Commit graph

370 commits

Author SHA1 Message Date
Sloane Hertel
1dd55acbc2 ec2_group: add rule description support - fixes #29040 (#30273)
* ec2_group: add support for rule descriptions.

* Document rule description feature and add an example using it.

* Fix removing rule descriptions.

* Add integration tests to verify adding/modifying/removing rule descriptions works as expected.

* Add permissions to hacking/aws_config/testing_policies/ec2-policy.json for updating ingress and egress rule descriptions.

* ec2_group: add backwards compatibility with older versions of botocore for rule descriptions.

* Add compatibility with older version of botocore for ec2_group integration tests.

* ec2_group: move HAS_RULE_DESCRIPTION to be checked first.

* Make requested change

* Pass around a variable instead of client

* Make sure has_rule_description defaults to None

* Fail if rule_desc is in any ingress/egress rules and the the botocore version < 1.7.2

* Remove unnecessary variable

* Fix indentation for changed=True when updating rule descriptions.

* minor refactor to remove duplicate code

* add missing parameter

* Fix pep8

* Update test policy.
2017-10-24 21:18:56 -04:00
Prasad Katti
d6737dcdd4 Added info about return_skeleton_generator.py
Added info about return_skeleton_generator.py to hacking/README.md
2017-10-02 15:58:57 -04:00
Will Thames
37736ee87e Allow AWS image and snapshot creation/deletion
Provide all necessary permissions for AMI tests
Allow tests to run in us-east-2
Ensure `always` section gets used
Update tests to ensure that cleanup works better, and add
deletion idempotency test
2017-09-19 23:12:50 -07:00
Will Thames
5e978b0f2b Use JSON returns values to create RETURN docs
After running hacking/test-module to generate some output,
the JSON output can be fed into the return skeletion generator
to create an excellent starting point for RETURN docs
2017-09-11 14:33:11 -07:00
Will Thames
63df0adc17 [cloud] Update RDS parameter group for boto3 (#25345)
* Update RDS parameter group for boto3

* Update to boto3
* Update to latest ansible standards
* Remove choices list for valid engines (See #19221 for context)
* Allow tagging
* Return some useful information, and document that information

* Add tests for rds_param_group

* Improve testing of rds_param_group

* Add purge_tags option for rds_param_group

* Fix remaining broken rds_param_group tests

* Ensure the group name is lowercased. Fixes integration tests when run on OSX
2017-08-28 12:52:22 -04:00
welchwilmerck
af40d04247 bring comments and docs up-to-date for invoking hacking/test-module (#20940)
inside test-module, rundebug also needs to know interpreters
2017-08-18 09:46:15 -04:00
Toshio Kuratomi
af2073d057 metadata 1.1
* Add network value to support_by field.
* New support_by value, certified
* Deprecate curated in favor of certified
* Add conversion from 1.0 to 1.1 to metadata-tool
* Add supported by Red Hat field to ansible-doc output
2017-08-15 23:12:08 -07:00
Sam Doran
aa19563388 Improve fish environment setup (#26151)
* Add test runner to PATH

* Add Python3 support

* Updating env-setup.fish to use more portable '-exec' rather than '-delete'

* Create gen_egg_info function

Move code into a function similar to env-setup.

Silence all output when run with -q
2017-08-01 09:41:21 -04:00
Will Thames
f972994662 [cloud] fix VPC behavior for ec2_group module, improve integration tests (#27038)
* Add tests for group in a VPC

* Improve ec2_group output and documentation

Update ec2_group to provide full security group information
Add RETURN documentation to match

* Fix ec2_group creation within a VPC

Ensure VPC ID gets passed when creating security group

* Add test for auto creating SG

* Fix ec2_group auto group creation

* Add backoff to describe_security_groups

Getting LimitExceeded from describe_security_groups is definitely
possible (source: me) so add backoff to increase likelihood of
success.

