From 9acafd633831811c5dfb3b6681686b39ffe29734 Mon Sep 17 00:00:00 2001 From: abikouo Date: Thu, 17 Aug 2023 12:51:19 +0200 Subject: [PATCH 1/7] A role and playbook to move object from one storage bucket to another --- .yamllint | 20 +++++++ README.md | 4 +- .../MOVE_OBJECTS_BETWEEN_STORAGE_BUCKETS.md | 12 +++++ .../move_objects_between_storage_buckets.yaml | 7 +++ roles/gcp_setup_credentials/README.md | 52 +++++++++++++++++++ roles/gcp_setup_credentials/defaults/main.yml | 7 +++ roles/gcp_setup_credentials/tasks/main.yml | 52 +++++++++++++++++++ .../README.md | 50 ++++++++++++++++++ .../handlers/main.yml | 5 ++ .../meta/main.yml | 3 ++ .../tasks/main.yml | 27 ++++++++++ .../tasks/move_object.yml | 24 +++++++++ .../test_gcp_setup_credentials/aliases | 3 ++ .../defaults/main.yml | 3 ++ .../test_gcp_setup_credentials/tasks/main.yml | 21 ++++++++ .../aliases | 3 ++ .../defaults/main.yml | 8 +++ .../tasks/create_buckets.yml | 42 +++++++++++++++ .../tasks/delete_buckets.yml | 35 +++++++++++++ .../tasks/main.yml | 38 ++++++++++++++ .../tasks/validate_objects_from_bucket.yml | 30 +++++++++++ tox.ini | 6 +-- 22 files changed, 448 insertions(+), 4 deletions(-) create mode 100644 .yamllint create mode 100644 playbooks/MOVE_OBJECTS_BETWEEN_STORAGE_BUCKETS.md create mode 100644 playbooks/move_objects_between_storage_buckets.yaml create mode 100644 roles/gcp_setup_credentials/README.md create mode 100644 roles/gcp_setup_credentials/defaults/main.yml create mode 100644 roles/gcp_setup_credentials/tasks/main.yml create mode 100644 roles/move_objects_between_storage_buckets/README.md create mode 100644 roles/move_objects_between_storage_buckets/handlers/main.yml create mode 100644 roles/move_objects_between_storage_buckets/meta/main.yml create mode 100644 roles/move_objects_between_storage_buckets/tasks/main.yml create mode 100644 roles/move_objects_between_storage_buckets/tasks/move_object.yml create mode 100644 tests/integration/targets/test_gcp_setup_credentials/aliases create mode 100644 tests/integration/targets/test_gcp_setup_credentials/defaults/main.yml create mode 100644 tests/integration/targets/test_gcp_setup_credentials/tasks/main.yml create mode 100644 tests/integration/targets/test_move_objects_between_storage_buckets/aliases create mode 100644 tests/integration/targets/test_move_objects_between_storage_buckets/defaults/main.yml create mode 100644 tests/integration/targets/test_move_objects_between_storage_buckets/tasks/create_buckets.yml create mode 100644 tests/integration/targets/test_move_objects_between_storage_buckets/tasks/delete_buckets.yml create mode 100644 tests/integration/targets/test_move_objects_between_storage_buckets/tasks/main.yml create mode 100644 tests/integration/targets/test_move_objects_between_storage_buckets/tasks/validate_objects_from_bucket.yml diff --git a/.yamllint b/.yamllint new file mode 100644 index 0000000..bc74eed --- /dev/null +++ b/.yamllint @@ -0,0 +1,20 @@ +--- +extends: default + +rules: + braces: + max-spaces-inside: 1 + level: error + brackets: + max-spaces-inside: 1 + level: error + document-start: disable + line-length: disable + truthy: disable + indentation: + spaces: 2 + indent-sequences: consistent +ignore: | + .cache + .tox + tests/output diff --git a/README.md b/README.md index acdf5c7..f132654 100644 --- a/README.md +++ b/README.md @@ -17,11 +17,13 @@ Click on the name of a role to view that content's documentation: ### Roles Name | Description --- | --- +[cloud.gcp_ops.gcp_setup_credentials](https://github.com/redhat-cop/cloud.gcp_ops/blob/main/roles/gcp_setup_credentials/README.md)|A role to define credentials for google.cloud modules. +[cloud.gcp_ops.move_objects_between_storage_buckets](https://github.com/redhat-cop/cloud.gcp_ops/blob/main/roles/move_objects_between_storage_buckets/README.md)|A role to move objects between GCP Storage buckets. ### Playbooks Name | Description --- | --- - +cloud.gcp_ops.move_objects_between_storage_buckets](https://github.com/redhat-cop/cloud.gcp_ops/blob/main/playbooks/MOVE_OBJECTS_FROM_STORAGE_BUCKETS.md)|A playbook to move objects between GCP Storage buckets. ## Installation and Usage diff --git a/playbooks/MOVE_OBJECTS_BETWEEN_STORAGE_BUCKETS.md b/playbooks/MOVE_OBJECTS_BETWEEN_STORAGE_BUCKETS.md new file mode 100644 index 0000000..6eaccbc --- /dev/null +++ b/playbooks/MOVE_OBJECTS_BETWEEN_STORAGE_BUCKETS.md @@ -0,0 +1,12 @@ +## cloud.gcp_ops.move_objects_between_storage_buckets + +A playbook to move objects between GCP Storage buckets. + +Variables +-------------- + +* **move_objects_between_storage_buckets_source_bucket**: The name of the GCP storage bucket to retrieve objects from. **Required** +* **move_objects_between_storage_buckets_dest_bucket**: The name of the GCP storage bucket to download objects to. **Required** +* **move_objects_between_storage_buckets_objects**: A list of