d16bc1c3f4
* Add aws_ses_identity module * Update CI alias, add BotoCoreError exception handling. * Add SES and SNS permissions to hacking/aws_config to run aws_ses_identity integration tests
408 lines
14 KiB
YAML
408 lines
14 KiB
YAML
---
|
|
# ============================================================
|
|
- name: test register email identity
|
|
block:
|
|
- name: register email identity
|
|
aws_ses_identity:
|
|
identity: "{{ email_identity }}"
|
|
state: present
|
|
region: "{{ ec2_region }}"
|
|
aws_access_key: "{{ ec2_access_key }}"
|
|
aws_secret_key: "{{ ec2_secret_key }}"
|
|
security_token: "{{security_token}}"
|
|
register: result
|
|
- name: assert changed is True
|
|
assert:
|
|
that:
|
|
- result.changed == True
|
|
- import_tasks: assert_defaults.yaml
|
|
vars:
|
|
identity: "{{ email_identity }}"
|
|
always:
|
|
- name: cleanup email identity
|
|
aws_ses_identity:
|
|
identity: "{{ email_identity }}"
|
|
state: absent
|
|
region: "{{ ec2_region }}"
|
|
aws_access_key: "{{ ec2_access_key }}"
|
|
aws_secret_key: "{{ ec2_secret_key }}"
|
|
security_token: "{{security_token}}"
|
|
# ============================================================
|
|
- name: test register domain identity
|
|
block:
|
|
- name: register domain identity
|
|
aws_ses_identity:
|
|
identity: "{{ domain_identity }}"
|
|
state: present
|
|
region: "{{ ec2_region }}"
|
|
aws_access_key: "{{ ec2_access_key }}"
|
|
aws_secret_key: "{{ ec2_secret_key }}"
|
|
security_token: "{{security_token}}"
|
|
register: result
|
|
- name: assert changed is True
|
|
assert:
|
|
that:
|
|
- result.changed == True
|
|
- import_tasks: assert_defaults.yaml
|
|
vars:
|
|
identity: "{{ domain_identity }}"
|
|
- name: assert verification_attributes.verification_token is defined
|
|
assert:
|
|
that:
|
|
- result.verification_attributes.verification_token
|
|
always:
|
|
- name: cleanup domain identity
|
|
aws_ses_identity:
|
|
identity: "{{ domain_identity }}"
|
|
state: absent
|
|
region: "{{ ec2_region }}"
|
|
aws_access_key: "{{ ec2_access_key }}"
|
|
aws_secret_key: "{{ ec2_secret_key }}"
|
|
security_token: "{{security_token}}"
|
|
# ============================================================
|
|
- name: test email_identity unchanged when already existing
|
|
block:
|
|
- name: register identity
|
|
aws_ses_identity:
|
|
identity: "{{ email_identity }}"
|
|
state: present
|
|
region: "{{ ec2_region }}"
|
|
aws_access_key: "{{ ec2_access_key }}"
|
|
aws_secret_key: "{{ ec2_secret_key }}"
|
|
security_token: "{{security_token}}"
|
|
- name: duplicate register identity
|
|
aws_ses_identity:
|
|
identity: "{{ email_identity }}"
|
|
state: present
|
|
region: "{{ ec2_region }}"
|
|
aws_access_key: "{{ ec2_access_key }}"
|
|
aws_secret_key: "{{ ec2_secret_key }}"
|
|
security_token: "{{security_token}}"
|
|
register: result
|
|
- name: assert changed is False
|
|
assert:
|
|
that:
|
|
- result.changed == False
|
|
- import_tasks: assert_defaults.yaml
|
|
vars:
|
|
identity: "{{ email_identity }}"
|
|
always:
|
|
- name: cleanup identity
|
|
aws_ses_identity:
|
|
identity: "{{ email_identity }}"
|
|
state: absent
|
|
region: "{{ ec2_region }}"
|
|
aws_access_key: "{{ ec2_access_key }}"
|
|
aws_secret_key: "{{ ec2_secret_key }}"
|
|
security_token: "{{security_token}}"
|
|
# ============================================================
|
|
- name: test domain_identity unchanged when already existing
|
|
block:
|
|
- name: register identity
|
|
aws_ses_identity:
|
|
identity: "{{ domain_identity }}"
|
|
state: present
|
|
region: "{{ ec2_region }}"
|
|
aws_access_key: "{{ ec2_access_key }}"
|
|
aws_secret_key: "{{ ec2_secret_key }}"
|
|
security_token: "{{security_token}}"
|
|
- name: duplicate register identity
|
|
aws_ses_identity:
|
|
identity: "{{ domain_identity }}"
|
|
state: present
|
|
region: "{{ ec2_region }}"
|
|
aws_access_key: "{{ ec2_access_key }}"
|
|
aws_secret_key: "{{ ec2_secret_key }}"
|
|
security_token: "{{security_token}}"
|
|
register: result
|
|
- name: assert changed is False
|
|
assert:
|
|
that:
|
|
- result.changed == False
|
|
- import_tasks: assert_defaults.yaml
|
|
vars:
|
|
identity: "{{ domain_identity }}"
|
|
always:
|
|
- name: cleanup identity
|
|
aws_ses_identity:
|
|
identity: "{{ domain_identity }}"
|
|
state: absent
|
|
region: "{{ ec2_region }}"
|
|
aws_access_key: "{{ ec2_access_key }}"
|
|
aws_secret_key: "{{ ec2_secret_key }}"
|
|
security_token: "{{security_token}}"
|
|
# ============================================================
|
|
- name: remove non-existent email identity
|
|
aws_ses_identity:
|
|
identity: "{{ email_identity }}"
|
|
state: absent
|
|
region: "{{ ec2_region }}"
|
|
aws_access_key: "{{ ec2_access_key }}"
|
|
aws_secret_key: "{{ ec2_secret_key }}"
|
|
security_token: "{{security_token}}"
|
|
register: result
|
|
- name: assert changed is False
|
|
assert:
|
|
that:
|
|
- result.changed == False
|
|
# ============================================================
|
|
- name: remove non-existent domain identity
|
|
aws_ses_identity:
|
|
identity: "{{ domain_identity }}"
|
|
state: absent
|
|
region: "{{ ec2_region }}"
|
|
aws_access_key: "{{ ec2_access_key }}"
|
|
aws_secret_key: "{{ ec2_secret_key }}"
|
|
security_token: "{{security_token}}"
|
|
register: result
|
|
- name: assert changed is False
|
|
assert:
|
|
that:
|
|
- result.changed == False
|
|
# ============================================================
|
|
- name: test set notification queues
|
|
block:
|
|
- name: test topic
|
|
sns_topic:
|
|
name: "{{ notification_queue_name }}-{{ item }}"
|
|
state: present
|
|
region: "{{ ec2_region }}"
|
|
aws_access_key: "{{ ec2_access_key }}"
|
|
aws_secret_key: "{{ ec2_secret_key }}"
|
|
security_token: "{{security_token}}"
|
|
register: topic_info
|
|
with_items:
|
|
- bounce
|
|
- complaint
|
|
- delivery
|
|
- name: register email identity
|
|
aws_ses_identity:
|
|
identity: "{{ email_identity }}"
|
|
state: present
|
|
bounce_notifications:
|
|
topic: "{{ topic_info.results[0].sns_arn }}"
|
|
complaint_notifications:
|
|
topic: "{{ topic_info.results[1].sns_arn }}"
|
|
delivery_notifications:
|
|
topic: "{{ topic_info.results[2].sns_arn }}"
|
|
region: "{{ ec2_region }}"
|
|
aws_access_key: "{{ ec2_access_key }}"
|
|
aws_secret_key: "{{ ec2_secret_key }}"
|
|
security_token: "{{security_token}}"
|
|
register: result
|
|
- name: assert notification settings
|
|
assert:
|
|
that:
|
|
- result.notification_attributes.bounce_topic == topic_info.results[0].sns_arn
|
|
- result.notification_attributes.complaint_topic == topic_info.results[1].sns_arn
|
|
- result.notification_attributes.delivery_topic == topic_info.results[2].sns_arn
|
|
- name: assert notification headers unchanged
|
|
assert:
|
|
that:
|
|
- result.notification_attributes.headers_in_bounce_notifications_enabled == False
|
|
- result.notification_attributes.headers_in_complaint_notifications_enabled == False
|
|
- result.notification_attributes.headers_in_delivery_notifications_enabled == False
|
|
always:
|
|
- name: cleanup topics
|
|
sns_topic:
|
|
name: "{{ notification_queue_name }}-{{ item }}"
|
|
state: absent
|
|
region: "{{ ec2_region }}"
|
|
aws_access_key: "{{ ec2_access_key }}"
|
|
aws_secret_key: "{{ ec2_secret_key }}"
|
|
security_token: "{{security_token}}"
|
|
with_items:
|
|
- bounce
|
|
- complaint
|
|
- delivery
|
|
- name: cleanup email identity
|
|
aws_ses_identity:
|
|
identity: "{{ email_identity }}"
|
|
state: absent
|
|
region: "{{ ec2_region }}"
|
|
aws_access_key: "{{ ec2_access_key }}"
|
|
aws_secret_key: "{{ ec2_secret_key }}"
|
|
security_token: "{{security_token}}"
|
|
# ============================================================
|
|
- name: test change notification queues after create
|
|
block:
|
|
- name: test topic
|
|
sns_topic:
|
|
name: "{{ notification_queue_name }}-{{ item }}"
|
|
state: present
|
|
region: "{{ ec2_region }}"
|
|
aws_access_key: "{{ ec2_access_key }}"
|
|
aws_secret_key: "{{ ec2_secret_key }}"
|
|
security_token: "{{security_token}}"
|
|
register: topic_info
|
|
with_items:
|
|
- bounce
|
|
- complaint
|
|
- delivery
|
|
- name: register email identity
|
|
aws_ses_identity:
|
|
identity: "{{ email_identity }}"
|
|
state: present
|
|
region: "{{ ec2_region }}"
|
|
aws_access_key: "{{ ec2_access_key }}"
|
|
aws_secret_key: "{{ ec2_secret_key }}"
|
|
security_token: "{{security_token}}"
|
|
- name: set notification topics
|
|
aws_ses_identity:
|
|
identity: "{{ email_identity }}"
|
|
state: present
|
|
bounce_notifications:
|
|
topic: "{{ topic_info.results[0].sns_arn }}"
|
|
complaint_notifications:
|
|
topic: "{{ topic_info.results[1].sns_arn }}"
|
|
delivery_notifications:
|
|
topic: "{{ topic_info.results[2].sns_arn }}"
|
|
region: "{{ ec2_region }}"
|
|
aws_access_key: "{{ ec2_access_key }}"
|
|
aws_secret_key: "{{ ec2_secret_key }}"
|
|
security_token: "{{security_token}}"
|
|
register: result
|
|
- name: assert changed is True
|
|
assert:
|
|
that:
|
|
- result.changed == True
|
|
- name: assert notification settings
|
|
assert:
|
|
that:
|
|
- result.notification_attributes.bounce_topic == topic_info.results[0].sns_arn
|
|
- result.notification_attributes.complaint_topic == topic_info.results[1].sns_arn
|
|
- result.notification_attributes.delivery_topic == topic_info.results[2].sns_arn
|
|
always:
|
|
- name: cleanup topics
|
|
sns_topic:
|
|
name: "{{ notification_queue_name }}-{{ item }}"
|
|
state: absent
|
|
region: "{{ ec2_region }}"
|
|
aws_access_key: "{{ ec2_access_key }}"
|
|
aws_secret_key: "{{ ec2_secret_key }}"
|
|
security_token: "{{security_token}}"
|
|
with_items:
|
|
- bounce
|
|
- complaint
|
|
- delivery
|
|
- name: cleanup email identity
|
|
aws_ses_identity:
|
|
identity: "{{ email_identity }}"
|
|
state: absent
|
|
region: "{{ ec2_region }}"
|
|
aws_access_key: "{{ ec2_access_key }}"
|
|
aws_secret_key: "{{ ec2_secret_key }}"
|
|
security_token: "{{security_token}}"
|
|
# ============================================================
|
|
- name: test include headers on notification queues
|
|
block:
|
|
- name: register email identity
|
|
aws_ses_identity:
|
|
identity: "{{ email_identity }}"
|
|
state: present
|
|
bounce_notifications:
|
|
include_headers: Yes
|
|
complaint_notifications:
|
|
include_headers: Yes
|
|
delivery_notifications:
|
|
include_headers: Yes
|
|
region: "{{ ec2_region }}"
|
|
aws_access_key: "{{ ec2_access_key }}"
|
|
aws_secret_key: "{{ ec2_secret_key }}"
|
|
security_token: "{{security_token}}"
|
|
register: result
|
|
- name: assert notification headers enabled
|
|
assert:
|
|
that:
|
|
- result.notification_attributes.headers_in_bounce_notifications_enabled == True
|
|
- result.notification_attributes.headers_in_complaint_notifications_enabled == True
|
|
- result.notification_attributes.headers_in_delivery_notifications_enabled == True
|
|
always:
|
|
- name: cleanup email identity
|
|
aws_ses_identity:
|
|
identity: "{{ email_identity }}"
|
|
state: absent
|
|
region: "{{ ec2_region }}"
|
|
aws_access_key: "{{ ec2_access_key }}"
|
|
aws_secret_key: "{{ ec2_secret_key }}"
|
|
security_token: "{{security_token}}"
|
|
# ============================================================
|
|
- name: test disable feedback forwarding
|
|
block:
|
|
- name: test topic
|
|
sns_topic:
|
|
name: "{{ notification_queue_name }}-{{ item }}"
|
|
state: present
|
|
region: "{{ ec2_region }}"
|
|
aws_access_key: "{{ ec2_access_key }}"
|
|
aws_secret_key: "{{ ec2_secret_key }}"
|
|
security_token: "{{security_token}}"
|
|
register: topic_info
|
|
with_items:
|
|
- bounce
|
|
- complaint
|
|
- name: register email identity
|
|
aws_ses_identity:
|
|
identity: "{{ email_identity }}"
|
|
state: present
|
|
bounce_notifications:
|
|
topic: "{{ topic_info.results[0].sns_arn }}"
|
|
complaint_notifications:
|
|
topic: "{{ topic_info.results[1].sns_arn }}"
|
|
feedback_forwarding: No
|
|
region: "{{ ec2_region }}"
|
|
aws_access_key: "{{ ec2_access_key }}"
|
|
aws_secret_key: "{{ ec2_secret_key }}"
|
|
security_token: "{{security_token}}"
|
|
register: result
|
|
- name: assert feedback_forwarding == False
|
|
assert:
|
|
that:
|
|
- result.notification_attributes.forwarding_enabled == False
|
|
always:
|
|
- name: cleanup topics
|
|
sns_topic:
|
|
name: "{{ notification_queue_name }}-{{ item }}"
|
|
state: absent
|
|
region: "{{ ec2_region }}"
|
|
aws_access_key: "{{ ec2_access_key }}"
|
|
aws_secret_key: "{{ ec2_secret_key }}"
|
|
security_token: "{{security_token}}"
|
|
with_items:
|
|
- bounce
|
|
- complaint
|
|
- name: cleanup email identity
|
|
aws_ses_identity:
|
|
identity: "{{ email_identity }}"
|
|
state: absent
|
|
region: "{{ ec2_region }}"
|
|
aws_access_key: "{{ ec2_access_key }}"
|
|
aws_secret_key: "{{ ec2_secret_key }}"
|
|
security_token: "{{security_token}}"
|
|
# ============================================================
|
|
- name: test disable feedback forwarding fails if no topics
|
|
block:
|
|
- name: register identity
|
|
aws_ses_identity:
|
|
identity: "{{ domain_identity }}"
|
|
state: present
|
|
feedback_forwarding: No
|
|
region: "{{ ec2_region }}"
|
|
aws_access_key: "{{ ec2_access_key }}"
|
|
aws_secret_key: "{{ ec2_secret_key }}"
|
|
security_token: "{{security_token}}"
|
|
register: result
|
|
failed_when: result.failed == False
|
|
- name: assert error.code == InvalidParameterValue
|
|
assert:
|
|
that:
|
|
- result.error.code == 'InvalidParameterValue'
|
|
always:
|
|
- name: cleanup identity
|
|
aws_ses_identity:
|
|
identity: "{{ domain_identity }}"
|
|
state: absent
|
|
region: "{{ ec2_region }}"
|
|
aws_access_key: "{{ ec2_access_key }}"
|
|
aws_secret_key: "{{ ec2_secret_key }}"
|
|
security_token: "{{security_token}}"
|