Commit graph

77 commits

Author SHA1 Message Date
Matthew Davis
4ee9f40e62 Add aws_acm module (#60552)
* convert aws_acm_facts to AnsibleAWSModule

* factor aws_acm_facts into module_utils

* add more filtering options for aws_acm_info

* add aws_acm module and tests

* uncomment aws_acm test

* fix linting for aws_acm

* fix __future__ linting for aws_acm

* fix linting for aws_acm

* fix linting for aws_acm

* fix linting for aws_acm

* fix linting for aws_acm

* fix aws_acm_info arg type

* remove test for old module name aws_acm_facts

* simplify AWS ACM client creation

* fix indent typo in aws_acm test

* catch BotoCoreError in aws_acm

* fix indent typo in aws_acm test

* tighten AWS ACM test policy resource

* move aws acm int test to venv

* remove errant file

* fix AWS ACM int test perms

* undo copyright addition to wrong file

* fix invalid log message in aws_acm

Co-Authored-By: Jill R <4121322+jillr@users.noreply.github.com>

* rephrase aws_acm_info doc from facts to information

Co-Authored-By: Jill R <4121322+jillr@users.noreply.github.com>

* rename aws_facts var to aws_info

* remove case insensitivity for aws_acm pem compare

* add no_log for aws_acm credential setting

* add per-test prefix to aws_acm test resource names

* make aws_acm use crypto module_util

* clarify copyright for aws_acm

* make aws_acm int test clearer

* add explicit crypto dependency to aws_acm

* change requests for aws_acm pr

* fix wrong copyright owner aws_acm test

* fix wrong copyright owner aws_acm test

* rewrite aws_acm cert chain compare with regex, no dependency

* fix linting for aws_acm unit test

* fix linting for aws_acm unit test

* fix linting and duplicate ignore

* fix failed cert chain split in aws_acm, add more tests

* remove errant file

* more linting fixes for aws_acm

* fix sanity ignore

* rewrite cert compare in aws_acm to use base64 decode

* improve regex for pem cert chain split in aws_acm

* undo changes to crypto module util for aws_acm

* increment ansible version for new aws_acm module

* convert aws_acm return(x) to return x

* increment version added for aws_acm_info new features

* fix linting

* fix bugs with AWS ACM

* fix bad rebase

* disable AWS ACM integration test, due to AWS account limit issue

* remove aws acm integration test from shippable group
2019-11-05 11:57:08 -07:00
Mark Chappell
4e8bb334a9 Sanity test fixups: AWS VPC related modules (#64089)
* Add missing boilerplate

* Avoid blocklisted variable name '_'

* doc fixups

* Remove defaults for required parameters

* Remove explicit definition of 'region' from argument spec
it's automatically added by ec2_argument_spec and redefining removes the aliases

* remove sanity ignore entries for AWS VPC related modules

* Suggested Review changes
2019-10-30 14:28:14 -07:00
Mark Chappell
e6607d611a Sanity test fixups - AWS related tests (#64093)
* AWS tests Sanity Test fixups (add boilerplate)

* Remove sanity ignore.txt entries
2019-10-30 09:48:59 -07:00
Mark Chappell
1f38a12057 Fix behaviour of module_utils/ec2 compare_policies when dealing with bare bools and ints. (#61115)
* module_utils/ec2: (unit tests) Move unit tests for module_utils/ec2.py into test/units/module_utils

- compare_policies was refactored from s3_bucket
- "ec2_utils" doesn't seem to have ever existed

* module_utils/ec2: (unit tests) Add unit test for comparing quoted and unquoted bools and numbers within policies

As per https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_grammar.html

"Values are enclosed in quotation marks. Quotation marks are optional for numeric
and Boolean values."

* module_utils/ec2: Explicitly convert bools and ints to strings when comparing policies

See also: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_grammar.html
2019-09-09 12:08:25 -04:00
Chris Archibald
799b0fac52 New module: cvs snapshots for aws (#61023)
* New module: cvs snapshots for aws

* fixeS
2019-08-29 00:24:38 -04:00
Chris Archibald
53b2a261de new module: Cloud Volumes for AWS, active Directory (#61342)
* new module

* fixes

* update
2019-08-29 00:21:45 -04:00
Chris Archibald
9f006dd8c7 new module netapp csv pools for aws (#61340)
* new module cvs pools

* fixes

* updates

* fixes

* fixes

* fixes
2019-08-28 23:30:45 -04:00
Chris Archibald
4879cf8fff new module: Cloud Volume for AWS FileSystems (#61343)
* new module"

* fixes

* updates
2019-08-28 23:02:15 -04:00
Matt Martz
c81a1057e1
Speed up a few more tests by mocking time.sleep (#61186) 2019-08-22 14:33:34 -05:00
Andrey Klychkov
21863d48f3 unit tests: remove unused imports (#60462) 2019-08-13 19:21:43 +02:00
Jill R
4308b87d72 Don't truncate cidr_ipv6 addresses in ec2_group.py (#59106)
* Better cidr_ipv6 validation in ec2_group.py

* Improve warning/error handling, add changelog

* Update unit test for ipv6 validation

* Fix logic that was causing non /128 cidrs with host bits to not be handled
2019-08-07 08:39:55 -04:00
Andrey Klychkov
64e3cb0fa8 Unit tests: remove unused imports (#59812)
* Unit tests: remove unused imports

* Unit tests: remove unused imports, fix
2019-08-02 17:18:14 +02:00
Andrey Klychkov
32de51adac Unit tests: remove unused imports (#59740) 2019-07-29 22:10:13 +02:00
Toshio Kuratomi
87601969a3 Correct places where match was intended
pytest.raises has two parameters, message and match.  message is meant
to be the error message that pytest gives when the tested code does not
raise the expected exception.  match is the string that pytest expects
to be a match for the repr of the exception.  Unfortunately, it seems
that message is often mistakenly used where match is meant.  Fix those
cases.

message is also deprecated so removed our usage of it.  Perhaps we
should write a sanity test later that prevents the use of
pytest.raises(message) to avoid this mistake.

seealso: https://docs.pytest.org/en/4.6-maintenance/deprecations.html#message-parameter-of-pytest-raises

Also update the exception message tested for as we're now properly
detecting that the messages have changed.
2019-07-18 17:10:58 -07:00
Aljaž Košir
42073b6331 Add lambda_bucket_event module (#58059) 2019-07-18 10:54:01 -07:00
Yury V. Zaytsev
d88d71e4b1 route53_zone: return existing zone id in check mode (#56702)
* Returns zone ID for existing zone or `null`
* route53_zone: add module unit tests
* route53_zone: add compatibility with Python 2.6 to the unit tests
* route53_zone: address pycodestyle warning (add blank line)
2019-05-24 16:28:55 +05:30
Nathan Dines
5eb3117822 Added the OnFailure option to the AWS CloudFormation module (#52431)
* Added the OnFailure option to the AWS CloudFormation module

* Added unit tests for CloudFormation `on_create_failure`
2019-04-12 09:18:06 -07:00
dgadmin
8de00e3e1c To ipv6 network (#48572)
* Add to_ipv6_subnet function

* Use the correct function for subnet

* Corrected code style and tests

* Corrected testcase assertion

64 bits make 8 octets, or 4 hextets

* Import from correct module directly
2019-03-27 11:20:27 -04:00
Abhijeet Kasurde
3fa39ac818 ec2_vpc_vpn: Add delay and wait_timeout parameter (#53940)
* ec2_vpc_vpn: Add delay and wait_timeout parameter

Fixes: #53481

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>

* Fix unit tests

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2019-03-18 11:05:51 -05:00
John Kerkstra
672acbea68 Adds redshift_cross_region_snapshots module (#35527)
* add redshift_cross_region_snapshots module, unit tests.

* fix errors

* use ec2_argument_spec as the basis for the argument spec. fixed
metadata_version

* follow best practices by naming example tasks.

