diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-28 16:04:21 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-28 16:04:21 +0000 |
commit | 8a754e0858d922e955e71b253c139e071ecec432 (patch) | |
tree | 527d16e74bfd1840c85efd675fdecad056c54107 /test/integration/targets/connection_ssh | |
parent | Initial commit. (diff) | |
download | ansible-core-upstream.tar.xz ansible-core-upstream.zip |
Adding upstream version 2.14.3.upstream/2.14.3upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'test/integration/targets/connection_ssh')
8 files changed, 162 insertions, 0 deletions
diff --git a/test/integration/targets/connection_ssh/aliases b/test/integration/targets/connection_ssh/aliases new file mode 100644 index 0000000..bd04bed --- /dev/null +++ b/test/integration/targets/connection_ssh/aliases @@ -0,0 +1,3 @@ +needs/ssh +shippable/posix/group3 +needs/target/connection diff --git a/test/integration/targets/connection_ssh/check_ssh_defaults.yml b/test/integration/targets/connection_ssh/check_ssh_defaults.yml new file mode 100644 index 0000000..937f1f7 --- /dev/null +++ b/test/integration/targets/connection_ssh/check_ssh_defaults.yml @@ -0,0 +1,29 @@ +- hosts: ssh + gather_facts: false + vars: + ansible_connection: ssh + ansible_ssh_timeout: 10 + tasks: + - name: contain the maddness + block: + - name: test all is good + ping: + + - name: start the fun + meta: reset_connection + + - name: now test we can use wrong port from ssh/config + ping: + ignore_unreachable: True + vars: + ansible_ssh_args: "-F {{playbook_dir}}/files/port_overrride_ssh.cfg" + register: expected + + - name: check all is as expected + assert: + that: + - expected['unreachable']|bool + - "'2222' in expected['msg']" + always: + - name: make sure we don't cache the bad connection + meta: reset_connection diff --git a/test/integration/targets/connection_ssh/files/port_overrride_ssh.cfg b/test/integration/targets/connection_ssh/files/port_overrride_ssh.cfg new file mode 100644 index 0000000..7f8422e --- /dev/null +++ b/test/integration/targets/connection_ssh/files/port_overrride_ssh.cfg @@ -0,0 +1,2 @@ +Host * + Port 2222 diff --git a/test/integration/targets/connection_ssh/posix.sh b/test/integration/targets/connection_ssh/posix.sh new file mode 100755 index 0000000..8f036fb --- /dev/null +++ b/test/integration/targets/connection_ssh/posix.sh @@ -0,0 +1,14 @@ +#!/usr/bin/env bash + +set -eux + +group=ssh + +cd ../connection + +INVENTORY="../connection_${group}/test_connection.inventory" ./test.sh \ + -e target_hosts="${group}" \ + -e action_prefix= \ + -e local_tmp=/tmp/ansible-local \ + -e remote_tmp=/tmp/ansible-remote \ + "$@" diff --git a/test/integration/targets/connection_ssh/runme.sh b/test/integration/targets/connection_ssh/runme.sh new file mode 100755 index 0000000..ad817c8 --- /dev/null +++ b/test/integration/targets/connection_ssh/runme.sh @@ -0,0 +1,81 @@ +#!/usr/bin/env bash + +set -ux + +# We skip this whole section if the test node doesn't have sshpass on it. +if command -v sshpass > /dev/null; then + # Check if our sshpass supports -P + sshpass -P foo > /dev/null + sshpass_supports_prompt=$? + if [[ $sshpass_supports_prompt -eq 0 ]]; then + # If the prompt is wrong, we'll end up hanging (due to sshpass hanging). + # We should probably do something better here, like timing out in Ansible, + # but this has been the behavior for a long time, before we supported custom + # password prompts. + # + # So we search for a custom password prompt that is clearly wrong and call + # ansible with timeout. If we time out, our custom prompt was successfully + # searched for. It's a weird way of doing things, but it does ensure + # that the flag gets passed to sshpass. + timeout 5 ansible -m ping \ + -e