lod
commented
3 years ago A way forward on this is to use the ansible_connection option in the platform connection_options to special case portions of the create process.
This is what driver.py uses to differentiate the operating systems and controls the password retrieval and molecule login command.
I feel this overlaps with the discussion in ansible-community/molecule-plugins#52
@jgoldschrafe 's excellent work on the create/destroy templates significantly degrade windows support. To me the killer feature of molecule-ec2 of using docker is the support for Windows based hosts.
The default cloud-init key inject method doesn't create or associate an ec2 based key. This is required to extract the default random windows password from AWS.
The default security group only permits ssh access, it doesn't allow the winrm ports or rdp. These should be safe to open as they don't overlap with significant linux services.
The image user data is hard coded to be cloud-init yaml content. For a Windows image this should be powershell. The structure of passing a dict via platform_cloud_config which is converted to yaml will not work for Windows user_data.
Waiting for the ssh port to come up also doesn't work on a host which doesn't use ssh. Changing the port is insufficient as the test looks for the ssh connection response.