diff --git a/changelogs/fragments/1211-wafv2_ip_set-description.yml b/changelogs/fragments/1211-wafv2_ip_set-description.yml new file mode 100644 index 00000000000..1dd955452c2 --- /dev/null +++ b/changelogs/fragments/1211-wafv2_ip_set-description.yml @@ -0,0 +1,2 @@ +bugfixes: +- wafv2_ip_set - fix bug where incorrect changed state was returned when only changing the description (https://github.com/ansible-collections/community.aws/pull/1211). diff --git a/plugins/modules/wafv2_ip_set.py b/plugins/modules/wafv2_ip_set.py index 1efaf31f77a..d47d629ee85 100644 --- a/plugins/modules/wafv2_ip_set.py +++ b/plugins/modules/wafv2_ip_set.py @@ -304,14 +304,17 @@ def main(): if state == 'present': if ip_set.get(): - change, addresses = compare(ip_set.get(), addresses, purge_addresses, state) - if (change or ip_set.description() != description) and not check_mode: + ips_updated, addresses = compare(ip_set.get(), addresses, purge_addresses, state) + description_updated = bool(description) and ip_set.description() != description + change = ips_updated or description_updated + retval = ip_set.get() + if module.check_mode: + pass + elif ips_updated or description_updated: retval = ip_set.update( description=description, addresses=addresses ) - else: - retval = ip_set.get() else: if not check_mode: retval = ip_set.create( diff --git a/tests/integration/targets/wafv2_ip_set/tasks/description.yml b/tests/integration/targets/wafv2_ip_set/tasks/description.yml new file mode 100644 index 00000000000..b44b4828dfd --- /dev/null +++ b/tests/integration/targets/wafv2_ip_set/tasks/description.yml @@ -0,0 +1,131 @@ +- name: Tests relating to setting descriptions on wavf2_ip_sets + vars: + description_one: 'a Description - {{ resource_prefix }}' + description_two: 'Another_Description - {{ resource_prefix }}' + # Mandatory settings + module_defaults: + community.aws.wafv2_ip_set: + name: '{{ ip_set_name }}' + state: present + scope: REGIONAL + ip_address_version: IPV4 + purge_addresses: no + addresses: [] + community.aws.wafv2_ip_set_info: + name: '{{ ip_set_name }}' + scope: REGIONAL + block: + + - name: test setting description wafv2_ip_set (check mode) + wafv2_ip_set: + description: '{{ description_one }}' + register: update_result + check_mode: yes + - name: assert that update succeeded + assert: + that: + - update_result is changed + + - name: test setting description wafv2_ip_set + wafv2_ip_set: + description: '{{ description_one }}' + register: update_result + - name: assert that update succeeded + assert: + that: + - update_result is changed + - update_result.description == description_one + + - name: test setting description wafv2_ip_set - idempotency (check mode) + wafv2_ip_set: + description: '{{ description_one }}' + register: update_result + check_mode: yes + - name: assert that update succeeded + assert: + that: + - update_result is not changed + + - name: test setting description wafv2_ip_set - idempotency + wafv2_ip_set: + description: '{{ description_one }}' + register: update_result + - name: assert that update succeeded + assert: + that: + - update_result is not changed + - update_result.description == description_one + + ### + + - name: test updating description on wafv2_ip_set (check mode) + wafv2_ip_set: + description: '{{ description_two }}' + register: update_result + check_mode: yes + - name: assert that update succeeded + assert: + that: + - update_result is changed + + - name: test updating description on wafv2_ip_set + wafv2_ip_set: + description: '{{ description_two }}' + register: update_result + - name: assert that update succeeded + assert: + that: + - update_result is changed + - update_result.description == description_two + + - name: test updating description on wafv2_ip_set - idempotency (check mode) + wafv2_ip_set: + description: '{{ description_two }}' + register: update_result + check_mode: yes + - name: assert that update succeeded + assert: + that: + - update_result is not changed + + - name: test updating description on wafv2_ip_set - idempotency + wafv2_ip_set: + description: '{{ description_two }}' + register: update_result + - name: assert that update succeeded + assert: + that: + - update_result is not changed + - update_result.description == description_two + + ### + + - name: test that wafv2_ip_set_info returns the description + wafv2_ip_set_info: + register: tag_info + - name: assert description present + assert: + that: + - tag_info.description == description_two + + ### + + - name: test no description param wafv2_ip_set (check mode) + wafv2_ip_set: {} + register: update_result + check_mode: yes + - name: assert no change + assert: + that: + - update_result is not changed + - update_result.description == description_two + + + - name: test no description param wafv2_ip_set + wafv2_ip_set: {} + register: update_result + - name: assert no change + assert: + that: + - update_result is not changed + - update_result.description == description_two diff --git a/tests/integration/targets/wafv2_ip_set/tasks/main.yml b/tests/integration/targets/wafv2_ip_set/tasks/main.yml index 6436fc81cc4..31db02c2ad0 100644 --- a/tests/integration/targets/wafv2_ip_set/tasks/main.yml +++ b/tests/integration/targets/wafv2_ip_set/tasks/main.yml @@ -177,6 +177,8 @@ that: - out.addresses | count == 1 + - include_tasks: 'description.yml' + - name: delete ip set wafv2_ip_set: name: "{{ ip_set_name }}"