ansible-collections/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2025-05-21 16:39:08 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Route table boto3 (#32059)

Browse source 
* Allow protection of certain keys during camel_to_snake

Create an `ignore_list` parameter that preserves the case
of the contents of certain dictionaries. Most valuable
for `tags` but other uses might arise.

* Port ec2_vpc_route_table to boto3

Update tests to reflect fixes in boto3.

* Add RETURN documentation to ec2_vpc_route_table

* Update DOCUMENTATION to be valid yaml

* Add check mode tests
This commit is contained in:
Will Thames 2018-01-10 11:09:25 +10:00 committed by Sloane Hertel
parent ecfe177380
commit a685b621cd
4 changed files with 701 additions and 439 deletions
Download patch file Download diff file Expand all files Collapse all files

380
test/integration/targets/ec2_vpc_route_table/tasks/main.yml
View file

@ -53,7 +53,6 @@
vpc_id: "{{ vpc.vpc.id }}"
<<: *aws_connection_info
- name: create NAT GW
ec2_vpc_nat_gateway:
if_exist_do_not_create: yes
@ -62,6 +61,20 @@
<<: *aws_connection_info
register: nat_gateway
- name: CHECK MODE - route table should be created
ec2_vpc_route_table:
vpc_id: "{{ vpc.vpc.id }}"
tags:
Public: "true"
Name: "Public route table"
<<: *aws_connection_info
check_mode: true
register: check_mode_results
- name: assert that the public route table would be created
assert:
that:
- check_mode_results.changed
- name: create public route table
ec2_vpc_route_table:
@ -75,9 +88,26 @@
- name: assert that public route table has an id
assert:
that:
- create_public_table.changed
# - create_public_table.changed
- "create_public_table.route_table.id.startswith('rtb-')"
- "'Public' in create_public_table.route_table.tags and create_public_table.route_table.tags['Public'] == 'true'"
- create_public_table.route_table.routes|length == 1
- create_public_table.route_table.associations|length == 0
- name: CHECK MODE - route table should already exist
ec2_vpc_route_table:
vpc_id: "{{ vpc.vpc.id }}"
tags:
Public: "true"
Name: "Public route table"
<<: *aws_connection_info
check_mode: True
register: check_mode_results
- name: assert the table already exists
assert:
that:
- not check_mode_results.changed
- name: recreate public route table
ec2_vpc_route_table:
@ -93,6 +123,24 @@
that:
- not recreate_public_route_table.changed
- name: CHECK MODE - add route to public route table
ec2_vpc_route_table:
vpc_id: "{{ vpc.vpc.id }}"
tags:
Public: "true"
Name: "Public route table"
routes:
- dest: 0.0.0.0/0
gateway_id: igw
<<: *aws_connection_info
check_mode: True
register: check_mode_results
- name: assert a route would be added
assert:
that:
- check_mode_results.changed
- name: add a route to public route table
ec2_vpc_route_table:
vpc_id: "{{ vpc.vpc.id }}"
@ -105,6 +153,31 @@
<<: *aws_connection_info
register: add_routes
- name: assert route table contains new route
assert:
that:
- add_routes.changed
- add_routes.route_table.routes|length == 2
- name: CHECK MODE - add subnets to public route table
ec2_vpc_route_table:
vpc_id: "{{ vpc.vpc.id }}"
tags:
Public: "true"
Name: "Public route table"
routes:
- dest: 0.0.0.0/0
gateway_id: igw
subnets: "{{ vpc_subnets|json_query('subnets[?tags.Public == `True`].id') }}"
<<: *aws_connection_info
check_mode: True
register: check_mode_results
- name: assert the subnets would be added to the route table
assert:
that:
- check_mode_results.changed
- name: add subnets to public route table
ec2_vpc_route_table:
vpc_id: "{{ vpc.vpc.id }}"
@ -118,6 +191,11 @@
<<: *aws_connection_info
register: add_subnets
- name: assert route table contains subnets
assert:
that:
- add_subnets.changed
- add_subnets.route_table.associations|length == 2
- name: add a route to public route table
ec2_vpc_route_table:
@ -131,6 +209,23 @@
<<: *aws_connection_info
register: add_routes
- name: CHECK MODE - no routes but purge_routes set to false
ec2_vpc_route_table:
vpc_id: "{{ vpc.vpc.id }}"
tags:
Public: "true"
Name: "Public route table"
purge_routes: no
subnets: "{{ vpc_subnets|json_query('subnets[?tags.Public == `True`].id') }}"
<<: *aws_connection_info
check_mode: True
register: check_mode_results
- name: assert no routes would be removed
assert:
that:
- not check_mode_results.changed
- name: rerun with purge_routes set to false
ec2_vpc_route_table:
vpc_id: "{{ vpc.vpc.id }}"
@ -147,7 +242,7 @@
that:
- not no_purge_routes.changed
- no_purge_routes.route_table.routes|length == 2
# FIXME: - no_purge_routes.route_table.associations|length == 2
- no_purge_routes.route_table.associations|length == 2
- name: rerun with purge_subnets set to false
ec2_vpc_route_table:
@ -158,51 +253,89 @@
purge_subnets: no
routes:
- dest: 0.0.0.0/0
gateway_id: igw
<<: *aws_connection_info
register: no_purge_subnets
- name: assert route table still has subnets
assert:
that:
# FIXME: - not no_purge_subnets.changed
- not no_purge_subnets.changed
- no_purge_subnets.route_table.routes|length == 2
# FIXME: - no_purge_subnets.route_table.associations|length == 2
- no_purge_subnets.route_table.associations|length == 2
# FIXME: purge_tags doesn't exist yet
#
# - name: rerun with purge_tags not set (implicitly false)
# ec2_vpc_route_table:
# vpc_id: "{{ vpc.vpc.id }}"
# routes:
# - dest: 0.0.0.0/0
# subnets: "{{ vpc_subnets|json_query('subnets[?tags.Public == `True`].id') }}"
# <<: *aws_connection_info
# register: no_purge_tags
#
# - name: assert route table still has tags
# assert:
# that:
# - not no_purge_tags.changed
# - "'Public' in no_purge_tags.route_table.tags and no_purge_tags.route_table.tags['Public'] == 'true'"
- name: rerun with purge_tags not set (implicitly false)
ec2_vpc_route_table:
vpc_id: "{{ vpc.vpc.id }}"
routes:
- dest: 0.0.0.0/0
gateway_id: igw
lookup: id
route_table_id: "{{ create_public_table.route_table.id }}"
subnets: "{{ vpc_subnets|json_query('subnets[?tags.Public == `True`].id') }}"
<<: *aws_connection_info
register: no_purge_tags
- name: assert route table still has tags
assert:
that:
- not no_purge_tags.changed
- "'Public' in no_purge_tags.route_table.tags and no_purge_tags.route_table.tags['Public'] == 'true'"
- name: CHECK MODE - purge subnets
ec2_vpc_route_table:
vpc_id: "{{ vpc.vpc.id }}"
routes:
- dest: 0.0.0.0/0
gateway_id: igw
subnets: []
tags:
Public: "true"
Name: "Public route table"
<<: *aws_connection_info
check_mode: True
register: check_mode_results
- name: assert subnets would be removed
assert:
that:
- check_mode_results.changed
- name: purge subnets
ec2_vpc_route_table:
vpc_id: "{{ vpc.vpc.id }}"
routes:
- dest: 0.0.0.0/0
gateway_id: igw
subnets: []
tags:
Public: "true"
Name: "Public route table"
<<: *aws_connection_info
register: purge_subnets
