- Changed get_security_group_rule to find_security_group_rule as
get_security_group_rule throws an exception if the rule is not
found
- Updated docs
- Updated tests
- Renamed ethertype to ether_type to match openstacksdk's attribute
names and added the former as an alias to keep backward compat
- Renamed rule to id to match openstacksdk's attribute names and
added the former as an alias to keep backward compat
Change-Id: Ieb99f875c990e11623c81e482013d0ecb8e61055
Neutron will allow you to update certain properties of the network after
creation. This change modifies the ansible code to perform an update
call if it detects that any updatable properties have been changed. If
you attempt to change a property that cannot be updated, the module will
fail. This gives you confidence that the ansible configuration matches
the state of the network in OpenStack. If we did not fail in this way,
you might think you have updated the network, but in reality those
changes would be silently ignored. Prior to this change, the only way to
update properties of a network was to delete it and then recreate.
Story: 2010024
Task: 45262
Change-Id: I4af2b50f207f349b58c63e0a4e92816ada0847fd
Previously, openstack.cloud.keypair would remove trailing spaces after
reading a public key from a file. The openstack cli tool, python-\
openstackclient, does not do so, i.e. it does not use rstrip to remove
spaces at the end [1]. This breaks idempotency when using openstack
cli tool and our keypair module at the same time.
The rstrip code was introduced to keypair when our modules were still
part of ansible (non-core) in a completely unrelated change [2].
Now, keypair module does no longer alter the public key and instead
uploads it unchanged to OpenStack API.
[1] 7df94c9f82/openstackclient/compute/v2/keypair.py (L103)
[2] 341efbf7ae
Story: 2008574
Task: 41726
Change-Id: Ia09658467d98516ca1ea612e7301629b2f69d2d1
Across our modules we use the None values to mark default values for
module attributes. This is in line with openstacksdk's behaviour.
Change-Id: I5920aeeb8eef2ee1c2066a71a273ba52f02305c3
Switch sdk calls to use the proxy layer where sensible.
Ensure that returned resource objects are converted to dicts.
Removes undocumented id return value.
Rename flavorid to id. Keep flavorid as an alias for backward
compatibility.
Rename the test role from nova_flavor to compute_flavor to keep naming
consistent.
Fold tests from compute_flavor_info into the compute_flavor role.
Add additional tests to improve coverage.
Update return docs
Change-Id: I5419d1c02b9b50625beb3bff88c8e4a4f1c14667
routers_info's interfaces_info attribute is not provided by
openstacksdk, it is added to each router resource by the routers_info
module after retrieving the routers list. To get the required data
list_router_interfaces() [1] is being called for each router resource
which then retrieves all ports for each router. This requires extra
api calls which might be useless because we do not know whether the
user actually cares about the ports. For getting ports of a router
we have the openstack.cloud.ports module. So instead of proactively
retrieving the router ports we drop the interfaces_info attribute.
The interfaces_info attribute was introduced because retrieving
interfaces via openstacksdk and openstack.cloud modules was
complex in the past [2]. Nowadays, using openstack.cloud.ports
Ansible and Jinja2 filters retrieving ip addresses of a router
is straight forward. In case someone still needs the old
interfaces_info attribute, one can refer to the module example
to see how it could be reproduced. But in general, retrieving the
router interfaces is much easier as can be seen in the updated
integration tests.
[1] 3f81d0001d/openstack/cloud/_network.py (L1926)
[2] https://review.opendev.org/c/openstack/ansible-collections-openstack/+/703927/6/plugins/modules/os_routers_info.py
Change-Id: I7fbdf11d07c95421d3aee800bfeebb88ea829817
Replace calls to the sdk cloud layer with proxy layer calls where
appropriate.
Ensure module return values are converted into dict.
General refactoring to bring module more in line with collection
conventions.
Expand tests to assert idempotency and presence of return values.
Rename test role to identity_group to match module name.
Change-Id: I06fe28f77431bb151d85c8d9cd924a1634d85d98
Define port's module attribute 'name' as a required attribute because
this parameter is used to find, update and delete ports. Technically,
a name is not required to create a port, but idempotency cannot be
implemented without an identifier to refer to a port. In this
collection we use resource names to find and identify resources. We
do not offer a dedicated id attribute in most modules.
Use port's module attribute 'network' when finding, creating,
updating or deleting ports if the user provided this attribute.
This allows to reduce ambiguity when equal names are used across
different networks.
Added 'description' parameter to port module.
Renamed port's module attributes 'vnic_type' to 'binding_vnic_type'
and 'admin_state_up' to 'is_admin_state_up' to match openstacksdk's
attribute names which are used e.g. in module results. Added aliases
for the old attribute names to keep backward compatibility.
Renamed port_info's module attribute 'port' to 'name' and added
the former as an alias to be consistent with other *_info modules.
Dropped default=None and required=False from argument_spec of port
module because those are the default in Ansible [1][2].
Dropped 'id' field from port module's results to be consistent across
other modules. Use 'port.id' instead.
Sorted argument specs and documentation of the port module and
marked attributes which are not updatable.
Updated RETURN fields documentation for the module results of both
port and port_info modules.
Added integration tests to check the update mechanism of the port
module.
Added assertions for module results to catch future changes in the
openstacksdk and our Ansible modules.
Dropped openstacksdk version check since we require a recent release
anyway.
Fixed indentation in integration tests.
Merged integration tests of port_info module into port module,
because the former does not create any ports and assumes that
ports have been created earlier.
[1] https://docs.ansible.com/ansible/latest/dev_guide/developing_modules_documenting.html
[2] 61af59c808/lib/ansible/module_utils/common/parameters.py (L489)
Signed-off-by: Jakob Meng <code@jakobmeng.de>
Change-Id: Iacca78649f8e01ae95649d8d462f5d0a1740405e
This patch update federation_idp_info to use proxy layer as well as add
the ansible role to test the module
Change-Id: I6b4544cca317f2d5fab4a9612b820872b87585f4
Expanded and fixed module results docs.
Moved ext_ips_spec into the module class because global scope is not
necessary. Renamed it to external_fixed_ips_spec to explain its
purpose.
Sorted argument_spec and attribute docs by attribute name and fixed
indentations. Marked router attributes which cannot be updated.
Mark network attribute as required by enable_snat and
external_fixed_ips attributes. Fixed docstring of network attribute:
Module attribute interfaces does not require the network attribute,
its external_fixed_ips what requires network to be set.
Changed examples from deprecated ip to current ip_address attribute.
Dropped self.fail() calls and let openstacksdk handle missing networks,
subnets.. instead because less code means less code to maintain.
Limited line length to 80 chars to be consistent with other OpenStack
projects. Personally, I prefer a 120 chars limit but consistency is more
important.
Added explanation in code comment why we cannot update a router's name.
Moved upfront cleanup operations in router's integration tests to the
beginning of the role.
Assigned meaningful names to result variables
in router's ci role to easily identify which modules produced the
data.
Added tests for router ids, admin state and interfaces.
Change-Id: Icae77a43479fb4f0bae065d1c5d7942cb0f5fd6b
Refactors the module to be based off OpenstackModule.
Changes sdk calls to use the proxy layer where appropriate. The
inspection itself stays at the cloud layer to support waiting.
Make sure we convert returned resource objects to dict
Adds a barebones role to test the module. This won't run in CI, since
we don't have the ironic plugin configured in devstack.
Changes the return value of the module to be the entire node, instead of
just the properties that resulted from inspection. Return docs were
updated to reflect this.
Update module params to use `name` as the identifier for the node,
aliasing it to the previous supported values of `id` and `uuid`.
Use module kwargs to specify mutually exclusive params.
Stop catching exceptions and instead let them bubble up so ansible
handles them.
Change-Id: I2b07b58c8b068d7f18db9862fcecb4088328ac74
Allow to update server attributes such as its description.
Changed default value of server attribute 'security_groups' from
['default'] to [] because the latter is the default in
python-openstackclient [1] and the former behavior causes issues
with existing servers [2]: Previously, when no 'security_groups'
parameter was given, the server module would change existing
servers to use the default security group, dropping all other
security groups assigned to the server.
Our (undocumented) guideline when writing modules is to only
add or change what has been requested by the user and to stick to
defaults from openstacksdk and python-openstackclient whenever
possible. Since we have to break backward compatibility with the
next release anyway, we take this opportunity to clean up this odd
behavior. Now, when no security groups are given, then security
groups of an existing server will not be touched.
Closes story #2007893 [2].
Note, Nova will create a server in the default security group,
if the security_groups parameter is omitted.
Dropped 'openstack' field from server module's results. This
variable expanded to additional server information which might
be useful for Ansible inventories and was filled from
openstacksdk's get_openstack_vars() function [3]. Variables in
this function can make additional cloud queries to retrieve
additional data, so calling this function can be expensive [4].
Users can use *_info modules to retrieve this data on-demand.
Dropped 'availabity_zone' attribute from generic OpenStackModule
arguments and inserted it into server and volume modules because
it is relevant to those two modules only. This is completes what
was started years ago [5] and is possible now since we have
breaking changes anyway.
Switched attribute name 'userdata' with its alias 'user_data' to
match openstacksdk's attribute names which are used e.g. in module
results. The previous attribute name 'userdata' is now used as an
alias and 'user_data' is used as the attribute name to keep backward
compatibility.
Wait for server to get into 'ACTIVE' state when creating a server
and attribute 'wait' has been set to true.
Sorted argument specs and documentation of the server module and
marked attributes which are not updatable. Changed unstable bash
script example in server module documentation.
Renamed server's module attribute 'delete_fip' to 'delete_ips' to
match openstacksdk and clarify that it includes all floating ip
addresses of the server.
Renamed server_info's module attribute 'server' to 'name' and added
the former as an alias to be consistent with other *_info modules.
Added RETURN fields documentation for the module results of both
server and server_info modules.
Added description and examples of how to use the 'filters' attribute
of the server_info module. Closes story #2007873 [6].
Removed 'openstack_' prefix from module results because the prefix is
not consistently used across modules, is more to type without any
benefit and removal of the prefix allows us to signal to users that
their code for handling module results has to be updated. Many modules
have different return values with openstacksdk >= 0.99.0 because it
consistently uses resource proxies now.
Added assertions for module results to catch future changes in the
openstacksdk and our Ansible modules.
Added integration tests to check the update mechanism of the server
module.
Fixed indentation in integration tests.
Ensure proper creation and deletion of resources such as networks,
subnets and servers in integration tests of server_action module.
Renamed ci/roles/server/defaults/main.yaml to main.yml, removing the
'a' in the file extension to be consistent with other filenames.
Dropped deprecated function openstack_find_nova_addresses() and
incorporated its code directly into the server module because it
is not used anywhere else.
[1] e49ad1795b/openstackclient/compute/v2/server.py (L1070)
[2] https://storyboard.openstack.org/#!/story/2007893
[3] 9e9fc98795/openstack/cloud/_compute.py (L1772)
[4] 9e9fc98795/openstack/cloud/meta.py (L482)
[5] 9bf33e56dd
[6] https://storyboard.openstack.org/#!/story/2007873
Signed-off-by: Jakob Meng <code@jakobmeng.de>
Change-Id: I2f955519a7e8c782b1dab8f94f7a019ed384b81d
- Change sdk calls to use proxies
- Convert return values to
- Update module docs
- Change argspec to more closely match the new sdk (and therefore the
API) without breaking backward compatibility
Change-Id: I0f9bc573fd0c69cab65bd808145d628732bb0830
With Ansible OpenStack collection 2.0.0 we break backward
compatibility to older releases, mainly due to breaking changes
coming with openstacksdk >=0.99.0. For example, results will change
for most Ansible modules in this collection.
We take this opportunity to drop the symbolic links with prefix
os_ in plugins/modules and the plugin routing in meta/runtime.yml.
This means users have to call modules of the Ansible OpenStack
collection using their FQCN (Fully Qualified Collection Name) such
as openstack.cloud.server. Short module names such as os_server
will now raise an Ansible error. This also decreases the likelihood
of incompatible Ansible code going undetected.
Symbolic links were introduced to keep our collection backward
compatible to user code which was written for old(er) Ansible releases
which did not have support for collections and where OpenStack modules
where named with a prefix os_ such as os_server which is nowadays
known and stored as openstack.cloud.server.
In Ansible aka ansible-base 2.10, a internal routing table
lib/ansible/config/ansible_builtin_runtime.yml [1] was introduced which
Ansible uses to resolve deprecated module names missing the FQCN (Fully
Qualified Collection Name). Additionally, collections can define their
own plugin routing table in meta/runtime.yml [2] which we did.
In ansible-base 2.10 and ansible-core 2.11 or later, if a user uses a
short module name and the collections keyword is not used, Ansible
will first look in the internal routing table, get an FQCN, and then
looks in the collection for that FQCN. If there is another routing
entry for that new name in that collection's meta/runtime.yml,
Ansible will continue with that redirect. If it does not find another
redirect, Ansible will look for the plugin itself, so it will not
find a redirect in the collection before looking at its internal
redirects. Except if the user uses a FQCN, then it looks directly in
that collection.
Ansible 2.9 and 2.8 do not have any notion of these redirects with a
plugin routing table, backward compatibility with deprecated os_*
module names is solely achieved with symbolic links. Ansible releases
older than 2.11 are EOL [3], so usage of os_* symlinks should reduce
soon.
[1] https://github.com/ansible/ansible/blob/devel/lib/ansible/config/ansible_builtin_runtime.yml
[2] https://github.com/openstack/ansible-collections-openstack/blob/master/meta/runtime.yml
[3] https://docs.ansible.com/ansible/devel/reference_appendices/release_and_maintenance.html
Change-Id: I28cc05c95419b72552899c926721eb87fb6f0868
Replaced custom code for interface listing with call to openstacksdk.
The original idea was to reduce the number of calls to the OpenStack
API but this kind of optimization is better to be implemented in the
SDK itself [1]. Reimplementing code like this increases our
maintenance burden, does not help other SDK users and increases the
likeliness of bugs. For example, variable allowed_device_owners
introduced a bug, it is not 'network_router_interface_distributed'
but 'network:router_interface_distributed'.
[1] https://review.opendev.org/c/openstack/openstacksdk/+/849967
Change-Id: I9c52de03c53ef29d7cecdf26253c0c00a7cf3689
- Change sdk calls to use proxy objects
- Convert return values to dict before updating
- Adds additional test values
Change-Id: I187a27af4a5b8aa7cd4b60a1a876b5e5e6975144
Updated documentation of return values and added test to verify
return values
Function self.conn.search_security_groups() cannot be used here.
Arguments for filtering such as 'description' would have to be passed
to self.conn.search_security_groups() in its 'filters' argument [1].
The latter is passed to both as query arguments to OpenStack API
and later to _utils._filter_list() [2] for filtering the results.
Some arguments such as 'any_tags' are only used as query arguments
by openstacksdk [3] when querying OpenStack API. They are no valid
attributes in security_group.py [4]. Whenever those non-attribute
arguments are passed to self.conn.search_security_groups(),
_utils._filter_list() [2] would drop all results because no result
would have a matching attributes.
[1] 0898398415/openstack/cloud/_security_group.py (L31)
[2] 0898398415/openstack/cloud/_utils.py (L63)
[3] 0898398415/openstack/common/tag.py (L19)
[4] 0898398415/openstack/network/v2/security_group.py
Change-Id: Ie7fe9d2e973d38751c48e71e6bd55e56a591ac1f
- Update docs
- Change calls from cloud to proxy layer
- Make sure return value is a dict
- Improve test coverage
Change-Id: I857d7ba7b7ca1b23100ee7e85e90e98430d68462
- Use proxy layer where possible
- Image upload has some tricky logic so that stays in the cloud layer
- Convert return value to dict
- Document return values
- Update visibility logic for glance v2 api
- Increase test coverage
- General refactoring to bring more in line with rest of collection
- Deprecate is_public attribute which has been replaced with
visibility.
- Deprecate volume attribute which has been made obsolete with
openstack.cloud.volume module. Removed examples showing the volume
attribute since users are encouraged to use openstack.cloud.volume
module.
Change-Id: I1d8034a3b9a391444ea275b68b06ee3a291c73c3
Make project_info module compatible with the new sdk 1.0.0 and also add
ansible tests for project_info module
Change-Id: I413200cf6a9b8bada7e5d78087246b888d53fac2
Without any parameters supplied openstack.cloud.baremetal_node_info is
supposed to gather and return information about all nodes.
This is done with a call to cloud.list_machines(), which itself calls
self.baremetal.nodes().
Unfortunately this will not return detailed information about each
machine as the details parameter of self.baremetal.nodes() defaults to
false.
This commit rewrites the module to use the baremetal service proxy of
openstacksdk to get machines with details and converts them using the
`to_dict()` method.
Story: 2010017
Task: 45207
Change-Id: Ib06aea5f59f799d6ed81b30264c8a168301c1a9b
