From 8f2d450cdf36b31d32f2ec8515f8345c098bc4e0 Mon Sep 17 00:00:00 2001
From: Matt Clay <matt@mystile.com>
Date: Thu, 26 Jan 2023 14:28:10 -0800
Subject: [PATCH] Fix lambda wait issue and add more integration tests (#15)

* Add missing waits after changing Lambda state

* Add integration test for lambda module

* Add integration test for lambda_alias module
---
 plugins/modules/lambda.py                     | 16 +++-
 tests/integration/targets/lambda/aliases      |  2 +
 .../targets/lambda/defaults/main.yml          |  4 +
 .../integration/targets/lambda/tasks/main.yml |  9 ++
 .../targets/lambda/tasks/setup.yml            | 19 ++++
 .../targets/lambda/tasks/tests.yml            | 89 +++++++++++++++++++
 .../integration/targets/lambda_alias/aliases  |  2 +
 .../targets/lambda_alias/defaults/main.yml    |  4 +
 .../targets/lambda_alias/tasks/main.yml       |  9 ++
 .../targets/lambda_alias/tasks/setup.yml      | 32 +++++++
 .../targets/lambda_alias/tasks/tests.yml      | 59 ++++++++++++
 11 files changed, 244 insertions(+), 1 deletion(-)
 create mode 100644 tests/integration/targets/lambda/aliases
 create mode 100644 tests/integration/targets/lambda/defaults/main.yml
 create mode 100644 tests/integration/targets/lambda/tasks/main.yml
 create mode 100644 tests/integration/targets/lambda/tasks/setup.yml
 create mode 100644 tests/integration/targets/lambda/tasks/tests.yml
 create mode 100644 tests/integration/targets/lambda_alias/aliases
 create mode 100644 tests/integration/targets/lambda_alias/defaults/main.yml
 create mode 100644 tests/integration/targets/lambda_alias/tasks/main.yml
 create mode 100644 tests/integration/targets/lambda_alias/tasks/setup.yml
 create mode 100644 tests/integration/targets/lambda_alias/tasks/tests.yml

diff --git a/plugins/modules/lambda.py b/plugins/modules/lambda.py
index 8679c64..d75939d 100644
--- a/plugins/modules/lambda.py
+++ b/plugins/modules/lambda.py
@@ -321,6 +321,9 @@ def create_function(self):
                 del args['Environment']
 
             api = self.al.create_function(**args)
+
+            self.wait_on_create()
+
             result = self.make_result(api)
         else:
             result = self.make_result(args)
@@ -402,6 +405,13 @@ def update_function_configuration(self, args, changed):
 
         return args
 
+    def wait_on_create(self):
+        status = 'Pending'
+
+        while status == 'Pending':
+            time.sleep(1)
+            status = self.get_function(None)['State']
+
     def wait_on_function(self):
         status = 'InProgress'
 
@@ -415,7 +425,11 @@ def update_function_code(self, changed):
         args['Publish'] = self.params['publish']
 
         if changed and not self.check_mode:
-            return self.al.update_function_code(**args)
+            result = self.al.update_function_code(**args)
+
+            self.wait_on_function()
+
+            return result
 
         return args
 
diff --git a/tests/integration/targets/lambda/aliases b/tests/integration/targets/lambda/aliases
new file mode 100644
index 0000000..1be5b9d
--- /dev/null
+++ b/tests/integration/targets/lambda/aliases
@@ -0,0 +1,2 @@
+cloud/aws
+gather_facts/no
diff --git a/tests/integration/targets/lambda/defaults/main.yml b/tests/integration/targets/lambda/defaults/main.yml
new file mode 100644
index 0000000..3c54ea8
--- /dev/null
+++ b/tests/integration/targets/lambda/defaults/main.yml
@@ -0,0 +1,4 @@
+function_name: "{{ resource_prefix }}-event"
+function_arn: "arn:aws:lambda:{{ aws_region }}:{{ aws_account_id }}:function:{{ function_name }}:test"
+iam_role_name: "{{ ('' if resource_prefix.startswith('ansible-test-') else 'ansible-test-') + resource_prefix }}"
+iam_role_arn: "arn:aws:iam::{{ aws_account_id }}:role/{{ iam_role_name }}"
diff --git a/tests/integration/targets/lambda/tasks/main.yml b/tests/integration/targets/lambda/tasks/main.yml
new file mode 100644
index 0000000..a86303c
--- /dev/null
+++ b/tests/integration/targets/lambda/tasks/main.yml
@@ -0,0 +1,9 @@
+- block:
+    - import_tasks: setup.yml
+    - import_tasks: tests.yml
+  module_defaults:
+    group/mattclay.aws.common:
+      access_key: "{{ aws_access_key }}"
+      secret_key: "{{ aws_secret_key }}"
+      aws_region: "{{ aws_region }}"
+      security_token: "{{ security_token }}"
diff --git a/tests/integration/targets/lambda/tasks/setup.yml b/tests/integration/targets/lambda/tasks/setup.yml
new file mode 100644
index 0000000..051b0d9
--- /dev/null
+++ b/tests/integration/targets/lambda/tasks/setup.yml
@@ -0,0 +1,19 @@
+- name: Create a role
+  community.aws.iam_role:
+    name: "{{ iam_role_name }}"
+    assume_role_policy_document:
+      Version: '2012-10-17'
+      Statement:
+        - Action: sts:AssumeRole
+          Effect: Allow
+          Principal:
+            Service: lambda.amazonaws.com
+    managed_policies:
+      - arn:aws:iam::aws:policy/service-role/AWSLambdaSQSQueueExecutionRole
+
+- name: Wait for role to be usable
+  pause:
+    seconds: 10
+
+- name: Gather account facts
+  aws_account_facts:
diff --git a/tests/integration/targets/lambda/tasks/tests.yml b/tests/integration/targets/lambda/tasks/tests.yml
new file mode 100644
index 0000000..22bf3ef
--- /dev/null
+++ b/tests/integration/targets/lambda/tasks/tests.yml
@@ -0,0 +1,89 @@
+- name: Create a Lambda function (check)
+  lambda:
+    name: "{{ function_name }}"
+    code: "# no actual code"
+    runtime: python3.8
+    timeout: 60
+    handler: lambda_function.lambda_handler
+    memory_size: 128
+    role: "{{ iam_role_arn }}"
+    publish: yes
+    qualifier: "test"
+  check_mode: yes
+  register: create_check
+
+- name: Create a Lambda function (changed)
+  lambda:
+    name: "{{ function_name }}"
+    code: "# no actual code"
+    runtime: python3.8
+    timeout: 60
+    handler: lambda_function.lambda_handler
+    memory_size: 128
+    role: "{{ iam_role_arn }}"
+    publish: yes
+    qualifier: "test"
+  register: create_changed
+
+- name: Create a Lambda function (unchanged)
+  lambda:
+    name: "{{ function_name }}"
+    code: "# no actual code"
+    runtime: python3.8
+    timeout: 60
+    handler: lambda_function.lambda_handler
+    memory_size: 128
+    role: "{{ iam_role_arn }}"
+    publish: no  # publishing would force an update and thus report changed
+    qualifier: "test"
+  register: create_unchanged
+
+- name: Update a Lambda function (check)
+  lambda:
+    name: "{{ function_name }}"
+    code: "# updated code"
+    runtime: python3.8
+    timeout: 60
+    handler: lambda_function.lambda_handler
+    memory_size: 128
+    role: "{{ iam_role_arn }}"
+    publish: yes
+    qualifier: "test"
+  check_mode: yes
+  register: update_check
+
+- name: Update a Lambda function (changed)
+  lambda:
+    name: "{{ function_name }}"
+    code: "# updated code"
+    runtime: python3.8
+    timeout: 60
+    handler: lambda_function.lambda_handler
+    memory_size: 128
+    role: "{{ iam_role_arn }}"
+    publish: yes
+    qualifier: "test"
+  register: update_changed
+
+- name: Update a Lambda function (unchanged)
+  lambda:
+    name: "{{ function_name }}"
+    code: "# updated code"
+    runtime: python3.8
+    timeout: 60
+    handler: lambda_function.lambda_handler
+    memory_size: 128
+    role: "{{ iam_role_arn }}"
+    publish: no  # publishing would force an update and thus report changed
+    qualifier: "test"
+  register: update_unchanged
+
+- name: Check results
+  assert:
+    that:
+      - create_check is changed
+      - create_changed is changed
+      - create_unchanged is not changed
+      - update_check is changed
+      - update_changed is changed
+      - update_unchanged is not changed
diff --git a/tests/integration/targets/lambda_alias/aliases b/tests/integration/targets/lambda_alias/aliases
new file mode 100644
index 0000000..1be5b9d
--- /dev/null
+++ b/tests/integration/targets/lambda_alias/aliases
@@ -0,0 +1,2 @@
+cloud/aws
+gather_facts/no
diff --git a/tests/integration/targets/lambda_alias/defaults/main.yml b/tests/integration/targets/lambda_alias/defaults/main.yml
new file mode 100644
index 0000000..3c54ea8
--- /dev/null
+++ b/tests/integration/targets/lambda_alias/defaults/main.yml
@@ -0,0 +1,4 @@
+function_name: "{{ resource_prefix }}-event"
+function_arn: "arn:aws:lambda:{{ aws_region }}:{{ aws_account_id }}:function:{{ function_name }}:test"
+iam_role_name: "{{ ('' if resource_prefix.startswith('ansible-test-') else 'ansible-test-') + resource_prefix }}"
+iam_role_arn: "arn:aws:iam::{{ aws_account_id }}:role/{{ iam_role_name }}"
diff --git a/tests/integration/targets/lambda_alias/tasks/main.yml b/tests/integration/targets/lambda_alias/tasks/main.yml
new file mode 100644
index 0000000..a86303c
--- /dev/null
+++ b/tests/integration/targets/lambda_alias/tasks/main.yml
@@ -0,0 +1,9 @@
+- block:
+    - import_tasks: setup.yml
+    - import_tasks: tests.yml
+  module_defaults:
+    group/mattclay.aws.common:
+      access_key: "{{ aws_access_key }}"
+      secret_key: "{{ aws_secret_key }}"
+      aws_region: "{{ aws_region }}"
+      security_token: "{{ security_token }}"
diff --git a/tests/integration/targets/lambda_alias/tasks/setup.yml b/tests/integration/targets/lambda_alias/tasks/setup.yml
new file mode 100644
index 0000000..c4f511a
--- /dev/null
+++ b/tests/integration/targets/lambda_alias/tasks/setup.yml
@@ -0,0 +1,32 @@
+- name: Create a role
+  community.aws.iam_role:
+    name: "{{ iam_role_name }}"
+    assume_role_policy_document:
+      Version: '2012-10-17'
+      Statement:
+        - Action: sts:AssumeRole
+          Effect: Allow
+          Principal:
+            Service: lambda.amazonaws.com
+    managed_policies:
+      - arn:aws:iam::aws:policy/service-role/AWSLambdaSQSQueueExecutionRole
+
+- name: Wait for role to be usable
+  pause:
+    seconds: 10
+
+- name: Gather account facts
+  aws_account_facts:
+
+- name: Create a Lambda function
+  lambda:
+    name: "{{ function_name }}"
+    code: "# no actual code"
+    runtime: python3.8
+    timeout: 60
+    handler: lambda_function.lambda_handler
+    memory_size: 128
+    role: "{{ iam_role_arn }}"
+    publish: yes
+    qualifier: "test"
+  register: lambda_function
diff --git a/tests/integration/targets/lambda_alias/tasks/tests.yml b/tests/integration/targets/lambda_alias/tasks/tests.yml
new file mode 100644
index 0000000..c5dfc68
--- /dev/null
+++ b/tests/integration/targets/lambda_alias/tasks/tests.yml
@@ -0,0 +1,59 @@
+- name: Create the Lambda function alias (check)
+  lambda_alias:
+    name: "test"
+    description: "test alias"
+    function_name: "{{ lambda_function.meta.function_name }}"
+    version: "{{ lambda_function.meta.version }}"
+  check_mode: yes
+  register: create_check
+
+- name: Create the Lambda function alias (changed)
+  lambda_alias:
+    name: "test"
+    description: "test alias"
+    function_name: "{{ lambda_function.meta.function_name }}"
+    version: "{{ lambda_function.meta.version }}"
+  register: create_changed
+
+- name: Create the Lambda function alias (unchanged)
+  lambda_alias:
+    name: "test"
+    description: "test alias"
+    function_name: "{{ lambda_function.meta.function_name }}"
+    version: "{{ lambda_function.meta.version }}"
+  register: create_unchanged
+
+- name: Update the Lambda function alias (check)
+  lambda_alias:
+    name: "test"
+    description: "updated alias"
+    function_name: "{{ lambda_function.meta.function_name }}"
+    version: "{{ lambda_function.meta.version }}"
+  check_mode: yes
+  register: update_check
+
+- name: Update the Lambda function alias (changed)
+  lambda_alias:
+    name: "test"
+    description: "updated alias"
+    function_name: "{{ lambda_function.meta.function_name }}"
+    version: "{{ lambda_function.meta.version }}"
+  register: update_changed
+
+- name: Update the Lambda function alias (unchanged)
+  lambda_alias:
+    name: "test"
+    description: "updated alias"
+    function_name: "{{ lambda_function.meta.function_name }}"
+    version: "{{ lambda_function.meta.version }}"
+  register: update_unchanged
+
+- name: Check results
+  assert:
+    that:
+      - create_check is changed
+      - create_changed is changed
+      - create_unchanged is not changed
+      - update_check is changed
+      - update_changed is changed
+      - update_unchanged is not changed