diff --git a/lib/ansible/modules/cloud/google/gcp_compute_target_https_proxy.py b/lib/ansible/modules/cloud/google/gcp_compute_target_https_proxy.py index 87bba07fd7d5d0..c9882dcb95a722 100644 --- a/lib/ansible/modules/cloud/google/gcp_compute_target_https_proxy.py +++ b/lib/ansible/modules/cloud/google/gcp_compute_target_https_proxy.py @@ -81,6 +81,18 @@ between users and the load balancer. Currently, exactly one SSL certificate must be specified. required: true + ssl_policy: + description: + - A reference to the SslPolicy resource that will be associated with the TargetHttpsProxy + resource. If not set, the TargetHttpsProxy resource will not have any SSL policy + configured. + - 'This field represents a link to a SslPolicy resource in GCP. It can be specified + in two ways. You can add `register: name-of-resource` to a gcp_compute_ssl_policy + task and then set this ssl_policy field to "{{ name-of-resource }}" Alternatively, + you can set this ssl_policy to a dictionary with the selfLink key where the + value is the selfLink of your SslPolicy' + required: false + version_added: 2.8 url_map: description: - A reference to the UrlMap resource that defines the mapping from URL to the @@ -232,6 +244,13 @@ users and the load balancer. Currently, exactly one SSL certificate must be specified. returned: success type: list +sslPolicy: + description: + - A reference to the SslPolicy resource that will be associated with the TargetHttpsProxy + resource. If not set, the TargetHttpsProxy resource will not have any SSL policy + configured. + returned: success + type: dict urlMap: description: - A reference to the UrlMap resource that defines the mapping from URL to the BackendService. @@ -262,6 +281,7 @@ def main(): name=dict(required=True, type='str'), quic_override=dict(type='str', choices=['NONE', 'ENABLE', 'DISABLE']), ssl_certificates=dict(required=True, type='list', elements='dict'), + ssl_policy=dict(type='dict'), url_map=dict(required=True, type='dict') ) ) @@ -313,6 +333,8 @@ def update_fields(module, request, response): quic_override_update(module, request, response) if response.get('sslCertificates') != request.get('sslCertificates'): ssl_certificates_update(module, request, response) + if response.get('sslPolicy') != request.get('sslPolicy'): + ssl_policy_update(module, request, response) if response.get('urlMap') != request.get('urlMap'): url_map_update(module, request, response) @@ -343,6 +365,19 @@ def ssl_certificates_update(module, request, response): ) +def ssl_policy_update(module, request, response): + auth = GcpSession(module, 'compute') + auth.post( + ''.join([ + "https://www.googleapis.com/compute/v1/", + "projects/{project}/global/targetHttpsProxies/{name}/setSslPolicy" + ]).format(**module.params), + { + u'sslPolicy': replace_resource_dict(module.params.get(u'ssl_policy', {}), 'selfLink') + } + ) + + def url_map_update(module, request, response): auth = GcpSession(module, 'compute') auth.post( @@ -368,6 +403,7 @@ def resource_to_request(module): u'name': module.params.get('name'), u'quicOverride': module.params.get('quic_override'), u'sslCertificates': replace_resource_dict(module.params.get('ssl_certificates', []), 'selfLink'), + u'sslPolicy': replace_resource_dict(module.params.get(u'ssl_policy', {}), 'selfLink'), u'urlMap': replace_resource_dict(module.params.get(u'url_map', {}), 'selfLink') } return_vals = {} @@ -440,6 +476,7 @@ def response_to_hash(module, response): u'name': module.params.get('name'), u'quicOverride': response.get(u'quicOverride'), u'sslCertificates': response.get(u'sslCertificates'), + u'sslPolicy': response.get(u'sslPolicy'), u'urlMap': response.get(u'urlMap') } diff --git a/lib/ansible/modules/cloud/google/gcp_compute_target_https_proxy_facts.py b/lib/ansible/modules/cloud/google/gcp_compute_target_https_proxy_facts.py index e486510e03a305..5cfb46bfc0f61c 100644 --- a/lib/ansible/modules/cloud/google/gcp_compute_target_https_proxy_facts.py +++ b/lib/ansible/modules/cloud/google/gcp_compute_target_https_proxy_facts.py @@ -106,6 +106,13 @@ must be specified. returned: success type: list + sslPolicy: + description: + - A reference to the SslPolicy resource that will be associated with the TargetHttpsProxy + resource. If not set, the TargetHttpsProxy resource will not have any SSL + policy configured. + returned: success + type: dict urlMap: description: - A reference to the UrlMap resource that defines the mapping from URL to the diff --git a/lib/ansible/modules/cloud/google/gcp_compute_target_ssl_proxy.py b/lib/ansible/modules/cloud/google/gcp_compute_target_ssl_proxy.py index 44c7e6d2fec461..032d57ab6de6e4 100644 --- a/lib/ansible/modules/cloud/google/gcp_compute_target_ssl_proxy.py +++ b/lib/ansible/modules/cloud/google/gcp_compute_target_ssl_proxy.py @@ -85,6 +85,18 @@ between users and the load balancer. Currently, exactly one SSL certificate must be specified. required: true + ssl_policy: + description: + - A reference to the SslPolicy resource that will be associated with the TargetSslProxy + resource. If not set, the TargetSslProxy resource will not have any SSL policy + configured. + - 'This field represents a link to a SslPolicy resource in GCP. It can be specified + in two ways. You can add `register: name-of-resource` to a gcp_compute_ssl_policy + task and then set this ssl_policy field to "{{ name-of-resource }}" Alternatively, + you can set this ssl_policy to a dictionary with the selfLink key where the + value is the selfLink of your SslPolicy' + required: false + version_added: 2.8 extends_documentation_fragment: gcp notes: - 'API Reference: U(https://cloud.google.com/compute/docs/reference/latest/targetSslProxies)' @@ -222,6 +234,13 @@ users and the load balancer. Currently, exactly one SSL certificate must be specified. returned: success type: list +sslPolicy: + description: + - A reference to the SslPolicy resource that will be associated with the TargetSslProxy + resource. If not set, the TargetSslProxy resource will not have any SSL policy + configured. + returned: success + type: dict ''' ################################################################################ @@ -247,7 +266,8 @@ def main(): name=dict(required=True, type='str'), proxy_header=dict(type='str', choices=['NONE', 'PROXY_V1']), service=dict(required=True, type='dict'), - ssl_certificates=dict(required=True, type='list', elements='dict') + ssl_certificates=dict(required=True, type='list', elements='dict'), + ssl_policy=dict(type='dict') ) ) @@ -300,6 +320,8 @@ def update_fields(module, request, response): service_update(module, request, response) if response.get('sslCertificates') != request.get('sslCertificates'): ssl_certificates_update(module, request, response) + if response.get('sslPolicy') != request.get('sslPolicy'): + ssl_policy_update(module, request, response) def proxy_header_update(module, request, response): @@ -341,6 +363,19 @@ def ssl_certificates_update(module, request, response): ) +def ssl_policy_update(module, request, response): + auth = GcpSession(module, 'compute') + auth.post( + ''.join([ + "https://www.googleapis.com/compute/v1/", + "projects/{project}/global/targetSslProxies/{name}/setSslPolicy" + ]).format(**module.params), + { + u'sslPolicy': replace_resource_dict(module.params.get(u'ssl_policy', {}), 'selfLink') + } + ) + + def delete(module, link, kind): auth = GcpSession(module, 'compute') return wait_for_operation(module, auth.delete(link)) @@ -353,7 +388,8 @@ def resource_to_request(module): u'name': module.params.get('name'), u'proxyHeader': module.params.get('proxy_header'), u'service': replace_resource_dict(module.params.get(u'service', {}), 'selfLink'), - u'sslCertificates': replace_resource_dict(module.params.get('ssl_certificates', []), 'selfLink') + u'sslCertificates': replace_resource_dict(module.params.get('ssl_certificates', []), 'selfLink'), + u'sslPolicy': replace_resource_dict(module.params.get(u'ssl_policy', {}), 'selfLink') } return_vals = {} for k, v in request.items(): @@ -425,7 +461,8 @@ def response_to_hash(module, response): u'name': module.params.get('name'), u'proxyHeader': response.get(u'proxyHeader'), u'service': response.get(u'service'), - u'sslCertificates': response.get(u'sslCertificates') + u'sslCertificates': response.get(u'sslCertificates'), + u'sslPolicy': response.get(u'sslPolicy') } diff --git a/lib/ansible/modules/cloud/google/gcp_compute_target_ssl_proxy_facts.py b/lib/ansible/modules/cloud/google/gcp_compute_target_ssl_proxy_facts.py index a1374d404a2387..69b2fbadcb62cb 100644 --- a/lib/ansible/modules/cloud/google/gcp_compute_target_ssl_proxy_facts.py +++ b/lib/ansible/modules/cloud/google/gcp_compute_target_ssl_proxy_facts.py @@ -108,6 +108,13 @@ must be specified. returned: success type: list + sslPolicy: + description: + - A reference to the SslPolicy resource that will be associated with the TargetSslProxy + resource. If not set, the TargetSslProxy resource will not have any SSL policy + configured. + returned: success + type: dict ''' ################################################################################ diff --git a/test/integration/targets/gcp_storage_object/aliases b/test/integration/targets/gcp_storage_object/aliases new file mode 100644 index 00000000000000..9812f019ca4bae --- /dev/null +++ b/test/integration/targets/gcp_storage_object/aliases @@ -0,0 +1,2 @@ +cloud/gcp +unsupported diff --git a/test/integration/targets/gcp_storage_object/defaults/main.yml b/test/integration/targets/gcp_storage_object/defaults/main.yml new file mode 100644 index 00000000000000..aa87a2a8e0e0e0 --- /dev/null +++ b/test/integration/targets/gcp_storage_object/defaults/main.yml @@ -0,0 +1,3 @@ +--- +# defaults file +resource_name: '{{resource_prefix}}' diff --git a/test/integration/targets/gcp_storage_object/meta/main.yml b/test/integration/targets/gcp_storage_object/meta/main.yml new file mode 100644 index 00000000000000..e69de29bb2d1d6