The description option of security group rules will now be used properly
when creating new rules.
Security group rules have to be deleted first before new ones get
created, because if one changes one rule attribute such as its
description, then the old rule must be deleted before recreating it,
as rules cannot be updated.
Story: 2010605
Task: 47486
Change-Id: I75b900e6675f7ec33532089738a6c2bfc10a898b
With "extends_documentation_fragment: ['openstack.cloud.openstack']"
it is not necessary to list required Python libraries in section
'requirements' of DOCUMENTATION docstring in modules. Ansible will
merge requirements from doc fragments and DOCUMENTATION docstring
which previously resulted in duplicates such as in server module [0]:
* openstacksdk
* openstacksdk >= 0.36, < 0.99.0
* python >= 3.6
When removing the 'requirements' section from server module, then
Ansible will list openstacksdk once only:
* openstacksdk >= 0.36, < 0.99.0
* python >= 3.6
To see what documentation Ansible will produce for server module run:
ansible-doc --type module openstack.cloud.server
[0] https://docs.ansible.com/ansible/latest/collections/openstack/\
cloud/server_module.html
Change-Id: I727ed95ee480bb644b5a533f6a9526973677064c
With Ansible OpenStack collection 2.0.0 we break backward
compatibility to older releases, mainly due to breaking changes
coming with openstacksdk >=0.99.0. For example, results will change
for most Ansible modules in this collection.
We take this opportunity to drop the symbolic links with prefix
os_ in plugins/modules and the plugin routing in meta/runtime.yml.
This means users have to call modules of the Ansible OpenStack
collection using their FQCN (Fully Qualified Collection Name) such
as openstack.cloud.server. Short module names such as os_server
will now raise an Ansible error. This also decreases the likelihood
of incompatible Ansible code going undetected.
Symbolic links were introduced to keep our collection backward
compatible to user code which was written for old(er) Ansible releases
which did not have support for collections and where OpenStack modules
where named with a prefix os_ such as os_server which is nowadays
known and stored as openstack.cloud.server.
In Ansible aka ansible-base 2.10, a internal routing table
lib/ansible/config/ansible_builtin_runtime.yml [1] was introduced which
Ansible uses to resolve deprecated module names missing the FQCN (Fully
Qualified Collection Name). Additionally, collections can define their
own plugin routing table in meta/runtime.yml [2] which we did.
In ansible-base 2.10 and ansible-core 2.11 or later, if a user uses a
short module name and the collections keyword is not used, Ansible
will first look in the internal routing table, get an FQCN, and then
looks in the collection for that FQCN. If there is another routing
entry for that new name in that collection's meta/runtime.yml,
Ansible will continue with that redirect. If it does not find another
redirect, Ansible will look for the plugin itself, so it will not
find a redirect in the collection before looking at its internal
redirects. Except if the user uses a FQCN, then it looks directly in
that collection.
Ansible 2.9 and 2.8 do not have any notion of these redirects with a
plugin routing table, backward compatibility with deprecated os_*
module names is solely achieved with symbolic links. Ansible releases
older than 2.11 are EOL [3], so usage of os_* symlinks should reduce
soon.
[1] https://github.com/ansible/ansible/blob/devel/lib/ansible/config/ansible_builtin_runtime.yml
[2] https://github.com/openstack/ansible-collections-openstack/blob/master/meta/runtime.yml
[3] https://docs.ansible.com/ansible/devel/reference_appendices/release_and_maintenance.html
Change-Id: I28cc05c95419b72552899c926721eb87fb6f0868
- Update docs
- Change calls from cloud to proxy layer
- Make sure return value is a dict
- Improve test coverage
Change-Id: I857d7ba7b7ca1b23100ee7e85e90e98430d68462
Adds ipv6-icmp protocol to _ports_match check to be able to make that
rules for IPv6.
Story: 2008687
Task: 41989
Change-Id: Ib6313788132bb601d7d53ac709b7c822ee533a8b
Security group rule can support a lot of protocols now and their
integer representations in 0-255 range. Let's not limit for this
option anymore.
Change-Id: I0432e5d5d6d5f5ce935cf59a00f35153649c22dd
Refactoring of security_group_rule to depend on the OpenStackModule
class.
See: I487e79fe18c0b9a75df7dacd224ab40ed7f4e1ab
Change-Id: Ide09bdd6a57324a0e1d2ec29c4c49db8dc1c3843
We don't use github, so having @ mentions of specific humans is
not valuable. Also, we are a team and own the modules as a team,
so calling out individual authors is philosophically contrary.
We landed a patch upstream to special-case this author string.
Change-Id: I38b4e68f14bbba6e13e8a50e2b202874ab74e3bc
This is separate from the previous patch - it's just the results
of running the script so we can review the two a little independently.
We should probably squash them.
Change-Id: I838f15cf4a32455a5be20033c8ddc27db6ca15c0
