7da565b3ae
* Add an option to parse botocore.endpoint logs for the AWS actions performed during a task Add a callback to consolidate all AWS actions used by modules Added some documentation to the AWS guidelines * Enable aws_resource_actions callback only for AWS tests * Add script to help generate policies * Set debug_botocore_endpoint_logs via environment variable for all AWS integration tests Ensure AWS tests inherit environment (also remove AWS CLI in aws_rds inventory tests and use the module)
223 lines
7.8 KiB
YAML
223 lines
7.8 KiB
YAML
- hosts: localhost
|
|
connection: local
|
|
environment: "{{ ansible_test.environment }}"
|
|
vars:
|
|
resource_prefix: 'ansible-testing'
|
|
|
|
tasks:
|
|
- block:
|
|
- name: set up aws connection info
|
|
set_fact:
|
|
aws_connection_info: &aws_connection_info
|
|
aws_access_key: "{{ aws_access_key }}"
|
|
aws_secret_key: "{{ aws_secret_key }}"
|
|
security_token: "{{ security_token }}"
|
|
region: "{{ aws_region }}"
|
|
no_log: True
|
|
|
|
- name: create ecs cluster
|
|
ecs_cluster:
|
|
name: "{{ resource_prefix }}"
|
|
state: present
|
|
<<: *aws_connection_info
|
|
|
|
- name: create ecs_taskdefinition with bridged network
|
|
ecs_taskdefinition:
|
|
containers:
|
|
- name: my_container
|
|
image: ubuntu
|
|
memory: 128
|
|
family: "{{ resource_prefix }}"
|
|
state: present
|
|
network_mode: bridge
|
|
<<: *aws_connection_info
|
|
register: ecs_taskdefinition_creation
|
|
|
|
- name: create ecs_taskdefinition with awsvpc network
|
|
ecs_taskdefinition:
|
|
containers:
|
|
- name: my_container
|
|
image: ubuntu
|
|
memory: 128
|
|
family: "{{ resource_prefix }}-vpc"
|
|
state: present
|
|
network_mode: awsvpc
|
|
<<: *aws_connection_info
|
|
register: ecs_taskdefinition_creation_vpc
|
|
|
|
- name: create ecs_taskdefinition and execution_role_arn (expected to fail)
|
|
ecs_taskdefinition:
|
|
containers:
|
|
- name: my_container
|
|
image: ubuntu
|
|
memory: 128
|
|
family: "{{ resource_prefix }}-vpc"
|
|
execution_role_arn: not_a_real_arn
|
|
state: present
|
|
network_mode: awsvpc
|
|
<<: *aws_connection_info
|
|
ignore_errors: yes
|
|
register: ecs_taskdefinition_arn
|
|
|
|
- name: check that graceful failure message is returned from ecs_taskdefinition_arn
|
|
assert:
|
|
that:
|
|
- ecs_taskdefinition_arn.failed
|
|
- 'ecs_taskdefinition_arn.msg == "botocore needs to be version 1.10.44 or higher to use execution_role_arn"'
|
|
|
|
- name: ecs_taskdefinition works fine even when older botocore is used
|
|
assert:
|
|
that:
|
|
- ecs_taskdefinition_creation_vpc.changed
|
|
|
|
- name: create ecs_service using bridged network
|
|
ecs_service:
|
|
name: "{{ resource_prefix }}"
|
|
cluster: "{{ resource_prefix }}"
|
|
task_definition: "{{ resource_prefix }}"
|
|
desired_count: 1
|
|
state: present
|
|
<<: *aws_connection_info
|
|
register: ecs_service_creation
|
|
|
|
- name: create ecs_service using awsvpc network_configuration
|
|
ecs_service:
|
|
name: "{{ resource_prefix }}-vpc"
|
|
cluster: "{{ resource_prefix }}"
|
|
task_definition: "{{ resource_prefix }}-vpc"
|
|
desired_count: 1
|
|
network_configuration:
|
|
subnets:
|
|
- subnet-abcd1234
|
|
security_groups:
|
|
- sg-abcd1234
|
|
state: present
|
|
<<: *aws_connection_info
|
|
register: ecs_service_creation_vpc
|
|
ignore_errors: yes
|
|
|
|
- name: check that graceful failure message is returned from ecs_service
|
|
assert:
|
|
that:
|
|
- ecs_service_creation_vpc.failed
|
|
- 'ecs_service_creation_vpc.msg == "botocore needs to be version 1.7.44 or higher to use network configuration"'
