1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00

Fixes for EC2 module integration tests.

This commit is contained in:
Matt Clay 2017-05-03 08:20:39 +08:00
parent a42b892f70
commit 00f8e3d360
9 changed files with 989 additions and 863 deletions

View file

@ -7,6 +7,7 @@ rackspace_region:
# AWS Credentials
ec2_access_key:
ec2_secret_key:
security_token:
# GCE Credentials
gce_service_account_email:

View file

@ -1,3 +1,4 @@
dependencies:
- prepare_tests
- setup_sshkey
- setup_ec2

View file

@ -1,4 +1,3 @@
# common setup tasks for ec2 module tests
# (c) 2014, James Laska <jlaska@ansible.com>
# This file is part of Ansible
@ -16,12 +15,6 @@
# You should have received a copy of the GNU General Public License
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
- name: generate random string
command: '{{ ansible_python.executable }} -c "import string,random; print str().join(random.choice(string.ascii_lowercase) for _ in range(8));"'
register: random_string
tags:
- prepare
- name: create random file
shell: mktemp /tmp/id_rsa.XXXXXX
register: sshkey
@ -40,16 +33,15 @@
- prepare
- name: record fingerprint
shell: ssh-keygen -lf {{sshkey.stdout}}.pub | awk '{print $2}'
shell: ssh-keygen -lf {{sshkey.stdout}}.pub
register: fingerprint
tags:
- prepare
- name: set facts for future roles
set_fact:
random_string: '{{random_string.stdout}}'
sshkey: '{{sshkey.stdout}}'
key_material: '{{key_material.stdout}}'
fingerprint: '{{fingerprint.stdout}}'
fingerprint: '{{fingerprint.stdout.split()[1]}}'
tags:
- prepare

