From d0d5b5028e3c63d47ef3c26fe8ec086f96a15e4f Mon Sep 17 00:00:00 2001 From: "ansible-code-bot[bot]" <145416087+ansible-code-bot[bot]@users.noreply.github.com> Date: Thu, 8 Aug 2024 06:01:57 +0000 Subject: [PATCH] Fix ansible-lint rule violations --- .../targets/autoscaling_group/main.yml | 13 +- .../ec2_asg/tasks/create_update_delete.yml | 103 ++--- .../roles/ec2_asg/tasks/env_setup.yml | 7 +- .../roles/ec2_asg/tasks/tag_operations.yml | 73 ++-- .../targets/aws_az_info/tasks/main.yml | 8 - .../targets/backup_plan/tasks/main.yml | 1 - .../targets/backup_tag/tasks/main.yml | 1 - .../targets/backup_vault/tasks/main.yml | 1 - .../targets/ec2_ami/tasks/main.yml | 3 +- .../targets/ec2_ami_instance/tasks/main.yml | 3 +- .../targets/ec2_ami_snapshot/tasks/main.yml | 3 +- .../targets/ec2_ami_tpm/tasks/main.yml | 3 +- .../tasks/main.yml | 1 - .../tasks/main.yml | 1 - .../tasks/main.yml | 1 + .../tasks/main.yml | 10 +- .../targets/ec2_key/tasks/main.yml | 13 +- .../ec2_metadata_facts/playbooks/setup.yml | 3 +- .../ec2_metadata_facts/playbooks/teardown.yml | 1 - .../playbooks/test_metadata.yml | 1 + .../tasks/multi_account.yml | 29 +- .../targets/ec2_tag/tasks/main.yml | 3 +- .../ec2_vpc_dhcp_option/tasks/main.yml | 10 +- .../targets/ec2_vpc_endpoint/tasks/main.yml | 70 ++- .../ec2_vpc_nat_gateway/tasks/main.yml | 400 ++++++++++++++++++ .../targets/ec2_vpc_subnet/tasks/main.yml | 16 +- .../playbooks/create_environment_script.yml | 1 - .../playbooks/create_inventory_config.yml | 2 - .../playbooks/empty_inventory_config.yml | 1 - .../playbooks/populate_cache.yml | 3 - .../test_invalid_aws_ec2_inventory_config.yml | 1 - .../playbooks/test_inventory_cache.yml | 1 - ...opulating_inventory_with_concatenation.yml | 5 - ..._populating_inventory_with_constructed.yml | 6 - ...ng_inventory_with_hostnames_using_tags.yml | 4 - ...tory_with_hostnames_using_tags_classic.yml | 4 - ..._inventory_with_hostvars_prefix_suffix.yml | 6 +- ...entory_with_include_or_exclude_filters.yml | 6 - ...pulating_inventory_with_literal_string.yml | 5 - ...inventory_with_use_contrib_script_keys.yml | 4 - .../playbooks/create_inventory_config.yml | 1 - .../playbooks/empty_inventory_config.yml | 1 - .../playbooks/populate_cache.yml | 3 - .../test_invalid_aws_rds_inventory_config.yml | 1 - .../playbooks/test_inventory_cache.yml | 1 - ..._inventory_with_hostvars_prefix_suffix.yml | 2 +- ..._populating_inventory_with_constructed.yml | 4 - .../roles/kms_key/tasks/test_multi_region.yml | 13 +- .../roles/kms_key/tasks/test_states.yml | 69 ++- .../roles/kms_key/tasks/test_tagging.yml | 23 +- .../tasks/main.yaml | 22 +- .../tasks/main.yaml | 2 - .../tasks/nested.yaml | 1 - .../lookup_ssm_parameter/tasks/main.yml | 39 +- .../module_utils_botocore_recorder/main.yml | 4 +- .../targets/module_utils_core/setup.yml | 2 +- .../rds_cluster_create/tasks/main.yaml | 3 +- .../rds_cluster_create_sgs/tasks/main.yaml | 1 - .../tasks/remove_from_global_db.yaml | 15 +- .../rds_cluster_multi_az/tasks/main.yml | 1 - .../rds_cluster_param_group/tasks/main.yaml | 14 - .../rds_cluster_promote/tasks/main.yaml | 1 - .../rds_cluster_restore/tasks/main.yaml | 6 +- .../rds_cluster_snapshot/tasks/main.yml | 4 +- .../targets/rds_cluster_states/tasks/main.yml | 9 +- .../targets/rds_cluster_tag/tasks/main.yaml | 4 +- .../rds_global_cluster_create/tasks/main.yaml | 1 - .../rds_instance_aurora/tasks/main.yml | 1 - .../rds_instance_modify/tasks/main.yml | 27 +- .../rds_instance_processor/tasks/main.yml | 2 - .../rds_instance_replica/tasks/main.yml | 3 - .../rds_instance_restore/tasks/main.yml | 2 - .../rds_instance_sgroups/tasks/main.yml | 7 - .../rds_instance_snapshot/tasks/main.yml | 1 - .../rds_instance_snapshot_mgmt/tasks/main.yml | 3 - .../rds_instance_states/tasks/main.yml | 2 - .../rds_instance_upgrade/tasks/main.yml | 1 - .../targets/rds_option_group/tasks/main.yml | 1 - .../targets/rds_param_group/tasks/main.yml | 28 +- .../targets/route53/tasks/main.yml | 121 +++--- .../targets/route53_zone/tasks/main.yml | 11 +- .../s3_bucket/roles/s3_bucket/tasks/acl.yml | 4 +- .../roles/s3_bucket/tasks/complex.yml | 7 +- .../roles/s3_bucket/tasks/dotted.yml | 6 +- .../s3_bucket/tasks/encryption_bucket_key.yml | 4 +- .../roles/s3_bucket/tasks/encryption_kms.yml | 4 +- .../roles/s3_bucket/tasks/encryption_sse.yml | 4 +- .../s3_bucket/roles/s3_bucket/tasks/main.yml | 4 +- .../roles/s3_bucket/tasks/missing.yml | 6 +- .../roles/s3_bucket/tasks/object_lock.yml | 4 +- .../s3_bucket/tasks/ownership_controls.yml | 4 +- .../roles/s3_bucket/tasks/public_access.yml | 4 +- .../roles/s3_bucket/tasks/simple.yml | 8 +- .../s3_bucket/roles/s3_bucket/tasks/tags.yml | 6 +- .../targets/setup_ec2_facts/tasks/main.yml | 1 - .../setup_ec2_instance_env/tasks/cleanup.yml | 16 +- .../targets/setup_ec2_vpc/tasks/cleanup.yml | 8 +- .../setup_remote_tmp_dir/handlers/main.yml | 2 +- .../setup_remote_tmp_dir/tasks/windows.yml | 2 +- .../targets/setup_sshkey/tasks/main.yml | 1 - 100 files changed, 758 insertions(+), 621 deletions(-) diff --git a/tests/integration/targets/autoscaling_group/main.yml b/tests/integration/targets/autoscaling_group/main.yml index 709499c4470..82810307774 100644 --- a/tests/integration/targets/autoscaling_group/main.yml +++ b/tests/integration/targets/autoscaling_group/main.yml @@ -14,21 +14,14 @@ region: "{{ aws_region }}" block: - ansible.builtin.include_role: - name: setup_ec2_facts + - ansible.builtin.include_role: name: ec2_asg tasks_from: env_setup.yml - rescue: + - ansible.builtin.include_role: name: ec2_asg tasks_from: env_cleanup.yml - run_once: true + - ansible.builtin.fail: msg: Environment preparation failed - run_once: true -- hosts: all - gather_facts: false - strategy: free - serial: 6 - roles: - - ec2_asg diff --git a/tests/integration/targets/autoscaling_group/roles/ec2_asg/tasks/create_update_delete.yml b/tests/integration/targets/autoscaling_group/roles/ec2_asg/tasks/create_update_delete.yml index 1d7b125772b..84ed7fd6aa3 100644 --- a/tests/integration/targets/autoscaling_group/roles/ec2_asg/tasks/create_update_delete.yml +++ b/tests/integration/targets/autoscaling_group/roles/ec2_asg/tasks/create_update_delete.yml @@ -4,14 +4,13 @@ - name: Test create/update/delete AutoScalingGroups with autoscaling_group block: # ============================================================ - - name: Test without specifying required module options amazon.aws.autoscaling_group: access_key: "{{ aws_access_key }}" secret_key: "{{ aws_secret_key }}" session_token: "{{ security_token | default(omit) }}" ignore_errors: true - register: result + - name: Assert name is a required module option ansible.builtin.assert: that: @@ -30,13 +29,10 @@ - httpd runcmd: - "service httpd start" - security_groups: "{{ sg.group_id }}" - instance_type: t3.micro - loop: - - "{{ resource_prefix }}-lc" - - "{{ resource_prefix }}-lc-2" - - # ============================================================ + security_groups: + - '{{ resource_prefix }}-lc' + - '{{ resource_prefix }}-lc-2' + instance_type: t3.micro - name: Launch asg and wait for instances to be deemed healthy (no ELB) amazon.aws.autoscaling_group: @@ -48,7 +44,7 @@ vpc_zone_identifier: "{{ testing_subnet.subnet.id }}" state: present wait_for_instances: true - register: output + - ansible.builtin.assert: that: - output.viable_instances == 1 @@ -58,7 +54,7 @@ name: "{{ resource_prefix }}-asg" metrics_collection: true register: output - check_mode: true + - ansible.builtin.assert: that: - output is changed @@ -69,7 +65,7 @@ amazon.aws.autoscaling_group: name: "{{ resource_prefix }}-asg" metrics_collection: true - register: output + - ansible.builtin.assert: that: - output is changed @@ -78,7 +74,7 @@ amazon.aws.autoscaling_group: name: "{{ resource_prefix }}-asg" metrics_collection: true - register: output + - ansible.builtin.assert: that: - output is not changed @@ -88,7 +84,7 @@ name: "{{ resource_prefix }}-asg" metrics_collection: false register: output - check_mode: true + - ansible.builtin.assert: that: - output is changed @@ -99,7 +95,7 @@ amazon.aws.autoscaling_group: name: "{{ resource_prefix }}-asg" metrics_collection: false - register: output + - ansible.builtin.assert: that: - output is changed @@ -108,7 +104,7 @@ amazon.aws.autoscaling_group: name: "{{ resource_prefix }}-asg" metrics_collection: false - register: output + - ansible.builtin.assert: that: - output is not changed @@ -118,7 +114,7 @@ name: "{{ resource_prefix }}-asg" state: absent wait_timeout: 800 - async: 400 + - name: Launch asg and do not wait for instances to be deemed healthy (no ELB) amazon.aws.autoscaling_group: name: "{{ resource_prefix }}-asg" @@ -129,7 +125,7 @@ vpc_zone_identifier: "{{ testing_subnet.subnet.id }}" wait_for_instances: false state: present - register: output + - ansible.builtin.assert: that: - output.viable_instances == 0 @@ -143,7 +139,7 @@ retries: 3 until: output is succeeded delay: 10 - async: 400 + - name: Create asg with asg metrics enabled amazon.aws.autoscaling_group: name: "{{ resource_prefix }}-asg" @@ -154,7 +150,7 @@ max_size: 0 vpc_zone_identifier: "{{ testing_subnet.subnet.id }}" state: present - register: output + - ansible.builtin.assert: that: - "'Group' in output.metrics_collection.0.Metric" @@ -164,7 +160,7 @@ name: "{{ resource_prefix }}-asg" state: absent wait_timeout: 800 - async: 400 + - name: Launch load balancer amazon.aws.elb_classic_lb: name: "{{ load_balancer_name }}" @@ -185,7 +181,7 @@ interval: 10 unhealthy_threshold: 4 healthy_threshold: 2 - register: load_balancer + - name: Launch asg and wait for instances to be deemed healthy (ELB) amazon.aws.autoscaling_group: name: "{{ resource_prefix }}-asg" @@ -200,14 +196,13 @@ wait_for_instances: true wait_timeout: 900 state: present - register: output + - ansible.builtin.assert: that: - output.viable_instances == 1 # ============================================================ - # grow scaling group to 3 - name: Add 2 more instances wait for instances to be deemed healthy (ELB) amazon.aws.autoscaling_group: name: "{{ resource_prefix }}-asg" @@ -222,19 +217,18 @@ wait_for_instances: true wait_timeout: 1200 state: present - register: output + - ansible.builtin.assert: that: - output.viable_instances == 3 # ============================================================ - # Test max_instance_lifetime option - name: Enable asg max_instance_lifetime amazon.aws.autoscaling_group: name: "{{ resource_prefix }}-asg" max_instance_lifetime: 604801 - register: output + - name: Ensure max_instance_lifetime is set ansible.builtin.assert: that: @@ -243,7 +237,7 @@ - name: Run without max_instance_lifetime amazon.aws.autoscaling_group: name: "{{ resource_prefix }}-asg" - launch_config_name: "{{ resource_prefix }}-lc" + - name: Ensure max_instance_lifetime not affected by defaults ansible.builtin.assert: that: @@ -254,7 +248,7 @@ name: "{{ resource_prefix }}-asg" launch_config_name: "{{ resource_prefix }}-lc" max_instance_lifetime: 0 - register: output + - name: Ensure max_instance_lifetime is not set ansible.builtin.assert: that: @@ -262,7 +256,6 @@ # ============================================================ - # perform rolling replace with different launch configuration - name: Perform rolling update to new AMI amazon.aws.autoscaling_group: name: "{{ resource_prefix }}-asg" @@ -278,18 +271,16 @@ replace_all_instances: true wait_timeout: 1800 state: present - register: output + - ansible.builtin.assert: - that: - - item.value.launch_config_name == resource_prefix+"-lc-2" - loop: "{{ output.instance_facts | dict2items }}" + that: "{{ output.instance_facts | dict2items }}" + - ansible.builtin.assert: that: - output.viable_instances == 3 # ============================================================ - # perform rolling replace with the original launch configuration - name: Perform rolling update to new AMI while removing the load balancer amazon.aws.autoscaling_group: name: "{{ resource_prefix }}-asg" @@ -305,18 +296,16 @@ replace_all_instances: true wait_timeout: 1800 state: present - register: output + - ansible.builtin.assert: - that: - - item.value.launch_config_name == resource_prefix+"-lc" - loop: "{{ output.instance_facts | dict2items }}" + that: "{{ output.instance_facts | dict2items }}" + - ansible.builtin.assert: that: - output.viable_instances == 3 # ============================================================ - # perform rolling replace with new launch configuration and lc_check:false - name: "Perform rolling update to new AMI with lc_check: false" amazon.aws.autoscaling_group: name: "{{ resource_prefix }}-asg" @@ -333,11 +322,11 @@ replace_batch_size: 3 lc_check: false wait_timeout: 1800 - state: present + - name: Get autoscaling_group info amazon.aws.autoscaling_group_info: name: "{{ resource_prefix }}-asg" - register: output + - ansible.builtin.assert: that: - output.results[0].instances | length == 3 @@ -349,7 +338,7 @@ name: "{{ resource_prefix }}-asg" state: absent wait_timeout: 800 - async: 400 + - name: "New asg with lc_check: false" amazon.aws.autoscaling_group: name: "{{ resource_prefix }}-asg" @@ -366,16 +355,15 @@ replace_batch_size: 3 lc_check: false wait_timeout: 1800 - state: present + - name: Get autoscaling_group information amazon.aws.autoscaling_group_info: name: "{{ resource_prefix }}-asg" - register: output + - ansible.builtin.assert: that: - output.results[0].instances | length == 3 - # we need a launch template, otherwise we cannot test the mixed instance policy - name: Create launch template for autoscaling group to test its mixed instances policy community.aws.ec2_launch_template: template_name: "{{ resource_prefix }}-lt" @@ -406,7 +394,7 @@ - t2.nano wait_for_instances: true register: output - check_mode: true + - ansible.builtin.assert: that: - output is changed @@ -428,7 +416,7 @@ - t3.micro - t2.nano wait_for_instances: true - register: output + - ansible.builtin.assert: that: - output.mixed_instances_policy | length == 2 @@ -453,7 +441,7 @@ on_demand_percentage_above_base_capacity: 0 spot_allocation_strategy: capacity-optimized wait_for_instances: true - register: output + - ansible.builtin.assert: that: - output.mixed_instances_policy_full['launch_template']['overrides'][0]['instance_type'] == 't3.micro' @@ -463,10 +451,9 @@ # ============================================================ - # Target group names have max length of 32 characters - ansible.builtin.set_fact: tg1_name: ansible-test-{{ tiny_prefix }}-asg-t1 - tg2_name: ansible-test-{{ tiny_prefix }}-asg-t2 + - name: Create target group 1 community.aws.elb_target_group: name: "{{ tg1_name }}" @@ -478,7 +465,7 @@ unhealthy_threshold_count: 2 vpc_id: "{{ testing_vpc.vpc.id }}" state: present - register: out_tg1 + - name: Create target group 2 community.aws.elb_target_group: name: "{{ tg2_name }}" @@ -490,7 +477,7 @@ unhealthy_threshold_count: 2 vpc_id: "{{ testing_vpc.vpc.id }}" state: present - register: out_tg2 + - name: Update autoscaling group with tg1 amazon.aws.autoscaling_group: name: "{{ resource_prefix }}-asg" @@ -503,7 +490,7 @@ max_size: 1 state: present wait_for_instances: true - register: output + - ansible.builtin.assert: that: - output.target_group_arns[0] == out_tg1.target_group_arn @@ -521,7 +508,7 @@ max_size: 1 state: present wait_for_instances: true - register: output + - ansible.builtin.assert: that: - output.target_group_arns | length == 2 @@ -538,7 +525,7 @@ max_size: 1 state: present wait_for_instances: true - register: output + - ansible.builtin.assert: that: - output.target_group_arns | length == 1 @@ -556,7 +543,7 @@ max_size: 1 state: present wait_for_instances: true - register: output + - ansible.builtin.assert: that: - output.target_group_arns | length == 1 @@ -574,7 +561,7 @@ max_size: 1 state: present wait_for_instances: true - register: output + - ansible.builtin.assert: that: - output.target_group_arns | length == 1 diff --git a/tests/integration/targets/autoscaling_group/roles/ec2_asg/tasks/env_setup.yml b/tests/integration/targets/autoscaling_group/roles/ec2_asg/tasks/env_setup.yml index 2776dec3061..412d54431a3 100644 --- a/tests/integration/targets/autoscaling_group/roles/ec2_asg/tasks/env_setup.yml +++ b/tests/integration/targets/autoscaling_group/roles/ec2_asg/tasks/env_setup.yml @@ -3,17 +3,18 @@ run_once: "{{ ec2_asg_setup_run_once }}" block: # Set up the testing dependencies: VPC, subnet, security group, and two launch configurations + - name: Create VPC for use in testing amazon.aws.ec2_vpc_net: name: "{{ resource_prefix }}-vpc" cidr_block: 10.55.77.0/24 tenancy: default - register: testing_vpc + - name: Create internet gateway for use in testing amazon.aws.ec2_vpc_igw: vpc_id: "{{ testing_vpc.vpc.id }}" state: present - register: igw + - name: Create subnet for use in testing amazon.aws.ec2_vpc_subnet: state: present @@ -22,7 +23,7 @@ az: "{{ aws_region }}a" resource_tags: Name: "{{ resource_prefix }}-subnet" - register: testing_subnet + - name: Create routing rules amazon.aws.ec2_vpc_route_table: vpc_id: "{{ testing_vpc.vpc.id }}" diff --git a/tests/integration/targets/autoscaling_group/roles/ec2_asg/tasks/tag_operations.yml b/tests/integration/targets/autoscaling_group/roles/ec2_asg/tasks/tag_operations.yml index f7f282629c0..376220f1d30 100644 --- a/tests/integration/targets/autoscaling_group/roles/ec2_asg/tasks/tag_operations.yml +++ b/tests/integration/targets/autoscaling_group/roles/ec2_asg/tasks/tag_operations.yml @@ -2,6 +2,7 @@ - name: Running AutoScalingGroup Tag operations test block: #---------------------------------------------------------------------- + - name: Create a launch configuration community.aws.autoscaling_launch_config: name: "{{ resource_prefix }}-lc-tag-test" @@ -9,7 +10,7 @@ region: "{{ aws_region }}" instance_type: t2.micro assign_public_ip: true - register: create_lc + - name: Ensure that lc is created ansible.builtin.assert: that: @@ -17,7 +18,6 @@ - create_lc.failed is false - '"autoscaling:CreateLaunchConfiguration" in create_lc.resource_actions' - #---------------------------------------------------------------------- - name: Create a AutoScalingGroup to be used for tag_operations test amazon.aws.autoscaling_group: name: "{{ resource_prefix }}-asg-tag-test" @@ -29,7 +29,7 @@ max_size: 1 desired_capacity: 1 region: "{{ aws_region }}" - register: create_asg + - name: Ensure that AutoScalingGroup is created ansible.builtin.assert: that: @@ -37,12 +37,10 @@ - create_asg.failed is false - '"autoscaling:CreateAutoScalingGroup" in create_asg.resource_actions' - #---------------------------------------------------------------------- - - name: Get asg info amazon.aws.autoscaling_group_info: name: "{{ resource_prefix }}-asg-tag-test" - register: info_result + - ansible.builtin.assert: that: - info_result.results[0].tags | length == 0 @@ -56,7 +54,7 @@ - tag_b: value 2 propagate_at_launch: true register: output - check_mode: true + - ansible.builtin.assert: that: - output is changed @@ -71,7 +69,7 @@ propagate_at_launch: false - tag_b: value 2 propagate_at_launch: true - register: output + - ansible.builtin.assert: that: - output.tags | length == 2 @@ -85,7 +83,7 @@ propagate_at_launch: true - tag_a: value 1 propagate_at_launch: false - register: output + - ansible.builtin.assert: that: - output.tags | length == 2 @@ -98,7 +96,7 @@ - tag_c: value 3 propagate_at_launch: false purge_tags: true - register: output + - ansible.builtin.assert: that: - output.tags | length == 1 @@ -110,7 +108,7 @@ tags: - tag_c: value 3 propagate_at_launch: true - register: output + - ansible.builtin.assert: that: - output.tags | length == 1 @@ -121,13 +119,13 @@ name: "{{ resource_prefix }}-asg-tag-test" tags: [] purge_tags: true - register: add_empty + - name: Get asg info amazon.aws.autoscaling_group_info: name: "{{ resource_prefix }}-asg-tag-test" - register: info_result + - ansible.builtin.set_fact: - tag_keys: "{{ info_result.results[0].tags | map(attribute='key') | list }}" + - ansible.builtin.assert: that: - add_empty is changed @@ -147,13 +145,13 @@ propagate_at_launch: true - snake_case: simple_snake_case propagate_at_launch: false - register: add_result + - name: Get asg info amazon.aws.autoscaling_group_info: name: "{{ resource_prefix }}-asg-tag-test" - register: info_result + - ansible.builtin.set_fact: - tag_keys: "{{ info_result.results[0].tags | map(attribute='key') | list }}" + - ansible.builtin.assert: that: - add_result is changed @@ -176,11 +174,11 @@ propagate_at_launch: true - snake_case: simple_snake_case propagate_at_launch: false - register: add_result + - name: Get asg info amazon.aws.autoscaling_group_info: name: "{{ resource_prefix }}-asg-tag-test" - register: info_result + - ansible.builtin.assert: that: - add_result is not changed @@ -196,13 +194,13 @@ - tag_b: val_b propagate_at_launch: true purge_tags: true - register: add_purge_result + - name: Get asg info amazon.aws.autoscaling_group_info: name: "{{ resource_prefix }}-asg-tag-test" - register: info_result + - ansible.builtin.set_fact: - tag_keys: "{{ info_result.results[0].tags | map(attribute='key') | list }}" + - ansible.builtin.assert: that: - add_purge_result is changed @@ -223,15 +221,15 @@ propagate_at_launch: false - tag_b: new_val_b propagate_at_launch: true - register: add_purge_result + - name: Get asg info amazon.aws.autoscaling_group_info: name: "{{ resource_prefix }}-asg-tag-test" - register: info_result + - ansible.builtin.set_fact: - tag_keys: "{{ info_result.results[0].tags | map(attribute='key') | list }}" + - ansible.builtin.set_fact: - tag_values: "{{ info_result.results[0].tags | map(attribute='value') | list }}" + - ansible.builtin.assert: that: - add_purge_result is changed @@ -254,13 +252,13 @@ propagate_at_launch: false - Title Case: Hello Cruel World propagate_at_launch: true - register: add_result + - name: Get asg info amazon.aws.autoscaling_group_info: name: "{{ resource_prefix }}-asg-tag-test" - register: info_result + - ansible.builtin.set_fact: - tag_keys: "{{ info_result.results[0].tags | map(attribute='key') | list }}" + - ansible.builtin.assert: that: - add_result is changed @@ -276,13 +274,13 @@ name: "{{ resource_prefix }}-asg-tag-test" tags: [] purge_tags: false - register: add_empty + - name: Get asg info amazon.aws.autoscaling_group_info: name: "{{ resource_prefix }}-asg-tag-test" - register: info_result + - ansible.builtin.set_fact: - tag_keys: "{{ info_result.results[0].tags | map(attribute='key') | list }}" + - ansible.builtin.assert: that: - add_empty is not changed @@ -298,13 +296,13 @@ name: "{{ resource_prefix }}-asg-tag-test" tags: [] purge_tags: true - register: add_empty + - name: Get asg info amazon.aws.autoscaling_group_info: name: "{{ resource_prefix }}-asg-tag-test" - register: info_result + - ansible.builtin.set_fact: - tag_keys: "{{ info_result.results[0].tags | map(attribute='key') | list }}" + - ansible.builtin.assert: that: - add_empty is changed @@ -316,9 +314,8 @@ - '"autoscaling:CreateOrUpdateTags" not in add_empty.resource_actions' - '"autoscaling:DeleteTags" in add_empty.resource_actions' - #---------------------------------------------------------------------- + #---------------------------------------------------------------------- - always: - name: Kill asg created in this test amazon.aws.autoscaling_group: name: "{{ resource_prefix }}-asg-tag-test" @@ -326,7 +323,7 @@ register: removed until: removed is not failed ignore_errors: true - retries: 10 + - name: Remove launch config created in this test community.aws.autoscaling_launch_config: name: "{{ resource_prefix }}-lc-tag-test" diff --git a/tests/integration/targets/aws_az_info/tasks/main.yml b/tests/integration/targets/aws_az_info/tasks/main.yml index 8d839612fc1..952b3a976fe 100644 --- a/tests/integration/targets/aws_az_info/tasks/main.yml +++ b/tests/integration/targets/aws_az_info/tasks/main.yml @@ -9,7 +9,6 @@ block: - name: List available AZs in current Region amazon.aws.aws_az_info: - register: region_azs - name: Check task return attributes vars: @@ -31,7 +30,6 @@ - name: List available AZs in current Region - check_mode amazon.aws.aws_az_info: check_mode: true - register: check_azs - name: Check task return attributes vars: @@ -50,11 +48,9 @@ - '"zone_name" in first_az' - '"zone_type" in first_az' - # Be specific - aws_region isn't guaranteed to be any specific value - name: List Available AZs in us-east-1 amazon.aws.aws_az_info: region: us-east-1 - register: us_east_1 - name: Check that an AZ from us-east-1 has valid looking attributes vars: @@ -86,7 +82,6 @@ region: us-west-2 filters: zone-name: us-west-2c - register: us_west_2 - name: Check that an AZ from us-west-2 has attributes we expect vars: @@ -119,7 +114,6 @@ region: eu-central-1 filters: zone_name: eu-central-1b - register: eu_central_1 - name: Check that eu-central-1b has the attributes we expect vars: @@ -152,8 +146,6 @@ region: eu-west-2 filters: zone-name: eu-west-2a - zone_name: eu-west-2c - register: eu_west_2 - name: Check that we get the AZ specified by zone_name rather than zone-name vars: diff --git a/tests/integration/targets/backup_plan/tasks/main.yml b/tests/integration/targets/backup_plan/tasks/main.yml index cbc0709e15b..5e50b261cbd 100644 --- a/tests/integration/targets/backup_plan/tasks/main.yml +++ b/tests/integration/targets/backup_plan/tasks/main.yml @@ -344,7 +344,6 @@ - backup_plan_create_result.exists is true - backup_plan_create_result.changed is false - always: - name: Delete AWS Backup plan created during this test amazon.aws.backup_plan: backup_plan_name: "{{ backup_plan_name }}" diff --git a/tests/integration/targets/backup_tag/tasks/main.yml b/tests/integration/targets/backup_tag/tasks/main.yml index c5fa372ea8e..0d63a913068 100644 --- a/tests/integration/targets/backup_tag/tasks/main.yml +++ b/tests/integration/targets/backup_tag/tasks/main.yml @@ -112,7 +112,6 @@ - remove_all_tags_result.tags | length == 0 - remove_all_tags_result.removed_tags | length == 2 - always: - name: Delete AWS Backup Vault created during this test amazon.aws.backup_vault: backup_vault_name: "{{ backup_vault_name }}" diff --git a/tests/integration/targets/backup_vault/tasks/main.yml b/tests/integration/targets/backup_vault/tasks/main.yml index cb5ceb4153e..b03b9a8ec02 100644 --- a/tests/integration/targets/backup_vault/tasks/main.yml +++ b/tests/integration/targets/backup_vault/tasks/main.yml @@ -244,7 +244,6 @@ - updated_tags_idempotency_info.backup_vaults[0].backup_vault_name == updated_tags_info.backup_vaults[0].backup_vault_name - updated_tags_idempotency_info.backup_vaults[0].tags == updated_tags_info.backup_vaults[0].tags - always: - name: Delete AWS Backup Vault created during this test amazon.aws.backup_vault: backup_vault_name: "{{ backup_vault_name }}" diff --git a/tests/integration/targets/ec2_ami/tasks/main.yml b/tests/integration/targets/ec2_ami/tasks/main.yml index 0e145bc92ab..703e060f3f8 100644 --- a/tests/integration/targets/ec2_ami/tasks/main.yml +++ b/tests/integration/targets/ec2_ami/tasks/main.yml @@ -12,6 +12,7 @@ # ============================================================ # SETUP: vpc, ec2 key pair, subnet, security group, ec2 instance, snapshot + - name: Create a VPC to work in amazon.aws.ec2_vpc_net: cidr_block: "{{ vpc_cidr }}" @@ -731,8 +732,6 @@ always: # ============================================================ - - # TEAR DOWN: snapshot, ec2 instance, ec2 key pair, security group, vpc - name: Announce teardown start ansible.builtin.debug: msg: "***** TESTING COMPLETE. COMMENCE TEARDOWN *****" diff --git a/tests/integration/targets/ec2_ami_instance/tasks/main.yml b/tests/integration/targets/ec2_ami_instance/tasks/main.yml index 446ecef7dda..f18014ea973 100644 --- a/tests/integration/targets/ec2_ami_instance/tasks/main.yml +++ b/tests/integration/targets/ec2_ami_instance/tasks/main.yml @@ -12,6 +12,7 @@ # ============================================================ # SETUP: vpc, ec2 key pair, subnet, security group, ec2 instance, snapshot + - name: Create a VPC to work in amazon.aws.ec2_vpc_net: cidr_block: "{{ vpc_cidr }}" @@ -349,8 +350,6 @@ always: # ============================================================ - - # TEAR DOWN: snapshot, ec2 instance, ec2 key pair, security group, vpc - name: Announce teardown start ansible.builtin.debug: msg: "***** TESTING COMPLETE. COMMENCE TEARDOWN *****" diff --git a/tests/integration/targets/ec2_ami_snapshot/tasks/main.yml b/tests/integration/targets/ec2_ami_snapshot/tasks/main.yml index 278f70954ed..2f79eb4119c 100644 --- a/tests/integration/targets/ec2_ami_snapshot/tasks/main.yml +++ b/tests/integration/targets/ec2_ami_snapshot/tasks/main.yml @@ -12,6 +12,7 @@ # ============================================================ # SETUP: vpc, ec2 key pair, subnet, security group, ec2 instance, snapshot + - name: Create a VPC to work in amazon.aws.ec2_vpc_net: cidr_block: "{{ vpc_cidr }}" @@ -349,8 +350,6 @@ always: # ============================================================ - - # TEAR DOWN: snapshot, ec2 instance, ec2 key pair, security group, vpc - name: Announce teardown start ansible.builtin.debug: msg: "***** TESTING COMPLETE. COMMENCE TEARDOWN *****" diff --git a/tests/integration/targets/ec2_ami_tpm/tasks/main.yml b/tests/integration/targets/ec2_ami_tpm/tasks/main.yml index f4136188407..d726305e15c 100644 --- a/tests/integration/targets/ec2_ami_tpm/tasks/main.yml +++ b/tests/integration/targets/ec2_ami_tpm/tasks/main.yml @@ -12,6 +12,7 @@ # ============================================================ # SETUP: vpc, ec2 key pair, subnet, security group, ec2 instance, snapshot + - name: Create a VPC to work in amazon.aws.ec2_vpc_net: cidr_block: "{{ vpc_cidr }}" @@ -120,8 +121,6 @@ always: # ============================================================ - - # TEAR DOWN: snapshot, ec2 instance, ec2 key pair, security group, vpc - name: Announce teardown start ansible.builtin.debug: msg: "***** TESTING COMPLETE. COMMENCE TEARDOWN *****" diff --git a/tests/integration/targets/ec2_instance_checkmode_tests/tasks/main.yml b/tests/integration/targets/ec2_instance_checkmode_tests/tasks/main.yml index 01cd5e31c4b..144539fa8b0 100644 --- a/tests/integration/targets/ec2_instance_checkmode_tests/tasks/main.yml +++ b/tests/integration/targets/ec2_instance_checkmode_tests/tasks/main.yml @@ -199,7 +199,6 @@ that: - confirm_terminatedinstance_fact.instances[0].state.name == "terminated" - always: - name: Terminate checkmode instances amazon.aws.ec2_instance: state: absent diff --git a/tests/integration/targets/ec2_instance_default_vpc_tests/tasks/main.yml b/tests/integration/targets/ec2_instance_default_vpc_tests/tasks/main.yml index 4fd9b407d8b..d6ac36b0901 100644 --- a/tests/integration/targets/ec2_instance_default_vpc_tests/tasks/main.yml +++ b/tests/integration/targets/ec2_instance_default_vpc_tests/tasks/main.yml @@ -54,7 +54,6 @@ tags: TestId: "{{ ec2_instance_tag_TestId }}" - always: - name: Terminate vpc_tests instances amazon.aws.ec2_instance: state: absent diff --git a/tests/integration/targets/ec2_instance_external_resource_attach/tasks/main.yml b/tests/integration/targets/ec2_instance_external_resource_attach/tasks/main.yml index 9b373bee13a..959de3a9dd9 100644 --- a/tests/integration/targets/ec2_instance_external_resource_attach/tasks/main.yml +++ b/tests/integration/targets/ec2_instance_external_resource_attach/tasks/main.yml @@ -7,6 +7,7 @@ region: "{{ aws_region }}" block: # Make custom ENIs and attach via the `network` parameter + - amazon.aws.ec2_eni: state: present delete_on_termination: true diff --git a/tests/integration/targets/ec2_instance_tags_and_vpc_settings/tasks/main.yml b/tests/integration/targets/ec2_instance_tags_and_vpc_settings/tasks/main.yml index 3ba4bceae4f..7e4ee62f3ed 100644 --- a/tests/integration/targets/ec2_instance_tags_and_vpc_settings/tasks/main.yml +++ b/tests/integration/targets/ec2_instance_tags_and_vpc_settings/tasks/main.yml @@ -60,13 +60,13 @@ security_groups: "{{ sg.group_id }}" vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" instance_type: "{{ ec2_instance_type }}" - register: remake_in_test_vpc + - name: Remaking the same instance resulted in no changes ansible.builtin.assert: - that: not remake_in_test_vpc.changed + - name: Check that instance IDs match anyway ansible.builtin.assert: - that: remake_in_test_vpc.instance_ids[0] == in_test_vpc.instance_ids[0] + - name: Check that source_dest_check was set to false ansible.builtin.assert: that: not remake_in_test_vpc.instances[0].source_dest_check @@ -105,7 +105,7 @@ - amazon.aws.ec2_instance_info: instance_ids: "{{ add_another_tag.instance_ids }}" - register: check_tags + - name: Remaking the same instance resulted in no changes ansible.builtin.assert: that: @@ -138,7 +138,7 @@ that: - check_tags.instances[0].public_dns_name == "" - check_tags.instances[0].private_ip_address.startswith(subnet_b_startswith) - - check_tags.instances[0].subnet_id == testing_subnet_b.subnet.id + - name: Check that tags were applied ansible.builtin.assert: that: diff --git a/tests/integration/targets/ec2_key/tasks/main.yml b/tests/integration/targets/ec2_key/tasks/main.yml index c60beff23e3..929fc209286 100644 --- a/tests/integration/targets/ec2_key/tasks/main.yml +++ b/tests/integration/targets/ec2_key/tasks/main.yml @@ -19,7 +19,6 @@ ansible.builtin.set_fact: priv_key_file_name: "{{ _tmpdir.path }}/aws_ssh_rsa" - # ============================================================ - name: Test with no parameters amazon.aws.ec2_key: register: result @@ -31,7 +30,6 @@ - result.failed - 'result.msg == "missing required arguments: name"' - # ============================================================ - name: Test removing a non-existent key pair (check mode) amazon.aws.ec2_key: name: "{{ ec2_key_name }}" @@ -57,7 +55,7 @@ # ============================================================ # Test: create new key by AWS (key_material not provided) - # ============================================================ + - name: Test creating a new key pair (check_mode) amazon.aws.ec2_key: name: "{{ ec2_key_name }}" @@ -284,7 +282,6 @@ that: - result is not changed - # ============================================================ - name: Test updating tags without purge (check mode) amazon.aws.ec2_key: name: "{{ ec2_key_name }}" @@ -394,7 +391,6 @@ - '"newKey" in result.key.tags' - result.key.tags['newKey'] == 'Another value' - # ============================================================ - name: Test updating tags with purge (check mode) amazon.aws.ec2_key: name: "{{ ec2_key_name }}" @@ -479,7 +475,6 @@ - '"newKey" in result.key.tags' - result.key.tags['newKey'] == 'Another value' - # ============================================================ - name: Test removing an existent key (check mode) amazon.aws.ec2_key: name: "{{ ec2_key_name }}" @@ -519,7 +514,6 @@ register: keys failed_when: keys.keypairs | length > 0 - # ============================================================ - name: Test state=present with key_material amazon.aws.ec2_key: name: "{{ ec2_key_name }}" @@ -555,7 +549,7 @@ - '"tags" in key_info.keypairs[0]' - key_info.keypairs[0].key_name == ec2_key_name - key_info.keypairs[0].key_fingerprint == fingerprint - # ============================================================ + - name: Test state=present with key_material (idempotency) amazon.aws.ec2_key: name: "{{ ec2_key_name }}" @@ -606,7 +600,6 @@ - result.changed - result.key.fingerprint != fingerprint - # ============================================================ - name: Test state=absent (expect changed=true) amazon.aws.ec2_key: name: "{{ ec2_key_name }}" @@ -620,7 +613,6 @@ - '"key" in result' - result.key == None - # ============================================================ - name: Test create ED25519 key pair type amazon.aws.ec2_key: name: "{{ ec2_key_name }}" @@ -646,7 +638,6 @@ - result.key.type == "rsa" always: - # ============================================================ - name: Always delete the key we might create amazon.aws.ec2_key: name: "{{ item }}" diff --git a/tests/integration/targets/ec2_metadata_facts/playbooks/setup.yml b/tests/integration/targets/ec2_metadata_facts/playbooks/setup.yml index 38012c5ac2c..73d92277cd6 100644 --- a/tests/integration/targets/ec2_metadata_facts/playbooks/setup.yml +++ b/tests/integration/targets/ec2_metadata_facts/playbooks/setup.yml @@ -28,14 +28,13 @@ session_token: "{{ security_token | default(omit) }}" - ansible.builtin.include_role: - name: ../setup_sshkey + - ansible.builtin.include_role: name: ../setup_ec2_facts - ansible.builtin.set_fact: availability_zone: "{{ ec2_availability_zone_names[0] }}" - # ============================================================ - name: Create a VPC amazon.aws.ec2_vpc_net: name: "{{ resource_prefix }}-vpc" diff --git a/tests/integration/targets/ec2_metadata_facts/playbooks/teardown.yml b/tests/integration/targets/ec2_metadata_facts/playbooks/teardown.yml index 377f201dbd9..d9d37bbba82 100644 --- a/tests/integration/targets/ec2_metadata_facts/playbooks/teardown.yml +++ b/tests/integration/targets/ec2_metadata_facts/playbooks/teardown.yml @@ -14,7 +14,6 @@ tasks: # ============================================================ - - name: Terminate the instance amazon.aws.ec2_instance: state: absent diff --git a/tests/integration/targets/ec2_metadata_facts/playbooks/test_metadata.yml b/tests/integration/targets/ec2_metadata_facts/playbooks/test_metadata.yml index d055480f7aa..376ca3a6624 100644 --- a/tests/integration/targets/ec2_metadata_facts/playbooks/test_metadata.yml +++ b/tests/integration/targets/ec2_metadata_facts/playbooks/test_metadata.yml @@ -6,6 +6,7 @@ - amazon.aws.ec2_metadata_facts: + - name: Assert initial metadata for the instance ansible.builtin.assert: that: diff --git a/tests/integration/targets/ec2_security_group/tasks/multi_account.yml b/tests/integration/targets/ec2_security_group/tasks/multi_account.yml index 2d01bc2107f..1e73565733a 100644 --- a/tests/integration/targets/ec2_security_group/tasks/multi_account.yml +++ b/tests/integration/targets/ec2_security_group/tasks/multi_account.yml @@ -2,6 +2,7 @@ - block: - amazon.aws.aws_caller_info: register: caller_facts + - name: Create a VPC amazon.aws.ec2_vpc_net: name: "{{ resource_prefix }}-vpc-2" @@ -9,14 +10,14 @@ cidr_block: "{{ vpc_cidr }}" tags: Description: Created by ansible-test - register: vpc_result_2 + - name: Peer the secondary-VPC to the main VPC community.aws.ec2_vpc_peer: vpc_id: "{{ vpc_result_2.vpc.id }}" peer_vpc_id: "{{ vpc_result.vpc.id }}" peer_owner_id: "{{ caller_facts.account }}" peer_region: "{{ aws_region }}" - register: peer_origin + - name: Accept the secondary-VPC peering connection in the main VPC community.aws.ec2_vpc_peer: peer_vpc_id: "{{ vpc_result_2.vpc.id }}" @@ -24,7 +25,7 @@ state: accept peering_id: "{{ peer_origin.peering_id }}" peer_owner_id: "{{ caller_facts.account }}" - peer_region: "{{ aws_region }}" + - name: Create group in second VPC amazon.aws.ec2_security_group: name: "{{ ec2_group_name }}-external" @@ -37,7 +38,7 @@ ports: - 80 rule_desc: http whoo - register: external + - name: Create group in internal VPC amazon.aws.ec2_security_group: name: "{{ ec2_group_name }}-internal" @@ -48,7 +49,7 @@ - proto: tcp group_id: "{{ caller_facts.account }}/{{ external.group_id }}/{{ ec2_group_name }}-external" ports: - - 80 + - name: Re-make same rule, expecting changed=false in internal VPC amazon.aws.ec2_security_group: name: "{{ ec2_group_name }}-internal" @@ -60,10 +61,10 @@ group_id: "{{ caller_facts.account }}/{{ external.group_id }}/{{ ec2_group_name }}-external" ports: - 80 - register: out + - ansible.builtin.assert: that: - - out is not changed + - name: Try again with a bad group_id group in internal VPC amazon.aws.ec2_security_group: name: "{{ ec2_group_name }}-internal" @@ -76,14 +77,14 @@ ports: - 80 register: out - ignore_errors: true + - ansible.builtin.assert: that: - out is failed - always: + - ansible.builtin.pause: seconds: "5" - cmd: "" + - name: Delete secondary-VPC side of peer community.aws.ec2_vpc_peer: vpc_id: "{{ vpc_result_2.vpc.id }}" @@ -92,7 +93,7 @@ state: absent peer_owner_id: "{{ caller_facts.account }}" peer_region: "{{ aws_region }}" - ignore_errors: true + - name: Delete main-VPC side of peer community.aws.ec2_vpc_peer: peer_vpc_id: "{{ vpc_result_2.vpc.id }}" @@ -101,21 +102,21 @@ peering_id: "{{ peer_origin.peering_id }}" peer_owner_id: "{{ caller_facts.account }}" peer_region: "{{ aws_region }}" - ignore_errors: true + - name: Clean up group in second VPC amazon.aws.ec2_security_group: name: "{{ ec2_group_name }}-external" description: "{{ ec2_group_description }}" state: absent vpc_id: "{{ vpc_result_2.vpc.id }}" - ignore_errors: true + - name: Clean up group in second VPC amazon.aws.ec2_security_group: name: "{{ ec2_group_name }}-internal" description: "{{ ec2_group_description }}" state: absent vpc_id: "{{ vpc_result.vpc.id }}" - ignore_errors: true + - name: Tidy up VPC amazon.aws.ec2_vpc_net: name: "{{ resource_prefix }}-vpc-2" diff --git a/tests/integration/targets/ec2_tag/tasks/main.yml b/tests/integration/targets/ec2_tag/tasks/main.yml index 8ae2eb2d19a..c7f44250e01 100644 --- a/tests/integration/targets/ec2_tag/tasks/main.yml +++ b/tests/integration/targets/ec2_tag/tasks/main.yml @@ -33,7 +33,7 @@ foo: foo bar: baz baz: also baz - register: result + - name: List the new tags on the volume amazon.aws.ec2_tag_info: resource: "{{ volume.volume_id }}" @@ -125,7 +125,6 @@ - result is changed - result.tags | length == 0 - always: - name: Remove the volume amazon.aws.ec2_vol: id: "{{ volume.volume_id }}" diff --git a/tests/integration/targets/ec2_vpc_dhcp_option/tasks/main.yml b/tests/integration/targets/ec2_vpc_dhcp_option/tasks/main.yml index 6a86caa87b5..8b6f9c08ef6 100644 --- a/tests/integration/targets/ec2_vpc_dhcp_option/tasks/main.yml +++ b/tests/integration/targets/ec2_vpc_dhcp_option/tasks/main.yml @@ -16,6 +16,7 @@ block: # DHCP option set can be attached to multiple VPCs, we don't want to use any that # don't belong to this test run + - name: Find all DHCP option sets that already exist before running tests amazon.aws.ec2_vpc_dhcp_option_info: register: result @@ -39,7 +40,6 @@ vpc_id: "{{ vpc.vpc.id }}" default_options_id: "{{ vpc.vpc.dhcp_options_id }}" - ## ============================================ - name: Option Sets can be attached to multiple VPCs, create a new one if the test VPC is reusing a pre-existing one when: vpc.vpc.dhcp_options_id in preexisting_option_sets block: @@ -93,7 +93,7 @@ ## ============================================ # FIXME: always reassociated to lowest alphanum dhcp_options_id when vpc_id is provided without options, - # This task will return an unpredictable dhcp_option_id so we can't assert anything about the option's values + - name: Test a DHCP option exists (check mode) amazon.aws.ec2_vpc_dhcp_option: state: present @@ -110,7 +110,6 @@ that: - not found_dhcp_options.changed - # FIXME: always reassociated when vpc_id is provided without options, so here we provide the default options - name: Test a DHCP option exists amazon.aws.ec2_vpc_dhcp_option: state: present @@ -128,7 +127,6 @@ - found_dhcp_options.dhcp_options_id is defined - original_dhcp_options_id == found_dhcp_options.dhcp_options_id - # Create a DHCP option set that inherits from the default set and does not delete the old set - name: Create a DHCP option set that inherits from the default set (check mode) amazon.aws.ec2_vpc_dhcp_option: state: present @@ -211,7 +209,6 @@ - new_dhcp_options.dhcp_config[0]['domain-name'] == [aws_domain_name] - new_dhcp_options.dhcp_config[0]['domain-name-servers'] == ['AmazonProvidedDNS'] - # FIXME: no way to associate `default` in the module - name: Re-associate