rds_instance module and tests (#43789)

* Add functions to retrieve the allowed and required parameters for boto3 client methods

* Add custom waiter for stopping an RDS DB instance

* Add rds_instance module

* Add rds_instance integration tests

* address requested changes from ryansb

* address requested changes from willthames

* address requested changes from dmsimard

* Fix final snapshots

Fix idempotence with already-deleting DB instances

Remove unused import from module_utils/aws/core.py

Consolidate function to get all boto3 client method parameters and the subset of required parameters

* Add some additional rds_instance integration tests

* Add some common functions to module_utils/aws/rds

* Move common code out of rds_instance

* Remove hardcoded engine choices and require the minimum boto3

* Document wait behavior

* Provide a list of valid engines in the error message if it is invalid

Add supported methods to whitelist

Remove AWSRetry around waiter

Wait for a less crazy amount of time

Remove unused variables

* Add a test for an invalid engine option

* pep8

* Missed adding a method to the whitelist

* Use retries

* Fix some little things

* Fix more things

* Improve error message

* Support creating cross-region read replicas

* Remove unused imports

* Add retry when getting RDS instance

* Soft-check required options so module fails properly when options are missing

* Fix mariadb parameter version

* Fix cross-region read_replica creation and tests

* fix modify tests

* Fix a modification test

* Fix typo

* Remove test for option_group_name that exists for this account but may not for others and added as a TODO to do properly
This commit is contained in:
Sloane Hertel 2018-08-30 22:17:02 -04:00 committed by Will Thames
commit 113336d6f1
18 changed files with 2789 additions and 0 deletions

View file

@ -0,0 +1,2 @@
cloud/aws
unsupported

View file

@ -0,0 +1,23 @@
---
instance_id: "{{ resource_prefix }}"
modified_instance_id: "{{ resource_prefix }}-updated"
username: test
password: test12345678
db_instance_class: db.t2.micro
storage_encrypted_db_instance_class: db.t2.small
modified_db_instance_class: db.t2.medium
allocated_storage: 20
modified_allocated_storage: 30
# For aurora tests
cluster_id: "{{ resource_prefix }}-cluster"
aurora_db_instance_class: db.t2.medium
# For oracle tests
oracle_ee_db_instance_class: db.r3.xlarge
processor_features:
coreCount: 1
threadsPerCore: 1
modified_processor_features:
coreCount: 2
threadsPerCore: 2

View file

@ -0,0 +1,36 @@
---
- name: test without credentials
rds_instance:
db_instance_identifier: test-rds-instance
register: result
ignore_errors: yes
- assert:
that:
- result.failed
- 'result.msg == "The rds_instance module requires a region and none was found in configuration, environment variables or module parameters"'
- name: test without credentials
rds_instance:
db_instance_identifier: test-rds-instance
region: us-east-1
register: result
ignore_errors: yes
- assert:
that:
- result.failed
- '"Unable to locate credentials" in result.msg'
- name: test with invalid credentials
rds_instance:
db_instance_identifier: test-rds-instance
region: us-east-1
profile: doesnotexist
register: result
ignore_errors: yes
- assert:
that:
- result.failed
- 'result.msg == "The config profile (doesnotexist) could not be found"'

View file

@ -0,0 +1,16 @@
---
- block:
- include: ./credential_tests.yml
- include: ./test_states.yml
- include: ./test_tags.yml
- include: ./test_modification.yml # TODO: test availability_zone and multi_az
- include: ./test_bad_options.yml
- include: ./test_processor_features.yml
- include: ./test_encryption.yml
- include: ./test_final_snapshot.yml
- include: ./test_read_replica.yml
- include: ./test_vpc_security_groups.yml
#- include: ./test_restore_instance.yml # TODO: point-in-time, snapshot, s3
# TODO: uncomment after adding rds_cluster module
#- include: ./test_aurora.yml

