summaryrefslogtreecommitdiffstats
path: root/ansible_collections/azure/azcollection/tests/integration/targets
diff options
context:
space:
mode:
Diffstat (limited to 'ansible_collections/azure/azcollection/tests/integration/targets')
-rw-r--r--ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adapplication/tasks/main.yml12
-rw-r--r--ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aduser/tasks/main.yml84
-rw-r--r--ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aks/tasks/main.yml65
-rw-r--r--ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aks/tasks/minimal-cluster.yml142
-rw-r--r--ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aksagentpool/tasks/main.yml111
-rw-r--r--ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cognitivesearch/tasks/main.yml4
-rw-r--r--ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cosmosdbaccount/tasks/main.yml28
-rw-r--r--ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_datalakestore/tasks/main.yml199
-rw-r--r--ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_eventhub/tasks/main.yml4
-rw-r--r--ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_expressroute/tasks/main.yml18
-rw-r--r--ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_image/tasks/main.yml5
-rw-r--r--ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_loadbalancer/tasks/main.yml138
-rw-r--r--ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_localnetworkgateway/aliases3
-rw-r--r--ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_localnetworkgateway/meta/main.yml (renamed from ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_datalakestore/meta/main.yml)0
-rw-r--r--ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_localnetworkgateway/tasks/main.yml114
-rw-r--r--ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_mariadbserver/aliases1
-rw-r--r--ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_mysqlserver/aliases1
-rw-r--r--ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_networkinterface/tasks/main.yml46
-rw-r--r--ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_postgresqlflexibleserver/tasks/main.yml156
-rw-r--r--ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatelinkservice/tasks/main.yml1
-rw-r--r--ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_sqlmanageddatabase/aliases (renamed from ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_datalakestore/aliases)2
-rw-r--r--ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_sqlmanageddatabase/meta/main.yml2
-rw-r--r--ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_sqlmanageddatabase/tasks/main.yml264
-rw-r--r--ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageaccountmanagementpolicy/aliases3
-rw-r--r--ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageaccountmanagementpolicy/meta/main.yml2
-rw-r--r--ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageaccountmanagementpolicy/tasks/main.yml242
-rw-r--r--ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageblob/tasks/main.yml19
-rw-r--r--ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/inventory.yml4
-rw-r--r--ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_public_ip.yml9
-rw-r--r--ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_skus.yml136
-rw-r--r--ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachineextension/tasks/main.yml5
-rw-r--r--ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachinescaleset/tasks/main.yml12
-rw-r--r--ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetworkgatewaynatrule/aliases3
-rw-r--r--ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetworkgatewaynatrule/meta/main.yml2
-rw-r--r--ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetworkgatewaynatrule/tasks/main.yml131
-rw-r--r--ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webapp/tasks/main.yml68
-rw-r--r--ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webappaccessrestriction/tasks/main.yml44
-rw-r--r--ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/setup.yml21
-rw-r--r--ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/teardown.yml7
-rw-r--r--ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/test_inventory_filter.yml21
-rw-r--r--ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/vars.yml1
-rwxr-xr-xansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/runme.sh5
-rw-r--r--ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/templates/filter.yml14
43 files changed, 1752 insertions, 397 deletions
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adapplication/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adapplication/tasks/main.yml
index d19e0b8cd..86a06c675 100644
--- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adapplication/tasks/main.yml
+++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adapplication/tasks/main.yml
@@ -21,7 +21,7 @@
ansible.builtin.assert:
that: not output.changed
-- name: Create application with more parameter
+- name: Create application with more parameters
azure_rm_adapplication:
display_name: "{{ display_name }}-01"
sign_in_audience: AzureADandPersonalMicrosoftAccount
@@ -37,6 +37,16 @@
display_name: "{{ display_name }}_approle"
is_enabled: true
value: Password@0329
+ optional_claims:
+ access_token_claims:
+ - name: aud
+ essential: true
+ id_token_claims:
+ - name: acct
+ essential: true
+ saml2_token_claims:
+ - name: acct
+ essential: true
register: second_output
- name: Assert secondary resource create success
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aduser/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aduser/tasks/main.yml
index c02a263bb..24e686e52 100644
--- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aduser/tasks/main.yml
+++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aduser/tasks/main.yml
@@ -1,35 +1,50 @@
- name: Prepare facts
ansible.builtin.set_fact:
- user_id: "user{{ 999999999999999999994 | random | to_uuid }}@contoso.com"
- object_id: "{{ 999999999999999999994 | random | to_uuid }}"
- user_principal_name: "{{ 999999999999999999994 | random | to_uuid }}"
+ user_name: "test_user_{{ 999999999999999999994 | random | to_uuid }}"
+ on_premises_immutable_id: "{{ 999999999999999999994 | random | to_uuid }}"
+ password_profile: "{{ lookup('community.general.random_string', length=12, min_lower=1, min_upper=1, min_special=1, min_numeric=1) }}"
+ domain: change_me.com
run_once: true
- name: Create test user
azure_rm_aduser:
- user_principal_name: "{{ user_id }}"
+ user_principal_name: "{{ user_name }}@{{ domain }}"
state: "present"
account_enabled: true
- display_name: "Test_{{ user_principal_name }}_Display_Name"
- password_profile: "password"
- mail_nickname: "Test_{{ user_principal_name }}_mail_nickname"
- immutable_id: "{{ object_id }}"
+ display_name: "{{ user_name }}_display_name"
+ password_profile: "{{ password_profile }}"
+ mail_nickname: "{{ user_name }}_mail_nickname"
+ on_premises_immutable_id: "{{ on_premises_immutable_id }}"
given_name: "First"
surname: "Last"
user_type: "Member"
usage_location: "US"
- mail: "{{ user_principal_name }}@contoso.com"
+ mail: "{{ user_name }}@{{ domain }}"
+ company_name: "Test Company"
+ on_premises_extension_attributes:
+ extension_attribute1: "test_extension_attribute1"
+ extension_attribute2: "test_extension_attribute2"
+ extension_attribute11: "test_extension_attribute11"
register: create_user_should_pass
- name: Try to update existing user - idempotent check
azure_rm_aduser:
- user_principal_name: "{{ user_id }}"
+ user_principal_name: "{{ user_name }}@{{ domain }}"
state: "present"
- display_name: "Test_{{ user_principal_name }}_Display_Name"
- mail_nickname: "Test_{{ user_principal_name }}_mail_nickname"
+ account_enabled: true
+ display_name: "{{ user_name }}_display_name"
+ mail_nickname: "{{ user_name }}_mail_nickname"
+ on_premises_immutable_id: "{{ on_premises_immutable_id }}"
given_name: "First"
surname: "Last"
- mail: "{{ user_principal_name }}@contoso.com"
+ user_type: "Member"
+ usage_location: "US"
+ mail: "{{ user_name }}@{{ domain }}"
+ company_name: "Test Company"
+ on_premises_extension_attributes:
+ extension_attribute1: "test_extension_attribute1"
+ extension_attribute2: "test_extension_attribute2"
+ extension_attribute11: "test_extension_attribute11"
register: attempted_update_with_no_changes_should_pass
- name: Assert Nothing Changed
@@ -39,42 +54,49 @@
- name: User_principal_name Should Pass
azure_rm_aduser_info:
- user_principal_name: "{{ user_id }}"
- register: get_user_should_pass
+ user_principal_name: "{{ user_name }}@{{ domain }}"
+ register: get_user_by_upn_should_pass
+
+- name: Attribute_name mail Should Pass
+ azure_rm_aduser_info:
+ attribute_name: "mail"
+ attribute_value: "{{ user_name }}@{{ domain }}"
+ register: get_user_by_mail_should_pass
- name: Assert user was created and account is enabled
ansible.builtin.assert:
that:
- - "create_user_should_pass['ad_users'][0]['account_enabled'] == True"
- - "get_user_should_pass['ad_users'][0]['account_enabled'] == True"
+ - "create_user_should_pass['ad_user']['account_enabled'] == True"
+ - "get_user_by_upn_should_pass['ad_users'][0]['account_enabled'] == True"
+ - "get_user_by_mail_should_pass['ad_users'][0]['account_enabled'] == True"
- name: Update test user
azure_rm_aduser:
- user_principal_name: "{{ user_id }}"
+ user_principal_name: "{{ user_name }}@{{ domain }}"
state: "present"
account_enabled: false
register: update_user_should_pass
- name: User_principal_name on updated user Should Pass
azure_rm_aduser_info:
- user_principal_name: "{{ user_id }}"
+ user_principal_name: "{{ user_name }}@{{ domain }}"
register: get_updated_user_should_pass
- name: Assert user was updated and account is disabled
ansible.builtin.assert:
that:
- - "update_user_should_pass['ad_users'][0]['account_enabled'] == False"
+ - "update_user_should_pass['ad_user']['account_enabled'] == False"
- "get_updated_user_should_pass['ad_users'][0]['account_enabled'] == False"
- name: Delete test user
azure_rm_aduser:
- user_principal_name: "{{ user_id }}"
+ user_principal_name: "{{ user_name }}@{{ domain }}"
state: "absent"
register: delete_user_should_pass
- name: User_principal_name Should Fail
azure_rm_aduser_info:
- user_principal_name: "{{ user_id }}"
+ user_principal_name: "{{ user_name }}@{{ domain }}"
register: get_user_should_fail
ignore_errors: true
@@ -91,19 +113,19 @@
- name: Assert task failed
ansible.builtin.assert:
that:
- - "missing_any_identifiers is undefined"
+ - "missing_any_identifiers is defined"
- name: Too many identifiers Should Fail
azure_rm_aduser_info:
- user_principal_name: "{{ user_id }}"
- object_id: "{{ object_id }}"
+ user_principal_name: "{{ user_name }}@{{ domain }}"
+ object_id: "{{ on_premises_immutable_id }}"
register: too_many_identifiers
ignore_errors: true
- name: Assert task failed
ansible.builtin.assert:
that:
- - "too_many_identifiers is undefined"
+ - "too_many_identifiers is defined"
- name: Missing attribute_value Should Fail
azure_rm_aduser_info:
@@ -114,27 +136,27 @@
- name: Assert task failed
ansible.builtin.assert:
that:
- - "missing_attribute_value is undefined"
+ - "missing_attribute_value is defined"
- name: Missing attribute_name Should Fail
azure_rm_aduser_info:
- attribute_value: SMTP:user@contoso.com
+ attribute_value: SMTP:user@stadtluzern.ch
register: missing_attribute_name
ignore_errors: true
- name: Assert task failed
ansible.builtin.assert:
that:
- - "missing_attribute_name is undefined"
+ - "missing_attribute_name is defined"
- name: Using all with principal name should fail
azure_rm_aduser_info:
all: true
- user_principal_name: "{{ user_id }}"
+ user_principal_name: "{{ user_name }}@{{ domain }}"
register: using_all_with_principal_name
ignore_errors: true
- name: Assert task failed
ansible.builtin.assert:
that:
- - "using_all_with_principal_name is undefined"
+ - "using_all_with_principal_name is defined"
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aks/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aks/tasks/main.yml
index ff60ca681..d3377384c 100644
--- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aks/tasks/main.yml
+++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aks/tasks/main.yml
@@ -1,21 +1,46 @@
+- name: Gather Resource Group info
+ azure.azcollection.azure_rm_resourcegroup_info:
+ name: "{{ resource_group }}"
+ register: __rg_info
+
- name: Set varialbles
ansible.builtin.set_fact:
rpfx: "{{ resource_group | hash('md5') | truncate(8, True, '') }}"
noderpfx: "{{ resource_group | hash('md5') | truncate(4, True, '') }}"
+ location: "{{ __rg_info.resourcegroups.0.location }}"
+
+- name: Create User Managed Identity
+ azure_rm_resource:
+ resource_group: "{{ resource_group }}"
+ provider: ManagedIdentity
+ resource_type: userAssignedIdentities
+ resource_name: "{{ item }}"
+ api_version: "2023-01-31"
+ body:
+ location: "{{ location }}"
+ state: present
+ loop:
+ - "ansible-test-aks-identity"
+ - "ansible-test-aks-identity-2"
+
+- name: Set identities IDs to test. Identities ansible-test-aks-identity and ansible-test-aks-identity-2 have to be created previously
+ ansible.builtin.set_fact:
+ user_identity: "/subscriptions/{{ azure_subscription_id }}/resourcegroups/{{ resource_group }}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ansible-test-aks-identity"
+ user_identity_2: "/subscriptions/{{ azure_subscription_id }}/resourcegroups/{{ resource_group }}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ansible-test-aks-identity-2"
- name: Include aks tasks
ansible.builtin.include_tasks: minimal-cluster.yml
- name: Find available k8s version
azure_rm_aksversion_info:
- location: eastus
+ location: "{{ location }}"
register: versions
- name: Create an AKS instance (check mode)
azure_rm_aks:
name: "aks{{ rpfx }}"
resource_group: "{{ resource_group }}"
- location: eastus
+ location: "{{ location }}"
dns_prefix: "aks{{ rpfx }}"
kubernetes_version: "{{ versions.azure_aks_versions[0] }}"
service_principal:
@@ -56,7 +81,7 @@
azure_rm_aks:
name: "aks{{ rpfx }}"
resource_group: "{{ resource_group }}"
- location: eastus
+ location: "{{ location }}"
dns_prefix: "aks{{ rpfx }}"
kubernetes_version: "{{ versions.azure_aks_versions[0] }}"
service_principal:
@@ -107,7 +132,7 @@
azure_rm_aks:
name: "aks{{ rpfx }}"
resource_group: "{{ resource_group }}"
- location: eastus
+ location: "{{ location }}"
dns_prefix: "aks{{ rpfx }}"
kubernetes_version: "{{ versions.azure_aks_versions[0] }}"
service_principal:
@@ -167,7 +192,7 @@
azure_rm_aks:
name: "aks{{ rpfx }}"
resource_group: "{{ resource_group }}"
- location: eastus
+ location: "{{ location }}"
dns_prefix: "aks{{ rpfx }}"
kubernetes_version: "{{ versions.azure_aks_versions[0] }}"
service_principal:
@@ -198,7 +223,7 @@
- name: Get available version
azure_rm_aksversion_info:
- location: eastus
+ location: "{{ location }}"
version: "{{ versions.azure_aks_versions[0] }}"
register: version1
@@ -206,7 +231,7 @@
azure_rm_aks:
name: "aks{{ rpfx }}"
resource_group: "{{ resource_group }}"
- location: eastus
+ location: "{{ location }}"
dns_prefix: "aks{{ rpfx }}"
kubernetes_version: "{{ version1.azure_aks_versions[0] }}"
service_principal:
@@ -246,7 +271,7 @@
azure_rm_aks:
name: "aks{{ rpfx }}"
resource_group: "{{ resource_group }}"
- location: eastus
+ location: "{{ location }}"
dns_prefix: "aks{{ rpfx }}"
kubernetes_version: "{{ version1.azure_aks_versions[0] }}"
service_principal:
@@ -282,7 +307,7 @@
azure_rm_aks:
name: "aks{{ rpfx }}"
resource_group: "{{ resource_group }}"
- location: eastus
+ location: "{{ location }}"
dns_prefix: "aks{{ rpfx }}"
kubernetes_version: "{{ version1.azure_aks_versions[0] }}"
service_principal:
@@ -323,7 +348,7 @@
azure_rm_aks:
name: "aks{{ rpfx }}"
resource_group: "{{ resource_group }}"
- location: eastus
+ location: "{{ location }}"
dns_prefix: "aks{{ rpfx }}"
kubernetes_version: "{{ version1.azure_aks_versions[0] }}"
service_principal:
@@ -360,7 +385,7 @@
azure_rm_aks:
name: "aks{{ rpfx }}"
resource_group: "{{ resource_group }}"
- location: eastus
+ location: "{{ location }}"
dns_prefix: "aks{{ rpfx }}"
kubernetes_version: "{{ version1.azure_aks_versions[0] }}"
service_principal:
@@ -408,7 +433,7 @@
azure_rm_aks:
name: "aks{{ rpfx }}"
resource_group: "{{ resource_group }}"
- location: eastus
+ location: "{{ location }}"
dns_prefix: "aks{{ rpfx }}"
kubernetes_version: "{{ version1.azure_aks_versions[0] }}"
service_principal:
@@ -449,7 +474,7 @@
azure_rm_aks:
name: "aks{{ rpfx }}"
resource_group: "{{ resource_group }}"
- location: eastus
+ location: "{{ location }}"
dns_prefix: "aks{{ rpfx }}"
kubernetes_version: "{{ version1.azure_aks_versions[0] }}"
service_principal:
@@ -497,7 +522,7 @@
azure_rm_aks:
name: "aks{{ rpfx }}"
resource_group: "{{ resource_group }}"
- location: eastus
+ location: "{{ location }}"
dns_prefix: "aks{{ rpfx }}"
kubernetes_version: "{{ version1.azure_aks_versions[0] }}"
service_principal:
@@ -576,3 +601,15 @@
ansible.builtin.assert:
that:
- "fact.aks | length == 0"
+
+- name: Destroy User Managed Identity
+ azure_rm_resource:
+ resource_group: "{{ resource_group }}"
+ provider: ManagedIdentity
+ resource_type: userAssignedIdentities
+ resource_name: "{{ item }}"
+ api_version: "2023-01-31"
+ state: absent
+ loop:
+ - "ansible-test-aks-identity"
+ - "ansible-test-aks-identity-2"
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aks/tasks/minimal-cluster.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aks/tasks/minimal-cluster.yml
index 79362b384..3c12fe9b3 100644
--- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aks/tasks/minimal-cluster.yml
+++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aks/tasks/minimal-cluster.yml
@@ -4,13 +4,13 @@
- name: Find available k8s version
azure_rm_aksversion_info:
- location: eastus
+ location: "{{ location }}"
register: versions
- name: Use minimal parameters and system-assigned identity
azure_rm_aks:
name: "minimal{{ rpfx }}"
- location: eastus
+ location: "{{ location }}"
resource_group: "{{ resource_group }}"
kubernetes_version: "{{ versions.azure_aks_versions[0] }}"
dns_prefix: "aks{{ rpfx }}"
@@ -55,11 +55,13 @@
- name: Use minimal parameters and system-assigned identity (idempotent)
azure_rm_aks:
name: "minimal{{ rpfx }}"
- location: eastus
+ location: "{{ location }}"
resource_group: "{{ resource_group }}"
kubernetes_version: "{{ versions.azure_aks_versions[0] }}"
dns_prefix: "aks{{ rpfx }}"
enable_rbac: true
+ identity:
+ type: "SystemAssigned"
aad_profile:
managed: true
agent_pool_profiles:
@@ -83,10 +85,142 @@
that:
- not output.changed
+- name: Use minimal parameters and user-assigned identity
+ azure_rm_aks:
+ name: "minimal{{ rpfx }}"
+ location: "{{ location }}"
+ resource_group: "{{ resource_group }}"
+ kubernetes_version: "{{ versions.azure_aks_versions[0] }}"
+ dns_prefix: "aks{{ rpfx }}"
+ enable_rbac: true
+ identity:
+ type: "UserAssigned"
+ user_assigned_identities: "{{ user_identity }}"
+ aad_profile:
+ managed: true
+ agent_pool_profiles:
+ - name: default
+ count: 1
+ vm_size: Standard_B2s
+ mode: System
+ api_server_access_profile:
+ authorized_ip_ranges:
+ - "192.0.2.0"
+ - "198.51.100.0"
+ - "203.0.113.0"
+ enable_private_cluster: false
+ network_profile:
+ load_balancer_sku: standard
+ outbound_type: loadBalancer
+ register: output
+
+- name: Assert the AKS instance is well created
+ ansible.builtin.assert:
+ that:
+ - output.changed
+ - output.provisioning_state == 'Succeeded'
+
+- name: Get AKS fact
+ azure_rm_aks_info:
+ name: "minimal{{ rpfx }}"
+ resource_group: "{{ resource_group }}"
+ register: fact
+
+- name: Assert fact returns the created one
+ ansible.builtin.assert:
+ that:
+ - "fact.aks | length == 1"
+ - fact.aks[0].id == output.id
+ - fact.aks[0].aad_profile.managed == true
+ - user_identity in fact.aks[0].identity.user_assigned_identities
+
+- name: Use minimal parameters and user-assigned identity (idempotent)
+ azure_rm_aks:
+ name: "minimal{{ rpfx }}"
+ location: "{{ location }}"
+ resource_group: "{{ resource_group }}"
+ kubernetes_version: "{{ versions.azure_aks_versions[0] }}"
+ dns_prefix: "aks{{ rpfx }}"
+ enable_rbac: true
+ identity:
+ type: "UserAssigned"
+ user_assigned_identities: "{{ user_identity }}"
+ aad_profile:
+ managed: true
+ agent_pool_profiles:
+ - name: default
+ count: 1
+ vm_size: Standard_B2s
+ mode: System
+ api_server_access_profile:
+ authorized_ip_ranges:
+ - "192.0.2.0"
+ - "198.51.100.0"
+ - "203.0.113.0"
+ enable_private_cluster: false
+ network_profile:
+ load_balancer_sku: standard
+ outbound_type: loadBalancer
+ register: output
+
+- name: Assert idempotent
+ ansible.builtin.assert:
+ that:
+ - not output.changed
+
+- name: Use minimal parameters and user-assigned 2 identity
+ azure_rm_aks:
+ name: "minimal{{ rpfx }}"
+ location: "{{ location }}"
+ resource_group: "{{ resource_group }}"
+ kubernetes_version: "{{ versions.azure_aks_versions[0] }}"
+ dns_prefix: "aks{{ rpfx }}"
+ enable_rbac: true
+ identity:
+ type: "UserAssigned"
+ user_assigned_identities: "{{ user_identity_2 }}"
+ aad_profile:
+ managed: true
+ agent_pool_profiles:
+ - name: default
+ count: 1
+ vm_size: Standard_B2s
+ mode: System
+ api_server_access_profile:
+ authorized_ip_ranges:
+ - "192.0.2.0"
+ - "198.51.100.0"
+ - "203.0.113.0"
+ enable_private_cluster: false
+ network_profile:
+ load_balancer_sku: standard
+ outbound_type: loadBalancer
+ register: output
+
+- name: Assert the AKS instance is well created
+ ansible.builtin.assert:
+ that:
+ - output.changed
+ - output.provisioning_state == 'Succeeded'
+
+- name: Get AKS fact
+ azure_rm_aks_info:
+ name: "minimal{{ rpfx }}"
+ resource_group: "{{ resource_group }}"
+ register: fact
+
+- name: Assert fact returns the created one
+ ansible.builtin.assert:
+ that:
+ - "fact.aks | length == 1"
+ - fact.aks[0].id == output.id
+ - fact.aks[0].aad_profile.managed == true
+ - user_identity_2 in fact.aks[0].identity.user_assigned_identities
+
- name: Update api_server_access_profile config
azure_rm_aks:
name: "minimal{{ rpfx }}"
- location: eastus
+ location: "{{ location }}"
resource_group: "{{ resource_group }}"
kubernetes_version: "{{ versions.azure_aks_versions[0] }}"
dns_prefix: "aks{{ rpfx }}"
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aksagentpool/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aksagentpool/tasks/main.yml
index 7c255f9ad..20a5a8e76 100644
--- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aksagentpool/tasks/main.yml
+++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aksagentpool/tasks/main.yml
@@ -7,6 +7,25 @@
location: eastus
register: versions
+- name: Create proximity placement group
+ azure_rm_proximityplacementgroup:
+ resource_group: "{{ resource_group }}"
+ name: "proxi{{ rpfx }}"
+ register: proxi_output
+
+- name: Create public ip prefix
+ azure_rm_publicipprefix:
+ resource_group: "{{ resource_group }}"
+ name: "pipprefix{{ rpfx }}"
+ zones:
+ - 1
+ public_ip_address_version: IPV4
+ prefix_length: 29
+ sku:
+ name: Standard
+ tier: Regional
+ register: pip_output
+
- name: Create a kubernet service with minimal parameters
azure_rm_aks:
name: "min{{ rpfx }}"
@@ -24,6 +43,7 @@
mode: System
api_server_access_profile:
authorized_ip_ranges:
+ - "{{ pip_output.state.ip_prefix }}"
- "192.0.2.0"
- "198.51.100.0"
- "203.0.113.0"
@@ -194,6 +214,97 @@
- output.aks_agent_pools[0].max_pods == 42
- output.aks_agent_pools[0].orchestrator_version == agentpool_version.azure_orchestrator_version[0]
+- name: Create a new agent pool with multi parameters
+ azure_rm_aksagentpool:
+ resource_group: "{{ resource_group }}"
+ cluster_name: "min{{ rpfx }}"
+ name: default06
+ count: 1
+ vm_size: Standard_B2s
+ type_properties_type: VirtualMachineScaleSets
+ mode: System
+ node_labels: {"release":"stable"}
+ max_pods: 42
+ enable_auto_scaling: true
+ min_count: 1
+ max_count: 10
+ orchestrator_version: "{{ agentpool_version.azure_orchestrator_version[0] }}"
+ availability_zones:
+ - 1
+ kubelet_disk_type: OS
+ workload_runtime: OCIContainer
+ os_sku: Ubuntu
+ scale_down_mode: Delete
+ upgrade_settings:
+ max_surge: 50%
+ power_state:
+ code: Running
+ enable_node_public_ip: true
+ scale_set_priority: Regular
+ node_public_ip_prefix_id: "{{ pip_output.state.id }}"
+ spot_max_price: 85
+ proximity_placement_group_id: "{{ proxi_output.state.id }}"
+ enable_encryption_at_host: false
+ enable_ultra_ssd: false
+ enable_fips: true
+ tags:
+ key2: value2
+ register: output
+
+- name: Assert the node agent pool create well
+ ansible.builtin.assert:
+ that:
+ - output.changed
+
+- name: Create a new agent pool with multi parameters( Idempotent test)
+ azure_rm_aksagentpool:
+ resource_group: "{{ resource_group }}"
+ cluster_name: "min{{ rpfx }}"
+ name: default06
+ count: 1
+ vm_size: Standard_B2s
+ type_properties_type: VirtualMachineScaleSets
+ mode: System
+ node_labels: {"release":"stable"}
+ max_pods: 42
+ enable_auto_scaling: true
+ min_count: 1
+ max_count: 10
+ orchestrator_version: "{{ agentpool_version.azure_orchestrator_version[0] }}"
+ availability_zones:
+ - 1
+ kubelet_disk_type: OS
+ workload_runtime: OCIContainer
+ os_sku: Ubuntu
+ scale_down_mode: Delete
+ upgrade_settings:
+ max_surge: 50%
+ power_state:
+ code: Running
+ enable_node_public_ip: true
+ scale_set_priority: Regular
+ node_public_ip_prefix_id: "{{ pip_output.state.id }}"
+ spot_max_price: 85
+ proximity_placement_group_id: "{{ proxi_output.state.id }}"
+ enable_encryption_at_host: false
+ enable_ultra_ssd: false
+ enable_fips: true
+ tags:
+ key2: value2
+ register: output
+
+- name: Assert the node agent pool no change
+ ansible.builtin.assert:
+ that:
+ - not output.changed
+
+- name: Delete node agent pool
+ azure_rm_aksagentpool:
+ resource_group: "{{ resource_group }}"
+ cluster_name: "min{{ rpfx }}"
+ name: default06
+ state: absent
+
- name: Delete node agent pool
azure_rm_aksagentpool:
resource_group: "{{ resource_group }}"
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cognitivesearch/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cognitivesearch/tasks/main.yml
index bcc19ced0..0b8c3edfa 100644
--- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cognitivesearch/tasks/main.yml
+++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cognitivesearch/tasks/main.yml
@@ -139,7 +139,7 @@
hosting_mode: default
identity: SystemAssigned
network_rule_set:
- - 8.8.8.8/31
+ - 8.8.8.8
- 1.1.1.1
partition_count: 2
public_network_access: disabled
@@ -171,7 +171,7 @@
hosting_mode: default
identity: SystemAssigned
network_rule_set:
- - 8.8.8.8/31
+ - 8.8.8.8
- 1.1.1.1
partition_count: 2
public_network_access: disabled
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cosmosdbaccount/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cosmosdbaccount/tasks/main.yml
index 5e1f3f4d8..64aaef57c 100644
--- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cosmosdbaccount/tasks/main.yml
+++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cosmosdbaccount/tasks/main.yml
@@ -29,9 +29,9 @@
azure_rm_cosmosdbaccount:
resource_group: "{{ resource_group }}"
name: "{{ dbname }}"
- location: eastasia
+ location: eastus
geo_rep_locations:
- - name: eastasia
+ - name: eastus
failover_priority: 0
database_account_offer_type: Standard
check_mode: true
@@ -45,10 +45,10 @@
azure_rm_cosmosdbaccount:
resource_group: "{{ resource_group }}"
name: "{{ dbname }}"
- location: eastasia
+ location: eastus
kind: global_document_db
geo_rep_locations:
- - name: eastasia
+ - name: eastus
failover_priority: 0
- name: westus
failover_priority: 1
@@ -70,10 +70,10 @@
azure_rm_cosmosdbaccount:
resource_group: "{{ resource_group }}"
name: "{{ dbname }}"
- location: eastasia
+ location: eastus
kind: global_document_db
geo_rep_locations:
- - name: eastasia
+ - name: eastus
failover_priority: 0
- name: westus
failover_priority: 1
@@ -95,10 +95,10 @@
azure_rm_cosmosdbaccount:
resource_group: "{{ resource_group }}"
name: "{{ dbname }}"
- location: eastasia
+ location: eastus
kind: global_document_db
geo_rep_locations:
- - name: eastasia
+ - name: eastus
failover_priority: 0
- name: westus
failover_priority: 1
@@ -121,10 +121,10 @@
azure_rm_cosmosdbaccount:
resource_group: "{{ resource_group_secondary }}"
name: "{{ db2name }}"
- location: eastasia
+ location: eastus
kind: global_document_db
geo_rep_locations:
- - name: eastasia
+ - name: eastus
failover_priority: 0
- name: westus
failover_priority: 1
@@ -155,7 +155,7 @@
- output.accounts[0]['id'] != None
- output.accounts[0]['resource_group'] == resource_group
- output.accounts[0]['name'] == dbname
- - output.accounts[0]['location'] == 'eastasia'
+ - output.accounts[0]['location'] == 'eastus'
- output.accounts[0]['kind'] != None
- output.accounts[0]['consistency_policy'] != None
- output.accounts[0]['failover_policies'] != None
@@ -221,7 +221,7 @@
- output.accounts[0]['id'] != None
- output.accounts[0]['resource_group'] == resource_group
- output.accounts[0]['name'] == dbname
- - output.accounts[0]['location'] == 'eastasia'
+ - output.accounts[0]['location'] == 'eastus'
- output.accounts[0]['kind'] != None
- output.accounts[0]['consistency_policy'] != None
- output.accounts[0]['failover_policies'] != None
@@ -258,7 +258,7 @@
azure_rm_cosmosdbaccount:
resource_group: "{{ resource_group }}"
name: "{{ dbname }}-free4"
- location: eastasia
+ location: eastus
kind: mongo_db
mongo_version: "4.0"
enable_free_tier: "{{ free_tier_supported }}"
@@ -267,7 +267,7 @@
- "1.1.1.1"
- "2.2.2.2/28"
geo_rep_locations:
- - name: eastasia
+ - name: eastus
failover_priority: 0
- name: westus
failover_priority: 1
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_datalakestore/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_datalakestore/tasks/main.yml
deleted file mode 100644
index 8dc08f8b7..000000000
--- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_datalakestore/tasks/main.yml
+++ /dev/null
@@ -1,199 +0,0 @@
-- name: Create data lake store name
- ansible.builtin.set_fact:
- adl_name: "adl{{ resource_group_datalake | hash('md5') | truncate(21, True, '') }}"
- vnet_name: "vnet{{ resource_group_datalake | hash('md5') | truncate(20, True, '') }}"
-
-- name: Create virtual network
- azure_rm_virtualnetwork:
- name: "{{ vnet_name }}"
- resource_group: "{{ resource_group_datalake }}"
- address_prefixes_cidr:
- - 10.1.0.0/16
- register: vnet_output
-
-- name: Create subnet
- azure_rm_subnet:
- name: foobar
- virtual_network_name: "{{ vnet_name }}"
- resource_group: "{{ resource_group_datalake }}"
- address_prefix_cidr: "10.1.1.0/24"
- service_endpoints:
- - service: Microsoft.AzureActiveDirectory
- register: subnet_output
-
-- name: Create minimal data lake store
- azure_rm_datalakestore:
- resource_group: "{{ resource_group_datalake }}"
- name: "{{ adl_name }}"
- register: output
-
-- name: Assert status succeeded and results
- ansible.builtin.assert:
- that:
- - output.changed
- - output.state.id is defined
- - output.state.account_id is defined
- - output.state.creation_time is defined
- - output.state.current_tier == "Consumption"
- - output.state.encryption_state == "Enabled"
- - output.state.endpoint == "{{ adl_name }}.azuredatalakestore.net"
- - output.state.firewall_allow_azure_ips == "Disabled"
- - output.state.firewall_rules | length == 0
- - output.state.firewall_state == "Disabled"
- - output.state.last_modified_time is defined
- - output.state.new_tier == "Consumption"
- - output.state.provisioning_state == "Succeeded"
- - output.state.trusted_id_provider_state == "Disabled"
-
-- name: Create minimal data lake store (Idempotence)
- azure_rm_datalakestore:
- resource_group: "{{ resource_group_datalake }}"
- name: "{{ adl_name }}"
- register: output
-
-- name: Assert that status has not changed
- ansible.builtin.assert:
- that:
- - not output.changed
-
-- name: Update data lake store to add virtual_network_rules
- azure_rm_datalakestore:
- resource_group: "{{ resource_group_datalake }}"
- name: "{{ adl_name }}"
- virtual_network_rules:
- - name: vnet_rule_1
- subnet_id: "{{ subnet_output.state.id }}"
- register: output
-
-- name: Assert status succeeded and results include virtual_network_rules
- ansible.builtin.assert:
- that:
- - output.changed
- - output.state.virtual_network_rules | length == 1
- - output.state.virtual_network_rules[0].name == "vnet_rule_1"
- - output.state.virtual_network_rules[0].subnet_id == subnet_output.state.id
-
-- name: Update data lake store to change encryption state that must fail
- azure_rm_datalakestore:
- resource_group: "{{ resource_group_datalake }}"
- name: "{{ adl_name }}"
- encryption_state: Disabled
- register: output
- ignore_errors: true
-
-- name: Assert that encryption state cannot change
- ansible.builtin.assert:
- that:
- - not output.changed
- - output.msg == 'Encryption type cannot be updated.'
-
-- name: Update data lake store to add new_tier
- azure_rm_datalakestore:
- resource_group: "{{ resource_group_datalake }}"
- name: "{{ adl_name }}"
- new_tier: Commitment_1TB
- register: output
-
-- name: Assert status succeeded and results include virtual_network_rules
- ansible.builtin.assert:
- that:
- - output.changed
- - output.state.current_tier == "Consumption"
- - output.state.new_tier == "Commitment_1TB"
-
-- name: Delete minimal data lake store
- azure_rm_datalakestore:
- resource_group: "{{ resource_group_datalake }}"
- name: "{{ adl_name }}"
- state: absent
- register: output
-
-- name: Create new data lake store
- azure_rm_datalakestore:
- resource_group: "{{ resource_group_datalake }}"
- name: "{{ adl_name }}"
- tags:
- P1: V1
- P2: V4
- P3: V3
- new_tier: Commitment_1TB
- default_group: default_group_test
- encryption_state: Enabled
- firewall_state: Enabled
- firewall_allow_azure_ips: Enabled
- firewall_rules:
- - name: test_rule_1
- start_ip_address: 192.168.1.1
- end_ip_address: 192.168.1.254
- - name: test_rule_2
- start_ip_address: 10.0.0.1
- end_ip_address: 10.1.0.1
- virtual_network_rules:
- - name: vnet_rule_1
- subnet_id: "{{ subnet_output.state.id }}"
- register: output
-
-- name: Assert status succeeded and results include an Id value
- ansible.builtin.assert:
- that:
- - output.changed
- - output.state.id is defined
- - output.state.account_id is defined
- - output.state.creation_time is defined
- - output.state.current_tier == "Commitment_1TB"
- - output.state.default_group == "default_group_test"
- - output.state.encryption_state == "Enabled"
- - output.state.endpoint == "{{ adl_name }}.azuredatalakestore.net"
- - output.state.firewall_allow_azure_ips == "Enabled"
- - output.state.firewall_rules | length == 2
- - output.state.firewall_state == "Enabled"
- - output.state.last_modified_time is defined
- - output.state.new_tier == "Commitment_1TB"
- - output.state.provisioning_state == "Succeeded"
- - output.state.tags | length == 3
- - output.state.trusted_id_provider_state == "Disabled"
- - output.state.virtual_network_rules | length == 1
- - output.state.virtual_network_rules[0].name == "vnet_rule_1"
- - output.state.virtual_network_rules[0].subnet_id == subnet_output.state.id
-
-- name: Create new data lake store (Idempotence)
- azure_rm_datalakestore:
- resource_group: "{{ resource_group_datalake }}"
- name: "{{ adl_name }}"
- tags:
- P1: V1
- P2: V4
- P3: V3
- new_tier: Commitment_1TB
- default_group: default_group_test
- encryption_state: Enabled
- firewall_state: Enabled
- firewall_allow_azure_ips: Enabled
- firewall_rules:
- - name: test_rule_1
- start_ip_address: 192.168.1.1
- end_ip_address: 192.168.1.254
- - name: test_rule_2
- start_ip_address: 10.0.0.1
- end_ip_address: 10.1.0.1
- virtual_network_rules:
- - name: vnet_rule_1
- subnet_id: "{{ subnet_output.state.id }}"
- register: output
-
-- name: Assert that status has not changed
- ansible.builtin.assert:
- that:
- - not output.changed
-
-- name: Delete virtual network
- azure_rm_virtualnetwork:
- name: "{{ vnet_name }}"
- resource_group: "{{ resource_group_datalake }}"
- state: absent
-
-- name: Delete Data Lake Store
- azure_rm_datalakestore:
- resource_group: "{{ resource_group_datalake }}"
- name: "{{ adl_name }}"
- state: absent
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_eventhub/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_eventhub/tasks/main.yml
index 62e60e95b..579d326d8 100644
--- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_eventhub/tasks/main.yml
+++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_eventhub/tasks/main.yml
@@ -76,10 +76,10 @@
namespace_name: "{{ namespace_name }}"
name: "{{ name_rpfx }}"
resource_group: "{{ resource_group }}"
- message_retention_in_days: 4
+ message_retention_in_days: 1
state: present
tags:
- test: modified
+ test1: modified1
register: results
- name: Assert the event hub updated
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_expressroute/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_expressroute/tasks/main.yml
index 3d70ddd82..58bda9cce 100644
--- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_expressroute/tasks/main.yml
+++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_expressroute/tasks/main.yml
@@ -14,9 +14,9 @@
authorizations:
- name: authorization_test
service_provider_properties:
- service_provider_name: Aryaka Networks
- peering_location: Seattle
- bandwidth_in_mbps: '200'
+ service_provider_name: Telstra Test
+ peering_location: Denver Test
+ bandwidth_in_mbps: 1000
sku:
tier: premium
family: metereddata
@@ -40,9 +40,9 @@
authorizations:
- name: authorization_test
service_provider_properties:
- service_provider_name: Aryaka Networks
- peering_location: Seattle
- bandwidth_in_mbps: '200'
+ service_provider_name: Telstra Test
+ peering_location: Denver Test
+ bandwidth_in_mbps: 1000
sku:
tier: premium
family: metereddata
@@ -65,9 +65,9 @@
authorizations:
- name: authorization_test
service_provider_properties:
- service_provider_name: Aryaka Networks
- peering_location: Seattle
- bandwidth_in_mbps: '200'
+ service_provider_name: Telstra Test
+ peering_location: Denver Test
+ bandwidth_in_mbps: 1000
sku:
tier: premium
family: metereddata
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_image/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_image/tasks/main.yml
index 2fc543091..3e9e32f47 100644
--- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_image/tasks/main.yml
+++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_image/tasks/main.yml
@@ -33,9 +33,12 @@
azure_rm_networkinterface:
resource_group: "{{ resource_group }}"
name: "{{ vm_name }}"
+ ip_configurations:
+ - name: default
+ public_ip_address_name: "{{ public_ip_name }}"
+ primary: true
virtual_network: "{{ vm_name }}"
subnet: "{{ vm_name }}"
- public_ip_name: "{{ public_ip_name }}"
security_group: "{{ security_group_name }}"
- name: Create virtual machine
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_loadbalancer/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_loadbalancer/tasks/main.yml
index 913e618d0..692590994 100644
--- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_loadbalancer/tasks/main.yml
+++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_loadbalancer/tasks/main.yml
@@ -32,7 +32,9 @@
azure_rm_loadbalancer:
resource_group: '{{ resource_group }}'
name: "{{ lbname_a }}"
- public_ip: "{{ pipaname }}"
+ frontend_ip_configurations:
+ - name: frontendip0
