diff options
Diffstat (limited to 'test/integration/targets/blockinfile')
13 files changed, 469 insertions, 0 deletions
diff --git a/test/integration/targets/blockinfile/aliases b/test/integration/targets/blockinfile/aliases new file mode 100644 index 00000000..a6dafcf8 --- /dev/null +++ b/test/integration/targets/blockinfile/aliases @@ -0,0 +1 @@ +shippable/posix/group1 diff --git a/test/integration/targets/blockinfile/files/sshd_config b/test/integration/targets/blockinfile/files/sshd_config new file mode 100644 index 00000000..41fea190 --- /dev/null +++ b/test/integration/targets/blockinfile/files/sshd_config @@ -0,0 +1,135 @@ +# $OpenBSD: sshd_config,v 1.100 2016/08/15 12:32:04 naddy Exp $ + +# This is the sshd server system-wide configuration file. See +# sshd_config(5) for more information. + +# This sshd was compiled with PATH=/usr/local/bin:/usr/bin + +# The strategy used for options in the default sshd_config shipped with +# OpenSSH is to specify options with their default value where +# possible, but leave them commented. Uncommented options override the +# default value. + +# If you want to change the port on a SELinux system, you have to tell +# SELinux about this change. +# semanage port -a -t ssh_port_t -p tcp #PORTNUMBER +# +#Port 22 +#AddressFamily any +#ListenAddress 0.0.0.0 +#ListenAddress :: + +HostKey /etc/ssh/ssh_host_rsa_key +#HostKey /etc/ssh/ssh_host_dsa_key +HostKey /etc/ssh/ssh_host_ecdsa_key +HostKey /etc/ssh/ssh_host_ed25519_key + +# Ciphers and keying +#RekeyLimit default none + +# Logging +#SyslogFacility AUTH +SyslogFacility AUTHPRIV +#LogLevel INFO + +# Authentication: + +#LoginGraceTime 2m +PermitRootLogin yes +#StrictModes yes +#MaxAuthTries 6 +#MaxSessions 10 + +#PubkeyAuthentication yes + +# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2 +# but this is overridden so installations will only check .ssh/authorized_keys +AuthorizedKeysFile .ssh/authorized_keys + +#AuthorizedPrincipalsFile none + +#AuthorizedKeysCommand none +#AuthorizedKeysCommandUser nobody + +# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts +#HostbasedAuthentication no +# Change to yes if you don't trust ~/.ssh/known_hosts for +# HostbasedAuthentication +#IgnoreUserKnownHosts no +# Don't read the user's ~/.rhosts and ~/.shosts files +#IgnoreRhosts yes + +# To disable tunneled clear text passwords, change to no here! +#PermitEmptyPasswords no + +# Change to no to disable s/key passwords +#ChallengeResponseAuthentication yes +ChallengeResponseAuthentication no + +# Kerberos options +#KerberosAuthentication no +#KerberosOrLocalPasswd yes +#KerberosTicketCleanup yes +#KerberosGetAFSToken no +#KerberosUseKuserok yes + +# GSSAPI options +GSSAPIAuthentication yes +GSSAPICleanupCredentials no +#GSSAPIStrictAcceptorCheck yes +#GSSAPIKeyExchange no +#GSSAPIEnablek5users no + +# Set this to 'yes' to enable PAM authentication, account processing, +# and session processing. If this is enabled, PAM authentication will +# be allowed through the ChallengeResponseAuthentication and +# PAM authentication via ChallengeResponseAuthentication may bypass +# the setting of "PermitRootLogin without-password". +# If you just want the PAM account and session checks to run without +# and ChallengeResponseAuthentication to 'no'. +# WARNING: 'UsePAM no' is not supported in Fedora and may cause several +# problems. +UsePAM yes + +#AllowAgentForwarding yes +#AllowTcpForwarding yes +#GatewayPorts no +X11Forwarding yes +#X11DisplayOffset 10 +#X11UseLocalhost yes +#PermitTTY yes +#PrintMotd yes +#PrintLastLog yes +#TCPKeepAlive yes +#UseLogin no +#UsePrivilegeSeparation sandbox +#PermitUserEnvironment no +#Compression delayed +#ClientAliveInterval 0 +#ClientAliveCountMax 3 +#ShowPatchLevel no +#UseDNS no +#PidFile /var/run/sshd.pid +#MaxStartups 10:30:100 +#PermitTunnel no +#ChrootDirectory none +#VersionAddendum