Fix idempotency and logic to update existing aggregator #645
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ansibullbot
added
bug
|
I see that ansible/check failed two tests:
I haven't modified any files related to Am I missing anything obvious? |
|
recheck |
|
@alinabuzachis It looks like the tests fail with the same errors. |
|
@ichekaldin Sorry about that, the move to Zuul caused all sorts of fun. |
|
@ichekaldin While they're not run in CI due to constraints with AWS Config (eg. you can't have multiple aggregators) There are some basic integration tests for aws_config (including the aggregator) Please could you update the tests to include idempotency tests and some regression tests for the issues you hit. |
|
@tremble I added a test to validate that specifying empty list of accounts and the organization source works: Would that be sufficient? |
|
@tremble Sorry to keep bumping this - I'd love for this fix to get merged before the next release. What do you think about the test I added? |
tremble
requested changes
Oct 22, 2021
There was a problem hiding this comment.
Thanks for your submission.
account_sources and organization_source are both currently required parameters (line 167/168) so on its own this change doesn't make sense.
Additionally, the integration test resulted in exceptions when I tried to run it and I'm not sure it's the right test.
| @@ -14,6 +14,7 @@ | |||
| short_description: Manage AWS Config aggregations across multiple accounts | |||
| description: | |||
| - Module manages AWS Config resources | |||
| requirements: [ 'botocore', 'boto3' ] | |||
There was a problem hiding this comment.
Suggested change
| requirements: [ 'botocore', 'boto3' ] |
The botocore/boto3 requirements are automatically added.
| assert: | ||
| that: | ||
| - output.failed | ||
| - 'output.msg.startswith("missing required arguments: organization_source")' |
There was a problem hiding this comment.
TASK [aws_config : test resource_type configuration_aggregator with organization_source parameter] ****************************************************************************************************************
task path: /root/ansible_collections/community/aws/tests/output/.tmp/integration/aws_config-z_x25kln-ÅÑŚÌβŁÈ/tests/integration/targets/aws_config/tasks/main.yaml:156
Using module file /root/ansible_collections/community/aws/plugins/modules/aws_config_aggregator.py
Pipelining is enabled.
<testhost> ESTABLISH LOCAL CONNECTION FOR USER: root
<testhost> EXEC /bin/sh -c 'ANSIBLE_DEBUG_BOTOCORE_LOGS=True /usr/bin/python3.10 && sleep 0'
The full traceback is:
Traceback (most recent call last):
File "<stdin>", line 121, in <module>
File "<stdin>", line 113, in _ansiballz_main
File "<stdin>", line 61, in invoke_module
File "/usr/lib/python3.10/runpy.py", line 209, in run_module
return _run_module_code(code, init_globals, run_name, mod_spec)
File "/usr/lib/python3.10/runpy.py", line 96, in _run_module_code
_run_code(code, mod_globals, init_globals,
File "/usr/lib/python3.10/runpy.py", line 86, in _run_code
exec(code, run_globals)
File "/tmp/ansible_aws_config_aggregator_payload_lfs1q8or/ansible_aws_config_aggregator_payload.zip/ansible_collections/community/aws/plugins/modules/aws_config_aggregator.py", line 228, in <module>
File "/tmp/ansible_aws_config_aggregator_payload_lfs1q8or/ansible_aws_config_aggregator_payload.zip/ansible_collections/community/aws/plugins/modules/aws_config_aggregator.py", line 216, in main
File "/tmp/ansible_aws_config_aggregator_payload_lfs1q8or/ansible_aws_config_aggregator_payload.zip/ansible_collections/community/aws/plugins/modules/aws_config_aggregator.py", line 119, in create_resource
KeyError: 'AccountAggregationSources'
fatal: [testhost]: FAILED! => {
"changed": false,