View file

@ -0,0 +1,144 @@
---
- block:
- name: set up aws connection info
set_fact:
aws_connection_info: &aws_connection_info
aws_access_key: "{{ aws_access_key }}"
aws_secret_key: "{{ aws_secret_key }}"
security_token: "{{ security_token }}"
region: "{{ aws_region }}"
no_log: yes
- name: Ensure the resource doesn't exist
rds_instance:
id: "{{ instance_id }}"
state: absent
skip_final_snapshot: True
<<: *aws_connection_info
register: result
- assert:
that:
- not result.changed
ignore_errors: yes
- name: Create minimal aurora cluster in default VPC and default subnet group
rds_cluster:
state: present
engine: aurora
cluster_id: "{{ cluster_id }}"
username: "{{ username }}"
password: "{{ password }}"
<<: *aws_connection_info
- name: Create an Aurora instance
rds_instance:
id: "{{ instance_id }}"
cluster_id: "{{ cluster_id }}"
engine: aurora
state: present
db_instance_class: "{{ aurora_db_instance_class }}"
tags:
CreatedBy: rds_instance integration tests
<<: *aws_connection_info
register: result
- assert:
that:
- result.changed
- "result.db_instance_identifier == '{{ instance_id }}'"
- "result.tags | length == 1"
- name: Modify tags
rds_instance:
id: "{{ instance_id }}"
state: present
tags:
Test: rds_instance
<<: *aws_connection_info
register: result
- assert:
that:
- result.changed
- result.tags | length == 1
- "result.tags.Test == 'rds_instance'"
- name: Test idempotence
rds_instance:
id: "{{ instance_id }}"
state: present
<<: *aws_connection_info
register: result
- assert:
that:
- not result.changed
- name: Attempt to modify password (a cluster-managed attribute)
rds_instance:
id: "{{ instance_id }}"
state: present
password: "{{ password }}"
force_update_password: True
apply_immediately: True
<<: *aws_connection_info
register: result
ignore_errors: yes
- assert:
that:
- result.failed
- "'Modify master user password for the DB Cluster using the ModifyDbCluster API' in result.msg"
- "'Please see rds_cluster' in result.msg"
- name: Modify aurora instance port (a cluster-managed attribute)
rds_instance:
id: "{{ instance_id }}"
state: present
port: 1150
<<: *aws_connection_info
register: result
ignore_errors: yes
- assert:
that:
- not result.changed
- "'Modify database endpoint port number for the DB Cluster using the ModifyDbCluster API' in result.msg"
- "'Please see rds_cluster' in result.msg"
- name: Modify Aurora instance identifier
rds_instance:
id: "{{ instance_id }}"
state: present
purge_tags: False
new_id: "{{ modified_instance_id }}"
apply_immediately: True
<<: *aws_connection_info
register: result
- assert:
that:
- result.changed
- "result.db_instance_identifier == '{{ modified_instance_id }}'"
always:
- name: Delete the instance
rds_instance:
id: "{{ item }}"
state: absent
skip_final_snapshot: True
<<: *aws_connection_info
loop:
- "{{ instance_id }}"
- "{{ modified_instance_id }}"
ignore_errors: yes
- name: Delete the cluster
rds_cluster:
cluster_id: "{{ cluster_id }}"
state: absent
skip_final_snapshot: True
<<: *aws_connection_info
ignore_errors: yes

View file

@ -0,0 +1,41 @@
---
- block:
- name: set up aws connection info
set_fact:
aws_connection_info: &aws_connection_info
aws_access_key: "{{ aws_access_key }}"
aws_secret_key: "{{ aws_secret_key }}"
security_token: "{{ security_token }}"
region: "{{ aws_region }}"
no_log: yes
- name: Ensure the resource doesn't exist
rds_instance:
id: "{{ instance_id }}"
state: absent
skip_final_snapshot: True
<<: *aws_connection_info
register: result
- assert:
that:
- not result.changed
ignore_errors: yes
- name: Create a DB instance with an invalid engine
rds_instance:
id: "{{ instance_id }}"
state: present
engine: thisisnotavalidengine
username: "{{ username }}"
password: "{{ password }}"
db_instance_class: "{{ db_instance_class }}"
allocated_storage: "{{ allocated_storage }}"
<<: *aws_connection_info
register: result
ignore_errors: True
- assert:
that:
- result.failed
- '"DB engine thisisnotavalidengine should be one of" in result.msg'

