From 58e30adf556726b2c3cd78df405b0e9fe4813bbe Mon Sep 17 00:00:00 2001
From: Mark Chappell <mchappel@redhat.com>
Date: Fri, 15 Oct 2021 10:21:05 +0200
Subject: [PATCH] Slightly rework ec2_win_password unit tests to account for
 boto3

---
 test-requirements.txt                         |  2 ++
 .../plugins/modules/test_ec2_win_password.py  | 34 +++++++++++++------
 tests/unit/requirements.txt                   |  1 +
 3 files changed, 27 insertions(+), 10 deletions(-)

diff --git a/test-requirements.txt b/test-requirements.txt
index 77c76b86509..d44dc6b2012 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -14,3 +14,5 @@ netaddr
 awscli
 # Used for comparing SSH Public keys to the Amazon fingerprints
 pycrypto
+# Used by ec2_win_password
+cryptography
diff --git a/tests/unit/plugins/modules/test_ec2_win_password.py b/tests/unit/plugins/modules/test_ec2_win_password.py
index c572378ccb1..58082f6cc4a 100644
--- a/tests/unit/plugins/modules/test_ec2_win_password.py
+++ b/tests/unit/plugins/modules/test_ec2_win_password.py
@@ -17,6 +17,8 @@
 string_cipher = base64.b64encode(base64_cipher)
 '''
 
+import datetime
+
 from ansible.module_utils._text import to_bytes
 from ansible.module_utils._text import to_text
 from ansible_collections.community.aws.tests.unit.compat.mock import patch
@@ -31,25 +33,37 @@
 
 
 class TestEc2WinPasswordModule(ModuleTestCase):
-    @patch('ansible_collections.community.aws.plugins.modules.ec2_win_password.ec2_connect')
-    def test_decryption(self, mock_connect):
 
-        path = fixture_prefix + '/ec2_win_password.pem'
+    # Future: It would be good to generate this data on the fly and use a
+    # temporary certificate and password.
+    PEM_PATH = fixture_prefix + '/ec2_win_password.pem'
+    UNENCRYPTED_DATA = 'Ansible_AWS_EC2_Win_Password'
+    ENCRYPTED_DATA = 'L2k1iFiu/TRrjGr6Rwco/T3C7xkWxUw4+YPYpGGOmP3KDdy3hT1' \
+                     '8RvdDJ2i0e+y7wUcH43DwbRYSlkSyALY/nzjSV9R5NChUyVs3W5' \
+                     '5oiVuyTKsk0lor8dFJ9z9unq14tScZHvyQ3Nx1ggOtS18S9Pk55q' \
+                     'IaCXfx26ucH76VRho='
+    INSTANCE_ID = 'i-12345'
+
+    @patch('ansible_collections.community.aws.plugins.modules.s3_bucket_notification.AnsibleAWSModule.client')
+    def test_decryption(self, mock_client):
+
+        path = self.PEM_PATH
         with open(path, 'r') as f:
             pem = to_text(f.read())
 
         with self.assertRaises(AnsibleExitJson) as exec_info:
-            set_module_args({'instance_id': 'i-12345',
-                             'key_data': pem
+            set_module_args({'instance_id': self.INSTANCE_ID,
+                             'key_data': pem,
                              })
             module = setup_module_object()
-            mock_connect().get_password_data.return_value = 'L2k1iFiu/TRrjGr6Rwco/T3C7xkWxUw4+YPYpGGOmP3KDdy3hT1' \
-                                                            '8RvdDJ2i0e+y7wUcH43DwbRYSlkSyALY/nzjSV9R5NChUyVs3W5' \
-                                                            '5oiVuyTKsk0lor8dFJ9z9unq14tScZHvyQ3Nx1ggOtS18S9Pk55q' \
-                                                            'IaCXfx26ucH76VRho='
+            mock_client().get_password_data.return_value = {
+                'InstanceId': self.INSTANCE_ID,
+                'PasswordData': self.ENCRYPTED_DATA,
+                'Timestamp': datetime.datetime.now(),
+            }
             ec2_win_password(module)
 
         self.assertEqual(
             exec_info.exception.args[0]['win_password'],
-            to_bytes('Ansible_AWS_EC2_Win_Password'),
+            to_bytes(self.UNENCRYPTED_DATA),
         )
diff --git a/tests/unit/requirements.txt b/tests/unit/requirements.txt
index 704c73a25b2..4c5b1ce9282 100644
--- a/tests/unit/requirements.txt
+++ b/tests/unit/requirements.txt
@@ -4,3 +4,4 @@ boto3
 boto
 
 placebo
+cryptography