From b6c401ccc8e1254ce2018ee1e88147da7538620b Mon Sep 17 00:00:00 2001
From: Yuwei Zhou <yuwzho@microsoft.com>
Date: Wed, 22 Nov 2017 11:20:00 +0800
Subject: [PATCH] Fixes #30863: support update source_address_prefix in
 azure_rm_securitygroup (#32614)

* compare source address prefix

* remove useless quote
---
 .../cloud/azure/azure_rm_securitygroup.py     |  3 ++
 .../azure_rm_securitygroup/tasks/main.yml     | 31 +++++++++++--------
 2 files changed, 21 insertions(+), 13 deletions(-)

diff --git a/lib/ansible/modules/cloud/azure/azure_rm_securitygroup.py b/lib/ansible/modules/cloud/azure/azure_rm_securitygroup.py
index c934eddb27..9a4653f59f 100644
--- a/lib/ansible/modules/cloud/azure/azure_rm_securitygroup.py
+++ b/lib/ansible/modules/cloud/azure/azure_rm_securitygroup.py
@@ -426,6 +426,9 @@ def compare_rules(r, rule):
         if rule['direction'] != r['direction']:
             changed = True
             r['direction'] = rule['direction']
+        if rule['source_address_prefix'] != str(r['source_address_prefix']):
+            changed = True
+            r['source_address_prefix'] = rule['source_address_prefix']
     return matched, changed
 
 
diff --git a/test/integration/targets/azure_rm_securitygroup/tasks/main.yml b/test/integration/targets/azure_rm_securitygroup/tasks/main.yml
index 82aed4269d..8db5cef0ab 100644
--- a/test/integration/targets/azure_rm_securitygroup/tasks/main.yml
+++ b/test/integration/targets/azure_rm_securitygroup/tasks/main.yml
@@ -14,9 +14,9 @@
             access: Deny
             priority: 100
             direction: Inbound
-          - name: 'AllowSSH'
+          - name: AllowSSH
             protocol: Tcp
-            source_address_prefix: '174.109.158.0/24'
+            source_address_prefix: 174.109.158.0/24
             destination_port_range: 22
             access: Allow
             priority: 101
@@ -41,33 +41,38 @@
       resource_group: "{{ resource_group }}"
       name: mysecgroup
       rules:
-          - name: DenySSH
+          - name: AllowSSH
             protocol: Tcp
-            destination_port_range: 22-23
-            access: Deny
-            priority: 100
+            source_address_prefix: 174.108.158.0/24
+            destination_port_range: 22
+            access: Allow
+            priority: 101
           - name: AllowSSHFromHome
             protocol: Tcp
-            source_address_prefix: '174.109.158.0/24'
+            source_address_prefix: 174.109.158.0/24
             destination_port_range: 22-23
             priority: 102
   register: output
 
-- assert: { that: "{{ output.state.rules | length }} == 3" }
+- assert: 
+      that:
+          - "{{ output.state.rules | length }} == 3"
+          - output.state.rules[1].source_address_prefix == '174.108.158.0/24'
 
 - name: Test idempotence
   azure_rm_securitygroup:
       resource_group: "{{ resource_group }}"
       name: mysecgroup
       rules:
-          - name: DenySSH
+          - name: AllowSSH
             protocol: Tcp
-            destination_port_range: 22-23
-            access: Deny
-            priority: 100
+            source_address_prefix: 174.108.158.0/24
+            destination_port_range: 22
+            access: Allow
+            priority: 101
           - name: AllowSSHFromHome
             protocol: Tcp
-            source_address_prefix: '174.109.158.0/24'
+            source_address_prefix: 174.109.158.0/24
             destination_port_range: 22-23
             priority: 102
   register: output