View file

@ -0,0 +1,53 @@
---
- block:
- name: set up aws connection info
set_fact:
aws_connection_info: &aws_connection_info
aws_access_key: "{{ aws_access_key }}"
aws_secret_key: "{{ aws_secret_key }}"
security_token: "{{ security_token }}"
region: "{{ aws_region }}"
no_log: yes
- name: Ensure the resource doesn't exist
rds_instance:
id: "{{ instance_id }}"
state: absent
skip_final_snapshot: True
<<: *aws_connection_info
register: result
- assert:
that:
- not result.changed
ignore_errors: yes
- name: Create a mariadb instance
rds_instance:
id: "{{ instance_id }}"
state: present
engine: mariadb
username: "{{ username }}"
password: "{{ password }}"
db_instance_class: "{{ storage_encrypted_db_instance_class }}"
allocated_storage: "{{ allocated_storage }}"
storage_encrypted: True
<<: *aws_connection_info
register: result
- assert:
that:
- result.changed
- "result.db_instance_identifier == '{{ instance_id }}'"
- result.kms_key_id
- result.storage_encrypted == true
always:
- name: Delete DB instance
rds_instance:
id: "{{ instance_id }}"
state: absent
skip_final_snapshot: True
<<: *aws_connection_info
register: result

View file

@ -0,0 +1,85 @@
---
- block:
- name: set up aws connection info
set_fact:
aws_connection_info: &aws_connection_info
aws_access_key: "{{ aws_access_key }}"
aws_secret_key: "{{ aws_secret_key }}"
security_token: "{{ security_token }}"
region: "{{ aws_region }}"
no_log: yes
- name: Ensure the resource doesn't exist
rds_instance:
id: "{{ instance_id }}"
state: absent
skip_final_snapshot: True
<<: *aws_connection_info
register: result
- assert:
that:
- not result.changed
ignore_errors: yes
- name: Create a mariadb instance
rds_instance:
id: "{{ instance_id }}"
state: present
engine: mariadb
username: "{{ username }}"
password: "{{ password }}"
db_instance_class: "{{ db_instance_class }}"
allocated_storage: "{{ allocated_storage }}"
<<: *aws_connection_info
register: result
- name: Delete the DB instance
rds_instance:
id: "{{ instance_id }}"
state: absent
final_snapshot_identifier: "{{ instance_id }}"
<<: *aws_connection_info
register: result
- assert:
that:
- result.changed
- "result.final_snapshot.db_instance_identifier == '{{ instance_id }}'"
- name: Check that snapshot exists
rds_snapshot_facts:
db_snapshot_identifier: "{{ instance_id }}"
<<: *aws_connection_info
register: result
- assert:
that:
- "result.snapshots | length == 1"
- "result.snapshots.0.engine == 'mariadb'"
always:
- name: Use AWS CLI to delete the snapshot
command: "aws rds delete-db-snapshot --db-snapshot-identifier '{{ instance_id }}'"
environment:
AWS_ACCESS_KEY_ID: "{{ aws_access_key }}"
AWS_SECRET_ACCESS_KEY: "{{ aws_secret_key }}"
AWS_SESSION_TOKEN: "{{ security_token }}"
AWS_DEFAULT_REGION: "{{ aws_region }}"
# TODO: Uncomment once rds_snapshot module exists
#- name: Remove the snapshot
# rds_snapshot:
# db_snapshot_identifier: "{{ instance_id }}"
# state: absent
# <<: *aws_connection_info
# ignore_errors: yes
- name: Remove the DB instance
rds_instance:
id: "{{ instance_id }}"
state: absent
skip_final_snapshot: True
<<: *aws_connection_info
ignore_errors: yes

