Fix integration test issue

redhat-cop · Dec 19, 2023 · 725e7ad · 725e7ad
1 parent fcab549
commit 725e7ad
Show file tree

Hide file tree

Showing 11 changed files with 55 additions and 83 deletions.
diff --git a/changelogs/fragments/20231219-deploy_flask_app-update-arguments-spec.yml b/changelogs/fragments/20231219-deploy_flask_app-update-arguments-spec.yml
@@ -0,0 +1,6 @@
+---
+breaking_changes:
+  - >-
+    roles/deploy_flask_app - Remove parameter ``deploy_flask_app_sshkey_pair_name`` that was previously required to create
+    ssh connection to the bastion host in favor of the new parameter ``deploy_flask_app_bastion_ssh_private_key`` defining
+    the path to the ssh private key file to use instead ().
diff --git a/playbooks/webapp/migrate_webapp.yaml b/playbooks/webapp/migrate_webapp.yaml
@@ -58,6 +58,7 @@
       ansible.builtin.import_role:
         name: cloud.aws_ops.deploy_flask_app
       vars:
+        deploy_flask_app_bastion_ssh_private_key: "{{ sshkey_file }}"
         deploy_flask_app_private_subnet_id: "{{ private_subnet.subnet.id }}"
         deploy_flask_app_vpc_id: "{{ vpc.vpc.id }}"
         deploy_flask_app_vm_info: "{{ vm_result }}"

diff --git a/playbooks/webapp/webapp.yaml b/playbooks/webapp/webapp.yaml
@@ -26,6 +26,7 @@
       ansible.builtin.include_role:
         name: cloud.aws_ops.deploy_flask_app
       vars:
+        deploy_flask_app_bastion_ssh_private_key: "{{ sshkey_file }}"
         deploy_flask_app_private_subnet_id: "{{ private_subnet.subnet.id }}"
         deploy_flask_app_vpc_id: "{{ vpc.vpc.id }}"
         deploy_flask_app_vm_info: "{{ vm_result }}"

diff --git a/playbooks/webapp/webapp_ha_aurora.yaml b/playbooks/webapp/webapp_ha_aurora.yaml
@@ -57,6 +57,7 @@
           ansible.builtin.include_role:
             name: cloud.aws_ops.deploy_flask_app
           vars:
+            deploy_flask_app_bastion_ssh_private_key: "{{ sshkey_file }}"
             deploy_flask_app_private_subnet_id: "{{ primary_private_subnet.subnets[0].id }}"
             deploy_flask_app_vpc_id: "{{ primary_vpc.vpcs[0].id }}"
             deploy_flask_app_vm_info: "{{ primary_vm_result }}"
@@ -96,6 +97,7 @@
           ansible.builtin.include_role:
             name: cloud.aws_ops.deploy_flask_app
           vars:
+            deploy_flask_app_bastion_ssh_private_key: "{{ sshkey_file }}"
             deploy_flask_app_private_subnet_id: "{{ replica_private_subnet.subnets[0].id }}"
             deploy_flask_app_vpc_id: "{{ replica_vpc.vpcs[0].id }}"
             deploy_flask_app_vm_info: "{{ replica_vm_result }}"

diff --git a/roles/deploy_flask_app/README.md b/roles/deploy_flask_app/README.md
@@ -24,20 +24,20 @@ Role Variables
 ## variables to create new hosts and groups in inventory of in memory playbook.
 
 * **deploy_flask_app_region** (str): Region where the app is to be deployed.
-* **deploy_flask_app_bastion_host_username** (str): Username for the bastion host SSH user.
 * **deploy_flask_app_private_subnet_id** (str): Private subnet id of the bastion host
 * **deploy_flask_app_vpc_id** (str): vpc id for the host.
 * **deploy_flask_app_rds_info** (dict): A dict of information for the backend RDS. This dict has the output of amazon.aws.rds_instance_info mode.
 * **deploy_flask_app_rds_master_username** (str): Username for the RDS instance.
 * **deploy_flask_app_rds_master_password** (str): password for the RDS instance.
 * **deploy_flask_app_vm_info** (dict): A dict of information for the vm to use. This dict has the output of amazon.aws.ec2_instance_info module.
-* **deploy_flask_app_sshkey_pair_name** (str): Name for the EC2 key pair.
 
 ## variables needed for the deployment
 
 # Bastion host
 * **deploy_flask_app_bastion_host_name** (str): Name for the EC2 instance.
+* **deploy_flask_app_bastion_host_username** (str): Username for the bastion host SSH user.
 * **deploy_flask_app_bastion_host_required_packages** (list): Packages to be installed on the bastion host.
+* **deploy_flask_app_bastion_ssh_private_key** (path): The path to the ssh private key file to use to connect to the bastion host.
 * **deploy_flask_app_number_of_workers** (int): Number of instances to create.
 * **deploy_flask_app_workers_instance_type** (str): RC2 instance type for workers.
 * **deploy_flask_app_workers_user_name** (str): Username for the workers.

diff --git a/roles/deploy_flask_app/meta/argument_specs.yml b/roles/deploy_flask_app/meta/argument_specs.yml
@@ -16,6 +16,11 @@ argument_specs:
         description: Name for the EC2 instance.
         type: str
         required: True
+      deploy_flask_app_bastion_ssh_private_key:
+        description: The path to ssh private key file to use to connect to the bastion host.
+        type: path
+        required: True
+        version_added: 2.1.0
       deploy_flask_app_bastion_host_required_packages:
         description: Packages to be installed on the bastion host.
         type: list
@@ -29,10 +34,6 @@ argument_specs:
         description: vpc id for the host.
         type: str
         required: True
-      deploy_flask_app_sshkey_pair_name:
-        description: Name for the EC2 key pair.
-        type: str
-        required: True
       deploy_flask_app_rds_info:
         description: A dict of information for the backend RDS. This dict has the output of amazon.aws.rds_instance_info module.
         type: dict

diff --git a/roles/deploy_flask_app/tasks/setup.yaml b/roles/deploy_flask_app/tasks/setup.yaml
@@ -5,16 +5,12 @@
 
 - name: Create resources playbook
   block:
-    - name: Set 'sshkey_file' variable
-      ansible.builtin.set_fact:
-        deploy_flask_app_sshkey_file: ~/private-key-{{ deploy_flask_app_sshkey_pair_name }}-{{ deploy_flask_app_region | default(aws_region) }}
-
     - name: Add host to inventory
       ansible.builtin.add_host:
         hostname: bastion
         ansible_ssh_user: "{{ deploy_flask_app_bastion_host_username }}"
         ansible_host: "{{ deploy_flask_app_vm_info.instances.0.public_ip_address }}"
-        ansible_ssh_common_args: -o "UserKnownHostsFile=/dev/null" -o StrictHostKeyChecking=no -i {{ deploy_flask_app_sshkey_file }}
+        ansible_ssh_common_args: -o "UserKnownHostsFile=/dev/null" -o StrictHostKeyChecking=no -i {{ deploy_flask_app_bastion_ssh_private_key }}
         ansible_python_interpreter: auto
         ansible_host_name: "{{ deploy_flask_app_vm_info.instances.0.public_dns_name | split('.') | first }}"
         host_config:
@@ -26,7 +22,7 @@
           vpc_id: "{{ deploy_flask_app_vpc_id }}"
           rds_info:
             host: "{{ deploy_flask_app_rds_info.instances.0.endpoint.address }}"
-            name: "{{ deploy_flask_app_rds_info.instances.0.db_name | default('mysampledb123') }}"
-            master_user_password: "{{ deploy_flask_app_rds_master_password | default('L#5cH2mgy_') }}"
-            master_username: "{{ deploy_flask_app_rds_master_username | default('ansible') }}"
+            name: "{{ deploy_flask_app_rds_info.instances.0.db_name }}"
+            master_user_password: "{{ deploy_flask_app_rds_master_password }}"
+            master_username: "{{ deploy_flask_app_rds_master_username }}"
       register: deploy_flask_app_setup
diff --git a/tests/integration/targets/test_deploy_flask_app/aliases b/tests/integration/targets/test_deploy_flask_app/aliases
@@ -1,7 +1,3 @@
 cloud/aws
 role/deploy_flask_app
-time=35m
-
-# Integration tests are broken
-# fatal: [testhost -> bastion]: UNREACHABLE!
-disabled
+time=35m
diff --git a/tests/integration/targets/test_deploy_flask_app/handlers/main.yml b/tests/integration/targets/test_deploy_flask_app/handlers/main.yml
@@ -0,0 +1,6 @@
+---
+- name: Delete temporary key pair directory
+  ansible.builtin.file:
+    state: absent
+    path: "{{ test_deploy_flask_app__tmpdir.path }}"
+  when: test_deploy_flask_app__tmpdir is defined
diff --git a/tests/integration/targets/test_deploy_flask_app/tasks/create.yaml b/tests/integration/targets/test_deploy_flask_app/tasks/create.yaml
@@ -70,7 +70,7 @@
         state: present
       register: internet_gw
 
-    - name: Create NAT gateway (allow access to internet for instances in private subnet)
+    - name: Create NAT gateway attached to the public subnet (allow access to internet for instances in private subnet)
       amazon.aws.ec2_vpc_nat_gateway:
         subnet_id: "{{ subnet.subnet.id }}"
         if_exist_do_not_create: true
@@ -141,65 +141,33 @@
         state: present
       register: rds_sg
 
