Merge pull request #57 from p3ck/integration_tests

Integration tests

Author: alinabuzachis

.gitignore

@@ -1,6 +1,7 @@
 # Created by https://www.gitignore.io/api/git,linux,pydev,python,windows,pycharm+all,jupyternotebook,vim,webstorm,emacs,dotenv
 # Edit at https://www.gitignore.io/?templates=git,linux,pydev,python,windows,pycharm+all,jupyternotebook,vim,webstorm,emacs,dotenv
-
+tests/output
+tests/integration/inventory
 ### dotenv ###
 .env
 

changelogs/fragments/20240319-Integration-tests.yml

@@ -0,0 +1,7 @@
+trivial:
+  - Added Integration tests for load_balancer_with_public_ip, manage_network_interface, manage_security_group
+bugfixes:
+  - playbooks/webapp_container.yml
+  - fix variable names in roles/azure_load_balancer_with_public_ip/tasks/delete.yml
+  - fix variable names in roles/azure_manage_security_group/tasks/delete.yml
+  - fix variable names in roles/azure_manage_security_group/tasks/remove_rules.yml

playbooks/webapp_container.yml

@@ -97,16 +97,16 @@
             name: cloud.azure_ops.azure_load_balancer_with_public_ip
           vars:
             azure_load_balancer_with_public_ip_operation: delete
-            azure_load_balancer_with_public_ip_lb_name: "{{ lb_info.ansible_info.azure_loadbalancers[0].name }}"
+            azure_load_balancer_with_public_ip_lb_name: "{{ lb_info.loadbalancers[0].name }}"
           when:
-            - lb_info.ansible_info.azure_loadbalancers[0].name is defined
+            - lb_info.loadbalancers[0].name is defined
 
         - name: Get lb ip
           azure.azcollection.azure_rm_resource_info:
-            url: "{{ lb_info.ansible_info.azure_loadbalancers[0].properties.frontendIPConfigurations[0].properties.publicIPAddress.id }}"
+            url: "{{ lb_info.loadbalancers[0].properties.frontendIPConfigurations[0].properties.publicIPAddress.id }}"
           register: lb_pip_info
           when:
-            - lb_info.ansible_info.azure_loadbalancers[0].properties.frontendIPConfigurations[0].properties.publicIPAddress.id is defined
+            - lb_info.loadbalancers[0].properties.frontendIPConfigurations[0].properties.publicIPAddress.id is defined
 
         - name: Remove load balancer's public ip
           azure.azcollection.azure_rm_publicipaddress:

roles/azure_load_balancer_with_public_ip/tasks/delete.yml

@@ -7,7 +7,7 @@
 
 - name: Get lb's public ip info
   azure.azcollection.azure_rm_resource_info:
-    url: "{{ lb_info.ansible_info.azure_loadbalancers[0].properties.frontendIPConfigurations[0].properties.publicIPAddress.id }}"
+    url: "{{ lb_info.loadbalancers[0].frontend_ip_configurations[0].public_ip_address.id }}"
   register: pip
 
 - name: Delete load balancer

roles/azure_manage_security_group/README.md

@@ -12,8 +12,8 @@ Role Variables
 --------------
 
 * **azure_manage_security_group_operation**: Operation to perform. Valid values are 'create', 'delete'. Default is 'create'.
-* **azure_manage_security_group_resource_group**: (Required) Resource group on/from which the security group will reside. When `operation='create'`, this resource group will be created if it does not exist.
-* **azure_manage_security_group_region**: (Required) Azure region.
+* **azure_manage_security_group_resource_group**: (Required) Resource group on/from which the security group will reside. When `azure_manage_security_group_operation='create'`, this resource group will be created if it does not exist.
+* **azure_manage_security_group_region**: Azure region, required when the provided resource group does not exist.
 * **azure_manage_security_group_security_group**: (Required) Object used to provide details for a security group. Contains the following:
   - **name**: (Required) Name of the security group.
   - **rules**: List of security rules to apply to a subnet or NIC. Each rule consists of:
@@ -41,12 +41,11 @@ Example Playbook
 ----------------
 
     - hosts: localhost
-      vars:
-        azure_resource_group: 'my_resource_group'
-        azure_region: 'eastus'
       roles:
         - name: Create a security group with custom rules
           role: cloud.azure_ops.azure_manage_security_group
+          azure_manage_security_group_resource_group: 'my_resource_group'
+          azure_manage_security_group_region: eastus
           azure_manage_security_group_operation: 'create'
           azure_manage_security_group_security_group:
             name: "{{ azure_resource_group }}-sg"
@@ -69,6 +68,7 @@ Example Playbook
 
         - name: Remove rules from security group
           role: cloud.azure_ops.azure_manage_security_group
+          azure_manage_security_group_resource_group: 'my_resource_group'
           azure_manage_security_group_security_group:
             name: "{{ azure_resource_group }}-sg"
             rules_to_remove:

roles/azure_manage_security_group/tasks/delete.yml

@@ -13,21 +13,21 @@
 
 - name: Detach any NICs from security group prior to deletion
   ansible.builtin.include_tasks: detach_from_nic.yml
-  with_items: "{{ sg_info.securitygroups[0].properties.networkInterfaces }}"
+  with_items: "{{ sg_info.securitygroups[0].network_interfaces }}"
   loop_control:
     loop_var: nic_id
   when:
     - sg_info.securitygroups | length > 0
-    - sg_info.securitygroups[0].properties.networkInterfaces is defined
+    - sg_info.securitygroups[0].network_interfaces is defined
 
 - name: Detach any subnets from security group prior to deletion
   ansible.builtin.include_tasks: detach_from_subnet.yml
-  with_items: "{{ sg_info.securitygroups[0].properties.subnets }}"
+  with_items: "{{ sg_info.securitygroups[0].subnets }}"
   loop_control:
     loop_var: subnet_id
   when:
     - sg_info.securitygroups | length > 0
-    - sg_info.securitygroups[0].properties.subnets is defined
+    - sg_info.securitygroups[0].subnets is defined
 
 - name: Delete security group
   azure.azcollection.azure_rm_securitygroup:

roles/azure_manage_security_group/tasks/detach_from_nic.yml

@@ -6,7 +6,7 @@
 
 - name: Get nic info
   azure.azcollection.azure_rm_networkinterface_info:
-    resource_group: "{{ azure_resource_group }}"
+    resource_group: "{{ azure_manage_security_group_resource_group }}"
     name: "{{ nic_obj.response[0].name }}"
   register: nic_result
 

roles/azure_manage_security_group/tasks/detach_from_subnet.yml

@@ -6,7 +6,7 @@
 
 - name: Get subnet info
   azure.azcollection.azure_rm_subnet_info:
-    resource_group: "{{ azure_resource_group }}"
+    resource_group: "{{ azure_manage_security_group_resource_group }}"
     name: "{{ subnet_name }}"
     virtual_network_name: "{{ vnet_name }}"
   register: subnet_result

roles/azure_manage_security_group/tasks/main.yml

@@ -4,5 +4,12 @@
     name: "{{ azure_manage_security_group_resource_group }}"
   register: rg_info
 
+- name: Check azure region
+  ansible.builtin.fail:
+    msg: Azure region must be defined as azure_manage_security_group_region
+  when:
+    - azure_manage_security_group_region is not defined
+    - rg_info.resourcegroups | length == 0
+
 - name: Create or delete security group
   ansible.builtin.include_tasks: "{{ azure_manage_security_group_operation }}.yml"

roles/azure_manage_security_group/tasks/remove_rules.yml

@@ -1,27 +1,28 @@
 ---
 - name: Get security group resource
   azure.azcollection.azure_rm_securitygroup_info:
-    resource_group: "{{ azure_resource_group }}"
-    name: "{{ azure_security_group.name }}"
+    resource_group: "{{ azure_manage_security_group_resource_group }}"
+    name: "{{ azure_manage_security_group_security_group.name }}"
   register: sg_info
 
 - name: Init empty list of rules
   ansible.builtin.set_fact:
     new_sg_rules: []
+
 - name: Persist rules that will not be removed # noqa jinja[spacing] see: https://github.com/ansible/ansible-lint/issues/2684
   ansible.builtin.set_fact:
-    new_sg_rules: "{{ new_sg_rules + [{ 'name': rule.name, 'protocol': rule.properties.protocol, 'access': rule.properties.access, 'destination_address_prefix': rule.properties.destinationAddressPrefix,\
-      \ 'destination_port_range': rule.properties.destinationPortRanges, 'direction': rule.properties.direction, 'priority': rule.properties.priority, 'source_address_prefix':\
-      \ rule.properties.sourceAddressPrefix, 'source_port_range': rule.properties.sourcePortRange, }] }}"
-  with_items: "{{ sg_info.securitygroups[0].properties.securityRules }}"
+    new_sg_rules: "{{ new_sg_rules + [{ 'name': rule.name, 'protocol': rule.protocol, 'access': rule.access, 'destination_address_prefix': rule.destination_address_prefix,\
+      \ 'destination_port_range': rule.destination_port_ranges, 'direction': rule.direction, 'priority': rule.priority, 'source_address_prefix':\
+      \ rule.source_address_prefix, 'source_port_range': rule.source_port_range, }] }}"
+  with_items: "{{ sg_info.securitygroups[0].rules }}"
   loop_control:
     loop_var: rule
-  when: rule.name not in azure_security_group.rules_to_remove
+  when: rule.name not in azure_manage_security_group_security_group.rules_to_remove
 
 - name: Update security group with specified rules removed
   azure.azcollection.azure_rm_securitygroup:
-    resource_group: "{{ azure_resource_group }}"
-    name: "{{ azure_security_group.name }}"
+    resource_group: "{{ azure_manage_security_group_resource_group }}"
+    name: "{{ azure_manage_security_group_security_group.name }}"
     purge_rules: true
     rules: "{{ new_sg_rules }}"
-    tags: "{{ azure_tags | default(omit) }}"
+    tags: "{{ azure_manage_security_group_security_group.tags | default(omit) }}"

tests/integration/targets/test_azure_load_balancer_with_public_ip/aliases

@@ -0,0 +1,3 @@
+cloud/azure
+role/azure_load_balancer_with_public_ip
+time=2m

tests/integration/targets/test_azure_load_balancer_with_public_ip/defaults/main.yml

@@ -0,0 +1,7 @@
+---
+azure_load_balancer_with_public_ip_resource_group: "{{ resource_group }}"
+azure_load_balancer_with_public_ip_tags:
+  resource_prefix: "{{ resource_prefix }}"
+load_balancer_name: "{{ resource_prefix }}-load-balancer"
+load_balancer_public_ip_name: "{{ resource_prefix }}-publicIP"
+load_balancer_sku: 'Basic'

tests/integration/targets/test_azure_load_balancer_with_public_ip/tasks/main.yml

@@ -0,0 +1,83 @@
+---
+# Determine Azure Region
+- name: Gather Resource Group info
+  azure.azcollection.azure_rm_resourcegroup_info:
+    name: "{{ resource_group }}"
+  register: __rg_info
+
+- name: Set Azure Region for azure_load_balancer_with_public_ip Role
+  ansible.builtin.set_fact:
+    azure_load_balancer_with_public_ip_region: "{{ __rg_info.resourcegroups.0.location }}"
+
+- name: Test Create and Delete Load Balancer
+  block:
+    # Test: Create Load Balancer
+    - name: Create Load Balancer with Public IP
+      ansible.builtin.include_role:
+        name: cloud.azure_ops.azure_load_balancer_with_public_ip
+      vars:
+        azure_load_balancer_with_public_ip_operation: create
+        azure_load_balancer_with_public_ip_load_balancer:
+          name: "{{ load_balancer_name }}"
+          public_ip_name: "{{ load_balancer_public_ip_name }}"
+          sku: "{{ load_balancer_sku }}"
+
+    - name: Gather Load Balancer info
+      azure.azcollection.azure_rm_loadbalancer_info:
+        name: "{{ load_balancer_name }}"
+        resource_group: "{{ resource_group }}"
+      register: _loadbalancer
+
+    - name: Ensure Load Balancer was created as expected
+      ansible.builtin.assert:
+        that:
+          - _loadbalancer.loadbalancers | length == 1
+
+    - name: Gather Public IP info
+      azure.azcollection.azure_rm_publicipaddress_info:
+        name: "{{ load_balancer_public_ip_name }}"
+        resource_group: "{{ resource_group }}"
+      register: _publicip
+
+    - name: Ensure Public IP was created
+      ansible.builtin.assert:
+        that:
+          - _publicip.publicipaddresses | length == 1
+
+    # Test: Delete Load Balancer
+    - name: Create Load Balancer with Public IP
+      ansible.builtin.include_role:
+        name: cloud.azure_ops.azure_load_balancer_with_public_ip
+      vars:
+        azure_load_balancer_with_public_ip_operation: delete
+        azure_load_balancer_with_public_ip_load_balancer:
+          name: "{{ load_balancer_name }}"
+          public_ip_name: "{{ load_balancer_public_ip_name }}"
+          sku: "{{ load_balancer_sku }}"
+
+    - name: Ensure Load Balancer was deleted
+      azure.azcollection.azure_rm_loadbalancer_info:
+        name: "{{ load_balancer_name }}"
+        resource_group: "{{ resource_group }}"
+      register: _loadbalancer
+      failed_when: _loadbalancer.loadbalancers | length > 0
+
+    - name: Ensure Public IP was deleted
+      azure.azcollection.azure_rm_publicipaddress_info:
+        name: "{{ load_balancer_public_ip_name }}"
+        resource_group: "{{ resource_group }}"
+      register: _publicip
+      failed_when: _publicip.publicipaddresses | length > 0
+
+  always:
+    - name: Delete Public IP
+      azure.azcollection.azure_rm_publicipaddress:
+        resource_group: "{{ resource_group }}"
+        name: "{{ load_balancer_public_ip_name }}"
+        state: absent
+
+    - name: Delete Load Balancer
+      azure.azcollection.azure_rm_loadbalancer:
+        resource_group: "{{ resource_group }}"
+        name: "{{ load_balancer_name }}"
+        state: absent

