ansible/test/integration/targets/aws_ssm_parameters/tasks/main.yml

137 lines
6.3 KiB
YAML
Raw Normal View History

---
#
# Author: Michael De La Rue
# based on aws_lambda test cases
- block:
# ============================================================
- name: set up aws connection info
set_fact:
aws_connection_info: &aws_connection_info
aws_access_key: "{{ aws_access_key }}"
aws_secret_key: "{{ aws_secret_key }}"
security_token: "{{ security_token }}"
region: "{{ aws_region }}"
no_log: yes
# ============================================================
- name: Create or update key/value pair in aws parameter store
aws_ssm_parameter_store:
name: "/{{ssm_key_prefix}}/Hello"
description: "This is your first key"
value: "World"
<<: *aws_connection_info
- name: Check that parameter was stored correctly
assert:
that:
- "'{{lookup('aws_ssm', '/' ~ ssm_key_prefix ~ '/Hello', region=ec2_region, aws_access_key=ec2_access_key, aws_secret_key=ec2_secret_key, aws_security_token=security_token )}}' == 'World'"
# ============================================================
- name: Create or update key/value pair in aws parameter store
aws_ssm_parameter_store:
name: "/{{ssm_key_prefix}}/path/wonvar"
description: "This is your first key"
value: "won value"
<<: *aws_connection_info
- name: Create or update key/value pair in aws parameter store
aws_ssm_parameter_store:
name: "/{{ssm_key_prefix}}/path/toovar"
description: "This is your first key"
value: "too value"
<<: *aws_connection_info
- name: Create or update key/value pair in aws parameter store
aws_ssm_parameter_store:
name: "/{{ssm_key_prefix}}/path/tree/treevar"
description: "This is your first key"
value: "tree value"
<<: *aws_connection_info
# ============================================================
- name: Create or update key/value pair in aws parameter store
aws_ssm_parameter_store:
name: "/{{ssm_key_prefix}}/deeppath/wondir/samevar"
description: "This is your first key"
value: "won value"
<<: *aws_connection_info
- name: Create or update key/value pair in aws parameter store
aws_ssm_parameter_store:
name: "/{{ssm_key_prefix}}/deeppath/toodir/samevar"
description: "This is your first key"
value: "too value"
<<: *aws_connection_info
# ============================================================
- name: debug the lookup
debug:
msg: "{{lookup('aws_ssm', '/' ~ ssm_key_prefix ~ '/path', region=ec2_region, aws_access_key=ec2_access_key, aws_secret_key=ec2_secret_key, aws_security_token=security_token, bypath=True )}}'"
- name: Check that parameter path is stored and retrieved
assert:
that:
- "'{{lookup('aws_ssm', '/' ~ ssm_key_prefix ~ '/path', region=ec2_region, aws_access_key=ec2_access_key, aws_secret_key=ec2_secret_key, aws_security_token=security_token, bypath=True, shortnames=true ) | to_json }}' == '{\"toovar\": \"too value\", \"wonvar\": \"won value\"}'"
# ============================================================
- name: Error in case we don't find a named parameter
debug:
msg: "'{{lookup('aws_ssm', '/' ~ ssm_key_prefix ~ '/Goodbye', region=ec2_region, aws_access_key=ec2_access_key, aws_secret_key=ec2_secret_key, aws_security_token=security_token )}}' == 'World'"
register: result
ignore_errors: true
- name: assert failure from failure to find parameter
assert:
that:
- 'result.failed'
- "'Undefined AWS SSM parameter' in result.msg"
# ============================================================
- name: Handle multiple paths with one that doesn't exist - default to full names.
assert:
that:
- "'{{lookup('aws_ssm', '/' ~ ssm_key_prefix ~ '/path', '/' ~ ssm_key_prefix ~ '/dont_create_this_path_you_will_break_the_ansible_tests', region=ec2_region, aws_access_key=ec2_access_key, aws_secret_key=ec2_secret_key, aws_security_token=security_token, bypath=True ) | to_json }}' in ( '[{\"/' ~ ssm_key_prefix ~ '/path/toovar\": \"too value\", \"/' ~ ssm_key_prefix ~ '/path/wonvar\": \"won value\"}, {}]', '[{\"/' ~ ssm_key_prefix ~ '/path/wonvar\": \"won value\", \"/' ~ ssm_key_prefix ~ '/path/toovar\": \"too value\"}, {}]' )"
# ============================================================
# this may be a bit of a nasty test case; we should perhaps accept _either_ value that was stored
# in the two variables named 'samevar'
- name: Handle multiple paths with one that doesn't exist - shortnames - including overlap.
assert:
that:
- "'{{lookup('aws_ssm', '/' ~ ssm_key_prefix ~ '/path', '/' ~ ssm_key_prefix ~ '/dont_create_this_path_you_will_break_the_ansible_tests', '/' ~ ssm_key_prefix ~ '/deeppath', region=ec2_region, aws_access_key=ec2_access_key, aws_secret_key=ec2_secret_key, aws_security_token=security_token, bypath=True, shortnames=true, recursive=true ) | to_json }}' == '[{\"toovar\": \"too value\", \"treevar\": \"tree value\", \"wonvar\": \"won value\"}, {}, {\"samevar\": \"won value\"}]'"
# ============================================================
- name: Delete key/value pair in aws parameter store
aws_ssm_parameter_store:
name: "/{{ssm_key_prefix}}/Hello"
state: absent
<<: *aws_connection_info
# ============================================================
- name: Attempt delete key/value pair in aws parameter store again
aws_ssm_parameter_store:
name: "/{{ssm_key_prefix}}/Hello"
state: absent
<<: *aws_connection_info
register: result
- name: assert that changed is False since parameter should be deleted
assert:
that:
- result.changed == False
always:
# ============================================================
- name: Delete remaining key/value pairs in aws parameter store
aws_ssm_parameter_store:
name: "{{item}}"
state: absent
<<: *aws_connection_info
with_items:
- "/{{ssm_key_prefix}}/Hello"
- "/{{ssm_key_prefix}}/path/wonvar"
- "/{{ssm_key_prefix}}/path/toovar"
- "/{{ssm_key_prefix}}/path/tree/treevar"