---
# __Test Info__
# EIPs are a scarce resource.  AWS only assigns 5 per account
# by default.  This test tries to only use 1 at a time.
# one t1.micro instance will also be provisioned.
# tests require setting of variables eip_ec2_keyname and
# eip_ec2_image .

# __Test Outline__
#
# __ec2_eip__
# create test instance
# create EIP
# assign allocated ip to instance_id
# disassociate EIP associated with instance
# re-use existing EIP with instance
# deactivate EIP
# provision EIP with instance_id
# create VPC EIP
# re-use exiting VPC EIP with instance

# __ec2-common__
# test environment variable EC2_REGION
# deactivate EIP
# test with no parameters
# test with only instance_id
# test invalid region parameter
# test valid region parameter
# test invalid ec2_url parameter
# test valid ec2_url parameter
# test credentials from environment
# test credential parameters

# ============================================================
# create a keypair using the ssh key

- name: create the keypair for ec2
  ec2_key:
    name: "{{ resource_prefix }}"
    region: "{{ ec2_region }}"
    ec2_access_key: "{{ ec2_access_key }}"
    ec2_secret_key: "{{ ec2_secret_key }}"
    key_material: "{{ key_material }}"
    wait: yes
    state: present

# ============================================================
# create test instance

- name: create test instance
  local_action:
    module: ec2
    key_name: "{{ resource_prefix }}"
    region: "{{ ec2_region }}"
    instance_type: t1.micro
    image: ami-fb8e9292
    wait: yes
    instance_tags:
      Name: "{{ tag_prefix }}"
      ansible_ec2_eip_integration_test: foo
    exact_count: 1
    count_tag: "ansible_ec2_eip_integration_test"
    ec2_access_key: "{{ ec2_access_key }}"
    ec2_secret_key: "{{ ec2_secret_key }}"
  register: output


- name: set instance id fact
  set_fact: instance_id={{ output.instances[0].id }}

# eip allocated:0 assigned:0

# ============================================================

# create EIP

- name: create EIP
  ec2_eip: region={{ ec2_region }}
    ec2_access_key={{ ec2_access_key }}
    ec2_secret_key={{ ec2_secret_key }}
  register: result

- name: set eip fact
  set_fact: eip={{ result.public_ip }}

- name: write ip to list for cleanup script
  shell: echo {{ eip }} >> {{ output_dir }}/{{ tag_prefix }}-eip_integration_tests.log

- name: assert EIP created
  assert:
    that:
      - '"failed" not in result'


# eip allocated:1 assigned:0

# ============================================================

# assign allocated ip to instance_id

- name: assign allocated ip to instance_id
  ec2_eip:
    reuse_existing_ip_allowed=yes
    instance_id={{ instance_id }}
    ec2_access_key={{ ec2_access_key }}
    ec2_secret_key={{ ec2_secret_key }}
    public_ip={{ eip }}
    region={{ ec2_region }}
  register: result

- name: assert new EIP was assigned
  assert:
    that:
      - '"failed" not in result'
      - '"public_ip" in result'


# eip allocated:1 assigned:1

# ============================================================

# disassociate EIP associated with instance

- name: disassociate EIP associated with instance
  ec2_eip: state=absent public_ip={{ eip }} region={{ ec2_region }}
    ec2_access_key={{ ec2_access_key }}
    ec2_secret_key={{ ec2_secret_key }}
    instance_id={{ instance_id }}
  register: result

- name: assert success disassociate EIP associated with instance
  assert:
    that:
      - '"failed" not in result'

# eip allocated:1 assigned:0


# ============================================================

# re-use existing EIP with instance

- name: re-use existing EIP with instance
  ec2_eip:
    reuse_existing_ip_allowed=yes
    instance_id={{ instance_id }}
    ec2_access_key={{ ec2_access_key }}
    ec2_secret_key={{ ec2_secret_key }}
    region={{ ec2_region }}
  register: result

- name: assert new EIP was assigned
  assert:
    that:
      - '"failed" not in result'
      - '"public_ip" in result'



- name: disassociate EIP associated with instance
  ec2_eip: state=absent public_ip={{ eip }} region={{ ec2_region }}
    ec2_access_key={{ ec2_access_key }}
    ec2_secret_key={{ ec2_secret_key }}
    instance_id={{ instance_id }}


# eip allocated:1 assigned:1

# ============================================================

# deactivate EIP

- name: deactivate EIP
  ec2_eip: state=absent public_ip={{ eip }} region={{ ec2_region }}
    ec2_access_key={{ ec2_access_key }}
    ec2_secret_key={{ ec2_secret_key }}
  register: result

- name: assert EIP deactivated
  assert:
    that:
      - '"failed" not in result'


# eip allocated:0 assigned:0

# ============================================================

# provision EIP with instance_id

- name: provision EIP with instance_id
  ec2_eip:
    instance_id={{ instance_id }}
    ec2_access_key={{ ec2_access_key }}
    ec2_secret_key={{ ec2_secret_key }}
    region={{ ec2_region }}
  register: result

- name: set eip fact
  set_fact: eip={{ result.public_ip }}

- name: write ip to list for cleanup script
  shell: echo {{ eip }} >> {{ output_dir }}/{{ tag_prefix }}-eip_integration_tests.log

- name: assert provision EIP with instance_id
  assert:
    that:
      - '"failed" not in result'
      - '"public_ip" in result'


- name: disassociate EIP associated with instance
  ec2_eip: state=absent public_ip={{ eip }} region={{ ec2_region }}
    ec2_access_key={{ ec2_access_key }}
    ec2_secret_key={{ ec2_secret_key }}
    instance_id={{ instance_id }}


- name: deactivate EIP
  ec2_eip: state=absent public_ip={{ eip }} region={{ ec2_region }}
    ec2_access_key={{ ec2_access_key }}
    ec2_secret_key={{ ec2_secret_key }}


# eip allocated:0 assigned:0

# ============================================================


# create VPC EIP


- name: create VPC EIP
  ec2_eip: in_vpc=yes region={{ ec2_region }}
    ec2_access_key={{ ec2_access_key }}
    ec2_secret_key={{ ec2_secret_key }}
  register: result

- name: set eip fact
  set_fact: eip={{ result.public_ip }}

- name: write ip to list for cleanup script
  shell: echo {{ eip }} >> {{ output_dir }}/{{ tag_prefix }}-eip_integration_tests.log

- name: assert VPC EIP creation
  assert:
    that:
      - '"failed" not in result'
      - '"public_ip" in result'


# eip allocated:1 assigned:0

# ============================================================

# re-use existing VPC EIP with instance
# DISABLED BY JCAMMARATA
#- name: re-use existing VPC EIP with instance
#  ec2_eip:
#    in_vpc=yes
#    reuse_existing_ip_allowed=yes
#    instance_id={{ instance_id }}
#    ec2_access_key={{ ec2_access_key }}
#    ec2_secret_key={{ ec2_secret_key }}
#    region={{ ec2_region }}
#  register: result
#
#- name: assert new VPC EIP was assigned
#  assert:
#    that:
#      - '"failed" not in result'
#      - '"public_ip" in result'
#
#
#- name: disassociate VPC EIP associated with instance
#  ec2_eip: state=absent public_ip={{ eip }} region={{ ec2_region }}
#    ec2_access_key={{ ec2_access_key }}
#    ec2_secret_key={{ ec2_secret_key }}
#    instance_id={{ instance_id }}


- name: deactivate VPC EIP
  ec2_eip: state=absent public_ip={{ eip }} region={{ ec2_region }}
    ec2_access_key={{ ec2_access_key }}
    ec2_secret_key={{ ec2_secret_key }}


# eip allocated:0 assigned:0


# ============================================================
- name: test environment variable EC2_REGION
  ec2_eip:
    ec2_access_key={{ ec2_access_key }}
    ec2_secret_key={{ ec2_secret_key }}
  environment:
    EC2_REGION: "{{ ec2_region }}"
  register: result

- name: set eip fact
  set_fact: eip={{ result.public_ip }}

- name: write ip to list for cleanup script
  shell: echo {{ eip }} >> {{ output_dir }}/{{ tag_prefix }}-eip_integration_tests.log


- name: assert environment variable EC2_REGION
  assert:
    that:
      - '"failed" not in result'
      - '"public_ip" in result'


- name: deactivate EIP
  ec2_eip: state=absent public_ip={{ eip }} region={{ ec2_region }}
    ec2_access_key={{ ec2_access_key }}
    ec2_secret_key={{ ec2_secret_key }}


# eip allocated:0 assigned:0

# ============================================================

- name: test with no parameters
  ec2_eip:
  register: result
  ignore_errors: true

- name: assert failure when called with no parameters
  assert:
    that:
       - 'result.failed'
       - 'result.msg == "Either region or ec2_url must be specified"'

# eip allocated:0 assigned:0

# ============================================================
- name: test with only instance_id
  ec2_eip:
    instance_id=i-12345
  register: result
  ignore_errors: true

- name: assert failure when called with only 'instance_id'
  assert:
    that:
       - 'result.failed'
       - 'result.msg == "Either region or ec2_url must be specified"'

# eip allocated:0 assigned:0

# ============================================================
- name: test invalid region parameter
  ec2_eip:
    instance_id={{ instance_id }}
    region='asdf querty 1234'
  register: result
  ignore_errors: true

- name: assert invalid region parameter
  assert:
    that:
       - 'result.failed'
       - 'result.msg.startswith("value of region must be one of:")'

# eip allocated:0 assigned:0

# ============================================================
- name: test valid region parameter
  ec2_eip:
    instance_id={{ instance_id }}
    region={{ ec2_region }}
  register: result
  ignore_errors: true

- name: assert valid region parameter
  assert:
    that:
       - 'result.failed'
       - 'result.msg.startswith("No handler was ready to authenticate.")'

# eip allocated:0 assigned:0

# ============================================================

- name: test invalid ec2_url parameter
  ec2_eip:
    instance_id={{ instance_id }}
    reuse_existing_ip_allowed=yes
  environment:
    EC2_URL: bogus.example.com
  register: result
  ignore_errors: true

- name: assert invalid ec2_url parameter
  assert:
    that:
       - 'result.failed'
       - 'result.msg.startswith("No handler was ready to authenticate.")'

# eip allocated:0 assigned:0

# ============================================================
- name: test valid ec2_url parameter
  ec2_eip:
    instance_id={{ instance_id }}
    reuse_existing_ip_allowed=yes
  environment:
    EC2_URL: '{{ec2_url}}'
  register: result
  ignore_errors: true

- name: assert valid ec2_url parameter
  assert:
    that:
       - 'result.failed'
       - 'result.msg.startswith("No handler was ready to authenticate.")'

# eip allocated:0 assigned:0

# ============================================================
- name: test credentials from environment
  ec2_eip:
    region={{ ec2_region }}
    instance_id={{ instance_id }}
  environment:
    EC2_ACCESS_KEY: bogus_access_key
    EC2_SECRET_KEY: bogus_secret_key
  register: result
  ignore_errors: true

- name: assert credentials from environment
  assert:
    that:
       - 'result.failed'
       - '"EC2ResponseError: 401 Unauthorized" in result.msg'

# eip allocated:0 assigned:0

# ============================================================
- name: test credential parameters
  ec2_eip: region={{ ec2_region }}
  register: result
  ignore_errors: true

- name: assert credential parameters
  assert:
    that:
       - 'result.failed'
       - '"Check your credentials" in result.msg'

# eip allocated:0 assigned:0