Commit graph

1583 commits

Author SHA1 Message Date
Adrian Likins
e396d5d508 Implement vault encrypted yaml variables. (#16274)
Make !vault-encrypted create a AnsibleVaultUnicode
yaml object that can be used as a regular string object.

This allows a playbook to include a encrypted vault
blob for the value of a yaml variable. A 'secret_password'
variable can have it's value encrypted instead of having
to vault encrypt an entire vars file.

Add __ENCRYPTED__ to the vault yaml types so
template.Template can treat it similar
to __UNSAFE__ flags.

vault.VaultLib api changes:
    - Split VaultLib.encrypt to encrypt and encrypt_bytestring

    - VaultLib.encrypt() previously accepted the plaintext data
      as either a byte string or a unicode string.
      Doing the right thing based on the input type would fail
      on py3 if given a arg of type 'bytes'. To simplify the
      API, vaultlib.encrypt() now assumes input plaintext is a
      py2 unicode or py3 str. It will encode to utf-8 then call
      the new encrypt_bytestring(). The new methods are less
      ambiguous.

    - moved VaultLib.is_encrypted logic to vault module scope
      and split to is_encrypted() and is_encrypted_file().

Add a test/unit/mock/yaml_helper.py
It has some helpers for testing parsing/yaml

Integration tests added as roles test_vault and test_vault_embedded
2016-08-23 20:03:11 -04:00
Toshio Kuratomi
a22909c226 Migrate basestring to a python3 compatible type (#17199) 2016-08-23 13:13:44 -07:00
Matt Clay
a695e18615 Add support for OS X CI on Shippable. (#17160) 2016-08-23 10:49:46 -07:00
Toshio Kuratomi
57701d7115 Give native strings to selinux library functions. (#17184)
* Give native strings to selinux library functions.

SELinux takes pathnames as native strings.  That means we need to
convert to bytes on python2 and convert to text on python3.

Fixes #17155

* Read kitchen documentation, make module_utils params more like kitchen API

* Remove none nonstring strategy and add strict
* Raise TypeError on invalid nonstring strategy

* Document to_native()

* Make unittests for testing module_utils.text
2016-08-22 16:44:13 -07:00
Adrian Likins
a4785c2691 Fix docker connection plugin version tests and py2.6 compat (#16841)
* Rm py2.7+ code in docker connection plugin

The docker connection plugin was using subprocess.check_output
which only exists in python 2.7 and later. Connection plugins
need to support python2.6 so this replaces it with Popen/communicate()

* Handle docker ver errors in docker connection

Add unit tests for DockerConnection

Fixes #16971
2016-08-22 10:39:38 -04:00
Toshio Kuratomi
d29a7c55fe Enable some basic.py tests on python3 (#17167) 2016-08-20 10:13:54 -07:00
Adrian Likins
7d41f623dd Move py34 mock_open compat to compat/test/mock (#17157)
test/units/plugins/action/test_action.py had code
for handling a bug in python 3.4's mock_open that
causes errors when reading binary data.

Moved to compat/tests/mock.py so other tests can
use it by default.
2016-08-19 18:11:24 -04:00
Matt Clay
04bd6a3619 Make tests more cross platform. (#17154) 2016-08-19 10:23:14 -07:00
Dusty Mabe
b817f1f3ea actions/unarchive: fix unarchive from remote url (#17126)
* actions/unarchive: fix unarchive from remote url

Currently unarchive from remote url does not work because the core
unarchive module was updated to support 'remote_src' [1], but the
unarchive action plugin was not updated for this. This causes failures
because the action plugin assumes it needs to copy a file to the
remote server, but in the case of downloading a file from a remote
url a local file does not exist, so an error occurs when the file is
not found.

