Allow creating resources with protection (#30)

* Allow all supporting resources to be created with protection

Signed-off-by: Lukas Kämmerling <lukas.kaemmerling@hetzner-cloud.de>
This commit is contained in:
Lukas Kämmerling 2020-10-01 11:09:51 +02:00 committed by GitHub
parent 87d989fcbe
commit fe84174cb6
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
11 changed files with 275 additions and 2 deletions

View file

@ -0,0 +1,6 @@
minor_changes:
- hcloud_server Allow creating server with protection
- hcloud_floating_ip Allow creating Floating IP with protection
- hcloud_load_balancer Allow creating Load Balancer with protection
- hcloud_network Allow creating Network with protection
- hcloud_volume Allow creating Volumes with protection

View file

@ -237,6 +237,10 @@ class AnsibleHcloudFloatingIP(Hcloud):
resp = self.client.floating_ips.create(**params) resp = self.client.floating_ips.create(**params)
self.hcloud_floating_ip = resp.floating_ip self.hcloud_floating_ip = resp.floating_ip
delete_protection = self.module.params.get("delete_protection")
if delete_protection is not None:
self.hcloud_floating_ip.change_protection(delete=delete_protection).wait_until_finished()
self._mark_as_changed() self._mark_as_changed()
self._get_floating_ip() self._get_floating_ip()

View file

@ -217,6 +217,11 @@ class AnsibleHcloudLoadBalancer(Hcloud):
resp = self.client.load_balancers.create(**params) resp = self.client.load_balancers.create(**params)
resp.action.wait_until_finished(max_retries=1000) resp.action.wait_until_finished(max_retries=1000)
delete_protection = self.module.params.get("delete_protection")
if delete_protection is not None:
self._get_load_balancer()
self.hcloud_load_balancer.change_protection(delete=delete_protection).wait_until_finished()
self._mark_as_changed() self._mark_as_changed()
self._get_load_balancer() self._get_load_balancer()

View file

@ -161,6 +161,11 @@ class AnsibleHcloudNetwork(Hcloud):
if not self.module.check_mode: if not self.module.check_mode:
self.client.networks.create(**params) self.client.networks.create(**params)
delete_protection = self.module.params.get("delete_protection")
if delete_protection is not None:
self._get_network()
self.hcloud_network.change_protection(delete=delete_protection).wait_until_finished()
self._mark_as_changed() self._mark_as_changed()
self._get_network() self._get_network()

View file

@ -357,6 +357,12 @@ class AnsibleHcloudServer(Hcloud):
self._get_server() self._get_server()
self.hcloud_server.enable_backup().wait_until_finished() self.hcloud_server.enable_backup().wait_until_finished()
delete_protection = self.module.params.get("delete_protection")
rebuild_protection = self.module.params.get("rebuild_protection")
if delete_protection is not None and rebuild_protection is not None:
self._get_server()
self.hcloud_server.change_protection(delete=delete_protection,
rebuild=rebuild_protection).wait_until_finished()
self._mark_as_changed() self._mark_as_changed()
self._get_server() self._get_server()

View file

@ -228,6 +228,10 @@ class AnsibleHcloudVolume(Hcloud):
resp = self.client.volumes.create(**params) resp = self.client.volumes.create(**params)
resp.action.wait_until_finished() resp.action.wait_until_finished()
[action.wait_until_finished() for action in resp.next_actions] [action.wait_until_finished() for action in resp.next_actions]
delete_protection = self.module.params.get("delete_protection")
if delete_protection is not None:
self._get_volume()
self.hcloud_volume.change_protection(delete=delete_protection).wait_until_finished()
self._mark_as_changed() self._mark_as_changed()
self._get_volume() self._get_volume()

View file

@ -372,7 +372,7 @@
- name: verify cleanup - name: verify cleanup
assert: assert:
that: that:
- result is changed - result is changed
- name: cleanup another server - name: cleanup another server
hcloud_server: hcloud_server:
name: "{{ main_server2.hcloud_server.name }}" name: "{{ main_server2.hcloud_server.name }}"
@ -381,4 +381,51 @@
- name: verify cleanup another server - name: verify cleanup another server
assert: assert:
that: that:
- result is changed - result is changed
- name: test create Floating IP with delete protection
hcloud_floating_ip:
name: "{{ hcloud_floating_ip_name }}"
type: ipv4
home_location: fsn1
delete_protection: true
register: floatingIP
- name: verify create Floating IP with delete protection
assert:
that:
- floatingIP is changed
- floatingIP.hcloud_floating_ip.delete_protection is sameas true
- name: test delete Floating IP fails if it is protected
hcloud_floating_ip:
name: "{{ hcloud_floating_ip_name }}"
state: "absent"
register: result
ignore_errors: yes
- name: verify test delete floating ip
assert:
that:
- result is failed
- 'result.msg == "Floating IP deletion is protected"'
- name: test update Floating IP delete protection
hcloud_floating_ip:
name: "{{ hcloud_floating_ip_name }}"
type: ipv4
delete_protection: false
register: floatingIP
- name: verify update Floating IP delete protection
assert:
that:
- floatingIP is changed
- floatingIP.hcloud_floating_ip.delete_protection is sameas false
- name: test delete floating ip
hcloud_floating_ip:
name: "{{ hcloud_floating_ip_name }}"
state: "absent"
register: result
- name: verify test delete floating ip
assert:
that:
- result is changed

