def perform_action(self, action):
action_fn = self.get_action_fn(action)
if not action_fn:
self.module.fail_json(msg="{0} not supported by the module.".format(action))
# the idempotency checks for these actions are custom since we aren't doing the regular
# check for existence, we are checking if a requested resource is present within a list
if action == "bulk_add_virtual_circuit_public_prefixes":
action_idempotency_checks_fn = (
self._bulk_add_virtual_circuit_public_prefixes_idempotency_check
)
check_mode_response_resource = to_dict(
BulkAddVirtualCircuitPublicPrefixesDetails(public_prefixes=[])
)
elif action == "bulk_delete_virtual_circuit_public_prefixes":
action_idempotency_checks_fn = (
self._bulk_delete_virtual_circuit_public_prefixes_idempotency_check
)
check_mode_response_resource = to_dict(
BulkDeleteVirtualCircuitPublicPrefixesDetails(public_prefixes=[])
)
else:
self.module.fail_json(
msg="Performing action failed for unrecognized action: {0}".format(
action
)
)
result = action_idempotency_checks_fn()
if result:
return result
if self.check_mode:
return oci_common_utils.get_result(
changed=True,
resource_type=self.resource_type,
resource=check_mode_response_resource,
)
try:
action_fn()
except MaximumWaitTimeExceeded as mwtex:
self.module.fail_json(msg=str(mwtex))
except ServiceError as se:
self.module.fail_json(
msg="Performing action failed with exception: {0}".format(se.message)
)
else:
# the individual action operations return None. So get the final list of public prefixes
# and return them.
resource = BulkAddVirtualCircuitPublicPrefixesDetails(
public_prefixes=self.list_public_prefixes()
)
return oci_common_utils.get_result(
changed=True,
resource_type=self.resource_type,
resource=to_dict(resource),
)
def _add_network_security_group_rules_idempotency_check(self):
existing_security_rules = self.list_security_rules()
provided_security_rules = self.module.params.get("security_rules", [])
provided_security_rules_to_add = []
existing_security_rules_as_dicts = [
to_dict(security_rule) for security_rule in existing_security_rules
]
for provided_security_rule in provided_security_rules:
if not oci_common_utils.is_in_list(
existing_security_rules_as_dicts,
element=provided_security_rule):
provided_security_rules_to_add.append(provided_security_rule)
if len(provided_security_rules_to_add) == 0:
resource = AddedNetworkSecurityGroupSecurityRules(
security_rules=self.list_security_rules())
return oci_common_utils.get_result(
changed=False,
resource_type=self.resource_type,
resource=to_dict(resource),
)
else:
self.module.params[
"security_rules"] = provided_security_rules_to_add
def _bulk_delete_virtual_circuit_public_prefixes_idempotency_check(self):
existing_public_prefixes = self.list_public_prefixes()
existing_public_prefix_cidrs = [
existing_public_prefix.cidr_block
for existing_public_prefix in existing_public_prefixes
]
provided_public_prefixes = self.module.params.get("public_prefixes", [])
public_prefixes_to_delete = [
public_prefix
for public_prefix in provided_public_prefixes
if public_prefix.get("cidr_block") in existing_public_prefix_cidrs
]
if len(public_prefixes_to_delete) == 0:
return oci_common_utils.get_result(
changed=False,
resource_type=self.resource_type,
resource=to_dict(
BulkAddVirtualCircuitPublicPrefixesDetails(
public_prefixes=existing_public_prefixes
)
),
)
else:
self.module.params["public_prefixes"] = public_prefixes_to_delete
def _remove_network_security_group_rules_idempotency_check(self):
existing_security_rules = self.list_security_rules()
provided_security_rule_ids_to_delete = self.module.params.get(
"security_rule_ids", [])
security_rule_ids_to_delete = []
for existing_security_rule in existing_security_rules:
if existing_security_rule.id in provided_security_rule_ids_to_delete:
security_rule_ids_to_delete.append(existing_security_rule.id)
if len(security_rule_ids_to_delete) == 0:
# RemoveNetworkSecurityGroupSecurityRules returns nothing, but in order to keep return type consistent
# across add / remove / delete, we choose to return UpdatedNetworkSecurityGroupSecurityRules with an
# empty 'security_rules' list
resource = UpdatedNetworkSecurityGroupSecurityRules(
security_rules=self.list_security_rules())
return oci_common_utils.get_result(
changed=False,
resource_type=self.resource_type,
resource=to_dict(resource),
)
else:
self.module.params[
"security_rule_ids"] = security_rule_ids_to_delete
def _update_network_security_group_rules_idempotency_check(self):
existing_security_rules = self.list_security_rules()
provided_security_rules = self.module.params.get("security_rules", [])
existing_security_rules_as_dicts = [
to_dict(security_rule) for security_rule in existing_security_rules
]
all_rules_to_update_already_exist_and_match = True
for provided_security_rule in provided_security_rules:
if not oci_common_utils.is_in_list(
existing_security_rules_as_dicts,
element=provided_security_rule):
all_rules_to_update_already_exist_and_match = False
if all_rules_to_update_already_exist_and_match:
resource = UpdatedNetworkSecurityGroupSecurityRules(
security_rules=self.list_security_rules())
return oci_common_utils.get_result(
changed=False,
resource_type=self.resource_type,
resource=to_dict(resource),
)
def perform_action(self, action):
action_fn = self.get_action_fn(action)
if not action_fn:
self.module.fail_json(
msg="{0} not supported by the module.".format(action))
# the idempotency checks for these actions are custom since we aren't doing the regular
# check for existence, we are checking if a requested resource is present within a list
if action == self.ADD_NETWORK_SECURITY_GROUP_SECURITY_RULES_ACTION:
action_idempotency_checks_fn = (
self._add_network_security_group_rules_idempotency_check)
check_mode_response_resource = to_dict(
AddedNetworkSecurityGroupSecurityRules(security_rules=[]))
elif action == self.UPDATE_NETWORK_SECURITY_GROUP_SECURITY_RULES_ACTION:
action_idempotency_checks_fn = (
self._update_network_security_group_rules_idempotency_check)
check_mode_response_resource = to_dict(
UpdatedNetworkSecurityGroupSecurityRules(security_rules=[]))
elif action == self.REMOVE_NETWORK_SECURITY_GROUP_SECURITY_RULES_ACTION:
action_idempotency_checks_fn = (
self._remove_network_security_group_rules_idempotency_check)
# RemoveNetworkSecurityGroupSecurityRules returns nothing, but in order to keep return type consistent
# across add / remove / delete, we choose to return UpdatedNetworkSecurityGroupSecurityRules with an
# empty 'security_rules' list
check_mode_response_resource = to_dict(
UpdatedNetworkSecurityGroupSecurityRules(security_rules=[]))
else:
self.module.fail_json(
msg="Performing action failed for unrecognized action: {0}".
format(action))
result = action_idempotency_checks_fn()
if result:
return result
if self.check_mode:
return oci_common_utils.get_result(
changed=True,
resource_type=self.resource_type,
resource=check_mode_response_resource,
)
try:
action_fn()
except MaximumWaitTimeExceeded as mwtex:
self.module.fail_json(msg=str(mwtex))
except ServiceError as se:
self.module.fail_json(
msg="Performing action failed with exception: {0}".format(
se.message))
else:
# - the individual action operations return the rules that were acted on (except REMOVE which returns nothing)
# to keep consistent with patterns in other modules, we override here to return the current set of all rules
# - in order to return the same format as the generated docs for actions operations (result.security_rule.security_rules)
# we use AddedNetworkSecurityGroupSecurityRules here as a wrapper
resource = AddedNetworkSecurityGroupSecurityRules(
security_rules=self.list_security_rules())
return oci_common_utils.get_result(
changed=True,
resource_type=self.resource_type,
resource=to_dict(resource),
)
