diff --git a/lib/ansible/modules/cloud/google/gcp_dns_managed_zone.py b/lib/ansible/modules/cloud/google/gcp_dns_managed_zone.py index 07f4309702..5a548124af 100644 --- a/lib/ansible/modules/cloud/google/gcp_dns_managed_zone.py +++ b/lib/ansible/modules/cloud/google/gcp_dns_managed_zone.py @@ -73,6 +73,35 @@ options: - A set of key/value label pairs to assign to this ManagedZone. required: false version_added: 2.8 + visibility: + description: + - 'The zone''s visibility: public zones are exposed to the Internet, while private + zones are visible only to Virtual Private Cloud resources.' + - 'Must be one of: `public`, `private`.' + required: false + default: public + version_added: 2.8 + choices: + - private + - public + private_visibility_config: + description: + - For privately visible zones, the set of Virtual Private Cloud resources that + the zone is visible from. + required: false + version_added: 2.8 + suboptions: + networks: + description: + - The list of VPC networks that can see this zone. + required: false + suboptions: + network_url: + description: + - The fully qualified URL of the VPC network to bind to. + - This should be formatted like `U(https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}`) + . + required: false extends_documentation_fragment: gcp notes: - 'API Reference: U(https://cloud.google.com/dns/api/v1/managedZones)' @@ -138,13 +167,40 @@ labels: - A set of key/value label pairs to assign to this ManagedZone. returned: success type: dict +visibility: + description: + - 'The zone''s visibility: public zones are exposed to the Internet, while private + zones are visible only to Virtual Private Cloud resources.' + - 'Must be one of: `public`, `private`.' + returned: success + type: str +privateVisibilityConfig: + description: + - For privately visible zones, the set of Virtual Private Cloud resources that the + zone is visible from. + returned: success + type: complex + contains: + networks: + description: + - The list of VPC networks that can see this zone. + returned: success + type: complex + contains: + networkUrl: + description: + - The fully qualified URL of the VPC network to bind to. + - This should be formatted like `U(https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}`) + . + returned: success + type: str ''' ################################################################################ # Imports ################################################################################ -from ansible.module_utils.gcp_utils import navigate_hash, GcpSession, GcpModule, GcpRequest, replace_resource_dict +from ansible.module_utils.gcp_utils import navigate_hash, GcpSession, GcpModule, GcpRequest, remove_nones_from_dict, replace_resource_dict import json ################################################################################ @@ -163,6 +219,8 @@ def main(): name=dict(required=True, type='str'), name_server_set=dict(type='str'), labels=dict(type='dict'), + visibility=dict(default='public', type='str', choices=['private', 'public']), + private_visibility_config=dict(type='dict', options=dict(networks=dict(type='list', elements='dict', options=dict(network_url=dict(type='str'))))), ) ) @@ -208,7 +266,11 @@ def update(module, link, kind, fetch): def update_fields(module, request, response): - if response.get('description') != request.get('description') or response.get('labels') != request.get('labels'): + if ( + response.get('description') != request.get('description') + or response.get('labels') != request.get('labels') + or response.get('privateVisibilityConfig') != request.get('privateVisibilityConfig') + ): description_update(module, request, response) @@ -216,7 +278,11 @@ def description_update(module, request, response): auth = GcpSession(module, 'dns') auth.patch( ''.join(["https://www.googleapis.com/dns/v1/", "projects/{project}/managedZones/{name}"]).format(**module.params), - {u'description': module.params.get('description'), u'labels': module.params.get('labels')}, + { + u'description': module.params.get('description'), + u'labels': module.params.get('labels'), + u'privateVisibilityConfig': ManagedZonePrivatevisibilityconfig(module.params.get('private_visibility_config', {}), module).to_request(), + }, ) @@ -233,6 +299,8 @@ def resource_to_request(module): u'name': module.params.get('name'), u'nameServerSet': module.params.get('name_server_set'), u'labels': module.params.get('labels'), + u'visibility': module.params.get('visibility'), + u'privateVisibilityConfig': ManagedZonePrivatevisibilityconfig(module.params.get('private_visibility_config', {}), module).to_request(), } return_vals = {} for k, v in request.items(): @@ -306,8 +374,52 @@ def response_to_hash(module, response): u'nameServerSet': response.get(u'nameServerSet'), u'creationTime': response.get(u'creationTime'), u'labels': response.get(u'labels'), + u'visibility': response.get(u'visibility'), + u'privateVisibilityConfig': ManagedZonePrivatevisibilityconfig(response.get(u'privateVisibilityConfig', {}), module).from_response(), } +class ManagedZonePrivatevisibilityconfig(object): + def __init__(self, request, module): + self.module = module + if request: + self.request = request + else: + self.request = {} + + def to_request(self): + return remove_nones_from_dict({u'networks': ManagedZoneNetworksArray(self.request.get('networks', []), self.module).to_request()}) + + def from_response(self): + return remove_nones_from_dict({u'networks': ManagedZoneNetworksArray(self.request.get(u'networks', []), self.module).from_response()}) + + +class ManagedZoneNetworksArray(object): + def __init__(self, request, module): + self.module = module + if request: + self.request = request + else: + self.request = [] + + def to_request(self): + items = [] + for item in self.request: + items.append(self._request_for_item(item)) + return items + + def from_response(self): + items = [] + for item in self.request: + items.append(self._response_from_item(item)) + return items + + def _request_for_item(self, item): + return remove_nones_from_dict({u'networkUrl': item.get('network_url')}) + + def _response_from_item(self, item): + return remove_nones_from_dict({u'networkUrl': item.get(u'networkUrl')}) + + if __name__ == '__main__': main() diff --git a/lib/ansible/modules/cloud/google/gcp_dns_managed_zone_facts.py b/lib/ansible/modules/cloud/google/gcp_dns_managed_zone_facts.py index e5a8152f57..6e729dac73 100644 --- a/lib/ansible/modules/cloud/google/gcp_dns_managed_zone_facts.py +++ b/lib/ansible/modules/cloud/google/gcp_dns_managed_zone_facts.py @@ -108,6 +108,33 @@ items: - A set of key/value label pairs to assign to this ManagedZone. returned: success type: dict + visibility: + description: + - 'The zone''s visibility: public zones are exposed to the Internet, while private + zones are visible only to Virtual Private Cloud resources.' + - 'Must be one of: `public`, `private`.' + returned: success + type: str + privateVisibilityConfig: + description: + - For privately visible zones, the set of Virtual Private Cloud resources that + the zone is visible from. + returned: success + type: complex + contains: + networks: + description: + - The list of VPC networks that can see this zone. + returned: success + type: complex + contains: + networkUrl: + description: + - The fully qualified URL of the VPC network to bind to. + - This should be formatted like `U(https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}`) + . + returned: success + type: str ''' ################################################################################