Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

cloudwatchlogs_log_group: Add check_mode support #1373

Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
minor_changes:
- cloudwatchlogs_log_group - Added check_mode support (https://github.com/ansible-collections/community.aws/pull/1373).
11 changes: 10 additions & 1 deletion plugins/modules/cloudwatchlogs_log_group.py
Original file line number Diff line number Diff line change
Expand Up @@ -148,6 +148,9 @@ def create_log_group(client, log_group_name, kms_key_id, tags, retention, module
if tags:
request['tags'] = tags

if module.check_mode:
module.exit_json(changed=True, msg="Would have created log group if not in check_mode.")

try:
client.create_log_group(**request)
except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e:
Expand Down Expand Up @@ -180,13 +183,19 @@ def input_retention_policy(client, log_group_name, retention, module):


def delete_retention_policy(client, log_group_name, module):
if module.check_mode:
return True

try:
client.delete_retention_policy(logGroupName=log_group_name)
except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e:
module.fail_json_aws(e, msg="Unable to delete retention policy for log group {0}".format(log_group_name))


def delete_log_group(client, log_group_name, module):
if module.check_mode:
module.exit_json(changed=True, msg="Would have deleted log group if not in check_mode.")

try:
client.delete_log_group(logGroupName=log_group_name)
except is_boto3_error_code('ResourceNotFoundException'):
Expand Down Expand Up @@ -265,7 +274,7 @@ def main():
)

mutually_exclusive = [['retention', 'purge_retention_policy'], ['purge_retention_policy', 'overwrite']]
module = AnsibleAWSModule(argument_spec=argument_spec, mutually_exclusive=mutually_exclusive)
module = AnsibleAWSModule(supports_check_mode=True, argument_spec=argument_spec, mutually_exclusive=mutually_exclusive)

try:
logs = module.client('logs')
Expand Down
55 changes: 55 additions & 0 deletions tests/integration/targets/cloudwatchlogs_log_group/tasks/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,23 @@
region: "{{ aws_region }}"

block:
- name: create cloudwatch log group for integration test (check_mode)
cloudwatchlogs_log_group:
state: present
log_group_name: '{{ log_group_name }}'
retention: 1
tags:
CamelCase: Value
snake_case: value
check_mode: true
register: result

- assert:
that:
- result is changed
- '"log_groups" not in result'
- '"logs:CreateLogGroup" not in result.resource_actions'

- name: create cloudwatch log group for integration test
cloudwatchlogs_log_group:
state: present
Expand Down Expand Up @@ -42,6 +59,20 @@
vars:
log_group: '{{ result.log_groups[0] }}'

- name: create cloudwatch log group for integration test (check_mode - idempotent)
cloudwatchlogs_log_group:
state: present
log_group_name: '{{ log_group_name }}'
retention: 1
check_mode: true
register: result

- assert:
that:
- result is not changed
- '"log_groups" in result'
- result.log_groups | length == 1

- name: create cloudwatch log group for integration test (idempotent)
cloudwatchlogs_log_group:
state: present
Expand Down Expand Up @@ -88,6 +119,18 @@

- include_tasks: 'tags.yml'

- name: delete cloudwatch log group for integration test (check_mode)
cloudwatchlogs_log_group:
state: absent
log_group_name: '{{ log_group_name }}'
check_mode: true
register: result

- assert:
that:
- result is changed
- '"logs:DeleteLogGroup" not in result.resource_actions'

- name: delete cloudwatch log group for integration test
cloudwatchlogs_log_group:
state: absent
Expand All @@ -98,6 +141,18 @@
that:
- result is changed

- name: delete cloudwatch log group for integration test (check_mode - idempotent)
cloudwatchlogs_log_group:
state: absent
log_group_name: '{{ log_group_name }}'
check_mode: true
register: result

- assert:
that:
- result is not changed
- '"logs:DeleteLogGroup" not in result.resource_actions'

- name: delete cloudwatch log group for integration test (idempotent)
cloudwatchlogs_log_group:
state: absent
Expand Down
199 changes: 109 additions & 90 deletions tests/integration/targets/cloudwatchlogs_log_group/tasks/tags.yml
Original file line number Diff line number Diff line change
Expand Up @@ -34,16 +34,19 @@
log_group_name: '{{ log_group_name }}'
block:

# - name: test adding tags to cloudwatchlogs_log_group (check mode)
# cloudwatchlogs_log_group:
# tags: '{{ first_tags }}'
# purge_tags: True
# register: update_result
# check_mode: yes
# - name: assert that update succeeded
# assert:
# that:
# - update_result is changed
- name: test adding tags to cloudwatchlogs_log_group (check_mode)
cloudwatchlogs_log_group:
tags: '{{ first_tags }}'
purge_tags: True
check_mode: true
register: update_result

- name: assert that update succeeded
assert:
that:
- update_result is changed
- '"logs:UntagLogGroup" not in update_result'
- '"logs:TagLogGroup" not in update_result'

- name: test adding tags to cloudwatchlogs_log_group
cloudwatchlogs_log_group:
Expand All @@ -56,16 +59,19 @@
- update_result is changed
- update_result.log_groups[0].tags == first_tags

# - name: test adding tags to cloudwatchlogs_log_group - idempotency (check mode)
# cloudwatchlogs_log_group:
# tags: '{{ first_tags }}'
# purge_tags: True
# register: update_result
# check_mode: yes
# - name: assert that update succeeded
# assert:
# that:
# - update_result is not changed
- name: test adding tags to cloudwatchlogs_log_group - idempotency (check mode)
cloudwatchlogs_log_group:
tags: '{{ first_tags }}'
purge_tags: True
check_mode: true
register: update_result

- name: assert that update succeeded
assert:
that:
- update_result is not changed
- '"logs:UntagLogGroup" not in update_result'
- '"logs:TagLogGroup" not in update_result'

- name: test adding tags to cloudwatchlogs_log_group - idempotency
cloudwatchlogs_log_group:
Expand All @@ -80,16 +86,19 @@

###

# - name: test updating tags with purge on cloudwatchlogs_log_group (check mode)
# cloudwatchlogs_log_group:
# tags: '{{ second_tags }}'
# purge_tags: True
# register: update_result
# check_mode: yes
# - name: assert that update succeeded
# assert:
# that:
# - update_result is changed
- name: test updating tags with purge on cloudwatchlogs_log_group (check mode)
cloudwatchlogs_log_group:
tags: '{{ second_tags }}'
purge_tags: True
check_mode: true
register: update_result

- name: assert that update succeeded
assert:
that:
- update_result is changed
- '"logs:UntagLogGroup" not in update_result'
- '"logs:TagLogGroup" not in update_result'

- name: test updating tags with purge on cloudwatchlogs_log_group
cloudwatchlogs_log_group:
Expand All @@ -102,16 +111,19 @@
- update_result is changed
- update_result.log_groups[0].tags == second_tags

# - name: test updating tags with purge on cloudwatchlogs_log_group - idempotency (check mode)
# cloudwatchlogs_log_group:
# tags: '{{ second_tags }}'
# purge_tags: True
# register: update_result
# check_mode: yes
# - name: assert that update succeeded
# assert:
# that:
# - update_result is not changed
- name: test updating tags with purge on cloudwatchlogs_log_group - idempotency (check mode)
cloudwatchlogs_log_group:
tags: '{{ second_tags }}'
purge_tags: True
check_mode: true
register: update_result

- name: assert that update succeeded
assert:
that:
- update_result is not changed
- '"logs:UntagLogGroup" not in update_result'
- '"logs:TagLogGroup" not in update_result'

- name: test updating tags with purge on cloudwatchlogs_log_group - idempotency
cloudwatchlogs_log_group:
Expand All @@ -126,16 +138,19 @@

