Fix nsg cannot add rule with purge_rules false (#43699)

2018-08-08 11:41:46 +08:00 · 2018-08-08 11:41:46 +08:00 · 88a738b0ba
commit 88a738b0ba
parent 5088f7c926
2 changed files with 30 additions and 0 deletions
--- a/lib/ansible/modules/cloud/azure/azure_rm_securitygroup.py
+++ b/lib/ansible/modules/cloud/azure/azure_rm_securitygroup.py
@ -348,6 +348,7 @@ except ImportError:

 from ansible.module_utils.azure_rm_common import AzureRMModuleBase
 from ansible.module_utils.six import integer_types
+from ansible.module_utils._text import to_native


 def validate_rule(self, rule, rule_type=None):
@ -386,6 +387,11 @@ def compare_rules_change(old_list, new_list, purge_list):
            new_list.append(old_rule)
        else:  # one rule is removed
            changed = True
+    # Compare new list and old list is the same? here only compare names
+    if not changed:
+        new_names = [to_native(x['name']) for x in new_list]
+        old_names = [to_native(x['name']) for x in old_list]
+        changed = (set(new_names) != set(old_names))
    return changed, new_list


--- a/test/integration/targets/azure_rm_securitygroup/tasks/main.yml
+++ b/test/integration/targets/azure_rm_securitygroup/tasks/main.yml
@ -187,6 +187,30 @@
 - assert:
      that: not output.changed

+- name: Add a single one group
+  azure_rm_securitygroup:
+      resource_group: "{{ resource_group }}"
+      name: "{{ secgroupname }}"
+      tags:
+          testing: testing
+          delete: on-exit
+          foo: bar
+      rules:
+          - name: DenySSH
+            protocol: Tcp
+            source_address_prefix:
+            - 54.120.120.240
+            destination_port_range: 22
+            access: Deny
+            priority: 102
+            direction: Inbound
+  register: output
+
+- assert:
+     that: 
+      - output.changed
+      - "{{ output.state.rules | length }} == 2"
+
 - name: Delete all security groups
  azure_rm_securitygroup:
      resource_group: "{{ resource_group }}"