From b6c401ccc8e1254ce2018ee1e88147da7538620b Mon Sep 17 00:00:00 2001 From: Yuwei Zhou Date: Wed, 22 Nov 2017 11:20:00 +0800 Subject: [PATCH] Fixes #30863: support update source_address_prefix in azure_rm_securitygroup (#32614) * compare source address prefix * remove useless quote --- .../cloud/azure/azure_rm_securitygroup.py | 3 ++ .../azure_rm_securitygroup/tasks/main.yml | 31 +++++++++++-------- 2 files changed, 21 insertions(+), 13 deletions(-) diff --git a/lib/ansible/modules/cloud/azure/azure_rm_securitygroup.py b/lib/ansible/modules/cloud/azure/azure_rm_securitygroup.py index c934eddb27..9a4653f59f 100644 --- a/lib/ansible/modules/cloud/azure/azure_rm_securitygroup.py +++ b/lib/ansible/modules/cloud/azure/azure_rm_securitygroup.py @@ -426,6 +426,9 @@ def compare_rules(r, rule): if rule['direction'] != r['direction']: changed = True r['direction'] = rule['direction'] + if rule['source_address_prefix'] != str(r['source_address_prefix']): + changed = True + r['source_address_prefix'] = rule['source_address_prefix'] return matched, changed diff --git a/test/integration/targets/azure_rm_securitygroup/tasks/main.yml b/test/integration/targets/azure_rm_securitygroup/tasks/main.yml index 82aed4269d..8db5cef0ab 100644 --- a/test/integration/targets/azure_rm_securitygroup/tasks/main.yml +++ b/test/integration/targets/azure_rm_securitygroup/tasks/main.yml @@ -14,9 +14,9 @@ access: Deny priority: 100 direction: Inbound - - name: 'AllowSSH' + - name: AllowSSH protocol: Tcp - source_address_prefix: '174.109.158.0/24' + source_address_prefix: 174.109.158.0/24 destination_port_range: 22 access: Allow priority: 101 @@ -41,33 +41,38 @@ resource_group: "{{ resource_group }}" name: mysecgroup rules: - - name: DenySSH + - name: AllowSSH protocol: Tcp - destination_port_range: 22-23 - access: Deny - priority: 100 + source_address_prefix: 174.108.158.0/24 + destination_port_range: 22 + access: Allow + priority: 101 - name: AllowSSHFromHome protocol: Tcp - source_address_prefix: '174.109.158.0/24' + source_address_prefix: 174.109.158.0/24 destination_port_range: 22-23 priority: 102 register: output -- assert: { that: "{{ output.state.rules | length }} == 3" } +- assert: + that: + - "{{ output.state.rules | length }} == 3" + - output.state.rules[1].source_address_prefix == '174.108.158.0/24' - name: Test idempotence azure_rm_securitygroup: resource_group: "{{ resource_group }}" name: mysecgroup rules: - - name: DenySSH + - name: AllowSSH protocol: Tcp - destination_port_range: 22-23 - access: Deny - priority: 100 + source_address_prefix: 174.108.158.0/24 + destination_port_range: 22 + access: Allow + priority: 101 - name: AllowSSHFromHome protocol: Tcp - source_address_prefix: '174.109.158.0/24' + source_address_prefix: 174.109.158.0/24 destination_port_range: 22-23 priority: 102 register: output