mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
60b29cf57d
* Several tests were marked as FIXME and should have been fixed with the boto3 move. * Improved tags output. Add purge_tags option (default: no) * Allow description and tags update * Return launch_permissions * Allow empty launch permissions for image creation * Empty launch permissions should work the same way for image creation as no launch permissions * Cope with ephemeral devices in AMI block device mapping * Ephemeral devices can appear in AMI block devices, and this information should be returned * Fix notation for creating sets from comprehensions
514 lines
16 KiB
YAML
514 lines
16 KiB
YAML
---
|
|
# tasks file for test_ec2_ami
|
|
|
|
- block:
|
|
|
|
# ============================================================
|
|
|
|
# SETUP: vpc, ec2 key pair, subnet, security group, ec2 instance, snapshot
|
|
|
|
- name: create a VPC to work in
|
|
ec2_vpc_net:
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
cidr_block: 10.0.0.0/24
|
|
state: present
|
|
name: '{{ ec2_ami_name }}_setup'
|
|
resource_tags:
|
|
Name: '{{ ec2_ami_name }}_setup'
|
|
register: setup_vpc
|
|
|
|
- name: create a key pair to use for creating an ec2 instance
|
|
ec2_key:
|
|
name: '{{ ec2_ami_name }}_setup'
|
|
state: present
|
|
ec2_region: '{{ ec2_region }}'
|
|
ec2_access_key: '{{ ec2_access_key }}'
|
|
ec2_secret_key: '{{ ec2_secret_key }}'
|
|
security_token: '{{ security_token }}'
|
|
register: setup_key
|
|
|
|
- name: create a subnet to use for creating an ec2 instance
|
|
ec2_vpc_subnet:
|
|
ec2_region: '{{ ec2_region }}'
|
|
ec2_access_key: '{{ ec2_access_key }}'
|
|
ec2_secret_key: '{{ ec2_secret_key }}'
|
|
security_token: '{{ security_token }}'
|
|
az: '{{ ec2_region }}a'
|
|
tags: '{{ ec2_ami_name }}_setup'
|
|
vpc_id: '{{ setup_vpc.vpc.id }}'
|
|
cidr: 10.0.0.0/24
|
|
state: present
|
|
resource_tags:
|
|
Name: '{{ ec2_ami_name }}_setup'
|
|
register: setup_subnet
|
|
|
|
- name: create a security group to use for creating an ec2 instance
|
|
ec2_group:
|
|
name: '{{ ec2_ami_name }}_setup'
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
description: 'created by Ansible integration tests'
|
|
state: present
|
|
vpc_id: '{{ setup_vpc.vpc.id }}'
|
|
register: setup_sg
|
|
|
|
- name: provision ec2 instance to create an image
|
|
ec2:
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
key_name: '{{ setup_key.key.name }}'
|
|
instance_type: t2.micro
|
|
state: present
|
|
image: '{{ ec2_region_images[ec2_region] }}'
|
|
wait: yes
|
|
instance_tags:
|
|
'{{ec2_ami_name}}_instance_setup': 'integration_tests'
|
|
group_id: '{{ setup_sg.group_id }}'
|
|
vpc_subnet_id: '{{ setup_subnet.subnet.id }}'
|
|
register: setup_instance
|
|
|
|
- name: take a snapshot of the instance to create an image
|
|
ec2_snapshot:
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
instance_id: '{{ setup_instance.instance_ids[0] }}'
|
|
device_name: /dev/xvda
|
|
state: present
|
|
register: setup_snapshot
|
|
|
|
# ============================================================
|
|
|
|
- name: create an image from the instance
|
|
ec2_ami:
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
instance_id: '{{ setup_instance.instance_ids[0] }}'
|
|
state: present
|
|
name: '{{ ec2_ami_name }}_ami'
|
|
