From df768914a151a620399dfbde753c26f86d4d7bf0 Mon Sep 17 00:00:00 2001 From: Zim Kalinowski Date: Thu, 13 Sep 2018 17:54:58 +0800 Subject: [PATCH] adding sql firewall rule facts (#45059) --- .../azure/azure_rm_sqlfirewallrule_facts.py | 210 ++++++++++++++++++ .../targets/azure_rm_sqlserver/tasks/main.yml | 76 +++++-- 2 files changed, 268 insertions(+), 18 deletions(-) create mode 100644 lib/ansible/modules/cloud/azure/azure_rm_sqlfirewallrule_facts.py diff --git a/lib/ansible/modules/cloud/azure/azure_rm_sqlfirewallrule_facts.py b/lib/ansible/modules/cloud/azure/azure_rm_sqlfirewallrule_facts.py new file mode 100644 index 0000000000..198ed10567 --- /dev/null +++ b/lib/ansible/modules/cloud/azure/azure_rm_sqlfirewallrule_facts.py @@ -0,0 +1,210 @@ +#!/usr/bin/python +# +# Copyright (c) 2017 Zim Kalinowski, +# +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +ANSIBLE_METADATA = {'metadata_version': '1.1', + 'status': ['preview'], + 'supported_by': 'community'} + + +DOCUMENTATION = ''' +--- +module: azure_rm_sqlfirewallrule_facts +version_added: "2.8" +short_description: Get Azure SQL Firewall Rule facts. +description: + - Get facts of SQL Firewall Rule. + +options: + resource_group: + description: + - The name of the resource group that contains the server. + required: True + server_name: + description: + - The name of the server. + required: True + name: + description: + - The name of the firewall rule. + +extends_documentation_fragment: + - azure + +author: + - "Zim Kalinowski (@zikalino)" + +''' + +EXAMPLES = ''' + - name: Get instance of SQL Firewall Rule + azure_rm_sqlfirewallrule_facts: + resource_group: testgroup + server_name: testserver + name: testrule + + - name: List instances of SQL Firewall Rule + azure_rm_sqlfirewallrule_facts: + resource_group: testgroup + server_name: testserver +''' + +RETURN = ''' +rules: + description: A list of dict results containing the facts for matching SQL firewall rules. + returned: always + type: complex + contains: + id: + description: + - Resource ID + returned: always + type: str + sample: "/subscriptions/xxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/testgroup/providers/Microsoft.Sql/servers/testser + ver/firewallRules/testrule" + resource_group: + description: + - Resource group name. + returned: always + type: str + sample: testgroup + server_name: + description: + - SQL server name. + returned: always + type: str + sample: testserver + name: + description: + - Firewall rule name. + returned: always + type: str + sample: testrule + start_ip_address: + description: + - The start IP address of the firewall rule. + returned: always + type: str + sample: 10.0.0.1 + end_ip_address: + description: + - The start IP address of the firewall rule. + returned: always + type: str + sample: 10.0.0.5 +''' + +from ansible.module_utils.azure_rm_common import AzureRMModuleBase + +try: + from msrestazure.azure_exceptions import CloudError + from msrestazure.azure_operation import AzureOperationPoller + from azure.mgmt.sql import SqlManagementClient + from msrest.serialization import Model +except ImportError: + # This is handled in azure_rm_common + pass + + +class AzureRMFirewallRulesFacts(AzureRMModuleBase): + def __init__(self): + # define user inputs into argument + self.module_arg_spec = dict( + resource_group=dict( + type='str', + required=True + ), + server_name=dict( + type='str', + required=True + ), + name=dict( + type='str' + ) + ) + # store the results of the module operation + self.results = dict( + changed=False + ) + self.resource_group = None + self.server_name = None + self.name = None + super(AzureRMFirewallRulesFacts, self).__init__(self.module_arg_spec, supports_tags=False) + + def exec_module(self, **kwargs): + for key in self.module_arg_spec: + setattr(self, key, kwargs[key]) + + if (self.name is not None): + self.results['rules'] = self.get() + else: + self.results['rules'] = self.list_by_server() + return self.results + + def get(self): + ''' + Gets facts of the specified SQL Firewall Rule. + + :return: deserialized SQL Firewall Ruleinstance state dictionary + ''' + response = None + results = [] + try: + response = self.sql_client.firewall_rules.get(resource_group_name=self.resource_group, + server_name=self.server_name, + firewall_rule_name=self.name) + self.log("Response : {0}".format(response)) + except CloudError as