mirror of
				https://github.com/ansible-collections/community.general.git
				synced 2025-10-25 05:23:58 -07:00 
			
		
		
		
	[aws] Improve integration test suite for cloudfront (#37813)
Improve naming of one of the cloudfront tasks Change test_identifier back to resource_prefix now it's always lower case. More tests around using distribution_id and default_root_object
This commit is contained in:
		
					parent
					
						
							
								e2908ae8df
							
						
					
				
			
			
				commit
				
					
						261ad0aa87
					
				
			
		
					 1 changed files with 65 additions and 33 deletions
				
			
		|  | @ -1,8 +1,4 @@ | ||||||
| - block: | - block: | ||||||
|   - name: make sure resource prefix is lowercase |  | ||||||
|     set_fact: |  | ||||||
|       test_identifier: "{{ resource_prefix | lower }}" |  | ||||||
| 
 |  | ||||||
|   - name: set yaml anchor |   - name: set yaml anchor | ||||||
|     set_fact: |     set_fact: | ||||||
|       aws_connection_info: &aws_connection_info |       aws_connection_info: &aws_connection_info | ||||||
|  | @ -37,6 +33,19 @@ | ||||||
|       that: |       that: | ||||||
|         - not cf_dist_no_update.changed |         - not cf_dist_no_update.changed | ||||||
| 
 | 
 | ||||||
|  |   - name: re-run cloudfront distribution using distribution id | ||||||
|  |     cloudfront_distribution: | ||||||
|  |       distribution_id: "{{ cf_dist_no_update.id }}" | ||||||
|  |       purge_origins: no | ||||||
|  |       state: present | ||||||
|  |       <<: *aws_connection_info | ||||||
|  |     register: cf_dist_with_id | ||||||
|  | 
 | ||||||
|  |   - name: ensure distribution was not updated | ||||||
|  |     assert: | ||||||
|  |       that: | ||||||
|  |         - not cf_dist_with_id.changed | ||||||
|  | 
 | ||||||
|   - name: update origin http port |   - name: update origin http port | ||||||
|     cloudfront_distribution: |     cloudfront_distribution: | ||||||
|       alias: "{{ cloudfront_alias }}" |       alias: "{{ cloudfront_alias }}" | ||||||
|  | @ -92,8 +101,9 @@ | ||||||
|     cloudfront_distribution: |     cloudfront_distribution: | ||||||
|       alias: "{{ cloudfront_alias }}" |       alias: "{{ cloudfront_alias }}" | ||||||
|       origins: |       origins: | ||||||
|       - domain_name: "{{ test_identifier }}2.example.com" |       - domain_name: "{{ resource_prefix }}2.example.com" | ||||||
|         id: "{{ test_identifier }}2.example.com" |         id: "{{ resource_prefix }}2.example.com" | ||||||
|  |       default_root_object: index.html | ||||||
|       state: present |       state: present | ||||||
|       wait: yes |       wait: yes | ||||||
|       <<: *aws_connection_info |       <<: *aws_connection_info | ||||||
|  | @ -104,6 +114,7 @@ | ||||||
|       that: |       that: | ||||||
|         - cf_add_origin.origins.quantity == 2 |         - cf_add_origin.origins.quantity == 2 | ||||||
|         - cf_add_origin.changed |         - cf_add_origin.changed | ||||||
|  |         - "cf_add_origin.default_root_object == 'index.html'" | ||||||
| 
 | 
 | ||||||
|   - name: re-run second origin |   - name: re-run second origin | ||||||
|     cloudfront_distribution: |     cloudfront_distribution: | ||||||
|  | @ -112,7 +123,9 @@ | ||||||
|       - domain_name: "{{ cloudfront_hostname }}-origin.example.com" |       - domain_name: "{{ cloudfront_hostname }}-origin.example.com" | ||||||
|         custom_origin_config: |         custom_origin_config: | ||||||
|           http_port: 8080 |           http_port: 8080 | ||||||
|  |       - domain_name: "{{ resource_prefix }}2.example.com" | ||||||
|       - domain_name: "{{ test_identifier }}2.example.com" |       - domain_name: "{{ test_identifier }}2.example.com" | ||||||
|  |       default_root_object: index.html | ||||||
|       wait: yes |       wait: yes | ||||||
|       state: present |       state: present | ||||||
|       <<: *aws_connection_info |       <<: *aws_connection_info | ||||||
|  | @ -128,7 +141,7 @@ | ||||||
|     cloudfront_distribution: |     cloudfront_distribution: | ||||||
|       alias: "{{ cloudfront_alias }}" |       alias: "{{ cloudfront_alias }}" | ||||||
|       origins: |       origins: | ||||||
|       - domain_name: "{{ test_identifier }}2.example.com" |       - domain_name: "{{ resource_prefix }}2.example.com" | ||||||
|       - domain_name: "{{ cloudfront_hostname }}-origin.example.com" |       - domain_name: "{{ cloudfront_hostname }}-origin.example.com" | ||||||
|         custom_origin_config: |         custom_origin_config: | ||||||
|           http_port: 8080 |           http_port: 8080 | ||||||
|  | @ -147,9 +160,9 @@ | ||||||
|     cloudfront_distribution: |     cloudfront_distribution: | ||||||
|       alias: "{{ cloudfront_alias }}" |       alias: "{{ cloudfront_alias }}" | ||||||
|       origins: |       origins: | ||||||
|       - domain_name: "{{ test_identifier }}2.example.com" |       - domain_name: "{{ resource_prefix }}2.example.com" | ||||||
|       default_cache_behavior: |       default_cache_behavior: | ||||||
|         target_origin_id: "{{ test_identifier }}2.example.com" |         target_origin_id: "{{ resource_prefix }}2.example.com" | ||||||
|       purge_origins: yes |       purge_origins: yes | ||||||
|       state: present |       state: present | ||||||
|       <<: *aws_connection_info |       <<: *aws_connection_info | ||||||
|  | @ -161,14 +174,31 @@ | ||||||
|         - cf_purge_origin.origins.quantity == 1 |         - cf_purge_origin.origins.quantity == 1 | ||||||
|         - cf_purge_origin.changed |         - cf_purge_origin.changed | ||||||
| 
 | 
 | ||||||
|   - name: add tags to existing distribution |   - name: update default_root_object of existing distribution | ||||||
|     cloudfront_distribution: |     cloudfront_distribution: | ||||||
|       alias: "{{ cloudfront_alias }}" |       alias: "{{ cloudfront_alias }}" | ||||||
|       origins: |       origins: | ||||||
|       - domain_name: "{{ test_identifier }}2.example.com" |       - domain_name: "{{ test_identifier }}2.example.com" | ||||||
|  |       default_root_object: index.php | ||||||
|  |       state: present | ||||||
|  |       <<: *aws_connection_info | ||||||
|  |     register: cf_update_default_root_object | ||||||
|  | 
 | ||||||
|  |   - name: ensure origin was updated | ||||||
|  |     assert: | ||||||
|  |       that: | ||||||
|  |         - "cf_update_default_root_object.default_root_object == 'index.php'" | ||||||
|  |         - cf_update_default_root_object.changed | ||||||
|  | 
 | ||||||
|  |   - name: add tags to existing distribution | ||||||
|  |     cloudfront_distribution: | ||||||
|  |       alias: "{{ cloudfront_alias }}" | ||||||
|  |       origins: | ||||||
|  |       - domain_name: "{{ resource_prefix }}2.example.com" | ||||||
|       tags: |       tags: | ||||||
|         Name: "{{ cloudfront_alias }}" |         Name: "{{ cloudfront_alias }}" | ||||||
|         Another: tag |         Another: tag | ||||||
|  |       default_root_object: index.php | ||||||
|       state: present |       state: present | ||||||
|       <<: *aws_connection_info |       <<: *aws_connection_info | ||||||
|     register: cf_add_tags |     register: cf_add_tags | ||||||
|  | @ -191,8 +221,8 @@ | ||||||
|     cloudfront_distribution: |     cloudfront_distribution: | ||||||
|       alias: "{{ cloudfront_alias }}" |       alias: "{{ cloudfront_alias }}" | ||||||
|       origins: |       origins: | ||||||
|       - domain_name: "{{ test_identifier }}2.example.com" |       - domain_name: "{{ resource_prefix }}2.example.com" | ||||||
|         id: "{{ test_identifier }}2.example.com" |         id: "{{ resource_prefix }}2.example.com" | ||||||
|       tags: |       tags: | ||||||
|         Name: "{{ cloudfront_alias }}" |         Name: "{{ cloudfront_alias }}" | ||||||
|         Another: tag |         Another: tag | ||||||
|  | @ -211,8 +241,8 @@ | ||||||
|     cloudfront_distribution: |     cloudfront_distribution: | ||||||
|       alias: "{{ cloudfront_alias }}" |       alias: "{{ cloudfront_alias }}" | ||||||
|       origins: |       origins: | ||||||
|       - domain_name: "{{ test_identifier }}2.example.com" |       - domain_name: "{{ resource_prefix }}2.example.com" | ||||||
|         id: "{{ test_identifier }}2.example.com" |         id: "{{ resource_prefix }}2.example.com" | ||||||
|       tags: |       tags: | ||||||
|         Name: "{{ cloudfront_alias }}" |         Name: "{{ cloudfront_alias }}" | ||||||
|         Another: tag |         Another: tag | ||||||
|  | @ -230,7 +260,7 @@ | ||||||
|     cloudfront_distribution: |     cloudfront_distribution: | ||||||
|       alias: "{{ cloudfront_alias }}" |       alias: "{{ cloudfront_alias }}" | ||||||
|       origins: |       origins: | ||||||
|       - domain_name: "{{ test_identifier }}2.example.com" |       - domain_name: "{{ resource_prefix }}2.example.com" | ||||||
|       tags: |       tags: | ||||||
|         Third: thing |         Third: thing | ||||||
|       purge_tags: no |       purge_tags: no | ||||||
|  | @ -249,7 +279,7 @@ | ||||||
|     cloudfront_distribution: |     cloudfront_distribution: | ||||||
|       alias: "{{ cloudfront_alias }}" |       alias: "{{ cloudfront_alias }}" | ||||||
|       origins: |       origins: | ||||||
|       - domain_name: "{{ test_identifier }}2.example.com" |       - domain_name: "{{ resource_prefix }}2.example.com" | ||||||
|       cache_behaviors: "{{ cloudfront_test_cache_behaviors }}" |       cache_behaviors: "{{ cloudfront_test_cache_behaviors }}" | ||||||
|       state: present |       state: present | ||||||
|       <<: *aws_connection_info |       <<: *aws_connection_info | ||||||
|  | @ -259,7 +289,7 @@ | ||||||
|     cloudfront_distribution: |     cloudfront_distribution: | ||||||
|       alias: "{{ cloudfront_alias }}" |       alias: "{{ cloudfront_alias }}" | ||||||
|       origins: |       origins: | ||||||
|       - domain_name: "{{ test_identifier }}2.example.com" |       - domain_name: "{{ resource_prefix }}2.example.com" | ||||||
|       cache_behaviors: "{{ cloudfront_test_cache_behaviors|reverse|list }}" |       cache_behaviors: "{{ cloudfront_test_cache_behaviors|reverse|list }}" | ||||||
|       state: present |       state: present | ||||||
|       <<: *aws_connection_info |       <<: *aws_connection_info | ||||||
|  | @ -275,7 +305,7 @@ | ||||||
|     cloudfront_distribution: |     cloudfront_distribution: | ||||||
|       alias: "{{ cloudfront_alias }}" |       alias: "{{ cloudfront_alias }}" | ||||||
|       origins: |       origins: | ||||||
|       - domain_name: "{{ test_identifier }}2.example.com" |       - domain_name: "{{ resource_prefix }}2.example.com" | ||||||
|       cache_behaviors: "{{ cloudfront_test_cache_behaviors|reverse|list }}" |       cache_behaviors: "{{ cloudfront_test_cache_behaviors|reverse|list }}" | ||||||
|       purge_cache_behaviors: yes |       purge_cache_behaviors: yes | ||||||
|       state: present |       state: present | ||||||
|  | @ -292,8 +322,8 @@ | ||||||
|     cloudfront_distribution: |     cloudfront_distribution: | ||||||
|       alias: "{{ cloudfront_alias }}" |       alias: "{{ cloudfront_alias }}" | ||||||
|       origins: |       origins: | ||||||
|       - domain_name: "{{ test_identifier }}3.example.com" |       - domain_name: "{{ resource_prefix }}3.example.com" | ||||||
|         id: "{{ test_identifier }}3.example.com" |         id: "{{ resource_prefix }}3.example.com" | ||||||
|       purge_origins: yes |       purge_origins: yes | ||||||
|       state: present |       state: present | ||||||
|       <<: *aws_connection_info |       <<: *aws_connection_info | ||||||
|  | @ -311,13 +341,13 @@ | ||||||
|   #  cloudfront_distribution: |   #  cloudfront_distribution: | ||||||
|   #    alias: "{{ cloudfront_alias }}" |   #    alias: "{{ cloudfront_alias }}" | ||||||
|   #    origins: |   #    origins: | ||||||
|   #    - domain_name: "{{ test_identifier }}3.example.com" |   #    - domain_name: "{{ resource_prefix }}3.example.com" | ||||||
|   #      id: "{{ test_identifier }}3.example.com" |   #      id: "{{ resource_prefix }}3.example.com" | ||||||
|   #    cache_behaviors: |   #    cache_behaviors: | ||||||
|   #      - path_pattern: /test/path |   #      - path_pattern: /test/path | ||||||
|   #        target_origin_id: "{{ test_identifier }}3.example.com" |   #        target_origin_id: "{{ resource_prefix }}3.example.com" | ||||||
|   #      - path_pattern: /another/path |   #      - path_pattern: /another/path | ||||||
|   #        target_origin_id: "{{ test_identifier }}3.example.com" |   #        target_origin_id: "{{ resource_prefix }}3.example.com" | ||||||
|   #    state: present |   #    state: present | ||||||
|   #    aws_access_key: "{{ aws_access_key|default(omit) }}" |   #    aws_access_key: "{{ aws_access_key|default(omit) }}" | ||||||
|   #    aws_secret_key: "{{ aws_secret_key|default(omit) }}" |   #    aws_secret_key: "{{ aws_secret_key|default(omit) }}" | ||||||
|  | @ -326,8 +356,10 @@ | ||||||
|   #  register: update_cache_behaviors in use |   #  register: update_cache_behaviors in use | ||||||
| 
 | 
 | ||||||
|   - name: create an s3 bucket for next test |   - name: create an s3 bucket for next test | ||||||
|  |     # note that although public-read allows reads that we want to stop with origin_access_identity, | ||||||
|  |     # we also need to test without origin_access_identity and it's hard to change bucket perms later | ||||||
|     aws_s3: |     aws_s3: | ||||||
|       bucket: "{{ test_identifier }}-bucket" |       bucket: "{{ resource_prefix }}-bucket" | ||||||
|       mode: create |       mode: create | ||||||
|       <<: *aws_connection_info |       <<: *aws_connection_info | ||||||
| 
 | 
 | ||||||
|  | @ -335,8 +367,8 @@ | ||||||
|     cloudfront_distribution: |     cloudfront_distribution: | ||||||
|       alias: "{{ cloudfront_alias }}" |       alias: "{{ cloudfront_alias }}" | ||||||
|       origins: |       origins: | ||||||
|       - domain_name: "{{ test_identifier }}-bucket.{{ aws_region }}.s3.amazonaws.com" |       - domain_name: "{{ resource_prefix }}-bucket.s3.amazonaws.com" | ||||||
|         id: "{{ test_identifier }}3.example.com" |         id: "{{ resource_prefix }}3.example.com" | ||||||
|         s3_origin_access_identity_enabled: yes |         s3_origin_access_identity_enabled: yes | ||||||
|       state: present |       state: present | ||||||
|       <<: *aws_connection_info |       <<: *aws_connection_info | ||||||
|  | @ -353,8 +385,8 @@ | ||||||
|     cloudfront_distribution: |     cloudfront_distribution: | ||||||
|       alias: "{{ cloudfront_alias }}" |       alias: "{{ cloudfront_alias }}" | ||||||
|       origins: |       origins: | ||||||
|       - domain_name: "{{ test_identifier }}-bucket.{{ aws_region }}.s3.amazonaws.com" |       - domain_name: "{{ resource_prefix }}-bucket.s3.amazonaws.com" | ||||||
|         id: "{{ test_identifier }}3.example.com" |         id: "{{ resource_prefix }}3.example.com" | ||||||
|         s3_origin_access_identity_enabled: no |         s3_origin_access_identity_enabled: no | ||||||
|       state: present |       state: present | ||||||
|       <<: *aws_connection_info |       <<: *aws_connection_info | ||||||
|  | @ -369,16 +401,16 @@ | ||||||
| 
 | 
 | ||||||
|   - name: delete the s3 bucket |   - name: delete the s3 bucket | ||||||
|     aws_s3: |     aws_s3: | ||||||
|       bucket: "{{ test_identifier }}-bucket" |       bucket: "{{ resource_prefix }}-bucket" | ||||||
|       mode: delete |       mode: delete | ||||||
|       <<: *aws_connection_info |       <<: *aws_connection_info | ||||||
| 
 | 
 | ||||||
|   - name: update origin to remove s3 origin access identity |   - name: check that custom_origin_config can't be used with origin_access_identity enabled | ||||||
|     cloudfront_distribution: |     cloudfront_distribution: | ||||||
|       alias: "{{ cloudfront_alias }}" |       alias: "{{ cloudfront_alias }}" | ||||||
|       origins: |       origins: | ||||||
|       - domain_name: "{{ test_identifier }}-bucket.{{ aws_region }}.s3.amazonaws.com" |       - domain_name: "{{ resource_prefix }}-bucket.s3.amazonaws.com" | ||||||
|         id: "{{ test_identifier }}3.example.com" |         id: "{{ resource_prefix }}3.example.com" | ||||||
|         s3_origin_access_identity_enabled: yes |         s3_origin_access_identity_enabled: yes | ||||||
|         custom_origin_config: |         custom_origin_config: | ||||||
|           origin_protocol_policy: 'http-only' |           origin_protocol_policy: 'http-only' | ||||||
|  |  | ||||||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue