ansible-collections/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2025-07-02 14:40:19 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 8

[cloud] new module lambda_policy (PR #24951)

Browse source 
- Fixes to lambda
- reformatting + tests for lambda_facts
- lambda module integration test
- switch lambda and lambda_facts to AnsibleAwsModule
- Get the account ID from STS, GetUser, and finally error message
This commit is contained in:
Michael De La Rue 2017-05-16 14:26:55 +01:00 committed by Ryan S. Brown
parent c36c34ef7e
commit fbec5ab12d
16 changed files with 1481 additions and 123 deletions
Download patch file Download diff file Expand all files Collapse all files

409
test/integration/targets/aws_lambda/tasks/main.yml Normal file
View file

@ -0,0 +1,409 @@
---
#
# Author: Michael De La Rue
# based on ec2_key.yml + lambda.py
- block:
# ============================================================
- name: test with no parameters
lambda:
register: result
ignore_errors: true
- name: assert failure when called with no parameters
assert:
that:
- 'result.failed'
- 'result.msg.startswith("missing required arguments: name")'
# ============================================================
- name: test with no parameters except state absent
lambda:
state=absent
register: result
ignore_errors: true
- name: assert failure when called with no parameters
assert:
that:
- 'result.failed'
- 'result.msg.startswith("missing required arguments: name")'
# ============================================================
- name: test with no role or handler
lambda:
name=ansible-testing-fake-should-not-be-created
runtime="python2.7"
register: result
ignore_errors: true
- name: assert failure when called with no parameters
assert:
that:
- 'result.failed'
- 'result.msg.startswith("state is present but the following are missing: handler")'
# ============================================================
- name: test with all module required variables but no region
lambda:
name=ansible-testing-fake-should-not-be-created
runtime="python2.7"
handler="no-handler"
role=arn:fake-role-doesnt-exist
register: result
ignore_errors: true
- name: assert failure when called with only 'name'
assert:
that:
- 'result.failed'
- 'result.msg == "region must be specified"'
# ============================================================
- name: test with all module required variables, no region and all possible variables set to blank
lambda:
name: ansible-testing-fake-should-not-be-created
state: present
runtime: "python2.7"
role: arn:fake-role-doesnt-exist
handler:
s3_bucket:
s3_key:
s3_object_version:
description:
vpc_subnet_ids:
vpc_security_group_ids:
environment_variables:
dead_letter_arn:
register: result
ignore_errors: true
- name: assert failure when called with only 'name'
assert:
that:
- 'result.failed'
- 'result.msg == "region must be specified"'
# ============================================================
# direct zip file upload
- name: move lambda into place for archive module
copy:
src: "mini_lambda.py"
dest: "{{output_dir}}/mini_lambda.py"
- name: bundle lambda into a zip
archive:
format: zip
path: "{{output_dir}}/mini_lambda.py"
dest: "{{output_dir}}/mini_lambda.zip"
register: zip_res
- name: test state=present - upload the lambda
lambda:
name="{{lambda_function_name}}"
runtime="python2.7"
handler="mini_lambda.handler"
role="ansible_lambda_role"
ec2_region='{{ec2_region}}'
ec2_access_key='{{ec2_access_key}}'
ec2_secret_key='{{ec2_secret_key}}'
security_token='{{security_token}}'
zip_file="{{zip_res.dest}}"
register: result
- name: assert lambda upload succeeded
assert:
that:
- 'not result|failed'
- name: test lambda works
execute_lambda:
name: "{{lambda_function_name}}"
payload:
name: "Mr Ansible Tests"
ec2_region: '{{ec2_region}}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
register: result
- name: assert lambda manages to respond as expected
assert:
that:
- 'not result|failed'
- 'result.result.output.message == "hello Mr Ansible Tests"'
# ============================================================
- name: test state=present with security group but no vpc
lambda:
name: "{{lambda_function_name}}"
runtime: "python2.7"
role: "ansible_lambda_role"
ec2_region: '{{ec2_region}}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
zip_file: "{{zip_res.dest}}"
handler:
description:
vpc_subnet_ids:
vpc_security_group_ids: sg-FA6E
environment_variables:
dead_letter_arn:
register: result
ignore_errors: true
- name: assert lambda fails with proper message
assert:
that:
- 'result|failed'
- 'result.msg != "MODULE FAILURE"'
- 'result.changed == False'
- '"requires at least one security group and one subnet" in result.msg'
# ============================================================
- name: test state=present with all nullable variables explicitly set to null
lambda:
name: "{{lambda_function_name}}"
runtime: "python2.7"
role: "ansible_lambda_role"
ec2_region: '{{ec2_region}}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
zip_file: "{{zip_res.dest}}"
handler: "mini_lambda.handler"
# These are not allowed because of mutually exclusive.
# s3_bucket:
# s3_key:
# s3_object_version:
description:
vpc_subnet_ids:
vpc_security_group_ids:
environment_variables:
dead_letter_arn:
register: result
- name: assert lambda was updated as expected
assert:
that:
- 'not result|failed'
- 'result.changed == False'
# ============================================================
- name: test state=present triggering a network exception due to bad url
lambda:
name: "{{lambda_function_name}}"
runtime: "python2.7"
role: "ansible_lambda_role"
ec2_url: https://noexist.example.com
ec2_region: '{{ec2_region}}'
ec2_access_key: 'iamnotreallyanaccesskey'
ec2_secret_key: 'thisisabadsecretkey'
security_token: 'andthisisabadsecuritytoken'
zip_file: "{{zip_res.dest}}"
register: result
ignore_errors: true
- name: assert lambda manages to respond as expected
assert:
that:
- 'result|failed'
- 'result.changed == False'
# ============================================================
- name: test state=absent (expect changed=False)
lambda:
name="{{lambda_function_name}}"
ec2_region='{{ec2_region}}'
ec2_access_key='{{ec2_access_key}}'
ec2_secret_key='{{ec2_secret_key}}'
security_token='{{security_token}}'
state=absent
register: result
- name: assert state=absent
assert:
that:
- 'not result|failed'
- 'result.changed == True'
# ============================================================
# parallel lambda creation
- name: parallel lambda creation 1/4
lambda:
name: "{{lambda_function_name}}_1"
runtime: "python2.7"
handler: "mini_lambda.handler"
role: "ansible_lambda_role"
ec2_region: '{{ec2_region}}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
zip_file: "{{zip_res.dest}}"
async: 1000
register: async_1
- name: parallel lambda creation 2/4
lambda:
name: "{{lambda_function_name}}_2"
runtime: "python2.7"
handler: "mini_lambda.handler"
role: "ansible_lambda_role"
ec2_region: '{{ec2_region}}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
zip_file: "{{zip_res.dest}}"
async: 1000
register: async_2
- name: parallel lambda creation 3/4
lambda:
name: "{{lambda_function_name}}_3"
runtime: "python2.7"
handler: "mini_lambda.handler"
role: "ansible_lambda_role"
ec2_region: '{{ec2_region}}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
zip_file: "{{zip_res.dest}}"
async: 1000
register: async_3
- name: parallel lambda creation 4/4
lambda:
name: "{{lambda_function_name}}_4"
runtime: "python2.7"
handler: "mini_lambda.handler"
role: "ansible_lambda_role"
ec2_region: '{{ec2_region}}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
zip_file: "{{zip_res.dest}}"
register: result
- name: assert lambda manages to respond as expected
assert:
that:
- 'not result|failed'
- name: wait for async job 1
async_status: jid={{ async_1.ansible_job_id }}
register: job_result
until: job_result.finished
retries: 30
- name: wait for async job 2
async_status: jid={{ async_1.ansible_job_id }}
register: job_result
until: job_result.finished
retries: 30
- name: wait for async job 3
async_status: jid={{ async_3.ansible_job_id }}
register: job_result
until: job_result.finished
retries: 30
- name: parallel lambda deletion 1/4
lambda:
name: "{{lambda_function_name}}_1"
state: absent
ec2_region: '{{ec2_region}}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
zip_file: "{{zip_res.dest}}"
async: 1000
register: async_1
- name: parallel lambda deletion 2/4
lambda:
name: "{{lambda_function_name}}_2"
state: absent
ec2_region: '{{ec2_region}}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
zip_file: "{{zip_res.dest}}"
async: 1000
register: async_2
- name: parallel lambda deletion 3/4
lambda:
name: "{{lambda_function_name}}_3"
state: absent
ec2_region: '{{ec2_region}}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
zip_file: "{{zip_res.dest}}"
async: 1000
register: async_3
- name: parallel lambda deletion 4/4
lambda:
name: "{{lambda_function_name}}_4"
state: absent
ec2_region: '{{ec2_region}}'
ec2_access_key: '{{ec2_access_key}}'
ec2_secret_key: '{{ec2_secret_key}}'
security_token: '{{security_token}}'
zip_file: "{{zip_res.dest}}"
register: result
- name: assert lambda creation has succeeded
assert:
that:
- 'not result|failed'
- name: wait for async job 1
async_status: jid={{ async_1.ansible_job_id }}
register: job_result
until: job_result.finished
retries: 30
- name: wait for async job 2
async_status: jid={{ async_1.ansible_job_id }}
register: job_result
until: job_result.finished
retries: 30
- name: wait for async job 3
async_status: jid={{ async_3.ansible_job_id }}
register: job_result
until: job_result.finished
retries: 30
# ============================================================
# upload via s3 bucket - multi function
# ============================================================
# update already existing function
always:
# ============================================================
- name: test state=absent (expect changed=False)
lambda:
name="{{lambda_function_name}}"
ec2_region='{{ec2_region}}'
ec2_access_key='{{ec2_access_key}}'
ec2_secret_key='{{ec2_secret_key}}'
security_token='{{security_token}}'
state=absent
register: result
- name: assert state=absent
assert:
that:
- 'not result|failed'
- 'result.changed == False'