diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-13 12:04:41 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-13 12:04:41 +0000 |
commit | 975f66f2eebe9dadba04f275774d4ab83f74cf25 (patch) | |
tree | 89bd26a93aaae6a25749145b7e4bca4a1e75b2be /ansible_collections/azure/azcollection/tests/integration | |
parent | Initial commit. (diff) | |
download | ansible-975f66f2eebe9dadba04f275774d4ab83f74cf25.tar.xz ansible-975f66f2eebe9dadba04f275774d4ab83f74cf25.zip |
Adding upstream version 7.7.0+dfsg.upstream/7.7.0+dfsg
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'ansible_collections/azure/azcollection/tests/integration')
362 files changed, 29258 insertions, 0 deletions
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_account_info/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_account_info/aliases new file mode 100644 index 000000000..5052c82c7 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_account_info/aliases @@ -0,0 +1 @@ +cloud/azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_account_info/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_account_info/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_account_info/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_account_info/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_account_info/tasks/main.yml new file mode 100644 index 000000000..5c010972f --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_account_info/tasks/main.yml @@ -0,0 +1,17 @@ +- name: Get facts for current logged in user + azure.azcollection.azure_rm_account_info: + register: result + +- assert: + that: + - result is not changed + - result is not failed + - "'account_info' in result" + - "'environmentName' in result.account_info" + - "'homeTenantId' in result.account_info" + - "'id' in result.account_info" + - "'managedByTenants' in result.account_info" + - "'name' in result.account_info" + - "'state' in result.account_info" + - "'tenantId' in result.account_info" + - "'user' in result.account_info" diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_acs/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_acs/aliases new file mode 100644 index 000000000..99b41786a --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_acs/aliases @@ -0,0 +1,4 @@ +cloud/azure +destructive +unsupported +shippable/azure/group10 diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_acs/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_acs/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_acs/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_acs/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_acs/tasks/main.yml new file mode 100644 index 000000000..a35871c09 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_acs/tasks/main.yml @@ -0,0 +1,149 @@ + - name: Create an ACS instance - DCOS + azure_rm_acs: + name: "acsdcos{{ resource_group | hash('md5') | truncate(7, True, '') }}" + resource_group: "{{ resource_group }}" + location: eastus + orchestration_platform: DCOS + master_profile: + - count: 1 + dns_prefix: "acsdcos{{ resource_group | hash('md5') | truncate(10, True, '') }}" + vm_size: Standard_A0 + linux_profile: + - admin_username: azureuser + ssh_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqaZoyiz1qbdOQ8xEf6uEu1cCwYowo5FHtsBhqLoDnnp7KUTEBN+io238wdhjkasndq238e2/983289dasjnasey823/YkUCuzxDpsH7DUDhZcwySLKVVe0Qm3+928dfsjsejk298r/+vAnflKebuypNlmocIvakFWoZda18FOmsOoIVXQ8HWFNCuw9ZCunMSN62QGamCe3dL5cXlkgHYv7ekJE15IA9aOJcM7e90oeTqo+dsajda82e78sdja/llas8tsXY85LFqRnr3gJ02bAscjc477+X+j/gkpFoN1QEmt juliens@msft.com + agent_pool_profiles: + - name: default + count: 1 + dns_prefix: "acsdcos{{ resource_group | hash('md5') | truncate(12, True, '') }}" + vm_size: Standard_A0 + diagnostics_profile: false + register: output + + - name: Assert the ACS instance is well created + assert: + that: + - output.changed + - output.state.provisioning_state == 'Succeeded' + + - name: Scale the ACS instance from 1 to 2 - DCOS + azure_rm_acs: + name: "acsdcos{{ resource_group | hash('md5') | truncate(7, True, '') }}" + resource_group: "{{ resource_group }}" + location: eastus + orchestration_platform: DCOS + master_profile: + - count: 1 + dns_prefix: "acsdcos{{ resource_group | hash('md5') | truncate(10, True, '') }}" + vm_size: Standard_A0 + linux_profile: + - admin_username: azureuser + ssh_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqaZoyiz1qbdOQ8xEf6uEu1cCwYowo5FHtsBhqLoDnnp7KUTEBN+io238wdhjkasndq238e2/983289dasjnasey823/YkUCuzxDpsH7DUDhZcwySLKVVe0Qm3+928dfsjsejk298r/+vAnflKebuypNlmocIvakFWoZda18FOmsOoIVXQ8HWFNCuw9ZCunMSN62QGamCe3dL5cXlkgHYv7ekJE15IA9aOJcM7e90oeTqo+dsajda82e78sdja/llas8tsXY85LFqRnr3gJ02bAscjc477+X+j/gkpFoN1QEmt juliens@msft.com + agent_pool_profiles: + - name: default + count: 2 + dns_prefix: "acsdcos{{ resource_group | hash('md5') | truncate(12, True, '') }}" + vm_size: Standard_A0 + diagnostics_profile: false + register: output + + - name: Assert the ACS instance is well scaled + assert: + that: + - output.changed + - output.state.agent_pool_profiles[0].count == 2 + + - name: Delete the DCOS ACS instance - DCOS + azure_rm_acs: + name: "acsdcos{{ resource_group | hash('md5') | truncate(7, True, '') }}" + resource_group: "{{ resource_group }}" + location: eastus + orchestration_platform: DCOS + state: absent + master_profile: + - count: 1 + dns_prefix: "acsdcos{{ resource_group | hash('md5') | truncate(10, True, '') }}" + vm_size: Standard_A0 + linux_profile: + - admin_username: azureuser + ssh_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqaZoyiz1qbdOQ8xEf6uEu1cCwYowo5FHtsBhqLoDnnp7KUTEBN+io238wdhjkasndq238e2/983289dasjnasey823/YkUCuzxDpsH7DUDhZcwySLKVVe0Qm3+928dfsjsejk298r/+vAnflKebuypNlmocIvakFWoZda18FOmsOoIVXQ8HWFNCuw9ZCunMSN62QGamCe3dL5cXlkgHYv7ekJE15IA9aOJcM7e90oeTqo+dsajda82e78sdja/llas8tsXY85LFqRnr3gJ02bAscjc477+X+j/gkpFoN1QEmt juliens@msft.com + agent_pool_profiles: + - name: default + count: 2 + dns_prefix: "acsdcos{{ resource_group | hash('md5') | truncate(12, True, '') }}" + vm_size: Standard_A0 + diagnostics_profile: false + + - name: Create an ACS instance - Swarm + azure_rm_acs: + name: "acssw{{ resource_group | hash('md5') | truncate(7, True, '') }}" + resource_group: "{{ resource_group }}" + location: eastus + orchestration_platform: Swarm + master_profile: + - count: 1 + dns_prefix: "acssw{{ resource_group | hash('md5') | truncate(10, True, '') }}" + vm_size: Standard_A0 + linux_profile: + - admin_username: azureuser + ssh_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqaZoyiz1qbdOQ8xEf6uEu1cCwYowo5FHtsBhqLoDnnp7KUTEBN+io238wdhjkasndq238e2/983289dasjnasey823/YkUCuzxDpsH7DUDhZcwySLKVVe0Qm3+928dfsjsejk298r/+vAnflKebuypNlmocIvakFWoZda18FOmsOoIVXQ8HWFNCuw9ZCunMSN62QGamCe3dL5cXlkgHYv7ekJE15IA9aOJcM7e90oeTqo+dsajda82e78sdja/llas8tsXY85LFqRnr3gJ02bAscjc477+X+j/gkpFoN1QEmt juliens@msft.com + agent_pool_profiles: + - name: default + count: 1 + dns_prefix: "acssw{{ resource_group | hash('md5') | truncate(12, True, '') }}" + vm_size: Standard_A0 + diagnostics_profile: false + register: output + + - name: Assert the ACS instance is well created + assert: + that: + - output.changed + - output.state.provisioning_state == 'Succeeded' + + - name: Scale the ACS instance from 1 to 2 - Swarm + azure_rm_acs: + name: "acssw{{ resource_group | hash('md5') | truncate(7, True, '') }}" + resource_group: "{{ resource_group }}" + location: eastus + orchestration_platform: Swarm + master_profile: + - count: 1 + dns_prefix: "acssw{{ resource_group | hash('md5') | truncate(10, True, '') }}" + vm_size: Standard_A0 + linux_profile: + - admin_username: azureuser + ssh_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqaZoyiz1qbdOQ8xEf6uEu1cCwYowo5FHtsBhqLoDnnp7KUTEBN+io238wdhjkasndq238e2/983289dasjnasey823/YkUCuzxDpsH7DUDhZcwySLKVVe0Qm3+928dfsjsejk298r/+vAnflKebuypNlmocIvakFWoZda18FOmsOoIVXQ8HWFNCuw9ZCunMSN62QGamCe3dL5cXlkgHYv7ekJE15IA9aOJcM7e90oeTqo+dsajda82e78sdja/llas8tsXY85LFqRnr3gJ02bAscjc477+X+j/gkpFoN1QEmt juliens@msft.com + agent_pool_profiles: + - name: default + count: 2 + dns_prefix: "acssw{{ resource_group | hash('md5') | truncate(12, True, '') }}" + vm_size: Standard_A0 + diagnostics_profile: false + register: output + + - name: Assert the ACS instance is well scaled + assert: + that: + - output.changed + - output.state.agent_pool_profiles[0].count == 2 + + - name: Delete the ACS instance - Swarm + azure_rm_acs: + name: "acssw{{ resource_group | hash('md5') | truncate(7, True, '') }}" + resource_group: "{{ resource_group }}" + location: eastus + orchestration_platform: Swarm + state: absent + master_profile: + - count: 1 + dns_prefix: "acssw{{ resource_group | hash('md5') | truncate(10, True, '') }}" + vm_size: Standard_A0 + linux_profile: + - admin_username: azureuser + ssh_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqaZoyiz1qbdOQ8xEf6uEu1cCwYowo5FHtsBhqLoDnnp7KUTEBN+io238wdhjkasndq238e2/983289dasjnasey823/YkUCuzxDpsH7DUDhZcwySLKVVe0Qm3+928dfsjsejk298r/+vAnflKebuypNlmocIvakFWoZda18FOmsOoIVXQ8HWFNCuw9ZCunMSN62QGamCe3dL5cXlkgHYv7ekJE15IA9aOJcM7e90oeTqo+dsajda82e78sdja/llas8tsXY85LFqRnr3gJ02bAscjc477+X+j/gkpFoN1QEmt juliens@msft.com + agent_pool_profiles: + - name: default + count: 2 + dns_prefix: "acssw{{ resource_group | hash('md5') | truncate(12, True, '') }}" + vm_size: Standard_A0 + diagnostics_profile: false
\ No newline at end of file diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adapplication/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adapplication/aliases new file mode 100644 index 000000000..fc8bf1e71 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adapplication/aliases @@ -0,0 +1,4 @@ +cloud/azure +shippable/azure/group10 +disabled +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adapplication/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adapplication/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adapplication/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adapplication/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adapplication/tasks/main.yml new file mode 100644 index 000000000..c8dfcb2b7 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adapplication/tasks/main.yml @@ -0,0 +1,91 @@ +- set_fact: + tenant_id: "{{ azure_tenant }}" + display_name: "app{{ resource_group | hash('sha1') | truncate(20, True, '') }}" + run_once: yes + +- name: Create application + azure_rm_adapplication: + tenant: "{{ tenant_id }}" + display_name: "{{ display_name }}" + register: create_output + +- assert: + that: create_output.changed + +- name: Create application again (idempotent test) + azure_rm_adapplication: + tenant: "{{ tenant_id }}" + app_id: "{{ create_output.app_id }}" + register: output + +- assert: + that: not output.changed + +- name: Create application with more parameter + azure_rm_adapplication: + tenant: "{{ tenant_id }}" + display_name: "{{ display_name }}-01" + available_to_other_tenants: False + credential_description: "for test" + end_date: 2021-10-01 + start_date: 2021-05-18 + identifier_uris: + - "{{ display_name }}.com" + app_roles: + - allowed_member_types: + - User + description: "for app role test" + display_name: "{{ display_name }}_approle" + is_enabled: True + value: Password@0329 + register: second_output + +- assert: + that: second_output.changed + +- name: get ad app info ---- by object ID + azure_rm_adapplication_info: + object_id: "{{ create_output.object_id }}" + tenant: "{{ tenant_id }}" + register: output + +- name: get ad app info ---- by app ID + azure_rm_adapplication_info: + app_id: "{{ create_output.app_id }}" + tenant: "{{ tenant_id }}" + register: output + +- assert: + that: + - output.applications[0].app_display_name == "{{ display_name }}" + - output.applications | length == 1 + +- name: delete ad app by app id + azure_rm_adapplication: + app_id: "{{ create_output.app_id }}" + tenant: "{{ tenant_id }}" + state: absent + register: output + +- assert: + that: output.changed + +- name: delete ad app by app id + azure_rm_adapplication: + app_id: "{{ second_output.app_id }}" + tenant: "{{ tenant_id }}" + state: absent + register: output + +- assert: + that: output.changed + +- name: get ad app info ---- by app id + azure_rm_adapplication_info: + app_id: "{{ create_output.app_id }}" + tenant: "{{ tenant_id }}" + register: output + +- assert: + that: + - output.applications | length == 0 diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adgroup/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adgroup/aliases new file mode 100644 index 000000000..fc8bf1e71 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adgroup/aliases @@ -0,0 +1,4 @@ +cloud/azure +shippable/azure/group10 +disabled +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adgroup/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adgroup/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adgroup/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adgroup/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adgroup/tasks/main.yml new file mode 100644 index 000000000..09b3f686e --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adgroup/tasks/main.yml @@ -0,0 +1,239 @@ +- set_fact: + tenant_id: "{{ azure_tenant }}" + resource_prefix: "{{ 999999999999999999994 | random | to_uuid }}" + run_once: yes + +- name: Try to return non-existent group using display name + azure_rm_adgroup_info: + attribute_name: "displayName" + attribute_value: "{{ resource_prefix }}-Group-Root" + tenant: "{{ tenant_id }}" + register: get_nonexistent_group_display_name_ShouldFail + failed_when: + - get_nonexistent_group_display_name_ShouldFail.ad_groups != [] + +- name: Create Group Root + azure_rm_adgroup: + tenant: "{{ tenant_id }}" + display_name: "{{ resource_prefix }}-Group-Root" + mail_nickname: "{{ resource_prefix }}-Group-Root" + state: 'present' + register: group_create_changed_ShouldPass + +- name: Create Group Should Return Not Changed + azure_rm_adgroup: + tenant: "{{ tenant_id }}" + display_name: "{{ resource_prefix }}-Group-Root" + mail_nickname: "{{ resource_prefix }}-Group-Root" + state: 'present' + register: group_create_unchanged_ShouldPass + +- name: Assert Otherwise Changed Returns are Equal + assert: + that: + - group_create_changed_ShouldPass.changed == True + - group_create_unchanged_ShouldPass.changed == False + - group_create_changed_ShouldPass.display_name == group_create_unchanged_ShouldPass.display_name + - group_create_changed_ShouldPass.mail_enabled == group_create_unchanged_ShouldPass.mail_enabled + - group_create_changed_ShouldPass.mail_nickname == group_create_unchanged_ShouldPass.mail_nickname + - group_create_changed_ShouldPass.object_id == group_create_unchanged_ShouldPass.object_id + - group_create_changed_ShouldPass.security_enabled == group_create_unchanged_ShouldPass.security_enabled + +- name: Return previously created group using object_id + azure_rm_adgroup_info: + object_id: "{{ group_create_unchanged_ShouldPass.object_id }}" + tenant: "{{ tenant_id }}" + register: get_created_object_id_ShouldPass + +- name: Assert Returns are Equal to Created Group + assert: + that: + - get_created_object_id_ShouldPass.ad_groups[0].object_id == group_create_unchanged_ShouldPass.object_id + +- name: Create Group Member 1 + azure_rm_adgroup: + tenant: "{{ tenant_id }}" + display_name: "{{ resource_prefix }}-Group-Member-1" + mail_nickname: "{{ resource_prefix }}-Group-Member-1" + state: 'present' + register: create_group_member_1_ShouldPass + +- name: Create Group Member 2 + azure_rm_adgroup: + tenant: "{{ tenant_id }}" + display_name: "{{ resource_prefix }}-Group-Member-2" + mail_nickname: "{{ resource_prefix }}-Group-Member-2" + state: 'present' + register: create_group_member_2_ShouldPass + +- name: Ensure member is in group using display_name and mail_nickname + azure_rm_adgroup: + tenant: "{{ tenant_id }}" + display_name: "{{ resource_prefix }}-Group-Root" + mail_nickname: "{{ resource_prefix }}-Group-Root" + state: 'present' + present_members: + - "https://graph.windows.net/{{ tenant_id }}/directoryObjects/{{ create_group_member_1_ShouldPass.object_id }}" + - "https://graph.windows.net/{{ tenant_id }}/directoryObjects/{{ create_group_member_2_ShouldPass.object_id }}" + register: add_members_to_group_ShouldPass + +- name: Validate members are in the group + assert: + that: + - add_members_to_group_ShouldPass.group_members[0].object_id == create_group_member_1_ShouldPass.object_id or add_members_to_group_ShouldPass.group_members[1].object_id == create_group_member_1_ShouldPass.object_id + - add_members_to_group_ShouldPass.group_members[1].object_id == create_group_member_2_ShouldPass.object_id or add_members_to_group_ShouldPass.group_members[0].object_id == create_group_member_2_ShouldPass.object_id + +- name: Ensure member is in group that is already present using object_id + azure_rm_adgroup: + tenant: "{{ tenant_id }}" + object_id: "{{ group_create_changed_ShouldPass.object_id }}" + state: 'present' + present_members: + - "https://graph.windows.net/{{ tenant_id }}/directoryObjects/{{ create_group_member_1_ShouldPass.object_id }}" + register: add_already_present_member_to_group_ShouldPass + +- name: Validate nothing changed from already present member + assert: + that: + - add_already_present_member_to_group_ShouldPass.changed == false + +- name: Ensure member is not in group using object_id + azure_rm_adgroup: + tenant: "{{ tenant_id }}" + object_id: "{{ group_create_changed_ShouldPass.object_id }}" + state: 'present' + absent_members: + - "{{ create_group_member_2_ShouldPass.object_id }}" + register: remove_member_from_group_ShouldPass + +- name: Validate Group Member 1 is in the group and Group Member 2 is not + assert: + that: + - remove_member_from_group_ShouldPass.group_members[0].object_id == create_group_member_1_ShouldPass.object_id + - remove_member_from_group_ShouldPass.group_members | length == 1 + +- name: Ensure member is not in group that is already not in group using display_name and mail_nickname + azure_rm_adgroup: + tenant: "{{ tenant_id }}" + display_name: "{{ resource_prefix }}-Group-Root" + mail_nickname: "{{ resource_prefix }}-Group-Root" + state: 'present' + absent_members: + - "{{ create_group_member_2_ShouldPass.object_id }}" + register: remove_already_absent_member_from_group_ShouldPass + +- name: Validate nothing changed from already absent member + assert: + that: + - remove_already_absent_member_from_group_ShouldPass.changed == false + +- name: Return a specific group using object_id + azure_rm_adgroup_info: + object_id: "{{ group_create_changed_ShouldPass.object_id }}" + tenant: "{{ tenant_id }}" + register: object_id_ShouldPass + +- name: Return a specific group using object_id and return_owners + azure_rm_adgroup_info: + object_id: "{{ group_create_changed_ShouldPass.object_id }}" + return_owners: True + tenant: "{{ tenant_id }}" + register: object_id_return_owners_ShouldPass + +- name: Return a specific group using object_id and return_owners and return_group_members + azure_rm_adgroup_info: + object_id: "{{ group_create_changed_ShouldPass.object_id }}" + return_owners: True + return_group_members: True + tenant: "{{ tenant_id }}" + register: object_id_return_owners_and_group_members_ShouldPass + +- name: Return a specific group using object_id and member_groups + azure_rm_adgroup_info: + object_id: "{{ group_create_changed_ShouldPass.object_id }}" + return_member_groups: True + tenant: "{{ tenant_id }}" + register: object_id_return_member_groups_ShouldPass + +- name: Return a specific group using object_id and check_membership + azure_rm_adgroup_info: + object_id: "{{ group_create_changed_ShouldPass.object_id }}" + check_membership: "{{ create_group_member_1_ShouldPass.object_id }}" + tenant: "{{ tenant_id }}" + register: object_id_return_check_membership_ShouldPass + +- name: Return a specific group using displayName attribute + azure_rm_adgroup_info: + attribute_name: "displayName" + attribute_value: "{{ group_create_changed_ShouldPass.display_name }}" + tenant: "{{ tenant_id }}" + register: displayName_attribute_ShouldPass + +- name: Return a specific group using mailNickname filter + azure_rm_adgroup_info: + odata_filter: "mailNickname eq '{{ group_create_changed_ShouldPass.mail_nickname }}'" + tenant: "{{ tenant_id }}" + register: mailNickname_filter_ShouldPass + +- name: Return a different group using displayName attribute + azure_rm_adgroup_info: + attribute_name: "displayName" + attribute_value: "{{ create_group_member_2_ShouldPass.display_name }}" + tenant: "{{ tenant_id }}" + register: displayName_attribute_different_ShouldPass + +- name: Assert All Returns Are Equal + assert: + that: + - object_id_ShouldPass == displayName_attribute_ShouldPass + - object_id_ShouldPass == mailNickname_filter_ShouldPass + +- name: Assert Returns Are Not Equal + assert: + that: + - object_id_ShouldPass != displayName_attribute_different_ShouldPass + +- name: Delete group Group Root on object_id + azure_rm_adgroup: + tenant: "{{ tenant_id }}" + object_id: "{{ group_create_unchanged_ShouldPass.object_id }}" + state: 'absent' + register: group_delete_group_root_ShouldPass + +- name: Try to return now deleted group Group Root using object_id + azure_rm_adgroup_info: + object_id: "{{ group_create_unchanged_ShouldPass.object_id }}" + tenant: "{{ tenant_id }}" + register: get_deleted_object_group_root_ShouldFail + failed_when: + - '"failed to get ad group info Resource" not in get_deleted_object_group_root_ShouldFail.msg' + +- name: Delete group Group Member 1 on object_id + azure_rm_adgroup: + tenant: "{{ tenant_id }}" + object_id: "{{ create_group_member_1_ShouldPass.object_id }}" + state: 'absent' + register: group_delete_group_member_1_ShouldPass + +- name: Try to return now deleted group Group Member 1 using object_id + azure_rm_adgroup_info: + object_id: "{{ create_group_member_1_ShouldPass.object_id }}" + tenant: "{{ tenant_id }}" + register: get_deleted_object_group_member_1_ShouldFail + failed_when: + - '"failed to get ad group info Resource" not in get_deleted_object_group_member_1_ShouldFail.msg' + +- name: Delete group Group Member 2 on object_id + azure_rm_adgroup: + tenant: "{{ tenant_id }}" + object_id: "{{ create_group_member_2_ShouldPass.object_id }}" + state: 'absent' + register: group_delete_group_member_2_ShouldPass + +- name: Try to return now deleted group Group Member 2 using object_id + azure_rm_adgroup_info: + object_id: "{{ create_group_member_2_ShouldPass.object_id }}" + tenant: "{{ tenant_id }}" + register: get_deleted_object_group_member_2_ShouldFail + failed_when: + - '"failed to get ad group info Resource" not in get_deleted_object_group_member_2_ShouldFail.msg' diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adpassword/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adpassword/aliases new file mode 100644 index 000000000..fc8bf1e71 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adpassword/aliases @@ -0,0 +1,4 @@ +cloud/azure +shippable/azure/group10 +disabled +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adpassword/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adpassword/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adpassword/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adpassword/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adpassword/tasks/main.yml new file mode 100644 index 000000000..7c3782f17 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adpassword/tasks/main.yml @@ -0,0 +1,103 @@ +- set_fact: + app_id: "e0a62513-1d81-480e-a6dc-5c99cdd58d9a" + tenant_id: "72f988bf-86f1-41af-91ab-2d7cd011db47" + app_object_id: "b52e8275-a1ee-4c4a-86ff-15992e0920ed" + +- name: create first ad password by app_id + azure_rm_adpassword: + app_id: "{{ app_id }}" + value: "Password@032900001" + tenant: "{{ tenant_id }}" + state: present + register: ad_fact + +- assert: + that: + - ad_fact.changed + +- name: create second ad password by app_object_id + azure_rm_adpassword: + value: "Password@032900002" + tenant: "{{ tenant_id }}" + app_object_id: "{{ app_object_id }}" + state: present + register: ad_fact02 + +- assert: + that: + - ad_fact02.changed + +- name: create ad service principal + azure_rm_adserviceprincipal: + app_id: "{{ app_id }}" + tenant: "{{ tenant_id }}" + state: present + +- name: Get ad service principal info + azure_rm_adserviceprincipal_info: + tenant: "{{ tenant_id }}" + app_id: "{{ app_id }}" + register: sp_info +- debug: + var: sp_info + +- name: create third ad password by service_principal_object_id + azure_rm_adpassword: + value: "Password@032900003" + tenant: "{{ tenant_id }}" + service_principal_object_id: "{{ sp_info.service_principals[0].object_id }}" + state: present + register: ad_fact03 + +- assert: + that: + - ad_fact03.changed + +- name: can't update ad password + azure_rm_adpassword: + app_id: "{{ app_id }}" + value: "Password@032900003" + tenant: "{{ tenant_id }}" + key_id: "{{ ad_fact.key_id }}" + app_object_id: "{{ app_object_id }}" + state: present + register: output + ignore_errors: True + +- name: Get ad password info + azure_rm_adpassword_info: + app_id: "{{ app_id }}" + tenant: "{{ tenant_id }}" + key_id: "{{ ad_fact.key_id }}" + app_object_id: "{{ app_object_id }}" + register: ad_info + +- assert: + that: + - ad_info.passwords[0].start_date == ad_fact.start_date + - ad_info.passwords[0].end_date == ad_fact.end_date + +- name: delete one ad password + azure_rm_adpassword: + app_id: "{{ app_id }}" + key_id: "{{ ad_fact.key_id }}" + tenant: "{{ tenant_id }}" + app_object_id: "{{ app_object_id }}" + state: absent + register: output + +- assert: + that: + - output.changed + +- name: delete all ad password + azure_rm_adpassword: + app_id: "{{ app_id }}" + tenant: "{{ tenant_id }}" + app_object_id: "{{ app_object_id }}" + state: absent + register: output + +- assert: + that: + - output.changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adserviceprincipal/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adserviceprincipal/aliases new file mode 100644 index 000000000..6feba04aa --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adserviceprincipal/aliases @@ -0,0 +1,4 @@ +cloud/azure +shippable/azure/group10 +destructive +disabled diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adserviceprincipal/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adserviceprincipal/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adserviceprincipal/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adserviceprincipal/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adserviceprincipal/tasks/main.yml new file mode 100644 index 000000000..4e4b50161 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adserviceprincipal/tasks/main.yml @@ -0,0 +1,72 @@ +- set_fact: + app_id: "e0a62513-1d81-480e-a6dc-5c99cdd58d9a" + tenant_id: "72f988bf-86f1-41af-91ab-2d7cd011db47" + +- name: delete ad service principal + azure_rm_adserviceprincipal: + app_id: "{{ app_id }}" + tenant: "{{ tenant_id }}" + state: absent + +- name: create ad service principal + azure_rm_adserviceprincipal: + app_id: "{{ app_id }}" + tenant: "{{ tenant_id }}" + state: present + register: ad_fact + +- assert: + that: + - ad_fact.changed + +- name: create ad service principal (idempontent) + azure_rm_adserviceprincipal: + app_id: "{{ app_id }}" + tenant: "{{ tenant_id }}" + state: present + register: output + +- assert: + that: + - not output.changed + +- name: Get ad service principal info by app_id + azure_rm_adserviceprincipal_info: + app_id: "{{ app_id }}" + tenant: "{{ tenant_id }}" + register: ad_info + +- assert: + that: + - ad_info.service_principals[0].app_display_name == ad_fact.app_display_name + - ad_info.service_principals[0].app_role_assignment_required == False + +- name: update ad service principal app_role_assignmentrequired to True + azure_rm_adserviceprincipal: + app_id: "{{ app_id }}" + tenant: "{{ tenant_id }}" + app_role_assignment_required: True + state: present + register: output + +- name: Get ad service principal info by object_id + azure_rm_adserviceprincipal_info: + tenant: "{{ tenant_id }}" + object_id: "{{ ad_info.service_principals[0].object_id }}" + register: ad_info + +- assert: + that: + - ad_info.service_principals[0].app_display_name == ad_fact.app_display_name + - ad_info.service_principals[0].app_role_assignment_required == True + +- name: delete ad service principal + azure_rm_adserviceprincipal: + app_id: "{{ app_id }}" + tenant: "{{ tenant_id }}" + state: absent + register: output + +- assert: + that: + - output.changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aduser/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aduser/aliases new file mode 100644 index 000000000..398866a2f --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aduser/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group1 +disabled diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aduser/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aduser/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aduser/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aduser/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aduser/tasks/main.yml new file mode 100644 index 000000000..98dfc3241 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aduser/tasks/main.yml @@ -0,0 +1,165 @@ +- name: Prepare facts + set_fact: + tenant_id: "{{ azure_tenant }}" + user_id: "user{{ 999999999999999999994 | random | to_uuid }}@contoso.com" + object_id: "{{ 999999999999999999994 | random | to_uuid }}" + user_principal_name: "{{ 999999999999999999994 | random | to_uuid }}" + run_once: yes + +- name: Create test user + azure_rm_aduser: + user_principal_name: "{{ user_id }}" + tenant: "{{ tenant_id }}" + state: "present" + account_enabled: "True" + display_name: "Test_{{ user_principal_name }}_Display_Name" + password_profile: "password" + mail_nickname: "Test_{{ user_principal_name }}_mail_nickname" + immutable_id: "{{ object_id }}" + given_name: "First" + surname: "Last" + user_type: "Member" + usage_location: "US" + mail: "{{ user_principal_name }}@contoso.com" + register: create_user_should_pass + +- name: Try to update existing user - idempotent check + azure_rm_aduser: + user_principal_name: "{{ user_id }}" + tenant: "{{ tenant_id }}" + state: "present" + display_name: "Test_{{ user_principal_name }}_Display_Name" + mail_nickname: "Test_{{ user_principal_name }}_mail_nickname" + given_name: "First" + surname: "Last" + mail: "{{ user_principal_name }}@contoso.com" + register: attempted_update_with_no_changes_should_pass + +- name: Assert Nothing Changed + assert: + that: + - attempted_update_with_no_changes_should_pass["changed"] == False + +- name: user_principal_name Should Pass + azure_rm_aduser_info: + user_principal_name: "{{ user_id }}" + tenant: "{{ tenant_id }}" + register: get_user_should_pass + +- name: Assert user was created and account is enabled + assert: + that: + - "create_user_should_pass['ad_users'][0]['account_enabled'] == True" + - "get_user_should_pass['ad_users'][0]['account_enabled'] == True" + +- name: Update test user + azure_rm_aduser: + user_principal_name: "{{ user_id }}" + tenant: "{{ tenant_id }}" + state: "present" + account_enabled: "False" + register: update_user_should_pass + +- name: user_principal_name on updated user Should Pass + azure_rm_aduser_info: + user_principal_name: "{{ user_id }}" + tenant: "{{ tenant_id }}" + register: get_updated_user_should_pass + +- name: Assert user was updated and account is disabled + assert: + that: + - "update_user_should_pass['ad_users'][0]['account_enabled'] == False" + - "get_updated_user_should_pass['ad_users'][0]['account_enabled'] == False" + +- name: Delete test user + azure_rm_aduser: + user_principal_name: "{{ user_id }}" + tenant: "{{ tenant_id }}" + state: "absent" + register: delete_user_should_pass + +- name: user_principal_name Should Fail + azure_rm_aduser_info: + user_principal_name: "{{ user_id }}" + tenant: "{{ tenant_id }}" + register: get_user_should_fail + ignore_errors: true + +- name: Assert task failed + assert: + that: + - "get_user_should_fail['failed'] == True" + +- name: Run with bad tenant Should Fail + azure_rm_aduser_info: + user_principal_name: "{{user_id}}" + tenant: None + register: missing_tenant + ignore_errors: yes + +- name: Assert task failed + assert: + that: + - "missing_tenant['failed'] == True" + +- name: Missing any identifiers Should Fail + azure_rm_aduser_info: + tenant: "{{ tenant_id }}" + register: missing_any_identifiers + ignore_errors: yes + +- name: Assert task failed + assert: + that: + - "missing_any_identifiers is undefined" + +- name: Too many identifiers Should Fail + azure_rm_aduser_info: + user_principal_name: "{{ user_id }}" + object_id: "{{ object_id }}" + tenant: "{{ tenant_id }}" + register: too_many_identifiers + ignore_errors: yes + +- name: Assert task failed + assert: + that: + - "too_many_identifiers is undefined" + +- name: Missing attribute_value Should Fail + azure_rm_aduser_info: + attribute_name: proxyAddresses + tenant: "{{ tenant_id }}" + register: missing attribute_value + ignore_errors: yes + +- name: Assert task failed + assert: + that: + - "attribute_value is undefined" + +- name: Missing attribute_name Should Fail + azure_rm_aduser_info: + attribute_value: SMTP:user@contoso.com + tenant: "{{ tenant_id }}" + register: missing attribute_name + ignore_errors: yes + +- name: Assert task failed + assert: + that: + - "attribute_name is undefined" + +- name: Using all with principal name should fail + azure_rm_aduser_info: + all: True + user_principal_name: "{{ user_id }}" + tenant: "{{ tenant_id }}" + register: using_all_with_principal_name + ignore_errors: yes + +- name: Assert task failed + assert: + that: + - "using_all_with_principal_name is undefined" diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aks/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aks/aliases new file mode 100644 index 000000000..7aca0ce4f --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aks/aliases @@ -0,0 +1,3 @@ +cloud/azure +destructive +shippable/azure/group11 diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aks/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aks/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aks/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aks/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aks/tasks/main.yml new file mode 100644 index 000000000..cf3f856ec --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aks/tasks/main.yml @@ -0,0 +1,572 @@ + - set_fact: + rpfx: "{{ resource_group | hash('md5') | truncate(8, True, '') }}" + noderpfx: "{{ resource_group | hash('md5') | truncate(4, True, '') }}" + + - include: minimal-cluster.yml + + - name: Find available k8s version + azure_rm_aksversion_info: + location: eastus + register: versions + + - name: Create an AKS instance (check mode) + azure_rm_aks: + name: "aks{{ rpfx }}" + resource_group: "{{ resource_group }}" + location: eastus + dns_prefix: "aks{{ rpfx }}" + kubernetes_version: "{{ versions.azure_aks_versions[0] }}" + service_principal: + client_id: "{{ azure_client_id }}" + client_secret: "{{ azure_secret }}" + linux_profile: + admin_username: azureuser + ssh_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDSPmiqkvDH1/+MDAVDZT8381aYqp73Odz8cnD5hegNhqtXajqtiH0umVg7HybX3wt1HjcrwKJovZURcIbbcDvzdH2bnYbF93T4OLXA0bIfuIp6M86x1iutFtXdpN3TTicINrmSXEE2Ydm51iMu77B08ZERjVaToya2F7vC+egfoPvibf7OLxE336a5tPCywavvNihQjL8sjgpDT5AAScjb3YqK/6VLeQ18Ggt8/ufINsYkb+9/Ji/3OcGFeflnDXq80vPUyF3u4iIylob6RSZenC38cXmQB05tRNxS1B6BXCjMRdy0v4pa7oKM2GA4ADKpNrr0RI9ed+peRFwmsclH test@ansible + agent_pool_profiles: + - name: default + count: 1 + vm_size: Standard_B2s + type: VirtualMachineScaleSets + mode: System + node_labels: {"release":"stable"} + max_pods: 42 + availability_zones: + - 1 + - 2 + node_resource_group: "node{{ noderpfx }}" + enable_rbac: yes + network_profile: + load_balancer_sku: standard + check_mode: yes + + - name: Check there is no AKS created + azure_rm_aks_info: + name: "aks{{ rpfx }}" + resource_group: "{{ resource_group }}" + register: fact + + - name: Check there is no AKS created + assert: + that: + - "fact.aks | length == 0" + + - name: Create an AKS instance + azure_rm_aks: + name: "aks{{ rpfx }}" + resource_group: "{{ resource_group }}" + location: eastus + dns_prefix: "aks{{ rpfx }}" + kubernetes_version: "{{ versions.azure_aks_versions[0] }}" + service_principal: + client_id: "{{ azure_client_id }}" + client_secret: "{{ azure_secret }}" + linux_profile: + admin_username: azureuser + ssh_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDSPmiqkvDH1/+MDAVDZT8381aYqp73Odz8cnD5hegNhqtXajqtiH0umVg7HybX3wt1HjcrwKJovZURcIbbcDvzdH2bnYbF93T4OLXA0bIfuIp6M86x1iutFtXdpN3TTicINrmSXEE2Ydm51iMu77B08ZERjVaToya2F7vC+egfoPvibf7OLxE336a5tPCywavvNihQjL8sjgpDT5AAScjb3YqK/6VLeQ18Ggt8/ufINsYkb+9/Ji/3OcGFeflnDXq80vPUyF3u4iIylob6RSZenC38cXmQB05tRNxS1B6BXCjMRdy0v4pa7oKM2GA4ADKpNrr0RI9ed+peRFwmsclH test@ansible + agent_pool_profiles: + - name: default + count: 1 + vm_size: Standard_B2s + type: VirtualMachineScaleSets + mode: System + node_labels: {"release":"stable"} + max_pods: 42 + availability_zones: + - 1 + - 2 + node_resource_group: "node{{ noderpfx }}" + enable_rbac: yes + network_profile: + load_balancer_sku: standard + register: output + + - name: Assert the AKS instance is well created + assert: + that: + - output.changed + - output.provisioning_state == 'Succeeded' + + - name: Get AKS fact + azure_rm_aks_info: + name: "aks{{ rpfx }}" + resource_group: "{{ resource_group }}" + register: fact + + - name: Assert fact returns the created one + assert: + that: + - "fact.aks | length == 1" + - fact.aks[0].id == output.id + - fact.aks[0].properties.agentPoolProfiles[0].availabilityZones == ["1", "2"] + - fact.aks[0].properties.agentPoolProfiles[0].mode == "System" + - fact.aks[0].properties.agentPoolProfiles[0].nodeLabels | length == 1 + + - name: Update an AKS instance node_labels + azure_rm_aks: + name: "aks{{ rpfx }}" + resource_group: "{{ resource_group }}" + location: eastus + dns_prefix: "aks{{ rpfx }}" + kubernetes_version: "{{ versions.azure_aks_versions[0] }}" + service_principal: + client_id: "{{ azure_client_id }}" + client_secret: "{{ azure_secret }}" + linux_profile: + admin_username: azureuser + ssh_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDSPmiqkvDH1/+MDAVDZT8381aYqp73Odz8cnD5hegNhqtXajqtiH0umVg7HybX3wt1HjcrwKJovZURcIbbcDvzdH2bnYbF93T4OLXA0bIfuIp6M86x1iutFtXdpN3TTicINrmSXEE2Ydm51iMu77B08ZERjVaToya2F7vC+egfoPvibf7OLxE336a5tPCywavvNihQjL8sjgpDT5AAScjb3YqK/6VLeQ18Ggt8/ufINsYkb+9/Ji/3OcGFeflnDXq80vPUyF3u4iIylob6RSZenC38cXmQB05tRNxS1B6BXCjMRdy0v4pa7oKM2GA4ADKpNrr0RI9ed+peRFwmsclH test@ansible + agent_pool_profiles: + - name: default + count: 1 + vm_size: Standard_B2s + type: VirtualMachineScaleSets + mode: System + node_labels: {"release":"stable", "environment":"dev"} + max_pods: 42 + availability_zones: + - 1 + - 2 + node_resource_group: "node{{ noderpfx }}" + enable_rbac: yes + network_profile: + load_balancer_sku: standard + register: output + + - name: Assert the AKS instance is well update + assert: + that: + - output.changed + + - name: Get AKS fact + azure_rm_aks_info: + name: "aks{{ rpfx }}" + resource_group: "{{ resource_group }}" + register: fact + + - name: Assert fact returns the created one + assert: + that: + - "fact.aks | length == 1" + - fact.aks[0].id == output.id + - fact.aks[0].properties.agentPoolProfiles[0].nodeLabels | length == 2 + + - name: Get AKS upgrade versions + azure_rm_aksupgrade_info: + name: "aks{{ rpfx }}" + resource_group: "{{ resource_group }}" + register: upgrades + + - name: Assert available control-plane versions for upgrade + assert: + that: + - "upgrades.azure_aks_upgrades.control_plane_profile.kubernetes_version == versions.azure_aks_versions[0]" + - "upgrades.azure_aks_upgrades.control_plane_profile.upgrades | length > 0" + + - name: Create an AKS instance (idempotent) + azure_rm_aks: + name: "aks{{ rpfx }}" + resource_group: "{{ resource_group }}" + location: eastus + dns_prefix: "aks{{ rpfx }}" + kubernetes_version: "{{ versions.azure_aks_versions[0] }}" + service_principal: + client_id: "{{ azure_client_id }}" + linux_profile: + admin_username: azureuser + ssh_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDSPmiqkvDH1/+MDAVDZT8381aYqp73Odz8cnD5hegNhqtXajqtiH0umVg7HybX3wt1HjcrwKJovZURcIbbcDvzdH2bnYbF93T4OLXA0bIfuIp6M86x1iutFtXdpN3TTicINrmSXEE2Ydm51iMu77B08ZERjVaToya2F7vC+egfoPvibf7OLxE336a5tPCywavvNihQjL8sjgpDT5AAScjb3YqK/6VLeQ18Ggt8/ufINsYkb+9/Ji/3OcGFeflnDXq80vPUyF3u4iIylob6RSZenC38cXmQB05tRNxS1B6BXCjMRdy0v4pa7oKM2GA4ADKpNrr0RI9ed+peRFwmsclH test@ansible + agent_pool_profiles: + - name: default + count: 1 + vm_size: Standard_B2s + type: VirtualMachineScaleSets + mode: System + max_pods: 42 + availability_zones: + - 1 + - 2 + node_resource_group: "node{{ noderpfx }}" + enable_rbac: yes + network_profile: + load_balancer_sku: standard + register: output + + - name: Assert idempotent + assert: + that: + - not output.changed + + - name: Get available version + azure_rm_aksversion_info: + location: eastus + version: "{{ versions.azure_aks_versions[0] }}" + register: version1 + + - name: Upgrade the AKS instance with addon + azure_rm_aks: + name: "aks{{ rpfx }}" + resource_group: "{{ resource_group }}" + location: eastus + dns_prefix: "aks{{ rpfx }}" + kubernetes_version: "{{ version1.azure_aks_versions[0] }}" + service_principal: + client_id: "{{ azure_client_id }}" + linux_profile: + admin_username: azureuser + ssh_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDSPmiqkvDH1/+MDAVDZT8381aYqp73Odz8cnD5hegNhqtXajqtiH0umVg7HybX3wt1HjcrwKJovZURcIbbcDvzdH2bnYbF93T4OLXA0bIfuIp6M86x1iutFtXdpN3TTicINrmSXEE2Ydm51iMu77B08ZERjVaToya2F7vC+egfoPvibf7OLxE336a5tPCywavvNihQjL8sjgpDT5AAScjb3YqK/6VLeQ18Ggt8/ufINsYkb+9/Ji/3OcGFeflnDXq80vPUyF3u4iIylob6RSZenC38cXmQB05tRNxS1B6BXCjMRdy0v4pa7oKM2GA4ADKpNrr0RI9ed+peRFwmsclH test@ansible + agent_pool_profiles: + - name: default + count: 1 + vm_size: Standard_B2s + type: VirtualMachineScaleSets + mode: System + max_pods: 42 + availability_zones: + - 1 + - 2 + node_resource_group: "node{{ noderpfx }}" + addon: + http_application_routing: {} + network_profile: + network_plugin: kubenet + load_balancer_sku: standard + enable_rbac: yes + register: output + + - name: Assert the AKS instance is upgraded + assert: + that: + - output.changed + - output.kubernetes_version == version1.azure_aks_versions[0] + - output.addon.httpApplicationRouting.enabled == True + - output.agent_pool_profiles[0].count == 1 + - output.network_profile.network_plugin == 'kubenet' + + - name: Upgrade the AKS instance with addon (idempontent) + azure_rm_aks: + name: "aks{{ rpfx }}" + resource_group: "{{ resource_group }}" + location: eastus + dns_prefix: "aks{{ rpfx }}" + kubernetes_version: "{{ version1.azure_aks_versions[0] }}" + service_principal: + client_id: "{{ azure_client_id }}" + linux_profile: + admin_username: azureuser + ssh_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDSPmiqkvDH1/+MDAVDZT8381aYqp73Odz8cnD5hegNhqtXajqtiH0umVg7HybX3wt1HjcrwKJovZURcIbbcDvzdH2bnYbF93T4OLXA0bIfuIp6M86x1iutFtXdpN3TTicINrmSXEE2Ydm51iMu77B08ZERjVaToya2F7vC+egfoPvibf7OLxE336a5tPCywavvNihQjL8sjgpDT5AAScjb3YqK/6VLeQ18Ggt8/ufINsYkb+9/Ji/3OcGFeflnDXq80vPUyF3u4iIylob6RSZenC38cXmQB05tRNxS1B6BXCjMRdy0v4pa7oKM2GA4ADKpNrr0RI9ed+peRFwmsclH test@ansible + agent_pool_profiles: + - name: default + count: 1 + vm_size: Standard_B2s + type: VirtualMachineScaleSets + mode: System + max_pods: 42 + availability_zones: + - 1 + - 2 + node_resource_group: "node{{ noderpfx }}" + addon: + http_application_routing: {} + network_profile: + network_plugin: kubenet + load_balancer_sku: standard + enable_rbac: yes + register: output + + - assert: + that: + - not output.changed + + - name: Upgrade the AKS instance with agent pool profiles + azure_rm_aks: + name: "aks{{ rpfx }}" + resource_group: "{{ resource_group }}" + location: eastus + dns_prefix: "aks{{ rpfx }}" + kubernetes_version: "{{ version1.azure_aks_versions[0] }}" + service_principal: + client_id: "{{ azure_client_id }}" + client_secret: "{{ azure_secret }}" + linux_profile: + admin_username: azureuser + ssh_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDSPmiqkvDH1/+MDAVDZT8381aYqp73Odz8cnD5hegNhqtXajqtiH0umVg7HybX3wt1HjcrwKJovZURcIbbcDvzdH2bnYbF93T4OLXA0bIfuIp6M86x1iutFtXdpN3TTicINrmSXEE2Ydm51iMu77B08ZERjVaToya2F7vC+egfoPvibf7OLxE336a5tPCywavvNihQjL8sjgpDT5AAScjb3YqK/6VLeQ18Ggt8/ufINsYkb+9/Ji/3OcGFeflnDXq80vPUyF3u4iIylob6RSZenC38cXmQB05tRNxS1B6BXCjMRdy0v4pa7oKM2GA4ADKpNrr0RI9ed+peRFwmsclH test@ansible + agent_pool_profiles: + - name: default + count: 1 + vm_size: Standard_B2s + type: VirtualMachineScaleSets + mode: System + enable_auto_scaling: True + max_count: 6 + min_count: 1 + max_pods: 42 + availability_zones: + - 1 + - 2 + node_resource_group: "node{{ noderpfx }}" + enable_rbac: yes + network_profile: + load_balancer_sku: standard + register: output + ignore_errors: yes + + - name: Assert the AKS instance is well created + assert: + that: + - output.changed + - output.provisioning_state == 'Succeeded' + ignore_errors: yes + + - name: Upgrade the AKS instance with agent pool profiles (idempontent) + azure_rm_aks: + name: "aks{{ rpfx }}" + resource_group: "{{ resource_group }}" + location: eastus + dns_prefix: "aks{{ rpfx }}" + kubernetes_version: "{{ version1.azure_aks_versions[0] }}" + service_principal: + client_id: "{{ azure_client_id }}" + client_secret: "{{ azure_secret }}" + linux_profile: + admin_username: azureuser + ssh_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDSPmiqkvDH1/+MDAVDZT8381aYqp73Odz8cnD5hegNhqtXajqtiH0umVg7HybX3wt1HjcrwKJovZURcIbbcDvzdH2bnYbF93T4OLXA0bIfuIp6M86x1iutFtXdpN3TTicINrmSXEE2Ydm51iMu77B08ZERjVaToya2F7vC+egfoPvibf7OLxE336a5tPCywavvNihQjL8sjgpDT5AAScjb3YqK/6VLeQ18Ggt8/ufINsYkb+9/Ji/3OcGFeflnDXq80vPUyF3u4iIylob6RSZenC38cXmQB05tRNxS1B6BXCjMRdy0v4pa7oKM2GA4ADKpNrr0RI9ed+peRFwmsclH test@ansible + agent_pool_profiles: + - name: default + count: 1 + vm_size: Standard_B2s + type: VirtualMachineScaleSets + mode: System + enable_auto_scaling: True + max_count: 6 + min_count: 1 + max_pods: 42 + availability_zones: + - 1 + - 2 + node_resource_group: "node{{ noderpfx }}" + enable_rbac: yes + network_profile: + load_balancer_sku: standard + register: output + + - name: Assert the AKS instance is well created + assert: + that: + - not output.changed + + - name: Upgrade the AKS instance with multiple agent pool profiles + azure_rm_aks: + name: "aks{{ rpfx }}" + resource_group: "{{ resource_group }}" + location: eastus + dns_prefix: "aks{{ rpfx }}" + kubernetes_version: "{{ version1.azure_aks_versions[0] }}" + service_principal: + client_id: "{{ azure_client_id }}" + client_secret: "{{ azure_secret }}" + linux_profile: + admin_username: azureuser + ssh_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDSPmiqkvDH1/+MDAVDZT8381aYqp73Odz8cnD5hegNhqtXajqtiH0umVg7HybX3wt1HjcrwKJovZURcIbbcDvzdH2bnYbF93T4OLXA0bIfuIp6M86x1iutFtXdpN3TTicINrmSXEE2Ydm51iMu77B08ZERjVaToya2F7vC+egfoPvibf7OLxE336a5tPCywavvNihQjL8sjgpDT5AAScjb3YqK/6VLeQ18Ggt8/ufINsYkb+9/Ji/3OcGFeflnDXq80vPUyF3u4iIylob6RSZenC38cXmQB05tRNxS1B6BXCjMRdy0v4pa7oKM2GA4ADKpNrr0RI9ed+peRFwmsclH test@ansible + agent_pool_profiles: + - name: default + count: 1 + vm_size: Standard_B2s + type: VirtualMachineScaleSets + mode: System + enable_auto_scaling: True + max_count: 6 + min_count: 1 + max_pods: 42 + availability_zones: + - 1 + - 2 + - name: default2 + count: 1 + vm_size: Standard_B2s + type: VirtualMachineScaleSets + mode: User + node_resource_group: "node{{ noderpfx }}" + enable_rbac: yes + network_profile: + load_balancer_sku: standard + register: output + ignore_errors: yes + + - name: Assert the AKS instance is well created + assert: + that: + - output.changed + - "output.agent_pool_profiles | length == 2" + - output.provisioning_state == 'Succeeded' + - output.agent_pool_profiles[1].mode == 'User' + ignore_errors: yes + + - name: Upgrade the AKS instance with multiple agent pool profiles (idempontent) + azure_rm_aks: + name: "aks{{ rpfx }}" + resource_group: "{{ resource_group }}" + location: eastus + dns_prefix: "aks{{ rpfx }}" + kubernetes_version: "{{ version1.azure_aks_versions[0] }}" + service_principal: + client_id: "{{ azure_client_id }}" + client_secret: "{{ azure_secret }}" + linux_profile: + admin_username: azureuser + ssh_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDSPmiqkvDH1/+MDAVDZT8381aYqp73Odz8cnD5hegNhqtXajqtiH0umVg7HybX3wt1HjcrwKJovZURcIbbcDvzdH2bnYbF93T4OLXA0bIfuIp6M86x1iutFtXdpN3TTicINrmSXEE2Ydm51iMu77B08ZERjVaToya2F7vC+egfoPvibf7OLxE336a5tPCywavvNihQjL8sjgpDT5AAScjb3YqK/6VLeQ18Ggt8/ufINsYkb+9/Ji/3OcGFeflnDXq80vPUyF3u4iIylob6RSZenC38cXmQB05tRNxS1B6BXCjMRdy0v4pa7oKM2GA4ADKpNrr0RI9ed+peRFwmsclH test@ansible + agent_pool_profiles: + - name: default + count: 1 + vm_size: Standard_B2s + type: VirtualMachineScaleSets + enable_auto_scaling: True + max_count: 6 + min_count: 1 + max_pods: 42 + availability_zones: + - 1 + - 2 + - name: default2 + count: 1 + vm_size: Standard_B2s + type: VirtualMachineScaleSets + mode: User + node_resource_group: "node{{ noderpfx }}" + enable_rbac: yes + network_profile: + load_balancer_sku: standard + register: output + + - name: Assert the AKS instance is well created + assert: + that: + - not output.changed + + - name: Update the default2 agent_pool mode from User to System + azure_rm_aks: + name: "aks{{ rpfx }}" + resource_group: "{{ resource_group }}" + location: eastus + dns_prefix: "aks{{ rpfx }}" + kubernetes_version: "{{ version1.azure_aks_versions[0] }}" + service_principal: + client_id: "{{ azure_client_id }}" + client_secret: "{{ azure_secret }}" + linux_profile: + admin_username: azureuser + ssh_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDSPmiqkvDH1/+MDAVDZT8381aYqp73Odz8cnD5hegNhqtXajqtiH0umVg7HybX3wt1HjcrwKJovZURcIbbcDvzdH2bnYbF93T4OLXA0bIfuIp6M86x1iutFtXdpN3TTicINrmSXEE2Ydm51iMu77B08ZERjVaToya2F7vC+egfoPvibf7OLxE336a5tPCywavvNihQjL8sjgpDT5AAScjb3YqK/6VLeQ18Ggt8/ufINsYkb+9/Ji/3OcGFeflnDXq80vPUyF3u4iIylob6RSZenC38cXmQB05tRNxS1B6BXCjMRdy0v4pa7oKM2GA4ADKpNrr0RI9ed+peRFwmsclH test@ansible + agent_pool_profiles: + - name: default + count: 1 + vm_size: Standard_B2s + type: VirtualMachineScaleSets + mode: System + enable_auto_scaling: True + max_count: 6 + min_count: 1 + max_pods: 42 + availability_zones: + - 1 + - 2 + - name: default2 + count: 1 + vm_size: Standard_B2s + type: VirtualMachineScaleSets + mode: System + node_resource_group: "node{{ noderpfx }}" + enable_rbac: yes + network_profile: + load_balancer_sku: standard + ignore_errors: yes + register: output + + - name: Assert the AKS instance is well created + assert: + that: + - output.changed + - "output.agent_pool_profiles | length == 2" + - output.provisioning_state == 'Succeeded' + - output.agent_pool_profiles[1].mode == 'System' + ignore_errors: yes + + - name: Update the default2 agent_pool mode from User to System (idempontent) + azure_rm_aks: + name: "aks{{ rpfx }}" + resource_group: "{{ resource_group }}" + location: eastus + dns_prefix: "aks{{ rpfx }}" + kubernetes_version: "{{ version1.azure_aks_versions[0] }}" + service_principal: + client_id: "{{ azure_client_id }}" + client_secret: "{{ azure_secret }}" + linux_profile: + admin_username: azureuser + ssh_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDSPmiqkvDH1/+MDAVDZT8381aYqp73Odz8cnD5hegNhqtXajqtiH0umVg7HybX3wt1HjcrwKJovZURcIbbcDvzdH2bnYbF93T4OLXA0bIfuIp6M86x1iutFtXdpN3TTicINrmSXEE2Ydm51iMu77B08ZERjVaToya2F7vC+egfoPvibf7OLxE336a5tPCywavvNihQjL8sjgpDT5AAScjb3YqK/6VLeQ18Ggt8/ufINsYkb+9/Ji/3OcGFeflnDXq80vPUyF3u4iIylob6RSZenC38cXmQB05tRNxS1B6BXCjMRdy0v4pa7oKM2GA4ADKpNrr0RI9ed+peRFwmsclH test@ansible + agent_pool_profiles: + - name: default + count: 1 + vm_size: Standard_B2s + type: VirtualMachineScaleSets + enable_auto_scaling: True + max_count: 6 + min_count: 1 + max_pods: 42 + availability_zones: + - 1 + - 2 + - name: default2 + count: 1 + vm_size: Standard_B2s + type: VirtualMachineScaleSets + mode: System + node_resource_group: "node{{ noderpfx }}" + enable_rbac: yes + network_profile: + load_balancer_sku: standard + register: output + + - name: Get AKS fact + azure_rm_aks_info: + name: "aks{{ rpfx }}" + resource_group: "{{ resource_group }}" + show_kubeconfig: user + register: fact + + - name: Assert fact returns the created one + assert: + that: + - "fact.aks | length == 1" + - fact.aks[0].kube_config == output.kube_config + + - name: Delete the AKS instance + azure_rm_aks: + name: "aks{{ rpfx }}" + resource_group: "{{ resource_group }}" + state: absent + register: output + + - name: Assert the AKS instance is well deleted + assert: + that: + - output.changed + + - name: Delete the AKS instance (idempotent) + azure_rm_aks: + name: "aks{{ rpfx }}" + resource_group: "{{ resource_group }}" + state: absent + register: output + + - name: Assert idempotent + assert: + that: + - not output.changed + + - name: Get AKS fact + azure_rm_aks_info: + name: "aks{{ rpfx }}" + resource_group: "{{ resource_group }}" + register: fact + + - name: Assert fact returns empty + assert: + that: + - "fact.aks | length == 0" diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aks/tasks/minimal-cluster.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aks/tasks/minimal-cluster.yml new file mode 100644 index 000000000..bda3c06ec --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aks/tasks/minimal-cluster.yml @@ -0,0 +1,136 @@ +- set_fact: + rpfx: "{{ resource_group | hash('md5') | truncate(8, True, '') }}" + +- name: Find available k8s version + azure_rm_aksversion_info: + location: eastus + register: versions + +- name: Use minimal parameters and system-assigned identity + azure_rm_aks: + name: "minimal{{ rpfx }}" + location: eastus + resource_group: "{{ resource_group }}" + kubernetes_version: "{{ versions.azure_aks_versions[0] }}" + dns_prefix: "aks{{ rpfx }}" + enable_rbac: true + aad_profile: + managed: true + agent_pool_profiles: + - name: default + count: 1 + vm_size: Standard_B2s + mode: System + api_server_access_profile: + authorized_ip_ranges: + - "192.0.2.0" + - "198.51.100.0" + - "203.0.113.0" + enable_private_cluster: no + network_profile: + load_balancer_sku: standard + outbound_type: loadBalancer + register: output + +- name: Assert the AKS instance is well created + assert: + that: + - output.changed + - output.provisioning_state == 'Succeeded' + +- name: Get AKS fact + azure_rm_aks_info: + name: "minimal{{ rpfx }}" + resource_group: "{{ resource_group }}" + register: fact + +- name: Assert fact returns the created one + assert: + that: + - "fact.aks | length == 1" + - fact.aks[0].id == output.id + - fact.aks[0].properties.aadProfile.managed == true + +- name: Use minimal parameters and system-assigned identity (idempotent) + azure_rm_aks: + name: "minimal{{ rpfx }}" + location: eastus + resource_group: "{{ resource_group }}" + kubernetes_version: "{{ versions.azure_aks_versions[0] }}" + dns_prefix: "aks{{ rpfx }}" + enable_rbac: true + aad_profile: + managed: true + agent_pool_profiles: + - name: default + count: 1 + vm_size: Standard_B2s + mode: System + api_server_access_profile: + authorized_ip_ranges: + - "192.0.2.0" + - "198.51.100.0" + - "203.0.113.0" + enable_private_cluster: no + network_profile: + load_balancer_sku: standard + outbound_type: loadBalancer + register: output + +- name: Assert idempotent + assert: + that: + - not output.changed + +- name: Update api_server_access_profile config + azure_rm_aks: + name: "minimal{{ rpfx }}" + location: eastus + resource_group: "{{ resource_group }}" + kubernetes_version: "{{ versions.azure_aks_versions[0] }}" + dns_prefix: "aks{{ rpfx }}" + enable_rbac: true + agent_pool_profiles: + - name: default + count: 1 + vm_size: Standard_B2s + mode: System + api_server_access_profile: + authorized_ip_ranges: + - "173.0.113.0" + - "192.0.2.0" + - "198.51.100.0" + - "203.0.113.0" + enable_private_cluster: no + network_profile: + load_balancer_sku: standard + outbound_type: loadBalancer + register: output + +- name: Assert idempotent + assert: + that: + - output.changed + +- name: Delete the AKS instance + azure_rm_aks: + name: "minimal{{ rpfx }}" + resource_group: "{{ resource_group }}" + state: absent + register: output + +- name: Assert the AKS instance is well deleted + assert: + that: + - output.changed + +- name: Get AKS fact + azure_rm_aks_info: + name: "minimal{{ rpfx }}" + resource_group: "{{ resource_group }}" + register: fact + +- name: Assert fact returns empty + assert: + that: + - "fact.aks | length == 0" diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aksagentpool/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aksagentpool/aliases new file mode 100644 index 000000000..7aca0ce4f --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aksagentpool/aliases @@ -0,0 +1,3 @@ +cloud/azure +destructive +shippable/azure/group11 diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aksagentpool/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aksagentpool/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aksagentpool/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aksagentpool/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aksagentpool/tasks/main.yml new file mode 100644 index 000000000..1d098e7f1 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aksagentpool/tasks/main.yml @@ -0,0 +1,172 @@ +- set_fact: + rpfx: "{{ resource_group | hash('md5') | truncate(8, True, '') }}" + +- name: Find available k8s version + azure_rm_aksversion_info: + location: eastus + register: versions + +- name: Create a kubernet service with minimal parameters + azure_rm_aks: + name: "min{{ rpfx }}" + location: eastus + resource_group: "{{ resource_group }}" + kubernetes_version: "{{ versions.azure_aks_versions[0] }}" + dns_prefix: "aks{{ rpfx }}" + enable_rbac: true + aad_profile: + managed: true + agent_pool_profiles: + - name: default + count: 1 + vm_size: Standard_B2s + mode: System + api_server_access_profile: + authorized_ip_ranges: + - "192.0.2.0" + - "198.51.100.0" + - "203.0.113.0" + enable_private_cluster: no + network_profile: + load_balancer_sku: standard + outbound_type: loadBalancer + register: output + +- name: Get cluster's node agent pool info + azure_rm_aksagentpool_info: + resource_group: "{{ resource_group }}" + cluster_name: "min{{ rpfx }}" + register: output + +- name: Assert the cluster with one agent pool + assert: + that: + - "output.aks_agent_pools | length == 1" + +- name: Get aks agent pool support version + azure_rm_aksagentpoolversion_info: + resource_group: "{{ resource_group }}" + cluster_name: "min{{ rpfx }}" + register: agentpool_version + +- name: Assert the orchestrator version is not None + assert: + that: + - "agentpool_version.azure_orchestrator_version | length >= 1" + +- name: Add agent pool + azure_rm_aksagentpool: + resource_group: "{{ resource_group }}" + cluster_name: "min{{ rpfx }}" + name: default03 + count: 1 + vm_size: Standard_B2s + type_properties_type: VirtualMachineScaleSets + mode: System + node_labels: {"release":"stable"} + max_pods: 42 + enable_auto_scaling: True + min_count: 1 + max_count: 10 + orchestrator_version: "{{ agentpool_version.azure_orchestrator_version[0] }}" + availability_zones: + - 1 + - 2 + register: output + +- name: Assert the node agent pool created + assert: + that: + - output.changed + +- name: Add agent pool (Idempotent test) + azure_rm_aksagentpool: + resource_group: "{{ resource_group }}" + cluster_name: "min{{ rpfx }}" + name: default03 + count: 1 + vm_size: Standard_B2s + type_properties_type: VirtualMachineScaleSets + mode: System + node_labels: {"release":"stable"} + max_pods: 42 + enable_auto_scaling: True + min_count: 1 + max_count: 10 + orchestrator_version: "{{ agentpool_version.azure_orchestrator_version[0] }}" + availability_zones: + - 1 + - 2 + register: output + +- name: Assert the node agent pool not changed + assert: + that: + - not output.changed + +- name: Get cluster's node agent pool info + azure_rm_aksagentpool_info: + resource_group: "{{ resource_group }}" + cluster_name: "min{{ rpfx }}" + register: output + +- name: Assert node agent pool + assert: + that: + - "output.aks_agent_pools | length == 2" + +- name: Upgrade node agent pool + azure_rm_aksagentpool: + resource_group: "{{ resource_group }}" + cluster_name: "min{{ rpfx }}" + name: default03 + count: 1 + vm_size: Standard_B2s + type_properties_type: VirtualMachineScaleSets + mode: System + node_labels: {"release":"stable"} + max_pods: 42 + enable_auto_scaling: True + min_count: 2 + max_count: 20 + orchestrator_version: "{{ agentpool_version.azure_orchestrator_version[0] }}" + availability_zones: + - 1 + - 2 + register: output + +- name: Assert the node agent pool udpated + assert: + that: + - output.changed + +- name: Get cluster's node agent pool info + azure_rm_aksagentpool_info: + resource_group: "{{ resource_group }}" + cluster_name: "min{{ rpfx }}" + name: default03 + register: output + +- name: Assert node agent configuration + assert: + that: + - output.aks_agent_pools[0].availability_zones == [1, 2] + - output.aks_agent_pools[0].count == 1 + - output.aks_agent_pools[0].min_count == 2 + - output.aks_agent_pools[0].max_count == 20 + - output.aks_agent_pools[0].type_properties_type == "VirtualMachineScaleSets" + - output.aks_agent_pools[0].max_pods == 42 + - output.aks_agent_pools[0].orchestrator_version == agentpool_version.azure_orchestrator_version[0] + +- name: Delete node agent pool + azure_rm_aksagentpool: + resource_group: "{{ resource_group }}" + cluster_name: "min{{ rpfx }}" + name: default03 + state: absent + register: output + +- name: Assert the node agent pool has deleted + assert: + that: + - output.changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_apimanagement/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_apimanagement/aliases new file mode 100644 index 000000000..5f6d48767 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_apimanagement/aliases @@ -0,0 +1,4 @@ +cloud/azure +shippable/azure/group15 +destructive +disabled diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_apimanagement/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_apimanagement/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_apimanagement/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_apimanagement/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_apimanagement/tasks/main.yml new file mode 100644 index 000000000..72b5588c4 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_apimanagement/tasks/main.yml @@ -0,0 +1,139 @@ +- name: Fix resource prefix + set_fact: + api_id: "myPolicy{{ resource_group | hash('md5') | truncate(23, True, '') }}" + service_name: "myService{{ resource_group | hash('md5') | truncate(22, True, '') }}" + display_name: test-api + path: myapipath + +- name: create API management service + azure_rm_apimanagementservice: + resource_group: "{{ resource_group }}" + name: "{{ service_name }}" + publisher_email: user@example.com + publisher_name: Username + sku_name: Developer + sku_capacity: 1 + +- name: Pause for 60 mimutes to create api mangement + pause: + minutes: 60 + +- name: Create a new API instance + azure_rm_apimanagement: + resource_group: "{{ resource_group }}" + service_name: "{{ service_name }}" + api_id: "{{ api_id }}" + description: "testDescription" + display_name: "{{ display_name }}" + service_url: 'http://testapi.example.net/api' + path: "{{ path }}" + protocols: + - https + register: newApi + +- name: Assert that output has changed + assert: + that: + - newApi.changed == True + - newApi.failed == False + +- name: Create a new API instance(Idempotent) + azure_rm_apimanagement: + resource_group: "{{ resource_group }}" + service_name: "{{ service_name }}" + api_id: "{{ api_id }}" + description: "testDescription" + display_name: "{{ display_name }}" + service_url: 'http://testapi.example.net/api' + path: "{{ path }}" + protocols: + - https + register: newApi_idempotent + +- name: Assert that output has changed + assert: + that: + - newApi_idempotent.changed == False + - newApi_idempotent.failed == False + +- name: Update API's protocols + azure_rm_apimanagement: + resource_group: "{{ resource_group }}" + service_name: "{{ service_name }}" + api_id: "{{ api_id }}" + description: "testDescription" + display_name: "{{ display_name }}" + service_url: 'http://testapi.example.net/api' + path: "{{ path }}" + protocols: + - https + - http + register: updateApi + +- name: Assert that output has changed + assert: + that: + - updateApi.changed == True + +- name: Create different format api + azure_rm_apimanagement: + resource_group: "{{ resource_group }}" + service_name: "{{ service_name }}" + api_id: "{{ api_id }}-secondary" + path: "{{ path }}-secondary" + format: openapi + display_name: "{{ display_name }}-secondary" + protocols: + - https + register: newOpenApi + +- name: Assert that output has changed + assert: + that: + - newOpenApi.changed == True + - newOpenApi.failed == False + +- name: Get api information + azure_rm_apimanagement_info: + resource_group: "{{ resource_group }}" + service_name: "{{ service_name }}" + api_id: "{{ api_id }}" + register: output + +- name: Assert that output has changed + assert: + that: + - output.api.id != None + +- name: Delete an api + azure_rm_apimanagement: + resource_group: "{{ resource_group }}" + service_name: "{{ service_name }}" + api_id: "{{ api_id }}" + state: absent + register: deleteApi + +- name: Assert the changes + assert: + that: + - deleteApi.changed == True + +- name: Delete an api(Idempotent) + azure_rm_apimanagement: + resource_group: "{{ resource_group }}" + service_name: "{{ service_name }}" + api_id: "{{ api_id }}" + state: absent + register: deleteApi_idempotent + +- name: Assert the changes + assert: + that: + - deleteApi_idempotent.changed == False + +- name: Delete an api + azure_rm_apimanagement: + resource_group: "{{ resource_group }}" + service_name: "{{ service_name }}" + api_id: "{{ api_id }}-secondary" + state: absent diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_apimanagementservice/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_apimanagementservice/aliases new file mode 100644 index 000000000..6feba04aa --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_apimanagementservice/aliases @@ -0,0 +1,4 @@ +cloud/azure +shippable/azure/group10 +destructive +disabled diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_apimanagementservice/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_apimanagementservice/meta/main.yml new file mode 100644 index 000000000..48f5726d8 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_apimanagementservice/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure
\ No newline at end of file diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_apimanagementservice/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_apimanagementservice/tasks/main.yml new file mode 100644 index 000000000..0dab04af8 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_apimanagementservice/tasks/main.yml @@ -0,0 +1,58 @@ +- name: Fix resource prefix + set_fact: + name: "myPolicy{{ resource_group | hash('md5') | truncate(22, True, '') }}" + +- name: To create API Management service + azure_rm_apimanagementservice: + resource_group: "{{ resource_group }}" + name: "{{ name }}" + publisher_email: user@example.com + publisher_name: Username + sku_name: Developer + sku_capacity: 1 + register: output + +- name: Assert that output has changed + assert: + that: + - output.changed == True + - output.failed == False + +- name: Recreate API Management service( Idempotent test) + azure_rm_apimanagementservice: + resource_group: "{{ resource_group }}" + name: "{{ name }}" + publisher_email: user@example.com + publisher_name: Username + sku_name: Developer + sku_capacity: 1 + register: output + +- name: Assert that output has changed + assert: + that: + - output.changed == False + - output.failed == False + +- name: Get api management service information + azure_rm_apimanagementservice_info: + resource_group: "{{ resource_group }}" + name: "{{ name }}" + register: output + +- name: Assert that output has changed + assert: + that: + - output.api_management_service.name == "{{ name }}" + +- name: To delete an api management service + azure_rm_apimanagementservice: + resource_group: "{{ resource_group }}" + name: "{{ name }}" + state: absent + register: output + +- name: Assert the changes + assert: + that: + - output.changed == True diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_appgateway/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_appgateway/aliases new file mode 100644 index 000000000..77e564784 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_appgateway/aliases @@ -0,0 +1,4 @@ +cloud/azure +destructive +shippable/azure/group6 +disabled diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_appgateway/files/cert1.txt b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_appgateway/files/cert1.txt new file mode 100644 index 000000000..82a13f4ce --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_appgateway/files/cert1.txt @@ -0,0 +1 @@ +MIIMAjCCCeqgAwIBAgITLQAAMpnXBx230XCKQgAAAAAymTANBgkqhkiG9w0BAQsFADCBizELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEVMBMGA1UECxMMTWljcm9zb2Z0IElUMR4wHAYDVQQDExVNaWNyb3NvZnQgSVQgVExTIENBIDUwHhcNMTcwNzIwMTc0NzA4WhcNMTkwNzEwMTc0NzA4WjAXMRUwEwYDVQQDEwx3d3cuYmluZy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6jsg+/7DlIrdgFOcaDlK3RQ9sIgkJsgpj+ZxAbIe3ziyimIxjVlHX87pqgXcNhaYNbCFD0iPm+aUfbv4GDTLR+AIr8eSegqxZ+CBToYM67NhpVYra1KAvY4XgqxorO4FB9IWYJRqhI3SZeZ3lLK5t9XuUMicG8l52nJfpPdXXvBca2wUCq8FHEObG81vJzESA0htLLPTjdUWBQnXPiW5bqzlGHzzv8ISV6jtDLNNa5JRlhSlXho+6pCedhNF7MP4yTaantPvAELLRWX13VhjgoCcRCCu0s8rxW5DuVWl2Pb2iw35MFnNWlcoVwq0AjAfGA+xEba/WLid6qfkQctYjAgMBAAGjggfQMIIHzDAdBgNVHQ4EFgQUCYflhSl4MCAls91+3GztpSmoA3AwCwYDVR0PBAQDAgSwMB8GA1UdIwQYMBaAFAj+JZ906ocEwry7jqg4XzPG0WxlMIGsBgNVHR8EgaQwgaEwgZ6ggZuggZiGS2h0dHA6Ly9tc2NybC5taWNyb3NvZnQuY29tL3BraS9tc2NvcnAvY3JsL01pY3Jvc29mdCUyMElUJTIwVExTJTIwQ0ElMjA1LmNybIZJaHR0cDovL2NybC5taWNyb3NvZnQuY29tL3BraS9tc2NvcnAvY3JsL01pY3Jvc29mdCUyMElUJTIwVExTJTIwQ0ElMjA1LmNybDCBhQYIKwYBBQUHAQEEeTB3MFEGCCsGAQUFBzAChkVodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpL21zY29ycC9NaWNyb3NvZnQlMjBJVCUyMFRMUyUyMENBJTIwNS5jcnQwIgYIKwYBBQUHMAGGFmh0dHA6Ly9vY3NwLm1zb2NzcC5jb20wPgYJKwYBBAGCNxUHBDEwLwYnKwYBBAGCNxUIh9qGdYPu2QGCyYUbgbWeYYX062CBXYTS30KC55N6AgFkAgEQMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBNBgNVHSAERjBEMEIGCSsGAQQBgjcqATA1MDMGCCsGAQUFBwIBFidodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpL21zY29ycC9jcHMwJwYJKwYBBAGCNxUKBBowGDAKBggrBgEFBQcDAjAKBggrBgEFBQcDATCCBW0GA1UdEQSCBWQwggVgggx3d3cuYmluZy5jb22CEGRpY3QuYmluZy5jb20uY26CEyoucGxhdGZvcm0uYmluZy5jb22CCiouYmluZy5jb22CCGJpbmcuY29tghZpZW9ubGluZS5taWNyb3NvZnQuY29tghMqLndpbmRvd3NzZWFyY2guY29tghljbi5pZW9ubGluZS5taWNyb3NvZnQuY29tghEqLm9yaWdpbi5iaW5nLmNvbYINKi5tbS5iaW5nLm5ldIIOKi5hcGkuYmluZy5jb22CGGVjbi5kZXYudmlydHVhbGVhcnRoLm5ldIINKi5jbi5iaW5nLm5ldIINKi5jbi5iaW5nLmNvbYIQc3NsLWFwaS5iaW5nLmNvbYIQc3NsLWFwaS5iaW5nLm5ldIIOKi5hcGkuYmluZy5uZXSCDiouYmluZ2FwaXMuY29tgg9iaW5nc2FuZGJveC5jb22CFmZlZWRiYWNrLm1pY3Jvc29mdC5jb22CG2luc2VydG1lZGlhLmJpbmcub2ZmaWNlLm5ldIIOci5iYXQuYmluZy5jb22CECouci5iYXQuYmluZy5jb22CEiouZGljdC5iaW5nLmNvbS5jboIPKi5kaWN0LmJpbmcuY29tgg4qLnNzbC5iaW5nLmNvbYIQKi5hcHBleC5iaW5nLmNvbYIWKi5wbGF0Zm9ybS5jbi5iaW5nLmNvbYINd3AubS5iaW5nLmNvbYIMKi5tLmJpbmcuY29tgg9nbG9iYWwuYmluZy5jb22CEXdpbmRvd3NzZWFyY2guY29tgg5zZWFyY2gubXNuLmNvbYIRKi5iaW5nc2FuZGJveC5jb22CGSouYXBpLnRpbGVzLmRpdHUubGl2ZS5jb22CDyouZGl0dS5saXZlLmNvbYIYKi50MC50aWxlcy5kaXR1LmxpdmUuY29tghgqLnQxLnRpbGVzLmRpdHUubGl2ZS5jb22CGCoudDIudGlsZXMuZGl0dS5saXZlLmNvbYIYKi50My50aWxlcy5kaXR1LmxpdmUuY29tghUqLnRpbGVzLmRpdHUubGl2ZS5jb22CCzNkLmxpdmUuY29tghNhcGkuc2VhcmNoLmxpdmUuY29tghRiZXRhLnNlYXJjaC5saXZlLmNvbYIVY253ZWIuc2VhcmNoLmxpdmUuY29tggxkZXYubGl2ZS5jb22CDWRpdHUubGl2ZS5jb22CEWZhcmVjYXN0LmxpdmUuY29tgg5pbWFnZS5saXZlLmNvbYIPaW1hZ2VzLmxpdmUuY29tghFsb2NhbC5saXZlLmNvbS5hdYIUbG9jYWxzZWFyY2gubGl2ZS5jb22CFGxzNGQuc2VhcmNoLmxpdmUuY29tgg1tYWlsLmxpdmUuY29tghFtYXBpbmRpYS5saXZlLmNvbYIObG9jYWwubGl2ZS5jb22CDW1hcHMubGl2ZS5jb22CEG1hcHMubGl2ZS5jb20uYXWCD21pbmRpYS5saXZlLmNvbYINbmV3cy5saXZlLmNvbYIcb3JpZ2luLmNud2ViLnNlYXJjaC5saXZlLmNvbYIWcHJldmlldy5sb2NhbC5saXZlLmNvbYIPc2VhcmNoLmxpdmUuY29tghJ0ZXN0Lm1hcHMubGl2ZS5jb22CDnZpZGVvLmxpdmUuY29tgg92aWRlb3MubGl2ZS5jb22CFXZpcnR1YWxlYXJ0aC5saXZlLmNvbYIMd2FwLmxpdmUuY29tghJ3ZWJtYXN0ZXIubGl2ZS5jb22CE3dlYm1hc3RlcnMubGl2ZS5jb22CFXd3dy5sb2NhbC5saXZlLmNvbS5hdYIUd3d3Lm1hcHMubGl2ZS5jb20uYXUwDQYJKoZIhvcNAQELBQADggIBADTpW/UWeupk40OP6k4yxihKStswxwqPAfMRmx4XyqmTAawAKRNM+6EZth1BQdPdOplwRTvs69kkmUHJH+ZjYXBezEACWkzEiNUQnzkRWajdSQIz08Ubj/mBD6U8xLYD+NXgiB0xNWabd8aiPsqPaj6I3qkNw4JvtgtHZQG1zlwC5/Lu6yV3DM3sKpQMyBmOnX6nVUiS0MTOzLgZOQzRk07nO7EXWGcKTmDBjE8cqv5IA/jQ6gtaxCI5pDxfXK4ct7oQyoChfxOXcEDKMmMndFmg9ch5c4an/FRM2cgzDfjR01A71LNUpLUdOjNV0T+ZEStqEpdyDFfjrHGDtzLyqEz3iyvvQFyjmlGh6OtZXwjCPpnVSrKCmfJKio0kUxyq+6t5tZAQbPVgFKiMrVnU+sgvmNVip1toijyz8vMVCkwJ2G++7xjJukoELMxZ50W4/SAMZLy1Asx02NBwYCu9+CTQPVnmPe7rmxhlQRBOfDNa1+5jwRHY64YudEzKhWR1uqS3ABd/fk+TL86yuNYGAgxnOm1FtOGieRgViV3+NzC+bDbuUOtmbD/GvDGmRwJRcCTHL7jBmkHePh2ABY93NE/IbkaDP6l1Kw98AfqkzSUxhqHXuThe7KIoX9/0zv4AA1WZFis1QvAG7dpl9eio6vCdC/73HvBAlqRL+7Mb1uu0 diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_appgateway/files/cert2.txt b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_appgateway/files/cert2.txt new file mode 100644 index 000000000..a539dbcaf --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_appgateway/files/cert2.txt @@ -0,0 +1 @@ +MIIKsQIBAzCCCm0GCSqGSIb3DQEHAaCCCl4EggpaMIIKVjCCBg8GCSqGSIb3DQEHAaCCBgAEggX8MIIF+DCCBfQGCyqGSIb3DQEMCgECoIIE/jCCBPowHAYKKoZIhvcNAQwBAzAOBAj37r+wRsc6/gICB9AEggTY1V5HNscO+2bZb7JSMme1ljERe7DCiRE2cJsPKlwW2/NEiSqAUX7gXKK0ISr6Dto71rFdza0uPwbcQoPN1QwkJHSAkxWg4OcAx2kf7077tlHhf5rzxTn5V3wXM0Q3h6NsDjSqSHjYVISIiXItUzlDaBpMY/NUFNCTyJR5I91MWsljrJ/bQaAIo57HJR9nzjY5DaBA9P3bAhmX5LJRGsJWoCEaGeeVQ3Yn6yD06ordiJnf6dNxqQGN+o2x54gqfmw+RnoC2f8VAsTIfb3fwJPKdg2JiJIa6Ms2Sc8VR7VGmZt34qZwTPBrzeqJjtIMT41bBae46lmma8ypYwErqzOYSrHqXPXzaxlloYy81HYWAsJTWyBxTsVBcLom5m9ru79+SKG35xY1wSkzZmWMNFfVRFCJy/X+h2ErrGYjogCHYaIUmiosvUccwRUXGU083ul9iTcz/Dl79VBz63OFX/CnZMDTQ8ugbqpvW78pAnBU0r8MUubHciD1sJG2zmMlxCAzan6BLm9OMyhTNIbzYOjQQw99MQQys/ZeyNLqTFHTeGRfU2ewqgHjbH2PYCQfjipXSmdmsSsGxlLA9AOtwAk3QKJ77P03HRGOeXmy/I4iIHuIQuaQcjfprNR2fI36dftDo7U4gvRQHkiti+zNVqpi3/hIc2k7O8bCcMeSvfIlUvWIPUrUceZmpVPpLdcFcQbN9+1nZwiFYydOhrPnlp40rSO3RM08EmQUfRYt8fwRFcoWBX3b411vOqZVGeMfMtThMYI53R4Cmh5tUp93FslHNmIfnuewhHfIm+vtCicLcW6TaC2l4EqmNf0flK5m5nANotCfqj87MPsB83qPwol/91BTKaxuH2hKrZDgU1ibPE8NhzBinp2ANi0BHK3Sl0CsC2MPyZpFY+4MWvk/SI9ex4VsKYKmhubOFkhDLLBZH0UEmUdNTH4Gd76GsDnfI9arR2ctM9ecTPeu74hKiHlNZhc4U3TX20FBeqF5tZYnfCLRhvdiNM9AlwEKqqQEe0W7PrALcNVdjhJl0X9+0Br28E3RKZQRITWa10Vjmh0WcYrzEQ3/qEZYbqVpHMp+kdrHxB65v0zlGxjdwyKzafLzqYXmaHOyVlFnkayNaAkVVxOCzNrxB9HfhjvhjWafeMvA0p7O9CxTD2xPEhUaHQ5j7L8F0alfMYcg73SdGHAcY6AV8+eh0jqs3IF68cquXOl5Bm8uYKRjtgl9nY6hYc0lRDdtFHZo8ayNDr0cltNU7XZTaCKVNSDTRn92rTNJY0E3PD5HSKcRi58WJrIgEDGasyleRkRlGTY7512Qut0rg7m1Eyp6MK+sNmSSA7cR70pH7I1dwy4VrJMODdMH11y1QJF2EQWQdN00Js54tjVgTIO3btb5N7jhNYpRedv0a4UZ8TdDI4ZMCMf3SdP3xbQ06M1pFrS8WQzwp3KTk8vmnseJL84n0hC8KqWmGmTWHTa9dwmopeM6Xh/Jm1pkrgrloxqfSlscGEJE0plAnk1mLx29FxswfZ6a7pNKg7CydK4SiDkqM+pWukPbgKODqYPUvS0nk3RGGXvZSIzTbvm77tF+MqXOb6Rn+IflIk4yZsjIBQA0I/bQ78YDzXUVsrtAi9waRoCZs+L48NUy4zpKn25FMqkrziVn+TGB4jANBgkrBgEEAYI3EQIxADATBgkqhkiG9w0BCRUxBgQEAQAAADBdBgkqhkiG9w0BCRQxUB5OAHQAZQAtAGMANwBmADEAYwBhADYAMQAtADQAOAA1ADQALQA0ADgAZQBmAC0AYQAwADgANQAtAGQANABhADIAZgA1AGYAOAAyADcAZAAxMF0GCSsGAQQBgjcRATFQHk4ATQBpAGMAcgBvAHMAbwBmAHQAIABTAHQAcgBvAG4AZwAgAEMAcgB5AHAAdABvAGcAcgBhAHAAaABpAGMAIABQAHIAbwB2AGkAZABlAHIwggQ/BgkqhkiG9w0BBwagggQwMIIELAIBADCCBCUGCSqGSIb3DQEHATAcBgoqhkiG9w0BDAEDMA4ECFcAfrkm3ibUAgIH0ICCA/hlBog8GY9GCpucTwAxBGa0cOGQ29EK0xfrmY/Dv59IeJhRr47Mvl1XNk5PIInb64RsOVr00jrJAbfgLLKMBowcQLT7k6jGbGBdOzC57x9DNP0VuHsIIym0Z+SpJgEWBbtdBTGzgNw/YoXYxT4Rtka9ScSyCFjmmCzXz7bGLqC7yrGb7BzigQ9y4u4bg0pf75pERzN8rJM29Ob2IydkgARfpmbNKjdMCtD6dI7tafG2lQfUX6sgQY+Sy5HTz3ansN8X1yv2WQTu8Drxf2ce55v4WrFbPTTND94ubgDt7jvbCe1DuNP1DAYmQ5pbW0GGqF1x2csK5WWD7J8FD08VaQFM8y8pGIUeUkN4rYU3eTdTAQe+ec2hOr9QZn1Sb/p5u4KqIMn4MSCQ8EU0gXa2JETdUjXPr/5JFZTidJYagRyMIkYnwg9uusikctulaBsHMBKMYQ0Z19CEbcd2phdoxWTrtp7kwwjnu64zPgE6ALe9yJOT8AFEB6H1c16Z+aPGj9hbhkh6tcdGWUvzDYq08wjKjP3nA78StIisUmeZPfAXJUquPzRZr0pmcwYWfyP54TdC2BvPlLW/QXVV44IGxUdLuI6mz4p+O2+xKu9QMFwdcpij2ZK4uMrBLDo7ZoTQ4rBRnn471AMUKgeP0D5tbl8PygUU1RqHv34ok3fwx0WglzdMQJyt53PiPWW4lipwUtUfd0eD8CXoMccf8XJmugVUBCD1wQsyCW6RrR9RX8HXVBrm5O2HKfJcQYznl3qHqXb6ofvbOQ3S+v0ALN+sma8Tn6JceVTAOH+UuMdcu0FIDYnpmrvMecnJ2kbs1Y35mj4rSJyP5PGLg+ygb9VlBPwCCem/jHL+YivN38+0oWqfn2slyI4FNKX+5U8M6xpiEaq6McKwKZC1d51A4dUdMAkO2d1Z6rVjqhKeqE6HWD9A0cyPBFZpNQskUfNDW8qILLEfEjhBi+s1LkHzKDykCN/ReFfRiQS84DekoC59cymM8Hs1geMWCMFWfut4HTd7ItYaiJz5qpYVY4U/8myhyWnrktjLjQ6OkdM9bBDIpRHj95MYEC26NlWQZwjk+yynPTZf0w5p2Ok6Dq2shJFykuJ1VkelgvsPe8qMa55Wp11dpREIFzXouPXNP/vFpziZcl1OKTd7Dwa+ruQFRfsoZGzupsBOYxrmYqr6kOm5mzMW0HAlsWwl5mY2aSQMvXBE6k32xTkPIlIp763Ee4m6cmx4+SDcO5D+a9t05QY4JmssL+x3T9qsbXSXDPEsg0cfVvuQYy9AYkIFOes4G45IagRAvhQQj9bEh8kTvp8CFDDtIrbWjX50zreb51VcAcEkIOLyROtIdLem0zA7MB8wBwYFKw4DAhoEFC0i4I5iwNYQug0vTVS0JC/Qm+/NBBTsUM0D9QxIZYUi+qlDy14sOcEaUwICB9A= diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_appgateway/files/cert3b64.txt b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_appgateway/files/cert3b64.txt new file mode 100644 index 000000000..204aaeb1a --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_appgateway/files/cert3b64.txt @@ -0,0 +1 @@ +LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUZhekNDQTFPZ0F3SUJBZ0lVTCtURUFCTXdnNlRwaTZLN3Y1SGl6ZlJJaXY0d0RRWUpLb1pJaHZjTkFRRUwKQlFBd1JURUxNQWtHQTFVRUJoTUNRVlV4RXpBUkJnTlZCQWdNQ2xOdmJXVXRVM1JoZEdVeElUQWZCZ05WQkFvTQpHRWx1ZEdWeWJtVjBJRmRwWkdkcGRITWdVSFI1SUV4MFpEQWVGdzB5TWpBNU1qY3dPVFU1TkRCYUZ3MHlNekE1Ck1qY3dPVFU1TkRCYU1FVXhDekFKQmdOVkJBWVRBa0ZWTVJNd0VRWURWUVFJREFwVGIyMWxMVk4wWVhSbE1TRXcKSHdZRFZRUUtEQmhKYm5SbGNtNWxkQ0JYYVdSbmFYUnpJRkIwZVNCTWRHUXdnZ0lpTUEwR0NTcUdTSWIzRFFFQgpBUVVBQTRJQ0R3QXdnZ0lLQW9JQ0FRRE04dHM4YjVkYmhjVkpiMWFjMThaYS92RTh1Ly9oOVZSV3RuSmRxQjhSCkpmRDk3QjFTZ21GbnR2aE92MWJVTEF4VmZkMTRWcGRneUo0QUkrUHRkV2NFbWVvbUxYMkFwZmJSb01LMUhPZFAKYWU2UmRySzYxbkh6QUdhQ2tDVDh1YjVXek0zRnFjWHhJSW84R1BqaXFIaGd5Yy9JVUJBdE42ZGZSVXovSDdpYwpGb25UUTdvWndYRFNSKzUxNHpTeTNzcU9MWTIxbFl5YStqSXNxcldySG9KYnpuUy83Q3BhK25iTENHdEFvTTJwCk5EMVUwVUY0OFJ4NStFdlRLY0FDUGgwQ2hVejZLZVN2SWpnVm81WUo4c0xjK2w1LzdhNkRHVzhCQ3h0VHVSZ3oKL2lEK0pkeTJ4ZmpTekVmQk9tWlVSTkwwalNwczcwZU1ScWsrOUUwSTUwU2RFVFg4Um5HdkF0QlB4TFdyajRXdwpXa2Q2cTQ4TXU3aGM3TmZtZzJ0NzRQMFUvQ2hiSHNIQ1dmSlZrTkVIWnQ1WjZ4NHNkSzJmZFN2clBITVRNaE5pCkxXZjdMaDVLaG5BY0xaRnp0UjBzZis5ZWp0bTV2dTBZWHBJYUxuMEExdThITXJRV3lHYTByOExhQ1V6bmpxSlkKNXVIQUNJbkZwMzlkMXBpeUdRRkk1SzA1OGdxOU51UGhLdytaVENsZjBlMmFyQUVIT2VIdzN2V3ZjYmg1cHE4NQp6T3YzUnBIUUhpbm1WRUdNNHV0cld6Ry9kNGNWSlU3UW5RbzcyU0V3M0oxTWRrU1JpTWVpYTlkUGxmWVkvRzJLCnVweFR4aWlzeXVQek1BckVUZEdBUVpyMkd2YlRNakI1eXJwcjFCTEVJVWwzd1Y3Mmw5YnY1SXp0YnJ2Ly9nUWQKK1FJREFRQUJvMU13VVRBZEJnTlZIUTRFRmdRVUJoK0FUT0ovMTZlMDhxYkltTW1KRitsajBFRXdId1lEVlIwagpCQmd3Rm9BVUJoK0FUT0ovMTZlMDhxYkltTW1KRitsajBFRXdEd1lEVlIwVEFRSC9CQVV3QXdFQi96QU5CZ2txCmhraUc5dzBCQVFzRkFBT0NBZ0VBeUswV0V5Vy9yYTFiYnVKazF1WG85RUdVUlp3OWYzcklsR1gzd3lKMTdCYzYKd3BDeUZnZ3h5T1ZsWVg3empyN3EwY2dNNGFKL1ZWUHEzUVk3WE8yNDZNYm1BcUpFMFRpeVUyazBtcGVQRXkyVApncGJUdHhCWkZaak8zRko5Y1dhVmlCR2xBaURxMEV5cWlmWEljZk5zd29VdXZVeTBjNWNTZVAwekMvaUxzZEU1ClBPZEtNbXc3NGZWdzg3MUxDcFIrcGhnZFBwSTFCaHdnem1nZms3QXZGYmxlYU1ITUt2S3NZZWh0NktPSHNtRkUKbzZaaTgvcTI1SFNEKzE0RkNyZ0x3Zm9NazdDUUlpbVJJVVJRNUh3Q2s0cGZ5SlJXcXRiUVJEYmhMeUFpQ3g4Kwpzb0FEaXRNSVFPdTlEN1haTnhXQ1BYZ25pN2VGaUR3UmtseE9DVmwxTC9hYzU2bTlmS1NjbyttN2VZZTJpY0E1CnBtVnV3ZDlKSDhRRGlrNG05KzY3dVZWSzVqVGR2WGZqVFZtNlhVOG1MWUo2WGU4UFlwUmNVZWZJS0xMRmw1d0QKTGRrZlZUa244RFMrZ1hBNGtNSDFGM0xHVXlrNTFQSTlWZWdPVGRhMzdPWUxYeURuS1FiQmxncHFxUCtTRGdDbQpDN3dqakZIeFFvUGZxVjVpOTFjdkNWc1hNdFFwdUJzZmM4blVnZ205QjMxMUE0RTc4dEZwRkNtUmxJMHUxQ0Q1CnFMc2c4ZG5lc1ltWis2WjNvcG5RL0x0SWNEZGVnUDhBWitHSkUxWllrZ2M5R3BkSjZHRXc4bWJUdG9rNmRtTHkKZWQ3NkcvV0d5OVprMjFTQU9HYjYzRG1pc3lweVN5bjhhcGpDWXEvRDBQTXNwRnJjenFKS1AzenVqYWI4bjdnPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_appgateway/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_appgateway/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_appgateway/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_appgateway/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_appgateway/tasks/main.yml new file mode 100644 index 000000000..1367300c7 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_appgateway/tasks/main.yml @@ -0,0 +1,2628 @@ +- name: Prepare random number + set_fact: + rpfx: "{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + cert1_file: "cert1.txt" + cert2_file: "cert2.txt" + cert3b64_file: "cert3b64.txt" + run_once: yes +- name: Set json query to only retrieve gateways from this test + set_fact: + query: "[?ends_with(name, `{{ rpfx }}`)]" + run_once: yes + +- name: Load app gateways + azure_rm_appgateway_info: + register: appgw_output +- name: Assert there are no gateways + assert: + that: + - appgw_output.gateways | community.general.json_query(query) | length == 0 + +- name: Create a virtual network + azure_rm_virtualnetwork: + name: vnet{{ rpfx }} + resource_group: "{{ resource_group }}" + address_prefixes_cidr: + - 10.1.0.0/16 + - 172.100.0.0/16 + dns_servers: + - 127.0.0.1 + - 127.0.0.2 + register: vnet_output +- name: Create a subnet + azure_rm_subnet: + name: subnet{{ rpfx }} + virtual_network_name: vnet{{ rpfx }} + resource_group: "{{ resource_group }}" + address_prefix_cidr: 10.1.0.0/24 + register: subnet_output + +- name: Create instance of Application Gateway -- check mode + azure_rm_appgateway: + resource_group: "{{ resource_group }}" + name: "appgateway{{ rpfx }}" + sku: + name: standard_small + tier: standard + capacity: 2 + ssl_policy: + policy_type: predefined + policy_name: ssl_policy20150501 + authentication_certificates: + - name: cert1 + data: "{{ lookup('file', cert1_file) }}" + ssl_certificates: + - name: cert2 + password: your-password + data: "{{ lookup('file', cert2_file) }}" + gateway_ip_configurations: + - subnet: + id: "{{ subnet_output.state.id }}" + name: app_gateway_ip_config + frontend_ip_configurations: + - subnet: + id: "{{ subnet_output.state.id }}" + name: sample_gateway_frontend_ip_config + frontend_ports: + - port: 90 + name: ag_frontend_port + - port: 80 + name: http_frontend_port + backend_address_pools: + - backend_addresses: + - ip_address: 10.0.0.4 + name: test_backend_address_pool + probes: + - name: custom_probe + protocol: http + host: 10.0.0.4 + path: /healthz + interval: 30 + timeout: 30 + unhealthy_threshold: 3 + backend_http_settings_collection: + - port: 80 + protocol: http + cookie_based_affinity: enabled + probe: custom_probe + name: sample_appgateway_http_settings + http_listeners: + - frontend_ip_configuration: sample_gateway_frontend_ip_config + frontend_port: ag_frontend_port + protocol: https + ssl_certificate: cert2 + name: sample_http_listener + - frontend_ip_configuration: sample_gateway_frontend_ip_config + frontend_port: http_frontend_port + protocol: http + name: http_listener + request_routing_rules: + - rule_type: Basic + backend_address_pool: test_backend_address_pool + backend_http_settings: sample_appgateway_http_settings + http_listener: sample_http_listener + name: rule1 + - rule_type: Basic + http_listener: http_listener + redirect_configuration: redirect_site_to_https + name: http_redirect_rule + redirect_configurations: + - redirect_type: permanent + target_listener: sample_http_listener + include_path: true + include_query_string: true + name: redirect_site_to_https + register: output + check_mode: yes +- name: Assert the resource instance is well created + assert: + that: + - output.changed + +- name: Create instance of Application Gateway + azure_rm_appgateway: + resource_group: "{{ resource_group }}" + name: "appgateway{{ rpfx }}" + sku: + name: standard_small + tier: standard + capacity: 2 + ssl_policy: + policy_type: predefined + policy_name: ssl_policy20150501 + authentication_certificates: + - name: cert1 + data: "{{ lookup('file', cert1_file) }}" + ssl_certificates: + - name: cert2 + password: your-password + data: "{{ lookup('file', cert2_file) }}" + gateway_ip_configurations: + - subnet: + id: "{{ subnet_output.state.id }}" + name: app_gateway_ip_config + frontend_ip_configurations: + - subnet: + id: "{{ subnet_output.state.id }}" + name: sample_gateway_frontend_ip_config + frontend_ports: + - port: 90 + name: ag_frontend_port + - port: 80 + name: http_frontend_port + backend_address_pools: + - backend_addresses: + - ip_address: 10.0.0.4 + name: test_backend_address_pool + probes: + - name: custom_probe + protocol: http + host: 10.0.0.4 + path: /healthz + interval: 30 + timeout: 30 + unhealthy_threshold: 3 + backend_http_settings_collection: + - port: 80 + protocol: http + cookie_based_affinity: enabled + probe: custom_probe + name: sample_appgateway_http_settings + http_listeners: + - frontend_ip_configuration: sample_gateway_frontend_ip_config + frontend_port: ag_frontend_port + protocol: https + ssl_certificate: cert2 + name: sample_http_listener + - frontend_ip_configuration: sample_gateway_frontend_ip_config + frontend_port: http_frontend_port + protocol: http + name: http_listener + request_routing_rules: + - rule_type: Basic + backend_address_pool: test_backend_address_pool + backend_http_settings: sample_appgateway_http_settings + http_listener: sample_http_listener + name: rule1 + - rule_type: Basic + http_listener: http_listener + redirect_configuration: redirect_site_to_https + name: http_redirect_rule + redirect_configurations: + - redirect_type: permanent + target_listener: sample_http_listener + include_path: true + include_query_string: true + name: redirect_site_to_https + register: output +- name: Assert the resource instance is well created + assert: + that: + - output.changed + +- name: Load app gateway + azure_rm_appgateway_info: + name: "appgateway{{ rpfx }}" + resource_group: "{{ resource_group }}" + register: output +- name: Assert properties + assert: + that: + - output.gateways | length == 1 + - output.gateways[0].name == 'appgateway{{ rpfx }}' + - output.gateways[0].ssl_policy + - output.gateways[0].ssl_policy.policy_type == 'predefined' + - output.gateways[0].ssl_policy.policy_name == 'ssl_policy20150501' + +- name: Stop instance of Application Gateway -- check mode + azure_rm_appgateway: + resource_group: "{{ resource_group }}" + name: "appgateway{{ rpfx }}" + gateway_state: stopped + check_mode: true + register: output +- name: Assert the resource instance is stopped + assert: + that: + - output.changed + +- name: Stop instance of Application Gateway + azure_rm_appgateway: + resource_group: "{{ resource_group }}" + name: "appgateway{{ rpfx }}" + gateway_state: stopped + register: output +- name: Assert the resource instance is stopped + assert: + that: + - output.changed + - output.operational_state == 'Stopped' + +- name: Stop already stopped instance of Application Gateway + azure_rm_appgateway: + resource_group: "{{ resource_group }}" + name: "appgateway{{ rpfx }}" + gateway_state: stopped + register: output +- name: Assert the resource instance did not change + assert: + that: + - not output.changed + - output.operational_state == 'Stopped' + +- name: Start instance of Application Gateway -- check mode + azure_rm_appgateway: + resource_group: "{{ resource_group }}" + name: "appgateway{{ rpfx }}" + gateway_state: started + check_mode: true + register: output +- name: Assert the resource instance is started + assert: + that: + - output.changed + +- name: Start instance of Application Gateway + azure_rm_appgateway: + resource_group: "{{ resource_group }}" + name: "appgateway{{ rpfx }}" + gateway_state: started + register: output +- name: Assert the resource instance is started + assert: + that: + - output.changed + - output.operational_state == 'Running' + +- name: Start already started instance of Application Gateway + azure_rm_appgateway: + resource_group: "{{ resource_group }}" + name: "appgateway{{ rpfx }}" + gateway_state: started + register: output +- name: Assert the resource instance did not change + assert: + that: + - not output.changed + - output.operational_state == 'Running' + +- name: Try to update instance of Application Gateway - no change + azure_rm_appgateway: + resource_group: "{{ resource_group }}" + name: "appgateway{{ rpfx }}" + sku: + name: standard_small + tier: standard + capacity: 2 + ssl_policy: + policy_type: predefined + policy_name: ssl_policy20150501 + authentication_certificates: + - name: cert1 + data: "{{ lookup('file', cert1_file) }}" + ssl_certificates: + - name: cert2 + password: your-password + data: "{{ lookup('file', cert2_file) }}" + gateway_ip_configurations: + - subnet: + id: "{{ subnet_output.state.id }}" + name: app_gateway_ip_config + frontend_ip_configurations: + - subnet: + id: "{{ subnet_output.state.id }}" + name: sample_gateway_frontend_ip_config + frontend_ports: + - port: 90 + name: ag_frontend_port + - port: 80 + name: http_frontend_port + backend_address_pools: + - backend_addresses: + - ip_address: 10.0.0.4 + name: test_backend_address_pool + probes: + - name: custom_probe + protocol: http + host: 10.0.0.4 + path: /healthz + interval: 30 + timeout: 30 + unhealthy_threshold: 3 + backend_http_settings_collection: + - port: 80 + protocol: http + cookie_based_affinity: enabled + probe: custom_probe + name: sample_appgateway_http_settings + http_listeners: + - frontend_ip_configuration: sample_gateway_frontend_ip_config + frontend_port: ag_frontend_port + protocol: https + ssl_certificate: cert2 + name: sample_http_listener + - frontend_ip_configuration: sample_gateway_frontend_ip_config + frontend_port: http_frontend_port + protocol: http + name: http_listener + request_routing_rules: + - rule_type: Basic + backend_address_pool: test_backend_address_pool + backend_http_settings: sample_appgateway_http_settings + http_listener: sample_http_listener + name: rule1 + - rule_type: Basic + http_listener: http_listener + redirect_configuration: redirect_site_to_https + name: http_redirect_rule + redirect_configurations: + - redirect_type: permanent + target_listener: sample_http_listener + include_path: true + include_query_string: true + name: redirect_site_to_https + register: output +- name: Assert the resource instance is not changed + assert: + that: + - not output.changed + +- name: Try to update instance of Application Gateway - single change + azure_rm_appgateway: + resource_group: "{{ resource_group }}" + name: "appgateway{{ rpfx }}" + sku: + name: standard_small + tier: standard + capacity: 2 + ssl_policy: + policy_type: predefined + policy_name: ssl_policy20150501 + authentication_certificates: + - name: cert1 + data: "{{ lookup('file', cert1_file) }}" + ssl_certificates: + - name: cert2 + password: your-password + data: "{{ lookup('file', cert2_file) }}" + gateway_ip_configurations: + - subnet: + id: "{{ subnet_output.state.id }}" + name: app_gateway_ip_config + frontend_ip_configurations: + - subnet: + id: "{{ subnet_output.state.id }}" + name: sample_gateway_frontend_ip_config + frontend_ports: + - port: 90 + name: ag_frontend_port + - port: 80 + name: http_frontend_port + backend_address_pools: + - backend_addresses: + - ip_address: 10.0.0.4 + name: test_backend_address_pool + probes: + - name: custom_probe + protocol: http + host: 10.0.0.4 + path: /healthz + interval: 30 + timeout: 30 + unhealthy_threshold: 3 + backend_http_settings_collection: + - port: 81 + protocol: http + cookie_based_affinity: enabled + probe: custom_probe + name: sample_appgateway_http_settings + http_listeners: + - frontend_ip_configuration: sample_gateway_frontend_ip_config + frontend_port: ag_frontend_port + protocol: https + ssl_certificate: cert2 + name: sample_http_listener + - frontend_ip_configuration: sample_gateway_frontend_ip_config + frontend_port: http_frontend_port + protocol: http + name: http_listener + request_routing_rules: + - rule_type: Basic + backend_address_pool: test_backend_address_pool + backend_http_settings: sample_appgateway_http_settings + http_listener: sample_http_listener + name: rule1 + - rule_type: Basic + http_listener: http_listener + redirect_configuration: redirect_site_to_https + name: http_redirect_rule + redirect_configurations: + - redirect_type: permanent + target_listener: sample_http_listener + include_path: true + include_query_string: true + name: redirect_site_to_https + register: output +- name: Assert the resource instance is updated + assert: + that: + - output.changed + +- name: Update SSL config for Application Gateway + azure_rm_appgateway: + resource_group: "{{ resource_group }}" + name: "appgateway{{ rpfx }}" + sku: + name: standard_small + tier: standard + capacity: 2 + ssl_policy: + policy_type: custom + cipher_suites: + - tls_ecdhe_rsa_with_aes_128_gcm_sha256 + - tls_ecdhe_ecdsa_with_aes_128_gcm_sha256 + - tls_ecdhe_ecdsa_with_aes_256_gcm_sha384 + min_protocol_version: tls_v1_2 + authentication_certificates: + - name: cert1 + data: "{{ lookup('file', cert1_file) }}" + ssl_certificates: + - name: cert2 + password: your-password + data: "{{ lookup('file', cert2_file) }}" + gateway_ip_configurations: + - subnet: + id: "{{ subnet_output.state.id }}" + name: app_gateway_ip_config + frontend_ip_configurations: + - subnet: + id: "{{ subnet_output.state.id }}" + name: sample_gateway_frontend_ip_config + frontend_ports: + - port: 90 + name: ag_frontend_port + - port: 80 + name: http_frontend_port + backend_address_pools: + - backend_addresses: + - ip_address: 10.0.0.4 + name: test_backend_address_pool + probes: + - name: custom_probe + protocol: http + host: 10.0.0.4 + path: /healthz + interval: 30 + timeout: 30 + unhealthy_threshold: 3 + backend_http_settings_collection: + - port: 81 + protocol: http + cookie_based_affinity: enabled + probe: custom_probe + name: sample_appgateway_http_settings + http_listeners: + - frontend_ip_configuration: sample_gateway_frontend_ip_config + frontend_port: ag_frontend_port + protocol: https + ssl_certificate: cert2 + name: sample_http_listener + - frontend_ip_configuration: sample_gateway_frontend_ip_config + frontend_port: http_frontend_port + protocol: http + name: http_listener + request_routing_rules: + - rule_type: Basic + backend_address_pool: test_backend_address_pool + backend_http_settings: sample_appgateway_http_settings + http_listener: sample_http_listener + name: rule1 + - rule_type: Basic + http_listener: http_listener + redirect_configuration: redirect_site_to_https + name: http_redirect_rule + redirect_configurations: + - redirect_type: permanent + target_listener: sample_http_listener + include_path: true + include_query_string: true + name: redirect_site_to_https + register: output +- name: Assert the resource instance is updated + assert: + that: + - output.changed + +- name: Load app gateway + azure_rm_appgateway_info: + name: "appgateway{{ rpfx }}" + resource_group: "{{ resource_group }}" + register: output +- name: Assert SSL config updated + assert: + that: + - output.gateways[0].ssl_policy.policy_type == 'custom' + +- name: Try to update SSL config for Application Gateway - no change + azure_rm_appgateway: + resource_group: "{{ resource_group }}" + name: "appgateway{{ rpfx }}" + sku: + name: standard_small + tier: standard + capacity: 2 + ssl_policy: + policy_type: custom + cipher_suites: + - tls_ecdhe_rsa_with_aes_128_gcm_sha256 + - tls_ecdhe_ecdsa_with_aes_128_gcm_sha256 + - tls_ecdhe_ecdsa_with_aes_256_gcm_sha384 + min_protocol_version: tls_v1_2 + authentication_certificates: + - name: cert1 + data: "{{ lookup('file', cert1_file) }}" + ssl_certificates: + - name: cert2 + password: your-password + data: "{{ lookup('file', cert2_file) }}" + gateway_ip_configurations: + - subnet: + id: "{{ subnet_output.state.id }}" + name: app_gateway_ip_config + frontend_ip_configurations: + - subnet: + id: "{{ subnet_output.state.id }}" + name: sample_gateway_frontend_ip_config + frontend_ports: + - port: 90 + name: ag_frontend_port + - port: 80 + name: http_frontend_port + backend_address_pools: + - backend_addresses: + - ip_address: 10.0.0.4 + name: test_backend_address_pool + probes: + - name: custom_probe + protocol: http + host: 10.0.0.4 + path: /healthz + interval: 30 + timeout: 30 + unhealthy_threshold: 3 + backend_http_settings_collection: + - port: 81 + protocol: http + cookie_based_affinity: enabled + probe: custom_probe + name: sample_appgateway_http_settings + http_listeners: + - frontend_ip_configuration: sample_gateway_frontend_ip_config + frontend_port: ag_frontend_port + protocol: https + ssl_certificate: cert2 + name: sample_http_listener + - frontend_ip_configuration: sample_gateway_frontend_ip_config + frontend_port: http_frontend_port + protocol: http + name: http_listener + request_routing_rules: + - rule_type: Basic + backend_address_pool: test_backend_address_pool + backend_http_settings: sample_appgateway_http_settings + http_listener: sample_http_listener + name: rule1 + - rule_type: Basic + http_listener: http_listener + redirect_configuration: redirect_site_to_https + name: http_redirect_rule + redirect_configurations: + - redirect_type: permanent + target_listener: sample_http_listener + include_path: true + include_query_string: true + name: redirect_site_to_https + register: output +- name: Assert the resource instance is not changed + assert: + that: + - not output.changed + +- name: Create instance of Application Gateway by looking up virtual network and subnet + azure_rm_appgateway: + resource_group: "{{ resource_group }}" + name: "appgateway-subnet-lookup{{ rpfx }}" + sku: + name: standard_small + tier: standard + capacity: 2 + ssl_policy: + policy_type: predefined + policy_name: ssl_policy20150501 + authentication_certificates: + - name: cert1 + data: "{{ lookup('file', cert1_file) }}" + ssl_certificates: + - name: cert2 + password: your-password + data: "{{ lookup('file', cert2_file) }}" + gateway_ip_configurations: + - subnet: + name: subnet{{ rpfx }} + virtual_network_name: vnet{{ rpfx }} + name: app_gateway_ip_config + frontend_ip_configurations: + - subnet: + name: subnet{{ rpfx }} + virtual_network_name: vnet{{ rpfx }} + name: sample_gateway_frontend_ip_config + frontend_ports: + - port: 90 + name: ag_frontend_port + - port: 80 + name: http_frontend_port + backend_address_pools: + - backend_addresses: + - ip_address: 10.0.0.4 + name: test_backend_address_pool + probes: + - name: custom_probe + protocol: http + host: 10.0.0.4 + path: /healthz + interval: 30 + timeout: 30 + unhealthy_threshold: 3 + backend_http_settings_collection: + - port: 80 + protocol: http + cookie_based_affinity: enabled + probe: custom_probe + name: sample_appgateway_http_settings + http_listeners: + - frontend_ip_configuration: sample_gateway_frontend_ip_config + frontend_port: ag_frontend_port + protocol: https + ssl_certificate: cert2 + name: sample_http_listener + - frontend_ip_configuration: sample_gateway_frontend_ip_config + frontend_port: http_frontend_port + protocol: http + name: http_listener + request_routing_rules: + - rule_type: Basic + backend_address_pool: test_backend_address_pool + backend_http_settings: sample_appgateway_http_settings + http_listener: sample_http_listener + name: rule1 + - rule_type: Basic + http_listener: http_listener + redirect_configuration: redirect_site_to_https + name: http_redirect_rule + redirect_configurations: + - redirect_type: permanent + target_listener: sample_http_listener + include_path: true + include_query_string: true + name: redirect_site_to_https + register: output +- name: Assert the resource instance is well created + assert: + that: + - output.changed + +- name: Load app gateways + azure_rm_appgateway_info: + register: appgw_output +- name: Assert there are the correct number of gateways + assert: + that: + - appgw_output.gateways | community.general.json_query(query) | length == 2 + +- name: Load app gateway by name + azure_rm_appgateway_info: + name: "appgateway-subnet-lookup{{ rpfx }}" + resource_group: "{{ resource_group }}" + register: appgw_output +- name: Assert there are the correct number of gateways + assert: + that: + - appgw_output.gateways | community.general.json_query(query) | length == 1 + - (appgw_output.gateways | community.general.json_query(query))[0].name == 'appgateway-subnet-lookup{{ rpfx }}' + - (appgw_output.gateways | community.general.json_query(query))[0].provisioning_state == 'Succeeded' + - (appgw_output.gateways | community.general.json_query(query))[0].operational_state == 'Running' + +- name: Create instance of Application Gateway with probe using hostname from backend http settings + azure_rm_appgateway: + resource_group: "{{ resource_group_secondary }}" + name: "appgateway-probe-{{ rpfx }}" + location: "{{ vnet_output.state.location }}" + sku: + name: standard_small + tier: standard + capacity: 2 + ssl_policy: + policy_type: predefined + policy_name: ssl_policy20150501 + authentication_certificates: + - name: cert1 + data: "{{ lookup('file', cert1_file) }}" + ssl_certificates: + - name: cert2 + password: your-password + data: "{{ lookup('file', cert2_file) }}" + gateway_ip_configurations: + - subnet: + id: "{{ subnet_output.state.id }}" + name: app_gateway_ip_config + frontend_ip_configurations: + - subnet: + id: "{{ subnet_output.state.id }}" + name: sample_gateway_frontend_ip_config + frontend_ports: + - port: 90 + name: ag_frontend_port + - port: 80 + name: http_frontend_port + backend_address_pools: + - backend_addresses: + - ip_address: 10.0.0.4 + name: test_backend_address_pool + probes: + - name: custom_probe + protocol: http + path: /healthz + interval: 30 + timeout: 30 + unhealthy_threshold: 3 + pick_host_name_from_backend_http_settings: true + backend_http_settings_collection: + - port: 80 + protocol: http + cookie_based_affinity: enabled + probe: custom_probe + name: sample_appgateway_http_settings + pick_host_name_from_backend_address: true + http_listeners: + - frontend_ip_configuration: sample_gateway_frontend_ip_config + frontend_port: ag_frontend_port + protocol: https + ssl_certificate: cert2 + name: sample_http_listener + - frontend_ip_configuration: sample_gateway_frontend_ip_config + frontend_port: http_frontend_port + protocol: http + name: http_listener + request_routing_rules: + - rule_type: Basic + backend_address_pool: test_backend_address_pool + backend_http_settings: sample_appgateway_http_settings + http_listener: sample_http_listener + name: rule1 + - rule_type: Basic + http_listener: http_listener + redirect_configuration: redirect_site_to_https + name: http_redirect_rule + redirect_configurations: + - redirect_type: permanent + target_listener: sample_http_listener + include_path: true + include_query_string: true + name: redirect_site_to_https + register: output +- name: Assert the resource instance is well created + assert: + that: + - output.changed + +- name: Test no update instance of Application Gateway with probe using hostname from backend http settings + azure_rm_appgateway: + resource_group: "{{ resource_group_secondary }}" + name: "appgateway-probe-{{ rpfx }}" + location: "{{ vnet_output.state.location }}" + sku: + name: standard_small + tier: standard + capacity: 2 + ssl_policy: + policy_type: predefined + policy_name: ssl_policy20150501 + authentication_certificates: + - name: cert1 + data: "{{ lookup('file', cert1_file) }}" + ssl_certificates: + - name: cert2 + password: your-password + data: "{{ lookup('file', cert2_file) }}" + gateway_ip_configurations: + - subnet: + id: "{{ subnet_output.state.id }}" + name: app_gateway_ip_config + frontend_ip_configurations: + - subnet: + id: "{{ subnet_output.state.id }}" + name: sample_gateway_frontend_ip_config + frontend_ports: + - port: 90 + name: ag_frontend_port + - port: 80 + name: http_frontend_port + backend_address_pools: + - backend_addresses: + - ip_address: 10.0.0.4 + name: test_backend_address_pool + probes: + - name: custom_probe + protocol: http + path: /healthz + interval: 30 + timeout: 30 + unhealthy_threshold: 3 + pick_host_name_from_backend_http_settings: true + backend_http_settings_collection: + - port: 80 + protocol: http + cookie_based_affinity: enabled + probe: custom_probe + name: sample_appgateway_http_settings + pick_host_name_from_backend_address: true + http_listeners: + - frontend_ip_configuration: sample_gateway_frontend_ip_config + frontend_port: ag_frontend_port + protocol: https + ssl_certificate: cert2 + name: sample_http_listener + - frontend_ip_configuration: sample_gateway_frontend_ip_config + frontend_port: http_frontend_port + protocol: http + name: http_listener + request_routing_rules: + - rule_type: Basic + backend_address_pool: test_backend_address_pool + backend_http_settings: sample_appgateway_http_settings + http_listener: sample_http_listener + name: rule1 + - rule_type: Basic + http_listener: http_listener + redirect_configuration: redirect_site_to_https + name: http_redirect_rule + redirect_configurations: + - redirect_type: permanent + target_listener: sample_http_listener + include_path: true + include_query_string: true + name: redirect_site_to_https + register: output +- name: Assert the resource instance is not changed + assert: + that: + - not output.changed + +- name: Load app gateway by resource group + azure_rm_appgateway_info: + resource_group: "{{ resource_group_secondary }}" + register: appgw_output +- name: Assert there are the correct number of gateways and they are the right ones + assert: + that: + - appgw_output.gateways | community.general.json_query(query) | length == 1 + - (appgw_output.gateways | community.general.json_query(query))[0].name == 'appgateway-probe-{{ rpfx }}' + +- name: Load app gateway not found in resource group + azure_rm_appgateway_info: + name: "appgateway{{ rpfx }}" + resource_group: "{{ resource_group_secondary }}" + register: appgw_output +- name: Assert there are no results + assert: + that: + - appgw_output.gateways | community.general.json_query(query) | length == 0 + +- name: Create instance of Application Gateway with path based rules + azure_rm_appgateway: + resource_group: "{{ resource_group }}" + name: "appgateway-path-rules{{ rpfx }}" + sku: + name: standard_small + tier: standard + capacity: 2 + ssl_policy: + policy_type: predefined + policy_name: ssl_policy20150501 + authentication_certificates: + - name: cert1 + data: "{{ lookup('file', cert1_file) }}" + ssl_certificates: + - name: cert2 + password: your-password + data: "{{ lookup('file', cert2_file) }}" + gateway_ip_configurations: + - subnet: + id: "{{ subnet_output.state.id }}" + name: app_gateway_ip_config + frontend_ip_configurations: + - subnet: + id: "{{ subnet_output.state.id }}" + name: sample_gateway_frontend_ip_config + frontend_ports: + - port: 90 + name: ag_frontend_port + - port: 80 + name: http_frontend_port + backend_address_pools: + - backend_addresses: + - ip_address: 10.0.0.4 + name: test_backend_address_pool + probes: + - name: custom_probe + protocol: http + host: 10.0.0.4 + path: /healthz + interval: 30 + timeout: 30 + unhealthy_threshold: 3 + backend_http_settings_collection: + - port: 80 + protocol: http + cookie_based_affinity: enabled + probe: custom_probe + name: sample_appgateway_http_settings + http_listeners: + - frontend_ip_configuration: sample_gateway_frontend_ip_config + frontend_port: ag_frontend_port + protocol: https + ssl_certificate: cert2 + name: sample_http_listener + - frontend_ip_configuration: sample_gateway_frontend_ip_config + frontend_port: http_frontend_port + protocol: http + name: http_listener + request_routing_rules: + - rule_type: path_based_routing + http_listener: sample_http_listener + name: rule1 + url_path_map: path_mappings + - rule_type: Basic + http_listener: http_listener + redirect_configuration: redirect_site_to_https + name: http_redirect_rule + url_path_maps: + - name: path_mappings + default_backend_address_pool: test_backend_address_pool + default_backend_http_settings: sample_appgateway_http_settings + path_rules: + - name: path_rules + backend_address_pool: test_backend_address_pool + backend_http_settings: sample_appgateway_http_settings + paths: + - "/abc" + - "/123/*" + redirect_configurations: + - redirect_type: permanent + target_listener: sample_http_listener + include_path: true + include_query_string: true + name: redirect_site_to_https + register: output +- name: Assert the resource instance is well created + assert: + that: + - output.changed + +- name: Try to update instance of Application Gateway with path based rules - no change + azure_rm_appgateway: + resource_group: "{{ resource_group }}" + name: "appgateway-path-rules{{ rpfx }}" + sku: + name: standard_small + tier: standard + capacity: 2 + ssl_policy: + policy_type: predefined + policy_name: ssl_policy20150501 + authentication_certificates: + - name: cert1 + data: "{{ lookup('file', cert1_file) }}" + ssl_certificates: + - name: cert2 + password: your-password + data: "{{ lookup('file', cert2_file) }}" + gateway_ip_configurations: + - subnet: + id: "{{ subnet_output.state.id }}" + name: app_gateway_ip_config + frontend_ip_configurations: + - subnet: + id: "{{ subnet_output.state.id }}" + name: sample_gateway_frontend_ip_config + frontend_ports: + - port: 90 + name: ag_frontend_port + - port: 80 + name: http_frontend_port + backend_address_pools: + - backend_addresses: + - ip_address: 10.0.0.4 + name: test_backend_address_pool + probes: + - name: custom_probe + protocol: http + host: 10.0.0.4 + path: /healthz + interval: 30 + timeout: 30 + unhealthy_threshold: 3 + backend_http_settings_collection: + - port: 80 + protocol: http + cookie_based_affinity: enabled + probe: custom_probe + name: sample_appgateway_http_settings + http_listeners: + - frontend_ip_configuration: sample_gateway_frontend_ip_config + frontend_port: ag_frontend_port + protocol: https + ssl_certificate: cert2 + name: sample_http_listener + - frontend_ip_configuration: sample_gateway_frontend_ip_config + frontend_port: http_frontend_port + protocol: http + name: http_listener + request_routing_rules: + - rule_type: path_based_routing + http_listener: sample_http_listener + name: rule1 + url_path_map: path_mappings + - rule_type: Basic + http_listener: http_listener + redirect_configuration: redirect_site_to_https + name: http_redirect_rule + url_path_maps: + - name: path_mappings + default_backend_address_pool: test_backend_address_pool + default_backend_http_settings: sample_appgateway_http_settings + path_rules: + - name: path_rules + backend_address_pool: test_backend_address_pool + backend_http_settings: sample_appgateway_http_settings + paths: + - "/abc" + - "/123/*" + redirect_configurations: + - redirect_type: permanent + target_listener: sample_http_listener + include_path: true + include_query_string: true + name: redirect_site_to_https + register: output +- name: Assert the resource instance is not changed + assert: + that: + - not output.changed + +- name: Create instance of Application Gateway with complex routing and redirect rules + azure_rm_appgateway: + resource_group: "{{ resource_group }}" + name: "appgateway-complex{{ rpfx }}" + sku: + name: standard_small + tier: standard + capacity: 2 + ssl_policy: + policy_type: "predefined" + policy_name: "ssl_policy20170401_s" + ssl_certificates: + - name: cert2 + password: your-password + data: "{{ lookup('file', cert2_file) }}" + gateway_ip_configurations: + - subnet: + id: "{{ subnet_output.state.id }}" + name: app_gateway_ip_config + frontend_ip_configurations: + - subnet: + id: "{{ subnet_output.state.id }}" + name: sample_gateway_frontend_ip_config + frontend_ports: + - name: "inbound-http" + port: 80 + - name: "inbound-https" + port: 443 + backend_address_pools: + - name: test_backend_address_pool1 + backend_addresses: + - ip_address: 10.0.0.1 + - name: test_backend_address_pool2 + backend_addresses: + - ip_address: 10.0.0.2 + backend_http_settings_collection: + - name: "http-profile1" + port: 443 + protocol: https + pick_host_name_from_backend_address: true + probe: "http-probe1" + cookie_based_affinity: "Disabled" + - name: "http-profile2" + port: 8080 + protocol: http + pick_host_name_from_backend_address: true + probe: "http-probe2" + cookie_based_affinity: "Disabled" + http_listeners: + - name: "inbound-http" + protocol: "http" + frontend_ip_configuration: "sample_gateway_frontend_ip_config" + frontend_port: "inbound-http" + - name: "inbound-traffic1" + protocol: "https" + frontend_ip_configuration: "sample_gateway_frontend_ip_config" + frontend_port: "inbound-https" + host_name: "traffic1.example.com" + require_server_name_indication: true + ssl_certificate: "cert2" + - name: "inbound-traffic2" + protocol: "https" + frontend_ip_configuration: "sample_gateway_frontend_ip_config" + frontend_port: "inbound-https" + host_name: "traffic2.example.com" + require_server_name_indication: true + ssl_certificate: "cert2" + url_path_maps: + - name: "path_mappings" + default_redirect_configuration: "redirect-traffic1" + path_rules: + - name: "path_rules" + backend_address_pool: "test_backend_address_pool1" + backend_http_settings: "http-profile1" + paths: + - "/abc" + - "/123/*" + request_routing_rules: + - name: "app-routing1" + rule_type: "basic" + http_listener: "inbound-traffic1" + backend_address_pool: "test_backend_address_pool2" + backend_http_settings: "http-profile1" + - name: "app-routing2" + rule_type: "path_based_routing" + http_listener: "inbound-traffic2" + url_path_map: "path_mappings" + - name: "redirect-routing" + rule_type: "basic" + http_listener: "inbound-http" + redirect_configuration: "redirect-http" + probes: + - name: "http-probe1" + interval: 30 + path: "/abc" + protocol: "https" + pick_host_name_from_backend_http_settings: true + timeout: 30 + unhealthy_threshold: 2 + - name: "http-probe2" + interval: 30 + path: "/xyz" + protocol: "http" + pick_host_name_from_backend_http_settings: true + timeout: 30 + unhealthy_threshold: 2 + redirect_configurations: + - name: "redirect-http" + redirect_type: "permanent" + target_listener: "inbound-traffic1" + include_path: true + include_query_string: true + request_routing_rules: + - "redirect-routing" + - name: "redirect-traffic1" + redirect_type: "found" + target_listener: "inbound-traffic1" + include_path: true + include_query_string: true + url_path_maps: + - "path_mappings" + register: output +- name: Assert the resource instance is well created + assert: + that: + - output.changed + +- name: Try to update instance of Application Gateway with complex routing and redirect rules - no change + azure_rm_appgateway: + resource_group: "{{ resource_group }}" + name: "appgateway-complex{{ rpfx }}" + sku: + name: standard_small + tier: standard + capacity: 2 + ssl_policy: + policy_type: "predefined" + policy_name: "ssl_policy20170401_s" + ssl_certificates: + - name: cert2 + password: your-password + data: "{{ lookup('file', cert2_file) }}" + gateway_ip_configurations: + - subnet: + id: "{{ subnet_output.state.id }}" + name: app_gateway_ip_config + frontend_ip_configurations: + - subnet: + id: "{{ subnet_output.state.id }}" + name: sample_gateway_frontend_ip_config + frontend_ports: + - name: "inbound-http" + port: 80 + - name: "inbound-https" + port: 443 + backend_address_pools: + - name: test_backend_address_pool1 + backend_addresses: + - ip_address: 10.0.0.1 + - name: test_backend_address_pool2 + backend_addresses: + - ip_address: 10.0.0.2 + backend_http_settings_collection: + - name: "http-profile1" + port: 443 + protocol: https + pick_host_name_from_backend_address: true + probe: "http-probe1" + cookie_based_affinity: "Disabled" + - name: "http-profile2" + port: 8080 + protocol: http + pick_host_name_from_backend_address: true + probe: "http-probe2" + cookie_based_affinity: "Disabled" + http_listeners: + - name: "inbound-http" + protocol: "http" + frontend_ip_configuration: "sample_gateway_frontend_ip_config" + frontend_port: "inbound-http" + - name: "inbound-traffic1" + protocol: "https" + frontend_ip_configuration: "sample_gateway_frontend_ip_config" + frontend_port: "inbound-https" + host_name: "traffic1.example.com" + require_server_name_indication: true + ssl_certificate: "cert2" + - name: "inbound-traffic2" + protocol: "https" + frontend_ip_configuration: "sample_gateway_frontend_ip_config" + frontend_port: "inbound-https" + host_name: "traffic2.example.com" + require_server_name_indication: true + ssl_certificate: "cert2" + url_path_maps: + - name: "path_mappings" + default_redirect_configuration: "redirect-traffic1" + path_rules: + - name: "path_rules" + backend_address_pool: "test_backend_address_pool1" + backend_http_settings: "http-profile1" + paths: + - "/abc" + - "/123/*" + request_routing_rules: + - name: "app-routing1" + rule_type: "basic" + http_listener: "inbound-traffic1" + backend_address_pool: "test_backend_address_pool2" + backend_http_settings: "http-profile1" + - name: "app-routing2" + rule_type: "path_based_routing" + http_listener: "inbound-traffic2" + url_path_map: "path_mappings" + - name: "redirect-routing" + rule_type: "basic" + http_listener: "inbound-http" + redirect_configuration: "redirect-http" + probes: + - name: "http-probe1" + interval: 30 + path: "/abc" + protocol: "https" + pick_host_name_from_backend_http_settings: true + timeout: 30 + unhealthy_threshold: 2 + - name: "http-probe2" + interval: 30 + path: "/xyz" + protocol: "http" + pick_host_name_from_backend_http_settings: true + timeout: 30 + unhealthy_threshold: 2 + redirect_configurations: + - name: "redirect-http" + redirect_type: "permanent" + target_listener: "inbound-traffic1" + include_path: true + include_query_string: true + request_routing_rules: + - "redirect-routing" + - name: "redirect-traffic1" + redirect_type: "found" + target_listener: "inbound-traffic1" + include_path: true + include_query_string: true + url_path_maps: + - "path_mappings" + register: output +- name: Assert the resource instance is not changed + assert: + that: + - not output.changed + +- name: Configure public IP for v2 gateway + azure_rm_publicipaddress: + name: "appgateway-v2-{{ rpfx }}-pip" + resource_group: "{{ resource_group }}" + sku: "standard" + allocation_method: "static" + +- name: Try to create v2 instance of Application Gateway with rewrite rules + azure_rm_appgateway: + resource_group: "{{ resource_group }}" + name: "appgateway-v2-{{ rpfx }}" + sku: + name: standard_v2 + tier: standard_v2 + capacity: 2 + ssl_policy: + policy_type: "predefined" + policy_name: "ssl_policy20170401_s" + ssl_certificates: + - name: cert2 + password: your-password + data: "{{ lookup('file', cert2_file) }}" + gateway_ip_configurations: + - subnet: + id: "{{ subnet_output.state.id }}" + name: app_gateway_ip_config + frontend_ip_configurations: + - name: "public-inbound-ip" + public_ip_address: "appgateway-v2-{{ rpfx }}-pip" + frontend_ports: + - name: "inbound-http" + port: 80 + - name: "inbound-https" + port: 443 + backend_address_pools: + - name: test_backend_address_pool1 + backend_addresses: + - ip_address: 10.0.0.1 + - name: test_backend_address_pool2 + backend_addresses: + - ip_address: 10.0.0.2 + backend_http_settings_collection: + - name: "http-profile1" + port: 443 + protocol: https + pick_host_name_from_backend_address: true + probe: "http-probe1" + cookie_based_affinity: "Disabled" + - name: "http-profile2" + port: 8080 + protocol: http + pick_host_name_from_backend_address: true + probe: "http-probe2" + cookie_based_affinity: "Disabled" + http_listeners: + - name: "inbound-http" + protocol: "http" + frontend_ip_configuration: "public-inbound-ip" + frontend_port: "inbound-http" + - name: "inbound-traffic1" + protocol: "https" + frontend_ip_configuration: "public-inbound-ip" + frontend_port: "inbound-https" + host_name: "traffic1.example.com" + require_server_name_indication: true + ssl_certificate: "cert2" + - name: "inbound-traffic2" + protocol: "https" + frontend_ip_configuration: "public-inbound-ip" + frontend_port: "inbound-https" + host_name: "traffic2.example.com" + require_server_name_indication: true + ssl_certificate: "cert2" + url_path_maps: + - name: "path_mappings" + default_redirect_configuration: "redirect-traffic1" + default_rewrite_rule_set: "configure-headers" + path_rules: + - name: "path_rules" + backend_address_pool: "test_backend_address_pool1" + backend_http_settings: "http-profile1" + paths: + - "/abc" + - "/123/*" + request_routing_rules: + - name: "app-routing1" + rule_type: "basic" + http_listener: "inbound-traffic1" + backend_address_pool: "test_backend_address_pool2" + backend_http_settings: "http-profile1" + rewrite_rule_set: "configure-headers" + - name: "app-routing2" + rule_type: "path_based_routing" + http_listener: "inbound-traffic2" + url_path_map: "path_mappings" + - name: "redirect-routing" + rule_type: "basic" + http_listener: "inbound-http" + redirect_configuration: "redirect-http" + rewrite_rule_sets: + - name: "configure-headers" + rewrite_rules: + - name: "add-security-response-header" + rule_sequence: 1 + action_set: + response_header_configurations: + - header_name: "Strict-Transport-Security" + header_value: "max-age=31536000" + - name: "remove-backend-response-headers" + rule_sequence: 2 + action_set: + response_header_configurations: + - header_name: "Server" + - header_name: "X-Powered-By" + - name: "set-custom-header-condition" + rule_sequence: 3 + conditions: + - variable: "var_client_ip" + pattern: "1.1.1.1" + - variable: "http_req_Authorization" + pattern: "12345" + ignore_case: false + action_set: + request_header_configurations: + - header_name: "Foo" + header_value: "Bar" + probes: + - name: "http-probe1" + interval: 30 + path: "/abc" + protocol: "https" + pick_host_name_from_backend_http_settings: true + timeout: 30 + unhealthy_threshold: 2 + - name: "http-probe2" + interval: 30 + path: "/xyz" + protocol: "http" + pick_host_name_from_backend_http_settings: true + timeout: 30 + unhealthy_threshold: 2 + redirect_configurations: + - name: "redirect-http" + redirect_type: "permanent" + target_listener: "inbound-traffic1" + include_path: true + include_query_string: true + request_routing_rules: + - "redirect-routing" + - name: "redirect-traffic1" + redirect_type: "found" + target_listener: "inbound-traffic1" + include_path: true + include_query_string: true + url_path_maps: + - "path_mappings" + register: output +- name: Assert the resource instance is well created + assert: + that: + - output.changed + +- name: Try to create v2 instance of Application Gateway with rewrite rules - no update + azure_rm_appgateway: + resource_group: "{{ resource_group }}" + name: "appgateway-v2-{{ rpfx }}" + sku: + name: standard_v2 + tier: standard_v2 + capacity: 2 + ssl_policy: + policy_type: "predefined" + policy_name: "ssl_policy20170401_s" + ssl_certificates: + - name: cert2 + password: your-password + data: "{{ lookup('file', cert2_file) }}" + gateway_ip_configurations: + - subnet: + id: "{{ subnet_output.state.id }}" + name: app_gateway_ip_config + frontend_ip_configurations: + - name: "public-inbound-ip" + public_ip_address: "appgateway-v2-{{ rpfx }}-pip" + frontend_ports: + - name: "inbound-http" + port: 80 + - name: "inbound-https" + port: 443 + backend_address_pools: + - name: test_backend_address_pool1 + backend_addresses: + - ip_address: 10.0.0.1 + - name: test_backend_address_pool2 + backend_addresses: + - ip_address: 10.0.0.2 + backend_http_settings_collection: + - name: "http-profile1" + port: 443 + protocol: https + pick_host_name_from_backend_address: true + probe: "http-probe1" + cookie_based_affinity: "Disabled" + - name: "http-profile2" + port: 8080 + protocol: http + pick_host_name_from_backend_address: true + probe: "http-probe2" + cookie_based_affinity: "Disabled" + http_listeners: + - name: "inbound-http" + protocol: "http" + frontend_ip_configuration: "public-inbound-ip" + frontend_port: "inbound-http" + - name: "inbound-traffic1" + protocol: "https" + frontend_ip_configuration: "public-inbound-ip" + frontend_port: "inbound-https" + host_name: "traffic1.example.com" + require_server_name_indication: true + ssl_certificate: "cert2" + - name: "inbound-traffic2" + protocol: "https" + frontend_ip_configuration: "public-inbound-ip" + frontend_port: "inbound-https" + host_name: "traffic2.example.com" + require_server_name_indication: true + ssl_certificate: "cert2" + url_path_maps: + - name: "path_mappings" + default_redirect_configuration: "redirect-traffic1" + default_rewrite_rule_set: "configure-headers" + path_rules: + - name: "path_rules" + backend_address_pool: "test_backend_address_pool1" + backend_http_settings: "http-profile1" + paths: + - "/abc" + - "/123/*" + request_routing_rules: + - name: "app-routing1" + rule_type: "basic" + http_listener: "inbound-traffic1" + backend_address_pool: "test_backend_address_pool2" + backend_http_settings: "http-profile1" + rewrite_rule_set: "configure-headers" + - name: "app-routing2" + rule_type: "path_based_routing" + http_listener: "inbound-traffic2" + url_path_map: "path_mappings" + - name: "redirect-routing" + rule_type: "basic" + http_listener: "inbound-http" + redirect_configuration: "redirect-http" + rewrite_rule_sets: + - name: "configure-headers" + rewrite_rules: + - name: "add-security-response-header" + rule_sequence: 1 + action_set: + response_header_configurations: + - header_name: "Strict-Transport-Security" + header_value: "max-age=31536000" + - name: "remove-backend-response-headers" + rule_sequence: 2 + action_set: + response_header_configurations: + - header_name: "Server" + - header_name: "X-Powered-By" + - name: "set-custom-header-condition" + rule_sequence: 3 + conditions: + - variable: "var_client_ip" + pattern: "1.1.1.1" + - variable: "http_req_Authorization" + pattern: "12345" + ignore_case: false + action_set: + request_header_configurations: + - header_name: "Foo" + header_value: "Bar" + probes: + - name: "http-probe1" + interval: 30 + path: "/abc" + protocol: "https" + pick_host_name_from_backend_http_settings: true + timeout: 30 + unhealthy_threshold: 2 + - name: "http-probe2" + interval: 30 + path: "/xyz" + protocol: "http" + pick_host_name_from_backend_http_settings: true + timeout: 30 + unhealthy_threshold: 2 + redirect_configurations: + - name: "redirect-http" + redirect_type: "permanent" + target_listener: "inbound-traffic1" + include_path: true + include_query_string: true + request_routing_rules: + - "redirect-routing" + - name: "redirect-traffic1" + redirect_type: "found" + target_listener: "inbound-traffic1" + include_path: true + include_query_string: true + url_path_maps: + - "path_mappings" + register: output +- name: Assert the resource instance is not updated + assert: + that: + - not output.changed + +- name: Try to create v2 instance of Application Gateway with rewrite rules - update rewrite rule + azure_rm_appgateway: + resource_group: "{{ resource_group }}" + name: "appgateway-v2-{{ rpfx }}" + sku: + name: standard_v2 + tier: standard_v2 + capacity: 2 + ssl_policy: + policy_type: "predefined" + policy_name: "ssl_policy20170401_s" + ssl_certificates: + - name: cert2 + password: your-password + data: "{{ lookup('file', cert2_file) }}" + gateway_ip_configurations: + - subnet: + id: "{{ subnet_output.state.id }}" + name: app_gateway_ip_config + frontend_ip_configurations: + - name: "public-inbound-ip" + public_ip_address: "appgateway-v2-{{ rpfx }}-pip" + frontend_ports: + - name: "inbound-http" + port: 80 + - name: "inbound-https" + port: 443 + backend_address_pools: + - name: test_backend_address_pool1 + backend_addresses: + - ip_address: 10.0.0.1 + - name: test_backend_address_pool2 + backend_addresses: + - ip_address: 10.0.0.2 + backend_http_settings_collection: + - name: "http-profile1" + port: 443 + protocol: https + pick_host_name_from_backend_address: true + probe: "http-probe1" + cookie_based_affinity: "Disabled" + - name: "http-profile2" + port: 8080 + protocol: http + pick_host_name_from_backend_address: true + probe: "http-probe2" + cookie_based_affinity: "Disabled" + http_listeners: + - name: "inbound-http" + protocol: "http" + frontend_ip_configuration: "public-inbound-ip" + frontend_port: "inbound-http" + - name: "inbound-traffic1" + protocol: "https" + frontend_ip_configuration: "public-inbound-ip" + frontend_port: "inbound-https" + host_name: "traffic1.example.com" + require_server_name_indication: true + ssl_certificate: "cert2" + - name: "inbound-traffic2" + protocol: "https" + frontend_ip_configuration: "public-inbound-ip" + frontend_port: "inbound-https" + host_name: "traffic2.example.com" + require_server_name_indication: true + ssl_certificate: "cert2" + url_path_maps: + - name: "path_mappings" + default_redirect_configuration: "redirect-traffic1" + default_rewrite_rule_set: "configure-headers" + path_rules: + - name: "path_rules" + backend_address_pool: "test_backend_address_pool1" + backend_http_settings: "http-profile1" + paths: + - "/abc" + - "/123/*" + request_routing_rules: + - name: "app-routing1" + rule_type: "basic" + http_listener: "inbound-traffic1" + backend_address_pool: "test_backend_address_pool2" + backend_http_settings: "http-profile1" + rewrite_rule_set: "configure-headers" + - name: "app-routing2" + rule_type: "path_based_routing" + http_listener: "inbound-traffic2" + url_path_map: "path_mappings" + - name: "redirect-routing" + rule_type: "basic" + http_listener: "inbound-http" + redirect_configuration: "redirect-http" + rewrite_rule_sets: + - name: "configure-headers" + rewrite_rules: + - name: "add-security-response-header" + rule_sequence: 1 + action_set: + response_header_configurations: + - header_name: "Strict-Transport-Security" + header_value: "max-age=31536000" + - name: "remove-backend-response-headers" + rule_sequence: 2 + action_set: + response_header_configurations: + - header_name: "Server" + - header_name: "X-Powered-By" + - name: "set-custom-header-condition" + rule_sequence: 3 + conditions: + - variable: "var_client_ip" + pattern: "1.1.1.1" + - variable: "http_req_Authorization" + pattern: "12345" + ignore_case: false + action_set: + request_header_configurations: + - header_name: "Foo" + header_value: "BarUpdated" + response_header_configurations: + - header_name: "FooResponse" + header_value: "BarResponse" + probes: + - name: "http-probe1" + interval: 30 + path: "/abc" + protocol: "https" + pick_host_name_from_backend_http_settings: true + timeout: 30 + unhealthy_threshold: 2 + - name: "http-probe2" + interval: 30 + path: "/xyz" + protocol: "http" + pick_host_name_from_backend_http_settings: true + timeout: 30 + unhealthy_threshold: 2 + redirect_configurations: + - name: "redirect-http" + redirect_type: "permanent" + target_listener: "inbound-traffic1" + include_path: true + include_query_string: true + request_routing_rules: + - "redirect-routing" + - name: "redirect-traffic1" + redirect_type: "found" + target_listener: "inbound-traffic1" + include_path: true + include_query_string: true + url_path_maps: + - "path_mappings" + register: output +- name: Assert the resource instance is updated + assert: + that: + - output.changed + +- name: Try to create v2 instance of Application Gateway with autoscale configuration and trusted root certificates + azure_rm_appgateway: + resource_group: "{{ resource_group }}" + name: "appgateway-v2-{{ rpfx }}" + sku: + name: standard_v2 + tier: standard_v2 + autoscale_configuration: + max_capacity: 2 + min_capacity: 1 + enable_http2: true + ssl_policy: + policy_type: "predefined" + policy_name: "ssl_policy20170401_s" + ssl_certificates: + - name: cert2 + password: your-password + data: "{{ lookup('file', cert2_file) }}" + trusted_root_certificates: + - name: "rootCert3" + data: "{{ lookup('file', cert3b64_file) }}" + gateway_ip_configurations: + - subnet: + id: "{{ subnet_output.state.id }}" + name: app_gateway_ip_config + frontend_ip_configurations: + - name: "public-inbound-ip" + public_ip_address: "appgateway-v2-{{ rpfx }}-pip" + frontend_ports: + - name: "inbound-http" + port: 80 + - name: "inbound-https" + port: 443 + backend_address_pools: + - name: test_backend_address_pool1 + backend_addresses: + - ip_address: 10.0.0.1 + - name: test_backend_address_pool2 + backend_addresses: + - ip_address: 10.0.0.2 + backend_http_settings_collection: + - name: "http-profile1" + port: 443 + protocol: https + pick_host_name_from_backend_address: true + probe: "http-probe1" + cookie_based_affinity: "Disabled" + connection_draining: + drain_timeout_in_sec: 60 + enabled: true + trusted_root_certificates: + - "rootCert3" + - name: "http-profile2" + port: 8080 + protocol: http + pick_host_name_from_backend_address: true + probe: "http-probe2" + cookie_based_affinity: "Disabled" + http_listeners: + - name: "inbound-http" + protocol: "http" + frontend_ip_configuration: "public-inbound-ip" + frontend_port: "inbound-http" + - name: "inbound-traffic1" + protocol: "https" + frontend_ip_configuration: "public-inbound-ip" + frontend_port: "inbound-https" + host_name: "traffic1.example.com" + require_server_name_indication: true + ssl_certificate: "cert2" + - name: "inbound-traffic2" + protocol: "https" + frontend_ip_configuration: "public-inbound-ip" + frontend_port: "inbound-https" + host_name: "traffic2.example.com" + require_server_name_indication: true + ssl_certificate: "cert2" + url_path_maps: + - name: "path_mappings" + default_redirect_configuration: "redirect-traffic1" + default_rewrite_rule_set: "configure-headers" + path_rules: + - name: "path_rules" + backend_address_pool: "test_backend_address_pool1" + backend_http_settings: "http-profile1" + paths: + - "/abc" + - "/123/*" + request_routing_rules: + - name: "app-routing1" + rule_type: "basic" + http_listener: "inbound-traffic1" + backend_address_pool: "test_backend_address_pool2" + backend_http_settings: "http-profile1" + rewrite_rule_set: "configure-headers" + - name: "app-routing2" + rule_type: "path_based_routing" + http_listener: "inbound-traffic2" + url_path_map: "path_mappings" + - name: "redirect-routing" + rule_type: "basic" + http_listener: "inbound-http" + redirect_configuration: "redirect-http" + rewrite_rule_sets: + - name: "configure-headers" + rewrite_rules: + - name: "add-security-response-header" + rule_sequence: 1 + action_set: + response_header_configurations: + - header_name: "Strict-Transport-Security" + header_value: "max-age=31536000" + - name: "remove-backend-response-headers" + rule_sequence: 2 + action_set: + response_header_configurations: + - header_name: "Server" + - header_name: "X-Powered-By" + - name: "set-custom-header-condition" + rule_sequence: 3 + conditions: + - variable: "var_client_ip" + pattern: "1.1.1.1" + - variable: "http_req_Authorization" + pattern: "12345" + ignore_case: false + action_set: + request_header_configurations: + - header_name: "Foo" + header_value: "Bar" + probes: + - name: "http-probe1" + interval: 30 + path: "/abc" + protocol: "https" + pick_host_name_from_backend_http_settings: true + timeout: 30 + unhealthy_threshold: 2 + - name: "http-probe2" + interval: 30 + path: "/xyz" + protocol: "http" + pick_host_name_from_backend_http_settings: true + timeout: 30 + unhealthy_threshold: 2 + redirect_configurations: + - name: "redirect-http" + redirect_type: "permanent" + target_listener: "inbound-traffic1" + include_path: true + include_query_string: true + request_routing_rules: + - "redirect-routing" + - name: "redirect-traffic1" + redirect_type: "found" + target_listener: "inbound-traffic1" + include_path: true + include_query_string: true + url_path_maps: + - "path_mappings" + register: output + +- name: Assert the resource instance is well created + assert: + that: + - output.changed + + +- name: Try to create v2 instance of Application Gateway with autoscale configuration and trusted root certificates - no update + azure_rm_appgateway: + resource_group: "{{ resource_group }}" + name: "appgateway-v2-{{ rpfx }}" + sku: + name: standard_v2 + tier: standard_v2 + autoscale_configuration: + max_capacity: 2 + min_capacity: 1 + enable_http2: true + ssl_policy: + policy_type: "predefined" + policy_name: "ssl_policy20170401_s" + ssl_certificates: + - name: cert2 + password: your-password + data: "{{ lookup('file', cert2_file) }}" + trusted_root_certificates: + - name: "rootCert3" + data: "{{ lookup('file', cert3b64_file) }}" + gateway_ip_configurations: + - subnet: + id: "{{ subnet_output.state.id }}" + name: app_gateway_ip_config + frontend_ip_configurations: + - name: "public-inbound-ip" + public_ip_address: "appgateway-v2-{{ rpfx }}-pip" + frontend_ports: + - name: "inbound-http" + port: 80 + - name: "inbound-https" + port: 443 + backend_address_pools: + - name: test_backend_address_pool1 + backend_addresses: + - ip_address: 10.0.0.1 + - name: test_backend_address_pool2 + backend_addresses: + - ip_address: 10.0.0.2 + backend_http_settings_collection: + - name: "http-profile1" + port: 443 + protocol: https + pick_host_name_from_backend_address: true + probe: "http-probe1" + cookie_based_affinity: "Disabled" + connection_draining: + drain_timeout_in_sec: 60 + enabled: true + trusted_root_certificates: + - "rootCert3" + - name: "http-profile2" + port: 8080 + protocol: http + pick_host_name_from_backend_address: true + probe: "http-probe2" + cookie_based_affinity: "Disabled" + http_listeners: + - name: "inbound-http" + protocol: "http" + frontend_ip_configuration: "public-inbound-ip" + frontend_port: "inbound-http" + - name: "inbound-traffic1" + protocol: "https" + frontend_ip_configuration: "public-inbound-ip" + frontend_port: "inbound-https" + host_name: "traffic1.example.com" + require_server_name_indication: true + ssl_certificate: "cert2" + - name: "inbound-traffic2" + protocol: "https" + frontend_ip_configuration: "public-inbound-ip" + frontend_port: "inbound-https" + host_name: "traffic2.example.com" + require_server_name_indication: true + ssl_certificate: "cert2" + url_path_maps: + - name: "path_mappings" + default_redirect_configuration: "redirect-traffic1" + default_rewrite_rule_set: "configure-headers" + path_rules: + - name: "path_rules" + backend_address_pool: "test_backend_address_pool1" + backend_http_settings: "http-profile1" + paths: + - "/abc" + - "/123/*" + request_routing_rules: + - name: "app-routing1" + rule_type: "basic" + http_listener: "inbound-traffic1" + backend_address_pool: "test_backend_address_pool2" + backend_http_settings: "http-profile1" + rewrite_rule_set: "configure-headers" + - name: "app-routing2" + rule_type: "path_based_routing" + http_listener: "inbound-traffic2" + url_path_map: "path_mappings" + - name: "redirect-routing" + rule_type: "basic" + http_listener: "inbound-http" + redirect_configuration: "redirect-http" + rewrite_rule_sets: + - name: "configure-headers" + rewrite_rules: + - name: "add-security-response-header" + rule_sequence: 1 + action_set: + response_header_configurations: + - header_name: "Strict-Transport-Security" + header_value: "max-age=31536000" + - name: "remove-backend-response-headers" + rule_sequence: 2 + action_set: + response_header_configurations: + - header_name: "Server" + - header_name: "X-Powered-By" + - name: "set-custom-header-condition" + rule_sequence: 3 + conditions: + - variable: "var_client_ip" + pattern: "1.1.1.1" + - variable: "http_req_Authorization" + pattern: "12345" + ignore_case: false + action_set: + request_header_configurations: + - header_name: "Foo" + header_value: "Bar" + probes: + - name: "http-probe1" + interval: 30 + path: "/abc" + protocol: "https" + pick_host_name_from_backend_http_settings: true + timeout: 30 + unhealthy_threshold: 2 + - name: "http-probe2" + interval: 30 + path: "/xyz" + protocol: "http" + pick_host_name_from_backend_http_settings: true + timeout: 30 + unhealthy_threshold: 2 + redirect_configurations: + - name: "redirect-http" + redirect_type: "permanent" + target_listener: "inbound-traffic1" + include_path: true + include_query_string: true + request_routing_rules: + - "redirect-routing" + - name: "redirect-traffic1" + redirect_type: "found" + target_listener: "inbound-traffic1" + include_path: true + include_query_string: true + url_path_maps: + - "path_mappings" + register: output + +- name: Assert the resource instance is not updated + assert: + that: + - not output.changed + +- name: Configure public IP for waf_v2 gateway + azure_rm_publicipaddress: + name: "appgateway-waf-v2-{{ rpfx }}-pip" + resource_group: "{{ resource_group }}" + sku: "standard" + allocation_method: "static" + +- name: Try to create waf_v2 instance of Application Gateway with waf configuration + azure_rm_appgateway: + resource_group: "{{ resource_group }}" + name: "appgateway-waf-v2-{{ rpfx }}" + sku: + name: waf_v2 + tier: waf_v2 + capacity: 2 + ssl_policy: + policy_type: "predefined" + policy_name: "ssl_policy20170401_s" + ssl_certificates: + - name: cert2 + password: your-password + data: "{{ lookup('file', cert2_file) }}" + gateway_ip_configurations: + - subnet: + id: "{{ subnet_output.state.id }}" + name: app_gateway_ip_config + frontend_ip_configurations: + - name: "public-inbound-ip" + public_ip_address: "appgateway-waf-v2-{{ rpfx }}-pip" + frontend_ports: + - name: "inbound-http" + port: 80 + - name: "inbound-https" + port: 443 + backend_address_pools: + - name: test_backend_address_pool1 + backend_addresses: + - ip_address: 10.0.0.1 + - name: test_backend_address_pool2 + backend_addresses: + - ip_address: 10.0.0.2 + backend_http_settings_collection: + - name: "http-profile1" + port: 443 + protocol: https + pick_host_name_from_backend_address: true + probe: "http-probe1" + cookie_based_affinity: "Disabled" + - name: "http-profile2" + port: 8080 + protocol: http + pick_host_name_from_backend_address: true + probe: "http-probe2" + cookie_based_affinity: "Disabled" + http_listeners: + - name: "inbound-http" + protocol: "http" + frontend_ip_configuration: "public-inbound-ip" + frontend_port: "inbound-http" + - name: "inbound-traffic1" + protocol: "https" + frontend_ip_configuration: "public-inbound-ip" + frontend_port: "inbound-https" + host_name: "traffic1.example.com" + require_server_name_indication: true + ssl_certificate: "cert2" + - name: "inbound-traffic2" + protocol: "https" + frontend_ip_configuration: "public-inbound-ip" + frontend_port: "inbound-https" + host_name: "traffic2.example.com" + require_server_name_indication: true + ssl_certificate: "cert2" + url_path_maps: + - name: "path_mappings" + default_redirect_configuration: "redirect-traffic1" + default_rewrite_rule_set: "configure-headers" + path_rules: + - name: "path_rules" + backend_address_pool: "test_backend_address_pool1" + backend_http_settings: "http-profile1" + paths: + - "/abc" + - "/123/*" + request_routing_rules: + - name: "app-routing1" + rule_type: "basic" + http_listener: "inbound-traffic1" + backend_address_pool: "test_backend_address_pool2" + backend_http_settings: "http-profile1" + rewrite_rule_set: "configure-headers" + - name: "app-routing2" + rule_type: "path_based_routing" + http_listener: "inbound-traffic2" + url_path_map: "path_mappings" + - name: "redirect-routing" + rule_type: "basic" + http_listener: "inbound-http" + redirect_configuration: "redirect-http" + rewrite_rule_sets: + - name: "configure-headers" + rewrite_rules: + - name: "add-security-response-header" + rule_sequence: 1 + action_set: + response_header_configurations: + - header_name: "Strict-Transport-Security" + header_value: "max-age=31536000" + - name: "remove-backend-response-headers" + rule_sequence: 2 + action_set: + response_header_configurations: + - header_name: "Server" + - header_name: "X-Powered-By" + - name: "set-custom-header-condition" + rule_sequence: 3 + conditions: + - variable: "var_client_ip" + pattern: "1.1.1.1" + - variable: "http_req_Authorization" + pattern: "12345" + ignore_case: false + action_set: + request_header_configurations: + - header_name: "Foo" + header_value: "Bar" + probes: + - name: "http-probe1" + interval: 30 + path: "/abc" + protocol: "https" + pick_host_name_from_backend_http_settings: true + timeout: 30 + unhealthy_threshold: 2 + - name: "http-probe2" + interval: 30 + path: "/xyz" + protocol: "http" + pick_host_name_from_backend_http_settings: true + timeout: 30 + unhealthy_threshold: 2 + redirect_configurations: + - name: "redirect-http" + redirect_type: "permanent" + target_listener: "inbound-traffic1" + include_path: true + include_query_string: true + request_routing_rules: + - "redirect-routing" + - name: "redirect-traffic1" + redirect_type: "found" + target_listener: "inbound-traffic1" + include_path: true + include_query_string: true + url_path_maps: + - "path_mappings" + web_application_firewall_configuration: + enabled: true + firewall_mode: "Detection" + rule_set_type: "OWASP" + rule_set_version: "3.0" + request_body_check: true + max_request_body_size_in_kb: 128 + file_upload_limit_in_mb: 100 + register: output + +- name: Assert the resource instance is well created + assert: + that: + - output.changed + +- name: Try to create waf_v2 instance of Application Gateway with waf configuration - no update + azure_rm_appgateway: + resource_group: "{{ resource_group }}" + name: "appgateway-waf-v2-{{ rpfx }}" + sku: + name: waf_v2 + tier: waf_v2 + capacity: 2 + ssl_policy: + policy_type: "predefined" + policy_name: "ssl_policy20170401_s" + ssl_certificates: + - name: cert2 + password: your-password + data: "{{ lookup('file', cert2_file) }}" + gateway_ip_configurations: + - subnet: + id: "{{ subnet_output.state.id }}" + name: app_gateway_ip_config + frontend_ip_configurations: + - name: "public-inbound-ip" + public_ip_address: "appgateway-waf-v2-{{ rpfx }}-pip" + frontend_ports: + - name: "inbound-http" + port: 80 + - name: "inbound-https" + port: 443 + backend_address_pools: + - name: test_backend_address_pool1 + backend_addresses: + - ip_address: 10.0.0.1 + - name: test_backend_address_pool2 + backend_addresses: + - ip_address: 10.0.0.2 + backend_http_settings_collection: + - name: "http-profile1" + port: 443 + protocol: https + pick_host_name_from_backend_address: true + probe: "http-probe1" + cookie_based_affinity: "Disabled" + - name: "http-profile2" + port: 8080 + protocol: http + pick_host_name_from_backend_address: true + probe: "http-probe2" + cookie_based_affinity: "Disabled" + http_listeners: + - name: "inbound-http" + protocol: "http" + frontend_ip_configuration: "public-inbound-ip" + frontend_port: "inbound-http" + - name: "inbound-traffic1" + protocol: "https" + frontend_ip_configuration: "public-inbound-ip" + frontend_port: "inbound-https" + host_name: "traffic1.example.com" + require_server_name_indication: true + ssl_certificate: "cert2" + - name: "inbound-traffic2" + protocol: "https" + frontend_ip_configuration: "public-inbound-ip" + frontend_port: "inbound-https" + host_name: "traffic2.example.com" + require_server_name_indication: true + ssl_certificate: "cert2" + url_path_maps: + - name: "path_mappings" + default_redirect_configuration: "redirect-traffic1" + default_rewrite_rule_set: "configure-headers" + path_rules: + - name: "path_rules" + backend_address_pool: "test_backend_address_pool1" + backend_http_settings: "http-profile1" + paths: + - "/abc" + - "/123/*" + request_routing_rules: + - name: "app-routing1" + rule_type: "basic" + http_listener: "inbound-traffic1" + backend_address_pool: "test_backend_address_pool2" + backend_http_settings: "http-profile1" + rewrite_rule_set: "configure-headers" + - name: "app-routing2" + rule_type: "path_based_routing" + http_listener: "inbound-traffic2" + url_path_map: "path_mappings" + - name: "redirect-routing" + rule_type: "basic" + http_listener: "inbound-http" + redirect_configuration: "redirect-http" + rewrite_rule_sets: + - name: "configure-headers" + rewrite_rules: + - name: "add-security-response-header" + rule_sequence: 1 + action_set: + response_header_configurations: + - header_name: "Strict-Transport-Security" + header_value: "max-age=31536000" + - name: "remove-backend-response-headers" + rule_sequence: 2 + action_set: + response_header_configurations: + - header_name: "Server" + - header_name: "X-Powered-By" + - name: "set-custom-header-condition" + rule_sequence: 3 + conditions: + - variable: "var_client_ip" + pattern: "1.1.1.1" + - variable: "http_req_Authorization" + pattern: "12345" + ignore_case: false + action_set: + request_header_configurations: + - header_name: "Foo" + header_value: "Bar" + probes: + - name: "http-probe1" + interval: 30 + path: "/abc" + protocol: "https" + pick_host_name_from_backend_http_settings: true + timeout: 30 + unhealthy_threshold: 2 + - name: "http-probe2" + interval: 30 + path: "/xyz" + protocol: "http" + pick_host_name_from_backend_http_settings: true + timeout: 30 + unhealthy_threshold: 2 + redirect_configurations: + - name: "redirect-http" + redirect_type: "permanent" + target_listener: "inbound-traffic1" + include_path: true + include_query_string: true + request_routing_rules: + - "redirect-routing" + - name: "redirect-traffic1" + redirect_type: "found" + target_listener: "inbound-traffic1" + include_path: true + include_query_string: true + url_path_maps: + - "path_mappings" + web_application_firewall_configuration: + enabled: true + firewall_mode: "Detection" + rule_set_type: "OWASP" + rule_set_version: "3.0" + request_body_check: true + max_request_body_size_in_kb: 128 + file_upload_limit_in_mb: 100 + register: output + +- name: Assert the resource instance is not updated + assert: + that: + - not output.changed + +- name: Delete instance of Application Gateway -- check mode + azure_rm_appgateway: + resource_group: "{{ resource_group }}" + name: "appgateway{{ rpfx }}" + state: absent + check_mode: yes + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Delete instance of Application Gateway + azure_rm_appgateway: + resource_group: "{{ resource_group }}" + name: "appgateway{{ rpfx }}" + state: absent + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Delete unexisting instance of Application Gateway + azure_rm_appgateway: + resource_group: "{{ resource_group }}" + name: "appgateway{{ rpfx }}" + state: absent + register: output +- name: Assert the state has changed + assert: + that: + - output.changed == false + +- name: Delete path-based rules instance of Application Gateway + azure_rm_appgateway: + resource_group: "{{ resource_group }}" + name: "appgateway-path-rules{{ rpfx }}" + state: absent + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Delete custom probe instance of Application Gateway + azure_rm_appgateway: + resource_group: "{{ resource_group_secondary }}" + name: "appgateway-probe-{{ rpfx }}" + state: absent + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Delete subnet-lookup instance of Application Gateway + azure_rm_appgateway: + resource_group: "{{ resource_group }}" + name: "appgateway-subnet-lookup{{ rpfx }}" + state: absent + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Delete v2 instance of Application Gateway + azure_rm_appgateway: + resource_group: "{{ resource_group }}" + name: "appgateway-v2-{{ rpfx }}" + state: absent + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Delete waf_v2 instance of Application Gateway + azure_rm_appgateway: + resource_group: "{{ resource_group }}" + name: "appgateway-waf-v2-{{ rpfx }}" + state: absent + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Delete public IP for v2 gateway + azure_rm_publicipaddress: + name: "appgateway-v2-{{ rpfx }}-pip" + resource_group: "{{ resource_group }}" + state: absent + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Delete public IP for waf v2 gateway + azure_rm_publicipaddress: + name: "appgateway-waf-v2-{{ rpfx }}-pip" + resource_group: "{{ resource_group }}" + state: absent + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Delete complex instance of Application Gateway + azure_rm_appgateway: + resource_group: "{{ resource_group }}" + name: "appgateway-complex{{ rpfx }}" + state: absent + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Delete virtual network + azure_rm_virtualnetwork: + name: vnet{{ rpfx }} + resource_group: "{{ resource_group }}" + state: absent diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_appserviceplan/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_appserviceplan/aliases new file mode 100644 index 000000000..a6b233ed0 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_appserviceplan/aliases @@ -0,0 +1,4 @@ +cloud/azure +shippable/azure/group4 +unstable +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_appserviceplan/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_appserviceplan/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_appserviceplan/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_appserviceplan/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_appserviceplan/tasks/main.yml new file mode 100644 index 000000000..3e0906bfc --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_appserviceplan/tasks/main.yml @@ -0,0 +1,116 @@ +- name: Prepare facts + set_fact: + resource_prefix: "{{ resource_group_secondary | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + run_once: yes + +- name: Prepare facts + set_fact: + linux_plan_resource_group: "{{ resource_group_secondary }}" + win_plan_name: "{{ (resource_prefix | replace('-','x'))[-8:] }}winplan" + linux_plan_name: "{{ (resource_prefix | replace('-','x'))[-8:] }}linplan" + run_once: yes + +- name: create a windows plan + azure_rm_appserviceplan: + name: "{{ win_plan_name }}1" + resource_group: "{{ resource_group }}" + sku: B1 + register: output + +- name: assert app service was created + assert: + that: + - output.changed + - output.id + +- name: create a linux plan + azure_rm_appserviceplan: + resource_group: "{{ linux_plan_resource_group }}" + name: "{{ linux_plan_name }}1" + sku: S1 + is_linux: true + number_of_workers: 1 + register: output + +- name: assert app service was created + assert: + that: + - output.changed + - output.id + +- name: get app service plan by name + azure_rm_appserviceplan_info: + resource_group: "{{ linux_plan_resource_group }}" + name: "{{ linux_plan_name }}1" + register: output + +- name: assert is_linux is True + assert: + that: + - output.appserviceplans | length == 1 + - output.appserviceplans[0].is_linux == True + +- name: create linux app service plan idempotent + azure_rm_appserviceplan: + resource_group: "{{ linux_plan_resource_group }}" + name: "{{ linux_plan_name }}1" + sku: S1 + is_linux: true + number_of_workers: 1 + register: output + +- name: assert app service is not updated + assert: + that: not output.changed + +- name: update a windows plan sku + azure_rm_appserviceplan: + name: "{{ win_plan_name }}1" + resource_group: "{{ resource_group }}" + sku: B2 + register: output + +- name: assert app service was updated + assert: + that: + - output.changed + +- name: update a linux plan number of workers + azure_rm_appserviceplan: + resource_group: "{{ linux_plan_resource_group }}" + name: "{{ linux_plan_name }}1" + sku: S1 + is_linux: true + number_of_workers: 2 + register: output + +- name: assert app service was updated + assert: + that: + - output.changed + +- name: create premium linux plan + azure_rm_appserviceplan: + resource_group: "{{ linux_plan_resource_group }}" + name: "{{ linux_plan_name }}-premium" + sku: P1v2 + is_linux: true + register: output + +- name: assert app service was created + assert: + that: + - output.changed + - output.id + +- name: create premium linux plan idempotent + azure_rm_appserviceplan: + resource_group: "{{ linux_plan_resource_group }}" + name: "{{ linux_plan_name }}-premium" + sku: P1v2 + is_linux: true + register: output + +- name: assert app service is not updated + assert: + that: not output.changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_automationaccount/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_automationaccount/aliases new file mode 100644 index 000000000..bd71a19ed --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_automationaccount/aliases @@ -0,0 +1,4 @@ +cloud/azure +shippable/azure/group11 +destructive +azure_rm_automationaccount_facts diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_automationaccount/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_automationaccount/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_automationaccount/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_automationaccount/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_automationaccount/tasks/main.yml new file mode 100644 index 000000000..1e00eb9ac --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_automationaccount/tasks/main.yml @@ -0,0 +1,88 @@ +- name: Prepare random number + set_fact: + rpfx: "{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + name: "account{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + run_once: yes + +- name: Create automation account + azure_rm_automationaccount: + name: "{{ name }}" + resource_group: "{{ resource_group }}" + check_mode: yes + register: output + +- assert: + that: + - output.changed + +- name: Create automation account + azure_rm_automationaccount: + name: "{{ name }}" + resource_group: "{{ resource_group }}" + register: output + +- assert: + that: + - output.changed + - output.id + +- name: Create automation account + azure_rm_automationaccount: + name: "{{ name }}" + resource_group: "{{ resource_group }}" + register: output + +- assert: + that: + - not output.changed + +- name: Get automation account + azure_rm_automationaccount_info: + name: "{{ name }}" + resource_group: "{{ resource_group }}" + list_statistics: yes + list_usages: yes + list_keys: yes + register: facts + +- assert: + that: + - facts.automation_accounts | length == 1 + - facts.automation_accounts[0].keys + - facts.automation_accounts[0].usages + - facts.automation_accounts[0].statistics + - facts.automation_accounts[0].state == "Ok" + +- name: Delete account + azure_rm_automationaccount: + name: "{{ name }}" + resource_group: "{{ resource_group }}" + state: absent + check_mode: yes + register: output + +- assert: + that: + - output.changed + +- name: Delete account + azure_rm_automationaccount: + name: "{{ name }}" + resource_group: "{{ resource_group }}" + state: absent + register: output + +- assert: + that: + - output.changed + +- name: Delete account + azure_rm_automationaccount: + name: "{{ name }}" + resource_group: "{{ resource_group }}" + state: absent + register: output + +- assert: + that: + - not output.changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_automationrunbook/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_automationrunbook/aliases new file mode 100644 index 000000000..0d8bc62ca --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_automationrunbook/aliases @@ -0,0 +1,5 @@ +cloud/azure +shippable/azure/group11 +destructive +azure_rm_automationrunbook +azure_rm_automationrunbook_info diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_automationrunbook/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_automationrunbook/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_automationrunbook/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_automationrunbook/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_automationrunbook/tasks/main.yml new file mode 100644 index 000000000..d6f7ba8a1 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_automationrunbook/tasks/main.yml @@ -0,0 +1,139 @@ +- name: Prepare random number + set_fact: + rpfx: "{{ resource_group | hash('md5') | truncate(10, True, '') }}" + run_once: yes + +- name: Create automation account + azure_rm_automationaccount: + name: "account-{{ rpfx }}" + resource_group: "{{ resource_group }}" + +- name: create automation runbook (check mode) + azure_rm_automationrunbook: + resource_group: "{{ resource_group }}" + automation_account_name: "account-{{ rpfx }}" + name: "runbook-{{ rpfx }}" + runbook_type: "Script" + description: "Fred test" + check_mode: yes + +- name: create automation runbook with default parameters + azure_rm_automationrunbook: + resource_group: "{{ resource_group }}" + automation_account_name: "account-{{ rpfx }}" + name: "runbook-{{ rpfx }}" + runbook_type: "Script" + description: "Fred test" + register: output + +- name: Assert the automation runbook is well created + assert: + that: + - output.changed + +- name: create automation runbook with default parameters (idempotent) + azure_rm_automationrunbook: + resource_group: "{{ resource_group }}" + automation_account_name: "account-{{ rpfx }}" + name: "runbook-{{ rpfx }}" + runbook_type: "Script" + description: "Fred test" + register: output + +- name: Assert the automation runbook is well created + assert: + that: + - not output.changed + +- name: Create automation runbook with more paramters + azure_rm_automationrunbook: + resource_group: "{{ resource_group }}" + automation_account_name: "account-{{ rpfx }}" + name: "runbook-{{ rpfx }}-secondary" + runbook_type: "Script" + description: "test" + log_activity_trace: 2 + log_progress: False + log_verbose: True + tags: + key1: value1 + register: output + +- name: Assert the automation runbook is well created + assert: + that: + - output.changed + +- name: Update automation runbook with more paramters + azure_rm_automationrunbook: + resource_group: "{{ resource_group }}" + automation_account_name: "account-{{ rpfx }}" + name: "runbook-{{ rpfx }}-secondary" + runbook_type: "Script" + description: "update" + log_activity_trace: 3 + log_progress: True + log_verbose: False + tags: + key2: value2 + register: output + +- name: Assert the automation runbook is well created + assert: + that: + - output.changed + +- name: Publish automation runbook + azure_rm_automationrunbook: + resource_group: "{{ resource_group }}" + automation_account_name: "account-{{ rpfx }}" + name: "runbook-{{ rpfx }}-secondary" + publish: True + register: output + +- name: Assert the automation runbook is well published + assert: + that: + - output.changed + +- name: Get automation runbook + azure_rm_automationrunbook_info: + resource_group: "{{ resource_group }}" + automation_account_name: "account-{{ rpfx }}" + name: "runbook-{{ rpfx }}-secondary" + register: output + +- name: Assert the automation runbook is well created + assert: + that: + - output.automation_runbook[0].description == 'update' + - output.automation_runbook[0].log_activity_trace == 3 + - output.automation_runbook[0].log_progress == true + - output.automation_runbook[0].log_verbose == false + - output.automation_runbook[0].tags | length == 2 + - output.automation_runbook[0].state == 'Published' + +- name: Get all automation runbook + azure_rm_automationrunbook_info: + resource_group: "{{ resource_group }}" + automation_account_name: "account-{{ rpfx }}" + register: output + +- name: Assert the automation runbook is well created + assert: + that: + - output.automation_runbook | length == 2 + +- name: delete automation runbook + azure_rm_automationrunbook: + resource_group: "{{ resource_group }}" + automation_account_name: "account-{{ rpfx }}" + name: "runbook-{{ rpfx }}" + state: absent + +- name: delete automation runbook + azure_rm_automationrunbook: + resource_group: "{{ resource_group }}" + automation_account_name: "account-{{ rpfx }}" + name: "runbook-{{ rpfx }}-secondary" + state: absent diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_autoscale/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_autoscale/aliases new file mode 100644 index 000000000..ed266f358 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_autoscale/aliases @@ -0,0 +1,4 @@ +cloud/azure +shippable/azure/group14 +destructive +azure_rm_autoscale diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_autoscale/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_autoscale/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_autoscale/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_autoscale/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_autoscale/tasks/main.yml new file mode 100644 index 000000000..8c8f144dc --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_autoscale/tasks/main.yml @@ -0,0 +1,221 @@ +- name: Prepare random number + set_fact: + rpfx: "{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + name: "scale{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + run_once: yes + +- name: Create virtual network + azure_rm_virtualnetwork: + resource_group: "{{ resource_group }}" + name: testVnet + address_prefixes: "10.0.0.0/16" + +- name: Add subnet + azure_rm_subnet: + resource_group: "{{ resource_group }}" + name: testSubnet + address_prefix: "10.0.1.0/24" + virtual_network: testVnet + +- name: Create VMSS + azure_rm_virtualmachinescaleset: + resource_group: "{{ resource_group }}" + name: testVMSS{{ rpfx }} + vm_size: Standard_DS1_v2 + admin_username: testuser + ssh_password_enabled: false + ssh_public_keys: + - path: /home/testuser/.ssh/authorized_keys + key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com" + capacity: 2 + virtual_network_name: testVnet + subnet_name: testSubnet + upgrade_policy: Manual + tier: Standard + managed_disk_type: Standard_LRS + os_disk_caching: ReadWrite + image: + offer: UbuntuServer + publisher: Canonical + sku: 18.04-LTS + version: latest + data_disks: + - lun: 0 + disk_size_gb: 64 + caching: ReadWrite + managed_disk_type: Standard_LRS + register: vmss + +- name: create auto scaling (check mode) + azure_rm_autoscale: + resource_group: "{{ resource_group }}" + name: "{{ name }}" + target: "{{ vmss.ansible_facts.azure_vmss.id }}" + enabled: true + profiles: + - count: '1' + recurrence_days: + - Monday + name: Auto created scale condition + recurrence_timezone: China Standard Time + recurrence_mins: + - '0' + min_count: '1' + max_count: '1' + recurrence_frequency: Week + recurrence_hours: + - '18' + check_mode: yes + register: output + +- assert: + that: + - output.changed + +- name: create auto scaling + azure_rm_autoscale: + resource_group: "{{ resource_group }}" + name: "{{ name }}" + target: + name: "testVMSS{{ rpfx }}" + types: "virtualMachineScaleSets" + namespace: "Microsoft.Compute" + enabled: true + profiles: + - count: '1' + recurrence_days: + - Monday + name: Auto created scale condition + recurrence_timezone: China Standard Time + recurrence_mins: + - '0' + min_count: '1' + max_count: '1' + recurrence_frequency: Week + recurrence_hours: + - '18' + register: output + +- assert: + that: + - output.changed + - output.id + +- name: create auto scaling (idemponent) + azure_rm_autoscale: + resource_group: "{{ resource_group }}" + name: "{{ name }}" + target: "{{ vmss.ansible_facts.azure_vmss.id }}" + enabled: true + profiles: + - count: '1' + recurrence_days: + - Monday + name: Auto created scale condition + recurrence_timezone: China Standard Time + recurrence_mins: + - '0' + min_count: '1' + max_count: '1' + recurrence_frequency: Week + recurrence_hours: + - '18' + register: output + +- assert: + that: + - not output.changed + - output.id + +- name: update auto scaling + azure_rm_autoscale: + resource_group: "{{ resource_group }}" + name: "{{ name }}" + target: "{{ vmss.ansible_facts.azure_vmss.id }}" + enabled: true + profiles: + - count: '1' + recurrence_days: + - Monday + name: Auto created scale condition 0 + rules: + - time_aggregation: Average + time_window: 10 + direction: Increase + metric_name: Percentage CPU + metric_resource_uri: "{{ vmss.ansible_facts.azure_vmss.id }}" + value: '1' + threshold: 70 + cooldown: 5 + time_grain: 1 + statistic: Average + operator: GreaterThan + type: ChangeCount + max_count: '1' + recurrence_mins: + - '0' + min_count: '1' + recurrence_timezone: China Standard Time + recurrence_frequency: Week + recurrence_hours: + - '6' + register: output + +- assert: + that: + - output.changed + - output.profiles[0].rules[0].metric_resource_uri == vmss.ansible_facts.azure_vmss.id + +- name: delete auto scaling (check mode) + azure_rm_autoscale: + resource_group: "{{ resource_group }}" + name: "{{ name }}" + state: absent + check_mode: yes + register: output + +- assert: + that: + - output.changed + +- name: delete auto scaling + azure_rm_autoscale: + resource_group: "{{ resource_group }}" + name: "{{ name }}" + state: absent + register: output + +- assert: + that: + - output.changed + +- name: delete auto scaling (idemponetent) + azure_rm_autoscale: + resource_group: "{{ resource_group }}" + name: "{{ name }}" + state: absent + register: output + +- assert: + that: + - not output.changed + +- name: Clean VMSS + azure_rm_virtualmachinescaleset: + resource_group: "{{ resource_group }}" + vm_size: Standard_DS1_v2 + name: testVMSS{{ rpfx }} + state: absent + +- name: Clean subnet + azure_rm_subnet: + resource_group: "{{ resource_group }}" + name: testSubnet + virtual_network: testVnet + state: absent + +- name: Clean virtual network + azure_rm_virtualnetwork: + resource_group: "{{ resource_group }}" + name: testVnet + state: absent diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_availabilityset/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_availabilityset/aliases new file mode 100644 index 000000000..17456633d --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_availabilityset/aliases @@ -0,0 +1,4 @@ +cloud/azure +shippable/azure/group2 +destructive +azure_rm_availalibityset_info diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_availabilityset/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_availabilityset/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_availabilityset/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_availabilityset/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_availabilityset/tasks/main.yml new file mode 100644 index 000000000..7dc00bf26 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_availabilityset/tasks/main.yml @@ -0,0 +1,193 @@ +- name: Create an availability set with default options - Check Mode + azure_rm_availabilityset: + name: myavailabilityset1 + resource_group: "{{ resource_group }}" + tags: + tag1: testtag + register: results + check_mode: yes + +- assert: + that: results.changed + +- name: Create an availability set with default options + azure_rm_availabilityset: + name: myavailabilityset1 + resource_group: "{{ resource_group }}" + tags: + tag1: testtag + register: results + +- assert: + that: results.changed + +- name: Create proximity placement group name + set_fact: + ppgroup_name: "ppg{{ resource_group | hash('md5') | truncate(22, True, '') }}" + +- name: Create a proximity placement group + azure_rm_proximityplacementgroup: + resource_group: "{{ resource_group }}" + location: eastus + name: "{{ ppgroup_name }}" + state: present + register: results + +- name: Create an availability set with advanced options + azure_rm_availabilityset: + name: myavailabilityset2 + resource_group: "{{ resource_group }}" + platform_update_domain_count: 5 + platform_fault_domain_count: 2 + proximity_placement_group: "{{ ppgroup_name }}" + sku: Aligned + register: results + +- assert: + that: results.changed + +- name: Modify availabilty set immutable options - no changes, fail for immutable options + azure_rm_availabilityset: + name: myavailabilityset2 + resource_group: "{{ resource_group }}" + platform_update_domain_count: 2 + platform_fault_domain_count: 2 + proximity_placement_group: "{{ ppgroup_name }}" + sku: Aligned + register: results + ignore_errors: yes + +- assert: + that: + - not results.changed + - results.msg == 'You tried to change platform_update_domain_count but is was unsuccessful. An Availability Set is immutable, except tags' + +- name: Modify availabilty set immutable options and set tags - change tags and fail for immutable options + azure_rm_availabilityset: + name: myavailabilityset2 + resource_group: "{{ resource_group }}" + platform_update_domain_count: 2 + platform_fault_domain_count: 2 + proximity_placement_group: "{{ ppgroup_name }}" + sku: Aligned + tags: + test1: modified + register: results + ignore_errors: yes + +- assert: + that: + - not results.changed + - results.msg == 'You tried to change platform_update_domain_count but is was unsuccessful. An Availability Set is immutable, except tags' + +- name: Modify availabilty set options to update tags + azure_rm_availabilityset: + name: myavailabilityset2 + resource_group: "{{ resource_group }}" + platform_update_domain_count: 5 + platform_fault_domain_count: 2 + proximity_placement_group: "{{ ppgroup_name }}" + sku: Aligned + tags: + test2: modified + register: results + +- assert: + that: + - results.state.tags.test2 == 'modified' + +- name: Create availability set with incorrect fault domain parameter + azure_rm_availabilityset: + name: myavailabilityset3 + resource_group: "{{ resource_group }}" + platform_update_domain_count: 5 + platform_fault_domain_count: 4 + sku: Aligned + register: results + ignore_errors: yes + +- assert: + { that: "'The specified fault domain count 4 must fall in the range 1 to' in results['msg']" } + +- name: Test check_mode + azure_rm_availabilityset: + name: myavailabilityset2 + resource_group: "{{ resource_group }}" + platform_update_domain_count: 5 + platform_fault_domain_count: 2 + proximity_placement_group: "{{ ppgroup_name }}" + sku: Aligned + tags: + checktest1: modified1 + checktest2: modified2 + check_mode: yes + register: results + +- assert: + that: + - results.changed + - results.state.tags.checktest1 == 'modified1' + +# +# azure_rm_availabilityset_facts tests +# +- name: Get facts for created availability set + azure_rm_availabilityset_info: + name: myavailabilityset2 + resource_group: "{{ resource_group }}" + register: results + +- assert: + that: + - not results.changed + - not results.failed + - results.ansible_info.azure_availabilitysets[0].properties.platformFaultDomainCount == 2 + - results.ansible_info.azure_availabilitysets[0].properties.platformUpdateDomainCount == 5 + - results.ansible_info.azure_availabilitysets[0].sku == 'Aligned' + - results.ansible_info.azure_availabilitysets[0].properties.proximityPlacementGroup.id.split('/')[-1] == ppgroup_name + +- name: Delete an availability set - Check Mode + azure_rm_availabilityset: + name: myavailabilityset1 + resource_group: "{{ resource_group }}" + state: absent + check_mode: yes + register: results +- assert: + that: + - results.changed + +- name: Delete an availability set + azure_rm_availabilityset: + name: myavailabilityset1 + resource_group: "{{ resource_group }}" + state: absent + +- name: Delete an availability set already deleted - Check Mode + azure_rm_availabilityset: + name: myavailabilityset1 + resource_group: "{{ resource_group }}" + state: absent + check_mode: yes + register: results +- assert: + that: + - not results.changed + +- name: Delete an availability set + azure_rm_availabilityset: + name: myavailabilityset2 + resource_group: "{{ resource_group }}" + state: absent + +- name: Delete an availability set + azure_rm_availabilityset: + name: myavailabilityset3 + resource_group: "{{ resource_group }}" + state: absent + +- name: Delete proximity placement group + azure_rm_proximityplacementgroup: + resource_group: "{{ resource_group }}" + name: "{{ ppgroup_name }}" + state: absent diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_azurefirewall/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_azurefirewall/aliases new file mode 100644 index 000000000..239e36577 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_azurefirewall/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group4 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_azurefirewall/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_azurefirewall/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_azurefirewall/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_azurefirewall/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_azurefirewall/tasks/main.yml new file mode 100644 index 000000000..face59c2b --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_azurefirewall/tasks/main.yml @@ -0,0 +1,277 @@ +- name: Fix resource prefix + set_fact: + virtual_network_name: myVirtualNetwork + subnet_name: AzureFirewallSubnet + public_ipaddress_name: myPublicIpAddress + azure_firewall_name: myFirewall + +- name: Create virtual network + azure_rm_virtualnetwork: + name: "{{ virtual_network_name }}" + address_prefixes_cidr: + - 10.1.0.0/16 + - 172.100.0.0/16 + dns_servers: + - 127.0.0.1 + - 127.0.0.3 + tags: + testing: testing + delete: on-exit + resource_group: "{{ resource_group }}" + +- name: Create subnet + azure_rm_subnet: + name: "{{ subnet_name }}" + virtual_network_name: "{{ virtual_network_name }}" + resource_group: "{{ resource_group }}" + address_prefix_cidr: "10.1.0.0/24" + +- name: Create public IP address + azure_rm_publicipaddress: + resource_group: "{{ resource_group }}" + allocation_method: Static + name: "{{ public_ipaddress_name }}" + sku: Standard + register: pip_output + +- debug: + var: pip_output + +- name: Create Azure Firewall + azure_rm_azurefirewall: + resource_group: '{{resource_group}}' + name: '{{azure_firewall_name}}' + #tags: + # key1: value1 + application_rule_collections: + - priority: 110 + action: deny + rules: + - name: rule1 + description: Deny inbound rule + source_addresses: + - 216.58.216.164 + - 10.0.0.0/25 + protocols: + - type: https + port: '443' + target_fqdns: + - www.test.com + name: apprulecoll + nat_rule_collections: + - priority: 112 + action: dnat + rules: + - name: DNAT-HTTPS-traffic + description: D-NAT all outbound web traffic for inspection + source_addresses: + - '*' + destination_addresses: + - "{{ pip_output.state.ip_address }}" + destination_ports: + - '443' + protocols: + - tcp + translated_address: 1.2.3.5 + translated_port: '8443' + name: natrulecoll + network_rule_collections: + - priority: 112 + action: deny + rules: + - name: L4-traffic + description: Block traffic based on source IPs and ports + protocols: + - tcp + source_addresses: + - 192.168.1.1-192.168.1.12 + - 10.1.4.12-10.1.4.255 + destination_addresses: + - '*' + destination_ports: + - 443-444 + - '8443' + name: netrulecoll + ip_configurations: + - subnet: + virtual_network_name: "{{ virtual_network_name }}" + name: "{{ subnet_name }}" + public_ip_address: + name: "{{ public_ipaddress_name }}" + name: azureFirewallIpConfiguration + register: output + +- debug: + var: output + +- name: Assert that output has changed + assert: + that: + - output.changed + +- name: Create Azure Firewall -- idempotent + azure_rm_azurefirewall: + resource_group: '{{resource_group}}' + name: '{{azure_firewall_name}}' + application_rule_collections: + - priority: 110 + action: deny + rules: + - name: rule1 + description: Deny inbound rule + source_addresses: + - 216.58.216.164 + - 10.0.0.0/25 + protocols: + - type: https + port: '443' + target_fqdns: + - www.test.com + name: apprulecoll + nat_rule_collections: + - priority: 112 + action: dnat + rules: + - name: DNAT-HTTPS-traffic + description: D-NAT all outbound web traffic for inspection + source_addresses: + - '*' + destination_addresses: + - "{{ pip_output.state.ip_address }}" + destination_ports: + - '443' + protocols: + - tcp + translated_address: 1.2.3.5 + translated_port: '8443' + name: natrulecoll + network_rule_collections: + - priority: 112 + action: deny + rules: + - name: L4-traffic + description: Block traffic based on source IPs and ports + protocols: + - tcp + source_addresses: + - 192.168.1.1-192.168.1.12 + - 10.1.4.12-10.1.4.255 + destination_addresses: + - '*' + destination_ports: + - 443-444 + - '8443' + name: netrulecoll + ip_configurations: + - subnet: + virtual_network_name: "{{ virtual_network_name }}" + name: "{{ subnet_name }}" + public_ip_address: + name: "{{ public_ipaddress_name }}" + name: azureFirewallIpConfiguration + register: output + +- debug: + var: output + +- name: Assert that output has not changed + assert: + that: + - not output.changed + +- name: Create Azure Firewall -- change something + azure_rm_azurefirewall: + resource_group: '{{resource_group}}' + name: '{{azure_firewall_name}}' + application_rule_collections: + - priority: 110 + action: deny + rules: + - name: rule1 + description: Deny inbound rule + source_addresses: + - 216.58.216.165 + - 10.0.0.0/25 + protocols: + - type: https + port: '443' + target_fqdns: + - www.test.com + name: apprulecoll + nat_rule_collections: + - priority: 112 + action: dnat + rules: + - name: DNAT-HTTPS-traffic + description: D-NAT all outbound web traffic for inspection + source_addresses: + - '*' + destination_addresses: + - "{{ pip_output.state.ip_address }}" + destination_ports: + - '443' + protocols: + - tcp + translated_address: 1.2.3.6 + translated_port: '8443' + name: natrulecoll + network_rule_collections: + - priority: 112 + action: deny + rules: + - name: L4-traffic + description: Block traffic based on source IPs and ports + protocols: + - tcp + source_addresses: + - 192.168.1.1-192.168.1.12 + - 10.1.4.12-10.1.4.255 + destination_addresses: + - '*' + destination_ports: + - 443-445 + - '8443' + name: netrulecoll + ip_configurations: + - subnet: + virtual_network_name: "{{ virtual_network_name }}" + name: "{{ subnet_name }}" + public_ip_address: + name: "{{ public_ipaddress_name }}" + name: azureFirewallIpConfiguration + check_mode: yes + register: output + +- name: Assert that output has changed + assert: + that: + - output.changed + +- name: Get info of the Azure Firewall + azure_rm_azurefirewall_info: + resource_group: '{{resource_group}}' + name: '{{azure_firewall_name}}' + register: output + +- assert: + that: + - not output.changed + - output.firewalls['id'] != None + - output.firewalls['name'] != None + - output.firewalls['location'] != None + - output.firewalls['etag'] != None + - output.firewalls['nat_rule_collections'] != None + - output.firewalls['network_rule_collections'] != None + - output.firewalls['ip_configurations'] != None + - output.firewalls['provisioning_state'] != None + +- name: Delete Azure Firewall + azure_rm_azurefirewall: + resource_group: '{{resource_group}}' + name: '{{azure_firewall_name}}' + state: absent + register: output + +- assert: + that: + - output.changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_backupazurevm/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_backupazurevm/aliases new file mode 100644 index 000000000..6c4c0f4ca --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_backupazurevm/aliases @@ -0,0 +1,4 @@ +cloud/azure +shippable/azure/group12 +destructive +disabled
\ No newline at end of file diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_backupazurevm/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_backupazurevm/meta/main.yml new file mode 100644 index 000000000..48f5726d8 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_backupazurevm/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure
\ No newline at end of file diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_backupazurevm/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_backupazurevm/tasks/main.yml new file mode 100644 index 000000000..b8d0064f2 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_backupazurevm/tasks/main.yml @@ -0,0 +1,76 @@ +- name: Fix resource prefix + set_fact: + resource_group: 'MyResourceGroup' + recovery_vault_name: 'MyRecoveryVault' + resource_id: "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/MyVM" + backup_policy_id: "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/myResourceGroup/providers/microsoft.recoveryservices/vaults/testVault/backupPolicies/DefaultPolicy" + +- name: Enabling/Updating protection for the Azure VM + azure_rm_backupazurevm: + resource_group: "{{ resource_group }}" + recovery_vault_name: "{{ recovery_vault_name }}" + resource_id: "{{ resource_id }}" + backup_policy_id: "{{ backup_policy_id }}" + state: "create" + register: output + +- name: Assert that output has changed + assert: + that: + - output.changed + +- name: Trigger an on-demand backup for a protected Azure VM + azure_rm_backupazurevm: + resource_group: "{{ resource_group }}" + recovery_vault_name: "{{ recovery_vault_name }}" + resource_id: "{{ resource_id }}" + backup_policy_id: "{{ backup_policy_id }}" + recovery_point_expiry_time: "2025-02-03T05:00:00Z" + state: "backup" + register: output + +- name: Assert that output has changed + assert: + that: + - output.changed + +- name: Stop protection but retain existing data + azure_rm_backupazurevm: + resource_group: "{{ resource_group }}" + recovery_vault_name: "{{ recovery_vault_name }}" + resource_id: "{{ resource_id }}" + backup_policy_id: "{{ backup_policy_id }}" + state: "stop" + register: output + +- name: Assert that output has changed + assert: + that: + - output.changed + +- name: Get backup azure vm info + azure_rm_backupazurevm_info: + resource_group: "{{ resource_group }}" + recovery_vault_name: "{{ recovery_vault_name }}" + resource_id: "{{ resource_id }}" + register: output + +- name: Assert that output has changed + assert: + that: + - output.response.id != None + - output.response.name != None + +- name: Stop protection and delete data + azure_rm_backupazurevm: + resource_group: "{{ resource_group }}" + recovery_vault_name: "{{ recovery_vault_name }}" + resource_id: "{{ resource_id }}" + backup_policy_id: "{{ backup_policy_id }}" + state: "delete" + register: output + +- name: Assert that output has changed + assert: + that: + - output.changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_backuppolicy/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_backuppolicy/aliases new file mode 100644 index 000000000..aa77c071a --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_backuppolicy/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group2 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_backuppolicy/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_backuppolicy/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_backuppolicy/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_backuppolicy/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_backuppolicy/tasks/main.yml new file mode 100644 index 000000000..f57eed4a8 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_backuppolicy/tasks/main.yml @@ -0,0 +1,168 @@ +- name: Set Facts for Tests + set_fact: + vault_name: "rsv{{ resource_group | hash('md5') | truncate(22, True, '') }}" + location: "eastus" + policy_name_daily: "bp-daily-policy-{{ resource_group | hash('md5') | truncate(22, True, '') }}" + policy_name_weekly: "bp-weekly-policy-{{ resource_group | hash('md5') | truncate(22, True, '') }}" + +- name: Create Azure Recovery Service vault + azure_rm_recoveryservicesvault: + resource_group: "{{ resource_group }}" + name: "{{ vault_name }}" + location: "{{ location }}" + state: "present" + +- name: Create a daily VM backup policy + azure_rm_backuppolicy: + vault_name: "{{ vault_name }}" + name: "{{ policy_name_daily }}" + resource_group: "{{ resource_group }}" + state: present + backup_management_type: "AzureIaasVM" + schedule_run_frequency: "Daily" + instant_recovery_snapshot_retention: 2 + daily_retention_count: 12 + time_zone: "Pacific Standard Time" + schedule_run_time: 14 + register: daily_policy_output + +- name: Create a daily VM backup policy + azure_rm_backuppolicy_info: + vault_name: "{{ vault_name }}" + name: "{{ policy_name_daily }}" + resource_group: "{{ resource_group }}" + register: backup_policy_exists + +- name: Assert success on daily backup policy creation + assert: + that: + - daily_policy_output.changed + - daily_policy_output.name == policy_name_daily + +- name: Assert Policy Success Retrieving Info + assert: + that: + - backup_policy_exists.id == daily_policy_output.id + - backup_policy_exists.location == daily_policy_output.location + - backup_policy_exists.name == daily_policy_output.name + - backup_policy_exists.type == daily_policy_output.type + +- name: Update daily VM backup policy + azure_rm_backuppolicy: + vault_name: "{{ vault_name }}" + name: "{{ policy_name_daily }}" + resource_group: "{{ resource_group }}" + state: present + backup_management_type: "AzureIaasVM" + schedule_run_frequency: "Daily" + instant_recovery_snapshot_retention: 5 + daily_retention_count: 10 + time_zone: "Pacific Standard Time" + schedule_run_time: 10 + register: daily_policy_output_update + +- name: Assert success on update of daily policy + assert: + that: + - daily_policy_output_update.changed + - daily_policy_output_update.name == policy_name_daily + +- name: Create a weekly VM backup policy + azure_rm_backuppolicy: + vault_name: "{{ vault_name }}" + name: "{{ policy_name_weekly }}" + resource_group: "{{ resource_group }}" + state: present + backup_management_type: "AzureIaasVM" + schedule_run_frequency: "Weekly" + instant_recovery_snapshot_retention: 5 + weekly_retention_count: 4 + schedule_days: + - "Monday" + - "Wednesday" + - "Friday" + time_zone: "Pacific Standard Time" + schedule_run_time: 8 + register: weekly_policy_output + +- name: Assert success on weekly backup policy creation + assert: + that: + - weekly_policy_output.changed + - weekly_policy_output.name == policy_name_weekly + +- name: Update weekly VM backup policy + azure_rm_backuppolicy: + vault_name: "{{ vault_name }}" + name: "{{ policy_name_weekly }}" + resource_group: "{{ resource_group }}" + state: present + backup_management_type: "AzureIaasVM" + schedule_run_frequency: "Weekly" + instant_recovery_snapshot_retention: 5 + weekly_retention_count: 4 + schedule_days: + - "Monday" + - "Wednesday" + - "Thursday" + time_zone: "Pacific Standard Time" + schedule_run_time: 10 + register: weekly_policy_output_update + +- name: Assert success on update of weekly policy + assert: + that: + - weekly_policy_output_update.changed + - weekly_policy_output_update.name == policy_name_weekly + +- name: Delete a daily VM backup policy + azure_rm_backuppolicy: + vault_name: "{{ vault_name }}" + name: "{{ policy_name_daily }}" + resource_group: "{{ resource_group }}" + state: absent + register: daily_policy_output_delete + +- name: Assert success on daily backup policy deletion + assert: + that: + - daily_policy_output_delete.changed + +- name: Delete a weekly VM backup policy + azure_rm_backuppolicy: + vault_name: "{{ vault_name }}" + name: "{{ policy_name_weekly }}" + resource_group: "{{ resource_group }}" + state: absent + register: weekly_policy_output_delete + +- name: Assert success on weekly backup policy deletion + assert: + that: + - weekly_policy_output_delete.changed + +- name: Delete a daily VM backup policy (idempotent) + azure_rm_backuppolicy: + vault_name: "{{ vault_name }}" + name: "{{ policy_name_daily }}" + resource_group: "{{ resource_group }}" + state: absent + register: daily_policy_output_delete_idempotent + +- name: Assert that there is no change after second deletion of daily backup policy + assert: + that: + - not daily_policy_output_delete_idempotent.changed + +- name: Delete a weekly VM backup policy (idempotent) + azure_rm_backuppolicy: + vault_name: "{{ vault_name }}" + name: "{{ policy_name_weekly }}" + resource_group: "{{ resource_group }}" + state: absent + register: weekly_policy_output_delete_idempotent + +- name: Assert that there is no change after second deletion of weekly backup policy + assert: + that: + - not weekly_policy_output_delete_idempotent.changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_bastionhost/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_bastionhost/aliases new file mode 100644 index 000000000..3c63edec5 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_bastionhost/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group15 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_bastionhost/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_bastionhost/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_bastionhost/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_bastionhost/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_bastionhost/tasks/main.yml new file mode 100644 index 000000000..c9d9c23d7 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_bastionhost/tasks/main.yml @@ -0,0 +1,173 @@ +- name: Set Bastion host name + set_fact: + rpfx: "{{ resource_group | hash('md5') | truncate(8, True, '') }}" + +- name: create resource group + azure_rm_resourcegroup: + name: "{{ resource_group }}" + location: eastus + +- name: Create virtual network + azure_rm_virtualnetwork: + resource_group: "{{ resource_group }}" + name: "vnet{{ rpfx }}" + address_prefixes_cidr: + - 10.1.0.0/16 + - 172.100.0.0/16 + dns_servers: + - 127.0.0.1 + +- name: Create a subnet + azure_rm_subnet: + resource_group: "{{ resource_group }}" + name: AzureBastionSubnet + virtual_network_name: "vnet{{ rpfx }}" + address_prefix_cidr: "10.1.0.0/26" + register: subnet_output + +- name: Create public ip + azure_rm_publicipaddress: + resource_group: "{{ resource_group }}" + name: "pip{{ rpfx }}" + allocation_method: Static + sku: Standard + +- name: Get public ip ID + azure_rm_publicipaddress_info: + resource_group: "{{ resource_group }}" + name: "pip{{ rpfx }}" + register: publicIP_output + +- name: Create bastion host (checkmode test) + azure_rm_bastionhost: + resource_group: "{{ resource_group }}" + name: "bh{{ rpfx }}" + ip_configurations: + - name: testip_configuration + subnet: + id: "{{ subnet_output.state.id }}" + public_ip_address: + id: "{{ publicIP_output.publicipaddresses[0].id }}" + private_ip_allocation_method: Dynamic + sku: + name: Standard + enable_tunneling: False + enable_shareable_link: False + enable_ip_connect: False + enable_file_copy: False + scale_units: 6 + disable_copy_paste: False + tags: + key3: value3 + check_mode: yes + register: output + +- name: Create bastion host + azure_rm_bastionhost: + resource_group: "{{ resource_group }}" + name: "bh{{ rpfx }}" + ip_configurations: + - name: testip_configuration + subnet: + id: "{{ subnet_output.state.id }}" + public_ip_address: + id: "{{ publicIP_output.publicipaddresses[0].id }}" + private_ip_allocation_method: Dynamic + sku: + name: Standard + enable_tunneling: False + enable_shareable_link: False + enable_ip_connect: False + enable_file_copy: False + scale_units: 6 + disable_copy_paste: False + tags: + key3: value3 + register: output + +- name: Assert the bastion host created + assert: + that: + - output.changed + +- name: Create bastion host (Idempotent Test) + azure_rm_bastionhost: + resource_group: "{{ resource_group }}" + name: "bh{{ rpfx }}" + ip_configurations: + - name: testip_configuration + subnet: + id: "{{ subnet_output.state.id }}" + public_ip_address: + id: "{{ publicIP_output.publicipaddresses[0].id }}" + private_ip_allocation_method: Dynamic + sku: + name: Standard + enable_tunneling: False + enable_shareable_link: False + enable_ip_connect: False + enable_file_copy: False + scale_units: 6 + disable_copy_paste: False + tags: + key3: value3 + register: output + +- name: Assert the bastion host no changed + assert: + that: + - not output.changed + +- name: Pause for 20 mimutes to Bastion host updating + shell: sleep 1200 + +- name: Update bastion host + azure_rm_bastionhost: + resource_group: "{{ resource_group }}" + name: "bh{{ rpfx }}" + ip_configurations: + - name: testip_configuration + subnet: + id: "{{ subnet_output.state.id }}" + public_ip_address: + id: "{{ publicIP_output.publicipaddresses[0].id }}" + private_ip_allocation_method: Dynamic + sku: + name: Basic + enable_tunneling: True + enable_shareable_link: True + enable_ip_connect: True + enable_file_copy: True + scale_units: 8 + disable_copy_paste: True + tags: + key2: value2 + register: output + +- name: Assert the bastion host updated + assert: + that: + - output.changed + +- name: Get bastion host info + azure_rm_bastionhost_info: + resource_group: "{{ resource_group }}" + name: "bh{{ rpfx }}" + register: output + +- name: Assert the bastion host is well create + assert: + that: + - output.bastion_host[0].disable_copy_paste == true + - output.bastion_host[0].enable_file_copy == true + - output.bastion_host[0].enable_ip_connect == true + - output.bastion_host[0].enable_shareable_link == true + - output.bastion_host[0].enable_tunneling == true + - output.bastion_host[0].scale_units == 8 + - output.bastion_host[0].sku.name == 'Basic' + +- name: Delete bastion host + azure_rm_bastionhost: + resource_group: "{{ resource_group }}" + name: "bh{{ rpfx }}" + state: absent diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_batchaccount/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_batchaccount/aliases new file mode 100644 index 000000000..bbfe7e8cd --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_batchaccount/aliases @@ -0,0 +1,3 @@ +cloud/azure +destructive +shippable/azure/group12 diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_batchaccount/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_batchaccount/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_batchaccount/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_batchaccount/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_batchaccount/tasks/main.yml new file mode 100644 index 000000000..e62cb67cf --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_batchaccount/tasks/main.yml @@ -0,0 +1,76 @@ +--- +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# +# ---------------------------------------------------------------------------- +- name: Prepare random number + set_fact: + storage_account_name: "st{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + batch_account_name: "ba{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + run_once: yes + +- name: Create Storage Account + azure_rm_storageaccount: + resource_group: "{{ resource_group }}" + name: "{{ storage_account_name }}" + location: eastus + account_type: Standard_LRS + +- name: Create Batch Account + azure_rm_batchaccount: + resource_group: "{{ resource_group }}" + name: "{{ batch_account_name }}" + location: eastus + auto_storage_account: + name: "{{ storage_account_name }}" + pool_allocation_mode: batch_service + register: output + +- name: Assert the resource was created + assert: + that: + - output.changed + +- name: Create Batch Account -- idempotent + azure_rm_batchaccount: + resource_group: "{{ resource_group }}" + name: "{{ batch_account_name }}" + location: eastus + auto_storage_account: + name: "{{ storage_account_name }}" + pool_allocation_mode: batch_service + register: output + +- name: Assert the resource was created + assert: + that: + - not output.changed + +- name: Delete Batch Account + azure_rm_batchaccount: + resource_group: "{{ resource_group }}" + name: "{{ batch_account_name }}" + location: eastus + auto_storage_account: + name: "{{ storage_account_name }}" + pool_allocation_mode: batch_service + state: absent + register: output + +- name: Assert that state has changed + assert: + that: + - output.changed + +- name: Clean up storage account + azure_rm_storageaccount: + resource_group: "{{ resource_group }}" + name: "{{ storage_account_name }}" + state: absent diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cdnprofile/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cdnprofile/aliases new file mode 100644 index 000000000..42643220a --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cdnprofile/aliases @@ -0,0 +1,5 @@ +cloud/azure +shippable/azure/group13 +destructive +azure_rm_cdnprofile_info +azure_rm_cdnendpoint diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cdnprofile/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cdnprofile/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cdnprofile/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cdnprofile/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cdnprofile/tasks/main.yml new file mode 100644 index 000000000..657881a50 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cdnprofile/tasks/main.yml @@ -0,0 +1,276 @@ +- name: Prepare random number + set_fact: + cdnprofilename: "cdnprofile{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + endpointname: "endpoint{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + run_once: yes + + +- name: Create a CDN profile(check mode) + azure_rm_cdnprofile: + resource_group: "{{ resource_group }}" + name: "{{ cdnprofilename }}" + sku: standard_akamai + tags: + testing: testing + delete: on-exit + foo: bar + check_mode: yes + +- name: Check there is no CDN profile created + azure_rm_cdnprofile_info: + resource_group: "{{ resource_group }}" + name: "{{ cdnprofilename }}" + register: fact + +- name: Check there is no CDN profile created + assert: { that: "{{ fact.cdnprofiles | length }} == 0" } + +- name: Create a CDN profile + azure_rm_cdnprofile: + resource_group: "{{ resource_group }}" + name: "{{ cdnprofilename }}" + sku: standard_akamai + tags: + testing: testing + delete: on-exit + foo: bar + register: output + +- name: Assert the CDN profile is well created + assert: + that: + - output.changed + - output.id != '' + +- name: Gather CDN profile facts + azure_rm_cdnprofile_info: + resource_group: "{{ resource_group }}" + name: "{{ cdnprofilename }}" + register: fact + +- name: Assert fact returns the created one + assert: + that: + - "fact.cdnprofiles | length == 1" + - fact.cdnprofiles[0].sku == 'Standard_Akamai' + - fact.cdnprofiles[0].tags.foo == 'bar' + +- name: Create a CDN profile (idempotent) + azure_rm_cdnprofile: + resource_group: "{{ resource_group }}" + name: "{{ cdnprofilename }}" + sku: standard_akamai + tags: + testing: testing + delete: on-exit + foo: bar + register: output + +- name: Assert idempotent + assert: + that: + - not output.changed + +- name: Update the CDN profile + azure_rm_cdnprofile: + resource_group: "{{ resource_group }}" + name: "{{ cdnprofilename }}" + sku: standard_akamai + tags: + testing: testing + delete: on-exit + foo: bar + baz: qux + register: output + +- name: Assert the CDN profile is updated + assert: + that: + - output.changed + +- name: Delete the CDN profile(check mode) + azure_rm_cdnprofile: + resource_group: "{{ resource_group }}" + name: "{{ cdnprofilename }}" + state: absent + check_mode: yes + +- name: Gather CDN profile facts + azure_rm_cdnprofile_info: + resource_group: "{{ resource_group }}" + name: "{{ cdnprofilename }}" + register: fact + +- name: Assert the CDN is still there + assert: + that: + - "fact.cdnprofiles | length == 1" + - fact.cdnprofiles[0].sku == 'Standard_Akamai' + - fact.cdnprofiles[0].tags.foo == 'bar' + - fact.cdnprofiles[0].tags.baz == 'qux' + +- name: Create a Azure CDN endpoint(check mode) + azure_rm_cdnendpoint: + resource_group: "{{ resource_group }}" + name: "{{ endpointname }}" + profile_name: "{{ cdnprofilename }}" + origins: + - name: "org{{ endpointname }}" + host_name: "www.google.com" + tags: + testing: testing + delete: on-exit + foo: bar + check_mode: yes + +- name: Create a Azure CDN endpoint + azure_rm_cdnendpoint: + resource_group: "{{ resource_group }}" + name: "{{ endpointname }}" + profile_name: "{{ cdnprofilename }}" + origins: + - name: "org{{ endpointname }}" + host_name: "www.google.com" + tags: + testing: testing + delete: on-exit + foo: bar + register: output + +- name: Assert the Azure CDN endpoint is well created + assert: + that: + - output.changed + - output.id + +- name: Get facts of a Azure CDN endpoint + azure_rm_cdnendpoint_info: + resource_group: "{{ resource_group }}" + name: "{{ endpointname }}" + profile_name: "{{ cdnprofilename }}" + register: facts + +- name: Assert facts output + assert: + that: + - facts['cdnendpoints'] | length == 1 + - facts['cdnendpoints'][0]['id'] + - facts['cdnendpoints'][0]['name'] + - facts['cdnendpoints'][0]['profile_name'] + - facts['cdnendpoints'][0]['origin'] + - facts['cdnendpoints'][0]['location'] + - facts['cdnendpoints'][0]['provisioning_state'] + - facts['cdnendpoints'][0]['resource_state'] + +- name: Create a Azure CDN endpoint(idempotent) + azure_rm_cdnendpoint: + resource_group: "{{ resource_group }}" + name: "{{ endpointname }}" + profile_name: "{{ cdnprofilename }}" + origins: + - name: "org{{ endpointname }}" + host_name: "www.google.com" + tags: + testing: testing + delete: on-exit + foo: bar + register: output + +- name: Assert idempotent + assert: + that: + - not output.changed + +- name: Stop a Azure CDN endpoint + azure_rm_cdnendpoint: + resource_group: "{{ resource_group }}" + name: "{{ endpointname }}" + profile_name: "{{ cdnprofilename }}" + started: False + register: output + +- name: Assert stopped + assert: + that: + - output.changed + +- name: Stop a Azure CDN endpoint(idempotent) + azure_rm_cdnendpoint: + resource_group: "{{ resource_group }}" + name: "{{ endpointname }}" + profile_name: "{{ cdnprofilename }}" + started: False + register: output + +- name: Assert still stopped and not changed + assert: + that: + - not output.changed + +- name: Start a Azure CDN endpoint + azure_rm_cdnendpoint: + resource_group: "{{ resource_group }}" + name: "{{ endpointname }}" + profile_name: "{{ cdnprofilename }}" + started: True + register: output + +- name: Assert started + assert: + that: + - output.changed + +- name: Update the Azure CDN endpoint + azure_rm_cdnendpoint: + resource_group: "{{ resource_group }}" + name: "{{ endpointname }}" + profile_name: "{{ cdnprofilename }}" + origin_path: /test/ + tags: + testing: testing + delete: on-exit + foo: baz + register: output + +- name: Assert the Azure CDN endpoint is updated + assert: + that: + - output.changed + +- name: Delete a Azure CDN endpoint(check mode) + azure_rm_cdnendpoint: + resource_group: "{{ resource_group }}" + name: "{{ endpointname }}" + profile_name: "{{ cdnprofilename }}" + state: absent + check_mode: yes + +- name: Delete a Azure CDN endpoint + azure_rm_cdnendpoint: + resource_group: "{{ resource_group }}" + name: "{{ endpointname }}" + profile_name: "{{ cdnprofilename }}" + state: absent + +- name: Delete the CDN profile + azure_rm_cdnprofile: + resource_group: "{{ resource_group }}" + name: "{{ cdnprofilename }}" + state: absent + register: output + +- name: Assert the CDN profile is well deleted + assert: + that: + - output.changed + +- name: Get CDN profile fact + azure_rm_cdnprofile_info: + resource_group: "{{ resource_group }}" + name: "{{ cdnprofilename }}" + register: fact + +- name: Assert fact returns empty + assert: + that: + - "fact.cdnprofiles | length == 0" diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cognitivesearch/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cognitivesearch/aliases new file mode 100644 index 000000000..5d29c6c4d --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cognitivesearch/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group10 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cognitivesearch/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cognitivesearch/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cognitivesearch/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cognitivesearch/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cognitivesearch/tasks/main.yml new file mode 100644 index 000000000..fefad59a8 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cognitivesearch/tasks/main.yml @@ -0,0 +1,194 @@ +- name: Create Azure Search name + set_fact: + search_name: "search{{ resource_group | hash('md5') | truncate(16, True, '') }}" + search_name_secondary: "search{{ resource_group | hash('md5') | truncate(16, True, '') }}-secondary" + +- name: Create invalid Azure Search - Hosting Name + azure_rm_cognitivesearch: + name: "{{ search_name }}" + resource_group: "{{ resource_group }}" + hosting_mode: highDensity + register: invalid_hosting_name + ignore_errors: yes + +- name: Assert task failed + assert: + that: + - invalid_hosting_name.failed == True + +- name: Create invalid Azure Search - Partition Count High Density + azure_rm_cognitivesearch: + name: "{{ search_name }}" + resource_group: "{{ resource_group }}" + sku: standard3 + hosting_mode: highDensity + partition_count: 4 + register: invalid_partition_count + ignore_errors: yes + +- name: Assert task failed + assert: + that: + - invalid_partition_count.failed == True + +- name: Create invalid Azure Search - Partition Count + azure_rm_cognitivesearch: + name: "{{ search_name }}" + resource_group: "{{ resource_group }}" + partition_count: 7 + register: invalid_partition_count + ignore_errors: yes + +- name: Assert task failed + assert: + that: + - invalid_partition_count.failed == True + +- name: Create invalid Azure Search - Replica Count + azure_rm_cognitivesearch: + name: "{{ search_name }}" + resource_group: "{{ resource_group }}" + sku: standard + replica_count: 13 + register: invalid_replica_count + ignore_errors: yes + +- name: Assert task failed + assert: + that: + - invalid_replica_count.failed == True + +- name: Create invalid Azure Search - Replica Count SKU basic + azure_rm_cognitivesearch: + name: "{{ search_name }}" + resource_group: "{{ resource_group }}" + replica_count: 4 + sku: basic + register: invalid_replica_count + ignore_errors: yes + +- name: Assert task failed + assert: + that: + - invalid_replica_count.failed == True + +- name: Create basic Azure Search + azure_rm_cognitivesearch: + name: "{{ search_name }}" + resource_group: "{{ resource_group }}" + register: search_info + +- name: Assert status succeeded and results + assert: + that: + - search_info.changed + - search_info.state.id is defined + - search_info.state.identity.type == "None" + - search_info.state.identity.principal_id is not defined + - search_info.state.hosting_mode == "default" + - search_info.state.name == search_name + - search_info.state.partition_count == 1 + - search_info.state.replica_count == 1 + - search_info.state.sku == "basic" + - search_info.state.provisioning_state == "succeeded" + - search_info.state.public_network_access == "Enabled" + - search_info.state.status == "running" + +- name: Get info for Azure Search + azure_rm_cognitivesearch_info: + name: "{{ search_name }}" + resource_group: "{{ resource_group }}" + register: search_info_module + +- name: Assert status succeeded and results + assert: + that: + - search_info_module.search.id is defined + - search_info_module.search.identity.type == "None" + - search_info_module.search.identity.principal_id is not defined + - search_info_module.search.hosting_mode == "default" + - search_info_module.search.name == search_name + - search_info_module.search.partition_count == 1 + - search_info_module.search.replica_count == 1 + - search_info_module.search.sku == "basic" + - search_info_module.search.provisioning_state == "succeeded" + - search_info_module.search.public_network_access == "Enabled" + - search_info_module.search.status == "running" + +- name: Update basic Azure Search (Idempotence) + azure_rm_cognitivesearch: + name: "{{ search_name }}" + resource_group: "{{ resource_group }}" + register: search_info + +- name: Assert that idempotence is ok + assert: + that: + - not search_info.changed + +- name: Delete Azure Search + azure_rm_cognitivesearch: + name: "{{ search_name }}" + resource_group: "{{ resource_group }}" + state: absent + +- name: Create Azure Search '{{ search_name }}' not default parameters + azure_rm_cognitivesearch: + name: "{{ search_name_secondary }}" + resource_group: "{{ resource_group }}" + hosting_mode: default + identity: SystemAssigned + network_rule_set: + - 8.8.8.8/31 + - 1.1.1.1 + partition_count: 2 + public_network_access: disabled + replica_count: 2 + sku: standard + tags: + foo: bar + register: search_info + +- name: Assert status succeeded and results + assert: + that: + - search_info.changed + - search_info.state.id is defined + - search_info.state.identity.type == "SystemAssigned" + - search_info.state.identity.principal_id is defined + - search_info.state.hosting_mode == "default" + - search_info.state.name == search_name_secondary + - search_info.state.partition_count == 2 + - search_info.state.replica_count == 2 + - search_info.state.sku == "standard" + - search_info.state.provisioning_state == "succeeded" + - search_info.state.status == "running" + +- name: Update Azure Search '{{ search_name }}' not default parameters (Idempotence) + azure_rm_cognitivesearch: + name: "{{ search_name_secondary }}" + resource_group: "{{ resource_group }}" + hosting_mode: default + identity: SystemAssigned + network_rule_set: + - 8.8.8.8/31 + - 1.1.1.1 + partition_count: 2 + public_network_access: disabled + replica_count: 2 + sku: standard + tags: + foo: bar + register: search_info + +- name: Assert that idempotence is ok + assert: + that: + - not search_info.changed + +- name: Delete Azure Search + azure_rm_cognitivesearch: + name: "{{ search_name_secondary }}" + resource_group: "{{ resource_group }}" + state: absent + diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_containerinstance/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_containerinstance/aliases new file mode 100644 index 000000000..93066dcc2 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_containerinstance/aliases @@ -0,0 +1,4 @@ +cloud/azure +destructive +shippable/azure/group2 +azure_rm_containerinstance_info diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_containerinstance/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_containerinstance/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_containerinstance/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_containerinstance/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_containerinstance/tasks/main.yml new file mode 100644 index 000000000..44bb852a5 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_containerinstance/tasks/main.yml @@ -0,0 +1,356 @@ +- name: Set Container Instance Names + set_fact: + rpfx: "{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + +- name: Create sample container instance + azure_rm_containerinstance: + resource_group: "{{ resource_group }}" + name: "aci{{ rpfx }}" + os_type: linux + ip_address: public + location: eastus + ports: + - 80 + containers: + - name: mycontainer1 + image: httpd + memory: 1.5 + ports: + - 80 + - 81 + register: output + +- debug: + var: output + +- name: Assert the container instance is well created + assert: + that: + - output.changed + - output.provisioning_state == 'Succeeded' + +- name: Create sample container instance -- same parameters + azure_rm_containerinstance: + resource_group: "{{ resource_group }}" + name: "aci{{ rpfx }}" + os_type: linux + ip_address: public + location: eastus + ports: + - 80 + containers: + - name: mycontainer1 + image: httpd + memory: 1.5 + ports: + - 80 + - 81 + register: output + +- name: Assert the container instance is well created + assert: + that: + - output.changed == False + +- name: Create sample container instance -- force update + azure_rm_containerinstance: + resource_group: "{{ resource_group }}" + name: "aci{{ rpfx }}" + os_type: linux + ip_address: public + location: eastus + ports: + - 80 + containers: + - name: mycontainer1 + image: httpd + memory: 1.5 + ports: + - 80 + - 81 + force_update: yes + register: output + +- name: Assert the container instance is well created + assert: + that: + - output.changed + - output.provisioning_state == 'Succeeded' + +- name: Create second container instance for testing purposes + azure_rm_containerinstance: + resource_group: "{{ resource_group }}" + name: "aci{{ rpfx }}sec" + os_type: linux + ip_address: public + dns_name_label: mydnslabel{{ resource_group | hash('md5') | truncate(7, True, '') }} + location: eastus + restart_policy: on_failure + ports: + - 80 + containers: + - name: mycontainer1 + image: httpd + memory: 1.5 + ports: + - 80 + - 81 + environment_variables: + - name: myvar + value: myvarvalue + register: output + +- name: Create virtual network + azure_rm_virtualnetwork: + resource_group: "{{ resource_group }}" + name: "vnet{{ rpfx }}" + address_prefixes_cidr: + - 10.1.0.0/16 + - 172.100.0.0/16 + +- name: Create a subnet + azure_rm_subnet: + resource_group: "{{ resource_group }}" + name: "sub{{ rpfx }}" + virtual_network_name: "vnet{{ rpfx }}" + address_prefix_cidr: "10.1.0.0/24" + private_link_service_network_policies: Disabled + private_endpoint_network_policies: Disabled + delegations: + - name: delegation_to_containerinsance + serviceName: 'Microsoft.ContainerInstance/containerGroups' + register: subnet_output + +- name: Create third container instance for subnet_ids + azure_rm_containerinstance: + resource_group: "{{ resource_group }}" + name: "aci{{ rpfx }}thi" + os_type: linux + ip_address: private + location: eastus + subnet_ids: + - "{{ subnet_output.state.id }}" + ports: + - 80 + containers: + - name: mycontainer1 + image: httpd + memory: 1.5 + ports: + - 80 + - 81 + register: output + +- name: Assert the container instance is well created + assert: + that: + - output.changed + +- name: Gather facts for single Container Instance + azure_rm_containerinstance_info: + resource_group: "{{ resource_group }}" + name: "aci{{ rpfx }}sec" + register: output + +- debug: + var: output + +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.containerinstances[0]['resource_group'] != None + - output.containerinstances[0]['name'] != None + - output.containerinstances[0]['os_type'] != None + - output.containerinstances[0]['location'] != None + - output.containerinstances[0]['ip_address'] != None + - output.containerinstances[0]['ports'] != None + - output.containerinstances[0]['containers'] != None + - output.containerinstances[0]['containers'][0]['environment_variables'] | length == 1 + - output.containerinstances[0]['restart_policy'] == 'on_failure' + +- name: Gather facts for all Container Instances in the resource group + azure_rm_containerinstance_info: + resource_group: "{{ resource_group }}" + register: output + +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.containerinstances[0]['resource_group'] != None + - output.containerinstances[0]['name'] != None + - output.containerinstances[0]['os_type'] != None + - output.containerinstances[0]['location'] != None + - output.containerinstances[0]['ip_address'] != None + - output.containerinstances[0]['ports'] != None + - output.containerinstances[0]['containers'] != None + - output.containerinstances[1]['resource_group'] != None + - output.containerinstances[1]['name'] != None + - output.containerinstances[1]['os_type'] != None + - output.containerinstances[1]['location'] != None + - output.containerinstances[1]['ip_address'] != None + - output.containerinstances[1]['ports'] != None + - output.containerinstances[1]['containers'] != None + +- name: Create sample container instance with volume + azure_rm_containerinstance: + resource_group: "{{ resource_group }}" + name: "aci{{ rpfx }}thi" + os_type: linux + ip_address: public + location: eastus + ports: + - 80 + containers: + - name: mycontainer1 + image: mcr.microsoft.com/azuredocs/aci-helloworld + memory: 1.5 + volume_mounts: + - name: "my-filesharevolume" + mount_path: "/data/files" + ports: + - 80 + - 81 + volumes: + - name: "my-filesharevolume" + azure_file: + storage_account_name: "{{ storage_account_name }}" + share_name: "{{ file_share_name }}" + storage_account_key: "{{ storage_account_key }}" + register: output + ignore_errors: True + +- debug: + var: output + ignore_errors: True + +- name: Assert the container instance is well created + assert: + that: + - output.changed + - output.provisioning_state == 'Succeeded' + ignore_errors: True + +- name: Gather facts for Container Instance + azure_rm_containerinstance_info: + resource_group: "{{ resource_group }}" + name: "aci{{ rpfx }}thi" + register: output + ignore_errors: True + +- debug: + var: output + ignore_errors: True + +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.containerinstances[0]['resource_group'] != None + - output.containerinstances[0]['name'] != None + - output.containerinstances[0]['os_type'] != None + - output.containerinstances[0]['location'] != None + - output.containerinstances[0]['ip_address'] != None + - output.containerinstances[0]['volumes'] != None + - output.containerinstances[0]['ports'] != None + - output.containerinstances[0]['containers'] != None + - output.containerinstances[0]['containers'][0]['volume_mounts'] | length == 1 + - output.containerinstances[0]['containers'][0]['volume_mounts'][0]['name'] != None + - output.containerinstances[0]['containers'][0]['volume_mounts'][0]['mount_path'] != None + ignore_errors: True + +- name: Remove container instance + azure_rm_containerinstance: + resource_group: "{{ resource_group }}" + name: "aci{{ rpfx }}thi" + os_type: linux + ip_address: public + location: eastus + ports: + - 80 + containers: + - name: mycontainer1 + image: mcr.microsoft.com/azuredocs/aci-helloworld + memory: 1.5 + volume_mounts: + - name: "my-filesharevolume" + mount_path: "/data/files" + ports: + - 80 + - 81 + volumes: + - name: "my-filesharevolume" + azure_file: + storage_account_name: "{{ storage_account_name }}" + share_name: "{{ file_share_name }}" + storage_account_key: "{{ storage_account_key }}" + state: absent + register: output + ignore_errors: True + +- name: Remove container instance + azure_rm_containerinstance: + resource_group: "{{ resource_group }}" + name: "aci{{ rpfx }}" + os_type: linux + ip_address: public + location: eastus + ports: + - 80 + containers: + - name: mycontainer1 + image: httpd + memory: 1.5 + ports: + - 80 + - 81 + state: absent + register: output + +- name: Assert the container instance is deleted + assert: + that: + - output.changed + +- name: Remove container instance + azure_rm_containerinstance: + resource_group: "{{ resource_group }}" + name: "aci{{ rpfx }}sec" + os_type: linux + ip_address: public + location: eastus + ports: + - 80 + containers: + - name: mycontainer1 + image: httpd + memory: 1.5 + ports: + - 80 + - 81 + state: absent + +- name: Remove container instance again + azure_rm_containerinstance: + resource_group: "{{ resource_group }}" + name: "aci{{ rpfx }}" + os_type: linux + ip_address: public + location: eastus + ports: + - 80 + containers: + - name: mycontainer1 + image: httpd + memory: 1.5 + ports: + - 80 + - 81 + state: absent + register: output + +- name: Assert the changed is false + assert: + that: + - output.changed == False diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_containerregistry/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_containerregistry/aliases new file mode 100644 index 000000000..2615d3fe0 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_containerregistry/aliases @@ -0,0 +1,4 @@ +cloud/azure +shippable/azure/group2 +destructive +azure_rm_containerregistry_info diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_containerregistry/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_containerregistry/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_containerregistry/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_containerregistry/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_containerregistry/tasks/main.yml new file mode 100644 index 000000000..7c83c5c5d --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_containerregistry/tasks/main.yml @@ -0,0 +1,116 @@ + - name: Create an container registry + azure_rm_containerregistry: + name: "acr{{ resource_group | hash('md5') | truncate(7, True, '') }}" + resource_group: "{{ resource_group }}" + location: eastus2 + admin_user_enabled: true + sku: Premium + tags: + Release: beta1 + Environment: Production + register: output + + - name: Assert the container registry instance is well created + assert: + that: + - output.changed + - output.admin_user_enabled + - output.location == 'eastus2' + - output.sku == 'Premium' + - output.tags['Environment'] == 'Production' + - output.tags['Release'] == 'beta1' + - output.provisioning_state == 'Succeeded' + - output.credentials['password'] is defined + - output.credentials['password2'] is defined + + - name: Update the ACR instance sku, tags and admin_user_enabled + azure_rm_containerregistry: + name: "acr{{ resource_group | hash('md5') | truncate(7, True, '') }}" + resource_group: "{{ resource_group }}" + location: eastus2 + admin_user_enabled: false + sku: Standard + tags: + NewTag: newtag + Release: beta1 + Environment: Production + register: output + + - name: Create second container registry (to test facts) + azure_rm_containerregistry: + name: "acr{{ resource_group | hash('md5') | truncate(7, True, '') }}sec" + resource_group: "{{ resource_group }}" + location: eastus2 + admin_user_enabled: false + sku: Premium + tags: + Release: beta1 + Environment: Production + + - name: Assert the ACR instance is well updated + assert: + that: + - output.changed == True + - output.admin_user_enabled == False + - output.sku == 'Standard' + - output.tags['NewTag'] == 'newtag' + - output.credentials | length == 0 + - output.credentials['password'] is not defined + - output.credentials['password2'] is not defined + + - name: Gather facts for single Container Registry + azure_rm_containerregistry_info: + resource_group: "{{ resource_group }}" + name: "acr{{ resource_group | hash('md5') | truncate(7, True, '') }}" + register: output + + - name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.registries[0]['name'] != None + - output.registries[0]['location'] != None + - output.registries[0]['admin_user_enabled'] != None + - output.registries[0]['sku'] != None + - output.registries[0]['provisioning_state'] != None + - output.registries[0]['login_server'] != None + - output.registries[0]['id'] != None + - output.registries[0]['credentials'] != None + + - name: Gather facts for all Container Registries in the resource group + azure_rm_containerregistry_info: + resource_group: "{{ resource_group }}" + register: output + + - name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.registries[0]['name'] != None + - output.registries[0]['location'] != None + - output.registries[0]['admin_user_enabled'] != None + - output.registries[0]['sku'] != None + - output.registries[0]['provisioning_state'] != None + - output.registries[0]['login_server'] != None + - output.registries[0]['id'] != None + - output.registries[0]['credentials'] != None + - output.registries[1]['name'] != None + - output.registries[1]['location'] != None + - output.registries[1]['admin_user_enabled'] != None + - output.registries[1]['sku'] != None + - output.registries[1]['provisioning_state'] != None + - output.registries[1]['login_server'] != None + - output.registries[1]['id'] != None + - output.registries[1]['credentials'] != None + + - name: Delete first container registry + azure_rm_containerregistry: + name: "acr{{ resource_group | hash('md5') | truncate(7, True, '') }}" + resource_group: "{{ resource_group }}" + state: absent + + - name: Delete second container registry + azure_rm_containerregistry: + name: "acr{{ resource_group | hash('md5') | truncate(7, True, '') }}sec" + resource_group: "{{ resource_group }}" + state: absent diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_containerregistrytag/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_containerregistrytag/aliases new file mode 100644 index 000000000..aa77c071a --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_containerregistrytag/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group2 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_containerregistrytag/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_containerregistrytag/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_containerregistrytag/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_containerregistrytag/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_containerregistrytag/tasks/main.yml new file mode 100644 index 000000000..6f90bcddf --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_containerregistrytag/tasks/main.yml @@ -0,0 +1,366 @@ +- name: Prepare random number + set_fact: + rpfx: "{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + run_once: true + +- name: Create an container registry + azure_rm_containerregistry: + name: "acr{{ rpfx }}" + resource_group: "{{ resource_group }}" + location: eastus2 + admin_user_enabled: true + sku: Standard + +- name: Load all tags + azure_rm_containerregistrytag_info: + registry: "acr{{ rpfx }}" + register: output +- name: Verify no tags exist + assert: + that: output.repositories | length == 0 + +- name: Load all tags for non-existant repository + azure_rm_containerregistrytag_info: + registry: "acr{{ rpfx }}" + repository_name: "does-not-exist" + register: output +- name: Verify no tags exist + assert: + that: output.repositories | length == 0 + +- name: Import tag (check mode) + azure_rm_containerregistrytag: + registry: "acr{{ rpfx }}" + repository_name: "app1" + name: "v1" + source_image: + registry_uri: "docker.io" + repository: "library/hello-world" + name: "latest" + check_mode: true + register: output +- name: Assert output + assert: + that: output.changed + +- name: Import tag (actually import) + azure_rm_containerregistrytag: + registry: "acr{{ rpfx }}" + repository_name: "app1" + name: "v1" + source_image: + registry_uri: "docker.io" + repository: "library/hello-world" + name: "latest" + register: output +- name: Assert output + assert: + that: output.changed + +- name: Import tag (test idempotency) + azure_rm_containerregistrytag: + registry: "acr{{ rpfx }}" + repository_name: "app1" + name: "v1" + source_image: + registry_uri: "docker.io" + repository: "library/hello-world" + name: "latest" + register: output +- name: Assert output + assert: + that: not output.changed + +- name: Import additional tag + azure_rm_containerregistrytag: + registry: "acr{{ rpfx }}" + repository_name: "app2" + name: "1.1.1" + source_image: + registry_uri: "docker.io" + repository: "library/hello-world" + name: "latest" + register: output +- name: Assert output + assert: + that: output.changed + +- name: Import additional tag + azure_rm_containerregistrytag: + registry: "acr{{ rpfx }}" + repository_name: "app2" + name: "test-image" + source_image: + registry_uri: "docker.io" + repository: "library/hello-world" + name: "latest" + register: output +- name: Assert output + assert: + that: output.changed + +- name: Import additional tag + azure_rm_containerregistrytag: + registry: "acr{{ rpfx }}" + repository_name: "app2" + name: "v1" + source_image: + registry_uri: "docker.io" + repository: "library/hello-world" + name: "latest" + register: output +- name: Assert output + assert: + that: output.changed + +- name: Load all tags + azure_rm_containerregistrytag_info: + registry: "acr{{ rpfx }}" + register: output +- name: Assert tags exist + assert: + that: + - output.repositories | length == 2 + - output.repositories[0].name == 'app1' + - output.repositories[0].tags | length == 1 + - output.repositories[0].tags[0].name == 'v1' + - output.repositories[1].name == 'app2' + - output.repositories[1].tags | length == 3 + - output.repositories[1].tags[0].name == '1.1.1' + - output.repositories[1].tags[1].name == 'test-image' + - output.repositories[1].tags[2].name == 'v1' + +- name: Load tags by repository + azure_rm_containerregistrytag_info: + registry: "acr{{ rpfx }}" + repository_name: "app2" + register: output +- name: Assert tags exist + assert: + that: + - output.repositories | length == 1 + - output.repositories[0].name == 'app2' + - output.repositories[0].tags | length == 3 + - output.repositories[0].tags[0].name == '1.1.1' + - output.repositories[0].tags[1].name == 'test-image' + - output.repositories[0].tags[2].name == 'v1' + +- name: Load tags by repository and name + azure_rm_containerregistrytag_info: + registry: "acr{{ rpfx }}" + repository_name: "app2" + name: "test-image" + register: output +- name: Assert tags exist + assert: + that: + - output.repositories | length == 1 + - output.repositories[0].name == 'app2' + - output.repositories[0].tags | length == 1 + - output.repositories[0].tags[0].name == 'test-image' + +- name: Load tags by name + azure_rm_containerregistrytag_info: + registry: "acr{{ rpfx }}" + name: "v1" + register: output +- name: Assert tags exist + assert: + that: + - output.repositories | length == 2 + - output.repositories[0].name == 'app1' + - output.repositories[0].tags | length == 1 + - output.repositories[0].tags[0].name == 'v1' + - output.repositories[1].name == 'app2' + - output.repositories[1].tags | length == 1 + - output.repositories[1].tags[0].name == 'v1' + +- name: Delete tag by name (check mode) + azure_rm_containerregistrytag: + registry: "acr{{ rpfx }}" + repository_name: "app2" + name: "test-image" + state: "absent" + check_mode: true + register: output +- name: Assert output + assert: + that: output.changed + +- name: Delete tag by name (actually delete) + azure_rm_containerregistrytag: + registry: "acr{{ rpfx }}" + repository_name: "app2" + name: "test-image" + state: "absent" + register: output +- name: Assert output + assert: + that: output.changed + +- name: Delete tag by name (test idempotency) + azure_rm_containerregistrytag: + registry: "acr{{ rpfx }}" + repository_name: "app2" + name: "test-image" + state: "absent" + register: output +- name: Assert output + assert: + that: not output.changed + +- name: Load tags by repository + azure_rm_containerregistrytag_info: + registry: "acr{{ rpfx }}" + repository_name: "app2" + register: output +- name: Assert tags exist + assert: + that: + - output.repositories | length == 1 + - output.repositories[0].name == 'app2' + - output.repositories[0].tags | length == 2 + - output.repositories[0].tags[0].name == '1.1.1' + - output.repositories[0].tags[1].name == 'v1' + +- name: Delete repository (check mode) + azure_rm_containerregistrytag: + registry: "acr{{ rpfx }}" + repository_name: "app2" + state: "absent" + check_mode: true + register: output +- name: Assert output + assert: + that: output.changed + +- name: Delete repository (actually delete) + azure_rm_containerregistrytag: + registry: "acr{{ rpfx }}" + repository_name: "app2" + state: "absent" + register: output +- name: Assert output + assert: + that: output.changed + +- name: Delete repository (test idempotency) + azure_rm_containerregistrytag: + registry: "acr{{ rpfx }}" + repository_name: "app2" + state: "absent" + register: output +- name: Assert output + assert: + that: not output.changed + +- name: Load all tags + azure_rm_containerregistrytag_info: + registry: "acr{{ rpfx }}" + register: output +- name: Assert tags exist + assert: + that: + - output.repositories | length == 1 + - output.repositories[0].name == 'app1' + - output.repositories[0].tags | length == 1 + - output.repositories[0].tags[0].name == 'v1' + +- name: Import tag with same name + azure_rm_containerregistrytag: + registry: "acr{{ rpfx }}" + source_image: + registry_uri: "docker.io" + repository: "library/hello-world" + name: "latest" + register: output +- name: Assert output + assert: + that: output.changed + +- name: Import tag with same name (test idempotency) + azure_rm_containerregistrytag: + registry: "acr{{ rpfx }}" + source_image: + registry_uri: "docker.io" + repository: "library/hello-world" + name: "latest" + register: output +- name: Assert output + assert: + that: not output.changed + +- name: Import tag with different repo, same name + azure_rm_containerregistrytag: + registry: "acr{{ rpfx }}" + repository_name: app1 + source_image: + registry_uri: "docker.io" + repository: "library/hello-world" + name: "latest" + register: output +- name: Assert output + assert: + that: output.changed + +- name: Import tag with different repo, same name (test idempotency) + azure_rm_containerregistrytag: + registry: "acr{{ rpfx }}" + repository_name: app1 + source_image: + registry_uri: "docker.io" + repository: "library/hello-world" + name: "latest" + register: output +- name: Assert output + assert: + that: not output.changed + +- name: Import tag with different name, same repo + azure_rm_containerregistrytag: + registry: "acr{{ rpfx }}" + name: "myversion" + source_image: + registry_uri: "docker.io" + repository: "library/hello-world" + name: "latest" + register: output +- name: Assert output + assert: + that: output.changed + +- name: Import tag with different name, same repo (test idempotency) + azure_rm_containerregistrytag: + registry: "acr{{ rpfx }}" + name: "myversion" + source_image: + registry_uri: "docker.io" + repository: "library/hello-world" + name: "latest" + register: output +- name: Assert output + assert: + that: not output.changed + +- name: Load all tags + azure_rm_containerregistrytag_info: + registry: "acr{{ rpfx }}" + register: output +- name: Assert tags exist + assert: + that: + - output.repositories | length == 2 + - output.repositories[0].name == 'app1' + - output.repositories[0].tags | length == 2 + - output.repositories[0].tags[0].name == 'latest' + - output.repositories[0].tags[1].name == 'v1' + - output.repositories[1].name == 'library/hello-world' + - output.repositories[1].tags | length == 2 + - output.repositories[1].tags[0].name == 'latest' + - output.repositories[1].tags[1].name == 'myversion' + +- name: Delete container registry + azure_rm_containerregistry: + name: "acr{{ rpfx }}" + resource_group: "{{ resource_group }}" + state: "absent" diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cosmosdbaccount/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cosmosdbaccount/aliases new file mode 100644 index 000000000..8f0d8a0e4 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cosmosdbaccount/aliases @@ -0,0 +1,4 @@ +cloud/azure +destructive +shippable/azure/group14 +azure_rm_cosmosdbaccount_info diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cosmosdbaccount/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cosmosdbaccount/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cosmosdbaccount/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cosmosdbaccount/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cosmosdbaccount/tasks/main.yml new file mode 100644 index 000000000..ca1cc8b90 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cosmosdbaccount/tasks/main.yml @@ -0,0 +1,365 @@ +- name: Prepare random number + set_fact: + dbname: "cosmos-{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + db2name: "cosmos2-{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + vnname: "vn{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + subnetname: "subnet{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + free_tier_supported: false # https://github.com/ansible-collections/azure/pull/675#discussion_r843584406 + run_once: yes + +- name: Create virtual network + azure_rm_virtualnetwork: + resource_group: "{{ resource_group }}" + name: "{{ vnname }}" + address_prefixes_cidr: + - 10.1.0.0/16 + - 172.100.0.0/16 + dns_servers: + - 127.0.0.1 + - 127.0.0.3 + +- name: Add subnet + azure_rm_subnet: + name: "{{ subnetname }}" + virtual_network_name: "{{ vnname }}" + resource_group: "{{ resource_group }}" + address_prefix_cidr: "10.1.0.0/24" + +- name: Create instance of Database Account -- check mode + azure_rm_cosmosdbaccount: + resource_group: "{{ resource_group }}" + name: "{{ dbname }}" + location: eastasia + geo_rep_locations: + - name: eastasia + failover_priority: 0 + database_account_offer_type: Standard + check_mode: yes + register: output +- name: Assert the resource instance is well created + assert: + that: + - output.changed + +- name: Create instance of Database Account + azure_rm_cosmosdbaccount: + resource_group: "{{ resource_group }}" + name: "{{ dbname }}" + location: eastasia + kind: global_document_db + geo_rep_locations: + - name: eastasia + failover_priority: 0 + - name: westus + failover_priority: 1 + database_account_offer_type: Standard + is_virtual_network_filter_enabled: yes + virtual_network_rules: + - subnet: + resource_group: "{{ resource_group }}" + virtual_network_name: "{{ vnname }}" + subnet_name: "{{ subnetname }}" + ignore_missing_v_net_service_endpoint: yes + register: output +- name: Assert the resource instance is well created + assert: + that: + - output.changed + +- name: Create again instance of Database Account + azure_rm_cosmosdbaccount: + resource_group: "{{ resource_group }}" + name: "{{ dbname }}" + location: eastasia + kind: global_document_db + geo_rep_locations: + - name: eastasia + failover_priority: 0 + - name: westus + failover_priority: 1 + database_account_offer_type: Standard + is_virtual_network_filter_enabled: yes + virtual_network_rules: + - subnet: + resource_group: "{{ resource_group }}" + virtual_network_name: "{{ vnname }}" + subnet_name: "{{ subnetname }}" + ignore_missing_v_net_service_endpoint: yes + register: output +- name: Assert the state has not changed + assert: + that: + - output.changed == false + +- name: Create again instance of Database Account -- change something + azure_rm_cosmosdbaccount: + resource_group: "{{ resource_group }}" + name: "{{ dbname }}" + location: eastasia + kind: global_document_db + geo_rep_locations: + - name: eastasia + failover_priority: 0 + - name: westus + failover_priority: 1 + database_account_offer_type: Standard + is_virtual_network_filter_enabled: yes + virtual_network_rules: + - subnet: + resource_group: "{{ resource_group }}" + virtual_network_name: "{{ vnname }}" + subnet_name: "{{ subnetname }}" + ignore_missing_v_net_service_endpoint: yes + enable_automatic_failover: yes + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Create second instance of Database Account + azure_rm_cosmosdbaccount: + resource_group: "{{ resource_group_secondary }}" + name: "{{ db2name }}" + location: eastasia + kind: global_document_db + geo_rep_locations: + - name: eastasia + failover_priority: 0 + - name: westus + failover_priority: 1 + database_account_offer_type: Standard + is_virtual_network_filter_enabled: yes + virtual_network_rules: + - subnet: + resource_group: "{{ resource_group }}" + virtual_network_name: "{{ vnname }}" + subnet_name: "{{ subnetname }}" + ignore_missing_v_net_service_endpoint: yes + register: output +- name: Assert the resource instance is well created + assert: + that: + - output.changed + +- name: Get facts of single account + azure_rm_cosmosdbaccount_info: + resource_group: "{{ resource_group }}" + name: "{{ dbname }}" + register: output +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.accounts | length == 1 + - output.accounts[0]['id'] != None + - output.accounts[0]['resource_group'] == resource_group + - output.accounts[0]['name'] == dbname + - output.accounts[0]['location'] == 'eastasia' + - output.accounts[0]['kind'] != None + - output.accounts[0]['consistency_policy'] != None + - output.accounts[0]['failover_policies'] != None + - output.accounts[0]['read_locations'] != None + - output.accounts[0]['write_locations'] != None + - output.accounts[0]['database_account_offer_type'] != None + - output.accounts[0]['ip_range_filter'] != None + - output.accounts[0]['ip_rules'] != None + - output.accounts[0]['is_virtual_network_filter_enabled'] != None + - output.accounts[0]['enable_automatic_failover'] != None + - output.accounts[0]['enable_cassandra'] != None + - output.accounts[0]['enable_table'] != None + - output.accounts[0]['enable_gremlin'] != None + - output.accounts[0]['virtual_network_rules'] != None + - output.accounts[0]['enable_multiple_write_locations'] != None + - output.accounts[0]['document_endpoint'] != None + - output.accounts[0]['provisioning_state'] != None + - output.accounts[0]['tags'] != None + - output.accounts[0]['enable_free_tier'] == false + - output.accounts[0]['public_network_access'] == 'Enabled' + +- name: Get facts with keys + azure_rm_cosmosdbaccount_info: + resource_group: "{{ resource_group }}" + name: "{{ dbname }}" + retrieve_keys: all + register: output +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.accounts[0]['primary_master_key'] != None + - output.accounts[0]['secondary_master_key'] != None + - output.accounts[0]['primary_readonly_master_key'] != None + - output.accounts[0]['secondary_readonly_master_key'] != None + +- name: Get facts with readonly keys + azure_rm_cosmosdbaccount_info: + resource_group: "{{ resource_group }}" + name: "{{ dbname }}" + retrieve_keys: readonly + retrieve_connection_strings: yes + register: output +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - "'primary_master_key' not in output.accounts[0]" + - "'secondary_master_key' not in output.accounts[0]" + - output.accounts[0]['primary_readonly_master_key'] != None + - output.accounts[0]['secondary_readonly_master_key'] != None + - output.accounts[0]['connection_strings'] | length > 0 + +- name: List accounts by resource group + azure_rm_cosmosdbaccount_info: + resource_group: "{{ resource_group }}" + register: output +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.accounts | length == 1 + - output.accounts[0]['id'] != None + - output.accounts[0]['resource_group'] == resource_group + - output.accounts[0]['name'] == dbname + - output.accounts[0]['location'] == 'eastasia' + - output.accounts[0]['kind'] != None + - output.accounts[0]['consistency_policy'] != None + - output.accounts[0]['failover_policies'] != None + - output.accounts[0]['read_locations'] != None + - output.accounts[0]['write_locations'] != None + - output.accounts[0]['database_account_offer_type'] != None + - output.accounts[0]['ip_range_filter'] != None + - output.accounts[0]['ip_rules'] != None + - output.accounts[0]['is_virtual_network_filter_enabled'] != None + - output.accounts[0]['enable_automatic_failover'] != None + - output.accounts[0]['enable_cassandra'] != None + - output.accounts[0]['enable_table'] != None + - output.accounts[0]['enable_gremlin'] != None + - output.accounts[0]['virtual_network_rules'] != None + - output.accounts[0]['enable_multiple_write_locations'] != None + - output.accounts[0]['document_endpoint'] != None + - output.accounts[0]['provisioning_state'] != None + - output.accounts[0]['tags'] != None + - output.accounts[0]['enable_free_tier'] == false + - output.accounts[0]['public_network_access'] == 'Enabled' + +- name: List all accounts + azure_rm_cosmosdbaccount_info: + register: output +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.accounts | length >= 2 + - dbname in (output.accounts | map(attribute='name')) + - db2name in (output.accounts | map(attribute='name')) + +- name: Create 4.0 Mongo free-tier instance with public networking disabled + azure_rm_cosmosdbaccount: + resource_group: "{{ resource_group }}" + name: "{{ dbname }}-free4" + location: eastasia + kind: mongo_db + mongo_version: "4.0" + enable_free_tier: "{{ free_tier_supported }}" + public_network_access: "Disabled" + ip_rules: + - "1.1.1.1" + - "2.2.2.2/28" + geo_rep_locations: + - name: eastasia + failover_priority: 0 + - name: westus + failover_priority: 1 + database_account_offer_type: Standard + is_virtual_network_filter_enabled: yes + virtual_network_rules: + - subnet: + resource_group: "{{ resource_group }}" + virtual_network_name: "{{ vnname }}" + subnet_name: "{{ subnetname }}" + ignore_missing_v_net_service_endpoint: yes + enable_automatic_failover: yes + register: output +- name: Assert resource created + assert: + that: + - output.changed + +- name: Get facts for free tier account + azure_rm_cosmosdbaccount_info: + resource_group: "{{ resource_group }}" + name: "{{ dbname }}-free4" + register: output +- name: Assert that facts are returned + assert: + that: + - output.accounts[0]['mongo_version'] == '4.0' + - output.accounts[0]['enable_free_tier'] == free_tier_supported + - output.accounts[0]['public_network_access'] == 'Disabled' + - output.accounts[0]['ip_range_filter'] == '1.1.1.1,2.2.2.2/28' + - (output.accounts[0]['ip_rules'] | length) == 2 + - output.accounts[0]['ip_rules'][0] == '1.1.1.1' + - output.accounts[0]['ip_rules'][1] == '2.2.2.2/28' + +- name: Delete instance of Database Account -- check mode + azure_rm_cosmosdbaccount: + resource_group: "{{ resource_group }}" + name: "{{ dbname }}" + state: absent + check_mode: yes + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Delete instance of Database Account + azure_rm_cosmosdbaccount: + resource_group: "{{ resource_group }}" + name: "{{ dbname }}" + state: absent + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Delete unexisting instance of Database Account + azure_rm_cosmosdbaccount: + resource_group: "{{ resource_group }}" + name: "{{ dbname }}" + state: absent + register: output +- name: Assert the state has not changed + assert: + that: + - output.changed == false + +- name: Delete second instance of Database Account + azure_rm_cosmosdbaccount: + resource_group: "{{ resource_group_secondary }}" + name: "{{ db2name }}" + state: absent + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Delete free tier instance of Database Account + azure_rm_cosmosdbaccount: + resource_group: "{{ resource_group }}" + name: "{{ dbname }}-free4" + state: absent + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Clean up virtual network + azure_rm_virtualnetwork: + resource_group: "{{ resource_group }}" + name: "{{ vnname }}" + state: absent diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_datafactory/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_datafactory/aliases new file mode 100644 index 000000000..5bec11dd5 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_datafactory/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group11 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_datafactory/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_datafactory/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_datafactory/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_datafactory/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_datafactory/tasks/main.yml new file mode 100644 index 000000000..25afbe8bb --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_datafactory/tasks/main.yml @@ -0,0 +1,76 @@ +- name: Create data factory name + set_fact: + name: "df{{ resource_group | hash('md5') | truncate(21, True, '') }}" + +- name: Create data factory (Checkmode) + azure_rm_datafactory: + resource_group: "{{ resource_group }}" + name: "{{ name }}" + public_network_access: Enabled + tags: + key1: value1 + check_mode: True + +- name: Create data factory + azure_rm_datafactory: + resource_group: "{{ resource_group }}" + name: "{{ name }}" + public_network_access: Enabled + tags: + key1: value1 + register: output + +- assert: + that: + - output.changed + +- name: Create data factory again (Idempotent test) + azure_rm_datafactory: + resource_group: "{{ resource_group }}" + name: "{{ name }}" + public_network_access: Enabled + tags: + key1: value1 + register: output + +- assert: + that: + - not output.changed + +- name: Update data factory + azure_rm_datafactory: + resource_group: "{{ resource_group }}" + name: "{{ name }}" + public_network_access: Disabled + tags: + key1: value1 + key2: value2 + register: output + +- assert: + that: + - output.changed + +- name: Get data factory info + azure_rm_datafactory_info: + resource_group: "{{ resource_group }}" + name: "{{ name }}" + register: output + +- name: Assert status succeed and result match expectations + assert: + that: + - output.datafactory[0].tags | length == 2 + - output.datafactory[0].public_network_access == 'Disabled' + + +- name: Delete data factory + azure_rm_datafactory: + resource_group: "{{ resource_group }}" + name: "{{ name }}" + state: absent + register: output + +- assert: + that: + - output.changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_datalakestore/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_datalakestore/aliases new file mode 100644 index 000000000..5d29c6c4d --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_datalakestore/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group10 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_datalakestore/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_datalakestore/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_datalakestore/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_datalakestore/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_datalakestore/tasks/main.yml new file mode 100644 index 000000000..1b9e2409b --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_datalakestore/tasks/main.yml @@ -0,0 +1,203 @@ +- name: Create data lake store name + set_fact: + adl_name: "adl{{ resource_group_datalake | hash('md5') | truncate(21, True, '') }}" + vnet_name: "vnet{{ resource_group_datalake | hash('md5') | truncate(20, True, '') }}" + +- name: Create virtual network + azure_rm_virtualnetwork: + name: "{{ vnet_name }}" + resource_group: "{{ resource_group_datalake }}" + address_prefixes_cidr: + - 10.1.0.0/16 + register: vnet_output + +- name: Create subnet + azure_rm_subnet: + name: foobar + virtual_network_name: "{{ vnet_name }}" + resource_group: "{{ resource_group_datalake }}" + address_prefix_cidr: "10.1.1.0/24" + service_endpoints: + - service: Microsoft.AzureActiveDirectory + register: subnet_output + +- name: Create minimal data lake store + azure_rm_datalakestore: + resource_group: "{{ resource_group_datalake }}" + name: "{{ adl_name }}" + register: output + +- name: Assert status succeeded and results + assert: + that: + - output.changed + - output.state.id is defined + - output.state.account_id is defined + - output.state.creation_time is defined + - output.state.current_tier == "Consumption" + - output.state.encryption_state == "Enabled" + - output.state.endpoint == "{{ adl_name }}.azuredatalakestore.net" + - output.state.firewall_allow_azure_ips == "Disabled" + - output.state.firewall_rules | length == 0 + - output.state.firewall_state == "Disabled" + - output.state.last_modified_time is defined + - output.state.new_tier == "Consumption" + - output.state.provisioning_state == "Succeeded" + - output.state.trusted_id_provider_state == "Disabled" + +- name: Create minimal data lake store (Idempotence) + azure_rm_datalakestore: + resource_group: "{{ resource_group_datalake }}" + name: "{{ adl_name }}" + register: output + +- name: Assert that status has not changed + assert: + that: + - not output.changed + +- name: Update data lake store to add virtual_network_rules + azure_rm_datalakestore: + resource_group: "{{ resource_group_datalake }}" + name: "{{ adl_name }}" + virtual_network_rules: + - name: vnet_rule_1 + subnet_id: "{{ subnet_output.state.id }}" + register: output + +- name: Assert status succeeded and results include virtual_network_rules + assert: + that: + - output.changed + - output.state.virtual_network_rules | length == 1 + - output.state.virtual_network_rules[0].name == "vnet_rule_1" + - output.state.virtual_network_rules[0].subnet_id == "{{ subnet_output.state.id }}" + +- name: Update data lake store to change encryption state that must fail + azure_rm_datalakestore: + resource_group: "{{ resource_group_datalake }}" + name: "{{ adl_name }}" + encryption_state: Disabled + register: output + ignore_errors: yes + +- name: Assert that encryption state cannot change + assert: + that: + - not output.changed + - output.msg == 'Encryption type cannot be updated.' + +- name: Update data lake store to add new_tier + azure_rm_datalakestore: + resource_group: "{{ resource_group_datalake }}" + name: "{{ adl_name }}" + new_tier: Commitment_1TB + register: output + +- name: Assert status succeeded and results include virtual_network_rules + assert: + that: + - output.changed + - output.state.current_tier == "Consumption" + - output.state.new_tier == "Commitment_1TB" + +- name: Delete minimal data lake store + azure_rm_datalakestore: + resource_group: "{{ resource_group_datalake }}" + name: "{{ adl_name }}" + state: absent + register: output + +- name: Create new data lake store + azure_rm_datalakestore: + resource_group: "{{ resource_group_datalake }}" + name: "{{ adl_name }}" + tags: + P1: V1 + P2: V4 + P3: V3 + new_tier: Commitment_1TB + default_group: default_group_test + encryption_state: Enabled + firewall_state: Enabled + firewall_allow_azure_ips: Enabled + firewall_rules: + - + name: test_rule_1 + start_ip_address: 192.168.1.1 + end_ip_address: 192.168.1.254 + - + name: test_rule_2 + start_ip_address: 10.0.0.1 + end_ip_address: 10.1.0.1 + virtual_network_rules: + - name: vnet_rule_1 + subnet_id: "{{ subnet_output.state.id }}" + register: output + +- name: Assert status succeeded and results include an Id value + assert: + that: + - output.changed + - output.state.id is defined + - output.state.account_id is defined + - output.state.creation_time is defined + - output.state.current_tier == "Commitment_1TB" + - output.state.default_group == "default_group_test" + - output.state.encryption_state == "Enabled" + - output.state.endpoint == "{{ adl_name }}.azuredatalakestore.net" + - output.state.firewall_allow_azure_ips == "Enabled" + - output.state.firewall_rules | length == 2 + - output.state.firewall_state == "Enabled" + - output.state.last_modified_time is defined + - output.state.new_tier == "Commitment_1TB" + - output.state.provisioning_state == "Succeeded" + - output.state.tags | length == 3 + - output.state.trusted_id_provider_state == "Disabled" + - output.state.virtual_network_rules | length == 1 + - output.state.virtual_network_rules[0].name == "vnet_rule_1" + - output.state.virtual_network_rules[0].subnet_id == "{{ subnet_output.state.id }}" + +- name: Create new data lake store (Idempotence) + azure_rm_datalakestore: + resource_group: "{{ resource_group_datalake }}" + name: "{{ adl_name }}" + tags: + P1: V1 + P2: V4 + P3: V3 + new_tier: Commitment_1TB + default_group: default_group_test + encryption_state: Enabled + firewall_state: Enabled + firewall_allow_azure_ips: Enabled + firewall_rules: + - + name: test_rule_1 + start_ip_address: 192.168.1.1 + end_ip_address: 192.168.1.254 + - + name: test_rule_2 + start_ip_address: 10.0.0.1 + end_ip_address: 10.1.0.1 + virtual_network_rules: + - name: vnet_rule_1 + subnet_id: "{{ subnet_output.state.id }}" + register: output + +- name: Assert that status has not changed + assert: + that: + - not output.changed + +- name: Delete virtual network + azure_rm_virtualnetwork: + name: "{{ vnet_name }}" + resource_group: "{{ resource_group_datalake }}" + state: absent + +- name: Delete Data Lake Store + azure_rm_datalakestore: + resource_group: "{{ resource_group_datalake }}" + name: "{{ adl_name }}" + state: absent diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_ddosprotectionplan/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_ddosprotectionplan/aliases new file mode 100644 index 000000000..5cf25760d --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_ddosprotectionplan/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group10 +destructive
\ No newline at end of file diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_ddosprotectionplan/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_ddosprotectionplan/meta/main.yml new file mode 100644 index 000000000..cf34ae763 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_ddosprotectionplan/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure
\ No newline at end of file diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_ddosprotectionplan/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_ddosprotectionplan/tasks/main.yml new file mode 100644 index 000000000..a61003680 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_ddosprotectionplan/tasks/main.yml @@ -0,0 +1,82 @@ +- name: Create random ddos protection plan + set_fact: + ddosprotectionplan: "test{{ resource_group | hash('md5') | truncate(16, True, '') + (65535 | random | string) }}" + +- name: Create DDoS protection plan (check mode) + azure_rm_ddosprotectionplan: + location: eastus2 + name: "{{ ddosprotectionplan }}" + resource_group: "{{ resource_group }}" + check_mode: yes + register: results + +- assert: + that: results.changed + +- name: Create DDoS protection plan + azure_rm_ddosprotectionplan: + location: eastus2 + name: "{{ ddosprotectionplan }}" + resource_group: "{{ resource_group }}" + register: results + +- assert: + that: results.changed + +- name: Update DDoS protection plan + azure_rm_ddosprotectionplan: + location: eastus2 + name: "{{ ddosprotectionplan }}" + resource_group: "{{ resource_group }}" + tags: + test: modified + register: results + +- assert: + that: + - results.changed + - results.state.tags.test == 'modified' + +- name: Retrieve DDoS protection plan + azure_rm_ddosprotectionplan_info: + name: "{{ ddosprotectionplan }}" + resource_group: "{{ resource_group }}" + register: results + +- name: Assert that facts module returned result + assert: + that: + - results.ddosprotectionplan[0].tags.test == 'modified' + +- name: Test idempotent + azure_rm_ddosprotectionplan: + location: eastus2 + name: "{{ ddosprotectionplan }}" + resource_group: "{{ resource_group }}" + register: results + +- assert: + that: + - not results.changed + +# +# azure_rm_ddosprotectionplan cleanup +# + +- name: Delete DDoS protection plan + azure_rm_ddosprotectionplan: + location: eastus2 + name: "{{ ddosprotectionplan }}" + resource_group: "{{ resource_group }}" + state: absent + +- name: Delete DDoS protection plan + azure_rm_ddosprotectionplan: + location: eastus2 + name: "{{ ddosprotectionplan }}" + resource_group: "{{ resource_group }}" + state: absent + register: results + +- assert: + that: not results.changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_deployment/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_deployment/aliases new file mode 100644 index 000000000..2cc249376 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_deployment/aliases @@ -0,0 +1,4 @@ +cloud/azure +destructive +disabled +shippable/azure/group1 diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_deployment/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_deployment/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_deployment/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_deployment/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_deployment/tasks/main.yml new file mode 100644 index 000000000..7e83a4c28 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_deployment/tasks/main.yml @@ -0,0 +1,70 @@ +- name: Create random dns label + set_fact: + dns_label: "test{{ resource_group | hash('md5') | truncate(16, True, '') + (65535 | random | string) }}" + +- name: Error Create Azure Deploy + azure_rm_deployment: + resource_group: "{{ resource_group }}" + location: "eastus" + template_link: 'https://raw.githubusercontent.com/Azure/azure-quickstart-templates/d01a5c06f4f1bc03a049ca17bbbd6e06d62657b3/101-vm-simple-linux/azuredeploy.json' + deployment_name: "{{ dns_label }}" + parameters: + adminUsername: + value: chouseknecht + adminPassword: + value: password123! + dnsLabelPrefix: + value: "{{ dns_label }}" + ubuntuOSVersion: + value: "Never-LTS" + register: output + ignore_errors: yes + +- name: Create Azure Deploy + azure_rm_deployment: + resource_group: "{{ resource_group }}" + location: "eastus" + template_link: 'https://raw.githubusercontent.com/Azure/azure-quickstart-templates/d01a5c06f4f1bc03a049ca17bbbd6e06d62657b3/101-vm-simple-linux/azuredeploy.json' + deployment_name: "{{ dns_label }}" + parameters: + adminUsername: + value: chouseknecht + adminPassword: + value: password123! + dnsLabelPrefix: + value: "{{ dns_label }}" + ubuntuOSVersion: + value: "16.04.0-LTS" + register: output + +- name: Add new instance to host group + add_host: + hostname: "{{ item.vm_name }}" + ansible_host: "{{ item['ips'][0].public_ip }}" + ansible_user: chouseknecht + ansible_ssh_pass: password123! + groupname: azure_vms + with_items: "{{ output.deployment.instances }}" + +- name: Get Deployment Facts for Resource Group + azure_rm_deployment_info: + resource_group: "{{ resource_group }}" + register: output +- debug: + var: output + +- name: Get Deployment Facts for named deployment + azure_rm_deployment_info: + resource_group: "{{ resource_group }}" + name: "{{ dns_label }}" + register: output +- debug: + var: output + +- name: Assert that values are returned + assert: + that: + - not output.changed + - output.deployments[0]['provisioning_state'] != None + - output.deployments[0]['output_resources'] | length > 0 + - output.deployments[0]['outputs'] | length > 0 diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_devtestlab/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_devtestlab/aliases new file mode 100644 index 000000000..4353a9ee7 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_devtestlab/aliases @@ -0,0 +1,17 @@ +cloud/azure +destructive +shippable/azure/group15 +azure_rm_devtestlab +azure_rm_devtestlab_info +azure_rm_devtestlabarmtemplate_info +azure_rm_devtestlabcustomimage +azure_rm_devtestlabcustomimage_info +azure_rm_devtestlabpolicy +azure_rm_devtestlabpolicy_info +azure_rm_devtestlabschedule +azure_rm_devtestlabschedule_info +azure_rm_devtestlabvirtualmachine +azure_rm_devtestlabvirtualmachine_info +azure_rm_devtestlabvirtualnetwork +azure_rm_devtestlabvirtualnetwork_info +disabled diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_devtestlab/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_devtestlab/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_devtestlab/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_devtestlab/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_devtestlab/tasks/main.yml new file mode 100644 index 000000000..87d63ad88 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_devtestlab/tasks/main.yml @@ -0,0 +1,218 @@ +- name: Set devtest labe value + set_fact: + rpfx: "{{ resource_group | hash('md5') | truncate(20, True, '') }}" + +- name: Create a DevTest Lab (check mode) + azure_rm_devtestlab: + resource_group: "{{ resource_group }}" + name: "dev-{{ rpfx }}" + storage_type: standard + premium_data_disks: true + tags: + key1: value1 + check_mode: yes + +- name: Create a DevTest Lab + azure_rm_devtestlab: + resource_group: "{{ resource_group }}" + name: "dev-{{ rpfx }}" + storage_type: standard + premium_data_disks: true + tags: + key1: value1 + register: output + +- name: Check the devtest lab changed + assert: + that: output.changed + +- name: Create a DevTest Lab (Idempotent test) + azure_rm_devtestlab: + resource_group: "{{ resource_group }}" + name: "dev-{{ rpfx }}" + storage_type: standard + premium_data_disks: true + tags: + key1: value1 + register: output + +- name: Check the devtest lab not changed + assert: + that: not output.changed + +- name: Get devtest lab facts + azure_rm_devtestlab_info: + resource_group: "{{ resource_group }}" + name: "dev-{{ rpfx }}" + register: output + +- name: Assert the devtest lab create success + assert: + that: + - output.labs | length == 1 + - output.labs[0].provisioning_state == "Succeeded" + +- name: Create a devtest lab virtual network + azure_rm_devtestlabvirtualnetwork: + resource_group: "{{ resource_group }}" + lab_name: "dev-{{ rpfx }}" + name: "vnet-{{ rpfx }}" + description: "My Lab Virtual network" + tags: + key1: value1 + register: output + +- name: Assert the devtest lab virtual network create successfully + assert: + that: + - output.changed + +- name: Get the devtest lab virtual network + azure_rm_devtestlabvirtualnetwork_info: + resource_group: "{{ resource_group }}" + lab_name: "dev-{{ rpfx }}" + name: "vnet-{{ rpfx }}" + register: output + +- name: Assert the devtest lab virtual network facts + assert: + that: + - output.virtualnetworks | length == 1 + - output.virtualnetworks[0].description == "My Lab Virtual network" + - output.virtualnetworks[0].provisioning_state == "Succeeded" + +- name: Create a dev test lab Virtual machine + azure_rm_devtestlabvirtualmachine: + resource_group: "{{ resource_group }}" + lab_name: "dev-{{ rpfx }}" + name: "vm-{{ rpfx }}" + notes: "Notes of Virtual machine" + os_type: linux + vm_size: Standard_A2_v2 + user_name: azureuser + password: Password@0329 + lab_subnet: + name: "vnet-{{ rpfx }}Subnet" + virtual_network_name: "vnet-{{ rpfx }}" + image: + offer: UbuntuServer + publisher: Canonical + sku: 16.04-LTS + os_type: Linux + version: latest + allow_claim: no + expiration_date: "2025-10-22T01:49:12.117974Z" + register: output + +- name: Assert the devtest lab virtual machine create successfully + assert: + that: + - output.changed + +- name: Get devtest lab info + azure_rm_devtestlabvirtualmachine_info: + resource_group: "{{ resource_group }}" + lab_name: "dev-{{ rpfx }}" + name: "vm-{{ rpfx }}" + register: output + +- name: Assert the devtest lab virtualmachine facts + assert: + that: + - output.virtualmachines | length == 1 + - output.virtualmachines[0].provisioning_state == "Succeeded" + - output.virtualmachines[0].expiration_date == "2025-10-22T01:49:12.117974Z" + +- name: create a instance devtest lab image + azure_rm_devtestlabcustomimage: + resource_group: "{{ resource_group }}" + lab_name: "dev-{{ rpfx }}" + name: "image-{{ rpfx }}" + source_vm: "vm-{{ rpfx }}" + linux_os_state: non_deprovisioned + register: output + +- name: Assert the devtest lab image create successufully + assert: + that: + - output.changed + +- name: Get custom image + azure_rm_devtestlabcustomimage_info: + resource_group: "{{ resource_group }}" + lab_name: "dev-{{ rpfx }}" + name: "image-{{ rpfx }}" + register: output + +- name: Assert the devtest lab image facts + assert: + that: + - output.custom_images | length == 1 + - output.custom_images[0].lab_name + - output.custom_images[0].id + +- name: Get devtest lab armtemplate facts + azure_rm_devtestlabarmtemplate_info: + resource_group: "{{ resource_group }}" + lab_name: "dev-{{ rpfx }}" + artifact_source_name: "public environment repo" + register: output + +- name: Assert the devtest lab armtemplate is returned successfully + assert: + that: + - output.armtemplates | length >= 1 + +- name: Create a Devtest lab policy + azure_rm_devtestlabpolicy: + resource_group: "{{ resource_group }}" + lab_name: "dev-{{ rpfx }}" + policy_set_name: default + name: "policy-{{ rpfx }}" + fact_name: user_owned_lab_vm_count + threshold: 5 + register: output + +- name: Assert the devtest lab policy creatre successfully + assert: + that: + - output.changed + +- name: Get the devtest lab policy facts + azure_rm_devtestlabpolicy_info: + resource_group: "{{ resource_group }}" + lab_name: "dev-{{ rpfx }}" + policy_set_name: default + register: output + +- name: Assert the devtest lab policy facts + assert: + that: + - output.policies | length >= 1 + +- name: Create a Devtest lab schedule + azure_rm_devtestlabschedule: + resource_group: "{{ resource_group }}" + lab_name: "dev-{{ rpfx }}" + name: lab_vms_shutdown + time: "1030" + time_zone_id: "UTC+12" + register: output + +- name: Assert the devtest lab schedule create sussessfully + assert: + that: + - output.changed + +- name: Get devtest lab schedule + azure_rm_devtestlabschedule_info: + resource_group: "{{ resource_group }}" + lab_name: "dev-{{ rpfx }}" + name: lab_vms_shutdown + register: output + +- name: Assert the devtest lab schedule facts + assert: + that: + - output.schedules | length >= 1 + - output.schedules[0].name == "lab_vms_shutdown" diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_diskencryptionset/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_diskencryptionset/aliases new file mode 100644 index 000000000..5d29c6c4d --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_diskencryptionset/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group10 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_diskencryptionset/lookup_plugins/azure_service_principal_attribute.py b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_diskencryptionset/lookup_plugins/azure_service_principal_attribute.py new file mode 100644 index 000000000..1b7d0318f --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_diskencryptionset/lookup_plugins/azure_service_principal_attribute.py @@ -0,0 +1,94 @@ +# (c) 2018 Yunge Zhu, <yungez@microsoft.com> +# (c) 2017 Ansible Project +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +from __future__ import (absolute_import, division, print_function) +__metaclass__ = type + +DOCUMENTATION = """ +lookup: azure_service_principal_attribute + +requirements: + - azure-graphrbac + +author: + - Yunge Zhu <yungez@microsoft.com> + +version_added: "2.7" + +short_description: Look up Azure service principal attributes. + +description: + - Describes object id of your Azure service principal account. +options: + azure_client_id: + description: azure service principal client id. + azure_secret: + description: azure service principal secret + azure_tenant: + description: azure tenant + azure_cloud_environment: + description: azure cloud environment +""" + +EXAMPLES = """ +set_fact: + object_id: "{{ lookup('azure_service_principal_attribute', + azure_client_id=azure_client_id, + azure_secret=azure_secret, + azure_tenant=azure_secret) }}" +""" + +RETURN = """ +_raw: + description: + Returns object id of service principal. +""" + +from ansible.errors import AnsibleError +from ansible.plugins import AnsiblePlugin +from ansible.plugins.lookup import LookupBase +from ansible.module_utils._text import to_native + +try: + from azure.common.credentials import ServicePrincipalCredentials + from azure.graphrbac import GraphRbacManagementClient + from msrestazure import azure_cloud + from msrestazure.azure_exceptions import CloudError +except ImportError: + raise AnsibleError( + "The lookup azure_service_principal_attribute requires azure.graphrbac, msrest") + + +class LookupModule(LookupBase): + def run(self, terms, variables, **kwargs): + + self.set_options(direct=kwargs) + + credentials = {} + credentials['azure_client_id'] = self.get_option('azure_client_id', None) + credentials['azure_secret'] = self.get_option('azure_secret', None) + credentials['azure_tenant'] = self.get_option('azure_tenant', 'common') + + if credentials['azure_client_id'] is None or credentials['azure_secret'] is None: + raise AnsibleError("Must specify azure_client_id and azure_secret") + + _cloud_environment = azure_cloud.AZURE_PUBLIC_CLOUD + if self.get_option('azure_cloud_environment', None) is not None: + cloud_environment = azure_cloud.get_cloud_from_metadata_endpoint(credentials['azure_cloud_environment']) + + try: + azure_credentials = ServicePrincipalCredentials(client_id=credentials['azure_client_id'], + secret=credentials['azure_secret'], + tenant=credentials['azure_tenant'], + resource=_cloud_environment.endpoints.active_directory_graph_resource_id) + + client = GraphRbacManagementClient(azure_credentials, credentials['azure_tenant'], + base_url=_cloud_environment.endpoints.active_directory_graph_resource_id) + + response = list(client.service_principals.list(filter="appId eq '{0}'".format(credentials['azure_client_id']))) + sp = response[0] + + return sp.object_id.split(',') + except CloudError as ex: + raise AnsibleError("Failed to get service principal object id: %s" % to_native(ex)) + return False diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_diskencryptionset/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_diskencryptionset/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_diskencryptionset/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_diskencryptionset/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_diskencryptionset/tasks/main.yml new file mode 100644 index 000000000..79055e213 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_diskencryptionset/tasks/main.yml @@ -0,0 +1,138 @@ +- name: Prepare random number + set_fact: + set_name: "des{{ resource_group | hash('md5') | truncate(22, True, '') }}" + rpfx: "{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + tenant_id: "{{ azure_tenant }}" + run_once: yes + +- name: lookup service principal object id + set_fact: + object_id: "{{ lookup('azure_service_principal_attribute', + azure_client_id=azure_client_id, + azure_secret=azure_secret, + azure_tenant=tenant_id) }}" + register: object_id_facts + +- name: create a key vault + azure_rm_keyvault: + resource_group: "{{ resource_group }}" + vault_name: "myvault{{ rpfx }}" + enabled_for_disk_encryption: yes + vault_tenant: "{{ tenant_id }}" + sku: + name: standard + family: A + access_policies: + - tenant_id: "{{ tenant_id }}" + object_id: "{{ object_id }}" + keys: + - get + - list + - wrapkey + - unwrapkey + - create + - update + - import + - delete + - backup + - restore + - recover + - purge + +- name: Create a key in key vault + azure_rm_keyvaultkey: + key_name: testkey + keyvault_uri: https://myvault{{ rpfx }}.vault.azure.net + +- name: Get latest version of key + azure_rm_keyvaultkey_info: + vault_uri: https://myvault{{ rpfx }}.vault.azure.net + name: testkey + register: results + +- set_fact: + key_url: "{{ results['keys'][0]['kid'] }}" + +- name: create disk encryption set + azure_rm_diskencryptionset: + resource_group: "{{ resource_group }}" + name: "{{ set_name }}" + source_vault: "myvault{{ rpfx }}" + key_url: "{{ key_url }}" + state: present + register: results + +- name: Assert that disk encryption set is created + assert: + that: results.changed + +- name: create disk encryption set (Idempotent test) + azure_rm_diskencryptionset: + resource_group: "{{ resource_group }}" + name: "{{ set_name }}" + source_vault: "myvault{{ rpfx }}" + key_url: "{{ key_url }}" + state: present + register: results + +- name: Assert that output is not changed + assert: + that: not results.changed + +- name: Update disk encryption set + azure_rm_diskencryptionset: + resource_group: "{{ resource_group }}" + name: "{{ set_name }}" + source_vault: "myvault{{ rpfx }}" + key_url: "{{ key_url }}" + state: present + tags: + key1: "value1" + register: results + +- name: Assert that disk encryption set is updated + assert: + that: results.changed + +- name: Get disk encryption set facts + azure_rm_diskencryptionset_info: + resource_group: "{{ resource_group }}" + name: "{{ set_name }}" + register: results + +- assert: + that: + - not results.changed + - results.diskencryptionsets[0].id != None + - results.diskencryptionsets[0].name == "{{ set_name }}" + - results.diskencryptionsets[0].active_key != None + - results.diskencryptionsets[0].provisioning_state == "Succeeded" + - results.diskencryptionsets[0].tags | length > 0 + +- name: Delete disk encryption set + azure_rm_diskencryptionset: + resource_group: "{{ resource_group }}" + name: "{{ set_name }}" + state: absent + register: results + +- name: Assert that disk encryption set is deleted + assert: + that: results.changed + +- name: Delete disk encryption set (Idempotent test) + azure_rm_diskencryptionset: + resource_group: "{{ resource_group }}" + name: "{{ set_name }}" + state: absent + register: results + +- name: Asset that output is not changed + assert: + that: not results.changed + +- name: Delete the Key Vault + azure_rm_keyvault: + resource_group: "{{ resource_group }}" + vault_name: "myvault{{ rpfx }}" + state: absent diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_dnsrecordset/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_dnsrecordset/aliases new file mode 100644 index 000000000..8f7a9a2e5 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_dnsrecordset/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group1 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_dnsrecordset/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_dnsrecordset/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_dnsrecordset/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_dnsrecordset/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_dnsrecordset/tasks/main.yml new file mode 100644 index 000000000..6b9acee8d --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_dnsrecordset/tasks/main.yml @@ -0,0 +1,207 @@ +- name: Create random domain name + set_fact: + domain_name: "{{ resource_group | hash('md5') | truncate(16, True, '') + (65535 | random | string) }}" + +- name: Create a DNS zone + azure_rm_dnszone: + resource_group: "{{ resource_group }}" + name: "{{ domain_name }}.com" + state: present + register: results + +- name: Assert that DNS zone was created + assert: + that: results.changed + +- name: create "A" record set with multiple records + azure_rm_dnsrecordset: + resource_group: "{{ resource_group }}" + relative_name: www + zone_name: "{{ domain_name }}.com" + record_type: A + records: + - entry: 192.168.100.101 + - entry: 192.168.100.102 + - entry: 192.168.100.103 + register: results + +- name: Assert that A record set was created + assert: + that: results.changed + +- name: re-run "A" record with same values + azure_rm_dnsrecordset: + resource_group: "{{ resource_group }}" + relative_name: www + zone_name: "{{ domain_name }}.com" + record_type: A + records: + - entry: 192.168.100.101 + - entry: 192.168.100.102 + - entry: 192.168.100.103 + register: results + +- name: Assert that A record set was not changed + assert: + that: not results.changed + +- name: Update "A" record set with additional record + azure_rm_dnsrecordset: + resource_group: "{{ resource_group }}" + relative_name: www + zone_name: "{{ domain_name }}.com" + record_type: A + record_mode: append + records: + - entry: 192.168.100.104 + register: results + +- name: Assert that new record was appended + assert: + that: + - results.changed + +- name: re-update "A" record set with additional record + azure_rm_dnsrecordset: + resource_group: "{{ resource_group }}" + relative_name: www + zone_name: "{{ domain_name }}.com" + record_type: A + record_mode: append + records: + - entry: 192.168.100.104 + register: results + +- name: Assert that A record set was not changed + assert: + that: + - not results.changed + +- name: Remove 1 record from record set + azure_rm_dnsrecordset: + resource_group: "{{ resource_group }}" + relative_name: www + zone_name: "{{ domain_name }}.com" + record_type: A + records: + - entry: 192.168.100.101 + - entry: 192.168.100.102 + - entry: 192.168.100.103 + register: results + +- name: Assert that record was deleted + assert: + that: + - results.changed + +- name: Check_mode test + azure_rm_dnsrecordset: + resource_group: "{{ resource_group }}" + relative_name: www + zone_name: "{{ domain_name }}.com" + record_type: A + records: + - entry: 192.168.100.105 + check_mode: yes + register: results + +- name: Assert that check_mode returns new state + assert: + that: + - results.changed + +# FUTURE: add facts module calls to ensure that we really didn't touch anything + +- name: delete a record set + azure_rm_dnsrecordset: + resource_group: "{{ resource_group }}" + relative_name: www + zone_name: "{{ domain_name }}.com" + record_type: A + state: absent + register: results + +- name: Assert that record set deleted + assert: + that: results.changed + +- name: (idempotence test) re-run record set absent + azure_rm_dnsrecordset: + resource_group: "{{ resource_group }}" + relative_name: www + zone_name: "{{ domain_name }}.com" + record_type: A + state: absent + register: results + +- name: + assert: + that: not results.changed + +- name: create SRV records in a new record set + azure_rm_dnsrecordset: + resource_group: "{{ resource_group }}" + relative_name: "_sip._tcp.{{ domain_name }}.com" + zone_name: "{{ domain_name }}.com" + time_to_live: 7200 + record_type: SRV + state: present + records: + - entry: sip.{{ domain_name }}.com + priority: 20 + weight: 10 + port: 5060 + register: results + +- name: Assert that SRV record set was created + assert: + that: + - results.changed + +- name: create TXT records in a new record set + azure_rm_dnsrecordset: + resource_group: "{{ resource_group }}" + relative_name: "_txt.{{ domain_name }}.com" + zone_name: "{{ domain_name }}.com" + record_type: TXT + state: present + records: + - entry: "v=spf1 a -all" + - entry: "foo" + - entry: + - "bar" + - "baz" + register: results + +- name: Assert that TXT record set was created + assert: + that: + - results.changed + +- name: Update SOA record + azure_rm_dnsrecordset: + resource_group: "{{ resource_group }}" + relative_name: "@" + zone_name: "{{ domain_name }}.com" + record_type: SOA + state: present + records: + - host: ns1-99.example.com. + email: azuredns-hostmaster99.example.com + serial_number: 99 + refresh_time: 3699 + retry_time: 399 + expire_time: 2419299 + minimum_ttl: 399 + register: results + +- name: Assert that SOA record set was created + assert: + that: + - results.changed + +- name: Delete DNS zone + azure_rm_dnszone: + resource_group: "{{ resource_group }}" + name: "{{ domain_name }}.com" + state: absent diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_dnszone/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_dnszone/aliases new file mode 100644 index 000000000..b048b01fe --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_dnszone/aliases @@ -0,0 +1,6 @@ +cloud/azure +shippable/azure/group2 +destructive +azure_rm_dnszone_info +azure_rm_dnsrecordset +azure_rm_dnsrecordset_info diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_dnszone/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_dnszone/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_dnszone/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_dnszone/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_dnszone/tasks/main.yml new file mode 100644 index 000000000..3f38ca554 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_dnszone/tasks/main.yml @@ -0,0 +1,300 @@ +- name: Create random domain name + set_fact: + domain_name: "{{ resource_group | hash('md5') | truncate(16, True, '') + (65535 | random | string) }}" + +- name: Create a DNS zone (check mode) + azure_rm_dnszone: + resource_group: "{{ resource_group }}" + name: "{{ domain_name }}.com" + register: results + check_mode: yes + +- assert: + that: results.changed + +- name: Create a DNS zone + azure_rm_dnszone: + resource_group: "{{ resource_group }}" + name: "{{ domain_name }}.com" + register: results + +- assert: + that: results.changed + +- name: Update DNS zone with tags + azure_rm_dnszone: + resource_group: "{{ resource_group }}" + name: "{{ domain_name }}.com" + tags: + test: modified + register: results + +- assert: + that: + - results.changed + - results.state.tags.test == 'modified' + +- name: Retrieve DNS Zone Facts + azure_rm_dnszone_info: + resource_group: "{{ resource_group }}" + name: "{{ domain_name }}.com" + register: zones + +- name: Assert that facts module returned result + assert: + that: + - zones.dnszones[0].tags.test == 'modified' + - zones.dnszones[0].type == 'public' + +- name: Test idempotent + azure_rm_dnszone: + name: "{{ domain_name }}.com" + resource_group: "{{ resource_group }}" + register: results + +- assert: + that: + - not results.changed + +# +# azure_rm_dnsrecordset test +# + +- name: create "A" record set with multiple records + azure_rm_dnsrecordset: + resource_group: "{{ resource_group }}" + relative_name: www + zone_name: "{{ domain_name }}.com" + record_type: A + records: + - entry: 192.168.100.101 + - entry: 192.168.100.102 + - entry: 192.168.100.103 + register: results + +- name: Assert that A record set was created + assert: + that: + - results.changed + - 'results.state.a_records | length == 3' + +- name: re-run "A" record with same values + azure_rm_dnsrecordset: + resource_group: "{{ resource_group }}" + relative_name: www + zone_name: "{{ domain_name }}.com" + record_type: A + records: + - entry: 192.168.100.101 + - entry: 192.168.100.102 + - entry: 192.168.100.103 + register: results + +- name: Assert that A record set was not changed + assert: + that: not results.changed + +- name: Update "A" record set with additional record + azure_rm_dnsrecordset: + resource_group: "{{ resource_group }}" + relative_name: www + zone_name: "{{ domain_name }}.com" + record_type: A + record_mode: append + records: + - entry: 192.168.100.104 + register: results + +- name: Assert that new record was appended + assert: + that: + - results.changed + - 'results.state.a_records | length == 4' + +- name: re-update "A" record set with additional record + azure_rm_dnsrecordset: + resource_group: "{{ resource_group }}" + relative_name: www + zone_name: "{{ domain_name }}.com" + record_type: A + record_mode: append + records: + - entry: 192.168.100.104 + register: results + +- name: Assert that A record set was not changed + assert: + that: + - not results.changed + +- name: Remove 1 record from record set + azure_rm_dnsrecordset: + resource_group: "{{ resource_group }}" + relative_name: www + zone_name: "{{ domain_name }}.com" + record_type: A + records: + - entry: 192.168.100.101 + - entry: 192.168.100.102 + - entry: 192.168.100.103 + register: results + +- name: Assert that record was deleted + assert: + that: + - results.changed + - 'results.state.a_records | length == 3' + +- name: Check_mode test + azure_rm_dnsrecordset: + resource_group: "{{ resource_group }}" + relative_name: www + zone_name: "{{ domain_name }}.com" + record_type: A + records: + - entry: 192.168.100.105 + check_mode: yes + register: results + +- name: Assert that check_mode returns new state + assert: + that: + - results.changed + +# FUTURE: add facts module calls to ensure that we really didn't touch anything + +- name: create SRV records in a new record set + azure_rm_dnsrecordset: + resource_group: "{{ resource_group }}" + relative_name: "_sip._tcp.{{ domain_name }}.com" + zone_name: "{{ domain_name }}.com" + time_to_live: 7200 + record_type: SRV + records: + - entry: sip.{{ domain_name }}.com + priority: 20 + weight: 10 + port: 5060 + register: results + +- name: Assert that SRV record set was created + assert: + that: + - results.changed + +- name: create TXT records in a new record set + azure_rm_dnsrecordset: + resource_group: "{{ resource_group }}" + relative_name: "_txt.{{ domain_name }}.com" + zone_name: "{{ domain_name }}.com" + record_type: TXT + records: + - entry: "v=spf1 a -all" + - entry: "foo" + - entry: + - "bar" + - "baz" + register: results + +- name: Assert that TXT record set was created + assert: + that: + - results.changed + +# +# azure_rm_dnsrecordset_info +# + +- name: Retrieve DNS Record Set Facts for single Record Set + azure_rm_dnsrecordset_info: + resource_group: "{{ resource_group }}" + zone_name: "{{ domain_name }}.com" + relative_name: www + record_type: A + register: results + +- name: Assert that facts module returned result for single Record Set + assert: + that: + - not results.changed +# - azure_dnsrecordset[0].name == 'www' + - results.dnsrecordsets[0].relative_name == 'www' + - 'results.dnsrecordsets[0].records | length == 3' + - results.dnsrecordsets[0].record_type == 'A' + +- name: Retrieve DNS Record Set Facts for all Record Sets + azure_rm_dnsrecordset_info: + resource_group: "{{ resource_group }}" + zone_name: "{{ domain_name }}.com" + register: facts + +- name: Assert that facts module returned result for all Record Sets + assert: + that: + - not facts.changed +# - facts.ansible_facts.azure_dnsrecordset[0].name == '@' +# - facts.ansible_facts.azure_dnsrecordset[1].name == '@' +# - facts.ansible_facts.azure_dnsrecordset[4].name == 'www' + +# +# azure_rm_dnsrecordset cleanup +# +- name: delete all record sets except for @ + azure_rm_dnsrecordset: + resource_group: "{{ resource_group }}" + relative_name: "{{ item.relative_name }}" + zone_name: "{{ domain_name }}.com" + record_type: "{{ item.record_type }}" + state: absent + with_items: "{{ facts.dnsrecordsets }}" + when: + - item.relative_name != '@' + register: results + +- name: Assert that record set deleted + assert: + that: results.changed + +- name: Retrieve DNS Record Set Facts for all Record Sets + azure_rm_dnsrecordset_info: + resource_group: "{{ resource_group }}" + zone_name: "{{ domain_name }}.com" + register: facts + +- name: Assert all record set deleted + assert: + that: + - item.relative_name == '@' + with_items: "{{ facts.dnsrecordsets }}" + +- name: (idempotence test) re-run record set absent + azure_rm_dnsrecordset: + resource_group: "{{ resource_group }}" + relative_name: www + zone_name: "{{ domain_name }}.com" + record_type: A + state: absent + register: results + +- name: + assert: + that: not results.changed + +# +# azure_rm_dnszone cleanup +# +- name: Delete DNS zone + azure_rm_dnszone: + resource_group: "{{ resource_group }}" + name: "{{ domain_name }}.com" + state: absent + +- name: Delete DNS zone (idempotent) + azure_rm_dnszone: + resource_group: "{{ resource_group }}" + name: "{{ domain_name }}.com" + state: absent + register: results + +- assert: + that: not results.changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_eventhub/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_eventhub/aliases new file mode 100644 index 000000000..5cf25760d --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_eventhub/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group10 +destructive
\ No newline at end of file diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_eventhub/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_eventhub/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_eventhub/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_eventhub/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_eventhub/tasks/main.yml new file mode 100644 index 000000000..484f0146d --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_eventhub/tasks/main.yml @@ -0,0 +1,145 @@ +- name: Create random event hub and namespace + set_fact: + namespace_name: "test{{ resource_group | hash('md5') | truncate(16, True, '') + (65535 | random | string) }}" + name: "test{{ resource_group | hash('md5') | truncate(16, True, '') + (65535 | random | string) }}" + +- name: Create Event Hub Namespace (check mode) + azure_rm_eventhub: + location: eastus2 + namespace_name: "{{ namespace_name }}" + resource_group: "{{ resource_group }}" + sku: "Basic" + check_mode: yes + register: results + +- assert: + that: results.changed + +- name: Create Event Hub (check mode) + azure_rm_eventhub: + location: eastus2 + namespace_name: "{{ namespace_name }}" + name: "{{ name }}" + resource_group: "{{ resource_group }}" + sku: "Basic" + check_mode: yes + register: results + +- assert: + that: results.changed + +- name: Create Event Hub Namespace + azure_rm_eventhub: + location: eastus2 + namespace_name: "{{ namespace_name }}" + resource_group: "{{ resource_group }}" + sku: "Basic" + register: results + +- assert: + that: results.changed + +- name: Create Event Hub + azure_rm_eventhub: + location: eastus2 + namespace_name: "{{ namespace_name }}" + name: "{{ name }}" + resource_group: "{{ resource_group }}" + register: results + +- assert: + that: results.changed + +- name: Update Namespace + azure_rm_eventhub: + location: eastus2 + namespace_name: "{{ namespace_name }}" + resource_group: "{{ resource_group }}" + sku: "Standard" + tags: + test: modified + register: results + +- assert: + that: + - results.changed + - results.state.tags.test == 'modified' + +- name: Update Event Hub + azure_rm_eventhub: + location: eastus2 + namespace_name: "{{ namespace_name }}" + name: "{{ name }}" + resource_group: "{{ resource_group }}" + message_retention_in_days: 4 + state: present + tags: + test: modified + register: results + +- assert: + that: + - results.changed + +- name: Retrieve Namespace + azure_rm_eventhub_info: + namespace_name: "{{ namespace_name }}" + resource_group: "{{ resource_group }}" + register: results + +- name: Test idempotent + azure_rm_eventhub: + location: eastus2 + namespace_name: "{{ namespace_name }}" + resource_group: "{{ resource_group }}" + sku: "Standard" + tags: + test: modified + register: results + +- assert: + that: + - not results.changed + +#cleanup +- name: Delete Event Hub + azure_rm_eventhub: + location: eastus2 + namespace_name: "{{ namespace_name }}" + name: "{{ name }}" + resource_group: "{{ resource_group }}" + state: absent + +- name: Delete Event Hub (idempotent) + azure_rm_eventhub: + location: eastus2 + namespace_name: "{{ namespace_name }}" + name: "{{ name }}" + resource_group: "{{ resource_group }}" + state: absent + register: results + +- assert: + that: not results.changed + +- name: Delete Namespace + azure_rm_eventhub: + location: eastus2 + namespace_name: "{{ namespace_name }}" + resource_group: "{{ resource_group }}" + state: absent + +- name: Pause for 1 minutes to check namespace deleted + pause: + minutes: 1 + +- name: Delete Namespace (idempotent) + azure_rm_eventhub: + location: eastus2 + namespace_name: "{{ namespace_name }}" + resource_group: "{{ resource_group }}" + state: absent + register: results + +- assert: + that: not results.changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_expressroute/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_expressroute/aliases new file mode 100644 index 000000000..5d29c6c4d --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_expressroute/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group10 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_expressroute/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_expressroute/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_expressroute/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_expressroute/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_expressroute/tasks/main.yml new file mode 100644 index 000000000..d90dbfdf6 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_expressroute/tasks/main.yml @@ -0,0 +1,119 @@ +- name: Create random express route + set_fact: + express_route: "test{{ resource_group | hash('md5') | truncate(16, True, '') + (65535 | random | string) }}" + +- name: Create Express route (check mode) + azure_rm_expressroute: + location: eastus + name: "{{ express_route }}" + resource_group: "{{ resource_group }}" + allow_classic_operations: true + global_reach_enabled: false + tags: + a: b + authorizations: + - name: authorization_test + service_provider_properties: + service_provider_name: Aryaka Networks + peering_location: Seattle + bandwidth_in_mbps: '200' + sku: + tier: premium + family: metereddata + register: results + check_mode: yes + +- assert: + that: results.changed + + +- name: Create Express route + azure_rm_expressroute: + location: eastus + name: "{{ express_route }}" + resource_group: "{{ resource_group }}" + allow_classic_operations: true + global_reach_enabled: false + tags: + a: b + authorizations: + - name: authorization_test + service_provider_properties: + service_provider_name: Aryaka Networks + peering_location: Seattle + bandwidth_in_mbps: '200' + sku: + tier: premium + family: metereddata + register: results + +- assert: + that: results.changed + + +- name: Update Express route + azure_rm_expressroute: + location: eastus + name: "{{ express_route }}" + resource_group: "{{ resource_group }}" + allow_classic_operations: true + global_reach_enabled: false + tags: + test: modified + authorizations: + - name: authorization_test + service_provider_properties: + service_provider_name: Aryaka Networks + peering_location: Seattle + bandwidth_in_mbps: '200' + sku: + tier: premium + family: metereddata + register: results + +- assert: + that: + - results.changed + - results.state.tags.test == 'modified' + + +- name: Retrieve Express Route + azure_rm_expressroute_info: + resource_group: "{{ resource_group }}" + name: "{{ express_route }}" + register: results + +- name: Assert that facts module returned result + assert: + that: + - results.expressroute[0].tags.test == 'modified' + - results.expressroute[0].type == 'Microsoft.Network/expressRouteCircuits' + +- name: Test idempotent + azure_rm_expressroute: + name: "{{ express_route }}" + resource_group: "{{ resource_group }}" + register: results + +- assert: + that: + - not results.changed + +# +# azure_rm_expressroute cleanup +# +- name: Delete Express Route + azure_rm_expressroute: + resource_group: "{{ resource_group }}" + name: "{{ express_route }}" + state: absent + +- name: Delete Express Route (idempotent) + azure_rm_expressroute: + resource_group: "{{ resource_group }}" + name: "{{ express_route }}" + state: absent + register: results + +- assert: + that: not results.changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_firewallpolicy/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_firewallpolicy/aliases new file mode 100644 index 000000000..5d29c6c4d --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_firewallpolicy/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group10 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_firewallpolicy/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_firewallpolicy/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_firewallpolicy/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_firewallpolicy/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_firewallpolicy/tasks/main.yml new file mode 100644 index 000000000..4bbba792e --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_firewallpolicy/tasks/main.yml @@ -0,0 +1,100 @@ +- name: Create firewall policy name + set_fact: + policy_name: "fp{{ resource_group | hash('md5') | truncate(22, True, '') }}" + +- name: Create firewall policy + azure_rm_firewallpolicy: + resource_group: "{{ resource_group }}" + name: "{{ policy_name }}" + threat_intel_mode: alert + threat_intel_whitelist: + ip_addresses: + - 10.0.0.1 + - 10.0.0.2 + fqdns: + - "*.microsoft.com" + - "*.azure.com" + state: present + register: results + +- name: Assert that firewall policy is created + assert: + that: results.changed + +- name: Create a firewall policy again (Idempotent test) + azure_rm_firewallpolicy: + resource_group: "{{ resource_group }}" + name: "{{ policy_name }}" + threat_intel_mode: alert + threat_intel_whitelist: + ip_addresses: + - 10.0.0.1 + - 10.0.0.2 + fqdns: + - "*.microsoft.com" + - "*.azure.com" + state: present + register: results + +- name: Assert that output is not changed + assert: + that: not results.changed + +- name: Update a firewall policy + azure_rm_firewallpolicy: + resource_group: "{{ resource_group }}" + name: "{{ policy_name }}" + threat_intel_mode: deny + threat_intel_whitelist: + ip_addresses: + - 10.0.0.1 + append_ip_addresses: false + fqdns: + - "*.microsoft.com" + append_fqdns: false + state: present + tags: + key1: "value1" + register: results + +- name: Assert that firewall policy is updated + assert: + that: results.changed + +- name: Get firewall policy facts + azure_rm_firewallpolicy_info: + resource_group: "{{ resource_group }}" + name: "{{ policy_name }}" + register: results + +- assert: + that: + - not results.changed + - results.firewallpolicies[0].id != None + - results.firewallpolicies[0].name == "{{ policy_name }}" + - results.firewallpolicies[0].threat_intel_mode == "Deny" + - results.firewallpolicies[0].threat_intel_whitelist.ip_addresses == ["10.0.0.1"] + - results.firewallpolicies[0].threat_intel_whitelist.fqdns == ["*.microsoft.com"] + - results.firewallpolicies[0].tags | length > 0 + +- name: Delete the firewall policy + azure_rm_firewallpolicy: + resource_group: "{{ resource_group }}" + name: "{{ policy_name }}" + state: absent + register: results + +- name: Assert that firewall policy is deleted + assert: + that: results.changed + +- name: Delete firewall policy again (Idempotent test) + azure_rm_firewallpolicy: + resource_group: "{{ resource_group }}" + name: "{{ policy_name }}" + state: absent + register: results + +- name: Asset that output is not changed + assert: + that: not results.changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_functionapp/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_functionapp/aliases new file mode 100644 index 000000000..759eafa2d --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_functionapp/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group3 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_functionapp/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_functionapp/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_functionapp/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_functionapp/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_functionapp/tasks/main.yml new file mode 100644 index 000000000..e618e7038 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_functionapp/tasks/main.yml @@ -0,0 +1,131 @@ +- name: Fix resource prefix + set_fact: + fixed_resource_prefix: "fa{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + +- name: Fix resource prefix + set_fact: + funcapp_name_basic: "fa{{ fixed_resource_prefix }}basic" + funcapp_name_container: "fa{{ fixed_resource_prefix }}container" + funcapp_name_params: "fa{{ fixed_resource_prefix }}params" + storage_account_name: "sa{{ fixed_resource_prefix }}" + plan_name: "ap{{ fixed_resource_prefix }}" + +- name: create storage account for function apps + azure_rm_storageaccount: + resource_group: '{{ resource_group }}' + name: "{{ storage_account_name }}" + account_type: Standard_LRS + +- name: create basic function app + azure_rm_functionapp: + resource_group: "{{ resource_group }}" + name: "{{ funcapp_name_basic }}" + storage_account: "{{ storage_account_name }}" + register: output + +- name: assert the function was created + assert: + that: output.changed + +- name: list facts for function + azure_rm_functionapp_info: + resource_group: '{{ resource_group }}' + name: "{{ funcapp_name_basic }}" + register: results + +- name: assert the facts were retrieved + assert: + that: + - results.ansible_info.azure_functionapps|length == 1 + - results.ansible_info.azure_functionapps[0].name == "{{ funcapp_name_basic }}" + +- name: delete basic function app + azure_rm_functionapp: + resource_group: '{{ resource_group }}' + name: "{{ funcapp_name_basic }}" + state: absent + register: output + +- name: assert the function was deleted + assert: + that: output.changed + +- name: create a function with app settings + azure_rm_functionapp: + resource_group: '{{ resource_group }}' + name: "{{ funcapp_name_params }}" + storage_account: "{{ storage_account_name }}" + app_settings: + hello: world + things: more stuff + FUNCTIONS_EXTENSION_VERSION: "~2" + register: output + +- name: assert the function with app settings was created + assert: + that: output.changed + +- name: change app settings + azure_rm_functionapp: + resource_group: '{{ resource_group }}' + name: "{{ funcapp_name_params }}" + storage_account: "{{ storage_account_name }}" + app_settings: + hello: world + things: more stuff + FUNCTIONS_EXTENSION_VERSION: "~2" + another: one + register: output + +- name: assert the function was changed + assert: + that: output.changed + +- name: delete the function app + azure_rm_functionapp: + resource_group: '{{ resource_group }}' + name: "{{ funcapp_name_params }}" + state: absent + register: output + +- name: assert the function was deleted + assert: + that: output.changed + +- name: Create a linux app service plan + azure_rm_appserviceplan: + resource_group: "{{ resource_group }}" + name: "{{ plan_name }}" + sku: S1 + is_linux: true + number_of_workers: 1 + +- name: "Create azure function app {{ function_app }}" + azure_rm_functionapp: + resource_group: "{{ resource_group }}" + name: "{{ funcapp_name_container }}" + storage_account: "{{ storage_account_name }}" + plan: + resource_group: "{{ resource_group }}" + name: "{{ plan_name }}" + container_settings: + name: httpd + app_settings: + FUNCTIONS_EXTENSION_VERSION: "~2" + register: output + +- name: assert the function was changed + assert: + that: output.changed + +- name: delete the function app + azure_rm_functionapp: + resource_group: '{{ resource_group }}' + name: "{{ funcapp_name_container }}" + state: absent + +- name: delete storage account + azure_rm_storageaccount: + resource_group: '{{ resource_group }}' + name: "{{ storage_account_name }}" + state: absent diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_gallery/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_gallery/aliases new file mode 100644 index 000000000..df49fa1ef --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_gallery/aliases @@ -0,0 +1,6 @@ +cloud/azure +shippable/azure/group4 +destructive +azure_rm_galleryimage +azure_rm_galleryimageversion +azure_rm_snapshot diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_gallery/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_gallery/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_gallery/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_gallery/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_gallery/tasks/main.yml new file mode 100644 index 000000000..f67fa218f --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_gallery/tasks/main.yml @@ -0,0 +1,370 @@ +- name: Prepare random number + set_fact: + rpfx: "{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + run_once: yes + +- name: Create virtual network + azure_rm_virtualnetwork: + resource_group: "{{ resource_group }}" + name: "testVnet{{ rpfx }}" + address_prefixes: "10.0.0.0/16" + +- name: Add subnet + azure_rm_subnet: + resource_group: "{{ resource_group }}" + name: "testSubnet{{ rpfx }}" + address_prefix: "10.0.1.0/24" + virtual_network: "testVnet{{ rpfx }}" + +- name: Create public IP address + azure_rm_publicipaddress: + resource_group: "{{ resource_group }}" + allocation_method: Static + name: "testPublicIP{{ rpfx }}" + +- name: Create virtual network inteface cards for VM A and B + azure_rm_networkinterface: + resource_group: "{{ resource_group }}" + name: "vmforimage{{ rpfx }}nic" + virtual_network: "testVnet{{ rpfx }}" + subnet: "testSubnet{{ rpfx }}" + +- name: Create VM + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "vmforimage{{ rpfx }}" + location: eastus + admin_username: testuser + ssh_password_enabled: false + ssh_public_keys: + - path: /home/testuser/.ssh/authorized_keys + key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com" + vm_size: Standard_B1ms + network_interfaces: "vmforimage{{ rpfx }}nic" + image: + offer: UbuntuServer + publisher: Canonical + sku: 16.04-LTS + version: latest + +- name: Get VM facts + azure_rm_virtualmachine_info: + resource_group: "{{ resource_group }}" + name: "vmforimage{{ rpfx }}" + register: output + +- name: Pause for 10 mimutes to VM updating + shell: sleep 600 + +- name: Create a snapshot by importing an unmanaged blob from the same subscription. + azure_rm_snapshot: + resource_group: "{{ resource_group }}" + name: "mySnapshot-{{ rpfx }}" + location: eastus + creation_data: + create_option: Import + source_uri: 'https://{{ output.vms[0].storage_account_name }}.blob.core.windows.net/{{ output.vms[0].storage_container_name }}/{{ output.vms[0].storage_blob_name }}' + register: output + +- assert: + that: + - output.changed + +- name: Create a managed disk + azure_rm_manageddisk: + resource_group: "{{ resource_group }}" + name: "disk-{{ rpfx }}" + disk_size_gb: 1 + register: disk_output + +- name: Create a snapshot with I(incremental=True) + azure_rm_snapshot: + resource_group: "{{ resource_group }}" + name: "mySnapshot-{{ rpfx }}02" + location: eastus + incremental: True + creation_data: + create_option: Copy + source_id: "{{ disk_output.state.id }}" + register: output + +- assert: + that: + - output.changed + +- name: Generalize VM + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "vmforimage{{ rpfx }}" + generalized: yes +- name: Create custom image + azure_rm_image: + resource_group: "{{ resource_group }}" + name: testimagea + source: "vmforimage{{ rpfx }}" +- name: Create or update a simple gallery. + azure_rm_gallery: + resource_group: "{{ resource_group }}" + name: myGallery{{ rpfx }} + location: eastus + description: This is the gallery description. + register: output + +- assert: + that: + - output.changed + +- name: Create or update a simple gallery - idempotent + azure_rm_gallery: + resource_group: "{{ resource_group }}" + name: myGallery{{ rpfx }} + location: eastus + description: This is the gallery description. + register: output + +- assert: + that: + - not output.changed + +- name: Create or update a simple gallery - change description + azure_rm_gallery: + resource_group: "{{ resource_group }}" + name: myGallery{{ rpfx }} + location: eastus + description: This is the gallery description - xxx. + register: output + +- assert: + that: + - output.changed + +- name: Get a gallery info. + azure_rm_gallery_info: + resource_group: "{{ resource_group }}" + name: myGallery{{ rpfx }} + register: output + +- assert: + that: + - not output.changed + - output.galleries['id'] != None + - output.galleries['name'] != None + - output.galleries['location'] != None + - output.galleries['description'] != None + - output.galleries['provisioning_state'] != None + +- name: Create or update gallery image + azure_rm_galleryimage: + resource_group: "{{ resource_group }}" + gallery_name: myGallery{{ rpfx }} + name: myImage + location: eastus + os_type: linux + os_state: generalized + identifier: + publisher: myPublisherName + offer: myOfferName + sku: mySkuName + description: Image Description + register: output + +- assert: + that: + - output.changed + +- name: Create or update gallery image - idempotent + azure_rm_galleryimage: + resource_group: "{{ resource_group }}" + gallery_name: myGallery{{ rpfx }} + name: myImage + location: eastus + os_type: linux + os_state: generalized + identifier: + publisher: myPublisherName + offer: myOfferName + sku: mySkuName + description: Image Description + register: output + +- assert: + that: + - not output.changed + +- name: Create or update gallery image - change description + azure_rm_galleryimage: + resource_group: "{{ resource_group }}" + gallery_name: myGallery{{ rpfx }} + name: myImage + location: eastus + os_type: linux + os_state: generalized + identifier: + publisher: myPublisherName + offer: myOfferName + sku: mySkuName + description: Image Description XXXs + register: output + +- assert: + that: + - output.changed + +- name: Get a gallery image info. + azure_rm_galleryimage_info: + resource_group: "{{ resource_group }}" + gallery_name: myGallery{{ rpfx }} + name: myImage + register: output + +- assert: + that: + - not output.changed + - output.images['id'] != None + - output.images['name'] != None + - output.images['location'] != None + - output.images['os_state'] != None + - output.images['os_type'] != None + - output.images['identifier'] != None + +- name: Create or update a simple gallery Image Version. + azure_rm_galleryimageversion: + resource_group: "{{ resource_group }}" + gallery_name: myGallery{{ rpfx }} + gallery_image_name: myImage + name: 10.1.3 + location: eastus + publishing_profile: + end_of_life_date: "2050-10-01t00:00:00+00:00" + exclude_from_latest: yes + replica_count: 3 + storage_account_type: Standard_LRS + target_regions: + - name: eastus + regional_replica_count: 1 + - name: westus + regional_replica_count: 2 + storage_account_type: Standard_ZRS + managed_image: + name: testimagea + resource_group: "{{ resource_group }}" + register: output + +- assert: + that: + - output.changed + +- name: Create or update a simple gallery Image Version - idempotent + azure_rm_galleryimageversion: + resource_group: "{{ resource_group }}" + gallery_name: myGallery{{ rpfx }} + gallery_image_name: myImage + name: 10.1.3 + location: eastus + publishing_profile: + end_of_life_date: "2050-10-01t00:00:00+00:00" + exclude_from_latest: yes + replica_count: 3 + storage_account_type: Standard_LRS + target_regions: + - name: eastus + regional_replica_count: 1 + - name: westus + regional_replica_count: 2 + storage_account_type: Standard_ZRS + managed_image: + name: testimagea + resource_group: "{{ resource_group }}" + register: output + +- assert: + that: + - not output.changed + +- name: Create or update a simple gallery Image Version - change end of life + azure_rm_galleryimageversion: + resource_group: "{{ resource_group }}" + gallery_name: myGallery{{ rpfx }} + gallery_image_name: myImage + name: 10.1.3 + location: eastus + publishing_profile: + end_of_life_date: "2051-10-01t00:00:00+00:00" + exclude_from_latest: yes + replica_count: 3 + storage_account_type: Standard_LRS + target_regions: + - name: eastus + regional_replica_count: 1 + - name: westus + regional_replica_count: 2 + storage_account_type: Standard_ZRS + managed_image: + name: testimagea + resource_group: "{{ resource_group }}" + register: output + +- assert: + that: + - output.changed + +- name: Get a simple gallery Image Version info. + azure_rm_galleryimageversion_info: + resource_group: "{{ resource_group }}" + gallery_name: myGallery{{ rpfx }} + gallery_image_name: myImage + name: 10.1.3 + register: output + +- assert: + that: + - not output.changed + - output.versions['id'] != None + - output.versions['name'] != None + - output.versions['location'] != None + - output.versions['publishing_profile'] != None + - output.versions['provisioning_state'] != None + +- name: Delete gallery image Version. + azure_rm_galleryimageversion: + resource_group: "{{ resource_group }}" + gallery_name: myGallery{{ rpfx }} + gallery_image_name: myImage + name: 10.1.3 + state: absent + register: output + +- assert: + that: + - output.changed + +- name: pasue 2 minutes, wait for deletion complete + pause: + minutes: 2 + +- name: Delete gallery image + azure_rm_galleryimage: + resource_group: "{{ resource_group }}" + gallery_name: myGallery{{ rpfx }} + name: myImage + state: absent + register: output + +- assert: + that: + - output.changed + +- name: pasue 2 minutes, wait for deletion complete + pause: + minutes: 2 + +- name: Delete gallery + azure_rm_gallery: + resource_group: "{{ resource_group }}" + name: myGallery{{ rpfx }} + state: absent + register: output + +- assert: + that: + - output.changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_hdinsightcluster/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_hdinsightcluster/aliases new file mode 100644 index 000000000..b61052b30 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_hdinsightcluster/aliases @@ -0,0 +1,6 @@ +cloud/azure +destructive +shippable/azure/group14 +unstable # test is slow (~30 minute run time), not unstable, but this is better than unsupported +azure_rm_hdinsightcluster_info +disabled diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_hdinsightcluster/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_hdinsightcluster/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_hdinsightcluster/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_hdinsightcluster/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_hdinsightcluster/tasks/main.yml new file mode 100644 index 000000000..edb99c4c1 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_hdinsightcluster/tasks/main.yml @@ -0,0 +1,244 @@ +- name: Prepare random number + set_fact: + rpfx: "{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + run_once: yes + +- name: Create storage account + azure_rm_storageaccount: + resource_group: "{{ resource_group }}" + name: "storage{{ rpfx }}" + account_type: Standard_LRS + location: eastus2 + +- name: Sample for Azure REST API - StorageAccounts_ListKeys + azure_rm_resource: + api_version: '2018-07-01' + method: POST + resource_group: "{{ resource_group }}" + provider: storage + resource_type: storageaccounts + resource_name: "storage{{ rpfx }}" + subresource: + - type: listkeys + register: storage_output + +- debug: + var: storage_output + +- name: Create instance of Cluster -- check mode + azure_rm_hdinsightcluster: + resource_group: "{{ resource_group }}" + name: "cluster{{ rpfx }}" + location: eastus2 + cluster_version: 3.6 + os_type: linux + tier: standard + cluster_definition: + kind: spark + gateway_rest_username: http-user + gateway_rest_password: Password123! + storage_accounts: + - name: storage{{ rpfx }}.blob.core.windows.net + is_default: yes + container: "cluster{{ rpfx }}" + key: "{{ storage_output['response']['keys'][0]['value'] }}" + compute_profile_roles: + - name: headnode + target_instance_count: 1 + vm_size: Standard_D3 + linux_profile: + username: sshuser + password: Password123! + - name: workernode + target_instance_count: 1 + vm_size: Standard_D3 + linux_profile: + username: sshuser + password: Password123! + - name: zookeepernode + target_instance_count: 3 + vm_size: Medium + linux_profile: + username: sshuser + password: Password123! + check_mode: yes + register: output +- name: Assert the resource instance is well created + assert: + that: + - output.changed + +- name: Create instance of Cluster + azure_rm_hdinsightcluster: + resource_group: "{{ resource_group }}" + name: "cluster{{ rpfx }}" + location: eastus2 + cluster_version: 3.6 + os_type: linux + tier: standard + cluster_definition: + kind: spark + gateway_rest_username: http-user + gateway_rest_password: Password123! + storage_accounts: + - name: storage{{ rpfx }}.blob.core.windows.net + is_default: yes + container: "cluster{{ rpfx }}" + key: "{{ storage_output['response']['keys'][0]['value'] }}" + compute_profile_roles: + - name: headnode + target_instance_count: 1 + vm_size: Standard_D3 + linux_profile: + username: sshuser + password: Password123! + - name: workernode + target_instance_count: 1 + vm_size: Standard_D3 + linux_profile: + username: sshuser + password: Password123! + - name: zookeepernode + target_instance_count: 3 + vm_size: Medium + linux_profile: + username: sshuser + password: Password123! + register: output + +- name: Assert the resource instance is well created + assert: + that: + - output.changed + +- name: Create again instance of Cluster -- idempotent + azure_rm_hdinsightcluster: + resource_group: "{{ resource_group }}" + name: "cluster{{ rpfx }}" + location: eastus2 + cluster_version: 3.6 + os_type: linux + tier: standard + cluster_definition: + kind: spark + gateway_rest_username: http-user + gateway_rest_password: Password123! + storage_accounts: + - name: storage{{ rpfx }}.blob.core.windows.net + is_default: yes + container: "cluster{{ rpfx }}" + key: "{{ storage_output['response']['keys'][0]['value'] }}" + compute_profile_roles: + - name: headnode + target_instance_count: 1 + vm_size: Standard_D3 + linux_profile: + username: sshuser + password: Password123! + - name: workernode + target_instance_count: 1 + vm_size: Standard_D3 + linux_profile: + username: sshuser + password: Password123! + - name: zookeepernode + target_instance_count: 3 + vm_size: Medium + linux_profile: + username: sshuser + password: Password123! + register: output +- name: Assert the state has not changed + assert: + that: + - output.changed == false + +- name: Create again instance of Cluster -- resize and add tags + azure_rm_hdinsightcluster: + resource_group: "{{ resource_group }}" + name: "cluster{{ rpfx }}" + location: eastus2 + cluster_version: 3.6 + os_type: linux + tier: standard + cluster_definition: + kind: spark + gateway_rest_username: http-user + gateway_rest_password: Password123! + storage_accounts: + - name: storage{{ rpfx }}.blob.core.windows.net + is_default: yes + container: "cluster{{ rpfx }}" + key: "{{ storage_output['response']['keys'][0]['value'] }}" + compute_profile_roles: + - name: headnode + target_instance_count: 1 + vm_size: Standard_D3 + linux_profile: + username: sshuser + password: Password123! + - name: workernode + target_instance_count: 2 + vm_size: Standard_D3 + linux_profile: + username: sshuser + password: Password123! + - name: zookeepernode + target_instance_count: 3 + vm_size: Medium + linux_profile: + username: sshuser + password: Password123! + tags: + aaa: bbb + register: output +- debug: + var: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Get facts of Cluster + azure_rm_hdinsightcluster_info: + resource_group: "{{ resource_group }}" + name: "cluster{{ rpfx }}" + register: output + +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.clusters[0]['id'] != None + - output.clusters[0]['resource_group'] != None + - output.clusters[0]['name'] != None + - output.clusters[0]['location'] != None + - output.clusters[0]['cluster_version'] != None + - output.clusters[0]['os_type'] != None + - output.clusters[0]['tier'] != None + - output.clusters[0]['cluster_definition'] != None + - output.clusters[0]['compute_profile_roles'] != None + - output.clusters[0]['connectivity_endpoints'] != None + +- name: Delete instance of Cluster -- check mode + azure_rm_hdinsightcluster: + resource_group: "{{ resource_group }}" + name: "cluster{{ rpfx }}" + state: absent + check_mode: yes + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Delete instance of Cluster + azure_rm_hdinsightcluster: + resource_group: "{{ resource_group }}" + name: "cluster{{ rpfx }}" + state: absent + register: output +- name: Assert the state has changed + assert: + that: + - output.changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_hostgroup/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_hostgroup/aliases new file mode 100644 index 000000000..5d29c6c4d --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_hostgroup/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group10 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_hostgroup/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_hostgroup/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_hostgroup/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_hostgroup/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_hostgroup/tasks/main.yml new file mode 100644 index 000000000..8b2d408eb --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_hostgroup/tasks/main.yml @@ -0,0 +1,87 @@ +- name: Create host group name + set_fact: + group_name: "hostgroup{{ resource_group | hash('md5') | truncate(22, True, '') }}" + +- name: Create a host group + azure_rm_hostgroup: + resource_group: "{{ resource_group }}" + name: "{{ group_name }}" + location: eastus + zones: + - "1" + platform_fault_domain_count: 1 + state: present + register: results + +- name: Assert that host group is created + assert: + that: results.changed + +- name: Create a host group again (Idempotent test) + azure_rm_hostgroup: + resource_group: "{{ resource_group }}" + name: "{{ group_name }}" + location: eastus + zones: + - "1" + platform_fault_domain_count: 1 + state: present + register: results + +- name: Assert that output is not changed + assert: + that: not results.changed + +- name: Update a host group + azure_rm_hostgroup: + resource_group: "{{ resource_group }}" + name: "{{ group_name }}" + location: eastus + zones: + - "1" + platform_fault_domain_count: 1 + state: present + tags: + key1: "value1" + register: results + +- name: Assert that host group is updated + assert: + that: results.changed + +- name: Get host group facts + azure_rm_hostgroup_info: + resource_group: "{{ resource_group }}" + name: "{{ group_name }}" + register: results + +- assert: + that: + - not results.changed + - results.hostgroups[0].name == "{{ group_name }}" + - results.hostgroups[0].location == "eastus" + - results.hostgroups[0].platform_fault_domain_count == 1 + - results.hostgroups[0].zones == ["1"] + - results.hostgroups[0].tags | length > 0 + +- name: Delete host group + azure_rm_hostgroup: + resource_group: "{{ resource_group }}" + name: "{{ group_name }}" + state: absent + register: results + +- name: Assert that host group is deleted + assert: + that: results.changed + +- name: Delete host group again (Idempotent test) + azure_rm_hostgroup: + resource_group: "{{ resource_group }}" + name: "{{ group_name }}" + state: absent + register: results + +- name: Asset that output is not changed + assert: + that: not results.changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_image/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_image/aliases new file mode 100644 index 000000000..2d7dea2ce --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_image/aliases @@ -0,0 +1,4 @@ +cloud/azure +shippable/azure/group3 +destructive +azure_rm_image_info diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_image/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_image/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_image/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_image/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_image/tasks/main.yml new file mode 100644 index 000000000..cbe9baa31 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_image/tasks/main.yml @@ -0,0 +1,178 @@ +- name: Create storage account name + set_fact: + vm_name: "vm{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}x" + public_ip_name: "pip{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + security_group_name: "sg{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + empty_disk_name: "emptydisk{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + +- name: Create virtual network + azure_rm_virtualnetwork: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + address_prefixes: "10.10.0.0/16" + +- name: Add subnet + azure_rm_subnet: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + address_prefix: "10.10.0.0/24" + virtual_network: "{{ vm_name }}" + +- name: Create public ip + azure_rm_publicipaddress: + resource_group: "{{ resource_group }}" + allocation_method: Static + name: "{{ public_ip_name }}" + +- name: Create security group + azure_rm_securitygroup: + resource_group: "{{ resource_group }}" + name: "{{ security_group_name }}" + +- name: Create NIC + azure_rm_networkinterface: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + virtual_network: "{{ vm_name }}" + subnet: "{{ vm_name }}" + public_ip_name: "{{ public_ip_name }}" + security_group: "{{ security_group_name }}" + +- name: Create virtual machine + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + vm_size: Standard_B1ms + managed_disk_type: Standard_LRS + admin_username: adminuser + ssh_password_enabled: false + ssh_public_keys: + - path: /home/adminuser/.ssh/authorized_keys + key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com" + os_type: Linux + network_interfaces: "{{ vm_name }}" + image: + offer: UbuntuServer + publisher: Canonical + sku: 16.04-LTS + version: latest + register: vm + +- name: Create new empty managed disk + azure_rm_manageddisk: + resource_group: "{{ resource_group }}" + name: "{{ empty_disk_name }}" + storage_account_type: "Standard_LRS" + disk_size_gb: 1 + register: emptydisk + +- name: Create an image from VM (check mode) + azure_rm_image: + resource_group: "{{ resource_group }}" + source: "{{ vm.ansible_facts.azure_vm.properties.storageProfile.osDisk.managedDisk.id }}" + name: testimage001 + os_type: Linux + hyper_v_generation: V1 + data_disk_sources: + - "{{ empty_disk_name }}" + check_mode: yes + register: output + +- assert: + that: output.changed + +- name: Create an image from VM + azure_rm_image: + resource_group: "{{ resource_group }}" + source: + name: "{{ vm_name }}" + type: disks + name: testimage001 + hyper_v_generation: V1 + os_type: Linux + register: output + +- assert: + that: + - output.changed + - output.id + +- name: Create an image from VM (idempotent) + azure_rm_image: + resource_group: "{{ resource_group }}" + source: "{{ vm.ansible_facts.azure_vm.properties.storageProfile.osDisk.managedDisk.id }}" + name: testimage001 + hyper_v_generation: V1 + os_type: Linux + register: output + +- assert: + that: + - not output.changed + - output.id + +- name: Gather information about image created + azure_rm_image_info: + resource_group: "{{ resource_group }}" + name: testimage001 + register: output + +- assert: + that: + - output.images != [] + - output.images[0].hyper_v_generation == 'V1' + +- name: Delete image (check mode) + azure_rm_image: + resource_group: "{{ resource_group }}" + name: testimage001 + state: absent + register: output + check_mode: yes + +- assert: + that: + - output.changed + +- name: Delete image + azure_rm_image: + resource_group: "{{ resource_group }}" + name: testimage001 + state: absent + register: output + +- assert: + that: + - output.changed + +- name: Delete image (idempotent) + azure_rm_image: + resource_group: "{{ resource_group }}" + name: testimage001 + state: absent + register: output + +- assert: + that: + - not output.changed + +- name: Delete empty disk + azure_rm_manageddisk: + resource_group: "{{ resource_group }}" + name: "{{ empty_disk_name }}" + state: absent + +- name: Delete VM + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + state: absent + vm_size: Standard_A0 + register: output + +- name: Delete public ip + azure_rm_publicipaddress: + resource_group: "{{ resource_group }}" + allocation_method: Static + name: "{{ public_ip_name }}" + state: absent diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_iothub/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_iothub/aliases new file mode 100644 index 000000000..aa77c071a --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_iothub/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group2 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_iothub/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_iothub/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_iothub/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_iothub/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_iothub/tasks/main.yml new file mode 100644 index 000000000..6cb319050 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_iothub/tasks/main.yml @@ -0,0 +1,178 @@ +- set_fact: + rpfx: "{{ resource_group | hash('md5') | truncate(8, True, '') }}" + +- name: Create IoT Hub (check mode) + azure_rm_iothub: + name: "hub{{ rpfx }}" + resource_group: "{{ resource_group }}" + ip_filters: + - name: filter1 + action: reject + ip_mask: 40.60.80.10 + check_mode: yes + register: iothub + +- assert: + that: + - iothub.changed + +- name: Query IoT Hub + azure_rm_iothub_info: + name: "hub{{ rpfx }}" + resource_group: "{{ resource_group }}" + register: iothub + ignore_errors: yes + +- name: Create IoT Hub + azure_rm_iothub: + name: "hub{{ rpfx }}" + resource_group: "{{ resource_group }}" + ip_filters: + - name: filter1 + action: reject + ip_mask: 40.60.80.10 + register: iothub + +- assert: + that: + - iothub.changed + +- name: Create IoT Hub (idempontent) + azure_rm_iothub: + name: "hub{{ rpfx }}" + resource_group: "{{ resource_group }}" + ip_filters: + - name: filter1 + action: reject + ip_mask: 40.60.80.10 + register: iothub + +- assert: + that: + - not iothub.changed + +- name: Query IoT Hub + azure_rm_iothub_info: + name: "hub{{ rpfx }}" + resource_group: "{{ resource_group }}" + list_keys: yes + register: iothub + +- assert: + that: + - iothub.iothubs | length == 1 + +- set_fact: + registry_write_name: "{{ item.key_name }}" + registry_write_key: "{{ item.primary_key }}" + with_items: "{{ iothub.iothubs[0]['keys'] }}" + when: item.rights == 'RegistryWrite, ServiceConnect, DeviceConnect' + +- name: Create devices + azure_rm_iotdevice: + hub: "hub{{ rpfx }}" + hub_policy_name: "{{ registry_write_name }}" + hub_policy_key: "{{ registry_write_key }}" + name: "mydevice{{ item }}" + twin_tags: + location: + country: US + city: Redmond + sensor: humidity + with_items: + - 1 + - 2 + +- name: Query devices + azure_rm_iotdevice_info: + hub: "hub{{ rpfx }}" + hub_policy_name: "{{ registry_write_name }}" + hub_policy_key: "{{ registry_write_key }}" + register: devices + +- assert: + that: + - devices.iot_devices | length == 2 + +- name: Query devices + azure_rm_iotdevice_info: + hub: "hub{{ rpfx }}" + name: "mydevice1" + hub_policy_name: "{{ registry_write_name }}" + hub_policy_key: "{{ registry_write_key }}" + register: devices + +- assert: + that: + - devices.iot_devices | length == 1 + - devices.iot_devices[0].deviceId == 'mydevice1' + +- name: Pause for 5 mimutes + shell: sleep 300 + +- name: Query devices twin + azure_rm_iotdevice_info: + hub: "hub{{ rpfx }}" + query: "SELECT * FROM devices WHERE tags.location.country = 'US'" + hub_policy_name: "{{ registry_write_name }}" + hub_policy_key: "{{ registry_write_key }}" + register: devices + +- assert: + that: + - devices.iot_devices | length == 2 + +- name: Update devices + azure_rm_iotdevice: + hub: "hub{{ rpfx }}" + hub_policy_name: "{{ registry_write_name }}" + hub_policy_key: "{{ registry_write_key }}" + name: "mydevice{{ item }}" + edge_enabled: yes + twin_tags: + location: + country: China + city: Shanghai + sensor: humidity + with_items: + - 1 + - 3 + +- name: Pause for 5 mimutes + shell: sleep 300 + +- name: Query devices twin + azure_rm_iotdevice_info: + hub: "hub{{ rpfx }}" + query: "SELECT * FROM devices WHERE tags.location.country = 'US'" + hub_policy_name: "{{ registry_write_name }}" + hub_policy_key: "{{ registry_write_key }}" + register: devices + +- assert: + that: + - devices.iot_devices | length == 1 + - devices.iot_devices[0].deviceId == 'mydevice2' + +- name: Delete IoT Hub (check mode) + azure_rm_iothub: + name: "hub{{ rpfx }}" + resource_group: "{{ resource_group }}" + state: absent + check_mode: yes + register: iothub + +- assert: + that: + - iothub.changed + +- name: Delete IoT Hub + azure_rm_iothub: + name: "hub{{ rpfx }}" + resource_group: "{{ resource_group }}" + state: absent + register: iothub + +- assert: + that: + - iothub.changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_ipgroup/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_ipgroup/aliases new file mode 100644 index 000000000..5d29c6c4d --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_ipgroup/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group10 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_ipgroup/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_ipgroup/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_ipgroup/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_ipgroup/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_ipgroup/tasks/main.yml new file mode 100644 index 000000000..8656c7110 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_ipgroup/tasks/main.yml @@ -0,0 +1,106 @@ +- name: Create IP group name + set_fact: + group_name: "ipgroup{{ resource_group | hash('md5') | truncate(22, True, '') }}" + +- name: Create IP group (check mode) + azure_rm_ipgroup: + resource_group: "{{ resource_group }}" + name: "{{ group_name }}" + location: eastus + ip_addresses: + - 13.64.39.16/32 + - 40.74.146.80/31 + - 40.74.147.32/28 + tags: + key1: "value1" + state: present + check_mode: yes + +- name: Create IP group + azure_rm_ipgroup: + resource_group: "{{ resource_group }}" + name: "{{ group_name }}" + location: eastus + ip_addresses: + - 13.64.39.16/32 + - 40.74.146.80/31 + - 40.74.147.32/28 + tags: + key1: "value1" + state: present + register: results + +- name: Assert that IP group is created + assert: + that: results.changed + +- name: Create same IP group again (Idempotent test) + azure_rm_ipgroup: + resource_group: "{{ resource_group }}" + name: "{{ group_name }}" + location: eastus + ip_addresses: + - 13.64.39.16/32 + - 40.74.146.80/31 + - 40.74.147.32/28 + tags: + key1: "value1" + state: present + register: results + +- name: Assert that output is not changed + assert: + that: not results.changed + +- name: Update IP group + azure_rm_ipgroup: + resource_group: "{{ resource_group }}" + name: "{{ group_name }}" + location: eastus + ip_addresses: + - 10.0.0.0/24 + tags: + key2: "value2" + register: results + +- name: Assert that IP group is updated + assert: + that: results.changed + +- name: Get IP group facts + azure_rm_ipgroup_info: + resource_group: "{{ resource_group }}" + name: "{{ group_name }}" + register: results + +- assert: + that: + - not results.changed + - results.ipgroups[0].id != None + - results.ipgroups[0].name == "{{ group_name }}" + - results.ipgroups[0].location == "eastus" + - results.ipgroups[0].provisioning_state == "Succeeded" + - results.ipgroups[0].ip_addresses == ["10.0.0.0/24"] + - results.ipgroups[0].tags | length > 0 + +- name: Delete IP group + azure_rm_ipgroup: + resource_group: "{{ resource_group }}" + name: "{{ group_name }}" + state: absent + register: results + +- name: Assert that IP group is deleted + assert: + that: results.changed + +- name: Delete IP group again (Idempotent test) + azure_rm_ipgroup: + resource_group: "{{ resource_group }}" + name: "{{ group_name }}" + state: absent + register: results + +- name: Asset that output is not changed + assert: + that: not results.changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_keyvault/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_keyvault/aliases new file mode 100644 index 000000000..c256751e5 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_keyvault/aliases @@ -0,0 +1,5 @@ +cloud/azure +destructive +shippable/azure/group9 +azure_rm_keyvaultkey +azure_rm_keyvaultsecret diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_keyvault/lookup_plugins/azure_service_principal_attribute.py b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_keyvault/lookup_plugins/azure_service_principal_attribute.py new file mode 100644 index 000000000..1b7d0318f --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_keyvault/lookup_plugins/azure_service_principal_attribute.py @@ -0,0 +1,94 @@ +# (c) 2018 Yunge Zhu, <yungez@microsoft.com> +# (c) 2017 Ansible Project +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +from __future__ import (absolute_import, division, print_function) +__metaclass__ = type + +DOCUMENTATION = """ +lookup: azure_service_principal_attribute + +requirements: + - azure-graphrbac + +author: + - Yunge Zhu <yungez@microsoft.com> + +version_added: "2.7" + +short_description: Look up Azure service principal attributes. + +description: + - Describes object id of your Azure service principal account. +options: + azure_client_id: + description: azure service principal client id. + azure_secret: + description: azure service principal secret + azure_tenant: + description: azure tenant + azure_cloud_environment: + description: azure cloud environment +""" + +EXAMPLES = """ +set_fact: + object_id: "{{ lookup('azure_service_principal_attribute', + azure_client_id=azure_client_id, + azure_secret=azure_secret, + azure_tenant=azure_secret) }}" +""" + +RETURN = """ +_raw: + description: + Returns object id of service principal. +""" + +from ansible.errors import AnsibleError +from ansible.plugins import AnsiblePlugin +from ansible.plugins.lookup import LookupBase +from ansible.module_utils._text import to_native + +try: + from azure.common.credentials import ServicePrincipalCredentials + from azure.graphrbac import GraphRbacManagementClient + from msrestazure import azure_cloud + from msrestazure.azure_exceptions import CloudError +except ImportError: + raise AnsibleError( + "The lookup azure_service_principal_attribute requires azure.graphrbac, msrest") + + +class LookupModule(LookupBase): + def run(self, terms, variables, **kwargs): + + self.set_options(direct=kwargs) + + credentials = {} + credentials['azure_client_id'] = self.get_option('azure_client_id', None) + credentials['azure_secret'] = self.get_option('azure_secret', None) + credentials['azure_tenant'] = self.get_option('azure_tenant', 'common') + + if credentials['azure_client_id'] is None or credentials['azure_secret'] is None: + raise AnsibleError("Must specify azure_client_id and azure_secret") + + _cloud_environment = azure_cloud.AZURE_PUBLIC_CLOUD + if self.get_option('azure_cloud_environment', None) is not None: + cloud_environment = azure_cloud.get_cloud_from_metadata_endpoint(credentials['azure_cloud_environment']) + + try: + azure_credentials = ServicePrincipalCredentials(client_id=credentials['azure_client_id'], + secret=credentials['azure_secret'], + tenant=credentials['azure_tenant'], + resource=_cloud_environment.endpoints.active_directory_graph_resource_id) + + client = GraphRbacManagementClient(azure_credentials, credentials['azure_tenant'], + base_url=_cloud_environment.endpoints.active_directory_graph_resource_id) + + response = list(client.service_principals.list(filter="appId eq '{0}'".format(credentials['azure_client_id']))) + sp = response[0] + + return sp.object_id.split(',') + except CloudError as ex: + raise AnsibleError("Failed to get service principal object id: %s" % to_native(ex)) + return False diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_keyvault/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_keyvault/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_keyvault/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_keyvault/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_keyvault/tasks/main.yml new file mode 100644 index 000000000..2cd690fbc --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_keyvault/tasks/main.yml @@ -0,0 +1,277 @@ +- name: Prepare random number + set_fact: + rpfx: "{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + tenant_id: "{{ azure_tenant }}" + run_once: yes + +- name: lookup service principal object id + set_fact: + object_id: "{{ lookup('azure_service_principal_attribute', + azure_client_id=azure_client_id, + azure_secret=azure_secret, + azure_tenant=tenant_id) }}" + register: object_id_facts + +- name: Create instance of Key Vault -- check mode + azure_rm_keyvault: + resource_group: "{{ resource_group }}" + vault_name: "vault{{ rpfx }}" + enabled_for_deployment: yes + vault_tenant: "{{ tenant_id }}" + soft_delete_retention_in_days: 7 + sku: + name: standard + family: A + access_policies: + - tenant_id: "{{ tenant_id }}" + object_id: "{{ object_id }}" + keys: + - get + - list + - update + - create + - import + - delete + - recover + - backup + - restore + secrets: + - get + - list + - set + - delete + - recover + - backup + - restore + check_mode: yes + register: output +- name: Assert the resource instance is well created + assert: + that: + - output.changed + +- name: Create instance of Key Vault + azure_rm_keyvault: + resource_group: "{{ resource_group }}" + vault_name: "vault{{ rpfx }}" + enabled_for_deployment: yes + vault_tenant: "{{ tenant_id }}" + soft_delete_retention_in_days: 7 + sku: + name: standard + family: A + access_policies: + - tenant_id: "{{ tenant_id }}" + object_id: "{{ object_id }}" + secrets: + - get + - list + - set + - delete + - recover + - backup + - restore + register: output + +- name: Assert the resource instance is well created + assert: + that: + - output.changed + +- name: Create instance of Key Vault again + azure_rm_keyvault: + resource_group: "{{ resource_group }}" + vault_name: "vault{{ rpfx }}" + enabled_for_deployment: yes + vault_tenant: "{{ tenant_id }}" + soft_delete_retention_in_days: 7 + sku: + name: standard + family: A + access_policies: + - tenant_id: "{{ tenant_id }}" + object_id: "{{ object_id }}" + secrets: + - get + - list + - set + - delete + - recover + - backup + - restore + register: output +- name: Assert the state has not changed + assert: + that: + - output.changed == false + +- name: Update existing Key Vault (add a rule and tags) + azure_rm_keyvault: + resource_group: "{{ resource_group }}" + vault_name: "vault{{ rpfx }}" + enabled_for_deployment: yes + vault_tenant: "{{ tenant_id }}" + soft_delete_retention_in_days: 7 + sku: + name: standard + family: A + access_policies: + - tenant_id: "{{ tenant_id }}" + object_id: "{{ object_id }}" + keys: + - get + - list + - update + - create + - import + - delete + - recover + - backup + - restore + secrets: + - get + - list + - set + - delete + - recover + - backup + - restore + tags: + aaa: bbb + register: output +- name: Assert the state has changed + assert: + that: + - output.changed == true + +- name: Get key vault facts + azure_rm_keyvault_info: + resource_group: "{{ resource_group }}" + name: "vault{{ rpfx }}" + register: facts + +- name: Assert the facts are properly set + assert: + that: + - facts['keyvaults'] | length == 1 + - facts['keyvaults'][0]['vault_uri'] != None + - facts['keyvaults'][0]['name'] != None + - facts['keyvaults'][0]['access_policies'] != None + - facts['keyvaults'][0]['sku'] != None + - facts['keyvaults'][0]['id'] != None + - facts['keyvaults'][0]['enable_soft_delete'] == true + - facts['keyvaults'][0]['soft_delete_retention_in_days'] == 7 +# +# azure_rm_keyvaultkey tests +# + +- name: create a keyvault key + block: + - azure_rm_keyvaultkey: + keyvault_uri: https://vault{{ rpfx }}.vault.azure.net + key_name: testkey + tags: + testing: test + delete: on-exit + register: output + - assert: + that: output.changed + rescue: + - azure_rm_keyvaultkey: + keyvault_uri: https://vault{{ rpfx }}.vault.azure.net + state: absent + key_name: testkey + +- name: Get key current version + azure_rm_keyvaultkey_info: + vault_uri: https://vault{{ rpfx }}.vault.azure.net + name: testkey + register: facts + +- name: Assert key facts + assert: + that: + - facts['keys'] | length == 1 + - facts['keys'][0]['kid'] + - facts['keys'][0]['permitted_operations'] | length > 0 + - facts['keys'][0]['type'] + - facts['keys'][0]['version'] + +- name: delete a kevyault key + azure_rm_keyvaultkey: + keyvault_uri: https://vault{{ rpfx }}.vault.azure.net + state: absent + key_name: testkey + register: output + +- assert: + that: output.changed + +# +# azure_rm_keyvaultsecret tests +# +- name: create a keyvault secret + block: + - azure_rm_keyvaultsecret: + keyvault_uri: https://vault{{ rpfx }}.vault.azure.net + secret_name: testsecret + secret_value: 'mysecret' + tags: + testing: test + delete: on-exit + register: output + - assert: + that: output.changed + rescue: + - azure_rm_keyvaultsecret: + keyvault_uri: https://vault{{ rpfx }}.vault.azure.net + state: absent + secret_name: testsecret + +- name: delete a keyvault secret + azure_rm_keyvaultsecret: + keyvault_uri: https://vault{{ rpfx }}.vault.azure.net + state: absent + secret_name: testsecret + register: output + +- assert: + that: output.changed + +# +# azure_rm_keyvault finalize & clean up +# + +- name: Delete instance of Key Vault -- check mode + azure_rm_keyvault: + resource_group: "{{ resource_group }}" + vault_name: "vault{{ rpfx }}" + state: absent + check_mode: yes + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Delete instance of Key Vault + azure_rm_keyvault: + resource_group: "{{ resource_group }}" + vault_name: "vault{{ rpfx }}" + state: absent + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Delete unexisting instance of Key Vault + azure_rm_keyvault: + resource_group: "{{ resource_group }}" + vault_name: "vault{{ rpfx }}" + state: absent + register: output +- name: Assert the state has changed + assert: + that: + - output.changed == false diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_keyvaultkey/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_keyvaultkey/aliases new file mode 100644 index 000000000..8f7a9a2e5 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_keyvaultkey/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group1 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_keyvaultkey/lookup_plugins/azure_service_principal_attribute.py b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_keyvaultkey/lookup_plugins/azure_service_principal_attribute.py new file mode 100644 index 000000000..1b7d0318f --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_keyvaultkey/lookup_plugins/azure_service_principal_attribute.py @@ -0,0 +1,94 @@ +# (c) 2018 Yunge Zhu, <yungez@microsoft.com> +# (c) 2017 Ansible Project +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +from __future__ import (absolute_import, division, print_function) +__metaclass__ = type + +DOCUMENTATION = """ +lookup: azure_service_principal_attribute + +requirements: + - azure-graphrbac + +author: + - Yunge Zhu <yungez@microsoft.com> + +version_added: "2.7" + +short_description: Look up Azure service principal attributes. + +description: + - Describes object id of your Azure service principal account. +options: + azure_client_id: + description: azure service principal client id. + azure_secret: + description: azure service principal secret + azure_tenant: + description: azure tenant + azure_cloud_environment: + description: azure cloud environment +""" + +EXAMPLES = """ +set_fact: + object_id: "{{ lookup('azure_service_principal_attribute', + azure_client_id=azure_client_id, + azure_secret=azure_secret, + azure_tenant=azure_secret) }}" +""" + +RETURN = """ +_raw: + description: + Returns object id of service principal. +""" + +from ansible.errors import AnsibleError +from ansible.plugins import AnsiblePlugin +from ansible.plugins.lookup import LookupBase +from ansible.module_utils._text import to_native + +try: + from azure.common.credentials import ServicePrincipalCredentials + from azure.graphrbac import GraphRbacManagementClient + from msrestazure import azure_cloud + from msrestazure.azure_exceptions import CloudError +except ImportError: + raise AnsibleError( + "The lookup azure_service_principal_attribute requires azure.graphrbac, msrest") + + +class LookupModule(LookupBase): + def run(self, terms, variables, **kwargs): + + self.set_options(direct=kwargs) + + credentials = {} + credentials['azure_client_id'] = self.get_option('azure_client_id', None) + credentials['azure_secret'] = self.get_option('azure_secret', None) + credentials['azure_tenant'] = self.get_option('azure_tenant', 'common') + + if credentials['azure_client_id'] is None or credentials['azure_secret'] is None: + raise AnsibleError("Must specify azure_client_id and azure_secret") + + _cloud_environment = azure_cloud.AZURE_PUBLIC_CLOUD + if self.get_option('azure_cloud_environment', None) is not None: + cloud_environment = azure_cloud.get_cloud_from_metadata_endpoint(credentials['azure_cloud_environment']) + + try: + azure_credentials = ServicePrincipalCredentials(client_id=credentials['azure_client_id'], + secret=credentials['azure_secret'], + tenant=credentials['azure_tenant'], + resource=_cloud_environment.endpoints.active_directory_graph_resource_id) + + client = GraphRbacManagementClient(azure_credentials, credentials['azure_tenant'], + base_url=_cloud_environment.endpoints.active_directory_graph_resource_id) + + response = list(client.service_principals.list(filter="appId eq '{0}'".format(credentials['azure_client_id']))) + sp = response[0] + + return sp.object_id.split(',') + except CloudError as ex: + raise AnsibleError("Failed to get service principal object id: %s" % to_native(ex)) + return False diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_keyvaultkey/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_keyvaultkey/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_keyvaultkey/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_keyvaultkey/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_keyvaultkey/tasks/main.yml new file mode 100644 index 000000000..1d09f9e6d --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_keyvaultkey/tasks/main.yml @@ -0,0 +1,186 @@ +- name: Prepare random number + set_fact: + rpfx: "{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + tenant_id: "{{ azure_tenant }}" + run_once: yes + +- name: lookup service principal object id + set_fact: + object_id: "{{ lookup('azure_service_principal_attribute', + azure_client_id=azure_client_id, + azure_secret=azure_secret, + azure_tenant=tenant_id) }}" + register: object_id_facts + +- name: Create instance of Key Vault + azure_rm_keyvault: + resource_group: "{{ resource_group }}" + vault_name: "vault{{ rpfx }}" + enabled_for_deployment: yes + vault_tenant: "{{ tenant_id }}" + sku: + name: standard + family: A + access_policies: + - tenant_id: "{{ tenant_id }}" + object_id: '{{ object_id }}' + keys: + - get + - list + - update + - create + - import + - delete + - recover + - backup + - restore + - encrypt + - decrypt + - wrapkey + - unwrapkey + - sign + - verify + secrets: + - get + - list + - set + - delete + - recover + - backup + - restore + register: output + +- name: create a kevyault key + block: + - azure_rm_keyvaultkey: + keyvault_uri: https://vault{{ rpfx }}.vault.azure.net + key_name: testkey + tags: + testing: test + delete: on-exit + register: output + - assert: + that: output.changed + rescue: + - azure_rm_keyvaultkey: + keyvault_uri: https://vault{{ rpfx }}.vault.azure.net + state: absent + key_name: testkey + +- name: delete a kevyault key + azure_rm_keyvaultkey: + keyvault_uri: https://vault{{ rpfx }}.vault.azure.net + state: absent + key_name: testkey + register: output + +- name: create a kevyault key of type EC + block: + - azure_rm_keyvaultkey: + keyvault_uri: https://vault{{ rpfx }}.vault.azure.net + key_name: testkeyEC + key_type: EC + tags: + testing: test + delete: on-exit + register: output + - assert: + that: output.changed + rescue: + - azure_rm_keyvaultkey: + keyvault_uri: https://vault{{ rpfx }}.vault.azure.net + state: absent + key_name: testkeyEC + +- name: delete a kevyault key of type EC + azure_rm_keyvaultkey: + keyvault_uri: https://vault{{ rpfx }}.vault.azure.net + state: absent + key_name: testkeyEC + register: output + +- name: create a kevyault key of size 4096 + block: + - azure_rm_keyvaultkey: + keyvault_uri: https://vault{{ rpfx }}.vault.azure.net + key_name: testkey4096 + key_size: 4096 + tags: + testing: test + delete: on-exit + register: output + - assert: + that: output.changed + rescue: + - azure_rm_keyvaultkey: + keyvault_uri: https://vault{{ rpfx }}.vault.azure.net + state: absent + key_name: testkey4096 + +- name: delete a kevyault key of size 4096 + azure_rm_keyvaultkey: + keyvault_uri: https://vault{{ rpfx }}.vault.azure.net + state: absent + key_name: testkey4096 + register: output + +- name: create a kevyault key with P-521 curve + block: + - azure_rm_keyvaultkey: + keyvault_uri: https://vault{{ rpfx }}.vault.azure.net + key_name: testkeycurve + curve: P-521 + tags: + testing: test + delete: on-exit + register: output + - assert: + that: output.changed + rescue: + - azure_rm_keyvaultkey: + keyvault_uri: https://vault{{ rpfx }}.vault.azure.net + state: absent + key_name: testkeycurve + +- name: delete a kevyault key with P-521 curve + azure_rm_keyvaultkey: + keyvault_uri: https://vault{{ rpfx }}.vault.azure.net + state: absent + key_name: testkeycurve + register: output + +- name: create a kevyault key with attributes + block: + - azure_rm_keyvaultkey: + keyvault_uri: https://vault{{ rpfx }}.vault.azure.net + key_name: testkeyattribute + key_attributes: + enabled: true + not_before: '2032-12-01T00:00:00Z' + tags: + testing: test + delete: on-exit + register: output + - assert: + that: output.changed + rescue: + - azure_rm_keyvaultkey: + keyvault_uri: https://vault{{ rpfx }}.vault.azure.net + state: absent + key_name: testkeyattributes + +- name: delete a kevyault key with attributes + azure_rm_keyvaultkey: + keyvault_uri: https://vault{{ rpfx }}.vault.azure.net + state: absent + key_name: testkeyattribute + register: output + +- assert: + that: output.changed + +- name: Delete instance of Key Vault + azure_rm_keyvault: + resource_group: "{{ resource_group }}" + vault_name: "vault{{ rpfx }}" + state: absent diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_keyvaultsecret/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_keyvaultsecret/aliases new file mode 100644 index 000000000..fd1a5ed5a --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_keyvaultsecret/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group1 +destructive
\ No newline at end of file diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_keyvaultsecret/lookup_plugins/azure_service_principal_attribute.py b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_keyvaultsecret/lookup_plugins/azure_service_principal_attribute.py new file mode 100644 index 000000000..1b7d0318f --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_keyvaultsecret/lookup_plugins/azure_service_principal_attribute.py @@ -0,0 +1,94 @@ +# (c) 2018 Yunge Zhu, <yungez@microsoft.com> +# (c) 2017 Ansible Project +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +from __future__ import (absolute_import, division, print_function) +__metaclass__ = type + +DOCUMENTATION = """ +lookup: azure_service_principal_attribute + +requirements: + - azure-graphrbac + +author: + - Yunge Zhu <yungez@microsoft.com> + +version_added: "2.7" + +short_description: Look up Azure service principal attributes. + +description: + - Describes object id of your Azure service principal account. +options: + azure_client_id: + description: azure service principal client id. + azure_secret: + description: azure service principal secret + azure_tenant: + description: azure tenant + azure_cloud_environment: + description: azure cloud environment +""" + +EXAMPLES = """ +set_fact: + object_id: "{{ lookup('azure_service_principal_attribute', + azure_client_id=azure_client_id, + azure_secret=azure_secret, + azure_tenant=azure_secret) }}" +""" + +RETURN = """ +_raw: + description: + Returns object id of service principal. +""" + +from ansible.errors import AnsibleError +from ansible.plugins import AnsiblePlugin +from ansible.plugins.lookup import LookupBase +from ansible.module_utils._text import to_native + +try: + from azure.common.credentials import ServicePrincipalCredentials + from azure.graphrbac import GraphRbacManagementClient + from msrestazure import azure_cloud + from msrestazure.azure_exceptions import CloudError +except ImportError: + raise AnsibleError( + "The lookup azure_service_principal_attribute requires azure.graphrbac, msrest") + + +class LookupModule(LookupBase): + def run(self, terms, variables, **kwargs): + + self.set_options(direct=kwargs) + + credentials = {} + credentials['azure_client_id'] = self.get_option('azure_client_id', None) + credentials['azure_secret'] = self.get_option('azure_secret', None) + credentials['azure_tenant'] = self.get_option('azure_tenant', 'common') + + if credentials['azure_client_id'] is None or credentials['azure_secret'] is None: + raise AnsibleError("Must specify azure_client_id and azure_secret") + + _cloud_environment = azure_cloud.AZURE_PUBLIC_CLOUD + if self.get_option('azure_cloud_environment', None) is not None: + cloud_environment = azure_cloud.get_cloud_from_metadata_endpoint(credentials['azure_cloud_environment']) + + try: + azure_credentials = ServicePrincipalCredentials(client_id=credentials['azure_client_id'], + secret=credentials['azure_secret'], + tenant=credentials['azure_tenant'], + resource=_cloud_environment.endpoints.active_directory_graph_resource_id) + + client = GraphRbacManagementClient(azure_credentials, credentials['azure_tenant'], + base_url=_cloud_environment.endpoints.active_directory_graph_resource_id) + + response = list(client.service_principals.list(filter="appId eq '{0}'".format(credentials['azure_client_id']))) + sp = response[0] + + return sp.object_id.split(',') + except CloudError as ex: + raise AnsibleError("Failed to get service principal object id: %s" % to_native(ex)) + return False diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_keyvaultsecret/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_keyvaultsecret/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_keyvaultsecret/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_keyvaultsecret/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_keyvaultsecret/tasks/main.yml new file mode 100644 index 000000000..0a4226a0e --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_keyvaultsecret/tasks/main.yml @@ -0,0 +1,96 @@ +- name: Prepare random number + set_fact: + rpfx: "{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + tenant_id: "{{ azure_tenant }}" + run_once: yes + +- name: lookup service principal object id + set_fact: + object_id: "{{ lookup('azure_service_principal_attribute', + azure_client_id=azure_client_id, + azure_secret=azure_secret, + azure_tenant=tenant_id) }}" + register: object_id_facts + +- name: Create instance of Key Vault + azure_rm_keyvault: + resource_group: "{{ resource_group }}" + vault_name: "vault{{ rpfx }}" + enabled_for_deployment: yes + vault_tenant: "{{ tenant_id }}" + sku: + name: standard + family: A + access_policies: + - tenant_id: "{{ tenant_id }}" + object_id: "{{ object_id }}" + keys: + - get + - list + - update + - create + - import + - delete + - recover + - backup + - restore + secrets: + - get + - list + - set + - delete + - recover + - backup + - restore + register: output + +- name: create a kevyault secret + block: + - azure_rm_keyvaultsecret: + keyvault_uri: https://vault{{ rpfx }}.vault.azure.net + secret_name: testsecret + secret_value: 'mysecret' + content_type: 'Content Type Secret' + secret_valid_from: 2000-01-02T010203Z + secret_expiry: 2030-03-04T040506Z + tags: + testing: test + delete: on-exit + register: output + - assert: + that: output.changed + rescue: + - azure_rm_keyvaultsecret: + keyvault_uri: https://vault{{ rpfx }}.vault.azure.net + state: absent + secret_name: testsecret + +- name: Get secret current version + azure_rm_keyvaultsecret_info: + vault_uri: https://vault{{ rpfx }}.vault.azure.net + name: testsecret + register: facts + +- name: Assert secret facts + assert: + that: + - facts['secrets'] | length == 1 + - facts['secrets'][0]['sid'] + - facts['secrets'][0]['secret'] + - facts['secrets'][0]['tags'] + - facts['secrets'][0]['version'] + - facts['secrets'][0]['attributes']['expires'] + - facts['secrets'][0]['attributes']['not_before'] + - facts['secrets'][0]['content_type'] == 'Content Type Secret' + - facts['secrets'][0]['attributes']['expires'] == "2030-03-04T04:05:06+00:00" + - facts['secrets'][0]['attributes']['not_before'] == "2000-01-02T01:02:03+00:00" + +- name: delete a kevyault secret + azure_rm_keyvaultsecret: + keyvault_uri: https://vault{{ rpfx }}.vault.azure.net + state: absent + secret_name: testsecret + register: output + +- assert: + that: output.changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_loadbalancer/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_loadbalancer/aliases new file mode 100644 index 000000000..cc941b59c --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_loadbalancer/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group12 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_loadbalancer/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_loadbalancer/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_loadbalancer/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_loadbalancer/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_loadbalancer/tasks/main.yml new file mode 100644 index 000000000..2c1eb736e --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_loadbalancer/tasks/main.yml @@ -0,0 +1,333 @@ +- name: Prepare random number + set_fact: + pipaname: "pipa{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + pipbname: "pipb{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + lbvnname: "lbvn{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + lbname_a: "lba{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + lbname_b: "lbb{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + lbname_c1: "lbc1-{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + lbname_c2: "lbc2-{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + lbname_d: "lbd{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + run_once: yes + +- name: create public ip + azure_rm_publicipaddress: + name: "{{ pipbname }}" + sku: Standard + allocation_method: Static + resource_group: '{{ resource_group }}' + +- name: create public ip + azure_rm_publicipaddress: + name: "{{ pipaname }}" + resource_group: '{{ resource_group }}' + +- name: clear load balancer + azure_rm_loadbalancer: + resource_group: '{{ resource_group }}' + name: "{{ lbname_a }}" + state: absent + +- name: create load balancer -- check mode + azure_rm_loadbalancer: + resource_group: '{{ resource_group }}' + name: "{{ lbname_a }}" + public_ip: "{{ pipaname }}" + check_mode: yes + register: output + +- name: assert load balancer created + assert: + that: output.changed + +- name: create load balancer + azure_rm_loadbalancer: + resource_group: '{{ resource_group }}' + name: "{{ lbname_a }}" + public_ip: "{{ pipaname }}" + register: output + +- name: assert load balancer created + assert: + that: output.changed + +- name: create load balancer -- idempotent + azure_rm_loadbalancer: + resource_group: '{{ resource_group }}' + name: "{{ lbname_a }}" + public_ip: "{{ pipaname }}" + register: output + +- name: assert no change + assert: + that: + - not output.changed + +- name: delete load balancer + azure_rm_loadbalancer: + resource_group: '{{ resource_group }}' + name: "{{ lbname_a }}" + state: absent + register: output + +- name: assert load balancer deleted + assert: + that: output.changed + +- name: delete load balancer (idempotent) + azure_rm_loadbalancer: + resource_group: '{{ resource_group }}' + name: "{{ lbname_a }}" + state: absent + register: output + +- name: assert load balancer deleted (idempotent) + assert: + that: not output.changed + +- name: create another load balancer with more options + azure_rm_loadbalancer: + resource_group: '{{ resource_group }}' + name: "{{ lbname_b }}" + sku: Standard + public_ip_address: "{{ pipbname }}" + probe_protocol: Tcp + probe_port: 80 + probe_interval: 10 + probe_fail_count: 3 + protocol: Tcp + load_distribution: Default + frontend_port: 80 + backend_port: 8080 + idle_timeout: 4 + natpool_frontend_port_start: 30 + natpool_frontend_port_end: 40 + natpool_backend_port: 80 + natpool_protocol: Tcp + register: output + +- name: assert complex load balancer created + assert: + that: + - output.changed + - output.state.sku.name == 'Standard' + +- name: create load balancer again to check idempotency + azure_rm_loadbalancer: + resource_group: '{{ resource_group }}' + name: "{{ lbname_b }}" + sku: Standard + public_ip_address: "{{ pipbname }}" + probe_protocol: Tcp + probe_port: 80 + probe_interval: 10 + probe_fail_count: 3 + protocol: Tcp + load_distribution: Default + frontend_port: 80 + backend_port: 8080 + idle_timeout: 4 + natpool_frontend_port_start: 30 + natpool_frontend_port_end: 40 + natpool_backend_port: 80 + natpool_protocol: Tcp + register: output + +- name: assert that output has not changed + assert: + that: + - not output.changed + +- name: create load balancer again to check idempotency - change something + azure_rm_loadbalancer: + resource_group: '{{ resource_group }}' + name: "{{ lbname_b }}" + sku: Standard + public_ip_address: "{{ pipbname }}" + probe_protocol: Tcp + probe_port: 80 + probe_interval: 10 + probe_fail_count: 3 + protocol: Tcp + load_distribution: Default + frontend_port: 81 + backend_port: 8080 + idle_timeout: 4 + natpool_frontend_port_start: 30 + natpool_frontend_port_end: 40 + natpool_backend_port: 80 + natpool_protocol: Tcp + register: output + +- name: assert that output has changed + assert: + that: + - output.changed + +- name: delete load balancer + azure_rm_loadbalancer: + resource_group: '{{ resource_group }}' + name: "{{ lbname_b }}" + state: absent + +- name: create load balancer with multiple parameters + azure_rm_loadbalancer: + resource_group: '{{ resource_group }}' + name: "{{ lbname_c1 }}" + frontend_ip_configurations: + - name: frontendipconf0 + public_ip_address: "{{ pipaname }}" + backend_address_pools: + - name: backendaddrpool0 + probes: + - name: prob0 + port: 80 + inbound_nat_pools: + - name: inboundnatpool0 + frontend_ip_configuration_name: frontendipconf0 + protocol: Tcp + frontend_port_range_start: 80 + frontend_port_range_end: 81 + backend_port: 8080 + load_balancing_rules: + - name: lbrbalancingrule0 + frontend_ip_configuration: frontendipconf0 + backend_address_pool: backendaddrpool0 + frontend_port: 80 + backend_port: 80 + probe: prob0 + disable_outbound_snat: True + register: output + +- name: assert complex load balancer created + assert: + that: + - output.changed + +- name: delete load balancer + azure_rm_loadbalancer: + resource_group: '{{ resource_group }}' + name: "{{ lbname_c1 }}" + state: absent + +- name: create load balancer with multiple parameters + azure_rm_loadbalancer: + resource_group: '{{ resource_group }}' + name: "{{ lbname_c2 }}" + frontend_ip_configurations: + - name: frontendipconf0 + public_ip_address: "{{ pipaname }}" + backend_address_pools: + - name: backendaddrpool0 + probes: + - name: prob0 + port: 80 + load_balancing_rules: + - name: lbrbalancingrule0 + frontend_ip_configuration: frontendipconf0 + backend_address_pool: backendaddrpool0 + frontend_port: 80 + backend_port: 80 + probe: prob0 + disable_outbound_snat: True + inbound_nat_rules: + - name: inboundnatrule0 + backend_port: 8080 + protocol: Tcp + frontend_port: 8080 + frontend_ip_configuration: frontendipconf0 + register: output + +- name: assert complex load balancer created + assert: + that: output.changed + +- name: delete load balancer + azure_rm_loadbalancer: + resource_group: '{{ resource_group }}' + name: "{{ lbname_c2 }}" + state: absent + +- name: Create virtual network + azure_rm_virtualnetwork: + resource_group: "{{ resource_group }}" + name: "{{ lbvnname }}" + address_prefixes: "10.10.0.0/16" + +- name: Add subnet + azure_rm_subnet: + resource_group: "{{ resource_group }}" + name: "lb{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}sb" + address_prefix: "10.10.0.0/24" + virtual_network: "{{ lbvnname }}" + register: subnet + +- name: create internal loadbalancer + azure_rm_loadbalancer: + resource_group: '{{ resource_group }}' + name: "{{ lbname_d }}" + sku: Standard + frontend_ip_configurations: + - name: frontendipconf0 + private_ip_address: 10.10.0.10 + private_ip_allocation_method: Static + subnet: "{{ subnet.state.id }}" + zones: + - 1 + - 2 + - 3 + backend_address_pools: + - name: backendaddrpool0 + probes: + - name: prob0 + port: 80 + inbound_nat_pools: + - name: inboundnatpool0 + frontend_ip_configuration_name: frontendipconf0 + protocol: Tcp + frontend_port_range_start: 80 + frontend_port_range_end: 81 + backend_port: 8080 + load_balancing_rules: + - name: lbrbalancingrule0 + frontend_ip_configuration: frontendipconf0 + backend_address_pool: backendaddrpool0 + frontend_port: 80 + backend_port: 80 + probe: prob0 + disable_outbound_snat: False + register: output + +- name: assert complex load balancer created + assert: + that: + - output.changed + - output.state.frontend_ip_configurations[0].zones | length == 3 + +- name: delete load balancer + azure_rm_loadbalancer: + resource_group: '{{ resource_group }}' + name: "{{ lbname_d }}" + state: absent + +- name: cleanup public ip + azure_rm_publicipaddress: + name: "{{ item }}" + resource_group: '{{ resource_group }}' + state: absent + with_items: + - "{{ pipaname }}" + - "{{ pipbname }}" + +- name: cleanup subnet + azure_rm_subnet: + resource_group: "{{ resource_group }}" + name: "lb{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}sb" + virtual_network: "{{ lbvnname }}" + state: absent + +- name: cleanup virtual network + azure_rm_virtualnetwork: + resource_group: "{{ resource_group }}" + name: "{{ lbvnname }}" + state: absent diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_loganalyticsworkspace/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_loganalyticsworkspace/aliases new file mode 100644 index 000000000..670aa52ec --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_loganalyticsworkspace/aliases @@ -0,0 +1,5 @@ +cloud/azure +shippable/azure/group4 +destructive +azure_rm_loganalyticsworkspace +azure_rm_loganalyticsworkspace_info diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_loganalyticsworkspace/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_loganalyticsworkspace/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_loganalyticsworkspace/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_loganalyticsworkspace/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_loganalyticsworkspace/tasks/main.yml new file mode 100644 index 000000000..3c9e1d493 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_loganalyticsworkspace/tasks/main.yml @@ -0,0 +1,183 @@ +- name: Prepare random number + set_fact: + name: "loganalytics{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + retention_days: 60 + +- name: Create Log Analytics Workspace (Check Mode On) + azure_rm_loganalyticsworkspace: + name: "{{ name }}" + intelligence_packs: + Backup: true + Containers: true + retention_in_days: "{{ retention_days }}" + resource_group: "{{ resource_group }}" + check_mode: yes + register: output + +- assert: + that: + - output.changed + +- name: Get Log Analytics workspace information + azure_rm_loganalyticsworkspace_info: + name: "{{ name }}" + resource_group: "{{ resource_group }}" + show_intelligence_packs: true + show_management_groups: true + show_shared_keys: true + show_usages: true + register: facts + +- assert: + that: + - facts.workspaces | length == 0 + +- name: Create Log Analytics Workspace + azure_rm_loganalyticsworkspace: + name: "{{ name }}" + intelligence_packs: + Backup: true + Containers: true + retention_in_days: 30 + resource_group: "{{ resource_group }}" + tags: + key1: value1 + register: output + +- assert: + that: + - output.changed + - output.retention_in_days == 30 + # - output.intelligence_packs | json_query('[?name == `Backup`].enabled') | first == true + # - output.intelligence_packs | json_query('[?name == `Containers`].enabled') | first == true + - output.sku == 'per_gb2018' + - output.tags.key1 == 'value1' + +- name: Update Log Analytics Workspace + azure_rm_loganalyticsworkspace: + name: "{{ name }}" + intelligence_packs: + Backup: true + Containers: true + retention_in_days: "{{ retention_days }}" + resource_group: "{{ resource_group }}" + tags: + key1: value1 + key2: value2 + register: output + +- assert: + that: + - output.changed + - output.retention_in_days == retention_days + - output.tags.key2 == 'value2' + +- name: Get Log Analytics workspace information (Show full information) + azure_rm_loganalyticsworkspace_info: + name: "{{ name }}" + resource_group: "{{ resource_group }}" + show_intelligence_packs: true + show_management_groups: true + show_shared_keys: true + show_usages: true + register: facts + +- assert: + that: + - not facts.changed + - facts.workspaces | length > 0 + - facts.workspaces[0].retention_in_days == retention_days + - facts.workspaces[0].intelligence_packs | length > 0 + # - facts.workspaces[0].intelligence_packs | json_query('[?name == `Backup`].enabled') | first == true + # - facts.workspaces[0].intelligence_packs | json_query('[?name == `Containers`].enabled') | first == true + - facts.workspaces[0].shared_keys is defined + - facts.workspaces[0].shared_keys.primary_shared_key is defined + - facts.workspaces[0].shared_keys.secondary_shared_key is defined + - facts.workspaces[0].usages is defined + - facts.workspaces[0].usages | length > 0 + - facts.workspaces[0].management_groups is defined + - facts.workspaces[0].sku == 'per_gb2018' + +- name: Get Log Analytics workspace information (Show default information) + azure_rm_loganalyticsworkspace_info: + name: "{{ name }}" + resource_group: "{{ resource_group }}" + register: facts + +- assert: + that: + - not facts.changed + - facts.workspaces | length > 0 + - facts.workspaces[0].retention_in_days == retention_days + - facts.workspaces[0].intelligence_packs is not defined + - facts.workspaces[0].shared_keys is not defined + - facts.workspaces[0].usages is not defined + - facts.workspaces[0].management_groups is not defined + - facts.workspaces[0].sku == 'per_gb2018' + +- name: Create Log Analytics workspace (Test Idempotence) + azure_rm_loganalyticsworkspace: + name: "{{ name }}" + resource_group: "{{ resource_group }}" + retention_in_days: "{{ retention_days }}" + register: output + +- assert: + that: + - not output.changed + +- name: Remove Log Analytics workspace (Check Mode On) + azure_rm_loganalyticsworkspace: + name: "{{ name }}" + resource_group: "{{ resource_group }}" + state: absent + check_mode: yes + register: output + +- assert: + that: + - output.changed + +- name: Get Log Analytics workspace information(Check still exists after remove Check Mode On) + azure_rm_loganalyticsworkspace_info: + name: "{{ name }}" + resource_group: "{{ resource_group }}" + register: facts + +- assert: + that: + - facts.workspaces | length == 1 + +- name: Remove Log Analytics workspace + azure_rm_loganalyticsworkspace: + name: "{{ name }}" + resource_group: "{{ resource_group }}" + state: absent + force: true + register: output + +- assert: + that: + - output.changed + +- name: Get Log Analytics workspace information + azure_rm_loganalyticsworkspace_info: + name: "{{ name }}" + resource_group: "{{ resource_group }}" + register: facts + +- assert: + that: + - facts.workspaces | length == 0 + +- name: Remove Log Analytics workspace (Test Idempotence) + azure_rm_loganalyticsworkspace: + name: "{{ name }}" + resource_group: "{{ resource_group }}" + state: absent + force: true + register: output + +- assert: + that: + - not output.changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_manageddisk/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_manageddisk/aliases new file mode 100644 index 000000000..bf20c612b --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_manageddisk/aliases @@ -0,0 +1,4 @@ +cloud/azure +shippable/azure/group4 +destructive +azure_rm_manageddisk_info diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_manageddisk/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_manageddisk/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_manageddisk/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_manageddisk/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_manageddisk/tasks/main.yml new file mode 100644 index 000000000..ce6b4e6b6 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_manageddisk/tasks/main.yml @@ -0,0 +1,260 @@ + - name: Prepare random number + set_fact: + rpfx: "{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + parameter: {} + run_once: yes + + - name: Clearing (if) previous disks were created + azure_rm_manageddisk: + resource_group: "{{ resource_group }}" + name: "md{{ rpfx }}{{ item }}" + managed_by: '' + state: absent + with_items: + - 1 + - 2 + - 3 + + - name: Test invalid account name (should give error) + azure_rm_manageddisk: + resource_group: "{{ resource_group }}" + name: "invalid_char$" + disk_size_gb: 1 + register: output + ignore_errors: yes + check_mode: no + + - name: Assert task failed + assert: { that: "output['failed'] == True" } + + - name: Create managed disk (Check Mode) + azure_rm_manageddisk: + resource_group: "{{ resource_group }}" + name: "md{{ rpfx }}1" + storage_account_type: "Standard_LRS" + disk_size_gb: 1 + tags: + testing: testing + delete: never + register: output + check_mode: yes + + - name: Assert status succeeded (Check Mode) + assert: + that: + - output.changed + - output.state + + - name: Create new managed disk succesfully + azure_rm_manageddisk: + resource_group: "{{ resource_group }}" + name: "md{{ rpfx }}1" + storage_account_type: "Standard_LRS" + disk_size_gb: 1 + tags: + testing: testing + delete: never + register: output + + - name: Assert status succeeded and results include an Id value + assert: + that: + - output.changed + - output.state.disk_size_gb == 1 + - output.state.id is defined + - output.state.os_type == None + - output.state.storage_account_type == "Standard_LRS" + + - name: Copy disk to a new managed disk + azure_rm_manageddisk: + resource_group: "{{ resource_group }}" + name: "md{{ rpfx }}2" + create_option: "copy" + source_uri: "{{ output.state.id }}" + disk_size_gb: 1 + register: disk2 + + - name: Assert status succeeded and results include an Id value + assert: + that: + - disk2.changed + - disk2.state.id is defined + + - name: Create disk to a new managed disk with zone and os type + azure_rm_manageddisk: + resource_group: "{{ resource_group }}" + name: "md{{ rpfx }}3" + source_uri: "{{ output.state.id }}" + disk_size_gb: 1 + zone: "1" + os_type: windows + register: disk3 + + - name: Assert status succeeded and results include an Id value + assert: + that: + - disk3.changed + - disk3.state.id is defined + - disk3.state.zone == "1" + - disk3.state.os_type == "windows" + + - name: Change storage account type to an invalid type + azure_rm_manageddisk: + resource_group: "{{ resource_group }}" + name: "md{{ rpfx }}1" + storage_account_type: "PremiumL" + disk_size_gb: 1 + register: output + ignore_errors: yes + + - name: Assert storage account type change failed + assert: { that: "output['failed'] == True" } + + - name: Update disk options (os_type, account_type, size, tags) + azure_rm_manageddisk: + resource_group: "{{ resource_group }}" + name: "md{{ rpfx }}1" + disk_size_gb: 2 + os_type: linux + storage_account_type: "StandardSSD_LRS" + tags: + galaxy: "no" + delete: never + register: output + + - assert: + that: + - output.changed + - output.state.storage_account_type == "StandardSSD_LRS" + - output.state.disk_size_gb == 2 + - "output.state.tags | length == 2" + - "output.state.tags.galaxy == 'no'" + - output.state.os_type == 'linux' + + - name: Gather facts to one specific disk + azure_rm_manageddisk_info: + resource_group: "{{ resource_group }}" + name: "md{{ rpfx }}1" + register: output + + - assert: + that: + - "output.ansible_info.azure_managed_disk | length == 1" + - output.ansible_info.azure_managed_disk[0].storage_account_type == "StandardSSD_LRS" + - output.ansible_info.azure_managed_disk[0].disk_size_gb == 2 + - "output.ansible_info.azure_managed_disk[0].os_type == 'linux'" + + - set_fact: + parameter: "{{parameter |combine({item.key: item.value})}}" + when: "{{item.key not in ['id', 'changed'] and item.value != None}}" + with_dict: "{{ output.ansible_info.azure_managed_disk[0] }}" + + - name: Create disk with facts return value + azure_rm_manageddisk: + resource_group: "{{ resource_group }}" + location: "{{ parameter.location }}" + name: "{{ parameter.name }}" + storage_account_type: "{{ parameter.storage_account_type }}" + disk_size_gb: "{{ parameter.disk_size_gb }}" + create_option: "{{ parameter.create_option }}" + tags: "{{ parameter.tags }}" + register: output + + - assert: + that: + - not output.changed + + - name: Create new managed disk with I(account_type=StandardSSD_ZRS) + azure_rm_manageddisk: + resource_group: "{{ resource_group }}" + name: "md{{ rpfx }}4" + storage_account_type: "StandardSSD_ZRS" + disk_size_gb: 2 + location: westus2 + register: output + + - assert: + that: + - output.changed + - output.state.storage_account_type == "StandardSSD_ZRS" + - output.state.disk_size_gb == 2 + + - name: Gather facts to one specific disk + azure_rm_manageddisk_info: + resource_group: "{{ resource_group }}" + name: "md{{ rpfx }}4" + register: output + + - assert: + that: + - "output.ansible_info.azure_managed_disk | length == 1" + - output.ansible_info.azure_managed_disk[0].storage_account_type == "StandardSSD_ZRS" + - output.ansible_info.azure_managed_disk[0].disk_size_gb == 2 + + - name: Create new managed disk with I(account_type=Premium_ZRS) + azure_rm_manageddisk: + resource_group: "{{ resource_group }}" + name: "md{{ rpfx }}5" + storage_account_type: "Premium_ZRS" + disk_size_gb: 2 + location: westus2 + register: output + + - assert: + that: + - output.changed + - output.state.storage_account_type == "Premium_ZRS" + - output.state.disk_size_gb == 2 + + - name: Gather facts to one specific disk + azure_rm_manageddisk_info: + resource_group: "{{ resource_group }}" + name: "md{{ rpfx }}5" + register: output + + - assert: + that: + - "output.ansible_info.azure_managed_disk | length == 1" + - output.ansible_info.azure_managed_disk[0].storage_account_type == "Premium_ZRS" + - output.ansible_info.azure_managed_disk[0].disk_size_gb == 2 + + - name: Delete managed disk (Check Mode) + azure_rm_manageddisk: + resource_group: "{{ resource_group }}" + name: "md{{ rpfx }}1" + state: absent + register: output + check_mode: yes + + - name: Assert status succeeded + assert: + that: + - output.changed + - output.state + + - name: Delete all managed disk + azure_rm_manageddisk: + resource_group: "{{ resource_group }}" + name: "md{{ rpfx }}{{ item }}" + managed_by: '' + state: absent + with_items: + - 1 + - 2 + - 3 + - 4 + - 5 + + - name: Delete virtual machine + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "tr{{ rpfx }}" + state: absent + vm_size: Standard_DS1_v2 + + - name: Delete public ip + azure_rm_publicipaddress: + resource_group: "{{ resource_group }}" + allocation_method: Static + name: "tr{{ rpfx }}" + state: absent diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_managementgroup/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_managementgroup/aliases new file mode 100644 index 000000000..02ab1ed40 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_managementgroup/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group2 +disabled diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_managementgroup/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_managementgroup/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_managementgroup/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_managementgroup/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_managementgroup/tasks/main.yml new file mode 100644 index 000000000..3a6c03649 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_managementgroup/tasks/main.yml @@ -0,0 +1,35 @@ +- name: Get list of all managementgroups + azure_rm_managementgroup_info: + register: az_all_managementgroups + +- name: Get a managementgroup by id + azure_rm_managementgroup_info: + id: "{{ az_all_managementgroups.management_groups[0].id }}" + recurse: True + flatten: True + children: True + register: az_recursive_managementgroups + +- name: Get a managementgroup by name + azure_rm_managementgroup_info: + name: "{{ az_all_managementgroups.management_groups[0].name }}" + recurse: True + flatten: True + +- name: Test invalid name id combo + azure_rm_managementgroup_info: + name: "{{ az_all_managementgroups.management_groups[0].name }}" + id: "{{ az_all_managementgroups.management_groups[0].id }}" + register: invalid_name + ignore_errors: yes + +- name: Validate expected states + assert: + that: + - invalid_name['failed'] + +- name: Validate expected attributes + assert: + that: + - "{{ item.id is defined }}" + loop: "{{ az_recursive_managementgroups.management_groups + az_recursive_managementgroups.subscriptions }}" diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_mariadbserver/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_mariadbserver/aliases new file mode 100644 index 000000000..b586dc7c3 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_mariadbserver/aliases @@ -0,0 +1,8 @@ +cloud/azure +destructive +shippable/azure/group9 +azure_rm_mariadbserver_facts +azure_rm_mariadbdatabase +azure_rm_mariadbdatabase_facts +azure_rm_mariadbfirewallrule +azure_rm_mariadbfirewallrule_facts diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_mariadbserver/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_mariadbserver/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_mariadbserver/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_mariadbserver/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_mariadbserver/tasks/main.yml new file mode 100644 index 000000000..14d101a9a --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_mariadbserver/tasks/main.yml @@ -0,0 +1,640 @@ +- name: Prepare random number + set_fact: + rpfx: "{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + run_once: yes + +- name: Create instance of MariaDB Server -- check mode + azure_rm_mariadbserver: + resource_group: "{{ resource_group }}" + name: mariadbsrv{{ rpfx }} + sku: + name: B_Gen5_1 + tier: Basic + location: westus2 + storage_mb: 51200 + version: 10.2 + enforce_ssl: True + admin_username: zimxyz + admin_password: Password123! + check_mode: yes + register: output +- name: Assert the resource instance is well created + assert: + that: + - output.changed + +- name: Create instance of MariaDB Server + azure_rm_mariadbserver: + resource_group: "{{ resource_group }}" + name: mariadbsrv{{ rpfx }} + sku: + name: B_Gen5_1 + tier: Basic + location: westus2 + storage_mb: 51200 + version: 10.2 + enforce_ssl: True + admin_username: zimxyz + admin_password: Password123! + register: output +- name: Assert the resource instance is well created + assert: + that: + - output.changed + - output.state == 'Ready' + +- name: Create again instance of MariaDB Server + azure_rm_mariadbserver: + resource_group: "{{ resource_group }}" + name: mariadbsrv{{ rpfx }} + sku: + name: B_Gen5_1 + tier: Basic + location: westus2 + storage_mb: 51200 + version: 10.2 + enforce_ssl: True + admin_username: zimxyz + admin_password: Password123! + register: output +- name: Assert the state has not changed + assert: + that: + - output.changed == false + - output.state == 'Ready' + +- name: Update instance of MariaDB Server, change storage size + azure_rm_mariadbserver: + resource_group: "{{ resource_group }}" + name: mariadbsrv{{ rpfx }} + sku: + name: B_Gen5_1 + tier: Basic + location: westus2 + storage_mb: 128000 + version: 10.2 + enforce_ssl: True + admin_username: zimxyz + admin_password: Password123! + register: output +- name: Assert the state has not changed + assert: + that: + - output.changed + - output.state == 'Ready' +- debug: + var: output + +- name: Gather facts MariaDB Server + azure_rm_mariadbserver_info: + resource_group: "{{ resource_group }}" + name: mariadbsrv{{ rpfx }} + register: output +- name: Assert that storage size is correct + assert: + that: + - output.servers[0]['storage_mb'] == 128000 + +- name: Create second instance of MariaDB Server + azure_rm_mariadbserver: + resource_group: "{{ resource_group }}" + name: mariadbsrv{{ rpfx }}second + sku: + name: B_Gen5_1 + tier: Basic + location: westus2 + storage_mb: 51200 + version: 10.3 + enforce_ssl: True + admin_username: zimxyz + admin_password: Password123! + tags: + aaa: bbb + +- name: Create second instance of MariaDB Server + azure_rm_mariadbserver: + resource_group: "{{ resource_group }}" + name: mariadbsrv{{ rpfx }}second + sku: + name: B_Gen5_1 + tier: Basic + location: westus2 + storage_mb: 51200 + version: 10.3 + enforce_ssl: True + admin_username: zimxyz + admin_password: Password123! + tags: + ccc: ddd + +- name: Gather facts MariaDB Server + azure_rm_mariadbserver_info: + resource_group: "{{ resource_group }}" + name: mariadbsrv{{ rpfx }}second + register: output + +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.servers[0]['id'] != None + - output.servers[0]['name'] != None + - output.servers[0]['location'] != None + - output.servers[0]['sku']['name'] != None + - output.servers[0]['sku']['tier'] != None + - output.servers[0]['sku']['capacity'] != None + - output.servers[0]['version'] != None + - output.servers[0]['user_visible_state'] != None + - output.servers[0]['fully_qualified_domain_name'] != None + - output.servers[0]['tags']['aaa'] == 'bbb' + - output.servers[0]['tags']['ccc'] == 'ddd' + +- name: Gather facts MariaDB Server + azure_rm_mariadbserver_info: + resource_group: "{{ resource_group }}" + register: output +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.servers[0]['id'] != None + - output.servers[0]['name'] != None + - output.servers[0]['location'] != None + - output.servers[0]['sku']['name'] != None + - output.servers[0]['sku']['tier'] != None + - output.servers[0]['sku']['capacity'] != None + - output.servers[0]['version'] != None + - output.servers[0]['user_visible_state'] != None + - output.servers[0]['fully_qualified_domain_name'] != None + - output.servers[1]['id'] != None + - output.servers[1]['name'] != None + - output.servers[1]['location'] != None + - output.servers[1]['sku']['name'] != None + - output.servers[1]['sku']['tier'] != None + - output.servers[1]['sku']['capacity'] != None + - output.servers[1]['version'] != None + - output.servers[1]['user_visible_state'] != None + - output.servers[1]['fully_qualified_domain_name'] != None + +# +# azure_rm_mariadbdatabase tests below +# +- name: Create instance of MariaDB Database -- check mode + azure_rm_mariadbdatabase: + resource_group: "{{ resource_group }}" + server_name: mariadbsrv{{ rpfx }} + name: testdatabase + check_mode: yes + register: output +- name: Assert the resource instance is well created + assert: + that: + - output.changed + +- name: Create instance of MariaDB Database + azure_rm_mariadbdatabase: + resource_group: "{{ resource_group }}" + server_name: mariadbsrv{{ rpfx }} + name: testdatabase + collation: latin1_swedish_ci + charset: latin1 + register: output +- name: Assert the resource instance is well created + assert: + that: + - output.changed + - output.name == 'testdatabase' + +- name: Create again instance of MariaDB Database + azure_rm_mariadbdatabase: + resource_group: "{{ resource_group }}" + server_name: mariadbsrv{{ rpfx }} + name: testdatabase + collation: latin1_swedish_ci + charset: latin1 + register: output +- name: Assert the state has not changed + assert: + that: + - output.changed == false + - output.name == 'testdatabase' + +- name: Try to update database without force_update + azure_rm_mariadbdatabase: + resource_group: "{{ resource_group }}" + server_name: mariadbsrv{{ rpfx }} + name: testdatabase + collation: utf8_general_ci + charset: utf8 + ignore_errors: yes + register: output +- name: Assert that nothing has changed + assert: + that: + - output.changed == False + +- name: Update instance of database using force_update + azure_rm_mariadbdatabase: + resource_group: "{{ resource_group }}" + server_name: mariadbsrv{{ rpfx }} + name: testdatabase + collation: utf8_general_ci + charset: utf8 + force_update: yes + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + - output.name == 'testdatabase' + +- name: Create second instance of MariaDB Database + azure_rm_mariadbdatabase: + resource_group: "{{ resource_group }}" + server_name: mariadbsrv{{ rpfx }} + name: testdatabase2 + +- name: Gather facts MariaDB Database + azure_rm_mariadbdatabase_info: + resource_group: "{{ resource_group }}" + server_name: mariadbsrv{{ rpfx }} + name: testdatabase + register: output + +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.databases[0]['server_name'] != None + - output.databases[0]['name'] != None + - output.databases[0]['charset'] != None + - output.databases[0]['collation'] != None + +- name: Gather facts MariaDB Database + azure_rm_mariadbdatabase_info: + resource_group: "{{ resource_group }}" + server_name: mariadbsrv{{ rpfx }} + register: output +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.databases[0]['server_name'] != None + - output.databases[0]['name'] != None + - output.databases[0]['charset'] != None + - output.databases[0]['collation'] != None + - output.databases[1]['server_name'] != None + - output.databases[1]['name'] != None + - output.databases[1]['charset'] != None + - output.databases[1]['collation'] != None + +- name: Delete instance of MariaDB Database -- check mode + azure_rm_mariadbdatabase: + resource_group: "{{ resource_group }}" + server_name: mariadbsrv{{ rpfx }} + name: testdatabase + state: absent + check_mode: yes + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Delete instance of MariaDB Database + azure_rm_mariadbdatabase: + resource_group: "{{ resource_group }}" + server_name: mariadbsrv{{ rpfx }} + name: testdatabase + state: absent + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Delete unexisting instance of MariaDB Database + azure_rm_mariadbdatabase: + resource_group: "{{ resource_group }}" + server_name: mariadbsrv{{ rpfx }} + name: testdatabase + state: absent + register: output +- name: Assert the state has changed + assert: + that: + - output.changed == false + +# +# azure_rm_firewallrule tests below +# +- name: Create instance of Firewall Rule -- check mode + azure_rm_mariadbfirewallrule: + resource_group: "{{ resource_group }}" + server_name: mariadbsrv{{ rpfx }} + name: firewallrule{{ rpfx }} + start_ip_address: 172.28.10.136 + end_ip_address: 172.28.10.138 + check_mode: yes + register: output +- name: Assert the resource instance is well created + assert: + that: + - output.changed + +- name: Create instance of Firewall Rule + azure_rm_mariadbfirewallrule: + resource_group: "{{ resource_group }}" + server_name: mariadbsrv{{ rpfx }} + name: firewallrule{{ rpfx }} + start_ip_address: 172.28.10.136 + end_ip_address: 172.28.10.138 + register: output +- name: Assert the resource instance is well created + assert: + that: + - output.changed + +- name: Create again instance of Firewall Rule + azure_rm_mariadbfirewallrule: + resource_group: "{{ resource_group }}" + server_name: mariadbsrv{{ rpfx }} + name: firewallrule{{ rpfx }} + start_ip_address: 172.28.10.136 + end_ip_address: 172.28.10.138 + register: output +- name: Assert the state has not changed + assert: + that: + - output.changed == false + +- name: Delete instance of Firewall Rule -- check mode + azure_rm_mariadbfirewallrule: + resource_group: "{{ resource_group }}" + server_name: mariadbsrv{{ rpfx }} + name: firewallrule{{ rpfx }} + state: absent + check_mode: yes + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Create instance of Firewall Rule -- second + azure_rm_mariadbfirewallrule: + resource_group: "{{ resource_group }}" + server_name: mariadbsrv{{ rpfx }} + name: firewallrule{{ rpfx }}second + start_ip_address: 172.28.10.136 + end_ip_address: 172.28.10.138 + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Gather facts MariaDB Firewall Rule + azure_rm_mariadbfirewallrule_info: + resource_group: "{{ resource_group }}" + server_name: mariadbsrv{{ rpfx }} + name: firewallrule{{ rpfx }} + register: output +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.rules[0].id != None + - output.rules[0].server_name != None + - output.rules[0].name != None + - output.rules[0].start_ip_address != None + - output.rules[0].end_ip_address != None + - "output.rules | length == 1" + +- name: Gather facts MariaDB Firewall Rule + azure_rm_mariadbfirewallrule_info: + resource_group: "{{ resource_group }}" + server_name: mariadbsrv{{ rpfx }} + register: output +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.rules[0].id != None + - output.rules[0].server_name != None + - output.rules[0].name != None + - output.rules[0].start_ip_address != None + - output.rules[0].end_ip_address != None + - output.rules[1].id != None + - output.rules[1].name != None + - output.rules[1].start_ip_address != None + - output.rules[1].end_ip_address != None + - "output.rules | length == 2" + +- name: Delete instance of Firewall Rule + azure_rm_mariadbfirewallrule: + resource_group: "{{ resource_group }}" + server_name: mariadbsrv{{ rpfx }} + name: firewallrule{{ rpfx }} + state: absent + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Delete unexisting instance of Firewall Rule + azure_rm_mariadbfirewallrule: + resource_group: "{{ resource_group }}" + server_name: mariadbsrv{{ rpfx }} + name: firewallrule{{ rpfx }} + state: absent + register: output +- name: Assert the state has changed + assert: + that: + - output.changed == false + +- name: Delete instance of Firewall Rule - second + azure_rm_mariadbfirewallrule: + resource_group: "{{ resource_group }}" + server_name: mariadbsrv{{ rpfx }} + name: firewallrule{{ rpfx }}second + state: absent + +- name: Gather facts MariaDB Firewall Rule + azure_rm_mariadbfirewallrule_info: + resource_group: "{{ resource_group }}" + server_name: mariadbsrv{{ rpfx }} + name: firewallrule{{ rpfx }} + register: output +- name: Assert that empty list was returned + assert: + that: + - output.changed == False + - "output.rules | length == 0" + +# +# configuration +# +- name: Create instance of Configuration -- check mode + azure_rm_mariadbconfiguration: + resource_group: "{{ resource_group }}" + server_name: mariadbsrv{{ rpfx }} + name: event_scheduler + value: "ON" + check_mode: yes + register: output +- name: Assert that change was registered + assert: + that: + - output.changed + +- name: Try to delete default configuraion + azure_rm_mariadbconfiguration_info: + resource_group: "{{ resource_group }}" + server_name: mariadbsrv{{ rpfx }} + name: event_scheduler + register: output +- name: Get facts of event_scheduler + debug: + var: output + +- name: Try to delete default configuraion + azure_rm_mariadbconfiguration: + resource_group: "{{ resource_group }}" + server_name: mariadbsrv{{ rpfx }} + name: event_scheduler + state: absent + register: output +- name: Assert that change was registered + assert: + that: + - not output.changed + +- name: Try to change default configuraion + azure_rm_mariadbconfiguration: + resource_group: "{{ resource_group }}" + server_name: mariadbsrv{{ rpfx }} + name: event_scheduler + value: "ON" + register: output +- name: Assert that change was registered + assert: + that: + - output.changed + +- name: Try to change default configuration -- idempotent + azure_rm_mariadbconfiguration: + resource_group: "{{ resource_group }}" + server_name: mariadbsrv{{ rpfx }} + name: event_scheduler + value: "ON" + register: output +- name: Assert that change was registered + assert: + that: + - not output.changed + +- name: Try to reset configuration + azure_rm_mariadbconfiguration: + resource_group: "{{ resource_group }}" + server_name: mariadbsrv{{ rpfx }} + name: event_scheduler + state: absent + register: output +- name: Assert that change was registered + assert: + that: + - output.changed + +- name: Try to reset configuration -- idempotent + azure_rm_mariadbconfiguration: + resource_group: "{{ resource_group }}" + server_name: mariadbsrv{{ rpfx }} + name: event_scheduler + state: absent + register: output +- name: Assert that change was registered + assert: + that: + - not output.changed + +- name: Gather facts MariaDB Configuration + azure_rm_mariadbconfiguration_info: + resource_group: "{{ resource_group }}" + server_name: mariadbsrv{{ rpfx }} + name: event_scheduler + register: output +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.settings[0].id != None + - output.settings[0].name != None + - output.settings[0].value != None + - output.settings[0].description != None + - output.settings[0].source != None + - output.settings | length == 1 + +- name: Gather facts MariaDB Configuration + azure_rm_mariadbconfiguration_info: + resource_group: "{{ resource_group }}" + server_name: mariadbsrv{{ rpfx }} + register: output +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.settings[0].id != None + - output.settings[0].name != None + - output.settings[0].value != None + - output.settings[0].description != None + - output.settings[0].source != None + - output.settings | length > 1 + +# +# clean up azure_rm_mariadbserver test +# + +- name: Delete instance of MariaDB Server -- check mode + azure_rm_mariadbserver: + resource_group: "{{ resource_group }}" + name: mariadbsrv{{ rpfx }} + state: absent + check_mode: yes + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Delete instance of MariaDB Server + azure_rm_mariadbserver: + resource_group: "{{ resource_group }}" + name: mariadbsrv{{ rpfx }} + state: absent + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Delete unexisting instance of MariaDB Server + azure_rm_mariadbserver: + resource_group: "{{ resource_group }}" + name: mariadbsrv{{ rpfx }} + state: absent + register: output +- name: Assert the state has changed + assert: + that: + - output.changed == false + +- name: Delete second instance of MariaDB Server + azure_rm_mariadbserver: + resource_group: "{{ resource_group }}" + name: mariadbsrv{{ rpfx }}second + state: absent + async: 400 + poll: 0 diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_monitordiagnosticsetting/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_monitordiagnosticsetting/aliases new file mode 100644 index 000000000..35b940115 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_monitordiagnosticsetting/aliases @@ -0,0 +1,3 @@ +cloud/azure +destructive +unsupported
\ No newline at end of file diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_monitordiagnosticsetting/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_monitordiagnosticsetting/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_monitordiagnosticsetting/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_monitordiagnosticsetting/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_monitordiagnosticsetting/tasks/main.yml new file mode 100644 index 000000000..a725a0b33 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_monitordiagnosticsetting/tasks/main.yml @@ -0,0 +1,504 @@ +- name: Prepare random number + set_fact: + rpfx: "{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + run_once: yes + +# ------ setup ------ + +- name: create virtual network + azure_rm_virtualnetwork: + name: "vnet-{{ rpfx }}" + resource_group: "{{ resource_group }}" + address_prefixes: "10.0.0.0/16" + register: vnet_output + +- name: create web app + azure_rm_webapp: + name: "webapp-{{ rpfx }}" + resource_group: "{{ resource_group }}" + plan: + name: "webapp-{{ rpfx }}-plan" + resource_group: "{{ resource_group }}" + is_linux: false + sku: S1 + register: webapp_output + +- name: create storage account + azure_rm_storageaccount: + name: "storage{{ rpfx }}" + resource_group: "{{ resource_group }}" + account_type: Standard_LRS + kind: StorageV2 + register: storage_output + +- name: create second storage account + azure_rm_storageaccount: + name: "storagesecond{{ rpfx }}" + resource_group: "{{ resource_group_secondary }}" + account_type: Standard_LRS + kind: StorageV2 + register: storage2_output + +- name: create event hub namespace + azure_rm_eventhub: + namespace_name: "hub-{{ rpfx }}" + resource_group: "{{ resource_group }}" + sku: "Basic" + +- name: create log analytics workspace + azure_rm_loganalyticsworkspace: + name: "analytics-{{ rpfx }}" + resource_group: "{{ resource_group_secondary }}" + retention_in_days: 30 + register: analytics_output + +# ------ tests ------ + +- name: get diagnostic settings for non-existant resource + azure_rm_monitordiagnosticsetting_info: + resource: "123abc" + register: output + failed_when: '"failed" not in output.msg | lower' + +- name: get diagnostic settings for virtual network + azure_rm_monitordiagnosticsetting_info: + resource: "{{ vnet_output.state.id }}" + register: output +- name: assert no settings + assert: + that: + - not output.changed + - output.settings | length == 0 + +- name: create storage-based diagnostic setting for vnet (check mode) + azure_rm_monitordiagnosticsetting: + name: "logs-storage" + resource: "{{ vnet_output.state.id }}" + storage_account: "{{ storage_output.state.id }}" + logs: + - category_group: "allLogs" + metrics: + - category: "AllMetrics" + check_mode: true + register: output +- name: assert resource created + assert: + that: + - output.changed + +- name: create storage-based diagnostic setting for vnet (actually create) + azure_rm_monitordiagnosticsetting: + name: "logs-storage" + resource: "{{ vnet_output.state.id }}" + storage_account: "{{ storage_output.state.id }}" + logs: + - category_group: "allLogs" + metrics: + - category: "AllMetrics" + register: output +- name: assert resource created + assert: + that: + - output.changed + - output.state.name == 'logs-storage' + - output.state.storage_account.id == storage_output.state.id + - output.state.logs | length == 1 + - output.state.logs[0].category_group == 'allLogs' + - output.state.logs[0].enabled + - output.state.metrics | length == 1 + - output.state.metrics[0].category == 'AllMetrics' + - output.state.metrics[0].enabled + - not output.state.event_hub + - not output.state.log_analytics + +- name: create storage-based diagnostic setting for vnet (idempotent) + azure_rm_monitordiagnosticsetting: + name: "logs-storage" + resource: "{{ vnet_output.state.id }}" + storage_account: "{{ storage_output.state.id }}" + logs: + - category_group: "allLogs" + metrics: + - category: "AllMetrics" + check_mode: true + register: output +- name: assert resource not changed + assert: + that: + - not output.changed + +- name: create storage-based diagnostic setting for vnet by resource dict (idempotent) + azure_rm_monitordiagnosticsetting: + name: "logs-storage" + resource: + name: "vnet-{{ rpfx }}" + type: "Microsoft.Network/virtualNetworks" + resource_group: "{{ resource_group }}" + storage_account: "{{ storage_output.state.id }}" + logs: + - category_group: "allLogs" + metrics: + - category: "AllMetrics" + register: output +- name: assert resource not changed + assert: + that: + - not output.changed + +- name: update storage-based diagnostic setting for vnet + azure_rm_monitordiagnosticsetting: + name: "logs-storage" + resource: "{{ vnet_output.state.id }}" + storage_account: "{{ storage_output.state.id }}" + logs: + - category_group: "allLogs" + register: output +- name: assert resource updated + assert: + that: + - output.changed + - output.state.name == 'logs-storage' + - output.state.storage_account.id == storage_output.state.id + - output.state.logs | length == 1 + - output.state.logs[0].category_group == 'allLogs' + - output.state.logs[0].enabled + - output.state.metrics | length == 0 + - not output.state.event_hub + - not output.state.log_analytics + +- name: create second storage-based diagnostic setting for vnet + azure_rm_monitordiagnosticsetting: + name: "logs-storage2" + resource: "{{ vnet_output.state.id }}" + storage_account: + name: "storagesecond{{ rpfx }}" + resource_group: "{{ resource_group_secondary }}" + logs: + - category: "VMProtectionAlerts" + retention_policy: + days: 15 + register: output +- name: assert resource created + assert: + that: + - output.changed + - output.state.name == 'logs-storage2' + - output.state.storage_account.id == storage2_output.state.id + - output.state.logs | length == 1 + - output.state.logs[0].category == 'VMProtectionAlerts' + - output.state.logs[0].enabled + - output.state.logs[0].retention_policy.days == 15 + - output.state.logs[0].retention_policy.enabled + - output.state.metrics | length == 0 + - not output.state.event_hub + - not output.state.log_analytics + +- name: update second storage-based diagnostic setting for vnet + azure_rm_monitordiagnosticsetting: + name: "logs-storage2" + resource: "{{ vnet_output.state.id }}" + storage_account: + name: "storagesecond{{ rpfx }}" + resource_group: "{{ resource_group_secondary }}" + logs: + - category: "VMProtectionAlerts" + retention_policy: + days: 30 + register: output +- name: assert resource created + assert: + that: + - output.changed + - output.state.logs[0].retention_policy.days == 30 + +- name: update second storage-based diagnostic setting for vnet (idempotent) + azure_rm_monitordiagnosticsetting: + name: "logs-storage2" + resource: "{{ vnet_output.state.id }}" + storage_account: + name: "storagesecond{{ rpfx }}" + resource_group: "{{ resource_group_secondary }}" + logs: + - category: "VMProtectionAlerts" + retention_policy: + days: 30 + register: output +- name: assert resource not changed + assert: + that: + - not output.changed + +- name: get diagnostic settings for virtual network + azure_rm_monitordiagnosticsetting_info: + resource: "{{ vnet_output.state.id }}" + register: output +- name: assert output maches expectations + assert: + that: + - output.settings | length == 2 + - output.settings[0].name == 'logs-storage' + - output.settings[0].storage_account.id == storage_output.state.id + - output.settings[0].logs | length == 1 + - output.settings[0].logs[0].category_group == 'allLogs' + - output.settings[0].logs[0].enabled + - output.settings[0].metrics | length == 0 + - not output.settings[0].event_hub + - not output.settings[0].log_analytics + - output.settings[1].name == 'logs-storage2' + - output.settings[1].storage_account.id == storage2_output.state.id + - output.settings[1].logs | length == 1 + - output.settings[1].logs[0].category == 'VMProtectionAlerts' + - output.settings[1].logs[0].enabled + - output.settings[1].logs[0].retention_policy.days == 30 + - output.settings[1].logs[0].retention_policy.enabled + - output.settings[1].metrics | length == 0 + - not output.settings[1].event_hub + - not output.settings[1].log_analytics + +- name: get specific diagnostic settings for virtual network + azure_rm_monitordiagnosticsetting_info: + name: "logs-storage2" + resource: "{{ vnet_output.state.id }}" + register: output +- name: assert output maches expectations + assert: + that: + - output.settings | length == 1 + - output.settings[0].name == 'logs-storage2' + - output.settings[0].storage_account.id == storage2_output.state.id + - output.settings[0].logs | length == 1 + - output.settings[0].logs[0].category == 'VMProtectionAlerts' + - output.settings[0].logs[0].enabled + - output.settings[0].logs[0].retention_policy.days == 30 + - output.settings[0].logs[0].retention_policy.enabled + - output.settings[0].metrics | length == 0 + - not output.settings[0].event_hub + - not output.settings[0].log_analytics + +- name: get non-existant diagnostic setting for virtual network + azure_rm_monitordiagnosticsetting_info: + name: "does-not-exist" + resource: "{{ vnet_output.state.id }}" + register: output +- name: assert no settings + assert: + that: + - output.settings | length == 0 + +- name: create diagnostic setting for webapp with log analytics, event hub, and storage + azure_rm_monitordiagnosticsetting: + name: "logs" + resource: + name: "webapp-{{ rpfx }}" + type: "Microsoft.Web/sites" + resource_group: "{{ resource_group }}" + event_hub: + namespace: "hub-{{ rpfx }}" + policy: "RootManageSharedAccessKey" + log_analytics: + name: "analytics-{{ rpfx }}" + resource_group: "{{ resource_group_secondary }}" + storage_account: + name: "storage{{ rpfx }}" + logs: + - category: "AppServiceHTTPLogs" + - category: "AppServiceConsoleLogs" + - category: "AppServiceAppLogs" + - category: "AppServiceAuditLogs" + - category: "AppServiceIPSecAuditLogs" + - category: "AppServicePlatformLogs" + register: output +- name: assert resource created + assert: + that: + - output.changed + - output.state.name == 'logs' + - output.state.storage_account.id == storage_output.state.id + - output.state.event_hub.namespace == 'hub-{{ rpfx }}' + - output.state.event_hub.policy == 'RootManageSharedAccessKey' + - output.state.log_analytics.id | lower == analytics_output.id | lower + - output.state.logs | length == 6 + - output.state.logs[0].category == 'AppServiceHTTPLogs' + - output.state.logs[1].category == 'AppServiceConsoleLogs' + - output.state.logs[2].category == 'AppServiceAppLogs' + - output.state.logs[3].category == 'AppServiceAuditLogs' + - output.state.logs[4].category == 'AppServiceIPSecAuditLogs' + - output.state.logs[5].category == 'AppServicePlatformLogs' + - output.state.metrics | length == 0 + +- name: create diagnostic setting for webapp with log analytics, event hub, and storage (idempotent) + azure_rm_monitordiagnosticsetting: + name: "logs" + resource: + name: "webapp-{{ rpfx }}" + type: "Microsoft.Web/sites" + resource_group: "{{ resource_group }}" + event_hub: + namespace: "hub-{{ rpfx }}" + policy: "RootManageSharedAccessKey" + log_analytics: + name: "analytics-{{ rpfx }}" + resource_group: "{{ resource_group_secondary }}" + storage_account: + name: "storage{{ rpfx }}" + logs: + - category: "AppServiceHTTPLogs" + - category: "AppServiceConsoleLogs" + - category: "AppServiceAppLogs" + - category: "AppServiceAuditLogs" + - category: "AppServiceIPSecAuditLogs" + - category: "AppServicePlatformLogs" + register: output +- name: assert resource created + assert: + that: + - not output.changed + +- name: update diagnostic setting to remove storage and log category + azure_rm_monitordiagnosticsetting: + name: "logs" + resource: + name: "webapp-{{ rpfx }}" + type: "Microsoft.Web/sites" + resource_group: "{{ resource_group }}" + event_hub: + namespace: "hub-{{ rpfx }}" + policy: "RootManageSharedAccessKey" + log_analytics: + name: "analytics-{{ rpfx }}" + resource_group: "{{ resource_group_secondary }}" + logs: + - category: "AppServiceHTTPLogs" + - category: "AppServiceAppLogs" + - category: "AppServiceAuditLogs" + - category: "AppServiceIPSecAuditLogs" + - category: "AppServicePlatformLogs" + register: output +- name: assert resource updated + assert: + that: + - output.changed + - not output.state.storage_account + - output.state.logs | length == 5 + - output.state.logs[0].category == 'AppServiceHTTPLogs' + - output.state.logs[1].category == 'AppServiceAppLogs' + - output.state.logs[2].category == 'AppServiceAuditLogs' + - output.state.logs[3].category == 'AppServiceIPSecAuditLogs' + - output.state.logs[4].category == 'AppServicePlatformLogs' + +- name: delete diagnostic setting via resource dict + azure_rm_monitordiagnosticsetting: + name: "logs" + resource: + name: "webapp-{{ rpfx }}" + type: "Microsoft.Web/sites" + resource_group: "{{ resource_group }}" + state: "absent" + register: output +- name: assert resource delete + assert: + that: + - output.changed + +- name: delete diagnostic setting via resource dict (idempotent) + azure_rm_monitordiagnosticsetting: + name: "logs" + resource: + name: "webapp-{{ rpfx }}" + type: "Microsoft.Web/sites" + resource_group: "{{ resource_group }}" + state: "absent" + register: output +- name: assert resource delete + assert: + that: + - not output.changed + +- name: delete diagnostic setting (check mode) + azure_rm_monitordiagnosticsetting: + name: "logs-storage" + resource: "{{ vnet_output.state.id }}" + state: "absent" + check_mode: true + register: output +- name: assert resource deleted + assert: + that: + - output.changed + +- name: delete diagnostic setting (actually delete) + azure_rm_monitordiagnosticsetting: + name: "logs-storage" + resource: "{{ vnet_output.state.id }}" + state: "absent" + register: output +- name: assert resource deleted + assert: + that: + - output.changed + +- name: delete diagnostic setting (idempotent) + azure_rm_monitordiagnosticsetting: + name: "logs-storage" + resource: "{{ vnet_output.state.id }}" + state: "absent" + register: output +- name: assert resource already deleted + assert: + that: + - not output.changed + +- name: delete second diagnostic setting + azure_rm_monitordiagnosticsetting: + name: "logs-storage2" + resource: "{{ vnet_output.state.id }}" + state: "absent" + register: output +- name: assert resource deleted + assert: + that: + - output.changed + +# ------ teardown ------ + +- name: delete log analytics workspace + azure_rm_loganalyticsworkspace: + name: "analytics-{{ rpfx }}" + resource_group: "{{ resource_group_secondary }}" + state: "absent" + +- name: delete event hub namespace + azure_rm_eventhub: + namespace_name: "hub-{{ rpfx }}" + resource_group: "{{ resource_group }}" + state: "absent" + +- name: delete second storage account + azure_rm_storageaccount: + name: "storagesecond{{ rpfx }}" + resource_group: "{{ resource_group_secondary }}" + state: "absent" + +- name: delete storage account + azure_rm_storageaccount: + name: "storage{{ rpfx }}" + resource_group: "{{ resource_group }}" + state: "absent" + +- name: delete web app + azure_rm_webapp: + name: "webapp-{{ rpfx }}" + resource_group: "{{ resource_group }}" + state: "absent" + +- name: delete web app plan + azure_rm_appserviceplan: + name: "webapp-{{ rpfx }}-plan" + resource_group: "{{ resource_group }}" + state: "absent" + +- name: delete virtual network + azure_rm_virtualnetwork: + name: "vnet-{{ rpfx }}" + resource_group: "{{ resource_group }}" + state: "absent" diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_monitorlogprofile/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_monitorlogprofile/aliases new file mode 100644 index 000000000..35b940115 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_monitorlogprofile/aliases @@ -0,0 +1,3 @@ +cloud/azure +destructive +unsupported
\ No newline at end of file diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_monitorlogprofile/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_monitorlogprofile/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_monitorlogprofile/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_monitorlogprofile/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_monitorlogprofile/tasks/main.yml new file mode 100644 index 000000000..dc30caf98 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_monitorlogprofile/tasks/main.yml @@ -0,0 +1,133 @@ +- name: Prepare random number + set_fact: + storage_name: "storage{{ resource_group | hash('md5') | truncate(5, True, '') }}{{ 1000 | random }}" + profile_name: "profile{{ resource_group | hash('md5') | truncate(5, True, '') }}{{ 1000 | random }}" + location: eastus + run_once: yes + +- name: create Azure storage account + azure_rm_storageaccount: + name: '{{ storage_name }}' + resource_group: "{{ resource_group }}" + account_type: Standard_LRS + +- name: create log profile (check mode) + azure_rm_monitorlogprofile: + name: "{{ profile_name }}" + location: "{{ location }}" + locations: + - eastus + - westus + categories: + - Write + - Action + retention_policy: + enabled: False + days: 1 + storage_account: + resource_group: "{{ resource_group }}" + name: "{{ storage_name }}" + check_mode: yes + register: output + +- name: assert create check mode + assert: + that: + - output.changed + +- name: create log profile + azure_rm_monitorlogprofile: + name: "{{ profile_name }}" + location: "{{ location }}" + locations: + - eastus + - westus + categories: + - Write + - Action + retention_policy: + enabled: False + days: 1 + storage_account: + resource_group: "{{ resource_group }}" + name: "{{ storage_name }}" + register: output +- name: assert create + assert: + that: + - output.changed + - output.id + +- name: update log profile (idempotence) + azure_rm_monitorlogprofile: + name: "{{ profile_name }}" + location: "{{ location }}" + locations: + - eastus + - westus + categories: + - Write + - Action + retention_policy: + enabled: False + days: 1 + storage_account: + resource_group: "{{ resource_group }}" + name: "{{ storage_name }}" + register: output +- name: assert update idempotence + assert: + that: + - not output.changed + +- name: update log profile + azure_rm_monitorlogprofile: + name: "{{ profile_name }}" + location: "{{ location }}" + locations: + - eastus + categories: + - Write + - Action + retention_policy: + enabled: False + days: 2 + storage_account: + resource_group: "{{ resource_group }}" + name: "{{ storage_name }}" + register: output +- name: assert update + assert: + that: + - output.changed + +- name: delete log profile (check mode) + azure_rm_monitorlogprofile: + name: "{{ profile_name }}" + state: absent + register: output + check_mode: true +- name: assert delete + assert: + that: + - output.changed + +- name: delete log profile + azure_rm_monitorlogprofile: + name: "{{ profile_name }}" + state: absent + register: output +- name: assert delete + assert: + that: + - output.changed + +- name: delete log profile (idempotence) + azure_rm_monitorlogprofile: + name: "{{ profile_name }}" + state: absent + register: output +- name: assert delete + assert: + that: + - not output.changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_multiplemanageddisks/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_multiplemanageddisks/aliases new file mode 100644 index 000000000..30f78fd74 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_multiplemanageddisks/aliases @@ -0,0 +1,5 @@ +cloud/azure +shippable/azure/group12 +destructive +azure_rm_manageddisk_info +azure_rm_multiplemanageddisks diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_multiplemanageddisks/defaults/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_multiplemanageddisks/defaults/main.yml new file mode 100644 index 000000000..18b02c3b1 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_multiplemanageddisks/defaults/main.yml @@ -0,0 +1,30 @@ +--- +async_virtual_network: "async-vnet" +async_subnet: "async-subnet" +async_virtual_network_cidr: "172.10.0.0/16" +async_subnet_cidr: "172.10.0.0/24" +async_virtual_machine_prefix: "async-vm" +async_number_virtual_machine: 3 +async_number_disk_to_attach: 3 + +shared_virtual_network: "shareddisk-vnet" +shared_subnet: "shareddisk-subnet" +shared_virtual_network_cidr: "10.10.0.0/16" +shared_subnet_cidr: "10.10.0.0/24" +shared_virtual_machine_prefix: "shareddisk-vm" +shared_virtual_machines: + - name: "shareddisk-vm-1" + resource_group: "{{ resource_group_secondary }}" + - name: "shareddisk-vm-2" + resource_group: "{{ resource_group_secondary }}" +shared_disks: + - resource_group: "{{ resource_group_secondary }}" + name: "shareddisk-01" + disk_size_gb: 4 + storage_account_type: StandardSSD_LRS + max_shares: 3 + - resource_group: "{{ resource_group_secondary }}" + name: "shareddisk-02" + disk_size_gb: 4 + storage_account_type: StandardSSD_LRS + max_shares: 3 diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_multiplemanageddisks/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_multiplemanageddisks/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_multiplemanageddisks/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_multiplemanageddisks/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_multiplemanageddisks/tasks/main.yml new file mode 100644 index 000000000..78b712653 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_multiplemanageddisks/tasks/main.yml @@ -0,0 +1,2 @@ +- include_tasks: tasks/test_shared.yml +- include_tasks: tasks/test_async.yml diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_multiplemanageddisks/tasks/test_async.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_multiplemanageddisks/tasks/test_async.yml new file mode 100644 index 000000000..448a54dde --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_multiplemanageddisks/tasks/test_async.yml @@ -0,0 +1,160 @@ +# setup: create virtual machines to attach disks on +- name: Create virtual network + azure_rm_virtualnetwork: + resource_group: "{{ resource_group_secondary }}" + name: "{{ async_virtual_network }}-{{ item }}" + address_prefixes: "{{ async_virtual_network_cidr }}" + with_sequence: start=1 end="{{ async_number_virtual_machine }}" + +- name: Add subnet + azure_rm_subnet: + resource_group: "{{ resource_group_secondary }}" + name: "{{ async_subnet }}-{{ item }}" + address_prefix: "{{ async_subnet_cidr }}" + virtual_network: "{{ async_virtual_network }}-{{ item }}" + with_sequence: start=1 end="{{ async_number_virtual_machine }}" + +- name: Create virtual machines + azure_rm_virtualmachine: + resource_group: "{{ resource_group_secondary }}" + name: "{{ async_virtual_machine_prefix }}-{{ item }}" + vm_size: Standard_E2_v3 + managed_disk_type: Standard_LRS + virtual_network: "{{ async_virtual_network }}-{{ item }}" + admin_username: adminuser + admin_password: "!test123@" + os_type: Linux + image: + offer: UbuntuServer + publisher: Canonical + sku: 16.04-LTS + version: latest + tags: + key: value + with_sequence: start=1 end="{{ async_number_virtual_machine }}" + register: create_vms + async: 1000 + poll: 0 + +- name: Wait for Virtual machine to be created + async_status: + jid: "{{ item.ansible_job_id }}" + register: wait_create_vm + until: wait_create_vm.finished + retries: 100 + delay: 5 + loop: "{{ create_vms.results }}" + +- name: Retrieve running virtual machine + azure_rm_virtualmachine_info: + resource_group: "{{ resource_group_secondary }}" + tags: + - key + register: _vms + +- set_fact: + attach_disk_config: "{{ lookup('template', 'disk_config.j2') | from_yaml }}" + vars: + virtual_machines: "{{ _vms.vms }}" + +- name: Create and Attach disks to virtual machine + azure.azcollection.azure_rm_multiplemanageddisks: + managed_disks: "{{ item.disks }}" + managed_by_extended: + - "{{ item.virtual_machine }}" + register: azure_disks + async: 1000 + poll: 0 + with_items: "{{ attach_disk_config }}" + +- name: Wait for disks to be created and attached + async_status: + jid: "{{ item.ansible_job_id }}" + register: attach_disk + until: attach_disk.finished + retries: 100 + delay: 5 + loop: "{{ azure_disks.results }}" + +- name: Get disk info + azure_rm_manageddisk_info: + name: "{{ item.name }}" + resource_group: "{{ item.resource_group }}" + register: disks_info + with_items: "{{ attach_disk_config | map(attribute='disks') | flatten | list }}" + +- name: Validate that disks are attached to VMs + assert: + that: + - result.ansible_info.azure_managed_disk[0].managed_by + with_items: "{{ disks_info.results }}" + loop_control: + loop_var: result + +- name: Detach disks from virtual machine + azure.azcollection.azure_rm_multiplemanageddisks: + managed_disks: "{{ item.disks }}" + managed_by_extended: + - "{{ item.virtual_machine }}" + state: absent + register: azure_disks + async: 1000 + poll: 0 + with_items: "{{ attach_disk_config }}" + +- name: Wait for disks to be created and attached + async_status: + jid: "{{ item.ansible_job_id }}" + register: attach_disk + until: attach_disk.finished + retries: 100 + delay: 5 + loop: "{{ azure_disks.results }}" + +- name: Get disk info + azure_rm_manageddisk_info: + name: "{{ item.name }}" + resource_group: "{{ item.resource_group }}" + register: disks_info + with_items: "{{ attach_disk_config | map(attribute='disks') | flatten | list }}" + +- name: Validate that disks are attached to VMs + assert: + that: + - not result.ansible_info.azure_managed_disk[0].managed_by + with_items: "{{ disks_info.results }}" + loop_control: + loop_var: result + +- name: Delete managed disks + azure.azcollection.azure_rm_multiplemanageddisks: + managed_disks: "{{ item.disks }}" + state: absent + register: azure_disks + async: 1000 + poll: 0 + with_items: "{{ attach_disk_config }}" + +- name: Wait for disks to be created and attached + async_status: + jid: "{{ item.ansible_job_id }}" + register: attach_disk + until: attach_disk.finished + retries: 100 + delay: 5 + loop: "{{ azure_disks.results }}" + +- name: Get disk info + azure_rm_manageddisk_info: + name: "{{ item.name }}" + resource_group: "{{ item.resource_group }}" + register: disks_info + with_items: "{{ attach_disk_config | map(attribute='disks') | flatten | list }}" + +- name: Validate that disks are attached to VMs + assert: + that: + - result.ansible_info.azure_managed_disk == [] + with_items: "{{ disks_info.results }}" + loop_control: + loop_var: result diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_multiplemanageddisks/tasks/test_shared.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_multiplemanageddisks/tasks/test_shared.yml new file mode 100644 index 000000000..853ef8ed4 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_multiplemanageddisks/tasks/test_shared.yml @@ -0,0 +1,341 @@ +# Create managed disks with missing required parameters +- name: Create managed disks with missing required parameters + azure.azcollection.azure_rm_multiplemanageddisks: + managed_disks: + - resource_group: "{{ resource_group_secondary }}" + name: "disk-copy-without-source-uri" + create_option: copy + max_shares: 3 + - resource_group: "{{ resource_group_secondary }}" + name: "disk-import-without-storage-account" + create_option: import + max_shares: 3 + - resource_group: "{{ resource_group_secondary }}" + name: "disk-empty-without-disk-size" + create_option: empty + max_shares: 3 + register: result + ignore_errors: true + +- name: Validate that disk creation failed + assert: + that: + - result is failed + - 'result.msg == "Some required options are missing from managed disks configuration."' + - '"managed disk {{ resource_group_secondary }}/disk-copy-without-source-uri has create_option set to copy but not all required parameters (source_uri) are set." in result.errors' + - '"managed disk {{ resource_group_secondary }}/disk-import-without-storage-account has create_option set to import but not all required parameters (source_uri,storage_account_id) are set." in result.errors' + - '"managed disk {{ resource_group_secondary }}/disk-empty-without-disk-size has create_option set to empty but not all required parameters (disk_size_gb) are set." in result.errors' + +# Test managed disks creation +- name: Create managed disks + azure.azcollection.azure_rm_multiplemanageddisks: + managed_disks: "{{ shared_disks }}" + register: azure_disks + +- name: Ensure result is changed + assert: + that: + - azure_disks is changed + - azure_disks.state | length == 2 + +- name: Ensure disks exist + azure_rm_manageddisk_info: + name: "{{ item.name }}" + resource_group: "{{ item.resource_group }}" + register: azure_disks_info + with_items: "{{ shared_disks }}" + +- name: Create disks again to validate idempotency + azure.azcollection.azure_rm_multiplemanageddisks: + managed_disks: "{{ shared_disks }}" + register: create_idempotency + +- name: Ensure result is not changed + assert: + that: + - create_idempotency is not changed + +- name: Validate that disks have been created + assert: + that: + - item.name in disk_names + with_items: "{{ shared_disks }}" + vars: + disk_names: "{{ azure_disks_info.results | map(attribute='ansible_info') | list | map(attribute='azure_managed_disk') | flatten | map(attribute='name') | list }}" + +# setup: create virtual machines to attach disks on +- name: Create virtual network + azure_rm_virtualnetwork: + resource_group: "{{ resource_group_secondary }}" + name: "vnet-{{ item.name }}" + address_prefixes: "{{ shared_virtual_network_cidr }}" + with_items: "{{ shared_virtual_machines }}" + +- name: Add subnet + azure_rm_subnet: + resource_group: "{{ resource_group_secondary }}" + name: "sub-{{ item.name }}" + address_prefix: "{{ shared_subnet_cidr }}" + virtual_network: "vnet-{{ item.name }}" + with_items: "{{ shared_virtual_machines }}" + +- name: Create virtual machines + azure_rm_virtualmachine: + resource_group: "{{ item.resource_group }}" + name: "{{ item.name }}" + vm_size: Standard_E2_v3 + virtual_network: "vnet-{{ item.name }}" + managed_disk_type: Standard_LRS + admin_username: adminuser + admin_password: "!test123@" + os_type: Linux + image: + offer: UbuntuServer + publisher: Canonical + sku: 16.04-LTS + version: latest + with_items: "{{ shared_virtual_machines }}" + register: create_vms + async: 1000 + poll: 0 + +- name: Wait for Virtual machine to be created + async_status: + jid: "{{ item.ansible_job_id }}" + register: wait_create_vm + until: wait_create_vm.finished + retries: 100 + delay: 5 + loop: "{{ create_vms.results }}" + +- name: Get virtual machine info + azure_rm_virtualmachine_info: + resource_group: "{{ item.resource_group }}" + name: "{{ item.name }}" + register: vm_result + with_items: "{{ shared_virtual_machines }}" + +- set_fact: + vm_ids: "{{ vm_result.results | map(attribute='vms') | flatten | map(attribute='id') | list }}" + +# Test attach disk on VMs +- name: Attach existing disks to VMs + azure.azcollection.azure_rm_multiplemanageddisks: + managed_disks: "{{ shared_disks }}" + managed_by_extended: + - "{{ item }}" + register: attach_disks + with_items: "{{ shared_virtual_machines }}" + +- name: Ensure result is changed + assert: + that: + - attach_disks is changed + - attach_disks.results | length == 2 + +- name: Retrieve managed disks info + azure_rm_manageddisk_info: + resource_group: "{{ item.resource_group }}" + name: "{{ item.name }}" + register: azure_disks + with_items: "{{ shared_disks }}" + +- name: Validate disks are attached to the VMs + assert: + that: + - azure_managed_disks | length == 2 + - azure_managed_disks.0.managed_by_extended | length == 2 + - azure_managed_disks.1.managed_by_extended | length == 2 + - vm_ids[0] in azure_managed_disks.0.managed_by_extended + - vm_ids[1] in azure_managed_disks.0.managed_by_extended + - vm_ids[0] in azure_managed_disks.1.managed_by_extended + - vm_ids[1] in azure_managed_disks.1.managed_by_extended + vars: + azure_managed_disks: "{{ azure_disks.results | map(attribute='ansible_info') | list | map(attribute='azure_managed_disk') | flatten | list }}" + +- name: Attach disks once again (idempotency) + azure.azcollection.azure_rm_multiplemanageddisks: + managed_disks: "{{ shared_disks }}" + managed_by_extended: "{{ shared_virtual_machines }}" + register: attach_idempotency + +- name: Ensure result is not changed + assert: + that: + - attach_idempotency is not changed + +# Test: Detach managed disk from specific VM +- name: Detach disk item 1 from VM item 1 + azure.azcollection.azure_rm_multiplemanageddisks: + managed_disks: + - "{{ shared_disks[0] }}" + managed_by_extended: + - "{{ shared_virtual_machines[0] }}" + state: absent + register: detach_disks + +- name: Ensure result is changed + assert: + that: + - detach_disks is changed + +- name: Retrieve managed disks info + azure_rm_manageddisk_info: + resource_group: "{{ item.resource_group }}" + name: "{{ item.name }}" + register: azure_disks + with_items: "{{ shared_disks }}" + +- name: Ensure disk 1 is attached to VM 1 only and disk 2 is attached to VM 1 and VM 2 + assert: + that: + - azure_managed_disks | length == 2 + - azure_managed_disks.0.managed_by_extended | length == 1 + - azure_managed_disks.1.managed_by_extended | length == 2 + - azure_managed_disks.0.managed_by == vm_ids[1] + - vm_ids[0] not in azure_managed_disks.0.managed_by_extended + - vm_ids[1] in azure_managed_disks.0.managed_by_extended + - vm_ids[0] in azure_managed_disks.1.managed_by_extended + - vm_ids[1] in azure_managed_disks.1.managed_by_extended + vars: + azure_managed_disks: "{{ azure_disks.results | map(attribute='ansible_info') | list | map(attribute='azure_managed_disk') | flatten | list }}" + +- name: Detach disks once again (idempotency) + azure.azcollection.azure_rm_multiplemanageddisks: + managed_disks: + - "{{ shared_disks[0] }}" + managed_by_extended: + - "{{ shared_virtual_machines[0] }}" + state: absent + register: detach_idempotency + +- name: Ensure result is not changed + assert: + that: + - detach_idempotency is not changed + +# Test Detach disks from all VMs +- name: Detach disk 2 from all VMs + azure.azcollection.azure_rm_multiplemanageddisks: + managed_disks: + - "{{ shared_disks[1] }}" + managed_by_extended: [] + state: present + register: detach_from_vms + +- name: Retrieve managed disks info + azure_rm_manageddisk_info: + resource_group: "{{ shared_disks[1].resource_group }}" + name: "{{ shared_disks[1].name }}" + register: azure_disks + +- name: Ensure disk is not attached to any VM + assert: + that: + - detach_from_vms is changed + - azure_disks.ansible_info.azure_managed_disk | length == 1 + - not azure_disks.ansible_info.azure_managed_disk.0.managed_by + - not azure_disks.ansible_info.azure_managed_disk.0.managed_by_extended + +- name: Detach disk 2 from all VMs once again (idempotency) + azure.azcollection.azure_rm_multiplemanageddisks: + managed_disks: + - "{{ shared_disks[1] }}" + managed_by_extended: [] + state: present + register: detach_from_vms + +- name: Ensure nothing changed + assert: + that: + - detach_from_vms is not changed + +# Test delete disk attached to a VM +- name: Retrieve managed disks info + azure_rm_manageddisk_info: + resource_group: "{{ shared_disks[0].resource_group }}" + name: "{{ shared_disks[0].name }}" + register: azure_disks + +- name: Ensure disk is attached to at least one VM + assert: + that: + - azure_disks.ansible_info.azure_managed_disk.0.managed_by + - azure_disks.ansible_info.azure_managed_disk.0.managed_by_extended | length > 0 + +- name: Delete managed disk attached to VM + azure.azcollection.azure_rm_multiplemanageddisks: + managed_disks: + - "{{ shared_disks[0] }}" + state: absent + register: delete_attached_disk + +- name: Retrieve managed disks info + azure_rm_manageddisk_info: + resource_group: "{{ shared_disks[0].resource_group }}" + name: "{{ shared_disks[0].name }}" + register: azure_disks + +- name: Ensure disk was deleted + assert: + that: + - delete_attached_disk is changed + - azure_disks.ansible_info.azure_managed_disk | length == 0 + +- name: Delete managed disk once again (idempotency) + azure.azcollection.azure_rm_multiplemanageddisks: + managed_disks: + - "{{ shared_disks[0] }}" + state: absent + register: delete_attached_disk + +- name: Ensure delete idempotency + assert: + that: + - delete_attached_disk is not changed + +# Test managed disks deletion with managed_by_extended set to [] +- name: Trying to delete managed disks with managed_by_extended set to [] + azure.azcollection.azure_rm_multiplemanageddisks: + managed_disks: + - "{{ shared_disks[1] }}" + managed_by_extended: [] + state: absent + register: delete_with_wrong_parameter + +- name: Ensure disks were not deleted + assert: + that: + - delete_with_wrong_parameter is not changed + +# Test managed disks deletion +- name: Delete managed disks + azure.azcollection.azure_rm_multiplemanageddisks: + managed_disks: + - "{{ shared_disks[1] }}" + state: absent + register: delete_disk + +- name: Retrieve managed disks info + azure_rm_manageddisk_info: + resource_group: "{{ shared_disks[1].resource_group }}" + name: "{{ shared_disks[1].name }}" + register: azure_disks + +- name: Ensure disk was deleted + assert: + that: + - delete_disk is changed + - azure_disks.ansible_info.azure_managed_disk | length == 0 + +- name: Delete managed disks once again (idempotency) + azure.azcollection.azure_rm_multiplemanageddisks: + managed_disks: + - "{{ shared_disks[1] }}" + state: absent + register: delete_idempotency + +- name: Ensure nothing changed + assert: + that: + - delete_idempotency is not changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_multiplemanageddisks/templates/disk_config.j2 b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_multiplemanageddisks/templates/disk_config.j2 new file mode 100644 index 000000000..212bb9c03 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_multiplemanageddisks/templates/disk_config.j2 @@ -0,0 +1,11 @@ +{% for i in range(virtual_machines|length) %} +- disks: +{% for d in range(async_number_disk_to_attach) %} + - disk_size_gb: 1 + name: "{{ virtual_machines[i].name }}-disk-{{ d }}" + resource_group: "{{ resource_group_secondary }}" +{% endfor %} + virtual_machine: + name: "{{ virtual_machines[i].name }}" + resource_group: "{{ resource_group_secondary }}" +{% endfor %} diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_mysqlserver/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_mysqlserver/aliases new file mode 100644 index 000000000..21e7a127b --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_mysqlserver/aliases @@ -0,0 +1,10 @@ +cloud/azure +destructive +shippable/azure/group13 +azure_rm_mysqlserver_facts +azure_rm_mysqldatabase +azure_rm_mysqldatabase_facts +azure_rm_mysqlfirewallrule +azure_rm_mysqlfirewallrule_facts +azure_rm_mysqlconfiguration +azure_rm_mysqlconfiguration_facts diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_mysqlserver/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_mysqlserver/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_mysqlserver/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_mysqlserver/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_mysqlserver/tasks/main.yml new file mode 100644 index 000000000..75475bc3b --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_mysqlserver/tasks/main.yml @@ -0,0 +1,675 @@ +- name: Prepare random number + set_fact: + rpfx: "{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + run_once: yes + +- name: Create instance of MySQL Server -- check mode + azure_rm_mysqlserver: + resource_group: "{{ resource_group }}" + name: mysqlsrv{{ rpfx }} + sku: + name: B_Gen5_1 + tier: Basic + location: westus2 + storage_profile: + storage_mb: 51200 + backup_retention_days: 7 + geo_redundant_backup: Disabled + storage_autogrow: Disabled + version: 5.7 + enforce_ssl: True + admin_username: zimxyz + admin_password: Password123! + check_mode: yes + register: output +- name: Assert the resource instance is well created + assert: + that: + - output.changed + +- name: Create instance of MySQL Server + azure_rm_mysqlserver: + resource_group: "{{ resource_group }}" + name: mysqlsrv{{ rpfx }} + sku: + name: B_Gen5_1 + tier: Basic + location: westus2 + storage_profile: + storage_mb: 51200 + backup_retention_days: 7 + geo_redundant_backup: Disabled + storage_autogrow: Disabled + version: 5.7 + enforce_ssl: True + admin_username: zimxyz + admin_password: Password123! + register: output +- name: Assert the resource instance is well created + assert: + that: + - output.changed + - output.state == 'Ready' + +- name: Create again instance of MySQL Server + azure_rm_mysqlserver: + resource_group: "{{ resource_group }}" + name: mysqlsrv{{ rpfx }} + sku: + name: B_Gen5_1 + tier: Basic + location: westus2 + storage_profile: + storage_mb: 51200 + backup_retention_days: 7 + geo_redundant_backup: Disabled + storage_autogrow: Disabled + version: 5.7 + enforce_ssl: True + admin_username: zimxyz + admin_password: Password123! + register: output +- name: Assert the state has not changed + assert: + that: + - output.changed == false + - output.state == 'Ready' + +- name: Update instance of MySQL Server, change storage size + azure_rm_mysqlserver: + resource_group: "{{ resource_group }}" + name: mysqlsrv{{ rpfx }} + sku: + name: B_Gen5_1 + tier: Basic + location: westus2 + storage_profile: + storage_mb: 128000 + backup_retention_days: 7 + geo_redundant_backup: Disabled + storage_autogrow: Disabled + version: 5.7 + enforce_ssl: True + admin_username: zimxyz + admin_password: Password123! + register: output +- name: Assert the state has not changed + assert: + that: + - output.changed + - output.state == 'Ready' +- debug: + var: output + +- name: Gather facts MySQL Server + azure_rm_mysqlserver_info: + resource_group: "{{ resource_group }}" + name: mysqlsrv{{ rpfx }} + register: output +- name: Assert that storage size is correct + assert: + that: + - output.servers[0]['storage_profile']['storage_mb'] == 128000 + +- name: Restart MySQL Server + azure_rm_mysqlserver: + resource_group: "{{ resource_group }}" + name: mysqlsrv{{ rpfx }} + restarted: True + register: output +- name: Assert the state has not changed + assert: + that: + - output.changed + +- name: Create second instance of MySQL Server + azure_rm_mysqlserver: + resource_group: "{{ resource_group }}" + name: mysqlsrv{{ rpfx }}second + sku: + name: B_Gen5_1 + tier: Basic + location: westus2 + storage_profile: + storage_mb: 51200 + backup_retention_days: 7 + geo_redundant_backup: Disabled + storage_autogrow: Disabled + version: 5.7 + enforce_ssl: True + admin_username: zimxyz + admin_password: Password123! + tags: + aaa: bbb + +- name: Create second instance of MySQL Server + azure_rm_mysqlserver: + resource_group: "{{ resource_group }}" + name: mysqlsrv{{ rpfx }}second + sku: + name: B_Gen5_1 + tier: Basic + location: westus2 + storage_profile: + storage_mb: 51200 + backup_retention_days: 7 + geo_redundant_backup: Disabled + storage_autogrow: Disabled + version: 5.7 + enforce_ssl: True + admin_username: zimxyz + admin_password: Password123! + tags: + ccc: ddd + +- name: Gather facts MySQL Server + azure_rm_mysqlserver_info: + resource_group: "{{ resource_group }}" + name: mysqlsrv{{ rpfx }}second + register: output + +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.servers[0]['id'] != None + - output.servers[0]['name'] != None + - output.servers[0]['location'] != None + - output.servers[0]['sku']['name'] != None + - output.servers[0]['sku']['tier'] != None + - output.servers[0]['sku']['capacity'] != None + - output.servers[0]['version'] != None + - output.servers[0]['user_visible_state'] != None + - output.servers[0]['fully_qualified_domain_name'] != None + - output.servers[0]['tags']['aaa'] == 'bbb' + - output.servers[0]['tags']['ccc'] == 'ddd' + +- name: Gather facts MySQL Server + azure_rm_mysqlserver_info: + resource_group: "{{ resource_group }}" + register: output +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.servers[0]['id'] != None + - output.servers[0]['name'] != None + - output.servers[0]['location'] != None + - output.servers[0]['sku']['name'] != None + - output.servers[0]['sku']['tier'] != None + - output.servers[0]['sku']['capacity'] != None + - output.servers[0]['version'] != None + - output.servers[0]['user_visible_state'] != None + - output.servers[0]['fully_qualified_domain_name'] != None + - output.servers[1]['id'] != None + - output.servers[1]['name'] != None + - output.servers[1]['location'] != None + - output.servers[1]['sku']['name'] != None + - output.servers[1]['sku']['tier'] != None + - output.servers[1]['sku']['capacity'] != None + - output.servers[1]['version'] != None + - output.servers[1]['user_visible_state'] != None + - output.servers[1]['fully_qualified_domain_name'] != None + +# +# azure_rm_mysqldatabase tests below +# +- name: Create instance of MySQL Database -- check mode + azure_rm_mysqldatabase: + resource_group: "{{ resource_group }}" + server_name: mysqlsrv{{ rpfx }} + name: testdatabase + check_mode: yes + register: output +- name: Assert the resource instance is well created + assert: + that: + - output.changed + +- name: Create instance of MySQL Database + azure_rm_mysqldatabase: + resource_group: "{{ resource_group }}" + server_name: mysqlsrv{{ rpfx }} + name: testdatabase + collation: latin1_swedish_ci + charset: latin1 + register: output +- name: Assert the resource instance is well created + assert: + that: + - output.changed + - output.name == 'testdatabase' + +- name: Create again instance of MySQL Database + azure_rm_mysqldatabase: + resource_group: "{{ resource_group }}" + server_name: mysqlsrv{{ rpfx }} + name: testdatabase + collation: latin1_swedish_ci + charset: latin1 + register: output +- name: Assert the state has not changed + assert: + that: + - output.changed == false + - output.name == 'testdatabase' + +- name: Try to update database without force_update + azure_rm_mysqldatabase: + resource_group: "{{ resource_group }}" + server_name: mysqlsrv{{ rpfx }} + name: testdatabase + collation: utf8_general_ci + charset: utf8 + ignore_errors: yes + register: output +- name: Assert that nothing has changed + assert: + that: + - output.changed == False + +- name: Update instance of database using force_update + azure_rm_mysqldatabase: + resource_group: "{{ resource_group }}" + server_name: mysqlsrv{{ rpfx }} + name: testdatabase + collation: utf8_general_ci + charset: utf8 + force_update: yes + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + - output.name == 'testdatabase' + +- name: Create second instance of MySQL Database + azure_rm_mysqldatabase: + resource_group: "{{ resource_group }}" + server_name: mysqlsrv{{ rpfx }} + name: testdatabase2 + +- name: Gather facts MySQL Database + azure_rm_mysqldatabase_info: + resource_group: "{{ resource_group }}" + server_name: mysqlsrv{{ rpfx }} + name: testdatabase + register: output + +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.databases[0]['server_name'] != None + - output.databases[0]['name'] != None + - output.databases[0]['charset'] != None + - output.databases[0]['collation'] != None + +- name: Gather facts MySQL Database + azure_rm_mysqldatabase_info: + resource_group: "{{ resource_group }}" + server_name: mysqlsrv{{ rpfx }} + register: output +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.databases[0]['server_name'] != None + - output.databases[0]['name'] != None + - output.databases[0]['charset'] != None + - output.databases[0]['collation'] != None + - output.databases[1]['server_name'] != None + - output.databases[1]['name'] != None + - output.databases[1]['charset'] != None + - output.databases[1]['collation'] != None + +- name: Delete instance of MySQL Database -- check mode + azure_rm_mysqldatabase: + resource_group: "{{ resource_group }}" + server_name: mysqlsrv{{ rpfx }} + name: testdatabase + state: absent + check_mode: yes + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Delete instance of MySQL Database + azure_rm_mysqldatabase: + resource_group: "{{ resource_group }}" + server_name: mysqlsrv{{ rpfx }} + name: testdatabase + state: absent + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Delete unexisting instance of MySQL Database + azure_rm_mysqldatabase: + resource_group: "{{ resource_group }}" + server_name: mysqlsrv{{ rpfx }} + name: testdatabase + state: absent + register: output +- name: Assert the state has changed + assert: + that: + - output.changed == false + +# +# azure_rm_firewallrule tests below +# +- name: Create instance of Firewall Rule -- check mode + azure_rm_mysqlfirewallrule: + resource_group: "{{ resource_group }}" + server_name: mysqlsrv{{ rpfx }} + name: firewallrule{{ rpfx }} + start_ip_address: 172.28.10.136 + end_ip_address: 172.28.10.138 + check_mode: yes + register: output +- name: Assert the resource instance is well created + assert: + that: + - output.changed + +- name: Create instance of Firewall Rule + azure_rm_mysqlfirewallrule: + resource_group: "{{ resource_group }}" + server_name: mysqlsrv{{ rpfx }} + name: firewallrule{{ rpfx }} + start_ip_address: 172.28.10.136 + end_ip_address: 172.28.10.138 + register: output +- name: Assert the resource instance is well created + assert: + that: + - output.changed + +- name: Create again instance of Firewall Rule + azure_rm_mysqlfirewallrule: + resource_group: "{{ resource_group }}" + server_name: mysqlsrv{{ rpfx }} + name: firewallrule{{ rpfx }} + start_ip_address: 172.28.10.136 + end_ip_address: 172.28.10.138 + register: output +- name: Assert the state has not changed + assert: + that: + - output.changed == false + +- name: Delete instance of Firewall Rule -- check mode + azure_rm_mysqlfirewallrule: + resource_group: "{{ resource_group }}" + server_name: mysqlsrv{{ rpfx }} + name: firewallrule{{ rpfx }} + state: absent + check_mode: yes + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Create instance of Firewall Rule -- second + azure_rm_mysqlfirewallrule: + resource_group: "{{ resource_group }}" + server_name: mysqlsrv{{ rpfx }} + name: firewallrule{{ rpfx }}second + start_ip_address: 172.28.10.136 + end_ip_address: 172.28.10.138 + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Gather facts MySQL Firewall Rule + azure_rm_mysqlfirewallrule_info: + resource_group: "{{ resource_group }}" + server_name: mysqlsrv{{ rpfx }} + name: firewallrule{{ rpfx }} + register: output +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.rules[0].id != None + - output.rules[0].server_name != None + - output.rules[0].name != None + - output.rules[0].start_ip_address != None + - output.rules[0].end_ip_address != None + - "output.rules | length == 1" + +- name: Gather facts MySQL Firewall Rule + azure_rm_mysqlfirewallrule_info: + resource_group: "{{ resource_group }}" + server_name: mysqlsrv{{ rpfx }} + register: output +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.rules[0].id != None + - output.rules[0].server_name != None + - output.rules[0].name != None + - output.rules[0].start_ip_address != None + - output.rules[0].end_ip_address != None + - output.rules[1].id != None + - output.rules[1].name != None + - output.rules[1].start_ip_address != None + - output.rules[1].end_ip_address != None + - "output.rules | length == 2" + +- name: Delete instance of Firewall Rule + azure_rm_mysqlfirewallrule: + resource_group: "{{ resource_group }}" + server_name: mysqlsrv{{ rpfx }} + name: firewallrule{{ rpfx }} + state: absent + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Delete unexisting instance of Firewall Rule + azure_rm_mysqlfirewallrule: + resource_group: "{{ resource_group }}" + server_name: mysqlsrv{{ rpfx }} + name: firewallrule{{ rpfx }} + state: absent + register: output +- name: Assert the state has changed + assert: + that: + - output.changed == false + +- name: Delete instance of Firewall Rule - second + azure_rm_mysqlfirewallrule: + resource_group: "{{ resource_group }}" + server_name: mysqlsrv{{ rpfx }} + name: firewallrule{{ rpfx }}second + state: absent + +- name: Gather facts MySQL Firewall Rule + azure_rm_mysqlfirewallrule_info: + resource_group: "{{ resource_group }}" + server_name: mysqlsrv{{ rpfx }} + name: firewallrule{{ rpfx }} + register: output +- name: Assert that empty list was returned + assert: + that: + - output.changed == False + - "output.rules | length == 0" + +# +# configuration +# +- name: Create instance of Configuration -- check mode + azure_rm_mysqlconfiguration: + resource_group: "{{ resource_group }}" + server_name: mysqlsrv{{ rpfx }} + name: event_scheduler + value: "ON" + check_mode: yes + register: output +- name: Assert that change was registered + assert: + that: + - output.changed + +- name: Try to delete default configuraion + azure_rm_mysqlconfiguration_info: + resource_group: "{{ resource_group }}" + server_name: mysqlsrv{{ rpfx }} + name: event_scheduler + register: output +- name: Get facts of event_scheduler + debug: + var: output + +- name: Try to delete default configuraion + azure_rm_mysqlconfiguration: + resource_group: "{{ resource_group }}" + server_name: mysqlsrv{{ rpfx }} + name: event_scheduler + state: absent + register: output +- name: Assert that change was registered + assert: + that: + - not output.changed + +- name: Try to change default configuraion + azure_rm_mysqlconfiguration: + resource_group: "{{ resource_group }}" + server_name: mysqlsrv{{ rpfx }} + name: event_scheduler + value: "ON" + register: output +- name: Assert that change was registered + assert: + that: + - output.changed + +- name: Try to change default configuration -- idempotent + azure_rm_mysqlconfiguration: + resource_group: "{{ resource_group }}" + server_name: mysqlsrv{{ rpfx }} + name: event_scheduler + value: "ON" + register: output +- name: Assert that change was registered + assert: + that: + - not output.changed + +- name: Try to reset configuration + azure_rm_mysqlconfiguration: + resource_group: "{{ resource_group }}" + server_name: mysqlsrv{{ rpfx }} + name: event_scheduler + state: absent + register: output +- name: Assert that change was registered + assert: + that: + - output.changed + +- name: Try to reset configuration -- idempotent + azure_rm_mysqlconfiguration: + resource_group: "{{ resource_group }}" + server_name: mysqlsrv{{ rpfx }} + name: event_scheduler + state: absent + register: output +- name: Assert that change was registered + assert: + that: + - not output.changed + +- name: Gather facts MySQL Configuration + azure_rm_mysqlconfiguration_info: + resource_group: "{{ resource_group }}" + server_name: mysqlsrv{{ rpfx }} + name: event_scheduler + register: output +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.settings[0].id != None + - output.settings[0].name != None + - output.settings[0].value != None + - output.settings[0].description != None + - output.settings[0].source != None + - output.settings | length == 1 + +- name: Gather facts MySQL Configuration + azure_rm_mysqlconfiguration_info: + resource_group: "{{ resource_group }}" + server_name: mysqlsrv{{ rpfx }} + register: output +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.settings[0].id != None + - output.settings[0].name != None + - output.settings[0].value != None + - output.settings[0].description != None + - output.settings[0].source != None + - output.settings | length > 1 + +# +# clean up azure_rm_mysqlserver test +# + +- name: Delete instance of MySQL Server -- check mode + azure_rm_mysqlserver: + resource_group: "{{ resource_group }}" + name: mysqlsrv{{ rpfx }} + state: absent + check_mode: yes + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Delete instance of MySQL Server + azure_rm_mysqlserver: + resource_group: "{{ resource_group }}" + name: mysqlsrv{{ rpfx }} + state: absent + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Delete unexisting instance of MySQL Server + azure_rm_mysqlserver: + resource_group: "{{ resource_group }}" + name: mysqlsrv{{ rpfx }} + state: absent + register: output +- name: Assert the state has changed + assert: + that: + - output.changed == false + +- name: Delete second instance of MySQL Server + azure_rm_mysqlserver: + resource_group: "{{ resource_group }}" + name: mysqlsrv{{ rpfx }}second + state: absent + async: 400 + poll: 0 diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_natgateway/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_natgateway/aliases new file mode 100644 index 000000000..77e564784 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_natgateway/aliases @@ -0,0 +1,4 @@ +cloud/azure +destructive +shippable/azure/group6 +disabled diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_natgateway/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_natgateway/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_natgateway/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_natgateway/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_natgateway/tasks/main.yml new file mode 100644 index 000000000..b411d2422 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_natgateway/tasks/main.yml @@ -0,0 +1,346 @@ +- name: Prepare random number + set_fact: + rpfx: "{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + run_once: true +- name: Set json query to only retrieve gateways from this test + set_fact: + query: "[?ends_with(name, `{{ rpfx }}`)]" + run_once: true + +- name: Get resource group info + azure_rm_resourcegroup_info: + name: "{{ resource_group }}" + register: rg_output +- name: Store rg location + set_fact: + rg_location: "{{ rg_output.resourcegroups[0].location }}" + run_once: true + +- name: Get NAT gateways + azure_rm_natgateway_info: + resource_group: "{{ resource_group }}" + register: natgw_output +- name: Assert there are no gateways + assert: + that: + - natgw_output.gateways | community.general.json_query(query) | length == 0 + +- name: Create instance of NAT Gateway in check_mode + azure_rm_natgateway: + resource_group: "{{ resource_group }}" + name: nat-gateway{{ rpfx }}1 + register: output + check_mode: yes +- name: Assert the resource instance is well created + assert: + that: + - output.changed + +- name: Get NAT gateways + azure_rm_natgateway_info: + resource_group: "{{ resource_group }}" + register: natgw_output +- name: Assert there are still no gateways + assert: + that: + - natgw_output.gateways | community.general.json_query(query) | length == 0 + +- name: Create instance of NAT Gateway + azure_rm_natgateway: + resource_group: "{{ resource_group }}" + name: nat-gateway{{ rpfx }}1 + register: natgw_output +- name: Assert that gateway is well created + assert: + that: + - natgw_output.changed + - natgw_output.resource_group == "{{ resource_group }}" + - natgw_output.name == "nat-gateway{{ rpfx }}1" + - natgw_output.location == "{{ rg_location }}" +- name: Get NAT gateways + azure_rm_natgateway_info: + name: nat-gateway{{ rpfx }}1 + resource_group: "{{ resource_group }}" + register: natgw_output +- name: Assert that gateway has the right default parameters + assert: + that: + - natgw_output.gateways[0].idle_timeout_in_minutes == 4 + +- name: Try to update instance of NAT Gateway - no change + azure_rm_natgateway: + resource_group: "{{ resource_group }}" + name: nat-gateway{{ rpfx }}1 + register: output +- name: Assert the resource instance is not changed + assert: + that: + - not output.changed + +- name: Try to update instance of NAT Gateway - change timeout + azure_rm_natgateway: + resource_group: "{{ resource_group }}" + name: nat-gateway{{ rpfx }}1 + idle_timeout_in_minutes: 10 + register: natgw_output +- name: Assert the resource instance is changed + assert: + that: + - natgw_output.changed + - natgw_output.location == "{{ rg_location }}" +- name: Get NAT gateways + azure_rm_natgateway_info: + name: nat-gateway{{ rpfx }}1 + resource_group: "{{ resource_group }}" + register: natgw_output +- name: Assert that gateway has the right parameters + assert: + that: + - natgw_output.gateways[0].idle_timeout_in_minutes == 10 + +- name: Try to update instance of NAT Gateway - no change as this is the default value + azure_rm_natgateway: + resource_group: "{{ resource_group }}" + name: nat-gateway{{ rpfx }}1 + sku: + name: standard + idle_timeout_in_minutes: 10 + register: output +- name: Assert the resource instance is not changed + assert: + that: + - not output.changed + +- name: Create public IP for NAT Gateway + azure_rm_publicipaddress: + name: "nat-gateway{{ rpfx }}-pip1" + resource_group: "{{ resource_group }}" + sku: "standard" + allocation_method: "static" +- name: Get public IP for NAT Gateway + azure_rm_publicipaddress_info: + name: "nat-gateway{{ rpfx }}-pip1" + resource_group: "{{ resource_group }}" + register: pip_info_output + +- name: Create second public IP for NAT Gateway + azure_rm_publicipaddress: + name: "nat-gateway{{ rpfx }}-pip2" + resource_group: "{{ resource_group }}" + sku: "standard" + allocation_method: "static" + +- name: Try to update instance of NAT Gateway - add public IPs + azure_rm_natgateway: + resource_group: "{{ resource_group }}" + name: nat-gateway{{ rpfx }}1 + idle_timeout_in_minutes: 10 + sku: + name: standard + public_ip_addresses: + - "{{ pip_info_output.publicipaddresses[0].id }}" + - "nat-gateway{{ rpfx }}-pip2" + register: natgw_output +- name: Assert the resource instance is changed + assert: + that: + - natgw_output.changed +- name: Get NAT gateways + azure_rm_natgateway_info: + name: nat-gateway{{ rpfx }}1 + resource_group: "{{ resource_group }}" + register: natgw_output +- name: Assert that gateway has the right parameters + assert: + that: + - natgw_output.gateways[0].public_ip_addresses | length == 2 + +- name: Try to update instance of NAT Gateway - remove 1 public IPs + azure_rm_natgateway: + resource_group: "{{ resource_group }}" + name: nat-gateway{{ rpfx }}1 + idle_timeout_in_minutes: 10 + sku: + name: standard + public_ip_addresses: + - "nat-gateway{{ rpfx }}-pip2" + register: natgw_output +- name: Assert the resource instance is changed + assert: + that: + - natgw_output.changed +- name: Get NAT gateways + azure_rm_natgateway_info: + name: nat-gateway{{ rpfx }}1 + resource_group: "{{ resource_group }}" + register: natgw_output +- name: Assert that gateway has the right parameters + assert: + that: + - natgw_output.gateways[0].public_ip_addresses | length == 1 + +# Note: disassociating first IP address helps avoiding issues when deleting them +- name: Try to update instance of NAT Gateway - remove last public IPs + azure_rm_natgateway: + resource_group: "{{ resource_group }}" + name: nat-gateway{{ rpfx }}1 + idle_timeout_in_minutes: 10 + sku: + name: standard + register: natgw_output +- name: Assert the resource instance is changed + assert: + that: + - natgw_output.changed +- name: Get NAT gateways + azure_rm_natgateway_info: + name: nat-gateway{{ rpfx }}1 + resource_group: "{{ resource_group }}" + register: natgw_output +- name: Assert that gateway has the right parameters + assert: + that: + - natgw_output.gateways[0].public_ip_addresses == None + +- name: Create virtual network + azure_rm_virtualnetwork: + name: "vnet{{ rpfx }}" + address_prefixes_cidr: + - 10.1.0.0/16 + - 172.100.0.0/16 + - fdda:e69b:1587:495e::/64 + dns_servers: + - 127.0.0.1 + - 127.0.0.3 + tags: + testing: testing + delete: on-exit + resource_group: "{{ resource_group }}" + +- name: Create the subnet + azure_rm_subnet: + name: "subnet{{ rpfx }}" + virtual_network_name: "vnet{{ rpfx }}" + address_prefix_cidr: "10.1.0.0/24" + nat_gateway: "{{ natgw_output.gateways[0].id }}" + resource_group: "{{ resource_group }}" +- name: Get the subnet facts + azure_rm_subnet_info: + name: "subnet{{ rpfx }}" + virtual_network_name: "vnet{{ rpfx }}" + resource_group: "{{ resource_group }}" + register: output +- name: Assert the NAT Gateway is associated + assert: + that: + - output.subnets[0].nat_gateway == "{{ natgw_output.gateways[0].id }}" + +- name: Create instance of NAT Gateway + azure_rm_natgateway: + resource_group: "{{ resource_group }}" + name: nat-gateway{{ rpfx }}3 + register: natgw_output3 +- name: Update the subnet - Update associated NAT Gateway + azure_rm_subnet: + name: "subnet{{ rpfx }}" + virtual_network_name: "vnet{{ rpfx }}" + address_prefix_cidr: "10.1.0.0/24" + resource_group: "{{ resource_group }}" + nat_gateway: nat-gateway{{ rpfx }}3 +- name: Get the subnet facts + azure_rm_subnet_info: + name: "subnet{{ rpfx }}" + virtual_network_name: "vnet{{ rpfx }}" + resource_group: "{{ resource_group }}" + register: output +- name: Assert the NAT Gateway is not associated + assert: + that: + - output.subnets[0].nat_gateway == "{{ natgw_output3.id }}" + +- name: Update the subnet - Disassociate NAT Gateway + azure_rm_subnet: + name: "subnet{{ rpfx }}" + virtual_network_name: "vnet{{ rpfx }}" + address_prefix_cidr: "10.1.0.0/24" + resource_group: "{{ resource_group }}" +- name: Get the subnet facts + azure_rm_subnet_info: + name: "subnet{{ rpfx }}" + virtual_network_name: "vnet{{ rpfx }}" + resource_group: "{{ resource_group }}" + register: output +- name: Assert the NAT Gateway is not associated + assert: + that: + - output.subnets[0].nat_gateway == None + +# A resource with the same name cannot be created in another location +- name: Create a second instance of NAT Gateway - change location and name + azure_rm_natgateway: + resource_group: "{{ resource_group }}" + name: nat-gateway{{ rpfx }}2 + idle_timeout_in_minutes: 10 + location: eastus + zones: [ 1 ] + sku: + name: standard + register: natgw_output +- name: Assert the resource instance is changed + assert: + that: + - natgw_output.changed + - natgw_output.location == "eastus" +- name: Get NAT gateways + azure_rm_natgateway_info: + name: nat-gateway{{ rpfx }}2 + resource_group: "{{ resource_group }}" + register: natgw_output +- name: Assert that gateway has the right parameters + assert: + that: + - natgw_output.gateways[0].idle_timeout_in_minutes == 10 + - natgw_output.gateways[0].zones[0] == "1" + +#### Final cleanup +- name: Delete instance of NAT Gateway + azure_rm_natgateway: + resource_group: "{{ resource_group }}" + name: nat-gateway{{ rpfx }}{{ item }} + state: absent + register: output + with_items: + - 1 + - 2 + - 3 + +- name: Remove subnet + azure_rm_subnet: + state: absent + name: subnet{{ rpfx }} + virtual_network_name: vnet{{ rpfx }} + resource_group: "{{ resource_group }}" + +- name: Remove virtual network + azure_rm_virtualnetwork: + name: "vnet{{ rpfx }}" + resource_group: "{{ resource_group }}" + state: absent + +- name: Get NAT gateways + azure_rm_natgateway_info: + resource_group: "{{ resource_group }}" + register: natgw_output +- name: Assert there are no gateways left + assert: + that: + - natgw_output.gateways | community.general.json_query(query) | length == 0 + +- name: Delete public IPs for NAT Gateway + azure_rm_publicipaddress: + resource_group: "{{ resource_group }}" + name: "nat-gateway{{ rpfx }}-pip{{ item }}" + state: absent + with_items: + - 1 + - 2 diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_networkinterface/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_networkinterface/aliases new file mode 100644 index 000000000..88fb70609 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_networkinterface/aliases @@ -0,0 +1,4 @@ +cloud/azure +shippable/azure/group5 +destructive +azure_rm_applicationsecuritygroup diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_networkinterface/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_networkinterface/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_networkinterface/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_networkinterface/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_networkinterface/tasks/main.yml new file mode 100644 index 000000000..7e38fc7ee --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_networkinterface/tasks/main.yml @@ -0,0 +1,765 @@ +- name: Prepare random number + set_fact: + rpfx: "{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + applicationsecuritygroup_name1: "asg{{ resource_group | hash('md5') | truncate(5, True, '') }}{{ 1000 | random }}" + applicationsecuritygroup_name2: "asg{{ resource_group | hash('md5') | truncate(5, True, '') }}{{ 1000 | random }}" + nic_name1: "nic1{{ resource_group | hash('md5') | truncate(5, True, '') }}{{ 1000 | random }}" + run_once: yes + +- name: Create virtual network + azure_rm_virtualnetwork: + resource_group: "{{ resource_group_secondary }}" + name: "tn{{ rpfx }}" + address_prefixes: ["10.10.0.0/16", "fdae:f296:2787::/48"] + register: vn + +- name: Add subnet + azure_rm_subnet: + resource_group: "{{ resource_group_secondary }}" + name: "tn{{ rpfx }}" + address_prefixes_cidr: ["10.10.0.0/24", "fdae:f296:2787::/64"] + virtual_network: "tn{{ rpfx }}" + +- name: Create public IP addresses + azure_rm_publicipaddress: + name: '{{ item.name }}' + resource_group: '{{ resource_group }}' + sku: 'standard' + allocation_method: 'static' + version: '{{ item.version }}' + loop: + - name: 'pip{{ rpfx }}' + version: 'ipv4' + - name: 'tn{{ rpfx }}' + version: 'ipv4' + - name: 'pip{{ rpfx }}v6' + version: 'ipv6' + - name: 'tn{{ rpfx }}v6' + version: 'ipv6' + +- name: create load balancer with multiple parameters + azure_rm_loadbalancer: + resource_group: '{{ resource_group }}' + name: "lb{{ rpfx }}" + sku: 'Standard' + frontend_ip_configurations: + - name: frontendipconf0 + public_ip_address: "pip{{ rpfx }}" + - name: frontendipconf1 + public_ip_address: "pip{{ rpfx }}v6" + backend_address_pools: + - name: backendaddrpool0 + - name: backendaddrpool1 + - name: backendaddrpool2 + probes: + - name: prob0 + port: 80 + inbound_nat_pools: + - name: inboundnatpool0 + frontend_ip_configuration_name: frontendipconf0 + protocol: Tcp + frontend_port_range_start: 80 + frontend_port_range_end: 81 + backend_port: 8080 + - name: inboundnatpool1 + frontend_ip_configuration_name: frontendipconf1 + protocol: Tcp + frontend_port_range_start: 80 + frontend_port_range_end: 81 + backend_port: 8080 + load_balancing_rules: + - name: lbrbalancingrule0 + frontend_ip_configuration: frontendipconf0 + backend_address_pool: backendaddrpool0 + frontend_port: 80 + backend_port: 80 + probe: prob0 + - name: lbrbalancingrule1 + frontend_ip_configuration: frontendipconf1 + backend_address_pool: backendaddrpool2 + frontend_port: 80 + backend_port: 80 + probe: prob0 + register: lb + +- name: Create most simple NIC with virtual_network id (check mode) + azure_rm_networkinterface: + resource_group: "{{ resource_group }}" + name: "tn{{ rpfx }}" + virtual_network: "{{ vn.state.id }}" + subnet: "tn{{ rpfx }}" + public_ip: False + create_with_security_group: False + register: output + check_mode: yes + +- assert: + that: + - output.changed + +- name: Create most simple NIC with virtual_network resource_group + azure_rm_networkinterface: + resource_group: "{{ resource_group }}" + name: "tn{{ rpfx }}" + virtual_network: + name: "tn{{ rpfx }}" + resource_group: "{{ resource_group_secondary }}" + subnet: "tn{{ rpfx }}" + public_ip: False + create_with_security_group: False + register: output + +- assert: + that: + - output.changed + - output.state.id + - output.state.ip_configuration.primary + +- name: Get fact of the new created NIC + azure_rm_networkinterface_info: + resource_group: "{{ resource_group }}" + name: "tn{{ rpfx }}" + register: facts + +- assert: + that: + - "facts.networkinterfaces | length == 1" + - facts.networkinterfaces[0].id == output.state.id + - "facts.networkinterfaces[0].ip_configurations | length == 1" + - facts.networkinterfaces[0].ip_configurations[0].primary == True + - not facts.networkinterfaces[0].security_group + - not facts.networkinterfaces[0].ip_configurations[0].public_ip_address + - not facts.networkinterfaces[0].enable_ip_forwarding + - not facts.networkinterfaces[0].enable_accelerated_networking + +- name: Create most simple NIC with ip configurations (idempotent) + azure_rm_networkinterface: + resource_group: "{{ facts.networkinterfaces[0].resource_group }}" + name: "{{ facts.networkinterfaces[0].name }}" + virtual_network: "{{ facts.networkinterfaces[0].virtual_network }}" + create_with_security_group: False + ip_configurations: + - name: "{{ facts.networkinterfaces[0].ip_configurations[0].name }}" + private_ip_address: "{{ facts.networkinterfaces[0].ip_configurations[0].private_ip_address }}" + private_ip_allocation_method: "{{ facts.networkinterfaces[0].ip_configurations[0].private_ip_allocation_method }}" + primary: "{{ facts.networkinterfaces[0].ip_configurations[0].primary }}" + subnet: "{{ facts.networkinterfaces[0].subnet }}" + register: output + +- assert: + that: + - not output.changed + +- name: Create most simple NIC (idempotent) + azure_rm_networkinterface: + resource_group: "{{ resource_group }}" + name: "tn{{ rpfx }}" + virtual_network: "{{ vn.state.id }}" + subnet: "tn{{ rpfx }}" + create_with_security_group: False + public_ip: False + register: output + +- assert: + that: + - not output.changed + +- name: Update security group (check mode) + azure_rm_networkinterface: + resource_group: "{{ resource_group }}" + name: "tn{{ rpfx }}" + virtual_network: "{{ vn.state.id }}" + subnet: "tn{{ rpfx }}" + public_ip: False + security_group: "tn{{ rpfx }}sg" + register: output + check_mode: yes + +- assert: + that: + - output.changed + +- name: Update public ip address (check mode) + azure_rm_networkinterface: + resource_group: "{{ resource_group }}" + name: "tn{{ rpfx }}" + virtual_network: "{{ vn.state.id }}" + subnet: "tn{{ rpfx }}" + public_ip_address_name: "tn{{ rpfx }}" + create_with_security_group: False + register: output + check_mode: yes + +- assert: + that: + - output.changed + +- name: Update accelerated networking (check mode) + azure_rm_networkinterface: + resource_group: "{{ resource_group }}" + name: "tn{{ rpfx }}" + virtual_network: "{{ vn.state.id }}" + subnet: "tn{{ rpfx }}" + enable_accelerated_networking: True + create_with_security_group: False + public_ip: False + register: output + check_mode: yes + +- assert: + that: + - output.changed + +- name: Update IP forwarding networking (check mode) + azure_rm_networkinterface: + resource_group: "{{ resource_group }}" + name: "tn{{ rpfx }}" + virtual_network: "{{ vn.state.id }}" + subnet: "tn{{ rpfx }}" + create_with_security_group: False + enable_ip_forwarding: True + public_ip: False + register: output + check_mode: yes + +- assert: + that: + - output.changed + +- name: Update dns server (check mode) + azure_rm_networkinterface: + resource_group: "{{ resource_group }}" + name: "tn{{ rpfx }}" + virtual_network: "{{ vn.state.id }}" + subnet: "tn{{ rpfx }}" + create_with_security_group: False + public_ip: False + dns_servers: + - 8.9.10.11 + - 7.8.9.10 + register: output + check_mode: yes + +- assert: + that: + - output.changed + +- name: Update NIC + azure_rm_networkinterface: + resource_group: "{{ resource_group }}" + name: "tn{{ rpfx }}" + virtual_network: "{{ vn.state.id }}" + subnet: "tn{{ rpfx }}" + enable_accelerated_networking: True + enable_ip_forwarding: True + security_group: "tn{{ rpfx }}sg" + dns_servers: + - 8.9.10.11 + - 7.8.9.10 + ip_configurations: + - name: "{{ facts.networkinterfaces[0].ip_configurations[0].name }}" + private_ip_address: "{{ facts.networkinterfaces[0].ip_configurations[0].private_ip_address }}" + private_ip_allocation_method: "{{ facts.networkinterfaces[0].ip_configurations[0].private_ip_allocation_method }}" + primary: "{{ facts.networkinterfaces[0].ip_configurations[0].primary }}" + - name: ipconfig1 + public_ip_name: "tn{{ rpfx }}" + load_balancer_backend_address_pools: + - "{{ lb.state.backend_address_pools[0].id }}" + - name: backendaddrpool1 + load_balancer: "lb{{ rpfx }}" + - name: ipconfig2 + public_ip_name: "tn{{ rpfx }}v6" + private_ip_address_version: 'IPv6' + load_balancer_backend_address_pools: + - "{{ lb.state.backend_address_pools[2].id }}" + - name: backendaddrpool2 + load_balancer: "lb{{ rpfx }}" + register: output + +- assert: + that: + - output.changed + - output.state.dns_settings.dns_servers == ['8.9.10.11', '7.8.9.10'] + - output.state.enable_ip_forwarding + - output.state.network_security_group.name == "tn{{ rpfx }}sg" + - output.state.enable_accelerated_networking + +- name: Complicated NIC (idempontent) + azure_rm_networkinterface: + resource_group: "{{ resource_group }}" + name: "tn{{ rpfx }}" + virtual_network: "{{ vn.state.id }}" + subnet: "tn{{ rpfx }}" + enable_accelerated_networking: True + security_group: "tn{{ rpfx }}sg" + enable_ip_forwarding: True + dns_servers: + - 8.9.10.11 + - 7.8.9.10 + ip_configurations: + - name: "{{ facts.networkinterfaces[0].ip_configurations[0].name }}" + private_ip_address: "{{ facts.networkinterfaces[0].ip_configurations[0].private_ip_address }}" + private_ip_allocation_method: "{{ facts.networkinterfaces[0].ip_configurations[0].private_ip_allocation_method }}" + primary: "{{ facts.networkinterfaces[0].ip_configurations[0].primary }}" + - name: ipconfig1 + public_ip_name: "tn{{ rpfx }}" + load_balancer_backend_address_pools: + - "{{ lb.state.backend_address_pools[0].id }}" + - name: backendaddrpool1 + load_balancer: "lb{{ rpfx }}" + - name: ipconfig2 + public_ip_name: "tn{{ rpfx }}v6" + private_ip_address_version: 'IPv6' + load_balancer_backend_address_pools: + - "{{ lb.state.backend_address_pools[2].id }}" + - name: backendaddrpool2 + load_balancer: "lb{{ rpfx }}" + register: output + +- assert: + that: + - not output.changed + +- name: Get fact of the new created NIC + azure_rm_networkinterface_info: + resource_group: "{{ resource_group }}" + name: "tn{{ rpfx }}" + register: facts + +- assert: + that: + - "facts.networkinterfaces | length == 1" + - facts.networkinterfaces[0].id == output.state.id + - "facts.networkinterfaces[0].ip_configurations | length == 3" + - 'facts.networkinterfaces[0].security_group.endswith("tn{{ rpfx }}sg")' + - facts.networkinterfaces[0].enable_accelerated_networking + - facts.networkinterfaces[0].enable_ip_forwarding + - facts.networkinterfaces[0].ip_configurations[0].primary == True + - facts.networkinterfaces[0].ip_configurations[1].primary == False + +- name: Remove one dns server and ip configuration + azure_rm_networkinterface: + resource_group: "{{ resource_group }}" + name: "tn{{ rpfx }}" + virtual_network: "{{ vn.state.id }}" + subnet: "tn{{ rpfx }}" + security_group: "tn{{ rpfx }}sg" + enable_accelerated_networking: True + enable_ip_forwarding: True + dns_servers: + - 8.9.10.11 + ip_configurations: + - name: ipconfig1 + public_ip_name: "tn{{ rpfx }}" + primary: True + load_balancer_backend_address_pools: + - "{{ lb.state.backend_address_pools[0].id }}" + - name: backendaddrpool1 + load_balancer: "lb{{ rpfx }}" + register: output + +- assert: + that: + - output.changed + - output.state.dns_settings.dns_servers == ['8.9.10.11'] + - output.state.enable_ip_forwarding + - output.state.network_security_group.name == "tn{{ rpfx }}sg" + - "output.state.ip_configurations | length == 1" + - output.state.ip_configurations[0].public_ip_address.name == "tn{{ rpfx }}" + - output.state.enable_accelerated_networking + +- name: Create application security group(check mode) + azure_rm_applicationsecuritygroup: + resource_group: "{{ resource_group }}" + name: "{{ applicationsecuritygroup_name1 }}" + tags: + testing: testing + check_mode: yes + register: output + +- name: Assert check mode creation + assert: + that: + - output.changed + +- name: Create Application security group + azure_rm_applicationsecuritygroup: + resource_group: "{{ resource_group }}" + name: "{{ applicationsecuritygroup_name1 }}" + tags: + testing: testing + register: output + +- name: Assert application security group creation + assert: + that: + - output.changed + - output.id != '' + +- name: Get Application security group + azure_rm_applicationsecuritygroup_info: + resource_group: "{{ resource_group }}" + name: "{{ applicationsecuritygroup_name1 }}" + register: facts + +- name: Assert facts + assert: + that: + - facts['applicationsecuritygroups'] | length == 1 + - facts['applicationsecuritygroups'][0]['name'] != None + - facts['applicationsecuritygroups'][0]['location'] != None + - facts['applicationsecuritygroups'][0]['provisioning_state'] != None + +- name: Create application security group (idempotent) + azure_rm_applicationsecuritygroup: + resource_group: "{{ resource_group }}" + name: "{{ applicationsecuritygroup_name1 }}" + tags: + testing: testing + register: output + +- name: Assert idempotent + assert: + that: + - not output.changed + +- name: Update application security group + azure_rm_applicationsecuritygroup: + resource_group: "{{ resource_group }}" + name: "{{ applicationsecuritygroup_name1 }}" + tags: + testing: testing + foo: bar + register: output + +- name: Assert update + assert: + that: + - output.changed + +- name: Create Application security group in secondary resource group + azure_rm_applicationsecuritygroup: + resource_group: "{{ resource_group_secondary }}" + name: "{{ applicationsecuritygroup_name2 }}" + register: asg + +- name: Create Nic with application security groups + azure_rm_networkinterface: + resource_group: "{{ resource_group }}" + name: "{{ nic_name1 }}" + virtual_network: "{{ vn.state.id }}" + subnet: "tn{{ rpfx }}" + create_with_security_group: True + public_ip: False + ip_configurations: + - name: ipconfig1 + application_security_groups: + - "{{ applicationsecuritygroup_name1 }}" + - "{{ asg.id }}" + primary: True + register: output + +- name: assert creation succeeded + assert: + that: + - output.changed + +- name: Create Nic with application security groups (idempotent) + azure_rm_networkinterface: + resource_group: "{{ resource_group }}" + name: "{{ nic_name1 }}" + virtual_network: "{{ vn.state.id }}" + subnet: "tn{{ rpfx }}" + create_with_security_group: True + public_ip: False + ip_configurations: + - name: ipconfig1 + application_security_groups: + - "{{ asg.id }}" + - "{{ applicationsecuritygroup_name1 }}" + primary: True + register: output + +- name: assert idempotent + assert: + that: + - not output.changed + +- name: Update Nic with application security groups + azure_rm_networkinterface: + resource_group: "{{ resource_group }}" + name: "{{ nic_name1 }}" + virtual_network: "{{ vn.state.id }}" + subnet: "tn{{ rpfx }}" + create_with_security_group: True + public_ip: False + ip_configurations: + - name: ipconfig1 + application_security_groups: + - "{{ applicationsecuritygroup_name1 }}" + primary: True + register: output + +- name: assert update succeeded + assert: + that: + - output.changed + +- name: Get fact of the new created NIC + azure_rm_networkinterface_info: + resource_group: "{{ resource_group }}" + name: "{{ nic_name1 }}" + register: facts + +- assert: + that: + - "facts.networkinterfaces[0].ip_configurations[0].application_security_groups | length == 1" + +- name: Create subnet for appgw + azure_rm_subnet: + name: appgw-subnet{{ rpfx }} + virtual_network_name: tn{{ rpfx }} + resource_group: "{{ resource_group_secondary }}" + address_prefix_cidr: 10.10.1.0/24 + register: appgw_subnet_output + +- name: Create application gateway to connect NIC to + azure_rm_appgateway: + resource_group: "{{ resource_group_secondary }}" + name: "appgateway{{ rpfx }}" + sku: + name: standard_small + tier: standard + capacity: 2 + gateway_ip_configurations: + - subnet: + id: "{{ appgw_subnet_output.state.id }}" + name: app_gateway_ip_config + frontend_ip_configurations: + - subnet: + id: "{{ appgw_subnet_output.state.id }}" + name: sample_gateway_frontend_ip_config + frontend_ports: + - port: 80 + name: http_frontend_port + backend_address_pools: + - name: test_backend_address_pool # empty pool which will receive attachment to NIC. + backend_http_settings_collection: + - port: 80 + protocol: http + cookie_based_affinity: enabled + name: sample_appgateway_http_settings + http_listeners: + - frontend_ip_configuration: sample_gateway_frontend_ip_config + frontend_port: http_frontend_port + protocol: http + name: http_listener + request_routing_rules: + - rule_type: Basic + backend_address_pool: test_backend_address_pool + backend_http_settings: sample_appgateway_http_settings + http_listener: http_listener + name: rule1 + register: appgw_output + +- name: Create subnet for appgw connected NIC + azure_rm_subnet: + name: nic-appgw-subnet{{ rpfx }} + virtual_network_name: tn{{ rpfx }} + resource_group: "{{ resource_group_secondary }}" + address_prefix_cidr: 10.10.2.0/24 + +- name: "Create NIC attached to application gateway" + azure_rm_networkinterface: + name: "appgw-nic{{ rpfx }}" + resource_group: "{{ resource_group_secondary }}" + virtual_network: "tn{{ rpfx }}" + subnet_name: "nic-appgw-subnet{{ rpfx }}" + create_with_security_group: false + public_ip: false + ip_configurations: + - name: "default" + primary: true + application_gateway_backend_address_pools: + - name: "test_backend_address_pool" + application_gateway: "appgateway{{ rpfx }}" + register: output +- assert: + that: + - output.changed + - output.state.ip_configurations | length == 1 + - output.state.ip_configurations[0].application_gateway_backend_address_pools | length == 1 + - output.state.ip_configurations[0].application_gateway_backend_address_pools[0] == appgw_output.id + '/backendAddressPools/test_backend_address_pool' + +- name: "Create NIC attached to application gateway - idempotent" + azure_rm_networkinterface: + name: "appgw-nic{{ rpfx }}" + resource_group: "{{ resource_group_secondary }}" + virtual_network: "tn{{ rpfx }}" + subnet_name: "nic-appgw-subnet{{ rpfx }}" + create_with_security_group: false + public_ip: false + ip_configurations: + - name: "default" + primary: true + application_gateway_backend_address_pools: + - name: "test_backend_address_pool" + application_gateway: "appgateway{{ rpfx }}" + register: output +- assert: + that: + - not output.changed + +- name: Get facts for appgw nic + azure_rm_networkinterface_info: + name: "appgw-nic{{ rpfx }}" + resource_group: "{{ resource_group_secondary }}" + register: facts +- assert: + that: + - facts.networkinterfaces | length == 1 + - facts.networkinterfaces[0].id == output.state.id + - facts.networkinterfaces[0].ip_configurations | length == 1 + - facts.networkinterfaces[0].ip_configurations[0].application_gateway_backend_address_pools | length == 1 + - facts.networkinterfaces[0].ip_configurations[0].application_gateway_backend_address_pools[0] == appgw_output.id + '/backendAddressPools/test_backend_address_pool' + +- name: "Delete NIC attached to application gateway" + azure_rm_networkinterface: + name: "appgw-nic{{ rpfx }}" + resource_group: "{{ resource_group_secondary }}" + state: absent + register: output +- assert: + that: + - output.changed + +- name: Delete application gateway + azure_rm_appgateway: + name: "appgateway{{ rpfx }}" + resource_group: "{{ resource_group_secondary }}" + state: absent + register: output +- assert: + that: + - output.changed + +- name: Delete the NIC (check mode) + azure_rm_networkinterface: + resource_group: "{{ resource_group }}" + name: "tn{{ rpfx }}" + state: absent + check_mode: yes + register: output + +- assert: + that: + - output.changed + +- name: Delete the NIC + azure_rm_networkinterface: + resource_group: "{{ resource_group }}" + name: "tn{{ rpfx }}" + state: absent + register: output + +- assert: + that: + - output.changed + +- name: Delete the NIC (idempotent) + azure_rm_networkinterface: + resource_group: "{{ resource_group }}" + name: "tn{{ rpfx }}" + state: absent + register: output + +- assert: + that: + - not output.changed + +- name: delete load balancer + azure_rm_loadbalancer: + resource_group: '{{ resource_group }}' + name: "lb{{ rpfx }}" + state: absent + +- name: delete public ip addresses + azure_rm_publicipaddress: + name: "{{ item }}" + resource_group: '{{ resource_group }}' + state: absent + register: output + loop: + - 'pip{{ rpfx }}' + - 'pip{{ rpfx }}v6' + - 'tn{{ rpfx }}' + - 'tn{{ rpfx }}v6' + +- assert: + that: + - output.changed + - output.results | length == 4 + +- name: Delete the NIC + azure_rm_networkinterface: + resource_group: "{{ resource_group }}" + name: "{{ nic_name1 }}" + state: absent + +- name: Delete the application security group (check mode) + azure_rm_applicationsecuritygroup: + resource_group: "{{ resource_group }}" + name: "{{ applicationsecuritygroup_name1 }}" + state: absent + check_mode: yes + register: output + +- name: Assert delete check mode + assert: + that: + - output.changed + +- name: Delete the application security group + azure_rm_applicationsecuritygroup: + resource_group: "{{ resource_group }}" + name: "{{ applicationsecuritygroup_name1 }}" + state: absent + register: output + +- name: Assert the deletion + assert: + that: + - output.changed + +- name: Delete second application security group + azure_rm_applicationsecuritygroup: + resource_group: "{{ resource_group_secondary }}" + name: "{{ applicationsecuritygroup_name2 }}" + state: absent + register: output + +- name: Delete network security groups + azure_rm_securitygroup: + resource_group: '{{ resource_group }}' + name: '{{ item }}' + state: 'absent' + register: output + loop: + - '{{ nic_name1 }}' + - 'tn{{ rpfx }}sg' + +- assert: + that: + - output.changed + - output.results | length == 2 + +- name: Delete virtual network + azure_rm_virtualnetwork: + resource_group: '{{ resource_group_secondary }}' + name: 'tn{{ rpfx }}' + state: 'absent' + register: output + +- assert: + that: + - output.changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_notificationhub/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_notificationhub/aliases new file mode 100644 index 000000000..5cf25760d --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_notificationhub/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group10 +destructive
\ No newline at end of file diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_notificationhub/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_notificationhub/meta/main.yml new file mode 100644 index 000000000..50fd77acf --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_notificationhub/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_notificationhub/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_notificationhub/tasks/main.yml new file mode 100644 index 000000000..ed79aff83 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_notificationhub/tasks/main.yml @@ -0,0 +1,153 @@ +- name: Create random notification hub and namespace + set_fact: + namespace_name: "test{{ resource_group | hash('md5') | truncate(16, True, '') + (65535 | random | string) }}" + name: "test{{ resource_group | hash('md5') | truncate(16, True, '') + (65535 | random | string) }}" + +- name: Create Notification Hub Namespace (check mode) + azure_rm_notificationhub: + location: eastus2 + namespace_name: "{{ namespace_name }}" + resource_group: "{{ resource_group }}" + sku: "free" + check_mode: yes + register: results + +- assert: + that: results.changed + +- name: Create Notification Hub (check mode) + azure_rm_notificationhub: + location: eastus2 + namespace_name: "{{ namespace_name }}" + name: "{{ name }}" + resource_group: "{{ resource_group }}" + sku: "free" + check_mode: yes + register: results + +- assert: + that: results.changed + +- name: Create Namespace Hub + azure_rm_notificationhub: + location: eastus2 + namespace_name: "{{ namespace_name }}" + resource_group: "{{ resource_group }}" + sku: "free" + register: results + +- assert: + that: results.changed + +- name: Create Notification Hub + azure_rm_notificationhub: + location: eastus2 + namespace_name: "{{ namespace_name }}" + name: "{{ name }}" + resource_group: "{{ resource_group }}" + sku: "free" + register: results + +- assert: + that: results.changed + +- name: Update Namespace + azure_rm_notificationhub: + location: eastus2 + namespace_name: "{{ namespace_name }}" + resource_group: "{{ resource_group }}" + tags: + test: modified + register: results + +- assert: + that: + - results.changed + - results.state.tags.test == 'modified' + + +- name: Update Notification Hub + azure_rm_notificationhub: + location: eastus2 + namespace_name: "{{ namespace_name }}" + name: "{{ name }}" + resource_group: "{{ resource_group }}" + tags: + test: modified + register: results + +- assert: + that: + - results.changed + - results.state.tags.test == 'modified' + +- name: Retrieve Namespace + azure_rm_notificationhub_info: + namespace_name: "{{ namespace_name }}" + resource_group: "{{ resource_group }}" + register: results + +- name: Assert that facts module returned result + assert: + that: + - results.namespace[0].tags.test == 'modified' + +- name: Test idempotent + azure_rm_notificationhub: + namespace_name: "{{ namespace_name }}" + resource_group: "{{ resource_group }}" + register: results + +- assert: + that: + - not results.changed + +# +# azure_rm_ddos_notification hub and namspace cleanup +# + +- name: Delete Namespace + azure_rm_notificationhub: + location: eastus2 + namespace_name: "{{ namespace_name }}" + resource_group: "{{ resource_group }}" + state: absent + +- name: Pause for 3 minutes to make sure delete successfully + pause: + minutes: 3 + +- name: Delete Namespace (idempotent) + azure_rm_notificationhub: + location: eastus2 + namespace_name: "{{ namespace_name }}" + resource_group: "{{ resource_group }}" + state: absent + register: results + +- assert: + that: not results.changed + +- name: Delete Notification Hub + azure_rm_notificationhub: + location: eastus2 + namespace_name: "{{ namespace_name }}" + name: "{{ name }}" + resource_group: "{{ resource_group }}" + state: absent + +- name: Pause for 3 minutes to make sure delete successfully + pause: + minutes: 3 + +- name: Delete Notification Hub (idempotent) + azure_rm_notificationhub: + location: eastus2 + namespace_name: "{{ namespace_name }}" + name: "{{ name }}" + resource_group: "{{ resource_group }}" + state: absent + register: results + +- assert: + that: not results.changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_openshiftmanagedcluster/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_openshiftmanagedcluster/aliases new file mode 100644 index 000000000..9eb408856 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_openshiftmanagedcluster/aliases @@ -0,0 +1,4 @@ +cloud/azure +shippable/azure/group5 +destructive +disabled diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_openshiftmanagedcluster/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_openshiftmanagedcluster/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_openshiftmanagedcluster/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_openshiftmanagedcluster/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_openshiftmanagedcluster/tasks/main.yml new file mode 100644 index 000000000..a173bf929 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_openshiftmanagedcluster/tasks/main.yml @@ -0,0 +1,118 @@ +- set_fact: + cluster_name: "{{ resource_group | hash('md5') | truncate(8, True, '') }}" + +- name: get resource group info + azure_rm_resourcegroup_info: + name: "{{ resource_group_secondary }}" + register: rg_output + +- name: Get available clusters for a specific resource_group + azure_rm_openshiftmanagedcluster_info: + resource_group: "{{ resource_group_secondary }}" + register: output + +- assert: + that: output['clusters'] | length == 0 + +- name: Get specific cluster information for a specific cluster + azure_rm_openshiftmanagedcluster_info: + resource_group: "{{ resource_group_secondary }}" + name: "{{ cluster_name }}" + register: output + +- assert: + that: output['clusters'].keys() | length == 0 + +- name: Get all clusters + azure_rm_openshiftmanagedcluster_info: + register: output + +- assert: + that: output['clusters']['value'] | length == 0 + +- name: Create virtual network + azure_rm_virtualnetwork: + resource_group: "{{ resource_group_secondary }}" + name: testVnet + address_prefixes_cidr: + - 10.151.0.0/16 + - 10.152.0.0/16 + +- name: create master subnet + azure_rm_subnet: + name: master_foobar + virtual_network_name: testVnet + resource_group: "{{ resource_group_secondary }}" + address_prefix_cidr: 10.151.0.0/24 + register: master_sub_output + +- name: create work subnet + azure_rm_subnet: + name: worker_foobar + virtual_network_name: testVnet + resource_group: "{{ resource_group_secondary }}" + address_prefix_cidr: 10.152.0.0/24 + register: worker_sub_output + +- name: Create openshift cluster + azure_rm_openshiftmanagedcluster: + resource_group: "{{ resource_group }}" + name: "{{ cluster_name }}" + location: "eastus" + cluster_profile: + cluster_resource_group_id: "{{ rg_output.resourcegroups[0].id }}" + domain: "{{ cluster_name }}" + service_principal_profile: + client_id: "{{ azure_client_id }}" + client_secret: "{{ azure_secret }}" + network_profile: + pod_cidr: "10.128.0.0/14" + service_cidr: "172.30.0.0/16" + worker_profiles: + - vm_size: "Standard_D4s_v3" + subnet_id: "{{ worker_sub_output.state.id }}" + disk_size: 128 + count: 3 + master_profile: + vm_size: "Standard_D8s_v3" + subnet_id: "{{ master_sub_output.state.id }}" + register: output + +- assert: + that: output.changed + + +- name: Get available clusters for a specific resource_group + azure_rm_openshiftmanagedcluster_info: + resource_group: "{{ resource_group }}" + register: output + +- assert: + that: output['clusters'] | length == 1 + +- name: Get specific cluster information for a specific cluster + azure_rm_openshiftmanagedcluster_info: + resource_group: "{{ resource_group }}" + name: "{{ cluster_name }}" + register: output + +- assert: + that: output['clusters']['name'] == "{{ cluster_name }}" + +- name: Get all clusters + azure_rm_openshiftmanagedcluster_info: + register: output + +- assert: + that: output['clusters'] | length >= 1 + +- name: Delete openshift cluster + azure_rm_openshiftmanagedcluster: + resource_group: "{{ resource_group }}" + name: "{{ cluster_name }}" + location: "eastus" + state: absent + register: output + +- assert: + that: output.changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_postgresqlserver/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_postgresqlserver/aliases new file mode 100644 index 000000000..f982afc3c --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_postgresqlserver/aliases @@ -0,0 +1,11 @@ +cloud/azure +destructive +unsupported +shippable/azure/group11 +azure_rm_postgresqlserver_facts +azure_rm_postgresqldatabase +azure_rm_postgresqldatabase_facts +azure_rm_postgresqlfirewallrule +azure_rm_postgresqlfirewallrule_facts +azure_rm_postgresqlserverconfiguration +azure_rm_postgresqlserverconfiguration_facts diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_postgresqlserver/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_postgresqlserver/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_postgresqlserver/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_postgresqlserver/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_postgresqlserver/tasks/main.yml new file mode 100644 index 000000000..b4022b27b --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_postgresqlserver/tasks/main.yml @@ -0,0 +1,615 @@ +- name: Prepare random number + set_fact: + rpfx: "{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + run_once: yes + +- name: Create instance of PostgreSQL Server -- check mode + azure_rm_postgresqlserver: + resource_group: "{{ resource_group }}" + name: postgresqlsrv{{ rpfx }} + sku: + name: B_Gen5_1 + tier: Basic + location: westus2 + storage_mb: 51200 + enforce_ssl: True + admin_username: zimxyz + admin_password: Password123! + check_mode: yes + register: output +- name: Assert the resource instance is well created + assert: + that: + - output.changed + +- name: Create instance of PostgreSQL Server + azure_rm_postgresqlserver: + resource_group: "{{ resource_group }}" + name: postgresqlsrv{{ rpfx }} + sku: + name: B_Gen5_1 + tier: Basic + location: westus2 + storage_mb: 51200 + enforce_ssl: True + admin_username: zimxyz + admin_password: Password123! + register: output +- name: Assert the resource instance is well created + assert: + that: + - output.changed + - output.state == 'Ready' + +- name: Create again instance of PostgreSQL Server + azure_rm_postgresqlserver: + resource_group: "{{ resource_group }}" + name: postgresqlsrv{{ rpfx }} + sku: + name: B_Gen5_1 + tier: Basic + location: westus2 + storage_mb: 51200 + enforce_ssl: True + admin_username: zimxyz + admin_password: Password123! + register: output +- name: Assert the state has not changed + assert: + that: + - output.changed == false + - output.state == 'Ready' + +- name: Update instance of PostgreSQL Server, change storage size + azure_rm_postgresqlserver: + resource_group: "{{ resource_group }}" + name: postgresqlsrv{{ rpfx }} + sku: + name: B_Gen5_1 + tier: Basic + location: westus2 + storage_mb: 128000 + enforce_ssl: True + admin_username: zimxyz + admin_password: Password123! + register: output +- name: Assert the state has not changed + assert: + that: + - output.changed + - output.state == 'Ready' +- debug: + var: output + +- name: Gather facts postgresql Server + azure_rm_postgresqlserver_info: + resource_group: "{{ resource_group }}" + name: postgresqlsrv{{ rpfx }} + register: output +- name: Assert that storage size is correct + assert: + that: + - output.servers[0]['storage_mb'] == 128000 + +- name: Create second instance of PostgreSQL Server + azure_rm_postgresqlserver: + resource_group: "{{ resource_group }}" + name: postgresqlsrv{{ rpfx }}second + sku: + name: B_Gen5_1 + tier: Basic + location: westus2 + storage_mb: 51200 + enforce_ssl: True + storage_autogrow: True + backup_retention_days: 7 + admin_username: zimxyz + admin_password: Password123! + tags: + aaa: bbb + +- name: Create second instance of PostgreSQL Server -- add tags + azure_rm_postgresqlserver: + resource_group: "{{ resource_group }}" + name: postgresqlsrv{{ rpfx }}second + sku: + name: B_Gen5_1 + tier: Basic + location: westus2 + storage_mb: 51200 + enforce_ssl: True + storage_autogrow: True + backup_retention_days: 7 + admin_username: zimxyz + admin_password: Password123! + tags: + ccc: ddd + +- name: Gather facts PostgreSQL Server + azure_rm_postgresqlserver_info: + resource_group: "{{ resource_group }}" + name: postgresqlsrv{{ rpfx }}second + register: output + +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.servers[0]['id'] != None + - output.servers[0]['name'] != None + - output.servers[0]['location'] != None + - output.servers[0]['sku']['name'] != None + - output.servers[0]['sku']['tier'] != None + - output.servers[0]['sku']['capacity'] != None + - output.servers[0]['version'] != None + - output.servers[0]['user_visible_state'] != None + - output.servers[0]['fully_qualified_domain_name'] != None + - output.servers[0]['tags']['aaa'] == 'bbb' + - output.servers[0]['tags']['ccc'] == 'ddd' + - output.servers[0]['backup_retention_days'] == 7 + +- name: Gather facts PostgreSQL Server + azure_rm_postgresqlserver_info: + resource_group: "{{ resource_group }}" + register: output +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.servers[0]['id'] != None + - output.servers[0]['name'] != None + - output.servers[0]['location'] != None + - output.servers[0]['sku']['name'] != None + - output.servers[0]['sku']['tier'] != None + - output.servers[0]['sku']['capacity'] != None + - output.servers[0]['version'] != None + - output.servers[0]['user_visible_state'] != None + - output.servers[0]['fully_qualified_domain_name'] != None + - output.servers[1]['id'] != None + - output.servers[1]['name'] != None + - output.servers[1]['location'] != None + - output.servers[1]['sku']['name'] != None + - output.servers[1]['sku']['tier'] != None + - output.servers[1]['sku']['capacity'] != None + - output.servers[1]['version'] != None + - output.servers[1]['user_visible_state'] != None + - output.servers[1]['fully_qualified_domain_name'] != None + +# +# azure_rm_postgresqldatabase tests below +# +- name: Create instance of PostgreSQL Database -- check mode + azure_rm_postgresqldatabase: + resource_group: "{{ resource_group }}" + server_name: postgresqlsrv{{ rpfx }} + name: testdatabase + charset: UTF8 + collation: English_United States.1252 + check_mode: yes + register: output +- name: Assert the resource instance is well created + assert: + that: + - output.changed + +- name: Create instance of PostgreSQL Database + azure_rm_postgresqldatabase: + resource_group: "{{ resource_group }}" + server_name: postgresqlsrv{{ rpfx }} + name: testdatabase + charset: UTF8 + collation: English_United States.1252 + register: output +- name: Assert the resource instance is well created + assert: + that: + - output.changed + - output.name == 'testdatabase' + +- name: Create again instance of PostgreSQL Database + azure_rm_postgresqldatabase: + resource_group: "{{ resource_group }}" + server_name: postgresqlsrv{{ rpfx }} + name: testdatabase + charset: UTF8 + collation: English_United States.1252 + register: output +- name: Assert the state has not changed + assert: + that: + - output.changed == false + - output.name == 'testdatabase' + +- name: Try to update PostgreSQL Database without force_update + azure_rm_postgresqldatabase: + resource_group: "{{ resource_group }}" + server_name: postgresqlsrv{{ rpfx }} + name: testdatabase + charset: utf8 + collation: en_US.utf8 + ignore_errors: yes + register: output +- name: Assert that nothing has changed + assert: + that: + - output.changed == False + +- name: Try to update PostgreSQL Database with force_update + azure_rm_postgresqldatabase: + resource_group: "{{ resource_group }}" + server_name: postgresqlsrv{{ rpfx }} + name: testdatabase + charset: utf8 + collation: en_US.utf8 + force_update: yes + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + - output.name == 'testdatabase' + +- name: Create second instance of PostgreSQL Database + azure_rm_postgresqldatabase: + resource_group: "{{ resource_group }}" + server_name: postgresqlsrv{{ rpfx }} + name: testdatabase2 + +- name: Gather facts PostgreSQL Database + azure_rm_postgresqldatabase_info: + resource_group: "{{ resource_group }}" + server_name: postgresqlsrv{{ rpfx }} + name: testdatabase + register: output + +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.databases[0]['server_name'] != None + - output.databases[0]['name'] != None + - output.databases[0]['charset'] != None + - output.databases[0]['collation'] != None + +- name: Gather facts PostgreSQL Database + azure_rm_postgresqldatabase_info: + resource_group: "{{ resource_group }}" + server_name: postgresqlsrv{{ rpfx }} + register: output +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.databases[0]['server_name'] != None + - output.databases[0]['name'] != None + - output.databases[0]['charset'] != None + - output.databases[0]['collation'] != None + - output.databases[1]['server_name'] != None + - output.databases[1]['name'] != None + - output.databases[1]['charset'] != None + - output.databases[1]['collation'] != None + +- name: Delete instance of PostgreSQL Database -- check mode + azure_rm_postgresqldatabase: + resource_group: "{{ resource_group }}" + server_name: postgresqlsrv{{ rpfx }} + name: testdatabase + state: absent + check_mode: yes + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Delete instance of PostgreSQL Database + azure_rm_postgresqldatabase: + resource_group: "{{ resource_group }}" + server_name: postgresqlsrv{{ rpfx }} + name: testdatabase + state: absent + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Delete unexisting instance of PostgreSQL Database + azure_rm_postgresqldatabase: + resource_group: "{{ resource_group }}" + server_name: postgresqlsrv{{ rpfx }} + name: testdatabase + state: absent + register: output +- name: Assert the state has changed + assert: + that: + - output.changed == false + +# +# azure_rm_postgresqlfirewallrule +# + +- name: Create instance of Firewall Rule -- check mode + azure_rm_postgresqlfirewallrule: + resource_group: "{{ resource_group }}" + server_name: postgresqlsrv{{ rpfx }} + name: firewallrule{{ rpfx }} + start_ip_address: 172.28.10.136 + end_ip_address: 172.28.10.138 + check_mode: yes + register: output +- name: Assert the resource instance is well created + assert: + that: + - output.changed + +- name: Create instance of Firewall Rule + azure_rm_postgresqlfirewallrule: + resource_group: "{{ resource_group }}" + server_name: postgresqlsrv{{ rpfx }} + name: firewallrule{{ rpfx }} + start_ip_address: 172.28.10.136 + end_ip_address: 172.28.10.138 + register: output +- name: Assert the resource instance is well created + assert: + that: + - output.changed + +- name: Create again instance of Firewall Rule + azure_rm_postgresqlfirewallrule: + resource_group: "{{ resource_group }}" + server_name: postgresqlsrv{{ rpfx }} + name: firewallrule{{ rpfx }} + start_ip_address: 172.28.10.136 + end_ip_address: 172.28.10.138 + register: output +- name: Assert the state has not changed + assert: + that: + - output.changed == false + +- name: Create Firewall Rule - second + azure_rm_postgresqlfirewallrule: + resource_group: "{{ resource_group }}" + server_name: postgresqlsrv{{ rpfx }} + name: firewallrule{{ rpfx }}second + start_ip_address: 172.28.10.136 + end_ip_address: 172.28.10.138 + +- name: Gather facts PostgreSQL Firewall Rule + azure_rm_postgresqlfirewallrule_info: + resource_group: "{{ resource_group }}" + server_name: postgresqlsrv{{ rpfx }} + name: firewallrule{{ rpfx }} + register: output +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.rules[0].id != None + - output.rules[0].server_name != None + - output.rules[0].name != None + - output.rules[0].start_ip_address != None + - output.rules[0].end_ip_address != None + - "output.rules | length == 1" + +- name: Gather facts PostgreSQL Firewall Rule + azure_rm_postgresqlfirewallrule_info: + resource_group: "{{ resource_group }}" + server_name: postgresqlsrv{{ rpfx }} + register: output +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.rules[0].id != None + - output.rules[0].server_name != None + - output.rules[0].name != None + - output.rules[0].start_ip_address != None + - output.rules[0].end_ip_address != None + - output.rules[1].id != None + - output.rules[1].name != None + - output.rules[1].start_ip_address != None + - output.rules[1].end_ip_address != None + - "output.rules | length == 2" + +- name: Delete instance of Firewall Rule -- check mode + azure_rm_postgresqlfirewallrule: + resource_group: "{{ resource_group }}" + server_name: postgresqlsrv{{ rpfx }} + name: firewallrule{{ rpfx }} + state: absent + check_mode: yes + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Delete instance of Firewall Rule + azure_rm_postgresqlfirewallrule: + resource_group: "{{ resource_group }}" + server_name: postgresqlsrv{{ rpfx }} + name: firewallrule{{ rpfx }} + state: absent + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Delete unexisting instance of Firewall Rule + azure_rm_postgresqlfirewallrule: + resource_group: "{{ resource_group }}" + server_name: postgresqlsrv{{ rpfx }} + name: firewallrule{{ rpfx }} + state: absent + register: output +- name: Assert the state has changed + assert: + that: + - output.changed == false + +- name: Delete instance of Firewall Rule - second + azure_rm_postgresqlfirewallrule: + resource_group: "{{ resource_group }}" + server_name: postgresqlsrv{{ rpfx }} + name: firewallrule{{ rpfx }}second + state: absent + +- name: Gather facts PostgreSQL Firewall Rule + azure_rm_postgresqlfirewallrule_info: + resource_group: "{{ resource_group }}" + server_name: postgresqlsrv{{ rpfx }} + name: firewallrule{{ rpfx }} + register: output +- name: Assert that empty list was returned + assert: + that: + - output.changed == False + - "output.rules | length == 0" + +# +# azure_rm_postgresql_configuration +# +- name: Create instance of Configuration -- check mode + azure_rm_postgresqlconfiguration: + resource_group: "{{ resource_group }}" + server_name: postgresqlsrv{{ rpfx }} + name: deadlock_timeout + value: 2000 + check_mode: yes + register: output +- name: Assert that change was registered + assert: + that: + - output.changed + +- name: Try to change default configuration + azure_rm_postgresqlconfiguration: + resource_group: "{{ resource_group }}" + server_name: postgresqlsrv{{ rpfx }} + name: deadlock_timeout + value: 2000 + register: output +- name: Assert that change was registered + assert: + that: + - output.changed + +- name: Try to change default configuration -- idempotent + azure_rm_postgresqlconfiguration: + resource_group: "{{ resource_group }}" + server_name: postgresqlsrv{{ rpfx }} + name: deadlock_timeout + value: 2000 + register: output +- name: Assert that change was not registered + assert: + that: + - not output.changed + +- name: Try to reset configuration + azure_rm_postgresqlconfiguration: + resource_group: "{{ resource_group }}" + server_name: postgresqlsrv{{ rpfx }} + name: deadlock_timeout + state: absent + register: output +- name: Assert that change was registered + assert: + that: + - output.changed + +- name: Try to reset configuration -- idempotent + azure_rm_postgresqlconfiguration: + resource_group: "{{ resource_group }}" + server_name: postgresqlsrv{{ rpfx }} + name: deadlock_timeout + state: absent + register: output +- name: Assert that change was registered + assert: + that: + - not output.changed + +- name: Gather facts PostgreSQL Configuration + azure_rm_postgresqlconfiguration_info: + resource_group: "{{ resource_group }}" + server_name: postgresqlsrv{{ rpfx }} + name: deadlock_timeout + register: output +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.settings[0].id != None + - output.settings[0].name != None + - output.settings[0].value != None + - output.settings[0].description != None + - output.settings[0].source != None + - output.settings | length == 1 + +- name: Gather facts PostgreSQL Configuration + azure_rm_postgresqlconfiguration_info: + resource_group: "{{ resource_group }}" + server_name: postgresqlsrv{{ rpfx }} + register: output +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.settings[0].id != None + - output.settings[0].name != None + - output.settings[0].value != None + - output.settings[0].description != None + - output.settings[0].source != None + - output.settings | length > 1 + +# +# azure_rm_postgresqlserver continuation / clean up +# + +- name: Delete instance of PostgreSQL Server -- check mode + azure_rm_postgresqlserver: + resource_group: "{{ resource_group }}" + name: postgresqlsrv{{ rpfx }} + state: absent + check_mode: yes + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Delete instance of PostgreSQL Server + azure_rm_postgresqlserver: + resource_group: "{{ resource_group }}" + name: postgresqlsrv{{ rpfx }} + state: absent + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Delete unexisting instance of PostgreSQL Server + azure_rm_postgresqlserver: + resource_group: "{{ resource_group }}" + name: postgresqlsrv{{ rpfx }} + state: absent + register: output +- name: Assert the state has changed + assert: + that: + - output.changed == false + +- name: Delete second instance of PostgreSQL Server + azure_rm_postgresqlserver: + resource_group: "{{ resource_group }}" + name: postgresqlsrv{{ rpfx }}second + state: absent + async: 400 + poll: 0 diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatednsrecordset/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatednsrecordset/aliases new file mode 100644 index 000000000..8f7a9a2e5 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatednsrecordset/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group1 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatednsrecordset/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatednsrecordset/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatednsrecordset/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatednsrecordset/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatednsrecordset/tasks/main.yml new file mode 100644 index 000000000..645851a04 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatednsrecordset/tasks/main.yml @@ -0,0 +1,259 @@ +- name: Create random domain name + set_fact: + domain_name: "{{ resource_group | hash('md5') | truncate(16, True, '') + (65535 | random | string) }}" + +- name: Create a Private DNS zone + azure_rm_privatednszone: + resource_group: "{{ resource_group }}" + name: "{{ domain_name }}.com" + state: present + register: results + +- name: Assert that Private DNS zone was created + assert: + that: results.changed + +- name: create "A" record set with multiple records + azure_rm_privatednsrecordset: + resource_group: "{{ resource_group }}" + relative_name: www + zone_name: "{{ domain_name }}.com" + record_type: A + records: + - entry: 192.168.100.101 + - entry: 192.168.100.102 + - entry: 192.168.100.103 + register: results + +- name: Assert that A record set was created + assert: + that: results.changed + +- name: re-run "A" record with same values + azure_rm_privatednsrecordset: + resource_group: "{{ resource_group }}" + relative_name: www + zone_name: "{{ domain_name }}.com" + record_type: A + records: + - entry: 192.168.100.101 + - entry: 192.168.100.102 + - entry: 192.168.100.103 + register: results + +- name: Assert that A record set was not changed + assert: + that: not results.changed + +- name: Update "A" record set with additional record + azure_rm_privatednsrecordset: + resource_group: "{{ resource_group }}" + relative_name: www + zone_name: "{{ domain_name }}.com" + record_type: A + record_mode: append + records: + - entry: 192.168.100.104 + register: results + +- name: Assert that new record was appended + assert: + that: + - results.changed + +- name: re-update "A" record set with additional record + azure_rm_privatednsrecordset: + resource_group: "{{ resource_group }}" + relative_name: www + zone_name: "{{ domain_name }}.com" + record_type: A + record_mode: append + records: + - entry: 192.168.100.104 + register: results + +- name: Assert that A record set was not changed + assert: + that: + - not results.changed + +- name: Remove 1 record from record set + azure_rm_privatednsrecordset: + resource_group: "{{ resource_group }}" + relative_name: www + zone_name: "{{ domain_name }}.com" + record_type: A + records: + - entry: 192.168.100.101 + - entry: 192.168.100.102 + - entry: 192.168.100.103 + register: results + +- name: Assert that record was deleted + assert: + that: + - results.changed + +- name: Check_mode test + azure_rm_privatednsrecordset: + resource_group: "{{ resource_group }}" + relative_name: www + zone_name: "{{ domain_name }}.com" + record_type: A + records: + - entry: 192.168.100.105 + check_mode: yes + register: results + +- name: Assert that check_mode returns new state + assert: + that: + - results.changed + +- name: Get information for A DNS recordset from Private DNS zone + azure_rm_privatednsrecordset_info: + resource_group: "{{ resource_group }}" + zone_name: "{{ domain_name }}.com" + relative_name: www + record_type: A + register: results + +- assert: + that: + - not results.changed + - results.dnsrecordsets[0].id != None + - results.dnsrecordsets[0].fqdn != None + - results.dnsrecordsets[0].record_type == 'A' + - results.dnsrecordsets[0].time_to_live != None + - results.dnsrecordsets[0].relative_name == 'www' + - results.dnsrecordsets[0].records | length > 0 + +- name: delete a record set + azure_rm_privatednsrecordset: + resource_group: "{{ resource_group }}" + relative_name: www + zone_name: "{{ domain_name }}.com" + record_type: A + state: absent + register: results + +- name: Assert that record set deleted + assert: + that: results.changed + +- name: (idempotence test) re-run record set absent + azure_rm_privatednsrecordset: + resource_group: "{{ resource_group }}" + relative_name: www + zone_name: "{{ domain_name }}.com" + record_type: A + state: absent + register: results + +- name: + assert: + that: not results.changed + +- name: create SRV records in a new record set + azure_rm_privatednsrecordset: + resource_group: "{{ resource_group }}" + relative_name: "_sip._tcp.{{ domain_name }}.com" + zone_name: "{{ domain_name }}.com" + time_to_live: 7200 + record_type: SRV + state: present + records: + - entry: sip.{{ domain_name }}.com + priority: 20 + weight: 10 + port: 5060 + register: results + +- name: Assert that SRV record set was created + assert: + that: + - results.changed + +- name: Get information for SRV DNS recordset from Private DNS zone + azure_rm_privatednsrecordset_info: + resource_group: "{{ resource_group }}" + zone_name: "{{ domain_name }}.com" + relative_name: "_sip._tcp.{{ domain_name }}.com" + record_type: SRV + register: results + +- assert: + that: + - not results.changed + - results.dnsrecordsets[0].id != None + - results.dnsrecordsets[0].fqdn != None + - results.dnsrecordsets[0].record_type == 'SRV' + - results.dnsrecordsets[0].time_to_live == 7200 + - results.dnsrecordsets[0].relative_name == "_sip._tcp.{{ domain_name }}.com" + - results.dnsrecordsets[0].records | length > 0 + +- name: create TXT records in a new record set + azure_rm_privatednsrecordset: + resource_group: "{{ resource_group }}" + relative_name: "_txt.{{ domain_name }}.com" + zone_name: "{{ domain_name }}.com" + record_type: TXT + state: present + records: + - entry: "v=spf1 a -all" + - entry: "foo" + - entry: + - "bar" + - "baz" + register: results + +- name: Assert that TXT record set was created + assert: + that: + - results.changed + +- name: Get information for TXT DNS recordset from Private DNS zone + azure_rm_privatednsrecordset_info: + resource_group: "{{ resource_group }}" + zone_name: "{{ domain_name }}.com" + relative_name: "_txt.{{ domain_name }}.com" + record_type: TXT + register: results + +- assert: + that: + - not results.changed + - results.dnsrecordsets[0].id != None + - results.dnsrecordsets[0].fqdn != None + - results.dnsrecordsets[0].record_type == 'TXT' + - results.dnsrecordsets[0].time_to_live == 3600 + - results.dnsrecordsets[0].relative_name == "_txt.{{ domain_name }}.com" + - results.dnsrecordsets[0].records | length > 0 + +- name: Update SOA record + azure_rm_privatednsrecordset: + resource_group: "{{ resource_group }}" + relative_name: "@" + zone_name: "{{ domain_name }}.com" + record_type: SOA + state: present + records: + - host: azureprivatedns.net + email: azureprivatedns-host99.example.com + serial_number: 1 + refresh_time: 3699 + retry_time: 399 + expire_time: 2419299 + minimum_ttl: 399 + register: results + +- name: Assert that SOA record set was created + assert: + that: + - results.changed + +- name: Delete DNS zone + azure_rm_privatednszone: + resource_group: "{{ resource_group }}" + name: "{{ domain_name }}.com" + state: absent diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatednszone/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatednszone/aliases new file mode 100644 index 000000000..90d5921a5 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatednszone/aliases @@ -0,0 +1,4 @@ +cloud/azure +shippable/azure/group2 +destructive +azure_rm_privatednszone_info diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatednszone/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatednszone/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatednszone/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatednszone/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatednszone/tasks/main.yml new file mode 100644 index 000000000..eba80899d --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatednszone/tasks/main.yml @@ -0,0 +1,77 @@ +- name: Create random domain name + set_fact: + domain_name: "{{ resource_group | hash('md5') | truncate(16, True, '') + (65535 | random | string) }}" + +- name: Create a private DNS zone (check mode) + azure_rm_privatednszone: + resource_group: "{{ resource_group }}" + name: "{{ domain_name }}.com" + register: results + check_mode: true + +- assert: + that: results.changed + +- name: Create a private DNS zone + azure_rm_privatednszone: + resource_group: "{{ resource_group }}" + name: "{{ domain_name }}.com" + register: results + +- assert: + that: results.changed + +- name: Update private DNS zone with tags + azure_rm_privatednszone: + resource_group: "{{ resource_group }}" + name: "{{ domain_name }}.com" + tags: + test: modified + register: results + +- assert: + that: + - results.changed + - results.state.tags.test == 'modified' + +- name: Test idempotent + azure_rm_privatednszone: + name: "{{ domain_name }}.com" + resource_group: "{{ resource_group }}" + register: results + +- assert: + that: + - not results.changed + +- name: Retrieve DNS Zone Facts + azure_rm_privatednszone_info: + resource_group: "{{ resource_group }}" + name: "{{ domain_name }}.com" + register: zones + +- name: Assert that facts module returned result + assert: + that: + - zones.privatednszones[0].tags.test == 'modified' + - zones.privatednszones[0].number_of_record_sets == 1 + +# +# azure_rm_privatednszone cleanup +# + +- name: Delete private DNS zone + azure_rm_privatednszone: + resource_group: "{{ resource_group }}" + name: "{{ domain_name }}.com" + state: absent + +- name: Delete private DNS zone (idempotent) + azure_rm_privatednszone: + resource_group: "{{ resource_group }}" + name: "{{ domain_name }}.com" + state: absent + register: results + +- assert: + that: not results.changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatednszonelink/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatednszonelink/aliases new file mode 100644 index 000000000..5d29c6c4d --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatednszonelink/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group10 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatednszonelink/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatednszonelink/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatednszonelink/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatednszonelink/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatednszonelink/tasks/main.yml new file mode 100644 index 000000000..6125abaa3 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatednszonelink/tasks/main.yml @@ -0,0 +1,126 @@ +- name: Create virtual network link name + set_fact: + link_name: "link{{ resource_group | hash('md5') | truncate(22, True, '') }}" + +- name: Create random number + set_fact: + rpfx: "{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + run_once: yes + +- name: Create random domain name + set_fact: + domain_name: "{{ resource_group | hash('md5') | truncate(16, True, '') + (65535 | random | string) }}" + +- name: Create a Private DNS zone + azure_rm_privatednszone: + resource_group: "{{ resource_group }}" + name: "{{ domain_name }}.com" + state: present + +- name: Create a virtual network + azure_rm_virtualnetwork: + name: "vnet{{ rpfx }}" + resource_group: "{{ resource_group }}" + address_prefixes_cidr: + - 10.1.0.0/16 + - 172.100.0.0/16 + dns_servers: + - 127.0.0.1 + - 127.0.0.2 + +- name: Create a subnet + azure_rm_subnet: + name: "subnet{{ rpfx }}" + virtual_network_name: "vnet{{ rpfx }}" + resource_group: "{{ resource_group }}" + address_prefix_cidr: 10.1.0.0/24 + +- name: Create a virtual network link + azure_rm_privatednszonelink: + resource_group: "{{ resource_group }}" + name: "{{ link_name }}" + zone_name: "{{ domain_name }}.com" + virtual_network: "vnet{{ rpfx }}" + state: present + register: results + +- name: Assert that virtual network link is created + assert: + that: results.changed + +- name: Create a virtual network link (Idempotent test) + azure_rm_privatednszonelink: + resource_group: "{{ resource_group }}" + name: "{{ link_name }}" + zone_name: "{{ domain_name }}.com" + virtual_network: "vnet{{ rpfx }}" + state: present + register: results + +- name: Assert that output is not changed + assert: + that: not results.changed + +- name: Update a virtual network link + azure_rm_privatednszonelink: + resource_group: "{{ resource_group }}" + name: "{{ link_name }}" + zone_name: "{{ domain_name }}.com" + registration_enabled: true + virtual_network: "vnet{{ rpfx }}" + state: present + register: results + +- name: Assert that virtual network link is updated + assert: + that: results.changed + +- name: Get virtual network link + azure_rm_privatednszonelink_info: + resource_group: "{{ resource_group }}" + name: "{{ link_name }}" + zone_name: "{{ domain_name }}.com" + register: results + +- assert: + that: + - not results.changed + - results.virtualnetworklinks[0].name == "{{ link_name }}" + - results.virtualnetworklinks[0].registration_enabled == true + - results.virtualnetworklinks[0].provisioning_state == "Succeeded" + +- name: Delete virtual network link + azure_rm_privatednszonelink: + resource_group: "{{ resource_group }}" + name: "{{ link_name }}" + zone_name: "{{ domain_name }}.com" + state: absent + register: results + +- name: Assert that virtual network link is deleted + assert: + that: results.changed + +- name: Delete virtual network link (Idempotent test) + azure_rm_privatednszonelink: + resource_group: "{{ resource_group }}" + name: "{{ link_name }}" + zone_name: "{{ domain_name }}.com" + state: absent + register: results + +- name: Asset that output is not changed + assert: + that: not results.changed + +- name: Delete virtual network + azure_rm_virtualnetwork: + name: "vnet{{ rpfx }}" + resource_group: "{{ resource_group }}" + state: absent + +- name: Delete private DNS zone + azure_rm_privatednszone: + resource_group: "{{ resource_group }}" + name: "{{ domain_name }}.com" + state: absent diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privateendpoint/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privateendpoint/aliases new file mode 100644 index 000000000..a31676ea1 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privateendpoint/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group6 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privateendpoint/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privateendpoint/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privateendpoint/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privateendpoint/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privateendpoint/tasks/main.yml new file mode 100644 index 000000000..306c1cc0a --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privateendpoint/tasks/main.yml @@ -0,0 +1,157 @@ +- name: Set Private Endpoint Name + set_fact: + rpfx: "private{{ resource_group | hash('md5') | truncate(18, True, '') }}" + +- name: Create virtual network + azure_rm_virtualnetwork: + name: vnet{{ rpfx }} + address_prefixes_cidr: + - 10.1.0.0/16 + dns_servers: + - 127.0.0.1 + - 127.0.0.3 + resource_group: "{{ resource_group }}" + +- name: Create network security group + azure_rm_securitygroup: + name: secgroup{{ rpfx }} + resource_group: "{{ resource_group }}" + +- name: Create the subnet + azure_rm_subnet: + name: subnet{{ rpfx }} + virtual_network_name: vnet{{ rpfx }} + resource_group: "{{ resource_group }}" + address_prefix_cidr: "10.1.0.0/16" + security_group: secgroup{{ rpfx }} + private_endpoint_network_policies: Disabled + private_link_service_network_policies: Disabled + service_endpoints: + - service: Microsoft.Sql + locations: + - eastus + - westus + register: subnet_output + +- name: Create instance of PostgreSQL Server + azure_rm_postgresqlserver: + resource_group: "{{ resource_group }}" + name: postgresqlsrv{{ rpfx }} + sku: + name: GP_Gen5_2 + tier: GeneralPurpose + location: eastus + storage_mb: 51200 + enforce_ssl: True + admin_username: zimxyz + admin_password: Password123! + register: post_output + +- name: Delete private endpoint, makesure there is no private endpoint exist + azure_rm_privateendpoint: + name: privateendpoint{{ rpfx }} + resource_group: "{{ resource_group }}" + state: absent + +- name: Create private endpoint + azure_rm_privateendpoint: + name: privateendpoint{{ rpfx }} + resource_group: "{{ resource_group }}" + private_link_service_connections: + - name: privateEndpoints_test_name + private_link_service_id: "{{ post_output.id }}" + group_ids: + - postgresqlServer + subnet: + id: "{{ subnet_output.state.id }}" + tags: + key1: value1 + cert_validation_mode: ignore + register: output + +- name: Assert status succeeded and results match expectations + assert: + that: + - output.changed + - output.state.id is defined + - output.state.provisioning_state == "Succeeded" + - output.state.tags | length == 1 + +- name: Create private endpoint ( Idempotent Test) + azure_rm_privateendpoint: + name: privateendpoint{{ rpfx }} + resource_group: "{{ resource_group }}" + private_link_service_connections: + - name: privateEndpoints_test_name + private_link_service_id: "{{ post_output.id }}" + group_ids: + - postgresqlServer + subnet: + id: "{{ subnet_output.state.id }}" + tags: + key1: value1 + register: output + +- name: Assert status succeeded and results match expectations + assert: + that: + - not output.changed + ignore_errors: yes + +- name: Update private endpoint with tags + azure_rm_privateendpoint: + name: privateendpoint{{ rpfx }} + resource_group: "{{ resource_group }}" + private_link_service_connections: + - name: privateEndpoints_test_name + private_link_service_id: "{{ post_output.id }}" + group_ids: + - postgresqlServer + subnet: + id: "{{ subnet_output.state.id }}" + tags: + key1: value1 + key2: value2 + register: output + +- name: Assert status succeeded and results match expectations + assert: + that: + - output.changed + - output.state.tags | length == 2 + +- name: Get private endpoint info + azure_rm_privateendpoint_info: + name: privateendpoint{{ rpfx }} + resource_group: "{{ resource_group }}" + register: output + +- name: Assert private endpoint info + assert: + that: + - output.privateendpoints[0].provisioning_state == "Succeeded" + - output.privateendpoints[0].tags | length == 2 + +- name: Delete private endpoint + azure_rm_privateendpoint: + name: privateendpoint{{ rpfx }} + resource_group: "{{ resource_group }}" + state: absent + register: output + +- name: Assert status succeeded and results match expectations + assert: + that: + - output.changed + +- name: Delete private endpoint ( Idempotent Test) + azure_rm_privateendpoint: + name: privateendpoint{{ rpfx }} + resource_group: "{{ resource_group }}" + state: absent + register: output + +- name: Assert status succeeded and results match expectations + assert: + that: + - not output.changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privateendpointdnszonegroup/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privateendpointdnszonegroup/aliases new file mode 100644 index 000000000..a31676ea1 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privateendpointdnszonegroup/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group6 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privateendpointdnszonegroup/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privateendpointdnszonegroup/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privateendpointdnszonegroup/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privateendpointdnszonegroup/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privateendpointdnszonegroup/tasks/main.yml new file mode 100644 index 000000000..e58a3ba22 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privateendpointdnszonegroup/tasks/main.yml @@ -0,0 +1,255 @@ +- name: Prepare random number + set_fact: + rpfx: "{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + run_once: true + +- name: "Create virtual network" + azure_rm_virtualnetwork: + name: "vnet-{{ rpfx }}" + address_prefixes_cidr: + - "10.1.0.0/16" + resource_group: "{{ resource_group }}" + +- name: "Create the subnet" + azure_rm_subnet: + name: "subnet-{{ rpfx }}" + virtual_network_name: "vnet-{{ rpfx }}" + resource_group: "{{ resource_group }}" + address_prefix_cidr: "10.1.0.0/16" + private_endpoint_network_policies: Disabled + private_link_service_network_policies: Disabled + register: subnet_output + +- name: "Create instance of PostgreSQL Server" + azure_rm_postgresqlserver: + resource_group: "{{ resource_group }}" + name: "postgresqlsrv-{{ rpfx }}" + sku: + name: "GP_Gen5_2" + tier: "GeneralPurpose" + location: "eastus" + storage_mb: 51200 + enforce_ssl: true + admin_username: "zimxyz" + admin_password: "Password123!" + register: post_output + +- name: Create zone group for non-existant private endpoint + azure_rm_privateendpointdnszonegroup: + name: "zone-group-{{ rpfx }}" + private_endpoint: "does-not-exist-{{ rpfx }}" + resource_group: "{{ resource_group }}" + ignore_errors: true + register: output +- name: Assert results match expectations + assert: + that: + - output.msg is match("Could not load the private endpoint", ignorecase=True) + +- name: Create private endpoint + azure_rm_privateendpoint: + name: privateendpoint-{{ rpfx }} + resource_group: "{{ resource_group }}" + private_link_service_connections: + - name: "postgres-link" + private_link_service_id: "{{ post_output.id }}" + group_ids: + - "postgresqlServer" + subnet: + id: "{{ subnet_output.state.id }}" + +- name: Create private DNS zone for postgres + azure_rm_privatednszone: + name: "privatelink.postgres.database.azure.com" + resource_group: "{{ resource_group }}" + +- name: Create virtual network link + azure_rm_privatednszonelink: + name: "private-link-{{ rpfx }}" + resource_group: "{{ resource_group }}" + zone_name: "privatelink.postgres.database.azure.com" + virtual_network: "vnet-{{ rpfx }}" + +- name: Get zone groups for private endpoint + azure_rm_privateendpointdnszonegroup_info: + private_endpoint: "privateendpoint-{{ rpfx }}" + resource_group: "{{ resource_group }}" + register: output +- name: Assert results match expectations + assert: + that: + - not output.changed + - output.groups | length == 0 + +- name: Create zone group for private endpoint - check mode + azure_rm_privateendpointdnszonegroup: + name: "zone-group-{{ rpfx }}" + private_endpoint: "privateendpoint-{{ rpfx }}" + resource_group: "{{ resource_group }}" + private_dns_zone_configs: + - name: "default" + private_dns_zone: "privatelink.postgres.database.azure.com" + register: output + check_mode: true +- name: Assert results match expectations + assert: + that: + - output.changed + +- name: Create zone group for private endpoint + azure_rm_privateendpointdnszonegroup: + name: "zone-group-{{ rpfx }}" + private_endpoint: "privateendpoint-{{ rpfx }}" + resource_group: "{{ resource_group }}" + private_dns_zone_configs: + - name: "default" + private_dns_zone: "privatelink.postgres.database.azure.com" + register: output +- name: Assert results match expectations + assert: + that: + - output.changed + - output.state.id + - output.state.name == 'zone-group-{{ rpfx }}' + - output.state.provisioning_state == 'Succeeded' + - output.state.private_dns_zone_configs | length == 1 + - output.state.private_dns_zone_configs[0].name == 'default' + - output.state.private_dns_zone_configs[0].private_dns_zone_id + - output.state.private_dns_zone_configs[0].record_sets | length == 1 + - output.state.private_dns_zone_configs[0].record_sets[0].fqdn == 'postgresqlsrv-{{ rpfx }}.privatelink.postgres.database.azure.com' + - output.state.private_dns_zone_configs[0].record_sets[0].ip_addresses | length == 1 + - output.state.private_dns_zone_configs[0].record_sets[0].ip_addresses[0] is match('^10.1.*') + - output.state.private_dns_zone_configs[0].record_sets[0].provisioning_state == 'Succeeded' + - output.state.private_dns_zone_configs[0].record_sets[0].record_set_name == 'postgresqlsrv-{{ rpfx }}' + - output.state.private_dns_zone_configs[0].record_sets[0].record_type == 'A' + - output.state.private_dns_zone_configs[0].record_sets[0].ttl + +- name: Create zone group for private endpoint - idempotent + azure_rm_privateendpointdnszonegroup: + name: "zone-group-{{ rpfx }}" + private_endpoint: "privateendpoint-{{ rpfx }}" + resource_group: "{{ resource_group }}" + private_dns_zone_configs: + - name: "default" + private_dns_zone: "privatelink.postgres.database.azure.com" + register: output +- name: Assert results match expectations + assert: + that: + - not output.changed + +- name: Get specific zone group for private endpoint + azure_rm_privateendpointdnszonegroup_info: + name: "zone-group-{{ rpfx }}" + private_endpoint: "privateendpoint-{{ rpfx }}" + resource_group: "{{ resource_group }}" + register: output +- name: Assert results match expectations + assert: + that: + - not output.changed + - output.groups | length == 1 + - output.groups[0].id + - output.groups[0].name == 'zone-group-{{ rpfx }}' + - output.groups[0].provisioning_state == 'Succeeded' + - output.groups[0].private_dns_zone_configs | length == 1 + - output.groups[0].private_dns_zone_configs[0].name == 'default' + - output.groups[0].private_dns_zone_configs[0].private_dns_zone_id + - output.groups[0].private_dns_zone_configs[0].record_sets | length == 1 + - output.groups[0].private_dns_zone_configs[0].record_sets[0].fqdn == 'postgresqlsrv-{{ rpfx }}.privatelink.postgres.database.azure.com' + - output.groups[0].private_dns_zone_configs[0].record_sets[0].ip_addresses | length == 1 + - output.groups[0].private_dns_zone_configs[0].record_sets[0].ip_addresses[0] is match('^10.1.*') + - output.groups[0].private_dns_zone_configs[0].record_sets[0].provisioning_state == 'Succeeded' + - output.groups[0].private_dns_zone_configs[0].record_sets[0].record_set_name == 'postgresqlsrv-{{ rpfx }}' + - output.groups[0].private_dns_zone_configs[0].record_sets[0].record_type == 'A' + - output.groups[0].private_dns_zone_configs[0].record_sets[0].ttl + +- name: Get all zone groups for private endpoint + azure_rm_privateendpointdnszonegroup_info: + private_endpoint: "privateendpoint-{{ rpfx }}" + resource_group: "{{ resource_group }}" + register: output +- name: Assert results match expectations + assert: + that: + - not output.changed + - output.groups | length == 1 + - output.groups[0].id + - output.groups[0].name == 'zone-group-{{ rpfx }}' + - output.groups[0].provisioning_state == 'Succeeded' + - output.groups[0].private_dns_zone_configs | length == 1 + - output.groups[0].private_dns_zone_configs[0].name == 'default' + - output.groups[0].private_dns_zone_configs[0].private_dns_zone_id + - output.groups[0].private_dns_zone_configs[0].record_sets | length == 1 + - output.groups[0].private_dns_zone_configs[0].record_sets[0].fqdn == 'postgresqlsrv-{{ rpfx }}.privatelink.postgres.database.azure.com' + - output.groups[0].private_dns_zone_configs[0].record_sets[0].ip_addresses | length == 1 + - output.groups[0].private_dns_zone_configs[0].record_sets[0].ip_addresses[0] is match('^10.1.*') + - output.groups[0].private_dns_zone_configs[0].record_sets[0].provisioning_state == 'Succeeded' + - output.groups[0].private_dns_zone_configs[0].record_sets[0].record_set_name == 'postgresqlsrv-{{ rpfx }}' + - output.groups[0].private_dns_zone_configs[0].record_sets[0].record_type == 'A' + - output.groups[0].private_dns_zone_configs[0].record_sets[0].ttl + +- name: Update zone group for private endpoint + azure_rm_privateendpointdnszonegroup: + name: "zone-group-{{ rpfx }}" + private_endpoint: "privateendpoint-{{ rpfx }}" + resource_group: "{{ resource_group }}" + private_dns_zone_configs: + - name: "default-updated" + private_dns_zone: "privatelink.postgres.database.azure.com" + register: output +- name: Assert results match expectations + assert: + that: + - output.changed + - output.state.id + - output.state.name == 'zone-group-{{ rpfx }}' + - output.state.provisioning_state == 'Succeeded' + - output.state.private_dns_zone_configs | length == 1 + - output.state.private_dns_zone_configs[0].name == 'default-updated' + - output.state.private_dns_zone_configs[0].private_dns_zone_id + - output.state.private_dns_zone_configs[0].record_sets | length == 1 + - output.state.private_dns_zone_configs[0].record_sets[0].fqdn == 'postgresqlsrv-{{ rpfx }}.privatelink.postgres.database.azure.com' + - output.state.private_dns_zone_configs[0].record_sets[0].ip_addresses | length == 1 + - output.state.private_dns_zone_configs[0].record_sets[0].ip_addresses[0] is match('^10.1.