Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

tests: Re-enable become/sudo tests, fix them on macOS runners #1168

Merged
merged 1 commit into from
Oct 28, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions docs/changelog.rst
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ In progress (unreleased)

* :gh:issue:`905` :mod:`ansible_mitogen`: Support templated SSH command
arguments (e.g. ``ansible_ssh_args``, ``ansible_ssh_extra_args``).
* :gh:issue:`692` tests: Fix and re-enable several sudo tests


v0.3.14 (2024-10-16)
Expand Down
21 changes: 10 additions & 11 deletions tests/ansible/integration/action/make_tmp_path.yml
Original file line number Diff line number Diff line change
Expand Up @@ -142,17 +142,16 @@
# readonly homedir
#

# TODO: https://github.com/dw/mitogen/issues/692
# - name: "Try writing to temp directory for the readonly_homedir user"
# become: true
# become_user: mitogen__readonly_homedir
# custom_python_run_script:
# script: |
# from ansible.module_utils.basic import get_module_path
# path = get_module_path() + '/foo.txt'
# result['path'] = path
# open(path, 'w').write("bar")
# register: tmp_path
- name: Try writing to temp directory for the readonly_homedir user
become: true
become_user: mitogen__readonly_homedir
custom_python_run_script:
script: |
from ansible.module_utils.basic import get_module_path
path = get_module_path() + '/foo.txt'
result['path'] = path
open(path, 'w').write("bar")
register: tmp_path

#
# modules get the same base dir
Expand Down
28 changes: 14 additions & 14 deletions tests/ansible/integration/action/synchronize.yml
Original file line number Diff line number Diff line change
Expand Up @@ -40,11 +40,11 @@
delegate_to: localhost
run_once: true

# TODO: https://github.com/dw/mitogen/issues/692
# - file:
# path: /tmp/sync-test.out
# state: absent
# become: true
- name: Ensure clean slate
become: true
file:
path: /tmp/sync-test.out
state: absent

# exception: File "/tmp/venv/lib/python2.7/site-packages/ansible/plugins/action/__init__.py", line 129, in cleanup
# exception: self._remove_tmp_path(self._connection._shell.tmpdir)
Expand All @@ -70,14 +70,14 @@
outout={{ outout }}
when: False

# TODO: https://github.com/dw/mitogen/issues/692
# - file:
# path: "{{item}}"
# state: absent
# become: true
# with_items:
# - /tmp/synchronize-action-key
# - /tmp/sync-test
# - /tmp/sync-test.out
- name: Cleanup
become: true
file:
path: "{{ item }}"
state: absent
with_items:
- /tmp/synchronize-action-key
- /tmp/sync-test
- /tmp/sync-test.out
tags:
- synchronize
39 changes: 26 additions & 13 deletions tests/ansible/integration/become/sudo_password.yml
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,12 @@
tasks:

- name: Ensure sudo password absent but required.
shell: whoami
become: true
become_user: mitogen__pw_required
command:
cmd: whoami
register: out
changed_when: false
ignore_errors: true
when:
# https://github.com/ansible/ansible/pull/70785
Expand All @@ -32,10 +34,12 @@
or is_mitogen

- name: Ensure password sudo incorrect.
shell: whoami
become: true
become_user: mitogen__pw_required
command:
cmd: whoami
register: out
changed_when: false
vars:
ansible_become_pass: nopes
ignore_errors: true
Expand All @@ -59,18 +63,27 @@
or ansible_version.full is version("2.11", ">=", strict=True)
or is_mitogen

# TODO: https://github.com/dw/mitogen/issues/692
# - name: Ensure password sudo succeeds.
# shell: whoami
# become: true
# become_user: mitogen__pw_required
# register: out
# vars:
# ansible_become_pass: pw_required_password
- block:
- name: Ensure password sudo succeeds
become: true
become_user: mitogen__pw_required
vars:
ansible_become_pass: pw_required_password
command:
cmd: whoami
register: sudo_password_success_whoami
changed_when: false

# - assert:
# that:
# - out.stdout == 'mitogen__pw_required'
- assert:
that:
- sudo_password_success_whoami.stdout == 'mitogen__pw_required'
fail_msg: |
sudo_password_success_whoami={{ sudo_password_success_whoami }}
when:
# https://github.com/ansible/ansible/pull/70785
- ansible_facts.distribution not in ["MacOSX"]
or ansible_version.full is version("2.11", ">=", strict=True)
or is_mitogen
tags:
- sudo
- sudo_password
52 changes: 28 additions & 24 deletions tests/ansible/integration/become/sudo_requiretty.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,34 +3,38 @@
- name: integration/become/sudo_requiretty.yml
hosts: test-targets
tasks:
# - include_tasks: ../_mitogen_only.yml
# AIUI Vanilla Ansible cannot do sudo when requiretty configured
- include_tasks: ../_mitogen_only.yml

