1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00
Commit graph

969 commits

Author SHA1 Message Date
Mike Wiebe
de8d00b401 Fix snmp bugs on Nexus 3500 platform (#32773)
* Add n35 platform support

* Fix regex bug and add snmp_location it tests

* Enable nxos_snmp_location tests
2017-11-13 08:03:06 +00:00
Adrian Likins
9c58827410
Better handling of malformed vault data envelope (#32515)
* Better handling of malformed vault data envelope

If an embedded vaulted variable ('!vault' in yaml)
had an invalid format, it would eventually cause
an error for seemingly unrelated reasons.
"Invalid" meaning not valid hexlify (extra chars,
non-hex chars, etc).

For ex, if a host_vars file had invalid vault format
variables, on py2, it would cause an error like:

  'ansible.vars.hostvars.HostVars object' has no
  attribute u'broken.example.com'

Depending on where the invalid vault is, it could
also cause "VARIABLE IS NOT DEFINED!". The behavior
can also change if ansible-playbook is py2 or py3.

Root cause is errors from binascii.unhexlify() not
being handled consistently.

Fix is to add a AnsibleVaultFormatError exception and
raise it on any unhexlify() errors and to handle it
properly elsewhere.

Add a _unhexlify() that try/excepts around a binascii.unhexlify()
and raises an AnsibleVaultFormatError on invalid vault data.
This is so the same exception type is always raised for this
case. Previous it was different between py2 and py3.

binascii.unhexlify() raises a binascii.Error if the hexlified
blobs in a vault data blob are invalid.

On py2, binascii.Error is a subclass of Exception.
On py3, binascii.Error is a subclass of TypeError

When decrypting content of vault encrypted variables,
if a binascii.Error is raised it propagates up to
playbook.base.Base.post_validate(). post_validate()
handles exceptions for TypeErrors but not for
base Exception subclasses (like py2 binascii.Error).

* Add a display.warning on vault format errors
* Unit tests for _unhexlify, parse_vaulttext*
* Add intg test cases for invalid vault formats

Fixes #28038
2017-11-10 14:24:56 -05:00
Dario Zanzico
8a21fa2c07 remove cpuHotAddEnabled, memoryHotAddEnabled defaults from configSpec (#25202)
* add hardware.hotadd_cpu, hardware.hotadd_memory parameters
* use hotadd_{cpu,memory} paramters on create integration tests
2017-11-10 13:09:30 +00:00
Tim Rightnour
4756b392ea Apply fix to allow the root resource pool of a cluster to be chosen (#31641)
Whitespace cleanup
2017-11-10 13:51:36 +01:00
Jordan Borean
abc4210a33 azure_rm_virtualmachine: add custom image support (#32367)
* azure_rm_virtualmachine: added support for specifying custom image

* Use separate parameter for custom_image, add very basic test

* missed the version_added tag for doco

* removed whitespace I accidentally left in

* merged custom image into the image dict and added more tests

* added one more test
2017-11-09 18:48:14 -05:00
Ganesh Nalawade
37b0537279
Fix ios_config file prompt issue (#32744)
Fixes #23263

Add a carriage return (\r) at end on copy config
command which results in prompt on cli terminal
2017-11-09 22:43:49 +05:30
Will Thames
316e7939d6 [cloud] Improve aws testing and use {{ region }} var (#26892)
* Protect AWS credentials from accidental commits

* Improve documentation for IAM policies

* Update ELB tests to be multi region

Allow AZs to reflect the region in which the tests are run.

This will not work for regions with fewer than three AZs,
but those are relatively rare
2017-11-09 11:56:31 -05:00
Abhijeet Kasurde
dbadb5a014 Add details about snapshot in result (#32730)
This fix adds details about snapshots in result of
vmware_guest_snapshot, when operation is successful.

Fixes: #32154

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2017-11-09 11:42:30 -05:00
Jiri Tyr
1a3037ff63 Making options of type list (fixing #32704) (#32706) 2017-11-09 10:57:27 -05:00
Martin Krizek
356901b72d yum: case for multilib when installing from a file (#32236) 2017-11-09 06:04:53 -05:00
Martin Krizek
714598e91b
acl: do not remove all default entries (#32615) 2017-11-09 10:31:33 +01:00
Abhijeet Kasurde
39595771fa Integration test for git archive without update (#32390)
* Unit test for git archive without update

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>

* Clean clone the repo first
2017-11-09 10:23:26 +01:00
Ganesh Nalawade
6aa95ce5fd
Fix ios and vyos net integration test issue (#32692) 2017-11-08 21:39:21 +05:30
Trishna Guha
5336d14d9d
fix eos_static_route test typo (#32661)
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
2017-11-08 05:21:35 +00:00
Will Thames
c93ddf5473 Move profile and region checking to module_utils.ec2 (#31921)
* Move profile and region checking to module_utils.ec2

Remove ProfileNotFound checking from individual modules

There are plenty of `if not region:` checks that could be removed,
once more thorough testing of this change has occured

The ec2_asg, iam_managed_policy and ec2_vpc_subnet_facts modules
would also benefit from this change but as they do not have tests
and are marked stableinterface, they do not get this change.
2017-11-07 13:56:17 -05:00
Trishna Guha
48ab1a1334
eos_static_route DI module (#32587)
* eos_static_route DI module

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>

* Integration test

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>

* Add net_static_route test

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>

* Validate ip address

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
2017-11-07 11:13:03 +00:00
Ganesh Nalawade
6d1d06e0f7
Fix junos netconf port issue in integration test (#32610) 2017-11-07 11:41:51 +05:30
Philippe Dellaert
930fde5f70 vmware_dvs_portgroup: Add configuration of vlan trunk, security settings and port policies and integration tests (#32298)
* Add configuration of vlan trunk, security settings and port policies, and tests

This commit adds the following capabilities to the
vmware_dvs_portgroup module:
- Support for VLAN trunk portgroup
- Support for all security settings (promiscuous, forged transmits & mac
address changes)
- Support for all the port specific policies
- port specific policies match the vCenter UI behaviour (for instance:
block override is enabled by default)
- Cleanup and use of proper API entities not root entities
- Integration testing

* Cleanup of docs and adding more examples
2017-11-06 11:46:51 -05:00
Abhijeet Kasurde
c11c882345 Update vmware integration tests (#31273)
* Boilerplat fixed
* Standardized vcsim variables in all modules

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2017-11-06 11:28:15 -05:00
Jordan Borean
978a979566
win_dsc: improved parameter handling (#31556)
* win_dsc: improved parameter handling

* removed uneeded try/catch leftover from testing

* removed undeed return values

* added custom DSC to fully test out casting

* fix up codestyle issues

* using new Requires ps version check

* fixed up error message check on earlier ps version
2017-11-06 09:44:04 +10:00
Jordan Borean
15b492ca57 win_become: get admin token and fix async (#32485)
* win_become: make it easier to become with an admin token

* Fixed up pep8 whitespace

* fix for Server 2008

* Added support for async and become on newer hosts and fix warnings
2017-11-03 16:14:48 -07:00
Jordan Borean
5b1db00b65
win_service: quoted path fix (#32469)
* win_service: fix for path in quotes

* Added tests to verify behaviour doesn't regress
2017-11-03 09:55:03 +10:00
Brian Coca
e582a69e9c
show specific undefined var errors on -v in debug (#32206)
* show specific undefined var errors on -v in debug

allows users to get more specific information about undefined errors
as they might be looking at a complex data structure and need to find
the specific leaf that has the issue

* now tests works at all verbosity levels

* updated to unicode objects
2017-11-02 18:11:31 -04:00
Martin Krizek
7cf3811d29
acl: add integration tests (#32494) 2017-11-02 16:55:42 +01:00
Ganesh Nalawade
6a0e8cae10
Fix net platform agnostic network module integration tests (#32489) 2017-11-02 11:36:18 +05:30
Jordan Borean
9dc9313c65
win_package: add support for arguments as list (#32024)
* win_package: add support for arguments as list

* re-added failure tests as they were accidentally commented out

* changed exit_code in failure messages to rc
2017-11-02 09:39:21 +10:00
Jordan Borean
56a7278256
win_find: allow module to skip on files it fails to check (#32105)
* win_find: allow module to skip on files it fails to check

* fixed up test creation to work pre psv5
2017-11-02 09:35:19 +10:00
Prasad Katti
86141c3e03 [ec2_ami_facts] new boto3-based module as a replacement for ec2_ami_find (#32252)
* [ec2_ami_facts] new boto3-based module as a replacement for ec2_ami_find

- new boto3-based module to gather facts about ec2 images
- intended to replace ec2_ami_find which uses boto
- an ami find task (using new module) added to the ec2_ami integration test

* [ec2_ami_facts] Use AnsibleAWSModule. Catch BotoCoreError.