existing objects from the source bucket. **Required** + +See [cloud.gcp_ops.gcp_setup_credentials](https://github.com/redhat-cop/cloud.gcp_ops/blob/main/roles/gcp_setup_credentials/README.md) for required credentials variables. \ No newline at end of file diff --git a/playbooks/move_objects_between_storage_buckets.yaml b/playbooks/move_objects_between_storage_buckets.yaml new file mode 100644 index 0000000..ede14e2 --- /dev/null +++ b/playbooks/move_objects_between_storage_buckets.yaml @@ -0,0 +1,7 @@ +--- +- name: Move objects between Storage buckets + hosts: localhost + gather_facts: false + + roles: + - role: cloud.gcp_ops.move_objects_between_storage_buckets diff --git a/roles/gcp_setup_credentials/README.md b/roles/gcp_setup_credentials/README.md new file mode 100644 index 0000000..1741a7d --- /dev/null +++ b/roles/gcp_setup_credentials/README.md @@ -0,0 +1,52 @@ +# aws_setup_credentials + +A role to define credentials for google.cloud modules. The role defines a variable named **gcp_setup_credentials\_\_output** which contains GCP credentials for google.cloud modules based on user input. + +## Requirements + +N/A + +## Role Variables + +- **gcp_auth_kind**: The type of credential to use. Choices: ``application``, ``machineaccount``, ``serviceaccount``, ``accesstoken``. Default to ``serviceaccount`` +- **gcp_service_account_content**: The contents of a Service Account JSON file, either in a dictionary or as a JSON string. +- **gcp_service_account_file**: The path of a Service Account JSON file. +- **gcp_service_account_email**: An optional service account email address if ``gcp_auth_kind`` is set to ``machineaccount``and the user does not wish to use the default email. +- **gcp_access_token**: An OAuth2 access token if ``gcp_auth_kind`` is set to ``accesstoken``. +- **gcp_project**: The GCP project to use.. +- **gcp_scopes**: A List of GCP scopes to be used. + + +## Dependencies + +- NA + +## Example Playbook + + - hosts: localhost + gather_facts: false + + roles: + - role: cloud.gcp_ops.gcp_setup_credentials + gcp_service_account: path_to_my_service_account_file + gcp_project: my-sample-project + + tasks: + - name: Create a GCP storage bucket + module_defaults: + group/gcp: + '{{ gcp_setup_credentials__output }}' + block: + - name: Create a GCP Storage bucket + google.cloud.gcp_storage_bucket: + name: my-bucket-test + +## License + +GNU General Public License v3.0 or later + +See [LICENCE](https://github.com/ansible-collections/cloud.aws_troubleshooting/blob/main/LICENSE) to see the full text. + +## Author Information + +- Ansible Cloud Content Team diff --git a/roles/gcp_setup_credentials/defaults/main.yml b/roles/gcp_setup_credentials/defaults/main.yml new file mode 100644 index 0000000..f72ac4a --- /dev/null +++ b/roles/gcp_setup_credentials/defaults/main.yml @@ -0,0 +1,7 @@ +--- +gcp_auth_kind: serviceaccount +gcp_auth_kind_choices: + - application + - machineaccount + - serviceaccount + - accesstoken diff --git a/roles/gcp_setup_credentials/tasks/main.yml b/roles/gcp_setup_credentials/tasks/main.yml new file mode 100644 index 0000000..1cba373 --- /dev/null +++ b/roles/gcp_setup_credentials/tasks/main.yml @@ -0,0 +1,52 @@ +--- +- name: Validate auth_kind value + ansible.builtin.fail: + msg: "{{ gcp_auth_kind }} variable should be one of {{ gcp_auth_kind_choices }}" + when: gcp_auth_kind not in gcp_auth_kind_choices + +- name: Define intial value for credentials output + ansible.builtin.set_fact: + gcp_setup_credentials__output: {} + +- name: Set GCP auth kind + ansible.builtin.set_fact: + gcp_setup_credentials__output: "{{ gcp_setup_credentials__output | combine({'auth_kind': gcp_auth_kind}) }}" + no_log: true + +- name: Set GCP project + ansible.builtin.set_fact: + gcp_setup_credentials__output: "{{ gcp_setup_credentials__output | combine({'project': gcp_project}) }}" + when: gcp_project is defined + no_log: true + +- name: Set GCP scopes + ansible.builtin.set_fact: + gcp_setup_credentials__output: "{{ gcp_setup_credentials__output | combine({'scopes': gcp_scopes}) }}" + when: gcp_scopes is defined + no_log: true + +- name: Set GCP service account email + ansible.builtin.set_fact: + gcp_setup_credentials__output: "{{ gcp_setup_credentials__output | combine({'service_account_email': gcp_service_account_email}) }}" + when: gcp_service_account_email is defined + no_log: true + +- name: Set GCP access token + ansible.builtin.set_fact: + gcp_setup_credentials__output: "{{ gcp_setup_credentials__output | combine({'access_token': gcp_access_token}) }}" + when: + - gcp_access_token is defined + - gcp_auth_kind == "accesstoken" + no_log: true + +- name: Set GCP service account content + ansible.builtin.set_fact: + gcp_setup_credentials__output: "{{ gcp_setup_credentials__output | combine({'service_account_contents': gcp_service_account_content}) }}" + when: gcp_service_account_content is defined + no_log: true + +- name: Set GCP service account file + ansible.builtin.set_fact: + gcp_setup_credentials__output: "{{ gcp_setup_credentials__output | combine({'service_account_file': gcp_service_account_file}) }}" + when: gcp_service_account_file is defined + no_log: true diff --git a/roles/move_objects_between_storage_buckets/README.md b/roles/move_objects_between_storage_buckets/README.md new file mode 100644 index 0000000..4f75720 --- /dev/null +++ b/roles/move_objects_between_storage_buckets/README.md @@ -0,0 +1,50 @@ +move_objects_between_storage_buckets +================== + +A role to move an object from one GCP storage bucket to another. + +Requirements +------------ + +GCP credentials with permission to upload, download and delete objects from GCP storage bucket. + + +Role Variables +-------------- + +* **move_objects_between_storage_buckets_source_bucket**: The name of the GCP storage bucket to retrieve objects from. **Required** +* **move_objects_between_storage_buckets_dest_bucket**: The name of the GCP storage bucket to download objects to. **Required** +* **move_objects_between_storage_buckets_objects**: A list of existing objects from the source bucket. **Required** + +Dependencies +------------ + +- role: [gcp_setup_credentials](../gcp_setup_credentials/README.md) + +## Example: +``` +--- +- name: Playbook for moving one object from one GCP storage bucket into another. + hosts: localhost + gather_facts: false + + roles: + - role: cloud.gcp_ops.move_objects_between_storage_buckets + move_objects_between_storage_buckets_source_bucket: my-src-storage + move_objects_between_storage_buckets_dest_bucket: my-dest-storage + move_objects_between_storage_buckets_objects: + - object-1 + - object-2 +``` + +License +------- + +GNU General Public License v3.0 or later + +See [LICENCE](https://github.com/redhat-cop/cloud.gcp_ops/blob/main/LICENSE) to see the full text. + +Author Information +------------------ + +- Ansible Cloud Content Team diff --git a/roles/move_objects_between_storage_buckets/handlers/main.yml b/roles/move_objects_between_storage_buckets/handlers/main.yml new file mode 100644 index 0000000..a623040 --- /dev/null +++ b/roles/move_objects_between_storage_buckets/handlers/main.yml @@ -0,0 +1,5 @@ +--- +- name: Delete temporary directory + ansible.builtin.file: + state: absent + path: "{{ move_objects_between_storage_buckets__tmpdir.path }}" diff --git a/roles/move_objects_between_storage_buckets/meta/main.yml b/roles/move_objects_between_storage_buckets/meta/main.yml new file mode 100644 index 0000000..c498e42 --- /dev/null +++ b/roles/move_objects_between_storage_buckets/meta/main.yml @@ -0,0 +1,3 @@ +--- +dependencies: + - role: cloud.gcp_ops.gcp_setup_credentials diff --git a/roles/move_objects_between_storage_buckets/tasks/main.yml b/roles/move_objects_between_storage_buckets/tasks/main.yml new file mode 100644 index 0000000..5059377 --- /dev/null +++ b/roles/move_objects_between_storage_buckets/tasks/main.yml @@ -0,0 +1,27 @@ +--- +- name: Fail when 'move_objects_between_storage_buckets_source_bucket' is undefined + ansible.builtin.fail: + msg: GCP storage bucket source should be defined as move_objects_between_storage_buckets_source_bucket + when: move_objects_between_storage_buckets_source_bucket is undefined + +- name: Fail when 'move_objects_between_storage_buckets_dest_bucket' is undefined + ansible.builtin.fail: + msg: GCP storage bucket destination should be defined as move_objects_between_storage_buckets_dest_bucket + when: move_objects_between_storage_buckets_dest_bucket is undefined + +- name: Fail when 'move_objects_between_storage_buckets_objects' is undefined + ansible.builtin.fail: + msg: Objects to move should be defined as move_objects_between_storage_buckets_objects + when: move_objects_between_storage_buckets_objects is undefined + +- name: Create temporary directory to download objects in + ansible.builtin.tempfile: + state: directory + suffix: .storage + register: move_objects_between_storage_buckets__tmpdir + notify: + - 'Delete temporary directory' + +- name: Include tasks 'move_object.yml' + ansible.builtin.include_tasks: move_object.yml + with_items: "{{ move_objects_between_storage_buckets_objects }}" diff --git a/roles/move_objects_between_storage_buckets/tasks/move_object.yml b/roles/move_objects_between_storage_buckets/tasks/move_object.yml new file mode 100644 index 0000000..d7aa244 --- /dev/null +++ b/roles/move_objects_between_storage_buckets/tasks/move_object.yml @@ -0,0 +1,24 @@ +--- +- name: 'Move single object from source bucket into destination bucket' + module_defaults: + group/gcp: "{{ gcp_setup_credentials__output }}" + block: + - name: "Download object from bucket source bucket" + google.cloud.gcp_storage_object: + action: download + src: "{{ item }}" + dest: "{{ move_objects_between_storage_buckets__tmpdir.path }}/{{ item }}" + bucket: "{{ move_objects_between_storage_buckets_source_bucket }}" + + - name: "Updload object into destination bucket" + google.cloud.gcp_storage_object: + action: upload + src: "{{ move_objects_between_storage_buckets__tmpdir.path }}/{{ item }}" + dest: "{{ item }}" + bucket: "{{ move_objects_between_storage_buckets_dest_bucket }}" + + - name: "Delete object from source bucket" + google.cloud.gcp_storage_object: + action: delete + src: "{{ item }}" + bucket: "{{ move_objects_between_storage_buckets_source_bucket }}" diff --git a/tests/integration/targets/test_gcp_setup_credentials/aliases b/tests/integration/targets/test_gcp_setup_credentials/aliases new file mode 100644 index 0000000..2bfa73c --- /dev/null +++ b/tests/integration/targets/test_gcp_setup_credentials/aliases @@ -0,0 +1,3 @@ +cloud/gcp +role/gcp_setup_credentials +time=10s diff --git a/tests/integration/targets/test_gcp_setup_credentials/defaults/main.yml b/tests/integration/targets/test_gcp_setup_credentials/defaults/main.yml new file mode 100644 index 0000000..287aa06 --- /dev/null +++ b/tests/integration/targets/test_gcp_setup_credentials/defaults/main.yml @@ -0,0 +1,3 @@ +--- +gcp_storage_bucket_name: "{{ resource_prefix }}-bucket" +gcp_service_account_file: "{{ gcp_cred_file }}" diff --git a/tests/integration/targets/test_gcp_setup_credentials/tasks/main.yml b/tests/integration/targets/test_gcp_setup_credentials/tasks/main.yml new file mode 100644 index 0000000..0aee50d --- /dev/null +++ b/tests/integration/targets/test_gcp_setup_credentials/tasks/main.yml @@ -0,0 +1,21 @@ +--- +- name: Include 'gcp_setup_credentials' roles + ansible.builtin.include_role: + name: cloud.gcp_ops.gcp_setup_credentials + +- name: Trying calling module using generating credentials + module_defaults: + group/gcp: + "{{ gcp_setup_credentials__output }}" + block: + + - name: Create GCP storage bucket + google.cloud.gcp_storage_bucket: + name: "{{ gcp_storage_bucket_name }}" + state: present + + always: + - name: Delete GCP storage bucket + google.cloud.gcp_storage_bucket: + name: "{{ gcp_storage_bucket_name }}" + state: absent diff --git a/tests/integration/targets/test_move_objects_between_storage_buckets/aliases b/tests/integration/targets/test_move_objects_between_storage_buckets/aliases new file mode 100644 index 0000000..d4e7aea --- /dev/null +++ b/tests/integration/targets/test_move_objects_between_storage_buckets/aliases @@ -0,0 +1,3 @@ +cloud/gcp +role/move_objects_between_storage_buckets +time=10s diff --git a/tests/integration/targets/test_move_objects_between_storage_buckets/defaults/main.yml b/tests/integration/targets/test_move_objects_between_storage_buckets/defaults/main.yml new file mode 100644 index 0000000..0932974 --- /dev/null +++ b/tests/integration/targets/test_move_objects_between_storage_buckets/defaults/main.yml @@ -0,0 +1,8 @@ +--- +test_source_storage_bucket: "{{ resource_prefix }}-bucket-src" +test_dest_storage_bucket: "{{ resource_prefix }}-bucket-dest" +test_bucket_objects: + - name: "{{ resource_prefix }}-obj-1" + value: "This has been created using Ansible Seeded content Role" + - name: "{{ resource_prefix }}-obj-2" + value: "Ansible roles for managing GCP resources" diff --git a/tests/integration/targets/test_move_objects_between_storage_buckets/tasks/create_buckets.yml b/tests/integration/targets/test_move_objects_between_storage_buckets/tasks/create_buckets.yml new file mode 100644 index 0000000..f462b38 --- /dev/null +++ b/tests/integration/targets/test_move_objects_between_storage_buckets/tasks/create_buckets.yml @@ -0,0 +1,42 @@ +--- +- name: Create GCP Storage bucket + google.cloud.gcp_storage_bucket: + name: "{{ item }}" + auth_kind: "{{ gcp_auth_kind }}" + service_account_file: "{{ gcp_cred_file }}" + project: "{{ gcp_project }}" + with_items: + - "{{ test_source_storage_bucket }}" + - "{{ test_dest_storage_bucket }}" + +- name: Create temporary directory to store data + ansible.builtin.tempfile: + state: directory + suffix: .upload + register: _tmpdir + +- name: Upload objects into source bucket + block: + - name: Copy content into files + ansible.builtin.copy: + dest: "{{ _tmpdir.path }}/{{ item.name }}.txt" + content: "{{ item.value }}" + mode: '0755' + with_items: "{{ test_bucket_objects }}" + + - name: Upload object into source bucket + google.cloud.gcp_storage_object: + action: upload + bucket: "{{ test_source_storage_bucket }}" + src: "{{ _tmpdir.path }}/{{ item.name }}.txt" + dest: "{{ item.name }}" + auth_kind: "{{ gcp_auth_kind }}" + service_account_file: "{{ gcp_cred_file }}" + project: "{{ gcp_project }}" + with_items: "{{ test_bucket_objects }}" + + always: + - name: Delete temporary directory + ansible.builtin.file: + state: absent + path: "{{ _tmpdir.path }}" diff --git a/tests/integration/targets/test_move_objects_between_storage_buckets/tasks/delete_buckets.yml