the default DHCP options set so that the new one can be deleted amazon.aws.ec2_vpc_dhcp_option: vpc_id: "{{ vpc_id }}" @@ -313,7 +310,6 @@ dhcp_options_id: "{{ new_dhcp_options_id }}" state: absent - # Create a DHCP option set that inherits from the default set overwrites a default and deletes the old set - name: Create a DHCP option set that inherits from the default set and deletes the original set (check mode) amazon.aws.ec2_vpc_dhcp_option: state: present @@ -862,7 +858,6 @@ # that: # - dhcp_options.changed - # FIXME: does nothing - the module should associate "default" with the VPC provided but currently does not - name: Removing the DHCP option set amazon.aws.ec2_vpc_dhcp_option: state: absent @@ -897,7 +892,6 @@ that: - not dhcp_options.changed - always: - name: Re-associate the default DHCP options set so that the new one(s) can be deleted amazon.aws.ec2_vpc_dhcp_option: vpc_id: "{{ vpc_id }}" diff --git a/tests/integration/targets/ec2_vpc_endpoint/tasks/main.yml b/tests/integration/targets/ec2_vpc_endpoint/tasks/main.yml index ea9ba290dcd..52f6489bfc3 100644 --- a/tests/integration/targets/ec2_vpc_endpoint/tasks/main.yml +++ b/tests/integration/targets/ec2_vpc_endpoint/tasks/main.yml @@ -9,6 +9,7 @@ block: # ============================================================ # BEGIN PRE-TEST SETUP + - name: Create a VPC amazon.aws.ec2_vpc_net: state: present @@ -17,7 +18,7 @@ tags: AnsibleTest: ec2_vpc_endpoint AnsibleRun: "{{ resource_prefix }}" - register: vpc_creation + - name: Assert success ansible.builtin.assert: that: @@ -31,7 +32,7 @@ Name: "{{ resource_prefix }}" AnsibleTest: ec2_vpc_endpoint AnsibleRun: "{{ resource_prefix }}" - register: igw_creation + - name: Assert success ansible.builtin.assert: that: @@ -70,11 +71,10 @@ # ============================================================ # BEGIN TESTS - # Minimal check_mode with _info - name: Fetch Endpoints in check_mode amazon.aws.ec2_vpc_endpoint_info: register: endpoint_info - check_mode: true + - name: Assert success ansible.builtin.assert: that: @@ -84,14 +84,13 @@ - endpoint_info is successful - '"vpc_endpoints" in endpoint_info' - # Attempt to create an endpoint - name: Create minimal endpoint (check mode) amazon.aws.ec2_vpc_endpoint: state: present vpc_id: "{{ vpc_id }}" service: "{{ endpoint_service_a }}" register: create_endpoint_check - check_mode: true + - name: Assert changed ansible.builtin.assert: that: @@ -103,7 +102,7 @@ vpc_id: "{{ vpc_id }}" service: "{{ endpoint_service_a }}" wait: true - register: create_endpoint + - name: Check standard return values ansible.builtin.assert: that: @@ -134,10 +133,9 @@ ansible.builtin.set_fact: endpoint_id: "{{ create_endpoint.result.vpc_endpoint_id }}" - # Pull info about the endpoints - name: Fetch Endpoints (all) amazon.aws.ec2_vpc_endpoint_info: - register: endpoint_info + - name: Assert success ansible.builtin.assert: that: @@ -170,7 +168,7 @@ - name: Fetch Endpoints (targetted by ID) amazon.aws.ec2_vpc_endpoint_info: vpc_endpoint_ids: "{{ endpoint_id }}" - register: endpoint_info + - name: Assert success ansible.builtin.assert: that: @@ -208,7 +206,7 @@ filters: vpc-id: - "{{ vpc_id }}" - register: endpoint_info + - name: Assert success ansible.builtin.assert: that: @@ -240,14 +238,13 @@ vars: first_endpoint: "{{ endpoint_info.vpc_endpoints[0] }}" - # matches on parameters without explicitly passing the endpoint ID - name: Create minimal endpoint - idempotency (check mode) amazon.aws.ec2_vpc_endpoint: state: present vpc_id: "{{ vpc_id }}" service: "{{ endpoint_service_a }}" register: create_endpoint_idem_check - check_mode: true + - ansible.builtin.assert: that: - create_endpoint_idem_check is not changed @@ -257,7 +254,7 @@ state: present vpc_id: "{{ vpc_id }}" service: "{{ endpoint_service_a }}" - register: create_endpoint_idem + - ansible.builtin.assert: that: - create_endpoint_idem is not changed @@ -267,7 +264,7 @@ state: absent vpc_endpoint_id: "{{ endpoint_id }}" check_mode: true - register: endpoint_delete_check + - ansible.builtin.assert: that: - endpoint_delete_check is changed @@ -276,7 +273,7 @@ amazon.aws.ec2_vpc_endpoint: state: absent vpc_endpoint_id: "{{ endpoint_id }}" - register: endpoint_delete_check + - ansible.builtin.assert: that: - endpoint_delete_check is changed @@ -286,7 +283,7 @@ state: absent vpc_endpoint_id: "{{ endpoint_id }}" check_mode: true - register: endpoint_delete_check + - ansible.builtin.assert: that: - endpoint_delete_check is not changed @@ -295,7 +292,7 @@ amazon.aws.ec2_vpc_endpoint: state: absent vpc_endpoint_id: "{{ endpoint_id }}" - register: endpoint_delete_check + - ansible.builtin.assert: that: - endpoint_delete_check is not changed @@ -304,7 +301,7 @@ amazon.aws.ec2_vpc_endpoint_info: vpc_endpoint_ids: "{{ endpoint_id }}" ignore_errors: true - register: endpoint_info + - name: Assert endpoint does not exist ansible.builtin.assert: that: @@ -312,7 +309,6 @@ - '"does not exist" in endpoint_info.msg' - endpoint_info.vpc_endpoints | length == 0 - # Attempt to create an endpoint with a route table - name: Create an endpoint with route table (check mode) amazon.aws.ec2_vpc_endpoint: state: present @@ -321,7 +317,7 @@ route_table_ids: - "{{ rtb_empty_id }}" register: create_endpoint_check - check_mode: true + - name: Assert changed ansible.builtin.assert: that: @@ -335,7 +331,7 @@ route_table_ids: - "{{ rtb_empty_id }}" wait: true - register: create_rtb_endpoint + - name: Check standard return values ansible.builtin.assert: that: @@ -377,7 +373,7 @@ route_table_ids: - "{{ rtb_empty_id }}" register: create_endpoint_check - check_mode: true + - name: Assert changed ansible.builtin.assert: that: @@ -391,7 +387,7 @@ route_table_ids: - "{{ rtb_empty_id }}" register: create_endpoint_check - check_mode: true + - name: Assert changed ansible.builtin.assert: that: @@ -649,7 +645,7 @@ state: absent lookup: id route_table_id: "{{ rtb_empty_id }}" - register: rtb_delete + - ansible.builtin.assert: that: - rtb_delete is changed @@ -658,7 +654,7 @@ amazon.aws.ec2_vpc_route_table: state: absent lookup: id - route_table_id: "{{ rtb_igw_id }}" + - ansible.builtin.assert: that: - rtb_delete is changed @@ -667,7 +663,7 @@ amazon.aws.ec2_vpc_endpoint: state: absent vpc_endpoint_id: "{{ rtb_endpoint_id }}" - register: endpoint_delete_check + - ansible.builtin.assert: that: - endpoint_delete_check is changed @@ -677,7 +673,7 @@ state: absent vpc_endpoint_id: "{{ rtb_endpoint_id }}" check_mode: true - register: endpoint_delete_check + - ansible.builtin.assert: that: - endpoint_delete_check is not changed @@ -686,7 +682,7 @@ amazon.aws.ec2_vpc_endpoint: state: absent vpc_endpoint_id: "{{ endpoint_id }}" - register: endpoint_delete_check + - ansible.builtin.assert: that: - endpoint_delete_check is not changed @@ -697,17 +693,17 @@ vpc_id: "{{ vpc_id }}" service: "{{ endpoint_service_a }}" vpc_endpoint_type: Interface - register: create_interface_endpoint + - name: Check that the interface endpoint was created properly ansible.builtin.assert: that: - create_interface_endpoint is changed - - create_interface_endpoint.result.vpc_endpoint_type == "Interface" + - name: Delete interface endpoint amazon.aws.ec2_vpc_endpoint: state: absent vpc_endpoint_id: "{{ create_interface_endpoint.result.vpc_endpoint_id }}" - register: interface_endpoint_delete_check + - ansible.builtin.assert: that: - interface_endpoint_delete_check is changed @@ -742,7 +738,7 @@ vpc_endpoint_subnets: "{{ interface_endpoint_create_subnet_check.subnet.id }}" vpc_endpoint_security_groups: "{{ interface_endpoint_create_sg_check.group_id }}" wait: true - register: create_interface_endpoint_with_sg_subnets + - name: Check that the interface endpoint was created properly ansible.builtin.assert: that: @@ -754,14 +750,14 @@ state: absent vpc_endpoint_id: "{{ create_interface_endpoint_with_sg_subnets.result.vpc_endpoint_id }}" wait: true - register: create_interface_endpoint_with_sg_subnets_delete_check + - ansible.builtin.assert: that: - create_interface_endpoint_with_sg_subnets_delete_check is changed - # ============================================================ - # BEGIN POST-TEST CLEANUP - always: + # ============================================================ + # BEGIN POST-TEST CLEANUP + - name: Query any remain endpoints we created amazon.aws.ec2_vpc_endpoint_info: filters: diff --git a/tests/integration/targets/ec2_vpc_nat_gateway/tasks/main.yml b/tests/integration/targets/ec2_vpc_nat_gateway/tasks/main.yml index df2e81c4096..1cd0b2411fb 100644 --- a/tests/integration/targets/ec2_vpc_nat_gateway/tasks/main.yml +++ b/tests/integration/targets/ec2_vpc_nat_gateway/tasks/main.yml @@ -1,4 +1,404 @@ --- +- name: Ec2_vpc_nat_gateway tests + module_defaults: + group/aws: + access_key: "{{ aws_access_key }}" + secret_key: "{{ aws_secret_key }}" + session_token: "{{ security_token | default(omit) }}" + region: "{{ aws_region }}" + block: + # ============================================================ + + - name: Create a VPC + amazon.aws.ec2_vpc_net: + name: "{{ vpc_name }}" + state: present + cidr_block: "{{ vpc_cidr }}" + register: vpc_result + + - name: Assert success + ansible.builtin.assert: + that: + - vpc_result is successful + - '"vpc" in vpc_result' + - '"cidr_block" in vpc_result.vpc' + - vpc_result.vpc.cidr_block == vpc_cidr + - '"id" in vpc_result.vpc' + - vpc_result.vpc.id.startswith("vpc-") + - '"state" in vpc_result.vpc' + - vpc_result.vpc.state == 'available' + - '"tags" in vpc_result.vpc' + + - name: "Set fact: VPC ID" + ansible.builtin.set_fact: + vpc_id: "{{ vpc_result.vpc.id }}" + + - name: Allocate a new EIP + amazon.aws.ec2_eip: + in_vpc: true + reuse_existing_ip_allowed: true + tag_name: FREE + register: eip_result + + - name: Assert success + ansible.builtin.assert: + that: + - eip_result is successful + - '"allocation_id" in eip_result' + - eip_result.allocation_id.startswith("eipalloc-") + - '"public_ip" in eip_result' + + - name: "Set fact: EIP allocation ID and EIP public IP" + ansible.builtin.set_fact: + eip_address: "{{ eip_result.public_ip }}" + allocation_id: "{{ eip_result.allocation_id }}" + + - name: Create subnet and associate to the VPC + amazon.aws.ec2_vpc_subnet: + state: present + vpc_id: "{{ vpc_id }}" + cidr: "{{ subnet_cidr }}" + register: subnet_result + + - name: Assert success + ansible.builtin.assert: + that: + - subnet_result is successful + - '"subnet" in subnet_result' + - '"cidr_block" in subnet_result.subnet' + - subnet_result.subnet.cidr_block == subnet_cidr + - '"id" in subnet_result.subnet' + - subnet_result.subnet.id.startswith("subnet-") + - '"state" in subnet_result.subnet' + - subnet_result.subnet.state == 'available' + - '"tags" in subnet_result.subnet' + - subnet_result.subnet.vpc_id == vpc_id + + - name: "Set fact: VPC subnet ID" + ansible.builtin.set_fact: + subnet_id: "{{ subnet_result.subnet.id }}" + + - name: Search for NAT gateways by subnet (no matches) - CHECK_MODE + amazon.aws.ec2_vpc_nat_gateway_info: + filters: + subnet-id: "{{ subnet_id }}" + state: [available] + register: existing_ngws + check_mode: true + + - name: Assert no NAT gateway found - CHECK_MODE + ansible.builtin.assert: + that: + - existing_ngws is successful + - (existing_ngws.result|length) == 0 + + - name: Search for NAT gateways by subnet - no matches + amazon.aws.ec2_vpc_nat_gateway_info: + filters: + subnet-id: "{{ subnet_id }}" + state: [available] + register: existing_ngws + + - name: Assert no NAT gateway found + ansible.builtin.assert: + that: + - existing_ngws is successful + - (existing_ngws.result|length) == 0 + + - name: Create IGW + amazon.aws.ec2_vpc_igw: + vpc_id: "{{ vpc_id }}" + register: create_igw + + - name: Assert success + ansible.builtin.assert: + that: + - create_igw is successful + - create_igw.gateway_id.startswith("igw-") + - create_igw.vpc_id == vpc_id + - '"gateway_id" in create_igw' + + - name: Create new NAT gateway with eip allocation-id - CHECK_MODE + amazon.aws.ec2_vpc_nat_gateway: + subnet_id: "{{ subnet_id }}" + allocation_id: "{{ allocation_id }}" + wait: true + register: create_ngw + check_mode: true + + - name: Assert creation happened (expected changed=true) - CHECK_MODE + ansible.builtin.assert: + that: + - create_ngw.changed + + - name: Create new NAT gateway with eip allocation-id + amazon.aws.ec2_vpc_nat_gateway: + subnet_id: "{{ subnet_id }}" + allocation_id: "{{ allocation_id }}" + wait: true + register: create_ngw + + - name: Assert creation happened (expected changed=true) + ansible.builtin.assert: + that: + - create_ngw.changed + - '"create_time" in create_ngw' + - '"nat_gateway_addresses" in create_ngw' + - '"nat_gateway_id" in create_ngw' + - create_ngw.nat_gateway_addresses[0].allocation_id == allocation_id + - create_ngw.nat_gateway_id.startswith("nat-") + - '"state" in create_ngw' + - create_ngw.state == 'available' + - '"subnet_id" in create_ngw' + - create_ngw.subnet_id == subnet_id + - '"tags" in create_ngw' + - '"vpc_id" in create_ngw' + - create_ngw.vpc_id == vpc_id + + - name: "Set facts: NAT gateway ID" + ansible.builtin.set_fact: + nat_gateway_id: "{{ create_ngw.nat_gateway_id }}" + network_interface_id: "{{ create_ngw.nat_gateway_addresses[0].network_interface_id }}" + + - name: Get NAT gateway with specific filters (state and subnet) + amazon.aws.ec2_vpc_nat_gateway_info: + filters: + subnet-id: "{{ subnet_id }}" + state: [available] + register: avalaible_ngws + + - name: Assert success + ansible.builtin.assert: + that: + - avalaible_ngws is successful + - avalaible_ngws.result | length == 1 + - '"create_time" in first_ngw' + - '"nat_gateway_addresses" in first_ngw' + - '"nat_gateway_id" in first_ngw' + - first_ngw.nat_gateway_id == nat_gateway_id + - '"state" in first_ngw' + - first_ngw.state == 'available' + - '"subnet_id" in first_ngw' + - first_ngw.subnet_id == subnet_id + - '"tags" in first_ngw' + - '"vpc_id" in first_ngw' + - first_ngw.vpc_id == vpc_id + vars: + first_ngw: "{{ avalaible_ngws.result[0] }}" + + - name: Trying this again for idempotency - create new NAT gateway with eip allocation-id - CHECK_MODE + amazon.aws.ec2_vpc_nat_gateway: + subnet_id: "{{ subnet_id }}" + allocation_id: "{{ allocation_id }}" + wait: true + register: create_ngw + check_mode: true + + - name: Assert recreation would do nothing (expected changed=false) - CHECK_MODE + ansible.builtin.assert: + that: + - not create_ngw.changed + - '"create_time" in create_ngw' + - '"nat_gateway_addresses" in create_ngw' + - '"nat_gateway_id" in create_ngw' + - create_ngw.nat_gateway_addresses[0].allocation_id == allocation_id + - create_ngw.nat_gateway_id.startswith("nat-") + - '"state" in create_ngw' + - create_ngw.state == 'available' + - '"subnet_id" in create_ngw' + - create_ngw.subnet_id == subnet_id + - '"tags" in create_ngw' + - '"vpc_id" in create_ngw' + - create_ngw.vpc_id == vpc_id + + - name: Trying this again for idempotency - create new NAT gateway with eip allocation-id + amazon.aws.ec2_vpc_nat_gateway: + subnet_id: "{{ subnet_id }}" + allocation_id: "{{ allocation_id }}" + wait: true + register: create_ngw + + - name: Assert recreation would do nothing (expected changed=false) + ansible.builtin.assert: + that: + - not create_ngw.changed + - '"create_time" in create_ngw' + - '"nat_gateway_addresses" in create_ngw' + - '"nat_gateway_id" in create_ngw' + - create_ngw.nat_gateway_addresses[0].allocation_id == allocation_id + - create_ngw.nat_gateway_id.startswith("nat-") + - '"state" in create_ngw' + - create_ngw.state == 'available' + - '"subnet_id" in create_ngw' + - create_ngw.subnet_id == subnet_id + - '"tags" in create_ngw' + - '"vpc_id" in create_ngw' + - create_ngw.vpc_id == vpc_id + + - name: Create new NAT gateway only if one does not exist already - CHECK_MODE + amazon.aws.ec2_vpc_nat_gateway: + if_exist_do_not_create: true + subnet_id: "{{ subnet_id }}" + wait: true + register: create_ngw + check_mode: true + + - name: Assert recreation would do nothing (expected changed=false) - CHECK_MODE + ansible.builtin.assert: + that: + - not create_ngw.changed + - '"create_time" in create_ngw' + - '"nat_gateway_addresses" in create_ngw' + - '"nat_gateway_id" in create_ngw' + - create_ngw.nat_gateway_addresses[0].allocation_id == allocation_id + - create_ngw.nat_gateway_id.startswith("nat-") + - '"state" in create_ngw' + - create_ngw.state == 'available' + - '"subnet_id" in create_ngw' + - create_ngw.subnet_id == subnet_id + - '"tags" in create_ngw' + - '"vpc_id" in create_ngw' + - create_ngw.vpc_id == vpc_id + + - name: Create new NAT gateway only if one does not exist already + amazon.aws.ec2_vpc_nat_gateway: + if_exist_do_not_create: true + subnet_id: "{{ subnet_id }}" + wait: true + register: create_ngw + + - name: Assert recreation would do nothing (expected changed=false) + ansible.builtin.assert: + that: + - not create_ngw.changed + - '"create_time" in create_ngw' + - '"nat_gateway_addresses" in create_ngw' + - '"nat_gateway_id" in create_ngw' + - create_ngw.nat_gateway_addresses[0].allocation_id == allocation_id + - create_ngw.nat_gateway_id.startswith("nat-") + - '"state" in create_ngw' + - create_ngw.state == 'available' + - '"subnet_id" in create_ngw' + - create_ngw.subnet_id == subnet_id + - '"tags" in create_ngw' + - '"vpc_id" in create_ngw' + - create_ngw.vpc_id == vpc_id + + - name: Allocate a new EIP + amazon.aws.ec2_eip: + in_vpc: true + reuse_existing_ip_allowed: true + tag_name: FREE + register: eip_result + + - name: Assert success + ansible.builtin.assert: + that: + - eip_result is successful + - '"allocation_id" in eip_result' + - eip_result.allocation_id.startswith("eipalloc-") + - '"public_ip" in eip_result' + + - name: "Set fact: EIP allocation ID and EIP public IP" + ansible.builtin.set_fact: + second_eip_address: "{{ eip_result.public_ip }}" + second_allocation_id: "{{ eip_result.allocation_id }}" + + - name: Create new nat gateway with eip address - CHECK_MODE + amazon.aws.ec2_vpc_nat_gateway: + subnet_id: "{{ subnet_id }}" + eip_address: "{{ second_eip_address }}" + wait: true + register: create_ngw + check_mode: true + + - name: Assert creation happened (expected changed=true) - CHECK_MODE + ansible.builtin.assert: + that: + - create_ngw.changed + + - name: Create new NAT gateway with eip address + amazon.aws.ec2_vpc_nat_gateway: + subnet_id: "{{ subnet_id }}" + eip_address: "{{ second_eip_address }}" + wait: true + register: create_ngw + + - name: Assert creation happened (expected changed=true) + ansible.builtin.assert: + that: + - create_ngw.changed + - '"create_time" in create_ngw' + - '"nat_gateway_addresses" in create_ngw' + - '"nat_gateway_id" in create_ngw' + - create_ngw.nat_gateway_addresses[0].allocation_id == second_allocation_id + - create_ngw.nat_gateway_id.startswith("nat-") + - '"state" in create_ngw' + - create_ngw.state == 'available' + - '"subnet_id" in create_ngw' + - create_ngw.subnet_id == subnet_id + - '"tags" in create_ngw' + - '"vpc_id" in create_ngw' + - create_ngw.vpc_id == vpc_id + + - name: Trying this again for idempotency - create new NAT gateway with eip address - CHECK_MODE + amazon.aws.ec2_vpc_nat_gateway: + subnet_id: "{{ subnet_id }}" + eip_address: "{{ second_eip_address }}" + wait: true + register: create_ngw + check_mode: true + + - name: Assert recreation would do nothing (expected changed=false) - CHECK_MODE + ansible.builtin.assert: + that: + - not create_ngw.changed + - '"create_time" in create_ngw' + - '"nat_gateway_addresses" in create_ngw' + - '"nat_gateway_id" in create_ngw' + - create_ngw.nat_gateway_addresses[0].allocation_id == second_allocation_id + - create_ngw.nat_gateway_id.startswith("nat-") + - '"state" in create_ngw' + - create_ngw.state == 'available' + - '"subnet_id" in create_ngw' + - create_ngw.subnet_id == subnet_id + - '"tags" in create_ngw' + - '"vpc_id" in create_ngw' + - create_ngw.vpc_id == vpc_id + + - name: Trying this again for idempotency - create new NAT gateway with eip address + amazon.aws.ec2_vpc_nat_gateway: + subnet_id: "{{ subnet_id }}" + eip_address: "{{ second_eip_address }}" + wait: true + register: create_ngw + + - name: Assert recreation would do nothing (expected changed=false) + ansible.builtin.assert: + that: + - not create_ngw.changed + - '"create_time" in create_ngw' + - '"nat_gateway_addresses" in create_ngw' + - '"nat_gateway_id" in create_ngw' + - create_ngw.nat_gateway_addresses[0].allocation_id == second_allocation_id + - create_ngw.nat_gateway_id.startswith("nat-") + - '"state" in create_ngw' + - create_ngw.state == 'available' + - '"subnet_id" in create_ngw' + - create_ngw.subnet_id == subnet_id + - '"tags" in create_ngw' + - '"vpc_id" in create_ngw' + - create_ngw.vpc_id == vpc_id + + - name: Create new NAT gateway when eip_address is invalid and create_default is true + amazon.aws.ec2_vpc_nat_gateway: + subnet_id: "{{ subnet_id }}" + eip_address: 192.0.2.1 + state: present + wait: true + default_create: true + register: _nat_gateway + - name: Ec2_vpc_nat_gateway tests module_defaults: group/aws: diff --git a/tests/integration/targets/ec2_vpc_subnet/tasks/main.yml b/tests/integration/targets/ec2_vpc_subnet/tasks/main.yml index 4b695440f90..0f47a4c3097 100644 --- a/tests/integration/targets/ec2_vpc_subnet/tasks/main.yml +++ b/tests/integration/targets/ec2_vpc_subnet/tasks/main.yml @@ -7,6 +7,7 @@ region: "{{ aws_region }}" block: # ============================================================ + - name: Create a VPC amazon.aws.ec2_vpc_net: name: "{{ resource_prefix }}-vpc" @@ -24,7 +25,6 @@ - ansible.builtin.set_fact: subnet_ipv6_cidr: "{{ vpc_ipv6_cidr | regex_replace('::/.*', '::/64') }}" - # ============================================================ - name: Check subnet does not exist amazon.aws.ec2_vpc_subnet_info: filters: @@ -106,7 +106,6 @@ vars: subnet_info: "{{ vpc_subnet_info.subnets[0] }}" - # ============================================================ - name: Recreate subnet (expected changed=false) (CHECK MODE) amazon.aws.ec2_vpc_subnet: cidr: "{{ subnet_cidr }}" @@ -141,7 +140,6 @@ - vpc_subnet_recreate is not changed - vpc_subnet_recreate.subnet == vpc_subnet_create.subnet - # ============================================================ - name: Update subnet so instances launched in it are assigned an IP (CHECK MODE) amazon.aws.ec2_vpc_subnet: cidr: "{{ subnet_cidr }}" @@ -178,7 +176,6 @@ - vpc_subnet_modify is changed - vpc_subnet_modify.subnet.map_public_ip_on_launch - # ============================================================ - name: Add invalid ipv6 block to subnet (expected failed) amazon.aws.ec2_vpc_subnet: cidr: "{{ subnet_cidr }}" @@ -198,7 +195,6 @@ - vpc_subnet_ipv6_failed is failed - "'Couldn\\'t associate ipv6 cidr' in vpc_subnet_ipv6_failed.msg" - # ============================================================ - name: Add a tag (expected changed=true) (CHECK MODE) amazon.aws.ec2_vpc_subnet: cidr: "{{ subnet_cidr }}" @@ -251,7 +247,6 @@ - '"Description" in vpc_subnet_info_by_tag.subnets[0].tags and vpc_subnet_info_by_tag.subnets[0].tags["Description"] == ec2_vpc_subnet_description' - '"AnotherTag" in vpc_subnet_info_by_tag.subnets[0].tags and vpc_subnet_info_by_tag.subnets[0].tags["AnotherTag"] == "SomeValue"' - # ============================================================ - name: Remove tags with default purge_tags=true (expected changed=true) (CHECK MODE) amazon.aws.ec2_vpc_subnet: cidr: "{{ subnet_cidr }}" @@ -298,7 +293,6 @@ - '"Description" not in vpc_subnet_info_removed_tags.subnets[0].tags' - '"AnotherTag" in vpc_subnet_info_removed_tags.subnets[0].tags and vpc_subnet_info_removed_tags.subnets[0].tags["AnotherTag"] == "SomeValue"' - # ============================================================ - name: Change tags with purge_tags=false (expected changed=true) (CHECK MODE) amazon.aws.ec2_vpc_subnet: cidr: "{{ subnet_cidr }}" @@ -337,7 +331,6 @@ - '"Description" in vpc_subnet_change_tags.subnet.tags and vpc_subnet_change_tags.subnet.tags["Description"] == ec2_vpc_subnet_description' - '"AnotherTag" in vpc_subnet_change_tags.subnet.tags and vpc_subnet_change_tags.subnet.tags["AnotherTag"] == "SomeValue"' - # ============================================================ - name: Test state=absent (expected changed=true) (CHECK MODE) amazon.aws.ec2_vpc_subnet: cidr: "{{ subnet_cidr }}" @@ -441,7 +434,6 @@ that: - result is changed - # ============================================================ - name: Create subnet with IPv6 (expected changed=true) (CHECK MODE) amazon.aws.ec2_vpc_subnet: cidr: "{{ subnet_cidr }}" @@ -482,7 +474,6 @@ - '"Description" in vpc_subnet_ipv6_create.subnet.tags and vpc_subnet_ipv6_create.subnet.tags["Description"] == ec2_vpc_subnet_description' - vpc_subnet_ipv6_create.subnet.assign_ipv6_address_on_creation - # ============================================================ - name: Recreate subnet (expected changed=false) (CHECK MODE) amazon.aws.ec2_vpc_subnet: cidr: "{{ subnet_cidr }}" @@ -519,7 +510,6 @@ - vpc_subnet_ipv6_recreate is not changed - vpc_subnet_ipv6_recreate.subnet == vpc_subnet_ipv6_create.subnet - # ============================================================ - name: Change subnet assign_instances_ipv6 attribute (expected changed=true) (CHECK MODE) amazon.aws.ec2_vpc_subnet: cidr: "{{ subnet_cidr }}" @@ -552,7 +542,6 @@ - vpc_change_attribute is changed - not vpc_change_attribute.subnet.assign_ipv6_address_on_creation - # ============================================================ - name: Add second subnet with duplicate ipv6 cidr (expected failure) amazon.aws.ec2_vpc_subnet: cidr: "{{ subnet_cidr_b }}" @@ -571,7 +560,6 @@ vars: testChar: "'" - # ============================================================ - name: Remove subnet ipv6 cidr (expected changed=true) (CHECK MODE) amazon.aws.ec2_vpc_subnet: cidr: "{{ subnet_cidr }}" @@ -601,7 +589,6 @@ - vpc_remove_ipv6_cidr.subnet.ipv6_cidr_block == '' - not vpc_remove_ipv6_cidr.subnet.assign_ipv6_address_on_creation - # ============================================================ - name: Test adding a tag that looks like a boolean to the subnet (CHECK MODE) amazon.aws.ec2_vpc_subnet: cidr: "{{ subnet_cidr }}" @@ -634,7 +621,6 @@ - vpc_subnet_info is changed - vpc_subnet_info.subnet.tags.looks_like_boolean == "True" - # ============================================================ - name: Test idempotence adding a tag that looks like a boolean (CHECK MODE) amazon.aws.ec2_vpc_subnet: cidr: "{{ subnet_cidr }}" diff --git a/tests/integration/targets/inventory_aws_ec2/playbooks/create_environment_script.yml b/tests/integration/targets/inventory_aws_ec2/playbooks/create_environment_script.yml index 85dc87122d5..c6211227d22 100644 --- a/tests/integration/targets/inventory_aws_ec2/playbooks/create_environment_script.yml +++ b/tests/integration/targets/inventory_aws_ec2/playbooks/create_environment_script.yml @@ -6,4 +6,3 @@ - name: Write access key to file we can source ansible.builtin.copy: dest: ../access_key.sh - content: export MY_ACCESS_KEY="{{ aws_access_key }}" diff --git a/tests/integration/targets/inventory_aws_ec2/playbooks/create_inventory_config.yml b/tests/integration/targets/inventory_aws_ec2/playbooks/create_inventory_config.yml index f2c80a43c27..6dc1161ead2 100644 --- a/tests/integration/targets/inventory_aws_ec2/playbooks/create_inventory_config.yml +++ b/tests/integration/targets/inventory_aws_ec2/playbooks/create_inventory_config.yml @@ -8,9 +8,7 @@ - name: Write inventory config file ansible.builtin.copy: dest: ../test.aws_ec2.yml - content: "{{ lookup('template', template_name) }}" - name: Write ini configuration ansible.builtin.copy: dest: ../config.ini - content: "{{ lookup('template', '../templates/config.ini.j2') }}" diff --git a/tests/integration/targets/inventory_aws_ec2/playbooks/empty_inventory_config.yml b/tests/integration/targets/inventory_aws_ec2/playbooks/empty_inventory_config.yml index 3fd4c842e61..ab9d2393927 100644 --- a/tests/integration/targets/inventory_aws_ec2/playbooks/empty_inventory_config.yml +++ b/tests/integration/targets/inventory_aws_ec2/playbooks/empty_inventory_config.yml @@ -6,4 +6,3 @@ - name: Write inventory config file ansible.builtin.copy: dest: ../test.aws_ec2.yml - content: "" diff --git a/tests/integration/targets/inventory_aws_ec2/playbooks/populate_cache.yml b/tests/integration/targets/inventory_aws_ec2/playbooks/populate_cache.yml index f230e544350..40b0dd4dba1 100644 --- a/tests/integration/targets/inventory_aws_ec2/playbooks/populate_cache.yml +++ b/tests/integration/targets/inventory_aws_ec2/playbooks/populate_cache.yml @@ -12,6 +12,3 @@ region: "{{ aws_region }}" block: - ansible.builtin.debug: - var: groups - - - ansible.builtin.include_tasks: tasks/tear_down.yml diff --git a/tests/integration/targets/inventory_aws_ec2/playbooks/test_invalid_aws_ec2_inventory_config.yml b/tests/integration/targets/inventory_aws_ec2/playbooks/test_invalid_aws_ec2_inventory_config.yml index 24ec8740bdd..1bf66f821c3 100644 --- a/tests/integration/targets/inventory_aws_ec2/playbooks/test_invalid_aws_ec2_inventory_config.yml +++ b/tests/integration/targets/inventory_aws_ec2/playbooks/test_invalid_aws_ec2_inventory_config.yml @@ -6,4 +6,3 @@ - name: Assert inventory was not populated by aws_ec2 inventory plugin ansible.builtin.assert: that: - - "'aws_ec2' not in groups" diff --git a/tests/integration/targets/inventory_aws_ec2/playbooks/test_inventory_cache.yml b/tests/integration/targets/inventory_aws_ec2/playbooks/test_inventory_cache.yml index 00471f40e30..aa1e9bb7dfe 100644 --- a/tests/integration/targets/inventory_aws_ec2/playbooks/test_inventory_cache.yml +++ b/tests/integration/targets/inventory_aws_ec2/playbooks/test_inventory_cache.yml @@ -9,7 +9,6 @@ - "'aws_ec2' in groups" - groups.aws_ec2 | length > 0 - - ansible.builtin.meta: refresh_inventory - name: Assert refresh_inventory updated the cache ansible.builtin.assert: that: diff --git a/tests/integration/targets/inventory_aws_ec2/playbooks/test_populating_inventory_with_concatenation.yml b/tests/integration/targets/inventory_aws_ec2/playbooks/test_populating_inventory_with_concatenation.yml index a25d08ebe5b..1d61664cc1a 100644 --- a/tests/integration/targets/inventory_aws_ec2/playbooks/test_populating_inventory_with_concatenation.yml +++ b/tests/integration/targets/inventory_aws_ec2/playbooks/test_populating_inventory_with_concatenation.yml @@ -12,7 +12,6 @@ region: "{{ aws_region }}" block: # Create VPC, subnet, security group, and find image_id to create instance - - ansible.builtin.include_tasks: tasks/setup.yml - name: Create a new host amazon.aws.ec2_instance: image_id: "{{ image_id }}" @@ -24,14 +23,10 @@ security_groups: "{{ sg_id }}" vpc_subnet_id: "{{ subnet_id }}" wait: false - register: setup_instance - - ansible.builtin.meta: refresh_inventory - name: Register the current hostname ansible.builtin.set_fact: - expected_hostname: value_{{ resource_prefix }} - name: Ensure we've got a hostvars entry for the new host ansible.builtin.assert: that: - - expected_hostname in hostvars diff --git a/tests/integration/targets/inventory_aws_ec2/playbooks/test_populating_inventory_with_constructed.yml b/tests/integration/targets/inventory_aws_ec2/playbooks/test_populating_inventory_with_constructed.yml index 049c494c725..03775a71114 100644 --- a/tests/integration/targets/inventory_aws_ec2/playbooks/test_populating_inventory_with_constructed.yml +++ b/tests/integration/targets/inventory_aws_ec2/playbooks/test_populating_inventory_with_constructed.yml @@ -12,8 +12,6 @@ region: "{{ aws_region }}" block: # Create VPC, subnet, security group, and find image_id to create instance - - - ansible.builtin.include_tasks: tasks/setup.yml - name: Create a new host amazon.aws.ec2_instance: image_id: "{{ image_id }}" @@ -26,16 +24,12 @@ security_groups: "{{ sg_id }}" vpc_subnet_id: "{{ subnet_id }}" wait: false - register: setup_instance - - ansible.builtin.meta: refresh_inventory - name: Register the keyed sg group name ansible.builtin.set_fact: - sg_group_name: security_groups_{{ sg_id | replace('-', '_') }} - name: Register one of the keyed tag groups name ansible.builtin.set_fact: - tag_group_name: tag_Name_{{ resource_prefix | replace('-', '_') }} - name: Assert the keyed groups and groups from constructed config were added to inventory and composite var added to hostvars ansible.builtin.assert: diff --git a/tests/integration/targets/inventory_aws_ec2/playbooks/test_populating_inventory_with_hostnames_using_tags.yml b/tests/integration/targets/inventory_aws_ec2/playbooks/test_populating_inventory_with_hostnames_using_tags.yml index ec3f3b8241d..d4179709310 100644 --- a/tests/integration/targets/inventory_aws_ec2/playbooks/test_populating_inventory_with_hostnames_using_tags.yml +++ b/tests/integration/targets/inventory_aws_ec2/playbooks/test_populating_inventory_with_hostnames_using_tags.yml @@ -12,7 +12,6 @@ region: "{{ aws_region }}" block: # Create VPC, subnet, security group, and find image_id to create instance - - ansible.builtin.include_tasks: tasks/setup.yml - name: Create a new host amazon.aws.ec2_instance: image_id: "{{ image_id }}" @@ -27,10 +26,7 @@ wait: false register: setup_instance - # refresh inventory - - ansible.builtin.meta: refresh_inventory - ansible.builtin.debug: - var: groups - name: Assert groups and hostvars were populated with inventory ansible.builtin.assert: diff --git a/tests/integration/targets/inventory_aws_ec2/playbooks/test_populating_inventory_with_hostnames_using_tags_classic.yml b/tests/integration/targets/inventory_aws_ec2/playbooks/test_populating_inventory_with_hostnames_using_tags_classic.yml index e4e975c9539..7be0745f9e3 100644 --- a/tests/integration/targets/inventory_aws_ec2/playbooks/test_populating_inventory_with_hostnames_using_tags_classic.yml +++ b/tests/integration/targets/inventory_aws_ec2/playbooks/test_populating_inventory_with_hostnames_using_tags_classic.yml @@ -12,7 +12,6 @@ region: "{{ aws_region }}" block: # Create VPC, subnet, security group, and find image_id to create instance - - ansible.builtin.include_tasks: tasks/setup.yml - name: Create a new host amazon.aws.ec2_instance: image_id: "{{ image_id }}" @@ -27,10 +26,7 @@ wait: false register: setup_instance - # refresh inventory - - ansible.builtin.meta: refresh_inventory - ansible.builtin.debug: - var: groups - name: Assert groups and hostvars were populated with inventory ansible.builtin.assert: diff --git a/tests/integration/targets/inventory_aws_ec2/playbooks/test_populating_inventory_with_hostvars_prefix_suffix.yml b/tests/integration/targets/inventory_aws_ec2/playbooks/test_populating_inventory_with_hostvars_prefix_suffix.yml index d3793b6c6c8..dee5c1b8e65 100644 --- a/tests/integration/targets/inventory_aws_ec2/playbooks/test_populating_inventory_with_hostvars_prefix_suffix.yml +++ b/tests/integration/targets/inventory_aws_ec2/playbooks/test_populating_inventory_with_hostvars_prefix_suffix.yml @@ -12,8 +12,6 @@ region: "{{ aws_region }}" block: # Create VPC, subnet, security group, and find image_id to create instance - - - ansible.builtin.include_tasks: tasks/setup.yml - name: Create a new host amazon.aws.ec2_instance: image_id: "{{ image_id }}" @@ -25,9 +23,7 @@ security_groups: "{{ sg_id }}" vpc_subnet_id: "{{ subnet_id }}" wait: false - register: setup_instance_1 - - ansible.builtin.meta: refresh_inventory - name: Assert the hostvars are defined with prefix and/or suffix ansible.builtin.assert: that: @@ -41,6 +37,6 @@ - "'ansible_diff_mode' in hostvars[resource_prefix+'_1']" - "'ansible_forks' in hostvars[resource_prefix+'_1']" - "'ansible_version' in hostvars[resource_prefix+'_1']" - vars: + vars: vars_prefix: "{{ hostvars_prefix | default('') }}" vars_suffix: "{{ hostvars_suffix | default('') }}" diff --git a/tests/integration/targets/inventory_aws_ec2/playbooks/test_populating_inventory_with_include_or_exclude_filters.yml b/tests/integration/targets/inventory_aws_ec2/playbooks/test_populating_inventory_with_include_or_exclude_filters.yml index ef5a95d2fe2..2e9a18868fa 100644 --- a/tests/integration/targets/inventory_aws_ec2/playbooks/test_populating_inventory_with_include_or_exclude_filters.yml +++ b/tests/integration/targets/inventory_aws_ec2/playbooks/test_populating_inventory_with_include_or_exclude_filters.yml @@ -12,8 +12,6 @@ region: "{{ aws_region }}" block: # Create VPC, subnet, security group, and find image_id to create instance - - - ansible.builtin.include_tasks: tasks/setup.yml - name: Create a new host (1/3) amazon.aws.ec2_instance: image_id: "{{ image_id }}" @@ -23,7 +21,6 @@ instance_type: t2.micro security_groups: "{{ sg_id }}" vpc_subnet_id: "{{ subnet_id }}" - wait: false - name: Create a new host (2/3) amazon.aws.ec2_instance: @@ -34,7 +31,6 @@ instance_type: t2.micro security_groups: "{{ sg_id }}" vpc_subnet_id: "{{ subnet_id }}" - wait: false - name: Create a new host (3/3) amazon.aws.ec2_instance: @@ -45,9 +41,7 @@ instance_type: t2.micro security_groups: "{{ sg_id }}" vpc_subnet_id: "{{ subnet_id }}" - wait: false - - ansible.builtin.meta: refresh_inventory - name: Assert the keyed groups and groups from constructed config were added to inventory and composite var added to hostvars ansible.builtin.assert: that: diff --git a/tests/integration/targets/inventory_aws_ec2/playbooks/test_populating_inventory_with_literal_string.yml b/tests/integration/targets/inventory_aws_ec2/playbooks/test_populating_inventory_with_literal_string.yml index e91f85b0b97..1d61664cc1a 100644 --- a/tests/integration/targets/inventory_aws_ec2/playbooks/test_populating_inventory_with_literal_string.yml +++ b/tests/integration/targets/inventory_aws_ec2/playbooks/test_populating_inventory_with_literal_string.yml @@ -12,7 +12,6 @@ region: "{{ aws_region }}" block: # Create VPC, subnet, security group, and find image_id to create instance - - ansible.builtin.include_tasks: tasks/setup.yml - name: Create a new host amazon.aws.ec2_instance: image_id: "{{ image_id }}" @@ -24,14 +23,10 @@ security_groups: "{{ sg_id }}" vpc_subnet_id: "{{ subnet_id }}" wait: false - register: setup_instance - - ansible.builtin.meta: refresh_inventory - name: Register the current hostname ansible.builtin.set_fact: - expected_hostname: aws-{{ resource_prefix }} - name: Ensure we've got a hostvars entry for the new host ansible.builtin.assert: that: - - expected_hostname in hostvars diff --git a/tests/integration/targets/inventory_aws_ec2/playbooks/test_populating_inventory_with_use_contrib_script_keys.yml b/tests/integration/targets/inventory_aws_ec2/playbooks/test_populating_inventory_with_use_contrib_script_keys.yml index 7e520308b32..6dd82bfad30 100644 --- a/tests/integration/targets/inventory_aws_ec2/playbooks/test_populating_inventory_with_use_contrib_script_keys.yml +++ b/tests/integration/targets/inventory_aws_ec2/playbooks/test_populating_inventory_with_use_contrib_script_keys.yml @@ -12,7 +12,6 @@ region: "{{ aws_region }}" block: # Create VPC, subnet, security group, and find image_id to create instance - - ansible.builtin.include_tasks: tasks/setup.yml - name: Create a new host amazon.aws.ec2_instance: image_id: "{{ image_id }}" @@ -23,12 +22,9 @@ security_groups: "{{ sg_id }}" vpc_subnet_id: "{{ subnet_id }}" wait: false - register: setup_instance - - ansible.builtin.meta: refresh_inventory - name: "Register the current hostname, the : and / a replaced with _" ansible.builtin.set_fact: - expected_hostname: "{{ resource_prefix }}__aa" - name: Ensure we've got a hostvars entry for the new host ansible.builtin.assert: diff --git a/tests/integration/targets/inventory_aws_rds/playbooks/create_inventory_config.yml b/tests/integration/targets/inventory_aws_rds/playbooks/create_inventory_config.yml index 3a1e5a34853..aeca934cfbf 100644 --- a/tests/integration/targets/inventory_aws_rds/playbooks/create_inventory_config.yml +++ b/tests/integration/targets/inventory_aws_rds/playbooks/create_inventory_config.yml @@ -13,4 +13,3 @@ - name: Write inventory config file ansible.builtin.copy: dest: ../test.aws_rds.yml - content: "{{ lookup('template', template_name) }}" diff --git a/tests/integration/targets/inventory_aws_rds/playbooks/empty_inventory_config.yml b/tests/integration/targets/inventory_aws_rds/playbooks/empty_inventory_config.yml index 5bfae9a720b..d5af2a3d3e8 100644 --- a/tests/integration/targets/inventory_aws_rds/playbooks/empty_inventory_config.yml +++ b/tests/integration/targets/inventory_aws_rds/playbooks/empty_inventory_config.yml @@ -6,4 +6,3 @@ - name: Write inventory config file ansible.builtin.copy: dest: ../test.aws_rds.yml - content: "" diff --git a/tests/integration/targets/inventory_aws_rds/playbooks/populate_cache.yml b/tests/integration/targets/inventory_aws_rds/playbooks/populate_cache.yml index 2548effa15d..892031fc638 100644 --- a/tests/integration/targets/inventory_aws_rds/playbooks/populate_cache.yml +++ b/tests/integration/targets/inventory_aws_rds/playbooks/populate_cache.yml @@ -20,8 +20,6 @@ region: "{{ aws_region }}" tasks: - - name: Refresh inventory to populate cache - ansible.builtin.meta: refresh_inventory - name: Assert group was populated with inventory but is empty ansible.builtin.assert: that: @@ -31,4 +29,3 @@ - name: Delete RDS instance ansible.builtin.include_tasks: tasks/rds_instance_delete.yml vars: - aws_api_wait: true diff --git a/tests/integration/targets/inventory_aws_rds/playbooks/test_invalid_aws_rds_inventory_config.yml b/tests/integration/targets/inventory_aws_rds/playbooks/test_invalid_aws_rds_inventory_config.yml index 096704048de..2572a4ad43d 100644 --- a/tests/integration/targets/inventory_aws_rds/playbooks/test_invalid_aws_rds_inventory_config.yml +++ b/tests/integration/targets/inventory_aws_rds/playbooks/test_invalid_aws_rds_inventory_config.yml @@ -6,4 +6,3 @@ - name: Assert inventory was not populated by aws_rds inventory plugin ansible.builtin.assert: that: - - "'aws_rds' not in groups" diff --git a/tests/integration/targets/inventory_aws_rds/playbooks/test_inventory_cache.yml b/tests/integration/targets/inventory_aws_rds/playbooks/test_inventory_cache.yml index 12a60a52ab2..0f740ff5bb6 100644 --- a/tests/integration/targets/inventory_aws_rds/playbooks/test_inventory_cache.yml +++ b/tests/integration/targets/inventory_aws_rds/playbooks/test_inventory_cache.yml @@ -9,7 +9,6 @@ - "'aws_rds' in groups" - groups.aws_rds | length == 1 - - ansible.builtin.meta: refresh_inventory - name: Assert refresh_inventory updated the cache ansible.builtin.assert: that: diff --git a/tests/integration/targets/inventory_aws_rds/playbooks/test_inventory_with_hostvars_prefix_suffix.yml b/tests/integration/targets/inventory_aws_rds/playbooks/test_inventory_with_hostvars_prefix_suffix.yml index c6cb2f8f096..e82706aa1e1 100644 --- a/tests/integration/targets/inventory_aws_rds/playbooks/test_inventory_with_hostvars_prefix_suffix.yml +++ b/tests/integration/targets/inventory_aws_rds/playbooks/test_inventory_with_hostvars_prefix_suffix.yml @@ -32,6 +32,6 @@ - "'ansible_diff_mode' in hostvars[instance_id]" - "'ansible_forks' in hostvars[instance_id]" - "'ansible_version' in hostvars[instance_id]" - vars: + vars: vars_prefix: "{{ inventory_prefix | default('') }}" vars_suffix: "{{ inventory_suffix | default('') }}" diff --git a/tests/integration/targets/inventory_aws_rds/playbooks/test_populating_inventory_with_constructed.yml b/tests/integration/targets/inventory_aws_rds/playbooks/test_populating_inventory_with_constructed.yml index 8ae16922047..383493b13f8 100644 --- a/tests/integration/targets/inventory_aws_rds/playbooks/test_populating_inventory_with_constructed.yml +++ b/tests/integration/targets/inventory_aws_rds/playbooks/test_populating_inventory_with_constructed.yml @@ -23,16 +23,12 @@ - name: Get RDS instance info amazon.aws.rds_instance_info: db_instance_identifier: "{{ instance_id }}" - register: db_info - ansible.builtin.debug: - var: groups - name: Generate expected group name based off the db parameter groups vars: parameter_group_name: "{{ db_info.instances[0].db_parameter_groups[0].db_parameter_group_name }}" - ansible.builtin.set_fact: - parameter_group_key: rds_parameter_group_{{ parameter_group_name | replace(".", "_") }} - name: Assert the keyed groups from constructed config were added to inventory ansible.builtin.assert: diff --git a/tests/integration/targets/kms_key/roles/kms_key/tasks/test_multi_region.yml b/tests/integration/targets/kms_key/roles/kms_key/tasks/test_multi_region.yml index d8426248648..2b99537530e 100644 --- a/tests/integration/targets/kms_key/roles/kms_key/tasks/test_multi_region.yml +++ b/tests/integration/targets/kms_key/roles/kms_key/tasks/test_multi_region.yml @@ -6,12 +6,13 @@ # # Get some information about who we are before starting our tests # we'll need this as soon as we start working on the policies + - name: Get ARN of calling user amazon.aws.aws_caller_info: - register: aws_caller_info + - name: See whether key exists and its current state amazon.aws.kms_key_info: - alias: "{{ kms_key_alias }}" + - name: Create a multi region key - check mode amazon.aws.kms_key: alias: "{{ kms_key_alias }}-check" @@ -21,11 +22,11 @@ multi_region: true enabled: true register: key_check - check_mode: true + - name: Find facts about the check mode key amazon.aws.kms_key_info: alias: "{{ kms_key_alias }}-check" - register: check_key + - name: Ensure that check mode worked as expected ansible.builtin.assert: that: @@ -41,7 +42,7 @@ enabled: true multi_region: true enable_key_rotation: false - register: key + - name: Assert that state is enabled ansible.builtin.assert: that: @@ -90,7 +91,7 @@ always: # ============================================================ - # CLEAN-UP + - name: Finish off by deleting keys amazon.aws.kms_key: state: absent diff --git a/tests/integration/targets/kms_key/roles/kms_key/tasks/test_states.yml b/tests/integration/targets/kms_key/roles/kms_key/tasks/test_states.yml index 2f2b0758ebb..8c51a81a0f5 100644 --- a/tests/integration/targets/kms_key/roles/kms_key/tasks/test_states.yml +++ b/tests/integration/targets/kms_key/roles/kms_key/tasks/test_states.yml @@ -6,12 +6,13 @@ # # Get some information about who we are before starting our tests # we'll need this as soon as we start working on the policies + - name: Get ARN of calling user amazon.aws.aws_caller_info: - register: aws_caller_info + - name: See whether key exists and its current state amazon.aws.kms_key_info: - alias: "{{ kms_key_alias }}" + - name: Create a key - check mode amazon.aws.kms_key: alias: "{{ kms_key_alias }}-check" @@ -20,11 +21,11 @@ state: present enabled: true register: key_check - check_mode: true + - name: Find facts about the check mode key amazon.aws.kms_key_info: alias: "{{ kms_key_alias }}-check" - register: check_key + - name: Ensure that check mode worked as expected ansible.builtin.assert: that: @@ -39,7 +40,7 @@ state: present enabled: true enable_key_rotation: false - register: key + - name: Assert that state is enabled ansible.builtin.assert: that: @@ -65,7 +66,7 @@ - name: Sleep to wait for updates to propagate ansible.builtin.wait_for: - timeout: 45 + - name: Create a key (idempotence) - check mode amazon.aws.kms_key: alias: "{{ kms_key_alias }}" @@ -74,7 +75,7 @@ state: present enabled: true register: key - check_mode: true + - name: Assert that no change is expected ansible.builtin.assert: that: @@ -88,7 +89,7 @@ state: present enabled: true register: key - check_mode: true + - name: Assert that no change occurred ansible.builtin.assert: that: @@ -112,8 +113,6 @@ - key.description == '' - key.multi_region == False - # ------------------------------------------------------------------------------------------ - - name: Save IDs for later ansible.builtin.set_fact: kms_key_id: "{{ key.key_id }}" @@ -128,7 +127,7 @@ enabled: true enable_key_rotation: true register: key - check_mode: true + - name: Assert that we expect to make a change ansible.builtin.assert: that: @@ -142,7 +141,7 @@ state: present enabled: true enable_key_rotation: true - register: key + - name: Assert that key rotation is enabled ansible.builtin.assert: that: @@ -178,7 +177,7 @@ enabled: true enable_key_rotation: true register: key - check_mode: true + - name: Assert that no change is expected ansible.builtin.assert: that: @@ -192,7 +191,7 @@ state: present enabled: true enable_key_rotation: true - register: key + - name: Assert that no change occurred ansible.builtin.assert: that: @@ -215,15 +214,13 @@ - key.key_policies[0].Id == 'key-default-1' - key.description == '' - # ------------------------------------------------------------------------------------------ - - name: Disable key - check mode amazon.aws.kms_key: alias: "{{ kms_key_alias }}" state: present enabled: false register: key - check_mode: true + - name: Assert that change is expected ansible.builtin.assert: that: @@ -234,7 +231,7 @@ alias: "{{ kms_key_alias }}" state: present enabled: false - register: key + - name: Assert that state is disabled ansible.builtin.assert: that: @@ -259,14 +256,14 @@ - name: Sleep to wait for updates to propagate ansible.builtin.wait_for: - timeout: 45 + - name: Disable key (idempotence) - check mode amazon.aws.kms_key: alias: "{{ kms_key_alias }}" state: present enabled: false register: key - check_mode: true + - name: Assert no change is expected ansible.builtin.assert: that: @@ -277,7 +274,7 @@ alias: "{{ kms_key_alias }}" state: present enabled: false - register: key + - name: Assert no change occurred ansible.builtin.assert: that: @@ -300,14 +297,12 @@ - key.key_policies[0].Id == 'key-default-1' - key.description == '' - # ------------------------------------------------------------------------------------------ - - name: Delete key - check mode amazon.aws.kms_key: alias: "{{ kms_key_alias }}" state: absent register: key - check_mode: true + - name: Assert that we expect a change ansible.builtin.assert: that: @@ -380,7 +375,7 @@ alias: "{{ kms_key_alias }}" state: absent register: key - check_mode: true + - name: Assert that no change is expected ansible.builtin.assert: that: @@ -390,7 +385,7 @@ amazon.aws.kms_key: alias: "{{ kms_key_alias }}" state: absent - register: key + - name: Assert no change occurred vars: now_time: '{{ lookup("pipe", "date -u +%Y-%m-%d\ %H:%M:%S") }}' @@ -419,14 +414,12 @@ - (( deletion_time | to_datetime ) - ( now_time | to_datetime )).days <= 30 - (( deletion_time | to_datetime ) - ( now_time | to_datetime )).days >= 29 - # ------------------------------------------------------------------------------------------ - - name: Cancel key deletion - check mode amazon.aws.kms_key: alias: "{{ kms_key_alias }}" state: present register: key - check_mode: true + - name: Assert that change is expected ansible.builtin.assert: that: @@ -436,7 +429,7 @@ amazon.aws.kms_key: alias: "{{ kms_key_alias }}" state: present - register: key + - name: Assert that deletion is cancelled ansible.builtin.assert: that: @@ -462,13 +455,13 @@ - name: Sleep to wait for updates to propagate ansible.builtin.wait_for: - timeout: 45 + - name: Cancel key deletion (idempotence) - check mode amazon.aws.kms_key: alias: "{{ kms_key_alias }}" state: present register: key - check_mode: true + - name: Assert that no change is expected ansible.builtin.assert: that: @@ -478,7 +471,7 @@ amazon.aws.kms_key: alias: "{{ kms_key_alias }}" state: present - register: key + - name: Assert that no change occurred ansible.builtin.assert: that: @@ -502,8 +495,6 @@ - key.description == '' - "'deletion_date' not in key" - # ------------------------------------------------------------------------------------------ - - name: Delete the key with a specific deletion window amazon.aws.kms_key: alias: "{{ kms_key_alias }}" @@ -528,17 +519,17 @@ - (( deletion_time | to_datetime ) - ( now_time | to_datetime )).days >= 6 # ============================================================ - # test different key usage and specs + - name: Create kms key with different specs amazon.aws.kms_key: alias: "{{ kms_key_alias }}-diff-spec-usage" purge_grants: true key_spec: ECC_NIST_P256 key_usage: SIGN_VERIFY - register: create_diff_kms + - name: Sleep to wait for updates to propagate ansible.builtin.wait_for: - timeout: 45 + - name: Verify different specs on kms key ansible.builtin.assert: that: @@ -553,7 +544,7 @@ always: # ============================================================ - # CLEAN-UP + - name: Finish off by deleting keys amazon.aws.kms_key: state: absent diff --git a/tests/integration/targets/kms_key/roles/kms_key/tasks/test_tagging.yml b/tests/integration/targets/kms_key/roles/kms_key/tasks/test_tagging.yml index c4ea6261e1d..eaa1dd736f6 100644 --- a/tests/integration/targets/kms_key/roles/kms_key/tasks/test_tagging.yml +++ b/tests/integration/targets/kms_key/roles/kms_key/tasks/test_tagging.yml @@ -6,9 +6,10 @@ # # Get some information about who we are before starting our tests # we'll need this as soon as we start working on the policies + - name: Get ARN of calling user amazon.aws.aws_caller_info: - register: aws_caller_info + - name: Create a key amazon.aws.kms_key: alias: "{{ kms_key_alias }}" @@ -17,7 +18,7 @@ state: present enabled: true enable_key_rotation: false - register: key + - name: Assert that state is enabled ansible.builtin.assert: that: @@ -40,8 +41,6 @@ - key.key_policies[0].Id == 'key-default-1' - key.description == '' - # ------------------------------------------------------------------------------------------ - - name: Tag encryption key amazon.aws.kms_key: alias: "{{ kms_key_alias }}" @@ -50,7 +49,7 @@ tag_one: tag_one tag_two: tag_two purge_tags: false - register: key + - name: Assert tags added ansible.builtin.assert: that: @@ -77,7 +76,7 @@ - name: Sleep to wait for updates to propagate ansible.builtin.wait_for: - timeout: 45 + - name: Modify tags - check mode amazon.aws.kms_key: alias: "{{ kms_key_alias }}" @@ -87,7 +86,7 @@ tag_two: tag_two_updated Tag Three: "{{ resource_prefix }}" register: key - check_mode: true + - name: Assert that change is expected ansible.builtin.assert: that: @@ -101,7 +100,7 @@ tags: tag_two: tag_two_updated Tag Three: "{{ resource_prefix }}" - register: key + - name: Assert tags correctly changed ansible.builtin.assert: that: @@ -130,7 +129,7 @@ - name: Sleep to wait for updates to propagate ansible.builtin.wait_for: - timeout: 45 + - name: Modify tags (idempotence) - check mode amazon.aws.kms_key: alias: "{{ kms_key_alias }}" @@ -140,7 +139,7 @@ tag_two: tag_two_updated Tag Three: "{{ resource_prefix }}" register: key - check_mode: true + - name: Assert that no change is expected ansible.builtin.assert: that: @@ -154,7 +153,7 @@ tags: tag_two: tag_two_updated Tag Three: "{{ resource_prefix }}" - register: key + - name: Assert that no change occurred ansible.builtin.assert: that: @@ -183,7 +182,7 @@ always: # ============================================================ - # CLEAN-UP + - name: Finish off by deleting keys amazon.aws.kms_key: state: absent diff --git a/tests/integration/targets/lookup_aws_account_attribute/tasks/main.yaml b/tests/integration/targets/lookup_aws_account_attribute/tasks/main.yaml index a680ea9f50c..11944e6c14b 100644 --- a/tests/integration/targets/lookup_aws_account_attribute/tasks/main.yaml +++ b/tests/integration/targets/lookup_aws_account_attribute/tasks/main.yaml @@ -17,14 +17,14 @@ block: - name: Check for EC2 Classic support (has-ec2-classic) ansible.builtin.set_fact: - has_ec2_classic: "{{ lookup('amazon.aws.aws_account_attribute', attribute='has-ec2-classic', wantlist=True, **connection_args) }}" + - ansible.builtin.assert: that: - ( has_ec2_classic is sameas true ) or ( has_ec2_classic is sameas false ) - name: Fetch all account attributes (wantlist=True) ansible.builtin.set_fact: - account_attrs: "{{ lookup('amazon.aws.aws_account_attribute', wantlist=True, **connection_args) }}" + - ansible.builtin.assert: that: # Not guaranteed that there will be a default-vpc @@ -42,10 +42,10 @@ - account_attrs['vpc-max-security-groups-per-interface'][0] | int # Not espcially useful, but let's be thorough and leave hints what folks could - # expect + - name: Fetch all account attributes (wantlist=False) ansible.builtin.set_fact: - account_attrs: "{{ lookup('amazon.aws.aws_account_attribute', wantlist=False, **connection_args) }}" + - ansible.builtin.assert: that: - '"default-vpc" in split_attrs' @@ -59,49 +59,49 @@ - name: Check for Default VPC (default-vpc) ansible.builtin.set_fact: - default_vpc: "{{ lookup('amazon.aws.aws_account_attribute', attribute='default-vpc', **connection_args) }}" + - ansible.builtin.assert: that: - (default_vpc == "none") or default_vpc.startswith("vpc-") - name: Check for maximum number of EIPs (max-elastic-ips) ansible.builtin.set_fact: - max_eips: "{{ lookup('amazon.aws.aws_account_attribute', attribute='max-elastic-ips', **connection_args) }}" + - ansible.builtin.assert: that: - max_eips | int - name: Check for maximum number of Instances (max-instances) ansible.builtin.set_fact: - max_instances: "{{ lookup('amazon.aws.aws_account_attribute', attribute='max-instances', **connection_args) }}" + - ansible.builtin.assert: that: - max_instances | int - name: Check for maximum number of EIPs in a VPC (vpc-max-elastic-ips) ansible.builtin.set_fact: - vpc_max_eips: "{{ lookup('amazon.aws.aws_account_attribute', attribute='vpc-max-elastic-ips', **connection_args) }}" + - ansible.builtin.assert: that: - vpc_max_eips | int - name: Check for maximum number of Security Groups per Interface (vpc-max-security-groups-per-interface) ansible.builtin.set_fact: - max_sg_per_int: "{{ lookup('amazon.aws.aws_account_attribute', attribute='vpc-max-security-groups-per-interface', **connection_args) }}" + - ansible.builtin.assert: that: - max_sg_per_int | int - name: Check for support of Classic EC2 vs VPC (supported-platforms) ansible.builtin.set_fact: - supported_plat: "{{ lookup('amazon.aws.aws_account_attribute', attribute='supported-platforms', **connection_args) }}" + - ansible.builtin.assert: that: - supported_plat.split(',') | difference(['VPC', 'EC2']) | length == 0 - name: Check for support of Classic EC2 vs VPC (supported-platforms) (wantlist) ansible.builtin.set_fact: - supported_plat: "{{ lookup('amazon.aws.aws_account_attribute', attribute='supported-platforms', wantlist=True, **connection_args) }}" + - ansible.builtin.assert: that: - supported_plat | difference(['VPC', 'EC2']) | length == 0 diff --git a/tests/integration/targets/lookup_secretsmanager_secret/tasks/main.yaml b/tests/integration/targets/lookup_secretsmanager_secret/tasks/main.yaml index 2102e7337e3..5d927ec8bb0 100644 --- a/tests/integration/targets/lookup_secretsmanager_secret/tasks/main.yaml +++ b/tests/integration/targets/lookup_secretsmanager_secret/tasks/main.yaml @@ -110,10 +110,8 @@ that: - get_deleted_secret is failed - # Test with nested secrets - ansible.builtin.include_tasks: tasks/nested.yaml always: - # delete secret created - name: Delete secret community.aws.secretsmanager_secret: name: "{{ secret_name }}" diff --git a/tests/integration/targets/lookup_secretsmanager_secret/tasks/nested.yaml b/tests/integration/targets/lookup_secretsmanager_secret/tasks/nested.yaml index 95b8492338f..5fcc31dc3eb 100644 --- a/tests/integration/targets/lookup_secretsmanager_secret/tasks/nested.yaml +++ b/tests/integration/targets/lookup_secretsmanager_secret/tasks/nested.yaml @@ -53,7 +53,6 @@ - missing_wrn_secret == [] always: - # delete secret created - name: Delete secret '{{ json_secret_name }}' community.aws.secretsmanager_secret: name: "{{ json_secret_name }}" diff --git a/tests/integration/targets/lookup_ssm_parameter/tasks/main.yml b/tests/integration/targets/lookup_ssm_parameter/tasks/main.yml index 2154c1aa14d..2595abc3a18 100644 --- a/tests/integration/targets/lookup_ssm_parameter/tasks/main.yml +++ b/tests/integration/targets/lookup_ssm_parameter/tasks/main.yml @@ -40,11 +40,12 @@ block: # ============================================================ # Simple key/value + - name: Lookup a missing key (error) ansible.builtin.set_fact: lookup_value: "{{ lookup('amazon.aws.aws_ssm', simple_name, **connection_args) }}" ignore_errors: true - register: lookup_missing + - ansible.builtin.assert: that: - lookup_missing is failed @@ -52,7 +53,7 @@ - name: Lookup a missing key (warn) ansible.builtin.set_fact: lookup_value: "{{ lookup('amazon.aws.aws_ssm', simple_name, on_missing=warn, **connection_args) }}" - register: lookup_missing + - ansible.builtin.assert: that: - lookup_value | list | length == 0 @@ -60,7 +61,7 @@ - name: Lookup a single missing key (skip) ansible.builtin.set_fact: lookup_value: "{{ lookup('amazon.aws.aws_ssm', simple_name, on_missing=skip, **connection_args) }}" - register: lookup_missing + - ansible.builtin.assert: that: - lookup_value | list | length == 0 @@ -73,7 +74,7 @@ - name: Lookup a single key ansible.builtin.set_fact: - lookup_value: "{{ lookup('amazon.aws.aws_ssm', simple_name, **connection_args) }}" + - ansible.builtin.assert: that: - lookup_value == simple_value @@ -86,7 +87,7 @@ - name: Lookup a single key ansible.builtin.set_fact: - lookup_value: "{{ lookup('amazon.aws.aws_ssm', simple_name, **connection_args) }}" + - ansible.builtin.assert: that: - lookup_value == simple_value @@ -99,14 +100,14 @@ - name: Lookup updated single key ansible.builtin.set_fact: - lookup_value: "{{ lookup('amazon.aws.aws_ssm', simple_name, **connection_args) }}" + - ansible.builtin.assert: that: - lookup_value == updated_value - name: Lookup original value from single key ansible.builtin.set_fact: - lookup_value: "{{ lookup('amazon.aws.aws_ssm', simple_name + ':1', **connection_args) }}" + - ansible.builtin.assert: that: - lookup_value == simple_value @@ -131,10 +132,9 @@ description: "{{ path_description }}" value: "{{ path_value_c }}" - # ============================================================ - name: Lookup a keys using bypath ansible.builtin.set_fact: - lookup_value: "{{ lookup('amazon.aws.aws_ssm', path_name, bypath=True, wantlist=True, **connection_args) | first }}" + - ansible.builtin.assert: that: - path_name_a in lookup_value @@ -145,7 +145,7 @@ - name: Lookup a keys using bypath and recursive ansible.builtin.set_fact: - lookup_value: "{{ lookup('amazon.aws.aws_ssm', path_name, bypath=True, recursive=True, wantlist=True, **connection_args) | first }}" + - ansible.builtin.assert: that: - path_name_a in lookup_value @@ -158,7 +158,7 @@ - name: Lookup a keys using bypath and shortname ansible.builtin.set_fact: - lookup_value: "{{ lookup('amazon.aws.aws_ssm', path_name, bypath=True, shortnames=True, wantlist=True, **connection_args) | first }}" + - ansible.builtin.assert: that: - path_shortname_a in lookup_value @@ -169,7 +169,7 @@ - name: Lookup a keys using bypath and recursive and shortname ansible.builtin.set_fact: - lookup_value: "{{ lookup('amazon.aws.aws_ssm', path_name, bypath=True, recursive=True, shortnames=True, wantlist=True, **connection_args) | first }}" + - ansible.builtin.assert: that: - path_shortname_a in lookup_value @@ -184,7 +184,7 @@ - name: Explicitly lookup two keys ansible.builtin.set_fact: - lookup_value: "{{ lookup('amazon.aws.aws_ssm', simple_name, path_name_a, wantlist=True, **connection_args) }}" + - ansible.builtin.assert: that: - lookup_value | list | length == 2 @@ -197,14 +197,14 @@ ansible.builtin.set_fact: lookup_value: "{{ lookup('amazon.aws.aws_ssm', simple_name, missing_name, wantlist=True, **connection_args) }}" ignore_errors: true - register: lookup_missing + - ansible.builtin.assert: that: - lookup_missing is failed - name: Explicitly lookup two keys - one missing (skip) ansible.builtin.set_fact: - lookup_value: "{{ lookup('amazon.aws.aws_ssm', simple_name, missing_name, on_missing=skip, wantlist=True, **connection_args) }}" + - ansible.builtin.assert: that: - lookup_value | list | length == 2 @@ -217,14 +217,14 @@ ansible.builtin.set_fact: lookup_value: "{{ lookup('amazon.aws.aws_ssm', path_name, missing_name, bypath=True, wantlist=True, **connection_args) }}" ignore_errors: true - register: lookup_missing + - ansible.builtin.assert: that: - lookup_missing is failed - name: Explicitly lookup two paths - one missing (skip) ansible.builtin.set_fact: - lookup_value: "{{ lookup('amazon.aws.aws_ssm', path_name, missing_name, on_missing=skip, bypath=True, wantlist=True, **connection_args) }}" + - ansible.builtin.assert: that: - lookup_value | list | length == 2 @@ -241,14 +241,14 @@ ansible.builtin.set_fact: lookup_value: "{{ lookup('amazon.aws.aws_ssm', path_name, missing_name, bypath=True, recursive=True, wantlist=True, **connection_args) }}" ignore_errors: true - register: lookup_missing + - ansible.builtin.assert: that: - lookup_missing is failed - name: Explicitly lookup two paths with recurse - one missing (skip) ansible.builtin.set_fact: - lookup_value: "{{ lookup('amazon.aws.aws_ssm', path_name, missing_name, on_missing=skip, bypath=True, recursive=True, wantlist=True, **connection_args) }}" + - ansible.builtin.assert: that: - lookup_value | list | length == 2 @@ -262,7 +262,6 @@ - lookup_value[0] | length == 3 always: - # ============================================================ - name: Delete remaining key/value pairs in aws parameter store community.aws.ssm_parameter: name: "{{ item }}" diff --git a/tests/integration/targets/module_utils_botocore_recorder/main.yml b/tests/integration/targets/module_utils_botocore_recorder/main.yml index 1b7aef23881..3fb19239d08 100644 --- a/tests/integration/targets/module_utils_botocore_recorder/main.yml +++ b/tests/integration/targets/module_utils_botocore_recorder/main.yml @@ -3,10 +3,10 @@ tasks: - name: Call aws_az_info amazon.aws.aws_az_info: - register: result + - name: Get called information amazon.aws.aws_caller_info: - register: result + - ansible.builtin.assert: that: - lookup('ansible.builtin.env', '_ANSIBLE_PLACEBO_RECORD') or (lookup('ansible.builtin.env', '_ANSIBLE_PLACEBO_REPLAY') and result.user_id == "AWZBREIZHEOMABRONIFVGFS6GH") diff --git a/tests/integration/targets/module_utils_core/setup.yml b/tests/integration/targets/module_utils_core/setup.yml index 992498fc3b1..258e8858d19 100644 --- a/tests/integration/targets/module_utils_core/setup.yml +++ b/tests/integration/targets/module_utils_core/setup.yml @@ -21,7 +21,7 @@ aws_access_key: "{{ aws_access_key }}" aws_secret_key: "{{ aws_secret_key }}" register: session_token - no_log: true + - name: Override initial tokens ansible.builtin.set_fact: session_access_key: "{{ session_token.sts_creds.access_key }}" diff --git a/tests/integration/targets/rds_cluster_create/tasks/main.yaml b/tests/integration/targets/rds_cluster_create/tasks/main.yaml index 0488b086bb6..99b73c79ce9 100644 --- a/tests/integration/targets/rds_cluster_create/tasks/main.yaml +++ b/tests/integration/targets/rds_cluster_create/tasks/main.yaml @@ -81,7 +81,7 @@ - _result_create_db_cluster.tags | length == 2 - _result_create_db_cluster.tags["Created_By"] == tags_create["Created_By"] - _result_create_db_cluster.tags["Name"] == tags_create["Name"] - - "'vpc_security_groups' in _result_create_db_cluster" + - name: Get info of the existing cluster amazon.aws.rds_cluster_info: cluster_id: "{{ cluster_id }}" @@ -118,7 +118,6 @@ that: - not _result_create_db_cluster.changed - always: - name: Delete DB cluster without creating a final snapshot amazon.aws.rds_cluster: state: absent diff --git a/tests/integration/targets/rds_cluster_create_sgs/tasks/main.yaml b/tests/integration/targets/rds_cluster_create_sgs/tasks/main.yaml index e7c62e79af9..0e77e1fd027 100644 --- a/tests/integration/targets/rds_cluster_create_sgs/tasks/main.yaml +++ b/tests/integration/targets/rds_cluster_create_sgs/tasks/main.yaml @@ -174,7 +174,6 @@ - _result_create_db_cluster.db_cluster_identifier == cluster_id - _result_create_db_cluster.vpc_security_groups | selectattr('status', 'in', ['active', 'adding']) | list | length == 1 - always: - name: Delete DB cluster without creating a final snapshot amazon.aws.rds_cluster: state: absent diff --git a/tests/integration/targets/rds_cluster_modify/tasks/remove_from_global_db.yaml b/tests/integration/targets/rds_cluster_modify/tasks/remove_from_global_db.yaml index 9406ccd68ce..919ff4c2250 100644 --- a/tests/integration/targets/rds_cluster_modify/tasks/remove_from_global_db.yaml +++ b/tests/integration/targets/rds_cluster_modify/tasks/remove_from_global_db.yaml @@ -2,7 +2,6 @@ - name: Run tests for testing remove cluster from global db block: # Create global db ------------------------------------------------------------------------------- - - name: Create rds global database amazon.cloud.rds_global_cluster: global_cluster_identifier: "{{ test_global_cluster_name }}" @@ -12,8 +11,6 @@ state: present register: create_global_result - # Create primary cluster with an instance --------------------------------------------------------------- - - name: Create a primary cluster for global database amazon.aws.rds_cluster: global_cluster_identifier: "{{ test_global_cluster_name }}" @@ -57,8 +54,6 @@ that: - global_cluster_info.GlobalClusters[0].GlobalClusterMembers[0].DBClusterArn == primary_cluster_info_result.clusters[0].db_cluster_arn - # Create replica cluster ------------------------------------------------------------------------------- - - name: Create a replica cluster for global database amazon.aws.rds_cluster: global_cluster_identifier: "{{ test_global_cluster_name }}" @@ -92,8 +87,6 @@ that: - global_cluster_info.GlobalClusters[0].GlobalClusterMembers[1].DBClusterArn == replica_cluster_info_result.clusters[0].db_cluster_arn - # Test delete on replica cluster part of global db---------------------------------------------------------------- - - name: Delete DB cluster without final snapshot (fails as its a part of global db) amazon.aws.rds_cluster: db_cluster_identifier: "{{ test_replica_cluster_name }}" @@ -111,8 +104,6 @@ - delete_replica_cluster_result is not changed - '"is a part of a global cluster, please remove it from global cluster" in delete_replica_cluster_result.error.message' - # Test modify replica DB cluster along with removing it from global db------------------------------------------------ - - name: Remove replica DB cluster from global DB and modify cluster port amazon.aws.rds_cluster: db_cluster_identifier: "{{ test_replica_cluster_name }}" @@ -154,8 +145,6 @@ - global_cluster_info.GlobalClusters[0].GlobalClusterMembers | length == 1 - global_cluster_info.GlobalClusters[0].GlobalClusterMembers[0].DBClusterArn != replica_cluster_info_result.clusters[0].db_cluster_arn - # Test delete on replica cluster as NOT a part of global db---------------------------------------------------------------- - - name: Delete replica cluster amazon.aws.rds_cluster: db_cluster_identifier: "{{ test_replica_cluster_name }}" @@ -171,7 +160,6 @@ - delete_replica_cluster_result is not failed - delete_replica_cluster_result is changed - # Test remove primary cluster from global db------------------------------------------------------------ - name: Remove primary cluster from global db amazon.aws.rds_cluster: global_cluster_identifier: "{{ test_global_cluster_name }}" @@ -197,9 +185,8 @@ that: - global_cluster_info.GlobalClusters[0].GlobalClusterMembers | length == 0 - # Cleanup starts------------------------------------------------------------ + # Cleanup starts------------------------------------------------------------ - always: - name: Delete replica cluster amazon.aws.rds_cluster: db_cluster_identifier: "{{ test_replica_cluster_name }}" diff --git a/tests/integration/targets/rds_cluster_multi_az/tasks/main.yml b/tests/integration/targets/rds_cluster_multi_az/tasks/main.yml index 6caf33e2fc0..b962ff80e67 100644 --- a/tests/integration/targets/rds_cluster_multi_az/tasks/main.yml +++ b/tests/integration/targets/rds_cluster_multi_az/tasks/main.yml @@ -63,7 +63,6 @@ that: - _result_create_source_db_cluster.changed - always: - name: Delete DB cluster without creating a final snapshot amazon.aws.rds_cluster: state: absent diff --git a/tests/integration/targets/rds_cluster_param_group/tasks/main.yaml b/tests/integration/targets/rds_cluster_param_group/tasks/main.yaml index 20802d0f74a..fa5e2a1275a 100644 --- a/tests/integration/targets/rds_cluster_param_group/tasks/main.yaml +++ b/tests/integration/targets/rds_cluster_param_group/tasks/main.yaml @@ -17,7 +17,6 @@ ansible.builtin.set_fact: dbparam_group_family: "{{ engine_versions.db_engine_versions.0.db_parameter_group_family }}" - # Test create using check_mode=true - name: Create RDS cluster parameter group (check_mode=true) amazon.aws.rds_cluster_param_group: name: "{{ rds_cluster_param_group_name }}" @@ -37,7 +36,6 @@ - create_checkmode is changed - cluster_params.db_cluster_parameter_groups | length == 0 - # Test create RDS cluster parameter group - name: Create RDS cluster parameter group amazon.aws.rds_cluster_param_group: name: "{{ rds_cluster_param_group_name }}" @@ -59,7 +57,6 @@ - create_group.db_cluster_parameter_group.db_parameter_group_family == dbparam_group_family - cluster_params.db_cluster_parameter_groups | length == 1 - # Test create RDS cluster parameter group (idempotency) - name: Create RDS cluster parameter group (idempotency) amazon.aws.rds_cluster_param_group: name: "{{ rds_cluster_param_group_name }}" @@ -72,7 +69,6 @@ that: - create_idempotency is not changed - # Test adding tag to existing RDS cluster parameter group (check_mode=true) - name: Update existing RDS cluster parameter group with tags (check_mode=true) amazon.aws.rds_cluster_param_group: name: "{{ rds_cluster_param_group_name }}" @@ -93,7 +89,6 @@ - create_tag is changed - cluster_params.db_cluster_parameter_groups.0.tags == {} - # Test adding tag to existing RDS cluster parameter group - name: Update existing RDS cluster parameter group with tags amazon.aws.rds_cluster_param_group: name: "{{ rds_cluster_param_group_name }}" @@ -113,7 +108,6 @@ - create_tag is changed - cluster_params.db_cluster_parameter_groups.0.tags == resource_tags - # Test adding tag to existing RDS cluster parameter group (idempotency) - name: Update existing RDS cluster parameter group with tags (idempotency) amazon.aws.rds_cluster_param_group: name: "{{ rds_cluster_param_group_name }}" @@ -133,7 +127,6 @@ - create_tag_idempotency is not changed - cluster_params.db_cluster_parameter_groups.0.tags == resource_tags - # Test adding not modifiable parameter - name: Update RDS cluster param group with not modifiable parameter amazon.aws.rds_cluster_param_group: name: "{{ rds_cluster_param_group_name }}" @@ -152,7 +145,6 @@ - not_modifiable is failed - '"The parameter archive_library cannot be modified" in not_modifiable.msg' - # Test adding invalid parameter - name: Update RDS cluster param group with invalid parameter amazon.aws.rds_cluster_param_group: name: "{{ rds_cluster_param_group_name }}" @@ -171,7 +163,6 @@ - invalid_param is failed - '"Could not find parameter with name: invalid_fake" in invalid_param.msg' - # Test Modify parameters - name: Modify RDS cluster parameter group with new parameters (check_mode) amazon.aws.rds_cluster_param_group: name: "{{ rds_cluster_param_group_name }}" @@ -234,7 +225,6 @@ - cluster_params.db_cluster_parameter_groups.0.db_parameters | selectattr('parameter_name', 'equalto', 'authentication_timeout') | first | community.general.json_query('parameter_value') == "50" - # Test Modify parameters (idempotency) - name: Modify RDS cluster parameter group with new parameters (idempotency with check_mode) amazon.aws.rds_cluster_param_group: name: "{{ rds_cluster_param_group_name }}" @@ -273,7 +263,6 @@ that: - update_idempotency is not changed - # Test delete RDS cluster parameter group (check_mode=true) - name: Delete existing RDS cluster parameter group (check_mode=true) amazon.aws.rds_cluster_param_group: name: "{{ rds_cluster_param_group_name }}" @@ -292,7 +281,6 @@ - delete_cluster_param_checkmode is changed - cluster_params.db_cluster_parameter_groups | length == 1 - # Test delete RDS cluster parameter group - name: Delete existing RDS cluster parameter group amazon.aws.rds_cluster_param_group: name: "{{ rds_cluster_param_group_name }}" @@ -310,7 +298,6 @@ - delete_cluster_param is changed - cluster_params.db_cluster_parameter_groups | length == 0 - # Test delete RDS cluster parameter group (idempotency) - name: Delete existing RDS cluster parameter group amazon.aws.rds_cluster_param_group: name: "{{ rds_cluster_param_group_name }}" @@ -322,7 +309,6 @@ that: - delete_cluster_param is not changed - always: - name: Delete existing RDS cluster parameter group amazon.aws.rds_cluster_param_group: name: "{{ rds_cluster_param_group_name }}" diff --git a/tests/integration/targets/rds_cluster_promote/tasks/main.yaml b/tests/integration/targets/rds_cluster_promote/tasks/main.yaml index 5025fdcc425..8791e974594 100644 --- a/tests/integration/targets/rds_cluster_promote/tasks/main.yaml +++ b/tests/integration/targets/rds_cluster_promote/tasks/main.yaml @@ -174,7 +174,6 @@ that: - not _result_promote_replica_db_cluster.changed - always: - name: Remove the DB cluster amazon.aws.rds_cluster: id: "{{ cluster_id }}" diff --git a/tests/integration/targets/rds_cluster_restore/tasks/main.yaml b/tests/integration/targets/rds_cluster_restore/tasks/main.yaml index c71b8daed38..41b96a146e2 100644 --- a/tests/integration/targets/rds_cluster_restore/tasks/main.yaml +++ b/tests/integration/targets/rds_cluster_restore/tasks/main.yaml @@ -170,9 +170,9 @@ - "'tags' in _result_restored_db_cluster" - "'vpc_security_groups' in _result_restored_db_cluster" - # TODO: export a snapshot to an S3 bucket and restore cluster from it - # Requires rds_export_task module - always: + # TODO: export a snapshot to an S3 bucket and restore cluster from it + # Requires rds_export_task module + - name: Delete the snapshot amazon.aws.rds_cluster_snapshot: db_cluster_snapshot_identifier: "{{ cluster_id }}-snapshot" diff --git a/tests/integration/targets/rds_cluster_snapshot/tasks/main.yml b/tests/integration/targets/rds_cluster_snapshot/tasks/main.yml index 1f2d77e7c74..0dc835f7438 100644 --- a/tests/integration/targets/rds_cluster_snapshot/tasks/main.yml +++ b/tests/integration/targets/rds_cluster_snapshot/tasks/main.yml @@ -384,8 +384,7 @@ # ------------------------------------------------------------------------------------------ # Test copying a snapshot - ### Copying a DB cluster snapshot from a different region is supported, but not in CI, - ### because the aws-terminator only terminates resources in one region. + - ansible.builtin.set_fact: _snapshot_arn: "{{ _result_cluster_snapshot.db_cluster_snapshot_arn }}" @@ -455,7 +454,6 @@ - _result_cluster_copy_snapshot.tags["Tag Two"] == "two "+snapshot_id+"-b" - _result_cluster_copy_snapshot.tags["tag_three"] == snapshot_id+"-b Three" - always: - name: Delete the existing DB cluster snapshots amazon.aws.rds_cluster_snapshot: state: absent diff --git a/tests/integration/targets/rds_cluster_states/tasks/main.yml b/tests/integration/targets/rds_cluster_states/tasks/main.yml index 75898b0932d..a6ec3ae592a 100644 --- a/tests/integration/targets/rds_cluster_states/tasks/main.yml +++ b/tests/integration/targets/rds_cluster_states/tasks/main.yml @@ -8,6 +8,7 @@ block: # ------------------------------------------------------------------------------------------ # Create DB cluster + - name: Ensure the resource doesn't exist amazon.aws.rds_cluster: id: "{{ cluster_id }}" @@ -58,8 +59,6 @@ - "'tags' in _result_create_source_db_cluster" - "'vpc_security_groups' in _result_create_source_db_cluster" - # ------------------------------------------------------------------------------------------ - # Test stopping db clusters - name: Stop db clusters - checkmode amazon.aws.rds_cluster: cluster_id: "{{ cluster_id }}" @@ -110,8 +109,6 @@ that: - not stopped_cluster_idem.changed - # ------------------------------------------------------------------------------------------ - # Test starting DB clusters - name: Start db clusters - checkmode amazon.aws.rds_cluster: cluster_id: "{{ cluster_id }}" @@ -154,8 +151,6 @@ that: - not started_cluster.changed - # ------------------------------------------------------------------------------------------ - # Give errors for MySql DB cluster - name: Ensure the resource doesn't exist amazon.aws.rds_cluster: id: "{{ mysql_cluster_id }}" @@ -223,8 +218,6 @@ - mysql_cluster.msg == "Only aurora clusters can use the state stopped" always: - # ------------------------------------------------------------------------------------------ - # Cleanup starts here - name: Delete MySql db cluster without creating a final snapshot amazon.aws.rds_cluster: state: absent diff --git a/tests/integration/targets/rds_cluster_tag/tasks/main.yaml b/tests/integration/targets/rds_cluster_tag/tasks/main.yaml index 6b9e8824de9..ee04c7c72c8 100644 --- a/tests/integration/targets/rds_cluster_tag/tasks/main.yaml +++ b/tests/integration/targets/rds_cluster_tag/tasks/main.yaml @@ -248,7 +248,7 @@ - _result_tag_db_cluster.tags | length == 2 - _result_tag_db_cluster.tags["Created_By"] == tags_create["Created_By"] - _result_tag_db_cluster.tags["Name"] == tags_create["Name"] - - "'vpc_security_groups' in _result_tag_db_cluster" + - name: Remove all tags amazon.aws.rds_cluster: engine: "{{ engine }}" @@ -286,7 +286,7 @@ - "'tags' in _result_tag_db_cluster" - _result_tag_db_cluster.tags | length == 0 - "'vpc_security_groups' in _result_tag_db_cluster" - always: + - name: Delete DB cluster without creating a final snapshot amazon.aws.rds_cluster: state: absent diff --git a/tests/integration/targets/rds_global_cluster_create/tasks/main.yaml b/tests/integration/targets/rds_global_cluster_create/tasks/main.yaml index 0e0d082c535..d56a7b59286 100644 --- a/tests/integration/targets/rds_global_cluster_create/tasks/main.yaml +++ b/tests/integration/targets/rds_global_cluster_create/tasks/main.yaml @@ -72,7 +72,6 @@ - global_cluster_info.global_clusters[0].global_cluster_members[1].db_cluster_arn == secondary_cluster_info_result.clusters[0].db_cluster_arn - global_cluster_info.global_clusters[0].engine == engine - always: - name: Delete secondary cluster without creating a final snapshot amazon.aws.rds_cluster: cluster_id: "{{ secondary_cluster_id }}" diff --git a/tests/integration/targets/rds_instance_aurora/tasks/main.yml b/tests/integration/targets/rds_instance_aurora/tasks/main.yml index c22098bc037..2e07090ad9f 100644 --- a/tests/integration/targets/rds_instance_aurora/tasks/main.yml +++ b/tests/integration/targets/rds_instance_aurora/tasks/main.yml @@ -98,7 +98,6 @@ - "'Modify database endpoint port number for the DB Cluster using the ModifyDbCluster API' in result.msg" - "'Please see rds_cluster' in result.msg" - always: - name: Delete the instance amazon.aws.rds_instance: id: "{{ item }}" diff --git a/tests/integration/targets/rds_instance_modify/tasks/main.yml b/tests/integration/targets/rds_instance_modify/tasks/main.yml index 59d6308b783..a6cc338b7cc 100644 --- a/tests/integration/targets/rds_instance_modify/tasks/main.yml +++ b/tests/integration/targets/rds_instance_modify/tasks/main.yml @@ -84,7 +84,6 @@ # TODO: test modifying db_subnet_group_name, db_security_groups, db_parameter_group_name, option_group_name, # monitoring_role_arn, monitoring_interval, domain, domain_iam_role_name - # ------------------------------------------------------------------------------------------ - name: Modify the storage type without immediate application - check_mode amazon.aws.rds_instance: id: "{{ instance_id }}" @@ -194,8 +193,6 @@ - result.changed - result.db_instance_identifier == modified_instance_id - # Test modifying CA certificate identifier ------------------------------------------- - - name: Modify the CA certificate identifier to rds-ca-ecc384-g1 - check_mode amazon.aws.rds_instance: state: present @@ -214,7 +211,7 @@ - name: Get curent CA certificate identifier amazon.aws.rds_instance_info: db_instance_identifier: "{{ modified_instance_id }}" - register: db_info + - name: Assert that CA certificate identifier has been modified - check_mode ansible.builtin.assert: that: @@ -242,7 +239,7 @@ register: db_info retries: 20 delay: 10 - until: db_info.instances[0].ca_certificate_identifier == "rds-ca-ecc384-g1" + - name: Assert that CA certificate identifier has been modified ansible.builtin.assert: that: @@ -269,7 +266,7 @@ register: db_info retries: 20 delay: 10 - until: db_info.instances[0].ca_certificate_identifier == "rds-ca-ecc384-g1" + - name: Assert that CA certificate identifier has been modified ansible.builtin.assert: that: @@ -297,16 +294,15 @@ register: db_info retries: 20 delay: 10 - until: db_info.instances[0].ca_certificate_identifier == "rds-ca-ecc384-g1" + - name: Assert that CA certificate identifier has been modified ansible.builtin.assert: that: - result is not changed - result is not failed - db_info.instances[0].ca_certificate_identifier == "rds-ca-ecc384-g1" - # Test modifying CA certificate identifier Complete------------------------------------------- + # Test modifying CA certificate identifier Complete------------------------------------------- - # Test modifying cloudwatch log exports ------------------------------------------- - name: Enable all cloudwatch log exports - check_mode amazon.aws.rds_instance: state: present @@ -320,7 +316,7 @@ - name: Get current cloudwatch log exports amazon.aws.rds_instance_info: db_instance_identifier: "{{ modified_instance_id }}" - register: db_info + - name: Assert that cloudwatch log exports has been modified - check_mode ansible.builtin.assert: that: @@ -367,7 +363,7 @@ - name: Get current cloudwatch log exports amazon.aws.rds_instance_info: db_instance_identifier: "{{ modified_instance_id }}" - register: db_info + - name: Assert that cloudwatch log exports has not been modified ansible.builtin.assert: that: @@ -389,7 +385,7 @@ - name: Get current cloudwatch log exports amazon.aws.rds_instance_info: db_instance_identifier: "{{ modified_instance_id }}" - register: db_info + - name: Assert that cloudwatch log exports has been modified - check_mode ansible.builtin.assert: that: @@ -436,7 +432,7 @@ - name: Get current cloudwatch log exports amazon.aws.rds_instance_info: db_instance_identifier: "{{ modified_instance_id }}" - register: db_info + - name: Assert that cloudwatch log exports has not been modified ansible.builtin.assert: that: @@ -458,7 +454,7 @@ - name: Get current cloudwatch log exports amazon.aws.rds_instance_info: db_instance_identifier: "{{ modified_instance_id }}" - register: db_info + - name: Assert that cloudwatch log exports has been modified - check_mode ansible.builtin.assert: that: @@ -491,9 +487,8 @@ - result is changed - result is not failed - db_info.instances[0].enabled_cloudwatch_logs_exports is not defined - # Test modifying cloudwatch log exports Complete------------------------------------------- + # Test modifying cloudwatch log exports Complete------------------------------------------- - always: - name: Delete the instance amazon.aws.rds_instance: id: "{{ item }}" diff --git a/tests/integration/targets/rds_instance_processor/tasks/main.yml b/tests/integration/targets/rds_instance_processor/tasks/main.yml index ce50f908c5d..6464d8cd694 100644 --- a/tests/integration/targets/rds_instance_processor/tasks/main.yml +++ b/tests/integration/targets/rds_instance_processor/tasks/main.yml @@ -110,7 +110,6 @@ apply_immediately: true register: result - # Check if processor features either are pending or already changed - ansible.builtin.assert: that: - not result.changed @@ -120,7 +119,6 @@ == modified_processor_features.threadsPerCore) or (result.processor_features.threadsPerCore is defined and result.processor_features.threadsPerCore | int == modified_processor_features.threadsPerCore) - always: - name: Delete the DB instance amazon.aws.rds_instance: id: "{{ instance_id }}" diff --git a/tests/integration/targets/rds_instance_replica/tasks/main.yml b/tests/integration/targets/rds_instance_replica/tasks/main.yml index 139a9572c32..b4673d7a73c 100644 --- a/tests/integration/targets/rds_instance_replica/tasks/main.yml +++ b/tests/integration/targets/rds_instance_replica/tasks/main.yml @@ -48,8 +48,6 @@ - source_db.changed - source_db.db_instance_identifier == instance_id - # ------------------------------------------------------------------------------------------ - - name: Create a read replica in a different region - check_mode amazon.aws.rds_instance: id: "{{ instance_id }}-replica" @@ -213,7 +211,6 @@ that: - not result.changed - always: - name: Remove the DB instance amazon.aws.rds_instance: id: "{{ instance_id }}" diff --git a/tests/integration/targets/rds_instance_restore/tasks/main.yml b/tests/integration/targets/rds_instance_restore/tasks/main.yml index 54fefc3707f..a71dbbe9bfe 100644 --- a/tests/integration/targets/rds_instance_restore/tasks/main.yml +++ b/tests/integration/targets/rds_instance_restore/tasks/main.yml @@ -10,7 +10,6 @@ region: "{{ aws_region }}" block: # TODO: snapshot, s3 - - name: Ensure the resource doesn't exist amazon.aws.rds_instance: id: "{{ instance_id }}" @@ -113,7 +112,6 @@ - not result.changed - result.db_instance_identifier == instance_id - always: - name: Remove the DB instance amazon.aws.rds_instance: id: "{{ instance_id }}-s" diff --git a/tests/integration/targets/rds_instance_sgroups/tasks/main.yml b/tests/integration/targets/rds_instance_sgroups/tasks/main.yml index e21de1369fe..9878d5fe71c 100644 --- a/tests/integration/targets/rds_instance_sgroups/tasks/main.yml +++ b/tests/integration/targets/rds_instance_sgroups/tasks/main.yml @@ -57,8 +57,6 @@ - not result.changed ignore_errors: true - # ------------------------------------------------------------------------------------------ - - name: Create a DB instance in the VPC with two security groups - check_mode amazon.aws.rds_instance: id: "{{ instance_id }}" @@ -137,8 +135,6 @@ - result.db_instance_identifier == instance_id - result.vpc_security_groups | selectattr('status', 'in', ['active', 'adding']) | list | length == 2 - # ------------------------------------------------------------------------------------------ - - name: Add a new security group without purge - check_mode amazon.aws.rds_instance: id: "{{ instance_id }}" @@ -203,8 +199,6 @@ - result.db_instance_identifier == instance_id - result.vpc_security_groups | selectattr('status', 'in', ['active', 'adding']) | list | length == 3 - # ------------------------------------------------------------------------------------------ - - name: Add a security group with purge - check_mode amazon.aws.rds_instance: id: "{{ instance_id }}" @@ -264,7 +258,6 @@ - result.db_instance_identifier == instance_id - result.vpc_security_groups | selectattr('status', 'in', ['active', 'adding']) | list | length == 1 - always: - name: Ensure the resource doesn't exist amazon.aws.rds_instance: id: "{{ instance_id }}" diff --git a/tests/integration/targets/rds_instance_snapshot/tasks/main.yml b/tests/integration/targets/rds_instance_snapshot/tasks/main.yml index da7ec52f199..a499b9be2ba 100644 --- a/tests/integration/targets/rds_instance_snapshot/tasks/main.yml +++ b/tests/integration/targets/rds_instance_snapshot/tasks/main.yml @@ -482,7 +482,6 @@ - _result_instance_snapshot.tags["Tag Two"] == "two "+snapshot_id +"-b" - _result_instance_snapshot.tags["tag_three"] == snapshot_id+"-b Three" - always: - name: Delete the existing DB instance snapshots amazon.aws.rds_instance_snapshot: state: absent diff --git a/tests/integration/targets/rds_instance_snapshot_mgmt/tasks/main.yml b/tests/integration/targets/rds_instance_snapshot_mgmt/tasks/main.yml index 043fbc76dbe..29b6d23a4a7 100644 --- a/tests/integration/targets/rds_instance_snapshot_mgmt/tasks/main.yml +++ b/tests/integration/targets/rds_instance_snapshot_mgmt/tasks/main.yml @@ -58,7 +58,6 @@ - result.db_snapshot_identifier == snapshot_id # ------------------------------------------------------------------------------------------ - # Test restoring db from snapshot - name: Restore DB from snapshot - check_mode amazon.aws.rds_instance: @@ -125,7 +124,6 @@ - result.db_instance_status == 'available' # ------------------------------------------------------------------------------------------ - # Test final snapshot on deletion - name: Ensure instance exists prior to deleting amazon.aws.rds_instance_info: @@ -202,7 +200,6 @@ that: - not result.changed - always: - name: Remove snapshots amazon.aws.rds_instance_snapshot: db_snapshot_identifier: "{{ item }}" diff --git a/tests/integration/targets/rds_instance_states/tasks/main.yml b/tests/integration/targets/rds_instance_states/tasks/main.yml index 067c2192e1c..0bc4d00a0df 100644 --- a/tests/integration/targets/rds_instance_states/tasks/main.yml +++ b/tests/integration/targets/rds_instance_states/tasks/main.yml @@ -110,7 +110,6 @@ - result.deletion_protection == True # ------------------------------------------------------------------------------------------ - # Test stopping / rebooting instances - name: Reboot a stopped instance - check_mode amazon.aws.rds_instance: @@ -311,7 +310,6 @@ that: - not result.changed - always: - name: Remove DB instance amazon.aws.rds_instance: id: "{{ instance_id }}" diff --git a/tests/integration/targets/rds_instance_upgrade/tasks/main.yml b/tests/integration/targets/rds_instance_upgrade/tasks/main.yml index 092b644470a..a8ef6550756 100644 --- a/tests/integration/targets/rds_instance_upgrade/tasks/main.yml +++ b/tests/integration/targets/rds_instance_upgrade/tasks/main.yml @@ -117,7 +117,6 @@ - not result.changed - '"engine_version" in result.pending_modified_values or result.engine_version == mariadb_engine_version_2' - always: - name: Delete the instance amazon.aws.rds_instance: id: "{{ instance_id }}" diff --git a/tests/integration/targets/rds_option_group/tasks/main.yml b/tests/integration/targets/rds_option_group/tasks/main.yml index d7558c153b7..56eda59fd43 100644 --- a/tests/integration/targets/rds_option_group/tasks/main.yml +++ b/tests/integration/targets/rds_option_group/tasks/main.yml @@ -873,7 +873,6 @@ that: - deleted_rds_mysql_option_group.changed - always: - name: Delete an RDS Mysql option group amazon.aws.rds_option_group: state: absent diff --git a/tests/integration/targets/rds_param_group/tasks/main.yml b/tests/integration/targets/rds_param_group/tasks/main.yml index 28ec7f8596f..84d6de5592f 100644 --- a/tests/integration/targets/rds_param_group/tasks/main.yml +++ b/tests/integration/targets/rds_param_group/tasks/main.yml @@ -21,6 +21,7 @@ region: "{{ aws_region }}" block: # ============================================================ + - name: Test empty parameter group - CHECK_MODE amazon.aws.rds_instance_param_group: name: "{{ rds_param_group.name }}" @@ -52,7 +53,6 @@ - '"description" in result' - result.tags == {} - # ============================================================ - name: Test empty parameter group with no arguments changes nothing - CHECK_MODE amazon.aws.rds_instance_param_group: name: "{{ rds_param_group.name }}" @@ -80,7 +80,6 @@ that: - not result.changed - # ============================================================ - name: Test adding numeric tag - CHECK_MODE amazon.aws.rds_instance_param_group: name: "{{ rds_param_group.name }}" @@ -96,7 +95,7 @@ - name: Adding numeric tag just silently converts - CHECK_MODE ansible.builtin.assert: that: - - result.changed + - name: Test adding numeric tag amazon.aws.rds_instance_param_group: name: "{{ rds_param_group.name }}" @@ -141,7 +140,6 @@ - result.warnings is defined - result.warnings | length > 0 - # ============================================================ - name: Test tagging existing group - CHECK_MODE amazon.aws.rds_instance_param_group: name: "{{ rds_param_group.name }}" @@ -158,7 +156,7 @@ - name: Assert tagging existing group changes it and adds tags - CHECK_MODE ansible.builtin.assert: that: - - result.changed + - name: Test tagging existing group amazon.aws.rds_instance_param_group: name: "{{ rds_param_group.name }}" @@ -184,7 +182,6 @@ - result.tags["Test"] == '123' - result.tags["NewTag"] == 'hello' - # ============================================================ - name: Test repeating tagging existing group - CHECK_MODE amazon.aws.rds_instance_param_group: name: "{{ rds_param_group.name }}" @@ -236,7 +233,6 @@ - result.tags["Test"] == '123' - result.tags["NewTag"] == 'hello' - # ============================================================ - name: Test deleting tags from existing group - CHECK_MODE amazon.aws.rds_instance_param_group: name: "{{ rds_param_group.name }}" @@ -252,7 +248,7 @@ - name: Assert removing tags from existing group changes it - CHECK_MODE ansible.builtin.assert: that: - - result.changed + - name: Test deleting tags from existing group amazon.aws.rds_instance_param_group: name: "{{ rds_param_group.name }}" @@ -275,7 +271,6 @@ - result.tags | length == 1 - result.tags["Environment"] == 'test' - # ============================================================ - name: Test state=absent with engine defined (expect changed=true) - CHECK_MODE amazon.aws.rds_instance_param_group: name: "{{ rds_param_group.name }}" @@ -301,7 +296,6 @@ that: - result.changed - # ============================================================ - name: Test creating group with parameters - CHECK_MODE amazon.aws.rds_instance_param_group: name: "{{ rds_param_group.name }}" @@ -353,7 +347,6 @@ - result.tags["Test"] == '123' - result.errors|length == 2 - # ============================================================ - name: Test repeating group with parameters - CHECK_MODE amazon.aws.rds_instance_param_group: name: "{{ rds_param_group.name }}" @@ -405,7 +398,6 @@ - result.tags["Test"] == '123' - result.errors|length == 2 - # ============================================================ - name: Test state=absent with engine defined (expect changed=true) - CHECK_MODE amazon.aws.rds_instance_param_group: name: "{{ rds_param_group.name }}" @@ -417,7 +409,7 @@ - name: Assert state=absent with engine defined (expect changed=true) - CHECK_MODE ansible.builtin.assert: that: - - result.changed + - name: Test state=absent with engine defined (expect changed=true) amazon.aws.rds_instance_param_group: name: "{{ rds_param_group.name }}" @@ -430,7 +422,6 @@ that: - result.changed - # ============================================================ - name: Test repeating state=absent (expect changed=false) - CHECK_MODE amazon.aws.rds_instance_param_group: name: "{{ rds_param_group.name }}" @@ -443,7 +434,7 @@ - name: Assert repeating state=absent (expect changed=false) - CHECK_MODE ansible.builtin.assert: that: - - not result.changed + - name: Test repeating state=absent (expect changed=false) amazon.aws.rds_instance_param_group: name: "{{ rds_param_group.name }}" @@ -457,7 +448,6 @@ that: - not result.changed - # ============================================================ - name: Test creating group with more than 20 parameters - CHECK_MODE amazon.aws.rds_instance_param_group: name: "{{ rds_param_group.name }}" @@ -471,7 +461,7 @@ - name: Assert creating a new group with lots of parameter changes it - CHECK_MODE ansible.builtin.assert: that: - - result.changed + - name: Test creating group with more than 20 parameters amazon.aws.rds_instance_param_group: name: "{{ rds_param_group.name }}" @@ -486,7 +476,6 @@ that: - result.changed - # ============================================================ - name: Test creating group with more than 20 parameters - CHECK_MODE amazon.aws.rds_instance_param_group: name: "{{ rds_param_group.name }}" @@ -500,7 +489,7 @@ - name: Assert repeating a group with lots of parameter does not change it - CHECK_MODE ansible.builtin.assert: that: - - not result.changed + - name: Test creating group with more than 20 parameters amazon.aws.rds_instance_param_group: name: "{{ rds_param_group.name }}" @@ -516,7 +505,6 @@ - not result.changed always: - # ============================================================ - name: Test state=absent (expect changed=false) amazon.aws.rds_instance_param_group: name: "{{ rds_param_group.name }}" diff --git a/tests/integration/targets/route53/tasks/main.yml b/tests/integration/targets/route53/tasks/main.yml index dcb672d9fef..cfa78d8f333 100644 --- a/tests/integration/targets/route53/tasks/main.yml +++ b/tests/integration/targets/route53/tasks/main.yml @@ -1,9 +1,8 @@ --- # tasks file for Route53 integration tests - - ansible.builtin.set_fact: zone_one: '{{ resource_prefix | replace("-", "") }}.one.ansible.test.' - zone_two: '{{ resource_prefix | replace("-", "") }}.two.ansible.test.' + - ansible.builtin.debug: msg: Set zones {{ zone_one }} and {{ zone_two }} @@ -31,7 +30,7 @@ comment: Created in Ansible test {{ resource_prefix }} tags: TestTag: "{{ resource_prefix }}.z1" - register: z1 + - ansible.builtin.assert: that: - z1 is success @@ -44,7 +43,7 @@ query: hosted_zone hosted_zone_id: "{{ z1.zone_id }}" hosted_zone_method: details - register: hosted_zones + - name: Assert newly created hosted zone only has NS and SOA records ansible.builtin.assert: that: @@ -58,7 +57,7 @@ comment: Created in Ansible test {{ resource_prefix }} tags: TestTag: "{{ resource_prefix }}.z2" - register: z2 + - ansible.builtin.assert: that: - z2 is success @@ -79,7 +78,6 @@ - hosted_zones.HostedZone.ResourceRecordSetCount == 2 - hosted_zones.HostedZone.Config.PrivateZone - # Ensure that we can use the non-paginated list_by_name method with max_items - name: Get zone 1 details only amazon.aws.route53_info: query: hosted_zone @@ -101,7 +99,7 @@ record: qdn_test.{{ zone_one }} type: A value: 192.0.2.1 - register: qdn + - ansible.builtin.assert: that: - qdn is not failed @@ -115,7 +113,7 @@ zone: "{{ zone_one }}" record: qdn_test.{{ zone_one }} type: A - register: get_result + - name: Check boto3 type get data ansible.builtin.assert: that: @@ -181,7 +179,6 @@ record_set: "{{ get_result.set }}" qdn_record: qdn_test.{{ zone_one }} - ## test A recordset creation and order adjustments - name: Create same A record using zone non-qualified domain amazon.aws.route53: state: present @@ -189,7 +186,7 @@ record: qdn_test.{{ zone_one[:-1] }} type: A value: 192.0.2.1 - register: non_qdn + - ansible.builtin.assert: that: - non_qdn is not failed @@ -203,7 +200,7 @@ record: zid_test.{{ zone_one }} type: A value: 192.0.2.1 - register: zid + - ansible.builtin.assert: that: - zid is not failed @@ -218,7 +215,7 @@ value: - 192.0.2.2 - 192.0.2.1 - register: mv_a_record + - ansible.builtin.assert: that: - mv_a_record is not failed @@ -233,13 +230,12 @@ value: - 192.0.2.2 - 192.0.2.1 - register: mv_a_record + - ansible.builtin.assert: that: - mv_a_record is not failed - mv_a_record is not changed - # Get resulting A record and ensure max_items is applied - name: Get Route53 A record information amazon.aws.route53_info: type: A @@ -265,7 +261,7 @@ value: - 192.0.2.2 register: del_a_record - ignore_errors: true + - name: This should fail, because `overwrite` is false ansible.builtin.assert: that: @@ -304,7 +300,6 @@ - records.ResourceRecordSets[0].ResourceRecords|length == 1 - records.ResourceRecordSets[0].ResourceRecords[0].Value == '192.0.2.2' - ## Test CNAME record creation and retrive info - name: Create CNAME record amazon.aws.route53: state: present @@ -334,7 +329,6 @@ - cname_records.ResourceRecordSets[0].ResourceRecords|length == 1 - cname_records.ResourceRecordSets[0].ResourceRecords[0].Value == "order_test."+zone_one - ## Test CAA record creation - name: Create a LetsEncrypt CAA record amazon.aws.route53: state: present @@ -345,7 +339,7 @@ - "0 issue \"letsencrypt.org;\"" - "0 issuewild \"letsencrypt.org;\"" overwrite: true - register: caa + - ansible.builtin.assert: that: - caa is not failed @@ -361,7 +355,7 @@ - "0 issue \"letsencrypt.org;\"" - "0 issuewild \"letsencrypt.org;\"" overwrite: true - register: caa + - ansible.builtin.assert: that: - caa is not failed @@ -377,7 +371,7 @@ - "0 issuewild \"letsencrypt.org;\"" - "0 issue \"letsencrypt.org;\"" overwrite: true - register: caa + - name: This should not be changed, as CAA records are not order sensitive ansible.builtin.assert: that: @@ -392,7 +386,7 @@ type: A value: - 192.0.2.1 - register: wc_a_record + - ansible.builtin.assert: that: - wc_a_record is not failed @@ -406,7 +400,7 @@ type: A value: - 192.0.2.1 - register: wc_a_record + - ansible.builtin.assert: that: - wc_a_record is not failed @@ -421,7 +415,7 @@ value: - 192.0.2.2 overwrite: true - register: wc_a_record + - ansible.builtin.assert: that: - wc_a_record is not failed @@ -435,7 +429,7 @@ type: A value: - 192.0.2.2 - register: wc_a_record + - ansible.builtin.assert: that: - wc_a_record is not failed @@ -450,7 +444,7 @@ type: A value: 127.0.0.1 ttl: 30 - register: ttl30 + - name: Check return values ansible.builtin.assert: that: @@ -463,7 +457,7 @@ zone: "{{ zone_one }}" record: localhost.{{ zone_one }} type: A - register: ttl30 + - name: Check if record is deleted ansible.builtin.assert: that: @@ -475,13 +469,12 @@ zone: "{{ zone_one }}" record: localhost.{{ zone_one }} type: A - register: ttl30 + - name: Check if record was deleted ansible.builtin.assert: that: - ttl30 is not changed - # Tests on zone two (private zone) - name: Create A record using zone fqdn amazon.aws.route53: state: present @@ -490,7 +483,7 @@ type: A value: 192.0.2.1 private_zone: true - register: qdn + - ansible.builtin.assert: that: - qdn is not failed @@ -503,7 +496,7 @@ record: qdn_test.{{ zone_two }} type: A private_zone: true - register: get_result + - ansible.builtin.assert: that: - get_result.nameservers|length > 0 @@ -518,7 +511,7 @@ record: notfound.{{ zone_two }} type: A private_zone: true - register: get_result + - ansible.builtin.assert: that: - get_result.nameservers|length > 0 @@ -533,7 +526,7 @@ type: A value: 192.0.2.1 private_zone: true - register: non_qdn + - ansible.builtin.assert: that: - non_qdn is not failed @@ -547,7 +540,7 @@ type: A value: 192.0.2.2 private_zone: true - register: zid + - ansible.builtin.assert: that: - zid is not failed @@ -562,7 +555,7 @@ value: 192.0.2.3 private_zone: true vpc_id: "{{ vpc.vpc.id }}" - register: qdn + - ansible.builtin.assert: that: - qdn is not failed @@ -577,7 +570,7 @@ value: 192.0.2.4 private_zone: true vpc_id: "{{ vpc.vpc.id }}" - register: zid + - ansible.builtin.assert: that: - zid is not failed @@ -593,7 +586,7 @@ alias_hosted_zone_id: "{{ z1.zone_id }}" value: zid_test.{{ zone_one }} overwrite: true - register: alias_record + - name: This should be changed ansible.builtin.assert: that: @@ -610,7 +603,7 @@ alias_hosted_zone_id: "{{ z1.zone_id }}" value: zid_test.{{ zone_one }} overwrite: true - register: alias_record + - name: This should not be changed ansible.builtin.assert: that: @@ -628,7 +621,7 @@ identifier: host1@www weight: 100 region: "{{ omit }}" - register: weighted_record + - name: This should be changed ansible.builtin.assert: that: @@ -646,7 +639,7 @@ identifier: host1@www weight: 100 region: "{{ omit }}" - register: weighted_record + - name: This should not be changed ansible.builtin.assert: that: @@ -664,7 +657,7 @@ identifier: host1@www weight: 0 region: "{{ omit }}" - register: weighted_record + - name: This should be changed ansible.builtin.assert: that: @@ -682,14 +675,13 @@ identifier: host1@www weight: 0 region: "{{ omit }}" - register: weighted_record + - name: This should not be changed ansible.builtin.assert: that: - weighted_record is not failed - weighted_record is not changed - #Test Geo Location - Continent Code - name: Create a record with geo_location - continent_code (check_mode) amazon.aws.route53: state: present @@ -702,7 +694,7 @@ geo_location: continent_code: NA check_mode: true - register: create_geo_continent_check_mode + - ansible.builtin.assert: that: - create_geo_continent_check_mode is changed @@ -723,7 +715,7 @@ geo_location: continent_code: NA register: create_geo_continent - # Get resulting A record and geo_location parameters are applied + - name: Get Route53 A record information amazon.aws.route53_info: type: A @@ -751,7 +743,7 @@ ttl: 30 geo_location: continent_code: NA - register: create_geo_continent_idem + - ansible.builtin.assert: that: - create_geo_continent_idem is not changed @@ -778,7 +770,6 @@ - create_geo_continent_idem_check is not failed - '"route53:ChangeResourceRecordSets" not in create_geo_continent_idem_check.resource_actions' - #Test Geo Location - Country Code - name: Create a record with geo_location - country_code (check_mode) amazon.aws.route53: state: present @@ -791,7 +782,7 @@ geo_location: country_code: US check_mode: true - register: create_geo_country_check_mode + - ansible.builtin.assert: that: - create_geo_country_check_mode is changed @@ -810,7 +801,7 @@ geo_location: country_code: US register: create_geo_country - # Get resulting A record and geo_location parameters are applied + - name: Get Route53 A record information amazon.aws.route53_info: type: A @@ -818,7 +809,7 @@ hosted_zone_id: "{{ z1.zone_id }}" start_record_name: geo-test-2.