Commit Graph

245 Commits (d7fd4d055009f2e2bc247265050b936d199f37bd)

Author SHA1 Message Date
Juan Antonio Osorio 9f081ca04f identity: Add GSSAPI suport for FreeIPA authentication (#52031)
* identity: Add GSSAPI suport for FreeIPA authentication

This enables the usage of GSSAPI for authentication, instead of having
to pass the username and password as part of the playbook run.

If there is GSSAPI support, this makes the password optional, and will
be able to use the KRB5_CLIENT_KTNAME or the KRB5CCNAME environment
variables; which are standard when using kerberos authentication.

Note that this depends on the urllib_gssapi library, and will only
enable this if that library is available.

* identity: Add documentation for GSSAPI authentication for FreeIPA

This documentation describes how to use GSSAPI authentication with the
IPA identity modules.

* identity: Add changelog for GSSAPI support for IPA

This adds the changelog entry for the GSSAPI authentication feature for
the IPA identity module.
6 years ago
Matt Clay 467d2ebecd Fix unit tests on Python 3.8. 6 years ago
Felix Fontein 0c2bb3da04 docker modules: various adjustments (#51700)
* Move docker_ module_utils into subpackage.

* Remove docker_ prefix from module_utils.docker modules.

* Adding jurisdiction for module_utils/docker to $team_docker.

* Making docker* unit tests community supported.

* Linting.

* Python < 2.6 is not supported.

* Refactoring docker-py version comments. Moving them to doc fragments. Cleaning up some indentations.
6 years ago
Jordan Borean a39c4ad464
Final round of moving modules to new import error msg (#51852)
* Final round of moving modules to new import error msg

* readd URL to jenkins install guide

* fix unit tests
6 years ago
Bojan Vitnik 64084d593e Initial commit for xenserver module_util unit tests (#50850) 6 years ago
mrmagooey 8eff4cae10 VMware: vmware_guest - allow existing vmdk files to be attached to guest (#45953) 6 years ago
Anatoly Pugachev fe8412128b facts: solaris: introduce distribution_major version detection for Solaris (#43978)
* facts: solaris: introduce distribution_major version detection for Solaris

Currently, there's no distribution_major in facts module on Solaris OS.
Use "uname -r" output to report major version.

Before the patch we get this on Solaris 11.3 :

$ ansible -o solaris11 -m setup -a filter=ansible_distribution_major_version
solaris11 | SUCCESS => {"ansible_facts": {}, "changed": false}

and after this patch, output is the following:

$ ansible -o solaris11 -m setup -a filter=ansible_distribution_major_version
solaris11 | SUCCESS => {"ansible_facts": {"ansible_distribution_major_version": "11"}, "changed": false}

Tested with Solaris 11.3 and Solaris 10 (both are x86_64 VMs)

Includes patch for test/units.

Fixes #18197

* Try to fix test unit

* should work now...

* fixes for W291 (trailing whitespace) and E265 (block comment)

* mock uname_release for solaris 10 and solaris 11

* facts: solaris: introduce distribution_major version detection for Solaris

Currently, there's no distribution_major in facts module on Solaris OS.
Use "uname -r" output to report major version.

Before the patch we get this on Solaris 11.3 :

$ ansible -o solaris11 -m setup -a filter=ansible_distribution_major_version
solaris11 | SUCCESS => {"ansible_facts": {}, "changed": false}

and after this patch, output is the following:

$ ansible -o solaris11 -m setup -a filter=ansible_distribution_major_version
solaris11 | SUCCESS => {"ansible_facts": {"ansible_distribution_major_version": "11"}, "changed": false}

Tested with Solaris 11.3 and Solaris 10 (both are x86_64 VMs)

Includes patch for test/units.

Fixes #18197

* Try to fix test unit

* should work now...