"module_stderr": "Traceback (most recent call last):\n File \"<stdin>\", line 121, in <module>\n File \"<stdin>\", line 113, in _ansiballz_main\n File \"<stdin>\", line 61, in invoke_module\n File \"/usr/lib/python3.10/runpy.py\", line 209, in run_module\n return _run_module_code(code, init_globals, run_name, mod_spec)\n File \"/usr/lib/python3.10/runpy.py\", line 96, in _run_module_code\n _run_code(code, mod_globals, init_globals,\n File \"/usr/lib/python3.10/runpy.py\", line 86, in _run_code\n exec(code, run_globals)\n File \"/tmp/ansible_aws_config_aggregator_payload_lfs1q8or/ansible_aws_config_aggregator_payload.zip/ansible_collections/community/aws/plugins/modules/aws_config_aggregator.py\", line 228, in <module>\n File \"/tmp/ansible_aws_config_aggregator_payload_lfs1q8or/ansible_aws_config_aggregator_payload.zip/ansible_collections/community/aws/plugins/modules/aws_config_aggregator.py\", line 216, in main\n File \"/tmp/ansible_aws_config_aggregator_payload_lfs1q8or/ansible_aws_config_aggregator_payload.zip/ansible_collections/community/aws/plugins/modules/aws_config_aggregator.py\", line 119, in create_resource\nKeyError: 'AccountAggregationSources'\n",
"module_stdout": "",
"msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
"rc": 1
}
...ignoring
TASK [aws_config : assert failure when called with organization_source parameter] *********************************************************************************************************************************
task path: /root/ansible_collections/community/aws/tests/output/.tmp/integration/aws_config-z_x25kln-ÅÑŚÌβŁÈ/tests/integration/targets/aws_config/tasks/main.yaml:167
fatal: [testhost]: FAILED! => {
"assertion": "output.msg.startswith(\"missing required arguments: organization_source\")",
"changed": false,
"evaluated_to": false,
"msg": "Assertion failed"
}
|
@ichekaldin this PR contains the following merge commits: Please rebase your branch to remove these commits. |
ansibullbot
added
merge_commit
tremble
reviewed
Oct 22, 2021
Comment on lines
170
to
171
| - output.failed | ||
| - 'output.msg.startswith("missing required arguments: organization_source")' | ||
| - output.changed |
There was a problem hiding this comment.
The aggregator doesn't exist, so it'll refuse to create due to account_sources being empty
ansibullbot
added
community_review
and removed
merge_commit
|
@tremble Thank you! I made some changes to new vs existing parameters are compared. |
alinabuzachis
pushed a commit
to alinabuzachis/community.aws
that referenced
this pull request
May 25, 2022
) [4.0.0] Bump minimum botocore version to 1.20.0 SUMMARY With the next major version we can bump botocore/boto3 again. Since 1.20.0 is now over a year old, we can bump the minimum version in preparation for 4.0.0. CI should still test backports against the relevant versions for the backported release. 1.20.0 was released 2021-02-02. 1.21.0 was released 2021-07-15, hopefully we'll release 4.0.0 before July. Should we release after mid-July we can always bump again. (Mentioned in ansible-collections#645) ISSUE TYPE Feature Pull Request COMPONENT NAME requirements.txt ADDITIONAL INFORMATION botocore] $ git show 1.20.0 tag 1.20.0 Tagger: aws-sdk-python-automation <[email protected]> Date: Tue Feb 2 19:11:44 2021 +0000 Tagging 1.20.0 release. commit b7d27dc39aea82e22e2c11443fbd02a4904367cd (tag: 1.20.0) Merge: cc497a593 27ebea65f Author: aws-sdk-python-automation <[email protected]> Date: Tue Feb 2 19:11:44 2021 +0000 Merge branch 'release-1.20.0' * release-1.20.0: Bumping version to 1.20.0 Update to latest models Add changelog for custom endpoints and ARN resources Allow custom endpoints when addressing ARN resources Add changes for Python 3.4/3.5 removal Fall back to Transfer-Encoding 'chunked' if AWSRequest body is not seekable stream boto3] $ git show 1.17.0 tag 1.17.0 Tagger: aws-sdk-python-automation <[email protected]> Date: Tue Feb 2 19:11:35 2021 +0000 Tagging 1.17.0 release. commit 1a35ed1ab41f967ea43420650075f2693cbbe08b (tag: 1.17.0) Merge: d77d24f9 35454bc5 Author: aws-sdk-python-automation <[email protected]> Date: Tue Feb 2 19:11:35 2021 +0000 Merge branch 'release-1.17.0' * release-1.17.0: Bumping version to 1.17.0 Add changelog entries from botocore Add S3 VPCE examples Add changes for Python 3.4/3.5 removal Reviewed-by: Alina Buzachis <None>
