1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00

aws ssm parameter lookup - change to return Nones for missing variables (#36456)

* aws ssm parameter lookup - change to return Nones for missing variables

* aws ssm parameter lookup - fix error case message to dump response

* aws ssm parameter lookup - fix integration test cases
This commit is contained in:
mikedlr 2018-02-21 11:50:00 +00:00 committed by Sloane Hertel
parent b6d4fa1c96
commit 52f2057472
3 changed files with 50 additions and 22 deletions

View file

@ -193,10 +193,16 @@ class LookupModule(LookupBase):
response = client.get_parameters(**ssm_dict) response = client.get_parameters(**ssm_dict)
except ClientError as e: except ClientError as e:
raise AnsibleError("SSM lookup exception: {0}".format(to_native(e))) raise AnsibleError("SSM lookup exception: {0}".format(to_native(e)))
if len(response['Parameters']) == len(terms): params = boto3_tag_list_to_ansible_dict(response['Parameters'], tag_name_key_name="Name",
ret = [p['Value'] for p in response['Parameters']] tag_value_key_name="Value")
for i in terms:
if i in params:
ret.append(params[i])
elif i in response['InvalidParameters']:
ret.append(None)
else: else:
raise AnsibleError('Undefined AWS SSM parameter: %s ' % str(response['InvalidParameters'])) raise AnsibleError("Ansible internal error: aws_ssm lookup failed to understand boto3 return value: {0}".format(str(response)))
return ret
display.vvvv("AWS_ssm path lookup returning: %s " % str(ret)) display.vvvv("AWS_ssm path lookup returning: %s " % str(ret))
return ret return ret

View file

@ -74,17 +74,10 @@
- "'{{lookup('aws_ssm', '/' ~ ssm_key_prefix ~ '/path', region=ec2_region, aws_access_key=ec2_access_key, aws_secret_key=ec2_secret_key, aws_security_token=security_token, bypath=True, shortnames=true ) | to_json }}' == '{\"toovar\": \"too value\", \"wonvar\": \"won value\"}'" - "'{{lookup('aws_ssm', '/' ~ ssm_key_prefix ~ '/path', region=ec2_region, aws_access_key=ec2_access_key, aws_secret_key=ec2_secret_key, aws_security_token=security_token, bypath=True, shortnames=true ) | to_json }}' == '{\"toovar\": \"too value\", \"wonvar\": \"won value\"}'"
# ============================================================ # ============================================================
- name: Error in case we don't find a named parameter - name: Returns empty value in case we don't find a named parameter
debug:
msg: "'{{lookup('aws_ssm', '/' ~ ssm_key_prefix ~ '/Goodbye', region=ec2_region, aws_access_key=ec2_access_key, aws_secret_key=ec2_secret_key, aws_security_token=security_token )}}' == 'World'"
register: result
ignore_errors: true
- name: assert failure from failure to find parameter
assert: assert:
that: that:
- 'result.failed' - "'{{lookup('aws_ssm', '/' ~ ssm_key_prefix ~ '/Goodbye', region=ec2_region, aws_access_key=ec2_access_key, aws_secret_key=ec2_secret_key, aws_security_token=security_token )}}' == ''"
- "'Undefined AWS SSM parameter' in result.msg"
# ============================================================ # ============================================================
- name: Handle multiple paths with one that doesn't exist - default to full names. - name: Handle multiple paths with one that doesn't exist - default to full names.
@ -134,3 +127,4 @@
- "/{{ssm_key_prefix}}/path/wonvar" - "/{{ssm_key_prefix}}/path/wonvar"
- "/{{ssm_key_prefix}}/path/toovar" - "/{{ssm_key_prefix}}/path/toovar"
- "/{{ssm_key_prefix}}/path/tree/treevar" - "/{{ssm_key_prefix}}/path/tree/treevar"
- "/{{ssm_key_prefix}}/deeppath/wondir/samevar"

View file

@ -61,9 +61,16 @@ path_success_response['Parameters'] = [
{'Name': '/testpath/won', 'Type': 'String', 'Value': 'simple_value_won', 'Version': 1} {'Name': '/testpath/won', 'Type': 'String', 'Value': 'simple_value_won', 'Version': 1}
] ]
missing_variable_fail_response = copy(simple_variable_success_response) missing_variable_response = copy(simple_variable_success_response)
missing_variable_fail_response['Parameters'] = [] missing_variable_response['Parameters'] = []
missing_variable_fail_response['InvalidParameters'] = ['missing_variable'] missing_variable_response['InvalidParameters'] = ['missing_variable']
some_missing_variable_response = copy(simple_variable_success_response)
some_missing_variable_response['Parameters'] = [
{'Name': 'simple', 'Type': 'String', 'Value': 'simple_value', 'Version': 1},
{'Name': '/testpath/won', 'Type': 'String', 'Value': 'simple_value_won', 'Version': 1}
]
some_missing_variable_response['InvalidParameters'] = ['missing_variable']
dummy_credentials = {} dummy_credentials = {}
@ -109,16 +116,37 @@ def test_path_lookup_variable(mocker):
get_path_fn.assert_called_with(Path="/testpath", Recursive=False, WithDecryption=True) get_path_fn.assert_called_with(Path="/testpath", Recursive=False, WithDecryption=True)
def test_warn_missing_variable(mocker): def test_return_none_for_missing_variable(mocker):
"""
during jinja2 templates, we can't shouldn't normally raise exceptions since this blocks the ability to use defaults.
for this reason we return ```None``` for missing variables
"""
lookup = aws_ssm.LookupModule() lookup = aws_ssm.LookupModule()
lookup._load_name = "aws_ssm" lookup._load_name = "aws_ssm"
boto3_double = mocker.MagicMock() boto3_double = mocker.MagicMock()
boto3_double.Session.return_value.client.return_value.get_parameters.return_value = missing_variable_fail_response boto3_double.Session.return_value.client.return_value.get_parameters.return_value = missing_variable_response
with pytest.raises(AnsibleError):
with mocker.patch.object(boto3, 'session', boto3_double): with mocker.patch.object(boto3, 'session', boto3_double):
lookup.run(["missing_variable"], {}, **dummy_credentials) retval = lookup.run(["missing_variable"], {}, **dummy_credentials)
assert(retval[0] is None)
def test_match_retvals_to_call_params_even_with_some_missing_variables(mocker):
"""
If we get a complex list of variables with some missing and some not, we still have to return a
list which matches with the original variable list.
"""
lookup = aws_ssm.LookupModule()
lookup._load_name = "aws_ssm"
boto3_double = mocker.MagicMock()
boto3_double.Session.return_value.client.return_value.get_parameters.return_value = some_missing_variable_response
with mocker.patch.object(boto3, 'session', boto3_double):
retval = lookup.run(["simple", "missing_variable", "/testpath/won", "simple"], {}, **dummy_credentials)
assert(retval == ["simple_value", None, "simple_value_won", "simple_value"])
error_response = {'Error': {'Code': 'ResourceNotFoundException', 'Message': 'Fake Testing Error'}} error_response = {'Error': {'Code': 'ResourceNotFoundException', 'Message': 'Fake Testing Error'}}