|
|
|
|
- name: create ecs_service using awsvpc network_configuration and launch_type
|
|
ecs_service:
|
|
name: "{{ resource_prefix }}-vpc"
|
|
cluster: "{{ resource_prefix }}"
|
|
task_definition: "{{ resource_prefix }}-vpc"
|
|
desired_count: 1
|
|
network_configuration:
|
|
subnets:
|
|
- subnet-abcd1234
|
|
security_groups:
|
|
- sg-abcd1234
|
|
launch_type: FARGATE
|
|
state: present
|
|
<<: *aws_connection_info
|
|
register: ecs_service_creation_vpc_launchtype
|
|
ignore_errors: yes
|
|
|
|
- name: check that graceful failure message is returned from ecs_service
|
|
assert:
|
|
that:
|
|
- ecs_service_creation_vpc_launchtype.failed
|
|
- 'ecs_service_creation_vpc_launchtype.msg == "botocore needs to be version 1.7.44 or higher to use network configuration"'
|
|
|
|
- name: create ecs_service with launchtype and missing network_configuration
|
|
ecs_service:
|
|
name: "{{ resource_prefix }}-vpc"
|
|
cluster: "{{ resource_prefix }}"
|
|
task_definition: "{{ resource_prefix }}-vpc"
|
|
desired_count: 1
|
|
launch_type: FARGATE
|
|
state: present
|
|
<<: *aws_connection_info
|
|
register: ecs_service_creation_vpc_launchtype_nonet
|
|
ignore_errors: yes
|
|
|
|
- name: check that graceful failure message is returned from ecs_service
|
|
assert:
|
|
that:
|
|
- ecs_service_creation_vpc_launchtype_nonet.failed
|
|
- 'ecs_service_creation_vpc_launchtype_nonet.msg == "launch_type is FARGATE but all of the following are missing: network_configuration"'
|
|
|
|
- name: create ecs_task using awsvpc network_configuration
|
|
ecs_task:
|
|
cluster: "{{ resource_prefix }}-vpc"
|
|
task_definition: "{{ resource_prefix }}"
|
|
operation: run
|
|
count: 1
|
|
started_by: me
|
|
network_configuration:
|
|
subnets:
|
|
- subnet-abcd1234
|
|
security_groups:
|
|
- sg-abcd1234
|
|
<<: *aws_connection_info
|
|
register: ecs_task_creation_vpc
|
|
ignore_errors: yes
|
|
|
|
- name: check that graceful failure message is returned from ecs_task
|
|
assert:
|
|
that:
|
|
- ecs_task_creation_vpc.failed
|
|
- 'ecs_task_creation_vpc.msg == "botocore needs to be version 1.7.44 or higher to use network configuration"'
|
|
|
|
|
|
always:
|
|
- name: scale down ecs service
|
|
ecs_service:
|
|
name: "{{ resource_prefix }}"
|
|
cluster: "{{ resource_prefix }}"
|
|
task_definition: "{{ resource_prefix }}"
|
|
desired_count: 0
|
|
state: present
|
|
<<: *aws_connection_info
|
|
ignore_errors: yes
|
|
|
|
- name: pause to wait for scale down
|
|
pause:
|
|
seconds: 30
|
|
|
|
- name: remove ecs service
|
|
ecs_service:
|
|
name: "{{ resource_prefix }}"
|
|
cluster: "{{ resource_prefix }}"
|
|
task_definition: "{{ resource_prefix }}"
|
|
desired_count: 1
|
|
state: absent
|
|
<<: *aws_connection_info
|
|
ignore_errors: yes
|
|
|
|
- name: remove ecs task definition
|
|
ecs_taskdefinition:
|
|
containers:
|
|
- name: my_container
|
|
image: ubuntu
|
|
memory: 128
|
|
family: "{{ resource_prefix }}"
|
|
revision: "{{ ecs_taskdefinition_creation.taskdefinition.revision }}"
|
|
state: absent
|
|
<<: *aws_connection_info
|
|
ignore_errors: yes
|
|
|
|
- name: remove ecs task definition vpc
|
|
ecs_taskdefinition:
|
|
containers:
|
|
- name: my_container
|
|
image: ubuntu
|
|
memory: 128
|
|
family: "{{ resource_prefix }}-vpc"
|
|
revision: "{{ ecs_taskdefinition_creation_vpc.taskdefinition.revision }}"
|
|
state: absent
|
|
<<: *aws_connection_info
|
|
ignore_errors: yes
|
|
|
|
- name: remove ecs cluster
|
|
ecs_cluster:
|
|
name: "{{ resource_prefix }}"
|
|
state: absent
|
|
<<: *aws_connection_info
|
|
ignore_errors: yes
|