[1] https://github.com/ansible/ansible-modules-core/commit/467516e

* test_unarchive: fix test with wrong remote_src use

The non-ascii filenames test had improperly set remote_src=yes even
though it was actually copying the file from the local machine (i.e.
the file did not already exist remotely). This test was passing
until the remote_src behavior of unarchive was fixed in 276550f.
2016-08-19 08:16:21 -05:00
Brian Coca
4fb09d5693 moved from extras repo where it incorrectly exists (#17124)
* moved from extras repo where it incorrectly exists

* added to sanity exclusion for 2.4

* changed license with author's consent
2016-08-18 09:47:21 -04:00
Toshio Kuratomi
bd31cc096a Fix facts.py for python3 (#17131)
* Fix facts.py for python3

* Update facts unittest to account for filepaths being byte strings
2016-08-18 09:36:03 -04:00
Adrian Likins
7bd57acda4 Linux mount/fs (lsblk) facts fixes and tests. (#17036)
Fixes #10779

Refactor some of the block device, mount point, and
mtab/fstab facts collection for linux for better
performance on systems with lots of block devices.

Instead of invoking 'lsblk' for every entry in mtab,
invoke it once, then map the results to mtab entries.

Change the args used for invoking 'findmnt' since the
previous combination of args conflicts, so this would
always fail on some systems depending on version.

Add test cases for facts Hardware()/Network()/Virtual() classes
__new__ method and verify they create the proper subclass based
on the platform.system() results.

Split out all the 'invoke some command and grab it's output'
bits related to linux mount paths into their own methods so
it is easier to mock them in unit tests.

Fix the DragonFly* classes that did not defined a 'platform'
class attribute. This caused FreeBSD systems to potentially
get the DragonFly* subclasses incorrectly. In practice it
didnt matter much since the DragonFly* subclasses duplicated
the FreeBSD ones. Actual DragonFly systems would end up with
the generic Hardware() etc instead of the DragonFly* classes.

Fix Hardware.__new__() on PY3, passing args to __new__
would cause "object() takes no parameters" errors. So
check for PY3 and just call __new__ without the args

See
https://hg.python.org/cpython/file/44ed0cd3dc6d/Objects/typeobject.c#l2818
for some explaination.
2016-08-17 17:58:51 -07:00
Matt Davis
e0bdb502e3 raw now returns changed: true (#17112)
for consistency w/ shell/command/script "non-idempotent" modules.

Updated tests, changelog.
2016-08-16 20:39:23 -07:00
Brian Coca
b1410fa278 fixed tests to accoutn for new parameter 2016-08-16 13:11:58 -04:00
James Cammarata
c669a381d1 Don't immediately return failed for any_errors_fatal tasks
Instead of immediately returning a failed code (indicating a break in
the play execution), we internally 'or' that failure code with the result
(now an integer flag instead of a boolean) so that we can properly handle
the rescue/always portions of blocks and still remember that the break
condition was hit.

Fixes #16937
2016-08-12 14:18:50 -05:00
Matt Clay
b44eb402bd Update ansible-core-ci endpoint. (#17071) 2016-08-12 12:07:41 -07:00
Matt Clay
901042f458 Generate test script to file instead of stdout. 2016-08-11 15:42:43 -07:00
Matt Clay
2b0d63b0d8 Flush stderr to avoid lost output. 2016-08-11 15:14:22 -07:00
James Cammarata
47acf55fa9 Cache tasks by uuid in PlayIterator for O(1) lookups
Rather than repeatedly searching for tasks by uuid via iterating over
all known blocks, cache the tasks when they are added to the PlayIterator
so the lookup becomes a simple key check in a dict.
2016-08-10 12:49:19 -05:00
James Cammarata
e244895174 Avoid copying task parents in TaskExecutor
As Block.copy() is potentially expensive, avoid copying the parent
structure of tasks in TaskExecutor.
2016-08-08 15:58:46 -05:00
James Cammarata
06d4f4ad0e Move tasks/blocks to a single parent model 2016-08-08 15:58:46 -05:00
James Cammarata
d2b3b2c03e Performance improvements 2016-08-08 15:58:46 -05:00
Matt Clay
80385a47bd Remove FreeBSD interpreter test hacks. (#17007)
* Add TEST_FLAGS to no_log target.
2016-08-08 13:10:03 -07:00
Filipe Niero Felisbino
e54a9d3a51 Add generic data structures querying (#13684)
* Query lookup plugin

* Add license and docstrings

* Add python3-ish imports

* Change query plugin type from lookup to filter

* Switch from dq to jsonpath_rw

* Add integration test for query filter

* Rename query filter to json_query

* Add jsonpath-rw

* Rename query filter to json_query

* Switch query implementation from jsonpath-rw to jmespath
2016-08-08 11:55:59 -04:00
Matt Clay
d2fb845955 Enable more FreeBSD integration tests. (#16991) 2016-08-08 00:31:04 -07:00
Matt Clay
72cca01cd4 Use file list, not recursion, in _fixup_perms. (#16924)
Run setfacl/chown/chmod on each temp dir and file.

This fixes temp file permissions handling on platforms such as FreeBSD
which always return success when using find -exec. This is done by
eliminating the use of find when setting up temp files and directories.

Additionally, tests that now pass on FreeBSD have been enabled for CI.
2016-08-05 18:40:28 -07:00
Matt Davis
746ea64d30 fix for unspecified retries on until + test (#16963)
fixes #16907
2016-08-04 19:20:45 -04:00
Will Thames
eb2a3a91a8 task_result _check_key should handle empty results (#16766)
When a task result has an empty results list, the
list should be ignored when determining the results
of `_check_key`. Here the empty list is treated the
same as a non-existent list.

This fixes a bug that manifests itself with squashed
items - namely the task result contains the correct
value for the key, but an empty results list. The
empty results list was treated as zero failures
when deciding which handler to call - so the task
show as a success in the output, but is deemed to
have failed when deciding whether to continue.

This also demonstrates a mismatch between task
result processing and play iteration.

A test is also added for this case, but it would not
have caught the bug - because the bug is really in
the display, and not the success/failure of the
task (visually the test is more accurate).

Fixes ansible/ansible-modules-core#4214
2016-08-04 17:13:33 -05:00
James Cammarata
159aa26b36 FEATURE: adding variable serial batches
This feature changes the scalar value of `serial:` to a list, which
allows users to specify a list of values, so batches can be ramped
up (commonly called "canary" setups):

- hosts: all
  serial: [1, 5, 10, "100%"]
  tasks:
  ...
2016-08-04 15:04:10 -05:00
Matt Clay
5f12731797 Run more integration tests on FreeBSD. (#16923) 2016-08-02 14:00:56 -07:00
Matt Clay
00fbc76e69 Increase async time limit on tests to 10 seconds. (#16921) 2016-08-02 13:30:26 -07:00
Matt Clay
ff4f4bc8a0 Add binary module tests to Windows CI. (#16914) 2016-08-02 10:42:07 -07:00
Matt Clay
17e4629d52 Add remote CI support for modules. (#16908) 2016-08-01 15:39:17 -07:00
Matt Clay
e2602e9be0 Add FreeBSD to Shippable CI. (#16883) 2016-08-01 13:46:37 -07:00
Matt Clay
6dc148d82c Download files from S3 to improve reliability. (#16891)
Binary module tests now download pre-compiled binaries from S3
instead of downloading go and compiling the modules.

Files downloaded form SourceForge are now downloaded from S3.
2016-07-31 08:48:32 -07:00
Gennady Trafimenkov
2bc679be07 Testing that service not enabled during check run (#16739)
* Enabled more tests in test_service on systems with systemd.
* Fix inconsistency in cleaning up test service. The conditions for service setup and service cleanup were different.
* Add check mode run for service enable.
2016-07-29 08:35:03 -07:00
Matt Clay
380ed053e8 Add Windows integration tests to Shippable. (#16803)
Enable Windows integration tests on Shippable.
2016-07-28 21:03:14 -07:00
William Albert
409d95d67e Refactored gce util module to support other GCP services (#15924)
This is a refactoring of the existing GCE utility module to support other projects on Google Cloud Platform.

