Migrate iam_role* modules and tests #1760
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@eb75681
This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@13b104b
* Rename core collection Rename references to ansible.amazon to amazon.aws. * Rename community.amazon to community.aws Fix pep8 line lengths for rewritten amazon.aws imports * Missed a path in shippable.sh * Dependency repos moved This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@235c5db
* Remove ANSIBLE_METADATA entirely, see ansible/ansible/pull/69454. Remove `license` field from galaxy.yml, in favor of `license_file`. This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@05672a6
* Update module deprecations Switch version to `removed_at_date` * Don't install amazon.aws from galaxy We've been using galaxy to install amazon.aws in shippable, but that doesn't really work if we aren't publising faster. Get that collection from git so it is most up to date. * We need to declare python test deps now * missed a python dep This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@7cd211e
Updated module examples with FQCN Signed-off-by: Abhijeet Kasurde <[email protected]> This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@98173ae
Co-authored-by: Ezekiel Hendrickson <[email protected]> This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@10853d9
* Update docs Remove .git from repo url so links in readme will generate correctly Add required ansible version Run latest version of add_docs.py Add version_added string to modules * galaxy.yml was missing authors This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@96ee268
Signed-off-by: Abhijeet Kasurde <[email protected]> This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@059cf9e
* Reorder imports * Make use of is_boto3_error_message * Mass-migration over to is_boto3_error_code * Remove unused imports * unused vars in exception * Improve consistency around catching BotoCoreError and ClientError * Remove unused imports * Remove unused 'PolicyError' from iam_policy_info * Avoid catching botocore.exceptions.ClientError when we only want some error codes * Import camel_dict_to_snake_dict/snake_dict_to_camel_dict from ansible.module_utils.common.dict_transformations This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@4cf52ef
ansible-collections#411) Add some additional comments so we know *why* the various tests aren't running. Looks like most of them just need policy updates This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@0d24559
… 3.6/boto3 This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@c097c55
This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@2c7557d
This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@f3446fd
This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@bec291e
This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@3ef4fa6
This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@df9abcb
This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@623dee5
…with the module.deprecate date entries) This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@3ae2b3e
Add waiter to the iam_role module SUMMARY This change adds the wait param used in other AWS modules, adding usage of a waiter for the iam_role creation / updates. Currently there is no waiting done to ensure the iam_role has actually created and is available before exiting. The tests have also been split up into separate files to make it a bit more manageable. Fixes: ansible-collections#710 ISSUE TYPE Feature Pull Request COMPONENT NAME iam_role ADDITIONAL INFORMATION Successful run completed of the iam_role integration test suite locally: ansible-test integration --docker centos8 -v iam_role --allow-unsupported PLAY RECAP ********************************************************************* testhost : ok=198 changed=46 unreachable=0 failed=0 skipped=0 rescued=0 ignored=7 AWS ACTIONS: ['iam:AddRoleToInstanceProfile', 'iam:AttachRolePolicy', 'iam:CreateInstanceProfile', 'iam:CreatePolicy', 'iam:CreateRole', 'iam:DeleteInstanceProfile', 'iam:DeletePolicy', 'iam:DeleteRole', 'iam:DeleteRolePermissionsBoundary', 'iam:DeleteRolePolicy', 'iam:DetachRolePolicy', 'iam:GetRole', 'iam:GetRolePolicy', 'iam:ListAttachedRolePolicies', 'iam:ListEntitiesForPolicy', 'iam:ListInstanceProfilesForRole', 'iam:ListPolicies', 'iam:ListPolicyVersions', 'iam:ListRolePolicies', 'iam:ListRoleTags', 'iam:ListRoles', 'iam:PutRolePermissionsBoundary', 'iam:PutRolePolicy', 'iam:RemoveRoleFromInstanceProfile', 'iam:TagRole', 'iam:UntagRole', 'iam:UpdateRole'] Run command: docker exec 56cb328c6d9af293d9e820e1f2a94fb8ca87e0769b2b9b6d46bad661f9edde65 tar czf /root/output.tgz --exclude .tmp -C /root/ansible/ansible_collections/community/aws/tests output Run command: docker exec -i 56cb328c6d9af293d9e820e1f2a94fb8ca87e0769b2b9b6d46bad661f9edde65 dd if=/root/output.tgz bs=65536 Run command: tar oxzf /tmp/ansible-result-k2lnga3v.tgz -C /mnt/c/Users/mark.woolley/Documents/GitHub/public/ansible_collections/community/aws/tests Run command: docker rm -f 56cb328c6d9af293d9e820e1f2a94fb8ca87e0769b2b9b6d46bad661f9edde65 Reviewed-by: Mark Chappell <None> Reviewed-by: None <None> This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@81d9abd
Remove deprecated "facts" aliases SUMMARY Modules named "facts.py" that do not return ansible_facts were renamed to "info.py" in 2.9. Remove these aliases now that the deprecation period is over. This PR should be included in 3.0.0 of the collection. ISSUE TYPE Bugfix Pull Request COMPONENT NAME *_facts.py Reviewed-by: Mark Chappell <None> Reviewed-by: Jill R <None> Reviewed-by: None <None> This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@68aaa70
…ible-collections#961) IAM Role Removal Does Not Require Removal of Permission Boundary SUMMARY Removes unnecessary removal of permission boundary from a role when deleting a role. Unlike inline policies, permission boundaries do not need to be removed from an IAM role before deleting the IAM role. This behavior causes issues when a permission boundary is inherited that prevents removal of the permission boundary. Fixes ansible-collections#959 ISSUE TYPE Bugfix Pull Request COMPONENT NAME iam_role Reviewed-by: Markus Bergholz <[email protected]> Reviewed-by: Mark Chappell <None> This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@e670b34
…aws (ansible-collections#1054) iam_role - delete inline policies, stabilize for migration to amazon.aws SUMMARY Stabilize for migration to amazon.aws delete inline policies before deleting the role removed global vars and refactored function definitions added some extra integration tests for check mode ISSUE TYPE Feature Pull Request COMPONENT NAME iam_role Reviewed-by: Markus Bergholz <[email protected]> Reviewed-by: Joseph Torcasso <None> Reviewed-by: Alina Buzachis <None> Reviewed-by: Jill R <None> This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@ce41867
…1068) Revert breaking change - iam_role return values SUMMARY This hasn't been release yet, so a changelog isn't needed. While I'm generally good with cleaning up the output values here, this needs to be done as a separate breaking change, and must not be backported to stable-3. ISSUE TYPE Bugfix Pull Request COMPONENT NAME iam_role ADDITIONAL INFORMATION Breaking change silently introduced by ansible-collections#1054 Reviewed-by: Alina Buzachis <None> Reviewed-by: Joseph Torcasso <None> This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@8d80e9a
Integration test dependency cleanup SUMMARY remove dependencies on setup_remote_tmp_dir where it's not used (often just copy & paste from another test) remove setup_ec2 (no main.yml means it's not doing anything) remove prepare_tests (empty main.yml means it's not doing anything) ISSUE TYPE Feature Pull Request COMPONENT NAME tests/integration/targets ADDITIONAL INFORMATION By cleaning up what we have we reduce the chance of people copying things about "because that's what test XYZ did". Reviewed-by: Alina Buzachis <None> Reviewed-by: Mark Woolley <[email protected]> This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@dd12046
…sible-collections#1182) Tagging fragment - Move simplest cases over to the docs fragment. Depends-On: ansible-collections#844 SUMMARY Migrate simplest cases over to the new docs fragment and add resource_tags as an alias to tags. ISSUE TYPE Docs Pull Request Feature Pull Request COMPONENT NAME changelogs/fragments/1182-tagging.yml plugins/modules/aws_glue_job.py plugins/modules/aws_msk_cluster.py plugins/modules/aws_secret.py plugins/modules/aws_step_functions_state_machine.py plugins/modules/dynamodb_table.py plugins/modules/ec2_eip.py plugins/modules/ec2_transit_gateway_vpc_attachment.py plugins/modules/ec2_vpc_peer.py plugins/modules/elb_application_lb.py plugins/modules/elb_network_lb.py plugins/modules/iam_role.py plugins/modules/iam_user.py plugins/modules/networkfirewall.py plugins/modules/networkfirewall_policy.py plugins/modules/networkfirewall_rule_group.py plugins/modules/rds_cluster.py plugins/modules/rds_instance.py plugins/modules/rds_instance_snapshot.py plugins/modules/rds_option_group.py plugins/modules/rds_subnet_group.py plugins/modules/redshift.py ADDITIONAL INFORMATION Reviewed-by: Alina Buzachis <None> This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@b11ffae
…collections#1459) Update extends_documentation_fragment with amazon.aws.boto3 Depends-On: ansible/ansible-zuul-jobs#1654 SUMMARY As per ansible-collections#985 add amazon.aws.boto3. ISSUE TYPE Docs Pull Request COMPONENT NAME several Reviewed-by: Jill R <None> Reviewed-by: Mark Chappell <None> Reviewed-by: Markus Bergholz <[email protected]> This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@bd3c03f
iam_role: drop deprecation SUMMARY The change was announced since community.aws 1.0.0 for ansible 2.14 With community.aws 2.1.0, it was changed to the date after 2022-06-01 However, in the meantime the standard value is true for purge parameters. Therefore we just drop the deprecation warning. COMPONENT NAME iam_role Reviewed-by: Mark Chappell <None> This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@75ba63b
…ons#1632) Ansible User-Agent identification for community.aws SUMMARY The value will be similar to this APN/1.0 Ansible/2.14.1 community.aws/6.0.0-dev0 ISSUE TYPE Feature Pull Request Reviewed-by: Mark Chappell <None> Reviewed-by: Bikouo Aubin <None> Reviewed-by: Alina Buzachis <None> This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@a8cbce2
This was referenced Sep 20, 2023
Merged
abikouo
changed the title
Docs Build 📝Thank you for contribution!✨ This PR has been merged and your docs changes will be incorporated when they are next published. |
|
Build succeeded. ✔️ ansible-galaxy-importer SUCCESS in 5m 01s |
tremble
requested changes
Sep 21, 2023
There was a problem hiding this comment.
