/test/integration/roles/test_ec2_key/tasks/main.yml

https://github.com/ajanthanm/ansible · YAML · 337 lines · 264 code · 37 blank · 36 comment · 0 complexity · 95bbd7ce85187dd0d9cd36af02fad19b MD5 · raw file

  1. ---
  2. # A Note about ec2 environment variable name preference:
  3. # - EC2_URL -> AWS_URL
  4. # - EC2_ACCESS_KEY -> AWS_ACCESS_KEY_ID -> AWS_ACCESS_KEY
  5. # - EC2_SECRET_KEY -> AWS_SECRET_ACCESS_KEY -> AWX_SECRET_KEY
  6. # - EC2_REGION -> AWS_REGION
  7. #
  8. # TODO - name: test 'region' parameter
  9. # TODO - name: test 'state=absent' parameter for existing key
  10. # TODO - name: test 'state=absent' parameter for missing key
  11. # TODO - name: test 'validate_certs' parameter
  12. # ============================================================
  13. # - include: ../../setup_ec2/tasks/common.yml module_name=ec2_key
  14. # ============================================================
  15. - name: test with no parameters
  16. ec2_key:
  17. register: result
  18. ignore_errors: true
  19. - name: assert failure when called with no parameters
  20. assert:
  21. that:
  22. - 'result.failed'
  23. - 'result.msg == "missing required arguments: name"'
  24. # ============================================================
  25. - name: test with only name
  26. ec2_key:
  27. name={{ec2_key_name}}
  28. register: result
  29. ignore_errors: true
  30. - name: assert failure when called with only 'name'
  31. assert:
  32. that:
  33. - 'result.failed'
  34. - 'result.msg == "Either region or ec2_url must be specified"'
  35. # ============================================================
  36. - name: test invalid region parameter
  37. ec2_key:
  38. name={{ec2_key_name}}
  39. region='asdf querty 1234'
  40. register: result
  41. ignore_errors: true
  42. - name: assert invalid region parameter
  43. assert:
  44. that:
  45. - 'result.failed'
  46. - 'result.msg.startswith("value of region must be one of:")'
  47. # ============================================================
  48. - name: test valid region parameter
  49. ec2_key:
  50. name={{ec2_key_name}}
  51. region={{ec2_region}}
  52. register: result
  53. ignore_errors: true
  54. - name: assert valid region parameter
  55. assert:
  56. that:
  57. - 'result.failed'
  58. - 'result.msg.startswith("No handler was ready to authenticate.")'
  59. # ============================================================
  60. - name: test environment variable EC2_REGION
  61. ec2_key:
  62. name={{ec2_key_name}}
  63. environment:
  64. EC2_REGION: '{{ec2_region}}'
  65. register: result
  66. ignore_errors: true
  67. - name: assert environment variable EC2_REGION
  68. assert:
  69. that:
  70. - 'result.failed'
  71. - 'result.msg.startswith("No handler was ready to authenticate.")'
  72. # ============================================================
  73. - name: test invalid ec2_url parameter
  74. ec2_key:
  75. name={{ec2_key_name}}
  76. environment:
  77. EC2_URL: bogus.example.com
  78. register: result
  79. ignore_errors: true
  80. - name: assert invalid ec2_url parameter
  81. assert:
  82. that:
  83. - 'result.failed'
  84. - 'result.msg.startswith("No handler was ready to authenticate.")'
  85. # ============================================================
  86. - name: test valid ec2_url parameter
  87. ec2_key:
  88. name={{ec2_key_name}}
  89. environment:
  90. EC2_URL: '{{ec2_url}}'
  91. register: result
  92. ignore_errors: true
  93. - name: assert valid ec2_url parameter
  94. assert:
  95. that:
  96. - 'result.failed'
  97. - 'result.msg.startswith("No handler was ready to authenticate.")'
  98. # ============================================================
  99. - name: test credentials from environment
  100. ec2_key:
  101. name={{ec2_key_name}}
  102. environment:
  103. EC2_REGION: '{{ec2_region}}'
  104. EC2_ACCESS_KEY: bogus_access_key
  105. EC2_SECRET_KEY: bogus_secret_key
  106. register: result
  107. ignore_errors: true
  108. - name: assert ec2_key with valid ec2_url
  109. assert:
  110. that:
  111. - 'result.failed'
  112. - '"EC2ResponseError: 401 Unauthorized" in result.msg'
  113. # ============================================================
  114. - name: test credential parameters
  115. ec2_key:
  116. name={{ec2_key_name}}
  117. ec2_region={{ec2_region}}
  118. ec2_access_key=bogus_access_key
  119. ec2_secret_key=bogus_secret_key
  120. register: result
  121. ignore_errors: true
  122. - name: assert credential parameters
  123. assert:
  124. that:
  125. - 'result.failed'
  126. - '"EC2ResponseError: 401 Unauthorized" in result.msg'
  127. # ============================================================
  128. - name: test state=absent with key_material
  129. ec2_key:
  130. name='{{ec2_key_name}}'
  131. ec2_region={{ec2_region}}
  132. ec2_access_key={{ec2_access_key}}
  133. ec2_secret_key={{ec2_secret_key}}
  134. state=absent
  135. register: result
  136. - name: assert state=absent with key_material
  137. assert:
  138. that:
  139. - '"failed" not in result'
  140. # ============================================================
  141. - name: test state=present without key_material
  142. ec2_key:
  143. name='{{ec2_key_name}}'
  144. ec2_region={{ec2_region}}
  145. ec2_access_key={{ec2_access_key}}
  146. ec2_secret_key={{ec2_secret_key}}
  147. state=present
  148. register: result
  149. - name: assert state=present without key_material
  150. assert:
  151. that:
  152. - 'result.changed'
  153. - '"failed" not in result'
  154. - '"key" in result'
  155. - '"name" in result.key'
  156. - '"fingerprint" in result.key'
  157. - '"private_key" in result.key'
  158. - 'result.key.name == "{{ec2_key_name}}"'
  159. # ============================================================
  160. - name: test state=absent without key_material
  161. ec2_key:
  162. name='{{ec2_key_name}}'
  163. state=absent
  164. environment:
  165. EC2_REGION: '{{ec2_region}}'
  166. EC2_ACCESS_KEY: '{{ec2_access_key}}'
  167. EC2_SECRET_KEY: '{{ec2_secret_key}}'
  168. register: result
  169. - name: assert state=absent without key_material
  170. assert:
  171. that:
  172. - 'result.changed'
  173. - '"failed" not in result'
  174. - '"key" in result'
  175. - 'result.key == None'
  176. # ============================================================
  177. - name: test state=present with key_material
  178. ec2_key:
  179. name='{{ec2_key_name}}'
  180. key_material='{{key_material}}'
  181. state=present
  182. environment:
  183. EC2_REGION: '{{ec2_region}}'
  184. EC2_ACCESS_KEY: '{{ec2_access_key}}'
  185. EC2_SECRET_KEY: '{{ec2_secret_key}}'
  186. register: result
  187. - name: assert state=present with key_material
  188. assert:
  189. that:
  190. - '"failed" not in result'
  191. - 'result.changed == True'
  192. - '"key" in result'
  193. - '"name" in result.key'
  194. - 'result.key.name == "{{ec2_key_name}}"'
  195. - '"fingerprint" in result.key'
  196. - '"private_key" not in result.key'
  197. # FIXME - why don't the fingerprints match?
  198. # - 'result.key.fingerprint == "{{fingerprint}}"'
  199. # ============================================================
  200. - name: test state=absent with key_material
  201. ec2_key:
  202. name='{{ec2_key_name}}'
  203. key_material='{{key_material}}'
  204. ec2_region='{{ec2_region}}'
  205. ec2_access_key='{{ec2_access_key}}'
  206. ec2_secret_key='{{ec2_secret_key}}'
  207. state=absent
  208. register: result
  209. - name: assert state=absent with key_material
  210. assert:
  211. that:
  212. - 'result.changed'
  213. - '"failed" not in result'
  214. - '"key" in result'
  215. - 'result.key == None'
  216. # ============================================================
  217. - name: test state=present with key_material with_files (expect changed=true)
  218. ec2_key:
  219. name='{{ec2_key_name}}'
  220. state=present
  221. key_material='{{ item }}'
  222. with_file: sshkey ~ '.pub'
  223. environment:
  224. EC2_REGION: '{{ec2_region}}'
  225. EC2_ACCESS_KEY: '{{ec2_access_key}}'
  226. EC2_SECRET_KEY: '{{ec2_secret_key}}'
  227. register: result
  228. - name: assert state=present with key_material with_files (expect changed=true)
  229. assert:
  230. that:
  231. - 'result.msg == "All items completed"'
  232. - 'result.changed == True'
  233. - '"results" in result'
  234. - '"item" in result.results[0]'
  235. - '"key" in result.results[0]'
  236. - '"name" in result.results[0].key'
  237. - 'result.results[0].key.name == "{{ec2_key_name}}"'
  238. - '"fingerprint" in result.results[0].key'
  239. - '"private_key" not in result.results[0].key'
  240. # FIXME - why doesn't result.key.fingerprint == {{fingerprint}}
  241. # - 'result.key.fingerprint == "{{fingerprint}}"'
  242. # ============================================================
  243. - name: test state=present with key_material with_files (expect changed=false)
  244. ec2_key:
  245. name='{{ec2_key_name}}'
  246. state=present
  247. key_material='{{ item }}'
  248. with_file: sshkey ~ '.pub'
  249. environment:
  250. EC2_REGION: '{{ec2_region}}'
  251. EC2_ACCESS_KEY: '{{ec2_access_key}}'
  252. EC2_SECRET_KEY: '{{ec2_secret_key}}'
  253. register: result
  254. - name: assert state=present with key_material with_files (expect changed=false)
  255. assert:
  256. that:
  257. - 'result.msg == "All items completed"'
  258. - 'not result.changed'
  259. - '"results" in result'
  260. - '"item" in result.results[0]'
  261. - '"key" in result.results[0]'
  262. - '"name" in result.results[0].key'
  263. - 'result.results[0].key.name == "{{ec2_key_name}}"'
  264. - '"fingerprint" in result.results[0].key'
  265. - '"private_key" not in result.results[0].key'
  266. # FIXME - why doesn't result.key.fingerprint == {{fingerprint}}
  267. # - 'result.key.fingerprint == "{{fingerprint}}"'
  268. # ============================================================
  269. - name: test state=absent with key_material (expect changed=true)
  270. ec2_key:
  271. name='{{ec2_key_name}}'
  272. ec2_region='{{ec2_region}}'
  273. ec2_access_key='{{ec2_access_key}}'
  274. ec2_secret_key='{{ec2_secret_key}}'
  275. key_material='{{key_material}}'
  276. state=absent
  277. register: result
  278. - name: assert state=absent with key_material (expect changed=true)
  279. assert:
  280. that:
  281. - 'result.changed'
  282. - '"failed" not in result'
  283. - '"key" in result'
  284. - 'result.key == None'
  285. # ============================================================
  286. - name: test state=absent (expect changed=false)
  287. ec2_key:
  288. name='{{ec2_key_name}}'
  289. ec2_region='{{ec2_region}}'
  290. ec2_access_key='{{ec2_access_key}}'
  291. ec2_secret_key='{{ec2_secret_key}}'
  292. state=absent
  293. register: result
  294. - name: assert state=absent with key_material (expect changed=false)
  295. assert:
  296. that:
  297. - 'not result.changed'
  298. - '"failed" not in result'
  299. - '"key" in result'
  300. - 'result.key == None'