_reservation: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_compute_resource_policy/tasks/autogen.yml b/tests/integration/targets/gcp_compute_resource_policy/tasks/autogen.yml index 86647db0..4bc6393c 100644 --- a/tests/integration/targets/gcp_compute_resource_policy/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_resource_policy/tasks/autogen.yml @@ -26,7 +26,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a resource policy google.cloud.gcp_compute_resource_policy: name: "{{ resource_name }}" @@ -79,7 +79,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a resource policy google.cloud.gcp_compute_resource_policy: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_compute_route/tasks/autogen.yml b/tests/integration/targets/gcp_compute_route/tasks/autogen.yml index 347c503c..27139828 100644 --- a/tests/integration/targets/gcp_compute_route/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_route/tasks/autogen.yml @@ -35,7 +35,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a route google.cloud.gcp_compute_route: name: "{{ resource_name }}" @@ -106,7 +106,7 @@ ansible.builtin.assert: that: - result.changed == true -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a route google.cloud.gcp_compute_route: name: "{{ resource_name }}" @@ -158,7 +158,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a network diff --git a/tests/integration/targets/gcp_compute_router/tasks/autogen.yml b/tests/integration/targets/gcp_compute_router/tasks/autogen.yml index 07acc693..a69ef79f 100644 --- a/tests/integration/targets/gcp_compute_router/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_router/tasks/autogen.yml @@ -39,7 +39,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a router google.cloud.gcp_compute_router: name: "{{ resource_name }}" @@ -100,7 +100,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a router google.cloud.gcp_compute_router: name: "{{ resource_name }}" @@ -161,7 +161,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a network diff --git a/tests/integration/targets/gcp_compute_snapshot/tasks/autogen.yml b/tests/integration/targets/gcp_compute_snapshot/tasks/autogen.yml index 435284e0..6df909ae 100644 --- a/tests/integration/targets/gcp_compute_snapshot/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_snapshot/tasks/autogen.yml @@ -33,7 +33,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a snapshot google.cloud.gcp_compute_snapshot: name: "{{ resource_name }}" @@ -81,7 +81,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a snapshot google.cloud.gcp_compute_snapshot: name: "{{ resource_name }}" @@ -129,7 +129,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a disk diff --git a/tests/integration/targets/gcp_compute_ssl_certificate/tasks/autogen.yml b/tests/integration/targets/gcp_compute_ssl_certificate/tasks/autogen.yml index 9d36683d..a3bb3fe8 100644 --- a/tests/integration/targets/gcp_compute_ssl_certificate/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_ssl_certificate/tasks/autogen.yml @@ -45,7 +45,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a SSL certificate google.cloud.gcp_compute_ssl_certificate: name: "{{ resource_name }}" @@ -135,7 +135,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a SSL certificate google.cloud.gcp_compute_ssl_certificate: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_compute_ssl_policy/tasks/autogen.yml b/tests/integration/targets/gcp_compute_ssl_policy/tasks/autogen.yml index adbba9f3..71fa905f 100644 --- a/tests/integration/targets/gcp_compute_ssl_policy/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_ssl_policy/tasks/autogen.yml @@ -25,7 +25,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a SSL policy google.cloud.gcp_compute_ssl_policy: name: "{{ resource_name }}" @@ -75,7 +75,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a SSL policy google.cloud.gcp_compute_ssl_policy: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_compute_subnetwork/tasks/autogen.yml b/tests/integration/targets/gcp_compute_subnetwork/tasks/autogen.yml index 6849ccac..48f5d33c 100644 --- a/tests/integration/targets/gcp_compute_subnetwork/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_subnetwork/tasks/autogen.yml @@ -32,7 +32,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a subnetwork google.cloud.gcp_compute_subnetwork: name: ansiblenet @@ -79,7 +79,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a subnetwork google.cloud.gcp_compute_subnetwork: name: ansiblenet @@ -126,7 +126,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a network diff --git a/tests/integration/targets/gcp_compute_target_http_proxy/tasks/autogen.yml b/tests/integration/targets/gcp_compute_target_http_proxy/tasks/autogen.yml index 1c48c9db..b9010246 100644 --- a/tests/integration/targets/gcp_compute_target_http_proxy/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_target_http_proxy/tasks/autogen.yml @@ -64,7 +64,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a target HTTP proxy google.cloud.gcp_compute_target_http_proxy: name: "{{ resource_name }}" @@ -106,7 +106,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a target HTTP proxy google.cloud.gcp_compute_target_http_proxy: name: "{{ resource_name }}" @@ -148,7 +148,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a URL map diff --git a/tests/integration/targets/gcp_compute_target_https_proxy/tasks/autogen.yml b/tests/integration/targets/gcp_compute_target_https_proxy/tasks/autogen.yml index 5731d087..a0084870 100644 --- a/tests/integration/targets/gcp_compute_target_https_proxy/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_target_https_proxy/tasks/autogen.yml @@ -99,7 +99,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a target HTTPS proxy google.cloud.gcp_compute_target_https_proxy: name: "{{ resource_name }}" @@ -145,7 +145,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a target HTTPS proxy google.cloud.gcp_compute_target_https_proxy: name: "{{ resource_name }}" @@ -191,7 +191,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a SSL certificate diff --git a/tests/integration/targets/gcp_compute_target_instance/tasks/autogen.yml b/tests/integration/targets/gcp_compute_target_instance/tasks/autogen.yml index 74a01f61..51e3cf7c 100644 --- a/tests/integration/targets/gcp_compute_target_instance/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_target_instance/tasks/autogen.yml @@ -50,7 +50,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a target instance google.cloud.gcp_compute_target_instance: name: target @@ -95,7 +95,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a target instance google.cloud.gcp_compute_target_instance: name: target @@ -140,7 +140,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a instance diff --git a/tests/integration/targets/gcp_compute_target_pool/tasks/autogen.yml b/tests/integration/targets/gcp_compute_target_pool/tasks/autogen.yml index 59a46d21..38248817 100644 --- a/tests/integration/targets/gcp_compute_target_pool/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_target_pool/tasks/autogen.yml @@ -21,7 +21,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a target pool google.cloud.gcp_compute_target_pool: name: "{{ resource_name }}" @@ -64,7 +64,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a target pool google.cloud.gcp_compute_target_pool: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_compute_target_ssl_proxy/tasks/autogen.yml b/tests/integration/targets/gcp_compute_target_ssl_proxy/tasks/autogen.yml index 6142ec91..eaf99aca 100644 --- a/tests/integration/targets/gcp_compute_target_ssl_proxy/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_target_ssl_proxy/tasks/autogen.yml @@ -94,7 +94,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a target SSL proxy google.cloud.gcp_compute_target_ssl_proxy: name: "{{ resource_name }}" @@ -140,7 +140,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a target SSL proxy google.cloud.gcp_compute_target_ssl_proxy: name: "{{ resource_name }}" @@ -186,7 +186,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a SSL certificate diff --git a/tests/integration/targets/gcp_compute_target_tcp_proxy/tasks/autogen.yml b/tests/integration/targets/gcp_compute_target_tcp_proxy/tasks/autogen.yml index 82e3e551..005d6550 100644 --- a/tests/integration/targets/gcp_compute_target_tcp_proxy/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_target_tcp_proxy/tasks/autogen.yml @@ -60,7 +60,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a target TCP proxy google.cloud.gcp_compute_target_tcp_proxy: name: "{{ resource_name }}" @@ -104,7 +104,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a target TCP proxy google.cloud.gcp_compute_target_tcp_proxy: name: "{{ resource_name }}" @@ -148,7 +148,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a backend service diff --git a/tests/integration/targets/gcp_compute_target_vpn_gateway/tasks/autogen.yml b/tests/integration/targets/gcp_compute_target_vpn_gateway/tasks/autogen.yml index a14a1493..c8753a84 100644 --- a/tests/integration/targets/gcp_compute_target_vpn_gateway/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_target_vpn_gateway/tasks/autogen.yml @@ -40,7 +40,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a target vpn gateway google.cloud.gcp_compute_target_vpn_gateway: name: "{{ resource_name }}" @@ -85,7 +85,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a target vpn gateway google.cloud.gcp_compute_target_vpn_gateway: name: "{{ resource_name }}" @@ -130,7 +130,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a network diff --git a/tests/integration/targets/gcp_compute_url_map/tasks/autogen.yml b/tests/integration/targets/gcp_compute_url_map/tasks/autogen.yml index ead14fef..8f398653 100644 --- a/tests/integration/targets/gcp_compute_url_map/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_url_map/tasks/autogen.yml @@ -55,7 +55,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a URL map google.cloud.gcp_compute_url_map: name: "{{ resource_name }}" @@ -97,7 +97,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a URL map google.cloud.gcp_compute_url_map: name: "{{ resource_name }}" @@ -139,7 +139,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a backend service diff --git a/tests/integration/targets/gcp_compute_vpn_tunnel/tasks/autogen.yml b/tests/integration/targets/gcp_compute_vpn_tunnel/tasks/autogen.yml index 79d4e055..c4a3c44d 100644 --- a/tests/integration/targets/gcp_compute_vpn_tunnel/tasks/autogen.yml +++ b/tests/integration/targets/gcp_compute_vpn_tunnel/tasks/autogen.yml @@ -158,7 +158,7 @@ service_account_file: "{{ gcp_cred_file | default(omit) }}" peer_ip: "{{ address.address }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a vpn tunnel google.cloud.gcp_compute_vpn_tunnel: name: "{{ resource_name }}" @@ -209,7 +209,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a vpn tunnel google.cloud.gcp_compute_vpn_tunnel: name: "{{ resource_name }}" @@ -260,7 +260,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown - name: Delete a UDP-4500 forwarding rule google.cloud.gcp_compute_forwarding_rule: diff --git a/tests/integration/targets/gcp_container_cluster/tasks/autogen.yml b/tests/integration/targets/gcp_container_cluster/tasks/autogen.yml index f3c1d127..9c7f9f76 100644 --- a/tests/integration/targets/gcp_container_cluster/tasks/autogen.yml +++ b/tests/integration/targets/gcp_container_cluster/tasks/autogen.yml @@ -25,7 +25,7 @@ auth_kind: serviceaccount service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a cluster google.cloud.gcp_container_cluster: name: my-cluster @@ -74,7 +74,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a cluster google.cloud.gcp_container_cluster: name: my-cluster diff --git a/tests/integration/targets/gcp_container_node_pool/tasks/autogen.yml b/tests/integration/targets/gcp_container_node_pool/tasks/autogen.yml index 84fe978a..734707eb 100644 --- a/tests/integration/targets/gcp_container_node_pool/tasks/autogen.yml +++ b/tests/integration/targets/gcp_container_node_pool/tasks/autogen.yml @@ -33,7 +33,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a node pool google.cloud.gcp_container_node_pool: name: my-pool @@ -79,7 +79,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a node pool google.cloud.gcp_container_node_pool: name: my-pool @@ -125,7 +125,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a cluster diff --git a/tests/integration/targets/gcp_dns_managed_zone/tasks/autogen.yml b/tests/integration/targets/gcp_dns_managed_zone/tasks/autogen.yml index 2e7b2bfb..6e16c494 100644 --- a/tests/integration/targets/gcp_dns_managed_zone/tasks/autogen.yml +++ b/tests/integration/targets/gcp_dns_managed_zone/tasks/autogen.yml @@ -22,7 +22,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a managed zone google.cloud.gcp_dns_managed_zone: name: "{{ resource_name }}" @@ -65,7 +65,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a managed zone google.cloud.gcp_dns_managed_zone: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_dns_resource_record_set/tasks/autogen.yml b/tests/integration/targets/gcp_dns_resource_record_set/tasks/autogen.yml index c8ca5354..5c6ba660 100644 --- a/tests/integration/targets/gcp_dns_resource_record_set/tasks/autogen.yml +++ b/tests/integration/targets/gcp_dns_resource_record_set/tasks/autogen.yml @@ -36,7 +36,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a resource record set google.cloud.gcp_dns_resource_record_set: name: www.testzone-4.com. @@ -87,7 +87,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a resource record set google.cloud.gcp_dns_resource_record_set: name: www.testzone-4.com. @@ -138,7 +138,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a managed zone diff --git a/tests/integration/targets/gcp_filestore_instance/tasks/autogen.yml b/tests/integration/targets/gcp_filestore_instance/tasks/autogen.yml index 20a7bde7..581af9d2 100644 --- a/tests/integration/targets/gcp_filestore_instance/tasks/autogen.yml +++ b/tests/integration/targets/gcp_filestore_instance/tasks/autogen.yml @@ -29,7 +29,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a instance google.cloud.gcp_filestore_instance: name: "{{ resource_name }}" @@ -86,7 +86,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a instance google.cloud.gcp_filestore_instance: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_iam_role/tasks/autogen.yml b/tests/integration/targets/gcp_iam_role/tasks/autogen.yml index d4afe357..c2737f86 100644 --- a/tests/integration/targets/gcp_iam_role/tasks/autogen.yml +++ b/tests/integration/targets/gcp_iam_role/tasks/autogen.yml @@ -26,7 +26,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a role google.cloud.gcp_iam_role: name: "{{ resource_prefix[0:30].replace('-', '_') }}" @@ -96,7 +96,7 @@ ansible.builtin.assert: that: - result.changed == true -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a role google.cloud.gcp_iam_role: name: "{{ resource_prefix[0:30].replace('-', '_') }}" diff --git a/tests/integration/targets/gcp_iam_service_account/tasks/autogen.yml b/tests/integration/targets/gcp_iam_service_account/tasks/autogen.yml index 9a4106dc..d4273cb6 100644 --- a/tests/integration/targets/gcp_iam_service_account/tasks/autogen.yml +++ b/tests/integration/targets/gcp_iam_service_account/tasks/autogen.yml @@ -21,7 +21,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a service account google.cloud.gcp_iam_service_account: name: service-{{ resource_name.split("-")[-1] }}@{{ gcp_project }}.iam.gserviceaccount.com @@ -62,7 +62,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a service account google.cloud.gcp_iam_service_account: name: service-{{ resource_name.split("-")[-1] }}@{{ gcp_project }}.iam.gserviceaccount.com diff --git a/tests/integration/targets/gcp_kms_crypto_key/tasks/autogen.yml b/tests/integration/targets/gcp_kms_crypto_key/tasks/autogen.yml index 0e270778..96a63699 100644 --- a/tests/integration/targets/gcp_kms_crypto_key/tasks/autogen.yml +++ b/tests/integration/targets/gcp_kms_crypto_key/tasks/autogen.yml @@ -30,7 +30,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a crypto key google.cloud.gcp_kms_crypto_key: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_kms_key_ring/tasks/autogen.yml b/tests/integration/targets/gcp_kms_key_ring/tasks/autogen.yml index b0af43c1..1555647c 100644 --- a/tests/integration/targets/gcp_kms_key_ring/tasks/autogen.yml +++ b/tests/integration/targets/gcp_kms_key_ring/tasks/autogen.yml @@ -21,7 +21,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a key ring google.cloud.gcp_kms_key_ring: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_logging_metric/tasks/autogen.yml b/tests/integration/targets/gcp_logging_metric/tasks/autogen.yml index 90a77b05..0d34f20a 100644 --- a/tests/integration/targets/gcp_logging_metric/tasks/autogen.yml +++ b/tests/integration/targets/gcp_logging_metric/tasks/autogen.yml @@ -37,7 +37,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a metric google.cloud.gcp_logging_metric: name: "{{ resource_name }}" @@ -109,7 +109,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a metric google.cloud.gcp_logging_metric: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_mlengine_model/tasks/autogen.yml b/tests/integration/targets/gcp_mlengine_model/tasks/autogen.yml index 619a49c1..0e7f01a0 100644 --- a/tests/integration/targets/gcp_mlengine_model/tasks/autogen.yml +++ b/tests/integration/targets/gcp_mlengine_model/tasks/autogen.yml @@ -23,7 +23,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a model google.cloud.gcp_mlengine_model: name: "{{ resource_name | replace('-', '_') }}" @@ -67,7 +67,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a model google.cloud.gcp_mlengine_model: name: "{{ resource_name | replace('-', '_') }}" diff --git a/tests/integration/targets/gcp_mlengine_version/tasks/autogen.yml b/tests/integration/targets/gcp_mlengine_version/tasks/autogen.yml index d68bad0b..d97aa73c 100644 --- a/tests/integration/targets/gcp_mlengine_version/tasks/autogen.yml +++ b/tests/integration/targets/gcp_mlengine_version/tasks/autogen.yml @@ -38,7 +38,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a version google.cloud.gcp_mlengine_version: name: "{{ resource_name | replace('-', '_') }}" @@ -87,7 +87,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a version google.cloud.gcp_mlengine_version: name: "{{ resource_name | replace('-', '_') }}" @@ -136,7 +136,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a model diff --git a/tests/integration/targets/gcp_pubsub_subscription/tasks/autogen.yml b/tests/integration/targets/gcp_pubsub_subscription/tasks/autogen.yml index 395f50ac..8f93c733 100644 --- a/tests/integration/targets/gcp_pubsub_subscription/tasks/autogen.yml +++ b/tests/integration/targets/gcp_pubsub_subscription/tasks/autogen.yml @@ -37,7 +37,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a subscription google.cloud.gcp_pubsub_subscription: name: "{{ resource_name }}" @@ -79,7 +79,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Update a subscription google.cloud.gcp_pubsub_subscription: name: "{{ resource_name }}" @@ -94,7 +94,7 @@ ansible.builtin.assert: that: - result.changed == true -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Update cloudStorageConfig of a subscription that already exists google.cloud.gcp_pubsub_subscription: name: "{{ resource_name }}" @@ -118,7 +118,7 @@ ansible.builtin.assert: that: - result.changed == true -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a subscription google.cloud.gcp_pubsub_subscription: name: "{{ resource_name }}" @@ -160,7 +160,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a topic diff --git a/tests/integration/targets/gcp_pubsub_topic/tasks/autogen.yml b/tests/integration/targets/gcp_pubsub_topic/tasks/autogen.yml index d9f3cd3d..c95face9 100644 --- a/tests/integration/targets/gcp_pubsub_topic/tasks/autogen.yml +++ b/tests/integration/targets/gcp_pubsub_topic/tasks/autogen.yml @@ -20,7 +20,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a topic google.cloud.gcp_pubsub_topic: name: test-topic1 @@ -58,7 +58,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a topic google.cloud.gcp_pubsub_topic: name: test-topic1 diff --git a/tests/integration/targets/gcp_redis_instance/tasks/autogen.yml b/tests/integration/targets/gcp_redis_instance/tasks/autogen.yml index cea48d6b..fde94955 100644 --- a/tests/integration/targets/gcp_redis_instance/tasks/autogen.yml +++ b/tests/integration/targets/gcp_redis_instance/tasks/autogen.yml @@ -39,7 +39,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a instance google.cloud.gcp_redis_instance: name: instance37 @@ -98,7 +98,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a instance google.cloud.gcp_redis_instance: name: instance37 @@ -157,7 +157,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a network diff --git a/tests/integration/targets/gcp_resourcemanager_project/tasks/autogen.yml b/tests/integration/targets/gcp_resourcemanager_project/tasks/autogen.yml index 5545d0ed..3c28f98c 100644 --- a/tests/integration/targets/gcp_resourcemanager_project/tasks/autogen.yml +++ b/tests/integration/targets/gcp_resourcemanager_project/tasks/autogen.yml @@ -23,7 +23,7 @@ type: folder id: "{{ gcp_folder_id }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a project google.cloud.gcp_resourcemanager_project: name: "{{ resource_prefix[0:30] }}" @@ -73,7 +73,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a project google.cloud.gcp_resourcemanager_project: name: "{{ resource_prefix[0:30] }}" diff --git a/tests/integration/targets/gcp_runtimeconfig_config/tasks/autogen.yml b/tests/integration/targets/gcp_runtimeconfig_config/tasks/autogen.yml index 3eebf1be..517d2fea 100644 --- a/tests/integration/targets/gcp_runtimeconfig_config/tasks/autogen.yml +++ b/tests/integration/targets/gcp_runtimeconfig_config/tasks/autogen.yml @@ -21,7 +21,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a config google.cloud.gcp_runtimeconfig_config: name: "{{ resource_name }}" @@ -61,7 +61,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a config google.cloud.gcp_runtimeconfig_config: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_runtimeconfig_variable/tasks/autogen.yml b/tests/integration/targets/gcp_runtimeconfig_variable/tasks/autogen.yml index 4a790dce..804f905d 100644 --- a/tests/integration/targets/gcp_runtimeconfig_variable/tasks/autogen.yml +++ b/tests/integration/targets/gcp_runtimeconfig_variable/tasks/autogen.yml @@ -31,7 +31,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a variable google.cloud.gcp_runtimeconfig_variable: name: prod-variables/hostname @@ -74,7 +74,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a variable google.cloud.gcp_runtimeconfig_variable: name: prod-variables/hostname @@ -117,7 +117,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a config diff --git a/tests/integration/targets/gcp_serviceusage_service/tasks/autogen.yml b/tests/integration/targets/gcp_serviceusage_service/tasks/autogen.yml index 666da8f6..88b146e8 100644 --- a/tests/integration/targets/gcp_serviceusage_service/tasks/autogen.yml +++ b/tests/integration/targets/gcp_serviceusage_service/tasks/autogen.yml @@ -20,7 +20,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a service google.cloud.gcp_serviceusage_service: name: alloydb.googleapis.com @@ -58,7 +58,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a service google.cloud.gcp_serviceusage_service: name: alloydb.googleapis.com diff --git a/tests/integration/targets/gcp_sourcerepo_repository/tasks/autogen.yml b/tests/integration/targets/gcp_sourcerepo_repository/tasks/autogen.yml index 0bc80581..857e3f9b 100644 --- a/tests/integration/targets/gcp_sourcerepo_repository/tasks/autogen.yml +++ b/tests/integration/targets/gcp_sourcerepo_repository/tasks/autogen.yml @@ -20,7 +20,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a repository google.cloud.gcp_sourcerepo_repository: name: "{{ resource_name }}" @@ -58,7 +58,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a repository google.cloud.gcp_sourcerepo_repository: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_spanner_database/tasks/autogen.yml b/tests/integration/targets/gcp_spanner_database/tasks/autogen.yml index a3aa4cca..cc1258f7 100644 --- a/tests/integration/targets/gcp_spanner_database/tasks/autogen.yml +++ b/tests/integration/targets/gcp_spanner_database/tasks/autogen.yml @@ -34,7 +34,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a database google.cloud.gcp_spanner_database: name: webstore @@ -75,7 +75,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a database google.cloud.gcp_spanner_database: name: webstore @@ -120,7 +120,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a instance diff --git a/tests/integration/targets/gcp_spanner_instance/tasks/autogen.yml b/tests/integration/targets/gcp_spanner_instance/tasks/autogen.yml index daae5c89..f69f2364 100644 --- a/tests/integration/targets/gcp_spanner_instance/tasks/autogen.yml +++ b/tests/integration/targets/gcp_spanner_instance/tasks/autogen.yml @@ -25,7 +25,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a instance google.cloud.gcp_spanner_instance: name: testinstance @@ -73,7 +73,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a instance google.cloud.gcp_spanner_instance: name: testinstance diff --git a/tests/integration/targets/gcp_sql_database/tasks/autogen.yml b/tests/integration/targets/gcp_sql_database/tasks/autogen.yml index a84096fb..1b55bbbe 100644 --- a/tests/integration/targets/gcp_sql_database/tasks/autogen.yml +++ b/tests/integration/targets/gcp_sql_database/tasks/autogen.yml @@ -37,7 +37,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a database google.cloud.gcp_sql_database: name: "{{ resource_name }}" @@ -80,7 +80,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a database google.cloud.gcp_sql_database: name: "{{ resource_name }}" @@ -123,7 +123,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a instance diff --git a/tests/integration/targets/gcp_sql_instance/tasks/autogen.yml b/tests/integration/targets/gcp_sql_instance/tasks/autogen.yml index c57de05a..32434af9 100644 --- a/tests/integration/targets/gcp_sql_instance/tasks/autogen.yml +++ b/tests/integration/targets/gcp_sql_instance/tasks/autogen.yml @@ -27,7 +27,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a instance google.cloud.gcp_sql_instance: name: "{{ resource_name }}-2" @@ -79,7 +79,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a instance google.cloud.gcp_sql_instance: name: "{{ resource_name }}-2" diff --git a/tests/integration/targets/gcp_sql_ssl_cert/tasks/autogen.yml b/tests/integration/targets/gcp_sql_ssl_cert/tasks/autogen.yml index c24746df..bf89c4a2 100644 --- a/tests/integration/targets/gcp_sql_ssl_cert/tasks/autogen.yml +++ b/tests/integration/targets/gcp_sql_ssl_cert/tasks/autogen.yml @@ -38,7 +38,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create an SSL cert google.cloud.gcp_sql_ssl_cert: common_name: "{{ resource_name }}" @@ -67,7 +67,7 @@ ansible.builtin.assert: that: - updates.