From a85f736f6a7ec60d8b31bea3d5af27c092d31a40 Mon Sep 17 00:00:00 2001 From: Adam Miller Date: Thu, 30 Nov 2023 23:23:16 -0600 Subject: [PATCH] refactor to comply with current ansible-lint and sanity guidelines Signed-off-by: Adam Miller --- .azure-pipelines/azure-pipelines.yml | 72 +- .github/BOTMETA.yml | 1 + README.md | 20 +- changelogs/fragments/dropping-ansible29.yml | 2 + codecov.yml | 1 + galaxy.yml | 1 + meta/runtime.yml | 4 +- plugins/action/synchronize.py | 4 +- plugins/modules/synchronize.py | 64 +- shippable.yml | 13 +- tests/integration/requirements.yml | 2 +- tests/integration/targets/acl/tasks/acl.yml | 138 ++- tests/integration/targets/acl/tasks/main.yml | 30 +- tests/integration/targets/at/meta/main.yml | 1 + tests/integration/targets/at/tasks/main.yml | 66 +- .../targets/authorized_key/defaults/main.yml | 31 +- .../targets/authorized_key/meta/main.yml | 1 + .../authorized_key/tasks/check_mode.yml | 19 +- .../targets/authorized_key/tasks/comments.yml | 20 +- .../targets/authorized_key/tasks/main.yml | 11 +- .../authorized_key/tasks/multiple_keys.yml | 89 +- .../authorized_key/tasks/setup_steps.yml | 48 +- .../targets/authorized_key/tasks/ssh_dss.yml | 205 ++-- .../targets/firewalld/meta/main.yml | 1 + .../tasks/icmp_block_inversion_test_cases.yml | 265 ++--- .../firewalld/tasks/interface_test_cases.yml | 133 +-- .../targets/firewalld/tasks/main.yml | 34 +- .../firewalld/tasks/masquerade_test_cases.yml | 265 ++--- .../tasks/port_forward_test_cases.yml | 41 +- .../firewalld/tasks/port_test_cases.yml | 85 +- .../firewalld/tasks/protocol_test_cases.yml | 41 +- .../targets/firewalld/tasks/run_all_tests.yml | 34 +- .../firewalld/tasks/service_test_cases.yml | 41 +- .../firewalld/tasks/source_test_cases.yml | 64 +- .../tasks/zone_target_test_cases.yml | 105 +- .../firewalld/tasks/zone_test_cases.yml | 49 +- .../targets/firewalld_info/tasks/main.yml | 43 +- .../tasks/run_tests_in_started.yml | 17 +- .../tasks/run_tests_in_stopped.yml | 21 +- .../integration/targets/mount/tasks/main.yml | 1030 +++++++++-------- .../integration/targets/patch/tasks/main.yml | 169 +-- .../targets/seboolean/tasks/main.yml | 6 +- .../targets/seboolean/tasks/seboolean.yml | 77 +- .../targets/selinux/tasks/main.yml | 21 +- .../targets/selinux/tasks/selinux.yml | 230 ++-- .../targets/selinux/tasks/selogin.yml | 89 +- .../targets/setup_pkg_mgr/tasks/main.yml | 10 +- .../targets/synchronize/meta/main.yml | 1 + .../targets/synchronize/tasks/main.yml | 564 ++++----- .../integration/targets/sysctl/meta/main.yml | 1 + .../integration/targets/sysctl/tasks/main.yml | 214 ++-- tests/sanity/ignore-2.14.txt | 6 - tests/sanity/ignore-2.15.txt | 6 - tests/sanity/ignore-2.16.txt | 6 - tests/sanity/ignore-2.17.txt | 6 - tests/sanity/ignore-2.9.txt | 8 - .../fixtures/synchronize/basic/meta.yaml | 27 +- .../synchronize/basic_become/meta.yaml | 65 +- .../synchronize/basic_become_cli/meta.yaml | 65 +- .../synchronize/basic_vagrant/meta.yaml | 47 +- .../basic_vagrant_become_cli/meta.yaml | 51 +- .../synchronize/basic_vagrant_sudo/meta.yaml | 47 +- .../basic_with_private_key/meta.yaml | 37 +- .../synchronize/delegate_remote/meta.yaml | 39 +- .../meta.yaml | 43 +- .../synchronize/delegate_remote_su/meta.yaml | 53 +- .../meta.yaml | 45 +- tests/unit/requirements.yml | 2 +- 68 files changed, 2640 insertions(+), 2407 deletions(-) create mode 100644 changelogs/fragments/dropping-ansible29.yml delete mode 100644 tests/sanity/ignore-2.9.txt diff --git a/.azure-pipelines/azure-pipelines.yml b/.azure-pipelines/azure-pipelines.yml index e1ba4a0..d02f9de 100644 --- a/.azure-pipelines/azure-pipelines.yml +++ b/.azure-pipelines/azure-pipelines.yml @@ -1,3 +1,4 @@ +--- trigger: batch: true branches: @@ -13,7 +14,7 @@ pr: - stable-* schedules: - - cron: 0 9 * * * + - cron: "0 9 * * *" displayName: Nightly always: true branches: @@ -41,7 +42,6 @@ resources: pool: Standard stages: - - stage: Sanity_devel displayName: Ansible devel sanity dependsOn: [] @@ -49,14 +49,14 @@ stages: - template: templates/matrix.yml parameters: nameFormat: "{0}" - testFormat: "devel/{0}" + testFormat: devel/{0} targets: - name: Sanity test: sanity - name: Units test: units -# - name: Lint -# test: lint + - name: Lint + test: lint - stage: Sanity_2_16 displayName: Ansible 2.16 sanity dependsOn: [] @@ -64,12 +64,14 @@ stages: - template: templates/matrix.yml parameters: nameFormat: "{0}" - testFormat: "2.16/{0}" + testFormat: 2.16/{0} targets: - name: Sanity test: sanity - name: Units test: units + - name: Lint + test: lint - stage: Sanity_2_15 displayName: Ansible 2.15 sanity dependsOn: [] @@ -77,7 +79,7 @@ stages: - template: templates/matrix.yml parameters: nameFormat: "{0}" - testFormat: "2.15/{0}" + testFormat: 2.15/{0} targets: - name: Sanity test: sanity @@ -90,26 +92,13 @@ stages: - template: templates/matrix.yml parameters: nameFormat: "{0}" - testFormat: "2.14/{0}" + testFormat: 2.14/{0} targets: - name: Sanity test: sanity - name: Units test: units - - stage: Sanity_2_9 - displayName: Ansible 2.9 sanity - dependsOn: [] - jobs: - - template: templates/matrix.yml - parameters: - nameFormat: "{0}" - testFormat: "2.9/{0}" - targets: - - name: Sanity - test: sanity - - name: Units - test: units -## Docker + ## Docker - stage: Docker_devel displayName: Docker devel dependsOn: [] @@ -177,28 +166,8 @@ stages: test: ubuntu2004 - name: Ubuntu 22.04 test: ubuntu2204 - - stage: Docker_2_9 - displayName: Docker 2.9 - dependsOn: [] - jobs: - - template: templates/matrix.yml - parameters: - testFormat: 2.9/linux/{0}/1 - targets: - - name: CentOS 6 - test: centos6 - - name: CentOS 7 - test: centos7 - - name: openSUSE 15 py2 - test: opensuse15py2 - - name: openSUSE 15 py3 - test: opensuse15 - - name: Ubuntu 16.04 - test: ubuntu1604 - - name: Ubuntu 18.04 - test: ubuntu1804 -## Remote + ## Remote - stage: Remote_devel displayName: Remote devel dependsOn: [] @@ -260,27 +229,12 @@ stages: test: freebsd/13.1 - name: FreeBSD 12.4 test: freebsd/12.4 - - stage: Remote_2_9 - displayName: Remote 2.9 - dependsOn: [] - jobs: - - template: templates/matrix.yml - parameters: - testFormat: 2.9/{0}/1 - targets: - - name: RHEL 7.9 - test: rhel/7.9 - - name: RHEL 8.1 - test: rhel/8.1 -## Finally + ## Finally - stage: Summary condition: succeededOrFailed() dependsOn: - - Sanity_2_9 - - Remote_2_9 - - Docker_2_9 - Sanity_2_14 - Remote_2_14 - Docker_2_14 diff --git a/.github/BOTMETA.yml b/.github/BOTMETA.yml index 62b9194..60ae92a 100644 --- a/.github/BOTMETA.yml +++ b/.github/BOTMETA.yml @@ -1,3 +1,4 @@ +--- automerge: false files: $module_utils/mount.py: diff --git a/README.md b/README.md index b0cd705..3683489 100644 --- a/README.md +++ b/README.md @@ -11,13 +11,7 @@ An Ansible Collection of modules and plugins that target POSIX UNIX/Linux and de ## Ansible version compatibility -This collection has been tested against following Ansible versions: **>=2.9**. - -For collections that support Ansible 2.9, please ensure you update your `network_os` to use the -fully qualified collection name (for example, `cisco.ios.ios`). -Plugins and modules within a collection may be tested with only specific Ansible versions. -A collection may contain metadata that identifies these versions. -PEP440 is the schema used to describe the versions of Ansible. +This collection has been tested against following Ansible versions: **>=2.14**. ## Included content @@ -63,8 +57,6 @@ collections: See [Ansible Using collections](https://docs.ansible.com/ansible/latest/user_guide/collections_using.html) for more details. -**NOTE**: For Ansible 2.9, you may not see deprecation warnings when you run your playbooks with this collection. Use this documentation to track when a module is deprecated. - ## Contributing to this collection @@ -91,12 +83,10 @@ None -- ansible-core 2.14 (devel) -- ansible-core 2.13 (stable) -- ansible-core 2.12 (stable) -- ansible-core 2.11 (stable) -- ansible-base 2.10 (stable) -- ansible 2.9 (stable) +- ansible-core 2.17 (devel) +- ansible-core 2.16 (stable) +- ansible-core 2.15 (stable) +- ansible-core 2.14 (stable) ## Roadmap diff --git a/changelogs/fragments/dropping-ansible29.yml b/changelogs/fragments/dropping-ansible29.yml new file mode 100644 index 0000000..78cd428 --- /dev/null +++ b/changelogs/fragments/dropping-ansible29.yml @@ -0,0 +1,2 @@ +major_changes: + - "Dropping support for Ansible 2.9, ansible-core 2.14 will be minimum required version for this release" diff --git a/codecov.yml b/codecov.yml index 69cb760..6cfc360 100644 --- a/codecov.yml +++ b/codecov.yml @@ -1 +1,2 @@ +--- comment: false diff --git a/galaxy.yml b/galaxy.yml index 1d937fb..6b7009b 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -1,3 +1,4 @@ +--- namespace: ansible name: posix version: 1.5.4 diff --git a/meta/runtime.yml b/meta/runtime.yml index f43de48..a96714c 100644 --- a/meta/runtime.yml +++ b/meta/runtime.yml @@ -1,8 +1,8 @@ --- -requires_ansible: '>=2.9' +requires_ansible: ">=2.14.0" plugin_routing: callback: skippy: deprecation: - removal_date: '2022-06-01' + removal_date: "2022-06-01" warning_text: See the plugin documentation for more details diff --git a/plugins/action/synchronize.py b/plugins/action/synchronize.py index c70db5f..dd780b9 100644 --- a/plugins/action/synchronize.py +++ b/plugins/action/synchronize.py @@ -177,7 +177,7 @@ class ActionModule(ActionBase): # Store remote connection type self._remote_transport = self._connection.transport - use_ssh_args = _tmp_args.pop('use_ssh_args', None) + use_ssh_args = _tmp_args.pop('use_ssh_args', False) if use_ssh_args and self._connection.transport == 'ssh': ssh_args = [ @@ -185,7 +185,7 @@ class ActionModule(ActionBase): self._connection.get_option('ssh_common_args'), self._connection.get_option('ssh_extra_args'), ] - _tmp_args['ssh_args'] = ' '.join([a for a in ssh_args if a]) + _tmp_args['_ssh_args'] = ' '.join([a for a in ssh_args if a]) # Handle docker connection options if self._remote_transport in DOCKER: diff --git a/plugins/modules/synchronize.py b/plugins/modules/synchronize.py index 40fae71..3d8d0fe 100644 --- a/plugins/modules/synchronize.py +++ b/plugins/modules/synchronize.py @@ -26,13 +26,13 @@ options: description: - Path on the source host that will be synchronized to the destination. - The path can be absolute or relative. - type: str + type: path required: true dest: description: - Path on the destination host that will be synchronized from the source. - The path can be absolute or relative. - type: str + type: path required: true dest_port: description: @@ -135,13 +135,6 @@ options: that does not match the inventory user, you should set this parameter to C(false). type: bool default: true - use_ssh_args: - description: - - In Ansible 2.10 and lower, it uses the ssh_args specified in C(ansible.cfg). - - In Ansible 2.11 and onwards, when set to C(true), it uses all SSH connection configurations like - C(ansible_ssh_args), C(ansible_ssh_common_args), and C(ansible_ssh_extra_args). - type: bool - default: false ssh_connection_multiplexing: description: - SSH connection multiplexing for rsync is disabled by default to prevent misconfigured ControlSockets from resulting in failed SSH connections. @@ -157,7 +150,7 @@ options: - Specify additional rsync options by passing in an array. - Note that an empty string in C(rsync_opts) will end up transfer the current working directory. type: list - default: + default: [] elements: str partial: description: @@ -178,7 +171,7 @@ options: - Add a destination to hard link against during the rsync. type: list default: - elements: str + elements: path delay_updates: description: - This option puts the temporary file from each updated file into a holding directory until the end of the transfer, @@ -186,6 +179,30 @@ options: type: bool default: true version_added: '1.3.0' + use_ssh_args: + description: + - In Ansible 2.10 and lower, it uses the ssh_args specified in C(ansible.cfg). + - In Ansible 2.11 and onwards, when set to C(true), it uses all SSH connection configurations like + C(ansible_ssh_args), C(ansible_ssh_common_args), and C(ansible_ssh_extra_args). + type: bool + default: false + _local_rsync_path: + description: Internal use only. + type: path + default: 'rsync' + required: false + _local_rsync_password: + description: Internal use only, never logged. + type: str + required: false + _substitute_controller: + description: Internal use only. + type: bool + default: false + _ssh_args: + description: Internal use only. See C(use_ssh_args) for ssh arg settings. + type: str + required: false notes: - rsync must be installed on both the local and remote host. @@ -235,7 +252,7 @@ EXAMPLES = r''' src: rsync://somehost.com/path/ dest: /some/absolute/path/ -- name: Synchronization using rsync protocol on delegate host (push) +- name: Synchronization using rsync protocol on delegate host (push) ansible.posix.synchronize: src: /some/absolute/path/ dest: rsync://somehost.com/path/ @@ -362,11 +379,11 @@ def substitute_controller(path): if not client_addr: ssh_env_string = os.environ.get('SSH_CLIENT', None) try: - client_addr, _ = ssh_env_string.split(None, 1) + client_addr, _ = ssh_env_string.split(None, 1) # pylint: disable=disallowed-name except AttributeError: ssh_env_string = os.environ.get('SSH_CONNECTION', None) try: - client_addr, _ = ssh_env_string.split(None, 1) + client_addr, _ = ssh_env_string.split(None, 1) # pylint: disable=disallowed-name except AttributeError: pass if not client_addr: @@ -388,8 +405,8 @@ def is_rsh_needed(source, dest): def main(): module = AnsibleModule( argument_spec=dict( - src=dict(type='str', required=True), - dest=dict(type='str', required=True), + src=dict(type='path', required=True), + dest=dict(type='path', required=True), dest_port=dict(type='int'), delete=dict(type='bool', default=False), private_key=dict(type='path'), @@ -412,13 +429,14 @@ def main(): set_remote_user=dict(type='bool', default=True), rsync_timeout=dict(type='int', default=0), rsync_opts=dict(type='list', default=[], elements='str'), - ssh_args=dict(type='str'), + _ssh_args=dict(type='str'), + use_ssh_args=dict(type='bool', default=False), ssh_connection_multiplexing=dict(type='bool', default=False), partial=dict(type='bool', default=False), verify_host=dict(type='bool', default=False), delay_updates=dict(type='bool', default=True), mode=dict(type='str', default='push', choices=['pull', 'push']), - link_dest=dict(type='list', elements='str'), + link_dest=dict(type='list', elements='path'), ), supports_check_mode=True, ) @@ -454,7 +472,7 @@ def main(): owner = module.params['owner'] group = module.params['group'] rsync_opts = module.params['rsync_opts'] - ssh_args = module.params['ssh_args'] + ssh_args = module.params['_ssh_args'] ssh_connection_multiplexing = module.params['ssh_connection_multiplexing'] verify_host = module.params['verify_host'] link_dest = module.params['link_dest'] @@ -572,7 +590,7 @@ def main(): # hardlink is actually a change cmd.append('-vv') for x in link_dest: - link_path = os.path.abspath(os.path.expanduser(x)) + link_path = os.path.abspath(x) destination_path = os.path.abspath(os.path.dirname(dest)) if destination_path.find(link_path) == 0: module.fail_json(msg='Hardlinking into a subdirectory of the source would cause recursion. %s and %s' % (destination_path, dest)) @@ -581,12 +599,6 @@ def main(): changed_marker = '<>' cmd.append('--out-format=%s' % shlex_quote(changed_marker + '%i %n%L')) - # expand the paths - if '@' not in source: - source = os.path.expanduser(source) - if '@' not in dest: - dest = os.path.expanduser(dest) - cmd.append(shlex_quote(source)) cmd.append(shlex_quote(dest)) cmdstr = ' '.join(cmd) diff --git a/shippable.yml b/shippable.yml index 0eda5dc..823a76b 100644 --- a/shippable.yml +++ b/shippable.yml @@ -1,3 +1,4 @@ +--- language: python env: @@ -15,14 +16,14 @@ matrix: - env: T=2.9/freebsd/12.0/1 - env: T=2.9/linux/centos6/1 - env: T=2.9/linux/centos7/1 -# - env: T=2.9/linux/centos8/1 + # - env: T=2.9/linux/centos8/1 - env: T=2.9/linux/fedora30/1 - env: T=2.9/linux/fedora31/1 - env: T=2.9/linux/opensuse15py2/1 - env: T=2.9/linux/opensuse15/1 - env: T=2.9/linux/ubuntu1604/1 - env: T=2.9/linux/ubuntu1804/1 -# - env: T=2.10/aix/7.2/1 + # - env: T=2.10/aix/7.2/1 - env: T=2.10/osx/10.11/1 - env: T=2.10/rhel/7.6/1 - env: T=2.10/rhel/8.2/1 @@ -30,14 +31,14 @@ matrix: - env: T=2.10/freebsd/12.1/1 - env: T=2.10/linux/centos6/1 - env: T=2.10/linux/centos7/1 -# - env: T=2.10/linux/centos8/1 + # - env: T=2.10/linux/centos8/1 - env: T=2.10/linux/fedora30/1 - env: T=2.10/linux/fedora31/1 - env: T=2.10/linux/opensuse15py2/1 - env: T=2.10/linux/opensuse15/1 - env: T=2.10/linux/ubuntu1604/1 - env: T=2.10/linux/ubuntu1804/1 -# - env: T=devel/aix/7.2/1 + # - env: T=devel/aix/7.2/1 - env: T=devel/osx/10.11/1 - env: T=devel/rhel/7.6/1 - env: T=devel/rhel/8.1/1 @@ -45,7 +46,7 @@ matrix: - env: T=devel/freebsd/12.1/1 - env: T=devel/linux/centos6/1 - env: T=devel/linux/centos7/1 -# - env: T=devel/linux/centos8/1 + # - env: T=devel/linux/centos8/1 - env: T=devel/linux/fedora30/1 - env: T=devel/linux/fedora31/1 - env: T=devel/linux/opensuse15py2/1 @@ -56,7 +57,7 @@ matrix: branches: except: - "*-patch-*" - - "revert-*-*" + - revert-*-* build: ci: diff --git a/tests/integration/requirements.yml b/tests/integration/requirements.yml index 08e2610..8dd5161 100644 --- a/tests/integration/requirements.yml +++ b/tests/integration/requirements.yml @@ -1,3 +1,3 @@ --- collections: -- community.general + - community.general diff --git a/tests/integration/targets/acl/tasks/acl.yml b/tests/integration/targets/acl/tasks/acl.yml index 30cfebb..24846d0 100644 --- a/tests/integration/targets/acl/tasks/acl.yml +++ b/tests/integration/targets/acl/tasks/acl.yml @@ -1,3 +1,4 @@ +--- # (c) 2017, Martin Krizek # This file is part of Ansible @@ -16,35 +17,38 @@ # along with Ansible. If not, see . - name: Create ansible user - user: + ansible.builtin.user: name: "{{ test_user }}" - name: Create ansible group - group: + ansible.builtin.group: name: "{{ test_group }}" - name: Clean up working directory and files - file: + ansible.builtin.file: path: "{{ output_dir }}" state: absent - name: Create working directory - file: + ansible.builtin.file: path: "{{ output_dir }}" state: directory + mode: "0755" - name: Create ansible file - file: + ansible.builtin.file: path: "{{ test_file }}" state: touch + mode: "0644" - name: Create ansible dir - file: + ansible.builtin.file: path: "{{ test_dir }}" state: directory + mode: "0755" ############################################################################## - name: Grant ansible user read access to a file - acl: + ansible.posix.acl: path: "{{ test_file }}" entity: "{{ test_user }}" etype: user @@ -52,12 +56,21 @@ state: present register: output -- name: get getfacl output - shell: "getfacl {{ test_file | quote }}" +- name: Debug ansible.posix.acl output + ansible.builtin.debug: + msg: "{{ output }}" + +- name: Get getfacl output + ansible.builtin.command: getfacl {{ test_file | quote }} + changed_when: false register: getfacl_output -- name: verify output - assert: +- name: Debug getfacl output + ansible.builtin.debug: + msg: "{{ getfacl_output.stdout_lines }}" + +- name: Verify Output + ansible.builtin.assert: that: - output is changed - output is not failed @@ -65,16 +78,25 @@ - "'user:{{ test_user }}:r--' in getfacl_output.stdout_lines" ############################################################################## - name: Obtain the acl for a specific file - acl: + ansible.posix.acl: path: "{{ test_file }}" register: output -- name: get getfacl output - shell: "getfacl {{ test_file | quote }}" +- name: Debug ansible.posix.acl output + ansible.builtin.debug: + msg: "{{ output }}" + +- name: Get getfacl output + ansible.builtin.command: getfacl {{ test_file | quote }} + changed_when: false register: getfacl_output -- name: verify output - assert: +- name: Debug getfacl output + ansible.builtin.debug: + msg: "{{ getfacl_output.stdout_lines }}" + +- name: Verify output + ansible.builtin.assert: that: - output is not changed - output is not failed @@ -89,20 +111,22 @@ - "'mask::r--' in getfacl_output.stdout_lines" - "'other::r--' in getfacl_output.stdout_lines" ############################################################################## +# - name: Removes the acl for ansible user on a specific file - acl: + ansible.posix.acl: path: "{{ test_file }}" entity: "{{ test_user }}" etype: user state: absent register: output -- name: get getfacl output - shell: "getfacl {{ test_file | quote }}" +- name: Get getfacl output + ansible.builtin.command: getfacl {{ test_file | quote }} + changed_when: false register: getfacl_output -- name: verify output - assert: +- name: Verify output + ansible.builtin.assert: that: - output is changed - output is not failed @@ -110,21 +134,22 @@ - "'user:{{ test_user }}:r--' not in getfacl_output.stdout_lines" ############################################################################## - name: Sets default acl for ansible user on ansible dir - acl: + ansible.posix.acl: path: "{{ test_dir }}" entity: "{{ test_user }}" etype: user permissions: rw - default: yes + default: true state: present register: output -- name: get getfacl output - shell: "getfacl {{ test_dir | quote }}" +- name: Get getfacl output + ansible.builtin.command: getfacl {{ test_dir | quote }} + changed_when: false register: getfacl_output -- name: verify output - assert: +- name: Verify output + ansible.builtin.assert: that: - output is changed - output is not failed @@ -132,22 +157,24 @@ - "'default:user:{{ test_user }}:rw-' in getfacl_output.stdout_lines" ############################################################################## - name: Cleanup - shell: "setfacl -b {{ test_dir | quote }}" + ansible.builtin.command: setfacl -b {{ test_dir | quote }} + changed_when: false ############################################################################## - name: Same as previous but using entry shorthand - acl: + ansible.posix.acl: path: "{{ test_dir }}" - entry: "user:{{ test_user }}:rw-" - default: yes + entry: user:{{ test_user }}:rw- + default: true state: present register: output -- name: get getfacl output - shell: "getfacl {{ test_dir | quote }}" +- name: Get getfacl output + ansible.builtin.command: getfacl {{ test_dir | quote }} + changed_when: false register: getfacl_output -- name: verify output - assert: +- name: Verify output + ansible.builtin.assert: that: - output is changed - output is not failed @@ -155,19 +182,20 @@ - "'default:user:{{ test_user }}:rw-' in getfacl_output.stdout_lines" ############################################################################## - name: Same as previous, to test idempotence - acl: + ansible.posix.acl: path: "{{ test_dir }}" - entry: "user:{{ test_user }}:rw-" - default: yes + entry: user:{{ test_user }}:rw- + default: true state: present register: output -- name: get getfacl output - shell: "getfacl {{ test_dir | quote }}" +- name: Get getfacl output + ansible.builtin.command: getfacl {{ test_dir | quote }} + changed_when: false register: getfacl_output -- name: verify output - assert: +- name: Verify output + ansible.builtin.assert: that: - output is not changed - output is not failed @@ -175,32 +203,34 @@ - "'default:user:{{ test_user }}:rw-' in getfacl_output.stdout_lines" ############################################################################## - name: Cleanup - shell: "setfacl -b {{ test_dir | quote }}" + ansible.builtin.command: setfacl -b {{ test_dir | quote }} + changed_when: false ############################################################################## - name: Set default acls - acl: + ansible.posix.acl: path: "{{ test_dir }}" entry: "{{ item }}" - default: yes + default: true state: present with_items: - - "user:{{ test_user }}:rw-" - - "group:{{ test_group }}:rw-" + - user:{{ test_user }}:rw- + - group:{{ test_group }}:rw- - name: Remove default group test_user acl - acl: + ansible.posix.acl: path: "{{ test_dir }}" - entry: "group:{{ test_group }}:rw-" - default: yes + entry: group:{{ test_group }}:rw- + default: true state: absent register: output -- name: get getfacl output - shell: "getfacl {{ test_dir | quote }}" +- name: Get getfacl output + ansible.builtin.command: getfacl {{ test_dir | quote }} + changed_when: false register: getfacl_output -- name: verify output - assert: +- name: Verify output + ansible.builtin.assert: that: - output is changed - output is not failed diff --git a/tests/integration/targets/acl/tasks/main.yml b/tests/integration/targets/acl/tasks/main.yml index 264f04a..d463d22 100644 --- a/tests/integration/targets/acl/tasks/main.yml +++ b/tests/integration/targets/acl/tasks/main.yml @@ -1,3 +1,4 @@ +--- # (c) 2017, Martin Krizek # This file is part of Ansible @@ -15,22 +16,21 @@ # You should have received a copy of the GNU General Public License # along with Ansible. If not, see . -- block: - - - include_tasks: acl.yml - when: ansible_system == 'Linux' # TODO enable acls mount option on FreeBSD to test it there too - - always: - - name: delete created directory and file - file: - path: '{{ item }}' - state: absent - with_items: - - '{{ test_dir }}' - - '{{ test_file }}' - +- name: Test ACL vars: test_user: ansible_user test_group: ansible_group - test_file: '{{ output_dir }}/ansible file' + test_file: "{{ output_dir }}/ansible file" test_dir: "{{ output_dir }}/ansible_dir/with some space" + block: + - name: Include tests task file + ansible.builtin.include_tasks: acl.yml + when: ansible_system == 'Linux' # TODO enable acls mount option on FreeBSD to test it there too + always: + - name: Delete created directory and file + ansible.builtin.file: + path: "{{ item }}" + state: absent + with_items: + - "{{ test_dir }}" + - "{{ test_file }}" diff --git a/tests/integration/targets/at/meta/main.yml b/tests/integration/targets/at/meta/main.yml index 07faa21..8828391 100644 --- a/tests/integration/targets/at/meta/main.yml +++ b/tests/integration/targets/at/meta/main.yml @@ -1,2 +1,3 @@ +--- dependencies: - prepare_tests diff --git a/tests/integration/targets/at/tasks/main.yml b/tests/integration/targets/at/tasks/main.yml index cd09e11..7504e17 100644 --- a/tests/integration/targets/at/tasks/main.yml +++ b/tests/integration/targets/at/tasks/main.yml @@ -1,3 +1,4 @@ +--- # Test code for the at module. # (c) 2017, James Tanner @@ -16,47 +17,56 @@ # You should have received a copy of the GNU General Public License # along with Ansible. If not, see . -- set_fact: output_dir_test={{output_dir}}/at +- name: Set output_dir_test fast + ansible.builtin.set_fact: + output_dir_test: "{{ output_dir }}/at" -- name: make sure our testing sub-directory does not exist - file: path="{{ output_dir_test }}" state=absent +- name: Make sure our testing sub-directory does not exist + ansible.builtin.file: + path: "{{ output_dir_test }}" + state: absent -- name: create our testing sub-directory - file: path="{{ output_dir_test }}" state=directory +- name: Create our testing sub-directory + ansible.builtin.file: + path: "{{ output_dir_test }}" + state: directory + mode: "0755" ## ## at ## -- name: define distros to attempt installing at on - set_fact: +- name: Define distros to attempt installing at on + ansible.builtin.set_fact: package_distros: - - RedHat - - CentOS - - ScientificLinux - - Fedora - - Ubuntu - - Debian - - openSUSE Leap + - RedHat + - CentOS + - ScientificLinux + - Fedora + - Ubuntu + - Debian + - openSUSE Leap -- name: ensure at is installed - package: +- name: Ensure at is installed + ansible.builtin.package: name: at state: present when: ansible_distribution in package_distros -- name: run the first example - at: - command: "ls -d / > /dev/null" +- name: Run the first example + ansible.posix.at: + command: ls -d / > /dev/null count: 20 units: minutes register: at_test0 -- debug: var=at_test0 -- name: validate results - assert: - that: - - 'at_test0.changed is defined' - - 'at_test0.count is defined' - - 'at_test0.script_file is defined' - - 'at_test0.state is defined' - - 'at_test0.units is defined' +- name: Debug var=at_test0 + ansible.builtin.debug: + var: at_test0 +- name: Validate results + ansible.builtin.assert: + that: + - at_test0.changed is defined + - at_test0.count is defined + - at_test0.script_file is defined + - at_test0.state is defined + - at_test0.units is defined diff --git a/tests/integration/targets/authorized_key/defaults/main.yml b/tests/integration/targets/authorized_key/defaults/main.yml index d99e298..1b60f8c 100644 --- a/tests/integration/targets/authorized_key/defaults/main.yml +++ b/tests/integration/targets/authorized_key/defaults/main.yml @@ -1,3 +1,4 @@ +--- dss_key_basic: ssh-dss DATA_BASIC root@testing dss_key_unquoted_option: idle-timeout=5m ssh-dss DATA_UNQUOTED_OPTION root@testing dss_key_command: command="/bin/true" ssh-dss DATA_COMMAND root@testing @@ -8,27 +9,27 @@ dss_key_trailing: ssh-dss DATA_TRAILING root@testing foo bar baz rsa_key_basic: ssh-rsa DATA_BASIC root@testing multiple_key_base: | - ssh-rsa DATA_BASIC 1@testing - ssh-dss DATA_TRAILING 2@testing foo bar baz - ssh-dss DATA_TRAILING 3@testing foo bar baz - ecdsa-sha2-nistp521 ECDSA_DATA 4@testing + ssh-rsa DATA_BASIC 1@testing + ssh-dss DATA_TRAILING 2@testing foo bar baz + ssh-dss DATA_TRAILING 3@testing foo bar baz + ecdsa-sha2-nistp521 ECDSA_DATA 4@testing multiple_key_different_order: | - ssh-dss DATA_TRAILING 2@testing foo bar baz - ssh-dss DATA_TRAILING 3@testing foo bar baz - ssh-rsa DATA_BASIC 1@testing - ecdsa-sha2-nistp521 ECDSA_DATA 4@testing + ssh-dss DATA_TRAILING 2@testing foo bar baz + ssh-dss DATA_TRAILING 3@testing foo bar baz + ssh-rsa DATA_BASIC 1@testing + ecdsa-sha2-nistp521 ECDSA_DATA 4@testing multiple_key_different_order_2: | - ssh-dss DATA_TRAILING 2@testing foo bar baz - ssh-rsa WHATEVER 2.5@testing - ssh-dss DATA_TRAILING 3@testing foo bar baz - ssh-rsa DATA_BASIC 1@testing - ecdsa-sha2-nistp521 ECDSA_DATA 4@testing + ssh-dss DATA_TRAILING 2@testing foo bar baz + ssh-rsa WHATEVER 2.5@testing + ssh-dss DATA_TRAILING 3@testing foo bar baz + ssh-rsa DATA_BASIC 1@testing + ecdsa-sha2-nistp521 ECDSA_DATA 4@testing multiple_key_exclusive: | - ssh-rsa DATA_BASIC 1@testing - ecdsa-sha2-nistp521 ECDSA_DATA 4@testing + ssh-rsa DATA_BASIC 1@testing + ecdsa-sha2-nistp521 ECDSA_DATA 4@testing multiple_keys_comments: | ssh-rsa DATA_BASIC 1@testing diff --git a/tests/integration/targets/authorized_key/meta/main.yml b/tests/integration/targets/authorized_key/meta/main.yml index 07faa21..8828391 100644 --- a/tests/integration/targets/authorized_key/meta/main.yml +++ b/tests/integration/targets/authorized_key/meta/main.yml @@ -1,2 +1,3 @@ +--- dependencies: - prepare_tests diff --git a/tests/integration/targets/authorized_key/tasks/check_mode.yml b/tests/integration/targets/authorized_key/tasks/check_mode.yml index ce51074..6b67949 100644 --- a/tests/integration/targets/authorized_key/tasks/check_mode.yml +++ b/tests/integration/targets/authorized_key/tasks/check_mode.yml @@ -1,34 +1,37 @@ +--- # ------------------------------------------------------------- # check mode - name: CHECK MODE | copy an existing file in place with comments - copy: + ansible.builtin.copy: src: existing_authorized_keys dest: "{{ output_dir | expanduser }}/authorized_keys" + mode: "0600" - name: CHECK MODE | add key in check mode to validate return codes - authorized_key: + ansible.posix.authorized_key: user: root key: "{{ multiple_key_different_order_2 }}" state: present path: "{{ output_dir | expanduser }}/authorized_keys" - check_mode: True + check_mode: true register: result - name: CHECK MODE | assert that authorized_keys return values are consistent - assert: + ansible.builtin.assert: that: - - 'result.changed == True' + - result.changed == True - '"user" in result' - '"key" in result' - name: CHECK MODE | recopy authorized_keys to ensure it was not changed - copy: + ansible.builtin.copy: src: existing_authorized_keys dest: "{{ output_dir | expanduser }}/authorized_keys" + mode: "0600" register: result - name: CHECK MODE | assert that the authorized_keys file was not changed - assert: + ansible.builtin.assert: that: - - 'result.changed == False' + - result.changed == False diff --git a/tests/integration/targets/authorized_key/tasks/comments.yml b/tests/integration/targets/authorized_key/tasks/comments.yml index 6c58961..f75caee 100644 --- a/tests/integration/targets/authorized_key/tasks/comments.yml +++ b/tests/integration/targets/authorized_key/tasks/comments.yml @@ -1,8 +1,9 @@ +--- # ------------------------------------------------------------- # comments - name: Add rsa key with existing comment - authorized_key: + ansible.posix.authorized_key: user: root key: "{{ rsa_key_basic }}" state: present @@ -10,7 +11,7 @@ register: result - name: Change the comment on an existing key - authorized_key: + ansible.posix.authorized_key: user: root key: "{{ rsa_key_basic }}" comment: user@acme.com @@ -18,18 +19,18 @@ path: "{{ output_dir | expanduser }}/authorized_keys" register: result -- name: get the file content - shell: cat "{{ output_dir | expanduser }}/authorized_keys" | fgrep DATA_BASIC - changed_when: no +- name: Get the file content + ansible.builtin.command: fgrep DATA_BASIC "{{ output_dir | expanduser }}/authorized_keys" + changed_when: false register: content - name: Assert that comment on an existing key was changed - assert: + ansible.builtin.assert: that: - "'user@acme.com' in content.stdout" - name: Set the same key with comment to ensure no changes are reported - authorized_key: + ansible.posix.authorized_key: user: root key: "{{ rsa_key_basic }}" comment: user@acme.com @@ -38,11 +39,12 @@ register: result - name: Assert that no changes were made when running again - assert: + ansible.builtin.assert: that: - not result.changed -- debug: +- name: Debug the result and content + ansible.builtin.debug: var: "{{ item }}" verbosity: 1 with_items: diff --git a/tests/integration/targets/authorized_key/tasks/main.yml b/tests/integration/targets/authorized_key/tasks/main.yml index 70752cf..6a22838 100644 --- a/tests/integration/targets/authorized_key/tasks/main.yml +++ b/tests/integration/targets/authorized_key/tasks/main.yml @@ -1,3 +1,4 @@ +--- # test code for the authorized_key module # - (c) 2014, James Cammarata # - (c) 2021, Hideki Saito @@ -17,16 +18,16 @@ # along with Ansible. If not, see . - name: Setup testing environment - import_tasks: setup_steps.yml + ansible.builtin.import_tasks: setup_steps.yml - name: Test for multiple keys handling - import_tasks: multiple_keys.yml + ansible.builtin.import_tasks: multiple_keys.yml - name: Test for ssh-dss key handling - import_tasks: ssh_dss.yml + ansible.builtin.import_tasks: ssh_dss.yml - name: Test for check mode - import_tasks: check_mode.yml + ansible.builtin.import_tasks: check_mode.yml - name: Test for the management of comments with key - import_tasks: comments.yml + ansible.builtin.import_tasks: comments.yml diff --git a/tests/integration/targets/authorized_key/tasks/multiple_keys.yml b/tests/integration/targets/authorized_key/tasks/multiple_keys.yml index fc57dea..e03abe5 100644 --- a/tests/integration/targets/authorized_key/tasks/multiple_keys.yml +++ b/tests/integration/targets/authorized_key/tasks/multiple_keys.yml @@ -1,38 +1,39 @@ +--- # ------------------------------------------------------------- # multiple keys -- name: add multiple keys - authorized_key: +- name: Add multiple keys + ansible.posix.authorized_key: user: root key: "{{ multiple_key_base }}" state: present path: "{{ output_dir | expanduser }}/authorized_keys" register: result -- name: assert that the key was added - assert: +- name: Assert that the key was added + ansible.builtin.assert: that: - - 'result.changed == True' - - 'result.key == multiple_key_base' - - 'result.key_options == None' + - result.changed == True + - result.key == multiple_key_base + - result.key_options == None -- name: add multiple keys different order - authorized_key: +- name: Add multiple keys different order + ansible.posix.authorized_key: user: root key: "{{ multiple_key_different_order }}" state: present path: "{{ output_dir | expanduser }}/authorized_keys" register: result -- name: assert that the key was added - assert: +- name: Assert that the key was added + ansible.builtin.assert: that: - - 'result.changed == True' - - 'result.key == multiple_key_different_order' - - 'result.key_options == None' + - result.changed == True + - result.key == multiple_key_different_order + - result.key_options == None -- name: add multiple keys exclusive - authorized_key: +- name: Add multiple keys exclusive + ansible.posix.authorized_key: user: root key: "{{ multiple_key_exclusive }}" state: present @@ -40,42 +41,42 @@ exclusive: true register: result -- name: assert that the key was added - assert: +- name: Assert that the key was added + ansible.builtin.assert: that: - - 'result.changed == True' - - 'result.key == multiple_key_exclusive' - - 'result.key_options == None' + - result.changed == True + - result.key == multiple_key_exclusive + - result.key_options == None -- name: add multiple keys in different calls - authorized_key: +- name: Add multiple keys in different calls + ansible.posix.authorized_key: user: root - key: "ecdsa-sha2-nistp521 ECDSA_DATA 4@testing" + key: ecdsa-sha2-nistp521 ECDSA_DATA 4@testing state: present path: "{{ output_dir | expanduser }}/authorized_keys" register: result -- name: add multiple keys in different calls - authorized_key: +- name: Add multiple keys in different calls + ansible.posix.authorized_key: user: root - key: "ssh-rsa DATA_BASIC 1@testing" + key: ssh-rsa DATA_BASIC 1@testing state: present path: "{{ output_dir | expanduser }}/authorized_keys" register: result -- name: get the file content - shell: cat "{{ output_dir | expanduser }}/authorized_keys" - changed_when: no +- name: Get the file content + ansible.builtin.command: /bin/cat "{{ output_dir | expanduser }}/authorized_keys" + changed_when: false register: multiple_keys_at_a_time -- name: assert that the key was added - assert: +- name: Assert that the key was added + ansible.builtin.assert: that: - - 'result.changed == false' - - 'multiple_keys_at_a_time.stdout == multiple_key_exclusive.strip()' + - result.changed == false + - multiple_keys_at_a_time.stdout == multiple_key_exclusive.strip() -- name: add multiple keys comment - authorized_key: +- name: Add multiple keys comment + ansible.posix.authorized_key: user: root key: "{{ multiple_keys_comments }}" state: present @@ -83,14 +84,14 @@ exclusive: true register: result -- name: get the file content - shell: cat "{{ output_dir | expanduser }}/authorized_keys" - changed_when: no +- name: Get the file content + ansible.builtin.command: /bin/cat "{{ output_dir | expanduser }}/authorized_keys" + changed_when: false register: multiple_keys_comments -- name: assert that the keys exist and comment only lines were not added - assert: +- name: Assert that the keys exist and comment only lines were not added + ansible.builtin.assert: that: - - 'result.changed == False' - - 'multiple_keys_comments.stdout == multiple_key_exclusive.strip()' - - 'result.key_options == None' + - result.changed == False + - multiple_keys_comments.stdout == multiple_key_exclusive.strip() + - result.key_options == None diff --git a/tests/integration/targets/authorized_key/tasks/setup_steps.yml b/tests/integration/targets/authorized_key/tasks/setup_steps.yml index 2144b7a..30a8914 100644 --- a/tests/integration/targets/authorized_key/tasks/setup_steps.yml +++ b/tests/integration/targets/authorized_key/tasks/setup_steps.yml @@ -1,37 +1,40 @@ +--- # ------------------------------------------------------------- # Setup steps - name: Clean up the working directory and files - file: - path: '{{ output_dir }}' + ansible.builtin.file: + path: "{{ output_dir }}" state: absent - name: Create the working directory - file: - path: '{{ output_dir }}' + ansible.builtin.file: + path: "{{ output_dir }}" state: directory + mode: "0744" -- name: copy an existing file in place with comments - copy: +- name: Copy an existing file in place with comments + ansible.builtin.copy: src: existing_authorized_keys dest: "{{ output_dir | expanduser }}/authorized_keys" + mode: "0600" -- name: add multiple keys different order - authorized_key: +- name: Add multiple keys different order + ansible.posix.authorized_key: user: root key: "{{ multiple_key_different_order_2 }}" state: present path: "{{ output_dir | expanduser }}/authorized_keys" register: result -- name: get the file content - shell: cat "{{ output_dir | expanduser }}/authorized_keys" - changed_when: no +- name: Get the file content + ansible.builtin.command: /bin/cat "{{ output_dir | expanduser }}/authorized_keys" + changed_when: false register: multiple_keys_existing -- name: assert that the key was added and comments and ordering preserved - assert: +- name: Assert that the key was added and comments and ordering preserved + ansible.builtin.assert: that: - - 'result.changed == True' + - result.changed == True - '"# I like candy" in multiple_keys_existing.stdout' - '"# I like candy" in multiple_keys_existing.stdout_lines[0]' - '"ssh-rsa DATA_BASIC 1@testing" in multiple_keys_existing.stdout' @@ -41,19 +44,20 @@ # start afresh -- name: remove file foo.txt - file: +- name: Remove file foo.txt + ansible.builtin.file: path: "{{ output_dir | expanduser }}/authorized_keys" state: absent -- name: touch the authorized_keys file - file: +- name: Touch the authorized_keys file + ansible.builtin.file: dest: "{{ output_dir }}/authorized_keys" state: touch + mode: "0600" register: result -- name: assert that the authorized_keys file was created - assert: +- name: Assert that the authorized_keys file was created + ansible.builtin.assert: that: - - 'result.changed == True' - - 'result.state == "file"' + - result.changed == True + - result.state == "file" diff --git a/tests/integration/targets/authorized_key/tasks/ssh_dss.yml b/tests/integration/targets/authorized_key/tasks/ssh_dss.yml index 1683f99..537af8c 100644 --- a/tests/integration/targets/authorized_key/tasks/ssh_dss.yml +++ b/tests/integration/targets/authorized_key/tasks/ssh_dss.yml @@ -1,241 +1,250 @@ +--- # ------------------------------------------------------------- # basic ssh-dss key -- name: add basic ssh-dss key - authorized_key: user=root key="{{ dss_key_basic }}" state=present path="{{ output_dir | expanduser }}/authorized_keys" +- name: Add basic ssh-dss key + ansible.posix.authorized_key: + user: root + key: "{{ dss_key_basic }}" + state: present + path: "{{ output_dir | expanduser }}/authorized_keys" register: result -- name: assert that the key was added - assert: +- name: Assert that the key was added + ansible.builtin.assert: that: - - 'result.changed == True' - - 'result.key == dss_key_basic' - - 'result.key_options == None' + - result.changed == True + - result.key == dss_key_basic + - result.key_options == None -- name: re-add basic ssh-dss key - authorized_key: user=root key="{{ dss_key_basic }}" state=present path="{{ output_dir | expanduser }}/authorized_keys" +- name: Re-add basic ssh-dss key + ansible.posix.authorized_key: + user: root + key: "{{ dss_key_basic }}" + state: present + path: "{{ output_dir | expanduser }}/authorized_keys" register: result -- name: assert that nothing changed - assert: +- name: Assert that nothing changed + ansible.builtin.assert: that: - - 'result.changed == False' + - result.changed == False # ------------------------------------------------------------- # ssh-dss key with an unquoted option -- name: add ssh-dss key with an unquoted option - authorized_key: +- name: Add ssh-dss key with an unquoted option + ansible.posix.authorized_key: user: root key: "{{ dss_key_unquoted_option }}" state: present path: "{{ output_dir | expanduser }}/authorized_keys" register: result -- name: assert that the key was added - assert: +- name: Assert that the key was added + ansible.builtin.assert: that: - - 'result.changed == True' - - 'result.key == dss_key_unquoted_option' - - 'result.key_options == None' + - result.changed == True + - result.key == dss_key_unquoted_option + - result.key_options == None -- name: re-add ssh-dss key with an unquoted option - authorized_key: +- name: Re-add ssh-dss key with an unquoted option + ansible.posix.authorized_key: user: root key: "{{ dss_key_unquoted_option }}" state: present path: "{{ output_dir | expanduser }}/authorized_keys" register: result -- name: assert that nothing changed - assert: +- name: Assert that nothing changed + ansible.builtin.assert: that: - - 'result.changed == False' + - result.changed == False # ------------------------------------------------------------- # ssh-dss key with a leading command="/bin/foo" -- name: add ssh-dss key with a leading command - authorized_key: +- name: Add ssh-dss key with a leading command + ansible.posix.authorized_key: user: root key: "{{ dss_key_command }}" state: present path: "{{ output_dir | expanduser }}/authorized_keys" register: result -- name: assert that the key was added - assert: +- name: Assert that the key was added + ansible.builtin.assert: that: - - 'result.changed == True' - - 'result.key == dss_key_command' - - 'result.key_options == None' + - result.changed == True + - result.key == dss_key_command + - result.key_options == None -- name: re-add ssh-dss key with a leading command - authorized_key: +- name: Re-add ssh-dss key with a leading command + ansible.posix.authorized_key: user: root key: "{{ dss_key_command }}" state: present path: "{{ output_dir | expanduser }}/authorized_keys" register: result -- name: assert that nothing changed - assert: +- name: Assert that nothing changed + ansible.builtin.assert: that: - - 'result.changed == False' + - result.changed == False # ------------------------------------------------------------- # ssh-dss key with a complex quoted leading command # ie. command="/bin/echo foo 'bar baz'" -- name: add ssh-dss key with a complex quoted leading command - authorized_key: +- name: Add ssh-dss key with a complex quoted leading command + ansible.posix.authorized_key: user: root key: "{{ dss_key_complex_command }}" state: present path: "{{ output_dir | expanduser }}/authorized_keys" register: result -- name: assert that the key was added - assert: +- name: Assert that the key was added + ansible.builtin.assert: that: - - 'result.changed == True' - - 'result.key == dss_key_complex_command' - - 'result.key_options == None' + - result.changed == True + - result.key == dss_key_complex_command + - result.key_options == None -- name: re-add ssh-dss key with a complex quoted leading command - authorized_key: +- name: Re-add ssh-dss key with a complex quoted leading command + ansible.posix.authorized_key: user: root key: "{{ dss_key_complex_command }}" state: present path: "{{ output_dir | expanduser }}/authorized_keys" register: result -- name: assert that nothing changed - assert: +- name: Assert that nothing changed + ansible.builtin.assert: that: - - 'result.changed == False' + - result.changed == False # ------------------------------------------------------------- # ssh-dss key with a command and a single option, which are # in a comma-separated list -- name: add ssh-dss key with a command and a single option - authorized_key: +- name: Add ssh-dss key with a command and a single option + ansible.posix.authorized_key: user: root key: "{{ dss_key_command_single_option }}" state: present path: "{{ output_dir | expanduser }}/authorized_keys" register: result -- name: assert that the key was added - assert: +- name: Assert that the key was added + ansible.builtin.assert: that: - - 'result.changed == True' - - 'result.key == dss_key_command_single_option' - - 'result.key_options == None' + - result.changed == True + - result.key == dss_key_command_single_option + - result.key_options == None -- name: re-add ssh-dss key with a command and a single option - authorized_key: +- name: Re-add ssh-dss key with a command and a single option + ansible.posix.authorized_key: user: root key: "{{ dss_key_command_single_option }}" state: present path: "{{ output_dir | expanduser }}/authorized_keys" register: result -- name: assert that nothing changed - assert: +- name: Assert that nothing changed + ansible.builtin.assert: that: - - 'result.changed == False' + - result.changed == False # ------------------------------------------------------------- # ssh-dss key with a command and multiple other options -- name: add ssh-dss key with a command and multiple options - authorized_key: +- name: Add ssh-dss key with a command and multiple options + ansible.posix.authorized_key: user: root key: "{{ dss_key_command_multiple_options }}" state: present path: "{{ output_dir | expanduser }}/authorized_keys" register: result -- name: assert that the key was added - assert: +- name: Assert that the key was added + ansible.builtin.assert: that: - - 'result.changed == True' - - 'result.key == dss_key_command_multiple_options' - - 'result.key_options == None' + - result.changed == True + - result.key == dss_key_command_multiple_options + - result.key_options == None -- name: re-add ssh-dss key with a command and multiple options - authorized_key: +- name: Re-add ssh-dss key with a command and multiple options + ansible.posix.authorized_key: user: root key: "{{ dss_key_command_multiple_options }}" state: present path: "{{ output_dir | expanduser }}/authorized_keys" register: result -- name: assert that nothing changed - assert: +- name: Assert that nothing changed + ansible.builtin.assert: that: - - 'result.changed == False' + - result.changed == False # ------------------------------------------------------------- # ssh-dss key with multiple trailing parts, which are space- # separated and not quoted in any way -- name: add ssh-dss key with trailing parts - authorized_key: +- name: Add ssh-dss key with trailing parts + ansible.posix.authorized_key: user: root key: "{{ dss_key_trailing }}" state: present path: "{{ output_dir | expanduser }}/authorized_keys" register: result -- name: assert that the key was added - assert: +- name: Assert that the key was added + ansible.builtin.assert: that: - - 'result.changed == True' - - 'result.key == dss_key_trailing' - - 'result.key_options == None' + - result.changed == True + - result.key == dss_key_trailing + - result.key_options == None -- name: re-add ssh-dss key with trailing parts - authorized_key: +- name: Re-add ssh-dss key with trailing parts + ansible.posix.authorized_key: user: root key: "{{ dss_key_trailing }}" state: present path: "{{ output_dir | expanduser }}/authorized_keys" register: result -- name: assert that nothing changed - assert: +- name: Assert that nothing changed + ansible.builtin.assert: that: - - 'result.changed == False' + - result.changed == False # ------------------------------------------------------------- # basic ssh-dss key with mutliple permit-open options # https://github.com/ansible/ansible-modules-core/issues/1715 -- name: add basic ssh-dss key with multi-opts - authorized_key: +- name: Add basic ssh-dss key with multi-opts + ansible.posix.authorized_key: user: root key: "{{ dss_key_basic }}" - key_options: 'no-agent-forwarding,no-X11-forwarding,permitopen="10.9.8.1:8080",permitopen="10.9.8.1:9001"' + key_options: no-agent-forwarding,no-X11-forwarding,permitopen="10.9.8.1:8080",permitopen="10.9.8.1:9001" state: present path: "{{ output_dir | expanduser }}/authorized_keys" register: result -- name: assert that the key with multi-opts was added - assert: +- name: Assert that the key with multi-opts was added + ansible.builtin.assert: that: - - 'result.changed == True' - - 'result.key == dss_key_basic' - - 'result.key_options == "no-agent-forwarding,no-X11-forwarding,permitopen=\"10.9.8.1:8080\",permitopen=\"10.9.8.1:9001\""' + - result.changed == True + - result.key == dss_key_basic + - result.key_options == "no-agent-forwarding,no-X11-forwarding,permitopen=\"10.9.8.1:8080\",permitopen=\"10.9.8.1:9001\"" -- name: get the file content - shell: cat "{{ output_dir | expanduser }}/authorized_keys" | fgrep DATA_BASIC - changed_when: no +- name: Get the file content + ansible.builtin.command: fgrep DATA_BASIC "{{ output_dir | expanduser }}/authorized_keys" + changed_when: false register: content -- name: validate content - assert: +- name: Validate content + ansible.builtin.assert: that: - - 'content.stdout == "no-agent-forwarding,no-X11-forwarding,permitopen=\"10.9.8.1:8080\",permitopen=\"10.9.8.1:9001\" ssh-dss DATA_BASIC root@testing"' + - content.stdout == "no-agent-forwarding,no-X11-forwarding,permitopen=\"10.9.8.1:8080\",permitopen=\"10.9.8.1:9001\" ssh-dss DATA_BASIC root@testing" diff --git a/tests/integration/targets/firewalld/meta/main.yml b/tests/integration/targets/firewalld/meta/main.yml index 5438ced..b63c3d0 100644 --- a/tests/integration/targets/firewalld/meta/main.yml +++ b/tests/integration/targets/firewalld/meta/main.yml @@ -1,2 +1,3 @@ +--- dependencies: - setup_pkg_mgr diff --git a/tests/integration/targets/firewalld/tasks/icmp_block_inversion_test_cases.yml b/tests/integration/targets/firewalld/tasks/icmp_block_inversion_test_cases.yml index 62fcbe4..3bd5bf0 100644 --- a/tests/integration/targets/firewalld/tasks/icmp_block_inversion_test_cases.yml +++ b/tests/integration/targets/firewalld/tasks/icmp_block_inversion_test_cases.yml @@ -1,172 +1,173 @@ +--- # Test playbook for the firewalld module - icmp block inversion operations # (c) 2022, Gregory Furlong # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) - name: Icmp block inversion enabled when icmp block inversion is truthy and state is enabled block: - - name: Testing enable icmp block inversion - ansible.posix.firewalld: - zone: trusted - icmp_block_inversion: yes - permanent: yes - state: enabled - register: result + - name: Testing enable icmp block inversion + ansible.posix.firewalld: + zone: trusted + icmp_block_inversion: true + permanent: true + state: enabled + register: result - - name: assert icmp block inversion is enabled - assert: - that: - - result is changed + - name: Assert icmp block inversion is enabled + ansible.builtin.assert: + that: + - result is changed - - name: Testing enable icmp block inversion (verify not changed) - ansible.posix.firewalld: - zone: trusted - icmp_block_inversion: yes - permanent: yes - state: enabled - register: result + - name: Testing enable icmp block inversion (verify not changed) + ansible.posix.firewalld: + zone: trusted + icmp_block_inversion: true + permanent: true + state: enabled + register: result - - name: assert icmp block inversion is enabled (verify not changed) - assert: - that: - - result is not changed + - name: Assert icmp block inversion is enabled (verify not changed) + ansible.builtin.assert: + that: + - result is not changed - name: Icmp block inversion disabled when icmp block inversion is falsy and state is enabled block: - - name: Testing disable icmp block inversion - ansible.posix.firewalld: - zone: trusted - icmp_block_inversion: no - permanent: yes - state: enabled - register: result + - name: Testing disable icmp block inversion + ansible.posix.firewalld: + zone: trusted + icmp_block_inversion: false + permanent: true + state: enabled + register: result - - name: assert icmp block inversion is disabled - assert: - that: - - result is changed + - name: Assert icmp block inversion is disabled + ansible.builtin.assert: + that: + - result is changed - - name: Testing disable icmp block inversion (verify not changed) - ansible.posix.firewalld: - zone: trusted - icmp_block_inversion: no - permanent: yes - state: enabled - register: result + - name: Testing disable icmp block inversion (verify not changed) + ansible.posix.firewalld: + zone: trusted + icmp_block_inversion: false + permanent: true + state: enabled + register: result - - name: assert icmp block inversion is disabled (verify not changed) - assert: - that: - - result is not changed + - name: Assert icmp block inversion is disabled (verify not changed) + ansible.builtin.assert: + that: + - result is not changed - name: Icmp block