* fixes for W291 (trailing whitespace) and E265 (block comment)

* mock uname_release for solaris 10 and solaris 11

* typo uname_v -> uname_r

* rebase

* fix pep8 E302: 2 blank lines

* remove int() cast to match test case

* use single function for uname_r and uname_v

* add solaris 11.4 OS to distribution test unit

* fix pep8 sanity - E231 missing whitespace

* distribution_major_version variable strip newline

* mocker test function for mock_get_uname with parameters instead of two different functions

* failed to make one fuction with test unit, revert to use 2 different functions

* try to use single get_uname function

* fix pep8: E703
6 years ago
Brian Coca 42c35a2e01
parallelize getting mount info (#49398)
* parallelize getting mount info

* fixed timeout and made 8 max thread count

  - minor cleanup
  - avoid empty mount entries
  - set timeout on get
  - enforce timeout per mount/thread
  - make note on failure per mount
  - make note on timeout per mount
  - ensure proper pool control
  - minor fixes
  - less vars, simpler code
  - move filter 'pre threading'
  - remove timeout for all mounts, now per mount
  -  also use cpu count from multiprocessing lib
  -  moved 'bind' options out of thread as per comments
  - warn on error, more info on failure to get info
6 years ago
Johannes Brunswicker c6d404cbe9 Add optional headers to utm modules (#49856)
* removed info declaration from documentation fragment as this is not implemented
* added optional headers for POST and PUT requests
* updated documentation
* added missing headers field decalaration
* removed info choice from state field
* added tests for the new utm_utils function
* fixed class invocation
* added missing required params
* fixed the pytests
6 years ago
Roberto Polli caa0c9d4cc Fixes #25725: strip quotes from lsb_release and distribution description. (#31143) 6 years ago
vpiserchia 774a667591 Add Devuan Support for ascii release - resolve 49615 (#49616)
* Add Devuan Support for ascii release - resolve 49615

* Devuan Ascii does not have the VERSION_ID in the /etc/os-release file, we need to set NA
6 years ago
Toshio Kuratomi c18da65089 Add a CLIArgs Singleton class that will hold the parse cli arguments 6 years ago
Toshio Kuratomi 5844c8c7f0 Cleanups to the common.sys_info API
* Move get_all_subclasses out of sys_info as it is unrelated to system
  information.
* get_all_subclasses now returns a set() instead of a list.
* Don't port get_platform to sys_info as it is deprecated.  Code using
  the common API should just use platform.system() directly.
* Rename load_platform_subclass() to get_platform_subclass and do not
  instantiate the rturned class.
* Test the compat shims in module_utils/basic.py separately from the new
  API in module_utils/common/sys_info.py and module_utils/common/_utils.py
6 years ago
Joseph Benden d810acf7a5 Add support for Kali Linux detection. (#50331)
Signed-off-by: Joseph Benden <joe@benden.us>
6 years ago
Toshio Kuratomi bd072fe83a
Make the timeout decorator raise an exception out of the function's scope (#49921)
* Revert "allow caller to deal with timeout (#49449)"

This reverts commit 63279823a7.

Flawed on many levels

* Adds poor API to a public function
* Papers over the fact that the public function is doing something bad
  by catching exceptions it cannot handle in the first place
* Papers over the real cause of the issue which is a bug in the timeout
  decorator
* Doesn't reraise properly
* Catches the wrong exception

Fixes #49824
Fixes #49817

* Make the timeout decorator properly raise an exception outside of the function's scope

signal handlers which raise exceptions will never work well because the
exception can be raised anywhere in the called code.  This leads to
exception race conditions where the exceptions could end up being
hanlded by unintended pieces of the called code.

The timeout decorator was using just that idiom.  It was especially bad
because the decorator syntactically occurs outside of the called code
but because of the signal handler, the exception was being raised inside
of the called code.

This change uses a thread instead of a signal to manage the timeout in
parallel to the execution of the decorated function.  Since raising of
the exception happens inside of the decorator, now, instead of inside of
a signal handler, the timeout exception is raised from outside of the
called code as expected which makes reasoning about where exceptions are
to be expected intuitive again.

Fixes #43884

* Add a common case test.

Adding an integration test driven from our unittests.  Most of the time
we'll timeout in run_command which is running things in a subprocess.
Create a test for that specific case in case anything funky comes up
between threading and execve.

* Don't use OSError-based TimeoutError as a base class

Unlike most standard exceptions, OSError has a specific parameter list
with specific meanings.  Instead follow the example of other stdlib
functions, concurrent.futures and multiprocessing and define a separate
TimeoutException.