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete an SSL cert google.cloud.gcp_sql_ssl_cert: common_name: "{{ resource_name }}" @@ -83,7 +83,7 @@ ansible.builtin.assert: that: - result.changed == true -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a instance diff --git a/tests/integration/targets/gcp_sql_user/tasks/autogen.yml b/tests/integration/targets/gcp_sql_user/tasks/autogen.yml index 0a820cf5..a9bbb858 100644 --- a/tests/integration/targets/gcp_sql_user/tasks/autogen.yml +++ b/tests/integration/targets/gcp_sql_user/tasks/autogen.yml @@ -38,7 +38,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a user google.cloud.gcp_sql_user: name: test-user @@ -83,7 +83,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a user google.cloud.gcp_sql_user: name: test-user @@ -128,7 +128,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a instance diff --git a/tests/integration/targets/gcp_storage_bucket/tasks/autogen.yml b/tests/integration/targets/gcp_storage_bucket/tasks/autogen.yml index f5ccacab..9ac71255 100644 --- a/tests/integration/targets/gcp_storage_bucket/tasks/autogen.yml +++ b/tests/integration/targets/gcp_storage_bucket/tasks/autogen.yml @@ -20,7 +20,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a bucket google.cloud.gcp_storage_bucket: name: "{{ resource_name }}" @@ -46,7 +46,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a bucket google.cloud.gcp_storage_bucket: name: "{{ resource_name }}" diff --git a/tests/integration/targets/gcp_storage_bucket_access_control/tasks/autogen.yml b/tests/integration/targets/gcp_storage_bucket_access_control/tasks/autogen.yml index 762e0f6c..a3ef2784 100644 --- a/tests/integration/targets/gcp_storage_bucket_access_control/tasks/autogen.yml +++ b/tests/integration/targets/gcp_storage_bucket_access_control/tasks/autogen.yml @@ -30,7 +30,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a bucket access control google.cloud.gcp_storage_bucket_access_control: bucket: "{{ bucket }}" @@ -60,7 +60,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a bucket access control google.cloud.gcp_storage_bucket_access_control: bucket: "{{ bucket }}" @@ -90,7 +90,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a bucket diff --git a/tests/integration/targets/gcp_storage_default_object_acl/tasks/autogen.yml b/tests/integration/targets/gcp_storage_default_object_acl/tasks/autogen.yml index 6f436843..c330abff 100644 --- a/tests/integration/targets/gcp_storage_default_object_acl/tasks/autogen.yml +++ b/tests/integration/targets/gcp_storage_default_object_acl/tasks/autogen.yml @@ -30,7 +30,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a default object acl google.cloud.gcp_storage_default_object_acl: bucket: "{{ bucket }}" @@ -60,7 +60,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a default object acl google.cloud.gcp_storage_default_object_acl: bucket: "{{ bucket }}" @@ -90,7 +90,7 @@ ansible.builtin.assert: that: - result.changed == false -#--------------------------------------------------------- +# --------------------------------------------------------- # Post-test teardown # If errors happen, don't crash the playbook! - name: Delete a bucket diff --git a/tests/integration/targets/gcp_storage_object/tasks/main.yml b/tests/integration/targets/gcp_storage_object/tasks/main.yml index 4d6d31f3..81995409 100644 --- a/tests/integration/targets/gcp_storage_object/tasks/main.yml +++ b/tests/integration/targets/gcp_storage_object/tasks/main.yml @@ -12,7 +12,7 @@ ansible.builtin.copy: content: Ansible GCS test file dest: "{{ upload_temp.path }}" - mode: 0644 + mode: "0644" - name: Create a bucket google.cloud.gcp_storage_bucket: name: "{{ resource_name }}" @@ -21,7 +21,7 @@ service_account_file: "{{ gcp_cred_file | default(omit) }}" state: present register: bucket -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Upload the object to gcs google.cloud.gcp_storage_object: action: upload diff --git a/tests/integration/targets/gcp_tpu_node/tasks/autogen.yml b/tests/integration/targets/gcp_tpu_node/tasks/autogen.yml index 196aa6a9..85768983 100644 --- a/tests/integration/targets/gcp_tpu_node/tasks/autogen.yml +++ b/tests/integration/targets/gcp_tpu_node/tasks/autogen.yml @@ -24,7 +24,7 @@ auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file | default(omit) }}" state: absent -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Create a node google.cloud.gcp_tpu_node: name: "{{ resource_name }}" @@ -71,7 +71,7 @@ ansible.builtin.assert: that: - result.changed == false -#---------------------------------------------------------- +# ---------------------------------------------------------- - name: Delete a node google.cloud.gcp_tpu_node: name: "{{ resource_name }}" From 8f053e08ab937c40984ec0277adc6b8e0949e7cc Mon Sep 17 00:00:00 2001 From: Chris Hawk Date: Wed, 15 Jan 2025 10:52:15 -0800 Subject: [PATCH 19/51] Switch test GitHub workflow to the standardized collection workflow --- .github/workflows/ansible-test.yml | 159 +++++++++++++++++++---------- 1 file changed, 105 insertions(+), 54 deletions(-) diff --git a/.github/workflows/ansible-test.yml b/.github/workflows/ansible-test.yml index 0c7cf634..29f70c94 100644 --- a/.github/workflows/ansible-test.yml +++ b/.github/workflows/ansible-test.yml @@ -1,68 +1,119 @@ --- +# Should be kept up to date with https://github.com/ansible-collections/collection_template/blob/main/.github/workflows/ansible-test.yml +# Integration tests are run separately from the ansible-integration-tests.yml workflow. name: Run tests for the cloud.google collection -on: [pull_request] +on: + # Run CI against all pushes (direct commits, also merged PRs), Pull Requests + push: + branches: + - main + - stable-* + pull_request: + # Run CI once per day (at 06:00 UTC) + # This ensures that even if there haven't been commits that we are still + # testing against latest version of ansible-test for each ansible-core + # version + schedule: + - cron: '0 6 * * *' + +concurrency: + group: >- + ${{ github.workflow }}-${{ + github.event.pull_request.number || github.sha + }} + cancel-in-progress: true + jobs: - sanity-and-lint: - runs-on: ubuntu-latest - defaults: - run: - working-directory: ansible_collections/google/cloud + +### +# Sanity tests (REQUIRED) +# +# https://docs.ansible.com/ansible/latest/dev_guide/testing_sanity.html + + sanity: + name: Sanity (â’¶${{ matrix.ansible }}) strategy: matrix: - # Our version strategy is to test against the current and previous version - # of ansible-core and each major version of Python supported by both. - # https://docs.ansible.com/ansible/latest/reference_appendices/release_and_maintenance.html#ansible-core-support-matrix - ansible_version: + ansible: + # It's important that Sanity is tested against all stable-X.Y branches + # Testing against `devel` may fail as new tests are added. + # An alternative to `devel` is the `milestone` branch with + # gets synchronized with `devel` every few weeks and therefore + # tends to be a more stable target. Be aware that it is not updated + # around creation of a new stable branch, this might cause a problem + # that two different versions of ansible-test use the same sanity test + # ignore.txt file. + # Add new versions announced in + # https://github.com/ansible-collections/news-for-maintainers in a timely manner, + # consider dropping testing against EOL versions and versions you don't support. + - stable-2.16 - stable-2.17 - stable-2.18 - python_version: - - '3.11' - - '3.12' - steps: - - name: check out code - uses: actions/checkout@v4 - with: - path: ansible_collections/google/cloud - submodules: 'true' - - name: Set up Python - uses: actions/setup-python@v4 - with: - python-version: ${{ matrix.python_version }} - - name: Install ansible-base (${{ matrix.ansible_version }}) - run: pip install https://github.com/ansible/ansible/archive/${{ matrix.ansible_version }}.tar.gz --disable-pip-version-check - - name: Run ansible-test sanity - run: ansible-test sanity -v --color - - name: Install ansible-lint - run: pip install ansible-lint - - name: Run ansible-lint - run: ansible-lint - unit: + - devel + # - milestone + runs-on: ubuntu-latest - defaults: - run: - working-directory: ansible_collections/google/cloud + + steps: + # Run sanity tests inside a Docker container. + # The docker container has all the pinned dependencies that are + # required and all Python versions Ansible supports. + - name: Perform sanity testing + # See the documentation for the following GitHub action on + # https://github.com/ansible-community/ansible-test-gh-action/blob/main/README.md + uses: ansible-community/ansible-test-gh-action@release/v1 + with: + ansible-core-version: ${{ matrix.ansible }} + testing-type: sanity + # OPTIONAL If your sanity tests require code + # from other collections, install them like this + # test-deps: >- + # ansible.netcommon + # ansible.utils + # OPTIONAL If set to true, will test only against changed files, + # which should improve CI performance. See limitations on + # https://github.com/ansible-community/ansible-test-gh-action#pull-request-change-detection + pull-request-change-detection: false + +### +# Unit tests (OPTIONAL) +# +# https://docs.ansible.com/ansible/latest/dev_guide/testing_units.html + + units: + runs-on: ubuntu-latest + + name: Units (â’¶${{ matrix.ansible }}) strategy: + # As soon as the first unit test fails, cancel the others to free up the CI queue + fail-fast: true matrix: - ansible_version: + ansible: + # Add new versions announced in + # https://github.com/ansible-collections/news-for-maintainers in a timely manner, + # consider dropping testing against EOL versions and versions you don't support. + - stable-2.16 - stable-2.17 - stable-2.18 - python_version: - - '3.11' - - '3.12' + - devel + # - milestone + steps: - - name: check out code - uses: actions/checkout@v4 + - name: >- + Perform unit testing against + Ansible version ${{ matrix.ansible }} + # See the documentation for the following GitHub action on + # https://github.com/ansible-community/ansible-test-gh-action/blob/main/README.md + uses: ansible-community/ansible-test-gh-action@release/v1 with: - path: ansible_collections/google/cloud - - name: Set up Python - uses: actions/setup-python@v4 - with: - python-version: ${{ matrix.python_version }} - - name: Install dependencies - run: pip install -r requirements.txt - - name: Install test dependencies - run: pip install -r requirements-test.txt - - name: Install ansible-base (${{ matrix.ansible_version }}) - run: pip install https://github.com/ansible/ansible/archive/${{ matrix.ansible_version }}.tar.gz --disable-pip-version-check - - name: Run unit tests - run: ansible-test units -v --color --python "${{ matrix.python_version }}" + ansible-core-version: ${{ matrix.ansible }} + testing-type: units + # OPTIONAL If your unit tests require code + # from other collections, install them like this + test-deps: >- + ansible.netcommon + ansible.utils + # OPTIONAL If set to true, will test only against changed files, + # which should improve CI performance. See limitations on + # https://github.com/ansible-community/ansible-test-gh-action#pull-request-change-detection + pull-request-change-detection: false From c80eb6ad2187489a86e7f8df0a1d740164d93721 Mon Sep 17 00:00:00 2001 From: Chris Hawk Date: Wed, 15 Jan 2025 11:29:51 -0800 Subject: [PATCH 20/51] Reduce minimum ansible version back to 2.16 --- meta/runtime.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/runtime.yml b/meta/runtime.yml index 2034d6a3..0f2f2a5b 100644 --- a/meta/runtime.yml +++ b/meta/runtime.yml @@ -1,5 +1,5 @@ --- -requires_ansible: ">=2.17.0" +requires_ansible: ">=2.16.0" action_groups: gcp: From f22858dea9a6913b2f5a547fb6523b3e764e4dad Mon Sep 17 00:00:00 2001 From: Chris Hawk Date: Wed, 29 Jan 2025 14:57:59 -0800 Subject: [PATCH 21/51] Reduce minimal Ansible version to >=2.15.0 --- meta/runtime.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/runtime.yml b/meta/runtime.yml index 0f2f2a5b..e496772b 100644 --- a/meta/runtime.yml +++ b/meta/runtime.yml @@ -1,5 +1,5 @@ --- -requires_ansible: ">=2.16.0" +requires_ansible: ">=2.15.0" action_groups: gcp: From 529d21630acec9dcc00451090654de451c01d8e8 Mon Sep 17 00:00:00 2001 From: Chris Hawk Date: Wed, 29 Jan 2025 15:32:12 -0800 Subject: [PATCH 22/51] Run integration tests against 2.16 --- .github/workflows/ansible-integration-tests.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ansible-integration-tests.yml b/.github/workflows/ansible-integration-tests.yml index 990354ea..8ff37f85 100644 --- a/.github/workflows/ansible-integration-tests.yml +++ b/.github/workflows/ansible-integration-tests.yml @@ -25,6 +25,7 @@ jobs: # and test against the minimum version of Python supported by both. If/when we change # the integration tests to support parallelism we can revisit. ansible_version: + - stable-2.16 - stable-2.17 - stable-2.18 steps: @@ -35,7 +36,7 @@ jobs: - name: Set up Python uses: actions/setup-python@v4 with: - python-version: '3.11' # this is the minimum version required for Ansible 2.17 + python-version: '3.10' # this is the minimum version required for Ansible 2.16 - name: Install dependencies run: pip install -r requirements.txt - name: Install ansible-base (${{ matrix.ansible_version }}) @@ -70,4 +71,4 @@ jobs: # run tests - name: Run integration tests # Add the -vvv flag to print out more output - run: ansible-test integration -v --color --python 3.11 --venv-system-site-packages + run: ansible-test integration -v --color --python 3.10 --venv-system-site-packages From e6c49c0f69c0fa981e58c5fce64c5d632b06196e Mon Sep 17 00:00:00 2001 From: Chris Hawk Date: Thu, 30 Jan 2025 11:34:10 -0800 Subject: [PATCH 23/51] Settle on 2.16.0 --- meta/runtime.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/runtime.yml b/meta/runtime.yml index e496772b..0f2f2a5b 100644 --- a/meta/runtime.yml +++ b/meta/runtime.yml @@ -1,5 +1,5 @@ --- -requires_ansible: ">=2.15.0" +requires_ansible: ">=2.16.0" action_groups: gcp: From ad6df1688f6b5003df5f96a5ff1aa74755e30ad8 Mon Sep 17 00:00:00 2001 From: Chris Hawk Date: Thu, 30 Jan 2025 13:53:56 -0800 Subject: [PATCH 24/51] Add release note fragment --- changelogs/fragments/667-include-2-16-in-ci.yml | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 changelogs/fragments/667-include-2-16-in-ci.yml diff --git a/changelogs/fragments/667-include-2-16-in-ci.yml b/changelogs/fragments/667-include-2-16-in-ci.yml new file mode 100644 index 00000000..a2a945b6 --- /dev/null +++ b/changelogs/fragments/667-include-2-16-in-ci.yml @@ -0,0 +1,2 @@ +bugfixes: + - run integration test with Ansible 2.16 to match `requires_ansible` version \ No newline at end of file From 7c808c047cb79ad9c94bd026b5a26a3fed481013 Mon Sep 17 00:00:00 2001 From: Chris Hawk Date: Thu, 30 Jan 2025 13:57:06 -0800 Subject: [PATCH 25/51] Update version --- CHANGELOG.rst | 8 ++++++++ changelogs/changelog.yaml | 7 +++++++ changelogs/fragments/667-include-2-16-in-ci.yml | 2 -- galaxy.yml | 2 +- 4 files changed, 16 insertions(+), 3 deletions(-) delete mode 100644 changelogs/fragments/667-include-2-16-in-ci.yml diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 99681e3f..8cafaf9a 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -4,6 +4,14 @@ Google.Cloud Release Notes .. contents:: Topics +v1.5.1 +====== + +Bugfixes +-------- + +- run integration test with Ansible 2.16 to match `requires_ansible` version + v1.5.0 ====== diff --git a/changelogs/changelog.yaml b/changelogs/changelog.yaml index 9ce44389..1d30245c 100644 --- a/changelogs/changelog.yaml +++ b/changelogs/changelog.yaml @@ -121,3 +121,10 @@ releases: - remove-google_cloud_ops_agents-role.yml - upgrade_anisble.yml release_date: '2025-01-14' + 1.5.1: + changes: + bugfixes: + - run integration test with Ansible 2.16 to match `requires_ansible` version + fragments: + - 667-include-2-16-in-ci.yml + release_date: '2025-01-30' diff --git a/changelogs/fragments/667-include-2-16-in-ci.yml b/changelogs/fragments/667-include-2-16-in-ci.yml deleted file mode 100644 index a2a945b6..00000000 --- a/changelogs/fragments/667-include-2-16-in-ci.yml +++ /dev/null @@ -1,2 +0,0 @@ -bugfixes: - - run integration test with Ansible 2.16 to match `requires_ansible` version \ No newline at end of file diff --git a/galaxy.yml b/galaxy.yml index f015ca36..024b507d 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -10,7 +10,7 @@ namespace: google name: cloud # The version of the collection. Must be compatible with semantic versioning -version: 1.5.0 +version: 1.5.1 # The path to the Markdown (.md) readme file. This path is relative to the root of the collection readme: README.md From fdcf1fa1fd3bd56f8297c45aafb3a4a09bb706b1 Mon Sep 17 00:00:00 2001 From: Bill Peck Date: Wed, 2 Apr 2025 12:37:48 -0400 Subject: [PATCH 26/51] Fix get_project_disks to process all responses The code to process the reponses was not indented correctly so it would only process the last projects response. Fixes #651 --- plugins/inventory/gcp_compute.py | 60 ++++++++++++++++---------------- 1 file changed, 30 insertions(+), 30 deletions(-) diff --git a/plugins/inventory/gcp_compute.py b/plugins/inventory/gcp_compute.py index 69fb4b72..bc3e953a 100644 --- a/plugins/inventory/gcp_compute.py +++ b/plugins/inventory/gcp_compute.py @@ -487,38 +487,38 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable): session_responses.append(response_json) page_token = "pageToken" in request_params - for response in session_responses: - if "items" in response: - # example k would be a zone or region name - # example v would be { "disks" : [], "otherkey" : "..." } - for zone_or_region, aggregate in response["items"].items(): - if "zones" in zone_or_region: - if "disks" in aggregate: - zone = zone_or_region.replace("zones/", "") - for disk in aggregate["disks"]: - if ( - "zones" in config_data - and zone in config_data["zones"] - ): - # If zones specified, only store those zones' data - if "sourceImage" in disk: - self._project_disks[ - disk["selfLink"] - ] = disk["sourceImage"].split("/")[-1] - else: - self._project_disks[ - disk["selfLink"] - ] = disk["selfLink"].split("/")[-1] + for response in session_responses: + if "items" in response: + # example k would be a zone or region name + # example v would be { "disks" : [], "otherkey" : "..." } + for zone_or_region, aggregate in response["items"].items(): + if "zones" in zone_or_region: + if "disks" in aggregate: + zone = zone_or_region.replace("zones/", "") + for disk in aggregate["disks"]: + if ( + "zones" in config_data + and zone in config_data["zones"] + ): + # If zones specified, only store those zones' data + if "sourceImage" in disk: + self._project_disks[ + disk["selfLink"] + ] = disk["sourceImage"].split("/")[-1] + else: + self._project_disks[ + disk["selfLink"] + ] = disk["selfLink"].split("/")[-1] - else: - if "sourceImage" in disk: - self._project_disks[ - disk["selfLink"] - ] = disk["sourceImage"].split("/")[-1] else: - self._project_disks[ - disk["selfLink"] - ] = disk["selfLink"].split("/")[-1] + if "sourceImage" in disk: + self._project_disks[ + disk["selfLink"] + ] = disk["sourceImage"].split("/")[-1] + else: + self._project_disks[ + disk["selfLink"] + ] = disk["selfLink"].split("/")[-1] return self._project_disks From b66d1c6129ba18033f80ca02778a1e7009ad55d6 Mon Sep 17 00:00:00 2001 From: Chris Hawk Date: Wed, 2 Apr 2025 14:28:04 -0700 Subject: [PATCH 27/51] Make code coverage messages informational --- codecov.yml | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 codecov.yml diff --git a/codecov.yml b/codecov.yml new file mode 100644 index 00000000..bfdc9877 --- /dev/null +++ b/codecov.yml @@ -0,0 +1,8 @@ +coverage: + status: + project: + default: + informational: true + patch: + default: + informational: true From 8fd16c6515af6e7370acf843d62c8d8d89cfd23a Mon Sep 17 00:00:00 2001 From: Chris Hawk Date: Fri, 18 Apr 2025 15:15:50 -0700 Subject: [PATCH 28/51] Prepare for release of v1.5.2 --- CHANGELOG.rst | 8 ++++++++ changelogs/changelog.yaml | 7 +++++++ galaxy.yml | 2 +- 3 files changed, 16 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 8cafaf9a..be1559c5 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -4,6 +4,14 @@ Google.Cloud Release Notes .. contents:: Topics +v1.5.2 +====== + +Bugfixes +-------- + +- gcp_compute - fixed get_project_disks to process all responses (https://github.com/ansible-collections/google.cloud/pull/677). + v1.5.1 ====== diff --git a/changelogs/changelog.yaml b/changelogs/changelog.yaml index 1d30245c..c19023c8 100644 --- a/changelogs/changelog.yaml +++ b/changelogs/changelog.yaml @@ -128,3 +128,10 @@ releases: fragments: - 667-include-2-16-in-ci.yml release_date: '2025-01-30' + 1.5.2: + changes: + bugfixes: + - gcp_compute - fixed get_project_disks to process all responses (https://github.com/ansible-collections/google.cloud/pull/677). + fragments: + - 677-get-project-disks.yaml + release_date: '2025-04-18' diff --git a/galaxy.yml b/galaxy.yml index 024b507d..cb68bdaa 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -10,7 +10,7 @@ namespace: google name: cloud # The version of the collection. Must be compatible with semantic versioning -version: 1.5.1 +version: 1.5.2 # The path to the Markdown (.md) readme file. This path is relative to the root of the collection readme: README.md From 663fefd092fa170555178e7f1c3a0747d333d96d Mon Sep 17 00:00:00 2001 From: Chris Hawk Date: Tue, 29 Apr 2025 16:20:18 -0700 Subject: [PATCH 29/51] Update README to match current requirements --- README.md | 352 +++++++++++++++++++++++++++++++++++++++--------------- 1 file changed, 257 insertions(+), 95 deletions(-) diff --git a/README.md b/README.md index 5c3f7dae..44be3715 100644 --- a/README.md +++ b/README.md @@ -1,9 +1,248 @@ # Google Cloud Platform Ansible Collection -This collection provides a series of Ansible modules and plugins for interacting with the [Google Cloud Platform](https://cloud.google.com) -This collection works with Ansible 2.16+ +This collection provides a series of Ansible modules and plugins for +interacting with the [Google Cloud Platform](https://cloud.google.com) -# Communication +## Description + +The google.cloud collection provides a way to automate provisioning, +configuration, and management of Google Cloud resources using Ansible +playbooks. This collection includes modules for managing various +Google Cloud services such as Compute Engine instances, Cloud Storage +buckets, Cloud SQL instances, and more. + +### Resources Supported + +* App Engine FirewallRule (gcp_appengine_firewall_rule, gcp_appengine_firewall_rule_info) +* BigQuery Dataset (gcp_bigquery_dataset, gcp_bigquery_dataset_info) +* BigQuery Table (gcp_bigquery_table, gcp_bigquery_table_info) +* Cloud Bigtable Instance (gcp_bigtable_instance, gcp_bigtable_instance_info) +* Cloud Build Trigger (gcp_cloudbuild_trigger, gcp_cloudbuild_trigger_info) +* Cloud Functions CloudFunction (gcp_cloudfunctions_cloud_function, gcp_cloudfunctions_cloud_function_info) +* Cloud Scheduler Job (gcp_cloudscheduler_job, gcp_cloudscheduler_job_info) +* Cloud Tasks Queue (gcp_cloudtasks_queue, gcp_cloudtasks_queue_info) +* Compute Engine Address (gcp_compute_address, gcp_compute_address_info) +* Compute Engine Autoscaler (gcp_compute_autoscaler, gcp_compute_autoscaler_info) +* Compute Engine BackendBucket (gcp_compute_backend_bucket, gcp_compute_backend_bucket_info) +* Compute Engine BackendService (gcp_compute_backend_service, gcp_compute_backend_service_info) +* Compute Engine RegionBackendService (gcp_compute_region_backend_service, gcp_compute_region_backend_service_info) +* Compute Engine Disk (gcp_compute_disk, gcp_compute_disk_info) +* Compute Engine Firewall (gcp_compute_firewall, gcp_compute_firewall_info) +* Compute Engine ForwardingRule (gcp_compute_forwarding_rule, gcp_compute_forwarding_rule_info) +* Compute Engine GlobalAddress (gcp_compute_global_address, gcp_compute_global_address_info) +* Compute Engine GlobalForwardingRule (gcp_compute_global_forwarding_rule, gcp_compute_global_forwarding_rule_info) +* Compute Engine HttpHealthCheck (gcp_compute_http_health_check, gcp_compute_http_health_check_info) +* Compute Engine HttpsHealthCheck (gcp_compute_https_health_check, gcp_compute_https_health_check_info) +* Compute Engine HealthCheck (gcp_compute_health_check, gcp_compute_health_check_info) +* Compute Engine InstanceTemplate (gcp_compute_instance_template, gcp_compute_instance_template_info) +* Compute Engine Image (gcp_compute_image, gcp_compute_image_info) +* Compute Engine Instance (gcp_compute_instance, gcp_compute_instance_info) +* Compute Engine InstanceGroup (gcp_compute_instance_group, gcp_compute_instance_group_info) +* Compute Engine InstanceGroupManager (gcp_compute_instance_group_manager, gcp_compute_instance_group_manager_info) +* Compute Engine RegionInstanceGroupManager (gcp_compute_region_instance_group_manager, gcp_compute_region_instance_group_manager_info) +* Compute Engine InterconnectAttachment (gcp_compute_interconnect_attachment, gcp_compute_interconnect_attachment_info) +* Compute Engine Network (gcp_compute_network, gcp_compute_network_info) +* Compute Engine NetworkEndpointGroup (gcp_compute_network_endpoint_group, gcp_compute_network_endpoint_group_info) +* Compute Engine NodeGroup (gcp_compute_node_group, gcp_compute_node_group_info) +* Compute Engine NodeTemplate (gcp_compute_node_template, gcp_compute_node_template_info) +* Compute Engine RegionAutoscaler (gcp_compute_region_autoscaler, gcp_compute_region_autoscaler_info) +* Compute Engine RegionDisk (gcp_compute_region_disk, gcp_compute_region_disk_info) +* Compute Engine RegionUrlMap (gcp_compute_region_url_map, gcp_compute_region_url_map_info) +* Compute Engine RegionHealthCheck (gcp_compute_region_health_check, gcp_compute_region_health_check_info) +* Compute Engine ResourcePolicy (gcp_compute_resource_policy, gcp_compute_resource_policy_info) +* Compute Engine Route (gcp_compute_route, gcp_compute_route_info) +* Compute Engine Router (gcp_compute_router, gcp_compute_router_info) +* Compute Engine Snapshot (gcp_compute_snapshot, gcp_compute_snapshot_info) +* Compute Engine SslCertificate (gcp_compute_ssl_certificate, gcp_compute_ssl_certificate_info) +* Compute Engine Reservation (gcp_compute_reservation, gcp_compute_reservation_info) +* Compute Engine SslPolicy (gcp_compute_ssl_policy, gcp_compute_ssl_policy_info) +* Compute Engine Subnetwork (gcp_compute_subnetwork, gcp_compute_subnetwork_info) +* Compute Engine TargetHttpProxy (gcp_compute_target_http_proxy, gcp_compute_target_http_proxy_info) +* Compute Engine TargetHttpsProxy (gcp_compute_target_https_proxy, gcp_compute_target_https_proxy_info) +* Compute Engine RegionTargetHttpProxy (gcp_compute_region_target_http_proxy, gcp_compute_region_target_http_proxy_info) +* Compute Engine RegionTargetHttpsProxy (gcp_compute_region_target_https_proxy, gcp_compute_region_target_https_proxy_info) +* Compute Engine TargetInstance (gcp_compute_target_instance, gcp_compute_target_instance_info) +* Compute Engine TargetPool (gcp_compute_target_pool, gcp_compute_target_pool_info) +* Compute Engine TargetSslProxy (gcp_compute_target_ssl_proxy, gcp_compute_target_ssl_proxy_info) +* Compute Engine TargetTcpProxy (gcp_compute_target_tcp_proxy, gcp_compute_target_tcp_proxy_info) +* Compute Engine TargetVpnGateway (gcp_compute_target_vpn_gateway, gcp_compute_target_vpn_gateway_info) +* Compute Engine UrlMap (gcp_compute_url_map, gcp_compute_url_map_info) +* Compute Engine VpnTunnel (gcp_compute_vpn_tunnel, gcp_compute_vpn_tunnel_info) +* Google Kubernetes Engine Cluster (gcp_container_cluster, gcp_container_cluster_info) +* Google Kubernetes Engine NodePool (gcp_container_node_pool, gcp_container_node_pool_info) +* Cloud DNS ManagedZone (gcp_dns_managed_zone, gcp_dns_managed_zone_info) +* Cloud DNS ResourceRecordSet (gcp_dns_resource_record_set, gcp_dns_resource_record_set_info) +* Filestore Instance (gcp_filestore_instance, gcp_filestore_instance_info) +* Cloud IAM Role (gcp_iam_role, gcp_iam_role_info) +* Cloud IAM ServiceAccount (gcp_iam_service_account, gcp_iam_service_account_info) +* Cloud IAM ServiceAccountKey (gcp_iam_service_account_key, gcp_iam_service_account_key_info) +* Cloud Key Management Service KeyRing (gcp_kms_key_ring, gcp_kms_key_ring_info) +* Cloud Key Management Service CryptoKey (gcp_kms_crypto_key, gcp_kms_crypto_key_info) +* Cloud (Stackdriver) Logging Metric (gcp_logging_metric, gcp_logging_metric_info) +* ML Engine Model (gcp_mlengine_model, gcp_mlengine_model_info) +* ML Engine Version (gcp_mlengine_version, gcp_mlengine_version_info) +* Cloud Pub/Sub Topic (gcp_pubsub_topic, gcp_pubsub_topic_info) +* Cloud Pub/Sub Subscription (gcp_pubsub_subscription, gcp_pubsub_subscription_info) +* Memorystore (Redis) Instance (gcp_redis_instance, gcp_redis_instance_info) +* Resource Manager Project (gcp_resourcemanager_project, gcp_resourcemanager_project_info) +* Runtime Configurator Config (gcp_runtimeconfig_config, gcp_runtimeconfig_config_info) +* Runtime Configurator Variable (gcp_runtimeconfig_variable, gcp_runtimeconfig_variable_info) +* Service Usage Service (gcp_serviceusage_service, gcp_serviceusage_service_info) +* Cloud Source Repositories Repository (gcp_sourcerepo_repository, gcp_sourcerepo_repository_info) +* Cloud Spanner Instance (gcp_spanner_instance, gcp_spanner_instance_info) +* Cloud Spanner Database (gcp_spanner_database, gcp_spanner_database_info) +* Cloud SQL Instance (gcp_sql_instance, gcp_sql_instance_info) +* Cloud SQL Database (gcp_sql_database, gcp_sql_database_info) +* Cloud SQL User (gcp_sql_user, gcp_sql_user_info) +* Cloud SQL SslCert (gcp_sql_ssl_cert, gcp_sql_ssl_cert_info) +* Cloud Storage Bucket (gcp_storage_bucket, gcp_storage_bucket_info) +* Cloud Storage BucketAccessControl (gcp_storage_bucket_access_control, gcp_storage_bucket_access_control_info) +* Cloud Storage DefaultObjectACL (gcp_storage_default_object_acl, gcp_storage_default_object_acl_info) +* Cloud TPU Node (gcp_tpu_node, gcp_tpu_node_info) +* Secret Manager (gcp_secret_manager) + +## Requirements + +### Ansible version compatibility + +This collection is tested to work with Ansible 2.16+. + +### Python version compatibility + +This collection is tested with to work Python 3.10+ + +## Installation + +Before using this collection, you need to install it with the Ansible Galaxy +command-line tool: + +``` +ansible-galaxy collection install google.cloud +``` + +You can also include it in a requirements.yml file and install it with +ansible-galaxy collection install -r requirements.yml, using the format: + + +```yaml +collections: + - name: google.cloud +``` + +Note that if you install any collections from Ansible Galaxy, they will not be +upgraded automatically when you upgrade the Ansible package. +To upgrade the collection to the latest available version, run the following +command: + +``` +ansible-galaxy collection install google.cloud --upgrade +``` + +You can also install a specific version of the collection, for example, if you +need to downgrade when something is broken in the latest version (please +report an issue in this repository). Use the following syntax to install +version 1.5.1: + +``` +ansible-galaxy collection install google.cloud:==1.5.1 +``` + +See [using Ansible collections](https://docs.ansible.com/ansible/devel/user_guide/collections_using.html) for more details. + +If you are using the google.cloud collection locally you will likely need +to install the [gcloud command line tool](https://cloud.google.com/sdk/docs/install#rpm) +in order to perform authentication The easiest way to +authenticate to GCP is using [application default credentials](https://cloud.google.com/sdk/docs/authorizing#adc). + +Once you have installed `gcloud` and performed basic initialization +(via `gcloud init`) run: + +```shell +gcloud auth application-default login +``` + +For more authentication options see the Use Cases section below. + +## Use Cases + +The google.cloud collection supports multiple methods to authenticate to Google +Cloud: + +* Application Default Credentials (`auth_kind: "application"`) +* Service Account Key (`auth_kind: "serviceaccount"`) +* OAuth Credentials (`auth_kind: "accesstoken"`) + +To use Application default credentials configured using `gcloud`: + +```yaml +- name: Create a Google Cloud Storage bucket + google.cloud.gcp_storage_bucket: + name: "{{ bucket_name }}" + project: "{{ gcp_project }}" + auth_kind: "application" + state: present +- name: Delete a Google Cloud Storage bucket + google.cloud.gcp_storage_bucket: + name: "{{ bucket_name }}" + project: "{{ gcp_project }}" + auth_kind: "application" + state: absent +``` + +For unattended operation it is common to use service account keys. To use +these, set `auth_kind` to `serviceaccount` and `service_account_file` to +the path to the file containing your service account key. + +```yaml +- name: Create a Google Cloud Storage bucket + google.cloud.gcp_storage_bucket: + name: "{{ bucket_name }}" + project: "{{ gcp_project }}" + auth_kind: "serviceaccount" + service_account_file: "{{ gcp_cred_file }}" + state: present +- name: Delete a Google Cloud Storage bucket + google.cloud.gcp_storage_bucket: + name: "{{ bucket_name }}" + project: "{{ gcp_project }}" + auth_kind: "serviceaccount" + service_account_file: "{{ gcp_cred_file }}" + state: absent +``` + +In place of `service_account_file` you may instead use +`service_account_contents` which contains the service account key +directly. + +Read the [best practices for managing service account keys](https://cloud.google.com/iam/docs/best-practices-for-managing-service-account-keys) +to learn how to keep your service account key and your GCP resources safe. + +Common options can also be set using environment variables, simplifying +automated operations. The available variables are: + +```shell +export GCP_PROJECT= +export GCP_AUTH_KIND= +export GCP_SERVICE_ACCOUNT_FILE= +export GCP_SERVICE_ACCOUNT_CONTENTS= +export GCP_SCOPES= +export GCP_REGION= +export GCP_ZONE= +``` + +## Testing + +The google.cloud collection is tested with the two most recent releases of +Ansible with the versions of Python supported by those releases. The +current version matrix can be seen in the +[GitHub action configuration](https://github.com/ansible-collections/google.cloud/blob/master/.github/workflows/ansible-integration-tests.yml). + +To learn how to run the tests locally, read +[CONTRIBUTING.md](https://github.com/ansible-collections/google.cloud/blob/master/CONTRIBUTING.md). + +## Support + +There are several avenues of commuication available for google.cloud users: * Join the Ansible forum: * [Get Help](https://forum.ansible.com/c/help/6): get help or help others. Please use appropriate tags, for example `cloud`. @@ -14,96 +253,19 @@ This collection works with Ansible 2.16+ For more information about communication, see the [Ansible communication guide](https://docs.ansible.com/ansible/devel/community/communication.html). -# Installation -```bash -ansible-galaxy collection install google.cloud -``` +## Release Notes -# Resources Supported - * App Engine FirewallRule (gcp_appengine_firewall_rule, gcp_appengine_firewall_rule_info) - * BigQuery Dataset (gcp_bigquery_dataset, gcp_bigquery_dataset_info) - * BigQuery Table (gcp_bigquery_table, gcp_bigquery_table_info) - * Cloud Bigtable Instance (gcp_bigtable_instance, gcp_bigtable_instance_info) - * Cloud Build Trigger (gcp_cloudbuild_trigger, gcp_cloudbuild_trigger_info) - * Cloud Functions CloudFunction (gcp_cloudfunctions_cloud_function, gcp_cloudfunctions_cloud_function_info) - * Cloud Scheduler Job (gcp_cloudscheduler_job, gcp_cloudscheduler_job_info) - * Cloud Tasks Queue (gcp_cloudtasks_queue, gcp_cloudtasks_queue_info) - * Compute Engine Address (gcp_compute_address, gcp_compute_address_info) - * Compute Engine Autoscaler (gcp_compute_autoscaler, gcp_compute_autoscaler_info) - * Compute Engine BackendBucket (gcp_compute_backend_bucket, gcp_compute_backend_bucket_info) - * Compute Engine BackendService (gcp_compute_backend_service, gcp_compute_backend_service_info) - * Compute Engine RegionBackendService (gcp_compute_region_backend_service, gcp_compute_region_backend_service_info) - * Compute Engine Disk (gcp_compute_disk, gcp_compute_disk_info) - * Compute Engine Firewall (gcp_compute_firewall, gcp_compute_firewall_info) - * Compute Engine ForwardingRule (gcp_compute_forwarding_rule, gcp_compute_forwarding_rule_info) - * Compute Engine GlobalAddress (gcp_compute_global_address, gcp_compute_global_address_info) - * Compute Engine GlobalForwardingRule (gcp_compute_global_forwarding_rule, gcp_compute_global_forwarding_rule_info) - * Compute Engine HttpHealthCheck (gcp_compute_http_health_check, gcp_compute_http_health_check_info) - * Compute Engine HttpsHealthCheck (gcp_compute_https_health_check, gcp_compute_https_health_check_info) - * Compute Engine HealthCheck (gcp_compute_health_check, gcp_compute_health_check_info) - * Compute Engine InstanceTemplate (gcp_compute_instance_template, gcp_compute_instance_template_info) - * Compute Engine Image (gcp_compute_image, gcp_compute_image_info) - * Compute Engine Instance (gcp_compute_instance, gcp_compute_instance_info) - * Compute Engine InstanceGroup (gcp_compute_instance_group, gcp_compute_instance_group_info) - * Compute Engine InstanceGroupManager (gcp_compute_instance_group_manager, gcp_compute_instance_group_manager_info) - * Compute Engine RegionInstanceGroupManager (gcp_compute_region_instance_group_manager, gcp_compute_region_instance_group_manager_info) - * Compute Engine InterconnectAttachment (gcp_compute_interconnect_attachment, gcp_compute_interconnect_attachment_info) - * Compute Engine Network (gcp_compute_network, gcp_compute_network_info) - * Compute Engine NetworkEndpointGroup (gcp_compute_network_endpoint_group, gcp_compute_network_endpoint_group_info) - * Compute Engine NodeGroup (gcp_compute_node_group, gcp_compute_node_group_info) - * Compute Engine NodeTemplate (gcp_compute_node_template, gcp_compute_node_template_info) - * Compute Engine RegionAutoscaler (gcp_compute_region_autoscaler, gcp_compute_region_autoscaler_info) - * Compute Engine RegionDisk (gcp_compute_region_disk, gcp_compute_region_disk_info) - * Compute Engine RegionUrlMap (gcp_compute_region_url_map, gcp_compute_region_url_map_info) - * Compute Engine RegionHealthCheck (gcp_compute_region_health_check, gcp_compute_region_health_check_info) - * Compute Engine ResourcePolicy (gcp_compute_resource_policy, gcp_compute_resource_policy_info) - * Compute Engine Route (gcp_compute_route, gcp_compute_route_info) - * Compute Engine Router (gcp_compute_router, gcp_compute_router_info) - * Compute Engine Snapshot (gcp_compute_snapshot, gcp_compute_snapshot_info) - * Compute Engine SslCertificate (gcp_compute_ssl_certificate, gcp_compute_ssl_certificate_info) - * Compute Engine Reservation (gcp_compute_reservation, gcp_compute_reservation_info) - * Compute Engine SslPolicy (gcp_compute_ssl_policy, gcp_compute_ssl_policy_info) - * Compute Engine Subnetwork (gcp_compute_subnetwork, gcp_compute_subnetwork_info) - * Compute Engine TargetHttpProxy (gcp_compute_target_http_proxy, gcp_compute_target_http_proxy_info) - * Compute Engine TargetHttpsProxy (gcp_compute_target_https_proxy, gcp_compute_target_https_proxy_info) - * Compute Engine RegionTargetHttpProxy (gcp_compute_region_target_http_proxy, gcp_compute_region_target_http_proxy_info) - * Compute Engine RegionTargetHttpsProxy (gcp_compute_region_target_https_proxy, gcp_compute_region_target_https_proxy_info) - * Compute Engine TargetInstance (gcp_compute_target_instance, gcp_compute_target_instance_info) - * Compute Engine TargetPool (gcp_compute_target_pool, gcp_compute_target_pool_info) - * Compute Engine TargetSslProxy (gcp_compute_target_ssl_proxy, gcp_compute_target_ssl_proxy_info) - * Compute Engine TargetTcpProxy (gcp_compute_target_tcp_proxy, gcp_compute_target_tcp_proxy_info) - * Compute Engine TargetVpnGateway (gcp_compute_target_vpn_gateway, gcp_compute_target_vpn_gateway_info) - * Compute Engine UrlMap (gcp_compute_url_map, gcp_compute_url_map_info) - * Compute Engine VpnTunnel (gcp_compute_vpn_tunnel, gcp_compute_vpn_tunnel_info) - * Google Kubernetes Engine Cluster (gcp_container_cluster, gcp_container_cluster_info) - * Google Kubernetes Engine NodePool (gcp_container_node_pool, gcp_container_node_pool_info) - * Cloud DNS ManagedZone (gcp_dns_managed_zone, gcp_dns_managed_zone_info) - * Cloud DNS ResourceRecordSet (gcp_dns_resource_record_set, gcp_dns_resource_record_set_info) - * Filestore Instance (gcp_filestore_instance, gcp_filestore_instance_info) - * Cloud IAM Role (gcp_iam_role, gcp_iam_role_info) - * Cloud IAM ServiceAccount (gcp_iam_service_account, gcp_iam_service_account_info) - * Cloud IAM ServiceAccountKey (gcp_iam_service_account_key, gcp_iam_service_account_key_info) - * Cloud Key Management Service KeyRing (gcp_kms_key_ring, gcp_kms_key_ring_info) - * Cloud Key Management Service CryptoKey (gcp_kms_crypto_key, gcp_kms_crypto_key_info) - * Cloud (Stackdriver) Logging Metric (gcp_logging_metric, gcp_logging_metric_info) - * ML Engine Model (gcp_mlengine_model, gcp_mlengine_model_info) - * ML Engine Version (gcp_mlengine_version, gcp_mlengine_version_info) - * Cloud Pub/Sub Topic (gcp_pubsub_topic, gcp_pubsub_topic_info) - * Cloud Pub/Sub Subscription (gcp_pubsub_subscription, gcp_pubsub_subscription_info) - * Memorystore (Redis) Instance (gcp_redis_instance, gcp_redis_instance_info) - * Resource Manager Project (gcp_resourcemanager_project, gcp_resourcemanager_project_info) - * Runtime Configurator Config (gcp_runtimeconfig_config, gcp_runtimeconfig_config_info) - * Runtime Configurator Variable (gcp_runtimeconfig_variable, gcp_runtimeconfig_variable_info) - * Service Usage Service (gcp_serviceusage_service, gcp_serviceusage_service_info) - * Cloud Source Repositories Repository (gcp_sourcerepo_repository, gcp_sourcerepo_repository_info) - * Cloud Spanner Instance (gcp_spanner_instance, gcp_spanner_instance_info) - * Cloud Spanner Database (gcp_spanner_database, gcp_spanner_database_info) - * Cloud SQL Instance (gcp_sql_instance, gcp_sql_instance_info) - * Cloud SQL Database (gcp_sql_database, gcp_sql_database_info) - * Cloud SQL User (gcp_sql_user, gcp_sql_user_info) - * Cloud SQL SslCert (gcp_sql_ssl_cert, gcp_sql_ssl_cert_info) - * Cloud Storage Bucket (gcp_storage_bucket, gcp_storage_bucket_info) - * Cloud Storage BucketAccessControl (gcp_storage_bucket_access_control, gcp_storage_bucket_access_control_info) - * Cloud Storage DefaultObjectACL (gcp_storage_default_object_acl, gcp_storage_default_object_acl_info) - * Cloud TPU Node (gcp_tpu_node, gcp_tpu_node_info) - * Secret Manager (gcp_secret_manager) +See [CHANGELOG.md](https://github.com/ansible-collections/google.cloud/blob/master/CHANGELOG.rst). + +## Related Information + +Documentation for Google Cloud Platform can be found at [cloud.google.com](https://cloud.google.com/docs/). + +Documentation for google.cloud resources can be found on the [Ansible Galaxy site](https://galaxy.ansible.com/ui/repo/published/google/cloud/docs/). + +## License Information + +GNU General Public License v3.0 or later. + +See [LICENSE](https://github.com/ansible-collections/google.cloud/blob/master/LICENSE) +to view the full text. From f1197aaaf59e421507b040f496525f7a44fa595f Mon Sep 17 00:00:00 2001 From: Chris Hawk Date: Wed, 30 Apr 2025 11:33:26 -0700 Subject: [PATCH 30/51] Prepare for 1.5.3 release --- CHANGELOG.rst | 8 ++++++++ changelogs/changelog.yaml | 7 +++++++ galaxy.yml | 2 +- 3 files changed, 16 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.rst b/CHANGELOG.rst index be1559c5..5dcfaf4a 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -4,6 +4,14 @@ Google.Cloud Release Notes .. contents:: Topics +v1.5.3 +====== + +Bugfixes +-------- + +- updated README to match required format (https://github.com/ansible-collections/google.cloud/pull/682). + v1.5.2 ====== diff --git a/changelogs/changelog.yaml b/changelogs/changelog.yaml index c19023c8..c93d52a5 100644 --- a/changelogs/changelog.yaml +++ b/changelogs/changelog.yaml @@ -135,3 +135,10 @@ releases: fragments: - 677-get-project-disks.yaml release_date: '2025-04-18' + 1.5.3: + changes: + bugfixes: + - updated README to match required format (https://github.com/ansible-collections/google.cloud/pull/682). + fragments: + - 682-update-readme.yaml + release_date: '2025-04-30' diff --git a/galaxy.yml b/galaxy.yml index cb68bdaa..fd0d4fb5 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -10,7 +10,7 @@ namespace: google name: cloud # The version of the collection. Must be compatible with semantic versioning -version: 1.5.2 +version: 1.5.3 # The path to the Markdown (.md) readme file. This path is relative to the root of the collection readme: README.md From 342a0b2f95497ba56975312e950827f93881fb32 Mon Sep 17 00:00:00 2001 From: durgesh-ninave-crest Date: Tue, 13 May 2025 17:58:24 +0530 Subject: [PATCH 31/51] feat(parametermanager): added support for parameter manager module and lookup --- plugins/lookup/gcp_parameter_manager.py | 312 +++++++++ plugins/modules/gcp_parameter_manager.py | 647 ++++++++++++++++++ .../targets/gcp_parameter_manager/aliases | 1 + .../gcp_parameter_manager/defaults/main.yml | 3 + .../gcp_parameter_manager/meta/main.yml | 0 .../gcp_parameter_manager/tasks/main.yml | 9 + .../tasks/parameters.yml | 343 ++++++++++ .../tasks/parameterslookup.yml | 108 +++ .../tasks/regionalparameters.yml | 366 ++++++++++ .../tasks/regionalparameterslookup.yml | 114 +++ 10 files changed, 1903 insertions(+) create mode 100644 plugins/lookup/gcp_parameter_manager.py create mode 100644 plugins/modules/gcp_parameter_manager.py create mode 100644 tests/integration/targets/gcp_parameter_manager/aliases create mode 100644 tests/integration/targets/gcp_parameter_manager/defaults/main.yml create mode 100644 tests/integration/targets/gcp_parameter_manager/meta/main.yml create mode 100644 tests/integration/targets/gcp_parameter_manager/tasks/main.yml create mode 100644 tests/integration/targets/gcp_parameter_manager/tasks/parameters.yml create mode 100644 tests/integration/targets/gcp_parameter_manager/tasks/parameterslookup.yml create mode 100644 tests/integration/targets/gcp_parameter_manager/tasks/regionalparameters.yml create mode 100644 tests/integration/targets/gcp_parameter_manager/tasks/regionalparameterslookup.yml diff --git a/plugins/lookup/gcp_parameter_manager.py b/plugins/lookup/gcp_parameter_manager.py new file mode 100644 index 00000000..ee286cb6 --- /dev/null +++ b/plugins/lookup/gcp_parameter_manager.py @@ -0,0 +1,312 @@ +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +from __future__ import (absolute_import, division, print_function) +__metaclass__ = type + +DOCUMENTATION = ''' + author: + - + name: gcp_parameter_manager + short_description: Get Parameters from Google Cloud as a Lookup plugin + description: + - retrieve parameter keys in parameter Manager for use in playbooks + - see https://cloud.google.com/iam/docs/service-account-creds for details on creating + credentials for Google Cloud and the format of such credentials + - once a parameter value is retreived, it is returned decoded. It is up to the developer + to maintain secrecy of this value once returned. + - if location option is defined, then it deals with the regional parameters of the + location + + options: + key: + description: + - the name of the parameter to look up in parameter Manager + type: str + required: True + aliases: + - name + - parameter + - parameter_id + project: + description: + - The name of the google cloud project + - defaults to OS env variable GCP_PROJECT if not present + type: str + location: + description: + - If provided, it defines the location of the regional parameter. + type: str + render_secret: + description: + - support for rendering secrets + - defaults to false if not present + type: bool + auth_kind: + description: + - the type of authentication to use with Google Cloud (i.e. serviceaccount or machineaccount) + - defaults to OS env variable GCP_AUTH_KIND if not present + type: str + version: + description: + - the version name of your parameter to retrieve + type: str + required: False + service_account_email: + description: + - email associated with the service account + - defaults to OS env variable GCP_SERVICE_ACCOUNT_EMAIL if not present + type: str + required: False + service_account_file: + description: + - JSON Credential file obtained from Google Cloud + - defaults to OS env variable GCP_SERVICE_ACCOUNT_FILE if not present + - see https://cloud.google.com/iam/docs/service-account-creds for details + type: str + required: False + service_account_info: + description: + - JSON Object representing the contents of a service_account_file obtained from Google Cloud + - defaults to OS env variable GCP_SERVICE_ACCOUNT_INFO if not present + type: jsonarg + required: False + access_token: + description: + - support for GCP Access Token + - defaults to OS env variable GCP_ACCESS_TOKEN if not present + type: str + required: False + on_error: + description: + - how to handle errors + - strict means raise an exception + - warn means warn, and return none + - ignore means just return none + type: str + required: False + choices: + - 'strict' + - 'warn' + - 'ignore' + default: 'strict' + scopes: + description: + - Authenticaiton scopes for Google parameter Manager + type: list + default: ["https://www.googleapis.com/auth/cloud-platform"] +''' + + +EXAMPLES = ''' +- name: Test parameter using env variables for credentials + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_parameter_manager', key='parameter_key', version='test_version') }}" + +- name: Test parameter using explicit credentials + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_parameter_manager', key='parameter_key', version='test_version', project='project', auth_kind='serviceaccount', service_account_file='file.json') }}" + +- name: Test getting specific version of a parameter + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_parameter_manager', key='parameter_key', version='test-version') }}" + +- name: Test getting latest version of a parameter + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_parameter_manager', key='parameter_key') }}" + +- name: Test render specific version of a parameter + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_parameter_manager', key='parameter_key', version='test-version', render_secret=True) }}" + +- name: Test render latest version of a parameter + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_parameter_manager', key='parameter_key', render_secret=True) }}" + +- name: Test regional parameter using env variables for credentials + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_parameter_manager', key='parameter_key', location='us-central1', version='test_version') }}" + +- name: Test regional parameter using explicit credentials + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_parameter_manager', key='parameter_key', location='us-central1', version='test_version', project='project', auth_kind='serviceaccount', service_account_file='file.json') }}" + +- name: Test getting specific version of a regional parameter + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_parameter_manager', key='parameter_key', location='us-central1', version='test_version') }}" + +- name: Test getting latest version of a regional parameter + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_parameter_manager', key='parameter_key', location='us-central1') }}" + +- name: Test render specific version of a regional parameter + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_parameter_manager', key='parameter_key', location='us-central1', version='test_version', render_secret=True) }}" + +- name: Test render latest version of a regional parameter + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_parameter_manager', key='parameter_key', location='us-central1', render_secret=True) }}" +''' + +RETURN = ''' + _raw: + description: the contents of the parameter requested (please use "no_log" to not expose this parameter) + type: list + elements: str +''' + + +################################################################################ +# Imports +################################################################################ + +import os +import base64 + +from ansible.plugins.lookup import LookupBase +from ansible.errors import AnsibleError +from ansible.utils.display import Display + +try: + import requests + HAS_REQUESTS = True +except ImportError: + HAS_REQUESTS = False + +try: + from ansible_collections.google.cloud.plugins.module_utils.gcp_utils import ( + GcpSession, + ) + HAS_GOOGLE_CLOUD_COLLECTION = True +except ImportError: + HAS_GOOGLE_CLOUD_COLLECTION = False + + +class GcpLookupException(Exception): + pass + + +class GcpMockModule(object): + def __init__(self, params): + self.params = params + + def fail_json(self, *args, **kwargs): + raise AnsibleError(kwargs["msg"]) + + def raise_for_status(self, response): + try: + response.raise_for_status() + except getattr(requests.exceptions, "RequestException"): + self.fail_json(msg="GCP returned error: %s" % response.json()) + + +class LookupModule(LookupBase): + def run(self, terms=None, variables=None, **kwargs): + self._display = Display() + if not HAS_GOOGLE_CLOUD_COLLECTION: + raise AnsibleError( + """gcp_parameter lookup needs a supported version of the google.cloud + collection installed. Use `ansible-galaxy collection install google.cloud` + to install it""" + ) + self.set_options(var_options=variables, direct=kwargs) + params = { + "key": self.get_option("key"), + "location": self.get_option("location"), + "version": self.get_option("version"), + "access_token": self.get_option("access_token"), + "scopes": self.get_option("scopes"), + "render_secret": self.get_option("render_secret"), + "on_error": self.get_option("on_error") + } + + params['name'] = params['key'] + + # support GCP_* env variables for some parameters + for param in ["project", "auth_kind", "service_account_file", "service_account_info", "service_account_email", "access_token"]: + params[param] = self.fallback_from_env(param) + + self._display.vvv(msg=f"Module Parameters: {params}") + fake_module = GcpMockModule(params) + result = self.get_parameter(fake_module) + return [base64.b64decode(result)] + + def fallback_from_env(self, arg): + if self.get_option(arg): + return self.get_option(arg) + else: + env_name = f"GCP_{arg.upper()}" + if env_name in os.environ: + self.set_option(arg, os.environ[env_name]) + return self.get_option(arg) + + def raise_error(self, module, msg): + if module.params.get('on_error') == 'strict': + raise GcpLookupException(msg) + elif module.params.get('on_error') == 'warn': + self._display.warning(msg) + + return None + + def get_latest_version(self, module, auth): + url = (self.make_url_prefix(module) + "parameters/{name}/versions?orderBy=create_time desc&filter=disabled=false").format( + **module.params + ) + response = auth.get(url) + self._display.vvv(msg=f"List Version Response: {response.status_code} for {response.request.url}: {response.json()}") + if response.status_code != 200: + self.raise_error(module, f"unable to list versions of parameter {response.status_code}") + version_list = response.json() + if "parameterVersions" in version_list and len(version_list["parameterVersions"]) > 0: + # Extract name from the first index + version_name = version_list["parameterVersions"][0]["name"] + return version_name.split('/')[-1] + else: + self.raise_error(module, f"unable to list parameter versions via {response.request.url}: {response.json()}") + + def get_parameter(self, module): + auth = GcpSession(module, "parametermanager") + + if module.params.get('project') is None: + self.raise_error(module, "The project is required. Please specify the Google Cloud project to use.") + + if module.params.get('version') == 'latest' or module.params.get('version') is None: + module.params['version'] = self.get_latest_version(module, auth) + + if module.params.get('render_secret') is None: + module.params['render_secret'] = False + + # there was an error listing parameter versions + if module.params.get('version') is None: + return '' + + if module.params.get('render_secret') is not None: + url = (self.make_url_prefix(module) + "parameters/{name}/versions/{version}:render").format( + **module.params + ) + else: + url = (self.make_url_prefix(module) + "parameters/{name}/versions/{version}").format( + **module.params + ) + response = auth.get(url) + self._display.vvv(msg=f"Response: {response.status_code} for {response.request.url}: {response.json()}") + if response.status_code != 200: + self.raise_error(module, f"Failed to lookup parameter value via {response.request.url} {response.status_code}") + return '' + + response_json = response.json() + if module.params.get('render_secret') is not None: + if 'renderedPayload' not in response_json: + self.raise_error(module, "The parameter version is disabled or the response does not contain the 'renderedPayload' field.") + return '' + return response_json['renderedPayload'] + else: + if 'payload' not in response_json or 'data' not in response_json['payload']: + self.raise_error(module, "The parameter version is disabled or the response does not contain the 'data' field.") + return '' + return response_json['payload']['data'] + + def make_url_prefix(self, module): + if module.params.get('location') and module.params.get('location') != 'global': + return "https://parametermanager.