- name: Prepare random number
  set_fact:
    rpfx: "{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}"
    applicationsecuritygroup_name1: "asg{{ resource_group | hash('md5') | truncate(5, True, '') }}{{ 1000 | random }}"
    applicationsecuritygroup_name2: "asg{{ resource_group | hash('md5') | truncate(5, True, '') }}{{ 1000 | random }}"
    nic_name1: "nic1{{ resource_group | hash('md5') | truncate(5, True, '') }}{{ 1000 | random }}"
  run_once: yes

- name: Create virtual network
  azure_rm_virtualnetwork:
      resource_group: "{{ resource_group_secondary }}"
      name: "tn{{ rpfx }}"
      address_prefixes: "10.10.0.0/16"
  register: vn

- name: Add subnet
  azure_rm_subnet:
      resource_group: "{{ resource_group_secondary }}"
      name: "tn{{ rpfx }}"
      address_prefix: "10.10.0.0/24"
      virtual_network: "tn{{ rpfx }}"

- name: create public ip
  azure_rm_publicipaddress:
    name: "pip{{ rpfx }}"
    resource_group: '{{ resource_group }}'

- name: create load balancer with multiple parameters
  azure_rm_loadbalancer:
    resource_group: '{{ resource_group }}'
    name: "lb{{ rpfx }}"
    frontend_ip_configurations:
      - name: frontendipconf0
        public_ip_address: "pip{{ rpfx }}"
    backend_address_pools:
      - name: backendaddrpool0
      - name: backendaddrpool1
    probes:
      - name: prob0
        port: 80
    inbound_nat_pools:
      - name: inboundnatpool0
        frontend_ip_configuration_name: frontendipconf0
        protocol: Tcp
        frontend_port_range_start: 80
        frontend_port_range_end: 81
        backend_port: 8080
    load_balancing_rules:
      - name: lbrbalancingrule0
        frontend_ip_configuration: frontendipconf0
        backend_address_pool: backendaddrpool0
        frontend_port: 80
        backend_port: 80
        probe: prob0
  register: lb

- name: Create most simple NIC with virtual_network id (check mode)
  azure_rm_networkinterface:
      resource_group: "{{ resource_group }}"
      name: "tn{{ rpfx }}"
      virtual_network: "{{ vn.state.id }}"
      subnet: "tn{{ rpfx }}"
      public_ip: False
      create_with_security_group: False
  register: output
  check_mode: yes

- assert:
    that:
      - output.changed

- name: Create most simple NIC with virtual_network resource_group
  azure_rm_networkinterface:
      resource_group: "{{ resource_group }}"
      name: "tn{{ rpfx }}"
      virtual_network:
        name: "tn{{ rpfx }}"
        resource_group: "{{ resource_group_secondary }}"
      subnet: "tn{{ rpfx }}"
      public_ip: False
      create_with_security_group: False
  register: output

- assert:
    that:
      - output.changed
      - output.state.id

- name: Get fact of the new created NIC
  azure_rm_networkinterface_facts:
    resource_group: "{{ resource_group }}"
    name: "tn{{ rpfx }}"
  register: facts

- assert:
    that:
      - "facts.networkinterfaces | length == 1"
      - facts.networkinterfaces[0].id == output.state.id
      - "facts.networkinterfaces[0].ip_configurations | length == 1"
      - not facts.networkinterfaces[0].security_group
      - not facts.networkinterfaces[0].ip_configurations[0].public_ip_address
      - not facts.networkinterfaces[0].enable_ip_forwarding
      - not facts.networkinterfaces[0].enable_accelerated_networking

- name: Create most simple NIC with ip configurations (idempotent)
  azure_rm_networkinterface:
      resource_group: "{{ facts.networkinterfaces[0].resource_group }}"
      name: "{{ facts.networkinterfaces[0].name }}"
      virtual_network: "{{ facts.networkinterfaces[0].virtual_network }}"
      create_with_security_group: False
      ip_configurations:
          - name: "{{ facts.networkinterfaces[0].ip_configurations[0].name }}"
            private_ip_address: "{{ facts.networkinterfaces[0].ip_configurations[0].private_ip_address }}"
            private_ip_allocation_method: "{{ facts.networkinterfaces[0].ip_configurations[0].private_ip_allocation_method }}"
            primary: "{{ facts.networkinterfaces[0].ip_configurations[0].primary }}"
      subnet: "{{ facts.networkinterfaces[0].subnet }}"
  register: output

- assert:
    that:
      - not output.changed

- name: Create most simple NIC (idempotent)
  azure_rm_networkinterface:
      resource_group: "{{ resource_group }}"
      name: "tn{{ rpfx }}"
      virtual_network: "{{ vn.state.id }}"
      subnet: "tn{{ rpfx }}"
      create_with_security_group: False
      public_ip: False
  register: output

- assert:
    that:
      - not output.changed

- name: Update security group (check mode)
  azure_rm_networkinterface:
      resource_group: "{{ resource_group }}"
      name: "tn{{ rpfx }}"
      virtual_network: "{{ vn.state.id }}"
      subnet: "tn{{ rpfx }}"
      public_ip: False
      security_group: "tn{{ rpfx }}sg"
  register: output
  check_mode: yes

- assert:
    that:
      - output.changed

- name: Update public ip address (check mode)
  azure_rm_networkinterface:
      resource_group: "{{ resource_group }}"
      name: "tn{{ rpfx }}"
      virtual_network: "{{ vn.state.id }}"
      subnet: "tn{{ rpfx }}"
      public_ip_address_name: "tn{{ rpfx }}"
      create_with_security_group: False
  register: output
  check_mode: yes

- assert:
    that:
      - output.changed

- name: Update accelerated networking (check mode)
  azure_rm_networkinterface:
      resource_group: "{{ resource_group }}"
      name: "tn{{ rpfx }}"
      virtual_network: "{{ vn.state.id }}"
      subnet: "tn{{ rpfx }}"
      enable_accelerated_networking: True
      create_with_security_group: False
      public_ip: False
  register: output
  check_mode: yes

- assert:
    that:
      - output.changed

- name: Update IP forwarding networking (check mode)
  azure_rm_networkinterface:
      resource_group: "{{ resource_group }}"
      name: "tn{{ rpfx }}"
      virtual_network: "{{ vn.state.id }}"
      subnet: "tn{{ rpfx }}"
      create_with_security_group: False
      enable_ip_forwarding: True
      public_ip: False
  register: output
  check_mode: yes

- assert:
    that:
      - output.changed

- name: Update dns server (check mode)
  azure_rm_networkinterface:
      resource_group: "{{ resource_group }}"
      name: "tn{{ rpfx }}"
      virtual_network: "{{ vn.state.id }}"
      subnet: "tn{{ rpfx }}"
      create_with_security_group: False
      public_ip: False
      dns_servers:
        - 8.9.10.11
        - 7.8.9.10
  register: output
  check_mode: yes

- assert:
    that:
      - output.changed

- name: Update NIC
  azure_rm_networkinterface:
      resource_group: "{{ resource_group }}"
      name: "tn{{ rpfx }}"
      virtual_network: "{{ vn.state.id }}"
      subnet: "tn{{ rpfx }}"
      enable_accelerated_networking: True
      enable_ip_forwarding: True
      security_group: "tn{{ rpfx }}sg"
      dns_servers:
        - 8.9.10.11
        - 7.8.9.10
      ip_configurations:
          - name: "{{ facts.networkinterfaces[0].ip_configurations[0].name }}"
            private_ip_address: "{{ facts.networkinterfaces[0].ip_configurations[0].private_ip_address }}"
            private_ip_allocation_method: "{{ facts.networkinterfaces[0].ip_configurations[0].private_ip_allocation_method }}"
            primary: "{{ facts.networkinterfaces[0].ip_configurations[0].primary }}"
          - name: ipconfig1
            public_ip_name: "tn{{ rpfx }}"
            load_balancer_backend_address_pools:
              - "{{ lb.state.backend_address_pools[0].id }}"
              - name: backendaddrpool1
                load_balancer: "lb{{ rpfx }}"
  register: output

- assert:
    that:
      - output.changed
      - output.state.dns_settings.dns_servers == ['8.9.10.11', '7.8.9.10']
      - output.state.enable_ip_forwarding
      - output.state.network_security_group.name == "tn{{ rpfx }}sg"
      - output.state.enable_accelerated_networking

