New module: GCP Compute Disks (#38612)

1 files changed, 635 insertions, 0 deletions

diff --git a/lib/ansible/modules/cloud/google/gcp_compute_disk.py b/lib/ansible/modules/cloud/google/gcp_compute_disk.py
new file mode 100644
index 0000000000..e3252787aa
--- /dev/null
+++ b/lib/ansible/modules/cloud/google/gcp_compute_disk.py
@@ -0,0 +1,635 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Copyright (C) 2017 Google
+# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
+# ----------------------------------------------------------------------------
+#
+#     ***     AUTO GENERATED CODE    ***    AUTO GENERATED CODE     ***
+#
+# ----------------------------------------------------------------------------
+#
+#     This file is automatically generated by Magic Modules and manual
+#     changes will be clobbered when the file is regenerated.
+#
+#     Please read more about how to change this file at
+#     https://www.github.com/GoogleCloudPlatform/magic-modules
+#
+# ----------------------------------------------------------------------------
+
+from __future__ import absolute_import, division, print_function
+__metaclass__ = type
+
+################################################################################
+# Documentation
+################################################################################
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+                    'status': ["preview"],
+                    'supported_by': 'community'}
+
+DOCUMENTATION = '''
+---
+module: gcp_compute_disk
+description:
+    - Persistent disks are durable storage devices that function similarly to the physical
+      disks in a desktop or a server. Compute Engine manages the hardware behind these
+      devices to ensure data redundancy and optimize performance for you. Persistent disks
+      are available as either standard hard disk drives (HDD) or solid-state drives (SSD).
+    - Persistent disks are located independently from your virtual machine instances,
+      so you can detach or move persistent disks to keep your data even after you delete
+      your instances. Persistent disk performance scales automatically with size, so you
+      can resize your existing persistent disks or add more persistent disks to an instance
+      to meet your performance and storage space requirements.
+    - Add a persistent disk to your instance when you need reliable and affordable storage
+      with consistent performance characteristics.
+short_description: Creates a GCP Disk
+version_added: 2.6
+author: Google Inc. (@googlecloudplatform)
+requirements:
+    - python >= 2.6
+    - requests >= 2.18.4
+    - google-auth >= 1.3.0
+options:
+    state:
+        description:
+            - Whether the given object should exist in GCP
+        choices: ['present', 'absent']
+        default: 'present'
+    description:
+        description:
+            - An optional description of this resource. Provide this property when you create
+              the resource.
+        required: false
+    licenses:
+        description:
+            - Any applicable publicly visible licenses.
+        required: false
+    name:
+        description:
+            - Name of the resource. Provided by the client when the resource is created. The name
+              must be 1-63 characters long, and comply with RFC1035. Specifically, the name must
+              be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
+              which means the first character must be a lowercase letter, and all following characters
+              must be a dash, lowercase letter, or digit, except the last character, which cannot
+              be a dash.
+        required: false
+    size_gb:
+        description:
+            - Size of the persistent disk, specified in GB. You can specify this field when creating
+              a persistent disk using the sourceImage or sourceSnapshot parameter, or specify
+              it alone to create an empty persistent disk.
+            - If you specify this field along with sourceImage or sourceSnapshot, the value of
+              sizeGb must not be less than the size of the sourceImage or the size of the snapshot.
+        required: false
+    source_image:
+        description:
+            - The source image used to create this disk. If the source image is deleted, this
+              field will not be set.
+            - 'To create a disk with one of the public operating system images, specify the image
+              by its family name. For example, specify family/debian-8 to use the latest Debian
+              8 image:  projects/debian-cloud/global/images/family/debian-8  Alternatively, use
+              a specific version of a public operating system image:  projects/debian-cloud/global/images/debian-8-jessie-vYYYYMMDD  To
+              create a disk with a private image that you created, specify the image name in the
+              following format:  global/images/my-private-image  You can also specify a private
+              image by its image family, which returns the latest version of the image in that
+              family. Replace the image name with family/family-name:  global/images/family/my-private-family
+              .'
+        required: false
+    zone:
+        description:
+            - A reference to Zone resource.
+        required: true
+    disk_encryption_key:
+        description:
+            - Encrypts the disk using a customer-supplied encryption key.