{location}.rep.googleapis.com/v1/projects/{project}/locations/{location}/" + return "https://parametermanager.googleapis.com/v1/projects/{project}/locations/global/" diff --git a/plugins/modules/gcp_parameter_manager.py b/plugins/modules/gcp_parameter_manager.py new file mode 100644 index 00000000..c54cd3cf --- /dev/null +++ b/plugins/modules/gcp_parameter_manager.py @@ -0,0 +1,647 @@ +#!/usr/bin/python + +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt +# or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +################################################################################ +# Documentation +################################################################################ + + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type + +ANSIBLE_METADATA = {'metadata_version': '1.1', 'status': ["preview"], 'supported_by': 'community'} + +DOCUMENTATION = ''' +--- +module: gcp_parameter_manager +description: +- Access and Update Google Cloud Parameter Manager objects +- Create new parameters. +- Create new parameters with format. +- Create new parameters with labels. +- Create new parameters with format and labels. +- Add/Remove parameter version. +- Remove parameter. +short_description: Access and Update Google Cloud Parameter Manager objects +author: +requirements: +- python >= 3.7 +- requests >= 2.32.3 +- google-auth >= 2.39.0 +options: + project: + description: + - The Google Cloud Platform project to use. Defaults to OS env variable + GCP_PROJECT if not present + type: str + auth_kind: + description: + - The type of credential used. + type: str + required: true + choices: + - application + - machineaccount + - serviceaccount + - accesstoken + service_account_contents: + description: + - The contents of a Service Account JSON file, either in a dictionary or as a + JSON string that represents it. + type: jsonarg + service_account_file: + description: + - The path of a Service Account JSON file if serviceaccount is selected as type. + type: path + service_account_email: + description: + - An optional service account email address if machineaccount is selected and + the user does not wish to use the default email. + type: str + access_token: + description: + - An OAuth2 access token if credential type is accesstoken. + type: str + scopes: + description: + - Array of scopes to be used + type: list + elements: str + env_type: + description: + - Specifies which Ansible environment you're running this module within. + - This should not be set unless you know what you're doing. + - This only alters the User Agent string for any API requests. + type: str + name: + description: + - Name of the parameter to be used + type: str + required: true + aliases: + - key + - parameter + - parameter_id + format: + description: + - Format of the parameter to be used. + type: str + default: UNFORMATTED + choices: + - UNFORMATTED + - JSON + - YAML + location: + description: + - Location of the parameter to be used + type: str + default: global + version: + description: + - Name of the parameter to be used + type: str + required: false + aliases: + - version_id + - parameter_version_id + value: + description: + - The parameter value that the parameter should have + - this will be set upon create + - If the parameter value is not this, a new version will be added with this value + type: str + state: + description: + - whether the parameter should exist + default: present + choices: + - absent + - present + type: str + return_value: + description: + - if true, the value of the parameter will be returned unencrypted to Ansible + - if false, no value will be returned or decrypted + type: bool + default: true + labels: + description: + - A set of key-value pairs to assign as labels to a parameter + - only used in creation + - Note that the "value" piece of a label must contain only readable chars + type: dict +''' + +EXAMPLES = r''' +- name: Create a new parameter + google.cloud.gcp_parameter_manager: + name: parameter_key + state: present + auth_kind: serviceaccount + service_account_file: service_account_creds.json + +- name: Create a new parameter with version + google.cloud.gcp_parameter_manager: + name: parameter_key + version: version_key + value: super_parameter + state: present + auth_kind: serviceaccount + service_account_file: service_account_creds.json + +- name: Create a new structured parameter + google.cloud.gcp_parameter_manager: + name: parameter_key + version: version_key + format: JSON + value: "{\"key\":\"value\"}" + state: present + auth_kind: serviceaccount + service_account_file: service_account_creds.json + +- name: Create a parameter with labels + google.cloud.gcp_parameter_manager: + name: parameter_key + version: version_key + value: super_parameter + state: present + auth_kind: serviceaccount + service_account_file: service_account_creds.json + labels: + key_name: "ansible_rox" + +- name: Create a structured parameter with labels + google.cloud.gcp_parameter_manager: + name: parameter_key + version: version_key + format: JSON + value: "{\"key\":\"value\"}" + state: present + auth_kind: serviceaccount + service_account_file: service_account_creds.json + labels: + key_name: "ansible_rox" + +- name: Ensure the parameter exists, fail otherwise and return the value + google.cloud.gcp_parameter_manager: + name: parameter_key + state: present + +- name: Ensure parameter exists but don't return the value + google.cloud.gcp_parameter_manager: + name: parameter_key + state: present + return_value: false + +- name: Add a new version of a parameter + google.cloud.gcp_parameter_manager: + name: parameter_key + version: version_key + value: updated super parameter + state: present + +- name: Delete version 1 of a parameter (but not the parameter itself) + google.cloud.gcp_parameter_manager: + name: parameter_key + version: version_key + state: absent + +- name: Delete parameter + google.cloud.gcp_parameter_manager: + name: parameter_key + state: absent + +- name: Create a new regional parameter + google.cloud.gcp_parameter_manager: + name: parameter_key + state: present + auth_kind: serviceaccount + service_account_file: service_account_creds.json + +- name: Create a new regional parameter with version + google.cloud.gcp_parameter_manager: + name: parameter_key + version: version_key + value: super_parameter + state: present + auth_kind: serviceaccount + service_account_file: service_account_creds.json + +- name: Create a new structured regional parameter + google.cloud.gcp_parameter_manager: + name: parameter_key + version: version_key + format: JSON + value: "{\"key\":\"value\"}" + state: present + auth_kind: serviceaccount + service_account_file: service_account_creds.json + +- name: Create a regional parameter with labels + google.cloud.gcp_parameter_manager: + name: parameter_key + version: version_key + value: super_parameter + state: present + auth_kind: serviceaccount + service_account_file: service_account_creds.json + labels: + key_name: "ansible_rox" + +- name: Create a structured regional parameter with labels + google.cloud.gcp_parameter_manager: + name: parameter_key + version: version_key + format: JSON + value: "{\"key\":\"value\"}" + state: present + auth_kind: serviceaccount + service_account_file: service_account_creds.json + labels: + key_name: "ansible_rox" + +- name: Ensure the regional parameter exists, fail otherwise and return the value + google.cloud.gcp_parameter_manager: + name: parameter_key + state: present + +- name: Ensure regional parameter exists but don't return the value + google.cloud.gcp_parameter_manager: + name: parameter_key + state: present + return_value: false + +- name: Add a new version of a regional parameter + google.cloud.gcp_parameter_manager: + name: parameter_key + version: version_key + value: updated super parameter + state: present + +- name: Delete version 1 of a regional parameter (but not the regional parameter itself) + google.cloud.gcp_parameter_manager: + name: parameter_key + version: version_key + state: absent + +- name: Delete parameter + google.cloud.gcp_parameter_manager: + name: parameter_key + state: absent +''' + +RETURN = r''' +resources: + description: List of resources + returned: always + type: complex + contains: + name: + description: + - The name of the parameter + returned: success + type: str + location: + description: + - The location of the regional parameter + returned: success + type: str + version: + description: + - the version of the parameter returned + returned: success + type: str + url: + description: + - the Google Cloud URL used to make the request + returned: success + type: str + status_code: + description: + - the HTTP status code of the response to Google Cloud + returned: success + type: str + msg: + description: + - A message indicating what was done (or not done) + returned: success, failure + type: str + value: + description: + - The decrypted parameter data value, please use care with this + returned: success + type: str + payload: + description: + - The base 64 parameter payload + returned: success + type: dict +''' + + +################################################################################ +# Imports +################################################################################ + +from ansible_collections.google.cloud.plugins.module_utils.gcp_utils import ( + navigate_hash, + GcpSession, + GcpModule +) +from google.auth.exceptions import RefreshError + +# for decoding and validating parameters +import json +import base64 + +def get_auth(module): + return GcpSession(module, 'parameter-manager') + + +def make_url_prefix(module): + if module.params.get('location') is not None and module.params.get('location') != 'global': + return "https://parametermanager.{location}.rep.googleapis.com/v1/projects/{project}/locations/{location}/" + return "https://parametermanager.googleapis.com/v1/projects/{project}/locations/global/" + + +def self_parameter_link(module): + return (make_url_prefix(module) + "parameters/{name}").format(**module.params) + + +def self_parameter_version_link(module): + return (make_url_prefix(module) + "parameters/{name}/versions/{version}").format(**module.params) + + +def self_parameter_list_link(module): + return (make_url_prefix(module) + "parameters").format(**module.params) + + +def self_parameter_version_list_link(module): + return (make_url_prefix(module) + "parameters/{name}/versions").format(**module.params) + + +def check_parameter_exist(module, allow_not_found=True): + auth = get_auth(module) + param_list = list_parameters(module) + if param_list is None: + return None + + link = self_parameter_link(module) + access_obj = return_if_object(module, auth.get(link), allow_not_found) + if access_obj is None: + return None + return access_obj + + +def check_parameter_version_exist(module, allow_not_found=True): + auth = get_auth(module) + version_list = list_parameter_versions(module) + if version_list is None: + return None + + link = self_parameter_version_link(module) + access_obj = return_if_object(module, auth.get(link), allow_not_found) + if access_obj is None: + return None + return access_obj + + +def create_parameter(module): + # build the payload + payload = dict() + if module.params.get('format'): + payload['format'] = module.params.get('format') + if module.params.get('labels'): + payload['labels'] = module.params.get('labels') + + url = (make_url_prefix(module) + "parameters?parameter_id={name}").format(**module.params) + auth = get_auth(module) + # validate create + return return_if_object(module, auth.post(url, payload), False) + + +def create_parameter_version(module): + # build the payload + b64_value = base64.b64encode(module.params.get('value').encode("utf-8")).decode("utf-8") + payload = { + u'payload': { + u'data': b64_value + } + } + auth = get_auth(module) + url = (make_url_prefix(module) + "parameters/{name}/versions?parameter_version_id={version}").format(**module.params) + # validate create + return return_if_object(module, auth.post(url, payload), False) + + +def list_parameters(module): + url = self_parameter_list_link(module) + auth = get_auth(module) + return return_if_object(module, auth.get(url), True) + + +def list_parameter_versions(module): + # filter by only enabled parameter version + url = self_parameter_version_list_link(module) + auth = get_auth(module) + return return_if_object(module, auth.get(url), True) + + +def delete_parameter(module): + auth = get_auth(module) + url = self_parameter_link(module) + return return_if_object(module, auth.delete(url), True) + + +def delete_parameter_version(module): + auth = get_auth(module) + url = self_parameter_version_link(module) + return return_if_object(module, auth.delete(url), True) + + +def return_if_object(module, response, allow_not_found=False): + # If not found, return nothing. + if allow_not_found and response.status_code == 404: + return None + + if response.status_code == 409: + module.params['info'] = "exists already" + return None + + # probably a code error + if response.status_code == 400: + module.fail_json(msg="unexpected REST failure: %s" % response.json()['error']) + + # If no content, return nothing. + if response.status_code == 204: + return None + + try: + module.raise_for_status(response) + result = response.json() + result['url'] = response.request.url + result['status_code'] = response.status_code + if "name" in result: + result['location'] = result['name'].split("/")[3] + result['name'] = result['name'].split("/")[5] + if len(result['name'].split("/")) == 8: + result['version'] = result['name'].split("/")[-1] + + # base64 decode the value + if "payload" in result and "data" in result['payload']: + result['value'] = base64.b64decode(result['payload']['data']).decode("utf-8") + + except getattr(json.decoder, 'JSONDecodeError', ValueError): + module.fail_json(msg="Invalid JSON response with error: %s" % response.text) + + if navigate_hash(result, ['error', 'errors']): + module.fail_json(msg=navigate_hash(result, ['error', 'errors'])) + + return result + + +def main(): + module = GcpModule( + argument_spec=dict( + state=dict(default='present', choices=['present', 'absent'], type='str'), + name=dict(required=True, type='str', aliases=['key', 'parameter', 'parameter_id']), + version=dict(required=False, type='str', aliases=['version_id', 'parameter_verison_id']), + location=dict(required=False, type='str'), + value=dict(required=False, type='str'), + format=dict(required=False, type='str', default='UNFORMATTED', choices=['UNFORMATTED', 'JSON', 'YAML']), + return_value=dict(required=False, type='bool', default=True), + labels=dict(required=False, type='dict', default=dict()) + ) + ) + + try : + if module.params.get('scopes') is None: + module.params['scopes'] = ["https://www.googleapis.com/auth/cloud-platform"] + + if module.params.get('project') is None: + module.fail_json(msg="The project is required. Please specify the Google Cloud project to use.") + + state = module.params.get('state') + changed = False + fetch = check_parameter_exist(module, allow_not_found=True) + fetch_version = None + if fetch: + fetch_version = check_parameter_version_exist(module, allow_not_found=True) + + + if state == 'present': + # if parameter not exist + if not fetch: + # doesn't exist, must create + if module.params.get('version') and module.params.get('value'): + # create a new parameter + fetch = create_parameter(module) + fetch = create_parameter_version(module) + changed = True + # specified present and verison is provided but value is not provided + elif module.params.get('version') and module.params.get('value') is None: + module.fail_json(msg="parameter '{name}' not present in '{project}' and no value for the parameter version is provided".format(**module.params)) + # specified present and verison is not provided + # that no parameter could be created without a version + elif module.params.get('value'): + module.fail_json(msg="parameter '{name}' not present in '{project}' and no version for the parameter is provided".format(**module.params)) + # specified present but no value + # that no parameter version could be created without a value to encrypt + else: + fetch = create_parameter(module) + changed = True + + elif not fetch_version: + # doesn't exist, must create + if module.params.get('version') and module.params.get('value'): + fetch = create_parameter_version(module) + changed = True + # specified present and verison is provided but value is not provided + elif module.params.get('version') and module.params.get('value') is None: + module.fail_json(msg="parameter '{name}' present in '{project}' and no value for the parameter version is provided".format(**module.params)) + # specified present and verison is not provided + # that no parameter could be created without a version + elif module.params.get('value'): + module.fail_json(msg="parameter '{name}' present in '{project}' and no version for the parameter is provided".format(**module.params)) + # specified present but no value + # that no parameter could be created without a value to encrypt + else: + module.fail_json(msg="parameter '{name}' present in '{project}' and no value and version for the parameter is provided".format(**module.params)) + + else: + # parameter and parameter version both exist + # check if the value is the same + # if not, delete the version and create new one + # if the value is the same, do nothing + if "value" in fetch_version and module.params.get('value','') is not None: + if fetch_version['value'] != module.params.get('value'): + fetch['msg'] = 'values not identical, but parameter version name is same' + # Delete existing version and create new one + fetch = delete_parameter_version(module) + fetch = create_parameter_version(module) + changed = True + else: + module.exit_json(msg="parameter '{name}' is already exist and value is the same".format(**module.params)) + elif module.params.get('value','') is None: + module.fail_json(msg="parameter '{name}' present in '{project}' and no value for the parameter version is provided".format(**module.params)) + + else: + if fetch is None: + fetch = {} + module.exit_json(msg="parameter {name} is not exist".format(**module.params)) + + if fetch_version is None and module.params.get('version'): + fetch = {} + module.exit_json(msg="parameter version {version} is not exist".format(**module.params)) + + if module.params.get('version'): + version = delete_parameter_version(module) + if version is not None: + fetch = version + changed = True + else: + module.exit_json(msg="parameter version {version} is already deleted".format(**module.params)) + else: + versions = list_parameter_versions(module) + if versions is not None: + version = versions.get('parameterVersions', None) + if version is None: + param = delete_parameter(module) + if param is not None: + changed = True + fetch = param + else: + module.exit_json(msg="parameter {name} is already deleted".format(**module.params)) + else: + module.fail_json(msg="parameter {name} has nested version resources".format(**module.params)) + else: + module.exit_json(msg="parameter {name} is not exist".format(**module.params)) + + + # # pop value data if return_value == false + if module.params.get('return_value') is False: + if "value" in fetch: + fetch.pop('value') + if "payload" in fetch: + fetch.pop('payload') + if "msg" in fetch: + fetch['msg'] = "{} | not returning parameter value since 'return_value' is set to false".format(fetch['msg']) + else: + fetch['msg'] = "not returning parameter value since 'return_value' is set to false" + + fetch['changed'] = changed + fetch['name'] = module.params.get('name') + except RefreshError as e: + module.fail_json(msg=f"Failed to refresh OAuth token: {str(e)}") + except Exception as e: + module.fail_json(msg=f"An unexpected error occurred: {str(e)}") + + module.exit_json(**fetch) + + +if __name__ == "__main__": + main() diff --git a/tests/integration/targets/gcp_parameter_manager/aliases b/tests/integration/targets/gcp_parameter_manager/aliases new file mode 100644 index 00000000..0e4419e3 --- /dev/null +++ b/tests/integration/targets/gcp_parameter_manager/aliases @@ -0,0 +1 @@ +cloud/gcp \ No newline at end of file diff --git a/tests/integration/targets/gcp_parameter_manager/defaults/main.yml b/tests/integration/targets/gcp_parameter_manager/defaults/main.yml new file mode 100644 index 00000000..61fa8b04 --- /dev/null +++ b/tests/integration/targets/gcp_parameter_manager/defaults/main.yml @@ -0,0 +1,3 @@ +--- +resource_name: "{{ resource_prefix }}" +lookup_resource_name: "{{ resource_prefix }}_lookup" diff --git a/tests/integration/targets/gcp_parameter_manager/meta/main.yml b/tests/integration/targets/gcp_parameter_manager/meta/main.yml new file mode 100644 index 00000000..e69de29b diff --git a/tests/integration/targets/gcp_parameter_manager/tasks/main.yml b/tests/integration/targets/gcp_parameter_manager/tasks/main.yml new file mode 100644 index 00000000..5083cdee --- /dev/null +++ b/tests/integration/targets/gcp_parameter_manager/tasks/main.yml @@ -0,0 +1,9 @@ +--- +- name: Parameters tests + ansible.builtin.include_tasks: parameters.yml +- name: Regional Parameters tests + ansible.builtin.include_tasks: regionalparameters.yml +- name: Parameters lookup tests + ansible.builtin.include_tasks: parameterslookup.yml +- name: Regional Parameters lookup tests + ansible.builtin.include_tasks: regionalparameterslookup.yml diff --git a/tests/integration/targets/gcp_parameter_manager/tasks/parameters.yml b/tests/integration/targets/gcp_parameter_manager/tasks/parameters.yml new file mode 100644 index 00000000..eafa24f7 --- /dev/null +++ b/tests/integration/targets/gcp_parameter_manager/tasks/parameters.yml @@ -0,0 +1,343 @@ +# Copyright 2025 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +# Pre-test setup +- name: Delete the test parameter if it exists + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent +# ---------------------------------------------------------- +- name: Create a parameter + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Create a parameter with version + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-1" + version: "test_version" + value: "ansible-test-parameter-value" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Create a parameter with lables + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-2" + version: "test_version" + value: "ansible-test-parameter-value" + labels: + key1: "val1" + key2: "val2" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Create a parameter with format + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-3" + version: "test_version" + format: JSON + value: "{\"key\":\"ansible-test-parameter-value\"}" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Create a parameter with format and lables + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-4" + version: "test_version" + value: "{\"key\":\"ansible-test-parameter-value\"}" + labels: + key1: "val1" + key2: "val2" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Create a parameter that already exists + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-1" + version: "test_version" + value: "ansible-test-parameter-value" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is false + ansible.builtin.assert: + that: + - result.changed == false +# ---------------------------------------------------------- +- name: Add a new version to a parameter + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}" + version: "test_version" + value: "ansible-test-parameter-value-updated" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Add a new version to a parameter with same version name but different value + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}" + version: "test_version" + value: "ansible-test-parameter-value-new-updated" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Add a new version to a parameter with same value but different version name + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}" + version: "test_version_1" + value: "ansible-test-parameter-value-updated" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Add a version that exists to a parameter + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}" + project: "{{ gcp_project }}" + version: "test_version" + value: "ansible-test-parameter-value-new-updated" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is false + ansible.builtin.assert: + that: + - result.changed == false +# ---------------------------------------------------------- +- name: Ensure the parameter version exists + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}" + version: "test_version" + value: "ansible-test-parameter-value-new-updated" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is false + ansible.builtin.assert: + that: + - result.changed == false +# ---------------------------------------------------------- +# CLEANUP +# ---------------------------------------------------------- +- name: Delete the parameter version + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}" + version: "test_version_1" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the parameter version + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}" + version: "test_version" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the parameter + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the