[cloud] New module: AWS API Gageway module (#20230)

* Ultra basic api-gateway module based of lambda.py

* Ultra basic deployment added to api-gateway module

* ApiGateway module Allow creation of APIs, more documentation and better return value

* ApiGateway module incorporate review feedback

* ApiGateway module flake8 cleanup

* APIGateway module - more review fixes.

* slightly better messages in api_gateway module

* AWS api_gateway module - try to improve messages in case of exceptions

* rename api_gateway module to aws_api_gateway as discussed in PR 20230

* aws_api_gateway - Allow delivery of swagger either as text or dictionary.

* aws_api_gateway module - introduce 'unit' tests, improve imports using them and small fixes

* aws_api_gateway module - move path expand_user to avoid early typecheck

* aws_api_gateway - version means version of metadata not module - fix to 1.0

* aws_api_gateway module - Rely on module_utils.ec2 for imports & path type for expanduser / cleanups

* aws_api_gateway module - heavy cleanup and refactor of code + cloud retry functionality.

* api_gateway_module - failing test case for handling more than one deployment in succession and API deletion

* add TooManyRequestsException to AWSRetry exception list - makes API deployment work.

* api_gateway_module - Fixes for various review comments + errors from various linters

* api_gateway_module - Fixes for more review comments + linter error

* api_gateway_module - Major refactor into sensible functions - create_response becomes configure_response

* api_gateway_module - should be working under python3; remove test exclusion

* api_gateway_module - finish off remaining review fixes - use ansible defaults and fix mutually exclusive

* api_gateway_module - attempt to improve handling of botocore errors in python3

* api_gateway_module - implement state=absent / API deletion
This commit is contained in:
Michael De La Rue 2017-06-05 15:25:56 +01:00 committed by Ryan Brown
commit e28845018d
7 changed files with 651 additions and 1 deletions

View file

@ -0,0 +1,2 @@
cloud/aws
posix/ci/cloud/aws

View file

@ -0,0 +1,3 @@
dependencies:
- prepare_tests
- setup_ec2

View file

@ -0,0 +1,182 @@
- block:
# ============================================================
- name: test with no parameters
aws_api_gateway:
register: result
ignore_errors: true
- name: assert failure when called with no parameters
assert:
that:
- 'result.failed'
- 'result.msg.startswith("Region must be specified")'
# ============================================================
- name: test with minimal parameters but no region
aws_api_gateway:
api_id: 'fake-api-doesnt-exist'
register: result
ignore_errors: true
- name: assert failure when called with with minimal parameters but no region
assert:
that:
- 'result.failed'
- 'result.msg.startswith("Region must be specified")'
# ============================================================
- name: test disallow multiple swagger sources
aws_api_gateway:
api_id: 'fake-api-doesnt-exist'
region: 'fake_region'
swagger_file: foo.yml
swagger_text: "this is not really an API"
register: result
ignore_errors: true
- name: assert failure when called with with minimal parameters but no region
assert:
that:
- 'result.failed'
- 'result.msg.startswith("parameters are mutually exclusive")'
# This fails with
# msg": "There is an issue in the code of the module. You must
# specify either both, resource or client to the conn_type
# parameter in the boto3_conn function call"
# even though the call appears to include conn_type='client'
# # ============================================================
# - name: test invalid region parameter
# aws_api_gateway:
# api_id: 'fake-api-doesnt-exist'
# region: 'asdf querty 1234'
# register: result
# ignore_errors: true
# - name: assert invalid region parameter
# assert:
# that:
# - 'result.failed'
# - 'result.msg.startswith("Region asdf querty 1234 does not seem to be available ")'
# ============================================================
- name: build API file
template:
src: minimal-swagger-api.yml.j2
dest: "{{output_dir}}/minimal-swagger-api.yml"
tags: new_api,api,api_file
- name: deploy new API
aws_api_gateway:
api_file: "{{output_dir}}/minimal-swagger-api.yml"
stage: "minimal"
region: '{{ec2_region}}'
aws_access_key: '{{ec2_access_key}}'
aws_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: create_result
- name: assert deploy new API worked
assert:
that:
- 'create_result.changed == True'
- '"api_id" in create_result'
# - '"created_response.created_date" in create_result'
# - '"deploy_response.created_date" in create_result'
- name: check API works
uri: url="https://{{create_result.api_id}}.execute-api.{{ec2_region}}.amazonaws.com/minimal"
register: uri_result
- name: assert API works success
assert:
that:
- 'uri_result'
- name: check nonexistent endpoints cause errors
uri: url="https://{{create_result.api_id}}.execute-api.{{ec2_region}}.amazonaws.com/nominal"
register: bad_uri_result
ignore_errors: true
- name: assert
assert:
that:
- bad_uri_result|failed
# ============================================================
- name: deploy first API
aws_api_gateway:
api_file: "{{output_dir}}/minimal-swagger-api.yml"
stage: "minimal"
region: '{{ec2_region}}'
aws_access_key: '{{ec2_access_key}}'
aws_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: create_result_1
- name: deploy second API rapidly after first
aws_api_gateway:
api_file: "{{output_dir}}/minimal-swagger-api.yml"
stage: "minimal"
region: '{{ec2_region}}'
aws_access_key: '{{ec2_access_key}}'
aws_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: create_result_2
- name: assert both APIs deployed successfully
assert:
that:
- 'create_result_1.changed == True'
- 'create_result_2.changed == True'
- '"api_id" in create_result_1'
- '"api_id" in create_result_1'
# - '"created_response.created_date" in create_result'
# - '"deploy_response.created_date" in create_result'
- name: destroy first API
aws_api_gateway:
state: absent
api_id: '{{create_result_1.api_id}}'
region: '{{ec2_region}}'
aws_access_key: '{{ec2_access_key}}'
aws_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: destroy_result_1
- name: destroy second API rapidly after first
aws_api_gateway:
state: absent
api_id: '{{create_result_2.api_id}}'
region: '{{ec2_region}}'
aws_access_key: '{{ec2_access_key}}'
aws_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: destroy_result_2
- name: assert both APIs deployed successfully
assert:
that:
- 'destroy_result_1.changed == True'
- 'destroy_result_2.changed == True'
# - '"created_response.created_date" in create_result'
# - '"deploy_response.created_date" in create_result'
always:
# ============================================================
- name: test state=absent (expect changed=false)
aws_api_gateway:
state: absent
api_id: '{{create_result.api_id}}'
ec2_region: '{{ec2_region}}'
aws_access_key: '{{ec2_access_key}}'
aws_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: destroy_result

View file

@ -0,0 +1,33 @@
---
swagger: "2.0"
info:
version: "2017-05-11T12:14:59Z"
title: "{{resource_prefix}}Empty_API"
host: "fakeexample.execute-api.us-east-1.amazonaws.com"
basePath: "/minimal"
schemes:
- "https"
paths:
/:
get:
consumes:
- "application/json"
produces:
- "application/json"
responses:
200:
description: "200 response"
schema:
$ref: "#/definitions/Empty"
x-amazon-apigateway-integration:
responses:
default:
statusCode: "200"
requestTemplates:
application/json: "{\"statusCode\": 200}"
passthroughBehavior: "when_no_match"
type: "mock"
definitions:
Empty:
type: "object"
title: "Empty Schema"

View file

@ -0,0 +1,85 @@
#
# (c) 2016 Michael De La Rue
#
# This file is part of Ansible
#
# Ansible is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# Ansible is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
# Make coding more python3-ish
from __future__ import (absolute_import, division, print_function)
from nose.plugins.skip import SkipTest
import pytest
import sys
import json
from ansible.module_utils._text import to_bytes
from ansible.module_utils import basic
from ansible.module_utils.ec2 import HAS_BOTO3
if not HAS_BOTO3:
raise SkipTest("test_api_gateway.py requires the `boto3` and `botocore` modules")
import ansible.modules.cloud.amazon.aws_api_gateway as agw
def set_module_args(args):
args = json.dumps({'ANSIBLE_MODULE_ARGS': args})
basic._ANSIBLE_ARGS = to_bytes(args)
exit_return_dict = {}
def fake_exit_json(self, **kwargs):
""" store the kwargs given to exit_json rather than putting them out to stdout"""
global exit_return_dict
exit_return_dict = kwargs
sys.exit(0)
def test_upload_api(monkeypatch):
class FakeConnection:
def put_rest_api(self, *args, **kwargs):
assert kwargs["body"] == "the-swagger-text-is-fake"
return {"msg": "success!"}
def return_fake_connection(*args, **kwargs):
return FakeConnection()
monkeypatch.setattr(agw, "boto3_conn", return_fake_connection)
monkeypatch.setattr(agw.AnsibleModule, "exit_json", fake_exit_json)
set_module_args({
"api_id": "fred",
"state": "present",
"swagger_text": "the-swagger-text-is-fake",
"region": 'mars-north-1',
})
with pytest.raises(SystemExit):
agw.main()
assert exit_return_dict["changed"]
def test_warn_if_region_not_specified():
set_module_args({
"name": "aws_api_gateway",
"state": "present",
"runtime": 'python2.7',
"role": 'arn:aws:iam::987654321012:role/lambda_basic_execution',
"handler": 'lambda_python.my_handler'})
with pytest.raises(SystemExit):
print(agw.main())