* code review changes

* fix linting errors

* Update version added
2018-12-03 08:34:53 +00:00
Matt Clay
8f072ea0f5 Fix sanity test failure. 2018-10-22 17:35:47 -07:00
Brian Coca
581b6aed2e really skip if no boto3
makes no sense to check/skip after you already fail to import
2018-10-22 17:18:25 -04:00
Matt Clay
37b013aca3
Enable additional pylint rules and resolve issues found. (#47221)
* Resolve unneeded-not.
* Resolve global-at-module-level.
* Resolve useless-import-alias.
* Resolve bad-whitespace.
* Resolve global-variable-not-assigned.
* Resolve logging-not-lazy.
* Resolve comparison-with-itself.
2018-10-18 13:38:08 -07:00
Aaron
9c08ff7a94 [aws] New module: iam_password_policy (#36200)
* Adding iam_password_policy module

* fixing various issues -- error handling, bugs

* fixing various issues based on tests

* renaming dummy var

* fixing type reference in documentation

* adding int tests and other updates

* removing typo

* fixing auth for int tests

* removing int tests for now

* readding integration tests w/ unsupported designation

* removing conflicting group

* Update aliases

* Fix unused variable
2018-10-17 13:56:13 -04:00
Matt Clay
3033fd96b0
Move unit test compat code out of lib/ansible/. (#46996)
* Move ansible.compat.tests to test/units/compat/.
* Fix unit test references to ansible.compat.tests.
* Move builtins compat to separate file.
* Fix classification of test/units/compat/ dir.
2018-10-12 20:01:14 -07:00
Matt Clay
04ddadd89b Move module tests using TQM to integration tests. 2018-09-27 13:46:19 -07:00
Sloane Hertel
2167ce6cb6
Remove placeboify from unit tests that are not calling AWS (i.e. creating a recording) (#45754) 2018-09-17 18:17:43 -04:00
Toshio Kuratomi
52449cc01a AnsiballZ improvements
Now that we don't need to worry about python-2.4 and 2.5, we can make
some improvements to the way AnsiballZ handles modules.

* Change AnsiballZ wrapper to use import to invoke the module
  We need the module to think of itself as a script because it could be
  coded as:

      main()

  or as:

      if __name__ == '__main__':
          main()

  Or even as:

      if __name__ == '__main__':
          random_function_name()

  A script will invoke all of those.  Prior to this change, we invoked
  a second Python interpreter on the module so that it really was
  a script.  However, this means that we have to run python twice (once
  for the AnsiballZ wrapper and once for the module).  This change makes
  the module think that it is a script (because __name__ in the module ==
  '__main__') but it's actually being invoked by us importing the module
  code.

  There's three ways we've come up to do this.
  * The most elegant is to use zipimporter and tell the import mechanism
    that the module being loaded is __main__:
    * 5959f11c9d/lib/ansible/executor/module_common.py (L175)
    * zipimporter is nice because we do not have to extract the module from
      the zip file and save it to the disk when we do that.  The import
      machinery does it all for us.
    * The drawback is that modules do not have a __file__ which points
      to a real file when they do this.  Modules could be using __file__
      to for a variety of reasons, most of those probably have
      replacements (the most common one is to find a writable directory
      for temporary files.  AnsibleModule.tmpdir should be used instead)
      We can monkeypatch __file__ in fom AnsibleModule initialization
      but that's kind of gross.  There's no way I can see to do this
      from the wrapper.

  * Next, there's imp.load_module():
    * https://github.com/abadger/ansible/blob/340edf7489/lib/ansible/executor/module_common.py#L151
    * imp has the nice property of allowing us to set __name__ to
      __main__ without changing the name of the file itself
    * We also don't have to do anything special to set __file__ for
      backwards compatibility (although the reason for that is the
      drawback):
    * Its drawback is that it requires the file to exist on disk so we
      have to explicitly extract it from the zipfile and save it to
      a temporary file

  * The last choice is to use exec to execute the module:
    * https://github.com/abadger/ansible/blob/f47a4ccc76/lib/ansible/executor/module_common.py#L175
    * The code we would have to maintain for this looks pretty clean.
      In the wrapper we create a ModuleType, set __file__ on it, read
      the module's contents in from the zip file and then exec it.
    * Drawbacks: We still have to explicitly extract the file's contents
      from the zip archive instead of letting python's import mechanism
      handle it.
    * Exec also has hidden performance issues and breaks certain
      assumptions that modules could be making about their own code:
      http://lucumr.pocoo.org/2011/2/1/exec-in-python/

  Our plan is to use imp.load_module() for now, deprecate the use of
  __file__ in modules, and switch to zipimport once the deprecation
  period for __file__ is over (without monkeypatching a fake __file__ in
  via AnsibleModule).

* Rename the name of the AnsiBallZ wrapped module
  This makes it obvious that the wrapped module isn't the module file that
  we distribute.  It's part of trying to mitigate the fact that the module
  is now named __main)).py in tracebacks.

* Shield all wrapper symbols inside of a function
  With the new import code, all symbols in the wrapper become visible in
  the module.  To mitigate the chance of collisions, move most symbols
  into a toplevel function.  The only symbols left in the global namespace
  are now _ANSIBALLZ_WRAPPER and _ansiballz_main.

revised porting guide entry

Integrate code coverage collection into AnsiballZ.

ci_coverage
ci_complete
2018-07-26 20:07:25 -07:00
Sloane Hertel
1fdd84b88c Rename AWS unit tests that are not running when changing the module (#42712)
now can use `ansible-test units module_name` for the aws_s3 and aws_api_gateway modules

changes to modules/cloud/amazon/aws_api_gateway and modules/cloud/amazon/aws_s3 are not triggering the unit tests; also fix aws_s3 from importing non-exist module and skipping tests

changes to module_utils/aws/core.py are only being unit tested on modules that import from the file (if they have a corresponding test) or tests that import from the file themselves.
2018-07-13 10:56:57 -04:00
Ryan Brown
45f5964fed Fix patching of wrong boto3_conn in API Gateway tests (#42700) 2018-07-12 13:06:31 -04:00
Dennis Benkert
28d0a173db [aws] add limit on number of CloudFormation stack events fetched by cloudformation module (#41840)
* Add a module parameter to configure the max fetched AWS CFN stack events
* Add version documentation for new configuration option
* Increase default in order to make sure that enough are fetched by default. This align roughly with the limit of manageable resources in CloudFormation.
2018-06-25 12:39:32 -04:00
Ryan Brown
858a1b09bb EC2_group module refactor (formerly pr/37255) (#38678)
* Refactor ec2_group

Replace nested for loops with list comprehensions

Purge rules before adding new ones in case sg has maximum permitted rules

* Add check mode tests for ec2_group

* add tests

* Remove dead code

* Fix integration test assertions for old boto versions

* Add waiter for security group that is autocreated

* Add support for in-account group rules

* Add common util to get AWS account ID

Fixes #31383

* Fix protocol number and add separate tests for egress rule handling

* Return egress rule treatment to be backwards compatible

* Remove functions that were obsoleted by `Rule` namedtuple

* IP tests

* Move description updates to a function

* Fix string formatting missing index

* Add tests for auto-creation of the same group in quick succession

* Resolve use of brand-new group in a rule without a description

* Clean up duplicated get-security-group function

* Add reverse cleanup in case of dependency issues

* Add crossaccount ELB group support

* Deal with non-STS calls to account API

* Add filtering of owner IDs that match the current account
2018-05-24 11:53:21 -04:00
Rob
b5cffe8ced [aws] Create classes for Application Load Balancer (#33769)
* Create classes for Application Load Balancer
* Add unsupported CI alias
* Add AWSRetry
* Add integration tests using the ALB
2018-05-04 16:22:00 -04:00
Sloane Hertel
923f676836
[ec2_vpc_vgw] [ec2_vpc_vpn] stabilize modules for PR 35983 (#38666)
* Stabilize ec2_vpc_vgw and ec2_vpc_vpn so tests for ec2_vpc_vpn_facts in PR 35983 can be run in CI

* Add updated placebo recordings

* ensure find_vgw uses the virtual gateway id if available

Add AWSRetry.jittered_backoff to attach_vpn_gateway to deal with errors when attaching a new VPC directly after detaching

Add integrations tests for ec2_vpc_vgw

* Sort VPN Gateways by ID
2018-05-03 14:19:19 -04:00
Sloane Hertel
f53f29352d Move AWS placebo fixtures into test/units/utils so module_utils tests can use them (#37300) 2018-03-22 14:57:59 -04:00
clarkst
e4f294822f [cloud] kinesis stream server side encryption - fixes #30269 (#30689)
* Moved the encryption to its own action method.

* removed silly default value for encryption type.

* Code formatting issues from pull request ANSIBOT.

* changed version_added to  "2.5"
because of new new options available

* changed version_added to  "2.5"
because of new new options available

* changed version_added to  "2.5"
because of new new options available
2018-01-17 13:23:27 -05:00
Matt Clay
30093dc4ed
Add Python 3.7 to CI unit test matrix. (#34680)
* Add Python 3.7 to CI unit test matrix.
* Fix `os.errno` reference to be `errno`.
* Update test_aci unit test for Python 3.7.
2018-01-10 00:57:11 -08:00
Kaz Cheng
60b5c6890a [cloud] Add template_body parameter to cloudformation module to allow lookups (#33485) 2017-12-05 13:42:05 -05:00
Ryan S. Brown
5087ce9273 Remove botocore from top-level execution in lambda_policy tests
Even though the tests are skipped, the `ClientError` uses outside the
test cause a failure even though the tests never run
2017-12-04 10:14:32 -05:00
Toshio Kuratomi
e499bccbaa
Port some tests away from nose as examples (#33437)
We don't need to use both nose and pytest.  Once we get rid of all uses
of nose we can remove the extra dependency
2017-11-30 14:04:09 -08:00
Pilou
a5c9726502 Unit tests: share common code (#31456)
* move set_module_args to units.modules.utils
* unit tests: reuse set_module_args
* unit tests: mock exit/fail_json in module.utils.ModuleTestCase
* unit tests: use module.utils.ModuleTestCase
* unit tests: fix 'import shadowed by loop variable'
2017-11-17 09:17:07 -08:00
Jonathan Nuñez
67b1d0f274 CloudFormation module: get StackEvents when ClientRequestToken is not used (#32434)
* When getting the stack events we need to consider the case where we don't have ClientRequestToken fixes #32396

* Adding tests for the case when the ClientRequestToken is not present in the stack creation.

* Renaming the stack that the test for Client Request Token requires so it won't cause collisions with the basic test.
2017-11-02 11:41:49 -04:00
Ryan Brown
11c225e039 Start using ClientRequestTokens in event lists (#31997)
* Start using ClientRequestTokens in event lists

* Include request token in all reqs that support it (basically all but check mode/changeset)

* Update placebo recordings

* Add comments for CRQ popping
2017-10-23 14:39:13 -04:00
Matt Clay
68aeaa58a8 Fix dangerous default args. (#29839) 2017-09-12 00:11:13 -07:00
jacky.chen
75998d3ca3 [cloud] Add the ability to modify shard count to kinesis_stream module (#24805)
* Add the ability to modify shard count to kinesis_stream module

* Fixed an issue in kinesis_stream where update() reports not changed when it is changed

* Remove unreachable message and make the try and catch block shorter
2017-08-29 17:13:46 -04:00
Brian Coca
aec1dfd1fa fix improt order to actually skip when no boto 2017-08-29 13:06:25 -04:00
Michael De La Rue
fbec5ab12d [cloud] new module lambda_policy (PR #24951)
- Fixes to lambda
- reformatting + tests for lambda_facts
- lambda module integration test
- switch lambda and lambda_facts to AnsibleAwsModule
- Get the account ID from STS, GetUser, and finally error message
2017-08-28 16:45:53 -04:00
Sloane Hertel
cf1a9d4d22 New module: Add ec2 Vpn Connection module and tests (cloud/amazon/ec2_vpc_vpn) (#24385)
* Add VPN module and unittests

* remove unnecessary imports

* fix documentation

* raise custom exception rather than passing module everywhere

* remove recordings

Rerecord tests

Fix docs

Ensure vpn_connection_id is a list of strings when checking if it exists

* fix check mode

* Rerecord tests

* remove superfluous code and comments and make exception handling uniform

fix docs

* Fix ec2_vpc_vpn documentation

* make ec2_vpc_vpn compatible with python 2.6 and make check mode logic more succinct

* fix comparison of list of dicts

* Fix typos and docstrings

make requested changes for imports

make code clearer

* Fix copyright and metadata version.
2017-08-24 12:18:40 -04:00
Brian Coca
725d4d4bc8 added diff as new keyword (#28581)
added diff to fake options in ec2_vpc_nat_gateway test
2017-08-24 14:43:19 +02:00
Michael Tinning
282e743eb0 elb_application_lb: fix issue with boto parameter validation on Rules (#27333) 2017-08-23 13:49:52 -04:00