1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00

Fixes for EC2 module integration tests.

This commit is contained in:
Matt Clay 2017-05-03 08:20:39 +08:00
parent a42b892f70
commit 00f8e3d360
9 changed files with 989 additions and 863 deletions

View file

@ -7,6 +7,7 @@ rackspace_region:
# AWS Credentials # AWS Credentials
ec2_access_key: ec2_access_key:
ec2_secret_key: ec2_secret_key:
security_token:
# GCE Credentials # GCE Credentials
gce_service_account_email: gce_service_account_email:

View file

@ -1,3 +1,4 @@
dependencies: dependencies:
- prepare_tests - prepare_tests
- setup_sshkey
- setup_ec2 - setup_ec2

View file

@ -1,4 +1,3 @@
# common setup tasks for ec2 module tests
# (c) 2014, James Laska <jlaska@ansible.com> # (c) 2014, James Laska <jlaska@ansible.com>
# This file is part of Ansible # This file is part of Ansible
@ -16,12 +15,6 @@
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with Ansible. If not, see <http://www.gnu.org/licenses/>. # along with Ansible. If not, see <http://www.gnu.org/licenses/>.
- name: generate random string
command: '{{ ansible_python.executable }} -c "import string,random; print str().join(random.choice(string.ascii_lowercase) for _ in range(8));"'
register: random_string
tags:
- prepare
- name: create random file - name: create random file
shell: mktemp /tmp/id_rsa.XXXXXX shell: mktemp /tmp/id_rsa.XXXXXX
register: sshkey register: sshkey
@ -40,16 +33,15 @@
- prepare - prepare
- name: record fingerprint - name: record fingerprint
shell: ssh-keygen -lf {{sshkey.stdout}}.pub | awk '{print $2}' shell: ssh-keygen -lf {{sshkey.stdout}}.pub
register: fingerprint register: fingerprint
tags: tags:
- prepare - prepare
- name: set facts for future roles - name: set facts for future roles
set_fact: set_fact:
random_string: '{{random_string.stdout}}'
sshkey: '{{sshkey.stdout}}' sshkey: '{{sshkey.stdout}}'
key_material: '{{key_material.stdout}}' key_material: '{{key_material.stdout}}'
fingerprint: '{{fingerprint.stdout}}' fingerprint: '{{fingerprint.stdout.split()[1]}}'
tags: tags:
- prepare - prepare