none + +# no default banner path +#Banner none + +# Accept locale-related environment variables +AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES +AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT +AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE +AcceptEnv XMODIFIERS + +# override default of no subsystems +Subsystem sftp /usr/libexec/openssh/sftp-server + +# Example of overriding settings on a per-user basis +#Match User anoncvs +# X11Forwarding no +# AllowTcpForwarding no +# PermitTTY no +# ForceCommand cvs server diff --git a/test/integration/targets/blockinfile/meta/main.yml b/test/integration/targets/blockinfile/meta/main.yml new file mode 100644 index 00000000..07faa217 --- /dev/null +++ b/test/integration/targets/blockinfile/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - prepare_tests diff --git a/test/integration/targets/blockinfile/tasks/add_block_to_existing_file.yml b/test/integration/targets/blockinfile/tasks/add_block_to_existing_file.yml new file mode 100644 index 00000000..dbb93ecc --- /dev/null +++ b/test/integration/targets/blockinfile/tasks/add_block_to_existing_file.yml @@ -0,0 +1,47 @@ +- name: copy the sshd_config to the test dir + copy: + src: sshd_config + dest: "{{ output_dir_test }}" + +- name: insert/update "Match User" configuration block in sshd_config + blockinfile: + path: "{{ output_dir_test }}/sshd_config" + block: | + Match User ansible-agent + PasswordAuthentication no + backup: yes + register: blockinfile_test0 + +- name: check content + shell: 'grep -c -e "Match User ansible-agent" -e "PasswordAuthentication no" {{ output_dir_test }}/sshd_config' + register: blockinfile_test0_grep + +- debug: + var: blockinfile_test0 + verbosity: 1 + +- debug: + var: blockinfile_test0_grep + verbosity: 1 + +- name: validate first example results + assert: + that: + - 'blockinfile_test0.changed is defined' + - 'blockinfile_test0.msg is defined' + - 'blockinfile_test0.changed' + - 'blockinfile_test0.msg == "Block inserted"' + - 'blockinfile_test0_grep.stdout == "2"' + +- name: check idemptotence + blockinfile: + path: "{{ output_dir_test }}/sshd_config" + block: | + Match User ansible-agent + PasswordAuthentication no + register: blockinfile_test1 + +- name: validate idempotence results + assert: + that: + - 'not blockinfile_test1.changed' diff --git a/test/integration/targets/blockinfile/tasks/block_without_trailing_newline.yml b/test/integration/targets/blockinfile/tasks/block_without_trailing_newline.yml new file mode 100644 index 00000000..57dac60e --- /dev/null +++ b/test/integration/targets/blockinfile/tasks/block_without_trailing_newline.yml @@ -0,0 +1,30 @@ +- name: Add block without trailing line separator + blockinfile: + path: "{{ output_dir_test }}/chomped_block_test.txt" + create: yes + content: |- + one + two + three + register: chomptest1 + +- name: Add block without trailing line separator again + blockinfile: + path: "{{ output_dir_test }}/chomped_block_test.txt" + content: |- + one + two + three + register: chomptest2 + +- name: Check output file + stat: + path: "{{ output_dir_test }}/chomped_block_test.txt" + register: chomptest_file + +- name: Ensure chomptest results are correct + assert: + that: + - chomptest1 is changed + - chomptest2 is not changed + - chomptest_file.stat.checksum == '50d49f528a5f7147c7029ed6220c326b1ee2c4ae' diff --git a/test/integration/targets/blockinfile/tasks/create_file.yml b/test/integration/targets/blockinfile/tasks/create_file.yml new file mode 100644 index 00000000..94e47203 --- /dev/null +++ b/test/integration/targets/blockinfile/tasks/create_file.yml @@ -0,0 +1,32 @@ +- name: Create a file with blockinfile + blockinfile: + path: "{{ output_dir_test }}/empty.txt" + block: | + Hey + there + state: present + create: yes + register: empty_test_1 + +- name: Run a task that results in an empty file + blockinfile: + path: "{{ output_dir_test }}/empty.txt" + block: | + Hey + there + state: absent + create: yes + register: empty_test_2 + +- stat: + path: "{{ output_dir_test }}/empty.txt" + register: empty_test_stat + +- name: Ensure empty file was created + assert: + that: + - empty_test_1 is changed + - "'File created' in empty_test_1.msg" + - empty_test_2 is changed + - "'Block removed' in empty_test_2.msg" + - empty_test_stat.stat.size == 0 diff --git a/test/integration/targets/blockinfile/tasks/diff.yml b/test/integration/targets/blockinfile/tasks/diff.yml new file mode 100644 index 00000000..4a2f9454 --- /dev/null +++ b/test/integration/targets/blockinfile/tasks/diff.yml @@ -0,0 +1,18 @@ +- name: Create a test file + copy: + content: diff test + dest: "{{ output_dir_test }}/diff.txt" + +- name: Add block to file with diff + blockinfile: + path: "{{ output_dir_test }}/diff.txt" + block: | + line 1 + line 2 + register: difftest + diff: yes + +- name: Ensure diff was shown + assert: + that: + - difftest.diff | length > 0 diff --git a/test/integration/targets/blockinfile/tasks/file_without_trailing_newline.yml b/test/integration/targets/blockinfile/tasks/file_without_trailing_newline.yml new file mode 100644 index 00000000..fe4e2abc --- /dev/null +++ b/test/integration/targets/blockinfile/tasks/file_without_trailing_newline.yml @@ -0,0 +1,36 @@ +- name: Create file without trailing newline + copy: + content: '# File with no newline' + dest: "{{ output_dir_test }}/no_newline_at_end.txt" + register: no_newline + + +- name: Add block to file that does not have a newline at the end + blockinfile: + path: "{{ output_dir_test }}/no_newline_at_end.txt" + content: | + one + two + three + register: no_newline_test1 + +- name: Add block to file that does not have a newline at the end again + blockinfile: + path: "{{ output_dir_test }}/no_newline_at_end.txt" + content: | + one + two + three + register: no_newline_test2 + +- name: Stat the file + stat: + path: "{{ output_dir_test }}/no_newline_at_end.txt" + register: no_newline_file + +- name: Ensure block was correctly written to file with no newline at end + assert: + that: + - no_newline_test1 is changed + - no_newline_test2 is not changed + - no_newline_file.stat.checksum == 'dab16f864025e59125e74d1498ffb2bb048224e6' diff --git a/test/integration/targets/blockinfile/tasks/insertafter.yml b/test/integration/targets/blockinfile/tasks/insertafter.yml new file mode 100644 index 00000000..daf7bcf1 --- /dev/null +++ b/test/integration/targets/blockinfile/tasks/insertafter.yml @@ -0,0 +1,37 @@ +- name: Create insertafter test file + copy: + dest: "{{ output_dir }}/after.txt" + content: | + line1 + line2 + line3 + +- name: Add block using insertafter + blockinfile: + path: "{{ output_dir }}/after.txt" + insertafter: line2 + block: | + block1 + block2 + register: after1 + +- name: Add block using insertafter again + blockinfile: + path: "{{ output_dir }}/after.txt" + insertafter: line2 + block: | + block1 + block2 + register: after2 + +- name: Stat the after.txt file + stat: + path: "{{ output_dir }}/after.txt" + register: after_file + +- name: Ensure insertafter worked correctly + assert: + that: + - after1 is changed + - after2 is not changed + - after_file.stat.checksum == 'a8adeb971358230a28ce554f3b8fdd1ef65fdf1c' diff --git a/test/integration/targets/blockinfile/tasks/insertbefore.yml b/test/integration/targets/blockinfile/tasks/insertbefore.yml new file mode 100644 index 00000000..6089af15 --- /dev/null +++ b/test/integration/targets/blockinfile/tasks/insertbefore.yml @@ -0,0 +1,39 @@ +- name: Create insertbefore test file + copy: + dest: "{{ output_dir }}/before.txt" + content: | + line1 + line2 + line3 + +- name: Add block using insertbefore + blockinfile: + path: "{{ output_dir }}/before.txt" + insertbefore: line2 + block: | + block1 + block2 + register: after1 + +- name: Add block using insertbefore again + blockinfile: + path: "{{ output_dir }}/before.txt" + insertbefore: line2 + block: | + block1 + block2 + register: after2 + +- name: Stat the before.txt file + stat: + path: "{{ output_dir }}/before.txt" + register: after_file + +- command: cat {{ output_dir }}/before.txt + +- name: Ensure insertbefore worked correctly + assert: + that: + - after1 is changed + - after2 is not changed + - after_file.stat.checksum == '16681d1d7f29d173243bb951d6afb9c0824d7bf4' diff --git a/test/integration/targets/blockinfile/tasks/main.yml b/test/integration/targets/blockinfile/tasks/main.yml new file mode 100644 index 00000000..4bc0b8d1 --- /dev/null +++ b/test/integration/targets/blockinfile/tasks/main.yml @@ -0,0 +1,40 @@ +# Test code for the blockinfile module. +# (c) 2017, James Tanner <tanner.jc@gmail.com> + +# This file is part of Ansible +# +# Ansible is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# Ansible is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with Ansible. If not, see <http://www.gnu.org/licenses/>. + +- set_fact: + output_dir_test: "{{ output_dir }}/test_blockinfile" + +- name: make sure our testing sub-directory does not exist + file: + path: "{{ output_dir_test }}" + state: absent + +- name: create our testing sub-directory + file: + path: "{{ output_dir_test }}" + state: directory + +- import_tasks: add_block_to_existing_file.yml +- import_tasks: create_file.yml +- import_tasks: preserve_line_endings.yml +- import_tasks: block_without_trailing_newline.yml +- import_tasks: file_without_trailing_newline.yml +- import_tasks: diff.yml +- import_tasks: validate.yml +- import_tasks: insertafter.yml +- import_tasks: insertbefore.yml diff --git a/test/integration/targets/blockinfile/tasks/preserve_line_endings.yml b/test/integration/targets/blockinfile/tasks/preserve_line_endings.yml new file mode 100644 index 00000000..bb2dee29 --- /dev/null +++ b/test/integration/targets/blockinfile/tasks/preserve_line_endings.yml @@ -0,0 +1,24 @@ +- name: create line_endings_test.txt in the test dir + copy: + dest: "{{ output_dir_test }}/line_endings_test.txt" + # generating the content like this instead of copying a fixture file + # prevents sanity checks from warning about mixed line endings + content: "unix\nunix\nunix\n\ndos\r\ndos\r\ndos\r\n\nunix\nunix\n# BEGIN ANSIBLE MANAGED BLOCK\ndos\r\n# END ANSIBLE MANAGED BLOCK\nunix\nunix\nunix\nunix\n" + +- name: insert/update "dos" configuration block in line_endings_test.txt + blockinfile: + path: "{{ output_dir_test }}/line_endings_test.txt" + block: "dos\r\ndos\r\ndos\r\n" + register: blockinfile_test2 + +- name: check content + # using the more precise `grep -Pc "^dos\\r$" ...` fails on BSD/macOS + shell: 'grep -c "^dos.$" {{ output_dir_test }}/line_endings_test.txt' + register: blockinfile_test2_grep + +- name: validate line_endings_test.txt results + assert: + that: + - 'blockinfile_test2 is changed' + - 'blockinfile_test2.msg == "Block inserted"' + - 'blockinfile_test2_grep.stdout == "6"' diff --git a/test/integration/targets/blockinfile/tasks/validate.yml b/test/integration/targets/blockinfile/tasks/validate.yml new file mode 100644 index 00000000..105bca53 --- /dev/null +++ b/test/integration/targets/blockinfile/tasks/validate.yml @@ -0,0 +1,28 @@ +- name: EXPECTED FAILURE test improper validate + blockinfile: + path: "{{ output_dir }}/validate.txt" + block: | + line1 + line2 + create: yes + validate: grep + ignore_errors: yes + +- name: EXPECTED FAILURE test failure to validate + blockinfile: + path: "{{ output_dir }}/validate.txt" + block: | + line1 + line2 + create: yes + validate: grep line47 %s + ignore_errors: yes + +- name: Test proper validate + blockinfile: + path: "{{ output_dir }}/validate.txt" + block: | + line1 + line2 + create: yes + validate: grep line1 %s |