From 809d169d36679d18a1eed2166f33f4e081ce6c80 Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Mon, 30 Sep 2024 11:54:14 +0100 Subject: [PATCH 01/61] Begin v0.3.12dev --- docs/changelog.rst | 5 +++++ mitogen/__init__.py | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/docs/changelog.rst b/docs/changelog.rst index 1fbad229..0b2875fa 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -18,6 +18,11 @@ To avail of fixes in an unreleased version, please download a ZIP file `directly from GitHub `_. +Unreleased +---------- + + + v0.3.11 (2024-10-30) -------------------- diff --git a/mitogen/__init__.py b/mitogen/__init__.py index 0cacddfe..1ec7cf09 100644 --- a/mitogen/__init__.py +++ b/mitogen/__init__.py @@ -35,7 +35,7 @@ be expected. On the slave, it is built dynamically during startup. #: Library version as a tuple. -__version__ = (0, 3, 11) +__version__ = (0, 3, 12, 'dev') #: This is :data:`False` in slave contexts. Previously it was used to prevent From d0993e991849d1e3529b14544a8941ec96126c1b Mon Sep 17 00:00:00 2001 From: "michael.dsilva" Date: Fri, 23 Aug 2024 09:56:33 +1000 Subject: [PATCH 02/61] allow ansible_ssh_password as it is documented as valid in current ansible documentation Co-authored-by: Alex Willmer --- ansible_mitogen/transport_config.py | 1 + docs/ansible_detailed.rst | 6 ++++-- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/ansible_mitogen/transport_config.py b/ansible_mitogen/transport_config.py index 39a4b604..39df3f6a 100644 --- a/ansible_mitogen/transport_config.py +++ b/ansible_mitogen/transport_config.py @@ -678,6 +678,7 @@ class MitogenViaSpec(Spec): def password(self): return optional_secret( + self._host_vars.get('ansible_ssh_password') or self._host_vars.get('ansible_ssh_pass') or self._host_vars.get('ansible_password') ) diff --git a/docs/ansible_detailed.rst b/docs/ansible_detailed.rst index fed347c8..d818edd7 100644 --- a/docs/ansible_detailed.rst +++ b/docs/ansible_detailed.rst @@ -306,7 +306,8 @@ container. * Intermediary machines cannot use login and become passwords that were supplied to Ansible interactively. If an intermediary requires a password, it must be supplied via ``ansible_ssh_pass``, - ``ansible_password``, or ``ansible_become_pass`` inventory variables. + ``ansible_ssh_password``, ``ansible_password``, or + ``ansible_become_pass`` inventory variables. * Automatic tunnelling of SSH-dependent actions, such as the ``synchronize`` module, is not yet supported. This will be addressed in a @@ -1011,7 +1012,8 @@ Like the :ans:conn:`ssh` except connection delegation is supported. * ``ansible_port``, ``ssh_port`` * ``ansible_ssh_executable``, ``ssh_executable`` * ``ansible_ssh_private_key_file`` -* ``ansible_ssh_pass``, ``ansible_password`` (default: assume passwordless) +* ``ansible_ssh_pass``, ``ansible_ssh_password``, ``ansible_password`` + (default: assume passwordless) * ``ssh_args``, ``ssh_common_args``, ``ssh_extra_args`` * ``mitogen_mask_remote_name``: if :data:`True`, mask the identity of the Ansible controller process on remote machines. To simplify diagnostics, From 3bdd3e237a95ae8a88681a46bfe97ccc4ed1204b Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Wed, 4 Sep 2024 10:53:18 +0100 Subject: [PATCH 03/61] tests: Coverage of support for ansible_ssh_password variable --- docs/contributors.rst | 1 + tests/ansible/integration/ssh/password.yml | 21 ++++++++++++++++++--- 2 files changed, 19 insertions(+), 3 deletions(-) diff --git a/docs/contributors.rst b/docs/contributors.rst index e40607a0..4e9e58bd 100644 --- a/docs/contributors.rst +++ b/docs/contributors.rst @@ -132,6 +132,7 @@ sponsorship and outstanding future-thinking of its early adopters.
  • Lewis Bellwood — Happy to be apart of a great project.
  • luto
  • Mayeu a.k.a Matthieu Maury
    • +
  • Michael D'Silva
  • @nathanhruby
  • Orion Poplawski
  • Philippe Kueck
    • diff --git a/tests/ansible/integration/ssh/password.yml b/tests/ansible/integration/ssh/password.yml index cf9396e0..9b7dcf8a 100644 --- a/tests/ansible/integration/ssh/password.yml +++ b/tests/ansible/integration/ssh/password.yml @@ -16,6 +16,12 @@ ansible_ssh_pass: user1_password ping: + - meta: reset_connection + - name: ansible_ssh_password + vars: + ansible_ssh_password: user1_password + ping: + - meta: reset_connection - name: absent password should fail ping: @@ -34,13 +40,22 @@ ansible_password: wrong ansible_ssh_pass: user1_password - # Tests that ansible_ssh_pass has priority over ansible_password + - meta: reset_connection + - name: Highest priority password variable should override all others + vars: + ansible_password: wrong + ansible_ssh_pass: wrong + ansible_ssh_password: user1_password + ping: + + # Tests that ansible_ssh_password has priority over others # and that a wrong password causes a target to be marked unreachable. - meta: reset_connection - - name: ansible_password should not override + - name: Lower priority password variables should not override vars: ansible_password: user1_password - ansible_ssh_pass: wrong + ansible_ssh_pass: user1_password + ansible_ssh_password: wrong ping: ignore_errors: true ignore_unreachable: true From 551690ee1dd47aee18a448202f8ae8b9c6f016c1 Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Mon, 16 Sep 2024 00:32:29 +0100 Subject: [PATCH 04/61] ansible_mitogen: Handle templated connection passwords and ansible_ssh_password This switches `ansible_mitogen.transport_config.PlayContextSpec.password()` to Ansible's plugin option framework. As a result - The relatively recent `ansible_ssh_password` variable is now respected. - The SSH connection password can be templated and specified as a play variable. Task variables will probably also work, but testing was blocked by #1132. There is a chance this change will cause a regression in another connection plugin (e.g. mitogen_docker), but nothing turned up in the test suite. I intend ot migrate other connection configuration to `ansible_mitogen.transport_config.PlayContextSpec._connect_option()`, the next candidate is the remote port. fixes #1106 --- .../plugins/connection/mitogen_ssh.py | 27 +++++-------------- ansible_mitogen/transport_config.py | 13 ++++++++- docs/changelog.rst | 2 ++ tests/ansible/hosts/default.hosts | 14 ++++++++++ tests/ansible/integration/ssh/all.yml | 2 ++ .../integration/ssh/templated_by_inv.yml | 7 +++++ .../ssh/templated_by_play_taskvar.yml | 10 +++++++ tests/ansible/templates/test-targets.j2 | 19 +++++++++++++ 8 files changed, 72 insertions(+), 22 deletions(-) create mode 100644 tests/ansible/integration/ssh/templated_by_inv.yml create mode 100644 tests/ansible/integration/ssh/templated_by_play_taskvar.yml diff --git a/ansible_mitogen/plugins/connection/mitogen_ssh.py b/ansible_mitogen/plugins/connection/mitogen_ssh.py index 75f2d42f..f6a27a6e 100644 --- a/ansible_mitogen/plugins/connection/mitogen_ssh.py +++ b/ansible_mitogen/plugins/connection/mitogen_ssh.py @@ -32,35 +32,20 @@ __metaclass__ = type import os.path import sys +from ansible.plugins.connection.ssh import ( + DOCUMENTATION as _ansible_ssh_DOCUMENTATION, +) + DOCUMENTATION = """ + name: mitogen_ssh author: David Wilson - connection: mitogen_ssh short_description: Connect over SSH via Mitogen description: - This connects using an OpenSSH client controlled by the Mitogen for Ansible extension. It accepts every option the vanilla ssh plugin accepts. - version_added: "2.5" options: - ssh_args: - type: str - vars: - - name: ssh_args - - name: ansible_ssh_args - - name: ansible_mitogen_ssh_args - ssh_common_args: - type: str - vars: - - name: ssh_args - - name: ansible_ssh_common_args - - name: ansible_mitogen_ssh_common_args - ssh_extra_args: - type: str - vars: - - name: ssh_args - - name: ansible_ssh_extra_args - - name: ansible_mitogen_ssh_extra_args -""" +""" + _ansible_ssh_DOCUMENTATION.partition('options:\n')[2] try: import ansible_mitogen diff --git a/ansible_mitogen/transport_config.py b/ansible_mitogen/transport_config.py index 39df3f6a..a3336365 100644 --- a/ansible_mitogen/transport_config.py +++ b/ansible_mitogen/transport_config.py @@ -62,6 +62,7 @@ from __future__ import unicode_literals __metaclass__ = type import abc +import logging import os import ansible.utils.shlex import ansible.constants as C @@ -74,6 +75,9 @@ from ansible.module_utils.parsing.convert_bool import boolean import mitogen.core +LOG = logging.getLogger(__name__) + + def run_interpreter_discovery_if_necessary(s, task_vars, action, rediscover_python): """ Triggers ansible python interpreter discovery if requested. @@ -412,6 +416,13 @@ class PlayContextSpec(Spec): # used to run interpreter discovery self._action = connection._action + def _connection_option(self, name): + try: + return self._connection.get_option(name, hostvars=self._task_vars) + except KeyError: + LOG.debug('Used PlayContext fallback for option=%r', name) + return getattr(self._play_context, name) + def transport(self): return self._transport @@ -449,7 +460,7 @@ class PlayContextSpec(Spec): return optional_secret(become_pass) def password(self): - return optional_secret(self._play_context.password) + return optional_secret(self._connection_option('password')) def port(self): return self._play_context.port diff --git a/docs/changelog.rst b/docs/changelog.rst index 0b2875fa..25e3820c 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -21,6 +21,8 @@ To avail of fixes in an unreleased version, please download a ZIP file Unreleased ---------- +* :gh:issue:`1106` :mod:`ansible_mitogen`: Support for `ansible_ssh_password` + connection variable, and templated SSH connection password. v0.3.11 (2024-10-30) diff --git a/tests/ansible/hosts/default.hosts b/tests/ansible/hosts/default.hosts index adc271e2..8ed80787 100644 --- a/tests/ansible/hosts/default.hosts +++ b/tests/ansible/hosts/default.hosts @@ -19,3 +19,17 @@ ssh-common-args ansible_host=localhost ansible_user="{{ lookup('pipe', 'whoami') [issue905:vars] ansible_ssh_common_args=-o PermitLocalCommand=yes -o LocalCommand="touch {{ ssh_args_canary_file }}" ssh_args_canary_file=/tmp/ssh_args_{{ inventory_hostname }} + +[tt_targets_bare] +tt-bare + +[tt_targets_bare:vars] +ansible_host=localhost +ansible_user=mitogen__has_sudo_nopw + +[tt_targets_inventory] +tt-password ansible_password="{{ 'has_sudo_nopw_password' | trim }}" + +[tt_targets_inventory:vars] +ansible_host=localhost +ansible_user=mitogen__has_sudo_nopw diff --git a/tests/ansible/integration/ssh/all.yml b/tests/ansible/integration/ssh/all.yml index 5c16f187..ab400051 100644 --- a/tests/ansible/integration/ssh/all.yml +++ b/tests/ansible/integration/ssh/all.yml @@ -2,4 +2,6 @@ - import_playbook: config.yml - import_playbook: password.yml - import_playbook: timeouts.yml +- import_playbook: templated_by_inv.yml +- import_playbook: templated_by_play_taskvar.yml - import_playbook: variables.yml diff --git a/tests/ansible/integration/ssh/templated_by_inv.yml b/tests/ansible/integration/ssh/templated_by_inv.yml new file mode 100644 index 00000000..686518fd --- /dev/null +++ b/tests/ansible/integration/ssh/templated_by_inv.yml @@ -0,0 +1,7 @@ +- name: integration/ssh/templated_by_inv.yml + hosts: tt_targets_inventory + gather_facts: false + tasks: + - meta: reset_connection + - name: Templated variables in inventory + ping: diff --git a/tests/ansible/integration/ssh/templated_by_play_taskvar.yml b/tests/ansible/integration/ssh/templated_by_play_taskvar.yml new file mode 100644 index 00000000..bc4ef1d8 --- /dev/null +++ b/tests/ansible/integration/ssh/templated_by_play_taskvar.yml @@ -0,0 +1,10 @@ +- name: integration/ssh/templated_by_play_taskvar.yml + hosts: tt_targets_bare + gather_facts: false + vars: + ansible_password: "{{ 'has_sudo_nopw_password' | trim }}" + + tasks: + - meta: reset_connection + - name: Templated variables in play + ping: diff --git a/tests/ansible/templates/test-targets.j2 b/tests/ansible/templates/test-targets.j2 index e2708192..37a0725a 100644 --- a/tests/ansible/templates/test-targets.j2 +++ b/tests/ansible/templates/test-targets.j2 @@ -37,3 +37,22 @@ ansible_user=mitogen__has_sudo_nopw ansible_password=has_sudo_nopw_password ansible_ssh_common_args=-o PermitLocalCommand=yes -o LocalCommand="touch {{ '{{' }} ssh_args_canary_file {{ '}}' }}" ssh_args_canary_file=/tmp/ssh_args_{{ '{{' }} inventory_hostname {{ '}}' }} + +{% set tt = containers[0] %} + +[tt_targets_bare] +tt-bare + +[tt_targets_bare:vars] +ansible_host={{ tt.hostname }} +ansible_port={{ tt.port }} +ansible_python_interpreter={{ tt.python_path }} +ansible_user=mitogen__has_sudo_nopw + +[tt_targets_inventory] +tt-password ansible_password="{{ '{{' }} 'has_sudo_nopw_password' | trim {{ '}}' }}" ansible_port={{ tt.port }} + +[tt_targets_inventory:vars] +ansible_host={{ tt.hostname }} +ansible_python_interpreter={{ tt.python_path }} +ansible_user=mitogen__has_sudo_nopw From 6accc87da1db4e588fd4248f184806c7f848fdc6 Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Sun, 8 Sep 2024 13:51:08 +0100 Subject: [PATCH 05/61] tests: Improve Ansible fail_msg formatting By switching to block style (`|`) with clip (no `-` or `+`) the failure messages don't require quoting and gain a single trailing newline. This causes Ansible to print them as block style, when using the yaml stdout callback plugin. As a result the values have one less layer of quoting and quote escaping, making them much easier to read. --- docs/changelog.rst | 1 + tests/ansible/integration/action/copy.yml | 3 ++- .../integration/action/fixup_perms2__copy.yml | 15 +++++++---- .../action/low_level_execute_command.yml | 6 +++-- .../integration/action/make_tmp_path.yml | 25 ++++++++++++----- .../integration/action/remote_expand_user.yml | 18 ++++++++----- .../integration/action/remote_file_exists.yml | 6 +++-- .../integration/action/remove_tmp_path.yml | 6 +++-- .../integration/action/synchronize.yml | 3 ++- .../integration/action/transfer_data.yml | 6 +++-- .../integration/async/multiple_items_loop.yml | 3 ++- .../async/result_binary_producing_json.yml | 6 +++-- .../async/result_binary_producing_junk.yml | 3 ++- .../async/result_shell_echo_hi.yml | 6 +++-- .../integration/async/runner_new_process.yml | 8 ++++-- .../integration/async/runner_one_job.yml | 12 ++++++--- .../async/runner_timeout_then_polling.yml | 3 ++- .../async/runner_two_simultaneous_jobs.yml | 7 +++-- .../async/runner_with_polling_and_timeout.yml | 3 ++- .../integration/become/su_password.yml | 12 ++++++--- .../integration/become/sudo_flags_failure.yml | 3 ++- .../integration/become/sudo_nonexistent.yml | 3 ++- .../integration/become/sudo_nopassword.yml | 6 +++-- .../integration/become/sudo_password.yml | 6 +++-- .../integration/connection/_put_file.yml | 4 ++- .../connection/become_same_user.yml | 6 +++-- .../connection/disconnect_during_module.yml | 3 ++- .../integration/connection/exec_command.yml | 3 ++- .../ansible/integration/connection/reset.yml | 6 ++++- .../integration/connection/reset_become.yml | 12 ++++++--- .../connection_loader/local_blemished.yml | 3 ++- .../paramiko_unblemished.yml | 3 ++- .../connection_loader/ssh_blemished.yml | 3 ++- .../context_service/reconnection.yml | 4 ++- .../context_service/remote_name.yml | 6 +++-- .../integration/glibc_caches/resolv_conf.yml | 3 ++- .../ansible_2_8_tests.yml | 14 ++++++---- .../integration/local/cwd_preserved.yml | 3 ++- .../module_utils/adjacent_to_playbook.yml | 3 ++- .../module_utils/from_config_path.yml | 3 ++- .../module_utils/from_config_path_pkg.yml | 3 ++- .../module_utils/roles/modrole/tasks/main.yml | 3 ++- .../roles/overrides_modrole/tasks/main.yml | 3 ++- .../playbook_semantics/become_flags.yml | 6 +++-- .../playbook_semantics/environment.yml | 3 ++- .../runner/_etc_environment_global.yml | 9 ++++--- .../runner/_etc_environment_user.yml | 9 ++++--- tests/ansible/integration/runner/atexit.yml | 3 ++- .../runner/builtin_command_module.yml | 3 ++- .../runner/crashy_new_style_module.yml | 3 ++- .../runner/custom_bash_hashbang_argument.yml | 3 ++- .../runner/custom_bash_old_style_module.yml | 3 ++- .../runner/custom_bash_want_json_module.yml | 3 ++- .../runner/custom_binary_producing_json.yml | 3 ++- .../runner/custom_binary_producing_junk.yml | 3 ++- .../runner/custom_binary_single_null.yml | 3 ++- .../runner/custom_perl_json_args_module.yml | 6 +++-- .../runner/custom_perl_want_json_module.yml | 6 +++-- .../runner/custom_python_json_args_module.yml | 3 ++- ...m_python_new_style_missing_interpreter.yml | 3 ++- .../runner/custom_python_new_style_module.yml | 6 +++-- .../custom_python_prehistoric_module.yml | 3 ++- .../runner/custom_python_want_json_module.yml | 3 ++- .../runner/custom_script_interpreter.yml | 3 ++- .../runner/environment_isolation.yml | 12 ++++++--- .../integration/runner/forking_active.yml | 5 +++- .../runner/forking_correct_parent.yml | 12 ++++++--- .../integration/runner/forking_inactive.yml | 4 ++- .../integration/runner/missing_module.yml | 3 ++- tests/ansible/integration/ssh/config.yml | 3 ++- tests/ansible/integration/ssh/password.yml | 6 +++-- tests/ansible/integration/ssh/timeouts.yml | 3 ++- tests/ansible/integration/ssh/variables.yml | 3 ++- .../strategy/_mixed_mitogen_vanilla.yml | 18 ++++++++----- .../strategy/_mixed_vanilla_mitogen.yml | 18 ++++++++----- .../integration/stub_connections/kubectl.yml | 3 ++- .../integration/stub_connections/lxc.yml | 3 ++- .../integration/stub_connections/lxd.yml | 3 ++- .../stub_connections/mitogen_doas.yml | 3 ++- .../stub_connections/mitogen_sudo.yml | 3 ++- .../stub_connections/setns_lxc.yml | 3 ++- .../stub_connections/setns_lxd.yml | 3 ++- .../ansible/integration/transport/kubectl.yml | 12 ++++++--- .../integration/transport_config/become.yml | 12 ++++++--- .../transport_config/become_method.yml | 15 +++++++---- .../transport_config/become_pass.yml | 27 ++++++++++++------- .../transport_config/become_user.yml | 18 ++++++++----- .../transport_config/host_key_checking.yml | 18 ++++++++----- .../integration/transport_config/port.yml | 24 +++++++++++------ ..._109__target_has_old_ansible_installed.yml | 3 ++- .../issue_113__duplicate_module_imports.yml | 3 ++- ...ue_152__local_action_wrong_interpreter.yml | 3 ++- .../issue_152__virtualenv_python_fails.yml | 3 ++- .../issue_154__module_state_leaks.yml | 3 ++- ...32_ansiblemoduleerror_first_occurrence.yml | 3 ++- .../issue_590__sys_modules_crap.yml | 3 ++- 96 files changed, 407 insertions(+), 193 deletions(-) diff --git a/docs/changelog.rst b/docs/changelog.rst index 25e3820c..8fe7d16c 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -23,6 +23,7 @@ Unreleased * :gh:issue:`1106` :mod:`ansible_mitogen`: Support for `ansible_ssh_password` connection variable, and templated SSH connection password. +* :gh:issue:`1136` tests: Improve Ansible fail_msg formatting. v0.3.11 (2024-10-30) diff --git a/tests/ansible/integration/action/copy.yml b/tests/ansible/integration/action/copy.yml index edaa3e49..f1ad5dc3 100644 --- a/tests/ansible/integration/action/copy.yml +++ b/tests/ansible/integration/action/copy.yml @@ -77,7 +77,8 @@ that: - item.stat.checksum == item.item.expected_checksum quiet: true # Avoid spamming stdout with 400 kB of item.item.content - fail_msg: item={{ item }} + fail_msg: | + item={{ item }} with_items: "{{ stat.results }}" loop_control: label: "{{ item.stat.path }}" diff --git a/tests/ansible/integration/action/fixup_perms2__copy.yml b/tests/ansible/integration/action/fixup_perms2__copy.yml index 662247c6..7821111e 100644 --- a/tests/ansible/integration/action/fixup_perms2__copy.yml +++ b/tests/ansible/integration/action/fixup_perms2__copy.yml @@ -16,7 +16,8 @@ - assert: that: - out.stat.mode in ("0644", "0664") - fail_msg: out={{out}} + fail_msg: | + out={{ out }} - name: "Copy files from content: arg" copy: @@ -29,7 +30,8 @@ - assert: that: - out.stat.mode == "0400" - fail_msg: out={{out}} + fail_msg: | + out={{ out }} - name: Cleanup local weird mode file file: @@ -55,7 +57,8 @@ - assert: that: - out.stat.mode in ("0644", "0664") - fail_msg: out={{out}} + fail_msg: | + out={{ out }} - name: Copy file with weird mode, preserving mode copy: @@ -69,7 +72,8 @@ - assert: that: - out.stat.mode == "1462" - fail_msg: out={{out}} + fail_msg: | + out={{ out }} - name: Copy file with weird mode, explicit mode copy: @@ -84,7 +88,8 @@ - assert: that: - out.stat.mode == "1461" - fail_msg: out={{out}} + fail_msg: | + out={{ out }} - name: Cleanup file: diff --git a/tests/ansible/integration/action/low_level_execute_command.yml b/tests/ansible/integration/action/low_level_execute_command.yml index 24649424..f42e0561 100644 --- a/tests/ansible/integration/action/low_level_execute_command.yml +++ b/tests/ansible/integration/action/low_level_execute_command.yml @@ -15,7 +15,8 @@ - 'raw.rc == 0' - 'raw.stdout_lines[-1]|to_text == "2"' - 'raw.stdout[-1]|to_text == "2"' - fail_msg: raw={{raw}} + fail_msg: | + raw={{ raw }} - name: Run raw module with sudo become: true @@ -39,6 +40,7 @@ ["root\r\n"], ["root"], ) - fail_msg: raw={{raw}} + fail_msg: | + raw={{ raw }} tags: - low_level_execute_command diff --git a/tests/ansible/integration/action/make_tmp_path.yml b/tests/ansible/integration/action/make_tmp_path.yml index 1f710c5a..b3f3b519 100644 --- a/tests/ansible/integration/action/make_tmp_path.yml +++ b/tests/ansible/integration/action/make_tmp_path.yml @@ -42,13 +42,17 @@ assert: that: - good_temp_path == good_temp_path2 - fail_msg: good_temp_path={{good_temp_path}} good_temp_path2={{good_temp_path2}} + fail_msg: | + good_temp_path={{ good_temp_path }} + good_temp_path2={{ good_temp_path2 }} - name: "Verify different subdir for both tasks" assert: that: - tmp_path.path != tmp_path2.path - fail_msg: tmp_path={{tmp_path}} tmp_path2={{tmp_path2}} + fail_msg: | + tmp_path={{ tmp_path }} + tmp_path2={{ tmp_path2 }} # # Verify subdirectory removal. @@ -69,7 +73,9 @@ that: - not stat1.stat.exists - not stat2.stat.exists - fail_msg: stat1={{stat1}} stat2={{stat2}} + fail_msg: | + stat1={{ stat1 }} + stat2={{ stat2 }} # # Verify good directory persistence. @@ -84,7 +90,8 @@ assert: that: - stat.stat.exists - fail_msg: stat={{stat}} + fail_msg: | + stat={{ stat }} # # Write some junk into the temp path. @@ -107,7 +114,8 @@ - assert: that: - not out.stat.exists - fail_msg: out={{out}} + fail_msg: | + out={{ out }} # # root @@ -126,7 +134,9 @@ that: - tmp_path2.path != tmp_path_root.path - tmp_path2.path|dirname != tmp_path_root.path|dirname - fail_msg: tmp_path_root={{tmp_path_root}} tmp_path2={{tmp_path2}} + fail_msg: | + tmp_path_root={{ tmp_path_root }} + tmp_path2={{ tmp_path2 }} # # readonly homedir @@ -157,7 +167,8 @@ that: - out.module_path.startswith(good_temp_path2) - out.module_tmpdir.startswith(good_temp_path2) - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - make_tmp_path - mitogen_only diff --git a/tests/ansible/integration/action/remote_expand_user.yml b/tests/ansible/integration/action/remote_expand_user.yml index 97dd02f9..d7cefffe 100644 --- a/tests/ansible/integration/action/remote_expand_user.yml +++ b/tests/ansible/integration/action/remote_expand_user.yml @@ -26,7 +26,8 @@ register: out - assert: that: out.result == user_facts.ansible_facts.ansible_user_dir ~ '/foo' - fail_msg: out={{out}} + fail_msg: | + out={{ out }} - name: "Expand ~/foo with become active. ~ is become_user's home." action_passthrough: @@ -49,7 +50,8 @@ register: out - assert: that: out.result == user_facts.ansible_facts.ansible_user_dir ~ '/foo' - fail_msg: out={{out}} + fail_msg: | + out={{ out }} - name: "Expanding $HOME/foo has no effect." action_passthrough: @@ -60,7 +62,8 @@ register: out - assert: that: out.result == '$HOME/foo' - fail_msg: out={{out}} + fail_msg: | + out={{ out }} # ------------------------ @@ -73,7 +76,8 @@ register: out - assert: that: out.result == user_facts.ansible_facts.ansible_user_dir ~ '/foo' - fail_msg: out={{out}} + fail_msg: | + out={{ out }} - name: "sudoable; Expand ~/foo with become active. ~ is become_user's home." action_passthrough: @@ -97,7 +101,8 @@ register: out - assert: that: out.result == user_facts.ansible_facts.ansible_user_dir ~ '/foo' - fail_msg: out={{out}} + fail_msg: | + out={{ out }} - name: "sudoable; Expanding $HOME/foo has no effect." action_passthrough: @@ -108,6 +113,7 @@ register: out - assert: that: out.result == '$HOME/foo' - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - remote_expand_user diff --git a/tests/ansible/integration/action/remote_file_exists.yml b/tests/ansible/integration/action/remote_file_exists.yml index 577e64a0..465a3af7 100644 --- a/tests/ansible/integration/action/remote_file_exists.yml +++ b/tests/ansible/integration/action/remote_file_exists.yml @@ -12,7 +12,8 @@ register: out - assert: that: out.result == False - fail_msg: out={{out}} + fail_msg: | + out={{ out }} - name: Ensure does-exist does copy: @@ -24,7 +25,8 @@ register: out - assert: that: out.result == True - fail_msg: out={{out}} + fail_msg: | + out={{ out }} - name: Cleanup file: diff --git a/tests/ansible/integration/action/remove_tmp_path.yml b/tests/ansible/integration/action/remove_tmp_path.yml index d90c90dc..9807477b 100644 --- a/tests/ansible/integration/action/remove_tmp_path.yml +++ b/tests/ansible/integration/action/remove_tmp_path.yml @@ -23,7 +23,8 @@ - assert: that: - not out2.stat.exists - fail_msg: out={{out}} + fail_msg: | + out={{ out }} - stat: path: "{{out.src|dirname}}" @@ -32,7 +33,8 @@ - assert: that: - not out2.stat.exists - fail_msg: out={{out}} + fail_msg: | + out={{ out }} - file: path: /tmp/remove_tmp_path_test diff --git a/tests/ansible/integration/action/synchronize.yml b/tests/ansible/integration/action/synchronize.yml index 13c2113a..6da81da3 100644 --- a/tests/ansible/integration/action/synchronize.yml +++ b/tests/ansible/integration/action/synchronize.yml @@ -66,7 +66,8 @@ - assert: that: outout == "item!" - fail_msg: outout={{outout}} + fail_msg: | + outout={{ outout }} when: False # TODO: https://github.com/dw/mitogen/issues/692 diff --git a/tests/ansible/integration/action/transfer_data.yml b/tests/ansible/integration/action/transfer_data.yml index 6d4faab5..ab994683 100644 --- a/tests/ansible/integration/action/transfer_data.yml +++ b/tests/ansible/integration/action/transfer_data.yml @@ -22,7 +22,8 @@ - assert: that: | out.content|b64decode == '{"I am JSON": true}' - fail_msg: out={{out}} + fail_msg: | + out={{ out }} - name: Create text transfer data action_passthrough: @@ -37,7 +38,8 @@ - assert: that: out.content|b64decode == 'I am text.' - fail_msg: out={{out}} + fail_msg: | + out={{ out }} - name: Cleanup transfer data file: diff --git a/tests/ansible/integration/async/multiple_items_loop.yml b/tests/ansible/integration/async/multiple_items_loop.yml index 5d070255..e7cc1bac 100644 --- a/tests/ansible/integration/async/multiple_items_loop.yml +++ b/tests/ansible/integration/async/multiple_items_loop.yml @@ -33,6 +33,7 @@ - out.results[1].stdout == 'hi-from-job-2' - out.results[1].rc == 0 - out.results[1].delta > '0:00:05' - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - multiple_items_loop diff --git a/tests/ansible/integration/async/result_binary_producing_json.yml b/tests/ansible/integration/async/result_binary_producing_json.yml index 942b356a..fc81ba9d 100644 --- a/tests/ansible/integration/async/result_binary_producing_json.yml +++ b/tests/ansible/integration/async/result_binary_producing_json.yml @@ -27,7 +27,8 @@ (job.started == 1) and (job.changed == True) and (job.finished == 0) - fail_msg: job={{job}} + fail_msg: | + job={{ job }} - name: busy-poll up to 100000 times async_status: @@ -52,7 +53,8 @@ - async_out.failed == False - async_out.msg == "Hello, world." - 'async_out.stderr == "binary_producing_json: oh noes\n"' - fail_msg: async_out={{async_out}} + fail_msg: | + async_out={{ async_out }} vars: async_out: "{{result.content|b64decode|from_json}}" tags: diff --git a/tests/ansible/integration/async/result_binary_producing_junk.yml b/tests/ansible/integration/async/result_binary_producing_junk.yml index 734f0e12..10c86769 100644 --- a/tests/ansible/integration/async/result_binary_producing_junk.yml +++ b/tests/ansible/integration/async/result_binary_producing_junk.yml @@ -38,7 +38,8 @@ - async_out.msg.startswith("Traceback") - '"ValueError: No start of json char found\n" in async_out.msg' - 'async_out.stderr == "binary_producing_junk: oh noes\n"' - fail_msg: async_out={{async_out}} + fail_msg: | + async_out={{ async_out }} vars: async_out: "{{result.content|b64decode|from_json}}" tags: diff --git a/tests/ansible/integration/async/result_shell_echo_hi.yml b/tests/ansible/integration/async/result_shell_echo_hi.yml index 8cac07a8..d3f9d42c 100644 --- a/tests/ansible/integration/async/result_shell_echo_hi.yml +++ b/tests/ansible/integration/async/result_shell_echo_hi.yml @@ -42,14 +42,16 @@ - async_out.start.startswith("20") - async_out.stderr == "there" - async_out.stdout == "hi" - fail_msg: async_out={{async_out}} + fail_msg: | + async_out={{ async_out }} vars: async_out: "{{result.content|b64decode|from_json}}" - assert: that: - async_out.invocation.module_args.stdin == None - fail_msg: async_out={{async_out}} + fail_msg: | + async_out={{ async_out }} when: - ansible_version.full is version('2.4', '>=', strict=True) vars: diff --git a/tests/ansible/integration/async/runner_new_process.yml b/tests/ansible/integration/async/runner_new_process.yml index 0113b658..0ed0798a 100644 --- a/tests/ansible/integration/async/runner_new_process.yml +++ b/tests/ansible/integration/async/runner_new_process.yml @@ -15,7 +15,9 @@ - assert: that: - sync_proc1.pid == sync_proc2.pid - fail_msg: sync_proc1={{sync_proc1}} sync_proc2={{sync_proc2}} + fail_msg: | + sync_proc1={{ sync_proc1 }} + sync_proc2={{ sync_proc2 }} when: is_mitogen - name: get async process ID. @@ -52,7 +54,9 @@ - sync_proc1.pid == sync_proc2.pid - async_result1.pid != sync_proc1.pid - async_result1.pid != async_result2.pid - fail_msg: async_result1={{async_result1}} async_result2={{async_result2}} + fail_msg: | + async_result1={{ async_result1 }} + async_result2={{ async_result2 }} when: is_mitogen tags: - runner_new_process diff --git a/tests/ansible/integration/async/runner_one_job.yml b/tests/ansible/integration/async/runner_one_job.yml index bfb50bfa..95a32e2b 100644 --- a/tests/ansible/integration/async/runner_one_job.yml +++ b/tests/ansible/integration/async/runner_one_job.yml @@ -23,7 +23,8 @@ (job1.started == 1) and (job1.changed == True) and (job1.finished == 0) - fail_msg: job1={{job1}} + fail_msg: | + job1={{ job1 }} - name: busy-poll up to 100000 times async_status: @@ -48,7 +49,8 @@ - result1.start|length == 26 - result1.finished == 1 - result1.rc == 0 - fail_msg: result1={{result1}} + fail_msg: | + result1={{ result1 }} - assert: that: @@ -56,14 +58,16 @@ - result1.stderr_lines == [] - result1.stdout == "alldone" - result1.stdout_lines == ["alldone"] - fail_msg: result1={{result1}} + fail_msg: | + result1={{ result1 }} when: - ansible_version.full is version('2.8', '>', strict=True) # ansible#51393 - assert: that: - result1.failed == False - fail_msg: result1={{result1}} + fail_msg: | + result1={{ result1 }} when: - ansible_version.full is version('2.4', '>', strict=True) tags: diff --git a/tests/ansible/integration/async/runner_timeout_then_polling.yml b/tests/ansible/integration/async/runner_timeout_then_polling.yml index e3aa5d37..783d30a0 100644 --- a/tests/ansible/integration/async/runner_timeout_then_polling.yml +++ b/tests/ansible/integration/async/runner_timeout_then_polling.yml @@ -29,7 +29,8 @@ - result.failed == 1 - result.finished == 1 - result.msg == "Job reached maximum time limit of 1 seconds." - fail_msg: result={{result}} + fail_msg: | + result={{ result }} tags: - mitogen_only - runner_timeout_then_polling diff --git a/tests/ansible/integration/async/runner_two_simultaneous_jobs.yml b/tests/ansible/integration/async/runner_two_simultaneous_jobs.yml index 5678dbdd..4d236c3e 100644 --- a/tests/ansible/integration/async/runner_two_simultaneous_jobs.yml +++ b/tests/ansible/integration/async/runner_two_simultaneous_jobs.yml @@ -56,12 +56,15 @@ that: - result1.rc == 0 - result2.rc == 0 - fail_msg: result1={{result1}} result2={{result2}} + fail_msg: | + result1={{ result1 }} + result2={{ result2 }} - assert: that: - result2.stdout == 'im_alive' - fail_msg: result2={{result2}} + fail_msg: | + result2={{ result2 }} when: - ansible_version.full is version('2.8', '>=', strict=True) # ansible#51393 tags: diff --git a/tests/ansible/integration/async/runner_with_polling_and_timeout.yml b/tests/ansible/integration/async/runner_with_polling_and_timeout.yml index ba413372..2975e7ac 100644 --- a/tests/ansible/integration/async/runner_with_polling_and_timeout.yml +++ b/tests/ansible/integration/async/runner_with_polling_and_timeout.yml @@ -21,6 +21,7 @@ job1.msg == "async task did not complete within the requested time" or job1.msg == "async task did not complete within the requested time - 1s" or job1.msg == "Job reached maximum time limit of 1 seconds." - fail_msg: job1={{job1}} + fail_msg: | + job1={{ job1 }} tags: - runner_with_polling_and_timeout diff --git a/tests/ansible/integration/become/su_password.yml b/tests/ansible/integration/become/su_password.yml index 207980c4..e1dfd572 100644 --- a/tests/ansible/integration/become/su_password.yml +++ b/tests/ansible/integration/become/su_password.yml @@ -20,7 +20,8 @@ ('password is required' in out.msg) or ('password is required' in out.module_stderr) ) - fail_msg: out={{out}} + fail_msg: | + out={{ out }} when: is_mitogen @@ -40,7 +41,8 @@ ('Incorrect su password' in out.msg) or ('su password is incorrect' in out.msg) ) - fail_msg: out={{out}} + fail_msg: | + out={{ out }} when: is_mitogen - name: Ensure password su with chdir succeeds @@ -62,7 +64,8 @@ - assert: that: - out.stdout == 'mitogen__user1' - fail_msg: out={{out}} + fail_msg: | + out={{ out }} when: # CI containers lack `setfacl` for unpriv -> unpriv # https://github.com/mitogen-hq/mitogen/issues/1118 @@ -87,7 +90,8 @@ - assert: that: - out.stdout == 'mitogen__user1' - fail_msg: out={{out}} + fail_msg: | + out={{ out }} when: # CI containers lack `setfacl` for unpriv -> unpriv # https://github.com/mitogen-hq/mitogen/issues/1118 diff --git a/tests/ansible/integration/become/sudo_flags_failure.yml b/tests/ansible/integration/become/sudo_flags_failure.yml index 75ecfebf..e7c01202 100644 --- a/tests/ansible/integration/become/sudo_flags_failure.yml +++ b/tests/ansible/integration/become/sudo_flags_failure.yml @@ -20,7 +20,8 @@ or out.module_stderr is match("sudo: invalid option -- '-'") or out.module_stdout is match("sudo: unrecognized option [`']--derps'") or out.module_stderr is match("sudo: unrecognized option [`']--derps'") - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - sudo - sudo_flags_failure diff --git a/tests/ansible/integration/become/sudo_nonexistent.yml b/tests/ansible/integration/become/sudo_nonexistent.yml index 912d1ba8..27090f74 100644 --- a/tests/ansible/integration/become/sudo_nonexistent.yml +++ b/tests/ansible/integration/become/sudo_nonexistent.yml @@ -23,7 +23,8 @@ - >- (out.module_stderr | default(out.module_stdout, true) | default(out.msg, true)) is search('sudo: unknown user:? slartibartfast') or (ansible_facts.os_family == 'RedHat' and ansible_facts.distribution_version == '6.10') - fail_msg: out={{out}} + fail_msg: | + out={{ out }} when: # https://github.com/ansible/ansible/pull/70785 - ansible_facts.distribution not in ["MacOSX"] diff --git a/tests/ansible/integration/become/sudo_nopassword.yml b/tests/ansible/integration/become/sudo_nopassword.yml index 98dd9cfd..0e84ce5e 100644 --- a/tests/ansible/integration/become/sudo_nopassword.yml +++ b/tests/ansible/integration/become/sudo_nopassword.yml @@ -11,7 +11,8 @@ - assert: that: - out.stdout != 'root' - fail_msg: out={{out}} + fail_msg: | + out={{ out }} - name: Ensure passwordless sudo to root succeeds. shell: whoami @@ -22,7 +23,8 @@ - assert: that: - out.stdout == 'root' - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - sudo - sudo_nopassword diff --git a/tests/ansible/integration/become/sudo_password.yml b/tests/ansible/integration/become/sudo_password.yml index 931cba27..07034635 100644 --- a/tests/ansible/integration/become/sudo_password.yml +++ b/tests/ansible/integration/become/sudo_password.yml @@ -23,7 +23,8 @@ ('Missing sudo password' in out.msg) or ('password is required' in out.module_stderr) ) - fail_msg: out={{out}} + fail_msg: | + out={{ out }} when: # https://github.com/ansible/ansible/pull/70785 - ansible_facts.distribution not in ["MacOSX"] @@ -50,7 +51,8 @@ ('Incorrect sudo password' in out.msg) or ('sudo password is incorrect' in out.msg) ) - fail_msg: out={{out}} + fail_msg: | + out={{ out }} when: # https://github.com/ansible/ansible/pull/70785 - ansible_facts.distribution not in ["MacOSX"] diff --git a/tests/ansible/integration/connection/_put_file.yml b/tests/ansible/integration/connection/_put_file.yml index 07837db8..5d3ad625 100644 --- a/tests/ansible/integration/connection/_put_file.yml +++ b/tests/ansible/integration/connection/_put_file.yml @@ -26,4 +26,6 @@ - original.stat.checksum == copied.stat.checksum # Upstream does not preserve timestamps at al. #- (not is_mitogen) or (original.stat.mtime|int == copied.stat.mtime|int) - fail_msg: original={{original}} copied={{copied}} + fail_msg: | + original={{ original }} + copied={{ copied }} diff --git a/tests/ansible/integration/connection/become_same_user.yml b/tests/ansible/integration/connection/become_same_user.yml index f1b7a0fc..fd8511e3 100644 --- a/tests/ansible/integration/connection/become_same_user.yml +++ b/tests/ansible/integration/connection/become_same_user.yml @@ -18,7 +18,8 @@ - out.result[0].method == "ssh" - out.result[0].kwargs.username == "joe" - out.result|length == 1 # no sudo - fail_msg: out={{out}} + fail_msg: | + out={{ out }} # Now try with a different account. @@ -34,7 +35,8 @@ - out.result[1].method == "sudo" - out.result[1].kwargs.username == "james" - out.result|length == 2 # no sudo - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - become_same_user - mitogen_only diff --git a/tests/ansible/integration/connection/disconnect_during_module.yml b/tests/ansible/integration/connection/disconnect_during_module.yml index 5aca75d0..3846d037 100644 --- a/tests/ansible/integration/connection/disconnect_during_module.yml +++ b/tests/ansible/integration/connection/disconnect_during_module.yml @@ -29,7 +29,8 @@ that: - out.rc == 4 - "'Mitogen was disconnected from the remote environment while a call was in-progress.' in out.stdout" - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - disconnect - disconnect_during_module diff --git a/tests/ansible/integration/connection/exec_command.yml b/tests/ansible/integration/connection/exec_command.yml index f0ec1c1b..3ac06506 100644 --- a/tests/ansible/integration/connection/exec_command.yml +++ b/tests/ansible/integration/connection/exec_command.yml @@ -16,6 +16,7 @@ - out.result[0] == 0 - out.result[1].decode() == "hello, world\r\n" - out.result[2].decode().startswith("Shared connection to ") - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - exec_command diff --git a/tests/ansible/integration/connection/reset.yml b/tests/ansible/integration/connection/reset.yml index f3ddb2c4..2d7a75d3 100644 --- a/tests/ansible/integration/connection/reset.yml +++ b/tests/ansible/integration/connection/reset.yml @@ -44,7 +44,11 @@ # sudo PID has changed. - out_become.ppid != out_become2.ppid - fail_msg: out={{out}} out2={{out2}} out_become={{out_become}} out_become2={{out_become2}} + fail_msg: | + out={{ out }} + out2={{ out2 }} + out_become={{ out_become }} + out_become2={{ out_become2 }} tags: - mitogen_only - reset diff --git a/tests/ansible/integration/connection/reset_become.yml b/tests/ansible/integration/connection/reset_become.yml index 003c375e..2548df17 100644 --- a/tests/ansible/integration/connection/reset_become.yml +++ b/tests/ansible/integration/connection/reset_become.yml @@ -27,7 +27,9 @@ assert: that: - become_acct.pid != login_acct.pid - fail_msg: become_acct={{become_acct}} login_acct={{login_acct}} + fail_msg: | + become_acct={{ become_acct }} + login_acct={{ login_acct }} - name: reset the connection meta: reset_connection @@ -40,7 +42,9 @@ assert: that: - become_acct.pid != new_become_acct.pid - fail_msg: become_acct={{become_acct}} new_become_acct={{new_become_acct}} + fail_msg: | + become_acct={{ become_acct }} + new_become_acct={{ new_become_acct }} - name: save new pid of login acct become: false @@ -51,6 +55,8 @@ assert: that: - login_acct.pid != new_login_acct.pid - fail_msg: login_acct={{login_acct}} new_login_acct={{new_login_acct}} + fail_msg: | + login_acct={{ login_acct }} + new_login_acct={{ new_login_acct }} tags: - reset_become diff --git a/tests/ansible/integration/connection_loader/local_blemished.yml b/tests/ansible/integration/connection_loader/local_blemished.yml index 1452abd2..56aefcbb 100644 --- a/tests/ansible/integration/connection_loader/local_blemished.yml +++ b/tests/ansible/integration/connection_loader/local_blemished.yml @@ -11,7 +11,8 @@ - assert: that: (not not out.mitogen_loaded) == (not not is_mitogen) - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - local - local_blemished diff --git a/tests/ansible/integration/connection_loader/paramiko_unblemished.yml b/tests/ansible/integration/connection_loader/paramiko_unblemished.yml index 74b3c743..dc9d346f 100644 --- a/tests/ansible/integration/connection_loader/paramiko_unblemished.yml +++ b/tests/ansible/integration/connection_loader/paramiko_unblemished.yml @@ -14,7 +14,8 @@ - assert: that: not out.mitogen_loaded - fail_msg: out={{out}} + fail_msg: | + out={{ out }} when: False tags: - paramiko diff --git a/tests/ansible/integration/connection_loader/ssh_blemished.yml b/tests/ansible/integration/connection_loader/ssh_blemished.yml index c019f208..0c7cfd3f 100644 --- a/tests/ansible/integration/connection_loader/ssh_blemished.yml +++ b/tests/ansible/integration/connection_loader/ssh_blemished.yml @@ -11,7 +11,8 @@ - assert: that: (not not out.mitogen_loaded) == (not not is_mitogen) - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - ssh - ssh_blemished diff --git a/tests/ansible/integration/context_service/reconnection.yml b/tests/ansible/integration/context_service/reconnection.yml index 5ab2309f..6fb605a2 100644 --- a/tests/ansible/integration/context_service/reconnection.yml +++ b/tests/ansible/integration/context_service/reconnection.yml @@ -31,6 +31,8 @@ - assert: that: - old_become_env.pid != new_become_env.pid - fail_msg: old_become_env={{old_become_env}} new_become_env={{new_become_env}} + fail_msg: | + old_become_env={{ old_become_env }} + new_become_env={{ new_become_env }} tags: - reconnection diff --git a/tests/ansible/integration/context_service/remote_name.yml b/tests/ansible/integration/context_service/remote_name.yml index 545d64b3..dbc02fab 100644 --- a/tests/ansible/integration/context_service/remote_name.yml +++ b/tests/ansible/integration/context_service/remote_name.yml @@ -17,7 +17,8 @@ - assert: that: - out.stdout is match('.*python([0-9.]+)?\(mitogen:[a-z]+@[^:]+:[0-9]+\)') - fail_msg: out={{out}} + fail_msg: | + out={{ out }} - name: Get cmdline, with mitogen_mask_remote_name shell: 'cat /proc/$PPID/cmdline | tr \\0 \\n' @@ -29,7 +30,8 @@ - assert: that: - out.stdout is match('.*python([0-9.]+)?\(mitogen:ansible\)') - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - mitogen_only - remote_name diff --git a/tests/ansible/integration/glibc_caches/resolv_conf.yml b/tests/ansible/integration/glibc_caches/resolv_conf.yml index 1b22b66c..4468884a 100644 --- a/tests/ansible/integration/glibc_caches/resolv_conf.yml +++ b/tests/ansible/integration/glibc_caches/resolv_conf.yml @@ -46,7 +46,8 @@ - out.failed - '"Name or service not known" in out.msg or "Temporary failure in name resolution" in out.msg' - fail_msg: out={{out}} + fail_msg: | + out={{ out }} when: - ansible_facts.virtualization_type == "docker" - ansible_facts.python.version_info[:2] >= [2, 5] diff --git a/tests/ansible/integration/interpreter_discovery/ansible_2_8_tests.yml b/tests/ansible/integration/interpreter_discovery/ansible_2_8_tests.yml index fc0d3cf7..eddca199 100644 --- a/tests/ansible/integration/interpreter_discovery/ansible_2_8_tests.yml +++ b/tests/ansible/integration/interpreter_discovery/ansible_2_8_tests.yml @@ -135,7 +135,8 @@ assert: that: - legacy.deprecations | default([]) | length > 0 - fail_msg: legacy={{legacy}} + fail_msg: | + legacy={{ legacy }} # only check for a dep warning if legacy returned /usr/bin/python and auto didn't when: - legacy.ansible_facts.discovered_interpreter_python == '/usr/bin/python' @@ -146,7 +147,8 @@ assert: that: - legacy.warnings | default([]) | length > 0 - fail_msg: legacy={{legacy}} + fail_msg: | + legacy={{ legacy }} # only check for a warning if legacy returned /usr/bin/python and auto didn't when: - legacy.ansible_facts.discovered_interpreter_python == '/usr/bin/python' @@ -168,7 +170,8 @@ that: - auto_silent_out.warnings is not defined - auto_silent_out.ansible_facts.discovered_interpreter_python == auto_out.ansible_facts.discovered_interpreter_python - fail_msg: auto_silent_out={{auto_silent_out}} + fail_msg: | + auto_silent_out={{ auto_silent_out }} - name: test that auto_legacy_silent never warns and got the same answer as auto_legacy @@ -186,7 +189,8 @@ that: - legacy_silent.warnings is not defined - legacy_silent.ansible_facts.discovered_interpreter_python == legacy.ansible_facts.discovered_interpreter_python - fail_msg: legacy_silent={{legacy_silent}} + fail_msg: | + legacy_silent={{ legacy_silent }} - name: ensure modules can't set discovered_interpreter_X or ansible_X_interpreter block: @@ -212,7 +216,7 @@ assert: that: - auto_out.ansible_facts.discovered_interpreter_python == discovered_interpreter_expected - fail_msg: >- + fail_msg: | distro={{ distro }} distro_major= {{ distro_major }} system={{ system }} diff --git a/tests/ansible/integration/local/cwd_preserved.yml b/tests/ansible/integration/local/cwd_preserved.yml index 70aec613..0b1ddef4 100644 --- a/tests/ansible/integration/local/cwd_preserved.yml +++ b/tests/ansible/integration/local/cwd_preserved.yml @@ -19,6 +19,7 @@ - assert: that: stat.stat.exists - fail_msg: stat={{stat}} + fail_msg: | + stat={{ stat }} tags: - cwd_prseserved diff --git a/tests/ansible/integration/module_utils/adjacent_to_playbook.yml b/tests/ansible/integration/module_utils/adjacent_to_playbook.yml index 40da94d0..42debea8 100644 --- a/tests/ansible/integration/module_utils/adjacent_to_playbook.yml +++ b/tests/ansible/integration/module_utils/adjacent_to_playbook.yml @@ -12,6 +12,7 @@ that: - out.external1_path == "ansible/integration/module_utils/module_utils/external1.py" - out.external2_path == "ansible/lib/module_utils/external2.py" - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - adjacent_to_playbook diff --git a/tests/ansible/integration/module_utils/from_config_path.yml b/tests/ansible/integration/module_utils/from_config_path.yml index f4d9186b..e6817e2e 100644 --- a/tests/ansible/integration/module_utils/from_config_path.yml +++ b/tests/ansible/integration/module_utils/from_config_path.yml @@ -11,6 +11,7 @@ that: - out.external1_path == "ansible/lib/module_utils/external1.py" - out.external2_path == "ansible/lib/module_utils/external2.py" - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - from_config_path diff --git a/tests/ansible/integration/module_utils/from_config_path_pkg.yml b/tests/ansible/integration/module_utils/from_config_path_pkg.yml index 3e81f10f..2742f0c4 100644 --- a/tests/ansible/integration/module_utils/from_config_path_pkg.yml +++ b/tests/ansible/integration/module_utils/from_config_path_pkg.yml @@ -10,6 +10,7 @@ - assert: that: - out.extmod_path == "ansible/lib/module_utils/externalpkg/extmod.py" - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - from_config_path diff --git a/tests/ansible/integration/module_utils/roles/modrole/tasks/main.yml b/tests/ansible/integration/module_utils/roles/modrole/tasks/main.yml index 7686cae7..5450028b 100644 --- a/tests/ansible/integration/module_utils/roles/modrole/tasks/main.yml +++ b/tests/ansible/integration/module_utils/roles/modrole/tasks/main.yml @@ -7,4 +7,5 @@ that: - out.external3_path == "integration/module_utils/roles/modrole/module_utils/external3.py" - out.external2_path == "integration/module_utils/roles/modrole/module_utils/external2.py" - fail_msg: out={{out}} + fail_msg: | + out={{ out }} diff --git a/tests/ansible/integration/module_utils/roles/overrides_modrole/tasks/main.yml b/tests/ansible/integration/module_utils/roles/overrides_modrole/tasks/main.yml index 11b1d8b9..fa20447f 100644 --- a/tests/ansible/integration/module_utils/roles/overrides_modrole/tasks/main.yml +++ b/tests/ansible/integration/module_utils/roles/overrides_modrole/tasks/main.yml @@ -6,4 +6,5 @@ - assert: that: - out.path == "ansible/integration/module_utils/roles/override_modrole/module_utils/known_hosts.py" - fail_msg: out={{out}} + fail_msg: | + out={{ out }} diff --git a/tests/ansible/integration/playbook_semantics/become_flags.yml b/tests/ansible/integration/playbook_semantics/become_flags.yml index 9c6c8d90..466fbbf5 100644 --- a/tests/ansible/integration/playbook_semantics/become_flags.yml +++ b/tests/ansible/integration/playbook_semantics/become_flags.yml @@ -13,7 +13,8 @@ - assert: that: "out.stdout == ''" - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - become_flags @@ -29,6 +30,7 @@ - assert: that: "out2.stdout == '2'" - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - become_flags diff --git a/tests/ansible/integration/playbook_semantics/environment.yml b/tests/ansible/integration/playbook_semantics/environment.yml index eea000bd..31c8f495 100644 --- a/tests/ansible/integration/playbook_semantics/environment.yml +++ b/tests/ansible/integration/playbook_semantics/environment.yml @@ -11,6 +11,7 @@ - assert: that: "result.stdout == '123'" - fail_msg: result={{result}} + fail_msg: | + result={{ result }} tags: - environment diff --git a/tests/ansible/integration/runner/_etc_environment_global.yml b/tests/ansible/integration/runner/_etc_environment_global.yml index 2d883d06..5446b427 100644 --- a/tests/ansible/integration/runner/_etc_environment_global.yml +++ b/tests/ansible/integration/runner/_etc_environment_global.yml @@ -12,7 +12,8 @@ - assert: that: echo.stdout == "" - fail_msg: echo={{echo}} + fail_msg: | + echo={{ echo }} - name: Create /etc/environment copy: @@ -32,7 +33,8 @@ - assert: that: echo.stdout == "555" - fail_msg: echo={{echo}} + fail_msg: | + echo={{ echo }} - name: Cleanup /etc/environment file: @@ -51,4 +53,5 @@ - assert: that: echo.stdout == "" - fail_msg: echo={{echo}} + fail_msg: | + echo={{ echo }} diff --git a/tests/ansible/integration/runner/_etc_environment_user.yml b/tests/ansible/integration/runner/_etc_environment_user.yml index 939ee8dc..9a4abe97 100644 --- a/tests/ansible/integration/runner/_etc_environment_user.yml +++ b/tests/ansible/integration/runner/_etc_environment_user.yml @@ -10,7 +10,8 @@ - assert: that: echo.stdout == "" - fail_msg: echo={{echo}} + fail_msg: | + echo={{ echo }} - name: Copy pam_environment copy: @@ -23,7 +24,8 @@ - assert: that: echo.stdout == "321" - fail_msg: echo={{echo}} + fail_msg: | + echo={{ echo }} - name: Cleanup pam_environment file: @@ -35,4 +37,5 @@ - assert: that: echo.stdout == "" - fail_msg: echo={{echo}} + fail_msg: | + echo={{ echo }} diff --git a/tests/ansible/integration/runner/atexit.yml b/tests/ansible/integration/runner/atexit.yml index 75509877..144cfd85 100644 --- a/tests/ansible/integration/runner/atexit.yml +++ b/tests/ansible/integration/runner/atexit.yml @@ -25,6 +25,7 @@ - assert: that: - not out.stat.exists - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - atexit diff --git a/tests/ansible/integration/runner/builtin_command_module.yml b/tests/ansible/integration/runner/builtin_command_module.yml index 06e058cd..0de43648 100644 --- a/tests/ansible/integration/runner/builtin_command_module.yml +++ b/tests/ansible/integration/runner/builtin_command_module.yml @@ -16,6 +16,7 @@ out.results[0].item == '1' and out.results[0].rc == 0 and (out.results[0].stdout == ansible_nodename) - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - builtin_command_module diff --git a/tests/ansible/integration/runner/crashy_new_style_module.yml b/tests/ansible/integration/runner/crashy_new_style_module.yml index 77f45861..3fb1a722 100644 --- a/tests/ansible/integration/runner/crashy_new_style_module.yml +++ b/tests/ansible/integration/runner/crashy_new_style_module.yml @@ -22,6 +22,7 @@ - (out.module_stdout == "" and out.module_stderr is search(tb_pattern)) or (out.module_stdout is search(tb_pattern) and out.module_stderr is match("Shared connection to localhost closed.")) - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - crashy_new_style_module diff --git a/tests/ansible/integration/runner/custom_bash_hashbang_argument.yml b/tests/ansible/integration/runner/custom_bash_hashbang_argument.yml index 82535d56..34a60e61 100644 --- a/tests/ansible/integration/runner/custom_bash_hashbang_argument.yml +++ b/tests/ansible/integration/runner/custom_bash_hashbang_argument.yml @@ -22,6 +22,7 @@ (not out.results[0].changed) and out.results[0].msg == 'Here is my input' and out.results[0].run_via_env == "yes" - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - custom_bash_hashbang_argument diff --git a/tests/ansible/integration/runner/custom_bash_old_style_module.yml b/tests/ansible/integration/runner/custom_bash_old_style_module.yml index 81ab5d07..ce7a8a88 100644 --- a/tests/ansible/integration/runner/custom_bash_old_style_module.yml +++ b/tests/ansible/integration/runner/custom_bash_old_style_module.yml @@ -12,6 +12,7 @@ (not out.changed) and (not out.results[0].changed) and out.results[0].msg == 'Here is my input' - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - custom_bash_old_style_module diff --git a/tests/ansible/integration/runner/custom_bash_want_json_module.yml b/tests/ansible/integration/runner/custom_bash_want_json_module.yml index 24d9a064..5328c0cc 100644 --- a/tests/ansible/integration/runner/custom_bash_want_json_module.yml +++ b/tests/ansible/integration/runner/custom_bash_want_json_module.yml @@ -11,6 +11,7 @@ (not out.changed) and (not out.results[0].changed) and out.results[0].msg == 'Here is my input' - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - custom_bash_want_json_module diff --git a/tests/ansible/integration/runner/custom_binary_producing_json.yml b/tests/ansible/integration/runner/custom_binary_producing_json.yml index 4c6e2468..183982aa 100644 --- a/tests/ansible/integration/runner/custom_binary_producing_json.yml +++ b/tests/ansible/integration/runner/custom_binary_producing_json.yml @@ -23,6 +23,7 @@ out.changed and out.results[0].changed and out.results[0].msg == 'Hello, world.' - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - custom_binary_producing_json diff --git a/tests/ansible/integration/runner/custom_binary_producing_junk.yml b/tests/ansible/integration/runner/custom_binary_producing_junk.yml index c2fb7ccd..2a05fb75 100644 --- a/tests/ansible/integration/runner/custom_binary_producing_junk.yml +++ b/tests/ansible/integration/runner/custom_binary_producing_junk.yml @@ -31,6 +31,7 @@ - out.results[0].failed - out.results[0].msg.startswith('MODULE FAILURE') - out.results[0].rc == 0 - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - custom_binary_producing_junk diff --git a/tests/ansible/integration/runner/custom_binary_single_null.yml b/tests/ansible/integration/runner/custom_binary_single_null.yml index a666ad68..cfd401f8 100644 --- a/tests/ansible/integration/runner/custom_binary_single_null.yml +++ b/tests/ansible/integration/runner/custom_binary_single_null.yml @@ -28,7 +28,8 @@ 'custom_binary_single_null: cannot execute binary file: Exec format error\r\n', )) or (ansible_facts.distribution == 'Ubuntu' and ansible_facts.distribution_version == '16.04') - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - custom_binary_single_null diff --git a/tests/ansible/integration/runner/custom_perl_json_args_module.yml b/tests/ansible/integration/runner/custom_perl_json_args_module.yml index 76ead985..a34b6b75 100644 --- a/tests/ansible/integration/runner/custom_perl_json_args_module.yml +++ b/tests/ansible/integration/runner/custom_perl_json_args_module.yml @@ -10,13 +10,15 @@ that: - out.results[0].input.foo - out.results[0].message == 'I am a perl script! Here is my input.' - fail_msg: out={{out}} + fail_msg: | + out={{ out }} - assert: that: - (not out.changed) - (not out.results[0].changed) - fail_msg: out={{out}} + fail_msg: | + out={{ out }} when: - ansible_version.full is version('2.4', '>=', strict=True) tags: diff --git a/tests/ansible/integration/runner/custom_perl_want_json_module.yml b/tests/ansible/integration/runner/custom_perl_want_json_module.yml index 2e520329..28ad7f7f 100644 --- a/tests/ansible/integration/runner/custom_perl_want_json_module.yml +++ b/tests/ansible/integration/runner/custom_perl_want_json_module.yml @@ -10,13 +10,15 @@ that: - out.results[0].input.foo - out.results[0].message == 'I am a want JSON perl script! Here is my input.' - fail_msg: out={{out}} + fail_msg: | + out={{ out }} - assert: that: - (not out.changed) - (not out.results[0].changed) - fail_msg: out={{out}} + fail_msg: | + out={{ out }} when: - ansible_version.full is version('2.4', '>=', strict=True) tags: diff --git a/tests/ansible/integration/runner/custom_python_json_args_module.yml b/tests/ansible/integration/runner/custom_python_json_args_module.yml index d72ff0fa..b8b0cc8d 100644 --- a/tests/ansible/integration/runner/custom_python_json_args_module.yml +++ b/tests/ansible/integration/runner/custom_python_json_args_module.yml @@ -12,6 +12,7 @@ (not out.results[0].changed) and out.results[0].input[0].foo and out.results[0].msg == 'Here is my input' - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - custom_python_json_args_module diff --git a/tests/ansible/integration/runner/custom_python_new_style_missing_interpreter.yml b/tests/ansible/integration/runner/custom_python_new_style_missing_interpreter.yml index 279735c9..ebf23c3d 100644 --- a/tests/ansible/integration/runner/custom_python_new_style_missing_interpreter.yml +++ b/tests/ansible/integration/runner/custom_python_new_style_missing_interpreter.yml @@ -18,7 +18,8 @@ # Random breaking interface change since 2.7.x #- "out.results[0].input[0].ANSIBLE_MODULE_ARGS.foo" - "out.results[0].msg == 'Here is my input'" - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - custom_python_new_style_module - mitogen_only diff --git a/tests/ansible/integration/runner/custom_python_new_style_module.yml b/tests/ansible/integration/runner/custom_python_new_style_module.yml index 33207282..9fe2af9c 100644 --- a/tests/ansible/integration/runner/custom_python_new_style_module.yml +++ b/tests/ansible/integration/runner/custom_python_new_style_module.yml @@ -17,7 +17,8 @@ # Random breaking interface change since 2.7.x #- "out.results[0].input[0].ANSIBLE_MODULE_ARGS.foo" - "out.results[0].msg == 'Here is my input'" - fail_msg: out={{out}} + fail_msg: | + out={{ out }} # Verify sys.argv is not Unicode. - custom_python_detect_environment: @@ -26,7 +27,8 @@ - assert: that: - out.argv_types_correct - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - custom_python_new_style_module - mitogen_only diff --git a/tests/ansible/integration/runner/custom_python_prehistoric_module.yml b/tests/ansible/integration/runner/custom_python_prehistoric_module.yml index 4ccdc9d5..d44565d8 100644 --- a/tests/ansible/integration/runner/custom_python_prehistoric_module.yml +++ b/tests/ansible/integration/runner/custom_python_prehistoric_module.yml @@ -14,7 +14,8 @@ - assert: that: out.ok - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - custom_python_prehistoric_module - mitogen_only diff --git a/tests/ansible/integration/runner/custom_python_want_json_module.yml b/tests/ansible/integration/runner/custom_python_want_json_module.yml index a9bbd5b2..fa4bc72f 100644 --- a/tests/ansible/integration/runner/custom_python_want_json_module.yml +++ b/tests/ansible/integration/runner/custom_python_want_json_module.yml @@ -12,6 +12,7 @@ (not out.results[0].changed) and out.results[0].input[0].foo and out.results[0].msg == 'Here is my input' - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - custom_python_want_json_module diff --git a/tests/ansible/integration/runner/custom_script_interpreter.yml b/tests/ansible/integration/runner/custom_script_interpreter.yml index 9849912e..56f2fbe5 100644 --- a/tests/ansible/integration/runner/custom_script_interpreter.yml +++ b/tests/ansible/integration/runner/custom_script_interpreter.yml @@ -14,6 +14,7 @@ (not out.changed) and (not out.results[0].changed) and out.results[0].msg == 'Here is my input' - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - custom_script_interpreter diff --git a/tests/ansible/integration/runner/environment_isolation.yml b/tests/ansible/integration/runner/environment_isolation.yml index b195a469..fcdf1de2 100644 --- a/tests/ansible/integration/runner/environment_isolation.yml +++ b/tests/ansible/integration/runner/environment_isolation.yml @@ -9,7 +9,8 @@ register: out - assert: that: not out.env.evil_key is defined - fail_msg: out={{out}} + fail_msg: | + out={{ out }} - name: Verify custom env setting is cleared, with evil_key shell: echo 'hi' environment: @@ -19,14 +20,16 @@ register: out - assert: that: not out.env.evil_key is defined - fail_msg: out={{out}} + fail_msg: | + out={{ out }} - name: Verify non-explicit module env mutations are cleared, control custom_python_detect_environment: register: out - assert: that: not out.env.evil_key is defined - fail_msg: out={{out}} + fail_msg: | + out={{ out }} - name: Verify non-explicit module env mutations are cleared, mutate evil_key custom_python_modify_environ: key: evil_key @@ -36,6 +39,7 @@ register: out - assert: that: not out.env.evil_key is defined - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - environment_isolation diff --git a/tests/ansible/integration/runner/forking_active.yml b/tests/ansible/integration/runner/forking_active.yml index 97ffcc69..819142bd 100644 --- a/tests/ansible/integration/runner/forking_active.yml +++ b/tests/ansible/integration/runner/forking_active.yml @@ -25,7 +25,10 @@ that: - fork_proc1.pid != sync_proc1.pid - fork_proc1.pid != fork_proc2.pid - fail_msg: fork_proc1={{fork_proc1}} sync_proc1={{sync_proc1}} fork_proc2={{fork_proc2}} + fail_msg: | + fork_proc1={{ fork_proc1 }} + sync_proc1={{ sync_proc1 }} + fork_proc2={{ fork_proc2 }} tags: - forking_active diff --git a/tests/ansible/integration/runner/forking_correct_parent.yml b/tests/ansible/integration/runner/forking_correct_parent.yml index 8732627a..ffe1241b 100644 --- a/tests/ansible/integration/runner/forking_correct_parent.yml +++ b/tests/ansible/integration/runner/forking_correct_parent.yml @@ -29,17 +29,23 @@ - assert: that: - fork_proc.pid != regular_proc.pid - fail_msg: fork_proc={{fork_proc}} regular_proc={{regular_proc}} + fail_msg: | + fork_proc={{ fork_proc }} + regular_proc={{ regular_proc }} - assert: that: fork_proc.ppid != regular_proc.pid - fail_msg: fork_proc={{fork_proc}} regular_proc={{regular_proc}} + fail_msg: | + fork_proc={{ fork_proc }} + regular_proc={{ regular_proc }} when: - forkmode.uses_fork - assert: that: fork_proc.ppid == regular_proc.pid - fail_msg: fork_proc={{fork_proc}} regular_proc={{regular_proc}} + fail_msg: | + fork_proc={{ fork_proc }} + regular_proc={{ regular_proc }} when: - not forkmode.uses_fork diff --git a/tests/ansible/integration/runner/forking_inactive.yml b/tests/ansible/integration/runner/forking_inactive.yml index b781aa74..38fd5045 100644 --- a/tests/ansible/integration/runner/forking_inactive.yml +++ b/tests/ansible/integration/runner/forking_inactive.yml @@ -16,7 +16,9 @@ - assert: that: - sync_proc1.pid == sync_proc2.pid - fail_msg: sync_proc1={{sync_proc1}} sync_proc2={{sync_proc2}} + fail_msg: | + sync_proc1={{ sync_proc1 }} + sync_proc2={{ sync_proc2 }} tags: - forking_inactive diff --git a/tests/ansible/integration/runner/missing_module.yml b/tests/ansible/integration/runner/missing_module.yml index d7261463..e074c524 100644 --- a/tests/ansible/integration/runner/missing_module.yml +++ b/tests/ansible/integration/runner/missing_module.yml @@ -23,7 +23,8 @@ - assert: that: | 'The module missing_module was not found in configured module paths' in out.stdout - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - local - missing_module diff --git a/tests/ansible/integration/ssh/config.yml b/tests/ansible/integration/ssh/config.yml index c4fedc33..eb804f76 100644 --- a/tests/ansible/integration/ssh/config.yml +++ b/tests/ansible/integration/ssh/config.yml @@ -16,7 +16,8 @@ out.result[0].kwargs.identity_file == ( lookup('env', 'HOME') + '/fakekey' ) - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - config - mitogen_only diff --git a/tests/ansible/integration/ssh/password.yml b/tests/ansible/integration/ssh/password.yml index 9b7dcf8a..21ab6f15 100644 --- a/tests/ansible/integration/ssh/password.yml +++ b/tests/ansible/integration/ssh/password.yml @@ -31,7 +31,8 @@ - assert: that: - ssh_no_password_result.unreachable == True - fail_msg: ssh_no_password_result={{ ssh_no_password_result }} + fail_msg: | + ssh_no_password_result={{ ssh_no_password_result }} - meta: reset_connection - name: ansible_ssh_pass should override ansible_password @@ -63,4 +64,5 @@ - assert: that: - ssh_wrong_password_result.unreachable == True - fail_msg: ssh_wrong_password_result={{ ssh_wrong_password_result }} + fail_msg: | + ssh_wrong_password_result={{ ssh_wrong_password_result }} diff --git a/tests/ansible/integration/ssh/timeouts.yml b/tests/ansible/integration/ssh/timeouts.yml index 09ac0006..ec5aed05 100644 --- a/tests/ansible/integration/ssh/timeouts.yml +++ b/tests/ansible/integration/ssh/timeouts.yml @@ -40,7 +40,8 @@ '"unreachable": true' in out.stdout - | '"msg": "Connection timed out."' in out.stdout - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - mitogen_only - timeouts diff --git a/tests/ansible/integration/ssh/variables.yml b/tests/ansible/integration/ssh/variables.yml index 9f5b16bc..541b29f9 100644 --- a/tests/ansible/integration/ssh/variables.yml +++ b/tests/ansible/integration/ssh/variables.yml @@ -57,6 +57,7 @@ - assert: that: - out.rc == 4 # ansible.executor.task_queue_manager.TaskQueueManager.RUN_UNREACHABLE_HOSTS - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - mitogen_only diff --git a/tests/ansible/integration/strategy/_mixed_mitogen_vanilla.yml b/tests/ansible/integration/strategy/_mixed_mitogen_vanilla.yml index e4df9378..e388b7dd 100644 --- a/tests/ansible/integration/strategy/_mixed_mitogen_vanilla.yml +++ b/tests/ansible/integration/strategy/_mixed_mitogen_vanilla.yml @@ -10,12 +10,14 @@ register: out - assert: that: out.mitogen_loaded - fail_msg: out={{out}} + fail_msg: | + out={{ out }} - determine_strategy: - assert: that: strategy == 'ansible.plugins.strategy.mitogen_linear.StrategyModule' - fail_msg: strategy={{strategy}} + fail_msg: | + strategy={{ strategy }} tags: - mitogen_linear @@ -27,12 +29,14 @@ register: out - assert: that: not out.mitogen_loaded - fail_msg: out={{out}} + fail_msg: | + out={{ out }} - determine_strategy: - assert: that: strategy == 'ansible.plugins.strategy.linear.StrategyModule' - fail_msg: strategy={{strategy}} + fail_msg: | + strategy={{ strategy }} tags: - linear @@ -44,11 +48,13 @@ register: out - assert: that: out.mitogen_loaded - fail_msg: out={{out}} + fail_msg: | + out={{ out }} - determine_strategy: - assert: that: strategy == 'ansible.plugins.strategy.mitogen_linear.StrategyModule' - fail_msg: strategy={{strategy}} + fail_msg: | + strategy={{ strategy }} tags: - mitogen_linear diff --git a/tests/ansible/integration/strategy/_mixed_vanilla_mitogen.yml b/tests/ansible/integration/strategy/_mixed_vanilla_mitogen.yml index d2bdfdb8..2dbb22ed 100644 --- a/tests/ansible/integration/strategy/_mixed_vanilla_mitogen.yml +++ b/tests/ansible/integration/strategy/_mixed_vanilla_mitogen.yml @@ -9,12 +9,14 @@ register: out - assert: that: not out.mitogen_loaded - fail_msg: out={{out}} + fail_msg: | + out={{ out }} - determine_strategy: - assert: that: strategy == 'ansible.plugins.strategy.linear.StrategyModule' - fail_msg: strategy={{strategy}} + fail_msg: | + strategy={{ strategy }} tags: - linear @@ -26,12 +28,14 @@ register: out - assert: that: out.mitogen_loaded - fail_msg: out={{out}} + fail_msg: | + out={{ out }} - determine_strategy: - assert: that: strategy == 'ansible.plugins.strategy.mitogen_linear.StrategyModule' - fail_msg: strategy={{strategy}} + fail_msg: | + strategy={{ strategy }} tags: - mitogen_linear @@ -43,11 +47,13 @@ register: out - assert: that: not out.mitogen_loaded - fail_msg: out={{out}} + fail_msg: | + out={{ out }} - determine_strategy: - assert: that: strategy == 'ansible.plugins.strategy.linear.StrategyModule' - fail_msg: strategy={{strategy}} + fail_msg: | + strategy={{ strategy }} tags: - linear diff --git a/tests/ansible/integration/stub_connections/kubectl.yml b/tests/ansible/integration/stub_connections/kubectl.yml index 13e522d2..4ee00e39 100644 --- a/tests/ansible/integration/stub_connections/kubectl.yml +++ b/tests/ansible/integration/stub_connections/kubectl.yml @@ -18,7 +18,8 @@ - assert: that: - out.env.THIS_IS_STUB_KUBECTL == '1' - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - kubectl - mitogen_only diff --git a/tests/ansible/integration/stub_connections/lxc.yml b/tests/ansible/integration/stub_connections/lxc.yml index 3f1a2282..eba808fc 100644 --- a/tests/ansible/integration/stub_connections/lxc.yml +++ b/tests/ansible/integration/stub_connections/lxc.yml @@ -14,7 +14,8 @@ - assert: that: - out.env.THIS_IS_STUB_LXC_ATTACH == '1' - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - lxc - mitogen_only diff --git a/tests/ansible/integration/stub_connections/lxd.yml b/tests/ansible/integration/stub_connections/lxd.yml index fd811fb7..c1825d73 100644 --- a/tests/ansible/integration/stub_connections/lxd.yml +++ b/tests/ansible/integration/stub_connections/lxd.yml @@ -14,7 +14,8 @@ - assert: that: - out.env.THIS_IS_STUB_LXC == '1' - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - lxd - mitogen_only diff --git a/tests/ansible/integration/stub_connections/mitogen_doas.yml b/tests/ansible/integration/stub_connections/mitogen_doas.yml index a8b77edd..c1bf991a 100644 --- a/tests/ansible/integration/stub_connections/mitogen_doas.yml +++ b/tests/ansible/integration/stub_connections/mitogen_doas.yml @@ -17,7 +17,8 @@ that: - out.env.THIS_IS_STUB_DOAS == '1' - (out.env.ORIGINAL_ARGV|from_json)[1:3] == ['-u', 'someuser'] - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - mitogen_doas - mitogen_only diff --git a/tests/ansible/integration/stub_connections/mitogen_sudo.yml b/tests/ansible/integration/stub_connections/mitogen_sudo.yml index bcf0f22f..3634dd21 100644 --- a/tests/ansible/integration/stub_connections/mitogen_sudo.yml +++ b/tests/ansible/integration/stub_connections/mitogen_sudo.yml @@ -15,7 +15,8 @@ - assert: that: out.env.THIS_IS_STUB_SUDO == '1' - fail_msg: out={{out}} + fail_msg: | + out={{ out }} - assert_equal: left: (out.env.ORIGINAL_ARGV|from_json)[1:9] diff --git a/tests/ansible/integration/stub_connections/setns_lxc.yml b/tests/ansible/integration/stub_connections/setns_lxc.yml index f8d6bfc5..58744a52 100644 --- a/tests/ansible/integration/stub_connections/setns_lxc.yml +++ b/tests/ansible/integration/stub_connections/setns_lxc.yml @@ -32,7 +32,8 @@ - assert: that: result.rc == 0 - fail_msg: result={{result}} + fail_msg: | + result={{ result }} tags: - stns_lxc - mitogen_only diff --git a/tests/ansible/integration/stub_connections/setns_lxd.yml b/tests/ansible/integration/stub_connections/setns_lxd.yml index 5aba96c5..dd9fbe63 100644 --- a/tests/ansible/integration/stub_connections/setns_lxd.yml +++ b/tests/ansible/integration/stub_connections/setns_lxd.yml @@ -32,7 +32,8 @@ - assert: that: result.rc == 0 - fail_msg: result={{result}} + fail_msg: | + result={{ result }} tags: - mitogen_only - sens_lxd diff --git a/tests/ansible/integration/transport/kubectl.yml b/tests/ansible/integration/transport/kubectl.yml index 4dac2d02..b7eae864 100644 --- a/tests/ansible/integration/transport/kubectl.yml +++ b/tests/ansible/integration/transport/kubectl.yml @@ -74,7 +74,8 @@ register: _ - assert: { that: "'Python 3' in _.stdout" } - fail_msg: _={{_}} + fail_msg: | + _={{ _ }} - debug: var=_.stdout,_.stderr run_once: yes @@ -84,7 +85,8 @@ register: _ - assert: { that: "'Python 2' in _.stderr" } - fail_msg: _={{_}} + fail_msg: | + _={{ _ }} - debug: var=_.stdout,_.stderr run_once: yes @@ -117,7 +119,8 @@ - assert: that: "'Python 3' in _.stdout" - fail_msg: _={{_}} + fail_msg: | + _={{ _ }} - debug: var=_.stdout,_.stderr run_once: yes @@ -128,7 +131,8 @@ - assert: that: "'Python 2' in _.stderr" - fail_msg: _={{_}} + fail_msg: | + _={{ _ }} - debug: var=_.stdout,_.stderr run_once: yes diff --git a/tests/ansible/integration/transport_config/become.yml b/tests/ansible/integration/transport_config/become.yml index 4d9f54f0..968d5e51 100644 --- a/tests/ansible/integration/transport_config/become.yml +++ b/tests/ansible/integration/transport_config/become.yml @@ -12,7 +12,8 @@ - out.result|length == 1 - out.result[0].method == "ssh" - out.result[0].kwargs.username == "ansible-cfg-remote-user" - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - mitogen_only @@ -32,7 +33,8 @@ - out.result[2].method == "ssh" - out.result[2].kwargs.hostname == "tc-become-unset" - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - mitogen_only @@ -52,7 +54,8 @@ - out.result[0].kwargs.username == "ansible-cfg-remote-user" - out.result[1].method == "sudo" - out.result[1].kwargs.username == "becomeuser" - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - mitogen_only @@ -75,6 +78,7 @@ - out.result[2].method == "sudo" - out.result[2].kwargs.username == "becomeuser" - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - mitogen_only diff --git a/tests/ansible/integration/transport_config/become_method.yml b/tests/ansible/integration/transport_config/become_method.yml index ffe5a54d..d6250314 100644 --- a/tests/ansible/integration/transport_config/become_method.yml +++ b/tests/ansible/integration/transport_config/become_method.yml @@ -13,7 +13,8 @@ - out.result|length == 2 - out.result[0].method == "ssh" - out.result[1].method == "sudo" - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - mitogen_only @@ -30,7 +31,8 @@ - out.result[1].kwargs.username == "becomeuser" - out.result[2].method == "ssh" - out.result[2].kwargs.hostname == "tc-become-method-unset" - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - mitogen_only @@ -48,7 +50,8 @@ - out.result[0].method == "ssh" - out.result[1].method == "su" - out.result[1].kwargs.username == "becomeuser" - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - mitogen_only @@ -70,7 +73,8 @@ - out.result[2].method == "su" - out.result[2].kwargs.username == "becomeuser" - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - mitogen_only @@ -93,6 +97,7 @@ - out.result[2].method == "ssh" - out.result[2].kwargs.hostname == "tc-become-method-unset" - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - mitogen_only diff --git a/tests/ansible/integration/transport_config/become_pass.yml b/tests/ansible/integration/transport_config/become_pass.yml index b9bf1a8e..c6b0fe72 100644 --- a/tests/ansible/integration/transport_config/become_pass.yml +++ b/tests/ansible/integration/transport_config/become_pass.yml @@ -14,7 +14,8 @@ - out.result[0].method == "ssh" - out.result[1].method == "sudo" - out.result[1].kwargs.password == None - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - mitogen_only @@ -32,7 +33,8 @@ - out.result[1].method == "ssh" - out.result[2].method == "sudo" - out.result[2].kwargs.password == None - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - mitogen_only @@ -52,7 +54,8 @@ - out.result[2].method == "ssh" - out.result[3].method == "sudo" - out.result[3].kwargs.password == None - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - mitogen_only @@ -69,7 +72,8 @@ - out.result[0].method == "ssh" - out.result[1].method == "sudo" - out.result[1].kwargs.password == "apassword" - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - mitogen_only @@ -90,7 +94,8 @@ - out.result[2].method == "ssh" - out.result[3].method == "sudo" - out.result[3].kwargs.password == "apassword" - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - mitogen_only @@ -107,7 +112,8 @@ - out.result[0].method == "ssh" - out.result[1].method == "sudo" - out.result[1].kwargs.password == "apass" - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - mitogen_only @@ -128,7 +134,8 @@ - out.result[2].method == "ssh" - out.result[3].method == "sudo" - out.result[3].kwargs.password == "apass" - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - mitogen_only @@ -147,7 +154,8 @@ # Ansible >= 2.9.2 prioritises ansible_become_pass. # https://github.com/ansible/ansible/commit/480b106d6535978ae6ecab68b40942ca4fa914a0 - out.result[1].kwargs.password == "bpass" - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - mitogen_only @@ -165,6 +173,7 @@ - out.result[1].method == "sudo" - out.result[1].kwargs.password == "bpass" - out.result[2].method == "ssh" - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - mitogen_only diff --git a/tests/ansible/integration/transport_config/become_user.yml b/tests/ansible/integration/transport_config/become_user.yml index 0e30dfe2..59dbe2a9 100644 --- a/tests/ansible/integration/transport_config/become_user.yml +++ b/tests/ansible/integration/transport_config/become_user.yml @@ -14,7 +14,8 @@ - out.result[0].method == "ssh" - out.result[1].method == "sudo" - out.result[1].kwargs.username == "root" - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - mitogen_only @@ -32,7 +33,8 @@ - out.result[1].method == "ssh" - out.result[2].method == "sudo" - out.result[2].kwargs.username == "root" - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - mitogen_only @@ -52,7 +54,8 @@ - out.result[2].method == "ssh" - out.result[3].method == "sudo" - out.result[3].kwargs.username == "root" - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - mitogen_only @@ -69,7 +72,8 @@ - out.result[0].method == "ssh" - out.result[1].method == "sudo" - out.result[1].kwargs.username == "ansi-become-user" - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - mitogen_only @@ -92,7 +96,8 @@ - out.result[2].method == "sudo" - out.result[2].kwargs.username == "ansi-become-user" - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - mitogen_only @@ -118,7 +123,8 @@ - out.result[3].method == "sudo" - out.result[3].kwargs.username == "ansi-become-user" - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - mitogen_only diff --git a/tests/ansible/integration/transport_config/host_key_checking.yml b/tests/ansible/integration/transport_config/host_key_checking.yml index b15e36b1..5f9c7e3a 100644 --- a/tests/ansible/integration/transport_config/host_key_checking.yml +++ b/tests/ansible/integration/transport_config/host_key_checking.yml @@ -10,7 +10,8 @@ - out.result | length == 1 - out.result[0].method == "ssh" - out.result[0].kwargs.check_host_keys == "ignore" - fail_msg: out={{ out }} + fail_msg: | + out={{ out }} tags: - mitogen_only @@ -27,7 +28,8 @@ - out.result[0].kwargs.check_host_keys == "enforce" - out.result[1].method == "ssh" - out.result[1].kwargs.check_host_keys == "ignore" - fail_msg: out={{ out }} + fail_msg: | + out={{ out }} tags: - mitogen_only @@ -41,7 +43,8 @@ - out.result | length == 1 - out.result[0].method == "ssh" - out.result[0].kwargs.check_host_keys == "enforce" - fail_msg: out={{ out }} + fail_msg: | + out={{ out }} tags: - mitogen_only @@ -58,7 +61,8 @@ - out.result[0].kwargs.check_host_keys == "ignore" - out.result[1].method == "ssh" - out.result[1].kwargs.check_host_keys == "enforce" - fail_msg: out={{ out }} + fail_msg: | + out={{ out }} tags: - mitogen_only @@ -72,7 +76,8 @@ - out.result | length == 1 - out.result[0].method == "ssh" - out.result[0].kwargs.check_host_keys == "enforce" - fail_msg: out={{ out }} + fail_msg: | + out={{ out }} tags: - mitogen_only @@ -89,6 +94,7 @@ - out.result[0].kwargs.check_host_keys == "ignore" - out.result[1].method == "ssh" - out.result[1].kwargs.check_host_keys == "enforce" - fail_msg: out={{ out }} + fail_msg: | + out={{ out }} tags: - mitogen_only diff --git a/tests/ansible/integration/transport_config/port.yml b/tests/ansible/integration/transport_config/port.yml index c8e6bdae..1b8e04a0 100644 --- a/tests/ansible/integration/transport_config/port.yml +++ b/tests/ansible/integration/transport_config/port.yml @@ -12,7 +12,8 @@ - out.result|length == 1 - out.result[0].method == "ssh" - out.result[0].kwargs.port == None - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - mitogen_only @@ -29,7 +30,8 @@ - out.result[0].kwargs.port == None - out.result[1].method == "ssh" - out.result[1].kwargs.port == 4321 - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - mitogen_only @@ -43,7 +45,8 @@ - out.result|length == 1 - out.result[0].method == "ssh" - out.result[0].kwargs.port == 4321 - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - mitogen_only @@ -59,7 +62,8 @@ - out.result[0].kwargs.port == 4321 - out.result[1].method == "ssh" - out.result[1].kwargs.port == None - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - mitogen_only @@ -73,7 +77,8 @@ - out.result|length == 1 - out.result[0].method == "ssh" - out.result[0].kwargs.port == 1234 - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - mitogen_only @@ -89,7 +94,8 @@ - out.result[0].kwargs.port == 1234 - out.result[1].method == "ssh" - out.result[1].kwargs.port == None - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - mitogen_only @@ -104,7 +110,8 @@ - out.result|length == 1 - out.result[0].method == "ssh" - out.result[0].kwargs.port == 1532 - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - mitogen_only @@ -120,6 +127,7 @@ - out.result[0].kwargs.port == 1532 - out.result[1].method == "ssh" - out.result[1].kwargs.port == None - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - mitogen_only diff --git a/tests/ansible/regression/issue_109__target_has_old_ansible_installed.yml b/tests/ansible/regression/issue_109__target_has_old_ansible_installed.yml index e6677e2d..064832ec 100644 --- a/tests/ansible/regression/issue_109__target_has_old_ansible_installed.yml +++ b/tests/ansible/regression/issue_109__target_has_old_ansible_installed.yml @@ -25,7 +25,8 @@ that: - env.cwd == ansible_user_dir - (not env.mitogen_loaded) or (env.python_path.count("") == 1) - fail_msg: env={{env}} + fail_msg: | + env={{ env }} - name: Run some new-style from ansible.module_utils... modules stat: diff --git a/tests/ansible/regression/issue_113__duplicate_module_imports.yml b/tests/ansible/regression/issue_113__duplicate_module_imports.yml index 4975a07c..8ae9fdea 100644 --- a/tests/ansible/regression/issue_113__duplicate_module_imports.yml +++ b/tests/ansible/regression/issue_113__duplicate_module_imports.yml @@ -20,7 +20,8 @@ that: - out.status == -1 - out.url == 'http://127.0.0.1:14321/post' - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - issue_113 diff --git a/tests/ansible/regression/issue_152__local_action_wrong_interpreter.yml b/tests/ansible/regression/issue_152__local_action_wrong_interpreter.yml index dd86775d..aafcfad4 100644 --- a/tests/ansible/regression/issue_152__local_action_wrong_interpreter.yml +++ b/tests/ansible/regression/issue_152__local_action_wrong_interpreter.yml @@ -24,7 +24,8 @@ - assert: that: - out.env.CUSTOM_INTERPRETER == "1" - fail_msg: out={{out}} + fail_msg: | + out={{ out }} - name: Cleanup /tmp/issue_152_interpreter.sh file: diff --git a/tests/ansible/regression/issue_152__virtualenv_python_fails.yml b/tests/ansible/regression/issue_152__virtualenv_python_fails.yml index e0439fdd..43b00de5 100644 --- a/tests/ansible/regression/issue_152__virtualenv_python_fails.yml +++ b/tests/ansible/regression/issue_152__virtualenv_python_fails.yml @@ -35,7 +35,8 @@ assert: that: - out.sys_executable in expected_executables - fail_msg: out={{out}} + fail_msg: | + out={{ out }} when: - lout.python.version.full is version('2.7', '>=', strict=True) diff --git a/tests/ansible/regression/issue_154__module_state_leaks.yml b/tests/ansible/regression/issue_154__module_state_leaks.yml index 3a7ee309..6ce5376d 100644 --- a/tests/ansible/regression/issue_154__module_state_leaks.yml +++ b/tests/ansible/regression/issue_154__module_state_leaks.yml @@ -14,7 +14,8 @@ that: - out.results[item|int].leak1 == ["David"] - out.results[item|int].leak2 == ["David"] - fail_msg: out={{out}} + fail_msg: | + out={{ out }} with_sequence: start=0 end=3 tags: - issue_154 diff --git a/tests/ansible/regression/issue_332_ansiblemoduleerror_first_occurrence.yml b/tests/ansible/regression/issue_332_ansiblemoduleerror_first_occurrence.yml index be069b1e..0887d151 100644 --- a/tests/ansible/regression/issue_332_ansiblemoduleerror_first_occurrence.yml +++ b/tests/ansible/regression/issue_332_ansiblemoduleerror_first_occurrence.yml @@ -16,6 +16,7 @@ - assert: that: - out.msg == 'file (/usr/bin/does-not-exist) is absent, cannot continue' - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - issue_332 diff --git a/tests/ansible/regression/issue_590__sys_modules_crap.yml b/tests/ansible/regression/issue_590__sys_modules_crap.yml index 476701e3..2c2262f4 100644 --- a/tests/ansible/regression/issue_590__sys_modules_crap.yml +++ b/tests/ansible/regression/issue_590__sys_modules_crap.yml @@ -11,6 +11,7 @@ - assert: that: - "'id' in out.info" - fail_msg: out={{out}} + fail_msg: | + out={{ out }} tags: - issue_590 From 3504bea3bb0201a5d057e8e04b2945e823bcb0b0 Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Sun, 6 Oct 2024 15:11:04 +0100 Subject: [PATCH 06/61] tests: Ignore inventory files of inactive tests & benchmarks These targets are not used by any active tests, and the large numbers of hosts multiply the size of the taskvars disctionary in memory to many (10s) MiB. refs #1058 --- docs/changelog.rst | 1 + tests/ansible/ansible.cfg | 1 + tests/ansible/hosts/{k3.hosts => k3.hosts.disabled} | 0 .../ansible/hosts/{localhost.hosts => localhost.hosts.disabled} | 0 .../hosts/{osa-containers => osa-containers.hosts.disabled} | 0 5 files changed, 2 insertions(+) rename tests/ansible/hosts/{k3.hosts => k3.hosts.disabled} (100%) rename tests/ansible/hosts/{localhost.hosts => localhost.hosts.disabled} (100%) rename tests/ansible/hosts/{osa-containers => osa-containers.hosts.disabled} (100%) diff --git a/docs/changelog.rst b/docs/changelog.rst index 8fe7d16c..5d0d3ead 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -24,6 +24,7 @@ Unreleased * :gh:issue:`1106` :mod:`ansible_mitogen`: Support for `ansible_ssh_password` connection variable, and templated SSH connection password. * :gh:issue:`1136` tests: Improve Ansible fail_msg formatting. +* :gh:issue:`1137` tests: Ignore inventory files of inactive tests & benchmarks v0.3.11 (2024-10-30) diff --git a/tests/ansible/ansible.cfg b/tests/ansible/ansible.cfg index 537b5059..37edfd94 100644 --- a/tests/ansible/ansible.cfg +++ b/tests/ansible/ansible.cfg @@ -48,6 +48,7 @@ host_key_checking = False [inventory] any_unparsed_is_failed = true host_pattern_mismatch = error +ignore_extensions = ~, .bak, .disabled [callback_profile_tasks] task_output_limit = 10 diff --git a/tests/ansible/hosts/k3.hosts b/tests/ansible/hosts/k3.hosts.disabled similarity index 100% rename from tests/ansible/hosts/k3.hosts rename to tests/ansible/hosts/k3.hosts.disabled diff --git a/tests/ansible/hosts/localhost.hosts b/tests/ansible/hosts/localhost.hosts.disabled similarity index 100% rename from tests/ansible/hosts/localhost.hosts rename to tests/ansible/hosts/localhost.hosts.disabled diff --git a/tests/ansible/hosts/osa-containers b/tests/ansible/hosts/osa-containers.hosts.disabled similarity index 100% rename from tests/ansible/hosts/osa-containers rename to tests/ansible/hosts/osa-containers.hosts.disabled From b05b2c8c8e6036330963b0ec806c816babe2baca Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Sun, 6 Oct 2024 23:47:42 +0100 Subject: [PATCH 07/61] CI: Add re-actors/alls-green GitHub Actions job This will allow a single job to be required in the GitHub branch protection web UI; regardless of which jobs are added to or removed from the matrix of platform specific, Ansible specific jobs. --- .github/workflows/tests.yml | 12 ++++++++++++ docs/changelog.rst | 2 ++ 2 files changed, 14 insertions(+) diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 4520c3cf..2c819e7d 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -324,3 +324,15 @@ jobs: fi "$PYTHON" -m tox -e "${{ matrix.tox_env }}" + + # https://github.com/marketplace/actions/alls-green + check: + if: always() + needs: + - linux + - macos + runs-on: ubuntu-latest + steps: + - uses: re-actors/alls-green@release/v1 + with: + jobs: ${{ toJSON(needs) }} diff --git a/docs/changelog.rst b/docs/changelog.rst index 5d0d3ead..120ff962 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -25,6 +25,8 @@ Unreleased connection variable, and templated SSH connection password. * :gh:issue:`1136` tests: Improve Ansible fail_msg formatting. * :gh:issue:`1137` tests: Ignore inventory files of inactive tests & benchmarks +* :gh:issue:`1138` CI: Add re-actors/alls-green GitHub Actions job to simplify + branch protections configuration. v0.3.11 (2024-10-30) From 3f288f934a234378d3b3454074dc8f11d3f50138 Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Mon, 7 Oct 2024 00:52:34 +0100 Subject: [PATCH 08/61] docs: Correct 0.3.11 release month Reports of Mitogen's time machine will have been greatly exaggerated. --- docs/changelog.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/changelog.rst b/docs/changelog.rst index 120ff962..1ff86c59 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -29,7 +29,7 @@ Unreleased branch protections configuration. -v0.3.11 (2024-10-30) +v0.3.11 (2024-09-30) -------------------- * :gh:issue:`1127` :mod:`mitogen`: Consolidate mitogen backward compatibility From 298d28a650a2f154ce3db4bc98495eab964e0e7f Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Mon, 7 Oct 2024 00:53:10 +0100 Subject: [PATCH 09/61] Prep v0.3.12 --- docs/changelog.rst | 4 ++-- mitogen/__init__.py | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/changelog.rst b/docs/changelog.rst index 1ff86c59..1cb45127 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -18,8 +18,8 @@ To avail of fixes in an unreleased version, please download a ZIP file `directly from GitHub `_. -Unreleased ----------- +v0.3.11 (2024-10-07) +-------------------- * :gh:issue:`1106` :mod:`ansible_mitogen`: Support for `ansible_ssh_password` connection variable, and templated SSH connection password. diff --git a/mitogen/__init__.py b/mitogen/__init__.py index 1ec7cf09..003ea701 100644 --- a/mitogen/__init__.py +++ b/mitogen/__init__.py @@ -35,7 +35,7 @@ be expected. On the slave, it is built dynamically during startup. #: Library version as a tuple. -__version__ = (0, 3, 12, 'dev') +__version__ = (0, 3, 12) #: This is :data:`False` in slave contexts. Previously it was used to prevent From 61b800781b1dea09d4ba782597815737b2b0dc8c Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Mon, 7 Oct 2024 00:56:06 +0100 Subject: [PATCH 10/61] Begin v0.3.13 development --- docs/changelog.rst | 5 +++++ mitogen/__init__.py | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/docs/changelog.rst b/docs/changelog.rst index 1cb45127..bf513752 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -18,6 +18,11 @@ To avail of fixes in an unreleased version, please download a ZIP file `directly from GitHub `_. +In Progress (unreleased) +------------------------ + + + v0.3.11 (2024-10-07) -------------------- diff --git a/mitogen/__init__.py b/mitogen/__init__.py index 003ea701..8320f5e7 100644 --- a/mitogen/__init__.py +++ b/mitogen/__init__.py @@ -35,7 +35,7 @@ be expected. On the slave, it is built dynamically during startup. #: Library version as a tuple. -__version__ = (0, 3, 12) +__version__ = (0, 3, 13, 'dev') #: This is :data:`False` in slave contexts. Previously it was used to prevent From 8362d6146253884148660f0b45c387f77602fe2d Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Mon, 7 Oct 2024 12:47:29 +0100 Subject: [PATCH 11/61] CI: Remove Azure DevOps pipelines (replaced by GitHub Actions) fixes #1138 --- .ci/README.md | 2 +- .ci/azure-pipelines-steps.yml | 105 ----------------------- .ci/azure-pipelines.yml | 157 ---------------------------------- README.md | 4 +- tests/README.md | 2 +- 5 files changed, 4 insertions(+), 266 deletions(-) delete mode 100644 .ci/azure-pipelines-steps.yml delete mode 100644 .ci/azure-pipelines.yml diff --git a/.ci/README.md b/.ci/README.md index 9248ac58..9a5e8898 100644 --- a/.ci/README.md +++ b/.ci/README.md @@ -2,7 +2,7 @@ # `.ci` This directory contains scripts for Continuous Integration platforms. Currently -Azure Pipelines, but they will also happily run on any Debian-like machine. +GitHub Actions, but ideally they will also run on any Debian-like machine. The scripts are usually split into `_install` and `_test` steps. The `_install` step will damage your machine, the `_test` step will just run the tests the way diff --git a/.ci/azure-pipelines-steps.yml b/.ci/azure-pipelines-steps.yml deleted file mode 100644 index 791372af..00000000 --- a/.ci/azure-pipelines-steps.yml +++ /dev/null @@ -1,105 +0,0 @@ -# Each step entry runs a task (Azure Pipelines analog of an Ansible module). -# https://learn.microsoft.com/en-us/azure/devops/pipelines/tasks/reference/?view=azure-pipelines&viewFallbackFrom=azure-devops#tool - -# `{script: ...}` is shorthand for `{task: CmdLine@, inputs: {script: ...}}`. -# The shell is bash. -# https://learn.microsoft.com/en-us/azure/devops/pipelines/yaml-schema/steps-script?view=azure-pipelines -# https://learn.microsoft.com/en-us/azure/devops/pipelines/tasks/reference/cmd-line-v2?view=azure-pipelines - -steps: -- task: UsePythonVersion@0 - displayName: Install python - inputs: - githubToken: '$(GITHUB_PYVER_TOKEN)' - versionSpec: '$(python.version)' - condition: ne(variables['python.version'], '') - -- script: | - set -o errexit - set -o nounset - set -o pipefail - - aws ecr-public get-login-password | docker login --username AWS --password-stdin public.ecr.aws - displayName: Authenticate to container registry - condition: eq(variables['Agent.OS'], 'Linux') - env: - AWS_ACCESS_KEY_ID: $(AWS_ACCESS_KEY_ID) - AWS_SECRET_ACCESS_KEY: $(AWS_SECRET_ACCESS_KEY) - AWS_DEFAULT_REGION: $(AWS_DEFAULT_REGION) - -- script: | - set -o errexit - set -o nounset - set -o pipefail - - sudo apt-get update - sudo apt-get install -y python2-dev python3-pip virtualenv - displayName: Install build deps - condition: and(eq(variables['python.version'], ''), eq(variables['Agent.OS'], 'Linux')) - -- script: | - set -o errexit - set -o nounset - set -o pipefail - - # macOS builders lack a realpath command - type python && python -c"import os.path;print(os.path.realpath('$(type -p python)'))" && python --version - type python2 && python2 -c"import os.path;print(os.path.realpath('$(type -p python2)'))" && python2 --version - type python3 && python3 -c"import os.path;print(os.path.realpath('$(type -p python3)'))" && python3 --version - echo - - if [ -e /usr/bin/python ]; then - echo "/usr/bin/python: sys.executable: $(/usr/bin/python -c 'import sys; print(sys.executable)')" - fi - - if [ -e /usr/bin/python2 ]; then - echo "/usr/bin/python2: sys.executable: $(/usr/bin/python2 -c 'import sys; print(sys.executable)')" - fi - - if [ -e /usr/bin/python2.7 ]; then - echo "/usr/bin/python2.7: sys.executable: $(/usr/bin/python2.7 -c 'import sys; print(sys.executable)')" - fi - displayName: Show python versions - -- script: | - set -o errexit - set -o nounset - set -o pipefail - - # Tox environment name (e.g. py312-mode_mitogen) -> Python executable name (e.g. python3.12) - PYTHON=$(python -c 'import re; print(re.sub(r"^py([23])([0-9]{1,2}).*", r"python\1.\2", "$(tox.env)"))') - - if [[ -z $PYTHON ]]; then - echo 1>&2 "Python interpreter could not be determined" - exit 1 - fi - - if [[ $PYTHON == "python2.7" && $(uname) == "Darwin" ]]; then - "$PYTHON" -m ensurepip --user --altinstall --no-default-pip - "$PYTHON" -m pip install --user -r "tests/requirements-tox.txt" - elif [[ $PYTHON == "python2.7" ]]; then - curl "https://bootstrap.pypa.io/pip/2.7/get-pip.py" --output "get-pip.py" - "$PYTHON" get-pip.py --user --no-python-version-warning - # Avoid Python 2.x pip masking system pip - rm -f ~/.local/bin/{easy_install,pip,wheel} - "$PYTHON" -m pip install --user -r "tests/requirements-tox.txt" - else - "$PYTHON" -m pip install -r "tests/requirements-tox.txt" - fi - displayName: Install tooling - -- script: | - set -o errexit - set -o nounset - set -o pipefail - - # Tox environment name (e.g. py312-mode_mitogen) -> Python executable name (e.g. python3.12) - PYTHON=$(python -c 'import re; print(re.sub(r"^py([23])([0-9]{1,2}).*", r"python\1.\2", "$(tox.env)"))') - - if [[ -z $PYTHON ]]; then - echo 1>&2 "Python interpreter could not be determined" - exit 1 - fi - - "$PYTHON" -m tox -e "$(tox.env)" - displayName: "Run tests" diff --git a/.ci/azure-pipelines.yml b/.ci/azure-pipelines.yml deleted file mode 100644 index 0bf4556b..00000000 --- a/.ci/azure-pipelines.yml +++ /dev/null @@ -1,157 +0,0 @@ -# Python package -# Create and test a Python package on multiple Python versions. -# Add steps that analyze code, save the dist with the build record, publish to a PyPI-compatible index, and more: -# https://docs.microsoft.com/azure/devops/pipelines/languages/python - -# User defined variables are also injected as environment variables -# https://docs.microsoft.com/en-us/azure/devops/pipelines/process/variables#environment-variables -#variables: - #ANSIBLE_VERBOSITY: 3 - -trigger: - branches: - include: - - "*" - exclude: - - docs-master - -jobs: -- job: mac12 - # vanilla Ansible is really slow - timeoutInMinutes: 120 - steps: - - template: azure-pipelines-steps.yml - pool: - # https://github.com/actions/runner-images/blob/main/images/macos/macos-12-Readme.md - vmImage: macOS-12 - strategy: - matrix: - Mito_312: - tox.env: py312-mode_mitogen - Loc_312_10: - tox.env: py312-mode_localhost-ansible10 - Van_312_10: - tox.env: py312-mode_localhost-ansible10-strategy_linear - -- job: Linux - pool: - # https://github.com/actions/runner-images/blob/main/images/ubuntu/Ubuntu2004-Readme.md - vmImage: ubuntu-20.04 - steps: - - template: azure-pipelines-steps.yml - strategy: - matrix: - Mito_27_centos6: - tox.env: py27-mode_mitogen-distro_centos6 - Mito_27_centos7: - tox.env: py27-mode_mitogen-distro_centos7 - Mito_27_centos8: - tox.env: py27-mode_mitogen-distro_centos8 - Mito_27_debian9: - tox.env: py27-mode_mitogen-distro_debian9 - Mito_27_debian10: - tox.env: py27-mode_mitogen-distro_debian10 - Mito_27_debian11: - tox.env: py27-mode_mitogen-distro_debian11 - Mito_27_ubuntu1604: - tox.env: py27-mode_mitogen-distro_ubuntu1604 - Mito_27_ubuntu1804: - tox.env: py27-mode_mitogen-distro_ubuntu1804 - Mito_27_ubuntu2004: - tox.env: py27-mode_mitogen-distro_ubuntu2004 - - Mito_36_centos6: - python.version: '3.6' - tox.env: py36-mode_mitogen-distro_centos6 - Mito_36_centos7: - python.version: '3.6' - tox.env: py36-mode_mitogen-distro_centos7 - Mito_36_centos8: - python.version: '3.6' - tox.env: py36-mode_mitogen-distro_centos8 - Mito_36_debian9: - python.version: '3.6' - tox.env: py36-mode_mitogen-distro_debian9 - Mito_36_debian10: - python.version: '3.6' - tox.env: py36-mode_mitogen-distro_debian10 - Mito_36_debian11: - python.version: '3.6' - tox.env: py36-mode_mitogen-distro_debian11 - Mito_36_ubuntu1604: - python.version: '3.6' - tox.env: py36-mode_mitogen-distro_ubuntu1604 - Mito_36_ubuntu1804: - python.version: '3.6' - tox.env: py36-mode_mitogen-distro_ubuntu1804 - Mito_36_ubuntu2004: - python.version: '3.6' - tox.env: py36-mode_mitogen-distro_ubuntu2004 - - Mito_312_centos6: - python.version: '3.12' - tox.env: py312-mode_mitogen-distro_centos6 - Mito_312_centos7: - python.version: '3.12' - tox.env: py312-mode_mitogen-distro_centos7 - Mito_312_centos8: - python.version: '3.12' - tox.env: py312-mode_mitogen-distro_centos8 - Mito_312_debian9: - python.version: '3.12' - tox.env: py312-mode_mitogen-distro_debian9 - Mito_312_debian10: - python.version: '3.12' - tox.env: py312-mode_mitogen-distro_debian10 - Mito_312_debian11: - python.version: '3.12' - tox.env: py312-mode_mitogen-distro_debian11 - Mito_312_ubuntu1604: - python.version: '3.12' - tox.env: py312-mode_mitogen-distro_ubuntu1604 - Mito_312_ubuntu1804: - python.version: '3.12' - tox.env: py312-mode_mitogen-distro_ubuntu1804 - Mito_312_ubuntu2004: - python.version: '3.12' - tox.env: py312-mode_mitogen-distro_ubuntu2004 - - Ans_27_210: - tox.env: py27-mode_ansible-ansible2.10 - Ans_27_4: - tox.env: py27-mode_ansible-ansible4 - - Ans_36_210: - python.version: '3.6' - tox.env: py36-mode_ansible-ansible2.10 - Ans_36_4: - python.version: '3.6' - tox.env: py36-mode_ansible-ansible4 - - Ans_311_210: - python.version: '3.11' - tox.env: py311-mode_ansible-ansible2.10 - Ans_311_3: - python.version: '3.11' - tox.env: py311-mode_ansible-ansible3 - Ans_311_4: - python.version: '3.11' - tox.env: py311-mode_ansible-ansible4 - Ans_311_5: - python.version: '3.11' - tox.env: py311-mode_ansible-ansible5 - Ans_312_6: - python.version: '3.12' - tox.env: py312-mode_ansible-ansible6 - Ans_312_7: - python.version: '3.12' - tox.env: py312-mode_ansible-ansible7 - Ans_312_8: - python.version: '3.12' - tox.env: py312-mode_ansible-ansible8 - Ans_312_9: - python.version: '3.12' - tox.env: py312-mode_ansible-ansible9 - Ans_312_10: - python.version: '3.12' - tox.env: py312-mode_ansible-ansible10 diff --git a/README.md b/README.md index 0d4d1b30..e2954672 100644 --- a/README.md +++ b/README.md @@ -1,9 +1,9 @@ # Mitogen +[![Build Status](https://img.shields.io/github/actions/workflow/status/mitogen-hq/mitogen/tests.yml?branch=master)](https://github.com/mitogen-hq/mitogen/actions?query=branch%3Amaster) + Please see the documentation. ![](https://i.imgur.com/eBM6LhJ.gif) [![Total alerts](https://img.shields.io/lgtm/alerts/g/mitogen-hq/mitogen.svg?logo=lgtm&logoWidth=18)](https://lgtm.com/projects/g/mitogen-hq/mitogen/alerts/) - -[![Build Status](https://dev.azure.com/mitogen-hq/mitogen/_apis/build/status/mitogen-hq.mitogen?branchName=master)](https://dev.azure.com/mitogen-hq/mitogen/_build/latest?definitionId=1&branchName=master) diff --git a/tests/README.md b/tests/README.md index 65226e87..35a8775c 100644 --- a/tests/README.md +++ b/tests/README.md @@ -7,7 +7,7 @@ started in September 2017. Pull requests in this area are very welcome! ## Running The Tests -[![Build Status](https://dev.azure.com/mitogen-hq/mitogen/_apis/build/status/mitogen-hq.mitogen?branchName=master)](https://dev.azure.com/mitogen-hq/mitogen/_build/latest?definitionId=1&branchName=master) +[![Build Status](https://img.shields.io/github/actions/workflow/status/mitogen-hq/mitogen/tests.yml?branch=master)](https://github.com/mitogen-hq/mitogen/actions?query=branch%3Amaster) Your computer should have an Internet connection, and the ``docker`` command line tool should be able to connect to a working Docker daemon (localhost or From 9f0566b5229ea5330bf0cb0253038c61ad674a7f Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Mon, 7 Oct 2024 13:33:34 +0100 Subject: [PATCH 12/61] docs: Changelog entry for migration to GitHub Actions refs #1138 --- docs/changelog.rst | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/changelog.rst b/docs/changelog.rst index bf513752..34eeffc1 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -21,6 +21,8 @@ To avail of fixes in an unreleased version, please download a ZIP file In Progress (unreleased) ------------------------ +* :gh:issue:`1138` CI: Complete migration from Azure DevOps Pipelines to + GitHub Actions v0.3.11 (2024-10-07) From 1773c9aba609287bbf60f3cd393120b19e888363 Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Mon, 7 Oct 2024 13:45:20 +0100 Subject: [PATCH 13/61] trivia: Fix trailing whitespace --- ansible_mitogen/connection.py | 3 +++ ansible_mitogen/transport_config.py | 7 ++++--- docs/ansible_detailed.rst | 2 +- docs/changelog.rst | 2 +- docs/howitworks.rst | 2 +- examples/mitogen-fuse.py | 2 +- examples/mitop.py | 2 +- mitogen/core.py | 2 +- mitogen/master.py | 2 +- mitogen/parent.py | 2 +- .../integration/interpreter_discovery/complex_args.yml | 2 +- tests/ansible/tests/utils_unsafe_test.py | 2 +- .../importer/webproject/modules_expected_py3x-new.json | 1 - tests/image_prep/py24-build.sh | 2 +- 14 files changed, 18 insertions(+), 15 deletions(-) diff --git a/ansible_mitogen/connection.py b/ansible_mitogen/connection.py index a3f66eac..a715b2b0 100644 --- a/ansible_mitogen/connection.py +++ b/ansible_mitogen/connection.py @@ -158,6 +158,7 @@ def _connect_ssh(spec): } } + def _connect_buildah(spec): """ Return ContextService arguments for a Buildah connection. @@ -173,6 +174,7 @@ def _connect_buildah(spec): } } + def _connect_docker(spec): """ Return ContextService arguments for a Docker connection. @@ -276,6 +278,7 @@ def _connect_podman(spec): } } + def _connect_setns(spec, kind=None): """ Return ContextService arguments for a mitogen_setns connection. diff --git a/ansible_mitogen/transport_config.py b/ansible_mitogen/transport_config.py index a3336365..ae8a0258 100644 --- a/ansible_mitogen/transport_config.py +++ b/ansible_mitogen/transport_config.py @@ -64,6 +64,7 @@ __metaclass__ = type import abc import logging import os + import ansible.utils.shlex import ansible.constants as C import ansible.executor.interpreter_discovery @@ -88,12 +89,12 @@ def run_interpreter_discovery_if_necessary(s, task_vars, action, rediscover_pyth # keep trying different interpreters until we don't error if action._finding_python_interpreter: return action._possible_python_interpreter - + if s in ['auto', 'auto_legacy', 'auto_silent', 'auto_legacy_silent']: # python is the only supported interpreter_name as of Ansible 2.8.8 interpreter_name = 'python' discovered_interpreter_config = u'discovered_interpreter_%s' % interpreter_name - + if task_vars.get('ansible_facts') is None: task_vars['ansible_facts'] = {} @@ -134,7 +135,7 @@ def run_interpreter_discovery_if_necessary(s, task_vars, action, rediscover_pyth def parse_python_path(s, task_vars, action, rediscover_python): """ Given the string set for ansible_python_interpeter, parse it using shell - syntax and return an appropriate argument vector. If the value detected is + syntax and return an appropriate argument vector. If the value detected is one of interpreter discovery then run that first. Caches python interpreter discovery value in `facts_from_task_vars` like how Ansible handles this. """ diff --git a/docs/ansible_detailed.rst b/docs/ansible_detailed.rst index d818edd7..0d796691 100644 --- a/docs/ansible_detailed.rst +++ b/docs/ansible_detailed.rst @@ -1275,7 +1275,7 @@ on each process whose name begins with ``mitogen:``:: [pid 29858] futex(0x55ea9be52f60, FUTEX_WAIT_BITSET_PRIVATE|FUTEX_CLOCK_REALTIME, 0, NULL, 0xffffffff ^C - $ + $ This shows one thread waiting on IO (``poll``) and two more waiting on the same lock. It is taken from a real example of a deadlock due to a forking bug. diff --git a/docs/changelog.rst b/docs/changelog.rst index 34eeffc1..7a25f755 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -119,7 +119,7 @@ v0.3.4 (2023-07-02) * :gh:issue:`929` Support Ansible 6 and ansible-core 2.13 * :gh:issue:`832` Fix runtime error when using the ansible.builtin.dnf module multiple times -* :gh:issue:`925` :class:`ansible_mitogen.connection.Connection` no longer tries to close the +* :gh:issue:`925` :class:`ansible_mitogen.connection.Connection` no longer tries to close the connection on destruction. This is expected to reduce cases of `mitogen.core.Error: An attempt was made to enqueue a message with a Broker that has already exitted`. However it may result in resource leaks. diff --git a/docs/howitworks.rst b/docs/howitworks.rst index 27b109fe..d7606b11 100644 --- a/docs/howitworks.rst +++ b/docs/howitworks.rst @@ -1038,7 +1038,7 @@ receive items in the order they are requested, as they become available. Mitogen enables SSH compression by default, there are circumstances where disabling SSH compression is desirable, and many scenarios for future connection methods where transport-layer compression is not supported at - all. + all. .. [#f2] Compression may seem redundant, however it is basically free and reducing IO is always a good idea. The 33% / 200 byte saving may mean the presence or diff --git a/examples/mitogen-fuse.py b/examples/mitogen-fuse.py index 55b272d9..73101fb8 100644 --- a/examples/mitogen-fuse.py +++ b/examples/mitogen-fuse.py @@ -119,7 +119,7 @@ def _chroot(path): os.chroot(path) -class Operations(fuse.Operations): # fuse.LoggingMixIn, +class Operations(fuse.Operations): # fuse.LoggingMixIn, def __init__(self, host, path='.'): self.host = host self.root = path diff --git a/examples/mitop.py b/examples/mitop.py index 8749e12a..72a60bf3 100644 --- a/examples/mitop.py +++ b/examples/mitop.py @@ -61,7 +61,7 @@ def child_main(sender, delay): Executed on the main thread of the Python interpreter running on each target machine, Context.call() from the master. It simply sends the output of the UNIX 'ps' command at regular intervals toward a Receiver on master. - + :param mitogen.core.Sender sender: The Sender to use for delivering our result. This could target anywhere, but the sender supplied by the master simply causes results diff --git a/mitogen/core.py b/mitogen/core.py index 9b225ed7..49f92cae 100644 --- a/mitogen/core.py +++ b/mitogen/core.py @@ -3290,7 +3290,7 @@ class Router(object): This can be used from any thread, but its output is only meaningful from the context of the :class:`Broker` thread, as disconnection or replacement could happen in parallel on the broker thread at any - moment. + moment. """ return ( self._stream_by_id.get(dst_id) or diff --git a/mitogen/master.py b/mitogen/master.py index 51b29b82..865c9dc1 100644 --- a/mitogen/master.py +++ b/mitogen/master.py @@ -652,7 +652,7 @@ class ParentImpEnumerationMethod(FinderMethod): insane) parent package, and if no insane parents exist, simply use :mod:`sys.path` to search for it from scratch on the filesystem using the normal Python lookup mechanism. - + This is required for older versions of :mod:`ansible.compat.six`, :mod:`plumbum.colors`, Ansible 2.8 :mod:`ansible.module_utils.distro` and its submodule :mod:`ansible.module_utils.distro._distro`. diff --git a/mitogen/parent.py b/mitogen/parent.py index dd51b697..fa3092c1 100644 --- a/mitogen/parent.py +++ b/mitogen/parent.py @@ -631,7 +631,7 @@ class TimerList(object): def get_timeout(self): """ Return the floating point seconds until the next event is due. - + :returns: Floating point delay, or 0.0, or :data:`None` if no events are scheduled. diff --git a/tests/ansible/integration/interpreter_discovery/complex_args.yml b/tests/ansible/integration/interpreter_discovery/complex_args.yml index af2b5e46..f9770876 100644 --- a/tests/ansible/integration/interpreter_discovery/complex_args.yml +++ b/tests/ansible/integration/interpreter_discovery/complex_args.yml @@ -52,7 +52,7 @@ {% if "1" == "1" %} {{ special_python }} {% else %} - python + python {% endif %} tags: - complex_args diff --git a/tests/ansible/tests/utils_unsafe_test.py b/tests/ansible/tests/utils_unsafe_test.py index a020f55b..9aa461c5 100644 --- a/tests/ansible/tests/utils_unsafe_test.py +++ b/tests/ansible/tests/utils_unsafe_test.py @@ -48,7 +48,7 @@ class CastTest(unittest.TestCase): self.assertCasts(wrap_var([]), []) self.assertCasts(wrap_var(u''), u'') self.assertCasts(wrap_var(()), []) - + def test_subtypes_roundtrip(self): self.assertCasts(wrap_var(Bytes()), b'') self.assertCasts(wrap_var(Dict()), {}) diff --git a/tests/data/importer/webproject/modules_expected_py3x-new.json b/tests/data/importer/webproject/modules_expected_py3x-new.json index dcbcc785..614a7f9c 100644 --- a/tests/data/importer/webproject/modules_expected_py3x-new.json +++ b/tests/data/importer/webproject/modules_expected_py3x-new.json @@ -205,4 +205,3 @@ ] } } - \ No newline at end of file diff --git a/tests/image_prep/py24-build.sh b/tests/image_prep/py24-build.sh index b30cc24b..b99e36a0 100755 --- a/tests/image_prep/py24-build.sh +++ b/tests/image_prep/py24-build.sh @@ -15,7 +15,7 @@ tar xzvf cpython-2.4.6.tar.gz ( cd cpython-2.4.6 - ./configure --prefix=/usr/local/python2.4.6 --with-pydebug --enable-debug CFLAGS="-g -O0" # --enable-debug + ./configure --prefix=/usr/local/python2.4.6 --with-pydebug --enable-debug CFLAGS="-g -O0" # --enable-debug echo 'zlib zlibmodule.c -I$(prefix)/include -L$(exec_prefix)/lib -lz' >> Modules/Setup.config make -j 8 sudo make install From 90ba0a74eb0710a0669b44908da2f46504a6c4e9 Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Mon, 7 Oct 2024 13:54:08 +0100 Subject: [PATCH 14/61] ansible_mitogen: Remove unused imports --- ansible_mitogen/mixins.py | 2 -- 1 file changed, 2 deletions(-) diff --git a/ansible_mitogen/mixins.py b/ansible_mitogen/mixins.py index 38f351ed..1b6512e8 100644 --- a/ansible_mitogen/mixins.py +++ b/ansible_mitogen/mixins.py @@ -36,8 +36,6 @@ import random import traceback import ansible -import ansible.constants -import ansible.plugins import ansible.plugins.action import ansible.utils.unsafe_proxy import ansible.vars.clean From 0e9c890637e1d2db026a9e87c70650841d956235 Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Mon, 7 Oct 2024 13:55:39 +0100 Subject: [PATCH 15/61] tests: Remove unused physical_hosts variable --- .../integration/connection_delegation/delegate_to_template.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/tests/ansible/integration/connection_delegation/delegate_to_template.yml b/tests/ansible/integration/connection_delegation/delegate_to_template.yml index f9ad9e0b..f1c7f613 100644 --- a/tests/ansible/integration/connection_delegation/delegate_to_template.yml +++ b/tests/ansible/integration/connection_delegation/delegate_to_template.yml @@ -11,7 +11,6 @@ - name: integration/connection_delegation/delegate_to_template.yml vars: physical_host: "cd-normal-alias" - physical_hosts: ["cd-normal-alias", "cd-normal-normal"] hosts: test-targets gather_facts: no tasks: From 8bf4eb2ce9ec5ee80fbc3f22d6887a5baaf2fc55 Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Mon, 7 Oct 2024 13:59:00 +0100 Subject: [PATCH 16/61] CI: Remove awcli from local tooling, add missing python*{-dev,-venv} variants --- tox.ini | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/tox.ini b/tox.ini index 9fb31bdc..44425ae4 100644 --- a/tox.ini +++ b/tox.ini @@ -2,8 +2,7 @@ # I use this locally on Ubuntu 22.04, with the following additions # # sudo add-apt-repository ppa:deadsnakes/ppa -# sudo apt update -# sudo apt install awscli lib{ldap2,sasl2,ssl}-dev python{2,2.7,3} python3.{6..13}{,-venv} python-is-python3 sshpass tox +# sudo apt install lib{ldap2,sasl2,ssl}-dev python{2,2.7,3}{,-dev} python3.{7..13}{,-dev,-venv} python-is-python3 sshpass tox # Py A cntrllr A target coverage Django Jinja2 pip psutil pytest tox virtualenv # ==== ========== ========== ========== ========== ========== ========== ========== ========== ========== ========== From c395b1318454b24956e9d6c56d7ca670ab17cab1 Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Mon, 7 Oct 2024 14:00:03 +0100 Subject: [PATCH 17/61] CI: Remove Azure DevOps environment variable handling refs #1138 --- tox.ini | 3 --- 1 file changed, 3 deletions(-) diff --git a/tox.ini b/tox.ini index 44425ae4..7677ed27 100644 --- a/tox.ini +++ b/tox.ini @@ -98,9 +98,6 @@ passenv = ANSIBLE_* HOME MITOGEN_* - # Azure DevOps, TF_BUILD is set to 'True' when running in a build task - # https://learn.microsoft.com/en-us/azure/devops/pipelines/build/variables - TF_BUILD setenv = # See also azure-pipelines.yml ANSIBLE_STRATEGY = mitogen_linear From 6053e1b5cf9e954eff04f26ba8290e677bf38535 Mon Sep 17 00:00:00 2001 From: "Joshua M. Keyes" Date: Mon, 7 Oct 2024 14:48:58 -0700 Subject: [PATCH 18/61] ansible_mitogen: Handle templated ansible_ssh_user. --- ansible_mitogen/transport_config.py | 2 +- docs/changelog.rst | 2 ++ docs/contributors.rst | 1 + 3 files changed, 4 insertions(+), 1 deletion(-) diff --git a/ansible_mitogen/transport_config.py b/ansible_mitogen/transport_config.py index ae8a0258..bff27d16 100644 --- a/ansible_mitogen/transport_config.py +++ b/ansible_mitogen/transport_config.py @@ -434,7 +434,7 @@ class PlayContextSpec(Spec): return self._play_context.remote_addr def remote_user(self): - return self._play_context.remote_user + return self._connection_option('remote_user') def become(self): return self._play_context.become diff --git a/docs/changelog.rst b/docs/changelog.rst index 7a25f755..8349e87d 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -23,6 +23,8 @@ In Progress (unreleased) * :gh:issue:`1138` CI: Complete migration from Azure DevOps Pipelines to GitHub Actions +* :gh:issue:`1116` :mod: `ansible_mitogen`: Support for templated variable + `ansible_ssh_user`. v0.3.11 (2024-10-07) diff --git a/docs/contributors.rst b/docs/contributors.rst index 4e9e58bd..69dc1e76 100644 --- a/docs/contributors.rst +++ b/docs/contributors.rst @@ -127,6 +127,7 @@ sponsorship and outstanding future-thinking of its early adopters.
  • jgadling
  • John F Wall — Making Ansible Great with Massive Parallelism
  • Jonathan Rosser
    • +
  • Joshua M. Keyes
  • KennethC
  • Luca Berruti
  • Lewis Bellwood — Happy to be apart of a great project.
    • From 2c4316fa16c9c74a91a4ba8236bd0d7993cba944 Mon Sep 17 00:00:00 2001 From: Joshua K Date: Tue, 8 Oct 2024 01:17:22 -0700 Subject: [PATCH 19/61] Fix rST whitespace error in changelog entry. Co-authored-by: Alex Willmer --- docs/changelog.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/changelog.rst b/docs/changelog.rst index 8349e87d..dc42eaf7 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -23,7 +23,7 @@ In Progress (unreleased) * :gh:issue:`1138` CI: Complete migration from Azure DevOps Pipelines to GitHub Actions -* :gh:issue:`1116` :mod: `ansible_mitogen`: Support for templated variable +* :gh:issue:`1116` :mod:`ansible_mitogen`: Support for templated variable `ansible_ssh_user`. From 14cb8be7e5204c5beeaeddbf3ed80b2727f3c535 Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Tue, 8 Oct 2024 10:36:42 +0100 Subject: [PATCH 20/61] ansible_mitogen: Test templated connection user (e.g. ansible_user) --- tests/ansible/hosts/default.hosts | 5 ++--- tests/ansible/integration/ssh/templated_by_play_taskvar.yml | 1 + tests/ansible/templates/test-targets.j2 | 5 ++--- 3 files changed, 5 insertions(+), 6 deletions(-) diff --git a/tests/ansible/hosts/default.hosts b/tests/ansible/hosts/default.hosts index 8ed80787..e2a13b47 100644 --- a/tests/ansible/hosts/default.hosts +++ b/tests/ansible/hosts/default.hosts @@ -25,11 +25,10 @@ tt-bare [tt_targets_bare:vars] ansible_host=localhost -ansible_user=mitogen__has_sudo_nopw [tt_targets_inventory] -tt-password ansible_password="{{ 'has_sudo_nopw_password' | trim }}" +tt-password ansible_password="{{ 'has_sudo_nopw_password' | trim }}" ansible_user=mitogen__has_sudo_nopw +tt-remote-user ansible_password=has_sudo_nopw_password ansible_user="{{ 'mitogen__has_sudo_nopw' | trim }}" [tt_targets_inventory:vars] ansible_host=localhost -ansible_user=mitogen__has_sudo_nopw diff --git a/tests/ansible/integration/ssh/templated_by_play_taskvar.yml b/tests/ansible/integration/ssh/templated_by_play_taskvar.yml index bc4ef1d8..5a937fb9 100644 --- a/tests/ansible/integration/ssh/templated_by_play_taskvar.yml +++ b/tests/ansible/integration/ssh/templated_by_play_taskvar.yml @@ -3,6 +3,7 @@ gather_facts: false vars: ansible_password: "{{ 'has_sudo_nopw_password' | trim }}" + ansible_user: "{{ 'mitogen__has_sudo_nopw' | trim }}" tasks: - meta: reset_connection diff --git a/tests/ansible/templates/test-targets.j2 b/tests/ansible/templates/test-targets.j2 index 37a0725a..1166cc42 100644 --- a/tests/ansible/templates/test-targets.j2 +++ b/tests/ansible/templates/test-targets.j2 @@ -47,12 +47,11 @@ tt-bare ansible_host={{ tt.hostname }} ansible_port={{ tt.port }} ansible_python_interpreter={{ tt.python_path }} -ansible_user=mitogen__has_sudo_nopw [tt_targets_inventory] -tt-password ansible_password="{{ '{{' }} 'has_sudo_nopw_password' | trim {{ '}}' }}" ansible_port={{ tt.port }} +tt-password ansible_password="{{ '{{' }} 'has_sudo_nopw_password' | trim {{ '}}' }}" ansible_port={{ tt.port }} ansible_user=mitogen__has_sudo_nopw +tt-remote-user ansible_password=has_sudo_nopw_password ansible_port={{ tt.port }} ansible_user="{{ '{{' }} 'mitogen__has_sudo_nopw' | trim {{ '}}' }}" [tt_targets_inventory:vars] ansible_host={{ tt.hostname }} ansible_python_interpreter={{ tt.python_path }} -ansible_user=mitogen__has_sudo_nopw From 77a01ff8d6d7145409f4cb7a014ab64a5b6fa964 Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Tue, 8 Oct 2024 11:43:33 +0100 Subject: [PATCH 21/61] ansible_mitogen: Support templated SSH port fixes #978 --- ansible_mitogen/transport_config.py | 2 +- docs/changelog.rst | 1 + tests/ansible/hosts/default.hosts | 1 + .../ansible/integration/_expected_ssh_port.yml | 18 ++++++++++++++++++ .../delegate_to_template.yml | 3 ++- .../stack_construction.yml | 18 ++++++++++++------ .../ssh/templated_by_play_taskvar.yml | 1 + .../integration/transport_config/port.yml | 16 ++++++++++++---- tests/ansible/templates/test-targets.j2 | 1 + 9 files changed, 49 insertions(+), 12 deletions(-) create mode 100644 tests/ansible/integration/_expected_ssh_port.yml diff --git a/ansible_mitogen/transport_config.py b/ansible_mitogen/transport_config.py index bff27d16..a9f67209 100644 --- a/ansible_mitogen/transport_config.py +++ b/ansible_mitogen/transport_config.py @@ -464,7 +464,7 @@ class PlayContextSpec(Spec): return optional_secret(self._connection_option('password')) def port(self): - return self._play_context.port + return self._connection_option('port') def python_path(self, rediscover_python=False): s = self._connection.get_task_var('ansible_python_interpreter') diff --git a/docs/changelog.rst b/docs/changelog.rst index dc42eaf7..4f545615 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -25,6 +25,7 @@ In Progress (unreleased) GitHub Actions * :gh:issue:`1116` :mod:`ansible_mitogen`: Support for templated variable `ansible_ssh_user`. +* :gh:issue:`978` :mod:`ansible_mitogen`: Support templated Ansible SSH port. v0.3.11 (2024-10-07) diff --git a/tests/ansible/hosts/default.hosts b/tests/ansible/hosts/default.hosts index e2a13b47..609cd9f8 100644 --- a/tests/ansible/hosts/default.hosts +++ b/tests/ansible/hosts/default.hosts @@ -28,6 +28,7 @@ ansible_host=localhost [tt_targets_inventory] tt-password ansible_password="{{ 'has_sudo_nopw_password' | trim }}" ansible_user=mitogen__has_sudo_nopw +tt-port ansible_password=has_sudo_nopw_password ansible_port="{{ 22 | int }}" ansible_user=mitogen__has_sudo_nopw tt-remote-user ansible_password=has_sudo_nopw_password ansible_user="{{ 'mitogen__has_sudo_nopw' | trim }}" [tt_targets_inventory:vars] diff --git a/tests/ansible/integration/_expected_ssh_port.yml b/tests/ansible/integration/_expected_ssh_port.yml new file mode 100644 index 00000000..442659a5 --- /dev/null +++ b/tests/ansible/integration/_expected_ssh_port.yml @@ -0,0 +1,18 @@ +# Ansible removed its default SSH port in May 2021, defering to the SSH +# implementation. +# https://github.com/ansible/ansible/commit/45618a6f3856f7332df8afe4adc40d85649a70da + +# Careful templating is needed to preseve the type(s) of expected_ssh_port, +# particularly in combination with the assert_equal action plugin. +# Do: {{ expected_ssh_port }} +# Don't: {{ expected_ssh_port | any_filter }} +# Don't: {% if ...%}{{ expected_ssh_port }}{% else %}...{% endif %} +# https://stackoverflow.com/questions/66102524/ansible-set-fact-type-cast/66104814#66104814 + +- set_fact: + expected_ssh_port: null + when: ansible_version.full is version('2.11.1', '>=', strict=True) + +- set_fact: + expected_ssh_port: 22 + when: ansible_version.full is version('2.11.1', '<', strict=True) diff --git a/tests/ansible/integration/connection_delegation/delegate_to_template.yml b/tests/ansible/integration/connection_delegation/delegate_to_template.yml index f1c7f613..60a67b82 100644 --- a/tests/ansible/integration/connection_delegation/delegate_to_template.yml +++ b/tests/ansible/integration/connection_delegation/delegate_to_template.yml @@ -15,6 +15,7 @@ gather_facts: no tasks: - include_tasks: ../_mitogen_only.yml + - include_tasks: ../_expected_ssh_port.yml - meta: end_play when: @@ -66,7 +67,7 @@ 'keepalive_interval': 30, 'keepalive_count': 10, 'password': null, - 'port': null, + 'port': '{{ expected_ssh_port }}', 'python_path': ['python3000'], 'remote_name': null, 'ssh_args': [ diff --git a/tests/ansible/integration/connection_delegation/stack_construction.yml b/tests/ansible/integration/connection_delegation/stack_construction.yml index 8cf064bb..b0475275 100644 --- a/tests/ansible/integration/connection_delegation/stack_construction.yml +++ b/tests/ansible/integration/connection_delegation/stack_construction.yml @@ -55,6 +55,7 @@ - hosts: cd-normal tasks: - include_tasks: ../_mitogen_only.yml + - include_tasks: ../_expected_ssh_port.yml - mitogen_get_stack: delegate_to: cd-alias register: out @@ -72,7 +73,7 @@ 'keepalive_interval': 30, 'keepalive_count': 10, 'password': null, - 'port': null, + 'port': '{{ expected_ssh_port }}', "python_path": ["python3000"], 'remote_name': null, 'ssh_args': [ @@ -98,6 +99,7 @@ - hosts: cd-alias tasks: - include_tasks: ../_mitogen_only.yml + - include_tasks: ../_expected_ssh_port.yml - mitogen_get_stack: register: out - assert_equal: @@ -114,7 +116,7 @@ 'keepalive_interval': 30, 'keepalive_count': 10, 'password': null, - 'port': null, + 'port': '{{ expected_ssh_port }}', "python_path": ["python3000"], 'remote_name': null, 'ssh_args': [ @@ -140,6 +142,7 @@ - hosts: cd-normal-normal tasks: - include_tasks: ../_mitogen_only.yml + - include_tasks: ../_expected_ssh_port.yml - mitogen_get_stack: register: out - assert_equal: @@ -167,7 +170,7 @@ 'keepalive_interval': 30, 'keepalive_count': 10, 'password': null, - 'port': null, + 'port': '{{ expected_ssh_port }}', "python_path": ["python3000"], 'remote_name': null, 'ssh_args': [ @@ -193,6 +196,7 @@ - hosts: cd-normal-alias tasks: - include_tasks: ../_mitogen_only.yml + - include_tasks: ../_expected_ssh_port.yml - mitogen_get_stack: register: out - assert_equal: @@ -237,7 +241,7 @@ 'keepalive_interval': 30, 'keepalive_count': 10, 'password': null, - 'port': null, + 'port': '{{ expected_ssh_port }}', "python_path": ["python3000"], 'remote_name': null, 'ssh_args': [ @@ -262,6 +266,7 @@ - hosts: cd-newuser-normal-normal tasks: - include_tasks: ../_mitogen_only.yml + - include_tasks: ../_expected_ssh_port.yml - mitogen_get_stack: register: out - assert_equal: @@ -289,7 +294,7 @@ 'keepalive_interval': 30, 'keepalive_count': 10, 'password': null, - 'port': null, + 'port': '{{ expected_ssh_port }}', "python_path": ["python3000"], 'remote_name': null, 'ssh_args': [ @@ -315,6 +320,7 @@ - hosts: cd-newuser-normal-normal tasks: - include_tasks: ../_mitogen_only.yml + - include_tasks: ../_expected_ssh_port.yml - mitogen_get_stack: delegate_to: cd-alias register: out @@ -332,7 +338,7 @@ 'keepalive_interval': 30, 'keepalive_count': 10, 'password': null, - 'port': null, + 'port': '{{ expected_ssh_port }}', "python_path": ["python3000"], 'remote_name': null, 'ssh_args': [ diff --git a/tests/ansible/integration/ssh/templated_by_play_taskvar.yml b/tests/ansible/integration/ssh/templated_by_play_taskvar.yml index 5a937fb9..fd4bc848 100644 --- a/tests/ansible/integration/ssh/templated_by_play_taskvar.yml +++ b/tests/ansible/integration/ssh/templated_by_play_taskvar.yml @@ -3,6 +3,7 @@ gather_facts: false vars: ansible_password: "{{ 'has_sudo_nopw_password' | trim }}" + ansible_port: "{{ hostvars[groups['test-targets'][0]].ansible_port | default(22) }}" ansible_user: "{{ 'mitogen__has_sudo_nopw' | trim }}" tasks: diff --git a/tests/ansible/integration/transport_config/port.yml b/tests/ansible/integration/transport_config/port.yml index 1b8e04a0..abc68058 100644 --- a/tests/ansible/integration/transport_config/port.yml +++ b/tests/ansible/integration/transport_config/port.yml @@ -6,13 +6,15 @@ hosts: tc-port-unset tasks: - include_tasks: ../_mitogen_only.yml + - include_tasks: ../_expected_ssh_port.yml - {mitogen_get_stack: {}, register: out} - assert: that: - out.result|length == 1 - out.result[0].method == "ssh" - - out.result[0].kwargs.port == None + - out.result[0].kwargs.port == expected_ssh_port fail_msg: | + expected_ssh_port={{ expected_ssh_port }} out={{ out }} tags: - mitogen_only @@ -54,6 +56,7 @@ vars: {mitogen_via: tc-port-explicit-ssh} tasks: - include_tasks: ../_mitogen_only.yml + - include_tasks: ../_expected_ssh_port.yml - {mitogen_get_stack: {}, register: out} - assert: that: @@ -61,8 +64,9 @@ - out.result[0].method == "ssh" - out.result[0].kwargs.port == 4321 - out.result[1].method == "ssh" - - out.result[1].kwargs.port == None + - out.result[1].kwargs.port == expected_ssh_port fail_msg: | + expected_ssh_port={{ expected_ssh_port }} out={{ out }} tags: - mitogen_only @@ -86,6 +90,7 @@ vars: {mitogen_via: tc-port-explicit-port} tasks: - include_tasks: ../_mitogen_only.yml + - include_tasks: ../_expected_ssh_port.yml - {mitogen_get_stack: {}, register: out} - assert: that: @@ -93,8 +98,9 @@ - out.result[0].method == "ssh" - out.result[0].kwargs.port == 1234 - out.result[1].method == "ssh" - - out.result[1].kwargs.port == None + - out.result[1].kwargs.port == expected_ssh_port fail_msg: | + expected_ssh_port={{ expected_ssh_port }} out={{ out }} tags: - mitogen_only @@ -119,6 +125,7 @@ vars: {mitogen_via: tc-port-both} tasks: - include_tasks: ../_mitogen_only.yml + - include_tasks: ../_expected_ssh_port.yml - {mitogen_get_stack: {}, register: out} - assert: that: @@ -126,8 +133,9 @@ - out.result[0].method == "ssh" - out.result[0].kwargs.port == 1532 - out.result[1].method == "ssh" - - out.result[1].kwargs.port == None + - out.result[1].kwargs.port == expected_ssh_port fail_msg: | + expected_ssh_port={{ expected_ssh_port }} out={{ out }} tags: - mitogen_only diff --git a/tests/ansible/templates/test-targets.j2 b/tests/ansible/templates/test-targets.j2 index 1166cc42..0fdef20b 100644 --- a/tests/ansible/templates/test-targets.j2 +++ b/tests/ansible/templates/test-targets.j2 @@ -50,6 +50,7 @@ ansible_python_interpreter={{ tt.python_path }} [tt_targets_inventory] tt-password ansible_password="{{ '{{' }} 'has_sudo_nopw_password' | trim {{ '}}' }}" ansible_port={{ tt.port }} ansible_user=mitogen__has_sudo_nopw +tt-port ansible_password=has_sudo_nopw_password ansible_port="{{ '{{' }} {{ tt.port }} | int {{ '}}' }}" ansible_user=mitogen__has_sudo_nopw tt-remote-user ansible_password=has_sudo_nopw_password ansible_port={{ tt.port }} ansible_user="{{ '{{' }} 'mitogen__has_sudo_nopw' | trim {{ '}}' }}" [tt_targets_inventory:vars] From 34d441fb878447e6fa025c8c668208d7044f6429 Mon Sep 17 00:00:00 2001 From: Stefano Rivera Date: Mon, 7 Oct 2024 10:03:32 -0700 Subject: [PATCH 22/61] Remove get_password_hash, unused spwd is removed in Python 3.13. But fortunately, this function itself is never used. Part of: #1073 --- examples/the_basics.py | 16 ---------------- 1 file changed, 16 deletions(-) diff --git a/examples/the_basics.py b/examples/the_basics.py index 0dcd4049..af9903b0 100644 --- a/examples/the_basics.py +++ b/examples/the_basics.py @@ -10,7 +10,6 @@ from __future__ import print_function import hashlib import io import os -import spwd import mitogen.core import mitogen.master @@ -57,21 +56,6 @@ def streamy_download_file(context, path): } -def get_password_hash(username): - """ - Fetch a user's password hash. - """ - try: - h = spwd.getspnam(username) - except KeyError: - return None - - # mitogen.core.Secret() is a Unicode subclass with a repr() that hides the - # secret data. This keeps secret stuff out of logs. Like blobs, secrets can - # also be serialized. - return mitogen.core.Secret(h) - - def md5sum(path): """ Return the MD5 checksum for a file. From 9cdd51cf5b584bf828354301ab97d4a2e13e30c7 Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Tue, 8 Oct 2024 15:25:13 +0100 Subject: [PATCH 23/61] Declare Python 3.13 support No code changes needed, that I could find. --- .github/workflows/tests.yml | 105 ++++++++++++++++++------------------ docs/ansible_detailed.rst | 6 +-- docs/changelog.rst | 1 + setup.py | 1 + tests/requirements.txt | 2 +- tox.ini | 9 ++-- 6 files changed, 65 insertions(+), 59 deletions(-) diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 2c819e7d..f3f31d82 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -48,24 +48,24 @@ jobs: - name: Ans_311_5 python_version: '3.11' tox_env: py311-mode_ansible-ansible5 - - name: Ans_312_6 - python_version: '3.12' - tox_env: py312-mode_ansible-ansible6 - - name: Ans_312_7 - python_version: '3.12' - tox_env: py312-mode_ansible-ansible7 - - name: Ans_312_8 - python_version: '3.12' - tox_env: py312-mode_ansible-ansible8 - - name: Ans_312_9 - python_version: '3.12' - tox_env: py312-mode_ansible-ansible9 - - name: Ans_312_10 - python_version: '3.12' - tox_env: py312-mode_ansible-ansible10 - - name: Van_312_10 - python_version: '3.12' - tox_env: py312-mode_ansible-ansible10-strategy_linear + - name: Ans_313_6 + python_version: '3.13' + tox_env: py313-mode_ansible-ansible6 + - name: Ans_313_7 + python_version: '3.13' + tox_env: py313-mode_ansible-ansible7 + - name: Ans_313_8 + python_version: '3.13' + tox_env: py313-mode_ansible-ansible8 + - name: Ans_313_9 + python_version: '3.13' + tox_env: py313-mode_ansible-ansible9 + - name: Ans_313_10 + python_version: '3.13' + tox_env: py313-mode_ansible-ansible10 + - name: Van_313_10 + python_version: '3.13' + tox_env: py313-mode_ansible-ansible10-strategy_linear - name: Mito_27_centos6 tox_env: py27-mode_mitogen-distro_centos6 @@ -114,33 +114,33 @@ jobs: python_version: '3.6' tox_env: py36-mode_mitogen-distro_ubuntu2004 - - name: Mito_312_centos6 - python_version: '3.12' - tox_env: py312-mode_mitogen-distro_centos6 - - name: Mito_312_centos7 - python_version: '3.12' - tox_env: py312-mode_mitogen-distro_centos7 - - name: Mito_312_centos8 - python_version: '3.12' - tox_env: py312-mode_mitogen-distro_centos8 - - name: Mito_312_debian9 - python_version: '3.12' - tox_env: py312-mode_mitogen-distro_debian9 - - name: Mito_312_debian10 - python_version: '3.12' - tox_env: py312-mode_mitogen-distro_debian10 - - name: Mito_312_debian11 - python_version: '3.12' - tox_env: py312-mode_mitogen-distro_debian11 - - name: Mito_312_ubuntu1604 - python_version: '3.12' - tox_env: py312-mode_mitogen-distro_ubuntu1604 - - name: Mito_312_ubuntu1804 - python_version: '3.12' - tox_env: py312-mode_mitogen-distro_ubuntu1804 - - name: Mito_312_ubuntu2004 - python_version: '3.12' - tox_env: py312-mode_mitogen-distro_ubuntu2004 + - name: Mito_313_centos6 + python_version: '3.13' + tox_env: py313-mode_mitogen-distro_centos6 + - name: Mito_313_centos7 + python_version: '3.13' + tox_env: py313-mode_mitogen-distro_centos7 + - name: Mito_313_centos8 + python_version: '3.13' + tox_env: py313-mode_mitogen-distro_centos8 + - name: Mito_313_debian9 + python_version: '3.13' + tox_env: py313-mode_mitogen-distro_debian9 + - name: Mito_313_debian10 + python_version: '3.13' + tox_env: py313-mode_mitogen-distro_debian10 + - name: Mito_313_debian11 + python_version: '3.13' + tox_env: py313-mode_mitogen-distro_debian11 + - name: Mito_313_ubuntu1604 + python_version: '3.13' + tox_env: py313-mode_mitogen-distro_ubuntu1604 + - name: Mito_313_ubuntu1804 + python_version: '3.13' + tox_env: py313-mode_mitogen-distro_ubuntu1804 + - name: Mito_313_ubuntu2004 + python_version: '3.13' + tox_env: py313-mode_mitogen-distro_ubuntu2004 steps: - uses: actions/checkout@v4 @@ -232,18 +232,21 @@ jobs: include: - name: Mito_27 tox_env: py27-mode_mitogen - - name: Mito_312 - tox_env: py312-mode_mitogen + - name: Mito_313 + python_version: '3.13' + tox_env: py313-mode_mitogen - name: Loc_27_210 tox_env: py27-mode_localhost-ansible2.10 - - name: Loc_312_10 - tox_env: py312-mode_localhost-ansible10 + - name: Loc_313_10 + python_version: '3.13' + tox_env: py313-mode_localhost-ansible10 - name: Van_27_210 tox_env: py27-mode_localhost-ansible2.10-strategy_linear - - name: Van_312_10 - tox_env: py312-mode_localhost-ansible10-strategy_linear + - name: Van_313_10 + python_version: '3.13' + tox_env: py313-mode_localhost-ansible10-strategy_linear steps: - uses: actions/checkout@v4 diff --git a/docs/ansible_detailed.rst b/docs/ansible_detailed.rst index 0d796691..73ebba4d 100644 --- a/docs/ansible_detailed.rst +++ b/docs/ansible_detailed.rst @@ -132,13 +132,13 @@ Noteworthy Differences | 5 | 3.8 - 3.11 | +-----------------+-----------------+ | 6 | | - +-----------------+ 3.8 - 3.12 | + +-----------------+ 3.8 - 3.13 | | 7 | | +-----------------+-----------------+ - | 8 | 3.9 - 3.12 | + | 8 | 3.9 - 3.13 | +-----------------+-----------------+ | 9 | | - +-----------------+ 3.10 - 3.12 | + +-----------------+ 3.10 - 3.13 | | 10 | | +-----------------+-----------------+ diff --git a/docs/changelog.rst b/docs/changelog.rst index 4f545615..f00de071 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -26,6 +26,7 @@ In Progress (unreleased) * :gh:issue:`1116` :mod:`ansible_mitogen`: Support for templated variable `ansible_ssh_user`. * :gh:issue:`978` :mod:`ansible_mitogen`: Support templated Ansible SSH port. +* :gh:issue:`1073` Python 3.13 support v0.3.11 (2024-10-07) diff --git a/setup.py b/setup.py index b17dab9d..9cb30427 100644 --- a/setup.py +++ b/setup.py @@ -79,6 +79,7 @@ setup( 'Programming Language :: Python :: 3.10', 'Programming Language :: Python :: 3.11', 'Programming Language :: Python :: 3.12', + 'Programming Language :: Python :: 3.13', 'Programming Language :: Python :: Implementation :: CPython', 'Topic :: System :: Distributed Computing', 'Topic :: System :: Systems Administration', diff --git a/tests/requirements.txt b/tests/requirements.txt index d64d8b87..c5671b37 100644 --- a/tests/requirements.txt +++ b/tests/requirements.txt @@ -1,5 +1,5 @@ cffi==1.15.1; python_version < '3.8' -cffi==1.16; python_version >= '3.8' +cffi==1.17.1; python_version >= '3.8' coverage==5.5; python_version == '2.7' coverage==6.2; python_version == '3.6' diff --git a/tox.ini b/tox.ini index 7677ed27..6a0eb180 100644 --- a/tox.ini +++ b/tox.ini @@ -55,10 +55,10 @@ envlist = init, py{27,36}-mode_ansible-ansible{2.10,3,4}, py{311}-mode_ansible-ansible{2.10,3,4,5}, - py{312}-mode_ansible-ansible{6,7,8,9,10}, - py{27,36,312}-mode_mitogen-distro_centos{6,7,8}, - py{27,36,312}-mode_mitogen-distro_debian{9,10,11}, - py{27,36,312}-mode_mitogen-distro_ubuntu{1604,1804,2004}, + py{313}-mode_ansible-ansible{6,7,8,9,10}, + py{27,36,313}-mode_mitogen-distro_centos{6,7,8}, + py{27,36,313}-mode_mitogen-distro_debian{9,10,11}, + py{27,36,313}-mode_mitogen-distro_ubuntu{1604,1804,2004}, report, [testenv] @@ -73,6 +73,7 @@ basepython = py310: python3.10 py311: python3.11 py312: python3.12 + py313: python3.13 deps = -r{toxinidir}/tests/requirements.txt mode_ansible: -r{toxinidir}/tests/ansible/requirements.txt From 62b75f7750569e840ed32e0a2515275bdf721dbb Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Wed, 9 Oct 2024 10:48:26 +0100 Subject: [PATCH 24/61] docs: shields.io badges for PyPI version & supported Python versions --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index e2954672..c3cd9a87 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,7 @@ # Mitogen +[![PyPI - Version](https://img.shields.io/pypi/v/mitogen)](https://pypi.org/project/mitogen/) +[![PyPI - Python Version](https://img.shields.io/pypi/pyversions/mitogen)](https://pypi.org/project/mitogen/) [![Build Status](https://img.shields.io/github/actions/workflow/status/mitogen-hq/mitogen/tests.yml?branch=master)](https://github.com/mitogen-hq/mitogen/actions?query=branch%3Amaster)     Please see the documentation. From b91407a7792e1e827082cbfda0076e5ef45c99f9 Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Wed, 9 Oct 2024 11:13:42 +0100 Subject: [PATCH 25/61] docs: Correct v0.3.12 version in changelog fixes #1149 --- docs/changelog.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/changelog.rst b/docs/changelog.rst index f00de071..016c485e 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -29,7 +29,7 @@ In Progress (unreleased) * :gh:issue:`1073` Python 3.13 support -v0.3.11 (2024-10-07) +v0.3.12 (2024-10-07) -------------------- * :gh:issue:`1106` :mod:`ansible_mitogen`: Support for `ansible_ssh_password` From 8dec03894170353a7588b1414cf88772d330d1f0 Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Wed, 9 Oct 2024 11:14:23 +0100 Subject: [PATCH 26/61] Prepare v0.3.13 --- docs/changelog.rst | 4 ++-- mitogen/__init__.py | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/changelog.rst b/docs/changelog.rst index 016c485e..67753daf 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -18,8 +18,8 @@ To avail of fixes in an unreleased version, please download a ZIP file `directly from GitHub `_. -In Progress (unreleased) ------------------------- +v0.3.13 (2024-10-09) +-------------------- * :gh:issue:`1138` CI: Complete migration from Azure DevOps Pipelines to GitHub Actions diff --git a/mitogen/__init__.py b/mitogen/__init__.py index 8320f5e7..48baa7c8 100644 --- a/mitogen/__init__.py +++ b/mitogen/__init__.py @@ -35,7 +35,7 @@ be expected. On the slave, it is built dynamically during startup. #: Library version as a tuple. -__version__ = (0, 3, 13, 'dev') +__version__ = (0, 3, 13) #: This is :data:`False` in slave contexts. Previously it was used to prevent From 47e25eb8c596ac917428fc7c65bb24075f47d4e4 Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Wed, 9 Oct 2024 11:16:41 +0100 Subject: [PATCH 27/61] Begin 0.3.14 development --- docs/changelog.rst | 5 +++++ mitogen/__init__.py | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/docs/changelog.rst b/docs/changelog.rst index 67753daf..092fed26 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -18,6 +18,11 @@ To avail of fixes in an unreleased version, please download a ZIP file `directly from GitHub `_. +In progress (unreleased) +------------------------ + + + v0.3.13 (2024-10-09) -------------------- diff --git a/mitogen/__init__.py b/mitogen/__init__.py index 48baa7c8..36c448d9 100644 --- a/mitogen/__init__.py +++ b/mitogen/__init__.py @@ -35,7 +35,7 @@ be expected. On the slave, it is built dynamically during startup. #: Library version as a tuple. -__version__ = (0, 3, 13) +__version__ = (0, 3, 14, 'dev') #: This is :data:`False` in slave contexts. Previously it was used to prevent From 5d6a185242ca93ab45e27bd296ad2dcca45b74f8 Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Wed, 9 Oct 2024 13:16:42 +0100 Subject: [PATCH 28/61] tests: Templated "remote_user" provided as Ansible playbook keyword The password is provided as a variable because there is no corresponding keyword. I get the impression that keywords are considered a legacy mechanism, so most (new) options are only overridable by variables. The port is proved as a variable for now, to test remote_name in isolation. --- tests/ansible/integration/ssh/all.yml | 1 + .../integration/ssh/templated_by_play_keyword.yml | 11 +++++++++++ 2 files changed, 12 insertions(+) create mode 100644 tests/ansible/integration/ssh/templated_by_play_keyword.yml diff --git a/tests/ansible/integration/ssh/all.yml b/tests/ansible/integration/ssh/all.yml index ab400051..ce964c3e 100644 --- a/tests/ansible/integration/ssh/all.yml +++ b/tests/ansible/integration/ssh/all.yml @@ -3,5 +3,6 @@ - import_playbook: password.yml - import_playbook: timeouts.yml - import_playbook: templated_by_inv.yml +- import_playbook: templated_by_play_keyword.yml - import_playbook: templated_by_play_taskvar.yml - import_playbook: variables.yml diff --git a/tests/ansible/integration/ssh/templated_by_play_keyword.yml b/tests/ansible/integration/ssh/templated_by_play_keyword.yml new file mode 100644 index 00000000..e66cc5f3 --- /dev/null +++ b/tests/ansible/integration/ssh/templated_by_play_keyword.yml @@ -0,0 +1,11 @@ +- name: integration/ssh/templated_by_play_keyword.yml + hosts: tt_targets_bare + gather_facts: false + remote_user: "{{ 'mitogen__has_sudo_nopw' | trim }}" + vars: + ansible_password: has_sudo_nopw_password + ansible_port: "{{ hostvars[groups['test-targets'][0]].ansible_port | default(22) }}" + tasks: + - meta: reset_connection + - name: Templated variables in play keywords + ping: From 5e816be12c8ecafd1c07fa323a2ac75b05c008cc Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Wed, 9 Oct 2024 14:16:17 +0100 Subject: [PATCH 29/61] tests: Templated connection keywords with delegated_to --- tests/ansible/integration/ssh/all.yml | 1 + .../ssh/templated_by_task_keyword.yml | 24 +++++++++++++++++++ 2 files changed, 25 insertions(+) create mode 100644 tests/ansible/integration/ssh/templated_by_task_keyword.yml diff --git a/tests/ansible/integration/ssh/all.yml b/tests/ansible/integration/ssh/all.yml index ce964c3e..eada992a 100644 --- a/tests/ansible/integration/ssh/all.yml +++ b/tests/ansible/integration/ssh/all.yml @@ -5,4 +5,5 @@ - import_playbook: templated_by_inv.yml - import_playbook: templated_by_play_keyword.yml - import_playbook: templated_by_play_taskvar.yml +- import_playbook: templated_by_task_keyword.yml - import_playbook: variables.yml diff --git a/tests/ansible/integration/ssh/templated_by_task_keyword.yml b/tests/ansible/integration/ssh/templated_by_task_keyword.yml new file mode 100644 index 00000000..df956af5 --- /dev/null +++ b/tests/ansible/integration/ssh/templated_by_task_keyword.yml @@ -0,0 +1,24 @@ +- name: integration/ssh/templated_by_task_keyword.yml + hosts: tt_targets_bare + gather_facts: false + # FIXME Resetting the connection shouldn't require credentials + # https://github.com/mitogen-hq/mitogen/issues/1132 + remote_user: "{{ 'mitogen__has_sudo_nopw' | trim }}" + vars: + ansible_password: has_sudo_nopw_password + ansible_port: "{{ hostvars[groups['test-targets'][0]].ansible_port | default(22) }}" + tasks: + - name: Reset connection to target that will be delegate_to + meta: reset_connection + +- name: Test connection template by task keywords, with delegate_to + hosts: test-targets[0] + gather_facts: false + tasks: + - name: Templated by task keywords, with delegate_to + delegate_to: "{{ groups.tt_targets_bare[0] }}" + remote_user: "{{ 'mitogen__has_sudo_nopw' | trim }}" + vars: + ansible_password: has_sudo_nopw_password + ansible_port: "{{ hostvars[groups['test-targets'][0]].ansible_port | default(22) }}" + ping: From 9859e44ee841fe7655d8bc9a2b74580be32a4810 Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Thu, 10 Oct 2024 15:23:49 +0100 Subject: [PATCH 30/61] tests: Standardise on DockerizedSshDaemon.host & .port --- tests/ssh_test.py | 4 ++-- tests/testlib.py | 7 ++----- 2 files changed, 4 insertions(+), 7 deletions(-) diff --git a/tests/ssh_test.py b/tests/ssh_test.py index ce7dce96..f8fad55a 100644 --- a/tests/ssh_test.py +++ b/tests/ssh_test.py @@ -68,7 +68,7 @@ class SshTest(testlib.DockerMixin, testlib.TestCase): password='has_sudo_password', ) name = 'ssh.%s:%s' % ( - self.dockerized_ssh.get_host(), + self.dockerized_ssh.host, self.dockerized_ssh.port, ) self.assertEqual(name, context.name) @@ -186,7 +186,7 @@ class BannerTest(testlib.DockerMixin, testlib.TestCase): ssh_debug_level=3, ) name = 'ssh.%s:%s' % ( - self.dockerized_ssh.get_host(), + self.dockerized_ssh.host, self.dockerized_ssh.port, ) self.assertEqual(name, context.name) diff --git a/tests/testlib.py b/tests/testlib.py index 76743e82..0fd9c7d7 100644 --- a/tests/testlib.py +++ b/tests/testlib.py @@ -574,14 +574,11 @@ class DockerizedSshDaemon(object): self.image = image_template % d self.start_container() - self.host = self.get_host() + self.host = get_docker_host() self.port = self.get_port(self.container_name) - def get_host(self): - return get_docker_host() - def wait_for_sshd(self): - wait_for_port(self.get_host(), self.port, pattern='OpenSSH') + wait_for_port(self.host, self.port, pattern='OpenSSH') def check_processes(self): # Get Accounting name (ucomm) & command line (args) of each process From 28e08ef94c5a57ee672511e06ed594d49284644f Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Thu, 10 Oct 2024 18:33:44 +0100 Subject: [PATCH 31/61] ci: Reduce number of Jobs by parameterizing Mitogen Docker SSH tests This reduces the number of jobs from 48 to 24. The Mitogen part of the test suite has been parameterized on the Linux container targets to be run against. Both the Ansible tests & Mitogen tests now use the same source of truth to control which targets to use: environment variable MITOGEN_TEST_DISTRO_SPECS. This replaces the two mutually exclusive env vars DISTRO and DISTROS. I've also removed vestgial traces of an unused env var MITOGEN_TEST_DISTRO. Parameterization adapted from https://eli.thegreenplace.net/2014/04/02/dynamically-generating-python-test-cases refs #1058, #1059 --- .ci/README.md | 11 +++--- .ci/ansible_tests.py | 2 +- .ci/ci_lib.py | 8 ++-- .ci/mitogen_py24_tests.py | 2 - .ci/mitogen_tests.py | 1 - .github/workflows/tests.yml | 78 +++---------------------------------- docs/changelog.rst | 2 + tests/README.md | 16 ++++++-- tests/fakessh_test.py | 3 +- tests/ssh_test.py | 26 ++++++++++++- tests/su_test.py | 13 ++++++- tests/testlib.py | 25 ++++++------ tox.ini | 52 +++++++++---------------- 13 files changed, 101 insertions(+), 138 deletions(-) diff --git a/.ci/README.md b/.ci/README.md index 9a5e8898..17b7d2dd 100644 --- a/.ci/README.md +++ b/.ci/README.md @@ -28,14 +28,15 @@ for doing `setup.py install` while pulling a Docker container, for example. ### Environment Variables -* `DISTRO`: the `mitogen_` tests need a target Docker container distro. This - name comes from the Docker Hub `mitogen` user, i.e. `mitogen/$DISTRO-test` -* `DISTROS`: the `ansible_` tests can run against multiple targets - simultaneously, which speeds things up. This is a space-separated list of - DISTRO names, but additionally, supports: +* `MITOGEN_TEST_DISTRO_SPECS`: a space delimited list of distro specs to run + the tests against. (e.g. `centos6 ubuntu2004-py3*4`). Each spec determines + the Linux distribution, target Python interepreter & number of instances. + Only distributions with a pre-built Linux container image can be used. * `debian-py3`: when generating Ansible inventory file, set `ansible_python_interpreter` to `python3`, i.e. run a test where the target interpreter is Python 3. * `debian*16`: generate 16 Docker containers running Debian. Also works with -py3. +* `MITOGEN_TEST_IMAGE_TEMPLATE`: specifies the Linux container image name, + and hence the container registry used for test targets. diff --git a/.ci/ansible_tests.py b/.ci/ansible_tests.py index 3ec48dfd..62dfa8f5 100755 --- a/.ci/ansible_tests.py +++ b/.ci/ansible_tests.py @@ -35,7 +35,7 @@ ci_lib.check_stray_processes(interesting) with ci_lib.Fold('docker_setup'): - containers = ci_lib.container_specs(ci_lib.DISTROS) + containers = ci_lib.container_specs(ci_lib.DISTRO_SPECS.split()) ci_lib.start_containers(containers) diff --git a/.ci/ci_lib.py b/.ci/ci_lib.py index dfe49b97..afb62e02 100644 --- a/.ci/ci_lib.py +++ b/.ci/ci_lib.py @@ -28,6 +28,10 @@ os.chdir( ) +DISTRO_SPECS = os.environ.get( + 'MITOGEN_TEST_DISTRO_SPECS', + 'centos6 centos8 debian9 debian11 ubuntu1604 ubuntu2004', +) IMAGE_TEMPLATE = os.environ.get( 'MITOGEN_TEST_IMAGE_TEMPLATE', 'public.ecr.aws/n5z0e8q9/%(distro)s-test', @@ -196,10 +200,6 @@ class Fold(object): GIT_ROOT = os.path.abspath(os.path.join(os.path.dirname(__file__), '..')) -# Used only when MODE=mitogen -DISTRO = os.environ.get('DISTRO', 'debian9') -# Used only when MODE=ansible -DISTROS = os.environ.get('DISTROS', 'centos6 centos8 debian9 debian11 ubuntu1604 ubuntu2004').split() TMP = TempDir().path diff --git a/.ci/mitogen_py24_tests.py b/.ci/mitogen_py24_tests.py index 228e79bd..96b144eb 100755 --- a/.ci/mitogen_py24_tests.py +++ b/.ci/mitogen_py24_tests.py @@ -8,8 +8,6 @@ import ci_lib os.environ.update({ 'NOCOVERAGE': '1', 'UNIT2': '/usr/local/python2.4.6/bin/unit2', - - 'MITOGEN_TEST_DISTRO': ci_lib.DISTRO, 'MITOGEN_LOG_LEVEL': 'debug', 'SKIP_ANSIBLE': '1', }) diff --git a/.ci/mitogen_tests.py b/.ci/mitogen_tests.py index 4de94b4c..47aa2444 100755 --- a/.ci/mitogen_tests.py +++ b/.ci/mitogen_tests.py @@ -6,7 +6,6 @@ import os import ci_lib os.environ.update({ - 'MITOGEN_TEST_DISTRO': ci_lib.DISTRO, 'MITOGEN_LOG_LEVEL': 'debug', 'SKIP_ANSIBLE': '1', }) diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index f3f31d82..cc20f04a 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -67,80 +67,14 @@ jobs: python_version: '3.13' tox_env: py313-mode_ansible-ansible10-strategy_linear - - name: Mito_27_centos6 - tox_env: py27-mode_mitogen-distro_centos6 - - name: Mito_27_centos7 - tox_env: py27-mode_mitogen-distro_centos7 - - name: Mito_27_centos8 - tox_env: py27-mode_mitogen-distro_centos8 - - name: Mito_27_debian9 - tox_env: py27-mode_mitogen-distro_debian9 - - name: Mito_27_debian10 - tox_env: py27-mode_mitogen-distro_debian10 - - name: Mito_27_debian11 - tox_env: py27-mode_mitogen-distro_debian11 - - name: Mito_27_ubuntu1604 - tox_env: py27-mode_mitogen-distro_ubuntu1604 - - name: Mito_27_ubuntu1804 - tox_env: py27-mode_mitogen-distro_ubuntu1804 - - name: Mito_27_ubuntu2004 - tox_env: py27-mode_mitogen-distro_ubuntu2004 - - - name: Mito_36_centos6 - python_version: '3.6' - tox_env: py36-mode_mitogen-distro_centos6 - - name: Mito_36_centos7 - python_version: '3.6' - tox_env: py36-mode_mitogen-distro_centos7 - - name: Mito_36_centos8 - python_version: '3.6' - tox_env: py36-mode_mitogen-distro_centos8 - - name: Mito_36_debian9 - python_version: '3.6' - tox_env: py36-mode_mitogen-distro_debian9 - - name: Mito_36_debian10 - python_version: '3.6' - tox_env: py36-mode_mitogen-distro_debian10 - - name: Mito_36_debian11 - python_version: '3.6' - tox_env: py36-mode_mitogen-distro_debian11 - - name: Mito_36_ubuntu1604 - python_version: '3.6' - tox_env: py36-mode_mitogen-distro_ubuntu1604 - - name: Mito_36_ubuntu1804 - python_version: '3.6' - tox_env: py36-mode_mitogen-distro_ubuntu1804 - - name: Mito_36_ubuntu2004 + - name: Mito_27 + tox_env: py27-mode_mitogen + - name: Mito_36 python_version: '3.6' - tox_env: py36-mode_mitogen-distro_ubuntu2004 - - - name: Mito_313_centos6 - python_version: '3.13' - tox_env: py313-mode_mitogen-distro_centos6 - - name: Mito_313_centos7 - python_version: '3.13' - tox_env: py313-mode_mitogen-distro_centos7 - - name: Mito_313_centos8 - python_version: '3.13' - tox_env: py313-mode_mitogen-distro_centos8 - - name: Mito_313_debian9 - python_version: '3.13' - tox_env: py313-mode_mitogen-distro_debian9 - - name: Mito_313_debian10 - python_version: '3.13' - tox_env: py313-mode_mitogen-distro_debian10 - - name: Mito_313_debian11 - python_version: '3.13' - tox_env: py313-mode_mitogen-distro_debian11 - - name: Mito_313_ubuntu1604 - python_version: '3.13' - tox_env: py313-mode_mitogen-distro_ubuntu1604 - - name: Mito_313_ubuntu1804 - python_version: '3.13' - tox_env: py313-mode_mitogen-distro_ubuntu1804 - - name: Mito_313_ubuntu2004 + tox_env: py36-mode_mitogen + - name: Mito_313 python_version: '3.13' - tox_env: py313-mode_mitogen-distro_ubuntu2004 + tox_env: py313-mode_mitogen steps: - uses: actions/checkout@v4 diff --git a/docs/changelog.rst b/docs/changelog.rst index 092fed26..1fad75a5 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -21,6 +21,8 @@ To avail of fixes in an unreleased version, please download a ZIP file In progress (unreleased) ------------------------ +* :gh:issue:`1159` CI: Reduce number of Jobs by parameterizing Mitogen Docker + SSH tests v0.3.13 (2024-10-09) diff --git a/tests/README.md b/tests/README.md index 35a8775c..06bf7ad7 100644 --- a/tests/README.md +++ b/tests/README.md @@ -30,11 +30,19 @@ and run the tests there. 1. Run ``test`` -# Selecting a target distribution +# Selecting target distributions -Docker target images exist for testing against CentOS and Debian, with the -default being Debian. To select CentOS, specify `MITOGEN_TEST_DISTRO=centos` in -the environment. +Linux container images for testing are available at + +- https://github.com/orgs/mitogen-hq/packages +- https://public.ecr.aws/n5z0e8q9 + +The images used are determined by two environment variables + +- `MITOGEN_TEST_DISTRO_SPECS` +- `MITOGEN_TEST_IMAGE_TEMPLATE` + +Defaults for these can be found in `.ci/ci_lib.py` & `tests/testlib.py` # User Accounts diff --git a/tests/fakessh_test.py b/tests/fakessh_test.py index 52321495..2ad722df 100644 --- a/tests/fakessh_test.py +++ b/tests/fakessh_test.py @@ -7,8 +7,8 @@ import mitogen.fakessh import testlib +@unittest.skip('broken') class RsyncTest(testlib.DockerMixin, testlib.TestCase): - @unittest.skip('broken') def test_rsync_from_master(self): context = self.docker_ssh_any() @@ -24,7 +24,6 @@ class RsyncTest(testlib.DockerMixin, testlib.TestCase): self.assertTrue(context.call(os.path.exists, '/tmp/data')) self.assertTrue(context.call(os.path.exists, '/tmp/data/simple_pkg/a.py')) - @unittest.skip('broken') def test_rsync_between_direct_children(self): # master -> SSH -> mitogen__has_sudo_pubkey -> rsync(.ssh) -> master -> # mitogen__has_sudo -> rsync diff --git a/tests/ssh_test.py b/tests/ssh_test.py index f8fad55a..e8e0e1eb 100644 --- a/tests/ssh_test.py +++ b/tests/ssh_test.py @@ -37,7 +37,7 @@ class ConstructorTest(testlib.RouterMixin, testlib.TestCase): self.assertEqual(3, context.call(plain_old_module.add, 1, 2)) -class SshTest(testlib.DockerMixin, testlib.TestCase): +class SshMixin(testlib.DockerMixin): def test_debug_decoding(self): # ensure filter_debug_logs() decodes the logged string. capture = testlib.LogCapturer() @@ -176,7 +176,18 @@ class SshTest(testlib.DockerMixin, testlib.TestCase): fp.close() -class BannerTest(testlib.DockerMixin, testlib.TestCase): +for distro_spec in testlib.DISTRO_SPECS.split(): + dockerized_ssh = testlib.DockerizedSshDaemon(distro_spec) + klass_name = 'SshTest%s' % (dockerized_ssh.distro.capitalize(),) + klass = type( + klass_name, + (SshMixin, testlib.TestCase), + {'dockerized_ssh': dockerized_ssh}, + ) + globals()[klass_name] = klass + + +class BannerMixin(testlib.DockerMixin): # Verify the ability to disambiguate random spam appearing in the SSHd's # login banner from a legitimate password prompt. def test_verbose_enabled(self): @@ -193,6 +204,17 @@ class BannerTest(testlib.DockerMixin, testlib.TestCase): context.shutdown(wait=True) +for distro_spec in testlib.DISTRO_SPECS.split(): + dockerized_ssh = testlib.DockerizedSshDaemon(distro_spec) + klass_name = 'BannerTest%s' % (dockerized_ssh.distro.capitalize(),) + klass = type( + klass_name, + (BannerMixin, testlib.TestCase), + {'dockerized_ssh': dockerized_ssh}, + ) + globals()[klass_name] = klass + + class StubPermissionDeniedTest(StubSshMixin, testlib.TestCase): def test_classic_prompt(self): self.assertRaises(mitogen.ssh.PasswordError, diff --git a/tests/su_test.py b/tests/su_test.py index 234c509b..3750454c 100644 --- a/tests/su_test.py +++ b/tests/su_test.py @@ -23,7 +23,7 @@ class ConstructorTest(testlib.RouterMixin, testlib.TestCase): self.assertEqual(argv[2], '-c') -class SuTest(testlib.DockerMixin, testlib.TestCase): +class SuMixin(testlib.DockerMixin): stub_su_path = testlib.data_path('stubs/stub-su.py') def test_slow_auth_failure(self): @@ -64,3 +64,14 @@ class SuTest(testlib.DockerMixin, testlib.TestCase): ) context = self.router.su(via=ssh, password='rootpassword') self.assertEqual(0, context.call(os.getuid)) + + +for distro_spec in testlib.DISTRO_SPECS.split(): + dockerized_ssh = testlib.DockerizedSshDaemon(distro_spec) + klass_name = 'SuTest%s' % (dockerized_ssh.distro.capitalize(),) + klass = type( + klass_name, + (SuMixin, testlib.TestCase), + {'dockerized_ssh': dockerized_ssh}, + ) + globals()[klass_name] = klass diff --git a/tests/testlib.py b/tests/testlib.py index 0fd9c7d7..05779dc0 100644 --- a/tests/testlib.py +++ b/tests/testlib.py @@ -51,7 +51,10 @@ except NameError: LOG = logging.getLogger(__name__) -DISTRO = os.environ.get('MITOGEN_TEST_DISTRO', 'debian9') +DISTRO_SPECS = os.environ.get( + 'MITOGEN_TEST_DISTRO_SPECS', + 'centos6 centos8 debian9 debian11 ubuntu1604 ubuntu2004', +) IMAGE_TEMPLATE = os.environ.get( 'MITOGEN_TEST_IMAGE_TEMPLATE', 'public.ecr.aws/n5z0e8q9/%(distro)s-test', @@ -555,8 +558,9 @@ class DockerizedSshDaemon(object): self.image, ] subprocess.check_output(args) + self.port = self.get_port(self.container_name) - def __init__(self, distro=DISTRO, image_template=IMAGE_TEMPLATE): + def __init__(self, distro_spec, image_template=IMAGE_TEMPLATE): # Code duplicated in ci_lib.py, both should be updated together distro_pattern = re.compile(r''' (?P(?P[a-z]+)[0-9]+) @@ -565,7 +569,10 @@ class DockerizedSshDaemon(object): ''', re.VERBOSE, ) - d = distro_pattern.match(distro).groupdict(default=None) + d = distro_pattern.match(distro_spec).groupdict(default=None) + + self.distro = d['distro'] + self.family = d['family'] if d.pop('py') == 'py3': self.python_path = '/usr/bin/python3' @@ -573,9 +580,7 @@ class DockerizedSshDaemon(object): self.python_path = '/usr/bin/python' self.image = image_template % d - self.start_container() self.host = get_docker_host() - self.port = self.get_port(self.container_name) def wait_for_sshd(self): wait_for_port(self.host, self.port, pattern='OpenSSH') @@ -648,12 +653,10 @@ class DockerMixin(RouterMixin): if os.environ.get('SKIP_DOCKER_TESTS'): raise unittest.SkipTest('SKIP_DOCKER_TESTS is set') - # we want to be able to override test distro for some tests that need a different container spun up - daemon_args = {} - if hasattr(cls, 'mitogen_test_distro'): - daemon_args['mitogen_test_distro'] = cls.mitogen_test_distro - - cls.dockerized_ssh = DockerizedSshDaemon(**daemon_args) + # cls.dockerized_ssh is injected by dynamically generating TestCase + # subclasses. + # TODO Bite the bullet, switch to e.g. pytest + cls.dockerized_ssh.start_container() cls.dockerized_ssh.wait_for_sshd() @classmethod diff --git a/tox.ini b/tox.ini index 6a0eb180..5afa7eb1 100644 --- a/tox.ini +++ b/tox.ini @@ -56,9 +56,7 @@ envlist = py{27,36}-mode_ansible-ansible{2.10,3,4}, py{311}-mode_ansible-ansible{2.10,3,4,5}, py{313}-mode_ansible-ansible{6,7,8,9,10}, - py{27,36,313}-mode_mitogen-distro_centos{6,7,8}, - py{27,36,313}-mode_mitogen-distro_debian{9,10,11}, - py{27,36,313}-mode_mitogen-distro_ubuntu{1604,1804,2004}, + py{27,36,313}-mode_mitogen, report, [testenv] @@ -105,39 +103,27 @@ setenv = NOCOVERAGE_ERASE = 1 NOCOVERAGE_REPORT = 1 PIP_CONSTRAINT={toxinidir}/tests/constraints.txt - # Only applicable to MODE=mitogen - distro_centos5: DISTRO=centos5 - distro_centos6: DISTRO=centos6 - distro_centos7: DISTRO=centos7 - distro_centos8: DISTRO=centos8 - distro_debian9: DISTRO=debian9 - distro_debian10: DISTRO=debian10 - distro_debian11: DISTRO=debian11 - distro_ubuntu1604: DISTRO=ubuntu1604 - distro_ubuntu1804: DISTRO=ubuntu1804 - distro_ubuntu2004: DISTRO=ubuntu2004 - # Note the plural, only applicable to MODE=ansible # Ansible 6 - 8 (ansible-core 2.13 - 2.15) require Python 2.7 or >= 3.5 on targets - ansible6: DISTROS=centos7 centos8 debian9 debian10 debian11 ubuntu1604 ubuntu1804 ubuntu2004 - ansible7: DISTROS=centos7 centos8 debian9 debian10 debian11 ubuntu1604 ubuntu1804 ubuntu2004 - ansible8: DISTROS=centos7 centos8 debian9 debian10 debian11 ubuntu1604 ubuntu1804 ubuntu2004 + ansible6: MITOGEN_TEST_DISTRO_SPECS=centos7 centos8 debian9 debian10 debian11 ubuntu1604 ubuntu1804 ubuntu2004 + ansible7: MITOGEN_TEST_DISTRO_SPECS=centos7 centos8 debian9 debian10 debian11 ubuntu1604 ubuntu1804 ubuntu2004 + ansible8: MITOGEN_TEST_DISTRO_SPECS=centos7 centos8 debian9 debian10 debian11 ubuntu1604 ubuntu1804 ubuntu2004 # Ansible 9 (ansible-core 2.16) requires Python 2.7 or >= 3.6 on targets - ansible9: DISTROS=centos7 centos8 debian9 debian10 debian11 ubuntu1804 ubuntu2004 + ansible9: MITOGEN_TEST_DISTRO_SPECS=centos7 centos8 debian9 debian10 debian11 ubuntu1804 ubuntu2004 # Ansible 10 (ansible-core 2.17) requires Python >= 3.7 on targets - ansible10: DISTROS=debian10-py3 debian11-py3 ubuntu2004-py3 - distros_centos: DISTROS=centos6 centos7 centos8 - distros_centos5: DISTROS=centos5 - distros_centos6: DISTROS=centos6 - distros_centos7: DISTROS=centos7 - distros_centos8: DISTROS=centos8 - distros_debian: DISTROS=debian9 debian10 debian11 - distros_debian9: DISTROS=debian9 - distros_debian10: DISTROS=debian10 - distros_debian11: DISTROS=debian11 - distros_ubuntu: DISTROS=ubuntu1604 ubuntu1804 ubuntu2004 - distros_ubuntu1604: DISTROS=ubuntu1604 - distros_ubuntu1804: DISTROS=ubuntu1804 - distros_ubuntu2004: DISTROS=ubuntu2004 + ansible10: MITOGEN_TEST_DISTRO_SPECS=debian10-py3 debian11-py3 ubuntu2004-py3 + distros_centos: MITOGEN_TEST_DISTRO_SPECS=centos6 centos7 centos8 + distros_centos5: MITOGEN_TEST_DISTRO_SPECS=centos5 + distros_centos6: MITOGEN_TEST_DISTRO_SPECS=centos6 + distros_centos7: MITOGEN_TEST_DISTRO_SPECS=centos7 + distros_centos8: MITOGEN_TEST_DISTRO_SPECS=centos8 + distros_debian: MITOGEN_TEST_DISTRO_SPECS=debian9 debian10 debian11 + distros_debian9: MITOGEN_TEST_DISTRO_SPECS=debian9 + distros_debian10: MITOGEN_TEST_DISTRO_SPECS=debian10 + distros_debian11: MITOGEN_TEST_DISTRO_SPECS=debian11 + distros_ubuntu: MITOGEN_TEST_DISTRO_SPECS=ubuntu1604 ubuntu1804 ubuntu2004 + distros_ubuntu1604: MITOGEN_TEST_DISTRO_SPECS=ubuntu1604 + distros_ubuntu1804: MITOGEN_TEST_DISTRO_SPECS=ubuntu1804 + distros_ubuntu2004: MITOGEN_TEST_DISTRO_SPECS=ubuntu2004 mode_ansible: MODE=ansible mode_ansible: ANSIBLE_SKIP_TAGS=resource_intensive mode_ansible: ANSIBLE_CALLBACK_WHITELIST=profile_tasks From e9bddf0c039bef8c52fd0dd40f8cbde5a111e5b4 Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Tue, 8 Oct 2024 17:43:30 +0100 Subject: [PATCH 32/61] CI: Use templated ansible_user for localhost Ansible tests refs #1022, #1116 --- .ci/localhost_ansible_tests.py | 14 -------------- tests/ansible/hosts/default.hosts | 3 +-- 2 files changed, 1 insertion(+), 16 deletions(-) diff --git a/.ci/localhost_ansible_tests.py b/.ci/localhost_ansible_tests.py index c36bad26..502a9abc 100755 --- a/.ci/localhost_ansible_tests.py +++ b/.ci/localhost_ansible_tests.py @@ -3,8 +3,6 @@ from __future__ import print_function -import getpass -import io import os import subprocess import sys @@ -57,18 +55,6 @@ with ci_lib.Fold('machine_prep'): os.chdir(IMAGE_PREP_DIR) ci_lib.run("ansible-playbook -c local -i localhost, _user_accounts.yml") - # FIXME Don't hardcode https://github.com/mitogen-hq/mitogen/issues/1022 - # and os.environ['USER'] is not populated on Azure macOS runners. - os.chdir(HOSTS_DIR) - with io.open('default.hosts', 'r+', encoding='utf-8') as f: - user = getpass.getuser() - content = f.read() - content = content.replace("{{ lookup('pipe', 'whoami') }}", user) - f.seek(0) - f.write(content) - f.truncate() - ci_lib.dump_file('default.hosts') - cmd = ';'.join([ 'from __future__ import print_function', 'import os, sys', diff --git a/tests/ansible/hosts/default.hosts b/tests/ansible/hosts/default.hosts index 609cd9f8..bebe90df 100644 --- a/tests/ansible/hosts/default.hosts +++ b/tests/ansible/hosts/default.hosts @@ -4,8 +4,7 @@ # When running the tests outside CI, make a single 'target' host which is the # local machine. The ansible_user override is necessary since some tests want a # fixed ansible.cfg remote_user setting to test against. -# FIXME Hardcoded by replacement in some CI runs https://github.com/mitogen-hq/mitogen/issues/1022 -# and os.environ['USER'] is not populated on Azure macOS runners. +# os.environ['USER'] is an empty string on GitHub Actions macOS runners. target ansible_host=localhost ansible_user="{{ lookup('pipe', 'whoami') }}" [test-targets] From bf6607e27e01d22c1a45b4f5c7ecbdc589eac732 Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Fri, 11 Oct 2024 15:50:09 +0100 Subject: [PATCH 33/61] ansible_mitogen: Support templated become_user This reads the become username from the `become_user` attribute of the play context, to the `"become_user"` option of the loaded become plugin. This has been supported by vanilla Ansible since Ansible 2.10 (ansible-base 2.10). To support this I've also switched from using the `play_context.become` (a bool), to `connection.become` (an instance of the appropriate) become plugin. New tests have been added, modelled on those for templated connection parameters (see #1147, #1153, #1159). See - https://github.com/ansible/ansible/commit/480b106d6535978ae6ecab68b40942ca4fa914a0 refs #1083 Co-authored-by: mordek --- ansible_mitogen/connection.py | 4 +-- ansible_mitogen/mixins.py | 2 +- ansible_mitogen/transport_config.py | 8 ++++-- docs/changelog.rst | 1 + docs/contributors.rst | 1 + tests/ansible/hosts/default.hosts | 14 ++++++++++ tests/ansible/integration/become/all.yml | 4 +++ .../integration/become/templated_by_inv.yml | 14 ++++++++++ .../become/templated_by_play_keywords.yml | 16 +++++++++++ .../become/templated_by_play_vars.yml | 16 +++++++++++ .../become/templated_by_task_keywords.yml | 27 +++++++++++++++++++ tests/ansible/templates/test-targets.j2 | 20 ++++++++++++++ 12 files changed, 122 insertions(+), 5 deletions(-) create mode 100644 tests/ansible/integration/become/templated_by_inv.yml create mode 100644 tests/ansible/integration/become/templated_by_play_keywords.yml create mode 100644 tests/ansible/integration/become/templated_by_play_vars.yml create mode 100644 tests/ansible/integration/become/templated_by_task_keywords.yml diff --git a/ansible_mitogen/connection.py b/ansible_mitogen/connection.py index a715b2b0..4c1df1bd 100644 --- a/ansible_mitogen/connection.py +++ b/ansible_mitogen/connection.py @@ -814,7 +814,7 @@ class Connection(ansible.plugins.connection.ConnectionBase): self.context = dct['context'] self.chain = CallChain(self, self.context, pipelined=True) - if self._play_context.become: + if self.become: self.login_context = dct['via'] else: self.login_context = self.context @@ -926,7 +926,7 @@ class Connection(ansible.plugins.connection.ConnectionBase): self.close() inventory_name, stack = self._build_stack() - if self._play_context.become: + if self.become: stack = stack[:-1] worker_model = ansible_mitogen.process.get_worker_model() diff --git a/ansible_mitogen/mixins.py b/ansible_mitogen/mixins.py index 1b6512e8..3953eb52 100644 --- a/ansible_mitogen/mixins.py +++ b/ansible_mitogen/mixins.py @@ -294,7 +294,7 @@ class ActionModuleMixin(ansible.plugins.action.ActionBase): if not path.startswith('~'): # /home/foo -> /home/foo return path - if sudoable or not self._play_context.become: + if sudoable or not self._connection.become: if path == '~': # ~ -> /home/dmw return self._connection.homedir diff --git a/ansible_mitogen/transport_config.py b/ansible_mitogen/transport_config.py index a9f67209..708c2897 100644 --- a/ansible_mitogen/transport_config.py +++ b/ansible_mitogen/transport_config.py @@ -417,6 +417,10 @@ class PlayContextSpec(Spec): # used to run interpreter discovery self._action = connection._action + def _become_option(self, name): + plugin = self._connection.become + return plugin.get_option(name, self._task_vars, self._play_context) + def _connection_option(self, name): try: return self._connection.get_option(name, hostvars=self._task_vars) @@ -437,13 +441,13 @@ class PlayContextSpec(Spec): return self._connection_option('remote_user') def become(self): - return self._play_context.become + return self._connection.become def become_method(self): return self._play_context.become_method def become_user(self): - return self._play_context.become_user + return self._become_option('become_user') def become_pass(self): # become_pass is owned/provided by the active become plugin. However diff --git a/docs/changelog.rst b/docs/changelog.rst index 1fad75a5..8ab68d97 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -23,6 +23,7 @@ In progress (unreleased) * :gh:issue:`1159` CI: Reduce number of Jobs by parameterizing Mitogen Docker SSH tests +* :gh:issue:`1083` :mod:`ansible_mitogen`: Support templated become username. v0.3.13 (2024-10-09) diff --git a/docs/contributors.rst b/docs/contributors.rst index 69dc1e76..ad35f91c 100644 --- a/docs/contributors.rst +++ b/docs/contributors.rst @@ -134,6 +134,7 @@ sponsorship and outstanding future-thinking of its early adopters.
  • luto
  • Mayeu a.k.a Matthieu Maury
  • Michael D'Silva
    • +
  • mordek
  • @nathanhruby
  • Orion Poplawski
  • Philippe Kueck
    • diff --git a/tests/ansible/hosts/default.hosts b/tests/ansible/hosts/default.hosts index bebe90df..ef05803e 100644 --- a/tests/ansible/hosts/default.hosts +++ b/tests/ansible/hosts/default.hosts @@ -25,6 +25,20 @@ tt-bare [tt_targets_bare:vars] ansible_host=localhost +[tt_become_bare] +tt-become-bare + +[tt_become_bare:vars] +ansible_host=localhost +ansible_user="{{ lookup('pipe', 'whoami') }}" + +[tt_become_by_inv] +tt-become-user ansible_become=true ansible_become_user="{{ 'root' | trim }}" + +[tt_become_by_inv:vars] +ansible_host=localhost +ansible_user="{{ lookup('pipe', 'whoami') }}" + [tt_targets_inventory] tt-password ansible_password="{{ 'has_sudo_nopw_password' | trim }}" ansible_user=mitogen__has_sudo_nopw tt-port ansible_password=has_sudo_nopw_password ansible_port="{{ 22 | int }}" ansible_user=mitogen__has_sudo_nopw diff --git a/tests/ansible/integration/become/all.yml b/tests/ansible/integration/become/all.yml index c9c331dd..1b507e16 100644 --- a/tests/ansible/integration/become/all.yml +++ b/tests/ansible/integration/become/all.yml @@ -5,3 +5,7 @@ - import_playbook: sudo_nopassword.yml - import_playbook: sudo_password.yml - import_playbook: sudo_requiretty.yml +- import_playbook: templated_by_inv.yml +- import_playbook: templated_by_play_keywords.yml +- import_playbook: templated_by_play_vars.yml +- import_playbook: templated_by_task_keywords.yml diff --git a/tests/ansible/integration/become/templated_by_inv.yml b/tests/ansible/integration/become/templated_by_inv.yml new file mode 100644 index 00000000..98b68f05 --- /dev/null +++ b/tests/ansible/integration/become/templated_by_inv.yml @@ -0,0 +1,14 @@ +- name: integration/become/templated_by_inv.yml + hosts: tt_become_by_inv + gather_facts: false + tasks: + - meta: reset_connection + - name: Templated become in inventory + command: + cmd: whoami + changed_when: false + check_mode: false + register: become_templated_by_inv_whoami + failed_when: + - become_templated_by_inv_whoami is failed + or become_templated_by_inv_whoami.stdout != 'root' diff --git a/tests/ansible/integration/become/templated_by_play_keywords.yml b/tests/ansible/integration/become/templated_by_play_keywords.yml new file mode 100644 index 00000000..e588c18f --- /dev/null +++ b/tests/ansible/integration/become/templated_by_play_keywords.yml @@ -0,0 +1,16 @@ +- name: integration/become/templated_by_play_keywords.yml + hosts: tt_become_bare + gather_facts: false + become: true + become_user: "{{ 'root' | trim }}" + tasks: + - meta: reset_connection + - name: Templated become by play keywords + command: + cmd: whoami + changed_when: false + check_mode: false + register: become_templated_by_play_keywords_whoami + failed_when: + - become_templated_by_play_keywords_whoami is failed + or become_templated_by_play_keywords_whoami.stdout != 'root' diff --git a/tests/ansible/integration/become/templated_by_play_vars.yml b/tests/ansible/integration/become/templated_by_play_vars.yml new file mode 100644 index 00000000..5618f7cc --- /dev/null +++ b/tests/ansible/integration/become/templated_by_play_vars.yml @@ -0,0 +1,16 @@ +- name: integration/become/templated_by_play_vars.yml + hosts: tt_become_bare + gather_facts: false + vars: + ansible_become: true + ansible_become_user: "{{ 'root' | trim }}" + tasks: + - name: Templated become by play vars + command: + cmd: whoami + changed_when: false + check_mode: false + register: become_templated_by_play_vars_whoami + failed_when: + - become_templated_by_play_vars_whoami is failed + or become_templated_by_play_vars_whoami.stdout != 'root' diff --git a/tests/ansible/integration/become/templated_by_task_keywords.yml b/tests/ansible/integration/become/templated_by_task_keywords.yml new file mode 100644 index 00000000..52fda111 --- /dev/null +++ b/tests/ansible/integration/become/templated_by_task_keywords.yml @@ -0,0 +1,27 @@ +- name: integration/become/templated_by_task_keywords.yml + hosts: tt_become_bare + gather_facts: false + # FIXME Resetting the connection shouldn't require credentials + # https://github.com/mitogen-hq/mitogen/issues/1132 + become: true + become_user: "{{ 'root' | trim }}" + tasks: + - name: Reset connection to target that will be delegate_to + meta: reset_connection + +- name: Test connection template by task keywords, with delegate_to + hosts: test-targets[0] + gather_facts: false + tasks: + - name: Templated become by task keywords, with delegate_to + become: true + become_user: "{{ 'root' | trim }}" + delegate_to: "{{ groups.tt_become_bare[0] }}" + command: + cmd: whoami + changed_when: false + check_mode: false + register: become_templated_by_task_with_delegate_to_whoami + failed_when: + - become_templated_by_task_with_delegate_to_whoami is failed + or become_templated_by_task_with_delegate_to_whoami.stdout != 'root' diff --git a/tests/ansible/templates/test-targets.j2 b/tests/ansible/templates/test-targets.j2 index 0fdef20b..47f2ccd4 100644 --- a/tests/ansible/templates/test-targets.j2 +++ b/tests/ansible/templates/test-targets.j2 @@ -48,6 +48,26 @@ ansible_host={{ tt.hostname }} ansible_port={{ tt.port }} ansible_python_interpreter={{ tt.python_path }} +[tt_become_bare] +tt-become-bare + +[tt_become_bare:vars] +ansible_host={{ tt.hostname }} +ansible_password=has_sudo_nopw_password +ansible_port={{ tt.port }} +ansible_python_interpreter={{ tt.python_path }} +ansible_user=mitogen__has_sudo_nopw + +[tt_become_by_inv] +tt-become-user ansible_become=true ansible_become_user="{{ '{{' }} 'root' | trim {{ '}}' }}" + +[tt_become_by_inv:vars] +ansible_host={{ tt.hostname }} +ansible_password=has_sudo_nopw_password +ansible_port={{ tt.port }} +ansible_python_interpreter={{ tt.python_path }} +ansible_user=mitogen__has_sudo_nopw + [tt_targets_inventory] tt-password ansible_password="{{ '{{' }} 'has_sudo_nopw_password' | trim {{ '}}' }}" ansible_port={{ tt.port }} ansible_user=mitogen__has_sudo_nopw tt-port ansible_password=has_sudo_nopw_password ansible_port="{{ '{{' }} {{ tt.port }} | int {{ '}}' }}" ansible_user=mitogen__has_sudo_nopw From c4ca015266555594a39cccfff09e169f01612c0d Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Wed, 16 Oct 2024 15:00:59 +0100 Subject: [PATCH 34/61] Prepare v0.3.14 --- docs/changelog.rst | 4 ++-- mitogen/__init__.py | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/changelog.rst b/docs/changelog.rst index 8ab68d97..cec8f331 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -18,8 +18,8 @@ To avail of fixes in an unreleased version, please download a ZIP file `directly from GitHub `_. -In progress (unreleased) ------------------------- +v0.3.14 (2024-10-16) +-------------------- * :gh:issue:`1159` CI: Reduce number of Jobs by parameterizing Mitogen Docker SSH tests diff --git a/mitogen/__init__.py b/mitogen/__init__.py index 36c448d9..f710a550 100644 --- a/mitogen/__init__.py +++ b/mitogen/__init__.py @@ -35,7 +35,7 @@ be expected. On the slave, it is built dynamically during startup. #: Library version as a tuple. -__version__ = (0, 3, 14, 'dev') +__version__ = (0, 3, 14) #: This is :data:`False` in slave contexts. Previously it was used to prevent From d35ca3e4afaf7e93d85df2d22250b0e78ee2b1cc Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Wed, 16 Oct 2024 15:02:30 +0100 Subject: [PATCH 35/61] Begin 0.3.15.dev --- docs/changelog.rst | 5 +++++ mitogen/__init__.py | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/docs/changelog.rst b/docs/changelog.rst index cec8f331..3a1d6ff2 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -18,6 +18,11 @@ To avail of fixes in an unreleased version, please download a ZIP file `directly from GitHub `_. +In progress (unreleased) +------------------------ + + + v0.3.14 (2024-10-16) -------------------- diff --git a/mitogen/__init__.py b/mitogen/__init__.py index f710a550..fd5590f2 100644 --- a/mitogen/__init__.py +++ b/mitogen/__init__.py @@ -35,7 +35,7 @@ be expected. On the slave, it is built dynamically during startup. #: Library version as a tuple. -__version__ = (0, 3, 14) +__version__ = (0, 3, 15, 'dev') #: This is :data:`False` in slave contexts. Previously it was used to prevent From cdfaf31ebca69330eeb0941458345598c120add4 Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Thu, 24 Oct 2024 12:09:40 +0100 Subject: [PATCH 36/61] ansible_mitogen: Template ssh_*_args connection options This expands support to setting them in Play scoped variables. Task scoped variables are also very likely to work, but untested for now. refs #905 --- ansible_mitogen/transport_config.py | 7 ++- docs/changelog.rst | 2 + tests/ansible/hosts/default.hosts | 2 +- tests/ansible/integration/ssh/all.yml | 3 +- .../ssh/{args.yml => args_by_inv.yml} | 5 +- .../integration/ssh/args_by_play_taskvar.yml | 52 +++++++++++++++++++ tests/ansible/templates/test-targets.j2 | 2 +- 7 files changed, 62 insertions(+), 11 deletions(-) rename tests/ansible/integration/ssh/{args.yml => args_by_inv.yml} (85%) create mode 100644 tests/ansible/integration/ssh/args_by_play_taskvar.yml diff --git a/ansible_mitogen/transport_config.py b/ansible_mitogen/transport_config.py index 708c2897..770c1997 100644 --- a/ansible_mitogen/transport_config.py +++ b/ansible_mitogen/transport_config.py @@ -506,13 +506,12 @@ class PlayContextSpec(Spec): ) def ssh_args(self): - local_vars = self._task_vars.get("hostvars", {}).get(self._inventory_name, {}) return [ mitogen.core.to_text(term) for s in ( - C.config.get_config_value("ssh_args", plugin_type="connection", plugin_name="ssh", variables=local_vars), - C.config.get_config_value("ssh_common_args", plugin_type="connection", plugin_name="ssh", variables=local_vars), - C.config.get_config_value("ssh_extra_args", plugin_type="connection", plugin_name="ssh", variables=local_vars) + self._connection_option('ssh_args'), + self._connection_option('ssh_common_args'), + self._connection_option('ssh_extra_args'), ) for term in ansible.utils.shlex.shlex_split(s or '') ] diff --git a/docs/changelog.rst b/docs/changelog.rst index 3a1d6ff2..0655e970 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -21,6 +21,8 @@ To avail of fixes in an unreleased version, please download a ZIP file In progress (unreleased) ------------------------ +* :gh:issue:`905` :mod:`ansible_mitogen`: Support templated SSH command + arguments (e.g. ``ansible_ssh_args``, ``ansible_ssh_extra_args``). v0.3.14 (2024-10-16) diff --git a/tests/ansible/hosts/default.hosts b/tests/ansible/hosts/default.hosts index ef05803e..2edb9d0e 100644 --- a/tests/ansible/hosts/default.hosts +++ b/tests/ansible/hosts/default.hosts @@ -17,7 +17,7 @@ ssh-common-args ansible_host=localhost ansible_user="{{ lookup('pipe', 'whoami') [issue905:vars] ansible_ssh_common_args=-o PermitLocalCommand=yes -o LocalCommand="touch {{ ssh_args_canary_file }}" -ssh_args_canary_file=/tmp/ssh_args_{{ inventory_hostname }} +ssh_args_canary_file=/tmp/ssh_args_by_inv_{{ inventory_hostname }} [tt_targets_bare] tt-bare diff --git a/tests/ansible/integration/ssh/all.yml b/tests/ansible/integration/ssh/all.yml index eada992a..20031704 100644 --- a/tests/ansible/integration/ssh/all.yml +++ b/tests/ansible/integration/ssh/all.yml @@ -1,4 +1,5 @@ -- import_playbook: args.yml +- import_playbook: args_by_inv.yml +- import_playbook: args_by_play_taskvar.yml - import_playbook: config.yml - import_playbook: password.yml - import_playbook: timeouts.yml diff --git a/tests/ansible/integration/ssh/args.yml b/tests/ansible/integration/ssh/args_by_inv.yml similarity index 85% rename from tests/ansible/integration/ssh/args.yml rename to tests/ansible/integration/ssh/args_by_inv.yml index 5892b5fe..58fd1e28 100644 --- a/tests/ansible/integration/ssh/args.yml +++ b/tests/ansible/integration/ssh/args_by_inv.yml @@ -1,12 +1,9 @@ -- name: integration/ssh/args.yml +- name: integration/ssh/args_by_inv.yml hosts: issue905 gather_facts: false tasks: # Test that ansible_ssh_common_args are templated; ansible_ssh_args & # ansible_ssh_extra_args aren't directly tested, we assume they're similar. - # FIXME This test currently relies on variables set in the host group. - # Ideally they'd be set here, and the host group eliminated, but - # Mitogen currently fails to template when defined in the play. # TODO Replace LocalCommand canary with SetEnv canary, to simplify test. # Requires modification of sshd_config files to add AcceptEnv ... - name: Test templating of ansible_ssh_common_args et al diff --git a/tests/ansible/integration/ssh/args_by_play_taskvar.yml b/tests/ansible/integration/ssh/args_by_play_taskvar.yml new file mode 100644 index 00000000..5ae83f2a --- /dev/null +++ b/tests/ansible/integration/ssh/args_by_play_taskvar.yml @@ -0,0 +1,52 @@ +- name: integration/ssh/args_by_play_taskvar.yml + hosts: tt_targets_bare + gather_facts: false + vars: + ansible_password: "{{ 'has_sudo_nopw_password' | trim }}" + ansible_port: "{{ hostvars[groups['test-targets'][0]].ansible_port | default(22) }}" + ansible_ssh_common_args: >- + -o PermitLocalCommand=yes + -o LocalCommand="touch {{ ssh_args_canary_file }}" + ansible_user: "{{ 'mitogen__has_sudo_nopw' | trim }}" + ssh_args_canary_file: "/tmp/ssh_args_by_play_taskvar_{{ inventory_hostname }}" + tasks: + # Test that ansible_ssh_common_args are templated; ansible_ssh_args & + # ansible_ssh_extra_args aren't directly tested, we assume they're similar. + # TODO Replace LocalCommand canary with SetEnv canary, to simplify test. + # Requires modification of sshd_config files to add AcceptEnv ... + - name: Test templating of ansible_ssh_common_args et al, by play taskvars + block: + - name: Ensure no lingering canary files + file: + path: "{{ ssh_args_canary_file }}" + state: absent + delegate_to: localhost + + - name: Reset connections to force new ssh execution + meta: reset_connection + + - name: Perform SSH connection, to trigger side effect + ping: + + - name: Stat for canary file created by side effect + stat: + path: "{{ ssh_args_canary_file }}" + delegate_to: localhost + register: ssh_args_by_play_taskvar_canary_stat + + - assert: + that: + - ssh_args_by_play_taskvar_canary_stat.stat.exists == true + quiet: true + success_msg: "Canary found: {{ ssh_args_canary_file }}" + fail_msg: | + ssh_args_canary_file={{ ssh_args_canary_file }} + ssh_args_by_play_taskvar_canary_stat={{ ssh_args_by_play_taskvar_canary_stat }} + always: + - name: Cleanup canary files + file: + path: "{{ ssh_args_canary_file }}" + state: absent + delegate_to: localhost + tags: + - issue_905 diff --git a/tests/ansible/templates/test-targets.j2 b/tests/ansible/templates/test-targets.j2 index 47f2ccd4..c0bd9cef 100644 --- a/tests/ansible/templates/test-targets.j2 +++ b/tests/ansible/templates/test-targets.j2 @@ -36,7 +36,7 @@ ssh-common-args ansible_host={{ c.hostname }} ansible_port={{ c.port }} ansible_ ansible_user=mitogen__has_sudo_nopw ansible_password=has_sudo_nopw_password ansible_ssh_common_args=-o PermitLocalCommand=yes -o LocalCommand="touch {{ '{{' }} ssh_args_canary_file {{ '}}' }}" -ssh_args_canary_file=/tmp/ssh_args_{{ '{{' }} inventory_hostname {{ '}}' }} +ssh_args_canary_file=/tmp/ssh_args_by_inv_{{ '{{' }} inventory_hostname {{ '}}' }} {% set tt = containers[0] %} From 8a34b925a4002fa8ea874b738d1ee2f8348270ef Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Thu, 24 Oct 2024 15:35:15 +0100 Subject: [PATCH 37/61] tests: Re-enable become/sudo tests, fix them on macOS runners The tasks in tests/imageprep/_user_accounts.yml that create users did not specify a primary group for those users - this left the decision to Ansible's user module, and/or the underlying OS. In Ansible 9+ (ansible-core 2.16+ the user module defaults to primary group "staff." Earlier don't supply a default, which releases probably results in a primary group nameed "None" (due to stringifying the Python singleton of the same name), or whatever the macOS Directory Services has for no data/NULL. The invalid GID 4294967295 (MAX_UINT32 == 2**32-1) in the sudo error probably enters the mix via something similar to sudo CVE-2019-14287. Fixes #692 See - https://github.com/ansible/ansible/pull/79999 - https://github.com/ansible/ansible/commit/c69c83c962f987c78af98da0746527df - https://www.sudo.ws/security/advisories/minus_1_uid/ > Bruce Wayne : [confused] Am I meant to understand any of that? > Lucius Fox : Not at all, I just wanted you to know how hard it was. > -- Batman Begins --- docs/changelog.rst | 1 + .../integration/action/make_tmp_path.yml | 21 ++++--- .../integration/action/synchronize.yml | 28 ++++----- .../integration/become/sudo_password.yml | 39 ++++++++----- .../integration/become/sudo_requiretty.yml | 52 +++++++++-------- .../playbook_semantics/with_items.yml | 57 +++++++++++-------- tests/image_prep/_user_accounts.yml | 1 + tests/image_prep/ansible.cfg | 1 + 8 files changed, 114 insertions(+), 86 deletions(-) diff --git a/docs/changelog.rst b/docs/changelog.rst index 0655e970..e435fe77 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -23,6 +23,7 @@ In progress (unreleased) * :gh:issue:`905` :mod:`ansible_mitogen`: Support templated SSH command arguments (e.g. ``ansible_ssh_args``, ``ansible_ssh_extra_args``). +* :gh:issue:`692` tests: Fix and re-enable several sudo tests v0.3.14 (2024-10-16) diff --git a/tests/ansible/integration/action/make_tmp_path.yml b/tests/ansible/integration/action/make_tmp_path.yml index b3f3b519..c0200691 100644 --- a/tests/ansible/integration/action/make_tmp_path.yml +++ b/tests/ansible/integration/action/make_tmp_path.yml @@ -142,17 +142,16 @@ # readonly homedir # - # TODO: https://github.com/dw/mitogen/issues/692 - # - name: "Try writing to temp directory for the readonly_homedir user" - # become: true - # become_user: mitogen__readonly_homedir - # custom_python_run_script: - # script: | - # from ansible.module_utils.basic import get_module_path - # path = get_module_path() + '/foo.txt' - # result['path'] = path - # open(path, 'w').write("bar") - # register: tmp_path + - name: Try writing to temp directory for the readonly_homedir user + become: true + become_user: mitogen__readonly_homedir + custom_python_run_script: + script: | + from ansible.module_utils.basic import get_module_path + path = get_module_path() + '/foo.txt' + result['path'] = path + open(path, 'w').write("bar") + register: tmp_path # # modules get the same base dir diff --git a/tests/ansible/integration/action/synchronize.yml b/tests/ansible/integration/action/synchronize.yml index 6da81da3..58f54cc8 100644 --- a/tests/ansible/integration/action/synchronize.yml +++ b/tests/ansible/integration/action/synchronize.yml @@ -40,11 +40,11 @@ delegate_to: localhost run_once: true - # TODO: https://github.com/dw/mitogen/issues/692 - # - file: - # path: /tmp/sync-test.out - # state: absent - # become: true + - name: Ensure clean slate + become: true + file: + path: /tmp/sync-test.out + state: absent # exception: File "/tmp/venv/lib/python2.7/site-packages/ansible/plugins/action/__init__.py", line 129, in cleanup # exception: self._remove_tmp_path(self._connection._shell.tmpdir) @@ -70,14 +70,14 @@ outout={{ outout }} when: False - # TODO: https://github.com/dw/mitogen/issues/692 - # - file: - # path: "{{item}}" - # state: absent - # become: true - # with_items: - # - /tmp/synchronize-action-key - # - /tmp/sync-test - # - /tmp/sync-test.out + - name: Cleanup + become: true + file: + path: "{{ item }}" + state: absent + with_items: + - /tmp/synchronize-action-key + - /tmp/sync-test + - /tmp/sync-test.out tags: - synchronize diff --git a/tests/ansible/integration/become/sudo_password.yml b/tests/ansible/integration/become/sudo_password.yml index 07034635..8f99bf6f 100644 --- a/tests/ansible/integration/become/sudo_password.yml +++ b/tests/ansible/integration/become/sudo_password.yml @@ -5,10 +5,12 @@ tasks: - name: Ensure sudo password absent but required. - shell: whoami become: true become_user: mitogen__pw_required + command: + cmd: whoami register: out + changed_when: false ignore_errors: true when: # https://github.com/ansible/ansible/pull/70785 @@ -32,10 +34,12 @@ or is_mitogen - name: Ensure password sudo incorrect. - shell: whoami become: true become_user: mitogen__pw_required + command: + cmd: whoami register: out + changed_when: false vars: ansible_become_pass: nopes ignore_errors: true @@ -59,18 +63,27 @@ or ansible_version.full is version("2.11", ">=", strict=True) or is_mitogen - # TODO: https://github.com/dw/mitogen/issues/692 - # - name: Ensure password sudo succeeds. - # shell: whoami - # become: true - # become_user: mitogen__pw_required - # register: out - # vars: - # ansible_become_pass: pw_required_password + - block: + - name: Ensure password sudo succeeds + become: true + become_user: mitogen__pw_required + vars: + ansible_become_pass: pw_required_password + command: + cmd: whoami + register: sudo_password_success_whoami + changed_when: false - # - assert: - # that: - # - out.stdout == 'mitogen__pw_required' + - assert: + that: + - sudo_password_success_whoami.stdout == 'mitogen__pw_required' + fail_msg: | + sudo_password_success_whoami={{ sudo_password_success_whoami }} + when: + # https://github.com/ansible/ansible/pull/70785 + - ansible_facts.distribution not in ["MacOSX"] + or ansible_version.full is version("2.11", ">=", strict=True) + or is_mitogen tags: - sudo - sudo_password diff --git a/tests/ansible/integration/become/sudo_requiretty.yml b/tests/ansible/integration/become/sudo_requiretty.yml index 20f106fc..08b478a2 100644 --- a/tests/ansible/integration/become/sudo_requiretty.yml +++ b/tests/ansible/integration/become/sudo_requiretty.yml @@ -3,34 +3,38 @@ - name: integration/become/sudo_requiretty.yml hosts: test-targets tasks: - # - include_tasks: ../_mitogen_only.yml + # AIUI Vanilla Ansible cannot do sudo when requiretty configured + - include_tasks: ../_mitogen_only.yml - # TODO: https://github.com/dw/mitogen/issues/692 - # - name: Verify we can login to a non-passworded requiretty account - # shell: whoami - # become: true - # become_user: mitogen__require_tty - # register: out + - name: Verify we can login to a non-passworded requiretty account + become: true + become_user: mitogen__require_tty + command: + cmd: whoami + changed_when: false + register: sudo_require_tty_whoami - # - assert: - # that: - # - out.stdout == 'mitogen__require_tty' + - assert: + that: + - sudo_require_tty_whoami.stdout == 'mitogen__require_tty' + fail_msg: | + sudo_require_tty_whoami={{ sudo_require_tty_whoami }} + - name: Verify we can login to a passworded requiretty account + become: true + become_user: mitogen__require_tty_pw_required + vars: + ansible_become_pass: require_tty_pw_required_password + command: + cmd: whoami + changed_when: false + register: sudo_require_tty_password_whoami - # --------------- - - # TODO: https://github.com/dw/mitogen/issues/692 - # - name: Verify we can login to a passworded requiretty account - # shell: whoami - # become: true - # become_user: mitogen__require_tty_pw_required - # vars: - # ansible_become_pass: require_tty_pw_required_password - # register: out - - # - assert: - # that: - # - out.stdout == 'mitogen__require_tty_pw_required' + - assert: + that: + - sudo_require_tty_password_whoami.stdout == 'mitogen__require_tty_pw_required' + fail_msg: | + sudo_require_tty_password_whoami={{ sudo_require_tty_password_whoami }} tags: - mitogen_only - sudo diff --git a/tests/ansible/integration/playbook_semantics/with_items.yml b/tests/ansible/integration/playbook_semantics/with_items.yml index 4de29c4b..89146981 100644 --- a/tests/ansible/integration/playbook_semantics/with_items.yml +++ b/tests/ansible/integration/playbook_semantics/with_items.yml @@ -3,30 +3,39 @@ - name: integration/playbook_semantics/with_items.yml hosts: test-targets + gather_facts: true tasks: + - block: + - name: Spin up a few interpreters + become: true + vars: + ansible_become_user: "mitogen__user{{ item }}" + command: + cmd: whoami + with_sequence: start=1 end=3 + register: first_run + changed_when: false - # TODO: https://github.com/dw/mitogen/issues/692 - # - name: Spin up a few interpreters - # shell: whoami - # become: true - # vars: - # ansible_become_user: "mitogen__user{{item}}" - # with_sequence: start=1 end=3 - # register: first_run + - name: Reuse them + become: true + vars: + ansible_become_user: "mitogen__user{{ item }}" + command: + cmd: whoami + with_sequence: start=1 end=3 + register: second_run + changed_when: false - # - name: Reuse them - # shell: whoami - # become: true - # vars: - # ansible_become_user: "mitogen__user{{item}}" - # with_sequence: start=1 end=3 - # register: second_run - - # - name: Verify first and second run matches expected username. - # assert: - # that: - # - first_run.results[item|int].stdout == ("mitogen__user%d" % (item|int + 1)) - # - first_run.results[item|int].stdout == second_run.results[item|int].stdout - # with_sequence: start=0 end=2 - tags: - - custom_python_new_style_module + - name: Verify first and second run matches expected username. + vars: + user_expected: "mitogen__user{{ item | int + 1 }}" + assert: + that: + - first_run.results[item | int].stdout == user_expected + - second_run.results[item | int].stdout == user_expected + with_sequence: start=0 end=2 + when: + # https://github.com/ansible/ansible/pull/70785 + - ansible_facts.distribution not in ["MacOSX"] + or ansible_version.full is version("2.11", ">=", strict=True) + or is_mitogen diff --git a/tests/image_prep/_user_accounts.yml b/tests/image_prep/_user_accounts.yml index 0b6d5e61..ad5a4ef5 100644 --- a/tests/image_prep/_user_accounts.yml +++ b/tests/image_prep/_user_accounts.yml @@ -73,6 +73,7 @@ - user: name: "mitogen__{{item}}" shell: /bin/bash + group: staff groups: | {{ ['com.apple.access_ssh'] + diff --git a/tests/image_prep/ansible.cfg b/tests/image_prep/ansible.cfg index 0745aed1..da778786 100644 --- a/tests/image_prep/ansible.cfg +++ b/tests/image_prep/ansible.cfg @@ -6,6 +6,7 @@ retry_files_enabled = false display_args_to_stdout = True no_target_syslog = True host_key_checking = False +stdout_callback = yaml [inventory] unparsed_is_fatal = true From 7e5b0641393d42b1e7e1bf27c9283ea05aa8209f Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Mon, 28 Oct 2024 09:13:43 +0000 Subject: [PATCH 38/61] ansible_mitogen: Support templated become passwords --- ansible_mitogen/transport_config.py | 14 +----- docs/changelog.rst | 2 + tests/ansible/hosts/default.hosts | 1 + .../integration/become/templated_by_inv.yml | 18 +++++++- .../become/templated_by_play_keywords.yml | 33 +++++++++++++- .../become/templated_by_play_vars.yml | 32 +++++++++++++- .../become/templated_by_task_keywords.yml | 44 +++++++++++++++++++ tests/ansible/templates/test-targets.j2 | 2 +- 8 files changed, 129 insertions(+), 17 deletions(-) diff --git a/ansible_mitogen/transport_config.py b/ansible_mitogen/transport_config.py index 770c1997..c2976365 100644 --- a/ansible_mitogen/transport_config.py +++ b/ansible_mitogen/transport_config.py @@ -450,19 +450,7 @@ class PlayContextSpec(Spec): return self._become_option('become_user') def become_pass(self): - # become_pass is owned/provided by the active become plugin. However - # PlayContext is intertwined with it. Known complications - # - ansible_become_password is higher priority than ansible_become_pass, - # `play_context.become_pass` doesn't obey this (atleast with Mitgeon). - # - `meta: reset_connection` runs `connection.reset()` but - # `ansible_mitogen.connection.Connection.reset()` recreates the - # connection object, setting `connection.become = None`. - become_plugin = self._connection.become - try: - become_pass = become_plugin.get_option('become_pass', playcontext=self._play_context) - except AttributeError: - become_pass = self._play_context.become_pass - return optional_secret(become_pass) + return optional_secret(self._become_option('become_pass')) def password(self): return optional_secret(self._connection_option('password')) diff --git a/docs/changelog.rst b/docs/changelog.rst index e435fe77..7614504e 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -24,6 +24,8 @@ In progress (unreleased) * :gh:issue:`905` :mod:`ansible_mitogen`: Support templated SSH command arguments (e.g. ``ansible_ssh_args``, ``ansible_ssh_extra_args``). * :gh:issue:`692` tests: Fix and re-enable several sudo tests +* :gh:issue:`1083` :mod:`ansible_mitogen`: Support templated become password + (e.g. ``ansible_become_pass``, ``ansible_sudo_pass``) v0.3.14 (2024-10-16) diff --git a/tests/ansible/hosts/default.hosts b/tests/ansible/hosts/default.hosts index 2edb9d0e..58e003b0 100644 --- a/tests/ansible/hosts/default.hosts +++ b/tests/ansible/hosts/default.hosts @@ -33,6 +33,7 @@ ansible_host=localhost ansible_user="{{ lookup('pipe', 'whoami') }}" [tt_become_by_inv] +tt-become-pass ansible_become=true ansible_become_pass="{{ 'pw_required_password' | trim }}" ansible_become_user=mitogen__pw_required tt-become-user ansible_become=true ansible_become_user="{{ 'root' | trim }}" [tt_become_by_inv:vars] diff --git a/tests/ansible/integration/become/templated_by_inv.yml b/tests/ansible/integration/become/templated_by_inv.yml index 98b68f05..3409708b 100644 --- a/tests/ansible/integration/become/templated_by_inv.yml +++ b/tests/ansible/integration/become/templated_by_inv.yml @@ -2,8 +2,18 @@ hosts: tt_become_by_inv gather_facts: false tasks: + - name: Gather facts (avoiding any unprivileged become) + vars: + ansible_become: false + setup: + - meta: reset_connection + - name: Templated become in inventory + vars: + expected_become_users: + tt-become-pass: mitogen__pw_required + tt-become-user: root command: cmd: whoami changed_when: false @@ -11,4 +21,10 @@ register: become_templated_by_inv_whoami failed_when: - become_templated_by_inv_whoami is failed - or become_templated_by_inv_whoami.stdout != 'root' + or become_templated_by_inv_whoami.stdout != expected_become_users[inventory_hostname] + when: + # https://github.com/ansible/ansible/pull/70785 + - ansible_become_user in ['root'] + or ansible_facts.distribution not in ["MacOSX"] + or ansible_version.full is version("2.11", ">=", strict=True) + or is_mitogen diff --git a/tests/ansible/integration/become/templated_by_play_keywords.yml b/tests/ansible/integration/become/templated_by_play_keywords.yml index e588c18f..94d52726 100644 --- a/tests/ansible/integration/become/templated_by_play_keywords.yml +++ b/tests/ansible/integration/become/templated_by_play_keywords.yml @@ -5,7 +5,8 @@ become_user: "{{ 'root' | trim }}" tasks: - meta: reset_connection - - name: Templated become by play keywords + + - name: Templated become by play keywords, no password command: cmd: whoami changed_when: false @@ -14,3 +15,33 @@ failed_when: - become_templated_by_play_keywords_whoami is failed or become_templated_by_play_keywords_whoami.stdout != 'root' + +- name: integration/become/templated_by_play_keywords.yml + hosts: tt_become_bare + gather_facts: false + become: true + become_user: "{{ 'mitogen__pw_required' | trim }}" + vars: + ansible_become_pass: "{{ 'pw_required_password' | trim }}" + tasks: + - name: Gather facts (avoiding any unprivileged become) + vars: + ansible_become: false + setup: + + - meta: reset_connection + + - name: Templated become by play keywords, password + command: + cmd: whoami + changed_when: false + check_mode: false + register: become_templated_by_play_keywords_password_whoami + failed_when: + - become_templated_by_play_keywords_password_whoami is failed + or become_templated_by_play_keywords_password_whoami.stdout != 'mitogen__pw_required' + when: + # https://github.com/ansible/ansible/pull/70785 + - ansible_facts.distribution not in ["MacOSX"] + or ansible_version.full is version("2.11", ">=", strict=True) + or is_mitogen diff --git a/tests/ansible/integration/become/templated_by_play_vars.yml b/tests/ansible/integration/become/templated_by_play_vars.yml index 5618f7cc..c46ca144 100644 --- a/tests/ansible/integration/become/templated_by_play_vars.yml +++ b/tests/ansible/integration/become/templated_by_play_vars.yml @@ -5,7 +5,7 @@ ansible_become: true ansible_become_user: "{{ 'root' | trim }}" tasks: - - name: Templated become by play vars + - name: Templated become by play vars, no password command: cmd: whoami changed_when: false @@ -14,3 +14,33 @@ failed_when: - become_templated_by_play_vars_whoami is failed or become_templated_by_play_vars_whoami.stdout != 'root' + +- name: integration/become/templated_by_play_vars.yml + hosts: tt_become_bare + gather_facts: false + vars: + ansible_become: true + ansible_become_pass: "{{ 'pw_required_password' | trim }}" + ansible_become_user: "{{ 'mitogen__pw_required' | trim }}" + tasks: + - name: Gather facts (avoiding any unprivileged become) + vars: + ansible_become: false + setup: + + - meta: reset_connection + + - name: Templated become by play vars, password + command: + cmd: whoami + changed_when: false + check_mode: false + register: become_templated_by_play_vars_password_whoami + failed_when: + - become_templated_by_play_vars_password_whoami is failed + or become_templated_by_play_vars_password_whoami.stdout != 'mitogen__pw_required' + when: + # https://github.com/ansible/ansible/pull/70785 + - ansible_facts.distribution not in ["MacOSX"] + or ansible_version.full is version("2.11", ">=", strict=True) + or is_mitogen diff --git a/tests/ansible/integration/become/templated_by_task_keywords.yml b/tests/ansible/integration/become/templated_by_task_keywords.yml index 52fda111..9c75cbd7 100644 --- a/tests/ansible/integration/become/templated_by_task_keywords.yml +++ b/tests/ansible/integration/become/templated_by_task_keywords.yml @@ -25,3 +25,47 @@ failed_when: - become_templated_by_task_with_delegate_to_whoami is failed or become_templated_by_task_with_delegate_to_whoami.stdout != 'root' + + +- name: integration/become/templated_by_task_keywords.yml + hosts: tt_become_bare + gather_facts: false + # FIXME Resetting the connection shouldn't require credentials + # https://github.com/mitogen-hq/mitogen/issues/1132 + become: true + become_user: "{{ 'mitogen__pw_required' | trim }}" + vars: + ansible_become_pass: "{{ 'pw_required_password' | trim }}" + tasks: + - name: Reset connection to target that will be delegate_to + meta: reset_connection + +- name: Test connection template by task keywords, with delegate_to + hosts: test-targets[0] + gather_facts: false + tasks: + - name: Gather facts (avoiding any unprivileged become) + delegate_to: "{{ groups.tt_become_bare[0] }}" + vars: + ansible_become: false + setup: + + - name: Templated become by task keywords, with delegate_to + become: true + become_user: "{{ 'mitogen__pw_required' | trim }}" + delegate_to: "{{ groups.tt_become_bare[0] }}" + vars: + ansible_become_pass: "{{ 'pw_required_password' | trim }}" + command: + cmd: whoami + changed_when: false + check_mode: false + register: become_templated_by_task_with_delegate_to_password_whoami + failed_when: + - become_templated_by_task_with_delegate_to_password_whoami is failed + or become_templated_by_task_with_delegate_to_password_whoami.stdout != 'mitogen__pw_required' + when: + # https://github.com/ansible/ansible/pull/70785 + - ansible_facts.distribution not in ["MacOSX"] + or ansible_version.full is version("2.11", ">=", strict=True) + or is_mitogen diff --git a/tests/ansible/templates/test-targets.j2 b/tests/ansible/templates/test-targets.j2 index c0bd9cef..2eeebef7 100644 --- a/tests/ansible/templates/test-targets.j2 +++ b/tests/ansible/templates/test-targets.j2 @@ -45,7 +45,6 @@ tt-bare [tt_targets_bare:vars] ansible_host={{ tt.hostname }} -ansible_port={{ tt.port }} ansible_python_interpreter={{ tt.python_path }} [tt_become_bare] @@ -59,6 +58,7 @@ ansible_python_interpreter={{ tt.python_path }} ansible_user=mitogen__has_sudo_nopw [tt_become_by_inv] +tt-become-pass ansible_become=true ansible_become_pass="{{ '{{' }} 'pw_required_password' | trim {{ '}}' }}" ansible_become_user=mitogen__pw_required tt-become-user ansible_become=true ansible_become_user="{{ '{{' }} 'root' | trim {{ '}}' }}" [tt_become_by_inv:vars] From 7634e2c46900a6c10e7d9f7de217ff93dca45049 Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Mon, 28 Oct 2024 14:33:39 +0000 Subject: [PATCH 39/61] Prepare v0.3.15 --- docs/changelog.rst | 4 ++-- mitogen/__init__.py | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/changelog.rst b/docs/changelog.rst index 7614504e..624b4cb7 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -18,8 +18,8 @@ To avail of fixes in an unreleased version, please download a ZIP file `directly from GitHub `_. -In progress (unreleased) ------------------------- +v0.3.15 (2024-10-28) +-------------------- * :gh:issue:`905` :mod:`ansible_mitogen`: Support templated SSH command arguments (e.g. ``ansible_ssh_args``, ``ansible_ssh_extra_args``). diff --git a/mitogen/__init__.py b/mitogen/__init__.py index fd5590f2..d0fee0db 100644 --- a/mitogen/__init__.py +++ b/mitogen/__init__.py @@ -35,7 +35,7 @@ be expected. On the slave, it is built dynamically during startup. #: Library version as a tuple. -__version__ = (0, 3, 15, 'dev') +__version__ = (0, 3, 15) #: This is :data:`False` in slave contexts. Previously it was used to prevent From 26c4c33ad346264eeb5c8f339c8e8d0221d44303 Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Mon, 28 Oct 2024 14:35:16 +0000 Subject: [PATCH 40/61] Begin 0.3.16dev --- docs/changelog.rst | 5 +++++ mitogen/__init__.py | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/docs/changelog.rst b/docs/changelog.rst index 624b4cb7..b20c2c9c 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -18,6 +18,11 @@ To avail of fixes in an unreleased version, please download a ZIP file `directly from GitHub `_. +In progress (unreleased) +------------------------ + + + v0.3.15 (2024-10-28) -------------------- diff --git a/mitogen/__init__.py b/mitogen/__init__.py index d0fee0db..1fbf4213 100644 --- a/mitogen/__init__.py +++ b/mitogen/__init__.py @@ -35,7 +35,7 @@ be expected. On the slave, it is built dynamically during startup. #: Library version as a tuple. -__version__ = (0, 3, 15) +__version__ = (0, 3, 16, 'dev') #: This is :data:`False` in slave contexts. Previously it was used to prevent From ec9b3e5c5d26a5e6fa0dfbc7a8bb8ed23c01403a Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Mon, 28 Oct 2024 20:57:46 +0000 Subject: [PATCH 41/61] ansible_mitogen: Support templated become_exe option Some ansible_mitogen connection plugins look more like become plugins (e.g. mitogen_sudo) & use become plugin options. For now there's special handling in PlayContextSpec._become_option(). Further design/discussion can go in #1173. Refs #1087. --- ansible_mitogen/transport_config.py | 33 +++++++++++++------ docs/changelog.rst | 2 ++ tests/ansible/hosts/default.hosts | 1 + .../integration/become/templated_by_inv.yml | 1 + .../become/templated_by_play_keywords.yml | 2 ++ .../become/templated_by_play_vars.yml | 2 ++ .../become/templated_by_task_keywords.yml | 4 +++ tests/ansible/templates/test-targets.j2 | 1 + 8 files changed, 36 insertions(+), 10 deletions(-) diff --git a/ansible_mitogen/transport_config.py b/ansible_mitogen/transport_config.py index c2976365..759b8f51 100644 --- a/ansible_mitogen/transport_config.py +++ b/ansible_mitogen/transport_config.py @@ -419,7 +419,28 @@ class PlayContextSpec(Spec): def _become_option(self, name): plugin = self._connection.become - return plugin.get_option(name, self._task_vars, self._play_context) + try: + return plugin.get_option(name, self._task_vars, self._play_context) + except AttributeError: + # A few ansible_mitogen connection plugins look more like become + # plugins. They don't quite fit Ansible's plugin.get_option() API. + # https://github.com/mitogen-hq/mitogen/issues/1173 + fallback_plugins = {'mitogen_doas', 'mitogen_sudo', 'mitogen_su'} + if self._connection.transport not in fallback_plugins: + raise + + fallback_options = { + 'become_exe', + } + if name not in fallback_options: + raise + + LOG.info( + 'Used PlayContext fallback for plugin=%r, option=%r', + self._connection, name, + ) + return getattr(self._play_context, name) + def _connection_option(self, name): try: @@ -505,15 +526,7 @@ class PlayContextSpec(Spec): ] def become_exe(self): - # In Ansible 2.8, PlayContext.become_exe always has a default value due - # to the new options mechanism. Previously it was only set if a value - # ("somewhere") had been specified for the task. - # For consistency in the tests, here we make older Ansibles behave like - # newer Ansibles. - exe = self._play_context.become_exe - if exe is None and self._play_context.become_method == 'sudo': - exe = 'sudo' - return exe + return self._become_option('become_exe') def sudo_args(self): return [ diff --git a/docs/changelog.rst b/docs/changelog.rst index b20c2c9c..34d8a576 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -21,6 +21,8 @@ To avail of fixes in an unreleased version, please download a ZIP file In progress (unreleased) ------------------------ +* :gh:issue:`1083` :mod:`ansible_mitogen`: Templated become executable + (e.g. ``become_exe``). v0.3.15 (2024-10-28) diff --git a/tests/ansible/hosts/default.hosts b/tests/ansible/hosts/default.hosts index 58e003b0..8dc275c6 100644 --- a/tests/ansible/hosts/default.hosts +++ b/tests/ansible/hosts/default.hosts @@ -33,6 +33,7 @@ ansible_host=localhost ansible_user="{{ lookup('pipe', 'whoami') }}" [tt_become_by_inv] +tt-become-exe ansible_become=true ansible_become_exe="{{ 'sudo' | trim }}" ansible_become_user=root tt-become-pass ansible_become=true ansible_become_pass="{{ 'pw_required_password' | trim }}" ansible_become_user=mitogen__pw_required tt-become-user ansible_become=true ansible_become_user="{{ 'root' | trim }}" diff --git a/tests/ansible/integration/become/templated_by_inv.yml b/tests/ansible/integration/become/templated_by_inv.yml index 3409708b..47825595 100644 --- a/tests/ansible/integration/become/templated_by_inv.yml +++ b/tests/ansible/integration/become/templated_by_inv.yml @@ -12,6 +12,7 @@ - name: Templated become in inventory vars: expected_become_users: + tt-become-exe: root tt-become-pass: mitogen__pw_required tt-become-user: root command: diff --git a/tests/ansible/integration/become/templated_by_play_keywords.yml b/tests/ansible/integration/become/templated_by_play_keywords.yml index 94d52726..29c548a3 100644 --- a/tests/ansible/integration/become/templated_by_play_keywords.yml +++ b/tests/ansible/integration/become/templated_by_play_keywords.yml @@ -2,6 +2,7 @@ hosts: tt_become_bare gather_facts: false become: true + become_exe: "{{ 'sudo' | trim }}" become_user: "{{ 'root' | trim }}" tasks: - meta: reset_connection @@ -20,6 +21,7 @@ hosts: tt_become_bare gather_facts: false become: true + become_exe: "{{ 'sudo' | trim }}" become_user: "{{ 'mitogen__pw_required' | trim }}" vars: ansible_become_pass: "{{ 'pw_required_password' | trim }}" diff --git a/tests/ansible/integration/become/templated_by_play_vars.yml b/tests/ansible/integration/become/templated_by_play_vars.yml index c46ca144..cae0e60e 100644 --- a/tests/ansible/integration/become/templated_by_play_vars.yml +++ b/tests/ansible/integration/become/templated_by_play_vars.yml @@ -3,6 +3,7 @@ gather_facts: false vars: ansible_become: true + ansible_become_exe: "{{ 'sudo' | trim }}" ansible_become_user: "{{ 'root' | trim }}" tasks: - name: Templated become by play vars, no password @@ -20,6 +21,7 @@ gather_facts: false vars: ansible_become: true + ansible_become_exe: "{{ 'sudo' | trim }}" ansible_become_pass: "{{ 'pw_required_password' | trim }}" ansible_become_user: "{{ 'mitogen__pw_required' | trim }}" tasks: diff --git a/tests/ansible/integration/become/templated_by_task_keywords.yml b/tests/ansible/integration/become/templated_by_task_keywords.yml index 9c75cbd7..bc81c33d 100644 --- a/tests/ansible/integration/become/templated_by_task_keywords.yml +++ b/tests/ansible/integration/become/templated_by_task_keywords.yml @@ -4,6 +4,7 @@ # FIXME Resetting the connection shouldn't require credentials # https://github.com/mitogen-hq/mitogen/issues/1132 become: true + become_exe: "{{ 'sudo' | trim }}" become_user: "{{ 'root' | trim }}" tasks: - name: Reset connection to target that will be delegate_to @@ -15,6 +16,7 @@ tasks: - name: Templated become by task keywords, with delegate_to become: true + become_exe: "{{ 'sudo' | trim }}" become_user: "{{ 'root' | trim }}" delegate_to: "{{ groups.tt_become_bare[0] }}" command: @@ -33,6 +35,7 @@ # FIXME Resetting the connection shouldn't require credentials # https://github.com/mitogen-hq/mitogen/issues/1132 become: true + become_exe: "{{ 'sudo' | trim }}" become_user: "{{ 'mitogen__pw_required' | trim }}" vars: ansible_become_pass: "{{ 'pw_required_password' | trim }}" @@ -52,6 +55,7 @@ - name: Templated become by task keywords, with delegate_to become: true + become_exe: "{{ 'sudo' | trim }}" become_user: "{{ 'mitogen__pw_required' | trim }}" delegate_to: "{{ groups.tt_become_bare[0] }}" vars: diff --git a/tests/ansible/templates/test-targets.j2 b/tests/ansible/templates/test-targets.j2 index 2eeebef7..7c061be2 100644 --- a/tests/ansible/templates/test-targets.j2 +++ b/tests/ansible/templates/test-targets.j2 @@ -58,6 +58,7 @@ ansible_python_interpreter={{ tt.python_path }} ansible_user=mitogen__has_sudo_nopw [tt_become_by_inv] +tt-become-exe ansible_become=true ansible_become_exe="{{ '{{' }} 'sudo' | trim {{ '}}' }}" ansible_become_user=root tt-become-pass ansible_become=true ansible_become_pass="{{ '{{' }} 'pw_required_password' | trim {{ '}}' }}" ansible_become_user=mitogen__pw_required tt-become-user ansible_become=true ansible_become_user="{{ '{{' }} 'root' | trim {{ '}}' }}" From 66ea10d577af55300e314dc536d6147747e34017 Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Tue, 29 Oct 2024 10:26:23 +0000 Subject: [PATCH 42/61] ansible_mitogen: Template become command arguments (become_flags) Uses the same fallback for (mitogen_sudo et al) as become_exe (see #1173). The new `Spec.become_flags()` is not yet explicitly tested. Note that it returns a string (matching the Ansible option of the same name), whereas `Spec.sudo_args()` returns a list. refs #1083 --- ansible_mitogen/transport_config.py | 32 +++++++++---------- docs/changelog.rst | 2 ++ tests/ansible/hosts/default.hosts | 1 + .../integration/become/templated_by_inv.yml | 1 + .../become/templated_by_play_keywords.yml | 2 ++ .../become/templated_by_play_vars.yml | 2 ++ .../become/templated_by_task_keywords.yml | 4 +++ tests/ansible/templates/test-targets.j2 | 1 + 8 files changed, 29 insertions(+), 16 deletions(-) diff --git a/ansible_mitogen/transport_config.py b/ansible_mitogen/transport_config.py index 759b8f51..3e9b0610 100644 --- a/ansible_mitogen/transport_config.py +++ b/ansible_mitogen/transport_config.py @@ -213,6 +213,12 @@ class Spec(with_metaclass(abc.ABCMeta, object)): :data:`True` if privilege escalation should be active. """ + @abc.abstractmethod + def become_flags(self): + """ + The command line arguments passed to the become executable. + """ + @abc.abstractmethod def become_method(self): """ @@ -290,10 +296,9 @@ class Spec(with_metaclass(abc.ABCMeta, object)): @abc.abstractmethod def sudo_args(self): """ - The list of additional arguments that should be included in a become + The list of additional arguments that should be included in a sudo invocation. """ - # TODO: split out into sudo_args/become_args. @abc.abstractmethod def mitogen_via(self): @@ -431,6 +436,7 @@ class PlayContextSpec(Spec): fallback_options = { 'become_exe', + 'become_flags', } if name not in fallback_options: raise @@ -464,6 +470,9 @@ class PlayContextSpec(Spec): def become(self): return self._connection.become + def become_flags(self): + return self._become_option('become_flags') + def become_method(self): return self._play_context.become_method @@ -529,19 +538,7 @@ class PlayContextSpec(Spec): return self._become_option('become_exe') def sudo_args(self): - return [ - mitogen.core.to_text(term) - for term in ansible.utils.shlex.shlex_split( - first_true(( - self._play_context.become_flags, - # Ansible <=2.7. - getattr(self._play_context, 'sudo_flags', ''), - # Ansible <=2.3. - getattr(C, 'DEFAULT_BECOME_FLAGS', ''), - getattr(C, 'DEFAULT_SUDO_FLAGS', '') - ), default='') - ) - ] + return ansible.utils.shlex.shlex_split(self.become_flags() or '') def mitogen_via(self): return self._connection.get_task_var('mitogen_via') @@ -676,6 +673,9 @@ class MitogenViaSpec(Spec): def become(self): return bool(self._become_user) + def become_flags(self): + return self._host_vars.get('ansible_become_flags') + def become_method(self): return ( self._become_method or @@ -771,7 +771,7 @@ class MitogenViaSpec(Spec): mitogen.core.to_text(term) for s in ( self._host_vars.get('ansible_sudo_flags') or '', - self._host_vars.get('ansible_become_flags') or '', + self.become_flags() or '', ) for term in ansible.utils.shlex.shlex_split(s) ] diff --git a/docs/changelog.rst b/docs/changelog.rst index 34d8a576..dcd40ca9 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -23,6 +23,8 @@ In progress (unreleased) * :gh:issue:`1083` :mod:`ansible_mitogen`: Templated become executable (e.g. ``become_exe``). +* :gh:issue:`1083` :mod:`ansible_mitogen`: Templated become executable + arguments (e.g. ``become_flags``). v0.3.15 (2024-10-28) diff --git a/tests/ansible/hosts/default.hosts b/tests/ansible/hosts/default.hosts index 8dc275c6..97883db0 100644 --- a/tests/ansible/hosts/default.hosts +++ b/tests/ansible/hosts/default.hosts @@ -34,6 +34,7 @@ ansible_user="{{ lookup('pipe', 'whoami') }}" [tt_become_by_inv] tt-become-exe ansible_become=true ansible_become_exe="{{ 'sudo' | trim }}" ansible_become_user=root +tt-become-flags ansible_become=true ansible_become_flags="{{ '--set-home --stdin --non-interactive' | trim }}" ansible_become_user=root tt-become-pass ansible_become=true ansible_become_pass="{{ 'pw_required_password' | trim }}" ansible_become_user=mitogen__pw_required tt-become-user ansible_become=true ansible_become_user="{{ 'root' | trim }}" diff --git a/tests/ansible/integration/become/templated_by_inv.yml b/tests/ansible/integration/become/templated_by_inv.yml index 47825595..a65fcf7b 100644 --- a/tests/ansible/integration/become/templated_by_inv.yml +++ b/tests/ansible/integration/become/templated_by_inv.yml @@ -13,6 +13,7 @@ vars: expected_become_users: tt-become-exe: root + tt-become-flags: root tt-become-pass: mitogen__pw_required tt-become-user: root command: diff --git a/tests/ansible/integration/become/templated_by_play_keywords.yml b/tests/ansible/integration/become/templated_by_play_keywords.yml index 29c548a3..67d06125 100644 --- a/tests/ansible/integration/become/templated_by_play_keywords.yml +++ b/tests/ansible/integration/become/templated_by_play_keywords.yml @@ -3,6 +3,7 @@ gather_facts: false become: true become_exe: "{{ 'sudo' | trim }}" + become_flags: "{{ '--set-home --stdin --non-interactive' | trim }}" become_user: "{{ 'root' | trim }}" tasks: - meta: reset_connection @@ -22,6 +23,7 @@ gather_facts: false become: true become_exe: "{{ 'sudo' | trim }}" + become_flags: "{{ '--set-home --stdin --non-interactive' | trim }}" become_user: "{{ 'mitogen__pw_required' | trim }}" vars: ansible_become_pass: "{{ 'pw_required_password' | trim }}" diff --git a/tests/ansible/integration/become/templated_by_play_vars.yml b/tests/ansible/integration/become/templated_by_play_vars.yml index cae0e60e..cdfb8221 100644 --- a/tests/ansible/integration/become/templated_by_play_vars.yml +++ b/tests/ansible/integration/become/templated_by_play_vars.yml @@ -4,6 +4,7 @@ vars: ansible_become: true ansible_become_exe: "{{ 'sudo' | trim }}" + ansible_become_flags: "{{ '--set-home --stdin --non-interactive' | trim }}" ansible_become_user: "{{ 'root' | trim }}" tasks: - name: Templated become by play vars, no password @@ -22,6 +23,7 @@ vars: ansible_become: true ansible_become_exe: "{{ 'sudo' | trim }}" + ansible_become_flags: "{{ '--set-home --stdin --non-interactive' | trim }}" ansible_become_pass: "{{ 'pw_required_password' | trim }}" ansible_become_user: "{{ 'mitogen__pw_required' | trim }}" tasks: diff --git a/tests/ansible/integration/become/templated_by_task_keywords.yml b/tests/ansible/integration/become/templated_by_task_keywords.yml index bc81c33d..baea51e7 100644 --- a/tests/ansible/integration/become/templated_by_task_keywords.yml +++ b/tests/ansible/integration/become/templated_by_task_keywords.yml @@ -5,6 +5,7 @@ # https://github.com/mitogen-hq/mitogen/issues/1132 become: true become_exe: "{{ 'sudo' | trim }}" + become_flags: "{{ '--set-home --stdin --non-interactive' | trim }}" become_user: "{{ 'root' | trim }}" tasks: - name: Reset connection to target that will be delegate_to @@ -17,6 +18,7 @@ - name: Templated become by task keywords, with delegate_to become: true become_exe: "{{ 'sudo' | trim }}" + become_flags: "{{ '--set-home --stdin --non-interactive' | trim }}" become_user: "{{ 'root' | trim }}" delegate_to: "{{ groups.tt_become_bare[0] }}" command: @@ -36,6 +38,7 @@ # https://github.com/mitogen-hq/mitogen/issues/1132 become: true become_exe: "{{ 'sudo' | trim }}" + become_flags: "{{ '--set-home --stdin --non-interactive' | trim }}" become_user: "{{ 'mitogen__pw_required' | trim }}" vars: ansible_become_pass: "{{ 'pw_required_password' | trim }}" @@ -56,6 +59,7 @@ - name: Templated become by task keywords, with delegate_to become: true become_exe: "{{ 'sudo' | trim }}" + become_flags: "{{ '--set-home --stdin --non-interactive' | trim }}" become_user: "{{ 'mitogen__pw_required' | trim }}" delegate_to: "{{ groups.tt_become_bare[0] }}" vars: diff --git a/tests/ansible/templates/test-targets.j2 b/tests/ansible/templates/test-targets.j2 index 7c061be2..e5c5e072 100644 --- a/tests/ansible/templates/test-targets.j2 +++ b/tests/ansible/templates/test-targets.j2 @@ -59,6 +59,7 @@ ansible_user=mitogen__has_sudo_nopw [tt_become_by_inv] tt-become-exe ansible_become=true ansible_become_exe="{{ '{{' }} 'sudo' | trim {{ '}}' }}" ansible_become_user=root +tt-become-flags ansible_become=true ansible_become_flags="{{ '{{' }} '--set-home --stdin --non-interactive' | trim {{ '}}' }}" ansible_become_user=root tt-become-pass ansible_become=true ansible_become_pass="{{ '{{' }} 'pw_required_password' | trim {{ '}}' }}" ansible_become_user=mitogen__pw_required tt-become-user ansible_become=true ansible_become_user="{{ '{{' }} 'root' | trim {{ '}}' }}" From 833e2845e9d25fac94b5aab6fd0b613a3bd97007 Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Tue, 29 Oct 2024 11:10:27 +0000 Subject: [PATCH 43/61] ansible_mitogen: Templated ssh executable, templated reset_connection fix Adding a the tt-ssh-executable test target uncovered an Ansible bug during `meta: reset_connection` tasks. So this commit includes a workaround for affected versions of Ansible. --- ansible_mitogen/connection.py | 36 +++++++++++++++++++ ansible_mitogen/strategy.py | 22 ++++++++++++ ansible_mitogen/transport_config.py | 2 +- docs/changelog.rst | 4 +++ tests/ansible/hosts/default.hosts | 1 + .../ssh/templated_by_play_taskvar.yml | 1 + tests/ansible/templates/test-targets.j2 | 1 + 7 files changed, 66 insertions(+), 1 deletion(-) diff --git a/ansible_mitogen/connection.py b/ansible_mitogen/connection.py index 4c1df1bd..1231acb5 100644 --- a/ansible_mitogen/connection.py +++ b/ansible_mitogen/connection.py @@ -890,6 +890,29 @@ class Connection(ansible.plugins.connection.ConnectionBase): self.binding.close() self.binding = None + def _mitogen_var_options(self, templar): + # Workaround for https://github.com/ansible/ansible/issues/84238 + var_names = C.config.get_plugin_vars('connection', self._load_name) + variables = templar.available_variables + var_options = { + var_name: templar.template(variables[var_name]) + for var_name in var_names + if var_name in variables + } + + if self.allow_extras: + extras_var_prefix = 'ansible_%s_' % self.extras_prefix + var_options['_extras'] = { + var_name: templar.template(variables[var_name]) + for var_name in variables + if var_name not in var_options + and var_name.startswith(extras_var_prefix) + } + else: + var_options['_extras'] = {} + + return var_options + reset_compat_msg = ( 'Mitogen only supports "reset_connection" on Ansible 2.5.6 or later' ) @@ -922,6 +945,19 @@ class Connection(ansible.plugins.connection.ConnectionBase): shared_loader_obj=0 ) + # Workaround for https://github.com/ansible/ansible/issues/84238 + try: + task, templar = self._play_context.vars.pop( + '_mitogen.smuggled.reset_connection', + ) + except KeyError: + pass + else: + self.set_options( + task_keys=task.dump_attrs(), + var_options=self._mitogen_var_options(templar), + ) + # Clear out state in case we were ever connected. self.close() diff --git a/ansible_mitogen/strategy.py b/ansible_mitogen/strategy.py index 0a98e316..c319f3e1 100644 --- a/ansible_mitogen/strategy.py +++ b/ansible_mitogen/strategy.py @@ -45,6 +45,7 @@ import ansible_mitogen.mixins import ansible_mitogen.process import ansible.executor.process.worker +import ansible.template import ansible.utils.sentinel @@ -326,3 +327,24 @@ class StrategyMixin(object): self._worker_model.on_strategy_complete() finally: ansible_mitogen.process.set_worker_model(None) + + def _smuggle_to_connction_reset(self, task, play_context, iterator, target_host): + # Workaround for https://github.com/ansible/ansible/issues/84238 + variables = self._variable_manager.get_vars( + play=iterator._play, host=target_host, task=task, + _hosts=self._hosts_cache, _hosts_all=self._hosts_cache_all, + ) + templar = ansible.template.Templar( + loader=self._loader, variables=variables, + ) + play_context.vars.update({ + '_mitogen.smuggled.reset_connection': (task, templar), + }) + + def _execute_meta(self, task, play_context, iterator, target_host): + if task.args['_raw_params'] == 'reset_connection': + self._smuggle_to_connction_reset(task, play_context, iterator, target_host) + + return super(StrategyMixin, self)._execute_meta( + task, play_context, iterator, target_host, + ) diff --git a/ansible_mitogen/transport_config.py b/ansible_mitogen/transport_config.py index 3e9b0610..97f1b2f0 100644 --- a/ansible_mitogen/transport_config.py +++ b/ansible_mitogen/transport_config.py @@ -511,7 +511,7 @@ class PlayContextSpec(Spec): return self._play_context.private_key_file def ssh_executable(self): - return C.config.get_config_value("ssh_executable", plugin_type="connection", plugin_name="ssh", variables=self._task_vars.get("vars", {})) + return self._connection_option('ssh_executable') def timeout(self): return self._play_context.timeout diff --git a/docs/changelog.rst b/docs/changelog.rst index dcd40ca9..dd4d708d 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -25,6 +25,10 @@ In progress (unreleased) (e.g. ``become_exe``). * :gh:issue:`1083` :mod:`ansible_mitogen`: Templated become executable arguments (e.g. ``become_flags``). +* :gh:issue:`1083` :mod:`ansible_mitogen`: Templated ssh executable + (``ansible_ssh_executable``). +* :gh:issue:`1083` :mod:`ansible_mitogen`: Fixed templated connection options + during a ``meta: reset_connection`` task. v0.3.15 (2024-10-28) diff --git a/tests/ansible/hosts/default.hosts b/tests/ansible/hosts/default.hosts index 97883db0..eb04cf90 100644 --- a/tests/ansible/hosts/default.hosts +++ b/tests/ansible/hosts/default.hosts @@ -46,6 +46,7 @@ ansible_user="{{ lookup('pipe', 'whoami') }}" tt-password ansible_password="{{ 'has_sudo_nopw_password' | trim }}" ansible_user=mitogen__has_sudo_nopw tt-port ansible_password=has_sudo_nopw_password ansible_port="{{ 22 | int }}" ansible_user=mitogen__has_sudo_nopw tt-remote-user ansible_password=has_sudo_nopw_password ansible_user="{{ 'mitogen__has_sudo_nopw' | trim }}" +tt-ssh-executable ansible_password=has_sudo_nopw_password ansible_ssh_executable="{{ 'ssh' | trim }}" ansible_user=mitogen__has_sudo_nopw [tt_targets_inventory:vars] ansible_host=localhost diff --git a/tests/ansible/integration/ssh/templated_by_play_taskvar.yml b/tests/ansible/integration/ssh/templated_by_play_taskvar.yml index fd4bc848..0662adcd 100644 --- a/tests/ansible/integration/ssh/templated_by_play_taskvar.yml +++ b/tests/ansible/integration/ssh/templated_by_play_taskvar.yml @@ -4,6 +4,7 @@ vars: ansible_password: "{{ 'has_sudo_nopw_password' | trim }}" ansible_port: "{{ hostvars[groups['test-targets'][0]].ansible_port | default(22) }}" + ansible_ssh_executable: "{{ 'ssh' | trim }}" ansible_user: "{{ 'mitogen__has_sudo_nopw' | trim }}" tasks: diff --git a/tests/ansible/templates/test-targets.j2 b/tests/ansible/templates/test-targets.j2 index e5c5e072..27949758 100644 --- a/tests/ansible/templates/test-targets.j2 +++ b/tests/ansible/templates/test-targets.j2 @@ -74,6 +74,7 @@ ansible_user=mitogen__has_sudo_nopw tt-password ansible_password="{{ '{{' }} 'has_sudo_nopw_password' | trim {{ '}}' }}" ansible_port={{ tt.port }} ansible_user=mitogen__has_sudo_nopw tt-port ansible_password=has_sudo_nopw_password ansible_port="{{ '{{' }} {{ tt.port }} | int {{ '}}' }}" ansible_user=mitogen__has_sudo_nopw tt-remote-user ansible_password=has_sudo_nopw_password ansible_port={{ tt.port }} ansible_user="{{ '{{' }} 'mitogen__has_sudo_nopw' | trim {{ '}}' }}" +tt-ssh-executable ansible_password=has_sudo_nopw_password ansible_port={{ tt.port }} ansible_ssh_executable="{{ '{{' }} 'ssh' | trim {{ '}}' }}" ansible_user=mitogen__has_sudo_nopw [tt_targets_inventory:vars] ansible_host={{ tt.hostname }} From 06df62c8b87cb829e00e8bcc15de6c03bc79e8b3 Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Mon, 4 Nov 2024 16:13:56 +0000 Subject: [PATCH 44/61] CI: Migrated macOS 12 runners to macOS 13, due to EOL. macOS Python 2.7 jobs have been removed because the macOS 13 image doesn't include CPython 2.7. --- .github/workflows/tests.yml | 13 ++---------- docs/changelog.rst | 1 + .../issue_655__wait_for_connection_error.yml | 21 +++++++++++++++---- 3 files changed, 20 insertions(+), 15 deletions(-) diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index cc20f04a..15dda039 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -156,30 +156,21 @@ jobs: "$PYTHON" -m tox -e "${{ matrix.tox_env }}" macos: - # https://github.com/actions/runner-images/blob/main/images/macos/macos-12-Readme.md - runs-on: macos-12 + # https://github.com/actions/runner-images/blob/main/images/macos/macos-13-Readme.md + runs-on: macos-13 timeout-minutes: 120 strategy: fail-fast: false matrix: include: - - name: Mito_27 - tox_env: py27-mode_mitogen - name: Mito_313 - python_version: '3.13' tox_env: py313-mode_mitogen - - name: Loc_27_210 - tox_env: py27-mode_localhost-ansible2.10 - name: Loc_313_10 - python_version: '3.13' tox_env: py313-mode_localhost-ansible10 - - name: Van_27_210 - tox_env: py27-mode_localhost-ansible2.10-strategy_linear - name: Van_313_10 - python_version: '3.13' tox_env: py313-mode_localhost-ansible10-strategy_linear steps: diff --git a/docs/changelog.rst b/docs/changelog.rst index dd4d708d..b6930331 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -29,6 +29,7 @@ In progress (unreleased) (``ansible_ssh_executable``). * :gh:issue:`1083` :mod:`ansible_mitogen`: Fixed templated connection options during a ``meta: reset_connection`` task. +* :gh:issue:`1129` CI: Migrated macOS 12 runners to macOS 13, due to EOL. v0.3.15 (2024-10-28) diff --git a/tests/ansible/regression/issue_655__wait_for_connection_error.yml b/tests/ansible/regression/issue_655__wait_for_connection_error.yml index 4972d91a..a1f39f66 100644 --- a/tests/ansible/regression/issue_655__wait_for_connection_error.yml +++ b/tests/ansible/regression/issue_655__wait_for_connection_error.yml @@ -11,11 +11,16 @@ tasks: - meta: end_play when: - # TODO CI currently runs on macOS 12 & which isn't supported by Podman - # version available in Homebrew. + # Podman versions available in Homebrew have dropped macOS 12 support. - ansible_facts.system == 'Darwin' - ansible_facts.distribution_version is version('13.0', '<', strict=True) + - meta: end_play + when: + # Ansible 10 (ansible-core 2.17+) require Python 3.7+ on targets. + # On CentOS 8 /usr/libexec/platform-python is Python 3.6 + - ansible_version.full is version('2.17', '>=', strict=True) + - name: set up test container and run tests inside it block: - name: install deps @@ -33,6 +38,7 @@ - cmd: podman info timeout: 300 register: podman_machine + changed_when: true - debug: var: podman_machine @@ -41,11 +47,13 @@ - name: create container command: cmd: podman run --name testMitogen -d --rm centos:8 bash -c "sleep infinity & wait" + changed_when: true - name: add container to inventory add_host: name: testMitogen ansible_connection: podman + ansible_python_interpreter: /usr/libexec/platform-python # Python 3.6 ansible_user: root changed_when: false environment: @@ -57,6 +65,7 @@ - name: create test file file: path: /var/run/reboot-required + mode: u=rw,go=r state: touch - name: Check if reboot is required @@ -68,13 +77,16 @@ shell: sleep 2 && shutdown -r now "Ansible updates triggered" async: 1 poll: 0 - when: reboot_required.stat.exists == True + changed_when: true + when: + - reboot_required.stat.exists - name: Wait 300 seconds for server to become available wait_for_connection: delay: 30 timeout: 300 - when: reboot_required.stat.exists == True + when: + - reboot_required.stat.exists - name: cleanup test file file: @@ -90,6 +102,7 @@ loop: - cmd: podman stop testMitogen - cmd: podman machine stop + changed_when: true when: - ansible_facts.pkg_mgr in ['homebrew'] tags: From d28dd09e23c17d82c3eedd5de64c94bebcf290f5 Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Tue, 5 Nov 2024 01:32:33 +0000 Subject: [PATCH 45/61] Prepare v0.3.16 --- docs/changelog.rst | 4 ++-- mitogen/__init__.py | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/changelog.rst b/docs/changelog.rst index b6930331..e287c93b 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -18,8 +18,8 @@ To avail of fixes in an unreleased version, please download a ZIP file `directly from GitHub `_. -In progress (unreleased) ------------------------- +v0.3.16 (2024-11-05) +-------------------- * :gh:issue:`1083` :mod:`ansible_mitogen`: Templated become executable (e.g. ``become_exe``). diff --git a/mitogen/__init__.py b/mitogen/__init__.py index 1fbf4213..50c2e377 100644 --- a/mitogen/__init__.py +++ b/mitogen/__init__.py @@ -35,7 +35,7 @@ be expected. On the slave, it is built dynamically during startup. #: Library version as a tuple. -__version__ = (0, 3, 16, 'dev') +__version__ = (0, 3, 16) #: This is :data:`False` in slave contexts. Previously it was used to prevent From 757527635dd00ae7dee61c9bf3c77c6d7bf02d6c Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Tue, 5 Nov 2024 01:33:40 +0000 Subject: [PATCH 46/61] Begin v0.3.17dev --- docs/changelog.rst | 5 +++++ mitogen/__init__.py | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/docs/changelog.rst b/docs/changelog.rst index e287c93b..d579544f 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -18,6 +18,11 @@ To avail of fixes in an unreleased version, please download a ZIP file `directly from GitHub `_. +In progress (unreleased) +------------------------ + + + v0.3.16 (2024-11-05) -------------------- diff --git a/mitogen/__init__.py b/mitogen/__init__.py index 50c2e377..40b6850e 100644 --- a/mitogen/__init__.py +++ b/mitogen/__init__.py @@ -35,7 +35,7 @@ be expected. On the slave, it is built dynamically during startup. #: Library version as a tuple. -__version__ = (0, 3, 16) +__version__ = (0, 3, 17, 'dev') #: This is :data:`False` in slave contexts. Previously it was used to prevent From 43cc937bc67110abea5d0f87bd6480afff2d2cc8 Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Tue, 5 Nov 2024 17:38:27 +0000 Subject: [PATCH 47/61] CI: Fix incorrect u=r,g=r,o=rw file permissions on mitogen__has_sudo_pubkey.key MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The wrong base was used when calculating the mode. So the file became world readable and writable on a CI runner, until ansible/integration/ssh/variables.yml happened to correct it near the end of the integration tests. I believe this was the only instance. ```console mitogen git:(issue1182) ✗ ag --python 'int\(.+7\)' . .ci | wc -l 0 ``` fixes #1182 --- .ci/ansible_tests.py | 2 +- docs/changelog.rst | 2 ++ tests/ansible/integration/ssh/variables.yml | 7 ++----- 3 files changed, 5 insertions(+), 6 deletions(-) diff --git a/.ci/ansible_tests.py b/.ci/ansible_tests.py index 62dfa8f5..4a7bedae 100755 --- a/.ci/ansible_tests.py +++ b/.ci/ansible_tests.py @@ -41,7 +41,7 @@ with ci_lib.Fold('docker_setup'): with ci_lib.Fold('job_setup'): os.chdir(TESTS_DIR) - os.chmod('../data/docker/mitogen__has_sudo_pubkey.key', int('0600', 7)) + os.chmod('../data/docker/mitogen__has_sudo_pubkey.key', int('0600', 8)) ci_lib.run("mkdir %s", HOSTS_DIR) for path in glob.glob(TESTS_DIR + '/hosts/*'): diff --git a/docs/changelog.rst b/docs/changelog.rst index d579544f..85ab9d2f 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -21,6 +21,8 @@ To avail of fixes in an unreleased version, please download a ZIP file In progress (unreleased) ------------------------ +* :gh:issue:`1182` CI: Fix incorrect world readable/writable file permissions + on SSH key ``mitogen__has_sudo_pubkey.key`` during Ansible tests. v0.3.16 (2024-11-05) diff --git a/tests/ansible/integration/ssh/variables.yml b/tests/ansible/integration/ssh/variables.yml index 541b29f9..51783881 100644 --- a/tests/ansible/integration/ssh/variables.yml +++ b/tests/ansible/integration/ssh/variables.yml @@ -13,11 +13,6 @@ -o "ControlPath /tmp/mitogen-ansible-test-{{18446744073709551615|random}}" tasks: - - name: setup ansible_ssh_private_key_file - shell: chmod 0600 ../data/docker/mitogen__has_sudo_pubkey.key - args: - chdir: ../.. - - name: ansible_user, ansible_ssh_private_key_file shell: > ANSIBLE_ANY_ERRORS_FATAL=false @@ -34,6 +29,7 @@ args: chdir: ../.. register: out + changed_when: false - name: ansible_user, wrong ansible_ssh_private_key_file shell: > @@ -52,6 +48,7 @@ args: chdir: ../.. register: out + changed_when: false ignore_errors: true - assert: From c7df5c97c16563a17e3f6f3512b2f2154292a757 Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Tue, 5 Nov 2024 18:12:36 +0000 Subject: [PATCH 48/61] ansible_mitogen: Templated SSH private key file --- ansible_mitogen/transport_config.py | 2 +- docs/changelog.rst | 2 ++ tests/ansible/hosts/default.hosts | 1 + .../ssh/templated_by_play_taskvar.yml | 21 ++++++++++++++++++- tests/ansible/templates/test-targets.j2 | 1 + 5 files changed, 25 insertions(+), 2 deletions(-) diff --git a/ansible_mitogen/transport_config.py b/ansible_mitogen/transport_config.py index 97f1b2f0..294e8914 100644 --- a/ansible_mitogen/transport_config.py +++ b/ansible_mitogen/transport_config.py @@ -508,7 +508,7 @@ class PlayContextSpec(Spec): return boolean(val) def private_key_file(self): - return self._play_context.private_key_file + return self._connection_option('private_key_file') def ssh_executable(self): return self._connection_option('ssh_executable') diff --git a/docs/changelog.rst b/docs/changelog.rst index 85ab9d2f..69e5e944 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -23,6 +23,8 @@ In progress (unreleased) * :gh:issue:`1182` CI: Fix incorrect world readable/writable file permissions on SSH key ``mitogen__has_sudo_pubkey.key`` during Ansible tests. +* :gh:issue:`1083` :mod:`ansible_mitogen`: Templated SSH private key file + (e.g. ``ansible_private_key_file``). v0.3.16 (2024-11-05) diff --git a/tests/ansible/hosts/default.hosts b/tests/ansible/hosts/default.hosts index eb04cf90..221d333d 100644 --- a/tests/ansible/hosts/default.hosts +++ b/tests/ansible/hosts/default.hosts @@ -45,6 +45,7 @@ ansible_user="{{ lookup('pipe', 'whoami') }}" [tt_targets_inventory] tt-password ansible_password="{{ 'has_sudo_nopw_password' | trim }}" ansible_user=mitogen__has_sudo_nopw tt-port ansible_password=has_sudo_nopw_password ansible_port="{{ 22 | int }}" ansible_user=mitogen__has_sudo_nopw +tt-private-key-file ansible_private_key_file="{{ git_basedir }}/tests/data/docker/mitogen__has_sudo_pubkey.key" ansible_user=mitogen__has_sudo_pubkey tt-remote-user ansible_password=has_sudo_nopw_password ansible_user="{{ 'mitogen__has_sudo_nopw' | trim }}" tt-ssh-executable ansible_password=has_sudo_nopw_password ansible_ssh_executable="{{ 'ssh' | trim }}" ansible_user=mitogen__has_sudo_nopw diff --git a/tests/ansible/integration/ssh/templated_by_play_taskvar.yml b/tests/ansible/integration/ssh/templated_by_play_taskvar.yml index 0662adcd..d3ae6117 100644 --- a/tests/ansible/integration/ssh/templated_by_play_taskvar.yml +++ b/tests/ansible/integration/ssh/templated_by_play_taskvar.yml @@ -9,5 +9,24 @@ tasks: - meta: reset_connection - - name: Templated variables in play + - name: Templated variables in play, password authentication + ping: + +- name: integration/ssh/templated_by_play_taskvar.yml + hosts: tt_targets_bare + gather_facts: false + vars: + ansible_private_key_file: "{{ git_basedir }}/tests/data/docker/mitogen__has_sudo_pubkey.key" + ansible_port: "{{ hostvars[groups['test-targets'][0]].ansible_port | default(22) }}" + ansible_ssh_executable: "{{ 'ssh' | trim }}" + ansible_user: "{{ 'mitogen__has_sudo_pubkey' | trim }}" + + tasks: + - meta: end_play + when: + # https://github.com/ansible/ansible/issues/84238 + - not is_mitogen + - ansible_version.full is version('2.19', '<', strict=True) + - meta: reset_connection + - name: Templated variables in play, key authentication ping: diff --git a/tests/ansible/templates/test-targets.j2 b/tests/ansible/templates/test-targets.j2 index 27949758..9e726d1f 100644 --- a/tests/ansible/templates/test-targets.j2 +++ b/tests/ansible/templates/test-targets.j2 @@ -73,6 +73,7 @@ ansible_user=mitogen__has_sudo_nopw [tt_targets_inventory] tt-password ansible_password="{{ '{{' }} 'has_sudo_nopw_password' | trim {{ '}}' }}" ansible_port={{ tt.port }} ansible_user=mitogen__has_sudo_nopw tt-port ansible_password=has_sudo_nopw_password ansible_port="{{ '{{' }} {{ tt.port }} | int {{ '}}' }}" ansible_user=mitogen__has_sudo_nopw +tt-private-key-file ansible_port={{ tt.port }} ansible_private_key_file="{{ '{{' }} git_basedir {{ '}}' }}/tests/data/docker/mitogen__has_sudo_pubkey.key" ansible_user=mitogen__has_sudo_pubkey tt-remote-user ansible_password=has_sudo_nopw_password ansible_port={{ tt.port }} ansible_user="{{ '{{' }} 'mitogen__has_sudo_nopw' | trim {{ '}}' }}" tt-ssh-executable ansible_password=has_sudo_nopw_password ansible_port={{ tt.port }} ansible_ssh_executable="{{ '{{' }} 'ssh' | trim {{ '}}' }}" ansible_user=mitogen__has_sudo_nopw From 9e0dad2a1a702ca02bfe2810073d3a3467bb0689 Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Wed, 6 Nov 2024 09:17:09 +0000 Subject: [PATCH 49/61] ansible_mitogen: Templated SSH host key checking refs #1083 --- ansible_mitogen/transport_config.py | 7 +------ docs/changelog.rst | 2 ++ tests/ansible/hosts/default.hosts | 1 + tests/ansible/templates/test-targets.j2 | 1 + 4 files changed, 5 insertions(+), 6 deletions(-) diff --git a/ansible_mitogen/transport_config.py b/ansible_mitogen/transport_config.py index 294e8914..650355ff 100644 --- a/ansible_mitogen/transport_config.py +++ b/ansible_mitogen/transport_config.py @@ -500,12 +500,7 @@ class PlayContextSpec(Spec): rediscover_python=rediscover_python) def host_key_checking(self): - def candidates(): - yield self._connection.get_task_var('ansible_ssh_host_key_checking') - yield self._connection.get_task_var('ansible_host_key_checking') - yield C.HOST_KEY_CHECKING - val = next((v for v in candidates() if v is not None), True) - return boolean(val) + return self._connection_option('host_key_checking') def private_key_file(self): return self._connection_option('private_key_file') diff --git a/docs/changelog.rst b/docs/changelog.rst index 69e5e944..88ad6bb1 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -25,6 +25,8 @@ In progress (unreleased) on SSH key ``mitogen__has_sudo_pubkey.key`` during Ansible tests. * :gh:issue:`1083` :mod:`ansible_mitogen`: Templated SSH private key file (e.g. ``ansible_private_key_file``). +* :gh:issue:`1083` :mod:`ansible_mitogen`: Templated SSH host key checking + (e.g. ``ansible_host_key_checking``, ``ansible_ssh_host_key_checking``). v0.3.16 (2024-11-05) diff --git a/tests/ansible/hosts/default.hosts b/tests/ansible/hosts/default.hosts index 221d333d..077865b0 100644 --- a/tests/ansible/hosts/default.hosts +++ b/tests/ansible/hosts/default.hosts @@ -43,6 +43,7 @@ ansible_host=localhost ansible_user="{{ lookup('pipe', 'whoami') }}" [tt_targets_inventory] +tt-host-key-checking ansible_host_key_checking="{{ 'false' | trim }}" ansible_password=has_sudo_nopw_password ansible_user=mitogen__has_sudo_nopw tt-password ansible_password="{{ 'has_sudo_nopw_password' | trim }}" ansible_user=mitogen__has_sudo_nopw tt-port ansible_password=has_sudo_nopw_password ansible_port="{{ 22 | int }}" ansible_user=mitogen__has_sudo_nopw tt-private-key-file ansible_private_key_file="{{ git_basedir }}/tests/data/docker/mitogen__has_sudo_pubkey.key" ansible_user=mitogen__has_sudo_pubkey diff --git a/tests/ansible/templates/test-targets.j2 b/tests/ansible/templates/test-targets.j2 index 9e726d1f..c829a6f6 100644 --- a/tests/ansible/templates/test-targets.j2 +++ b/tests/ansible/templates/test-targets.j2 @@ -71,6 +71,7 @@ ansible_python_interpreter={{ tt.python_path }} ansible_user=mitogen__has_sudo_nopw [tt_targets_inventory] +tt-host-key-checking ansible_host_key_checking="{{ '{{' }} 'false' | trim {{ '}}' }}" ansible_password=has_sudo_nopw_password ansible_port={{ tt.port }} ansible_user=mitogen__has_sudo_nopw tt-password ansible_password="{{ '{{' }} 'has_sudo_nopw_password' | trim {{ '}}' }}" ansible_port={{ tt.port }} ansible_user=mitogen__has_sudo_nopw tt-port ansible_password=has_sudo_nopw_password ansible_port="{{ '{{' }} {{ tt.port }} | int {{ '}}' }}" ansible_user=mitogen__has_sudo_nopw tt-private-key-file ansible_port={{ tt.port }} ansible_private_key_file="{{ '{{' }} git_basedir {{ '}}' }}/tests/data/docker/mitogen__has_sudo_pubkey.key" ansible_user=mitogen__has_sudo_pubkey From 8cfcb66cda44d8740383eeaa7641a58b3e3e9e04 Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Wed, 6 Nov 2024 23:56:55 +0000 Subject: [PATCH 50/61] CI: Refactor sshd configuration into a role Prep for applying it to macOS 13 GitHub runners. refs #1186 --- tests/image_prep/_container_setup.yml | 27 +++++++------------ tests/image_prep/roles/sshd/defaults/main.yml | 1 + .../roles/sshd/files/banner.txt} | 0 tests/image_prep/roles/sshd/tasks/main.yml | 18 +++++++++++++ 4 files changed, 28 insertions(+), 18 deletions(-) create mode 100644 tests/image_prep/roles/sshd/defaults/main.yml rename tests/{data/docker/ssh_login_banner.txt => image_prep/roles/sshd/files/banner.txt} (100%) create mode 100644 tests/image_prep/roles/sshd/tasks/main.yml diff --git a/tests/image_prep/_container_setup.yml b/tests/image_prep/_container_setup.yml index d41d1326..2972adda 100644 --- a/tests/image_prep/_container_setup.yml +++ b/tests/image_prep/_container_setup.yml @@ -23,10 +23,16 @@ gather_facts: true vars: distro: "{{ansible_distribution}}" - tasks: - - when: ansible_virtualization_type != "docker" - meta: end_play + pre_tasks: + - meta: end_play + when: + - ansible_facts.virtualization_type != "docker" + + roles: + - role: sshd + + tasks: - name: Ensure requisite apt packages are installed apt: name: "{{ common_packages + packages }}" @@ -134,10 +140,6 @@ content: | i-am-mitogen-test-docker-image - - copy: - dest: /etc/ssh/banner.txt - src: ../data/docker/ssh_login_banner.txt - - name: Ensure /etc/sudoers.d exists file: state: directory @@ -169,17 +171,6 @@ line: "%wheel ALL=(ALL) ALL" when: ansible_os_family == 'RedHat' - - name: Enable SSH banner - lineinfile: - path: /etc/ssh/sshd_config - line: Banner /etc/ssh/banner.txt - - - name: Allow remote SSH root login - lineinfile: - path: /etc/ssh/sshd_config - line: PermitRootLogin yes - regexp: '.*PermitRootLogin.*' - - name: Allow remote SSH root login lineinfile: path: /etc/pam.d/sshd diff --git a/tests/image_prep/roles/sshd/defaults/main.yml b/tests/image_prep/roles/sshd/defaults/main.yml new file mode 100644 index 00000000..4642c71f --- /dev/null +++ b/tests/image_prep/roles/sshd/defaults/main.yml @@ -0,0 +1 @@ +sshd_config_file: /etc/ssh/sshd_config diff --git a/tests/data/docker/ssh_login_banner.txt b/tests/image_prep/roles/sshd/files/banner.txt similarity index 100% rename from tests/data/docker/ssh_login_banner.txt rename to tests/image_prep/roles/sshd/files/banner.txt diff --git a/tests/image_prep/roles/sshd/tasks/main.yml b/tests/image_prep/roles/sshd/tasks/main.yml new file mode 100644 index 00000000..d160d298 --- /dev/null +++ b/tests/image_prep/roles/sshd/tasks/main.yml @@ -0,0 +1,18 @@ +- name: Create login banner + copy: + src: banner.txt + dest: /etc/ssh/banner.txt + mode: u=rw,go=r + +- name: Configure sshd_config + lineinfile: + path: "{{ sshd_config_file }}" + line: "{{ item.line }}" + regexp: "{{ item.regexp }}" + loop: + - line: Banner /etc/ssh/banner.txt + regexp: '^#? *Banner.*' + - line: PermitRootLogin yes + regexp: '.*PermitRootLogin.*' + loop_control: + label: "{{ item.line }}" From 3a1b5ec620f1f822e9c78f0d0ab84d8b1e8b7f59 Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Thu, 7 Nov 2024 00:16:22 +0000 Subject: [PATCH 51/61] CI: Increase sshd MaxAuthRetries to 50 on macOS runners refs #1186 --- .ci/localhost_ansible_tests.py | 3 +++ tests/image_prep/macos_localhost.yml | 7 +++++++ tests/image_prep/roles/sshd/defaults/main.yml | 2 ++ tests/image_prep/roles/sshd/tasks/main.yml | 13 +++++++++++++ 4 files changed, 25 insertions(+) create mode 100644 tests/image_prep/macos_localhost.yml diff --git a/.ci/localhost_ansible_tests.py b/.ci/localhost_ansible_tests.py index 502a9abc..e4b8329b 100755 --- a/.ci/localhost_ansible_tests.py +++ b/.ci/localhost_ansible_tests.py @@ -51,6 +51,9 @@ with ci_lib.Fold('machine_prep'): subprocess.check_call('sudo chmod 700 ~root/.ssh', shell=True) subprocess.check_call('sudo chmod 600 ~root/.ssh/authorized_keys', shell=True) + os.chdir(IMAGE_PREP_DIR) + ci_lib.run("ansible-playbook -c local -i localhost, macos_localhost.yml") + if os.path.expanduser('~mitogen__user1') == '~mitogen__user1': os.chdir(IMAGE_PREP_DIR) ci_lib.run("ansible-playbook -c local -i localhost, _user_accounts.yml") diff --git a/tests/image_prep/macos_localhost.yml b/tests/image_prep/macos_localhost.yml new file mode 100644 index 00000000..c046a2bc --- /dev/null +++ b/tests/image_prep/macos_localhost.yml @@ -0,0 +1,7 @@ +- name: Configure macOS + hosts: all + gather_facts: true + strategy: mitogen_free + become: true + roles: + - role: sshd diff --git a/tests/image_prep/roles/sshd/defaults/main.yml b/tests/image_prep/roles/sshd/defaults/main.yml index 4642c71f..dec0cf0c 100644 --- a/tests/image_prep/roles/sshd/defaults/main.yml +++ b/tests/image_prep/roles/sshd/defaults/main.yml @@ -1 +1,3 @@ sshd_config_file: /etc/ssh/sshd_config + +sshd_config__max_auth_tries: 50 diff --git a/tests/image_prep/roles/sshd/tasks/main.yml b/tests/image_prep/roles/sshd/tasks/main.yml index d160d298..837c7d15 100644 --- a/tests/image_prep/roles/sshd/tasks/main.yml +++ b/tests/image_prep/roles/sshd/tasks/main.yml @@ -12,7 +12,20 @@ loop: - line: Banner /etc/ssh/banner.txt regexp: '^#? *Banner.*' + - line: MaxAuthTries {{ sshd_config__max_auth_tries }} + regexp: '^#? *MaxAuthTries.*' - line: PermitRootLogin yes regexp: '.*PermitRootLogin.*' loop_control: label: "{{ item.line }}" + register: configure_sshd_result + +- name: Restart sshd + shell: | + launchctl unload /System/Library/LaunchDaemons/ssh.plist + wait 5 + launchctl load -w /System/Library/LaunchDaemons/ssh.plist + changed_when: true + when: + - ansible_facts.distribution == "MacOSX" + - configure_sshd_result is changed From 6d9f2e12d95e4f1bbc3b1ea9f1f9ddfc204e8516 Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Thu, 7 Nov 2024 10:18:00 +0000 Subject: [PATCH 52/61] tests: Switch remaining tt_targets_inventory group vars to host vars This is ground work for adding/testing templated hostnames and python interpreters. The extreme wideness will hopefully be temporary, e.g. by switching to YAML inventories. The INI inventory plugin doesn't support multiline host entries. > 640 K(olumns) should be enough for anyone > -- Apocryphal, not Bill Gates --- tests/ansible/hosts/default.hosts | 15 ++++++--------- tests/ansible/templates/test-targets.j2 | 16 ++++++---------- 2 files changed, 12 insertions(+), 19 deletions(-) diff --git a/tests/ansible/hosts/default.hosts b/tests/ansible/hosts/default.hosts index 077865b0..f16a4427 100644 --- a/tests/ansible/hosts/default.hosts +++ b/tests/ansible/hosts/default.hosts @@ -43,12 +43,9 @@ ansible_host=localhost ansible_user="{{ lookup('pipe', 'whoami') }}" [tt_targets_inventory] -tt-host-key-checking ansible_host_key_checking="{{ 'false' | trim }}" ansible_password=has_sudo_nopw_password ansible_user=mitogen__has_sudo_nopw -tt-password ansible_password="{{ 'has_sudo_nopw_password' | trim }}" ansible_user=mitogen__has_sudo_nopw -tt-port ansible_password=has_sudo_nopw_password ansible_port="{{ 22 | int }}" ansible_user=mitogen__has_sudo_nopw -tt-private-key-file ansible_private_key_file="{{ git_basedir }}/tests/data/docker/mitogen__has_sudo_pubkey.key" ansible_user=mitogen__has_sudo_pubkey -tt-remote-user ansible_password=has_sudo_nopw_password ansible_user="{{ 'mitogen__has_sudo_nopw' | trim }}" -tt-ssh-executable ansible_password=has_sudo_nopw_password ansible_ssh_executable="{{ 'ssh' | trim }}" ansible_user=mitogen__has_sudo_nopw - -[tt_targets_inventory:vars] -ansible_host=localhost +tt-host-key-checking ansible_host=localhost ansible_host_key_checking="{{ 'false' | trim }}" ansible_password=has_sudo_nopw_password ansible_user=mitogen__has_sudo_nopw +tt-password ansible_host=localhost ansible_password="{{ 'has_sudo_nopw_password' | trim }}" ansible_user=mitogen__has_sudo_nopw +tt-port ansible_host=localhost ansible_password=has_sudo_nopw_password ansible_port="{{ 22 | int }}" ansible_user=mitogen__has_sudo_nopw +tt-private-key-file ansible_host=localhost ansible_private_key_file="{{ git_basedir }}/tests/data/docker/mitogen__has_sudo_pubkey.key" ansible_user=mitogen__has_sudo_pubkey +tt-remote-user ansible_host=localhost ansible_password=has_sudo_nopw_password ansible_user="{{ 'mitogen__has_sudo_nopw' | trim }}" +tt-ssh-executable ansible_host=localhost ansible_password=has_sudo_nopw_password ansible_ssh_executable="{{ 'ssh' | trim }}" ansible_user=mitogen__has_sudo_nopw diff --git a/tests/ansible/templates/test-targets.j2 b/tests/ansible/templates/test-targets.j2 index c829a6f6..2df20613 100644 --- a/tests/ansible/templates/test-targets.j2 +++ b/tests/ansible/templates/test-targets.j2 @@ -71,13 +71,9 @@ ansible_python_interpreter={{ tt.python_path }} ansible_user=mitogen__has_sudo_nopw [tt_targets_inventory] -tt-host-key-checking ansible_host_key_checking="{{ '{{' }} 'false' | trim {{ '}}' }}" ansible_password=has_sudo_nopw_password ansible_port={{ tt.port }} ansible_user=mitogen__has_sudo_nopw -tt-password ansible_password="{{ '{{' }} 'has_sudo_nopw_password' | trim {{ '}}' }}" ansible_port={{ tt.port }} ansible_user=mitogen__has_sudo_nopw -tt-port ansible_password=has_sudo_nopw_password ansible_port="{{ '{{' }} {{ tt.port }} | int {{ '}}' }}" ansible_user=mitogen__has_sudo_nopw -tt-private-key-file ansible_port={{ tt.port }} ansible_private_key_file="{{ '{{' }} git_basedir {{ '}}' }}/tests/data/docker/mitogen__has_sudo_pubkey.key" ansible_user=mitogen__has_sudo_pubkey -tt-remote-user ansible_password=has_sudo_nopw_password ansible_port={{ tt.port }} ansible_user="{{ '{{' }} 'mitogen__has_sudo_nopw' | trim {{ '}}' }}" -tt-ssh-executable ansible_password=has_sudo_nopw_password ansible_port={{ tt.port }} ansible_ssh_executable="{{ '{{' }} 'ssh' | trim {{ '}}' }}" ansible_user=mitogen__has_sudo_nopw - -[tt_targets_inventory:vars] -ansible_host={{ tt.hostname }} -ansible_python_interpreter={{ tt.python_path }} +tt-host-key-checking ansible_host={{ tt.hostname }} ansible_host_key_checking="{{ '{{' }} 'false' | trim {{ '}}' }}" ansible_password=has_sudo_nopw_password ansible_port={{ tt.port }} ansible_python_interpreter={{ tt.python_path }} ansible_user=mitogen__has_sudo_nopw +tt-password ansible_host={{ tt.hostname }} ansible_password="{{ '{{' }} 'has_sudo_nopw_password' | trim {{ '}}' }}" ansible_port={{ tt.port }} ansible_python_interpreter={{ tt.python_path }} ansible_user=mitogen__has_sudo_nopw +tt-port ansible_host={{ tt.hostname }} ansible_password=has_sudo_nopw_password ansible_port="{{ '{{' }} {{ tt.port }} | int {{ '}}' }}" ansible_python_interpreter={{ tt.python_path }} ansible_user=mitogen__has_sudo_nopw +tt-private-key-file ansible_host={{ tt.hostname }} ansible_port={{ tt.port }} ansible_private_key_file="{{ '{{' }} git_basedir {{ '}}' }}/tests/data/docker/mitogen__has_sudo_pubkey.key" ansible_python_interpreter={{ tt.python_path }} ansible_user=mitogen__has_sudo_pubkey +tt-remote-user ansible_host={{ tt.hostname }} ansible_password=has_sudo_nopw_password ansible_port={{ tt.port }} ansible_python_interpreter={{ tt.python_path }} ansible_user="{{ '{{' }} 'mitogen__has_sudo_nopw' | trim {{ '}}' }}" +tt-ssh-executable ansible_host={{ tt.hostname }} ansible_password=has_sudo_nopw_password ansible_port={{ tt.port }} ansible_python_interpreter={{ tt.python_path }} ansible_ssh_executable="{{ '{{' }} 'ssh' | trim {{ '}}' }}" ansible_user=mitogen__has_sudo_nopw From f50a61f9810b3d5a015a3c59d50fd7f3db4b7b24 Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Thu, 7 Nov 2024 10:39:37 +0000 Subject: [PATCH 53/61] ansible_mitogen: Templated host option (e.g. ansible_host, ansible_ssh_host) A twist - for the connection option "host" the corresponding legacy PlayContext attribute is PlayContext.remote_addr. This may be the only case where a connection option name and the PlayContext attribute name differ. --- ansible_mitogen/transport_config.py | 18 +++++++++++------- tests/ansible/hosts/default.hosts | 4 +--- .../integration/ssh/args_by_play_taskvar.yml | 1 + .../ssh/templated_by_play_keyword.yml | 1 + .../ssh/templated_by_play_taskvar.yml | 2 ++ .../ssh/templated_by_task_keyword.yml | 2 ++ tests/ansible/templates/test-targets.j2 | 2 +- 7 files changed, 19 insertions(+), 11 deletions(-) diff --git a/ansible_mitogen/transport_config.py b/ansible_mitogen/transport_config.py index 650355ff..e4de34f1 100644 --- a/ansible_mitogen/transport_config.py +++ b/ansible_mitogen/transport_config.py @@ -442,18 +442,22 @@ class PlayContextSpec(Spec): raise LOG.info( - 'Used PlayContext fallback for plugin=%r, option=%r', - self._connection, name, + 'Used fallback=PlayContext.%s for plugin=%r, option=%r', + name, self._connection, name, ) return getattr(self._play_context, name) - - def _connection_option(self, name): + def _connection_option(self, name, fallback_attr=None): try: return self._connection.get_option(name, hostvars=self._task_vars) except KeyError: - LOG.debug('Used PlayContext fallback for option=%r', name) - return getattr(self._play_context, name) + if fallback_attr is None: + fallback_attr = name + LOG.info( + 'Used fallback=PlayContext.%s for plugin=%r, option=%r', + fallback_attr, self._connection, name, + ) + return getattr(self._play_context, fallback_attr) def transport(self): return self._transport @@ -462,7 +466,7 @@ class PlayContextSpec(Spec): return self._inventory_name def remote_addr(self): - return self._play_context.remote_addr + return self._connection_option('host', fallback_attr='remote_addr') def remote_user(self): return self._connection_option('remote_user') diff --git a/tests/ansible/hosts/default.hosts b/tests/ansible/hosts/default.hosts index f16a4427..6bb21fc6 100644 --- a/tests/ansible/hosts/default.hosts +++ b/tests/ansible/hosts/default.hosts @@ -22,9 +22,6 @@ ssh_args_canary_file=/tmp/ssh_args_by_inv_{{ inventory_hostname }} [tt_targets_bare] tt-bare -[tt_targets_bare:vars] -ansible_host=localhost - [tt_become_bare] tt-become-bare @@ -43,6 +40,7 @@ ansible_host=localhost ansible_user="{{ lookup('pipe', 'whoami') }}" [tt_targets_inventory] +tt-host ansible_host="{{ 'localhost' | trim }}" ansible_password=has_sudo_nopw_password ansible_user=mitogen__has_sudo_nopw tt-host-key-checking ansible_host=localhost ansible_host_key_checking="{{ 'false' | trim }}" ansible_password=has_sudo_nopw_password ansible_user=mitogen__has_sudo_nopw tt-password ansible_host=localhost ansible_password="{{ 'has_sudo_nopw_password' | trim }}" ansible_user=mitogen__has_sudo_nopw tt-port ansible_host=localhost ansible_password=has_sudo_nopw_password ansible_port="{{ 22 | int }}" ansible_user=mitogen__has_sudo_nopw diff --git a/tests/ansible/integration/ssh/args_by_play_taskvar.yml b/tests/ansible/integration/ssh/args_by_play_taskvar.yml index 5ae83f2a..073265b2 100644 --- a/tests/ansible/integration/ssh/args_by_play_taskvar.yml +++ b/tests/ansible/integration/ssh/args_by_play_taskvar.yml @@ -2,6 +2,7 @@ hosts: tt_targets_bare gather_facts: false vars: + ansible_host: "{{ hostvars[groups['test-targets'][0]].host | default('localhost') }}" ansible_password: "{{ 'has_sudo_nopw_password' | trim }}" ansible_port: "{{ hostvars[groups['test-targets'][0]].ansible_port | default(22) }}" ansible_ssh_common_args: >- diff --git a/tests/ansible/integration/ssh/templated_by_play_keyword.yml b/tests/ansible/integration/ssh/templated_by_play_keyword.yml index e66cc5f3..c6ff1674 100644 --- a/tests/ansible/integration/ssh/templated_by_play_keyword.yml +++ b/tests/ansible/integration/ssh/templated_by_play_keyword.yml @@ -3,6 +3,7 @@ gather_facts: false remote_user: "{{ 'mitogen__has_sudo_nopw' | trim }}" vars: + ansible_host: "{{ hostvars[groups['test-targets'][0]].host | default('localhost') }}" ansible_password: has_sudo_nopw_password ansible_port: "{{ hostvars[groups['test-targets'][0]].ansible_port | default(22) }}" tasks: diff --git a/tests/ansible/integration/ssh/templated_by_play_taskvar.yml b/tests/ansible/integration/ssh/templated_by_play_taskvar.yml index d3ae6117..151aa614 100644 --- a/tests/ansible/integration/ssh/templated_by_play_taskvar.yml +++ b/tests/ansible/integration/ssh/templated_by_play_taskvar.yml @@ -2,6 +2,7 @@ hosts: tt_targets_bare gather_facts: false vars: + ansible_host: "{{ hostvars[groups['test-targets'][0]].host | default('localhost') }}" ansible_password: "{{ 'has_sudo_nopw_password' | trim }}" ansible_port: "{{ hostvars[groups['test-targets'][0]].ansible_port | default(22) }}" ansible_ssh_executable: "{{ 'ssh' | trim }}" @@ -16,6 +17,7 @@ hosts: tt_targets_bare gather_facts: false vars: + ansible_host: "{{ hostvars[groups['test-targets'][0]].host | default('localhost') }}" ansible_private_key_file: "{{ git_basedir }}/tests/data/docker/mitogen__has_sudo_pubkey.key" ansible_port: "{{ hostvars[groups['test-targets'][0]].ansible_port | default(22) }}" ansible_ssh_executable: "{{ 'ssh' | trim }}" diff --git a/tests/ansible/integration/ssh/templated_by_task_keyword.yml b/tests/ansible/integration/ssh/templated_by_task_keyword.yml index df956af5..dc16205a 100644 --- a/tests/ansible/integration/ssh/templated_by_task_keyword.yml +++ b/tests/ansible/integration/ssh/templated_by_task_keyword.yml @@ -5,6 +5,7 @@ # https://github.com/mitogen-hq/mitogen/issues/1132 remote_user: "{{ 'mitogen__has_sudo_nopw' | trim }}" vars: + ansible_host: "{{ hostvars[groups['test-targets'][0]].host | default('localhost') }}" ansible_password: has_sudo_nopw_password ansible_port: "{{ hostvars[groups['test-targets'][0]].ansible_port | default(22) }}" tasks: @@ -19,6 +20,7 @@ delegate_to: "{{ groups.tt_targets_bare[0] }}" remote_user: "{{ 'mitogen__has_sudo_nopw' | trim }}" vars: + ansible_host: "{{ hostvars[groups['test-targets'][0]].host | default('localhost') }}" ansible_password: has_sudo_nopw_password ansible_port: "{{ hostvars[groups['test-targets'][0]].ansible_port | default(22) }}" ping: diff --git a/tests/ansible/templates/test-targets.j2 b/tests/ansible/templates/test-targets.j2 index 2df20613..cebf7067 100644 --- a/tests/ansible/templates/test-targets.j2 +++ b/tests/ansible/templates/test-targets.j2 @@ -44,7 +44,6 @@ ssh_args_canary_file=/tmp/ssh_args_by_inv_{{ '{{' }} inventory_hostname {{ '}}' tt-bare [tt_targets_bare:vars] -ansible_host={{ tt.hostname }} ansible_python_interpreter={{ tt.python_path }} [tt_become_bare] @@ -71,6 +70,7 @@ ansible_python_interpreter={{ tt.python_path }} ansible_user=mitogen__has_sudo_nopw [tt_targets_inventory] +tt-host ansible_host="{{ '{{' }} '{{ tt.hostname }}' | trim {{ '}}' }}" ansible_password=has_sudo_nopw_password ansible_port={{ tt.port }} ansible_python_interpreter={{ tt.python_path }} ansible_user=mitogen__has_sudo_nopw tt-host-key-checking ansible_host={{ tt.hostname }} ansible_host_key_checking="{{ '{{' }} 'false' | trim {{ '}}' }}" ansible_password=has_sudo_nopw_password ansible_port={{ tt.port }} ansible_python_interpreter={{ tt.python_path }} ansible_user=mitogen__has_sudo_nopw tt-password ansible_host={{ tt.hostname }} ansible_password="{{ '{{' }} 'has_sudo_nopw_password' | trim {{ '}}' }}" ansible_port={{ tt.port }} ansible_python_interpreter={{ tt.python_path }} ansible_user=mitogen__has_sudo_nopw tt-port ansible_host={{ tt.hostname }} ansible_password=has_sudo_nopw_password ansible_port="{{ '{{' }} {{ tt.port }} | int {{ '}}' }}" ansible_python_interpreter={{ tt.python_path }} ansible_user=mitogen__has_sudo_nopw From 5ae5bb94ac0807b99280a0760c4a921fcff873eb Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Thu, 7 Nov 2024 12:21:10 +0000 Subject: [PATCH 54/61] docs: Changelog entry for templated ansible_host --- docs/changelog.rst | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/changelog.rst b/docs/changelog.rst index 88ad6bb1..449e8d03 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -27,6 +27,8 @@ In progress (unreleased) (e.g. ``ansible_private_key_file``). * :gh:issue:`1083` :mod:`ansible_mitogen`: Templated SSH host key checking (e.g. ``ansible_host_key_checking``, ``ansible_ssh_host_key_checking``). +* :gh:issue:`1083` :mod:`ansible_mitogen`: Templated host address + (e.g. ``ansible_host``, ``ansible_ssh_host``) v0.3.16 (2024-11-05) From 905b87b71aa415f7dfbf8e7905a0f4ced691dbaa Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Thu, 7 Nov 2024 12:25:22 +0000 Subject: [PATCH 55/61] tests: Test templated ansible_host_key_checking provided by task vars missed by #1184 --- docs/changelog.rst | 1 + tests/ansible/integration/ssh/templated_by_play_taskvar.yml | 2 ++ 2 files changed, 3 insertions(+) diff --git a/docs/changelog.rst b/docs/changelog.rst index 449e8d03..ddcc24c9 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -29,6 +29,7 @@ In progress (unreleased) (e.g. ``ansible_host_key_checking``, ``ansible_ssh_host_key_checking``). * :gh:issue:`1083` :mod:`ansible_mitogen`: Templated host address (e.g. ``ansible_host``, ``ansible_ssh_host``) +* :gh:issue:`1184` Test templated SSH host key checking in task vars v0.3.16 (2024-11-05) diff --git a/tests/ansible/integration/ssh/templated_by_play_taskvar.yml b/tests/ansible/integration/ssh/templated_by_play_taskvar.yml index 151aa614..4d7e318e 100644 --- a/tests/ansible/integration/ssh/templated_by_play_taskvar.yml +++ b/tests/ansible/integration/ssh/templated_by_play_taskvar.yml @@ -3,6 +3,7 @@ gather_facts: false vars: ansible_host: "{{ hostvars[groups['test-targets'][0]].host | default('localhost') }}" + ansible_host_key_checking: "{{ 'false' | trim }}" ansible_password: "{{ 'has_sudo_nopw_password' | trim }}" ansible_port: "{{ hostvars[groups['test-targets'][0]].ansible_port | default(22) }}" ansible_ssh_executable: "{{ 'ssh' | trim }}" @@ -18,6 +19,7 @@ gather_facts: false vars: ansible_host: "{{ hostvars[groups['test-targets'][0]].host | default('localhost') }}" + ansible_host_key_checking: "{{ 'false' | trim }}" ansible_private_key_file: "{{ git_basedir }}/tests/data/docker/mitogen__has_sudo_pubkey.key" ansible_port: "{{ hostvars[groups['test-targets'][0]].ansible_port | default(22) }}" ansible_ssh_executable: "{{ 'ssh' | trim }}" From 6cf6f69751e4533eb4f77d2e277c5989571357a5 Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Thu, 7 Nov 2024 12:27:56 +0000 Subject: [PATCH 56/61] Prepare v0.3.17 --- docs/changelog.rst | 4 ++-- mitogen/__init__.py | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/changelog.rst b/docs/changelog.rst index ddcc24c9..0dede63a 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -18,8 +18,8 @@ To avail of fixes in an unreleased version, please download a ZIP file `directly from GitHub `_. -In progress (unreleased) ------------------------- +v0.3.17 (2024-11-07) +-------------------- * :gh:issue:`1182` CI: Fix incorrect world readable/writable file permissions on SSH key ``mitogen__has_sudo_pubkey.key`` during Ansible tests. diff --git a/mitogen/__init__.py b/mitogen/__init__.py index 40b6850e..cbc58655 100644 --- a/mitogen/__init__.py +++ b/mitogen/__init__.py @@ -35,7 +35,7 @@ be expected. On the slave, it is built dynamically during startup. #: Library version as a tuple. -__version__ = (0, 3, 17, 'dev') +__version__ = (0, 3, 17) #: This is :data:`False` in slave contexts. Previously it was used to prevent From d2db3c3840228de22c30ed9b5aaf582d234620cb Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Thu, 7 Nov 2024 12:29:20 +0000 Subject: [PATCH 57/61] Begin v0.3.18dev --- docs/changelog.rst | 5 +++++ mitogen/__init__.py | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/docs/changelog.rst b/docs/changelog.rst index 0dede63a..17f88aff 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -18,6 +18,11 @@ To avail of fixes in an unreleased version, please download a ZIP file `directly from GitHub `_. +In progress (unreleased) +------------------------ + + + v0.3.17 (2024-11-07) -------------------- diff --git a/mitogen/__init__.py b/mitogen/__init__.py index cbc58655..73db5b8c 100644 --- a/mitogen/__init__.py +++ b/mitogen/__init__.py @@ -35,7 +35,7 @@ be expected. On the slave, it is built dynamically during startup. #: Library version as a tuple. -__version__ = (0, 3, 17) +__version__ = (0, 3, 18, 'dev') #: This is :data:`False` in slave contexts. Previously it was used to prevent From e120cd2caeb41fccd2502b427628ff9ff6b66ac3 Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Thu, 7 Nov 2024 14:18:58 +0000 Subject: [PATCH 58/61] ansible_mitogen: Templated become method --- ansible_mitogen/transport_config.py | 2 +- docs/changelog.rst | 2 ++ tests/ansible/hosts/default.hosts | 1 + tests/ansible/integration/become/templated_by_inv.yml | 1 + .../ansible/integration/become/templated_by_play_keywords.yml | 2 ++ tests/ansible/integration/become/templated_by_play_vars.yml | 2 ++ .../ansible/integration/become/templated_by_task_keywords.yml | 4 ++++ tests/ansible/templates/test-targets.j2 | 1 + 8 files changed, 14 insertions(+), 1 deletion(-) diff --git a/ansible_mitogen/transport_config.py b/ansible_mitogen/transport_config.py index e4de34f1..2218a7fa 100644 --- a/ansible_mitogen/transport_config.py +++ b/ansible_mitogen/transport_config.py @@ -478,7 +478,7 @@ class PlayContextSpec(Spec): return self._become_option('become_flags') def become_method(self): - return self._play_context.become_method + return self._connection.become.name def become_user(self): return self._become_option('become_user') diff --git a/docs/changelog.rst b/docs/changelog.rst index 17f88aff..08206b21 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -21,6 +21,8 @@ To avail of fixes in an unreleased version, please download a ZIP file In progress (unreleased) ------------------------ +* :gh:issue:`1083` :mod:`ansible_mitogen`: Templated become method + (e.g. ``ansible_become_method``). v0.3.17 (2024-11-07) diff --git a/tests/ansible/hosts/default.hosts b/tests/ansible/hosts/default.hosts index 6bb21fc6..42ca4ca6 100644 --- a/tests/ansible/hosts/default.hosts +++ b/tests/ansible/hosts/default.hosts @@ -32,6 +32,7 @@ ansible_user="{{ lookup('pipe', 'whoami') }}" [tt_become_by_inv] tt-become-exe ansible_become=true ansible_become_exe="{{ 'sudo' | trim }}" ansible_become_user=root tt-become-flags ansible_become=true ansible_become_flags="{{ '--set-home --stdin --non-interactive' | trim }}" ansible_become_user=root +tt-become-method ansible_become=true ansible_become_method="{{ 'sudo' | trim }}" ansible_become_user=root tt-become-pass ansible_become=true ansible_become_pass="{{ 'pw_required_password' | trim }}" ansible_become_user=mitogen__pw_required tt-become-user ansible_become=true ansible_become_user="{{ 'root' | trim }}" diff --git a/tests/ansible/integration/become/templated_by_inv.yml b/tests/ansible/integration/become/templated_by_inv.yml index a65fcf7b..25df14e7 100644 --- a/tests/ansible/integration/become/templated_by_inv.yml +++ b/tests/ansible/integration/become/templated_by_inv.yml @@ -14,6 +14,7 @@ expected_become_users: tt-become-exe: root tt-become-flags: root + tt-become-method: root tt-become-pass: mitogen__pw_required tt-become-user: root command: diff --git a/tests/ansible/integration/become/templated_by_play_keywords.yml b/tests/ansible/integration/become/templated_by_play_keywords.yml index 67d06125..d3a87c92 100644 --- a/tests/ansible/integration/become/templated_by_play_keywords.yml +++ b/tests/ansible/integration/become/templated_by_play_keywords.yml @@ -4,6 +4,7 @@ become: true become_exe: "{{ 'sudo' | trim }}" become_flags: "{{ '--set-home --stdin --non-interactive' | trim }}" + become_method: "{{ 'sudo' | trim }}" become_user: "{{ 'root' | trim }}" tasks: - meta: reset_connection @@ -24,6 +25,7 @@ become: true become_exe: "{{ 'sudo' | trim }}" become_flags: "{{ '--set-home --stdin --non-interactive' | trim }}" + become_method: "{{ 'sudo' | trim }}" become_user: "{{ 'mitogen__pw_required' | trim }}" vars: ansible_become_pass: "{{ 'pw_required_password' | trim }}" diff --git a/tests/ansible/integration/become/templated_by_play_vars.yml b/tests/ansible/integration/become/templated_by_play_vars.yml index cdfb8221..df6684a5 100644 --- a/tests/ansible/integration/become/templated_by_play_vars.yml +++ b/tests/ansible/integration/become/templated_by_play_vars.yml @@ -5,6 +5,7 @@ ansible_become: true ansible_become_exe: "{{ 'sudo' | trim }}" ansible_become_flags: "{{ '--set-home --stdin --non-interactive' | trim }}" + ansible_become_method: "{{ 'sudo' | trim }}" ansible_become_user: "{{ 'root' | trim }}" tasks: - name: Templated become by play vars, no password @@ -24,6 +25,7 @@ ansible_become: true ansible_become_exe: "{{ 'sudo' | trim }}" ansible_become_flags: "{{ '--set-home --stdin --non-interactive' | trim }}" + ansible_become_method: "{{ 'sudo' | trim }}" ansible_become_pass: "{{ 'pw_required_password' | trim }}" ansible_become_user: "{{ 'mitogen__pw_required' | trim }}" tasks: diff --git a/tests/ansible/integration/become/templated_by_task_keywords.yml b/tests/ansible/integration/become/templated_by_task_keywords.yml index baea51e7..bb5e8aa0 100644 --- a/tests/ansible/integration/become/templated_by_task_keywords.yml +++ b/tests/ansible/integration/become/templated_by_task_keywords.yml @@ -6,6 +6,7 @@ become: true become_exe: "{{ 'sudo' | trim }}" become_flags: "{{ '--set-home --stdin --non-interactive' | trim }}" + become_method: "{{ 'sudo' | trim }}" become_user: "{{ 'root' | trim }}" tasks: - name: Reset connection to target that will be delegate_to @@ -19,6 +20,7 @@ become: true become_exe: "{{ 'sudo' | trim }}" become_flags: "{{ '--set-home --stdin --non-interactive' | trim }}" + become_method: "{{ 'sudo' | trim }}" become_user: "{{ 'root' | trim }}" delegate_to: "{{ groups.tt_become_bare[0] }}" command: @@ -39,6 +41,7 @@ become: true become_exe: "{{ 'sudo' | trim }}" become_flags: "{{ '--set-home --stdin --non-interactive' | trim }}" + become_method: "{{ 'sudo' | trim }}" become_user: "{{ 'mitogen__pw_required' | trim }}" vars: ansible_become_pass: "{{ 'pw_required_password' | trim }}" @@ -60,6 +63,7 @@ become: true become_exe: "{{ 'sudo' | trim }}" become_flags: "{{ '--set-home --stdin --non-interactive' | trim }}" + become_method: "{{ 'sudo' | trim }}" become_user: "{{ 'mitogen__pw_required' | trim }}" delegate_to: "{{ groups.tt_become_bare[0] }}" vars: diff --git a/tests/ansible/templates/test-targets.j2 b/tests/ansible/templates/test-targets.j2 index cebf7067..d4a0c60e 100644 --- a/tests/ansible/templates/test-targets.j2 +++ b/tests/ansible/templates/test-targets.j2 @@ -59,6 +59,7 @@ ansible_user=mitogen__has_sudo_nopw [tt_become_by_inv] tt-become-exe ansible_become=true ansible_become_exe="{{ '{{' }} 'sudo' | trim {{ '}}' }}" ansible_become_user=root tt-become-flags ansible_become=true ansible_become_flags="{{ '{{' }} '--set-home --stdin --non-interactive' | trim {{ '}}' }}" ansible_become_user=root +tt-become-method ansible_become=true ansible_become_method="{{ '{{' }} 'sudo' | trim {{ '}}' }}" ansible_become_user=root tt-become-pass ansible_become=true ansible_become_pass="{{ '{{' }} 'pw_required_password' | trim {{ '}}' }}" ansible_become_user=mitogen__pw_required tt-become-user ansible_become=true ansible_become_user="{{ '{{' }} 'root' | trim {{ '}}' }}" From dd41ddf89b66047a66508a333dbc70aea933a4a8 Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Thu, 7 Nov 2024 15:07:59 +0000 Subject: [PATCH 59/61] ansible_mitogen: Templated become flag The code change to support this was already made in transport_config.py, as part of templated become_user support (commit bf6607e27e01, PR #1148). This commit adds tests to confirm the functionality. --- docs/changelog.rst | 2 ++ tests/ansible/hosts/default.hosts | 1 + tests/ansible/integration/become/templated_by_inv.yml | 1 + .../integration/become/templated_by_play_keywords.yml | 4 ++-- .../integration/become/templated_by_task_keywords.yml | 8 ++++---- tests/ansible/templates/test-targets.j2 | 1 + 6 files changed, 11 insertions(+), 6 deletions(-) diff --git a/docs/changelog.rst b/docs/changelog.rst index 08206b21..b0e4ede2 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -23,6 +23,8 @@ In progress (unreleased) * :gh:issue:`1083` :mod:`ansible_mitogen`: Templated become method (e.g. ``ansible_become_method``). +* :gh:issue:`1083` :mod:`ansible_mitogen`: Templated become flag + (e.g. ``ansible_become_method``, ``become`` keyword). v0.3.17 (2024-11-07) diff --git a/tests/ansible/hosts/default.hosts b/tests/ansible/hosts/default.hosts index 42ca4ca6..17d1fd6d 100644 --- a/tests/ansible/hosts/default.hosts +++ b/tests/ansible/hosts/default.hosts @@ -30,6 +30,7 @@ ansible_host=localhost ansible_user="{{ lookup('pipe', 'whoami') }}" [tt_become_by_inv] +tt-become ansible_become="{{ 'true' | trim }}" ansible_become_user=root tt-become-exe ansible_become=true ansible_become_exe="{{ 'sudo' | trim }}" ansible_become_user=root tt-become-flags ansible_become=true ansible_become_flags="{{ '--set-home --stdin --non-interactive' | trim }}" ansible_become_user=root tt-become-method ansible_become=true ansible_become_method="{{ 'sudo' | trim }}" ansible_become_user=root diff --git a/tests/ansible/integration/become/templated_by_inv.yml b/tests/ansible/integration/become/templated_by_inv.yml index 25df14e7..0829fc08 100644 --- a/tests/ansible/integration/become/templated_by_inv.yml +++ b/tests/ansible/integration/become/templated_by_inv.yml @@ -12,6 +12,7 @@ - name: Templated become in inventory vars: expected_become_users: + tt-become: root tt-become-exe: root tt-become-flags: root tt-become-method: root diff --git a/tests/ansible/integration/become/templated_by_play_keywords.yml b/tests/ansible/integration/become/templated_by_play_keywords.yml index d3a87c92..146a3735 100644 --- a/tests/ansible/integration/become/templated_by_play_keywords.yml +++ b/tests/ansible/integration/become/templated_by_play_keywords.yml @@ -1,7 +1,7 @@ - name: integration/become/templated_by_play_keywords.yml hosts: tt_become_bare gather_facts: false - become: true + become: "{{ 'true' | trim }}" become_exe: "{{ 'sudo' | trim }}" become_flags: "{{ '--set-home --stdin --non-interactive' | trim }}" become_method: "{{ 'sudo' | trim }}" @@ -22,7 +22,7 @@ - name: integration/become/templated_by_play_keywords.yml hosts: tt_become_bare gather_facts: false - become: true + become: "{{ 'true' | trim }}" become_exe: "{{ 'sudo' | trim }}" become_flags: "{{ '--set-home --stdin --non-interactive' | trim }}" become_method: "{{ 'sudo' | trim }}" diff --git a/tests/ansible/integration/become/templated_by_task_keywords.yml b/tests/ansible/integration/become/templated_by_task_keywords.yml index bb5e8aa0..c42df1b1 100644 --- a/tests/ansible/integration/become/templated_by_task_keywords.yml +++ b/tests/ansible/integration/become/templated_by_task_keywords.yml @@ -3,7 +3,7 @@ gather_facts: false # FIXME Resetting the connection shouldn't require credentials # https://github.com/mitogen-hq/mitogen/issues/1132 - become: true + become: "{{ 'true' | trim }}" become_exe: "{{ 'sudo' | trim }}" become_flags: "{{ '--set-home --stdin --non-interactive' | trim }}" become_method: "{{ 'sudo' | trim }}" @@ -17,7 +17,7 @@ gather_facts: false tasks: - name: Templated become by task keywords, with delegate_to - become: true + become: "{{ 'true' | trim }}" become_exe: "{{ 'sudo' | trim }}" become_flags: "{{ '--set-home --stdin --non-interactive' | trim }}" become_method: "{{ 'sudo' | trim }}" @@ -38,7 +38,7 @@ gather_facts: false # FIXME Resetting the connection shouldn't require credentials # https://github.com/mitogen-hq/mitogen/issues/1132 - become: true + become: "{{ 'true' | trim }}" become_exe: "{{ 'sudo' | trim }}" become_flags: "{{ '--set-home --stdin --non-interactive' | trim }}" become_method: "{{ 'sudo' | trim }}" @@ -60,7 +60,7 @@ setup: - name: Templated become by task keywords, with delegate_to - become: true + become: "{{ 'true' | trim }}" become_exe: "{{ 'sudo' | trim }}" become_flags: "{{ '--set-home --stdin --non-interactive' | trim }}" become_method: "{{ 'sudo' | trim }}" diff --git a/tests/ansible/templates/test-targets.j2 b/tests/ansible/templates/test-targets.j2 index d4a0c60e..bb0d85ec 100644 --- a/tests/ansible/templates/test-targets.j2 +++ b/tests/ansible/templates/test-targets.j2 @@ -57,6 +57,7 @@ ansible_python_interpreter={{ tt.python_path }} ansible_user=mitogen__has_sudo_nopw [tt_become_by_inv] +tt-become ansible_become="{{ '{{' }} 'true' | trim {{ '}}' }}" ansible_become_user=root tt-become-exe ansible_become=true ansible_become_exe="{{ '{{' }} 'sudo' | trim {{ '}}' }}" ansible_become_user=root tt-become-flags ansible_become=true ansible_become_flags="{{ '{{' }} '--set-home --stdin --non-interactive' | trim {{ '}}' }}" ansible_become_user=root tt-become-method ansible_become=true ansible_become_method="{{ '{{' }} 'sudo' | trim {{ '}}' }}" ansible_become_user=root From d85d9a25ee02bddecf068b888c2d814cc918864c Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Thu, 7 Nov 2024 16:53:30 +0000 Subject: [PATCH 60/61] Prepare v0.3.18 --- docs/changelog.rst | 4 ++-- mitogen/__init__.py | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/changelog.rst b/docs/changelog.rst index b0e4ede2..b4d37066 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -18,8 +18,8 @@ To avail of fixes in an unreleased version, please download a ZIP file `directly from GitHub `_. -In progress (unreleased) ------------------------- +v0.3.18 (2024-11-07) +-------------------- * :gh:issue:`1083` :mod:`ansible_mitogen`: Templated become method (e.g. ``ansible_become_method``). diff --git a/mitogen/__init__.py b/mitogen/__init__.py index 73db5b8c..8addceb6 100644 --- a/mitogen/__init__.py +++ b/mitogen/__init__.py @@ -35,7 +35,7 @@ be expected. On the slave, it is built dynamically during startup. #: Library version as a tuple. -__version__ = (0, 3, 18, 'dev') +__version__ = (0, 3, 18) #: This is :data:`False` in slave contexts. Previously it was used to prevent From 1cd7ea18d36aa65d84e305db534a10e0f009bfc4 Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Thu, 7 Nov 2024 16:54:33 +0000 Subject: [PATCH 61/61] Begin v0.3.19dev --- docs/changelog.rst | 5 +++++ mitogen/__init__.py | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/docs/changelog.rst b/docs/changelog.rst index b4d37066..571cce28 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -18,6 +18,11 @@ To avail of fixes in an unreleased version, please download a ZIP file `directly from GitHub `_. +In progress (unreleased) +------------------------ + + + v0.3.18 (2024-11-07) -------------------- diff --git a/mitogen/__init__.py b/mitogen/__init__.py index 8addceb6..9f3ea4a0 100644 --- a/mitogen/__init__.py +++ b/mitogen/__init__.py @@ -35,7 +35,7 @@ be expected. On the slave, it is built dynamically during startup. #: Library version as a tuple. -__version__ = (0, 3, 18) +__version__ = (0, 3, 19, 'dev') #: This is :data:`False` in slave contexts. Previously it was used to prevent