Add diff mode for ec2_group (#44533)

* Add (preview) diff mode support ec2_group * Add diff mode to some ec2_group integration tests * Remove unnecessary arguments and add comment to the module notes * Add changelog
2025-10-24 04:54:00 -07:00 · 2018-08-23 19:43:18 -04:00 · 2018-08-23 19:43:18 -04:00 · 79ecb4c41f
commit 79ecb4c41f
parent b152515fcb
5 changed files with 149 additions and 5 deletions
--- a/test/integration/targets/ec2_group/tasks/egress_tests.yml
+++ b/test/integration/targets/ec2_group/tasks/egress_tests.yml
@ -121,6 +121,29 @@
        that:
          - result.ip_permissions_egress|length == 2

+    - name: Purge the second rule (CHECK MODE) (DIFF MODE)
+      ec2_group:
+        name: '{{ec2_group_name}}-egress-tests'
+        description: '{{ec2_group_description}}'
+        vpc_id: '{{ vpc_result.vpc.id }}'
+        rules_egress:
+        - proto: tcp
+          ports:
+          - 1212
+          cidr_ip: 1.2.1.2/32
+        <<: *aws_connection_info
+        state: present
+      register: result
+      check_mode: True
+      diff: True
+
+    - name: assert first rule will be left
+      assert:
+        that:
+          - result.changed
+          - result.diff.0.after.ip_permissions_egress|length == 1
+          - result.diff.0.after.ip_permissions_egress[0].ip_ranges[0].cidr_ip == '1.2.1.2/32'
+
    - name: Purge the second rule
      ec2_group:
        name: '{{ec2_group_name}}-egress-tests'
--- a/test/integration/targets/ec2_group/tasks/main.yml
+++ b/test/integration/targets/ec2_group/tasks/main.yml
@ -288,12 +288,15 @@
              cidr_ipv6: "64:ff9b::/96"
            <<: *aws_connection_info
          check_mode: true
+          diff: true
          register: result

        - name: assert state=present (expected changed=true)
          assert:
            that:
               - 'result.changed'
+               - 'result.diff.0.before.ip_permissions == result.diff.0.after.ip_permissions'
+               - 'result.diff.0.before.ip_permissions_egress != result.diff.0.after.ip_permissions_egress'

        # ============================================================
        - name: test rules_egress state=present for ipv6 (expected changed=true)
@ -330,12 +333,14 @@
            vpc_id: '{{ vpc_result.vpc.id }}'
            <<: *aws_connection_info
          check_mode: true
+          diff: true
          register: result

        - name: assert group was removed
          assert:
            that:
              - 'result.changed'
+              - 'not result.diff.0.after'

        # ============================================================
        - name: test state=absent (expected changed=true)
@ -405,8 +410,13 @@
          to_port: 8182
          cidr_ip: "1.1.1.1/32"
      check_mode: true
+      diff: true
      register: check_result

+    - assert:
+        that:
+          - not check_result.changed
+          - check_result.diff.0.before.ip_permissions.0 == check_result.diff.0.after.ip_permissions.0

    # ============================================================
    - name: add same rule to the existing group  (expected changed=false)
@ -877,12 +887,16 @@
          tag1: test1
          tag2: test2
      check_mode: true
+      diff: true
      register: result

    - name: assert that tags were added (expected changed=true)
      assert:
        that:
          - 'result.changed'
+          - 'not result.diff.0.before.tags'
+          - 'result.diff.0.after.tags.tag1 == "test1"'
+          - 'result.diff.0.after.tags.tag2 == "test2"'

    # ============================================================
    - name: test adding tags (expected changed=true)