diff options
Diffstat (limited to 'ansible_collections/azure/azcollection/tests/integration')
44 files changed, 1803 insertions, 397 deletions
diff --git a/ansible_collections/azure/azcollection/tests/integration/requirements.txt b/ansible_collections/azure/azcollection/tests/integration/requirements.txt new file mode 100644 index 000000000..557c59e47 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/requirements.txt @@ -0,0 +1,51 @@ +packaging +requests[security] +xmltodict +msgraph-sdk==1.0.0 +azure-cli-core==2.34.0 +azure-common==1.1.11 +azure-identity==1.14.0 +azure-mgmt-authorization==2.0.0 +azure-mgmt-apimanagement==3.0.0 +azure-mgmt-batch==16.2.0 +azure-mgmt-cdn==11.0.0 +azure-mgmt-compute==30.6.0 +azure-mgmt-containerinstance==9.0.0 +azure-mgmt-core==1.4.0 +azure-mgmt-containerregistry==9.1.0 +azure-containerregistry==1.1.0 +azure-mgmt-containerservice==20.0.0 +azure-mgmt-datafactory==2.0.0 +azure-mgmt-dns==8.0.0 +azure-mgmt-marketplaceordering==1.1.0 +azure-mgmt-monitor==3.0.0 +azure-mgmt-managedservices==6.0.0 +azure-mgmt-managementgroups==1.0.0 +azure-mgmt-network==19.1.0 +azure-mgmt-nspkg==2.0.0 +azure-mgmt-privatedns==1.0.0 +azure-mgmt-redis==13.0.0 +azure-mgmt-resource==21.1.0 +azure-mgmt-rdbms==10.2.0b12 +azure-mgmt-search==8.0.0 +azure-mgmt-servicebus==7.1.0 +azure-mgmt-sql==3.0.1 +azure-mgmt-storage==19.0.0 +azure-mgmt-trafficmanager==1.0.0b1 +azure-mgmt-web==6.1.0 +azure-nspkg==2.0.0 +azure-storage-blob==12.11.0 +azure-core==1.28.0 +azure-keyvault==4.2.0 +azure-mgmt-keyvault==10.0.0 +azure-mgmt-cosmosdb==6.4.0 +azure-mgmt-hdinsight==9.0.0 +azure-mgmt-devtestlabs==9.0.0 +azure-mgmt-loganalytics==12.0.0 +azure-mgmt-automation==1.0.0 +azure-mgmt-iothub==2.2.0 +azure-iot-hub==2.6.1 +azure-mgmt-recoveryservices==2.0.0 +azure-mgmt-recoveryservicesbackup==3.0.0 +azure-mgmt-notificationhubs==7.0.0 +azure-mgmt-eventhub==10.1.0 diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adapplication/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adapplication/tasks/main.yml index d19e0b8cd..86a06c675 100644 --- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adapplication/tasks/main.yml +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_adapplication/tasks/main.yml @@ -21,7 +21,7 @@ ansible.builtin.assert: that: not output.changed -- name: Create application with more parameter +- name: Create application with more parameters azure_rm_adapplication: display_name: "{{ display_name }}-01" sign_in_audience: AzureADandPersonalMicrosoftAccount @@ -37,6 +37,16 @@ display_name: "{{ display_name }}_approle" is_enabled: true value: Password@0329 + optional_claims: + access_token_claims: + - name: aud + essential: true + id_token_claims: + - name: acct + essential: true + saml2_token_claims: + - name: acct + essential: true register: second_output - name: Assert secondary resource create success diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aduser/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aduser/tasks/main.yml index c02a263bb..24e686e52 100644 --- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aduser/tasks/main.yml +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aduser/tasks/main.yml @@ -1,35 +1,50 @@ - name: Prepare facts ansible.builtin.set_fact: - user_id: "user{{ 999999999999999999994 | random | to_uuid }}@contoso.com" - object_id: "{{ 999999999999999999994 | random | to_uuid }}" - user_principal_name: "{{ 999999999999999999994 | random | to_uuid }}" + user_name: "test_user_{{ 999999999999999999994 | random | to_uuid }}" + on_premises_immutable_id: "{{ 999999999999999999994 | random | to_uuid }}" + password_profile: "{{ lookup('community.general.random_string', length=12, min_lower=1, min_upper=1, min_special=1, min_numeric=1) }}" + domain: change_me.com run_once: true - name: Create test user azure_rm_aduser: - user_principal_name: "{{ user_id }}" + user_principal_name: "{{ user_name }}@{{ domain }}" state: "present" account_enabled: true - display_name: "Test_{{ user_principal_name }}_Display_Name" - password_profile: "password" - mail_nickname: "Test_{{ user_principal_name }}_mail_nickname" - immutable_id: "{{ object_id }}" + display_name: "{{ user_name }}_display_name" + password_profile: "{{ password_profile }}" + mail_nickname: "{{ user_name }}_mail_nickname" + on_premises_immutable_id: "{{ on_premises_immutable_id }}" given_name: "First" surname: "Last" user_type: "Member" usage_location: "US" - mail: "{{ user_principal_name }}@contoso.com" + mail: "{{ user_name }}@{{ domain }}" + company_name: "Test Company" + on_premises_extension_attributes: + extension_attribute1: "test_extension_attribute1" + extension_attribute2: "test_extension_attribute2" + extension_attribute11: "test_extension_attribute11" register: create_user_should_pass - name: Try to update existing user - idempotent check azure_rm_aduser: - user_principal_name: "{{ user_id }}" + user_principal_name: "{{ user_name }}@{{ domain }}" state: "present" - display_name: "Test_{{ user_principal_name }}_Display_Name" - mail_nickname: "Test_{{ user_principal_name }}_mail_nickname" + account_enabled: true + display_name: "{{ user_name }}_display_name" + mail_nickname: "{{ user_name }}_mail_nickname" + on_premises_immutable_id: "{{ on_premises_immutable_id }}" given_name: "First" surname: "Last" - mail: "{{ user_principal_name }}@contoso.com" + user_type: "Member" + usage_location: "US" + mail: "{{ user_name }}@{{ domain }}" + company_name: "Test Company" + on_premises_extension_attributes: + extension_attribute1: "test_extension_attribute1" + extension_attribute2: "test_extension_attribute2" + extension_attribute11: "test_extension_attribute11" register: attempted_update_with_no_changes_should_pass - name: Assert Nothing Changed @@ -39,42 +54,49 @@ - name: User_principal_name Should Pass azure_rm_aduser_info: - user_principal_name: "{{ user_id }}" - register: get_user_should_pass + user_principal_name: "{{ user_name }}@{{ domain }}" + register: get_user_by_upn_should_pass + +- name: Attribute_name mail Should Pass + azure_rm_aduser_info: + attribute_name: "mail" + attribute_value: "{{ user_name }}@{{ domain }}" + register: get_user_by_mail_should_pass - name: Assert user was created and account is enabled ansible.builtin.assert: that: - - "create_user_should_pass['ad_users'][0]['account_enabled'] == True" - - "get_user_should_pass['ad_users'][0]['account_enabled'] == True" + - "create_user_should_pass['ad_user']['account_enabled'] == True" + - "get_user_by_upn_should_pass['ad_users'][0]['account_enabled'] == True" + - "get_user_by_mail_should_pass['ad_users'][0]['account_enabled'] == True" - name: Update test user azure_rm_aduser: - user_principal_name: "{{ user_id }}" + user_principal_name: "{{ user_name }}@{{ domain }}" state: "present" account_enabled: false register: update_user_should_pass - name: User_principal_name on updated user Should Pass azure_rm_aduser_info: - user_principal_name: "{{ user_id }}" + user_principal_name: "{{ user_name }}@{{ domain }}" register: get_updated_user_should_pass - name: Assert user was updated and account is disabled ansible.builtin.assert: that: - - "update_user_should_pass['ad_users'][0]['account_enabled'] == False" + - "update_user_should_pass['ad_user']['account_enabled'] == False" - "get_updated_user_should_pass['ad_users'][0]['account_enabled'] == False" - name: Delete test user azure_rm_aduser: - user_principal_name: "{{ user_id }}" + user_principal_name: "{{ user_name }}@{{ domain }}" state: "absent" register: delete_user_should_pass - name: User_principal_name Should Fail azure_rm_aduser_info: - user_principal_name: "{{ user_id }}" + user_principal_name: "{{ user_name }}@{{ domain }}" register: get_user_should_fail ignore_errors: true @@ -91,19 +113,19 @@ - name: Assert task failed ansible.builtin.assert: that: - - "missing_any_identifiers is undefined" + - "missing_any_identifiers is defined" - name: Too many identifiers Should Fail azure_rm_aduser_info: - user_principal_name: "{{ user_id }}" - object_id: "{{ object_id }}" + user_principal_name: "{{ user_name }}@{{ domain }}" + object_id: "{{ on_premises_immutable_id }}" register: too_many_identifiers ignore_errors: true - name: Assert task failed ansible.builtin.assert: that: - - "too_many_identifiers is undefined" + - "too_many_identifiers is defined" - name: Missing attribute_value Should Fail azure_rm_aduser_info: @@ -114,27 +136,27 @@ - name: Assert task failed ansible.builtin.assert: that: - - "missing_attribute_value is undefined" + - "missing_attribute_value is defined" - name: Missing attribute_name Should Fail azure_rm_aduser_info: - attribute_value: SMTP:user@contoso.com + attribute_value: SMTP:user@stadtluzern.ch register: missing_attribute_name ignore_errors: true - name: Assert task failed ansible.builtin.assert: that: - - "missing_attribute_name is undefined" + - "missing_attribute_name is defined" - name: Using all with principal name should fail azure_rm_aduser_info: all: true - user_principal_name: "{{ user_id }}" + user_principal_name: "{{ user_name }}@{{ domain }}" register: using_all_with_principal_name ignore_errors: true - name: Assert task failed ansible.builtin.assert: that: - - "using_all_with_principal_name is undefined" + - "using_all_with_principal_name is defined" diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aks/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aks/tasks/main.yml index ff60ca681..d3377384c 100644 --- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aks/tasks/main.yml +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aks/tasks/main.yml @@ -1,21 +1,46 @@ +- name: Gather Resource Group info + azure.azcollection.azure_rm_resourcegroup_info: + name: "{{ resource_group }}" + register: __rg_info + - name: Set varialbles ansible.builtin.set_fact: rpfx: "{{ resource_group | hash('md5') | truncate(8, True, '') }}" noderpfx: "{{ resource_group | hash('md5') | truncate(4, True, '') }}" + location: "{{ __rg_info.resourcegroups.0.location }}" + +- name: Create User Managed Identity + azure_rm_resource: + resource_group: "{{ resource_group }}" + provider: ManagedIdentity + resource_type: userAssignedIdentities + resource_name: "{{ item }}" + api_version: "2023-01-31" + body: + location: "{{ location }}" + state: present + loop: + - "ansible-test-aks-identity" + - "ansible-test-aks-identity-2" + +- name: Set identities IDs to test. Identities ansible-test-aks-identity and ansible-test-aks-identity-2 have to be created previously + ansible.builtin.set_fact: + user_identity: "/subscriptions/{{ azure_subscription_id }}/resourcegroups/{{ resource_group }}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ansible-test-aks-identity" + user_identity_2: "/subscriptions/{{ azure_subscription_id }}/resourcegroups/{{ resource_group }}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ansible-test-aks-identity-2" - name: Include aks tasks ansible.builtin.include_tasks: minimal-cluster.yml - name: Find available k8s version azure_rm_aksversion_info: - location: eastus + location: "{{ location }}" register: versions - name: Create an AKS instance (check mode) azure_rm_aks: name: "aks{{ rpfx }}" resource_group: "{{ resource_group }}" - location: eastus + location: "{{ location }}" dns_prefix: "aks{{ rpfx }}" kubernetes_version: "{{ versions.azure_aks_versions[0] }}" service_principal: @@ -56,7 +81,7 @@ azure_rm_aks: name: "aks{{ rpfx }}" resource_group: "{{ resource_group }}" - location: eastus + location: "{{ location }}" dns_prefix: "aks{{ rpfx }}" kubernetes_version: "{{ versions.azure_aks_versions[0] }}" service_principal: @@ -107,7 +132,7 @@ azure_rm_aks: name: "aks{{ rpfx }}" resource_group: "{{ resource_group }}" - location: eastus + location: "{{ location }}" dns_prefix: "aks{{ rpfx }}" kubernetes_version: "{{ versions.azure_aks_versions[0] }}" service_principal: @@ -167,7 +192,7 @@ azure_rm_aks: name: "aks{{ rpfx }}" resource_group: "{{ resource_group }}" - location: eastus + location: "{{ location }}" dns_prefix: "aks{{ rpfx }}" kubernetes_version: "{{ versions.azure_aks_versions[0] }}" service_principal: @@ -198,7 +223,7 @@ - name: Get available version azure_rm_aksversion_info: - location: eastus + location: "{{ location }}" version: "{{ versions.azure_aks_versions[0] }}" register: version1 @@ -206,7 +231,7 @@ azure_rm_aks: name: "aks{{ rpfx }}" resource_group: "{{ resource_group }}" - location: eastus + location: "{{ location }}" dns_prefix: "aks{{ rpfx }}" kubernetes_version: "{{ version1.azure_aks_versions[0] }}" service_principal: @@ -246,7 +271,7 @@ azure_rm_aks: name: "aks{{ rpfx }}" resource_group: "{{ resource_group }}" - location: eastus + location: "{{ location }}" dns_prefix: "aks{{ rpfx }}" kubernetes_version: "{{ version1.azure_aks_versions[0] }}" service_principal: @@ -282,7 +307,7 @@ azure_rm_aks: name: "aks{{ rpfx }}" resource_group: "{{ resource_group }}" - location: eastus + location: "{{ location }}" dns_prefix: "aks{{ rpfx }}" kubernetes_version: "{{ version1.azure_aks_versions[0] }}" service_principal: @@ -323,7 +348,7 @@ azure_rm_aks: name: "aks{{ rpfx }}" resource_group: "{{ resource_group }}" - location: eastus + location: "{{ location }}" dns_prefix: "aks{{ rpfx }}" kubernetes_version: "{{ version1.azure_aks_versions[0] }}" service_principal: @@ -360,7 +385,7 @@ azure_rm_aks: name: "aks{{ rpfx }}" resource_group: "{{ resource_group }}" - location: eastus + location: "{{ location }}" dns_prefix: "aks{{ rpfx }}" kubernetes_version: "{{ version1.azure_aks_versions[0] }}" service_principal: @@ -408,7 +433,7 @@ azure_rm_aks: name: "aks{{ rpfx }}" resource_group: "{{ resource_group }}" - location: eastus + location: "{{ location }}" dns_prefix: "aks{{ rpfx }}" kubernetes_version: "{{ version1.azure_aks_versions[0] }}" service_principal: @@ -449,7 +474,7 @@ azure_rm_aks: name: "aks{{ rpfx }}" resource_group: "{{ resource_group }}" - location: eastus + location: "{{ location }}" dns_prefix: "aks{{ rpfx }}" kubernetes_version: "{{ version1.azure_aks_versions[0] }}" service_principal: @@ -497,7 +522,7 @@ azure_rm_aks: name: "aks{{ rpfx }}" resource_group: "{{ resource_group }}" - location: eastus + location: "{{ location }}" dns_prefix: "aks{{ rpfx }}" kubernetes_version: "{{ version1.azure_aks_versions[0] }}" service_principal: @@ -576,3 +601,15 @@ ansible.builtin.assert: that: - "fact.aks | length == 0" + +- name: Destroy User Managed Identity + azure_rm_resource: + resource_group: "{{ resource_group }}" + provider: ManagedIdentity + resource_type: userAssignedIdentities + resource_name: "{{ item }}" + api_version: "2023-01-31" + state: absent + loop: + - "ansible-test-aks-identity" + - "ansible-test-aks-identity-2" diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aks/tasks/minimal-cluster.