View file

@ -24,384 +24,401 @@
# test credentials from environment # test credentials from environment
# test credential parameters # test credential parameters
# ============================================================ - block:
# create test elb with listeners, certificate, and health check
- name: Create ELB # ============================================================
ec2_elb_lb: # create test elb with listeners, certificate, and health check
name: "{{ tag_prefix }}"
region: "{{ ec2_region }}"
ec2_access_key: "{{ ec2_access_key }}"
ec2_secret_key: "{{ ec2_secret_key }}"
state: present
zones:
- us-east-1c
- us-east-1d
listeners:
- protocol: http
load_balancer_port: 80
instance_port: 80
- protocol: http
load_balancer_port: 8080
instance_port: 8080
health_check:
ping_protocol: http
ping_port: 80
ping_path: "/index.html"
response_timeout: 5
interval: 30
unhealthy_threshold: 2
healthy_threshold: 10
register: info
- assert: - name: Create ELB
that: ec2_elb_lb:
- 'info.changed' name: "{{ tag_prefix }}"
- '"failed" not in info' region: "{{ ec2_region }}"
- 'info.elb.status == "created"' ec2_access_key: "{{ ec2_access_key }}"
- '"us-east-1c" in info.elb.zones' ec2_secret_key: "{{ ec2_secret_key }}"
- '"us-east-1d" in info.elb.zones' security_token: "{{ security_token }}"
- 'info.elb.health_check.healthy_threshold == 10' state: present
- 'info.elb.health_check.interval == 30' zones:
- 'info.elb.health_check.target == "HTTP:80/index.html"' - us-east-1c
- 'info.elb.health_check.timeout == 5' - us-east-1d
- 'info.elb.health_check.unhealthy_threshold == 2' listeners:
- '[80, 80, "HTTP", "HTTP"] in info.elb.listeners' - protocol: http
- '[8080, 8080, "HTTP", "HTTP"] in info.elb.listeners' load_balancer_port: 80
instance_port: 80
- protocol: http
load_balancer_port: 8080
instance_port: 8080
health_check:
ping_protocol: http
ping_port: 80
ping_path: "/index.html"
response_timeout: 5
interval: 30
unhealthy_threshold: 2
healthy_threshold: 10
register: info
# ============================================================ - assert:
that:
- 'info.changed'
- '"failed" not in info'
- 'info.elb.status == "created"'
- '"us-east-1c" in info.elb.zones'
- '"us-east-1d" in info.elb.zones'
- 'info.elb.health_check.healthy_threshold == 10'
- 'info.elb.health_check.interval == 30'
- 'info.elb.health_check.target == "HTTP:80/index.html"'
- 'info.elb.health_check.timeout == 5'
- 'info.elb.health_check.unhealthy_threshold == 2'
- '[80, 80, "HTTP", "HTTP"] in info.elb.listeners'
- '[8080, 8080, "HTTP", "HTTP"] in info.elb.listeners'
# check ports, would be cool, but we are at the mercy of AWS # ============================================================
# to start things in a timely manner
#- name: check to make sure 80 is listening # check ports, would be cool, but we are at the mercy of AWS
# wait_for: host={{ info.elb.dns_name }} port=80 timeout=600 # to start things in a timely manner
# register: result
#- name: assert can connect to port# #- name: check to make sure 80 is listening
# assert: 'result.state == "started"' # wait_for: host={{ info.elb.dns_name }} port=80 timeout=600
# register: result
#- name: check to make sure 443 is listening #- name: assert can connect to port#
# wait_for: host={{ info.elb.dns_name }} port=443 timeout=600 # assert: 'result.state == "started"'
# register: result
#- name: assert can connect to port# #- name: check to make sure 443 is listening
# assert: 'result.state == "started"' # wait_for: host={{ info.elb.dns_name }} port=443 timeout=600
# register: result
# ============================================================ #- name: assert can connect to port#
# assert: 'result.state == "started"'
# Change AZ's # ============================================================
- name: Change AZ's # Change AZ's
ec2_elb_lb:
name: "{{ tag_prefix }}" - name: Change AZ's
region: "{{ ec2_region }}" ec2_elb_lb:
ec2_access_key: "{{ ec2_access_key }}" name: "{{ tag_prefix }}"
ec2_secret_key: "{{ ec2_secret_key }}" region: "{{ ec2_region }}"
state: present ec2_access_key: "{{ ec2_access_key }}"
zones: ec2_secret_key: "{{ ec2_secret_key }}"
- us-east-1b security_token: "{{ security_token }}"
listeners: state: present
- protocol: http zones:
load_balancer_port: 80 - us-east-1b
instance_port: 80 listeners:
purge_zones: yes - protocol: http
health_check: load_balancer_port: 80
ping_protocol: http instance_port: 80
ping_port: 80 purge_zones: yes
ping_path: "/index.html" health_check:
response_timeout: 5 ping_protocol: http
interval: 30 ping_port: 80
unhealthy_threshold: 2 ping_path: "/index.html"
healthy_threshold: 10 response_timeout: 5
register: info interval: 30
unhealthy_threshold: 2
healthy_threshold: 10
register: info
- assert: - assert:
that: that:
- '"failed" not in info' - '"failed" not in info'
- 'info.elb.status == "ok"' - 'info.elb.status == "ok"'
- 'info.changed' - 'info.changed'
- 'info.elb.zones[0] == "us-east-1b"' - 'info.elb.zones[0] == "us-east-1b"'
# ============================================================ # ============================================================
# Update AZ's # Update AZ's
- name: Update AZ's - name: Update AZ's
ec2_elb_lb: ec2_elb_lb:
name: "{{ tag_prefix }}" name: "{{ tag_prefix }}"
region: "{{ ec2_region }}" region: "{{ ec2_region }}"
ec2_access_key: "{{ ec2_access_key }}" ec2_access_key: "{{ ec2_access_key }}"
ec2_secret_key: "{{ ec2_secret_key }}" ec2_secret_key: "{{ ec2_secret_key }}"
state: present security_token: "{{ security_token }}"
zones: state: present
- us-east-1b zones:
- us-east-1c - us-east-1b
- us-east-1d - us-east-1c
listeners: - us-east-1d
- protocol: http listeners:
load_balancer_port: 80 - protocol: http
instance_port: 80 load_balancer_port: 80
purge_zones: yes instance_port: 80
register: info purge_zones: yes
register: info
- assert: - assert:
that: that:
- '"failed" not in info' - '"failed" not in info'
- 'info.changed' - 'info.changed'
- 'info.elb.status == "ok"' - 'info.elb.status == "ok"'
- '"us-east-1b" in info.elb.zones' - '"us-east-1b" in info.elb.zones'
- '"us-east-1c" in info.elb.zones' - '"us-east-1c" in info.elb.zones'
- '"us-east-1d" in info.elb.zones' - '"us-east-1d" in info.elb.zones'
# ============================================================ # ============================================================
# Purge Listeners # Purge Listeners
- name: Purge Listeners - name: Purge Listeners
ec2_elb_lb: ec2_elb_lb:
name: "{{ tag_prefix }}" name: "{{ tag_prefix }}"
region: "{{ ec2_region }}" region: "{{ ec2_region }}"
ec2_access_key: "{{ ec2_access_key }}" ec2_access_key: "{{ ec2_access_key }}"
ec2_secret_key: "{{ ec2_secret_key }}" ec2_secret_key: "{{ ec2_secret_key }}"
state: present security_token: "{{ security_token }}"
zones: state: present
- us-east-1b zones:
- us-east-1c - us-east-1b
- us-east-1d - us-east-1c
listeners: - us-east-1d
- protocol: http listeners:
load_balancer_port: 80 - protocol: http
instance_port: 81 load_balancer_port: 80
purge_listeners: yes instance_port: 81
register: info purge_listeners: yes
register: info
- assert: - assert:
that: that:
- '"failed" not in info' - '"failed" not in info'
- 'info.elb.status == "ok"' - 'info.elb.status == "ok"'
- 'info.changed' - 'info.changed'
- '[80, 81, "HTTP", "HTTP"] in info.elb.listeners' - '[80, 81, "HTTP", "HTTP"] in info.elb.listeners'
- 'info.elb.listeners|length == 1' - 'info.elb.listeners|length == 1'
# ============================================================ # ============================================================
# add Listeners # add Listeners
- name: Add Listeners - name: Add Listeners
ec2_elb_lb: ec2_elb_lb:
name: "{{ tag_prefix }}" name: "{{ tag_prefix }}"
region: "{{ ec2_region }}" region: "{{ ec2_region }}"
ec2_access_key: "{{ ec2_access_key }}" ec2_access_key: "{{ ec2_access_key }}"
ec2_secret_key: "{{ ec2_secret_key }}" ec2_secret_key: "{{ ec2_secret_key }}"
state: present security_token: "{{ security_token }}"
zones: state: present
- us-east-1b zones:
- us-east-1c - us-east-1b
- us-east-1d - us-east-1c
listeners: - us-east-1d
- protocol: http listeners:
load_balancer_port: 8081 - protocol: http
instance_port: 8081 load_balancer_port: 8081
purge_listeners: no instance_port: 8081
register: info purge_listeners: no
register: info
