community.aws Add support for requesting public and private ACM certificate

Add support for requesting public and private ACM certificate

Open sebastien-rosset opened this issue 2 years ago • 19 comments

SUMMARY

Add new certificate_request parameter (and sub-options) to obtain a public or private cert from ACM.
When certificate_request parameter is specified:
1. Evaluate whether to create a new certificate request, renew or do nothing.
2. Support public and private certs.
3. Certificate request is submitted to ACM.
Task output includes validation records, such as DNS CNAME records.
Add wait and wait_timeout parameters. If wait is specified, wait until the validation records are generated, then return them.

Fixes #868

ISSUE TYPE

Feature Pull Request

COMPONENT NAME

aws_acm

ADDITIONAL INFORMATION

Currently the aws_acm module only supports imported certificates. This PR is adding support for requesting a certificate.
This PR should come after #870. To leverage the refactor work that was done in #870, I have rebased this PR from the acm-tags branch.
The integration tests validate various scenarios for public certificates.
Integration tests do not currently include validation of private certificates. This would require having another ansible module that can create/delete private certificate authorities. I.e. a pre-requisite for issuing private ACM certs is to have a private certificate authority. I would like to postpone these tests until such a module exist.

Jan 15 '22 23:01 sebastien-rosset

Build failed.

ansible-test-sanity-docker-devel : SUCCESS in 10m 08s (non-voting)
ansible-test-sanity-docker-milestone : SUCCESS in 13m 21s
ansible-test-sanity-docker-stable-2.9 : TIMED_OUT in 1h 02m 00s
ansible-test-sanity-docker-stable-2.10 : SUCCESS in 9m 44s
ansible-test-sanity-docker-stable-2.11 : SUCCESS in 10m 13s
ansible-test-sanity-docker-stable-2.12 : SUCCESS in 12m 27s
ansible-test-units-community-aws-python38 : SUCCESS in 8m 29s
build-ansible-collection : SUCCESS in 5m 23s
ansible-test-splitter : SUCCESS in 3m 31s
ansible-test-cloud-integration-aws-py38_0 : SUCCESS in 5m 38s
ansible-test-cloud-integration-aws-py38_1 : SKIPPED
ansible-test-cloud-integration-aws-py38_2 : SKIPPED
ansible-test-cloud-integration-aws-py38_3 : SKIPPED
ansible-test-cloud-integration-aws-py38_4 : SKIPPED
ansible-test-cloud-integration-aws-py38_5 : SKIPPED
ansible-galaxy-importer : FAILURE in 5m 16s (non-voting)

Jan 16 '22 00:01 softwarefactory-project-zuul[bot]

Build succeeded.

ansible-test-sanity-docker-devel : SUCCESS in 9m 27s (non-voting)
ansible-test-sanity-docker-milestone : SUCCESS in 11m 22s
ansible-test-sanity-docker-stable-2.9 : SUCCESS in 12m 12s
ansible-test-sanity-docker-stable-2.10 : SUCCESS in 10m 46s
ansible-test-sanity-docker-stable-2.11 : SUCCESS in 11m 49s
ansible-test-sanity-docker-stable-2.12 : SUCCESS in 9m 59s
ansible-test-units-community-aws-python38 : SUCCESS in 7m 22s
build-ansible-collection : SUCCESS in 7m 27s
ansible-test-splitter : SUCCESS in 3m 34s
ansible-test-cloud-integration-aws-py38_0 : SUCCESS in 6m 51s
ansible-test-cloud-integration-aws-py38_1 : SKIPPED
ansible-test-cloud-integration-aws-py38_2 : SKIPPED
ansible-test-cloud-integration-aws-py38_3 : SKIPPED
ansible-test-cloud-integration-aws-py38_4 : SKIPPED
ansible-test-cloud-integration-aws-py38_5 : SKIPPED
ansible-galaxy-importer : FAILURE in 4m 48s (non-voting)

Jan 17 '22 05:01 softwarefactory-project-zuul[bot]

Build succeeded.

ansible-galaxy-importer : FAILURE in 6m 09s (non-voting)
build-ansible-collection : SUCCESS in 6m 08s
ansible-test-sanity-docker-devel : SUCCESS in 12m 17s (non-voting)
ansible-test-sanity-docker-milestone : SUCCESS in 11m 44s
ansible-test-sanity-docker-stable-2.9 : SUCCESS in 12m 53s
ansible-test-sanity-docker-stable-2.10 : SUCCESS in 13m 25s
ansible-test-sanity-docker-stable-2.11 : SUCCESS in 10m 42s
ansible-test-sanity-docker-stable-2.12 : SUCCESS in 10m 07s
ansible-test-units-community-aws-python38 : SUCCESS in 7m 51s
ansible-test-splitter : SUCCESS in 3m 27s
ansible-test-cloud-integration-aws-py38_0 : SUCCESS in 6m 52s
ansible-test-cloud-integration-aws-py38_1 : SKIPPED
ansible-test-cloud-integration-aws-py38_2 : SKIPPED
ansible-test-cloud-integration-aws-py38_3 : SKIPPED
ansible-test-cloud-integration-aws-py38_4 : SKIPPED
ansible-test-cloud-integration-aws-py38_5 : SKIPPED

Jan 17 '22 23:01 softwarefactory-project-zuul[bot]

Build failed.

ansible-galaxy-importer : FAILURE in 9m 28s (non-voting)
build-ansible-collection : SUCCESS in 15m 26s
ansible-test-sanity-docker-devel : FAILURE in 14m 16s (non-voting)
ansible-test-sanity-docker-milestone : FAILURE in 12m 38s
ansible-test-sanity-docker-stable-2.9 : FAILURE in 15m 53s
ansible-test-sanity-docker-stable-2.10 : FAILURE in 13m 28s
ansible-test-sanity-docker-stable-2.11 : FAILURE in 14m 12s
ansible-test-sanity-docker-stable-2.12 : FAILURE in 14m 03s
ansible-test-units-community-aws-python38 : SUCCESS in 10m 11s
ansible-test-splitter : SUCCESS in 4m 54s
ansible-test-cloud-integration-aws-py38_0 : SUCCESS in 10m 26s
ansible-test-cloud-integration-aws-py38_1 : SKIPPED
ansible-test-cloud-integration-aws-py38_2 : SKIPPED
ansible-test-cloud-integration-aws-py38_3 : SKIPPED
ansible-test-cloud-integration-aws-py38_4 : SKIPPED
ansible-test-cloud-integration-aws-py38_5 : SKIPPED

Jan 18 '22 00:01 softwarefactory-project-zuul[bot]

Build failed.

ansible-galaxy-importer : FAILURE in 4m 48s (non-voting)
build-ansible-collection : SUCCESS in 9m 26s
ansible-test-sanity-docker-devel : FAILURE in 12m 51s (non-voting)
ansible-test-sanity-docker-milestone : FAILURE in 10m 47s
ansible-test-sanity-docker-stable-2.9 : FAILURE in 16m 56s
ansible-test-sanity-docker-stable-2.10 : FAILURE in 11m 48s
ansible-test-sanity-docker-stable-2.11 : FAILURE in 10m 28s
ansible-test-sanity-docker-stable-2.12 : FAILURE in 11m 20s
ansible-test-units-community-aws-python38 : SUCCESS in 7m 22s
ansible-test-splitter : SUCCESS in 3m 36s
ansible-test-cloud-integration-aws-py38_0 : SUCCESS in 7m 15s
ansible-test-cloud-integration-aws-py38_1 : SKIPPED
ansible-test-cloud-integration-aws-py38_2 : SKIPPED
ansible-test-cloud-integration-aws-py38_3 : SKIPPED
ansible-test-cloud-integration-aws-py38_4 : SKIPPED
ansible-test-cloud-integration-aws-py38_5 : SKIPPED

Jan 18 '22 01:01 softwarefactory-project-zuul[bot]

Build failed.

ansible-galaxy-importer : FAILURE in 7m 05s (non-voting)
build-ansible-collection : SUCCESS in 5m 59s
ansible-test-sanity-docker-devel : FAILURE in 11m 08s (non-voting)
ansible-test-sanity-docker-milestone : FAILURE in 9m 37s
ansible-test-sanity-docker-stable-2.9 : SUCCESS in 11m 51s
ansible-test-sanity-docker-stable-2.10 : SUCCESS in 11m 13s
ansible-test-sanity-docker-stable-2.11 : FAILURE in 11m 44s
ansible-test-sanity-docker-stable-2.12 : FAILURE in 10m 45s
ansible-test-units-community-aws-python38 : SUCCESS in 7m 50s
ansible-test-splitter : SUCCESS in 2m 57s
ansible-test-cloud-integration-aws-py38_0 : SUCCESS in 6m 25s
ansible-test-cloud-integration-aws-py38_1 : SKIPPED
ansible-test-cloud-integration-aws-py38_2 : SKIPPED
ansible-test-cloud-integration-aws-py38_3 : SKIPPED
ansible-test-cloud-integration-aws-py38_4 : SKIPPED
ansible-test-cloud-integration-aws-py38_5 : SKIPPED

Jan 18 '22 02:01 softwarefactory-project-zuul[bot]

Build failed.

ansible-galaxy-importer : FAILURE in 5m 02s (non-voting)
build-ansible-collection : SUCCESS in 6m 25s
ansible-test-sanity-docker-devel : FAILURE in 11m 23s (non-voting)
ansible-test-sanity-docker-milestone : FAILURE in 16m 16s
ansible-test-sanity-docker-stable-2.9 : SUCCESS in 18m 27s
ansible-test-sanity-docker-stable-2.10 : SUCCESS in 13m 43s
ansible-test-sanity-docker-stable-2.11 : FAILURE in 19m 33s
ansible-test-sanity-docker-stable-2.12 : FAILURE in 12m 14s
ansible-test-units-community-aws-python38 : SUCCESS in 9m 10s
ansible-test-splitter : SUCCESS in 4m 05s
ansible-test-cloud-integration-aws-py38_0 : SUCCESS in 9m 20s
ansible-test-cloud-integration-aws-py38_1 : SKIPPED
ansible-test-cloud-integration-aws-py38_2 : SKIPPED
ansible-test-cloud-integration-aws-py38_3 : SKIPPED
ansible-test-cloud-integration-aws-py38_4 : SKIPPED
ansible-test-cloud-integration-aws-py38_5 : SKIPPED

Jan 18 '22 16:01 softwarefactory-project-zuul[bot]

Build failed.

ansible-galaxy-importer : FAILURE in 6m 06s (non-voting)
build-ansible-collection : SUCCESS in 7m 30s
ansible-test-sanity-docker-devel : FAILURE in 11m 11s (non-voting)
ansible-test-sanity-docker-milestone : FAILURE in 18m 18s
ansible-test-sanity-docker-stable-2.9 : FAILURE in 16m 13s
ansible-test-sanity-docker-stable-2.10 : FAILURE in 12m 18s
ansible-test-sanity-docker-stable-2.11 : FAILURE in 12m 24s
ansible-test-sanity-docker-stable-2.12 : FAILURE in 10m 49s
ansible-test-units-community-aws-python38 : SUCCESS in 9m 58s
ansible-test-splitter : SUCCESS in 6m 43s
ansible-test-cloud-integration-aws-py38_0 : SUCCESS in 8m 58s
ansible-test-cloud-integration-aws-py38_1 : SKIPPED
ansible-test-cloud-integration-aws-py38_2 : SKIPPED
ansible-test-cloud-integration-aws-py38_3 : SKIPPED
ansible-test-cloud-integration-aws-py38_4 : SKIPPED
ansible-test-cloud-integration-aws-py38_5 : SKIPPED

Jan 19 '22 00:01 softwarefactory-project-zuul[bot]

Build failed.

ansible-galaxy-importer : FAILURE in 5m 01s (non-voting)
build-ansible-collection : SUCCESS in 6m 24s
ansible-test-sanity-docker-devel : FAILURE in 11m 37s (non-voting)
ansible-test-sanity-docker-milestone : FAILURE in 11m 57s
ansible-test-sanity-docker-stable-2.9 : FAILURE in 17m 24s
ansible-test-sanity-docker-stable-2.10 : FAILURE in 12m 14s
ansible-test-sanity-docker-stable-2.11 : FAILURE in 10m 39s
ansible-test-sanity-docker-stable-2.12 : FAILURE in 11m 20s
ansible-test-units-community-aws-python38 : SUCCESS in 8m 09s
ansible-test-splitter : SUCCESS in 4m 11s
ansible-test-cloud-integration-aws-py38_0 : SUCCESS in 6m 25s
ansible-test-cloud-integration-aws-py38_1 : SKIPPED
ansible-test-cloud-integration-aws-py38_2 : SKIPPED
ansible-test-cloud-integration-aws-py38_3 : SKIPPED
ansible-test-cloud-integration-aws-py38_4 : SKIPPED
ansible-test-cloud-integration-aws-py38_5 : SKIPPED

Jan 19 '22 01:01 softwarefactory-project-zuul[bot]

Build succeeded.

ansible-galaxy-importer : FAILURE in 9m 12s (non-voting)
build-ansible-collection : SUCCESS in 6m 57s
ansible-test-sanity-docker-devel : SUCCESS in 14m 11s (non-voting)
ansible-test-sanity-docker-milestone : SUCCESS in 10m 39s
ansible-test-sanity-docker-stable-2.9 : SUCCESS in 20m 09s
ansible-test-sanity-docker-stable-2.10 : SUCCESS in 12m 25s
ansible-test-sanity-docker-stable-2.11 : SUCCESS in 12m 34s
ansible-test-sanity-docker-stable-2.12 : SUCCESS in 11m 44s
ansible-test-units-community-aws-python38 : SUCCESS in 6m 56s
ansible-test-splitter : SUCCESS in 4m 55s
ansible-test-cloud-integration-aws-py38_0 : SUCCESS in 6m 06s
ansible-test-cloud-integration-aws-py38_1 : SKIPPED
ansible-test-cloud-integration-aws-py38_2 : SKIPPED
ansible-test-cloud-integration-aws-py38_3 : SKIPPED
ansible-test-cloud-integration-aws-py38_4 : SKIPPED
ansible-test-cloud-integration-aws-py38_5 : SKIPPED

Jan 19 '22 02:01 softwarefactory-project-zuul[bot]

Build failed.

ansible-galaxy-importer : FAILURE in 7m 00s (non-voting)
build-ansible-collection : SUCCESS in 6m 06s
ansible-test-sanity-docker-devel : SUCCESS in 12m 22s (non-voting)
ansible-test-sanity-docker-milestone : SUCCESS in 11m 46s
ansible-test-sanity-docker-stable-2.9 : SUCCESS in 13m 38s
ansible-test-sanity-docker-stable-2.10 : SUCCESS in 14m 27s
ansible-test-sanity-docker-stable-2.11 : SUCCESS in 13m 32s
ansible-test-sanity-docker-stable-2.12 : SUCCESS in 14m 11s
ansible-test-units-community-aws-python38 : SUCCESS in 9m 20s
ansible-test-splitter : SUCCESS in 3m 40s
ansible-test-cloud-integration-aws-py38_0 : FAILURE in 9m 05s
ansible-test-cloud-integration-aws-py38_1 : SKIPPED
ansible-test-cloud-integration-aws-py38_2 : SKIPPED
ansible-test-cloud-integration-aws-py38_3 : SKIPPED
ansible-test-cloud-integration-aws-py38_4 : SKIPPED
ansible-test-cloud-integration-aws-py38_5 : SKIPPED

Jan 19 '22 06:01 softwarefactory-project-zuul[bot]