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aks/tasks/minimal-cluster.yml index 79362b384..3c12fe9b3 100644 --- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aks/tasks/minimal-cluster.yml +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aks/tasks/minimal-cluster.yml @@ -4,13 +4,13 @@ - name: Find available k8s version azure_rm_aksversion_info: - location: eastus + location: "{{ location }}" register: versions - name: Use minimal parameters and system-assigned identity azure_rm_aks: name: "minimal{{ rpfx }}" - location: eastus + location: "{{ location }}" resource_group: "{{ resource_group }}" kubernetes_version: "{{ versions.azure_aks_versions[0] }}" dns_prefix: "aks{{ rpfx }}" @@ -55,11 +55,13 @@ - name: Use minimal parameters and system-assigned identity (idempotent) azure_rm_aks: name: "minimal{{ rpfx }}" - location: eastus + location: "{{ location }}" resource_group: "{{ resource_group }}" kubernetes_version: "{{ versions.azure_aks_versions[0] }}" dns_prefix: "aks{{ rpfx }}" enable_rbac: true + identity: + type: "SystemAssigned" aad_profile: managed: true agent_pool_profiles: @@ -83,10 +85,142 @@ that: - not output.changed +- name: Use minimal parameters and user-assigned identity + azure_rm_aks: + name: "minimal{{ rpfx }}" + location: "{{ location }}" + resource_group: "{{ resource_group }}" + kubernetes_version: "{{ versions.azure_aks_versions[0] }}" + dns_prefix: "aks{{ rpfx }}" + enable_rbac: true + identity: + type: "UserAssigned" + user_assigned_identities: "{{ user_identity }}" + aad_profile: + managed: true + agent_pool_profiles: + - name: default + count: 1 + vm_size: Standard_B2s + mode: System + api_server_access_profile: + authorized_ip_ranges: + - "192.0.2.0" + - "198.51.100.0" + - "203.0.113.0" + enable_private_cluster: false + network_profile: + load_balancer_sku: standard + outbound_type: loadBalancer + register: output + +- name: Assert the AKS instance is well created + ansible.builtin.assert: + that: + - output.changed + - output.provisioning_state == 'Succeeded' + +- name: Get AKS fact + azure_rm_aks_info: + name: "minimal{{ rpfx }}" + resource_group: "{{ resource_group }}" + register: fact + +- name: Assert fact returns the created one + ansible.builtin.assert: + that: + - "fact.aks | length == 1" + - fact.aks[0].id == output.id + - fact.aks[0].aad_profile.managed == true + - user_identity in fact.aks[0].identity.user_assigned_identities + +- name: Use minimal parameters and user-assigned identity (idempotent) + azure_rm_aks: + name: "minimal{{ rpfx }}" + location: "{{ location }}" + resource_group: "{{ resource_group }}" + kubernetes_version: "{{ versions.azure_aks_versions[0] }}" + dns_prefix: "aks{{ rpfx }}" + enable_rbac: true + identity: + type: "UserAssigned" + user_assigned_identities: "{{ user_identity }}" + aad_profile: + managed: true + agent_pool_profiles: + - name: default + count: 1 + vm_size: Standard_B2s + mode: System + api_server_access_profile: + authorized_ip_ranges: + - "192.0.2.0" + - "198.51.100.0" + - "203.0.113.0" + enable_private_cluster: false + network_profile: + load_balancer_sku: standard + outbound_type: loadBalancer + register: output + +- name: Assert idempotent + ansible.builtin.assert: + that: + - not output.changed + +- name: Use minimal parameters and user-assigned 2 identity + azure_rm_aks: + name: "minimal{{ rpfx }}" + location: "{{ location }}" + resource_group: "{{ resource_group }}" + kubernetes_version: "{{ versions.azure_aks_versions[0] }}" + dns_prefix: "aks{{ rpfx }}" + enable_rbac: true + identity: + type: "UserAssigned" + user_assigned_identities: "{{ user_identity_2 }}" + aad_profile: + managed: true + agent_pool_profiles: + - name: default + count: 1 + vm_size: Standard_B2s + mode: System + api_server_access_profile: + authorized_ip_ranges: + - "192.0.2.0" + - "198.51.100.0" + - "203.0.113.0" + enable_private_cluster: false + network_profile: + load_balancer_sku: standard + outbound_type: loadBalancer + register: output + +- name: Assert the AKS instance is well created + ansible.builtin.assert: + that: + - output.changed + - output.provisioning_state == 'Succeeded' + +- name: Get AKS fact + azure_rm_aks_info: + name: "minimal{{ rpfx }}" + resource_group: "{{ resource_group }}" + register: fact + +- name: Assert fact returns the created one + ansible.builtin.assert: + that: + - "fact.aks | length == 1" + - fact.aks[0].id == output.id + - fact.aks[0].aad_profile.managed == true + - user_identity_2 in fact.aks[0].identity.user_assigned_identities + - name: Update api_server_access_profile config azure_rm_aks: name: "minimal{{ rpfx }}" - location: eastus + location: "{{ location }}" resource_group: "{{ resource_group }}" kubernetes_version: "{{ versions.azure_aks_versions[0] }}" dns_prefix: "aks{{ rpfx }}" diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aksagentpool/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aksagentpool/tasks/main.yml index 7c255f9ad..20a5a8e76 100644 --- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aksagentpool/tasks/main.yml +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_aksagentpool/tasks/main.yml @@ -7,6 +7,25 @@ location: eastus register: versions +- name: Create proximity placement group + azure_rm_proximityplacementgroup: + resource_group: "{{ resource_group }}" + name: "proxi{{ rpfx }}" + register: proxi_output + +- name: Create public ip prefix + azure_rm_publicipprefix: + resource_group: "{{ resource_group }}" + name: "pipprefix{{ rpfx }}" + zones: + - 1 + public_ip_address_version: IPV4 + prefix_length: 29 + sku: + name: Standard + tier: Regional + register: pip_output + - name: Create a kubernet service with minimal parameters azure_rm_aks: name: "min{{ rpfx }}" @@ -24,6 +43,7 @@ mode: System api_server_access_profile: authorized_ip_ranges: + - "{{ pip_output.state.ip_prefix }}" - "192.0.2.0" - "198.51.100.0" - "203.0.113.0" @@ -194,6 +214,97 @@ - output.aks_agent_pools[0].max_pods == 42 - output.aks_agent_pools[0].orchestrator_version == agentpool_version.azure_orchestrator_version[0] +- name: Create a new agent pool with multi parameters + azure_rm_aksagentpool: + resource_group: "{{ resource_group }}" + cluster_name: "min{{ rpfx }}" + name: default06 + count: 1 + vm_size: Standard_B2s + type_properties_type: VirtualMachineScaleSets + mode: System + node_labels: {"release":"stable"} + max_pods: 42 + enable_auto_scaling: true + min_count: 1 + max_count: 10 + orchestrator_version: "{{ agentpool_version.azure_orchestrator_version[0] }}" + availability_zones: + - 1 + kubelet_disk_type: OS + workload_runtime: OCIContainer + os_sku: Ubuntu + scale_down_mode: Delete + upgrade_settings: + max_surge: 50% + power_state: + code: Running + enable_node_public_ip: true + scale_set_priority: Regular + node_public_ip_prefix_id: "{{ pip_output.state.id }}" + spot_max_price: 85 + proximity_placement_group_id: "{{ proxi_output.state.id }}" + enable_encryption_at_host: false + enable_ultra_ssd: false + enable_fips: true + tags: + key2: value2 + register: output + +- name: Assert the node agent pool create well + ansible.builtin.assert: + that: + - output.changed + +- name: Create a new agent pool with multi parameters( Idempotent test) + azure_rm_aksagentpool: + resource_group: "{{ resource_group }}" + cluster_name: "min{{ rpfx }}" + name: default06 + count: 1 + vm_size: Standard_B2s + type_properties_type: VirtualMachineScaleSets + mode: System + node_labels: {"release":"stable"} + max_pods: 42 + enable_auto_scaling: true + min_count: 1 + max_count: 10 + orchestrator_version: "{{ agentpool_version.azure_orchestrator_version[0] }}" + availability_zones: + - 1 + kubelet_disk_type: OS + workload_runtime: OCIContainer + os_sku: Ubuntu + scale_down_mode: Delete + upgrade_settings: + max_surge: 50% + power_state: + code: Running + enable_node_public_ip: true + scale_set_priority: Regular + node_public_ip_prefix_id: "{{ pip_output.state.id }}" + spot_max_price: 85 + proximity_placement_group_id: "{{ proxi_output.state.id }}" + enable_encryption_at_host: false + enable_ultra_ssd: false + enable_fips: true + tags: + key2: value2 + register: output + +- name: Assert the node agent pool no change + ansible.builtin.assert: + that: + - not output.changed + +- name: Delete node agent pool + azure_rm_aksagentpool: + resource_group: "{{ resource_group }}" + cluster_name: "min{{ rpfx }}" + name: default06 + state: absent + - name: Delete node agent pool azure_rm_aksagentpool: resource_group: "{{ resource_group }}" diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cognitivesearch/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cognitivesearch/tasks/main.yml index bcc19ced0..0b8c3edfa 100644 --- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cognitivesearch/tasks/main.yml +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cognitivesearch/tasks/main.yml @@ -139,7 +139,7 @@ hosting_mode: default identity: SystemAssigned network_rule_set: - - 8.8.8.8/31 + - 8.8.8.8 - 1.1.1.1 partition_count: 2 public_network_access: disabled @@ -171,7 +171,7 @@ hosting_mode: default identity: SystemAssigned network_rule_set: - - 8.8.8.8/31 + - 8.8.8.8 - 1.1.1.1 partition_count: 2 public_network_access: disabled diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cosmosdbaccount/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cosmosdbaccount/tasks/main.yml index 5e1f3f4d8..64aaef57c 100644 --- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cosmosdbaccount/tasks/main.yml +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_cosmosdbaccount/tasks/main.yml @@ -29,9 +29,9 @@ azure_rm_cosmosdbaccount: resource_group: "{{ resource_group }}" name: "{{ dbname }}" - location: eastasia + location: eastus geo_rep_locations: - - name: eastasia + - name: eastus failover_priority: 0 database_account_offer_type: Standard check_mode: true @@ -45,10 +45,10 @@ azure_rm_cosmosdbaccount: resource_group: "{{ resource_group }}" name: "{{ dbname }}" - location: eastasia + location: eastus kind: global_document_db geo_rep_locations: - - name: eastasia + - name: eastus failover_priority: 0 - name: westus failover_priority: 1 @@ -70,10 +70,10 @@ azure_rm_cosmosdbaccount: resource_group: "{{ resource_group }}" name: "{{ dbname }}" - location: eastasia + location: eastus kind: global_document_db geo_rep_locations: - - name: eastasia + - name: eastus failover_priority: 0 - name: westus failover_priority: 1 @@ -95,10 +95,10 @@ azure_rm_cosmosdbaccount: resource_group: "{{ resource_group }}" name: "{{ dbname }}" - location: eastasia + location: eastus kind: global_document_db geo_rep_locations: - - name: eastasia + - name: eastus failover_priority: 0 - name: westus failover_priority: 1 @@ -121,10 +121,10 @@ azure_rm_cosmosdbaccount: resource_group: "{{ resource_group_secondary }}" name: "{{ db2name }}" - location: eastasia + location: eastus kind: global_document_db geo_rep_locations: - - name: eastasia + - name: eastus failover_priority: 0 - name: westus failover_priority: 1 @@ -155,7 +155,7 @@ - output.accounts[0]['id'] != None - output.accounts[0]['resource_group'] == resource_group - output.accounts[0]['name'] == dbname - - output.accounts[0]['location'] == 'eastasia' + - output.accounts[0]['location'] == 'eastus' - output.accounts[0]['kind'] != None - output.accounts[0]['consistency_policy'] != None - output.accounts[0]['failover_policies'] != None @@ -221,7 +221,7 @@ - output.accounts[0]['id'] != None - output.accounts[0]['resource_group'] == resource_group - output.accounts[0]['name'] == dbname - - output.accounts[0]['location'] == 'eastasia' + - output.accounts[0]['location'] == 'eastus' - output.accounts[0]['kind'] != None - output.accounts[0]['consistency_policy'] != None - output.accounts[0]['failover_policies'] != None @@ -258,7 +258,7 @@ azure_rm_cosmosdbaccount: resource_group: "{{ resource_group }}" name: "{{ dbname }}-free4" - location: eastasia + location: eastus kind: mongo_db mongo_version: "4.0" enable_free_tier: "{{ free_tier_supported }}" @@ -267,7 +267,7 @@ - "1.1.1.1" - "2.2.2.2/28" geo_rep_locations: - - name: eastasia + - name: eastus failover_priority: 0 - name: westus failover_priority: 1 diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_datalakestore/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_datalakestore/tasks/main.yml deleted file mode 100644 index 8dc08f8b7..000000000 --- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_datalakestore/tasks/main.yml +++ /dev/null @@ -1,199 +0,0 @@ -- name: Create data lake store name - ansible.builtin.set_fact: - adl_name: "adl{{ resource_group_datalake | hash('md5') | truncate(21, True, '') }}" - vnet_name: "vnet{{ resource_group_datalake | hash('md5') | truncate(20, True, '') }}" - -- name: Create virtual network - azure_rm_virtualnetwork: - name: "{{ vnet_name }}" - resource_group: "{{ resource_group_datalake }}" - address_prefixes_cidr: - - 10.1.0.0/16 - register: vnet_output - -- name: Create subnet - azure_rm_subnet: - name: foobar - virtual_network_name: "{{ vnet_name }}" - resource_group: "{{ resource_group_datalake }}" - address_prefix_cidr: "10.1.1.0/24" - service_endpoints: - - service: Microsoft.AzureActiveDirectory - register: subnet_output - -- name: Create minimal data lake store - azure_rm_datalakestore: - resource_group: "{{ resource_group_datalake }}" - name: "{{ adl_name }}" - register: output - -- name: Assert status succeeded and results - ansible.builtin.assert: - that: - - output.changed - - output.state.id is defined - - output.state.account_id is defined - - output.state.creation_time is defined - - output.state.current_tier == "Consumption" - - output.state.encryption_state == "Enabled" - - output.state.endpoint == "{{ adl_name }}.azuredatalakestore.net" - - output.state.firewall_allow_azure_ips == "Disabled" - - output.state.firewall_rules | length == 0 - - output.state.firewall_state == "Disabled" - - output.state.last_modified_time is defined - - output.state.new_tier == "Consumption" - - output.state.provisioning_state == "Succeeded" - - output.state.trusted_id_provider_state == "Disabled" - -- name: Create minimal data lake store (Idempotence) - azure_rm_datalakestore: - resource_group: "{{ resource_group_datalake }}" - name: "{{ adl_name }}" - register: output - -- name: Assert that status has not changed - ansible.builtin.assert: - that: - - not output.changed - -- name: Update data lake store to add virtual_network_rules - azure_rm_datalakestore: - resource_group: "{{ resource_group_datalake }}" - name: "{{ adl_name }}" - virtual_network_rules: - - name: vnet_rule_1 - subnet_id: "{{ subnet_output.state.id }}" - register: output - -- name: Assert status succeeded and results include virtual_network_rules - ansible.builtin.assert: - that: - - output.changed - - output.state.virtual_network_rules | length == 1 - - output.state.virtual_network_rules[0].name == "vnet_rule_1" - - output.state.virtual_network_rules[0].subnet_id == subnet_output.state.id - -- name: Update data lake store to change encryption state that must fail - azure_rm_datalakestore: - resource_group: "{{ resource_group_datalake }}" - name: "{{ adl_name }}" - encryption_state: Disabled - register: output - ignore_errors: true - -- name: Assert that encryption state cannot change - ansible.builtin.assert: - that: - - not output.changed - - output.msg == 'Encryption type cannot be updated.' - -- name: Update data lake store to add new_tier - azure_rm_datalakestore: - resource_group: "{{ resource_group_datalake }}" - name: "{{ adl_name }}" - new_tier: Commitment_1TB - register: output - -- name: Assert status succeeded and results include virtual_network_rules - ansible.builtin.assert: - that: - - output.changed - - output.state.current_tier == "Consumption" - - output.state.new_tier == "Commitment_1TB" - -- name: Delete minimal data lake store - azure_rm_datalakestore: - resource_group: "{{ resource_group_datalake }}" - name: "{{ adl_name }}" - state: absent - register: output - -- name: Create new data lake store - azure_rm_datalakestore: - resource_group: "{{ resource_group_datalake }}" - name: "{{ adl_name }}" - tags: - P1: V1 - P2: V4 - P3: V3 - new_tier: Commitment_1TB - default_group: default_group_test - encryption_state: Enabled - firewall_state: Enabled - firewall_allow_azure_ips: Enabled - firewall_rules: - - name: test_rule_1 - start_ip_address: 192.168.1.1 - end_ip_address: 192.168.1.254 - - name: test_rule_2 - start_ip_address: 10.0.0.1 - end_ip_address: 10.1.0.1 - virtual_network_rules: - - name: vnet_rule_1 - subnet_id: "{{ subnet_output.state.id }}" - register: output - -- name: Assert status succeeded and results include an Id value - ansible.builtin.assert: - that: - - output.changed - - output.state.id is defined - - output.state.account_id is defined - - output.state.creation_time is defined - - output.state.current_tier == "Commitment_1TB" - - output.state.default_group == "default_group_test" - - output.state.encryption_state == "Enabled" - - output.state.endpoint == "{{ adl_name }}.azuredatalakestore.net" - - output.state.firewall_allow_azure_ips == "Enabled" - - output.state.firewall_rules | length == 2 - - output.state.firewall_state == "Enabled" - - output.state.last_modified_time is defined - - output.state.new_tier == "Commitment_1TB" - - output.state.provisioning_state == "Succeeded" - - output.state.tags | length == 3 - - output.state.trusted_id_provider_state == "Disabled" - - output.state.virtual_network_rules | length == 1 - - output.state.virtual_network_rules[0].name == "vnet_rule_1" - - output.state.virtual_network_rules[0].subnet_id == subnet_output.state.id - -- name: Create new data lake store (Idempotence) - azure_rm_datalakestore: - resource_group: "{{ resource_group_datalake }}" - name: "{{ adl_name }}" - tags: - P1: V1 - P2: V4 - P3: V3 - new_tier: Commitment_1TB - default_group: default_group_test - encryption_state: Enabled - firewall_state: Enabled - firewall_allow_azure_ips: Enabled - firewall_rules: - - name: test_rule_1 - start_ip_address: 192.168.1.1 - end_ip_address: 192.168.1.254 - - name: test_rule_2 - start_ip_address: 10.0.0.1 - end_ip_address: 10.1.0.1 - virtual_network_rules: - - name: vnet_rule_1 - subnet_id: "{{ subnet_output.state.id }}" - register: output - -- name: Assert that status has not changed - ansible.builtin.assert: - that: - - not output.changed - -- name: Delete virtual network - azure_rm_virtualnetwork: - name: "{{ vnet_name }}" - resource_group: "{{ resource_group_datalake }}" - state: absent - -- name: Delete Data Lake Store - azure_rm_datalakestore: - resource_group: "{{ resource_group_datalake }}" - name: "{{ adl_name }}" - state: absent diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_eventhub/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_eventhub/tasks/main.yml index 62e60e95b..579d326d8 100644 --- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_eventhub/tasks/main.yml +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_eventhub/tasks/main.yml @@ -76,10 +76,10 @@ namespace_name: "{{ namespace_name }}" name: "{{ name_rpfx }}" resource_group: "{{ resource_group }}" - message_retention_in_days: 4 + message_retention_in_days: 1 state: present tags: - test: modified + test1: modified1 register: results - name: Assert the event hub updated diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_expressroute/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_expressroute/tasks/main.yml index 3d70ddd82..58bda9cce 100644 --- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_expressroute/tasks/main.yml +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_expressroute/tasks/main.yml @@ -14,9 +14,9 @@ authorizations: - name: authorization_test service_provider_properties: - service_provider_name: Aryaka Networks - peering_location: Seattle - bandwidth_in_mbps: '200' + service_provider_name: Telstra Test + peering_location: Denver Test + bandwidth_in_mbps: 1000 sku: tier: premium family: metereddata @@ -40,9 +40,9 @@ authorizations: - name: authorization_test service_provider_properties: - service_provider_name: Aryaka Networks - peering_location: Seattle - bandwidth_in_mbps: '200' + service_provider_name: Telstra Test + peering_location: Denver Test + bandwidth_in_mbps: 1000 sku: tier: premium family: metereddata @@ -65,9 +65,9 @@ authorizations: - name: authorization_test service_provider_properties: - service_provider_name: Aryaka Networks - peering_location: Seattle - bandwidth_in_mbps: '200' + service_provider_name: Telstra Test + peering_location: Denver Test + bandwidth_in_mbps: 1000 sku: tier: premium family: metereddata diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_image/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_image/tasks/main.yml index 2fc543091..3e9e32f47 100644 --- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_image/tasks/main.yml +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_image/tasks/main.yml @@ -33,9 +33,12 @@ azure_rm_networkinterface: resource_group: "{{ resource_group }}" name: "{{ vm_name }}" + ip_configurations: + - name: default + public_ip_address_name: "{{ public_ip_name }}" + primary: true virtual_network: "{{ vm_name }}" subnet: "{{ vm_name }}" - public_ip_name: "{{ public_ip_name }}" security_group: "{{ security_group_name }}" - name: Create virtual machine diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_loadbalancer/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_loadbalancer/tasks/main.yml index 913e618d0..692590994 100644 --- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_loadbalancer/tasks/main.yml +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_loadbalancer/tasks/main.yml @@ -32,7 +32,9 @@ azure_rm_loadbalancer: resource_group: '{{ resource_group }}' name: "{{ lbname_a }}" - public_ip: "{{ pipaname }}" + frontend_ip_configurations: + - name: frontendip0 + public_ip_address: "{{ pipaname }}" check_mode: true register: output @@ -44,7 +46,9 @@ azure_rm_loadbalancer: resource_group: '{{ resource_group }}' name: "{{ lbname_a }}" - public_ip: "{{ pipaname }}" + frontend_ip_configurations: + - name: frontendip0 + public_ip_address: "{{ pipaname }}" register: output - name: Assert load balancer created @@ -55,7 +59,9 @@ azure_rm_loadbalancer: resource_group: '{{ resource_group }}' name: "{{ lbname_a }}" - public_ip: "{{ pipaname }}" + frontend_ip_configurations: + - name: frontendip0 + public_ip_address: "{{ pipaname }}" register: output - name: Assert no change @@ -90,20 +96,34 @@ resource_group: '{{ resource_group }}' name: "{{ lbname_b }}" sku: Standard - public_ip_address: "{{ pipbname }}" - probe_protocol: Tcp - probe_port: 80 - probe_interval: 10 - probe_fail_count: 3 - protocol: Tcp - load_distribution: Default - frontend_port: 80 - backend_port: 8080 - idle_timeout: 4 - natpool_frontend_port_start: 30 - natpool_frontend_port_end: 40 - natpool_backend_port: 80 - natpool_protocol: Tcp + frontend_ip_configurations: + - name: frontendip0 + public_ip_address: "{{ pipbname }}" + backend_address_pools: + - name: backendaddrp0 + probes: + - name: prob0 + port: 80 + protocol: Tcp + interval: 10 + fail_count: 3 + inbound_nat_pools: + - name: inboundnatp0 + frontend_ip_configuration_name: frontendip0 + protocol: Tcp + frontend_port_range_start: 30 + frontend_port_range_end: 40 + backend_port: 80 + load_balancing_rules: + - name: lbr + frontend_ip_configuration: frontendip0 + backend_address_pool: backendaddrp0 + probe: prob0 + frontend_port: 80 + backend_port: 8080 + idle_timeout: 4 + load_distribution: Default + protocol: Tcp register: output - name: Assert complex load balancer created @@ -117,20 +137,34 @@ resource_group: '{{ resource_group }}' name: "{{ lbname_b }}" sku: Standard - public_ip_address: "{{ pipbname }}" - probe_protocol: Tcp - probe_port: 80 - probe_interval: 10 - probe_fail_count: 3 - protocol: Tcp - load_distribution: Default - frontend_port: 80 - backend_port: 8080 - idle_timeout: 4 - natpool_frontend_port_start: 30 - natpool_frontend_port_end: 40 - natpool_backend_port: 80 - natpool_protocol: Tcp + frontend_ip_configurations: + - name: frontendip0 + public_ip_address: "{{ pipbname }}" + backend_address_pools: + - name: backendaddrp0 + probes: + - name: prob0 + port: 80 + protocol: Tcp + interval: 10 + fail_count: 3 + inbound_nat_pools: + - name: inboundnatp0 + frontend_ip_configuration_name: frontendip0 + protocol: Tcp + frontend_port_range_start: 30 + frontend_port_range_end: 40 + backend_port: 80 + load_balancing_rules: + - name: lbr + frontend_ip_configuration: frontendip0 + backend_address_pool: backendaddrp0 + probe: prob0 + frontend_port: 80 + backend_port: 8080 + idle_timeout: 4 + load_distribution: Default + protocol: Tcp register: output - name: Assert that output has not changed @@ -143,20 +177,34 @@ resource_group: '{{ resource_group }}' name: "{{ lbname_b }}" sku: Standard - public_ip_address: "{{ pipbname }}" - probe_protocol: Tcp - probe_port: 80 - probe_interval: 10 - probe_fail_count: 3 - protocol: Tcp - load_distribution: Default - frontend_port: 81 - backend_port: 8080 - idle_timeout: 4 - natpool_frontend_port_start: 30 - natpool_frontend_port_end: 40 - natpool_backend_port: 80 - natpool_protocol: Tcp + frontend_ip_configurations: + - name: frontendip0 + public_ip_address: "{{ pipbname }}" + backend_address_pools: + - name: backendaddrp0 + probes: + - name: prob0 + port: 80 + protocol: Tcp + interval: 10 + fail_count: 3 + inbound_nat_pools: + - name: inboundnatp0 + frontend_ip_configuration_name: frontendip0 + protocol: Tcp + frontend_port_range_start: 30 + frontend_port_range_end: 40 + backend_port: 80 + load_balancing_rules: + - name: lbr + frontend_ip_configuration: frontendip0 + backend_address_pool: backendaddrp0 + probe: prob0 + frontend_port: 81 + backend_port: 8080 + idle_timeout: 4 + load_distribution: Default + protocol: Tcp register: output - name: Assert that output has changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_localnetworkgateway/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_localnetworkgateway/aliases new file mode 100644 index 000000000..aa77c071a --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_localnetworkgateway/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group2 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_datalakestore/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_localnetworkgateway/meta/main.yml index 95e1952f9..95e1952f9 100644 --- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_datalakestore/meta/main.yml +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_localnetworkgateway/meta/main.yml diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_localnetworkgateway/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_localnetworkgateway/tasks/main.yml new file mode 100644 index 000000000..d7447111c --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_localnetworkgateway/tasks/main.yml @@ -0,0 +1,114 @@ +- name: Set Storage Account Names + ansible.builtin.set_fact: + rpfx: "{{ resource_group | hash('md5') | truncate(21, True, '') }}" + +- name: Create a new local network gateway (Check mode) + azure_rm_localnetworkgateway: + resource_group: "{{ resource_group }}" + name: "{{ rpfx }}" + local_network_address_space: + address_prefixes: + - 10.0.0.0/24 + - 20.0.0.0/24 + fqdn: testfqdn.com + bgp_settings: + asn: 8 + bgp_peering_address: 10.3.0.1 + peer_weight: 3 + tags: + key1: value1 + check_mode: true + +- name: Create a new local network gateway + azure_rm_localnetworkgateway: + resource_group: "{{ resource_group }}" + name: "{{ rpfx }}" + local_network_address_space: + address_prefixes: + - 10.0.0.0/24 + - 20.0.0.0/24 + fqdn: testfqdn.com + bgp_settings: + asn: 8 + bgp_peering_address: 10.3.0.1 + peer_weight: 3 + tags: + key1: value1 + register: output + +- name: Assert the local network gateway is well created + ansible.builtin.assert: + that: + - output.changed + - output.state.provisioning_state == 'Succeeded' + +- name: Create a new local network gateway(Idempotent test) + azure_rm_localnetworkgateway: + resource_group: "{{ resource_group }}" + name: "{{ rpfx }}" + local_network_address_space: + address_prefixes: + - 10.0.0.0/24 + - 20.0.0.0/24 + fqdn: testfqdn.com + bgp_settings: + asn: 8 + bgp_peering_address: 10.3.0.1 + peer_weight: 3 + tags: + key1: value1 + register: output + +- name: Assert the local network gateway no change + ansible.builtin.assert: + that: + - not output.changed + +- name: Create a new local network gateway(Update test) + azure_rm_localnetworkgateway: + resource_group: "{{ resource_group }}" + name: "{{ rpfx }}" + local_network_address_space: + address_prefixes: + - 10.0.0.0/24 + - 30.0.0.0/24 + fqdn: testfqdn1.com + bgp_settings: + asn: 10 + bgp_peering_address: 20.3.0.1 + peer_weight: 5 + tags: + key1: value1 + register: output + +- name: Assert the local network gateway updated + ansible.builtin.assert: + that: + - output.changed + +- name: Get a new local network gateway + azure_rm_localnetworkgateway_info: + resource_group: "{{ resource_group }}" + name: "{{ rpfx }}" + register: output + +- name: Assert the local network gateway facts + ansible.builtin.assert: + that: + - not output.changed + - output.state[0].bgp_settings.asn == 10 + - output.state[0].bgp_settings.peer_weight == 5 + - "output.state[0].tags | length == 1" + - "output.state[0].local_network_address_space.address_prefixes | length == 3" + +- name: Delete the local network gateway + azure_rm_localnetworkgateway: + resource_group: "{{ resource_group }}" + name: "{{ rpfx }}" + state: absent + register: output + +- name: Assert the local network gateway is deleted + ansible.builtin.assert: + that: + - output.changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_mariadbserver/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_mariadbserver/aliases index b586dc7c3..0cfc7d52b 100644 --- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_mariadbserver/aliases +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_mariadbserver/aliases @@ -6,3 +6,4 @@ azure_rm_mariadbdatabase azure_rm_mariadbdatabase_facts azure_rm_mariadbfirewallrule azure_rm_mariadbfirewallrule_facts +disabled diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_mysqlserver/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_mysqlserver/aliases index 21e7a127b..98ddd39ff 100644 --- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_mysqlserver/aliases +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_mysqlserver/aliases @@ -8,3 +8,4 @@ azure_rm_mysqlfirewallrule azure_rm_mysqlfirewallrule_facts azure_rm_mysqlconfiguration azure_rm_mysqlconfiguration_facts +disabled diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_networkinterface/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_networkinterface/tasks/main.yml index e47906d72..4955230f2 100644 --- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_networkinterface/tasks/main.yml +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_networkinterface/tasks/main.yml @@ -87,8 +87,7 @@ resource_group: "{{ resource_group }}" name: "tn{{ rpfx }}" virtual_network: "{{ vn.state.id }}" - subnet: "tn{{ rpfx }}" - public_ip: false + subnet_name: "tn{{ rpfx }}" create_with_security_group: false register: output check_mode: true @@ -105,8 +104,7 @@ virtual_network: name: "tn{{ rpfx }}" resource_group: "{{ resource_group_secondary }}" - subnet: "tn{{ rpfx }}" - public_ip: false + subnet_name: "tn{{ rpfx }}" create_with_security_group: false register: output @@ -146,7 +144,7 @@ private_ip_address: "{{ facts.networkinterfaces[0].ip_configurations[0].private_ip_address }}" private_ip_allocation_method: "{{ facts.networkinterfaces[0].ip_configurations[0].private_ip_allocation_method }}" primary: "{{ facts.networkinterfaces[0].ip_configurations[0].primary }}" - subnet: "{{ facts.networkinterfaces[0].subnet }}" + subnet_name: "{{ facts.networkinterfaces[0].subnet }}" register: output - name: Assert the NIC created @@ -159,9 +157,8 @@ resource_group: "{{ resource_group }}" name: "tn{{ rpfx }}" virtual_network: "{{ vn.state.id }}" - subnet: "tn{{ rpfx }}" + subnet_name: "tn{{ rpfx }}" create_with_security_group: false - public_ip: false register: output - name: Assert NIC created @@ -174,8 +171,7 @@ resource_group: "{{ resource_group }}" name: "tn{{ rpfx }}" virtual_network: "{{ vn.state.id }}" - subnet: "tn{{ rpfx }}" - public_ip: false + subnet_name: "tn{{ rpfx }}" security_group: "tn{{ rpfx }}sg" register: output check_mode: true @@ -190,8 +186,10 @@ resource_group: "{{ resource_group }}" name: "tn{{ rpfx }}" virtual_network: "{{ vn.state.id }}" - subnet: "tn{{ rpfx }}" - public_ip_address_name: "tn{{ rpfx }}" + subnet_name: "tn{{ rpfx }}" + ip_configurations: + - name: default + public_ip_address_name: "tn{{ rpfx }}" create_with_security_group: false register: output check_mode: true @@ -206,10 +204,9 @@ resource_group: "{{ resource_group }}" name: "tn{{ rpfx }}" virtual_network: "{{ vn.state.id }}" - subnet: "tn{{ rpfx }}" + subnet_name: "tn{{ rpfx }}" enable_accelerated_networking: true create_with_security_group: false - public_ip: false register: output check_mode: true @@ -223,10 +220,9 @@ resource_group: "{{ resource_group }}" name: "tn{{ rpfx }}" virtual_network: "{{ vn.state.id }}" - subnet: "tn{{ rpfx }}" + subnet_name: "tn{{ rpfx }}" create_with_security_group: false enable_ip_forwarding: true - public_ip: false register: output check_mode: true @@ -240,9 +236,8 @@ resource_group: "{{ resource_group }}" name: "tn{{ rpfx }}" virtual_network: "{{ vn.state.id }}" - subnet: "tn{{ rpfx }}" + subnet_name: "tn{{ rpfx }}" create_with_security_group: false - public_ip: false dns_servers: - 8.9.10.11 - 7.8.9.10 @@ -259,7 +254,7 @@ resource_group: "{{ resource_group }}" name: "tn{{ rpfx }}" virtual_network: "{{ vn.state.id }}" - subnet: "tn{{ rpfx }}" + subnet_name: "tn{{ rpfx }}" enable_accelerated_networking: true enable_ip_forwarding: true security_group: "tn{{ rpfx }}sg" @@ -300,7 +295,7 @@ resource_group: "{{ resource_group }}" name: "tn{{ rpfx }}" virtual_network: "{{ vn.state.id }}" - subnet: "tn{{ rpfx }}" + subnet_name: "tn{{ rpfx }}" enable_accelerated_networking: true security_group: "tn{{ rpfx }}sg" enable_ip_forwarding: true @@ -355,7 +350,7 @@ resource_group: "{{ resource_group }}" name: "tn{{ rpfx }}" virtual_network: "{{ vn.state.id }}" - subnet: "tn{{ rpfx }}" + subnet_name: "tn{{ rpfx }}" security_group: "tn{{ rpfx }}sg" enable_accelerated_networking: true enable_ip_forwarding: true @@ -462,9 +457,8 @@ resource_group: "{{ resource_group }}" name: "{{ nic_name1 }}" virtual_network: "{{ vn.state.id }}" - subnet: "tn{{ rpfx }}" + subnet_name: "tn{{ rpfx }}" create_with_security_group: true - public_ip: false ip_configurations: - name: ipconfig1 application_security_groups: @@ -483,9 +477,8 @@ resource_group: "{{ resource_group }}" name: "{{ nic_name1 }}" virtual_network: "{{ vn.state.id }}" - subnet: "tn{{ rpfx }}" + subnet_name: "tn{{ rpfx }}" create_with_security_group: true - public_ip: false ip_configurations: - name: ipconfig1 application_security_groups: @@ -504,9 +497,8 @@ resource_group: "{{ resource_group }}" name: "{{ nic_name1 }}" virtual_network: "{{ vn.state.id }}" - subnet: "tn{{ rpfx }}" + subnet_name: "tn{{ rpfx }}" create_with_security_group: true - public_ip: false ip_configurations: - name: ipconfig1 application_security_groups: @@ -598,7 +590,6 @@ virtual_network: "tn{{ rpfx }}" subnet_name: "nic-appgw-subnet{{ rpfx }}" create_with_security_group: false - public_ip: false ip_configurations: - name: "default" primary: true @@ -621,7 +612,6 @@ virtual_network: "tn{{ rpfx }}" subnet_name: "nic-appgw-subnet{{ rpfx }}" create_with_security_group: false - public_ip: false ip_configurations: - name: "default" primary: true diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_postgresqlflexibleserver/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_postgresqlflexibleserver/tasks/main.yml index 2add54e1e..9880cdc3c 100644 --- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_postgresqlflexibleserver/tasks/main.yml +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_postgresqlflexibleserver/tasks/main.yml @@ -1,15 +1,43 @@ +- name: Gather Resource Group info + azure.azcollection.azure_rm_resourcegroup_info: + name: "{{ resource_group }}" + register: __rg_info + - name: Prepare random number ansible.builtin.set_fact: rpfx: "{{ resource_group | hash('md5') | truncate(8, True, '') }}" new_resource_group: "{{ resource_group }}-02" run_once: true +- name: Set Azure Region based on resource group location + ansible.builtin.set_fact: + location: "{{ __rg_info.resourcegroups.0.location }}" + - name: Create a new resource group azure_rm_resourcegroup: name: "{{ new_resource_group }}" - location: southeastasia + location: "{{ location }}" + +- name: Create User Managed Identities + azure_rm_resource: + resource_group: "{{ new_resource_group }}" + provider: ManagedIdentity + resource_type: userAssignedIdentities + resource_name: "{{ item }}" + api_version: "2023-01-31" + body: + location: "{{ location }}" + state: present + loop: + - "ansible-test-pgsql-identity" + - "ansible-test-pgsql-identity-2" + +- name: Set identities IDs to test. Identities ansible-test-psql-identity and ansible-test-psql-identity-2 have to be created previously + ansible.builtin.set_fact: + user_identity_1: "/subscriptions/{{ azure_subscription_id }}/resourcegroups/{{ new_resource_group }}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ansible-test-pgsql-identity" + user_identity_2: "/subscriptions/{{ azure_subscription_id }}/resourcegroups/{{ new_resource_group }}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ansible-test-pgsql-identity-2" -- name: Create post gresql flexible server (check mode) +- name: Create postgresql flexible server (check mode) azure_rm_postgresqlflexibleserver: resource_group: "{{ new_resource_group }}" name: postflexible{{ rpfx }} @@ -34,9 +62,14 @@ day_of_week: 3 availability_zone: 2 create_mode: Create + identity: + type: UserAssigned + user_assigned_identities: + id: + - "{{ user_identity_1 }}" check_mode: true -- name: Create post gresql flexible server +- name: Create postgresql flexible server azure_rm_postgresqlflexibleserver: resource_group: "{{ new_resource_group }}" name: postflexible{{ rpfx }} @@ -61,14 +94,25 @@ day_of_week: 3 availability_zone: 2 create_mode: Create + identity: + type: UserAssigned + user_assigned_identities: + id: + - "{{ user_identity_1 }}" register: output -- name: Assert the post grep sql server create success +- name: Assert the postgresql flexible server create success ansible.builtin.assert: that: - output.changed -- name: Create post gresql flexible server (Idempotent Test) +- name: Assert User identity assigned + ansible.builtin.assert: + that: + - output.state.identity.type == 'UserAssigned' + - user_identity_1 in output.state.identity.user_assigned_identities + +- name: Create postgresql flexible server (Idempotent Test) azure_rm_postgresqlflexibleserver: resource_group: "{{ new_resource_group }}" name: postflexible{{ rpfx }} @@ -93,14 +137,19 @@ day_of_week: 3 availability_zone: 2 create_mode: Create + identity: + type: UserAssigned + user_assigned_identities: + id: + - "{{ user_identity_1 }}" register: output -- name: Assert the post grep sql server create success +- name: Assert the postgresql server create success ansible.builtin.assert: that: - not output.changed -- name: Update post gresql flexible server with multiple parameters +- name: Update postgresql flexible server with multiple parameters azure_rm_postgresqlflexibleserver: resource_group: "{{ new_resource_group }}" name: postflexible{{ rpfx }} @@ -128,9 +177,15 @@ tags: key1: value1 key2: value2 + identity: + type: "UserAssigned" + user_assigned_identities: + id: + - "{{ user_identity_2 }}" + append: true register: output -- name: Assert the post grep sql server update success +- name: Assert the postgresql server update success ansible.builtin.assert: that: - output.changed @@ -141,7 +196,7 @@ name: postflexible{{ rpfx }} register: output -- name: Assert the post gresql server is well created +- name: Assert the postgresql server is well created ansible.builtin.assert: that: - output.servers[0].tags | length == 2 @@ -150,8 +205,23 @@ - output.servers[0].maintenance_window.day_of_week == 6 - output.servers[0].maintenance_window.start_hour == 10 - output.servers[0].maintenance_window.start_minute == 6 + - user_identity_1 in output.servers[0].identity.user_assigned_identities + - user_identity_2 in output.servers[0].identity.user_assigned_identities + +- name: Postgresql server Identity None + azure_rm_postgresqlflexibleserver: + name: postflexible{{ rpfx }} + resource_group: "{{ new_resource_group }}" + identity: + type: "None" + register: output + +- name: Assert no managed identities + ansible.builtin.assert: + that: + - output.state.identity.type == 'None' -- name: Create a post gresql flexible database(check mode) +- name: Create a postgresql flexible database(check mode) azure_rm_postgresqlflexibledatabase: resource_group: "{{ new_resource_group }}" server_name: postflexible{{ rpfx }} @@ -160,7 +230,7 @@ charset: UTF8 check_mode: true -- name: Create a post gresql flexible database +- name: Create a postgresql flexible database azure_rm_postgresqlflexibledatabase: resource_group: "{{ new_resource_group }}" server_name: postflexible{{ rpfx }} @@ -169,12 +239,12 @@ charset: UTF8 register: output -- name: Assert the post gresql flexible database created success +- name: Assert the postgresql flexible database created success ansible.builtin.assert: that: - output.changed -- name: Create a post gresql flexible database(Idempotent test) +- name: Create a postgresql flexible database(Idempotent test) azure_rm_postgresqlflexibledatabase: resource_group: "{{ new_resource_group }}" server_name: postflexible{{ rpfx }} @@ -183,25 +253,25 @@ charset: UTF8 register: output -- name: Assert the post gresql flexible database no changed +- name: Assert the postgresql flexible database no changed ansible.builtin.assert: that: - not output.changed -- name: Get the post gresql flexibe database facts +- name: Get the postgresql flexibe database facts azure_rm_postgresqlflexibledatabase_info: resource_group: "{{ new_resource_group }}" server_name: postflexible{{ rpfx }} name: database{{ rpfx }} register: output -- name: Assert the post gresql flexible database facts +- name: Assert the postgresql flexible database facts ansible.builtin.assert: that: - output.databases[0].collation == 'en_US.utf8' - output.databases[0].charset == 'UTF8' -- name: Delete the post gresql flexibe database +- name: Delete the postgresql flexibe database azure_rm_postgresqlflexibledatabase: resource_group: "{{ new_resource_group }}" server_name: postflexible{{ rpfx }} @@ -209,12 +279,12 @@ state: absent register: output -- name: Assert the post gresql flexible database deleted +- name: Assert the postgresql flexible database deleted ansible.builtin.assert: that: - output.changed -- name: Create a post gresql flexible firwall rule (Check mode) +- name: Create a postgresql flexible firwall rule (Check mode) azure_rm_postgresqlflexiblefirewallrule: resource_group: "{{ new_resource_group }}" server_name: postflexible{{ rpfx }} @@ -223,7 +293,7 @@ end_ip_address: 10.0.0.20 check_mode: true -- name: Create the post gresql flexible firwall rule +- name: Create the postgresql flexible firwall rule azure_rm_postgresqlflexiblefirewallrule: resource_group: "{{ new_resource_group }}" server_name: postflexible{{ rpfx }} @@ -232,12 +302,12 @@ end_ip_address: 10.0.0.20 register: output -- name: Assert the post grepsql flexible firewall rule created well +- name: Assert the postgrepsql flexible firewall rule created well ansible.builtin.assert: that: - output.changed -- name: Create the post gresql flexible firwall rule (Idempotent test) +- name: Create the postgresql flexible firwall rule (Idempotent test) azure_rm_postgresqlflexiblefirewallrule: resource_group: "{{ new_resource_group }}" server_name: postflexible{{ rpfx }} @@ -246,12 +316,12 @@ end_ip_address: 10.0.0.20 register: output -- name: Assert the post grepsql flexible firewall rule support idempotent test +- name: Assert the postgresql flexible firewall rule support idempotent test ansible.builtin.assert: that: - not output.changed -- name: Update the post gresql flexible firwall rule +- name: Update the postgresql flexible firwall rule azure_rm_postgresqlflexiblefirewallrule: resource_group: "{{ new_resource_group }}" server_name: postflexible{{ rpfx }} @@ -260,25 +330,25 @@ end_ip_address: 10.0.0.18 register: output -- name: Assert the post grepsql flexible server update well +- name: Assert the postgresql flexible server update well ansible.builtin.assert: that: - output.changed -- name: Get the post gresql flexible firwall rule facts +- name: Get the postgresql flexible firwall rule facts azure_rm_postgresqlflexiblefirewallrule_info: resource_group: "{{ new_resource_group }}" server_name: postflexible{{ rpfx }} name: firewall{{ rpfx }} register: output -- name: Assert the post gresql flexible firewall rule facts +- name: Assert the postgresql flexible firewall rule facts ansible.builtin.assert: that: - output.firewall_rules[0].start_ip_address == '10.0.0.16' - output.firewall_rules[0].end_ip_address == '10.0.0.18' -- name: Delete the post gresql flexible firwall rule +- name: Delete the postgresql flexible firwall rule azure_rm_postgresqlflexiblefirewallrule: resource_group: "{{ new_resource_group }}" server_name: postflexible{{ rpfx }} @@ -286,30 +356,30 @@ state: absent register: output -- name: Assert the post grepsql flexible server delete well +- name: Assert the postgresql flexible server delete well ansible.builtin.assert: that: - output.changed -- name: List the post gresql flexible config facts +- name: List the postgresql flexible config facts azure_rm_postgresqlflexibleconfiguration_info: resource_group: "{{ new_resource_group }}" server_name: postflexible{{ rpfx }} register: output -- name: Assert the post gresql flexible server configuration +- name: Assert the postgresql flexible server configuration ansible.builtin.assert: that: - output.settings | length > 0 -- name: Stop the post gresql flexible server +- name: Stop the postgresql flexible server azure_rm_postgresqlflexibleserver: resource_group: "{{ new_resource_group }}" name: postflexible{{ rpfx }} is_stop: true register: output -- name: Assert the post grep sql server stop success +- name: Assert the postgresql server stop success ansible.builtin.assert: that: - output.changed @@ -319,30 +389,42 @@ minutes: 10 changed_when: true -- name: Restart post gresql flexible server +- name: Restart postgresql flexible server azure_rm_postgresqlflexibleserver: resource_group: "{{ new_resource_group }}" name: postflexible{{ rpfx }} is_restart: true register: output -- name: Assert the post grep sql server restart success +- name: Assert the postgresql server restart success ansible.builtin.assert: that: - output.changed -- name: Delete post gresql flexible server +- name: Delete postgresql flexible server azure_rm_postgresqlflexibleserver: resource_group: "{{ new_resource_group }}" name: postflexible{{ rpfx }} state: absent register: output -- name: Assert the post gresql server is well deleted +- name: Assert the postgresql server is well deleted ansible.builtin.assert: that: - output.changed +- name: Destroy User Managed Identities + azure_rm_resource: + resource_group: "{{ new_resource_group }}" + provider: ManagedIdentity + resource_type: userAssignedIdentities + resource_name: "{{ item }}" + api_version: "2023-01-31" + state: absent + loop: + - "ansible-test-psql-identity" + - "ansible-test-psql-identity-2" + - name: Delete the new resource group azure_rm_resourcegroup: name: "{{ new_resource_group }}" diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatelinkservice/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatelinkservice/tasks/main.yml index a3743b074..d42d65ecd 100644 --- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatelinkservice/tasks/main.yml +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_privatelinkservice/tasks/main.yml @@ -1,7 +1,6 @@ - name: Set Private Link Service Names ansible.builtin.set_fact: rpfx: "{{ resource_group | hash('md5') | truncate(20, True, '') }}" - azure_subscription_id: f64d4ee8-be94-457d-ba26-3fa6b6506cef - name: Delete the private link service azure_rm_privatelinkservice: diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_datalakestore/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_sqlmanageddatabase/aliases index 6feba04aa..e133dafcd 100644 --- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_datalakestore/aliases +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_sqlmanageddatabase/aliases @@ -1,4 +1,4 @@ cloud/azure -shippable/azure/group10 destructive +shippable/azure/group9 disabled diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_sqlmanageddatabase/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_sqlmanageddatabase/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_sqlmanageddatabase/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_sqlmanageddatabase/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_sqlmanageddatabase/tasks/main.yml new file mode 100644 index 000000000..ddbc1b881 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_sqlmanageddatabase/tasks/main.yml @@ -0,0 +1,264 @@ +- name: Prepare random number + ansible.builtin.set_fact: + random_postfix: "sqlmi{{ 1000 | random }}{{ resource_group | hash('md5') | truncate(8, True, '') }}" + +- name: Create virtual network + azure_rm_virtualnetwork: + name: "{{ random_postfix }}" + address_prefixes_cidr: + - 10.1.0.0/16 + - 172.100.0.0/16 + - fdda:e69b:1587:495e::/64 + dns_servers: + - 127.0.0.1 + - 127.0.0.3 + resource_group: "{{ resource_group }}" + +- name: Create a route table + azure_rm_routetable: + name: "{{ random_postfix }}" + resource_group: "{{ resource_group }}" + tags: + purpose: testing + +- name: Create security group + azure_rm_securitygroup: + resource_group: "{{ resource_group }}" + name: "{{ random_postfix }}" + tags: + testing: testing + delete: on-exit + foo: bar + purge_rules: true + rules: + - name: DenySSH + protocol: Tcp + destination_port_range: 22 + access: Deny + priority: 100 + direction: Inbound + - name: AllowSSH + protocol: Tcp + source_address_prefix: 174.109.158.0/24 + destination_port_range: 22 + access: Allow + priority: 101 + direction: Inbound + +- name: Add the subnet