aws_codecommit: Fix integration tests and Add support for updating the description (#61263)

* Update DevOps AWS policy - Fix typos in permission names - While AWS claims you can use 'arn:aws:codecommit:*' it errors unless you use '*' * aws_codecommit: (integration tests) Migrate to module_defaults * aws_codecommit: (integration tests) Fix integration tests * aws_codecommit: (integration tests) Add tests for updating the description * aws_codecommit: Add support for updating the description and rename "comment" option to "description"
2019-08-30 20:25:37 +02:00 · 2019-08-30 20:25:37 +02:00 · 35359959de
commit 35359959de
parent 0e1ec04efb
4 changed files with 112 additions and 41 deletions
--- a/changelogs/fragments/61263-aws_codecommit-description.yml
+++ b/changelogs/fragments/61263-aws_codecommit-description.yml
@ -0,0 +1,2 @@
+minor_changes:
+  - aws_codecommit - Support updating the description
--- a/hacking/aws_config/testing_policies/devops-policy.json
+++ b/hacking/aws_config/testing_policies/devops-policy.json
@ -6,12 +6,12 @@
        "Effect": "Allow",
        "Action": [
          "codecommit:ListRepositories",
-          "codecommit:CreateRepositories",
-          "codecommit:DeleteRpositories"
+          "codecommit:*Repository",
+          "codecommit:*RepositoryDescription"
        ],
        "Resource": [
-          "arn:aws:codecommit:*"
+          "*"
        ]
      }
    ]
-}
+}
--- a/lib/ansible/modules/cloud/amazon/aws_codecommit.py
+++ b/lib/ansible/modules/cloud/amazon/aws_codecommit.py
@ -27,10 +27,12 @@ options:
    description:
      - name of repository.
    required: true
-  comment:
+  description:
    description:
      - description or comment of repository.
    required: false
+    aliases:
+      - comment
  state:
    description:
      - Specifies the state of repository.
@ -150,12 +152,20 @@ class CodeCommit(object):
    def process(self):
        result = dict(changed=False)

-        if self._module.params['state'] == 'present' and not self._repository_exists():
-            if not self._module.check_mode:
-                result = self._create_repository()
-            result['changed'] = True
+        if self._module.params['state'] == 'present':
+            if not self._repository_exists():
+                if not self._check_mode:
+                    result = self._create_repository()
+                result['changed'] = True
+            else:
+                metadata = self._get_repository()['repositoryMetadata']
+                if metadata['repositoryDescription'] != self._module.params['description']:
+                    if not self._check_mode:
+                        self._update_repository()
+                    result['changed'] = True
+                result.update(self._get_repository())
        if self._module.params['state'] == 'absent' and self._repository_exists():
-            if not self._module.check_mode:
+            if not self._check_mode:
                result = self._delete_repository()
            result['changed'] = True
        return result
@ -172,11 +182,30 @@ class CodeCommit(object):
            self._module.fail_json_aws(e, msg="couldn't get repository")
        return False

+    def _get_repository(self):
+        try:
+            result = self._client.get_repository(
+                repositoryName=self._module.params['name']
+            )
+        except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e:
+            self._module.fail_json_aws(e, msg="couldn't get repository")
+        return result
+
+    def _update_repository(self):
+        try:
+            result = self._client.update_repository_description(
+                repositoryName=self._module.params['name'],
+                repositoryDescription=self._module.params['description']
+            )
+        except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e:
+            self._module.fail_json_aws(e, msg="couldn't create repository")
+        return result
+
    def _create_repository(self):
        try:
            result = self._client.create_repository(
                repositoryName=self._module.params['name'],
-                repositoryDescription=self._module.params['comment']
+                repositoryDescription=self._module.params['description']
            )
        except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e:
            self._module.fail_json_aws(e, msg="couldn't create repository")
@ -196,7 +225,7 @@ def main():
    argument_spec = dict(
        name=dict(required=True),
        state=dict(choices=['present', 'absent'], required=True),
-        comment=dict(default='')
+        description=dict(default='', aliases=['comment'])
    )

