azure_rm_securitygroup - idempotence when ports are lists

ansible-collections · Apr 21, 2021 · d962d08 · d962d08
1 parent 6ad65e7
commit d962d08
Show file tree

Hide file tree

Showing 2 changed files with 25 additions and 9 deletions.
diff --git a/plugins/modules/azure_rm_securitygroup.py b/plugins/modules/azure_rm_securitygroup.py
@@ -475,6 +475,8 @@ def compare_rules_change(old_list, new_list, purge_list):
 
 
 def compare_rules(old_rule, rule):
+    def compare_list_rule(old_rule, rule, key):
+        return set(map(str, rule.get(key) or [])) != set(map(str, old_rule.get(key) or []))
     changed = False
     if old_rule['name'] != rule['name']:
         changed = True
@@ -496,17 +498,17 @@ def compare_rules(old_rule, rule):
         changed = True
     if str(rule['destination_address_prefix']) != str(old_rule['destination_address_prefix']):
         changed = True
-    if set(rule.get('source_address_prefixes') or []) != set(old_rule.get('source_address_prefixes') or []):
+    if compare_list_rule(old_rule, rule, 'source_address_prefixes'):
         changed = True
-    if set(rule.get('destination_address_prefixes') or []) != set(old_rule.get('destination_address_prefixes') or []):
+    if compare_list_rule(old_rule, rule, 'destination_address_prefixes'):
         changed = True
-    if set(rule.get('source_port_ranges') or []) != set(old_rule.get('source_port_ranges') or []):
+    if compare_list_rule(old_rule, rule, 'source_port_ranges'):
         changed = True
-    if set(rule.get('destination_port_ranges') or []) != set(old_rule.get('destination_port_ranges') or []):
+    if compare_list_rule(old_rule, rule, 'destination_port_ranges'):
         changed = True
-    if set(rule.get('source_application_security_groups') or []) != set(old_rule.get('source_application_security_groups') or []):
+    if compare_list_rule(old_rule, rule, 'source_application_security_groups'):
         changed = True
-    if set(rule.get('destination_application_security_groups') or []) != set(old_rule.get('destination_application_security_groups') or []):
+    if compare_list_rule(old_rule, rule, 'destination_application_security_groups'):
         changed = True
     return changed
 

diff --git a/tests/integration/targets/azure_rm_securitygroup/tasks/main.yml b/tests/integration/targets/azure_rm_securitygroup/tasks/main.yml
@@ -61,11 +61,18 @@
             source_address_prefix: 174.109.158.0/24
             destination_port_range: 22-23
             priority: 102
+          - name: AllowHTTPandHTTPS
+            protocol: Tcp
+            source_address_prefix: 174.109.158.0/24
+            destination_port_range:
+              - 80
+              - 443
+            priority: 103
   register: output
 
-- assert: 
+- assert:
       that:
-          - "{{ output.state.rules | length }} == 3"
+          - "{{ output.state.rules | length }} == 4"
           - output.state.rules[0].source_address_prefix == '174.108.158.0/24'
 
 - name: Test idempotence
@@ -84,6 +91,13 @@
             source_address_prefix: 174.109.158.0/24
             destination_port_range: 22-23
             priority: 102
+          - name: AllowHTTPandHTTPS
+            protocol: Tcp
+            source_address_prefix: 174.109.158.0/24
+            destination_port_range:
+              - 80
+              - 443
+            priority: 103
   register: output
 
 - assert:
@@ -214,7 +228,7 @@
   register: output
 
 - assert:
-     that: 
+     that:
       - output.changed
       - "{{ output.state.rules | length }} == 2"