*') + - output.state.private_dns_zone_configs[0].record_sets[0].provisioning_state == 'Succeeded' + - output.state.private_dns_zone_configs[0].record_sets[0].record_set_name == 'postgresqlsrv-{{ rpfx }}' + - output.state.private_dns_zone_configs[0].record_sets[0].record_type == 'A' + - output.state.private_dns_zone_configs[0].record_sets[0].ttl + +- name: Delete zone group for private endpoint - check mode + azure_rm_privateendpointdnszonegroup: + name: "zone-group-{{ rpfx }}" + private_endpoint: "privateendpoint-{{ rpfx }}" + resource_group: "{{ resource_group }}" + state: "absent" + register: output + check_mode: true +- name: Assert results match expectations + assert: + that: + - output.changed + +- name: Delete zone group for private endpoint + azure_rm_privateendpointdnszonegroup: + name: "zone-group-{{ rpfx }}" + private_endpoint: "privateendpoint-{{ rpfx }}" + resource_group: "{{ resource_group }}" + state: "absent" + register: output +- name: Assert results match expectations + assert: + that: + - output.changed + +- name: Delete non-existant zone group for private endpoint + azure_rm_privateendpointdnszonegroup: + name: "zone-group-{{ rpfx }}" + private_endpoint: "privateendpoint-{{ rpfx }}" + resource_group: "{{ resource_group }}" + state: "absent" + register: output +- name: Assert results match expectations + assert: + that: + - not output.changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatelinkservice/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatelinkservice/aliases new file mode 100644 index 000000000..aa77c071a --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatelinkservice/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group2 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatelinkservice/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatelinkservice/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatelinkservice/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatelinkservice/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatelinkservice/tasks/main.yml new file mode 100644 index 000000000..bc0363c56 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatelinkservice/tasks/main.yml @@ -0,0 +1,284 @@ +- name: Set Private Link Service Names + set_fact: + rpfx: "{{ resource_group | hash('md5') | truncate(20, True, '') }}" + azure_subscription_id: f64d4ee8-be94-457d-ba26-3fa6b6506cef + +- name: Delete the private link service + azure_rm_privatelinkservice: + name: "lsp{{ rpfx }}" + resource_group: "{{ resource_group }}" + state: absent + +- name: Create virtual network + azure_rm_virtualnetwork: + resource_group: "{{ resource_group }}" + name: "vnet{{ rpfx }}" + address_prefixes_cidr: + - 10.1.0.0/16 + - 172.100.0.0/16 + +- name: Create a subnet + azure_rm_subnet: + resource_group: "{{ resource_group }}" + name: "sub{{ rpfx }}" + virtual_network_name: "vnet{{ rpfx }}" + address_prefix_cidr: "10.1.0.0/24" + private_link_service_network_policies: Disabled + private_endpoint_network_policies: Disabled + register: subnet_output + +- name: create public ip + azure_rm_publicipaddress: + resource_group: '{{ resource_group }}' + name: "pip{{ rpfx }}" + sku: Standard + allocation_method: Static + +- name: create load balancer with frontend_ip_configurations + azure_rm_loadbalancer: + resource_group: '{{ resource_group }}' + name: "lb{{ rpfx }}" + sku: Standard + frontend_ip_configurations: + - name: frontendipconf0 + public_ip_address: "pip{{ rpfx }}" + backend_address_pools: + - name: backendaddrpool0 + probes: + - name: prob0 + port: 80 + load_balancing_rules: + - name: lbrbalancingrule0 + frontend_ip_configuration: frontendipconf0 + backend_address_pool: backendaddrpool0 + frontend_port: 80 + backend_port: 80 + probe: prob0 + inbound_nat_rules: + - name: inboundnatrule0 + backend_port: 8080 + protocol: Tcp + frontend_port: 8080 + frontend_ip_configuration: frontendipconf0 + register: lb_output + +- name: Create private link service (Check mode test) + azure_rm_privatelinkservice: + name: "lsp{{ rpfx }}" + resource_group: "{{ resource_group }}" + enable_proxy_protocol: True + fqdns: + - 'dns01.com' + - 'dns02.com' + visibility: + subscriptions: + - "{{ azure_subscription_id }}" + auto_approval: + subscriptions: + - "{{ azure_subscription_id }}" + load_balancer_frontend_ip_configurations: + - id: "{{ lb_output.state.frontend_ip_configurations[0].id }}" + ip_configurations: + - name: ip_configuration01 + properties: + primary: True + private_ip_allocation_method: 'Dynamic' + private_ip_address_version: 'IPv4' + subnet: + id: "{{ subnet_output.state.id }}" + tags: + key1: value1 + check_mode: True + register: output + +- assert: + that: output.changed + +- name: Create private link service + azure_rm_privatelinkservice: + name: "lsp{{ rpfx }}" + resource_group: "{{ resource_group }}" + enable_proxy_protocol: True + fqdns: + - 'dns01.com' + - 'dns02.com' + visibility: + subscriptions: + - "{{ azure_subscription_id }}" + auto_approval: + subscriptions: + - "{{ azure_subscription_id }}" + load_balancer_frontend_ip_configurations: + - id: "{{ lb_output.state.frontend_ip_configurations[0].id }}" + ip_configurations: + - name: ip_configuration01 + properties: + primary: True + private_ip_allocation_method: 'Dynamic' + private_ip_address_version: 'IPv4' + subnet: + id: "{{ subnet_output.state.id }}" + tags: + key1: value1 + register: output + +- assert: + that: output.changed + +- name: Create private link service (Idempotent test) + azure_rm_privatelinkservice: + name: "lsp{{ rpfx }}" + resource_group: "{{ resource_group }}" + enable_proxy_protocol: True + fqdns: + - 'dns01.com' + - 'dns02.com' + visibility: + subscriptions: + - "{{ azure_subscription_id }}" + auto_approval: + subscriptions: + - "{{ azure_subscription_id }}" + load_balancer_frontend_ip_configurations: + - id: "{{ lb_output.state.frontend_ip_configurations[0].id }}" + ip_configurations: + - name: ip_configuration01 + properties: + primary: True + private_ip_allocation_method: 'Dynamic' + private_ip_address_version: 'IPv4' + subnet: + id: "{{ subnet_output.state.id }}" + tags: + key1: value1 + register: output + +- assert: + that: not output.changed + +- name: Update private link service + azure_rm_privatelinkservice: + name: "lsp{{ rpfx }}" + resource_group: "{{ resource_group }}" + enable_proxy_protocol: False + fqdns: + - 'dns03.com' + - 'dns04.com' + visibility: + subscriptions: + - "{{ azure_subscription_id }}" + auto_approval: + subscriptions: + - "{{ azure_subscription_id }}" + load_balancer_frontend_ip_configurations: + - id: "{{ lb_output.state.frontend_ip_configurations[0].id }}" + ip_configurations: + - name: ip_configuration01 + properties: + primary: True + private_ip_allocation_method: 'Dynamic' + private_ip_address_version: 'IPv4' + subnet: + id: "{{ subnet_output.state.id }}" + tags: + key2: value2 + key3: value3 + register: output + +- assert: + that: output.changed + +- name: Get private link service info by name + azure_rm_privatelinkservice_info: + name: "lsp{{ rpfx }}" + resource_group: "{{ resource_group }}" + register: output + +- assert: + that: + - output.link_service[0].tags | length == 3 + - output.link_service[0].fqdns | length == 4 + - output.link_service[0].enable_proxy_protocol == false + +- name: Create private endpoint + azure_rm_privateendpoint: + name: "pd{{ rpfx }}" + resource_group: "{{ resource_group }}" + private_link_service_connections: + - name: private_connection_name + private_link_service_id: "{{ output.link_service[0].id }}" + subnet: + id: "{{ subnet_output.state.id }}" + register: output + +- name: Get private endpoint connection info + azure_rm_privateendpointconnection_info: + service_name: "lsp{{ rpfx }}" + resource_group: "{{ resource_group }}" + register: output + +- assert: + that: + - output.endpoint_connection[0].private_link_service_connection_state.actions_required == "None" + - output.endpoint_connection[0].private_link_service_connection_state.description == "Approved" + - output.endpoint_connection[0].private_link_service_connection_state.status == "Approved" + +- name: Update private endpoint connection + azure_rm_privateendpointconnection: + name: "{{ output.endpoint_connection[0].name }}" + service_name: "lsp{{ rpfx }}" + resource_group: "{{ resource_group }}" + connection_state: + status: "Rejected" + description: "Rejected" + actions_required: "actions required" + register: output + +- assert: + that: output.changed + +- name: Get private endpoint connection info by name + azure_rm_privateendpointconnection_info: + name: "{{ output.state.name }}" + service_name: "lsp{{ rpfx }}" + resource_group: "{{ resource_group }}" + register: output + +- assert: + that: + - output.endpoint_connection[0].private_link_service_connection_state.actions_required == "actions required" + - output.endpoint_connection[0].private_link_service_connection_state.description == "Rejected" + - output.endpoint_connection[0].private_link_service_connection_state.status == "Rejected" + +- name: Delete private endpoint connection + azure_rm_privateendpointconnection: + name: "{{ output.endpoint_connection[0].name }}" + service_name: "lsp{{ rpfx }}" + resource_group: "{{ resource_group }}" + state: absent + register: output + +- assert: + that: output.changed + +- name: Delete private endpoint + azure_rm_privateendpoint: + name: "pd{{ rpfx }}" + resource_group: "{{ resource_group }}" + state: absent + +- assert: + that: output.changed + +- name: Pause for 5 mimutes to waiting + shell: sleep 300 + +- name: Delete private link service + azure_rm_privatelinkservice: + name: "lsp{{ rpfx }}" + resource_group: "{{ resource_group }}" + state: absent + register: output + +- assert: + that: output.changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_proximityplacementgroup/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_proximityplacementgroup/aliases new file mode 100644 index 000000000..5d29c6c4d --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_proximityplacementgroup/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group10 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_proximityplacementgroup/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_proximityplacementgroup/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_proximityplacementgroup/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_proximityplacementgroup/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_proximityplacementgroup/tasks/main.yml new file mode 100644 index 000000000..bf7dbfd0b --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_proximityplacementgroup/tasks/main.yml @@ -0,0 +1,76 @@ +- name: Create proximity placement group name + set_fact: + group_name: "ppg{{ resource_group | hash('md5') | truncate(22, True, '') }}" + +- name: Create a proximity placement group + azure_rm_proximityplacementgroup: + resource_group: "{{ resource_group }}" + location: eastus + name: "{{ group_name }}" + state: present + register: results + +- name: Assert that placement group is created + assert: + that: results.changed + +- name: Create a proximity placement group again (Idempotent test) + azure_rm_proximityplacementgroup: + resource_group: "{{ resource_group }}" + location: eastus + name: "{{ group_name }}" + state: present + register: results + +- name: Assert that output is not changed + assert: + that: not results.changed + +- name: Update a proximity placement group + azure_rm_proximityplacementgroup: + resource_group: "{{ resource_group }}" + location: eastus + name: "{{ group_name }}" + tags: + key1: "value1" + state: present + register: results + +- name: Assert that placement group is updated + assert: + that: results.changed + +- name: Get proximity placement group facts + azure_rm_proximityplacementgroup_info: + resource_group: "{{ resource_group }}" + name: "{{ group_name }}" + register: results + +- assert: + that: + - not results.changed + - results.proximityplacementgroups[0].name == "{{ group_name }}" + - results.proximityplacementgroups[0].location == "eastus" + - results.proximityplacementgroups[0].proximity_placement_group_type == "Standard" + +- name: Delete proximity placement group + azure_rm_proximityplacementgroup: + resource_group: "{{ resource_group }}" + name: "{{ group_name }}" + state: absent + register: results + +- name: Assert that placement group is deleted + assert: + that: results.changed + +- name: Delete proximity placement group again (Idempotent test) + azure_rm_proximityplacementgroup: + resource_group: "{{ resource_group }}" + name: "{{ group_name }}" + state: absent + register: results + +- name: Asset that output is not changed + assert: + that: not results.changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_publicipaddress/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_publicipaddress/aliases new file mode 100644 index 000000000..c8f442a8f --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_publicipaddress/aliases @@ -0,0 +1,4 @@ +cloud/azure +shippable/azure/group2 +destructive +azure_rm_publicipaddress_info diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_publicipaddress/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_publicipaddress/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_publicipaddress/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_publicipaddress/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_publicipaddress/tasks/main.yml new file mode 100644 index 000000000..119747b26 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_publicipaddress/tasks/main.yml @@ -0,0 +1,139 @@ +- name: Create domain name + set_fact: + domain_name: "ansible-{{ resource_group | hash('md5') | truncate(24, True, '') }}" + rpfx: "{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + +- name: Remove public ip + azure_rm_publicipaddress: + resource_group: "{{ resource_group }}" + name: "pip{{ rpfx }}" + state: absent + +- name: Create public ip + azure_rm_publicipaddress: + resource_group: "{{ resource_group }}" + name: "pip{{ rpfx }}" + allocation_method: Static + domain_name: "{{ domain_name }}" + tags: + testing: testing + delete: on-exit + register: output + +- assert: + that: + - output.state.public_ip_allocation_method == 'static' + - output.state.dns_settings.domain_name_label == domain_name + - output.state.tags | length == 2 + - output.state.tags.testing == 'testing' + +- name: Create public ip with IPV6 + azure_rm_publicipaddress: + resource_group: "{{ resource_group }}" + name: "pip{{ rpfx }}-02" + allocation_method: Static + domain_name: "{{ domain_name }}-02" + version: 'ipv6' + sku: 'Standard' + zones: + - 1 + register: output + +- assert: + that: + - output.state.public_ip_address_version == 'ipv6' + - output.state.zones == ['1'] + +- name: Should be idempotent + azure_rm_publicipaddress: + resource_group: "{{ resource_group }}" + name: "pip{{ rpfx }}" + allocation_method: static + domain_name: "{{ domain_name }}" + register: output + +- assert: + that: not output.changed + +- name: Update tags + azure_rm_publicipaddress: + resource_group: "{{ resource_group }}" + name: "pip{{ rpfx }}" + allocation_method: static + domain_name: "{{ domain_name }}" + append_tags: yes + tags: + delete: never + foo: bar + register: output + +- assert: + that: + - output.state.tags | length == 3 + - output.state.tags.delete == 'never' + +- name: Gather facts, filtering by tag + azure_rm_publicipaddress_info: + resource_group: "{{ resource_group }}" + tags: + - testing + - foo:bar + register: infos + +- assert: + that: infos.publicipaddresses | length == 1 + +- name: Purge all tags + azure_rm_publicipaddress: + resource_group: "{{ resource_group }}" + name: "pip{{ rpfx }}" + allocation_method: static + domain_name: "{{ domain_name }}" + append_tags: no + register: output + +- assert: + that: + - output.state.tags | length == 0 + +- name: Gather facts for a public ip + azure_rm_publicipaddress_info: + resource_group: "{{ resource_group }}" + name: "pip{{ rpfx }}" + register: pip + +- assert: + that: + - "pip.publicipaddresses | length == 1" + - pip.publicipaddresses[0].name == "pip{{ rpfx }}" + - pip.publicipaddresses[0].allocation_method == 'static' + - pip.publicipaddresses[0].dns_settings.domain_name_label == domain_name + +- name: Gather facts for all public ips + azure_rm_publicipaddress_info: + resource_group: "{{ resource_group }}" + register: infos + +- assert: + that: infos.publicipaddresses | length > 0 + +- name: Remove IPV6 public ip + azure_rm_publicipaddress: + resource_group: "{{ resource_group }}" + name: "pip{{ rpfx }}-02" + state: absent + +- name: Remove public ip + azure_rm_publicipaddress: + resource_group: "{{ resource_group }}" + name: "pip{{ rpfx }}" + state: absent + +- name: Gather facts for a public ip + azure_rm_publicipaddress_info: + resource_group: "{{ resource_group }}" + name: "pip{{ rpfx }}" + register: infos + +- assert: + that: infos.publicipaddresses | length == 0 diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_recoveryservicesvault/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_recoveryservicesvault/aliases new file mode 100644 index 000000000..cc941b59c --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_recoveryservicesvault/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group12 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_recoveryservicesvault/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_recoveryservicesvault/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_recoveryservicesvault/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_recoveryservicesvault/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_recoveryservicesvault/tasks/main.yml new file mode 100644 index 000000000..fc92da931 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_recoveryservicesvault/tasks/main.yml @@ -0,0 +1,55 @@ +- name: Fix resource prefix + set_fact: + name: "revault{{ resource_group | hash('md5') | truncate(22, True, '') }}" + location: "eastus" + +- name: Create Azure Recovery Service vault + azure_rm_recoveryservicesvault: + resource_group: "{{ resource_group }}" + name: "{{ name }}" + location: "{{ location }}" + state: "present" + register: output + +- name: Assert that output has changed + assert: + that: + - output.changed + +- name: Create Azure Recovery Service vault (idempotent) + azure_rm_recoveryservicesvault: + resource_group: "{{ resource_group }}" + name: "{{ name }}" + location: "{{ location }}" + state: "present" + register: output + +- name: Assert that output has no changed + assert: + that: + - not output.changed + +- name: Get Azure Recovery Service Vault Details + azure_rm_recoveryservicesvault_info: + resource_group: "{{ resource_group }}" + name: "{{ name }}" + register: output + +- name: Assert that output has changed + assert: + that: + - output.response.id != None + - output.response.name != None + +- name: Delete Azure Recovery Service vault + azure_rm_recoveryservicesvault: + resource_group: "{{ resource_group }}" + name: "{{ name }}" + location: "{{ location }}" + state: "absent" + register: output + +- name: Assert that output has changed + assert: + that: + - output.changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_rediscache/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_rediscache/aliases new file mode 100644 index 000000000..733b37851 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_rediscache/aliases @@ -0,0 +1,6 @@ +cloud/azure +shippable/azure/group2 +unsupported +destructive +azure_rm_rediscache_facts +azure_rm_rediscachefirewallrule diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_rediscache/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_rediscache/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_rediscache/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_rediscache/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_rediscache/tasks/main.yml new file mode 100644 index 000000000..18e71e56e --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_rediscache/tasks/main.yml @@ -0,0 +1,492 @@ +- name: Fix resource prefix + set_fact: + redis_name: "redis-{{ resource_group | hash('md5') | truncate(7, True, '') }}-{{ 1000 | random }}" + vnet_name: "vnet-{{ resource_group | hash('md5') | truncate(7, True, '') }}-{{ 1000 | random }}" + subnet_name: "subnet-{{ resource_group | hash('md5') | truncate(7, True, '') }}-{{ 1000 | random }}" + rule_name: "rule1" + run_once: yes + +- name: Create a redis cache (Check Mode) + azure_rm_rediscache: + resource_group: "{{ resource_group }}" + name: "{{ redis_name }}" + sku: + name: basic + size: C1 + wait_for_provisioning: False + check_mode: yes + register: output + +- name: Assert creating redis cache check mode + assert: + that: + - output.changed + +- name: Create a redis cache + azure_rm_rediscache: + resource_group: "{{ resource_group }}" + name: "{{ redis_name }}" + sku: + name: basic + size: C1 + wait_for_provisioning: False + register: output + +- name: Assert creating redis cache + assert: + that: + - output.changed + - output.id + +- name: Get facts + azure_rm_rediscache_info: + resource_group: "{{ resource_group }}" + name: "{{ redis_name }}" + register: facts + +- name: Assert facts + assert: + that: + - facts.rediscaches | length == 1 + - facts.rediscaches[0].id != None + - facts.rediscaches[0].host_name != None + - facts.rediscaches[0].provisioning_state != None + - facts.rediscaches[0].sku.name == 'basic' + - facts.rediscaches[0].sku.size == 'C1' + +- name: Update the redis cache (idempotent) + azure_rm_rediscache: + resource_group: "{{ resource_group }}" + name: "{{ redis_name }}" + sku: + name: basic + size: C1 + wait_for_provisioning: False + register: output + +- name: assert output not changed + assert: + that: + - not output.changed + + +- name: long-running rediscache tests [run with `--tags long_run,untagged` to enable] + # creating redis Cache costs about 20 mins async operation, + # need to poll status from Creating to Running, then able to perform updating/deleting operation, + # otherwise, will met error: + # "The resource '<resource_id>' is busy processing a previous update request or is undergoing system maintenance. + # As such, it is currently unable to accept the update request. Please try again later." + block: + - name: Wait for Redis provisioning to complete + azure_rm_rediscache_info: + resource_group: "{{ resource_group }}" + name: "{{ redis_name }}" + register: facts + until: facts.rediscaches[0]['provisioning_state'] == 'Succeeded' + retries: 30 + delay: 60 + + - name: (actually) update redis cache + azure_rm_rediscache: + resource_group: "{{ resource_group }}" + name: "{{ redis_name }}" + sku: + name: basic + size: C1 + enable_non_ssl_port: true + tags: + testing: foo + wait_for_provisioning: True + register: output + + - name: assert output changed + assert: + that: + - output.changed + + - name: Update redis cache configuration + azure_rm_rediscache: + resource_group: "{{ resource_group }}" + name: "{{ redis_name }}" + sku: + name: basic + size: C1 + enable_non_ssl_port: True + maxmemory_policy: allkeys_lru + tags: + testing: foo + register: output + + - name: assert output changed + assert: + that: + - output.changed + + - name: Scale up the redis cache + azure_rm_rediscache: + resource_group: "{{ resource_group }}" + name: "{{ redis_name }}" + sku: + name: standard + size: C1 + tags: + testing: foo + wait_for_provisioning: True + register: output + + - assert: + that: + - output.changed + + - name: Force reboot redis cache + azure_rm_rediscache: + resource_group: "{{ resource_group }}" + name: "{{ redis_name }}" + reboot: + reboot_type: all + register: output + + - name: assert redis rebooted + assert: + that: + - output.changed + + - name: Delete the redis cache (Check Mode) + azure_rm_rediscache: + resource_group: "{{ resource_group }}" + name: "{{ redis_name }}" + state: absent + check_mode: yes + register: output + + - name: assert deleting redis cache check mode + assert: + that: output.changed + + - name: Delete the redis cache + azure_rm_rediscache: + resource_group: "{{ resource_group }}" + name: "{{ redis_name }}" + state: absent + register: output + + - assert: + that: + - output.changed + tags: [long_run, never] + + +- name: Create a redis cache with enhanced configuration options + azure_rm_rediscache: + resource_group: "{{ resource_group }}" + name: "{{ redis_name }}-enhanced" + sku: + name: basic + size: C1 + redis_version: "6" + minimum_tls_version: "1.2" + public_network_access: "Disabled" + wait_for_provisioning: false + register: output +- name: Assert creating redis cache + assert: + that: + - output.changed + +- name: Get facts for enhanced cache + azure_rm_rediscache_info: + resource_group: "{{ resource_group }}" + name: "{{ redis_name }}-enhanced" + register: facts +- name: Assert enhanced cache facts + assert: + that: + - facts.rediscaches | length == 1 + - facts.rediscaches[0].id != None + - facts.rediscaches[0].host_name != None + - facts.rediscaches[0].provisioning_state != None + - facts.rediscaches[0].sku.name == 'basic' + - facts.rediscaches[0].sku.size == 'C1' + - facts.rediscaches[0].redis_version is version('6', '>=') and facts.rediscaches[0].redis_version is version('7', '<') + - facts.rediscaches[0].minimum_tls_version == '1.2' + - facts.rediscaches[0].public_network_access == 'Disabled' + + +- name: long-running enhanced rediscache tests [run with `--tags long_run,untagged` to enable] + # creating redis Cache costs about 20 mins async operation, + # need to poll status from Creating to Running, then able to perform updating/deleting operation, + # otherwise, will met error: + # "The resource '<resource_id>' is busy processing a previous update request or is undergoing system maintenance. + # As such, it is currently unable to accept the update request. Please try again later." + block: + - name: Wait for Redis provisioning to complete + azure_rm_rediscache_info: + resource_group: "{{ resource_group }}" + name: "{{ redis_name }}-enhanced" + register: facts + until: facts.rediscaches[0]['provisioning_state'] == 'Succeeded' + retries: 30 + delay: 60 + + - name: update redis (idempotent) + azure_rm_rediscache: + resource_group: "{{ resource_group }}" + name: "{{ redis_name }}-enhanced" + sku: + name: basic + size: C1 + redis_version: "6" + minimum_tls_version: "1.2" + public_network_access: "Disabled" + wait_for_provisioning: true + register: output + - name: assert output not changed + assert: + that: + - not output.changed + + - name: update redis cache TLS + azure_rm_rediscache: + resource_group: "{{ resource_group }}" + name: "{{ redis_name }}-enhanced" + sku: + name: basic + size: C1 + redis_version: "6" + minimum_tls_version: "1.1" + public_network_access: "Disabled" + wait_for_provisioning: true + register: output + - name: assert output changed + assert: + that: + - output.changed + + - name: update redis cache public network access + azure_rm_rediscache: + resource_group: "{{ resource_group }}" + name: "{{ redis_name }}-enhanced" + sku: + name: basic + size: C1 + redis_version: "6" + minimum_tls_version: "1.1" + public_network_access: "Enabled" + wait_for_provisioning: true + register: output + - name: assert output changed + assert: + that: + - output.changed + + - name: Get facts for enhanced cache + azure_rm_rediscache_info: + resource_group: "{{ resource_group }}" + name: "{{ redis_name }}-enhanced" + register: facts + - name: Assert enhanced cache facts + assert: + that: + - facts.rediscaches[0].minimum_tls_version == '1.1' + - facts.rediscaches[0].public_network_access == 'Enabled' + + - name: update redis cache version + azure_rm_rediscache: + resource_group: "{{ resource_group }}" + name: "{{ redis_name }}-enhanced" + sku: + name: basic + size: C1 + redis_version: "6" + minimum_tls_version: "1.1" + public_network_access: "Enabled" + wait_for_provisioning: true + register: output + failed_when: "output.changed or 'not supported' not in output.msg" + + - name: Delete the redis cache + azure_rm_rediscache: + resource_group: "{{ resource_group }}" + name: "{{ redis_name }}-enhanced" + state: absent + register: output + - assert: + that: + - output.changed + tags: [long_run, never] + + +- name: Create virtual network + azure_rm_virtualnetwork: + resource_group: "{{ resource_group }}" + name: "{{ vnet_name }}" + address_prefixes: "10.10.0.0/16" + +- name: Add subnet + azure_rm_subnet: + resource_group: "{{ resource_group }}" + name: "{{ subnet_name }}" + address_prefix: "10.10.0.0/24" + virtual_network: "{{ vnet_name }}" + +- name: Create redis with subnet + azure_rm_rediscache: + resource_group: "{{ resource_group }}" + name: "{{ redis_name }}2" + sku: + name: premium + size: P1 + subnet: + name: "{{ subnet_name }}" + virtual_network_name: "{{ vnet_name }}" + wait_for_provisioning: False + register: output + +- name: Assert creating redis cache + assert: + that: + - output.changed + - output.id + +- name: Get facts + azure_rm_rediscache_info: + resource_group: "{{ resource_group }}" + name: "{{ redis_name }}2" + return_access_keys: True + register: facts + +- name: Assert facts + assert: + that: + - facts.rediscaches | length == 1 + - facts.rediscaches[0].subnet != None + - facts.rediscaches[0].access_keys.primary != None + +- name: Create firewall rule (Check mode) + azure_rm_rediscachefirewallrule: + resource_group: "{{ resource_group }}" + cache_name: "{{ redis_name }}2" + name: "{{ rule_name }}" + start_ip_address: 192.168.1.1 + end_ip_address: 192.168.1.4 + check_mode: yes + register: output + +- name: Assert check mode creation + assert: + that: + - output.changed + + +- name: long-running key/firewallrule tests [run with `--tags long_run,untagged` to enable] +# Creating firewall rule need Redis status is running, while creating redis Cache costs about 20 mins async operation, +# need to poll status from Creating to Running, then able to perform firewall rule creating, +# otherwise, will met error: +# "Error creating/updating Firewall rule of Azure Cache for Redis: Azure Error: Conflict\nMessage: The resource +# '/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myResourceGroup/providers/Microsoft.Cache/Redis/myRedis' is busy processing +# a previous update request or is undergoing system maintenance. As such, it is currently unable to accept the update request. Please try again later." + block: + - name: Wait for Redis provisioning to complete + azure_rm_rediscache_info: + resource_group: "{{ resource_group }}" + name: "{{ redis_name }}2" + register: facts + until: facts.rediscaches[0]['provisioning_state'] == 'Succeeded' + retries: 30 + delay: 60 + + - name: Create firewall rule + azure_rm_rediscachefirewallrule: + resource_group: "{{ resource_group }}" + cache_name: "{{ redis_name }}2" + name: "{{ rule_name }}" + start_ip_address: 192.168.1.1 + end_ip_address: 192.168.1.4 + register: output + + - name: Assert creation + assert: + that: + - output.changed + - output.id + + - name: Update firewall rule idempotence + azure_rm_rediscachefirewallrule: + resource_group: "{{ resource_group }}" + cache_name: "{{ redis_name }}2" + name: "{{ rule_name }}" + start_ip_address: 192.168.1.1 + end_ip_address: 192.168.1.4 + register: output + + - name: Assert idempotence + assert: + that: + - output.changed == False + + - name: Update firewall rule + azure_rm_rediscachefirewallrule: + resource_group: "{{ resource_group }}" + cache_name: "{{ redis_name }}2" + name: "{{ rule_name }}" + end_ip_address: 192.168.1.5 + register: output + + - name: Assert updating + assert: + that: + - output.changed + + - name: Get key facts + azure_rm_rediscache_info: + resource_group: "{{ resource_group }}" + name: "{{ redis_name }}2" + return_access_keys: True + register: key_facts + + - name: regenerate primary redis key + azure_rm_rediscache: + resource_group: "{{ resource_group }}" + name: "{{ redis_name }}2" + regenerate_key: + key_type: "primary" + register: output + + - name: Assert output + assert: + that: + - output.changed + + - name: Get facts after key regeneration + azure_rm_rediscache_info: + resource_group: "{{ resource_group }}" + name: "{{ redis_name }}2" + return_access_keys: true + register: key_facts2 + + - name: Assert key change + assert: + that: + - key_facts.rediscaches[0].access_keys.primary != key_facts2.rediscaches[0].access_keys.primary + - key_facts.rediscaches[0].access_keys.secondary == key_facts2.rediscaches[0].access_keys.secondary + + - name: Delete firewall rule + azure_rm_rediscachefirewallrule: + resource_group: "{{ resource_group }}" + cache_name: "{{ redis_name }}2" + name: "{{ rule_name }}" + state: absent + register: output + + - name: Assert deletion + assert: + that: + - output.changed + + - name: Delete the redis cache + azure_rm_rediscache: + resource_group: "{{ resource_group }}" + name: "{{ redis_name }}2" + state: absent + register: output + tags: [long_run, never] diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_registrationassignment/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_registrationassignment/aliases new file mode 100644 index 000000000..759eafa2d --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_registrationassignment/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group3 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_registrationassignment/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_registrationassignment/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_registrationassignment/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_registrationassignment/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_registrationassignment/tasks/main.yml new file mode 100644 index 000000000..055524705 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_registrationassignment/tasks/main.yml @@ -0,0 +1,78 @@ +- name: set facts + set_fact: + subscription_id: "{{ azure_subscription_id }}" + managed_by_tenant_id: "{{ azure_managed_by_tenant_id }}" + principal_id: "{{ azure_principal_id }}" + role_definition_id: "{{ azure_role_definition_id }}" + run_once: yes + +- name: Create a RegistrationDefinition + azure_rm_registrationdefinition: + properties: + description: first_test + authorizations: + - principal_id: "{{ principal_id }}" + role_definition_id: "{{ role_definition_id }}" + managed_by_tenant_id: "{{ managed_by_tenant_id }}" + registration_definition_name: test_def + register: output1 + +- name: Create a RegistrationAssignment ---check mode + azure_rm_registrationassignment: + scope: subscriptions/{{ subscription_id }} + properties: + registration_definition_id: "{{ output1.state.id }}" + register: output + check_mode: yes + +- assert: + that: + - output.changed + +- name: Create a RegistrationAssignment + azure_rm_registrationassignment: + scope: subscriptions/{{ subscription_id }} + properties: + registration_definition_id: "{{ output1.state.id }}" + register: output2 + +- assert: + that: + - output2.changed + +- name: Create a RegistrationAssignment -- idempotent + azure_rm_registrationassignment: + scope: subscriptions/{{ subscription_id }} + registration_assignment_id: "{{ output2.state.name }}" + properties: + registration_definition_id: "{{ output1.state.id }}" + register: output + +- assert: + that: + - not output.changed + +- name: Get a RegistrationAssignment + azure_rm_registrationassignment_info: + scope: subscriptions/{{ subscription_id }} + registration_assignment_id: "{{ output2.state.name }}" + register: output + +- assert: + that: + - output.registration_assignments[0].properties.registration_definition_id == "{{ output1.state.id }}" + +- name: Get all RegistrationAssignment + azure_rm_registrationassignment_info: + scope: subscriptions/{{ subscription_id }} + register: output + +- assert: + that: + - output.registration_assignments | length >= 1 + +- name: Delete the RegistrationAssignment + azure_rm_registrationassignment: + scope: subscriptions/{{ subscription_id }} + registration_assignment_id: "{{ output2.state.name }}" + state: absent diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_registrationdefinition/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_registrationdefinition/aliases new file mode 100644 index 000000000..759eafa2d --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_registrationdefinition/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group3 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_registrationdefinition/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_registrationdefinition/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_registrationdefinition/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_registrationdefinition/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_registrationdefinition/tasks/main.yml new file mode 100644 index 000000000..0395db002 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_registrationdefinition/tasks/main.yml @@ -0,0 +1,134 @@ +- name: set facts + set_fact: + subscription_id: "{{ azure_subscription_id }}" + subscription_sec_id: "{{ azure_subscription_sec_id }}" + managed_by_tenant_id: "{{ azure_managed_by_tenant_id }}" + principal_id: "{{ azure_principal_id }}" + role_definition_id: "{{ azure_role_definition_id }}" + reg_def_name: test_name + run_once: yes + +- name: Create a RegistrationDefinition -- check mode + azure_rm_registrationdefinition: + properties: + description: first_test + authorizations: + - principal_id: "{{ principal_id }}" + role_definition_id: "{{ role_definition_id }}" + managed_by_tenant_id: "{{ managed_by_tenant_id }}" + registration_definition_name: "{{ reg_def_name }}" + check_mode: yes + register: output + +- name: Assert creating registration definition check mode + assert: + that: + - output.changed + +- name: Create a RegistrationDefinition with scope + azure_rm_registrationdefinition: + scope: "{{ subscription_sec_id }}" + properties: + description: test definition with scope + authorizations: + - principal_id: "{{ principal_id }}" + role_definition_id: "{{ role_definition_id }}" + managed_by_tenant_id: "{{ managed_by_tenant_id }}" + registration_definition_name: "{{ reg_def_name }}" + register: output2 + +- name: Assert creating registration definition + assert: + that: + - output2.changed + +- name: Create a RegistrationDefinition + azure_rm_registrationdefinition: + properties: + description: first_test + authorizations: + - principal_id: "{{ principal_id }}" + role_definition_id: "{{ role_definition_id }}" + managed_by_tenant_id: "{{ managed_by_tenant_id }}" + registration_definition_name: "{{ reg_def_name }}" + register: output1 + +- name: Assert creating registration definition + assert: + that: + - output1.changed + +- name: Create a RegistrationDefinition (idempotent) + azure_rm_registrationdefinition: + registration_definition_id: "{{ output1.state.name }}" + properties: + description: first_test + authorizations: + - principal_id: "{{ principal_id }}" + role_definition_id: "{{ role_definition_id }}" + managed_by_tenant_id: "{{ managed_by_tenant_id }}" + registration_definition_name: "{{ reg_def_name }}" + register: output + +- name: Assert creating registration definition + assert: + that: + - not output.changed + +- name: Update the RegistrationDefinition properties description and name + azure_rm_registrationdefinition: + registration_definition_id: "{{ output1.state.name }}" + properties: + description: second_test + authorizations: + - principal_id: "{{ principal_id }}" + role_definition_id: "{{ role_definition_id }}" + managed_by_tenant_id: "{{ managed_by_tenant_id }}" + registration_definition_name: "{{ reg_def_name }}02" + register: output + +- name: Assert creating registration definition + assert: + that: + - output.changed + +- name: Get the Registration Definition info + azure_rm_registrationdefinition_info: + registration_definition_id: "{{ output1.state.name }}" + register: output + +- name: Assert the registration definition info + assert: + that: + - output.registration_definitions[0].name == "{{ output1.state.name }}" + - output.registration_definitions[0].properties.authorizations[0].principal_id == "{{ principal_id }}" + - output.registration_definitions[0].properties.authorizations[0].role_definition_id == "{{ role_definition_id }}" + - output.registration_definitions[0].properties.provisioning_state == "Succeeded" + - output.registration_definitions[0].properties.description == "second_test" + - output.registration_definitions[0].properties.registration_definition_name == "test_name02" + +- name: Get All Registration Definition info in the subscription + azure_rm_registrationdefinition_info: + scope: "{{ subscription_id }}" + register: output + +- name: Assert all the registration definition info + assert: + that: + - output.registration_definitions | length >=1 + +- name: Delete the registration definition + azure_rm_registrationdefinition: + registration_definition_id: "{{ output1.state.name }}" + state: absent + register: output + +- name: Assert delete registration definition success + assert: + that: + - output.changed + +- name: Delete the registration definition + azure_rm_registrationdefinition: + registration_definition_id: "{{ output2.state.name }}" + state: absent diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_resource/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_resource/aliases new file mode 100644 index 000000000..49acfee76 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_resource/aliases @@ -0,0 +1,3 @@ +cloud/azure +destructive +shippable/azure/group2 diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_resource/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_resource/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_resource/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_resource/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_resource/tasks/main.yml new file mode 100644 index 000000000..6ec87237d --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_resource/tasks/main.yml @@ -0,0 +1,158 @@ +- name: Prepare random number + set_fact: + nsgname: "{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + storageaccountname: "stacc{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + dbname: "mdb{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + run_once: yes + +- name: Call REST API + azure_rm_resource: + api_version: '2018-02-01' + resource_group: "{{ resource_group }}" + provider: network + resource_type: networksecuritygroups + resource_name: "{{ nsgname }}" + body: + location: eastus + idempotency: yes + register: output + +- name: Assert that something has changed + assert: + that: output.changed + +- name: Call REST API + azure_rm_resource: + api_version: '2018-02-01' + resource_group: "{{ resource_group }}" + provider: network + resource_type: networksecuritygroups + resource_name: "{{ nsgname }}" + body: + location: eastus + idempotency: yes + register: output + +- name: Assert that nothing has changed + assert: + that: not output.changed + +- name: Call REST API + azure_rm_resource: + api_version: '2018-02-01' + resource_group: "{{ resource_group }}" + provider: network + resource_type: networksecuritygroups + resource_name: "{{ nsgname }}" + body: + location: eastus + tags: + a: "abc" + b: "cde" + idempotency: yes + register: output + +- name: Assert that something has changed + assert: + that: output.changed + +- name: Try to get information about account + azure_rm_resource_info: + api_version: '2018-02-01' + resource_group: "{{ resource_group }}" + provider: network + resource_type: networksecuritygroups + resource_name: "{{ nsgname }}" + register: output + +- name: Assert value was returned + assert: + that: + - not output.changed + - output.response[0]['name'] != None + - output.response | length == 1 + +- name: Try to query a list + azure_rm_resource_info: + api_version: '2018-02-01' + resource_group: "{{ resource_group }}" + provider: network + resource_type: networksecuritygroups + register: output +- name: Assert value was returned + assert: + that: + - not output.changed + - output.response[0]['name'] != None + - output.response | length >= 1 + +- name: Try to query a list - same without API version + azure_rm_resource_info: + resource_group: "{{ resource_group }}" + provider: network + resource_type: networksecuritygroups + register: output +- name: Assert value was returned + assert: + that: + - not output.changed + - output.response[0]['name'] != None + - output.response | length >= 1 + +- name: Query all the resources in the resource group + azure_rm_resource_info: + resource_group: "{{ resource_group }}" + resource_type: resources + register: output +- name: Assert value was returned + assert: + that: + - not output.changed + - output.response | length >= 1 + +- name: Create storage account that requires LRO polling + azure_rm_resource: + polling_timeout: 600 + polling_interval: 60 + api_version: '2018-07-01' + resource_group: "{{ resource_group }}" + provider: Storage + resource_type: storageAccounts + resource_name: "{{ storageaccountname }}" + body: + sku: + name: Standard_GRS + kind: Storage + location: eastus + register: output + +- name: Assert that storage was successfully created + assert: + that: "output['response']['name'] == '{{ storageaccountname }}'" + + +- name: Try to storage keys -- special case when subresource part has no name + azure_rm_resource: + resource_group: "{{ resource_group }}" + provider: storage + resource_type: storageAccounts + resource_name: "{{ storageaccountname }}" + subresource: + - type: listkeys + api_version: '2018-03-01-preview' + method: POST + register: keys + +- name: Assert that key was returned + assert: + that: keys['response']['keys'][0]['value'] | length > 0 + +- name: Delete storage - without API version + azure_rm_resource: + polling_timeout: 600 + polling_interval: 60 + method: DELETE + resource_group: "{{ resource_group }}" + provider: Storage + resource_type: storageAccounts + resource_name: "{{ storageaccountname }}" diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_resourcegroup/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_resourcegroup/aliases new file mode 100644 index 000000000..0dbbfceba --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_resourcegroup/aliases @@ -0,0 +1,4 @@ +cloud/azure +shippable/azure/group3 +destructive +azure_rm_resourcegroup_info diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_resourcegroup/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_resourcegroup/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_resourcegroup/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_resourcegroup/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_resourcegroup/tasks/main.yml new file mode 100644 index 000000000..706a855e8 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_resourcegroup/tasks/main.yml @@ -0,0 +1,50 @@ +- name: Get resource group datalake info + azure_rm_resourcegroup_info: + name: "{{ resource_group_datalake }}" + list_resources: yes + register: rg + +- assert: + that: + - rg.resourcegroups | length == 1 + - rg.resourcegroups[0].resources | length >= 0 + +- name: Get resource group info + azure_rm_resourcegroup_info: + register: rg + +- assert: + that: + - rg.resourcegroups | length >= 1 + +- name: Get resource group info + azure_rm_resourcegroup_info: + name: "{{ resource_group }}" + list_resources: yes + register: rg + +- assert: + that: + - rg.resourcegroups | length == 1 + - rg.resourcegroups[0].resources | length >= 0 + +- name: Create resource group (idempontent) + azure_rm_resourcegroup: + name: "{{ resource_group }}" + location: "{{ rg.resourcegroups[0].location }}" + register: output + +- assert: + that: + - not output.changed + +- name: delete resource group + azure_rm_resourcegroup: + name: "{{ resource_group }}" + state: absent + check_mode: yes + register: output + +- assert: + that: + - output.changed
\ No newline at end of file diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_roleassignment/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_roleassignment/aliases new file mode 100644 index 000000000..8767e0189 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_roleassignment/aliases @@ -0,0 +1,3 @@ +cloud/azure +destructive +shippable/azure/group10 diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_roleassignment/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_roleassignment/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_roleassignment/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_roleassignment/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_roleassignment/tasks/main.yml new file mode 100644 index 000000000..c4e4d15d6 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_roleassignment/tasks/main.yml @@ -0,0 +1,220 @@ +- name: setup basic facts + set_fact: + uuid: bb21a88b-30e1-42b5-84e8-1d3f322de033 + # Disk Backup Reader, unlikely to be already assigned in ansible-test resource groups. + az_role_definition_guid: '3e5e47e6-65f7-47ef-90b5-e5dd4d455f24' + +- name: List All + azure_rm_roleassignment_info: + register: az_role_assignments + +- name: Fetch specific assignments + azure_rm_roleassignment_info: + name: "{{ item.name | default(omit) }}" + assignee: "{{ item.assignee | default(omit) }}" + id: "{{ item.id | default(omit) }}" + role_definition_id: "{{ item.role_definition_id | default(omit) }}" + scope: "{{ item.scope | default(omit) }}" + strict_scope_match: True + register: az_role_assignment_specific + loop: + - name: "{{ az_role_assignments.roleassignments[0].name }}" + scope: "{{ az_role_assignments.roleassignments[0].scope }}" + - assignee: "{{ az_role_assignments.roleassignments[0].principal_id }}" + scope: "{{ az_role_assignments.roleassignments[0].scope }}" + role_definition_id: "{{ az_role_assignments.roleassignments[0].role_definition_id }}" + - id: "{{ az_role_assignments.roleassignments[0].id }}" + +- name: check specific fetch for single return + assert: + that: + - "{{ ( item.roleassignments | length) == 1 }}" + loop: "{{ az_role_assignment_specific.results }}" + +- name: Intentional mutual exclusion info + azure_rm_roleassignment_info: + name: "{{ item.name | default(omit) }}" + assignee: "{{ item.assignee | default(omit) }}" + id: "{{ item.id | default(omit) }}" + scope: "{{ item.scope | default(omit) }}" + register: failures_info + ignore_errors: True + loop: + - name: "{{ az_role_assignments.roleassignments[0].name }}" + assignee: "{{ az_role_assignments.roleassignments[0].principal_id }}" + - assignee: "{{ az_role_assignments.roleassignments[0].principal_id }}" + id: "{{ az_role_assignments.roleassignments[0].id }}" + - name: "{{ az_role_assignments.roleassignments[0].name }}" + id: "{{ az_role_assignments.roleassignments[0].id }}" + +- name: check intended failures + assert: + that: + - item.failed + loop: "{{ failures_info.results }}" + +- name: Intentional failures mutable + azure_rm_roleassignment: + name: "{{ item.name | default(omit) }}" + assignee_object_id: "{{ item.assignee | default(omit) }}" + id: "{{ item.id | default(omit) }}" + scope: "{{ item.scope | default(omit) }}" + role_definition_id: "{{ item.role_definition_id | default(omit) }}" + state: "{{ item.state | default(omit) }}" + register: failures_mutable + ignore_errors: True + loop: + # mutually exclusive + - scope: "{{ az_role_assignments.roleassignments[0].scope }}" + id: "{{ az_role_assignments.roleassignments[0].id }}" + # mutually exclusive + - name: "{{ az_role_assignments.roleassignments[0].name }}" + id: "{{ az_role_assignments.roleassignments[0].id }}" + # missing required role_definition_id + - scope: "{{ az_role_assignments.roleassignments[0].scope }}" + assignee_object_id: "{{ az_role_assignments.roleassignments[0].principal_id }}" + state: "present" + # missing required assignee_object_id + - scope: "{{ az_role_assignments.roleassignments[0].scope }}" + role_definition_id: "{{ az_role_assignments.roleassignments[0].role_definition_id }}" + state: "present" + # missing required role_definition_id + - scope: "{{ az_role_assignments.roleassignments[0].scope }}" + assignee_object_id: "{{ az_role_assignments.roleassignments[0].principal_id }}" + state: "absent" + # missing required assignee_object_id + - scope: "{{ az_role_assignments.roleassignments[0].scope }}" + role_definition_id: "{{ az_role_assignments.roleassignments[0].role_definition_id }}" + state: "absent" + +- name: check intended failures + assert: + that: + - item.failed + loop: "{{ failures_mutable.results }} " + +- name: get resource group info + azure_rm_resourcegroup_info: + name: "{{ resource_group }}" + register: az_resource_group + +- name: create role assignment by id + azure_rm_roleassignment: + id: "{{ az_resource_group.resourcegroups[0].id }}/providers/Microsoft.Authorization/roleAssignments/{{ uuid }}" + assignee_object_id: "{{ az_role_assignments.roleassignments[0].principal_id }}" + role_definition_id: "/subscriptions/{{ az_resource_group.resourcegroups[0].id.split('/')[2] }}/providers/Microsoft.Authorization/roleDefinitions/{{ az_role_definition_guid }}" + register: az_role_assignment_create + +- name: create role assignment by scope + azure_rm_roleassignment: + scope: "{{ az_resource_group.resourcegroups[0].id }}" + assignee_object_id: "{{ az_role_assignments.roleassignments[0].principal_id }}" + role_definition_id: "/subscriptions/{{ az_resource_group.resourcegroups[0].id.split('/')[2] }}/providers/Microsoft.Authorization/roleDefinitions/{{ az_role_definition_guid }}" + register: az_role_assignment_idempotent + +- name: check idempotence + assert: + that: + - az_role_assignment_idempotent.changed == False + +- name: List Role Assignments by Name + azure_rm_roleassignment_info: + name: "{{ az_role_assignment_create.name }}" + scope: "{{ az_role_assignment_create.scope }}" + register: az_role_assignment_by_name + +- name: List Role Assignments at scope + azure_rm_roleassignment_info: + scope: "{{ az_resource_group.resourcegroups[0].id }}" + register: az_role_assignment_by_scope + +- name: List Role Assignments at scope with strict matching + azure_rm_roleassignment_info: + scope: "{{ az_role_assignments.roleassignments[0].scope }}" + strict_scope_match: True + register: az_role_assignment_by_scope_strict + +- name: check strict scope matching + assert: + that: + - item.scope == az_role_assignments.roleassignments[0].scope + loop: "{{ az_role_assignment_by_scope_strict.roleassignments }}" + +- name: List Role Assignments at id + azure_rm_roleassignment_info: + id: "{{ az_role_assignment_create.id }}" + register: az_role_assignment_by_id + +- name: List Role Assignments by assignee + azure_rm_roleassignment_info: + assignee: "{{ az_role_assignments.roleassignments[0].principal_id }}" + register: az_role_assignment_by_assignee + +- name: Delete Role Assignment by id + azure_rm_roleassignment: + id: "{{ az_role_assignment_create.id }}" + state: absent + register: az_role_assignment_delete + when: az_role_assignment_create.changed + +- name: create role assignment with name + azure_rm_roleassignment: + scope: "{{ az_resource_group.resourcegroups[0].id }}" + assignee_object_id: "{{ az_role_assignments.roleassignments[0].principal_id }}" + role_definition_id: "/subscriptions/{{ az_resource_group.resourcegroups[0].id.split('/')[2] }}/providers/Microsoft.Authorization/roleDefinitions/{{ az_role_definition_guid }}" + name: "{{ uuid }}" + register: az_role_assignment_create + +- name: Delete Role by Name + azure_rm_roleassignment: + scope: "{{ az_resource_group.resourcegroups[0].id }}" + name: "{{ uuid }}" + state: absent + register: az_role_assignment_delete + when: az_role_assignment_create.changed + +- name: create role assignment by scope + azure_rm_roleassignment: + scope: "{{ az_resource_group.resourcegroups[0].id }}" + assignee_object_id: "{{ az_role_assignments.roleassignments[0].principal_id }}" + role_definition_id: "/subscriptions/{{ az_resource_group.resourcegroups[0].id.split('/')[2] }}/providers/Microsoft.Authorization/roleDefinitions/{{ az_role_definition_guid }}" + register: az_role_assignment_create_by_scope + +- name: delete by scope, assignee_object_id and role_definition_id + azure_rm_roleassignment: + scope: "{{ az_resource_group.resourcegroups[0].id }}" + assignee_object_id: "{{ az_role_assignments.roleassignments[0].principal_id }}" + role_definition_id: "/subscriptions/{{ az_resource_group.resourcegroups[0].id.split('/')[2] }}/providers/Microsoft.Authorization/roleDefinitions/{{ az_role_definition_guid }}" + state: absent + register: az_role_assignment_delete + when: az_role_assignment_create.changed + +- name: absent assignment that doesn't exist - id + azure.azcollection.azure_rm_roleassignment: + id: "{{ az_role_assignment_delete.id }}" + state: absent + register: absent_nochange_id + +- name: absent assignment that doesn't exist - name + azure.azcollection.azure_rm_roleassignment: + name: "{{ az_role_assignment_delete.name }}" + scope: "{{ az_role_assignment_delete.scope }}" + state: absent + register: absent_nochange_name + +- name: absent assignment that doesn't exist - properties + azure.azcollection.azure_rm_roleassignment: + scope: "{{ az_role_assignment_delete.scope }}" + assignee_object_id: "{{ az_role_assignment_delete.assignee_object_id }}" + role_definition_id: "{{ az_role_assignment_delete.role_definition_id }}" + state: absent + register: absent_nochange_properties + +- name: check intended failures info + assert: + that: + - item.changed == false + loop: + - "{{ absent_nochange_properties }}" + - "{{ absent_nochange_id }}" + - "{{ absent_nochange_name }}" diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_roledefinition/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_roledefinition/aliases new file mode 100644 index 000000000..35b940115 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_roledefinition/aliases @@ -0,0 +1,3 @@ +cloud/azure +destructive +unsupported
\ No newline at end of file diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_roledefinition/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_roledefinition/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_roledefinition/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_roledefinition/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_roledefinition/tasks/main.yml new file mode 100644 index 000000000..15cf266b6 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_roledefinition/tasks/main.yml @@ -0,0 +1,211 @@ +- name: Fix resource prefix + set_fact: + role_name: "{{ (resource_group | replace('-','x'))[-8:] }}{{ 1000 | random }}testrole" + subscription_id: "{{azure_subscription_id}}" + principal_id: "{{azure_client_id}}" + run_once: yes + +- name: Create a role definition (Check Mode) + azure_rm_roledefinition: + name: "{{ role_name }}" + scope: "/subscriptions/{{ subscription_id }}/resourceGroups/{{ resource_group }}" + permissions: + - actions: + - "Microsoft.Compute/virtualMachines/read" + not_actions: + - "Microsoft.Compute/virtualMachines/write" + data_actions: + - "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read" + not_data_actions: + - "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write" + assignable_scopes: + - "/subscriptions/{{ subscription_id }}/resourceGroups/{{ resource_group }}" + check_mode: yes + register: output + +- name: Assert creating role definition check mode + assert: + that: + - output.changed + +- name: Create a role definition + azure_rm_roledefinition: + name: "{{ role_name }}" + scope: "/subscriptions/{{ subscription_id }}/resourceGroups/{{ resource_group }}" + permissions: + - actions: + - "Microsoft.Compute/virtualMachines/read" + not_actions: + - "Microsoft.Compute/virtualMachines/write" + data_actions: + - "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read" + not_data_actions: + - "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write" + assignable_scopes: + - "/subscriptions/{{ subscription_id }}/resourceGroups/{{ resource_group }}" + register: output + +- name: Assert creating role definition + assert: + that: + - output.changed + + +## because of the bug of azure service , the following tasks will cause failures randomly +# +#- name: Get facts by type +# azure_rm_roledefinition_info: +# scope: "/subscriptions/{{ subscription_id }}/resourceGroups/{{ resource_group }}" +# type: custom +# register: facts +# +#- name: Assert facts +# assert: +# that: +# - facts['roledefinitions'] | length > 1 +# +#- name: Get facts by name +# azure_rm_roledefinition_info: +# scope: "/subscriptions/{{ subscription_id }}/resourceGroups/{{ resource_group }}" +# role_name: "{{ role_name }}" +# register: facts +# until: facts.roledefinitions | length > 0 +# retries: 50 +# delay: 60 +# +#- name: Assert facts +# assert: +# that: +# - facts['roledefinitions'] | length == 1 +# - facts['roledefinitions'][0]['permissions'] | length == 1 +# - facts['roledefinitions'][0]['permissions'][0]['not_data_actions'] | length == 1 +# - facts['roledefinitions'][0]['permissions'][0]['data_actions'] | length == 1 +# +#- name: Update the role definition (idempotent) +# azure_rm_roledefinition: +# name: "{{ role_name }}" +# scope: "/subscriptions/{{ subscription_id }}/resourceGroups/{{ resource_group }}" +# permissions: +# - actions: +# - "Microsoft.Compute/virtualMachines/read" +# not_actions: +# - "Microsoft.Compute/virtualMachines/write" +# data_actions: +# - "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read" +# not_data_actions: +# - "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write" +# assignable_scopes: +# - "/subscriptions/{{ subscription_id }}/resourceGroups/{{ resource_group }}" +# register: output +# +#- name: assert output not changed +# assert: +# that: +# - not output.changed +# +#- name: Update the role definition +# azure_rm_roledefinition: +# name: "{{ role_name }}" +# description: "update description" +# scope: "/subscriptions/{{ subscription_id }}/resourceGroups/{{ resource_group }}" +# permissions: +# - actions: +# - "Microsoft.Compute/virtualMachines/read" +# - "Microsoft.Compute/virtualMachines/start/action" +# not_actions: +# - "Microsoft.Compute/virtualMachines/write" +# data_actions: +# - "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read" +# not_data_actions: +# - "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write" +# assignable_scopes: +# - "/subscriptions/{{ subscription_id }}/resourceGroups/{{ resource_group }}" +# register: output +# +#- name: assert output changed +# assert: +# that: +# - output.changed +# +#- name: Get role definition facts +# azure_rm_roledefinition_info: +# role_name: "{{ role_name }}" +# scope: "/subscriptions/{{ subscription_id }}/resourceGroups/{{ resource_group }}" +# type: custom +# register: roledef +# until: "{{ roledef.roledefinitions | length > 0 }}" +# retries: 50 +# delay: 60 +# +#- name: Assert role definition facts +# assert: +# that: +# - roledef['roledefinitions'] | length == 1 +# - roledef['roledefinitions'][0]['id'] +# +#- name: Create a role assignment (Check Mode) +# azure_rm_roleassignment: +# scope: "/subscriptions/{{ subscription_id }}/resourceGroups/{{ resource_group }}" +# assignee_object_id: "{{ principal_id }}" +# role_definition_id: "{{ roledef['roledefinitions'][0]['id'] }}" +# check_mode: yes +# register: output +# +#- name: Assert creating role definition check mode +# assert: +# that: +# - output.changed +# +#- name: Create a role assignment +# azure_rm_roleassignment: +# scope: "/subscriptions/{{ subscription_id }}/resourceGroups/{{ resource_group }}" +# assignee_object_id: "{{ principal_id }}" +# role_definition_id: "{{ roledef['roledefinitions'][0]['id'] }}" +# register: output +# +#- name: Assert creating role assignment +# assert: +# that: +# - output.changed +# +#- name: Get facts +# azure_rm_roleassignment_info: +# scope: "/subscriptions/{{ subscription_id }}/resourceGroups/{{ resource_group }}" +# assignee: "{{ principal_id }}" +# role_definition_id: "{{ roledef['roledefinitions'][0]['id'] }}" +# register: facts +# +#- name: assert role assignment facts +# assert: +# that: +# - facts['roleassignments'] | length > 0 +# - facts['roleassignments'][0]['id'] +# +#- name: delete role assignment +# azure_rm_roleassignment: +# name: "{{ facts['roleassignments'][0]['id'].split('/')[-1] }}" +# scope: "/subscriptions/{{ subscription_id }}" +# state: absent +# +#- name: Delete the role definition (Check Mode) +# azure_rm_roledefinition: +# name: "{{ role_name }}" +# scope: "/subscriptions/{{ subscription_id }}/resourceGroups/{{ resource_group }}" +# state: absent +# check_mode: yes +# register: output +# +#- name: assert deleting role definition check mode +# assert: +# that: output.changed +# +#- name: Delete the role definition +# azure_rm_roledefinition: +# name: "{{ role_name }}" +# scope: "/subscriptions/{{ subscription_id }}/resourceGroups/{{ resource_group }}" +# state: absent +# register: output +# +#- assert: +# that: +# - output.changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_routetable/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_routetable/aliases new file mode 100644 index 000000000..759eafa2d --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_routetable/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group3 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_routetable/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_routetable/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_routetable/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_routetable/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_routetable/tasks/main.yml new file mode 100644 index 000000000..98b3c752a --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_routetable/tasks/main.yml @@ -0,0 +1,195 @@ +- name: Prepare random number + set_fact: + name: "table{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + route_name: "route{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + run_once: yes + +- name: Create a route table (check mode) + azure_rm_routetable: + name: "{{ name }}" + resource_group: "{{ resource_group }}" + tags: + purpose: testing + check_mode: yes + register: output + +- assert: + that: + - not output.id + - output.changed + +- name: Create a route table + azure_rm_routetable: + name: "{{ name }}" + resource_group: "{{ resource_group }}" + tags: + purpose: testing + register: output + +- assert: + that: + - output.changed + - output.id + +- name: Create a route table (idemponent) + azure_rm_routetable: + name: "{{ name }}" + resource_group: "{{ resource_group }}" + tags: + purpose: testing + register: output + +- assert: + that: + - not output.changed + +- name: Get facts of the table + azure_rm_routetable_info: + name: "{{ name }}" + resource_group: "{{ resource_group }}" + register: output + +- assert: + that: + - "output.route_tables | length == 1" + - "output.route_tables[0].routes | length == 0" + +- name: Create route (check mode) + azure_rm_route: + name: "{{ route_name }}" + resource_group: "{{ resource_group }}" + next_hop_type: virtual_network_gateway + address_prefix: "10.1.0.0/16" + route_table_name: "{{ name }}" + check_mode: yes + register: output + +- assert: + that: + - output.changed + - not output.id + +- name: Create route + azure_rm_route: + name: "{{ route_name }}" + resource_group: "{{ resource_group }}" + next_hop_type: virtual_network_gateway + address_prefix: "10.1.0.0/16" + route_table_name: "{{ name }}" + register: output + +- assert: + that: + - output.changed + - output.id + +- name: Create route (idemponent) + azure_rm_route: + name: "{{ route_name }}" + resource_group: "{{ resource_group }}" + next_hop_type: virtual_network_gateway + address_prefix: "10.1.0.0/16" + route_table_name: "{{ name }}" + register: output + +- assert: + that: + - not output.changed + +- name: update route + azure_rm_route: + name: "{{ route_name }}" + resource_group: "{{ resource_group }}" + next_hop_type: virtual_network_gateway + address_prefix: "10.1.0.0/24" + route_table_name: "{{ name }}" + register: output + +- assert: + that: + - output.changed + +- name: Get facts of the route + azure_rm_route_info: + name: "{{ route_name }}" + resource_group: "{{ resource_group }}" + route_table_name: "{{ name }}" + register: output + +- assert: + that: + - output.routes[0].address_prefix == "10.1.0.0/24" + - output.routes[0].next_hop_type == "VirtualNetworkGateway" + +- name: Get facts of the table + azure_rm_routetable_info: + name: "{{ name }}" + resource_group: "{{ resource_group }}" + register: output + +- assert: + that: + - "output.route_tables | length == 1" + - "output.route_tables[0].routes | length == 1" + - output.route_tables[0].routes[0].address_prefix == '10.1.0.0/24' + +- name: Delete route (check mode) + azure_rm_route: + name: "{{ route_name }}" + resource_group: "{{ resource_group }}" + route_table_name: "{{ name }}" + state: absent + check_mode: yes + +- name: Delete route + azure_rm_route: + name: "{{ route_name }}" + resource_group: "{{ resource_group }}" + state: absent + route_table_name: "{{ name }}" + register: output + +- assert: + that: + - output.changed + +- name: Delete route (idemponent) + azure_rm_route: + name: "{{ route_name }}" + resource_group: "{{ resource_group }}" + state: absent + route_table_name: "{{ name }}" + register: output + +- assert: + that: + - not output.changed + +- name: Delete route table (check mode) + azure_rm_routetable: + name: "{{ name }}" + resource_group: "{{ resource_group }}" + state: absent + check_mode: yes + +- name: Delete route table + azure_rm_routetable: + name: "{{ name }}" + resource_group: "{{ resource_group }}" + state: absent + register: output + +- assert: + that: + - output.changed + +- name: Delete route table (idemponent) + azure_rm_routetable: + name: "{{ name }}" + resource_group: "{{ resource_group }}" + state: absent + register: output + +- assert: + that: + - not output.changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_securitygroup/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_securitygroup/aliases new file mode 100644 index 000000000..7f7d9528f --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_securitygroup/aliases @@ -0,0 +1,4 @@ +cloud/azure +shippable/azure/group2 +destructive +azure_rm_securitygroup_info diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_securitygroup/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_securitygroup/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_securitygroup/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_securitygroup/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_securitygroup/tasks/main.yml new file mode 100644 index 000000000..dd35db16a --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_securitygroup/tasks/main.yml @@ -0,0 +1,377 @@ +- name: Prepare random number + set_fact: + secgroupname: "sg{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + asg_name1: "asg1{{ resource_group | hash('md5') | truncate(7, True, '') }}" + asg_name2: "asg2{{ resource_group | hash('md5') | truncate(7, True, '') }}" + sg_name1: "sgasg{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + run_once: yes + +- name: Create security group + azure_rm_securitygroup: + resource_group: "{{ resource_group }}" + name: "{{ secgroupname }}" + tags: + testing: testing + delete: on-exit + foo: bar + testkey: testvalue + purge_rules: yes + rules: + - name: DenySSH + protocol: Tcp + destination_port_range: 22 + access: Deny + priority: 100 + direction: Inbound + - name: AllowSSH + protocol: Tcp + source_address_prefix: 174.109.158.0/24 + destination_port_range: 22 + access: Allow + priority: 101 + direction: Inbound + register: output +- name: assert resource created + assert: + that: "{{ output.state.rules | length }} == 2" + +- name: Gather facts by tags + azure_rm_securitygroup_info: + resource_group: "{{ resource_group }}" + tags: + - testing + - foo:bar + - testkey + register: output +- name: assert resource retrieved + assert: + that: + - output.securitygroups | length == 1 + - output.securitygroups[0].default_rules | length > 0 + - output.securitygroups[0].name == '{{ secgroupname }}' + - output.securitygroups[0].network_interfaces | length == 0 + - output.securitygroups[0].rules | length == 2 + - output.securitygroups[0].subnets | length == 0 + +- name: Add/Update rules on existing security group + azure_rm_securitygroup: + resource_group: "{{ resource_group }}" + name: "{{ secgroupname }}" + rules: + - name: AllowSSH + protocol: Tcp + source_address_prefix: 174.108.158.0/24 + destination_port_range: 22 + access: Allow + priority: 101 + - name: AllowSSHFromHome + protocol: Tcp + source_address_prefix: 174.109.158.0/24 + destination_port_range: 22-23 + priority: 102 + - name: AllowHTTPandHTTPS + protocol: Tcp + source_address_prefix: 174.109.158.0/24 + destination_port_range: + - 80 + - 443 + priority: 103 + register: output +- name: assert resource updated + assert: + that: + - "{{ output.state.rules | length }} == 4" + - output.state.rules[0].source_address_prefix == '174.108.158.0/24' + +- name: Gather facts after update + azure_rm_securitygroup_info: + resource_group: "{{ resource_group }}" + name: "{{ secgroupname }}" + register: output +- name: assert rules updated + assert: + that: + - output.securitygroups[0].rules | length == 4 + +- name: Test idempotence + azure_rm_securitygroup: + resource_group: "{{ resource_group }}" + name: "{{ secgroupname }}" + rules: + - name: AllowSSH + protocol: Tcp + source_address_prefix: 174.108.158.0/24 + destination_port_range: 22 + access: Allow + priority: 101 + - name: AllowSSHFromHome + protocol: Tcp + source_address_prefix: 174.109.158.0/24 + destination_port_range: 22-23 + priority: 102 + - name: AllowHTTPandHTTPS + protocol: Tcp + source_address_prefix: 174.109.158.0/24 + destination_port_range: + - 80 + - 443 + priority: 103 + register: output +- name: assert resource not updated + assert: + that: not output.changed + +- name: Update tags + azure_rm_securitygroup: + resource_group: "{{ resource_group }}" + name: "{{ secgroupname }}" + tags: + testing: testing + delete: never + baz: bar + append_tags: false + register: output +- name: assert resource updated + assert: + that: + - output.state.tags | length == 3 + - output.state.tags.delete == 'never' + +- name: Purge tags + azure_rm_securitygroup: + resource_group: "{{ resource_group }}" + name: "{{ secgroupname }}" + append_tags: false + tags: + testing: testing + delete: on-exit + register: output +- name: assert resource updated + assert: + that: + - output.state.tags | length == 2 + - output.state.tags.delete == 'on-exit' + +- name: Gather facts for one accounts + azure_rm_securitygroup_info: + resource_group: "{{ resource_group }}" + name: "{{ secgroupname }}" + register: output +- name: assert resource retrieved + assert: + that: + - output.securitygroups | length == 1 + +- name: Gather facts for all accounts + azure_rm_securitygroup_info: + resource_group: "{{ resource_group }}" + tags: + - testing:testing + register: output_groups +- name: assert resource retrieved + assert: + that: + - output_groups.securitygroups | length > 0 + +- name: Create security group with source_address_prefixes + azure_rm_securitygroup: + resource_group: "{{ resource_group }}" + name: "{{ secgroupname }}" + tags: + testing: testing + delete: on-exit + foo: bar + purge_rules: yes + rules: + - name: AllowSSH + protocol: Tcp + source_address_prefix: + - 52.100.120.240 + - 53.100.250.190 + - 54.110.200.200 + destination_port_range: 22 + access: Allow + priority: 101 + direction: Inbound + register: output +- name: assert resource created + assert: + that: + - "{{ output.state.rules | length }} == 1" + - "{{ output.state.rules[0].source_address_prefixes | length }} == 3" + - not output.state.rules[0].source_address_prefix + +- name: Create security group with source_address_prefixes(idempotent) + azure_rm_securitygroup: + resource_group: "{{ resource_group }}" + name: "{{ secgroupname }}" + tags: + testing: testing + delete: on-exit + foo: bar + purge_rules: yes + rules: + - name: AllowSSH + protocol: Tcp + source_address_prefix: + - 52.100.120.240 + - 53.100.250.190 + - 54.110.200.200 + destination_port_range: 22 + access: Allow + priority: 101 + direction: Inbound + register: output +- name: assert resource not updated + assert: + that: not output.changed + +- name: Add a single one group + azure_rm_securitygroup: + resource_group: "{{ resource_group }}" + name: "{{ secgroupname }}" + tags: + testing: testing + delete: on-exit + foo: bar + rules: + - name: DenySSH + protocol: Tcp + source_address_prefix: + - 54.120.120.240 + destination_port_range: 22 + access: Deny + priority: 102 + direction: Inbound + register: output +- name: assert resource updated + assert: + that: + - output.changed + - "{{ output.state.rules | length }} == 2" + +# Use azure_rm_resource module to create with uppercase protocol name +- name: Create security group with uppercase protocol name + azure_rm_resource: + resource_group: "{{ resource_group }}" + provider: network + resource_type: networkSecurityGroups + resource_name: "{{ secgroupname }}" + api_version: 2022-07-01 + body: + location: "{{ output.state.location }}" + properties: + securityRules: + - name: Upper_Protocal + properties: + protocol: TCP # UPPERCASE + access: Allow + sourceAddressPrefix: "*" + sourcePortRange: "*" + destinationAddressPrefix: "*" + destinationPortRange: 80 + priority: 100 + direction: Inbound + +- name: Create security group with capitalized protocol name(idempotent) + azure_rm_securitygroup: + resource_group: "{{ resource_group }}" + name: "{{ secgroupname }}" + rules: + - name: Upper_Protocal + protocol: Tcp # Capitalized + access: Allow + destination_port_range: 80 + priority: 100 + direction: Inbound + register: output +- name: assert resource not updated + assert: + that: + - not output.changed + +- name: Create Application security group 1 + azure_rm_applicationsecuritygroup: + resource_group: "{{ resource_group }}" + name: "{{ asg_name1 }}" + tags: + testing: testing + register: asg1 + +- name: Create Application security group 2 + azure_rm_applicationsecuritygroup: + resource_group: "{{ resource_group_secondary }}" + name: "{{ asg_name2 }}" + tags: + testing: testing + register: asg2 + +- name: Create security group with application security group + azure_rm_securitygroup: + resource_group: "{{ resource_group }}" + name: "{{ sg_name1 }}" + purge_rules: yes + rules: + - name: AsgToAsg + protocol: Tcp + source_application_security_groups: + - "{{ asg1.id }}" + destination_application_security_groups: + - resource_group: "{{ resource_group_secondary }}" + name: "{{ asg_name2 }}" + destination_port_range: 22 + access: Allow + priority: 101 + direction: Inbound + register: output +- name: assert resource retrieved + assert: + that: + - output.changed + +- name: Create security group with application security group - Idempotent + azure_rm_securitygroup: + resource_group: "{{ resource_group }}" + name: "{{ sg_name1 }}" + purge_rules: yes + rules: + - name: AsgToAsg + protocol: Tcp + source_application_security_groups: + - "{{ asg_name1 }}" + destination_application_security_groups: + - resource_group: "{{ resource_group_secondary }}" + name: "{{ asg_name2 }}" + destination_port_range: 22 + access: Allow + priority: 101 + direction: Inbound + register: output +- name: assert resource not updated + assert: + that: + - not output.changed + +- name: Delete security group + azure_rm_securitygroup: + resource_group: "{{ resource_group }}" + name: "{{ sg_name1 }}" + state: absent + +- name: Delete security group + azure_rm_securitygroup: + resource_group: "{{ resource_group }}" + name: "{{ secgroupname }}" + state: absent + +- name: Clean up Application security group 2 + azure_rm_applicationsecuritygroup: + resource_group: "{{ resource_group }}" + name: "{{ asg_name1 }}" + state: absent + +- name: Clean up Application security group 2 + azure_rm_applicationsecuritygroup: + resource_group: "{{ resource_group_secondary }}" + name: "{{ asg_name2 }}" + state: absent diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_servicebus/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_servicebus/aliases new file mode 100644 index 000000000..cc941b59c --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_servicebus/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group12 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_servicebus/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_servicebus/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_servicebus/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_servicebus/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_servicebus/tasks/main.yml new file mode 100644 index 000000000..1bc4c11f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_servicebus/tasks/main.yml @@ -0,0 +1,181 @@ +- name: Prepare random number + set_fact: + rpfx: "{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + run_once: yes + +- name: Create a namespace + azure_rm_servicebus: + name: "ns{{ rpfx }}" + resource_group: "{{ resource_group }}" + sku: premium + tags: + key1: value1 + register: namespace + +- assert: + that: + - namespace.id + - namespace.changed + - namespace.tags + +- name: Create a namespace (idempontent) + azure_rm_servicebus: + name: "ns{{ rpfx }}" + resource_group: "{{ resource_group }}" + register: namespace + +- assert: + that: + - not namespace.changed + +- name: Create a queue + azure_rm_servicebusqueue: + name: "queue{{ rpfx }}" + namespace: "ns{{ rpfx }}" + resource_group: "{{ resource_group }}" + max_message_size_in_kb: 2048 + max_size_in_mb: 2048 + register: queue + +- assert: + that: + - queue.id + - queue.changed + +- name: Create a topic (check mode) + azure_rm_servicebustopic: + name: "topic{{ rpfx }}" + resource_group: "{{ resource_group }}" + namespace: "ns{{ rpfx }}" + duplicate_detection_time_in_seconds: 600 + max_message_size_in_kb: 2048 + max_size_in_mb: 2048 + check_mode: yes + register: output + +- assert: + that: + - output.changed + +- name: Create a topic + azure_rm_servicebustopic: + name: "topic{{ rpfx }}" + resource_group: "{{ resource_group }}" + namespace: "ns{{ rpfx }}" + duplicate_detection_time_in_seconds: 600 + max_message_size_in_kb: 2048 + max_size_in_mb: 2048 + register: output + +- assert: + that: + - output.changed + - output.id + - "'subscription_count' not in output" + +- name: Create a topic (idempontent) + azure_rm_servicebustopic: + name: "topic{{ rpfx }}" + resource_group: "{{ resource_group }}" + namespace: "ns{{ rpfx }}" + duplicate_detection_time_in_seconds: 600 + max_message_size_in_kb: 2048 + max_size_in_mb: 2048 + register: output + +- assert: + that: + - not output.changed + +- name: Create test policy + azure_rm_servicebussaspolicy: + name: testpolicy + resource_group: "{{ resource_group }}" + namespace: "ns{{ rpfx }}" + topic: "topic{{ rpfx }}" + rights: manage + +- name: Create a subscription + azure_rm_servicebustopicsubscription: + name: "subs{{ rpfx }}" + resource_group: "{{ resource_group }}" + namespace: "ns{{ rpfx }}" + topic: "topic{{ rpfx }}" + register: subs + +- assert: + that: + - subs.id + - subs.changed + +- name: Retrive topic + azure_rm_servicebus_info: + type: topic + name: "topic{{ rpfx }}" + resource_group: "{{ resource_group }}" + namespace: "ns{{ rpfx }}" + show_sas_policies: yes + register: facts + +- assert: + that: + - "facts.servicebuses | length == 1" + - facts.servicebuses[0].id == output.id + - facts.servicebuses[0].subscription_count == 1 + - facts.servicebuses[0].sas_policies.testpolicy + - facts.servicebuses[0].sas_policies.testpolicy.rights == 'manage' + +- name: Delete subscription + azure_rm_servicebustopicsubscription: + name: "subs{{ rpfx }}" + resource_group: "{{ resource_group }}" + namespace: "ns{{ rpfx }}" + topic: "topic{{ rpfx }}" + state: absent + +- name: Retrive topic + azure_rm_servicebus_info: + type: topic + name: "topic{{ rpfx }}" + resource_group: "{{ resource_group }}" + namespace: "ns{{ rpfx }}" + show_sas_policies: yes + register: facts + +- assert: + that: + - facts.servicebuses[0].subscription_count == 0 + - "facts.servicebuses | length == 1" + +- name: Delete topic + azure_rm_servicebustopic: + name: "topic{{ rpfx }}" + resource_group: "{{ resource_group }}" + namespace: "ns{{ rpfx }}" + state: absent + +- name: Retrive topic + azure_rm_servicebus_info: + name: "topic{{ rpfx }}" + type: topic + resource_group: "{{ resource_group }}" + namespace: "ns{{ rpfx }}" + show_sas_policies: yes + register: facts + +- assert: + that: + - "facts.servicebuses | length == 0" + +- name: Delete queue + azure_rm_servicebusqueue: + name: "queue{{ rpfx }}" + resource_group: "{{ resource_group }}" + namespace: "ns{{ rpfx }}" + state: absent + +- name: Delete namespace + azure_rm_servicebus: + name: "ns{{ rpfx }}" + resource_group: "{{ resource_group }}" + state: absent diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_sqlmanagedinstance/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_sqlmanagedinstance/aliases new file mode 100644 index 000000000..9d5ba080a --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_sqlmanagedinstance/aliases @@ -0,0 +1,3 @@ +cloud/azure +destructive +shippable/azure/group9 diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_sqlmanagedinstance/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_sqlmanagedinstance/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_sqlmanagedinstance/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_sqlmanagedinstance/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_sqlmanagedinstance/tasks/main.yml new file mode 100644 index 000000000..99c9f80cb --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_sqlmanagedinstance/tasks/main.yml @@ -0,0 +1,182 @@ +- name: Prepare random number + set_fact: + random_postfix: "sqlmi{{ 1000 | random }}{{ resource_group | hash('md5') | truncate(7, True, '') }}" + +- name: Create virtual network + azure_rm_virtualnetwork: + name: "{{ random_postfix }}" + address_prefixes_cidr: + - 10.1.0.0/16 + - 172.100.0.0/16 + - fdda:e69b:1587:495e::/64 + dns_servers: + - 127.0.0.1 + - 127.0.0.3 + resource_group: "{{ resource_group }}" + +- name: Create a route table + azure_rm_routetable: + name: "{{ random_postfix }}" + resource_group: "{{ resource_group }}" + tags: + purpose: testing + +- name: Create security group + azure_rm_securitygroup: + resource_group: "{{ resource_group }}" + name: "{{ random_postfix }}" + tags: + testing: testing + delete: on-exit + foo: bar + purge_rules: yes + rules: + - name: DenySSH + protocol: Tcp + destination_port_range: 22 + access: Deny + priority: 100 + direction: Inbound + - name: AllowSSH + protocol: Tcp + source_address_prefix: 174.109.158.0/24 + destination_port_range: 22 + access: Allow + priority: 101 + direction: Inbound + +- name: Add the subnet back + azure_rm_subnet: + name: foobar + virtual_network_name: "{{ random_postfix }}" + resource_group: "{{ resource_group }}" + address_prefix_cidr: "10.1.0.0/24" + security_group: + resource_gorup: "{{ resource_group }}" + name: "{{ random_postfix }}" + route_table: + name: "{{ random_postfix }}" + resource_group: "{{ resource_group }}" + delegations: + - name: 'mysqlinstance' + serviceName: "Microsoft.Sql/managedInstances" + register: subnet_output + +- name: Create sql managed instance (Checkmode test) + azure_rm_sqlmanagedinstance: + resource_group: "{{ resource_group }}" + name: "{{ random_postfix }}" + subnet_id: "{{ subnet_output.state.id }}" + identity: + type: SystemAssigned + sku: + name: GP_Gen5 + tier: GeneralPurpose + family: Gen5 + capacity: 8 + administrator_login: azureuser + administrator_login_password: Fredtest@password0329test + storage_size_in_gb: 256 + v_cores: 8 + tags: + key0: value0 + register: output + +- name: Assert the resource instance is not exist + assert: + that: + - output.changed + +- name: Create sql managed instance + azure_rm_sqlmanagedinstance: + resource_group: "{{ resource_group }}" + name: "{{ random_postfix }}" + subnet_id: "{{ subnet_output.state.id }}" + identity: + type: SystemAssigned + sku: + name: GP_Gen5 + tier: GeneralPurpose + family: Gen5 + capacity: 8 + administrator_login: azureuser + administrator_login_password: Fredtest@password0329test + storage_size_in_gb: 256 + v_cores: 8 + tags: + key0: value0 + register: output + +- name: Assert the resource instance is well created + assert: + that: + - output.changed + +- name: Create sql managed instance (Idempotent test) + azure_rm_sqlmanagedinstance: + resource_group: "{{ resource_group }}" + name: "{{ random_postfix }}" + subnet_id: "{{ subnet_output.state.id }}" + identity: + type: SystemAssigned + sku: + name: GP_Gen5 + tier: GeneralPurpose + family: Gen5 + capacity: 8 + administrator_login: azureuser + storage_size_in_gb: 256 + v_cores: 8 + tags: + key0: value0 + register: output + +- name: Assert the resource instance no changed + assert: + that: + - not output.changed + +- name: Upgarde sql managed instance with tags + azure_rm_sqlmanagedinstance: + resource_group: "{{ resource_group }}" + name: "{{ random_postfix }}" + subnet_id: "{{ subnet_output.state.id }}" + identity: + type: SystemAssigned + sku: + name: GP_Gen5 + tier: GeneralPurpose + family: Gen5 + capacity: 8 + administrator_login: azureuser + administrator_login_password: Fredtest@password0329test + storage_size_in_gb: 256 + v_cores: 8 + tags: + key0: value0 + key1: value1 + register: output + +- name: Assert the resource instance is update + assert: + that: + - output.changed + +- name: Get SQL managed instance by name + azure_rm_sqlmanagedinstance_info: + resource_group: "{{ resource_group }}" + name: "{{ random_postfix }}" + register: output + +- name: Assert the resource instance is well created + assert: + that: + - output.sql_managed_instance[0].tags | length == 1 + - output.sql_managed_instance[0].storage_size_in_gb == 256 + - output.sql_managed_instance[0].sku.name == 'GP_Gen5' + +- name: Delete sql managed instance + azure_rm_sqlmanagedinstance: + resource_group: "{{ resource_group }}" + name: "{{ random_postfix }}" + state: absent diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_sqlserver/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_sqlserver/aliases new file mode 100644 index 000000000..952e4dac8 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_sqlserver/aliases @@ -0,0 +1,8 @@ +cloud/azure +destructive +shippable/azure/group9 +azure_rm_sqlserver_facts +azure_rm_sqldatabase +azure_rm_sqldatabase_facts +azure_rm_sqlfirewallrule +azure_rm_sqlfirewallrule_facts diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_sqlserver/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_sqlserver/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_sqlserver/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_sqlserver/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_sqlserver/tasks/main.yml new file mode 100644 index 000000000..e71b620ca --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_sqlserver/tasks/main.yml @@ -0,0 +1,840 @@ +- name: Prepare random number + set_fact: + random_postfix: "{{ 1000 | random }}{{ resource_group | hash('md5') | truncate(7, True, '') }}" + tenant_id: "{{ azure_tenant }}" + run_azuread_tests: false + azuread_group_name: "Test Security Group" + azuread_group_id: "00000000-0000-0000-0000-000000000000" + run_once: yes + +- name: Create instance of SQL Server -- check mode + azure_rm_sqlserver: + resource_group: "{{ resource_group }}" + name: "sqlsrv{{ random_postfix }}" + location: eastus + admin_username: mylogin + admin_password: Password123! + check_mode: yes + register: output +- name: Assert the resource instance is well created + assert: + that: + - output.changed + +- name: Create instance of SQL Server + azure_rm_sqlserver: + resource_group: "{{ resource_group }}" + name: "sqlsrv{{ random_postfix }}" + location: eastus + admin_username: mylogin + admin_password: Password123! + tags: + aaa: bbb + register: output +- name: Assert the resource instance is well created + assert: + that: + - output.changed + - output.state == 'Ready' + +- name: Create again instance of SQL Server + azure_rm_sqlserver: + resource_group: "{{ resource_group }}" + name: "sqlsrv{{ random_postfix }}" + location: eastus + admin_username: mylogin + admin_password: Password123! + register: output +- name: Assert the state has not changed + assert: + that: + - output.changed == false + - output.state == 'Ready' + +- name: Create extended instance of SQL Server + azure_rm_sqlserver: + resource_group: "{{ resource_group }}" + name: "sqlsrv-extended-{{ random_postfix }}" + location: eastus + admin_username: mylogin2 + admin_password: Password123! + minimal_tls_version: '1.2' + public_network_access: Disabled + restrict_outbound_network_access: Enabled + tags: + aaa: bbb + register: output +- name: Assert the resource instance is well created + assert: + that: + - output.changed + - output.state == 'Ready' + +- name: Create extended instance of SQL Server - idempotent + azure_rm_sqlserver: + resource_group: "{{ resource_group }}" + name: "sqlsrv-extended-{{ random_postfix }}" + location: eastus + admin_username: mylogin2 + admin_password: Password123! + minimal_tls_version: '1.2' + public_network_access: Disabled + restrict_outbound_network_access: Enabled + tags: + aaa: bbb + register: output +- name: Assert the state has not changed + assert: + that: + - not output.changed + - output.state == 'Ready' + +- name: Update SQL admin password + azure_rm_sqlserver: + resource_group: "{{ resource_group }}" + name: "sqlsrv-extended-{{ random_postfix }}" + location: eastus + admin_password: Password123!321! + change_admin_password: true + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Create instance of SQL Server with Azure AD admin + azure_rm_sqlserver: + resource_group: "{{ resource_group }}" + name: "sqlsrv-azuread-{{ random_postfix }}" + location: eastus + admin_username: sqllogin + admin_password: Password123! + administrators: + principal_type: Group + login: "{{ azuread_group_name }}" + sid: "{{ azuread_group_id }}" + tenant_id: "{{ tenant_id }}" + azure_ad_only_authentication: false + register: output + when: run_azuread_tests | bool +- name: Assert the resource instance is well created + assert: + that: + - output.changed + - output.state == 'Ready' + when: run_azuread_tests | bool + +- name: Create instance of SQL Server with Azure AD admin - idempotent + azure_rm_sqlserver: + resource_group: "{{ resource_group }}" + name: "sqlsrv-azuread-{{ random_postfix }}" + location: eastus + admin_username: sqllogin + admin_password: Password123! + administrators: + principal_type: Group + login: "{{ azuread_group_name }}" + sid: "{{ azuread_group_id }}" + tenant_id: "{{ tenant_id }}" + azure_ad_only_authentication: false + register: output + when: run_azuread_tests | bool +- name: Assert the state has not changed + assert: + that: + - not output.changed + - output.state == 'Ready' + when: run_azuread_tests | bool + +# azure_rm_sqlserver_facts tests + +- name: Gather facts SQL Server + azure_rm_sqlserver_info: + resource_group: "{{ resource_group }}" + server_name: "sqlsrv{{ random_postfix }}" + register: output +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.servers.sqlsrv{{ random_postfix }}.id != None + - output.servers.sqlsrv{{ random_postfix }}.name == "sqlsrv{{ random_postfix }}" + - output.servers.sqlsrv{{ random_postfix }}.type != None + - output.servers.sqlsrv{{ random_postfix }}.location != None + - output.servers.sqlsrv{{ random_postfix }}.kind != None + - output.servers.sqlsrv{{ random_postfix }}.version != None + - output.servers.sqlsrv{{ random_postfix }}.state != None + - output.servers.sqlsrv{{ random_postfix }}.fully_qualified_domain_name != None + - output.servers.sqlsrv{{ random_postfix }}.tags.aaa == 'bbb' + - output.servers.sqlsrv{{ random_postfix }}.admin_username == 'mylogin' + - output.servers.sqlsrv{{ random_postfix }}.administrators == None + +- name: Gather facts for extended SQL Server + azure_rm_sqlserver_info: + resource_group: "{{ resource_group }}" + server_name: "sqlsrv-extended-{{ random_postfix }}" + register: output +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.servers['sqlsrv-extended-{{ random_postfix }}'].id != None + - output.servers['sqlsrv-extended-{{ random_postfix }}'].name == 'sqlsrv-extended-{{ random_postfix }}' + - output.servers['sqlsrv-extended-{{ random_postfix }}'].type != None + - output.servers['sqlsrv-extended-{{ random_postfix }}'].location != None + - output.servers['sqlsrv-extended-{{ random_postfix }}'].kind != None + - output.servers['sqlsrv-extended-{{ random_postfix }}'].version != None + - output.servers['sqlsrv-extended-{{ random_postfix }}'].state != None + - output.servers['sqlsrv-extended-{{ random_postfix }}'].fully_qualified_domain_name != None + - output.servers['sqlsrv-extended-{{ random_postfix }}'].tags.aaa == 'bbb' + - output.servers['sqlsrv-extended-{{ random_postfix }}'].minimal_tls_version == '1.2' + - output.servers['sqlsrv-extended-{{ random_postfix }}'].public_network_access == 'Disabled' + - output.servers['sqlsrv-extended-{{ random_postfix }}'].restrict_outbound_network_access == 'Enabled' + - output.servers['sqlsrv-extended-{{ random_postfix }}'].admin_username == 'mylogin2' + - output.servers['sqlsrv-extended-{{ random_postfix }}'].administrators == None + +- name: Gather facts for SQL Server with Azure AD admin + azure_rm_sqlserver_info: + resource_group: "{{ resource_group }}" + server_name: "sqlsrv-azuread-{{ random_postfix }}" + register: output + when: run_azuread_tests | bool +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.servers['sqlsrv-azuread-{{ random_postfix }}'].id != None + - output.servers['sqlsrv-azuread-{{ random_postfix }}'].name == 'sqlsrv-azuread-{{ random_postfix }}' + - output.servers['sqlsrv-azuread-{{ random_postfix }}'].type != None + - output.servers['sqlsrv-azuread-{{ random_postfix }}'].location != None + - output.servers['sqlsrv-azuread-{{ random_postfix }}'].kind != None + - output.servers['sqlsrv-azuread-{{ random_postfix }}'].version != None + - output.servers['sqlsrv-azuread-{{ random_postfix }}'].state != None + - output.servers['sqlsrv-azuread-{{ random_postfix }}'].fully_qualified_domain_name != None + - output.servers['sqlsrv-azuread-{{ random_postfix }}'].tags | length == 0 + - output.servers['sqlsrv-azuread-{{ random_postfix }}'].admin_username == 'sqllogin' + - output.servers['sqlsrv-azuread-{{ random_postfix }}'].administrators.administrator_type == 'ActiveDirectory' + - output.servers['sqlsrv-azuread-{{ random_postfix }}'].administrators.azure_ad_only_authentication == False + - output.servers['sqlsrv-azuread-{{ random_postfix }}'].administrators.login == '{{ azuread_group_name }}' + - output.servers['sqlsrv-azuread-{{ random_postfix }}'].administrators.principal_type == 'Group' + - output.servers['sqlsrv-azuread-{{ random_postfix }}'].administrators.sid == '{{ azuread_group_id }}' + - output.servers['sqlsrv-azuread-{{ random_postfix }}'].administrators.tenant_id == '{{ tenant_id }}' + when: run_azuread_tests | bool + +- name: Gather facts SQL Server - unexisting + azure_rm_sqlserver_info: + resource_group: "{{ resource_group }}" + server_name: "unexisting" + register: output +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.servers == {} + +- name: Gather facts SQL Server - list + azure_rm_sqlserver_info: + resource_group: "{{ resource_group }}" + register: output +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.servers.sqlsrv{{ random_postfix }}.id != None + - output.servers.sqlsrv{{ random_postfix }}.name == "sqlsrv{{ random_postfix }}" + - output.servers.sqlsrv{{ random_postfix }}.type != None + - output.servers.sqlsrv{{ random_postfix }}.location != None + - output.servers.sqlsrv{{ random_postfix }}.kind != None + - output.servers.sqlsrv{{ random_postfix }}.version != None + - output.servers.sqlsrv{{ random_postfix }}.state != None + - output.servers.sqlsrv{{ random_postfix }}.fully_qualified_domain_name != None + +# azure_rm_sqldatabase tests + +- name: Create instance of SQL Database -- check mode + azure_rm_sqldatabase: + resource_group: "{{ resource_group }}" + server_name: sqlsrv{{ random_postfix }} + name: database{{ random_postfix }} + location: eastus + check_mode: yes + register: output +- name: Assert the resource instance is well created + assert: + that: + - output.changed + +- name: Create instance of SQL Database + azure_rm_sqldatabase: + resource_group: "{{ resource_group }}" + server_name: sqlsrv{{ random_postfix }} + name: database{{ random_postfix }} + location: eastus + edition: premium + tags: + aaa: bbb + register: output +- name: Assert the resource instance is well created + assert: + that: + - output.changed + - output.status == 'Online' + +- name: Create again instance of SQL Database + azure_rm_sqldatabase: + resource_group: "{{ resource_group }}" + server_name: sqlsrv{{ random_postfix }} + name: database{{ random_postfix }} + location: eastus + edition: premium + tags: + aaa: bbb + register: output +- name: Assert the state has not changed + assert: + that: + - output.changed == false + - output.status == 'Online' + +# test database point in time restore +- name: Gather facts SQL Database and wait for restore point + azure_rm_sqldatabase_info: + resource_group: "{{ resource_group }}" + server_name: sqlsrv{{ random_postfix }} + name: database{{ random_postfix }} + register: output + until: output.databases[0].earliest_restore_date != None + retries: 10 + delay: 20 +- name: Assert that it can be restored from + assert: + that: + - output.databases[0].id != None + - output.databases[0].earliest_restore_date != None + +- name: Create second SQL Database, restoring from the previous Database + azure_rm_sqldatabase: + resource_group: "{{ resource_group }}" + create_mode: point_in_time_restore + restore_point_in_time: "{{ output.databases[0].earliest_restore_date }}" + source_database_id: "{{ output.databases[0].id }}" + server_name: sqlsrv{{ random_postfix }} + name: database{{ random_postfix }}PITR + location: eastus + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Delete instance of SQL Database Point in time recovery + azure_rm_sqldatabase: + resource_group: "{{ resource_group }}" + server_name: sqlsrv{{ random_postfix }} + name: database{{ random_postfix }}PITR + state: absent + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +# test database facter: +- name: Create second SQL Database + azure_rm_sqldatabase: + resource_group: "{{ resource_group }}" + server_name: sqlsrv{{ random_postfix }} + name: database{{ random_postfix }}second + location: eastus + +- name: Gather facts SQL Database + azure_rm_sqldatabase_info: + resource_group: "{{ resource_group }}" + server_name: sqlsrv{{ random_postfix }} + name: database{{ random_postfix }} + register: output +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.databases[0].id != None + - output.databases[0].name != None + - output.databases[0].location != None + - output.databases[0].sku.name != None + - output.databases[0].sku.tier != None + - output.databases[0].sku.capacity != None + - output.databases[0].kind != None + - output.databases[0].status != None + +- name: Gather facts SQL Database + azure_rm_sqldatabase_info: + resource_group: "{{ resource_group }}" + server_name: sqlsrv{{ random_postfix }} + register: output +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.databases[0].id != None + - output.databases[0].name != None + - output.databases[0].location != None + - output.databases[0].sku.name != None + - output.databases[0].sku.tier != None + - output.databases[0].sku.capacity != None + - output.databases[0].kind != None + - output.databases[0].status != None + - output.databases[1].id != None + - output.databases[1].name != None + - output.databases[1].location != None + - output.databases[1].sku.name != None + - output.databases[1].sku.tier != None + - output.databases[1].sku.capacity != None + - output.databases[1].kind != None + - output.databases[1].status != None + +- name: Delete instance of secondary database + azure_rm_sqldatabase: + resource_group: "{{ resource_group }}" + server_name: sqlsrv{{ random_postfix }} + name: database{{ random_postfix }}second + state: absent + +# clean up databases +- name: Delete instance of SQL Database -- check mode + azure_rm_sqldatabase: + resource_group: "{{ resource_group }}" + server_name: sqlsrv{{ random_postfix }} + name: database{{ random_postfix }} + state: absent + check_mode: yes + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Delete instance of SQL Database + azure_rm_sqldatabase: + resource_group: "{{ resource_group }}" + server_name: sqlsrv{{ random_postfix }} + name: database{{ random_postfix }} + state: absent + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Delete unexisting instance of SQL Database + azure_rm_sqldatabase: + resource_group: "{{ resource_group }}" + server_name: sqlsrv{{ random_postfix }} + name: database{{ random_postfix }} + state: absent + register: output +- name: Assert the state has changed + assert: + that: + - output.changed == false + +# Test With SKU +- name: Create SQL Database with sku -- check mode + azure_rm_sqldatabase: + resource_group: "{{ resource_group }}" + server_name: sqlsrv{{ random_postfix }} + name: database{{ random_postfix }}2 + location: eastus + sku: + name: S0 + tier: Standard + check_mode: yes + register: output +- name: Assert the state has not changed + assert: + that: + - output.changed + +- name: Create SQL Database with sku + azure_rm_sqldatabase: + resource_group: "{{ resource_group }}" + server_name: sqlsrv{{ random_postfix }} + name: database{{ random_postfix }}2 + location: eastus + tags: + aaa: bbb + sku: + name: S0 + tier: Standard + register: output +- name: Assert the resource instance is well created with good SKU + assert: + that: + - output.changed + - output.status == 'Online' + +- name: Gather facts SQL Database with good SKU + azure_rm_sqldatabase_info: + resource_group: "{{ resource_group }}" + server_name: sqlsrv{{ random_postfix }} + name: database{{ random_postfix }}2 + register: output +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.databases[0].id != None + - output.databases[0].name != None + - output.databases[0].location != None + - output.databases[0].sku.name == "S0" + - output.databases[0].sku.tier == "Standard" + - output.databases[0].sku.capacity != None + - output.databases[0].kind != None + - output.databases[0].status != None + +- name: Create again instance of SQL Database with same SKU + azure_rm_sqldatabase: + resource_group: "{{ resource_group }}" + server_name: sqlsrv{{ random_postfix }} + name: database{{ random_postfix }}2 + location: eastus + tags: + aaa: bbb + sku: + name: S0 + tier: Standard + register: output +- name: Assert the state has not changed + assert: + that: + - output.changed == false + - output.status == 'Online' + +- name: Create again instance of SQL Database with New SKU + azure_rm_sqldatabase: + resource_group: "{{ resource_group }}" + server_name: sqlsrv{{ random_postfix }} + name: database{{ random_postfix }}2 + location: eastus + tags: + aaa: bbb + sku: + name: P1 + tier: Premium + register: output +- name: Assert the state has not changed + assert: + that: + - output.changed + - output.status == 'Online' + +- name: Gather facts SQL Database with good New SKU + azure_rm_sqldatabase_info: + resource_group: "{{ resource_group }}" + server_name: sqlsrv{{ random_postfix }} + name: database{{ random_postfix }}2 + register: output +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.databases[0].id != None + - output.databases[0].name != None + - output.databases[0].location != None + - output.databases[0].sku.name == "P1" + - output.databases[0].sku.tier == "Premium" + - output.databases[0].sku.capacity != None + - output.databases[0].kind != None + - output.databases[0].status != None + +- name: Delete instance of SQL Database + azure_rm_sqldatabase: + resource_group: "{{ resource_group }}" + server_name: sqlsrv{{ random_postfix }} + name: database{{ random_postfix }}2 + state: absent + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +# test database facts without databases +- name: Gather facts SQL Database + azure_rm_sqldatabase_info: + resource_group: "{{ resource_group }}" + server_name: sqlsrv{{ random_postfix }} + name: database{{ random_postfix }}2 + register: output +- name: Assert that empty dictionary was returned + assert: + that: + - output.changed == False + - output.databases | length == 0 + +- name: Gather facts SQL Database + azure_rm_sqldatabase_info: + resource_group: "{{ resource_group }}" + server_name: sqlsrv{{ random_postfix }} + register: output +- name: Assert that empty dictionary was returned (one database is there by default) + assert: + that: + - output.changed == False + - output.databases | length == 1 + +# azure_rm_sqlfirewallrule tests + +- name: Create instance of Firewall Rule -- check mode + azure_rm_sqlfirewallrule: + resource_group: "{{ resource_group }}" + server_name: "sqlsrv{{ random_postfix }}" + name: firewallrule{{ random_postfix }} + start_ip_address: 172.28.10.136 + end_ip_address: 172.28.10.138 + check_mode: yes + register: output +- name: Assert the resource instance is well created + assert: + that: + - output.changed + +- name: Create instance of Firewall Rule + azure_rm_sqlfirewallrule: + resource_group: "{{ resource_group }}" + server_name: "sqlsrv{{ random_postfix }}" + name: firewallrule{{ random_postfix }} + start_ip_address: 172.28.10.136 + end_ip_address: 172.28.10.138 + register: output +- name: Assert the resource instance is well created + assert: + that: + - output.changed + +- name: Create again instance of Firewall Rule + azure_rm_sqlfirewallrule: + resource_group: "{{ resource_group }}" + server_name: "sqlsrv{{ random_postfix }}" + name: firewallrule{{ random_postfix }} + start_ip_address: 172.28.10.136 + end_ip_address: 172.28.10.138 + register: output +- name: Assert the state has not changed + assert: + that: + - output.changed == false + +# +# azure_rm_sqlserverfirewallrule_facts +# + +- name: Create Firewall Rule - second + azure_rm_sqlfirewallrule: + resource_group: "{{ resource_group }}" + server_name: sqlsrv{{ random_postfix }} + name: firewallrule{{ random_postfix }}second + start_ip_address: 172.28.10.136 + end_ip_address: 172.28.10.138 + +- name: Gather facts SQL Firewall Rule + azure_rm_sqlfirewallrule_info: + resource_group: "{{ resource_group }}" + server_name: sqlsrv{{ random_postfix }} + name: firewallrule{{ random_postfix }} + register: output +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.rules[0].id != None + - output.rules[0].resource_group != None + - output.rules[0].server_name != None + - output.rules[0].name != None + - output.rules[0].start_ip_address != None + - output.rules[0].end_ip_address != None + +- name: Gather facts SQL Firewall Rule + azure_rm_sqlfirewallrule_info: + resource_group: "{{ resource_group }}" + server_name: sqlsrv{{ random_postfix }} + register: output +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.rules[0].id != None + - output.rules[0].id != None + - output.rules[0].resource_group != None + - output.rules[0].server_name != None + - output.rules[0].name != None + - output.rules[0].start_ip_address != None + - output.rules[0].end_ip_address != None + - output.rules[1].id != None + - output.rules[1].resource_group != None + - output.rules[1].server_name != None + - output.rules[1].name != None + - output.rules[1].start_ip_address != None + - output.rules[1].end_ip_address != None + +- name: Delete instance of Firewall Rule + azure_rm_sqlfirewallrule: + resource_group: "{{ resource_group }}" + server_name: sqlsrv{{ random_postfix }} + name: firewallrule{{ random_postfix }} + state: absent +- name: Delete instance of Firewall Rule + azure_rm_sqlfirewallrule: + resource_group: "{{ resource_group }}" + server_name: sqlsrv{{ random_postfix }} + name: firewallrule{{ random_postfix }}second + state: absent + +- name: Gather facts SQL Firewall Rule + azure_rm_sqlfirewallrule_info: + resource_group: "{{ resource_group }}" + server_name: sqlsrv{{ random_postfix }} + name: firewallrule{{ random_postfix }} + register: output +- name: Assert that empty dictionary was returned + assert: + that: + - output.changed == False + - output.rules | length == 0 + +# azure_rm_sqlelasticpool test + +- name: Create instance of SQL Elastic Pool -- check mode + azure_rm_sqlelasticpool: + resource_group: "{{ resource_group }}" + server_name: sqlsrv{{ random_postfix }} + name: EP{{ random_postfix }} + zone_redundant: False + tags: + aaa: bbb + check_mode: yes + register: output +- name: Assert the resource instance is well created + assert: + that: + - output.changed + +- name: Create instance of SQL Elastic Pool + azure_rm_sqlelasticpool: + resource_group: "{{ resource_group }}" + server_name: sqlsrv{{ random_postfix }} + name: EP{{ random_postfix }} + zone_redundant: False + tags: + aaa: bbb + register: output + +- name: Assert the resource instance is well created + assert: + that: + - output.changed + +- name: Create instance of SQL Elastic Pool -- Idempotent test + azure_rm_sqlelasticpool: + resource_group: "{{ resource_group }}" + server_name: sqlsrv{{ random_postfix }} + name: EP{{ random_postfix }} + zone_redundant: False + tags: + aaa: bbb + register: output + +- name: Assert the resource instance is well created + assert: + that: + - not output.changed + +- name: Update instance of SQL Elastic Pool + azure_rm_sqlelasticpool: + resource_group: "{{ resource_group }}" + server_name: sqlsrv{{ random_postfix }} + name: EP{{ random_postfix }} + zone_redundant: True + tags: + aaa1: bbb1 + register: output + +- name: Assert the resource instance is well created + assert: + that: + - output.changed + +- name: Gather facts SQL Database + azure_rm_sqlelasticpool_info: + resource_group: "{{ resource_group }}" + server_name: sqlsrv{{ random_postfix }} + name: EP{{ random_postfix }} + register: output + +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.elastic_pool[0].zone_redundant == true + - output.elastic_pool[0].tags | length == 2 + +- name: Delete instance of SQL Elastic Pool + azure_rm_sqlelasticpool: + resource_group: "{{ resource_group }}" + server_name: sqlsrv{{ random_postfix }} + name: EP{{ random_postfix }} + state: absent + register: output + +- name: Assert the resource instance is deleted + assert: + that: + - output.changed + +# finalise & clean up azure_rm_sqlserver test + +- name: Delete instance of SQL Server -- check mode + azure_rm_sqlserver: + resource_group: "{{ resource_group }}" + name: "sqlsrv{{ random_postfix }}" + state: absent + check_mode: yes + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Delete instance of SQL Server + azure_rm_sqlserver: + resource_group: "{{ resource_group }}" + name: "sqlsrv{{ random_postfix }}" + state: absent + register: output +- name: Assert the state has changed + assert: + that: + - output.changed + +- name: Delete unexisting instance of SQL Server + azure_rm_sqlserver: + resource_group: "{{ resource_group }}" + name: "sqlsrv{{ random_postfix }}" + state: absent + register: output +- name: Assert the state has changed + assert: + that: + - output.changed == false + +- name: Delete extended instance of SQL Server + azure_rm_sqlserver: + resource_group: "{{ resource_group }}" + name: "sqlsrv-extended-{{ random_postfix }}" + state: absent + +- name: Delete instance of SQL Server with Azure AD admin + azure_rm_sqlserver: + resource_group: "{{ resource_group }}" + name: "sqlsrv-azuread-{{ random_postfix }}" + state: absent + when: run_azuread_tests | bool diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageaccount/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageaccount/aliases new file mode 100644 index 000000000..aa77c071a --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageaccount/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group2 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageaccount/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageaccount/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageaccount/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageaccount/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageaccount/tasks/main.yml new file mode 100644 index 000000000..8c738a627 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageaccount/tasks/main.yml @@ -0,0 +1,592 @@ +- name: Set Storage Account Names + set_fact: + storage_account_name_default: "sa{{ resource_group | hash('md5') | truncate(20, True, '') }}" + storage_account_name_explicit: "sa{{ resource_group | hash('sha1') | truncate(20, True, '') }}" + +- name: Test invalid account name + azure_rm_storageaccount: + resource_group: "{{ resource_group }}" + name: "invalid_char$" + account_type: Standard_LRS + register: output + ignore_errors: true +- name: Check intentional name failure. + assert: + that: + - output.failed + - output.msg is regex('AccountNameInvalid') + +- name: Delete storage accounts to prepare fresh deployment + azure_rm_storageaccount: + resource_group: "{{ resource_group }}" + name: "{{ item }}" + state: absent + force_delete_nonempty: true + loop: + - "{{ storage_account_name_default }}" + - "{{ storage_account_name_explicit }}" + - "{{ storage_account_name_default }}01" + - "{{ storage_account_name_default }}02" + - "{{ storage_account_name_default }}03" + - "{{ storage_account_name_default }}04" + - "{{ storage_account_name_default }}06" + +- name: Create new storage account with defaults (omitted parameters) + azure_rm_storageaccount: + resource_group: "{{ resource_group }}" + name: "{{ storage_account_name_default }}" + account_type: Standard_LRS + register: defaults_output +- name: Assert status succeeded and results match expectations + assert: + that: + - defaults_output.changed + - defaults_output.state.name == storage_account_name_default + - defaults_output.state.id is defined + - defaults_output.state.https_only + - defaults_output.state.access_tier == None + - defaults_output.state.allow_blob_public_access == true + - defaults_output.state.minimum_tls_version == "TLS1_0" + +- name: Create storage account with static website disabled + azure_rm_storageaccount: + resource_group: "{{ resource_group }}" + name: "{{ storage_account_name_default }}01" + account_type: Standard_LRS + kind: StorageV2 + static_website: + enabled: false + register: output +- name: Assert output + assert: + that: + - output.changed + - output.state.static_website is defined + - not output.state.static_website.enabled + - output.state.static_website.index_document == None + - output.state.static_website.error_document404_path == None + +- name: Create storage account with static website disabled (idempotency test) + azure_rm_storageaccount: + resource_group: "{{ resource_group }}" + name: "{{ storage_account_name_default }}01" + account_type: Standard_LRS + kind: StorageV2 + static_website: + enabled: false + register: output +- name: Assert not changed + assert: + that: + - not output.changed + +- name: Enable storage account static website + azure_rm_storageaccount: + resource_group: "{{ resource_group }}" + name: "{{ storage_account_name_default }}01" + account_type: Standard_LRS + kind: StorageV2 + static_website: + enabled: true + register: output +- name: Assert output + assert: + that: + - output.changed + - output.state.static_website is defined + - output.state.static_website.enabled + - output.state.static_website.index_document == None + - output.state.static_website.error_document404_path == None + +- name: Configure additional storage account static website properties + azure_rm_storageaccount: + resource_group: "{{ resource_group }}" + name: "{{ storage_account_name_default }}01" + account_type: Standard_LRS + kind: StorageV2 + static_website: + enabled: true + index_document: "index.html" + error_document404_path: "error.html" + register: output +- name: Assert output + assert: + that: + - output.changed + - output.state.static_website is defined + - output.state.static_website.enabled + - output.state.static_website.index_document == 'index.html' + - output.state.static_website.error_document404_path == 'error.html' + +- name: Configure additional storage account static website properties (idempotency test) + azure_rm_storageaccount: + resource_group: "{{ resource_group }}" + name: "{{ storage_account_name_default }}01" + account_type: Standard_LRS + kind: StorageV2 + static_website: + enabled: true + index_document: "index.html" + error_document404_path: "error.html" + register: output +- name: Assert not changed + assert: + that: + - not output.changed + +- name: Create new storage account with Hierarchical Namespace enabled + azure_rm_storageaccount: + resource_group: "{{ resource_group }}" + name: "{{ storage_account_name_default }}06" + account_type: Standard_LRS + kind: StorageV2 + is_hns_enabled: true + register: output +- name: Assert output + assert: + that: + - output.changed + +- name: Gather facts of storage account + azure_rm_storageaccount_info: + resource_group: "{{ resource_group }}" + name: "{{ storage_account_name_default }}06" + register: output +- assert: + that: + - "output.storageaccounts | length == 1" + - output.storageaccounts[0].is_hns_enabled == true + +- name: Create storage account with static website enabled + azure_rm_storageaccount: + resource_group: "{{ resource_group }}" + name: "{{ storage_account_name_default }}04" + account_type: Standard_LRS + kind: StorageV2 + static_website: + enabled: true + index_document: "abc.htm" + register: output +- name: Assert output + assert: + that: + - output.changed + - output.state.static_website is defined + - output.state.static_website.enabled + - output.state.static_website.index_document == "abc.htm" + - output.state.static_website.error_document404_path == None + +- name: Create storage account with static website enabled (idempotency test) + azure_rm_storageaccount: + resource_group: "{{ resource_group }}" + name: "{{ storage_account_name_default }}04" + account_type: Standard_LRS + kind: StorageV2 + static_website: + enabled: true + index_document: "abc.htm" + register: output +- name: Assert not changed + assert: + that: + - not output.changed + +- name: Disable storage account static website + azure_rm_storageaccount: + resource_group: "{{ resource_group }}" + name: "{{ storage_account_name_default }}04" + account_type: Standard_LRS + kind: StorageV2 + static_website: + enabled: false + register: output +- name: Assert output + assert: + that: + - output.changed + - output.state.static_website is defined + - not output.state.static_website.enabled + - output.state.static_website.index_document == None + - output.state.static_website.error_document404_path == None + +- name: Create new storage account with I(kind=FileStorage) + azure_rm_storageaccount: + resource_group: "{{ resource_group }}" + name: "{{ storage_account_name_default }}02" + account_type: Premium_ZRS + kind: FileStorage + register: filestorage_output +- name: Assert status succeeded and results match I(kind=FileStorage) + assert: + that: + - filestorage_output.changed + - filestorage_output.state.sku_name == "Premium_ZRS" + +- name: Create new storage account with explicit parameters + azure_rm_storageaccount: + access_tier: Hot + account_type: Premium_LRS + allow_blob_public_access: False + append_tags: false + blob_cors: + - allowed_origins: + - http://www.example.com/ + allowed_methods: + - GET + - POST + allowed_headers: + - x-ms-meta-data* + - x-ms-meta-target* + - x-ms-meta-abc + exposed_headers: + - x-ms-meta-* + max_age_in_seconds: 200 + https_only: False + kind: StorageV2 + location: eastus + minimum_tls_version: 'TLS1_2' + name: "{{ storage_account_name_explicit }}" + network_acls: + bypass: AzureServices + default_action: Deny + ip_rules: + - value: '9.9.9.9' + action: Allow + resource_group: "{{ resource_group }}" + tags: + test: test + galaxy: galaxy + register: explicit_output +- name: Assert status succeeded and correct parameter results + assert: + that: + - explicit_output.changed + - explicit_output.state.id is defined + - explicit_output.state.blob_cors | length == 1 + - not explicit_output.state.https_only + - not explicit_output.state.allow_blob_public_access + - explicit_output.state.minimum_tls_version == 'TLS1_2' + - explicit_output.state.network_acls.bypass == "AzureServices" + - explicit_output.state.network_acls.default_action == "Deny" + - explicit_output.state.network_acls.ip_rules | length == 1 + +- name: Update existing storage account (idempotence) + azure_rm_storageaccount: + access_tier: Hot + account_type: Premium_LRS + allow_blob_public_access: False + append_tags: false + blob_cors: + - allowed_origins: + - http://www.example.com/ + allowed_methods: + - GET + - POST + allowed_headers: + - x-ms-meta-data* + - x-ms-meta-target* + - x-ms-meta-abc + exposed_headers: + - x-ms-meta-* + max_age_in_seconds: 200 + https_only: False + kind: StorageV2 + location: eastus + minimum_tls_version: 'TLS1_2' + name: "{{ storage_account_name_explicit }}" + network_acls: + bypass: AzureServices + default_action: Deny + ip_rules: + - value: '9.9.9.9' + action: Allow + resource_group: "{{ resource_group }}" + tags: + test: test + galaxy: galaxy + register: output +- name: Assert that properties have not changed + assert: + that: + - not output.changed + - output.state.access_tier == explicit_output.state.access_tier + - output.state.allow_blob_public_access == explicit_output.state.allow_blob_public_access + - output.state.blob_cors == explicit_output.state.blob_cors + - output.state.custom_domain == explicit_output.state.custom_domain + - output.state.https_only == explicit_output.state.https_only + - output.state.id == explicit_output.state.id + - output.state.location == explicit_output.state.location + - output.state.minimum_tls_version == explicit_output.state.minimum_tls_version + - output.state.name == explicit_output.state.name + - output.state.network_acls == explicit_output.state.network_acls + - output.state.primary_endpoints == explicit_output.state.primary_endpoints + - output.state.primary_location == explicit_output.state.primary_location + - output.state.secondary_endpoints == explicit_output.state.secondary_endpoints + - output.state.secondary_location == explicit_output.state.secondary_location + - output.state.sku_name == explicit_output.state.sku_name + - output.state.sku_tier == explicit_output.state.sku_tier + - output.state.tags == explicit_output.state.tags + +- name: Update existing storage account with parameters omitted + azure_rm_storageaccount: + resource_group: "{{ resource_group }}" + name: "{{ storage_account_name_explicit }}" + register: output +- name: Assert that properties have not changed + assert: + that: + - not output.changed + - output.state.access_tier == explicit_output.state.access_tier + - output.state.allow_blob_public_access == explicit_output.state.allow_blob_public_access + - output.state.blob_cors == explicit_output.state.blob_cors + - output.state.custom_domain == explicit_output.state.custom_domain + - output.state.https_only == explicit_output.state.https_only + - output.state.id == explicit_output.state.id + - output.state.location == explicit_output.state.location + - output.state.minimum_tls_version == explicit_output.state.minimum_tls_version + - output.state.name == explicit_output.state.name + - output.state.network_acls == explicit_output.state.network_acls + - output.state.primary_endpoints == explicit_output.state.primary_endpoints + - output.state.primary_location == explicit_output.state.primary_location + - output.state.secondary_endpoints == explicit_output.state.secondary_endpoints + - output.state.secondary_location == explicit_output.state.secondary_location + - output.state.sku_name == explicit_output.state.sku_name + - output.state.sku_tier == explicit_output.state.sku_tier + - output.state.tags == explicit_output.state.tags + +- name: Update existing storage account with parameters defined + azure_rm_storageaccount: + resource_group: "{{ resource_group }}" + name: "{{ storage_account_name_default }}" + allow_blob_public_access: False + append_tags: false + blob_cors: + - allowed_origins: + - http://www.example.com/ + allowed_methods: + - GET + - POST + allowed_headers: + - x-ms-meta-data* + - x-ms-meta-target* + - x-ms-meta-abc + exposed_headers: + - x-ms-meta-* + max_age_in_seconds: 200 + https_only: False + kind: StorageV2 + minimum_tls_version: 'TLS1_1' + network_acls: + bypass: AzureServices + default_action: Deny + ip_rules: + - value: '9.9.9.9' + action: Allow + tags: + test: test + galaxy: galaxy + register: output +- name: Assert account change success + assert: + that: + - output.changed + - output.state.allow_blob_public_access == False + - output.state.allow_blob_public_access != None + - output.state.https_only == False + - output.state.https_only != None + - output.state.minimum_tls_version == 'TLS1_1' + - output.state.name == storage_account_name_default + - output.state.tags == explicit_output.state.tags + # These tests should be valid, but is currently broken due to 'output' not containing blob_cors and network_acls.ip_rules + # - output.state.blob_cors == explicit_output.state.blob_cors + # - output.state.network_acls == explicit_output.state.network_acls + +- name: Change existing account type (invalid) + azure_rm_storageaccount: + resource_group: "{{ resource_group }}" + name: "{{ storage_account_name_default }}" + account_type: Premium_LRS + register: output + ignore_errors: true +- name: Assert account type change failed + assert: + that: + - output.failed + - output.msg is regex('Storage account of type .* cannot be changed') + +- name: Unverified custom domain failure + azure_rm_storageaccount: + resource_group: "{{ resource_group }}" + name: "{{ storage_account_name_default }}" + custom_domain: + name: ansible.com + use_sub_domain: false + ignore_errors: true + register: output +- name: Assert CNAME failure + assert: + that: + - output.failed + - output.msg is regex('custom domain name could not be verified') + +- name: Create storage account with no public access + azure_rm_storageaccount: + name: "{{ storage_account_name_default }}03" + resource_group: "{{ resource_group }}" + account_type: Standard_LRS + https_only: true + minimum_tls_version: 'TLS1_2' + allow_blob_public_access: false + public_network_access: 'Disabled' + register: output +- name: Assert desired account config + assert: + that: + - output.changed + - output.state.https_only + - output.state.minimum_tls_version == 'TLS1_2' + - not output.state.allow_blob_public_access + - output.state.public_network_access == 'Disabled' + +- name: Create storage account with no public access (idempotent) + azure_rm_storageaccount: + name: "{{ storage_account_name_default }}03" + resource_group: "{{ resource_group }}" + account_type: Standard_LRS + https_only: true + minimum_tls_version: 'TLS1_2' + allow_blob_public_access: false + public_network_access: 'Disabled' + register: output +- name: Assert no change + assert: + that: + - not output.changed + +- name: Gather facts by tags + azure_rm_storageaccount_info: + resource_group: "{{ resource_group }}" + tags: + - test + - galaxy + register: output +- assert: + that: output.storageaccounts | length >= 1 + +- name: Update account tags + azure_rm_storageaccount: + resource_group: "{{ resource_group }}" + name: "{{ storage_account_name_explicit }}" + append_tags: false + tags: + testing: testing + delete: never + register: output +- assert: + that: + - "output.state.tags | length == 2" + - "output.state.tags.testing == 'testing'" + - "output.state.tags.delete == 'never'" + +- name: Gather facts connection string and blob_cors + azure_rm_storageaccount_info: + resource_group: "{{ resource_group }}" + name: "{{ storage_account_name_explicit }}" + show_connection_string: True + show_blob_cors: True + register: output +- assert: + that: + - "output.storageaccounts | length == 1" + - not output.storageaccounts[0].custom_domain + - output.storageaccounts[0].account_type == "Premium_LRS" + - output.storageaccounts[0].primary_endpoints.blob.connectionstring + - output.storageaccounts[0].blob_cors + - output.storageaccounts[0].minimum_tls_version == "TLS1_2" + - not output.storageaccounts[0].allow_blob_public_access + - not output.storageaccounts[0].https_only + - output.storageaccounts[0].network_acls.bypass == "AzureServices" + - output.storageaccounts[0].network_acls.default_action == "Deny" + - output.storageaccounts[0].network_acls.ip_rules | length == 1 + +- name: Gather enabled static website properties + azure_rm_storageaccount_info: + resource_group: "{{ resource_group }}" + name: "{{ storage_account_name_default }}01" + register: output +- assert: + that: + - output.storageaccounts | length == 1 + - output.storageaccounts[0].static_website is defined + - output.storageaccounts[0].static_website.enabled + - output.storageaccounts[0].static_website.index_document == 'index.html' + - output.storageaccounts[0].static_website.error_document404_path == 'error.html' + +- name: Gather disabled static website properties + azure_rm_storageaccount_info: + resource_group: "{{ resource_group }}" + name: "{{ storage_account_name_default }}04" + register: output +- assert: + that: + - output.storageaccounts | length == 1 + - output.storageaccounts[0].static_website is defined + - not output.storageaccounts[0].static_website.enabled + - output.storageaccounts[0].static_website.index_document == None + - output.storageaccounts[0].static_website.error_document404_path == None + +- name: Create new storage account with (require_infrastructure_encryption=false) + azure_rm_storageaccount: + resource_group: "{{ resource_group }}" + name: "{{ storage_account_name_default }}05" + account_type: Standard_RAGRS + encryption: + services: + blob: + enabled: true + file: + enabled: true + require_infrastructure_encryption: false + key_source: Microsoft.Storage + register: encryption_output + +- name: Assert storage account with (require_infrastructure_encryption=false) created + assert: + that: + - encryption_output.changed + +- name: Get account with (require_infrastructure_encryption=false) + azure_rm_storageaccount_info: + resource_group: "{{ resource_group }}" + name: "{{ storage_account_name_default }}05" + register: encryption_output + +- assert: + that: + - output.storageaccounts | length == 1 + - output.storageaccounts[0].encryption.key_source == 'Microsoft.Storage' + - not output.storageaccounts[0].encryption.require_infrastructure_encryption + - output.storageaccounts[0].encryption.services | length == 2 + +- name: List storage accounts by resource group. + azure_rm_storageaccount_info: + resource_group: "{{ resource_group }}" + register: output +- assert: + that: + - "output.storageaccounts | length >= 2" + +- name: Delete storage accounts + azure_rm_storageaccount: + resource_group: "{{ resource_group }}" + name: "{{ item }}" + state: absent + force_delete_nonempty: True + loop: + - "{{ storage_account_name_default }}" + - "{{ storage_account_name_explicit }}" + - "{{ storage_account_name_default }}01" + - "{{ storage_account_name_default }}02" + - "{{ storage_account_name_default }}03" + - "{{ storage_account_name_default }}04" + - "{{ storage_account_name_default }}05" diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageblob/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageblob/aliases new file mode 100644 index 000000000..aa77c071a --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageblob/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group2 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageblob/files/Ratings.png b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageblob/files/Ratings.png Binary files differnew file mode 100644 index 000000000..8dd3e3dbc --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageblob/files/Ratings.png diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageblob/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageblob/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageblob/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageblob/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageblob/tasks/main.yml new file mode 100644 index 000000000..8ad07331f --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageblob/tasks/main.yml @@ -0,0 +1,110 @@ +- name: Create storage account name + set_fact: + storage_account: "sb{{ resource_group | hash('md5') | truncate(22, True, '') }}" + test1_file: "./targets/azure_rm_storageblob/files/Ratings.png" + +- name: Create storage account + azure_rm_storageaccount: + resource_group: "{{ resource_group }}" + name: "{{ storage_account }}" + account_type: Standard_LRS + +- name: Create container + azure_rm_storageblob: + resource_group: "{{ resource_group }}" + account_name: "{{ storage_account }}" + container_name: my-blobs + +- name: Force upload blob + azure_rm_storageblob: + resource_group: "{{ resource_group }}" + account_name: "{{ storage_account }}" + container_name: my-blobs + blob: 'Ratings.png' + src: '{{ test1_file }}' + content_type: image/png + tags: + val1: foo + val2: bar + force: true + +- name: Upload blob idempotence + azure_rm_storageblob: + resource_group: "{{ resource_group }}" + account_name: "{{ storage_account }}" + container_name: my-blobs + blob: 'Ratings.png' + src: '{{ test1_file }}' + content_type: image/png + tags: + val1: foo + val2: bar + register: upload_facts +- assert: + that: "not upload_facts.changed" + +- name: Download file idempotence + azure_rm_storageblob: + resource_group: "{{ resource_group }}" + account_name: "{{ storage_account }}" + container_name: my-blobs + blob: 'Ratings.png' + dest: '{{ test1_file }}' + register: download_results +- assert: + that: not download_results.changed + +- file: path="/tmp/Ratings.png" state=absent + +- name: Download file + azure_rm_storageblob: + resource_group: "{{ resource_group }}" + account_name: "{{ storage_account }}" + container_name: my-blobs + blob: 'Ratings.png' + dest: '/tmp/Ratings.png' + register: download_results +- assert: + that: "download_results.changed" + +- find: paths='/tmp' patterns="Ratings.png" + register: find_results +- assert: + that: "find_results['matched'] == 1" + +- name: Do not delete container that has blobs + azure_rm_storageblob: + resource_group: "{{ resource_group }}" + account_name: "{{ storage_account }}" + container_name: my-blobs + state: absent + register: output +- assert: + that: "not output.changed" + +- name: Delete blob object + azure_rm_storageblob: + resource_group: "{{ resource_group }}" + account_name: "{{ storage_account }}" + container_name: my-blobs + blob: "Ratings.png" + state: absent + register: output +- assert: + that: "output.changed" + +- name: Delete container + azure_rm_storageblob: + resource_group: "{{ resource_group }}" + account_name: "{{ storage_account }}" + container_name: my-blobs + state: absent + register: output +- assert: + that: "output.changed" + +- name: Delete storage account + azure_rm_storageaccount: + resource_group: "{{ resource_group }}" + name: "{{ storage_account }}" + state: absent diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageshare/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageshare/aliases new file mode 100644 index 000000000..aa77c071a --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageshare/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group2 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageshare/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageshare/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageshare/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageshare/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageshare/tasks/main.yml new file mode 100644 index 000000000..ffe672d4d --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageshare/tasks/main.yml @@ -0,0 +1,126 @@ +--- +- name: Set storage account name + set_fact: + storage_account: "sb{{ resource_group | hash('md5') | truncate(22, True, '') }}" + +- name: Create storage account + azure_rm_storageaccount: + resource_group: "{{ resource_group }}" + name: "{{ storage_account }}" + account_type: Standard_LRS + kind: StorageV2 + +- name: Set storage share facts + set_fact: + share_name: testshare + quota: 32 + access_tier: Cool + metadata: + source: ansible + purpose: test + +- name: Create share + azure_rm_storageshare: + name: "{{ share_name }}" + resource_group: "{{ resource_group }}" + account_name: "{{ storage_account }}" + quota: "{{ quota }}" + metadata: "{{ metadata }}" + access_tier: "{{ access_tier }}" + register: create_result + +- name: Assert create success + assert: + that: + - create_result.changed + - create_result.state.name == share_name + - create_result.state.share_quota == quota + - create_result.state.metadata.source == metadata.source + - create_result.state.metadata.purpose == metadata.purpose + - create_result.state.access_tier == access_tier + - create_result.state.id is defined + - create_result.state.etag is defined + +- name: Run again to check idempotence + azure_rm_storageshare: + name: "{{ share_name }}" + resource_group: "{{ resource_group }}" + account_name: "{{ storage_account }}" + register: create_result + +- name: Assert idempotence + assert: + that: not create_result.changed + +- name: Get share details + azure_rm_storageshare_info: + name: "{{ share_name }}" + resource_group: "{{ resource_group }}" + account_name: "{{ storage_account }}" + register: share_facts + +- name: Assert storage share details + assert: + that: + - not share_facts.changed + - share_facts.storageshares.name == share_name + - share_facts.storageshares.share_quota == quota + - share_facts.storageshares.metadata.source == metadata.source + - share_facts.storageshares.metadata.purpose == metadata.purpose + - share_facts.storageshares.access_tier == access_tier + - share_facts.storageshares.id is defined + - share_facts.storageshares.etag is defined + +- name: Set new storage share facts + set_fact: + quota: 64 + access_tier: Hot + +- name: Update share + azure_rm_storageshare: + name: "{{ share_name }}" + resource_group: "{{ resource_group }}" + account_name: "{{ storage_account }}" + quota: "{{ quota }}" + access_tier: "{{ access_tier }}" + register: update_result + +- name: Assert share update success + assert: + that: update_result.changed + +- name: Get updated details + azure_rm_storageshare_info: + name: "{{ share_name }}" + resource_group: "{{ resource_group }}" + account_name: "{{ storage_account }}" + register: share_facts + +- name: Assert storage share details + assert: + that: + - share_facts.storageshares.name == share_name + - share_facts.storageshares.share_quota == quota + - share_facts.storageshares.metadata.source== metadata.source + - share_facts.storageshares.metadata.purpose == metadata.purpose + - share_facts.storageshares.access_tier == access_tier + - share_facts.storageshares.id is defined + - share_facts.storageshares.etag is defined + +- name: Delete share + azure_rm_storageshare: + name: "{{ share_name }}" + resource_group: "{{ resource_group }}" + account_name: "{{ storage_account }}" + state: absent + register: delete_output + +- name: Pause for 3 minutes to waiting delete + pause: + minutes: 3 + +- name: Delete storage account + azure_rm_storageaccount: + resource_group: "{{ resource_group }}" + name: "{{ storage_account }}" + state: absent diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_subnet/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_subnet/aliases new file mode 100644 index 000000000..aa77c071a --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_subnet/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group2 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_subnet/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_subnet/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_subnet/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_subnet/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_subnet/tasks/main.yml new file mode 100644 index 000000000..6e4e6cbb1 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_subnet/tasks/main.yml @@ -0,0 +1,320 @@ +- name: Create virtual network + azure_rm_virtualnetwork: + name: My_Virtual_Network + address_prefixes_cidr: + - 10.1.0.0/16 + - 172.100.0.0/16 + - fdda:e69b:1587:495e::/64 + dns_servers: + - 127.0.0.1 + - 127.0.0.3 + tags: + testing: testing + delete: on-exit + resource_group: "{{ resource_group }}" + +- name: Create route table + azure_rm_routetable: + name: routetableforsubnet + resource_group: "{{ resource_group }}" + register: route_table + +- name: Remove subnet + azure_rm_subnet: + state: absent + name: foobar + virtual_network_name: My_Virtual_Network + resource_group: "{{ resource_group }}" + +- name: Catch invalid cidr + azure_rm_subnet: + name: foobar + virtual_network_name: My_Virtual_Network + resource_group: "{{ resource_group }}" + address_prefix_cidr: "10.1.0/24" + register: output + ignore_errors: yes + +- assert: + that: output.failed + +- name: Add the subnet back + azure_rm_subnet: + name: foobar + virtual_network_name: My_Virtual_Network + resource_group: "{{ resource_group }}" + address_prefix_cidr: "10.1.0.0/24" + register: output + +- assert: + that: + - output.changed + - output.state.address_prefix == "10.1.0.0/24" + +- name: Add the subnet back (idempontent) + azure_rm_subnet: + name: foobar + virtual_network_name: My_Virtual_Network + resource_group: "{{ resource_group }}" + register: output + +- assert: + that: not output.changed + +- name: Create network security group + azure_rm_securitygroup: + name: secgroupfoo + resource_group: "{{ resource_group }}" + tags: + testing: testing + +- name: Update the subnet + azure_rm_subnet: + name: foobar + virtual_network_name: My_Virtual_Network + resource_group: "{{ resource_group }}" + address_prefix_cidr: "10.1.0.0/16" + security_group: secgroupfoo + service_endpoints: + - service: Microsoft.Sql + locations: + - eastus + - westus + +- name: Should be idempotent + azure_rm_subnet: + name: foobar + virtual_network_name: My_Virtual_Network + resource_group: "{{ resource_group }}" + address_prefix_cidr: "10.1.0.0/16" + service_endpoints: + - service: Microsoft.Sql + locations: + - eastus + - westus + register: output + +- assert: + that: not output.changed + +- name: Able to completely remove service endpoints + azure_rm_subnet: + name: foobar + virtual_network_name: My_Virtual_Network + resource_group: "{{ resource_group }}" + address_prefix_cidr: "10.1.0.0/16" + service_endpoints: [] + register: output + +- assert: + that: output.state.service_endpoints is not defined + +- name: Create network security group in another resource group + azure_rm_securitygroup: + name: secgroupfoo + resource_group: "{{ resource_group_secondary }}" + register: nsg + +- name: Update the subnet + azure_rm_subnet: + name: foobar + virtual_network_name: My_Virtual_Network + resource_group: "{{ resource_group }}" + address_prefix_cidr: "10.1.0.0/16" + route_table: "{{ route_table.id }}" + security_group: + name: secgroupfoo + resource_group: "{{ resource_group_secondary }}" + register: output + +- assert: + that: + - output.changed + - output.state.network_security_group.id == nsg.state.id + +- name: Update the subnet (idempotent) + azure_rm_subnet: + name: foobar + virtual_network_name: My_Virtual_Network + resource_group: "{{ resource_group }}" + address_prefix_cidr: "10.1.0.0/16" + route_table: "{{ route_table.id }}" + security_group: "{{ nsg.state.id }}" + register: output + +- assert: + that: not output.changed + +- name: Create subnet with IPv4 and IPv6 + azure_rm_subnet: + name: foobar01 + virtual_network_name: My_Virtual_Network + resource_group: "{{ resource_group }}" + address_prefixes_cidr: + - "172.100.0.0/16" + - "fdda:e69b:1587:495e::/64" + register: output + +- assert: + that: + - output.changed + - not output.state.address_prefix + - output.state.address_prefixes + +- name: Update the subnet to IPv4 and IPv6 (idempotent) + azure_rm_subnet: + name: foobar01 + virtual_network_name: My_Virtual_Network + resource_group: "{{ resource_group }}" + address_prefixes_cidr: + - "172.100.0.0/16" + - "fdda:e69b:1587:495e::/64" + register: output + +- assert: + that: not output.changed + +- name: Update the subnet's IPv4 and IPv6 address + azure_rm_subnet: + name: foobar01 + virtual_network_name: My_Virtual_Network + resource_group: "{{ resource_group }}" + address_prefixes_cidr: + - "172.100.0.0/24" + - "fdda:e69b:1587:495e::/64" + security_group: "{{ nsg.state.id }}" + register: output + +- assert: + that: + - output.changed + +- name: Update the subnet with network policies + azure_rm_subnet: + name: foobar01 + virtual_network_name: My_Virtual_Network + resource_group: "{{ resource_group }}" + private_link_service_network_policies: Disabled + private_endpoint_network_policies: Enabled + register: output + +- assert: + that: output + +- name: The subnet with network policies should be idempotent + azure_rm_subnet: + name: foobar01 + virtual_network_name: My_Virtual_Network + resource_group: "{{ resource_group }}" + private_link_service_network_policies: Disabled + private_endpoint_network_policies: Enabled + register: output + +- assert: + that: not output.changed + +- name: Update the subnet with delegations + azure_rm_subnet: + name: foobar01 + virtual_network_name: My_Virtual_Network + resource_group: "{{ resource_group }}" + delegations: + - name: 'mydeleg' + serviceName: 'Microsoft.ContainerInstance/containerGroups' + register: output + +- assert: + that: output + +- name: The subnet with delegations should be idempotent + azure_rm_subnet: + name: foobar01 + virtual_network_name: My_Virtual_Network + resource_group: "{{ resource_group }}" + delegations: + - name: 'mydeleg' + serviceName: 'Microsoft.ContainerInstance/containerGroups' + register: output + +- assert: + that: not output.changed + +- name: Get subnet facts + azure_rm_subnet_info: + name: foobar01 + virtual_network_name: My_Virtual_Network + resource_group: "{{ resource_group }}" + register: output + +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.subnets[0]['id'] != None + - output.subnets[0]['resource_group'] != None + - output.subnets[0]['virtual_network_name'] != None + - output.subnets[0]['name'] != None + - not output.subnets[0]['address_prefix_cidr'] + - output.subnets[0]['address_prefixes_cidr'] != None + - output.subnets[0]['security_group'] != None + - output.subnets[0]['provisioning_state'] != None + - output.subnets[0]['private_endpoint_network_policies'] != None + - output.subnets[0]['private_link_service_network_policies'] != None + - output.subnets[0]['delegations'] != None + +- name: Get subnet facts + azure_rm_subnet_info: + name: foobar + virtual_network_name: My_Virtual_Network + resource_group: "{{ resource_group }}" + register: output + +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.subnets[0]['id'] != None + - output.subnets[0]['resource_group'] != None + - output.subnets[0]['virtual_network_name'] != None + - output.subnets[0]['name'] != None + - output.subnets[0]['route_table'] != None + - output.subnets[0]['address_prefix_cidr'] != None + - output.subnets[0]['security_group'] != None + - output.subnets[0]['provisioning_state'] != None + +- name: Remove subnet + azure_rm_subnet: + state: absent + name: foobar + virtual_network_name: My_Virtual_Network + resource_group: "{{ resource_group }}" + +- name: Remove subnet (idempotent) + azure_rm_subnet: + state: absent + name: foobar + virtual_network_name: My_Virtual_Network + resource_group: "{{ resource_group }}" + register: output + +- assert: + that: not output.changed + +- name: Remove subnet + azure_rm_subnet: + state: absent + name: foobar01 + virtual_network_name: My_Virtual_Network + resource_group: "{{ resource_group }}" + +- name: Remove security group + azure_rm_securitygroup: + resource_group: "{{ resource_group }}" + name: secgroupfoo + state: absent + +- name: Remove virtual network + azure_rm_virtualnetwork: + name: My_Virtual_Network + resource_group: "{{ resource_group }}" + state: absent diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_subscription/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_subscription/aliases new file mode 100644 index 000000000..aa77c071a --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_subscription/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group2 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_subscription/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_subscription/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_subscription/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_subscription/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_subscription/tasks/main.yml new file mode 100644 index 000000000..113cfe546 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_subscription/tasks/main.yml @@ -0,0 +1,24 @@ +- name: Get list of all subscriptions + azure_rm_subscription_info: + all: True + register: az_all_subscriptions + +- name: Get a subscription by id + azure_rm_subscription_info: + id: "{{ az_all_subscriptions.subscriptions[0].subscription_id }}" + +- name: Get a subscription by name + azure_rm_subscription_info: + name: "{{ az_all_subscriptions.subscriptions[0].display_name }}" + +- name: Test invalid name id combo + azure_rm_subscription_info: + name: "{{ az_all_subscriptions.subscriptions[0].display_name }}" + id: "{{ az_all_subscriptions.subscriptions[0].subscription_id }}" + register: invalid_name + ignore_errors: yes + +- name: Assert task failed + assert: + that: + - "invalid_name['failed'] == True" diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_trafficmanagerprofile/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_trafficmanagerprofile/aliases new file mode 100644 index 000000000..46c379ff5 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_trafficmanagerprofile/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group13 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_trafficmanagerprofile/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_trafficmanagerprofile/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_trafficmanagerprofile/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_trafficmanagerprofile/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_trafficmanagerprofile/tasks/main.yml new file mode 100644 index 000000000..865c56dc4 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_trafficmanagerprofile/tasks/main.yml @@ -0,0 +1,289 @@ +- name: Prepare random number + set_fact: + tmname: "tm{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + endpointname1: "ep1{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + endpointname2: "ep2{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + run_once: yes + + +- name: Create a Traffic Manager profile(check mode) + azure_rm_trafficmanagerprofile: + resource_group: "{{ resource_group }}" + name: "{{ tmname }}" + tags: + testing: testing + delete: on-exit + foo: bar + location: global + profile_status: enabled + routing_method: performance + dns_config: + relative_name: "{{ tmname }}" + ttl: 60 + monitor_config: + protocol: HTTPS + port: 80 + path: '/' + check_mode: yes + +- name: Check there is no Traffic Manager profile created + azure_rm_trafficmanagerprofile_info: + resource_group: "{{ resource_group }}" + name: "{{ tmname }}" + register: fact + +- name: Check there is no Traffic Manager profile created + assert: { that: "{{ fact.tms | length }} == 0" } + +- name: Create a Traffic Manager profile + azure_rm_trafficmanagerprofile: + resource_group: "{{ resource_group }}" + name: "{{ tmname }}" + tags: + testing: testing + delete: on-exit + foo: bar + location: global + profile_status: enabled + routing_method: performance + dns_config: + relative_name: "{{ tmname }}" + ttl: 60 + monitor_config: + protocol: HTTPS + port: 80 + path: '/' + register: tm + +- name: Assert the Traffic Manager profile is well created + assert: + that: + - tm.changed + +- name: Gather Traffic Manager profile facts + azure_rm_trafficmanagerprofile_info: + resource_group: "{{ resource_group }}" + name: "{{ tmname }}" + register: fact + +- name: Assert fact returns the created one + assert: + that: + - "fact.tms | length == 1" + - fact.tms[0].id == tm.id + - fact.tms[0].endpoints | length == 0 + +- name: Create a Traffic Manager profile (idempotent) + azure_rm_trafficmanagerprofile: + resource_group: "{{ resource_group }}" + name: "{{ tmname }}" + tags: + testing: testing + delete: on-exit + foo: bar + location: global + profile_status: enabled + routing_method: performance + dns_config: + relative_name: "{{ tmname }}" + ttl: 60 + monitor_config: + protocol: HTTPS + port: 80 + path: '/' + register: output + +- name: Assert idempotent + assert: + that: + - not output.changed + +- name: Update the Traffic Manager profile + azure_rm_trafficmanagerprofile: + resource_group: "{{ resource_group }}" + name: "{{ tmname }}" + tags: + testing: testing + delete: on-exit + foo: bar + location: global + profile_status: disabled + routing_method: priority + dns_config: + relative_name: "{{ tmname }}" + ttl: 60 + monitor_config: + protocol: HTTPS + port: 80 + path: '/' + register: output + +- name: Assert the Traffic Manager profile is updated + assert: + that: + - output.changed + +- name: Create Traffic Manager endpoint(check mode) + azure_rm_trafficmanagerendpoint: + resource_group: "{{ resource_group }}" + profile_name: "{{ tmname }}" + name: "{{ endpointname1 }}" + type: external_endpoints + location: westus + priority: 2 + weight: 1 + target: 1.2.3.4 + check_mode: yes + register: output + +- name: Assert check mode changed + assert: + that: + - output.changed + +- name: Get endpoint + azure_rm_trafficmanagerendpoint_info: + resource_group: "{{ resource_group }}" + profile_name: "{{ tmname }}" + register: facts + +- name: Check no endpoint created in check mode + assert: + that: + - facts.endpoints | length == 0 + +- name: Create Traffic Manager endpoint + azure_rm_trafficmanagerendpoint: + resource_group: "{{ resource_group }}" + profile_name: "{{ tmname }}" + name: "{{ endpointname1 }}" + type: external_endpoints + location: westus + priority: 2 + weight: 1 + target: 1.2.3.4 + register: output + +- name: Assert endpoint create changed + assert: + that: + - output.changed + +- name: Get endpoint + azure_rm_trafficmanagerendpoint_info: + resource_group: "{{ resource_group }}" + profile_name: "{{ tmname }}" + register: facts + +- name: Check endpoint created + assert: + that: + - facts.endpoints | length == 1 + - facts.endpoints[0].name == "{{ endpointname1 }}" + +- name: Create second Traffic Manager endpoint + azure_rm_trafficmanagerendpoint: + resource_group: "{{ resource_group }}" + profile_name: "{{ tmname }}" + name: "{{ endpointname2 }}" + type: external_endpoints + location: westus + priority: 1 + weight: 3 + target: 4.3.2.1 + +- name: Get endpoint + azure_rm_trafficmanagerendpoint_info: + resource_group: "{{ resource_group }}" + profile_name: "{{ tmname }}" + register: facts + +- name: Check 2 endpoint in profile + assert: + that: + - facts.endpoints | length == 2 + +- name: Create endpoint (idempotent) + azure_rm_trafficmanagerendpoint: + resource_group: "{{ resource_group }}" + profile_name: "{{ tmname }}" + name: "{{ endpointname2 }}" + type: external_endpoints + location: westus + priority: 1 + weight: 3 + target: 4.3.2.1 + register: output + +- name: Assert endpoint creation idempotent + assert: + that: + - output.changed == False + +- name: Delete second endpoint + azure_rm_trafficmanagerendpoint: + resource_group: "{{ resource_group }}" + profile_name: "{{ tmname }}" + name: "{{ endpointname2 }}" + type: external_endpoints + state: absent + register: output + +- name: Assert endpoint deletion changed + assert: + that: + - output.changed + +- name: Get endpoint + azure_rm_trafficmanagerendpoint_info: + resource_group: "{{ resource_group }}" + profile_name: "{{ tmname }}" + register: facts + +- name: Check 1 endpoint left in profile + assert: + that: + - facts.endpoints | length == 1 + +- name: Delete the Traffic Manager profile(check mode) + azure_rm_trafficmanagerprofile: + resource_group: "{{ resource_group }}" + name: "{{ tmname }}" + state: absent + check_mode: yes + +- name: Gather Traffic Manager profile facts + azure_rm_trafficmanagerprofile_info: + resource_group: "{{ resource_group }}" + name: "{{ tmname }}" + register: fact + +- name: Assert the traffic manager profile is still there + assert: + that: + - "fact.tms | length == 1" + - fact.tms[0].id == tm.id + - fact.tms[0].endpoints | length == 1 + +- name: Delete the Traffic Manager profile + azure_rm_trafficmanagerprofile: + resource_group: "{{ resource_group }}" + name: "{{ tmname }}" + state: absent + register: output + +- name: Assert the Traffic Manager profile is well deleted + assert: + that: + - output.changed + +- name: Get Traffic Manager profile fact + azure_rm_trafficmanagerprofile_info: + resource_group: "{{ resource_group }}" + name: "{{ tmname }}" + register: fact + +- name: Assert fact returns empty + assert: + that: + - "fact.tms | length == 0" diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualhub/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualhub/aliases new file mode 100644 index 000000000..5d29c6c4d --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualhub/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group10 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualhub/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualhub/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualhub/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualhub/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualhub/tasks/main.yml new file mode 100644 index 000000000..36707bec5 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualhub/tasks/main.yml @@ -0,0 +1,94 @@ +- set_fact: + name: "{{ resource_group | hash('md5') | truncate(22, True, '') }}" + +- name: Create a VirtualHub (check mode) + azure_rm_virtualhub: + resource_group: "{{ resource_group }}" + name: "{{ name }}" + sku: Standard + check_mode: yes + +- name: Create a VirtualHub + azure_rm_virtualhub: + resource_group: "{{ resource_group }}" + name: "{{ name }}" + sku: Standard + register: output + +- name: Assert the virtual hub is well created + assert: + that: + - output.changed + - output.state.provisioning_state == 'Succeeded' + +- name: Create a VirtualHub (idempotent) + azure_rm_virtualhub: + resource_group: "{{ resource_group }}" + name: "{{ name }}" + sku: Standard + register: output + +- name: Assert idempotent + assert: + that: + - not output.changed + +- name: Get Virtual Hub Info + azure_rm_virtualhub_info: + resource_group: "{{ resource_group }}" + name: "{{ name }}" + register: output + +- name: Assert fact returns + assert: + that: + - output.virtual_hubs[0].provisioning_state == "Succeeded" + - output.virtual_hubs[0].sku == "Standard" + +- name: Create a VirtualWan + azure_rm_virtualwan: + resource_group: "{{ resource_group }}" + name: "wan-{{ name }}" + disable_vpn_encryption: true + allow_branch_to_branch_traffic: true + allow_vnet_to_vnet_traffic: true + virtual_wan_type: Standard + register: output + +- name: Create Second VirtualHub + azure_rm_virtualhub: + resource_group: "{{ resource_group }}" + name: "{{ name }}-seondary" + sku: Standard + address_prefix: 12.0.0.0/16 + virtual_wan: + id: "{{ output.state.id }}" + virtual_router_asn: 65515 + virtual_router_ips: + - 12.0.32.4 + - 12.0.32.5 + register: output + +- name: Assert the virtual hub is well created + assert: + that: + - output.changed + - output.state.provisioning_state == 'Succeeded' + +- name: Delete Second VirtualHub + azure_rm_virtualhub: + resource_group: "{{ resource_group }}" + name: "{{ name }}-seondary" + state: absent + +- name: Delete virtual hub + azure_rm_virtualhub: + resource_group: "{{ resource_group }}" + name: "{{ name }}" + state: absent + register: output + +- name: Assert the AKS instance is upgraded + assert: + that: + - output.changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualhubconnection/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualhubconnection/aliases new file mode 100644 index 000000000..5d29c6c4d --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualhubconnection/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group10 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualhubconnection/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualhubconnection/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualhubconnection/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualhubconnection/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualhubconnection/tasks/main.yml new file mode 100644 index 000000000..562ecbacc --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualhubconnection/tasks/main.yml @@ -0,0 +1,163 @@ + - set_fact: + rpfx: "{{ resource_group | hash('md5') | truncate(8, True, '') }}" + + - name: Create virtual network + azure_rm_virtualnetwork: + name: "vnet{{ rpfx }}" + address_prefixes_cidr: + - 10.1.0.0/16 + - 172.100.0.0/16 + resource_group: "{{ resource_group }}" + register: vnet_output + + - name: Create a Virtual Wan + azure_rm_virtualwan: + resource_group: "{{ resource_group }}" + name: "virtualwan{{ rpfx }}" + office365_local_breakout_category: All + disable_vpn_encryption: true + allow_branch_to_branch_traffic: true + allow_vnet_to_vnet_traffic: true + virtual_wan_type: Basic + register: vwan_output + + - name: Create a VirtualHub + azure_rm_virtualhub: + resource_group: "{{ resource_group }}" + name: "vhub{{ rpfx }}" + sku: Standard + address_prefix: 12.0.0.0/16 + virtual_wan: + id: "{{ vwan_output.state.id }}" + virtual_router_asn: 65515 + virtual_router_ips: + - 12.0.32.4 + - 12.0.32.5 + register: output + + - name: Create virtual hub connection + azure_rm_virtualhubconnection: + resource_group: "{{ resource_group }}" + vhub_name: "vhub{{ rpfx }}" + name: "connection{{ rpfx }}" + enable_internet_security: true + allow_remote_vnet_to_use_hub_vnet_gateways: false + allow_hub_to_remote_vnet_transit: true + remote_virtual_network: + id: "{{ vnet_output.state.id }}" + routing_configuration: + propagated_route_tables: + labels: + - labels1 + - labels3 + vnet_routes: + static_routes: + - name: route1 + address_prefixes: + - 10.1.0.0/16 + - 10.2.0.0/16 + - 10.6.0.0/16 + next_hop_ip_address: 10.0.0.68 + - name: route2 + address_prefixes: + - 10.4.0.0/16 + next_hop_ip_address: 10.0.0.65 + register: output + + - name: Assert the virtual hub connection is well created + assert: + that: + - output.changed + + - name: Create virtual hub connection (idempotent test) + azure_rm_virtualhubconnection: + resource_group: "{{ resource_group }}" + vhub_name: "vhub{{ rpfx }}" + name: "connection{{ rpfx }}" + enable_internet_security: true + allow_remote_vnet_to_use_hub_vnet_gateways: false + allow_hub_to_remote_vnet_transit: true + remote_virtual_network: + id: "{{ vnet_output.state.id }}" + routing_configuration: + propagated_route_tables: + labels: + - labels1 + - labels3 + vnet_routes: + static_routes: + - name: route1 + address_prefixes: + - 10.1.0.0/16 + - 10.2.0.0/16 + - 10.6.0.0/16 + next_hop_ip_address: 10.0.0.68 + - name: route2 + address_prefixes: + - 10.4.0.0/16 + next_hop_ip_address: 10.0.0.65 + register: output + + - name: Assert the virtual hub connection no changed + assert: + that: + - not output.changed + + - name: Update virtual hub connection + azure_rm_virtualhubconnection: + resource_group: "{{ resource_group }}" + vhub_name: "vhub{{ rpfx }}" + name: "connection{{ rpfx }}" + enable_internet_security: false + allow_remote_vnet_to_use_hub_vnet_gateways: false + allow_hub_to_remote_vnet_transit: true + remote_virtual_network: + id: "{{ vnet_output.state.id }}" + routing_configuration: + propagated_route_tables: + labels: + - labels1 + - labels2 + - labels3 + vnet_routes: + static_routes: + - name: route1 + address_prefixes: + - 10.1.0.0/16 + - 10.2.0.0/16 + - 10.6.0.0/16 + - 10.7.0.0/16 + next_hop_ip_address: 10.0.0.68 + - name: route2 + address_prefixes: + - 10.4.0.0/16 + next_hop_ip_address: 10.0.0.65 + register: output + + - name: Assert the virtual hub connection no changed + assert: + that: + - output.changed + + - name: Get virtual hub connection info + azure_rm_virtualhubconnection_info: + resource_group: "{{ resource_group }}" + virtual_hub_name: "vhub{{ rpfx }}" + name: "connection{{ rpfx }}" + register: output + + - name: Assert fact returns + assert: + that: + - output.virtual_hub_connection[0].allow_hub_to_remote_vnet_transit + - not output.virtual_hub_connection[0].allow_remote_vnet_to_use_hub_vnet_gateways + - not output.virtual_hub_connection[0].enable_internet_security + - output.virtual_hub_connection[0].routing_configuration.propagated_route_tables.labels | length == 3 + - output.virtual_hub_connection[0].routing_configuration.vnet_routes.static_routes | length == 2 + + - name: Delete the virtual hub connection + azure_rm_virtualhubconnection: + resource_group: "{{ resource_group }}" + vhub_name: "vhub{{ rpfx }}" + name: "connection{{ rpfx }}" + state: absent diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/aliases new file mode 100644 index 000000000..7611d8265 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/aliases @@ -0,0 +1,4 @@ +cloud/azure +shippable/azure/group7 +destructive +azure_rm_virtualmachine_info diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/inventory.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/inventory.yml new file mode 100644 index 000000000..ceb88cd7e --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/inventory.yml @@ -0,0 +1,74 @@ +all: + hosts: + azure_test_invalid: + azure_test_public_ip: + network: 10.42.0.0/24 + subnet: 10.42.0.0/28 + + azure_test_no_public_ip: + network: 10.42.1.0/24 + subnet: 10.42.1.0/28 + + azure_test_deallocate: + network: 10.42.2.0/24 + subnet: 10.42.2.0/28 + + azure_test_minimal: + network: 10.42.3.0/24 + subnet: 10.42.3.0/28 + + azure_test_minimal_manageddisk: + network: 10.42.3.0/24 + subnet: 10.42.3.0/28 + + azure_test_dual_nic: + network: 10.42.4.0/24 + subnet: 10.42.4.0/28 + secondary_network: 10.42.5.0/24 + secondary_subnet: 10.42.5.0/28 + nic_list: + - name: "{{ 'int' ~ uid_short ~ '-1' }}" + resource_group: "{{ resource_group_secondary }}" + - name: "{{ 'int' ~ uid_short ~ '-2' }}" + resource_group: "{{ resource_group_secondary }}" + + azure_test_no_nsg: + network: 10.42.6.0/24 + subnet: 10.42.6.0/28 + + vars: + ansible_connection: local + ansible_python_interpreter: "{{ ansible_playbook_python }}" + + uid: "{{ (resource_group ~ inventory_hostname) | hash('md5') | truncate(18, True, '') }}" + uid_short: "{{ (resource_group ~ inventory_hostname) | hash('md5') | truncate(10, True, '') }}" + + storage_account: "{{ 'stor' ~ uid }}" + availability_set: "{{ 'avbs' ~ uid_short }}" + vm_name: "{{ 'vm' ~ uid_short }}" + network_name: "{{ 'vnet' ~ uid_short }}" + subnet_name: "{{ 'snet' ~ uid_short }}" + security_group: "{{ 'sg' ~ uid_short }}" + public_ip_name: "{{ 'ip' ~ uid_short }}" + interface_name: "{{ 'int' ~ uid_short }}" + + ssh_keys: + - path: '/home/chouseknecht/.ssh/authorized_keys' + key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC1igsIlcmTa/yfsJnTtnrEX7PP/a01gwbXcig6JOKyrUmJB8E6c/wtZwP115VSyDRTO6TEL/sBFUpkSw01zM8ydNATErh8meBlAlbnDq5NLhDXnMizgG0VNn0iLc/WplFTqkefsHXa8NtIxAtyEVIj/fKbK3XfBOdEpE3+MJYNtGlWyaod28W+5qmQPZDQys+YnE4OjSwN7D3g85/7dtLFvDH+lEC4ooJOaxVFr9VSMXUIkaRF6oI+R1Zu803LFSCTb4BfFOYOHPuQ/rEMP0KuUzggvP+TEBY14PEA2FoHOn+oRsT0ZR2+loGRaxSVqCQKaEHbNbkm+6Rllx2NQRO0BJxCSKRU1iifInLPxmSc4gvsHCKMAWy/tGkmKHPWIfN8hvwyDMK5MNBp/SJ1pVx4xuFDQjVWNbll0yk2+72uJgtFHHwEPK9QsOz45gX85vS3yhYCKrscS/W9h2l36SWwQXuGy4fXotE7esPsvNGAzBndHX1O8RMPg47qJXz059RyoGforoa9TnzIs3hIv+ts7ESx3OEq3HNk0FJ+wDka7IM7WQpGrVToJ0vfDy9Q46nw54vv5Zc/u4OZF3F5twHmyf3rLYKXRDuCvZQKT2iWQKVX6j63bq6orA5hwl22zndxWZNtOwtq8Sd0Ns0K/Fo/ggYDDGBtr68DwhA+MrxrHw== chouseknecht@ansible.com" + + image: + offer: CentOS + publisher: OpenLogic + sku: '7.1' + version: latest + + image_paid: + publisher: cognosys + offer: ubuntu-14-04-lts + sku: hardened-ubuntu-14-04 + version: latest + + plan_paid: + name: hardened-ubuntu-14-04 + product: ubuntu-14-04-lts + publisher: cognosys diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/main.yml new file mode 100644 index 000000000..c9c9158c4 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/main.yml @@ -0,0 +1,7 @@ +- name: Run Azure VM tests in parallel + hosts: all + gather_facts: no + strategy: free + tasks: + - name: Include tasks based on inventory hostname + include_tasks: tasks/{{ inventory_hostname }}.yml diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/runme.sh b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/runme.sh new file mode 100644 index 000000000..c7895c9d2 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/runme.sh @@ -0,0 +1,5 @@ +#!/usr/bin/env bash + +set -eux + +ansible-playbook -i inventory.yml main.yml "$@" diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_deallocate.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_deallocate.yml new file mode 100644 index 000000000..3c86c7419 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_deallocate.yml @@ -0,0 +1,103 @@ +- include_tasks: setup.yml + +- name: Create minimal VM with defaults + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + admin_username: "testuser" + ssh_password_enabled: false + ssh_public_keys: + - path: /home/testuser/.ssh/authorized_keys + key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com" + vm_size: Standard_B1ms + virtual_network: "{{ network_name }}" + image: + offer: UbuntuServer + publisher: Canonical + sku: 16.04-LTS + version: latest + register: vm_output + +- name: Get VM facts + azure_rm_virtualmachine_info: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + register: vm_state + +- name: Pause for 10 mimutes to VM updating + shell: sleep 600 + +- name: Restart the virtual machine + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + restarted: yes + vm_size: Standard_B1ms + register: restart_result + +- name: Ensue VM was restarted + assert: + that: + - "azure_vm.powerstate in ['starting', 'running']" + - restart_result is changed + +- name: Deallocate the virtual machine + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + allocated: no + vm_size: Standard_B1ms + register: deallocate_result + +- name: Ensure VM was deallocated + assert: + that: + - azure_vm.powerstate == 'deallocated' + - deallocate_result is changed + +- name: Start the virtual machine + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + vm_size: Standard_B1ms + started: True + register: start_result + +- name: Ensure VM was started + assert: + that: + - "azure_vm.powerstate in ['starting', 'running']" + - start_result is changed + +- name: Delete VM + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + state: absent + remove_on_absent: all_autocreated + +- name: Destroy subnet + azure_rm_subnet: + resource_group: "{{ resource_group }}" + virtual_network: "{{ network_name }}" + name: "{{ subnet_name }}" + state: absent + +- name: Destroy virtual network + azure_rm_virtualnetwork: + resource_group: "{{ resource_group }}" + name: "{{ network_name }}" + state: absent + +- name: Destroy availability set + azure_rm_availabilityset: + resource_group: "{{ resource_group }}" + name: "{{ availability_set }}" + state: absent + +- name: Destroy storage account + azure_rm_storageaccount: + resource_group: "{{ resource_group }}" + name: "{{ storage_account }}" + force_delete_nonempty: yes + state: absent diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_dual_nic.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_dual_nic.yml new file mode 100644 index 000000000..6202e3534 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_dual_nic.yml @@ -0,0 +1,146 @@ +- include_tasks: setup.yml + +- name: Create virtual network in secondary resource group + azure_rm_virtualnetwork: + resource_group: "{{ resource_group_secondary }}" + name: "{{ network_name ~ '-2' }}" + address_prefixes: "{{ secondary_network }}" + register: create_virt_net_result + +- name: Create subnet in secondary resource group + azure_rm_subnet: + resource_group: "{{ resource_group_secondary }}" + name: "{{ subnet_name ~ '-2' }}" + address_prefix: "{{ secondary_subnet }}" + virtual_network: "{{ network_name ~ '-2' }}" + +- name: Create NICs for dual NIC VM in secondary resource group + azure_rm_networkinterface: + resource_group: "{{ item.resource_group }}" + name: "{{ item.name }}" + virtual_network: "{{ network_name ~ '-2' }}" + subnet: "{{ subnet_name ~ '-2' }}" + loop: "{{ nic_list }}" + +- name: Create virtual machine with two NICs + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" # Should this be resource_group_secondary? + name: "{{ vm_name }}" + vm_size: Standard_B1ms + storage_account: "{{ storage_account }}" + storage_container: "{{ vm_name }}" + storage_blob: "{{ vm_name }}.vhd" + admin_username: adminuser + ssh_password_enabled: false + ssh_public_keys: + - path: /home/adminuser/.ssh/authorized_keys + key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com" + short_hostname: testvm + os_type: Linux + os_disk_size_gb: 64 + os_disk_name: testosdiskxx + network_interfaces: "{{ nic_list }}" + availability_set: "{{ availability_set }}" + image: + offer: UbuntuServer + publisher: Canonical + sku: 16.04-LTS + version: latest + tags: + abc: def + +- name: Ensure VM was created properly + assert: + that: + - azure_vm.properties.availabilitySet.id + - azure_vm.properties.storageProfile.osDisk.name == 'testosdiskxx' + +- name: Retrieve VM facts (filtering by name) + azure_rm_virtualmachine_info: + resource_group: "{{ resource_group }}" # Should this be resource_group_secondary? + name: "{{ vm_name }}" + register: vm_facts_results + +- name: Ensure facts module returned the second VM + assert: + that: + - vm_facts_results.vms | length == 1 + - vm_facts_results.vms[0].name == "{{ vm_name }}" + - vm_facts_results.vms[0].location + - vm_facts_results.vms[0].admin_username == 'adminuser' + - vm_facts_results.vms[0].resource_group == "{{ resource_group }}" + - vm_facts_results.vms[0].power_state != None + +- name: Retrieve facts by tags + azure_rm_virtualmachine_info: + tags: + - abc:def + register: facts_by_tags_results + +- name: Assert that facts module returned the second VM + assert: + that: + - facts_by_tags_results.vms | length >= 1 + +- name: Should be idempotent with a dual NICs + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" # Should this be resource_group_secondary? + name: "{{ vm_name }}" + vm_size: Standard_B1ms + storage_account: "{{ storage_account }}" + storage_container: "{{ vm_name }}" + storage_blob: "{{ vm_name }}.vhd" + admin_username: adminuser + ssh_password_enabled: false + ssh_public_keys: + - path: /home/adminuser/.ssh/authorized_keys + key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com" + short_hostname: testvm + os_type: Linux + os_disk_size_gb: 64 + network_interfaces: "{{ nic_list }}" + availability_set: "{{ availability_set }}" + image: + offer: UbuntuServer + publisher: Canonical + sku: 16.04-LTS + version: latest + register: dual_nics_result + +- name: Ensure nothing changed + assert: + that: dual_nics_result is not changed + +- name: Get VM facts + azure_rm_virtualmachine_info: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + register: vm_state + +- name: Pause for 10 mimutes to VM updating + shell: sleep 600 + +- name: Generalize VM + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" # Should this be resource_group_secondary? + name: "{{ vm_name }}" + generalized: yes + +- name: Gather facts and check if machine is generalized + azure_rm_virtualmachine_info: + resource_group: "{{ resource_group }}" # Should this be resource_group_secondary? + name: "{{ vm_name }}" + register: generalized_output + +- name: Ensure power state is generalized + assert: + that: generalized_output.vms[0].power_state == 'generalized' + +- name: Delete dual NIC VM + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" # Should this be resource_group_secondary? + name: "{{ vm_name }}" + state: absent + vm_size: Standard_B1ms + async: 5000 + poll: 0 diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_ephemeral_os.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_ephemeral_os.yml new file mode 100644 index 000000000..4169333b9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_ephemeral_os.yml @@ -0,0 +1,130 @@ +- include_tasks: setup.yml + +- name: create proximity placement group + azure_rm_proximityplacementgroup: + resource_group: "{{ resource_group }}" + name: testproximityplacement + register: output + +- name: Create minimal VM with proximentplace group + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + admin_username: "testuser" + ssh_password_enabled: false + proximity_placement_group: + id: "{{ output.state.id }}" + ssh_public_keys: + - path: /home/testuser/.ssh/authorized_keys + key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com" + vm_size: Standard_DS2_v2 + image: + offer: UbuntuServer + publisher: Canonical + sku: 16.04-LTS + version: latest + register: vm_output + +- name: Get VM facts + azure_rm_virtualmachine_info: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + register: vm_state + +- name: Pause for 10 mimutes to VM updating + shell: sleep 600 + +- name: Generalize VM + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + generalized: yes + +- name: Create an image from VM + azure_rm_image: + resource_group: "{{ resource_group }}" + source: "{{ vm_name }}" + name: testimage + os_type: Linux + register: output + +- assert: + that: + - output.changed + +- name: Create virtual machine ephmeral OS disk + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}-02" + admin_username: "testuser" + ssh_password_enabled: false + ssh_public_keys: + - path: /home/testuser/.ssh/authorized_keys + key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com" + vm_size: Standard_DS2_v2 + os_disk_caching: ReadOnly + ephemeral_os_disk: True + image: testimage + register: output + +- assert: + that: + - output.changed + - output.ansible_facts.azure_vm.properties.storageProfile.osDisk.diffDiskSettings.option == 'Local' + +- name: Check virtual machine ephmeral OS disk idempotent + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}-02" + admin_username: "testuser" + ssh_password_enabled: false + ssh_public_keys: + - path: /home/testuser/.ssh/authorized_keys + key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com" + vm_size: Standard_DS2_v2 + os_disk_caching: ReadOnly + ephemeral_os_disk: True + image: testimage + register: output + +- assert: + that: + - not output.changed + +- name: Check virtual machine ephmeral OS disk can't update + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}-02" + admin_username: "testuser" + ssh_password_enabled: false + ssh_public_keys: + - path: /home/testuser/.ssh/authorized_keys + key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com" + vm_size: Standard_DS2_v2 + os_disk_caching: ReadOnly + ephemeral_os_disk: False + image: testimage + ignore_errors: yes + register: ouput + +- assert: + that: + - not output.changed + +- name: Delete VM + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + state: absent + +- name: Delete VM + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}-02" + state: absent + +- name: Create an image from VM + azure_rm_image: + resource_group: "{{ resource_group }}" + name: testimage + state: absent diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_image_latest.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_image_latest.yml new file mode 100644 index 000000000..812ef48d3 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_image_latest.yml @@ -0,0 +1,69 @@ +- include_tasks: setup.yml + +- name: List available versions for UbuntuServer image + azure_rm_virtualmachineimage_info: + location: eastus + publisher: Canonical + offer: UbuntuServer + sku: 16.04-LTS + register: image_list + +- name: Get latest UbuntuServer image name + set_fact: + latest_image_name: "{{ (image_list['vmimages'] | map(attribute='name') | sort(reverse=True))[0] }}" + +- name: Create minimal VM with defaults + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + admin_username: "testuser" + ssh_password_enabled: false + ssh_public_keys: + - path: /home/testuser/.ssh/authorized_keys + key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com" + vm_size: Standard_B1ms + virtual_network: "{{ network_name }}" + image: + offer: UbuntuServer + publisher: Canonical + sku: 16.04-LTS + version: latest + register: vm_output + +- name: Ensure VM was created using the latest UbuntuServer image version / name + assert: + that: + - vm_output.azure_vm.properties.storageProfile.imageReference.version == latest_image_name + +- name: Delete VM + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + remove_on_absent: all_autocreated + state: absent + +- name: Destroy subnet + azure_rm_subnet: + resource_group: "{{ resource_group }}" + virtual_network: "{{ network_name }}" + name: "{{ subnet_name }}" + state: absent + +- name: Destroy virtual network + azure_rm_virtualnetwork: + resource_group: "{{ resource_group }}" + name: "{{ network_name }}" + state: absent + +- name: Destroy availability set + azure_rm_availabilityset: + resource_group: "{{ resource_group }}" + name: "{{ availability_set }}" + state: absent + +- name: Destroy storage account + azure_rm_storageaccount: + resource_group: "{{ resource_group }}" + name: "{{ storage_account }}" + force_delete_nonempty: yes + state: absent diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_image_specific.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_image_specific.yml new file mode 100644 index 000000000..12fc28154 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_image_specific.yml @@ -0,0 +1,61 @@ +- include_tasks: setup.yml + +- name: Set specific UbuntuServer image version + set_fact: + specific_image_name: "16.04.202104140" + +- name: Create minimal VM with defaults + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + admin_username: "testuser" + ssh_password_enabled: false + ssh_public_keys: + - path: /home/testuser/.ssh/authorized_keys + key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com" + vm_size: Standard_B1ms + virtual_network: "{{ network_name }}" + image: + offer: UbuntuServer + publisher: Canonical + sku: 16.04-LTS + version: "{{ specific_image_name }}" + register: vm_output + +- name: Ensure VM was created using the specific UbuntuServer image version / name + assert: + that: + - vm_output.azure_vm.properties.storageProfile.imageReference.version == specific_image_name + +- name: Delete VM + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + remove_on_absent: all_autocreated + state: absent + +- name: Destroy subnet + azure_rm_subnet: + resource_group: "{{ resource_group }}" + virtual_network: "{{ network_name }}" + name: "{{ subnet_name }}" + state: absent + +- name: Destroy virtual network + azure_rm_virtualnetwork: + resource_group: "{{ resource_group }}" + name: "{{ network_name }}" + state: absent + +- name: Destroy availability set + azure_rm_availabilityset: + resource_group: "{{ resource_group }}" + name: "{{ availability_set }}" + state: absent + +- name: Destroy storage account + azure_rm_storageaccount: + resource_group: "{{ resource_group }}" + name: "{{ storage_account }}" + force_delete_nonempty: yes + state: absent diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_invalid.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_invalid.yml new file mode 100644 index 000000000..86ec72de1 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_invalid.yml @@ -0,0 +1,35 @@ +# TODO: Until we have a module to create/delete images this is the best tests I can do +- name: Assert error thrown with invalid image dict + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + image: + offer: UbuntuServer + register: fail_invalid_image_dict + failed_when: 'fail_invalid_image_dict.msg != "parameter error: expecting image to contain [publisher, offer, sku, version], [name, resource_group] or [id]"' + +- name: Assert error thrown with invalid image type + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + image: + - testing + register: fail_invalid_image_type + failed_when: 'fail_invalid_image_type.msg != "parameter error: expecting image to be a string or dict not list"' + +- name: Assert error finding missing custom image + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + image: invalid-image + register: fail_missing_custom_image + failed_when: fail_missing_custom_image.msg != "Error could not find image with name invalid-image" + +- name: Assert error finding missing custom image (dict style) + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + image: + name: invalid-image + register: fail_missing_custom_image_dict + failed_when: fail_missing_custom_image_dict.msg != "Error could not find image with name invalid-image" diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_minimal.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_minimal.yml new file mode 100644 index 000000000..750cbe0b4 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_minimal.yml @@ -0,0 +1,133 @@ +- include_tasks: setup.yml + +# # Tests possible when CI user acccount setup with required authority +# - name: Create virtual machine with image and plan which requires acceptance of terms +# azure_rm_virtualmachine: +# resource_group: "{{ resource_group }}" +# name: testvm009 +# vm_size: Standard_A0 +# storage_account: "{{ storage_account }}" +# storage_container: testvm001 +# storage_blob: testvm003.vhd +# admin_username: adminuser +# admin_password: Password123! +# short_hostname: testvm +# os_type: Linux +# availability_set: "{{ availability_set }}" +# image: "{{ image_paid }}" +# plan_paid: "{{ plan_paid }}" +# register: create_image_plan_result + +# - assert: +# that: +# - create_image_plan_result is changed +# - create_image_plan_result.ansible_facts.azure_vm.properties.storageProfile.imageReference.publisher == image_paid.publisher + +# - name: Should be idempotent with image and plan which requires acceptance of terms +# azure_rm_virtualmachine: +# resource_group: "{{ resource_group }}" +# name: testvm009 +# vm_size: Standard_A0 +# storage_account: "{{ storage_account }}" +# storage_container: testvm001 +# storage_blob: testvm003.vhd +# admin_username: adminuser +# admin_password: Password123! +# short_hostname: testvm +# os_type: Linux +# availability_set: "{{ availability_set }}" +# image: "{{ image_paid }}" +# plan_paid: "{{ plan_paid }}" +# register: create_image_plan_again_result + +# - assert: +# that: create_image_plan_again is not changed + +- name: Create minimal VM with defaults + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + admin_username: "testuser" + ssh_password_enabled: false + ssh_public_keys: + - path: /home/testuser/.ssh/authorized_keys + key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com" + vm_size: Standard_B1ms + virtual_network: "{{ network_name }}" + image: + offer: UbuntuServer + publisher: Canonical + sku: 16.04-LTS + version: latest + register: vm_output + +- name: Query auto created security group before deleting + azure_rm_securitygroup_info: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}01" + register: nsg_result + +- name: Assert that security group were exist before deleting + assert: + that: + - nsg_result.securitygroups | length == 1 + - nsg_result.securitygroups[0].network_interfaces | length == 1 + +- name: Delete VM + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + remove_on_absent: all_autocreated + state: absent + +- name: Query auto created NIC + azure_rm_networkinterface_info: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}01" + register: nic_result + +- name: Query auto created security group + azure_rm_securitygroup_info: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}01" + register: nsg_result + +- name: Query auto created public IP + azure_rm_publicipaddress_info: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}01" + register: pip_result + +- name: Assert that autocreated resources were deleted + assert: + that: + # what about the default storage group? + - nic_result.networkinterfaces | length == 0 + - nsg_result.securitygroups | length == 0 + - pip_result.publicipaddresses | length == 0 + +- name: Destroy subnet + azure_rm_subnet: + resource_group: "{{ resource_group }}" + virtual_network: "{{ network_name }}" + name: "{{ subnet_name }}" + state: absent + +- name: Destroy virtual network + azure_rm_virtualnetwork: + resource_group: "{{ resource_group }}" + name: "{{ network_name }}" + state: absent + +- name: Destroy availability set + azure_rm_availabilityset: + resource_group: "{{ resource_group }}" + name: "{{ availability_set }}" + state: absent + +- name: Destroy storage account + azure_rm_storageaccount: + resource_group: "{{ resource_group }}" + name: "{{ storage_account }}" + force_delete_nonempty: yes + state: absent diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_minimal_manageddisk.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_minimal_manageddisk.yml new file mode 100644 index 000000000..27274b0de --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_minimal_manageddisk.yml @@ -0,0 +1,89 @@ +- name: Create virtual network + azure_rm_virtualnetwork: + resource_group: "{{ resource_group }}" + name: "{{ network_name }}-disk" + address_prefixes: "{{ network }}" + location: westeurope + +- name: Create subnet + azure_rm_subnet: + resource_group: "{{ resource_group }}" + name: "{{ subnet_name }}" + address_prefix: "{{ subnet }}" + virtual_network: "{{ network_name }}-disk" + +- name: Create network interface + azure_rm_networkinterface: + resource_group: "{{ resource_group }}" + name: "{{ interface_name }}-disk" + virtual_network: "{{ network_name }}-disk" + subnet: "{{ subnet_name }}" + location: westeurope + +- name: Create minimal VM with defaults and a custom managed disk type + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + admin_username: "testuser" + ssh_password_enabled: false + managed_disk_type: StandardSSD_ZRS + public_ip_allocation_method: Disabled + location: westeurope + network_interface_names: + - name: "{{ interface_name }}-disk" + resource_group: "{{ resource_group }}" + ssh_public_keys: + - path: /home/testuser/.ssh/authorized_keys + key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com" + vm_size: Standard_D4s_v3 + virtual_network: "{{ network_name }}-disk" + image: + offer: UbuntuServer + publisher: Canonical + sku: 16.04-LTS + version: latest + register: vm_output + +- name: Assert status succeeded + assert: + that: + - vm_output.changed + +- name: Delete VM + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + remove_on_absent: all_autocreated + state: absent + +- name: Destroy NIC + azure_rm_networkinterface: + resource_group: "{{ resource_group }}" + name: "{{ interface_name }}-disk" + state: absent + ignore_errors: true + +- name: Delete network security group + azure_rm_securitygroup: + resource_group: "{{ resource_group }}" + name: "{{ interface_name }}-disk" + state: absent + +- name: Destroy disk + azure_rm_manageddisk: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + state: absent + +- name: Destroy subnet + azure_rm_subnet: + resource_group: "{{ resource_group }}" + virtual_network: "{{ network_name }}" + name: "{{ subnet_name }}-disk" + state: absent + +- name: Destroy virtual network + azure_rm_virtualnetwork: + resource_group: "{{ resource_group }}" + name: "{{ network_name }}-disk" + state: absent diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_no_nsg.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_no_nsg.yml new file mode 100644 index 000000000..7b88dd8d8 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_no_nsg.yml @@ -0,0 +1,83 @@ +- include_tasks: setup.yml + +- name: Create minimal VM with defaults + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + admin_username: "testuser" + ssh_password_enabled: false + ssh_public_keys: + - path: /home/testuser/.ssh/authorized_keys + key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com" + vm_size: Standard_B1ms + virtual_network: "{{ network_name }}" + created_nsg: false + image: + offer: UbuntuServer + publisher: Canonical + sku: 16.04-LTS + version: latest + register: vm_output + +- name: Query auto created security group before deleting + azure_rm_securitygroup_info: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}01" + register: nsg_result + +- name: Assert that security group were not exist before deleting + assert: + that: + - nsg_result.securitygroups | length == 0 + +- name: Delete VM + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + remove_on_absent: all_autocreated + state: absent + +- name: Query auto created NIC + azure_rm_networkinterface_info: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}01" + register: nic_result + +- name: Query auto created public IP + azure_rm_publicipaddress_info: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}01" + register: pip_result + +- name: Assert that autocreated resources were deleted + assert: + that: + # what about the default storage group? + - nic_result.networkinterfaces | length == 0 + - pip_result.publicipaddresses | length == 0 + +- name: Destroy subnet + azure_rm_subnet: + resource_group: "{{ resource_group }}" + virtual_network: "{{ network_name }}" + name: "{{ subnet_name }}" + state: absent + +- name: Destroy virtual network + azure_rm_virtualnetwork: + resource_group: "{{ resource_group }}" + name: "{{ network_name }}" + state: absent + +- name: Destroy availability set + azure_rm_availabilityset: + resource_group: "{{ resource_group }}" + name: "{{ availability_set }}" + state: absent + +- name: Destroy storage account + azure_rm_storageaccount: + resource_group: "{{ resource_group }}" + name: "{{ storage_account }}" + force_delete_nonempty: yes + state: absent diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_no_public_ip.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_no_public_ip.yml new file mode 100644 index 000000000..5b41a6eb9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_no_public_ip.yml @@ -0,0 +1,44 @@ +- include_tasks: setup.yml + +- name: Create virtual machine without public ip address and with boot diagnostics enabled + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + vm_size: Standard_B1ms + admin_username: adminuser + ssh_password_enabled: false + ssh_public_keys: + - path: /home/adminuser/.ssh/authorized_keys + key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com" + short_hostname: testvm + os_type: Linux + public_ip_allocation_method: Disabled + storage_account_name: "{{ storage_account }}" + availability_set: "{{ availability_set }}" + virtual_network: "{{ network_name }}" + boot_diagnostics: + enabled: yes + image: + offer: UbuntuServer + publisher: Canonical + sku: 16.04-LTS + version: latest + register: create_vm_public_result + +- name: Ensure VM was created properly + assert: + that: + - azure_vm.properties.diagnosticsProfile.bootDiagnostics.enabled + - azure_vm.properties.diagnosticsProfile.bootDiagnostics.storageUri is defined + - azure_vm.properties.instanceView.bootDiagnostics.consoleScreenshotBlobUri is defined + - azure_vm.properties.instanceView.bootDiagnostics.serialConsoleLogBlobUri is defined + - not 'publicIPAddress' in create_vm_public_result.ansible_facts.azure_vm.properties.networkProfile.networkInterfaces[0].properties.ipConfigurations[0].properties + +- name: Delete VM with no public ip + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + state: absent + remove_on_absent: all_autocreated + async: 5000 + poll: 0 diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_public_ip.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_public_ip.yml new file mode 100644 index 000000000..6e3e47ea1 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_public_ip.yml @@ -0,0 +1,331 @@ +- include_tasks: setup.yml + +- name: Create public ip + azure_rm_publicipaddress: + resource_group: "{{ resource_group }}" + allocation_method: Static + name: "{{ public_ip_name }}" + +- name: Create security group + azure_rm_securitygroup: + resource_group: "{{ resource_group }}" + name: "{{ security_group }}" + purge_rules: yes + rules: + - name: ALLOW_SSH + protocol: Tcp + destination_port_range: 22 + access: Allow + priority: 100 + direction: Inbound + + - name: ALLOW_HTTP + protocol: Tcp + destination_port_range: 80 + access: Allow + priority: 110 + direction: Inbound + +- name: Create network interface + azure_rm_networkinterface: + resource_group: "{{ resource_group }}" + name: "{{ interface_name }}" + virtual_network: "{{ network_name }}" + subnet: "{{ subnet_name }}" + public_ip_name: "{{ public_ip_name }}" + security_group: "{{ security_group }}" + +- name: Create virtual machine with a single NIC and no boot diagnostics + register: output + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + vm_size: Standard_B1ms + storage_account: "{{ storage_account }}" + storage_container: "{{ vm_name }}" + storage_blob: "{{ vm_name }}.vhd" + admin_username: adminuser + ssh_password_enabled: false + ssh_public_keys: + - path: /home/adminuser/.ssh/authorized_keys + key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com" + short_hostname: testvm + os_type: Linux + network_interfaces: "{{ interface_name }}" + availability_set: "{{ availability_set }}" + image: + offer: UbuntuServer + publisher: Canonical + sku: 16.04-LTS + version: latest + custom_data: | + #!/bin/sh + echo "custom_data was executed" > /tmp/custom_data.txt + +- name: Ensure VM was created properly + assert: + that: + - azure_vm.properties.provisioningState == 'Succeeded' + - azure_vm.properties.availabilitySet.id + # initial response from creation has no diagnosticsProfile + # if you run it again however, there is one in the response + # so we handle both cases + - "'diagnosticsProfile' not in azure_vm.properties or not azure_vm.properties.diagnosticsProfile.bootDiagnostics.enabled" + +- name: Get facts for virtual machine without boot diagnostics disabled + azure_rm_virtualmachine_info: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + register: vm_facts_no_boot_diag_result + +- name: Ensure VM facts are correct + assert: + that: + - vm_facts_no_boot_diag_result.vms != [] + - not vm_facts_no_boot_diag_result.vms[0].boot_diagnostics.enabled + - not vm_facts_no_boot_diag_result.vms[0].boot_diagnostics.storage_uri + +- name: Get VM facts + azure_rm_virtualmachine_info: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + register: vm_state + +- name: Pause for 10 mimutes to VM updating + shell: sleep 600 + +- name: Enable boot diagnostics on an existing VM for the first time without specifying a storage account + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + boot_diagnostics: + enabled: yes + # without specifying storage_account you get a new default storage account for the VM + +- name: Ensure VM properties are correct + assert: + that: + - azure_vm.properties.diagnosticsProfile.bootDiagnostics.enabled + - azure_vm.properties.diagnosticsProfile.bootDiagnostics.storageUri is defined + - azure_vm.properties.instanceView.bootDiagnostics.consoleScreenshotBlobUri is defined + - azure_vm.properties.instanceView.bootDiagnostics.serialConsoleLogBlobUri is defined + +- name: Get facts for virtual machine with boot diagnostics enabled + azure_rm_virtualmachine_info: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + register: vm_facts_boot_diag_result + +- name: Ensure VM facts were returned + assert: + that: + - vm_facts_boot_diag_result.vms != [] + - vm_facts_boot_diag_result.vms[0].boot_diagnostics.enabled + - vm_facts_boot_diag_result.vms[0].boot_diagnostics.storage_uri is defined + - vm_facts_boot_diag_result.vms[0].boot_diagnostics.console_screenshot_uri is defined + - vm_facts_boot_diag_result.vms[0].boot_diagnostics.serial_console_log_uri is defined + +- name: Change the boot diagnostics storage account while enabled + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + boot_diagnostics: + enabled: yes + storage_account: "{{ storage_account }}" + ignore_errors: yes + +- name: Disable boot diagnostics and change the storage account at the same time + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + boot_diagnostics: + enabled: no + storage_account: "{{ storage_account }}" + +- name: Ensure boot diagnostics was disabled + assert: + that: + - not azure_vm.properties.diagnosticsProfile.bootDiagnostics.enabled + +- name: Re-enable boot diagnostics on an existing VM where it was previously configured + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + boot_diagnostics: + enabled: yes + register: reenable_boot_diag_result + +- name: Ensure boot diagnostics was reenabled + assert: + that: + - azure_vm.properties.diagnosticsProfile.bootDiagnostics.enabled + - azure_vm.properties.diagnosticsProfile.bootDiagnostics.storageUri is defined + - azure_vm.properties.instanceView.bootDiagnostics.consoleScreenshotBlobUri is defined + - azure_vm.properties.instanceView.bootDiagnostics.serialConsoleLogBlobUri is defined + +# - add_host: +# name: new_azure_vm +# ansible_host: '{{ reenable_boot_diag_result.ansible_facts.azure_vm.properties.networkProfile.networkInterfaces[0].properties.ipConfigurations[0].properties.publicIPAddress.properties.ipAddress }}' +# ansible_connection: paramiko # not guaranteed to have sshpass... +# ansible_user: adminuser +# ansible_password: Password123! +# ansible_host_key_checking: no + +# - name: wait for SSH port to be open +# wait_for: +# host: '{{ hostvars["new_azure_vm"].ansible_host }}' +# port: 22 +# timeout: 60 +# state: started + +# # TODO: figure out how to make this work under ansible-test with the coverage injector +# - block: +# - name: wait for host to answer on SSH +# delegate_to: new_azure_vm +# wait_for_connection: + +# - name: get content from custom_data script +# raw: cat /tmp/custom_data.txt +# register: custom_data_content + +# - name: assert contents +# assert: +# that: custom_data_content.stdout | regex_search('custom_data was executed') +# delegate_to: new_azure_vm + +# # TODO: figure out how to make this work under ansible-test with the coverage injector +# - name: wait for file/content created by custom_data script +# delegate_to: new_azure_vm +# vars: +# ansible_python_interpreter: python +# wait_for: +# path: /tmp/custom_data.txt +# search_regex: ^custom_data was executed$ +# timeout: 20 + +- name: Should be idempotent with a single NIC + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + vm_size: Standard_B1ms + storage_account: "{{ storage_account }}" + storage_container: "{{ vm_name }}" + storage_blob: "{{ vm_name }}.vhd" + admin_username: adminuser + ssh_password_enabled: false + ssh_public_keys: + - path: /home/adminuser/.ssh/authorized_keys + key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com" + short_hostname: testvm + os_type: Linux + network_interfaces: "{{ interface_name }}" + image: + offer: UbuntuServer + publisher: Canonical + sku: 16.04-LTS + version: latest + register: single_nic_result + +- name: Ensure nothing changed + assert: + that: single_nic_result is not changed + +- name: Resize VM + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + vm_size: Standard_A1 + storage_account: "{{ storage_account }}" + storage_container: "{{ vm_name }}" + storage_blob: "{{ vm_name }}.vhd" + admin_username: adminuser + ssh_password_enabled: false + ssh_public_keys: + - path: /home/adminuser/.ssh/authorized_keys + key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com" + short_hostname: testvm + os_type: Linux + network_interfaces: "{{ interface_name }}" + image: + offer: UbuntuServer + publisher: Canonical + sku: 16.04-LTS + version: latest + register: resize_result + +- name: Esure VM was resized + assert: + that: + - resize_result is changed + - resize_result.ansible_facts.azure_vm.properties.hardwareProfile.vmSize == "Standard_A1" + +- name: Delete VM + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + state: absent + vm_size: Standard_B1ms + +- name: NIC should be gone + azure_rm_networkinterface_info: + resource_group: "{{ resource_group }}" + name: "{{ interface_name }}" + register: output + +- name: Ensure NIC was removed + assert: + that: output.networkinterfaces | length == 0 + +- name: Public IP should be gone + azure_rm_publicipaddress_info: + resource_group: "{{ resource_group }}" + name: "{{ public_ip_name }}" + register: output + +- name: Ensure public IP was removed + assert: + that: output.publicipaddresses | length == 0 + +- name: Destroy NIC + azure_rm_networkinterface: + resource_group: "{{ resource_group }}" + name: "{{ interface_name }}" + state: absent + +- name: Destroy security group + azure_rm_securitygroup: + resource_group: "{{ resource_group }}" + name: "{{ security_group }}" + state: absent + +- name: Destroy subnet + azure_rm_subnet: + resource_group: "{{ resource_group }}" + virtual_network: "{{ network_name }}" + name: "{{ subnet_name }}" + state: absent + +- name: Destroy virtual network + azure_rm_virtualnetwork: + resource_group: "{{ resource_group }}" + name: "{{ network_name }}" + state: absent + +- name: Destroy public ip + azure_rm_publicipaddress: + resource_group: "{{ resource_group }}" + name: "{{ public_ip_name }}" + state: absent + +- name: Destroy availability set + azure_rm_availabilityset: + resource_group: "{{ resource_group }}" + name: "{{ availability_set }}" + state: absent + +- name: Destroy storage account + azure_rm_storageaccount: + resource_group: "{{ resource_group }}" + name: "{{ storage_account }}" + force_delete_nonempty: true + state: absent diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_spot.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_spot.yml new file mode 100644 index 000000000..a967e050d --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_spot.yml @@ -0,0 +1,83 @@ +- include_tasks: setup.yml + +- name: Create minimal VM with Spot Instance default values + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + priority: Spot + eviction_policy: Deallocate + admin_username: "testuser" + ssh_password_enabled: false + ssh_public_keys: + - path: /home/testuser/.ssh/authorized_keys + key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com" + vm_size: Standard_A1_v2 + virtual_network: "{{ network_name }}" + image: + offer: CentOS + publisher: OpenLogic + sku: '7.1' + version: latest + register: vm_output + +- name: Ensure VM was created using Spot Instance default values + assert: + that: + - azure_vm.properties.priority == 'Spot' + - azure_vm.properties.evictionPolicy == 'Deallocate' + - azure_vm.properties.billingProfile.maxPrice == -1.0 + +- name: Delete VM + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + state: absent + vm_size: Standard_A1_v2 + +- name: Create minimal VM with custom Spot Instance values + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + priority: Spot + eviction_policy: Delete + max_price: 1.0 + admin_username: "testuser" + ssh_password_enabled: false + ssh_public_keys: + - path: /home/testuser/.ssh/authorized_keys + key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com" + vm_size: Standard_A1_v2 + virtual_network: "{{ network_name }}" + image: + offer: CentOS + publisher: OpenLogic + sku: '7.1' + version: latest + register: vm_output + +- name: Ensure VM was created using custom spot instance values + assert: + that: + - azure_vm.properties.priority == 'Spot' + - azure_vm.properties.evictionPolicy == 'Delete' + - azure_vm.properties.billingProfile.maxPrice == 1.0 + +- name: Delete VM + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + state: absent + vm_size: Standard_A1_v2 + +- name: Destroy subnet + azure_rm_subnet: + resource_group: "{{ resource_group }}" + virtual_network: "{{ network_name }}" + name: "{{ subnet_name }}" + state: absent + +- name: Destroy virtual network + azure_rm_virtualnetwork: + resource_group: "{{ resource_group }}" + name: "{{ network_name }}" + state: absent