- name: Complicated NIC (idempontent)
  azure_rm_networkinterface:
      resource_group: "{{ resource_group }}"
      name: "tn{{ rpfx }}"
      virtual_network: "{{ vn.state.id }}"
      subnet: "tn{{ rpfx }}"
      enable_accelerated_networking: True
      security_group: "tn{{ rpfx }}sg"
      enable_ip_forwarding: True
      dns_servers:
        - 8.9.10.11
        - 7.8.9.10
      ip_configurations:
          - name: "{{ facts.networkinterfaces[0].ip_configurations[0].name }}"
            private_ip_address: "{{ facts.networkinterfaces[0].ip_configurations[0].private_ip_address }}"
            private_ip_allocation_method: "{{ facts.networkinterfaces[0].ip_configurations[0].private_ip_allocation_method }}"
            primary: "{{ facts.networkinterfaces[0].ip_configurations[0].primary }}"
          - name: ipconfig1
            public_ip_name: "tn{{ rpfx }}"
            load_balancer_backend_address_pools:
              - "{{ lb.state.backend_address_pools[0].id }}"
              - name: backendaddrpool1
                load_balancer: "lb{{ rpfx }}"
  register: output

- assert:
    that:
      - not output.changed

- name: Get fact of the new created NIC
  azure_rm_networkinterface_facts:
    resource_group: "{{ resource_group }}"
    name: "tn{{ rpfx }}"
  register:  facts

- assert:
    that:
      - "facts.networkinterfaces | length == 1"
      - facts.networkinterfaces[0].id == output.state.id
      - "facts.networkinterfaces[0].ip_configurations | length == 2"
      - 'facts.networkinterfaces[0].security_group.endswith("tn{{ rpfx }}sg")'
      - facts.networkinterfaces[0].enable_accelerated_networking
      - facts.networkinterfaces[0].enable_ip_forwarding

- name: Remove one dns server and ip configuration
  azure_rm_networkinterface:
      resource_group: "{{ resource_group }}"
      name: "tn{{ rpfx }}"
      virtual_network: "{{ vn.state.id }}"
      subnet: "tn{{ rpfx }}"
      security_group: "tn{{ rpfx }}sg"
      enable_accelerated_networking: True
      enable_ip_forwarding: True
      dns_servers:
        - 8.9.10.11
      ip_configurations:
          - name: ipconfig1
            public_ip_name: "tn{{ rpfx }}"
            primary: True
            load_balancer_backend_address_pools:
              - "{{ lb.state.backend_address_pools[0].id }}"
              - name: backendaddrpool1
                load_balancer: "lb{{ rpfx }}"
  register: output

- assert:
    that:
      - output.changed
      - output.state.dns_settings.dns_servers == ['8.9.10.11']
      - output.state.enable_ip_forwarding
      - output.state.network_security_group.name == "tn{{ rpfx }}sg"
      - "output.state.ip_configurations | length == 1"
      - output.state.ip_configurations[0].public_ip_address.name == "tn{{ rpfx }}"
      - output.state.enable_accelerated_networking

- name: Create application security group(check mode)
  azure_rm_applicationsecuritygroup:
      resource_group: "{{ resource_group }}"
      name: "{{ applicationsecuritygroup_name1 }}"
      tags:
          testing: testing
  check_mode: yes
  register: output

- name: Assert check mode creation
  assert:
    that:
      - output.changed

- name: Create Application security group
  azure_rm_applicationsecuritygroup:
    resource_group: "{{ resource_group }}"
    name: "{{ applicationsecuritygroup_name1 }}"
    tags:
        testing: testing
  register: output

- name: Assert application security group creation
  assert:
    that:
      - output.changed
      - output.id != ''

- name: Get Application security group
  azure_rm_applicationsecuritygroup_facts:
    resource_group: "{{ resource_group }}"
    name: "{{ applicationsecuritygroup_name1 }}"
  register: facts

- name: Assert facts
  assert:
    that:
      - facts['applicationsecuritygroups'] | length == 1
      - facts['applicationsecuritygroups'][0]['name'] != None
      - facts['applicationsecuritygroups'][0]['location'] != None
      - facts['applicationsecuritygroups'][0]['provisioning_state'] != None

- name: Create application security group (idempotent)
  azure_rm_applicationsecuritygroup:
      resource_group: "{{ resource_group }}"
      name: "{{ applicationsecuritygroup_name1 }}"
      tags:
          testing: testing
  register: output

- name: Assert idempotent
  assert:
    that:
      - not output.changed

- name: Update application security group
  azure_rm_applicationsecuritygroup:
      resource_group: "{{ resource_group }}"
      name: "{{ applicationsecuritygroup_name1 }}"
      tags:
          testing: testing
          foo: bar
  register: output

- name: Assert update
  assert:
    that:
      - output.changed

- name: Create Application security group in secondary resource group
  azure_rm_applicationsecuritygroup:
    resource_group: "{{ resource_group_secondary }}"
    name: "{{ applicationsecuritygroup_name2 }}"
  register: asg

- name: Create Nic with application security groups
  azure_rm_networkinterface:
    resource_group: "{{ resource_group }}"
    name: "{{ nic_name1 }}"
    virtual_network: "{{ vn.state.id }}"
    subnet: "tn{{ rpfx }}"
    create_with_security_group: True
    public_ip: False
    ip_configurations:
      - name: ipconfig1
        application_security_groups:
          - "{{ applicationsecuritygroup_name1 }}"
          - "{{ asg.id }}"
        primary: True
  register: output

- name: assert creation succeeded
  assert:
    that:
      - output.changed

- name: Create Nic with application security groups (idempotent)
  azure_rm_networkinterface:
    resource_group: "{{ resource_group }}"
    name: "{{ nic_name1 }}"
    virtual_network: "{{ vn.state.id }}"
    subnet: "tn{{ rpfx }}"
    create_with_security_group: True
    public_ip: False
    ip_configurations:
      - name: ipconfig1
        application_security_groups:
          - "{{ asg.id }}"
          - "{{ applicationsecuritygroup_name1 }}"
        primary: True
  register: output

- name: assert idempotent
  assert:
    that:
      - not output.changed

- name: Update Nic with application security groups
  azure_rm_networkinterface:
    resource_group: "{{ resource_group }}"
    name: "{{ nic_name1 }}"
    virtual_network: "{{ vn.state.id }}"
    subnet: "tn{{ rpfx }}"
    create_with_security_group: True
    public_ip: False
    ip_configurations:
      - name: ipconfig1
        application_security_groups:
          - "{{ applicationsecuritygroup_name1 }}"
        primary: True
  register: output

- name: assert update succeeded
  assert:
    that:
      - output.changed

- name: Get fact of the new created NIC
  azure_rm_networkinterface_facts:
    resource_group: "{{ resource_group }}"
    name: "{{ nic_name1 }}"
  register: facts

- assert:
    that:
      - "facts.networkinterfaces[0].ip_configurations[0].application_security_groups | length == 1"

- name: Delete the NIC (check mode)
  azure_rm_networkinterface:
      resource_group: "{{ resource_group }}"
      name: "tn{{ rpfx }}"
      state: absent
  check_mode: yes
  register: output

- assert:
    that:
      - output.changed

- name: Delete the NIC
  azure_rm_networkinterface:
      resource_group: "{{ resource_group }}"
      name: "tn{{ rpfx }}"
      state: absent
  register: output

- assert:
    that:
      - output.changed

- name: Delete the NIC (idempotent)
  azure_rm_networkinterface:
      resource_group: "{{ resource_group }}"
      name: "tn{{ rpfx }}"
      state: absent
  register: output

- assert:
    that:
      - not output.changed

- name: delete load balancer
  azure_rm_loadbalancer:
    resource_group: '{{ resource_group }}'
    name: "lb{{ rpfx }}"
    state: absent

- name: delete public ip
  azure_rm_publicipaddress:
    name: "pip{{ rpfx }}"
    resource_group: '{{ resource_group }}'
    state: absent

- name: Delete the NIC
  azure_rm_networkinterface:
      resource_group: "{{ resource_group }}"
      name: "{{ nic_name1 }}"
      state: absent

- name: Delete the application security group (check mode)
  azure_rm_applicationsecuritygroup:
      resource_group: "{{ resource_group }}"
      name: "{{ applicationsecuritygroup_name1 }}"
      state: absent
  check_mode: yes
  register: output

- name: Assert delete check mode
  assert:
      that:
        - output.changed

- name: Delete the application security group
  azure_rm_applicationsecuritygroup:
      resource_group: "{{ resource_group }}"
      name: "{{ applicationsecuritygroup_name1 }}"
      state: absent
  register: output

- name: Assert the deletion
  assert:
      that:
        - output.changed

- name: Delete second application security group
  azure_rm_applicationsecuritygroup:
      resource_group: "{{ resource_group_secondary }}"
      name: "{{ applicationsecuritygroup_name2 }}"
      state: absent
  register: output