allow use of jinja2 variables for ec2_group from_port/to_port params (#27145)

2017-08-01 19:26:38 -05:00 · 2017-08-01 19:26:38 -05:00 · 24e393aef1
commit 24e393aef1
parent 622ea7ca62
2 changed files with 70 additions and 0 deletions
--- a/lib/ansible/modules/cloud/amazon/ec2_group.py
+++ b/lib/ansible/modules/cloud/amazon/ec2_group.py
@ -500,6 +500,9 @@ def serialize_group_grant(group_id, rule):
                  'FromPort': rule['from_port'],
                  'ToPort': rule['to_port'],
                  'UserIdGroupPairs': [{'GroupId': group_id}]}
+
+    convert_ports_to_int(permission)
+
    return permission


@ -539,9 +542,18 @@ def serialize_ip_grant(rule, thisip, ethertype):
        permission.update({'IpRanges': [{'CidrIp': thisip}]})
    elif ethertype == "ipv6":
        permission.update({'Ipv6Ranges': [{'CidrIpv6': thisip}]})
+
+    convert_ports_to_int(permission)
+
    return permission


+def convert_ports_to_int(permission):
+    for key in ['FromPort', 'ToPort']:
+        if permission[key] is not None:
+            permission[key] = int(permission[key])
+
+
 def main():
    argument_spec = ec2_argument_spec()
    argument_spec.update(dict(
--- a/test/integration/targets/ec2_group/tasks/main.yml
+++ b/test/integration/targets/ec2_group/tasks/main.yml
@ -350,6 +350,64 @@
          - result.ip_permissions[0].user_id_group_pairs or
            result.ip_permissions[1].user_id_group_pairs

+    # ============================================================
+    - name: test ip rules convert port numbers from string to int (expected changed=true)
+      ec2_group:
+        name: '{{ec2_group_name}}'
+        description: '{{ec2_group_description}}'
+        ec2_region: '{{ec2_region}}'
+        ec2_access_key: '{{ec2_access_key}}'
+        ec2_secret_key: '{{ec2_secret_key}}'
+        security_token: '{{security_token}}'
+        state: present
+        rules:
+        - proto: "tcp"
+          from_port: "8183"
+          to_port: "8183"
+          cidr_ipv6: "64:ff9b::/96"
+        rules_egress:
+        - proto: "tcp"
+          from_port: "8184"
+          to_port: "8184"
+          cidr_ipv6: "64:ff9b::/96"
+      register: result
+
+    - name: assert state=present (expected changed=true)
+      assert:
+        that:
+           - 'result.changed'
+           - 'result.group_id.startswith("sg-")'
+
+    # ============================================================
+    - name: test group rules convert port numbers from string to int (expected changed=true)
+      ec2_group:
+        name: '{{ec2_group_name}}'
+        description: '{{ec2_group_description}}'
+        ec2_region: '{{ec2_region}}'
+        ec2_access_key: '{{ec2_access_key}}'
+        ec2_secret_key: '{{ec2_secret_key}}'
+        security_token: '{{security_token}}'
+        state: present
+        rules:
+        - proto: "tcp"
+          from_port: "8185"
+          to_port: "8185"
+          group_id: "{{result.group_id}}"
+        rules_egress:
+        - proto: "tcp"
+          from_port: "8186"
+          to_port: "8186"
+          cidr_ipv6: "64:ff9b::/96"
+          group_id: "{{result.group_id}}"
+      register: result
+
+    - name: assert state=present (expected changed=true)
+      assert:
+        that:
+           - 'result.changed'
+           - 'result.group_id.startswith("sg-")'
+
+
    # ============================================================
    - name: test state=absent (expected changed=true)
      ec2_group: