Allow optional deletion of GCP Custom roles during teardown #44
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
When a custom role on GCP is 'deleted', it is actually only marked for deletion and may not be fully removed for 7-14days, during which time it may be undeleted. The role already handles this option. However once it is fully deleted, the same name may not be reused for 30 days, meaning that a deleted custom role is ambiguously unavailable for the next 37-44 days. Therefore in this change, we break out the GCP custom roles to a separate deletion flag, which defaults to yes Signed-off-by: Daniel Chaffelson <[email protected]>
Chaffelson
added
the
enhancement
wmudge
reviewed
Sep 20, 2021
| describe {{ plat__gcp_log_role_name }} | ||
| --project={{ plat__gcp_project }} | ||
| register: __gcp_custom_log_role_info | ||
| failed_when: |
There was a problem hiding this comment.
Can this be combined with the assert below?
There was a problem hiding this comment.
I need to run the command to get the response message, but I'm not aware of a method to give a detailed fail_msg in a failed_when?
wmudge
approved these changes
Sep 20, 2021
cmperro
reviewed
Oct 6, 2021
wmudge
added a commit
to wmudge/cloudera.exe
that referenced
this pull request
Aug 12, 2025
Signed-off-by: Webster Mudge <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
When a custom role on GCP is 'deleted', it is actually only marked for deletion and may not be fully removed for 7-14days, during which time it may be undeleted. The role already handles this option.
However once it is fully deleted, the same name (role_id) may not be reused for 30 days, meaning that a deleted custom role is ambiguously unavailable for the 37-44 days following a deletion request.
Therefore in this change, we break out the GCP custom roles to a separate deletion flag, which defaults to yes.
We also handle undelete, and failed undelete elegantly with a meaningful error message.
We also remove the extraneous loop on the custom role, as there is only a single one handled.
Signed-off-by: Daniel Chaffelson [email protected]