From 984049a5f803671ebb786a572340d47c59b6bcc6 Mon Sep 17 00:00:00 2001
From: Kris Shaw <kristian.shaw@sky.uk>
Date: Tue, 14 Jan 2020 13:45:33 +0000
Subject: [PATCH] Configurable private_zone in all calls to the route53 module

---
 group_vars/_skel/cluster_vars.yml                       | 2 ++
 roles/clusterbuild/clean/tasks/main.yml                 | 8 ++++----
 roles/clusterbuild/config/tasks/main.yml                | 4 ++--
 roles/clusterbuild/redeploy/tasks/aws_rescue.yml        | 2 +-
 roles/clusterbuild/redeploy/tasks/aws_stop_instance.yml | 4 ++--
 roles/clusterbuild/redeploy/tasks/by_type_host.yml      | 2 +-
 roles/clusterbuild/redeploy/tasks/gce_stop_instance.yml | 2 +-
 7 files changed, 13 insertions(+), 11 deletions(-)

diff --git a/group_vars/_skel/cluster_vars.yml b/group_vars/_skel/cluster_vars.yml
index 999bf410..c4c8e38e 100644
--- a/group_vars/_skel/cluster_vars.yml
+++ b/group_vars/_skel/cluster_vars.yml
@@ -55,6 +55,7 @@ bind9:
 # The global {{cluster_name}} is prefixed with {{app_name}}
 cluster_name: "{{app_name}}-{{buildenv}}"
 
+### AWS example
 cluster_vars:
   type: aws     # aws, gcp, openstack
   image: ""     # Ubuntu images can be located at https://cloud-images.ubuntu.com/locator/
@@ -69,6 +70,7 @@ cluster_vars:
   assign_public_ip: "no"
   inventory_ip: "private"   # 'public' or 'private', (private in case we're operating in a private LAN).  If public, 'assign_public_ip' must be 'yes'
   instance_profile_name: "vpc_lock_{{buildenv}}"
+  route53_private_zone: true # Only used when cluster_vars.type == 'aws'. Defaults to true if not set.
   secgroups_existing: []
   secgroup_new:
     - proto: "tcp"
diff --git a/roles/clusterbuild/clean/tasks/main.yml b/roles/clusterbuild/clean/tasks/main.yml
index 27bf57e4..18a62bb5 100644
--- a/roles/clusterbuild/clean/tasks/main.yml
+++ b/roles/clusterbuild/clean/tasks/main.yml
@@ -64,7 +64,7 @@
       zone: "{{cluster_vars.dns_zone_external}}"
       record: "{{item.hostname}}.{{cluster_vars.dns_zone_external}}"
       type: "A"
-      private_zone: true
+      private_zone: "{{cluster_vars.route53_private_zone | default(true)}}"
     register: dns_rec
     with_items: "{{ cluster_hosts_flat }}"
 
@@ -78,7 +78,7 @@
       type: "{{ item.set.type }}"
       ttl: "{{ item.set.ttl }}"
       value: ["{{ item.set.value }}"]
-      private_zone: true
+      private_zone: "{{cluster_vars.route53_private_zone | default(true)}}"
     with_items: "{{ dns_rec.results }}"
     when: item.set.value is defined
 
@@ -90,7 +90,7 @@
       zone: "{{cluster_vars.dns_zone_external}}"
       record: "{{item.hostname | regex_replace('-(?!.*-)[0-9]{10}$')}}.{{cluster_vars.dns_zone_external}}"
       type: "CNAME"
-      private_zone: true
+      private_zone: "{{cluster_vars.route53_private_zone | default(true)}}"
     register: dns_rec
     with_items: "{{ cluster_hosts_flat }}"   
 
@@ -104,7 +104,7 @@
       type: "{{ item.set.type }}"
       ttl: "{{ item.set.ttl }}"
       value: ["{{ item.set.value }}"]
-      private_zone: true
+      private_zone: "{{cluster_vars.route53_private_zone | default(true)}}"
     with_items: "{{ dns_rec.results }}"
     when: item.set.value is defined    
   when: cluster_vars.dns_server == "route53" and cluster_vars.dns_zone_external is defined and cluster_vars.dns_zone_external != ""
diff --git a/roles/clusterbuild/config/tasks/main.yml b/roles/clusterbuild/config/tasks/main.yml
index 2d592b0a..982cc5f4 100644
--- a/roles/clusterbuild/config/tasks/main.yml
+++ b/roles/clusterbuild/config/tasks/main.yml
@@ -134,7 +134,7 @@
     type: A
     ttl: 60
     value: "{{ hostvars[item.hostname]['ansible_host'] }}"
-    private_zone: true
+    private_zone: "{{cluster_vars.route53_private_zone | default(true)}}"
     overwrite: true
   become: false
   delegate_to: localhost
@@ -183,7 +183,7 @@
     type: CNAME
     ttl: 30
     value: "{{item.hostname}}.{{cluster_vars.dns_zone_external}}"
-    private_zone: true
+    private_zone: "{{cluster_vars.route53_private_zone | default(true)}}"
     overwrite: true
   become: false
   delegate_to: localhost
diff --git a/roles/clusterbuild/redeploy/tasks/aws_rescue.yml b/roles/clusterbuild/redeploy/tasks/aws_rescue.yml
index a0749765..f9bbdb90 100644
--- a/roles/clusterbuild/redeploy/tasks/aws_rescue.yml
+++ b/roles/clusterbuild/redeploy/tasks/aws_rescue.yml
@@ -64,7 +64,7 @@
         value: "{{ host_to_recover}}.{{cluster_vars.dns_zone_external}}"
         type: CNAME
         ttl: 30
-        private_zone: true
+        private_zone: "{{cluster_vars.route53_private_zone | default(true)}}"
         overwrite: true   
       when: cluster_vars.dns_server == "route53"      
 
diff --git a/roles/clusterbuild/redeploy/tasks/aws_stop_instance.yml b/roles/clusterbuild/redeploy/tasks/aws_stop_instance.yml
index 971525e8..73179820 100644
--- a/roles/clusterbuild/redeploy/tasks/aws_stop_instance.yml
+++ b/roles/clusterbuild/redeploy/tasks/aws_stop_instance.yml
@@ -70,7 +70,7 @@
           zone: "{{cluster_vars.dns_zone_external}}"
           record: "{{existing.instances[0].tags.Name}}.{{cluster_vars.dns_zone_external}}"
           type: "A"
-          private_zone: true
+          private_zone: "{{cluster_vars.route53_private_zone | default(true)}}"
         register: dns_rec
 
       - name: Remove DNS entries from route53
@@ -83,7 +83,7 @@
           type: "{{ dns_rec.set.type }}"
           ttl: "{{ dns_rec.set.ttl }}"
           value: ["{{ dns_rec.set.value }}"]
-          private_zone: true
+          private_zone: "{{cluster_vars.route53_private_zone | default(true)}}"
         when: dns_rec.set.value is defined
       when: cluster_vars.dns_server == "route53" and cluster_vars.dns_zone_external is defined and cluster_vars.dns_zone_external != ""
       
diff --git a/roles/clusterbuild/redeploy/tasks/by_type_host.yml b/roles/clusterbuild/redeploy/tasks/by_type_host.yml
index 2201e37a..82d5d275 100644
--- a/roles/clusterbuild/redeploy/tasks/by_type_host.yml
+++ b/roles/clusterbuild/redeploy/tasks/by_type_host.yml
@@ -51,7 +51,7 @@
         value: "{{instance_to_create}}.{{cluster_vars.dns_zone_external}}"
         type: CNAME
         ttl: 30
-        private_zone: true
+        private_zone: "{{cluster_vars.route53_private_zone | default(true)}}"
         overwrite: true   
       when: cluster_vars.dns_server == "route53"      
 
diff --git a/roles/clusterbuild/redeploy/tasks/gce_stop_instance.yml b/roles/clusterbuild/redeploy/tasks/gce_stop_instance.yml
index 0cd9f6f8..01f0a1ce 100644
--- a/roles/clusterbuild/redeploy/tasks/gce_stop_instance.yml
+++ b/roles/clusterbuild/redeploy/tasks/gce_stop_instance.yml
@@ -99,7 +99,7 @@
           type: "{{ dns_rec.set.type }}"
           ttl: "{{ dns_rec.set.ttl }}"
           value: ["{{ dns_rec.set.value }}"]
-          private_zone: true
+          private_zone: "{{cluster_vars.route53_private_zone | default(true)}}"
         when: dns_rec.set.value is defined
       when: cluster_vars.dns_server == "route53" and cluster_vars.dns_zone_external is defined and cluster_vars.dns_zone_external != ""