ansible/test/integration/targets/ec2_ami/tasks/main.yml
Toshio Kuratomi 638de22b35 Update tests for required_if changes
These tests are doing string matches on the error condition.  Update
them to match the new strings.  This is probably okay to push out to old
releases even though it's technically backwards incompatible because
production playbooks won't be checking that a parameter was missing.
Param missing is something detected and fixed while writing the playbook.
2017-10-26 17:37:11 -07:00

486 lines
15 KiB
YAML

---
# tasks file for test_ec2_ami
- block:
# ============================================================
# SETUP: vpc, ec2 key pair, subnet, security group, ec2 instance, snapshot
- name: create a VPC to work in
ec2_vpc_net:
ec2_region: '{{ec2_region}}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
cidr_block: 10.0.0.0/24
state: present
name: '{{ ec2_ami_name }}_setup'
resource_tags:
Name: '{{ ec2_ami_name }}_setup'
register: setup_vpc
- name: create a key pair to use for creating an ec2 instance
ec2_key:
name: '{{ ec2_ami_name }}_setup'
state: present
ec2_region: '{{ ec2_region }}'
ec2_access_key: '{{ ec2_access_key }}'
ec2_secret_key: '{{ ec2_secret_key }}'
security_token: '{{ security_token }}'
register: setup_key
- name: create a subnet to use for creating an ec2 instance
ec2_vpc_subnet:
ec2_region: '{{ ec2_region }}'
ec2_access_key: '{{ ec2_access_key }}'
ec2_secret_key: '{{ ec2_secret_key }}'
security_token: '{{ security_token }}'
az: '{{ ec2_region }}a'
tags: '{{ ec2_ami_name }}_setup'
vpc_id: '{{ setup_vpc.vpc.id }}'
cidr: 10.0.0.0/24
state: present
resource_tags:
Name: '{{ ec2_ami_name }}_setup'
register: setup_subnet
- name: create a security group to use for creating an ec2 instance
ec2_group:
name: '{{ ec2_ami_name }}_setup'
ec2_region: '{{ec2_region}}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
description: 'created by Ansible integration tests'
state: present
vpc_id: '{{ setup_vpc.vpc.id }}'
register: setup_sg
- name: provision ec2 instance to create an image
ec2:
ec2_region: '{{ec2_region}}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
key_name: '{{ setup_key.key.name }}'
instance_type: t2.micro
state: present
image: '{{ ec2_ami_image[ec2_region] }}'
wait: yes
instance_tags:
'{{ec2_ami_name}}_instance_setup': 'integration_tests'
group_id: '{{ setup_sg.group_id }}'
vpc_subnet_id: '{{ setup_subnet.subnet.id }}'
register: setup_instance
- name: take a snapshot of the instance to create an image
ec2_snapshot:
ec2_region: '{{ec2_region}}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
instance_id: '{{ setup_instance.instance_ids[0] }}'
device_name: /dev/xvda
state: present
register: setup_snapshot
# ============================================================
- name: create an image from the instance
ec2_ami:
ec2_region: '{{ec2_region}}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
instance_id: '{{ setup_instance.instance_ids[0] }}'
state: present
name: '{{ ec2_ami_name }}_ami'
description: '{{ ec2_ami_description }}'
tags:
Name: '{{ ec2_ami_name }}_ami'
wait: yes
root_device_name: /dev/xvda
ignore_errors: true
register: result
- name: assert that image has been created
assert:
that:
- "result.changed"
- "result.image_id.startswith('ami-')"
# FIXME: tags are not currently shown in the results
#- "result.tags == '{Name: {{ ec2_ami_name }}_ami}'"
- name: set image id fact for deletion later
set_fact:
ec2_ami_image_id: "{{ result.image_id }}"
# ============================================================
- name: delete the image
ec2_ami:
ec2_region: '{{ec2_region}}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
instance_id: '{{ setup_instance.instance_ids[0] }}'
state: absent
delete_snapshot: yes
name: '{{ ec2_ami_name }}_ami'
description: '{{ ec2_ami_description }}'
image_id: '{{ result.image_id }}'
tags:
Name: '{{ ec2_ami_name }}_ami'
wait: yes
ignore_errors: true
register: result
- name: assert that the image has been deleted
assert:
that:
- "result.changed"
- "'image_id' not in result"
# ============================================================
- name: test removing an ami if no image ID is provided (expected failed=true)
ec2_ami:
ec2_region: '{{ec2_region}}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
state: absent
register: result
ignore_errors: yes
- name: assert that an image ID is required
assert:
that:
- "result.failed"
- "result.msg == 'state is absent but all of the following are missing: image_id'"
# ============================================================
- name: create an image from the snapshot
ec2_ami:
ec2_region: '{{ec2_region}}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
name: '{{ ec2_ami_name }}_ami'
description: '{{ ec2_ami_description }}'
state: present
tags:
Name: '{{ ec2_ami_name }}_ami'
root_device_name: /dev/xvda
device_mapping:
- device_name: /dev/xvda
volume_type: gp2
size: 8
delete_on_termination: true
snapshot_id: '{{ setup_snapshot.snapshot_id }}'
register: result
ignore_errors: true
- name: assert a new ami has been created
assert:
that:
- "result.changed"
- "result.image_id.startswith('ami-')"
- name: set image id fact for deletion later
set_fact:
ec2_ami_image_id: "{{ result.image_id }}"
ec2_ami_snapshot: "{{ result.block_device_mapping['/dev/xvda'].snapshot_id }}"
# ============================================================
# FIXME: this only works if launch permissions are specified and if they are not an empty list
# - name: test idempotence
# ec2_ami:
# ec2_region: '{{ec2_region}}'
# ec2_access_key: '{{ec2_access_key}}'
# ec2_secret_key: '{{ec2_secret_key}}'
# security_token: '{{security_token}}'
# description: '{{ ec2_ami_description }}'
# state: present
# tags:
# Name: '{{ ec2_ami_name }}_ami'
# root_device_name: /dev/xvda
# image_id: '{{ result.image_id }}'
# launch_permissions:
# user_ids:
# -
# device_mapping:
# - device_name: /dev/xvda
# volume_type: gp2
# size: 8
# delete_on_termination: true
# snapshot_id: '{{ setup_snapshot.snapshot_id }}'
# register: result
# - name: assert a new ami has been created
# assert:
# that:
# - "not result.changed"
# - "result.image_id.startswith('ami-')"
# ============================================================
# FIXME: tags are not currently shown in the results
- name: add a tag to the AMI
ec2_ami:
ec2_region: '{{ec2_region}}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
state: present
description: '{{ ec2_ami_description }}'
image_id: '{{ result.image_id }}'
name: '{{ ec2_ami_name }}_ami'
tags:
New: Tag
launch_permissions:
group_names: ['all']
register: result
#
# - name: assert a tag was added
# assert:
# that:
# - "result.tags == '{Name: {{ ec2_ami_name }}_ami}, New: Tag'"
# ============================================================
- name: update AMI launch permissions
ec2_ami:
ec2_region: '{{ec2_region}}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
state: present
image_id: '{{ result.image_id }}'
name: '{{ ec2_ami_name }}_ami'
description: '{{ ec2_ami_description }}'
tags:
Name: '{{ ec2_ami_name }}_ami'
launch_permissions:
group_names: ['all']
register: result
- name: assert launch permissions were updated
assert:
that:
- "result.changed"
# ============================================================
- name: modify the AMI description
ec2_ami:
ec2_region: '{{ec2_region}}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
state: present
image_id: '{{ result.image_id }}'
name: '{{ ec2_ami_name }}_ami'
description: '{{ ec2_ami_description }}CHANGED'
tags:
Name: '{{ ec2_ami_name }}_ami'
launch_permissions:
group_names: ['all']
register: result
- name: assert the description changed
assert:
that:
- "result.changed"
# ============================================================
# FIXME: currently the module doesn't remove launch permissions correctly
# - name: remove public launch permissions
# ec2_ami:
# ec2_region: '{{ec2_region}}'
# ec2_access_key: '{{ec2_access_key}}'
# ec2_secret_key: '{{ec2_secret_key}}'
# security_token: '{{security_token}}'
# state: present
# image_id: '{{ result.image_id }}'
# name: '{{ ec2_ami_name }}_ami'
# tags:
# Name: '{{ ec2_ami_name }}_ami'
# launch_permissions:
# group_names:
# -
#
# register: result
# ignore_errors: true
#
# - name: assert launch permissions were updated
# assert:
# that:
# - "result.changed"
# ============================================================
- name: delete ami without deleting the snapshot (default is not to delete)
ec2_ami:
ec2_region: '{{ec2_region}}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
instance_id: '{{ setup_instance.instance_ids[0] }}'
state: absent
name: '{{ ec2_ami_name }}_ami'
image_id: '{{ ec2_ami_image_id }}'
tags:
Name: '{{ ec2_ami_name }}_ami'
wait: yes
ignore_errors: true
register: result
- name: assert that the image has been deleted
assert:
that:
- "result.changed"
- "'image_id' not in result"
- name: ensure the snapshot still exists
ec2_snapshot_facts:
snapshot_ids:
- '{{ ec2_ami_snapshot }}'
ec2_region: '{{ec2_region}}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: snapshot_result
- name: assert the snapshot wasn't deleted
assert:
that:
- "snapshot_result.snapshots[0].snapshot_id == ec2_ami_snapshot"
- name: delete ami for a second time
ec2_ami:
ec2_region: '{{ec2_region}}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
instance_id: '{{ setup_instance.instance_ids[0] }}'
state: absent
name: '{{ ec2_ami_name }}_ami'
image_id: '{{ ec2_ami_image_id }}'
tags:
Name: '{{ ec2_ami_name }}_ami'
wait: yes
ignore_errors: true
register: result
# FIXME: currently deleting an already deleted image fails
# It should succeed, with changed: false
# - name: assert that image does not exist
# assert:
# that:
# - not result.changed
# - not result.failed
# ============================================================
always:
# ============================================================
# TEAR DOWN: snapshot, ec2 instance, ec2 key pair, security group, vpc
- name: Announce teardown start
debug:
msg: "***** TESTING COMPLETE. COMMENCE TEARDOWN *****"
- name: delete ami
ec2_ami:
ec2_region: '{{ec2_region}}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
state: absent
image_id: "{{ ec2_ami_image_id }}"
name: '{{ ec2_ami_name }}_ami'
wait: yes
ignore_errors: yes
- name: remove setup snapshot of ec2 instance
ec2_snapshot:
ec2_region: '{{ec2_region}}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
state: absent
snapshot_id: '{{ setup_snapshot.snapshot_id }}'
ignore_errors: yes
- name: remove setup ec2 instance
ec2:
ec2_region: '{{ec2_region}}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
instance_type: t2.micro
instance_ids: '{{ setup_instance.instance_ids }}'
state: absent
wait: yes
instance_tags:
'{{ec2_ami_name}}_instance_setup': 'integration_tests'
group_id: '{{ setup_sg.group_id }}'
vpc_subnet_id: '{{ setup_subnet.subnet.id }}'
ignore_errors: yes
- name: remove setup keypair
ec2_key:
name: '{{ec2_ami_name}}_setup'
state: absent
ec2_region: '{{ec2_region}}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
ignore_errors: yes
- name: remove setup security group
ec2_group:
name: '{{ ec2_ami_name }}_setup'
ec2_region: '{{ec2_region}}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
description: 'created by Ansible integration tests'
state: absent
vpc_id: '{{ setup_vpc.vpc.id }}'
ignore_errors: yes
- name: remove setup subnet
ec2_vpc_subnet:
ec2_region: '{{ec2_region}}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
az: '{{ ec2_region }}a'
tags: '{{ec2_ami_name}}_setup'
vpc_id: '{{ setup_vpc.vpc.id }}'
cidr: 10.0.0.0/24
state: absent
resource_tags:
Name: '{{ ec2_ami_name }}_setup'
ignore_errors: yes
- name: remove setup VPC
ec2_vpc_net:
ec2_region: '{{ec2_region}}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
cidr_block: 10.0.0.0/24
state: absent
name: '{{ ec2_ami_name }}_setup'
resource_tags:
Name: '{{ ec2_ami_name }}_setup'
ignore_errors: yes