Commit Graph

77 Commits (231726d38b2736d74286077c50ca4b4ee43c17a9)

Author SHA1 Message Date
Matthew Davis 4ee9f40e62 Add aws_acm module (#60552)
* convert aws_acm_facts to AnsibleAWSModule

* factor aws_acm_facts into module_utils

* add more filtering options for aws_acm_info

* add aws_acm module and tests

* uncomment aws_acm test

* fix linting for aws_acm

* fix __future__ linting for aws_acm

* fix linting for aws_acm

* fix linting for aws_acm

* fix linting for aws_acm

* fix linting for aws_acm

* fix aws_acm_info arg type

* remove test for old module name aws_acm_facts

* simplify AWS ACM client creation

* fix indent typo in aws_acm test

* catch BotoCoreError in aws_acm

* fix indent typo in aws_acm test

* tighten AWS ACM test policy resource

* move aws acm int test to venv

* remove errant file

* fix AWS ACM int test perms

* undo copyright addition to wrong file

* fix invalid log message in aws_acm

Co-Authored-By: Jill R <4121322+jillr@users.noreply.github.com>

* rephrase aws_acm_info doc from facts to information

Co-Authored-By: Jill R <4121322+jillr@users.noreply.github.com>

* rename aws_facts var to aws_info

* remove case insensitivity for aws_acm pem compare

* add no_log for aws_acm credential setting

* add per-test prefix to aws_acm test resource names

* make aws_acm use crypto module_util

* clarify copyright for aws_acm

* make aws_acm int test clearer

* add explicit crypto dependency to aws_acm

* change requests for aws_acm pr

* fix wrong copyright owner aws_acm test

* fix wrong copyright owner aws_acm test

* rewrite aws_acm cert chain compare with regex, no dependency

* fix linting for aws_acm unit test

* fix linting for aws_acm unit test

* fix linting and duplicate ignore

* fix failed cert chain split in aws_acm, add more tests

* remove errant file

* more linting fixes for aws_acm

* fix sanity ignore

* rewrite cert compare in aws_acm to use base64 decode

* improve regex for pem cert chain split in aws_acm

* undo changes to crypto module util for aws_acm

* increment ansible version for new aws_acm module

* convert aws_acm return(x) to return x

* increment version added for aws_acm_info new features

* fix linting

* fix bugs with AWS ACM

* fix bad rebase

* disable AWS ACM integration test, due to AWS account limit issue

* remove aws acm integration test from shippable group
5 years ago
Mark Chappell 4e8bb334a9 Sanity test fixups: AWS VPC related modules (#64089)
* Add missing boilerplate

* Avoid blocklisted variable name '_'

* doc fixups

* Remove defaults for required parameters

* Remove explicit definition of 'region' from argument spec
it's automatically added by ec2_argument_spec and redefining removes the aliases

* remove sanity ignore entries for AWS VPC related modules

* Suggested Review changes
5 years ago
Mark Chappell e6607d611a Sanity test fixups - AWS related tests (#64093)
* AWS tests Sanity Test fixups (add boilerplate)

* Remove sanity ignore.txt entries
5 years ago
Mark Chappell 1f38a12057 Fix behaviour of module_utils/ec2 compare_policies when dealing with bare bools and ints. (#61115)
* module_utils/ec2: (unit tests) Move unit tests for module_utils/ec2.py into test/units/module_utils

- compare_policies was refactored from s3_bucket
- "ec2_utils" doesn't seem to have ever existed

* module_utils/ec2: (unit tests) Add unit test for comparing quoted and unquoted bools and numbers within policies

As per https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_grammar.html

"Values are enclosed in quotation marks. Quotation marks are optional for numeric
and Boolean values."

* module_utils/ec2: Explicitly convert bools and ints to strings when comparing policies

See also: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_grammar.html
5 years ago
Chris Archibald 799b0fac52 New module: cvs snapshots for aws (#61023)
* New module: cvs snapshots for aws

* fixeS
5 years ago
Chris Archibald 53b2a261de new module: Cloud Volumes for AWS, active Directory (#61342)
* new module

* fixes

* update
5 years ago
Chris Archibald 9f006dd8c7 new module netapp csv pools for aws (#61340)
* new module cvs pools

* fixes

* updates

* fixes

* fixes

* fixes
5 years ago
Chris Archibald 4879cf8fff new module: Cloud Volume for AWS FileSystems (#61343)
* new module"

* fixes

* updates
5 years ago
Matt Martz c81a1057e1
Speed up a few more tests by mocking time.sleep (#61186) 5 years ago
Andrey Klychkov 21863d48f3 unit tests: remove unused imports (#60462) 5 years ago
Jill R 4308b87d72 Don't truncate cidr_ipv6 addresses in ec2_group.py (#59106)
* Better cidr_ipv6 validation in ec2_group.py

* Improve warning/error handling, add changelog

* Update unit test for ipv6 validation

* Fix logic that was causing non /128 cidrs with host bits to not be handled
5 years ago
Andrey Klychkov 64e3cb0fa8 Unit tests: remove unused imports (#59812)
* Unit tests: remove unused imports

* Unit tests: remove unused imports, fix
5 years ago
Andrey Klychkov 32de51adac Unit tests: remove unused imports (#59740) 5 years ago
Toshio Kuratomi 87601969a3 Correct places where match was intended
pytest.raises has two parameters, message and match.  message is meant
to be the error message that pytest gives when the tested code does not
raise the expected exception.  match is the string that pytest expects
to be a match for the repr of the exception.  Unfortunately, it seems
that message is often mistakenly used where match is meant.  Fix those
cases.

message is also deprecated so removed our usage of it.  Perhaps we
should write a sanity test later that prevents the use of
pytest.raises(message) to avoid this mistake.

seealso: https://docs.pytest.org/en/4.6-maintenance/deprecations.html#message-parameter-of-pytest-raises

Also update the exception message tested for as we're now properly
detecting that the messages have changed.
5 years ago
Aljaž Košir 42073b6331 Add lambda_bucket_event module (#58059) 5 years ago
Yury V. Zaytsev d88d71e4b1 route53_zone: return existing zone id in check mode (#56702)
* Returns zone ID for existing zone or `null`
* route53_zone: add module unit tests
* route53_zone: add compatibility with Python 2.6 to the unit tests
* route53_zone: address pycodestyle warning (add blank line)
6 years ago
Nathan Dines 5eb3117822 Added the OnFailure option to the AWS CloudFormation module (#52431)
* Added the OnFailure option to the AWS CloudFormation module

* Added unit tests for CloudFormation `on_create_failure`
6 years ago
dgadmin 8de00e3e1c To ipv6 network (#48572)
* Add to_ipv6_subnet function

* Use the correct function for subnet

* Corrected code style and tests

* Corrected testcase assertion

64 bits make 8 octets, or 4 hextets

* Import from correct module directly
6 years ago
Abhijeet Kasurde 3fa39ac818 ec2_vpc_vpn: Add delay and wait_timeout parameter (#53940)
* ec2_vpc_vpn: Add delay and wait_timeout parameter

Fixes: #53481

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>

* Fix unit tests

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
6 years ago
John Kerkstra 672acbea68 Adds `redshift_cross_region_snapshots` module (#35527)
* add redshift_cross_region_snapshots module, unit tests.

* fix errors

* use ec2_argument_spec as the basis for the argument spec. fixed
metadata_version

* follow best practices by naming example tasks.

* code review changes

* fix linting errors

* Update version added
6 years ago
Matt Clay 8f072ea0f5 Fix sanity test failure. 6 years ago
Brian Coca 581b6aed2e really skip if no boto3
makes no sense to check/skip after you already fail to import
6 years ago
Matt Clay 37b013aca3
Enable additional pylint rules and resolve issues found. (#47221)
* Resolve unneeded-not.
* Resolve global-at-module-level.
* Resolve useless-import-alias.
* Resolve bad-whitespace.
* Resolve global-variable-not-assigned.
* Resolve logging-not-lazy.
* Resolve comparison-with-itself.
6 years ago
Aaron 9c08ff7a94 [aws] New module: iam_password_policy (#36200)
* Adding iam_password_policy module

* fixing various issues -- error handling, bugs

* fixing various issues based on tests

* renaming dummy var

* fixing type reference in documentation

* adding int tests and other updates

* removing typo

* fixing auth for int tests

* removing int tests for now

* readding integration tests w/ unsupported designation

* removing conflicting group

* Update aliases

* Fix unused variable
6 years ago
Matt Clay 3033fd96b0
Move unit test compat code out of `lib/ansible/`. (#46996)
* Move ansible.compat.tests to test/units/compat/.
* Fix unit test references to ansible.compat.tests.
* Move builtins compat to separate file.
* Fix classification of test/units/compat/ dir.
6 years ago
Matt Clay 04ddadd89b Move module tests using TQM to integration tests. 6 years ago
Sloane Hertel 2167ce6cb6
Remove placeboify from unit tests that are not calling AWS (i.e. creating a recording) (#45754) 6 years ago
Toshio Kuratomi 52449cc01a AnsiballZ improvements
Now that we don't need to worry about python-2.4 and 2.5, we can make
some improvements to the way AnsiballZ handles modules.

* Change AnsiballZ wrapper to use import to invoke the module
  We need the module to think of itself as a script because it could be
  coded as:

      main()

  or as:

      if __name__ == '__main__':
          main()

  Or even as:

      if __name__ == '__main__':
          random_function_name()

  A script will invoke all of those.  Prior to this change, we invoked
  a second Python interpreter on the module so that it really was
  a script.  However, this means that we have to run python twice (once
  for the AnsiballZ wrapper and once for the module).  This change makes
  the module think that it is a script (because __name__ in the module ==
  '__main__') but it's actually being invoked by us importing the module
  code.

  There's three ways we've come up to do this.
  * The most elegant is to use zipimporter and tell the import mechanism
    that the module being loaded is __main__:
    * 5959f11c9d/lib/ansible/executor/module_common.py (L175)
    * zipimporter is nice because we do not have to extract the module from
      the zip file and save it to the disk when we do that.  The import
      machinery does it all for us.
    * The drawback is that modules do not have a __file__ which points
      to a real file when they do this.  Modules could be using __file__
      to for a variety of reasons, most of those probably have
      replacements (the most common one is to find a writable directory
      for temporary files.  AnsibleModule.tmpdir should be used instead)
      We can monkeypatch __file__ in fom AnsibleModule initialization
      but that's kind of gross.  There's no way I can see to do this
      from the wrapper.

  * Next, there's imp.load_module():
    * https://github.com/abadger/ansible/blob/340edf7489/lib/ansible/executor/module_common.py#L151
    * imp has the nice property of allowing us to set __name__ to
      __main__ without changing the name of the file itself
    * We also don't have to do anything special to set __file__ for
      backwards compatibility (although the reason for that is the
      drawback):
    * Its drawback is that it requires the file to exist on disk so we
      have to explicitly extract it from the zipfile and save it to
      a temporary file

  * The last choice is to use exec to execute the module:
    * https://github.com/abadger/ansible/blob/f47a4ccc76/lib/ansible/executor/module_common.py#L175
    * The code we would have to maintain for this looks pretty clean.
      In the wrapper we create a ModuleType, set __file__ on it, read
      the module's contents in from the zip file and then exec it.
    * Drawbacks: We still have to explicitly extract the file's contents
      from the zip archive instead of letting python's import mechanism
      handle it.
    * Exec also has hidden performance issues and breaks certain
      assumptions that modules could be making about their own code:
      http://lucumr.pocoo.org/2011/2/1/exec-in-python/

  Our plan is to use imp.load_module() for now, deprecate the use of
  __file__ in modules, and switch to zipimport once the deprecation
  period for __file__ is over (without monkeypatching a fake __file__ in
  via AnsibleModule).

* Rename the name of the AnsiBallZ wrapped module
  This makes it obvious that the wrapped module isn't the module file that
  we distribute.  It's part of trying to mitigate the fact that the module
  is now named __main)).py in tracebacks.

* Shield all wrapper symbols inside of a function
  With the new import code, all symbols in the wrapper become visible in
  the module.  To mitigate the chance of collisions, move most symbols
  into a toplevel function.  The only symbols left in the global namespace
  are now _ANSIBALLZ_WRAPPER and _ansiballz_main.

revised porting guide entry

Integrate code coverage collection into AnsiballZ.

ci_coverage
ci_complete
6 years ago
Sloane Hertel 1fdd84b88c Rename AWS unit tests that are not running when changing the module (#42712)
now can use `ansible-test units module_name` for the aws_s3 and aws_api_gateway modules

changes to modules/cloud/amazon/aws_api_gateway and modules/cloud/amazon/aws_s3 are not triggering the unit tests; also fix aws_s3 from importing non-exist module and skipping tests

changes to module_utils/aws/core.py are only being unit tested on modules that import from the file (if they have a corresponding test) or tests that import from the file themselves.
6 years ago
Ryan Brown 45f5964fed Fix patching of wrong boto3_conn in API Gateway tests (#42700) 6 years ago
Dennis Benkert 28d0a173db [aws] add limit on number of CloudFormation stack events fetched by cloudformation module (#41840)
* Add a module parameter to configure the max fetched AWS CFN stack events
* Add version documentation for new configuration option
* Increase default in order to make sure that enough are fetched by default. This align roughly with the limit of manageable resources in CloudFormation.
6 years ago
Ryan Brown 858a1b09bb EC2_group module refactor (formerly pr/37255) (#38678)
* Refactor ec2_group

Replace nested for loops with list comprehensions

Purge rules before adding new ones in case sg has maximum permitted rules

* Add check mode tests for ec2_group

* add tests

* Remove dead code

* Fix integration test assertions for old boto versions

* Add waiter for security group that is autocreated

* Add support for in-account group rules

* Add common util to get AWS account ID

Fixes #31383

* Fix protocol number and add separate tests for egress rule handling

* Return egress rule treatment to be backwards compatible

* Remove functions that were obsoleted by `Rule` namedtuple

* IP tests

* Move description updates to a function

* Fix string formatting missing index

* Add tests for auto-creation of the same group in quick succession

* Resolve use of brand-new group in a rule without a description

* Clean up duplicated get-security-group function

* Add reverse cleanup in case of dependency issues

* Add crossaccount ELB group support

* Deal with non-STS calls to account API

* Add filtering of owner IDs that match the current account
7 years ago
Rob b5cffe8ced [aws] Create classes for Application Load Balancer (#33769)
* Create classes for Application Load Balancer
* Add unsupported CI alias
* Add AWSRetry
* Add integration tests using the ALB
7 years ago
Sloane Hertel 923f676836
[ec2_vpc_vgw] [ec2_vpc_vpn] stabilize modules for PR 35983 (#38666)
* Stabilize ec2_vpc_vgw and ec2_vpc_vpn so tests for ec2_vpc_vpn_facts in PR 35983 can be run in CI

* Add updated placebo recordings

* ensure find_vgw uses the virtual gateway id if available

Add AWSRetry.jittered_backoff to attach_vpn_gateway to deal with errors when attaching a new VPC directly after detaching

Add integrations tests for ec2_vpc_vgw

* Sort VPN Gateways by ID
7 years ago
Sloane Hertel f53f29352d Move AWS placebo fixtures into test/units/utils so module_utils tests can use them (#37300) 7 years ago
clarkst e4f294822f [cloud] kinesis stream server side encryption - fixes #30269 (#30689)
* Moved the encryption to its own action method.

* removed silly default value for encryption type.