- assert: - assert:
that: that:
- '"failed" not in info' - '"failed" not in info'
- 'info.elb.status == "ok"' - 'info.elb.status == "ok"'
- 'info.changed' - 'info.changed'
- '[80, 81, "HTTP", "HTTP"] in info.elb.listeners' - '[80, 81, "HTTP", "HTTP"] in info.elb.listeners'
- '[8081, 8081, "HTTP", "HTTP"] in info.elb.listeners' - '[8081, 8081, "HTTP", "HTTP"] in info.elb.listeners'
- 'info.elb.listeners|length == 2' - 'info.elb.listeners|length == 2'
# ============================================================ # ============================================================
- name: test with no parameters - name: test with no parameters
ec2_elb_lb: ec2_elb_lb:
register: result register: result
ignore_errors: true ignore_errors: true
- name: assert failure when called with no parameters - name: assert failure when called with no parameters
assert: assert:
that: that:
- 'result.failed' - 'result.failed'
- 'result.msg == "missing required arguments: name,state"' - 'result.msg == "missing required arguments: name,state"'
# ============================================================ # ============================================================
- name: test with only name - name: test with only name
ec2_elb_lb: ec2_elb_lb:
name="{{ tag_prefix }}" name="{{ tag_prefix }}"
register: result register: result
ignore_errors: true ignore_errors: true
- name: assert failure when called with only name - name: assert failure when called with only name
assert: assert:
that: that:
- 'result.failed' - 'result.failed'
- 'result.msg == "missing required arguments: state"' - 'result.msg == "missing required arguments: state"'
# ============================================================ # ============================================================
- name: test invalid region parameter - name: test invalid region parameter
ec2_elb_lb: ec2_elb_lb:
name="{{ tag_prefix }}" name: "{{ tag_prefix }}"
region='asdf querty 1234' region: 'asdf querty 1234'
state=present state: present
register: result listeners:
ignore_errors: true - protocol: http
load_balancer_port: 80
instance_port: 80
zones:
- us-east-1c
- us-east-1d
register: result
ignore_errors: true
- name: assert invalid region parameter - name: assert invalid region parameter
assert: assert:
that: that:
- 'result.failed' - 'result.failed'
- 'result.msg.startswith("value of region must be one of:")' - 'result.msg.startswith("Region asdf querty 1234 does not seem to be available ")'
# ============================================================ # ============================================================
- name: test valid region parameter - name: test valid region parameter
ec2_elb_lb: ec2_elb_lb:
name: "{{ tag_prefix }}" name: "{{ tag_prefix }}"
region: "{{ ec2_region }}" region: "{{ ec2_region }}"
state: present state: present
zones: zones:
- us-east-1a - us-east-1a
- us-east-1d - us-east-1d
listeners: listeners:
- protocol: http - protocol: http
load_balancer_port: 80 load_balancer_port: 80
instance_port: 80 instance_port: 80
register: result register: result
ignore_errors: true ignore_errors: true
- name: assert valid region parameter - name: assert valid region parameter
assert: assert:
that: that:
- 'result.failed' - 'result.failed'
- 'result.msg.startswith("No handler was ready to authenticate.")' - 'result.msg.startswith("No handler was ready to authenticate.")'
# ============================================================ # ============================================================
- name: test invalid ec2_url parameter - name: test invalid ec2_url parameter
ec2_elb_lb: ec2_elb_lb:
name: "{{ tag_prefix }}" name: "{{ tag_prefix }}"
region: "{{ ec2_region }}" region: "{{ ec2_region }}"
state: present state: present
zones: zones:
- us-east-1a - us-east-1a
- us-east-1d - us-east-1d
listeners: listeners:
- protocol: http - protocol: http
load_balancer_port: 80 load_balancer_port: 80
instance_port: 80 instance_port: 80
environment: environment:
EC2_URL: bogus.example.com EC2_URL: bogus.example.com
register: result register: result
ignore_errors: true ignore_errors: true
- name: assert invalid ec2_url parameter - name: assert invalid ec2_url parameter
assert: assert:
that: that:
- 'result.failed' - 'result.failed'
- 'result.msg.startswith("No handler was ready to authenticate.")' - 'result.msg.startswith("No handler was ready to authenticate.")'
# ============================================================ # ============================================================
- name: test valid ec2_url parameter - name: test valid ec2_url parameter
ec2_elb_lb: ec2_elb_lb:
name: "{{ tag_prefix }}" name: "{{ tag_prefix }}"
region: "{{ ec2_region }}" region: "{{ ec2_region }}"
state: present state: present
zones: zones:
- us-east-1a - us-east-1a
- us-east-1d - us-east-1d
listeners: listeners:
- protocol: http - protocol: http
load_balancer_port: 80 load_balancer_port: 80
instance_port: 80 instance_port: 80
environment: environment:
EC2_URL: '{{ec2_url}}' EC2_URL: '{{ec2_url}}'
register: result register: result
ignore_errors: true ignore_errors: true
- name: assert valid ec2_url parameter - name: assert valid ec2_url parameter
assert: assert:
that: that:
- 'result.failed' - 'result.failed'
- 'result.msg.startswith("No handler was ready to authenticate.")' - 'result.msg.startswith("No handler was ready to authenticate.")'
# ============================================================ # ============================================================
- name: test credentials from environment - name: test credentials from environment
ec2_elb_lb: ec2_elb_lb:
name: "{{ tag_prefix }}" name: "{{ tag_prefix }}"
region: "{{ ec2_region }}" region: "{{ ec2_region }}"
state: present state: present
zones: zones:
- us-east-1a - us-east-1a
- us-east-1d - us-east-1d
listeners: listeners:
- protocol: http - protocol: http
load_balancer_port: 80 load_balancer_port: 80
instance_port: 80 instance_port: 80
environment: environment:
EC2_ACCESS_KEY: bogus_access_key EC2_ACCESS_KEY: bogus_access_key
EC2_SECRET_KEY: bogus_secret_key EC2_SECRET_KEY: bogus_secret_key
register: result register: result
ignore_errors: true ignore_errors: true
- name: assert credentials from environment - name: assert credentials from environment
assert: assert:
that: that:
- 'result.failed' - 'result.failed'
- '"InvalidClientTokenId" in result.msg' - '"InvalidClientTokenId" in result.exception'
# ============================================================ # ============================================================
- name: test credential parameters - name: test credential parameters
ec2_elb_lb: ec2_elb_lb:
name: "{{ tag_prefix }}" name: "{{ tag_prefix }}"
region: "{{ ec2_region }}" region: "{{ ec2_region }}"
state: present state: present
zones: zones:
- us-east-1a - us-east-1a
- us-east-1d - us-east-1d
listeners: listeners:
- protocol: http - protocol: http
load_balancer_port: 80 load_balancer_port: 80
instance_port: 80 instance_port: 80
register: result register: result
ignore_errors: true ignore_errors: true
- name: assert credential parameters - name: assert credential parameters
assert: assert:
that: that:
- 'result.failed' - 'result.failed'
- '"No handler was ready to authenticate. 1 handlers were checked." in result.msg' - '"No handler was ready to authenticate. 1 handlers were checked." in result.msg'
# ============================================================ always:
- name: remove the test load balancer completely
ec2_elb_lb:
name: "{{ tag_prefix }}"
region: "{{ ec2_region }}"
state: absent
ec2_access_key: "{{ ec2_access_key }}"
ec2_secret_key: "{{ ec2_secret_key }}"
register: result
- name: assert the load balancer was removed # ============================================================
assert: - name: remove the test load balancer completely
that: ec2_elb_lb:
- 'result.changed' name: "{{ tag_prefix }}"
- 'result.elb.name == "{{tag_prefix}}"' region: "{{ ec2_region }}"
- 'result.elb.status == "deleted"' state: absent
ec2_access_key: "{{ ec2_access_key }}"
ec2_secret_key: "{{ ec2_secret_key }}"
security_token: "{{ security_token }}"
register: result
- name: assert the load balancer was removed
assert:
that:
- 'result.changed'
- 'result.elb.name == "{{tag_prefix}}"'
- 'result.elb.status == "deleted"'

View file

@ -8,270 +8,280 @@
# - include: ../../setup_ec2/tasks/common.yml module_name=ec2_group # - include: ../../setup_ec2/tasks/common.yml module_name=ec2_group
# ============================================================ - block:
- name: test failure with no parameters
ec2_group:
register: result
ignore_errors: true
- name: assert failure with no parameters # ============================================================
assert: - name: test failure with no parameters
that: ec2_group:
- 'result.failed' register: result
- 'result.msg == "missing required arguments: name"' ignore_errors: true
# ============================================================ - name: assert failure with no parameters
- name: test failure with only name assert:
ec2_group: that:
name='{{ec2_group_name}}' - 'result.failed'
register: result - 'result.msg == "missing required arguments: name"'
ignore_errors: true
- name: assert failure with only name # ============================================================
assert: - name: test failure with only name
that: ec2_group:
- 'result.failed' name='{{ec2_group_name}}'
- 'result.msg == "Must provide description when state is present."' register: result
ignore_errors: true
# ============================================================ - name: assert failure with only name
- name: test failure with only description assert:
ec2_group: that:
description='{{ec2_group_description}}' - 'result.failed'
register: result - 'result.msg == "Must provide description when state is present."'
ignore_errors: true
- name: assert failure with only description # ============================================================
assert: - name: test failure with only description
that: ec2_group:
- 'result.failed' description='{{ec2_group_description}}'
- 'result.msg == "missing required arguments: name"' register: result
ignore_errors: true
# ============================================================ - name: assert failure with only description
- name: test failure with empty description (AWS API requires non-empty string desc) assert:
ec2_group: that:
name='{{ec2_group_name}}' - 'result.failed'
description='' - 'result.msg == "missing required arguments: name"'
region='{{ec2_region}}'
register: result
ignore_errors: true
- name: assert failure with empty description # ============================================================
assert: - name: test failure with empty description (AWS API requires non-empty string desc)
that: ec2_group:
- 'result.failed' name='{{ec2_group_name}}'
- 'result.msg == "Must provide description when state is present."' description=''
region='{{ec2_region}}'
register: result
ignore_errors: true
# ============================================================ - name: assert failure with empty description
- name: test invalid region parameter assert:
ec2_group: that:
name='{{ec2_group_name}}' - 'result.failed'
description='{{ec2_group_description}}' - 'result.msg == "Must provide description when state is present."'
region='asdf querty 1234'
register: result
ignore_errors: true
- name: assert invalid region parameter # ============================================================
assert: - name: test invalid region parameter
that: ec2_group:
- 'result.failed' name='{{ec2_group_name}}'
- 'result.msg.startswith("Region asdf querty 1234 does not seem to be available for aws module boto.ec2. If the region definitely exists, you may need to upgrade boto or extend with endpoints_path")' description='{{ec2_group_description}}'
region='asdf querty 1234'
register: result
ignore_errors: true
# ============================================================ - name: assert invalid region parameter
- name: test valid region parameter assert:
ec2_group: that:
name='{{ec2_group_name}}' - 'result.failed'
description='{{ec2_group_description}}' - 'result.msg.startswith("Region asdf querty 1234 does not seem to be available for aws module boto.ec2. If the region definitely exists, you may need to upgrade boto or extend with endpoints_path")'
region='{{ec2_region}}'
register: result
ignore_errors: true
- name: assert valid region parameter # ============================================================
assert: - name: test valid region parameter
that: ec2_group:
- 'result.failed' name='{{ec2_group_name}}'
- 'result.msg.startswith("No handler was ready to authenticate.")' description='{{ec2_group_description}}'
region='{{ec2_region}}'
register: result
ignore_errors: true
# ============================================================ - name: assert valid region parameter
- name: test environment variable EC2_REGION assert:
ec2_group: that:
name='{{ec2_group_name}}' - 'result.failed'
description='{{ec2_group_description}}' - 'result.msg.startswith("No handler was ready to authenticate.")'
environment:
EC2_REGION: '{{ec2_region}}'
register: result
ignore_errors: true
- name: assert environment variable EC2_REGION # ============================================================
assert: - name: test environment variable EC2_REGION
that: ec2_group:
- 'result.failed' name='{{ec2_group_name}}'
- 'result.msg.startswith("No handler was ready to authenticate.")' description='{{ec2_group_description}}'
environment:
EC2_REGION: '{{ec2_region}}'
register: result
ignore_errors: true
# ============================================================ - name: assert environment variable EC2_REGION
- name: test invalid ec2_url parameter assert:
ec2_group: that:
name='{{ec2_group_name}}' - 'result.failed'
description='{{ec2_group_description}}' - 'result.msg.startswith("No handler was ready to authenticate.")'
environment:
EC2_URL: bogus.example.com
register: result
ignore_errors: true
- name: assert invalid ec2_url parameter # ============================================================
assert: - name: test invalid ec2_url parameter
that: ec2_group:
- 'result.failed' name='{{ec2_group_name}}'
- 'result.msg.startswith("No handler was ready to authenticate.")' description='{{ec2_group_description}}'
environment:
EC2_URL: bogus.example.com
register: result
ignore_errors: true
# ============================================================ - name: assert invalid ec2_url parameter
- name: test valid ec2_url parameter assert:
ec2_group: that:
name='{{ec2_group_name}}' - 'result.failed'
description='{{ec2_group_description}}' - 'result.msg.startswith("No handler was ready to authenticate.")'
environment:
EC2_URL: '{{ec2_url}}'
register: result
ignore_errors: true
- name: assert valid ec2_url parameter # ============================================================
assert: - name: test valid ec2_url parameter
that: ec2_group:
- 'result.failed' name='{{ec2_group_name}}'
- 'result.msg.startswith("No handler was ready to authenticate.")' description='{{ec2_group_description}}'
environment:
EC2_URL: '{{ec2_url}}'
register: result
ignore_errors: true
# ============================================================ - name: assert valid ec2_url parameter
- name: test credentials from environment assert:
ec2_group: that:
name='{{ec2_group_name}}' - 'result.failed'
description='{{ec2_group_description}}' - 'result.msg.startswith("No handler was ready to authenticate.")'
environment:
EC2_REGION: '{{ec2_region}}'
EC2_ACCESS_KEY: bogus_access_key
EC2_SECRET_KEY: bogus_secret_key
register: result
ignore_errors: true
- name: assert ec2_group with valid ec2_url # ============================================================
assert: - name: test credentials from environment
that: ec2_group:
- 'result.failed' name='{{ec2_group_name}}'
- '"Error in get_all_security_groups: AWS was not able to validate the provided access credentials" in result.msg' description='{{ec2_group_description}}'
environment:
EC2_REGION: '{{ec2_region}}'
EC2_ACCESS_KEY: bogus_access_key
EC2_SECRET_KEY: bogus_secret_key
register: result
ignore_errors: true
# ============================================================ - name: assert ec2_group with valid ec2_url
- name: test credential parameters assert:
ec2_group: that:
name='{{ec2_group_name}}' - 'result.failed'
description='{{ec2_group_description}}' - '"Error in get_all_security_groups: AWS was not able to validate the provided access credentials" in result.msg'
ec2_region='{{ec2_region}}'
ec2_access_key='bogus_access_key'
ec2_secret_key='bogus_secret_key'
register: result
ignore_errors: true
- name: assert credential parameters # ============================================================
assert: - name: test credential parameters
that: ec2_group:
- 'result.failed' name='{{ec2_group_name}}'
- '"Error in get_all_security_groups: AWS was not able to validate the provided access credentials" in result.msg' description='{{ec2_group_description}}'
ec2_region='{{ec2_region}}'
ec2_access_key='bogus_access_key'
ec2_secret_key='bogus_secret_key'
register: result
ignore_errors: true
# ============================================================ - name: assert credential parameters
- name: test state=absent assert:
ec2_group: that:
name='{{ec2_group_name}}' - 'result.failed'
description='{{ec2_group_description}}' - '"Error in get_all_security_groups: AWS was not able to validate the provided access credentials" in result.msg'
ec2_region='{{ec2_region}}'
ec2_access_key='{{ec2_access_key}}'
ec2_secret_key='{{ec2_secret_key}}'
state=absent
register: result
- name: assert state=absent # ============================================================
assert: - name: test state=absent
that: ec2_group:
- '"failed" not in result' name='{{ec2_group_name}}'
description='{{ec2_group_description}}'
ec2_region='{{ec2_region}}'
ec2_access_key='{{ec2_access_key}}'
ec2_secret_key='{{ec2_secret_key}}'
security_token='{{security_token}}'
state=absent
register: result
# ============================================================ - name: assert state=absent
- name: test state=present (expected changed=true) assert:
ec2_group: that:
name='{{ec2_group_name}}' - '"failed" not in result'
description='{{ec2_group_description}}'
ec2_region='{{ec2_region}}'
ec2_access_key='{{ec2_access_key}}'
ec2_secret_key='{{ec2_secret_key}}'
state=present
register: result
- name: assert state=present (expected changed=true) # ============================================================
assert: - name: test state=present (expected changed=true)
that: ec2_group:
- 'result.changed' name='{{ec2_group_name}}'
- 'result.group_id.startswith("sg-")' description='{{ec2_group_description}}'
ec2_region='{{ec2_region}}'
ec2_access_key='{{ec2_access_key}}'
ec2_secret_key='{{ec2_secret_key}}'
security_token='{{security_token}}'
state=present
register: result
# ============================================================ - name: assert state=present (expected changed=true)
- name: test state=present different description raises error assert:
ec2_group: that:
name='{{ec2_group_name}}' - 'result.changed'
description='{{ec2_group_description}}CHANGED' - 'result.group_id.startswith("sg-")'
ec2_region='{{ec2_region}}'
ec2_access_key='{{ec2_access_key}}'
ec2_secret_key='{{ec2_secret_key}}'
state=present
ignore_errors: true
register: result
- name: assert matching group with non-matching description raises error # ============================================================
assert: - name: test state=present different description raises error
that: ec2_group:
- 'result.failed' name='{{ec2_group_name}}'
- '"Group description does not match existing group. ec2_group does not support this case." in result.msg' description='{{ec2_group_description}}CHANGED'
ec2_region='{{ec2_region}}'
ec2_access_key='{{ec2_access_key}}'
ec2_secret_key='{{ec2_secret_key}}'
security_token='{{security_token}}'
state=present
ignore_errors: true
register: result
# ============================================================ - name: assert matching group with non-matching description raises error
- name: test state=present (expected changed=false) assert:
ec2_group: that:
name='{{ec2_group_name}}' - 'result.failed'
description='{{ec2_group_description}}' - '"Group description does not match existing group. ec2_group does not support this case." in result.msg'
ec2_region='{{ec2_region}}'
ec2_access_key='{{ec2_access_key}}'
ec2_secret_key='{{ec2_secret_key}}'
state=present
register: result
- name: assert state=present (expected changed=false) # ============================================================
assert: - name: test state=present (expected changed=false)
that: ec2_group:
- 'not result.changed' name='{{ec2_group_name}}'
- 'result.group_id.startswith("sg-")' description='{{ec2_group_description}}'
ec2_region='{{ec2_region}}'
ec2_access_key='{{ec2_access_key}}'
ec2_secret_key='{{ec2_secret_key}}'
security_token='{{security_token}}'
state=present
register: result
# ============================================================ - name: assert state=present (expected changed=false)
- name: test state=absent (expected changed=true) assert:
ec2_group: that:
name='{{ec2_group_name}}' - 'not result.changed'
state=absent - 'result.group_id.startswith("sg-")'
environment:
EC2_REGION: '{{ec2_region}}'
EC2_ACCESS_KEY: '{{ec2_access_key}}'
EC2_SECRET_KEY: '{{ec2_secret_key}}'
register: result
- name: assert state=absent (expected changed=true) # ============================================================
assert: - name: test state=absent (expected changed=true)
that: ec2_group:
- 'result.changed' name='{{ec2_group_name}}'
- 'not result.group_id' state=absent
environment:
EC2_REGION: '{{ec2_region}}'
EC2_ACCESS_KEY: '{{ec2_access_key}}'
EC2_SECRET_KEY: '{{ec2_secret_key}}'
EC2_SECURITY_TOKEN: '{{security_token|default("")}}'
register: result
# ============================================================ - name: assert state=absent (expected changed=true)
- name: test state=absent (expected changed=false) assert:
ec2_group: that:
name='{{ec2_group_name}}' - 'result.changed'
state=absent - 'not result.group_id'
environment:
EC2_REGION: '{{ec2_region}}'
EC2_ACCESS_KEY: '{{ec2_access_key}}'
EC2_SECRET_KEY: '{{ec2_secret_key}}'
register: result
- name: assert state=absent (expected changed=false) always:
assert:
that: # ============================================================
- 'not result.changed' - name: test state=absent (expected changed=false)
- 'not result.group_id' ec2_group:
name='{{ec2_group_name}}'
state=absent
environment:
EC2_REGION: '{{ec2_region}}'
EC2_ACCESS_KEY: '{{ec2_access_key}}'
EC2_SECRET_KEY: '{{ec2_secret_key}}'
EC2_SECURITY_TOKEN: '{{security_token|default("")}}'
register: result
- name: assert state=absent (expected changed=false)
assert:
that:
- 'not result.changed'
- 'not result.group_id'

