Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add encryption to azure_rm_galleryimageversion #1311

Merged
merged 3 commits into from
Nov 9, 2023
Merged

Add encryption to azure_rm_galleryimageversion #1311

merged 3 commits into from
Nov 9, 2023

Conversation

ephracis
Copy link
Contributor

SUMMARY

Add the parameter encryption to target_regions of the azure_rm_galleryimageversion module.

Fixes #1290

ISSUE TYPE
  • Feature Pull Request
COMPONENT NAME

azure_rm_galleryimageversion

ADDITIONAL INFORMATION

This makes it possible to create encrypted images.

Had to bump API version to get access to the new fields.

@Fred-sun Fred-sun added medium_priority Medium priority new_feature New feature requirments work in In trying to solve, or in working with contributors labels Nov 1, 2023
@ephracis
Add encryption to azure_rm_galleryimageversion
9637412 
Add the parameter `encryption` to `target_regions` of the
`azure_rm_galleryimageversion` module, making it possible to create
encrypted images.

Fixes ansible-collections#1290
@ephracis ephracis force-pushed the 1290-add-encryption-to-gallery-image-version branch from 9793c2d to 9637412 Compare November 2, 2023 08:24
@Fred-sun
Copy link
Collaborator

Fred-sun commented Nov 3, 2023

@ephracis Please help fix the error described below, the new parameters also need to be supported by the test case! Thank you very much!

ERROR: plugins/modules/azure_rm_galleryimageversion.py:0:0: missing-suboption-docs: Argument 'confidential_vm_encryption_type' in argument_spec found in publishing_profile -> target_regions -> encryption -> os_disk_image -> securityProfile has sub-options but documentation does not define it
ERROR: plugins/modules/azure_rm_galleryimageversion.py:0:0: missing-suboption-docs: Argument 'securityProfile' in argument_spec found in publishing_profile -> target_regions -> encryption -> os_disk_image has sub-options but documentation does not define it
ERROR: plugins/modules/azure_rm_galleryimageversion.py:0:0: nonexistent-parameter-documented: Argument 'security_profile' found in publishing_profile -> target_regions -> encryption -> os_disk_image is listed in DOCUMENTATION.options, but not accepted by the module argument_spec
ERROR: plugins/modules/azure_rm_galleryimageversion.py:0:0: parameter-list-no-elements: Argument 'data_disk_images' in argument_spec found in publishing_profile -> target_regions -> encryption defines type as list but elements is not defined
ERROR: plugins/modules/azure_rm_galleryimageversion.py:0:0: parameter-list-no-elements: DOCUMENTATION.options.publishing_profile.suboptions.target_regions.suboptions.encryption.suboptions.data_disk_images: Argument defines type as list but elements is not defined for dictionary value @ data['options']['publishing_profile']['suboptions']['target_regions']['suboptions']['encryption']['suboptions']['data_disk_images']. Got {'description': ['A list of encryption specifications for data disk images.'], 'type': 'list', 'suboptions': {'disk_encryption_set_id': {'description': ['A relative URI containing the resource ID of the disk encryption set.'], 'type': 'str'}, 'lun': {'description': ['This property specifies the logical unit number of the data disk.', 'This value is used to identify data disks within the Virtual Machine and therefore must be unique for each data disk attached to the Virtual Machine.']}}}
ERROR: plugins/modules/azure_rm_galleryimageversion.py:0:0: parameter-type-not-in-doc: Argument 'confidential_vm_encryption_type' in argument_spec found in publishing_profile -> target_regions -> encryption -> os_disk_image -> securityProfile defines type as 'dict' but documentation doesn't define type
ERROR: plugins/modules/azure_rm_galleryimageversion.py:0:0: parameter-type-not-in-doc: Argument 'encrypted_vm_guest_state_only_with_pmk' in argument_spec found in publishing_profile -> target_regions -> encryption -> os_disk_image -> securityProfile -> confidential_vm_encryption_type defines type as 'dict' but documentation doesn't define type
ERROR: plugins/modules/azure_rm_galleryimageversion.py:0:0: parameter-type-not-in-doc: Argument 'encrypted_with_cmk' in argument_spec found in publishing_profile -> target_regions -> encryption -> os_disk_image -> securityProfile -> confidential_vm_encryption_type defines type as 'dict' but documentation doesn't define type
ERROR: plugins/modules/azure_rm_galleryimageversion.py:0:0: parameter-type-not-in-doc: Argument 'encrypted_with_pmk' in argument_spec found in publishing_profile -> target_regions -> encryption -> os_disk_image -> securityProfile -> confidential_vm_encryption_type defines type as 'dict' but documentation doesn't define type
ERROR: plugins/modules/azure_rm_galleryimageversion.py:0:0: parameter-type-not-in-doc: Argument 'lun' in argument_spec found in publishing_profile -> target_regions -> encryption -> data_disk_images defines type as 'int' but documentation doesn't define type
ERROR: plugins/modules/azure_rm_galleryimageversion.py:0:0: parameter-type-not-in-doc: Argument 'secure_vm_disk_encryption_set_id' in argument_spec found in publishing_profile -> target_regions -> encryption -> os_disk_image -> securityProfile defines type as 'str' but documentation doesn't define type
ERROR: plugins/modules/azure_rm_galleryimageversion.py:0:0: parameter-type-not-in-doc: Argument 'securityProfile' in argument_spec found in publishing_profile -> target_regions -> encryption -> os_disk_image defines type as 'dict' but documentation doesn't define type
ERROR: plugins/modules/azure_rm_galleryimageversion.py:0:0: undocumented-parameter: Argument 'confidential_vm_encryption_type' found in publishing_profile -> target_regions -> encryption -> os_disk_image -> securityProfile is listed in the argument_spec, but not documented in the module documentation
ERROR: plugins/modules/azure_rm_galleryimageversion.py:0:0: undocumented-parameter: Argument 'encrypted_vm_guest_state_only_with_pmk' found in publishing_profile -> target_regions -> encryption -> os_disk_image -> securityProfile -> confidential_vm_encryption_type is listed in the argument_spec, but not documented in the module documentation
ERROR: plugins/modules/azure_rm_galleryimageversion.py:0:0: undocumented-parameter: Argument 'encrypted_with_cmk' found in publishing_profile -> target_regions -> encryption -> os_disk_image -> securityProfile -> confidential_vm_encryption_type is listed in the argument_spec, but not documented in the module documentation
ERROR: plugins/modules/azure_rm_galleryimageversion.py:0:0: undocumented-parameter: Argument 'encrypted_with_pmk' found in publishing_profile -> target_regions -> encryption -> os_disk_image -> securityProfile -> confidential_vm_encryption_type is listed in the argument_spec, but not documented in the module documentation
ERROR: plugins/modules/azure_rm_galleryimageversion.py:0:0: undocumented-parameter: Argument 'secure_vm_disk_encryption_set_id' found in publishing_profile -> target_regions -> encryption -> os_disk_image -> securityProfile is listed in the argument_spec, but not documented in the module documentation
ERROR: plugins/modules/azure_rm_galleryimageversion.py:0:0: undocumented-parameter: Argument 'securityProfile' found in publishing_profile -> target_regions -> encryption -> os_disk_image is listed in the argument_spec, but not documented in the module documentation

@ephracis ephracis mentioned this pull request Nov 3, 2023
Merged
@ephracis
Copy link
Contributor Author

ephracis commented Nov 3, 2023

Sure thing! I'll start working on it right away.

@ephracis
Fix documentation
12c4896
@ephracis
Add disk encryption to gallery image version tests
b09d0ff 
Add the usage of disk encryption to all regions in the tests of the
module azure_rm_galleryimageversion.

This required a fix, moving the deprecated managed_image to
storage_profile.source_image instead.
@ephracis
Copy link
Contributor Author

ephracis commented Nov 3, 2023

I have now fixed the issues in the module specification, and added integrations tests.

@ephracis ephracis mentioned this pull request Nov 3, 2023
Merged
@Fred-sun Fred-sun added has_pr PR fixes have been made work in In trying to solve, or in working with contributors ready_for_review The PR has been modified and can be reviewed and merged and removed work in In trying to solve, or in working with contributors has_pr PR fixes have been made labels Nov 6, 2023
xuzhang3
xuzhang3 reviewed Nov 8, 2023
View reviewed changes
tests/integration/targets/azure_rm_gallery/lookup_plugins/azure_service_principal_attribute.py
@@ -0,0 +1,92 @@
# (c) 2018 Yunge Zhu, <yungez@microsoft.com>
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@ephracis you are the author.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@ephracis you are the author.

@xuzhang3 This file was copied from another location and no changes are required to the author. Thank you!

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, that's true. It would actually be better to put the file somewhere where it could be shared by both integration tests but this was my first attempt at it.

If you have any suggestions on where to put the file and then share it, let me know and I can fix it as part of this PR.

I'm actually wondering why this is not part of the collection itself, and only part of the integration tests. Seems like a good plugin to have. But perhaps there's a reason you don't want it shipped.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@ephracis Yes, we are considering it as a plugin that can be applied to the entire repo. Thanks!

@xuzhang3 xuzhang3 merged commit ecf0c86 into ansible-collections:dev Nov 9, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Fred-sun Fred-sun Fred-sun left review comments

@xuzhang3 xuzhang3 xuzhang3 approved these changes

Assignees

@xuzhang3 xuzhang3

Labels
medium_priority Medium priority new_feature New feature requirments ready_for_review The PR has been modified and can be reviewed and merged
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Ability to encrypt gallery image version
3 participants
@ephracis @Fred-sun @xuzhang3