add integration tests for the netcat feature

Author: abikouo

tests/integration/targets/connection_aws_ssm_fedora_netcat/aliases

@@ -0,0 +1,4 @@
+time=8m
+
+cloud/aws
+connection_aws_ssm

tests/integration/targets/connection_aws_ssm_fedora_netcat/aws_ssm_integration_test_setup.yml

@@ -0,0 +1,7 @@
+- hosts: localhost
+  roles:
+    - role: ../setup_connection_aws_ssm
+      vars:
+        target_os: fedora
+        use_s3_bucket: false
+        host_port_number: 50547

tests/integration/targets/connection_aws_ssm_fedora_netcat/aws_ssm_integration_test_teardown.yml

@@ -0,0 +1,5 @@
+- hosts: localhost
+  tasks:
+    - include_role:
+        name: ../setup_connection_aws_ssm
+        tasks_from: cleanup.yml

tests/integration/targets/connection_aws_ssm_fedora_netcat/meta/main.yml

@@ -0,0 +1,3 @@
+dependencies:
+  - connection
+  - setup_connection_aws_ssm

tests/integration/targets/connection_aws_ssm_fedora_netcat/runme.sh

@@ -0,0 +1,27 @@
+#!/usr/bin/env bash
+
+PLAYBOOK_DIR=$(pwd)
+set -eux
+
+CMD_ARGS=("$@")
+
+# Destroy Environment
+cleanup() {
+
+    cd "${PLAYBOOK_DIR}"
+    ansible-playbook aws_ssm_integration_test_teardown.yml "${CMD_ARGS[@]}"
+
+}
+
+trap "cleanup" EXIT
+
+# Setup Environment
+ansible-playbook aws_ssm_integration_test_setup.yml "$@"
+
+# Export the AWS Keys
+set +x
+. ./aws-env-vars.sh
+set -x
+
+# Execute Integration tests
+ansible-playbook test.yml -i "${PLAYBOOK_DIR}/ssm_inventory" "$@"

tests/integration/targets/connection_aws_ssm_fedora_netcat/test.yml

@@ -0,0 +1,45 @@
+- name: Deploy web server on ec2 instance using SSM
+  hosts: aws_ssm
+  gather_facts: true
+
+  vars:
+    server_content: |
+      Enable SysAdmin Demo:
+      Ansible Profiling with Callback Plugin
+      Custom Web Page
+
+  tasks:
+    - name: Install httpd package
+      ansible.builtin.dnf:
+        name: httpd
+        state: present
+      become: true
+
+    - name: Start and enable httpd service
+      ansible.builtin.service:
+        name: httpd
+        enabled: true
+        state: started
+      become: true
+
+    - name: Create a custom index.html file
+      ansible.builtin.copy:
+        dest: /var/www/html/index.html
+        content: "{{ server_content }}"
+      become: true
+
+    - name: Ping Web server
+      ansible.builtin.get_url:
+        url: "http://localhost:80"
+        dest: /tmp/server.txt
+
+    - name: Fetch file from remote host
+      ansible.builtin.fetch:
+        src: "/tmp/server.txt"
+        dest: "/tmp/ansible_ssm_server.txt"
+        flat: true
+
+    - name: Validate server content
+      ansible.builtin.assert:
+        that:
+          - lookup('file', '/tmp/ansible_ssm_server.txt', rstrip=false) == server_content

tests/integration/targets/setup_connection_aws_ssm/defaults/main.yml

@@ -4,10 +4,10 @@ instance_type: t3.micro
 ami_details:
     fedora:
         owner: 125523088429
-        name: 'Fedora-Cloud-Base-41-1.2.x86_64*'
+        name: 'Fedora-Cloud-Base-*.x86_64-41-*'
         user_data: |
             #!/bin/sh
-            sudo dnf install -y https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_amd64/amazon-ssm-agent.rpm
+            sudo dnf install -y https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_amd64/amazon-ssm-agent.rpm nc
             sudo systemctl start amazon-ssm-agent
         os_type: linux
     centos:

tests/integration/targets/setup_connection_aws_ssm/tasks/main.yml

@@ -10,23 +10,18 @@
       session_token: '{{ security_token | default(omit) }}'
       region: '{{ aws_region }}'
   block:
-
-    - name: get ARN of calling user
-      amazon.aws.aws_caller_info:
-      register: aws_caller_info
-
     - name: setup connection argments fact
       ansible.builtin.include_tasks: 'connection_args.yml'
 