\ No newline at end of file diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/setup.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/setup.yml new file mode 100644 index 000000000..f053cac03 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/setup.yml @@ -0,0 +1,26 @@ +- debug: + msg: "UID is {{ uid_short }}" + +- name: SETUP | Create storage account + azure_rm_storageaccount: + resource_group: "{{ resource_group }}" + name: "{{ storage_account }}" + account_type: Standard_LRS + +- name: SETUP | Create availability set + azure_rm_availabilityset: + name: "{{ availability_set }}" + resource_group: "{{ resource_group }}" + +- name: SETUP | Create virtual network + azure_rm_virtualnetwork: + resource_group: "{{ resource_group }}" + name: "{{ network_name }}" + address_prefixes: "{{ network }}" + +- name: SETUP | Create subnet + azure_rm_subnet: + resource_group: "{{ resource_group }}" + name: "{{ subnet_name }}" + address_prefix: "{{ subnet }}" + virtual_network: "{{ network_name }}" diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachineextension/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachineextension/aliases new file mode 100644 index 000000000..69418ea2c --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachineextension/aliases @@ -0,0 +1,5 @@ +cloud/azure +shippable/azure/group5 +destructive +unsupported +azure_rm_virtualmachineextension_facts diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachineextension/files/test-protected-settings.json b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachineextension/files/test-protected-settings.json new file mode 100644 index 000000000..0957f325c --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachineextension/files/test-protected-settings.json @@ -0,0 +1,13 @@ +{ + "storageAccountName": "dummystorageaccount", + "storageAccountSasToken": "dummy-storage-sas-token", + "sinksConfig": { + "sink": [ + { + "name": "TestEventHub", + "type": "EventHub", + "sasURL": "dummy-sas-url" + } + ] + } +} diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachineextension/files/test-public-settings.json b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachineextension/files/test-public-settings.json new file mode 100644 index 000000000..0e81bb6e2 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachineextension/files/test-public-settings.json @@ -0,0 +1,750 @@ +{ + "StorageAccount": "dummystorageaccount", + "ladCfg": { + "diagnosticMonitorConfiguration": { + "eventVolume": "Medium", + "metrics": { + "metricAggregation": [ + { + "scheduledTransferPeriod": "PT1M" + }, + { + "scheduledTransferPeriod": "PT1H" + } + ], + "resourceId": "dummyresourceid" + }, + "performanceCounters": { + "performanceCounterConfiguration": [ + { + "annotation": [ + { + "displayName": "CPU IO wait time", + "locale": "en-us" + } + ], + "class": "processor", + "condition": "IsAggregate=TRUE", + "counter": "percentiowaittime", + "counterSpecifier": "/builtin/processor/percentiowaittime", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "Percent" + }, + { + "annotation": [ + { + "displayName": "CPU user time", + "locale": "en-us" + } + ], + "class": "processor", + "condition": "IsAggregate=TRUE", + "counter": "percentusertime", + "counterSpecifier": "/builtin/processor/percentusertime", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "Percent" + }, + { + "annotation": [ + { + "displayName": "CPU nice time", + "locale": "en-us" + } + ], + "class": "processor", + "condition": "IsAggregate=TRUE", + "counter": "percentnicetime", + "counterSpecifier": "/builtin/processor/percentnicetime", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "Percent" + }, + { + "annotation": [ + { + "displayName": "CPU percentage guest OS", + "locale": "en-us" + } + ], + "class": "processor", + "condition": "IsAggregate=TRUE", + "counter": "percentprocessortime", + "counterSpecifier": "/builtin/processor/percentprocessortime", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "Percent" + }, + { + "annotation": [ + { + "displayName": "CPU interrupt time", + "locale": "en-us" + } + ], + "class": "processor", + "condition": "IsAggregate=TRUE", + "counter": "percentinterrupttime", + "counterSpecifier": "/builtin/processor/percentinterrupttime", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "Percent" + }, + { + "annotation": [ + { + "displayName": "CPU idle time", + "locale": "en-us" + } + ], + "class": "processor", + "condition": "IsAggregate=TRUE", + "counter": "percentidletime", + "counterSpecifier": "/builtin/processor/percentidletime", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "Percent" + }, + { + "annotation": [ + { + "displayName": "CPU privileged time", + "locale": "en-us" + } + ], + "class": "processor", + "condition": "IsAggregate=TRUE", + "counter": "percentprivilegedtime", + "counterSpecifier": "/builtin/processor/percentprivilegedtime", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "Percent" + }, + { + "annotation": [ + { + "displayName": "Memory available", + "locale": "en-us" + } + ], + "class": "memory", + "counter": "availablememory", + "counterSpecifier": "/builtin/memory/availablememory", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "Bytes" + }, + { + "annotation": [ + { + "displayName": "Swap percent used", + "locale": "en-us" + } + ], + "class": "memory", + "counter": "percentusedswap", + "counterSpecifier": "/builtin/memory/percentusedswap", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "Percent" + }, + { + "annotation": [ + { + "displayName": "Memory used", + "locale": "en-us" + } + ], + "class": "memory", + "counter": "usedmemory", + "counterSpecifier": "/builtin/memory/usedmemory", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "Bytes" + }, + { + "annotation": [ + { + "displayName": "Page reads", + "locale": "en-us" + } + ], + "class": "memory", + "counter": "pagesreadpersec", + "counterSpecifier": "/builtin/memory/pagesreadpersec", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "CountPerSecond" + }, + { + "annotation": [ + { + "displayName": "Swap available", + "locale": "en-us" + } + ], + "class": "memory", + "counter": "availableswap", + "counterSpecifier": "/builtin/memory/availableswap", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "Bytes" + }, + { + "annotation": [ + { + "displayName": "Swap percent available", + "locale": "en-us" + } + ], + "class": "memory", + "counter": "percentavailableswap", + "counterSpecifier": "/builtin/memory/percentavailableswap", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "Percent" + }, + { + "annotation": [ + { + "displayName": "Mem. percent available", + "locale": "en-us" + } + ], + "class": "memory", + "counter": "percentavailablememory", + "counterSpecifier": "/builtin/memory/percentavailablememory", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "Percent" + }, + { + "annotation": [ + { + "displayName": "Pages", + "locale": "en-us" + } + ], + "class": "memory", + "counter": "pagespersec", + "counterSpecifier": "/builtin/memory/pagespersec", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "CountPerSecond" + }, + { + "annotation": [ + { + "displayName": "Swap used", + "locale": "en-us" + } + ], + "class": "memory", + "counter": "usedswap", + "counterSpecifier": "/builtin/memory/usedswap", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "Bytes" + }, + { + "annotation": [ + { + "displayName": "Memory percentage", + "locale": "en-us" + } + ], + "class": "memory", + "counter": "percentusedmemory", + "counterSpecifier": "/builtin/memory/percentusedmemory", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "Percent" + }, + { + "annotation": [ + { + "displayName": "Page writes", + "locale": "en-us" + } + ], + "class": "memory", + "counter": "pageswrittenpersec", + "counterSpecifier": "/builtin/memory/pageswrittenpersec", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "CountPerSecond" + }, + { + "annotation": [ + { + "displayName": "Network in guest OS", + "locale": "en-us" + } + ], + "class": "network", + "counter": "bytesreceived", + "counterSpecifier": "/builtin/network/bytesreceived", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "Bytes" + }, + { + "annotation": [ + { + "displayName": "Network total bytes", + "locale": "en-us" + } + ], + "class": "network", + "counter": "bytestotal", + "counterSpecifier": "/builtin/network/bytestotal", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "Bytes" + }, + { + "annotation": [ + { + "displayName": "Network out guest OS", + "locale": "en-us" + } + ], + "class": "network", + "counter": "bytestransmitted", + "counterSpecifier": "/builtin/network/bytestransmitted", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "Bytes" + }, + { + "annotation": [ + { + "displayName": "Network collisions", + "locale": "en-us" + } + ], + "class": "network", + "counter": "totalcollisions", + "counterSpecifier": "/builtin/network/totalcollisions", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "Count" + }, + { + "annotation": [ + { + "displayName": "Packets received errors", + "locale": "en-us" + } + ], + "class": "network", + "counter": "totalrxerrors", + "counterSpecifier": "/builtin/network/totalrxerrors", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "Count" + }, + { + "annotation": [ + { + "displayName": "Packets sent", + "locale": "en-us" + } + ], + "class": "network", + "counter": "packetstransmitted", + "counterSpecifier": "/builtin/network/packetstransmitted", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "Count" + }, + { + "annotation": [ + { + "displayName": "Packets received", + "locale": "en-us" + } + ], + "class": "network", + "counter": "packetsreceived", + "counterSpecifier": "/builtin/network/packetsreceived", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "Count" + }, + { + "annotation": [ + { + "displayName": "Packets sent errors", + "locale": "en-us" + } + ], + "class": "network", + "counter": "totaltxerrors", + "counterSpecifier": "/builtin/network/totaltxerrors", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "Count" + }, + { + "annotation": [ + { + "displayName": "Filesystem transfers/sec", + "locale": "en-us" + } + ], + "class": "filesystem", + "condition": "IsAggregate=TRUE", + "counter": "transferspersecond", + "counterSpecifier": "/builtin/filesystem/transferspersecond", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "CountPerSecond" + }, + { + "annotation": [ + { + "displayName": "Filesystem % free space", + "locale": "en-us" + } + ], + "class": "filesystem", + "condition": "IsAggregate=TRUE", + "counter": "percentfreespace", + "counterSpecifier": "/builtin/filesystem/percentfreespace", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "Percent" + }, + { + "annotation": [ + { + "displayName": "Filesystem % used space", + "locale": "en-us" + } + ], + "class": "filesystem", + "condition": "IsAggregate=TRUE", + "counter": "percentusedspace", + "counterSpecifier": "/builtin/filesystem/percentusedspace", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "Percent" + }, + { + "annotation": [ + { + "displayName": "Filesystem used space", + "locale": "en-us" + } + ], + "class": "filesystem", + "condition": "IsAggregate=TRUE", + "counter": "usedspace", + "counterSpecifier": "/builtin/filesystem/usedspace", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "Bytes" + }, + { + "annotation": [ + { + "displayName": "Filesystem read bytes/sec", + "locale": "en-us" + } + ], + "class": "filesystem", + "condition": "IsAggregate=TRUE", + "counter": "bytesreadpersecond", + "counterSpecifier": "/builtin/filesystem/bytesreadpersecond", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "CountPerSecond" + }, + { + "annotation": [ + { + "displayName": "Filesystem free space", + "locale": "en-us" + } + ], + "class": "filesystem", + "condition": "IsAggregate=TRUE", + "counter": "freespace", + "counterSpecifier": "/builtin/filesystem/freespace", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "Bytes" + }, + { + "annotation": [ + { + "displayName": "Filesystem % free inodes", + "locale": "en-us" + } + ], + "class": "filesystem", + "condition": "IsAggregate=TRUE", + "counter": "percentfreeinodes", + "counterSpecifier": "/builtin/filesystem/percentfreeinodes", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "Percent" + }, + { + "annotation": [ + { + "displayName": "Filesystem bytes/sec", + "locale": "en-us" + } + ], + "class": "filesystem", + "condition": "IsAggregate=TRUE", + "counter": "bytespersecond", + "counterSpecifier": "/builtin/filesystem/bytespersecond", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "BytesPerSecond" + }, + { + "annotation": [ + { + "displayName": "Filesystem reads/sec", + "locale": "en-us" + } + ], + "class": "filesystem", + "condition": "IsAggregate=TRUE", + "counter": "readspersecond", + "counterSpecifier": "/builtin/filesystem/readspersecond", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "CountPerSecond" + }, + { + "annotation": [ + { + "displayName": "Filesystem write bytes/sec", + "locale": "en-us" + } + ], + "class": "filesystem", + "condition": "IsAggregate=TRUE", + "counter": "byteswrittenpersecond", + "counterSpecifier": "/builtin/filesystem/byteswrittenpersecond", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "CountPerSecond" + }, + { + "annotation": [ + { + "displayName": "Filesystem writes/sec", + "locale": "en-us" + } + ], + "class": "filesystem", + "condition": "IsAggregate=TRUE", + "counter": "writespersecond", + "counterSpecifier": "/builtin/filesystem/writespersecond", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "CountPerSecond" + }, + { + "annotation": [ + { + "displayName": "Filesystem % used inodes", + "locale": "en-us" + } + ], + "class": "filesystem", + "condition": "IsAggregate=TRUE", + "counter": "percentusedinodes", + "counterSpecifier": "/builtin/filesystem/percentusedinodes", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "Percent" + }, + { + "annotation": [ + { + "displayName": "Disk read guest OS", + "locale": "en-us" + } + ], + "class": "disk", + "condition": "IsAggregate=TRUE", + "counter": "readbytespersecond", + "counterSpecifier": "/builtin/disk/readbytespersecond", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "BytesPerSecond" + }, + { + "annotation": [ + { + "displayName": "Disk writes", + "locale": "en-us" + } + ], + "class": "disk", + "condition": "IsAggregate=TRUE", + "counter": "writespersecond", + "counterSpecifier": "/builtin/disk/writespersecond", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "CountPerSecond" + }, + { + "annotation": [ + { + "displayName": "Disk transfer time", + "locale": "en-us" + } + ], + "class": "disk", + "condition": "IsAggregate=TRUE", + "counter": "averagetransfertime", + "counterSpecifier": "/builtin/disk/averagetransfertime", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "Seconds" + }, + { + "annotation": [ + { + "displayName": "Disk transfers", + "locale": "en-us" + } + ], + "class": "disk", + "condition": "IsAggregate=TRUE", + "counter": "transferspersecond", + "counterSpecifier": "/builtin/disk/transferspersecond", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "CountPerSecond" + }, + { + "annotation": [ + { + "displayName": "Disk write guest OS", + "locale": "en-us" + } + ], + "class": "disk", + "condition": "IsAggregate=TRUE", + "counter": "writebytespersecond", + "counterSpecifier": "/builtin/disk/writebytespersecond", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "BytesPerSecond" + }, + { + "annotation": [ + { + "displayName": "Disk read time", + "locale": "en-us" + } + ], + "class": "disk", + "condition": "IsAggregate=TRUE", + "counter": "averagereadtime", + "counterSpecifier": "/builtin/disk/averagereadtime", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "Seconds" + }, + { + "annotation": [ + { + "displayName": "Disk write time", + "locale": "en-us" + } + ], + "class": "disk", + "condition": "IsAggregate=TRUE", + "counter": "averagewritetime", + "counterSpecifier": "/builtin/disk/averagewritetime", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "Seconds" + }, + { + "annotation": [ + { + "displayName": "Disk total bytes", + "locale": "en-us" + } + ], + "class": "disk", + "condition": "IsAggregate=TRUE", + "counter": "bytespersecond", + "counterSpecifier": "/builtin/disk/bytespersecond", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "BytesPerSecond" + }, + { + "annotation": [ + { + "displayName": "Disk reads", + "locale": "en-us" + } + ], + "class": "disk", + "condition": "IsAggregate=TRUE", + "counter": "readspersecond", + "counterSpecifier": "/builtin/disk/readspersecond", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "CountPerSecond" + }, + { + "annotation": [ + { + "displayName": "Disk queue length", + "locale": "en-us" + } + ], + "class": "disk", + "condition": "IsAggregate=TRUE", + "counter": "averagediskqueuelength", + "counterSpecifier": "/builtin/disk/averagediskqueuelength", + "sampleRate": "PT15S", + "type": "builtin", + "unit": "Count" + } + ] + }, + "syslogEvents": { + "sinks": "TestEventHub", + "syslogEventConfiguration": { + "LOG_AUTH": "LOG_DEBUG", + "LOG_AUTHPRIV": "LOG_DEBUG", + "LOG_CRON": "LOG_DEBUG", + "LOG_DAEMON": "LOG_DEBUG", + "LOG_FTP": "LOG_DEBUG", + "LOG_KERN": "LOG_DEBUG", + "LOG_LOCAL0": "LOG_DEBUG", + "LOG_LOCAL1": "LOG_DEBUG", + "LOG_LOCAL2": "LOG_DEBUG", + "LOG_LOCAL3": "LOG_DEBUG", + "LOG_LOCAL4": "LOG_DEBUG", + "LOG_LOCAL5": "LOG_DEBUG", + "LOG_LOCAL6": "LOG_DEBUG", + "LOG_LOCAL7": "LOG_DEBUG", + "LOG_LPR": "LOG_DEBUG", + "LOG_MAIL": "LOG_DEBUG", + "LOG_NEWS": "LOG_DEBUG", + "LOG_SYSLOG": "LOG_DEBUG", + "LOG_USER": "LOG_DEBUG", + "LOG_UUCP": "LOG_DEBUG" + } + } + }, + "sampleRateInSeconds": 15 + } +} diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachineextension/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachineextension/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachineextension/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachineextension/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachineextension/tasks/main.yml new file mode 100644 index 000000000..a4a1e62ee --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachineextension/tasks/main.yml @@ -0,0 +1,270 @@ +- name: Create Random Storage Account Name + set_fact: + storage_account: "vme{{ resource_group | hash('md5') | truncate(21, True, '') }}" + public_settings_file: "files/test-public-settings.json" + protected_settings_file: "files/test-protected-settings.json" + +- name: Create virtual network + azure_rm_virtualnetwork: + resource_group: "{{ resource_group }}" + name: testVnet1 + address_prefixes: "10.0.0.0/16" + +- name: Add subnet + azure_rm_subnet: + resource_group: "{{ resource_group }}" + name: testSubnet + address_prefix: "10.0.1.0/24" + virtual_network: testVnet1 + +- name: Create public IP address + azure_rm_publicipaddress: + resource_group: "{{ resource_group }}" + allocation_method: Dynamic + name: testPublicIP + +- name: Create Network Security Group that allows SSH + azure_rm_securitygroup: + resource_group: "{{ resource_group }}" + name: testNetworkSecurityGroup + rules: + - name: SSH + protocol: Tcp + destination_port_range: 22 + access: Allow + priority: 1001 + direction: Inbound + +- name: Create virtual network interface card + azure_rm_networkinterface: + resource_group: "{{ resource_group }}" + name: testNIC + virtual_network: testVnet1 + subnet: testSubnet + public_ip_name: testPublicIP + security_group_name: testNetworkSecurityGroup + +- name: create a storage account + azure_rm_storageaccount: + resource_group: "{{ resource_group }}" + name: "{{ storage_account }}" + type: Standard_LRS + +- name: Create VM + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: testVM + vm_size: Standard_DS1_v2 + admin_username: testuser + ssh_password_enabled: false + ssh_public_keys: + - path: /home/testuser/.ssh/authorized_keys + key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com" + network_interfaces: testNIC + managed_disk_type: StandardSSD_LRS + storage_account_name: "{{ storage_account }}" + storage_container: osdisk + storage_blob: osdisk.vhd + os_disk_caching: ReadWrite + image: + offer: 0001-com-ubuntu-server-focal + publisher: canonical + sku: 20_04-lts-gen2 + version: latest + +- name: Create VM Extension + azure_rm_virtualmachineextension: + resource_group: "{{ resource_group }}" + name: testVMExtension + virtual_machine_name: testVM + publisher: Microsoft.Azure.Extensions + virtual_machine_extension_type: CustomScript + type_handler_version: 2.0 + auto_upgrade_minor_version: true + settings: {"commandToExecute": "date"} + register: results +- name: Assert that VM Extension ran + assert: + that: results.changed + +- name: Query extension + azure_rm_virtualmachineextension_info: + resource_group: "{{ resource_group }}" + name: testVMExtension + virtual_machine_name: testVM + register: results +- name: Assert that facts are returned + assert: + that: + - results.changed == False + - results.extensions[0]['id'] != None + - results.extensions[0]['resource_group'] != None + - results.extensions[0]['virtual_machine_name'] != None + - results.extensions[0]['name'] != None + - results.extensions[0]['location'] != None + - results.extensions[0]['publisher'] != None + - results.extensions[0]['type'] != None + - results.extensions[0]['settings'] != None + - results.extensions[0]['auto_upgrade_minor_version'] != None + - results.extensions[0]['provisioning_state'] != None + +- name: Create VM Extension (idempotent) + azure_rm_virtualmachineextension: + resource_group: "{{ resource_group }}" + name: testVMExtension + virtual_machine_name: testVM + publisher: Microsoft.Azure.Extensions + virtual_machine_extension_type: CustomScript + type_handler_version: 2.0 + auto_upgrade_minor_version: true + settings: {"commandToExecute": "date"} + register: results +- name: Assert no updates + assert: + that: not results.changed + +- name: Create VM Extension (force update) + azure_rm_virtualmachineextension: + resource_group: "{{ resource_group }}" + name: testVMExtension + virtual_machine_name: testVM + publisher: Microsoft.Azure.Extensions + virtual_machine_extension_type: CustomScript + type_handler_version: 2.0 + auto_upgrade_minor_version: true + settings: {"commandToExecute": "date"} + force_update_tag: true + register: results +- name: Assert updates + assert: + that: results.changed + +- name: List extensions + azure_rm_virtualmachineextension_info: + resource_group: "{{ resource_group }}" + virtual_machine_name: testVM + register: results +- name: Assert that facts are returned + assert: + that: + - results.changed == False + - results.extensions[0]['id'] != None + - results.extensions[0]['resource_group'] != None + - results.extensions[0]['virtual_machine_name'] != None + - results.extensions[0]['name'] != None + - results.extensions[0]['location'] != None + - results.extensions[0]['publisher'] != None + - results.extensions[0]['type'] != None + - results.extensions[0]['settings'] != None + - results.extensions[0]['auto_upgrade_minor_version'] != None + - results.extensions[0]['provisioning_state'] != None + +- name: Delete VM Extension + azure_rm_virtualmachineextension: + resource_group: "{{ resource_group }}" + name: testVMExtension + virtual_machine_name: testVM + state: absent + register: results +- name: Assert that VM Extension deleted + assert: + that: results.changed + +- name: Delete VM Extension (idempotent) + azure_rm_virtualmachineextension: + resource_group: "{{ resource_group }}" + name: testVMExtension + virtual_machine_name: testVM + state: absent + register: results +- name: Assert no changes + assert: + that: not results.changed + +- name: Create VM Extension to configure python required for VM diagnostic extension + azure_rm_virtualmachineextension: + resource_group: "{{ resource_group }}" + name: python-install + virtual_machine_name: testVM + publisher: Microsoft.Azure.Extensions + virtual_machine_extension_type: CustomScript + type_handler_version: 2.0 + auto_upgrade_minor_version: true + settings: {"commandToExecute": "apt-get update && apt-get install -y python2 && update-alternatives --install /usr/bin/python python /usr/bin/python2 1"} + register: results +- name: Assert that VM Extension ran + assert: + that: results.changed + +- name: Install VM Extension for diagnostics + azure_rm_virtualmachineextension: + resource_group: "{{ resource_group }}" + name: "linux-diagnostics" + virtual_machine_name: testVM + publisher: "Microsoft.Azure.Diagnostics" + virtual_machine_extension_type: "LinuxDiagnostic" + type_handler_version: "4.0" + auto_upgrade_minor_version: true + settings: "{{ lookup('file', public_settings_file) }}" + protected_settings: "{{ lookup('file', protected_settings_file) }}" + register: results +- name: Assert extension installed + assert: + that: results.changed + +- name: Install VM Extension for diagnostics (idempotent) + azure_rm_virtualmachineextension: + resource_group: "{{ resource_group }}" + name: "linux-diagnostics" + virtual_machine_name: testVM + publisher: "Microsoft.Azure.Diagnostics" + virtual_machine_extension_type: "LinuxDiagnostic" + type_handler_version: "4.0" + auto_upgrade_minor_version: true + settings: "{{ lookup('file', public_settings_file) }}" + protected_settings: "{{ lookup('file', protected_settings_file) }}" + register: results +- name: Assert no updates + assert: + that: not results.changed + +- name: List extensions + azure_rm_virtualmachineextension_info: + resource_group: "{{ resource_group }}" + virtual_machine_name: testVM + register: results +- name: Assert that facts are returned + assert: + that: + - results.changed == False + - results.extensions | length >= 2 + - "'python-install' in results.extensions | map(attribute='name')" + - "'linux-diagnostics' in results.extensions | map(attribute='name')" + +- name: Delete VM + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: testVM + state: absent + remove_on_absent: ['all'] + +- name: Delete a storage account + azure_rm_storageaccount: + resource_group: "{{ resource_group }}" + name: "{{ storage_account }}" + type: Standard_LRS + state: absent + force_delete_nonempty: true + +- name: Delete Network Security Group that allows SSH + azure_rm_securitygroup: + resource_group: "{{ resource_group }}" + name: testNetworkSecurityGroup + state: absent + +- name: Delete virtual network + azure_rm_virtualnetwork: + resource_group: "{{ resource_group }}" + name: testVnet1 + state: absent + address_prefixes: "10.0.0.0/16" diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachineimage_info/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachineimage_info/aliases new file mode 100644 index 000000000..9175999b4 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachineimage_info/aliases @@ -0,0 +1,4 @@ +cloud/azure +shippable/azure/group3 +shippable/azure/smoketest +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachineimage_info/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachineimage_info/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachineimage_info/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachineimage_info/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachineimage_info/tasks/main.yml new file mode 100644 index 000000000..88fd5ce19 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachineimage_info/tasks/main.yml @@ -0,0 +1,55 @@ +- name: set location + set_fact: + location: eastus + +- name: Get facts for a specific image + azure_rm_virtualmachineimage_info: + location: "{{ location }}" + publisher: OpenLogic + offer: CentOS + sku: '7.5' + version: '7.5.201808150' + register: output + +- assert: + that: output['vmimages'] | length == 1 + +- name: List available versions + azure_rm_virtualmachineimage_info: + location: "{{ location }}" + publisher: OpenLogic + offer: CentOS + sku: '7.5' + register: output + +- assert: + that: output['vmimages'] | length > 0 + +- name: List available offers + azure_rm_virtualmachineimage_info: + location: "{{ location }}" + publisher: OpenLogic + register: output + +- assert: + that: output['vmimages'] | length > 0 + +- name: List available publishers + azure_rm_virtualmachineimage_info: + location: "{{ location }}" + register: output + +- assert: + that: output['vmimages'] | length > 0 + +- name: Get facts for a specific image's latest version + azure_rm_virtualmachineimage_info: + location: "{{ location }}" + publisher: OpenLogic + offer: CentOS + sku: '7.5' + version: 'latest' + register: output + +- assert: + that: output['vmimages'] | length == 1
\ No newline at end of file diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachinescaleset/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachinescaleset/aliases new file mode 100644 index 000000000..557e95692 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachinescaleset/aliases @@ -0,0 +1,7 @@ +cloud/azure +shippable/azure/group6 +destructive +azure_rm_virtualmachinescaleset_facts +azure_rm_virtualmachinescalesetinstance_facts +azure_rm_virtualmachinescalesetextension +azure_rm_virtualmachinescalesetextension_facts diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachinescaleset/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachinescaleset/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachinescaleset/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachinescaleset/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachinescaleset/tasks/main.yml new file mode 100644 index 000000000..d027146c2 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachinescaleset/tasks/main.yml @@ -0,0 +1,897 @@ +- name: Prepare random number + set_fact: + rpfx: "{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + run_once: yes + +- name: Create virtual network + azure_rm_virtualnetwork: + resource_group: "{{ resource_group }}" + name: VMSStestVnet + address_prefixes: "10.0.0.0/16" + +- name: Add subnet + azure_rm_subnet: + resource_group: "{{ resource_group }}" + name: VMSStestSubnet + address_prefix: "10.0.1.0/24" + virtual_network: VMSStestVnet + +- name: Create public IP address + azure_rm_publicipaddress: + resource_group: "{{ resource_group }}" + allocation_method: Static + name: testPublicIP + +- name: Create load balancer + azure_rm_loadbalancer: + resource_group: "{{ resource_group }}" + name: testLB + public_ip_address_name: testPublicIP + +- name: Create public IP address 1 + azure_rm_publicipaddress: + resource_group: "{{ resource_group }}" + allocation_method: Static + name: testPublicIP1 + +- name: Create load balancer 1 + azure_rm_loadbalancer: + resource_group: "{{ resource_group }}" + name: testLB1 + public_ip_address_name: testPublicIP1 + +- name: Create network security group within same resource group of VMSS. + azure_rm_securitygroup: + resource_group: "{{ resource_group }}" + name: testNetworkSecurityGroup + +- name: Create network security group in different resource group of VMSS. + azure_rm_securitygroup: + resource_group: "{{ resource_group_secondary }}" + name: testNetworkSecurityGroup2 + +- name: Create virtual network inteface cards for VM A and B + azure_rm_networkinterface: + resource_group: "{{ resource_group }}" + name: "vmforimage{{ rpfx }}nic" + virtual_network: VMSStestVnet + subnet: VMSStestSubnet + +- name: Create VM + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "vmforimage{{ rpfx }}" + admin_username: testuser + ssh_password_enabled: false + ssh_public_keys: + - path: /home/testuser/.ssh/authorized_keys + key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com" + vm_size: Standard_B1ms + network_interfaces: "vmforimage{{ rpfx }}nic" + image: + offer: UbuntuServer + publisher: Canonical + sku: 18.04-LTS + version: latest +- name: Get VM facts + azure_rm_virtualmachine_info: + resource_group: "{{ resource_group }}" + name: "vmforimage{{ rpfx }}" + register: vm_state +- name: Pause for 10 mimutes to VM updating + shell: sleep 600 +- name: Generalize VM + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "vmforimage{{ rpfx }}" + generalized: yes +- name: Create image A + azure_rm_image: + resource_group: "{{ resource_group }}" + name: testimagea + source: "vmforimage{{ rpfx }}" +- name: Create image B + azure_rm_image: + resource_group: "{{ resource_group }}" + name: testimageb + source: "vmforimage{{ rpfx }}" +- name: Delete VM + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "vmforimage{{ rpfx }}" + state: absent + +- name: Create VMSS with I(orchestration_mode=Flexible) + azure_rm_virtualmachinescaleset: + resource_group: "{{ resource_group }}" + name: testVMSS{{ rpfx }} + vm_size: Standard_A1_v2 + admin_username: testuser + single_placement_group: False + platform_fault_domain_count: 1 + public_ip_per_vm: True + ssh_password_enabled: false + ssh_public_keys: + - path: /home/testuser/.ssh/authorized_keys + key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com" + virtual_network_name: VMSStestVnet + subnet_name: VMSStestSubnet + managed_disk_type: Standard_LRS + orchestration_mode: Flexible + os_disk_caching: ReadWrite + image: + offer: UbuntuServer + publisher: Canonical + sku: 18.04-LTS + version: latest + data_disks: + - lun: 0 + disk_size_gb: 64 + caching: ReadWrite + managed_disk_type: Standard_LRS + register: results + +- name: Assert that VMSS can be created + assert: + that: results.changed + +- name: Create VMSS with I(orchestration_mode=Flexible) again --- Idempotent + azure_rm_virtualmachinescaleset: + resource_group: "{{ resource_group }}" + name: testVMSS{{ rpfx }} + vm_size: Standard_A1_v2 + admin_username: testuser + single_placement_group: False + platform_fault_domain_count: 1 + public_ip_per_vm: True + ssh_password_enabled: false + ssh_public_keys: + - path: /home/testuser/.ssh/authorized_keys + key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com" + virtual_network_name: VMSStestVnet + subnet_name: VMSStestSubnet + managed_disk_type: Standard_LRS + orchestration_mode: Flexible + os_disk_caching: ReadWrite + image: + offer: UbuntuServer + publisher: Canonical + sku: 18.04-LTS + version: latest + data_disks: + - lun: 0 + disk_size_gb: 64 + caching: ReadWrite + managed_disk_type: Standard_LRS + register: results + +- name: Assert that VMSS can be created + assert: + that: not results.changed + +- name: Retrieve scaleset VMSS fact + azure_rm_virtualmachinescaleset_info: + name: testVMSS{{ rpfx }} + resource_group: "{{ resource_group }}" + register: output_scaleset + +- assert: + that: + - output_scaleset.vmss[0].properties.orchestrationMode == "Flexible" + +- name: Delete VMSS + azure_rm_virtualmachinescaleset: + resource_group: "{{ resource_group }}" + name: testVMSS{{ rpfx }} + state: absent + +- name: Create VMSS with Spot Instance default value + azure_rm_virtualmachinescaleset: + resource_group: "{{ resource_group }}" + name: testVMSS{{ rpfx }} + vm_size: Standard_A1_v2 + admin_username: testuser + priority: Spot + eviction_policy: Deallocate + single_placement_group: True + ssh_password_enabled: false + ssh_public_keys: + - path: /home/testuser/.ssh/authorized_keys + key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com" + capacity: 1 + virtual_network_name: VMSStestVnet + subnet_name: VMSStestSubnet + upgrade_policy: Manual + tier: Standard + managed_disk_type: Standard_LRS + os_disk_caching: ReadWrite + image: + offer: UbuntuServer + publisher: Canonical + sku: 18.04-LTS + version: latest + data_disks: + - lun: 0 + disk_size_gb: 64 + caching: ReadWrite + managed_disk_type: Standard_LRS + register: results + +- name: Assert that VMSS was created using Spot Instance default values + assert: + that: + - results.ansible_facts.azure_vmss.properties.virtualMachineProfile.priority == 'Spot' + - results.ansible_facts.azure_vmss.properties.virtualMachineProfile.evictionPolicy == 'Deallocate' + - results.ansible_facts.azure_vmss.properties.virtualMachineProfile.billingProfile.maxPrice == -1.0 + +- name: Delete VMSS + azure_rm_virtualmachinescaleset: + resource_group: "{{ resource_group }}" + name: testVMSS{{ rpfx }} + state: absent + +- name: Create VMSS with custom Spot Instance values + azure_rm_virtualmachinescaleset: + resource_group: "{{ resource_group }}" + name: testVMSS{{ rpfx }} + vm_size: Standard_A1_v2 + admin_username: testuser + priority: Spot + eviction_policy: Delete + max_price: 1.0 + ssh_password_enabled: false + ssh_public_keys: + - path: /home/testuser/.ssh/authorized_keys + key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com" + capacity: 1 + virtual_network_name: VMSStestVnet + subnet_name: VMSStestSubnet + upgrade_policy: Manual + tier: Standard + managed_disk_type: Standard_LRS + os_disk_caching: ReadWrite + single_placement_group: True + image: + offer: UbuntuServer + publisher: Canonical + sku: 18.04-LTS + version: latest + data_disks: + - lun: 0 + disk_size_gb: 64 + caching: ReadWrite + managed_disk_type: Standard_LRS + register: results + +- name: Assert that VMSS was created using Spot Instance custom values + assert: + that: + - results.ansible_facts.azure_vmss.properties.virtualMachineProfile.priority == 'Spot' + - results.ansible_facts.azure_vmss.properties.virtualMachineProfile.evictionPolicy == 'Delete' + - results.ansible_facts.azure_vmss.properties.virtualMachineProfile.billingProfile.maxPrice == 1.0 + +- name: Delete VMSS + azure_rm_virtualmachinescaleset: + resource_group: "{{ resource_group }}" + name: testVMSS{{ rpfx }} + state: absent + +- name: Create VMSS (check mode) + azure_rm_virtualmachinescaleset: + resource_group: "{{ resource_group }}" + name: testVMSS{{ rpfx }} + vm_size: Standard_B1s + admin_username: testuser + ssh_password_enabled: false + ssh_public_keys: + - path: /home/testuser/.ssh/authorized_keys + key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com" + capacity: 1 + virtual_network_name: VMSStestVnet + subnet_name: VMSStestSubnet + load_balancer: testLB + upgrade_policy: Manual + tier: Standard + managed_disk_type: Standard_LRS + os_disk_caching: ReadWrite + single_placement_group: True + image: + offer: UbuntuServer + publisher: Canonical + sku: 18.04-LTS + version: latest + data_disks: + - lun: 0 + disk_size_gb: 64 + caching: ReadWrite + managed_disk_type: Standard_LRS + register: results + check_mode: yes + +- name: Assert that VMSS can be created + assert: + that: results.changed + +- name: Get VMSS to assert no VMSS is created in check mode + azure_rm_virtualmachinescaleset_info: + resource_group: "{{ resource_group }}" + name: testVMSS{{ rpfx }} + format: curated + register: output_scaleset + +- name: Assert no VMSS created in check mode + assert: + that: + - output_scaleset.vmss | length == 0 + +- name: Create VMSS + azure_rm_virtualmachinescaleset: + resource_group: "{{ resource_group }}" + name: testVMSS{{ rpfx }} + vm_size: Standard_B1s + admin_username: testuser + ssh_password_enabled: false + ssh_public_keys: + - path: /home/testuser/.ssh/authorized_keys + key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com" + capacity: 1 + virtual_network_name: VMSStestVnet + subnet_name: VMSStestSubnet + upgrade_policy: Manual + load_balancer: testLB + tier: Standard + managed_disk_type: Standard_LRS + os_disk_caching: ReadWrite + custom_data: "#cloud-config" + single_placement_group: True + image: + offer: UbuntuServer + publisher: Canonical + sku: 18.04-LTS + version: latest + data_disks: + - lun: 0 + disk_size_gb: 64 + caching: ReadWrite + managed_disk_type: Standard_LRS + scale_in_policy: "NewestVM" + register: results + +- name: Assert that VMSS was created + assert: + that: results.changed + +- name: Create VMSS -- test upgrade_policy idempotence and load balancer + azure_rm_virtualmachinescaleset: + resource_group: "{{ resource_group }}" + name: testVMSS{{ rpfx }} + vm_size: Standard_B1s + admin_username: testuser + ssh_password_enabled: false + ssh_public_keys: + - path: /home/testuser/.ssh/authorized_keys + key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com" + capacity: 1 + virtual_network_name: VMSStestVnet + subnet_name: VMSStestSubnet + upgrade_policy: Automatic + load_balancer: testLB1 + tier: Standard + managed_disk_type: Standard_LRS + os_disk_caching: ReadWrite + custom_data: "#cloud-config" + single_placement_group: True + image: + offer: UbuntuServer + publisher: Canonical + sku: 18.04-LTS + version: latest + data_disks: + - lun: 0 + disk_size_gb: 64 + caching: ReadWrite + managed_disk_type: Standard_LRS + register: results + +- name: Assert that VMSS was created + assert: + that: results.changed + +- name: Retrieve scaleset facts + azure_rm_virtualmachinescaleset_info: + resource_group: "{{ resource_group }}" + name: testVMSS{{ rpfx }} + format: curated + register: output_scaleset + +- assert: + that: + - output_scaleset.vmss[0].load_balancer == "testLB1" + +- name: Retrieve scaleset VMs facts + azure_rm_virtualmachinescalesetinstance_info: + resource_group: "{{ resource_group }}" + vmss_name: testVMSS{{ rpfx }} + register: instances + +- name: Assert that facts returned correctly + assert: + that: + - instances.instances | length == 1 + - instances.instances[0].id != None + - instances.instances[0].name != None + - instances.instances[0].instance_id != None + - instances.instances[0].provisioning_state != None + - instances.instances[0].vm_id != None + - instances.instances[0].latest_model != None + - instances.instances[0].power_state != None + +- name: Get scaleset body + set_fact: + body: "{{ output_scaleset.vmss[0] }}" + +- name: Try to update VMSS using output as input + azure_rm_virtualmachinescaleset: + resource_group: "{{ body.resource_group }}" + name: "{{ body.name }}" + vm_size: "{{ body.vm_size }}" + admin_username: "{{ body.admin_username }}" + ssh_password_enabled: "{{ body.ssh_password_enabled }}" + ssh_public_keys: + - path: /home/testuser/.ssh/authorized_keys + key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com" + capacity: "{{ body.capacity }}" + virtual_network_name: "{{ body.virtual_network_name }}" + subnet_name: "{{ body.subnet_name }}" + upgrade_policy: "{{ body.upgrade_policy.mode }}" + load_balancer: "{{ body.load_balancer }}" + tier: "{{ body.tier }}" + managed_disk_type: "{{ body.managed_disk_type }}" + os_disk_caching: "{{ body.os_disk_caching }}" + image: "{{ body.image }}" + data_disks: "{{ body.data_disks }}" + overprovision: "{{ body.overprovision }}" + single_placement_group: True + register: results + +- name: Assert that nothing was changed + assert: + that: not results.changed + +- name: Install VMSS Extension + azure_rm_virtualmachinescalesetextension: + resource_group: "{{ resource_group }}" + vmss_name: testVMSS{{ rpfx }} + name: testExtension + publisher: Microsoft.Azure.Extensions + type: CustomScript + type_handler_version: 2.0 + auto_upgrade_minor_version: true + settings: {"commandToExecute": "sudo apt-get -y install apache2"} + register: results + +- name: Assert that something was changed + assert: + that: results.changed + +- name: Install Again VMSS Extension - again + azure_rm_virtualmachinescalesetextension: + resource_group: "{{ resource_group }}" + vmss_name: testVMSS{{ rpfx }} + name: testExtension + publisher: Microsoft.Azure.Extensions + type: CustomScript + type_handler_version: 2.0 + auto_upgrade_minor_version: true + settings: {"commandToExecute": "sudo apt-get -y install apache2"} + register: results + +- name: Assert that nothing was changed + assert: + that: not results.changed + +- name: Query extension + azure_rm_virtualmachinescalesetextension_info: + resource_group: "{{ resource_group }}" + vmss_name: testVMSS{{ rpfx }} + name: testExtension + register: results + +- name: Assert that facts are returned + assert: + that: + - results.changed == False + - results.extensions[0]['id'] != None + - results.extensions[0]['resource_group'] != None + - results.extensions[0]['vmss_name'] != None + - results.extensions[0]['name'] != None + - results.extensions[0]['publisher'] != None + - results.extensions[0]['type'] != None + - results.extensions[0]['settings'] != None + - results.extensions[0]['auto_upgrade_minor_version'] != None + - results.extensions[0]['provisioning_state'] != None + +- name: List extensions + azure_rm_virtualmachinescalesetextension_info: + resource_group: "{{ resource_group }}" + vmss_name: testVMSS{{ rpfx }} + register: results + +- name: Assert that facts are returned + assert: + that: + - results.changed == False + - results.extensions[0]['id'] != None + - results.extensions[0]['resource_group'] != None + - results.extensions[0]['vmss_name'] != None + - results.extensions[0]['name'] != None + - results.extensions[0]['publisher'] != None + - results.extensions[0]['type'] != None + - results.extensions[0]['settings'] != None + - results.extensions[0]['auto_upgrade_minor_version'] != None + - results.extensions[0]['provisioning_state'] != None + +- name: Delete VMSS Extension + azure_rm_virtualmachinescalesetextension: + resource_group: "{{ resource_group }}" + vmss_name: testVMSS{{ rpfx }} + name: testExtension + state: absent + register: results + +- name: Assert that change was reported + assert: + that: results.changed + +- name: Upgrade instance to the latest image + azure_rm_virtualmachinescalesetinstance: + resource_group: "{{ resource_group }}" + vmss_name: testVMSS{{ rpfx }} + instance_id: "{{ instances.instances[0].instance_id }}" + latest_model: yes + register: results + +- name: Assert that something has changed + assert: + that: results.changed + +- name: Stop virtual machine + azure_rm_virtualmachinescalesetinstance: + resource_group: "{{ resource_group }}" + vmss_name: testVMSS{{ rpfx }} + instance_id: "{{ instances.instances[0].instance_id }}" + power_state: stopped + register: results + +- name: Assert that something has changed + assert: + that: results.changed + +- name: Delete instance + azure_rm_virtualmachinescalesetinstance: + resource_group: "{{ resource_group }}" + vmss_name: testVMSS{{ rpfx }} + instance_id: "{{ instances.instances[0].instance_id }}" + state: absent + register: results + +- name: Assert that something has changed + assert: + that: results.changed + +- name: Delete VMSS + azure_rm_virtualmachinescaleset: + resource_group: "{{ resource_group }}" + name: testVMSS{{ rpfx }} + state: absent + +- name: Create VMSS with security group in same resource group, with accelerated networking(check mode). + azure_rm_virtualmachinescaleset: + resource_group: "{{ resource_group }}" + name: testVMSS{{ rpfx }}2 + vm_size: Standard_D3_v2 + capacity: 0 + virtual_network_name: VMSStestVnet + subnet_name: VMSStestSubnet + admin_username: testuser + ssh_password_enabled: false + ssh_public_keys: + - path: /home/testuser/.ssh/authorized_keys + key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com" + image: + name: testimagea + resource_group: "{{ resource_group }}" + upgrade_policy: Manual + security_group: testNetworkSecurityGroup + enable_accelerated_networking: yes + single_placement_group: True + register: results + check_mode: yes + +- name: Assert that VMSS can be created + assert: + that: results.changed + +- name: Create VMSS with security group in same resource group, with accelerated networking. + azure_rm_virtualmachinescaleset: + resource_group: "{{ resource_group }}" + name: testVMSS{{ rpfx }}2 + vm_size: Standard_D3_v2 + capacity: 0 + virtual_network_name: VMSStestVnet + subnet_name: VMSStestSubnet + admin_username: testuser + ssh_password_enabled: false + ssh_public_keys: + - path: /home/testuser/.ssh/authorized_keys + key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com" + image: + name: testimagea + resource_group: "{{ resource_group }}" + upgrade_policy: Manual + security_group: testNetworkSecurityGroup + enable_accelerated_networking: yes + single_placement_group: True + register: results + +- name: Assert that VMSS ran + assert: + that: + - 'results.changed' + - 'results.ansible_facts.azure_vmss.properties.virtualMachineProfile.networkProfile.networkInterfaceConfigurations.0.properties.enableAcceleratedNetworking == true' + - 'results.ansible_facts.azure_vmss.properties.virtualMachineProfile.networkProfile.networkInterfaceConfigurations.0.properties.networkSecurityGroup != {}' + +- name: Create VMSS with security group in same resource group, with accelerated networking. + azure_rm_virtualmachinescaleset: + resource_group: "{{ resource_group }}" + name: testVMSS{{ rpfx }}2 + vm_size: Standard_D3_v2 + capacity: 0 + virtual_network_name: VMSStestVnet + subnet_name: VMSStestSubnet + admin_username: testuser + ssh_password_enabled: false + ssh_public_keys: + - path: /home/testuser/.ssh/authorized_keys + key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com" + image: + name: testimagea + resource_group: "{{ resource_group }}" + upgrade_policy: Manual + security_group: testNetworkSecurityGroup + enable_accelerated_networking: yes + single_placement_group: True + register: results + +- name: Assert that nothing has changed + assert: + that: + - not results.changed + +- name: Create VMSS with security group in same resource group, with accelerated networking. + azure_rm_virtualmachinescaleset: + resource_group: "{{ resource_group }}" + name: testVMSS{{ rpfx }}2 + vm_size: Standard_D3_v2 + capacity: 0 + virtual_network_name: VMSStestVnet + subnet_name: VMSStestSubnet + admin_username: testuser + ssh_password_enabled: false + ssh_public_keys: + - path: /home/testuser/.ssh/authorized_keys + key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com" + image: + name: testimageb + resource_group: "{{ resource_group }}" + upgrade_policy: Manual + security_group: testNetworkSecurityGroup + enable_accelerated_networking: yes + single_placement_group: True + register: results + +- name: Assert that something has changed + assert: + that: + - results.changed + +- name: update VMSS with security group in different resource group. + azure_rm_virtualmachinescaleset: + resource_group: "{{ resource_group }}" + name: testVMSS{{ rpfx }}2 + vm_size: Standard_B1s + capacity: 0 + virtual_network_name: VMSStestVnet + subnet_name: VMSStestSubnet + admin_username: testuser + ssh_password_enabled: false + ssh_public_keys: + - path: /home/testuser/.ssh/authorized_keys + key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com" + image: + name: testimageb + resource_group: "{{ resource_group }}" + upgrade_policy: Manual + security_group: + name: testNetworkSecurityGroup2 + resource_group: "{{ resource_group_secondary }}" + single_placement_group: True + register: results + +# disable for now +#- name: Assert that security group is correct +# assert: +# that: +# - 'results.changed' +# - '"testNetworkSecurityGroup2" in results.ansible_facts.azure_vmss.properties.virtualMachineProfile.networkProfile.networkInterfaceConfigurations.0.properties.networkSecurityGroup.id' + +- name: Delete VMSS + azure_rm_virtualmachinescaleset: + resource_group: "{{ resource_group }}" + name: testVMSS{{ rpfx }}2 + state: absent + +- name: Create VMSS with ephmeral OS disk. + azure_rm_virtualmachinescaleset: + resource_group: "{{ resource_group }}" + name: testVMSS{{ rpfx }}3 + vm_size: Standard_DS2_v2 + capacity: 0 + virtual_network_name: VMSStestVnet + subnet_name: VMSStestSubnet + admin_username: testuser + ssh_password_enabled: false + ssh_public_keys: + - path: /home/testuser/.ssh/authorized_keys + key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com" + ephemeral_os_disk: True + image: + name: testimageb + resource_group: "{{ resource_group }}" + upgrade_policy: Manual + security_group: + name: testNetworkSecurityGroup2 + resource_group: "{{ resource_group_secondary }}" + single_placement_group: True + register: results + +- assert: + that: + - results.changed + - results.ansible_facts.azure_vmss.properties.virtualMachineProfile.storageProfile.osDisk.diffDiskSettings.option == 'Local' + +- name: Check VMSS ephmeral OS disk can't udpate + azure_rm_virtualmachinescaleset: + resource_group: "{{ resource_group }}" + name: testVMSS{{ rpfx }}3 + vm_size: Standard_DS2_v2 + capacity: 0 + virtual_network_name: VMSStestVnet + subnet_name: VMSStestSubnet + admin_username: testuser + ssh_password_enabled: false + ssh_public_keys: + - path: /home/testuser/.ssh/authorized_keys + key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com" + ephemeral_os_disk: False + image: + name: testimageb + resource_group: "{{ resource_group }}" + upgrade_policy: Manual + security_group: + name: testNetworkSecurityGroup2 + resource_group: "{{ resource_group_secondary }}" + single_placement_group: True + ignore_errors: yes + +- name: Delete VMSS + azure_rm_virtualmachinescaleset: + resource_group: "{{ resource_group }}" + name: testVMSS{{ rpfx }}3 + state: absent + +- name: Fail when instance type is not supported to enable accelerated networking + azure_rm_virtualmachinescaleset: + resource_group: "{{ resource_group }}" + name: testVMSS{{ rpfx }}4 + vm_size: Standard_B1s + virtual_network_name: VMSStestVnet + subnet_name: VMSStestSubnet + admin_username: testuser + ssh_password_enabled: false + ssh_public_keys: + - path: /home/testuser/.ssh/authorized_keys + key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com" + image: + offer: UbuntuServer + publisher: Canonical + sku: 18.04-LTS + version: latest + upgrade_policy: Manual + enable_accelerated_networking: yes + single_placement_group: True + register: results + ignore_errors: yes + +- name: Assert failure to show that accelerated networking is enabled only with supported instance types. + assert: + that: + - '"VMSizeIsNotPermittedToEnableAcceleratedNetworkingForVmss" in results.msg' + +- name: Delete VMSS + azure_rm_virtualmachinescaleset: + resource_group: "{{ resource_group }}" + name: testVMSS{{ rpfx }}4 + state: absent + +- name: Delete network security group + azure_rm_securitygroup: + resource_group: "{{ resource_group }}" + name: testNetworkSecurityGroup + state: absent + +- name: Delete network security group + azure_rm_securitygroup: + resource_group: "{{ resource_group_secondary }}" + name: testNetworkSecurityGroup2 + state: absent + +- name: Delete load balancer + azure_rm_loadbalancer: + resource_group: "{{ resource_group }}" + name: testLB + state: absent + +- name: Delete public IP address + azure_rm_publicipaddress: + resource_group: "{{ resource_group }}" + state: absent + name: testPublicIP + +- name: Delete virtual network + azure_rm_virtualnetwork: + resource_group: "{{ resource_group }}" + name: VMSStestVnet + state: absent + address_prefixes: "10.0.0.0/16" + +# TODO: Until we have a module to create/delete images this is the best tests +# I can do +- name: assert error thrown with invalid image dict + azure_rm_virtualmachinescaleset: + resource_group: "{{ resource_group }}" + name: testvm002 + vm_size: Standard_B1s + image: + offer: UbuntuServer + register: fail_invalid_image_dict + failed_when: 'fail_invalid_image_dict.msg != "parameter error: expecting image to contain [publisher, offer, sku, version], [name, resource_group] or [id]"' + +- name: assert error thrown with invalid image type + azure_rm_virtualmachinescaleset: + resource_group: "{{ resource_group }}" + name: testvm002 + vm_size: Standard_B1s + image: + - testing + register: fail_invalid_image_type + failed_when: 'fail_invalid_image_type.msg != "parameter error: expecting image to be a string or dict not list"' + +- name: assert error finding missing custom image + azure_rm_virtualmachinescaleset: + resource_group: "{{ resource_group }}" + name: testvm002 + vm_size: Standard_B1s + image: invalid-image + register: fail_missing_custom_image + failed_when: fail_missing_custom_image.msg != "Error could not find image with name invalid-image" + +- name: assert error finding missing custom image (dict style) + azure_rm_virtualmachinescaleset: + resource_group: "{{ resource_group }}" + name: testvm002 + vm_size: Standard_B1s + image: + name: invalid-image + register: fail_missing_custom_image_dict + failed_when: fail_missing_custom_image_dict.msg != "Error could not find image with name invalid-image" diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachinesize_info/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachinesize_info/aliases new file mode 100644 index 000000000..759eafa2d --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachinesize_info/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group3 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachinesize_info/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachinesize_info/meta/main.yml new file mode 100644 index 000000000..48f5726d8 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachinesize_info/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure
\ No newline at end of file diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachinesize_info/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachinesize_info/tasks/main.yml new file mode 100644 index 000000000..d3aad3f72 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachinesize_info/tasks/main.yml @@ -0,0 +1,20 @@ +- name: set location + set_fact: + location: eastus + +- name: Get specific size information for a specific location + azure_rm_virtualmachinesize_info: + location: "{{ location }}" + name: Standard_A1_v2 + register: output + +- assert: + that: output['sizes'] | length == 1 + +- name: Get available sizes for a specific location + azure_rm_virtualmachinesize_info: + location: "{{ location }}" + register: output + +- assert: + that: output['sizes'] | length > 0 diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetwork/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetwork/aliases new file mode 100644 index 000000000..aa77c071a --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetwork/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group2 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetwork/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetwork/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetwork/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetwork/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetwork/tasks/main.yml new file mode 100644 index 000000000..143396720 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetwork/tasks/main.yml @@ -0,0 +1,187 @@ +- name: Prepare random number + set_fact: + vnetname: "vnet{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + +- name: Delete virtual network, if it exists + azure_rm_virtualnetwork: + name: "{{ vnetname }}" + resource_group: "{{ resource_group }}" + state: absent + +- name: Create virtual network + azure_rm_virtualnetwork: + name: "{{ vnetname }}" + address_prefixes_cidr: + - 10.1.0.0/16 + - 172.100.0.0/16 + - fdda:e69b:1587:495e::/64 + tags: + testing: testing + delete: on-exit + resource_group: "{{ resource_group }}" + +- name: Update virtual network with dns server + azure_rm_virtualnetwork: + flow_timeout_in_minutes: 8 + name: "{{ vnetname }}" + address_prefixes_cidr: + - 10.1.0.0/16 + - 172.100.0.0/16 + - fdda:e69b:1587:495e::/64 + dns_servers: + - 127.0.0.1 + - 127.0.0.3 + tags: + testing: testing + delete: on-exit + resource_group: "{{ resource_group }}" + register: output + +- assert: + that: + - "output.state.address_prefixes | length == 3" + - "output.state.flow_timeout_in_minutes == 8" + - "output.state.dns_servers | length == 2" + - "output.state.tags.delete == 'on-exit'" + - "output.state.tags | length == 2" + +- name: Attach a subnet + azure_rm_subnet: + resource_group: "{{ resource_group }}" + name: "{{ vnetname }}" + virtual_network_name: "{{ vnetname }}" + address_prefix_cidr: "10.1.0.0/24" + +- name: Gather facts by name, tags + azure_rm_virtualnetwork_info: + resource_group: "{{ resource_group }}" + name: "{{ vnetname }}" + tags: + - testing + register: facts + +- assert: + that: + - "facts.virtualnetworks | length == 1" + - "facts.virtualnetworks[0].dns_servers | length == 2" + - "facts.virtualnetworks[0].address_prefixes | length == 3" + - "facts.virtualnetworks[0].flow_timeout_in_minutes == 8" + - "facts.virtualnetworks[0].subnets | length == 1" + +- name: Gather facts by resource group, tags + azure_rm_virtualnetwork_info: + resource_group: "{{ resource_group }}" + tags: + - testing + register: facts + +- assert: + that: "facts.virtualnetworks | length >= 1" + +- name: Gather facts by tags + azure_rm_virtualnetwork_info: + tags: + - testing + register: facts + +- assert: + that: "facts.virtualnetworks | length >= 1" + +- name: Should be idempotent + azure_rm_virtualnetwork: + name: "{{ vnetname }}" + address_prefixes_cidr: + - 10.1.0.0/16 + - 172.100.0.0/16 + - fdda:e69b:1587:495e::/64 + dns_servers: + - 127.0.0.1 + - 127.0.0.3 + tags: + testing: testing + delete: on-exit + resource_group: "{{ resource_group }}" + register: output + +- assert: + that: not output.changed + +- name: Update tags + azure_rm_virtualnetwork: + name: "{{ vnetname }}" + tags: + testing: 'no' + delete: never + foo: bar + resource_group: "{{ resource_group }}" + register: output + +- assert: + that: output.state.tags | length == 3 + +- name: Purge tags + azure_rm_virtualnetwork: + name: "{{ vnetname }}" + append_tags: no + tags: + testing: 'always' + resource_group: "{{ resource_group }}" + register: output + +- assert: + that: + - output.state.tags | length == 1 + - output.state.tags.testing == 'always' + +- name: Should require address_prefixes_cidr when purge_address_prefixes + azure_rm_virtualnetwork: + name: "{{ vnetname }}" + purge_address_prefixes: true + resource_group: "{{ resource_group }}" + register: output + ignore_errors: yes + +- assert: + that: output.failed + +- name: Purge address prefixes + azure_rm_virtualnetwork: + name: "{{ vnetname }}" + address_prefixes_cidr: 10.1.0.0/16 + purge_address_prefixes: true + resource_group: "{{ resource_group }}" + register: output + +- assert: + that: + - output.state.address_prefixes | length == 1 + - output.state.address_prefixes[0] == '10.1.0.0/16' + - output.state.dns_servers | length == 2 + - output.state.dns_servers[0] == '127.0.0.1' + +- name: Purge DNS servers + azure_rm_virtualnetwork: + name: "{{ vnetname }}" + purge_dns_servers: true + resource_group: "{{ resource_group }}" + register: output + +- assert: + that: output.state['dns_servers'] is undefined + +- name: Gather facts + azure_rm_virtualnetwork_info: + resource_group: "{{ resource_group }}" + name: "{{ vnetname }}" + register: facts + +- assert: + that: + - facts.virtualnetworks | length == 1 + - "facts.virtualnetworks[0].subnets | length == 1" + +- name: Delete virtual network + azure_rm_virtualnetwork: + name: "{{ vnetname }}" + resource_group: "{{ resource_group }}" + state: absent diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetworkgateway/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetworkgateway/aliases new file mode 100644 index 000000000..6166f9737 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetworkgateway/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group14 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetworkgateway/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetworkgateway/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetworkgateway/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetworkgateway/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetworkgateway/tasks/main.yml new file mode 100644 index 000000000..9dbd87e69 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetworkgateway/tasks/main.yml @@ -0,0 +1,218 @@ +# FIXME: needs minimal tests (check mode?) that can run quickly, VNG creation takes > 20min + +- name: Prepare random number + set_fact: + vnetname: "vnet{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + vngname: "vng{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + pubipname: "testPublicIP{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + +- name: Create virtual network gateway without bgp settings (check mode) + check_mode: yes + azure_rm_virtualnetworkgateway: + resource_group: "{{ resource_group }}" + name: "{{ vngname }}" + ip_configurations: + - name: testipconfig + private_ip_allocation_method: Dynamic + public_ip_address_name: "{{ pubipname }}" + virtual_network: "{{ vnetname }}" + tags: + common: "xyz" + register: output + +- assert: + that: output.changed + +- name: Create virtual network gateway Generation2 (check mode) + check_mode: yes + azure_rm_virtualnetworkgateway: + resource_group: "{{ resource_group }}" + name: "{{ vngname }}" + sku: VpnGw2 + vpn_gateway_generation: Generation2 + ip_configurations: + - name: testipconfig + private_ip_allocation_method: Dynamic + public_ip_address_name: "{{ pubipname }}" + virtual_network: "{{ vnetname }}" + tags: + common: "xyz" + +- assert: + that: output.changed + + +- name: long-running virtualnetworkgateway tests [run with `--tags long_run,untagged` to enable] + tags: [long_run, never] + block: + - name: Create virtual network + azure_rm_virtualnetwork: + resource_group: "{{ resource_group }}" + name: "{{ vnetname }}" + address_prefixes: "10.0.0.0/16" + + - name: Add subnet + azure_rm_subnet: + resource_group: "{{ resource_group }}" + name: GatewaySubnet + address_prefix: "10.0.2.0/24" + virtual_network: "{{ vnetname }}" + + - name: Create public IP address + azure_rm_publicipaddress: + resource_group: "{{ resource_group }}" + allocation_method: Dynamic + name: "{{ pubipname }}" + + - name: Create virtual network gateway without bgp settings + azure_rm_virtualnetworkgateway: + resource_group: "{{ resource_group }}" + name: "{{ vngname }}" + ip_configurations: + - name: testipconfig + private_ip_allocation_method: Dynamic + public_ip_address_name: testPublicIP + virtual_network: "{{ vnetname }}" + tags: + common: "xyz" + register: output + + - assert: + that: output.changed + + - name: Create virtual network gateway without bgp settings - idempotent + azure_rm_virtualnetworkgateway: + resource_group: "{{ resource_group }}" + name: "{{ vngname }}" + ip_configurations: + - name: testipconfig + private_ip_allocation_method: Dynamic + public_ip_address_name: "{{ pubipname }}" + virtual_network: "{{ vnetname }}" + tags: + common: "xyz" + register: output + + - assert: + that: not output.changed + + - name: Update virtual network gateway + azure_rm_virtualnetworkgateway: + resource_group: "{{ resource_group }}" + name: "{{ vngname }}" + ip_configurations: + - name: testipconfig + private_ip_allocation_method: Dynamic + public_ip_address_name: "{{ pubipname }}" + virtual_network: "{{ vnetname }}" + tags: + common: "mno" + register: output + - assert: + that: output.changed + + - name: Delete virtual network gateway + azure_rm_virtualnetworkgateway: + resource_group: "{{ resource_group }}" + name: "{{ vngname }}" + state: absent + register: output + - assert: + that: output.changed + +- name: long-running generation virtualnetworkgateway tests [run with `--tags long_run_gen,untagged` to enable] + tags: [long_run_gen, never] + block: + - name: Create virtual network + azure_rm_virtualnetwork: + resource_group: "{{ resource_group }}" + name: "{{ vnetname }}" + address_prefixes: "10.0.0.0/16" + + - name: Add subnet + azure_rm_subnet: + resource_group: "{{ resource_group }}" + name: GatewaySubnet + address_prefix: "10.0.2.0/24" + virtual_network: "{{ vnetname }}" + + - name: Create public IP address + azure_rm_publicipaddress: + resource_group: "{{ resource_group }}" + allocation_method: Dynamic + name: "{{ pubipname }}" + + - name: Create virtual network gateway w/ sku and Generation2 + azure_rm_virtualnetworkgateway: + resource_group: "{{ resource_group }}" + name: "{{ vngname }}" + sku: VpnGw2 + vpn_gateway_generation: Generation2 + ip_configurations: + - name: testipconfig + private_ip_allocation_method: Dynamic + public_ip_address_name: "{{ pubipname }}" + virtual_network: "{{ vnetname }}" + tags: + common: "xyz" + + - assert: + that: output.changed + + - name: Update virtual network gateway + azure_rm_virtualnetworkgateway: + resource_group: "{{ resource_group }}" + name: "{{ vngname }}" + sku: VpnGw2 + vpn_gateway_generation: Generation2 + ip_configurations: + - name: testipconfig + private_ip_allocation_method: Dynamic + public_ip_address_name: "{{ pubipname }}" + virtual_network: "{{ vnetname }}" + tags: + common: "mno" + + register: output + - assert: + that: output.changed + + - name: Delete virtual network gateway + azure_rm_virtualnetworkgateway: + resource_group: "{{ resource_group }}" + name: "{{ vngname }}" + state: absent + register: output + - assert: + that: output.changed + +- name: Delete virtual network gateway - idempotent + azure_rm_virtualnetworkgateway: + resource_group: "{{ resource_group }}" + name: "{{ vngname }}" + state: absent + register: output +- assert: + that: not output.changed + +# Clean up networking components after test +- name: Delete subnet + azure_rm_subnet: + resource_group: "{{ resource_group }}" + name: GatewaySubnet + virtual_network: "{{ vnetname }}" + state: absent + + +- name: Delete public IP address + azure_rm_publicipaddress: + resource_group: "{{ resource_group }}" + allocation_method: Dynamic + name: "{{ pubipname }}" + state: absent + +- name: Delete virtual network + azure_rm_virtualnetwork: + resource_group: "{{ resource_group }}" + name: "{{ vnetname }}" + state: absent diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetworkpeering/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetworkpeering/aliases new file mode 100644 index 000000000..5afc4b6f3 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetworkpeering/aliases @@ -0,0 +1,4 @@ +cloud/azure +shippable/azure/group14 +unsupported +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetworkpeering/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetworkpeering/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetworkpeering/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetworkpeering/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetworkpeering/tasks/main.yml new file mode 100644 index 000000000..bf7a4aa13 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetworkpeering/tasks/main.yml @@ -0,0 +1,126 @@ +- name: Prepare random number + set_fact: + vnetname1: "vnet1{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + vnetname2: "vnet2{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + peering_name: "peering1{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 100 | random }}" + +- name: Create first virtual network + azure_rm_virtualnetwork: + name: "{{ vnetname1 }}" + address_prefixes_cidr: + - 10.1.0.0/16 + tags: + testing: testing + delete: on-exit + resource_group: "{{ resource_group }}" + register: vnet1 + +- name: Create second virtual network + azure_rm_virtualnetwork: + name: "{{ vnetname2 }}" + address_prefixes_cidr: + - 10.2.0.0/24 + resource_group: "{{ resource_group_secondary }}" + register: vnet2 + +- assert: + that: + - vnet1.changed + - vnet2.changed + +- name: Create virtual network peering (check mode) + azure_rm_virtualnetworkpeering: + resource_group: "{{ resource_group }}" + name: "{{ peering_name }}" + virtual_network: "{{ vnetname1 }}" + remote_virtual_network: + resource_group: "{{ resource_group_secondary }}" + name: "{{ vnetname2 }}" + allow_virtual_network_access: false + allow_forwarded_traffic: true + check_mode: yes + register: output + +- assert: + that: output.changed + +- name: Create virtual network peering + azure_rm_virtualnetworkpeering: + resource_group: "{{ resource_group }}" + name: "{{ peering_name }}" + virtual_network: "{{ vnetname1 }}" + remote_virtual_network: + resource_group: "{{ resource_group_secondary }}" + name: "{{ vnetname2 }}" + allow_virtual_network_access: false + allow_forwarded_traffic: true + register: output + +- assert: + that: output.changed + +- name: Update virtual network peering (idempotent) + azure_rm_virtualnetworkpeering: + resource_group: "{{ resource_group }}" + name: "{{ peering_name }}" + virtual_network: "{{ vnetname1 }}" + remote_virtual_network: + resource_group: "{{ resource_group_secondary }}" + name: "{{ vnetname2 }}" + allow_virtual_network_access: false + allow_forwarded_traffic: true + register: output + +- assert: + that: not output.changed + +- name: Update virtual network peering + azure_rm_virtualnetworkpeering: + resource_group: "{{ resource_group }}" + name: "{{ peering_name }}" + virtual_network: "{{ vnetname1 }}" + remote_virtual_network: + resource_group: "{{ resource_group_secondary }}" + name: "{{ vnetname2 }}" + allow_virtual_network_access: true + allow_forwarded_traffic: false + register: output + +- assert: + that: output.changed + +- name: Get facts + azure_rm_virtualnetworkpeering_info: + resource_group: "{{ resource_group }}" + name: "{{ peering_name }}" + virtual_network: "{{ vnetname1 }}" + register: facts + +- name: Assert Facts + assert: + that: + - facts['vnetpeerings'] | length == 1 + - facts['vnetpeerings'][0]['id'] + - facts['vnetpeerings'][0]['peering_state'] + - facts['vnetpeerings'][0]['remote_virtual_network'] + - facts['vnetpeerings'][0]['provisioning_state'] + +- name: Delete virtual network peering + azure_rm_virtualnetworkpeering: + resource_group: "{{ resource_group }}" + name: "{{ peering_name }}" + virtual_network: "{{ vnetname1 }}" + state: absent + register: output + +- name: Delete first virtual network + azure_rm_virtualnetwork: + name: "{{ vnetname1 }}" + resource_group: "{{ resource_group }}" + state: absent + +- name: Delete virtual network + azure_rm_virtualnetwork: + name: "{{ vnetname2 }}" + resource_group: "{{ resource_group_secondary }}" + state: absent
\ No newline at end of file diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualwan/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualwan/aliases new file mode 100644 index 000000000..5d29c6c4d --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualwan/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group10 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualwan/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualwan/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualwan/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualwan/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualwan/tasks/main.yml new file mode 100644 index 000000000..c53b7d513 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualwan/tasks/main.yml @@ -0,0 +1,61 @@ + - name: Prepare random number + set_fact: + rpfx: "{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + run_once: yes + + - name: Create a VirtualWan + azure_rm_virtualwan: + resource_group: "{{ resource_group }}" + name: "virtualwan{{ rpfx }}" + office365_local_breakout_category: All + disable_vpn_encryption: true + allow_branch_to_branch_traffic: true + allow_vnet_to_vnet_traffic: true + virtual_wan_type: Basic + register: output + + - assert: + that: + - output.changed + + - name: Create a VirtualWan again (Idempotent test) + azure_rm_virtualwan: + resource_group: "{{ resource_group }}" + name: "virtualwan{{ rpfx }}" + register: output + + - assert: + that: + - not output.changed + + - name: Update the VirtualWan + azure_rm_virtualwan: + resource_group: "{{ resource_group }}" + office365_local_breakout_category: All + name: "virtualwan{{ rpfx }}" + disable_vpn_encryption: false + allow_branch_to_branch_traffic: true + allow_vnet_to_vnet_traffic: true + virtual_wan_type: Basic + register: output + + - assert: + that: + - output.changed + + - name: Get VirtualWan info + azure_rm_virtualwan_info: + resource_group: "{{ resource_group }}" + name: "virtualwan{{ rpfx }}" + register: output + + - assert: + that: + - output.virtual_wans[0]['allow_branch_to_branch_traffic'] == true + - output.virtual_wans[0]['disable_vpn_encryption'] == false + + - name: Delete the VirtualWan + azure_rm_virtualwan: + resource_group: "{{ resource_group }}" + name: "virtualwan{{ rpfx }}" + state: absent diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_vmbackuppolicy/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_vmbackuppolicy/aliases new file mode 100644 index 000000000..cc941b59c --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_vmbackuppolicy/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group12 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_vmbackuppolicy/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_vmbackuppolicy/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_vmbackuppolicy/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_vmbackuppolicy/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_vmbackuppolicy/tasks/main.yml new file mode 100644 index 000000000..9eb906f90 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_vmbackuppolicy/tasks/main.yml @@ -0,0 +1,78 @@ +- name: Fix resource prefix + set_fact: + name: "myPolicy{{ resource_group | hash('md5') | truncate(22, True, '') }}" + vault_name: "myVault" + location: "eastus" + +- name: Create Azure Recovery Service vault + azure_rm_recoveryservicesvault: + resource_group: "{{ resource_group }}" + name: "{{ name }}" + location: "{{ location }}" + state: "present" + register: vault + +- name: Create VM Backup Policy + azure_rm_vmbackuppolicy: + resource_group: "{{ resource_group }}" + name: "{{ name }}" + vault_name: "{{ vault.response.name }}" + state: "present" + register: output + +- name: Assert that output has changed + assert: + that: + - output.changed + +- name: Create VM Backup Policy (idempotent) + azure_rm_vmbackuppolicy: + resource_group: "{{ resource_group }}" + name: "{{ name }}" + vault_name: "{{ vault.response.name }}" + state: "present" + register: output + +- name: Assert that output has no changed + assert: + that: + - not output.changed + +- name: Get VM Backup Policy Details + azure_rm_vmbackuppolicy_info: + resource_group: "{{ resource_group }}" + name: "{{ name }}" + vault_name: "{{ vault.response.name }}" + register: output + +- name: Assert that output has changed + assert: + that: + - output.response.id != None + - output.response.name != None + +- name: Delete VM Backup Policy + azure_rm_vmbackuppolicy: + resource_group: "{{ resource_group }}" + name: "{{ name }}" + vault_name: "{{ vault.response.name }}" + state: "absent" + register: output + +- name: Assert that output has changed + assert: + that: + - output.changed + +- name: Delete Azure Recovery Service vault + azure_rm_recoveryservicesvault: + resource_group: "{{ resource_group }}" + name: "{{ vault.response.name }}" + location: "{{ location }}" + state: "absent" + register: output + +- name: Assert that output has changed + assert: + that: + - output.changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_vpnsite/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_vpnsite/aliases new file mode 100644 index 000000000..8767e0189 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_vpnsite/aliases @@ -0,0 +1,3 @@ +cloud/azure +destructive +shippable/azure/group10 diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_vpnsite/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_vpnsite/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_vpnsite/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_vpnsite/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_vpnsite/tasks/main.yml new file mode 100644 index 000000000..07cb7dd45 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_vpnsite/tasks/main.yml @@ -0,0 +1,102 @@ + - name: Create vpn site name + set_fact: + vpn_site: "vpn{{ resource_group | hash('md5') | truncate(22, True, '') }}" + + - name: Create a VpnSite + azure_rm_vpnsite: + resource_group: "{{ resource_group }}" + name: "{{ vpn_site }}" + ip_address: 10.0.0.0 + is_security_site: true + device_properties: + device_vendor: 10.0.0.23 + device_model: test_model + link_speed_in_mbps: 10 + address_space: + address_prefixes: + - 10.0.0.0/16 + bgp_properties: + asn: 1234 + bgp_peering_address: 192.168.0.0 + o365_policy: + break_out_categories: + allow: false + optimize: false + default: false + register: output + + - assert: + that: + - output.changed + + - name: Create the VpnSite without change (Idempotent test) + azure_rm_vpnsite: + resource_group: "{{ resource_group }}" + name: "{{ vpn_site }}" + ip_address: 10.0.0.0 + is_security_site: true + device_properties: + device_vendor: 10.0.0.23 + device_model: test_model + link_speed_in_mbps: 10 + address_space: + address_prefixes: + - 10.0.0.0/16 + bgp_properties: + asn: 1234 + bgp_peering_address: 192.168.0.0 + o365_policy: + break_out_categories: + allow: false + optimize: false + default: false + register: output + + - assert: + that: + - not output.changed + + - name: Update the VpnSite's device properties + azure_rm_vpnsite: + resource_group: "{{ resource_group }}" + name: "{{ vpn_site }}" + ip_address: 10.0.0.0 + is_security_site: true + device_properties: + device_vendor: 10.0.0.23 + device_model: test_model + link_speed_in_mbps: 100 + address_space: + address_prefixes: + - 10.0.0.0/16 + bgp_properties: + asn: 1234 + bgp_peering_address: 192.168.0.0 + o365_policy: + break_out_categories: + allow: false + optimize: false + default: false + register: output + + - assert: + that: + - output.changed + + - name: Get the VpnSite info + azure_rm_vpnsite_info: + resource_group: "{{ resource_group }}" + name: "{{ vpn_site }}" + register: output + + - assert: + that: + - "output.vpn_sites[0].is_security_site == true" + - "output.vpn_sites[0].ip_address == '10.0.0.0'" + - "output.vpn_sites[0].device_properties.link_speed_in_mbps == 100" + + - name: Delete the VpnSite + azure_rm_vpnsite: + resource_group: "{{ resource_group }}" + name: "{{ vpn_site }}" + state: absent diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webapp/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webapp/aliases new file mode 100644 index 000000000..c7c2aff0c --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webapp/aliases @@ -0,0 +1,5 @@ +cloud/azure +shippable/azure/group3 +destructive +azure_rm_webapp_facts +azure_rm_webappslot diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webapp/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webapp/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webapp/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webapp/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webapp/tasks/main.yml new file mode 100644 index 000000000..b286bfe13 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webapp/tasks/main.yml @@ -0,0 +1,537 @@ +- name: Prepare facts + set_fact: + resource_prefix: "{{ resource_group_secondary | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + run_once: yes + +- name: Fix resource prefix + set_fact: + linux_app_plan_resource_group: "{{ resource_group_secondary }}" + win_app_name: "{{ (resource_prefix | replace('-','x'))[-8:] }}{{ 1000 | random}}winapp" + linux_app_name: "{{ (resource_prefix | replace('-','x'))[-8:] }}{{ 1000 | random}}linuxapp" + win_plan_name: "{{ (resource_prefix | replace('-','x'))[-8:] }}winplan" + linux_plan_name: "{{ (resource_group_secondary | replace('-','x'))[-8:] }}linplan" + slot1_name: "stage1" + +- name: Create a windows web app with non-exist app service plan + azure_rm_webapp: + resource_group: "{{ resource_group }}" + name: "{{ win_app_name }}1" + plan: + resource_group: "{{ resource_group }}" + name: "{{ win_plan_name }}" + is_linux: false + sku: S1 + +- name: Create a windows web app with existing app service plan + azure_rm_webapp: + resource_group: "{{ resource_group }}" + name: "{{ win_app_name }}2" + plan: "{{ win_plan_name }}" + register: output + +- name: stop the web app + azure_rm_webapp: + resource_group: "{{ resource_group }}" + name: "{{ win_app_name }}2" + plan: "{{ win_plan_name }}" + app_state: stopped + register: output + +- name: assert output changed + assert: + that: + output.changed + +- name: get the web app + azure_rm_webapp_info: + resource_group: "{{ resource_group }}" + name: "{{ win_app_name }}2" + register: stopped + +- name: assert web app is stopped + assert: + that: + - stopped.webapps[0].app_state == "Stopped" + +- name: Create a windows web app with existing app service plan, try to update some root level params + azure_rm_webapp: + resource_group: "{{ resource_group }}" + name: "{{ win_app_name }}3" + plan: "{{ win_plan_name }}" + https_only: true + tags: + testwebapptag: test + register: output + +- name: get web app with resource group and tag + azure_rm_webapp_info: + resource_group: "{{ resource_group }}" + name: "{{ win_app_name }}3" + tags: + - testwebapptag + register: output + +- assert: + that: + - output.webapps | length == 1 + +- name: Create a win web app with java run time specific + azure_rm_webapp: + resource_group: "{{ resource_group }}" + name: "{{ win_app_name }}4" + plan: "{{ win_plan_name }}" + frameworks: + - name: "java" + version: "1.8" + settings: + java_container: "Tomcat" + java_container_version: "8.0" + app_settings: + testkey: "testvalue" + register: output + +- name: assert the web app was created + assert: + that: output.changed + +- name: get web app with name + azure_rm_webapp_info: + resource_group: "{{ resource_group }}" + name: "{{ win_app_name }}4" + register: output + +- assert: + that: + - output.webapps | length == 1 + - output.webapps[0].app_settings | length == 1 + - output.webapps[0].frameworks | length > 1 # there's default frameworks eg net_framework + +- name: Update app settings and framework + azure_rm_webapp: + resource_group: "{{ resource_group }}" + name: "{{ win_app_name }}4" + plan: "{{ win_plan_name }}" + frameworks: + - name: "java" + version: "1.7" + settings: + java_container: "Tomcat" + java_container_version: "8.5" + app_settings: + testkey2: "testvalue2" + register: output + +- name: Assert the web app was updated + assert: + that: + - output.changed + +- name: get web app with name + azure_rm_webapp_info: + resource_group: "{{ resource_group }}" + name: "{{ win_app_name }}4" + register: output + +- name: Assert updating + assert: + that: + - output.webapps[0].app_settings | length == 2 + - output.webapps[0].app_settings['testkey'] == 'testvalue' + - output.webapps[0].app_settings['testkey2'] == 'testvalue2' + +- name: get web app with return publishing profile + azure_rm_webapp_info: + resource_group: "{{ resource_group }}" + name: "{{ win_app_name }}4" + return_publish_profile: true + register: output + +- assert: + that: + - output.webapps | length == 1 + - output.webapps[0].publishing_username != "" + - output.webapps[0].publishing_password != "" + +- name: Purge all existing app settings + azure_rm_webapp: + resource_group: "{{ resource_group }}" + name: "{{ win_app_name }}4" + plan: "{{ win_plan_name }}" + purge_app_settings: true + register: output + +- name: Assert the web app was updated + assert: + that: output.changed + +- name: Create a win web app with python run time and php run time + azure_rm_webapp: + resource_group: "{{ resource_group }}" + name: "{{ win_app_name }}5" + plan: "{{ win_plan_name }}" + frameworks: + - name: "python" + version: "2.7" + - name: node + version: "6.6" + - name: "php" + version: "7.0" + register: output + +- name: Assert the web app was created + assert: + that: output.changed + +- name: Create a docker web app with some app settings + azure_rm_webapp: + resource_group: "{{ resource_group }}" + name: "{{ win_app_name }}6" + plan: + resource_group: "{{ linux_app_plan_resource_group }}" + name: "{{ linux_plan_name }}" + is_linux: true + sku: S1 + number_of_workers: 1 + container_settings: + name: "ansible/ansible:ubuntu1404" + register: output + +- name: Assert the web app was created + assert: + that: output.changed + +- name: Create a docker web app with private acr registry + azure_rm_webapp: + resource_group: "{{ resource_group }}" + name: "{{ win_app_name }}7" + plan: + resource_group: "{{ linux_app_plan_resource_group }}" + name: "{{ linux_plan_name }}" + container_settings: + name: "ansible/ansible:ubuntu1404" + registry_server_url: test.io + registry_server_user: user + registry_server_password: password + register: output + +- name: Assert the web app was created + assert: + that: output.changed + +- name: Create a linux web app with nodejs framework + azure_rm_webapp: + resource_group: "{{ resource_group }}" + name: "{{ win_app_name }}8" + plan: + resource_group: "{{ linux_app_plan_resource_group }}" + name: "{{ linux_plan_name }}" + frameworks: + - name: node + version: "6.6" + register: output + +- name: Should be idempotent with linux web app created + azure_rm_webapp: + resource_group: "{{ resource_group }}" + name: "{{ win_app_name }}8" + plan: + resource_group: "{{ linux_app_plan_resource_group }}" + name: "{{ linux_plan_name }}" + frameworks: + - name: node + version: "6.6" + register: output + +- assert: + that: not output.changed + +- name: Update nodejs framework + azure_rm_webapp: + resource_group: "{{ resource_group }}" + name: "{{ win_app_name }}8" + plan: + resource_group: "{{ linux_app_plan_resource_group }}" + name: "{{ linux_plan_name }}" + frameworks: + - name: node + version: "6.9" + register: output + +- name: Assert the web app was created + assert: + that: output.changed + +- name: Create a linux web app with deployment source github + azure_rm_webapp: + resource_group: "{{ resource_group }}" + name: "{{ win_app_name }}10" + plan: + resource_group: "{{ linux_app_plan_resource_group }}" + name: "{{ linux_plan_name }}" + deployment_source: + url: "https://github.com/test/test" + branch: master + scm_type: GitHub + register: output + +- name: Assert the web app was created + assert: + that: output.changed + +- name: Delete web app + azure_rm_webapp: + resource_group: "{{ resource_group }}" + name: "{{ win_app_name }}8" + state: absent + register: output + +- name: Assert the web app was deleted + assert: + that: output.changed + +- name: assert error that java is mutually exclusive with frameworks + azure_rm_webapp: + resource_group: "{{ resource_group }}" + name: "{{ win_app_name }}11" + plan: "{{ win_plan_name }}" + frameworks: + - name: "python" + version: "2.7" + - name: "java" + version: "1.8" + register: fail_win_java_version_mutual_exclusive + failed_when: 'fail_win_java_version_mutual_exclusive.msg != "Java is mutually exclusive with other frameworks."' + +- name: assert error when linux web app, only can specify one framework + azure_rm_webapp: + resource_group: "{{ resource_group }}" + name: "{{ linux_plan_name }}12" + plan: + resource_group: "{{ linux_app_plan_resource_group }}" + name: "{{ linux_plan_name }}" + frameworks: + - name: "python" + version: "2.7" + - name: "node" + version: "6.6" + register: fail_linux_one_framework_only + failed_when: fail_linux_one_framework_only.msg != "Can specify one framework only for Linux web app." + +- name: Create a linux web app with java tomcat container + azure_rm_webapp: + resource_group: "{{ resource_group }}" + name: "{{ win_app_name }}13" + plan: + resource_group: "{{ linux_app_plan_resource_group }}" + name: "{{ linux_plan_name }}" + frameworks: + - name: java + version: "8" + settings: + java_container: "tomcat" + java_container_version: "8.5" + register: output + +- name: Assert the web app was created + assert: + that: output.changed + +- name: Get facts with publish profile + azure_rm_webapp_info: + resource_group: "{{ resource_group }}" + name: "{{ win_app_name }}13" + no_log: true + register: facts + +- name: Assert publish profile returned + assert: + that: + - facts.webapps[0].ftp_publish_url != '' + +- name: Create a web app with various site config params + azure_rm_webapp: + resource_group: "{{ resource_group }}" + name: "{{ linux_app_name }}-siteconfig" + plan: + resource_group: "{{ linux_app_plan_resource_group }}" + name: "{{ linux_app_name }}-siteconfig-plan" + is_linux: true + sku: S1 + frameworks: + - name: java + version: "8" + settings: + java_container: "tomcat" + java_container_version: "8.5" + client_affinity_enabled: false + https_only: true + always_on: true + min_tls_version: "1.2" + ftps_state: "Disabled" + register: output +- name: Assert the web app was created + assert: + that: output.changed + +- name: Create a web app with various site config params - idempotent + azure_rm_webapp: + resource_group: "{{ resource_group }}" + name: "{{ linux_app_name }}-siteconfig" + plan: + resource_group: "{{ linux_app_plan_resource_group }}" + name: "{{ linux_app_name }}-siteconfig-plan" + is_linux: true + sku: S1 + frameworks: + - name: java + version: "8" + settings: + java_container: "tomcat" + java_container_version: "8.5" + client_affinity_enabled: false + https_only: true + always_on: true + min_tls_version: "1.2" + ftps_state: "Disabled" + register: output +- name: Assert the web app not changed + assert: + that: not output.changed + +- name: Get facts for site config params + azure_rm_webapp_info: + resource_group: "{{ resource_group }}" + name: "{{ linux_app_name }}-siteconfig" + register: facts +- name: Assert site config params meet expectations + assert: + that: + - facts.webapps[0].always_on + - facts.webapps[0].min_tls_version == '1.2' + - facts.webapps[0].ftps_state == 'Disabled' + +- name: Update web app with various site config params - single change + azure_rm_webapp: + resource_group: "{{ resource_group }}" + name: "{{ linux_app_name }}-siteconfig" + plan: + resource_group: "{{ linux_app_plan_resource_group }}" + name: "{{ linux_app_name }}-siteconfig-plan" + is_linux: true + sku: S1 + frameworks: + - name: java + version: "8" + settings: + java_container: "tomcat" + java_container_version: "8.5" + client_affinity_enabled: false + https_only: true + always_on: true + min_tls_version: "1.2" + ftps_state: "FtpsOnly" + register: output +- name: Assert the web app was updated + assert: + that: output.changed + +- name: Get facts for site config params + azure_rm_webapp_info: + resource_group: "{{ resource_group }}" + name: "{{ linux_app_name }}-siteconfig" + register: facts +- name: Assert site config params meet expectations + assert: + that: + - facts.webapps[0].always_on + - facts.webapps[0].min_tls_version == '1.2' + - facts.webapps[0].ftps_state == 'FtpsOnly' + +- name: Create a webapp slot (Check mode) + azure_rm_webappslot: + resource_group: "{{ resource_group }}" + webapp_name: "{{ win_app_name }}13" + name: "{{ slot1_name }}" + configuration_source: "{{ win_app_name }}13" + app_settings: + testkey: testvalue + check_mode: yes + register: output + +- name: Assert slot check mode creation + assert: + that: + - output.changed + +- name: Create a webapp slot + azure_rm_webappslot: + resource_group: "{{ resource_group }}" + webapp_name: "{{ win_app_name }}13" + name: "{{ slot1_name }}" + configuration_source: "{{ win_app_name }}13" + app_settings: + testkey: testvalueslot + register: output + +- name: Assert slot creation + assert: + that: + - output.changed + +- name: Update webapp slot (idempotence) + azure_rm_webappslot: + resource_group: "{{ resource_group }}" + webapp_name: "{{ win_app_name }}13" + name: "{{ slot1_name }}" + app_settings: + testkey: testvalueslot + register: output + +- name: Assert idempotence + assert: + that: + - not output.changed + +- name: Update webapp slot + azure_rm_webappslot: + resource_group: "{{ resource_group }}" + webapp_name: "{{ win_app_name }}13" + name: "{{ slot1_name }}" + frameworks: + - name: "node" + version: "10.1" + app_settings: + testkey: testvalue2 + register: output + +- name: Assert updating + assert: + that: + - output.changed + +- name: Swap webapp slot + azure_rm_webappslot: + resource_group: "{{ resource_group }}" + webapp_name: "{{ win_app_name }}13" + name: "{{ slot1_name }}" + swap: + action: swap + register: output + +- name: Assert swap + assert: + that: + - output.changed + +- name: Stop webapp slot + azure_rm_webappslot: + resource_group: "{{ resource_group }}" + webapp_name: "{{ win_app_name }}13" + name: "{{ slot1_name }}" + app_state: stopped + register: output + +- name: Assert stopped + assert: + that: + - output.changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webappaccessrestriction/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webappaccessrestriction/aliases new file mode 100644 index 000000000..759eafa2d --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webappaccessrestriction/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group3 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webappaccessrestriction/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webappaccessrestriction/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webappaccessrestriction/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webappaccessrestriction/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webappaccessrestriction/tasks/main.yml new file mode 100644 index 000000000..05061d195 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webappaccessrestriction/tasks/main.yml @@ -0,0 +1,268 @@ +- name: Prepare random number + set_fact: + rpfx: "{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + run_once: true + +- name: Create a web app + azure_rm_webapp: + resource_group: "{{ resource_group }}" + name: webapp{{ rpfx }} + plan: + resource_group: "{{ resource_group }}" + name: webappplan{{ rpfx }} + is_linux: false + sku: S1 + +- name: "Create webapp access restriction - check mode" + azure_rm_webappaccessrestriction: + name: webapp{{ rpfx }} + resource_group: "{{ resource_group }}" + ip_security_restrictions: + - name: "Datacenter 1" + action: "Allow" + ip_address: "1.1.1.1/24" + priority: 1 + - name: "Datacenter 2" + action: "Allow" + ip_address: "2.2.2.2/24" + priority: 2 + scm_ip_security_restrictions_use_main: true + register: output + check_mode: true +- name: Assert the resource is well created + assert: + that: output.changed + +- name: "Create webapp access restriction" + azure_rm_webappaccessrestriction: + name: webapp{{ rpfx }} + resource_group: "{{ resource_group }}" + ip_security_restrictions: + - name: "Datacenter 1" + action: "Allow" + ip_address: "1.1.1.1/24" + priority: 1 + - name: "Datacenter 2" + action: "Allow" + ip_address: "2.2.2.2/24" + priority: 2 + scm_ip_security_restrictions_use_main: true + register: output +- name: Assert the resource is well created + assert: + that: + - output.changed + - output.ip_security_restrictions | length == 2 + - output.ip_security_restrictions[0].action == 'Allow' + - output.ip_security_restrictions[0].ip_address == '1.1.1.1/24' + - output.ip_security_restrictions[1].action == 'Allow' + - output.ip_security_restrictions[1].ip_address == '2.2.2.2/24' + - output.scm_ip_security_restrictions_use_main == true + +- name: "Check webapp access restriction facts 1" + azure_rm_webappaccessrestriction_info: + name: webapp{{ rpfx }} + resource_group: "{{ resource_group }}" + register: output +- name: Assert restrictions + assert: + that: + - not output.changed + - output.ip_security_restrictions | length == 2 + - output.ip_security_restrictions[0].action == 'Allow' + - output.ip_security_restrictions[0].ip_address == '1.1.1.1/24' + - output.ip_security_restrictions[1].action == 'Allow' + - output.ip_security_restrictions[1].ip_address == '2.2.2.2/24' + - output.scm_ip_security_restrictions_use_main == true + +- name: "Create webapp access restriction - idempotent" + azure_rm_webappaccessrestriction: + name: webapp{{ rpfx }} + resource_group: "{{ resource_group }}" + ip_security_restrictions: + - name: "Datacenter 1" + action: "Allow" + ip_address: "1.1.1.1/24" + priority: 1 + - name: "Datacenter 2" + action: "Allow" + ip_address: "2.2.2.2/24" + priority: 2 + scm_ip_security_restrictions_use_main: true + register: output +- name: Assert the resource is not changed + assert: + that: not output.changed + +- name: "Delete specific webapp access restriction" + azure_rm_webappaccessrestriction: + name: webapp{{ rpfx }} + resource_group: "{{ resource_group }}" + ip_security_restrictions: + - name: "Datacenter 1" + action: "Allow" + ip_address: "1.1.1.1/24" + priority: 1 + scm_ip_security_restrictions_use_main: true + register: output +- name: Assert the resource is updated + assert: + that: + - output.changed + - output.ip_security_restrictions | length == 1 + - output.ip_security_restrictions[0].action == 'Allow' + - output.ip_security_restrictions[0].ip_address == '1.1.1.1/24' + - output.scm_ip_security_restrictions_use_main == true + +- name: "Update existing webapp access restriction 1" + azure_rm_webappaccessrestriction: + name: webapp{{ rpfx }} + resource_group: "{{ resource_group }}" + ip_security_restrictions: + - name: "Datacenter 1" + action: "Deny" + ip_address: "1.2.3.4/24" + priority: 1 + scm_ip_security_restrictions_use_main: true + register: output +- name: Assert the resource is updated + assert: + that: + - output.changed + - output.ip_security_restrictions | length == 1 + - output.ip_security_restrictions[0].action == 'Deny' + - output.ip_security_restrictions[0].ip_address == '1.2.3.4/24' + - output.scm_ip_security_restrictions_use_main == true + +- name: "Update existing webapp access restriction 1" + azure_rm_webappaccessrestriction: + name: webapp{{ rpfx }} + resource_group: "{{ resource_group }}" + ip_security_restrictions: + - name: "Datacenter 1" + action: "Deny" + ip_address: "1.2.3.4/24" + priority: 1 + scm_ip_security_restrictions_use_main: false + register: output +- name: Assert the resource is updated + assert: + that: + - output.changed + - output.ip_security_restrictions | length == 1 + - output.ip_security_restrictions[0].action == 'Deny' + - output.ip_security_restrictions[0].ip_address == '1.2.3.4/24' + - output.scm_ip_security_restrictions_use_main == false + +- name: "Update existing webapp access restriction 3" + azure_rm_webappaccessrestriction: + name: webapp{{ rpfx }} + resource_group: "{{ resource_group }}" + ip_security_restrictions: + - name: "Datacenter 1" + action: "Deny" + ip_address: "1.2.3.4/24" + priority: 1 + scm_ip_security_restrictions: + - name: "Datacenter 1" + action: "Deny" + ip_address: "1.2.3.4/24" + priority: 1 + scm_ip_security_restrictions_use_main: false + register: output +- name: Assert the resource is updated + assert: + that: + - output.changed + - output.ip_security_restrictions | length == 1 + - output.ip_security_restrictions[0].action == 'Deny' + - output.ip_security_restrictions[0].ip_address == '1.2.3.4/24' + - output.scm_ip_security_restrictions | length == 1 + - output.ip_security_restrictions[0].action == 'Deny' + - output.ip_security_restrictions[0].ip_address == '1.2.3.4/24' + - output.scm_ip_security_restrictions_use_main == false + +- name: "Update existing webapp access restriction 4" + azure_rm_webappaccessrestriction: + name: webapp{{ rpfx }} + resource_group: "{{ resource_group }}" + ip_security_restrictions: + - name: "Datacenter 1" + action: "Deny" + ip_address: "1.2.3.4/24" + priority: 1 + scm_ip_security_restrictions: + - name: "Datacenter 1" + action: "Deny" + ip_address: "1.2.3.4/24" + priority: 1 + - name: "Datacenter 2" + action: "Allow" + ip_address: "2.2.2.2/24" + priority: 2 + scm_ip_security_restrictions_use_main: false + register: output +- name: Assert the resource is updated + assert: + that: + - output.changed + - output.ip_security_restrictions | length == 1 + - output.ip_security_restrictions[0].action == 'Deny' + - output.ip_security_restrictions[0].ip_address == '1.2.3.4/24' + - output.scm_ip_security_restrictions | length == 2 + - output.scm_ip_security_restrictions[0].action == 'Deny' + - output.scm_ip_security_restrictions[0].ip_address == '1.2.3.4/24' + - output.scm_ip_security_restrictions[1].action == 'Allow' + - output.scm_ip_security_restrictions[1].ip_address == '2.2.2.2/24' + - output.scm_ip_security_restrictions_use_main == false + +- name: "Update existing webapp access restriction - idempotent" + azure_rm_webappaccessrestriction: + name: webapp{{ rpfx }} + resource_group: "{{ resource_group }}" + ip_security_restrictions: + - name: "Datacenter 1" + action: "Deny" + ip_address: "1.2.3.4/24" + priority: 1 + scm_ip_security_restrictions: + - name: "Datacenter 1" + action: "Deny" + ip_address: "1.2.3.4/24" + priority: 1 + - name: "Datacenter 2" + action: "Allow" + ip_address: "2.2.2.2/24" + priority: 2 + scm_ip_security_restrictions_use_main: false + register: output +- name: Assert the resource is not changed + assert: + that: not output.changed + +- name: "Delete webapp access restrictions" + azure_rm_webappaccessrestriction: + name: webapp{{ rpfx }} + resource_group: "{{ resource_group }}" + state: "absent" + register: output +- name: Assert the resource is deleted + assert: + that: + - output.changed + - output.ip_security_restrictions | length == 0 + - output.scm_ip_security_restrictions | length == 0 + - output.scm_ip_security_restrictions_use_main == false + +- name: "Check webapp access restriction facts 3" + azure_rm_webappaccessrestriction_info: + name: webapp{{ rpfx }} + resource_group: "{{ resource_group }}" + register: output +- name: Assert no restrictions + assert: + that: + - not output.changed + - output.ip_security_restrictions | length <= 1 + - output.scm_ip_security_restrictions | length <= 1 + - output.scm_ip_security_restrictions_use_main == false diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webappvnetconnection/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webappvnetconnection/aliases new file mode 100644 index 000000000..759eafa2d --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webappvnetconnection/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group3 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webappvnetconnection/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webappvnetconnection/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webappvnetconnection/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webappvnetconnection/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webappvnetconnection/tasks/main.yml new file mode 100644 index 000000000..66a1b55cf --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webappvnetconnection/tasks/main.yml @@ -0,0 +1,129 @@ +- name: Prepare random number + set_fact: + rpfx: "{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + run_once: true + +- name: Create a virtual network + azure_rm_virtualnetwork: + name: vnet{{ rpfx }} + resource_group: "{{ resource_group }}" + address_prefixes_cidr: + - 10.1.0.0/16 + - 172.100.0.0/16 + dns_servers: + - 127.0.0.1 + - 127.0.0.2 +- name: Create a subnet + azure_rm_subnet: + name: subnet{{ rpfx }} + virtual_network_name: vnet{{ rpfx }} + resource_group: "{{ resource_group }}" + address_prefix_cidr: 10.1.0.0/24 + delegations: + - name: 'mydeleg' + serviceName: 'Microsoft.Web/serverFarms' + register: subnet_output +- name: Create a web app + azure_rm_webapp: + resource_group: "{{ resource_group }}" + name: webapp{{ rpfx }} + plan: + resource_group: "{{ resource_group }}" + name: webappplan{{ rpfx }} + is_linux: false + sku: S1 + +- name: "Create webapp vnetconnection - check mode" + azure_rm_webappvnetconnection: + name: webapp{{ rpfx }} + resource_group: "{{ resource_group }}" + vnet_name: vnet{{ rpfx }} + subnet: subnet{{ rpfx }} + check_mode: true + register: output +- name: Assert the resource is well created + assert: + that: output.changed + +- name: "Check webapp vnetconnection facts 1" + azure_rm_webappvnetconnection_info: + name: webapp{{ rpfx }} + resource_group: "{{ resource_group }}" + register: output +- name: Assert the resource has no connections + assert: + that: + - not output.changed + - output.connection | length == 0 + +- name: "Create webapp vnetconnection" + azure_rm_webappvnetconnection: + name: webapp{{ rpfx }} + resource_group: "{{ resource_group }}" + vnet_name: vnet{{ rpfx }} + subnet: subnet{{ rpfx }} + register: output +- name: Assert the resource is well created + assert: + that: + - output.changed + - output.connection.vnet_name == 'vnet{{ rpfx }}' + - output.connection.subnet_name == 'subnet{{ rpfx }}' + - output.connection.vnet_resource_group == '{{ resource_group }}' + +- name: "Check webapp vnetconnection facts 2" + azure_rm_webappvnetconnection_info: + name: webapp{{ rpfx }} + resource_group: "{{ resource_group }}" + register: output +- name: Assert the connection exists + assert: + that: + - not output.changed + - output.connection.vnet_name == 'vnet{{ rpfx }}' + - output.connection.subnet_name == 'subnet{{ rpfx }}' + - output.connection.vnet_resource_group == '{{ resource_group }}' + +- name: "Create webapp vnetconnection - idempotent" + azure_rm_webappvnetconnection: + name: webapp{{ rpfx }} + resource_group: "{{ resource_group }}" + vnet_name: vnet{{ rpfx }} + subnet: subnet{{ rpfx }} + register: output +- name: Assert the resource is not changed + assert: + that: not output.changed + +- name: "Delete webapp vnetconnection" + azure_rm_webappvnetconnection: + name: webapp{{ rpfx }} + resource_group: "{{ resource_group }}" + state: "absent" + register: output +- name: Assert the connection is deleted + assert: + that: + - output.changed + - output.connection | length == 0 + +- name: "Check webapp vnetconnection facts 3" + azure_rm_webappvnetconnection_info: + name: webapp{{ rpfx }} + resource_group: "{{ resource_group }}" + register: output +- name: Assert the resource has no connections + assert: + that: + - not output.changed + - output.connection | length == 0 + +- name: "Delete webapp vnetconnection - idempotent" + azure_rm_webappvnetconnection: + name: webapp{{ rpfx }} + resource_group: "{{ resource_group }}" + state: "absent" + register: output +- name: Assert the resource is not changed + assert: + that: not output.changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_workspace/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_workspace/aliases new file mode 100644 index 000000000..15133fe63 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_workspace/aliases @@ -0,0 +1,5 @@ +cloud/azure +shippable/azure/group4 +destructive +azure_rm_workspace +azure_rm_workspace_facts diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_workspace/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_workspace/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_workspace/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_workspace/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_workspace/tasks/main.yml new file mode 100644 index 000000000..7f9a05f79 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_workspace/tasks/main.yml @@ -0,0 +1,128 @@ +- name: Prepare random number + set_fact: + name: "workspace{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + +- name: Create workspace (check mode) + azure_rm_loganalyticsworkspace: + name: "{{ name }}" + resource_group: "{{ resource_group }}" + retention_in_days: 40 + check_mode: yes + register: output + +- assert: + that: + - output.changed + +- name: Get workspace + azure_rm_loganalyticsworkspace_info: + name: "{{ name }}" + resource_group: "{{ resource_group }}" + register: facts + +- assert: + that: + - facts.workspaces | length == 0 + +- name: Create workspace + azure_rm_loganalyticsworkspace: + name: "{{ name }}" + resource_group: "{{ resource_group }}" + retention_in_days: 40 + register: output + +- assert: + that: + - output.retention_in_days == 40 + - output.changed + - output.intelligence_packs + +- name: Create workspace (idempontent) + azure_rm_loganalyticsworkspace: + name: "{{ name }}" + resource_group: "{{ resource_group }}" + retention_in_days: 40 + register: output + +- assert: + that: + - not output.changed + +- name: Get workspace + azure_rm_loganalyticsworkspace_info: + name: "{{ name }}" + resource_group: "{{ resource_group }}" + register: facts + +- assert: + that: + - facts.workspaces | length == 1 + - facts.workspaces[0].id == output.id + +- set_fact: + pack: "{{ pack | default({}) | combine({output.intelligence_packs[0].name: not output.intelligence_packs[0].enabled}) }}" + +- name: Update intelligence pack + azure_rm_loganalyticsworkspace: + name: "{{ name }}" + resource_group: "{{ resource_group }}" + intelligence_packs: "{{ pack }}" + register: intelligence + +- assert: + that: + - intelligence.intelligence_packs[0].enabled != output.intelligence_packs[0].enabled + +- name: Remove workspace (check mode) + azure_rm_loganalyticsworkspace: + name: "{{ name }}" + resource_group: "{{ resource_group }}" + state: absent + check_mode: yes + register: output + +- assert: + that: + - output.changed + +- name: Get workspace + azure_rm_loganalyticsworkspace_info: + name: "{{ name }}" + resource_group: "{{ resource_group }}" + register: facts + +- assert: + that: + - facts.workspaces | length == 1 + +- name: Remove workspace + azure_rm_loganalyticsworkspace: + name: "{{ name }}" + resource_group: "{{ resource_group }}" + state: absent + register: output + +- assert: + that: + - output.changed + +- name: Get workspace + azure_rm_loganalyticsworkspace_info: + name: "{{ name }}" + resource_group: "{{ resource_group }}" + register: facts + +- assert: + that: + - facts.workspaces | length == 0 + +- name: Remove workspace (idempontent) + azure_rm_loganalyticsworkspace: + name: "{{ name }}" + resource_group: "{{ resource_group }}" + state: absent + register: output + +- assert: + that: + - not output.changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/aliases new file mode 100644 index 000000000..e42dbab0e --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/aliases @@ -0,0 +1,2 @@ +cloud/azure +shippable/azure/group1 diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/create_inventory_config.yml b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/create_inventory_config.yml new file mode 100644 index 000000000..6ed4067af --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/create_inventory_config.yml @@ -0,0 +1,11 @@ +--- +- hosts: localhost + connection: local + gather_facts: no + vars: + template_name: "../templates/{{ template | default('basic.yml') }}" + tasks: + - name: write inventory config file + copy: + dest: ../test.azure_rm.yml + content: "{{ lookup('template', template_name) }}" diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/empty_inventory_config.yml b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/empty_inventory_config.yml new file mode 100644 index 000000000..06a427931 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/empty_inventory_config.yml @@ -0,0 +1,9 @@ +--- +- hosts: localhost + connection: local + gather_facts: no + tasks: + - name: write inventory config file + copy: + dest: ../test.azure_rm.yml + content: "" diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/setup.yml b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/setup.yml new file mode 100644 index 000000000..a8358089f --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/setup.yml @@ -0,0 +1,48 @@ +--- +- hosts: localhost + connection: local + gather_facts: no + + tasks: + - include_vars: vars.yml + - name: SETUP | Create storage account + azure_rm_storageaccount: + resource_group: "{{ resource_group }}" + name: "{{ storage_account }}" + account_type: Standard_LRS + + - name: SETUP | Create availability set + azure_rm_availabilityset: + name: "{{ availability_set }}" + resource_group: "{{ resource_group }}" + + - name: SETUP | Create virtual network + azure_rm_virtualnetwork: + resource_group: "{{ resource_group }}" + name: "{{ network_name }}" + address_prefixes: "{{ network }}" + + - name: SETUP | Create subnet + azure_rm_subnet: + resource_group: "{{ resource_group }}" + name: "{{ subnet_name }}" + address_prefix: "{{ subnet }}" + virtual_network: "{{ network_name }}" + + - name: Create minimal VM with defaults + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + admin_username: testuser + ssh_password_enabled: false + ssh_public_keys: + - path: /home/testuser/.ssh/authorized_keys + key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com" + vm_size: Standard_B1ms + virtual_network: "{{ network_name }}" + image: + offer: UbuntuServer + publisher: Canonical + sku: 16.04-LTS + version: latest + register: vm_output diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/teardown.yml b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/teardown.yml new file mode 100644 index 000000000..3a1adfdd4 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/teardown.yml @@ -0,0 +1,40 @@ +--- +- hosts: localhost + connection: local + gather_facts: no + + tasks: + - include_vars: vars.yml + + - name: Delete VM + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + remove_on_absent: all_autocreated + state: absent + + - name: Destroy subnet + azure_rm_subnet: + resource_group: "{{ resource_group }}" + virtual_network: "{{ network_name }}" + name: "{{ subnet_name }}" + state: absent + + - name: Destroy virtual network + azure_rm_virtualnetwork: + resource_group: "{{ resource_group }}" + name: "{{ network_name }}" + state: absent + + - name: Destroy availability set + azure_rm_availabilityset: + resource_group: "{{ resource_group }}" + name: "{{ availability_set }}" + state: absent + + - name: Destroy storage account + azure_rm_storageaccount: + resource_group: "{{ resource_group }}" + name: "{{ storage_account }}" + force_delete_nonempty: yes + state: absent
\ No newline at end of file diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/test_inventory.yml b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/test_inventory.yml new file mode 100644 index 000000000..fd39a273c --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/test_inventory.yml @@ -0,0 +1,16 @@ +--- +- hosts: localhost + connection: local + gather_facts: no + tasks: + - include_vars: vars.yml + + - name: Pause for 10 mimutes for updating + shell: sleep 600 + + - meta: refresh_inventory + + - name: Test Inventory + assert: + that: + - vm_name in hostvars diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/vars.yml b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/vars.yml new file mode 100644 index 000000000..dc6bbe080 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/vars.yml @@ -0,0 +1,14 @@ +--- +uid: "{{ (resource_group ~ inventory_hostname) | hash('md5') | truncate(18, True, '') }}" +uid_short: "{{ (resource_group ~ inventory_hostname) | hash('md5') | truncate(10, True, '') }}" + +storage_account: "{{ 'stor' ~ uid }}" +availability_set: "{{ 'avbs' ~ uid_short }}" +vm_name: "{{ 'vm' ~ uid_short }}" +network_name: "{{ 'vnet' ~ uid_short }}" +subnet_name: "{{ 'snet' ~ uid_short }}" +security_group: "{{ 'sg' ~ uid_short }}" +public_ip_name: "{{ 'ip' ~ uid_short }}" +interface_name: "{{ 'int' ~ uid_short }}" +network: 10.42.0.0/24 +subnet: 10.42.0.0/28 diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/runme.sh b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/runme.sh new file mode 100644 index 000000000..6f381c0a5 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/runme.sh @@ -0,0 +1,24 @@ +#!/usr/bin/env bash + +set -eux + +# make sure inventory is empty at the begining of the tests +ansible-playbook playbooks/empty_inventory_config.yml "$@" + +# create vm +ansible-playbook playbooks/setup.yml "$@" + +export ANSIBLE_INVENTORY=test.azure_rm.yml + +# using fully qualified name +ansible-playbook playbooks/create_inventory_config.yml "$@" +ansible-playbook playbooks/test_inventory.yml "$@" + +# using short name +ansible-playbook playbooks/empty_inventory_config.yml "$@" +ansible-playbook playbooks/create_inventory_config.yml "$@" --extra-vars "template=basic2.yml" +ansible-playbook playbooks/test_inventory.yml "$@" + + +# teardown +ansible-playbook playbooks/teardown.yml "$@" diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/templates/basic.yml b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/templates/basic.yml new file mode 100644 index 000000000..636049d63 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/templates/basic.yml @@ -0,0 +1,3 @@ +--- +plugin: azure.azcollection.azure_rm +plain_host_names: yes
\ No newline at end of file diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/templates/basic2.yml b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/templates/basic2.yml new file mode 100644 index 000000000..89ec2e131 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/templates/basic2.yml @@ -0,0 +1,3 @@ +--- +plugin: azure_rm +plain_host_names: yes
\ No newline at end of file diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/test.azure_rm.yml b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/test.azure_rm.yml new file mode 100644 index 000000000..e69de29bb --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/test.azure_rm.yml diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/setup_azure/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/setup_azure/aliases new file mode 100644 index 000000000..e69de29bb --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/setup_azure/aliases |