To ensure that all `describe_security_group` calls are backed off,
remove implicit ones that use `ec2.SecurityGroup`. From there,
the decision to remove the `ec2` boto3 resource and rely on the client
alone makes good sense.

* Tidy up auto created security group

Add resource_prefix to auto created security group and delete
it in the `always` section.
Use YAML argument form for all module parameters
2017-08-01 06:53:43 -04:00
Will Thames
f3bc8b84b6 [cloud] Fix setup_iam to use policy_name, not PolicyName (#26880)
Update setup_iam.yml to work with latest iam_managed_policies
module, which correctly snakifies the results
2017-07-28 07:50:07 -04:00
Toshio Kuratomi
225fa5d092 Fix undefined variables, basestring usage, and some associated python3 issues 2017-07-25 15:58:23 -07:00
sramakr
b980a5c02a Use Boto3 for ec2_group Fixes #23507 (#25340)
* Use Boto3 for ec2_group

Currently boto doesn't support ipv6. To support ipv6 in ec2_group, we need boto3.
boto3 has significant API changes, which caused more re-factoring for ec2_group module.
Added additional integration test to test_ec2_group role.

* Follow the standard for boto3 ansible

Fixed imports. Use boto3 ansible exception with camel_dict_to_snake_dict.
Refactored the call to authorize/revoke  ingress and egress.

* Removed dependancy with module ipaddress

Added new parameter called cidr_ipv6 for specifying
ipv6 addresses inline with how boto3 handles ipv6 addresses.

* Updated integration test

* Added ipv6 integration test for ec2_group

* Set purge_rules to false for integration test

* Fixed import statements

Added example for ipv6.
Removed defining HAS_BOTO3 variable and import HAS_BOTO3 from ec2.
Cleaned up import statements.

* Fixed exception handling

* Add IAM permissions for ec2_group tests

Missing AuthorizeSecurityGroupEgress necessary for latest tests

* Wrapped botocore import in try/except block

Import just botocore to be more similar to other modules
2017-07-17 12:03:31 +10:00
Matt Clay
1c1527c73f Initial version of source/testing report tool. 2017-07-15 00:15:04 -07:00
Will Thames
0ed1c3ba9c Split up testing IAM policies and automate creating them (#26223)
* Split up testing IAM policies and automate creating them

Move to managed policies to avoid the 5KB limit on policies
for an IAM entity.

The policy file is templated, so need to make sure that there
is an easy mechanism to populate the templates and push the
new policies.

* Update IAM policies for ec2_scaling_policy tests

* Fix RouteTable policies

DescribeRouteTable should be plural
ModifyRouteTable does not exist, but ReplaceRouteTableAssociation
does.

* Some IAM policies do not allow specified Resources

Various IAM policies do not allow Resources
to be specified and should just use `*`. This differs
per service

* [Autoscaling](http://docs.aws.amazon.com/autoscaling/latest/userguide/control-access-using-iam.html#policy-auto-scaling-resources)
* [EC2](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/ec2-api-permissions.html#ec2-api-unsupported-resource-permissions)
* [ECR](http://docs.aws.amazon.com/AmazonECR/latest/userguide/ecr-supported-iam-actions-resources.html)
* [ELB](http://docs.aws.amazon.com/elasticloadbalancing/latest/userguide/load-balancer-authentication-access-control.html)