back + azure_rm_subnet: + name: foobar + virtual_network_name: "{{ random_postfix }}" + resource_group: "{{ resource_group }}" + address_prefix_cidr: "10.1.0.0/24" + security_group: + resource_gorup: "{{ resource_group }}" + name: "{{ random_postfix }}" + route_table: + name: "{{ random_postfix }}" + resource_group: "{{ resource_group }}" + delegations: + - name: 'mysqlinstance' + serviceName: "Microsoft.Sql/managedInstances" + register: subnet_output + +- name: Create sql managed instance + azure_rm_sqlmanagedinstance: + resource_group: "{{ resource_group }}" + name: "{{ random_postfix }}" + subnet_id: "{{ subnet_output.state.id }}" + identity: + type: SystemAssigned + sku: + name: GP_Gen5 + tier: GeneralPurpose + family: Gen5 + capacity: 8 + administrator_login: azureuser + administrator_login_password: Fredtest@password0329test + storage_size_in_gb: 256 + v_cores: 8 + +- name: Create a new sql managed instance database(checkmode test) + azure_rm_sqlmidatabase: + resource_group: "{{ resource_group }}" + managed_instance_name: "{{ random_postfix }}" + database_name: "database{{ random_postfix }}" + collation: SQL_Latin1_General_CP1_CI_AS + location: eastus + tags: + key1: value1 + check_mode: true + +- name: Create a new sql managed instance database + azure_rm_sqlmidatabase: + resource_group: "{{ resource_group }}" + managed_instance_name: "{{ random_postfix }}" + database_name: "database{{ random_postfix }}" + collation: SQL_Latin1_General_CP1_CI_AS + location: eastus + tags: + key1: value1 + register: output + +- name: Assert the datebase is well created + ansible.builtin.assert: + that: + - output.changed + +- name: Create a new sql managed instance database (Idempotent test) + azure_rm_sqlmidatabase: + resource_group: "{{ resource_group }}" + managed_instance_name: "{{ random_postfix }}" + database_name: "database{{ random_postfix }}" + collation: SQL_Latin1_General_CP1_CI_AS + location: eastus + tags: + key1: value1 + register: output + +- name: Assert the datebase has no changed + ansible.builtin.assert: + that: + - not output.changed + +- name: Update the sql managed instance database tags + azure_rm_sqlmidatabase: + resource_group: "{{ resource_group }}" + managed_instance_name: "{{ random_postfix }}" + database_name: "database{{ random_postfix }}" + collation: SQL_Latin1_General_CP1_CI_AS + location: eastus + tags: + key2: value2 + register: output + +- name: Assert the datebase udpated + ansible.builtin.assert: + that: + - output.changed + +- name: Get the sql managed instance database facts + azure_rm_sqlmidatabase_info: + resource_group: "{{ resource_group }}" + managed_instance_name: "{{ random_postfix }}" + database_name: "database{{ random_postfix }}" + register: output + +- name: Assert the datebase facts + ansible.builtin.assert: + that: + - output.database[0].tags |length == 2 + - output.database[0].collation == "SQL_Latin1_General_CP1_CI_AS" + +- name: Get sql managed database long term retention policy by name + azure_rm_sqlmidblongtermretentionpolicy_info: + resource_group: "{{ resource_group }}" + managed_instance_name: "{{ random_postfix }}" + database_name: "database{{ random_postfix }}" + policy_name: default + register: output + +- name: Assert the sql managed datebase long term retention policy facts + ansible.builtin.assert: + that: + - output.long_term_retention_policy[0].name == 'default' + - output.long_term_retention_policy[0].monthly_retention == "PT0S" + - output.long_term_retention_policy[0].yearly_retention == "PT0S" + - output.long_term_retention_policy[0].weekly_retention == "PT0S" + - output.long_term_retention_policy[0].week_of_year == 0 + +- name: Update the database long term retention policy + azure_rm_sqlmidblongtermretentionpolicy: + resource_group: "{{ resource_group }}" + managed_instance_name: "{{ random_postfix }}" + database_name: "database{{ random_postfix }}" + policy_name: default + monthly_retention: P3M + week_of_year: 13 + weekly_retention: P13W + yearly_retention: P3Y + register: output + +- name: Assert the sql managed datebase long term retention policy updated + ansible.builtin.assert: + that: + - output.changed + +- name: Get sql managed database long term retention policy by name + azure_rm_sqlmidblongtermretentionpolicy_info: + resource_group: "{{ resource_group }}" + managed_instance_name: "{{ random_postfix }}" + database_name: "database{{ random_postfix }}" + policy_name: default + register: output + +- name: Assert the sql managed datebase long term retention policy facts + ansible.builtin.assert: + that: + - output.long_term_retention_policy[0].name == 'default' + - output.long_term_retention_policy[0].monthly_retention == "P3M" + - output.long_term_retention_policy[0].yearly_retention == "P3Y" + - output.long_term_retention_policy[0].weekly_retention == "P13W" + - output.long_term_retention_policy[0].week_of_year == 13 + +- name: Get the sql managed instance database short term retention policy facts + azure_rm_sqlmidbshorttermretentionpolicy_info: + resource_group: "{{ resource_group }}" + managed_instance_name: "{{ random_postfix }}" + database_name: "database{{ random_postfix }}" + policy_name: default + register: output + +- name: Assert the sql managed datebase short term retention policy facts + ansible.builtin.assert: + that: + - output.short_term_retention_policy[0].name == 'default' + - output.short_term_retention_policy[0].retention_days == 7 + +- name: Update the sql managed short term retetion + azure_rm_sqlmidbshorttermretentionpolicy: + resource_group: "{{ resource_group }}" + managed_instance_name: "{{ random_postfix }}" + database_name: "database{{ random_postfix }}" + policy_name: default + retention_days: 10 + register: output + +- name: Assert the sql managed datebase short term retention policy updated + ansible.builtin.assert: + that: + - output.changed + +- name: Get the sql managed instance database short term retention policy facts + azure_rm_sqlmidbshorttermretentionpolicy_info: + resource_group: "{{ resource_group }}" + managed_instance_name: "{{ random_postfix }}" + database_name: "database{{ random_postfix }}" + policy_name: default + register: output + +- name: Assert the sql managed datebase short term retention policy facts + ansible.builtin.assert: + that: + - output.short_term_retention_policy[0].name == 'default' + - output.short_term_retention_policy[0].retention_days == 10 + +- name: Delete the sql managed database + azure_rm_sqlmidatabase: + resource_group: "{{ resource_group }}" + managed_instance_name: "{{ random_postfix }}" + database_name: "database{{ random_postfix }}" + state: absent + register: output + +- name: Assert the sql managed datebase deleted + ansible.builtin.assert: + that: + - output.changed + +- name: Delete sql managed instance + azure_rm_sqlmanagedinstance: + resource_group: "{{ resource_group }}" + name: "{{ random_postfix }}" + state: absent diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageaccountmanagementpolicy/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageaccountmanagementpolicy/aliases new file mode 100644 index 000000000..aa77c071a --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageaccountmanagementpolicy/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group2 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageaccountmanagementpolicy/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageaccountmanagementpolicy/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageaccountmanagementpolicy/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageaccountmanagementpolicy/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageaccountmanagementpolicy/tasks/main.yml new file mode 100644 index 000000000..96245a06a --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageaccountmanagementpolicy/tasks/main.yml @@ -0,0 +1,242 @@ +- name: Set random value + ansible.builtin.set_fact: + rpfx: "{{ resource_group | hash('md5') | truncate(22, True, '') }}" + +- name: Create storage account with static website disabled + azure_rm_storageaccount: + resource_group: "{{ resource_group }}" + name: "st{{ rpfx }}" + account_type: Standard_LRS + kind: StorageV2 + static_website: + enabled: false + +- name: Create storage account management policy rule (Check mode test) + azure_rm_storageaccountmanagementpolicy: + resource_group: "{{ resource_group }}" + storage_account_name: "st{{ rpfx }}" + rules: + - name: olcmtest + type: Lifecycle + enabled: false + definition: + actions: + base_blob: + enable_auto_tier_to_hot_from_cool: true + delete: + days_after_modification_greater_than: 22 + days_after_last_access_time_greater_than: 22 + tier_to_cool: + days_after_modification_greater_than: 22 + days_after_last_access_time_greater_than: 22 + tier_to_archive: + days_after_modification_greater_than: 22 + days_after_last_access_time_greater_than: 22 + snapshot: + tier_to_cool: + days_after_creation_greater_than: 22 + tier_to_archive: + days_after_creation_greater_than: 22 + delete: + days_after_creation_greater_than: 22 + version: + tier_to_archive: + days_after_creation_greater_than: 22 + tier_to_cool: + days_after_creation_greater_than: 22 + delete: + days_after_creation_greater_than: 22 + filters: + prefix_match: + - olcmtestcontainer + blob_types: + - blockBlob + - appendBlob + blob_index_match: + - name: tags6 + op: '==' + value: value6 + check_mode: true + +- name: Create storage account management policy rule + azure_rm_storageaccountmanagementpolicy: + resource_group: "{{ resource_group }}" + storage_account_name: "st{{ rpfx }}" + rules: + - name: olcmtest + type: Lifecycle + enabled: false + definition: + actions: + base_blob: + enable_auto_tier_to_hot_from_cool: true + delete: + days_after_modification_greater_than: 22 + days_after_last_access_time_greater_than: 22 + tier_to_cool: + days_after_modification_greater_than: 22 + days_after_last_access_time_greater_than: 22 + tier_to_archive: + days_after_modification_greater_than: 22 + days_after_last_access_time_greater_than: 22 + snapshot: + tier_to_cool: + days_after_creation_greater_than: 22 + tier_to_archive: + days_after_creation_greater_than: 22 + delete: + days_after_creation_greater_than: 22 + version: + tier_to_archive: + days_after_creation_greater_than: 22 + tier_to_cool: + days_after_creation_greater_than: 22 + delete: + days_after_creation_greater_than: 22 + filters: + prefix_match: + - olcmtestcontainer + blob_types: + - blockBlob + - appendBlob + blob_index_match: + - name: tags6 + op: '==' + value: value6 + register: output + +- name: Assert the Managed policy created + ansible.builtin.assert: + that: + - output.changed + +- name: Create storage account management policy rule(Idempotent test) + azure_rm_storageaccountmanagementpolicy: + resource_group: "{{ resource_group }}" + storage_account_name: "st{{ rpfx }}" + rules: + - name: olcmtest + type: Lifecycle + enabled: false + definition: + actions: + base_blob: + enable_auto_tier_to_hot_from_cool: true + delete: + days_after_modification_greater_than: 22 + days_after_last_access_time_greater_than: 22 + tier_to_cool: + days_after_modification_greater_than: 22 + days_after_last_access_time_greater_than: 22 + tier_to_archive: + days_after_modification_greater_than: 22 + days_after_last_access_time_greater_than: 22 + snapshot: + tier_to_cool: + days_after_creation_greater_than: 22 + tier_to_archive: + days_after_creation_greater_than: 22 + delete: + days_after_creation_greater_than: 22 + version: + tier_to_archive: + days_after_creation_greater_than: 22 + tier_to_cool: + days_after_creation_greater_than: 22 + delete: + days_after_creation_greater_than: 22 + filters: + prefix_match: + - olcmtestcontainer + blob_types: + - blockBlob + - appendBlob + blob_index_match: + - name: tags6 + op: '==' + value: value6 + register: output + +- name: Assert the Managed policy no change + ansible.builtin.assert: + that: + - not output.changed + +- name: Create storage account management policy rule(Updating test) + azure_rm_storageaccountmanagementpolicy: + resource_group: "{{ resource_group }}" + storage_account_name: "st{{ rpfx }}" + rules: + - name: olcmtest + type: Lifecycle + enabled: false + definition: + actions: + base_blob: + enable_auto_tier_to_hot_from_cool: true + delete: + days_after_modification_greater_than: 33 + days_after_last_access_time_greater_than: 33 + tier_to_cool: + days_after_modification_greater_than: 33 + days_after_last_access_time_greater_than: 33 + tier_to_archive: + days_after_modification_greater_than: 33 + days_after_last_access_time_greater_than: 33 + snapshot: + tier_to_cool: + days_after_creation_greater_than: 33 + tier_to_archive: + days_after_creation_greater_than: 33 + delete: + days_after_creation_greater_than: 33 + version: + tier_to_archive: + days_after_creation_greater_than: 33 + tier_to_cool: + days_after_creation_greater_than: 33 + delete: + days_after_creation_greater_than: 33 + filters: + prefix_match: + - olcmtestcontainer + blob_types: + - blockBlob + - appendBlob + blob_index_match: + - name: tags6 + op: '==' + value: value6 + register: output + +- name: Assert the Managed policy updated + ansible.builtin.assert: + that: + - output.changed + +- name: Get storage account management policy + azure_rm_storageaccountmanagementpolicy_info: + resource_group: "{{ resource_group }}" + storage_account_name: "st{{ rpfx }}" + register: output + +- name: Assert the management policy rule facts + ansible.builtin.assert: + that: + - output.state.policy.rules[0].enabled is false + - output.state.policy.rules[0].name == 'olcmtest' + - output.state.policy.rules[0].type == 'Lifecycle' + - output.state.policy.rules[0].definition.actions.base_blob.enable_auto_tier_to_hot_from_cool is true + - output.state.policy.rules | length == 1 + +- name: Delete the storage account management policy's rule + azure_rm_storageaccountmanagementpolicy: + resource_group: "{{ resource_group }}" + storage_account_name: "st{{ rpfx }}" + state: absent + register: output + +- name: Assert the Managed policy deleted + ansible.builtin.assert: + that: + - output.changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageblob/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageblob/tasks/main.yml index 98cd3dc38..71abbbbf1 100644 --- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageblob/tasks/main.yml +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_storageblob/tasks/main.yml @@ -8,6 +8,7 @@ resource_group: "{{ resource_group }}" name: "{{ storage_account }}" account_type: Standard_LRS + register: az_storageaccount - name: Create container azure_rm_storageblob: @@ -16,6 +17,24 @@ account_name: "{{ storage_account }}" container_name: my-blobs +- name: Lookup service principal object id + ansible.builtin.set_fact: + object_id: "{{ lookup('azure.azcollection.azure_service_principal_attribute', + azure_client_id=azure_client_id, + azure_secret=azure_secret, + azure_tenant=azure_tenant) }}" + register: spn_facts + +- name: Create role assignment by scope (Storage Blob Data Contributor) + azure_rm_roleassignment: + scope: "{{ az_storageaccount.state.id }}/blobServices/default/containers/my-blobs" + assignee_object_id: "{{ spn_facts.ansible_facts.object_id }}" + role_definition_id: "/providers/Microsoft.Authorization/roleDefinitions/ba92f5b4-2d11-453d-a403-e96b0029c9fe" + +- name: Pause for 30 seconds + ansible.builtin.command: sleep 30 + changed_when: true + - name: Force upload blob azure_rm_storageblob: auth_mode: login diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/inventory.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/inventory.yml index 63ba77727..62525210f 100644 --- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/inventory.yml +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/inventory.yml @@ -13,6 +13,10 @@ all: network: 10.42.2.0/24 subnet: 10.42.2.0/28 + azure_test_skus: + network: 10.42.3.0/24 + subnet: 10.42.3.0/28 + azure_test_minimal: network: 10.42.3.0/24 subnet: 10.42.3.0/28 diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_public_ip.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_public_ip.yml index f24be88e2..0ef24fd82 100644 --- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_public_ip.yml +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_public_ip.yml @@ -31,9 +31,12 @@ azure_rm_networkinterface: resource_group: "{{ resource_group }}" name: "{{ interface_name }}" + ip_configurations: + - name: default + primary: true + public_ip_address_name: "{{ public_ip_name }}" virtual_network: "{{ network_name }}" subnet: "{{ subnet_name }}" - public_ip_name: "{{ public_ip_name }}" security_group: "{{ security_group }}" - name: Create virtual machine with a single NIC and no boot diagnostics @@ -233,7 +236,7 @@ azure_rm_virtualmachine: resource_group: "{{ resource_group }}" name: "{{ vm_name }}" - vm_size: Standard_A1 + vm_size: Standard_A1_v2 storage_account: "{{ storage_account }}" storage_container: "{{ vm_name }}" storage_blob: "{{ vm_name }}.vhd" @@ -256,7 +259,7 @@ ansible.builtin.assert: that: - resize_result is changed - - resize_result.ansible_facts.azure_vm.hardware_profile.vm_size == "Standard_A1" + - resize_result.ansible_facts.azure_vm.hardware_profile.vm_size == "Standard_A1_v2" - name: Delete VM azure_rm_virtualmachine: diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_skus.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_skus.yml new file mode 100644 index 000000000..f65c15869 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachine/tasks/azure_test_skus.yml @@ -0,0 +1,136 @@ +- name: Set variables + ansible.builtin.include_tasks: setup.yml + +- name: Gather Resource Group info + azure.azcollection.azure_rm_resourcegroup_info: + name: "{{ resource_group }}" + register: rg_info + +- name: List available VM SKUs + azure.azcollection.azure_rm_vmsku_info: + location: "{{ rg_info.resourcegroups.0.location }}" + resource_type: "virtualMachines" + size: "standard_B1" + zone: true + register: available_skus_result + +- name: Create desired capabilities list + ansible.builtin.set_fact: + desired_capabilities: [ + { + "name": "MaxResourceVolumeMB", + "value": "4096" + }, + { + "name": "MemoryGB", + "value": "2" + }] + +- name: Filter available SKUs with desired capabilities + ansible.builtin.set_fact: + skus_result: | + {% set skus_result = [] %} + {% for item in available_skus_result.available_skus -%} + {% set ns = namespace(use_sku=True) %} + {% for capability in item.capabilities -%} + {% for desired in desired_capabilities -%} + {% if capability.name == desired.name and capability.value != desired.value -%} + {% set ns.use_sku = False %} + {%- endif %} + {%- endfor %} + {%- endfor %} + {% if ns.use_sku -%} + {{ skus_result.append(item.name) }} + {%- endif %} + {%- endfor %} + {{ skus_result }} + failed_when: skus_result[0] is not defined + +- name: Create VM with first sku in avilable skus list + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + admin_username: "testuser" + ssh_password_enabled: false + ssh_public_keys: + - path: /home/testuser/.ssh/authorized_keys + key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com" + vm_size: "{{ skus_result[0] }}" + virtual_network: "{{ network_name }}" + image: + offer: 0001-com-ubuntu-server-focal + publisher: Canonical + sku: 20_04-lts + version: latest + register: vm_output + +- name: Query auto created security group before deleting + azure_rm_securitygroup_info: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}01" + register: nsg_result + +- name: Assert that security group were exist before deleting + ansible.builtin.assert: + that: + - nsg_result.securitygroups | length == 1 + - nsg_result.securitygroups[0].network_interfaces | length == 1 + +- name: Delete VM + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}" + remove_on_absent: all_autocreated + state: absent + +- name: Query auto created NIC + azure_rm_networkinterface_info: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}01" + register: nic_result + +- name: Query auto created security group + azure_rm_securitygroup_info: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}01" + register: nsg_result + +- name: Query auto created public IP + azure_rm_publicipaddress_info: + resource_group: "{{ resource_group }}" + name: "{{ vm_name }}01" + register: pip_result + +- name: Assert that autocreated resources were deleted + ansible.builtin.assert: + that: + # what about the default storage group? + - nic_result.networkinterfaces | length == 0 + - nsg_result.securitygroups | length == 0 + - pip_result.publicipaddresses | length == 0 + +- name: Destroy subnet + azure_rm_subnet: + resource_group: "{{ resource_group }}" + virtual_network: "{{ network_name }}" + name: "{{ subnet_name }}" + state: absent + +- name: Destroy virtual network + azure_rm_virtualnetwork: + resource_group: "{{ resource_group }}" + name: "{{ network_name }}" + state: absent + +- name: Destroy availability set + azure_rm_availabilityset: + resource_group: "{{ resource_group }}" + name: "{{ availability_set }}" + state: absent + +- name: Destroy storage account + azure_rm_storageaccount: + resource_group: "{{ resource_group }}" + name: "{{ storage_account }}" + force_delete_nonempty: true + state: absent diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachineextension/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachineextension/tasks/main.yml index e053cf0b8..b544b4a71 100644 --- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachineextension/tasks/main.yml +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachineextension/tasks/main.yml @@ -39,9 +39,12 @@ azure_rm_networkinterface: resource_group: "{{ resource_group }}" name: testNIC + ip_configurations: + - name: default + primary: true + public_ip_address_name: testPublicIP virtual_network: testVnet1 subnet: testSubnet - public_ip_name: testPublicIP security_group_name: testNetworkSecurityGroup - name: Create a storage account diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachinescaleset/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachinescaleset/tasks/main.yml index c3c5336ae..dd429406c 100644 --- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachinescaleset/tasks/main.yml +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualmachinescaleset/tasks/main.yml @@ -27,7 +27,11 @@ azure_rm_loadbalancer: resource_group: "{{ resource_group }}" name: testLB - public_ip_address_name: testPublicIP + frontend_ip_configurations: + - name: frontendipconf0 + public_ip_address: testPublicIP + backend_address_pools: + - name: backendaddrp0 sku: Standard - name: Create public IP address 1 @@ -41,7 +45,11 @@ azure_rm_loadbalancer: resource_group: "{{ resource_group }}" name: testLB1 - public_ip_address_name: testPublicIP1 + frontend_ip_configurations: + - name: frontendipconf0 + public_ip_address: testPublicIP1 + backend_address_pools: + - name: backendaddrp1 sku: Standard - name: Create network security group within same resource group of VMSS. diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetworkgatewaynatrule/aliases b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetworkgatewaynatrule/aliases new file mode 100644 index 000000000..aa77c071a --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetworkgatewaynatrule/aliases @@ -0,0 +1,3 @@ +cloud/azure +shippable/azure/group2 +destructive diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetworkgatewaynatrule/meta/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetworkgatewaynatrule/meta/main.yml new file mode 100644 index 000000000..95e1952f9 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetworkgatewaynatrule/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_azure diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetworkgatewaynatrule/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetworkgatewaynatrule/tasks/main.yml new file mode 100644 index 000000000..9ca17e251 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_virtualnetworkgatewaynatrule/tasks/main.yml @@ -0,0 +1,131 @@ +- name: Prepare random number + ansible.builtin.set_fact: + natrulename: "nat{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + vnetname: "vnet{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + vngname: "vng{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + pubipname: "testPublicIP{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" + +- name: Create virtual network + azure_rm_virtualnetwork: + resource_group: "{{ resource_group }}" + name: "{{ vnetname }}" + address_prefixes: "10.0.0.0/16" + +- name: Add subnet + azure_rm_subnet: + resource_group: "{{ resource_group }}" + name: GatewaySubnet + address_prefix: "10.0.2.0/24" + virtual_network: "{{ vnetname }}" + +- name: Create public IP address + azure_rm_publicipaddress: + resource_group: "{{ resource_group }}" + allocation_method: Dynamic + name: "{{ pubipname }}" + +- name: Create a virtual network gateway + azure_rm_virtualnetworkgateway: + resource_group: "{{ resource_group }}" + name: "{{ vngname }}" + sku: VpnGw2 + vpn_gateway_generation: Generation2 + ip_configurations: + - name: testipconfig + private_ip_allocation_method: Dynamic + public_ip_address_name: "{{ pubipname }}" + virtual_network: "{{ vnetname }}" + +- name: Create a virtual netowrk nat rule(check_mode test) + azure_rm_virtualnetworkgatewaynatrule: + resource_group: "{{ resource_group }}" + virtual_network_gateway_name: "{{ vngname }}" + name: "{{ natrulename }}" + type_properties_type: Static + mode: EgressSnat + internal_mappings: + - 10.1.0.0/24 + external_mappings: + - 192.168.1.0/24 + check_mode: true + +- name: Create a virtual netowrk nat rule + azure_rm_virtualnetworkgatewaynatrule: + resource_group: "{{ resource_group }}" + virtual_network_gateway_name: "{{ vngname }}" + name: "{{ natrulename }}" + type_properties_type: Static + mode: EgressSnat + internal_mappings: + - 10.1.0.0/24 + external_mappings: + - 192.168.1.0/24 + register: output + +- name: Assert the virtual network nat rule is well created + ansible.builtin.assert: + that: + - output.changed + +- name: Create a virtual netowrk nat rule(Idempotent