parameter version + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-1" + version: "test_version" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the parameter + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-1" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the parameter version with labels + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-2" + version: "test_version" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the parameter with labels + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-2" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the parameter version with format + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-3" + version: "test_version" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the parameter with format + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-3" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the parameter version with format and labels + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-4" + version: "test_version" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the parameter with format and labels + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-4" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true diff --git a/tests/integration/targets/gcp_parameter_manager/tasks/parameterslookup.yml b/tests/integration/targets/gcp_parameter_manager/tasks/parameterslookup.yml new file mode 100644 index 00000000..d352a7e9 --- /dev/null +++ b/tests/integration/targets/gcp_parameter_manager/tasks/parameterslookup.yml @@ -0,0 +1,108 @@ +# Copyright 2025 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +# Pre-test setup +- name: Delete the test parameter if it exists + google.cloud.gcp_parameter_manager: + name: "{{ lookup_resource_name }}" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent +- name: Create a parameter + google.cloud.gcp_parameter_manager: + name: "{{ lookup_resource_name }}" + version: "test_version" + value: "ansible lookup test parameter value" + labels: + key1: "val1" + key2: "val2" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present +- name: Add a new version to a parameter + google.cloud.gcp_parameter_manager: + name: "{{ lookup_resource_name }}" + version: "test_version_1" + value: "ansible lookup test parameter value updated" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present +# ---------------------------------------------------------- +- name: Retrieve the latest parameter version of a parameter + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_parameter_manager', key=lookup_resource_name, project=gcp_project, auth_kind=gcp_cred_kind, service_account_file=gcp_cred_file | default(omit)) }}" + register: result +- name: Assert parameter value + ansible.builtin.assert: + that: + - result.msg == "ansible lookup test parameter value updated" +# ---------------------------------------------------------- +- name: Retrieve the specified parameter version of a parameter + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_parameter_manager', key=lookup_resource_name, version='test_version', project=gcp_project, auth_kind=gcp_cred_kind, service_account_file=gcp_cred_file | default(omit)) }}" + register: result +- name: Assert parameter value + ansible.builtin.assert: + that: + - result.msg == "ansible lookup test parameter value" +# --------------------------------------------------------- +- name: Render the latest parameter version of a parameter + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_parameter_manager', key=lookup_resource_name, project=gcp_project, auth_kind=gcp_cred_kind, render_secret=True, service_account_file=gcp_cred_file | default(omit)) }}" + register: result +- name: Assert parameter value + ansible.builtin.assert: + that: + - result.msg == "ansible lookup test parameter value updated" +# ---------------------------------------------------------- +- name: Render the specified parameter version of a parameter + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_parameter_manager', key=lookup_resource_name, version='test_version', project=gcp_project, auth_kind=gcp_cred_kind, render_secret=True, service_account_file=gcp_cred_file | default(omit)) }}" + register: result +- name: Assert parameter value + ansible.builtin.assert: + that: + - result.msg == "ansible lookup test parameter value" +# --------------------------------------------------------- +# Post-test teardown +# If errors happen, don't crash the playbook! +- name: Delete the test parameter version + google.cloud.gcp_parameter_manager: + name: "{{ lookup_resource_name }}" + project: "{{ gcp_project }}" + version: "test_version" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + ignore_errors: true +- name: Delete the test parameter version + google.cloud.gcp_parameter_manager: + name: "{{ lookup_resource_name }}" + project: "{{ gcp_project }}" + version: "test_version_1" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + ignore_errors: true +- name: Delete the test parameter + google.cloud.gcp_parameter_manager: + name: "{{ lookup_resource_name }}" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + ignore_errors: true diff --git a/tests/integration/targets/gcp_parameter_manager/tasks/regionalparameters.yml b/tests/integration/targets/gcp_parameter_manager/tasks/regionalparameters.yml new file mode 100644 index 00000000..45066850 --- /dev/null +++ b/tests/integration/targets/gcp_parameter_manager/tasks/regionalparameters.yml @@ -0,0 +1,366 @@ +# Copyright 2025 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +# Pre-test setup +- name: Delete the test parameter if it exists + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}" + project: "{{ gcp_project }}" + location: "us-central1" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent +# ---------------------------------------------------------- +- name: Create a parameter + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}" + project: "{{ gcp_project }}" + location: "us-central1" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Create a parameter with version + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-1" + version: "test_version" + value: "ansible-test-parameter-value" + location: "us-central1" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Create a parameter with lables + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-2" + location: "us-central1" + version: "test_version" + value: "ansible-test-parameter-value" + labels: + key1: "val1" + key2: "val2" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Create a parameter with format + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-3" + location: "us-central1" + version: "test_version" + format: JSON + value: "{\"key\":\"ansible-test-parameter-value\"}" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Create a parameter with format and lables + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-4" + version: "test_version" + location: "us-central1" + value: "{\"key\":\"ansible-test-parameter-value\"}" + labels: + key1: "val1" + key2: "val2" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Create a parameter that already exists + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-1" + version: "test_version" + location: "us-central1" + value: "ansible-test-parameter-value" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is false + ansible.builtin.assert: + that: + - result.changed == false +# ---------------------------------------------------------- +- name: Add a new version to a parameter + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}" + version: "test_version" + location: "us-central1" + value: "ansible-test-parameter-value-updated" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Add a new version to a parameter with same version name but different value + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}" + version: "test_version" + location: "us-central1" + value: "ansible-test-parameter-value-new-updated" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Add a new version to a parameter with same value but different version name + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}" + location: "us-central1" + version: "test_version_1" + value: "ansible-test-parameter-value-updated" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Add a version that exists to a parameter + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}" + location: "us-central1" + project: "{{ gcp_project }}" + version: "test_version" + value: "ansible-test-parameter-value-new-updated" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is false + ansible.builtin.assert: + that: + - result.changed == false +# ---------------------------------------------------------- +- name: Ensure the parameter version exists + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}" + location: "us-central1" + version: "test_version" + value: "ansible-test-parameter-value-new-updated" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is false + ansible.builtin.assert: + that: + - result.changed == false +# ---------------------------------------------------------- +# CLEANUP +# ---------------------------------------------------------- +- name: Delete the parameter version + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}" + location: "us-central1" + version: "test_version_1" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the parameter version + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}" + location: "us-central1" + version: "test_version" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the parameter + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}" + location: "us-central1" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the parameter version + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-1" + location: "us-central1" + version: "test_version" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the parameter + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-1" + location: "us-central1" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the parameter version with labels + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-2" + location: "us-central1" + version: "test_version" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the parameter with labels + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-2" + location: "us-central1" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the parameter version with format + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-3" + location: "us-central1" + version: "test_version" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the parameter with format + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-3" + location: "us-central1" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the parameter version with format and labels + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-4" + location: "us-central1" + version: "test_version" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the parameter with format and labels + google.cloud.gcp_parameter_manager: + name: "{{ resource_name }}-4" + location: "us-central1" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true diff --git a/tests/integration/targets/gcp_parameter_manager/tasks/regionalparameterslookup.yml b/tests/integration/targets/gcp_parameter_manager/tasks/regionalparameterslookup.yml new file mode 100644 index 00000000..2cd3c745 --- /dev/null +++ b/tests/integration/targets/gcp_parameter_manager/tasks/regionalparameterslookup.yml @@ -0,0 +1,114 @@ +# Copyright 2025 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +# Pre-test setup +- name: Delete the test regional parameter if it exists + google.cloud.gcp_parameter_manager: + name: "{{ lookup_resource_name }}" + project: "{{ gcp_project }}" + location: "us-central1" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent +- name: Create a regional parameter + google.cloud.gcp_parameter_manager: + name: "{{ lookup_resource_name }}" + version: "test_version" + value: "ansible lookup test regional parameter value" + labels: + key1: "val1" + key2: "val2" + project: "{{ gcp_project }}" + location: "us-central1" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present +- name: Add a new version to a regional parameter + google.cloud.gcp_parameter_manager: + name: "{{ lookup_resource_name }}" + version: "test_version_1" + value: "ansible lookup test regional parameter value updated" + project: "{{ gcp_project }}" + location: "us-central1" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present +# ---------------------------------------------------------- +- name: Retrieve the latest regional parameter version of a regional parameter + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_parameter_manager', key=lookup_resource_name, project=gcp_project, location='us-central1', auth_kind=gcp_cred_kind, service_account_file=gcp_cred_file | default(omit)) }}" + register: result +- name: Assert regional parameter value + ansible.builtin.assert: + that: + - result.msg == "ansible lookup test regional parameter value updated" +# ---------------------------------------------------------- +- name: Retrieve the specified regional parameter version of a regional parameter + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_parameter_manager', key=lookup_resource_name, version='test_version', location='us-central1', project=gcp_project, auth_kind=gcp_cred_kind, service_account_file=gcp_cred_file | default(omit)) }}" + register: result +- name: Assert regional parameter value + ansible.builtin.assert: + that: + - result.msg == "ansible lookup test regional parameter value" +# --------------------------------------------------------- +- name: Render the latest regional parameter version of a regional parameter + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_parameter_manager', key=lookup_resource_name, project=gcp_project, location='us-central1', auth_kind=gcp_cred_kind, render_secret=True, service_account_file=gcp_cred_file | default(omit)) }}" + register: result +- name: Assert regional parameter value + ansible.builtin.assert: + that: + - result.msg == "ansible lookup test regional parameter value updated" +# ---------------------------------------------------------- +- name: Render the specified regional parameter version of a regional parameter + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_parameter_manager', key=lookup_resource_name, version='test_version', location='us-central1', project=gcp_project, auth_kind=gcp_cred_kind, render_secret=True, service_account_file=gcp_cred_file | default(omit)) }}" + register: result +- name: Assert regional parameter value + ansible.builtin.assert: + that: + - result.msg == "ansible lookup test regional parameter value" +# --------------------------------------------------------- +# Post-test teardown +# If errors happen, don't crash the playbook! +- name: Delete the test regional parameter version + google.cloud.gcp_parameter_manager: + name: "{{ lookup_resource_name }}" + version: "test_version" + project: "{{ gcp_project }}" + location: "us-central1" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + ignore_errors: true +- name: Delete the test regional parameter version + google.cloud.gcp_parameter_manager: + name: "{{ lookup_resource_name }}" + version: "test_version_1" + project: "{{ gcp_project }}" + location: "us-central1" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + ignore_errors: true +- name: Delete the test regional parameter + google.cloud.gcp_parameter_manager: + name: "{{ lookup_resource_name }}" + project: "{{ gcp_project }}" + location: "us-central1" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + ignore_errors: true From 9101671c0ed17a5210ddeef298dba9bfb7516f7e Mon Sep 17 00:00:00 2001 From: durgesh-ninave-crest Date: Tue, 13 May 2025 18:36:36 +0530 Subject: [PATCH 32/51] feat(secretmanager): added support for regional secret manager --- plugins/lookup/gcp_secret_manager.py | 38 +++- plugins/modules/gcp_secret_manager.py | 175 ++++++++++++------ .../targets/gcp_secret_manager/aliases | 1 + .../gcp_secret_manager/defaults/main.yml | 3 + .../targets/gcp_secret_manager/meta/main.yml | 0 .../targets/gcp_secret_manager/tasks/main.yml | 9 + .../tasks/regionalsecrets.yml | 146 +++++++++++++++ .../tasks/regionalsecretslookup.yml | 76 ++++++++ .../gcp_secret_manager/tasks/secrets.yml | 137 ++++++++++++++ .../tasks/secretslookup.yml | 72 +++++++ 10 files changed, 595 insertions(+), 62 deletions(-) create mode 100644 tests/integration/targets/gcp_secret_manager/aliases create mode 100644 tests/integration/targets/gcp_secret_manager/defaults/main.yml create mode 100644 tests/integration/targets/gcp_secret_manager/meta/main.yml create mode 100644 tests/integration/targets/gcp_secret_manager/tasks/main.yml create mode 100644 tests/integration/targets/gcp_secret_manager/tasks/regionalsecrets.yml create mode 100644 tests/integration/targets/gcp_secret_manager/tasks/regionalsecretslookup.yml create mode 100644 tests/integration/targets/gcp_secret_manager/tasks/secrets.yml create mode 100644 tests/integration/targets/gcp_secret_manager/tasks/secretslookup.yml diff --git a/plugins/lookup/gcp_secret_manager.py b/plugins/lookup/gcp_secret_manager.py index 14824a92..19114faf 100644 --- a/plugins/lookup/gcp_secret_manager.py +++ b/plugins/lookup/gcp_secret_manager.py @@ -5,8 +5,9 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type DOCUMENTATION = ''' + author: + - Dave Costakos name: gcp_secret_manager - author: Dave Costakos (@davecostakos) short_description: Get Secrets from Google Cloud as a Lookup plugin description: - retrieve secret keys in Secret Manager for use in playbooks @@ -14,6 +15,8 @@ DOCUMENTATION = ''' credentials for Google Cloud and the format of such credentials - once a secret value is retreived, it is returned decoded. It is up to the developer to maintain secrecy of this value once returned. + - if location option is defined, then it deals with the regional secrets of the + location options: key: @@ -30,6 +33,10 @@ DOCUMENTATION = ''' - The name of the google cloud project - defaults to OS env variable GCP_PROJECT if not present type: str + location: + description: + - If provided, it defines the location of the regional secret. + type: str auth_kind: description: - the type of authentication to use with Google Cloud (i.e. serviceaccount or machineaccount) @@ -58,7 +65,7 @@ DOCUMENTATION = ''' description: - JSON Object representing the contents of a service_account_file obtained from Google Cloud - defaults to OS env variable GCP_SERVICE_ACCOUNT_INFO if not present - type: str + type: jsonarg required: False access_token: description: @@ -83,7 +90,6 @@ DOCUMENTATION = ''' description: - Authenticaiton scopes for Google Secret Manager type: list - elements: str default: ["https://www.googleapis.com/auth/cloud-platform"] ''' @@ -103,6 +109,22 @@ EXAMPLES = ''' - name: Test getting specific version of a secret (new version) ansible.builtin.debug: msg: "{{ lookup('google.cloud.gcp_secret_manager', key='secret_key', version='2') }}" + +- name: Test regional secret using env variables for credentials + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_secret_manager', key='secret_key', location='us-central1') }}" + +- name: Test regional secret using explicit credentials + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_secret_manager', key='secret_key', location='us-central1', project='project', auth_kind='serviceaccount', service_account_file='file.json') }}" + +- name: Test getting specific version of a regional secret (old version) + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_secret_manager', key='secret_key', location='us-central1', version='1') }}" + +- name: Test getting specific version of a regional secret (new version) + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_secret_manager', key='secret_key', location='us-central1', version='2') }}" ''' RETURN = ''' @@ -168,6 +190,7 @@ class LookupModule(LookupBase): self.set_options(var_options=variables, direct=kwargs) params = { "key": self.get_option("key"), + "location": self.get_option("location"), "version": self.get_option("version"), "access_token": self.get_option("access_token"), "scopes": self.get_option("scopes"), @@ -199,7 +222,7 @@ class LookupModule(LookupBase): # to be set if secret versions get disabled # see https://issuetracker.google.com/issues/286489671 def get_latest_version(self, module, auth): - url = "https://secretmanager.googleapis.com/v1/projects/{project}/secrets/{name}/versions?filter=state:ENABLED".format( + url = (self.make_url_prefix(module) + "secrets/{name}/versions?filter=state:ENABLED").format( **module.params ) response = auth.get(url) @@ -234,7 +257,7 @@ class LookupModule(LookupBase): if module.params['calc_version'] is None: return '' - url = "https://secretmanager.googleapis.com/v1/projects/{project}/secrets/{name}/versions/{calc_version}:access".format( + url = (self.make_url_prefix(module) + "secrets/{name}/versions/{calc_version}:access").format( **module.params ) response = auth.get(url) @@ -244,3 +267,8 @@ class LookupModule(LookupBase): return '' return response.json()['payload']['data'] + + def make_url_prefix(self, module): + if module.params['location']: + return "https://secretmanager.{location}.rep.googleapis.com/v1/projects/{project}/locations/{location}/" + return "https://secretmanager.googleapis.com/v1/projects/{project}/" diff --git a/plugins/modules/gcp_secret_manager.py b/plugins/modules/gcp_secret_manager.py index a1e325e4..a6d150b0 100644 --- a/plugins/modules/gcp_secret_manager.py +++ b/plugins/modules/gcp_secret_manager.py @@ -24,8 +24,9 @@ description: - Create new secret values. - Add/remove versions of secrets. - Please note that other features like etags, replication, annontation expected to be managed outside of Ansible. +- Deals with regional secrets if location option is defined. short_description: Access and Update Google Cloud Secrets Manager objects -author: Dave Costakos (@davecostakos) +author: Dave Costakos @RedHat requirements: - python >= 2.6 - requests >= 2.18.4 @@ -44,7 +45,6 @@ options: - application - machineaccount - serviceaccount - - accesstoken service_account_contents: description: - The contents of a Service Account JSON file, either in a dictionary or as a @@ -59,21 +59,11 @@ options: - An optional service account email address if machineaccount is selected and the user does not wish to use the default email. type: str - access_token: - description: - - An OAuth2 access token if credential type is accesstoken. - type: str scopes: description: - Array of scopes to be used type: list elements: str - env_type: - description: - - Specifies which Ansible environment you're running this module within. - - This should not be set unless you know what you're doing. - - This only alters the User Agent string for any API requests. - type: str name: description: - Name of the secret to be used @@ -83,6 +73,10 @@ options: - key - secret - secret_id + location: + description: + - If provided, it defines the location of the regional secret. + type: str value: description: - The secret value that the secret should have @@ -116,7 +110,6 @@ options: - only used in creation - Note that the "value" piece of a label must contain only readable chars type: dict - default: {} notes: - 'API Reference: U(https://cloud.google.com/secret-manager/docs/reference/rests)' - 'Official Documentation: U(https://cloud.google.com/secret-manager/docs/overview)' @@ -176,6 +169,57 @@ EXAMPLES = r''' value: super_secret labels: key_name: "ansible_rox" + +- name: Create a new regional secret + google.cloud.gcp_secret_manager: + name: secret_key + location: us-central1 + value: super_secret + state: present + auth_kind: serviceaccount + service_account_file: service_account_creds.json + +- name: Ensure the regional secret exists, fail otherwise and return the value + google.cloud.gcp_secret_manager: + name: secret_key + location: us-central1 + state: present + +- name: Ensure regional secret exists but don't return the value + google.cloud.gcp_secret_manager: + name: secret_key + location: us-central1 + state: present + return_value: false + +- name: Add a new version of a regional secret + google.cloud.gcp_secret_manager: + name: secret_key + location: us-central1 + value: updated super secret + state: present + +- name: Delete version 1 of a regional secret (but not the secret itself) + google.cloud.gcp_secret_manager: + name: secret_key + location: us-central1 + version: 1 + state: absent + +- name: Delete all versions of a regional secret + google.cloud.gcp_secret_manager: + name: secret_key + location: us-central1 + version: all + state: absent + +- name: Create a regional secret with labels + google.cloud.gcp_secret_manager: + name: secret_key + location: us-central1 + value: super_secret + labels: + key_name: "ansible_rox" ''' RETURN = r''' @@ -183,42 +227,46 @@ resources: description: List of resources returned: always type: complex - contains: - name: - description: - - The name of the secret - returned: success - type: str - version: - description: - - the version number of the secret returned - returned: success - type: str - url: - description: - - the Google Cloud URL used to make the request - returned: success - type: str - status_code: - description: - - the HTTP status code of the response to Google Cloud - returned: success - type: str - msg: - description: - - A message indicating what was done (or not done) - returned: success, failure - type: str - value: - description: - - The decrypted secret value, please use care with this - returned: success - type: str - payload: - description: - - The base 64 secret payload including CRC for validation - returned: success - type: dict + name: + description: + - The name of the secret + returned: success + type: str + location: + description: + - The location of the regional secret. + returned: success + type: str + version: + description: + - the version number of the secret returned + returned: success + type: str + url: + description: + - the Google Cloud URL used to make the request + returned: success + type: str + status_code: + description: + - the HTTP status code of the response to Google Cloud + returned: success + type: str + msg: + description: + - A message indicating what was done (or not done) + returned: success, failure + type: str + value: + description: + - The decrypted secret value, please use care with this + returned: success + type: str + payload: + description: + - The base 64 secret payload including CRC for validation + retunred: success + type: dict ''' ################################################################################ @@ -241,24 +289,30 @@ def get_auth(module): return GcpSession(module, 'secret-manager') +def make_url_prefix(module): + if module.params['location']: + return "https://secretmanager.