ansible_connection=ssh \ + -e ansible_sshpass_prompt=notThis: \ + -e ansible_password=foo \ + -e ansible_user=definitelynotroot \ + -i test_connection.inventory \ + ssh-pipelining + ret=$? + # 124 is EXIT_TIMEDOUT from gnu coreutils + # 143 is 128+SIGTERM(15) from BusyBox + if [[ $ret -ne 124 && $ret -ne 143 ]]; then + echo "Expected to time out and we did not. Exiting with failure." + exit 1 + fi + else + ansible -m ping \ + -e ansible_connection=ssh \ + -e ansible_sshpass_prompt=notThis: \ + -e ansible_password=foo \ + -e ansible_user=definitelynotroot \ + -i test_connection.inventory \ + ssh-pipelining | grep 'customized password prompts' + ret=$? + [[ $ret -eq 0 ]] || exit $ret + fi +fi + +set -e + +if [[ "$(scp -O 2>&1)" == "usage: scp "* ]]; then + # scp supports the -O option (and thus the -T option as well) + # work-around required + # see: https://www.openssh.com/txt/release-9.0 + scp_args=("-e" "ansible_scp_extra_args=-TO") +elif [[ "$(scp -T 2>&1)" == "usage: scp "* ]]; then + # scp supports the -T option + # work-around required + # see: https://github.com/ansible/ansible/issues/52640 + scp_args=("-e" "ansible_scp_extra_args=-T") +else + # scp does not support the -T or -O options + # no work-around required + # however we need to put something in the array to keep older versions of bash happy + scp_args=("-e" "") +fi + +# sftp +./posix.sh "$@" +# scp +ANSIBLE_SCP_IF_SSH=true ./posix.sh "$@" "${scp_args[@]}" +# piped +ANSIBLE_SSH_TRANSFER_METHOD=piped ./posix.sh "$@" + +# test config defaults override +ansible-playbook check_ssh_defaults.yml "$@" -i test_connection.inventory + +# ensure we can load from ini cfg +ANSIBLE_CONFIG=./test_ssh_defaults.cfg ansible-playbook verify_config.yml "$@" + +# ensure we handle cp with spaces correctly, otherwise would fail with +# `"Failed to connect to the host via ssh: command-line line 0: keyword controlpath extra arguments at end of line"` +ANSIBLE_SSH_CONTROL_PATH='/tmp/ssh cp with spaces' ansible -m ping all -e ansible_connection=ssh -i test_connection.inventory "$@" diff --git a/test/integration/targets/connection_ssh/test_connection.inventory b/test/integration/targets/connection_ssh/test_connection.inventory new file mode 100644 index 0000000..a1a4ff1 --- /dev/null +++ b/test/integration/targets/connection_ssh/test_connection.inventory @@ -0,0 +1,7 @@ +[ssh] +ssh-pipelining ansible_ssh_pipelining=true +ssh-no-pipelining ansible_ssh_pipelining=false +[ssh:vars] +ansible_host=localhost +ansible_connection=ssh +ansible_python_interpreter="{{ ansible_playbook_python }}" diff --git a/test/integration/targets/connection_ssh/test_ssh_defaults.cfg b/test/integration/targets/connection_ssh/test_ssh_defaults.cfg new file mode 100644 index 0000000..362f946 --- /dev/null +++ b/test/integration/targets/connection_ssh/test_ssh_defaults.cfg @@ -0,0 +1,5 @@ +[ssh_connection] +ssh_common_args=fromconfig +ssh_extra_args=fromconfig +scp_extra_args=fromconfig +sftp_extra_args=fromconfig diff --git a/test/integration/targets/connection_ssh/verify_config.yml b/test/integration/targets/connection_ssh/verify_config.yml new file mode 100644 index 0000000..0bf7958 --- /dev/null +++ b/test/integration/targets/connection_ssh/verify_config.yml @@ -0,0 +1,21 @@ +- hosts: localhost + gather_facts: false + vars: + ssh_configs: + - ssh_common_args + - ssh_extra_args + - sftp_extra_args + - scp_extra_args + tasks: + - debug: + msg: '{{item ~ ": " ~ lookup("config", item, plugin_type="connection", plugin_name="ssh")}}' + verbosity: 3 + loop: '{{ssh_configs}}' + tags: [ configfile ] + + - name: check config from file + assert: + that: + - 'lookup("config", item, plugin_type="connection", plugin_name="ssh") == "fromconfig"' + loop: '{{ssh_configs}}' + tags: [ configfile ] |