View file

@ -1,3 +1,4 @@
dependencies: dependencies:
- prepare_tests - prepare_tests
- setup_sshkey
- setup_ec2 - setup_ec2

View file

@ -13,325 +13,338 @@
# ============================================================ # ============================================================
# - include: ../../setup_ec2/tasks/common.yml module_name=ec2_key # - include: ../../setup_ec2/tasks/common.yml module_name=ec2_key
# ============================================================ - block:
- name: test with no parameters
ec2_key:
register: result
ignore_errors: true
- name: assert failure when called with no parameters # ============================================================
assert: - name: test with no parameters
that: ec2_key:
- 'result.failed' register: result
- 'result.msg == "missing required arguments: name"' ignore_errors: true
# ============================================================ - name: assert failure when called with no parameters
- name: test with only name assert:
ec2_key: that:
name={{ec2_key_name}} - 'result.failed'
register: result - 'result.msg == "missing required arguments: name"'
ignore_errors: true
- name: assert failure when called with only 'name' # ============================================================
assert: - name: test with only name
that: ec2_key:
- 'result.failed' name={{ec2_key_name}}
- 'result.msg == "Either region or ec2_url must be specified"' register: result
ignore_errors: true
# ============================================================ - name: assert failure when called with only 'name'
- name: test invalid region parameter assert:
ec2_key: that:
name={{ec2_key_name}} - 'result.failed'
region='asdf querty 1234' - 'result.msg == "Either region or ec2_url must be specified"'
register: result
ignore_errors: true
- name: assert invalid region parameter # ============================================================
assert: - name: test invalid region parameter
that: ec2_key:
- 'result.failed' name={{ec2_key_name}}
- 'result.msg.startswith("value of region must be one of:")' region='asdf querty 1234'
register: result
ignore_errors: true
# ============================================================ - name: assert invalid region parameter
- name: test valid region parameter assert:
ec2_key: that:
name={{ec2_key_name}} - 'result.failed'
region={{ec2_region}} - 'result.msg.startswith("Region asdf querty 1234 does not seem to be available ")'
register: result
ignore_errors: true
- name: assert valid region parameter # ============================================================
assert: - name: test valid region parameter
that: ec2_key:
- 'result.failed' name={{ec2_key_name}}
- 'result.msg.startswith("No handler was ready to authenticate.")' region={{ec2_region}}
register: result
ignore_errors: true
# ============================================================ - name: assert valid region parameter
- name: test environment variable EC2_REGION assert:
ec2_key: that:
name={{ec2_key_name}} - 'result.failed'
environment: - 'result.msg.startswith("No handler was ready to authenticate.")'
EC2_REGION: '{{ec2_region}}'
register: result
ignore_errors: true
- name: assert environment variable EC2_REGION # ============================================================
assert: - name: test environment variable EC2_REGION
that: ec2_key:
- 'result.failed' name={{ec2_key_name}}
- 'result.msg.startswith("No handler was ready to authenticate.")' environment:
EC2_REGION: '{{ec2_region}}'
register: result
ignore_errors: true
# ============================================================ - name: assert environment variable EC2_REGION
- name: test invalid ec2_url parameter assert:
ec2_key: that:
name={{ec2_key_name}} - 'result.failed'
environment: - 'result.msg.startswith("No handler was ready to authenticate.")'
EC2_URL: bogus.example.com
register: result
ignore_errors: true
- name: assert invalid ec2_url parameter # ============================================================
assert: - name: test invalid ec2_url parameter
that: ec2_key:
- 'result.failed' name={{ec2_key_name}}
- 'result.msg.startswith("No handler was ready to authenticate.")' environment:
EC2_URL: bogus.example.com
register: result
ignore_errors: true
# ============================================================ - name: assert invalid ec2_url parameter
- name: test valid ec2_url parameter assert:
ec2_key: that:
name={{ec2_key_name}} - 'result.failed'
environment: - 'result.msg.startswith("No handler was ready to authenticate.")'
EC2_URL: '{{ec2_url}}'
register: result
ignore_errors: true
- name: assert valid ec2_url parameter # ============================================================
assert: - name: test valid ec2_url parameter
that: ec2_key:
- 'result.failed' name={{ec2_key_name}}
- 'result.msg.startswith("No handler was ready to authenticate.")' environment:
EC2_URL: '{{ec2_url}}'
register: result
ignore_errors: true
# ============================================================ - name: assert valid ec2_url parameter
- name: test credentials from environment assert:
ec2_key: that:
name={{ec2_key_name}} - 'result.failed'
environment: - 'result.msg.startswith("No handler was ready to authenticate.")'
EC2_REGION: '{{ec2_region}}'
EC2_ACCESS_KEY: bogus_access_key
EC2_SECRET_KEY: bogus_secret_key
register: result
ignore_errors: true
- name: assert ec2_key with valid ec2_url # ============================================================
assert: - name: test credentials from environment
that: ec2_key:
- 'result.failed' name={{ec2_key_name}}
- '"EC2ResponseError: 401 Unauthorized" in result.msg' environment:
EC2_REGION: '{{ec2_region}}'
EC2_ACCESS_KEY: bogus_access_key
EC2_SECRET_KEY: bogus_secret_key
register: result
ignore_errors: true
# ============================================================ - name: assert ec2_key with valid ec2_url
- name: test credential parameters assert:
ec2_key: that:
name={{ec2_key_name}} - 'result.failed'
ec2_region={{ec2_region}} - '"EC2ResponseError: 401 Unauthorized" in result.module_stderr'
ec2_access_key=bogus_access_key
ec2_secret_key=bogus_secret_key
register: result
ignore_errors: true
- name: assert credential parameters # ============================================================
assert: - name: test credential parameters
that: ec2_key:
- 'result.failed' name={{ec2_key_name}}
- '"EC2ResponseError: 401 Unauthorized" in result.msg' ec2_region={{ec2_region}}
ec2_access_key=bogus_access_key
ec2_secret_key=bogus_secret_key
register: result
ignore_errors: true
# ============================================================ - name: assert credential parameters
- name: test state=absent with key_material assert:
ec2_key: that:
name='{{ec2_key_name}}' - 'result.failed'
ec2_region={{ec2_region}} - '"EC2ResponseError: 401 Unauthorized" in result.module_stderr'
ec2_access_key={{ec2_access_key}}
ec2_secret_key={{ec2_secret_key}}
state=absent
register: result
- name: assert state=absent with key_material # ============================================================
assert: - name: test state=absent with key_material
that: ec2_key:
- '"failed" not in result' name='{{ec2_key_name}}'
ec2_region={{ec2_region}}
ec2_access_key={{ec2_access_key}}
ec2_secret_key={{ec2_secret_key}}
security_token={{security_token}}
state=absent
register: result
# ============================================================ - name: assert state=absent with key_material
- name: test state=present without key_material assert:
ec2_key: that:
name='{{ec2_key_name}}' - '"failed" not in result'
ec2_region={{ec2_region}}
ec2_access_key={{ec2_access_key}}
ec2_secret_key={{ec2_secret_key}}
state=present
register: result
- name: assert state=present without key_material # ============================================================
assert: - name: test state=present without key_material
that: ec2_key:
- 'result.changed' name='{{ec2_key_name}}'
- '"failed" not in result' ec2_region={{ec2_region}}
- '"key" in result' ec2_access_key={{ec2_access_key}}
- '"name" in result.key' ec2_secret_key={{ec2_secret_key}}
- '"fingerprint" in result.key' security_token={{security_token}}
- '"private_key" in result.key' state=present
- 'result.key.name == "{{ec2_key_name}}"' register: result
# ============================================================ - name: assert state=present without key_material
- name: test state=absent without key_material assert:
ec2_key: that:
name='{{ec2_key_name}}' - 'result.changed'
state=absent - '"failed" not in result'
environment: - '"key" in result'
EC2_REGION: '{{ec2_region}}' - '"name" in result.key'
EC2_ACCESS_KEY: '{{ec2_access_key}}' - '"fingerprint" in result.key'
EC2_SECRET_KEY: '{{ec2_secret_key}}' - '"private_key" in result.key'
register: result - 'result.key.name == "{{ec2_key_name}}"'
- name: assert state=absent without key_material # ============================================================
assert: - name: test state=absent without key_material
that: ec2_key:
- 'result.changed' name='{{ec2_key_name}}'
- '"failed" not in result' state=absent
- '"key" in result' environment:
- 'result.key == None' EC2_REGION: '{{ec2_region}}'
EC2_ACCESS_KEY: '{{ec2_access_key}}'
EC2_SECRET_KEY: '{{ec2_secret_key}}'
EC2_SECURITY_TOKEN: '{{security_token|default("")}}'
register: result
# ============================================================ - name: assert state=absent without key_material
- name: test state=present with key_material assert:
ec2_key: that:
name='{{ec2_key_name}}' - 'result.changed'
key_material='{{key_material}}' - '"failed" not in result'
state=present - '"key" in result'
environment: - 'result.key == None'
EC2_REGION: '{{ec2_region}}'
EC2_ACCESS_KEY: '{{ec2_access_key}}'
EC2_SECRET_KEY: '{{ec2_secret_key}}'
register: result
- name: assert state=present with key_material # ============================================================
assert: - name: test state=present with key_material
that: ec2_key:
- '"failed" not in result' name='{{ec2_key_name}}'
- 'result.changed == True' key_material='{{key_material}}'
- '"key" in result' state=present
- '"name" in result.key' environment:
- 'result.key.name == "{{ec2_key_name}}"' EC2_REGION: '{{ec2_region}}'
- '"fingerprint" in result.key' EC2_ACCESS_KEY: '{{ec2_access_key}}'
- '"private_key" not in result.key' EC2_SECRET_KEY: '{{ec2_secret_key}}'
# FIXME - why don't the fingerprints match? EC2_SECURITY_TOKEN: '{{security_token|default("")}}'
# - 'result.key.fingerprint == "{{fingerprint}}"' register: result
# ============================================================ - name: assert state=present with key_material
- name: test state=absent with key_material assert:
ec2_key: that:
name='{{ec2_key_name}}' - '"failed" not in result'
key_material='{{key_material}}' - 'result.changed == True'
ec2_region='{{ec2_region}}' - '"key" in result'
ec2_access_key='{{ec2_access_key}}' - '"name" in result.key'
ec2_secret_key='{{ec2_secret_key}}' - 'result.key.name == "{{ec2_key_name}}"'
state=absent - '"fingerprint" in result.key'
register: result - '"private_key" not in result.key'
# FIXME - why don't the fingerprints match?
# - 'result.key.fingerprint == "{{fingerprint}}"'
- name: assert state=absent with key_material # ============================================================
assert: - name: test state=absent with key_material
that: ec2_key:
- 'result.changed' name='{{ec2_key_name}}'
- '"failed" not in result' key_material='{{key_material}}'
- '"key" in result' ec2_region='{{ec2_region}}'
- 'result.key == None' ec2_access_key='{{ec2_access_key}}'
ec2_secret_key='{{ec2_secret_key}}'
security_token='{{security_token}}'
state=absent
register: result
# ============================================================ - name: assert state=absent with key_material
- name: test state=present with key_material with_files (expect changed=true) assert:
ec2_key: that:
name='{{ec2_key_name}}' - 'result.changed'
state=present - '"failed" not in result'
key_material='{{ item }}' - '"key" in result'
with_file: sshkey ~ '.pub' - 'result.key == None'
environment:
EC2_REGION: '{{ec2_region}}'
EC2_ACCESS_KEY: '{{ec2_access_key}}'
EC2_SECRET_KEY: '{{ec2_secret_key}}'
register: result
- name: assert state=present with key_material with_files (expect changed=true) # ============================================================
assert: - name: test state=present with key_material with_files (expect changed=true)
that: ec2_key:
- 'result.msg == "All items completed"' name='{{ec2_key_name}}'
- 'result.changed == True' state=present
- '"results" in result' key_material='{{ item }}'
- '"item" in result.results[0]' with_file: '{{sshkey}}.pub'
- '"key" in result.results[0]' environment:
- '"name" in result.results[0].key' EC2_REGION: '{{ec2_region}}'
- 'result.results[0].key.name == "{{ec2_key_name}}"' EC2_ACCESS_KEY: '{{ec2_access_key}}'
- '"fingerprint" in result.results[0].key' EC2_SECRET_KEY: '{{ec2_secret_key}}'
- '"private_key" not in result.results[0].key' EC2_SECURITY_TOKEN: '{{security_token|default("")}}'
# FIXME - why doesn't result.key.fingerprint == {{fingerprint}} register: result
# - 'result.key.fingerprint == "{{fingerprint}}"'
# ============================================================ - name: assert state=present with key_material with_files (expect changed=true)
- name: test state=present with key_material with_files (expect changed=false) assert:
ec2_key: that:
name='{{ec2_key_name}}' - 'result.msg == "All items completed"'
state=present - 'result.changed == True'
key_material='{{ item }}' - '"results" in result'
with_file: sshkey ~ '.pub' - '"item" in result.results[0]'
environment: - '"key" in result.results[0]'
EC2_REGION: '{{ec2_region}}' - '"name" in result.results[0].key'
EC2_ACCESS_KEY: '{{ec2_access_key}}' - 'result.results[0].key.name == "{{ec2_key_name}}"'
EC2_SECRET_KEY: '{{ec2_secret_key}}' - '"fingerprint" in result.results[0].key'
register: result - '"private_key" not in result.results[0].key'
# FIXME - why doesn't result.key.fingerprint == {{fingerprint}}
# - 'result.key.fingerprint == "{{fingerprint}}"'
- name: assert state=present with key_material with_files (expect changed=false) # ============================================================
assert: - name: test state=present with key_material with_files (expect changed=false)
that: ec2_key:
- 'result.msg == "All items completed"' name='{{ec2_key_name}}'
- 'not result.changed' state=present
- '"results" in result' key_material='{{ item }}'
- '"item" in result.results[0]' with_file: '{{sshkey}}.pub'
- '"key" in result.results[0]' environment:
- '"name" in result.results[0].key' EC2_REGION: '{{ec2_region}}'
- 'result.results[0].key.name == "{{ec2_key_name}}"' EC2_ACCESS_KEY: '{{ec2_access_key}}'
- '"fingerprint" in result.results[0].key' EC2_SECRET_KEY: '{{ec2_secret_key}}'
- '"private_key" not in result.results[0].key' EC2_SECURITY_TOKEN: '{{security_token|default("")}}'
# FIXME - why doesn't result.key.fingerprint == {{fingerprint}} register: result
# - 'result.key.fingerprint == "{{fingerprint}}"'
# ============================================================ - name: assert state=present with key_material with_files (expect changed=false)
- name: test state=absent with key_material (expect changed=true) assert:
ec2_key: that:
name='{{ec2_key_name}}' - 'result.msg == "All items completed"'
ec2_region='{{ec2_region}}' - 'not result.changed'
ec2_access_key='{{ec2_access_key}}' - '"results" in result'
ec2_secret_key='{{ec2_secret_key}}' - '"item" in result.results[0]'
key_material='{{key_material}}' - '"key" in result.results[0]'
state=absent - '"name" in result.results[0].key'
register: result - 'result.results[0].key.name == "{{ec2_key_name}}"'
- '"fingerprint" in result.results[0].key'
- '"private_key" not in result.results[0].key'
# FIXME - why doesn't result.key.fingerprint == {{fingerprint}}
# - 'result.key.fingerprint == "{{fingerprint}}"'
- name: assert state=absent with key_material (expect changed=true) # ============================================================
assert: - name: test state=absent with key_material (expect changed=true)
that: ec2_key:
- 'result.changed' name='{{ec2_key_name}}'
- '"failed" not in result' ec2_region='{{ec2_region}}'
- '"key" in result' ec2_access_key='{{ec2_access_key}}'
- 'result.key == None' ec2_secret_key='{{ec2_secret_key}}'
security_token='{{security_token}}'
key_material='{{key_material}}'
state=absent
register: result
# ============================================================ - name: assert state=absent with key_material (expect changed=true)
- name: test state=absent (expect changed=false) assert:
ec2_key: that:
name='{{ec2_key_name}}' - 'result.changed'
ec2_region='{{ec2_region}}' - '"failed" not in result'
ec2_access_key='{{ec2_access_key}}' - '"key" in result'
ec2_secret_key='{{ec2_secret_key}}' - 'result.key == None'
state=absent
register: result
- name: assert state=absent with key_material (expect changed=false) always:
assert:
that: # ============================================================
- 'not result.changed' - name: test state=absent (expect changed=false)
- '"failed" not in result' ec2_key:
- '"key" in result' name='{{ec2_key_name}}'
- 'result.key == None' ec2_region='{{ec2_region}}'
ec2_access_key='{{ec2_access_key}}'
ec2_secret_key='{{ec2_secret_key}}'
security_token='{{security_token}}'
state=absent
register: result
- name: assert state=absent with key_material (expect changed=false)
assert:
that:
- 'not result.changed'
- '"failed" not in result'
- '"key" in result'
- 'result.key == None'

