Commit Graph

370 Commits (1dd55acbc211d854a6cded0f813334325bac4038)

Author SHA1 Message Date
Sloane Hertel 1dd55acbc2 ec2_group: add rule description support - fixes #29040 (#30273)
* ec2_group: add support for rule descriptions.

* Document rule description feature and add an example using it.

* Fix removing rule descriptions.

* Add integration tests to verify adding/modifying/removing rule descriptions works as expected.

* Add permissions to hacking/aws_config/testing_policies/ec2-policy.json for updating ingress and egress rule descriptions.

* ec2_group: add backwards compatibility with older versions of botocore for rule descriptions.

* Add compatibility with older version of botocore for ec2_group integration tests.

* ec2_group: move HAS_RULE_DESCRIPTION to be checked first.

* Make requested change

* Pass around a variable instead of client

* Make sure has_rule_description defaults to None

* Fail if rule_desc is in any ingress/egress rules and the the botocore version < 1.7.2

* Remove unnecessary variable

* Fix indentation for changed=True when updating rule descriptions.

* minor refactor to remove duplicate code

* add missing parameter

* Fix pep8

* Update test policy.
7 years ago
Prasad Katti d6737dcdd4 Added info about return_skeleton_generator.py
Added info about return_skeleton_generator.py to hacking/README.md
7 years ago
Will Thames 37736ee87e Allow AWS image and snapshot creation/deletion
Provide all necessary permissions for AMI tests
Allow tests to run in us-east-2
Ensure `always` section gets used
Update tests to ensure that cleanup works better, and add
deletion idempotency test
7 years ago
Will Thames 5e978b0f2b Use JSON returns values to create RETURN docs
After running hacking/test-module to generate some output,
the JSON output can be fed into the return skeletion generator
to create an excellent starting point for RETURN docs
7 years ago
Will Thames 63df0adc17 [cloud] Update RDS parameter group for boto3 (#25345)
* Update RDS parameter group for boto3

* Update to boto3
* Update to latest ansible standards
* Remove choices list for valid engines (See #19221 for context)
* Allow tagging
* Return some useful information, and document that information

* Add tests for rds_param_group

* Improve testing of rds_param_group

* Add purge_tags option for rds_param_group

* Fix remaining broken rds_param_group tests

* Ensure the group name is lowercased. Fixes integration tests when run on OSX
7 years ago
welchwilmerck af40d04247 bring comments and docs up-to-date for invoking hacking/test-module (#20940)
inside test-module, rundebug also needs to know interpreters
7 years ago
Toshio Kuratomi af2073d057 metadata 1.1
* Add network value to support_by field.
* New support_by value, certified
* Deprecate curated in favor of certified
* Add conversion from 1.0 to 1.1 to metadata-tool
* Add supported by Red Hat field to ansible-doc output
7 years ago
Sam Doran aa19563388 Improve fish environment setup (#26151)
* Add test runner to PATH

* Add Python3 support

* Updating env-setup.fish to use more portable '-exec' rather than '-delete'

* Create gen_egg_info function

Move code into a function similar to env-setup.

Silence all output when run with -q
7 years ago
Will Thames f972994662 [cloud] fix VPC behavior for ec2_group module, improve integration tests (#27038)
* Add tests for group in a VPC

* Improve ec2_group output and documentation

Update ec2_group to provide full security group information
Add RETURN documentation to match

* Fix ec2_group creation within a VPC

Ensure VPC ID gets passed when creating security group

* Add test for auto creating SG

* Fix ec2_group auto group creation

* Add backoff to describe_security_groups

Getting LimitExceeded from describe_security_groups is definitely
possible (source: me) so add backoff to increase likelihood of
success.

To ensure that all `describe_security_group` calls are backed off,
remove implicit ones that use `ec2.SecurityGroup`. From there,
the decision to remove the `ec2` boto3 resource and rely on the client
alone makes good sense.

* Tidy up auto created security group

Add resource_prefix to auto created security group and delete
it in the `always` section.
Use YAML argument form for all module parameters
7 years ago
Will Thames f3bc8b84b6 [cloud] Fix setup_iam to use policy_name, not PolicyName (#26880)
Update setup_iam.yml to work with latest iam_managed_policies
module, which correctly snakifies the results
7 years ago
Toshio Kuratomi 225fa5d092 Fix undefined variables, basestring usage, and some associated python3 issues 7 years ago
sramakr b980a5c02a Use Boto3 for ec2_group Fixes #23507 (#25340)
* Use Boto3 for ec2_group

Currently boto doesn't support ipv6. To support ipv6 in ec2_group, we need boto3.
boto3 has significant API changes, which caused more re-factoring for ec2_group module.
Added additional integration test to test_ec2_group role.

* Follow the standard for boto3 ansible

Fixed imports. Use boto3 ansible exception with camel_dict_to_snake_dict.
Refactored the call to authorize/revoke  ingress and egress.

* Removed dependancy with module ipaddress

Added new parameter called cidr_ipv6 for specifying
ipv6 addresses inline with how boto3 handles ipv6 addresses.

* Updated integration test

* Added ipv6 integration test for ec2_group

* Set purge_rules to false for integration test

* Fixed import statements

Added example for ipv6.
Removed defining HAS_BOTO3 variable and import HAS_BOTO3 from ec2.
Cleaned up import statements.

* Fixed exception handling

* Add IAM permissions for ec2_group tests

Missing AuthorizeSecurityGroupEgress necessary for latest tests

* Wrapped botocore import in try/except block

Import just botocore to be more similar to other modules
7 years ago
Matt Clay 1c1527c73f Initial version of source/testing report tool. 7 years ago
Will Thames 0ed1c3ba9c Split up testing IAM policies and automate creating them (#26223)
* Split up testing IAM policies and automate creating them

Move to managed policies to avoid the 5KB limit on policies
for an IAM entity.

The policy file is templated, so need to make sure that there
is an easy mechanism to populate the templates and push the
new policies.

* Update IAM policies for ec2_scaling_policy tests

* Fix RouteTable policies

DescribeRouteTable should be plural
ModifyRouteTable does not exist, but ReplaceRouteTableAssociation
does.

* Some IAM policies do not allow specified Resources

Various IAM policies do not allow Resources
to be specified and should just use `*`. This differs
per service

* [Autoscaling](http://docs.aws.amazon.com/autoscaling/latest/userguide/control-access-using-iam.html#policy-auto-scaling-resources)
* [EC2](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/ec2-api-permissions.html#ec2-api-unsupported-resource-permissions)
* [ECR](http://docs.aws.amazon.com/AmazonECR/latest/userguide/ecr-supported-iam-actions-resources.html)
* [ELB](http://docs.aws.amazon.com/elasticloadbalancing/latest/userguide/load-balancer-authentication-access-control.html)

* Finish fixing AWS IAM resource specifications for testing

Update Lambda and RDS policies
7 years ago
hondak db5ec11758 Replace double-quote with single-quote at example (#26667) 7 years ago
Sloane Hertel 113f92548a hacking/test-module: fix for python3 (#26194)
* make hacking/test-module compatible with python3
7 years ago
Toshio Kuratomi 3ee997b720 metadata and doc generator optimization and fixes
* Fix ansible-doc traceback when a plugin doesn't parse correctly
* Change extract_metadata ivocation to take either an ast or source
  code.  When given source code, it can find file offsets for the start
  and end of dict.  When given the ast, it is quicker as it doesn't have
  to reparse the source.  Requires changing the call to the function to
  use a keyword arg.
* Fix reading of metadata to find the last occurrence of
  ANSIBLE_METADATA instead of the first.
* Add some more unittests to get closer to complete coverage
7 years ago
Toshio Kuratomi e27c2860e7 Move metadata extraction into a library function (#26198)
* Move metadata extraction into a library function
* fix the string cases to throw NotImplementedError
* Some python3 fixes
7 years ago
Michael De La Rue 56d33a2967 Fix hacking/test-module to allow running modules with pdb (#23339)
* Fix hacking/test-module to allow running modules with pdb

* add emacs autosave files to gitignore
7 years ago
Yujun Zhang 1f3755f86b Include error message when ansiballz_setup fails (#26127)
It is quite difficult to pinpoint what is wrong without it
7 years ago
Toshio Kuratomi e238ae999b Cyptography pr 20566 rebase (#25560)
Make pyca/cryptography the preferred backend for cryptographic needs (mainly vault) falling back to pycrypto

pyca/cryptography is already implicitly a dependency in many cases
through paramiko (2.0+) as well as the new openssl_publickey module,
which requires pyOpenSSL 16.0+. Additionally, pyca/cryptography is
an optional dep for better performance with vault already.

This commit leverages cryptography's padding, constant time comparisons,
and CBC/CTR modes to reduce the amount of code ansible needs to
maintain.

* Handle wrong password given for VaultAES format

* Do not display deprecation warning for cryptography on python-2.6

* Namespace all of the pycrypto imports and always import them

  Makes unittests better and the code less likely to get stupid mistakes
  (like using HMAC from cryptogrpahy when the one from pycrypto is needed)

* Add back in atfork since we need pycrypto to reinitialize its RNG just in case we're being used with old paramiko

* contrib/inventory/gce: Remove spurious require on pycrypto

(cherry picked from commit 9e16b9db275263b3ea8d1b124966fdebfc9ab271)

* Add cryptography to ec2_win_password module requirements
  * Fix python3 bug which would pass text strings to a function which
    requires byte strings.

* Attempt to add pycrypto version to setup deps

* Change hacking README for dual pycrypto/cryptography

* update dependencies for various CI scripts

* additional CI dockerfile/script updates

* add paramiko to the windows and sanity requirement set

  This is needed because ansible lists it as a requirement. Previously
  the missing dep wasn't enforced, but cryptography imports pkg_resources
  so you can't ignore a requirement any more

* Add integration test cases for old vault and for wrong passwords

* helper script for manual testing of pycrypto/cryptography

* Skip the pycrypto tests so that users without it installed can still run the unittests

* Run unittests for vault with both cryptography and pycrypto backend
8 years ago
Brian Coca 74842adc07 1st part of ansible config, adds ansible-config to view/manage configs (#12797)
* Start of ansible config project

moved configuration definitions to external yaml file vs hardcoded
 * updated constants to be a data strcutures that are looped over and also return origin of setting
changed to manager/data scheme for base classes
new cli ansible-config to view/manage ansible configuration settings
 * prints green for default/unchanged and yellow for those that have been overriden
 * added list action to show all configurable settings and their associated ini and env var names
 * allows specifying config file to see what result would look like
 * TBD update, edit and view options

removed test for functions that have been removed

env_Vars are now list of dicts
allows for version_added and deprecation in future
added a couple of descriptions for future doc autogeneration
ensure test does not fail if delete_me exists
normalized 'path expansion'
added yaml config to setup packaging
removed unused imports
better encoding handling

updated as per feedback

* pep8
8 years ago
Abhijeet Kasurde b89cb95609 Fix spelling mistakes (comments only) (#25564)
Original Author : klemens <ka7@github.com>

Taking over previous PR as per
https://github.com/ansible/ansible/pull/23644#issuecomment-307334525

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
8 years ago
Brian Coca d03b16e88b start of 'profiling utils' 8 years ago
Martyn Ranyard 014f33655c Allows for testing binary modules (#24857) 8 years ago
Michael De La Rue e9e661ebbb aws integration tests - provide an IAM policy for running (#24725)
* aws integration tests - provide an IAM policy that can be used for running them

* move documentation of aws policies into main integration testing documentation + some updates there

* Update testing_integration.rst

Edits
8 years ago
Dag Wieers 9a5a61bdca hacking/: PEP8 compliancy (#24683)
- Make PEP8 compliant
8 years ago
Matt Martz 8e523089ef Speed up env-setup (#24133) 8 years ago
Brian Coca 424e1946f4 moved docs generation and templates to docs/ 8 years ago
Brian Coca 7839f70e36 Enable documentation in plugins
Made ansible-doc more plugin agnostic
We can have docs in lookup, callback, connectionm strategy, etc
Use first docstring and make pepizis happy
generalized module_docs to plugin_docs
documented cartesian, ssh, default, jsonfile, etc as examples
changed lack of docs to warning when listing
made smarter about bad docstrings
better blacklisting
added handling of options/config/envs/etc
move blacklist to find_plugins, only need once
8 years ago
Brian Coca 18cbc3b16b minor doc gen fixes 8 years ago
Brian Coca b606bcec04 Doc directives (#22524)
* draft docs for directives

* updated to document directives
8 years ago
Toshio Kuratomi eb1214baad New metadata 1.0 (#22587)
Changes to the metadata format were approved here:
https://github.com/ansible/proposals/issues/54
* Update documentation to the new metadata format
* Changes to metadata-tool to account for new metadata
  * Add GPL license header
  * Add upgrade subcommand to upgrade metadata version
  * Change default metadata to the new format
  * Fix exclusion of non-modules from the metadata report
* Fix ansible-doc for new module metadata
* Exclude metadata version from ansible-doc output
* Fix website docs generation for the new metadata
* Update metadata schema in valiate-modules test
* Update the metadata in all modules to the new version
8 years ago
John R Barker 04e816e13b Stricter module documentation validation (#22353)
Raise the bar for module `DOCUMENTAION`
This validator update was used to find the issues in https://github.com/ansible/ansible/pull/22297/files

**Validation**
* Updated Validation and docs to enforce more (items fixed in https://github.com/ansible/ansible/pull/22297/files)
* Use `suboptions` to document complex options 
* Validate module name
* Validate deprecated modules have correct ANSIBLE_METADATA

**Module Documentation Generation**
* Document `suboptions:` Example https://gist.github.com/gundalow/4bdc3669d696268328ccc18528cc6718
* Tidy up HTML generation (valid HTML, no empty lists, etc)
 
**Documentation**
* Clarify the steps for deprecating a module
* Use correct RST headings
* Document `suboptions:` (options)
* Document `contains:` (returns)


**Details**
The aim is to get this (and corresponding module updates) complete by the time `devel` becomes `2.4`, as this allows us to raise the bar for new modules

Example `suboptions` https://gist.github.com/gundalow/4bdc3669d696268328ccc18528cc6718

The aim is to get this PR integrated into `devel` *before* we branch `stable-2.3`, this will allows us to:
* Raise the bar for new modules in 2.4
* Ensure the generated module documentation for 2.3 and higher is improved, important as we will be doing versioned docs moving forward.
8 years ago
Matt Clay 48e82b4ca8 Add `test/runner` to $PATH in `hacking/env-setup`. (#22387) 8 years ago
Brian Coca b714f1fc4b made module notes render nicer on docsite 8 years ago
Matt Martz 5942de603d Legacy pep8 clean fixes for contrib and hacking (#21081) 8 years ago
Allan ba39d1158c Update test-module (#20737)
* Update test-module

Ensuring invoke is assigned

Traceback (most recent call last):
  File "ansible/hacking/test-module", line 267, in <module>
    main()
  File "ansible/hacking/test-module", line 263, in main
    runtest(modfile, argspath, modname, module_style, interpreters)
  File "ansible/hacking/test-module", line 207, in runtest
    invoke = "%s%s" % (invoke, modfile)
UnboundLocalError: local variable 'invoke' referenced before assignment

* Update test-module

Made the change to only require a single if, making the function more 'DRY'.
8 years ago
Matt Clay 10d9318de7 PEP 8 indent cleanup. (#20800)
* PEP 8 E121 cleanup.

* PEP 8 E126 cleanup.

* PEP 8 E122 cleanup.
8 years ago
Matt Clay d0d1158c5e PEP 8 cleanup. (#20789)
* PEP 8 E703 cleanup.
* PEP 8 E701 cleanup.
* PEP 8 E711 cleanup.
* PEP 8 W191 and E101 cleanup.
8 years ago
Matt Clay 95789f3949 PEP 8 whitespace cleanup. (#20783)
* PEP 8 E271 whitespace cleanup.
* PEP 8 W293 whitespace cleanup.
* Fix whitespace issue from recent PR.
8 years ago
Matt Clay 63b1e0c277 Fix infrequent PEP 8 issues. 8 years ago
Brian Coca bcdfdc0cc3 minor cleanups
removed redundant print/exits
removed unused import and var
8 years ago
Adam Johnson fbfe66967d Doc module meta grammar fixes (#20446)
* Remove unnecessary 'the'
* End sentences with a period
8 years ago
Will Thames 082082857d Use the python used with test-module to run modules (#19591)
* Use ansible_python_interpreter to run modules

Use ansible_python_interpreter to run modules if
`-I ansible_python_interpreter` is set.

Remove unused default from `-I` help text.

* Update test-module to pep8 standards
8 years ago
Matt Clay cd3fdca540 Switch tests to pytest and ansible-test.
- Replace nose usage with pytest.
- Remove legacy Shippable integration.sh.
- Update Makefile to use pytest and ansible-test.
- Convert most yield unit tests to pytest parametrize.
8 years ago
Brian Coca 3c4afd0470 Doc module meta (#20093)
* updated module docs to reflect unification/meta

* new doc page

* also remove module refs to old core/extra

* Update modules_support.rst

Light edit.
8 years ago
Brian Coca d138132bc2 show status/support in toc 8 years ago
Toshio Kuratomi 08d6990e67 Fix code-blocks to use correct syntax highlighting 8 years ago
Brian Coca f5c1aefca9 added symbol conversion to deprecated
fixes #19697
8 years ago