-
Notifications
You must be signed in to change notification settings - Fork 396
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add module elb_security_group and tests #182
Add module elb_security_group and tests #182
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for taking the time to submit this new module.
Most of the suggestions below are nit-picks. However, there are a couple of things
- For net-new modules we generally prefer that they support check_mode
- When no change is made changed should return False
- Please add a changelog fragment: https://docs.ansible.com/ansible/latest/community/development_process.html#changelogs-how-to
module.params.get('security_group_ids') | ||
) | ||
|
||
result['changed'] = True |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is always going to return true even if nothing changes
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi @tremble ,I think a change will be made unless an exception is thrown or the same set of security group ids is supplied. I am not sure but boto3 may even set the same sgs again. The function does not return whether or not no change was made, and may in itself may not be idempotent, of course i can look if needed. I could first inspect what sgs are already attached and compare against them, but I am not sure if this information is worth the cost of an extra api call. Or? What do you advise in this situation?
- "{{ test_subnets_msg['results'][1]['subnet']['id'] }}" | ||
state: present | ||
register: alb | ||
- name: Attach a security group |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please add tests for things like idempotency
original_message='' | ||
) | ||
|
||
module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=False) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As a net-new module I'd rather see support for check_mode from day one.
Co-authored-by: Mark Chappell <mchappel@redhat.com>
Co-authored-by: Mark Chappell <mchappel@redhat.com>
Co-authored-by: Mark Chappell <mchappel@redhat.com>
Co-authored-by: Mark Chappell <mchappel@redhat.com>
Co-authored-by: Mark Chappell <mchappel@redhat.com>
randomize vcp cidr
…ity.aws into feature/elb-security-group
Co-authored-by: Mark Chappell <mchappel@redhat.com>
…ity.aws into feature/elb-security-group
@mmoyle this PR contains the following merge commits: Please rebase your branch to remove these commits. |
The test
The test
The test
The test
The test
The test
|
Thanks for taking the time to open this PR. This PR appears to have stalled out and has a number of open review points. Looking at the elb_application_lb module we already support managing the Security Groups on an existing ALB. The existing support also appears to be a little more comprehensive, including supporting using security group names and idempotency. As such I'm going to close out this PR. |
SUMMARY
Add module
ISSUE TYPE
COMPONENT NAME
elb_security_group