924352a051
* Combine testing policies Because of the maximum of 10 policies per group, need to consolidate testing policies as best we can. * Tidy put-account-setting tasks and add permission Using `environment` and `command` rather than `shell` avoids the need for `no_log` and means that people can fix the problem * refactor ecs_cluster test suite move from runme.sh technique to virtualenv use ec2_instance rather than ec2 module to avoid need for boto
216 lines
6.9 KiB
YAML
216 lines
6.9 KiB
YAML
- block:
|
|
- name: set up aws connection info
|
|
set_fact:
|
|
aws_connection_info: &aws_connection_info
|
|
aws_access_key: "{{ aws_access_key }}"
|
|
aws_secret_key: "{{ aws_secret_key }}"
|
|
security_token: "{{ security_token }}"
|
|
region: "{{ aws_region }}"
|
|
no_log: True
|
|
|
|
- name: create ecs cluster
|
|
ecs_cluster:
|
|
name: "{{ resource_prefix }}"
|
|
state: present
|
|
<<: *aws_connection_info
|
|
|
|
- name: create ecs_taskdefinition with bridged network
|
|
ecs_taskdefinition:
|
|
containers:
|
|
- name: my_container
|
|
image: ubuntu
|
|
memory: 128
|
|
family: "{{ resource_prefix }}"
|
|
state: present
|
|
network_mode: bridge
|
|
<<: *aws_connection_info
|
|
register: ecs_taskdefinition_creation
|
|
|
|
- name: create ecs_taskdefinition with awsvpc network
|
|
ecs_taskdefinition:
|
|
containers:
|
|
- name: my_container
|
|
image: ubuntu
|
|
memory: 128
|
|
family: "{{ resource_prefix }}-vpc"
|
|
state: present
|
|
network_mode: awsvpc
|
|
<<: *aws_connection_info
|
|
register: ecs_taskdefinition_creation_vpc
|
|
|
|
- name: create ecs_taskdefinition and execution_role_arn (expected to fail)
|
|
ecs_taskdefinition:
|
|
containers:
|
|
- name: my_container
|
|
image: ubuntu
|
|
memory: 128
|
|
family: "{{ resource_prefix }}-vpc"
|
|
execution_role_arn: not_a_real_arn
|
|
state: present
|
|
network_mode: awsvpc
|
|
<<: *aws_connection_info
|
|
ignore_errors: yes
|
|
register: ecs_taskdefinition_arn
|
|
|
|
- name: check that graceful failure message is returned from ecs_taskdefinition_arn
|
|
assert:
|
|
that:
|
|
- ecs_taskdefinition_arn.failed
|
|
- 'ecs_taskdefinition_arn.msg == "botocore needs to be version 1.10.44 or higher to use execution_role_arn"'
|
|
|
|
- name: ecs_taskdefinition works fine even when older botocore is used
|
|
assert:
|
|
that:
|
|
- ecs_taskdefinition_creation_vpc.changed
|
|
|
|
- name: create ecs_service using bridged network
|
|
ecs_service:
|
|
name: "{{ resource_prefix }}"
|
|
cluster: "{{ resource_prefix }}"
|
|
task_definition: "{{ resource_prefix }}"
|
|
desired_count: 1
|
|
state: present
|
|
<<: *aws_connection_info
|
|
register: ecs_service_creation
|
|
|
|
- name: create ecs_service using awsvpc network_configuration
|
|
ecs_service:
|
|
name: "{{ resource_prefix }}-vpc"
|
|
cluster: "{{ resource_prefix }}"
|
|
task_definition: "{{ resource_prefix }}-vpc"
|
|
desired_count: 1
|
|
network_configuration:
|
|
subnets:
|
|
- subnet-abcd1234
|
|
security_groups:
|
|
- sg-abcd1234
|
|
state: present
|
|
<<: *aws_connection_info
|
|
register: ecs_service_creation_vpc
|
|
ignore_errors: yes
|
|
|
|
- name: check that graceful failure message is returned from ecs_service
|
|
assert:
|
|
that:
|
|
- ecs_service_creation_vpc.failed
|
|
- 'ecs_service_creation_vpc.msg == "botocore needs to be version 1.7.44 or higher to use network configuration"'
|
|
|
|
- name: create ecs_service using awsvpc network_configuration and launch_type
|
|
ecs_service:
|
|
name: "{{ resource_prefix }}-vpc"
|
|
cluster: "{{ resource_prefix }}"
|
|
task_definition: "{{ resource_prefix }}-vpc"
|
|
desired_count: 1
|
|
network_configuration:
|
|
subnets:
|
|
- subnet-abcd1234
|
|
security_groups:
|
|
- sg-abcd1234
|
|
launch_type: FARGATE
|
|
state: present
|
|
<<: *aws_connection_info
|
|
register: ecs_service_creation_vpc_launchtype
|
|
ignore_errors: yes
|
|
|
|
- name: check that graceful failure message is returned from ecs_service
|
|
assert:
|
|
that:
|
|
- ecs_service_creation_vpc_launchtype.failed
|
|
- 'ecs_service_creation_vpc_launchtype.msg == "botocore needs to be version 1.7.44 or higher to use network configuration"'
|
|
|
|
- name: create ecs_service with launchtype and missing network_configuration
|
|
ecs_service:
|
|
name: "{{ resource_prefix }}-vpc"
|
|
cluster: "{{ resource_prefix }}"
|
|
task_definition: "{{ resource_prefix }}-vpc"
|
|
desired_count: 1
|
|
launch_type: FARGATE
|
|
state: present
|
|
<<: *aws_connection_info
|
|
register: ecs_service_creation_vpc_launchtype_nonet
|
|
ignore_errors: yes
|
|
|
|
- name: check that graceful failure message is returned from ecs_service
|
|
assert:
|
|
that:
|
|
- ecs_service_creation_vpc_launchtype_nonet.failed
|
|
- 'ecs_service_creation_vpc_launchtype_nonet.msg == "launch_type is FARGATE but all of the following are missing: network_configuration"'
|
|
|
|
- name: create ecs_task using awsvpc network_configuration
|
|
ecs_task:
|
|
cluster: "{{ resource_prefix }}-vpc"
|
|
task_definition: "{{ resource_prefix }}"
|
|
operation: run
|
|
count: 1
|
|
started_by: me
|
|
network_configuration:
|
|
subnets:
|
|
- subnet-abcd1234
|
|
security_groups:
|
|
- sg-abcd1234
|
|
<<: *aws_connection_info
|
|
register: ecs_task_creation_vpc
|
|
ignore_errors: yes
|
|
|
|
- name: check that graceful failure message is returned from ecs_task
|
|
assert:
|
|
that:
|
|
- ecs_task_creation_vpc.failed
|
|
- 'ecs_task_creation_vpc.msg == "botocore needs to be version 1.7.44 or higher to use network configuration"'
|
|
|
|
|
|
always:
|
|
- name: scale down ecs service
|
|
ecs_service:
|
|
name: "{{ resource_prefix }}"
|
|
cluster: "{{ resource_prefix }}"
|
|
task_definition: "{{ resource_prefix }}"
|
|
desired_count: 0
|
|
state: present
|
|
<<: *aws_connection_info
|
|
ignore_errors: yes
|
|
|
|
- name: pause to wait for scale down
|
|
pause:
|
|
seconds: 30
|
|
|
|
- name: remove ecs service
|
|
ecs_service:
|
|
name: "{{ resource_prefix }}"
|
|
cluster: "{{ resource_prefix }}"
|
|
task_definition: "{{ resource_prefix }}"
|
|
desired_count: 1
|
|
state: absent
|
|
<<: *aws_connection_info
|
|
ignore_errors: yes
|
|
|
|
- name: remove ecs task definition
|
|
ecs_taskdefinition:
|
|
containers:
|
|
- name: my_container
|
|
image: ubuntu
|
|
memory: 128
|
|
family: "{{ resource_prefix }}"
|
|
revision: "{{ ecs_taskdefinition_creation.taskdefinition.revision }}"
|
|
state: absent
|
|
<<: *aws_connection_info
|
|
ignore_errors: yes
|
|
|
|
- name: remove ecs task definition vpc
|
|
ecs_taskdefinition:
|
|
containers:
|
|
- name: my_container
|
|
image: ubuntu
|
|
memory: 128
|
|
family: "{{ resource_prefix }}-vpc"
|
|
revision: "{{ ecs_taskdefinition_creation_vpc.taskdefinition.revision }}"
|
|
state: absent
|
|
<<: *aws_connection_info
|
|
ignore_errors: yes
|
|
|
|
- name: remove ecs cluster
|
|
ecs_cluster:
|
|
name: "{{ resource_prefix }}"
|
|
state: absent
|
|
<<: *aws_connection_info
|
|
ignore_errors: yes
|