Add backend bucket signed URL key (for CDN) support

Signed-off-by: Modular Magician <[email protected]>

lib/ansible/modules/cloud/google/gcp_compute_backend_bucket.py

@@ -55,6 +55,23 @@
     description:
     - Cloud Storage bucket name.
     required: true
+  cdn_policy:
+    description:
+    - Cloud CDN configuration for this Backend Bucket.
+    required: false
+    version_added: 2.8
+    suboptions:
+      signed_url_cache_max_age_sec:
+        description:
+        - Maximum number of seconds the response to a signed URL request will be considered
+          fresh. Defaults to 1hr (3600s). After this time period, the response will
+          be revalidated before being served.
+        - 'When serving responses to signed URL requests, Cloud CDN will internally
+          behave as though all responses from this backend had a "Cache-Control: public,
+          max-age=[TTL]" header, regardless of any existing Cache-Control header.
+          The actual headers served in responses will not be altered.'
+        required: false
+        default: '3600'
   description:
     description:
     - An optional textual description of the resource; provided by the client when
@@ -108,6 +125,23 @@
   - Cloud Storage bucket name.
   returned: success
   type: str
+cdnPolicy:
+  description:
+  - Cloud CDN configuration for this Backend Bucket.
+  returned: success
+  type: complex
+  contains:
+    signedUrlCacheMaxAgeSec:
+      description:
+      - Maximum number of seconds the response to a signed URL request will be considered
+        fresh. Defaults to 1hr (3600s). After this time period, the response will
+        be revalidated before being served.
+      - 'When serving responses to signed URL requests, Cloud CDN will internally
+        behave as though all responses from this backend had a "Cache-Control: public,
+        max-age=[TTL]" header, regardless of any existing Cache-Control header. The
+        actual headers served in responses will not be altered.'
+      returned: success
+      type: int
 creationTimestamp:
   description:
   - Creation timestamp in RFC3339 text format.
@@ -145,7 +179,7 @@
 # Imports
 ################################################################################
 
-from ansible.module_utils.gcp_utils import navigate_hash, GcpSession, GcpModule, GcpRequest, replace_resource_dict
+from ansible.module_utils.gcp_utils import navigate_hash, GcpSession, GcpModule, GcpRequest, remove_nones_from_dict, replace_resource_dict
 import json
 import time
 
@@ -161,6 +195,7 @@ def main():
         argument_spec=dict(
             state=dict(default='present', choices=['present', 'absent'], type='str'),
             bucket_name=dict(required=True, type='str'),
+            cdn_policy=dict(type='dict', options=dict(signed_url_cache_max_age_sec=dict(default=3600, type='int'))),
             description=dict(type='str'),
             enable_cdn=dict(type='bool'),
             name=dict(required=True, type='str'),
@@ -217,6 +252,7 @@ def resource_to_request(module):
     request = {
         u'kind': 'compute#backendBucket',
         u'bucketName': module.params.get('bucket_name'),
+        u'cdnPolicy': BackendBucketCdnpolicy(module.params.get('cdn_policy', {}), module).to_request(),
         u'description': module.params.get('description'),
         u'enableCdn': module.params.get('enable_cdn'),
         u'name': module.params.get('name'),
@@ -286,6 +322,7 @@ def is_different(module, response):
 def response_to_hash(module, response):
     return {
         u'bucketName': response.get(u'bucketName'),
+        u'cdnPolicy': BackendBucketCdnpolicy(response.get(u'cdnPolicy', {}), module).from_response(),
         u'creationTimestamp': response.get(u'creationTimestamp'),
         u'description': response.get(u'description'),
         u'enableCdn': response.get(u'enableCdn'),
@@ -329,5 +366,20 @@ def raise_if_errors(response, err_path, module):
         module.fail_json(msg=errors)
 
 
+class BackendBucketCdnpolicy(object):
+    def __init__(self, request, module):
+        self.module = module
+        if request:
+            self.request = request
+        else:
+            self.request = {}
+
+    def to_request(self):
+        return remove_nones_from_dict({u'signedUrlCacheMaxAgeSec': self.request.get('signed_url_cache_max_age_sec')})
+
+    def from_response(self):
+        return remove_nones_from_dict({u'signedUrlCacheMaxAgeSec': self.request.get(u'signedUrlCacheMaxAgeSec')})
+
+
 if __name__ == '__main__':
     main()

lib/ansible/modules/cloud/google/gcp_compute_backend_bucket_facts.py

@@ -70,6 +70,23 @@
       - Cloud Storage bucket name.
       returned: success
       type: str
+    cdnPolicy:
+      description:
+      - Cloud CDN configuration for this Backend Bucket.
+      returned: success
+      type: complex
+      contains:
+        signedUrlCacheMaxAgeSec:
+          description:
+          - Maximum number of seconds the response to a signed URL request will be
+            considered fresh. Defaults to 1hr (3600s). After this time period, the
+            response will be revalidated before being served.
+          - 'When serving responses to signed URL requests, Cloud CDN will internally
+            behave as though all responses from this backend had a "Cache-Control:
+            public, max-age=[TTL]" header, regardless of any existing Cache-Control
+            header. The actual headers served in responses will not be altered.'
+          returned: success
+          type: int
     creationTimestamp:
       description:
       - Creation timestamp in RFC3339 text format.

lib/ansible/modules/cloud/google/gcp_compute_backend_service.py

@@ -182,6 +182,18 @@
               or query_string_blacklist, not both.
             - "'&' and '=' will be percent encoded and not treated as delimiters."
             required: false
+      signed_url_cache_max_age_sec:
+        description:
+        - Maximum number of seconds the response to a signed URL request will be considered
+          fresh, defaults to 1hr (3600s). After this time period, the response will
+          be revalidated before being served.
+        - 'When serving responses to signed URL requests, Cloud CDN will internally
+          behave as though all responses from this backend had a "Cache-Control: public,
+          max-age=[TTL]" header, regardless of any existing Cache-Control header.
+          The actual headers served in responses will not be altered.'
+        required: false
+        default: '3600'
+        version_added: 2.8
   connection_draining:
     description:
     - Settings for connection draining.
@@ -473,6 +485,17 @@
           - "'&' and '=' will be percent encoded and not treated as delimiters."
           returned: success
           type: list
+    signedUrlCacheMaxAgeSec:
+      description:
+      - Maximum number of seconds the response to a signed URL request will be considered
+        fresh, defaults to 1hr (3600s). After this time period, the response will
+        be revalidated before being served.
+      - 'When serving responses to signed URL requests, Cloud CDN will internally
+        behave as though all responses from this backend had a "Cache-Control: public,
+        max-age=[TTL]" header, regardless of any existing Cache-Control header. The
+        actual headers served in responses will not be altered.'
+      returned: success
+      type: int
 connectionDraining:
   description:
   - Settings for connection draining.
@@ -644,7 +667,8 @@ def main():
                             query_string_blacklist=dict(type='list', elements='str'),
                             query_string_whitelist=dict(type='list', elements='str'),
                         ),
-                    )
+                    ),
+                    signed_url_cache_max_age_sec=dict(default=3600, type='int'),
                 ),
             ),
             connection_draining=dict(type='dict', options=dict(draining_timeout_sec=dict(type='int'))),
@@ -915,10 +939,20 @@ def __init__(self, request, module):
             self.request = {}
 
     def to_request(self):
-        return remove_nones_from_dict({u'cacheKeyPolicy': BackendServiceCachekeypolicy(self.request.get('cache_key_policy', {}), self.module).to_request()})
+        return remove_nones_from_dict(
+            {
+                u'cacheKeyPolicy': BackendServiceCachekeypolicy(self.request.get('cache_key_policy', {}), self.module).to_request(),
+                u'signedUrlCacheMaxAgeSec': self.request.get('signed_url_cache_max_age_sec'),
+            }
+        )
 
     def from_response(self):
-        return remove_nones_from_dict({u'cacheKeyPolicy': BackendServiceCachekeypolicy(self.request.get(u'cacheKeyPolicy', {}), self.module).from_response()})
+        return remove_nones_from_dict(
+            {
+                u'cacheKeyPolicy': BackendServiceCachekeypolicy(self.request.get(u'cacheKeyPolicy', {}), self.module).from_response(),
+                u'signedUrlCacheMaxAgeSec': self.request.get(u'signedUrlCacheMaxAgeSec'),
+            }
+        )
 
 
 class BackendServiceCachekeypolicy(object):

lib/ansible/modules/cloud/google/gcp_compute_backend_service_facts.py

@@ -206,6 +206,17 @@
               - "'&' and '=' will be percent encoded and not treated as delimiters."
               returned: success
               type: list
+        signedUrlCacheMaxAgeSec:
+          description:
+          - Maximum number of seconds the response to a signed URL request will be
+            considered fresh, defaults to 1hr (3600s). After this time period, the
+            response will be revalidated before being served.
+          - 'When serving responses to signed URL requests, Cloud CDN will internally
+            behave as though all responses from this backend had a "Cache-Control:
+            public, max-age=[TTL]" header, regardless of any existing Cache-Control
+            header. The actual headers served in responses will not be altered.'
+          returned: success
+          type: int
     connectionDraining:
       description:
       - Settings for connection draining.