Migration, +1
Deprecations/Removals:
a) I don't like pulling this into the migration PR (too much changing at once)
b) Missing breaking changelog entry
c) Last time I spoke to @alinabuzachis 7.0.0 is hopefully landing early November (to meet the Ansible 9 release deadline), since the advertised date on the deprecation was 2023-12-01, we shouldn't include this in 7.0.0
Please clean-up the "new" commits (those that weren't from community.aws). We need to remember to manually merge with commit without squashing too.
abikouo
force-pushed
the
promote_iam_role
branch
from
1f1b5a6 to
b09506d
Compare
Pull request has been restricted to the code and tests migration, other (deprecation, unit tests) will follow later on another PR. The new commits have been squashed |
|
Build succeeded. ✔️ ansible-galaxy-importer SUCCESS in 4m 41s |
tremble
approved these changes
Sep 22, 2023
alinabuzachis
approved these changes
Sep 22, 2023
tremble
previously requested changes
Sep 22, 2023
abikouo
force-pushed
the
promote_iam_role
branch
from
b09506d to
aadd870
Compare
|
Build succeeded. ✔️ ansible-galaxy-importer SUCCESS in 5m 36s |
abikouo
added
mergeit
|
Build succeeded (gate pipeline). ✔️ ansible-galaxy-importer SUCCESS in 6m 05s |
softwarefactory-project-zuul
bot
merged commit e109f32
into
ansible-collections:main
86 of 121 checks passed
softwarefactory-project-zuul bot
pushed a commit
to ansible-collections/community.aws
that referenced
this pull request
Sep 28, 2023
Migrate modules iam_role and iam_role_info to amazon.aws Since ansible-collections/amazon.aws#1760 has been merged, this is ready for review too Migrate modules iam_role and iam_role_info to collection amazon.aws Remove modules codes and tests Update runtime.yml for redirection ISSUE TYPE Feature Pull Request COMPONENT NAME iam_role iam_role_info Reviewed-by: Alina Buzachis
alinabuzachis
pushed a commit
to alinabuzachis/community.aws
that referenced
this pull request
Oct 2, 2023
…lections#1948) Migrate modules iam_role and iam_role_info to amazon.aws Since ansible-collections/amazon.aws#1760 has been merged, this is ready for review too Migrate modules iam_role and iam_role_info to collection amazon.aws Remove modules codes and tests Update runtime.yml for redirection ISSUE TYPE Feature Pull Request COMPONENT NAME iam_role iam_role_info Reviewed-by: Alina Buzachis
alinabuzachis
pushed a commit
to alinabuzachis/amazon.aws
that referenced
this pull request
Oct 2, 2023
Migrate iam_role* modules and tests SUMMARY Migrate modules iam_role and iam_role_info from community.aws ISSUE TYPE New Module Pull Request COMPONENT NAME iam_role iam_role_info Reviewed-by: Mark Chappell Reviewed-by: Alina Buzachis
alinabuzachis
added a commit
to alinabuzachis/amazon.aws
that referenced
this pull request
Oct 6, 2023
This reverts commit e109f32.
gravesm
pushed a commit
that referenced
this pull request
Oct 6, 2023
abikouo
pushed a commit
to abikouo/amazon.aws
that referenced
this pull request
Oct 24, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
SUMMARY
Migrate modules iam_role and iam_role_info from community.aws
ISSUE TYPE
COMPONENT NAME
iam_role
iam_role_info