internet/ansible-collections-openstack
3
0
Fork 0
mirror of https://opendev.org/openstack/ansible-collections-openstack.git synced 2026-05-13 21:12:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

Makes security_group_info compatible with new openstacksdk

Browse Source 
Updated documentation of return values and added test to verify
return values

Function self.conn.search_security_groups() cannot be used here.
Arguments for filtering such as 'description' would have to be passed
to self.conn.search_security_groups() in its 'filters' argument [1].
The latter is passed to both as query arguments to OpenStack API
and later to _utils._filter_list() [2] for filtering the results.
Some arguments such as 'any_tags' are only used as query arguments
by openstacksdk [3] when querying OpenStack API. They are no valid
attributes in security_group.py [4]. Whenever those non-attribute
arguments are passed to self.conn.search_security_groups(),
_utils._filter_list() [2] would drop all results because no result
would have a matching attributes.

[1] 0898398415/openstack/cloud/_security_group.py (L31)
[2] 0898398415/openstack/cloud/_utils.py (L63)
[3] 0898398415/openstack/common/tag.py (L19)
[4] 0898398415/openstack/network/v2/security_group.py

Change-Id: Ie7fe9d2e973d38751c48e71e6bd55e56a591ac1f
This commit is contained in:
anbanerj
2022-05-05 14:49:54 +02:00
committed by Jakob Meng
parent 0e675a9129
commit d600284645
3 changed files with 84 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
ci/roles/security_group/defaults/main.yml
View File

@@ -1 +1,13 @@
expected_fields:
- created_at
- description
- name
- project_id
- security_group_rules
- stateful
- tenant_id
- updated_at
- revision_number
- id
- tags
secgroup_name: shade_secgroup secgroup_name: shade_secgroup

43
ci/roles/security_group/tasks/main.yml
View File

@@ -4,7 +4,6 @@
cloud: "{{ cloud }}" cloud: "{{ cloud }}"
name: "{{ secgroup_name }}" name: "{{ secgroup_name }}"
state: absent state: absent
description: Created from Ansible playbook
- name: Create security group - name: Create security group
openstack.cloud.security_group: openstack.cloud.security_group:
@@ -12,30 +11,62 @@
name: "{{ secgroup_name }}" name: "{{ secgroup_name }}"
state: present state: present
description: Created from Ansible playbook description: Created from Ansible playbook
register: security_group
- name: List all security groups of a project - name: List all security groups of a project
openstack.cloud.security_group_info: openstack.cloud.security_group_info:
cloud: "{{ cloud }}" cloud: "{{ cloud }}"
register: test_sec_groups register: test_sec_groups
- name: Check - List all security groups of a project - name: Check list all security groups of a project
assert: assert:
that: that:
- test_sec_groups.security_groups | length > 0 - test_sec_groups.security_groups | length > 0
- name: Assert fields returned by security_group_info
assert:
that:
- item in test_sec_groups.security_groups[0]
loop: "{{ expected_fields }}"
- name: Filter security group by name - name: Filter security group by name
openstack.cloud.security_group_info: openstack.cloud.security_group_info:
cloud: "{{ cloud }}" cloud: "{{ cloud }}"
name: "{{ secgroup_name }}" name: "{{ secgroup_name }}"
register: test_sec_group register: test_sec_group
- name: Check - List all security groups of a project - name: Check filter security group by name
assert: assert:
that: that:
- test_sec_group.security_groups | length == 1 - test_sec_group.security_groups | length == 1
- test_sec_group.security_groups[0]['name'] == secgroup_name - test_sec_group.security_groups[0]['id'] == security_group.id
# This fails on Stein only
when: sdk_version is version("0.36.5", '>=') - name: Filter security group by description
openstack.cloud.security_group_info:
cloud: "{{ cloud }}"
description: Created from Ansible playbook
register: test_sec_group
- name: Check filter security group by description
assert:
that:
- test_sec_group.security_groups | length == 1
- test_sec_group.security_groups[0]['id'] == security_group.id
- name: Filter security group by not_tags
openstack.cloud.security_group_info:
cloud: "{{ cloud }}"
name: "{{ secgroup_name }}"
not_tags:
- ansibletag1
- ansibletag2
register: test_sec_group
- name: Check filter security group by not_tags
assert:
that:
- test_sec_group.security_groups | length == 1
- test_sec_group.security_groups[0]['id'] == security_group.id
- name: Delete security group - name: Delete security group
openstack.cloud.security_group: openstack.cloud.security_group:

64
plugins/modules/security_group_info.py
View File

@@ -61,7 +61,8 @@ requirements: ["openstacksdk"]
RETURN = ''' RETURN = '''
security_groups: security_groups:
description: List of dictionaries describing security groups. description: List of dictionaries describing security groups.
type: complex type: list
elements: dict
returned: On Success. returned: On Success.
contains: contains:
created_at: created_at:
@@ -84,6 +85,13 @@ security_groups:
description: Project ID where the security group is located in. description: Project ID where the security group is located in.
type: str type: str
sample: "25d24fc8-d019-4a34-9fff-0a09fde6a567" sample: "25d24fc8-d019-4a34-9fff-0a09fde6a567"
revision_number:
description: The revision number of the resource.
type: int
tenant_id:
description: Tenant ID where the security group is located in. Deprecated
type: str
sample: "25d24fc8-d019-4a34-9fff-0a09fde6a567"
security_group_rules: security_group_rules:
description: Specifies the security group rule list description: Specifies the security group rule list
type: list type: list
@@ -115,6 +123,12 @@ security_groups:
"security_group_id": "0431c9c5-1660-42e0-8a00-134bec7f03e2" "security_group_id": "0431c9c5-1660-42e0-8a00-134bec7f03e2"
} }
] ]
stateful:
description: Indicates if the security group is stateful or stateless.
type: bool
tags:
description: The list of tags on the resource.
type: list
updated_at: updated_at:
description: Update time of the security group description: Update time of the security group
type: str type: str
@@ -153,38 +167,30 @@ class SecurityGroupInfoModule(OpenStackModule):
) )
def run(self): def run(self):
description = self.params['description']
name = self.params['name'] name = self.params['name']
project_id = self.params['project_id'] args = {
revision_number = self.params['revision_number'] k: self.params[k]
tags = self.params['tags'] for k in ['description', 'project_id', 'revision_number']
any_tags = self.params['any_tags'] if self.params[k]
not_tags = self.params['not_tags'] }
not_any_tags = self.params['not_any_tags'] args.update({
k: ','.join(self.params[k])
for k in ['tags', 'any_tags', 'not_tags', 'not_any_tags']
if self.params[k]
})
attrs = {} # self.conn.search_security_groups() cannot be used here,
# refer to git blame for rationale.
security_groups = self.conn.network.security_groups(**args)
if description:
attrs['description'] = description
if project_id:
attrs['project_id'] = project_id
if revision_number:
attrs['revision_number'] = revision_number
if tags:
attrs['tags'] = ','.join(tags)
if any_tags:
attrs['any_tags'] = ','.join(any_tags)
if not_tags:
attrs['not_tags'] = ','.join(not_tags)
if not_any_tags:
attrs['not_any_tags'] = ','.join(not_any_tags)
attrs = self.check_versioned(**attrs)
result = self.conn.network.security_groups(**attrs)
result = [item if isinstance(item, dict) else item.to_dict() for item in result]
if name: if name:
result = [item for item in result if name in (item['id'], item['name'])] # TODO: Upgrade name_or_id code to match openstacksdk [1]?
self.results.update({'security_groups': result}) # [1] https://opendev.org/openstack/openstacksdk/src/commit/0898398415ae7b0e2447d61226acf50f01567cdd/openstack/cloud/_utils.py#L89
security_groups = [item for item in security_groups
if name in (item['id'], item['name'])]
security_groups = [item.to_dict() for item in security_groups]
self.exit(changed=False, security_groups=security_groups)
def main(): def main():