diff --git a/test/integration/Makefile b/test/integration/Makefile index 6e2acec341d..28de76c7cdf 100644 --- a/test/integration/Makefile +++ b/test/integration/Makefile @@ -144,6 +144,11 @@ rackspace: $(CREDENTIALS_FILE) CLOUD_RESOURCE_PREFIX="$(CLOUD_RESOURCE_PREFIX)" make rackspace_cleanup ; \ exit $$RC; +cloudstack: + ansible-playbook cloudstack.yml -i $(INVENTORY) -e @$(VARS_FILE) -e "resource_prefix=$(CLOUD_RESOURCE_PREFIX)" -v $(TEST_FLAGS) ; \ + RC=$$? ; \ + exit $$RC; + $(CONSUL_RUNNING): consul: diff --git a/test/integration/cloudstack.yml b/test/integration/cloudstack.yml new file mode 100644 index 00000000000..5f5e65c6cd1 --- /dev/null +++ b/test/integration/cloudstack.yml @@ -0,0 +1,13 @@ +--- +- hosts: localhost + connection: local + gather_facts: no + tags: + - cloudstack + roles: + - { role: test_cs_sshkeypair, tags: test_cs_sshkeypair } + - { role: test_cs_affinitygroup, tags: test_cs_affinitygroup } + - { role: test_cs_securitygroup, tags: test_cs_securitygroup } + - { role: test_cs_securitygroup_rule, tags: test_cs_securitygroup_rule } + - { role: test_cs_instance, tags: test_cs_instance } + - { role: test_cs_instancegroup, tags: test_cs_instancegroup } diff --git a/test/integration/roles/test_cs_affinitygroup/meta/main.yml b/test/integration/roles/test_cs_affinitygroup/meta/main.yml new file mode 100644 index 00000000000..03e38bd4f7a --- /dev/null +++ b/test/integration/roles/test_cs_affinitygroup/meta/main.yml @@ -0,0 +1,3 @@ +--- +dependencies: + - test_cs_common diff --git a/test/integration/roles/test_cs_affinitygroup/tasks/main.yml b/test/integration/roles/test_cs_affinitygroup/tasks/main.yml new file mode 100644 index 00000000000..7ebab20bad3 --- /dev/null +++ b/test/integration/roles/test_cs_affinitygroup/tasks/main.yml @@ -0,0 +1,58 @@ +--- +- name: setup + cs_affinitygroup: name={{ cs_resource_prefix }}_ag state=absent + register: ag +- name: verify setup + assert: + that: + - ag|success + +- name: test fail if missing name + action: cs_affinitygroup + register: ag + ignore_errors: true +- name: verify results of fail if missing name + assert: + that: + - ag|failed + - ag.msg == "missing required arguments: name" + +- name: test present affinity group + cs_affinitygroup: name={{ cs_resource_prefix }}_ag + register: ag +- name: verify results of create affinity group + assert: + that: + - ag|success + - ag|changed + - ag.name == "{{ cs_resource_prefix }}_ag" + +- name: test present affinity group is idempotence + cs_affinitygroup: name={{ cs_resource_prefix }}_ag + register: ag +- name: verify results present affinity group is idempotence + assert: + that: + - ag|success + - not ag|changed + - ag.name == "{{ cs_resource_prefix }}_ag" + +- name: test absent affinity group + cs_affinitygroup: name={{ cs_resource_prefix }}_ag state=absent + register: ag +- name: verify results of absent affinity group + assert: + that: + - ag|success + - ag|changed + - ag.name == "{{ cs_resource_prefix }}_ag" + +- name: test absent affinity group is idempotence + cs_affinitygroup: name={{ cs_resource_prefix }}_ag state=absent + register: ag +- name: verify results of absent affinity group is idempotence + assert: + that: + - ag|success + - not ag|changed + - ag.name is undefined diff --git a/test/integration/roles/test_cs_common/defaults/main.yml b/test/integration/roles/test_cs_common/defaults/main.yml new file mode 100644 index 00000000000..ba9674ac923 --- /dev/null +++ b/test/integration/roles/test_cs_common/defaults/main.yml @@ -0,0 +1,2 @@ +--- +cs_resource_prefix: cloudstack diff --git a/test/integration/roles/test_cs_instance/defaults/main.yml b/test/integration/roles/test_cs_instance/defaults/main.yml new file mode 100644 index 00000000000..585947ab43e --- /dev/null +++ b/test/integration/roles/test_cs_instance/defaults/main.yml @@ -0,0 +1,2 @@ +--- +instance_number: 1 diff --git a/test/integration/roles/test_cs_instance/meta/main.yml b/test/integration/roles/test_cs_instance/meta/main.yml new file mode 100644 index 00000000000..03e38bd4f7a --- /dev/null +++ b/test/integration/roles/test_cs_instance/meta/main.yml @@ -0,0 +1,3 @@ +--- +dependencies: + - test_cs_common