tests/integration/targets/test_azure_manage_network_interface/aliases

@@ -0,0 +1,3 @@
+cloud/azure
+role/azure_manage_network_interface
+time=2m

tests/integration/targets/test_azure_manage_network_interface/defaults/main.yml

@@ -0,0 +1,8 @@
+---
+network_interface_name: "{{ resource_prefix }}-nic"
+network_interface_ip_config:
+  - name: "{{ resource_prefix }}-nic"
+    primary: true
+    public_ip_allocation_method: 'Dynamic'
+network_interface_virtual_network: "{{ resource_prefix }}-nic-vnet"
+network_interface_subnet: "{{ resource_prefix }}-nic-subnet"

tests/integration/targets/test_azure_manage_network_interface/tasks/main.yml

@@ -0,0 +1,87 @@
+---
+- name: Ensure Network interface does not already exists
+  azure.azcollection.azure_rm_networkinterface_info:
+    name: "{{ network_interface_name }}"
+    resource_group: "{{ resource_group }}"
+  register: __interfaces
+  failed_when: __interfaces.networkinterfaces | length > 0
+
+- name: Test role cloud.azure_ops.azure_manage_network_interface
+  block:
+    - name: Create Virtual network
+      azure.azcollection.azure_rm_virtualnetwork:
+        name: "{{ network_interface_virtual_network }}"
+        address_prefixes_cidr:
+          - 10.1.0.0/24
+        resource_group: "{{ resource_group }}"
+
+    - name: Create azure subnet
+      azure.azcollection.azure_rm_subnet:
+        name: "{{ network_interface_subnet }}"
+        virtual_network: "{{ network_interface_virtual_network }}"
+        address_prefix_cidr: 10.1.0.0/26
+        resource_group: "{{ resource_group }}"
+
+    # Test: create Network interface
+    - name: Create security group with required rules
+      ansible.builtin.include_role:
+        name: cloud.azure_ops.azure_manage_network_interface
+      vars:
+        azure_manage_network_interface_operation: create
+        azure_manage_network_interface_resource_group: "{{ resource_group }}"
+        azure_manage_network_interface_interface:
+          name: "{{ network_interface_name }}"
+          vnet_name: "{{ network_interface_virtual_network }}"
+          subnet_name: "{{ network_interface_subnet }}"
+          ip_configurations: "{{ network_interface_ip_config }}"
+
+    - name: Gather Network interface info
+      azure.azcollection.azure_rm_networkinterface_info:
+        name: "{{ network_interface_name }}"
+        resource_group: "{{ resource_group }}"
+      register: __interfaces
+
+    - name: Ensure Network interface has been created
+      ansible.builtin.assert:
+        that:
+          - __interfaces.networkinterfaces | length == 1
+          - __interfaces.networkinterfaces.0.subnet == network_interface_subnet
+          - __interfaces.networkinterfaces.0.virtual_network.name == network_interface_virtual_network
+          - __interfaces.networkinterfaces.0.ip_configurations | length == network_interface_ip_config | length
+
+    # Delete Network interface
+    - name: Create security group with required rules
+      ansible.builtin.include_role:
+        name: cloud.azure_ops.azure_manage_network_interface
+      vars:
+        azure_manage_network_interface_operation: delete
+        azure_manage_network_interface_resource_group: "{{ resource_group }}"
+        azure_manage_network_interface_interface:
+          name: "{{ network_interface_name }}"
+          vnet_name: "{{ network_interface_virtual_network }}"
+          subnet_name: "{{ network_interface_subnet }}"
+
+    - name: Gather Network interface info
+      azure.azcollection.azure_rm_networkinterface_info:
+        name: "{{ network_interface_name }}"
+        resource_group: "{{ resource_group }}"
+      register: __interfaces
+
+    - name: Ensure Network interface was created
+      ansible.builtin.assert:
+        that:
+          - __interfaces.networkinterfaces | length == 0
+
+  always:
+    - name: Delete Subnet
+      azure.azcollection.azure_rm_subnet:
+        name: "{{ network_interface_subnet }}"
+        virtual_network: "{{ network_interface_virtual_network }}"
+        resource_group: "{{ resource_group }}"
+        state: absent
+
+    - name: Delete Virtual network
+      azure.azcollection.azure_rm_virtualnetwork:
+        name: "{{ network_interface_virtual_network }}"
+        resource_group: "{{ resource_group }}"
+        state: absent

tests/integration/targets/test_azure_manage_security_group/aliases

@@ -0,0 +1,3 @@
+cloud/azure
+role/azure_manage_security_group
+time=1m