-
Notifications
You must be signed in to change notification settings - Fork 23.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ec2_vpc_igw: migrate to boto3 #45346
Conversation
The test
The test
|
Hi @zeenlym, Thank you for the pullrequest, just so you are aware we have a dedicated Working Group for aws. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd be in favor of not having a class in the module just to simplify things a little but LGTM even with it. There should be integration tests added to help ensure backward compatibility.
'tags': igw.tags, | ||
'vpc_id': igw.vpc_id | ||
} | ||
class AnsibleEc2Igw(object): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Most AWS modules don't implement classes as using a few functions is often more readable.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I find it easier to read within a class, and using attributes prevent from passing lots of parameters to functions.
I think if all AWS modules uses classes even if module complexity is very high or very low readability will be the same.
def get_resource_tags(vpc_conn, resource_id): | ||
return dict((t.name, t.value) for t in | ||
vpc_conn.get_all_tags(filters={'resource-id': resource_id})) | ||
def connect(self): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You don't need to access get_aws_connection_info and boto3_conn directly and any errors with the connection should be handled by boto3_conn. After creating the module by module = AnsibleAWSModule(...
the connection can be created with module.client('ec2')
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok
igws = response['InternetGateways'] | ||
except botocore.exceptions.ClientError as e: | ||
self.fail(msg=str(e)) | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Remove some extra whitespace
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok
if igw is None: | ||
if check_mode: | ||
return {'changed': True, 'gateway_id': None} | ||
self.start_timer() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This doesn't appear to do anything for the module.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That's rigth, sorry for this
|
||
igw.vpc_id = vpc_id | ||
if to_delete and not add_only: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think rather than checking for to_delete and add_only here (and having two hardcoded values for add_only and the purge_tags parameter for compare_aws_tags), I'd consolidate the options since they do the same thing and only have one hardcoded value:
purge_tags = bool(not add_only)
to_update, to_delete = compare_aws_tags(boto3_tag_list_to_ansible_dict(cur_tags.get('Tags')), tags, purge_tags)
And then to_delete will only be populated if tags are being removed and you don't have to reference add_only in other places.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok
|
||
from ansible.module_utils.aws.core import AnsibleAWSModule | ||
from ansible.module_utils.ec2 import ( | ||
AnsibleAWSError, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You can remove this line.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok
@s-hertel has said what I would say in regard to integration tests. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
A few minor issues but nothing that would stop this module working
tags_list.append({'Key': key}) | ||
|
||
AWSRetry.exponential_backoff( | ||
catch_extra_error_codes=['InvalidSubnetID.NotFound'] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This doesn't seem right to me - you may not need the catch_extra_error_codes
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok some copy paste from other modules, but I couldn't understand purpose. I am removing it.
try: | ||
response = self._connection.describe_internet_gateways(Filters=filters) | ||
igws = response.get('InternetGateways', []) | ||
except botocore.exceptions.ClientError as e: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
need to catch BotoCoreError here too.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok
'changed': changed, | ||
'gateway': igw_info | ||
} | ||
def fail(self, **kwargs): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think this is really needed (and doesn't seem to be used)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok
final_tags.update(to_update) | ||
else: | ||
AWSRetry.exponential_backoff( | ||
catch_extra_error_codes=['InvalidInternetID.NotFound'] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
InvalidInternetID
doesn't seem to exist according to botocore's source
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Removed line
The test
|
@willthames Do I need to remove classes ? |
@zeenlym no, you don't need to. It has been our preference to not use classes where not required, but the classes might be useful in future anyway. Once there is a test suite, this should be good to merge. |
Why is there no helper to update of aws resource tags ? The only changes are client, resource-id and resource-type ? |
@zeenlym, the reason why there is no update tag helper is that each AWS resource type implements their tag management API differently. Other than that, the reason is that no-one has written one. |
Thanks for all checks, for the next 2 weeks I cannot fix nether add integration tests, I will do it after. |
I've created a test suite in #45903 (based almost entirely on the egress_igw tests). I ran it before this change, then re-ran it with this change, and it's all good. The test suite can be merged separately. |
Thanks so much for the boto3 migration @zeenlym, what a great first contribution! |
SUMMARY
AWS boto only modules present issues with corporate internet proxies. Migrate to boto3 solves problems. Code is simplier and more ansible aws helpers are used.
Fixes #44889
ISSUE TYPE
COMPONENT NAME
ANSIBLE VERSION
ADDITIONAL INFORMATION