From 791e9dabe3c1cb50a315d82fbb7252f4a38885f6 Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Wed, 18 Dec 2019 21:18:23 +0100 Subject: [PATCH] Run ec2_instance tests in parallel and re-enable them (#63800) * Run ec2_instance tests in parallel * Make sure we spin up the iam_instance_role instances in the dedicated VPC * Rework a little to only build one VPC while still running in parallel * Start running the tests within shippable * We only use setup_remote_tmp_dir for the version_fail tests, so only set it up once * Make sure we clean up if we fail during Environment Setup * Add a warning about running in parallel * Minor review tweaks * Remove unused file --- test/integration/targets/ec2_instance/aliases | 3 +- .../targets/ec2_instance/inventory | 17 ++ .../integration/targets/ec2_instance/main.yml | 43 +++++ .../ec2_instance}/defaults/main.yml | 2 +- .../files/assume-role-policy.json | 0 .../roles/ec2_instance/meta/main.yml | 3 + .../ec2_instance}/tasks/block_devices.yml | 44 ++--- .../ec2_instance/tasks/checkmode_tests.yml | 172 ++++++++++++++++++ .../roles/ec2_instance/tasks/cpu_options.yml | 86 +++++++++ .../ec2_instance/tasks/default_vpc_tests.yml | 57 ++++++ .../ec2_instance}/tasks/ebs_optimized.yml | 29 +-- .../ec2_instance}/tasks/env_cleanup.yml | 26 +-- .../roles/ec2_instance/tasks/env_setup.yml | 79 ++++++++ .../tasks/external_resource_attach.yml | 129 +++++++++++++ .../roles/ec2_instance/tasks/find_ami.yml | 15 ++ .../ec2_instance/tasks/iam_instance_role.yml | 127 +++++++++++++ .../ec2_instance}/tasks/instance_no_wait.yml | 34 ++-- .../roles/ec2_instance/tasks/main.yml | 48 +++++ .../tasks/tags_and_vpc_settings.yml | 158 ++++++++++++++++ .../tasks/termination_protection.yml | 101 ++++++++++ .../roles/ec2_instance/tasks/version_fail.yml | 29 +++ .../tasks/version_fail_wrapper.yml | 7 +- .../integration/targets/ec2_instance/runme.sh | 12 ++ .../ec2_instance/tasks/checkmode_tests.yml | 156 ---------------- .../ec2_instance/tasks/cpu_options.yml | 86 --------- .../ec2_instance/tasks/default_vpc_tests.yml | 53 ------ .../targets/ec2_instance/tasks/env_setup.yml | 74 -------- .../tasks/external_resource_attach.yml | 124 ------------- .../ec2_instance/tasks/iam_instance_role.yml | 116 ------------ .../targets/ec2_instance/tasks/main.yml | 54 ------ .../tasks/tags_and_vpc_settings.yml | 154 ---------------- .../tasks/termination_protection.yml | 92 ---------- .../ec2_instance/tasks/version_fail.yml | 26 --- 33 files changed, 1154 insertions(+), 1002 deletions(-) create mode 100644 test/integration/targets/ec2_instance/inventory create mode 100644 test/integration/targets/ec2_instance/main.yml rename test/integration/targets/ec2_instance/{ => roles/ec2_instance}/defaults/main.yml (88%) rename test/integration/targets/ec2_instance/{ => roles/ec2_instance}/files/assume-role-policy.json (100%) create mode 100644 test/integration/targets/ec2_instance/roles/ec2_instance/meta/main.yml rename test/integration/targets/ec2_instance/{ => roles/ec2_instance}/tasks/block_devices.yml (61%) create mode 100644 test/integration/targets/ec2_instance/roles/ec2_instance/tasks/checkmode_tests.yml create mode 100644 test/integration/targets/ec2_instance/roles/ec2_instance/tasks/cpu_options.yml create mode 100644 test/integration/targets/ec2_instance/roles/ec2_instance/tasks/default_vpc_tests.yml rename test/integration/targets/ec2_instance/{ => roles/ec2_instance}/tasks/ebs_optimized.yml (57%) rename test/integration/targets/ec2_instance/{ => roles/ec2_instance}/tasks/env_cleanup.yml (87%) create mode 100644 test/integration/targets/ec2_instance/roles/ec2_instance/tasks/env_setup.yml create mode 100644 test/integration/targets/ec2_instance/roles/ec2_instance/tasks/external_resource_attach.yml create mode 100644 test/integration/targets/ec2_instance/roles/ec2_instance/tasks/find_ami.yml create mode 100644 test/integration/targets/ec2_instance/roles/ec2_instance/tasks/iam_instance_role.yml rename test/integration/targets/ec2_instance/{ => roles/ec2_instance}/tasks/instance_no_wait.yml (68%) create mode 100644 test/integration/targets/ec2_instance/roles/ec2_instance/tasks/main.yml create mode 100644 test/integration/targets/ec2_instance/roles/ec2_instance/tasks/tags_and_vpc_settings.yml create mode 100644 test/integration/targets/ec2_instance/roles/ec2_instance/tasks/termination_protection.yml create mode 100644 test/integration/targets/ec2_instance/roles/ec2_instance/tasks/version_fail.yml rename test/integration/targets/ec2_instance/{ => roles/ec2_instance}/tasks/version_fail_wrapper.yml (88%) create mode 100755 test/integration/targets/ec2_instance/runme.sh delete mode 100644 test/integration/targets/ec2_instance/tasks/checkmode_tests.yml delete mode 100644 test/integration/targets/ec2_instance/tasks/cpu_options.yml delete mode 100644 test/integration/targets/ec2_instance/tasks/default_vpc_tests.yml delete mode 100644 test/integration/targets/ec2_instance/tasks/env_setup.yml delete mode 100644 test/integration/targets/ec2_instance/tasks/external_resource_attach.yml delete mode 100644 test/integration/targets/ec2_instance/tasks/iam_instance_role.yml delete mode 100644 test/integration/targets/ec2_instance/tasks/main.yml delete mode 100644 test/integration/targets/ec2_instance/tasks/tags_and_vpc_settings.yml delete mode 100644 test/integration/targets/ec2_instance/tasks/termination_protection.yml delete mode 100644 test/integration/targets/ec2_instance/tasks/version_fail.yml diff --git a/test/integration/targets/ec2_instance/aliases b/test/integration/targets/ec2_instance/aliases index 6f1611de9a7..1fb7d55ab50 100644 --- a/test/integration/targets/ec2_instance/aliases +++ b/test/integration/targets/ec2_instance/aliases @@ -1,4 +1,3 @@ ec2_instance_info cloud/aws -#shippable/aws/group2 -unsupported +shippable/aws/group2 diff --git a/test/integration/targets/ec2_instance/inventory b/test/integration/targets/ec2_instance/inventory new file mode 100644 index 00000000000..44b46ec88f7 --- /dev/null +++ b/test/integration/targets/ec2_instance/inventory @@ -0,0 +1,17 @@ +[tests] +# Sorted fastest to slowest +version_fail_wrapper +ebs_optimized +block_devices +cpu_options +default_vpc_tests +external_resource_attach +instance_no_wait +iam_instance_role +termination_protection +tags_and_vpc_settings +checkmode_tests + +[all:vars] +ansible_connection=local +ansible_python_interpreter="{{ ansible_playbook_python }}" diff --git a/test/integration/targets/ec2_instance/main.yml b/test/integration/targets/ec2_instance/main.yml new file mode 100644 index 00000000000..7695f7bcb92 --- /dev/null +++ b/test/integration/targets/ec2_instance/main.yml @@ -0,0 +1,43 @@ +--- +# Beware: most of our tests here are run in parallel. +# To add new tests you'll need to add a new host to the inventory and a matching +# '{{ inventory_hostname }}'.yml file in roles/ec2_instance/tasks/ + + +# Prepare the VPC and figure out which AMI to use +- hosts: all + gather_facts: no + tasks: + - module_defaults: + group/aws: + aws_access_key: "{{ aws_access_key }}" + aws_secret_key: "{{ aws_secret_key }}" + security_token: "{{ security_token | default(omit) }}" + region: "{{ aws_region }}" + vars: + # We can't just use "run_once" because the facts don't propagate when + # running an 'include' that was run_once + setup_run_once: yes + block: + - include_role: + name: 'ec2_instance' + tasks_from: find_ami.yml + - include_role: + name: 'ec2_instance' + tasks_from: env_setup.yml + rescue: + - include_role: + name: 'ec2_instance' + tasks_from: env_cleanup.yml + run_once: yes + - fail: + msg: 'Environment preparation failed' + run_once: yes + +# VPC should get cleaned up once all hosts have run +- hosts: all + gather_facts: no + strategy: free + #serial: 10 + roles: + - ec2_instance diff --git a/test/integration/targets/ec2_instance/defaults/main.yml b/test/integration/targets/ec2_instance/roles/ec2_instance/defaults/main.yml similarity index 88% rename from test/integration/targets/ec2_instance/defaults/main.yml rename to test/integration/targets/ec2_instance/roles/ec2_instance/defaults/main.yml index 5e4a6dc504c..8e70ab6933c 100644 --- a/test/integration/targets/ec2_instance/defaults/main.yml +++ b/test/integration/targets/ec2_instance/roles/ec2_instance/defaults/main.yml @@ -1,8 +1,8 @@ --- # defaults file for ec2_instance -ec2_instance_name: '{{ resource_prefix }}-node' ec2_instance_owner: 'integration-run-{{ resource_prefix }}' ec2_instance_type: 't3.micro' +ec2_instance_tag_TestId: '{{ resource_prefix }}-{{ inventory_hostname }}' ec2_ami_name: 'amzn2-ami-hvm-2.*-x86_64-gp2' vpc_name: '{{ resource_prefix }}-vpc' diff --git a/test/integration/targets/ec2_instance/files/assume-role-policy.json b/test/integration/targets/ec2_instance/roles/ec2_instance/files/assume-role-policy.json similarity index 100% rename from test/integration/targets/ec2_instance/files/assume-role-policy.json rename to test/integration/targets/ec2_instance/roles/ec2_instance/files/assume-role-policy.json diff --git a/test/integration/targets/ec2_instance/roles/ec2_instance/meta/main.yml b/test/integration/targets/ec2_instance/roles/ec2_instance/meta/main.yml new file mode 100644 index 00000000000..1f64f1169a9 --- /dev/null +++ b/test/integration/targets/ec2_instance/roles/ec2_instance/meta/main.yml @@ -0,0 +1,3 @@ +dependencies: + - prepare_tests + - setup_ec2 diff --git a/test/integration/targets/ec2_instance/tasks/block_devices.yml b/test/integration/targets/ec2_instance/roles/ec2_instance/tasks/block_devices.yml similarity index 61% rename from test/integration/targets/ec2_instance/tasks/block_devices.yml rename to test/integration/targets/ec2_instance/roles/ec2_instance/tasks/block_devices.yml index a6aa2d5b3a7..0a8ab63f08b 100644 --- a/test/integration/targets/ec2_instance/tasks/block_devices.yml +++ b/test/integration/targets/ec2_instance/roles/ec2_instance/tasks/block_devices.yml @@ -1,6 +1,7 @@ - block: - - name: New instance with an extra block device + - name: "New instance with an extra block device" ec2_instance: + state: present name: "{{ resource_prefix }}-test-ebs-vols" image_id: "{{ ec2_ami_image }}" vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" @@ -11,27 +12,28 @@ delete_on_termination: true volume_type: standard tags: - TestId: "{{ resource_prefix }}" + TestId: "{{ ec2_instance_tag_TestId }}" instance_type: "{{ ec2_instance_type }}" wait: true - register: in_test_vpc + register: block_device_instances - - name: Gather instance info + - name: "Gather instance info" ec2_instance_info: filters: "tag:Name": "{{ resource_prefix }}-test-ebs-vols" - register: in_test_vpc_instance + register: block_device_instances_info - assert: that: - - in_test_vpc is not failed - - in_test_vpc is changed - - in_test_vpc_instance.instances[0].block_device_mappings[0] - - in_test_vpc_instance.instances[0].block_device_mappings[1] - - in_test_vpc_instance.instances[0].block_device_mappings[1].device_name == '/dev/sdb' + - block_device_instances is not failed + - block_device_instances is changed + - block_device_instances_info.instances[0].block_device_mappings[0] + - block_device_instances_info.instances[0].block_device_mappings[1] + - block_device_instances_info.instances[0].block_device_mappings[1].device_name == '/dev/sdb' - - name: New instance with an extra block device(check mode) + - name: "New instance with an extra block device (check mode)" ec2_instance: + state: present name: "{{ resource_prefix }}-test-ebs-vols-checkmode" image_id: "{{ ec2_ami_image }}" vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" @@ -42,7 +44,7 @@ delete_on_termination: true volume_type: standard tags: - TestId: "{{ resource_prefix }}" + TestId: "{{ ec2_instance_tag_TestId }}" instance_type: "{{ ec2_instance_type }}" check_mode: yes @@ -65,16 +67,16 @@ - "{{ presented_instance_fact.instances | length }} > 0" - "{{ checkmode_instance_fact.instances | length }} == 0" - - name: Terminate instances + - name: "Terminate instances" ec2_instance: - instance_ids: "{{ in_test_vpc.instance_ids }}" state: absent + instance_ids: "{{ block_device_instances.instance_ids }}" always: - - name: Terminate test-ebs-vols instances - ec2_instance: - filters: - "tag:Name": "{{ resource_prefix }}-test-ebs-vols" - state: absent - wait: false - ignore_errors: yes + - name: "Terminate block_devices instances" + ec2_instance: + state: absent + filters: + "tag:TestId": "{{ ec2_instance_tag_TestId }}" + wait: yes + ignore_errors: yes diff --git a/test/integration/targets/ec2_instance/roles/ec2_instance/tasks/checkmode_tests.yml b/test/integration/targets/ec2_instance/roles/ec2_instance/tasks/checkmode_tests.yml new file mode 100644 index 00000000000..b161eca636e --- /dev/null +++ b/test/integration/targets/ec2_instance/roles/ec2_instance/tasks/checkmode_tests.yml @@ -0,0 +1,172 @@ +- block: + - name: "Make basic instance" + ec2_instance: + state: present + name: "{{ resource_prefix }}-checkmode-comparison" + image_id: "{{ ec2_ami_image }}" + security_groups: "{{ sg.group_id }}" + instance_type: "{{ ec2_instance_type }}" + vpc_subnet_id: "{{ testing_subnet_a.subnet.id }}" + wait: false + tags: + TestId: "{{ ec2_instance_tag_TestId }}" + register: basic_instance + + - name: "Make basic instance (check mode)" + ec2_instance: + state: present + name: "{{ resource_prefix }}-checkmode-comparison-checkmode" + image_id: "{{ ec2_ami_image }}" + security_groups: "{{ sg.group_id }}" + instance_type: "{{ ec2_instance_type }}" + vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" + tags: + TestId: "{{ ec2_instance_tag_TestId }}" + check_mode: yes + + - name: "fact presented ec2 instance" + ec2_instance_info: + filters: + "tag:Name": "{{ resource_prefix }}-checkmode-comparison" + register: presented_instance_fact + + - name: "fact checkmode ec2 instance" + ec2_instance_info: + filters: + "tag:Name": "{{ resource_prefix }}-checkmode-comparison-checkmode" + register: checkmode_instance_fact + + - name: "Confirm whether the check mode is working normally." + assert: + that: + - "{{ presented_instance_fact.instances | length }} > 0" + - "{{ checkmode_instance_fact.instances | length }} == 0" + + - name: "Stop instance (check mode)" + ec2_instance: + state: stopped + name: "{{ resource_prefix }}-checkmode-comparison" + vpc_subnet_id: "{{ testing_subnet_a.subnet.id }}" + tags: + TestId: "{{ ec2_instance_tag_TestId }}" + check_mode: yes + + - name: "fact ec2 instance" + ec2_instance_info: + filters: + "tag:Name": "{{ resource_prefix }}-checkmode-comparison" + register: confirm_checkmode_stopinstance_fact + + - name: "Verify that it was not stopped." + assert: + that: + - '"{{ confirm_checkmode_stopinstance_fact.instances[0].state.name }}" != "stopped"' + + - name: "Stop instance." + ec2_instance: + state: stopped + name: "{{ resource_prefix }}-checkmode-comparison" + vpc_subnet_id: "{{ testing_subnet_a.subnet.id }}" + tags: + TestId: "{{ ec2_instance_tag_TestId }}" + register: instance_stop + until: not instance_stop.failed + retries: 10 + + - name: "fact stopped ec2 instance" + ec2_instance_info: + filters: + "tag:Name": "{{ resource_prefix }}-checkmode-comparison" + register: confirm_stopinstance_fact + + - name: "Verify that it was stopped." + assert: + that: + - '"{{ confirm_stopinstance_fact.instances[0].state.name }}" in ["stopped", "stopping"]' + + - name: "Running instance in check mode." + ec2_instance: + state: running + name: "{{ resource_prefix }}-checkmode-comparison" + vpc_subnet_id: "{{ testing_subnet_a.subnet.id }}" + tags: + TestId: "{{ ec2_instance_tag_TestId }}" + check_mode: yes + + - name: "fact ec2 instance" + ec2_instance_info: + filters: + "tag:Name": "{{ resource_prefix }}-checkmode-comparison" + register: confirm_checkmode_runninginstance_fact + + - name: "Verify that it was not running." + assert: + that: + - '"{{ confirm_checkmode_runninginstance_fact.instances[0].state.name }}" != "running"' + + - name: "Running instance." + ec2_instance: + state: running + name: "{{ resource_prefix }}-checkmode-comparison" + vpc_subnet_id: "{{ testing_subnet_a.subnet.id }}" + tags: + TestId: "{{ ec2_instance_tag_TestId }}" + + - name: "fact ec2 instance." + ec2_instance_info: + filters: + "tag:Name": "{{ resource_prefix }}-checkmode-comparison" + register: confirm_runninginstance_fact + + - name: "Verify that it was running." + assert: + that: + - '"{{ confirm_runninginstance_fact.instances[0].state.name }}" == "running"' + + - name: "Terminate instance in check mode." + ec2_instance: + state: absent + name: "{{ resource_prefix }}-checkmode-comparison" + vpc_subnet_id: "{{ testing_subnet_a.subnet.id }}" + tags: + TestId: "{{ ec2_instance_tag_TestId }}" + check_mode: yes + + - name: "fact ec2 instance" + ec2_instance_info: + filters: + "tag:Name": "{{ resource_prefix }}-checkmode-comparison" + register: confirm_checkmode_terminatedinstance_fact + + - name: "Verify that it was not terminated," + assert: + that: + - '"{{ confirm_checkmode_terminatedinstance_fact.instances[0].state.name }}" != "terminated"' + + - name: "Terminate instance." + ec2_instance: + state: absent + name: "{{ resource_prefix }}-checkmode-comparison" + vpc_subnet_id: "{{ testing_subnet_a.subnet.id }}" + tags: + TestId: "{{ ec2_instance_tag_TestId }}" + + - name: "fact ec2 instance" + ec2_instance_info: + filters: + "tag:Name": "{{ resource_prefix }}-checkmode-comparison" + register: confirm_terminatedinstance_fact + + - name: "Verify that it was terminated," + assert: + that: + - '"{{ confirm_terminatedinstance_fact.instances[0].state.name }}" == "terminated"' + + always: + - name: "Terminate checkmode instances" + ec2_instance: + state: absent + filters: + "tag:TestId": "{{ ec2_instance_tag_TestId }}" + wait: yes + ignore_errors: yes diff --git a/test/integration/targets/ec2_instance/roles/ec2_instance/tasks/cpu_options.yml b/test/integration/targets/ec2_instance/roles/ec2_instance/tasks/cpu_options.yml new file mode 100644 index 00000000000..947011f75e1 --- /dev/null +++ b/test/integration/targets/ec2_instance/roles/ec2_instance/tasks/cpu_options.yml @@ -0,0 +1,86 @@ +- block: + - name: "create t3.nano instance with cpu_options" + ec2_instance: + state: present + name: "{{ resource_prefix }}-test-t3nano-1-threads-per-core" + image_id: "{{ ec2_ami_image }}" + tags: + TestId: "{{ ec2_instance_tag_TestId }}" + vpc_subnet_id: "{{ testing_subnet_a.subnet.id }}" + instance_type: t3.nano + cpu_options: + core_count: 1 + threads_per_core: 1 + wait: false + register: instance_creation + + - name: "instance with cpu_options created with the right options" + assert: + that: + - instance_creation is success + - instance_creation is changed + + - name: "modify cpu_options on existing instance (warning displayed)" + ec2_instance: + state: present + name: "{{ resource_prefix }}-test-t3nano-1-threads-per-core" + image_id: "{{ ec2_ami_image }}" + tags: + TestId: "{{ ec2_instance_tag_TestId }}" + vpc_subnet_id: "{{ testing_subnet_a.subnet.id }}" + instance_type: t3.nano + cpu_options: + core_count: 1 + threads_per_core: 2 + wait: false + register: cpu_options_update + ignore_errors: yes + + - name: "fact presented ec2 instance" + ec2_instance_info: + filters: + "tag:Name": "{{ resource_prefix }}-test-t3nano-1-threads-per-core" + register: presented_instance_fact + + - name: "modify cpu_options has no effect on existing instance" + assert: + that: + - cpu_options_update is success + - cpu_options_update is not changed + - "{{ presented_instance_fact.instances | length }} > 0" + - "'{{ presented_instance_fact.instances.0.state.name }}' in ['running','pending']" + - "{{ presented_instance_fact.instances.0.cpu_options.core_count }} == 1" + - "{{ presented_instance_fact.instances.0.cpu_options.threads_per_core }} == 1" + + - name: "create t3.nano instance with cpu_options(check mode)" + ec2_instance: + name: "{{ resource_prefix }}-test-t3nano-1-threads-per-core-checkmode" + image_id: "{{ ec2_ami_image }}" + tags: + TestId: "{{ ec2_instance_tag_TestId }}" + vpc_subnet_id: "{{ testing_subnet_a.subnet.id }}" + instance_type: t3.nano + cpu_options: + core_count: 1 + threads_per_core: 1 + check_mode: yes + + - name: "fact checkmode ec2 instance" + ec2_instance_info: + filters: + "tag:Name": "{{ resource_prefix }}-test-t3nano-1-threads-per-core-checkmode" + register: checkmode_instance_fact + + - name: "Confirm existence of instance id." + assert: + that: + - "{{ checkmode_instance_fact.instances | length }} == 0" + + always: + - name: "Terminate cpu_options instances" + ec2_instance: + state: absent + filters: + "tag:TestId": "{{ ec2_instance_tag_TestId }}" + wait: yes + ignore_errors: yes diff --git a/test/integration/targets/ec2_instance/roles/ec2_instance/tasks/default_vpc_tests.yml b/test/integration/targets/ec2_instance/roles/ec2_instance/tasks/default_vpc_tests.yml new file mode 100644 index 00000000000..a69dfe9f866 --- /dev/null +++ b/test/integration/targets/ec2_instance/roles/ec2_instance/tasks/default_vpc_tests.yml @@ -0,0 +1,57 @@ +- block: + - name: "Make instance in a default subnet of the VPC" + ec2_instance: + state: present + name: "{{ resource_prefix }}-test-default-vpc" + image_id: "{{ ec2_ami_image }}" + tags: + TestId: "{{ ec2_instance_tag_TestId }}" + security_group: "default" + instance_type: "{{ ec2_instance_type }}" + wait: false + register: in_default_vpc + + - name: "Make instance in a default subnet of the VPC(check mode)" + ec2_instance: + state: present + name: "{{ resource_prefix }}-test-default-vpc-checkmode" + image_id: "{{ ec2_ami_image }}" + tags: + TestId: "{{ ec2_instance_tag_TestId }}" + security_group: "default" + instance_type: "{{ ec2_instance_type }}" + check_mode: yes + + - name: "fact presented ec2 instance" + ec2_instance_info: + filters: + "tag:Name": "{{ resource_prefix }}-test-default-vpc" + register: presented_instance_fact + + - name: "fact checkmode ec2 instance" + ec2_instance_info: + filters: + "tag:Name": "{{ resource_prefix }}-test-default-vpc-checkmode" + register: checkmode_instance_fact + + - name: "Confirm whether the check mode is working normally." + assert: + that: + - "{{ presented_instance_fact.instances | length }} > 0" + - "{{ checkmode_instance_fact.instances | length }} == 0" + + - name: "Terminate instances" + ec2_instance: + state: absent + instance_ids: "{{ in_default_vpc.instance_ids }}" + tags: + TestId: "{{ ec2_instance_tag_TestId }}" + + always: + - name: "Terminate vpc_tests instances" + ec2_instance: + state: absent + filters: + "tag:TestId": "{{ ec2_instance_tag_TestId }}" + wait: yes + ignore_errors: yes diff --git a/test/integration/targets/ec2_instance/tasks/ebs_optimized.yml b/test/integration/targets/ec2_instance/roles/ec2_instance/tasks/ebs_optimized.yml similarity index 57% rename from test/integration/targets/ec2_instance/tasks/ebs_optimized.yml rename to test/integration/targets/ec2_instance/roles/ec2_instance/tasks/ebs_optimized.yml index d22d54aee6e..5bfdc086e76 100644 --- a/test/integration/targets/ec2_instance/tasks/ebs_optimized.yml +++ b/test/integration/targets/ec2_instance/roles/ec2_instance/tasks/ebs_optimized.yml @@ -1,10 +1,11 @@ - block: - - name: Make EBS optimized instance in the testing subnet of the test VPC + - name: "Make EBS optimized instance in the testing subnet of the test VPC" ec2_instance: + state: present name: "{{ resource_prefix }}-test-ebs-optimized-instance-in-vpc" image_id: "{{ ec2_ami_image }}" tags: - TestId: "{{ resource_prefix }}" + TestId: "{{ ec2_instance_tag_TestId }}" security_groups: "{{ sg.group_id }}" vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" ebs_optimized: true @@ -12,27 +13,29 @@ wait: false register: ebs_opt_in_vpc - - name: Get ec2 instance info + - name: "Get ec2 instance info" ec2_instance_info: filters: "tag:Name": "{{ resource_prefix }}-test-ebs-optimized-instance-in-vpc" register: ebs_opt_instance_info - - name: Assert instance is ebs_optimized + - name: "Assert instance is ebs_optimized" assert: that: - "{{ ebs_opt_instance_info.instances.0.ebs_optimized }}" - - name: Terminate instances + - name: "Terminate instances" ec2_instance: - instance_ids: "{{ ebs_opt_in_vpc.instance_ids }}" state: absent + instance_ids: "{{ ebs_opt_in_vpc.instance_ids }}" + tags: + TestId: "{{ ec2_instance_tag_TestId }}" always: - - name: Terminate test-ebs-vols instances - ec2_instance: - filters: - "tag:Name": "{{ resource_prefix }}-test-ebs-optimized-instance-in-vpc" - state: absent - wait: false - ignore_errors: yes + - name: "Terminate ebs_optimzed instances" + ec2_instance: + state: absent + filters: + "tag:TestId": "{{ ec2_instance_tag_TestId }}" + wait: yes + ignore_errors: yes diff --git a/test/integration/targets/ec2_instance/tasks/env_cleanup.yml b/test/integration/targets/ec2_instance/roles/ec2_instance/tasks/env_cleanup.yml similarity index 87% rename from test/integration/targets/ec2_instance/tasks/env_cleanup.yml rename to test/integration/targets/ec2_instance/roles/ec2_instance/tasks/env_cleanup.yml index b794089ce39..1b6c79e0d95 100644 --- a/test/integration/targets/ec2_instance/tasks/env_cleanup.yml +++ b/test/integration/targets/ec2_instance/roles/ec2_instance/tasks/env_cleanup.yml @@ -1,4 +1,4 @@ -- name: remove Instances +- name: "remove Instances" ec2_instance: state: absent filters: @@ -7,33 +7,33 @@ ignore_errors: yes retries: 10 -- name: remove ENIs +- name: "remove ENIs" ec2_eni_info: filters: vpc-id: "{{ testing_vpc.vpc.id }}" register: enis -- name: delete all ENIs +- name: "delete all ENIs" ec2_eni: - eni_id: "{{ item.id }}" state: absent + eni_id: "{{ item.id }}" until: removed is not failed with_items: "{{ enis.network_interfaces }}" ignore_errors: yes retries: 10 -- name: remove the security group +- name: "remove the security group" ec2_group: + state: absent name: "{{ resource_prefix }}-sg" description: a security group for ansible tests vpc_id: "{{ testing_vpc.vpc.id }}" - state: absent register: removed until: removed is not failed ignore_errors: yes retries: 10 -- name: remove routing rules +- name: "remove routing rules" ec2_vpc_route_table: state: absent vpc_id: "{{ testing_vpc.vpc.id }}" @@ -50,16 +50,16 @@ ignore_errors: yes retries: 10 -- name: remove internet gateway +- name: "remove internet gateway" ec2_vpc_igw: - vpc_id: "{{ testing_vpc.vpc.id }}" state: absent + vpc_id: "{{ testing_vpc.vpc.id }}" register: removed until: removed is not failed ignore_errors: yes retries: 10 -- name: remove subnet A +- name: "remove subnet A" ec2_vpc_subnet: state: absent vpc_id: "{{ testing_vpc.vpc.id }}" @@ -69,7 +69,7 @@ ignore_errors: yes retries: 10 -- name: remove subnet B +- name: "remove subnet B" ec2_vpc_subnet: state: absent vpc_id: "{{ testing_vpc.vpc.id }}" @@ -79,11 +79,11 @@ ignore_errors: yes retries: 10 -- name: remove the VPC +- name: "remove the VPC" ec2_vpc_net: + state: absent name: "{{ vpc_name }}" cidr_block: "{{ vpc_cidr }}" - state: absent tags: Name: Ansible Testing VPC tenancy: default diff --git a/test/integration/targets/ec2_instance/roles/ec2_instance/tasks/env_setup.yml b/test/integration/targets/ec2_instance/roles/ec2_instance/tasks/env_setup.yml new file mode 100644 index 00000000000..6c76b7bf79f --- /dev/null +++ b/test/integration/targets/ec2_instance/roles/ec2_instance/tasks/env_setup.yml @@ -0,0 +1,79 @@ +- run_once: '{{ setup_run_once | default("no") | bool }}' + block: + - name: "fetch AZ availability" + aws_az_info: + register: az_info + - name: "Assert that we have multiple AZs available to us" + assert: + that: az_info.availability_zones | length >= 2 + + - name: "pick AZs" + set_fact: + subnet_a_az: '{{ az_info.availability_zones[0].zone_name }}' + subnet_b_az: '{{ az_info.availability_zones[1].zone_name }}' + + - name: "Create VPC for use in testing" + ec2_vpc_net: + state: present + name: "{{ vpc_name }}" + cidr_block: "{{ vpc_cidr }}" + tags: + Name: Ansible ec2_instance Testing VPC + tenancy: default + register: testing_vpc + + - name: "Create internet gateway for use in testing" + ec2_vpc_igw: + state: present + vpc_id: "{{ testing_vpc.vpc.id }}" + register: igw + + - name: "Create default subnet in zone A" + ec2_vpc_subnet: + state: present + vpc_id: "{{ testing_vpc.vpc.id }}" + cidr: "{{ subnet_a_cidr }}" + az: "{{ subnet_a_az }}" + resource_tags: + Name: "{{ resource_prefix }}-subnet-a" + register: testing_subnet_a + + - name: "Create secondary subnet in zone B" + ec2_vpc_subnet: + state: present + vpc_id: "{{ testing_vpc.vpc.id }}" + cidr: "{{ subnet_b_cidr }}" + az: "{{ subnet_b_az }}" + resource_tags: + Name: "{{ resource_prefix }}-subnet-b" + register: testing_subnet_b + + - name: "create routing rules" + ec2_vpc_route_table: + state: present + vpc_id: "{{ testing_vpc.vpc.id }}" + tags: + created: "{{ resource_prefix }}-route" + routes: + - dest: 0.0.0.0/0 + gateway_id: "{{ igw.gateway_id }}" + subnets: + - "{{ testing_subnet_a.subnet.id }}" + - "{{ testing_subnet_b.subnet.id }}" + + - name: "create a security group with the vpc" + ec2_group: + state: present + name: "{{ resource_prefix }}-sg" + description: a security group for ansible tests + vpc_id: "{{ testing_vpc.vpc.id }}" + rules: + - proto: tcp + from_port: 22 + to_port: 22 + cidr_ip: 0.0.0.0/0 + - proto: tcp + from_port: 80 + to_port: 80 + cidr_ip: 0.0.0.0/0 + register: sg diff --git a/test/integration/targets/ec2_instance/roles/ec2_instance/tasks/external_resource_attach.yml b/test/integration/targets/ec2_instance/roles/ec2_instance/tasks/external_resource_attach.yml new file mode 100644 index 00000000000..2625977f416 --- /dev/null +++ b/test/integration/targets/ec2_instance/roles/ec2_instance/tasks/external_resource_attach.yml @@ -0,0 +1,129 @@ +- block: + # Make custom ENIs and attach via the `network` parameter + - ec2_eni: + state: present + delete_on_termination: true + subnet_id: "{{ testing_subnet_b.subnet.id }}" + security_groups: + - "{{ sg.group_id }}" + register: eni_a + + - ec2_eni: + state: present + delete_on_termination: true + subnet_id: "{{ testing_subnet_b.subnet.id }}" + security_groups: + - "{{ sg.group_id }}" + register: eni_b + + - ec2_eni: + state: present + delete_on_termination: true + subnet_id: "{{ testing_subnet_b.subnet.id }}" + security_groups: + - "{{ sg.group_id }}" + register: eni_c + + - ec2_key: + name: "{{ resource_prefix }}_test_key" + + - name: "Make instance in the testing subnet created in the test VPC" + ec2_instance: + state: present + name: "{{ resource_prefix }}-test-eni-vpc" + key_name: "{{ resource_prefix }}_test_key" + network: + interfaces: + - id: "{{ eni_a.interface.id }}" + image_id: "{{ ec2_ami_image }}" + availability_zone: '{{ subnet_b_az }}' + tags: + TestId: "{{ ec2_instance_tag_TestId }}" + instance_type: "{{ ec2_instance_type }}" + wait: false + register: in_test_vpc + + - name: "Gather {{ resource_prefix }}-test-eni-vpc info" + ec2_instance_info: + filters: + "tag:Name": '{{ resource_prefix }}-test-eni-vpc' + register: in_test_vpc_instance + + - assert: + that: + - 'in_test_vpc_instance.instances.0.key_name == "{{ resource_prefix }}_test_key"' + - '(in_test_vpc_instance.instances.0.network_interfaces | length) == 1' + + - name: "Add a second interface" + ec2_instance: + state: present + name: "{{ resource_prefix }}-test-eni-vpc" + network: + interfaces: + - id: "{{ eni_a.interface.id }}" + - id: "{{ eni_b.interface.id }}" + image_id: "{{ ec2_ami_image }}" + tags: + TestId: "{{ ec2_instance_tag_TestId }}" + instance_type: "{{ ec2_instance_type }}" + wait: false + register: add_interface + until: add_interface is not failed + ignore_errors: yes + retries: 10 + + - name: "Make instance in the testing subnet created in the test VPC(check mode)" + ec2_instance: + state: present + name: "{{ resource_prefix }}-test-eni-vpc-checkmode" + key_name: "{{ resource_prefix }}_test_key" + network: + interfaces: + - id: "{{ eni_c.interface.id }}" + image_id: "{{ ec2_ami_image }}" + availability_zone: '{{ subnet_b_az }}' + tags: + TestId: "{{ ec2_instance_tag_TestId }}" + instance_type: "{{ ec2_instance_type }}" + check_mode: yes + + - name: "fact presented ec2 instance" + ec2_instance_info: + filters: + "tag:Name": "{{ resource_prefix }}-test-eni-vpc" + register: presented_instance_fact + + - name: "fact checkmode ec2 instance" + ec2_instance_info: + filters: + "tag:Name": "{{ resource_prefix }}-test-eni-vpc-checkmode" + register: checkmode_instance_fact + + - name: "Confirm existence of instance id." + assert: + that: + - "{{ presented_instance_fact.instances | length }} > 0" + - "{{ checkmode_instance_fact.instances | length }} == 0" + + always: + - name: "Terminate external_resource_attach instances" + ec2_instance: + state: absent + filters: + "tag:TestId": "{{ ec2_instance_tag_TestId }}" + wait: yes + ignore_errors: yes + + - ec2_key: + state: absent + name: "{{ resource_prefix }}_test_key" + ignore_errors: yes + + - ec2_eni: + state: absent + eni_id: '{{ item.interface.id }}' + ignore_errors: yes + with_items: + - '{{ eni_a }}' + - '{{ eni_b }}' + - '{{ eni_c }}' diff --git a/test/integration/targets/ec2_instance/roles/ec2_instance/tasks/find_ami.yml b/test/integration/targets/ec2_instance/roles/ec2_instance/tasks/find_ami.yml new file mode 100644 index 00000000000..5c0e61f84c6 --- /dev/null +++ b/test/integration/targets/ec2_instance/roles/ec2_instance/tasks/find_ami.yml @@ -0,0 +1,15 @@ +- run_once: '{{ setup_run_once | default("no") | bool }}' + block: + - name: "Find AMI to use" + run_once: yes + ec2_ami_info: + owners: 'amazon' + filters: + name: '{{ ec2_ami_name }}' + register: ec2_amis + - name: "Set fact with latest AMI" + run_once: yes + vars: + latest_ami: '{{ ec2_amis.images | sort(attribute="creation_date") | last }}' + set_fact: + ec2_ami_image: '{{ latest_ami.image_id }}' diff --git a/test/integration/targets/ec2_instance/roles/ec2_instance/tasks/iam_instance_role.yml b/test/integration/targets/ec2_instance/roles/ec2_instance/tasks/iam_instance_role.yml new file mode 100644 index 00000000000..6e29b74674f --- /dev/null +++ b/test/integration/targets/ec2_instance/roles/ec2_instance/tasks/iam_instance_role.yml @@ -0,0 +1,127 @@ +- block: + - name: "Create IAM role for test" + iam_role: + state: present + name: "ansible-test-sts-{{ resource_prefix }}-test-policy" + assume_role_policy_document: "{{ lookup('file','assume-role-policy.json') }}" + create_instance_profile: yes + managed_policy: + - AmazonEC2ContainerServiceRole + register: iam_role + + - name: "Create second IAM role for test" + iam_role: + state: present + name: "ansible-test-sts-{{ resource_prefix }}-test-policy-2" + assume_role_policy_document: "{{ lookup('file','assume-role-policy.json') }}" + create_instance_profile: yes + managed_policy: + - AmazonEC2ContainerServiceRole + register: iam_role_2 + + - name: "wait 10 seconds for roles to become available" + wait_for: + timeout: 10 + delegate_to: localhost + + - name: "Make instance with an instance_role" + ec2_instance: + state: present + name: "{{ resource_prefix }}-test-instance-role" + image_id: "{{ ec2_ami_image }}" + security_groups: "{{ sg.group_id }}" + instance_type: "{{ ec2_instance_type }}" + instance_role: "ansible-test-sts-{{ resource_prefix }}-test-policy" + vpc_subnet_id: "{{ testing_subnet_a.subnet.id }}" + tags: + TestId: "{{ ec2_instance_tag_TestId }}" + register: instance_with_role + + - assert: + that: + - 'instance_with_role.instances[0].iam_instance_profile.arn == iam_role.arn.replace(":role/", ":instance-profile/")' + + - name: "Make instance with an instance_role(check mode)" + ec2_instance: + state: present + name: "{{ resource_prefix }}-test-instance-role-checkmode" + image_id: "{{ ec2_ami_image }}" + security_groups: "{{ sg.group_id }}" + instance_type: "{{ ec2_instance_type }}" + instance_role: "{{ iam_role.arn.replace(':role/', ':instance-profile/') }}" + vpc_subnet_id: "{{ testing_subnet_a.subnet.id }}" + tags: + TestId: "{{ ec2_instance_tag_TestId }}" + check_mode: yes + + - name: "fact presented ec2 instance" + ec2_instance_info: + filters: + "tag:Name": "{{ resource_prefix }}-test-instance-role" + register: presented_instance_fact + + - name: "fact checkmode ec2 instance" + ec2_instance_info: + filters: + "tag:Name": "{{ resource_prefix }}-test-instance-role-checkmode" + register: checkmode_instance_fact + + - name: "Confirm whether the check mode is working normally." + assert: + that: + - "{{ presented_instance_fact.instances | length }} > 0" + - "{{ checkmode_instance_fact.instances | length }} == 0" + + - name: "Update instance with new instance_role" + ec2_instance: + state: present + name: "{{ resource_prefix }}-test-instance-role" + image_id: "{{ ec2_ami_image }}" + security_groups: "{{ sg.group_id }}" + instance_type: "{{ ec2_instance_type }}" + instance_role: "{{ iam_role_2.arn.replace(':role/', ':instance-profile/') }}" + vpc_subnet_id: "{{ testing_subnet_a.subnet.id }}" + tags: + TestId: "{{ ec2_instance_tag_TestId }}" + register: instance_with_updated_role + + - name: "wait 10 seconds for role update to complete" + wait_for: + timeout: 10 + delegate_to: localhost + + - name: "fact checkmode ec2 instance" + ec2_instance_info: + filters: + "tag:Name": "{{ resource_prefix }}-test-instance-role" + register: updates_instance_info + + - assert: + that: + - 'updates_instance_info.instances[0].iam_instance_profile.arn == iam_role_2.arn.replace(":role/", ":instance-profile/")' + - 'updates_instance_info.instances[0].instance_id == instance_with_role.instances[0].instance_id' + + always: + - name: "Terminate iam_instance_role instances" + ec2_instance: + state: absent + filters: + "tag:TestId": "{{ ec2_instance_tag_TestId }}" + wait: yes + ignore_errors: yes + + - name: "Delete IAM role for test" + iam_role: + state: absent + name: "{{ item }}" + assume_role_policy_document: "{{ lookup('file','assume-role-policy.json') }}" + create_instance_profile: yes + managed_policy: + - AmazonEC2ContainerServiceRole + loop: + - "ansible-test-sts-{{ resource_prefix }}-test-policy" + - "ansible-test-sts-{{ resource_prefix }}-test-policy-2" + register: removed + until: removed is not failed + ignore_errors: yes + retries: 10 diff --git a/test/integration/targets/ec2_instance/tasks/instance_no_wait.yml b/test/integration/targets/ec2_instance/roles/ec2_instance/tasks/instance_no_wait.yml similarity index 68% rename from test/integration/targets/ec2_instance/tasks/instance_no_wait.yml rename to test/integration/targets/ec2_instance/roles/ec2_instance/tasks/instance_no_wait.yml index 322bc937d34..418d7ef3e82 100644 --- a/test/integration/targets/ec2_instance/tasks/instance_no_wait.yml +++ b/test/integration/targets/ec2_instance/roles/ec2_instance/tasks/instance_no_wait.yml @@ -1,11 +1,12 @@ - block: - - name: New instance and don't wait for it to complete + - name: "New instance and don't wait for it to complete" ec2_instance: + state: present name: "{{ resource_prefix }}-test-no-wait" image_id: "{{ ec2_ami_image }}" vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" tags: - TestId: "{{ resource_prefix }}" + TestId: "{{ ec2_instance_tag_TestId }}" wait: false instance_type: "{{ ec2_instance_type }}" register: in_test_vpc @@ -18,18 +19,19 @@ - in_test_vpc.instance_ids is defined - in_test_vpc.instance_ids | length > 0 - - name: New instance and don't wait for it to complete ( check mode ) + - name: "New instance and don't wait for it to complete ( check mode )" ec2_instance: + state: present name: "{{ resource_prefix }}-test-no-wait-checkmode" image_id: "{{ ec2_ami_image }}" vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" tags: - TestId: "{{ resource_prefix }}" + TestId: "{{ ec2_instance_tag_TestId }}" wait: false instance_type: "{{ ec2_instance_type }}" check_mode: yes - - name: Facts for ec2 test instance + - name: "Facts for ec2 test instance" ec2_instance_info: filters: "tag:Name": "{{ resource_prefix }}-test-no-wait" @@ -37,7 +39,7 @@ until: real_instance_fact.instances | length > 0 retries: 10 - - name: Facts for checkmode ec2 test instance + - name: "Facts for checkmode ec2 test instance" ec2_instance_info: filters: "tag:Name": "{{ resource_prefix }}-test-no-wait-checkmode" @@ -49,16 +51,18 @@ - "{{ real_instance_fact.instances | length }} > 0" - "{{ checkmode_instance_fact.instances | length }} == 0" - - name: Terminate instances + - name: "Terminate instances" ec2_instance: - instance_ids: "{{ in_test_vpc.instance_ids }}" state: absent + instance_ids: "{{ in_test_vpc.instance_ids }}" + tags: + TestId: "{{ ec2_instance_tag_TestId }}" always: - - name: Terminate test-ebs-vols instances - ec2_instance: - filters: - "tag:Name": "{{ resource_prefix }}-test-no-wait-checkmode" - state: absent - wait: no - ignore_errors: yes + - name: "Terminate instance_no_wait instances" + ec2_instance: + state: absent + filters: + "tag:TestId": "{{ ec2_instance_tag_TestId }}" + wait: yes + ignore_errors: yes diff --git a/test/integration/targets/ec2_instance/roles/ec2_instance/tasks/main.yml b/test/integration/targets/ec2_instance/roles/ec2_instance/tasks/main.yml new file mode 100644 index 00000000000..e10aebcefe2 --- /dev/null +++ b/test/integration/targets/ec2_instance/roles/ec2_instance/tasks/main.yml @@ -0,0 +1,48 @@ +--- +# Beware: most of our tests here are run in parallel. +# To add new tests you'll need to add a new host to the inventory and a matching +# '{{ inventory_hostname }}'.yml file in roles/ec2_instance/tasks/ +# +# Please make sure you tag your instances with +# tags: +# "tag:TestId": "{{ ec2_instance_tag_TestId }}" +# And delete them based off that tag at the end of your specific set of tests +# +# ############################################################################### +# +# A Note about ec2 environment variable name preference: +# - EC2_URL -> AWS_URL +# - EC2_ACCESS_KEY -> AWS_ACCESS_KEY_ID -> AWS_ACCESS_KEY +# - EC2_SECRET_KEY -> AWS_SECRET_ACCESS_KEY -> AWX_SECRET_KEY +# - EC2_REGION -> AWS_REGION +# + +- name: "Wrap up all tests and setup AWS credentials" + module_defaults: + group/aws: + aws_access_key: "{{ aws_access_key }}" + aws_secret_key: "{{ aws_secret_key }}" + security_token: "{{ security_token | default(omit) }}" + region: "{{ aws_region }}" + block: + - debug: + msg: "{{ inventory_hostname }} start: {{ lookup('pipe','date') }}" + - include_tasks: '{{ inventory_hostname }}.yml' + - debug: + msg: "{{ inventory_hostname }} finish: {{ lookup('pipe','date') }}" + + always: + - set_fact: + _role_complete: True + - vars: + completed_hosts: '{{ ansible_play_hosts_all | map("extract", hostvars, "_role_complete") | list | select("defined") | list | length }}' + hosts_in_play: '{{ ansible_play_hosts_all | length }}' + debug: + msg: "{{ completed_hosts }} of {{ hosts_in_play }} complete" + - include_tasks: env_cleanup.yml + vars: + completed_hosts: '{{ ansible_play_hosts_all | map("extract", hostvars, "_role_complete") | list | select("defined") | list | length }}' + hosts_in_play: '{{ ansible_play_hosts_all | length }}' + when: + - aws_cleanup + - completed_hosts == hosts_in_play diff --git a/test/integration/targets/ec2_instance/roles/ec2_instance/tasks/tags_and_vpc_settings.yml b/test/integration/targets/ec2_instance/roles/ec2_instance/tasks/tags_and_vpc_settings.yml new file mode 100644 index 00000000000..d38b53f76fb --- /dev/null +++ b/test/integration/targets/ec2_instance/roles/ec2_instance/tasks/tags_and_vpc_settings.yml @@ -0,0 +1,158 @@ +- block: + - name: "Make instance in the testing subnet created in the test VPC" + ec2_instance: + state: present + name: "{{ resource_prefix }}-test-basic-vpc-create" + image_id: "{{ ec2_ami_image }}" + user_data: | + #cloud-config + package_upgrade: true + package_update: true + tags: + TestId: "{{ ec2_instance_tag_TestId }}" + Something: else + security_groups: "{{ sg.group_id }}" + network: + source_dest_check: false + vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" + instance_type: "{{ ec2_instance_type }}" + wait: false + register: in_test_vpc + + - name: "Make instance in the testing subnet created in the test VPC(check mode)" + ec2_instance: + state: present + name: "{{ resource_prefix }}-test-basic-vpc-create-checkmode" + image_id: "{{ ec2_ami_image }}" + user_data: | + #cloud-config + package_upgrade: true + package_update: true + tags: + TestId: "{{ ec2_instance_tag_TestId }}" + Something: else + security_groups: "{{ sg.group_id }}" + network: + source_dest_check: false + vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" + instance_type: "{{ ec2_instance_type }}" + check_mode: yes + + - name: "Try to re-make the instance, hopefully this shows changed=False" + ec2_instance: + state: present + name: "{{ resource_prefix }}-test-basic-vpc-create" + image_id: "{{ ec2_ami_image }}" + user_data: | + #cloud-config + package_upgrade: true + package_update: true + tags: + TestId: "{{ ec2_instance_tag_TestId }}" + Something: else + security_groups: "{{ sg.group_id }}" + vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" + instance_type: "{{ ec2_instance_type }}" + register: remake_in_test_vpc + - name: "Remaking the same instance resulted in no changes" + assert: + that: not remake_in_test_vpc.changed + - name: "check that instance IDs match anyway" + assert: + that: 'remake_in_test_vpc.instance_ids[0] == in_test_vpc.instance_ids[0]' + - name: "check that source_dest_check was set to false" + assert: + that: 'not remake_in_test_vpc.instances[0].source_dest_check' + + - name: "fact presented ec2 instance" + ec2_instance_info: + filters: + "tag:Name": "{{ resource_prefix }}-test-basic-vpc-create" + register: presented_instance_fact + + - name: "fact checkmode ec2 instance" + ec2_instance_info: + filters: + "tag:Name": "{{ resource_prefix }}-test-basic-vpc-create-checkmode" + register: checkmode_instance_fact + + - name: "Confirm whether the check mode is working normally." + assert: + that: + - "{{ presented_instance_fact.instances | length }} > 0" + - "{{ checkmode_instance_fact.instances | length }} == 0" + + - name: "Alter it by adding tags" + ec2_instance: + state: present + name: "{{ resource_prefix }}-test-basic-vpc-create" + image_id: "{{ ec2_ami_image }}" + tags: + TestId: "{{ ec2_instance_tag_TestId }}" + Another: thing + security_groups: "{{ sg.group_id }}" + vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" + instance_type: "{{ ec2_instance_type }}" + register: add_another_tag + + - ec2_instance_info: + instance_ids: "{{ add_another_tag.instance_ids }}" + register: check_tags + - name: "Remaking the same instance resulted in no changes" + assert: + that: + - check_tags.instances[0].tags.Another == 'thing' + - check_tags.instances[0].tags.Something == 'else' + + - name: "Purge a tag" + ec2_instance: + state: present + name: "{{ resource_prefix }}-test-basic-vpc-create" + image_id: "{{ ec2_ami_image }}" + purge_tags: true + tags: + TestId: "{{ ec2_instance_tag_TestId }}" + Another: thing + security_groups: "{{ sg.group_id }}" + vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" + instance_type: "{{ ec2_instance_type }}" + + - ec2_instance_info: + instance_ids: "{{ add_another_tag.instance_ids }}" + register: check_tags + + - name: "Remaking the same instance resulted in no changes" + assert: + that: + - "'Something' not in check_tags.instances[0].tags" + + - name: "check that subnet-default public IP rule was followed" + assert: + that: + - check_tags.instances[0].public_dns_name == "" + - check_tags.instances[0].private_ip_address.startswith(subnet_b_startswith) + - check_tags.instances[0].subnet_id == testing_subnet_b.subnet.id + - name: "check that tags were applied" + assert: + that: + - check_tags.instances[0].tags.Name.startswith(resource_prefix) + - "'{{ check_tags.instances[0].state.name }}' in ['pending', 'running']" + + - name: "Terminate instance" + ec2_instance: + state: absent + filters: + "tag:TestId": "{{ ec2_instance_tag_TestId }}" + wait: false + register: result + - assert: + that: result.changed + + always: + - name: "Terminate tags_and_vpc_settings instances" + ec2_instance: + state: absent + filters: + "tag:TestId": "{{ ec2_instance_tag_TestId }}" + wait: yes + ignore_errors: yes diff --git a/test/integration/targets/ec2_instance/roles/ec2_instance/tasks/termination_protection.yml b/test/integration/targets/ec2_instance/roles/ec2_instance/tasks/termination_protection.yml new file mode 100644 index 00000000000..e2d3728f483 --- /dev/null +++ b/test/integration/targets/ec2_instance/roles/ec2_instance/tasks/termination_protection.yml @@ -0,0 +1,101 @@ +- block: + - name: "Make termination-protected instance in the testing subnet created in the test VPC" + ec2_instance: + state: running + name: "{{ resource_prefix }}-test-protected-instance-in-vpc" + image_id: "{{ ec2_ami_image }}" + tags: + TestId: "{{ ec2_instance_tag_TestId }}" + security_groups: "{{ sg.group_id }}" + vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" + termination_protection: true + instance_type: "{{ ec2_instance_type }}" + wait: yes + register: in_test_vpc + + - name: "Make termination-protected instance in the testing subnet created in the test VPC(check mode)" + ec2_instance: + state: running + name: "{{ resource_prefix }}-test-protected-instance-in-vpc-checkmode" + image_id: "{{ ec2_ami_image }}" + tags: + TestId: "{{ ec2_instance_tag_TestId }}" + security_groups: "{{ sg.group_id }}" + vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" + termination_protection: true + instance_type: "{{ ec2_instance_type }}" + check_mode: yes + + - name: "fact presented ec2 instance" + ec2_instance_info: + filters: + "tag:Name": "{{ resource_prefix }}-test-protected-instance-in-vpc" + "instance-state-name": "running" + register: presented_instance_fact + + - name: "fact checkmode ec2 instance" + ec2_instance_info: + filters: + "tag:Name": "{{ resource_prefix }}-test-protected-instance-in-vpc-checkmode" + register: checkmode_instance_fact + + - name: "Confirm whether the check mode is working normally." + assert: + that: + - "{{ presented_instance_fact.instances | length }} > 0" + - "'{{ presented_instance_fact.instances.0.state.name }}' in ['running', 'pending']" + - "{{ checkmode_instance_fact.instances | length }} == 0" + + - name: "Try to terminate the instance" + ec2_instance: + state: absent + name: "{{ resource_prefix }}-test-protected-instance-in-vpc" + image_id: "{{ ec2_ami_image }}" + tags: + TestId: "{{ ec2_instance_tag_TestId }}" + security_groups: "{{ sg.group_id }}" + vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" + termination_protection: true + instance_type: "{{ ec2_instance_type }}" + register: bad_terminate + ignore_errors: yes + + - name: "Cannot terminate protected instance" + assert: + that: + - bad_terminate is failed + + - name: "Alter termination protection setting" + ec2_instance: + state: present + name: "{{ resource_prefix }}-test-protected-instance-in-vpc" + image_id: "{{ ec2_ami_image }}" + vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" + termination_protection: false + instance_type: "{{ ec2_instance_type }}" + tags: + TestId: "{{ ec2_instance_tag_TestId }}" + + - name: "Try to terminate the instance again (should work)" + ec2_instance: + state: absent + name: "{{ resource_prefix }}-test-protected-instance-in-vpc" + image_id: "{{ ec2_ami_image }}" + vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" + instance_type: "{{ ec2_instance_type }}" + wait: false + tags: + TestId: "{{ ec2_instance_tag_TestId }}" + register: terminate_results + + - assert: + that: terminate_results is not failed + + always: + - name: "Terminate termination_protection instances" + ec2_instance: + state: absent + filters: + "tag:TestId": "{{ ec2_instance_tag_TestId }}" + wait: yes + ignore_errors: yes diff --git a/test/integration/targets/ec2_instance/roles/ec2_instance/tasks/version_fail.yml b/test/integration/targets/ec2_instance/roles/ec2_instance/tasks/version_fail.yml new file mode 100644 index 00000000000..67370ebe37c --- /dev/null +++ b/test/integration/targets/ec2_instance/roles/ec2_instance/tasks/version_fail.yml @@ -0,0 +1,29 @@ +- block: + - name: "create t3.nano with cpu options (fails gracefully)" + ec2_instance: + state: present + name: "ansible-test-{{ resource_prefix | regex_search('([0-9]+)$') }}-ec2" + image_id: "{{ ec2_ami_image }}" + instance_type: "t3.nano" + cpu_options: + core_count: 1 + threads_per_core: 1 + tags: + TestId: "{{ ec2_instance_tag_TestId }}" + register: ec2_instance_cpu_options_creation + ignore_errors: yes + + - name: "check that graceful error message is returned when creation with cpu_options and old botocore" + assert: + that: + - ec2_instance_cpu_options_creation.failed + - 'ec2_instance_cpu_options_creation.msg == "cpu_options is only supported with botocore >= 1.10.16"' + + always: + - name: "Terminate version_fail instances" + ec2_instance: + state: absent + filters: + "tag:TestId": "{{ ec2_instance_tag_TestId }}" + wait: yes + ignore_errors: yes diff --git a/test/integration/targets/ec2_instance/tasks/version_fail_wrapper.yml b/test/integration/targets/ec2_instance/roles/ec2_instance/tasks/version_fail_wrapper.yml similarity index 88% rename from test/integration/targets/ec2_instance/tasks/version_fail_wrapper.yml rename to test/integration/targets/ec2_instance/roles/ec2_instance/tasks/version_fail_wrapper.yml index b3ee7b8551d..ae5bd785003 100644 --- a/test/integration/targets/ec2_instance/tasks/version_fail_wrapper.yml +++ b/test/integration/targets/ec2_instance/roles/ec2_instance/tasks/version_fail_wrapper.yml @@ -1,4 +1,7 @@ --- +- include_role: + name: 'setup_remote_tmp_dir' + - set_fact: virtualenv: "{{ remote_tmp_dir }}/virtualenv" virtualenv_command: "{{ ansible_python_interpreter }} -m virtualenv" @@ -7,7 +10,7 @@ virtualenv_interpreter: "{{ virtualenv }}/bin/python" - pip: - name: virtualenv + name: "virtualenv" - pip: name: @@ -23,5 +26,5 @@ ansible_python_interpreter: "{{ virtualenv_interpreter }}" - file: - path: "{{ virtualenv }}" state: absent + path: "{{ virtualenv }}" diff --git a/test/integration/targets/ec2_instance/runme.sh b/test/integration/targets/ec2_instance/runme.sh new file mode 100755 index 00000000000..aa324772bbe --- /dev/null +++ b/test/integration/targets/ec2_instance/runme.sh @@ -0,0 +1,12 @@ +#!/usr/bin/env bash +# +# Beware: most of our tests here are run in parallel. +# To add new tests you'll need to add a new host to the inventory and a matching +# '{{ inventory_hostname }}'.yml file in roles/ec2_instance/tasks/ + + +set -eux + +export ANSIBLE_ROLES_PATH=../ + +ansible-playbook main.yml -i inventory "$@" diff --git a/test/integration/targets/ec2_instance/tasks/checkmode_tests.yml b/test/integration/targets/ec2_instance/tasks/checkmode_tests.yml deleted file mode 100644 index 07f27dc00a3..00000000000 --- a/test/integration/targets/ec2_instance/tasks/checkmode_tests.yml +++ /dev/null @@ -1,156 +0,0 @@ -- block: - - name: Make basic instance - ec2_instance: - name: "{{ resource_prefix }}-checkmode-comparison" - image_id: "{{ ec2_ami_image }}" - security_groups: "{{ sg.group_id }}" - instance_type: "{{ ec2_instance_type }}" - vpc_subnet_id: "{{ testing_subnet_a.subnet.id }}" - wait: false - register: basic_instance - - - name: Make basic instance(check mode) - ec2_instance: - name: "{{ resource_prefix }}-checkmode-comparison-checkmode" - image_id: "{{ ec2_ami_image }}" - security_groups: "{{ sg.group_id }}" - instance_type: "{{ ec2_instance_type }}" - vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" - check_mode: yes - - - name: fact presented ec2 instance - ec2_instance_info: - filters: - "tag:Name": "{{ resource_prefix }}-checkmode-comparison" - register: presented_instance_fact - - - name: fact checkmode ec2 instance - ec2_instance_info: - filters: - "tag:Name": "{{ resource_prefix }}-checkmode-comparison-checkmode" - register: checkmode_instance_fact - - - name: Confirm whether the check mode is working normally. - assert: - that: - - "{{ presented_instance_fact.instances | length }} > 0" - - "{{ checkmode_instance_fact.instances | length }} == 0" - - - name: Stop instance in check mode. - ec2_instance: - name: "{{ resource_prefix }}-checkmode-comparison" - state: stopped - vpc_subnet_id: "{{ testing_subnet_a.subnet.id }}" - check_mode: yes - - - name: fact ec2 instance - ec2_instance_info: - filters: - "tag:Name": "{{ resource_prefix }}-checkmode-comparison" - register: confirm_checkmode_stopinstance_fact - - - name: Verify that it was not stopped. - assert: - that: - - '"{{ confirm_checkmode_stopinstance_fact.instances[0].state.name }}" != "stopped"' - - - name: Stop instance. - ec2_instance: - name: "{{ resource_prefix }}-checkmode-comparison" - state: stopped - vpc_subnet_id: "{{ testing_subnet_a.subnet.id }}" - register: instance_stop - until: not instance_stop.failed - retries: 10 - - - name: fact stopped ec2 instance - ec2_instance_info: - filters: - "tag:Name": "{{ resource_prefix }}-checkmode-comparison" - register: confirm_stopinstance_fact - - - name: Verify that it was stopped. - assert: - that: - - '"{{ confirm_stopinstance_fact.instances[0].state.name }}" in ["stopped", "stopping"]' - - - name: Running instance in check mode. - ec2_instance: - name: "{{ resource_prefix }}-checkmode-comparison" - state: running - vpc_subnet_id: "{{ testing_subnet_a.subnet.id }}" - check_mode: yes - - - name: fact ec2 instance - ec2_instance_info: - filters: - "tag:Name": "{{ resource_prefix }}-checkmode-comparison" - register: confirm_checkmode_runninginstance_fact - - - name: Verify that it was not running. - assert: - that: - - '"{{ confirm_checkmode_runninginstance_fact.instances[0].state.name }}" != "running"' - - - name: Running instance. - ec2_instance: - name: "{{ resource_prefix }}-checkmode-comparison" - state: running - vpc_subnet_id: "{{ testing_subnet_a.subnet.id }}" - - - name: fact ec2 instance. - ec2_instance_info: - filters: - "tag:Name": "{{ resource_prefix }}-checkmode-comparison" - register: confirm_runninginstance_fact - - - name: Verify that it was running. - assert: - that: - - '"{{ confirm_runninginstance_fact.instances[0].state.name }}" == "running"' - - - name: Terminate instance in check mode. - ec2_instance: - name: "{{ resource_prefix }}-checkmode-comparison" - state: absent - vpc_subnet_id: "{{ testing_subnet_a.subnet.id }}" - check_mode: yes - - - name: fact ec2 instance - ec2_instance_info: - filters: - "tag:Name": "{{ resource_prefix }}-checkmode-comparison" - register: confirm_checkmode_terminatedinstance_fact - - - name: Verify that it was not terminated, - assert: - that: - - '"{{ confirm_checkmode_terminatedinstance_fact.instances[0].state.name }}" != "terminated"' - - - name: Terminate instance. - ec2_instance: - name: "{{ resource_prefix }}-checkmode-comparison" - state: absent - vpc_subnet_id: "{{ testing_subnet_a.subnet.id }}" - - - name: fact ec2 instance - ec2_instance_info: - filters: - "tag:Name": "{{ resource_prefix }}-checkmode-comparison" - register: confirm_terminatedinstance_fact - - - name: Verify that it was terminated, - assert: - that: - - '"{{ confirm_terminatedinstance_fact.instances[0].state.name }}" == "terminated"' - - always: - - name: Terminate instance - ec2: - instance_ids: "{{ basic_instance.instance_ids }}" - state: absent - wait: false - register: removed - until: removed is not failed - ignore_errors: yes - retries: 10 diff --git a/test/integration/targets/ec2_instance/tasks/cpu_options.yml b/test/integration/targets/ec2_instance/tasks/cpu_options.yml deleted file mode 100644 index b160a8ef9ad..00000000000 --- a/test/integration/targets/ec2_instance/tasks/cpu_options.yml +++ /dev/null @@ -1,86 +0,0 @@ -- block: - - name: create t3.nano instance with cpu_options - ec2_instance: - name: "{{ resource_prefix }}-test-t3nano-1-threads-per-core" - image_id: "{{ ec2_ami_image }}" - tags: - TestId: "{{ resource_prefix }}" - vpc_subnet_id: "{{ testing_subnet_a.subnet.id }}" - instance_type: t3.nano - cpu_options: - core_count: 1 - threads_per_core: 1 - wait: false - register: instance_creation - - - name: instance with cpu_options created with the right options - assert: - that: - - instance_creation is success - - instance_creation is changed - - - name: modify cpu_options on existing instance (warning displayed) - ec2_instance: - state: present - name: "{{ resource_prefix }}-test-t3nano-1-threads-per-core" - image_id: "{{ ec2_ami_image }}" - tags: - TestId: "{{ resource_prefix }}" - vpc_subnet_id: "{{ testing_subnet_a.subnet.id }}" - instance_type: t3.nano - cpu_options: - core_count: 1 - threads_per_core: 2 - wait: false - register: cpu_options_update - ignore_errors: yes - - - name: "fact presented ec2 instance" - ec2_instance_info: - filters: - "tag:Name": "{{ resource_prefix }}-test-t3nano-1-threads-per-core" - register: presented_instance_fact - - - name: modify cpu_options has no effect on existing instance - assert: - that: - - cpu_options_update is success - - cpu_options_update is not changed - - "{{ presented_instance_fact.instances | length }} > 0" - - "'{{ presented_instance_fact.instances.0.state.name }}' in ['running','pending']" - - "{{ presented_instance_fact.instances.0.cpu_options.core_count }} == 1" - - "{{ presented_instance_fact.instances.0.cpu_options.threads_per_core }} == 1" - - - name: create t3.nano instance with cpu_options(check mode) - ec2_instance: - name: "{{ resource_prefix }}-test-t3nano-1-threads-per-core-checkmode" - image_id: "{{ ec2_ami_image }}" - tags: - TestId: "{{ resource_prefix }}" - vpc_subnet_id: "{{ testing_subnet_a.subnet.id }}" - instance_type: t3.nano - cpu_options: - core_count: 1 - threads_per_core: 1 - check_mode: yes - - - name: "fact checkmode ec2 instance" - ec2_instance_info: - filters: - "tag:Name": "{{ resource_prefix }}-test-t3nano-1-threads-per-core-checkmode" - register: checkmode_instance_fact - - - name: "Confirm existence of instance id." - assert: - that: - - "{{ checkmode_instance_fact.instances | length }} == 0" - - always: - - name: Terminate instances - ec2_instance: - filters: - tag:TestId: "{{ resource_prefix }}" - state: absent - wait: false - register: result - ignore_errors: yes diff --git a/test/integration/targets/ec2_instance/tasks/default_vpc_tests.yml b/test/integration/targets/ec2_instance/tasks/default_vpc_tests.yml deleted file mode 100644 index b25ef14e37a..00000000000 --- a/test/integration/targets/ec2_instance/tasks/default_vpc_tests.yml +++ /dev/null @@ -1,53 +0,0 @@ -- block: - - name: Make instance in a default subnet of the VPC - ec2_instance: - name: "{{ resource_prefix }}-test-default-vpc" - image_id: "{{ ec2_ami_image }}" - tags: - TestId: "{{ resource_prefix }}" - security_groups: "{{ sg.group_id }}" - instance_type: "{{ ec2_instance_type }}" - wait: false - register: in_default_vpc - - - name: Make instance in a default subnet of the VPC(check mode) - ec2_instance: - name: "{{ resource_prefix }}-test-default-vpc-checkmode" - image_id: "{{ ec2_ami_image }}" - tags: - TestId: "{{ resource_prefix }}" - security_groups: "{{ sg.group_id }}" - instance_type: "{{ ec2_instance_type }}" - check_mode: yes - - - name: "fact presented ec2 instance" - ec2_instance_info: - filters: - "tag:Name": "{{ resource_prefix }}-test-default-vpc" - register: presented_instance_fact - - - name: "fact checkmode ec2 instance" - ec2_instance_info: - filters: - "tag:Name": "{{ resource_prefix }}-test-default-vpc-checkmode" - register: checkmode_instance_fact - - - name: "Confirm whether the check mode is working normally." - assert: - that: - - "{{ presented_instance_fact.instances | length }} > 0" - - "{{ checkmode_instance_fact.instances | length }} == 0" - - - name: Terminate instances - ec2_instance: - instance_ids: "{{ in_default_vpc.instance_ids }}" - state: absent - - always: - - name: Terminate test-default-vpc instance - ec2_instance: - filters: - "tag:Name": "{{ resource_prefix }}-test-default-vpc" - state: absent - wait: false - ignore_errors: yes diff --git a/test/integration/targets/ec2_instance/tasks/env_setup.yml b/test/integration/targets/ec2_instance/tasks/env_setup.yml deleted file mode 100644 index 193494a3da9..00000000000 --- a/test/integration/targets/ec2_instance/tasks/env_setup.yml +++ /dev/null @@ -1,74 +0,0 @@ -- name: fetch AZ availability - aws_az_info: - register: az_info -- name: Assert that we have multiple AZs available to us - assert: - that: az_info.availability_zones | length >= 2 - -- name: pick AZs - set_fact: - subnet_a_az: '{{ az_info.availability_zones[0].zone_name }}' - subnet_b_az: '{{ az_info.availability_zones[1].zone_name }}' - -- name: Create VPC for use in testing - ec2_vpc_net: - name: "{{ vpc_name }}" - cidr_block: "{{ vpc_cidr }}" - tags: - Name: Ansible ec2_instance Testing VPC - tenancy: default - register: testing_vpc - -- name: Create internet gateway for use in testing - ec2_vpc_igw: - vpc_id: "{{ testing_vpc.vpc.id }}" - state: present - register: igw - -- name: Create default subnet in zone A - ec2_vpc_subnet: - state: present - vpc_id: "{{ testing_vpc.vpc.id }}" - cidr: "{{ subnet_a_cidr }}" - az: "{{ subnet_a_az }}" - resource_tags: - Name: "{{ resource_prefix }}-subnet-a" - register: testing_subnet_a - -- name: Create secondary subnet in zone B - ec2_vpc_subnet: - state: present - vpc_id: "{{ testing_vpc.vpc.id }}" - cidr: "{{ subnet_b_cidr }}" - az: "{{ subnet_b_az }}" - resource_tags: - Name: "{{ resource_prefix }}-subnet-b" - register: testing_subnet_b - -- name: create routing rules - ec2_vpc_route_table: - vpc_id: "{{ testing_vpc.vpc.id }}" - tags: - created: "{{ resource_prefix }}-route" - routes: - - dest: 0.0.0.0/0 - gateway_id: "{{ igw.gateway_id }}" - subnets: - - "{{ testing_subnet_a.subnet.id }}" - - "{{ testing_subnet_b.subnet.id }}" - -- name: create a security group with the vpc - ec2_group: - name: "{{ resource_prefix }}-sg" - description: a security group for ansible tests - vpc_id: "{{ testing_vpc.vpc.id }}" - rules: - - proto: tcp - from_port: 22 - to_port: 22 - cidr_ip: 0.0.0.0/0 - - proto: tcp - from_port: 80 - to_port: 80 - cidr_ip: 0.0.0.0/0 - register: sg diff --git a/test/integration/targets/ec2_instance/tasks/external_resource_attach.yml b/test/integration/targets/ec2_instance/tasks/external_resource_attach.yml deleted file mode 100644 index 571782e956c..00000000000 --- a/test/integration/targets/ec2_instance/tasks/external_resource_attach.yml +++ /dev/null @@ -1,124 +0,0 @@ -- block: - # Make custom ENIs and attach via the `network` parameter - - ec2_eni: - delete_on_termination: true - subnet_id: "{{ testing_subnet_b.subnet.id }}" - security_groups: - - "{{ sg.group_id }}" - register: eni_a - - - ec2_eni: - delete_on_termination: true - subnet_id: "{{ testing_subnet_b.subnet.id }}" - security_groups: - - "{{ sg.group_id }}" - register: eni_b - - - ec2_eni: - delete_on_termination: true - subnet_id: "{{ testing_subnet_b.subnet.id }}" - security_groups: - - "{{ sg.group_id }}" - register: eni_c - - - ec2_key: - name: "{{ resource_prefix }}_test_key" - - - name: Make instance in the testing subnet created in the test VPC - ec2_instance: - name: "{{ resource_prefix }}-test-eni-vpc" - key_name: "{{ resource_prefix }}_test_key" - network: - interfaces: - - id: "{{ eni_a.interface.id }}" - image_id: "{{ ec2_ami_image }}" - availability_zone: '{{ subnet_b_az }}' - tags: - TestId: "{{ resource_prefix }}" - instance_type: "{{ ec2_instance_type }}" - wait: false - register: in_test_vpc - - - name: "Gather {{ resource_prefix }}-test-eni-vpc info" - ec2_instance_info: - filters: - "tag:Name": '{{ resource_prefix }}-test-eni-vpc' - register: in_test_vpc_instance - - - assert: - that: - - 'in_test_vpc_instance.instances.0.key_name == "{{ resource_prefix }}_test_key"' - - '(in_test_vpc_instance.instances.0.network_interfaces | length) == 1' - - - name: Add a second interface - ec2_instance: - name: "{{ resource_prefix }}-test-eni-vpc" - network: - interfaces: - - id: "{{ eni_a.interface.id }}" - - id: "{{ eni_b.interface.id }}" - image_id: "{{ ec2_ami_image }}" - tags: - TestId: "{{ resource_prefix }}" - instance_type: "{{ ec2_instance_type }}" - wait: false - register: add_interface - until: add_interface is not failed - ignore_errors: yes - retries: 10 - - - name: Make instance in the testing subnet created in the test VPC(check mode) - ec2_instance: - name: "{{ resource_prefix }}-test-eni-vpc-checkmode" - key_name: "{{ resource_prefix }}_test_key" - network: - interfaces: - - id: "{{ eni_c.interface.id }}" - image_id: "{{ ec2_ami_image }}" - availability_zone: '{{ subnet_b_az }}' - tags: - TestId: "{{ resource_prefix }}" - instance_type: "{{ ec2_instance_type }}" - check_mode: yes - - - name: "fact presented ec2 instance" - ec2_instance_info: - filters: - "tag:Name": "{{ resource_prefix }}-test-eni-vpc" - register: presented_instance_fact - - - name: "fact checkmode ec2 instance" - ec2_instance_info: - filters: - "tag:Name": "{{ resource_prefix }}-test-eni-vpc-checkmode" - register: checkmode_instance_fact - - - name: "Confirm existence of instance id." - assert: - that: - - "{{ presented_instance_fact.instances | length }} > 0" - - "{{ checkmode_instance_fact.instances | length }} == 0" - - always: - - name: Terminate instance - ec2_instance: - instance_ids: "{{ in_test_vpc.instance_ids }}" - state: absent - # We can't delete the ENIs until we've deleted all the instances - wait: yes - register: result - ignore_errors: yes - - - ec2_key: - name: "{{ resource_prefix }}_test_key" - state: absent - ignore_errors: yes - - - ec2_eni: - eni_id: '{{ item.interface.id }}' - state: absent - ignore_errors: yes - with_items: - - '{{ eni_a }}' - - '{{ eni_b }}' - - '{{ eni_c }}' diff --git a/test/integration/targets/ec2_instance/tasks/iam_instance_role.yml b/test/integration/targets/ec2_instance/tasks/iam_instance_role.yml deleted file mode 100644 index 9c906e32247..00000000000 --- a/test/integration/targets/ec2_instance/tasks/iam_instance_role.yml +++ /dev/null @@ -1,116 +0,0 @@ -- block: - - name: Create IAM role for test - iam_role: - name: "ansible-test-sts-{{ resource_prefix }}-test-policy" - assume_role_policy_document: "{{ lookup('file','assume-role-policy.json') }}" - state: present - create_instance_profile: yes - managed_policy: - - AmazonEC2ContainerServiceRole - register: iam_role - - - name: Create second IAM role for test - iam_role: - name: "ansible-test-sts-{{ resource_prefix }}-test-policy-2" - assume_role_policy_document: "{{ lookup('file','assume-role-policy.json') }}" - state: present - create_instance_profile: yes - managed_policy: - - AmazonEC2ContainerServiceRole - register: iam_role_2 - - - name: wait 10 seconds for roles to become available - pause: - seconds: 10 - - - name: Make instance with an instance_role - ec2_instance: - name: "{{ resource_prefix }}-test-instance-role" - image_id: "{{ ec2_ami_image }}" - security_groups: "{{ sg.group_id }}" - instance_type: "{{ ec2_instance_type }}" - instance_role: "ansible-test-sts-{{ resource_prefix }}-test-policy" - register: instance_with_role - - - assert: - that: - - 'instance_with_role.instances[0].iam_instance_profile.arn == iam_role.arn.replace(":role/", ":instance-profile/")' - - - name: Make instance with an instance_role(check mode) - ec2_instance: - name: "{{ resource_prefix }}-test-instance-role-checkmode" - image_id: "{{ ec2_ami_image }}" - security_groups: "{{ sg.group_id }}" - instance_type: "{{ ec2_instance_type }}" - instance_role: "{{ iam_role.arn.replace(':role/', ':instance-profile/') }}" - check_mode: yes - - - name: "fact presented ec2 instance" - ec2_instance_info: - filters: - "tag:Name": "{{ resource_prefix }}-test-instance-role" - register: presented_instance_fact - - - name: "fact checkmode ec2 instance" - ec2_instance_info: - filters: - "tag:Name": "{{ resource_prefix }}-test-instance-role-checkmode" - register: checkmode_instance_fact - - - name: "Confirm whether the check mode is working normally." - assert: - that: - - "{{ presented_instance_fact.instances | length }} > 0" - - "{{ checkmode_instance_fact.instances | length }} == 0" - - - name: Update instance with new instance_role - ec2_instance: - name: "{{ resource_prefix }}-test-instance-role" - image_id: "{{ ec2_ami_image }}" - security_groups: "{{ sg.group_id }}" - instance_type: "{{ ec2_instance_type }}" - instance_role: "{{ iam_role_2.arn.replace(':role/', ':instance-profile/') }}" - register: instance_with_updated_role - - # XXX We shouldn't need this - - name: wait 10 seconds for role update to complete - pause: - seconds: 10 - - - name: "fact checkmode ec2 instance" - ec2_instance_info: - filters: - "tag:Name": "{{ resource_prefix }}-test-instance-role" - register: updates_instance_info - - - assert: - that: - - 'updates_instance_info.instances[0].iam_instance_profile.arn == iam_role_2.arn.replace(":role/", ":instance-profile/")' - - 'updates_instance_info.instances[0].instance_id == instance_with_role.instances[0].instance_id' - - always: - - name: Terminate instance - ec2: - instance_ids: "{{ instance_with_role.instance_ids }}" - state: absent - wait: no - register: removed - until: removed is not failed - ignore_errors: yes - retries: 10 - - - name: Delete IAM role for test - iam_role: - name: "{{ item }}" - assume_role_policy_document: "{{ lookup('file','assume-role-policy.json') }}" - state: absent - create_instance_profile: yes - managed_policy: - - AmazonEC2ContainerServiceRole - loop: - - "ansible-test-sts-{{ resource_prefix }}-test-policy" - - "ansible-test-sts-{{ resource_prefix }}-test-policy-2" - register: removed - until: removed is not failed - ignore_errors: yes - retries: 10 diff --git a/test/integration/targets/ec2_instance/tasks/main.yml b/test/integration/targets/ec2_instance/tasks/main.yml deleted file mode 100644 index 852d895bdfc..00000000000 --- a/test/integration/targets/ec2_instance/tasks/main.yml +++ /dev/null @@ -1,54 +0,0 @@ ---- -# This test suite is currently marked "unsupported" because it takes too long to -# run within the 'shippable' test environment. -# If a test suite runs longer than around 15 minutes aws-terminator can start -# pulling resources created at the start of the test out from under it. -# -# ############################################################################### -# -# A Note about ec2 environment variable name preference: -# - EC2_URL -> AWS_URL -# - EC2_ACCESS_KEY -> AWS_ACCESS_KEY_ID -> AWS_ACCESS_KEY -# - EC2_SECRET_KEY -> AWS_SECRET_ACCESS_KEY -> AWX_SECRET_KEY -# - EC2_REGION -> AWS_REGION -# - -- name: Wrap up all tests and setup AWS credentials - module_defaults: - group/aws: - aws_access_key: "{{ aws_access_key }}" - aws_secret_key: "{{ aws_secret_key }}" - security_token: "{{ security_token | default(omit) }}" - region: "{{ aws_region }}" - block: - - - name: Find AMI to use - ec2_ami_info: - owners: 'amazon' - filters: - name: '{{ ec2_ami_name }}' - register: ec2_amis - - name: Set fact with latest AMI - vars: - latest_ami: '{{ ec2_amis.images | sort(attribute="creation_date") | last }}' - set_fact: - ec2_ami_image: '{{ latest_ami.image_id }}' - - - include_tasks: version_fail_wrapper.yml - - - include_tasks: env_setup.yml - - - include_tasks: cpu_options.yml - - include_tasks: termination_protection.yml - - include_tasks: tags_and_vpc_settings.yml - - include_tasks: external_resource_attach.yml - - include_tasks: block_devices.yml - - include_tasks: default_vpc_tests.yml - - include_tasks: iam_instance_role.yml - - include_tasks: checkmode_tests.yml - - include_tasks: ebs_optimized.yml - - include_tasks: instance_no_wait.yml - - always: - - include_tasks: env_cleanup.yml - when: aws_cleanup diff --git a/test/integration/targets/ec2_instance/tasks/tags_and_vpc_settings.yml b/test/integration/targets/ec2_instance/tasks/tags_and_vpc_settings.yml deleted file mode 100644 index f56d6430d96..00000000000 --- a/test/integration/targets/ec2_instance/tasks/tags_and_vpc_settings.yml +++ /dev/null @@ -1,154 +0,0 @@ -- block: - - name: Make instance in the testing subnet created in the test VPC - ec2_instance: - name: "{{ resource_prefix }}-test-basic-vpc-create" - image_id: "{{ ec2_ami_image }}" - user_data: | - #cloud-config - package_upgrade: true - package_update: true - tags: - TestId: "{{ resource_prefix }}" - Something: else - security_groups: "{{ sg.group_id }}" - network: - source_dest_check: false - vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" - instance_type: "{{ ec2_instance_type }}" - wait: false - register: in_test_vpc - - - name: Make instance in the testing subnet created in the test VPC(check mode) - ec2_instance: - name: "{{ resource_prefix }}-test-basic-vpc-create-checkmode" - image_id: "{{ ec2_ami_image }}" - user_data: | - #cloud-config - package_upgrade: true - package_update: true - tags: - TestId: "{{ resource_prefix }}" - Something: else - security_groups: "{{ sg.group_id }}" - network: - source_dest_check: false - vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" - instance_type: "{{ ec2_instance_type }}" - check_mode: yes - - - name: Try to re-make the instance, hopefully this shows changed=False - ec2_instance: - name: "{{ resource_prefix }}-test-basic-vpc-create" - image_id: "{{ ec2_ami_image }}" - user_data: | - #cloud-config - package_upgrade: true - package_update: true - tags: - TestId: "{{ resource_prefix }}" - Something: else - security_groups: "{{ sg.group_id }}" - vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" - instance_type: "{{ ec2_instance_type }}" - register: remake_in_test_vpc - - name: "Remaking the same instance resulted in no changes" - assert: - that: not remake_in_test_vpc.changed - - name: check that instance IDs match anyway - assert: - that: 'remake_in_test_vpc.instance_ids[0] == in_test_vpc.instance_ids[0]' - - name: check that source_dest_check was set to false - assert: - that: 'not remake_in_test_vpc.instances[0].source_dest_check' - - - name: "fact presented ec2 instance" - ec2_instance_info: - filters: - "tag:Name": "{{ resource_prefix }}-test-basic-vpc-create" - register: presented_instance_fact - - - name: "fact checkmode ec2 instance" - ec2_instance_info: - filters: - "tag:Name": "{{ resource_prefix }}-test-basic-vpc-create-checkmode" - register: checkmode_instance_fact - - - name: "Confirm whether the check mode is working normally." - assert: - that: - - "{{ presented_instance_fact.instances | length }} > 0" - - "{{ checkmode_instance_fact.instances | length }} == 0" - - - name: Alter it by adding tags - ec2_instance: - name: "{{ resource_prefix }}-test-basic-vpc-create" - image_id: "{{ ec2_ami_image }}" - tags: - TestId: "{{ resource_prefix }}" - Another: thing - security_groups: "{{ sg.group_id }}" - vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" - instance_type: "{{ ec2_instance_type }}" - register: add_another_tag - - - ec2_instance_info: - instance_ids: "{{ add_another_tag.instance_ids }}" - register: check_tags - - name: "Remaking the same instance resulted in no changes" - assert: - that: - - check_tags.instances[0].tags.Another == 'thing' - - check_tags.instances[0].tags.Something == 'else' - - - name: Purge a tag - ec2_instance: - name: "{{ resource_prefix }}-test-basic-vpc-create" - image_id: "{{ ec2_ami_image }}" - purge_tags: true - tags: - TestId: "{{ resource_prefix }}" - Another: thing - security_groups: "{{ sg.group_id }}" - vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" - instance_type: "{{ ec2_instance_type }}" - - - ec2_instance_info: - instance_ids: "{{ add_another_tag.instance_ids }}" - register: check_tags - - - name: "Remaking the same instance resulted in no changes" - assert: - that: - - "'Something' not in check_tags.instances[0].tags" - - - name: check that subnet-default public IP rule was followed - assert: - that: - - check_tags.instances[0].public_dns_name == "" - - check_tags.instances[0].private_ip_address.startswith(subnet_b_startswith) - - check_tags.instances[0].subnet_id == testing_subnet_b.subnet.id - - name: check that tags were applied - assert: - that: - - check_tags.instances[0].tags.Name.startswith(resource_prefix) - - "'{{ check_tags.instances[0].state.name }}' in ['pending', 'running']" - - - name: Terminate instance - ec2_instance: - filters: - tag:TestId: "{{ resource_prefix }}" - state: absent - wait: false - register: result - - assert: - that: result.changed - - always: - - name: Terminate instance - ec2_instance: - filters: - tag:TestId: "{{ resource_prefix }}" - state: absent - wait: false - register: result - ignore_errors: yes diff --git a/test/integration/targets/ec2_instance/tasks/termination_protection.yml b/test/integration/targets/ec2_instance/tasks/termination_protection.yml deleted file mode 100644 index 88ea2326bf0..00000000000 --- a/test/integration/targets/ec2_instance/tasks/termination_protection.yml +++ /dev/null @@ -1,92 +0,0 @@ -- block: - - name: Make termination-protected instance in the testing subnet created in the test VPC - ec2_instance: - name: "{{ resource_prefix }}-test-protected-instance-in-vpc" - image_id: "{{ ec2_ami_image }}" - tags: - TestId: "{{ resource_prefix }}" - security_groups: "{{ sg.group_id }}" - vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" - termination_protection: true - instance_type: "{{ ec2_instance_type }}" - state: running - wait: yes - register: in_test_vpc - - - name: Make termination-protected instance in the testing subnet created in the test VPC(check mode) - ec2_instance: - name: "{{ resource_prefix }}-test-protected-instance-in-vpc-checkmode" - image_id: "{{ ec2_ami_image }}" - tags: - TestId: "{{ resource_prefix }}" - security_groups: "{{ sg.group_id }}" - vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" - termination_protection: true - instance_type: "{{ ec2_instance_type }}" - check_mode: yes - - - name: "fact presented ec2 instance" - ec2_instance_info: - filters: - "tag:Name": "{{ resource_prefix }}-test-protected-instance-in-vpc" - "instance-state-name": "running" - register: presented_instance_fact - - - name: "fact checkmode ec2 instance" - ec2_instance_info: - filters: - "tag:Name": "{{ resource_prefix }}-test-protected-instance-in-vpc-checkmode" - register: checkmode_instance_fact - - - name: "Confirm whether the check mode is working normally." - assert: - that: - - "{{ presented_instance_fact.instances | length }} > 0" - - "'{{ presented_instance_fact.instances.0.state.name }}' in ['running', 'pending']" - - "{{ checkmode_instance_fact.instances | length }} == 0" - - - name: Try to terminate the instance - ec2_instance: - state: absent - name: "{{ resource_prefix }}-test-protected-instance-in-vpc" - image_id: "{{ ec2_ami_image }}" - tags: - TestId: "{{ resource_prefix }}" - security_groups: "{{ sg.group_id }}" - vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" - termination_protection: true - instance_type: "{{ ec2_instance_type }}" - register: bad_terminate - ignore_errors: yes - - name: Cannot terminate protected instance - assert: - that: - - bad_terminate is failed - - name: Alter termination protection setting - ec2_instance: - name: "{{ resource_prefix }}-test-protected-instance-in-vpc" - image_id: "{{ ec2_ami_image }}" - vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" - termination_protection: false - instance_type: "{{ ec2_instance_type }}" - - name: Try to terminate the instance again (should work) - ec2_instance: - name: "{{ resource_prefix }}-test-protected-instance-in-vpc" - image_id: "{{ ec2_ami_image }}" - vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" - instance_type: "{{ ec2_instance_type }}" - state: absent - wait: false - register: terminate_results - - assert: - that: terminate_results is not failed - - always: - - name: Terminate instance - ec2_instance: - filters: - tag:TestId: "{{ resource_prefix }}" - state: absent - wait: false - register: result - ignore_errors: yes diff --git a/test/integration/targets/ec2_instance/tasks/version_fail.yml b/test/integration/targets/ec2_instance/tasks/version_fail.yml deleted file mode 100644 index e69f66cc2fb..00000000000 --- a/test/integration/targets/ec2_instance/tasks/version_fail.yml +++ /dev/null @@ -1,26 +0,0 @@ -- block: - - name: create t3.nano with cpu options (fails gracefully) - ec2_instance: - state: present - name: "ansible-test-{{ resource_prefix | regex_search('([0-9]+)$') }}-ec2" - image_id: "{{ ec2_ami_image }}" - instance_type: "t3.nano" - cpu_options: - core_count: 1 - threads_per_core: 1 - register: ec2_instance_cpu_options_creation - ignore_errors: yes - - - name: check that graceful error message is returned when creation with cpu_options and old botocore - assert: - that: - - ec2_instance_cpu_options_creation.failed - - 'ec2_instance_cpu_options_creation.msg == "cpu_options is only supported with botocore >= 1.10.16"' - - always: - - name: cleanup t3.nano in case graceful failure was in fact a graceful success - ec2_instance: - state: absent - name: "ansible-test-{{ resource_prefix | regex_search('([0-9]+)$') }}-ec2" - wait: no - ignore_errors: yes