From 65df8834e8e73b6f5d0549cb923d5bf52938e912 Mon Sep 17 00:00:00 2001 From: Alex Stephen Date: Mon, 13 Aug 2018 09:00:11 -0700 Subject: [PATCH] Bug fixes for gcp_compute_forwarding_rule (#42808) --- .../google/gcp_compute_forwarding_rule.py | 91 ++++++++++++------ .../tasks/main.yml | 92 +++++++++---------- 2 files changed, 104 insertions(+), 79 deletions(-) diff --git a/lib/ansible/modules/cloud/google/gcp_compute_forwarding_rule.py b/lib/ansible/modules/cloud/google/gcp_compute_forwarding_rule.py index ac632007697..500482d5f3f 100644 --- a/lib/ansible/modules/cloud/google/gcp_compute_forwarding_rule.py +++ b/lib/ansible/modules/cloud/google/gcp_compute_forwarding_rule.py @@ -82,7 +82,9 @@ options: choices: ['TCP', 'UDP', 'ESP', 'AH', 'SCTP', 'ICMP'] backend_service: description: - - A reference to BackendService resource. + - A reference to a BackendService to receive the matched traffic. + - This is used for internal load balancing. + - "(not used for external load balancing) ." required: false ip_version: description: @@ -103,14 +105,17 @@ options: description: - Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must - be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? + be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. required: true network: description: - - A reference to Network resource. + - For internal load balancing, this field identifies the network that the load balanced + IP should belong to for this Forwarding Rule. If this field is not specified, the + default network will be used. + - This field is not used for external load balancing. required: false port_range: description: @@ -136,57 +141,65 @@ options: required: false subnetwork: description: - - A reference to Subnetwork resource. + - A reference to a subnetwork. + - For internal load balancing, this field identifies the subnetwork that the load + balanced IP should belong to for this Forwarding Rule. + - If the network specified is in auto subnet mode, this field is optional. However, + if the network is in custom subnet mode, a subnetwork must be specified. + - This field is not used for external load balancing. required: false target: description: - - A reference to TargetPool resource. + - A reference to a TargetPool resource to receive the matched traffic. + - For regional forwarding rules, this target must live in the same region as the forwarding + rule. For global forwarding rules, this target must be a global load balancing resource. + The forwarded traffic must be of a type appropriate to the target object. + - This field is not used for internal load balancing. required: false + version_added: 2.7 region: description: - - A reference to Region resource. + - A reference to the region where the regional forwarding rule resides. + - This field is not applicable to global forwarding rules. required: true extends_documentation_fragment: gcp +notes: + - "API Reference: U(https://cloud.google.com/compute/docs/reference/latest/forwardingRule)" + - "Official Documentation: U(https://cloud.google.com/compute/docs/load-balancing/network/forwarding-rules)" ''' EXAMPLES = ''' - name: create a address gcp_compute_address: - name: 'address-forwardingrule' - region: 'us-west1' + name: "address-forwardingrule" + region: us-west1 project: "{{ gcp_project }}" auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file }}" - scopes: - - https://www.googleapis.com/auth/compute state: present register: address - name: create a target pool gcp_compute_target_pool: - name: 'targetpool-forwardingrule' - region: 'us-west1' + name: "targetpool-forwardingrule" + region: us-west1 project: "{{ gcp_project }}" auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file }}" - scopes: - - https://www.googleapis.com/auth/compute state: present register: targetpool - name: create a forwarding rule gcp_compute_forwarding_rule: - name: testObject - region: 'us-west1' + name: "test_object" + region: us-west1 target: "{{ targetpool }}" - ip_protocol: 'TCP' - port_range: '80-80' + ip_protocol: TCP + port_range: 80-80 ip_address: "{{ address.address }}" - project: testProject - auth_kind: service_account - service_account_file: /tmp/auth.pem - scopes: - - https://www.googleapis.com/auth/compute + project: "test_project" + auth_kind: "service_account" + service_account_file: "/tmp/auth.pem" state: present ''' @@ -237,7 +250,9 @@ RETURN = ''' type: str backend_service: description: - - A reference to BackendService resource. + - A reference to a BackendService to receive the matched traffic. + - This is used for internal load balancing. + - "(not used for external load balancing) ." returned: success type: dict ip_version: @@ -259,7 +274,7 @@ RETURN = ''' description: - Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must - be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? + be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. @@ -267,7 +282,10 @@ RETURN = ''' type: str network: description: - - A reference to Network resource. + - For internal load balancing, this field identifies the network that the load balanced + IP should belong to for this Forwarding Rule. If this field is not specified, the + default network will be used. + - This field is not used for external load balancing. returned: success type: dict port_range: @@ -296,17 +314,27 @@ RETURN = ''' type: list subnetwork: description: - - A reference to Subnetwork resource. + - A reference to a subnetwork. + - For internal load balancing, this field identifies the subnetwork that the load + balanced IP should belong to for this Forwarding Rule. + - If the network specified is in auto subnet mode, this field is optional. However, + if the network is in custom subnet mode, a subnetwork must be specified. + - This field is not used for external load balancing. returned: success type: dict target: description: - - A reference to TargetPool resource. + - A reference to a TargetPool resource to receive the matched traffic. + - For regional forwarding rules, this target must live in the same region as the forwarding + rule. For global forwarding rules, this target must be a global load balancing resource. + The forwarded traffic must be of a type appropriate to the target object. + - This field is not used for internal load balancing. returned: success type: dict region: description: - - A reference to Region resource. + - A reference to the region where the regional forwarding rule resides. + - This field is not applicable to global forwarding rules. returned: success type: str ''' @@ -346,6 +374,9 @@ def main(): ) ) + if not module.params['scopes']: + module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] + state = module.params['state'] kind = 'compute#forwardingRule' @@ -499,7 +530,7 @@ def async_op_url(module, extra_data=None): def wait_for_operation(module, response): op_result = return_if_object(module, response, 'compute#operation') if op_result is None: - return None + return {} status = navigate_hash(op_result, ['status']) wait_done = wait_for_completion(status, op_result, module) return fetch_resource(module, navigate_hash(wait_done, ['targetLink']), 'compute#forwardingRule') diff --git a/test/integration/targets/gcp_compute_forwarding_rule/tasks/main.yml b/test/integration/targets/gcp_compute_forwarding_rule/tasks/main.yml index c81f6735c35..865cb377767 100644 --- a/test/integration/targets/gcp_compute_forwarding_rule/tasks/main.yml +++ b/test/integration/targets/gcp_compute_forwarding_rule/tasks/main.yml @@ -15,54 +15,46 @@ # Pre-test setup - name: create a address gcp_compute_address: - name: 'address-forwardingrule' - region: 'us-west1' + name: "address-forwardingrule" + region: us-west1 project: "{{ gcp_project }}" auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file }}" - scopes: - - https://www.googleapis.com/auth/compute state: present register: address - name: create a target pool gcp_compute_target_pool: - name: 'targetpool-forwardingrule' - region: 'us-west1' + name: "targetpool-forwardingrule" + region: us-west1 project: "{{ gcp_project }}" auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file }}" - scopes: - - https://www.googleapis.com/auth/compute state: present register: targetpool - name: delete a forwarding rule gcp_compute_forwarding_rule: name: "{{ resource_name }}" - region: 'us-west1' + region: us-west1 target: "{{ targetpool }}" - ip_protocol: 'TCP' - port_range: '80-80' + ip_protocol: TCP + port_range: 80-80 ip_address: "{{ address.address }}" project: "{{ gcp_project }}" auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file }}" - scopes: - - https://www.googleapis.com/auth/compute state: absent #---------------------------------------------------------- - name: create a forwarding rule gcp_compute_forwarding_rule: name: "{{ resource_name }}" - region: 'us-west1' + region: us-west1 target: "{{ targetpool }}" - ip_protocol: 'TCP' - port_range: '80-80' + ip_protocol: TCP + port_range: 80-80 ip_address: "{{ address.address }}" project: "{{ gcp_project }}" auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file }}" - scopes: - - https://www.googleapis.com/auth/compute state: present register: result - name: assert changed is true @@ -71,27 +63,32 @@ - result.changed == true - "result.kind == 'compute#forwardingRule'" - name: verify that forwarding_rule was created - shell: | - gcloud compute forwarding-rules describe --project="{{ gcp_project }}" --region=us-west1 "{{ resource_name }}" + gcp_compute_forwarding_rule_facts: + filters: + - name = {{ resource_name }} + region: us-west1 + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file }}" + scopes: + - https://www.googleapis.com/auth/compute register: results - name: verify that command succeeded assert: that: - - results.rc == 0 + - results['items'] | length == 1 # ---------------------------------------------------------------------------- - name: create a forwarding rule that already exists gcp_compute_forwarding_rule: name: "{{ resource_name }}" - region: 'us-west1' + region: us-west1 target: "{{ targetpool }}" - ip_protocol: 'TCP' - port_range: '80-80' + ip_protocol: TCP + port_range: 80-80 ip_address: "{{ address.address }}" project: "{{ gcp_project }}" auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file }}" - scopes: - - https://www.googleapis.com/auth/compute state: present register: result - name: assert changed is false @@ -103,16 +100,14 @@ - name: delete a forwarding rule gcp_compute_forwarding_rule: name: "{{ resource_name }}" - region: 'us-west1' + region: us-west1 target: "{{ targetpool }}" - ip_protocol: 'TCP' - port_range: '80-80' + ip_protocol: TCP + port_range: 80-80 ip_address: "{{ address.address }}" project: "{{ gcp_project }}" auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file }}" - scopes: - - https://www.googleapis.com/auth/compute state: absent register: result - name: assert changed is true @@ -121,29 +116,32 @@ - result.changed == true - result.has_key('kind') == False - name: verify that forwarding_rule was deleted - shell: | - gcloud compute forwarding-rules describe --project="{{ gcp_project }}" --region=us-west1 "{{ resource_name }}" + gcp_compute_forwarding_rule_facts: + filters: + - name = {{ resource_name }} + region: us-west1 + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file }}" + scopes: + - https://www.googleapis.com/auth/compute register: results - failed_when: results.rc == 0 - name: verify that command succeeded assert: that: - - results.rc == 1 - - "\"'projects/{{ gcp_project }}/regions/us-west1/forwardingRules/{{ resource_name }}' was not found\" in results.stderr" + - results['items'] | length == 0 # ---------------------------------------------------------------------------- - name: delete a forwarding rule that does not exist gcp_compute_forwarding_rule: name: "{{ resource_name }}" - region: 'us-west1' + region: us-west1 target: "{{ targetpool }}" - ip_protocol: 'TCP' - port_range: '80-80' + ip_protocol: TCP + port_range: 80-80 ip_address: "{{ address.address }}" project: "{{ gcp_project }}" auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file }}" - scopes: - - https://www.googleapis.com/auth/compute state: absent register: result - name: assert changed is false @@ -155,23 +153,19 @@ # Post-test teardown - name: delete a target pool gcp_compute_target_pool: - name: 'targetpool-forwardingrule' - region: 'us-west1' + name: "targetpool-forwardingrule" + region: us-west1 project: "{{ gcp_project }}" auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file }}" - scopes: - - https://www.googleapis.com/auth/compute state: absent register: targetpool - name: delete a address gcp_compute_address: - name: 'address-forwardingrule' - region: 'us-west1' + name: "address-forwardingrule" + region: us-west1 project: "{{ gcp_project }}" auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file }}" - scopes: - - https://www.googleapis.com/auth/compute state: absent register: address