From ec8b1d267d267cb1afe4b0cbb1484a563ac0dc03 Mon Sep 17 00:00:00 2001 From: Sloane Hertel <19572925+s-hertel@users.noreply.github.com> Date: Tue, 18 Jan 2022 20:21:35 -0500 Subject: [PATCH] ansible-galaxy - fix the --ignore-certs flag for the implicit galaxy server (#76735) (#76738) * ansible-galaxy - fix the --ignore-certs flag for the implicit galaxy server * changelog * Add a test without the server config * Fix respecting --ignore-certs for individual --server URLs also * Update changelogs/fragments/76735-ansible-galaxy-fix-ignore-certs.yaml (cherry picked from commit 76220c4a7bf90c97113fe104ea33957a9881b8a9) --- ...76735-ansible-galaxy-fix-ignore-certs.yaml | 2 + lib/ansible/cli/galaxy.py | 2 + test/units/galaxy/test_collection.py | 44 ++++++++++++++++++- 3 files changed, 47 insertions(+), 1 deletion(-) create mode 100644 changelogs/fragments/76735-ansible-galaxy-fix-ignore-certs.yaml diff --git a/changelogs/fragments/76735-ansible-galaxy-fix-ignore-certs.yaml b/changelogs/fragments/76735-ansible-galaxy-fix-ignore-certs.yaml new file mode 100644 index 00000000000..daf234c8cfd --- /dev/null +++ b/changelogs/fragments/76735-ansible-galaxy-fix-ignore-certs.yaml @@ -0,0 +1,2 @@ +bugfixes: + - ansible-galaxy - Fix using the '--ignore-certs' option when there is no server-specific configuration for the Galaxy server. diff --git a/lib/ansible/cli/galaxy.py b/lib/ansible/cli/galaxy.py index cc9a813ef23..5d9080e9f50 100644 --- a/lib/ansible/cli/galaxy.py +++ b/lib/ansible/cli/galaxy.py @@ -551,6 +551,7 @@ class GalaxyCLI(CLI): self.api_servers.append(GalaxyAPI( self.galaxy, 'cmd_arg', cmd_server, token=cmd_token, priority=len(config_servers) + 1, + validate_certs=validate_certs_fallback, **galaxy_options )) else: @@ -561,6 +562,7 @@ class GalaxyCLI(CLI): self.api_servers.append(GalaxyAPI( self.galaxy, 'default', C.GALAXY_SERVER, token=cmd_token, priority=0, + validate_certs=validate_certs_fallback, **galaxy_options )) diff --git a/test/units/galaxy/test_collection.py b/test/units/galaxy/test_collection.py index b8c72a775f7..65243df1518 100644 --- a/test/units/galaxy/test_collection.py +++ b/test/units/galaxy/test_collection.py @@ -218,7 +218,49 @@ def server_config(monkeypatch): @pytest.mark.parametrize('global_ignore_certs', [True, False]) -def test_validate_certs(global_ignore_certs, server_config, monkeypatch): +def test_validate_certs(global_ignore_certs, monkeypatch): + cli_args = [ + 'ansible-galaxy', + 'collection', + 'install', + 'namespace.collection:1.0.0', + ] + if global_ignore_certs: + cli_args.append('--ignore-certs') + + galaxy_cli = GalaxyCLI(args=cli_args) + mock_execute_install = MagicMock() + monkeypatch.setattr(galaxy_cli, '_execute_install_collection', mock_execute_install) + galaxy_cli.run() + + assert len(galaxy_cli.api_servers) == 1 + assert galaxy_cli.api_servers[0].validate_certs is not global_ignore_certs + + +@pytest.mark.parametrize('global_ignore_certs', [True, False]) +def test_validate_certs_with_server_url(global_ignore_certs, monkeypatch): + cli_args = [ + 'ansible-galaxy', + 'collection', + 'install', + 'namespace.collection:1.0.0', + '-s', + 'https://galaxy.ansible.com' + ] + if global_ignore_certs: + cli_args.append('--ignore-certs') + + galaxy_cli = GalaxyCLI(args=cli_args) + mock_execute_install = MagicMock() + monkeypatch.setattr(galaxy_cli, '_execute_install_collection', mock_execute_install) + galaxy_cli.run() + + assert len(galaxy_cli.api_servers) == 1 + assert galaxy_cli.api_servers[0].validate_certs is not global_ignore_certs + + +@pytest.mark.parametrize('global_ignore_certs', [True, False]) +def test_validate_certs_with_server_config(global_ignore_certs, server_config, monkeypatch): get_plugin_options = MagicMock(side_effect=server_config) monkeypatch.setattr(C.config, 'get_plugin_options', get_plugin_options)