aws_eks_cluster: Add wait functionality (#42259)

* aws_eks_cluster: Improve output documentation This data is already returned by the module, it just wasn't documented. These fields are required for accessing the created Kubernetes API with e.g. the k8s_raw module. * aws_eks_cluster: Add wait functionality This enables further cluster configuration once it's created and active. 20 minutes was chosen as an arbitrary default, so that if it takes longer than the documented "usually less than 10 minutes" it's still likely to succeed. * Correct security group name in aws_eks tests * Improve teardown of aws_eks tests Fix minor teardown issues. The `pause` step is a placeholder until a waiter for `state: absent`
2025-07-24 22:00:22 -07:00 · 2018-07-04 15:30:57 +03:00 · 2018-07-04 15:30:57 +03:00 · 6412cbf84b
commit 6412cbf84b
parent 8590465d96
4 changed files with 125 additions and 4 deletions
--- a/test/integration/targets/aws_eks/playbooks/roles/aws_eks/defaults/main.yml
+++ b/test/integration/targets/aws_eks/playbooks/roles/aws_eks/defaults/main.yml
@ -21,7 +21,7 @@ eks_security_groups:
        from_port: 1025
        to_port: 65535
        proto: tcp
-  - name: "{{ eks_cluster_name }}-worker-sg"
+  - name: "{{ eks_cluster_name }}-workers-sg"
    description: "EKS Worker Security Group"
    rules:
      - group_name: "{{ eks_cluster_name }}-workers-sg"
--- a/test/integration/targets/aws_eks/playbooks/roles/aws_eks/tasks/main.yml
+++ b/test/integration/targets/aws_eks/playbooks/roles/aws_eks/tasks/main.yml
@ -106,6 +106,27 @@
          - eks_create is changed
          - eks_create.name == eks_cluster_name

+    - name: create EKS cluster with same details but wait for it to become active
+      aws_eks_cluster:
+        name: "{{ eks_cluster_name }}"
+        security_groups: "{{ eks_security_groups | json_query('[].name') }}"
+        subnets: "{{ setup_subnets.results | json_query('[].subnet.id') }}"
+        role_arn: "{{ iam_role.arn }}"
+        wait: yes
+        <<: *aws_connection_info
+      register: eks_create
+
+    - name: Check that EKS cluster is active and has CA and endpoint data
+      assert:
+        that:
+          - eks_create is not changed
+          - eks_create.name == eks_cluster_name
+          - eks_create.status == "ACTIVE"
+          - eks_create.certificate_authority.data is defined
+          - eks_create.certificate_authority.data != ""
+          - eks_create.endpoint is defined
+          - eks_create.endpoint != ""
+
    - name: create EKS cluster with same details but using SG ids
      aws_eks_cluster:
        name: "{{ eks_cluster_name }}"
@ -146,6 +167,9 @@
      register: eks_delete
      ignore_errors: yes

+    - pause:
+        minutes: 5
+
    - debug:
        msg: "{{ eks_security_groups|reverse|list }}"

@ -154,6 +178,19 @@
        additional_eks_sg:
          - name: "{{ eks_cluster_name }}-workers-sg"

+    - name: set all security group rule lists to empty to remove circular dependency
+      ec2_group:
+        name: "{{ item.name }}"
+        description: "{{ item.description }}"
+        state: present
+        rules: []
+        rules_egress: []
+        purge_rules: yes
+        purge_rules_egress: yes
+        vpc_id: '{{ setup_vpc.vpc.id }}'
+        <<: *aws_connection_info
+      with_items: "{{ eks_security_groups }}"
+
    - name: remove security groups
      ec2_group:
        name: '{{ item.name }}'