* Code formatting issues from pull request ANSIBOT.

* changed version_added to  "2.5"
because of new new options available

* changed version_added to  "2.5"
because of new new options available

* changed version_added to  "2.5"
because of new new options available
7 years ago
Matt Clay 30093dc4ed
Add Python 3.7 to CI unit test matrix. (#34680)
* Add Python 3.7 to CI unit test matrix.
* Fix `os.errno` reference to be `errno`.
* Update test_aci unit test for Python 3.7.
7 years ago
Kaz Cheng 60b5c6890a [cloud] Add template_body parameter to cloudformation module to allow lookups (#33485) 7 years ago
Ryan S. Brown 5087ce9273 Remove botocore from top-level execution in lambda_policy tests
Even though the tests are skipped, the `ClientError` uses outside the
test cause a failure even though the tests never run
7 years ago
Toshio Kuratomi e499bccbaa
Port some tests away from nose as examples (#33437)
We don't need to use both nose and pytest.  Once we get rid of all uses
of nose we can remove the extra dependency
7 years ago
Pilou a5c9726502 Unit tests: share common code (#31456)
* move set_module_args to units.modules.utils
* unit tests: reuse set_module_args
* unit tests: mock exit/fail_json in module.utils.ModuleTestCase
* unit tests: use module.utils.ModuleTestCase
* unit tests: fix 'import shadowed by loop variable'
7 years ago
Jonathan Nuñez 67b1d0f274 CloudFormation module: get StackEvents when ClientRequestToken is not used (#32434)
* When getting the stack events we need to consider the case where we don't have ClientRequestToken fixes #32396

* Adding tests for the case when the ClientRequestToken is not present in the stack creation.

* Renaming the stack that the test for Client Request Token requires so it won't cause collisions with the basic test.
7 years ago
Ryan Brown 11c225e039 Start using ClientRequestTokens in event lists (#31997)
* Start using ClientRequestTokens in event lists

* Include request token in all reqs that support it (basically all but check mode/changeset)

* Update placebo recordings

* Add comments for CRQ popping
7 years ago
Matt Clay 68aeaa58a8 Fix dangerous default args. (#29839) 7 years ago
jacky.chen 75998d3ca3 [cloud] Add the ability to modify shard count to kinesis_stream module (#24805)
* Add the ability to modify shard count to kinesis_stream module

* Fixed an issue in kinesis_stream where update() reports not changed when it is changed

* Remove unreachable message and make the try and catch block shorter
7 years ago
Brian Coca aec1dfd1fa fix improt order to actually skip when no boto 7 years ago
Michael De La Rue fbec5ab12d [cloud] new module lambda_policy (PR #24951)
- Fixes to lambda
- reformatting + tests for lambda_facts
- lambda module integration test
- switch lambda and lambda_facts to AnsibleAwsModule
- Get the account ID from STS, GetUser, and finally error message
7 years ago
Sloane Hertel cf1a9d4d22 New module: Add ec2 Vpn Connection module and tests (cloud/amazon/ec2_vpc_vpn) (#24385)
* Add VPN module and unittests

* remove unnecessary imports

* fix documentation

* raise custom exception rather than passing module everywhere

* remove recordings

Rerecord tests

Fix docs

Ensure vpn_connection_id is a list of strings when checking if it exists

* fix check mode

* Rerecord tests

* remove superfluous code and comments and make exception handling uniform

fix docs

* Fix ec2_vpc_vpn documentation

* make ec2_vpc_vpn compatible with python 2.6 and make check mode logic more succinct

* fix comparison of list of dicts

* Fix typos and docstrings

make requested changes for imports

make code clearer

* Fix copyright and metadata version.
7 years ago
Brian Coca 725d4d4bc8 added diff as new keyword (#28581)
added diff to fake options in ec2_vpc_nat_gateway test
7 years ago
Michael Tinning 282e743eb0 elb_application_lb: fix issue with boto parameter validation on Rules (#27333) 7 years ago