View file

@ -0,0 +1,199 @@
---
- block:
- name: set up aws connection info
set_fact:
aws_connection_info: &aws_connection_info
aws_access_key: "{{ aws_access_key }}"
aws_secret_key: "{{ aws_secret_key }}"
security_token: "{{ security_token }}"
region: "{{ aws_region }}"
no_log: yes
- name: Ensure the resource doesn't exist
rds_instance:
id: "{{ instance_id }}"
state: absent
skip_final_snapshot: True
<<: *aws_connection_info
register: result
- assert:
that:
- not result.changed
ignore_errors: yes
- name: Create a mariadb instance
rds_instance:
id: "{{ instance_id }}"
state: present
engine: mariadb
username: "{{ username }}"
password: "{{ password }}"
db_instance_class: "{{ db_instance_class }}"
allocated_storage: "{{ allocated_storage }}"
<<: *aws_connection_info
register: result
- assert:
that:
- result.changed
- "result.db_instance_identifier == '{{ instance_id }}'"
- name: Modify the instance name without immediate application
rds_instance:
id: "{{ instance_id }}"
state: present
new_id: "{{ modified_instance_id }}"
apply_immediately: False
<<: *aws_connection_info
register: result
- assert:
that:
- result.changed
- 'result.db_instance_identifier == "{{ instance_id }}"'
- name: Immediately apply the pending update
rds_instance:
id: "{{ instance_id }}"
state: present
new_id: "{{ modified_instance_id }}"
apply_immediately: True
<<: *aws_connection_info
register: result
- assert:
that:
- result.changed
- 'result.db_instance_identifier == "{{ modified_instance_id }}"'
- name: Modify the instance immediately
rds_instance:
id: '{{ modified_instance_id }}'
state: present
new_id: '{{ instance_id }}'
apply_immediately: True
<<: *aws_connection_info
register: result
- assert:
that:
- result.changed
- 'result.db_instance_identifier == "{{ instance_id }}"'
- name: Check mode - modify the password
rds_instance:
id: '{{ instance_id }}'
state: present
password: '{{ password }}'
force_update_password: True
apply_immediately: True
<<: *aws_connection_info
register: result
check_mode: True
- assert:
that:
- result.changed
- name: Modify the password
rds_instance:
id: '{{ instance_id }}'
state: present
password: '{{ password }}'
force_update_password: True
apply_immediately: True
<<: *aws_connection_info
register: result
- assert:
that:
- result.changed
# TODO: test modifying db_subnet_group_name, db_security_groups, db_parameter_group_name, option_group_name,
# monitoring_role_arn, monitoring_interval, domain, domain_iam_role_name, cloudwatch_logs_export_configuration
- name: Modify several attributes
rds_instance:
id: '{{ instance_id }}'
state: present
allocated_storage: 30
db_instance_class: "{{ modified_db_instance_class }}"
backup_retention_period: 2
preferred_backup_window: "05:00-06:00"
preferred_maintenance_window: "mon:06:20-mon:06:50"
engine_version: "10.1.26"
allow_major_version_upgrade: true
auto_minor_version_upgrade: false
port: 1150
apply_immediately: True
<<: *aws_connection_info
register: result
- assert:
that:
- result.changed
- result.pending_modified_values.allocated_storage == 30
- result.pending_modified_values.port == 1150
- 'result.pending_modified_values.db_instance_class == "db.t2.medium"'
- 'result.pending_modified_values.engine_version == "10.1.26"'
- name: Idempotence modifying several pending attributes
rds_instance:
id: '{{ instance_id }}'
state: present
allocated_storage: 30
db_instance_class: "{{ modified_db_instance_class }}"
backup_retention_period: 2
preferred_backup_window: "05:00-06:00"
preferred_maintenance_window: "mon:06:20-mon:06:50"
engine_version: "10.1.26"
allow_major_version_upgrade: true
auto_minor_version_upgrade: false
port: 1150
<<: *aws_connection_info
register: result
retries: 30
delay: 10
until: result is not failed
- assert:
that:
- not result.changed
- '"allocated_storage" in result.pending_modified_values or result.allocated_storage == 30'
- '"port" in result.pending_modified_values or result.endpoint.port == 1150'
- '"db_instance_class" in result.pending_modified_values or result.db_instance_class == "db.t2.medium"'
- '"engine_version" in result.pending_modified_values or result.engine_version == "10.1.26"'
- name: Reboot the instance to update the modified values and add tags
rds_instance:
id: '{{ instance_id }}'
state: rebooted
tags:
Created_by: Ansible rds_instance tests
<<: *aws_connection_info
register: result
- name: Delete the instance
rds_instance:
id: '{{ instance_id }}'
state: absent
skip_final_snapshot: True
<<: *aws_connection_info
register: result
- assert:
that:
- result.changed
- '"pending_modified_values" not in result'
always:
- name: Delete the instance
rds_instance:
id: '{{ item }}'
state: absent
skip_final_snapshot: True
<<: *aws_connection_info
loop: ['{{ instance_id }}', '{{ modified_instance_id }}']
ignore_errors: yes

View file

@ -0,0 +1,126 @@
---
- block:
- name: set up aws connection info
set_fact:
aws_connection_info: &aws_connection_info
aws_access_key: "{{ aws_access_key }}"
aws_secret_key: "{{ aws_secret_key }}"
security_token: "{{ security_token }}"
region: "{{ aws_region }}"
no_log: yes
- name: Ensure the resource doesn't exist
rds_instance:
id: "{{ instance_id }}"
state: absent
skip_final_snapshot: True
<<: *aws_connection_info
register: result
- assert:
that:
- not result.changed
ignore_errors: yes
- name: Create an oracle-ee DB instance
rds_instance:
id: "{{ instance_id }}"
state: present
engine: oracle-ee
username: "{{ username }}"
password: "{{ password }}"
db_instance_class: "{{ oracle_ee_db_instance_class }}"
allocated_storage: "{{ allocated_storage }}"
storage_encrypted: True
processor_features: "{{ processor_features }}"
<<: *aws_connection_info
register: result
- assert:
that:
- result.changed
- 'result.processor_features.coreCount == "{{ processor_features.coreCount }}"'
- 'result.processor_features.threadsPerCore == "{{ processor_features.threadsPerCore }}"'
- name: Check mode - modify the processor features
rds_instance:
id: "{{ instance_id }}"
state: present
engine: oracle-ee
username: "{{ username }}"
password: "{{ password }}"
db_instance_class: "{{ oracle_ee_db_instance_class }}"
allocated_storage: "{{ allocated_storage }}"
storage_encrypted: True
processor_features: "{{ modified_processor_features }}"
apply_immediately: true
<<: *aws_connection_info
register: result
check_mode: True
- assert:
that:
- result.changed
- name: Modify the processor features
rds_instance:
id: "{{ instance_id }}"
state: present
engine: oracle-ee
username: "{{ username }}"
password: "{{ password }}"
db_instance_class: "{{ oracle_ee_db_instance_class }}"
allocated_storage: "{{ allocated_storage }}"
storage_encrypted: True
processor_features: "{{ modified_processor_features }}"
apply_immediately: true
<<: *aws_connection_info
register: result
- assert:
that:
- result.changed
- 'result.pending_modified_values.processor_features.coreCount == "{{ modified_processor_features.coreCount }}"'
- 'result.pending_modified_values.processor_features.threadsPerCore == "{{ modified_processor_features.threadsPerCore }}"'
- name: Check mode - use the default processor features
rds_instance:
id: "{{ instance_id }}"
state: present
processor_features: {}
apply_immediately: True
<<: *aws_connection_info
register: result
- assert:
that:
- result.changed
- name: Use the default processor features
rds_instance:
id: "{{ instance_id }}"
state: present
processor_features: {}
apply_immediately: True
<<: *aws_connection_info
register: result
- assert:
that:
- result.changed
- 'result.pending_modified_values.processor_features.coreCount == "DEFAULT"'
- 'result.pending_modified_values.processor_features.threadsPerCore == "DEFAULT"'
always:
- name: Delete the DB instance
rds_instance:
id: "{{ instance_id }}"
state: absent
skip_final_snapshot: True
<<: *aws_connection_info
register: result
- assert:
that:
- result.changed

View file

@ -0,0 +1,140 @@
---
- block:
- name: set the two regions for the source DB and the replica
set_fact:
region_src: "{{ aws_region }}"
region_dest: "us-east-2"
- name: set up aws connection info
set_fact:
aws_connection_info: &aws_connection_info
aws_access_key: "{{ aws_access_key }}"
aws_secret_key: "{{ aws_secret_key }}"
security_token: "{{ security_token }}"
no_log: yes
- name: Ensure the resource doesn't exist
rds_instance:
id: "{{ instance_id }}"
state: absent
skip_final_snapshot: True
region: "{{ region_src }}"
<<: *aws_connection_info
register: result
- assert:
that:
- not result.changed
ignore_errors: yes
- name: Create a source DB instance
rds_instance:
id: "{{ instance_id }}"
state: present
engine: mysql
backup_retention_period: 1
username: "{{ username }}"
password: "{{ password }}"
db_instance_class: "{{ db_instance_class }}"
allocated_storage: "{{ allocated_storage }}"
region: "{{ region_src }}"
<<: *aws_connection_info
register: source_db
- assert:
that:
- source_db.changed
- "source_db.db_instance_identifier == '{{ instance_id }}'"
- name: Create a read replica in a different region
rds_instance:
id: "{{ instance_id }}-replica"
state: present
source_db_instance_identifier: "{{ source_db.db_instance_arn }}"
engine: mysql
username: "{{ username }}"
password: "{{ password }}"
read_replica: True
db_instance_class: "{{ db_instance_class }}"
allocated_storage: "{{ allocated_storage }}"
region: "{{ region_dest }}"
<<: *aws_connection_info
register: result
- name: Test idempotence with a read replica
rds_instance:
id: "{{ instance_id }}-replica"
state: present
source_db_instance_identifier: "{{ source_db.db_instance_arn }}"
engine: mysql
username: "{{ username }}"
password: "{{ password }}"
db_instance_class: "{{ db_instance_class }}"
allocated_storage: "{{ allocated_storage }}"
region: "{{ region_dest }}"
<<: *aws_connection_info
register: result
- assert:
that:
- not result.changed
- name: Test idempotence with read_replica=True
rds_instance:
id: "{{ instance_id }}-replica"
state: present
read_replica: True
source_db_instance_identifier: "{{ source_db.db_instance_arn }}"
engine: mysql
username: "{{ username }}"
password: "{{ password }}"
db_instance_class: "{{ db_instance_class }}"
allocated_storage: "{{ allocated_storage }}"
region: "{{ region_dest }}"
<<: *aws_connection_info
register: result
- name: Promote the read replica
rds_instance:
id: "{{ instance_id }}-replica"
state: present
read_replica: False
region: "{{ region_dest }}"
<<: *aws_connection_info
register: result
- assert:
that:
- result.changed
- name: Test idempotence
rds_instance:
id: "{{ instance_id }}-replica"
state: present
read_replica: False
region: "{{ region_dest }}"
<<: *aws_connection_info
register: result
- assert:
that:
- not result.changed
always:
- name: Remove the DB instance
rds_instance:
id: "{{ instance_id }}"
state: absent
skip_final_snapshot: True
region: "{{ region_src }}"
<<: *aws_connection_info
- name: Remove the DB replica
rds_instance:
id: "{{ instance_id }}-replica"
state: absent
skip_final_snapshot: True
region: "{{ region_dest }}"
<<: *aws_connection_info

