diff --git a/changelogs/fragments/2377-fix-load-balancer-listener-comparison.yml b/changelogs/fragments/2377-fix-load-balancer-listener-comparison.yml new file mode 100644 index 00000000000..c07b66175c9 --- /dev/null +++ b/changelogs/fragments/2377-fix-load-balancer-listener-comparison.yml @@ -0,0 +1,2 @@ +bugfixes: + - elbv2 - Fix load balancer listener comparison when DefaultActions contain any action other than forward (https://github.com/ansible-collections/amazon.aws/issues/2377). diff --git a/plugins/module_utils/elbv2.py b/plugins/module_utils/elbv2.py index 2d8574d24c9..bf910d54c1a 100644 --- a/plugins/module_utils/elbv2.py +++ b/plugins/module_utils/elbv2.py @@ -160,7 +160,16 @@ def _sort_actions(actions: List[Dict[str, Any]]) -> List[Dict[str, Any]]: def _sort_listener_actions(actions: List[Dict[str, str]]) -> List[Dict[str, str]]: - return sorted(actions, key=lambda x: (x["TargetGroupArn"], x["Type"])) + return sorted( + actions, + key=lambda x: ( + x.get("AuthenticateOidcConfig"), + x.get("FixedResponseConfig"), + x.get("RedirectConfig"), + x.get("TargetGroupArn"), + x.get("Type"), + ), + ) class ElasticLoadBalancerV2: @@ -796,7 +805,13 @@ def _compare_listener(current_listener: Dict[str, Any], new_listener: Dict[str, if new_default_actions: if current_default_actions and len(current_default_actions) == len(new_default_actions): current_actions_sorted = _sort_listener_actions( - [{"TargetGroupArn": x["TargetGroupArn"], "Type": x["Type"]} for x in current_default_actions] + { + k: v + for k, v in x.items() + if k + in ["AuthenticateOidcConfig", "FixedResponseConfig", "RedirectConfig", "TargetGroupArn", "Type"] + } + for x in current_default_actions ) if current_actions_sorted != _sort_listener_actions(new_default_actions): modified_listener["DefaultActions"] = new_default_actions diff --git a/tests/integration/targets/elb_application_lb/tasks/main.yml b/tests/integration/targets/elb_application_lb/tasks/main.yml index 28d4bdbdd8f..f1b89a6b185 100644 --- a/tests/integration/targets/elb_application_lb/tasks/main.yml +++ b/tests/integration/targets/elb_application_lb/tasks/main.yml @@ -1076,6 +1076,102 @@ # ------------------------------------------------------------------------------------------ + - name: Update an ALB with different listener by modifying default actions - check mode + amazon.aws.elb_application_lb: + name: "{{ alb_name }}" + subnets: "{{ public_subnets }}" + security_groups: "{{ sec_group.group_id }}" + state: present + listeners: + - Protocol: HTTP + Port: 80 + DefaultActions: + - Type: fixed-response + FixedResponseConfig: + ContentType: text/plain + MessageBody: Not available + StatusCode: "404" + register: alb + check_mode: true + + - name: Assert check_mode result + ansible.builtin.assert: + that: + - alb is changed + - alb.msg is match('Would have updated ALB if not in check mode.') + + - name: Update an ALB with different listener by modifying default actions + amazon.aws.elb_application_lb: + name: "{{ alb_name }}" + subnets: "{{ public_subnets }}" + security_groups: "{{ sec_group.group_id }}" + state: present + listeners: + - Protocol: HTTP + Port: 80 + DefaultActions: + - Type: fixed-response + FixedResponseConfig: + ContentType: text/plain + MessageBody: Not available + StatusCode: "404" + register: alb + + - name: Assert update ALB result + ansible.builtin.assert: + that: + - alb is changed + - alb.listeners[0].default_actions[0].type == "fixed-response" + + - name: Update an ALB with different listener by modifying default actions (idempotence) - check_mode + amazon.aws.elb_application_lb: + name: "{{ alb_name }}" + subnets: "{{ public_subnets }}" + security_groups: "{{ sec_group.group_id }}" + state: present + listeners: + - Protocol: HTTP + Port: 80 + DefaultActions: + - Type: fixed-response + FixedResponseConfig: + ContentType: text/plain + MessageBody: Not available + StatusCode: "404" + register: alb + check_mode: true + + - name: Assert check_mode idempotence result + ansible.builtin.assert: + that: + - alb is not changed + - alb.msg is match('IN CHECK MODE - no changes to make to ALB specified.') + + - name: Update an ALB with different listener by modifying default actions (idempotence) + amazon.aws.elb_application_lb: + name: "{{ alb_name }}" + subnets: "{{ public_subnets }}" + security_groups: "{{ sec_group.group_id }}" + state: present + listeners: + - Protocol: HTTP + Port: 80 + DefaultActions: + - Type: fixed-response + FixedResponseConfig: + ContentType: text/plain + MessageBody: Not available + StatusCode: "404" + register: alb + + - name: Assert idempotence result + ansible.builtin.assert: + that: + - alb is not changed + - alb.listeners[0].default_actions[0].type == "fixed-response" + + # ------------------------------------------------------------------------------------------ + - name: Update an ALB by deleting listener - check_mode amazon.aws.elb_application_lb: name: "{{ alb_name }}"