Re-enable integration tests for elb_network_lb

changelogs/fragments/1365-elb_network_lb-ip_address_type.yml

@@ -0,0 +1,2 @@
+bugfixes:
+- elb_network_lb - fixes bug where ``ip_address_type`` in return value was not updated (https://github.com/ansible-collections/community.aws/pull/1365).

plugins/modules/elb_network_lb.py

@@ -379,19 +379,18 @@ def create_or_update_elb(elb_obj):
     if listeners_obj.changed:
         elb_obj.changed = True
 
+    # Update ELB ip address type only if option has been provided
+    if elb_obj.module.params.get('ip_address_type') is not None:
+        elb_obj.modify_ip_address_type(elb_obj.module.params.get('ip_address_type'))
+
+    # Update the objects to pickup changes
     # Get the ELB again
     elb_obj.update()
-
     # Get the ELB listeners again
     listeners_obj.update()
-
     # Update the ELB attributes
     elb_obj.update_elb_attributes()
 
-    # Update ELB ip address type only if option has been provided
-    if elb_obj.module.params.get('ip_address_type') is not None:
-        elb_obj.modify_ip_address_type(elb_obj.module.params.get('ip_address_type'))
-
     # Convert to snake_case and merge in everything we want to return to the user
     snaked_elb = camel_dict_to_snake_dict(elb_obj.elb)
     snaked_elb.update(camel_dict_to_snake_dict(elb_obj.elb_attributes))
@@ -405,7 +404,10 @@ def create_or_update_elb(elb_obj):
     # ip address type
     snaked_elb['ip_address_type'] = elb_obj.get_elb_ip_address_type()
 
-    elb_obj.module.exit_json(changed=elb_obj.changed, **snaked_elb)
+    elb_obj.module.exit_json(
+        changed=elb_obj.changed,
+        load_balancer=snaked_elb,
+        **snaked_elb)
 
 
 def delete_elb(elb_obj):

tests/integration/targets/elb_network_lb/aliases

@@ -1,6 +1,3 @@
 # reason: missing-policy
-# reason: broken
-# The SSL cert stored in the test has expired.  Should be dynamically generated.
-disabled
 
 cloud/aws

tests/integration/targets/elb_network_lb/defaults/main.yml

@@ -2,6 +2,6 @@
 # load balancer and target group names have to be less than 32 characters
 # the 8 digit identifier at the end of resource_prefix helps determine during which test something
 # was created and allows tests to be run in parallel
-nlb_name: "my-nlb-{{ resource_prefix | regex_search('([0-9]+)$') }}"
-tg_name: "my-tg-{{ resource_prefix | regex_search('([0-9]+)$') }}"
-tg_tcpudp_name: "my-tg-tcpudp-{{ resource_prefix | regex_search('([0-9]+)$') }}"
+nlb_name: "nlb-{{ tiny_prefix }}"
+tg_name: "nlb-{{ tiny_prefix }}"
+tg_tcpudp_name: "nlb-tcp-udp-{{ tiny_prefix }}"

tests/integration/targets/elb_network_lb/meta/main.yml

@@ -1,2 +1,3 @@
 dependencies:
   - setup_ec2_facts
+  - setup_remote_tmp_dir

tests/integration/targets/elb_network_lb/tasks/generate-certs.yml

@@ -0,0 +1,52 @@
+################################################
+# Setup SSL certs to store in IAM
+################################################
+- name: 'Generate SSL Keys'
+  community.crypto.openssl_privatekey:
+    path: '{{ remote_tmp_dir }}/{{ item }}-key.pem'
+    size: 4096
+  loop:
+  - 'ca'
+  - 'cert1'
+
+- name: 'Generate CSRs'
+  community.crypto.openssl_csr:
+    path: '{{ remote_tmp_dir }}/{{ item }}.csr'
+    privatekey_path:  '{{ remote_tmp_dir }}/{{ item }}-key.pem'
+    common_name: '{{ item }}.ansible.test'
+    subject_alt_name: 'DNS:{{ item }}.ansible.test'
+    basic_constraints:
+    - 'CA:TRUE'
+  loop:
+  - 'ca'
+  - 'cert1'
+
+- name: 'Self-sign the "root"'
+  community.crypto.x509_certificate:
+    provider: selfsigned
+    path: '{{ remote_tmp_dir }}/ca.pem'
+    privatekey_path: '{{ remote_tmp_dir }}/ca-key.pem'
+    csr_path: '{{ remote_tmp_dir }}/ca.csr'
+
+- name: 'Sign the cert'
+  community.crypto.x509_certificate:
+    provider: ownca
+    path: '{{ remote_tmp_dir }}/cert1.pem'
+    csr_path: '{{ remote_tmp_dir }}/cert1.csr'
+    ownca_path: '{{ remote_tmp_dir }}/ca.pem'
+    ownca_privatekey_path: '{{ remote_tmp_dir }}/ca-key.pem'
+
+- set_fact:
+    path_ca_cert: '{{ remote_tmp_dir }}/ca.pem'
+    path_ca_key: '{{ remote_tmp_dir }}/ca-key.pem'
+    path_cert_pem: '{{ remote_tmp_dir }}/cert1.pem'
+    path_cert_key: '{{ remote_tmp_dir }}/cert1-key.pem'
+
+
+- name: create certificate
+  iam_server_certificate:
+    name: 'nlb_{{ tiny_prefix }}'
+    state: present
+    cert: "{{ lookup('file', path_cert_pem) }}"
+    key: "{{ lookup('file', path_cert_key) }}"
+  register: cert

tests/integration/targets/elb_network_lb/tasks/main.yml

@@ -10,13 +10,7 @@
       region: '{{ aws_region }}'
   block:
 
-  - name: create certificate
-    iam_server_certificate:
-      name: test_cert
-      state: present
-      cert: "{{ lookup('file', 'cert.pem') }}"
-      key: "{{ lookup('file', 'key.pem') }}"
-    register: cert
+  - include_tasks: generate-certs.yml
 
   - name: create VPC
     ec2_vpc_net:
@@ -243,6 +237,10 @@
 
     - name: destroy certificate
       iam_server_certificate:
-        name: test_cert
+        name: 'nlb_{{ tiny_prefix }}'
         state: absent
+      register: remove_cert
       ignore_errors: yes
+      retries: 10
+      delay: 5
+      until: remove_cert is success

tests/integration/targets/elb_network_lb/tasks/test_nlb_ip_address_type_option.yml

@@ -34,7 +34,7 @@
             - Type: forward
               TargetGroupName: "{{ tg_name }}"
       ip_address_type: "dualstack"
-    ignore_errors: true
+      wait: true
     register: nlb
 
   - assert:
@@ -53,7 +53,7 @@
             - Type: forward
               TargetGroupName: "{{ tg_name }}"
       ip_address_type: "ipv4"
-    ignore_errors: true
+      wait: true
     register: nlb
 
   - assert:
@@ -73,7 +73,7 @@
             - Type: forward
               TargetGroupName: "{{ tg_name }}"
       ip_address_type: "ipv4"
-    ignore_errors: true
+      wait: true
     register: nlb
 
   - assert: