diff --git a/lib/ansible/modules/cloud/google/gcp_compute_ssl_certificate.py b/lib/ansible/modules/cloud/google/gcp_compute_ssl_certificate.py index 9e0346feb0..2f64ca6167 100644 --- a/lib/ansible/modules/cloud/google/gcp_compute_ssl_certificate.py +++ b/lib/ansible/modules/cloud/google/gcp_compute_ssl_certificate.py @@ -76,9 +76,8 @@ extends_documentation_fragment: gcp EXAMPLES = ''' - name: create a ssl certificate gcp_compute_ssl_certificate: - name: testObject - description: | - "A certificate for testing. Do not use this certificate in production" + name: "test_object" + description: A certificate for testing. Do not use this certificate in production certificate: | -----BEGIN CERTIFICATE----- MIICqjCCAk+gAwIBAgIJAIuJ+0352Kq4MAoGCCqGSM49BAMCMIGwMQswCQYDVQQG @@ -103,11 +102,9 @@ EXAMPLES = ''' AwEHoUQDQgAEHGzpcRJ4XzfBJCCPMQeXQpTXwlblimODQCuQ4mzkzTv0dXyB750f OGN02HtkpBOZzzvUARTR10JQoSe2/5PIwQ== -----END EC PRIVATE KEY----- - project: testProject - auth_kind: service_account - service_account_file: /tmp/auth.pem - scopes: - - https://www.googleapis.com/auth/compute + project: "test_project" + auth_kind: "service_account" + service_account_file: "/tmp/auth.pem" state: present ''' @@ -177,6 +174,9 @@ def main(): ) ) + if not module.params['scopes']: + module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] + state = module.params['state'] kind = 'compute#sslCertificate' @@ -186,10 +186,10 @@ def main(): if fetch: if state == 'present': if is_different(module, fetch): - fetch = update(module, self_link(module), kind, fetch) + fetch = update(module, self_link(module), kind) changed = True else: - delete(module, self_link(module), kind, fetch) + delete(module, self_link(module), kind) fetch = {} changed = True else: @@ -209,12 +209,12 @@ def create(module, link, kind): return wait_for_operation(module, auth.post(link, resource_to_request(module))) -def update(module, link, kind, fetch): +def update(module, link, kind): auth = GcpSession(module, 'compute') return wait_for_operation(module, auth.put(link, resource_to_request(module))) -def delete(module, link, kind, fetch): +def delete(module, link, kind): auth = GcpSession(module, 'compute') return wait_for_operation(module, auth.delete(link)) @@ -314,7 +314,7 @@ def async_op_url(module, extra_data=None): def wait_for_operation(module, response): op_result = return_if_object(module, response, 'compute#operation') if op_result is None: - return None + return {} status = navigate_hash(op_result, ['status']) wait_done = wait_for_completion(status, op_result, module) return fetch_resource(module, navigate_hash(wait_done, ['targetLink']), 'compute#sslCertificate') diff --git a/test/integration/targets/gcp_compute_ssl_certificate/tasks/main.yml b/test/integration/targets/gcp_compute_ssl_certificate/tasks/main.yml index 673c144282..5350f6a72c 100644 --- a/test/integration/targets/gcp_compute_ssl_certificate/tasks/main.yml +++ b/test/integration/targets/gcp_compute_ssl_certificate/tasks/main.yml @@ -16,8 +16,7 @@ - name: delete a ssl certificate gcp_compute_ssl_certificate: name: "{{ resource_name }}" - description: | - "A certificate for testing. Do not use this certificate in production" + description: A certificate for testing. Do not use this certificate in production certificate: | -----BEGIN CERTIFICATE----- MIICqjCCAk+gAwIBAgIJAIuJ+0352Kq4MAoGCCqGSM49BAMCMIGwMQswCQYDVQQG @@ -45,15 +44,12 @@ project: "{{ gcp_project }}" auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file }}" - scopes: - - https://www.googleapis.com/auth/compute state: absent #---------------------------------------------------------- - name: create a ssl certificate gcp_compute_ssl_certificate: name: "{{ resource_name }}" - description: | - "A certificate for testing. Do not use this certificate in production" + description: A certificate for testing. Do not use this certificate in production certificate: | -----BEGIN CERTIFICATE----- MIICqjCCAk+gAwIBAgIJAIuJ+0352Kq4MAoGCCqGSM49BAMCMIGwMQswCQYDVQQG @@ -81,8 +77,6 @@ project: "{{ gcp_project }}" auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file }}" - scopes: - - https://www.googleapis.com/auth/compute state: present register: result - name: assert changed is true @@ -91,19 +85,24 @@ - result.changed == true - "result.kind == 'compute#sslCertificate'" - name: verify that ssl_certificate was created - shell: | - gcloud compute ssl-certificates describe --project="{{ gcp_project}}" "{{ resource_name }}" + gcp_compute_ssl_certificate_facts: + filters: + - name = {{ resource_name }} + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file }}" + scopes: + - https://www.googleapis.com/auth/compute register: results - name: verify that command succeeded assert: that: - - results.rc == 0 + - results['items'] | length == 1 # ---------------------------------------------------------------------------- - name: create a ssl certificate that already exists gcp_compute_ssl_certificate: name: "{{ resource_name }}" - description: | - "A certificate for testing. Do not use this certificate in production" + description: A certificate for testing. Do not use this certificate in production certificate: | -----BEGIN CERTIFICATE----- MIICqjCCAk+gAwIBAgIJAIuJ+0352Kq4MAoGCCqGSM49BAMCMIGwMQswCQYDVQQG @@ -131,8 +130,6 @@ project: "{{ gcp_project }}" auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file }}" - scopes: - - https://www.googleapis.com/auth/compute state: present register: result - name: assert changed is false @@ -144,8 +141,7 @@ - name: delete a ssl certificate gcp_compute_ssl_certificate: name: "{{ resource_name }}" - description: | - "A certificate for testing. Do not use this certificate in production" + description: A certificate for testing. Do not use this certificate in production certificate: | -----BEGIN CERTIFICATE----- MIICqjCCAk+gAwIBAgIJAIuJ+0352Kq4MAoGCCqGSM49BAMCMIGwMQswCQYDVQQG @@ -173,8 +169,6 @@ project: "{{ gcp_project }}" auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file }}" - scopes: - - https://www.googleapis.com/auth/compute state: absent register: result - name: assert changed is true @@ -183,21 +177,24 @@ - result.changed == true - result.has_key('kind') == False - name: verify that ssl_certificate was deleted - shell: | - gcloud compute ssl-certificates describe --project="{{ gcp_project}}" "{{ resource_name }}" + gcp_compute_ssl_certificate_facts: + filters: + - name = {{ resource_name }} + project: "{{ gcp_project }}" + auth_kind: "{{ gcp_cred_kind }}" + service_account_file: "{{ gcp_cred_file }}" + scopes: + - https://www.googleapis.com/auth/compute register: results - failed_when: results.rc == 0 - name: verify that command succeeded assert: that: - - results.rc == 1 - - "\"'projects/{{ gcp_project }}/global/sslCertificates/{{ resource_name }}' was not found\" in results.stderr" + - results['items'] | length == 0 # ---------------------------------------------------------------------------- - name: delete a ssl certificate that does not exist gcp_compute_ssl_certificate: name: "{{ resource_name }}" - description: | - "A certificate for testing. Do not use this certificate in production" + description: A certificate for testing. Do not use this certificate in production certificate: | -----BEGIN CERTIFICATE----- MIICqjCCAk+gAwIBAgIJAIuJ+0352Kq4MAoGCCqGSM49BAMCMIGwMQswCQYDVQQG @@ -225,8 +222,6 @@ project: "{{ gcp_project }}" auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file }}" - scopes: - - https://www.googleapis.com/auth/compute state: absent register: result - name: assert changed is false