-    - name: Get RDS instance info
-      amazon.aws.rds_instance_info:
-        db_instance_identifier: "{{ rds_identifier }}"
-      register: rds_result
-
-    - name: Create RDS instance
-      when: rds_result.instances | length == 0
-      block:
-        - name: Create RDS instance (PostGreSQL Database)
-          amazon.aws.rds_instance:
-            force_update_password: true
-            wait: true
-            allocated_storage: "{{ rds_allocated_storage_gb }}"
-            backup_retention_period: 0
-            db_instance_class: "{{ rds_instance_class }}"
-            db_instance_identifier: "{{ rds_identifier }}"
-            db_name: "{{ rds_instance_name }}"
-            engine: "{{ rds_engine }}"
-            engine_version: "{{ rds_engine_version }}"
-            master_user_password: "{{ deploy_flask_app_rds_master_password }}"
-            master_username: "{{ deploy_flask_app_rds_master_username }}"
-            monitoring_interval: 0
-            storage_type: standard
-            skip_final_snapshot: true
-            db_subnet_group_name: "{{ rds_subnet_group_name }}"
-            vpc_security_group_ids:
-              - "{{ rds_sg.group_id }}"
-          when: rds_snapshot_arn is not defined
-
-        - name: Create RDS instance from snapshot (PostGreSQL Database)
-          amazon.aws.rds_instance:
-            force_update_password: true
-            wait: true
-            allocated_storage: "{{ rds_allocated_storage_gb }}"
-            backup_retention_period: 0
-            db_instance_class: "{{ rds_instance_class }}"
-            db_instance_identifier: "{{ rds_identifier }}"
-            engine: "{{ rds_engine }}"
-            engine_version: "{{ rds_engine_version }}"
-            master_user_password: "{{ deploy_flask_app_rds_master_password }}"
-            master_username: "{{ deploy_flask_app_rds_master_user }}"
-            monitoring_interval: 0
-            storage_type: standard
-            skip_final_snapshot: true
-            db_subnet_group_name: "{{ rds_subnet_group_name }}"
-            vpc_security_group_ids:
-              - "{{ rds_sg.group_id }}"
-            creation_source: snapshot
-            db_snapshot_identifier: "{{ rds_snapshot_arn }}"
-          when: rds_snapshot_arn is defined
-
-    - name: Get RDS instance info
-      amazon.aws.rds_instance_info:
+    - name: Create RDS instance (PostGreSQL Database)
+      amazon.aws.rds_instance:
+        force_update_password: true
+        wait: true
+        allocated_storage: "{{ rds_allocated_storage_gb }}"
+        backup_retention_period: 0
+        db_instance_class: "{{ rds_instance_class }}"
         db_instance_identifier: "{{ rds_identifier }}"
+        db_name: "{{ rds_instance_name }}"
+        engine: "{{ rds_engine }}"
+        engine_version: "{{ rds_engine_version }}"
+        master_user_password: "{{ deploy_flask_app_rds_master_password }}"
+        master_username: "{{ deploy_flask_app_rds_master_username }}"
+        monitoring_interval: 0
+        storage_type: standard
+        skip_final_snapshot: true
+        db_subnet_group_name: "{{ rds_subnet_group_name }}"
+        vpc_security_group_ids:
+          - "{{ rds_sg.group_id }}"
       register: rds_result
 
-    - name: Set 'sshkey_file' variable
-      ansible.builtin.set_fact:
-        sshkey_file: ~/private-key-{{ deploy_flask_app_sshkey_pair_name }}-{{ region | default(aws_region) }}
+    - name: Create temporary directory to save private key in
+      ansible.builtin.tempfile:
+        suffix: .key
+        state: directory
+      register: test_deploy_flask_app__tmpdir
+      notify: 'Delete temporary key pair directory'
 
     - name: Create key pair to connect to the VM
       amazon.aws.ec2_key:
@@ -209,9 +177,8 @@
     - name: Save private key into file
       ansible.builtin.copy:
         content: "{{ rsa_key.key.private_key }}"
-        dest: "{{ sshkey_file }}"
+        dest: "{{ test_deploy_flask_app__tmpdir.path }}/id_rsa"
         mode: 0400
-      when: rsa_key is changed
 
     - name: Create a virtual machine
       amazon.aws.ec2_instance:

diff --git a/tests/integration/targets/test_deploy_flask_app/tasks/main.yaml b/tests/integration/targets/test_deploy_flask_app/tasks/main.yaml
@@ -8,11 +8,6 @@
       region: "{{ aws_region }}"
 
   block:
-    - name: Fail when 'resource_prefix' is not defined
-      ansible.builtin.fail:
-        msg: resource prefix should be defined as resource_prefix
-      when: resource_prefix is not defined
-
     - name: Run operation create
       ansible.builtin.include_tasks: "create.yaml"
 
@@ -24,6 +19,7 @@
         deploy_flask_app_vpc_id: "{{ vpc.vpc.id }}"
         deploy_flask_app_vm_info: "{{ vm_result }}"
         deploy_flask_app_rds_info: "{{ rds_result }}"
+        deploy_flask_app_bastion_ssh_private_key: "{{ test_deploy_flask_app__tmpdir.path }}/id_rsa"
 
     - name: Check that a page returns successfully
       ansible.builtin.uri: