Support subnet lookup for app gateway (#451)

* support app gateway with subnet lookup * correct indentation * create unique app gw resource for testing vnet/subnet lookup * correct indentation Co-authored-by: Fred-sun <37327967+Fred-sun@users.noreply.github.com>
ansible-collections · Apr 12, 2021 · f312129 · f312129
1 parent ca77fdc
commit f312129
Show file tree

Hide file tree

Showing 2 changed files with 173 additions and 0 deletions.
diff --git a/plugins/modules/azure_rm_appgateway.py b/plugins/modules/azure_rm_appgateway.py
@@ -124,6 +124,16 @@
             subnet:
                 description:
                     - Reference of the subnet resource. A subnet from where application gateway gets its private address.
+                suboptions:
+                    id:
+                        description:
+                            - Full ID of the subnet resource. Required if name and virtual_network_name are not provided.
+                    name:
+                        description:
+                            - Name of the subnet. Only used if virtual_network_name is also provided.
+                    virtual_network_name:
+                        description:
+                            - Name of the virtual network. Only used if name is also provided.
             name:
                 description:
                     - Name of the resource that is unique within a resource group. This name can be used to access the resource.
@@ -192,6 +202,16 @@
             subnet:
                 description:
                     - Reference of the subnet resource.
+                suboptions:
+                    id:
+                        description:
+                            - Full ID of the subnet resource. Required if name and virtual_network_name are not provided.
+                    name:
+                        description:
+                            - Name of the subnet. Only used if virtual_network_name is also provided.
+                    virtual_network_name:
+                        description:
+                            - Name of the virtual network. Only used if name is also provided.
             public_ip_address:
                 description:
                     - Reference of the PublicIP resource.
@@ -422,6 +442,47 @@
         backend_http_settings: sample_appgateway_http_settings
         http_listener: sample_http_listener
         name: rule1
+
+- name: Create instance of Application Gateway by looking up virtual network and subnet
+  azure_rm_appgateway:
+    resource_group: myResourceGroup
+    name: myAppGateway
+    sku:
+      name: standard_small
+      tier: standard
+      capacity: 2
+    gateway_ip_configurations:
+      - subnet:
+          name: default
+          virtual_network_name: my-vnet
+        name: app_gateway_ip_config
+    frontend_ip_configurations:
+      - subnet:
+          name: default
+          virtual_network_name: my-vnet
+        name: sample_gateway_frontend_ip_config
+    frontend_ports:
+      - port: 90
+        name: ag_frontend_port
+    backend_address_pools:
+      - backend_addresses:
+          - ip_address: 10.0.0.4
+        name: test_backend_address_pool
+    backend_http_settings_collection:
+      - port: 80
+        protocol: http
+        cookie_based_affinity: enabled
+        name: sample_appgateway_http_settings
+    http_listeners:
+      - frontend_ip_configuration: sample_gateway_frontend_ip_config
+        frontend_port: ag_frontend_port
+        name: sample_http_listener
+    request_routing_rules:
+      - rule_type: Basic
+        backend_address_pool: test_backend_address_pool
+        backend_http_settings: sample_appgateway_http_settings
+        http_listener: sample_http_listener
+        name: rule1
 '''
 
 RETURN = '''
@@ -636,6 +697,15 @@ def exec_module(self, **kwargs):
                             for i in range(len(suites)):
                                 suites[i] = suites[i].upper()
                 elif key == "gateway_ip_configurations":
+                    ev = kwargs[key]
+                    for i in range(len(ev)):
+                        item = ev[i]
+                        if 'subnet' in item and 'name' in item['subnet'] and 'virtual_network_name' in item['subnet']:
+                            id = subnet_id(self.subscription_id,
+                                           kwargs['resource_group'],
+                                           item['subnet']['virtual_network_name'],
+                                           item['subnet']['name'])
+                            item['subnet'] = {'id': id}
                     self.parameters["gateway_ip_configurations"] = kwargs[key]
                 elif key == "authentication_certificates":
                     self.parameters["authentication_certificates"] = kwargs[key]
@@ -665,6 +735,12 @@ def exec_module(self, **kwargs):
                                               kwargs['resource_group'],
                                               item['public_ip_address'])
                             item['public_ip_address'] = {'id': id}
+                        if 'subnet' in item and 'name' in item['subnet'] and 'virtual_network_name' in item['subnet']:
+                            id = subnet_id(self.subscription_id,
+                                           kwargs['resource_group'],
+                                           item['subnet']['virtual_network_name'],
+                                           item['subnet']['name'])
+                            item['subnet'] = {'id': id}
                     self.parameters["frontend_ip_configurations"] = ev
                 elif key == "frontend_ports":
                     self.parameters["frontend_ports"] = kwargs[key]
@@ -987,6 +1063,16 @@ def http_listener_id(subscription_id, resource_group_name, appgateway_name, name
     )
 
 
+def subnet_id(subscription_id, resource_group_name, virtual_network_name, name):
+    """Generate the id for a subnet in a virtual network"""
+    return '/subscriptions/{0}/resourceGroups/{1}/providers/Microsoft.Network/virtualNetworks/{2}/subnets/{3}'.format(
+        subscription_id,
+        resource_group_name,
+        virtual_network_name,
+        name
+    )
+
+
 def compare_arrays(old_params, new_params, param_name):
     old = old_params.get(param_name) or []
     new = new_params.get(param_name) or []

diff --git a/tests/integration/targets/azure_rm_appgateway/tasks/main.yml b/tests/integration/targets/azure_rm_appgateway/tasks/main.yml
@@ -196,6 +196,93 @@
     that:
       - output.changed
 
+- name: Create instance of Application Gateway by looking up virtual network and subnet
+  azure_rm_appgateway:
+    resource_group: "{{ resource_group }}"
+    name: "appgateway-subnet-lookup{{ rpfx }}"
+    sku:
+      name: standard_small
+      tier: standard
+      capacity: 2
+    ssl_policy:
+      policy_type: predefined
+      policy_name: ssl_policy20150501
+      disabled_ssl_protocols:
+        - tls_v1_0
+      cipher_suites:
+        - tls_ecdhe_ecdsa_with_aes_256_gcm_sha384
+    authentication_certificates:
+      - name: cert1
+        data: "{{ lookup('file', 'cert1.txt') }}"
+    ssl_certificates:
+      - name: cert2
+        password: your-password
+        data: "{{ lookup('file', 'cert2.txt') }}"
+    gateway_ip_configurations:
+      - subnet:
+          name: subnet{{ rpfx }}
+          virtual_network_name: vnet{{ rpfx }}
+        name: app_gateway_ip_config
+    frontend_ip_configurations:
+      - subnet:
+          name: subnet{{ rpfx }}
+          virtual_network_name: vnet{{ rpfx }}
+        name: sample_gateway_frontend_ip_config
+    frontend_ports:
+      - port: 90
+        name: ag_frontend_port
+      - port: 80
+        name: http_frontend_port
+    backend_address_pools:
+      - backend_addresses:
+          - ip_address: 10.0.0.4
+        name: test_backend_address_pool
+    probes:
+     - name: custom_probe
+       protocol: http
+       host: 10.0.0.4
+       path: /healthz
+       interval: 30
+       timeout: 30
+       unhealthy_threshold: 3
+    backend_http_settings_collection:
+      - port: 80
+        protocol: http
+        cookie_based_affinity: enabled
+        probe: custom_probe
+        name: sample_appgateway_http_settings
+    http_listeners:
+      - frontend_ip_configuration: sample_gateway_frontend_ip_config
+        frontend_port: ag_frontend_port
+        protocol: https
+        ssl_certificate: cert2
+        name: sample_http_listener
+      - frontend_ip_configuration: sample_gateway_frontend_ip_config
+        frontend_port: http_frontend_port
+        protocol: http
+        name: http_listener
+    request_routing_rules:
+      - rule_type: Basic
+        backend_address_pool: test_backend_address_pool
+        backend_http_settings: sample_appgateway_http_settings
+        http_listener: sample_http_listener
+        name: rule1
+      - rule_type: Basic
+        http_listener: http_listener
+        redirect_configuration: redirect_site_to_https
+        name: http_redirect_rule
+    redirect_configurations:
+     - redirect_type: permanent
+       target_listener: sample_http_listener
+       include_path: true
+       include_query_string: true
+       name: redirect_site_to_https
+  register: output
+- name: Assert the resource instance is well created
+  assert:
+    that:
+      - output.changed
+
 - name: Try to update instance of Application Gateway - no change
   azure_rm_appgateway:
     resource_group: "{{ resource_group }}"