The previous gce.py module was hard-coded specifically for GCE, and attempting to use it with other projects in GCP failed.

See https://github.com/ansible/ansible/pull/15918#issuecomment-220165913  for more detail.

This has also been an issue for others in the past, although they've handled it by simply
duplicating some of the logic of gce.py in their own modules.

-   The existing gce.py module was renamed to gcp.py, and modified to remove any 
     imports or other code that refers to libcloud.compute or GCE (the GCE_* params were
     retained for compatibility). I also renamed the gce_connect function to gcp_connect, 
     and modified the function signature to make supplying a provider, driver, and agent 
     information mandatory.

-  A new gce.py module was created to handle connectivity to GCE. It imports the
   appropriate libcloud.compute providers and drivers, and then passes them on
   to gcp_connect in gcp.py. The constants and function signatures are the same
   as the old gce.py, so compatibility with existing modules is retained.

- A new gcdns.py module was created to support PR ansible/ansible-modules-extras#2252
  for two new Google Cloud DNS modules, and to demonstrate support for a non-GCE 
  Google Cloud service. It follows the same basic structure as the new gce.py module,
  but imports from libcloud.dns instead.
2016-07-28 12:54:39 -04:00
Gennady Trafimenkov
ad24f2d206 Enable color output from integration tests in Docker containers (#16660)
Enable color output from integration tests in Docker containers:

* In run_tests.sh when output is attached to a terminal.
* In shippable/integration.sh using force mode (can be disabled).

Also fix blocks tests to work with or without color output
2016-07-25 14:07:15 -07:00
Matt Clay
9497a814a8 Add apache2 to improve test speed and reliability. (#16819) 2016-07-25 07:19:49 -07:00
Brian Coca
e2f17f8d9b set cwd to task's basedir (#16805)
* switch cwd to basedir of task

This restores previous behaviour in pre 2.0 and allows for 'local type' plugins
and actions to have a more predictable relative path.

fixes #14489

* removed FIXME since prev commit 'fixes' this

* fix tests, now they need a loader (thanks jimi!)
2016-07-25 08:11:45 -04:00
Matt Martz
4065acc37d indent callback output if using 3verbosity or higher (#16231) 2016-07-23 18:10:53 -04:00
Robin Roth
2b28beb1d7 add check_mode option for tasks (#16056)
* add check_mode option for tasks

includes example testcases for the template module

* extend check_mode option

* replace always_run, see also proposal rename_always_run
* rename always_run where used and add deprecation warning
* add some documentation

* have check_mode overwrite always_run

* use unique template name to prevent conflicts

test_check_mode was right before, but failed due to using the same filename as other roles

* still mention always_run in the docs

* set deprecation of always_run to version 2.4

* fix rst style

* expand documentation on per-task check mode
2016-07-22 20:40:14 -04:00
s-hertel
93c5ec42cf Test GalaxyCLI when no actions are provided
Adds a new test for GalaxyCLI. Tests cases when:

- no actions are provided
- invalid actions are provided
- each valid action is provided

When parser() runs successfully the method returns True, creates a
SortedOptParser instance, a Galaxy instance, and updates certain class data.
2016-07-22 14:39:01 -04:00
s-hertel
671f9c3d15 Merge pull request #16783 from s-hertel/test_display_galaxy_info_fix
fixing a logic error in test_galaxy
2016-07-21 15:22:07 -04:00
s-hertel
3cb5747f54 fixing a logic error in test_galaxy 2016-07-21 15:02:19 -04:00
s-hertel
aae5e50299 Adding a test for GalaxyCLI. Tests exit_without_ignore method. 2016-07-21 13:53:44 -04:00
Christoph Dittmann
d55452d3ed Adding unit tests for role variable precedence
Originally from PR #16735
2016-07-20 10:14:44 -04:00
Matt Clay
4cc4dc6793 Add postgresql dependencies to opensuseleap. 2016-07-18 16:55:10 -04:00
nitzmahone
7aa39981c4 fix setup test for renamed windows fact 2016-07-14 18:02:04 -07:00