+            - After you encrypt a disk with a customer-supplied key, you must provide the same
+              key if you use the disk later (e.g. to create a disk snapshot or an image, or to
+              attach the disk to a virtual machine).
+            - Customer-supplied encryption keys do not protect access to metadata of the disk.
+            - If you do not provide an encryption key when creating the disk, then the disk will
+              be encrypted using an automatically generated key and you do not need to provide
+              a key to use the disk later.
+        required: false
+        suboptions:
+            raw_key:
+                description:
+                    - Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64
+                      to either encrypt or decrypt this resource.
+                required: false
+            sha256:
+                description:
+                    - The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key
+                      that protects this resource.
+                required: false
+    source_image_encryption_key:
+        description:
+            - The customer-supplied encryption key of the source image. Required if the source
+              image is protected by a customer-supplied encryption key.
+        required: false
+        suboptions:
+            raw_key:
+                description:
+                    - Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64
+                      to either encrypt or decrypt this resource.
+                required: false
+            sha256:
+                description:
+                    - The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key
+                      that protects this resource.
+                required: false
+    source_snapshot:
+        description:
+            - 'The source snapshot used to create this disk. You can provide
+              this as a partial or full URL to the resource. For example, the
+              following are valid values: *
+              U(https://www.googleapis.com/compute/v1/projects/project/global/)
+              snapshots/snapshot * projects/project/global/snapshots/snapshot *
+              global/snapshots/snapshot .'
+        required: false
+    source_snapshot_encryption_key:
+        description:
+            - The customer-supplied encryption key of the source snapshot. Required if the source
+              snapshot is protected by a customer-supplied encryption key.
+        required: false
+        suboptions:
+            raw_key:
+                description:
+                    - Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64
+                      to either encrypt or decrypt this resource.
+                required: false
+            sha256:
+                description:
+                    - The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key
+                      that protects this resource.
+                required: false
+extends_documentation_fragment: gcp
+'''
+
+EXAMPLES = '''
+- name: create a disk
+  gcp_compute_disk:
+      name: testObject
+      size_gb: 50
+      disk_encryption_key:
+        raw_key: 'SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0='
+      zone: 'us-central1-a'
+      project: testProject
+      auth_kind: service_account
+      service_account_file: /tmp/auth.pem
+      scopes:
+        - https://www.googleapis.com/auth/compute
+      state: present
+'''
+
+RETURN = '''
+    creation_timestamp:
+        description:
+            - Creation timestamp in RFC3339 text format.
+        returned: success
+        type: str
+    description:
+        description:
+            - An optional description of this resource. Provide this property when you create
+              the resource.
+        returned: success
+        type: str
+    id:
+        description:
+            - The unique identifier for the resource.
+        returned: success
+        type: int
+    last_attach_timestamp:
+        description:
+            - Last attach timestamp in RFC3339 text format.
+        returned: success
+        type: str
+    last_detach_timestamp:
+        description:
+            - Last dettach timestamp in RFC3339 text format.
+        returned: success
+        type: str
+    licenses:
+        description:
+            - Any applicable publicly visible licenses.
+        returned: success
+        type: list
+    name:
+        description:
+            - Name of the resource. Provided by the client when the resource is created. The name
+              must be 1-63 characters long, and comply with RFC1035. Specifically, the name must
+              be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
+              which means the first character must be a lowercase letter, and all following characters
+              must be a dash, lowercase letter, or digit, except the last character, which cannot
+              be a dash.
+        returned: success
+        type: str
+    size_gb:
+        description:
+            - Size of the persistent disk, specified in GB. You can specify this field when creating
+              a persistent disk using the sourceImage or sourceSnapshot parameter, or specify
+              it alone to create an empty persistent disk.
+            - If you specify this field along with sourceImage or sourceSnapshot, the value of
+              sizeGb must not be less than the size of the sourceImage or the size of the snapshot.
+        returned: success
+        type: int
+    source_image:
+        description:
+            - The source image used to create this disk. If the source image is deleted, this
+              field will not be set.
+            - 'To create a disk with one of the public operating system images, specify the image
+              by its family name. For example, specify family/debian-8 to use the latest Debian
+              8 image:  projects/debian-cloud/global/images/family/debian-8  Alternatively, use
+              a specific version of a public operating system image:  projects/debian-cloud/global/images/debian-8-jessie-vYYYYMMDD  To
+              create a disk with a private image that you created, specify the image name in the
+              following format:  global/images/my-private-image  You can also specify a private
+              image by its image family, which returns the latest version of the image in that
+              family. Replace the image name with family/family-name:  global/images/family/my-private-family
+              .'
+        returned: success
+        type: str
+    type:
+        description:
+            - URL of the disk type resource describing which disk type to use to create the disk.
+              Provide this when creating the disk.
+        returned: success
+        type: str
+    users:
+        description:
+            - 'Links to the users of the disk (attached instances) in form: project/zones/zone/instances/instance
+              .'
+        returned: success
+        type: list
+    zone:
+        description:
+            - A reference to Zone resource.
+        returned: success
+        type: str
+    disk_encryption_key:
+        description:
+            - Encrypts the disk using a customer-supplied encryption key.
+            - After you encrypt a disk with a customer-supplied key, you must provide the same
+              key if you use the disk later (e.g. to create a disk snapshot or an image, or to
+              attach the disk to a virtual machine).
+            - Customer-supplied encryption keys do not protect access to metadata of the disk.
+            - If you do not provide an encryption key when creating the disk, then the disk will
+              be encrypted using an automatically generated key and you do not need to provide
+              a key to use the disk later.
+        returned: success
+        type: complex
+        contains:
+            raw_key:
+                description:
+                    - Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64
+                      to either encrypt or decrypt this resource.
+                returned: success
+                type: str
+            sha256:
+                description:
+                    - The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key
+                      that protects this resource.
+                returned: success
+                type: str
+    source_image_encryption_key:
+        description:
+            - The customer-supplied encryption key of the source image. Required if the source
+              image is protected by a customer-supplied encryption key.
+        returned: success
+        type: complex
+        contains:
+            raw_key:
+                description:
+                    - Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64
+                      to either encrypt or decrypt this resource.
+                returned: success
+                type: str
+            sha256:
+                description:
+                    - The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key
+                      that protects this resource.
+                returned: success
+                type: str
+    source_image_id:
+        description:
+            - The ID value of the image used to create this disk. This value identifies the exact
+              image that was used to create this persistent disk. For example, if you created
+              the persistent disk from an image that was later deleted and recreated under the
+              same name, the source image ID would identify the exact version of the image that
+              was used.
+        returned: success
+        type: str
+    source_snapshot:
+        description:
+            - 'The source snapshot used to create this disk. You can provide
+              this as a partial or full URL to the resource. For example, the
+              following are valid values: *
+              U(https://www.googleapis.com/compute/v1/projects/project/global/)
+              snapshots/snapshot * projects/project/global/snapshots/snapshot *
+              global/snapshots/snapshot .'
+        returned: success
+        type: str
+    source_snapshot_encryption_key:
+        description:
+            - The customer-supplied encryption key of the source snapshot. Required if the source
+              snapshot is protected by a customer-supplied encryption key.
+        returned: success
+        type: complex
+        contains:
+            raw_key:
+                description:
+                    - Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64
+                      to either encrypt or decrypt this resource.
+                returned: success
+                type: str
+            sha256:
+                description:
+                    - The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key
+                      that protects this resource.
+                returned: success
+                type: str
+    source_snapshot_id:
+        description:
+            - The unique ID of the snapshot used to create this disk. This value identifies the
+              exact snapshot that was used to create this persistent disk. For example, if you
+              created the persistent disk from a snapshot that was later deleted and recreated
+              under the same name, the source snapshot ID would identify the exact version of
+              the snapshot that was used.
+        returned: success
+        type: str
+'''
+
+################################################################################
+# Imports
+################################################################################
+
+from ansible.module_utils.gcp_utils import navigate_hash, GcpSession, GcpModule, GcpRequest, remove_nones_from_dict, replace_resource_dict
+import json
+import time
+
+################################################################################
+# Main
+################################################################################
+
+
+def main():
+    """Main function"""
+
+    module = GcpModule(
+        argument_spec=dict(
+            state=dict(default='present', choices=['present', 'absent'], type='str'),
+            description=dict(type='str'),
+            licenses=dict(type='list', elements='str'),
+            name=dict(type='str'),
+            size_gb=dict(type='int'),
+            source_image=dict(type='str'),
+            zone=dict(required=True, type='str'),
+            disk_encryption_key=dict(type='dict', options=dict(
+                raw_key=dict(type='str'),
+                sha256=dict(type='str')
+            )),
+            source_image_encryption_key=dict(type='dict', options=dict(
+                raw_key=dict(type='str'),
+                sha256=dict(type='str')
+            )),
+            source_snapshot=dict(type='str'),
+            source_snapshot_encryption_key=dict(type='dict', options=dict(
+                raw_key=dict(type='str'),
+                sha256=dict(type='str')
+            ))
+        )
+    )
+
+    state = module.params['state']
+    kind = 'compute#disk'
+
+    fetch = fetch_resource(module, self_link(module), kind)
+    changed = False
+
+    if fetch:
+        if state == 'present':
+            if is_different(module, fetch):
+                fetch = update(module, self_link(module), kind, fetch)
+                changed = True
+        else:
+            delete(module, self_link(module), kind, fetch)
+            fetch = {}
+            changed = True
+    else:
+        if state == 'present':
+            fetch = create(module, collection(module), kind)
+            changed = True
+        else:
+            fetch = {}
+
+    fetch.update({'changed': changed})
+
+    module.exit_json(**fetch)
+
+
+def create(module, link, kind):
+    auth = GcpSession(module, 'compute')
+    return wait_for_operation(module, auth.post(link, resource_to_request(module)))
+
+
+def update(module, link, kind, fetch):
+    module.fail_json(msg="Disk cannot be edited")
+
+
+def delete(module, link, kind, fetch):
+    auth = GcpSession(module, 'compute')
+    return wait_for_operation(module, auth.delete(link))
+
+
+def resource_to_request(module):
+    request = {
+        u'kind': 'compute#disk',
+        u'diskEncryptionKey': DiskDiskEncryKey(module.params.get('disk_encryption_key', {}), module).to_request(),
+        u'sourceImageEncryptionKey': DiskSourImagEncrKey(module.params.get('source_image_encryption_key', {}), module).to_request(),
+        u'sourceSnapshotEncryptionKey': DiskSourSnapEncrKey(module.params.get('source_snapshot_encryption_key', {}), module).to_request(),
+        u'description': module.params.get('description'),
+        u'licenses': module.params.get('licenses'),
+        u'name': module.params.get('name'),
+        u'sizeGb': module.params.get('size_gb'),
+        u'sourceImage': module.params.get('source_image')
+    }
+    return_vals = {}
+    for k, v in request.items():
+        if v:
+            return_vals[k] = v
+
+    return return_vals
+
+
+def fetch_resource(module, link, kind):
+    auth = GcpSession(module, 'compute')
+    return return_if_object(module, auth.get(link), kind)
+
+
+def self_link(module):
+    return "https://www.googleapis.com/compute/v1/projects/{project}/zones/{zone}/disks/{name}".format(**module.params)
+
+
+def collection(module):
+    return "https://www.googleapis.com/compute/v1/projects/{project}/zones/{zone}/disks".format(**module.params)
+
+
+def return_if_object(module, response, kind):
+    # If not found, return nothing.
+    if response.status_code == 404:
+        return None
+
+    # If no content, return nothing.
+    if response.status_code == 204:
+        return None
+
+    try:
+        module.raise_for_status(response)
+        result = response.json()
+    except getattr(json.decoder, 'JSONDecodeError', ValueError) as inst:
+        module.fail_json(msg="Invalid JSON response with error: %s" % inst)
+
+    if navigate_hash(result, ['error', 'errors']):
+        module.fail_json(msg=navigate_hash(result, ['error', 'errors']))
+    if result['kind'] != kind:
+        module.fail_json(msg="Incorrect result: {kind}".format(**result))
+
+    return result
+
+
+def is_different(module, response):
+    request = resource_to_request(module)
+    response = response_to_hash(module, response)
+
+    # Remove all output-only from response.
+    response_vals = {}
+    for k, v in response.items():
+        if k in request:
+            response_vals[k] = v
+
+    request_vals = {}
+    for k, v in request.items():
+        if k in response:
+            request_vals[k] = v
+
+    return GcpRequest(request_vals) != GcpRequest(response_vals)
+
+
+# Remove unnecessary properties from the response.
+# This is for doing comparisons with Ansible's current parameters.
+def response_to_hash(module, response):
+    return {
+        u'creationTimestamp': response.get(u'creationTimestamp'),
+        u'description': response.get(u'description'),
+        u'id': response.get(u'id'),
+        u'lastAttachTimestamp': response.get(u'lastAttachTimestamp'),
+        u'lastDetachTimestamp': response.get(u'lastDetachTimestamp'),
+        u'licenses': response.get(u'licenses'),
+        u'name': response.get(u'name'),
+        u'sizeGb': response.get(u'sizeGb'),
+        u'sourceImage': module.params.get('source_image'),
+        u'type': response.get(u'type'),
+        u'users': response.get(u'users')
+    }
+
+
+def async_op_url(module, extra_data=None):
+    if extra_data is None:
+        extra_data = {}
+    url = "https://www.googleapis.com/compute/v1/projects/{project}/zones/{zone}/operations/{op_id}"
+    combined = extra_data.copy()
+    combined.update(module.params)
+    return url.format(**combined)
+
+
+def wait_for_operation(module, response):
+    op_result = return_if_object(module, response, 'compute#operation')
+    if op_result is None:
+        return None
+    status = navigate_hash(op_result, ['status'])
+    wait_done = wait_for_completion(status, op_result, module)
+    return fetch_resource(module, navigate_hash(wait_done, ['targetLink']), 'compute#disk')
+
+
+def wait_for_completion(status, op_result, module):
+    op_id = navigate_hash(op_result, ['name'])
+    op_uri = async_op_url(module, {'op_id': op_id})
+    while status != 'DONE':
+        raise_if_errors(op_result, ['error', 'errors'], 'message')
+        time.sleep(1.0)
+        if status not in ['PENDING', 'RUNNING', 'DONE']:
+            module.fail_json(msg="Invalid result %s" % status)
+        op_result = fetch_resource(module, op_uri, 'compute#operation')
+        status = navigate_hash(op_result, ['status'])
+    return op_result
+
+
+def raise_if_errors(response, err_path, module):
+    errors = navigate_hash(response, err_path)
+    if errors is not None:
+        module.fail_json(msg=errors)
+
+
+class DiskDiskEncryKey(object):
+    def __init__(self, request, module):
+        self.module = module
+        if request:
+            self.request = request
+        else:
+            self.request = {}
+
+    def to_request(self):
+        return remove_nones_from_dict({
+            u'rawKey': self.request.get('raw_key'),
+            u'sha256': self.request.get('sha256')
+        })
+
+    def from_response(self):
+        return remove_nones_from_dict({
+            u'rawKey': self.request.get(u'rawKey'),
+            u'sha256': self.request.get(u'sha256')
+        })
+
+
+class DiskSourImagEncrKey(object):
+    def __init__(self, request, module):
+        self.module = module
+        if request:
+            self.request = request
+        else:
+            self.request = {}
+
+    def to_request(self):
+        return remove_nones_from_dict({
+            u'rawKey': self.request.get('raw_key'),
+            u'sha256': self.request.get('sha256')
+        })
+
+    def from_response(self):
+        return remove_nones_from_dict({
+            u'rawKey': self.request.get(u'rawKey'),
+            u'sha256': self.request.get(u'sha256')
+        })
+
+
+class DiskSourSnapEncrKey(object):
+    def __init__(self, request, module):
+        self.module = module
+        if request:
+            self.request = request
+        else:
+            self.request = {}
+
+    def to_request(self):
+        return remove_nones_from_dict({
+            u'rawKey': self.request.get('raw_key'),
+            u'sha256': self.request.get('sha256')
+        })
+
+    def from_response(self):
+        return remove_nones_from_dict({
+            u'rawKey': self.request.get(u'rawKey'),
+            u'sha256': self.request.get(u'sha256')
+        })
+
+if __name__ == '__main__':
+    main()