{{ zone_one }} max_items: 1 - register: result + - ansible.builtin.assert: that: - create_geo_country is changed @@ -837,7 +828,7 @@ ttl: 30 geo_location: country_code: US - register: create_geo_country_idem + - ansible.builtin.assert: that: - create_geo_country_idem is not changed @@ -864,7 +855,6 @@ - create_geo_country_idem_check is not failed - '"route53:ChangeResourceRecordSets" not in create_geo_country_idem_check.resource_actions' - #Test Geo Location - Subdivision Code - name: Create a record with geo_location - subdivision_code (check_mode) amazon.aws.route53: state: present @@ -878,7 +868,7 @@ country_code: US subdivision_code: TX check_mode: true - register: create_geo_subdivision_check_mode + - ansible.builtin.assert: that: - create_geo_subdivision_check_mode is changed @@ -898,7 +888,7 @@ country_code: US subdivision_code: TX register: create_geo_subdivision - # Get resulting A record and geo_location parameters are applied + - name: Get Route53 A record information amazon.aws.route53_info: type: A @@ -906,7 +896,7 @@ hosted_zone_id: "{{ z1.zone_id }}" start_record_name: geo-test-3.{{ zone_one }} max_items: 1 - register: result + - ansible.builtin.assert: that: - create_geo_subdivision is changed @@ -927,7 +917,7 @@ geo_location: country_code: US subdivision_code: TX - register: create_geo_subdivision_idem + - ansible.builtin.assert: that: - create_geo_subdivision_idem is not changed @@ -955,9 +945,8 @@ - create_geo_subdivision_idem_check is not failed - '"route53:ChangeResourceRecordSets" not in create_geo_subdivision_idem_check.resource_actions' - #Cleanup------------------------------------------------------ + #Cleanup------------------------------------------------------ - always: - name: Delete a record with geo_location - continent_code amazon.aws.route53: state: absent @@ -1011,9 +1000,8 @@ zone: "{{ zone_one }}" record: "{{ item.Name }}" type: "{{ item.Type }}" - value: "{{ item.AliasTarget.DNSName }}" + value: '{{ z1_records.ResourceRecordSets | selectattr("Type", "in", ["A", "AAAA", "CNAME", "CAA"]) | list }}' ignore_errors: true - loop: '{{ z1_records.ResourceRecordSets | selectattr("Type", "in", ["A", "AAAA", "CNAME", "CAA"]) | list }}' when: - '"AliasTarget" in item' @@ -1023,12 +1011,11 @@ zone: "{{ zone_one }}" record: "{{ item.Name }}" type: "{{ item.Type }}" - value: '{{ item.ResourceRecords | map(attribute="Value") | join(",") }}' + value: '{{ z1_records.ResourceRecordSets | selectattr("Type", "in", ["A", "AAAA", "CNAME", "CAA"]) | list }}' weight: "{{ item.Weight | default(omit) }}" identifier: "{{ item.SetIdentifier }}" region: "{{ omit }}" ignore_errors: true - loop: '{{ z1_records.ResourceRecordSets | selectattr("Type", "in", ["A", "AAAA", "CNAME", "CAA"]) | list }}' when: - '"ResourceRecords" in item' - '"SetIdentifier" in item' @@ -1039,9 +1026,8 @@ zone: "{{ zone_one }}" record: "{{ item.Name }}" type: "{{ item.Type }}" - value: '{{ item.ResourceRecords | map(attribute="Value") | join(",") }}' + value: '{{ z1_records.ResourceRecordSets | selectattr("Type", "in", ["A", "AAAA", "CNAME", "CAA"]) | list }}' ignore_errors: true - loop: '{{ z1_records.ResourceRecordSets | selectattr("Type", "in", ["A", "AAAA", "CNAME", "CAA"]) | list }}' when: - '"ResourceRecords" in item' @@ -1058,10 +1044,9 @@ zone: "{{ zone_two }}" record: "{{ item.Name }}" type: "{{ item.Type }}" - value: "{{ item.AliasTarget.DNSName }}" + value: '{{ z2_records.ResourceRecordSets | selectattr("Type", "in", ["A", "AAAA", "CNAME", "CAA"]) | list }}' private_zone: true ignore_errors: true - loop: '{{ z2_records.ResourceRecordSets | selectattr("Type", "in", ["A", "AAAA", "CNAME", "CAA"]) | list }}' when: - '"AliasTarget" in item' @@ -1071,12 +1056,11 @@ zone: "{{ zone_two }}" record: "{{ item.Name }}" type: "{{ item.Type }}" - value: '{{ item.ResourceRecords | map(attribute="Value") | join(",") }}' + value: '{{ z2_records.ResourceRecordSets | selectattr("Type", "in", ["A", "AAAA", "CNAME", "CAA"]) | list }}' identifier: "{{ item.SetIdentifier }}" region: "{{ omit }}" private_zone: true ignore_errors: true - loop: '{{ z2_records.ResourceRecordSets | selectattr("Type", "in", ["A", "AAAA", "CNAME", "CAA"]) | list }}' when: - '"ResourceRecords" in item' - '"SetIdentifier" in item' @@ -1087,10 +1071,9 @@ zone: "{{ zone_two }}" record: "{{ item.Name }}" type: "{{ item.Type }}" - value: '{{ item.ResourceRecords | map(attribute="Value") | join(",") }}' + value: '{{ z2_records.ResourceRecordSets | selectattr("Type", "in", ["A", "AAAA", "CNAME", "CAA"]) | list }}' private_zone: true ignore_errors: true - loop: '{{ z2_records.ResourceRecordSets | selectattr("Type", "in", ["A", "AAAA", "CNAME", "CAA"]) | list }}' when: - '"ResourceRecords" in item' diff --git a/tests/integration/targets/route53_zone/tasks/main.yml b/tests/integration/targets/route53_zone/tasks/main.yml index 262a96ca8b7..6f515fae698 100644 --- a/tests/integration/targets/route53_zone/tasks/main.yml +++ b/tests/integration/targets/route53_zone/tasks/main.yml @@ -10,7 +10,6 @@ region: "{{ aws_region }}" block: # ============================================================ - - name: Create VPC for use in testing amazon.aws.ec2_vpc_net: name: "{{ resource_prefix }}-vpc" @@ -20,7 +19,6 @@ tenancy: default register: testing_vpc - # ============================================================ - name: Create a public zone amazon.aws.route53_zone: zone: "{{ resource_prefix }}.public" @@ -40,7 +38,6 @@ - output.tags.another_tag == resource_prefix +' again' - not output.private_zone - # ============================================================ - name: Create a public zone (CHECK MODE) amazon.aws.route53_zone: zone: "{{ resource_prefix }}.check.public" @@ -61,7 +58,6 @@ - output.tags.another_tag == resource_prefix +' again' - not output.private_zone - # ============================================================ - name: Do an idemptotent update of a public zone amazon.aws.route53_zone: zone: "{{ resource_prefix }}.public" @@ -101,7 +97,6 @@ - output.tags.another_tag == resource_prefix +' again' - not output.private_zone - # ============================================================ - name: Modify tags on a public zone amazon.aws.route53_zone: zone: "{{ resource_prefix }}.public" @@ -118,7 +113,6 @@ - "'TestTag' not in output.tags" - output.tags.AnotherTag == resource_prefix +'.anothertag' - # ============================================================ - name: Update comment and remove tags of a public zone amazon.aws.route53_zone: zone: "{{ resource_prefix }}.public" @@ -150,7 +144,6 @@ - output.result.comment == "updated comment for check" - not output.tags - # ============================================================ - name: Delete public zone (CHECK MODE) amazon.aws.route53_zone: zone: "{{ resource_prefix }}.public" @@ -580,8 +573,8 @@ - output.changed - "'Successfully deleted' in output.result" - # ============================================================ - always: + # ============================================================ + - name: Ensure public zone is deleted amazon.aws.route53_zone: zone: "{{ item }}" diff --git a/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/acl.yml b/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/acl.yml index fdcddc9ed2d..4e3588874d2 100644 --- a/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/acl.yml +++ b/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/acl.yml @@ -59,8 +59,8 @@ that: - public_read_acl.changed - # ============================================================ - always: + # ============================================================ + - name: Ensure all buckets are deleted amazon.aws.s3_bucket: name: "{{ local_bucket_name }}" diff --git a/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/complex.yml b/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/complex.yml index 1b422e6ec88..ac6b153d6ba 100644 --- a/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/complex.yml +++ b/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/complex.yml @@ -1,7 +1,7 @@ --- - block: - ansible.builtin.set_fact: - local_bucket_name: "{{ bucket_name | hash('md5') }}complex" + - name: Create more complex s3_bucket amazon.aws.s3_bucket: name: "{{ local_bucket_name }}" @@ -65,7 +65,6 @@ - output.policy.Statement[0].Resource == 'arn:aws:s3:::'+local_bucket_name+'/*' - output.policy.Statement[0].Sid == 'AddPerm' - # ============================================================ - name: Update bucket policy on complex bucket amazon.aws.s3_bucket: name: "{{ local_bucket_name }}" @@ -141,8 +140,8 @@ that: - output is not changed - # ============================================================ - always: + # ============================================================ + - name: Ensure all buckets are deleted amazon.aws.s3_bucket: name: "{{ local_bucket_name }}" diff --git a/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/dotted.yml b/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/dotted.yml index 1e73743ff48..69ccdb8c3da 100644 --- a/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/dotted.yml +++ b/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/dotted.yml @@ -5,7 +5,7 @@ local_bucket_name: "{{ bucket_name | hash('md5') }}.dotted" # ============================================================ - # + - name: Create bucket with dot in name amazon.aws.s3_bucket: name: "{{ local_bucket_name }}" @@ -44,8 +44,8 @@ that: - output is not changed - # ============================================================ - always: + # ============================================================ + - name: Ensure all buckets are deleted amazon.aws.s3_bucket: name: "{{ local_bucket_name }}" diff --git a/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/encryption_bucket_key.yml b/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/encryption_bucket_key.yml index 44d7200b8e3..aad02a123cb 100644 --- a/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/encryption_bucket_key.yml +++ b/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/encryption_bucket_key.yml @@ -94,8 +94,8 @@ that: - output.changed - # ============================================================ - always: + # ============================================================ + - name: Ensure all buckets are deleted amazon.aws.s3_bucket: name: "{{ local_bucket_name }}" diff --git a/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/encryption_kms.yml b/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/encryption_kms.yml index 6696925b573..d6bf289cbb3 100644 --- a/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/encryption_kms.yml +++ b/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/encryption_kms.yml @@ -83,8 +83,8 @@ that: - output.changed - # ============================================================ - always: + # ============================================================ + - name: Ensure all buckets are deleted amazon.aws.s3_bucket: name: "{{ local_bucket_name }}" diff --git a/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/encryption_sse.yml b/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/encryption_sse.yml index 179ca6e939a..236dca99d41 100644 --- a/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/encryption_sse.yml +++ b/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/encryption_sse.yml @@ -84,8 +84,8 @@ that: - output.changed - # ============================================================ - always: + # ============================================================ + - name: Ensure all buckets are deleted amazon.aws.s3_bucket: name: "{{ local_bucket_name }}" diff --git a/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/main.yml b/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/main.yml index 5b7706ed9b4..706e85671e8 100644 --- a/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/main.yml +++ b/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/main.yml @@ -14,7 +14,7 @@ region: "{{ aws_region }}" block: - ansible.builtin.debug: - msg: "{{ inventory_hostname }} start: {{ lookup('pipe', 'date') }}" - - ansible.builtin.include_tasks: "{{ inventory_hostname }}.yml" + + - ansible.builtin.debug: msg: "{{ inventory_hostname }} finish: {{ lookup('pipe', 'date') }}" diff --git a/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/missing.yml b/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/missing.yml index 882d10e0bee..ebf1c49f099 100644 --- a/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/missing.yml +++ b/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/missing.yml @@ -7,7 +7,7 @@ # # While in theory the 'simple' test case covers this there are # ways in which eventual-consistency could catch us out. - # + - name: Delete non-existstent s3_bucket (never created) amazon.aws.s3_bucket: name: "{{ local_bucket_name }}" @@ -19,8 +19,8 @@ - output is success - output is not changed - # ============================================================ - always: + # ============================================================ + - name: Ensure all buckets are deleted amazon.aws.s3_bucket: name: "{{ local_bucket_name }}" diff --git a/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/object_lock.yml b/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/object_lock.yml index d3ff016c017..816d07ddc4b 100644 --- a/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/object_lock.yml +++ b/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/object_lock.yml @@ -116,8 +116,8 @@ that: - output.changed - # ============================================================ - always: + # ============================================================ + - name: Ensure all buckets are deleted amazon.aws.s3_bucket: name: "{{ local_bucket_name }}" diff --git a/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/ownership_controls.yml b/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/ownership_controls.yml index d7a305c7cce..579401ad7b0 100644 --- a/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/ownership_controls.yml +++ b/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/ownership_controls.yml @@ -127,8 +127,8 @@ - not idempotency.changed - not idempotency.object_ownership|bool - # ============================================================ - always: + # ============================================================ + - name: Delete s3 bucket ownership controls amazon.aws.s3_bucket: name: "{{ local_bucket_name }}" diff --git a/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/public_access.yml b/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/public_access.yml index b53a6b15329..cabe5aeda52 100644 --- a/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/public_access.yml +++ b/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/public_access.yml @@ -106,8 +106,8 @@ that: - output.changed - # ============================================================ - always: + # ============================================================ + - name: Ensure all buckets are deleted amazon.aws.s3_bucket: name: "{{ local_bucket_name }}" diff --git a/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/simple.yml b/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/simple.yml index 02888cf6084..eb28f9b9cc5 100644 --- a/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/simple.yml +++ b/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/simple.yml @@ -5,7 +5,6 @@ local_bucket_name: "{{ bucket_name | hash('md5') }}-simple" # Note: s3_bucket doesn't support check_mode - # ============================================================ - name: Create a simple s3_bucket amazon.aws.s3_bucket: name: "{{ local_bucket_name }}" @@ -20,7 +19,6 @@ - not output.requester_pays - output.public_access is undefined - # ============================================================ - name: Try to update the simple bucket with the same values amazon.aws.s3_bucket: name: "{{ local_bucket_name }}" @@ -34,7 +32,6 @@ - output.name == local_bucket_name - not output.requester_pays - # ============================================================ - name: Delete the simple s3_bucket amazon.aws.s3_bucket: name: "{{ local_bucket_name }}" @@ -46,7 +43,6 @@ - output is success - output is changed - # ============================================================ - name: Re-delete the simple s3_bucket (idempotency) amazon.aws.s3_bucket: name: "{{ local_bucket_name }}" @@ -58,8 +54,8 @@ - output is success - output is not changed - # ============================================================ - always: + # ============================================================ + - name: Ensure all buckets are deleted amazon.aws.s3_bucket: name: "{{ local_bucket_name }}" diff --git a/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/tags.yml b/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/tags.yml index 42e0c7e0e04..c10dfa9bacf 100644 --- a/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/tags.yml +++ b/tests/integration/targets/s3_bucket/roles/s3_bucket/tasks/tags.yml @@ -3,7 +3,7 @@ block: - ansible.builtin.set_fact: local_bucket_name: "{{ bucket_name | hash('md5') }}-tags" - # ============================================================ + - name: Create simple s3_bucket for testing tagging amazon.aws.s3_bucket: name: "{{ local_bucket_name }}" @@ -248,8 +248,8 @@ that: - output.changed - # ============================================================ - always: + # ============================================================ + - name: Ensure all buckets are deleted amazon.aws.s3_bucket: name: "{{ local_bucket_name }}" diff --git a/tests/integration/targets/setup_ec2_facts/tasks/main.yml b/tests/integration/targets/setup_ec2_facts/tasks/main.yml index ad282d9f339..921d4ef3d39 100644 --- a/tests/integration/targets/setup_ec2_facts/tasks/main.yml +++ b/tests/integration/targets/setup_ec2_facts/tasks/main.yml @@ -18,7 +18,6 @@ run_once: true block: # ============================================================ - - name: Get available AZs amazon.aws.aws_az_info: filters: diff --git a/tests/integration/targets/setup_ec2_instance_env/tasks/cleanup.yml b/tests/integration/targets/setup_ec2_instance_env/tasks/cleanup.yml index 7d731015695..8992867c0ee 100644 --- a/tests/integration/targets/setup_ec2_instance_env/tasks/cleanup.yml +++ b/tests/integration/targets/setup_ec2_instance_env/tasks/cleanup.yml @@ -24,21 +24,16 @@ - name: (Cleanup) Remove Instances (start) amazon.aws.ec2_instance: state: absent - instance_ids: "{{ item.instance_id }}" + instance_ids: "{{ instances.instances }}" wait: false ignore_errors: true - loop: "{{ instances.instances }}" - name: (Cleanup) Remove Instances (wait for completion) amazon.aws.ec2_instance: state: absent - instance_ids: "{{ item.instance_id }}" + instance_ids: "{{ instances.instances }}" filters: - instance-state-name: [pending, running, shutting-down, stopping, stopped] - vpc-id: "{{ testing_vpc.vpc.id }}" - wait: true - ignore_errors: true - loop: "{{ instances.instances }}" + instance-state-name: - name: (Cleanup) Find all remaining ENIs amazon.aws.ec2_eni_info: @@ -68,9 +63,8 @@ name: "{{ item.group_name }}" description: "{{ item.description }}" vpc_id: "{{ testing_vpc.vpc.id }}" - rules: [] - egress_rules: [] - loop: "{{ security_groups.security_groups }}" + rules: "{{ security_groups.security_groups }}" + egress_rules: "{{ security_groups.security_groups }}" register: sg_removed until: sg_removed is not failed ignore_errors: true diff --git a/tests/integration/targets/setup_ec2_vpc/tasks/cleanup.yml b/tests/integration/targets/setup_ec2_vpc/tasks/cleanup.yml index 75065333d04..9d4473c4493 100644 --- a/tests/integration/targets/setup_ec2_vpc/tasks/cleanup.yml +++ b/tests/integration/targets/setup_ec2_vpc/tasks/cleanup.yml @@ -10,7 +10,6 @@ block: # ============================================================ # Describe state of remaining resources - - name: (VPC Cleanup) Find all remaining ENIs amazon.aws.ec2_eni_info: filters: @@ -57,15 +56,14 @@ # Delete all remaining SGs # Cross-dependencies between rules in the SGs can cause us problems if we don't clear the rules - # first + - name: (VPC Cleanup) Delete rules from remaining SGs amazon.aws.ec2_security_group: name: "{{ item.group_name }}" group_id: "{{ item.group_id }}" description: "{{ item.description }}" - rules: [] - rules_egress: [] - loop: "{{ remaining_groups.security_groups }}" + rules: "{{ remaining_groups.security_groups }}" + rules_egress: "{{ remaining_groups.security_groups }}" ignore_errors: true - name: (VPC Cleanup) Delete remaining SGs diff --git a/tests/integration/targets/setup_remote_tmp_dir/handlers/main.yml b/tests/integration/targets/setup_remote_tmp_dir/handlers/main.yml index 124e62f1d7c..833df798afb 100644 --- a/tests/integration/targets/setup_remote_tmp_dir/handlers/main.yml +++ b/tests/integration/targets/setup_remote_tmp_dir/handlers/main.yml @@ -1,5 +1,5 @@ --- - name: Delete temporary directory - ansible.builtin.include_tasks: default-cleanup.yml + - name: Delete temporary directory (windows) ansible.builtin.include_tasks: windows-cleanup.yml diff --git a/tests/integration/targets/setup_remote_tmp_dir/tasks/windows.yml b/tests/integration/targets/setup_remote_tmp_dir/tasks/windows.yml index 872351e00c6..7f7530adf08 100644 --- a/tests/integration/targets/setup_remote_tmp_dir/tasks/windows.yml +++ b/tests/integration/targets/setup_remote_tmp_dir/tasks/windows.yml @@ -5,7 +5,7 @@ - delete temporary directory (windows) ansible.windows.win_tempfile: state: directory - suffix: .test + - name: Record temporary directory ansible.builtin.set_fact: remote_tmp_dir: "{{ remote_tmp_dir.path }}" diff --git a/tests/integration/targets/setup_sshkey/tasks/main.yml b/tests/integration/targets/setup_sshkey/tasks/main.yml index 37fcf40a861..50f9bee20f5 100644 --- a/tests/integration/targets/setup_sshkey/tasks/main.yml +++ b/tests/integration/targets/setup_sshkey/tasks/main.yml @@ -15,7 +15,6 @@ # # You should have received a copy of the GNU General Public License # along with Ansible. If not, see . - - name: Create a temp dir ansible.builtin.tempfile: state: directory