From 6f40cb9647057d08acb96ab17fbfe05c130bc204 Mon Sep 17 00:00:00 2001 From: Robin Roth Date: Tue, 4 Apr 2017 20:12:06 +0200 Subject: [PATCH] Add workaround for evasive in apache2_module (#22649) * Add workaround for evasive in apache2_module * Fixes #22635 * Clean up workarounds for php/shib * Add test for evasive workaround * Remove use of re module, since all searches work with native python * Add unit tests to apache2_module name replacements Go back to using re package where needed * Rename replace_name to create_apache_identifier --- .../web_infrastructure/apache2_module.py | 47 ++++++++++++------- .../apache2_module/tasks/actualtest.yml | 14 +++++- .../web_infrastructure/test_apache2_module.py | 16 +++++++ 3 files changed, 59 insertions(+), 18 deletions(-) create mode 100644 test/units/modules/web_infrastructure/test_apache2_module.py diff --git a/lib/ansible/modules/web_infrastructure/apache2_module.py b/lib/ansible/modules/web_infrastructure/apache2_module.py index c994492016..38d408d74b 100644 --- a/lib/ansible/modules/web_infrastructure/apache2_module.py +++ b/lib/ansible/modules/web_infrastructure/apache2_module.py @@ -109,10 +109,7 @@ def _run_threaded(module): result, stdout, stderr = module.run_command("%s -V" % control_binary) - if re.search(r'threaded:[ ]*yes', stdout): - return True - else: - return False + return bool(re.search(r'threaded:[ ]*yes', stdout)) def _get_ctl_binary(module): for command in ['apache2ctl', 'apachectl']: @@ -146,20 +143,38 @@ def _module_is_enabled(module): else: module.fail_json(msg=error_msg) - """ - Work around for php modules; php7.x are always listed as php7_module - """ - php_module = re.search(r'^(php\d)\.', name) - if php_module: - name = php_module.group(1) + searchstring = ' ' + create_apache_identifier(name) + return searchstring in stdout +def create_apache_identifier(name): """ - Workaround for shib2; module is listed as mod_shib - """ - if re.search(r'shib2', name): - return bool(re.search(r' mod_shib', stdout)) + By convention if a module is loaded via name, it appears in apache2ctl -M as + name_module. + + Some modules don't follow this convention and we use replacements for those.""" + + # a2enmod name replacement to apache2ctl -M names + text_workarounds = [ + ('shib2', 'mod_shib'), + ('evasive', 'evasive20_module'), + ] + + # re expressions to extract subparts of names + re_workarounds = [ + ('php', r'^(php\d)\.'), + ] + + for a2enmod_spelling, module_name in text_workarounds: + if a2enmod_spelling in name: + return module_name + + for search, reexpr in re_workarounds: + if search in name: + rematch = re.search(reexpr, name) + return rematch.group(1) + '_module' + + return name + '_module' - return bool(re.search(r' ' + name + r'_module', stdout)) def _set_state(module, state): name = module.params['name'] @@ -221,6 +236,6 @@ def main(): _set_state(module, module.params['state']) # import module snippets -from ansible.module_utils.basic import * +from ansible.module_utils.basic import AnsibleModule if __name__ == '__main__': main() diff --git a/test/integration/targets/apache2_module/tasks/actualtest.yml b/test/integration/targets/apache2_module/tasks/actualtest.yml index fc0408a40b..928876ff96 100644 --- a/test/integration/targets/apache2_module/tasks/actualtest.yml +++ b/test/integration/targets/apache2_module/tasks/actualtest.yml @@ -15,9 +15,12 @@ - name: install apache via apt apt: - name: apache2 + name: "{{item}}" state: present when: "ansible_os_family == 'Debian'" + with_items: + - apache2 + - libapache2-mod-evasive - name: install apache via zypper zypper: @@ -84,4 +87,11 @@ name: autoindex state: absent force: True - when: "ansible_os_family != 'Suse'" + when: "ansible_os_family == 'Debian'" + + +- name: enable evasive module, test https://github.com/ansible/ansible/issues/22635 + apache2_module: + name: evasive + state: present + when: "ansible_os_family == 'Debian'" diff --git a/test/units/modules/web_infrastructure/test_apache2_module.py b/test/units/modules/web_infrastructure/test_apache2_module.py new file mode 100644 index 0000000000..37da955cf6 --- /dev/null +++ b/test/units/modules/web_infrastructure/test_apache2_module.py @@ -0,0 +1,16 @@ +import pytest + +from ansible.modules.web_infrastructure.apache2_module import create_apache_identifier + +REPLACEMENTS = [ + ('php7.1', 'php7_module'), + ('php5.6', 'php5_module'), + ('shib2', 'mod_shib'), + ('evasive', 'evasive20_module'), + ('thismoduledoesnotexist', 'thismoduledoesnotexist_module'), # the default +] + +@pytest.mark.parametrize("replacement", REPLACEMENTS, ids=lambda x: x[0]) +def test_apache_identifier(replacement): + "test the correct replacement of an a2enmod name with an apache2ctl name" + assert create_apache_identifier(replacement[0]) == replacement[1]