b/tests/integration/targets/test_move_objects_between_storage_buckets/tasks/delete_buckets.yml new file mode 100644 index 0000000..0afa969 --- /dev/null +++ b/tests/integration/targets/test_move_objects_between_storage_buckets/tasks/delete_buckets.yml @@ -0,0 +1,35 @@ +--- +- name: Delete objects from source buckets + google.cloud.gcp_storage_object: + action: delete + bucket: "{{ test_source_storage_bucket }}" + src: "{{ item.name }}" + auth_kind: "{{ gcp_auth_kind }}" + service_account_file: "{{ gcp_cred_file }}" + project: "{{ gcp_project }}" + with_items: "{{ test_bucket_objects }}" + register: delete_result + failed_when: (delete_result is failed) and (delete_result.msg != "File does not exist in bucket") + +- name: Delete objects from destination buckets + google.cloud.gcp_storage_object: + action: delete + bucket: "{{ test_dest_storage_bucket }}" + src: "{{ item.name }}" + auth_kind: "{{ gcp_auth_kind }}" + service_account_file: "{{ gcp_cred_file }}" + project: "{{ gcp_project }}" + with_items: "{{ test_bucket_objects }}" + register: delete_result + failed_when: (delete_result is failed) and (delete_result.msg != "File does not exist in bucket") + +- name: Delete GCP Storage bucket + google.cloud.gcp_storage_bucket: + name: "{{ item }}" + auth_kind: "{{ gcp_auth_kind }}" + service_account_file: "{{ gcp_cred_file }}" + project: "{{ gcp_project }}" + state: absent + with_items: + - "{{ test_source_storage_bucket }}" + - "{{ test_dest_storage_bucket }}" diff --git a/tests/integration/targets/test_move_objects_between_storage_buckets/tasks/main.yml b/tests/integration/targets/test_move_objects_between_storage_buckets/tasks/main.yml new file mode 100644 index 0000000..450c582 --- /dev/null +++ b/tests/integration/targets/test_move_objects_between_storage_buckets/tasks/main.yml @@ -0,0 +1,38 @@ +--- +- name: Test Role move_objects_between_storage_buckets + block: + - name: Create buckets + ansible.builtin.include_tasks: create_buckets.yml + + - name: Move objects from source to destination storage bucket + ansible.builtin.include_role: + name: cloud.gcp_ops.move_objects_between_storage_buckets + vars: + gcp_auth_kind: "{{ gcp_cred_kind }}" + gcp_service_account_file: "{{ gcp_cred_file }}" + move_objects_between_storage_buckets_source_bucket: "{{ test_source_storage_bucket }}" + move_objects_between_storage_buckets_dest_bucket: "{{ test_dest_storage_bucket }}" + move_objects_between_storage_buckets_objects: "{{ test_bucket_objects | map(attribute='name') | list }}" + + # Validate that objects were deleted from Source bucket + - name: Validate that objects have been removed from Source bucket + google.cloud.gcp_storage_object: + action: download + bucket: "{{ test_dest_storage_bucket }}" + src: "{{ item }}" + dest: "{{ item }}.txt" + auth_kind: "{{ gcp_auth_kind }}" + service_account_file: "{{ gcp_cred_file }}" + project: "{{ gcp_project }}" + with_items: "{{ test_bucket_objects }}" + register: _download + failed_when: (_download is not failed) or (_download.msg != "File does not exist in bucket") + + # Validate that objects from destination are stored as expected + - name: Validate objects move + ansible.builtin.include_tasks: validate_objects_from_bucket.yml + with_items: "{{ test_bucket_objects }}" + + always: + - name: Delete buckets + ansible.builtin.include_tasks: delete_buckets.yml diff --git a/tests/integration/targets/test_move_objects_between_storage_buckets/tasks/validate_objects_from_bucket.yml b/tests/integration/targets/test_move_objects_between_storage_buckets/tasks/validate_objects_from_bucket.yml new file mode 100644 index 0000000..1f8e2c9 --- /dev/null +++ b/tests/integration/targets/test_move_objects_between_storage_buckets/tasks/validate_objects_from_bucket.yml @@ -0,0 +1,30 @@ +--- +- name: Download content from bucket + block: + - name: Create temporary file + ansible.builtin.tempfile: + suffix: .object + register: _tmpfile + + - name: Download objects from destination bucket + google.cloud.gcp_storage_object: + action: download + bucket: "{{ test_dest_storage_bucket }}" + src: "{{ item.name }}" + dest: "{{ _tmpfile.path }}" + auth_kind: "{{ gcp_auth_kind }}" + service_account_file: "{{ gcp_cred_file }}" + project: "{{ gcp_project }}" + + - name: Assert that object value from Storage bucket is as expected + ansible.builtin.assert: + that: + - item.value == object_data + vars: + object_data: "{{ lookup('file', _tmpfile.path) }}" + + always: + - name: Delete temporary file + ansible.builtin.file: + state: absent + path: "{{ _tmpfile.path }}" diff --git a/tox.ini b/tox.ini index fa91e82..4aab852 100644 --- a/tox.ini +++ b/tox.ini @@ -9,16 +9,16 @@ install_command = pip install {opts} {packages} [testenv:black] deps = - black >= 23.0, < 24.0 + black >= 22.0, < 23.0 commands = black {toxinidir}/plugins {toxinidir}/tests [testenv:ansible-lint] deps = - ansible-lint==6.17.2 + ansible-lint==6.16.0 changedir = {toxinidir} -commands = +commands = ansible-lint [testenv:linters] From 9767d8b61f0b19b32b16d96fd1b2fc9d01e91d2b Mon Sep 17 00:00:00 2001 From: abikouo Date: Thu, 17 Aug 2023 15:49:35 +0200 Subject: [PATCH 2/7] add changelog --- .../20230817-move-objects-between-storage-buckets.yaml | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 changelogs/fragments/20230817-move-objects-between-storage-buckets.yaml diff --git a/changelogs/fragments/20230817-move-objects-between-storage-buckets.yaml b/changelogs/fragments/20230817-move-objects-between-storage-buckets.yaml new file mode 100644 index 0000000..552f47d --- /dev/null +++ b/changelogs/fragments/20230817-move-objects-between-storage-buckets.yaml @@ -0,0 +1,3 @@ +--- +minor_changes: + - add new role and playbook to move objects between GCP Storage buckets (https://github.com/redhat-cop/cloud.gcp_ops/pull/4). From 298494ecb30dd05baf8c3ca227d144fe1ff57016 Mon Sep 17 00:00:00 2001 From: abikouo Date: Thu, 17 Aug 2023 16:39:57 +0200 Subject: [PATCH 3/7] fix: issue with changelog --- changelogs/config.yaml | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 changelogs/config.yaml diff --git a/changelogs/config.yaml b/changelogs/config.yaml new file mode 100644 index 0000000..0302c85 --- /dev/null +++ b/changelogs/config.yaml @@ -0,0 +1,30 @@ +--- +changelog_filename_template: ../CHANGELOG.rst +changelog_filename_version_depth: 0 +changes_file: changelog.yaml +changes_format: combined +keep_fragments: false +mention_ancestor: true +new_plugins_after_name: removed_features +notesdir: fragments +prelude_section_name: release_summary +prelude_section_title: Release Summary +sections: + - - major_changes + - Major Changes + - - minor_changes + - Minor Changes + - - breaking_changes + - Breaking Changes / Porting Guide + - - deprecated_features + - Deprecated Features + - - removed_features + - Removed Features (previously deprecated) + - - security_fixes + - Security Fixes + - - bugfixes + - Bugfixes + - - known_issues + - Known Issues +title: CHANGE THIS IN changelogs/config.yaml! +trivial_section_name: trivial From 97d91aff7584e84230c3b9efe52760b1522c933c Mon Sep 17 00:00:00 2001 From: abikouo Date: Thu, 17 Aug 2023 16:56:58 +0200 Subject: [PATCH 4/7] ansible-lint fix: add changelogs/changelog.yaml --- changelogs/changelog.yaml | 1 + 1 file changed, 1 insertion(+) create mode 100644 changelogs/changelog.yaml diff --git a/changelogs/changelog.yaml b/changelogs/changelog.yaml new file mode 100644 index 0000000..2abdaca --- /dev/null +++ b/changelogs/changelog.yaml @@ -0,0 +1 @@ +releases: {} From f586e5b4a41500128a249bf4601286a38b7bcb8b Mon Sep 17 00:00:00 2001 From: abikouo Date: Thu, 17 Aug 2023 17:02:07 +0200 Subject: [PATCH 5/7] Revert update for tox.ini --- .../targets/test_gcp_setup_credentials/defaults/main.yml | 1 + .../tasks/main.yml | 2 -- tox.ini | 6 +++--- 3 files changed, 4 insertions(+), 5 deletions(-) diff --git a/tests/integration/targets/test_gcp_setup_credentials/defaults/main.yml b/tests/integration/targets/test_gcp_setup_credentials/defaults/main.yml index 287aa06..485d795 100644 --- a/tests/integration/targets/test_gcp_setup_credentials/defaults/main.yml +++ b/tests/integration/targets/test_gcp_setup_credentials/defaults/main.yml @@ -1,3 +1,4 @@ --- gcp_storage_bucket_name: "{{ resource_prefix }}-bucket" gcp_service_account_file: "{{ gcp_cred_file }}" +gcp_auth_kind: "{{ gcp_cred_kind }}" diff --git a/tests/integration/targets/test_move_objects_between_storage_buckets/tasks/main.yml b/tests/integration/targets/test_move_objects_between_storage_buckets/tasks/main.yml index 450c582..5732d7f 100644 --- a/tests/integration/targets/test_move_objects_between_storage_buckets/tasks/main.yml +++ b/tests/integration/targets/test_move_objects_between_storage_buckets/tasks/main.yml @@ -8,8 +8,6 @@ ansible.builtin.include_role: name: cloud.gcp_ops.move_objects_between_storage_buckets vars: - gcp_auth_kind: "{{ gcp_cred_kind }}" - gcp_service_account_file: "{{ gcp_cred_file }}" move_objects_between_storage_buckets_source_bucket: "{{ test_source_storage_bucket }}" move_objects_between_storage_buckets_dest_bucket: "{{ test_dest_storage_bucket }}" move_objects_between_storage_buckets_objects: "{{ test_bucket_objects | map(attribute='name') | list }}" diff --git a/tox.ini b/tox.ini index 4aab852..fa91e82 100644 --- a/tox.ini +++ b/tox.ini @@ -9,16 +9,16 @@ install_command = pip install {opts} {packages} [testenv:black] deps = - black >= 22.0, < 23.0 + black >= 23.0, < 24.0 commands = black {toxinidir}/plugins {toxinidir}/tests [testenv:ansible-lint] deps = - ansible-lint==6.16.0 + ansible-lint==6.17.2 changedir = {toxinidir} -commands = +commands = ansible-lint [testenv:linters] From 890a8b0337f73bb827150bd7e3b391af9817d7a9 Mon Sep 17 00:00:00 