    ansible_aws_module = AnsibleAWSModule(
--- a/test/integration/targets/aws_codecommit/tasks/main.yml
+++ b/test/integration/targets/aws_codecommit/tasks/main.yml
@ -1,65 +1,105 @@
 ---
- block:
-  # ============================================================
-  - name: set connection information for all tasks
-    set_fact:
-      aws_connection_info: &aws_connection_info
-        aws_access_key: "{{ aws_access_key }}"
-        aws_secret_key: "{{ aws_secret_key }}"
-        security_token: "{{ security_token }}"
-        region: "{{ aws_region }}"
-    no_log: true
-  # ============================================================
-  - name: Create a repository
-    aws_codecommit:
-      name: "{{ resource_prefix }}_repo"
-      comment: original comment
-      state: present
-      <<: *aws_connection_info
-    register: output
-  - assert:
-      that:
-        - output is changed
-        - output['repository_metadata'].repository_name == '{{ resource_prefix }}_repo'
-        - output['repository_metadata'].repository_description == 'original comment'
+- module_defaults:
+    group/aws:
+      aws_access_key: "{{ aws_access_key }}"
+      aws_secret_key: "{{ aws_secret_key }}"
+      security_token: "{{ security_token | default(omit) }}"
+      region: "{{ aws_region }}"
+  block:
  # ============================================================
  - name: Create a repository (CHECK MODE)
    aws_codecommit:
-      name: "{{ resource_prefix }}_check_repo"
-      comment: original comment
+      name: "{{ resource_prefix }}_repo"
+      description: original comment
      state: present
-      <<: *aws_connection_info
    register: output
    check_mode: yes
  - assert:
      that:
        - output is changed
+
+  - name: Create a repository
+    aws_codecommit:
+      name: "{{ resource_prefix }}_repo"
+      description: original comment
+      state: present
+    register: output
+  - assert:
+      that:
+        - output is changed
+        - output.repository_metadata.repository_name == '{{ resource_prefix }}_repo'
+        - output.repository_metadata.repository_description == 'original comment'
+
+  - name: No-op update to repository
+    aws_codecommit:
+      name: "{{ resource_prefix }}_repo"
+      description: original comment
+      state: present
+    register: output
+  - assert:
+      that:
+        - output is not changed
+        - output.repository_metadata.repository_name == '{{ resource_prefix }}_repo'
+        - output.repository_metadata.repository_description == 'original comment'
+
+  - name: Update repository description (CHECK MODE)
+    aws_codecommit:
+      name: "{{ resource_prefix }}_repo"
+      description: new comment
+      state: present
+    register: output
+    check_mode: yes
+  - assert:
+      that:
+        - output is changed
+        - output.repository_metadata.repository_name == '{{ resource_prefix }}_repo'
+        - output.repository_metadata.repository_description == 'original comment'
+
+  - name: Update repository description
+    aws_codecommit:
+      name: "{{ resource_prefix }}_repo"
+      description: new comment
+      state: present
+    register: output
+  - assert:
+      that:
+        - output is changed
+        - output.repository_metadata.repository_name == '{{ resource_prefix }}_repo'
+        - output.repository_metadata.repository_description == 'new comment'
+
  # ============================================================
  - name: Delete  a repository (CHECK MODE)
    aws_codecommit:
      name: "{{ resource_prefix }}_repo"
      state: absent
-      <<: *aws_connection_info
    register: output
    check_mode: yes
  - assert:
      that:
        - output is changed
+
  - name: Delete  a repository
    aws_codecommit:
      name: "{{ resource_prefix }}_repo"
      state: absent
-      <<: *aws_connection_info
    register: output
  - assert:
      that:
        - output is changed

+  - name: Delete a non-existent repository
+    aws_codecommit:
+      name: "{{ resource_prefix }}_repo"
+      state: absent
+    register: output
+  - assert:
+      that:
+        - output is not changed
+
  always:
     ###### TEARDOWN STARTS HERE ######
    - name: Delete  a repository
      aws_codecommit:
        name: "{{ resource_prefix }}_repo"
        state: absent
-        <<: *aws_connection_info
      ignore_errors: yes