* add ec2_ami_facts alias to tests

* [ec2_ami_facts] return ami launch permissions as well
2017-11-02 08:56:58 +10:00
Martin Krizek
d1e55551e9
seboolean: add integration tests (#32438) 2017-11-01 15:22:39 +01:00
Ganesh Nalawade
26583adb58
Fix wrong prompt issue for network modules (#32426)
* Fix wrong prompt issue for network moodules

Fixes #31161
Fixes #32416

*  Store the device prompt in case of error
   from remote device
*  Check for prompt value in ios action plugin

* Add integration test
2017-11-01 19:38:19 +05:30
Dag Wieers
25bfea836d
Fix reference to EPEL packages, pleasing Shippable CI 2017-11-01 02:15:17 +01:00
Jim Gu
d23da2e494 add support to vmware_guest for template => vm conversion (#31607)
* add support to vmware_guest for template => vm conversion

While the vmware_guest currently supports conversion of VMs to templates
using the is_template argument, it does not support the inverse:
converting templates back into VMs.  This change adds that
functionality.

When converting a template back into a VM, the extra config option
"uuid.action" is also set so that VMware will automatically create a new
UUID for the converted VM.  If the "uuid.action" setting is already
configured, it will not be modified.  Setting this prevents an
interactive question from being raised when attempting to boot the VM.

* Add integration tests for vmware_guest is_template

* Add additional idempotency test for vmware_guest is_template
2017-10-31 09:12:40 -04:00
Ganesh Nalawade
5d1ed1fc25
Fix platform agnostic network integration test cases (#32378)
* Fix platform agnostic network test cases

* Fix vyos_interface CI failure
2017-10-31 15:21:27 +05:30
Matt Martz
be9cc70b74 Fix patching to epel package 2017-10-30 14:39:45 -07:00
Tim Rightnour
f7f262adc7 Add the ability to rename a snapshot, or change it's description. (#31441)
Also add tests for vmware_guest_snapshot, but disable them due to
vcsim not fully supporting such operations yet.

Implement changes suggested in review.  Also fix same in remove_or_revert_snapshot() for consistency
2017-10-30 12:20:03 -04:00
Willem van Ketwich
310eb833a4 EC2 AMI boto3 modifications (#28506)
Migrate ec2_ami module to boto3
2017-10-30 10:20:27 +10:00
Trishna Guha
9712761367
testfix: IP address based on dci (#32279)
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
2017-10-28 10:05:29 +05:30
Ricardo Carrillo Cruz
be821845e2 Fix eos_user tests (#32261) 2017-10-27 17:52:56 +02:00
Ricardo Carrillo Cruz
63a0083cf1 Fix rest of ios_interface issues (#32257) 2017-10-27 17:10:16 +02:00
Ricardo Carrillo Cruz
4b35793f62 Fix lookup source tests on ios_system (#32254)
In IOS-XE, you need to pass an interface to lookup-source, otherwise
it fails with bad syntax.
2017-10-27 16:26:18 +02:00
Ricardo Carrillo Cruz
cd76e987f3 Change MTU values on ios_interface tests (#32251)
If setting 1500, we don't have 1500 in config as that's default value.
That causes issues on asserts.
2017-10-27 15:38:25 +02:00
Ricardo Carrillo Cruz
747bea9a27 Enable authorize on disabling auto neg task (#32243) 2017-10-27 13:18:08 +02:00
Ricardo Carrillo Cruz
3d59eada20 Disable auto neg on test interfaces on IOS-XE (#32241)
As by default they are set on auto, test setting the speed on them
fail, we need to disable it upfront.
2017-10-27 12:55:46 +02:00
Kedar K
2aae66fa07 Fixes ios_logging unit test (#32240) 2017-10-27 16:12:17 +05:30
Ricardo Carrillo Cruz
9752ce368d Remove ip nameservers on ios_system/set_name_servers teardown (#32239)
Not sure why lookup source-interface, the only thing tested on that
file is adding/removing name servers, no lookup is set.
2017-10-27 11:57:18 +02:00
Trishna Guha
a5f6c726f0 Add vyos_vlan DI module (#32072)
* Add vyos_vlan DI module

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>

* Add integration tests

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>

* Improve logic and add more test

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>

* update boilerplate

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
2017-10-27 15:21:37 +05:30
Toshio Kuratomi
638de22b35 Update tests for required_if changes
These tests are doing string matches on the error condition.  Update
them to match the new strings.  This is probably okay to push out to old
releases even though it's technically backwards incompatible because
production playbooks won't be checking that a parameter was missing.
Param missing is something detected and fixed while writing the playbook.
2017-10-26 17:37:11 -07:00
saichint
c822292347 Integration Tests only: add static route, snmp_user, snapshot and hsrp it cases (#28933)
* add static route and hsrp it cases

* add snmp_user and snapshot it

* password strength correction

* fix typo

* add compare snapshot as it is fixed in the code now

* skip snapshot tests for titanium

* titanium and nxapi conditions added
2017-10-26 11:27:55 -04:00
Ryan Brown
838c1ba6c7 [cloud] Bugfix for aws_s3 empty directory creation (#32169)
* [cloud] Bugfix for aws_s3 empty directory creation

* Update integration tests
2017-10-26 08:17:13 -04:00
Ricardo Carrillo Cruz
3d09c4bb4f Remove bogus interface description (#32183)
The interface has already that description from a task earlier, thus that change
is not introduced susbequently and we don't have to assert for it.
2017-10-26 11:24:35 +02:00
Ricardo Carrillo Cruz
b2dd5466ac Use sane mtu values on ios_interface tests (#32180)
Anything lower than 1500 won't work on CSR nodes.
2017-10-26 10:53:45 +02:00
Ricardo Carrillo Cruz
c07b30951f Remove duplex option on ios_interface (#32178)
Turns out on devices where only Gigabit is available (like our
csr nodes in CI), duplex is not configurable, thus the test fail.
Removing, since we are testing modification of other properties like
description and mtu and have good coverage.
2017-10-26 09:52:33 +02:00
Matt Clay
cf1337ca9a Update ansible-test sanity command. (#31958)
* Use correct pip version in ansible-test.
* Add git fallback for validate-modules.
* Run sanity tests in a docker container.
* Use correct python version for sanity tests.
* Pin docker completion images and add default.
* Split pylint execution into multiple contexts.
* Only test .py files in use-argspec-type-path test.
* Accept identical python interpeter name or binary.
* Switch cloud tests to default container.
* Remove unused extras from pip install.
* Filter out empty pip commands.
* Don't force running of pip list.
* Support delegation for windows and network tests.
* Fix ansible-test python version usage.
* Fix ansible-test python version skipping.
* Use absolute path for log in ansible-test.
* Run vyos_command test on python 3.
* Fix windows/network instance persistence.
* Add `test/cache` dir to classification.
* Enable more python versions for network tests.
* Fix cs_router test.
2017-10-26 00:21:46 -07:00
Dave Thelen
602a618e60 eos_user: sends user secret first on user creation fixes #31680 (#32162)
* fix command order

* add integration test

* test cleanup

* remove redudant commands
2017-10-26 12:40:58 +05:30
Ricardo Carrillo Cruz
7938e9f73e Set speed to 1000 on ios_interface tests (#32153)
csr and ios have only 1000 as value in common, using 10 or 100 will
cause CI failures.
2017-10-25 18:17:32 +02:00
rahushen
ab84718a01 NXOS: Integration tests to Ansible (part 3) (#29030)
* Add nxos_file_copy IT

* Restructure nxos_igmp tests

* add nxos_igmp_interface IT

* add nxos_igmp_snooping IT

* add nxos_ntp_auth IT

* Add nxos_ntp_options IT

* update nxos.yaml with new tests

* update nxos_ntp_options test

* update nxos_ntp_auth IT
2017-10-25 11:41:23 -04:00
Ricardo Carrillo Cruz
2d766fd31a Discover ios_interface interface on basic tests (#32149)
We run these tests on IOS and IOS-XE, which have different interfaces
available for performing tests.
2017-10-25 17:38:18 +02:00
Ricardo Carrillo Cruz
ca115b0a8e Fix quotes on ios_ping test (#32131) 2017-10-25 14:16:28 +02:00
Ricardo Carrillo Cruz
d686c3b4d4 Set authorize yes on IOS interface discovery tests (#32128) 2017-10-25 13:47:28 +02:00
Ricardo Carrillo Cruz
dc0aa75029 Introspect platform before running ios tests (#32125)
In some IOS tests, we can't just assume a certain interface, as
we test on IOS and IOS-XE and in our CI they scheme numbering is
different.
Introspect version on the tests where needed.
2017-10-25 12:44:25 +02:00
Ricardo Carrillo Cruz
a9d8157e81 Replace Gigabit0/0/0/2 for Gigabit0/0/0/1 on iosxr_interface.intent (#32120) 2017-10-25 11:23:15 +02:00
Ricardo Carrillo Cruz
3f86cfac1f Default ansible_ssh_port to 22 on ios_user tests (#32118)
The csr nodes do not have ansible_ssh_port on group_vars, as it uses
standard 22 port, therefore default to it on tests needing it.
2017-10-25 11:07:07 +02:00
Ricardo Carrillo Cruz
676d446cfc Add ansible_ssh_port to iosxr_user auth tests (#32117)
The CI nodes listen on port 8022, we need to plumb that to avoid
test failures.
2017-10-25 10:56:28 +02:00
Ricardo Carrillo Cruz
f079a33563 Replace GigabitEthernet0/0/0/5 for GigabitEthernet0/0/0/2 in iosxr_interface intent tests (#32116)
There's no 5 interface present in CI nodes.
2017-10-25 10:53:30 +02:00
Sloane Hertel
1dd55acbc2 ec2_group: add rule description support - fixes #29040 (#30273)
* ec2_group: add support for rule descriptions.

* Document rule description feature and add an example using it.

* Fix removing rule descriptions.

* Add integration tests to verify adding/modifying/removing rule descriptions works as expected.

* Add permissions to hacking/aws_config/testing_policies/ec2-policy.json for updating ingress and egress rule descriptions.

* ec2_group: add backwards compatibility with older versions of botocore for rule descriptions.

* Add compatibility with older version of botocore for ec2_group integration tests.

* ec2_group: move HAS_RULE_DESCRIPTION to be checked first.

* Make requested change

* Pass around a variable instead of client

* Make sure has_rule_description defaults to None

* Fail if rule_desc is in any ingress/egress rules and the the botocore version < 1.7.2

* Remove unnecessary variable

* Fix indentation for changed=True when updating rule descriptions.

* minor refactor to remove duplicate code

* add missing parameter

* Fix pep8

* Update test policy.
2017-10-24 21:18:56 -04:00
Prasad Katti
8a9a9b84dd [ec2-ami] Use required_if with state parameter (#32009)
* [ec2-ami] Use required_if with state parameter

* Update failure msg on delete ami with no image_id task in integration test
2017-10-24 16:01:33 -04:00
Martin Krizek
ee6ba5d590 yum: allow for downgrade using rpm file (#31647) 2017-10-24 14:33:38 +02:00
Kedar K
e2bed36d12 - Adds iosxr_netconf module to configure netconf service on IOSXR (#31715)
* - Adds iosxr_netconf module to configure netcong service on Cisco
  IOS-XR devices

* - Adds Integration test for module
- Handles diff return from load_config

* - Adds unit test for iosxr_netconf module
2017-10-24 08:49:23 +05:30
Jordan Borean
b004a6373a windows: add #AnsibleRequires for Windows modules (#31683)
* windows: add #AnsibleRequires to set whether a module requires module or a specific version

* fix up pep8 issues

* changed psversion to use the actual ps Requires -Version syntax

* missed the check on #Requires -Version

* fix #Requires module extensions
2017-10-23 14:21:30 -07:00
Kedar K
465fe5802b -Fixes JSON parsing(use JSON object instead of string) for facts modules. (#31818) 2017-10-23 17:48:52 +05:30
Jordan Borean
8e44cd5d10 win_command win_shell: add stdin option (#31619) 2017-10-23 09:50:19 +10:00
Jordan Borean
b663f602bc windows argv to string module utility (#28970)
* windows argv to string module utility

* rebased PR with latest devel branch
2017-10-23 09:49:40 +10:00
Matt Clay
36b13e3e3d Fix ansible-test default image. (#31966)
* Add openssh-client to default docker container.
* Include Azure requirements in default container.

To do so, handling of pip requirements was updated to install each
set of requirements separately and then run a verification pass to
make sure there are no conflicts between requirements.

* Add missing --docker-no-pull option.
* Add documentation for the azure-requirements test.
2017-10-20 08:48:01 -07:00
Will Thames
0c10e1ebe4 Handle timezone updates on Ubuntu 16.04+ on containers (#27546)
* Handle timezone updates on Ubuntu 16.04+ on containers

Although Ubuntu 16.04 will use timedatectl by default,
containers without a working timedatectl need to use the
old method.

A bug in Ubuntu for the old method means having to write
a nasty hack

https://bugs.launchpad.net/ubuntu/+source/tzdata/+bug/1554806

* Add tests for timezones

Ensure timezone changes work across various OSs
2017-10-20 16:02:38 +10:00
nwsparks
5cccad8ed4 new windows module, win_audit_rule (#30473)
* added win_audit_rule with integration test

* Updated integration testing to target files as well as directories
and registry keys. Split testing files apart to be more organized.

Updated powershell for better handling when targetting file objects
and optimized a bit. Removed duplicated sections that got there from a
previous merge I think.

* Decided to make all the fact names the same in integration testing.
Seemed like there would be less change of accidentally using the wrong
variable when copy/pasting that way, and not much upside to having
unique names.

Did final cleanup and fixed a few errors in the integration testing.

* Fixed a bug where results was displaying a wrong value

Fixed a bug where removal was failing if multiple rules existed due to
inheritance from higher level objects.

* Resolved issue with unhandled error when used didn't have permissions
for get-acl.

Changed from setauditrule to addauditrule, see comment in script for reasoning.

Fixed state absent to be able to remove multiple entries if they exist.

* fixed docs issue

* updated to fail if invalid inheritance_rule when defining a file rather than warn
2017-10-20 11:20:33 +10:00
Matt Clay
3c271e6bf6 Remove unsupported comments from aliases. 2017-10-19 14:44:13 -07:00
Matt Clay
eb899c9bcd Fix docker_secret integration test dependencies. 2017-10-18 10:42:31 -07:00
Marek Nogacki
b9223cdc89 ec2_group: do not fail on description mismatch (#31704) (#31734)
* ec2_group: do not fail on description mismatch (#31704)

* ec2_group: do not fail on description mismatch (#31704) - fix test case
2017-10-18 09:21:55 -04:00
Martin Krizek
e2fc61c554 Add yum integration tests using fake repo (#31646) 2017-10-18 13:07:48 +02:00
Matt Clay
7623c2fbda Disable flakey win_rabbitmq_plugin test. 2017-10-17 14:03:25 -07:00
Jordan Borean
743ff4897a win_regedit: added function to load a dat file for editing (#31289)
* win_regedit: added function to load a dat file for editing

* try to make the tests more resiliant

* more stability changes
2017-10-18 06:30:33 +10:00
Matt Clay
264452e0a8 Fix bad syntax in test_infra integration test. 2017-10-17 09:53:54 -07:00
Jordan Borean
888de842b3 win_regedit: fix extra info coming into stdout (#31813) 2017-10-17 11:58:32 +10:00
Adrian Likins
297dfb1d50 Vault secrets script client inc new 'keyring' client (#27669)
This adds a new type of vault-password script  (a 'client') that takes advantage of and enhances the 
multiple vault password support.

If a vault password script basename ends with the name '-client', consider it a vault password script client. 

A vault password script 'client' just means that the script will take a '--vault-id' command line arg.

The previous vault password script (as invoked by --vault-password-file pointing to an executable) takes
no args and returns the password on stdout. But it doesnt know anything about --vault-id or multiple vault
passwords.

The new 'protocol' of the vault password script takes a cli arg ('--vault-id') so that it can lookup that specific
vault-id and return it's password.

Since existing vault password scripts don't know the new 'protocol', a way to distinguish password scripts
that do understand the protocol was needed.  The convention now is to consider password scripts that are
named like 'something-client.py' (and executable) to be vault password client scripts.

The new client scripts get invoked with the '--vault-id' they were requested for. An example:

     ansible-playbook --vault-id my_vault_id@contrib/vault/vault-keyring-client.py some_playbook.yml

That will cause the 'contrib/vault/vault-keyring-client.py' script to be invoked as:

     contrib/vault/vault-keyring-client.py --vault-id my_vault_id

The previous vault-keyring.py password script was extended to become vault-keyring-client.py. It uses
the python 'keyring' module to request secrets from various backends. The plain 'vault-keyring.py' script
would determine which key id and keyring name to use based on values that had to be set in ansible.cfg.
So it was also limited to one keyring name.

The new vault-keyring-client.py will request the secret for the vault id provided via the '--vault-id' option.
The script can be used without config and can be used for multiple keyring ids (and keyrings).

On success, a vault password client script will print the password to stdout and exit with a return code of 0.
If the 'client' script can't find a secret for the --vault-id, the script will exit with return code of 2 and print an error to stderr.
2017-10-13 15:23:08 -04:00
Abhijeet Kasurde
a047fe0e4c Correct usage for shutil.rmtree (#31541)
* Correct usage for shutil.rmtree

Fix adds correct usage of shutil.rmtree in git module

Fixes: #31225

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>

* Include archive tests so they get run

* Use new include syntax

* Cleanup syntax on git tests

- use multi-line YAML
- remove unneeded {{ }} around vars in conditionals
- remove unneeded quotes
- add task file name to task names for easier troubleshooting when things fail

* Make archive tests work for RHEL/CentOS 6

The older versions of Jinja2 in RHEL/CentOS 6 required assertion tasks using the map filter to be skipped.

The older version of git required gzip compression to be skipped on RHEL/CentOS 6.

* Account for ansible_distribution_major_version missing
2017-10-13 10:30:15 -04:00
Lujeni
91ab88dac7 pip: Use chdir directive in the venv path (fixes #25122) (#26865) 2017-10-13 12:39:47 +02:00
Matt Clay
80b0e0e05a Remove cryptography version limit in Azure tests.
No longer needed now that cryptography 2.1.1 has been released.
2017-10-12 15:34:36 -07:00
jctanner
c05a7add5f Only install pyvmomi if user is root (#31628) 2017-10-12 10:20:33 -04:00
Trishna Guha
e7145e249f fix ios_interface test unsupported param (#31622)
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
2017-10-12 11:17:06 +05:30
Matt Clay
8acb901bf2 Update Azure tests to limit cryptography version. (#31616)
* Revert "Work around cryptography 2.1 requiring pip 8.1.2+"

This reverts commit a10a80b8a3.

* Update Azure tests to limit cryptography version.
2017-10-11 19:18:16 -07:00
Rene Moser
0c416b5891 tests: cs_snapshot_policy: add integration tests 2017-10-11 18:35:54 +02:00
Philippe Dellaert
9580a6569e Fix #21112 : Adding support for configuring a CD-rom iso image (#28155)
* Initial CD-ROM support

* create cdrom bugfix

* Improving CDROM change detection and fixing template creation bug
Running MarkAsTemplate on an existing template will fail with an error

* Better change detection for guest ID
Should only mark a change in case it actually changes

* Adding integration tests

* Pep8 compliance fixes

* Adding CDROM support, including iso, client and none types

* Updating added release version for CDROM option
2017-10-11 14:29:13 +02:00
rahushen
c976ac7ed6 change ports to non well known ports and drop time_range for N1 (#31261) 2017-10-11 17:37:01 +05:30
Ricardo Carrillo Cruz
7acb0bb187 Parameterize the ssh port on ios_user tests (#31573)
On CI we use 8022 for SSH, thus we need to explicitly pass
ansible_ssh_port to the ssh command to work.
2017-10-11 12:44:57 +02:00
Ricardo Carrillo Cruz
ac95ecaf13 Remove duped authorize on ios_ping anchored tasks (#31572)
Otherwise, we get warnings.
2017-10-11 12:28:10 +02:00
Ricardo Carrillo Cruz
c75c4cbfc8 Introspect the management IP on ios_ping (#31571)
On our CI we don't have external connectivity, so let's ping to
the management interface IP.
Also, ignore errors on the expected failures tests.
2017-10-11 12:10:11 +02:00
Ganesh Nalawade
88da95bb77 Fix rollback in junos_config (#31424)
* Fix rollback in junos_config

Fixes #30778

*  Call `load_configuration` with rollback id in case
   the id is given as input
*  Pass rollback id to `get_diff()` to fetch diff from device

* Fix unit test
2017-10-11 10:25:56 +05:30
Toshio Kuratomi
dde2c96d67 Try to cleanup after the rpm_key test 2017-10-10 17:40:35 -07:00
Ricardo Carrillo Cruz
bd17edd5ed Run neighbors intent tests for ios_interface only if show lldp contains netdev (#31539) 2017-10-10 21:26:47 +02:00
Sam Doran
2610b521bc Remove sysctl entries when state=absent (#31486)
* Remove sysctl entry when state=absent
* Cleanup sysctl integration test syntax
* Correct grammar on error message
* Add sysctl integration test for state=absent
2017-10-10 09:01:33 -07:00