2001 From: abikouo Date: Tue, 22 Aug 2023 16:25:16 +0200 Subject: [PATCH 6/7] Remove reference to gcp_setup_credentials --- README.md | 1 - changelogs/changelog.yaml | 1 - changelogs/config.yaml | 30 ----------- roles/gcp_setup_credentials/README.md | 52 ------------------- roles/gcp_setup_credentials/defaults/main.yml | 7 --- roles/gcp_setup_credentials/tasks/main.yml | 52 ------------------- .../test_gcp_setup_credentials/aliases | 3 -- .../defaults/main.yml | 4 -- .../test_gcp_setup_credentials/tasks/main.yml | 21 -------- 9 files changed, 171 deletions(-) delete mode 100644 changelogs/changelog.yaml delete mode 100644 changelogs/config.yaml delete mode 100644 roles/gcp_setup_credentials/README.md delete mode 100644 roles/gcp_setup_credentials/defaults/main.yml delete mode 100644 roles/gcp_setup_credentials/tasks/main.yml delete mode 100644 tests/integration/targets/test_gcp_setup_credentials/aliases delete mode 100644 tests/integration/targets/test_gcp_setup_credentials/defaults/main.yml delete mode 100644 tests/integration/targets/test_gcp_setup_credentials/tasks/main.yml diff --git a/README.md b/README.md index f132654..a96100e 100644 --- a/README.md +++ b/README.md @@ -17,7 +17,6 @@ Click on the name of a role to view that content's documentation: ### Roles Name | Description --- | --- -[cloud.gcp_ops.gcp_setup_credentials](https://github.com/redhat-cop/cloud.gcp_ops/blob/main/roles/gcp_setup_credentials/README.md)|A role to define credentials for google.cloud modules. [cloud.gcp_ops.move_objects_between_storage_buckets](https://github.com/redhat-cop/cloud.gcp_ops/blob/main/roles/move_objects_between_storage_buckets/README.md)|A role to move objects between GCP Storage buckets. ### Playbooks diff --git a/changelogs/changelog.yaml b/changelogs/changelog.yaml deleted file mode 100644 index 2abdaca..0000000 --- a/changelogs/changelog.yaml +++ /dev/null @@ -1 +0,0 @@ -releases: {} diff --git a/changelogs/config.yaml b/changelogs/config.yaml deleted file mode 100644 index 0302c85..0000000 --- a/changelogs/config.yaml +++ /dev/null @@ -1,30 +0,0 @@ ---- -changelog_filename_template: ../CHANGELOG.rst -changelog_filename_version_depth: 0 -changes_file: changelog.yaml -changes_format: combined -keep_fragments: false -mention_ancestor: true -new_plugins_after_name: removed_features -notesdir: fragments -prelude_section_name: release_summary -prelude_section_title: Release Summary -sections: - - - major_changes - - Major Changes - - - minor_changes - - Minor Changes - - - breaking_changes - - Breaking Changes / Porting Guide - - - deprecated_features - - Deprecated Features - - - removed_features - - Removed Features (previously deprecated) - - - security_fixes - - Security Fixes - - - bugfixes - - Bugfixes - - - known_issues - - Known Issues -title: CHANGE THIS IN changelogs/config.yaml! -trivial_section_name: trivial diff --git a/roles/gcp_setup_credentials/README.md b/roles/gcp_setup_credentials/README.md deleted file mode 100644 index 1741a7d..0000000 --- a/roles/gcp_setup_credentials/README.md +++ /dev/null @@ -1,52 +0,0 @@ -# aws_setup_credentials - -A role to define credentials for google.cloud modules. The role defines a variable named **gcp_setup_credentials\_\_output** which contains GCP credentials for google.cloud modules based on user input. - -## Requirements - -N/A - -## Role Variables - -- **gcp_auth_kind**: The type of credential to use. Choices: ``application``, ``machineaccount``, ``serviceaccount``, ``accesstoken``. Default to ``serviceaccount`` -- **gcp_service_account_content**: The contents of a Service Account JSON file, either in a dictionary or as a JSON string. -- **gcp_service_account_file**: The path of a Service Account JSON file. -- **gcp_service_account_email**: An optional service account email address if ``gcp_auth_kind`` is set to ``machineaccount``and the user does not wish to use the default email. -- **gcp_access_token**: An OAuth2 access token if ``gcp_auth_kind`` is set to ``accesstoken``. -- **gcp_project**: The GCP project to use.. -- **gcp_scopes**: A List of GCP scopes to be used. - - -## Dependencies - -- NA - -## Example Playbook - - - hosts: localhost - gather_facts: false - - roles: - - role: cloud.gcp_ops.gcp_setup_credentials - gcp_service_account: path_to_my_service_account_file - gcp_project: my-sample-project - - tasks: - - name: Create a GCP storage bucket - module_defaults: - group/gcp: - '{{ gcp_setup_credentials__output }}' - block: - - name: Create a GCP Storage bucket - google.cloud.gcp_storage_bucket: - name: my-bucket-test - -## License - -GNU General Public License v3.0 or later - -See [LICENCE](https://github.com/ansible-collections/cloud.aws_troubleshooting/blob/main/LICENSE) to see the full text. - -## Author Information - -- Ansible Cloud Content Team diff --git a/roles/gcp_setup_credentials/defaults/main.yml b/roles/gcp_setup_credentials/defaults/main.yml deleted file mode 100644 index f72ac4a..0000000 --- a/roles/gcp_setup_credentials/defaults/main.