* Add comment and docstring to point out that this is not hte Python3 TimeoutError
6 years ago
Toshio Kuratomi 61b1daa65f Port from plaform.dist to ansible.module_utils.distro.linux_distribution
ci_complete
6 years ago
Adrian Likins e872811b8d WIP: add tests to compare to platform.*dist
Can be removed once everything is ported.
6 years ago
Adrian Likins 5e1f8a48f3 Bundle a copy of github.com/nir0s/distro/distro.py
Since the 'platform.dist()' and 'platform.linux_distribution()'
methods will be removed from future versions of python, this
provides an alternative to replace ansibles use of those
methods.

lib/ansible/module_utils/distro.py is a copy of
https://github.com/nir0s/distro/blob/master/distro.py

This module is originally from https://github.com/nir0s/distro
and is license under the Apache License, Version 2.0.
6 years ago
Toshio Kuratomi 3fba006207 Update bare exceptions to specify Exception.
This will keep us from accidentally catching program-exiting exceptions
like KeyboardInterupt and SystemExit.
6 years ago
Josue David Hernandez 9202ef60b0 set ansible_os_family from name variable in os-release for clearlinux OS (#49639)
* set ansible_os_family from name variable in os-release for clearlinux system

Signed-off-by: Josue David Hernandez Gutierrez <josue.d.hernandez.gutierrez@intel.com>

* Add os_family for clear linux and clear linux mixes

Signed-off-by: Josue David Hernandez Gutierrez <josue.d.hernandez.gutierrez@intel.com>
6 years ago
Andreas Calminder 876b637208 move some of basic into common (#48078)
* move file functions into common.file

* move *_PERM_BITS and mark as private (_*_PERM_BITS)

* move get_{platform, distribution, distribution_version} get_all_subclasses and load_platform_subclass into common.sys_info

* forgot get_distribution_version, properly rename get_all_subclasses

* add common/sys_info.py to recursive finder test

* update module paths in test_platform_distribution.py

* update docstrings, _get_all_subclasses -> get_all_subclasses

* forgot to update names

* remove trailing whitespace
6 years ago
Josue David Hernandez 6d42c5020a Fix for changes in clearlinux (#49344)
* Fix for changes in clearlinux

clearlinux is now providing /etc/os-release file and ansible is identifying as NA
then this change allow ansible to find it

Signed-off-by: Josue David Hernandez Gutierrez <josue.d.hernandez.gutierrez@intel.com>

* Add changelog fragment for clearlinux changes

Signed-off-by: Josue David Hernandez Gutierrez <josue.d.hernandez.gutierrez@intel.com>
6 years ago
Abhijeet Kasurde 1b04571ea0
VMware: Fix module usages in module_utils (#49421)
* VMware: Fix module usages in module_utils
* Skip test for Python 2.6 as SSL context is not available in Python 2.6

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
6 years ago
Felix Fontein 3726d467ec Code style adjustment. (#49329) 6 years ago
Felix Fontein 1e0ab16247 Add basic unit tests for module_utils/acme.py. (#49103) 6 years ago
Toshio Kuratomi 61e5d04a60 Replace nose with pytest 6 years ago
Anton Nikulin 9770ac70f9 FTD modules: upsert functionality and bug fixes (#47747)
* FTD modules: bug fixes and upsert functionality

* Fix sanity checks

* Fix unit tests for Python 2.6

* Log status code for login/logout

* Use string formatting in logging
6 years ago
Matt Clay feb5b0b299 Fix unit test issues with pytest >= 4.0.0. 6 years ago
Lars b6b238ae43 facts: suse: fix SLES4SAP12 detection (#44388) 6 years ago
Felix Fontein 73533d3fc2 docker_* modules: simplify idempotency comparisons (#47709)
* More generic comparison code from docker_container to docker_common.

* More flexibility if a is None and method is allow_to_present.

Note that this odes not affect docker_container, as there a is never None.

* Update docker_secret and docker_config: simplify labels comparison.

* Added unit tests.

* Use proper subsequence test for allow_more_present for lists.

Note that this does not affect existing code in docker_container, since lists
don't use allow_more_present. Using allow_more_present will only be possible
in Ansible 2.8.

* pep8
6 years ago
Matt Clay 37b013aca3
Enable additional pylint rules and resolve issues found. (#47221)
* Resolve unneeded-not.
* Resolve global-at-module-level.
* Resolve useless-import-alias.
* Resolve bad-whitespace.
* Resolve global-variable-not-assigned.
* Resolve logging-not-lazy.
* Resolve comparison-with-itself.
6 years ago
Matt Clay 3033fd96b0
Move unit test compat code out of `lib/ansible/`. (#46996)
* Move ansible.compat.tests to test/units/compat/.
* Fix unit test references to ansible.compat.tests.
* Move builtins compat to separate file.
* Fix classification of test/units/compat/ dir.
6 years ago
Matt Clay a11f631ee4 Python 3.8 collections compatibility fixes.
Includes a new pylint blacklist plugin to prevent regressions.
6 years ago
Matt Clay 1a28898a00 Fix parametrize warning in unit tests. 6 years ago
Sloane Hertel 27534e9b47 Move network utils that are used by AWS modules (#45579)
* Separate networking tools that may be used by modules outside of networking so changes to networking-only utilities don't trigger AWS integration tests

* Add unit tests for moved network utils

* Add comment to prevent imports from being mistakenly removed

* Move to_bits as well
6 years ago
Felix Fontein bc69aeca7f Fixing HTTPError case of fetch_url for Python 3 compatibility. (#45628)
* Fixing HTTPError case of fetch_url for Python 3 compatibility.

* Adding unit test.

* PEP8.

* Changelog.
6 years ago
Matt Clay 53b230ca74 Fix unit test parametrize order on Python 3.5. 6 years ago
Matt Clay c0bf9815c9 Fix ACI unit test on Python 3.7.0.
The previous logic was only needed for pre-release versions of 3.7.
6 years ago
Abhijeet Kasurde 4e9b8136c2 Add support for Devuan (#45148)
Devuan is part of Debian family. This fix adds support for Devuan OS.

Fixes: #45047

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
6 years ago
Alex Stephen 276ad32a45 removing libcloud secrets support for legacy gcp modules (#44932)
* removing libcloud secrets support for legacy gcp modules

* test fixes
6 years ago
Alex Stephen 3550f342e0 Gcp auth deprecation (#44866) 6 years ago
Matt Martz 0221d1ad20
Introduce and use locale-naive rfc2822 date format function (#44868)
* Introduce and use locale-naive rfc2822 date format function. Fixes #44857

* Adjust test expected response
6 years ago
Anton Nikulin 40a97d43d1 New modules and updated HTTP API plugin for FTD devices (#44578)
* Add common and Swagger client utils for FTD modules

* Update FTD HTTP API plugin and add unit tests for it

* Add configuration layer handling object idempotency

* Add ftd_configuration module with unit tests

* Add ftd_file_download and ftd_file_upload modules with unit tests

* Validate operation data and parameters

* Fix ansible-doc, boilerplate and import errors

* Fix pip8 sanity errors

* Update object comparison to work recursively

* Add copyright
6 years ago
Lindsay Hill 5981a7489b new nos_command module (#43056) 6 years ago
Matt Martz c1c229c6d4
Remove use of simplejson throughout code base (#43548)
* Remove use of simplejson throughout code base. Fixes #42761

* Address failing tests

* Remove simplejson from contrib and other outlying files

* Add changelog fragment for simplejson removal
6 years ago
Joren Vrancken b954917761 Surround top-level function and class definitions with two blank lines. 6 years ago
Toshio Kuratomi 52449cc01a AnsiballZ improvements
Now that we don't need to worry about python-2.4 and 2.5, we can make
some improvements to the way AnsiballZ handles modules.

* Change AnsiballZ wrapper to use import to invoke the module
  We need the module to think of itself as a script because it could be
  coded as:

      main()

  or as:

      if __name__ == '__main__':
          main()

  Or even as:

      if __name__ == '__main__':
          random_function_name()

  A script will invoke all of those.  Prior to this change, we invoked
  a second Python interpreter on the module so that it really was
  a script.  However, this means that we have to run python twice (once
  for the AnsiballZ wrapper and once for the module).  This change makes
  the module think that it is a script (because __name__ in the module ==
  '__main__') but it's actually being invoked by us importing the module
  code.