# FIXME: this doesn't currently work but with no associations present difficult to see why not
# - name: assert purge subnets worked
# assert:
# that:
# - purge_subnets.changed
# # FIXME: - purge_subnets.route_table.associations|length == 0
# - purge_subnets.route_table.id == create_public_table.route_table.id
- name: assert purge subnets worked
assert:
that:
- purge_subnets.changed
- purge_subnets.route_table.associations|length == 0
- purge_subnets.route_table.id == create_public_table.route_table.id
- name: CHECK MODE - purge routes
ec2_vpc_route_table:
vpc_id: "{{ vpc.vpc.id }}"
tags:
Public: "true"
Name: "Public route table"
<<: *aws_connection_info
routes: []
check_mode: True
register: check_mode_results
- name: assert routes would be removed
assert:
that:
- check_mode_results.changed
- name: purge routes
ec2_vpc_route_table:
@ -211,24 +344,42 @@
Public: "true"
Name: "Public route table"
<<: *aws_connection_info
routes: []
register: purge_routes
- name: assert purge routes worked
assert:
that:
- purge_routes.changed
# FIXME: purge_routes does work but the result is not up to date and returns
# the route - a wait period might help
# - purge_routes.route_table.routes|length == 1
- purge_routes.route_table.routes|length == 1
- purge_routes.route_table.id == create_public_table.route_table.id
- name: CHECK MODE - update tags
ec2_vpc_route_table:
vpc_id: "{{ vpc.vpc.id }}"
route_table_id: "{{ create_public_table.route_table.id }}"
lookup: id
purge_tags: yes
tags:
Name: Public route table
Updated: new_tag
<<: *aws_connection_info
check_mode: True
register: check_mode_results
- name: assert tags would be changed
assert:
that:
- check_mode_results.changed
- name: update tags
ec2_vpc_route_table:
vpc_id: "{{ vpc.vpc.id }}"
route_table_id: "{{ create_public_table.route_table.id }}"
lookup: id
# FIXME: purge_tags: yes
purge_tags: yes
tags:
Name: Public route table
Updated: new_tag
<<: *aws_connection_info
register: update_tags
@ -238,14 +389,41 @@
that:
- update_tags.changed
- "'Updated' in update_tags.route_table.tags and update_tags.route_table.tags['Updated'] == 'new_tag'"
# FIXME: - "'Public' not in update_tags.route_table.tags"
- "'Public' not in update_tags.route_table.tags"
- name: create NAT GW
ec2_vpc_nat_gateway:
if_exist_do_not_create: yes
wait: yes
subnet_id: "{{ subnets.results[0].subnet.id }}"
<<: *aws_connection_info
register: nat_gateway
- name: CHECK MODE - create private route table
ec2_vpc_route_table:
vpc_id: "{{ vpc.vpc.id }}"
tags:
Public: "false"
Name: "Private route table"
routes:
- gateway_id: "{{ nat_gateway.nat_gateway_id }}"
dest: 0.0.0.0/0
subnets: "{{ vpc_subnets|json_query('subnets[?tags.Public == `False`].id') }}"
<<: *aws_connection_info
check_mode: True
register: check_mode_results
- name: assert the route table would be created
assert:
that:
- check_mode_results.changed
- name: create private route table
ec2_vpc_route_table:
vpc_id: "{{ vpc.vpc.id }}"
tags:
Public: no
Name: private route table
Public: "false"
Name: "Private route table"
routes:
- gateway_id: "{{ nat_gateway.nat_gateway_id }}"
dest: 0.0.0.0/0
@ -260,12 +438,29 @@
- create_private_table.route_table.id != create_public_table.route_table.id
- "'Public' in create_private_table.route_table.tags"
- name: destroy public route table
- name: CHECK MODE - destroy public route table by tags
ec2_vpc_route_table:
route_table_id: "{{ create_public_table.route_table.id }}"
lookup: id
vpc_id: "{{ vpc.vpc.id }}" # FIXME: why is this required?
vpc_id: "{{ vpc.vpc.id }}"
state: absent
tags:
Updated: new_tag
Name: Public route table
<<: *aws_connection_info
check_mode: True
register: check_mode_results
- name: assert the route table would be deleted
assert:
that:
check_mode_results.changed
- name: destroy public route table by tags
ec2_vpc_route_table:
vpc_id: "{{ vpc.vpc.id }}"
state: absent
tags:
Updated: new_tag
Name: Public route table
<<: *aws_connection_info
register: destroy_table
@ -274,46 +469,89 @@
that:
- destroy_table.changed
# FIXME: this currently throws an exception
# - name: redestroy public route table
# ec2_vpc_route_table:
# route_table_id: "{{ create_public_table.route_table.id }}"
# lookup: id
# state: absent
# <<: *aws_connection_info
# register: redestroy_table
#
# - name: assert redestroy table worked
# assert:
# that:
# - not redestroy_table.changed
- name: CHECK MODE - redestroy public route table
ec2_vpc_route_table:
route_table_id: "{{ create_public_table.route_table.id }}"
lookup: id
state: absent
<<: *aws_connection_info
check_mode: True
register: check_mode_results
# FIXME: After boto3 port, test updating NAT gateway
#
# - name: destroy NAT GW
# ec2_vpc_nat_gateway:
# vpc_id: "{{ vpc.vpc.id }}"
# state: absent
# wait: yes
# release_eip: yes
# <<: *aws_connection_info
# register: nat_gateway
#
# - name: create NAT GW
# ec2_vpc_nat_gateway:
# vpc_id: "{{ vpc.vpc.id }}"
# if_exist_do_not_create: yes
# <<: *aws_connection_info
# register: nat_gateway
- name: assert the public route table does not exist
assert:
that:
- not check_mode_results.changed
always:
- name: redestroy public route table
ec2_vpc_route_table:
route_table_id: "{{ create_public_table.route_table.id }}"
lookup: id
state: absent
<<: *aws_connection_info
register: redestroy_table
- name: assert redestroy table worked
assert:
that:
- not redestroy_table.changed
- name: destroy NAT GW
ec2_vpc_nat_gateway:
state: absent
wait: yes
release_eip: yes
subnet_id: "{{ subnets.results[0].subnet.id }}"
nat_gateway_id: "{{ nat_gateway.nat_gateway_id }}"
<<: *aws_connection_info
register: nat_gateway
- name: show route table facts
ec2_vpc_route_table_facts:
filters:
route-table-id: "{{ create_private_table.route_table.id }}"
<<: *aws_connection_info
- name: create NAT GW
ec2_vpc_nat_gateway:
if_exist_do_not_create: yes
wait: yes
subnet_id: "{{ subnets.results[0].subnet.id }}"
<<: *aws_connection_info
register: nat_gateway
- name: show route table facts
ec2_vpc_route_table_facts:
filters:
route-table-id: "{{ create_private_table.route_table.id }}"
<<: *aws_connection_info
- name: recreate private route table with new NAT GW
ec2_vpc_route_table:
vpc_id: "{{ vpc.vpc.id }}"
tags:
Public: "false"
Name: "Private route table"
routes:
- nat_gateway_id: "{{ nat_gateway.nat_gateway_id }}"
dest: 0.0.0.0/0
subnets: "{{ vpc_subnets|json_query('subnets[?tags.Public == `False`].id') }}"
<<: *aws_connection_info
register: recreate_private_table
- name: assert creating private route table worked
assert:
that:
- recreate_private_table.changed
- recreate_private_table.route_table.id != create_public_table.route_table.id
- always:
#############################################################################
# TEAR DOWN STARTS HERE
#############################################################################
- name: destroy route tables
ec2_vpc_route_table:
route_table_id: "{{ item.route_table.id }}"
vpc_id: "{{ vpc.vpc.id }}" # FIXME: why is this required?
lookup: id
state: absent
<<: *aws_connection_info