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -gcp_auth_kind: serviceaccount -gcp_auth_kind_choices: - - application - - machineaccount - - serviceaccount - - accesstoken diff --git a/roles/gcp_setup_credentials/tasks/main.yml b/roles/gcp_setup_credentials/tasks/main.yml deleted file mode 100644 index 1cba373..0000000 --- a/roles/gcp_setup_credentials/tasks/main.yml +++ /dev/null @@ -1,52 +0,0 @@ ---- -- name: Validate auth_kind value - ansible.builtin.fail: - msg: "{{ gcp_auth_kind }} variable should be one of {{ gcp_auth_kind_choices }}" - when: gcp_auth_kind not in gcp_auth_kind_choices - -- name: Define intial value for credentials output - ansible.builtin.set_fact: - gcp_setup_credentials__output: {} - -- name: Set GCP auth kind - ansible.builtin.set_fact: - gcp_setup_credentials__output: "{{ gcp_setup_credentials__output | combine({'auth_kind': gcp_auth_kind}) }}" - no_log: true - -- name: Set GCP project - ansible.builtin.set_fact: - gcp_setup_credentials__output: "{{ gcp_setup_credentials__output | combine({'project': gcp_project}) }}" - when: gcp_project is defined - no_log: true - -- name: Set GCP scopes - ansible.builtin.set_fact: - gcp_setup_credentials__output: "{{ gcp_setup_credentials__output | combine({'scopes': gcp_scopes}) }}" - when: gcp_scopes is defined - no_log: true - -- name: Set GCP service account email - ansible.builtin.set_fact: - gcp_setup_credentials__output: "{{ gcp_setup_credentials__output | combine({'service_account_email': gcp_service_account_email}) }}" - when: gcp_service_account_email is defined - no_log: true - -- name: Set GCP access token - ansible.builtin.set_fact: - gcp_setup_credentials__output: "{{ gcp_setup_credentials__output | combine({'access_token': gcp_access_token}) }}" - when: - - gcp_access_token is defined - - gcp_auth_kind == "accesstoken" - no_log: true - -- name: Set GCP service account content - ansible.builtin.set_fact: - gcp_setup_credentials__output: "{{ gcp_setup_credentials__output | combine({'service_account_contents': gcp_service_account_content}) }}" - when: gcp_service_account_content is defined - no_log: true - -- name: Set GCP service account file - ansible.builtin.set_fact: - gcp_setup_credentials__output: "{{ gcp_setup_credentials__output | combine({'service_account_file': gcp_service_account_file}) }}" - when: gcp_service_account_file is defined - no_log: true diff --git a/tests/integration/targets/test_gcp_setup_credentials/aliases b/tests/integration/targets/test_gcp_setup_credentials/aliases deleted file mode 100644 index 2bfa73c..0000000 --- a/tests/integration/targets/test_gcp_setup_credentials/aliases +++ /dev/null @@ -1,3 +0,0 @@ -cloud/gcp -role/gcp_setup_credentials -time=10s diff --git a/tests/integration/targets/test_gcp_setup_credentials/defaults/main.yml b/tests/integration/targets/test_gcp_setup_credentials/defaults/main.yml deleted file mode 100644 index 485d795..0000000 --- a/tests/integration/targets/test_gcp_setup_credentials/defaults/main.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -gcp_storage_bucket_name: "{{ resource_prefix }}-bucket" -gcp_service_account_file: "{{ gcp_cred_file }}" -gcp_auth_kind: "{{ gcp_cred_kind }}" diff --git a/tests/integration/targets/test_gcp_setup_credentials/tasks/main.yml b/tests/integration/targets/test_gcp_setup_credentials/tasks/main.yml deleted file mode 100644 index 0aee50d..0000000 --- a/tests/integration/targets/test_gcp_setup_credentials/tasks/main.yml +++ /dev/null @@ -1,21 +0,0 @@ ---- -- name: Include 'gcp_setup_credentials' roles - ansible.builtin.include_role: - name: cloud.gcp_ops.gcp_setup_credentials - -- name: Trying calling module using generating credentials - module_defaults: - group/gcp: - "{{ gcp_setup_credentials__output }}" - block: - - - name: Create GCP storage bucket - google.cloud.gcp_storage_bucket: - name: "{{ gcp_storage_bucket_name }}" - state: present - - always: - - name: Delete GCP storage bucket - google.cloud.gcp_storage_bucket: - name: "{{ gcp_storage_bucket_name }}" - state: absent From 9a56cec20b738aa1de37f20617a3311913fb653b Mon Sep 17 00:00:00 2001 From: abikouo Date: Tue, 22 Aug 2023 16:26:13 +0200 Subject: [PATCH 7/7] remove .yamllint --- .yamllint | 20 -------------------- 1 file changed, 20 deletions(-) delete mode 100644 .yamllint diff --git a/.yamllint b/.yamllint deleted file mode 100644 index bc74eed..0000000 --- a/.yamllint +++ /dev/null @@ -1,20 +0,0 @@ ---- -extends: default - -rules: - braces: - max-spaces-inside: 1 - level: error - brackets: - max-spaces-inside: 1 - level: error - document-start: disable - line-length: disable - truthy: disable - indentation: - spaces: 2 - indent-sequences: consistent -ignore: | - .cache - .tox - tests/output