# TODO: https://github.com/dw/mitogen/issues/692
# - name: Verify we can login to a non-passworded requiretty account
# shell: whoami
# become: true
# become_user: mitogen__require_tty
# register: out
- name: Verify we can login to a non-passworded requiretty account
become: true
become_user: mitogen__require_tty
command:
cmd: whoami
changed_when: false
register: sudo_require_tty_whoami

# - assert:
# that:
# - out.stdout == 'mitogen__require_tty'
- assert:
that:
- sudo_require_tty_whoami.stdout == 'mitogen__require_tty'
fail_msg: |
sudo_require_tty_whoami={{ sudo_require_tty_whoami }}

- name: Verify we can login to a passworded requiretty account
become: true
become_user: mitogen__require_tty_pw_required
vars:
ansible_become_pass: require_tty_pw_required_password
command:
cmd: whoami
changed_when: false
register: sudo_require_tty_password_whoami

# ---------------

# TODO: https://github.com/dw/mitogen/issues/692
# - name: Verify we can login to a passworded requiretty account
# shell: whoami
# become: true
# become_user: mitogen__require_tty_pw_required
# vars:
# ansible_become_pass: require_tty_pw_required_password
# register: out

# - assert:
# that:
# - out.stdout == 'mitogen__require_tty_pw_required'
- assert:
that:
- sudo_require_tty_password_whoami.stdout == 'mitogen__require_tty_pw_required'
fail_msg: |
sudo_require_tty_password_whoami={{ sudo_require_tty_password_whoami }}
tags:
- mitogen_only
- sudo
Expand Down
57 changes: 33 additions & 24 deletions tests/ansible/integration/playbook_semantics/with_items.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,30 +3,39 @@

- name: integration/playbook_semantics/with_items.yml
hosts: test-targets
gather_facts: true
tasks:
- block:
- name: Spin up a few interpreters
become: true
vars:
ansible_become_user: "mitogen__user{{ item }}"
command:
cmd: whoami
with_sequence: start=1 end=3
register: first_run
changed_when: false

# TODO: https://github.com/dw/mitogen/issues/692
# - name: Spin up a few interpreters
# shell: whoami
# become: true
# vars:
# ansible_become_user: "mitogen__user{{item}}"
# with_sequence: start=1 end=3
# register: first_run
- name: Reuse them
become: true
vars:
ansible_become_user: "mitogen__user{{ item }}"
command:
cmd: whoami
with_sequence: start=1 end=3
register: second_run
changed_when: false

# - name: Reuse them
# shell: whoami
# become: true
# vars:
# ansible_become_user: "mitogen__user{{item}}"
# with_sequence: start=1 end=3
# register: second_run

# - name: Verify first and second run matches expected username.
# assert:
# that:
# - first_run.results[item|int].stdout == ("mitogen__user%d" % (item|int + 1))
# - first_run.results[item|int].stdout == second_run.results[item|int].stdout
# with_sequence: start=0 end=2
tags:
- custom_python_new_style_module
- name: Verify first and second run matches expected username.
vars:
user_expected: "mitogen__user{{ item | int + 1 }}"
assert:
that:
- first_run.results[item | int].stdout == user_expected
- second_run.results[item | int].stdout == user_expected
with_sequence: start=0 end=2
when:
# https://github.com/ansible/ansible/pull/70785
- ansible_facts.distribution not in ["MacOSX"]
or ansible_version.full is version("2.11", ">=", strict=True)
or is_mitogen
1 change: 1 addition & 0 deletions tests/image_prep/_user_accounts.yml
Original file line number Diff line number Diff line change
Expand Up @@ -73,6 +73,7 @@
- user:
name: "mitogen__{{item}}"
shell: /bin/bash
group: staff
groups: |
{{
['com.apple.access_ssh'] +
Expand Down
1 change: 1 addition & 0 deletions tests/image_prep/ansible.cfg
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ retry_files_enabled = false
display_args_to_stdout = True
no_target_syslog = True
host_key_checking = False
stdout_callback = yaml

[inventory]
unparsed_is_fatal = true
Loading