1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00
community.general/hacking
Will Thames 0ed1c3ba9c Split up testing IAM policies and automate creating them (#26223)
* Split up testing IAM policies and automate creating them

Move to managed policies to avoid the 5KB limit on policies
for an IAM entity.

The policy file is templated, so need to make sure that there
is an easy mechanism to populate the templates and push the
new policies.

* Update IAM policies for ec2_scaling_policy tests

* Fix RouteTable policies

DescribeRouteTable should be plural
ModifyRouteTable does not exist, but ReplaceRouteTableAssociation
does.

* Some IAM policies do not allow specified Resources

Various IAM policies do not allow Resources
to be specified and should just use `*`. This differs
per service

* [Autoscaling](http://docs.aws.amazon.com/autoscaling/latest/userguide/control-access-using-iam.html#policy-auto-scaling-resources)
* [EC2](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/ec2-api-permissions.html#ec2-api-unsupported-resource-permissions)
* [ECR](http://docs.aws.amazon.com/AmazonECR/latest/userguide/ecr-supported-iam-actions-resources.html)
* [ELB](http://docs.aws.amazon.com/elasticloadbalancing/latest/userguide/load-balancer-authentication-access-control.html)

* Finish fixing AWS IAM resource specifications for testing

Update Lambda and RDS policies
2017-07-14 14:50:55 +10:00
..
aws_config Split up testing IAM policies and automate creating them (#26223) 2017-07-14 14:50:55 +10:00
tests hacking/: PEP8 compliancy (#24683) 2017-05-16 18:52:07 +01:00
ansible_profile start of 'profiling utils' 2017-05-31 14:00:12 -04:00
authors.sh removed merges from count 2015-07-18 22:49:50 -04:00
cherrypick.py hacking/: PEP8 compliancy (#24683) 2017-05-16 18:52:07 +01:00
conf2yaml.py 1st part of ansible config, adds ansible-config to view/manage configs (#12797) 2017-06-14 11:08:34 -04:00
env-setup Speed up env-setup (#24133) 2017-05-01 09:54:50 -05:00
env-setup.fish Fish hacking setup fix (#18084) 2016-10-24 10:35:00 -07:00
get_library.py hacking/: PEP8 compliancy (#24683) 2017-05-16 18:52:07 +01:00
metadata-tool.py metadata and doc generator optimization and fixes 2017-07-04 01:12:43 -07:00
README.md Replace double-quote with single-quote at example (#26667) 2017-07-12 11:22:50 -04:00
test-module hacking/test-module: fix for python3 (#26194) 2017-07-11 13:21:51 -07:00
update.sh Move update.sh to hacking repository ,see #10081 2015-01-30 14:19:47 +08:00
update_bundled.py Clean up shebangs for various files. 2016-11-02 17:00:27 -07:00
yamlcheck.py Clean up shebangs for various files. 2016-11-02 17:00:27 -07:00

'Hacking' directory tools

Env-setup

The 'env-setup' script modifies your environment to allow you to run ansible from a git checkout using python 2.6+. (You may not use python 3 at this time).

First, set up your environment to run from the checkout:

$ source ./hacking/env-setup

You will need some basic prerequisites installed. If you do not already have them and do not wish to install them from your operating system package manager, you can install them from pip

$ easy_install pip               # if pip is not already available
$ pip install -r requirements.txt

From there, follow ansible instructions on docs.ansible.com as normal.

Test-module

'test-module' is a simple program that allows module developers (or testers) to run a module outside of the ansible program, locally, on the current machine.

Example:

$ ./hacking/test-module -m lib/ansible/modules/commands/shell -a "echo hi"

This is a good way to insert a breakpoint into a module, for instance.

For more complex arguments such as the following yaml:

parent:
  child:
    - item: first
      val: foo
    - item: second
      val: boo

Use:

$ ./hacking/test-module -m module \
    -a '{"parent": {"child": [{"item": "first", "val": "foo"}, {"item": "second", "val": "bar"}]}}'

Module-formatter

The module formatter is a script used to generate manpages and online module documentation. This is used by the system makefiles and rarely needs to be run directly.

Authors

'authors' is a simple script that generates a list of everyone who has contributed code to the ansible repository.