google.cloud/plugins/modules/gcp_pubsub_topic.py

#!/usr/bin/python
# -*- coding: utf-8 -*-
#
# Copyright (C) 2017 Google
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
# ----------------------------------------------------------------------------
#
#     ***     AUTO GENERATED CODE    ***    AUTO GENERATED CODE     ***
#
# ----------------------------------------------------------------------------
#
#     This file is automatically generated by Magic Modules and manual
#     changes will be clobbered when the file is regenerated.
#
#     Please read more about how to change this file at
#     https://www.github.com/GoogleCloudPlatform/magic-modules
#
# ----------------------------------------------------------------------------

from __future__ import absolute_import, division, print_function

__metaclass__ = type

################################################################################
# Documentation
################################################################################

ANSIBLE_METADATA = {'metadata_version': '1.1', 'status': ["preview"], 'supported_by': 'community'}

DOCUMENTATION = '''
---
module: gcp_pubsub_topic
description:
- A named resource to which messages are sent by publishers.
short_description: Creates a GCP Topic
version_added: 2.6
author: Google Inc. (@googlecloudplatform)
requirements:
- python >= 2.6
- requests >= 2.18.4
- google-auth >= 1.3.0
options:
  state:
    description:
    - Whether the given object should exist in GCP
    choices:
    - present
    - absent
    default: present
    type: str
  name:
    description:
    - Name of the topic.
    required: true
    type: str
  kms_key_name:
    description:
    - The resource name of the Cloud KMS CryptoKey to be used to protect access to
      messsages published on this topic. Your project's PubSub service account (`service-{{PROJECT_NUMBER}}@gcp-sa-pubsub.iam.gserviceaccount.com`)
      must have `roles/cloudkms.cryptoKeyEncrypterDecrypter` to use this feature.
    - The expected format is `projects/*/locations/*/keyRings/*/cryptoKeys/*` .
    required: false
    type: str
    version_added: 2.9
  labels:
    description:
    - A set of key/value label pairs to assign to this Topic.
    required: false
    type: dict
    version_added: 2.8
  message_storage_policy:
    description:
    - Policy constraining the set of Google Cloud Platform regions where messages
      published to the topic may be stored. If not present, then no constraints are
      in effect.
    required: false
    type: dict
    version_added: 2.9
    suboptions:
      allowed_persistence_regions:
        description:
        - A list of IDs of GCP regions where messages that are published to the topic
          may be persisted in storage. Messages published by publishers running in
          non-allowed GCP regions (or running outside of GCP altogether) will be routed
          for storage in one of the allowed regions. An empty list means that no regions
          are allowed, and is not a valid configuration.
        required: true
        type: list
extends_documentation_fragment: gcp
notes:
- 'API Reference: U(https://cloud.google.com/pubsub/docs/reference/rest/v1/projects.topics)'
- 'Managing Topics: U(https://cloud.google.com/pubsub/docs/admin#managing_topics)'
'''

EXAMPLES = '''
- name: create a topic
  gcp_pubsub_topic:
    name: test-topic1
    project: test_project
    auth_kind: serviceaccount
    service_account_file: "/tmp/auth.pem"
    state: present
'''

RETURN = '''
name:
  description:
  - Name of the topic.
  returned: success
  type: str
kmsKeyName:
  description:
  - The resource name of the Cloud KMS CryptoKey to be used to protect access to messsages
    published on this topic. Your project's PubSub service account (`service-{{PROJECT_NUMBER}}@gcp-sa-pubsub.iam.gserviceaccount.com`)
    must have `roles/cloudkms.cryptoKeyEncrypterDecrypter` to use this feature.
  - The expected format is `projects/*/locations/*/keyRings/*/cryptoKeys/*` .
  returned: success
  type: str
labels:
  description:
  - A set of key/value label pairs to assign to this Topic.
  returned: success
  type: dict
messageStoragePolicy:
  description:
  - Policy constraining the set of Google Cloud Platform regions where messages published
    to the topic may be stored. If not present, then no constraints are in effect.
  returned: success
  type: complex
  contains:
    allowedPersistenceRegions:
      description:
      - A list of IDs of GCP regions where messages that are published to the topic
        may be persisted in storage. Messages published by publishers running in non-allowed
        GCP regions (or running outside of GCP altogether) will be routed for storage
        in one of the allowed regions. An empty list means that no regions are allowed,
        and is not a valid configuration.
      returned: success
      type: list
'''

################################################################################
# Imports
################################################################################

from ansible.module_utils.gcp_utils import navigate_hash, GcpSession, GcpModule, GcpRequest, remove_nones_from_dict, replace_resource_dict
import json
import re

################################################################################
# Main
################################################################################


def main():
    """Main function"""

    module = GcpModule(
        argument_spec=dict(
            state=dict(default='present', choices=['present', 'absent'], type='str'),
            name=dict(required=True, type='str'),
            kms_key_name=dict(type='str'),
            labels=dict(type='dict'),
            message_storage_policy=dict(type='dict', options=dict(allowed_persistence_regions=dict(required=True, type='list', elements='str'))),
        )
    )

    if not module.params['scopes']:
        module.params['scopes'] = ['https://www.googleapis.com/auth/pubsub']

    state = module.params['state']

    fetch = fetch_resource(module, self_link(module))
    changed = False

    if fetch:
        if state == 'present':
            if is_different(module, fetch):
                update(module, self_link(module), fetch)
                fetch = fetch_resource(module, self_link(module))
                changed = True
        else:
            delete(module, self_link(module))
            fetch = {}
            changed = True
    else:
        if state == 'present':
            fetch = create(module, self_link(module))
            changed = True
        else:
            fetch = {}

    fetch.update({'changed': changed})

    module.exit_json(**fetch)


def create(module, link):
    auth = GcpSession(module, 'pubsub')
    return return_if_object(module, auth.put(link, resource_to_request(module)))


def update(module, link, fetch):
    auth = GcpSession(module, 'pubsub')
    params = {'updateMask': updateMask(resource_to_request(module), response_to_hash(module, fetch))}
    request = resource_to_request(module)
    del request['name']
    return return_if_object(module, auth.patch(link, request, params=params))


def updateMask(request, response):
    update_mask = []
    if request.get('labels') != response.get('labels'):
        update_mask.append('labels')
    if request.get('messageStoragePolicy') != response.get('messageStoragePolicy'):
        update_mask.append('messageStoragePolicy')
    return ','.join(update_mask)


def delete(module, link):
    auth = GcpSession(module, 'pubsub')
    return return_if_object(module, auth.delete(link))


def resource_to_request(module):
    request = {
        u'name': name_pattern(module.params.get('name'), module),
        u'kmsKeyName': module.params.get('kms_key_name'),
        u'labels': module.params.get('labels'),
        u'messageStoragePolicy': TopicMessagestoragepolicy(module.params.get('message_storage_policy', {}), module).to_request(),
    }
    return_vals = {}
    for k, v in request.items():
        if v or v is False:
            return_vals[k] = v

    return return_vals


def fetch_resource(module, link, allow_not_found=True):
    auth = GcpSession(module, 'pubsub')
    return return_if_object(module, auth.get(link), allow_not_found)


def self_link(module):
    return "https://pubsub.googleapis.com/v1/projects/{project}/topics/{name}".format(**module.params)


def collection(module):
    return "https://pubsub.googleapis.com/v1/projects/{project}/topics".format(**module.params)


def return_if_object(module, response, allow_not_found=False):
    # If not found, return nothing.
    if allow_not_found and response.status_code == 404:
        return None

    # If no content, return nothing.
    if response.status_code == 204:
        return None

    try:
        module.raise_for_status(response)
        result = response.json()
    except getattr(json.decoder, 'JSONDecodeError', ValueError):
        module.fail_json(msg="Invalid JSON response with error: %s" % response.text)

    if navigate_hash(result, ['error', 'errors']):
        module.fail_json(msg=navigate_hash(result, ['error', 'errors']))

    return result


def is_different(module, response):
    request = resource_to_request(module)
    response = response_to_hash(module, response)

    # Remove all output-only from response.
    response_vals = {}
    for k, v in response.items():
        if k in request:
            response_vals[k] = v

    request_vals = {}
    for k, v in request.items():
        if k in response:
            request_vals[k] = v

    return GcpRequest(request_vals) != GcpRequest(response_vals)


# Remove unnecessary properties from the response.
# This is for doing comparisons with Ansible's current parameters.
def response_to_hash(module, response):
    return {
        u'name': name_pattern(module.params.get('name'), module),
        u'kmsKeyName': module.params.get('kms_key_name'),
        u'labels': response.get(u'labels'),
        u'messageStoragePolicy': TopicMessagestoragepolicy(response.get(u'messageStoragePolicy', {}), module).from_response(),
    }


def name_pattern(name, module):
    if name is None:
        return

    regex = r"projects/.*/topics/.*"

    if not re.match(regex, name):
        name = "projects/{project}/topics/{name}".format(**module.params)

    return name


class TopicMessagestoragepolicy(object):
    def __init__(self, request, module):
        self.module = module
        if request:
            self.request = request
        else:
            self.request = {}

    def to_request(self):
        return remove_nones_from_dict({u'allowedPersistenceRegions': self.request.get('allowed_persistence_regions')})

    def from_response(self):
        return remove_nones_from_dict({u'allowedPersistenceRegions': self.request.get(u'allowedPersistenceRegions')})


if __name__ == '__main__':
    main()