diff options
Diffstat (limited to '')
29 files changed, 1918 insertions, 0 deletions
diff --git a/test/integration/targets/apt/aliases b/test/integration/targets/apt/aliases new file mode 100644 index 0000000..5f892f9 --- /dev/null +++ b/test/integration/targets/apt/aliases @@ -0,0 +1,6 @@ +shippable/posix/group2 +destructive +skip/freebsd +skip/osx +skip/macos +skip/rhel diff --git a/test/integration/targets/apt/defaults/main.yml b/test/integration/targets/apt/defaults/main.yml new file mode 100644 index 0000000..7ad2497 --- /dev/null +++ b/test/integration/targets/apt/defaults/main.yml @@ -0,0 +1,2 @@ +apt_foreign_arch: i386 +hello_old_version: 2.6-1 diff --git a/test/integration/targets/apt/handlers/main.yml b/test/integration/targets/apt/handlers/main.yml new file mode 100644 index 0000000..0b6a98f --- /dev/null +++ b/test/integration/targets/apt/handlers/main.yml @@ -0,0 +1,4 @@ +- name: remove package hello + apt: + name: hello + state: absent diff --git a/test/integration/targets/apt/meta/main.yml b/test/integration/targets/apt/meta/main.yml new file mode 100644 index 0000000..162d7fa --- /dev/null +++ b/test/integration/targets/apt/meta/main.yml @@ -0,0 +1,3 @@ +dependencies: + - prepare_tests + - setup_deb_repo diff --git a/test/integration/targets/apt/tasks/apt-builddep.yml b/test/integration/targets/apt/tasks/apt-builddep.yml new file mode 100644 index 0000000..24ee1dc --- /dev/null +++ b/test/integration/targets/apt/tasks/apt-builddep.yml @@ -0,0 +1,55 @@ +# test installing build-deps using netcat and quilt as test victims. +# +# Deps can be discovered like so (taken from ubuntu 12.04) +# ==== +# root@localhost:~ # apt-rdepends --build-depends --follow=DEPENDS netcat +# Reading package lists... Done +# Building dependency tree +# Reading state information... Done +# netcat +# Build-Depends: debhelper (>= 8.0.0) +# Build-Depends: quilt +# root@localhost:~ # +# ==== +# Since many things depend on debhelper, let's just uninstall quilt, then +# install build-dep for netcat to get it back. build-dep doesn't have an +# uninstall, so we don't need to test for reverse actions (eg, uninstall +# build-dep and ensure things are clean) + +# uninstall quilt +- name: check quilt with dpkg + shell: dpkg -s quilt + register: dpkg_result + ignore_errors: true + tags: ['test_apt_builddep'] + +- name: uninstall quilt with apt + apt: pkg=quilt state=absent purge=yes + register: apt_result + when: dpkg_result is successful + tags: ['test_apt_builddep'] + +# install build-dep for rolldice +- name: install rolldice build-dep with apt + apt: pkg=rolldice state=build-dep + register: apt_result + tags: ['test_apt_builddep'] + +- name: verify build_dep of netcat + assert: + that: + - "'changed' in apt_result" + tags: ['test_apt_builddep'] + +# ensure debhelper and qilt are installed +- name: check build_deps with dpkg + shell: dpkg --get-selections | egrep '(debhelper|quilt)' + failed_when: False + register: dpkg_result + tags: ['test_apt_builddep'] + +- name: verify build_deps are really there + assert: + that: + - "dpkg_result.rc == 0" + tags: ['test_apt_builddep'] diff --git a/test/integration/targets/apt/tasks/apt-multiarch.yml b/test/integration/targets/apt/tasks/apt-multiarch.yml new file mode 100644 index 0000000..01f6766 --- /dev/null +++ b/test/integration/targets/apt/tasks/apt-multiarch.yml @@ -0,0 +1,44 @@ +# verify that apt is handling multi-arch systems properly + +- name: load version specific vars + include_vars: '{{ item }}' + with_first_found: + - files: + - '{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml' + - 'default.yml' + paths: '../vars' + +- name: add architecture {{ apt_foreign_arch }} + command: dpkg --add-architecture {{ apt_foreign_arch }} + +- name: install {{ multiarch_test_pkg }}:{{ apt_foreign_arch }} with apt + apt: pkg={{ multiarch_test_pkg }}:{{ apt_foreign_arch }} state=present update_cache=yes + register: apt_result + until: apt_result is success + +- name: check {{ multiarch_test_pkg }} version + shell: dpkg -s {{ multiarch_test_pkg }} | grep Version | awk '{print $2}' + register: pkg_version + +- name: uninstall {{ multiarch_test_pkg }}:{{ apt_foreign_arch }} with apt + apt: pkg={{ multiarch_test_pkg }}:{{ apt_foreign_arch }} state=absent purge=yes + +- name: install deb file + apt: deb="/var/cache/apt/archives/{{ multiarch_test_pkg }}_{{ pkg_version.stdout }}_{{ apt_foreign_arch }}.deb" + register: apt_multi_initial + +- name: install deb file again + apt: deb="/var/cache/apt/archives/{{ multiarch_test_pkg }}_{{ pkg_version.stdout }}_{{ apt_foreign_arch }}.deb" + register: apt_multi_secondary + +- name: verify installation of {{ multiarch_test_pkg }}:{{ apt_foreign_arch }} + assert: + that: + - "apt_multi_initial.changed" + - "not apt_multi_secondary.changed" + +- name: remove all {{ apt_foreign_arch }} packages + shell: "apt-get remove -y --allow-remove-essential '*:{{ apt_foreign_arch }}'" + +- name: remove {{ apt_foreign_arch }} architecture + command: dpkg --remove-architecture {{ apt_foreign_arch }} diff --git a/test/integration/targets/apt/tasks/apt.yml b/test/integration/targets/apt/tasks/apt.yml new file mode 100644 index 0000000..d273eda --- /dev/null +++ b/test/integration/targets/apt/tasks/apt.yml @@ -0,0 +1,547 @@ +- name: use Debian mirror + set_fact: + distro_mirror: http://ftp.debian.org/debian + when: ansible_distribution == 'Debian' + +- name: use Ubuntu mirror + set_fact: + distro_mirror: http://archive.ubuntu.com/ubuntu + when: ansible_distribution == 'Ubuntu' + +# UNINSTALL 'python-apt' +# The `apt` module has the smarts to auto-install `python-apt(3)`. To test, we +# will first uninstall `python-apt`. +- name: uninstall python-apt with apt + apt: + pkg: [python-apt, python3-apt] + state: absent + purge: yes + register: apt_result + +# In check mode, auto-install of `python-apt` must fail +- name: test fail uninstall hello without required apt deps