wbrawner/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

[ecs_service] fix assign_public_ip network configuration to module parameter rather than fixed string (#41689)

Browse source 
Fix parameter name

Use suboptions

document suboptions

Add a test to assert assign_public_ip is configurable
This commit is contained in:
Sloane Hertel 2018-06-19 14:35:53 -04:00 committed by Ryan Brown
parent 37293dec3d
commit 1268ce4d4f
5 changed files with 38 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

36
lib/ansible/modules/cloud/amazon/ecs_service.py
View file

@ -100,10 +100,21 @@ options:
network_configuration:
description:
- network configuration of the service. Only applicable for task definitions created with C(awsvpc) I(network_mode).
- I(network_configuration) has two keys, I(subnets), a list of subnet IDs to which the task is attached and I(security_groups),
a list of group names or group IDs for the task
- assign_public_ip requires botocore >= 1.8.4
version_added: 2.6
suboptions:
subnets:
description:
- A list of subnet IDs to associate with the task
version_added: 2.6
security_groups:
description:
- A list of security group names or group IDs to associate with the task
version_added: 2.6
assign_public_ip:
description:
- Whether the task's elastic network interface receives a public IP address. This option requires botocore >= 1.8.4.
choices: ["ENABLED", "DISABLED"]
version_added: 2.7
launch_type:
description:
- The launch type on which to run your service
@ -312,11 +323,11 @@ class EcsServiceManager:
def format_network_configuration(self, network_config):
result = dict()
if 'subnets' in network_config:
if network_config['subnets'] is not None:
result['subnets'] = network_config['subnets']
else:
self.module.fail_json(msg="Network configuration must include subnets")
if 'security_groups' in network_config:
if network_config['security_groups'] is not None:
groups = network_config['security_groups']
if any(not sg.startswith('sg-') for sg in groups):
try:
@ -325,10 +336,11 @@ class EcsServiceManager:
except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e:
self.module.fail_json_aws(e, msg="Couldn't look up security groups")
result['securityGroups'] = groups
if 'assign_public_ip' in network_config and self.module.botocore_at_least('1.8.4'):
result['assign_public_ip'] = 'assign_public_ip'
else:
self.module.fail_json(msg='botocore needs to be version 1.8.4 or higher to use assign_public_ip in network_configuration')
if network_config['assign_public_ip'] is not None:
if self.module.botocore_at_least('1.8.4'):
result['assignPublicIp'] = network_config['assign_public_ip']
else:
self.module.fail_json(msg='botocore needs to be version 1.8.4 or higher to use assign_public_ip in network_configuration')
return dict(awsvpcConfiguration=result)
def find_in_array(self, array_of_services, service_name, field_name='serviceArn'):
@ -446,7 +458,11 @@ def main():
deployment_configuration=dict(required=False, default={}, type='dict'),
placement_constraints=dict(required=False, default=[], type='list'),
placement_strategy=dict(required=False, default=[], type='list'),
network_configuration=dict(required=False, type='dict'),
network_configuration=dict(required=False, type='dict', options=dict(
subnets=dict(type='list'),
security_groups=dict(type='list'),
assign_public_ip=dict(choices=['ENABLED', 'DISABLED']),
)),
launch_type=dict(required=False, choices=['EC2', 'FARGATE'])
))

4
test/integration/targets/ecs_cluster/playbooks/network_assign_public_ip_fail.yml
View file

@ -58,9 +58,9 @@
network_configuration:
subnets:
- subnet-abcd1234
groups:
security_groups:
- sg-abcd1234
assign_public_ip: true
assign_public_ip: ENABLED
state: present
<<: *aws_connection_info
register: ecs_service_creation_vpc

6
test/integration/targets/ecs_cluster/playbooks/network_fail.yml
View file

@ -68,7 +68,7 @@
network_configuration:
subnets:
- subnet-abcd1234
groups:
security_groups:
- sg-abcd1234
state: present
<<: *aws_connection_info
@ -90,7 +90,7 @@
network_configuration:
subnets:
- subnet-abcd1234
groups:
security_groups:
- sg-abcd1234
launch_type: FARGATE
state: present
@ -132,7 +132,7 @@
network_configuration:
subnets:
- subnet-abcd1234
groups:
security_groups:
- sg-abcd1234
<<: *aws_connection_info
register: ecs_task_creation_vpc

6
test/integration/targets/ecs_cluster/playbooks/roles/ecs_cluster/tasks/main.yml
View file

@ -629,9 +629,15 @@
subnets: "{{ setup_subnet.results | json_query('[].subnet.id') }}"
security_groups:
- '{{ setup_sg.group_id }}'
assign_public_ip: ENABLED
<<: *aws_connection_info
register: ecs_fargate_service_network_with_awsvpc
- name: assert that public IP assignment is enabled
assert:
that:
- 'ecs_fargate_service_network_with_awsvpc.service.networkConfiguration.awsvpcConfiguration.assignPublicIp == "ENABLED"'
# ============================================================
# End tests for Fargate

2
test/integration/targets/ecs_cluster/runme.sh
View file

@ -28,5 +28,5 @@ ansible-playbook -i ../../inventory -e @../../integration_config.yml -e @../../c
# Run full test suite
virtualenv --system-site-packages --python "${PYTHON}" "${MYTMPDIR}/botocore-recent"
source "${MYTMPDIR}/botocore-recent/bin/activate"
$PYTHON -m pip install 'botocore>=1.8.0' boto3
$PYTHON -m pip install 'botocore>=1.8.4' boto3
ansible-playbook -i ../../inventory -e @../../integration_config.yml -e @../../cloud-config-aws.yml -v playbooks/full_test.yml "$@"