+ public_ip_address: "{{ pipaname }}"
check_mode: true
register: output
@@ -44,7 +46,9 @@
azure_rm_loadbalancer:
resource_group: '{{ resource_group }}'
name: "{{ lbname_a }}"
- public_ip: "{{ pipaname }}"
+ frontend_ip_configurations:
+ - name: frontendip0
+ public_ip_address: "{{ pipaname }}"
register: output
- name: Assert load balancer created
@@ -55,7 +59,9 @@
azure_rm_loadbalancer:
resource_group: '{{ resource_group }}'
name: "{{ lbname_a }}"
- public_ip: "{{ pipaname }}"
+ frontend_ip_configurations:
+ - name: frontendip0
+ public_ip_address: "{{ pipaname }}"
register: output
- name: Assert no change
@@ -90,20 +96,34 @@
resource_group: '{{ resource_group }}'
name: "{{ lbname_b }}"
sku: Standard
- public_ip_address: "{{ pipbname }}"
- probe_protocol: Tcp
- probe_port: 80
- probe_interval: 10
- probe_fail_count: 3
- protocol: Tcp
- load_distribution: Default
- frontend_port: 80
- backend_port: 8080
- idle_timeout: 4
- natpool_frontend_port_start: 30
- natpool_frontend_port_end: 40
- natpool_backend_port: 80
- natpool_protocol: Tcp
+ frontend_ip_configurations:
+ - name: frontendip0
+ public_ip_address: "{{ pipbname }}"
+ backend_address_pools:
+ - name: backendaddrp0
+ probes:
+ - name: prob0
+ port: 80
+ protocol: Tcp
+ interval: 10
+ fail_count: 3
+ inbound_nat_pools:
+ - name: inboundnatp0
+ frontend_ip_configuration_name: frontendip0
+ protocol: Tcp
+ frontend_port_range_start: 30
+ frontend_port_range_end: 40
+ backend_port: 80
+ load_balancing_rules:
+ - name: lbr
+ frontend_ip_configuration: frontendip0
+ backend_address_pool: backendaddrp0
+ probe: prob0
+ frontend_port: 80
+ backend_port: 8080
+ idle_timeout: 4
+ load_distribution: Default
+ protocol: Tcp
register: output
- name: Assert complex load balancer created
@@ -117,20 +137,34 @@
resource_group: '{{ resource_group }}'
name: "{{ lbname_b }}"
sku: Standard
- public_ip_address: "{{ pipbname }}"
- probe_protocol: Tcp
- probe_port: 80
- probe_interval: 10
- probe_fail_count: 3
- protocol: Tcp
- load_distribution: Default
- frontend_port: 80
- backend_port: 8080
- idle_timeout: 4
- natpool_frontend_port_start: 30
- natpool_frontend_port_end: 40
- natpool_backend_port: 80
- natpool_protocol: Tcp
+ frontend_ip_configurations:
+ - name: frontendip0
+ public_ip_address: "{{ pipbname }}"
+ backend_address_pools:
+ - name: backendaddrp0
+ probes:
+ - name: prob0
+ port: 80
+ protocol: Tcp
+ interval: 10
+ fail_count: 3
+ inbound_nat_pools:
+ - name: inboundnatp0
+ frontend_ip_configuration_name: frontendip0
+ protocol: Tcp
+ frontend_port_range_start: 30
+ frontend_port_range_end: 40
+ backend_port: 80
+ load_balancing_rules:
+ - name: lbr
+ frontend_ip_configuration: frontendip0
+ backend_address_pool: backendaddrp0
+ probe: prob0
+ frontend_port: 80
+ backend_port: 8080
+ idle_timeout: 4
+ load_distribution: Default
+ protocol: Tcp
register: output
- name: Assert that output has not changed
@@ -143,20 +177,34 @@
resource_group: '{{ resource_group }}'
name: "{{ lbname_b }}"
sku: Standard
- public_ip_address: "{{ pipbname }}"
- probe_protocol: Tcp
- probe_port: 80
- probe_interval: 10
- probe_fail_count: 3
- protocol: Tcp
- load_distribution: Default
- frontend_port: 81
- backend_port: 8080
- idle_timeout: 4
- natpool_frontend_port_start: 30
- natpool_frontend_port_end: 40
- natpool_backend_port: 80
- natpool_protocol: Tcp
+ frontend_ip_configurations:
+ - name: frontendip0
+ public_ip_address: "{{ pipbname }}"
+ backend_address_pools:
+ - name: backendaddrp0
+ probes:
+ - name: prob0
+ port: 80
+ protocol: Tcp
+ interval: 10
+ fail_count: 3
+ inbound_nat_pools:
+ - name: inboundnatp0
+ frontend_ip_configuration_name: frontendip0
+ protocol: Tcp
+ frontend_port_range_start: 30
+ frontend_port_range_end: 40
+ backend_port: 80
+ load_balancing_rules:
+ - name: lbr
+ frontend_ip_configuration: frontendip0
+ backend_address_pool: backendaddrp0
+ probe: prob0
+ frontend_port: 81
+ backend_port: 8080
+ idle_timeout: 4
+ load_distribution: Default
+ protocol: Tcp
register: output
- name: Assert that output has changed
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_localnetworkgateway/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_localnetworkgateway/aliases
new file mode 100644
index 000000000..aa77c071a
--- /dev/null
+++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_localnetworkgateway/aliases
@@ -0,0 +1,3 @@
+cloud/azure
+shippable/azure/group2
+destructive
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_datalakestore/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_localnetworkgateway/meta/main.yml
index 95e1952f9..95e1952f9 100644
--- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_datalakestore/meta/main.yml
+++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_localnetworkgateway/meta/main.yml
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_localnetworkgateway/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_localnetworkgateway/tasks/main.yml
new file mode 100644
index 000000000..d7447111c
--- /dev/null
+++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_localnetworkgateway/tasks/main.yml
@@ -0,0 +1,114 @@
+- name: Set Storage Account Names
+ ansible.builtin.set_fact:
+ rpfx: "{{ resource_group | hash('md5') | truncate(21, True, '') }}"
+
+- name: Create a new local network gateway (Check mode)
+ azure_rm_localnetworkgateway:
+ resource_group: "{{ resource_group }}"
+ name: "{{ rpfx }}"
+ local_network_address_space:
+ address_prefixes:
+ - 10.0.0.0/24
+ - 20.0.0.0/24
+ fqdn: testfqdn.com
+ bgp_settings:
+ asn: 8
+ bgp_peering_address: 10.3.0.1
+ peer_weight: 3
+ tags:
+ key1: value1
+ check_mode: true
+
+- name: Create a new local network gateway
+ azure_rm_localnetworkgateway:
+ resource_group: "{{ resource_group }}"
+ name: "{{ rpfx }}"
+ local_network_address_space:
+ address_prefixes:
+ - 10.0.0.0/24
+ - 20.0.0.0/24
+ fqdn: testfqdn.com
+ bgp_settings:
+ asn: 8
+ bgp_peering_address: 10.3.0.1
+ peer_weight: 3
+ tags:
+ key1: value1
+ register: output
+
+- name: Assert the local network gateway is well created
+ ansible.builtin.assert:
+ that:
+ - output.changed
+ - output.state.provisioning_state == 'Succeeded'
+
+- name: Create a new local network gateway(Idempotent test)
+ azure_rm_localnetworkgateway:
+ resource_group: "{{ resource_group }}"
+ name: "{{ rpfx }}"
+ local_network_address_space:
+ address_prefixes:
+ - 10.0.0.0/24
+ - 20.0.0.0/24
+ fqdn: testfqdn.com
+ bgp_settings:
+ asn: 8
+ bgp_peering_address: 10.3.0.1
+ peer_weight: 3
+ tags:
+ key1: value1
+ register: output
+
+- name: Assert the local network gateway no change
+ ansible.builtin.assert:
+ that:
+ - not output.changed
+
+- name: Create a new local network gateway(Update test)
+ azure_rm_localnetworkgateway:
+ resource_group: "{{ resource_group }}"
+ name: "{{ rpfx }}"
+ local_network_address_space:
+ address_prefixes:
+ - 10.0.0.0/24
+ - 30.0.0.0/24
+ fqdn: testfqdn1.com
+ bgp_settings:
+ asn: 10
+ bgp_peering_address: 20.3.0.1
+ peer_weight: 5
+ tags:
+ key1: value1
+ register: output
+
+- name: Assert the local network gateway updated
+ ansible.builtin.assert:
+ that:
+ - output.changed
+
+- name: Get a new local network gateway
+ azure_rm_localnetworkgateway_info:
+ resource_group: "{{ resource_group }}"
+ name: "{{ rpfx }}"
+ register: output
+
+- name: Assert the local network gateway facts
+ ansible.builtin.assert:
+ that:
+ - not output.changed
+ - output.state[0].bgp_settings.asn == 10
+ - output.state[0].bgp_settings.peer_weight == 5
+ - "output.state[0].tags | length == 1"
+ - "output.state[0].local_network_address_space.address_prefixes | length == 3"
+
+- name: Delete the local network gateway
+ azure_rm_localnetworkgateway:
+ resource_group: "{{ resource_group }}"
+ name: "{{ rpfx }}"
+ state: absent
+ register: output
+
+- name: Assert the local network gateway is deleted
+ ansible.builtin.assert:
+ that:
+ - output.changed
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_mariadbserver/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_mariadbserver/aliases
index b586dc7c3..0cfc7d52b 100644
--- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_mariadbserver/aliases
+++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_mariadbserver/aliases
@@ -6,3 +6,4 @@ azure_rm_mariadbdatabase
azure_rm_mariadbdatabase_facts
azure_rm_mariadbfirewallrule
azure_rm_mariadbfirewallrule_facts
+disabled
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_mysqlserver/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_mysqlserver/aliases
index 21e7a127b..98ddd39ff 100644
--- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_mysqlserver/aliases
+++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_mysqlserver/aliases
@@ -8,3 +8,4 @@ azure_rm_mysqlfirewallrule
azure_rm_mysqlfirewallrule_facts
azure_rm_mysqlconfiguration
azure_rm_mysqlconfiguration_facts
+disabled
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_networkinterface/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_networkinterface/tasks/main.yml
index e47906d72..4955230f2 100644
--- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_networkinterface/tasks/main.yml
+++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_networkinterface/tasks/main.yml
@@ -87,8 +87,7 @@
resource_group: "{{ resource_group }}"
name: "tn{{ rpfx }}"
virtual_network: "{{ vn.state.id }}"
- subnet: "tn{{ rpfx }}"
- public_ip: false
+ subnet_name: "tn{{ rpfx }}"
create_with_security_group: false
register: output
check_mode: true
@@ -105,8 +104,7 @@
virtual_network:
name: "tn{{ rpfx }}"
resource_group: "{{ resource_group_secondary }}"
- subnet: "tn{{ rpfx }}"
- public_ip: false
+ subnet_name: "tn{{ rpfx }}"
create_with_security_group: false
register: output
@@ -146,7 +144,7 @@
private_ip_address: "{{ facts.networkinterfaces[0].ip_configurations[0].private_ip_address }}"
private_ip_allocation_method: "{{ facts.networkinterfaces[0].ip_configurations[0].private_ip_allocation_method }}"
primary: "{{ facts.networkinterfaces[0].ip_configurations[0].primary }}"
- subnet: "{{ facts.networkinterfaces[0].subnet }}"
+ subnet_name: "{{ facts.networkinterfaces[0].subnet }}"
register: output
- name: Assert the NIC created
@@ -159,9 +157,8 @@
resource_group: "{{ resource_group }}"
name: "tn{{ rpfx }}"
virtual_network: "{{ vn.state.id }}"
- subnet: "tn{{ rpfx }}"
+ subnet_name: "tn{{ rpfx }}"
create_with_security_group: false
- public_ip: false
register: output
- name: Assert NIC created
@@ -174,8 +171,7 @@
resource_group: "{{ resource_group }}"
name: "tn{{ rpfx }}"
virtual_network: "{{ vn.state.id }}"
- subnet: "tn{{ rpfx }}"
- public_ip: false
+ subnet_name: "tn{{ rpfx }}"
security_group: "tn{{ rpfx }}sg"
register: output
check_mode: true
@@ -190,8 +186,10 @@
resource_group: "{{ resource_group }}"
name: "tn{{ rpfx }}"
virtual_network: "{{ vn.state.id }}"
- subnet: "tn{{ rpfx }}"
- public_ip_address_name: "tn{{ rpfx }}"
+ subnet_name: "tn{{ rpfx }}"
+ ip_configurations:
+ - name: default
+ public_ip_address_name: "tn{{ rpfx }}"
create_with_security_group: false
register: output
check_mode: true
@@ -206,10 +204,9 @@
resource_group: "{{ resource_group }}"
name: "tn{{ rpfx }}"
virtual_network: "{{ vn.state.id }}"
- subnet: "tn{{ rpfx }}"
+ subnet_name: "tn{{ rpfx }}"
enable_accelerated_networking: true
create_with_security_group: false
- public_ip: false
register: output
check_mode: true
@@ -223,10 +220,9 @@
resource_group: "{{ resource_group }}"
name: "tn{{ rpfx }}"
virtual_network: "{{ vn.state.id }}"
- subnet: "tn{{ rpfx }}"
+ subnet_name: "tn{{ rpfx }}"
create_with_security_group: false
enable_ip_forwarding: true
- public_ip: false
register: output
check_mode: true
@@ -240,9 +236,8 @@
resource_group: "{{ resource_group }}"
name: "tn{{ rpfx }}"
virtual_network: "{{ vn.state.id }}"
- subnet: "tn{{ rpfx }}"
+ subnet_name: "tn{{ rpfx }}"
create_with_security_group: false
- public_ip: false
dns_servers:
- 8.9.10.11
- 7.8.9.10
@@ -259,7 +254,7 @@
resource_group: "{{ resource_group }}"
name: "tn{{ rpfx }}"
virtual_network: "{{ vn.state.id }}"
- subnet: "tn{{ rpfx }}"
+ subnet_name: "tn{{ rpfx }}"
enable_accelerated_networking: true
enable_ip_forwarding: true
security_group: "tn{{ rpfx }}sg"
@@ -300,7 +295,7 @@
resource_group: "{{ resource_group }}"
name: "tn{{ rpfx }}"
virtual_network: "{{ vn.state.id }}"
- subnet: "tn{{ rpfx }}"
+ subnet_name: "tn{{ rpfx }}"
enable_accelerated_networking: true
security_group: "tn{{ rpfx }}sg"
enable_ip_forwarding: true
@@ -355,7 +350,7 @@
resource_group: "{{ resource_group }}"
name: "tn{{ rpfx }}"
virtual_network: "{{ vn.state.id }}"
- subnet: "tn{{ rpfx }}"
+ subnet_name: "tn{{ rpfx }}"
security_group: "tn{{ rpfx }}sg"
enable_accelerated_networking: true
enable_ip_forwarding: true
@@ -462,9 +457,8 @@
resource_group: "{{ resource_group }}"
name: "{{ nic_name1 }}"
virtual_network: "{{ vn.state.id }}"
- subnet: "tn{{ rpfx }}"
+ subnet_name: "tn{{ rpfx }}"
create_with_security_group: true
- public_ip: false
ip_configurations:
- name: ipconfig1
application_security_groups:
@@ -483,9 +477,8 @@
resource_group: "{{ resource_group }}"
name: "{{ nic_name1 }}"
virtual_network: "{{ vn.state.id }}"
- subnet: "tn{{ rpfx }}"
+ subnet_name: "tn{{ rpfx }}"
create_with_security_group: true
- public_ip: false
ip_configurations:
- name: ipconfig1
application_security_groups:
@@ -504,9 +497,8 @@
resource_group: "{{ resource_group }}"
name: "{{ nic_name1 }}"
virtual_network: "{{ vn.state.id }}"
- subnet: "tn{{ rpfx }}"
+ subnet_name: "tn{{ rpfx }}"
create_with_security_group: true
- public_ip: false
ip_configurations:
- name: ipconfig1
application_security_groups:
@@ -598,7 +590,6 @@
virtual_network: "tn{{ rpfx }}"
subnet_name: "nic-appgw-subnet{{ rpfx }}"
create_with_security_group: false
- public_ip: false
ip_configurations:
- name: "default"
primary: true
@@ -621,7 +612,6 @@
virtual_network: "tn{{ rpfx }}"
subnet_name: "nic-appgw-subnet{{ rpfx }}"
create_with_security_group: false
- public_ip: false
ip_configurations:
- name: "default"
primary: true
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_postgresqlflexibleserver/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_postgresqlflexibleserver/tasks/main.yml
index 2add54e1e..9880cdc3c 100644
--- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_postgresqlflexibleserver/tasks/main.yml
+++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_postgresqlflexibleserver/tasks/main.yml
@@ -1,15 +1,43 @@
+- name: Gather Resource Group info
+ azure.azcollection.azure_rm_resourcegroup_info:
+ name: "{{ resource_group }}"
+ register: __rg_info
+
- name: Prepare random number
ansible.builtin.set_fact:
rpfx: "{{ resource_group | hash('md5') | truncate(8, True, '') }}"
new_resource_group: "{{ resource_group }}-02"
run_once: true
+- name: Set Azure Region based on resource group location
+ ansible.builtin.set_fact:
+ location: "{{ __rg_info.resourcegroups.0.location }}"
+
- name: Create a new resource group
azure_rm_resourcegroup:
name: "{{ new_resource_group }}"
- location: southeastasia
+ location: "{{ location }}"
+
+- name: Create User Managed Identities
+ azure_rm_resource:
+ resource_group: "{{ new_resource_group }}"
+ provider: ManagedIdentity
+ resource_type: userAssignedIdentities
+ resource_name: "{{ item }}"
+ api_version: "2023-01-31"
+ body:
+ location: "{{ location }}"
+ state: present
+ loop:
+ - "ansible-test-pgsql-identity"
+ - "ansible-test-pgsql-identity-2"
+
+- name: Set identities IDs to test. Identities ansible-test-psql-identity and ansible-test-psql-identity-2 have to be created previously
+ ansible.builtin.set_fact:
+ user_identity_1: "/subscriptions/{{ azure_subscription_id }}/resourcegroups/{{ new_resource_group }}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ansible-test-pgsql-identity"
+ user_identity_2: "/subscriptions/{{ azure_subscription_id }}/resourcegroups/{{ new_resource_group }}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ansible-test-pgsql-identity-2"
-- name: Create post gresql flexible server (check mode)
+- name: Create postgresql flexible server (check mode)
azure_rm_postgresqlflexibleserver:
resource_group: "{{ new_resource_group }}"
name: postflexible{{ rpfx }}
@@ -34,9 +62,14 @@
day_of_week: 3
availability_zone: 2
create_mode: Create
+ identity:
+ type: UserAssigned
+ user_assigned_identities:
+ id:
+ - "{{ user_identity_1 }}"
check_mode: true
-- name: Create post gresql flexible server
+- name: Create postgresql flexible server
azure_rm_postgresqlflexibleserver:
resource_group: "{{ new_resource_group }}"
name: postflexible{{ rpfx }}
@@ -61,14 +94,25 @@
day_of_week: 3
availability_zone: 2
create_mode: Create
+ identity:
+ type: UserAssigned
+ user_assigned_identities:
+ id:
+ - "{{ user_identity_1 }}"
register: output
-- name: Assert the post grep sql server create success
+- name: Assert the postgresql flexible server create success
ansible.builtin.assert:
that:
- output.changed
-- name: Create post gresql flexible server (Idempotent Test)
+- name: Assert User identity assigned
+ ansible.builtin.assert:
+ that:
+ - output.state.identity.type == 'UserAssigned'
+ - user_identity_1 in output.state.identity.user_assigned_identities
+
+- name: Create postgresql flexible server (Idempotent Test)
azure_rm_postgresqlflexibleserver:
resource_group: "{{ new_resource_group }}"
name: postflexible{{ rpfx }}
@@ -93,14 +137,19 @@
day_of_week: 3
availability_zone: 2
create_mode: Create
+ identity:
+ type: UserAssigned
+ user_assigned_identities:
+ id:
+ - "{{ user_identity_1 }}"
register: output
-- name: Assert the post grep sql server create success
+- name: Assert the postgresql server create success
ansible.builtin.assert:
that:
- not output.changed
-- name: Update post gresql flexible server with multiple parameters
+- name: Update postgresql flexible server with multiple parameters
azure_rm_postgresqlflexibleserver:
resource_group: "{{ new_resource_group }}"
name: postflexible{{ rpfx }}
@@ -128,9 +177,15 @@
tags:
key1: value1
key2: value2
+ identity:
+ type: "UserAssigned"
+ user_assigned_identities:
+ id:
+ - "{{ user_identity_2 }}"
+ append: true
register: output
-- name: Assert the post grep sql server update success
+- name: Assert the postgresql server update success
ansible.builtin.assert:
that:
- output.changed
@@ -141,7 +196,7 @@
name: postflexible{{ rpfx }}
register: output
-- name: Assert the post gresql server is well created
+- name: Assert the postgresql server is well created
ansible.builtin.assert:
that:
- output.servers[0].tags | length == 2
@@ -150,8 +205,23 @@
- output.servers[0].maintenance_window.day_of_week == 6
- output.servers[0].maintenance_window.start_hour == 10
- output.servers[0].maintenance_window.start_minute == 6
+ - user_identity_1 in output.servers[0].identity.user_assigned_identities
+ - user_identity_2 in output.servers[0].identity.user_assigned_identities
+
+- name: Postgresql server Identity None
+ azure_rm_postgresqlflexibleserver:
+ name: postflexible{{ rpfx }}
+ resource_group: "{{ new_resource_group }}"
+ identity:
+ type: "None"
+ register: output
+
+- name: Assert no managed identities
+ ansible.builtin.assert:
+ that:
+ - output.state.identity.type == 'None'
-- name: Create a post gresql flexible database(check mode)
+- name: Create a postgresql flexible database(check mode)
azure_rm_postgresqlflexibledatabase:
resource_group: "{{ new_resource_group }}"
server_name: postflexible{{ rpfx }}
@@ -160,7 +230,7 @@
charset: UTF8
check_mode: true
-- name: Create a post gresql flexible database
+- name: Create a postgresql flexible database
azure_rm_postgresqlflexibledatabase:
resource_group: "{{ new_resource_group }}"
server_name: postflexible{{ rpfx }}
@@ -169,12 +239,12 @@
charset: UTF8
register: output
-- name: Assert the post gresql flexible database created success
+- name: Assert the postgresql flexible database created success
ansible.builtin.assert:
that:
- output.changed
-- name: Create a post gresql flexible database(Idempotent test)
+- name: Create a postgresql flexible database(Idempotent test)
azure_rm_postgresqlflexibledatabase:
resource_group: "{{ new_resource_group }}"
server_name: postflexible{{ rpfx }}
@@ -183,25 +253,25 @@
charset: UTF8
register: output
-- name: Assert the post gresql flexible database no changed
+- name: Assert the postgresql flexible database no changed
ansible.builtin.assert:
that:
- not output.changed
-- name: Get the post gresql flexibe database facts
+- name: Get the postgresql flexibe database facts
azure_rm_postgresqlflexibledatabase_info:
resource_group: "{{ new_resource_group }}"
server_name: postflexible{{ rpfx }}
name: database{{ rpfx }}
register: output
-- name: Assert the post gresql flexible database facts
+- name: Assert the postgresql flexible database facts
ansible.builtin.assert:
that:
- output.databases[0].collation == 'en_US.utf8'
- output.databases[0].charset == 'UTF8'
-- name: Delete the post gresql flexibe database
+- name: Delete the postgresql flexibe database
azure_rm_postgresqlflexibledatabase:
resource_group: "{{ new_resource_group }}"
server_name: postflexible{{ rpfx }}
@@ -209,12 +279,12 @@
state: absent
register: output
-- name: Assert the post gresql flexible database deleted
+- name: Assert the postgresql flexible database deleted
ansible.builtin.assert:
that:
- output.changed
-- name: Create a post gresql flexible firwall rule (Check mode)
+- name: Create a postgresql flexible firwall rule (Check mode)
azure_rm_postgresqlflexiblefirewallrule:
resource_group: "{{ new_resource_group }}"
server_name: postflexible{{ rpfx }}
@@ -223,7 +293,7 @@
end_ip_address: 10.0.0.20
check_mode: true
-- name: Create the post gresql flexible firwall rule
+- name: Create the postgresql flexible firwall rule
azure_rm_postgresqlflexiblefirewallrule:
resource_group: "{{ new_resource_group }}"
server_name: postflexible{{ rpfx }}
@@ -232,12 +302,12 @@
end_ip_address: 10.0.0.20
register: output
-- name: Assert the post grepsql flexible firewall rule created well
+- name: Assert the postgrepsql flexible firewall rule created well
ansible.builtin.assert:
that:
- output.changed
-- name: Create the post gresql flexible firwall rule (Idempotent test)
+- name: Create the postgresql flexible firwall rule (Idempotent test)
azure_rm_postgresqlflexiblefirewallrule:
resource_group: "{{ new_resource_group }}"
server_name: postflexible{{ rpfx }}
@@ -246,12 +316,12 @@
end_ip_address: 10.0.0.20
register: output
-- name: Assert the post grepsql flexible firewall rule support idempotent test
+- name: Assert the postgresql flexible firewall rule support idempotent test
ansible.builtin.assert:
that:
- not output.changed
-- name: Update the post gresql flexible firwall rule
+- name: Update the postgresql flexible firwall rule
azure_rm_postgresqlflexiblefirewallrule:
resource_group: "{{ new_resource_group }}"
server_name: postflexible{{ rpfx }}
@@ -260,25 +330,25 @@
end_ip_address: 10.0.0.18
register: output
-- name: Assert the post grepsql flexible server update well
+- name: Assert the postgresql flexible server update well
ansible.builtin.assert:
that:
- output.changed
-- name: Get the post gresql flexible firwall rule facts
+- name: Get the postgresql flexible firwall rule facts
azure_rm_postgresqlflexiblefirewallrule_info:
resource_group: "{{ new_resource_group }}"
server_name: postflexible{{ rpfx }}
name: firewall{{ rpfx }}
register: output
-- name: Assert the post gresql flexible firewall rule facts
+- name: Assert the postgresql flexible firewall rule facts
ansible.builtin.assert:
that:
- output.firewall_rules[0].start_ip_address == '10.0.0.16'
- output.firewall_rules[0].end_ip_address == '10.0.0.18'
-- name: Delete the post gresql flexible firwall rule
+- name: Delete the postgresql flexible firwall rule
azure_rm_postgresqlflexiblefirewallrule:
resource_group: "{{ new_resource_group }}"
server_name: postflexible{{ rpfx }}
@@ -286,30 +356,30 @@
state: absent
register: output
-- name: Assert the post grepsql flexible server delete well
+- name: Assert the postgresql flexible server delete well
ansible.builtin.assert:
that:
- output.changed
-- name: List the post gresql flexible config facts
+- name: List the postgresql flexible config facts
azure_rm_postgresqlflexibleconfiguration_info:
resource_group: "{{ new_resource_group }}"
server_name: postflexible{{ rpfx }}
register: output
-- name: Assert the post gresql flexible server configuration
+- name: Assert the postgresql flexible server configuration
ansible.builtin.assert:
that:
- output.settings | length > 0
-- name: Stop the post gresql flexible server
+- name: Stop the postgresql flexible server
azure_rm_postgresqlflexibleserver:
resource_group: "{{ new_resource_group }}"
name: postflexible{{ rpfx }}
is_stop: true
register: output
-- name: Assert the post grep sql server stop success
+- name: Assert the postgresql server stop success
ansible.builtin.assert:
that:
- output.changed
@@ -319,30 +389,42 @@
minutes: 10
changed_when: true
-- name: Restart post gresql flexible server
+- name: Restart postgresql flexible server
azure_rm_postgresqlflexibleserver:
resource_group: "{{ new_resource_group }}"
name: postflexible{{ rpfx }}
is_restart: true
register: output
-- name: Assert the post grep sql server restart success
+- name: Assert the postgresql server restart success
ansible.builtin.assert:
that:
- output.changed
-- name: Delete post gresql flexible server
+- name: Delete postgresql flexible server
azure_rm_postgresqlflexibleserver:
resource_group: "{{ new_resource_group }}"
name: postflexible{{ rpfx }}
state: absent
register: output
-- name: Assert the post gresql server is well deleted
+- name: Assert the postgresql server is well deleted
ansible.builtin.assert:
that:
- output.changed
+- name: Destroy User Managed Identities
+ azure_rm_resource:
+ resource_group: "{{ new_resource_group }}"
+ provider: ManagedIdentity
+ resource_type: userAssignedIdentities
+ resource_name: "{{ item }}"
+ api_version: "2023-01-31"
+ state: absent
+ loop:
+ - "ansible-test-psql-identity"
+ - "ansible-test-psql-identity-2"
+
- name: Delete the new resource group
azure_rm_resourcegroup:
name: "{{ new_resource_group }}"
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatelinkservice/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatelinkservice/tasks/main.yml
index a3743b074..d42d65ecd 100644
--- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatelinkservice/tasks/main.yml
+++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatelinkservice/tasks/main.yml
@@ -1,7 +1,6 @@
- name: Set Private Link Service Names
ansible.builtin.set_fact:
rpfx: "{{ resource_group | hash('md5') | truncate(20, True, '') }}"
- azure_subscription_id: f64d4ee8-be94-457d-ba26-3fa6b6506cef
- name: Delete the private link service
azure_rm_privatelinkservice:
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_datalakestore/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_sqlmanageddatabase/aliases
index 6feba04aa..e133dafcd 100644
--- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_datalakestore/aliases
+++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_sqlmanageddatabase/aliases
@@ -1,4 +1,4 @@
cloud/azure
-shippable/azure/group10
destructive
+shippable/azure/group9
disabled
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_sqlmanageddatabase/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_sqlmanageddatabase/meta/main.yml
new file mode 100644
index 000000000..95e1952f9
--- /dev/null
+++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_sqlmanageddatabase/meta/main.yml
@@ -0,0 +1,2 @@
+dependencies:
+ - setup_azure
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_sqlmanageddatabase/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_sqlmanageddatabase/tasks/main.yml
new file mode 100644
index 000000000..ddbc1b881
--- /dev/null
+++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_sqlmanageddatabase/tasks/main.yml
@@ -0,0 +1,264 @@
+- name: Prepare random number
+ ansible.builtin.set_fact:
+ random_postfix: "sqlmi{{ 1000 | random }}{{ resource_group | hash('md5') | truncate(8, True, '') }}"
+
+- name: Create virtual network
+ azure_rm_virtualnetwork:
+ name: "{{ random_postfix }}"
+ address_prefixes_cidr:
+ - 10.1.0.0/16
+ - 172.100.0.0/16
+ - fdda:e69b:1587:495e::/64
+ dns_servers:
+ - 127.0.0.1
+ - 127.0.0.3
+ resource_group: "{{ resource_group }}"
+
+- name: Create a route table
+ azure_rm_routetable:
+ name: "{{ random_postfix }}"
+ resource_group: "{{ resource_group }}"
+ tags:
+ purpose: testing
+
+- name: Create security group
+ azure_rm_securitygroup:
+ resource_group: "{{ resource_group }}"
+ name: "{{ random_postfix }}"
+ tags:
+ testing: testing
+ delete: on-exit
+ foo: bar
+ purge_rules: true
+ rules:
+ - name: DenySSH
+ protocol: Tcp
+ destination_port_range: 22
+ access: Deny
+ priority: 100
+ direction: Inbound
+ - name: AllowSSH
+ protocol: Tcp
+ source_address_prefix: 174.109.158.0/24
+ destination_port_range: 22
+ access: Allow
+ priority: 101
+ direction: Inbound
+
+- name: Add the subnet back
+ azure_rm_subnet:
+ name: foobar
+ virtual_network_name: "{{ random_postfix }}"
+ resource_group: "{{ resource_group }}"
+ address_prefix_cidr: "10.1.0.0/24"
+ security_group:
+ resource_gorup: "{{ resource_group }}"
+ name: "{{ random_postfix }}"
+ route_table:
+ name: "{{ random_postfix }}"
+ resource_group: "{{ resource_group }}"
+ delegations:
+ - name: 'mysqlinstance'
+ serviceName: "Microsoft.Sql/managedInstances"
+ register: subnet_output
+
+- name: Create sql managed instance
+ azure_rm_sqlmanagedinstance:
+ resource_group: "{{ resource_group }}"
+ name: "{{ random_postfix }}"
+ subnet_id: "{{ subnet_output.state.id }}"
+ identity:
+ type: SystemAssigned
+ sku:
+ name: GP_Gen5
+ tier: GeneralPurpose
+ family: Gen5
+ capacity: 8
+ administrator_login: azureuser
+ administrator_login_password: Fredtest@password0329test
+ storage_size_in_gb: 256
+ v_cores: 8
+
+- name: Create a new sql managed instance database(checkmode test)
+ azure_rm_sqlmidatabase:
+ resource_group: "{{ resource_group }}"
+ managed_instance_name: "{{ random_postfix }}"
+ database_name: "database{{ random_postfix }}"
+ collation: SQL_Latin1_General_CP1_CI_AS
+ location: eastus
+ tags:
+ key1: value1
+ check_mode: true
+
+- name: Create a new sql managed instance database
+ azure_rm_sqlmidatabase:
+ resource_group: "{{ resource_group }}"
+ managed_instance_name: "{{ random_postfix }}"
+ database_name: "database{{ random_postfix }}"
+ collation: SQL_Latin1_General_CP1_CI_AS
+ location: eastus
+ tags:
+ key1: value1
+ register: output
+
+- name: Assert the datebase is well created
+ ansible.builtin.assert:
+ that:
+ - output.changed
+
+- name: Create a new sql managed instance database (Idempotent test)
+ azure_rm_sqlmidatabase:
+ resource_group: "{{ resource_group }}"
+ managed_instance_name: "{{ random_postfix }}"
+ database_name: "database{{ random_postfix }}"
+ collation: SQL_Latin1_General_CP1_CI_AS
+ location: eastus
+ tags:
+ key1: value1
+ register: output
+
+- name: Assert the datebase has no changed
+ ansible.builtin.assert:
+ that:
+ - not output.changed
+
+- name: Update the sql managed instance database tags
+ azure_rm_sqlmidatabase:
+ resource_group: "{{ resource_group }}"
+ managed_instance_name: "{{ random_postfix }}"
+ database_name: "database{{ random_postfix }}"
+ collation: SQL_Latin1_General_CP1_CI_AS
+ location: eastus
+ tags:
+ key2: value2
+ register: output
+
+- name: Assert the datebase udpated
+ ansible.builtin.assert:
+ that:
+ - output.changed
+
+- name: Get the sql managed instance database facts
+ azure_rm_sqlmidatabase_info:
+ resource_group: "{{ resource_group }}"
+ managed_instance_name: "{{ random_postfix }}"
+ database_name: "database{{ random_postfix }}"
+ register: output
+
+- name: Assert the datebase facts
+ ansible.builtin.assert:
+ that:
+ - output.database[0].tags |length == 2
+ - output.database[0].collation == "SQL_Latin1_General_CP1_CI_AS"
+
+- name: Get sql managed database long term retention policy by name
+ azure_rm_sqlmidblongtermretentionpolicy_info:
+ resource_group: "{{ resource_group }}"
+ managed_instance_name: "{{ random_postfix }}"
+ database_name: "database{{ random_postfix }}"
+ policy_name: default
+ register: output
+
+- name: Assert the sql managed datebase long term retention policy facts
+ ansible.builtin.assert:
+ that:
+ - output.long_term_retention_policy[0].name == 'default'
+ - output.long_term_retention_policy[0].monthly_retention == "PT0S"
+ - output.long_term_retention_policy[0].yearly_retention == "PT0S"
+ - output.long_term_retention_policy[0].weekly_retention == "PT0S"
+ - output.long_term_retention_policy[0].week_of_year == 0
+
+- name: Update the database long term retention policy
+ azure_rm_sqlmidblongtermretentionpolicy:
+ resource_group: "{{ resource_group }}"
+ managed_instance_name: "{{ random_postfix }}"
+ database_name: "database{{ random_postfix }}"
+ policy_name: default
+ monthly_retention: P3M
+ week_of_year: 13
+ weekly_retention: P13W
+ yearly_retention: P3Y
+ register: output
+
+- name: Assert the sql managed datebase long term retention policy updated
+ ansible.builtin.assert:
+ that:
+ - output.changed
+
+- name: Get sql managed database long term retention policy by name
+ azure_rm_sqlmidblongtermretentionpolicy_info:
+ resource_group: "{{ resource_group }}"
+ managed_instance_name: "{{ random_postfix }}"
+ database_name: "database{{ random_postfix }}"
+ policy_name: default
+ register: output
+
+- name: Assert the sql managed datebase long term retention policy facts
+ ansible.builtin.assert:
+ that:
+ - output.long_term_retention_policy[0].name == 'default'
+ - output.long_term_retention_policy[0].monthly_retention == "P3M"
+ - output.long_term_retention_policy[0].yearly_retention == "P3Y"
+ - output.long_term_retention_policy[0].weekly_retention == "P13W"
+ - output.long_term_retention_policy[0].week_of_year == 13
+
+- name: Get the sql managed instance database short term retention policy facts
+ azure_rm_sqlmidbshorttermretentionpolicy_info:
+ resource_group: "{{ resource_group }}"
+ managed_instance_name: "{{ random_postfix }}"
+ database_name: "database{{ random_postfix }}"
+ policy_name: default
+ register: output
+
+- name: Assert the sql managed datebase short term retention policy facts
+ ansible.builtin.assert:
+ that:
+ - output.short_term_retention_policy[0].name == 'default'
+ - output.short_term_retention_policy[0].retention_days == 7
+
+- name: Update the sql managed short term retetion
+ azure_rm_sqlmidbshorttermretentionpolicy:
+ resource_group: "{{ resource_group }}"
+ managed_instance_name: "{{ random_postfix }}"
+ database_name: "database{{ random_postfix }}"
+ policy_name: default
+ retention_days: 10
+ register: output
+
+- name: Assert the sql managed datebase short term retention policy updated
+ ansible.builtin.assert:
+ that:
+ - output.changed
+
+- name: Get the sql managed instance database short term retention policy facts
+ azure_rm_sqlmidbshorttermretentionpolicy_info:
+ resource_group: "{{ resource_group }}"
+ managed_instance_name: "{{ random_postfix }}"
+ database_name: "database{{ random_postfix }}"
+ policy_name: default
+ register: output
+
+- name: Assert the sql managed datebase short term retention policy facts
+ ansible.builtin.assert:
+ that:
+ - output.short_term_retention_policy[0].name == 'default'
+ - output.short_term_retention_policy[0].retention_days == 10
+
+- name: Delete the sql managed database
+ azure_rm_sqlmidatabase:
+ resource_group: "{{ resource_group }}"
+ managed_instance_name: "{{ random_postfix }}"
+ database_name: "database{{ random_postfix }}"
+ state: absent
+ register: output
+
+- name: Assert the sql managed datebase deleted
+ ansible.builtin.assert:
+ that:
+ - output.changed
+
+- name: Delete sql managed instance
+ azure_rm_sqlmanagedinstance:
+ resource_group: "{{ resource_group }}"
+ name: "{{ random_postfix }}"
+ state: absent
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageaccountmanagementpolicy/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageaccountmanagementpolicy/aliases
new file mode 100644
index 000000000..aa77c071a
--- /dev/null
+++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageaccountmanagementpolicy/aliases
@@ -0,0 +1,3 @@
+cloud/azure
+shippable/azure/group2
+destructive
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageaccountmanagementpolicy/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageaccountmanagementpolicy/meta/main.yml
new file mode 100644
index 000000000..95e1952f9
--- /dev/null
+++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageaccountmanagementpolicy/meta/main.yml
@@ -0,0 +1,2 @@
+dependencies:
+ - setup_azure
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageaccountmanagementpolicy/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageaccountmanagementpolicy/tasks/main.yml
new file mode 100644
index 000000000..96245a06a
--- /dev/null
+++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageaccountmanagementpolicy/tasks/main.yml
@@ -0,0 +1,242 @@
+- name: Set random value
+ ansible.builtin.set_fact:
+ rpfx: "{{ resource_group | hash('md5') | truncate(22, True, '') }}"
+
+- name: Create storage account with static website disabled
+ azure_rm_storageaccount:
+ resource_group: "{{ resource_group }}"
+ name: "st{{ rpfx }}"
+ account_type: Standard_LRS
+ kind: StorageV2
+ static_website:
+ enabled: false
+
+- name: Create storage account management policy rule (Check mode test)
+ azure_rm_storageaccountmanagementpolicy:
+ resource_group: "{{ resource_group }}"
+ storage_account_name: "st{{ rpfx }}"
+ rules:
+ - name: olcmtest
+ type: Lifecycle
+ enabled: false
+ definition:
+ actions:
+ base_blob:
+ enable_auto_tier_to_hot_from_cool: true
+ delete:
+ days_after_modification_greater_than: 22
+ days_after_last_access_time_greater_than: 22
+ tier_to_cool:
+ days_after_modification_greater_than: 22
+ days_after_last_access_time_greater_than: 22
+ tier_to_archive:
+ days_after_modification_greater_than: 22
+ days_after_last_access_time_greater_than: 22
+ snapshot:
+ tier_to_cool:
+ days_after_creation_greater_than: 22
+ tier_to_archive:
+ days_after_creation_greater_than: 22
+ delete:
+ days_after_creation_greater_than: 22
+ version:
+ tier_to_archive:
+ days_after_creation_greater_than: 22
+ tier_to_cool:
+ days_after_creation_greater_than: 22
+ delete:
+ days_after_creation_greater_than: 22
+ filters:
+ prefix_match:
+ - olcmtestcontainer
+ blob_types:
+ - blockBlob
+ - appendBlob
+ blob_index_match:
+ - name: tags6
+ op: '=='
+ value: value6
+ check_mode: true
+
+- name: Create storage account management policy rule
+ azure_rm_storageaccountmanagementpolicy:
+ resource_group: "{{ resource_group }}"
+ storage_account_name: "st{{ rpfx }}"
+ rules:
+ - name: olcmtest
+ type: Lifecycle
+ enabled: false
+ definition:
+ actions:
+ base_blob:
+ enable_auto_tier_to_hot_from_cool: true
+ delete:
+ days_after_modification_greater_than: 22
+ days_after_last_access_time_greater_than: 22
+ tier_to_cool:
+ days_after_modification_greater_than: 22
+ days_after_last_access_time_greater_than: 22
+ tier_to_archive:
+ days_after_modification_greater_than: 22
+ days_after_last_access_time_greater_than: 22
+ snapshot:
+ tier_to_cool:
+ days_after_creation_greater_than: 22
+ tier_to_archive:
+ days_after_creation_greater_than: 22
+ delete:
+ days_after_creation_greater_than: 22
+ version:
+ tier_to_archive:
+ days_after_creation_greater_than: 22
+ tier_to_cool:
+ days_after_creation_greater_than: 22
+ delete:
+ days_after_creation_greater_than: 22
+ filters:
+ prefix_match:
+ - olcmtestcontainer
+ blob_types:
+ - blockBlob
+ - appendBlob
+ blob_index_match:
+ - name: tags6
+ op: '=='
+ value: value6
+ register: output
+
+- name: Assert the Managed policy created
+ ansible.builtin.assert:
+ that:
+ - output.changed
+
+- name: Create storage account management policy rule(Idempotent test)
+ azure_rm_storageaccountmanagementpolicy:
+ resource_group: "{{ resource_group }}"
+ storage_account_name: "st{{ rpfx }}"
+ rules:
+ - name: olcmtest
+ type: Lifecycle
+ enabled: false
+ definition:
+ actions:
+ base_blob:
+ enable_auto_tier_to_hot_from_cool: true
+ delete:
+ days_after_modification_greater_than: 22
+ days_after_last_access_time_greater_than: 22
+ tier_to_cool:
+ days_after_modification_greater_than: 22
+ days_after_last_access_time_greater_than: 22
+ tier_to_archive:
+ days_after_modification_greater_than: 22
+ days_after_last_access_time_greater_than: 22
+ snapshot:
+ tier_to_cool:
+ days_after_creation_greater_than: 22
+ tier_to_archive:
+ days_after_creation_greater_than: 22
+ delete:
+ days_after_creation_greater_than: 22
+ version:
+ tier_to_archive:
+ days_after_creation_greater_than: 22
+ tier_to_cool:
+ days_after_creation_greater_than: 22
+ delete:
+ days_after_creation_greater_than: 22
+ filters:
+ prefix_match:
+ - olcmtestcontainer
+ blob_types:
+ - blockBlob
+ - appendBlob
+ blob_index_match:
+ - name: tags6
+ op: '=='
+ value: value6
+ register: output
+
+- name: Assert the Managed policy no change
+ ansible.builtin.assert:
+ that:
+ - not output.changed
+
+- name: Create storage account management policy rule(Updating test)
+ azure_rm_storageaccountmanagementpolicy:
+ resource_group: "{{ resource_group }}"
+ storage_account_name: "st{{ rpfx }}"
+ rules:
+ - name: olcmtest
+ type: Lifecycle
+ enabled: false
+ definition:
+ actions:
+ base_blob:
+ enable_auto_tier_to_hot_from_cool: true
+ delete:
+ days_after_modification_greater_than: 33
+ days_after_last_access_time_greater_than: 33
+ tier_to_cool:
+ days_after_modification_greater_than: 33
+ days_after_last_access_time_greater_than: 33
+ tier_to_archive:
+ days_after_modification_greater_than: 33
+ days_after_last_access_time_greater_than: 33
+ snapshot:
+ tier_to_cool:
+ days_after_creation_greater_than: 33
+ tier_to_archive:
+ days_after_creation_greater_than: 33
+ delete:
+ days_after_creation_greater_than: 33
+ version:
+ tier_to_archive:
+ days_after_creation_greater_than: 33
+ tier_to_cool:
+ days_after_creation_greater_than: 33
+ delete:
+ days_after_creation_greater_than: 33
+ filters:
+ prefix_match:
+ - olcmtestcontainer
+ blob_types:
+ - blockBlob
+ - appendBlob
+ blob_index_match:
+ - name: tags6
+ op: '=='
+ value: value6
+ register: output
+
+- name: Assert the Managed policy updated
+ ansible.builtin.assert:
+ that:
+ - output.changed
+
+- name: Get storage account management policy
+ azure_rm_storageaccountmanagementpolicy_info:
+ resource_group: "{{ resource_group }}"
+ storage_account_name: "st{{ rpfx }}"
+ register: output
+
+- name: Assert the management policy rule facts
+ ansible.builtin.assert:
+ that:
+ - output.state.policy.rules[0].enabled is false
+ - output.state.policy.rules[0].name == 'olcmtest'
+ - output.state.policy.rules[0].type == 'Lifecycle'
+ - output.state.policy.rules[0].definition.actions.base_blob.enable_auto_tier_to_hot_from_cool is true
+ - output.state.policy.rules | length == 1
+
+- name: Delete the storage account management policy's rule
+ azure_rm_storageaccountmanagementpolicy:
+ resource_group: "{{ resource_group }}"
+ storage_account_name: "st{{ rpfx }}"
+ state: absent
+ register: output
+
+- name: Assert the Managed policy deleted
+ ansible.builtin.assert:
+ that:
+ - output.changed
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageblob/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageblob/tasks/main.yml
index 98cd3dc38..71abbbbf1 100644
--- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageblob/tasks/main.yml
+++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageblob/tasks/main.yml
@@ -8,6 +8,7 @@
resource_group: "{{ resource_group }}"
name: "{{ storage_account }}"
account_type: Standard_LRS
+ register: az_storageaccount
- name: Create container
azure_rm_storageblob:
@@ -16,6 +17,24 @@
account_name: "{{ storage_account }}"
container_name: my-blobs
+- name: Lookup service principal object id
+ ansible.builtin.set_fact:
+ object_id: "{{ lookup('azure.azcollection.azure_service_principal_attribute',
+ azure_client_id=azure_client_id,
+ azure_secret=azure_secret,
+ azure_tenant=azure_tenant) }}"
+ register: spn_facts
+
+- name: Create role assignment by scope (Storage Blob Data Contributor)
+ azure_rm_roleassignment:
+ scope: "{{ az_storageaccount.state.id }}/blobServices/default/containers/my-blobs"
+ assignee_object_id: "{{ spn_facts.ansible_facts.object_id }}"
+ role_definition_id: "/providers/Microsoft.Authorization/roleDefinitions/ba92f5b4-2d11-453d-a403-e96b0029c9fe"
+
+- name: Pause for 30 seconds
+ ansible.builtin.command: sleep 30
+ changed_when: true
+
- name: Force upload blob
azure_rm_storageblob:
auth_mode: login
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/inventory.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/inventory.yml
index 63ba77727..62525210f 100644
--- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/inventory.yml
+++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/inventory.yml
@@ -13,6 +13,10 @@ all:
network: 10.42.2.0/24
subnet: 10.42.2.0/28
+ azure_test_skus:
+ network: 10.42.3.0/24
+ subnet: 10.42.3.0/28
+
azure_test_minimal:
network: 10.42.3.0/24
subnet: 10.42.3.0/28
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_public_ip.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_public_ip.yml
index f24be88e2..0ef24fd82 100644
--- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_public_ip.yml
+++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_public_ip.yml
@@ -31,9 +31,12 @@
azure_rm_networkinterface:
resource_group: "{{ resource_group }}"
name: "{{ interface_name }}"
+ ip_configurations:
+ - name: default
+ primary: true
+ public_ip_address_name: "{{ public_ip_name }}"
virtual_network: "{{ network_name }}"
subnet: "{{ subnet_name }}"
- public_ip_name: "{{ public_ip_name }}"
security_group: "{{ security_group }}"
- name: Create virtual machine with a single NIC and no boot diagnostics
@@ -233,7 +236,7 @@
azure_rm_virtualmachine:
resource_group: "{{ resource_group }}"
name: "{{ vm_name }}"
- vm_size: Standard_A1
+ vm_size: Standard_A1_v2
storage_account: "{{ storage_account }}"
storage_container: "{{ vm_name }}"
storage_blob: "{{ vm_name }}.vhd"
@@ -256,7 +259,7 @@
ansible.builtin.assert:
that:
- resize_result is changed
- - resize_result.ansible_facts.azure_vm.hardware_profile.vm_size == "Standard_A1"
+ - resize_result.ansible_facts.azure_vm.hardware_profile.vm_size == "Standard_A1_v2"
- name: Delete VM
azure_rm_virtualmachine:
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_skus.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_skus.yml
new file mode 100644
index 000000000..f65c15869
--- /dev/null
+++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_skus.yml
@@ -0,0 +1,136 @@
+- name: Set variables
+ ansible.builtin.include_tasks: setup.yml
+
+- name: Gather Resource Group info
+ azure.azcollection.azure_rm_resourcegroup_info:
+ name: "{{ resource_group }}"
+ register: rg_info
+
+- name: List available VM SKUs
+ azure.azcollection.azure_rm_vmsku_info:
+ location: "{{ rg_info.resourcegroups.0.location }}"
+ resource_type: "virtualMachines"
+ size: "standard_B1"
+ zone: true
+ register: available_skus_result
+
+- name: Create desired capabilities list
+ ansible.builtin.set_fact:
+ desired_capabilities: [
+ {
+ "name": "MaxResourceVolumeMB",
+ "value": "4096"
+ },
+ {
+ "name": "MemoryGB",
+ "value": "2"
+ }]
+
+- name: Filter available SKUs with desired capabilities
+ ansible.builtin.set_fact:
+ skus_result: |
+ {% set skus_result = [] %}
+ {% for item in available_skus_result.available_skus -%}
+ {% set ns = namespace(use_sku=True) %}
+ {% for capability in item.capabilities -%}
+ {% for desired in desired_capabilities -%}
+ {% if capability.name == desired.name and capability.value != desired.value -%}
+ {% set ns.use_sku = False %}
+ {%- endif %}
+ {%- endfor %}
+ {%- endfor %}
+ {% if ns.use_sku -%}
+ {{ skus_result.append(item.name) }}
+ {%- endif %}
+ {%- endfor %}
+ {{ skus_result }}
+ failed_when: skus_result[0] is not defined
+
+- name: Create VM with first sku in avilable skus list
+ azure_rm_virtualmachine:
+ resource_group: "{{ resource_group }}"
+ name: "{{ vm_name }}"
+ admin_username: "testuser"
+ ssh_password_enabled: false
+ ssh_public_keys:
+ - path: /home/testuser/.ssh/authorized_keys
+ key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com"
+ vm_size: "{{ skus_result[0] }}"
+ virtual_network: "{{ network_name }}"
+ image:
+ offer: 0001-com-ubuntu-server-focal
+ publisher: Canonical
+ sku: 20_04-lts
+ version: latest
+ register: vm_output
+
+- name: Query auto created security group before deleting
+ azure_rm_securitygroup_info:
+ resource_group: "{{ resource_group }}"
+ name: "{{ vm_name }}01"
+ register: nsg_result
+
+- name: Assert that security group were exist before deleting
+ ansible.builtin.assert:
+ that:
+ - nsg_result.securitygroups | length == 1
+ - nsg_result.securitygroups[0].network_interfaces | length == 1
+
+- name: Delete VM
+ azure_rm_virtualmachine:
+ resource_group: "{{ resource_group }}"
+ name: "{{ vm_name }}"
+ remove_on_absent: all_autocreated
+ state: absent
+
+- name: Query auto created NIC
+ azure_rm_networkinterface_info:
+ resource_group: "{{ resource_group }}"
+ name: "{{ vm_name }}01"
+ register: nic_result
+
+- name: Query auto created security group
+ azure_rm_securitygroup_info:
+ resource_group: "{{ resource_group }}"
+ name: "{{ vm_name }}01"
+ register: nsg_result
+
+- name: Query auto created public IP
+ azure_rm_publicipaddress_info:
+ resource_group: "{{ resource_group }}"
+ name: "{{ vm_name }}01"
+ register: pip_result
+
+- name: Assert that autocreated resources were deleted
+ ansible.builtin.assert:
+ that:
+ # what about the default storage group?
+ - nic_result.networkinterfaces | length == 0
+ - nsg_result.securitygroups | length == 0
+ - pip_result.publicipaddresses | length == 0
+
+- name: Destroy subnet
+ azure_rm_subnet:
+ resource_group: "{{ resource_group }}"
+ virtual_network: "{{ network_name }}"
+ name: "{{ subnet_name }}"
+ state: absent
+
+- name: Destroy virtual network
+ azure_rm_virtualnetwork:
+ resource_group: "{{ resource_group }}"
+ name: "{{ network_name }}"
+ state: absent
+
+- name: Destroy availability set
+ azure_rm_availabilityset:
+ resource_group: "{{ resource_group }}"
+ name: "{{ availability_set }}"
+ state: absent
+
+- name: Destroy storage account
+ azure_rm_storageaccount:
+ resource_group: "{{ resource_group }}"
+ name: "{{ storage_account }}"
+ force_delete_nonempty: true
+ state: absent
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachineextension/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachineextension/tasks/main.yml
index e053cf0b8..b544b4a71 100644
--- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachineextension/tasks/main.yml
+++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachineextension/tasks/main.yml
@@ -39,9 +39,12 @@
azure_rm_networkinterface:
resource_group: "{{ resource_group }}"
name: testNIC
+ ip_configurations:
+ - name: default
+ primary: true
+ public_ip_address_name: testPublicIP
virtual_network: testVnet1
subnet: testSubnet
- public_ip_name: testPublicIP
security_group_name: testNetworkSecurityGroup
- name: Create a storage account
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachinescaleset/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachinescaleset/tasks/main.yml
index c3c5336ae..dd429406c 100644
--- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachinescaleset/tasks/main.yml
+++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachinescaleset/tasks/main.yml
@@ -27,7 +27,11 @@
azure_rm_loadbalancer:
resource_group: "{{ resource_group }}"
name: testLB
- public_ip_address_name: testPublicIP
+ frontend_ip_configurations:
+ - name: frontendipconf0
+ public_ip_address: testPublicIP
+ backend_address_pools:
+ - name: backendaddrp0
sku: Standard
- name: Create public IP address 1
@@ -41,7 +45,11 @@
azure_rm_loadbalancer:
resource_group: "{{ resource_group }}"
name: testLB1
- public_ip_address_name: testPublicIP1
+ frontend_ip_configurations:
+ - name: frontendipconf0
+ public_ip_address: testPublicIP1
+ backend_address_pools:
+ - name: backendaddrp1
sku: Standard
- name: Create network security group within same resource group of VMSS.
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetworkgatewaynatrule/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetworkgatewaynatrule/aliases
new file mode 100644
index 000000000..aa77c071a
--- /dev/null
+++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetworkgatewaynatrule/aliases
@@ -0,0 +1,3 @@
+cloud/azure
+shippable/azure/group2
+destructive
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetworkgatewaynatrule/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetworkgatewaynatrule/meta/main.yml
new file mode 100644
index 000000000..95e1952f9
--- /dev/null
+++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetworkgatewaynatrule/meta/main.yml
@@ -0,0 +1,2 @@
+dependencies:
+ - setup_azure
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetworkgatewaynatrule/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetworkgatewaynatrule/tasks/main.yml
new file mode 100644
index 000000000..9ca17e251
--- /dev/null
+++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetworkgatewaynatrule/tasks/main.yml
@@ -0,0 +1,131 @@
+- name: Prepare random number
+ ansible.builtin.set_fact:
+ natrulename: "nat{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}"
+ vnetname: "vnet{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}"
+ vngname: "vng{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}"
+ pubipname: "testPublicIP{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}"
+
+- name: Create virtual network
+ azure_rm_virtualnetwork:
+ resource_group: "{{ resource_group }}"
+ name: "{{ vnetname }}"
+ address_prefixes: "10.0.0.0/16"
+
+- name: Add subnet
+ azure_rm_subnet:
+ resource_group: "{{ resource_group }}"
+ name: GatewaySubnet
+ address_prefix: "10.0.2.0/24"
+ virtual_network: "{{ vnetname }}"
+
+- name: Create public IP address
+ azure_rm_publicipaddress:
+ resource_group: "{{ resource_group }}"
+ allocation_method: Dynamic
+ name: "{{ pubipname }}"
+
+- name: Create a virtual network gateway
+ azure_rm_virtualnetworkgateway:
+ resource_group: "{{ resource_group }}"
+ name: "{{ vngname }}"
+ sku: VpnGw2
+ vpn_gateway_generation: Generation2
+ ip_configurations:
+ - name: testipconfig
+ private_ip_allocation_method: Dynamic
+ public_ip_address_name: "{{ pubipname }}"
+ virtual_network: "{{ vnetname }}"
+
+- name: Create a virtual netowrk nat rule(check_mode test)
+ azure_rm_virtualnetworkgatewaynatrule:
+ resource_group: "{{ resource_group }}"
+ virtual_network_gateway_name: "{{ vngname }}"
+ name: "{{ natrulename }}"
+ type_properties_type: Static
+ mode: EgressSnat
+ internal_mappings:
+ - 10.1.0.0/24
+ external_mappings:
+ - 192.168.1.0/24
+ check_mode: true
+
+- name: Create a virtual netowrk nat rule
+ azure_rm_virtualnetworkgatewaynatrule:
+ resource_group: "{{ resource_group }}"
+ virtual_network_gateway_name: "{{ vngname }}"
+ name: "{{ natrulename }}"
+ type_properties_type: Static
+ mode: EgressSnat
+ internal_mappings:
+ - 10.1.0.0/24
+ external_mappings:
+ - 192.168.1.0/24
+ register: output
+
+- name: Assert the virtual network nat rule is well created
+ ansible.builtin.assert:
+ that:
+ - output.changed
+
+- name: Create a virtual netowrk nat rule(Idempotent test)
+ azure_rm_virtualnetworkgatewaynatrule:
+ resource_group: "{{ resource_group }}"
+ virtual_network_gateway_name: "{{ vngname }}"
+ name: "{{ natrulename }}"
+ type_properties_type: Static
+ mode: EgressSnat
+ internal_mappings:
+ - 10.1.0.0/24
+ external_mappings:
+ - 192.168.1.0/24
+ register: output
+
+- name: Assert the virtual network nat rule no changed
+ ansible.builtin.assert:
+ that:
+ - not output.changed
+
+- name: Create a new virtual netowrk nat rule (Update test)
+ azure_rm_virtualnetworkgatewaynatrule:
+ resource_group: "{{ resource_group }}"
+ virtual_network_gateway_name: "{{ vngname }}"
+ name: "{{ natrulename }}"
+ type_properties_type: Static
+ mode: EgressSnat
+ internal_mappings:
+ - 10.3.0.0/24
+ external_mappings:
+ - 192.168.2.0/24
+ register: output
+
+- name: Assert the virtual network nat rule is well Updated
+ ansible.builtin.assert:
+ that:
+ - output.changed
+
+- name: Get the virtual netowrk nat rule facts
+ azure_rm_virtualnetworkgatewaynatrule_info:
+ resource_group: "{{ resource_group }}"
+ virtual_network_gateway_name: "{{ vngname }}"
+ name: "{{ natrulename }}"
+ register: output
+
+- name: Assert the virtual network nat rule facts
+ ansible.builtin.assert:
+ that:
+ - output.state[0].mode == 'EgressSnat'
+ - output.state[0].internal_mappings == ["10.3.0.0/24"]
+ - output.state[0].external_mappings == ["192.168.2.0/24"]
+
+- name: Delete the virtual netowrk nat rule
+ azure_rm_virtualnetworkgatewaynatrule:
+ resource_group: "{{ resource_group }}"
+ virtual_network_gateway_name: "{{ vngname }}"
+ name: "{{ natrulename }}"
+ state: absent
+ register: output
+
+- name: Assert the virtual network nat rule deleted
+ ansible.builtin.assert:
+ that:
+ - output.changed
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webapp/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webapp/tasks/main.yml
index 6b8128eb3..e766953fc 100644
--- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webapp/tasks/main.yml
+++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webapp/tasks/main.yml
@@ -557,6 +557,74 @@
- facts.webapps[0].ftps_state == 'Disabled'
- not facts.webapps[0].http20_enabled
+- name: Create a windows web app with site_auth_settings
+ azure_rm_webapp:
+ resource_group: "{{ resource_group }}"
+ name: "{{ win_app_name }}-auth"
+ plan:
+ resource_group: "{{ resource_group }}"
+ name: "{{ win_plan_name }}-auth"
+ is_linux: false
+ sku: S1
+ site_auth_settings:
+ client_id: "{{ azure_client_id }}"
+ default_provider: 'MicrosoftAccount'
+ runtime_version: '-2'
+ token_refresh_extension_hours: 90
+ unauthenticated_client_action: 'RedirectToLoginPage'
+ client_secret: "{{ azure_secret }}"
+ token_store_enabled: true
+ is_auth_from_file: false
+ enabled: false
+ register: output
+
+- name: Assert the web app is well created
+ ansible.builtin.assert:
+ that:
+ output.changed
+
+- name: Update the web app with site_auth_settings
+ azure_rm_webapp:
+ resource_group: "{{ resource_group }}"
+ name: "{{ win_app_name }}-auth"
+ plan:
+ resource_group: "{{ resource_group }}"
+ name: "{{ win_plan_name }}-auth"
+ is_linux: false
+ sku: S1
+ site_auth_settings:
+ client_id: "{{ azure_client_id }}"
+ default_provider: 'MicrosoftAccount'
+ runtime_version: '-3'
+ token_refresh_extension_hours: 100
+ unauthenticated_client_action: 'RedirectToLoginPage'
+ client_secret: "{{ azure_secret }}"
+ token_store_enabled: false
+ is_auth_from_file: false
+ enabled: true
+ register: output
+
+- name: Assert the web app is well updated
+ ansible.builtin.assert:
+ that:
+ output.changed
+
+- name: Get the web app facts
+ azure_rm_webapp_info:
+ resource_group: "{{ resource_group }}"
+ name: "{{ win_app_name }}-auth"
+ register: output
+
+- name: Assert the web app facts
+ ansible.builtin.assert:
+ that:
+ - output.webapps[0].site_auth_settings.enabled is true
+ - output.webapps[0].site_auth_settings.is_auth_from_file == 'false'
+ - output.webapps[0].site_auth_settings.runtime_version == '-3'
+ - output.webapps[0].site_auth_settings.token_refresh_extension_hours == 100.0
+ - output.webapps[0].site_auth_settings.token_store_enabled is false
+ - output.webapps[0].site_auth_settings.unauthenticated_client_action == 'RedirectToLoginPage'
+
- name: Create a webapp slot (Check mode)
azure_rm_webappslot:
resource_group: "{{ resource_group }}"
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webappaccessrestriction/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webappaccessrestriction/tasks/main.yml
index 9850dd148..a9496c992 100644
--- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webappaccessrestriction/tasks/main.yml
+++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webappaccessrestriction/tasks/main.yml
@@ -3,6 +3,20 @@
rpfx: "{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}"
run_once: true
+- name: Create virtual network
+ azure_rm_virtualnetwork:
+ resource_group: "{{ resource_group }}"
+ name: "vnet-{{ rpfx }}"
+ address_prefixes: 10.42.0.0/24
+
+- name: Create subnet
+ azure_rm_subnet:
+ resource_group: "{{ resource_group }}"
+ name: "subnet-{{ rpfx }}"
+ address_prefix: 10.42.0.0/28
+ virtual_network: "vnet-{{ rpfx }}"
+ register: subnet_output
+
- name: Create a web app
azure_rm_webapp:
resource_group: "{{ resource_group }}"
@@ -26,9 +40,16 @@
action: "Allow"
ip_address: "2.2.2.2/24"
priority: 2
+ - name: "Datacenter 3"
+ action: Allow
+ priority: 3
+ description: "fred test 03"
+ tag: XffProxy
+ vnet_subnet_resource_id: "{{ subnet_output.state.id }}"
scm_ip_security_restrictions_use_main: true
register: output
check_mode: true
+
- name: Assert the resource is well created
ansible.builtin.assert:
that: output.changed
@@ -46,17 +67,26 @@
action: "Allow"
ip_address: "2.2.2.2/24"
priority: 2
+ - name: "Datacenter 3"
+ action: Allow
+ priority: 3
+ description: "fred test 03"
+ tag: XffProxy
+ vnet_subnet_resource_id: "{{ subnet_output.state.id }}"
scm_ip_security_restrictions_use_main: true
register: output
- name: Assert the resource is well created
ansible.builtin.assert:
that:
- output.changed
- - output.ip_security_restrictions | length == 2
+ - output.ip_security_restrictions | length == 3
- output.ip_security_restrictions[0].action == 'Allow'
- output.ip_security_restrictions[0].ip_address == '1.1.1.1/24'
- output.ip_security_restrictions[1].action == 'Allow'
- output.ip_security_restrictions[1].ip_address == '2.2.2.2/24'
+ - output.ip_security_restrictions[2].priority == 3
+ - output.ip_security_restrictions[2].tag == "XffProxy"
+ - output.ip_security_restrictions[2].vnet_subnet_resource_id == subnet_output.state.id
- output.scm_ip_security_restrictions_use_main == true
- name: "Check webapp access restriction facts 1"
@@ -68,11 +98,14 @@
ansible.builtin.assert:
that:
- not output.changed
- - output.ip_security_restrictions | length == 2
+ - output.ip_security_restrictions | length == 3
- output.ip_security_restrictions[0].action == 'Allow'
- output.ip_security_restrictions[0].ip_address == '1.1.1.1/24'
- output.ip_security_restrictions[1].action == 'Allow'
- output.ip_security_restrictions[1].ip_address == '2.2.2.2/24'
+ - output.ip_security_restrictions[2].priority == 3
+ - output.ip_security_restrictions[2].tag == "XffProxy"
+ - output.ip_security_restrictions[2].vnet_subnet_resource_id == subnet_output.state.id
- output.scm_ip_security_restrictions_use_main == true
- name: "Create webapp access restriction - idempotent"
@@ -88,8 +121,15 @@
action: "Allow"
ip_address: "2.2.2.2/24"
priority: 2
+ - name: "Datacenter 3"
+ action: Allow
+ priority: 3
+ description: "fred test 03"
+ tag: XffProxy
+ vnet_subnet_resource_id: "{{ subnet_output.state.id }}"
scm_ip_security_restrictions_use_main: true
register: output
+
- name: Assert the resource is not changed
ansible.builtin.assert:
that: not output.changed
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/setup.yml b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/setup.yml
index f162e9134..6e932d54b 100644
--- a/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/setup.yml
+++ b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/setup.yml
@@ -47,3 +47,24 @@
sku: 20_04-lts
version: latest
register: vm_output
+
+ - name: Create minimal VM 2 with defaults
+ azure_rm_virtualmachine:
+ resource_group: "{{ resource_group }}"
+ name: "{{ vm_name_2 }}"
+ admin_username: testuser
+ ssh_password_enabled: false
+ ssh_public_keys:
+ - path: /home/testuser/.ssh/authorized_keys
+ key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com"
+ vm_size: Standard_B1ms
+ virtual_network: "{{ network_name }}"
+ image:
+ offer: 0001-com-ubuntu-server-focal
+ publisher: Canonical
+ sku: 20_04-lts
+ version: latest
+ tags:
+ Deployment-Method: Ansible
+ Automation-Method: Ansible
+ register: vm_output_2
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/teardown.yml b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/teardown.yml
index 2a131033a..51690d199 100644
--- a/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/teardown.yml
+++ b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/teardown.yml
@@ -15,6 +15,13 @@
remove_on_absent: all_autocreated
state: absent
+ - name: Delete VM 2
+ azure_rm_virtualmachine:
+ resource_group: "{{ resource_group }}"
+ name: "{{ vm_name_2 }}"
+ remove_on_absent: all_autocreated
+ state: absent
+
- name: Destroy subnet
azure_rm_subnet:
resource_group: "{{ resource_group }}"
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/test_inventory_filter.yml b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/test_inventory_filter.yml
new file mode 100644
index 000000000..b3e715506
--- /dev/null
+++ b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/test_inventory_filter.yml
@@ -0,0 +1,21 @@
+---
+- name: Config hosts
+ hosts: localhost
+ connection: local
+ gather_facts: false
+ tasks:
+ - name: Set facts
+ ansible.builtin.include_vars: vars.yml
+
+ - name: Refresh inventory
+ ansible.builtin.meta: refresh_inventory
+
+ - name: Test vm_name_2 in Inventory
+ ansible.builtin.assert:
+ that:
+ - vm_name_2 in hostvars
+
+ - name: Test vm_name not in Inventory
+ ansible.builtin.assert:
+ that:
+ - vm_name not in hostvars
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/vars.yml b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/vars.yml
index dc6bbe080..87fa5608f 100644
--- a/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/vars.yml
+++ b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/vars.yml
@@ -5,6 +5,7 @@ uid_short: "{{ (resource_group ~ inventory_hostname) | hash('md5') | truncate(10
storage_account: "{{ 'stor' ~ uid }}"
availability_set: "{{ 'avbs' ~ uid_short }}"
vm_name: "{{ 'vm' ~ uid_short }}"
+vm_name_2: "{{ 'vm2' ~ uid_short }}"
network_name: "{{ 'vnet' ~ uid_short }}"
subnet_name: "{{ 'snet' ~ uid_short }}"
security_group: "{{ 'sg' ~ uid_short }}"
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/runme.sh b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/runme.sh
index 6f381c0a5..30c86d9ca 100755
--- a/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/runme.sh
+++ b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/runme.sh
@@ -19,6 +19,11 @@ ansible-playbook playbooks/empty_inventory_config.yml "$@"
ansible-playbook playbooks/create_inventory_config.yml "$@" --extra-vars "template=basic2.yml"
ansible-playbook playbooks/test_inventory.yml "$@"
+# using host filters
+ansible-playbook playbooks/empty_inventory_config.yml "$@"
+ansible-playbook playbooks/create_inventory_config.yml "$@" --extra-vars "template=filter.yml"
+ansible-playbook playbooks/test_inventory_filter.yml "$@"
+
# teardown
ansible-playbook playbooks/teardown.yml "$@"
diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/templates/filter.yml b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/templates/filter.yml
new file mode 100644
index 000000000..a928de0da
--- /dev/null
+++ b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/templates/filter.yml
@@ -0,0 +1,14 @@
+---
+plugin: azure.azcollection.azure_rm
+conditional_groups:
+ azure: true
+exclude_host_filters:
+ - location not in ['eastus', 'northcentralus']
+ - powerstate != 'running'
+ - not (tags['Deployment-Method'] | default('Exclude') == 'Ansible' and tags['Automation-Method'] | default('Exclude') == 'Ansible')
+ # Customer tried to use the following filter but dashes in variable names is not allowed.
+ # Workaround was to use the dictionary access method above with defaults.
+ #- not (tags.Deployment-Method == 'Ansible' and tags.Automation-Method == 'Ansible')
+# fail_on_template_errors should be enabled for debugging and possibly all times.
+fail_on_template_errors: True
+plain_host_names: true