* Finish fixing AWS IAM resource specifications for testing

Update Lambda and RDS policies
2017-07-14 14:50:55 +10:00
hondak
db5ec11758 Replace double-quote with single-quote at example (#26667) 2017-07-12 11:22:50 -04:00
Sloane Hertel
113f92548a hacking/test-module: fix for python3 (#26194)
* make hacking/test-module compatible with python3
2017-07-11 13:21:51 -07:00
Toshio Kuratomi
3ee997b720 metadata and doc generator optimization and fixes
* Fix ansible-doc traceback when a plugin doesn't parse correctly
* Change extract_metadata ivocation to take either an ast or source
  code.  When given source code, it can find file offsets for the start
  and end of dict.  When given the ast, it is quicker as it doesn't have
  to reparse the source.  Requires changing the call to the function to
  use a keyword arg.
* Fix reading of metadata to find the last occurrence of
  ANSIBLE_METADATA instead of the first.
* Add some more unittests to get closer to complete coverage
2017-07-04 01:12:43 -07:00
Toshio Kuratomi
e27c2860e7 Move metadata extraction into a library function (#26198)
* Move metadata extraction into a library function
* fix the string cases to throw NotImplementedError
* Some python3 fixes
2017-06-28 18:10:26 -07:00
Michael De La Rue
56d33a2967 Fix hacking/test-module to allow running modules with pdb (#23339)
* Fix hacking/test-module to allow running modules with pdb

* add emacs autosave files to gitignore
2017-06-28 10:58:22 -07:00
Yujun Zhang
1f3755f86b Include error message when ansiballz_setup fails (#26127)
It is quite difficult to pinpoint what is wrong without it
2017-06-28 12:45:38 -04:00
Toshio Kuratomi
e238ae999b Cyptography pr 20566 rebase (#25560)
Make pyca/cryptography the preferred backend for cryptographic needs (mainly vault) falling back to pycrypto

pyca/cryptography is already implicitly a dependency in many cases
through paramiko (2.0+) as well as the new openssl_publickey module,
which requires pyOpenSSL 16.0+. Additionally, pyca/cryptography is
an optional dep for better performance with vault already.

This commit leverages cryptography's padding, constant time comparisons,
and CBC/CTR modes to reduce the amount of code ansible needs to
maintain.

* Handle wrong password given for VaultAES format

* Do not display deprecation warning for cryptography on python-2.6

* Namespace all of the pycrypto imports and always import them

  Makes unittests better and the code less likely to get stupid mistakes
  (like using HMAC from cryptogrpahy when the one from pycrypto is needed)

* Add back in atfork since we need pycrypto to reinitialize its RNG just in case we're being used with old paramiko

* contrib/inventory/gce: Remove spurious require on pycrypto

(cherry picked from commit 9e16b9db275263b3ea8d1b124966fdebfc9ab271)

* Add cryptography to ec2_win_password module requirements
  * Fix python3 bug which would pass text strings to a function which
    requires byte strings.

* Attempt to add pycrypto version to setup deps

* Change hacking README for dual pycrypto/cryptography

* update dependencies for various CI scripts

* additional CI dockerfile/script updates

* add paramiko to the windows and sanity requirement set

  This is needed because ansible lists it as a requirement. Previously
  the missing dep wasn't enforced, but cryptography imports pkg_resources
  so you can't ignore a requirement any more

* Add integration test cases for old vault and for wrong passwords

* helper script for manual testing of pycrypto/cryptography

* Skip the pycrypto tests so that users without it installed can still run the unittests

* Run unittests for vault with both cryptography and pycrypto backend
2017-06-27 06:00:15 -07:00
Brian Coca
74842adc07 1st part of ansible config, adds ansible-config to view/manage configs (#12797)
* Start of ansible config project

moved configuration definitions to external yaml file vs hardcoded
 * updated constants to be a data strcutures that are looped over and also return origin of setting
changed to manager/data scheme for base classes
new cli ansible-config to view/manage ansible configuration settings
 * prints green for default/unchanged and yellow for those that have been overriden
 * added list action to show all configurable settings and their associated ini and env var names
 * allows specifying config file to see what result would look like
 * TBD update, edit and view options

removed test for functions that have been removed

env_Vars are now list of dicts
allows for version_added and deprecation in future
added a couple of descriptions for future doc autogeneration
ensure test does not fail if delete_me exists
normalized 'path expansion'
added yaml config to setup packaging
removed unused imports
better encoding handling

updated as per feedback

* pep8
2017-06-14 11:08:34 -04:00
Abhijeet Kasurde
b89cb95609 Fix spelling mistakes (comments only) (#25564)
Original Author : klemens <ka7@github.com>

Taking over previous PR as per
https://github.com/ansible/ansible/pull/23644#issuecomment-307334525

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2017-06-12 07:55:19 +01:00
Brian Coca
d03b16e88b start of 'profiling utils' 2017-05-31 14:00:12 -04:00
Martyn Ranyard
014f33655c Allows for testing binary modules (#24857) 2017-05-22 14:00:06 -04:00
Michael De La Rue
e9e661ebbb aws integration tests - provide an IAM policy for running (#24725)
* aws integration tests - provide an IAM policy that can be used for running them

* move documentation of aws policies into main integration testing documentation + some updates there

* Update testing_integration.rst

Edits
2017-05-19 14:37:39 -07:00
Dag Wieers
9a5a61bdca hacking/: PEP8 compliancy (#24683)
- Make PEP8 compliant
2017-05-16 18:52:07 +01:00
Matt Martz
8e523089ef Speed up env-setup (#24133) 2017-05-01 09:54:50 -05:00
Brian Coca
424e1946f4 moved docs generation and templates to docs/ 2017-03-24 15:52:36 -04:00
Brian Coca
7839f70e36 Enable documentation in plugins
Made ansible-doc more plugin agnostic
We can have docs in lookup, callback, connectionm strategy, etc
Use first docstring and make pepizis happy
generalized module_docs to plugin_docs
documented cartesian, ssh, default, jsonfile, etc as examples
changed lack of docs to warning when listing
made smarter about bad docstrings
better blacklisting
added handling of options/config/envs/etc
move blacklist to find_plugins, only need once
2017-03-23 01:27:19 -04:00
Brian Coca
18cbc3b16b minor doc gen fixes 2017-03-20 15:47:24 -04:00
Brian Coca
b606bcec04 Doc directives (#22524)
* draft docs for directives

* updated to document directives
2017-03-15 11:29:58 -04:00
Toshio Kuratomi
eb1214baad New metadata 1.0 (#22587)
Changes to the metadata format were approved here:
https://github.com/ansible/proposals/issues/54
* Update documentation to the new metadata format
* Changes to metadata-tool to account for new metadata
  * Add GPL license header
  * Add upgrade subcommand to upgrade metadata version
  * Change default metadata to the new format
  * Fix exclusion of non-modules from the metadata report
* Fix ansible-doc for new module metadata
* Exclude metadata version from ansible-doc output
* Fix website docs generation for the new metadata
* Update metadata schema in valiate-modules test
* Update the metadata in all modules to the new version
2017-03-14 09:07:22 -07:00
John R Barker
04e816e13b Stricter module documentation validation (#22353)
Raise the bar for module `DOCUMENTAION`
This validator update was used to find the issues in https://github.com/ansible/ansible/pull/22297/files

**Validation**
* Updated Validation and docs to enforce more (items fixed in https://github.com/ansible/ansible/pull/22297/files)
* Use `suboptions` to document complex options 
* Validate module name
* Validate deprecated modules have correct ANSIBLE_METADATA

**Module Documentation Generation**
* Document `suboptions:` Example https://gist.github.com/gundalow/4bdc3669d696268328ccc18528cc6718
* Tidy up HTML generation (valid HTML, no empty lists, etc)
 
**Documentation**
* Clarify the steps for deprecating a module
* Use correct RST headings
* Document `suboptions:` (options)
* Document `contains:` (returns)


**Details**
The aim is to get this (and corresponding module updates) complete by the time `devel` becomes `2.4`, as this allows us to raise the bar for new modules

Example `suboptions` https://gist.github.com/gundalow/4bdc3669d696268328ccc18528cc6718