View file

@ -24,15 +24,18 @@
# test credentials from environment
# test credential parameters
# ============================================================
# create test elb with listeners, certificate, and health check
- block:
- name: Create ELB
# ============================================================
# create test elb with listeners, certificate, and health check
- name: Create ELB
ec2_elb_lb:
name: "{{ tag_prefix }}"
region: "{{ ec2_region }}"
ec2_access_key: "{{ ec2_access_key }}"
ec2_secret_key: "{{ ec2_secret_key }}"
security_token: "{{ security_token }}"
state: present
zones:
- us-east-1c
@ -54,7 +57,7 @@
healthy_threshold: 10
register: info
- assert:
- assert:
that:
- 'info.changed'
- '"failed" not in info'
@ -69,35 +72,36 @@
- '[80, 80, "HTTP", "HTTP"] in info.elb.listeners'
- '[8080, 8080, "HTTP", "HTTP"] in info.elb.listeners'
# ============================================================
# ============================================================
# check ports, would be cool, but we are at the mercy of AWS
# to start things in a timely manner
# check ports, would be cool, but we are at the mercy of AWS
# to start things in a timely manner
#- name: check to make sure 80 is listening
# wait_for: host={{ info.elb.dns_name }} port=80 timeout=600
# register: result
#- name: check to make sure 80 is listening
# wait_for: host={{ info.elb.dns_name }} port=80 timeout=600
# register: result
#- name: assert can connect to port#
# assert: 'result.state == "started"'
#- name: assert can connect to port#
# assert: 'result.state == "started"'
#- name: check to make sure 443 is listening
# wait_for: host={{ info.elb.dns_name }} port=443 timeout=600
# register: result
#- name: check to make sure 443 is listening
# wait_for: host={{ info.elb.dns_name }} port=443 timeout=600
# register: result
#- name: assert can connect to port#
# assert: 'result.state == "started"'
#- name: assert can connect to port#
# assert: 'result.state == "started"'
# ============================================================
# ============================================================
# Change AZ's
# Change AZ's
- name: Change AZ's
- name: Change AZ's
ec2_elb_lb:
name: "{{ tag_prefix }}"
region: "{{ ec2_region }}"
ec2_access_key: "{{ ec2_access_key }}"
ec2_secret_key: "{{ ec2_secret_key }}"
security_token: "{{ security_token }}"
state: present
zones:
- us-east-1b
@ -118,23 +122,24 @@
- assert:
- assert:
that:
- '"failed" not in info'
- 'info.elb.status == "ok"'
- 'info.changed'
- 'info.elb.zones[0] == "us-east-1b"'
# ============================================================
# ============================================================
# Update AZ's
# Update AZ's
- name: Update AZ's
- name: Update AZ's
ec2_elb_lb:
name: "{{ tag_prefix }}"
region: "{{ ec2_region }}"
ec2_access_key: "{{ ec2_access_key }}"
ec2_secret_key: "{{ ec2_secret_key }}"
security_token: "{{ security_token }}"
state: present
zones:
- us-east-1b
@ -147,7 +152,7 @@
purge_zones: yes
register: info
- assert:
- assert:
that:
- '"failed" not in info'
- 'info.changed'
@ -157,16 +162,17 @@
- '"us-east-1d" in info.elb.zones'
# ============================================================
# ============================================================
# Purge Listeners
# Purge Listeners
- name: Purge Listeners
- name: Purge Listeners
ec2_elb_lb:
name: "{{ tag_prefix }}"
region: "{{ ec2_region }}"
ec2_access_key: "{{ ec2_access_key }}"
ec2_secret_key: "{{ ec2_secret_key }}"
security_token: "{{ security_token }}"
state: present
zones:
- us-east-1b
@ -179,7 +185,7 @@
purge_listeners: yes
register: info
- assert:
- assert:
that:
- '"failed" not in info'
- 'info.elb.status == "ok"'
@ -189,16 +195,17 @@
# ============================================================
# ============================================================
# add Listeners
# add Listeners
- name: Add Listeners
- name: Add Listeners
ec2_elb_lb:
name: "{{ tag_prefix }}"
region: "{{ ec2_region }}"
ec2_access_key: "{{ ec2_access_key }}"
ec2_secret_key: "{{ ec2_secret_key }}"
security_token: "{{ security_token }}"
state: present
zones:
- us-east-1b
@ -211,7 +218,7 @@
purge_listeners: no
register: info
- assert:
- assert:
that:
- '"failed" not in info'
- 'info.elb.status == "ok"'
@ -221,14 +228,14 @@
- 'info.elb.listeners|length == 2'
# ============================================================
# ============================================================
- name: test with no parameters
- name: test with no parameters
ec2_elb_lb:
register: result
ignore_errors: true
- name: assert failure when called with no parameters
- name: assert failure when called with no parameters
assert:
that:
- 'result.failed'
@ -236,38 +243,45 @@
# ============================================================
- name: test with only name
# ============================================================
- name: test with only name
ec2_elb_lb:
name="{{ tag_prefix }}"
register: result
ignore_errors: true
- name: assert failure when called with only name
- name: assert failure when called with only name
assert:
that:
- 'result.failed'
- 'result.msg == "missing required arguments: state"'
# ============================================================
- name: test invalid region parameter
# ============================================================
- name: test invalid region parameter
ec2_elb_lb:
name="{{ tag_prefix }}"
region='asdf querty 1234'
state=present
name: "{{ tag_prefix }}"
region: 'asdf querty 1234'
state: present
listeners:
- protocol: http
load_balancer_port: 80
instance_port: 80
zones:
- us-east-1c
- us-east-1d
register: result
ignore_errors: true
- name: assert invalid region parameter
- name: assert invalid region parameter
assert:
that:
- 'result.failed'
- 'result.msg.startswith("value of region must be one of:")'
- 'result.msg.startswith("Region asdf querty 1234 does not seem to be available ")'
# ============================================================
- name: test valid region parameter
# ============================================================
- name: test valid region parameter
ec2_elb_lb:
name: "{{ tag_prefix }}"
region: "{{ ec2_region }}"
@ -283,16 +297,16 @@
register: result
ignore_errors: true
- name: assert valid region parameter
- name: assert valid region parameter
assert:
that:
- 'result.failed'
- 'result.msg.startswith("No handler was ready to authenticate.")'
# ============================================================
# ============================================================
- name: test invalid ec2_url parameter
- name: test invalid ec2_url parameter
ec2_elb_lb:
name: "{{ tag_prefix }}"
region: "{{ ec2_region }}"
@ -309,15 +323,15 @@
register: result
ignore_errors: true
- name: assert invalid ec2_url parameter
- name: assert invalid ec2_url parameter
assert:
that:
- 'result.failed'
- 'result.msg.startswith("No handler was ready to authenticate.")'
# ============================================================
- name: test valid ec2_url parameter
# ============================================================
- name: test valid ec2_url parameter
ec2_elb_lb:
name: "{{ tag_prefix }}"
region: "{{ ec2_region }}"
@ -334,15 +348,15 @@
register: result
ignore_errors: true
- name: assert valid ec2_url parameter
- name: assert valid ec2_url parameter
assert:
that:
- 'result.failed'
- 'result.msg.startswith("No handler was ready to authenticate.")'
# ============================================================
- name: test credentials from environment
# ============================================================
- name: test credentials from environment
ec2_elb_lb:
name: "{{ tag_prefix }}"
region: "{{ ec2_region }}"
@ -360,15 +374,15 @@
register: result
ignore_errors: true
- name: assert credentials from environment
- name: assert credentials from environment
assert:
that:
- 'result.failed'
- '"InvalidClientTokenId" in result.msg'
- '"InvalidClientTokenId" in result.exception'
# ============================================================
- name: test credential parameters
# ============================================================
- name: test credential parameters
ec2_elb_lb:
name: "{{ tag_prefix }}"
region: "{{ ec2_region }}"
@ -383,23 +397,26 @@
register: result
ignore_errors: true
- name: assert credential parameters
- name: assert credential parameters
assert:
that:
- 'result.failed'
- '"No handler was ready to authenticate. 1 handlers were checked." in result.msg'
# ============================================================
- name: remove the test load balancer completely
always:
# ============================================================
- name: remove the test load balancer completely
ec2_elb_lb:
name: "{{ tag_prefix }}"
region: "{{ ec2_region }}"
state: absent
ec2_access_key: "{{ ec2_access_key }}"
ec2_secret_key: "{{ ec2_secret_key }}"
security_token: "{{ security_token }}"
register: result
- name: assert the load balancer was removed
- name: assert the load balancer was removed
assert:
that:
- 'result.changed'