###

# - name: test updating tags without purge on cloudwatchlogs_log_group (check mode)
# cloudwatchlogs_log_group:
# tags: '{{ third_tags }}'
# purge_tags: False
# register: update_result
# check_mode: yes
# - name: assert that update succeeded
# assert:
# that:
# - update_result is changed
- name: test updating tags without purge on cloudwatchlogs_log_group (check mode)
cloudwatchlogs_log_group:
tags: '{{ third_tags }}'
purge_tags: False
check_mode: true
register: update_result

- name: assert that update succeeded
assert:
that:
- update_result is changed
- '"logs:UntagLogGroup" not in update_result'
- '"logs:TagLogGroup" not in update_result'

- name: test updating tags without purge on cloudwatchlogs_log_group
cloudwatchlogs_log_group:
Expand All @@ -148,16 +163,19 @@
- update_result is changed
- update_result.log_groups[0].tags == final_tags

# - name: test updating tags without purge on cloudwatchlogs_log_group - idempotency (check mode)
# cloudwatchlogs_log_group:
# tags: '{{ third_tags }}'
# purge_tags: False
# register: update_result
# check_mode: yes
# - name: assert that update succeeded
# assert:
# that:
# - update_result is not changed
- name: test updating tags without purge on cloudwatchlogs_log_group - idempotency (check mode)
cloudwatchlogs_log_group:
tags: '{{ third_tags }}'
purge_tags: False
check_mode: true
register: update_result

- name: assert that update succeeded
assert:
that:
- update_result is not changed
- '"logs:UntagLogGroup" not in update_result'
- '"logs:TagLogGroup" not in update_result'

- name: test updating tags without purge on cloudwatchlogs_log_group - idempotency
cloudwatchlogs_log_group:
Expand All @@ -183,16 +201,16 @@

###

# - name: test no tags param cloudwatchlogs_log_group (check mode)
# cloudwatchlogs_log_group: {}
# register: update_result
# check_mode: yes
# - name: assert no change
# assert:
# that:
# - update_result is not changed
# - update_result.log_groups[0].tags == final_tags
#
- name: test no tags param cloudwatchlogs_log_group (check mode)
cloudwatchlogs_log_group: {}
check_mode: true
register: update_result

- name: assert no change
assert:
that:
- update_result is not changed
- update_result.log_groups[0].tags == final_tags

- name: test no tags param cloudwatchlogs_log_group
cloudwatchlogs_log_group: {}
Expand All @@ -205,16 +223,17 @@

###

# - name: test removing tags from cloudwatchlogs_log_group (check mode)
# cloudwatchlogs_log_group:
# tags: {}
# purge_tags: True
# register: update_result
# check_mode: yes
# - name: assert that update succeeded
# assert:
# that:
# - update_result is changed
- name: test removing tags from cloudwatchlogs_log_group (check mode)
cloudwatchlogs_log_group:
tags: {}
purge_tags: True
check_mode: true
register: update_result

- name: assert that update succeeded
assert:
that:
- update_result is changed

- name: test removing tags from cloudwatchlogs_log_group
cloudwatchlogs_log_group:
Expand All @@ -227,16 +246,16 @@
- update_result is changed
- update_result.log_groups[0].tags == {}

# - name: test removing tags from cloudwatchlogs_log_group - idempotency (check mode)
# cloudwatchlogs_log_group:
# tags: {}
# purge_tags: True
# register: update_result
# check_mode: yes
# - name: assert that update succeeded
# assert:
# that:
# - update_result is not changed
- name: test removing tags from cloudwatchlogs_log_group - idempotency (check mode)
cloudwatchlogs_log_group:
tags: {}
purge_tags: True
check_mode: true
register: update_result
- name: assert that update succeeded
assert:
that:
- update_result is not changed

- name: test removing tags from cloudwatchlogs_log_group - idempotency
cloudwatchlogs_log_group:
Expand Down