From 2230f4004188f28ced3847a5909b6e9cec87b2ba Mon Sep 17 00:00:00 2001 From: Christian Kotte Date: Thu, 11 Oct 2018 12:24:30 +0200 Subject: [PATCH] VMware: Add check mode support to module vmware_host_firewall_manager (#46266) --- .../vmware/vmware_host_firewall_manager.py | 14 +++-- .../tasks/main.yml | 63 ++++++++++++++++++- 2 files changed, 70 insertions(+), 7 deletions(-) diff --git a/lib/ansible/modules/cloud/vmware/vmware_host_firewall_manager.py b/lib/ansible/modules/cloud/vmware/vmware_host_firewall_manager.py index 0b156308d1..f167fa2067 100644 --- a/lib/ansible/modules/cloud/vmware/vmware_host_firewall_manager.py +++ b/lib/ansible/modules/cloud/vmware/vmware_host_firewall_manager.py @@ -13,7 +13,7 @@ ANSIBLE_METADATA = { 'supported_by': 'community' } -DOCUMENTATION = r''' +DOCUMENTATION = ''' --- module: vmware_host_firewall_manager short_description: Manage firewall configurations about an ESXi host @@ -170,10 +170,11 @@ class VmwareFirewallManager(PyVmomi): current_rule_state = self.firewall_facts[host.name][rule_name]['enabled'] if current_rule_state != rule_enabled: try: - if rule_enabled: - firewall_system.EnableRuleset(id=rule_name) - else: - firewall_system.DisableRuleset(id=rule_name) + if not self.module.check_mode: + if rule_enabled: + firewall_system.EnableRuleset(id=rule_name) + else: + firewall_system.DisableRuleset(id=rule_name) fw_change_list.append(True) except vim.fault.NotFound as not_found: self.module.fail_json(msg="Failed to enable rule set %s as" @@ -206,7 +207,8 @@ def main(): argument_spec=argument_spec, required_one_of=[ ['cluster_name', 'esxi_hostname'], - ] + ], + supports_check_mode=True ) vmware_firewall_manager = VmwareFirewallManager(module) diff --git a/test/integration/targets/vmware_host_firewall_manager/tasks/main.yml b/test/integration/targets/vmware_host_firewall_manager/tasks/main.yml index a9f3b05e50..f90e6b6583 100644 --- a/test/integration/targets/vmware_host_firewall_manager/tasks/main.yml +++ b/test/integration/targets/vmware_host_firewall_manager/tasks/main.yml @@ -84,7 +84,6 @@ - DC0_C0_H1 - DC0_C0_H2 - - name: Disable vvold for {{ host1 }} vmware_host_firewall_manager: hostname: "{{ vcsim }}" @@ -113,3 +112,65 @@ - host_result.rule_set_state[item]['vvold']['previous_state'] == True with_items: - "{{ host1 }}" + +- name: Enable vvold rule set on all hosts of {{ ccr1 }} in check mode + vmware_host_firewall_manager: + hostname: "{{ vcsim }}" + username: "{{ vcsim_instance.json.username }}" + password: "{{ vcsim_instance.json.password }}" + validate_certs: no + cluster_name: "{{ ccr1 }}" + rules: + - name: vvold + enabled: True + register: all_hosts_result_check_mode + check_mode: yes + +- debug: msg="{{ all_hosts_result_check_mode }}" + +- name: ensure everything is changed for all hosts of {{ ccr1 }} + assert: + that: + - all_hosts_result_check_mode.changed + - all_hosts_result_check_mode.rule_set_state is defined + +- name: ensure facts are gathered for all hosts of {{ ccr1 }} + assert: + that: + - all_hosts_result_check_mode.rule_set_state[item]['vvold']['current_state'] == True + - all_hosts_result_check_mode.rule_set_state[item]['vvold']['desired_state'] == True + - all_hosts_result_check_mode.rule_set_state[item]['vvold']['previous_state'] == False + with_items: + - DC0_C0_H0 + - DC0_C0_H1 + - DC0_C0_H2 + +- name: Disable vvold for {{ host1 }} in check mode + vmware_host_firewall_manager: + hostname: "{{ vcsim }}" + username: "{{ vcsim_instance.json.username }}" + password: "{{ vcsim_instance.json.password }}" + validate_certs: no + esxi_hostname: "{{ host1 }}" + rules: + - name: vvold + enabled: False + register: host_result_check_mode + check_mode: yes + +- debug: msg="{{ host_result_check_mode }}" + +- name: ensure vvold is disabled for {{ host1 }} + assert: + that: + - host_result_check_mode.changed == False + - host_result_check_mode.rule_set_state is defined + +- name: ensure facts are gathered for {{ host1 }} + assert: + that: + - host_result_check_mode.rule_set_state[item]['vvold']['current_state'] == False + - host_result_check_mode.rule_set_state[item]['vvold']['desired_state'] == False + - host_result_check_mode.rule_set_state[item]['vvold']['previous_state'] == False + with_items: + - "{{ host1 }}"