test) + azure_rm_virtualnetworkgatewaynatrule: + resource_group: "{{ resource_group }}" + virtual_network_gateway_name: "{{ vngname }}" + name: "{{ natrulename }}" + type_properties_type: Static + mode: EgressSnat + internal_mappings: + - 10.1.0.0/24 + external_mappings: + - 192.168.1.0/24 + register: output + +- name: Assert the virtual network nat rule no changed + ansible.builtin.assert: + that: + - not output.changed + +- name: Create a new virtual netowrk nat rule (Update test) + azure_rm_virtualnetworkgatewaynatrule: + resource_group: "{{ resource_group }}" + virtual_network_gateway_name: "{{ vngname }}" + name: "{{ natrulename }}" + type_properties_type: Static + mode: EgressSnat + internal_mappings: + - 10.3.0.0/24 + external_mappings: + - 192.168.2.0/24 + register: output + +- name: Assert the virtual network nat rule is well Updated + ansible.builtin.assert: + that: + - output.changed + +- name: Get the virtual netowrk nat rule facts + azure_rm_virtualnetworkgatewaynatrule_info: + resource_group: "{{ resource_group }}" + virtual_network_gateway_name: "{{ vngname }}" + name: "{{ natrulename }}" + register: output + +- name: Assert the virtual network nat rule facts + ansible.builtin.assert: + that: + - output.state[0].mode == 'EgressSnat' + - output.state[0].internal_mappings == ["10.3.0.0/24"] + - output.state[0].external_mappings == ["192.168.2.0/24"] + +- name: Delete the virtual netowrk nat rule + azure_rm_virtualnetworkgatewaynatrule: + resource_group: "{{ resource_group }}" + virtual_network_gateway_name: "{{ vngname }}" + name: "{{ natrulename }}" + state: absent + register: output + +- name: Assert the virtual network nat rule deleted + ansible.builtin.assert: + that: + - output.changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webapp/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webapp/tasks/main.yml index 6b8128eb3..e766953fc 100644 --- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webapp/tasks/main.yml +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webapp/tasks/main.yml @@ -557,6 +557,74 @@ - facts.webapps[0].ftps_state == 'Disabled' - not facts.webapps[0].http20_enabled +- name: Create a windows web app with site_auth_settings + azure_rm_webapp: + resource_group: "{{ resource_group }}" + name: "{{ win_app_name }}-auth" + plan: + resource_group: "{{ resource_group }}" + name: "{{ win_plan_name }}-auth" + is_linux: false + sku: S1 + site_auth_settings: + client_id: "{{ azure_client_id }}" + default_provider: 'MicrosoftAccount' + runtime_version: '-2' + token_refresh_extension_hours: 90 + unauthenticated_client_action: 'RedirectToLoginPage' + client_secret: "{{ azure_secret }}" + token_store_enabled: true + is_auth_from_file: false + enabled: false + register: output + +- name: Assert the web app is well created + ansible.builtin.assert: + that: + output.changed + +- name: Update the web app with site_auth_settings + azure_rm_webapp: + resource_group: "{{ resource_group }}" + name: "{{ win_app_name }}-auth" + plan: + resource_group: "{{ resource_group }}" + name: "{{ win_plan_name }}-auth" + is_linux: false + sku: S1 + site_auth_settings: + client_id: "{{ azure_client_id }}" + default_provider: 'MicrosoftAccount' + runtime_version: '-3' + token_refresh_extension_hours: 100 + unauthenticated_client_action: 'RedirectToLoginPage' + client_secret: "{{ azure_secret }}" + token_store_enabled: false + is_auth_from_file: false + enabled: true + register: output + +- name: Assert the web app is well updated + ansible.builtin.assert: + that: + output.changed + +- name: Get the web app facts + azure_rm_webapp_info: + resource_group: "{{ resource_group }}" + name: "{{ win_app_name }}-auth" + register: output + +- name: Assert the web app facts + ansible.builtin.assert: + that: + - output.webapps[0].site_auth_settings.enabled is true + - output.webapps[0].site_auth_settings.is_auth_from_file == 'false' + - output.webapps[0].site_auth_settings.runtime_version == '-3' + - output.webapps[0].site_auth_settings.token_refresh_extension_hours == 100.0 + - output.webapps[0].site_auth_settings.token_store_enabled is false + - output.webapps[0].site_auth_settings.unauthenticated_client_action == 'RedirectToLoginPage' + - name: Create a webapp slot (Check mode) azure_rm_webappslot: resource_group: "{{ resource_group }}" diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webappaccessrestriction/tasks/main.yml b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webappaccessrestriction/tasks/main.yml index 9850dd148..a9496c992 100644 --- a/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webappaccessrestriction/tasks/main.yml +++ b/ansible_collections/azure/azcollection/tests/integration/targets/azure_rm_webappaccessrestriction/tasks/main.yml @@ -3,6 +3,20 @@ rpfx: "{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}" run_once: true +- name: Create virtual network + azure_rm_virtualnetwork: + resource_group: "{{ resource_group }}" + name: "vnet-{{ rpfx }}" + address_prefixes: 10.42.0.0/24 + +- name: Create subnet + azure_rm_subnet: + resource_group: "{{ resource_group }}" + name: "subnet-{{ rpfx }}" + address_prefix: 10.42.0.0/28 + virtual_network: "vnet-{{ rpfx }}" + register: subnet_output + - name: Create a web app azure_rm_webapp: resource_group: "{{ resource_group }}" @@ -26,9 +40,16 @@ action: "Allow" ip_address: "2.2.2.2/24" priority: 2 + - name: "Datacenter 3" + action: Allow + priority: 3 + description: "fred test 03" + tag: XffProxy + vnet_subnet_resource_id: "{{ subnet_output.state.id }}" scm_ip_security_restrictions_use_main: true register: output check_mode: true + - name: Assert the resource is well created ansible.builtin.assert: that: output.changed @@ -46,17 +67,26 @@ action: "Allow" ip_address: "2.2.2.2/24" priority: 2 + - name: "Datacenter 3" + action: Allow + priority: 3 + description: "fred test 03" + tag: XffProxy + vnet_subnet_resource_id: "{{ subnet_output.state.id }}" scm_ip_security_restrictions_use_main: true register: output - name: Assert the resource is well created ansible.builtin.assert: that: - output.changed - - output.ip_security_restrictions | length == 2 + - output.ip_security_restrictions | length == 3 - output.ip_security_restrictions[0].action == 'Allow' - output.ip_security_restrictions[0].ip_address == '1.1.1.1/24' - output.ip_security_restrictions[1].action == 'Allow' - output.ip_security_restrictions[1].ip_address == '2.2.2.2/24' + - output.ip_security_restrictions[2].priority == 3 + - output.ip_security_restrictions[2].tag == "XffProxy" + - output.ip_security_restrictions[2].vnet_subnet_resource_id == subnet_output.state.id - output.scm_ip_security_restrictions_use_main == true - name: "Check webapp access restriction facts 1" @@ -68,11 +98,14 @@ ansible.builtin.assert: that: - not output.changed - - output.ip_security_restrictions | length == 2 + - output.ip_security_restrictions | length == 3 - output.ip_security_restrictions[0].action == 'Allow' - output.ip_security_restrictions[0].ip_address == '1.1.1.1/24' - output.ip_security_restrictions[1].action == 'Allow' - output.ip_security_restrictions[1].ip_address == '2.2.2.2/24' + - output.ip_security_restrictions[2].priority == 3 + - output.ip_security_restrictions[2].tag == "XffProxy" + - output.ip_security_restrictions[2].vnet_subnet_resource_id == subnet_output.state.id - output.scm_ip_security_restrictions_use_main == true - name: "Create webapp access restriction - idempotent" @@ -88,8 +121,15 @@ action: "Allow" ip_address: "2.2.2.2/24" priority: 2 + - name: "Datacenter 3" + action: Allow + priority: 3 + description: "fred test 03" + tag: XffProxy + vnet_subnet_resource_id: "{{ subnet_output.state.id }}" scm_ip_security_restrictions_use_main: true register: output + - name: Assert the resource is not changed ansible.builtin.assert: that: not output.changed diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/setup.yml b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/setup.yml index f162e9134..6e932d54b 100644 --- a/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/setup.yml +++ b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/setup.yml @@ -47,3 +47,24 @@ sku: 20_04-lts version: latest register: vm_output + + - name: Create minimal VM 2 with defaults + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name_2 }}" + admin_username: testuser + ssh_password_enabled: false + ssh_public_keys: + - path: /home/testuser/.ssh/authorized_keys + key_data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfoYlIV4lTPZTv7hXaVwQQuqBgGs4yeNRX0SPo2+HQt9u4X7IGwrtXc0nEUm6LfaCikMH58bOL8f20NTGz285kxdFHZRcBXtqmnMz2rXwhK9gwq5h1khc+GzHtdcJXsGA4y0xuaNcidcg04jxAlN/06fwb/VYwwWTVbypNC0gpGEpWckCNm8vlDlA55sU5et0SZ+J0RKVvEaweUOeNbFZqckGPA384imfeYlADppK/7eAxqfBVadVvZG8IJk4yvATgaIENIFj2cXxqu2mQ/Bp5Wr45uApvJsFXmi+v/nkiOEV1QpLOnEwAZo6EfFS4CCQtsymxJCl1PxdJ5LD4ZOtP xiuxi.sun@qq.com" + vm_size: Standard_B1ms + virtual_network: "{{ network_name }}" + image: + offer: 0001-com-ubuntu-server-focal + publisher: Canonical + sku: 20_04-lts + version: latest + tags: + Deployment-Method: Ansible + Automation-Method: Ansible + register: vm_output_2 diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/teardown.yml b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/teardown.yml index 2a131033a..51690d199 100644 --- a/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/teardown.yml +++ b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/teardown.yml @@ -15,6 +15,13 @@ remove_on_absent: all_autocreated state: absent + - name: Delete VM 2 + azure_rm_virtualmachine: + resource_group: "{{ resource_group }}" + name: "{{ vm_name_2 }}" + remove_on_absent: all_autocreated + state: absent + - name: Destroy subnet azure_rm_subnet: resource_group: "{{ resource_group }}" diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/test_inventory_filter.yml b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/test_inventory_filter.yml new file mode 100644 index 000000000..b3e715506 --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/test_inventory_filter.yml @@ -0,0 +1,21 @@ +--- +- name: Config hosts + hosts: localhost + connection: local + gather_facts: false + tasks: + - name: Set facts + ansible.builtin.include_vars: vars.yml + + - name: Refresh inventory + ansible.builtin.meta: refresh_inventory + + - name: Test vm_name_2 in Inventory + ansible.builtin.assert: + that: + - vm_name_2 in hostvars + + - name: Test vm_name not in Inventory + ansible.builtin.assert: + that: + - vm_name not in hostvars diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/vars.yml b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/vars.yml index dc6bbe080..87fa5608f 100644 --- a/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/vars.yml +++ b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/playbooks/vars.yml @@ -5,6 +5,7 @@ uid_short: "{{ (resource_group ~ inventory_hostname) | hash('md5') | truncate(10 storage_account: "{{ 'stor' ~ uid }}" availability_set: "{{ 'avbs' ~ uid_short }}" vm_name: "{{ 'vm' ~ uid_short }}" +vm_name_2: "{{ 'vm2' ~ uid_short }}" network_name: "{{ 'vnet' ~ uid_short }}" subnet_name: "{{ 'snet' ~ uid_short }}" security_group: "{{ 'sg' ~ uid_short }}" diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/runme.sh b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/runme.sh index 6f381c0a5..30c86d9ca 100755 --- a/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/runme.sh +++ b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/runme.sh @@ -19,6 +19,11 @@ ansible-playbook playbooks/empty_inventory_config.yml "$@" ansible-playbook playbooks/create_inventory_config.yml "$@" --extra-vars "template=basic2.yml" ansible-playbook playbooks/test_inventory.yml "$@" +# using host filters +ansible-playbook playbooks/empty_inventory_config.yml "$@" +ansible-playbook playbooks/create_inventory_config.yml "$@" --extra-vars "template=filter.yml" +ansible-playbook playbooks/test_inventory_filter.yml "$@" + # teardown ansible-playbook playbooks/teardown.yml "$@" diff --git a/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/templates/filter.yml b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/templates/filter.yml new file mode 100644 index 000000000..a928de0da --- /dev/null +++ b/ansible_collections/azure/azcollection/tests/integration/targets/inventory_azure/templates/filter.yml @@ -0,0 +1,14 @@ +--- +plugin: azure.azcollection.azure_rm +conditional_groups: + azure: true +exclude_host_filters: + - location not in ['eastus', 'northcentralus'] + - powerstate != 'running' + - not (tags['Deployment-Method'] | default('Exclude') == 'Ansible' and tags['Automation-Method'] | default('Exclude') == 'Ansible') + # Customer tried to use the following filter but dashes in variable names is not allowed. + # Workaround was to use the dictionary access method above with defaults. + #- not (tags.Deployment-Method == 'Ansible' and tags.Automation-Method == 'Ansible') +# fail_on_template_errors should be enabled for debugging and possibly all times. +fail_on_template_errors: True +plain_host_names: true |