  There's three ways we've come up to do this.
  * The most elegant is to use zipimporter and tell the import mechanism
    that the module being loaded is __main__:
    * 5959f11c9d/lib/ansible/executor/module_common.py (L175)
    * zipimporter is nice because we do not have to extract the module from
      the zip file and save it to the disk when we do that.  The import
      machinery does it all for us.
    * The drawback is that modules do not have a __file__ which points
      to a real file when they do this.  Modules could be using __file__
      to for a variety of reasons, most of those probably have
      replacements (the most common one is to find a writable directory
      for temporary files.  AnsibleModule.tmpdir should be used instead)
      We can monkeypatch __file__ in fom AnsibleModule initialization
      but that's kind of gross.  There's no way I can see to do this
      from the wrapper.

  * Next, there's imp.load_module():
    * https://github.com/abadger/ansible/blob/340edf7489/lib/ansible/executor/module_common.py#L151
    * imp has the nice property of allowing us to set __name__ to
      __main__ without changing the name of the file itself
    * We also don't have to do anything special to set __file__ for
      backwards compatibility (although the reason for that is the
      drawback):
    * Its drawback is that it requires the file to exist on disk so we
      have to explicitly extract it from the zipfile and save it to
      a temporary file

  * The last choice is to use exec to execute the module:
    * https://github.com/abadger/ansible/blob/f47a4ccc76/lib/ansible/executor/module_common.py#L175
    * The code we would have to maintain for this looks pretty clean.
      In the wrapper we create a ModuleType, set __file__ on it, read
      the module's contents in from the zip file and then exec it.
    * Drawbacks: We still have to explicitly extract the file's contents
      from the zip archive instead of letting python's import mechanism
      handle it.
    * Exec also has hidden performance issues and breaks certain
      assumptions that modules could be making about their own code:
      http://lucumr.pocoo.org/2011/2/1/exec-in-python/

  Our plan is to use imp.load_module() for now, deprecate the use of
  __file__ in modules, and switch to zipimport once the deprecation
  period for __file__ is over (without monkeypatching a fake __file__ in
  via AnsibleModule).

* Rename the name of the AnsiBallZ wrapped module
  This makes it obvious that the wrapped module isn't the module file that
  we distribute.  It's part of trying to mitigate the fact that the module
  is now named __main)).py in tracebacks.

* Shield all wrapper symbols inside of a function
  With the new import code, all symbols in the wrapper become visible in
  the module.  To mitigate the chance of collisions, move most symbols
  into a toplevel function.  The only symbols left in the global namespace
  are now _ANSIBALLZ_WRAPPER and _ansiballz_main.

revised porting guide entry

Integrate code coverage collection into AnsiballZ.

ci_coverage
ci_complete
6 years ago
Toshio Kuratomi 5b4a7cc283 Fix journald unittests
d7df072b96 changed how we call
journal.send() from positional arguments to keyword arguments.  So we
need to update the test to check for the arguments it was called with in
the keyword args, not in the positional args.
6 years ago
Adam Miller 562ff66a98 Fix pkg_mgr_name fact finding for Fedora (#40922)
* Properly handle default package manager vs apt

For distros where apt might be installed but is not the default
package manager for the distro, properly identify the default distro
package manager during fact finding and re-use fact finding from
DistributionFactCollector and instead of reimplementing small
portions of it in PkgMgrFactCollector

Add unit test to always check the apt + Fedora combination to test
the new code.

Fixes #34014

Signed-off-by: Adam Miller <admiller@redhat.com>

* remove q debugging output I accidentally left behind

Signed-off-by: Adam Miller <admiller@redhat.com>

* add os_family to the conditional so we're only hitting that code path when needed

Signed-off-by: Adam Miller <admiller@redhat.com>

* setup for a _check* pattern for general os_family group pkg_mgr checking

Signed-off-by: Adam Miller <admiller@redhat.com>

* use Mock.patch decorator for os.path.exists in TestPkgMgrFactsAptFedora

Signed-off-by: Adam Miller <admiller@redhat.com>
6 years ago
Will Thames 42eaa00371 Provide kubernetes definition diffs in check_mode (#41471)
Move dict_merge from azure_rm_resource module to
module_utils.common.dict_transformations and add tests.

Use dict_merge to provide a fairly realistic, reliable
diff output when k8s-based modules are run in check_mode.

Rename unit tests so that they actually run and reflect
the module_utils they're based on.
6 years ago