View file

@ -199,3 +199,49 @@
assert: assert:
that: that:
- result is success - result is success
- name: test create Load Balancer with delete protection
hcloud_load_balancer:
name: "{{ hcloud_load_balancer_name }}"
load_balancer_type: lb11
network_zone: eu-central
delete_protection: true
register: main_load_balancer
- name: verify create Load Balancer with delete protection
assert:
that:
- main_load_balancer is changed
- main_load_balancer.hcloud_load_balancer.delete_protection is sameas true
- name: test delete Load Balancer fails if it is protected
hcloud_load_balancer:
name: "{{ hcloud_load_balancer_name }}"
state: "absent"
register: result
ignore_errors: yes
- name: verify test delete Load Balancer
assert:
that:
- result is failed
- 'result.msg == "load balancer deletion is protected"'
- name: test update Load Balancer delete protection
hcloud_load_balancer:
name: "{{ hcloud_load_balancer_name }}"
delete_protection: false
register: main_load_balancer
- name: verify update Load Balancer delete protection
assert:
that:
- main_load_balancer is changed
- main_load_balancer.hcloud_load_balancer.delete_protection is sameas false
- name: test delete Load Balancer
hcloud_load_balancer:
name: "{{ hcloud_load_balancer_name }}"
state: "absent"
register: result
- name: verify test delete Load Balancer
assert:
that:
- result is changed

View file

@ -167,3 +167,49 @@
assert: assert:
that: that:
- result is success - result is success
- name: test create Network with delete protection
hcloud_network:
name: "{{hcloud_network_name}}"
ip_range: "10.0.0.0/8"
delete_protection: true
register: network
- name: verify create Network with delete protection
assert:
that:
- network is changed
- network.hcloud_network.delete_protection is sameas true
- name: test delete Network fails if it is protected
hcloud_network:
name: "{{hcloud_network_name}}"
state: absent
ignore_errors: yes
register: result
- name: verify delete Network
assert:
that:
- result is failed
- 'result.msg == "network deletion is protected"'
- name: test update Network delete protection
hcloud_network:
name: "{{hcloud_network_name}}"
delete_protection: false
register: network
- name: verify test update Network delete protection
assert:
that:
- network is changed
- network.hcloud_network.delete_protection is sameas false
- name: test delete Network
hcloud_network:
name: "{{hcloud_network_name}}"
state: absent
register: result
- name: verify delete Network
assert:
that:
- result is success

View file

@ -589,3 +589,60 @@
assert: assert:
that: that:
- result is success - result is success
- name: test create server with protection
hcloud_server:
name: "{{ hcloud_server_name }}"
delete_protection: true
rebuild_protection: true
server_type: cpx11
image: "ubuntu-20.04"
ssh_keys:
- ci@ansible.hetzner.cloud
state: present
register: result_after_test
ignore_errors: true
- name: verify create server with protection
assert:
that:
- result_after_test is changed
- result_after_test.hcloud_server.delete_protection is sameas true
- result_after_test.hcloud_server.rebuild_protection is sameas true
- name: test delete server fails if it is protected
hcloud_server:
name: "{{hcloud_server_name}}"
state: absent
ignore_errors: yes
register: result
- name: verify delete server fails if it is protected
assert:
that:
- result is failed
- 'result.msg == "server deletion is protected"'
- name: remove protection from server
hcloud_server:
name: "{{ hcloud_server_name }}"
delete_protection: false
rebuild_protection: false
state: present
register: result_after_test
ignore_errors: true
- name: verify update server protection
assert:
that:
- result_after_test is changed
- result_after_test.hcloud_server.delete_protection is sameas false
- result_after_test.hcloud_server.rebuild_protection is sameas false
- name: cleanup
hcloud_server:
name: "{{ hcloud_server_name }}"
state: absent
register: result
- name: verify cleanup
assert:
that:
- result is success

View file

@ -231,6 +231,53 @@
that: that:
- result is success - result is success
- name: test create Volume with delete protection
hcloud_volume:
name: "{{hcloud_volume_name}}"
size: 10
location: "fsn1"
delete_protection: true
register: volume
- name: verify create Volume with delete protection
assert:
that:
- volume is changed
- volume.hcloud_volume.delete_protection is sameas true
- name: test delete Volume fails if it is protected
hcloud_volume:
name: "{{hcloud_volume_name}}"
state: absent
ignore_errors: yes
register: result
- name: verify delete Volume fails if it is protected
assert:
that:
- result is failed
- 'result.msg == "volume deletion is protected"'
- name: test update Volume delete protection
hcloud_volume:
name: "{{hcloud_volume_name}}"
delete_protection: false
register: volume
- name: verify test update Volume delete protection
assert:
that:
- volume is changed
- volume.hcloud_volume.delete_protection is sameas false
- name: test delete Volume
hcloud_volume:
name: "{{hcloud_volume_name}}"
state: absent
register: result
- name: verify delete Volume
assert:
that:
- result is success
- name: cleanup - name: cleanup
hcloud_server: hcloud_server:
name: "{{ hcloud_server_name }}" name: "{{ hcloud_server_name }}"