Skip to content

Bug to handle duplicate subnet across different vpc networks #560

New issue
New issue
Open
#561
Open
Bug to handle duplicate subnet across different vpc networks#560
#561
Labels
bugSomething isn't working
@jimmycgz

Description

@jimmycgz
jimmycgz
opened on Mar 2, 2023
SUMMARY

GCP doesn't allow to create any subnet with the same name in the same region if already exists in any other VPC network, and the original module doesn't throw error. This PR suggests adding a condition check and error out for this scenario.

ISSUE TYPE
  • Bug Report
COMPONENT NAME

plugins/modules/gcp_compute_subnetwork.py

ANSIBLE VERSION
ansible [core 2.14.2]
  config file = /Users/x/proj/hands-on/ansible/sbn-bug-ansible/playbooks/ansible.cfg
  configured module search path = ['/Users/x/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/local/lib/python3.9/site-packages/ansible
  ansible collection location = /Users/x/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/local/bin/ansible
  python version = 3.9.16 (main, Dec  7 2022, 10:16:11) [Clang 14.0.0 (clang-1400.0.29.202)] (/usr/local/opt/[email protected]/bin/python3.9)
  jinja version = 3.0.1
  libyaml = True
COLLECTION VERSION
nothing special, just local ansible.cfg
CONFIGURATION
ansible [core 2.14.2]
OS / ENVIRONMENT

MacOS 13.0 (22A380)

STEPS TO REPRODUCE

#A1: create a network vpc-a
#A2: create a subnetwork subnet-a in vpc-a
#B1: create another network vpc-b
#B2: create a same-name subnetwork subnet-a in vpc-b

---
- name: Define variables
  set_fact:
    project: your-project-name
    region: us-east4
    gcp_auth_kind: application

- name: "#A1: create a network vpc-a"
  google.cloud.gcp_compute_network:
    name: "vpc-a"
    auto_create_subnetworks: 'false'
    project: "{{ project }}"
    auth_kind: "{{ gcp_auth_kind }}"
    state: present
  register: network_a

- name: "#A2: create a subnetwork subnet-a in vpc-a"
  google.cloud.gcp_compute_subnetwork:
    name: "subnet-a"
    region: "{{ region }}"
    network: "{{ network_a }}"
    ip_cidr_range: 172.16.0.0/20
    project: "{{ project }}"
    auth_kind: "{{ gcp_auth_kind }}"
    state: present

- name: "#B1: create another network vpc-b"
  google.cloud.gcp_compute_network:
    name: "vpc-b"
    auto_create_subnetworks: 'false'
    project: "{{ project }}"
    auth_kind: "{{ gcp_auth_kind }}"
    state: present
  register: network_b

- name: "#B2: create a same name subnetwork subnet-a in vpc-b"
  google.cloud.gcp_compute_subnetwork:
    name: "subnet-a"
    region: "{{ region }}"
    network: "{{ network_b }}"
    ip_cidr_range: 172.16.0.0/20
    project: "{{ project }}"
    auth_kind: "{{ gcp_auth_kind }}"
    state: present
EXPECTED RESULTS

Task #B2 should throw an error saying the same name subnet already exists in another VPC network (vpc-a).

ACTUAL RESULTS

The original module finds the subnet and shows it on a different VPC network (vpc-a), and continues to call the Update() function and actually does nothing. No any error and no any subnet created at vpc-b.

changed: [localhost] => {
    "changed": true,
    "creationTimestamp": "2023-03-02T05:37:59.024-08:00",
    "fingerprint": "HQ6lQkX4WFI=",
    "gatewayAddress": "172.16.0.1",
    "id": "8170811963898402904",
    "invocation": {
        "module_args": {
            "auth_kind": "application",
            "description": null,
            "env_type": null,
            "ip_cidr_range": "172.16.0.0/13",
            "name": "subnet-a",
            "network": {
                "ansible_facts": {
                    "discovered_interpreter_python": "/usr/local/bin/python3.11"
                },
                "autoCreateSubnetworks": false,
                "changed": false,
                "creationTimestamp": "2023-03-01T08:54:08.590-08:00",
                "failed": false,
                "id": "2564930274501737951",
                "kind": "compute#network",
                "name": "vpc-b",
                "networkFirewallPolicyEnforcementOrder": "AFTER_CLASSIC_FIREWALL",
                "routingConfig": {
                    "routingMode": "REGIONAL"
                },
                "selfLink": "https://www.googleapis.com/compute/v1/projects/xx-demo/global/networks/vpc-b",
                "selfLinkWithId": "https://www.googleapis.com/compute/v1/projects/xx-demo/global/networks/2564930274501737951",
                "subnetworks": [
                ],
                "warnings": [
                    ..
                ]
            },
            "private_ip_google_access": false,
            "private_ipv6_google_access": null,
            "project": "xx-demo",
            "region": "us-east4",
            "scopes": [
                "https://www.googleapis.com/auth/compute"
            ],
            "secondary_ip_ranges": null,
            "service_account_contents": null,
            "service_account_email": null,
            "service_account_file": null,
            "state": "present"
        }
    },
    "ipCidrRange": "172.16.0.0/14",
    "kind": "compute#subnetwork",
    "name": "subnet-a",
    "network": "https://www.googleapis.com/compute/v1/projects/xx-demo/global/networks/vpc-a",
    "privateIpGoogleAccess": false,
    "privateIpv6GoogleAccess": "DISABLE_GOOGLE_ACCESS",
    "purpose": "PRIVATE",
    "region": "https://www.googleapis.com/compute/v1/projects/xx-demo/regions/us-east4",
    "selfLink": "https://www.googleapis.com/compute/v1/projects/xx-demo/regions/us-east4/subnetworks/subnet-a",
    "stackType": "IPV4_ONLY"
}

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions