mirror of https://github.com/ansible/ansible.git
You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
342 lines
9.6 KiB
YAML
342 lines
9.6 KiB
YAML
---
|
|
- block:
|
|
|
|
# ============================================================
|
|
|
|
- name: run the module without parameters
|
|
ec2_vpc_net:
|
|
ignore_errors: yes
|
|
register: result
|
|
|
|
- name: assert failure
|
|
assert:
|
|
that:
|
|
- 'result is failed'
|
|
- 'result.msg.startswith("missing required arguments")'
|
|
|
|
# ============================================================
|
|
|
|
- name: attempt to create a VPC without providing connnection information
|
|
ec2_vpc_net:
|
|
cidr_block: 20.0.0.0/24
|
|
name: "{{ resource_prefix }}"
|
|
state: present
|
|
region: us-east-1
|
|
ignore_errors: yes
|
|
register: result
|
|
|
|
- name: assert connection failure
|
|
assert:
|
|
that:
|
|
- 'result is failed'
|
|
- '"Unable to locate credentials" in result.msg'
|
|
|
|
# ============================================================
|
|
|
|
- name: set connection information for subsequent tasks
|
|
set_fact:
|
|
aws_connection_info: &aws_connection_info
|
|
aws_access_key: "{{ aws_access_key }}"
|
|
aws_secret_key: "{{ aws_secret_key }}"
|
|
security_token: "{{ security_token }}"
|
|
region: "{{ aws_region }}"
|
|
no_log: yes
|
|
|
|
# ============================================================
|
|
|
|
- name: test check mode creating a VPC
|
|
ec2_vpc_net:
|
|
cidr_block: 20.0.0.0/24
|
|
name: "{{ resource_prefix }}"
|
|
state: present
|
|
<<: *aws_connection_info
|
|
check_mode: true
|
|
register: result
|
|
|
|
- name: check for a change
|
|
assert:
|
|
that:
|
|
- 'result.changed'
|
|
|
|
# ============================================================
|
|
|
|
- name: create a VPC
|
|
ec2_vpc_net:
|
|
cidr_block: 20.0.0.0/24
|
|
ipv6_cidr: True
|
|
name: "{{ resource_prefix }}"
|
|
state: present
|
|
<<: *aws_connection_info
|
|
register: result
|
|
|
|
- name: assert the VPC was created successfully
|
|
assert:
|
|
that:
|
|
- 'result is successful'
|
|
- 'result.changed'
|
|
|
|
- name: assert the output
|
|
assert:
|
|
that:
|
|
- '"cidr_block" in result.vpc'
|
|
- '"ipv6_cidr_block_association_set" in result.vpc'
|
|
- '"classic_link_enabled" in result.vpc'
|
|
- '"dhcp_options_id" in result.vpc'
|
|
- '"id" in result.vpc'
|
|
- '"instance_tenancy" in result.vpc'
|
|
- '"is_default" in result.vpc'
|
|
- '"state" in result.vpc'
|
|
- '"tags" in result.vpc'
|
|
|
|
- name: set the first VPC's details as facts for comparison and cleanup
|
|
set_fact:
|
|
vpc_1: "{{ result.vpc.id }}"
|
|
vpc_1_ipv6_cidr: "{{ result.vpc.ipv6_cidr_block_association_set.0.ipv6_cidr_block }}"
|
|
|
|
- name: save default dhcp_options_id for later comparison
|
|
set_fact:
|
|
default_dhcp_options_id: "{{ result.vpc.dhcp_options_id }}"
|
|
|
|
# ============================================================
|
|
|
|
- name: Try to add IPv6 CIDR when one already exists
|
|
ec2_vpc_net:
|
|
cidr_block: 20.0.0.0/24
|
|
ipv6_cidr: True
|
|
name: "{{ resource_prefix }}"
|
|
state: present
|
|
multi_ok: no
|
|
<<: *aws_connection_info
|
|
register: result
|
|
|
|
- name: Assert no changes made
|
|
assert:
|
|
that:
|
|
- '"Only one IPv6 CIDR is permitted per VPC, {{ result.vpc.id }} already has CIDR {{ vpc_1_ipv6_cidr }}" in result.warnings'
|
|
- 'not result.changed'
|
|
|
|
# ============================================================
|
|
|
|
- name: test check mode creating an identical VPC
|
|
ec2_vpc_net:
|
|
cidr_block: 20.0.0.0/24
|
|
ipv6_cidr: True
|
|
name: "{{ resource_prefix }}"
|
|
state: present
|
|
multi_ok: yes
|
|
<<: *aws_connection_info
|
|
check_mode: true
|
|
register: result
|
|
|
|
- name: assert a change would be made
|
|
assert:
|
|
that:
|
|
- 'result.changed'
|
|
|
|
# ============================================================
|
|
|
|
- name: create a VPC with a dedicated tenancy using the same CIDR and name
|
|
ec2_vpc_net:
|
|
cidr_block: 20.0.0.0/24
|
|
name: "{{ resource_prefix }}"
|
|
ipv6_cidr: True
|
|
tenancy: dedicated
|
|
state: present
|
|
multi_ok: yes
|
|
<<: *aws_connection_info
|
|
register: result
|
|
|
|
- name: assert a new VPC was created
|
|
assert:
|
|
that:
|
|
- 'result is successful'
|
|
- 'result.changed'
|
|
- 'result.vpc.instance_tenancy == "dedicated"'
|
|
- result.vpc.id != vpc_1
|
|
|
|
# ============================================================
|
|
|
|
- name: attempt to create another VPC with the same CIDR and name without multi_ok
|
|
ec2_vpc_net:
|
|
cidr_block: 20.0.0.0/24
|
|
ipv6_cidr: True
|
|
name: "{{ resource_prefix }}"
|
|
state: present
|
|
multi_ok: no
|
|
<<: *aws_connection_info
|
|
register: result
|
|
ignore_errors: yes
|
|
|
|
- name: assert failure
|
|
assert:
|
|
that:
|
|
- 'result is failed'
|
|
- '"If you would like to create the VPC anyway please pass True to the multi_ok param" in result.msg'
|
|
|
|
# ============================================================
|
|
|
|
# FIXME: right now if there are multiple matching VPCs they cannot be removed,
|
|
# as there is no vpc_id option for idempotence. A workaround is to retag the VPC.
|
|
- name: remove Name tag on vpc_1
|
|
ec2_tag:
|
|
resource: "{{ vpc_1 }}"
|
|
state: absent
|
|
tags:
|
|
Name: "{{ resource_prefix }}"
|
|
<<: *aws_connection_info
|
|
|
|
- name: add a unique name tag
|
|
ec2_tag:
|
|
resource: "{{ vpc_1 }}"
|
|
state: present
|
|
tags:
|
|
Name: "{{ resource_prefix }}-changed"
|
|
<<: *aws_connection_info
|
|
|
|
- name: delete one of the VPCs
|
|
ec2_vpc_net:
|
|
cidr_block: 20.0.0.0/24
|
|
name: "{{ resource_prefix }}-changed"
|
|
state: absent
|
|
<<: *aws_connection_info
|
|
register: result
|
|
|
|
- name: assert success
|
|
assert:
|
|
that:
|
|
- 'result.changed'
|
|
- 'not result.vpc'
|
|
|
|
# ============================================================
|
|
|
|
- name: attempt to delete a VPC that doesn't exist
|
|
ec2_vpc_net:
|
|
cidr_block: 20.0.0.0/24
|
|
name: "{{ resource_prefix }}-changed"
|
|
state: absent
|
|
<<: *aws_connection_info
|
|
register: result
|
|
|
|
- name: assert no changes were made
|
|
assert:
|
|
that:
|
|
- 'not result.changed'
