Skip to content

Commit

Permalink
Prepare module ec2_launch_template for promotion (ansible-collections…
Browse files Browse the repository at this point in the history 
…#2164)

SUMMARY

Depends-On: ansible-collections#2319

Add some type hint for the module
Use shared code from amazon.aws.plugins.module_utils.ec2
Add the possibility to delete specific version of a launch template
Add support for tagging for launch template resource (Closes ansible-collections#176)
Add the possibility to tag specific resources, not always instance and volume (Closes [ansible-collections#48](ansible-collections#48, Closes ansible-collections#2083)
Support EBS Throughput (Closes ansible-collections#1944)
Fix issue occurring when launch template contains more than 200 versions (Closes ansible-collections#2131)

ISSUE TYPE

Feature Pull Request

COMPONENT NAME

ec2_launch_template

Reviewed-by: Alina Buzachis
Reviewed-by: Bikouo Aubin
Reviewed-by: GomathiselviS <[email protected]>

This commit was initially merged in https://github.com/ansible-collections/community.aws
See: ansible-collections/community.aws@40d61f0
  • Loading branch information
@abikouo
abikouo committed Oct 18, 2024
1 parent 640999e commit 5902a20
Show file tree
Hide file tree
Showing 8 changed files with 2,388 additions and 409 deletions.
1,404 changes: 1,093 additions & 311 deletions plugins/modules/ec2_launch_template.py
View file

Large diffs are not rendered by default.

2 changes: 2 additions & 0 deletions tests/integration/targets/ec2_launch_template/aliases
View file
Original file line number Diff line number Diff line change
@@ -1 +1,3 @@
cloud/aws
time=3m
ec2_launch_template_info
404 changes: 404 additions & 0 deletions tests/integration/targets/ec2_launch_template/tasks/deletion.yml
View file

Large diffs are not rendered by default.

141 changes: 105 additions & 36 deletions tests/integration/targets/ec2_launch_template/tasks/iam_instance_role.yml
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,9 @@
- block:
- name: Test using IAM instance profile
vars:
test_launch_template_name: "{{ resource_prefix }}-test-instance-role"
block:
- name: Create IAM role for test
iam_role:
amazon.aws.iam_role:
name: "{{ test_role_name }}-1"
assume_role_policy_document: "{{ lookup('file','assume-role-policy.json') }}"
state: present
Expand All @@ -10,7 +13,7 @@
register: iam_role

- name: Create second IAM role for test
iam_role:
amazon.aws.iam_role:
name: "{{ test_role_name }}-2"
assume_role_policy_document: "{{ lookup('file','assume-role-policy.json') }}"
state: present
Expand All @@ -20,115 +23,181 @@
register: iam_role_2

- name: Make instance with an instance_role
ec2_launch_template:
name: "{{ resource_prefix }}-test-instance-role"
community.aws.ec2_launch_template:
name: "{{ test_launch_template_name }}"
image_id: "{{ ec2_ami_id }}"
instance_type: t2.micro
iam_instance_profile: "{{ test_role_name }}-1"
register: template_with_role

- assert:
- name: Get launch template details
amazon.aws.ec2_launch_template_info:
filters:
launch-template-name: "{{ test_launch_template_name }}"
register: _template_info

- name: Ensure the launch template was created with IAM instance profile
ansible.builtin.assert:
that:
- 'template_with_role.default_template.launch_template_data.iam_instance_profile.arn == iam_role.iam_role.arn.replace(":role/", ":instance-profile/")'
- _template_info.launch_templates | length == 1
- _template_info.launch_templates[0].versions | length == 1
- _template_info.launch_templates[0].versions[0].launch_template_data.iam_instance_profile.arn == iam_role.iam_role.arn.replace(":role/", ":instance-profile/")
- _template_info.launch_templates[0].versions[0].launch_template_data.instance_type == "t2.micro"
- _template_info.launch_templates[0].versions[0].launch_template_data.image_id == ec2_ami_id

- name: Create template again, with no change to instance_role
ec2_launch_template:
name: "{{ resource_prefix }}-test-instance-role"
community.aws.ec2_launch_template:
name: "{{ test_launch_template_name }}"
image_id: "{{ ec2_ami_id }}"
instance_type: t2.micro
iam_instance_profile: "{{ test_role_name }}-1"
register: template_with_role

- assert:
- name: Get launch template details
amazon.aws.ec2_launch_template_info:
filters:
launch-template-name: "{{ test_launch_template_name }}"
register: _template_info

- name: Validate idempotency
ansible.builtin.assert:
that:
- 'template_with_role.default_template.launch_template_data.iam_instance_profile.arn == iam_role.iam_role.arn.replace(":role/", ":instance-profile/")'
- 'template_with_role is not changed'
- _template_info.launch_templates | length == 1
- _template_info.launch_templates[0].versions | length == 1
- _template_info.launch_templates[0].versions[0].launch_template_data.iam_instance_profile.arn == iam_role.iam_role.arn.replace(":role/", ":instance-profile/")
- _template_info.launch_templates[0].versions[0].launch_template_data.instance_type == "t2.micro"
- _template_info.launch_templates[0].versions[0].launch_template_data.image_id == ec2_ami_id

- name: Update instance with new instance_role
ec2_launch_template:
name: "{{ resource_prefix }}-test-instance-role"
community.aws.ec2_launch_template:
name: "{{ test_launch_template_name }}"
image_id: "{{ ec2_ami_id }}"
instance_type: t2.micro
iam_instance_profile: "{{ test_role_name }}-2"
register: template_with_updated_role

- assert:
- name: Get launch template details
amazon.aws.ec2_launch_template_info:
filters:
launch-template-name: "{{ test_launch_template_name }}"
register: _template_info

- name: Ensure that the launch template was updated with new IAM instance profile
ansible.builtin.assert:
that:
- 'template_with_updated_role.default_template.launch_template_data.iam_instance_profile.arn == iam_role_2.iam_role.arn.replace(":role/", ":instance-profile/")'
- 'template_with_updated_role.default_template.launch_template_data.iam_instance_profile.arn == iam_role_2.iam_role.arn.replace(":role/", ":instance-profile/")'
- 'template_with_role.default_template.version_number < template_with_updated_role.default_template.version_number'
- 'template_with_updated_role is changed'
- 'template_with_updated_role is not failed'
- _template_info.launch_templates | length == 1
- _template_info.launch_templates[0].versions | length == 2
- template_version.launch_template_data.iam_instance_profile.arn == iam_role_2.iam_role.arn.replace(":role/", ":instance-profile/")
- template_version.launch_template_data.instance_type == "t2.micro"
- template_version.launch_template_data.image_id == ec2_ami_id
vars:
template_version: "{{ _template_info.launch_templates[0].versions | selectattr('version_number', 'equalto', 2) | list | first }}"

- name: Re-set with same new instance_role
ec2_launch_template:
name: "{{ resource_prefix }}-test-instance-role"
community.aws.ec2_launch_template:
name: "{{ test_launch_template_name }}"
image_id: "{{ ec2_ami_id }}"
instance_type: t2.micro
iam_instance_profile: "{{ test_role_name }}-2"
register: template_with_updated_role

- assert:
- name: Get launch template details
amazon.aws.ec2_launch_template_info:
filters:
launch-template-name: "{{ test_launch_template_name }}"
register: _template_info

- name: Ensure that module did not reported change
ansible.builtin.assert:
that:
- 'template_with_updated_role is not changed'
- 'template_with_updated_role.default_template.launch_template_data.iam_instance_profile.arn == iam_role_2.iam_role.arn.replace(":role/", ":instance-profile/")'
- _template_info.launch_templates | length == 1
- _template_info.launch_templates[0].versions | length == 2

- name: Update instance with original instance_role (pass profile ARN)
ec2_launch_template:
name: "{{ resource_prefix }}-test-instance-role"
community.aws.ec2_launch_template:
name: "{{ test_launch_template_name }}"
image_id: "{{ ec2_ami_id }}"
instance_type: t2.micro
# By default an instance profile will be created with the same name as the role
iam_instance_profile: '{{ iam_role.iam_role.arn.replace(":role/", ":instance-profile/") }}'
register: template_with_updated_role

- assert:
- name: Get launch template details
amazon.aws.ec2_launch_template_info:
filters:
launch-template-name: "{{ test_launch_template_name }}"
register: _template_info

- name: Validate that the launch template was updated
ansible.builtin.assert:
that:
- 'template_with_updated_role.default_template.launch_template_data.iam_instance_profile.arn == iam_role.iam_role.arn.replace(":role/", ":instance-profile/")'
- 'template_with_updated_role.default_template.launch_template_data.iam_instance_profile.arn == iam_role.iam_role.arn.replace(":role/", ":instance-profile/")'
- 'template_with_role.default_template.version_number < template_with_updated_role.default_template.version_number'
- 'template_with_updated_role is changed'
- 'template_with_updated_role is not failed'
- _template_info.launch_templates | length == 1
- _template_info.launch_templates[0].versions | length == 3
- template_version.launch_template_data.iam_instance_profile.arn == iam_role.iam_role.arn.replace(":role/", ":instance-profile/")
- template_version.launch_template_data.instance_type == "t2.micro"
- template_version.launch_template_data.image_id == ec2_ami_id
vars:
template_version: "{{ _template_info.launch_templates[0].versions | selectattr('version_number', 'equalto', 3) | list | first }}"

- name: Re-set with same new instance_role (pass profile ARN)
ec2_launch_template:
name: "{{ resource_prefix }}-test-instance-role"
community.aws.ec2_launch_template:
name: "{{ test_launch_template_name }}"
image_id: "{{ ec2_ami_id }}"
instance_type: t2.micro
iam_instance_profile: '{{ iam_role.iam_role.arn.replace(":role/", ":instance-profile/") }}'
register: template_with_updated_role

- assert:
- name: Get launch template details
amazon.aws.ec2_launch_template_info:
filters:
launch-template-name: "{{ test_launch_template_name }}"
register: _template_info

- name: Assert that the template was not updated
ansible.builtin.assert:
that:
- 'template_with_updated_role is not changed'
- 'template_with_updated_role.default_template.launch_template_data.iam_instance_profile.arn == iam_role.iam_role.arn.replace(":role/", ":instance-profile/")'
- _template_info.launch_templates | length == 1
- _template_info.launch_templates[0].versions | length == 3

always:
- name: delete launch template
ec2_launch_template:
name: "{{ resource_prefix }}-test-instance-role"
- name: Delete launch template
community.aws.ec2_launch_template:
name: "{{ test_launch_template_name }}"
state: absent
register: lt_removed
until: lt_removed is not failed
ignore_errors: yes
retries: 10
ignore_errors: true

- name: Delete IAM role for test
iam_role:
amazon.aws.iam_role:
name: "{{ test_role_name }}-1"
assume_role_policy_document: "{{ lookup('file','assume-role-policy.json') }}"
state: absent
delete_instance_profile: yes
delete_instance_profile: true
register: iam_removed
until: iam_removed is not failed
ignore_errors: yes
retries: 10
ignore_errors: true

- name: Delete IAM role for test
iam_role:
name: "{{ test_role_name }}-2"
assume_role_policy_document: "{{ lookup('file','assume-role-policy.json') }}"
state: absent
delete_instance_profile: yes
delete_instance_profile: true
register: iam_2_removed
until: iam_2_removed is not failed
ignore_errors: yes
retries: 10
ignore_errors: true
6 changes: 3 additions & 3 deletions tests/integration/targets/ec2_launch_template/tasks/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,8 @@
session_token: "{{ security_token | default(omit) }}"
region: "{{ aws_region }}"
block:
- include_tasks: cpu_options.yml
- include_tasks: template_data.yml
- include_tasks: tagging.yml
- include_tasks: iam_instance_role.yml
- include_tasks: versions.yml
- include_tasks: instance-metadata.yml
- include_tasks: network_interfaces.yml
- include_tasks: deletion.yml
Loading

0 comments on commit 5902a20

Please sign in to comment.