/test/integration/roles/test_ec2_key/tasks/main.yml
YAML | 337 lines | 264 code | 37 blank | 36 comment | 0 complexity | 95bbd7ce85187dd0d9cd36af02fad19b MD5 | raw file
1--- 2# A Note about ec2 environment variable name preference: 3# - EC2_URL -> AWS_URL 4# - EC2_ACCESS_KEY -> AWS_ACCESS_KEY_ID -> AWS_ACCESS_KEY 5# - EC2_SECRET_KEY -> AWS_SECRET_ACCESS_KEY -> AWX_SECRET_KEY 6# - EC2_REGION -> AWS_REGION 7# 8# TODO - name: test 'region' parameter 9# TODO - name: test 'state=absent' parameter for existing key 10# TODO - name: test 'state=absent' parameter for missing key 11# TODO - name: test 'validate_certs' parameter 12 13# ============================================================ 14# - include: ../../setup_ec2/tasks/common.yml module_name=ec2_key 15 16# ============================================================ 17- name: test with no parameters 18 ec2_key: 19 register: result 20 ignore_errors: true 21 22- name: assert failure when called with no parameters 23 assert: 24 that: 25 - 'result.failed' 26 - 'result.msg == "missing required arguments: name"' 27 28# ============================================================ 29- name: test with only name 30 ec2_key: 31 name={{ec2_key_name}} 32 register: result 33 ignore_errors: true 34 35- name: assert failure when called with only 'name' 36 assert: 37 that: 38 - 'result.failed' 39 - 'result.msg == "Either region or ec2_url must be specified"' 40 41# ============================================================ 42- name: test invalid region parameter 43 ec2_key: 44 name={{ec2_key_name}} 45 region='asdf querty 1234' 46 register: result 47 ignore_errors: true 48 49- name: assert invalid region parameter 50 assert: 51 that: 52 - 'result.failed' 53 - 'result.msg.startswith("value of region must be one of:")' 54 55# ============================================================ 56- name: test valid region parameter 57 ec2_key: 58 name={{ec2_key_name}} 59 region={{ec2_region}} 60 register: result 61 ignore_errors: true 62 63- name: assert valid region parameter 64 assert: 65 that: 66 - 'result.failed' 67 - 'result.msg.startswith("No handler was ready to authenticate.")' 68 69# ============================================================ 70- name: test environment variable EC2_REGION 71 ec2_key: 72 name={{ec2_key_name}} 73 environment: 74 EC2_REGION: '{{ec2_region}}' 75 register: result 76 ignore_errors: true 77 78- name: assert environment variable EC2_REGION 79 assert: 80 that: 81 - 'result.failed' 82 - 'result.msg.startswith("No handler was ready to authenticate.")' 83 84# ============================================================ 85- name: test invalid ec2_url parameter 86 ec2_key: 87 name={{ec2_key_name}} 88 environment: 89 EC2_URL: bogus.example.com 90 register: result 91 ignore_errors: true 92 93- name: assert invalid ec2_url parameter 94 assert: 95 that: 96 - 'result.failed' 97 - 'result.msg.startswith("No handler was ready to authenticate.")' 98 99# ============================================================ 100- name: test valid ec2_url parameter 101 ec2_key: 102 name={{ec2_key_name}} 103 environment: 104 EC2_URL: '{{ec2_url}}' 105 register: result 106 ignore_errors: true 107 108- name: assert valid ec2_url parameter 109 assert: 110 that: 111 - 'result.failed' 112 - 'result.msg.startswith("No handler was ready to authenticate.")' 113 114# ============================================================ 115- name: test credentials from environment 116 ec2_key: 117 name={{ec2_key_name}} 118 environment: 119 EC2_REGION: '{{ec2_region}}' 120 EC2_ACCESS_KEY: bogus_access_key 121 EC2_SECRET_KEY: bogus_secret_key 122 register: result 123 ignore_errors: true 124 125- name: assert ec2_key with valid ec2_url 126 assert: 127 that: 128 - 'result.failed' 129 - '"EC2ResponseError: 401 Unauthorized" in result.msg' 130 131# ============================================================ 132- name: test credential parameters 133 ec2_key: 134 name={{ec2_key_name}} 135 ec2_region={{ec2_region}} 136 ec2_access_key=bogus_access_key 137 ec2_secret_key=bogus_secret_key 138 register: result 139 ignore_errors: true 140 141- name: assert credential parameters 142 assert: 143 that: 144 - 'result.failed' 145 - '"EC2ResponseError: 401 Unauthorized" in result.msg' 146 147# ============================================================ 148- name: test state=absent with key_material 149 ec2_key: 150 name='{{ec2_key_name}}' 151 ec2_region={{ec2_region}} 152 ec2_access_key={{ec2_access_key}} 153 ec2_secret_key={{ec2_secret_key}} 154 state=absent 155 register: result 156 157- name: assert state=absent with key_material 158 assert: 159 that: 160 - '"failed" not in result' 161 162# ============================================================ 163- name: test state=present without key_material 164 ec2_key: 165 name='{{ec2_key_name}}' 166 ec2_region={{ec2_region}} 167 ec2_access_key={{ec2_access_key}} 168 ec2_secret_key={{ec2_secret_key}} 169 state=present 170 register: result 171 172- name: assert state=present without key_material 173 assert: 174 that: 175 - 'result.changed' 176 - '"failed" not in result' 177 - '"key" in result' 178 - '"name" in result.key' 179 - '"fingerprint" in result.key' 180 - '"private_key" in result.key' 181 - 'result.key.name == "{{ec2_key_name}}"' 182 183# ============================================================ 184- name: test state=absent without key_material 185 ec2_key: 186 name='{{ec2_key_name}}' 187 state=absent 188 environment: 189 EC2_REGION: '{{ec2_region}}' 190 EC2_ACCESS_KEY: '{{ec2_access_key}}' 191 EC2_SECRET_KEY: '{{ec2_secret_key}}' 192 register: result 193 194- name: assert state=absent without key_material 195 assert: 196 that: 197 - 'result.changed' 198 - '"failed" not in result' 199 - '"key" in result' 200 - 'result.key == None' 201 202# ============================================================ 203- name: test state=present with key_material 204 ec2_key: 205 name='{{ec2_key_name}}' 206 key_material='{{key_material}}' 207 state=present 208 environment: 209 EC2_REGION: '{{ec2_region}}' 210 EC2_ACCESS_KEY: '{{ec2_access_key}}' 211 EC2_SECRET_KEY: '{{ec2_secret_key}}' 212 register: result 213 214- name: assert state=present with key_material 215 assert: 216 that: 217 - '"failed" not in result' 218 - 'result.changed == True' 219 - '"key" in result' 220 - '"name" in result.key' 221 - 'result.key.name == "{{ec2_key_name}}"' 222 - '"fingerprint" in result.key' 223 - '"private_key" not in result.key' 224 # FIXME - why don't the fingerprints match? 225 # - 'result.key.fingerprint == "{{fingerprint}}"' 226 227# ============================================================ 228- name: test state=absent with key_material 229 ec2_key: 230 name='{{ec2_key_name}}' 231 key_material='{{key_material}}' 232 ec2_region='{{ec2_region}}' 233 ec2_access_key='{{ec2_access_key}}' 234 ec2_secret_key='{{ec2_secret_key}}' 235 state=absent 236 register: result 237 238- name: assert state=absent with key_material 239 assert: 240 that: 241 - 'result.changed' 242 - '"failed" not in result' 243 - '"key" in result' 244 - 'result.key == None' 245 246# ============================================================ 247- name: test state=present with key_material with_files (expect changed=true) 248 ec2_key: 249 name='{{ec2_key_name}}' 250 state=present 251 key_material='{{ item }}' 252 with_file: sshkey ~ '.pub' 253 environment: 254 EC2_REGION: '{{ec2_region}}' 255 EC2_ACCESS_KEY: '{{ec2_access_key}}' 256 EC2_SECRET_KEY: '{{ec2_secret_key}}' 257 register: result 258 259- name: assert state=present with key_material with_files (expect changed=true) 260 assert: 261 that: 262 - 'result.msg == "All items completed"' 263 - 'result.changed == True' 264 - '"results" in result' 265 - '"item" in result.results[0]' 266 - '"key" in result.results[0]' 267 - '"name" in result.results[0].key' 268 - 'result.results[0].key.name == "{{ec2_key_name}}"' 269 - '"fingerprint" in result.results[0].key' 270 - '"private_key" not in result.results[0].key' 271 # FIXME - why doesn't result.key.fingerprint == {{fingerprint}} 272 # - 'result.key.fingerprint == "{{fingerprint}}"' 273 274# ============================================================ 275- name: test state=present with key_material with_files (expect changed=false) 276 ec2_key: 277 name='{{ec2_key_name}}' 278 state=present 279 key_material='{{ item }}' 280 with_file: sshkey ~ '.pub' 281 environment: 282 EC2_REGION: '{{ec2_region}}' 283 EC2_ACCESS_KEY: '{{ec2_access_key}}' 284 EC2_SECRET_KEY: '{{ec2_secret_key}}' 285 register: result 286 287- name: assert state=present with key_material with_files (expect changed=false) 288 assert: 289 that: 290 - 'result.msg == "All items completed"' 291 - 'not result.changed' 292 - '"results" in result' 293 - '"item" in result.results[0]' 294 - '"key" in result.results[0]' 295 - '"name" in result.results[0].key' 296 - 'result.results[0].key.name == "{{ec2_key_name}}"' 297 - '"fingerprint" in result.results[0].key' 298 - '"private_key" not in result.results[0].key' 299 # FIXME - why doesn't result.key.fingerprint == {{fingerprint}} 300 # - 'result.key.fingerprint == "{{fingerprint}}"' 301 302# ============================================================ 303- name: test state=absent with key_material (expect changed=true) 304 ec2_key: 305 name='{{ec2_key_name}}' 306 ec2_region='{{ec2_region}}' 307 ec2_access_key='{{ec2_access_key}}' 308 ec2_secret_key='{{ec2_secret_key}}' 309 key_material='{{key_material}}' 310 state=absent 311 register: result 312 313- name: assert state=absent with key_material (expect changed=true) 314 assert: 315 that: 316 - 'result.changed' 317 - '"failed" not in result' 318 - '"key" in result' 319 - 'result.key == None' 320 321# ============================================================ 322- name: test state=absent (expect changed=false) 323 ec2_key: 324 name='{{ec2_key_name}}' 325 ec2_region='{{ec2_region}}' 326 ec2_access_key='{{ec2_access_key}}' 327 ec2_secret_key='{{ec2_secret_key}}' 328 state=absent 329 register: result 330 331- name: assert state=absent with key_material (expect changed=false) 332 assert: 333 that: 334 - 'not result.changed' 335 - '"failed" not in result' 336 - '"key" in result' 337 - 'result.key == None'