Fix broken aws_ses_identity test - backport #39560 (#40350)

* Fix failing aws_ses_identity integration tests (#39560)

* Fix failing aws_ses_identity integration tests

Reduce boilerplate with yaml anchor

* remove unstable test alias

* Update feedback forwarding check to use desired state rather than
repeated API calls.

(cherry picked from commit 571c183f59)

* changelog
pull/40917/head
Sloane Hertel 7 years ago committed by Matt Davis
parent be46ea7bf2
commit b1c4d6310d

@ -0,0 +1,3 @@
---
bugfixes:
- To disable feedback forwarding with aws_ses_identity require SNS topics to handle bounces and complaints.

@ -309,8 +309,15 @@ def get_identity_notifications(connection, module, identity, retries=0, retryDel
return notification_attributes[identity] return notification_attributes[identity]
def update_notification_topic(connection, module, identity, identity_notifications, notification_type): def desired_topic(module, notification_type):
arg_dict = module.params.get(notification_type.lower() + '_notifications') arg_dict = module.params.get(notification_type.lower() + '_notifications')
if arg_dict:
return arg_dict.get('topic', None)
else:
return None
def update_notification_topic(connection, module, identity, identity_notifications, notification_type):
topic_key = notification_type + 'Topic' topic_key = notification_type + 'Topic'
if identity_notifications is None: if identity_notifications is None:
# If there is no configuration for notifications cannot be being sent to topics # If there is no configuration for notifications cannot be being sent to topics
@ -325,10 +332,7 @@ def update_notification_topic(connection, module, identity, identity_notificatio
# included but best to be defensive # included but best to be defensive
current = None current = None
if arg_dict is not None and 'topic' in arg_dict: required = desired_topic(module, notification_type)
required = arg_dict['topic']
else:
required = None
if current != required: if current != required:
call_and_handle_errors( call_and_handle_errors(
@ -375,6 +379,11 @@ def update_notification_topic_headers(connection, module, identity, identity_not
def update_feedback_forwarding(connection, module, identity, identity_notifications): def update_feedback_forwarding(connection, module, identity, identity_notifications):
if module.params.get('feedback_forwarding') is False:
if not (desired_topic(module, 'Bounce') and desired_topic(module, 'Complaint')):
module.fail_json(msg="Invalid Parameter Value 'False' for 'feedback_forwarding'. AWS requires "
"feedback forwarding to be enabled unless bounces and complaints are handled by SNS topics")
if identity_notifications is None: if identity_notifications is None:
# AWS requires feedback forwarding to be enabled unless bounces and complaints # AWS requires feedback forwarding to be enabled unless bounces and complaints
# are being handled by SNS topics. So in the absence of identity_notifications # are being handled by SNS topics. So in the absence of identity_notifications

@ -1,3 +1,2 @@
cloud/aws cloud/aws
posix/ci/cloud/group4/aws posix/ci/cloud/group4/aws
unstable

@ -1,15 +1,21 @@
--- ---
# ============================================================ # ============================================================
- name: set up aws connection info
set_fact:
aws_connection_info: &aws_connection_info
aws_access_key: "{{ aws_access_key }}"
aws_secret_key: "{{ aws_secret_key }}"
security_token: "{{ security_token }}"
region: "{{ aws_region }}"
no_log: yes
- name: test register email identity - name: test register email identity
block: block:
- name: register email identity - name: register email identity
aws_ses_identity: aws_ses_identity:
identity: "{{ email_identity }}" identity: "{{ email_identity }}"
state: present state: present
region: "{{ ec2_region }}" <<: *aws_connection_info
aws_access_key: "{{ ec2_access_key }}"
aws_secret_key: "{{ ec2_secret_key }}"
security_token: "{{security_token}}"
register: result register: result
- name: assert changed is True - name: assert changed is True
assert: assert:
@ -23,10 +29,7 @@
aws_ses_identity: aws_ses_identity:
identity: "{{ email_identity }}" identity: "{{ email_identity }}"
state: absent state: absent
region: "{{ ec2_region }}" <<: *aws_connection_info
aws_access_key: "{{ ec2_access_key }}"
aws_secret_key: "{{ ec2_secret_key }}"
security_token: "{{security_token}}"
# ============================================================ # ============================================================
- name: test register domain identity - name: test register domain identity
block: block:
@ -34,10 +37,7 @@
aws_ses_identity: aws_ses_identity:
identity: "{{ domain_identity }}" identity: "{{ domain_identity }}"
state: present state: present
region: "{{ ec2_region }}" <<: *aws_connection_info
aws_access_key: "{{ ec2_access_key }}"
aws_secret_key: "{{ ec2_secret_key }}"
security_token: "{{security_token}}"
register: result register: result
- name: assert changed is True - name: assert changed is True
assert: assert:
@ -55,10 +55,7 @@
aws_ses_identity: aws_ses_identity:
identity: "{{ domain_identity }}" identity: "{{ domain_identity }}"
state: absent state: absent
region: "{{ ec2_region }}" <<: *aws_connection_info
aws_access_key: "{{ ec2_access_key }}"
aws_secret_key: "{{ ec2_secret_key }}"
security_token: "{{security_token}}"
# ============================================================ # ============================================================
- name: test email_identity unchanged when already existing - name: test email_identity unchanged when already existing
block: block:
@ -66,18 +63,12 @@
aws_ses_identity: aws_ses_identity:
identity: "{{ email_identity }}" identity: "{{ email_identity }}"
state: present state: present
region: "{{ ec2_region }}" <<: *aws_connection_info
aws_access_key: "{{ ec2_access_key }}"
aws_secret_key: "{{ ec2_secret_key }}"
security_token: "{{security_token}}"
- name: duplicate register identity - name: duplicate register identity
aws_ses_identity: aws_ses_identity:
identity: "{{ email_identity }}" identity: "{{ email_identity }}"
state: present state: present
region: "{{ ec2_region }}" <<: *aws_connection_info
aws_access_key: "{{ ec2_access_key }}"
aws_secret_key: "{{ ec2_secret_key }}"
security_token: "{{security_token}}"
register: result register: result
- name: assert changed is False - name: assert changed is False
assert: assert:
@ -91,10 +82,7 @@
aws_ses_identity: aws_ses_identity:
identity: "{{ email_identity }}" identity: "{{ email_identity }}"
state: absent state: absent
region: "{{ ec2_region }}" <<: *aws_connection_info
aws_access_key: "{{ ec2_access_key }}"
aws_secret_key: "{{ ec2_secret_key }}"
security_token: "{{security_token}}"
# ============================================================ # ============================================================
- name: test domain_identity unchanged when already existing - name: test domain_identity unchanged when already existing
block: block:
@ -102,18 +90,12 @@
aws_ses_identity: aws_ses_identity:
identity: "{{ domain_identity }}" identity: "{{ domain_identity }}"
state: present state: present
region: "{{ ec2_region }}" <<: *aws_connection_info
aws_access_key: "{{ ec2_access_key }}"
aws_secret_key: "{{ ec2_secret_key }}"
security_token: "{{security_token}}"
- name: duplicate register identity - name: duplicate register identity
aws_ses_identity: aws_ses_identity:
identity: "{{ domain_identity }}" identity: "{{ domain_identity }}"
state: present state: present
region: "{{ ec2_region }}" <<: *aws_connection_info
aws_access_key: "{{ ec2_access_key }}"
aws_secret_key: "{{ ec2_secret_key }}"
security_token: "{{security_token}}"
register: result register: result
- name: assert changed is False - name: assert changed is False
assert: assert:
@ -127,19 +109,13 @@
aws_ses_identity: aws_ses_identity:
identity: "{{ domain_identity }}" identity: "{{ domain_identity }}"
state: absent state: absent
region: "{{ ec2_region }}" <<: *aws_connection_info
aws_access_key: "{{ ec2_access_key }}"
aws_secret_key: "{{ ec2_secret_key }}"
security_token: "{{security_token}}"
# ============================================================ # ============================================================
- name: remove non-existent email identity - name: remove non-existent email identity
aws_ses_identity: aws_ses_identity:
identity: "{{ email_identity }}" identity: "{{ email_identity }}"
state: absent state: absent
region: "{{ ec2_region }}" <<: *aws_connection_info
aws_access_key: "{{ ec2_access_key }}"
aws_secret_key: "{{ ec2_secret_key }}"
security_token: "{{security_token}}"
register: result register: result
- name: assert changed is False - name: assert changed is False
assert: assert:
@ -150,10 +126,7 @@
aws_ses_identity: aws_ses_identity:
identity: "{{ domain_identity }}" identity: "{{ domain_identity }}"
state: absent state: absent
region: "{{ ec2_region }}" <<: *aws_connection_info
aws_access_key: "{{ ec2_access_key }}"
aws_secret_key: "{{ ec2_secret_key }}"
security_token: "{{security_token}}"
register: result register: result
- name: assert changed is False - name: assert changed is False
assert: assert:
@ -166,10 +139,7 @@
sns_topic: sns_topic:
name: "{{ notification_queue_name }}-{{ item }}" name: "{{ notification_queue_name }}-{{ item }}"
state: present state: present
region: "{{ ec2_region }}" <<: *aws_connection_info
aws_access_key: "{{ ec2_access_key }}"
aws_secret_key: "{{ ec2_secret_key }}"
security_token: "{{security_token}}"
register: topic_info register: topic_info
with_items: with_items:
- bounce - bounce
@ -185,10 +155,7 @@
topic: "{{ topic_info.results[1].sns_arn }}" topic: "{{ topic_info.results[1].sns_arn }}"
delivery_notifications: delivery_notifications:
topic: "{{ topic_info.results[2].sns_arn }}" topic: "{{ topic_info.results[2].sns_arn }}"
region: "{{ ec2_region }}" <<: *aws_connection_info
aws_access_key: "{{ ec2_access_key }}"
aws_secret_key: "{{ ec2_secret_key }}"
security_token: "{{security_token}}"
register: result register: result
- name: assert notification settings - name: assert notification settings
assert: assert:
@ -207,10 +174,7 @@
sns_topic: sns_topic:
name: "{{ notification_queue_name }}-{{ item }}" name: "{{ notification_queue_name }}-{{ item }}"
state: absent state: absent
region: "{{ ec2_region }}" <<: *aws_connection_info
aws_access_key: "{{ ec2_access_key }}"
aws_secret_key: "{{ ec2_secret_key }}"
security_token: "{{security_token}}"
with_items: with_items:
- bounce - bounce
- complaint - complaint
@ -219,10 +183,7 @@
aws_ses_identity: aws_ses_identity:
identity: "{{ email_identity }}" identity: "{{ email_identity }}"
state: absent state: absent
region: "{{ ec2_region }}" <<: *aws_connection_info
aws_access_key: "{{ ec2_access_key }}"
aws_secret_key: "{{ ec2_secret_key }}"
security_token: "{{security_token}}"
# ============================================================ # ============================================================
- name: test change notification queues after create - name: test change notification queues after create
block: block:
@ -230,10 +191,7 @@
sns_topic: sns_topic:
name: "{{ notification_queue_name }}-{{ item }}" name: "{{ notification_queue_name }}-{{ item }}"
state: present state: present
region: "{{ ec2_region }}" <<: *aws_connection_info
aws_access_key: "{{ ec2_access_key }}"
aws_secret_key: "{{ ec2_secret_key }}"
security_token: "{{security_token}}"
register: topic_info register: topic_info
with_items: with_items:
- bounce - bounce
@ -243,10 +201,7 @@
aws_ses_identity: aws_ses_identity:
identity: "{{ email_identity }}" identity: "{{ email_identity }}"
state: present state: present
region: "{{ ec2_region }}" <<: *aws_connection_info
aws_access_key: "{{ ec2_access_key }}"
aws_secret_key: "{{ ec2_secret_key }}"
security_token: "{{security_token}}"
- name: set notification topics - name: set notification topics
aws_ses_identity: aws_ses_identity:
identity: "{{ email_identity }}" identity: "{{ email_identity }}"
@ -257,10 +212,7 @@
topic: "{{ topic_info.results[1].sns_arn }}" topic: "{{ topic_info.results[1].sns_arn }}"
delivery_notifications: delivery_notifications:
topic: "{{ topic_info.results[2].sns_arn }}" topic: "{{ topic_info.results[2].sns_arn }}"
region: "{{ ec2_region }}" <<: *aws_connection_info
aws_access_key: "{{ ec2_access_key }}"
aws_secret_key: "{{ ec2_secret_key }}"
security_token: "{{security_token}}"
register: result register: result
- name: assert changed is True - name: assert changed is True
assert: assert:
@ -277,10 +229,7 @@
sns_topic: sns_topic:
name: "{{ notification_queue_name }}-{{ item }}" name: "{{ notification_queue_name }}-{{ item }}"
state: absent state: absent
region: "{{ ec2_region }}" <<: *aws_connection_info
aws_access_key: "{{ ec2_access_key }}"
aws_secret_key: "{{ ec2_secret_key }}"
security_token: "{{security_token}}"
with_items: with_items:
- bounce - bounce
- complaint - complaint
@ -289,10 +238,7 @@
aws_ses_identity: aws_ses_identity:
identity: "{{ email_identity }}" identity: "{{ email_identity }}"
state: absent state: absent
region: "{{ ec2_region }}" <<: *aws_connection_info
aws_access_key: "{{ ec2_access_key }}"
aws_secret_key: "{{ ec2_secret_key }}"
security_token: "{{security_token}}"
# ============================================================ # ============================================================
- name: test include headers on notification queues - name: test include headers on notification queues
block: block:
@ -306,10 +252,7 @@
include_headers: Yes include_headers: Yes
delivery_notifications: delivery_notifications:
include_headers: Yes include_headers: Yes
region: "{{ ec2_region }}" <<: *aws_connection_info
aws_access_key: "{{ ec2_access_key }}"
aws_secret_key: "{{ ec2_secret_key }}"
security_token: "{{security_token}}"
register: result register: result
- name: assert notification headers enabled - name: assert notification headers enabled
assert: assert:
@ -322,10 +265,7 @@
aws_ses_identity: aws_ses_identity:
identity: "{{ email_identity }}" identity: "{{ email_identity }}"
state: absent state: absent
region: "{{ ec2_region }}" <<: *aws_connection_info
aws_access_key: "{{ ec2_access_key }}"
aws_secret_key: "{{ ec2_secret_key }}"
security_token: "{{security_token}}"
# ============================================================ # ============================================================
- name: test disable feedback forwarding - name: test disable feedback forwarding
block: block:
@ -333,10 +273,7 @@
sns_topic: sns_topic:
name: "{{ notification_queue_name }}-{{ item }}" name: "{{ notification_queue_name }}-{{ item }}"
state: present state: present
region: "{{ ec2_region }}" <<: *aws_connection_info
aws_access_key: "{{ ec2_access_key }}"
aws_secret_key: "{{ ec2_secret_key }}"
security_token: "{{security_token}}"
register: topic_info register: topic_info
with_items: with_items:
- bounce - bounce
@ -350,10 +287,7 @@
complaint_notifications: complaint_notifications:
topic: "{{ topic_info.results[1].sns_arn }}" topic: "{{ topic_info.results[1].sns_arn }}"
feedback_forwarding: No feedback_forwarding: No
region: "{{ ec2_region }}" <<: *aws_connection_info
aws_access_key: "{{ ec2_access_key }}"
aws_secret_key: "{{ ec2_secret_key }}"
security_token: "{{security_token}}"
register: result register: result
- name: assert feedback_forwarding == False - name: assert feedback_forwarding == False
assert: assert:
@ -364,10 +298,7 @@
sns_topic: sns_topic:
name: "{{ notification_queue_name }}-{{ item }}" name: "{{ notification_queue_name }}-{{ item }}"
state: absent state: absent
region: "{{ ec2_region }}" <<: *aws_connection_info
aws_access_key: "{{ ec2_access_key }}"
aws_secret_key: "{{ ec2_secret_key }}"
security_token: "{{security_token}}"
with_items: with_items:
- bounce - bounce
- complaint - complaint
@ -375,10 +306,7 @@
aws_ses_identity: aws_ses_identity:
identity: "{{ email_identity }}" identity: "{{ email_identity }}"
state: absent state: absent
region: "{{ ec2_region }}" <<: *aws_connection_info
aws_access_key: "{{ ec2_access_key }}"
aws_secret_key: "{{ ec2_secret_key }}"
security_token: "{{security_token}}"
# ============================================================ # ============================================================
- name: test disable feedback forwarding fails if no topics - name: test disable feedback forwarding fails if no topics
block: block:
@ -387,22 +315,84 @@
identity: "{{ domain_identity }}" identity: "{{ domain_identity }}"
state: present state: present
feedback_forwarding: No feedback_forwarding: No
region: "{{ ec2_region }}" <<: *aws_connection_info
aws_access_key: "{{ ec2_access_key }}"
aws_secret_key: "{{ ec2_secret_key }}"
security_token: "{{security_token}}"
register: result register: result
failed_when: result.failed == False failed_when: result.failed == False
- name: assert error.code == InvalidParameterValue - name: assert error message starts with "Invalid Parameter Value"
assert: assert:
that: that:
- result.error.code == 'InvalidParameterValue' - '"Invalid Parameter Value" in result.msg'
always: always:
- name: cleanup identity - name: cleanup identity
aws_ses_identity: aws_ses_identity:
identity: "{{ domain_identity }}" identity: "{{ domain_identity }}"
state: absent state: absent
region: "{{ ec2_region }}" <<: *aws_connection_info
aws_access_key: "{{ ec2_access_key }}" # ============================================================
aws_secret_key: "{{ ec2_secret_key }}" - name: test disable feedback forwarding fails if no complaint topic
security_token: "{{security_token}}" block:
- name: test topic
sns_topic:
name: "{{ notification_queue_name }}-bounce"
state: present
<<: *aws_connection_info
register: topic_info
- name: register email identity
aws_ses_identity:
identity: "{{ email_identity }}"
state: present
bounce_notifications:
topic: "{{ topic_info.sns_arn }}"
feedback_forwarding: No
<<: *aws_connection_info
register: result
failed_when: result.failed == False
- name: assert error message starts with "Invalid Parameter Value"
assert:
that:
- '"Invalid Parameter Value" in result.msg'
always:
- name: cleanup topics
sns_topic:
name: "{{ notification_queue_name }}-bounce"
state: absent
<<: *aws_connection_info
- name: cleanup identity
aws_ses_identity:
identity: "{{ email_identity }}"
state: absent
<<: *aws_connection_info
# ============================================================
- name: test disable feedback forwarding fails if no bounce topic
block:
- name: test topic
sns_topic:
name: "{{ notification_queue_name }}-complaint"
state: present
<<: *aws_connection_info
register: topic_info
- name: register email identity
aws_ses_identity:
identity: "{{ email_identity }}"
state: present
complaint_notifications:
topic: "{{ topic_info.sns_arn }}"
feedback_forwarding: No
<<: *aws_connection_info
register: result
failed_when: result.failed == False
- name: assert error message starts with "Invalid Parameter Value"
assert:
that:
- '"Invalid Parameter Value" in result.msg'
always:
- name: cleanup topics
sns_topic:
name: "{{ notification_queue_name }}-complaint"
state: absent
<<: *aws_connection_info
- name: cleanup identity
aws_ses_identity:
identity: "{{ email_identity }}"
state: absent
<<: *aws_connection_info

Loading…
Cancel
Save