View file

@ -8,46 +8,48 @@
# - include: ../../setup_ec2/tasks/common.yml module_name=ec2_group
# ============================================================
- name: test failure with no parameters
- block:
# ============================================================
- name: test failure with no parameters
ec2_group:
register: result
ignore_errors: true
- name: assert failure with no parameters
- name: assert failure with no parameters
assert:
that:
- 'result.failed'
- 'result.msg == "missing required arguments: name"'
# ============================================================
- name: test failure with only name
# ============================================================
- name: test failure with only name
ec2_group:
name='{{ec2_group_name}}'
register: result
ignore_errors: true
- name: assert failure with only name
- name: assert failure with only name
assert:
that:
- 'result.failed'
- 'result.msg == "Must provide description when state is present."'
# ============================================================
- name: test failure with only description
# ============================================================
- name: test failure with only description
ec2_group:
description='{{ec2_group_description}}'
register: result
ignore_errors: true
- name: assert failure with only description
- name: assert failure with only description
assert:
that:
- 'result.failed'
- 'result.msg == "missing required arguments: name"'
# ============================================================
- name: test failure with empty description (AWS API requires non-empty string desc)
# ============================================================
- name: test failure with empty description (AWS API requires non-empty string desc)
ec2_group:
name='{{ec2_group_name}}'
description=''
@ -55,14 +57,14 @@
register: result
ignore_errors: true
- name: assert failure with empty description
- name: assert failure with empty description
assert:
that:
- 'result.failed'
- 'result.msg == "Must provide description when state is present."'
# ============================================================
- name: test invalid region parameter
# ============================================================
- name: test invalid region parameter
ec2_group:
name='{{ec2_group_name}}'
description='{{ec2_group_description}}'
@ -70,14 +72,14 @@
register: result
ignore_errors: true
- name: assert invalid region parameter
- name: assert invalid region parameter
assert:
that:
- 'result.failed'
- 'result.msg.startswith("Region asdf querty 1234 does not seem to be available for aws module boto.ec2. If the region definitely exists, you may need to upgrade boto or extend with endpoints_path")'
# ============================================================
- name: test valid region parameter
# ============================================================
- name: test valid region parameter
ec2_group:
name='{{ec2_group_name}}'
description='{{ec2_group_description}}'
@ -85,14 +87,14 @@
register: result
ignore_errors: true
- name: assert valid region parameter
- name: assert valid region parameter
assert:
that:
- 'result.failed'
- 'result.msg.startswith("No handler was ready to authenticate.")'
# ============================================================
- name: test environment variable EC2_REGION
# ============================================================
- name: test environment variable EC2_REGION
ec2_group:
name='{{ec2_group_name}}'
description='{{ec2_group_description}}'
@ -101,14 +103,14 @@
register: result
ignore_errors: true
- name: assert environment variable EC2_REGION
- name: assert environment variable EC2_REGION
assert:
that:
- 'result.failed'
- 'result.msg.startswith("No handler was ready to authenticate.")'
# ============================================================
- name: test invalid ec2_url parameter
# ============================================================
- name: test invalid ec2_url parameter
ec2_group:
name='{{ec2_group_name}}'
description='{{ec2_group_description}}'
@ -117,14 +119,14 @@
register: result
ignore_errors: true
- name: assert invalid ec2_url parameter
- name: assert invalid ec2_url parameter
assert:
that:
- 'result.failed'
- 'result.msg.startswith("No handler was ready to authenticate.")'
# ============================================================
- name: test valid ec2_url parameter
# ============================================================
- name: test valid ec2_url parameter
ec2_group:
name='{{ec2_group_name}}'
description='{{ec2_group_description}}'
@ -133,14 +135,14 @@
register: result
ignore_errors: true
- name: assert valid ec2_url parameter
- name: assert valid ec2_url parameter
assert:
that:
- 'result.failed'
- 'result.msg.startswith("No handler was ready to authenticate.")'
# ============================================================
- name: test credentials from environment
