mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
Allow modifying security groups in os_server (#23207)
When the security groups specified to the os_server module change they should be updated on the server. This will require shade 1.19 where the server security group commands were added. Fixes: #23206
This commit is contained in:
Jamie Lennox
Ricardo Carrillo Cruz
parent
669630ea83
commit
92dc61e869
1 changed files with 30 additions and 1 deletions
|
|
@ -620,6 +620,33 @@ def _check_floating_ips(module, cloud, server):
|
||||||
return (changed, server)
|
return (changed, server)
|
||||||
|
|
||||||
|
|
||||||
|
def _check_security_groups(module, cloud, server):
|
||||||
|
changed = False
|
||||||
|
|
||||||
|
# server security groups were added to shade in 1.19. Until then this
|
||||||
|
# module simply ignored trying to update security groups and only set them
|
||||||
|
# on newly created hosts.
|
||||||
|
if not (hasattr(cloud, 'add_server_security_groups') and
|
||||||
|
hasattr(cloud, 'remove_server_security_groups')):
|
||||||
|
return changed, server
|
||||||
|
|
||||||
|
module_security_groups = set(module.params['security_groups'])
|
||||||
|
server_security_groups = set(sg.name for sg in server.security_groups)
|
||||||
|
|
||||||
|
add_sgs = module_security_groups - server_security_groups
|
||||||
|
remove_sgs = server_security_groups - module_security_groups
|
||||||
|
|
||||||
|
if add_sgs:
|
||||||
|
cloud.add_server_security_groups(server, list(add_sgs))
|
||||||
|
changed = True
|
||||||
|
|
||||||
|
if remove_sgs:
|
||||||
|
cloud.remove_server_security_groups(server, list(remove_sgs))
|
||||||
|
changed = True
|
||||||
|
|
||||||
|
return (changed, server)
|
||||||
|
|
||||||
|
|
||||||
def _get_server_state(module, cloud):
|
def _get_server_state(module, cloud):
|
||||||
state = module.params['state']
|
state = module.params['state']
|
||||||
server = cloud.get_server(module.params['name'])
|
server = cloud.get_server(module.params['name'])
|
||||||
|
|
@ -629,8 +656,10 @@ def _get_server_state(module, cloud):
|
||||||
msg="The instance is available but not Active state: "
|
msg="The instance is available but not Active state: "
|
||||||
+ server.status)
|
+ server.status)
|
||||||
(ip_changed, server) = _check_floating_ips(module, cloud, server)
|
(ip_changed, server) = _check_floating_ips(module, cloud, server)
|
||||||
|
(sg_changed, server) = _check_security_groups(module, cloud, server)
|
||||||
(server_changed, server) = _update_server(module, cloud, server)
|
(server_changed, server) = _update_server(module, cloud, server)
|
||||||
_exit_hostvars(module, cloud, server, ip_changed or server_changed)
|
_exit_hostvars(module, cloud, server,
|
||||||
|
ip_changed or sg_changed or server_changed)
|
||||||
if server and state == 'absent':
|
if server and state == 'absent':
|
||||||
return True
|
return True
|
||||||
if state == 'absent':
|
if state == 'absent':
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue