638de22b35
These tests are doing string matches on the error condition. Update them to match the new strings. This is probably okay to push out to old releases even though it's technically backwards incompatible because production playbooks won't be checking that a parameter was missing. Param missing is something detected and fixed while writing the playbook.
486 lines
15 KiB
YAML
486 lines
15 KiB
YAML
---
|
|
# tasks file for test_ec2_ami
|
|
|
|
- block:
|
|
|
|
# ============================================================
|
|
|
|
# SETUP: vpc, ec2 key pair, subnet, security group, ec2 instance, snapshot
|
|
|
|
- name: create a VPC to work in
|
|
ec2_vpc_net:
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
cidr_block: 10.0.0.0/24
|
|
state: present
|
|
name: '{{ ec2_ami_name }}_setup'
|
|
resource_tags:
|
|
Name: '{{ ec2_ami_name }}_setup'
|
|
register: setup_vpc
|
|
|
|
- name: create a key pair to use for creating an ec2 instance
|
|
ec2_key:
|
|
name: '{{ ec2_ami_name }}_setup'
|
|
state: present
|
|
ec2_region: '{{ ec2_region }}'
|
|
ec2_access_key: '{{ ec2_access_key }}'
|
|
ec2_secret_key: '{{ ec2_secret_key }}'
|
|
security_token: '{{ security_token }}'
|
|
register: setup_key
|
|
|
|
- name: create a subnet to use for creating an ec2 instance
|
|
ec2_vpc_subnet:
|
|
ec2_region: '{{ ec2_region }}'
|
|
ec2_access_key: '{{ ec2_access_key }}'
|
|
ec2_secret_key: '{{ ec2_secret_key }}'
|
|
security_token: '{{ security_token }}'
|
|
az: '{{ ec2_region }}a'
|
|
tags: '{{ ec2_ami_name }}_setup'
|
|
vpc_id: '{{ setup_vpc.vpc.id }}'
|
|
cidr: 10.0.0.0/24
|
|
state: present
|
|
resource_tags:
|
|
Name: '{{ ec2_ami_name }}_setup'
|
|
register: setup_subnet
|
|
|
|
- name: create a security group to use for creating an ec2 instance
|
|
ec2_group:
|
|
name: '{{ ec2_ami_name }}_setup'
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
description: 'created by Ansible integration tests'
|
|
state: present
|
|
vpc_id: '{{ setup_vpc.vpc.id }}'
|
|
register: setup_sg
|
|
|
|
- name: provision ec2 instance to create an image
|
|
ec2:
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
key_name: '{{ setup_key.key.name }}'
|
|
instance_type: t2.micro
|
|
state: present
|
|
image: '{{ ec2_ami_image[ec2_region] }}'
|
|
wait: yes
|
|
instance_tags:
|
|
'{{ec2_ami_name}}_instance_setup': 'integration_tests'
|
|
group_id: '{{ setup_sg.group_id }}'
|
|
vpc_subnet_id: '{{ setup_subnet.subnet.id }}'
|
|
register: setup_instance
|
|
|
|
- name: take a snapshot of the instance to create an image
|
|
ec2_snapshot:
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
instance_id: '{{ setup_instance.instance_ids[0] }}'
|
|
device_name: /dev/xvda
|
|
state: present
|
|
register: setup_snapshot
|
|
|
|
# ============================================================
|
|
|
|
- name: create an image from the instance
|
|
ec2_ami:
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
instance_id: '{{ setup_instance.instance_ids[0] }}'
|
|
state: present
|
|
name: '{{ ec2_ami_name }}_ami'
|
|
description: '{{ ec2_ami_description }}'
|
|
tags:
|
|
Name: '{{ ec2_ami_name }}_ami'
|
|
wait: yes
|
|
root_device_name: /dev/xvda
|
|
ignore_errors: true
|
|
register: result
|
|
|
|
- name: assert that image has been created
|
|
assert:
|
|
that:
|
|
- "result.changed"
|
|
- "result.image_id.startswith('ami-')"
|
|
# FIXME: tags are not currently shown in the results
|
|
#- "result.tags == '{Name: {{ ec2_ami_name }}_ami}'"
|
|
|
|
- name: set image id fact for deletion later
|
|
set_fact:
|
|
ec2_ami_image_id: "{{ result.image_id }}"
|
|
|
|
# ============================================================
|
|
|
|
- name: delete the image
|
|
ec2_ami:
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
instance_id: '{{ setup_instance.instance_ids[0] }}'
|
|
state: absent
|
|
delete_snapshot: yes
|
|
name: '{{ ec2_ami_name }}_ami'
|
|
description: '{{ ec2_ami_description }}'
|
|
image_id: '{{ result.image_id }}'
|
|
tags:
|
|
Name: '{{ ec2_ami_name }}_ami'
|
|
wait: yes
|
|
ignore_errors: true
|
|
register: result
|
|
|
|
- name: assert that the image has been deleted
|
|
assert:
|
|
that:
|
|
- "result.changed"
|
|
- "'image_id' not in result"
|
|
|
|
# ============================================================
|
|
|
|
- name: test removing an ami if no image ID is provided (expected failed=true)
|
|
ec2_ami:
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
state: absent
|
|
register: result
|
|
ignore_errors: yes
|
|
|
|
- name: assert that an image ID is required
|
|
assert:
|
|
that:
|
|
- "result.failed"
|
|
- "result.msg == 'state is absent but all of the following are missing: image_id'"
|
|
|
|
# ============================================================
|
|
|
|
- name: create an image from the snapshot
|
|
ec2_ami:
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
name: '{{ ec2_ami_name }}_ami'
|
|
description: '{{ ec2_ami_description }}'
|
|
state: present
|
|
tags:
|
|
Name: '{{ ec2_ami_name }}_ami'
|
|
root_device_name: /dev/xvda
|
|
device_mapping:
|
|
- device_name: /dev/xvda
|
|
volume_type: gp2
|
|
size: 8
|
|
delete_on_termination: true
|
|
snapshot_id: '{{ setup_snapshot.snapshot_id }}'
|
|
register: result
|
|
ignore_errors: true
|
|
|
|
- name: assert a new ami has been created
|
|
assert:
|
|
that:
|
|
- "result.changed"
|
|
- "result.image_id.startswith('ami-')"
|
|
|
|
- name: set image id fact for deletion later
|
|
set_fact:
|
|
ec2_ami_image_id: "{{ result.image_id }}"
|
|
ec2_ami_snapshot: "{{ result.block_device_mapping['/dev/xvda'].snapshot_id }}"
|
|
|
|
# ============================================================
|
|
|
|
# FIXME: this only works if launch permissions are specified and if they are not an empty list
|
|
# - name: test idempotence
|
|
# ec2_ami:
|
|
# ec2_region: '{{ec2_region}}'
|
|
# ec2_access_key: '{{ec2_access_key}}'
|
|
# ec2_secret_key: '{{ec2_secret_key}}'
|
|
# security_token: '{{security_token}}'
|
|
# description: '{{ ec2_ami_description }}'
|
|
# state: present
|
|
# tags:
|
|
# Name: '{{ ec2_ami_name }}_ami'
|
|
# root_device_name: /dev/xvda
|
|
# image_id: '{{ result.image_id }}'
|
|
# launch_permissions:
|
|
# user_ids:
|
|
# -
|
|
# device_mapping:
|
|
# - device_name: /dev/xvda
|
|
# volume_type: gp2
|
|
# size: 8
|
|
# delete_on_termination: true
|
|
# snapshot_id: '{{ setup_snapshot.snapshot_id }}'
|
|
# register: result
|
|
|
|
# - name: assert a new ami has been created
|
|
# assert:
|
|
# that:
|
|
# - "not result.changed"
|
|
# - "result.image_id.startswith('ami-')"
|
|
|
|
# ============================================================
|
|
|
|
# FIXME: tags are not currently shown in the results
|
|
- name: add a tag to the AMI
|
|
ec2_ami:
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
state: present
|
|
description: '{{ ec2_ami_description }}'
|
|
image_id: '{{ result.image_id }}'
|
|
name: '{{ ec2_ami_name }}_ami'
|
|
tags:
|
|
New: Tag
|
|
launch_permissions:
|
|
group_names: ['all']
|
|
register: result
|
|
#
|
|
# - name: assert a tag was added
|
|
# assert:
|
|
# that:
|
|
# - "result.tags == '{Name: {{ ec2_ami_name }}_ami}, New: Tag'"
|
|
|
|
# ============================================================
|
|
|
|
- name: update AMI launch permissions
|
|
ec2_ami:
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
state: present
|
|
image_id: '{{ result.image_id }}'
|
|
name: '{{ ec2_ami_name }}_ami'
|
|
description: '{{ ec2_ami_description }}'
|
|
tags:
|
|
Name: '{{ ec2_ami_name }}_ami'
|
|
launch_permissions:
|
|
group_names: ['all']
|
|
register: result
|
|
|
|
- name: assert launch permissions were updated
|
|
assert:
|
|
that:
|
|
- "result.changed"
|
|
|
|
# ============================================================
|
|
|
|
- name: modify the AMI description
|
|
ec2_ami:
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
state: present
|
|
image_id: '{{ result.image_id }}'
|
|
name: '{{ ec2_ami_name }}_ami'
|
|
description: '{{ ec2_ami_description }}CHANGED'
|
|
tags:
|
|
Name: '{{ ec2_ami_name }}_ami'
|
|
launch_permissions:
|
|
group_names: ['all']
|
|
register: result
|
|
|
|
- name: assert the description changed
|
|
assert:
|
|
that:
|
|
- "result.changed"
|
|
|
|
# ============================================================
|
|
|
|
# FIXME: currently the module doesn't remove launch permissions correctly
|
|
# - name: remove public launch permissions
|
|
# ec2_ami:
|
|
# ec2_region: '{{ec2_region}}'
|
|
# ec2_access_key: '{{ec2_access_key}}'
|
|
# ec2_secret_key: '{{ec2_secret_key}}'
|
|
# security_token: '{{security_token}}'
|
|
# state: present
|
|
# image_id: '{{ result.image_id }}'
|
|
# name: '{{ ec2_ami_name }}_ami'
|
|
# tags:
|
|
# Name: '{{ ec2_ami_name }}_ami'
|
|
# launch_permissions:
|
|
# group_names:
|
|
# -
|
|
#
|
|
# register: result
|
|
# ignore_errors: true
|
|
#
|
|
# - name: assert launch permissions were updated
|
|
# assert:
|
|
# that:
|
|
# - "result.changed"
|
|
|
|
# ============================================================
|
|
|
|
- name: delete ami without deleting the snapshot (default is not to delete)
|
|
ec2_ami:
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
instance_id: '{{ setup_instance.instance_ids[0] }}'
|
|
state: absent
|
|
name: '{{ ec2_ami_name }}_ami'
|
|
image_id: '{{ ec2_ami_image_id }}'
|
|
tags:
|
|
Name: '{{ ec2_ami_name }}_ami'
|
|
wait: yes
|
|
ignore_errors: true
|
|
register: result
|
|
|
|
- name: assert that the image has been deleted
|
|
assert:
|
|
that:
|
|
- "result.changed"
|
|
- "'image_id' not in result"
|
|
|
|
- name: ensure the snapshot still exists
|
|
ec2_snapshot_facts:
|
|
snapshot_ids:
|
|
- '{{ ec2_ami_snapshot }}'
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
register: snapshot_result
|
|
|
|
- name: assert the snapshot wasn't deleted
|
|
assert:
|
|
that:
|
|
- "snapshot_result.snapshots[0].snapshot_id == ec2_ami_snapshot"
|
|
|
|
- name: delete ami for a second time
|
|
ec2_ami:
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
instance_id: '{{ setup_instance.instance_ids[0] }}'
|
|
state: absent
|
|
name: '{{ ec2_ami_name }}_ami'
|
|
image_id: '{{ ec2_ami_image_id }}'
|
|
tags:
|
|
Name: '{{ ec2_ami_name }}_ami'
|
|
wait: yes
|
|
ignore_errors: true
|
|
register: result
|
|
|
|
# FIXME: currently deleting an already deleted image fails
|
|
# It should succeed, with changed: false
|
|
# - name: assert that image does not exist
|
|
# assert:
|
|
# that:
|
|
# - not result.changed
|
|
# - not result.failed
|
|
|
|
|
|
# ============================================================
|
|
|
|
always:
|
|
|
|
# ============================================================
|
|
|
|
# TEAR DOWN: snapshot, ec2 instance, ec2 key pair, security group, vpc
|
|
- name: Announce teardown start
|
|
debug:
|
|
msg: "***** TESTING COMPLETE. COMMENCE TEARDOWN *****"
|
|
|
|
- name: delete ami
|
|
ec2_ami:
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
state: absent
|
|
image_id: "{{ ec2_ami_image_id }}"
|
|
name: '{{ ec2_ami_name }}_ami'
|
|
wait: yes
|
|
ignore_errors: yes
|
|
|
|
- name: remove setup snapshot of ec2 instance
|
|
ec2_snapshot:
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
state: absent
|
|
snapshot_id: '{{ setup_snapshot.snapshot_id }}'
|
|
ignore_errors: yes
|
|
|
|
- name: remove setup ec2 instance
|
|
ec2:
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
instance_type: t2.micro
|
|
instance_ids: '{{ setup_instance.instance_ids }}'
|
|
state: absent
|
|
wait: yes
|
|
instance_tags:
|
|
'{{ec2_ami_name}}_instance_setup': 'integration_tests'
|
|
group_id: '{{ setup_sg.group_id }}'
|
|
vpc_subnet_id: '{{ setup_subnet.subnet.id }}'
|
|
ignore_errors: yes
|
|
|
|
- name: remove setup keypair
|
|
ec2_key:
|
|
name: '{{ec2_ami_name}}_setup'
|
|
state: absent
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
ignore_errors: yes
|
|
|
|
- name: remove setup security group
|
|
ec2_group:
|
|
name: '{{ ec2_ami_name }}_setup'
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
description: 'created by Ansible integration tests'
|
|
state: absent
|
|
vpc_id: '{{ setup_vpc.vpc.id }}'
|
|
ignore_errors: yes
|
|
|
|
- name: remove setup subnet
|
|
ec2_vpc_subnet:
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
az: '{{ ec2_region }}a'
|
|
tags: '{{ec2_ami_name}}_setup'
|
|
vpc_id: '{{ setup_vpc.vpc.id }}'
|
|
cidr: 10.0.0.0/24
|
|
state: absent
|
|
resource_tags:
|
|
Name: '{{ ec2_ami_name }}_setup'
|
|
ignore_errors: yes
|
|
|
|
- name: remove setup VPC
|
|
ec2_vpc_net:
|
|
ec2_region: '{{ec2_region}}'
|
|
ec2_access_key: '{{ec2_access_key}}'
|
|
ec2_secret_key: '{{ec2_secret_key}}'
|
|
security_token: '{{security_token}}'
|
|
cidr_block: 10.0.0.0/24
|
|
state: absent
|
|
name: '{{ ec2_ami_name }}_setup'
|
|
resource_tags:
|
|
Name: '{{ ec2_ami_name }}_setup'
|
|
ignore_errors: yes
|