View file

@ -0,0 +1,198 @@
---
- block:
- name: set up aws connection info
set_fact:
aws_connection_info: &aws_connection_info
aws_access_key: "{{ aws_access_key }}"
aws_secret_key: "{{ aws_secret_key }}"
security_token: "{{ security_token }}"
region: "{{ aws_region }}"
no_log: yes
- name: Ensure the resource doesn't exist
rds_instance:
id: "{{ instance_id }}"
state: absent
skip_final_snapshot: True
<<: *aws_connection_info
register: result
- assert:
that:
- not result.changed
ignore_errors: yes
- name: Check Mode - Create a mariadb instance
rds_instance:
id: "{{ instance_id }}"
state: present
engine: mariadb
username: "{{ username }}"
password: "{{ password }}"
db_instance_class: "{{ db_instance_class }}"
allocated_storage: "{{ allocated_storage }}"
<<: *aws_connection_info
register: result
check_mode: yes
- assert:
that:
- result.changed
- name: Create a mariadb instance
rds_instance:
id: "{{ instance_id }}"
state: present
engine: mariadb
username: "{{ username }}"
password: "{{ password }}"
db_instance_class: "{{ db_instance_class }}"
allocated_storage: "{{ allocated_storage }}"
<<: *aws_connection_info
register: result
- assert:
that:
- result.changed
- "result.db_instance_identifier == '{{ instance_id }}'"
- name: Idempotence
rds_instance:
id: '{{ instance_id }}'
state: present
engine: mariadb
username: "{{ username }}"
password: "{{ password }}"
db_instance_class: "{{ db_instance_class }}"
allocated_storage: "{{ allocated_storage }}"
<<: *aws_connection_info
register: result
- assert:
that:
- not result.changed
- result.db_instance_identifier
- name: Idempotence with minimal options
rds_instance:
id: '{{ instance_id }}'
state: present
<<: *aws_connection_info
register: result
- assert:
that:
- not result.changed
- result.db_instance_identifier
- name: Check Mode - stop the instance
rds_instance:
id: '{{ instance_id }}'
state: stopped
<<: *aws_connection_info
register: result
check_mode: yes
- assert:
that:
- result.changed
- name: Stop the instance
rds_instance:
id: '{{ instance_id }}'
state: stopped
<<: *aws_connection_info
register: result
- assert:
that:
- result.changed
- name: Check Mode - idempotence
rds_instance:
id: '{{ instance_id }}'
state: stopped
<<: *aws_connection_info
register: result
check_mode: yes
- assert:
that:
- not result.changed
- name: Idempotence
rds_instance:
id: '{{ instance_id }}'
state: stopped
<<: *aws_connection_info
register: result
- assert:
that:
- not result.changed
- name: Check mode - reboot a stopped instance
rds_instance:
id: '{{ instance_id }}'
state: rebooted
<<: *aws_connection_info
register: result
check_mode: yes
- assert:
that:
- result.changed
- name: Reboot a stopped instance
rds_instance:
id: '{{ instance_id }}'
state: rebooted
<<: *aws_connection_info
register: result
- assert:
that:
- result.changed
- name: Check Mode - start the instance
rds_instance:
id: '{{ instance_id }}'
state: started
<<: *aws_connection_info
register: result
check_mode: yes
- assert:
that:
- not result.changed
- name: Stop the instance
rds_instance:
id: '{{ instance_id }}'
state: stopped
<<: *aws_connection_info
- name: Start the instance
rds_instance:
id: '{{ instance_id }}'
state: started
<<: *aws_connection_info
register: result
- assert:
that:
- result.changed
always:
- name: Remove DB instance
rds_instance:
id: '{{ instance_id }}'
state: absent
skip_final_snapshot: True
<<: *aws_connection_info
register: result
- assert:
that:
- result.changed