Build failed.

ansible-galaxy-importer : FAILURE in 6m 25s (non-voting)
build-ansible-collection : SUCCESS in 5m 44s
ansible-test-sanity-docker-devel : SUCCESS in 11m 10s (non-voting)
ansible-test-sanity-docker-milestone : SUCCESS in 10m 01s
ansible-test-sanity-docker-stable-2.9 : SUCCESS in 14m 03s
ansible-test-sanity-docker-stable-2.10 : SUCCESS in 11m 14s
ansible-test-sanity-docker-stable-2.11 : SUCCESS in 10m 39s
ansible-test-sanity-docker-stable-2.12 : SUCCESS in 10m 59s
ansible-test-units-community-aws-python38 : SUCCESS in 9m 03s
ansible-test-splitter : SUCCESS in 3m 30s
ansible-test-cloud-integration-aws-py38_0 : FAILURE in 7m 06s
ansible-test-cloud-integration-aws-py38_1 : SKIPPED
ansible-test-cloud-integration-aws-py38_2 : SKIPPED
ansible-test-cloud-integration-aws-py38_3 : SKIPPED
ansible-test-cloud-integration-aws-py38_4 : SKIPPED
ansible-test-cloud-integration-aws-py38_5 : SKIPPED

Jan 19 '22 21:01 softwarefactory-project-zuul[bot]

Build failed.

ansible-galaxy-importer : FAILURE in 4m 24s (non-voting)
build-ansible-collection : SUCCESS in 5m 45s
ansible-test-sanity-docker-devel : SUCCESS in 10m 08s (non-voting)
ansible-test-sanity-docker-milestone : SUCCESS in 10m 56s
ansible-test-sanity-docker-stable-2.9 : SUCCESS in 11m 27s
ansible-test-sanity-docker-stable-2.10 : SUCCESS in 13m 19s
ansible-test-sanity-docker-stable-2.11 : SUCCESS in 10m 06s
ansible-test-sanity-docker-stable-2.12 : SUCCESS in 9m 21s
ansible-test-units-community-aws-python38 : SUCCESS in 8m 04s
ansible-test-splitter : SUCCESS in 2m 31s
ansible-test-cloud-integration-aws-py38_0 : FAILURE in 6m 49s
ansible-test-cloud-integration-aws-py38_1 : SKIPPED
ansible-test-cloud-integration-aws-py38_2 : SKIPPED
ansible-test-cloud-integration-aws-py38_3 : SKIPPED
ansible-test-cloud-integration-aws-py38_4 : SKIPPED
ansible-test-cloud-integration-aws-py38_5 : SKIPPED

Jan 21 '22 01:01 softwarefactory-project-zuul[bot]

@sebastien-rosset this PR contains the following merge commits:

https://github.com/ansible-collections/community.aws/commit/f9b4e94b9795368186b0bab35d790c7f9e47fd9f
https://github.com/ansible-collections/community.aws/commit/247dbc210e81be2cbd60b71e4341b32dbc8e9904
https://github.com/ansible-collections/community.aws/commit/f0994bd0ff92735174bae1b90298cc3f22e7bc4b
https://github.com/ansible-collections/community.aws/commit/feceacb7ebf265dc94af3d8a45f736ee8092013d

Please rebase your branch to remove these commits.

click here for bot help

Jan 27 '22 23:01 ansibullbot

Build failed.

