1- block:
2  # ============================================================
3  # set up VPC
4  - name: Create VPC for use in testing
5    ec2_vpc_net:
6      name: "{{ resource_prefix }}-vpc"
7      cidr_block: 10.99.0.0/16
8      tags:
9        Name: Ansible ec2_instance Testing VPC
10      tenancy: default
11    register: testing_vpc
12
13  - name: Create default subnet in zone A
14    ec2_vpc_subnet:
15      state: present
16      vpc_id: "{{ testing_vpc.vpc.id }}"
17      cidr: 10.99.0.0/24
18      az: "{{ aws_region }}a"
19      resource_tags:
20        Name: "{{ resource_prefix }}-subnet-a"
21    register: testing_subnet_a
22
23  - name: Create secondary subnet in zone B
24    ec2_vpc_subnet:
25      state: present
26      vpc_id: "{{ testing_vpc.vpc.id }}"
27      cidr: 10.99.1.0/24
28      az: "{{ aws_region }}b"
29      resource_tags:
30        Name: "{{ resource_prefix }}-subnet-b"
31    register: testing_subnet_b
32
33  - name: create a security group with the vpc
34    ec2_group:
35      name: "{{ resource_prefix }}-sg"
36      description: a security group for ansible tests
37      vpc_id: "{{ testing_vpc.vpc.id }}"
38      rules:
39        - proto: tcp
40          ports: [22, 80]
41          cidr_ip: 0.0.0.0/0
42    register: sg
43    # TODO: switch these tests from instances
44  - assert:
45      that:
46      - 1 == 0
47  # ============================================================
48  # start subnet/sg testing
49  - name: Make instance in the testing subnet created in the test VPC
50    ec2_instance:
51      name: "{{ resource_prefix }}-test-basic-vpc-create"
52      image_id: "{{ ec2_ami_image[aws_region] }}"
53      user_data: |
54        #cloud-config
55        package_upgrade: true
56        package_update: true
57      tags:
58        TestId: "{{ resource_prefix }}"
59        Something: else
60      security_groups: "{{ sg.group_id }}"
61      network:
62        source_dest_check: false
63      vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}"
64      instance_type: t2.micro
65      volumes:
66      - device_name: /dev/sda1
67        ebs:
68          delete_on_termination: true
69      <<: *aws_connection_info
70    register: in_test_vpc
71
72  - name: Try to re-make the instance, hopefully this shows changed=False
73    ec2_instance:
74      name: "{{ resource_prefix }}-test-basic-vpc-create"
75      image_id: "{{ ec2_ami_image[aws_region] }}"
76      user_data: |
77        #cloud-config
78        package_upgrade: true
79        package_update: true
80      tags:
81        TestId: "{{ resource_prefix }}"
82        Something: else
83      security_groups: "{{ sg.group_id }}"
84      vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}"
85      instance_type: t2.micro
86      <<: *aws_connection_info
87    register: remake_in_test_vpc
88  - name: "Remaking the same instance resulted in no changes"
89    assert:
90      that: not remake_in_test_vpc.changed
91  - name: check that instance IDs match anyway
92    assert:
93      that: 'remake_in_test_vpc.instance_ids[0] == in_test_vpc.instance_ids[0]'
94  - name: check that source_dest_check was set to false
95    assert:
96      that: 'not remake_in_test_vpc.instances[0].source_dest_check'
97
98  - name: Alter it by adding tags
99    ec2_instance:
100      name: "{{ resource_prefix }}-test-basic-vpc-create"
101      image_id: "{{ ec2_ami_image[aws_region] }}"
102      tags:
103        TestId: "{{ resource_prefix }}"
104        Another: thing
105      security_groups: "{{ sg.group_id }}"
106      vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}"
107      instance_type: t2.micro
108      <<: *aws_connection_info
109    register: add_another_tag
110
111  - ec2_instance_info:
112      instance_ids: "{{ add_another_tag.instance_ids }}"
113      <<: *aws_connection_info
114    register: check_tags
115  - name: "Remaking the same instance resulted in no changes"
116    assert:
117      that:
118        - check_tags.instances[0].tags.Another == 'thing'
119        - check_tags.instances[0].tags.Something == 'else'
120
121  - name: Purge a tag
122    ec2_instance:
123      name: "{{ resource_prefix }}-test-basic-vpc-create"
124      image_id: "{{ ec2_ami_image[aws_region] }}"
125      purge_tags: true
126      tags:
127        TestId: "{{ resource_prefix }}"
128        Another: thing
129      security_groups: "{{ sg.group_id }}"
130      vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}"
131      instance_type: t2.micro
132      <<: *aws_connection_info
133  - ec2_instance_info:
134      instance_ids: "{{ add_another_tag.instance_ids }}"
135      <<: *aws_connection_info
136    register: check_tags
137  - name: "Remaking the same instance resulted in no changes"
138    assert:
139      that:
140        - "'Something' not in check_tags.instances[0].tags"
141
142  - name: Terminate instance
143    ec2_instance:
144      filters:
145        tag:TestId: "{{ resource_prefix }}"
146      state: absent
147      <<: *aws_connection_info
148    register: result
149  - assert:
150      that: result.changed
151
152  - name: Terminate instance
153    ec2_instance:
154      instance_ids: "{{ in_test_vpc.instance_ids }}"
155      state: absent
156      <<: *aws_connection_info
157    register: result
158  - assert:
159      that: not result.changed
160
161  - name: check that subnet-default public IP rule was followed
162    assert:
163      that:
164        - in_test_vpc.instances[0].public_dns_name == ""
165        - in_test_vpc.instances[0].private_ip_address.startswith("10.22.33")
166        - in_test_vpc.instances[0].subnet_id == testing_subnet_b.subnet.id
167  - name: check that tags were applied
168    assert:
169      that:
170        - in_test_vpc.instances[0].tags.Name.startswith(resource_prefix)
171        - in_test_vpc.instances[0].state.name == 'running'
172
173  always:
174  - name: remove the security group
175    ec2_group:
176      name: "{{ resource_prefix }}-sg"
177      description: a security group for ansible tests
178      vpc_id: "{{ testing_vpc.vpc.id }}"
179      state: absent
180    register: removed
181    until: removed is not failed
182    ignore_errors: yes
183    retries: 10
184
185  - name: remove subnet A
186    ec2_vpc_subnet:
187      state: absent
188      vpc_id: "{{ testing_vpc.vpc.id }}"
189      cidr: 10.99.0.0/24
190    register: removed
191    until: removed is not failed
192    ignore_errors: yes
193    retries: 10
194
195  - name: remove subnet B
196    ec2_vpc_subnet:
197      state: absent
198      vpc_id: "{{ testing_vpc.vpc.id }}"
199      cidr: 10.99.1.0/24
200    register: removed
201    until: removed is not failed
202    ignore_errors: yes
203    retries: 10
204
205  - name: remove the VPC
206    ec2_vpc_net:
207      name: "{{ resource_prefix }}-vpc"
208      cidr_block: 10.99.0.0/16
209      state: absent
210      tags:
211        Name: Ansible Testing VPC
212      tenancy: default
213    register: removed
214    until: removed is not failed
215    ignore_errors: yes
216    retries: 10
217