/test/integration/roles/test_ec2_key/tasks/main.yml
https://github.com/ajanthanm/ansible · YAML · 337 lines · 264 code · 37 blank · 36 comment · 0 complexity · 95bbd7ce85187dd0d9cd36af02fad19b MD5 · raw file
- ---
- # A Note about ec2 environment variable name preference:
- # - EC2_URL -> AWS_URL
- # - EC2_ACCESS_KEY -> AWS_ACCESS_KEY_ID -> AWS_ACCESS_KEY
- # - EC2_SECRET_KEY -> AWS_SECRET_ACCESS_KEY -> AWX_SECRET_KEY
- # - EC2_REGION -> AWS_REGION
- #
- # TODO - name: test 'region' parameter
- # TODO - name: test 'state=absent' parameter for existing key
- # TODO - name: test 'state=absent' parameter for missing key
- # TODO - name: test 'validate_certs' parameter
- # ============================================================
- # - include: ../../setup_ec2/tasks/common.yml module_name=ec2_key
- # ============================================================
- - name: test with no parameters
- ec2_key:
- register: result
- ignore_errors: true
- - name: assert failure when called with no parameters
- assert:
- that:
- - 'result.failed'
- - 'result.msg == "missing required arguments: name"'
- # ============================================================
- - name: test with only name
- ec2_key:
- name={{ec2_key_name}}
- register: result
- ignore_errors: true
- - name: assert failure when called with only 'name'
- assert:
- that:
- - 'result.failed'
- - 'result.msg == "Either region or ec2_url must be specified"'
- # ============================================================
- - name: test invalid region parameter
- ec2_key:
- name={{ec2_key_name}}
- region='asdf querty 1234'
- register: result
- ignore_errors: true
- - name: assert invalid region parameter
- assert:
- that:
- - 'result.failed'
- - 'result.msg.startswith("value of region must be one of:")'
- # ============================================================
- - name: test valid region parameter
- ec2_key:
- name={{ec2_key_name}}
- region={{ec2_region}}
- register: result
- ignore_errors: true
- - name: assert valid region parameter
- assert:
- that:
- - 'result.failed'
- - 'result.msg.startswith("No handler was ready to authenticate.")'
- # ============================================================
- - name: test environment variable EC2_REGION
- ec2_key:
- name={{ec2_key_name}}
- environment:
- EC2_REGION: '{{ec2_region}}'
- register: result
- ignore_errors: true
- - name: assert environment variable EC2_REGION
- assert:
- that:
- - 'result.failed'
- - 'result.msg.startswith("No handler was ready to authenticate.")'
- # ============================================================
- - name: test invalid ec2_url parameter
- ec2_key:
- name={{ec2_key_name}}
- environment:
- EC2_URL: bogus.example.com
- register: result
- ignore_errors: true
- - name: assert invalid ec2_url parameter
- assert:
- that:
- - 'result.failed'
- - 'result.msg.startswith("No handler was ready to authenticate.")'
- # ============================================================
- - name: test valid ec2_url parameter
- ec2_key:
- name={{ec2_key_name}}
- environment:
- EC2_URL: '{{ec2_url}}'
- register: result
- ignore_errors: true
- - name: assert valid ec2_url parameter
- assert:
- that:
- - 'result.failed'
- - 'result.msg.startswith("No handler was ready to authenticate.")'
- # ============================================================
- - name: test credentials from environment
- ec2_key:
- name={{ec2_key_name}}
- environment:
- EC2_REGION: '{{ec2_region}}'
- EC2_ACCESS_KEY: bogus_access_key
- EC2_SECRET_KEY: bogus_secret_key
- register: result
- ignore_errors: true
- - name: assert ec2_key with valid ec2_url
- assert:
- that:
- - 'result.failed'
- - '"EC2ResponseError: 401 Unauthorized" in result.msg'
- # ============================================================
- - name: test credential parameters
- ec2_key:
- name={{ec2_key_name}}
- ec2_region={{ec2_region}}
- ec2_access_key=bogus_access_key
- ec2_secret_key=bogus_secret_key
- register: result
- ignore_errors: true
- - name: assert credential parameters
- assert:
- that:
- - 'result.failed'
- - '"EC2ResponseError: 401 Unauthorized" in result.msg'
- # ============================================================
- - name: test state=absent with key_material
- ec2_key:
- name='{{ec2_key_name}}'
- ec2_region={{ec2_region}}
- ec2_access_key={{ec2_access_key}}
- ec2_secret_key={{ec2_secret_key}}
- state=absent
- register: result
- - name: assert state=absent with key_material
- assert:
- that:
- - '"failed" not in result'
- # ============================================================
- - name: test state=present without key_material
- ec2_key:
- name='{{ec2_key_name}}'
- ec2_region={{ec2_region}}
- ec2_access_key={{ec2_access_key}}
- ec2_secret_key={{ec2_secret_key}}
- state=present
- register: result
- - name: assert state=present without key_material
- assert:
- that:
- - 'result.changed'
- - '"failed" not in result'
- - '"key" in result'
- - '"name" in result.key'
- - '"fingerprint" in result.key'
- - '"private_key" in result.key'
- - 'result.key.name == "{{ec2_key_name}}"'
- # ============================================================
- - name: test state=absent without key_material
- ec2_key:
- name='{{ec2_key_name}}'
- state=absent
- environment:
- EC2_REGION: '{{ec2_region}}'
- EC2_ACCESS_KEY: '{{ec2_access_key}}'
- EC2_SECRET_KEY: '{{ec2_secret_key}}'
- register: result
- - name: assert state=absent without key_material
- assert:
- that:
- - 'result.changed'
- - '"failed" not in result'
- - '"key" in result'
- - 'result.key == None'
- # ============================================================
- - name: test state=present with key_material
- ec2_key:
- name='{{ec2_key_name}}'
- key_material='{{key_material}}'
- state=present
- environment:
- EC2_REGION: '{{ec2_region}}'
- EC2_ACCESS_KEY: '{{ec2_access_key}}'
- EC2_SECRET_KEY: '{{ec2_secret_key}}'
- register: result
- - name: assert state=present with key_material
- assert:
- that:
- - '"failed" not in result'
- - 'result.changed == True'
- - '"key" in result'
- - '"name" in result.key'
- - 'result.key.name == "{{ec2_key_name}}"'
- - '"fingerprint" in result.key'
- - '"private_key" not in result.key'
- # FIXME - why don't the fingerprints match?
- # - 'result.key.fingerprint == "{{fingerprint}}"'
- # ============================================================
- - name: test state=absent with key_material
- ec2_key:
- name='{{ec2_key_name}}'
- key_material='{{key_material}}'
- ec2_region='{{ec2_region}}'
- ec2_access_key='{{ec2_access_key}}'
- ec2_secret_key='{{ec2_secret_key}}'
- state=absent
- register: result
- - name: assert state=absent with key_material
- assert:
- that:
- - 'result.changed'
- - '"failed" not in result'
- - '"key" in result'
- - 'result.key == None'
- # ============================================================
- - name: test state=present with key_material with_files (expect changed=true)
- ec2_key:
- name='{{ec2_key_name}}'
- state=present
- key_material='{{ item }}'
- with_file: sshkey ~ '.pub'
- environment:
- EC2_REGION: '{{ec2_region}}'
- EC2_ACCESS_KEY: '{{ec2_access_key}}'
- EC2_SECRET_KEY: '{{ec2_secret_key}}'
- register: result
- - name: assert state=present with key_material with_files (expect changed=true)
- assert:
- that:
- - 'result.msg == "All items completed"'
- - 'result.changed == True'
- - '"results" in result'
- - '"item" in result.results[0]'
- - '"key" in result.results[0]'
- - '"name" in result.results[0].key'
- - 'result.results[0].key.name == "{{ec2_key_name}}"'
- - '"fingerprint" in result.results[0].key'
- - '"private_key" not in result.results[0].key'
- # FIXME - why doesn't result.key.fingerprint == {{fingerprint}}
- # - 'result.key.fingerprint == "{{fingerprint}}"'
- # ============================================================
- - name: test state=present with key_material with_files (expect changed=false)
- ec2_key:
- name='{{ec2_key_name}}'
- state=present
- key_material='{{ item }}'
- with_file: sshkey ~ '.pub'
- environment:
- EC2_REGION: '{{ec2_region}}'
- EC2_ACCESS_KEY: '{{ec2_access_key}}'
- EC2_SECRET_KEY: '{{ec2_secret_key}}'
- register: result
- - name: assert state=present with key_material with_files (expect changed=false)
- assert:
- that:
- - 'result.msg == "All items completed"'
- - 'not result.changed'
- - '"results" in result'
- - '"item" in result.results[0]'
- - '"key" in result.results[0]'
- - '"name" in result.results[0].key'
- - 'result.results[0].key.name == "{{ec2_key_name}}"'
- - '"fingerprint" in result.results[0].key'
- - '"private_key" not in result.results[0].key'
- # FIXME - why doesn't result.key.fingerprint == {{fingerprint}}
- # - 'result.key.fingerprint == "{{fingerprint}}"'
- # ============================================================
- - name: test state=absent with key_material (expect changed=true)
- ec2_key:
- name='{{ec2_key_name}}'
- ec2_region='{{ec2_region}}'
- ec2_access_key='{{ec2_access_key}}'
- ec2_secret_key='{{ec2_secret_key}}'
- key_material='{{key_material}}'
- state=absent
- register: result
- - name: assert state=absent with key_material (expect changed=true)
- assert:
- that:
- - 'result.changed'
- - '"failed" not in result'
- - '"key" in result'
- - 'result.key == None'
- # ============================================================
- - name: test state=absent (expect changed=false)
- ec2_key:
- name='{{ec2_key_name}}'
- ec2_region='{{ec2_region}}'
- ec2_access_key='{{ec2_access_key}}'
- ec2_secret_key='{{ec2_secret_key}}'
- state=absent
- register: result
- - name: assert state=absent with key_material (expect changed=false)
- assert:
- that:
- - 'not result.changed'
- - '"failed" not in result'
- - '"key" in result'
- - 'result.key == None'