ansible/test/integration/targets/aws_ses_identity/tasks/main.yaml

649 lines
20 KiB
YAML
Raw Normal View History

---
# ============================================================
- name: set up aws connection info
set_fact:
aws_connection_info: &aws_connection_info
aws_access_key: "{{ aws_access_key }}"
aws_secret_key: "{{ aws_secret_key }}"
security_token: "{{ security_token }}"
region: "{{ aws_region }}"
no_log: yes
- name: test register email identity
block:
- name: register email identity
aws_ses_identity:
identity: "{{ email_identity }}"
state: present
<<: *aws_connection_info
register: result
- name: assert changed is True
assert:
that:
- result.changed == True
- import_tasks: assert_defaults.yaml
vars:
identity: "{{ email_identity }}"
always:
- name: cleanup email identity
aws_ses_identity:
identity: "{{ email_identity }}"
state: absent
<<: *aws_connection_info
# ============================================================
- name: test register domain identity
block:
- name: register domain identity
aws_ses_identity:
identity: "{{ domain_identity }}"
state: present
<<: *aws_connection_info
register: result
- name: assert changed is True
assert:
that:
- result.changed == True
- import_tasks: assert_defaults.yaml
vars:
identity: "{{ domain_identity }}"
- name: assert verification_attributes.verification_token is defined
assert:
that:
- result.verification_attributes.verification_token
always:
- name: cleanup domain identity
aws_ses_identity:
identity: "{{ domain_identity }}"
state: absent
<<: *aws_connection_info
# ============================================================
- name: test email_identity unchanged when already existing
block:
- name: register identity
aws_ses_identity:
identity: "{{ email_identity }}"
state: present
<<: *aws_connection_info
- name: duplicate register identity
aws_ses_identity:
identity: "{{ email_identity }}"
state: present
<<: *aws_connection_info
register: result
- name: assert changed is False
assert:
that:
- result.changed == False
- import_tasks: assert_defaults.yaml
vars:
identity: "{{ email_identity }}"
always:
- name: cleanup identity
aws_ses_identity:
identity: "{{ email_identity }}"
state: absent
<<: *aws_connection_info
# ============================================================
- name: test domain_identity unchanged when already existing
block:
- name: register identity
aws_ses_identity:
identity: "{{ domain_identity }}"
state: present
<<: *aws_connection_info
- name: duplicate register identity
aws_ses_identity:
identity: "{{ domain_identity }}"
state: present
<<: *aws_connection_info
register: result
- name: assert changed is False
assert:
that:
- result.changed == False
- import_tasks: assert_defaults.yaml
vars:
identity: "{{ domain_identity }}"
always:
- name: cleanup identity
aws_ses_identity:
identity: "{{ domain_identity }}"
state: absent
<<: *aws_connection_info
# ============================================================
# Test for https://github.com/ansible/ansible/issues/51531
# because aws region is explicitly used rather than just to
# obtain a connection, make sure this still works when
# region comes from an environment rather than a parameter.
- name: test register identity without explicit region
block:
- name: register email identity without explicit region
aws_ses_identity:
identity: "{{ email_identity }}"
state: present
<<: *aws_connection_info
region: "{{ omit }}"
register: result
environment:
AWS_DEFAULT_REGION: "{{ aws_region }}"
- name: assert changed is True
assert:
that:
- result.changed == True
- import_tasks: assert_defaults.yaml
vars:
identity: "{{ email_identity }}"
always:
- name: cleanup email identity
aws_ses_identity:
identity: "{{ email_identity }}"
state: absent
<<: *aws_connection_info
# ============================================================
- name: test register email identity check mode
block:
- name: register email identity check mode
aws_ses_identity:
identity: "{{ email_identity }}"
state: present
<<: *aws_connection_info
register: result
check_mode: True
- name: assert changed is True
assert:
that:
- result.changed == True
- import_tasks: assert_defaults.yaml
vars:
identity: "{{ email_identity }}"
always:
- name: cleanup email identity
aws_ses_identity:
identity: "{{ email_identity }}"
state: absent
<<: *aws_connection_info
register: result
- name: assert nothing to clean up since check mode
assert:
that:
- result.changed == False
# ============================================================
- name: test register domain identity check mode
block:
- name: register domain identity check mode
aws_ses_identity:
identity: "{{ domain_identity }}"
state: present
<<: *aws_connection_info
register: result
check_mode: True
- name: assert changed is True
assert:
that:
- result.changed == True
- import_tasks: assert_defaults.yaml
vars:
identity: "{{ domain_identity }}"
always:
- name: cleanup domain identity
aws_ses_identity:
identity: "{{ domain_identity }}"
state: absent
<<: *aws_connection_info
register: result
- name: assert nothing to clean up since check mode
assert:
that:
- result.changed == False
# ============================================================
- name: remove non-existent email identity
aws_ses_identity:
identity: "{{ email_identity }}"
state: absent
<<: *aws_connection_info
register: result
- name: assert changed is False
assert:
that:
- result.changed == False
# ============================================================
- name: remove non-existent domain identity
aws_ses_identity:
identity: "{{ domain_identity }}"
state: absent
<<: *aws_connection_info
register: result
- name: assert changed is False
assert:
that:
- result.changed == False
# ============================================================
- name: test remove email identity check mode
block:
- name: register email identity
aws_ses_identity:
identity: "{{ email_identity }}"
state: present
<<: *aws_connection_info
register: result
- name: remove email identity check mode
aws_ses_identity:
identity: "{{ email_identity }}"
state: absent
<<: *aws_connection_info
register: result
check_mode: True
- name: assert changed is True
assert:
that:
- result.changed == True
always:
- name: cleanup email identity
aws_ses_identity:
identity: "{{ email_identity }}"
state: absent
<<: *aws_connection_info
register: result
- name: assert something to clean up since remove was check mode
assert:
that:
- result.changed == True
# ============================================================
- name: test remove domain identity check mode
block:
- name: register domain identity
aws_ses_identity:
identity: "{{ domain_identity }}"
state: present
<<: *aws_connection_info
register: result
- name: remove domain identity check mode
aws_ses_identity:
identity: "{{ domain_identity }}"
state: absent
<<: *aws_connection_info
register: result
check_mode: True
- name: assert changed is True
assert:
that:
- result.changed == True
always:
- name: cleanup domain identity
aws_ses_identity:
identity: "{{ domain_identity }}"
state: absent
<<: *aws_connection_info
register: result
- name: assert something to clean up since remove was check mode
assert:
that:
- result.changed == True
# ============================================================
- name: test set notification queues
block:
- name: test topic
sns_topic:
name: "{{ notification_queue_name }}-{{ item }}"
state: present
<<: *aws_connection_info
register: topic_info
with_items:
- bounce
- complaint
- delivery
- name: register email identity
aws_ses_identity:
identity: "{{ email_identity }}"
state: present
bounce_notifications:
topic: "{{ topic_info.results[0].sns_arn }}"
complaint_notifications:
topic: "{{ topic_info.results[1].sns_arn }}"
delivery_notifications:
topic: "{{ topic_info.results[2].sns_arn }}"
<<: *aws_connection_info
register: result
- name: assert notification settings
assert:
that:
- result.notification_attributes.bounce_topic == topic_info.results[0].sns_arn
- result.notification_attributes.complaint_topic == topic_info.results[1].sns_arn
- result.notification_attributes.delivery_topic == topic_info.results[2].sns_arn
- name: assert notification headers unchanged
assert:
that:
- result.notification_attributes.headers_in_bounce_notifications_enabled == False
- result.notification_attributes.headers_in_complaint_notifications_enabled == False
- result.notification_attributes.headers_in_delivery_notifications_enabled == False
always:
- name: cleanup topics
sns_topic:
name: "{{ notification_queue_name }}-{{ item }}"
state: absent
<<: *aws_connection_info
with_items:
- bounce
- complaint
- delivery
- name: cleanup email identity
aws_ses_identity:
identity: "{{ email_identity }}"
state: absent
<<: *aws_connection_info
# ============================================================
- name: test change notification queues after create
block:
- name: test topic
sns_topic:
name: "{{ notification_queue_name }}-{{ item }}"
state: present
<<: *aws_connection_info
register: topic_info
with_items:
- bounce
- complaint
- delivery
- name: register email identity
aws_ses_identity:
identity: "{{ email_identity }}"
state: present
<<: *aws_connection_info
- name: set notification topics
aws_ses_identity:
identity: "{{ email_identity }}"
state: present
bounce_notifications:
topic: "{{ topic_info.results[0].sns_arn }}"
complaint_notifications:
topic: "{{ topic_info.results[1].sns_arn }}"
delivery_notifications:
topic: "{{ topic_info.results[2].sns_arn }}"
<<: *aws_connection_info
register: result
- name: assert changed is True
assert:
that:
- result.changed == True
- name: assert notification settings
assert:
that:
- result.notification_attributes.bounce_topic == topic_info.results[0].sns_arn
- result.notification_attributes.complaint_topic == topic_info.results[1].sns_arn
- result.notification_attributes.delivery_topic == topic_info.results[2].sns_arn
always:
- name: cleanup topics
sns_topic:
name: "{{ notification_queue_name }}-{{ item }}"
state: absent
<<: *aws_connection_info
with_items:
- bounce
- complaint
- delivery
- name: cleanup email identity
aws_ses_identity:
identity: "{{ email_identity }}"
state: absent
<<: *aws_connection_info
# ============================================================
- name: test change notification settings check mode
block:
- name: test topic
sns_topic:
name: "{{ notification_queue_name }}-{{ item }}"
state: present
<<: *aws_connection_info
register: topic_info
with_items:
- bounce
- complaint
- delivery
- name: register email identity
aws_ses_identity:
identity: "{{ email_identity }}"
state: present
<<: *aws_connection_info
- name: set notification settings check mode
aws_ses_identity:
identity: "{{ email_identity }}"
state: present
bounce_notifications:
topic: "{{ topic_info.results[0].sns_arn }}"
include_headers: Yes
complaint_notifications:
topic: "{{ topic_info.results[1].sns_arn }}"
include_headers: Yes
delivery_notifications:
topic: "{{ topic_info.results[2].sns_arn }}"
include_headers: Yes
feedback_forwarding: No
<<: *aws_connection_info
register: result
check_mode: True
- name: assert changed is True
assert:
that:
- result.changed == True
- name: assert notification settings
assert:
that:
- result.notification_attributes.bounce_topic == topic_info.results[0].sns_arn
- result.notification_attributes.headers_in_bounce_notifications_enabled == True
- result.notification_attributes.delivery_topic == topic_info.results[2].sns_arn
- result.notification_attributes.headers_in_delivery_notifications_enabled == True
- result.notification_attributes.complaint_topic == topic_info.results[1].sns_arn
- result.notification_attributes.headers_in_complaint_notifications_enabled == True
- result.notification_attributes.forwarding_enabled == False
- name: re-register base email identity
aws_ses_identity:
identity: "{{ email_identity }}"
state: present
<<: *aws_connection_info
register: result
- name: assert no change since notifications were check mode
assert:
that:
- result.changed == False
- "'bounce_topic' not in result.notification_attributes"
- result.notification_attributes.headers_in_bounce_notifications_enabled == False
- "'delivery_topic' not in result.notification_attributes"
- result.notification_attributes.headers_in_delivery_notifications_enabled == False
- "'complaint_topic' not in result.notification_attributes"
- result.notification_attributes.headers_in_complaint_notifications_enabled == False
- result.notification_attributes.forwarding_enabled == True
always:
- name: cleanup topics
sns_topic:
name: "{{ notification_queue_name }}-{{ item }}"
state: absent
<<: *aws_connection_info
with_items:
- bounce
- complaint
- delivery
- name: cleanup email identity
aws_ses_identity:
identity: "{{ email_identity }}"
state: absent
<<: *aws_connection_info
# ============================================================
- name: test include headers on notification queues
block:
- name: register email identity
aws_ses_identity:
identity: "{{ email_identity }}"
state: present
bounce_notifications:
include_headers: Yes
complaint_notifications:
include_headers: Yes
delivery_notifications:
include_headers: Yes
<<: *aws_connection_info
register: result
- name: assert notification headers enabled
assert:
that:
- result.notification_attributes.headers_in_bounce_notifications_enabled == True
- result.notification_attributes.headers_in_complaint_notifications_enabled == True
- result.notification_attributes.headers_in_delivery_notifications_enabled == True
always:
- name: cleanup email identity
aws_ses_identity:
identity: "{{ email_identity }}"
state: absent
<<: *aws_connection_info
# ============================================================
- name: test disable feedback forwarding
block:
- name: test topic
sns_topic:
name: "{{ notification_queue_name }}-{{ item }}"
state: present
<<: *aws_connection_info
register: topic_info
with_items:
- bounce
- complaint
- name: register email identity
aws_ses_identity:
identity: "{{ email_identity }}"
state: present
bounce_notifications:
topic: "{{ topic_info.results[0].sns_arn }}"
complaint_notifications:
topic: "{{ topic_info.results[1].sns_arn }}"
feedback_forwarding: No
<<: *aws_connection_info
register: result
- name: assert feedback_forwarding == False
assert:
that:
- result.notification_attributes.forwarding_enabled == False
always:
- name: cleanup topics
sns_topic:
name: "{{ notification_queue_name }}-{{ item }}"
state: absent
<<: *aws_connection_info
with_items:
- bounce
- complaint
- name: cleanup email identity
aws_ses_identity:
identity: "{{ email_identity }}"
state: absent
<<: *aws_connection_info
# ============================================================
- name: test disable feedback forwarding fails if no topics
block:
- name: register identity
aws_ses_identity:
identity: "{{ domain_identity }}"
state: present
feedback_forwarding: No
<<: *aws_connection_info
register: result
failed_when: result.failed == False
- name: assert error message starts with "Invalid Parameter Value"
assert:
that:
- '"Invalid Parameter Value" in result.msg'
always:
- name: cleanup identity
aws_ses_identity:
identity: "{{ domain_identity }}"
state: absent
<<: *aws_connection_info
# ============================================================
- name: test disable feedback forwarding fails if no complaint topic
block:
- name: test topic
sns_topic:
name: "{{ notification_queue_name }}-bounce"
state: present
<<: *aws_connection_info
register: topic_info
- name: register email identity
aws_ses_identity:
identity: "{{ email_identity }}"
state: present
bounce_notifications:
topic: "{{ topic_info.sns_arn }}"
feedback_forwarding: No
<<: *aws_connection_info
register: result
failed_when: result.failed == False
- name: assert error message starts with "Invalid Parameter Value"
assert:
that:
- '"Invalid Parameter Value" in result.msg'
always:
- name: cleanup topics
sns_topic:
name: "{{ notification_queue_name }}-bounce"
state: absent
<<: *aws_connection_info
- name: cleanup identity
aws_ses_identity:
identity: "{{ email_identity }}"
state: absent
<<: *aws_connection_info
# ============================================================
- name: test disable feedback forwarding fails if no bounce topic
block:
- name: test topic
sns_topic:
name: "{{ notification_queue_name }}-complaint"
state: present
<<: *aws_connection_info
register: topic_info
- name: register email identity
aws_ses_identity:
identity: "{{ email_identity }}"
state: present
complaint_notifications:
topic: "{{ topic_info.sns_arn }}"
feedback_forwarding: No
<<: *aws_connection_info
register: result
failed_when: result.failed == False
- name: assert error message starts with "Invalid Parameter Value"
assert:
that:
- '"Invalid Parameter Value" in result.msg'
always:
- name: cleanup topics
sns_topic:
name: "{{ notification_queue_name }}-complaint"
state: absent
<<: *aws_connection_info
- name: cleanup identity
aws_ses_identity:
identity: "{{ email_identity }}"
state: absent
<<: *aws_connection_info