Skip to content

Commit

Permalink
Avoid unsafe conditionals in integration tests (#1891)
Browse files Browse the repository at this point in the history 
Avoid unsafe conditionals in integration tests

SUMMARY
Update a batch of assertions in integration tests to avoid templating
See: ansible/ansible-documentation#866 and ansible/ansible-documentation#866 for more information
This PR covers about half of the impacted test tasks for this repo but is already going to be a lot to get through CI so additional PRs will follow.
Affected tasks identified with:
https://gist.github.com/sivel/7b012ae2ebf4ab4cb6225379a72cc502
ISSUE TYPE

Bugfix Pull Request

COMPONENT NAME
tests
ADDITIONAL INFORMATION
There are unsupported tests in this change.  The cloudtrail tests seem to be broken independent of this change, iam_group tests pass for me locally

Reviewed-by: Bikouo Aubin
Reviewed-by: Mark Chappell
Reviewed-by: Alina Buzachis
Reviewed-by: Mike Graves <[email protected]>
  • Loading branch information
@jillr
jillr authored Dec 5, 2023
1 parent 9e45fc2 commit dc08059
Show file tree
Hide file tree
Showing 56 changed files with 2,986 additions and 3,004 deletions.
18 changes: 9 additions & 9 deletions tests/integration/targets/autoscaling_group/roles/ec2_asg/tasks/instance_detach.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -145,10 +145,10 @@
that:
- asg_info_replaced.results[0].desired_capacity == 3
- asg_info_replaced.results[0].instances | length == 3
- "'{{ init_instance_1 }}' not in {{ asg_instance_detach_replace }}"
- "'{{ init_instance_2 }}' not in {{ asg_instance_detach_replace }}"
- "'{{ detached_instances_info.instances[0].state.name }}' == 'running'"
- "'{{ detached_instances_info.instances[1].state.name }}' == 'running'"
- init_instance_1 not in asg_instance_detach_replace
- init_instance_2 not in asg_instance_detach_replace
- detached_instances_info.instances[0].state.name == 'running'
- detached_instances_info.instances[1].state.name == 'running'

#----------------------------------------------------------------------

Expand Down Expand Up @@ -191,11 +191,11 @@
that:
- asg_info_decrement.results[0].instances | length == 1
- asg_info_decrement.results[0].desired_capacity == 1
- "'{{ instance_replace_1 }}' not in {{ asg_instance_detach_decrement }}"
- "'{{ instance_replace_2 }}' not in {{ asg_instance_detach_decrement }}"
- "'{{ detached_instances_info.instances[0].state.name }}' == 'running'"
- "'{{ detached_instances_info.instances[1].state.name }}' == 'running'"
- "'{{ instance_replace_3 }}' == '{{ instance_detach_decrement }}'"
- instance_replace_1 not in asg_instance_detach_decrement
- instance_replace_2 not in asg_instance_detach_decrement
- detached_instances_info.instances[0].state.name == 'running'
- detached_instances_info.instances[1].state.name == 'running'
- instance_replace_3 == instance_detach_decrement

#----------------------------------------------------------------------

Expand Down
32 changes: 16 additions & 16 deletions tests/integration/targets/backup_selection/tasks/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -123,7 +123,7 @@
- _result_create_selection_with_all_options.changed
- "'backup_selection' in _result_create_selection_with_all_options"
- _result_create_selection_with_all_options.backup_selection.iam_role_arn == iam_role.iam_role.arn
- _result_create_selection_with_all_options.backup_selection.selection_name == "all-options-{{ backup_selection_name }}"
- _result_create_selection_with_all_options.backup_selection.selection_name == "all-options-"+backup_selection_name

- name: Create an AWS Backup selection with all options (idempotency)
amazon.aws.backup_selection:
Expand All @@ -136,7 +136,7 @@
- not _result_create_selection_with_all_options_idempotency.changed
- "'backup_selection' in _result_create_selection_with_all_options_idempotency"
- _result_create_selection_with_all_options_idempotency.backup_selection.iam_role_arn == iam_role.iam_role.arn
- _result_create_selection_with_all_options_idempotency.backup_selection.selection_name == "all-options-{{ backup_selection_name }}"
- _result_create_selection_with_all_options_idempotency.backup_selection.selection_name == "all-options-"+backup_selection_name

- name: Get detailed information about the AWS Backup selection
amazon.aws.backup_selection_info:
Expand All @@ -150,7 +150,7 @@
that:
- _result_backup_selection_info.backup_selections | length == 1
- _result_backup_selection_info.backup_selections[0].iam_role_arn == iam_role.iam_role.arn
- _result_backup_selection_info.backup_selections[0].selection_name == "all-options-{{ backup_selection_name }}"
- _result_backup_selection_info.backup_selections[0].selection_name == "all-options-"+backup_selection_name
- _result_backup_selection_info.backup_selections[0].resources == ['arn:aws:s3:::a-bucket']
- _result_backup_selection_info.backup_selections[0].not_resources == ['arn:aws:s3:::another-bucket']
- _result_backup_selection_info.backup_selections[0].list_of_tags[0].condition_value == "daily"
Expand Down Expand Up @@ -205,7 +205,7 @@
- _result_create_selection_with_minimal_options.changed
- "'backup_selection' in _result_create_selection_with_minimal_options"
- _result_create_selection_with_minimal_options.backup_selection.iam_role_arn == iam_role.iam_role.arn
- _result_create_selection_with_minimal_options.backup_selection.selection_name == "{{ backup_selection_name }}"
- _result_create_selection_with_minimal_options.backup_selection.selection_name == backup_selection_name

- name: Create an AWS Backup selection with minimal options (idempotency)
amazon.aws.backup_selection:
Expand All @@ -218,7 +218,7 @@
- not _result_create_selection_with_minimal_options_idempotency.changed
- "'backup_selection' in _result_create_selection_with_minimal_options_idempotency"
- _result_create_selection_with_minimal_options_idempotency.backup_selection.iam_role_arn == iam_role.iam_role.arn
- _result_create_selection_with_minimal_options_idempotency.backup_selection.selection_name == "{{ backup_selection_name }}"
- _result_create_selection_with_minimal_options_idempotency.backup_selection.selection_name == backup_selection_name

- name: Get detailed information about the AWS Backup selection
amazon.aws.backup_selection_info:
Expand All @@ -232,7 +232,7 @@
that:
- _result_backup_selection_info.backup_selections | length == 1
- _result_backup_selection_info.backup_selections[0].iam_role_arn == iam_role.iam_role.arn
- _result_backup_selection_info.backup_selections[0].selection_name == "{{ backup_selection_name }}"
- _result_backup_selection_info.backup_selections[0].selection_name == backup_selection_name
- _result_backup_selection_info.backup_selections[0].resources == ['arn:aws:s3:::a-bucket']
- _result_backup_selection_info.backup_selections[0].not_resources == []
- _result_backup_selection_info.backup_selections[0].list_of_tags | length == 0
Expand Down Expand Up @@ -282,7 +282,7 @@
- name: Verify list_of_tags was not added in check mode
ansible.builtin.assert:
that:
- _result_backup_selection_info.backup_selections[0].selection_name == "{{ backup_selection_name }}"
- _result_backup_selection_info.backup_selections[0].selection_name == backup_selection_name
- _result_backup_selection_info.backup_selections[0].list_of_tags == []

- name: Modify an AWS Backup selection - add list_of_tags
Expand Down Expand Up @@ -316,7 +316,7 @@
ansible.builtin.assert:
that:
- _result_backup_selection_info.backup_selections[0].iam_role_arn == iam_role.iam_role.arn
- _result_backup_selection_info.backup_selections[0].selection_name == "{{ backup_selection_name }}"
- _result_backup_selection_info.backup_selections[0].selection_name == backup_selection_name
- _result_backup_selection_info.backup_selections[0].resources == [ 'arn:aws:s3:::a-bucket']
- _result_backup_selection_info.backup_selections[0].not_resources == []
- _result_backup_selection_info.backup_selections[0].list_of_tags[0].condition_value == "weekly"
Expand Down Expand Up @@ -363,7 +363,7 @@
- name: Verify backup selection conditions were not added in check mode
ansible.builtin.assert:
that:
- _result_backup_selection_info.backup_selections[0].selection_name == "{{ backup_selection_name }}"
- _result_backup_selection_info.backup_selections[0].selection_name == backup_selection_name
- _result_backup_selection_info.backup_selections[0].conditions.string_not_equals == []

- name: Modify an AWS Backup selection - add conditions
Expand Down Expand Up @@ -397,7 +397,7 @@
ansible.builtin.assert:
that:
- _result_backup_selection_info.backup_selections[0].iam_role_arn == iam_role.iam_role.arn
- _result_backup_selection_info.backup_selections[0].selection_name == "{{ backup_selection_name }}"
- _result_backup_selection_info.backup_selections[0].selection_name == backup_selection_name
- _result_backup_selection_info.backup_selections[0].resources == ['arn:aws:s3:::a-bucket']
- _result_backup_selection_info.backup_selections[0].not_resources == []
- _result_backup_selection_info.backup_selections[0].list_of_tags[0].condition_value == "weekly"
Expand Down Expand Up @@ -446,7 +446,7 @@
- name: Verify backup selection options were not updated in check mode
ansible.builtin.assert:
that:
- _result_backup_selection_info.backup_selections[0].selection_name == "{{ backup_selection_name }}"
- _result_backup_selection_info.backup_selections[0].selection_name == backup_selection_name
- _result_backup_selection_info.backup_selections[0].resources == ['arn:aws:s3:::a-bucket']
- _result_backup_selection_info.backup_selections[0].not_resources == []
- _result_backup_selection_info.backup_selections[0].list_of_tags[0].condition_value == "weekly"
Expand Down Expand Up @@ -483,7 +483,7 @@
ansible.builtin.assert:
that:
- _result_backup_selection_info.backup_selections[0].iam_role_arn == iam_role.iam_role.arn
- _result_backup_selection_info.backup_selections[0].selection_name == "{{ backup_selection_name }}"
- _result_backup_selection_info.backup_selections[0].selection_name == backup_selection_name
- _result_backup_selection_info.backup_selections[0].resources == ['arn:aws:s3:::another-bucket']
- _result_backup_selection_info.backup_selections[0].not_resources == ['arn:aws:s3:::a-bucket']
- _result_backup_selection_info.backup_selections[0].list_of_tags[0].condition_value == "daily"
Expand Down Expand Up @@ -528,7 +528,7 @@
- name: Verify list_of_tags was not removed in check mode
ansible.builtin.assert:
that:
- _result_backup_selection_info.backup_selections[0].selection_name == "{{ backup_selection_name }}"
- _result_backup_selection_info.backup_selections[0].selection_name == backup_selection_name
- _result_backup_selection_info.backup_selections[0].resources == ['arn:aws:s3:::another-bucket']
- _result_backup_selection_info.backup_selections[0].not_resources == ['arn:aws:s3:::a-bucket']
- _result_backup_selection_info.backup_selections[0].list_of_tags [0].condition_value == "daily"
Expand Down Expand Up @@ -565,7 +565,7 @@
ansible.builtin.assert:
that:
- _result_backup_selection_info.backup_selections[0].iam_role_arn == iam_role.iam_role.arn
- _result_backup_selection_info.backup_selections[0].selection_name == "{{ backup_selection_name }}"
- _result_backup_selection_info.backup_selections[0].selection_name == backup_selection_name
- _result_backup_selection_info.backup_selections[0].resources == ['arn:aws:s3:::another-bucket']
- _result_backup_selection_info.backup_selections[0].not_resources == ['arn:aws:s3:::a-bucket']
- _result_backup_selection_info.backup_selections[0].list_of_tags == []
Expand Down Expand Up @@ -606,7 +606,7 @@
- name: Verify conditions were not removed in check mode
ansible.builtin.assert:
that:
- _result_backup_selection_info.backup_selections[0].selection_name == "{{ backup_selection_name }}"
- _result_backup_selection_info.backup_selections[0].selection_name == backup_selection_name
- _result_backup_selection_info.backup_selections[0].resources == ['arn:aws:s3:::another-bucket']
- _result_backup_selection_info.backup_selections[0].not_resources == ['arn:aws:s3:::a-bucket']
- _result_backup_selection_info.backup_selections[0].list_of_tags == []
Expand Down Expand Up @@ -643,7 +643,7 @@
ansible.builtin.assert:
that:
- _result_backup_selection_info.backup_selections[0].iam_role_arn == iam_role.iam_role.arn
- _result_backup_selection_info.backup_selections[0].selection_name == "{{ backup_selection_name }}"
- _result_backup_selection_info.backup_selections[0].selection_name == backup_selection_name
- _result_backup_selection_info.backup_selections[0].resources == ['arn:aws:s3:::another-bucket']
- _result_backup_selection_info.backup_selections[0].not_resources == ['arn:aws:s3:::a-bucket']
- _result_backup_selection_info.backup_selections[0].list_of_tags == []
Expand Down
2 changes: 1 addition & 1 deletion tests/integration/targets/cloudformation/tasks/test_disable_rollback.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -202,7 +202,7 @@
that:
- cf_stack.changed
- cf_stack.output == "Stack UPDATE complete"
- stack_info.cloudformation["{{ stack_name }}-failtest"].stack_description.stack_status == "UPDATE_COMPLETE"
- stack_info.cloudformation[stack_name+"-failtest"].stack_description.stack_status == "UPDATE_COMPLETE"

always:

Expand Down
18 changes: 9 additions & 9 deletions tests/integration/targets/cloudtrail/tasks/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -333,7 +333,7 @@
that:
- output is changed
- output.trail.name == cloudtrail_name
- 'output.trail.s3_key_prefix == "{{ cloudtrail_prefix }}-2"'
- 'output.trail.s3_key_prefix == cloudtrail_prefix+"-2"'

- name: 'Update S3 prefix (no change)'
cloudtrail:
Expand All @@ -345,7 +345,7 @@
that:
- output is not changed
- output.trail.name == cloudtrail_name
- 'output.trail.s3_key_prefix == "{{ cloudtrail_prefix }}-2"'
- 'output.trail.s3_key_prefix == cloudtrail_prefix+"-2"'

- name: 'Get the trail info after updating S3 prefix'
cloudtrail_info:
Expand All @@ -356,7 +356,7 @@
- name: 'Assert that the s3_key_prefix is correct'
assert:
that:
- 'info.trail_list[0].s3_key_prefix == "{{ cloudtrail_prefix }}-2"'
- 'info.trail_list[0].s3_key_prefix == cloudtrail_prefix+"-2"'

- name: 'Remove S3 prefix (CHECK MODE)'
cloudtrail:
Expand Down Expand Up @@ -488,7 +488,7 @@
that:
- output is changed
- output.trail.name == cloudtrail_name
- 'output.trail.sns_topic_name == "{{ sns_topic }}-2"'
- 'output.trail.sns_topic_name == sns_topic+"-2"'

- name: 'Update SNS Topic (no change)'
cloudtrail:
Expand All @@ -500,7 +500,7 @@
that:
- output is not changed
- output.trail.name == cloudtrail_name
- 'output.trail.sns_topic_name == "{{ sns_topic }}-2"'
- 'output.trail.sns_topic_name == sns_topic+"-2"'

- name: 'Get the trail info with SNS topic after update'
cloudtrail_info:
Expand All @@ -511,7 +511,7 @@
- name: 'Assert that the sns_topic is correctly set'
assert:
that:
- 'info.trail_list[0].sns_topic_name == "{{ sns_topic }}-2"'
- 'info.trail_list[0].sns_topic_name == sns_topic+"-2"'

#- name: 'Remove SNS Topic (CHECK MODE)'
# cloudtrail:
Expand Down Expand Up @@ -735,7 +735,7 @@
that:
- output is changed
- output.trail.name == cloudtrail_name
- 'output.trail.s3_bucket_name == "{{ s3_bucket_name }}-2"'
- 'output.trail.s3_bucket_name == s3_bucket_name+"-2"'

- name: 'Update S3 bucket (no change)'
cloudtrail:
Expand All @@ -747,7 +747,7 @@
that:
- output is not changed
- output.trail.name == cloudtrail_name
- 'output.trail.s3_bucket_name == "{{ s3_bucket_name }}-2"'
- 'output.trail.s3_bucket_name == s3_bucket_name+"-2"'

- name: 'Get the trail info with S3 bucket name'
cloudtrail_info:
Expand All @@ -758,7 +758,7 @@
- name: 'Assert that the S3 Bucket name is correctly set'
assert:
that:
- 'info.trail_list[0].s3_bucket_name == "{{ s3_bucket_name }}-2"'
- 'info.trail_list[0].s3_bucket_name == s3_bucket_name+"-2"'

- name: 'Reset S3 bucket'
cloudtrail:
Expand Down
8 changes: 4 additions & 4 deletions tests/integration/targets/ec2_eni/tasks/test_create_attached_multiple.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@
- result is not failed
- instance_info_result.instances[0].network_interfaces | length == 1
- '"Would have created ENI if not in check mode." in result.msg'
- "'ec2:CreateNetworkInterface' not in {{ result.resource_actions }}"
- "'ec2:CreateNetworkInterface' not in result.resource_actions"

- name: Create and attach another interface to above instance
amazon.aws.ec2_eni:
Expand Down Expand Up @@ -96,9 +96,9 @@
- result is changed
- result is not failed
- instance_info_result.instances[0].network_interfaces | length == 2
- '"Would have modified ENI: {{ eni_id_attached_multiple }} if not in check mode" in result.msg'
- "'ec2:CreateNetworkInterface' not in {{ result.resource_actions }}"
- "'ec2:ModifyNetworkInterfaceAttribute' not in {{ result.resource_actions }}"
- '"Would have modified ENI: "+eni_id_attached_multiple+" if not in check mode" in result.msg'
- "'ec2:CreateNetworkInterface' not in result.resource_actions"
- "'ec2:ModifyNetworkInterfaceAttribute' not in result.resource_actions"

#=================================================================

Expand Down
4 changes: 2 additions & 2 deletions tests/integration/targets/ec2_instance_block_devices/tasks/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,12 +73,12 @@
- name: Confirm instance was created without check mode
ansible.builtin.assert:
that:
- "{{ presented_instance_fact.instances | length }} > 0"
- presented_instance_fact.instances | length > 0

- name: Confirm instance was not created with check mode
ansible.builtin.assert:
that:
- "{{ checkmode_instance_fact.instances | length }} == 0"
- checkmode_instance_fact.instances | length == 0

- name: Terminate instances
amazon.aws.ec2_instance:
Expand Down
14 changes: 7 additions & 7 deletions tests/integration/targets/ec2_instance_checkmode_tests/tasks/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,8 +47,8 @@
- name: "Confirm whether the check mode is working normally."
assert:
that:
- "{{ presented_instance_fact.instances | length }} > 0"
- "{{ checkmode_instance_fact.instances | length }} == 0"
- presented_instance_fact.instances | length > 0
- checkmode_instance_fact.instances | length == 0

- name: "Stop instance (check mode)"
ec2_instance:
Expand Down Expand Up @@ -112,7 +112,7 @@
- name: "Verify that it was not running."
assert:
that:
- '"{{ confirm_checkmode_runninginstance_fact.instances[0].state.name }}" != "running"'
- confirm_checkmode_runninginstance_fact.instances[0].state.name != "running"

- name: "Running instance."
ec2_instance:
Expand All @@ -132,7 +132,7 @@
- name: "Verify that it was running."
assert:
that:
- '"{{ confirm_runninginstance_fact.instances[0].state.name }}" == "running"'
- confirm_runninginstance_fact.instances[0].state.name == "running"

- name: "Tag instance."
ec2_instance:
Expand All @@ -153,7 +153,7 @@
- name: "Verify that it hasn't been re-tagged."
assert:
that:
- '"{{ confirm_not_tagged.instances[0].tags.TestTag }}" == "Some Value"'
- confirm_not_tagged.instances[0].tags.TestTag == "Some Value"

- name: "Terminate instance in check mode."
ec2_instance:
Expand All @@ -175,7 +175,7 @@
- name: "Verify that it was not terminated,"
assert:
that:
- '"{{ confirm_checkmode_terminatedinstance_fact.instances[0].state.name }}" != "terminated"'
- confirm_checkmode_terminatedinstance_fact.instances[0].state.name != "terminated"

- name: "Terminate instance."
ec2_instance:
Expand All @@ -196,7 +196,7 @@
- name: "Verify that it was terminated,"
assert:
that:
- '"{{ confirm_terminatedinstance_fact.instances[0].state.name }}" == "terminated"'
- confirm_terminatedinstance_fact.instances[0].state.name == "terminated"

always:
- name: "Terminate checkmode instances"
Expand Down
10 changes: 5 additions & 5 deletions tests/integration/targets/ec2_instance_cpu_options/tasks/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,10 +53,10 @@
that:
- cpu_options_update is success
- cpu_options_update is not changed
- "{{ presented_instance_fact.instances | length }} > 0"
- "'{{ presented_instance_fact.instances.0.state.name }}' in ['running','pending']"
- "{{ presented_instance_fact.instances.0.cpu_options.core_count }} == 1"
- "{{ presented_instance_fact.instances.0.cpu_options.threads_per_core }} == 1"
- presented_instance_fact.instances | length > 0
- presented_instance_fact.instances.0.state.name in ['running','pending']
- presented_instance_fact.instances.0.cpu_options.core_count == 1
- presented_instance_fact.instances.0.cpu_options.threads_per_core == 1

- name: "create t3.nano instance with cpu_options(check mode)"
ec2_instance:
Expand All @@ -82,4 +82,4 @@
- name: "Confirm existence of instance id."
assert:
that:
- "{{ checkmode_instance_fact.instances | length }} == 0"
- checkmode_instance_fact.instances | length == 0
Loading

0 comments on commit dc08059

Please sign in to comment.