ansible

Commit Graph

Author	SHA1	Message	Date
Mark Chappell	9edcda7ef7	Refactor iam_role to bring down the complexity score (#66027 ) * Simplify BotoCore- / Client- Error try/except loops where we don't need different behaviour * Refactor IAM Role manipulation to reduce complexity scores * Missing permissions * Add retry decorator by default * compare_attached_role_policies is dead code, remove it	5 years ago
Matthew Davis	4ee9f40e62	Add aws_acm module (#60552 ) * convert aws_acm_facts to AnsibleAWSModule * factor aws_acm_facts into module_utils * add more filtering options for aws_acm_info * add aws_acm module and tests * uncomment aws_acm test * fix linting for aws_acm * fix __future__ linting for aws_acm * fix linting for aws_acm * fix linting for aws_acm * fix linting for aws_acm * fix linting for aws_acm * fix aws_acm_info arg type * remove test for old module name aws_acm_facts * simplify AWS ACM client creation * fix indent typo in aws_acm test * catch BotoCoreError in aws_acm * fix indent typo in aws_acm test * tighten AWS ACM test policy resource * move aws acm int test to venv * remove errant file * fix AWS ACM int test perms * undo copyright addition to wrong file * fix invalid log message in aws_acm Co-Authored-By: Jill R <4121322+jillr@users.noreply.github.com> * rephrase aws_acm_info doc from facts to information Co-Authored-By: Jill R <4121322+jillr@users.noreply.github.com> * rename aws_facts var to aws_info * remove case insensitivity for aws_acm pem compare * add no_log for aws_acm credential setting * add per-test prefix to aws_acm test resource names * make aws_acm use crypto module_util * clarify copyright for aws_acm * make aws_acm int test clearer * add explicit crypto dependency to aws_acm * change requests for aws_acm pr * fix wrong copyright owner aws_acm test * fix wrong copyright owner aws_acm test * rewrite aws_acm cert chain compare with regex, no dependency * fix linting for aws_acm unit test * fix linting for aws_acm unit test * fix linting and duplicate ignore * fix failed cert chain split in aws_acm, add more tests * remove errant file * more linting fixes for aws_acm * fix sanity ignore * rewrite cert compare in aws_acm to use base64 decode * improve regex for pem cert chain split in aws_acm * undo changes to crypto module util for aws_acm * increment ansible version for new aws_acm module * convert aws_acm return(x) to return x * increment version added for aws_acm_info new features * fix linting * fix bugs with AWS ACM * fix bad rebase * disable AWS ACM integration test, due to AWS account limit issue * remove aws acm integration test from shippable group	5 years ago
Mark Chappell	0239f70648	cloudtrail: Initial integration tests (#61919 )	5 years ago
Mark Chappell	40660e7f6e	iam_role : support managing max session duration and deleting the instance profile it creates (#62014 ) * iam_role: Add support for managing MaxSessionDuration * iam_role: Add support for deleting the IAM Instance Profiles we created * iam_role: migrate all boto failures to fail_json_aws for consistency * iam_role: test validity of path so we can throw a more understandable error * iam_role: (integration tests) Split iam_role integration tests from sts_assume_role tests - Make the iam_role tests more comprehensive - Add tests for iam_role_info * iam_role: (integration tests) Make some of our pauses optional If the tests appear to be flakey we may need to enable standard_pauses	5 years ago
Mark Chappell	e0ebc8c9b4	Fixup aws_secret integration tests (#61241 ) * aws_secret: (integration tests) Move tests to using module_defaults * Update hacking aws security policy to enable management of secrets * aws_secret: (integration tests) Fixup integration tests - Update tests to use resource_prefix as a prefix rather than a suffix - Pause after role creation to cope with AWS being slow (and returning before the role it ready)	5 years ago
Mark Chappell	832e03d932	Fixup iam_group integration tests and return value documentation (#61243 ) * iam_group: (integration tests) migrate tests to module_defaults * iam_group: (integration tests) migrate to using temporary user and group with {{ resource_prefix }} * iam_group: (integration tests) fix test, checking the return values * iam_group: (integration tests) Add some more tests around the behaviour of 'changed' * iam_group: (docs) Update documentation of iam_group return value * Update AWS testing policies to enable group/user management	5 years ago
Mark Chappell	77e4371460	aws_kms: Update policy on existing keys (when passed) (#60059 ) * aws_kms: (integration tests) Use module_defaults to reduce the copy and paste * aws_kms: (integration tests) make sure policy option functions. * aws_kms: (integration tests) Move iam_role creation to start of playbook. iam_roles aren't fully created when iam_role completes, there's a delay on the Amazon side before they're fully recognised. * aws_kms: Update policy on existing keys (when passed)	5 years ago
Mark Chappell	70777020c4	Fix iam_password_policy integration tests (#60930 ) * iam_password_policy: (integration tests) Use module defaults for AWS connection details * iam_password_policy: (integration tests) Ensure the policy is removed when tests fail * iam_password_policy: (integration tests) Add regression test for #59102 * iam_password_policy: Only return changed when the policy changes. * iam_password_policy: PasswordReusePrevention must be omitted to remove/set to 0 * #60930 add changelog * Update hacking AWS security policy to allow testing of Password Policy Management	5 years ago
Jesse Evers	e410dcbfed	Add logic to handle multiple actions in an ALB listener rule, Fixes #41861 (#41975 ) * added logic to handle multiple actions in an ALB listener rule (#41861) * fix linting and pep8 issues * added test for multiple actions using OIDC authentication * added error messages related to old versions of botocore and multiple actions * fix action validation error checks (need to check the exception string) * added logic to make oidc configs idempotent (remove clientsecret for check) * modified TargetGroupName to TargetGroupArn substitution to account for multiple rule actions * refactored tests so that it can be run against different versions of botocore * fix runme.sh to refelct changes to cloud testsuite * add UseExistingClientSecret to oidc config (AWS api change) * remove tests for OIDC auth action; add tests for redirect and fixed-response * add in fixes from markuman and mjmayer * remove documentation for cognito integration (not sure how to test); added example config for fixed-response and redirect actions * renamed oidc/multiple action tests; leaving commented due to some AWS API changes * pep8 fix * more pep8 fixes * Restructure elb_application_lb test suite Move from runme.sh to virtualenv based roles Update policies to fix tests Don't log temp dir deletion, so many files in the diff!	5 years ago
Will Thames	60fb9fc208	Fix EC2 test suite to work with testing policies (#44387 ) * Update testing policies to ensure all required permissions are present * Tidy up security policies to reduce duplicate permissions * Make roles static so that they can be present before CI is run, meaning that role creation permission is not required by the CI itself, only by someone setting up the roles prior to testing * Move contents to cloudfront policy to network policy to ensure policy count (maximum of 10) stays low * Maintain compute policy below 6144 bytes	5 years ago
Will Thames	924352a051	ecs_cluster test suite refactor (#57716 ) * Combine testing policies Because of the maximum of 10 policies per group, need to consolidate testing policies as best we can. * Tidy put-account-setting tasks and add permission Using `environment` and `command` rather than `shell` avoids the need for `no_log` and means that people can fix the problem * refactor ecs_cluster test suite move from runme.sh technique to virtualenv use ec2_instance rather than ec2 module to avoid need for boto	5 years ago
Stefan Horning	77ec0549b0	New module for AWS CodeBuild (#47187 ) * New AWS module for the CodeBuild service, called aws_codebuild * Integration test for new aws_codebuild module	5 years ago
mjmayer	c8e179fbf1	Aws waf region (#48953 ) * Add waiter for AWSRegional * Add support for WAF Regional * Add support for regional waf web acl * Remove set_trace, pep formatting * Add paginator for regional_waf * Change name of param for waf_regional This is more in line with how AWS refers to the service. Additional changes made to how client is called. Used ternary to reduce if statements * Change parameter name to waf_regional * Add support for removal waf regional condition * Change parameter from cloudfront to waf_regional * Added state: absent waf rule * Remove set_trace * Add integration tests for waf regional * WIP: adding region parameter to tests * Add support for waf facts module * Add region to waf regional integration tests * Update security policy for waf regional testing * Add type to documentation for waf_regional param	6 years ago
Andrea Tartaglia	5c6b16edc3	Fix ec2_instance eventual consistency when wait: false (#51885 ) * Do not return 'instances' when wait is false * Added integration tests for wait: false * Added changelog fragment * Fix test suite to work with ec2_instance * Additional permissions * Enforce boto3 version * Fix broken tests * Improve error messages * fix linter issues	6 years ago
Ed Costello	b70d5d9aee	[AWS] ses rule set module for inbound email processing (#42781 ) * Add module ses_rule_set for Amazon SES * Update behaviours and naming to be consistent with other aws_ses_ modules. * Add global lock around tests using active rule sets to prevent intermittent test failures. * Fix deletion of rule sets so that we don't inactivate the active rule set when force deleting an inactive rule set.	6 years ago
Will Thames	d2569a3f7d	Improve iam_group exception handling (#45599 ) * Improve iam_group exception handling Use AnsibleAWSModule for iam_group and handle BotoCoreErrors as well as ClientErrors. Use fail_json_aws to improve error messages * Add minimal iam_group test suite Update some of the read-only IAM permissions (this is not sufficient to run the test suite but it gets further than it did until it tries to add a (non-existent) user) * Clean up after tests	6 years ago
Will Thames	60e3af42d5	sns_topic boto3 port (#39292 ) * Port sns_topic to boto3 and add tests	6 years ago
sdubrul	061877d584	added account_alias in the response of module aws_caller_facts (#42345 ) * added account_alias in the response of module aws_caller_facts * added comment to explain list_account_aliases * renamed caller_identity to caller_facts as the content is extended * created changelog * security-policy needs the iam:ListAccountAliases for this module to work * test now checks for the added field account_alias * gracefully handle missing iam:ListAccountAliases permission	6 years ago
Will Thames	b5a1643e3d	Add new aws_waf_condition module (#33110 )	7 years ago
Will Thames	866d7fdce9	[cloud] Create ECS integration test suite (#33757 ) Tests for: * ecs_cluster * ecs_service * ecs_service_facts * ecs_taskdefinition * ecs_taskdefinition_facts * Add idempotency testing Test ecs_cluster, ecs_service and ecs_taskdefinition for trivial idempotency. Add FIXMEs to the tests because the latter two fail. Remove unused dependencies	7 years ago

20 Commits (f18f480a3c3f6c2cce67d7a7e11e425c3794bc50)