View file

@ -0,0 +1,3 @@
dependencies:
- prepare_tests
- setup_ec2

View file

@ -3,8 +3,14 @@
ecr_name: 'ecr-test-{{ ansible_date_time.epoch }}' ecr_name: 'ecr-test-{{ ansible_date_time.epoch }}'
- block: - block:
- name: When creating with check mode - name: When creating with check mode
ecs_ecr: name='{{ ecr_name }}' region='{{ ec2_region }}' ecs_ecr:
name: '{{ ecr_name }}'
region: '{{ ec2_region }}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: result register: result
check_mode: yes check_mode: yes
@ -17,7 +23,13 @@
- name: When specifying a registry that is inaccessible - name: When specifying a registry that is inaccessible
ecs_ecr: registry_id=999999999999 name='{{ ecr_name }}' region='{{ ec2_region }}' ecs_ecr:
registry_id: 999999999999
name: '{{ ecr_name }}'
region: '{{ ec2_region }}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: result register: result
ignore_errors: true ignore_errors: true
@ -29,7 +41,12 @@
- name: When creating a repository - name: When creating a repository
ecs_ecr: name='{{ ecr_name }}' region='{{ ec2_region }}' ecs_ecr:
name: '{{ ecr_name }}'
region: '{{ ec2_region }}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: result register: result
- name: it should change and create - name: it should change and create
@ -40,7 +57,12 @@
- name: When creating a repository that already exists in check mode - name: When creating a repository that already exists in check mode
ecs_ecr: name='{{ ecr_name }}' region='{{ ec2_region }}' ecs_ecr:
name: '{{ ecr_name }}'
region: '{{ ec2_region }}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: result register: result
check_mode: yes check_mode: yes
@ -52,7 +74,12 @@
- name: When creating a repository that already exists - name: When creating a repository that already exists
ecs_ecr: name='{{ ecr_name }}' region='{{ ec2_region }}' ecs_ecr:
name: '{{ ecr_name }}'
region: '{{ ec2_region }}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: result register: result
- name: it should not change - name: it should not change
@ -65,6 +92,9 @@
ecs_ecr: ecs_ecr:
region: '{{ ec2_region }}' region: '{{ ec2_region }}'
name: '{{ ecr_name }}' name: '{{ ecr_name }}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
delete_policy: yes delete_policy: yes
register: result register: result
check_mode: yes check_mode: yes
@ -81,6 +111,9 @@
region: '{{ ec2_region }}' region: '{{ ec2_region }}'
name: '{{ ecr_name }}' name: '{{ ecr_name }}'
policy: '{{ policy }}' policy: '{{ policy }}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: result register: result
check_mode: yes check_mode: yes
@ -97,6 +130,9 @@
region: '{{ ec2_region }}' region: '{{ ec2_region }}'
name: '{{ ecr_name }}' name: '{{ ecr_name }}'
policy: '{{ policy }}' policy: '{{ policy }}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: result register: result
- name: it should change and not create - name: it should change and not create
@ -111,6 +147,9 @@
region: '{{ ec2_region }}' region: '{{ ec2_region }}'
name: '{{ ecr_name }}' name: '{{ ecr_name }}'
delete_policy: yes delete_policy: yes
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: result register: result
check_mode: yes check_mode: yes
@ -127,6 +166,9 @@
region: '{{ ec2_region }}' region: '{{ ec2_region }}'
name: '{{ ecr_name }}' name: '{{ ecr_name }}'
delete_policy: yes delete_policy: yes
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: result register: result
- name: it should change and not create - name: it should change and not create
@ -141,6 +183,9 @@
region: '{{ ec2_region }}' region: '{{ ec2_region }}'
name: '{{ ecr_name }}' name: '{{ ecr_name }}'
policy: '{{ policy | to_json }}' policy: '{{ policy | to_json }}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: result register: result
- name: it should change and not create - name: it should change and not create
@ -155,6 +200,9 @@
region: '{{ ec2_region }}' region: '{{ ec2_region }}'
name: '{{ ecr_name }}' name: '{{ ecr_name }}'
policy: '{{ policy }}' policy: '{{ policy }}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: result register: result
- name: it should not change - name: it should not change
@ -167,6 +215,9 @@
ecs_ecr: ecs_ecr:
region: '{{ ec2_region }}' region: '{{ ec2_region }}'
name: '{{ ecr_name }}' name: '{{ ecr_name }}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: result register: result
- name: it should not change - name: it should not change
@ -181,6 +232,9 @@
name: '{{ ecr_name }}' name: '{{ ecr_name }}'
policy: '{{ policy }}' policy: '{{ policy }}'
delete_policy: yes delete_policy: yes
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: result register: result
ignore_errors: true ignore_errors: true
@ -195,6 +249,9 @@
region: '{{ ec2_region }}' region: '{{ ec2_region }}'
name: '{{ ecr_name }}' name: '{{ ecr_name }}'
policy_text: "Ceci n'est pas une JSON" policy_text: "Ceci n'est pas une JSON"
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: result register: result
ignore_errors: true ignore_errors: true
@ -205,7 +262,13 @@
- name: When in check mode, deleting a policy that exists - name: When in check mode, deleting a policy that exists
ecs_ecr: name='{{ ecr_name }}' region='{{ ec2_region }}' state=absent ecs_ecr:
name: '{{ ecr_name }}'
region: '{{ ec2_region }}'
state: absent
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: result register: result
check_mode: yes check_mode: yes
@ -218,7 +281,13 @@
- name: When deleting a policy that exists - name: When deleting a policy that exists
ecs_ecr: name='{{ ecr_name }}' region='{{ ec2_region }}' state=absent ecs_ecr:
name: '{{ ecr_name }}'
region: '{{ ec2_region }}'
state: absent
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: result register: result
- name: it should change - name: it should change
@ -228,7 +297,13 @@
- name: When in check mode, deleting a policy that does not exist - name: When in check mode, deleting a policy that does not exist
ecs_ecr: name='{{ ecr_name }}' region='{{ ec2_region }}' state=absent ecs_ecr:
name: '{{ ecr_name }}'
region: '{{ ec2_region }}'
state: absent
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: result register: result
check_mode: yes check_mode: yes
@ -240,7 +315,13 @@
- name: When deleting a policy that does not exist - name: When deleting a policy that does not exist
ecs_ecr: name='{{ ecr_name }}' region='{{ ec2_region }}' state=absent ecs_ecr:
name: '{{ ecr_name }}'
region: '{{ ec2_region }}'
state: absent
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: result register: result
- name: it should not change - name: it should not change
@ -249,5 +330,12 @@
- not result|changed - not result|changed
always: always:
- name: Delete lingering ECR repository - name: Delete lingering ECR repository
ecs_ecr: name='{{ ecr_name }}' region='{{ ec2_region }}' state=absent ecs_ecr:
name: '{{ ecr_name }}'
region: '{{ ec2_region }}'
state: absent
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'