1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00
community.general/test
Adrian Likins e396d5d508 Implement vault encrypted yaml variables. (#16274)
Make !vault-encrypted create a AnsibleVaultUnicode
yaml object that can be used as a regular string object.

This allows a playbook to include a encrypted vault
blob for the value of a yaml variable. A 'secret_password'
variable can have it's value encrypted instead of having
to vault encrypt an entire vars file.

Add __ENCRYPTED__ to the vault yaml types so
template.Template can treat it similar
to __UNSAFE__ flags.

vault.VaultLib api changes:
    - Split VaultLib.encrypt to encrypt and encrypt_bytestring

    - VaultLib.encrypt() previously accepted the plaintext data
      as either a byte string or a unicode string.
      Doing the right thing based on the input type would fail
      on py3 if given a arg of type 'bytes'. To simplify the
      API, vaultlib.encrypt() now assumes input plaintext is a
      py2 unicode or py3 str. It will encode to utf-8 then call
      the new encrypt_bytestring(). The new methods are less
      ambiguous.

    - moved VaultLib.is_encrypted logic to vault module scope
      and split to is_encrypted() and is_encrypted_file().

Add a test/unit/mock/yaml_helper.py
It has some helpers for testing parsing/yaml

Integration tests added as roles test_vault and test_vault_embedded
2016-08-23 20:03:11 -04:00
..
code-smell Migrate basestring to a python3 compatible type (#17199) 2016-08-23 13:13:44 -07:00
integration Implement vault encrypted yaml variables. (#16274) 2016-08-23 20:03:11 -04:00
samples Changes to be committed: (#16430) 2016-06-24 10:26:51 -04:00
units Implement vault encrypted yaml variables. (#16274) 2016-08-23 20:03:11 -04:00
utils Add support for OS X CI on Shippable. (#17160) 2016-08-23 10:49:46 -07:00
README.md Update README.md 2015-11-03 14:11:22 -05:00

Ansible Test System

Folders

unit

Unit tests that test small pieces of code not suited for the integration test layer, usually very API based, and should leverage mock interfaces rather than producing side effects.

Playbook engine code is better suited for integration tests.

Requirements: sudo pip install paramiko PyYAML jinja2 httplib2 passlib nose mock

integration

Integration test layer, constructed using playbooks.

Some tests may require cloud credentials, others will not, and destructive tests are separated from non-destructive so a subset can be run on development machines.

learn more

hop into a subdirectory and see the associated README.md for more info.