`describe_configuration_aggregators` method returns output similar
to the following:
```
{
"ConfigurationAggregators": [
{
"ConfigurationAggregatorName": "test-name",
"ConfigurationAggregatorArn": "arn:aws:config:us-east-1:123412341234:config-aggregator/config-aggregator-xbxbvyq5",
"OrganizationAggregationSource": {
"RoleArn": "arn:aws:iam::123412341234:role/my-role",
"AllAwsRegions": true
},
"CreationTime": 1619030767.047,
"LastUpdatedTime": 1626463216.998
}
]
}
```
As a result, lines 134-136 fail:
```
del current_params['ConfigurationAggregatorArn']
del current_params['CreationTime']
del current_params['LastUpdatedTime']
```
as they try to delete attributes from the `current_params` as opposed
to `current_params['ConfigurationAggregators'][0]`.
The error message is:
```
KeyError: 'ConfigurationAggregators'
```
Additionally, if no `account_sources` attribute is specified, the module
fails idempotency check, because in that case `AccountAggregationSources`
attribute is present in `params`, but not in `current_params`.
tremble
approved these changes
Jul 2, 2022
|
@ichekaldin Sorry it took so long to get back to this review. |
tremble
added
mergeit
Backport to stable-3: 💚 backport PR created✅ Backport PR branch: Backported as #1296 🤖 @patchback |
patchback bot
pushed a commit
that referenced
this pull request
Jul 2, 2022
Fix idempotency and logic to update existing aggregator
SUMMARY
describe_configuration_aggregators method returns output similar
to the following:
{
"ConfigurationAggregators": [
{
"ConfigurationAggregatorName": "test-name",
"ConfigurationAggregatorArn": "arn:aws:config:us-east-1:123412341234:config-aggregator/config-aggregator-xbxbvyq5",
"OrganizationAggregationSource": {
"RoleArn": "arn:aws:iam::123412341234:role/my-role",
"AllAwsRegions": true
},
"CreationTime": 1619030767.047,
"LastUpdatedTime": 1626463216.998
}
]
}
As a result, lines 134-136 fail:
del current_params['ConfigurationAggregatorArn']
del current_params['CreationTime']
del current_params['LastUpdatedTime']
as they try to delete attributes from the current_params as opposed
to current_params['ConfigurationAggregators'][0].
The error message is:
KeyError: 'ConfigurationAggregators'
Additionally, if no account_sources attribute is specified, the module
fails idempotency check, because in that case AccountAggregationSources
attribute is present in params, but not in current_params.
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
aws_config_aggregator
ADDITIONAL INFORMATION
Reviewed-by: Mark Chappell <None>
(cherry picked from commit 77d5813)
Backport to stable-4: 💚 backport PR created✅ Backport PR branch: Backported as #1297 🤖 @patchback |
patchback bot
pushed a commit
that referenced
this pull request
Jul 2, 2022
Fix idempotency and logic to update existing aggregator
SUMMARY
describe_configuration_aggregators method returns output similar
to the following:
{
"ConfigurationAggregators": [
{
"ConfigurationAggregatorName": "test-name",
"ConfigurationAggregatorArn": "arn:aws:config:us-east-1:123412341234:config-aggregator/config-aggregator-xbxbvyq5",
"OrganizationAggregationSource": {
"RoleArn": "arn:aws:iam::123412341234:role/my-role",
"AllAwsRegions": true
},
"CreationTime": 1619030767.047,
"LastUpdatedTime": 1626463216.998
}
]
}
As a result, lines 134-136 fail:
del current_params['ConfigurationAggregatorArn']
del current_params['CreationTime']
del current_params['LastUpdatedTime']
as they try to delete attributes from the current_params as opposed
to current_params['ConfigurationAggregators'][0].
The error message is:
KeyError: 'ConfigurationAggregators'
Additionally, if no account_sources attribute is specified, the module
fails idempotency check, because in that case AccountAggregationSources
attribute is present in params, but not in current_params.
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
aws_config_aggregator
ADDITIONAL INFORMATION
Reviewed-by: Mark Chappell <None>
(cherry picked from commit 77d5813)
softwarefactory-project-zuul bot
pushed a commit
that referenced
this pull request
Jul 2, 2022
[PR #645/77d5813a backport][stable-3] Fix idempotency and logic to update existing aggregator This is a backport of PR #645 as merged into main (77d5813). SUMMARY describe_configuration_aggregators method returns output similar to the following: { "ConfigurationAggregators": [ { "ConfigurationAggregatorName": "test-name", "ConfigurationAggregatorArn": "arn:aws:config:us-east-1:123412341234:config-aggregator/config-aggregator-xbxbvyq5", "OrganizationAggregationSource": { "RoleArn": "arn:aws:iam::123412341234:role/my-role", "AllAwsRegions": true }, "CreationTime": 1619030767.047, "LastUpdatedTime": 1626463216.998 } ] } As a result, lines 134-136 fail: del current_params['ConfigurationAggregatorArn'] del current_params['CreationTime'] del current_params['LastUpdatedTime'] as they try to delete attributes from the current_params as opposed to current_params['ConfigurationAggregators'][0]. The error message is: KeyError: 'ConfigurationAggregators' Additionally, if no account_sources attribute is specified, the module fails idempotency check, because in that case AccountAggregationSources attribute is present in params, but not in current_params. ISSUE TYPE Bugfix Pull Request COMPONENT NAME aws_config_aggregator ADDITIONAL INFORMATION Reviewed-by: Mark Chappell <None>
softwarefactory-project-zuul bot
pushed a commit
that referenced
this pull request
Jul 2, 2022
[PR #645/77d5813a backport][stable-4] Fix idempotency and logic to update existing aggregator This is a backport of PR #645 as merged into main (77d5813). SUMMARY describe_configuration_aggregators method returns output similar to the following: { "ConfigurationAggregators": [ { "ConfigurationAggregatorName": "test-name", "ConfigurationAggregatorArn": "arn:aws:config:us-east-1:123412341234:config-aggregator/config-aggregator-xbxbvyq5", "OrganizationAggregationSource": { "RoleArn": "arn:aws:iam::123412341234:role/my-role", "AllAwsRegions": true }, "CreationTime": 1619030767.047, "LastUpdatedTime": 1626463216.998 } ] } As a result, lines 134-136 fail: del current_params['ConfigurationAggregatorArn'] del current_params['CreationTime'] del current_params['LastUpdatedTime'] as they try to delete attributes from the current_params as opposed to current_params['ConfigurationAggregators'][0]. The error message is: KeyError: 'ConfigurationAggregators' Additionally, if no account_sources attribute is specified, the module fails idempotency check, because in that case AccountAggregationSources attribute is present in params, but not in current_params. ISSUE TYPE Bugfix Pull Request COMPONENT NAME aws_config_aggregator ADDITIONAL INFORMATION Reviewed-by: Mark Chappell <None>
1 task
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
SUMMARY
describe_configuration_aggregatorsmethod returns output similarto the following:
As a result, lines 134-136 fail:
as they try to delete attributes from the
current_paramsas opposedto
current_params['ConfigurationAggregators'][0].The error message is:
Additionally, if no
account_sourcesattribute is specified, the modulefails idempotency check, because in that case
AccountAggregationSourcesattribute is present in
params, but not incurrent_params.ISSUE TYPE
COMPONENT NAME
aws_config_aggregator
ADDITIONAL INFORMATION