ansible/test/integration/targets/ecs_cluster/tasks/network_fail.yml
Will Thames 924352a051 ecs_cluster test suite refactor (#57716)
* Combine testing policies

Because of the maximum of 10 policies per group, need to
consolidate testing policies as best we can.

* Tidy put-account-setting tasks and add permission

Using `environment` and `command` rather than `shell` avoids the
need for `no_log` and means that people can fix the problem

* refactor ecs_cluster test suite

move from runme.sh technique to virtualenv

use ec2_instance rather than ec2 module to
avoid need for boto
2019-06-17 11:41:20 -07:00

216 lines
6.9 KiB
YAML

- block:
- name: set up aws connection info
set_fact:
aws_connection_info: &aws_connection_info
aws_access_key: "{{ aws_access_key }}"
aws_secret_key: "{{ aws_secret_key }}"
security_token: "{{ security_token }}"
region: "{{ aws_region }}"
no_log: True
- name: create ecs cluster
ecs_cluster:
name: "{{ resource_prefix }}"
state: present
<<: *aws_connection_info
- name: create ecs_taskdefinition with bridged network
ecs_taskdefinition:
containers:
- name: my_container
image: ubuntu
memory: 128
family: "{{ resource_prefix }}"
state: present
network_mode: bridge
<<: *aws_connection_info
register: ecs_taskdefinition_creation
- name: create ecs_taskdefinition with awsvpc network
ecs_taskdefinition:
containers:
- name: my_container
image: ubuntu
memory: 128
family: "{{ resource_prefix }}-vpc"
state: present
network_mode: awsvpc
<<: *aws_connection_info
register: ecs_taskdefinition_creation_vpc
- name: create ecs_taskdefinition and execution_role_arn (expected to fail)
ecs_taskdefinition:
containers:
- name: my_container
image: ubuntu
memory: 128
family: "{{ resource_prefix }}-vpc"
execution_role_arn: not_a_real_arn
state: present
network_mode: awsvpc
<<: *aws_connection_info
ignore_errors: yes
register: ecs_taskdefinition_arn
- name: check that graceful failure message is returned from ecs_taskdefinition_arn
assert:
that:
- ecs_taskdefinition_arn.failed
- 'ecs_taskdefinition_arn.msg == "botocore needs to be version 1.10.44 or higher to use execution_role_arn"'
- name: ecs_taskdefinition works fine even when older botocore is used
assert:
that:
- ecs_taskdefinition_creation_vpc.changed
- name: create ecs_service using bridged network
ecs_service:
name: "{{ resource_prefix }}"
cluster: "{{ resource_prefix }}"
task_definition: "{{ resource_prefix }}"
desired_count: 1
state: present
<<: *aws_connection_info
register: ecs_service_creation
- name: create ecs_service using awsvpc network_configuration
ecs_service:
name: "{{ resource_prefix }}-vpc"
cluster: "{{ resource_prefix }}"
task_definition: "{{ resource_prefix }}-vpc"
desired_count: 1
network_configuration:
subnets:
- subnet-abcd1234
security_groups:
- sg-abcd1234
state: present
<<: *aws_connection_info
register: ecs_service_creation_vpc
ignore_errors: yes
- name: check that graceful failure message is returned from ecs_service
assert:
that:
- ecs_service_creation_vpc.failed
- 'ecs_service_creation_vpc.msg == "botocore needs to be version 1.7.44 or higher to use network configuration"'
- name: create ecs_service using awsvpc network_configuration and launch_type
ecs_service:
name: "{{ resource_prefix }}-vpc"
cluster: "{{ resource_prefix }}"
task_definition: "{{ resource_prefix }}-vpc"
desired_count: 1
network_configuration:
subnets:
- subnet-abcd1234
security_groups:
- sg-abcd1234
launch_type: FARGATE
state: present
<<: *aws_connection_info
register: ecs_service_creation_vpc_launchtype
ignore_errors: yes
- name: check that graceful failure message is returned from ecs_service
assert:
that:
- ecs_service_creation_vpc_launchtype.failed
- 'ecs_service_creation_vpc_launchtype.msg == "botocore needs to be version 1.7.44 or higher to use network configuration"'
- name: create ecs_service with launchtype and missing network_configuration
ecs_service:
name: "{{ resource_prefix }}-vpc"
cluster: "{{ resource_prefix }}"
task_definition: "{{ resource_prefix }}-vpc"
desired_count: 1
launch_type: FARGATE
state: present
<<: *aws_connection_info
register: ecs_service_creation_vpc_launchtype_nonet
ignore_errors: yes
- name: check that graceful failure message is returned from ecs_service
assert:
that:
- ecs_service_creation_vpc_launchtype_nonet.failed
- 'ecs_service_creation_vpc_launchtype_nonet.msg == "launch_type is FARGATE but all of the following are missing: network_configuration"'
- name: create ecs_task using awsvpc network_configuration
ecs_task:
cluster: "{{ resource_prefix }}-vpc"
task_definition: "{{ resource_prefix }}"
operation: run
count: 1
started_by: me
network_configuration:
subnets:
- subnet-abcd1234
security_groups:
- sg-abcd1234
<<: *aws_connection_info
register: ecs_task_creation_vpc
ignore_errors: yes
- name: check that graceful failure message is returned from ecs_task
assert:
that:
- ecs_task_creation_vpc.failed
- 'ecs_task_creation_vpc.msg == "botocore needs to be version 1.7.44 or higher to use network configuration"'
always:
- name: scale down ecs service
ecs_service:
name: "{{ resource_prefix }}"
cluster: "{{ resource_prefix }}"
task_definition: "{{ resource_prefix }}"
desired_count: 0
state: present
<<: *aws_connection_info
ignore_errors: yes
- name: pause to wait for scale down
pause:
seconds: 30
- name: remove ecs service
ecs_service:
name: "{{ resource_prefix }}"
cluster: "{{ resource_prefix }}"
task_definition: "{{ resource_prefix }}"
desired_count: 1
state: absent
<<: *aws_connection_info
ignore_errors: yes
- name: remove ecs task definition
ecs_taskdefinition:
containers:
- name: my_container
image: ubuntu
memory: 128
family: "{{ resource_prefix }}"
revision: "{{ ecs_taskdefinition_creation.taskdefinition.revision }}"
state: absent
<<: *aws_connection_info
ignore_errors: yes
- name: remove ecs task definition vpc
ecs_taskdefinition:
containers:
- name: my_container
image: ubuntu
memory: 128
family: "{{ resource_prefix }}-vpc"
revision: "{{ ecs_taskdefinition_creation_vpc.taskdefinition.revision }}"
state: absent
<<: *aws_connection_info
ignore_errors: yes
- name: remove ecs cluster
ecs_cluster:
name: "{{ resource_prefix }}"
state: absent
<<: *aws_connection_info
ignore_errors: yes