e: + self.log('Could not get facts for FirewallRules.') + + if response is not None: + results.append(self.format_item(response)) + + return results + + def list_by_server(self): + ''' + Gets facts of the specified SQL Firewall Rule. + + :return: deserialized SQL Firewall Ruleinstance state dictionary + ''' + response = None + results = [] + try: + response = self.sql_client.firewall_rules.list_by_server(resource_group_name=self.resource_group, + server_name=self.server_name) + self.log("Response : {0}".format(response)) + except CloudError as e: + self.log('Could not get facts for FirewallRules.') + + if response is not None: + for item in response: + results.append(self.format_item(item)) + + return results + + def format_item(self, item): + d = item.as_dict() + d = { + 'id': d['id'], + 'resource_group': self.resource_group, + 'server_name': self.server_name, + 'name': d['name'], + 'start_ip_address': d['start_ip_address'], + 'end_ip_address': d['end_ip_address'] + } + return d + + +def main(): + AzureRMFirewallRulesFacts() + + +if __name__ == '__main__': + main() diff --git a/test/integration/targets/azure_rm_sqlserver/tasks/main.yml b/test/integration/targets/azure_rm_sqlserver/tasks/main.yml index fe5f9f3496..3bd3beac2e 100644 --- a/test/integration/targets/azure_rm_sqlserver/tasks/main.yml +++ b/test/integration/targets/azure_rm_sqlserver/tasks/main.yml @@ -216,42 +216,82 @@ that: - output.changed == false -- name: Delete instance of Firewall Rule -- check mode +# +# azure_rm_sqlserverfirewallrule_facts +# + +- name: Create Firewall Rule - second azure_rm_sqlfirewallrule: resource_group: "{{ resource_group }}" - server_name: "sqlsrv{{ random_postfix }}" + server_name: sqlsrv{{ random_postfix }} + name: firewallrule{{ random_postfix }}second + start_ip_address: 172.28.10.136 + end_ip_address: 172.28.10.138 + +- name: Gather facts SQL Firewall Rule + azure_rm_sqlfirewallrule_facts: + resource_group: "{{ resource_group }}" + server_name: sqlsrv{{ random_postfix }} name: firewallrule{{ random_postfix }} - state: absent - check_mode: yes register: output -- name: Assert the state has changed +- name: Assert that facts are returned assert: that: - - output.changed + - output.changed == False + - output.rules[0].id != None + - output.rules[0].resource_group != None + - output.rules[0].server_name != None + - output.rules[0].name != None + - output.rules[0].start_ip_address != None + - output.rules[0].end_ip_address != None + +- name: Gather facts SQL Firewall Rule + azure_rm_sqlfirewallrule_facts: + resource_group: "{{ resource_group }}" + server_name: sqlsrv{{ random_postfix }} + register: output +- name: Assert that facts are returned + assert: + that: + - output.changed == False + - output.rules[0].id != None + - output.rules[0].id != None + - output.rules[0].resource_group != None + - output.rules[0].server_name != None + - output.rules[0].name != None + - output.rules[0].start_ip_address != None + - output.rules[0].end_ip_address != None + - output.rules[1].id != None + - output.rules[1].resource_group != None + - output.rules[1].server_name != None + - output.rules[1].name != None + - output.rules[1].start_ip_address != None + - output.rules[1].end_ip_address != None - name: Delete instance of Firewall Rule azure_rm_sqlfirewallrule: resource_group: "{{ resource_group }}" - server_name: "sqlsrv{{ random_postfix }}" + server_name: sqlsrv{{ random_postfix }} name: firewallrule{{ random_postfix }} state: absent - register: output -- name: Assert the state has changed - assert: - that: - - output.changed - -- name: Delete unexisting instance of Firewall Rule +- name: Delete instance of Firewall Rule azure_rm_sqlfirewallrule: resource_group: "{{ resource_group }}" - server_name: "sqlsrv{{ random_postfix }}" - name: firewallrule{{ random_postfix }} + server_name: sqlsrv{{ random_postfix }} + name: firewallrule{{ random_postfix }}second state: absent + +- name: Gather facts SQL Firewall Rule + azure_rm_sqlfirewallrule_facts: + resource_group: "{{ resource_group }}" + server_name: sqlsrv{{ random_postfix }} + name: firewallrule{{ random_postfix }} register: output -- name: Assert the state has changed +- name: Assert that empty dictionary was returned assert: that: - - output.changed == false + - output.changed == False + - output.rules | length == 0 # finalise & clean up azure_rm_sqlserver test