description: '{{ ec2_ami_description }}'
|
|
tags:
|
|
Name: '{{ ec2_ami_name }}_ami'
|
|
wait: yes
|
|
root_device_name: /dev/xvda
|
|
register: result
|
|
|
|
- name: assert that image has been created
|
|
assert:
|
|
that:
|
|
- "result.changed"
|
|
- "result.image_id.startswith('ami-')"
|
|
- "'Name' in result.tags and result.tags.Name == ec2_ami_name + '_ami'"
|
|
|
|
- name: set image id fact for deletion later
|
|
set_fact:
|
|
ec2_ami_image_id: "{{ result.image_id }}"
|
|
|
|
# ============================================================
|
|
|
|
- name: gather facts about the image created
|
|
ec2_ami_facts:
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
image_ids: '{{ ec2_ami_image_id }}'
|
|
register: ami_facts_result
|
|
ignore_errors: true
|
|
|
|
- name: assert that the right image was found
|
|
assert:
|
|
that:
|
|
- "ami_facts_result.images[0].image_id == ec2_ami_image_id"
|
|
|
|
# ============================================================
|
|
|
|
- name: delete the image
|
|
ec2_ami:
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
instance_id: '{{ setup_instance.instance_ids[0] }}'
|
|
state: absent
|
|
delete_snapshot: yes
|
|
name: '{{ ec2_ami_name }}_ami'
|
|
description: '{{ ec2_ami_description }}'
|
|
image_id: '{{ result.image_id }}'
|
|
tags:
|
|
Name: '{{ ec2_ami_name }}_ami'
|
|
wait: yes
|
|
ignore_errors: true
|
|
register: result
|
|
|
|
- name: assert that the image has been deleted
|
|
assert:
|
|
that:
|
|
- "result.changed"
|
|
- "'image_id' not in result"
|
|
|
|
# ============================================================
|
|
|
|
- name: test removing an ami if no image ID is provided (expected failed=true)
|
|
ec2_ami:
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
state: absent
|
|
register: result
|
|
ignore_errors: yes
|
|
|
|
- name: assert that an image ID is required
|
|
assert:
|
|
that:
|
|
- "result.failed"
|
|
- "result.msg == 'state is absent but all of the following are missing: image_id'"
|
|
|
|
# ============================================================
|
|
|
|
- name: create an image from the snapshot
|
|
ec2_ami:
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
name: '{{ ec2_ami_name }}_ami'
|
|
description: '{{ ec2_ami_description }}'
|
|
state: present
|
|
launch_permissions:
|
|
user_ids: []
|
|
tags:
|
|
Name: '{{ ec2_ami_name }}_ami'
|
|
root_device_name: /dev/xvda
|
|
device_mapping:
|
|
- device_name: /dev/xvda
|
|
volume_type: gp2
|
|
size: 8
|
|
delete_on_termination: true
|
|
snapshot_id: '{{ setup_snapshot.snapshot_id }}'
|
|
register: result
|
|
ignore_errors: true
|
|
|
|
- name: assert a new ami has been created
|
|
assert:
|
|
that:
|
|
- "result.changed"
|
|
- "result.image_id.startswith('ami-')"
|
|
|
|
- name: set image id fact for deletion later
|
|
set_fact:
|
|
ec2_ami_image_id: "{{ result.image_id }}"
|
|
ec2_ami_snapshot: "{{ result.block_device_mapping['/dev/xvda'].snapshot_id }}"
|
|
|
|
# ============================================================
|
|
|
|
- name: test default launch permissions idempotence
|
|
ec2_ami:
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
description: '{{ ec2_ami_description }}'
|
|
state: present
|
|
name: '{{ ec2_ami_name }}_ami'
|
|
tags:
|
|
Name: '{{ ec2_ami_name }}_ami'
|
|
root_device_name: /dev/xvda
|
|
image_id: '{{ result.image_id }}'
|
|
launch_permissions:
|
|
user_ids: []
|
|
device_mapping:
|
|
- device_name: /dev/xvda
|
|
volume_type: gp2
|
|
size: 8
|
|
delete_on_termination: true
|
|
snapshot_id: '{{ setup_snapshot.snapshot_id }}'
|
|
register: result
|
|
|
|
- name: assert a new ami has not been created
|
|
assert:
|
|
that:
|
|
- "not result.changed"
|
|
- "result.image_id.startswith('ami-')"
|
|
|
|
# ============================================================
|
|
|
|
- name: add a tag to the AMI
|
|
ec2_ami:
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
state: present
|
|
description: '{{ ec2_ami_description }}'
|
|
image_id: '{{ result.image_id }}'
|
|
name: '{{ ec2_ami_name }}_ami'
|
|
tags:
|
|
New: Tag
|
|
register: result
|
|
|
|
- name: assert a tag was added
|
|
assert:
|
|
that:
|
|
- "'Name' in result.tags and result.tags.Name == ec2_ami_name + '_ami'"
|
|
- "'New' in result.tags and result.tags.New == 'Tag'"
|
|
|
|
- name: use purge_tags to remove a tag from the AMI
|
|
ec2_ami:
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
state: present
|
|
description: '{{ ec2_ami_description }}'
|
|
image_id: '{{ result.image_id }}'
|
|
name: '{{ ec2_ami_name }}_ami'
|
|
tags:
|
|
New: Tag
|
|
purge_tags: yes
|
|
register: result
|
|
|
|
- name: assert a tag was removed
|
|
assert:
|
|
that:
|
|
- "'Name' not in result.tags"
|
|
- "'New' in result.tags and result.tags.New == 'Tag'"
|
|
|
|
# ============================================================
|
|
|
|
- name: update AMI launch permissions
|
|
ec2_ami:
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
state: present
|
|
image_id: '{{ result.image_id }}'
|
|
name: '{{ ec2_ami_name }}_ami'
|
|
description: '{{ ec2_ami_description }}'
|
|
tags:
|
|
Name: '{{ ec2_ami_name }}_ami'
|
|
launch_permissions:
|
|
group_names: ['all']
|
|
register: result
|
|
|
|
- name: assert launch permissions were updated
|
|
assert:
|
|
that:
|
|
- "result.changed"
|
|
|
|
# ============================================================
|
|
|
|
- name: modify the AMI description
|
|
ec2_ami:
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
state: present
|
|
image_id: '{{ result.image_id }}'
|
|
name: '{{ ec2_ami_name }}_ami'
|
|
description: '{{ ec2_ami_description }}CHANGED'
|
|
tags:
|
|
Name: '{{ ec2_ami_name }}_ami'
|
|
launch_permissions:
|
|
group_names: ['all']
|
|
register: result
|
|
|
|
- name: assert the description changed
|
|
assert:
|
|
that:
|
|
- "result.changed"
|
|
|
|
# ============================================================
|
|
|
|
- name: remove public launch permissions
|
|
ec2_ami:
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
state: present
|
|
image_id: '{{ result.image_id }}'
|
|
name: '{{ ec2_ami_name }}_ami'
|
|
tags:
|
|
Name: '{{ ec2_ami_name }}_ami'
|
|
launch_permissions:
|
|
group_names: []
|
|
register: result
|
|
|
|
- name: assert launch permissions were updated
|
|
assert:
|
|
that:
|
|
- "result.changed"
|
|
|
|
# ============================================================
|
|
|
|
- name: delete ami without deleting the snapshot (default is not to delete)
|
|
ec2_ami:
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
instance_id: '{{ setup_instance.instance_ids[0] }}'
|
|
state: absent
|
|
name: '{{ ec2_ami_name }}_ami'
|
|
image_id: '{{ ec2_ami_image_id }}'
|
|
tags:
|
|
Name: '{{ ec2_ami_name }}_ami'
|
|
wait: yes
|
|
ignore_errors: true
|
|
register: result
|
|
|
|
- name: assert that the image has been deleted
|
|
assert:
|
|
that:
|
|
- "result.changed"
|
|
- "'image_id' not in result"
|
|
|
|
- name: ensure the snapshot still exists
|
|
ec2_snapshot_facts:
|
|
snapshot_ids:
|
|
- '{{ ec2_ami_snapshot }}'
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
register: snapshot_result
|
|
|
|
- name: assert the snapshot wasn't deleted
|
|
assert:
|
|
that:
|
|
- "snapshot_result.snapshots[0].snapshot_id == ec2_ami_snapshot"
|
|
|
|
- name: delete ami for a second time
|
|
ec2_ami:
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
instance_id: '{{ setup_instance.instance_ids[0] }}'
|
|
state: absent
|
|
name: '{{ ec2_ami_name }}_ami'
|
|
image_id: '{{ ec2_ami_image_id }}'
|
|
tags:
|
|
Name: '{{ ec2_ami_name }}_ami'
|
|
wait: yes
|
|
register: result
|
|
|
|
- name: assert that image does not exist
|
|
assert:
|
|
that:
|
|
- not result.changed
|
|
- not result.failed
|
|
|
|
|
|
# ============================================================
|
|
|
|
always:
|
|
|
|
# ============================================================
|
|
|
|
# TEAR DOWN: snapshot, ec2 instance, ec2 key pair, security group, vpc
|
|
- name: Announce teardown start
|
|
debug:
|
|
msg: "***** TESTING COMPLETE. COMMENCE TEARDOWN *****"
|
|
|
|
- name: delete ami
|
|
ec2_ami:
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
state: absent
|
|
image_id: "{{ ec2_ami_image_id }}"
|
|
name: '{{ ec2_ami_name }}_ami'
|
|
wait: yes
|
|
ignore_errors: yes
|
|
|
|
- name: remove setup snapshot of ec2 instance
|
|
ec2_snapshot:
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
state: absent
|
|
snapshot_id: '{{ setup_snapshot.snapshot_id }}'
|
|
ignore_errors: yes
|
|
|
|
- name: remove setup ec2 instance
|
|
ec2:
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
instance_type: t2.micro
|
|
instance_ids: '{{ setup_instance.instance_ids }}'
|
|
state: absent
|
|
wait: yes
|
|
instance_tags:
|
|
'{{ec2_ami_name}}_instance_setup': 'integration_tests'
|
|
group_id: '{{ setup_sg.group_id }}'
|
|
vpc_subnet_id: '{{ setup_subnet.subnet.id }}'
|
|
ignore_errors: yes
|
|
|
|
- name: remove setup keypair
|
|
ec2_key:
|
|
name: '{{ec2_ami_name}}_setup'
|
|
state: absent
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
ignore_errors: yes
|
|
|
|
- name: remove setup security group
|
|
ec2_group:
|
|
name: '{{ ec2_ami_name }}_setup'
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
description: 'created by Ansible integration tests'
|
|
state: absent
|
|
vpc_id: '{{ setup_vpc.vpc.id }}'
|
|
ignore_errors: yes
|
|
|
|
- name: remove setup subnet
|
|
ec2_vpc_subnet:
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
az: '{{ ec2_region }}a'
|
|
tags: '{{ec2_ami_name}}_setup'
|
|
vpc_id: '{{ setup_vpc.vpc.id }}'
|
|
cidr: 10.0.0.0/24
|
|
state: absent
|
|
resource_tags:
|
|
Name: '{{ ec2_ami_name }}_setup'
|
|
ignore_errors: yes
|
|
|
|
- name: remove setup VPC
|
|
ec2_vpc_net:
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
cidr_block: 10.0.0.0/24
|
|
state: absent
|
|
name: '{{ ec2_ami_name }}_setup'
|
|
resource_tags:
|
|
Name: '{{ ec2_ami_name }}_setup'
|
|
ignore_errors: yes
|