View file

@ -0,0 +1,131 @@
---
- block:
- name: set up aws connection info
set_fact:
aws_connection_info: &aws_connection_info
aws_access_key: "{{ aws_access_key }}"
aws_secret_key: "{{ aws_secret_key }}"
security_token: "{{ security_token }}"
region: "{{ aws_region }}"
no_log: yes
- name: Ensure the resource doesn't exist
rds_instance:
id: "{{ instance_id }}"
state: absent
skip_final_snapshot: True
<<: *aws_connection_info
register: result
- assert:
that:
- not result.changed
ignore_errors: yes
- name: Create a mariadb instance
rds_instance:
id: "{{ instance_id }}"
state: present
engine: mariadb
username: "{{ username }}"
password: "{{ password }}"
db_instance_class: "{{ db_instance_class }}"
allocated_storage: "{{ allocated_storage }}"
tags:
Name: "{{ instance_id }}"
Created_by: Ansible rds_instance tests
<<: *aws_connection_info
register: result
- assert:
that:
- result.changed
- "result.db_instance_identifier == '{{ instance_id }}'"
- "result.tags | length == 2"
- "result.tags.Name == '{{ instance_id }}'"
- "result.tags.Created_by == 'Ansible rds_instance tests'"
- name: Test idempotence omitting tags
rds_instance:
id: "{{ instance_id }}"
state: present
engine: mariadb
username: "{{ username }}"
password: "{{ password }}"
db_instance_class: "{{ db_instance_class }}"
allocated_storage: "{{ allocated_storage }}"
<<: *aws_connection_info
register: result
- assert:
that:
- not result.changed
- "result.tags | length == 2"
- name: Test tags are not purged if purge_tags is False
rds_instance:
id: "{{ instance_id }}"
state: present
engine: mariadb
username: "{{ username }}"
password: "{{ password }}"
db_instance_class: "{{ db_instance_class }}"
allocated_storage: "{{ allocated_storage }}"
tags: {}
purge_tags: False
<<: *aws_connection_info
register: result
- assert:
that:
- not result.changed
- "result.tags | length == 2"
- name: Add a tag and remove a tag
rds_instance:
id: "{{ instance_id }}"
state: present
tags:
Name: "{{ instance_id }}-new"
Created_by: Ansible rds_instance tests
purge_tags: True
<<: *aws_connection_info
register: result
- assert:
that:
- result.changed
- "result.tags | length == 2"
- "result.tags.Name == '{{ instance_id }}-new'"
- name: Remove all tags
rds_instance:
id: "{{ instance_id }}"
state: present
engine: mariadb
username: "{{ username }}"
password: "{{ password }}"
db_instance_class: "{{ db_instance_class }}"
allocated_storage: "{{ allocated_storage }}"
tags: {}
<<: *aws_connection_info
register: result
- assert:
that:
- result.changed
- not result.tags
always:
- name: Ensure the resource doesn't exist
rds_instance:
id: "{{ instance_id }}"
state: absent
skip_final_snapshot: True
<<: *aws_connection_info
register: result
- assert:
that:
- result.changed

View file

@ -0,0 +1,166 @@
---
- block:
- name: set up aws connection info
set_fact:
aws_connection_info: &aws_connection_info
aws_access_key: "{{ aws_access_key }}"
aws_secret_key: "{{ aws_secret_key }}"
security_token: "{{ security_token }}"
region: "{{ aws_region }}"
no_log: yes
- name: create a VPC
ec2_vpc_net:
name: "{{ resource_prefix }}-vpc"
state: present
cidr_block: "10.122.122.128/26"
tags:
Name: "{{ resource_prefix }}-vpc"
Description: "created by rds_instance integration tests"
<<: *aws_connection_info
register: vpc_result
- name: create subnets
ec2_vpc_subnet:
cidr: "{{ item.cidr }}"
az: "{{ item.zone }}"
vpc_id: "{{ vpc_result.vpc.id }}"
tags:
Name: "{{ resource_prefix }}-subnet"
Description: "created by rds_instance integration tests"
state: present
<<: *aws_connection_info
register: subnets_result
loop:
- {"cidr": "10.122.122.128/28", "zone": "{{ aws_region }}a"}
- {"cidr": "10.122.122.144/28", "zone": "{{ aws_region }}b"}
- {"cidr": "10.122.122.160/28", "zone": "{{ aws_region }}c"}
- {"cidr": "10.122.122.176/28", "zone": "{{ aws_region }}d"}
- name: Create security groups
ec2_group:
name: "{{ item }}"
description: "created by rds_instance integration tests"
state: present
<<: *aws_connection_info
register: sgs_result
loop:
- "{{ resource_prefix }}-sg-1"
- "{{ resource_prefix }}-sg-2"
- "{{ resource_prefix }}-sg-3"
- debug: var=sgs_result
- name: Ensure the resource doesn't exist
rds_instance:
id: "{{ instance_id }}"
state: absent
skip_final_snapshot: True
<<: *aws_connection_info
register: result
- assert:
that:
- not result.changed
ignore_errors: yes
- name: Create a DB instance in the VPC with two security groups
rds_instance:
id: "{{ instance_id }}"
state: present
engine: mariadb
username: "{{ username }}"
password: "{{ password }}"
db_instance_class: "{{ db_instance_class }}"
allocated_storage: "{{ allocated_storage }}"
vpc_security_group_ids:
- "{{ sgs_result.results.0.group_id }}"
- "{{ sgs_result.results.1.group_id }}"
<<: *aws_connection_info
register: result
- assert:
that:
- result.changed
- "result.db_instance_identifier == '{{ instance_id }}'"
- name: Add a new security group
rds_instance:
id: "{{ instance_id }}"
state: present
vpc_security_group_ids:
- "{{ sgs_result.results.2.group_id }}"
<<: *aws_connection_info
register: result
- assert:
that:
- result.changed
always:
- name: Ensure the resource doesn't exist
rds_instance:
id: "{{ instance_id }}"
state: absent
skip_final_snapshot: True
<<: *aws_connection_info
register: result
ignore_errors: yes
- name: Remove security groups
ec2_group:
name: "{{ item }}"
description: "created by rds_instance integration tests"
state: absent
<<: *aws_connection_info
register: sgs_result
loop:
- "{{ resource_prefix }}-sg-1"
- "{{ resource_prefix }}-sg-2"
- "{{ resource_prefix }}-sg-3"
- name: remove subnets
ec2_vpc_subnet:
cidr: "{{ item.cidr }}"
az: "{{ item.zone }}"
vpc_id: "{{ vpc_result.vpc.id }}"
tags:
Name: "{{ resource_prefix }}-subnet"
Description: "created by rds_instance integration tests"
state: absent
<<: *aws_connection_info
register: subnets
ignore_errors: yes
retries: 30
until: subnets is not failed
delay: 10
loop:
- {"cidr": "10.122.122.128/28", "zone": "{{ aws_region }}a"}
- {"cidr": "10.122.122.144/28", "zone": "{{ aws_region }}b"}
- {"cidr": "10.122.122.160/28", "zone": "{{ aws_region }}c"}
- {"cidr": "10.122.122.176/28", "zone": "{{ aws_region }}d"}
- name: create a VPC
ec2_vpc_net:
name: "{{ resource_prefix }}-vpc"
state: absent
cidr_block: "10.122.122.128/26"
tags:
Name: "{{ resource_prefix }}-vpc"
Description: "created by rds_instance integration tests"
<<: *aws_connection_info
register: vpc_result
ignore_errors: yes
retries: 30
until: vpc_result is not failed
delay: 10
- name: Ensure the resource doesn't exist
rds_instance:
id: "{{ instance_id }}"
state: absent
skip_final_snapshot: True
<<: *aws_connection_info
register: result
ignore_errors: yes