# ============================================================
- name: test credentials from environment
ec2_group:
name='{{ec2_group_name}}'
description='{{ec2_group_description}}'
@ -151,14 +153,14 @@
register: result
ignore_errors: true
- name: assert ec2_group with valid ec2_url
- name: assert ec2_group with valid ec2_url
assert:
that:
- 'result.failed'
- '"Error in get_all_security_groups: AWS was not able to validate the provided access credentials" in result.msg'
# ============================================================
- name: test credential parameters
# ============================================================
- name: test credential parameters
ec2_group:
name='{{ec2_group_name}}'
description='{{ec2_group_description}}'
@ -168,82 +170,86 @@
register: result
ignore_errors: true
- name: assert credential parameters
- name: assert credential parameters
assert:
that:
- 'result.failed'
- '"Error in get_all_security_groups: AWS was not able to validate the provided access credentials" in result.msg'
# ============================================================
- name: test state=absent
# ============================================================
- name: test state=absent
ec2_group:
name='{{ec2_group_name}}'
description='{{ec2_group_description}}'
ec2_region='{{ec2_region}}'
ec2_access_key='{{ec2_access_key}}'
ec2_secret_key='{{ec2_secret_key}}'
security_token='{{security_token}}'
state=absent
register: result
- name: assert state=absent
- name: assert state=absent
assert:
that:
- '"failed" not in result'
# ============================================================
- name: test state=present (expected changed=true)
# ============================================================
- name: test state=present (expected changed=true)
ec2_group:
name='{{ec2_group_name}}'
description='{{ec2_group_description}}'
ec2_region='{{ec2_region}}'
ec2_access_key='{{ec2_access_key}}'
ec2_secret_key='{{ec2_secret_key}}'
security_token='{{security_token}}'
state=present
register: result
- name: assert state=present (expected changed=true)
- name: assert state=present (expected changed=true)
assert:
that:
- 'result.changed'
- 'result.group_id.startswith("sg-")'
# ============================================================
- name: test state=present different description raises error
# ============================================================
- name: test state=present different description raises error
ec2_group:
name='{{ec2_group_name}}'
description='{{ec2_group_description}}CHANGED'
ec2_region='{{ec2_region}}'
ec2_access_key='{{ec2_access_key}}'
ec2_secret_key='{{ec2_secret_key}}'
security_token='{{security_token}}'
state=present
ignore_errors: true
register: result
- name: assert matching group with non-matching description raises error
- name: assert matching group with non-matching description raises error
assert:
that:
- 'result.failed'
- '"Group description does not match existing group. ec2_group does not support this case." in result.msg'
# ============================================================
- name: test state=present (expected changed=false)
# ============================================================
- name: test state=present (expected changed=false)
ec2_group:
name='{{ec2_group_name}}'
description='{{ec2_group_description}}'
ec2_region='{{ec2_region}}'
ec2_access_key='{{ec2_access_key}}'
ec2_secret_key='{{ec2_secret_key}}'
security_token='{{security_token}}'
state=present
register: result
- name: assert state=present (expected changed=false)
- name: assert state=present (expected changed=false)
assert:
that:
- 'not result.changed'
- 'result.group_id.startswith("sg-")'
# ============================================================
- name: test state=absent (expected changed=true)
# ============================================================
- name: test state=absent (expected changed=true)
ec2_group:
name='{{ec2_group_name}}'
state=absent
@ -251,16 +257,19 @@
EC2_REGION: '{{ec2_region}}'
EC2_ACCESS_KEY: '{{ec2_access_key}}'
EC2_SECRET_KEY: '{{ec2_secret_key}}'
EC2_SECURITY_TOKEN: '{{security_token|default("")}}'
register: result
- name: assert state=absent (expected changed=true)
- name: assert state=absent (expected changed=true)
assert:
that:
- 'result.changed'
- 'not result.group_id'
# ============================================================
- name: test state=absent (expected changed=false)
always:
# ============================================================
- name: test state=absent (expected changed=false)
ec2_group:
name='{{ec2_group_name}}'
state=absent
@ -268,9 +277,10 @@
EC2_REGION: '{{ec2_region}}'
EC2_ACCESS_KEY: '{{ec2_access_key}}'
EC2_SECRET_KEY: '{{ec2_secret_key}}'
EC2_SECURITY_TOKEN: '{{security_token|default("")}}'
register: result
- name: assert state=absent (expected changed=false)
- name: assert state=absent (expected changed=false)
assert:
that:
- 'not result.changed'

