mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
c1589c33c4
* Fix various bugs related in reboot - Use format strings for consistency and improve debug log messages - Use local variables instead of class attributes in order to be thread safe - Run setup module to get distribution and version - Run find module to get full path of shutdown command - Use ansible_os_family and ansible_distribution to find commands and args - Use same command for all Solaris/SunOS distributions - Move delay calculations to properties - Reliably check for module run failure - Fix bug in run_test_command() that accidentally made the method work properly - Use better exceptions rather than Exception - Use dict literals rather than constructors - Correct _check_delay() so it always returns a value, not None - Don't store and return result in run_test_command() because it's not used anywhere - add test for post reboot command that fails - test negative values for delay parameters
102 lines
3.3 KiB
YAML
102 lines
3.3 KiB
YAML
---
|
|
- name: make sure win output dir exists
|
|
win_file:
|
|
path: "{{win_output_dir}}"
|
|
state: directory
|
|
|
|
- name: reboot with defaults
|
|
win_reboot:
|
|
|
|
- name: test with negative values for delays
|
|
win_reboot:
|
|
post_reboot_delay: -0.5
|
|
pre_reboot_delay: -61
|
|
|
|
- name: schedule a reboot for sometime in the future
|
|
win_command: shutdown.exe /r /t 599
|
|
|
|
- name: reboot with a shutdown already scheduled
|
|
win_reboot:
|
|
|
|
# test a reboot that reboots again during the test_command phase
|
|
- name: create test file
|
|
win_file:
|
|
path: '{{win_output_dir}}\win_reboot_test'
|
|
state: touch
|
|
|
|
- name: reboot with secondary reboot stage
|
|
win_reboot:
|
|
test_command: powershell.exe -NoProfile -EncodedCommand {{lookup('template', 'post_reboot.ps1')|b64encode(encoding='utf-16-le')}}
|
|
|
|
- name: reboot with test command that fails
|
|
win_reboot:
|
|
test_command: 'FAIL'
|
|
reboot_timeout: 120
|
|
register: reboot_fail_test
|
|
failed_when: "reboot_fail_test.msg != 'Timed out waiting for post-reboot test command (timeout=120)'"
|
|
|
|
# try and reboot the host with a non admin user, we expect an error here
|
|
# this requires a bit of setup to create the user and allow it to connect
|
|
# over WinRM
|
|
- name: create password fact
|
|
set_fact:
|
|
standard_user: ansible_user_test
|
|
standard_pass: password123! + {{ lookup('password', '/dev/null chars=ascii_letters,digits length=8') }}
|
|
|
|
- name: get original SDDL for WinRM listener
|
|
win_shell: (Get-Item -Path WSMan:\localhost\Service\RootSDDL).Value
|
|
register: original_sddl
|
|
|
|
- name: create standard user
|
|
win_user:
|
|
name: '{{standard_user}}'
|
|
password: '{{standard_pass}}'
|
|
update_password: always
|
|
groups: Users
|
|
state: present
|
|
register: user_res
|
|
|
|
- name: add standard user to WinRM listener
|
|
win_shell: |
|
|
$sid = New-Object -TypeName System.Security.Principal.SecurityIdentifier -ArgumentList "{{user_res.sid}}"
|
|
$sd = New-Object -TypeName System.Security.AccessControl.CommonSecurityDescriptor -ArgumentList $false, $false, "{{original_sddl.stdout_lines[0]}}"
|
|
$sd.DiscretionaryAcl.AddAccess(
|
|
[System.Security.AccessControl.AccessControlType]::Allow,
|
|
$sid,
|
|
(0x80000000 -bor 0x20000000),
|
|
[System.Security.AccessControl.InheritanceFlags]::None,
|
|
[System.Security.AccessControl.PropagationFlags]::None
|
|
)
|
|
$new_sddl = $sd.GetSddlForm([System.Security.AccessControl.AccessControlSections]::All)
|
|
Set-Item -Path WSMan:\localhost\Service\RootSDDL -Value $new_sddl -Force
|
|
|
|
- block:
|
|
- name: fail to reboot with non admin user
|
|
win_reboot:
|
|
vars:
|
|
ansible_user: '{{standard_user}}'
|
|
ansible_password: '{{standard_pass}}'
|
|
ansible_winrm_transport: ntlm
|
|
register: fail_shutdown
|
|
failed_when: "fail_shutdown.msg != 'Reboot command failed, error was: Access is denied.(5)'"
|
|
|
|
always:
|
|
- name: set the original SDDL to the WinRM listener
|
|
win_shell: 'Set-Item -Path WSMan:\localhost\Service\RootSDDL -Value "{{original_sddl.stdout_lines[0]}}" -Force'
|
|
|
|
- name: remove standard user
|
|
win_user:
|
|
name: '{{standard_user}}'
|
|
state: absent
|
|
|
|
- name: Use invalid parameter
|
|
reboot:
|
|
foo: bar
|
|
ignore_errors: true
|
|
register: invalid_parameter
|
|
|
|
- name: Ensure task fails with error
|
|
assert:
|
|
that:
|
|
- invalid_parameter is failed
|
|
- "invalid_parameter.msg == 'Invalid options for reboot: foo'"
|