Skip to content

Commit

Permalink
Launch Template cleanup retries and add tests into CI (ansible-collec…
Browse files Browse the repository at this point in the history
…tions#326)

* Mark ec2_launch_template tests as supported

* Update launch template test to use permitted harmless managed policy

* Make sure we delete the instance profile

* Cleanup imports

* use ansible_dict_to_boto3_tag_list

* Make sure retries are enabled

* Update role names in line with CI policy

* Lookup AMI name rather than hardcoding IDs

* Add changelog fragment
  • Loading branch information
tremble authored and danielcotton committed Nov 23, 2021
1 parent 1e63a51 commit a14a094
Show file tree
Hide file tree
Showing 9 changed files with 55 additions and 57 deletions.
2 changes: 2 additions & 0 deletions changelogs/fragments/326-launch_template_retry.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
minor_changes:
- ec2_launch_template - Add retries on common AWS failures (https://github.com/ansible-collections/community.aws/pull/326).
29 changes: 15 additions & 14 deletions plugins/modules/ec2_launch_template.py
Original file line number Diff line number Diff line change
Expand Up @@ -367,13 +367,14 @@
from uuid import uuid4

from ansible.module_utils._text import to_text
from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule, is_boto3_error_code, get_boto3_client_method_parameters
from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict, snake_dict_to_camel_dict
from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (ansible_dict_to_boto3_tag_list,
AWSRetry,
boto3_tag_list_to_ansible_dict,
ansible_dict_to_boto3_tag_list,
)
from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict
from ansible.module_utils.common.dict_transformations import snake_dict_to_camel_dict

from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule
from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code
from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry
from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_tag_list
from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict

try:
from botocore.exceptions import ClientError, BotoCoreError, WaiterError
Expand All @@ -399,9 +400,9 @@ def existing_templates(module):
matches = None
try:
if module.params.get('template_id'):
matches = ec2.describe_launch_templates(LaunchTemplateIds=[module.params.get('template_id')])
matches = ec2.describe_launch_templates(LaunchTemplateIds=[module.params.get('template_id')], aws_retry=True)
elif module.params.get('template_name'):
matches = ec2.describe_launch_templates(LaunchTemplateNames=[module.params.get('template_name')])
matches = ec2.describe_launch_templates(LaunchTemplateNames=[module.params.get('template_name')], aws_retry=True)
except is_boto3_error_code('InvalidLaunchTemplateName.NotFoundException') as e:
# no named template was found, return nothing/empty versions
return None, []
Expand All @@ -418,20 +419,18 @@ def existing_templates(module):
template = matches['LaunchTemplates'][0]
template_id, template_version, template_default = template['LaunchTemplateId'], template['LatestVersionNumber'], template['DefaultVersionNumber']
try:
return template, ec2.describe_launch_template_versions(LaunchTemplateId=template_id)['LaunchTemplateVersions']
return template, ec2.describe_launch_template_versions(LaunchTemplateId=template_id, aws_retry=True)['LaunchTemplateVersions']
except (ClientError, BotoCoreError, WaiterError) as e:
module.fail_json_aws(e, msg='Could not find launch template versions for {0} (ID: {1}).'.format(template['LaunchTemplateName'], template_id))


def params_to_launch_data(module, template_params):
if template_params.get('tags'):
tag_list = ansible_dict_to_boto3_tag_list(template_params.get('tags'))
template_params['tag_specifications'] = [
{
'resource_type': r_type,
'tags': [
{'Key': k, 'Value': v} for k, v
in template_params['tags'].items()
]
'tags': tag_list
}
for r_type in ('instance', 'volume')
]
Expand All @@ -456,6 +455,7 @@ def delete_template(module):
v_resp = ec2.delete_launch_template_versions(
LaunchTemplateId=template['LaunchTemplateId'],
Versions=non_default_versions,
aws_retry=True,
)
if v_resp['UnsuccessfullyDeletedLaunchTemplateVersions']:
module.warn('Failed to delete template versions {0} on launch template {1}'.format(
Expand All @@ -468,6 +468,7 @@ def delete_template(module):
try:
resp = ec2.delete_launch_template(
LaunchTemplateId=template['LaunchTemplateId'],
aws_retry=True,
)
except (ClientError, BotoCoreError) as e:
module.fail_json_aws(e, msg="Could not delete launch template {0}".format(template['LaunchTemplateId']))
Expand Down
2 changes: 1 addition & 1 deletion tests/integration/targets/ec2_launch_template/aliases
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
cloud/aws
unsupported
shippable/aws/group3
Original file line number Diff line number Diff line change
@@ -1,18 +1,3 @@
---
resource_prefix: ansible-test-default-group
ec2_ami_image:
# https://wiki.centos.org/Cloud/AWS collected 2018-01-10
ap-northeast-1: ami-571e3c30
ap-northeast-2: ami-97cb19f9
ap-south-1: ami-11f0837e
ap-southeast-1: ami-30318f53
ap-southeast-2: ami-24959b47
ca-central-1: ami-daeb57be
eu-central-1: ami-7cbc6e13
eu-west-1: ami-0d063c6b
eu-west-2: ami-c22236a6
sa-east-1: ami-864f2dea
us-east-1: ami-ae7bfdb8
us-east-2: ami-9cbf9bf9
us-west-1: ami-7c280d1c
us-west-2: ami-0c2aba6c
ec2_ami_name: amzn2-ami-hvm-2.*-x86_64-gp2
test_role_name: ansible-test-{{ resource_prefix }}
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@
- name: create c4.large instance with cpu_options
ec2_launch_template:
name: "{{ resource_prefix }}-c4large-1-threads-per-core"
image_id: "{{ ec2_ami_image[aws_region] }}"
image_id: "{{ ec2_ami_image }}"
tags:
TestId: "{{ resource_prefix }}"
instance_type: c4.large
Expand Down
Original file line number Diff line number Diff line change
@@ -1,30 +1,30 @@
- block:
- name: Create IAM role for test
iam_role:
name: "{{ resource_prefix }}-test-policy"
name: "{{ test_role_name }}-1"
assume_role_policy_document: "{{ lookup('file','assume-role-policy.json') }}"
state: present
create_instance_profile: yes
managed_policy:
- AmazonS3ReadOnlyAccess
- AWSDenyAll
register: iam_role

- name: Create second IAM role for test
iam_role:
name: "{{ resource_prefix }}-test-policy-2"
name: "{{ test_role_name }}-2"
assume_role_policy_document: "{{ lookup('file','assume-role-policy.json') }}"
state: present
create_instance_profile: yes
managed_policy:
- AmazonS3ReadOnlyAccess
- AWSDenyAll
register: iam_role_2

- name: Make instance with an instance_role
ec2_launch_template:
name: "{{ resource_prefix }}-test-instance-role"
image_id: "{{ ec2_ami_image[aws_region] }}"
image_id: "{{ ec2_ami_image }}"
instance_type: t2.micro
iam_instance_profile: "{{ resource_prefix }}-test-policy"
iam_instance_profile: "{{ test_role_name }}-1"
register: template_with_role

- assert:
Expand All @@ -34,9 +34,9 @@
- name: Create template again, with no change to instance_role
ec2_launch_template:
name: "{{ resource_prefix }}-test-instance-role"
image_id: "{{ ec2_ami_image[aws_region] }}"
image_id: "{{ ec2_ami_image }}"
instance_type: t2.micro
iam_instance_profile: "{{ resource_prefix }}-test-policy"
iam_instance_profile: "{{ test_role_name }}-1"
register: template_with_role

- assert:
Expand All @@ -47,9 +47,9 @@
- name: Update instance with new instance_role
ec2_launch_template:
name: "{{ resource_prefix }}-test-instance-role"
image_id: "{{ ec2_ami_image[aws_region] }}"
image_id: "{{ ec2_ami_image }}"
instance_type: t2.micro
iam_instance_profile: "{{ resource_prefix }}-test-policy-2"
iam_instance_profile: "{{ test_role_name }}-2"
register: template_with_updated_role

- assert:
Expand All @@ -63,9 +63,9 @@
- name: Re-set with same new instance_role
ec2_launch_template:
name: "{{ resource_prefix }}-test-instance-role"
image_id: "{{ ec2_ami_image[aws_region] }}"
image_id: "{{ ec2_ami_image }}"
instance_type: t2.micro
iam_instance_profile: "{{ resource_prefix }}-test-policy-2"
iam_instance_profile: "{{ test_role_name }}-2"
register: template_with_updated_role

- assert:
Expand All @@ -84,20 +84,20 @@
retries: 10
- name: Delete IAM role for test
iam_role:
name: "{{ resource_prefix }}-test-policy"
name: "{{ test_role_name }}-1"
assume_role_policy_document: "{{ lookup('file','assume-role-policy.json') }}"
state: absent
create_instance_profile: yes
delete_instance_profile: yes
register: iam_removed
until: iam_removed is not failed
ignore_errors: yes
retries: 10
- name: Delete IAM role for test
iam_role:
name: "{{ resource_prefix }}-test-policy-2"
name: "{{ test_role_name }}-2"
assume_role_policy_document: "{{ lookup('file','assume-role-policy.json') }}"
state: absent
create_instance_profile: yes
delete_instance_profile: yes
register: iam_2_removed
until: iam_2_removed is not failed
ignore_errors: yes
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,16 @@
security_token: "{{ security_token | default(omit) }}"
region: "{{ aws_region }}"
block:

- name: Find AMI to use
ec2_ami_info:
owners: 'amazon'
filters:
name: '{{ ec2_ami_name }}'
register: ec2_amis
- set_fact:
ec2_ami_image: '{{ ec2_amis.images[0].image_id }}'

- include_tasks: cpu_options.yml
- include_tasks: iam_instance_role.yml
- include_tasks: versions.yml
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@
- name: Make instance in the testing subnet created in the test VPC
ec2_instance:
name: "{{ resource_prefix }}-test-basic-vpc-create"
image_id: "{{ ec2_ami_image[aws_region] }}"
image_id: "{{ ec2_ami_image }}"
user_data: |
#cloud-config
package_upgrade: true
Expand All @@ -71,7 +71,7 @@
- name: Try to re-make the instance, hopefully this shows changed=False
ec2_instance:
name: "{{ resource_prefix }}-test-basic-vpc-create"
image_id: "{{ ec2_ami_image[aws_region] }}"
image_id: "{{ ec2_ami_image }}"
user_data: |
#cloud-config
package_upgrade: true
Expand All @@ -96,7 +96,7 @@
- name: Alter it by adding tags
ec2_instance:
name: "{{ resource_prefix }}-test-basic-vpc-create"
image_id: "{{ ec2_ami_image[aws_region] }}"
image_id: "{{ ec2_ami_image }}"
tags:
TestId: "{{ resource_prefix }}"
Another: thing
Expand All @@ -113,11 +113,11 @@
that:
- check_tags.instances[0].tags.Another == 'thing'
- check_tags.instances[0].tags.Something == 'else'

- name: Purge a tag
ec2_instance:
name: "{{ resource_prefix }}-test-basic-vpc-create"
image_id: "{{ ec2_ami_image[aws_region] }}"
image_id: "{{ ec2_ami_image }}"
purge_tags: true
tags:
TestId: "{{ resource_prefix }}"
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
- name: create simple instance template
ec2_launch_template:
name: "{{ resource_prefix }}-simple"
image_id: "{{ ec2_ami_image[aws_region] }}"
image_id: "{{ ec2_ami_image }}"
tags:
TestId: "{{ resource_prefix }}"
instance_type: c4.large
Expand All @@ -20,7 +20,7 @@
ec2_launch_template:
name: "{{ resource_prefix }}-simple"
default_version: 1
image_id: "{{ ec2_ami_image[aws_region] }}"
image_id: "{{ ec2_ami_image }}"
tags:
TestId: "{{ resource_prefix }}"
instance_type: m5.large
Expand All @@ -37,7 +37,7 @@
- name: update simple instance template
ec2_launch_template:
name: "{{ resource_prefix }}-simple"
image_id: "{{ ec2_ami_image[aws_region] }}"
image_id: "{{ ec2_ami_image }}"
tags:
TestId: "{{ resource_prefix }}"
instance_type: t3.medium
Expand Down

0 comments on commit a14a094

Please sign in to comment.