Changes to the port_security_enabled parameter are not applied due to
mismatching key names.
In the port module, the input parameter is called `port_security_enabled`,
while the OpenStackSDK is using a field called `is_port_security_enabled`.
When updating an existing port, the port module is comparing the dictionary
keys of the Ansible module parameters with those of the port object
returned by the OpenStackSDK.
Since these keys different, they will not match and changes to
port security are not applied.
Story: 2010687
Task: 47789
Change-Id: I838e9d6ebf1a281269add91724eac240abe35fd4
Current logic assumes that external_fixed_ips should be always defined,
otherwise `req_fip_map` is an empty sequence, which makes _needs_update
to return True.
With that not having external_fixed_ips is a vaild case whenever
deployment does not have shared public network. This usually
the case when public network is not passed to computes and public
network is used only for routers and floating IPs.
Patch changes logic by addind a `is not None` support to only compare
external_fip configration when user explicitly passed something (passing
an empty dict is equal to requesting "empty" configuration).
Co-Authored-by: Artem Goncharov
Change-Id: Id0f69fe4c985c4c38b493577250cad4e589b9d24
At the moment `subnet` is an alias of `subnet_id`. The way, how aliases
work in ansible modules, is that ansible does add intended key to param
in case alias is used. When riginal key is used, aliases are not
populated.
Right now in case user define `subnet_id` instead of its alias `subnet`
module will fail with KeyError.
Change-Id: I5ce547352097ea821be4c9bbc18147575986c740
New module to manipulate volume type encryption. Including simple CI
task to verify functionality.
Change-Id: I7380a5d258c3df1f9bd512aa4295868294391e31
Added 2 new modules to manipulate volume types in OpenStack
* volume_type is used to create, delete and modify volume type
* volume_type_info is used to show volume_type details, including
encryption information
ci tests extended with additional role to test basic module behaviour
It is currently impossible to update is_public volume type attribute
as it is being changed to "os-volume-type-access:is_public" which is not
expected by api. Which expects just "is_public"
https://docs.openstack.org/api-ref/block-storage/v3/?expanded=update-a-volume-type-detail#update-a-volume-type
Which results in "'os-volume-type-access:is_public' was unexpected"
reply. I guess the change is required by openstacksdk or on the API side
Change-Id: Idc26a5240b5f3314c8384c7326d8a82dcc8c6171
At the moment we generate a set as a filter for image checksums which
lead to AttributeError in SDK:
'set' object has no attribute 'keys'
With that we ensure that supllying checksum does not cause
module crash.
Change-Id: I490f51950592f62c9ad81806593340779bf6dbdb
Before this fix the current implementation in combination with the most
recent openstacksdk (1.2.0) resulted in a list containing the default
values and another list inside this list containing the value of
clouds_yaml_path. The clouds_yaml_path value gets now added directly to
the list only if it was set.
Change-Id: I3c3b6f59393928d098e9b80c55b87fc6ee1e9912
Security group rules in module openstack.cloud.security_group
are changed/updated only when option 'security_group_rules' was
defined explicitly. This follows our policy of "apply no change"
when module options in our Ansible modules have not been set.
Story: 2010691
Task: 47795
Change-Id: I4a0cda46cb160b5321913b63ff1123d8b8a19705
In order to execute addTenantAccess or removeTenantAccess
a flavor should have have is_public set to false, which means it must
be private.
Change-Id: Iea1c4e7167b7134a4f70a4fb44fc0a8676265419
The description option of security group rules will now be used properly
when creating new rules.
Security group rules have to be deleted first before new ones get
created, because if one changes one rule attribute such as its
description, then the old rule must be deleted before recreating it,
as rules cannot be updated.
Story: 2010605
Task: 47486
Change-Id: I75b900e6675f7ec33532089738a6c2bfc10a898b
Story: #2010527
Task: #47136
Sort records in recordset so it can be compared to existing ones
and not to trigger update in case of a different order.
Change-Id: Ib5d2af56616532174c29ec2be86827ccd0a17940
With "extends_documentation_fragment: ['openstack.cloud.openstack']"
it is not necessary to list required Python libraries in section
'requirements' of DOCUMENTATION docstring in modules. Ansible will
merge requirements from doc fragments and DOCUMENTATION docstring
which previously resulted in duplicates such as in server module [0]:
* openstacksdk
* openstacksdk >= 0.36, < 0.99.0
* python >= 3.6
When removing the 'requirements' section from server module, then
Ansible will list openstacksdk once only:
* openstacksdk >= 0.36, < 0.99.0
* python >= 3.6
To see what documentation Ansible will produce for server module run:
ansible-doc --type module openstack.cloud.server
[0] https://docs.ansible.com/ansible/latest/collections/openstack/\
cloud/server_module.html
Change-Id: I727ed95ee480bb644b5a533f6a9526973677064c
Code of the image module has been refactored partially only.
It will have to be completed in a follow up patch.
Change-Id: Id2360163117db9639a0af502ab44e02cae5cebaa
Module option 'listeners' has been removed because it shares
functionality and a huge amount of code with
lb_{listener,member,pool} modules.
Co-Authored-By: Rafael Castillo <rcastill@redhat.com>
Change-Id: I839365bd3485859a2351b0124eae9d09a9d0b31a
Reboot actions (both SOFT and HARD) were missing in ansible actions.
Reboot is different than stop and start, because reboot (HARD) is asking
openstack nova to recreate the libvirt XML, which is sometimes needed.
Signed-off-by: Arnaud Morin <arnaud.morin@ovhcloud.com>
Change-Id: I43a42010e7474f47020c8df2839f8584157c97a4
This will, like all other options changes, recreate the flavor. This
matches the workflow allowed by the openstacksdk (if description is
not set, it defaults to None).
Change-Id: I3d46a3f527f0632f42f6796c0a2701addebde640
