188 lines
5.7 KiB
YAML
188 lines
5.7 KiB
YAML
|
---
|
||
|
# ============================================================
|
||
|
# These tests work on rule sets without making them active.
|
||
|
# so multiple builds can safely run these tests as is normal.
|
||
|
#
|
||
|
# DO NOT ADD TESTS THAT RELY ON ACTIVE RULE SETS TO THIS FILE
|
||
|
#
|
||
|
# Any test that make rule sets active must be added in
|
||
|
# active-rule-set-tests.yaml or you will have intermittent failures
|
||
|
# from multiple builds interacting
|
||
|
# ============================================================
|
||
|
|
||
|
- name: set up aws connection info
|
||
|
set_fact:
|
||
|
aws_connection_info: &aws_connection_info
|
||
|
aws_access_key: "{{ aws_access_key }}"
|
||
|
aws_secret_key: "{{ aws_secret_key }}"
|
||
|
security_token: "{{ security_token }}"
|
||
|
region: "{{ aws_region }}"
|
||
|
no_log: yes
|
||
|
|
||
|
# ============================================================
|
||
|
- name: test create rule sets
|
||
|
block:
|
||
|
- name: create rule set
|
||
|
aws_ses_rule_set:
|
||
|
name: "{{ default_rule_set }}"
|
||
|
<<: *aws_connection_info
|
||
|
register: result
|
||
|
- name: assert changed to exists inactive
|
||
|
assert:
|
||
|
that:
|
||
|
- result.changed == True
|
||
|
- result.active == False
|
||
|
- "default_rule_set in result.rule_sets|map(attribute='name')"
|
||
|
- name: recreate rule set
|
||
|
aws_ses_rule_set:
|
||
|
name: "{{ default_rule_set }}"
|
||
|
<<: *aws_connection_info
|
||
|
register: result
|
||
|
- name: assert changed is False
|
||
|
assert:
|
||
|
that:
|
||
|
- result.changed == False
|
||
|
always:
|
||
|
- name: cleanup rule set
|
||
|
aws_ses_rule_set:
|
||
|
name: "{{ default_rule_set }}"
|
||
|
state: absent
|
||
|
force: True
|
||
|
<<: *aws_connection_info
|
||
|
# ============================================================
|
||
|
- name: Remove No Such Rules Set
|
||
|
block:
|
||
|
- name: remove ruleset
|
||
|
aws_ses_rule_set:
|
||
|
name: "{{ default_rule_set }}"
|
||
|
state: absent
|
||
|
<<: *aws_connection_info
|
||
|
register: result
|
||
|
- name: assert not changed and absent
|
||
|
assert:
|
||
|
that:
|
||
|
- result.changed == False
|
||
|
- "default_rule_set not in result.rule_sets|map(attribute='name')"
|
||
|
# ============================================================
|
||
|
- name: Remove Inactive Rule Set
|
||
|
block:
|
||
|
- name: create rule set
|
||
|
aws_ses_rule_set:
|
||
|
name: "{{ default_rule_set }}"
|
||
|
<<: *aws_connection_info
|
||
|
- name: remove rule set
|
||
|
aws_ses_rule_set:
|
||
|
name: "{{ default_rule_set }}"
|
||
|
state: absent
|
||
|
<<: *aws_connection_info
|
||
|
register: result
|
||
|
- name: assert changed and removed
|
||
|
assert:
|
||
|
that:
|
||
|
- result.changed == True
|
||
|
- "default_rule_set not in result.rule_sets|map(attribute='name')"
|
||
|
always:
|
||
|
- name: cleanup rule set
|
||
|
aws_ses_rule_set:
|
||
|
name: "{{ default_rule_set }}"
|
||
|
state: absent
|
||
|
force: True
|
||
|
<<: *aws_connection_info
|
||
|
# ============================================================
|
||
|
- name: test create in check mode
|
||
|
block:
|
||
|
- name: create rule set in check mode
|
||
|
aws_ses_rule_set:
|
||
|
name: "{{ default_rule_set }}"
|
||
|
<<: *aws_connection_info
|
||
|
register: result
|
||
|
check_mode: True
|
||
|
- name: assert changed inactive and present
|
||
|
assert:
|
||
|
that:
|
||
|
- result.changed == True
|
||
|
- result.active == False
|
||
|
- "default_rule_set in result.rule_sets|map(attribute='name')"
|
||
|
always:
|
||
|
- name: cleanup rule set
|
||
|
aws_ses_rule_set:
|
||
|
name: "{{ default_rule_set }}"
|
||
|
state: absent
|
||
|
force: True
|
||
|
<<: *aws_connection_info
|
||
|
register: result
|
||
|
- name: assert nothing to clean up since create was in check mode
|
||
|
assert:
|
||
|
that:
|
||
|
- result.changed == False
|
||
|
# ============================================================
|
||
|
- name: mark rule set active in check mode
|
||
|
block:
|
||
|
- name: create rule set
|
||
|
aws_ses_rule_set:
|
||
|
name: "{{ default_rule_set }}"
|
||
|
<<: *aws_connection_info
|
||
|
- name: mark rule set active in check mode
|
||
|
aws_ses_rule_set:
|
||
|
name: "{{ default_rule_set }}"
|
||
|
active: True
|
||
|
<<: *aws_connection_info
|
||
|
register: result
|
||
|
check_mode: True
|
||
|
- name: assert changed and active
|
||
|
assert:
|
||
|
that:
|
||
|
- result.changed == True
|
||
|
- result.active == True
|
||
|
# We check the rule set is still inactive rather than making
|
||
|
# it active again as that way this test can be run in
|
||
|
# parallel
|
||
|
- name: Ensure rule set is inactive
|
||
|
aws_ses_rule_set:
|
||
|
name: "{{ default_rule_set }}"
|
||
|
active: False
|
||
|
<<: *aws_connection_info
|
||
|
register: result
|
||
|
- name: assert unchanged since activation was in check mode
|
||
|
assert:
|
||
|
that:
|
||
|
- result.changed == False
|
||
|
always:
|
||
|
- name: cleanup rule set
|
||
|
aws_ses_rule_set:
|
||
|
name: "{{ default_rule_set }}"
|
||
|
state: absent
|
||
|
force: True
|
||
|
<<: *aws_connection_info
|
||
|
# ============================================================
|
||
|
- name: Remove Inactive Rule Set in check mode
|
||
|
block:
|
||
|
- name: create rule set
|
||
|
aws_ses_rule_set:
|
||
|
name: "{{ default_rule_set }}"
|
||
|
<<: *aws_connection_info
|
||
|
- name: remove rule set
|
||
|
aws_ses_rule_set:
|
||
|
name: "{{ default_rule_set }}"
|
||
|
state: absent
|
||
|
<<: *aws_connection_info
|
||
|
register: result
|
||
|
check_mode: True
|
||
|
- name: assert changed and removed
|
||
|
assert:
|
||
|
that:
|
||
|
- result.changed == True
|
||
|
- "default_rule_set not in result.rule_sets|map(attribute='name')"
|
||
|
always:
|
||
|
- name: cleanup rule set
|
||
|
aws_ses_rule_set:
|
||
|
name: "{{ default_rule_set }}"
|
||
|
state: absent
|
||
|
force: True
|
||
|
<<: *aws_connection_info
|
||
|
register: result
|
||
|
- name: assert changed is True since previous removal was in check mode
|
||
|
assert:
|
||
|
that:
|
||
|
- result.changed == True
|