diff --git a/lib/ansible/modules/cloud/azure/azure_rm_keyvault.py b/lib/ansible/modules/cloud/azure/azure_rm_keyvault.py index cb81edc855..0cbd40c1d0 100644 --- a/lib/ansible/modules/cloud/azure/azure_rm_keyvault.py +++ b/lib/ansible/modules/cloud/azure/azure_rm_keyvault.py @@ -152,6 +152,7 @@ options: extends_documentation_fragment: - azure + - azure_tags author: - "Zim Kalinowski (@zikalino)" @@ -265,6 +266,7 @@ class AzureRMVaults(AzureRMModuleBase): self.resource_group = None self.vault_name = None self.parameters = dict() + self.tags = None self.results = dict(changed=False) self.mgmt_client = None @@ -273,14 +275,14 @@ class AzureRMVaults(AzureRMModuleBase): super(AzureRMVaults, self).__init__(derived_arg_spec=self.module_arg_spec, supports_check_mode=True, - supports_tags=False, + supports_tags=True, required_if=self.module_required_if) def exec_module(self, **kwargs): """Main module execution method""" # translate Ansible input to SDK-formatted dict in self.parameters - for key in list(self.module_arg_spec.keys()): + for key in list(self.module_arg_spec.keys()) + ['tags']: if hasattr(self, key): setattr(self, key, kwargs[key]) elif kwargs[key] is not None: @@ -391,6 +393,12 @@ class AzureRMVaults(AzureRMModuleBase): self.to_do = Actions.Update break + update_tags, newtags = self.update_tags(old_response.get('tags', dict())) + + if update_tags: + self.to_do = Actions.Update + self.tags = newtags + if (self.to_do == Actions.Create) or (self.to_do == Actions.Update): self.log("Need to Create / Update the Key Vault instance") @@ -398,6 +406,8 @@ class AzureRMVaults(AzureRMModuleBase): self.results['changed'] = True return self.results + self.parameters["tags"] = self.tags + response = self.create_update_keyvault() if not old_response: diff --git a/test/integration/targets/azure_rm_keyvault/tasks/main.yml b/test/integration/targets/azure_rm_keyvault/tasks/main.yml index 6aab6a258d..d477a9b8c6 100644 --- a/test/integration/targets/azure_rm_keyvault/tasks/main.yml +++ b/test/integration/targets/azure_rm_keyvault/tasks/main.yml @@ -64,7 +64,7 @@ that: - output.changed == false -- name: Update existing Key Vault (add a rule) +- name: Update existing Key Vault (add a rule and tags) azure_rm_keyvault: resource_group: "{{ resource_group }}" vault_name: "vault{{ rpfx }}" @@ -82,12 +82,27 @@ keys: - get - list + tags: + aaa: bbb register: output - name: Assert the state has changed assert: that: - output.changed == true +- name: Use REST API to retrieve keyvault (as facts not available yet) + azure_rm_resource_facts: + api_version: '2018-02-14' + resource_group: "{{ resource_group }}" + provider: keyvault + resource_type: vaults + resource_name: "vault{{ rpfx }}" + register: output +- name: Assert the facts are properly set + assert: + that: + - output.response[0].tags.aaa == "bbb" + - name: Delete instance of Key Vault -- check mode azure_rm_keyvault: resource_group: "{{ resource_group }}"