inversion enabled when icmp block inversion is falsy and state is disabled block: - - name: Testing enable icmp block inversion - ansible.posix.firewalld: - zone: trusted - icmp_block_inversion: no - permanent: yes - state: disabled - register: result + - name: Testing enable icmp block inversion + ansible.posix.firewalld: + zone: trusted + icmp_block_inversion: false + permanent: true + state: disabled + register: result - - name: assert icmp block inversion is enabled - assert: - that: - - result is changed + - name: Assert icmp block inversion is enabled + ansible.builtin.assert: + that: + - result is changed - - name: Testing enable icmp block inversion (verify not changed) - ansible.posix.firewalld: - zone: trusted - icmp_block_inversion: no - permanent: yes - state: disabled - register: result + - name: Testing enable icmp block inversion (verify not changed) + ansible.posix.firewalld: + zone: trusted + icmp_block_inversion: false + permanent: true + state: disabled + register: result - - name: assert icmp block inversion is enabled (verify not changed) - assert: - that: - - result is not changed + - name: Assert icmp block inversion is enabled (verify not changed) + ansible.builtin.assert: + that: + - result is not changed - name: Icmp block inversion disabled when icmp block inversion is truthy and state is disabled block: - - name: Testing disable icmp block inversion - ansible.posix.firewalld: - zone: trusted - icmp_block_inversion: yes - permanent: yes - state: disabled - register: result + - name: Testing disable icmp block inversion + ansible.posix.firewalld: + zone: trusted + icmp_block_inversion: true + permanent: true + state: disabled + register: result - - name: assert icmp block inversion is disabled - assert: - that: - - result is changed + - name: Assert icmp block inversion is disabled + ansible.builtin.assert: + that: + - result is changed - - name: Testing disable icmp block inversion (verify not changed) - ansible.posix.firewalld: - zone: trusted - icmp_block_inversion: yes - permanent: yes - state: disabled - register: result + - name: Testing disable icmp block inversion (verify not changed) + ansible.posix.firewalld: + zone: trusted + icmp_block_inversion: true + permanent: true + state: disabled + register: result - - name: assert icmp block inversion is disabled (verify not changed) - assert: - that: - - result is not changed + - name: Assert icmp block inversion is disabled (verify not changed) + ansible.builtin.assert: + that: + - result is not changed # Validate backwards compatible behavior until icmp block inversion is switched from string to boolean type - name: Icmp block inversion enabled when icmp block inversion is non-boolean string and state is enabled block: - - name: Testing enable icmp block inversion - ansible.posix.firewalld: - zone: trusted - icmp_block_inversion: 'some string' - permanent: yes - state: enabled - register: result + - name: Testing enable icmp block inversion + ansible.posix.firewalld: + zone: trusted + icmp_block_inversion: some string + permanent: true + state: enabled + register: result - - name: assert icmp block inversion is enabled - assert: - that: - - result is changed + - name: Assert icmp block inversion is enabled + ansible.builtin.assert: + that: + - result is changed - - name: Testing enable icmp block inversion (verify not changed) - ansible.posix.firewalld: - zone: trusted - icmp_block_inversion: 'some string' - permanent: yes - state: enabled - register: result + - name: Testing enable icmp block inversion (verify not changed) + ansible.posix.firewalld: + zone: trusted + icmp_block_inversion: some string + permanent: true + state: enabled + register: result - - name: assert icmp block inversion is enabled (verify not changed) - assert: - that: - - result is not changed + - name: Assert icmp block inversion is enabled (verify not changed) + ansible.builtin.assert: + that: + - result is not changed - name: Icmp block inversion disabled when icmp block inversion is non-boolean string and state is disabled block: - - name: Testing disable icmp block inversion - ansible.posix.firewalld: - zone: trusted - icmp_block_inversion: 'some string' - permanent: yes - state: disabled - register: result + - name: Testing disable icmp block inversion + ansible.posix.firewalld: + zone: trusted + icmp_block_inversion: some string + permanent: true + state: disabled + register: result - - name: assert icmp block inversion is disabled - assert: - that: - - result is changed + - name: Assert icmp block inversion is disabled + ansible.builtin.assert: + that: + - result is changed - - name: Testing disable icmp block inversion (verify not changed) - ansible.posix.firewalld: - zone: trusted - icmp_block_inversion: 'some string' - permanent: yes - state: disabled - register: result + - name: Testing disable icmp block inversion (verify not changed) + ansible.posix.firewalld: + zone: trusted + icmp_block_inversion: some string + permanent: true + state: disabled + register: result - - name: assert icmp block inversion is disabled (verify not changed) - assert: - that: - - result is not changed + - name: Assert icmp block inversion is disabled (verify not changed) + ansible.builtin.assert: + that: + - result is not changed diff --git a/tests/integration/targets/firewalld/tasks/interface_test_cases.yml b/tests/integration/targets/firewalld/tasks/interface_test_cases.yml index e7130f7..64bbc65 100644 --- a/tests/integration/targets/firewalld/tasks/interface_test_cases.yml +++ b/tests/integration/targets/firewalld/tasks/interface_test_cases.yml @@ -1,87 +1,88 @@ +--- # Test playbook for the firewalld module - interface operations # (c) 2022, Gregory Furlong # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) - name: Validate adding interface block: - - name: Add lo interface to trusted zone - ansible.posix.firewalld: - interface: lo - zone: trusted - permanent: Yes - state: enabled - register: result + - name: Add lo interface to trusted zone + ansible.posix.firewalld: + interface: lo + zone: trusted + permanent: true + state: enabled + register: result - - name: assert lo was added to trusted zone - assert: - that: - - result is changed + - name: Assert lo was added to trusted zone + ansible.builtin.assert: + that: + - result is changed - - name: Add lo interface to trusted zone (verify not changed) - ansible.posix.firewalld: - interface: lo - zone: trusted - permanent: Yes - state: enabled - register: result + - name: Add lo interface to trusted zone (verify not changed) + ansible.posix.firewalld: + interface: lo + zone: trusted + permanent: true + state: enabled + register: result - - name: assert lo was added to trusted zone (verify not changed) - assert: - that: - - result is not changed + - name: Assert lo was added to trusted zone (verify not changed) + ansible.builtin.assert: + that: + - result is not changed - name: Validate moving interfaces block: - - name: Move lo interface from trusted zone to internal zone - ansible.posix.firewalld: - interface: lo - zone: internal - permanent: Yes - state: enabled - register: result + - name: Move lo interface from trusted zone to internal zone + ansible.posix.firewalld: + interface: lo + zone: internal + permanent: true + state: enabled + register: result - - name: Assert lo was moved from trusted zone to internal zone - assert: - that: - - result is changed + - name: Assert lo was moved from trusted zone to internal zone + ansible.builtin.assert: + that: + - result is changed - - name: Move lo interface from trusted zone to internal zone (verify not changed) - ansible.posix.firewalld: - interface: lo - zone: internal - permanent: Yes - state: enabled - register: result + - name: Move lo interface from trusted zone to internal zone (verify not changed) + ansible.posix.firewalld: + interface: lo + zone: internal + permanent: true + state: enabled + register: result - - name: assert lo was moved from trusted zone to internal zone (verify not changed) - assert: - that: - - result is not changed + - name: Assert lo was moved from trusted zone to internal zone (verify not changed) + ansible.builtin.assert: + that: + - result is not changed - name: Validate removing interface block: - - name: Remove lo interface from internal zone - ansible.posix.firewalld: - interface: lo - zone: internal - permanent: Yes - state: disabled - register: result + - name: Remove lo interface from internal zone + ansible.posix.firewalld: + interface: lo + zone: internal + permanent: true + state: disabled + register: result - - name: Assert lo interface was removed from internal zone - assert: - that: - - result is changed + - name: Assert lo interface was removed from internal zone + ansible.builtin.assert: + that: + - result is changed - - name: Remove lo interface from internal zone (verify not changed) - ansible.posix.firewalld: - interface: lo - zone: internal - permanent: Yes - state: disabled - register: result + - name: Remove lo interface from internal zone (verify not changed) + ansible.posix.firewalld: + interface: lo + zone: internal + permanent: true + state: disabled + register: result - - name: Assert lo interface was removed from internal zone (verify not changed) - assert: - that: - - result is not changed + - name: Assert lo interface was removed from internal zone (verify not changed) + ansible.builtin.assert: + that: + - result is not changed diff --git a/tests/integration/targets/firewalld/tasks/main.yml b/tests/integration/targets/firewalld/tasks/main.yml index 5f81c62..b19c28f 100644 --- a/tests/integration/targets/firewalld/tasks/main.yml +++ b/tests/integration/targets/firewalld/tasks/main.yml @@ -1,17 +1,24 @@ +--- # Test playbook for the firewalld module # (c) 2017, Adam Miller # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) - name: Run firewalld tests + when: + - ansible_facts.os_family == "RedHat" and ansible_facts.distribution_major_version is version('7', '>=') + - not (ansible_distribution == "Ubuntu" and ansible_distribution_version is version('14.04', '==')) + # Firewalld package on OpenSUSE (15+) require Python 3, so we skip on OpenSUSE running py2 on these newer distros + - not (ansible_os_family == "Suse" and ansible_distribution_major_version|int != 42 and ansible_python.version.major != 3) + - not (ansible_facts.distribution == "CentOS" and ansible_distribution_major_version is version('7', '==')) # FIXME block: - name: Ensure firewalld is installed - package: + ansible.builtin.package: name: firewalld state: present - # This doesn't work for CentOS 6 because firewalld doesn't exist in CentOS6 + # This doesn't work for CentOS 6 because firewalld doesn't exist in CentOS6 - name: Enable dbus-broker daemon - service: + ansible.builtin.service: name: dbus-broker enabled: true state: started @@ -19,25 +26,20 @@ - name: Test Online Operations block: - - name: start firewalld - service: + - name: Start firewalld + ansible.builtin.service: name: firewalld state: started - - import_tasks: run_all_tests.yml + - name: Import test tasks + ansible.builtin.import_tasks: run_all_tests.yml - name: Test Offline Operations block: - - name: stop firewalld - service: + - name: Stop firewalld + ansible.builtin.service: name: firewalld state: stopped - - import_tasks: run_all_tests.yml - - when: - - ansible_facts.os_family == "RedHat" and ansible_facts.distribution_major_version is version('7', '>=') - - not (ansible_distribution == "Ubuntu" and ansible_distribution_version is version('14.04', '==')) - # Firewalld package on OpenSUSE (15+) require Python 3, so we skip on OpenSUSE running py2 on these newer distros - - not (ansible_os_family == "Suse" and ansible_distribution_major_version|int != 42 and ansible_python.version.major != 3) - - not (ansible_facts.distribution == "CentOS" and ansible_distribution_major_version is version('7', '==')) # FIXME + - name: Import test tasks + ansible.builtin.import_tasks: run_all_tests.yml diff --git a/tests/integration/targets/firewalld/tasks/masquerade_test_cases.yml b/tests/integration/targets/firewalld/tasks/masquerade_test_cases.yml index 860378f..82d321e 100644 --- a/tests/integration/targets/firewalld/tasks/masquerade_test_cases.yml +++ b/tests/integration/targets/firewalld/tasks/masquerade_test_cases.yml @@ -1,172 +1,173 @@ +--- # Test playbook for the firewalld module - masquerade operations # (c) 2022, Gregory Furlong # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) - name: Masquerade enabled when masquerade is truthy and state is enabled block: - - name: Testing enable masquerade - ansible.posix.firewalld: - zone: trusted - masquerade: yes - permanent: yes - state: enabled - register: result + - name: Testing enable masquerade + ansible.posix.firewalld: + zone: trusted + masquerade: true + permanent: true + state: enabled + register: result - - name: assert masquerade is enabled - assert: - that: - - result is changed + - name: Assert masquerade is enabled + ansible.builtin.assert: + that: + - result is changed - - name: Testing enable masquerade (verify not changed) - ansible.posix.firewalld: - zone: trusted - masquerade: yes - permanent: yes - state: enabled - register: result + - name: Testing enable masquerade (verify not changed) + ansible.posix.firewalld: + zone: trusted + masquerade: true + permanent: true + state: enabled + register: result - - name: assert masquerade is enabled (verify not changed) - assert: - that: - - result is not changed + - name: Assert masquerade is enabled (verify not changed) + ansible.builtin.assert: + that: + - result is not changed - name: Masquerade disabled when masquerade is falsy and state is enabled block: - - name: Testing disable masquerade - ansible.posix.firewalld: - zone: trusted - masquerade: no - permanent: yes - state: enabled - register: result + - name: Testing disable masquerade + ansible.posix.firewalld: + zone: trusted + masquerade: false + permanent: true + state: enabled + register: result - - name: assert masquerade is disabled - assert: - that: - - result is changed + - name: Assert masquerade is disabled + ansible.builtin.assert: + that: + - result is changed - - name: Testing disable masquerade (verify not changed) - ansible.posix.firewalld: - zone: trusted - masquerade: no - permanent: yes - state: enabled - register: result + - name: Testing disable masquerade (verify not changed) + ansible.posix.firewalld: + zone: trusted + masquerade: false + permanent: true + state: enabled + register: result - - name: assert masquerade is disabled (verify not changed) - assert: - that: - - result is not changed + - name: Assert masquerade is disabled (verify not changed) + ansible.builtin.assert: + that: + - result is not changed - name: Masquerade enabled when masquerade is falsy and state is disabled block: - - name: Testing enable masquerade - ansible.posix.firewalld: - zone: trusted - masquerade: no - permanent: yes - state: disabled - register: result + - name: Testing enable masquerade + ansible.posix.firewalld: + zone: trusted + masquerade: false + permanent: true + state: disabled + register: result - - name: assert masquerade is enabled - assert: - that: - - result is changed + - name: Assert masquerade is enabled + ansible.builtin.assert: + that: + - result is changed - - name: Testing enable masquerade (verify not changed) - ansible.posix.firewalld: - zone: trusted - masquerade: no - permanent: yes - state: disabled - register: result + - name: Testing enable masquerade (verify not changed) + ansible.posix.firewalld: + zone: trusted + masquerade: false + permanent: true + state: disabled + register: result - - name: assert masquerade is enabled (verify not changed) - assert: - that: - - result is not changed + - name: Assert masquerade is enabled (verify not changed) + ansible.builtin.assert: + that: + - result is not changed - name: Masquerade disabled when masquerade is truthy and state is disabled block: - - name: Testing disable masquerade - ansible.posix.firewalld: - zone: trusted - masquerade: yes - permanent: yes - state: disabled - register: result + - name: Testing disable masquerade + ansible.posix.firewalld: + zone: trusted + masquerade: true + permanent: true + state: disabled + register: result - - name: assert masquerade is disabled - assert: - that: - - result is changed + - name: Assert masquerade is disabled + ansible.builtin.assert: + that: + - result is changed - - name: Testing disable masquerade (verify not changed) - ansible.posix.firewalld: - zone: trusted - masquerade: yes - permanent: yes - state: disabled - register: result + - name: Testing disable masquerade (verify not changed) + ansible.posix.firewalld: + zone: trusted + masquerade: true + permanent: true + state: disabled + register: result - - name: assert masquerade is disabled (verify not changed) - assert: - that: - - result is not changed + - name: Assert masquerade is disabled (verify not changed) + ansible.builtin.assert: + that: + - result is not changed # Validate backwards compatible behavior until masquerade is switched from string to boolean type - name: Masquerade enabled when masquerade is non-boolean string and state is enabled block: - - name: Testing enable masquerade - ansible.posix.firewalld: - zone: trusted - masquerade: 'some string' - permanent: yes - state: enabled - register: result + - name: Testing enable masquerade + ansible.posix.firewalld: + zone: trusted + masquerade: some string + permanent: true + state: enabled + register: result - - name: assert masquerade is enabled - assert: - that: - - result is changed + - name: Assert masquerade is enabled + ansible.builtin.assert: + that: + - result is changed - - name: Testing enable masquerade (verify not changed) - ansible.posix.firewalld: - zone: trusted - masquerade: 'some string' - permanent: yes - state: enabled - register: result + - name: Testing enable masquerade (verify not changed) + ansible.posix.firewalld: + zone: trusted + masquerade: some string + permanent: true + state: enabled + register: result - - name: assert masquerade is enabled (verify not changed) - assert: - that: - - result is not changed + - name: Assert masquerade is enabled (verify not changed) + ansible.builtin.assert: + that: + - result is not changed - name: Masquerade disabled when masquerade is non-boolean string and state is disabled block: - - name: Testing disable masquerade - ansible.posix.firewalld: - zone: trusted - masquerade: 'some string' - permanent: yes - state: disabled - register: result + - name: Testing disable masquerade + ansible.posix.firewalld: + zone: trusted + masquerade: some string + permanent: true + state: disabled + register: result - - name: assert masquerade is disabled - assert: - that: - - result is changed + - name: Assert masquerade is disabled + ansible.builtin.assert: + that: + - result is changed - - name: Testing disable masquerade (verify not changed) - ansible.posix.firewalld: - zone: trusted - masquerade: 'some string' - permanent: yes - state: disabled - register: result + - name: Testing disable masquerade (verify not changed) + ansible.posix.firewalld: + zone: trusted + masquerade: some string + permanent: true + state: disabled + register: result - - name: assert masquerade is disabled (verify not changed) - assert: - that: - - result is not changed + - name: Assert masquerade is disabled (verify not changed) + ansible.builtin.assert: + that: + - result is not changed diff --git a/tests/integration/targets/firewalld/tasks/port_forward_test_cases.yml b/tests/integration/targets/firewalld/tasks/port_forward_test_cases.yml index 78a451d..0b71444 100644 --- a/tests/integration/targets/firewalld/tasks/port_forward_test_cases.yml +++ b/tests/integration/targets/firewalld/tasks/port_forward_test_cases.yml @@ -1,9 +1,10 @@ +--- # Test playbook for the firewalld module - port operations # (c) 2017, Adam Miller # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) -- name: firewalld port forward test permanent enabled - firewalld: +- name: Firewalld port forward test permanent enabled + ansible.posix.firewalld: port_forward: - port: 8080 proto: tcp @@ -12,13 +13,13 @@ state: enabled register: result -- name: assert firewalld port test permanent enabled worked - assert: +- name: Assert firewalld port test permanent enabled worked + ansible.builtin.assert: that: - - result is changed + - result is changed -- name: firewalld port test permanent enabled rerun (verify not changed) - firewalld: +- name: Firewalld port test permanent enabled rerun (verify not changed) + ansible.posix.firewalld: port_forward: - port: 8080 proto: tcp @@ -27,13 +28,13 @@ state: enabled register: result -- name: assert firewalld port test permanent enabled rerun worked (verify not changed) - assert: +- name: Assert firewalld port test permanent enabled rerun worked (verify not changed) + ansible.builtin.assert: that: - - result is not changed + - result is not changed -- name: firewalld port test permanent disabled - firewalld: +- name: Firewalld port test permanent disabled + ansible.posix.firewalld: port_forward: - port: 8080 proto: tcp @@ -42,13 +43,13 @@ state: disabled register: result -- name: assert firewalld port test permanent disabled worked - assert: +- name: Assert firewalld port test permanent disabled worked + ansible.builtin.assert: that: - - result is changed + - result is changed -- name: firewalld port test permanent disabled rerun (verify not changed) - firewalld: +- name: Firewalld port test permanent disabled rerun (verify not changed) + ansible.posix.firewalld: port_forward: - port: 8080 proto: tcp @@ -57,7 +58,7 @@ state: disabled register: result -- name: assert firewalld port test permanent disabled rerun worked (verify not changed) - assert: +- name: Assert firewalld port test permanent disabled rerun worked (verify not changed) + ansible.builtin.assert: that: - - result is not changed + - result is not changed diff --git a/tests/integration/targets/firewalld/tasks/port_test_cases.yml b/tests/integration/targets/firewalld/tasks/port_test_cases.yml index c62c242..ff2440f 100644 --- a/tests/integration/targets/firewalld/tasks/port_test_cases.yml +++ b/tests/integration/targets/firewalld/tasks/port_test_cases.yml @@ -1,57 +1,58 @@ +--- # Test playbook for the firewalld module - port operations # (c) 2017, Adam Miller # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) -- name: firewalld port range test permanent enabled - firewalld: +- name: Firewalld port range test permanent enabled + ansible.posix.firewalld: port: 5500-6850/tcp permanent: true state: enabled register: result -- name: assert firewalld port range test permanent enabled worked - assert: +- name: Assert firewalld port range test permanent enabled worked + ansible.builtin.assert: that: - - result is changed + - result is changed -- name: firewalld port range test permanent enabled rerun (verify not changed) - firewalld: +- name: Firewalld port range test permanent enabled rerun (verify not changed) + ansible.posix.firewalld: port: 5500-6850/tcp permanent: true state: enabled register: result -- name: assert firewalld port range test permanent enabled rerun worked (verify not changed) - assert: +- name: Assert firewalld port range test permanent enabled rerun worked (verify not changed) + ansible.builtin.assert: that: - - result is not changed + - result is not changed -- name: firewalld port test permanent enabled - firewalld: +- name: Firewalld port test permanent enabled + ansible.posix.firewalld: port: 6900/tcp permanent: true state: enabled register: result -- name: assert firewalld port test permanent enabled worked - assert: +- name: Assert firewalld port test permanent enabled worked + ansible.builtin.assert: that: - - result is changed + - result is changed -- name: firewalld port test permanent enabled - firewalld: +- name: Firewalld port test permanent enabled + ansible.posix.firewalld: port: 6900/tcp permanent: true state: enabled register: result -- name: assert firewalld port test permanent enabled worked - assert: +- name: Assert firewalld port test permanent enabled worked + ansible.builtin.assert: that: - - result is not changed + - result is not changed -- name: firewalld port test disabled - firewalld: +- name: Firewalld port test disabled + ansible.posix.firewalld: port: "{{ item }}" permanent: true state: disabled @@ -59,50 +60,50 @@ - 6900/tcp - 5500-6850/tcp -- name: firewalld port test permanent enabled - firewalld: +- name: Firewalld port test permanent enabled + ansible.posix.firewalld: port: 8081/tcp permanent: true state: enabled register: result -- name: assert firewalld port test permanent enabled worked - assert: +- name: Assert firewalld port test permanent enabled worked + ansible.builtin.assert: that: - - result is changed + - result is changed -- name: firewalld port test permanent enabled rerun (verify not changed) - firewalld: +- name: Firewalld port test permanent enabled rerun (verify not changed) + ansible.posix.firewalld: port: 8081/tcp permanent: true state: enabled register: result -- name: assert firewalld port test permanent enabled rerun worked (verify not changed) - assert: +- name: Assert firewalld port test permanent enabled rerun worked (verify not changed) + ansible.builtin.assert: that: - - result is not changed + - result is not changed -- name: firewalld port test permanent disabled - firewalld: +- name: Firewalld port test permanent disabled + ansible.posix.firewalld: port: 8081/tcp permanent: true state: disabled register: result -- name: assert firewalld port test permanent disabled worked - assert: +- name: Assert firewalld port test permanent disabled worked + ansible.builtin.assert: that: - - result is changed + - result is changed -- name: firewalld port test permanent disabled rerun (verify not changed) - firewalld: +- name: Firewalld port test permanent disabled rerun (verify not changed) + ansible.posix.firewalld: port: 8081/tcp permanent: true state: disabled register: result -- name: assert firewalld port test permanent disabled rerun worked (verify not changed) - assert: +- name: Assert firewalld port test permanent disabled rerun worked (verify not changed) + ansible.builtin.assert: that: - - result is not changed + - result is not changed diff --git a/tests/integration/targets/firewalld/tasks/protocol_test_cases.yml b/tests/integration/targets/firewalld/tasks/protocol_test_cases.yml index 2af8921..996b3f1 100644 --- a/tests/integration/targets/firewalld/tasks/protocol_test_cases.yml +++ b/tests/integration/targets/firewalld/tasks/protocol_test_cases.yml @@ -1,3 +1,4 @@ +--- # Test playbook for the firewalld module - protocol operations # (c) 2022, Robért S. Guhr @@ -16,50 +17,50 @@ # You should have received a copy of the GNU General Public License # along with Ansible. If not, see . -- name: firewalld protocol test permanent enabled - firewalld: +- name: Firewalld protocol test permanent enabled + ansible.posix.firewalld: protocol: ospf permanent: true state: enabled register: result -- name: assert firewalld protocol test permanent enabled worked - assert: +- name: Assert firewalld protocol test permanent enabled worked + ansible.builtin.assert: that: - - result is changed + - result is changed -- name: firewalld protocol test permanent enabled rerun (verify not changed) - firewalld: +- name: Firewalld protocol test permanent enabled rerun (verify not changed) + ansible.posix.firewalld: protocol: ospf permanent: true state: enabled register: result -- name: assert firewalld protocol test permanent enabled rerun worked (verify not changed) - assert: +- name: Assert firewalld protocol test permanent enabled rerun worked (verify not changed) + ansible.builtin.assert: that: - - result is not changed + - result is not changed -- name: firewalld protocol test permanent disabled - firewalld: +- name: Firewalld protocol test permanent disabled + ansible.posix.firewalld: protocol: ospf permanent: true state: disabled register: result -- name: assert firewalld protocol test permanent disabled worked - assert: +- name: Assert firewalld protocol test permanent disabled worked + ansible.builtin.assert: that: - - result is changed + - result is changed -- name: firewalld protocol test permanent disabled rerun (verify not changed) - firewalld: +- name: Firewalld protocol test permanent disabled rerun (verify not changed) + ansible.posix.firewalld: protocol: ospf permanent: true state: disabled register: result -- name: assert firewalld protocol test permanent disabled rerun worked (verify not changed) - assert: +- name: Assert firewalld protocol test permanent disabled rerun worked (verify not changed) + ansible.builtin.assert: that: - - result is not changed + - result is not changed diff --git a/tests/integration/targets/firewalld/tasks/run_all_tests.yml b/tests/integration/targets/firewalld/tasks/run_all_tests.yml index e88b007..fa8c344 100644 --- a/tests/integration/targets/firewalld/tasks/run_all_tests.yml +++ b/tests/integration/targets/firewalld/tasks/run_all_tests.yml @@ -1,38 +1,50 @@ +--- # Test playbook for the firewalld module # (c) 2017, Adam Miller # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) - name: Ensure /run/firewalld exists - file: + ansible.builtin.file: path: /run/firewalld state: directory + mode: "0755" # firewalld service operation test cases -- include_tasks: service_test_cases.yml +- name: Include service test cases for firewalld module + ansible.builtin.include_tasks: service_test_cases.yml # firewalld protocol operation test cases -- include_tasks: protocol_test_cases.yml +- name: Include protocol test cases for firewalld module + ansible.builtin.include_tasks: protocol_test_cases.yml # firewalld port operation test cases -- include_tasks: port_test_cases.yml +- name: Include port test cases for firewalld module + ansible.builtin.include_tasks: port_test_cases.yml # firewalld source operation test cases -- include_tasks: source_test_cases.yml +- name: Include source test cases for firewalld module + ansible.builtin.include_tasks: source_test_cases.yml # firewalld zone operation test cases -- include_tasks: zone_test_cases.yml +- name: Include zone test cases for firewalld module + ansible.builtin.include_tasks: zone_test_cases.yml # firewalld zone target operation test cases -- include_tasks: zone_target_test_cases.yml +- name: Include zone target test cases for firewalld module + ansible.builtin.include_tasks: zone_target_test_cases.yml # firewalld port forwarding operation test cases -- include_tasks: port_forward_test_cases.yml +- name: Include port forward target test cases for firewalld module + ansible.builtin.include_tasks: port_forward_test_cases.yml # firewalld masquerade operation test cases -- include_tasks: masquerade_test_cases.yml +- name: Include masquerade target test cases for firewalld module + ansible.builtin.include_tasks: masquerade_test_cases.yml # firewalld icmp block inversion operation test cases -- include_tasks: icmp_block_inversion_test_cases.yml +- name: Include icmp block inversion target test cases for firewalld module + ansible.builtin.include_tasks: icmp_block_inversion_test_cases.yml # firewalld interface operation test cases -- include_tasks: interface_test_cases.yml +- name: Include interface target test cases for firewalld module + ansible.builtin.include_tasks: interface_test_cases.yml diff --git a/tests/integration/targets/firewalld/tasks/service_test_cases.yml b/tests/integration/targets/firewalld/tasks/service_test_cases.yml index 3c95d81..1286646 100644 --- a/tests/integration/targets/firewalld/tasks/service_test_cases.yml +++ b/tests/integration/targets/firewalld/tasks/service_test_cases.yml @@ -1,3 +1,4 @@ +--- # Test playbook for the firewalld module - service operations # (c) 2017, Adam Miller @@ -16,50 +17,50 @@ # You should have received a copy of the GNU General Public License # along with Ansible. If not, see . -- name: firewalld service test permanent enabled - firewalld: +- name: Firewalld service test permanent enabled + ansible.posix.firewalld: service: https permanent: true state: enabled register: result -- name: assert firewalld service test permanent enabled worked - assert: +- name: Assert firewalld service test permanent enabled worked + ansible.builtin.assert: that: - - result is changed + - result is changed -- name: firewalld service test permanent enabled rerun (verify not changed) - firewalld: +- name: Firewalld service test permanent enabled rerun (verify not changed) + ansible.posix.firewalld: service: https permanent: true state: enabled register: result -- name: assert firewalld service test permanent enabled rerun worked (verify not changed) - assert: +- name: Assert firewalld service test permanent enabled rerun worked (verify not changed) + ansible.builtin.assert: that: - - result is not changed + - result is not changed -- name: firewalld service test permanent disabled - firewalld: +- name: Firewalld service test permanent disabled + ansible.posix.firewalld: service: https permanent: true state: disabled register: result -- name: assert firewalld service test permanent disabled worked - assert: +- name: Assert firewalld service test permanent disabled worked + ansible.builtin.assert: that: - - result is changed + - result is changed -- name: firewalld service test permanent disabled rerun (verify not changed) - firewalld: +- name: Firewalld service test permanent disabled rerun (verify not changed) + ansible.posix.firewalld: service: https permanent: true state: disabled register: result -- name: assert firewalld service test permanent disabled rerun worked (verify not changed) - assert: +- name: Assert firewalld service test permanent disabled rerun worked (verify not changed) + ansible.builtin.assert: that: - - result is not changed + - result is not changed diff --git a/tests/integration/targets/firewalld/tasks/source_test_cases.yml b/tests/integration/targets/firewalld/tasks/source_test_cases.yml index 4bc8b65..a2552d5 100644 --- a/tests/integration/targets/firewalld/tasks/source_test_cases.yml +++ b/tests/integration/targets/firewalld/tasks/source_test_cases.yml @@ -1,3 +1,4 @@ +--- # Test playbook for the firewalld module - source operations # (c) 2019, Hideki Saito @@ -16,70 +17,71 @@ # You should have received a copy of the GNU General Public License # along with Ansible. If not, see . -- name: firewalld source test permanent enabled - firewalld: +- name: Firewalld source test permanent enabled + ansible.posix.firewalld: source: 192.0.2.0/24 zone: internal - permanent: True + permanent: true state: enabled register: result -- name: assert firewalld source test permanent enabled worked - assert: +- name: Assert firewalld source test permanent enabled worked + ansible.builtin.assert: that: - - result is changed + - result is changed -- name: firewalld source test permanent enabled rerun (verify not changed) - firewalld: +- name: Firewalld source test permanent enabled rerun (verify not changed) + ansible.posix.firewalld: source: 192.0.2.0/24 zone: internal - permanent: True + permanent: true state: enabled register: result -- name: assert firewalld source test permanent enabled rerun worked (verify not changed) - assert: +- name: Assert firewalld source test permanent enabled rerun worked (verify not changed) + ansible.builtin.assert: that: - - result is not changed + - result is not changed -- name: firewalld source test permanent disabled - firewalld: +- name: Firewalld source test permanent disabled + ansible.posix.firewalld: source: 192.0.2.0/24 zone: internal - permanent: True + permanent: true state: disabled register: result -- name: assert firewalld source test permanent disabled worked - assert: +- name: Assert firewalld source test permanent disabled worked + ansible.builtin.assert: that: - - result is changed + - result is changed -- name: firewalld source test permanent disabled rerun (verify not changed) - firewalld: +- name: Firewalld source test permanent disabled rerun (verify not changed) + ansible.posix.firewalld: source: 192.0.2.0/24 zone: internal - permanent: True + permanent: true state: disabled register: result -- name: assert firewalld source test permanent disabled rerun worked (verify not changed) - assert: +- name: Assert firewalld source test permanent disabled rerun worked (verify not changed) + ansible.builtin.assert: that: - - result is not changed + - result is not changed -- name: firewalld source test permanent enabled is exclusive (verify exclusive error) - firewalld: +- name: Firewalld source test permanent enabled is exclusive (verify exclusive error) + ansible.posix.firewalld: source: 192.0.2.0/24 port: 8081/tcp zone: internal - permanent: True + permanent: true state: enabled register: result ignore_errors: true -- name: assert firewalld source test permanent enabled is exclusive (verify exclusive error) - assert: +- name: Assert firewalld source test permanent enabled is exclusive (verify exclusive error) + ansible.builtin.assert: that: - - result is not changed - - "result.msg == 'parameters are mutually exclusive: icmp_block|icmp_block_inversion|service|protocol|port|port_forward|rich_rule|interface|masquerade|source|target'" + - result is not changed + - "result.msg == + 'parameters are mutually exclusive: icmp_block|icmp_block_inversion|service|protocol|port|port_forward|rich_rule|interface|masquerade|source|target'" diff --git a/tests/integration/targets/firewalld/tasks/zone_target_test_cases.yml b/tests/integration/targets/firewalld/tasks/zone_target_test_cases.yml index 085762a..324165d 100644 --- a/tests/integration/targets/firewalld/tasks/zone_target_test_cases.yml +++ b/tests/integration/targets/firewalld/tasks/zone_target_test_cases.yml @@ -1,3 +1,4 @@ +--- # Test playbook for the firewalld module - source operations # (c) 2020, Adam Miller @@ -16,106 +17,106 @@ # You should have received a copy of the GNU General Public License # along with Ansible. If not, see . -- name: firewalld dmz zone target DROP - firewalld: +- name: Firewalld dmz zone target DROP + ansible.posix.firewalld: zone: dmz - permanent: True + permanent: true state: present target: DROP register: result -- name: assert firewalld dmz zone target DROP present worked - assert: +- name: Assert firewalld dmz zone target DROP present worked + ansible.builtin.assert: that: - - result is changed + - result is changed -- name: firewalld dmz zone target DROP rerun (verify not changed) - firewalld: +- name: Firewalld dmz zone target DROP rerun (verify not changed) + ansible.posix.firewalld: zone: dmz - permanent: True + permanent: true state: present target: DROP register: result -- name: assert firewalld dmz zone target DROP present worked (verify not changed) - assert: +- name: Assert firewalld dmz zone target DROP present worked (verify not changed) + ansible.builtin.assert: that: - - result is not changed + - result is not changed -- name: firewalld dmz zone target DROP absent - firewalld: +- name: Firewalld dmz zone target DROP absent + ansible.posix.firewalld: zone: dmz - permanent: True + permanent: true state: absent target: DROP register: result -- name: assert firewalld dmz zone target DROP absent worked - assert: +- name: Assert firewalld dmz zone target DROP absent worked + ansible.builtin.assert: that: - - result is changed + - result is changed -- name: firewalld dmz zone target DROP rerun (verify not changed) - firewalld: +- name: Firewalld dmz zone target DROP rerun (verify not changed) + ansible.posix.firewalld: zone: dmz - permanent: True + permanent: true state: absent target: DROP register: result -- name: assert firewalld dmz zone target DROP present worked (verify not changed) - assert: +- name: Assert firewalld dmz zone target DROP present worked (verify not changed) + ansible.builtin.assert: that: - - result is not changed + - result is not changed -- name: firewalld dmz zone target %%REJECT%% - firewalld: +- name: Firewalld dmz zone target %%REJECT%% + ansible.posix.firewalld: zone: dmz - permanent: True + permanent: true state: present - target: '%%REJECT%%' + target: "%%REJECT%%" register: result -- name: assert firewalld dmz zone target %%REJECT%% present worked - assert: +- name: Assert firewalld dmz zone target %%REJECT%% present worked + ansible.builtin.assert: that: - - result is changed + - result is changed -- name: firewalld dmz zone target %%REJECT%% rerun (verify not changed) - firewalld: +- name: Firewalld dmz zone target %%REJECT%% rerun (verify not changed) + ansible.posix.firewalld: zone: dmz - permanent: True + permanent: true state: present - target: '%%REJECT%%' + target: "%%REJECT%%" register: result -- name: assert firewalld dmz zone target %%REJECT%% present worked (verify not changed) - assert: +- name: Assert firewalld dmz zone target %%REJECT%% present worked (verify not changed) + ansible.builtin.assert: that: - - result is not changed + - result is not changed -- name: firewalld dmz zone target %%REJECT%% absent - firewalld: +- name: Firewalld dmz zone target %%REJECT%% absent + ansible.posix.firewalld: zone: dmz - permanent: True + permanent: true state: absent - target: '%%REJECT%%' + target: "%%REJECT%%" register: result -- name: assert firewalld dmz zone target %%REJECT%% absent worked - assert: +- name: Assert firewalld dmz zone target %%REJECT%% absent worked + ansible.builtin.assert: that: - - result is changed + - result is changed -- name: firewalld dmz zone target %%REJECT%% rerun (verify not changed) - firewalld: +- name: Firewalld dmz zone target %%REJECT%% rerun (verify not changed) + ansible.posix.firewalld: zone: dmz - permanent: True + permanent: true state: absent - target: '%%REJECT%%' + target: "%%REJECT%%" register: result -- name: assert firewalld dmz zone target %%REJECT%% present worked (verify not changed) - assert: +- name: Assert firewalld dmz zone target %%REJECT%% present worked (verify not changed) + ansible.builtin.assert: that: - - result is not changed \ No newline at end of file + - result is not changed diff --git a/tests/integration/targets/firewalld/tasks/zone_test_cases.yml b/tests/integration/targets/firewalld/tasks/zone_test_cases.yml index c9d54c6..753dd18 100644 --- a/tests/integration/targets/firewalld/tasks/zone_test_cases.yml +++ b/tests/integration/targets/firewalld/tasks/zone_test_cases.yml @@ -1,47 +1,48 @@ -- name: firewalld create zone custom - firewalld: +--- +- name: Firewalld create zone custom + ansible.posix.firewalld: zone: custom - permanent: True + permanent: true state: present register: result -- name: assert firewalld custom zone created worked - assert: +- name: Assert firewalld custom zone created worked + ansible.builtin.assert: that: - - result is changed + - result is changed -- name: firewalld create zone custom rerun (verify not changed) - firewalld: +- name: Firewalld create zone custom rerun (verify not changed) + ansible.posix.firewalld: zone: custom - permanent: True + permanent: true state: present register: result -- name: assert firewalld custom zone created worked (verify not changed) - assert: +- name: Assert firewalld custom zone created worked (verify not changed) + ansible.builtin.assert: that: - - result is not changed + - result is not changed -- name: firewalld remove zone custom - firewalld: +- name: Firewalld remove zone custom + ansible.posix.firewalld: zone: custom - permanent: True + permanent: true state: absent register: result -- name: assert firewalld custom zone removed worked - assert: +- name: Assert firewalld custom zone removed worked + ansible.builtin.assert: that: - - result is changed + - result is changed -- name: firewalld remove custom zone rerun (verify not changed) - firewalld: +- name: Firewalld remove custom zone rerun (verify not changed) + ansible.posix.firewalld: zone: custom - permanent: True + permanent: true state: absent register: result -- name: assert firewalld custom zone removed worked (verify not changed) - assert: +- name: Assert firewalld custom zone removed worked (verify not changed) + ansible.builtin.assert: that: - - result is not changed + - result is not changed diff --git a/tests/integration/targets/firewalld_info/tasks/main.yml b/tests/integration/targets/firewalld_info/tasks/main.yml index bce6b54..58c7fc8 100644 --- a/tests/integration/targets/firewalld_info/tasks/main.yml +++ b/tests/integration/targets/firewalld_info/tasks/main.yml @@ -1,52 +1,53 @@ +--- # Test playbook for the firewalld_info module # (c) 2021, Hideki Saito # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) # This test is based on the integration test playbook for firewalld module. - name: Run firewalld tests + when: + - ansible_facts.os_family == "RedHat" and ansible_facts.distribution_major_version is version('7', '>=') + - not (ansible_distribution == "Ubuntu" and ansible_distribution_version is version('14.04', '==')) + # Firewalld package on OpenSUSE (15+) require Python 3, so we skip on OpenSUSE running py2 on these newer distros + - not (ansible_os_family == "Suse" and ansible_distribution_major_version|int != 42 and ansible_python.version.major != 3) block: - name: Ensure firewalld is installed - package: + ansible.builtin.package: name: firewalld state: present - # This doesn't work for CentOS 6 because firewalld doesn't exist in CentOS6 + # This doesn't work for CentOS 6 because firewalld doesn't exist in CentOS6 - name: Check to make sure the firewalld python module is available. - shell: "{{ansible_python.executable}} -c 'import firewall'" + ansible.builtin.command: "{{ ansible_python.executable }} -c 'import firewall'" + changed_when: false register: check_output_firewall ignore_errors: true - name: Check to make sure the dbus python module is available. - shell: "{{ansible_python.executable}} -c 'import dbus'" + ansible.builtin.command: "{{ ansible_python.executable }} -c 'import dbus'" + changed_when: false register: check_output_dbus ignore_errors: true - name: Test Online Operations block: - - name: start firewalld - service: + - name: Start firewalld + ansible.builtin.service: name: firewalld state: started - - import_tasks: run_tests_in_started.yml + - name: Import test tasks from run_tests_in_started.yml + ansible.builtin.import_tasks: run_tests_in_started.yml + + - name: Test Offline Operations when: - check_output_firewall.rc == 0 - check_output_dbus.rc == 0 - - - name: Test Offline Operations block: - - name: stop firewalld - service: + - name: Stop firewalld + ansible.builtin.service: name: firewalld state: stopped - - import_tasks: run_tests_in_stopped.yml - when: - - check_output_firewall.rc == 0 - - check_output_dbus.rc == 0 - - when: - - ansible_facts.os_family == "RedHat" and ansible_facts.distribution_major_version is version('7', '>=') - - not (ansible_distribution == "Ubuntu" and ansible_distribution_version is version('14.04', '==')) - # Firewalld package on OpenSUSE (15+) require Python 3, so we skip on OpenSUSE running py2 on these newer distros - - not (ansible_os_family == "Suse" and ansible_distribution_major_version|int != 42 and ansible_python.version.major != 3) + - name: Import test tasks from run_tests_in_stopped.yml + ansible.builtin.import_tasks: run_tests_in_stopped.yml diff --git a/tests/integration/targets/firewalld_info/tasks/run_tests_in_started.yml b/tests/integration/targets/firewalld_info/tasks/run_tests_in_started.yml index 5024884..3b73845 100644 --- a/tests/integration/targets/firewalld_info/tasks/run_tests_in_started.yml +++ b/tests/integration/targets/firewalld_info/tasks/run_tests_in_started.yml @@ -1,32 +1,33 @@ +--- # Test playbook for the firewalld_info module # (c) 2021, Hideki Saito # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) - name: Ensure firewalld_info without options - firewalld_info: + ansible.posix.firewalld_info: register: result - name: Assert collected_zones and undefined_zones - assert: + ansible.builtin.assert: that: - - 'result.collected_zones and not result.undefined_zones' + - result.collected_zones and not result.undefined_zones - name: Ensure firewalld_info with active_zones - firewalld_info: - active_zones: yes + ansible.posix.firewalld_info: + active_zones: true register: result - name: Assert turn active_zones true - assert: + ansible.builtin.assert: that: - name: Ensure firewalld_zones with zone list - firewalld_info: + ansible.posix.firewalld_info: zones: - public - invalid_zone register: result - name: Assert specified zones - assert: + ansible.builtin.assert: that: diff --git a/tests/integration/targets/firewalld_info/tasks/run_tests_in_stopped.yml b/tests/integration/targets/firewalld_info/tasks/run_tests_in_stopped.yml index 2ad4c0c..175041c 100644 --- a/tests/integration/targets/firewalld_info/tasks/run_tests_in_stopped.yml +++ b/tests/integration/targets/firewalld_info/tasks/run_tests_in_stopped.yml @@ -1,40 +1,41 @@ +--- # Test playbook for the firewalld_info module # (c) 2021, Hideki Saito # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) - name: Ensure firewalld_info without options - firewalld_info: + ansible.posix.firewalld_info: register: result - ignore_errors: yes + ignore_errors: true - name: Assert firewalld_info fails if firewalld is not running. - assert: + ansible.builtin.assert: that: - result.failed - "'firewalld probably not be running,' in result.msg" - name: Ensure firewalld_info with active_zones - firewalld_info: - active_zones: yes + ansible.posix.firewalld_info: + active_zones: true register: result - ignore_errors: yes + ignore_errors: true - name: Assert firewalld_info with active_zones fails if firewalld is not running. - assert: + ansible.builtin.assert: that: - result.failed - "'firewalld probably not be running,' in result.msg" - name: Ensure firewalld_zones with zone list - firewalld_info: + ansible.posix.firewalld_info: zones: - public - invalid_zone register: result - ignore_errors: yes + ignore_errors: true - name: Assert firewalld_info with zones list fails if firewalld is not running. - assert: + ansible.builtin.assert: that: - result.failed - "'firewalld probably not be running,' in result.msg" diff --git a/tests/integration/targets/mount/tasks/main.yml b/tests/integration/targets/mount/tasks/main.yml index 7b0d141..58eace8 100644 --- a/tests/integration/targets/mount/tasks/main.yml +++ b/tests/integration/targets/mount/tasks/main.yml @@ -1,29 +1,117 @@ -- name: Install dependencies +- name: Install dependencies (Linux) ansible.builtin.package: name: e2fsprogs state: present when: ansible_system == 'Linux' +- name: Install dependencies (FreeBSD) + ansible.builtin.package: + name: bash + state: present + +- name: Register facts on Linux + ansible.builtin.set_fact: + shell_executable: /bin/bash + ephemeral_device_a: /tmp/myfs_A.img + ephemeral_device_b: /tmp/myfs_B.img + ephemeral_fstype: ext3 + ephemeral_fstab: /etc/fstab + when: ansible_system == 'Linux' + +- name: Register facts on Solaris/SunOS + ansible.builtin.set_fact: + shell_executable: /usr/bin/bash + ephemeral_device_a: /dev/lofi/1 + ephemeral_device_b: /dev/lofi/2 + ephemeral_create_loop_dev_cmd: >- + lofiadm -a /tmp/myfs_A.img /dev/lofi/1 && + lofiadm -a /tmp/myfs_B.img /dev/lofi/2 + ephemeral_remove_loop_dev_cmd: >- + lofiadm -d /dev/lofi/1 && + lofiadm -d /dev/lofi/2 || true + ephemeral_fstype: ufs + ephemeral_fstab: /etc/vfstab + when: ansible_system == 'SunOS' + +- name: Register facts on FreeBSD + ansible.builtin.set_fact: + shell_executable: /usr/local/bin/bash + ephemeral_device_a: /dev/md1 + ephemeral_device_b: /dev/md2 + ephemeral_create_loop_dev_cmd: >- + mdconfig -a -t vnode -f /tmp/myfs_A.img -u /dev/md1 && + mdconfig -a -t vnode -f /tmp/myfs_B.img -u /dev/md2 + ephemeral_remove_loop_dev_cmd: >- + mdconfig -d -u /dev/md1 && + mdconfig -d -u /dev/md2 + ephemeral_fstype: ufs + ephemeral_fstab: /etc/fstab + when: ansible_system == 'FreeBSD' + +- name: Register facts on NetBSD + ansible.builtin.set_fact: + shell_executable: /usr/local/bin/bash + ephemeral_device_a: /dev/vnd1 + ephemeral_device_b: /dev/vnd2 + ephemeral_create_loop_dev_cmd: >- + vnconfig /dev/vnd1 /tmp/myfs_A.img && + vnconfig /dev/vnd2 /tmp/myfs_B.img + ephemeral_remove_loop_dev_cmd: >- + vnconfig -u /dev/vnd1 && + vnconfig -u /dev/vnd2 + ephemeral_fstype: ufs + ephemeral_fstab: /etc/fstab + when: ansible_system == 'NetBSD' + +- name: Register format fs command on Non-Linux and Non-OpenBSD + ansible.builtin.set_fact: + ephemeral_format_fs_cmd: >- + newfs {{ ephemeral_device_a }} && + newfs {{ ephemeral_device_b }} + when: ansible_system in ('SunOS', 'FreeBSD', 'NetBSD') + +- name: Register facts on OpenBSD + ansible.builtin.set_fact: + shell_executable: /usr/local/bin/bash + ephemeral_device_a: /dev/vnd1c + ephemeral_device_b: /dev/vnd2c + ephemeral_create_loop_dev_cmd: >- + vnconfig vnd1 /tmp/myfs_A.img && + vnconfig vnd2 /tmp/myfs_B.img + ephemeral_remove_loop_dev_cmd: >- + vnconfig -u vnd1 && + vnconfig -u vnd2 + ephemeral_format_fs_cmd: >- + newfs /dev/rvnd1c && + newfs /dev/rvnd2c + ephemeral_fstype: ffs + ephemeral_fstab: /etc/fstab + when: ansible_system == 'OpenBSD' + + - name: Create the mount point - file: + ansible.builtin.file: state: directory path: '{{ output_dir }}/mount_dest' + mode: '0755' - name: Create a directory to bind mount - file: + ansible.builtin.file: state: directory path: '{{ output_dir }}/mount_source' + mode: '0755' - name: Put something in the directory so we see that it worked - copy: + ansible.builtin.copy: content: 'Testing ' dest: '{{ output_dir }}/mount_source/test_file' + mode: '0644' register: orig_info - name: Bind mount a filesystem (Linux) - mount: + ansible.posix.mount: src: '{{ output_dir }}/mount_source' name: '{{ output_dir }}/mount_dest' state: mounted @@ -33,7 +121,7 @@ register: bind_result_linux - name: Bind mount a filesystem (FreeBSD) - mount: + ansible.posix.mount: src: '{{ output_dir }}/mount_source' name: '{{ output_dir }}/mount_dest' state: mounted @@ -41,22 +129,22 @@ when: ansible_system == 'FreeBSD' register: bind_result_freebsd -- name: get checksum for bind mounted file - stat: +- name: Get checksum for bind mounted file + ansible.builtin.stat: path: '{{ output_dir }}/mount_dest/test_file' when: ansible_system in ('FreeBSD', 'Linux') register: dest_stat -- name: assert the bind mount was successful - assert: +- name: Assert the bind mount was successful + ansible.builtin.assert: that: - - (ansible_system == 'Linux' and bind_result_linux['changed']) or (ansible_system == 'FreeBSD' and bind_result_freebsd['changed']) - - dest_stat['stat']['exists'] - - orig_info['checksum'] == dest_stat['stat']['checksum'] + - (ansible_system == 'Linux' and bind_result_linux['changed']) or (ansible_system == 'FreeBSD' and bind_result_freebsd['changed']) + - dest_stat['stat']['exists'] + - orig_info['checksum'] == dest_stat['stat']['checksum'] when: ansible_system in ('FreeBSD', 'Linux') - name: Bind mount a filesystem (Linux) - mount: + ansible.posix.mount: src: '{{ output_dir }}/mount_source' name: '{{ output_dir }}/mount_dest' state: mounted @@ -66,7 +154,7 @@ register: bind_result_linux - name: Bind mount a filesystem (FreeBSD) - mount: + ansible.posix.mount: src: '{{ output_dir }}/mount_source' name: '{{ output_dir }}/mount_dest' state: mounted @@ -75,13 +163,13 @@ register: bind_result_freebsd - name: Make sure we didn't mount a second time - assert: + ansible.builtin.assert: that: - - (ansible_system == 'Linux' and not bind_result_linux['changed']) or (ansible_system == 'FreeBSD' and not bind_result_freebsd['changed']) + - (ansible_system == 'Linux' and not bind_result_linux['changed']) or (ansible_system == 'FreeBSD' and not bind_result_freebsd['changed']) when: ansible_system in ('FreeBSD', 'Linux') - name: Remount filesystem with different opts (Linux) - mount: + ansible.posix.mount: src: '{{ output_dir }}/mount_source' name: '{{ output_dir }}/mount_dest' state: mounted @@ -91,7 +179,7 @@ register: bind_result_linux - name: Remount filesystem with different opts (FreeBSD) - mount: + ansible.posix.mount: src: '{{ output_dir }}/mount_source' name: '{{ output_dir }}/mount_dest' state: mounted @@ -101,581 +189,553 @@ register: bind_result_freebsd - name: Get mount options - shell: mount | grep mount_dest | grep -E -w '(ro|read-only)' | wc -l + ansible.builtin.shell: + cmd: set -o pipefail && mount | grep mount_dest | grep -E -w '(ro|read-only)' | wc -l + executable: "{{ shell_executable }}" + changed_when: false register: remount_options - name: Make sure the filesystem now has the new opts - assert: + ansible.builtin.assert: that: - - (ansible_system == 'Linux' and bind_result_linux['changed']) or (ansible_system == 'FreeBSD' and bind_result_freebsd['changed']) - - '''1'' in remount_options.stdout' - - 1 == remount_options.stdout_lines | length + - (ansible_system == 'Linux' and bind_result_linux['changed']) or (ansible_system == 'FreeBSD' and bind_result_freebsd['changed']) + - '''1'' in remount_options.stdout' + - 1 == remount_options.stdout_lines | length when: ansible_system in ('FreeBSD', 'Linux') - name: Unmount the bind mount - mount: + ansible.posix.mount: name: '{{ output_dir }}/mount_dest' state: absent when: ansible_system in ('Linux', 'FreeBSD') register: unmount_result - name: Make sure the file no longer exists in dest - stat: + ansible.builtin.stat: path: '{{ output_dir }}/mount_dest/test_file' when: ansible_system in ('FreeBSD', 'Linux') register: dest_stat - name: Check that we unmounted - assert: + ansible.builtin.assert: that: - - unmount_result['changed'] - - not dest_stat['stat']['exists'] + - unmount_result['changed'] + - not dest_stat['stat']['exists'] when: ansible_system in ('FreeBSD', 'Linux') - name: Block to test remounted option + when: ansible_system in ('Linux') block: - - name: Create fstab record for the first swap file - mount: - name: none - src: /tmp/swap1 - opts: sw - fstype: swap - state: present - register: swap1_created + - name: Create fstab record for the first swap file + ansible.posix.mount: + name: none + src: /tmp/swap1 + opts: sw + fstype: swap + state: present + register: swap1_created - - name: Try to create fstab record for the first swap file again - mount: - name: none - src: /tmp/swap1 - opts: sw - fstype: swap - state: present - register: swap1_created_again + - name: Try to create fstab record for the first swap file again + ansible.posix.mount: + name: none + src: /tmp/swap1 + opts: sw + fstype: swap + state: present + register: swap1_created_again - - name: Check that we created the swap1 record - assert: - that: - - swap1_created['changed'] - - not swap1_created_again['changed'] + - name: Check that we created the swap1 record + ansible.builtin.assert: + that: + - swap1_created['changed'] + - not swap1_created_again['changed'] - - name: Create fstab record for the second swap file - mount: - name: none - src: /tmp/swap2 - opts: sw - fstype: swap - state: present - register: swap2_created + - name: Create fstab record for the second swap file + ansible.posix.mount: + name: none + src: /tmp/swap2 + opts: sw + fstype: swap + state: present + register: swap2_created - - name: Try to create fstab record for the second swap file again - mount: - name: none - src: /tmp/swap1 - opts: sw - fstype: swap - state: present - register: swap2_created_again + - name: Try to create fstab record for the second swap file again + ansible.posix.mount: + name: none + src: /tmp/swap2 + opts: sw + fstype: swap + state: present + register: swap2_created_again - - name: Check that we created the swap2 record - assert: - that: - - swap2_created['changed'] - - not swap2_created_again['changed'] + - name: Check that we created the swap2 record + ansible.builtin.assert: + that: + - swap2_created['changed'] + - not swap2_created_again['changed'] - - name: Remove the fstab record for the first swap file - mount: - name: none - src: /tmp/swap1 - state: absent - register: swap1_removed + - name: Remove the fstab record for the first swap file + ansible.posix.mount: + name: none + src: /tmp/swap1 + state: absent + register: swap1_removed - - name: Try to remove the fstab record for the first swap file again - mount: - name: none - src: /tmp/swap1 - state: absent - register: swap1_removed_again + - name: Try to remove the fstab record for the first swap file again + ansible.posix.mount: + name: none + src: /tmp/swap1 + state: absent + register: swap1_removed_again - - name: Check that we removed the swap1 record - assert: - that: - - swap1_removed['changed'] - - not swap1_removed_again['changed'] + - name: Check that we removed the swap1 record + ansible.builtin.assert: + that: + - swap1_removed['changed'] + - not swap1_removed_again['changed'] - - name: Remove the fstab record for the second swap file - mount: - name: none - src: /tmp/swap2 - state: absent - register: swap2_removed + - name: Remove the fstab record for the second swap file + ansible.posix.mount: + name: none + src: /tmp/swap2 + state: absent + register: swap2_removed - - name: Try to remove the fstab record for the second swap file again - mount: - name: none - src: /tmp/swap2 - state: absent - register: swap2_removed_again + - name: Try to remove the fstab record for the second swap file again + ansible.posix.mount: + name: none + src: /tmp/swap2 + state: absent + register: swap2_removed_again - - name: Check that we removed the swap2 record - assert: - that: - - swap2_removed['changed'] - - not swap2_removed_again['changed'] + - name: Check that we removed the swap2 record + ansible.builtin.assert: + that: + - swap2_removed['changed'] + - not swap2_removed_again['changed'] - - name: Create fstab record with missing last two fields - copy: - dest: /etc/fstab - content: '//nas/photo /home/jik/pictures cifs defaults,credentials=/etc/security/nas.creds,uid=jik,gid=users,forceuid,forcegid,noserverino,_netdev + - name: Create fstab record with missing last two fields + ansible.builtin.copy: + dest: /etc/fstab + content: '//nas/photo /home/jik/pictures cifs defaults,credentials=/etc/security/nas.creds,uid=jik,gid=users,forceuid,forcegid,noserverino,_netdev - ' + ' + mode: "0644" - - name: Try to change the fstab record with the missing last two fields - mount: - src: //nas/photo - path: /home/jik/pictures - fstype: cifs - opts: defaults,credentials=/etc/security/nas.creds,uid=jik,gid=users,forceuid,forcegid,noserverino,_netdev,x-systemd.mount-timeout=0 - state: present - register: optional_fields_update + - name: Try to change the fstab record with the missing last two fields + ansible.posix.mount: + src: //nas/photo + path: /home/jik/pictures + fstype: cifs + opts: defaults,credentials=/etc/security/nas.creds,uid=jik,gid=users,forceuid,forcegid,noserverino,_netdev,x-systemd.mount-timeout=0 + state: present + register: optional_fields_update - - name: Get the content of the fstab file - shell: cat /etc/fstab - register: optional_fields_content + - name: Get the content of the fstab file + ansible.builtin.command: cat /etc/fstab + changed_when: false + register: optional_fields_content - - name: Check if the line containing the missing last two fields was changed - assert: - that: - - optional_fields_update['changed'] - - ''' 0 0'' in optional_fields_content.stdout' - - 1 == optional_fields_content.stdout_lines | length + - name: Check if the line containing the missing last two fields was changed + ansible.builtin.assert: + that: + - optional_fields_update['changed'] + - ''' 0 0'' in optional_fields_content.stdout' + - 1 == optional_fields_content.stdout_lines | length - - name: Create empty file - community.general.filesize: - path: /tmp/myfs.img - size: 20M + - name: Create empty file + community.general.filesize: + path: /tmp/myfs.img + size: 20M - - name: Format FS - community.general.filesystem: - fstype: ext3 - dev: /tmp/myfs.img + - name: Format FS + community.general.filesystem: + fstype: ext3 + dev: /tmp/myfs.img - - name: Mount the FS for the first time - mount: - path: /tmp/myfs - src: /tmp/myfs.img - fstype: ext2 - state: mounted + - name: Mount the FS for the first time + ansible.posix.mount: + path: /tmp/myfs + src: /tmp/myfs.img + fstype: ext2 + state: mounted - - name: Get the last write time - shell: 'dumpe2fs /tmp/myfs.img 2>/dev/null | grep -i last write time: |cut -d: -f2-' - register: last_write_time + - name: Get the last write time + ansible.builtin.shell: + cmd: >- + set -o pipefail && dumpe2fs /tmp/myfs.img 2>/dev/null | grep -i "last write time:" | cut -d: -f2- + executable: "{{ shell_executable }}" + changed_when: false + register: last_write_time - - name: Wait 2 second - pause: - seconds: 2 + - name: Wait 2 second + ansible.builtin.pause: + seconds: 2 - - name: Test if the FS is remounted - mount: - path: /tmp/myfs - state: remounted + - name: Test if the FS is remounted + ansible.posix.mount: + path: /tmp/myfs + state: remounted - - name: Get again the last write time - shell: 'dumpe2fs /tmp/myfs.img 2>/dev/null | grep -i last write time: |cut -d: -f2-' - register: last_write_time2 + - name: Get again the last write time + ansible.builtin.shell: + cmd: >- + set -o pipefail && dumpe2fs /tmp/myfs.img 2>/dev/null | grep -i "last write time:" |cut -d: -f2- + executable: "{{ shell_executable }}" + changed_when: false + register: last_write_time2 - - name: Fail if they are the same - fail: - msg: Filesytem was not remounted, testing of the module failed! - when: last_write is defined and last_write_time2 is defined and last_write_time.stdout == last_write_time2.stdout + - name: Fail if they are the same + ansible.builtin.fail: + msg: Filesytem was not remounted, testing of the module failed! + when: last_write is defined and last_write_time2 is defined and last_write_time.stdout == last_write_time2.stdout - - name: Remount filesystem with different opts using remounted option (Linux only) - mount: - path: /tmp/myfs - state: remounted - opts: rw,noexec + - name: Remount filesystem with different opts using remounted option (Linux only) + ansible.posix.mount: + path: /tmp/myfs + state: remounted + opts: rw,noexec - - name: Get remounted options (Linux only) - shell: mount | grep myfs | grep -E -w 'noexec' | wc -l - register: remounted_options + - name: Get remounted options (Linux only) + ansible.builtin.shell: + cmd: set -o pipefail && mount | grep myfs | grep -E -w 'noexec' | wc -l + executable: "{{ shell_executable }}" + changed_when: false + register: remounted_options - - name: Make sure the filesystem now has the new opts after using remounted (Linux only) - assert: - that: - - "'1' in remounted_options.stdout" - - "1 == remounted_options.stdout_lines | length" + - name: Make sure the filesystem now has the new opts after using remounted (Linux only) + ansible.builtin.assert: + that: + - "'1' in remounted_options.stdout" + - "1 == remounted_options.stdout_lines | length" - - name: Mount the FS again to test backup - mount: - path: /tmp/myfs - src: /tmp/myfs.img - fstype: ext2 - state: mounted - backup: yes - register: mount_backup_out + - name: Mount the FS again to test backup + ansible.posix.mount: + path: /tmp/myfs + src: /tmp/myfs.img + fstype: ext2 + state: mounted + backup: true + register: mount_backup_out - - name: ensure backup_file in returned output - assert: - that: - - "'backup_file' in mount_backup_out" + - name: Ensure backup_file in returned output + ansible.builtin.assert: + that: + - "'backup_file' in mount_backup_out" always: - - name: Umount the test FS - mount: - path: /tmp/myfs - src: /tmp/myfs.img - opts: loop - state: absent + - name: Umount the test FS + ansible.posix.mount: + path: /tmp/myfs + src: /tmp/myfs.img + opts: loop + state: absent - - name: Remove the test FS - file: - path: '{{ item }}' - state: absent - loop: - - /tmp/myfs.img - - /tmp/myfs - when: ansible_system in ('Linux') + - name: Remove the test FS + ansible.builtin.file: + path: '{{ item }}' + state: absent + loop: + - /tmp/myfs.img + - /tmp/myfs - name: Block to test boot option for Linux - block: - - name: Create empty file - community.general.filesize: - path: /tmp/myfs.img - size: 20M - - - name: Format FS - community.general.filesystem: - fstype: ext3 - dev: /tmp/myfs.img - - - name: Mount the FS with noauto option - mount: - path: /tmp/myfs - src: /tmp/myfs.img - fstype: ext3 - state: mounted - boot: no - opts: rw,user,async - register: mount_info - - - name: assert the mount without noauto was successful - assert: - that: - - mount_info['opts'] == 'rw,user,async,noauto' - - - name: Unmount FS - mount: - path: /tmp/myfs - state: absent - - - name: Remove the test FS - file: - path: '{{ item }}' - state: absent - loop: - - /tmp/myfs.img - - /tmp/myfs when: ansible_system in ('Linux') + block: + - name: Create empty file + community.general.filesize: + path: /tmp/myfs.img + size: 20M + + - name: Format FS + community.general.filesystem: + fstype: ext3 + dev: /tmp/myfs.img + + - name: Mount the FS with noauto option + ansible.posix.mount: + path: /tmp/myfs + src: /tmp/myfs.img + fstype: ext3 + state: mounted + boot: false + opts: rw,user,async + register: mount_info + + - name: Assert the mount without noauto was successful + ansible.builtin.assert: + that: + - mount_info['opts'] == 'rw,user,async,noauto' + + - name: Unmount FS + ansible.posix.mount: + path: /tmp/myfs + state: absent + + - name: Remove the test FS + ansible.builtin.file: + path: '{{ item }}' + state: absent + loop: + - /tmp/myfs.img + - /tmp/myfs - name: Block to test missing newline at the EOF of fstab - block: - - name: Create empty file - community.general.filesize: - path: /tmp/myfs1.img - size: 20M - - name: Format FS - community.general.filesystem: - fstype: ext3 - dev: /tmp/myfs1.img - - name: Create custom fstab file without newline - copy: - content: '#TEST COMMENT WITHOUT NEWLINE' - dest: /tmp/test_fstab - - name: Mount the FS using the custom fstab - mount: - path: /tmp/myfs1 - src: /tmp/myfs1.img - fstype: ext3 - state: mounted - opts: defaults - fstab: /tmp/test_fstab - - name: Unmount the mount point in the custom fstab - mount: - path: /tmp/myfs1 - state: absent - fstab: /tmp/test_fstab - - name: Remove the test FS and the custom fstab - file: - path: '{{ item }}' - state: absent - loop: - - /tmp/myfs1.img - - /tmp/myfs1 - - /tmp/test_fstab when: ansible_system in ('Linux') + block: + - name: Create empty file + community.general.filesize: + path: /tmp/myfs1.img + size: 20M + - name: Format FS + community.general.filesystem: + fstype: ext3 + dev: /tmp/myfs1.img + - name: Create custom fstab file without newline + ansible.builtin.copy: + content: '#TEST COMMENT WITHOUT NEWLINE' + dest: /tmp/test_fstab + mode: "0644" + - name: Mount the FS using the custom fstab + ansible.posix.mount: + path: /tmp/myfs1 + src: /tmp/myfs1.img + fstype: ext3 + state: mounted + opts: defaults + fstab: /tmp/test_fstab + - name: Unmount the mount point in the custom fstab + ansible.posix.mount: + path: /tmp/myfs1 + state: absent + fstab: /tmp/test_fstab + - name: Remove the test FS and the custom fstab + ansible.builtin.file: + path: '{{ item }}' + state: absent + loop: + - /tmp/myfs1.img + - /tmp/myfs1 + - /tmp/test_fstab - name: Block to test ephemeral option environment: PATH: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin + when: ansible_system in ('Linux', 'SunOS', 'FreeBSD', 'NetBSD', 'OpenBSD') block: - - name: Create empty file A - community.general.filesize: - path: /tmp/myfs_A.img - size: 20M + - name: Create empty file A + community.general.filesize: + path: /tmp/myfs_A.img + size: 20M - - name: Create empty file B - community.general.filesize: - path: /tmp/myfs_B.img - size: 20M + - name: Create empty file B + community.general.filesize: + path: /tmp/myfs_B.img + size: 20M - - name: Register facts on Linux - ansible.builtin.set_fact: - ephemeral_device_A: /tmp/myfs_A.img - ephemeral_device_B: /tmp/myfs_B.img - ephemeral_fstype: ext3 - ephemeral_fstab: /etc/fstab - when: ansible_system == 'Linux' + ##### FORMAT FS ON LINUX - - name: Register facts on Solaris/SunOS - ansible.builtin.set_fact: - ephemeral_device_A: /dev/lofi/1 - ephemeral_device_B: /dev/lofi/2 - ephemeral_create_loop_dev_cmd: > - lofiadm -a /tmp/myfs_A.img /dev/lofi/1 && - lofiadm -a /tmp/myfs_B.img /dev/lofi/2 - ephemeral_remove_loop_dev_cmd: > - lofiadm -d /dev/lofi/1 && - lofiadm -d /dev/lofi/2 || true - ephemeral_fstype: ufs - ephemeral_fstab: /etc/vfstab - when: ansible_system == 'SunOS' + - name: Block to format FS on Linux + when: ansible_system == 'Linux' + block: + - name: Format FS A on Linux + community.general.filesystem: + fstype: ext3 + dev: /tmp/myfs_A.img - - name: Register facts on FreeBSD - ansible.builtin.set_fact: - ephemeral_device_A: /dev/md1 - ephemeral_device_B: /dev/md2 - ephemeral_create_loop_dev_cmd: > - mdconfig -a -t vnode -f /tmp/myfs_A.img -u /dev/md1 && - mdconfig -a -t vnode -f /tmp/myfs_B.img -u /dev/md2 - ephemeral_remove_loop_dev_cmd: > - mdconfig -d -u /dev/md1 && - mdconfig -d -u /dev/md2 - ephemeral_fstype: ufs - ephemeral_fstab: /etc/fstab - when: ansible_system == 'FreeBSD' + - name: Format FS B on Linux + community.general.filesystem: + fstype: ext3 + dev: /tmp/myfs_B.img - - name: Register facts on NetBSD - ansible.builtin.set_fact: - ephemeral_device_A: /dev/vnd1 - ephemeral_device_B: /dev/vnd2 - ephemeral_create_loop_dev_cmd: > - vnconfig /dev/vnd1 /tmp/myfs_A.img && - vnconfig /dev/vnd2 /tmp/myfs_B.img - ephemeral_remove_loop_dev_cmd: > - vnconfig -u /dev/vnd1 && - vnconfig -u /dev/vnd2 - ephemeral_fstype: ufs - ephemeral_fstab: /etc/fstab - when: ansible_system == 'NetBSD' + ##### FORMAT FS ON SOLARIS AND BSD - - name: Register format fs command on Non-Linux and Non-OpenBSD - ansible.builtin.set_fact: - ephemeral_format_fs_cmd: > - yes | newfs {{ ephemeral_device_A }} && - yes | newfs {{ ephemeral_device_B }} - when: ansible_system in ('SunOS', 'FreeBSD', 'NetBSD') + - name: Create loop devices on Solaris and BSD + ansible.builtin.shell: + cmd: "set -o pipefail && {{ ephemeral_create_loop_dev_cmd }}" + executable: "{{ shell_executable }}" + changed_when: true + when: ephemeral_create_loop_dev_cmd is defined - - name: Register facts on OpenBSD - ansible.builtin.set_fact: - ephemeral_device_A: /dev/vnd1c - ephemeral_device_B: /dev/vnd2c - ephemeral_create_loop_dev_cmd: > - vnconfig vnd1 /tmp/myfs_A.img && - vnconfig vnd2 /tmp/myfs_B.img - ephemeral_remove_loop_dev_cmd: > - vnconfig -u vnd1 && - vnconfig -u vnd2 - ephemeral_format_fs_cmd: > - yes | newfs /dev/rvnd1c && - yes | newfs /dev/rvnd2c - ephemeral_fstype: ffs - ephemeral_fstab: /etc/fstab - when: ansible_system == 'OpenBSD' + - name: Format FS A and B on Solaris and BSD + ansible.builtin.shell: + cmd: "set -o pipefail && {{ ephemeral_format_fs_cmd }}" + executable: "{{ shell_executable }}" + changed_when: true + when: ephemeral_format_fs_cmd is defined -##### FORMAT FS ON LINUX + ##### TESTS - - name: Block to format FS on Linux - block: - - name: Format FS A on Linux - community.general.filesystem: - fstype: ext3 - dev: /tmp/myfs_A.img + - name: Create fstab if it does not exist + ansible.builtin.file: + path: "{{ ephemeral_fstab }}" + state: touch + mode: '0644' - - name: Format FS B on Linux - community.general.filesystem: - fstype: ext3 - dev: /tmp/myfs_B.img - when: ansible_system == 'Linux' + - name: Get checksum of /etc/fstab before mounting anything + ansible.builtin.stat: + path: '{{ ephemeral_fstab }}' + register: fstab_stat_before_mount -##### FORMAT FS ON SOLARIS AND BSD + - name: Mount the FS A with ephemeral state + ansible.posix.mount: + path: /tmp/myfs + src: '{{ ephemeral_device_a }}' + fstype: '{{ ephemeral_fstype }}' + opts: rw + state: ephemeral + register: ephemeral_mount_info - - name: Create loop devices on Solaris and BSD - ansible.builtin.shell: "{{ ephemeral_create_loop_dev_cmd }}" - when: ephemeral_create_loop_dev_cmd is defined + - name: Put something in the directory so we can do additional checks later on + ansible.builtin.copy: + content: 'Testing' + dest: /tmp/myfs/test_file + mode: '0644' - - name: Format FS A and B on Solaris and BSD - ansible.builtin.shell: "{{ ephemeral_format_fs_cmd }}" - when: ephemeral_format_fs_cmd is defined + - name: Get checksum of /etc/fstab after an ephemeral mount + ansible.builtin.stat: + path: '{{ ephemeral_fstab }}' + register: fstab_stat_after_mount -##### TESTS + - name: Get mountinfo + ansible.builtin.shell: + cmd: grep -c '/tmp/myfs' <(mount -v) + executable: "{{ shell_executable }}" + register: check_mountinfo + failed_when: false + changed_when: false - - name: Create fstab if it does not exist - ansible.builtin.file: - path: "{{ ephemeral_fstab }}" - state: touch + - name: Assert the mount occured and the fstab is unchanged + ansible.builtin.assert: + that: + - check_mountinfo.stdout|int == 1 + - ephemeral_mount_info['changed'] + - fstab_stat_before_mount['stat']['checksum'] == fstab_stat_after_mount['stat']['checksum'] - - name: Get checksum of /etc/fstab before mounting anything - stat: - path: '{{ ephemeral_fstab }}' - register: fstab_stat_before_mount + - name: Get first mount record + ansible.builtin.shell: + cmd: grep '/tmp/myfs' <(mount -v) + executable: "{{ shell_executable }}" + register: ephemeral_mount_record_1 + changed_when: false - - name: Mount the FS A with ephemeral state - mount: - path: /tmp/myfs - src: '{{ ephemeral_device_A }}' - fstype: '{{ ephemeral_fstype }}' - opts: rw - state: ephemeral - register: ephemeral_mount_info + - name: Try to mount FS A where FS A is already mounted (should trigger remount and changed) + ansible.posix.mount: + path: /tmp/myfs + src: '{{ ephemeral_device_a }}' + fstype: '{{ ephemeral_fstype }}' + opts: ro + state: ephemeral + register: ephemeral_mount_info - - name: Put something in the directory so we can do additional checks later on - copy: - content: 'Testing' - dest: /tmp/myfs/test_file + - name: Get second mount record (should be different than the first) + ansible.builtin.shell: + cmd: grep '/tmp/myfs' <(mount -v) + executable: "{{ shell_executable }}" + register: ephemeral_mount_record_2 + changed_when: false - - name: Get checksum of /etc/fstab after an ephemeral mount - stat: - path: '{{ ephemeral_fstab }}' - register: fstab_stat_after_mount + - name: Get mountinfo + ansible.builtin.shell: + cmd: grep -c '/tmp/myfs' <(mount -v) + executable: "{{ shell_executable }}" + failed_when: false + register: check_mountinfo + changed_when: false - - name: Get mountinfo - shell: mount -v | awk '{print $3}' | grep '^/tmp/myfs$' | wc -l - register: check_mountinfo - changed_when: no + - name: Assert the FS A is still mounted, the options changed and the fstab unchanged + ansible.builtin.assert: + that: + - check_mountinfo.stdout|int == 1 + - ephemeral_mount_record_1.stdout != ephemeral_mount_record_2.stdout + - ephemeral_mount_info['changed'] + - fstab_stat_before_mount['stat']['checksum'] == fstab_stat_after_mount['stat']['checksum'] - - name: Assert the mount occured and the fstab is unchanged - assert: - that: - - check_mountinfo.stdout|int == 1 - - ephemeral_mount_info['changed'] - - fstab_stat_before_mount['stat']['checksum'] == fstab_stat_after_mount['stat']['checksum'] + - name: Try to mount file B on file A mountpoint (should fail) + ansible.posix.mount: + path: /tmp/myfs + src: '{{ ephemeral_device_b }}' + fstype: '{{ ephemeral_fstype }}' + state: ephemeral + register: ephemeral_mount_b_info + ignore_errors: true - - name: Get first mount record - shell: mount -v | grep '/tmp/myfs' - register: ephemeral_mount_record_1 - changed_when: no + - name: Get third mount record (should be the same than the second) + ansible.builtin.shell: + cmd: grep '/tmp/myfs' <(mount -v) + executable: "{{ shell_executable }}" + register: ephemeral_mount_record_3 + changed_when: false - - name: Try to mount FS A where FS A is already mounted (should trigger remount and changed) - mount: - path: /tmp/myfs - src: '{{ ephemeral_device_A }}' - fstype: '{{ ephemeral_fstype }}' - opts: ro - state: ephemeral - register: ephemeral_mount_info + - name: Get mountinfo + ansible.builtin.shell: + cmd: grep -c '/tmp/myfs' <(mount -v) + executable: "{{ shell_executable }}" + failed_when: false + register: check_mountinfo + changed_when: false - - name: Get second mount record (should be different than the first) - shell: mount -v | grep '/tmp/myfs' - register: ephemeral_mount_record_2 - changed_when: no + - name: Try to stat our test file + ansible.builtin.stat: + path: /tmp/myfs/test_file + register: test_file_stat - - name: Get mountinfo - shell: mount -v | awk '{print $3}' | grep '^/tmp/myfs$' | wc -l - register: check_mountinfo - changed_when: no + - name: Assert that mounting FS B over FS A failed + ansible.builtin.assert: + that: + - check_mountinfo.stdout|int == 1 + - ephemeral_mount_record_2.stdout == ephemeral_mount_record_3.stdout + - test_file_stat['stat']['exists'] + - ephemeral_mount_b_info is failed - - name: Assert the FS A is still mounted, the options changed and the fstab unchanged - assert: - that: - - check_mountinfo.stdout|int == 1 - - ephemeral_mount_record_1.stdout != ephemeral_mount_record_2.stdout - - ephemeral_mount_info['changed'] - - fstab_stat_before_mount['stat']['checksum'] == fstab_stat_after_mount['stat']['checksum'] + - name: Unmount FS with state = unmounted + ansible.posix.mount: + path: /tmp/myfs + state: unmounted - - name: Try to mount file B on file A mountpoint (should fail) - mount: - path: /tmp/myfs - src: '{{ ephemeral_device_B }}' - fstype: '{{ ephemeral_fstype }}' - state: ephemeral - register: ephemeral_mount_b_info - ignore_errors: true + - name: Get fstab checksum after unmounting an ephemeral mount with state = unmounted + ansible.builtin.stat: + path: '{{ ephemeral_fstab }}' + register: fstab_stat_after_unmount - - name: Get third mount record (should be the same than the second) - shell: mount -v | grep '/tmp/myfs' - register: ephemeral_mount_record_3 - changed_when: no + - name: Get mountinfo + ansible.builtin.shell: + cmd: grep -c '/tmp/myfs' <(mount -v) + executable: "{{ shell_executable }}" + register: check_mountinfo + failed_when: false + changed_when: false - - name: Get mountinfo - shell: mount -v | awk '{print $3}' | grep '^/tmp/myfs$' | wc -l - register: check_mountinfo - changed_when: no + - name: Try to stat our test file + ansible.builtin.stat: + path: /tmp/myfs/test_file + register: test_file_stat - - name: Try to stat our test file - stat: - path: /tmp/myfs/test_file - register: test_file_stat - - - name: Assert that mounting FS B over FS A failed - assert: - that: - - check_mountinfo.stdout|int == 1 - - ephemeral_mount_record_2.stdout == ephemeral_mount_record_3.stdout - - test_file_stat['stat']['exists'] - - ephemeral_mount_b_info is failed - - - name: Unmount FS with state = unmounted - mount: - path: /tmp/myfs - state: unmounted - - - name: Get fstab checksum after unmounting an ephemeral mount with state = unmounted - stat: - path: '{{ ephemeral_fstab }}' - register: fstab_stat_after_unmount - - - name: Get mountinfo - shell: mount -v | awk '{print $3}' | grep '^/tmp/myfs$' | wc -l - register: check_mountinfo - changed_when: no - - - name: Try to stat our test file - stat: - path: /tmp/myfs/test_file - register: test_file_stat - - - name: Assert that fstab is unchanged after unmounting an ephemeral mount with state = unmounted - assert: - that: - - check_mountinfo.stdout|int == 0 - - not test_file_stat['stat']['exists'] - - fstab_stat_before_mount['stat']['checksum'] == fstab_stat_after_unmount['stat']['checksum'] + - name: Assert that fstab is unchanged after unmounting an ephemeral mount with state = unmounted + ansible.builtin.assert: + that: + - check_mountinfo.stdout|int == 0 + - not test_file_stat['stat']['exists'] + - fstab_stat_before_mount['stat']['checksum'] == fstab_stat_after_unmount['stat']['checksum'] always: - name: Unmount potential failure relicas - mount: + ansible.posix.mount: path: /tmp/myfs state: unmounted - name: Remove loop devices on Solaris and BSD - ansible.builtin.shell: "{{ ephemeral_remove_loop_dev_cmd }}" + ansible.builtin.shell: + cmd: "set -o pipefail && {{ ephemeral_remove_loop_dev_cmd }}" + executable: "{{ shell_executable }}" + changed_when: true when: ephemeral_remove_loop_dev_cmd is defined - name: Remove the test FS - file: + ansible.builtin.file: path: '{{ item }}' state: absent loop: - /tmp/myfs_A.img - /tmp/myfs_B.img - /tmp/myfs - when: ansible_system in ('Linux', 'SunOS', 'FreeBSD', 'NetBSD', 'OpenBSD') diff --git a/tests/integration/targets/patch/tasks/main.yml b/tests/integration/targets/patch/tasks/main.yml index 0b5f3ee..d29c30c 100644 --- a/tests/integration/targets/patch/tasks/main.yml +++ b/tests/integration/targets/patch/tasks/main.yml @@ -1,124 +1,147 @@ -- name: ensure idempotency installed - package: +--- +- name: Ensure idempotency installed + ansible.builtin.package: name: patch when: ansible_distribution != "MacOSX" -- name: create a directory for the result - file: - dest: '{{ output_dir }}/patch' + +- name: Create a directory for the result + ansible.builtin.file: + dest: "{{ output_dir }}/patch" state: directory + mode: "0755" register: result -- name: assert the directory was created - assert: + +- name: Assert the directory was created + ansible.builtin.assert: that: - - result.state == 'directory' -- name: copy the origin file - copy: + - result.state == 'directory' + +- name: Copy the origin file + ansible.builtin.copy: src: ./origin.txt - dest: '{{ output_dir }}/patch/workfile.txt' + dest: "{{ output_dir }}/patch/workfile.txt" + mode: "0644" register: result -- name: patch the origin file in check mode + +- name: Patch the origin file in check mode check_mode: true register: result - patch: + ansible.posix.patch: src: result.patch - dest: '{{ output_dir }}/patch/workfile.txt' -- name: verify patch the origin file in check mode - assert: + dest: "{{ output_dir }}/patch/workfile.txt" + +- name: Verify patch the origin file in check mode + ansible.builtin.assert: that: - - result is changed -- name: patch the origin file + - result is changed + +- name: Patch the origin file register: result - patch: + ansible.posix.patch: src: result.patch - dest: '{{ output_dir }}/patch/workfile.txt' -- name: verify patch the origin file - assert: + dest: "{{ output_dir }}/patch/workfile.txt" + +- name: Verify patch the origin file + ansible.builtin.assert: that: - - result is changed -- name: test patch the origin file idempotency + - result is changed + +- name: Test patch the origin file idempotency register: result - patch: + ansible.posix.patch: src: result.patch - dest: '{{ output_dir }}/patch/workfile.txt' -- name: verify test patch the origin file idempotency - assert: + dest: "{{ output_dir }}/patch/workfile.txt" +- name: Verify test patch the origin file idempotency + ansible.builtin.assert: that: - - result is not changed -- name: verify the resulted file matches expectations - copy: + - result is not changed + +- name: Verify the resulted file matches expectations + ansible.builtin.copy: src: ./result.txt - dest: '{{ output_dir }}/patch/workfile.txt' + dest: "{{ output_dir }}/patch/workfile.txt" + mode: "0644" register: result failed_when: result is changed -- name: patch the workfile file in check mode state absent + +- name: Patch the workfile file in check mode state absent check_mode: true register: result - patch: + ansible.posix.patch: src: result.patch - dest: '{{ output_dir }}/patch/workfile.txt' + dest: "{{ output_dir }}/patch/workfile.txt" state: absent -- name: verify patch the workfile file in check mode state absent - assert: + +- name: Verify patch the workfile file in check mode state absent + ansible.builtin.assert: that: - - result is changed -- name: patch the workfile file state absent + - result is changed + +- name: Patch the workfile file state absent register: result - patch: + ansible.posix.patch: src: result.patch - dest: '{{ output_dir }}/patch/workfile.txt' + dest: "{{ output_dir }}/patch/workfile.txt" state: absent -- name: verify patch the workfile file state absent - assert: + +- name: Verify patch the workfile file state absent + ansible.builtin.assert: that: - - result is changed -- name: patch the workfile file state absent idempotency + - result is changed + +- name: Patch the workfile file state absent idempotency register: result - patch: + ansible.posix.patch: src: result.patch - dest: '{{ output_dir }}/patch/workfile.txt' + dest: "{{ output_dir }}/patch/workfile.txt" state: absent -- name: verify patch the workfile file state absent idempotency - assert: + +- name: Verify patch the workfile file state absent idempotency + ansible.builtin.assert: that: - - result is not changed -- name: verify the resulted file matches expectations - copy: + - result is not changed + +- name: Verify the resulted file matches expectations + ansible.builtin.copy: src: ./origin.txt - dest: '{{ output_dir }}/patch/workfile.txt' + dest: "{{ output_dir }}/patch/workfile.txt" + mode: "0644" register: result failed_when: result is changed -- name: copy the origin file whitespace - copy: +- name: Copy the origin file whitespace + ansible.builtin.copy: src: ./origin.txt - dest: '{{ output_dir }}/patch/workfile_whitespace.txt' + dest: "{{ output_dir }}/patch/workfile_whitespace.txt" + mode: "0644" register: result -- name: patch the origin file +- name: Patch the origin file register: result - patch: + ansible.posix.patch: src: result_whitespace.patch - dest: '{{ output_dir }}/patch/workfile_whitespace.txt' - ignore_whitespace: yes -- name: verify patch the origin file - assert: + dest: "{{ output_dir }}/patch/workfile_whitespace.txt" + ignore_whitespace: true +- name: Verify patch the origin file + ansible.builtin.assert: that: - - result is changed + - result is changed -- name: test patch the origin file idempotency +- name: Test patch the origin file idempotency register: result - patch: + ansible.posix.patch: src: result_whitespace.patch - dest: '{{ output_dir }}/patch/workfile_whitespace.txt' - ignore_whitespace: yes -- name: verify test patch the origin file idempotency - assert: + dest: "{{ output_dir }}/patch/workfile_whitespace.txt" + ignore_whitespace: true +- name: Verify test patch the origin file idempotency + ansible.builtin.assert: that: - - result is not changed + - result is not changed -- name: verify the resulted file matches expectations - copy: +- name: Verify the resulted file matches expectations + ansible.builtin.copy: src: ./result_whitespace.txt - dest: '{{ output_dir }}/patch/workfile_whitespace.txt' + dest: "{{ output_dir }}/patch/workfile_whitespace.txt" + mode: "0644" register: result failed_when: result is changed diff --git a/tests/integration/targets/seboolean/tasks/main.yml b/tests/integration/targets/seboolean/tasks/main.yml index c8a5ffe..4aad585 100644 --- a/tests/integration/targets/seboolean/tasks/main.yml +++ b/tests/integration/targets/seboolean/tasks/main.yml @@ -1,3 +1,4 @@ +--- # (c) 2017, Martin Krizek # This file is part of Ansible @@ -15,8 +16,9 @@ # You should have received a copy of the GNU General Public License # along with Ansible. If not, see . -- include_tasks: seboolean.yml +- name: Include_tasks for when SELinux is enabled + ansible.builtin.include_tasks: seboolean.yml when: - ansible_selinux is defined - - ansible_selinux != False + - ansible_selinux - ansible_selinux.status == 'enabled' diff --git a/tests/integration/targets/seboolean/tasks/seboolean.yml b/tests/integration/targets/seboolean/tasks/seboolean.yml index 252ee3d..dbd747b 100644 --- a/tests/integration/targets/seboolean/tasks/seboolean.yml +++ b/tests/integration/targets/seboolean/tasks/seboolean.yml @@ -1,3 +1,4 @@ +--- # (c) 2017, Martin Krizek # This file is part of Ansible @@ -15,69 +16,89 @@ # You should have received a copy of the GNU General Public License # along with Ansible. If not, see . -- name: install requirements for RHEL 7 and earlier - package: +- name: Install requirements for RHEL 7 and earlier + ansible.builtin.package: name: policycoreutils-python when: - ansible_distribution == 'RedHat' and ansible_distribution_major_version is version('7', '<=') -- name: install requirements for RHEL 8 and later - package: +- name: Install requirements for RHEL 8 and later + ansible.builtin.package: name: policycoreutils-python-utils when: - ansible_distribution == 'RedHat' and ansible_distribution_major_version is version('8', '>=') +- name: Get getsebool output preflight + ansible.builtin.shell: + cmd: set -o pipefail && semanage boolean -l | grep 'httpd_can_network_connect\W' + executable: /bin/bash + changed_when: false + register: getsebool_output_preflight + - name: Cleanup - shell: setsebool -P httpd_can_network_connect 0 -########################################################################################## -- name: set flag and don't keep it persistent - seboolean: + ansible.builtin.shell: + cmd: set -o pipefail && setsebool -P httpd_can_network_connect 0 + executable: /bin/bash + changed_when: getsebool_output_preflight.stdout.startswith('httpd_can_network_connect --> on') + +- name: Set flag and don't keep it persistent + ansible.posix.seboolean: name: httpd_can_network_connect - state: yes + state: true register: output -- name: get getsebool output - shell: semanage boolean -l | grep 'httpd_can_network_connect\W' +- name: Get getsebool output + ansible.builtin.shell: + cmd: set -o pipefail && semanage boolean -l | grep 'httpd_can_network_connect\W' + executable: /bin/bash + changed_when: false register: getsebool_output -- name: check output - assert: +- name: Check output + ansible.builtin.assert: that: - output is changed - output is not failed - output.name == 'httpd_can_network_connect' - getsebool_output.stdout.startswith('httpd_can_network_connect (on , off)') ########################################################################################## -- name: unset flag - seboolean: +- name: Unset flag + ansible.posix.seboolean: name: httpd_can_network_connect - state: no + state: false -- name: get getsebool output - shell: semanage boolean -l | grep 'httpd_can_network_connect\W' +- name: Get getsebool output + ansible.builtin.shell: + cmd: set -o pipefail && semanage boolean -l | grep 'httpd_can_network_connect\W' + executable: /bin/bash + changed_when: false register: getsebool_output -- name: check output - assert: +- name: Check output + ansible.builtin.assert: that: - output is changed - output is not failed - output.name == 'httpd_can_network_connect' - getsebool_output.stdout.startswith('httpd_can_network_connect (off , off)') + ########################################################################################## -- name: set flag and keep it persistent - seboolean: +- name: Set flag and keep it persistent + ansible.posix.seboolean: name: httpd_can_network_connect - state: yes - persistent: yes + state: true + persistent: true register: output -- name: get getsebool output - shell: semanage boolean -l | grep 'httpd_can_network_connect\W' +- name: Get getsebool output + ansible.builtin.shell: + cmd: set -o pipefail && semanage boolean -l | grep 'httpd_can_network_connect\W' + executable: /bin/bash + changed_when: false register: getsebool_output -- name: check output - assert: +- name: Check output + ansible.builtin.assert: that: - output is changed - output is not failed diff --git a/tests/integration/targets/selinux/tasks/main.yml b/tests/integration/targets/selinux/tasks/main.yml index a5fed6b..8d8db05 100644 --- a/tests/integration/targets/selinux/tasks/main.yml +++ b/tests/integration/targets/selinux/tasks/main.yml @@ -1,3 +1,4 @@ +--- # (c) 2017, Sam Doran # This file is part of Ansible @@ -15,22 +16,26 @@ # You should have received a copy of the GNU General Public License # along with Ansible. If not, see . -- debug: +- name: Debug message for when SELinux is disabled + ansible.builtin.debug: msg: SELinux is disabled - when: ansible_selinux is defined and ansible_selinux == False + when: ansible_selinux is defined and not ansible_selinux -- debug: +- name: Debug message for when SELinux is enabled and not disabled + ansible.builtin.debug: msg: SELinux is {{ ansible_selinux.status }} - when: ansible_selinux is defined and ansible_selinux != False + when: ansible_selinux is defined and ansible_selinux -- include_tasks: selinux.yml +- name: Include_tasks for when SELinux is enabled + ansible.builtin.include_tasks: selinux.yml when: - ansible_selinux is defined - - ansible_selinux != False + - ansible_selinux - ansible_selinux.status == 'enabled' -- include_tasks: selogin.yml +- name: Include tasks for selogin when SELinux is enabled + ansible.builtin.include_tasks: selogin.yml when: - ansible_selinux is defined - - ansible_selinux != False + - ansible_selinux - ansible_selinux.status == 'enabled' diff --git a/tests/integration/targets/selinux/tasks/selinux.yml b/tests/integration/targets/selinux/tasks/selinux.yml index d936ec6..b9cfb20 100644 --- a/tests/integration/targets/selinux/tasks/selinux.yml +++ b/tests/integration/targets/selinux/tasks/selinux.yml @@ -1,3 +1,4 @@ +--- # (c) 2017, Sam Doran # This file is part of Ansible @@ -14,67 +15,67 @@ # # You should have received a copy of the GNU General Public License # along with Ansible. If not, see . - - # First Test # ############################################################################## # Test changing the state, which requires a reboot - name: TEST 1 | Make sure grubby is present - package: + ansible.builtin.package: name: grubby state: present - name: TEST 1 | Get current SELinux config file contents - slurp: + ansible.builtin.slurp: src: /etc/sysconfig/selinux register: selinux_config_original_base64 - name: TEST 1 | Register SELinux config and SELinux status - set_fact: + ansible.builtin.set_fact: selinux_config_original_raw: "{{ selinux_config_original_base64.content | b64decode }}" before_test_sestatus: "{{ ansible_selinux }}" - name: TEST 1 | Split by line and register original config - set_fact: + ansible.builtin.set_fact: selinux_config_original: "{{ selinux_config_original_raw.split('\n') }}" -- debug: +- name: TEST 1 | Debug selinux_config_original, before_test_sestatus, and ansible_selinux + ansible.builtin.debug: var: "{{ item }}" verbosity: 1 - with_items: + loop: - selinux_config_original - before_test_sestatus - ansible_selinux - name: TEST 1 | Setup SELinux configuration for tests - selinux: + ansible.posix.selinux: state: enforcing policy: targeted - name: TEST 1 | Disable SELinux - selinux: + ansible.posix.selinux: state: disabled policy: targeted register: _disable_test1 -- debug: +- name: TEST 1 | Debug _disable_test1 + ansible.builtin.debug: var: _disable_test1 verbosity: 1 - name: Before gathering the fact - debug: + ansible.builtin.debug: msg: "{{ ansible_selinux }}" - name: TEST 1 | Re-gather facts - setup: + ansible.builtin.setup: - name: After gathering the fact - debug: + ansible.builtin.debug: msg: "{{ ansible_selinux }}" - name: TEST 1 | Assert that status was changed, reboot_required is True, a warning was displayed, and SELinux is configured properly - assert: + ansible.builtin.assert: that: - _disable_test1 is changed - _disable_test1.reboot_required @@ -82,53 +83,56 @@ - ansible_selinux.config_mode == 'disabled' - ansible_selinux.type == 'targeted' -- debug: +- name: TEST 1 | Debug ansible_selinux + ansible.builtin.debug: var: ansible_selinux verbosity: 1 - name: TEST 1 | Disable SELinux again - selinux: + ansible.posix.selinux: state: disabled policy: targeted register: _disable_test2 -- debug: +- name: Test 1 | Debug _disable_test2 + ansible.builtin.debug: var: _disable_test2 verbosity: 1 - name: TEST 1 | Assert that no change is reported, a warning was displayed, and reboot_required is True - assert: + ansible.builtin.assert: that: - _disable_test2 is not changed - (_disable_test1.warnings | length ) >= 1 - _disable_test2.reboot_required - name: TEST 1 | Get modified config file - slurp: + ansible.builtin.slurp: src: /etc/sysconfig/selinux register: selinux_config_after_base64 - name: TEST 1 | Register modified config - set_fact: + ansible.builtin.set_fact: selinux_config_after_raw: "{{ selinux_config_after_base64.content | b64decode }}" - name: TEST 1 | Split by line and register modified config - set_fact: + ansible.builtin.set_fact: selinux_config_after: "{{ selinux_config_after_raw.split('\n') }}" -- debug: +- name: TEST 1 | Debug selinux_config_after + ansible.builtin.debug: var: selinux_config_after verbosity: 1 - name: TEST 1 | Ensure SELinux config file is properly formatted - assert: + ansible.builtin.assert: that: - selinux_config_original | length == selinux_config_after | length - selinux_config_after[selinux_config_after.index('SELINUX=disabled')] is search("^SELINUX=\w+$") - selinux_config_after[selinux_config_after.index('SELINUXTYPE=targeted')] is search("^SELINUXTYPE=\w+$") - name: TEST 1 | Disable SELinux again, with kernel arguments update - selinux: + ansible.posix.selinux: state: disabled policy: targeted update_kernel_param: true @@ -136,72 +140,76 @@ - name: Check kernel command-line arguments ansible.builtin.command: grubby --info=DEFAULT + changed_when: false register: _grubby_test1 - name: TEST 1 | Assert that kernel cmdline contains selinux=0 - assert: + ansible.builtin.assert: that: - "' selinux=0' in _grubby_test1.stdout" - name: TEST 1 | Enable SELinux, without kernel arguments update - selinux: + ansible.posix.selinux: state: disabled policy: targeted register: _disable_test2 - name: Check kernel command-line arguments ansible.builtin.command: grubby --info=DEFAULT + changed_when: false register: _grubby_test1 - name: TEST 1 | Assert that kernel cmdline still contains selinux=0 - assert: + ansible.builtin.assert: that: - "' selinux=0' in _grubby_test1.stdout" - name: TEST 1 | Reset SELinux configuration for next test (also kernel args) - selinux: + ansible.posix.selinux: state: enforcing update_kernel_param: true policy: targeted - name: Check kernel command-line arguments ansible.builtin.command: grubby --info=DEFAULT + changed_when: false register: _grubby_test2 - name: TEST 1 | Assert that kernel cmdline doesn't contain selinux=0 - assert: + ansible.builtin.assert: that: - "' selinux=0' not in _grubby_test2.stdout" - # Second Test # ############################################################################## # Test changing only the policy, which does not require a reboot - name: TEST 2 | Make sure the policy is present - package: + ansible.builtin.package: name: selinux-policy-mls state: present - name: TEST 2 | Set SELinux policy - selinux: + ansible.posix.selinux: state: enforcing policy: mls register: _state_test1 -- debug: +- name: TEST 2 | Debug _state_test1 + ansible.builtin.debug: var: _state_test1 verbosity: 1 - name: TEST 2 | Re-gather facts - setup: + ansible.builtin.setup: -- debug: +- name: TEST 2 | Debug ansible_selinux + ansible.builtin.debug: var: ansible_selinux tags: debug - name: TEST 2 | Assert that status was changed, reboot_required is False, no warnings were displayed, and SELinux is configured properly - assert: + ansible.builtin.assert: that: - _state_test1 is changed - not _state_test1.reboot_required @@ -210,76 +218,79 @@ - ansible_selinux.type == 'mls' - name: TEST 2 | Set SELinux policy again - selinux: + ansible.posix.selinux: state: enforcing policy: mls register: _state_test2 -- debug: +- name: TEST 2 | Debug _state_test2 + ansible.builtin.debug: var: _state_test2 verbosity: 1 - name: TEST 2 | Assert that no change was reported, no warnings were displayed, and reboot_required is False - assert: + ansible.builtin.assert: that: - _state_test2 is not changed - _state_test2.warnings is not defined - not _state_test2.reboot_required - name: TEST 2 | Get modified config file - slurp: + ansible.builtin.slurp: src: /etc/sysconfig/selinux register: selinux_config_after_base64 - name: TEST 2 | Register modified config - set_fact: + ansible.builtin.set_fact: selinux_config_after_raw: "{{ selinux_config_after_base64.content | b64decode }}" - name: TEST 2 | Split by line and register modified config - set_fact: + ansible.builtin.set_fact: selinux_config_after: "{{ selinux_config_after_raw.split('\n') }}" -- debug: +- name: TEST 2 | Debug selinux_config_after + ansible.builtin.debug: var: selinux_config_after verbosity: 1 - name: TEST 2 | Ensure SELinux config file is properly formatted - assert: + ansible.builtin.assert: that: - selinux_config_original | length == selinux_config_after | length - selinux_config_after[selinux_config_after.index('SELINUX=enforcing')] is search("^SELINUX=\w+$") - selinux_config_after[selinux_config_after.index('SELINUXTYPE=mls')] is search("^SELINUXTYPE=\w+$") - name: TEST 2 | Reset SELinux configuration for next test - selinux: + ansible.posix.selinux: state: enforcing policy: targeted - # Third Test # ############################################################################## # Test changing non-existing policy - name: TEST 3 | Set SELinux policy - selinux: + ansible.posix.selinux: state: enforcing policy: non-existing-selinux-policy register: _state_test1 - ignore_errors: yes + ignore_errors: true -- debug: +- name: TEST 3 | Debug _state_test1 + ansible.builtin.debug: var: _state_test1 verbosity: 1 - name: TEST 3 | Re-gather facts - setup: + ansible.builtin.setup: -- debug: +- name: TEST3 | Debug ansible_selinux + ansible.builtin.debug: var: ansible_selinux tags: debug - name: TEST 3 | Assert that status was not changed, the task failed, the msg contains proper information and SELinux was not changed - assert: + ansible.builtin.assert: that: - _state_test1 is not changed - _state_test1 is failed @@ -287,40 +298,40 @@ - ansible_selinux.config_mode == 'enforcing' - ansible_selinux.type == 'targeted' - # Fourth Test # ############################################################################## # Test if check mode returns correct changed values and # doesn't make any changes - - name: TEST 4 | Set SELinux to enforcing - selinux: + ansible.posix.selinux: state: enforcing policy: targeted register: _check_mode_test1 -- debug: +- name: TEST 4 | Debug _check_mode_test1 + ansible.builtin.debug: var: _check_mode_test1 verbosity: 1 - name: TEST 4 | Set SELinux to enforcing in check mode - selinux: + ansible.posix.selinux: state: enforcing policy: targeted register: _check_mode_test1 - check_mode: yes + check_mode: true - name: TEST 4 | Re-gather facts - setup: + ansible.builtin.setup: -- debug: +- name: TEST 4| Debug ansible_selinux + ansible.builtin.debug: var: ansible_selinux verbosity: 1 tags: debug - name: TEST 4 | Assert that check mode is idempotent - assert: + ansible.builtin.assert: that: - _check_mode_test1 is success - not _check_mode_test1.reboot_required @@ -328,22 +339,23 @@ - ansible_selinux.type == 'targeted' - name: TEST 4 | Set SELinux to permissive in check mode - selinux: + ansible.posix.selinux: state: permissive policy: targeted register: _check_mode_test2 - check_mode: yes + check_mode: true - name: TEST 4 | Re-gather facts - setup: + ansible.builtin.setup: -- debug: +- name: TEST 4 | Debug ansible_selinux + ansible.builtin.debug: var: ansible_selinux verbosity: 1 tags: debug - name: TEST 4 | Assert that check mode doesn't set state permissive and returns changed - assert: + ansible.builtin.assert: that: - _check_mode_test2 is changed - not _check_mode_test2.reboot_required @@ -351,21 +363,22 @@ - ansible_selinux.type == 'targeted' - name: TEST 4 | Disable SELinux in check mode - selinux: + ansible.posix.selinux: state: disabled register: _check_mode_test3 - check_mode: yes + check_mode: true - name: TEST 4 | Re-gather facts - setup: + ansible.builtin.setup: -- debug: +- name: TEST 4 | Debug ansible_selinux + ansible.builtin.debug: var: ansible_selinux verbosity: 1 tags: debug - name: TEST 4 | Assert that check mode didn't change anything, status is changed, reboot_required is True, a warning was displayed - assert: + ansible.builtin.assert: that: - _check_mode_test3 is changed - _check_mode_test3.reboot_required @@ -374,31 +387,33 @@ - ansible_selinux.type == 'targeted' - name: TEST 4 | Set SELinux to permissive - selinux: + ansible.posix.selinux: state: permissive policy: targeted register: _check_mode_test4 -- debug: +- name: TEST 4 | Debug _check_mode_test4 + ansible.builtin.debug: var: _check_mode_test4 verbosity: 1 - name: TEST 4 | Disable SELinux in check mode - selinux: + ansible.posix.selinux: state: disabled register: _check_mode_test4 - check_mode: yes + check_mode: true - name: TEST 4 | Re-gather facts - setup: + ansible.builtin.setup: -- debug: +- name: TEST 4 | Debug ansible_selinux + ansible.builtin.debug: var: ansible_selinux verbosity: 1 tags: debug - name: TEST 4 | Assert that check mode didn't change anything, status is changed, reboot_required is True, a warning was displayed - assert: + ansible.builtin.assert: that: - _check_mode_test4 is changed - _check_mode_test4.reboot_required @@ -407,36 +422,38 @@ - ansible_selinux.type == 'targeted' - name: TEST 4 | Set SELinux to enforcing - selinux: + ansible.posix.selinux: state: enforcing policy: targeted register: _check_mode_test5 -- debug: +- name: TEST 4 | Debug _check_mode_test5 + ansible.builtin.debug: var: _check_mode_test5 verbosity: 1 - name: TEST 4 | Disable SELinux - selinux: + ansible.posix.selinux: state: disabled register: _check_mode_test5 - name: TEST 4 | Disable SELinux in check mode - selinux: + ansible.posix.selinux: state: disabled register: _check_mode_test5 - check_mode: yes + check_mode: true - name: TEST 4 | Re-gather facts - setup: + ansible.builtin.setup: -- debug: +- name: TEST 4 | Debug ansible_selinux + ansible.builtin.debug: var: ansible_selinux verbosity: 1 tags: debug - name: TEST 4 | Assert that in check mode status was not changed, reboot_required is True, a warning was displayed, and SELinux is configured properly - assert: + ansible.builtin.assert: that: - _check_mode_test5 is success - _check_mode_test5.reboot_required @@ -450,32 +467,34 @@ # sure the module re-adds the expected lines - name: TEST 5 | Remove SELINUX key from /etc/selinux/config - lineinfile: + ansible.builtin.lineinfile: path: /etc/selinux/config - regexp: '^SELINUX=' + regexp: ^SELINUX= state: absent - backup: yes + backup: true register: _lineinfile_out1 -- debug: +- name: TEST 5 | Debug _lineinfile_out1 + ansible.builtin.debug: var: _lineinfile_out1 verbosity: 1 - name: TEST 5 | Set SELinux to enforcing - selinux: + ansible.posix.selinux: state: enforcing policy: targeted register: _set_enforcing1 - name: TEST 5 | Re-gather facts - setup: + ansible.builtin.setup: -- debug: +- name: TEST 5 | Debug ansible_selinux + ansible.builtin.debug: var: ansible_selinux verbosity: 1 - name: TEST 5 | Assert that SELINUX key is populated - assert: + ansible.builtin.assert: that: - _set_enforcing1 is success - _set_enforcing1 is changed @@ -483,31 +502,33 @@ - ansible_selinux.config_mode == 'enforcing' - name: TEST 5 | Remove SELINUXTYPE key from /etc/selinux/config - lineinfile: + ansible.builtin.lineinfile: path: /etc/selinux/config - regexp: '^SELINUXTYPE=' + regexp: ^SELINUXTYPE= state: absent register: _lineinfile_out2 -- debug: +- name: TEST 5 | Debug _lineinfile_out2 + ansible.builtin.debug: var: _lineinfile_out2 verbosity: 1 - name: TEST 5 | Set SELinux Policy to targeted - selinux: + ansible.posix.selinux: state: enforcing policy: targeted register: _set_policy2 - name: TEST 5 | Re-gather facts - setup: + ansible.builtin.setup: -- debug: +- name: TEST 5 | Debug ansible_selinux + ansible.builtin.debug: var: ansible_selinux verbosity: 1 - name: TEST 5 | Assert that SELINUXTYPE key is populated - assert: + ansible.builtin.assert: that: - _set_policy2 is success - _set_policy2 is changed @@ -515,7 +536,8 @@ - ansible_selinux.type == 'targeted' - name: TEST 5 | Restore original SELinux config file /etc/selinux/config - copy: + ansible.builtin.copy: dest: /etc/selinux/config src: "{{ _lineinfile_out1['backup'] }}" - remote_src: yes + remote_src: true + mode: "0644" diff --git a/tests/integration/targets/selinux/tasks/selogin.yml b/tests/integration/targets/selinux/tasks/selogin.yml index 6e7b726..c8899da 100644 --- a/tests/integration/targets/selinux/tasks/selogin.yml +++ b/tests/integration/targets/selinux/tasks/selogin.yml @@ -1,70 +1,71 @@ -- name: create user for testing - user: +--- +- name: Create user for testing + ansible.builtin.user: name: seuser -- name: attempt to add mapping without 'seuser' +- name: Attempt to add mapping without 'seuser' register: selogin_error ignore_errors: true community.general.system.selogin: login: seuser -- name: verify failure - assert: +- name: Verify failure + ansible.builtin.assert: that: - - selogin_error is failed -- name: map login to SELinux user + - selogin_error is failed +- name: Map login to SELinux user register: selogin_new_mapping - check_mode: '{{ item }}' + check_mode: "{{ item }}" with_items: - - true - - false - - true - - false + - true + - false + - true + - false community.general.system.selogin: login: seuser seuser: staff_u -- name: new mapping- verify functionality and check_mode - assert: +- name: New mapping- verify functionality and check_mode + ansible.builtin.assert: that: - - selogin_new_mapping.results[0] is changed - - selogin_new_mapping.results[1] is changed - - selogin_new_mapping.results[2] is not changed - - selogin_new_mapping.results[3] is not changed -- name: change SELinux user login mapping + - selogin_new_mapping.results[0] is changed + - selogin_new_mapping.results[1] is changed + - selogin_new_mapping.results[2] is not changed + - selogin_new_mapping.results[3] is not changed +- name: Change SELinux user login mapping register: selogin_mod_mapping - check_mode: '{{ item }}' + check_mode: "{{ item }}" with_items: - - true - - false - - true - - false + - true + - false + - true + - false community.general.system.selogin: login: seuser seuser: user_u -- name: changed mapping- verify functionality and check_mode - assert: +- name: Changed mapping- verify functionality and check_mode + ansible.builtin.assert: that: - - selogin_mod_mapping.results[0] is changed - - selogin_mod_mapping.results[1] is changed - - selogin_mod_mapping.results[2] is not changed - - selogin_mod_mapping.results[3] is not changed -- name: remove SELinux user mapping + - selogin_mod_mapping.results[0] is changed + - selogin_mod_mapping.results[1] is changed + - selogin_mod_mapping.results[2] is not changed + - selogin_mod_mapping.results[3] is not changed +- name: Remove SELinux user mapping register: selogin_del_mapping - check_mode: '{{ item }}' + check_mode: "{{ item }}" with_items: - - true - - false - - true - - false + - true + - false + - true + - false community.general.system.selogin: login: seuser state: absent -- name: delete mapping- verify functionality and check_mode - assert: +- name: Delete mapping- verify functionality and check_mode + ansible.builtin.assert: that: - - selogin_del_mapping.results[0] is changed - - selogin_del_mapping.results[1] is changed - - selogin_del_mapping.results[2] is not changed - - selogin_del_mapping.results[3] is not changed -- name: remove test user - user: + - selogin_del_mapping.results[0] is changed + - selogin_del_mapping.results[1] is changed + - selogin_del_mapping.results[2] is not changed + - selogin_del_mapping.results[3] is not changed +- name: Remove test user + ansible.builtin.user: name: seuser state: absent diff --git a/tests/integration/targets/setup_pkg_mgr/tasks/main.yml b/tests/integration/targets/setup_pkg_mgr/tasks/main.yml index 24d0222..3ec66bb 100644 --- a/tests/integration/targets/setup_pkg_mgr/tasks/main.yml +++ b/tests/integration/targets/setup_pkg_mgr/tasks/main.yml @@ -4,14 +4,16 @@ # and should not be used as examples of how to write Ansible roles # #################################################################### -- set_fact: +- name: Set pkg_mgr and ansible_pkg_mgr on FreeBSD + ansible.builtin.set_fact: pkg_mgr: community.general.pkgng ansible_pkg_mgr: community.general.pkgng - cacheable: yes + cacheable: true when: ansible_os_family == "FreeBSD" -- set_fact: +- name: Set pkg_mgr and ansible_pkg_mgr on Suse + ansible.builtin.set_fact: pkg_mgr: community.general.zypper ansible_pkg_mgr: community.general.zypper - cacheable: yes + cacheable: true when: ansible_os_family == "Suse" diff --git a/tests/integration/targets/synchronize/meta/main.yml b/tests/integration/targets/synchronize/meta/main.yml index 07faa21..8828391 100644 --- a/tests/integration/targets/synchronize/meta/main.yml +++ b/tests/integration/targets/synchronize/meta/main.yml @@ -1,2 +1,3 @@ +--- dependencies: - prepare_tests diff --git a/tests/integration/targets/synchronize/tasks/main.yml b/tests/integration/targets/synchronize/tasks/main.yml index 125a406..d6dcdad 100644 --- a/tests/integration/targets/synchronize/tasks/main.yml +++ b/tests/integration/targets/synchronize/tasks/main.yml @@ -1,310 +1,350 @@ -- name: install rsync - package: +--- +- name: Install rsync + ansible.builtin.package: name: rsync when: ansible_distribution != "MacOSX" -- name: Clean up the working directory and files - file: - path: '{{ output_dir }}' + +- name: Clean up the working disrectory and files + ansible.builtin.file: + path: "{{ output_dir }}" state: absent + - name: Create the working directory - file: - path: '{{ output_dir }}' + ansible.builtin.file: + path: "{{ output_dir }}" state: directory -- name: create test new files - copy: - dest: '{{output_dir}}/{{item}}' - mode: '0644' - content: 'hello world' - with_items: - - foo.txt - - bar.txt + mode: "0755" -- name: synchronize file to new filename - synchronize: - src: '{{output_dir}}/foo.txt' - dest: '{{output_dir}}/foo.result' +- name: Create test new files + ansible.builtin.copy: + dest: "{{ output_dir }}/{{ item }}" + mode: "0644" + content: hello world + loop: + - foo.txt + - bar.txt + +- name: Synchronize file to new filename + ansible.posix.synchronize: + src: "{{ output_dir }}/foo.txt" + dest: "{{ output_dir }}/foo.result" register: sync_result - delegate_to: '{{ inventory_hostname }}' -- assert: - that: - - '''changed'' in sync_result' - - sync_result.changed == true - - '''cmd'' in sync_result' - - '''rsync'' in sync_result.cmd' - - '''msg'' in sync_result' - - sync_result.msg.startswith('>f+') - - 'sync_result.msg.endswith(''+ foo.txt + delegate_to: "{{ inventory_hostname }}" - '')' -- name: test that the file was really copied over - stat: - path: '{{ output_dir }}/foo.result' +- name: Check that the file was copied over correctly + ansible.builtin.assert: + that: + - "'changed' in sync_result" + - sync_result.changed == true + - "'cmd' in sync_result" + - "'rsync' in sync_result.cmd" + - "'msg' in sync_result" + - sync_result.msg.startswith('>f+') + - "sync_result.msg.endswith('+ foo.txt\n')" + +- name: Test that the file was really copied over + ansible.builtin.stat: + path: "{{ output_dir }}/foo.result" register: stat_result -- assert: - that: - - stat_result.stat.exists == True - - stat_result.stat.checksum == '2aae6c35c94fcfb415dbe95f408b9ce91ee846ed' -- name: test that the file is not copied a second time - synchronize: - src='{{output_dir}}/foo.txt' - dest='{{output_dir}}/foo.result' - register: sync_result - delegate_to: '{{ inventory_hostname }}' -- assert: +- name: Test that the file was really copied over + ansible.builtin.assert: that: - - sync_result.changed == False + - stat_result.stat.exists == True + - stat_result.stat.checksum == '2aae6c35c94fcfb415dbe95f408b9ce91ee846ed' + +- name: Test that the file is not copied a second time + ansible.posix.synchronize: + src: "'{{ output_dir }}/foo.txt'" + dest: "'{{ output_dir }}/foo.result'" + register: sync_result + delegate_to: "{{ inventory_hostname }}" + +- name: Test that no change occurred + ansible.builtin.assert: + that: + - not sync_result.changed + - name: Cleanup - file: + ansible.builtin.file: state: absent - path: '{{output_dir}}/{{item}}' - with_items: - - foo.result - - bar.result + path: "{{ output_dir }}/{{ item }}" + loop: + - foo.result + - bar.result - name: Synchronize using the mode=push param - synchronize: - src: '{{output_dir}}/foo.txt' - dest: '{{output_dir}}/foo.result' + ansible.posix.synchronize: + src: "{{ output_dir }}/foo.txt" + dest: "{{ output_dir }}/foo.result" mode: push register: sync_result - delegate_to: '{{ inventory_hostname }}' -- assert: - that: - - '''changed'' in sync_result' - - sync_result.changed == true - - '''cmd'' in sync_result' - - '''rsync'' in sync_result.cmd' - - '''msg'' in sync_result' - - sync_result.msg.startswith('>f+') - - 'sync_result.msg.endswith(''+ foo.txt + delegate_to: "{{ inventory_hostname }}" - '')' -- name: test that the file was really copied over - stat: - path: '{{ output_dir }}/foo.result' +- name: Check that the file was copied over correctly mode=push + ansible.builtin.assert: + that: + - "'changed' in sync_result" + - sync_result.changed == true + - "'cmd' in sync_result" + - "'rsync' in sync_result.cmd" + - "'msg' in sync_result" + - sync_result.msg.startswith('>f+') + - "sync_result.msg.endswith('+ foo.txt\n')" + +- name: Test that the file was really copied over + ansible.builtin.stat: + path: "{{ output_dir }}/foo.result" register: stat_result -- assert: - that: - - stat_result.stat.exists == True - - stat_result.stat.checksum == '2aae6c35c94fcfb415dbe95f408b9ce91ee846ed' -- name: test that the file is not copied a second time - synchronize: - src: '{{output_dir}}/foo.txt' - dest: '{{output_dir}}/foo.result' +- name: Ensure file exists and checksum matches + ansible.builtin.assert: + that: + - stat_result.stat.exists == True + - stat_result.stat.checksum == '2aae6c35c94fcfb415dbe95f408b9ce91ee846ed' + +- name: Test that the file is not copied a second time + ansible.posix.synchronize: + src: "{{ output_dir }}/foo.txt" + dest: "{{ output_dir }}/foo.result" mode: push register: sync_result - delegate_to: '{{ inventory_hostname }}' -- assert: + delegate_to: "{{ inventory_hostname }}" + +- name: Ensure no change occorred + ansible.builtin.assert: that: - - sync_result.changed == False + - sync_result.changed == False + - name: Cleanup - file: + ansible.builtin.file: state: absent - path: '{{output_dir}}/{{item}}' - with_items: - - foo.result - - bar.result + path: "{{ output_dir }}/{{ item }}" + loop: + - foo.result + - bar.result - name: Synchronize using the mode=pull param - synchronize: - src: '{{output_dir}}/foo.txt' - dest: '{{output_dir}}/foo.result' + ansible.posix.synchronize: + src: "{{ output_dir }}/foo.txt" + dest: "{{ output_dir }}/foo.result" mode: pull register: sync_result - delegate_to: '{{ inventory_hostname }}' -- assert: - that: - - '''changed'' in sync_result' - - sync_result.changed == true - - '''cmd'' in sync_result' - - '''rsync'' in sync_result.cmd' - - '''msg'' in sync_result' - - sync_result.msg.startswith('>f+') - - 'sync_result.msg.endswith(''+ foo.txt + delegate_to: "{{ inventory_hostname }}" - '')' -- name: test that the file was really copied over - stat: - path: '{{ output_dir }}/foo.result' +- name: Check that the file was copied over correctly mode=pull + ansible.builtin.assert: + that: + - "'changed' in sync_result" + - sync_result.changed == true + - "'cmd' in sync_result" + - "'rsync' in sync_result.cmd" + - "'msg' in sync_result" + - sync_result.msg.startswith('>f+') + - "sync_result.msg.endswith('+ foo.txt\n')" + +- name: Test that the file was really copied over + ansible.builtin.stat: + path: "{{ output_dir }}/foo.result" register: stat_result -- assert: - that: - - stat_result.stat.exists == True - - stat_result.stat.checksum == '2aae6c35c94fcfb415dbe95f408b9ce91ee846ed' -- name: test that the file is not copied a second time - synchronize: - src: '{{output_dir}}/foo.txt' - dest: '{{output_dir}}/foo.result' +- name: Ensure file exists and checksum matches + ansible.builtin.assert: + that: + - stat_result.stat.exists == True + - stat_result.stat.checksum == '2aae6c35c94fcfb415dbe95f408b9ce91ee846ed' + +- name: Test that the file is not copied a second time + ansible.posix.synchronize: + src: "{{ output_dir }}/foo.txt" + dest: "{{ output_dir }}/foo.result" mode: pull register: sync_result - delegate_to: '{{ inventory_hostname }}' -- assert: + delegate_to: "{{ inventory_hostname }}" + +- name: Ensure no change occorred + ansible.builtin.assert: that: - - sync_result.changed == False + - sync_result.changed == False + - name: Cleanup - file: + ansible.builtin.file: state: absent - path: '{{output_dir}}/{{item}}' - with_items: - - foo.result - - bar.result + path: "{{ output_dir }}/{{ item }}" + loop: + - foo.result + - bar.result -- name: synchronize files using with_items (issue#5965) - synchronize: - src: '{{output_dir}}/{{item}}' - dest: '{{output_dir}}/{{item}}.result' - with_items: - - foo.txt - - bar.txt - register: sync_result - delegate_to: '{{ inventory_hostname }}' -- assert: - that: - - sync_result.changed - - sync_result.msg == 'All items completed' - - '''results'' in sync_result' - - sync_result.results|length == 2 - - 'sync_result.results[0].msg.endswith(''+ foo.txt - - '')' - - 'sync_result.results[1].msg.endswith(''+ bar.txt - - '')' -- name: Cleanup - file: - state: absent - path: '{{output_dir}}/{{item}}.result' - with_items: - - foo.txt - - bar.txt - -- name: synchronize files using rsync_path (issue#7182) - synchronize: - src: '{{output_dir}}/foo.txt' - dest: '{{output_dir}}/foo.rsync_path' - rsync_path: 'sudo rsync' - register: sync_result - delegate_to: '{{ inventory_hostname }}' -- assert: - that: - - '''changed'' in sync_result' - - sync_result.changed == true - - '''cmd'' in sync_result' - - '''rsync'' in sync_result.cmd' - - '''rsync_path'' in sync_result.cmd' - - '''msg'' in sync_result' - - sync_result.msg.startswith('>f+') - - 'sync_result.msg.endswith(''+ foo.txt - - '')' -- name: Cleanup - file: - state: absent - path: '{{output_dir}}/{{item}}' - with_items: - - foo.rsync_path -- name: add subdirectories for link-dest test - file: - path: '{{output_dir}}/{{item}}/' - state: directory - mode: '0755' - with_items: - - directory_a - - directory_b -- name: copy foo.txt into the first directory - synchronize: - src: '{{output_dir}}/foo.txt' - dest: '{{output_dir}}/{{item}}/foo.txt' - with_items: - - directory_a - delegate_to: '{{ inventory_hostname }}' -- name: synchronize files using link_dest - synchronize: - src: '{{output_dir}}/directory_a/foo.txt' - dest: '{{output_dir}}/directory_b/foo.txt' - link_dest: - - '{{output_dir}}/directory_a' - register: sync_result - delegate_to: '{{ inventory_hostname }}' -- name: get stat information for directory_a - stat: - path: '{{ output_dir }}/directory_a/foo.txt' - register: stat_result_a -- name: get stat information for directory_b - stat: - path: '{{ output_dir }}/directory_b/foo.txt' - register: stat_result_b -- assert: - that: - - '''changed'' in sync_result' - - sync_result.changed == true - - stat_result_a.stat.inode == stat_result_b.stat.inode -- name: synchronize files using link_dest that would be recursive - synchronize: - src: '{{output_dir}}/foo.txt' - dest: '{{output_dir}}/foo.result' - link_dest: - - '{{output_dir}}' - register: sync_result - ignore_errors: true - delegate_to: '{{ inventory_hostname }}' - -- assert: - that: - - sync_result is not changed - - sync_result is failed -- name: Cleanup - file: - state: absent - path: '{{output_dir}}/{{item}}' - with_items: - - directory_b/foo.txt - - directory_a/foo.txt - - directory_a - - directory_b - -- name: setup - test for source with working dir with spaces in path - file: - state: directory - path: '{{output_dir}}/{{item}}' - delegate_to: '{{ inventory_hostname }}' - with_items: - - 'directory a' - - 'directory b' -- name: setup - create test new files - copy: - dest: '{{output_dir}}/directory a/{{item}}' - mode: '0644' - content: 'hello world' +- name: Synchronize files using with_items (issue#5965) + ansible.posix.synchronize: + src: "{{ output_dir }}/{{ item }}" + dest: "{{ output_dir }}/{{ item }}.result" with_items: - foo.txt - delegate_to: '{{ inventory_hostname }}' -- name: copy source with spaces in dir path - synchronize: - src: '{{output_dir}}/directory a/foo.txt' - dest: '{{output_dir}}/directory b/' - delegate_to: '{{ inventory_hostname }}' + - bar.txt + register: sync_result + delegate_to: "{{ inventory_hostname }}" + +- name: Validate syncrhonize with_items + ansible.builtin.assert: + that: + - sync_result.changed + - sync_result.msg == 'All items completed' + - "'results' in sync_result" + - sync_result.results|length == 2 + - "sync_result.results[0].msg.endswith('+ foo.txt\n')" + - "sync_result.results[1].msg.endswith('+ bar.txt\n')" + +- name: Cleanup + ansible.builtin.file: + state: absent + path: "{{ output_dir }}/{{ item }}.result" + loop: + - foo.txt + - bar.txt + +- name: Synchronize files using rsync_path (issue#7182) + ansible.posix.synchronize: + src: "{{ output_dir }}/foo.txt" + dest: "{{ output_dir }}/foo.rsync_path" + rsync_path: sudo rsync + register: sync_result + delegate_to: "{{ inventory_hostname }}" + +- name: Validate syncrhonize using rsync_path (issue#7182) + ansible.builtin.assert: + that: + - "'changed' in sync_result" + - sync_result.changed == true + - "'cmd' in sync_result" + - "'rsync' in sync_result.cmd" + - "'rsync_path' in sync_result.cmd" + - "'msg' in sync_result" + - sync_result.msg.startswith('>f+') + - "sync_result.msg.endswith('+ foo.txt\n')" + +- name: Cleanup + ansible.builtin.file: + state: absent + path: "{{ output_dir }}/{{ item }}" + loop: + - foo.rsync_path + +- name: Add subdirectories for link-dest test + ansible.builtin.file: + path: "{{ output_dir }}/{{ item }}/" + state: directory + mode: "0755" + loop: + - directory_a + - directory_b + +- name: Copy foo.txt into the first directory + ansible.posix.synchronize: + src: "{{ output_dir }}/foo.txt" + dest: "{{ output_dir }}/{{ item }}/foo.txt" + loop: + - directory_a + delegate_to: "{{ inventory_hostname }}" + +- name: Synchronize files using link_dest + ansible.posix.synchronize: + src: "{{ output_dir }}/directory_a/foo.txt" + dest: "{{ output_dir }}/directory_b/foo.txt" + link_dest: + - "{{ output_dir }}/directory_a" + register: sync_result + delegate_to: "{{ inventory_hostname }}" + +- name: Get stat information for directory_a + ansible.builtin.stat: + path: "{{ output_dir }}/directory_a/foo.txt" + register: stat_result_a + +- name: Get stat information for directory_b + ansible.builtin.stat: + path: "{{ output_dir }}/directory_b/foo.txt" + register: stat_result_b + +- name: Ensure file exists and inode matches + ansible.builtin.assert: + that: + - "'changed' in sync_result" + - sync_result.changed == true + - stat_result_a.stat.inode == stat_result_b.stat.inode + +- name: Synchronize files using link_dest that would be recursive + ansible.posix.synchronize: + src: "{{ output_dir }}/foo.txt" + dest: "{{ output_dir }}/foo.result" + link_dest: + - "{{ output_dir }}" register: sync_result ignore_errors: true -- name: get stat information for directory_b - stat: - path: '{{ output_dir }}/directory b/foo.txt' - register: stat_result_b -- assert: + delegate_to: "{{ inventory_hostname }}" + +- name: Ensure no change occorred and failed + ansible.builtin.assert: that: - - '''changed'' in sync_result' + - sync_result is not changed + - sync_result is failed + +- name: Cleanup + ansible.builtin.file: + state: absent + path: "{{ output_dir }}/{{ item }}" + loop: + - directory_b/foo.txt + - directory_a/foo.txt + - directory_a + - directory_b + +- name: Setup - test for source with working dir with spaces in path + ansible.builtin.file: + state: directory + path: "{{ output_dir }}/{{ item }}" + mode: "0755" + delegate_to: "{{ inventory_hostname }}" + loop: + - directory a + - directory b + +- name: Setup - create test new files + ansible.builtin.copy: + dest: "{{ output_dir }}/directory a/{{ item }}" + mode: "0644" + content: hello world + loop: + - foo.txt + delegate_to: "{{ inventory_hostname }}" + +- name: Copy source with spaces in dir path + ansible.posix.synchronize: + src: "{{ output_dir }}/directory a/foo.txt" + dest: "{{ output_dir }}/directory b/" + delegate_to: "{{ inventory_hostname }}" + register: sync_result + ignore_errors: true + +- name: Get stat information for directory_b + ansible.builtin.stat: + path: "{{ output_dir }}/directory b/foo.txt" + register: stat_result_b + +- name: Ensure file exists and checksum matches + ansible.builtin.assert: + that: + - "'changed' in sync_result" - sync_result.changed == true - stat_result_b.stat.exists == True - stat_result_b.stat.checksum == '2aae6c35c94fcfb415dbe95f408b9ce91ee846ed' + - name: Cleanup - file: + ansible.builtin.file: state: absent - path: '{{output_dir}}/{{item}}' - with_items: - - 'directory b/foo.txt' - - 'directory a/foo.txt' - - 'directory a' - - 'directory b' + path: "{{ output_dir }}/{{ item }}" + loop: + - directory b/foo.txt + - directory a/foo.txt + - directory a + - directory b diff --git a/tests/integration/targets/sysctl/meta/main.yml b/tests/integration/targets/sysctl/meta/main.yml index 07faa21..8828391 100644 --- a/tests/integration/targets/sysctl/meta/main.yml +++ b/tests/integration/targets/sysctl/meta/main.yml @@ -1,2 +1,3 @@ +--- dependencies: - prepare_tests diff --git a/tests/integration/targets/sysctl/tasks/main.yml b/tests/integration/targets/sysctl/tasks/main.yml index 0c40fc3..249bde1 100644 --- a/tests/integration/targets/sysctl/tasks/main.yml +++ b/tests/integration/targets/sysctl/tasks/main.yml @@ -1,3 +1,4 @@ +--- # Test code for the sysctl module. # (c) 2017, James Tanner @@ -24,79 +25,91 @@ when: - ansible_facts.virtualization_type == 'docker' or ansible_facts.virtualization_type == 'container' block: - - set_fact: + - name: Set output_dir_test fact + ansible.builtin.set_fact: output_dir_test: "{{ output_dir }}/test_sysctl" - - name: make sure our testing sub-directory does not exist - file: + - name: Make sure our testing sub-directory does not exist + ansible.builtin.file: path: "{{ output_dir_test }}" state: absent - - name: create our testing sub-directory - file: + - name: Create our testing sub-directory + ansible.builtin.file: path: "{{ output_dir_test }}" state: directory + mode: "0755" ## ## sysctl - file manipulation ## - - name: copy the example conf to the test dir - copy: + - name: Copy the example conf to the test dir + ansible.builtin.copy: src: sysctl.conf dest: "{{ output_dir_test }}" + mode: "0644" - name: Set vm.swappiness to 5 - sysctl: + ansible.posix.sysctl: name: vm.swappiness value: 5 state: present - reload: no + reload: false sysctl_file: "{{ output_dir_test }}/sysctl.conf" register: sysctl_test0 - - debug: + - name: Debug sysctl_test0 + ansible.builtin.debug: var: sysctl_test0 verbosity: 1 - - name: get file content - shell: "cat {{ output_dir_test }}/sysctl.conf | egrep -v ^\\#" + - name: Get file content + ansible.builtin.shell: + cmd: set -o pipefail && cat {{ output_dir_test }}/sysctl.conf | egrep -v ^\# + executable: /bin/bash + changed_when: false register: sysctl_content0 - - debug: + - name: Debug sysctl_content0 + ansible.builtin.debug: var: sysctl_content0 verbosity: 1 - name: Set vm.swappiness to 5 again - sysctl: - name: vm.swappiness - value: 5 - state: present - reload: no - sysctl_file: "{{ output_dir_test }}/sysctl.conf" + ansible.posix.sysctl: + name: vm.swappiness + value: 5 + state: present + reload: false + sysctl_file: "{{ output_dir_test }}/sysctl.conf" register: sysctl_test1 - - name: validate results - assert: - that: - - sysctl_test0 is changed - - sysctl_test1 is not changed - - 'sysctl_content0.stdout_lines[sysctl_content0.stdout_lines.index("vm.swappiness=5")] == "vm.swappiness=5"' + - name: Validate results + ansible.builtin.assert: + that: + - sysctl_test0 is changed + - sysctl_test1 is not changed + - sysctl_content0.stdout_lines[sysctl_content0.stdout_lines.index("vm.swappiness=5")] == "vm.swappiness=5" - name: Remove kernel.panic - sysctl: + ansible.posix.sysctl: name: kernel.panic value: 2 - reload: no + reload: false state: absent sysctl_file: "{{ output_dir_test }}/sysctl.conf" register: sysctl_test2 - - name: get file content - shell: "cat {{ output_dir_test }}/sysctl.conf | egrep -v ^\\#" + - name: Get file content + ansible.builtin.shell: + cmd: set -o pipefail && cat {{ output_dir_test }}/sysctl.conf | egrep -v ^\# + executable: /bin/bash + changed_when: false register: sysctl_content2 - - debug: + - name: Debug sysctl_test2 sysctl_content2 + ansible.builtin.debug: var: item verbosity: 1 with_items: @@ -104,38 +117,39 @@ - "{{ sysctl_content2 }}" - name: Validate results for key removal - assert: + ansible.builtin.assert: that: - sysctl_test2 is changed - "'kernel.panic' not in sysctl_content2.stdout_lines" - name: Test remove kernel.panic again - sysctl: + ansible.posix.sysctl: name: kernel.panic value: 2 state: absent - reload: no + reload: false sysctl_file: "{{ output_dir_test }}/sysctl.conf" register: sysctl_test2_change_test - name: Assert that no change was made - assert: + ansible.builtin.assert: that: - sysctl_test2_change_test is not changed - name: Try sysctl with an invalid name - sysctl: + ansible.posix.sysctl: name: test.invalid value: 1 register: sysctl_test3 - ignore_errors: yes + ignore_errors: true - - debug: + - name: Debug sysctl_test3 + ansible.builtin.debug: var: sysctl_test3 verbosity: 1 - - name: validate results for test 3 - assert: + - name: Validate results for test 3 + ansible.builtin.assert: that: - sysctl_test3 is failed @@ -143,77 +157,79 @@ ## sysctl - sysctl_set ## - - name: set net.ipv4.ip_forward - sysctl: + - name: Set net.ipv4.ip_forward + ansible.posix.sysctl: name: net.ipv4.ip_forward value: 1 - sysctl_set: yes - reload: no + sysctl_set: true + reload: false register: sysctl_test3 - - name: check with sysctl command - shell: sysctl net.ipv4.ip_forward + - name: Check with sysctl command + ansible.builtin.command: sysctl net.ipv4.ip_forward + changed_when: false register: sysctl_check3 - - debug: + - name: Debug sysctl_test3 sysctl_check3 + ansible.builtin.debug: var: item verbosity: 1 with_items: - "{{ sysctl_test3 }}" - "{{ sysctl_check3 }}" - - name: validate results for test 3 - assert: + - name: Validate results for test 3 + ansible.builtin.assert: that: - sysctl_test3 is changed - - 'sysctl_check3.stdout_lines == ["net.ipv4.ip_forward = 1"]' + - sysctl_check3.stdout_lines == ["net.ipv4.ip_forward = 1"] - name: Try sysctl with no name - sysctl: + ansible.posix.sysctl: name: "" value: 1 - sysctl_set: yes - ignore_errors: True + sysctl_set: true + ignore_errors: true register: sysctl_no_name - - name: validate nameless results - assert: + - name: Validate nameless results + ansible.builtin.assert: that: - sysctl_no_name is failed - - "sysctl_no_name.msg == 'name cannot be blank'" + - sysctl_no_name.msg == 'name cannot be blank' - name: Try sysctl with no value - sysctl: + ansible.posix.sysctl: name: Foo value: - sysctl_set: yes - ignore_errors: True + sysctl_set: true + ignore_errors: true register: sysctl_no_value - - name: validate nameless results - assert: + - name: Validate nameless results + ansible.builtin.assert: that: - sysctl_no_value is failed - - "sysctl_no_value.msg == 'value cannot be None'" + - sysctl_no_value.msg == 'value cannot be None' - name: Try sysctl with an invalid name - sysctl: + ansible.posix.sysctl: name: test.invalid value: 1 - sysctl_set: yes + sysctl_set: true register: sysctl_test4 - ignore_errors: yes + ignore_errors: true - - debug: + - name: Debug sysctl_test4 + ansible.builtin.debug: var: sysctl_test4 verbosity: 1 - - name: validate results for test 4 - assert: + - name: Validate results for test 4 + ansible.builtin.assert: that: - sysctl_test4 is failed - - name: Test on RHEL VMs when: - ansible_facts.virtualization_type != 'docker' @@ -221,34 +237,37 @@ block: # Test reload: yes - name: Set sysctl property using module - sysctl: + ansible.posix.sysctl: name: vm.swappiness - value: '22' + value: "22" state: present - reload: yes + reload: true register: sysctl_set1 - name: Change sysctl property using command - command: sysctl vm.swappiness=33 + ansible.builtin.command: sysctl vm.swappiness=33 + changed_when: true - name: Set sysctl property using module - sysctl: + ansible.posix.sysctl: name: vm.swappiness - value: '22' + value: "22" state: present - reload: yes + reload: true register: sysctl_set2 - name: Read /etc/sysctl.conf - command: 'egrep -v ^# /etc/sysctl.conf' + ansible.builtin.command: egrep -v ^# /etc/sysctl.conf + changed_when: false register: sysctl_conf_content - name: Get current value of vm.swappiness - command: sysctl -n vm.swappiness + ansible.builtin.command: sysctl -n vm.swappiness + changed_when: false register: sysctl_current_vm_swappiness - name: Ensure changes were made appropriately - assert: + ansible.builtin.assert: that: - sysctl_set1 is changed - sysctl_set2 is changed @@ -257,33 +276,35 @@ # Test reload: yes in check mode - name: Set the same value using module in check mode - sysctl: + ansible.posix.sysctl: name: vm.swappiness - value: '22' + value: "22" state: present - reload: yes - check_mode: yes + reload: true + check_mode: true register: sysctl_check_mode1 - name: Set a different value using module in check mode - sysctl: + ansible.posix.sysctl: name: vm.swappiness - value: '44' + value: "44" state: present - reload: yes - check_mode: yes + reload: true + check_mode: true register: sysctl_check_mode2 - name: Read /etc/sysctl.conf - command: 'egrep -v ^# /etc/sysctl.conf' + ansible.builtin.command: egrep -v ^# /etc/sysctl.conf + changed_when: false register: sysctl_check_mode_conf_content - name: Get current value of vm.swappiness - command: sysctl -n vm.swappiness + ansible.builtin.command: sysctl -n vm.swappiness + changed_when: false register: sysctl_check_mode_current_vm_swappiness - name: Ensure no changes were made in check mode - assert: + ansible.builtin.assert: that: - sysctl_check_mode1 is success - sysctl_check_mode2 is changed @@ -292,21 +313,22 @@ # Test sysctl: invalid value - name: Set invalid sysctl property using module - sysctl: + ansible.posix.sysctl: name: vm.mmap_rnd_bits - value: '1024' + value: "1024" state: present - reload: yes - sysctl_set: True - ignore_errors: True + reload: true + sysctl_set: true + ignore_errors: true register: sysctl_invalid_set1 - name: Read /etc/sysctl.conf - command: 'cat /etc/sysctl.conf' + ansible.builtin.command: cat /etc/sysctl.conf + changed_when: false register: sysctl_invalid_conf_content - name: Ensure changes were not made - assert: + ansible.builtin.assert: that: - sysctl_invalid_set1 is failed - "'vm.mmap_rnd_bits' not in sysctl_invalid_conf_content.stdout" diff --git a/tests/sanity/ignore-2.14.txt b/tests/sanity/ignore-2.14.txt index 0b6905e..caf2217 100644 --- a/tests/sanity/ignore-2.14.txt +++ b/tests/sanity/ignore-2.14.txt @@ -1,8 +1,2 @@ -plugins/modules/synchronize.py pylint:disallowed-name -plugins/modules/synchronize.py use-argspec-type-path -plugins/modules/synchronize.py validate-modules:doc-default-does-not-match-spec -plugins/modules/synchronize.py validate-modules:nonexistent-parameter-documented -plugins/modules/synchronize.py validate-modules:parameter-type-not-in-doc -plugins/modules/synchronize.py validate-modules:undocumented-parameter tests/utils/shippable/check_matrix.py replace-urlopen tests/utils/shippable/timing.py shebang diff --git a/tests/sanity/ignore-2.15.txt b/tests/sanity/ignore-2.15.txt index 0b6905e..caf2217 100644 --- a/tests/sanity/ignore-2.15.txt +++ b/tests/sanity/ignore-2.15.txt @@ -1,8 +1,2 @@ -plugins/modules/synchronize.py pylint:disallowed-name -plugins/modules/synchronize.py use-argspec-type-path -plugins/modules/synchronize.py validate-modules:doc-default-does-not-match-spec -plugins/modules/synchronize.py validate-modules:nonexistent-parameter-documented -plugins/modules/synchronize.py validate-modules:parameter-type-not-in-doc -plugins/modules/synchronize.py validate-modules:undocumented-parameter tests/utils/shippable/check_matrix.py replace-urlopen tests/utils/shippable/timing.py shebang diff --git a/tests/sanity/ignore-2.16.txt b/tests/sanity/ignore-2.16.txt index d196952..3cf68c0 100644 --- a/tests/sanity/ignore-2.16.txt +++ b/tests/sanity/ignore-2.16.txt @@ -1,7 +1 @@ -plugins/modules/synchronize.py pylint:disallowed-name -plugins/modules/synchronize.py use-argspec-type-path -plugins/modules/synchronize.py validate-modules:doc-default-does-not-match-spec -plugins/modules/synchronize.py validate-modules:nonexistent-parameter-documented -plugins/modules/synchronize.py validate-modules:parameter-type-not-in-doc -plugins/modules/synchronize.py validate-modules:undocumented-parameter tests/utils/shippable/timing.py shebang diff --git a/tests/sanity/ignore-2.17.txt b/tests/sanity/ignore-2.17.txt index d196952..3cf68c0 100644 --- a/tests/sanity/ignore-2.17.txt +++ b/tests/sanity/ignore-2.17.txt @@ -1,7 +1 @@ -plugins/modules/synchronize.py pylint:disallowed-name -plugins/modules/synchronize.py use-argspec-type-path -plugins/modules/synchronize.py validate-modules:doc-default-does-not-match-spec -plugins/modules/synchronize.py validate-modules:nonexistent-parameter-documented -plugins/modules/synchronize.py validate-modules:parameter-type-not-in-doc -plugins/modules/synchronize.py validate-modules:undocumented-parameter tests/utils/shippable/timing.py shebang diff --git a/tests/sanity/ignore-2.9.txt b/tests/sanity/ignore-2.9.txt deleted file mode 100644 index 013403f..0000000 --- a/tests/sanity/ignore-2.9.txt +++ /dev/null @@ -1,8 +0,0 @@ -plugins/modules/synchronize.py pylint:blacklisted-name -plugins/modules/synchronize.py use-argspec-type-path -plugins/modules/synchronize.py validate-modules:doc-default-does-not-match-spec -plugins/modules/synchronize.py validate-modules:nonexistent-parameter-documented -plugins/modules/synchronize.py validate-modules:parameter-type-not-in-doc -plugins/modules/synchronize.py validate-modules:undocumented-parameter -tests/utils/shippable/check_matrix.py replace-urlopen -tests/utils/shippable/timing.py shebang diff --git a/tests/unit/plugins/action/fixtures/synchronize/basic/meta.yaml b/tests/unit/plugins/action/fixtures/synchronize/basic/meta.yaml index 7608ebf..28b7045 100644 --- a/tests/unit/plugins/action/fixtures/synchronize/basic/meta.yaml +++ b/tests/unit/plugins/action/fixtures/synchronize/basic/meta.yaml @@ -1,17 +1,18 @@ +--- fixtures: - taskvars_in: taskvars_in.json - taskvars_out: taskvars_out.json + taskvars_in: taskvars_in.json + taskvars_out: taskvars_out.json connection: - transport: 'ssh' + transport: ssh hostvars: - '127.0.0.1': {} - '::1': {} - 'localhost': {} + 127.0.0.1: {} + ::1: {} + localhost: {} asserts: - - "hasattr(SAM._connection, 'ismock')" - - "SAM._connection.transport == 'local'" - - "self._play_context.shell == 'sh'" - - "self.execute_called" - - "self.final_module_args['_local_rsync_path'] == 'rsync'" - - "self.final_module_args['src'] == '/tmp/deleteme'" - - "self.final_module_args['dest'] == 'root@el6host:/tmp/deleteme'" + - hasattr(SAM._connection, 'ismock') + - SAM._connection.transport == 'local' + - self._play_context.shell == 'sh' + - self.execute_called + - self.final_module_args['_local_rsync_path'] == 'rsync' + - self.final_module_args['src'] == '/tmp/deleteme' + - self.final_module_args['dest'] == 'root@el6host:/tmp/deleteme' diff --git a/tests/unit/plugins/action/fixtures/synchronize/basic_become/meta.yaml b/tests/unit/plugins/action/fixtures/synchronize/basic_become/meta.yaml index 8435735..1eb0b92 100644 --- a/tests/unit/plugins/action/fixtures/synchronize/basic_become/meta.yaml +++ b/tests/unit/plugins/action/fixtures/synchronize/basic_become/meta.yaml @@ -1,39 +1,40 @@ +--- task_args: - src: /tmp/deleteme - dest: /tmp/deleteme - #rsync_path: rsync + src: /tmp/deleteme + dest: /tmp/deleteme +# rsync_path: rsync _task: - become: True - become_method: None + become: true + become_method: None fixtures: - taskvars_in: task_vars_in.json - taskvars_out: task_vars_out.json + taskvars_in: task_vars_in.json + taskvars_out: task_vars_out.json connection: - transport: 'ssh' + transport: ssh _play_context: - become: True - become_method: sudo - remote_addr: el6host - remote_user: root + become: true + become_method: sudo + remote_addr: el6host + remote_user: root hostvars: - '127.0.0.1': {} - '::1': {} - 'localhost': {} + 127.0.0.1: {} + ::1: {} + localhost: {} asserts: - - "hasattr(SAM._connection, 'ismock')" - - "SAM._connection.transport == 'local'" - - "self.execute_called" - - "self.final_module_args['_local_rsync_path'] == 'rsync'" - # this is a crucial aspect of this scenario ... - # note: become_user None -> root - - "self.final_module_args['rsync_path'] == 'sudo -u root rsync'" - - "self.final_module_args['src'] == '/tmp/deleteme'" - - "self.final_module_args['dest'] == 'root@el6host:/tmp/deleteme'" - - "self.task.become == True" - - "self.task.become_user == None" - - "self._play_context.shell == 'sh'" - - "self._play_context.remote_addr == 'el6host'" - - "self._play_context.remote_user == 'root'" - - "self._play_context.become == False" - - "self._play_context.become_user == 'root'" - - "self._play_context.password == None" + - hasattr(SAM._connection, 'ismock') + - SAM._connection.transport == 'local' + - self.execute_called + - self.final_module_args['_local_rsync_path'] == 'rsync' + # this is a crucial aspect of this scenario ... + # note: become_user None -> root + - self.final_module_args['rsync_path'] == 'sudo -u root rsync' + - self.final_module_args['src'] == '/tmp/deleteme' + - self.final_module_args['dest'] == 'root@el6host:/tmp/deleteme' + - self.task.become == True + - self.task.become_user == None + - self._play_context.shell == 'sh' + - self._play_context.remote_addr == 'el6host' + - self._play_context.remote_user == 'root' + - self._play_context.become == False + - self._play_context.become_user == 'root' + - self._play_context.password == None diff --git a/tests/unit/plugins/action/fixtures/synchronize/basic_become_cli/meta.yaml b/tests/unit/plugins/action/fixtures/synchronize/basic_become_cli/meta.yaml index 294bfde..1bec3b4 100644 --- a/tests/unit/plugins/action/fixtures/synchronize/basic_become_cli/meta.yaml +++ b/tests/unit/plugins/action/fixtures/synchronize/basic_become_cli/meta.yaml @@ -1,39 +1,40 @@ +--- task_args: - src: /tmp/deleteme - dest: /tmp/deleteme - #rsync_path: rsync + src: /tmp/deleteme + dest: /tmp/deleteme +# rsync_path: rsync _task: - become: None - become_method: None + become: None + become_method: None fixtures: - taskvars_in: task_vars_in.json - taskvars_out: task_vars_out.json + taskvars_in: task_vars_in.json + taskvars_out: task_vars_out.json connection: - transport: 'ssh' + transport: ssh _play_context: - become: True - become_method: sudo - remote_addr: el6host - remote_user: root + become: true + become_method: sudo + remote_addr: el6host + remote_user: root hostvars: - '127.0.0.1': {} - '::1': {} - 'localhost': {} + 127.0.0.1: {} + ::1: {} + localhost: {} asserts: - - "hasattr(SAM._connection, 'ismock')" - - "SAM._connection.transport == 'local'" - - "self.execute_called" - - "self.final_module_args['_local_rsync_path'] == 'rsync'" - # this is a crucial aspect of this scenario ... - # note: become_user None -> root - - "self.final_module_args['rsync_path'] == 'sudo -u root rsync'" - - "self.final_module_args['src'] == '/tmp/deleteme'" - - "self.final_module_args['dest'] == 'root@el6host:/tmp/deleteme'" - - "self.task.become == None" - - "self.task.become_user == None" - - "self._play_context.shell == 'sh'" - - "self._play_context.remote_addr == 'el6host'" - - "self._play_context.remote_user == 'root'" - - "self._play_context.become == False" - - "self._play_context.become_user == 'root'" - - "self._play_context.password == None" + - hasattr(SAM._connection, 'ismock') + - SAM._connection.transport == 'local' + - self.execute_called + - self.final_module_args['_local_rsync_path'] == 'rsync' + # this is a crucial aspect of this scenario ... + # note: become_user None -> root + - self.final_module_args['rsync_path'] == 'sudo -u root rsync' + - self.final_module_args['src'] == '/tmp/deleteme' + - self.final_module_args['dest'] == 'root@el6host:/tmp/deleteme' + - self.task.become == None + - self.task.become_user == None + - self._play_context.shell == 'sh' + - self._play_context.remote_addr == 'el6host' + - self._play_context.remote_user == 'root' + - self._play_context.become == False + - self._play_context.become_user == 'root' + - self._play_context.password == None diff --git a/tests/unit/plugins/action/fixtures/synchronize/basic_vagrant/meta.yaml b/tests/unit/plugins/action/fixtures/synchronize/basic_vagrant/meta.yaml index 7654cc6..574ee6a 100644 --- a/tests/unit/plugins/action/fixtures/synchronize/basic_vagrant/meta.yaml +++ b/tests/unit/plugins/action/fixtures/synchronize/basic_vagrant/meta.yaml @@ -1,29 +1,30 @@ +--- task_args: - src: /tmp/deleteme - dest: /tmp/deleteme + src: /tmp/deleteme + dest: /tmp/deleteme fixtures: - taskvars_in: task_vars_in.json - taskvars_out: task_vars_out.json + taskvars_in: task_vars_in.json + taskvars_out: task_vars_out.json connection: - transport: 'ssh' + transport: ssh _play_context: - remote_addr: '127.0.0.1' - remote_user: vagrant + remote_addr: 127.0.0.1 + remote_user: vagrant hostvars: - '127.0.0.1': {} - '::1': {} - 'localhost': {} + 127.0.0.1: {} + ::1: {} + localhost: {} asserts: - - "hasattr(SAM._connection, 'ismock')" - - "SAM._connection.transport == 'local'" - - "self.execute_called" - - "self.final_module_args['_local_rsync_path'] == 'rsync'" - - "self.final_module_args['dest_port'] == 2202" - - "self.final_module_args['src'] == '/tmp/deleteme'" - - "self.final_module_args['dest'] == 'vagrant@127.0.0.1:/tmp/deleteme'" - - "self._play_context.shell == 'sh'" - - "self._play_context.remote_addr == '127.0.0.1'" - - "self._play_context.remote_user == 'vagrant'" - - "self._play_context.become == False" - - "self._play_context.become_user == 'root'" - - "self._play_context.password == None" + - hasattr(SAM._connection, 'ismock') + - SAM._connection.transport == 'local' + - self.execute_called + - self.final_module_args['_local_rsync_path'] == 'rsync' + - self.final_module_args['dest_port'] == 2202 + - self.final_module_args['src'] == '/tmp/deleteme' + - self.final_module_args['dest'] == 'vagrant@127.0.0.1:/tmp/deleteme' + - self._play_context.shell == 'sh' + - self._play_context.remote_addr == '127.0.0.1' + - self._play_context.remote_user == 'vagrant' + - self._play_context.become == False + - self._play_context.become_user == 'root' + - self._play_context.password == None diff --git a/tests/unit/plugins/action/fixtures/synchronize/basic_vagrant_become_cli/meta.yaml b/tests/unit/plugins/action/fixtures/synchronize/basic_vagrant_become_cli/meta.yaml index 242de92..eb0d5b1 100644 --- a/tests/unit/plugins/action/fixtures/synchronize/basic_vagrant_become_cli/meta.yaml +++ b/tests/unit/plugins/action/fixtures/synchronize/basic_vagrant_become_cli/meta.yaml @@ -1,32 +1,33 @@ +--- task: - #become: None +# become: None task_args: - src: /tmp/deleteme - dest: /tmp/deleteme + src: /tmp/deleteme + dest: /tmp/deleteme fixtures: - taskvars_in: task_vars_in.json - taskvars_out: task_vars_out.json + taskvars_in: task_vars_in.json + taskvars_out: task_vars_out.json connection: - transport: 'ssh' + transport: ssh _play_context: - become: True - remote_addr: '127.0.0.1' - remote_user: vagrant + become: true + remote_addr: 127.0.0.1 + remote_user: vagrant hostvars: - '127.0.0.1': {} - '::1': {} - 'localhost': {} + 127.0.0.1: {} + ::1: {} + localhost: {} asserts: - - "hasattr(SAM._connection, 'ismock')" - - "SAM._connection.transport == 'local'" - - "self.execute_called" - - "self.final_module_args['_local_rsync_path'] == 'rsync'" - - "self.final_module_args['dest_port'] == 2202" - - "self.final_module_args['src'] == '/tmp/deleteme'" - - "self.final_module_args['dest'] == 'vagrant@127.0.0.1:/tmp/deleteme'" - - "self._play_context.shell == 'sh'" - - "self._play_context.remote_addr == '127.0.0.1'" - - "self._play_context.remote_user == 'vagrant'" - - "self._play_context.become == False" - - "self._play_context.become_user == 'root'" - - "self._play_context.password == None" + - hasattr(SAM._connection, 'ismock') + - SAM._connection.transport == 'local' + - self.execute_called + - self.final_module_args['_local_rsync_path'] == 'rsync' + - self.final_module_args['dest_port'] == 2202 + - self.final_module_args['src'] == '/tmp/deleteme' + - self.final_module_args['dest'] == 'vagrant@127.0.0.1:/tmp/deleteme' + - self._play_context.shell == 'sh' + - self._play_context.remote_addr == '127.0.0.1' + - self._play_context.remote_user == 'vagrant' + - self._play_context.become == False + - self._play_context.become_user == 'root' + - self._play_context.password == None diff --git a/tests/unit/plugins/action/fixtures/synchronize/basic_vagrant_sudo/meta.yaml b/tests/unit/plugins/action/fixtures/synchronize/basic_vagrant_sudo/meta.yaml index 7654cc6..574ee6a 100644 --- a/tests/unit/plugins/action/fixtures/synchronize/basic_vagrant_sudo/meta.yaml +++ b/tests/unit/plugins/action/fixtures/synchronize/basic_vagrant_sudo/meta.yaml @@ -1,29 +1,30 @@ +--- task_args: - src: /tmp/deleteme - dest: /tmp/deleteme + src: /tmp/deleteme + dest: /tmp/deleteme fixtures: - taskvars_in: task_vars_in.json - taskvars_out: task_vars_out.json + taskvars_in: task_vars_in.json + taskvars_out: task_vars_out.json connection: - transport: 'ssh' + transport: ssh _play_context: - remote_addr: '127.0.0.1' - remote_user: vagrant + remote_addr: 127.0.0.1 + remote_user: vagrant hostvars: - '127.0.0.1': {} - '::1': {} - 'localhost': {} + 127.0.0.1: {} + ::1: {} + localhost: {} asserts: - - "hasattr(SAM._connection, 'ismock')" - - "SAM._connection.transport == 'local'" - - "self.execute_called" - - "self.final_module_args['_local_rsync_path'] == 'rsync'" - - "self.final_module_args['dest_port'] == 2202" - - "self.final_module_args['src'] == '/tmp/deleteme'" - - "self.final_module_args['dest'] == 'vagrant@127.0.0.1:/tmp/deleteme'" - - "self._play_context.shell == 'sh'" - - "self._play_context.remote_addr == '127.0.0.1'" - - "self._play_context.remote_user == 'vagrant'" - - "self._play_context.become == False" - - "self._play_context.become_user == 'root'" - - "self._play_context.password == None" + - hasattr(SAM._connection, 'ismock') + - SAM._connection.transport == 'local' + - self.execute_called + - self.final_module_args['_local_rsync_path'] == 'rsync' + - self.final_module_args['dest_port'] == 2202 + - self.final_module_args['src'] == '/tmp/deleteme' + - self.final_module_args['dest'] == 'vagrant@127.0.0.1:/tmp/deleteme' + - self._play_context.shell == 'sh' + - self._play_context.remote_addr == '127.0.0.1' + - self._play_context.remote_user == 'vagrant' + - self._play_context.become == False + - self._play_context.become_user == 'root' + - self._play_context.password == None diff --git a/tests/unit/plugins/action/fixtures/synchronize/basic_with_private_key/meta.yaml b/tests/unit/plugins/action/fixtures/synchronize/basic_with_private_key/meta.yaml index 9b227e0..7405cb6 100644 --- a/tests/unit/plugins/action/fixtures/synchronize/basic_with_private_key/meta.yaml +++ b/tests/unit/plugins/action/fixtures/synchronize/basic_with_private_key/meta.yaml @@ -1,25 +1,26 @@ +--- fixtures: - taskvars_in: taskvars_in.json - taskvars_out: taskvars_out.json + taskvars_in: taskvars_in.json + taskvars_out: taskvars_out.json connection: - transport: 'ssh' + transport: ssh hostvars: - '127.0.0.1': {} - '::1': {} - 'localhost': {} + 127.0.0.1: {} + ::1: {} + localhost: {} _play_context: - private_key_file: ~/test.pem + private_key_file: ~/test.pem task_args: - private_key: ~/.ssh/id_rsa - dest: /tmp/deleteme - src: /tmp/deleteme + private_key: ~/.ssh/id_rsa + dest: /tmp/deleteme + src: /tmp/deleteme asserts: - - "hasattr(SAM._connection, 'ismock')" - - "SAM._connection.transport == 'local'" - - "self._play_context.shell == 'sh'" - - "self.execute_called" - - "self.final_module_args['_local_rsync_path'] == 'rsync'" - - "self.final_module_args['src'] == '/tmp/deleteme'" - - "self.final_module_args['dest'] == 'root@el6host:/tmp/deleteme'" - - "self.final_module_args['private_key'] == '~/.ssh/id_rsa'" + - hasattr(SAM._connection, 'ismock') + - SAM._connection.transport == 'local' + - self._play_context.shell == 'sh' + - self.execute_called + - self.final_module_args['_local_rsync_path'] == 'rsync' + - self.final_module_args['src'] == '/tmp/deleteme' + - self.final_module_args['dest'] == 'root@el6host:/tmp/deleteme' + - self.final_module_args['private_key'] == '~/.ssh/id_rsa' diff --git a/tests/unit/plugins/action/fixtures/synchronize/delegate_remote/meta.yaml b/tests/unit/plugins/action/fixtures/synchronize/delegate_remote/meta.yaml index 1c55b28..e943b79 100644 --- a/tests/unit/plugins/action/fixtures/synchronize/delegate_remote/meta.yaml +++ b/tests/unit/plugins/action/fixtures/synchronize/delegate_remote/meta.yaml @@ -1,26 +1,27 @@ +--- fixtures: - taskvars_in: task_vars_in.json - taskvars_out: task_vars_out.json + taskvars_in: task_vars_in.json + taskvars_out: task_vars_out.json task_args: - src: /tmp/deleteme - dest: /tmp/deleteme + src: /tmp/deleteme + dest: /tmp/deleteme _task: - delegate_to: u1404 + delegate_to: u1404 _play_context: - shell: None - remote_addr: u1404 - remote_user: root + shell: None + remote_addr: u1404 + remote_user: root connection: - transport: 'ssh' + transport: ssh hostvars: - '127.0.0.1': {} - '::1': {} - 'localhost': {} + 127.0.0.1: {} + ::1: {} + localhost: {} asserts: - - "hasattr(SAM._connection, 'ismock')" - - "SAM._connection.transport == 'ssh'" - - "self._play_context.shell == None" - - "self.execute_called" - - "self.final_module_args['_local_rsync_path'] == 'rsync'" - - "self.final_module_args['src'] == '/tmp/deleteme'" - - "self.final_module_args['dest'] == 'root@el6host:/tmp/deleteme'" + - hasattr(SAM._connection, 'ismock') + - SAM._connection.transport == 'ssh' + - self._play_context.shell == None + - self.execute_called + - self.final_module_args['_local_rsync_path'] == 'rsync' + - self.final_module_args['src'] == '/tmp/deleteme' + - self.final_module_args['dest'] == 'root@el6host:/tmp/deleteme' diff --git a/tests/unit/plugins/action/fixtures/synchronize/delegate_remote_play_context_private_key/meta.yaml b/tests/unit/plugins/action/fixtures/synchronize/delegate_remote_play_context_private_key/meta.yaml index 31939ca..2d88e63 100644 --- a/tests/unit/plugins/action/fixtures/synchronize/delegate_remote_play_context_private_key/meta.yaml +++ b/tests/unit/plugins/action/fixtures/synchronize/delegate_remote_play_context_private_key/meta.yaml @@ -1,28 +1,29 @@ +--- fixtures: - taskvars_in: task_vars_in.json - taskvars_out: task_vars_out.json + taskvars_in: task_vars_in.json + taskvars_out: task_vars_out.json task_args: - src: /tmp/deleteme - dest: /tmp/deleteme + src: /tmp/deleteme + dest: /tmp/deleteme _task: - delegate_to: u1404 + delegate_to: u1404 _play_context: - shell: None - remote_addr: u1404 - remote_user: root - private_key_file: ~/test.pem + shell: None + remote_addr: u1404 + remote_user: root + private_key_file: ~/test.pem connection: - transport: 'ssh' + transport: ssh hostvars: - '127.0.0.1': {} - '::1': {} - 'localhost': {} + 127.0.0.1: {} + ::1: {} + localhost: {} asserts: - - "hasattr(SAM._connection, 'ismock')" - - "SAM._connection.transport == 'ssh'" - - "self._play_context.shell == None" - - "self.execute_called" - - "self.final_module_args['_local_rsync_path'] == 'rsync'" - - "self.final_module_args['src'] == '/tmp/deleteme'" - - "self.final_module_args['dest'] == 'root@el6host:/tmp/deleteme'" - - "self.final_module_args['private_key'] == '~/test.pem'" + - hasattr(SAM._connection, 'ismock') + - SAM._connection.transport == 'ssh' + - self._play_context.shell == None + - self.execute_called + - self.final_module_args['_local_rsync_path'] == 'rsync' + - self.final_module_args['src'] == '/tmp/deleteme' + - self.final_module_args['dest'] == 'root@el6host:/tmp/deleteme' + - self.final_module_args['private_key'] == '~/test.pem' diff --git a/tests/unit/plugins/action/fixtures/synchronize/delegate_remote_su/meta.yaml b/tests/unit/plugins/action/fixtures/synchronize/delegate_remote_su/meta.yaml index 28e35c9..34df19d 100644 --- a/tests/unit/plugins/action/fixtures/synchronize/delegate_remote_su/meta.yaml +++ b/tests/unit/plugins/action/fixtures/synchronize/delegate_remote_su/meta.yaml @@ -1,33 +1,34 @@ +--- fixtures: - taskvars_in: task_vars_in.json - taskvars_out: task_vars_out.json + taskvars_in: task_vars_in.json + taskvars_out: task_vars_out.json task_args: - src: /tmp/deleteme - dest: /tmp/deleteme + src: /tmp/deleteme + dest: /tmp/deleteme _task: - delegate_to: u1404 + delegate_to: u1404 _play_context: - become: True - become_user: None #if ! None|root, different testcase - become_method: su - shell: None - remote_addr: u1404 - remote_user: root + become: true + become_user: None # if ! None|root, different testcase + become_method: su + shell: None + remote_addr: u1404 + remote_user: root connection: - transport: 'ssh' + transport: ssh hostvars: - '127.0.0.1': {} - '::1': {} - 'localhost': {} + 127.0.0.1: {} + ::1: {} + localhost: {} asserts: - - "hasattr(SAM._connection, 'ismock')" - - "SAM._connection.transport == 'ssh'" - - "self._play_context.shell == None" - - "self._play_context.remote_addr == 'u1404'" - - "self._play_context.remote_user == 'root'" - - "not self._play_context.become" - - "self._play_context.become_method == 'su'" - - "self.execute_called" - - "self.final_module_args['_local_rsync_path'] == 'rsync'" - - "self.final_module_args['src'] == '/tmp/deleteme'" - - "self.final_module_args['dest'] == 'root@el6host:/tmp/deleteme'" + - hasattr(SAM._connection, 'ismock') + - SAM._connection.transport == 'ssh' + - self._play_context.shell == None + - self._play_context.remote_addr == 'u1404' + - self._play_context.remote_user == 'root' + - not self._play_context.become + - self._play_context.become_method == 'su' + - self.execute_called + - self.final_module_args['_local_rsync_path'] == 'rsync' + - self.final_module_args['src'] == '/tmp/deleteme' + - self.final_module_args['dest'] == 'root@el6host:/tmp/deleteme' diff --git a/tests/unit/plugins/action/fixtures/synchronize/delegate_remote_with_private_key/meta.yaml b/tests/unit/plugins/action/fixtures/synchronize/delegate_remote_with_private_key/meta.yaml index 1242b1d..603a4cb 100644 --- a/tests/unit/plugins/action/fixtures/synchronize/delegate_remote_with_private_key/meta.yaml +++ b/tests/unit/plugins/action/fixtures/synchronize/delegate_remote_with_private_key/meta.yaml @@ -1,29 +1,30 @@ +--- fixtures: - taskvars_in: task_vars_in.json - taskvars_out: task_vars_out.json + taskvars_in: task_vars_in.json + taskvars_out: task_vars_out.json task_args: - src: /tmp/deleteme - dest: /tmp/deleteme - private_key: ~/.ssh/id_rsa + src: /tmp/deleteme + dest: /tmp/deleteme + private_key: ~/.ssh/id_rsa _task: - delegate_to: u1404 + delegate_to: u1404 _play_context: - shell: None - remote_addr: u1404 - remote_user: root - private_key_file: ~/test.pem + shell: None + remote_addr: u1404 + remote_user: root + private_key_file: ~/test.pem connection: - transport: 'ssh' + transport: ssh hostvars: - '127.0.0.1': {} - '::1': {} - 'localhost': {} + 127.0.0.1: {} + ::1: {} + localhost: {} asserts: - - "hasattr(SAM._connection, 'ismock')" - - "SAM._connection.transport == 'ssh'" - - "self._play_context.shell == None" - - "self.execute_called" - - "self.final_module_args['_local_rsync_path'] == 'rsync'" - - "self.final_module_args['src'] == '/tmp/deleteme'" - - "self.final_module_args['dest'] == 'root@el6host:/tmp/deleteme'" - - "self.final_module_args['private_key'] == '~/.ssh/id_rsa'" + - hasattr(SAM._connection, 'ismock') + - SAM._connection.transport == 'ssh' + - self._play_context.shell == None + - self.execute_called + - self.final_module_args['_local_rsync_path'] == 'rsync' + - self.final_module_args['src'] == '/tmp/deleteme' + - self.final_module_args['dest'] == 'root@el6host:/tmp/deleteme' + - self.final_module_args['private_key'] == '~/.ssh/id_rsa' diff --git a/tests/unit/requirements.yml b/tests/unit/requirements.yml index 08e2610..8dd5161 100644 --- a/tests/unit/requirements.yml +++ b/tests/unit/requirements.yml @@ -1,3 +1,3 @@ --- collections: -- community.general + - community.general