elbv2 - Fix load balancer listener comparison (ansible-collections#2377)

SUMMARY
Fixes ansible-collections#2376.
ISSUE TYPE


Bugfix Pull Request

COMPONENT NAME
elbv2
elb_application_lb
ADDITIONAL INFORMATION

Reviewed-by: Mandar Kulkarni <[email protected]>
Reviewed-by: Bikouo Aubin

changelogs/fragments/2377-fix-load-balancer-listener-comparison.yml

@@ -0,0 +1,2 @@
+bugfixes:
+  - elbv2 - Fix load balancer listener comparison when DefaultActions contain any action other than forward (https://github.com/ansible-collections/amazon.aws/issues/2377).

plugins/module_utils/elbv2.py

@@ -160,7 +160,16 @@ def _sort_actions(actions: List[Dict[str, Any]]) -> List[Dict[str, Any]]:
 
 
 def _sort_listener_actions(actions: List[Dict[str, str]]) -> List[Dict[str, str]]:
-    return sorted(actions, key=lambda x: (x["TargetGroupArn"], x["Type"]))
+    return sorted(
+        actions,
+        key=lambda x: (
+            x.get("AuthenticateOidcConfig"),
+            x.get("FixedResponseConfig"),
+            x.get("RedirectConfig"),
+            x.get("TargetGroupArn"),
+            x.get("Type"),
+        ),
+    )
 
 
 class ElasticLoadBalancerV2:
@@ -796,7 +805,13 @@ def _compare_listener(current_listener: Dict[str, Any], new_listener: Dict[str,
     if new_default_actions:
         if current_default_actions and len(current_default_actions) == len(new_default_actions):
             current_actions_sorted = _sort_listener_actions(
-                [{"TargetGroupArn": x["TargetGroupArn"], "Type": x["Type"]} for x in current_default_actions]
+                {
+                    k: v
+                    for k, v in x.items()
+                    if k
+                    in ["AuthenticateOidcConfig", "FixedResponseConfig", "RedirectConfig", "TargetGroupArn", "Type"]
+                }
+                for x in current_default_actions
             )
             if current_actions_sorted != _sort_listener_actions(new_default_actions):
                 modified_listener["DefaultActions"] = new_default_actions

tests/integration/targets/elb_application_lb/tasks/main.yml

@@ -1076,6 +1076,102 @@
 
     # ------------------------------------------------------------------------------------------
 
+    - name: Update an ALB with different listener by modifying default actions - check mode
+      amazon.aws.elb_application_lb:
+        name: "{{ alb_name }}"
+        subnets: "{{ public_subnets }}"
+        security_groups: "{{ sec_group.group_id }}"
+        state: present
+        listeners:
+          - Protocol: HTTP
+            Port: 80
+            DefaultActions:
+              - Type: fixed-response
+                FixedResponseConfig:
+                  ContentType: text/plain
+                  MessageBody: Not available
+                  StatusCode: "404"
+      register: alb
+      check_mode: true
+
+    - name: Assert check_mode result
+      ansible.builtin.assert:
+        that:
+          - alb is changed
+          - alb.msg is match('Would have updated ALB if not in check mode.')
+
+    - name: Update an ALB with different listener by modifying default actions
+      amazon.aws.elb_application_lb:
+        name: "{{ alb_name }}"
+        subnets: "{{ public_subnets }}"
+        security_groups: "{{ sec_group.group_id }}"
+        state: present
+        listeners:
+          - Protocol: HTTP
+            Port: 80
+            DefaultActions:
+              - Type: fixed-response
+                FixedResponseConfig:
+                  ContentType: text/plain
+                  MessageBody: Not available
+                  StatusCode: "404"
+      register: alb
+
+    - name: Assert update ALB result
+      ansible.builtin.assert:
+        that:
+          - alb is changed
+          - alb.listeners[0].default_actions[0].type == "fixed-response"
+
+    - name: Update an ALB with different listener by modifying default actions (idempotence) - check_mode
+      amazon.aws.elb_application_lb:
+        name: "{{ alb_name }}"
+        subnets: "{{ public_subnets }}"
+        security_groups: "{{ sec_group.group_id }}"
+        state: present
+        listeners:
+          - Protocol: HTTP
+            Port: 80
+            DefaultActions:
+              - Type: fixed-response
+                FixedResponseConfig:
+                  ContentType: text/plain
+                  MessageBody: Not available
+                  StatusCode: "404"
+      register: alb
+      check_mode: true
+
+    - name: Assert check_mode idempotence result
+      ansible.builtin.assert:
+        that:
+          - alb is not changed
+          - alb.msg is match('IN CHECK MODE - no changes to make to ALB specified.')
+
+    - name: Update an ALB with different listener by modifying default actions (idempotence)
+      amazon.aws.elb_application_lb:
+        name: "{{ alb_name }}"
+        subnets: "{{ public_subnets }}"
+        security_groups: "{{ sec_group.group_id }}"
+        state: present
+        listeners:
+          - Protocol: HTTP
+            Port: 80
+            DefaultActions:
+              - Type: fixed-response
+                FixedResponseConfig:
+                  ContentType: text/plain
+                  MessageBody: Not available
+                  StatusCode: "404"
+      register: alb
+
+    - name: Assert idempotence result
+      ansible.builtin.assert:
+        that:
+          - alb is not changed
+          - alb.listeners[0].default_actions[0].type == "fixed-response"
+
+    # ------------------------------------------------------------------------------------------
+
     - name: Update an ALB by deleting listener - check_mode
       amazon.aws.elb_application_lb:
         name: "{{ alb_name }}"