mirror of https://github.com/ansible/ansible.git
You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
128 lines
4.2 KiB
Python
128 lines
4.2 KiB
Python
"""AWS plugin for integration tests."""
|
|
from __future__ import (absolute_import, division, print_function)
|
|
__metaclass__ = type
|
|
|
|
import os
|
|
|
|
from .. import types as t
|
|
|
|
from ..util import (
|
|
ApplicationError,
|
|
ConfigParser,
|
|
display,
|
|
)
|
|
|
|
from ..config import (
|
|
IntegrationConfig,
|
|
)
|
|
|
|
from ..target import (
|
|
IntegrationTarget,
|
|
)
|
|
|
|
from ..core_ci import (
|
|
AnsibleCoreCI,
|
|
)
|
|
|
|
from . import (
|
|
CloudEnvironment,
|
|
CloudEnvironmentConfig,
|
|
CloudProvider,
|
|
)
|
|
|
|
|
|
class AwsCloudProvider(CloudProvider):
|
|
"""AWS cloud provider plugin. Sets up cloud resources before delegation."""
|
|
def __init__(self, args): # type: (IntegrationConfig) -> None
|
|
super(AwsCloudProvider, self).__init__(args)
|
|
|
|
self.uses_config = True
|
|
|
|
def filter(self, targets, exclude): # type: (t.Tuple[IntegrationTarget, ...], t.List[str]) -> None
|
|
"""Filter out the cloud tests when the necessary config and resources are not available."""
|
|
aci = self._create_ansible_core_ci()
|
|
|
|
if aci.available:
|
|
return
|
|
|
|
super(AwsCloudProvider, self).filter(targets, exclude)
|
|
|
|
def setup(self): # type: () -> None
|
|
"""Setup the cloud resource before delegation and register a cleanup callback."""
|
|
super(AwsCloudProvider, self).setup()
|
|
|
|
aws_config_path = os.path.expanduser('~/.aws')
|
|
|
|
if os.path.exists(aws_config_path) and not self.args.docker and not self.args.remote:
|
|
raise ApplicationError('Rename "%s" or use the --docker or --remote option to isolate tests.' % aws_config_path)
|
|
|
|
if not self._use_static_config():
|
|
self._setup_dynamic()
|
|
|
|
def _setup_dynamic(self): # type: () -> None
|
|
"""Request AWS credentials through the Ansible Core CI service."""
|
|
display.info('Provisioning %s cloud environment.' % self.platform, verbosity=1)
|
|
|
|
config = self._read_config_template()
|
|
|
|
aci = self._create_ansible_core_ci()
|
|
|
|
response = aci.start()
|
|
|
|
if not self.args.explain:
|
|
credentials = response['aws']['credentials']
|
|
|
|
values = dict(
|
|
ACCESS_KEY=credentials['access_key'],
|
|
SECRET_KEY=credentials['secret_key'],
|
|
SECURITY_TOKEN=credentials['session_token'],
|
|
REGION='us-east-1',
|
|
)
|
|
|
|
display.sensitive.add(values['SECRET_KEY'])
|
|
display.sensitive.add(values['SECURITY_TOKEN'])
|
|
|
|
config = self._populate_config_template(config, values)
|
|
|
|
self._write_config(config)
|
|
|
|
def _create_ansible_core_ci(self): # type: () -> AnsibleCoreCI
|
|
"""Return an AWS instance of AnsibleCoreCI."""
|
|
return AnsibleCoreCI(self.args, 'aws', 'aws', persist=False, stage=self.args.remote_stage, provider='aws', internal=True)
|
|
|
|
|
|
class AwsCloudEnvironment(CloudEnvironment):
|
|
"""AWS cloud environment plugin. Updates integration test environment after delegation."""
|
|
def get_environment_config(self): # type: () -> CloudEnvironmentConfig
|
|
"""Return environment configuration for use in the test environment after delegation."""
|
|
parser = ConfigParser()
|
|
parser.read(self.config_path)
|
|
|
|
ansible_vars = dict(
|
|
resource_prefix=self.resource_prefix,
|
|
)
|
|
|
|
# noinspection PyTypeChecker
|
|
ansible_vars.update(dict(parser.items('default')))
|
|
|
|
display.sensitive.add(ansible_vars.get('aws_secret_key'))
|
|
display.sensitive.add(ansible_vars.get('security_token'))
|
|
|
|
if 'aws_cleanup' not in ansible_vars:
|
|
ansible_vars['aws_cleanup'] = not self.managed
|
|
|
|
env_vars = {'ANSIBLE_DEBUG_BOTOCORE_LOGS': 'True'}
|
|
|
|
return CloudEnvironmentConfig(
|
|
env_vars=env_vars,
|
|
ansible_vars=ansible_vars,
|
|
callback_plugins=['aws_resource_actions'],
|
|
)
|
|
|
|
def on_failure(self, target, tries): # type: (IntegrationTarget, int) -> None
|
|
"""Callback to run when an integration target fails."""
|
|
if not tries and self.managed:
|
|
display.notice('If %s failed due to permissions, the IAM test policy may need to be updated. '
|
|
'https://docs.ansible.com/ansible/devel/dev_guide/platforms/aws_guidelines.html#aws-permissions-for-integration-tests.'
|
|
% target.name)
|