diff --git a/test/integration/roles/test_cs_instance/tasks/absent.yml b/test/integration/roles/test_cs_instance/tasks/absent.yml new file mode 100644 index 00000000000..bafb3ec9e76 --- /dev/null +++ b/test/integration/roles/test_cs_instance/tasks/absent.yml @@ -0,0 +1,23 @@ +--- +- name: test destroy instance + cs_instance: + name: "{{ cs_resource_prefix }}-vm-{{ instance_number }}" + state: absent + register: instance +- name: verify destroy instance + assert: + that: + - instance|success + - instance|changed + - instance.state == "Destroyed" + +- name: test destroy instance idempotence + cs_instance: + name: "{{ cs_resource_prefix }}-vm-{{ instance_number }}" + state: absent + register: instance +- name: verify destroy instance idempotence + assert: + that: + - instance|success + - not instance|changed diff --git a/test/integration/roles/test_cs_instance/tasks/cleanup.yml b/test/integration/roles/test_cs_instance/tasks/cleanup.yml new file mode 100644 index 00000000000..63192dbd608 --- /dev/null +++ b/test/integration/roles/test_cs_instance/tasks/cleanup.yml @@ -0,0 +1,36 @@ +--- +- name: cleanup ssh key + cs_sshkeypair: name={{ cs_resource_prefix }}-sshkey state=absent + register: sshkey +- name: verify cleanup ssh key + assert: + that: + - sshkey|success + +- name: cleanup affinity group + cs_affinitygroup: name={{ cs_resource_prefix }}-ag state=absent + register: ag + until: ag|success + retries: 20 + delay: 5 +- name: verify cleanup affinity group + assert: + that: + - ag|success + +- name: cleanup security group ...take a while unless instance is expunged + cs_securitygroup: name={{ cs_resource_prefix }}-sg state=absent + register: sg + until: sg|success + retries: 100 + delay: 10 +- name: verify cleanup security group + assert: + that: + - sg|success + +# force expunge, only works with admin permissions +- cs_instance: + name: "{{ cs_resource_prefix }}-vm-{{ instance_number }}" + state: expunged + failed_when: false diff --git a/test/integration/roles/test_cs_instance/tasks/main.yml b/test/integration/roles/test_cs_instance/tasks/main.yml new file mode 100644 index 00000000000..479ea01c15d --- /dev/null +++ b/test/integration/roles/test_cs_instance/tasks/main.yml @@ -0,0 +1,11 @@ +--- +- include: setup.yml + tags: any +- include: present.yml + tags: test_cs_instance_present +#- include: tags.yml +# tags: test_cs_instance_tags +- include: absent.yml + tags: test_cs_instance_absent +- include: cleanup.yml + tags: test_cs_instance_cleanup diff --git a/test/integration/roles/test_cs_instance/tasks/present.yml b/test/integration/roles/test_cs_instance/tasks/present.yml new file mode 100644 index 00000000000..4337f0acf4d --- /dev/null +++ b/test/integration/roles/test_cs_instance/tasks/present.yml @@ -0,0 +1,168 @@ +--- +- name: test create instance + cs_instance: + name: "{{ cs_resource_prefix }}-vm-{{ instance_number }}" + template: Linux Debian 7 64-bit + service_offering: Tiny + affinity_group: "{{ cs_resource_prefix }}-ag" + security_group: "{{ cs_resource_prefix }}-sg" + ssh_key: "{{ cs_resource_prefix }}-sshkey" + tags: [] + register: instance +- name: verify create instance + assert: + that: + - instance|success + - instance|changed + - instance.name == "{{ cs_resource_prefix }}-vm-{{ instance_number }}" + - instance.display_name == "{{ cs_resource_prefix }}-vm-{{ instance_number }}" + - instance.service_offering == "Tiny" + - instance.state == "Running" + - instance.ssh_key == "{{ cs_resource_prefix }}-sshkey" + - not instance.tags + + +- name: test create instance idempotence + cs_instance: + name: "{{ cs_resource_prefix }}-vm-{{ instance_number }}" + template: Linux Debian 7 64-bit + service_offering: Tiny + affinity_group: "{{ cs_resource_prefix }}-ag" + security_group: "{{ cs_resource_prefix }}-sg" + ssh_key: "{{ cs_resource_prefix }}-sshkey" + tags: [] + register: instance +- name: verify create instance idempotence + assert: + that: + - instance|success + - not instance|changed + - instance.name == "{{ cs_resource_prefix }}-vm-{{ instance_number }}" + - instance.display_name == "{{ cs_resource_prefix }}-vm-{{ instance_number }}" + - instance.service_offering == "Tiny" + - instance.state == "Running" + - instance.ssh_key == "{{ cs_resource_prefix }}-sshkey" + - not instance.tags + + +- name: test running instance not updated + cs_instance: + name: "{{ cs_resource_prefix }}-vm-{{ instance_number }}" + service_offering: Micro + register: instance +- name: verify running instance not updated + assert: + that: + - instance|success + - not instance|changed + - instance.name == "{{ cs_resource_prefix }}-vm-{{ instance_number }}" + - instance.display_name == "{{ cs_resource_prefix }}-vm-{{ instance_number }}" + - instance.service_offering == "Tiny" + - instance.state == "Running" + + +- name: test stopping instance + cs_instance: + name: "{{ cs_resource_prefix }}-vm-{{ instance_number }}" + state: stopped + register: instance +- name: verify stopping instance + assert: + that: + - instance|success + - instance|changed + - instance.name == "{{ cs_resource_prefix }}-vm-{{ instance_number }}" + - instance.display_name == "{{ cs_resource_prefix }}-vm-{{ instance_number }}" + - instance.service_offering == "Tiny" + - instance.state == "Stopped" + + +- name: test stopping instance idempotence + cs_instance: + name: "{{ cs_resource_prefix }}-vm-{{ instance_number }}" + state: stopped + register: instance +- name: verify stopping instance idempotence + assert: + that: + - instance|success + - not instance|changed + - instance.state == "Stopped" + + +- name: test updating stopped instance + cs_instance: + name: "{{ cs_resource_prefix }}-vm-{{ instance_number }}" + display_name: "{{ cs_resource_prefix }}-display-{{ instance_number }}" + service_offering: Micro + register: instance +- name: verify updating stopped instance + assert: + that: + - instance|success + - instance|changed + - instance.name == "{{ cs_resource_prefix }}-vm-{{ instance_number }}" + - instance.display_name == "{{ cs_resource_prefix }}-display-{{ instance_number }}" + - instance.service_offering == "Micro" + - instance.state == "Stopped" + + +- name: test starting instance + cs_instance: + name: "{{ cs_resource_prefix }}-vm-{{ instance_number }}" + state: started + register: instance +- name: verify starting instance + assert: + that: + - instance|success + - instance|changed + - instance.name == "{{ cs_resource_prefix }}-vm-{{ instance_number }}" + - instance.display_name == "{{ cs_resource_prefix }}-display-{{ instance_number }}" + - instance.service_offering == "Micro" + - instance.state == "Running" + + +- name: test starting instance idempotence + cs_instance: + name: "{{ cs_resource_prefix }}-vm-{{ instance_number }}" + state: started + register: instance +- name: verify starting instance idempotence + assert: + that: + - instance|success + - not instance|changed + - instance.state == "Running" + +- name: test force update running instance + cs_instance: + name: "{{ cs_resource_prefix }}-vm-{{ instance_number }}" + service_offering: Tiny + force: true + register: instance +- name: verify force update running instance + assert: + that: + - instance|success + - instance|changed + - instance.name == "{{ cs_resource_prefix }}-vm-{{ instance_number }}" + - instance.display_name == "{{ cs_resource_prefix }}-vm-{{ instance_number }}" + - instance.service_offering == "Tiny" + - instance.state == "Running" + +- name: test force update running instance idempotence + cs_instance: + name: "{{ cs_resource_prefix }}-vm-{{ instance_number }}" + service_offering: Tiny + force: true + register: instance +- name: verify force update running instance idempotence + assert: + that: + - instance|success + - not instance|changed + - instance.name == "{{ cs_resource_prefix }}-vm-{{ instance_number }}" + - instance.display_name == "{{ cs_resource_prefix }}-vm-{{ instance_number }}" + - instance.service_offering == "Tiny" + - instance.state == "Running" diff --git a/test/integration/roles/test_cs_instance/tasks/setup.yml b/test/integration/roles/test_cs_instance/tasks/setup.yml new file mode 100644 index 00000000000..32f3ff13e24 --- /dev/null +++ b/test/integration/roles/test_cs_instance/tasks/setup.yml @@ -0,0 +1,32 @@ +--- +- name: setup ssh key + cs_sshkeypair: name={{ cs_resource_prefix }}-sshkey + register: sshkey +- name: verify setup ssh key + assert: + that: + - sshkey|success + +- name: setup affinity group + cs_affinitygroup: name={{ cs_resource_prefix }}-ag + register: ag +- name: verify setup affinity group + assert: + that: + - ag|success + +- name: setup security group + cs_securitygroup: name={{ cs_resource_prefix }}-sg + register: sg +- name: verify setup security group + assert: + that: + - sg|success + +- name: setup instance to be absent + cs_instance: name={{ cs_resource_prefix }}-vm-{{ instance_number }} state=absent + register: instance +- name: verify instance to be absent + assert: + that: + - instance|success diff --git a/test/integration/roles/test_cs_instance/tasks/tags.yml b/test/integration/roles/test_cs_instance/tasks/tags.yml new file mode 100644 index 00000000000..a86158df0fd --- /dev/null +++ b/test/integration/roles/test_cs_instance/tasks/tags.yml @@ -0,0 +1,82 @@ +--- +- name: test add tags to instance + cs_instance: + name: "{{ cs_resource_prefix }}-vm-{{ instance_number }}" + tags: + - { key: "{{ cs_resource_prefix }}-tag1", value: "{{ cs_resource_prefix }}-value1" } + - { key: "{{ cs_resource_prefix }}-tag2", value: "{{ cs_resource_prefix }}-value2" } + register: instance +- name: verify add tags to instance + assert: + that: + - instance|success + - instance|changed + - instance.tags|length == 2 + - instance.tags[0]['key'] == "{{ cs_resource_prefix }}-tag1" + - instance.tags[1]['key'] == "{{ cs_resource_prefix }}-tag2" + - instance.tags[0]['value'] == "{{ cs_resource_prefix }}-value1" + - instance.tags[1]['value'] == "{{ cs_resource_prefix }}-value2" + + +- name: test tags to instance idempotence + cs_instance: + name: "{{ cs_resource_prefix }}-vm-{{ instance_number }}" + tags: + - { key: "{{ cs_resource_prefix }}-tag1", value: "{{ cs_resource_prefix }}-value1" } + - { key: "{{ cs_resource_prefix }}-tag2", value: "{{ cs_resource_prefix }}-value2" } + register: instance +- name: verify tags to instance idempotence + assert: + that: + - instance|success + - not instance|changed + - instance.tags|length == 2 + - instance.tags[0]['key'] == "{{ cs_resource_prefix }}-tag1" + - instance.tags[1]['key'] == "{{ cs_resource_prefix }}-tag2" + - instance.tags[0]['value'] == "{{ cs_resource_prefix }}-value1" + - instance.tags[1]['value'] == "{{ cs_resource_prefix }}-value2" + +- name: test change tags of instance + cs_instance: + name: "{{ cs_resource_prefix }}-vm-{{ instance_number }}" + tags: + - { key: "{{ cs_resource_prefix }}-tag2", value: "{{ cs_resource_prefix }}-value2" } + - { key: "{{ cs_resource_prefix }}-tag3", value: "{{ cs_resource_prefix }}-value3" } + register: instance +- name: verify tags to instance idempotence + assert: + that: + - instance|success + - not instance|changed + - instance.tags|length == 2 + - instance.tags[0]['key'] == "{{ cs_resource_prefix }}-tag1" + - instance.tags[1]['key'] == "{{ cs_resource_prefix }}-tag3" + - instance.tags[0]['value'] == "{{ cs_resource_prefix }}-value1" + - instance.tags[1]['value'] == "{{ cs_resource_prefix }}-value3" + +- name: test not touch tags of instance if no param tags + cs_instance: + name: "{{ cs_resource_prefix }}-vm-{{ instance_number }}" + register: instance +- name: verify not touch tags of instance if no param tags + assert: + that: + - instance|success + - not instance|changed + - instance.tags|length == 2 + - instance.tags[0]['key'] == "{{ cs_resource_prefix }}-tag1" + - instance.tags[1]['key'] == "{{ cs_resource_prefix }}-tag3" + - instance.tags[0]['value'] == "{{ cs_resource_prefix }}-value1" + - instance.tags[1]['value'] == "{{ cs_resource_prefix }}-value3" + +- name: test remove tags + cs_instance: + name: "{{ cs_resource_prefix }}-vm-{{ instance_number }}" + tags: [] + register: instance +- name: verify remove tags + assert: + that: + - instance|success + - not instance|changed + - instance.tags|length == 0 diff --git a/test/integration/roles/test_cs_instancegroup/meta/main.yml b/test/integration/roles/test_cs_instancegroup/meta/main.yml new file mode 100644 index 00000000000..03e38bd4f7a --- /dev/null +++ b/test/integration/roles/test_cs_instancegroup/meta/main.yml @@ -0,0 +1,3 @@ +--- +dependencies: + - test_cs_common diff --git a/test/integration/roles/test_cs_instancegroup/tasks/main.yml b/test/integration/roles/test_cs_instancegroup/tasks/main.yml new file mode 100644 index 00000000000..e3a726bf6f7 --- /dev/null +++ b/test/integration/roles/test_cs_instancegroup/tasks/main.yml @@ -0,0 +1,58 @@ +--- +- name: setup + cs_instancegroup: name={{ cs_resource_prefix }}_ig state=absent + register: ig +- name: verify setup + assert: + that: + - ig|success + +- name: test fail if missing name + action: cs_instancegroup + register: ig + ignore_errors: true +- name: verify results of fail if missing name + assert: + that: + - ig|failed + - ig.msg == "missing required arguments: name" + +- name: test present instance group + cs_instancegroup: name={{ cs_resource_prefix }}_ig + register: ig +- name: verify results of create instance group + assert: + that: + - ig|success + - ig|changed + - ig.name == "{{ cs_resource_prefix }}_ig" + +- name: test present instance group is idempotence + cs_instancegroup: name={{ cs_resource_prefix }}_ig + register: ig +- name: verify results present instance group is idempotence + assert: + that: + - ig|success + - not ig|changed + - ig.name == "{{ cs_resource_prefix }}_ig" + +- name: test absent instance group + cs_instancegroup: name={{ cs_resource_prefix }}_ig state=absent + register: ig +- name: verify results of absent instance group + assert: + that: + - ig|success + - ig|changed + - ig.name == "{{ cs_resource_prefix }}_ig" + +- name: test absent instance group is idempotence + cs_instancegroup: name={{ cs_resource_prefix }}_ig state=absent + register: ig +- name: verify results of absent instance group is idempotence + assert: + that: + - ig|success + - not ig|changed + - ig.name is undefined diff --git a/test/integration/roles/test_cs_securitygroup/meta/main.yml b/test/integration/roles/test_cs_securitygroup/meta/main.yml new file mode 100644 index 00000000000..03e38bd4f7a --- /dev/null +++ b/test/integration/roles/test_cs_securitygroup/meta/main.yml @@ -0,0 +1,3 @@ +--- +dependencies: + - test_cs_common diff --git a/test/integration/roles/test_cs_securitygroup/tasks/main.yml b/test/integration/roles/test_cs_securitygroup/tasks/main.yml new file mode 100644 index 00000000000..d22871739e5 --- /dev/null +++ b/test/integration/roles/test_cs_securitygroup/tasks/main.yml @@ -0,0 +1,58 @@ +--- +- name: setup + cs_securitygroup: name={{ cs_resource_prefix }}_sg state=absent + register: sg +- name: verify setup + assert: + that: + - sg|success + +- name: test fail if missing name + action: cs_securitygroup + register: sg + ignore_errors: true +- name: verify results of fail if missing name + assert: + that: + - sg|failed + - sg.msg == "missing required arguments: name" + +- name: test present security group + cs_securitygroup: name={{ cs_resource_prefix }}_sg + register: sg +- name: verify results of create security group + assert: + that: + - sg|success + - sg|changed + - sg.name == "{{ cs_resource_prefix }}_sg" + +- name: test present security group is idempotence + cs_securitygroup: name={{ cs_resource_prefix }}_sg + register: sg +- name: verify results present security group is idempotence + assert: + that: + - sg|success + - not sg|changed + - sg.name == "{{ cs_resource_prefix }}_sg" + +- name: test absent security group + cs_securitygroup: name={{ cs_resource_prefix }}_sg state=absent + register: sg +- name: verify results of absent security group + assert: + that: + - sg|success + - sg|changed + - sg.name == "{{ cs_resource_prefix }}_sg" + +- name: test absent security group is idempotence + cs_securitygroup: name={{ cs_resource_prefix }}_sg state=absent + register: sg +- name: verify results of absent security group is idempotence + assert: + that: + - sg|success + - not sg|changed + - sg.name is undefined diff --git a/test/integration/roles/test_cs_securitygroup_rule/meta/main.yml b/test/integration/roles/test_cs_securitygroup_rule/meta/main.yml new file mode 100644 index 00000000000..03e38bd4f7a --- /dev/null +++ b/test/integration/roles/test_cs_securitygroup_rule/meta/main.yml @@ -0,0 +1,3 @@ +--- +dependencies: + - test_cs_common diff --git a/test/integration/roles/test_cs_securitygroup_rule/tasks/absent.yml b/test/integration/roles/test_cs_securitygroup_rule/tasks/absent.yml new file mode 100644 index 00000000000..8ee080a8aef --- /dev/null +++ b/test/integration/roles/test_cs_securitygroup_rule/tasks/absent.yml @@ -0,0 +1,105 @@ +- name: test remove http range rule + cs_securitygroup_rule: + security_group: default + start_port: 8000 + end_port: 8888 + cidr: 1.2.3.4/32 + state: absent + register: sg_rule +- name: verify create http range rule + assert: + that: + - sg_rule|success + - sg_rule|changed + - sg_rule.type == 'ingress' + - sg_rule.security_group == 'default' + - sg_rule.protocol == 'tcp' + - sg_rule.start_port == 8000 + - sg_rule.end_port == 8888 + - sg_rule.cidr == '1.2.3.4/32' + +- name: test remove http range rule idempotence + cs_securitygroup_rule: + security_group: default + start_port: 8000 + end_port: 8888 + cidr: 1.2.3.4/32 + state: absent + register: sg_rule +- name: verify create http range rule idempotence + assert: + that: + - sg_rule|success + - not sg_rule|changed + +- name: test remove single port udp rule + cs_securitygroup_rule: + security_group: default + port: 5353 + protocol: udp + type: egress + user_security_group: '{{ cs_resource_prefix }}_sg' + state: absent + register: sg_rule +- name: verify remove single port udp rule + assert: + that: + - sg_rule|success + - sg_rule|changed + - sg_rule.type == 'egress' + - sg_rule.security_group == 'default' + - sg_rule.protocol == 'udp' + - sg_rule.start_port == 5353 + - sg_rule.end_port == 5353 + - sg_rule.user_security_group == '{{ cs_resource_prefix }}_sg' + +- name: test remove single port udp rule idempotence + cs_securitygroup_rule: + security_group: default + port: 5353 + protocol: udp + type: egress + user_security_group: '{{ cs_resource_prefix }}_sg' + state: absent + register: sg_rule +- name: verify remove single port udp rule idempotence + assert: + that: + - sg_rule|success + - not sg_rule|changed + +- name: test remove icmp rule + cs_securitygroup_rule: + security_group: default + protocol: icmp + type: ingress + icmp_type: -1 + icmp_code: -1 + state: absent + register: sg_rule +- name: verify icmp rule + assert: + that: + - sg_rule|success + - sg_rule|changed + - sg_rule.type == 'ingress' + - sg_rule.security_group == 'default' + - sg_rule.cidr == '0.0.0.0/0' + - sg_rule.protocol == 'icmp' + - sg_rule.icmp_code == -1 + - sg_rule.icmp_type == -1 + +- name: test remove icmp rule idempotence + cs_securitygroup_rule: + security_group: default + protocol: icmp + type: ingress + icmp_type: -1 + icmp_code: -1 + state: absent + register: sg_rule +- name: verify icmp rule idempotence + assert: + that: + - sg_rule|success + - not sg_rule|changed diff --git a/test/integration/roles/test_cs_securitygroup_rule/tasks/cleanup.yml b/test/integration/roles/test_cs_securitygroup_rule/tasks/cleanup.yml new file mode 100644 index 00000000000..712ab5c6ce4 --- /dev/null +++ b/test/integration/roles/test_cs_securitygroup_rule/tasks/cleanup.yml @@ -0,0 +1,7 @@ +- name: cleanup custom security group + cs_securitygroup: name={{ cs_resource_prefix }}_sg state=absent + register: sg +- name: verify setup + assert: + that: + - sg|success diff --git a/test/integration/roles/test_cs_securitygroup_rule/tasks/main.yml b/test/integration/roles/test_cs_securitygroup_rule/tasks/main.yml new file mode 100644 index 00000000000..e76745cb543 --- /dev/null +++ b/test/integration/roles/test_cs_securitygroup_rule/tasks/main.yml @@ -0,0 +1,4 @@ +- include: setup.yml +- include: present.yml +- include: absent.yml +- include: cleanup.yml diff --git a/test/integration/roles/test_cs_securitygroup_rule/tasks/present.yml b/test/integration/roles/test_cs_securitygroup_rule/tasks/present.yml new file mode 100644 index 00000000000..92973290d40 --- /dev/null +++ b/test/integration/roles/test_cs_securitygroup_rule/tasks/present.yml @@ -0,0 +1,118 @@ +- name: test create http range rule + cs_securitygroup_rule: + security_group: default + start_port: 8000 + end_port: 8888 + cidr: 1.2.3.4/32 + register: sg_rule +- name: verify create http range rule + assert: + that: + - sg_rule|success + - sg_rule|changed + - sg_rule.type == 'ingress' + - sg_rule.security_group == 'default' + - sg_rule.protocol == 'tcp' + - sg_rule.start_port == 8000 + - sg_rule.end_port == 8888 + - sg_rule.cidr == '1.2.3.4/32' + +- name: test create http range rule idempotence + cs_securitygroup_rule: + security_group: default + start_port: 8000 + end_port: 8888 + cidr: 1.2.3.4/32 + register: sg_rule +- name: verify create http range rule idempotence + assert: + that: + - sg_rule|success + - not sg_rule|changed + - sg_rule.type == 'ingress' + - sg_rule.security_group == 'default' + - sg_rule.protocol == 'tcp' + - sg_rule.start_port == 8000 + - sg_rule.end_port == 8888 + - sg_rule.cidr == '1.2.3.4/32' + +- name: test create single port udp rule + cs_securitygroup_rule: + security_group: default + port: 5353 + protocol: udp + type: egress + user_security_group: '{{ cs_resource_prefix }}_sg' + register: sg_rule +- name: verify create single port udp rule + assert: + that: + - sg_rule|success + - sg_rule|changed + - sg_rule.type == 'egress' + - sg_rule.security_group == 'default' + - sg_rule.protocol == 'udp' + - sg_rule.start_port == 5353 + - sg_rule.end_port == 5353 + - sg_rule.user_security_group == '{{ cs_resource_prefix }}_sg' + + +- name: test single port udp rule idempotence + cs_securitygroup_rule: + security_group: default + port: 5353 + protocol: udp + type: egress + user_security_group: '{{ cs_resource_prefix }}_sg' + register: sg_rule +- name: verify single port udp rule idempotence + assert: + that: + - sg_rule|success + - not sg_rule|changed + - sg_rule.type == 'egress' + - sg_rule.security_group == 'default' + - sg_rule.protocol == 'udp' + - sg_rule.start_port == 5353 + - sg_rule.end_port == 5353 + - sg_rule.user_security_group == '{{ cs_resource_prefix }}_sg' + +- name: test icmp rule + cs_securitygroup_rule: + security_group: default + protocol: icmp + type: ingress + icmp_type: -1 + icmp_code: -1 + register: sg_rule +- name: verify icmp rule + assert: + that: + - sg_rule|success + - sg_rule|changed + - sg_rule.type == 'ingress' + - sg_rule.security_group == 'default' + - sg_rule.cidr == '0.0.0.0/0' + - sg_rule.protocol == 'icmp' + - sg_rule.icmp_code == -1 + - sg_rule.icmp_type == -1 + +- name: test icmp rule idempotence + cs_securitygroup_rule: + security_group: default + protocol: icmp + type: ingress + icmp_type: -1 + icmp_code: -1 + register: sg_rule +- name: verify icmp rule idempotence + assert: + that: + - sg_rule|success + - not sg_rule|changed + - sg_rule.type == 'ingress' + - sg_rule.security_group == 'default' + - sg_rule.cidr == '0.0.0.0/0' + - sg_rule.protocol == 'icmp' + - sg_rule.icmp_code == -1 + - sg_rule.icmp_type == -1 diff --git a/test/integration/roles/test_cs_securitygroup_rule/tasks/setup.yml b/test/integration/roles/test_cs_securitygroup_rule/tasks/setup.yml new file mode 100644 index 00000000000..797330ebc18 --- /dev/null +++ b/test/integration/roles/test_cs_securitygroup_rule/tasks/setup.yml @@ -0,0 +1,56 @@ +- name: setup custom security group + cs_securitygroup: name={{ cs_resource_prefix }}_sg + register: sg +- name: verify setup + assert: + that: + - sg|success + +- name: setup default security group + cs_securitygroup: name=default + register: sg +- name: verify setup + assert: + that: + - sg|success + +- name: setup remove icmp rule + cs_securitygroup_rule: + security_group: default + protocol: icmp + type: ingress + icmp_type: -1 + icmp_code: -1 + state: absent + register: sg_rule +- name: verify remove icmp rule + assert: + that: + - sg_rule|success + +- name: setup remove http range rule + cs_securitygroup_rule: + security_group: default + start_port: 8000 + end_port: 8888 + cidr: 1.2.3.4/32 + state: absent + register: sg_rule +- name: verify remove http range rule + assert: + that: + - sg_rule|success + +- name: setup remove single port udp rule + cs_securitygroup_rule: + security_group: default + port: 5353 + protocol: udp + type: egress + user_security_group: '{{ cs_resource_prefix }}-user-sg' + state: absent + register: sg_rule +- name: verify remove single port udp rule + assert: + that: + - sg_rule|success diff --git a/test/integration/roles/test_cs_sshkeypair/meta/main.yml b/test/integration/roles/test_cs_sshkeypair/meta/main.yml new file mode 100644 index 00000000000..03e38bd4f7a --- /dev/null +++ b/test/integration/roles/test_cs_sshkeypair/meta/main.yml @@ -0,0 +1,3 @@ +--- +dependencies: + - test_cs_common diff --git a/test/integration/roles/test_cs_sshkeypair/tasks/main.yml b/test/integration/roles/test_cs_sshkeypair/tasks/main.yml new file mode 100644 index 00000000000..35023b38aa1 --- /dev/null +++ b/test/integration/roles/test_cs_sshkeypair/tasks/main.yml @@ -0,0 +1,89 @@ +--- +- name: setup cleanup + cs_sshkeypair: name={{ cs_resource_prefix }}-sshkey state=absent + +- name: test fail on missing name + action: cs_sshkeypair + ignore_errors: true + register: sshkey +- name: verify results of fail on missing name + assert: + that: + - sshkey|failed + - sshkey.msg == "missing required arguments: name" + +- name: test ssh key creation + cs_sshkeypair: name={{ cs_resource_prefix }}-sshkey + register: sshkey +- name: verify results of ssh key creation + assert: + that: + - sshkey|success + - sshkey|changed + - sshkey.fingerprint is defined and sshkey.fingerprint != "" + - sshkey.private_key is defined and sshkey.private_key != "" + - sshkey.name == "{{ cs_resource_prefix }}-sshkey" + +- name: test ssh key creation idempotence + cs_sshkeypair: name={{ cs_resource_prefix }}-sshkey + register: sshkey2 +- name: verify results of ssh key creation idempotence + assert: + that: + - sshkey2|success + - not sshkey2|changed + - sshkey2.fingerprint is defined and sshkey2.fingerprint == sshkey.fingerprint + - sshkey2.private_key is not defined + - sshkey2.name == "{{ cs_resource_prefix }}-sshkey" + +- name: test replace ssh public key + cs_sshkeypair: | + name={{ cs_resource_prefix }}-sshkey + public_key="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDsTI7KJZ8tz/CwQIrSol41c6s3vzkGYCMI8o7P9Et48UG9eRoGaMaGYaTvBTj/VQrD7cfurI6Bn0HTT3FLK3OHOweyelm9rIiQ2hjkSl+2lIKWHu992GO58E5Gcy9yYW4sHGgGLNZkPBKrrj0w7lhmiHjPtVnf+2+7Ix1WOO2/HXPcAHhsX/AlyItDewIL4mr/BT83vq0202sPCiM2cFQJl+5WGwS1wYYK8d167cspsmdyX7OyAFCUB0vueuqjE8MFqJvyIJR9y8Lj9Ny71pSV5/QWrXUgELxMYOKSby3gHkxcIXgYBMFLl4DipRTO74OWQlRRaOlqXlOOQbikcY4T rene.moser@swisstxt.ch" + register: sshkey3 +- name: verify results of replace ssh public key + assert: + that: + - sshkey3|success + - sshkey3|changed + - sshkey3.fingerprint is defined and sshkey3.fingerprint != sshkey2.fingerprint + - sshkey3.private_key is not defined + - sshkey3.name == "{{ cs_resource_prefix }}-sshkey" + +- name: test replace ssh public key idempotence + cs_sshkeypair: | + name={{ cs_resource_prefix }}-sshkey + public_key="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDsTI7KJZ8tz/CwQIrSol41c6s3vzkGYCMI8o7P9Et48UG9eRoGaMaGYaTvBTj/VQrD7cfurI6Bn0HTT3FLK3OHOweyelm9rIiQ2hjkSl+2lIKWHu992GO58E5Gcy9yYW4sHGgGLNZkPBKrrj0w7lhmiHjPtVnf+2+7Ix1WOO2/HXPcAHhsX/AlyItDewIL4mr/BT83vq0202sPCiM2cFQJl+5WGwS1wYYK8d167cspsmdyX7OyAFCUB0vueuqjE8MFqJvyIJR9y8Lj9Ny71pSV5/QWrXUgELxMYOKSby3gHkxcIXgYBMFLl4DipRTO74OWQlRRaOlqXlOOQbikcY4T rene.moser@swisstxt.ch" + register: sshkey4 +- name: verify results of ssh public key idempotence + assert: + that: + - sshkey4|success + - not sshkey4|changed + - sshkey4.fingerprint is defined and sshkey4.fingerprint == sshkey3.fingerprint + - sshkey4.private_key is not defined + - sshkey4.name == "{{ cs_resource_prefix }}-sshkey" + +- name: test ssh key absent + cs_sshkeypair: name={{ cs_resource_prefix }}-sshkey state=absent + register: sshkey5 +- name: verify result of key absent + assert: + that: + - sshkey5|success + - sshkey5|changed + - sshkey5.fingerprint is defined and sshkey5.fingerprint == sshkey3.fingerprint + - sshkey5.private_key is not defined + - sshkey5.name == "{{ cs_resource_prefix }}-sshkey" + +- name: test ssh key absent idempotence + cs_sshkeypair: name={{ cs_resource_prefix }}-sshkey state=absent + register: sshkey6 +- name: verify result of ssh key absent idempotence + assert: + that: + - sshkey6|success + - not sshkey6|changed + - sshkey6.fingerprint is not defined + - sshkey6.private_key is not defined + - sshkey6.name is not defined