--- # tasks file for aws_codebuild - name: Run aws_codebuild integration tests. block: # ==================== preparations ======================================== - name: set connection information for all tasks set_fact: aws_connection_info: &aws_connection_info aws_access_key: "{{ aws_access_key }}" aws_secret_key: "{{ aws_secret_key }}" security_token: "{{ security_token }}" region: "{{ aws_region }}" no_log: yes - name: create IAM role needed for CodeBuild iam_role: name: "ansible-test-sts-{{ resource_prefix }}-codebuild-service-role" description: Role with permissions for CodeBuild actions. assume_role_policy_document: "{{ lookup('file', 'codebuild_iam_trust_policy.json') }}" state: present <<: *aws_connection_info register: codebuild_iam_role - name: Wait until IAM role is available pause: seconds: 10 - name: Set variable with aws account id set_fact: aws_account_id: "{{ codebuild_iam_role.iam_role.arn.split(':')[4] }}" # ================== integration test ========================================== - name: create CodeBuild project aws_codebuild: name: "{{ resource_prefix }}-test-ansible-codebuild" description: Build project for testing the Ansible aws_codebuild module service_role: "{{ codebuild_iam_role.iam_role.arn }}" timeout_in_minutes: 30 source: type: CODEPIPELINE buildspec: '' artifacts: namespace_type: NONE packaging: NONE type: CODEPIPELINE name: test environment: compute_type: BUILD_GENERAL1_SMALL privileged_mode: true image: 'aws/codebuild/docker:17.09.0' type: LINUX_CONTAINER environment_variables: - { name: 'FOO_ENV', value: 'other' } tags: - { key: 'purpose', value: 'ansible-test' } state: present <<: *aws_connection_info register: output - assert: that: - "output.project.description == 'Build project for testing the Ansible aws_codebuild module'" - name: idempotence check rerunning same Codebuild task aws_codebuild: name: "{{ resource_prefix }}-test-ansible-codebuild" description: Build project for testing the Ansible aws_codebuild module service_role: "{{ codebuild_iam_role.iam_role.arn }}" timeout_in_minutes: 30 source: type: CODEPIPELINE buildspec: '' artifacts: namespace_type: NONE packaging: NONE type: CODEPIPELINE name: test encryption_key: 'arn:aws:kms:{{ aws_region }}:{{ aws_account_id }}:alias/aws/s3' environment: compute_type: BUILD_GENERAL1_SMALL privileged_mode: true image: 'aws/codebuild/docker:17.09.0' type: LINUX_CONTAINER environment_variables: - { name: 'FOO_ENV', value: 'other' } tags: - { key: 'purpose', value: 'ansible-test' } state: present <<: *aws_connection_info register: rerun_test_output - assert: that: - "rerun_test_output.project.created == output.project.created" - name: delete CodeBuild project aws_codebuild: name: "{{ output.project.name }}" source: type: CODEPIPELINE buildspec: '' artifacts: {} state: absent <<: *aws_connection_info async: 300 # ============================== cleanup ====================================== always: - name: cleanup IAM role created for CodeBuild test iam_role: name: "{{ resource_prefix }}-codebuild-service-role" state: absent <<: *aws_connection_info