-
Notifications
You must be signed in to change notification settings - Fork 342
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
vpc_net check mode, IPV6 CIDR assoc/disassoc #631
Merged
softwarefactory-project-zuul
merged 14 commits into
ansible-collections:main
from
CiscoM31:vpc_net_check_mode
Mar 21, 2022
Merged
Changes from all commits
Commits
Show all changes
14 commits
Select commit
Hold shift + click to select a range
7599096
add support for check mode
sebastien-rosset f52e0f8
add integration tests for check mode
sebastien-rosset b1da834
handle modifications of IPv6 CIDR
sebastien-rosset d5271a8
handle modifications of IPv6 CIDR
sebastien-rosset cea2f3b
retain configuration of IPv6 association if ipv6_cidr attribute is no…
sebastien-rosset 8aabd20
add test to validate ipv6 association of existing VPC does not change…
sebastien-rosset 890ff3a
fix linter issues
sebastien-rosset dde2e40
add examples for ipv6 subnets
sebastien-rosset 5c201e8
add example and improve doc for IPv6 CIDR block. Add integration test…
sebastien-rosset c49b44e
add changelog fragment
sebastien-rosset 8d18851
fix file extension
sebastien-rosset 8f20356
fix example route for ipv6
sebastien-rosset 7546e8f
Update changelogs/fragments/631-ec2_vpc_net-check_mode.yml
sebastien-rosset 462e0f1
mistakenly typed the word 'block'
sebastien-rosset File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
bugfixes: | ||
- >- | ||
ec2_vpc_net - In check mode, ensure the module does not change the configuration. | ||
Handle case when Amazon-provided ipv6 block is enabled, then disabled, then enabled again. | ||
Do not disable IPv6 CIDR association (using Amazon pool) if ipv6_cidr property is not present in the task. | ||
If the VPC already exists and ipv6_cidr property, retain the current config (https://github.com/ansible-collections/amazon.aws/pull/631). |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just wondering if it would be feasible to define a waiter instead? @tremble
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm trying to add support for opensearch module. To support custom endpoint, I discovered I need to fix issues in the
aws_acm
module to support tags (ansible-collections/community.aws#870), which depends on adding new IAM permissions (mattclay/aws-terminator#188). Along the way, I fixed some doc issues and use of deprecated tasks. Then I found outaws_acm
needs to support certificate requests (ansible-collections/community.aws#869) so I can issue a certificate for the customopensearch
endpoint. Also, certificate requests would potentially require adding a new module for managing private CAs in AWS acm, otherwise we cannot test signing certificate requests with private CAs. Then because I'm testingopensearch
with IPv6, I discovered I need to fix the IPv6 association in theec2_vpc_net
module (#631). Theec2_vpc_net
was making changes even in check mode. Also, theec2_route_table
wasn't documented for IPv6 so #634 . While adding integration tests for #634, I found outcommunity.aws
relies onansible.netcommons
, but theipsubnet
filter has been moved toansible.utils
. That's one more problem to fix that I haven't done yet. Then it turns out bothansible.netcommons
andansible.utils
have an issue that can cause up to 2 ^ 128 objects to be created: ansible-collections/ansible.utils#132. There is also a related 2 ^ N loop innetaddr
: netaddr/netaddr#241.Along the way, I was thinking of several other problems (such as
ec2_vpc_net
not supporting user-defined IPv6 subnets, missing doc). How about opening tracking issues for these issues that are being discovered along the way, otherwise I'm concerned there will be no end in sight.