{location}.rep.googleapis.com/v1/projects/{project}/locations/{location}/" + return "https://secretmanager.googleapis.com/v1/projects/{project}/" + + def self_access_link(module): - return "https://secretmanager.googleapis.com/v1/projects/{project}/secrets/{name}/versions/{calc_version}:access".format(**module.params) + return (make_url_prefix(module) + "secrets/{name}/versions/{calc_version}:access").format(**module.params) def self_get_link(module): - return "https://secretmanager.googleapis.com/v1/projects/{project}/secrets/{name}/versions/{calc_version}".format(**module.params) + return (make_url_prefix(module) + "secrets/{name}/versions/{calc_version}").format(**module.params) def self_update_link(module): - return "https://secretmanager.googleapis.com/v1/projects/{project}/secrets/{name}/versions/{calc_version:version}".format(**module.params) + return (make_url_prefix(module) + "secrets/{name}/versions/{calc_version:version}").format(**module.params) def self_list_link(module): - return "https://secretmanager.googleapis.com/v1/projects/{project}/secrets/{name}/versions?filter=state:ENABLED".format(**module.params) + return (make_url_prefix(module) + "secrets/{name}/versions?filter=state:ENABLED").format(**module.params) def self_delete_link(module): - return "https://secretmanager.googleapis.com/v1/projects/{project}/secrets/{name}".format(**module.params) + return (make_url_prefix(module) + "secrets/{name}").format(**module.params) def fetch_resource(module, allow_not_found=True): @@ -307,10 +361,12 @@ def merge_dicts(x, y): def create_secret(module): # build the payload payload = {"replication": {"automatic": {}}} + if module.params['location']: + payload = dict() if module.params['labels']: payload['labels'] = module.params['labels'] - url = "https://secretmanager.googleapis.com/v1/projects/{project}/secrets".format(**module.params) + url = (make_url_prefix(module) + "secrets").format(**module.params) auth = get_auth(module) post_response = auth.post(url, body=payload, params={'secretId': module.params['name']}) # validate create @@ -327,7 +383,7 @@ def update_secret(module): } } auth = get_auth(module) - url = "https://secretmanager.googleapis.com/v1/projects/{project}/secrets/{name}:addVersion".format(**module.params) + url = (make_url_prefix(module) + "secrets/{name}:addVersion").format(**module.params) return return_if_object(module, auth.post(url, payload), False) @@ -376,7 +432,11 @@ def return_if_object(module, response, allow_not_found=False): result['status_code'] = response.status_code if "name" in result: result['version'] = result['name'].split("/")[-1] - result['name'] = result['name'].split("/")[3] + if 'locations' in result['name'].split("/"): + result['location'] = result['name'].split("/")[3] + result['name'] = result['name'].split("/")[5] + else: + result['name'] = result['name'].split("/")[3] # base64 decode the value if "payload" in result and "data" in result['payload']: @@ -401,6 +461,7 @@ def main(): argument_spec=dict( state=dict(default='present', choices=['present', 'absent'], type='str'), name=dict(required=True, type='str', aliases=['key', 'secret', 'secret_id']), + location=dict(required=False, type='str'), value=dict(required=False, type='str'), version=dict(required=False, type='str', default='latest'), return_value=dict(required=False, type='bool', default=True), diff --git a/tests/integration/targets/gcp_secret_manager/aliases b/tests/integration/targets/gcp_secret_manager/aliases new file mode 100644 index 00000000..0e4419e3 --- /dev/null +++ b/tests/integration/targets/gcp_secret_manager/aliases @@ -0,0 +1 @@ +cloud/gcp \ No newline at end of file diff --git a/tests/integration/targets/gcp_secret_manager/defaults/main.yml b/tests/integration/targets/gcp_secret_manager/defaults/main.yml new file mode 100644 index 00000000..61fa8b04 --- /dev/null +++ b/tests/integration/targets/gcp_secret_manager/defaults/main.yml @@ -0,0 +1,3 @@ +--- +resource_name: "{{ resource_prefix }}" +lookup_resource_name: "{{ resource_prefix }}_lookup" diff --git a/tests/integration/targets/gcp_secret_manager/meta/main.yml b/tests/integration/targets/gcp_secret_manager/meta/main.yml new file mode 100644 index 00000000..e69de29b diff --git a/tests/integration/targets/gcp_secret_manager/tasks/main.yml b/tests/integration/targets/gcp_secret_manager/tasks/main.yml new file mode 100644 index 00000000..37aace00 --- /dev/null +++ b/tests/integration/targets/gcp_secret_manager/tasks/main.yml @@ -0,0 +1,9 @@ +--- +- name: Secrets tests + ansible.builtin.include_tasks: secrets.yml +- name: Secrets lookup tests + ansible.builtin.include_tasks: secretslookup.yml +- name: Regional Secrets tests + ansible.builtin.include_tasks: regionalsecrets.yml +- name: Regional Secrets lookup tests + ansible.builtin.include_tasks: regionalsecretslookup.yml diff --git a/tests/integration/targets/gcp_secret_manager/tasks/regionalsecrets.yml b/tests/integration/targets/gcp_secret_manager/tasks/regionalsecrets.yml new file mode 100644 index 00000000..02abbe35 --- /dev/null +++ b/tests/integration/targets/gcp_secret_manager/tasks/regionalsecrets.yml @@ -0,0 +1,146 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +# Pre-test setup +- name: Delete the regional test secret if it exists + google.cloud.gcp_secret_manager: + name: "{{ resource_name }}" + version: "all" + location: "us-central1" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent +# ---------------------------------------------------------- +- name: Create a regional secret + google.cloud.gcp_secret_manager: + name: "{{ resource_name }}" + location: "us-central1" + value: "ansible-test-regional-secret-value" + labels: + key1: "val1" + key2: "val2" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Create a regional secret that already exists + google.cloud.gcp_secret_manager: + name: "{{ resource_name }}" + location: "us-central1" + value: "ansible-test-regional-secret-value" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is false + ansible.builtin.assert: + that: + - result.changed == false +# ---------------------------------------------------------- +- name: Add a new version to a regional secret + google.cloud.gcp_secret_manager: + name: "{{ resource_name }}" + location: "us-central1" + value: "ansible-test-regional-secret-value-updated" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Add a version that exists to a regional secret + google.cloud.gcp_secret_manager: + name: "{{ resource_name }}" + location: "us-central1" + value: "ansible-test-regional-secret-value-updated" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is false + ansible.builtin.assert: + that: + - result.changed == false +# ---------------------------------------------------------- +- name: Ensure the regional secret exists + google.cloud.gcp_secret_manager: + name: "{{ resource_name }}" + location: "us-central1" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is false + ansible.builtin.assert: + that: + - result.changed == false +# ---------------------------------------------------------- +- name: Delete the regional secret version + google.cloud.gcp_secret_manager: + name: "{{ resource_name }}" + location: "us-central1" + version: "1" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the regional secret + google.cloud.gcp_secret_manager: + name: "{{ resource_name }}" + location: "us-central1" + version: "all" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the regional secret that does not exist + google.cloud.gcp_secret_manager: + name: "{{ resource_name }}" + location: "us-central1" + version: "all" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is false + ansible.builtin.assert: + that: + - result.changed == false diff --git a/tests/integration/targets/gcp_secret_manager/tasks/regionalsecretslookup.yml b/tests/integration/targets/gcp_secret_manager/tasks/regionalsecretslookup.yml new file mode 100644 index 00000000..1a9c3a52 --- /dev/null +++ b/tests/integration/targets/gcp_secret_manager/tasks/regionalsecretslookup.yml @@ -0,0 +1,76 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +# Pre-test setup +- name: Delete the regional test secret if it exists + google.cloud.gcp_secret_manager: + name: "{{ lookup_resource_name }}" + version: "all" + location: "us-central1" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent +- name: Create a regional secret + google.cloud.gcp_secret_manager: + name: "{{ lookup_resource_name }}" + location: "us-central1" + value: "ansible lookup test regional secret value" + labels: + key1: "val1" + key2: "val2" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present +- name: Add a new version to a regional secret + google.cloud.gcp_secret_manager: + name: "{{ lookup_resource_name }}" + location: "us-central1" + value: "ansible lookup test regional secret value updated" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present +# ---------------------------------------------------------- +- name: Retrieve the latest secret version of a regional secret + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_secret_manager', key=lookup_resource_name, location='us-central1', project=gcp_project, auth_kind=gcp_cred_kind, service_account_file=gcp_cred_file | default(omit)) }}" + register: result +- name: Assert secret value + ansible.builtin.assert: + that: + - result.msg == "ansible lookup test regional secret value updated" +# ---------------------------------------------------------- +- name: Retrieve the specified secret version of a regional secret + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_secret_manager', key=lookup_resource_name, location='us-central1', version='1', project=gcp_project, auth_kind=gcp_cred_kind, service_account_file=gcp_cred_file | default(omit)) }}" + register: result +- name: Assert secret value + ansible.builtin.assert: + that: + - result.msg == "ansible lookup test regional secret value" +# --------------------------------------------------------- +# Post-test teardown +# If errors happen, don't crash the playbook! +- name: Delete the regional test secret + google.cloud.gcp_secret_manager: + name: "{{ lookup_resource_name }}" + location: "us-central1" + version: "all" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + ignore_errors: true diff --git a/tests/integration/targets/gcp_secret_manager/tasks/secrets.yml b/tests/integration/targets/gcp_secret_manager/tasks/secrets.yml new file mode 100644 index 00000000..16d656db --- /dev/null +++ b/tests/integration/targets/gcp_secret_manager/tasks/secrets.yml @@ -0,0 +1,137 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +# Pre-test setup +- name: Delete the test secret if it exists + google.cloud.gcp_secret_manager: + name: "{{ resource_name }}" + version: "all" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent +# ---------------------------------------------------------- +- name: Create a secret + google.cloud.gcp_secret_manager: + name: "{{ resource_name }}" + value: "ansible-test-secret-value" + labels: + key1: "val1" + key2: "val2" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Create a secret that already exists + google.cloud.gcp_secret_manager: + name: "{{ resource_name }}" + value: "ansible-test-secret-value" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is false + ansible.builtin.assert: + that: + - result.changed == false +# ---------------------------------------------------------- +- name: Add a new version to a secret + google.cloud.gcp_secret_manager: + name: "{{ resource_name }}" + value: "ansible-test-secret-value-updated" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Add a version that exists to a secret + google.cloud.gcp_secret_manager: + name: "{{ resource_name }}" + value: "ansible-test-secret-value-updated" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is false + ansible.builtin.assert: + that: + - result.changed == false +# ---------------------------------------------------------- +- name: Ensure the secret exists + google.cloud.gcp_secret_manager: + name: "{{ resource_name }}" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: result +- name: Assert changed is false + ansible.builtin.assert: + that: + - result.changed == false +# ---------------------------------------------------------- +- name: Delete the secret version + google.cloud.gcp_secret_manager: + name: "{{ resource_name }}" + version: "1" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the secret + google.cloud.gcp_secret_manager: + name: "{{ resource_name }}" + version: "all" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is true + ansible.builtin.assert: + that: + - result.changed == true +# ---------------------------------------------------------- +- name: Delete the secret that does not exist + google.cloud.gcp_secret_manager: + name: "{{ resource_name }}" + version: "all" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + register: result +- name: Assert changed is false + ansible.builtin.assert: + that: + - result.changed == false diff --git a/tests/integration/targets/gcp_secret_manager/tasks/secretslookup.yml b/tests/integration/targets/gcp_secret_manager/tasks/secretslookup.yml new file mode 100644 index 00000000..2ba9c2f3 --- /dev/null +++ b/tests/integration/targets/gcp_secret_manager/tasks/secretslookup.yml @@ -0,0 +1,72 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +# Pre-test setup +- name: Delete the test secret if it exists + google.cloud.gcp_secret_manager: + name: "{{ lookup_resource_name }}" + version: "all" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent +- name: Create a secret + google.cloud.gcp_secret_manager: + name: "{{ lookup_resource_name }}" + value: "ansible lookup test secret value" + labels: + key1: "val1" + key2: "val2" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present +- name: Add a new version to a secret + google.cloud.gcp_secret_manager: + name: "{{ lookup_resource_name }}" + value: "ansible lookup test secret value updated" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present +# ---------------------------------------------------------- +- name: Retrieve the latest secret version of a secret + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_secret_manager', key=lookup_resource_name, project=gcp_project, auth_kind=gcp_cred_kind, service_account_file=gcp_cred_file | default(omit)) }}" + register: result +- name: Assert secret value + ansible.builtin.assert: + that: + - result.msg == "ansible lookup test secret value updated" +# ---------------------------------------------------------- +- name: Retrieve the specified secret version of a secret + ansible.builtin.debug: + msg: "{{ lookup('google.cloud.gcp_secret_manager', key=lookup_resource_name, version='1', project=gcp_project, auth_kind=gcp_cred_kind, service_account_file=gcp_cred_file | default(omit)) }}" + register: result +- name: Assert secret value + ansible.builtin.assert: + that: + - result.msg == "ansible lookup test secret value" +# --------------------------------------------------------- +# Post-test teardown +# If errors happen, don't crash the playbook! +- name: Delete the test secret + google.cloud.gcp_secret_manager: + name: "{{ lookup_resource_name }}" + version: "all" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + ignore_errors: true From 695fd4b35544aa8877100d80721fe57d58ffa5f3 Mon Sep 17 00:00:00 2001 From: durgesh-ninave-crest Date: Mon, 19 May 2025 18:15:57 +0530 Subject: [PATCH 33/51] update documentation of module and lookup --- plugins/lookup/gcp_secret_manager.py | 3 ++- plugins/modules/gcp_secret_manager.py | 11 +++++++++++ 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/plugins/lookup/gcp_secret_manager.py b/plugins/lookup/gcp_secret_manager.py index 19114faf..754f4af0 100644 --- a/plugins/lookup/gcp_secret_manager.py +++ b/plugins/lookup/gcp_secret_manager.py @@ -65,7 +65,7 @@ DOCUMENTATION = ''' description: - JSON Object representing the contents of a service_account_file obtained from Google Cloud - defaults to OS env variable GCP_SERVICE_ACCOUNT_INFO if not present - type: jsonarg + type: str required: False access_token: description: @@ -90,6 +90,7 @@ DOCUMENTATION = ''' description: - Authenticaiton scopes for Google Secret Manager type: list + elements: str default: ["https://www.googleapis.com/auth/cloud-platform"] ''' diff --git a/plugins/modules/gcp_secret_manager.py b/plugins/modules/gcp_secret_manager.py index a6d150b0..6883d703 100644 --- a/plugins/modules/gcp_secret_manager.py +++ b/plugins/modules/gcp_secret_manager.py @@ -45,6 +45,7 @@ options: - application - machineaccount - serviceaccount + - accesstoken service_account_contents: description: - The contents of a Service Account JSON file, either in a dictionary or as a @@ -59,11 +60,21 @@ options: - An optional service account email address if machineaccount is selected and the user does not wish to use the default email. type: str + access_token: + description: + - An OAuth2 access token if credential type is accesstoken. + type: str scopes: description: - Array of scopes to be used type: list elements: str + env_type: + description: + - Specifies which Ansible environment you're running this module within. + - This should not be set unless you know what you're doing. + - This only alters the User Agent string for any API requests. + type: str name: description: - Name of the secret to be used From 0871f8f0c4d1f42346c67ee7e1b10b4b2380f700 Mon Sep 17 00:00:00 2001 From: durgesh-ninave-crest Date: Mon, 19 May 2025 18:23:46 +0530 Subject: [PATCH 34/51] fix typo in integration tests --- .../targets/gcp_parameter_manager/tasks/parameters.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/integration/targets/gcp_parameter_manager/tasks/parameters.yml b/tests/integration/targets/gcp_parameter_manager/tasks/parameters.yml index eafa24f7..38f7c13f 100644 --- a/tests/integration/targets/gcp_parameter_manager/tasks/parameters.yml +++ b/tests/integration/targets/gcp_parameter_manager/tasks/parameters.yml @@ -49,7 +49,7 @@ that: - result.changed == true # ---------------------------------------------------------- -- name: Create a parameter with lables +- name: Create a parameter with labels google.cloud.gcp_parameter_manager: name: "{{ resource_name }}-2" version: "test_version" @@ -83,7 +83,7 @@ that: - result.changed == true # ---------------------------------------------------------- -- name: Create a parameter with format and lables +- name: Create a parameter with format and labels google.cloud.gcp_parameter_manager: name: "{{ resource_name }}-4" version: "test_version" From 6ee6b698efe9a89b104ce9c40bb06baba692df02 Mon Sep 17 00:00:00 2001 From: Jorge Gallegos Date: Tue, 20 May 2025 12:56:35 -0700 Subject: [PATCH 35/51] Add `discard_local_ssd` flag to compute instance If you have an instance with a Local (scratch) SSD attached you need to specify the behavior for this when changing the status to TERMINATED i.e. stopping the instance. Without setting this flag you'll get an error back from the API. --- plugins/modules/gcp_compute_instance.py | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/plugins/modules/gcp_compute_instance.py b/plugins/modules/gcp_compute_instance.py index 3c30338e..b71cda0b 100644 --- a/plugins/modules/gcp_compute_instance.py +++ b/plugins/modules/gcp_compute_instance.py @@ -61,6 +61,12 @@ options: - Whether the resource should be protected against deletion. required: false type: bool + discard_local_ssd: + description: + - Discards the contents of any attached Local SSD disks when changing status + to TERMINATED. Defaults to true. + required: false + type: bool disks: description: - An array of disks that are associated with the instances that are created from @@ -1112,6 +1118,7 @@ def main(): state=dict(default='present', choices=['present', 'absent'], type='str'), can_ip_forward=dict(type='bool', aliases=['ip_forward']), deletion_protection=dict(type='bool'), + discard_local_ssd=dict(type='bool', required=False, default=True), disks=dict( type='list', elements='dict', @@ -1506,7 +1513,7 @@ class InstancePower(object): return "https://www.googleapis.com/compute/v1/projects/{project}/zones/{zone}/instances/{name}/start".format(**self.module.params) def _stop_url(self): - return "https://www.googleapis.com/compute/v1/projects/{project}/zones/{zone}/instances/{name}/stop".format(**self.module.params) + return "https://www.googleapis.com/compute/v1/projects/{project}/zones/{zone}/instances/{name}/stop?discardLocalSsd={discard_local_ssd}".format(**self.module.params) def deletion_protection_update(module, request, response): From 41f6d227807ca48f827ee68ad0f48f685b2fc728 Mon Sep 17 00:00:00 2001 From: Jorge Gallegos Date: Wed, 28 May 2025 12:44:46 -0700 Subject: [PATCH 36/51] Sanity fixes --- plugins/modules/gcp_compute_instance.py | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/plugins/modules/gcp_compute_instance.py b/plugins/modules/gcp_compute_instance.py index b71cda0b..a0923948 100644 --- a/plugins/modules/gcp_compute_instance.py +++ b/plugins/modules/gcp_compute_instance.py @@ -64,7 +64,8 @@ options: discard_local_ssd: description: - Discards the contents of any attached Local SSD disks when changing status - to TERMINATED. Defaults to true. + to TERMINATED. + default: True required: false type: bool disks: @@ -1513,7 +1514,9 @@ class InstancePower(object): return "https://www.googleapis.com/compute/v1/projects/{project}/zones/{zone}/instances/{name}/start".format(**self.module.params) def _stop_url(self): - return "https://www.googleapis.com/compute/v1/projects/{project}/zones/{zone}/instances/{name}/stop?discardLocalSsd={discard_local_ssd}".format(**self.module.params) + return "https://www.googleapis.com/compute/v1/projects/{project}/zones/{zone}/instances/{name}/stop?discardLocalSsd={discard_local_ssd}".format( + **self.module.params + ) def deletion_protection_update(module, request, response): From ac08c81321a8957d4f31d846269123ab40233278 Mon Sep 17 00:00:00 2001 From: durgesh-ninave-crest Date: Thu, 5 Jun 2025 12:00:49 +0530 Subject: [PATCH 37/51] fix sanity test issues --- plugins/lookup/gcp_secret_manager.py | 6 +- plugins/modules/gcp_secret_manager.py | 89 ++++++++++++++------------- 2 files changed, 49 insertions(+), 46 deletions(-) diff --git a/plugins/lookup/gcp_secret_manager.py b/plugins/lookup/gcp_secret_manager.py index 754f4af0..f8125d05 100644 --- a/plugins/lookup/gcp_secret_manager.py +++ b/plugins/lookup/gcp_secret_manager.py @@ -5,8 +5,7 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type DOCUMENTATION = ''' - author: - - Dave Costakos + author: Google Inc. (@googlecloudplatform) name: gcp_secret_manager short_description: Get Secrets from Google Cloud as a Lookup plugin description: @@ -117,7 +116,8 @@ EXAMPLES = ''' - name: Test regional secret using explicit credentials ansible.builtin.debug: - msg: "{{ lookup('google.cloud.gcp_secret_manager', key='secret_key', location='us-central1', project='project', auth_kind='serviceaccount', service_account_file='file.json') }}" + msg: "{{ lookup('google.cloud.gcp_secret_manager', key='secret_key', location='us-central1', project='project', auth_kind='serviceaccount', + service_account_file='file.json') }}" - name: Test getting specific version of a regional secret (old version) ansible.builtin.debug: diff --git a/plugins/modules/gcp_secret_manager.py b/plugins/modules/gcp_secret_manager.py index 6883d703..bff1d07d 100644 --- a/plugins/modules/gcp_secret_manager.py +++ b/plugins/modules/gcp_secret_manager.py @@ -1,4 +1,5 @@ #!/usr/bin/python +# -*- coding: utf-8 -*- # GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt # or https://www.gnu.org/licenses/gpl-3.0.txt) @@ -26,7 +27,7 @@ description: - Please note that other features like etags, replication, annontation expected to be managed outside of Ansible. - Deals with regional secrets if location option is defined. short_description: Access and Update Google Cloud Secrets Manager objects -author: Dave Costakos @RedHat +author: Google Inc. (@googlecloudplatform) requirements: - python >= 2.6 - requests >= 2.18.4 @@ -121,6 +122,7 @@ options: - only used in creation - Note that the "value" piece of a label must contain only readable chars type: dict + default: {} notes: - 'API Reference: U(https://cloud.google.com/secret-manager/docs/reference/rests)' - 'Official Documentation: U(https://cloud.google.com/secret-manager/docs/overview)' @@ -136,7 +138,7 @@ notes: - The I(service_account_email) and I(service_account_file) options are mutually exclusive. ''' -EXAMPLES = r''' +EXAMPLES = ''' - name: Create a new secret google.cloud.gcp_secret_manager: name: secret_key @@ -233,51 +235,52 @@ EXAMPLES = r''' key_name: "ansible_rox" ''' -RETURN = r''' +RETURN = ''' resources: description: List of resources returned: always type: complex - name: - description: - - The name of the secret - returned: success - type: str - location: - description: - - The location of the regional secret. - returned: success - type: str - version: - description: - - the version number of the secret returned - returned: success - type: str - url: - description: - - the Google Cloud URL used to make the request - returned: success - type: str - status_code: - description: - - the HTTP status code of the response to Google Cloud - returned: success - type: str - msg: - description: - - A message indicating what was done (or not done) - returned: success, failure - type: str - value: - description: - - The decrypted secret value, please use care with this - returned: success - type: str - payload: - description: - - The base 64 secret payload including CRC for validation - retunred: success - type: dict + contains: + name: + description: + - The name of the secret + returned: success + type: str + location: + description: + - The location of the regional secret. + returned: success + type: str + version: + description: + - The version number of the secret returned + returned: success + type: str + url: + description: + - The Google Cloud URL used to make the request + returned: success + type: str + status_code: + description: + - The HTTP status code of the response to Google Cloud + returned: success + type: str + msg: + description: + - A message indicating what was done (or not done) + returned: success, failure + type: str + value: + description: + - The decrypted secret value, please use care with this + returned: success + type: str + payload: + description: + - The base 64 secret payload including CRC for validation + returned: success + type: dict ''' ################################################################################ From ccdc27f22a1d9857cf603e77be91306c273bc97a Mon Sep 17 00:00:00 2001 From: durgesh-ninave-crest Date: Thu, 5 Jun 2025 17:27:52 +0530 Subject: [PATCH 38/51] fix sanity test issue --- plugins/lookup/gcp_parameter_manager.py | 23 +++++----- plugins/modules/gcp_parameter_manager.py | 54 ++++++++++++------------ 2 files changed, 41 insertions(+), 36 deletions(-) diff --git a/plugins/lookup/gcp_parameter_manager.py b/plugins/lookup/gcp_parameter_manager.py index ee286cb6..43cae101 100644 --- a/plugins/lookup/gcp_parameter_manager.py +++ b/plugins/lookup/gcp_parameter_manager.py @@ -5,9 +5,9 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type DOCUMENTATION = ''' - author: - - name: gcp_parameter_manager + author: Google Inc. (@googlecloudplatform) + short_description: Get Parameters from Google Cloud as a Lookup plugin description: - retrieve parameter keys in parameter Manager for use in playbooks @@ -69,7 +69,7 @@ DOCUMENTATION = ''' description: - JSON Object representing the contents of a service_account_file obtained from Google Cloud - defaults to OS env variable GCP_SERVICE_ACCOUNT_INFO if not present - type: jsonarg + type: dict required: False access_token: description: @@ -94,6 +94,7 @@ DOCUMENTATION = ''' description: - Authenticaiton scopes for Google parameter Manager type: list + elements: str default: ["https://www.googleapis.com/auth/cloud-platform"] ''' @@ -105,13 +106,14 @@ EXAMPLES = ''' - name: Test parameter using explicit credentials ansible.builtin.debug: - msg: "{{ lookup('google.cloud.gcp_parameter_manager', key='parameter_key', version='test_version', project='project', auth_kind='serviceaccount', service_account_file='file.json') }}" + msg: "{{ lookup('google.cloud.gcp_parameter_manager', key='parameter_key', version='test_version', project='project', auth_kind='serviceaccount', + service_account_file='file.json') }}" -- name: Test getting specific version of a parameter +- name: Test getting specific version of a parameter ansible.builtin.debug: msg: "{{ lookup('google.cloud.gcp_parameter_manager', key='parameter_key', version='test-version') }}" -- name: Test getting latest version of a parameter +- name: Test getting latest version of a parameter ansible.builtin.debug: msg: "{{ lookup('google.cloud.gcp_parameter_manager', key='parameter_key') }}" @@ -129,7 +131,8 @@ EXAMPLES = ''' - name: Test regional parameter using explicit credentials ansible.builtin.debug: - msg: "{{ lookup('google.cloud.gcp_parameter_manager', key='parameter_key', location='us-central1', version='test_version', project='project', auth_kind='serviceaccount', service_account_file='file.json') }}" + msg: "{{ lookup('google.cloud.gcp_parameter_manager', key='parameter_key', location='us-central1', version='test_version', project='project', + auth_kind='serviceaccount', service_account_file='file.json') }}" - name: Test getting specific version of a regional parameter ansible.builtin.debug: @@ -247,7 +250,7 @@ class LookupModule(LookupBase): self._display.warning(msg) return None - + def get_latest_version(self, module, auth): url = (self.make_url_prefix(module) + "parameters/{name}/versions?orderBy=create_time desc&filter=disabled=false").format( **module.params @@ -279,7 +282,7 @@ class LookupModule(LookupBase): # there was an error listing parameter versions if module.params.get('version') is None: return '' - + if module.params.get('render_secret') is not None: url = (self.make_url_prefix(module) + "parameters/{name}/versions/{version}:render").format( **module.params @@ -293,7 +296,7 @@ class LookupModule(LookupBase): if response.status_code != 200: self.raise_error(module, f"Failed to lookup parameter value via {response.request.url} {response.status_code}") return '' - + response_json = response.json() if module.params.get('render_secret') is not None: if 'renderedPayload' not in response_json: diff --git a/plugins/modules/gcp_parameter_manager.py b/plugins/modules/gcp_parameter_manager.py index c54cd3cf..fbc07ae2 100644 --- a/plugins/modules/gcp_parameter_manager.py +++ b/plugins/modules/gcp_parameter_manager.py @@ -1,4 +1,5 @@ #!/usr/bin/python +# -*- coding: utf-8 -*- # GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt # or https://www.gnu.org/licenses/gpl-3.0.txt) @@ -27,7 +28,7 @@ description: - Add/Remove parameter version. - Remove parameter. short_description: Access and Update Google Cloud Parameter Manager objects -author: +author: Google Inc. (@googlecloudplatform) requirements: - python >= 3.7 - requests >= 2.32.3 @@ -35,7 +36,7 @@ requirements: options: project: description: - - The Google Cloud Platform project to use. Defaults to OS env variable + - The Google Cloud Platform project to use. Defaults to OS env variable GCP_PROJECT if not present type: str auth_kind: @@ -134,9 +135,10 @@ options: - only used in creation - Note that the "value" piece of a label must contain only readable chars type: dict + default: {} ''' -EXAMPLES = r''' +EXAMPLES = ''' - name: Create a new parameter google.cloud.gcp_parameter_manager: name: parameter_key @@ -158,7 +160,7 @@ EXAMPLES = r''' name: parameter_key version: version_key format: JSON - value: "{\"key\":\"value\"}" + value: '{"key":"value"}' state: present auth_kind: serviceaccount service_account_file: service_account_creds.json @@ -179,7 +181,7 @@ EXAMPLES = r''' name: parameter_key version: version_key format: JSON - value: "{\"key\":\"value\"}" + value: '{"key":"value"}' state: present auth_kind: serviceaccount service_account_file: service_account_creds.json @@ -236,7 +238,7 @@ EXAMPLES = r''' name: parameter_key version: version_key format: JSON - value: "{\"key\":\"value\"}" + value: '{"key":"value"}' state: present auth_kind: serviceaccount service_account_file: service_account_creds.json @@ -257,7 +259,7 @@ EXAMPLES = r''' name: parameter_key version: version_key format: JSON - value: "{\"key\":\"value\"}" + value: '{"key":"value"}' state: present auth_kind: serviceaccount service_account_file: service_account_creds.json @@ -294,7 +296,7 @@ EXAMPLES = r''' state: absent ''' -RETURN = r''' +RETURN = ''' resources: description: List of resources returned: always @@ -352,12 +354,12 @@ from ansible_collections.google.cloud.plugins.module_utils.gcp_utils import ( GcpSession, GcpModule ) -from google.auth.exceptions import RefreshError # for decoding and validating parameters import json import base64 + def get_auth(module): return GcpSession(module, 'parameter-manager') @@ -489,8 +491,8 @@ def return_if_object(module, response, allow_not_found=False): result['location'] = result['name'].split("/")[3] result['name'] = result['name'].split("/")[5] if len(result['name'].split("/")) == 8: - result['version'] = result['name'].split("/")[-1] - + result['version'] = result['name'].split("/")[-1] + # base64 decode the value if "payload" in result and "data" in result['payload']: result['value'] = base64.b64decode(result['payload']['data']).decode("utf-8") @@ -509,8 +511,8 @@ def main(): argument_spec=dict( state=dict(default='present', choices=['present', 'absent'], type='str'), name=dict(required=True, type='str', aliases=['key', 'parameter', 'parameter_id']), - version=dict(required=False, type='str', aliases=['version_id', 'parameter_verison_id']), - location=dict(required=False, type='str'), + version=dict(required=False, type='str', aliases=['version_id', 'parameter_version_id']), + location=dict(required=False, type='str', default='global'), value=dict(required=False, type='str'), format=dict(required=False, type='str', default='UNFORMATTED', choices=['UNFORMATTED', 'JSON', 'YAML']), return_value=dict(required=False, type='bool', default=True), @@ -521,7 +523,7 @@ def main(): try : if module.params.get('scopes') is None: module.params['scopes'] = ["https://www.googleapis.com/auth/cloud-platform"] - + if module.params.get('project') is None: module.fail_json(msg="The project is required. Please specify the Google Cloud project to use.") @@ -532,7 +534,6 @@ def main(): if fetch: fetch_version = check_parameter_version_exist(module, allow_not_found=True) - if state == 'present': # if parameter not exist if not fetch: @@ -544,7 +545,9 @@ def main(): changed = True # specified present and verison is provided but value is not provided elif module.params.get('version') and module.params.get('value') is None: - module.fail_json(msg="parameter '{name}' not present in '{project}' and no value for the parameter version is provided".format(**module.params)) + module.fail_json( + msg="parameter '{name}' not present in '{project}' and no value for the parameter version is provided".format(**module.params) + ) # specified present and verison is not provided # that no parameter could be created without a version elif module.params.get('value'): @@ -554,7 +557,7 @@ def main(): else: fetch = create_parameter(module) changed = True - + elif not fetch_version: # doesn't exist, must create if module.params.get('version') and module.params.get('value'): @@ -570,14 +573,16 @@ def main(): # specified present but no value # that no parameter could be created without a value to encrypt else: - module.fail_json(msg="parameter '{name}' present in '{project}' and no value and version for the parameter is provided".format(**module.params)) + module.fail_json( + msg="parameter '{name}' present in '{project}' and no value and version for the parameter is provided".format(**module.params) + ) else: # parameter and parameter version both exist # check if the value is the same # if not, delete the version and create new one # if the value is the same, do nothing - if "value" in fetch_version and module.params.get('value','') is not None: + if "value" in fetch_version and module.params.get('value', '') is not None: if fetch_version['value'] != module.params.get('value'): fetch['msg'] = 'values not identical, but parameter version name is same' # Delete existing version and create new one @@ -586,9 +591,9 @@ def main(): changed = True else: module.exit_json(msg="parameter '{name}' is already exist and value is the same".format(**module.params)) - elif module.params.get('value','') is None: + elif module.params.get('value', '') is None: module.fail_json(msg="parameter '{name}' present in '{project}' and no value for the parameter version is provided".format(**module.params)) - + else: if fetch is None: fetch = {} @@ -620,13 +625,12 @@ def main(): module.fail_json(msg="parameter {name} has nested version resources".format(**module.params)) else: module.exit_json(msg="parameter {name} is not exist".format(**module.params)) - - + # # pop value data if return_value == false if module.params.get('return_value') is False: if "value" in fetch: fetch.pop('value') - if "payload" in fetch: + if "payload" in fetch: fetch.pop('payload') if "msg" in fetch: fetch['msg'] = "{} | not returning parameter value since 'return_value' is set to false".format(fetch['msg']) @@ -635,8 +639,6 @@ def main(): fetch['changed'] = changed fetch['name'] = module.params.get('name') - except RefreshError as e: - module.fail_json(msg=f"Failed to refresh OAuth token: {str(e)}") except Exception as e: module.fail_json(msg=f"An unexpected error occurred: {str(e)}") From 81fbe1debe3a6f49023e2d33951a2a2b8d741e57 Mon Sep 17 00:00:00 2001 From: Jorge Gallegos Date: Thu, 5 Jun 2025 18:53:57 -0700 Subject: [PATCH 39/51] Add support for nicType Fixes #645 You can now specify the type of NIC attached to your VM Signed-off-by: Jorge Gallegos --- plugins/modules/gcp_compute_instance.py | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/plugins/modules/gcp_compute_instance.py b/plugins/modules/gcp_compute_instance.py index a0923948..ab7ce1c7 100644 --- a/plugins/modules/gcp_compute_instance.py +++ b/plugins/modules/gcp_compute_instance.py @@ -395,6 +395,19 @@ options: field to "{{ name-of-resource }}"' required: false type: dict + nic_type: + description: + - Type of network interface card attached to instance. + - If unspecified it will use the default provided by GCP. + - As the next generation network interface which succeeds VirtIO, gVNIC + replaces VirtIO-Net as the only supported network interface in Compute + Engine for all new machine types (Generation 3 and onwards). + - Newer machine series and networking features require gVNIC instead of VirtIO. + required: false + type: str + choices: + - VIRTIO_NET + - GVNIC scheduling: description: - Sets the scheduling options for this instance. @@ -1174,6 +1187,7 @@ def main(): network=dict(type='dict'), network_ip=dict(type='str'), subnetwork=dict(type='dict'), + nic_type=dict(type='str', choices=['VIRTIO_NET', 'GVNIC']), ), ), scheduling=dict( @@ -1715,6 +1729,7 @@ class InstanceNetworkinterfacesArray(object): u'network': replace_resource_dict(item.get(u'network', {}), 'selfLink'), u'networkIP': item.get('network_ip'), u'subnetwork': replace_resource_dict(item.get(u'subnetwork', {}), 'selfLink'), + u'nicType': item.get('nic_type'), } ) @@ -1726,6 +1741,7 @@ class InstanceNetworkinterfacesArray(object): u'network': item.get(u'network'), u'networkIP': item.get(u'networkIP'), u'subnetwork': item.get(u'subnetwork'), + u'nicType': item.get(u'nicType'), } ) From 24bba779d81a0228916efb07cc1a602e3680f740 Mon Sep 17 00:00:00 2001 From: Jorge Gallegos Date: Thu, 5 Jun 2025 18:54:43 -0700 Subject: [PATCH 40/51] Update integration tests to account for nicType changes Signed-off-by: Jorge Gallegos --- .../gcp_compute_instance/tasks/main.yml | 140 ++++++++++++++++++ 1 file changed, 140 insertions(+) diff --git a/tests/integration/targets/gcp_compute_instance/tasks/main.yml b/tests/integration/targets/gcp_compute_instance/tasks/main.yml index fe47378c..4cd0f881 100644 --- a/tests/integration/targets/gcp_compute_instance/tasks/main.yml +++ b/tests/integration/targets/gcp_compute_instance/tasks/main.yml @@ -1,3 +1,143 @@ --- - name: Generated tests ansible.builtin.include_tasks: autogen.yml + +- name: Test nic_type scenarios + block: + - name: Create disk for virtio + google.cloud.gcp_compute_disk: + name: "{{ resource_prefix }}-virtio" + size_gb: 50 + source_image: projects/rhel-cloud/global/images/rhel-9-v20250513 + zone: us-central1-a + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: _virtio_disk + + - name: Create disk for gVNIC + google.cloud.gcp_compute_disk: + name: "{{ resource_prefix }}-gvnic" + size_gb: 50 + source_image: projects/rhel-cloud/global/images/rhel-9-v20250513 + zone: us-central1-a + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: _gvnic_disk + + - name: Create network + google.cloud.gcp_compute_network: + name: "{{ resource_prefix }}" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + auto_create_subnetworks: true + state: present + register: _network + + - name: Create virtio instance + google.cloud.gcp_compute_instance: + name: "{{ resource_name }}-virtio" + machine_type: n1-standard-1 + disks: + - auto_delete: "true" + boot: "true" + source: "{{ _virtio_disk }}" + network_interfaces: + - network: "{{ _network }}" + nic_type: VIRTIO_NET + zone: us-central1-a + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: _virtio_result + + - name: Verify virtio instance was created + google.cloud.gcp_compute_instance_info: + filters: + - name = {{ resource_name }}-virtio + zone: us-central1-a + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + scopes: + - https://www.googleapis.com/auth/compute + register: _virtio_info + + - name: Pass assertions + ansible.builtin.assert: + that: + - _virtio_result.changed == true + - _virtio_result.networkInterfaces[0].nicType == 'VIRTIO_NET' + - _virtio_info.resources[0].networkInterfaces[0].nicType == 'VIRTIO_NET' + + - name: Create gvnic instance + google.cloud.gcp_compute_instance: + name: "{{ resource_name }}-gvnic" + machine_type: n1-standard-1 + disks: + - auto_delete: "true" + boot: "true" + source: "{{ _gvnic_disk }}" + network_interfaces: + - network: "{{ _network }}" + nic_type: GVNIC + zone: us-central1-a + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: _gvnic_result + + - name: Verify gvnic instance was created + google.cloud.gcp_compute_instance_info: + filters: + - name = {{ resource_name }}-gvnic + zone: us-central1-a + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + scopes: + - https://www.googleapis.com/auth/compute + register: _gvnic_info + + - name: Pass assertions + ansible.builtin.assert: + that: + - _gvnic_result.changed == true + - _gvnic_result.networkInterfaces[0].nicType == 'GVNIC' + - _gvnic_info.resources[0].networkInterfaces[0].nicType == 'GVNIC' + + always: + - name: Delete virtio instance + google.cloud.gcp_compute_instance: + name: "{{ resource_name }}-virtio" + machine_type: n1-standard-1 + zone: us-central1-a + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + + - name: Delete gVNIC instance + google.cloud.gcp_compute_instance: + name: "{{ resource_name }}-gvnic" + machine_type: n1-standard-1 + zone: us-central1-a + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + + - name: Delete network + google.cloud.gcp_compute_network: + name: "{{ resource_prefix }}" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + auto_create_subnetworks: true + state: absent From d980418ea743158a6052fbab4fbe458ae3cb6aef Mon Sep 17 00:00:00 2001 From: Jorge Gallegos Date: Fri, 6 Jun 2025 13:41:17 -0700 Subject: [PATCH 41/51] Complete test cases with default option Signed-off-by: Jorge Gallegos --- .../gcp_compute_instance/tasks/gvnic.yml | 75 +++++++++++ .../gcp_compute_instance/tasks/main.yml | 125 ++---------------- 2 files changed, 83 insertions(+), 117 deletions(-) create mode 100644 tests/integration/targets/gcp_compute_instance/tasks/gvnic.yml diff --git a/tests/integration/targets/gcp_compute_instance/tasks/gvnic.yml b/tests/integration/targets/gcp_compute_instance/tasks/gvnic.yml new file mode 100644 index 00000000..ad2338fe --- /dev/null +++ b/tests/integration/targets/gcp_compute_instance/tasks/gvnic.yml @@ -0,0 +1,75 @@ +--- +- name: Debug + ansible.builtin.debug: + msg: "Testing {{ item.key }} scenario" + +- block: + - name: Create disk + google.cloud.gcp_compute_disk: + name: "{{ resource_prefix }}-{{ item.key }}" + size_gb: 50 + source_image: projects/rhel-cloud/global/images/rhel-9-v20250513 + zone: us-central1-a + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: _disk + + - name: Create instance + google.cloud.gcp_compute_instance: + name: "{{ resource_name }}-{{ item.key }}" + machine_type: n1-standard-1 + disks: + - auto_delete: "true" + boot: "true" + source: "{{ _disk }}" + network_interfaces: + - network: "{{ _network }}" + nic_type: "{{ item.value if item.value != 'default' else omit }}" + zone: us-central1-a + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: present + register: _result + + - name: Verify instance was created + google.cloud.gcp_compute_instance_info: + filters: + - name = {{ resource_name }}-{{ item.key }} + zone: us-central1-a + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + scopes: + - https://www.googleapis.com/auth/compute + register: _info + + # The default option won't expose nicType via API, param will be missing + - name: Pass assertions + ansible.builtin.assert: + that: + - _result.changed == true + - _result.networkInterfaces[0].nicType | default('default') == item.value + - _info.resources[0].networkInterfaces[0].nicType | default('default') == item.value + + always: + - name: Delete instance + google.cloud.gcp_compute_instance: + name: "{{ resource_name }}-{{ item.key }}" + machine_type: n1-standard-1 + zone: us-central1-a + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent + + - name: Delete disk + google.cloud.gcp_compute_disk: + name: "{{ resource_prefix }}-{{ item.key }}" + zone: us-central1-a + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file | default(omit) }}" + state: absent diff --git a/tests/integration/targets/gcp_compute_instance/tasks/main.yml b/tests/integration/targets/gcp_compute_instance/tasks/main.yml index 4cd0f881..1cd682ce 100644 --- a/tests/integration/targets/gcp_compute_instance/tasks/main.yml +++ b/tests/integration/targets/gcp_compute_instance/tasks/main.yml @@ -4,30 +4,6 @@ - name: Test nic_type scenarios block: - - name: Create disk for virtio - google.cloud.gcp_compute_disk: - name: "{{ resource_prefix }}-virtio" - size_gb: 50 - source_image: projects/rhel-cloud/global/images/rhel-9-v20250513 - zone: us-central1-a - project: "{{ gcp_project }}" - auth_kind: "{{ gcp_cred_kind }}" - service_account_file: "{{ gcp_cred_file | default(omit) }}" - state: present - register: _virtio_disk - - - name: Create disk for gVNIC - google.cloud.gcp_compute_disk: - name: "{{ resource_prefix }}-gvnic" - size_gb: 50 - source_image: projects/rhel-cloud/global/images/rhel-9-v20250513 - zone: us-central1-a - project: "{{ gcp_project }}" - auth_kind: "{{ gcp_cred_kind }}" - service_account_file: "{{ gcp_cred_file | default(omit) }}" - state: present - register: _gvnic_disk - - name: Create network google.cloud.gcp_compute_network: name: "{{ resource_prefix }}" @@ -38,101 +14,16 @@ state: present register: _network - - name: Create virtio instance - google.cloud.gcp_compute_instance: - name: "{{ resource_name }}-virtio" - machine_type: n1-standard-1 - disks: - - auto_delete: "true" - boot: "true" - source: "{{ _virtio_disk }}" - network_interfaces: - - network: "{{ _network }}" - nic_type: VIRTIO_NET - zone: us-central1-a - project: "{{ gcp_project }}" - auth_kind: "{{ gcp_cred_kind }}" - service_account_file: "{{ gcp_cred_file | default(omit) }}" - state: present - register: _virtio_result - - - name: Verify virtio instance was created - google.cloud.gcp_compute_instance_info: - filters: - - name = {{ resource_name }}-virtio - zone: us-central1-a - project: "{{ gcp_project }}" - auth_kind: "{{ gcp_cred_kind }}" - service_account_file: "{{ gcp_cred_file | default(omit) }}" - scopes: - - https://www.googleapis.com/auth/compute - register: _virtio_info - - - name: Pass assertions - ansible.builtin.assert: - that: - - _virtio_result.changed == true - - _virtio_result.networkInterfaces[0].nicType == 'VIRTIO_NET' - - _virtio_info.resources[0].networkInterfaces[0].nicType == 'VIRTIO_NET' - - - name: Create gvnic instance - google.cloud.gcp_compute_instance: - name: "{{ resource_name }}-gvnic" - machine_type: n1-standard-1 - disks: - - auto_delete: "true" - boot: "true" - source: "{{ _gvnic_disk }}" - network_interfaces: - - network: "{{ _network }}" - nic_type: GVNIC - zone: us-central1-a - project: "{{ gcp_project }}" - auth_kind: "{{ gcp_cred_kind }}" - service_account_file: "{{ gcp_cred_file | default(omit) }}" - state: present - register: _gvnic_result - - - name: Verify gvnic instance was created - google.cloud.gcp_compute_instance_info: - filters: - - name = {{ resource_name }}-gvnic - zone: us-central1-a - project: "{{ gcp_project }}" - auth_kind: "{{ gcp_cred_kind }}" - service_account_file: "{{ gcp_cred_file | default(omit) }}" - scopes: - - https://www.googleapis.com/auth/compute - register: _gvnic_info - - - name: Pass assertions - ansible.builtin.assert: - that: - - _gvnic_result.changed == true - - _gvnic_result.networkInterfaces[0].nicType == 'GVNIC' - - _gvnic_info.resources[0].networkInterfaces[0].nicType == 'GVNIC' + - name: Loop over testcase + ansible.builtin.include_tasks: gvnic.yml + loop: "{{ testcases | dict2items }}" + vars: + testcases: + gvnic: GVNIC + virtio: VIRTIO_NET + default: default always: - - name: Delete virtio instance - google.cloud.gcp_compute_instance: - name: "{{ resource_name }}-virtio" - machine_type: n1-standard-1 - zone: us-central1-a - project: "{{ gcp_project }}" - auth_kind: "{{ gcp_cred_kind }}" - service_account_file: "{{ gcp_cred_file | default(omit) }}" - state: absent - - - name: Delete gVNIC instance - google.cloud.gcp_compute_instance: - name: "{{ resource_name }}-gvnic" - machine_type: n1-standard-1 - zone: us-central1-a - project: "{{ gcp_project }}" - auth_kind: "{{ gcp_cred_kind }}" - service_account_file: "{{ gcp_cred_file | default(omit) }}" - state: absent - - name: Delete network google.cloud.gcp_compute_network: name: "{{ resource_prefix }}" From 3e3611fb23afdea810576ef61c4ac3bab76fe7c2 Mon Sep 17 00:00:00 2001 From: Jorge Gallegos Date: Mon, 9 Jun 2025 13:32:14 -0700 Subject: [PATCH 42/51] Adding hostname support to dynamic inventory Fixes #434 It is basically the same as #438 but with a few extra checks, don't want to rebase the whole thing. Signed-off-by: Jorge Gallegos --- plugins/inventory/gcp_compute.py | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/plugins/inventory/gcp_compute.py b/plugins/inventory/gcp_compute.py index bc3e953a..9a7cde80 100644 --- a/plugins/inventory/gcp_compute.py +++ b/plugins/inventory/gcp_compute.py @@ -23,7 +23,7 @@ DOCUMENTATION = """ required: True choices: ['google.cloud.gcp_compute', 'gcp_compute'] zones: - description: A list of regions in which to describe GCE instances. + description: A list of zones in which to describe GCE instances. If none provided, it defaults to all zones available to a given project. type: list elements: string @@ -48,7 +48,7 @@ DOCUMENTATION = """ hostnames: description: A list of options that describe the ordering for which hostnames should be assigned. Currently supported hostnames are - 'public_ip', 'private_ip', 'name' or 'labels.vm_name'. + 'public_ip', 'private_ip', 'name', 'hostname' or 'labels.vm_name'. default: ['public_ip', 'private_ip', 'name'] type: list elements: string @@ -121,7 +121,7 @@ DOCUMENTATION = """ EXAMPLES = """ plugin: google.cloud.gcp_compute -zones: # populate inventory with instances in these regions +zones: # populate inventory with instances in these zones - us-east1-a projects: - gcp-prod-gke-100 @@ -248,6 +248,8 @@ class GcpInstance(object): name = self._get_publicip() elif order == "private_ip": name = self._get_privateip() + elif order == "hostname": + name = self.json.get("hostname", self.json["name"] + self.name_suffix) elif order == "name": name = self.json["name"] + self.name_suffix else: From adf05c4ecf88ea99f11292d025034abacbb63108 Mon Sep 17 00:00:00 2001 From: Jorge Gallegos Date: Tue, 10 Jun 2025 13:57:27 -0700 Subject: [PATCH 43/51] Adding integration test for dynamic inventory plugin Signed-off-by: Jorge Gallegos --- .../integration/targets/inventory_gce/aliases | 1 + .../targets/inventory_gce/playbooks/setup.yml | 51 +++++++++++++++++++ .../inventory_gce/playbooks/teardown.yml | 38 ++++++++++++++ .../targets/inventory_gce/playbooks/test.yml | 30 +++++++++++ .../playbooks/testcase_basic.yml | 16 ++++++ .../playbooks/testcase_hostname.yml | 22 ++++++++ .../targets/inventory_gce/playbooks/vars.yml | 38 ++++++++++++++ .../targets/inventory_gce/runme.sh | 28 ++++++++++ .../inventory_gce/templates/inventory.yml.j2 | 27 ++++++++++ .../inventory_gce/test.gcp_compute.yml | 1 + 10 files changed, 252 insertions(+) create mode 100644 tests/integration/targets/inventory_gce/aliases create mode 100644 tests/integration/targets/inventory_gce/playbooks/setup.yml create mode 100644 tests/integration/targets/inventory_gce/playbooks/teardown.yml create mode 100644 tests/integration/targets/inventory_gce/playbooks/test.yml create mode 100644 tests/integration/targets/inventory_gce/playbooks/testcase_basic.yml create mode 100644 tests/integration/targets/inventory_gce/playbooks/testcase_hostname.yml create mode 100644 tests/integration/targets/inventory_gce/playbooks/vars.yml create mode 100755 tests/integration/targets/inventory_gce/runme.sh create mode 100644 tests/integration/targets/inventory_gce/templates/inventory.yml.j2 create mode 100644 tests/integration/targets/inventory_gce/test.gcp_compute.yml diff --git a/tests/integration/targets/inventory_gce/aliases b/tests/integration/targets/inventory_gce/aliases new file mode 100644 index 00000000..0e4419e3 --- /dev/null +++ b/tests/integration/targets/inventory_gce/aliases @@ -0,0 +1 @@ +cloud/gcp \ No newline at end of file diff --git a/tests/integration/targets/inventory_gce/playbooks/setup.yml b/tests/integration/targets/inventory_gce/playbooks/setup.yml new file mode 100644 index 00000000..d26ce149 --- /dev/null +++ b/tests/integration/targets/inventory_gce/playbooks/setup.yml @@ -0,0 +1,51 @@ +--- +- name: Setup test suite + hosts: localhost + connection: local + gather_facts: false + vars_files: + - vars.yml + tasks: + - name: SETUP | Create network + google.cloud.gcp_compute_network: + name: "{{ prefix }}" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file }}" + auto_create_subnetworks: true + state: present + register: _network + + - name: SETUP | Create disks + google.cloud.gcp_compute_disk: + name: "{{ prefix }}-{{ item.name }}" + size_gb: 20 + zone: "{{ gcp_zone }}" + project: "{{ gcp_project }}" + service_account_file: "{{ gcp_cred_file }}" + source_image: "{{ gcp_disk_image }}" + auth_kind: "{{ gcp_cred_kind }}" + state: present + register: _disks + loop: "{{ sut }}" + + - name: SETUP | Create instance + google.cloud.gcp_compute_instance: + name: "{{ prefix }}-{{ item.name }}" + machine_type: n1-standard-1 + disks: + - auto_delete: true + boot: true + source: "{{ _disks.results[idx] }}" + network_interfaces: + - network: "{{ _network }}" + labels: "{{ item.labels | default({}) }}" + hostname: "{{ item.hostname | default(omit) }}" + zone: "{{ gcp_zone }}" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file }}" + state: present + loop: "{{ sut }}" + loop_control: + index_var: idx diff --git a/tests/integration/targets/inventory_gce/playbooks/teardown.yml b/tests/integration/targets/inventory_gce/playbooks/teardown.yml new file mode 100644 index 00000000..b4e48041 --- /dev/null +++ b/tests/integration/targets/inventory_gce/playbooks/teardown.yml @@ -0,0 +1,38 @@ +--- +- name: Teardown test suite + hosts: localhost + connection: local + gather_facts: false + vars_files: + - vars.yml + tasks: + - name: TEARDOWN | Delete instance # noqa: ignore-errors + google.cloud.gcp_compute_instance: + name: "{{ prefix }}-{{ item.name }}" + zone: "{{ gcp_zone }}" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file }}" + state: absent + loop: "{{ sut }}" + ignore_errors: true # try to delete as much as possible + + - name: TEARDOWN | Delete disk # noqa: ignore-errors + google.cloud.gcp_compute_disk: + name: "{{ prefix }}-{{ item.name }}" + zone: "{{ gcp_zone }}" + project: "{{ gcp_project }}" + service_account_file: "{{ gcp_cred_file }}" + source_image: "{{ gcp_disk_image }}" + auth_kind: "{{ gcp_cred_kind }}" + state: absent + loop: "{{ sut }}" + ignore_errors: true # try to delete as much as possible + + - name: TEARDOWN | Delete network + google.cloud.gcp_compute_network: + name: "{{ prefix }}" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file }}" + state: absent diff --git a/tests/integration/targets/inventory_gce/playbooks/test.yml b/tests/integration/targets/inventory_gce/playbooks/test.yml new file mode 100644 index 00000000..da119970 --- /dev/null +++ b/tests/integration/targets/inventory_gce/playbooks/test.yml @@ -0,0 +1,30 @@ +--- +- name: Test + hosts: localhost + connection: local + gather_facts: false + vars_files: + - vars.yml + tasks: + - name: TEST | render inventory file + ansible.builtin.copy: + dest: "../{{ inventory_filename }}" + content: "{{ lookup('template', '../templates/inventory.yml.j2') }}" + mode: preserve + + - name: slurp + ansible.builtin.slurp: + src: "../{{ inventory_filename }}" + register: _inv + + - name: debug + ansible.builtin.debug: + msg: "{{ _inv.content | b64decode }}" + verbosity: 3 + + - name: TEST | refresh inventory + ansible.builtin.meta: refresh_inventory + + - name: TEST | run test case + ansible.builtin.include_tasks: + file: "testcase_{{ testcase }}.yml" diff --git a/tests/integration/targets/inventory_gce/playbooks/testcase_basic.yml b/tests/integration/targets/inventory_gce/playbooks/testcase_basic.yml new file mode 100644 index 00000000..0f0841ee --- /dev/null +++ b/tests/integration/targets/inventory_gce/playbooks/testcase_basic.yml @@ -0,0 +1,16 @@ +--- +- name: TEST | print hosts + ansible.builtin.debug: + var: groups + +- name: TEST | assert instances exist + ansible.builtin.assert: + that: + - groups['all'] | length > 0 + +- name: TEST | assert grouping works + ansible.builtin.assert: + that: + - groups['gcp_env_prod'] | length == 2 + - groups['gcp_cluster_db'] | length == 1 + - groups['gcp_cluster_web'] | length == 1 diff --git a/tests/integration/targets/inventory_gce/playbooks/testcase_hostname.yml b/tests/integration/targets/inventory_gce/playbooks/testcase_hostname.yml new file mode 100644 index 00000000..1bcf3224 --- /dev/null +++ b/tests/integration/targets/inventory_gce/playbooks/testcase_hostname.yml @@ -0,0 +1,22 @@ +--- +- name: TEST | print hosts + ansible.builtin.debug: + var: groups + +- name: TEST | fetch instance info for vm1 + google.cloud.gcp_compute_instance_info: + filters: + - name = {{ prefix }}-vm1 + zone: "{{ gcp_zone }}" + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file }}" + scopes: + - https://www.googleapis.com/auth/compute + register: _vm + +- name: TEST | compare API vs inventory hostnames + ansible.builtin.assert: + that: + - _vm.resources | length > 0 + - _vm.resources[0].hostname in groups['gcp_dns_static'] diff --git a/tests/integration/targets/inventory_gce/playbooks/vars.yml b/tests/integration/targets/inventory_gce/playbooks/vars.yml new file mode 100644 index 00000000..87e8d04d --- /dev/null +++ b/tests/integration/targets/inventory_gce/playbooks/vars.yml @@ -0,0 +1,38 @@ +--- +gcp_region: us-central1 +gcp_zones: + - "{{ gcp_region }}-a" + - "{{ gcp_region }}-b" + - "{{ gcp_region }}-c" + - "{{ gcp_region }}-f" +gcp_zone: "{{ gcp_zones | first }}" +gcp_disk_image: projects/centos-cloud/global/images/centos-stream-9-v20250513 + +prefix: "{{ resource_prefix | default('d3adb33f') }}" +sut: + - name: vm1 + hostname: "vm1.static.{{ prefix }}.com" + labels: + dns: static + - name: vm2 + labels: + cluster: db + env: prod + - name: vm3 + labels: + cluster: web + env: prod + +testcase: basic +testcases: + basic: + filters: + - status = RUNNING + hostnames: + - name + hostname: + hostnames: + - hostname + - name + +inventory_filename: test.gcp_compute.yml diff --git a/tests/integration/targets/inventory_gce/runme.sh b/tests/integration/targets/inventory_gce/runme.sh new file mode 100755 index 00000000..6eec2599 --- /dev/null +++ b/tests/integration/targets/inventory_gce/runme.sh @@ -0,0 +1,28 @@ +#!/usr/bin/env bash + +set -eux + +# test infra +ansible-playbook playbooks/setup.yml "$@" + +export ANSIBLE_INVENTORY=test.gcp_compute.yml + +RC=0 +# we want to run teardown regardless of playbook exit status, so catch the +# exit code of ansible-playbook manually +set +e +for ts in playbooks/testcase_*.yml; +do + testcase="$( basename $ts | sed -e 's/testcase_//' | sed -e 's/.yml//' )" + ansible-playbook playbooks/test.yml "$@" --extra-vars "testcase=${testcase}" + RC=$? + test $RC -ne 0 && break +done +set -e + +unset ANSIBLE_INVENTORY + +# delete test infra +ansible-playbook playbooks/teardown.yml "$@" + +exit $RC diff --git a/tests/integration/targets/inventory_gce/templates/inventory.yml.j2 b/tests/integration/targets/inventory_gce/templates/inventory.yml.j2 new file mode 100644 index 00000000..ff0d3ec0 --- /dev/null +++ b/tests/integration/targets/inventory_gce/templates/inventory.yml.j2 @@ -0,0 +1,27 @@ +--- +plugin: google.cloud.gcp_compute + +zones: +{{ gcp_zones | to_nice_yaml }} +projects: +- {{ gcp_project }} + +auth_kind: {{ gcp_cred_kind }} + +service_account_file: {{ gcp_cred_file }} + +scopes: +- 'https://www.googleapis.com/auth/cloud-platform' +- 'https://www.googleapis.com/auth/compute.readonly' + +keyed_groups: +- prefix: gcp + key: labels + +name_suffix: .{{ prefix }}.com + +filters: +{{ testcases[testcase]['filters'] | default(testcases['basic']['filters']) | default([]) | to_nice_yaml }} + +hostnames: +{{ testcases[testcase]['hostnames'] | default(testcases['basic']['hostnames']) | default([]) | to_nice_yaml }} diff --git a/tests/integration/targets/inventory_gce/test.gcp_compute.yml b/tests/integration/targets/inventory_gce/test.gcp_compute.yml new file mode 100644 index 00000000..7c6a5ed2 --- /dev/null +++ b/tests/integration/targets/inventory_gce/test.gcp_compute.yml @@ -0,0 +1 @@ +# keep empty From d8ca8a27bca45a68d2cf7a0df3808567c3dbe3a4 Mon Sep 17 00:00:00 2001 From: Jorge Gallegos Date: Tue, 10 Jun 2025 14:03:42 -0700 Subject: [PATCH 44/51] Shellcheck fix Signed-off-by: Jorge Gallegos --- tests/integration/targets/inventory_gce/runme.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/integration/targets/inventory_gce/runme.sh b/tests/integration/targets/inventory_gce/runme.sh index 6eec2599..4b56a3a1 100755 --- a/tests/integration/targets/inventory_gce/runme.sh +++ b/tests/integration/targets/inventory_gce/runme.sh @@ -13,7 +13,7 @@ RC=0 set +e for ts in playbooks/testcase_*.yml; do - testcase="$( basename $ts | sed -e 's/testcase_//' | sed -e 's/.yml//' )" + testcase=$( basename "$ts" | sed -e 's/testcase_//' | sed -e 's/.yml//' ) ansible-playbook playbooks/test.yml "$@" --extra-vars "testcase=${testcase}" RC=$? test $RC -ne 0 && break From c9775be63ed9a2feb125591e53de1a2028c81489 Mon Sep 17 00:00:00 2001 From: Jorge Gallegos Date: Tue, 10 Jun 2025 17:27:26 -0700 Subject: [PATCH 45/51] Clear up error responses from gcp_secret_manager lookup The wording of the raised exception wasn't great, adding a bit more granularity to the type of error returned Signed-off-by: Jorge Gallegos --- plugins/lookup/gcp_secret_manager.py | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/plugins/lookup/gcp_secret_manager.py b/plugins/lookup/gcp_secret_manager.py index 14824a92..c7ef20d4 100644 --- a/plugins/lookup/gcp_secret_manager.py +++ b/plugins/lookup/gcp_secret_manager.py @@ -204,8 +204,23 @@ class LookupModule(LookupBase): ) response = auth.get(url) self._display.vvv(msg=f"List Version Response: {response.status_code} for {response.request.url}: {response.json()}") - if response.status_code != 200: - self.raise_error(module, f"unable to list versions of secret {response.status_code}") + if response.status_code >= 500: # generic server error + self.raise_error( + module, + f"server error encountered while looking for secret '{module.params['name']}', code: {response.status_code}" + ) + elif response.status_code >= 400: # generic client request error + self.raise_error( + module, + f"client error encountered while looking for secret '{module.params['name']}', code: {response.status_code}" + ) + elif response.status_code >= 300: # all other possible errors + self.raise_error( + module, + f"unable to list versions for secret '{module.params['name']}', code: {response.status_code}" + ) + else: + pass version_list = response.json() if "versions" in version_list: versions_numbers = [] From dfa3613d79b9e6fbf625c8890138aee1f3113610 Mon Sep 17 00:00:00 2001 From: Jorge Gallegos Date: Wed, 11 Jun 2025 14:45:24 -0700 Subject: [PATCH 46/51] Updated documentation for gcp_serviceusage_service You need the API enabled in order to use it first. Signed-off-by: Jorge Gallegos --- plugins/modules/gcp_serviceusage_service.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/plugins/modules/gcp_serviceusage_service.py b/plugins/modules/gcp_serviceusage_service.py index 221f7b6c..40a10cd2 100644 --- a/plugins/modules/gcp_serviceusage_service.py +++ b/plugins/modules/gcp_serviceusage_service.py @@ -103,6 +103,8 @@ options: type: str notes: - 'Getting Started: U(https://cloud.google.com/service-usage/docs/getting-started)' +- For this module to work, the serviceusage.googleapis.com service must be enabled + U(https://cloud.google.com/service-usage/docs/enable-disable#gcloud) already. - for authentication, you can set service_account_file using the C(GCP_SERVICE_ACCOUNT_FILE) env variable. - for authentication, you can set service_account_contents using the C(GCP_SERVICE_ACCOUNT_CONTENTS) From 6867ae1b1255c6bcc6d628924256011de961fc61 Mon Sep 17 00:00:00 2001 From: Chris Hawk Date: Fri, 20 Jun 2025 13:57:08 -0700 Subject: [PATCH 47/51] Add changelog fragments --- .../fragments/685-support-for-regional-secret-manager.yaml | 3 +++ .../686-add-discard_local_ssd-flag-to-compute-instance.yaml | 3 +++ changelogs/fragments/688-add-gvnic-support.yaml | 3 +++ .../fragments/689-hostname-support-for-dynamic-inventory.yaml | 3 +++ ...lear-up-error-responses-from-gcp_secret_manager-lookup.yaml | 3 +++ ...691-updated-documentation-for-gcp_serviceusage_service.yaml | 3 +++ 6 files changed, 18 insertions(+) create mode 100644 changelogs/fragments/685-support-for-regional-secret-manager.yaml create mode 100644 changelogs/fragments/686-add-discard_local_ssd-flag-to-compute-instance.yaml create mode 100644 changelogs/fragments/688-add-gvnic-support.yaml create mode 100644 changelogs/fragments/689-hostname-support-for-dynamic-inventory.yaml create mode 100644 changelogs/fragments/690-clear-up-error-responses-from-gcp_secret_manager-lookup.yaml create mode 100644 changelogs/fragments/691-updated-documentation-for-gcp_serviceusage_service.yaml diff --git a/changelogs/fragments/685-support-for-regional-secret-manager.yaml b/changelogs/fragments/685-support-for-regional-secret-manager.yaml new file mode 100644 index 00000000..1603c4f4 --- /dev/null +++ b/changelogs/fragments/685-support-for-regional-secret-manager.yaml @@ -0,0 +1,3 @@ +minor_changes: + - gcp_secret_manager - added support for regional secret manager + (https://github.com/ansible-collections/google.cloud/pull/685). \ No newline at end of file diff --git a/changelogs/fragments/686-add-discard_local_ssd-flag-to-compute-instance.yaml b/changelogs/fragments/686-add-discard_local_ssd-flag-to-compute-instance.yaml new file mode 100644 index 00000000..34905e55 --- /dev/null +++ b/changelogs/fragments/686-add-discard_local_ssd-flag-to-compute-instance.yaml @@ -0,0 +1,3 @@ +minor_changes: + - gcp_compute - added ``discard_local_ssd`` flag to compute instance + (https://github.com/ansible-collections/google.cloud/pull/686). \ No newline at end of file diff --git a/changelogs/fragments/688-add-gvnic-support.yaml b/changelogs/fragments/688-add-gvnic-support.yaml new file mode 100644 index 00000000..c17f3248 --- /dev/null +++ b/changelogs/fragments/688-add-gvnic-support.yaml @@ -0,0 +1,3 @@ +minor_changes: + - gcp_compute - added GVNIC support to compute instance + (https://github.com/ansible-collections/google.cloud/pull/688). \ No newline at end of file diff --git a/changelogs/fragments/689-hostname-support-for-dynamic-inventory.yaml b/changelogs/fragments/689-hostname-support-for-dynamic-inventory.yaml new file mode 100644 index 00000000..faa096f5 --- /dev/null +++ b/changelogs/fragments/689-hostname-support-for-dynamic-inventory.yaml @@ -0,0 +1,3 @@ +minor_changes: + - gcp_compute - added hostname support to dynamic inventory + (https://github.com/ansible-collections/google.cloud/pull/689). \ No newline at end of file diff --git a/changelogs/fragments/690-clear-up-error-responses-from-gcp_secret_manager-lookup.yaml b/changelogs/fragments/690-clear-up-error-responses-from-gcp_secret_manager-lookup.yaml new file mode 100644 index 00000000..bd1cffeb --- /dev/null +++ b/changelogs/fragments/690-clear-up-error-responses-from-gcp_secret_manager-lookup.yaml @@ -0,0 +1,3 @@ +bugfixes: + - gcp_secret_manager - cleaned up error responses + (https://github.com/ansible-collections/google.cloud/pull/690). \ No newline at end of file diff --git a/changelogs/fragments/691-updated-documentation-for-gcp_serviceusage_service.yaml b/changelogs/fragments/691-updated-documentation-for-gcp_serviceusage_service.yaml new file mode 100644 index 00000000..d42a299d --- /dev/null +++ b/changelogs/fragments/691-updated-documentation-for-gcp_serviceusage_service.yaml @@ -0,0 +1,3 @@ +bugfixes: + - gcp_serviceusage_service - updated documentation + (https://github.com/ansible-collections/google.cloud/pull/691). \ No newline at end of file From b485570c2d7248a672db9ac6e09b77004762a090 Mon Sep 17 00:00:00 2001 From: Chris Hawk Date: Fri, 20 Jun 2025 14:00:52 -0700 Subject: [PATCH 48/51] Update version to 1.6.0 --- galaxy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/galaxy.yml b/galaxy.yml index fd0d4fb5..ecc5be87 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -10,7 +10,7 @@ namespace: google name: cloud # The version of the collection. Must be compatible with semantic versioning -version: 1.5.3 +version: 1.6.0 # The path to the Markdown (.md) readme file. This path is relative to the root of the collection readme: README.md From 50ed75fe9c0718821c25c713eef778b27bdd0f58 Mon Sep 17 00:00:00 2001 From: Chris Hawk Date: Fri, 20 Jun 2025 14:02:13 -0700 Subject: [PATCH 49/51] Build changelog --- CHANGELOG.rst | 17 +++++++++++++++++ changelogs/changelog.yaml | 18 ++++++++++++++++++ ...85-support-for-regional-secret-manager.yaml | 3 --- ...ard_local_ssd-flag-to-compute-instance.yaml | 3 --- .../fragments/688-add-gvnic-support.yaml | 3 --- ...hostname-support-for-dynamic-inventory.yaml | 3 --- ...sponses-from-gcp_secret_manager-lookup.yaml | 3 --- ...mentation-for-gcp_serviceusage_service.yaml | 3 --- 8 files changed, 35 insertions(+), 18 deletions(-) delete mode 100644 changelogs/fragments/685-support-for-regional-secret-manager.yaml delete mode 100644 changelogs/fragments/686-add-discard_local_ssd-flag-to-compute-instance.yaml delete mode 100644 changelogs/fragments/688-add-gvnic-support.yaml delete mode 100644 changelogs/fragments/689-hostname-support-for-dynamic-inventory.yaml delete mode 100644 changelogs/fragments/690-clear-up-error-responses-from-gcp_secret_manager-lookup.yaml delete mode 100644 changelogs/fragments/691-updated-documentation-for-gcp_serviceusage_service.yaml diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 5dcfaf4a..fdb4c8fd 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -4,6 +4,23 @@ Google.Cloud Release Notes .. contents:: Topics +v1.6.0 +====== + +Minor Changes +------------- + +- gcp_compute - added GVNIC support to compute instance (https://github.com/ansible-collections/google.cloud/pull/688). +- gcp_compute - added ``discard_local_ssd`` flag to compute instance (https://github.com/ansible-collections/google.cloud/pull/686). +- gcp_compute - added hostname support to dynamic inventory (https://github.com/ansible-collections/google.cloud/pull/689). +- gcp_secret_manager - added support for regional secret manager (https://github.com/ansible-collections/google.cloud/pull/685). + +Bugfixes +-------- + +- gcp_secret_manager - cleaned up error responses (https://github.com/ansible-collections/google.cloud/pull/690). +- gcp_serviceusage_service - updated documentation (https://github.com/ansible-collections/google.cloud/pull/691). + v1.5.3 ====== diff --git a/changelogs/changelog.yaml b/changelogs/changelog.yaml index c93d52a5..3e8b9ad8 100644 --- a/changelogs/changelog.yaml +++ b/changelogs/changelog.yaml @@ -142,3 +142,21 @@ releases: fragments: - 682-update-readme.yaml release_date: '2025-04-30' + 1.6.0: + changes: + bugfixes: + - gcp_secret_manager - cleaned up error responses (https://github.com/ansible-collections/google.cloud/pull/690). + - gcp_serviceusage_service - updated documentation (https://github.com/ansible-collections/google.cloud/pull/691). + minor_changes: + - gcp_compute - added GVNIC support to compute instance (https://github.com/ansible-collections/google.cloud/pull/688). + - gcp_compute - added ``discard_local_ssd`` flag to compute instance (https://github.com/ansible-collections/google.cloud/pull/686). + - gcp_compute - added hostname support to dynamic inventory (https://github.com/ansible-collections/google.cloud/pull/689). + - gcp_secret_manager - added support for regional secret manager (https://github.com/ansible-collections/google.cloud/pull/685). + fragments: + - 685-support-for-regional-secret-manager.yaml + - 686-add-discard_local_ssd-flag-to-compute-instance.yaml + - 688-add-gvnic-support.yaml + - 689-hostname-support-for-dynamic-inventory.yaml + - 690-clear-up-error-responses-from-gcp_secret_manager-lookup.yaml + - 691-updated-documentation-for-gcp_serviceusage_service.yaml + release_date: '2025-06-20' diff --git a/changelogs/fragments/685-support-for-regional-secret-manager.yaml b/changelogs/fragments/685-support-for-regional-secret-manager.yaml deleted file mode 100644 index 1603c4f4..00000000 --- a/changelogs/fragments/685-support-for-regional-secret-manager.yaml +++ /dev/null @@ -1,3 +0,0 @@ -minor_changes: - - gcp_secret_manager - added support for regional secret manager - (https://github.com/ansible-collections/google.cloud/pull/685). \ No newline at end of file diff --git a/changelogs/fragments/686-add-discard_local_ssd-flag-to-compute-instance.yaml b/changelogs/fragments/686-add-discard_local_ssd-flag-to-compute-instance.yaml deleted file mode 100644 index 34905e55..00000000 --- a/changelogs/fragments/686-add-discard_local_ssd-flag-to-compute-instance.yaml +++ /dev/null @@ -1,3 +0,0 @@ -minor_changes: - - gcp_compute - added ``discard_local_ssd`` flag to compute instance - (https://github.com/ansible-collections/google.cloud/pull/686). \ No newline at end of file diff --git a/changelogs/fragments/688-add-gvnic-support.yaml b/changelogs/fragments/688-add-gvnic-support.yaml deleted file mode 100644 index c17f3248..00000000 --- a/changelogs/fragments/688-add-gvnic-support.yaml +++ /dev/null @@ -1,3 +0,0 @@ -minor_changes: - - gcp_compute - added GVNIC support to compute instance - (https://github.com/ansible-collections/google.cloud/pull/688). \ No newline at end of file diff --git a/changelogs/fragments/689-hostname-support-for-dynamic-inventory.yaml b/changelogs/fragments/689-hostname-support-for-dynamic-inventory.yaml deleted file mode 100644 index faa096f5..00000000 --- a/changelogs/fragments/689-hostname-support-for-dynamic-inventory.yaml +++ /dev/null @@ -1,3 +0,0 @@ -minor_changes: - - gcp_compute - added hostname support to dynamic inventory - (https://github.com/ansible-collections/google.cloud/pull/689). \ No newline at end of file diff --git a/changelogs/fragments/690-clear-up-error-responses-from-gcp_secret_manager-lookup.yaml b/changelogs/fragments/690-clear-up-error-responses-from-gcp_secret_manager-lookup.yaml deleted file mode 100644 index bd1cffeb..00000000 --- a/changelogs/fragments/690-clear-up-error-responses-from-gcp_secret_manager-lookup.yaml +++ /dev/null @@ -1,3 +0,0 @@ -bugfixes: - - gcp_secret_manager - cleaned up error responses - (https://github.com/ansible-collections/google.cloud/pull/690). \ No newline at end of file diff --git a/changelogs/fragments/691-updated-documentation-for-gcp_serviceusage_service.yaml b/changelogs/fragments/691-updated-documentation-for-gcp_serviceusage_service.yaml deleted file mode 100644 index d42a299d..00000000 --- a/changelogs/fragments/691-updated-documentation-for-gcp_serviceusage_service.yaml +++ /dev/null @@ -1,3 +0,0 @@ -bugfixes: - - gcp_serviceusage_service - updated documentation - (https://github.com/ansible-collections/google.cloud/pull/691). \ No newline at end of file From 9bdfba5e5c1bb7b3be8cf9aceb1005b9ffdb805b Mon Sep 17 00:00:00 2001 From: Chris Hawk Date: Fri, 20 Jun 2025 14:44:45 -0700 Subject: [PATCH 50/51] Fix lint errors --- .../integration/targets/gcp_compute_instance/tasks/gvnic.yml | 3 ++- tests/integration/targets/inventory_gce/playbooks/test.yml | 4 ++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/tests/integration/targets/gcp_compute_instance/tasks/gvnic.yml b/tests/integration/targets/gcp_compute_instance/tasks/gvnic.yml index ad2338fe..bc5db37c 100644 --- a/tests/integration/targets/gcp_compute_instance/tasks/gvnic.yml +++ b/tests/integration/targets/gcp_compute_instance/tasks/gvnic.yml @@ -3,7 +3,8 @@ ansible.builtin.debug: msg: "Testing {{ item.key }} scenario" -- block: +- name: Test GVNIC scenarios + block: - name: Create disk google.cloud.gcp_compute_disk: name: "{{ resource_prefix }}-{{ item.key }}" diff --git a/tests/integration/targets/inventory_gce/playbooks/test.yml b/tests/integration/targets/inventory_gce/playbooks/test.yml index da119970..aaa539af 100644 --- a/tests/integration/targets/inventory_gce/playbooks/test.yml +++ b/tests/integration/targets/inventory_gce/playbooks/test.yml @@ -12,12 +12,12 @@ content: "{{ lookup('template', '../templates/inventory.yml.j2') }}" mode: preserve - - name: slurp + - name: TEST | slurp ansible.builtin.slurp: src: "../{{ inventory_filename }}" register: _inv - - name: debug + - name: TEST | debug ansible.builtin.debug: msg: "{{ _inv.content | b64decode }}" verbosity: 3 From 5cd81072c43de657ea5f6b3bc4054eb012ff1a95 Mon Sep 17 00:00:00 2001 From: Chris Hawk Date: Fri, 20 Jun 2025 15:28:16 -0700 Subject: [PATCH 51/51] Refactor inventory_gce tests to make the linter happy --- tests/integration/targets/inventory_gce/playbooks/setup.yml | 2 +- .../integration/targets/inventory_gce/playbooks/teardown.yml | 2 +- tests/integration/targets/inventory_gce/playbooks/test.yml | 4 ++-- tests/integration/targets/inventory_gce/runme.sh | 2 +- .../targets/inventory_gce/{playbooks => }/testcase_basic.yml | 0 .../inventory_gce/{playbooks => }/testcase_hostname.yml | 0 .../targets/inventory_gce/{playbooks => }/vars.yml | 0 7 files changed, 5 insertions(+), 5 deletions(-) rename tests/integration/targets/inventory_gce/{playbooks => }/testcase_basic.yml (100%) rename tests/integration/targets/inventory_gce/{playbooks => }/testcase_hostname.yml (100%) rename tests/integration/targets/inventory_gce/{playbooks => }/vars.yml (100%) diff --git a/tests/integration/targets/inventory_gce/playbooks/setup.yml b/tests/integration/targets/inventory_gce/playbooks/setup.yml index d26ce149..78fbf3cd 100644 --- a/tests/integration/targets/inventory_gce/playbooks/setup.yml +++ b/tests/integration/targets/inventory_gce/playbooks/setup.yml @@ -4,7 +4,7 @@ connection: local gather_facts: false vars_files: - - vars.yml + - ../vars.yml tasks: - name: SETUP | Create network google.cloud.gcp_compute_network: diff --git a/tests/integration/targets/inventory_gce/playbooks/teardown.yml b/tests/integration/targets/inventory_gce/playbooks/teardown.yml index b4e48041..44cf14c4 100644 --- a/tests/integration/targets/inventory_gce/playbooks/teardown.yml +++ b/tests/integration/targets/inventory_gce/playbooks/teardown.yml @@ -4,7 +4,7 @@ connection: local gather_facts: false vars_files: - - vars.yml + - ../vars.yml tasks: - name: TEARDOWN | Delete instance # noqa: ignore-errors google.cloud.gcp_compute_instance: diff --git a/tests/integration/targets/inventory_gce/playbooks/test.yml b/tests/integration/targets/inventory_gce/playbooks/test.yml index aaa539af..25feba39 100644 --- a/tests/integration/targets/inventory_gce/playbooks/test.yml +++ b/tests/integration/targets/inventory_gce/playbooks/test.yml @@ -4,7 +4,7 @@ connection: local gather_facts: false vars_files: - - vars.yml + - ../vars.yml tasks: - name: TEST | render inventory file ansible.builtin.copy: @@ -27,4 +27,4 @@ - name: TEST | run test case ansible.builtin.include_tasks: - file: "testcase_{{ testcase }}.yml" + file: "../testcase_{{ testcase }}.yml" diff --git a/tests/integration/targets/inventory_gce/runme.sh b/tests/integration/targets/inventory_gce/runme.sh index 4b56a3a1..175dab85 100755 --- a/tests/integration/targets/inventory_gce/runme.sh +++ b/tests/integration/targets/inventory_gce/runme.sh @@ -11,7 +11,7 @@ RC=0 # we want to run teardown regardless of playbook exit status, so catch the # exit code of ansible-playbook manually set +e -for ts in playbooks/testcase_*.yml; +for ts in testcase_*.yml; do testcase=$( basename "$ts" | sed -e 's/testcase_//' | sed -e 's/.yml//' ) ansible-playbook playbooks/test.yml "$@" --extra-vars "testcase=${testcase}" diff --git a/tests/integration/targets/inventory_gce/playbooks/testcase_basic.yml b/tests/integration/targets/inventory_gce/testcase_basic.yml similarity index 100% rename from tests/integration/targets/inventory_gce/playbooks/testcase_basic.yml rename to tests/integration/targets/inventory_gce/testcase_basic.yml diff --git a/tests/integration/targets/inventory_gce/playbooks/testcase_hostname.yml b/tests/integration/targets/inventory_gce/testcase_hostname.yml similarity index 100% rename from tests/integration/targets/inventory_gce/playbooks/testcase_hostname.yml rename to tests/integration/targets/inventory_gce/testcase_hostname.yml diff --git a/tests/integration/targets/inventory_gce/playbooks/vars.yml b/tests/integration/targets/inventory_gce/vars.yml similarity index 100% rename from tests/integration/targets/inventory_gce/playbooks/vars.yml rename to tests/integration/targets/inventory_gce/vars.yml