|
|
- 'not result.vpc'
|
|
|
|
# ============================================================
|
|
|
|
- name: create a DHCP option set to use in next test
|
|
ec2_vpc_dhcp_option:
|
|
dns_servers:
|
|
- 4.4.4.4
|
|
- 8.8.8.8
|
|
tags:
|
|
Name: "{{ resource_prefix }}"
|
|
<<: *aws_connection_info
|
|
register: new_dhcp
|
|
|
|
- name: modify the DHCP options set for a VPC
|
|
ec2_vpc_net:
|
|
cidr_block: 20.0.0.0/24
|
|
name: "{{ resource_prefix }}"
|
|
state: present
|
|
multi_ok: no
|
|
dhcp_opts_id: "{{ new_dhcp.dhcp_options_id }}"
|
|
<<: *aws_connection_info
|
|
register: result
|
|
|
|
- name: assert the DHCP option set changed
|
|
assert:
|
|
that:
|
|
- 'result.changed'
|
|
- default_dhcp_options_id != result.vpc.dhcp_options_id
|
|
|
|
# ============================================================
|
|
|
|
- name: modify classic_link_enabled
|
|
ec2_vpc_net:
|
|
cidr_block: 20.0.0.0/24
|
|
name: "{{ resource_prefix }}"
|
|
dns_support: True
|
|
dns_hostnames: True
|
|
state: present
|
|
multi_ok: no
|
|
<<: *aws_connection_info
|
|
register: result
|
|
|
|
- name: assert a change was made
|
|
assert:
|
|
that:
|
|
- 'result is successful'
|
|
# FIXME The module currently doesn't note changed for VPC attributes.
|
|
# Once this is fixed a test should be added for check mode as well.
|
|
# - 'result.changed'
|
|
|
|
# ============================================================
|
|
|
|
- name: modify tags
|
|
ec2_vpc_net:
|
|
cidr_block: 20.0.0.0/24
|
|
name: "{{ resource_prefix }}"
|
|
dns_support: True
|
|
dns_hostnames: True
|
|
state: present
|
|
multi_ok: no
|
|
tags:
|
|
Ansible: Test
|
|
<<: *aws_connection_info
|
|
register: result
|
|
|
|
- name: assert the VPC has Name and Ansible tags
|
|
assert:
|
|
that:
|
|
- result.vpc.tags|length == 2
|
|
- 'result.vpc.tags.Ansible == "Test"'
|
|
- 'result.vpc.tags.Name == "{{ resource_prefix }}"'
|
|
|
|
# ============================================================
|
|
|
|
- name: test check mode to delete a VPC
|
|
ec2_vpc_net:
|
|
cidr_block: 20.0.0.0/24
|
|
name: "{{ resource_prefix }}"
|
|
state: absent
|
|
<<: *aws_connection_info
|
|
check_mode: true
|
|
register: result
|
|
|
|
- name: assert that a change would have been made
|
|
assert:
|
|
that:
|
|
- 'result.changed'
|
|
|
|
# ============================================================
|
|
|
|
always:
|
|
|
|
- name: replace the DHCP options set so the new one can be deleted
|
|
ec2_vpc_net:
|
|
cidr_block: 20.0.0.0/24
|
|
name: "{{ resource_prefix }}"
|
|
state: present
|
|
multi_ok: no
|
|
dhcp_opts_id: "{{ default_dhcp_options_id }}"
|
|
<<: *aws_connection_info
|
|
ignore_errors: true
|
|
|
|
- name: remove the DHCP option set
|
|
ec2_vpc_dhcp_option:
|
|
dhcp_options_id: "{{ new_dhcp.dhcp_options_id }}"
|
|
state: absent
|
|
<<: *aws_connection_info
|
|
ignore_errors: true
|
|
|
|
- name: remove the VPC
|
|
ec2_vpc_net:
|
|
cidr_block: 20.0.0.0/24
|
|
name: "{{ resource_prefix }}"
|
|
state: absent
|
|
<<: *aws_connection_info
|
|
|
|
# ============================================================
|