ansible-galaxy-importer : FAILURE in 4m 03s (non-voting)
build-ansible-collection : SUCCESS in 3m 49s
ansible-test-sanity-docker-devel : SUCCESS in 9m 48s (non-voting)
ansible-test-sanity-docker-milestone : SUCCESS in 9m 06s
ansible-test-sanity-docker-stable-2.9 : SUCCESS in 15m 04s
ansible-test-sanity-docker-stable-2.10 : SUCCESS in 11m 09s
ansible-test-sanity-docker-stable-2.11 : SUCCESS in 10m 20s
ansible-test-sanity-docker-stable-2.12 : SUCCESS in 9m 29s
ansible-test-units-community-aws-python38 : SUCCESS in 8m 47s
ansible-test-splitter : SUCCESS in 2m 52s
ansible-test-cloud-integration-aws-py38_0 : FAILURE in 5m 56s
ansible-test-cloud-integration-aws-py38_1 : SKIPPED
ansible-test-cloud-integration-aws-py38_2 : SKIPPED
ansible-test-cloud-integration-aws-py38_3 : SKIPPED
ansible-test-cloud-integration-aws-py38_4 : SKIPPED
ansible-test-cloud-integration-aws-py38_5 : SKIPPED

Jan 28 '22 00:01 softwarefactory-project-zuul[bot]

cc @jillr @markuman @matt-telstra @s-hertel @tremble click here for bot help

Jan 28 '22 00:01 ansibullbot

Build failed.

ansible-galaxy-importer : FAILURE in 6m 01s (non-voting)
build-ansible-collection : SUCCESS in 4m 15s
ansible-test-sanity-docker-devel : SUCCESS in 14m 00s (non-voting)
ansible-test-sanity-docker-milestone : SUCCESS in 20m 04s
ansible-test-sanity-docker-stable-2.9 : SUCCESS in 24m 14s
ansible-test-sanity-docker-stable-2.10 : SUCCESS in 19m 58s
ansible-test-sanity-docker-stable-2.11 : SUCCESS in 22m 38s
ansible-test-sanity-docker-stable-2.12 : SUCCESS in 12m 15s
ansible-test-units-community-aws-python38 : SUCCESS in 11m 00s
ansible-test-splitter : SUCCESS in 4m 06s
ansible-test-cloud-integration-aws-py38_0 : FAILURE in 17m 10s
ansible-test-cloud-integration-aws-py38_1 : SKIPPED
ansible-test-cloud-integration-aws-py38_2 : SKIPPED
ansible-test-cloud-integration-aws-py38_3 : SKIPPED
ansible-test-cloud-integration-aws-py38_4 : SKIPPED
ansible-test-cloud-integration-aws-py38_5 : SKIPPED

Jan 28 '22 00:01 softwarefactory-project-zuul[bot]

Build failed.

ansible-galaxy-importer : FAILURE in 3m 54s (non-voting)
build-ansible-collection : SUCCESS in 4m 30s
ansible-test-sanity-docker-devel : SUCCESS in 10m 36s (non-voting)
ansible-test-sanity-docker-milestone : SUCCESS in 13m 53s
ansible-test-sanity-docker-stable-2.9 : SUCCESS in 15m 46s
ansible-test-sanity-docker-stable-2.10 : SUCCESS in 14m 12s
ansible-test-sanity-docker-stable-2.11 : SUCCESS in 11m 35s
ansible-test-sanity-docker-stable-2.12 : SUCCESS in 9m 56s
ansible-test-units-community-aws-python38 : SUCCESS in 7m 04s
ansible-test-splitter : SUCCESS in 4m 42s
ansible-test-cloud-integration-aws-py38_0 : FAILURE in 15m 51s
ansible-test-cloud-integration-aws-py38_1 : SKIPPED
ansible-test-cloud-integration-aws-py38_2 : SKIPPED
ansible-test-cloud-integration-aws-py38_3 : SKIPPED
ansible-test-cloud-integration-aws-py38_4 : SKIPPED
ansible-test-cloud-integration-aws-py38_5 : SKIPPED

Jan 30 '22 15:01 softwarefactory-project-zuul[bot]

Merge Failed.

This change or one of its cross-repo dependencies was unable to be automatically merged with the current state of its repository. Please rebase the change and upload a new patchset.

Mar 31 '22 14:03 softwarefactory-project-zuul[bot]

community.aws community.aws copied to clipboard

Add support for requesting public and private ACM certificate

SUMMARY

ISSUE TYPE

COMPONENT NAME

ADDITIONAL INFORMATION

community.aws
community.aws copied to clipboard