aws_codecommit: Fix integration tests and Add support for updating th…

…e description (ansible#61263) * Update DevOps AWS policy - Fix typos in permission names - While AWS claims you can use 'arn:aws:codecommit:*' it errors unless you use '*' * aws_codecommit: (integration tests) Migrate to module_defaults * aws_codecommit: (integration tests) Fix integration tests * aws_codecommit: (integration tests) Add tests for updating the description * aws_codecommit: Add support for updating the description and rename "comment" option to "description"
adharshsrivatsr · Sep 3, 2019 · 7d94253 · 7d94253
1 parent f2d93d2
commit 7d94253
Show file tree

Hide file tree

Showing 4 changed files with 105 additions and 34 deletions.
diff --git a/changelogs/fragments/61263-aws_codecommit-description.yml b/changelogs/fragments/61263-aws_codecommit-description.yml
@@ -0,0 +1,2 @@
+minor_changes:
+  - aws_codecommit - Support updating the description
diff --git a/hacking/aws_config/testing_policies/devops-policy.json b/hacking/aws_config/testing_policies/devops-policy.json
@@ -6,12 +6,12 @@
         "Effect": "Allow",
         "Action": [
           "codecommit:ListRepositories",
-          "codecommit:CreateRepositories",
-          "codecommit:DeleteRpositories"
+          "codecommit:*Repository",
+          "codecommit:*RepositoryDescription"
         ],
         "Resource": [
-          "arn:aws:codecommit:*"
+          "*"
         ]
       }
     ]
-}
+}
diff --git a/lib/ansible/modules/cloud/amazon/aws_codecommit.py b/lib/ansible/modules/cloud/amazon/aws_codecommit.py
@@ -27,10 +27,12 @@
     description:
       - name of repository.
     required: true
-  comment:
+  description:
     description:
       - description or comment of repository.
     required: false
+    aliases:
+      - comment
   state:
     description:
       - Specifies the state of repository.
@@ -150,12 +152,20 @@ def __init__(self, module=None):
     def process(self):
         result = dict(changed=False)
 
-        if self._module.params['state'] == 'present' and not self._repository_exists():
-            if not self._module.check_mode:
-                result = self._create_repository()
-            result['changed'] = True
+        if self._module.params['state'] == 'present':
+            if not self._repository_exists():
+                if not self._check_mode:
+                    result = self._create_repository()
+                result['changed'] = True
+            else:
+                metadata = self._get_repository()['repositoryMetadata']
+                if metadata['repositoryDescription'] != self._module.params['description']:
+                    if not self._check_mode:
+                        self._update_repository()
+                    result['changed'] = True
+                result.update(self._get_repository())
         if self._module.params['state'] == 'absent' and self._repository_exists():
-            if not self._module.check_mode:
+            if not self._check_mode:
                 result = self._delete_repository()
             result['changed'] = True
         return result
@@ -172,11 +182,30 @@ def _repository_exists(self):
             self._module.fail_json_aws(e, msg="couldn't get repository")
         return False
 
+    def _get_repository(self):
+        try:
+            result = self._client.get_repository(
+                repositoryName=self._module.params['name']
+            )
+        except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e:
+            self._module.fail_json_aws(e, msg="couldn't get repository")
+        return result
+
+    def _update_repository(self):
+        try:
+            result = self._client.update_repository_description(
+                repositoryName=self._module.params['name'],
+                repositoryDescription=self._module.params['description']
+            )
+        except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e:
+            self._module.fail_json_aws(e, msg="couldn't create repository")
+        return result
+
     def _create_repository(self):
         try:
             result = self._client.create_repository(
                 repositoryName=self._module.params['name'],
-                repositoryDescription=self._module.params['comment']
+                repositoryDescription=self._module.params['description']
             )
         except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e:
             self._module.fail_json_aws(e, msg="couldn't create repository")
@@ -196,7 +225,7 @@ def main():
     argument_spec = dict(
         name=dict(required=True),
         state=dict(choices=['present', 'absent'], required=True),
-        comment=dict(default='')
+        description=dict(default='', aliases=['comment'])
     )
 
     ansible_aws_module = AnsibleAWSModule(

diff --git a/test/integration/targets/aws_codecommit/tasks/main.yml b/test/integration/targets/aws_codecommit/tasks/main.yml
@@ -1,65 +1,105 @@
 ---
-- block:
-  # ============================================================
-  - name: set connection information for all tasks
-    set_fact:
-      aws_connection_info: &aws_connection_info
-        aws_access_key: "{{ aws_access_key }}"
-        aws_secret_key: "{{ aws_secret_key }}"
-        security_token: "{{ security_token }}"
-        region: "{{ aws_region }}"
-    no_log: true
+- module_defaults:
+    group/aws:
+      aws_access_key: "{{ aws_access_key }}"
+      aws_secret_key: "{{ aws_secret_key }}"
+      security_token: "{{ security_token | default(omit) }}"
+      region: "{{ aws_region }}"
+  block:
   # ============================================================
+  - name: Create a repository (CHECK MODE)
+    aws_codecommit:
+      name: "{{ resource_prefix }}_repo"
+      description: original comment
+      state: present
+    register: output
+    check_mode: yes
+  - assert:
+      that:
+        - output is changed
+
   - name: Create a repository
     aws_codecommit:
       name: "{{ resource_prefix }}_repo"
-      comment: original comment
+      description: original comment
       state: present
-      <<: *aws_connection_info
     register: output
   - assert:
       that:
         - output is changed
-        - output['repository_metadata'].repository_name == '{{ resource_prefix }}_repo'
-        - output['repository_metadata'].repository_description == 'original comment'
-  # ============================================================
-  - name: Create a repository (CHECK MODE)
+        - output.repository_metadata.repository_name == '{{ resource_prefix }}_repo'
+        - output.repository_metadata.repository_description == 'original comment'
+
+  - name: No-op update to repository
     aws_codecommit:
-      name: "{{ resource_prefix }}_check_repo"
-      comment: original comment
+      name: "{{ resource_prefix }}_repo"
+      description: original comment
+      state: present
+    register: output
+  - assert:
+      that:
+        - output is not changed
+        - output.repository_metadata.repository_name == '{{ resource_prefix }}_repo'
+        - output.repository_metadata.repository_description == 'original comment'
+
+  - name: Update repository description (CHECK MODE)
+    aws_codecommit:
+      name: "{{ resource_prefix }}_repo"
+      description: new comment
       state: present
-      <<: *aws_connection_info
     register: output
     check_mode: yes
   - assert:
       that:
         - output is changed
+        - output.repository_metadata.repository_name == '{{ resource_prefix }}_repo'
+        - output.repository_metadata.repository_description == 'original comment'
+
+  - name: Update repository description
+    aws_codecommit:
+      name: "{{ resource_prefix }}_repo"
+      description: new comment
+      state: present
+    register: output
+  - assert:
+      that:
+        - output is changed
+        - output.repository_metadata.repository_name == '{{ resource_prefix }}_repo'
+        - output.repository_metadata.repository_description == 'new comment'
+
   # ============================================================
   - name: Delete  a repository (CHECK MODE)
     aws_codecommit:
       name: "{{ resource_prefix }}_repo"
       state: absent
-      <<: *aws_connection_info
     register: output
     check_mode: yes
   - assert:
       that:
         - output is changed
+
   - name: Delete  a repository
     aws_codecommit:
       name: "{{ resource_prefix }}_repo"
       state: absent
-      <<: *aws_connection_info
     register: output
   - assert:
       that:
         - output is changed
 
+  - name: Delete a non-existent repository
+    aws_codecommit:
+      name: "{{ resource_prefix }}_repo"
+      state: absent
+    register: output
+  - assert:
+      that:
+        - output is not changed
+
   always:
      ###### TEARDOWN STARTS HERE ######
     - name: Delete  a repository
       aws_codecommit:
         name: "{{ resource_prefix }}_repo"
         state: absent
-        <<: *aws_connection_info
       ignore_errors: yes