The aim is to get this PR integrated into `devel` *before* we branch `stable-2.3`, this will allows us to:
* Raise the bar for new modules in 2.4
* Ensure the generated module documentation for 2.3 and higher is improved, important as we will be doing versioned docs moving forward.
2017-03-13 19:49:27 +00:00
Matt Clay
48e82b4ca8 Add test/runner to $PATH in hacking/env-setup. (#22387) 2017-03-07 16:31:53 -08:00
Brian Coca
b714f1fc4b made module notes render nicer on docsite 2017-02-24 15:15:18 -05:00
Matt Martz
5942de603d Legacy pep8 clean fixes for contrib and hacking (#21081) 2017-02-07 09:49:55 -06:00
Allan
ba39d1158c Update test-module (#20737)
* Update test-module

Ensuring invoke is assigned

Traceback (most recent call last):
  File "ansible/hacking/test-module", line 267, in <module>
    main()
  File "ansible/hacking/test-module", line 263, in main
    runtest(modfile, argspath, modname, module_style, interpreters)
  File "ansible/hacking/test-module", line 207, in runtest
    invoke = "%s%s" % (invoke, modfile)
UnboundLocalError: local variable 'invoke' referenced before assignment

* Update test-module

Made the change to only require a single if, making the function more 'DRY'.
2017-01-31 20:05:53 -08:00
Matt Clay
10d9318de7 PEP 8 indent cleanup. (#20800)
* PEP 8 E121 cleanup.

* PEP 8 E126 cleanup.

* PEP 8 E122 cleanup.
2017-01-29 07:28:53 +00:00
Matt Clay
d0d1158c5e PEP 8 cleanup. (#20789)
* PEP 8 E703 cleanup.
* PEP 8 E701 cleanup.
* PEP 8 E711 cleanup.
* PEP 8 W191 and E101 cleanup.
2017-01-28 00:12:11 -08:00
Matt Clay
95789f3949 PEP 8 whitespace cleanup. (#20783)
* PEP 8 E271 whitespace cleanup.
* PEP 8 W293 whitespace cleanup.
* Fix whitespace issue from recent PR.
2017-01-27 15:45:23 -08:00
Matt Clay
63b1e0c277 Fix infrequent PEP 8 issues. 2017-01-27 14:06:21 -08:00
Brian Coca
bcdfdc0cc3 minor cleanups
removed redundant print/exits
removed unused import and var
2017-01-19 19:37:36 -05:00
Adam Johnson
fbfe66967d Doc module meta grammar fixes (#20446)
* Remove unnecessary 'the'
* End sentences with a period
2017-01-19 12:01:55 -08:00
Will Thames
082082857d Use the python used with test-module to run modules (#19591)
* Use ansible_python_interpreter to run modules

Use ansible_python_interpreter to run modules if
`-I ansible_python_interpreter` is set.

Remove unused default from `-I` help text.

* Update test-module to pep8 standards
2017-01-17 17:25:56 -08:00
Matt Clay
cd3fdca540 Switch tests to pytest and ansible-test.
- Replace nose usage with pytest.
- Remove legacy Shippable integration.sh.
- Update Makefile to use pytest and ansible-test.
- Convert most yield unit tests to pytest parametrize.
2017-01-11 12:34:59 -08:00
Brian Coca
3c4afd0470 Doc module meta (#20093)
* updated module docs to reflect unification/meta

* new doc page

* also remove module refs to old core/extra

* Update modules_support.rst

Light edit.
2017-01-10 12:58:22 -08:00
Brian Coca
d138132bc2 show status/support in toc 2017-01-10 12:26:46 -05:00
Toshio Kuratomi
08d6990e67 Fix code-blocks to use correct syntax highlighting 2017-01-08 09:18:45 -08:00
Brian Coca
f5c1aefca9 added symbol conversion to deprecated
fixes #19697
2017-01-05 17:38:30 -05:00