Re-enable and update integration tests for aws_ssm_parameter_store

ansible-collections · Jun 20, 2022 · 78dff53 · 78dff53
1 parent 42ecfd3
commit 78dff53
Show file tree

Hide file tree

Showing 5 changed files with 217 additions and 123 deletions.
diff --git a/changelogs/fragments/1241-aws_ssm_parameter_store.yml b/changelogs/fragments/1241-aws_ssm_parameter_store.yml
@@ -0,0 +1,2 @@
+bugfixes:
+- aws_ssm_parameter_store - fix exception when description was set without value (https://github.com/ansible-collections/community.aws/pull/1241).
diff --git a/plugins/modules/aws_ssm_parameter_store.py b/plugins/modules/aws_ssm_parameter_store.py
@@ -165,14 +165,20 @@ def update_parameter(client, module, args):
     return changed, response
 
 
+def describe_parameter(client, module, **args):
+    paginator = client.get_paginator('describe_parameters')
+    existing_parameter = paginator.paginate(**args).build_full_result()
+
+    return existing_parameter['Parameters'][0]
+
+
 def create_update_parameter(client, module):
     changed = False
     existing_parameter = None
     response = {}
 
     args = dict(
         Name=module.params.get('name'),
-        Value=module.params.get('value'),
         Type=module.params.get('string_type'),
         Tier=module.params.get('tier')
     )
@@ -182,6 +188,9 @@ def create_update_parameter(client, module):
     else:
         args.update(Overwrite=False)
 
+    if module.params.get('value') is not None:
+        args.update(Value=module.params.get('value'))
+
     if module.params.get('description'):
         args.update(Description=module.params.get('description'))
 
@@ -194,8 +203,10 @@ def create_update_parameter(client, module):
         pass
 
     if existing_parameter:
-        if (module.params.get('overwrite_value') == 'always'):
+        if 'Value' not in args:
+            args['Value'] = existing_parameter['Parameter']['Value']
 
+        if (module.params.get('overwrite_value') == 'always'):
             (changed, response) = update_parameter(client, module, args)
 
         elif (module.params.get('overwrite_value') == 'changed'):
@@ -207,16 +218,14 @@ def create_update_parameter(client, module):
 
             if args.get('Description'):
                 # Description field not available from get_parameter function so get it from describe_parameters
-                describe_existing_parameter = None
                 try:
-                    describe_existing_parameter_paginator = client.get_paginator('describe_parameters')
-                    describe_existing_parameter = describe_existing_parameter_paginator.paginate(
-                        Filters=[{"Key": "Name", "Values": [args['Name']]}]).build_full_result()
-
+                    describe_existing_parameter = describe_parameter(
+                        client, module,
+                        Filters=[{"Key": "Name", "Values": [args['Name']]}])
                 except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e:
                     module.fail_json_aws(e, msg="getting description value")
 
-                if describe_existing_parameter['Parameters'][0]['Description'] != args['Description']:
+                if describe_existing_parameter['Description'] != args['Description']:
                     (changed, response) = update_parameter(client, module, args)
     else:
         (changed, response) = update_parameter(client, module, args)

diff --git a/tests/integration/targets/aws_ssm_parameter_store/aliases b/tests/integration/targets/aws_ssm_parameter_store/aliases
@@ -1,2 +1 @@
 cloud/aws
-disabled
diff --git a/tests/integration/targets/aws_ssm_parameter_store/defaults/main.yml b/tests/integration/targets/aws_ssm_parameter_store/defaults/main.yml
@@ -1,3 +1,2 @@
 ---
-# defaults file for aws_lambda test
-ssm_key_prefix: '{{resource_prefix}}'
+ssm_key_prefix: '{{ resource_prefix }}'
diff --git a/tests/integration/targets/aws_ssm_parameter_store/tasks/main.yml b/tests/integration/targets/aws_ssm_parameter_store/tasks/main.yml
@@ -1,123 +1,208 @@
 ---
-#
-#  Author: Michael De La Rue
-#  based on aws_lambda test cases
-
-- name: 'aws_ssm_parameter_store integration tests'
+- set_fact:
+    # As a lookup plugin we don't have access to module_defaults
+    connection_args:
+      region: "{{ aws_region }}"
+      aws_access_key: "{{ aws_access_key }}"
+      aws_secret_key: "{{ aws_secret_key }}"
+      aws_security_token: "{{ security_token | default(omit) }}"
+  no_log: True
+
+- name: 'aws_ssm lookup plugin integration tests'
   collections:
-    - amazon.aws
+  - amazon.aws
   module_defaults:
     group/aws:
       aws_access_key: '{{ aws_access_key }}'
       aws_secret_key: '{{ aws_secret_key }}'
       security_token: '{{ security_token | default(omit) }}'
       region: '{{ aws_region }}'
+  vars:
+    simple_name: '/{{ ssm_key_prefix }}/Simple'
+    simple_description: 'This is a simple example'
+    simple_value: 'A simple VALue'
+    updated_description: 'This is an updated example'
+    updated_value: 'A simple VALue **UPDATED**'
   block:
 