     - name: Ensure IAM instance role exists
       amazon.aws.iam_role:
-        name: "ansible-test-{{tiny_prefix}}-aws-ssm-role"
-        assume_role_policy_document: "{{ lookup('file','ec2-trust-policy.json') }}"
+        name: "ansible-test-{{ tiny_prefix }}-aws-ssm-role"
+        assume_role_policy_document: "{{ lookup('file', 'ec2-trust-policy.json') }}"
         state: present
-        create_instance_profile: yes
+        create_instance_profile: true
         managed_policy:
-        - AmazonSSMManagedInstanceCore
-        wait: True
+          - AmazonSSMManagedInstanceCore
+        wait: true
       register: role_output
 
     - name: Lookup AMI configuration
@@ -40,14 +35,15 @@
           name: '{{ ami_configuration.name }}'
       register: ec2_amis
       when:
-        - ami_configuration.name | default(False)
+        - '"name" in ami_configuration'
+        - ami_configuration.name != ""
 
     - name: AMI Lookup (SSM Parameter)
-      when:
-        - ami_configuration.ssm_parameter | default(False)
-      block:
-        - ansible.builtin.set_fact:
+      ansible.builtin.set_fact:
             ssm_amis: "{{ lookup('amazon.aws.ssm_parameter', ami_configuration.ssm_parameter, **connection_args) }}"
+      when:
+        - '"ssm_parameter" in ami_configuration'
+        - ami_configuration.ssm_parameter != ""
 
     - name: Set facts with latest AMIs
       vars:
@@ -112,6 +108,7 @@
         name: "{{ s3_bucket_name }}"
         region: "{{ s3_bucket_region | default(omit)}}"
       register: s3_output
+      when: use_s3_bucket | default(True) | bool
 
     - name: setup encryption
       ansible.builtin.include_tasks: 'encryption.yml'
@@ -141,26 +138,28 @@
         src: ec2_instance_vars_to_delete.yml.j2
       ignore_errors: true
       when:
+        - instance_output is defined
         - instance_output is successful
 
     - name: Create IAM Role vars_to_delete.yml
       ansible.builtin.template:
         dest: "{{ playbook_dir }}/iam_role_vars_to_delete.yml"
         src: iam_role_vars_to_delete.yml.j2
       when:
+        - role_output is defined
         - role_output is successful
-      ignore_errors: true
 
     - name: Create S3.yml
       ansible.builtin.template:
         dest: "{{ playbook_dir }}/s3_vars_to_delete.yml"
         src: s3_vars_to_delete.yml.j2
       when:
-        - s3_output is successful
-      ignore_errors: true
+        - s3_output is defined
+        - '"name" in s3_output'
 
     - name: Create SSM vars_to_delete.yml
       ansible.builtin.template:
         dest: "{{ playbook_dir }}/ssm_vars_to_delete.yml"
         src: ssm_vars_to_delete.yml.j2
-      ignore_errors: true
+      when:
+        - use_ssm_document | default(False)

tests/integration/targets/setup_connection_aws_ssm/tasks/ssm_document.yml

@@ -1,11 +1,4 @@
 ---
-- block:
-    - name: Create custom SSM document
-      command: "aws ssm create-document --content file://{{ role_path }}/files/ssm-document.json --name {{ ssm_document_name }} --document-type Session"
-      environment: "{{ connection_env }}"
-  always:
-    - name: Create SSM vars_to_delete.yml
-      template:
-        dest: "{{ playbook_dir }}/ssm_vars_to_delete.yml"
-        src: ssm_vars_to_delete.yml.j2
-      ignore_errors: true
+- name: Create custom SSM document
+  command: "aws ssm create-document --content file://{{ role_path }}/files/ssm-document.json --name {{ ssm_document_name }} --document-type Session"
+  environment: "{{ connection_env }}"

tests/integration/targets/setup_connection_aws_ssm/templates/inventory-combined.aws_ssm.j2

@@ -31,7 +31,12 @@ ansible_connection=community.aws.aws_ssm
 ansible_aws_ssm_plugin=/usr/local/sessionmanagerplugin/bin/session-manager-plugin
 ansible_python_interpreter={{ os_python_path | default('/usr/bin/python3') }}
 local_tmp=/tmp/ansible-local-{{ tiny_prefix }}
+{% if use_s3_bucket | default(True) %}
 ansible_aws_ssm_bucket_name={{ s3_bucket_name }}
+{% endif %}
+{% if host_port_number | default(False) %}
+ansible_aws_ssm_host_port_number={{ host_port_number }}
+{% endif %}
 {% if s3_addressing_style | default(False) %}
 ansible_aws_ssm_s3_addressing_style={{ s3_addressing_style }}
 {% endif %}