Skip to content

add ability to detect and update network tags.#469

Open
tall3n wants to merge 2 commits intoansible-collections:masterfrom
tall3n:add-ability-to-update-network-tags
Open

add ability to detect and update network tags.#469
tall3n wants to merge 2 commits intoansible-collections:masterfrom
tall3n:add-ability-to-update-network-tags

Conversation

@tall3n
Copy link
Copy Markdown

@tall3n tall3n commented Nov 24, 2021
edited
Loading

SUMMARY

When doing infrastructure as code it is expected that changes to code base will be reflected in the cloud platform. In this scenario changes to tags in the code base did not make its way to the cloud platform. This change rectifies this and follows the same principals as labels.

ISSUE TYPE
  • Feature Pull Request
COMPONENT NAME

gcp_compute_instance

ADDITIONAL INFORMATION

Tags are currently created on instance instantiation, this fix allows network tags to be updated using gitops methodologies. For example, down the road if network tags need to be added are removed they can be done so through code.

Testing Scenario:

Existing Instance with no network tags.

  1. Define Tags
  2. Ensure Tags are set properly

Existing Instance with network tags.

  1. Remove tags from module parameters
  2. Ensure Tags are removed

New Instance

  1. Create New Instance
  2. Ensure Tags are set as expected.
  1. Create Instance with No Tags
  2. Update Tags in Code
  3. Observe Tags did not change
Before:
  "tags": {
      "fingerprint": "42WmSpB8rSM="
  },

After:        
"tags": {
            "fingerprint": "s78FYhaXW7M=",
            "items": [
                "vpn"
            ]
        },

@dhendry
Copy link
Copy Markdown

dhendry commented Jan 14, 2022

@tall3n any update on this? The fact you cannot manage network tags via this module feels like its a huge problem - how do you manage firewall rules in a VPC otherwise?

Would be great to get this feature in - code changes look really minor.

cc: @rambleraptor as it looks like you are one of the main contributors here (thanks!)

@tall3n
Copy link
Copy Markdown
Author

tall3n commented Feb 11, 2022

@dhendry

Not sure why I didn't get alerted to your comment, apologize for the late reply.

The firewall rules wasn't a huge problem as much as getting instances post creation to have their instance tags manipulated by reruns.

Because of this issue, we started using pulumi for the infrastructure as we had better full comparative diffs/updates and it fit our flexibility needs on par with ansible.

Until we made the move to using pulumi i just used this code to maintain instance tags.

@toumorokoshi toumorokoshi added the enhancement New feature or request label Nov 12, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

enhancement New feature or request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@tall3n @dhendry @toumorokoshi