From bfddee5bc53d01c526b6eb87fe5e10a10b57f1c1 Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Tue, 21 Nov 2023 17:51:36 +0100 Subject: [PATCH] Work on ec2_instance integration test flakes (#1845) Work on ec2_instance integration test flakes SUMMARY As seen in #1828 the integration tests for ec2_instance are still a little flaky (ignoring Zuul also being flaky). This attempts to tweak two of the worst offenders to improve things ISSUE TYPE Bugfix Pull Request COMPONENT NAME ec2_instance ADDITIONAL INFORMATION Reviewed-by: Alina Buzachis (cherry picked from commit 02b151113cf46141a4708897336ec9df047be156) --- .../defaults/main.yml | 4 +- .../ec2_instance_block_devices/meta/main.yml | 9 +- .../ec2_instance_block_devices/tasks/main.yml | 201 ++++++++------- .../defaults/main.yml | 4 +- .../meta/main.yml | 9 +- .../tasks/main.yml | 239 +++++++++--------- .../setup_ec2_instance_env/tasks/main.yml | 149 +++++------ 7 files changed, 322 insertions(+), 293 deletions(-) diff --git a/tests/integration/targets/ec2_instance_block_devices/defaults/main.yml b/tests/integration/targets/ec2_instance_block_devices/defaults/main.yml index 364c37f8226..251a9bcb35b 100644 --- a/tests/integration/targets/ec2_instance_block_devices/defaults/main.yml +++ b/tests/integration/targets/ec2_instance_block_devices/defaults/main.yml @@ -1,4 +1,4 @@ --- # defaults file for ec2_instance_block_devices -ec2_instance_type: 't3.micro' -ec2_instance_tag_TestId: '{{ resource_prefix }}-block-devices' +ec2_instance_type: t3.micro +ec2_instance_tag_TestId: "{{ resource_prefix }}-block-devices" diff --git a/tests/integration/targets/ec2_instance_block_devices/meta/main.yml b/tests/integration/targets/ec2_instance_block_devices/meta/main.yml index 3207286058e..88e38b91b9c 100644 --- a/tests/integration/targets/ec2_instance_block_devices/meta/main.yml +++ b/tests/integration/targets/ec2_instance_block_devices/meta/main.yml @@ -1,6 +1,7 @@ +--- # this just makes sure they're in the right place dependencies: -- role: setup_ec2_facts -- role: setup_ec2_instance_env - vars: - ec2_instance_test_name: block_devices + - role: setup_ec2_facts + - role: setup_ec2_instance_env + vars: + ec2_instance_test_name: block_devices diff --git a/tests/integration/targets/ec2_instance_block_devices/tasks/main.yml b/tests/integration/targets/ec2_instance_block_devices/tasks/main.yml index 2a4f1cabac1..a12a893f664 100644 --- a/tests/integration/targets/ec2_instance_block_devices/tasks/main.yml +++ b/tests/integration/targets/ec2_instance_block_devices/tasks/main.yml @@ -1,110 +1,123 @@ -- module_defaults: +--- +- name: Wrap tests in block to set module defaults + module_defaults: group/aws: access_key: "{{ aws_access_key }}" secret_key: "{{ aws_secret_key }}" session_token: "{{ security_token | default(omit) }}" region: "{{ aws_region }}" block: - - name: "New instance with an extra block device" - ec2_instance: - state: running - name: "{{ resource_prefix }}-test-ebs-vols" - image_id: "{{ ec2_ami_id }}" - vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" - volumes: - - device_name: /dev/sdb - ebs: - volume_size: 20 - delete_on_termination: true - volume_type: standard - tags: - TestId: "{{ ec2_instance_tag_TestId }}" - instance_type: "{{ ec2_instance_type }}" - wait: true - register: block_device_instances + - name: New instance with an extra block device + amazon.aws.ec2_instance: + state: running + name: "{{ resource_prefix }}-test-ebs-vols" + image_id: "{{ ec2_ami_id }}" + vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" + volumes: + - device_name: /dev/sdb + ebs: + volume_size: 20 + delete_on_termination: true + volume_type: standard + tags: + TestId: "{{ ec2_instance_tag_TestId }}" + instance_type: "{{ ec2_instance_type }}" + wait: true + register: block_device_instances - - name: "Gather instance info" - ec2_instance_info: - filters: - "tag:Name": "{{ resource_prefix }}-test-ebs-vols" - register: block_device_instances_info + - name: Gather instance info + amazon.aws.ec2_instance_info: + filters: + tag:Name: "{{ resource_prefix }}-test-ebs-vols" + register: block_device_instances_info - - assert: - that: - - block_device_instances is not failed - - block_device_instances is changed - - block_device_instances_info.instances[0].block_device_mappings[0] - - block_device_instances_info.instances[0].block_device_mappings[1] - - block_device_instances_info.instances[0].block_device_mappings[1].device_name == '/dev/sdb' + - name: Check device name + ansible.builtin.assert: + that: + - block_device_instances is not failed + - block_device_instances is changed + - instance_info.block_device_mappings | length == 2 + - '"/dev/sdb" in instance_info.block_device_mappings | map(attribute="device_name")' + vars: + instance_info: "{{ block_device_instances_info.instances[0] }}" - - name: "New instance with an extra block device (check mode)" - ec2_instance: - state: present - name: "{{ resource_prefix }}-test-ebs-vols-checkmode" - image_id: "{{ ec2_ami_id }}" - vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" - volumes: - - device_name: /dev/sdb - ebs: - volume_size: 20 - delete_on_termination: true - volume_type: standard - tags: - TestId: "{{ ec2_instance_tag_TestId }}" - instance_type: "{{ ec2_instance_type }}" - check_mode: yes + - name: New instance with an extra block device (check mode) + amazon.aws.ec2_instance: + state: present + name: "{{ resource_prefix }}-test-ebs-vols-checkmode" + image_id: "{{ ec2_ami_id }}" + vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" + volumes: + - device_name: /dev/sdb + ebs: + volume_size: 20 + delete_on_termination: true + volume_type: standard + tags: + TestId: "{{ ec2_instance_tag_TestId }}" + instance_type: "{{ ec2_instance_type }}" + check_mode: true - - name: "fact presented ec2 instance" - ec2_instance_info: - filters: - "tag:Name": "{{ resource_prefix }}-test-ebs-vols" - register: presented_instance_fact + - name: Fact presented ec2 instance + amazon.aws.ec2_instance_info: + filters: + tag:Name: "{{ resource_prefix }}-test-ebs-vols" + register: presented_instance_fact - - name: "fact checkmode ec2 instance" - ec2_instance_info: - filters: - "tag:Name": "{{ resource_prefix }}-test-ebs-vols-checkmode" - register: checkmode_instance_fact + - name: Fact checkmode ec2 instance + amazon.aws.ec2_instance_info: + filters: + tag:Name: "{{ resource_prefix }}-test-ebs-vols-checkmode" + register: checkmode_instance_fact - - name: "Confirm instance was created without check mode" - assert: - that: - - "{{ presented_instance_fact.instances | length }} > 0" + - name: Confirm instance was created without check mode + ansible.builtin.assert: + that: + - "{{ presented_instance_fact.instances | length }} > 0" - - name: "Confirm instance was not created with check mode" - assert: - that: - - "{{ checkmode_instance_fact.instances | length }} == 0" + - name: Confirm instance was not created with check mode + ansible.builtin.assert: + that: + - "{{ checkmode_instance_fact.instances | length }} == 0" - - name: "Terminate instances" - ec2_instance: - state: absent - instance_ids: "{{ block_device_instances.instance_ids }}" + - name: Terminate instances + amazon.aws.ec2_instance: + state: absent + instance_ids: "{{ block_device_instances.instance_ids }}" - - name: "New instance with an extra block device - gp3 volume_type and throughput" - ec2_instance: - state: running - name: "{{ resource_prefix }}-test-ebs-vols-gp3" - image_id: "{{ ec2_ami_id }}" - vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" - volumes: - - device_name: /dev/sdb - ebs: - volume_size: 20 - delete_on_termination: true - volume_type: gp3 - throughput: 500 - tags: - TestId: "{{ ec2_instance_tag_TestId }}" - instance_type: "{{ ec2_instance_type }}" - wait: true - register: block_device_instances_gp3 + - name: New instance with an extra block device - gp3 volume_type and throughput + amazon.aws.ec2_instance: + state: running + name: "{{ resource_prefix }}-test-ebs-vols-gp3" + image_id: "{{ ec2_ami_id }}" + vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" + volumes: + - device_name: /dev/sdb + ebs: + volume_size: 20 + delete_on_termination: true + volume_type: gp3 + throughput: 500 + tags: + TestId: "{{ ec2_instance_tag_TestId }}" + instance_type: "{{ ec2_instance_type }}" + wait: true + register: block_device_instances_gp3 - - assert: - that: - - block_device_instances_gp3 is not failed - - block_device_instances_gp3 is changed - - block_device_instances_gp3.spec.BlockDeviceMappings[0].DeviceName == '/dev/sdb' - - block_device_instances_gp3.spec.BlockDeviceMappings[0].Ebs.VolumeType == 'gp3' - - block_device_instances_gp3.spec.BlockDeviceMappings[0].Ebs.VolumeSize == 20 - - block_device_instances_gp3.spec.BlockDeviceMappings[0].Ebs.Throughput == 500 + - name: Check updated device configuration + ansible.builtin.assert: + that: + - block_device_instances_gp3 is not failed + - block_device_instances_gp3 is changed + - instance_info.block_device_mappings | length == 2 + - '"/dev/sdb" in instance_info.block_device_mappings | map(attribute="device_name")' + - block_device_spec | length == 1 + - '"DeviceName" in block_device_spec[0]' + - '"Ebs" in block_device_spec[0]' + - block_device_spec[0].DeviceName == "/dev/sdb" + - block_device_spec[0].Ebs.VolumeType == "gp3" + - block_device_spec[0].Ebs.VolumeSize == 20 + - block_device_spec[0].Ebs.Throughput == 500 + vars: + instance_info: "{{ block_device_instances_gp3.instances[0] }}" + block_device_spec: "{{ block_device_instances_gp3.spec.BlockDeviceMappings }}" diff --git a/tests/integration/targets/ec2_instance_state_config_updates/defaults/main.yml b/tests/integration/targets/ec2_instance_state_config_updates/defaults/main.yml index 269677f928a..064491b40b2 100644 --- a/tests/integration/targets/ec2_instance_state_config_updates/defaults/main.yml +++ b/tests/integration/targets/ec2_instance_state_config_updates/defaults/main.yml @@ -1,4 +1,4 @@ --- # defaults file for ec2_instance_state_config_updates -ec2_instance_type: 't3.micro' -ec2_instance_tag_TestId: '{{ resource_prefix }}-state-config-updates' +ec2_instance_type: t3.micro +ec2_instance_tag_TestId: "{{ resource_prefix }}-state-config-updates" diff --git a/tests/integration/targets/ec2_instance_state_config_updates/meta/main.yml b/tests/integration/targets/ec2_instance_state_config_updates/meta/main.yml index c9fdd98d9df..d1e767e6857 100644 --- a/tests/integration/targets/ec2_instance_state_config_updates/meta/main.yml +++ b/tests/integration/targets/ec2_instance_state_config_updates/meta/main.yml @@ -1,6 +1,7 @@ +--- # this just makes sure they're in the right place dependencies: -- role: setup_ec2_facts -- role: setup_ec2_instance_env - vars: - ec2_instance_test_name: state_config_updates + - role: setup_ec2_facts + - role: setup_ec2_instance_env + vars: + ec2_instance_test_name: state_config_updates diff --git a/tests/integration/targets/ec2_instance_state_config_updates/tasks/main.yml b/tests/integration/targets/ec2_instance_state_config_updates/tasks/main.yml index c0c42904c1e..ae4cee18aa0 100644 --- a/tests/integration/targets/ec2_instance_state_config_updates/tasks/main.yml +++ b/tests/integration/targets/ec2_instance_state_config_updates/tasks/main.yml @@ -1,133 +1,146 @@ +--- # Test that configuration changes, like security groups and instance attributes, # are updated correctly when the instance has different states, and also when # changing the state of an instance. # https://github.com/ansible-collections/community.aws/issues/16 -- module_defaults: +- name: Wrap tests in block to set module defaults + module_defaults: group/aws: access_key: "{{ aws_access_key }}" secret_key: "{{ aws_secret_key }}" session_token: "{{ security_token | default(omit) }}" region: "{{ aws_region }}" block: - - name: "Make instance with sg and termination protection enabled" - ec2_instance: - state: running - name: "{{ resource_prefix }}-test-state-param-changes" - image_id: "{{ ec2_ami_id }}" - tags: - TestId: "{{ ec2_instance_tag_TestId }}" - security_groups: "{{ sg.group_id }}" - vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" - termination_protection: False - instance_type: "{{ ec2_instance_type }}" - wait: True - register: create_result + - name: Make instance with sg and termination protection enabled + amazon.aws.ec2_instance: + state: running + name: "{{ resource_prefix }}-test-state-param-changes" + image_id: "{{ ec2_ami_id }}" + tags: + TestId: "{{ ec2_instance_tag_TestId }}" + security_groups: "{{ sg.group_id }}" + vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" + termination_protection: false + instance_type: "{{ ec2_instance_type }}" + wait: true + register: create_result - - assert: - that: - - create_result is not failed - - create_result.changed - - '"instances" in create_result' - - '"instance_ids" in create_result' - - '"spec" in create_result' - - create_result.instances[0].security_groups[0].group_id == "{{ sg.group_id }}" - - create_result.spec.DisableApiTermination == False + - name: Verify creation + ansible.builtin.assert: + that: + - create_result is not failed + - create_result.changed + - '"instances" in create_result' + - '"instance_ids" in create_result' + - '"spec" in create_result' + - create_result.instances[0].security_groups[0].group_id == "{{ sg.group_id }}" + - create_result.spec.DisableApiTermination == False - - name: "Change sg and termination protection while instance is in state running" - ec2_instance: - state: running - name: "{{ resource_prefix }}-test-state-param-changes" - image_id: "{{ ec2_ami_id }}" - tags: - TestId: "{{ ec2_instance_tag_TestId }}" - security_groups: "{{ sg2.group_id }}" - vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" - termination_protection: True - instance_type: "{{ ec2_instance_type }}" - register: change_params_result + - name: Change sg and termination protection while instance is in state running + amazon.aws.ec2_instance: + state: running + name: "{{ resource_prefix }}-test-state-param-changes" + image_id: "{{ ec2_ami_id }}" + tags: + TestId: "{{ ec2_instance_tag_TestId }}" + security_groups: "{{ sg2.group_id }}" + vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" + termination_protection: true + instance_type: "{{ ec2_instance_type }}" + register: change_params_result - - assert: - that: - - change_params_result is not failed - - change_params_result.changed - - '"instances" in change_params_result' - - '"instance_ids" in change_params_result' - - '"changes" in change_params_result' - - change_params_result.instances[0].security_groups[0].group_id == "{{ sg2.group_id }}" - - change_params_result.changes[0].DisableApiTermination.Value == True - - change_params_result.changes[1].Groups[0] == "{{ sg2.group_id }}" # TODO fix this to be less fragile + - name: Verify changes + ansible.builtin.assert: + that: + - change_params_result is not failed + - change_params_result.changed + - '"instances" in change_params_result' + - '"instance_ids" in change_params_result' + - '"changes" in change_params_result' + - change_params_result.changes[0].DisableApiTermination.Value == True + - change_params_result.changes[1].Groups[0] == "{{ sg2.group_id }}" + - name: Verify security groups were updated (can take time to complete) + amazon.aws.ec2_instance_info: + instance_ids: "{{ change_params_result.instance_ids }}" + register: changed_sg_info + retries: 5 + until: + - changed_sg_info.instances[0].security_groups[0].group_id == "{{ sg2.group_id }}" - - name: "Change instance state from running to stopped, and change sg and termination protection" - ec2_instance: - state: stopped - name: "{{ resource_prefix }}-test-state-param-changes" - image_id: "{{ ec2_ami_id }}" - tags: - TestId: "{{ ec2_instance_tag_TestId }}" - security_groups: "{{ sg.group_id }}" - vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" - termination_protection: False - instance_type: "{{ ec2_instance_type }}" - register: change_state_params_result + - name: Change instance state from running to stopped, and change sg and termination protection + amazon.aws.ec2_instance: + state: stopped + name: "{{ resource_prefix }}-test-state-param-changes" + image_id: "{{ ec2_ami_id }}" + tags: + TestId: "{{ ec2_instance_tag_TestId }}" + security_groups: "{{ sg.group_id }}" + vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" + termination_protection: false + instance_type: "{{ ec2_instance_type }}" + register: change_state_params_result - - assert: - that: - - change_state_params_result is not failed - - change_state_params_result.changed - - '"instances" in change_state_params_result' - - '"instance_ids" in change_state_params_result' - - '"changes" in change_state_params_result' - - '"stop_success" in change_state_params_result' - - '"stop_failed" in change_state_params_result' - - change_state_params_result.instances[0].security_groups[0].group_id == "{{ sg.group_id }}" - - change_state_params_result.changes[0].DisableApiTermination.Value == False + - name: Verify changes + ansible.builtin.assert: + that: + - change_state_params_result is not failed + - change_state_params_result.changed + - '"instances" in change_state_params_result' + - '"instance_ids" in change_state_params_result' + - '"changes" in change_state_params_result' + - '"stop_success" in change_state_params_result' + - '"stop_failed" in change_state_params_result' + - change_state_params_result.instances[0].security_groups[0].group_id == "{{ sg.group_id }}" + - change_state_params_result.changes[0].DisableApiTermination.Value == False - - name: "Change sg and termination protection while instance is in state stopped" - ec2_instance: - state: stopped - name: "{{ resource_prefix }}-test-state-param-changes" - image_id: "{{ ec2_ami_id }}" - tags: - TestId: "{{ ec2_instance_tag_TestId }}" - security_groups: "{{ sg2.group_id }}" - vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" - termination_protection: True - instance_type: "{{ ec2_instance_type }}" - register: change_params_stopped_result + - name: Change sg and termination protection while instance is in state stopped + amazon.aws.ec2_instance: + state: stopped + name: "{{ resource_prefix }}-test-state-param-changes" + image_id: "{{ ec2_ami_id }}" + tags: + TestId: "{{ ec2_instance_tag_TestId }}" + security_groups: "{{ sg2.group_id }}" + vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" + termination_protection: true + instance_type: "{{ ec2_instance_type }}" + register: change_params_stopped_result - - assert: - that: - - change_params_stopped_result is not failed - - change_params_stopped_result.changed - - '"instances" in change_params_stopped_result' - - '"instance_ids" in change_params_stopped_result' - - '"changes" in change_params_stopped_result' - - change_params_stopped_result.instances[0].security_groups[0].group_id == "{{ sg2.group_id }}" - - change_params_stopped_result.changes[0].DisableApiTermination.Value == True + - name: Verify changes + ansible.builtin.assert: + that: + - change_params_stopped_result is not failed + - change_params_stopped_result.changed + - '"instances" in change_params_stopped_result' + - '"instance_ids" in change_params_stopped_result' + - '"changes" in change_params_stopped_result' + - change_params_stopped_result.instances[0].security_groups[0].group_id == "{{ sg2.group_id }}" + - change_params_stopped_result.changes[0].DisableApiTermination.Value == True - - name: "Change instance state from stopped to running, and change sg and termination protection" - ec2_instance: - state: running - name: "{{ resource_prefix }}-test-state-param-changes" - image_id: "{{ ec2_ami_id }}" - tags: - TestId: "{{ ec2_instance_tag_TestId }}" - security_groups: "{{ sg.group_id }}" - vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" - termination_protection: False - instance_type: "{{ ec2_instance_type }}" - wait: True - register: change_params_start_result + - name: Change instance state from stopped to running, and change sg and termination protection + amazon.aws.ec2_instance: + state: running + name: "{{ resource_prefix }}-test-state-param-changes" + image_id: "{{ ec2_ami_id }}" + tags: + TestId: "{{ ec2_instance_tag_TestId }}" + security_groups: "{{ sg.group_id }}" + vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" + termination_protection: false + instance_type: "{{ ec2_instance_type }}" + wait: true + register: change_params_start_result - - assert: - that: - - change_params_start_result is not failed - - change_params_start_result.changed - - '"instances" in change_params_start_result' - - '"instance_ids" in change_params_start_result' - - '"changes" in change_params_start_result' - - '"start_success" in change_params_start_result' - - '"start_failed" in change_params_start_result' - - change_params_start_result.instances[0].security_groups[0].group_id == "{{ sg.group_id }}" - - change_params_start_result.changes[0].DisableApiTermination.Value == False + - name: Verify changes + ansible.builtin.assert: + that: + - change_params_start_result is not failed + - change_params_start_result.changed + - '"instances" in change_params_start_result' + - '"instance_ids" in change_params_start_result' + - '"changes" in change_params_start_result' + - '"start_success" in change_params_start_result' + - '"start_failed" in change_params_start_result' + - change_params_start_result.instances[0].security_groups[0].group_id == "{{ sg.group_id }}" + - change_params_start_result.changes[0].DisableApiTermination.Value == False diff --git a/tests/integration/targets/setup_ec2_instance_env/tasks/main.yml b/tests/integration/targets/setup_ec2_instance_env/tasks/main.yml index 94cff6637c0..738a6f7fe7c 100644 --- a/tests/integration/targets/setup_ec2_instance_env/tasks/main.yml +++ b/tests/integration/targets/setup_ec2_instance_env/tasks/main.yml @@ -1,3 +1,4 @@ +--- - run_once: '{{ setup_run_once | default("no") | bool }}' module_defaults: group/aws: @@ -6,83 +7,83 @@ session_token: "{{ security_token | default(omit) }}" region: "{{ aws_region }}" block: - - name: "Create VPC for use in testing" - ec2_vpc_net: - state: present - name: "{{ vpc_name }}" - cidr_block: "{{ vpc_cidr }}" - tags: - Name: "{{ vpc_name }}" - tenancy: default - register: testing_vpc - notify: - - 'Delete ec2_instance environment' + - name: Create VPC for use in testing + ec2_vpc_net: + state: present + name: "{{ vpc_name }}" + cidr_block: "{{ vpc_cidr }}" + tags: + Name: "{{ vpc_name }}" + tenancy: default + register: testing_vpc + notify: + - Delete ec2_instance environment - - name: "Create default subnet in zone A" - ec2_vpc_subnet: - state: present - vpc_id: "{{ testing_vpc.vpc.id }}" - cidr: "{{ subnet_a_cidr }}" - az: "{{ subnet_a_az }}" - resource_tags: - Name: "{{ subnet_a_name }}" - register: testing_subnet_a + - name: Create default subnet in zone A + ec2_vpc_subnet: + state: present + vpc_id: "{{ testing_vpc.vpc.id }}" + cidr: "{{ subnet_a_cidr }}" + az: "{{ subnet_a_az }}" + resource_tags: + Name: "{{ subnet_a_name }}" + register: testing_subnet_a - - name: "Create secondary subnet in zone B" - ec2_vpc_subnet: - state: present - vpc_id: "{{ testing_vpc.vpc.id }}" - cidr: "{{ subnet_b_cidr }}" - az: "{{ subnet_b_az }}" - resource_tags: - Name: "{{ subnet_b_name }}" - register: testing_subnet_b + - name: Create secondary subnet in zone B + ec2_vpc_subnet: + state: present + vpc_id: "{{ testing_vpc.vpc.id }}" + cidr: "{{ subnet_b_cidr }}" + az: "{{ subnet_b_az }}" + resource_tags: + Name: "{{ subnet_b_name }}" + register: testing_subnet_b - - name: "create a security group with the vpc" - ec2_security_group: - state: present - name: "{{ security_group_name_1 }}" - description: a security group for ansible tests - vpc_id: "{{ testing_vpc.vpc.id }}" - rules: - - proto: tcp - from_port: 22 - to_port: 22 - cidr_ip: 0.0.0.0/0 - - proto: tcp - from_port: 80 - to_port: 80 - cidr_ip: 0.0.0.0/0 - register: sg + - name: create a security group with the vpc + amazon.aws.ec2_security_group: + state: present + name: "{{ security_group_name_1 }}" + description: a security group for ansible tests + vpc_id: "{{ testing_vpc.vpc.id }}" + rules: + - proto: tcp + from_port: 22 + to_port: 22 + cidr_ip: "0.0.0.0/0" + - proto: tcp + from_port: 80 + to_port: 80 + cidr_ip: "0.0.0.0/0" + register: sg - - name: "create secondary security group with the vpc" - ec2_security_group: - name: "{{ security_group_name_2 }}" - description: a secondary security group for ansible tests - vpc_id: "{{ testing_vpc.vpc.id }}" - rules: - - proto: tcp - from_port: 22 - to_port: 22 - cidr_ip: 0.0.0.0/0 - - proto: tcp - from_port: 80 - to_port: 80 - cidr_ip: 0.0.0.0/0 - register: sg2 + - name: create secondary security group with the vpc + amazon.aws.ec2_security_group: + name: "{{ security_group_name_2 }}" + description: a secondary security group for ansible tests + vpc_id: "{{ testing_vpc.vpc.id }}" + rules: + - proto: tcp + from_port: 22 + to_port: 22 + cidr_ip: "0.0.0.0/0" + - proto: tcp + from_port: 80 + to_port: 80 + cidr_ip: "0.0.0.0/0" + register: sg2 - - name: Preserve defaults for other roles - set_fact: + - name: Preserve defaults for other roles + set_fact: # Ensure variables are available outside of this role - vpc_cidr: '{{ vpc_cidr }}' - vpc_name: '{{ vpc_name }}' - subnet_a_az: '{{ subnet_a_az }}' - subnet_a_cidr: '{{ subnet_a_cidr }}' - subnet_a_startswith: '{{ subnet_a_startswith }}' - subnet_a_name: '{{ subnet_a_name }}' - subnet_b_az: '{{ subnet_b_az }}' - subnet_b_cidr: '{{ subnet_b_cidr }}' - subnet_b_startswith: '{{ subnet_b_startswith }}' - subnet_b_name: '{{ subnet_b_name }}' - security_group_name_1: '{{ security_group_name_1 }}' - security_group_name_2: '{{ security_group_name_2 }}' + vpc_cidr: "{{ vpc_cidr }}" + vpc_name: "{{ vpc_name }}" + subnet_a_az: "{{ subnet_a_az }}" + subnet_a_cidr: "{{ subnet_a_cidr }}" + subnet_a_startswith: "{{ subnet_a_startswith }}" + subnet_a_name: "{{ subnet_a_name }}" + subnet_b_az: "{{ subnet_b_az }}" + subnet_b_cidr: "{{ subnet_b_cidr }}" + subnet_b_startswith: "{{ subnet_b_startswith }}" + subnet_b_name: "{{ subnet_b_name }}" + security_group_name_1: "{{ security_group_name_1 }}" + security_group_name_2: "{{ security_group_name_2 }}"