View file

@ -1,3 +1,4 @@
dependencies:
- prepare_tests
- setup_sshkey
- setup_ec2

View file

@ -13,61 +13,63 @@
# ============================================================
# - include: ../../setup_ec2/tasks/common.yml module_name=ec2_key
# ============================================================
- name: test with no parameters
- block:
# ============================================================
- name: test with no parameters
ec2_key:
register: result
ignore_errors: true
- name: assert failure when called with no parameters
- name: assert failure when called with no parameters
assert:
that:
- 'result.failed'
- 'result.msg == "missing required arguments: name"'
# ============================================================
- name: test with only name
# ============================================================
- name: test with only name
ec2_key:
name={{ec2_key_name}}
register: result
ignore_errors: true
- name: assert failure when called with only 'name'
- name: assert failure when called with only 'name'
assert:
that:
- 'result.failed'
- 'result.msg == "Either region or ec2_url must be specified"'
# ============================================================
- name: test invalid region parameter
# ============================================================
- name: test invalid region parameter
ec2_key:
name={{ec2_key_name}}
region='asdf querty 1234'
register: result
ignore_errors: true
- name: assert invalid region parameter
- name: assert invalid region parameter
assert:
that:
- 'result.failed'
- 'result.msg.startswith("value of region must be one of:")'
- 'result.msg.startswith("Region asdf querty 1234 does not seem to be available ")'
# ============================================================
- name: test valid region parameter
# ============================================================
- name: test valid region parameter
ec2_key:
name={{ec2_key_name}}
region={{ec2_region}}
register: result
ignore_errors: true
- name: assert valid region parameter
- name: assert valid region parameter
assert:
that:
- 'result.failed'
- 'result.msg.startswith("No handler was ready to authenticate.")'
# ============================================================
- name: test environment variable EC2_REGION
# ============================================================
- name: test environment variable EC2_REGION
ec2_key:
name={{ec2_key_name}}
environment:
@ -75,14 +77,14 @@
register: result
ignore_errors: true
- name: assert environment variable EC2_REGION
- name: assert environment variable EC2_REGION
assert:
that:
- 'result.failed'
- 'result.msg.startswith("No handler was ready to authenticate.")'
# ============================================================
- name: test invalid ec2_url parameter
# ============================================================
- name: test invalid ec2_url parameter
ec2_key:
name={{ec2_key_name}}
environment:
@ -90,14 +92,14 @@
register: result
ignore_errors: true
- name: assert invalid ec2_url parameter
- name: assert invalid ec2_url parameter
assert:
that:
- 'result.failed'
- 'result.msg.startswith("No handler was ready to authenticate.")'
# ============================================================
- name: test valid ec2_url parameter
# ============================================================
- name: test valid ec2_url parameter
ec2_key:
name={{ec2_key_name}}
environment:
@ -105,14 +107,14 @@
register: result
ignore_errors: true
- name: assert valid ec2_url parameter
- name: assert valid ec2_url parameter
assert:
that:
- 'result.failed'
- 'result.msg.startswith("No handler was ready to authenticate.")'
# ============================================================
- name: test credentials from environment
# ============================================================
- name: test credentials from environment
ec2_key:
name={{ec2_key_name}}
environment:
@ -122,14 +124,14 @@
register: result
ignore_errors: true
- name: assert ec2_key with valid ec2_url
- name: assert ec2_key with valid ec2_url
assert:
that:
- 'result.failed'
- '"EC2ResponseError: 401 Unauthorized" in result.msg'
- '"EC2ResponseError: 401 Unauthorized" in result.module_stderr'
# ============================================================
- name: test credential parameters
# ============================================================
- name: test credential parameters
ec2_key:
name={{ec2_key_name}}
ec2_region={{ec2_region}}
@ -138,38 +140,40 @@
register: result
ignore_errors: true
- name: assert credential parameters
- name: assert credential parameters
assert:
that:
- 'result.failed'
- '"EC2ResponseError: 401 Unauthorized" in result.msg'
- '"EC2ResponseError: 401 Unauthorized" in result.module_stderr'
# ============================================================
- name: test state=absent with key_material
# ============================================================
- name: test state=absent with key_material
ec2_key:
name='{{ec2_key_name}}'
ec2_region={{ec2_region}}
ec2_access_key={{ec2_access_key}}
ec2_secret_key={{ec2_secret_key}}
security_token={{security_token}}
state=absent
register: result
- name: assert state=absent with key_material
- name: assert state=absent with key_material
assert:
that:
- '"failed" not in result'
# ============================================================
- name: test state=present without key_material
# ============================================================
- name: test state=present without key_material
ec2_key:
name='{{ec2_key_name}}'
ec2_region={{ec2_region}}
ec2_access_key={{ec2_access_key}}