-    # ============================================================
-    - name: Create or update key/value pair in aws parameter store
-      aws_ssm_parameter_store:
-        name: "/{{ssm_key_prefix}}/Hello"
-        description: "This is your first key"
-        value: "World"
-
-    - name: Check that parameter was stored correctly
-      assert:
-       that:
-        - "'{{lookup('amazon.aws.aws_ssm', '/' ~ ssm_key_prefix ~ '/Hello', region=ec2_region, aws_access_key=ec2_access_key, aws_secret_key=ec2_secret_key, aws_security_token=security_token )}}' == 'World'"
-
-    # ============================================================
-    - name: Create or update key/value pair in aws parameter store
-      aws_ssm_parameter_store:
-        name: "/{{ssm_key_prefix}}/path/wonvar"
-        description: "This is your first key"
-        value: "won value"
-
-    - name: Create or update key/value pair in aws parameter store
-      aws_ssm_parameter_store:
-        name: "/{{ssm_key_prefix}}/path/toovar"
-        description: "This is your first key"
-        value: "too value"
-
-    - name: Create or update key/value pair in aws parameter store
-      aws_ssm_parameter_store:
-        name: "/{{ssm_key_prefix}}/path/tree/treevar"
-        description: "This is your first key"
-        value: "tree value"
-
-    # ============================================================
-    - name: Create or update key/value pair in aws parameter store
-      aws_ssm_parameter_store:
-        name: "/{{ssm_key_prefix}}/deeppath/wondir/samevar"
-        description: "This is your first key"
-        value: "won value"
-
-    - name: Create or update key/value pair in aws parameter store
-      aws_ssm_parameter_store:
-        name: "/{{ssm_key_prefix}}/deeppath/toodir/samevar"
-        description: "This is your first key"
-        value: "too value"
-
-    # ============================================================
-    - name: debug the lookup
-      debug:
-       msg: "{{lookup('amazon.aws.aws_ssm', '/' ~ ssm_key_prefix ~ '/path', region=ec2_region, aws_access_key=ec2_access_key, aws_secret_key=ec2_secret_key, aws_security_token=security_token, bypath=True )}}'"
-
-    - name: Check that parameter path is stored and retrieved
-      assert:
-       that:
-        - "'{{lookup('amazon.aws.aws_ssm', '/' ~ ssm_key_prefix ~ '/path', region=ec2_region, aws_access_key=ec2_access_key, aws_secret_key=ec2_secret_key, aws_security_token=security_token, bypath=True, shortnames=true ) | to_json }}' == '{\"toovar\": \"too value\", \"wonvar\": \"won value\"}'"
-
-    # ============================================================
-    - name: Returns empty value in case we don't find a named parameter and default filter works
-      assert:
-       that:
-        - "'{{lookup('amazon.aws.aws_ssm', '/' ~ ssm_key_prefix ~ '/Goodbye', region=ec2_region, aws_access_key=ec2_access_key, aws_secret_key=ec2_secret_key, aws_security_token=security_token )}}' == ''"
-        - "'{{lookup('amazon.aws.aws_ssm', '/' ~ ssm_key_prefix ~ '/Goodbye', region=ec2_region, aws_access_key=ec2_access_key, aws_secret_key=ec2_secret_key, aws_security_token=security_token ) | default('I_can_has_default', true)}}' == 'I_can_has_default'"
-
-    # ============================================================
-    - name: Handle multiple paths with one that doesn't exist - default to full names.
-      assert:
-       that:
-        - "'{{lookup('amazon.aws.aws_ssm', '/' ~ ssm_key_prefix ~ '/path', '/' ~ ssm_key_prefix ~ '/dont_create_this_path_you_will_break_the_ansible_tests', region=ec2_region, aws_access_key=ec2_access_key, aws_secret_key=ec2_secret_key, aws_security_token=security_token, bypath=True ) | to_json }}' in ( '[{\"/' ~ ssm_key_prefix ~ '/path/toovar\": \"too value\", \"/' ~ ssm_key_prefix ~ '/path/wonvar\": \"won value\"}, {}]',  '[{\"/' ~ ssm_key_prefix ~ '/path/wonvar\": \"won value\", \"/' ~ ssm_key_prefix ~ '/path/toovar\": \"too value\"}, {}]' )"
-
-
-    # ============================================================
-    # this may be a bit of a nasty test case;  we should perhaps accept _either_ value that was stored
-    # in the two variables named 'samevar'
-
-    - name: Handle multiple paths with one that doesn't exist - shortnames - including overlap.
-      assert:
-       that:
-        - "'{{lookup('amazon.aws.aws_ssm', '/' ~ ssm_key_prefix ~ '/path', '/' ~ ssm_key_prefix ~ '/dont_create_this_path_you_will_break_the_ansible_tests', '/' ~ ssm_key_prefix ~ '/deeppath', region=ec2_region, aws_access_key=ec2_access_key, aws_secret_key=ec2_secret_key, aws_security_token=security_token, bypath=True, shortnames=true, recursive=true ) | to_json }}' == '[{\"toovar\": \"too value\", \"treevar\": \"tree value\", \"wonvar\": \"won value\"}, {}, {\"samevar\": \"won value\"}]'"
-
-
-    # ============================================================
-    - name: Delete key/value pair in aws parameter store
-      aws_ssm_parameter_store:
-        name: "/{{ssm_key_prefix}}/Hello"
-        state: absent
-
-    # ============================================================
-    - name: Attempt delete key/value pair in aws parameter store again
-      aws_ssm_parameter_store:
-        name: "/{{ssm_key_prefix}}/Hello"
-        state: absent
-      register: result
-
-    - name: assert that changed is False since parameter should be deleted
-      assert:
-        that:
-          - result.changed == False
+  # ============================================================
+  # Create
+
+  - name: Create key/value pair in aws parameter store
+    aws_ssm_parameter_store:
+      name: '{{ simple_name }}'
+      description: '{{ simple_description }}'
+      value: '{{ simple_value }}'
+    register: result
+
+  - name: Lookup a single key
+    set_fact:
+      lookup_value: "{{ lookup('amazon.aws.aws_ssm', simple_name, **connection_args) }}"
+  - assert:
+     that:
+      - result is changed
+      - lookup_value == simple_value
+
+  - name: Create key/value pair in aws parameter store - idempotency
+    aws_ssm_parameter_store:
+      name: '{{ simple_name }}'
+      description: '{{ simple_description }}'
+      value: '{{ simple_value }}'
+    register: result
+
+  - name: Lookup a single key
+    set_fact:
+      lookup_value: "{{ lookup('amazon.aws.aws_ssm', simple_name, **connection_args) }}"
+  - assert:
+     that:
+      - result is not changed
+      - lookup_value == simple_value
+
+  # ============================================================
+  # Update description
+
+  - name: Update description
+    aws_ssm_parameter_store:
+      name: '{{ simple_name }}'
+      description: '{{ updated_description }}'
+    register: result
+
+  - name: Lookup a single key
+    set_fact:
+      lookup_value: "{{ lookup('amazon.aws.aws_ssm', simple_name, **connection_args) }}"
+  - assert:
+     that:
+      - result is changed
+      - lookup_value == simple_value
+
+  - name: Update description - idempotency
+    aws_ssm_parameter_store:
+      name: '{{ simple_name }}'
+      description: '{{ updated_description }}'
+    register: result
+
+  - name: Lookup a single key
+    set_fact:
+      lookup_value: "{{ lookup('amazon.aws.aws_ssm', simple_name, **connection_args) }}"
+  - assert:
+     that:
+      - result is not changed
+      - lookup_value == simple_value
+
+  # ============================================================
+  # Update value
+
+  - name: Update key/value pair in aws parameter store
+    aws_ssm_parameter_store:
+      name: '{{ simple_name }}'
+      value: '{{ updated_value }}'
+    register: result
+
+  - name: Lookup a single key
+    set_fact:
+      lookup_value: "{{ lookup('amazon.aws.aws_ssm', simple_name, **connection_args) }}"
+  - assert:
+     that:
+      - result is changed
+      - lookup_value == updated_value
+
+  - name: Update key/value pair in aws parameter store - idempotency
+    aws_ssm_parameter_store:
+      name: '{{ simple_name }}'
+      value: '{{ updated_value }}'
+    register: result
+
+  - name: Lookup a single key
+    set_fact:
+      lookup_value: "{{ lookup('amazon.aws.aws_ssm', simple_name, **connection_args) }}"
+  - assert:
+     that:
+      - result is not changed
+      - lookup_value == updated_value
+
+  # ============================================================
+  # Because we have no mechanism for viewing the description, test that passing
+  # new value and description doesn't result in a change
+
+  - name: Test no change to description
+    aws_ssm_parameter_store:
+      name: '{{ simple_name }}'
+      value: '{{ updated_value }}'
+      description: '{{ updated_description }}'
+    register: result
+
+  - assert:
+     that:
+      - result is not changed
+
+  # ============================================================
+  # Complex update
+
+  - name: Complex update to key/value pair in aws parameter store
+    aws_ssm_parameter_store:
+      name: '{{ simple_name }}'
+      value: '{{ simple_value }}'
+      description: '{{ simple_description }}'
+    register: result
+
+  - name: Lookup a single key
+    set_fact:
+      lookup_value: "{{ lookup('amazon.aws.aws_ssm', simple_name, **connection_args) }}"
+  - assert:
+     that:
+      - result is changed
+      - lookup_value == simple_value
+
+  - name: Complex update to key/value pair in aws parameter store - idempotency
+    aws_ssm_parameter_store:
+      name: '{{ simple_name }}'
+      value: '{{ simple_value }}'
+      description: '{{ simple_description }}'
+    register: result
+
+  - name: Lookup a single key
+    set_fact:
+      lookup_value: "{{ lookup('amazon.aws.aws_ssm', simple_name, **connection_args) }}"
+  - assert:
+     that:
+      - result is not changed
+      - lookup_value == simple_value
+
+  # ============================================================
+  # Delete
+
+  - name: Create key/value pair in aws parameter store
+    aws_ssm_parameter_store:
+      name: '{{ simple_name }}'
+      state: absent
+    register: result
+
+  - name: Lookup a single key
+    set_fact:
+      lookup_value: "{{ lookup('amazon.aws.aws_ssm', simple_name, **connection_args) }}"
+    register: info_result
+    ignore_errors: true
+  - assert:
+     that:
+      - result is changed
+      - info_result is failed
+
+  - name: Create key/value pair in aws parameter store - idempotency
+    aws_ssm_parameter_store:
+      name: '{{ simple_name }}'
+      state: absent
+    register: result
+
+  - assert:
+     that:
+      - result is not changed
+
   always:
-    # ============================================================
-    - name: Delete remaining key/value pairs in aws parameter store
-      aws_ssm_parameter_store:
-        name: "{{item}}"
-        state: absent
-      with_items:
-        - "/{{ssm_key_prefix}}/Hello"
-        - "/{{ssm_key_prefix}}/path/wonvar"
-        - "/{{ssm_key_prefix}}/path/toovar"
-        - "/{{ssm_key_prefix}}/path/tree/treevar"
-        - "/{{ssm_key_prefix}}/deeppath/wondir/samevar"
+  # ============================================================
+  - name: Delete remaining key/value pairs in aws parameter store
+    aws_ssm_parameter_store:
+      name: "{{item}}"
+      state: absent
+    ignore_errors: True
+    with_items:
+      - '{{ simple_name }}'
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		bugfixes:
		- aws_ssm_parameter_store - fix exception when description was set without value (https://github.com/ansible-collections/community.aws/pull/1241).