forked from ansible-collections/community.aws
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Bugfix/ec2 instance mod sgs (ansible-collections#22)
Fixes #54174 * Added SG handling for existing instances + some cleanup * tests(ec2_instance): Tests for SG modifications to existing instances * tests(ec2_instance): Test simultaneous state and SG changes * refactor(ec2_instance): Move security out of for loop * style(ec2_instance): Update fail message to reflect security groups * Add changelog Co-authored-by: Andrea Tartaglia <[email protected]> Co-authored-by: Mark Chappell <[email protected]>
- Loading branch information
Showing
5 changed files
with
152 additions
and
11 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
81 changes: 81 additions & 0 deletions
81
tests/integration/targets/ec2_instance/roles/ec2_instance/tasks/security_group.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,81 @@ | ||
- block: | ||
- name: "New instance with 2 security groups" | ||
ec2_instance: | ||
name: "{{ resource_prefix }}-test-security-groups" | ||
image_id: "{{ ec2_ami_image }}" | ||
vpc_subnet_id: "{{ testing_subnet_a.subnet.id }}" | ||
tags: | ||
TestId: "{{ resource_prefix }}" | ||
instance_type: t2.micro | ||
wait: false | ||
security_groups: | ||
- "{{ sg.group_id }}" | ||
- "{{ sg2.group_id }}" | ||
register: security_groups_test | ||
|
||
- name: "Recreate same instance with 2 security groups ( Idempotency )" | ||
ec2_instance: | ||
name: "{{ resource_prefix }}-test-security-groups" | ||
image_id: "{{ ec2_ami_image }}" | ||
vpc_subnet_id: "{{ testing_subnet_a.subnet.id }}" | ||
tags: | ||
TestId: "{{ resource_prefix }}" | ||
instance_type: t2.micro | ||
wait: false | ||
security_groups: | ||
- "{{ sg.group_id }}" | ||
- "{{ sg2.group_id }}" | ||
register: security_groups_test_idempotency | ||
|
||
- name: "Gather ec2 facts to check SGs have been added" | ||
ec2_instance_info: | ||
filters: | ||
"tag:Name": "{{ resource_prefix }}-test-security-groups" | ||
"instance-state-name": "running" | ||
register: dual_sg_instance_facts | ||
until: dual_sg_instance_facts.instances | length > 0 | ||
retries: 10 | ||
|
||
- name: "Remove secondary security group from instance" | ||
ec2_instance: | ||
name: "{{ resource_prefix }}-test-security-groups" | ||
image_id: "{{ ec2_ami_image }}" | ||
vpc_subnet_id: "{{ testing_subnet_a.subnet.id }}" | ||
tags: | ||
TestId: "{{ resource_prefix }}" | ||
instance_type: t2.micro | ||
security_groups: | ||
- "{{ sg.group_id }}" | ||
register: remove_secondary_security_group | ||
|
||
- name: "Gather ec2 facts to check seconday SG has been removed" | ||
ec2_instance_info: | ||
filters: | ||
"tag:Name": "{{ resource_prefix }}-test-security-groups" | ||
"instance-state-name": "running" | ||
register: single_sg_instance_facts | ||
until: single_sg_instance_facts.instances | length > 0 | ||
retries: 10 | ||
|
||
- name: "Add secondary security group to instance" | ||
ec2_instance: | ||
name: "{{ resource_prefix }}-test-security-groups" | ||
image_id: "{{ ec2_ami_image }}" | ||
vpc_subnet_id: "{{ testing_subnet_a.subnet.id }}" | ||
tags: | ||
TestId: "{{ resource_prefix }}" | ||
instance_type: t2.micro | ||
security_groups: | ||
- "{{ sg.group_id }}" | ||
- "{{ sg2.group_id }}" | ||
register: add_secondary_security_group | ||
|
||
- assert: | ||
that: | ||
- security_groups_test is not failed | ||
- security_groups_test is changed | ||
- security_groups_test_idempotency is not changed | ||
- remove_secondary_security_group is changed | ||
- single_sg_instance_facts.instances.0.security_groups | length == 1 | ||
- dual_sg_instance_facts.instances.0.security_groups | length == 2 | ||
- add_secondary_security_group is changed |