ec2_secret_key={{ec2_secret_key}}
security_token={{security_token}}
state=present
register: result
- name: assert state=present without key_material
- name: assert state=present without key_material
assert:
that:
- 'result.changed'
@ -180,8 +184,8 @@
- '"private_key" in result.key'
- 'result.key.name == "{{ec2_key_name}}"'
# ============================================================
- name: test state=absent without key_material
# ============================================================
- name: test state=absent without key_material
ec2_key:
name='{{ec2_key_name}}'
state=absent
@ -189,9 +193,10 @@
EC2_REGION: '{{ec2_region}}'
EC2_ACCESS_KEY: '{{ec2_access_key}}'
EC2_SECRET_KEY: '{{ec2_secret_key}}'
EC2_SECURITY_TOKEN: '{{security_token|default("")}}'
register: result
- name: assert state=absent without key_material
- name: assert state=absent without key_material
assert:
that:
- 'result.changed'
@ -199,8 +204,8 @@
- '"key" in result'
- 'result.key == None'
# ============================================================
- name: test state=present with key_material
# ============================================================
- name: test state=present with key_material
ec2_key:
name='{{ec2_key_name}}'
key_material='{{key_material}}'
@ -209,9 +214,10 @@
EC2_REGION: '{{ec2_region}}'
EC2_ACCESS_KEY: '{{ec2_access_key}}'
EC2_SECRET_KEY: '{{ec2_secret_key}}'
EC2_SECURITY_TOKEN: '{{security_token|default("")}}'
register: result
- name: assert state=present with key_material
- name: assert state=present with key_material
assert:
that:
- '"failed" not in result'
@ -224,18 +230,19 @@
# FIXME - why don't the fingerprints match?
# - 'result.key.fingerprint == "{{fingerprint}}"'
# ============================================================
- name: test state=absent with key_material
# ============================================================
- name: test state=absent with key_material
ec2_key:
name='{{ec2_key_name}}'
key_material='{{key_material}}'
ec2_region='{{ec2_region}}'
ec2_access_key='{{ec2_access_key}}'
ec2_secret_key='{{ec2_secret_key}}'
security_token='{{security_token}}'
state=absent
register: result
- name: assert state=absent with key_material
- name: assert state=absent with key_material
assert:
that:
- 'result.changed'
@ -243,20 +250,21 @@
- '"key" in result'
- 'result.key == None'
# ============================================================
- name: test state=present with key_material with_files (expect changed=true)
# ============================================================
- name: test state=present with key_material with_files (expect changed=true)
ec2_key:
name='{{ec2_key_name}}'
state=present
key_material='{{ item }}'
with_file: sshkey ~ '.pub'
with_file: '{{sshkey}}.pub'
environment:
EC2_REGION: '{{ec2_region}}'
EC2_ACCESS_KEY: '{{ec2_access_key}}'
EC2_SECRET_KEY: '{{ec2_secret_key}}'
EC2_SECURITY_TOKEN: '{{security_token|default("")}}'
register: result
- name: assert state=present with key_material with_files (expect changed=true)
- name: assert state=present with key_material with_files (expect changed=true)
assert:
that:
- 'result.msg == "All items completed"'
@ -271,20 +279,21 @@
# FIXME - why doesn't result.key.fingerprint == {{fingerprint}}
# - 'result.key.fingerprint == "{{fingerprint}}"'
# ============================================================
- name: test state=present with key_material with_files (expect changed=false)
# ============================================================
- name: test state=present with key_material with_files (expect changed=false)
ec2_key:
name='{{ec2_key_name}}'
state=present
key_material='{{ item }}'
with_file: sshkey ~ '.pub'
with_file: '{{sshkey}}.pub'
environment:
EC2_REGION: '{{ec2_region}}'
EC2_ACCESS_KEY: '{{ec2_access_key}}'
EC2_SECRET_KEY: '{{ec2_secret_key}}'
EC2_SECURITY_TOKEN: '{{security_token|default("")}}'
register: result
- name: assert state=present with key_material with_files (expect changed=false)
- name: assert state=present with key_material with_files (expect changed=false)
assert:
that:
- 'result.msg == "All items completed"'
@ -299,18 +308,19 @@
# FIXME - why doesn't result.key.fingerprint == {{fingerprint}}
# - 'result.key.fingerprint == "{{fingerprint}}"'
# ============================================================
- name: test state=absent with key_material (expect changed=true)
# ============================================================
- name: test state=absent with key_material (expect changed=true)
ec2_key:
name='{{ec2_key_name}}'
ec2_region='{{ec2_region}}'
ec2_access_key='{{ec2_access_key}}'
ec2_secret_key='{{ec2_secret_key}}'
security_token='{{security_token}}'
key_material='{{key_material}}'
state=absent
register: result
- name: assert state=absent with key_material (expect changed=true)
- name: assert state=absent with key_material (expect changed=true)
assert:
that:
- 'result.changed'
@ -318,17 +328,20 @@
- '"key" in result'
- 'result.key == None'
# ============================================================
- name: test state=absent (expect changed=false)
always:
# ============================================================
- name: test state=absent (expect changed=false)
ec2_key:
name='{{ec2_key_name}}'
ec2_region='{{ec2_region}}'
ec2_access_key='{{ec2_access_key}}'
ec2_secret_key='{{ec2_secret_key}}'
security_token='{{security_token}}'
state=absent
register: result
- name: assert state=absent with key_material (expect changed=false)
- name: assert state=absent with key_material (expect changed=false)
assert:
that:
- 'not result.changed'

View file

@ -0,0 +1,3 @@
dependencies:
- prepare_tests
- setup_ec2

View file

@ -3,8 +3,14 @@
ecr_name: 'ecr-test-{{ ansible_date_time.epoch }}'
- block:
- name: When creating with check mode
ecs_ecr: name='{{ ecr_name }}' region='{{ ec2_region }}'
ecs_ecr:
name: '{{ ecr_name }}'
region: '{{ ec2_region }}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: result
check_mode: yes
@ -17,7 +23,13 @@
- name: When specifying a registry that is inaccessible
ecs_ecr: registry_id=999999999999 name='{{ ecr_name }}' region='{{ ec2_region }}'
ecs_ecr:
registry_id: 999999999999
name: '{{ ecr_name }}'
region: '{{ ec2_region }}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: result
ignore_errors: true
@ -29,7 +41,12 @@
- name: When creating a repository
ecs_ecr: name='{{ ecr_name }}' region='{{ ec2_region }}'
ecs_ecr:
name: '{{ ecr_name }}'
region: '{{ ec2_region }}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: result
- name: it should change and create
@ -40,7 +57,12 @@
- name: When creating a repository that already exists in check mode
ecs_ecr: name='{{ ecr_name }}' region='{{ ec2_region }}'
ecs_ecr:
name: '{{ ecr_name }}'
region: '{{ ec2_region }}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: result
check_mode: yes
@ -52,7 +74,12 @@
- name: When creating a repository that already exists
ecs_ecr: name='{{ ecr_name }}' region='{{ ec2_region }}'
ecs_ecr:
name: '{{ ecr_name }}'
region: '{{ ec2_region }}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: result
- name: it should not change
@ -65,6 +92,9 @@
ecs_ecr:
region: '{{ ec2_region }}'
name: '{{ ecr_name }}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
delete_policy: yes
register: result
check_mode: yes
@ -81,6 +111,9 @@
region: '{{ ec2_region }}'
name: '{{ ecr_name }}'
policy: '{{ policy }}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: result
check_mode: yes
@ -97,6 +130,9 @@
region: '{{ ec2_region }}'
name: '{{ ecr_name }}'
policy: '{{ policy }}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: result
- name: it should change and not create
@ -111,6 +147,9 @@
region: '{{ ec2_region }}'
name: '{{ ecr_name }}'
delete_policy: yes
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: result
check_mode: yes
@ -127,6 +166,9 @@
region: '{{ ec2_region }}'
name: '{{ ecr_name }}'
delete_policy: yes
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: result
- name: it should change and not create
@ -141,6 +183,9 @@
region: '{{ ec2_region }}'
name: '{{ ecr_name }}'
policy: '{{ policy | to_json }}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: result
- name: it should change and not create
@ -155,6 +200,9 @@
region: '{{ ec2_region }}'
name: '{{ ecr_name }}'
policy: '{{ policy }}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: result
- name: it should not change
@ -167,6 +215,9 @@
ecs_ecr:
region: '{{ ec2_region }}'
name: '{{ ecr_name }}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: result
- name: it should not change
@ -181,6 +232,9 @@
name: '{{ ecr_name }}'
policy: '{{ policy }}'
delete_policy: yes
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: result
ignore_errors: true
@ -195,6 +249,9 @@
region: '{{ ec2_region }}'
name: '{{ ecr_name }}'
policy_text: "Ceci n'est pas une JSON"
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: result
ignore_errors: true
@ -205,7 +262,13 @@
- name: When in check mode, deleting a policy that exists
ecs_ecr: name='{{ ecr_name }}' region='{{ ec2_region }}' state=absent
ecs_ecr:
name: '{{ ecr_name }}'
region: '{{ ec2_region }}'
state: absent
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: result
check_mode: yes
@ -218,7 +281,13 @@
- name: When deleting a policy that exists
ecs_ecr: name='{{ ecr_name }}' region='{{ ec2_region }}' state=absent
ecs_ecr:
name: '{{ ecr_name }}'
region: '{{ ec2_region }}'
state: absent
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: result
- name: it should change
@ -228,7 +297,13 @@
- name: When in check mode, deleting a policy that does not exist
ecs_ecr: name='{{ ecr_name }}' region='{{ ec2_region }}' state=absent
ecs_ecr:
name: '{{ ecr_name }}'
region: '{{ ec2_region }}'
state: absent
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: result
check_mode: yes
@ -240,7 +315,13 @@
- name: When deleting a policy that does not exist
ecs_ecr: name='{{ ecr_name }}' region='{{ ec2_region }}' state=absent
ecs_ecr:
name: '{{ ecr_name }}'
region: '{{ ec2_region }}'
state: absent
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: result
- name: it should not change
@ -249,5 +330,12 @@
- not result|changed
always:
- name: Delete lingering ECR repository
ecs_ecr: name='{{ ecr_name }}' region='{{ ec2_region }}' state=absent
ecs_ecr:
name: '{{ ecr_name }}'
region: '{{ ec2_region }}'
state: absent
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'