in check mode + apt: + pkg: hello + state: absent + purge: yes + register: apt_result + check_mode: yes + ignore_errors: yes + +- name: verify fail uninstall hello without required apt deps in check mode + assert: + that: + - apt_result is failed + - '"If run normally this module can auto-install it." in apt_result.msg' + +- name: check with dpkg + shell: dpkg -s python-apt python3-apt + register: dpkg_result + ignore_errors: true + +# UNINSTALL 'hello' +# With 'python-apt' uninstalled, the first call to 'apt' should install +# python-apt without updating the cache. +- name: uninstall hello with apt and prevent updating the cache + apt: + pkg: hello + state: absent + purge: yes + update_cache: no + register: apt_result + +- name: check hello with dpkg + shell: dpkg-query -l hello + failed_when: False + register: dpkg_result + +- name: verify uninstall hello with apt and prevent updating the cache + assert: + that: + - "'changed' in apt_result" + - apt_result is not changed + - "dpkg_result.rc == 1" + +- name: Test installing fnmatch package + apt: + name: + - hel?o + - he?lo + register: apt_install_fnmatch + +- name: Test uninstalling fnmatch package + apt: + name: + - hel?o + - he?lo + state: absent + register: apt_uninstall_fnmatch + +- name: verify fnmatch + assert: + that: + - apt_install_fnmatch is changed + - apt_uninstall_fnmatch is changed + +- name: Test update_cache 1 (check mode) + apt: + update_cache: true + cache_valid_time: 10 + register: apt_update_cache_1_check_mode + check_mode: true + +- name: Test update_cache 1 + apt: + update_cache: true + cache_valid_time: 10 + register: apt_update_cache_1 + +- name: Test update_cache 2 (check mode) + apt: + update_cache: true + cache_valid_time: 10 + register: apt_update_cache_2_check_mode + check_mode: true + +- name: Test update_cache 2 + apt: + update_cache: true + cache_valid_time: 10 + register: apt_update_cache_2 + +- name: verify update_cache + assert: + that: + - apt_update_cache_1_check_mode is changed + - apt_update_cache_1 is changed + - apt_update_cache_2_check_mode is not changed + - apt_update_cache_2 is not changed + +- name: uninstall apt bindings with apt again + apt: + pkg: [python-apt, python3-apt] + state: absent + purge: yes + +# UNINSTALL 'hello' +# With 'python-apt' uninstalled, the first call to 'apt' should install +# python-apt. +- name: uninstall hello with apt + apt: pkg=hello state=absent purge=yes + register: apt_result + until: apt_result is success + +- name: check hello with dpkg + shell: dpkg-query -l hello + failed_when: False + register: dpkg_result + +- name: verify uninstallation of hello + assert: + that: + - "'changed' in apt_result" + - apt_result is not changed + - "dpkg_result.rc == 1" + +# UNINSTALL AGAIN +- name: uninstall hello with apt + apt: pkg=hello state=absent purge=yes + register: apt_result + +- name: verify no change on re-uninstall + assert: + that: + - "not apt_result.changed" + +# INSTALL +- name: install hello with apt + apt: name=hello state=present + register: apt_result + +- name: check hello with dpkg + shell: dpkg-query -l hello + failed_when: False + register: dpkg_result + +- name: verify installation of hello + assert: + that: + - "apt_result.changed" + - "dpkg_result.rc == 0" + +- name: verify apt module outputs + assert: + that: + - "'changed' in apt_result" + - "'stderr' in apt_result" + - "'stdout' in apt_result" + - "'stdout_lines' in apt_result" + +# INSTALL AGAIN +- name: install hello with apt + apt: name=hello state=present + register: apt_result + +- name: verify no change on re-install + assert: + that: + - "not apt_result.changed" + +# UNINSTALL AGAIN +- name: uninstall hello with apt + apt: pkg=hello state=absent purge=yes + register: apt_result + +# INSTALL WITH VERSION WILDCARD +- name: install hello with apt + apt: name=hello=2.* state=present + register: apt_result + +- name: check hello with wildcard with dpkg + shell: dpkg-query -l hello + failed_when: False + register: dpkg_result + +- name: verify installation of hello + assert: + that: + - "apt_result.changed" + - "dpkg_result.rc == 0" + +- name: check hello version + shell: dpkg -s hello | grep Version | awk '{print $2}' + register: hello_version + +- name: check hello architecture + shell: dpkg -s hello | grep Architecture | awk '{print $2}' + register: hello_architecture + +- name: uninstall hello with apt + apt: pkg=hello state=absent purge=yes + +# INSTALL WITHOUT REMOVALS +- name: Install hello, that conflicts with hello-traditional + apt: + pkg: hello + state: present + update_cache: no + +- name: check hello + shell: dpkg-query -l hello + register: dpkg_result + +- name: verify installation of hello + assert: + that: + - "apt_result.changed" + - "dpkg_result.rc == 0" + +- name: Try installing hello-traditional, that conflicts with hello + apt: + pkg: hello-traditional + state: present + fail_on_autoremove: yes + ignore_errors: yes + register: apt_result + +- name: verify failure of installing hello-traditional, because it is required to remove hello to install. + assert: + that: + - apt_result is failed + - '"Packages need to be removed but remove is disabled." in apt_result.msg' + +- name: uninstall hello with apt + apt: + pkg: hello + state: absent + purge: yes + update_cache: no + +- name: install deb file + apt: deb="/var/cache/apt/archives/hello_{{ hello_version.stdout }}_{{ hello_architecture.stdout }}.deb" + register: apt_initial + +- name: install deb file again + apt: deb="/var/cache/apt/archives/hello_{{ hello_version.stdout }}_{{ hello_architecture.stdout }}.deb" + register: apt_secondary + +- name: verify installation of hello + assert: + that: + - "apt_initial.changed" + - "not apt_secondary.changed" + +- name: uninstall hello with apt + apt: pkg=hello state=absent purge=yes + +- name: install deb file from URL + apt: deb="{{ distro_mirror }}/pool/main/h/hello/hello_{{ hello_version.stdout }}_{{ hello_architecture.stdout }}.deb" + register: apt_url + +- name: verify installation of hello + assert: + that: + - "apt_url.changed" + +- name: uninstall hello with apt + apt: pkg=hello state=absent purge=yes + +- name: force install of deb + apt: deb="/var/cache/apt/archives/hello_{{ hello_version.stdout }}_{{ hello_architecture.stdout }}.deb" force=true + register: dpkg_force + +- name: verify installation of hello + assert: + that: + - "dpkg_force.changed" + +# NEGATIVE: upgrade all packages while providing additional packages to install +- name: provide additional packages to install while upgrading all installed packages + apt: pkg=*,test state=latest + ignore_errors: True + register: apt_result + +- name: verify failure of upgrade packages and install + assert: + that: + - "not apt_result.changed" + - "apt_result.failed" + +- name: autoclean during install + apt: pkg=hello state=present autoclean=yes + +- name: undo previous install + apt: pkg=hello state=absent + +# https://github.com/ansible/ansible/issues/23155 +- name: create a repo file + copy: + dest: /etc/apt/sources.list.d/non-existing.list + content: deb http://ppa.launchpad.net/non-existing trusty main + +- name: test for sane error message + apt: + update_cache: yes + register: apt_result + ignore_errors: yes + +- name: verify sane error message + assert: + that: + - "'Failed to fetch' in apt_result['msg']" + - "'403' in apt_result['msg']" + +- name: Clean up + file: + name: /etc/apt/sources.list.d/non-existing.list + state: absent + +# https://github.com/ansible/ansible/issues/28907 +- name: Install parent package + apt: + name: libcaca-dev + +- name: Install child package + apt: + name: libslang2-dev + +- shell: apt-mark showmanual | grep libcaca-dev + ignore_errors: yes + register: parent_output + +- name: Check that parent package is marked as installed manually + assert: + that: + - "'libcaca-dev' in parent_output.stdout" + +- shell: apt-mark showmanual | grep libslang2-dev + ignore_errors: yes + register: child_output + +- name: Check that child package is marked as installed manually + assert: + that: + - "'libslang2-dev' in child_output.stdout" + +- name: Clean up + apt: + name: "{{ pkgs }}" + state: absent + vars: + pkgs: + - libcaca-dev + - libslang2-dev + +# https://github.com/ansible/ansible/issues/38995 +- name: build-dep for a package + apt: + name: tree + state: build-dep + register: apt_result + +- name: Check the result + assert: + that: + - apt_result is changed + +- name: build-dep for a package (idempotency) + apt: + name: tree + state: build-dep + register: apt_result + +- name: Check the result + assert: + that: + - apt_result is not changed + +# check policy_rc_d parameter + +- name: Install unscd but forbid service start + apt: + name: unscd + policy_rc_d: 101 + +- name: Stop unscd service + service: + name: unscd + state: stopped + register: service_unscd_stop + +- name: unscd service shouldn't have been stopped by previous task + assert: + that: service_unscd_stop is not changed + +- name: Uninstall unscd + apt: + name: unscd + policy_rc_d: 101 + +- name: Create incorrect /usr/sbin/policy-rc.d + copy: + dest: /usr/sbin/policy-rc.d + content: apt integration test + mode: 0755 + +- name: Install unscd but forbid service start + apt: + name: unscd + policy_rc_d: 101 + +- name: Stop unscd service + service: + name: unscd + state: stopped + register: service_unscd_stop + +- name: unscd service shouldn't have been stopped by previous task + assert: + that: service_unscd_stop is not changed + +- name: Create incorrect /usr/sbin/policy-rc.d + copy: + dest: /usr/sbin/policy-rc.d + content: apt integration test + mode: 0755 + register: policy_rc_d + +- name: Check if /usr/sbin/policy-rc.d was correctly backed-up during unscd install + assert: + that: policy_rc_d is not changed + +- name: Delete /usr/sbin/policy-rc.d + file: + path: /usr/sbin/policy-rc.d + state: absent + +# https://github.com/ansible/ansible/issues/65325 +- name: Download and install old version of hello (to test allow_change_held_packages option) + apt: "deb=https://ci-files.testing.ansible.com/test/integration/targets/dpkg_selections/hello_{{ hello_old_version }}_amd64.deb" + notify: + - remove package hello + +- name: Put hello on hold + shell: apt-mark hold hello + +- name: Get hold list + shell: apt-mark showhold + register: allow_change_held_packages_hold + +- name: Check that the package hello is on the hold list + assert: + that: + - "'hello' in allow_change_held_packages_hold.stdout" + +- name: Try updating package to the latest version (allow_change_held_packages=no) + apt: + name: hello + state: latest + ignore_errors: True + register: allow_change_held_packages_failed_update + +- name: Get the version of the package + shell: dpkg -s hello | grep Version | awk '{print $2}' + register: allow_change_held_packages_hello_version + +- name: Verify that the package was not updated (apt returns with an error) + assert: + that: + - "allow_change_held_packages_failed_update is failed" + - "'--allow-change-held-packages' in allow_change_held_packages_failed_update.stderr" + - "allow_change_held_packages_hello_version.stdout == hello_old_version" + +- name: Try updating package to the latest version (allow_change_held_packages=yes) + apt: + name: hello + state: latest + allow_change_held_packages: yes + register: allow_change_held_packages_successful_update + +- name: Get the version of the package + shell: dpkg -s hello | grep Version | awk '{print $2}' + register: allow_change_held_packages_hello_version + +- name: Verify that the package was updated + assert: + that: + - "allow_change_held_packages_successful_update is changed" + - "allow_change_held_packages_hello_version.stdout != hello_old_version" + +- name: Try updating package to the latest version again + apt: + name: hello + state: latest + allow_change_held_packages: yes + register: allow_change_held_packages_no_update + +- name: Get the version of the package + shell: dpkg -s hello | grep Version | awk '{print $2}' + register: allow_change_held_packages_hello_version_again + +- name: Verify that the package was not updated + assert: + that: + - "allow_change_held_packages_no_update is not changed" + - "allow_change_held_packages_hello_version.stdout == allow_change_held_packages_hello_version_again.stdout" + +# Virtual package +- name: Install a virtual package + apt: + package: + - emacs-nox + - yaml-mode # <- the virtual package + state: latest + register: install_virtual_package_result + +- name: Check the virtual package install result + assert: + that: + - install_virtual_package_result is changed + +- name: Clean up virtual-package install + apt: + package: + - emacs-nox + - elpa-yaml-mode + state: absent + purge: yes diff --git a/test/integration/targets/apt/tasks/downgrade.yml b/test/integration/targets/apt/tasks/downgrade.yml new file mode 100644 index 0000000..896b644 --- /dev/null +++ b/test/integration/targets/apt/tasks/downgrade.yml @@ -0,0 +1,77 @@ +- block: + - name: Disable ubuntu repos so system packages are not upgraded and do not change testing env + command: mv /etc/apt/sources.list /etc/apt/sources.list.backup + + - name: install latest foo + apt: + name: foo + state: latest + allow_unauthenticated: yes + + - name: check foo version + shell: dpkg -s foo | grep Version | awk '{print $2}' + register: apt_downgrade_foo_version + + - name: ensure the correct version of foo has been installed + assert: + that: + - "'1.0.1' in apt_downgrade_foo_version.stdout" + + - name: try to downgrade foo + apt: + name: foo=1.0.0 + state: present + allow_unauthenticated: yes + ignore_errors: yes + register: apt_downgrade_foo_fail + + - name: verify failure of downgrading without allow downgrade flag + assert: + that: + - apt_downgrade_foo_fail is failed + + - name: try to downgrade foo with flag + apt: + name: foo=1.0.0 + state: present + allow_downgrade: yes + allow_unauthenticated: yes + register: apt_downgrade_foo_succeed + + - name: verify success of downgrading with allow downgrade flag + assert: + that: + - apt_downgrade_foo_succeed is success + + - name: check foo version + shell: dpkg -s foo | grep Version | awk '{print $2}' + register: apt_downgrade_foo_version + + - name: check that version downgraded correctly + assert: + that: + - "'1.0.0' in apt_downgrade_foo_version.stdout" + - "{{ apt_downgrade_foo_version.changed }}" + + - name: downgrade foo with flag again + apt: + name: foo=1.0.0 + state: present + allow_downgrade: yes + allow_unauthenticated: yes + register: apt_downgrade_second_downgrade + + - name: check that nothing has changed (idempotent) + assert: + that: + - "apt_downgrade_second_downgrade.changed == false" + + always: + - name: Clean up + apt: + pkg: foo,foobar + state: absent + autoclean: yes + + - name: Restore ubuntu repos + command: mv /etc/apt/sources.list.backup /etc/apt/sources.list diff --git a/test/integration/targets/apt/tasks/main.yml b/test/integration/targets/apt/tasks/main.yml new file mode 100644 index 0000000..13d3e4f --- /dev/null +++ b/test/integration/targets/apt/tasks/main.yml @@ -0,0 +1,40 @@ +# (c) 2014, James Tanner <tanner.jc@gmail.com> + +# This file is part of Ansible +# +# Ansible is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# Ansible is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with Ansible. If not, see <http://www.gnu.org/licenses/>. + +- block: + - import_tasks: 'apt.yml' + + - import_tasks: 'url-with-deps.yml' + + - import_tasks: 'apt-multiarch.yml' + when: + - ansible_userspace_architecture != apt_foreign_arch + + - import_tasks: 'apt-builddep.yml' + + - block: + - import_tasks: 'repo.yml' + always: + - file: + path: /etc/apt/sources.list.d/file_tmp_repo.list + state: absent + - file: + name: "{{ repodir }}" + state: absent + + when: + - ansible_distribution in ('Ubuntu', 'Debian') diff --git a/test/integration/targets/apt/tasks/repo.yml b/test/integration/targets/apt/tasks/repo.yml new file mode 100644 index 0000000..d4cce78 --- /dev/null +++ b/test/integration/targets/apt/tasks/repo.yml @@ -0,0 +1,452 @@ +- block: + - name: Install foo package version 1.0.0 + apt: + name: foo=1.0.0 + allow_unauthenticated: yes + register: apt_result + + - name: Check install with dpkg + shell: dpkg-query -l foo + register: dpkg_result + + - name: Check if install was successful + assert: + that: + - "apt_result is success" + - "dpkg_result is success" + - "'1.0.0' in dpkg_result.stdout" + + - name: Update to foo version 1.0.1 + apt: + name: foo + state: latest + allow_unauthenticated: yes + register: apt_result + + - name: Check install with dpkg + shell: dpkg-query -l foo + register: dpkg_result + + - name: Check if install was successful + assert: + that: + - "apt_result is success" + - "dpkg_result is success" + - "'1.0.1' in dpkg_result.stdout" + always: + - name: Clean up + apt: + name: foo + state: absent + allow_unauthenticated: yes + +- name: Try to install non-existent version + apt: + name: foo=99 + state: present + ignore_errors: true + register: apt_result + +- name: Check if install failed + assert: + that: + - apt_result is failed + +# https://github.com/ansible/ansible/issues/30638 +- block: + - name: Don't install foo=1.0.1 since foo is not installed and only_upgrade is set + apt: + name: foo=1.0.1 + state: present + only_upgrade: yes + allow_unauthenticated: yes + ignore_errors: yes + register: apt_result + + - name: Check that foo was not upgraded + assert: + that: + - "apt_result is not changed" + - "apt_result is success" + + - apt: + name: foo=1.0.0 + allow_unauthenticated: yes + + - name: Upgrade foo to 1.0.1 but don't upgrade foobar since it is not installed + apt: + name: foobar=1.0.1,foo=1.0.1 + state: present + only_upgrade: yes + allow_unauthenticated: yes + register: apt_result + + - name: Check install with dpkg + shell: "dpkg-query -l {{ item }}" + register: dpkg_result + ignore_errors: yes + loop: + - foobar + - foo + + - name: Check if install was successful + assert: + that: + - "apt_result is success" + - "dpkg_result.results[0] is failure" + - "'1.0.1' not in dpkg_result.results[0].stdout" + - "dpkg_result.results[1] is success" + - "'1.0.1' in dpkg_result.results[1].stdout" + always: + - name: Clean up + apt: + name: foo + state: absent + allow_unauthenticated: yes + +- block: + - name: Install foo=1.0.0 + apt: + name: foo=1.0.0 + + - name: Run version test matrix + apt: + name: foo{{ item.0 }} + default_release: '{{ item.1 }}' + state: '{{ item.2 | ternary("latest","present") }}' + check_mode: true + register: apt_result + loop: + # [filter, release, state_latest, expected] + - ["", null, false, null] + - ["", null, true, "1.0.1"] + - ["=1.0.0", null, false, null] + - ["=1.0.0", null, true, null] + - ["=1.0.1", null, false, "1.0.1"] + #- ["=1.0.*", null, false, null] # legacy behavior. should not upgrade without state=latest + - ["=1.0.*", null, true, "1.0.1"] + - [">=1.0.0", null, false, null] + - [">=1.0.0", null, true, "1.0.1"] + - [">=1.0.1", null, false, "1.0.1"] + - ["", "testing", false, null] + - ["", "testing", true, "2.0.1"] + - ["=2.0.0", null, false, "2.0.0"] + - [">=2.0.0", "testing", false, "2.0.1"] + + - name: Validate version test matrix + assert: + that: + - (item.item.3 is not none) == (item.stdout is defined) + - item.item.3 is none or "Inst foo [1.0.0] (" + item.item.3 + " localhost [all])" in item.stdout_lines + loop: '{{ apt_result.results }}' + + - name: Pin foo=1.0.0 + copy: + content: |- + Package: foo + Pin: version 1.0.0 + Pin-Priority: 1000 + dest: /etc/apt/preferences.d/foo + + - name: Run pinning version test matrix + apt: + name: foo{{ item.0 }} + default_release: '{{ item.1 }}' + state: '{{ item.2 | ternary("latest","present") }}' + check_mode: true + ignore_errors: true + register: apt_result + loop: + # [filter, release, state_latest, expected] # expected=null for no change. expected=False to assert an error + - ["", null, false, null] + - ["", null, true, null] + - ["=1.0.0", null, false, null] + - ["=1.0.0", null, true, null] + - ["=1.0.1", null, false, "1.0.1"] + #- ["=1.0.*", null, false, null] # legacy behavior. should not upgrade without state=latest + - ["=1.0.*", null, true, "1.0.1"] + - [">=1.0.0", null, false, null] + - [">=1.0.0", null, true, null] + - [">=1.0.1", null, false, False] + - ["", "testing", false, null] + - ["", "testing", true, null] + - ["=2.0.0", null, false, "2.0.0"] + - [">=2.0.0", "testing", false, False] + + - name: Validate pinning version test matrix + assert: + that: + - (item.item.3 != False) or (item.item.3 == False and item is failed) + - (item.item.3 is string) == (item.stdout is defined) + - item.item.3 is not string or "Inst foo [1.0.0] (" + item.item.3 + " localhost [all])" in item.stdout_lines + loop: '{{ apt_result.results }}' + + always: + - name: Uninstall foo + apt: + name: foo + state: absent + + - name: Unpin foo + file: + path: /etc/apt/preferences.d/foo + state: absent + +# https://github.com/ansible/ansible/issues/35900 +- block: + - name: Disable ubuntu repos so system packages are not upgraded and do not change testing env + command: mv /etc/apt/sources.list /etc/apt/sources.list.backup + + - name: Install foobar, installs foo as a dependency + apt: + name: foobar=1.0.0 + allow_unauthenticated: yes + + - name: mark foobar as auto for next test + shell: apt-mark auto foobar + + - name: Install foobar (marked as manual) (check mode) + apt: + name: foobar=1.0.1 + allow_unauthenticated: yes + check_mode: yes + register: manual_foobar_install_check_mode + + - name: check foobar was not marked as manually installed by check mode + shell: apt-mark showmanual | grep foobar + ignore_errors: yes + register: showmanual + + - assert: + that: + - manual_foobar_install_check_mode.changed + - "'foobar' not in showmanual.stdout" + + - name: Install foobar (marked as manual) + apt: + name: foobar=1.0.1 + allow_unauthenticated: yes + register: manual_foobar_install + + - name: check foobar was marked as manually installed + shell: apt-mark showmanual | grep foobar + ignore_errors: yes + register: showmanual + + - assert: + that: + - manual_foobar_install.changed + - "'foobar' in showmanual.stdout" + + - name: Upgrade foobar to a version which does not depend on foo, autoremove should remove foo + apt: + upgrade: dist + autoremove: yes + allow_unauthenticated: yes + + - name: Check foo with dpkg + shell: dpkg-query -l foo + register: dpkg_result + ignore_errors: yes + + - name: Check that foo was removed by autoremove + assert: + that: + - "dpkg_result is failed" + + always: + - name: Clean up + apt: + pkg: foo,foobar + state: absent + autoclean: yes + + - name: Restore ubuntu repos + command: mv /etc/apt/sources.list.backup /etc/apt/sources.list + + +# https://github.com/ansible/ansible/issues/26298 +- block: + - name: Disable ubuntu repos so system packages are not upgraded and do not change testing env + command: mv /etc/apt/sources.list /etc/apt/sources.list.backup + + - name: Install foobar, installs foo as a dependency + apt: + name: foobar=1.0.0 + allow_unauthenticated: yes + + - name: Upgrade foobar to a version which does not depend on foo + apt: + upgrade: dist + force: yes # workaround for --allow-unauthenticated used along with upgrade + + - name: autoremove should remove foo + apt: + autoremove: yes + register: autoremove_result + + - name: Check that autoremove correctly reports changed=True + assert: + that: + - "autoremove_result is changed" + + - name: Check foo with dpkg + shell: dpkg-query -l foo + register: dpkg_result + ignore_errors: yes + + - name: Check that foo was removed by autoremove + assert: + that: + - "dpkg_result is failed" + + - name: Nothing to autoremove + apt: + autoremove: yes + register: autoremove_result + + - name: Check that autoremove correctly reports changed=False + assert: + that: + - "autoremove_result is not changed" + + - name: Create a fake .deb file for autoclean to remove + file: + name: /var/cache/apt/archives/python3-q_2.4-1_all.deb + state: touch + + - name: autoclean fake .deb file + apt: + autoclean: yes + register: autoclean_result + + - name: Check if the .deb file exists + stat: + path: /var/cache/apt/archives/python3-q_2.4-1_all.deb + register: stat_result + + - name: Check that autoclean correctly reports changed=True and file was removed + assert: + that: + - "autoclean_result is changed" + - "not stat_result.stat.exists" + + - name: Nothing to autoclean + apt: + autoclean: yes + register: autoclean_result + + - name: Check that autoclean correctly reports changed=False + assert: + that: + - "autoclean_result is not changed" + + always: + - name: Clean up + apt: + pkg: foo,foobar + state: absent + autoclean: yes + + - name: Restore ubuntu repos + command: mv /etc/apt/sources.list.backup /etc/apt/sources.list + +- name: Downgrades + import_tasks: "downgrade.yml" + +- name: Upgrades + block: + - import_tasks: "upgrade.yml" + vars: + aptitude_present: "{{ True | bool }}" + upgrade_type: "dist" + force_apt_get: "{{ False | bool }}" + + - name: Check if aptitude is installed + command: dpkg-query --show --showformat='${db:Status-Abbrev}' aptitude + register: aptitude_status + + - name: Remove aptitude, if installed, to test fall-back to apt-get + apt: + pkg: aptitude + state: absent + when: + - aptitude_status.stdout.find('ii') != -1 + + - include_tasks: "upgrade.yml" + vars: + aptitude_present: "{{ False | bool }}" + upgrade_type: "{{ item.upgrade_type }}" + force_apt_get: "{{ item.force_apt_get }}" + with_items: + - { upgrade_type: safe, force_apt_get: False } + - { upgrade_type: full, force_apt_get: False } + - { upgrade_type: safe, force_apt_get: True } + - { upgrade_type: full, force_apt_get: True } + + - name: (Re-)Install aptitude, run same tests again + apt: + pkg: aptitude + state: present + + - include_tasks: "upgrade.yml" + vars: + aptitude_present: "{{ True | bool }}" + upgrade_type: "{{ item.upgrade_type }}" + force_apt_get: "{{ item.force_apt_get }}" + with_items: + - { upgrade_type: safe, force_apt_get: False } + - { upgrade_type: full, force_apt_get: False } + - { upgrade_type: safe, force_apt_get: True } + - { upgrade_type: full, force_apt_get: True } + + - name: Remove aptitude if not originally present + apt: + pkg: aptitude + state: absent + when: + - aptitude_status.stdout.find('ii') == -1 + +- block: + - name: Install the foo package with diff=yes + apt: + name: foo + allow_unauthenticated: yes + diff: yes + register: apt_result + + - name: Check the content of diff.prepared + assert: + that: + - apt_result is success + - "'The following NEW packages will be installed:\n foo' in apt_result.diff.prepared" + always: + - name: Clean up + apt: + name: foo + state: absent + allow_unauthenticated: yes + +- block: + - name: Install foo package version 1.0.0 with force=yes, implies allow_unauthenticated=yes + apt: + name: foo=1.0.0 + force: yes + register: apt_result + + - name: Check install with dpkg + shell: dpkg-query -l foo + register: dpkg_result + + - name: Check if install was successful + assert: + that: + - "apt_result is success" + - "dpkg_result is success" + - "'1.0.0' in dpkg_result.stdout" + always: + - name: Clean up + apt: + name: foo + state: absent + allow_unauthenticated: yes diff --git a/test/integration/targets/apt/tasks/upgrade.yml b/test/integration/targets/apt/tasks/upgrade.yml new file mode 100644 index 0000000..cf747c8 --- /dev/null +++ b/test/integration/targets/apt/tasks/upgrade.yml @@ -0,0 +1,64 @@ +- block: + - name: Disable ubuntu repos so system packages are not upgraded and do not change testing env + command: mv /etc/apt/sources.list /etc/apt/sources.list.backup + + - name: install foo-1.0.0 + apt: + name: foo=1.0.0 + state: present + allow_unauthenticated: yes + + - name: check foo version + shell: dpkg -s foo | grep Version | awk '{print $2}' + register: foo_version + + - name: ensure the correct version of foo has been installed + assert: + that: + - "'1.0.0' in foo_version.stdout" + + - name: "(upgrade type: {{upgrade_type}}) upgrade packages to latest version, force_apt_get: {{force_apt_get}}" + apt: + upgrade: "{{ upgrade_type }}" + force_apt_get: "{{ force_apt_get }}" + force: yes + register: upgrade_result + + - name: check foo version + shell: dpkg -s foo | grep Version | awk '{print $2}' + register: foo_version + + - name: check that warning is not given when force_apt_get set + assert: + that: + - "'warnings' not in upgrade_result" + when: + - force_apt_get + + - name: check that old version upgraded correctly + assert: + that: + - "'1.0.0' not in foo_version.stdout" + - "{{ foo_version.changed }}" + + - name: "(upgrade type: {{upgrade_type}}) upgrade packages to latest version (Idempotant)" + apt: + upgrade: "{{ upgrade_type }}" + force_apt_get: "{{ force_apt_get }}" + force: yes + register: second_upgrade_result + + - name: check that nothing has changed (Idempotant) + assert: + that: + - "second_upgrade_result.changed == false" + + always: + - name: Clean up + apt: + pkg: foo,foobar + state: absent + autoclean: yes + + - name: Restore ubuntu repos + command: mv /etc/apt/sources.list.backup /etc/apt/sources.list diff --git a/test/integration/targets/apt/tasks/url-with-deps.yml b/test/integration/targets/apt/tasks/url-with-deps.yml new file mode 100644 index 0000000..7c70eb9 --- /dev/null +++ b/test/integration/targets/apt/tasks/url-with-deps.yml @@ -0,0 +1,56 @@ +- block: + - name: Install https transport for apt + apt: + name: apt-transport-https + + - name: Ensure echo-hello is not installed + apt: + name: echo-hello + state: absent + purge: yes + + # Note that this .deb is just a stupidly tiny one that has a dependency + # on vim-tiny. Really any .deb will work here so long as it has + # dependencies that exist in a repo and get brought in. + # The source and files for building this .deb can be found here: + # https://ci-files.testing.ansible.com/test/integration/targets/apt/echo-hello-source.tar.gz + - name: Install deb file with dependencies from URL (check_mode) + apt: + deb: https://ci-files.testing.ansible.com/test/integration/targets/apt/echo-hello_1.0_all.deb + check_mode: true + register: apt_url_deps_check_mode + + - name: check to make sure we didn't install the package due to check_mode + shell: dpkg-query -l echo-hello + failed_when: false + register: dpkg_result_check_mode + + - name: verify check_mode installation of echo-hello + assert: + that: + - apt_url_deps_check_mode is changed + - dpkg_result_check_mode.rc != 0 + + - name: Install deb file with dependencies from URL (for real this time) + apt: + deb: https://ci-files.testing.ansible.com/test/integration/targets/apt/echo-hello_1.0_all.deb + register: apt_url_deps + + - name: check to make sure we installed the package + shell: dpkg-query -l echo-hello + failed_when: False + register: dpkg_result + + - name: verify real installation of echo-hello + assert: + that: + - apt_url_deps is changed + - dpkg_result is successful + - dpkg_result.rc == 0 + + always: + - name: uninstall echo-hello with apt + apt: + pkg: echo-hello + state: absent + purge: yes diff --git a/test/integration/targets/apt/vars/Ubuntu-20.yml b/test/integration/targets/apt/vars/Ubuntu-20.yml new file mode 100644 index 0000000..7b32755 --- /dev/null +++ b/test/integration/targets/apt/vars/Ubuntu-20.yml @@ -0,0 +1 @@ +multiarch_test_pkg: libunistring2 diff --git a/test/integration/targets/apt/vars/Ubuntu-22.yml b/test/integration/targets/apt/vars/Ubuntu-22.yml new file mode 100644 index 0000000..7b32755 --- /dev/null +++ b/test/integration/targets/apt/vars/Ubuntu-22.yml @@ -0,0 +1 @@ +multiarch_test_pkg: libunistring2 diff --git a/test/integration/targets/apt/vars/default.yml b/test/integration/targets/apt/vars/default.yml new file mode 100644 index 0000000..bed3a96 --- /dev/null +++ b/test/integration/targets/apt/vars/default.yml @@ -0,0 +1 @@ +multiarch_test_pkg: hello diff --git a/test/integration/targets/apt_key/aliases b/test/integration/targets/apt_key/aliases new file mode 100644 index 0000000..a820ec9 --- /dev/null +++ b/test/integration/targets/apt_key/aliases @@ -0,0 +1,5 @@ +shippable/posix/group1 +skip/freebsd +skip/osx +skip/macos +skip/rhel diff --git a/test/integration/targets/apt_key/meta/main.yml b/test/integration/targets/apt_key/meta/main.yml new file mode 100644 index 0000000..07faa21 --- /dev/null +++ b/test/integration/targets/apt_key/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - prepare_tests diff --git a/test/integration/targets/apt_key/tasks/apt_key.yml b/test/integration/targets/apt_key/tasks/apt_key.yml new file mode 100644 index 0000000..0e01723 --- /dev/null +++ b/test/integration/targets/apt_key/tasks/apt_key.yml @@ -0,0 +1,25 @@ +- name: Ensure key is not there to start with. + apt_key: + id: 36A1D7869245C8950F966E92D8576A8BA88D21E9 + state: absent + +- name: run first docs example + apt_key: + keyserver: keyserver.ubuntu.com + id: 36A1D7869245C8950F966E92D8576A8BA88D21E9 + register: apt_key_test0 + +- debug: var=apt_key_test0 + +- name: re-run first docs example + apt_key: + keyserver: keyserver.ubuntu.com + id: 36A1D7869245C8950F966E92D8576A8BA88D21E9 + register: apt_key_test1 + +- name: validate results + assert: + that: + - 'apt_key_test0.changed is defined' + - 'apt_key_test0.changed' + - 'not apt_key_test1.changed' diff --git a/test/integration/targets/apt_key/tasks/apt_key_binary.yml b/test/integration/targets/apt_key/tasks/apt_key_binary.yml new file mode 100644 index 0000000..b120bd5 --- /dev/null +++ b/test/integration/targets/apt_key/tasks/apt_key_binary.yml @@ -0,0 +1,12 @@ +--- + +- name: Ensure import of binary key downloaded using URLs works + apt_key: + url: https://ci-files.testing.ansible.com/test/integration/targets/apt_key/apt-key-example-binary.gpg + register: apt_key_binary_test + +- name: Validate the results + assert: + that: + - 'apt_key_binary_test.changed is defined' + - 'apt_key_binary_test.changed' diff --git a/test/integration/targets/apt_key/tasks/apt_key_inline_data.yml b/test/integration/targets/apt_key/tasks/apt_key_inline_data.yml new file mode 100644 index 0000000..916fa5a --- /dev/null +++ b/test/integration/targets/apt_key/tasks/apt_key_inline_data.yml @@ -0,0 +1,5 @@ +- name: "Ensure import of a deliberately corrupted downloaded GnuPG binary key results in an 'inline data' occurence in the message" + apt_key: + url: https://ci-files.testing.ansible.com/test/integration/targets/apt_key/apt-key-corrupt-zeros-2k.gpg + register: gpg_inline_result + failed_when: "not ('inline data' in gpg_inline_result.msg)" diff --git a/test/integration/targets/apt_key/tasks/file.yml b/test/integration/targets/apt_key/tasks/file.yml new file mode 100644 index 0000000..c22f3a4 --- /dev/null +++ b/test/integration/targets/apt_key/tasks/file.yml @@ -0,0 +1,52 @@ +- name: Get Fedora GPG Key + get_url: + url: https://ci-files.testing.ansible.com/test/integration/targets/apt_key/fedora.gpg + dest: /tmp/fedora.gpg + +- name: Ensure clean slate + apt_key: + id: 1161AE6945719A39 + state: absent + +- name: Run apt_key with both file and keyserver + apt_key: + file: /tmp/fedora.gpg + keyserver: keys.gnupg.net + id: 97A1AE57C3A2372CCA3A4ABA6C13026D12C944D0 + register: both_file_keyserver + ignore_errors: true + +- name: Run apt_key with file only + apt_key: + file: /tmp/fedora.gpg + register: only_file + +- name: Run apt_key with keyserver only + apt_key: + keyserver: keys.gnupg.net + id: 97A1AE57C3A2372CCA3A4ABA6C13026D12C944D0 + register: only_keyserver + +- name: validate results + assert: + that: + - 'both_file_keyserver is failed' + - 'only_file.changed' + - 'not only_keyserver.changed' + +- name: remove fedora.gpg + apt_key: + id: 1161AE6945719A39 + state: absent + register: remove_fedora + +- name: add key from url + apt_key: + url: https://ci-files.testing.ansible.com/test/integration/targets/apt_key/fedora.gpg + register: apt_key_url + +- name: verify key from url + assert: + that: + - remove_fedora is changed + - apt_key_url is changed diff --git a/test/integration/targets/apt_key/tasks/main.yml b/test/integration/targets/apt_key/tasks/main.yml new file mode 100644 index 0000000..ffb89b2 --- /dev/null +++ b/test/integration/targets/apt_key/tasks/main.yml @@ -0,0 +1,29 @@ +# Test code for the apt_key module. +# (c) 2017, James Tanner <tanner.jc@gmail.com> + +# This file is part of Ansible +# +# Ansible is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# Ansible is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with Ansible. If not, see <http://www.gnu.org/licenses/>. + +- import_tasks: 'apt_key.yml' + when: ansible_distribution in ('Ubuntu', 'Debian') + +- import_tasks: 'apt_key_inline_data.yml' + when: ansible_distribution in ('Ubuntu', 'Debian') + +- import_tasks: 'file.yml' + when: ansible_distribution in ('Ubuntu', 'Debian') + +- import_tasks: 'apt_key_binary.yml' + when: ansible_distribution in ('Ubuntu', 'Debian') diff --git a/test/integration/targets/apt_repository/aliases b/test/integration/targets/apt_repository/aliases new file mode 100644 index 0000000..34e2b54 --- /dev/null +++ b/test/integration/targets/apt_repository/aliases @@ -0,0 +1,6 @@ +destructive +shippable/posix/group1 +skip/freebsd +skip/osx +skip/macos +skip/rhel diff --git a/test/integration/targets/apt_repository/meta/main.yml b/test/integration/targets/apt_repository/meta/main.yml new file mode 100644 index 0000000..07faa21 --- /dev/null +++ b/test/integration/targets/apt_repository/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - prepare_tests diff --git a/test/integration/targets/apt_repository/tasks/apt.yml b/test/integration/targets/apt_repository/tasks/apt.yml new file mode 100644 index 0000000..0dc25af --- /dev/null +++ b/test/integration/targets/apt_repository/tasks/apt.yml @@ -0,0 +1,243 @@ +--- + +- set_fact: + test_ppa_name: 'ppa:git-core/ppa' + test_ppa_filename: 'git-core' + test_ppa_spec: 'deb http://ppa.launchpad.net/git-core/ppa/ubuntu {{ansible_distribution_release}} main' + test_ppa_key: 'E1DF1F24' # http://keyserver.ubuntu.com:11371/pks/lookup?search=0xD06AAF4C11DAB86DF421421EFE6B20ECA7AD98A1&op=index + +- name: show python version + debug: var=ansible_python_version + +- name: use python-apt + set_fact: + python_apt: python-apt + when: ansible_python_version is version('3', '<') + +- name: use python3-apt + set_fact: + python_apt: python3-apt + when: ansible_python_version is version('3', '>=') + +# UNINSTALL 'python-apt' +# The `apt_repository` module has the smarts to auto-install `python-apt`. To +# test, we will first uninstall `python-apt`. +- name: check {{ python_apt }} with dpkg + shell: dpkg -s {{ python_apt }} + register: dpkg_result + ignore_errors: true + +- name: uninstall {{ python_apt }} with apt + apt: pkg={{ python_apt }} state=absent purge=yes + register: apt_result + when: dpkg_result is successful + +# +# TEST: apt_repository: repo=<name> +# +- import_tasks: 'cleanup.yml' + +- name: 'record apt cache mtime' + stat: path='/var/cache/apt/pkgcache.bin' + register: cache_before + +- name: 'name=<name> (expect: pass)' + apt_repository: repo='{{test_ppa_name}}' state=present + register: result + +- name: 'assert the apt cache did *NOT* change' + assert: + that: + - 'result.changed' + - 'result.state == "present"' + - 'result.repo == "{{test_ppa_name}}"' + +- name: 'examine apt cache mtime' + stat: path='/var/cache/apt/pkgcache.bin' + register: cache_after + +- name: 'assert the apt cache did change' + assert: + that: + - 'cache_before.stat.mtime != cache_after.stat.mtime' + +- name: 'ensure ppa key is installed (expect: pass)' + apt_key: id='{{test_ppa_key}}' state=present + +# +# TEST: apt_repository: repo=<name> update_cache=no +# +- import_tasks: 'cleanup.yml' + +- name: 'record apt cache mtime' + stat: path='/var/cache/apt/pkgcache.bin' + register: cache_before + +- name: 'name=<name> update_cache=no (expect: pass)' + apt_repository: repo='{{test_ppa_name}}' state=present update_cache=no + register: result + +- assert: + that: + - 'result.changed' + - 'result.state == "present"' + - 'result.repo == "{{test_ppa_name}}"' + +- name: 'examine apt cache mtime' + stat: path='/var/cache/apt/pkgcache.bin' + register: cache_after + +- name: 'assert the apt cache did *NOT* change' + assert: + that: + - 'cache_before.stat.mtime == cache_after.stat.mtime' + +- name: 'ensure ppa key is installed (expect: pass)' + apt_key: id='{{test_ppa_key}}' state=present + +# +# TEST: apt_repository: repo=<name> update_cache=yes +# +- import_tasks: 'cleanup.yml' + +- name: 'record apt cache mtime' + stat: path='/var/cache/apt/pkgcache.bin' + register: cache_before + +- name: 'name=<name> update_cache=yes (expect: pass)' + apt_repository: repo='{{test_ppa_name}}' state=present update_cache=yes + register: result + +- assert: + that: + - 'result.changed' + - 'result.state == "present"' + - 'result.repo == "{{test_ppa_name}}"' + +- name: 'examine apt cache mtime' + stat: path='/var/cache/apt/pkgcache.bin' + register: cache_after + +- name: 'assert the apt cache did change' + assert: + that: + - 'cache_before.stat.mtime != cache_after.stat.mtime' + +- name: 'ensure ppa key is installed (expect: pass)' + apt_key: id='{{test_ppa_key}}' state=present + +# +# TEST: apt_repository: repo=<spec> +# +- import_tasks: 'cleanup.yml' + +- name: 'record apt cache mtime' + stat: path='/var/cache/apt/pkgcache.bin' + register: cache_before + +- name: ensure ppa key is present before adding repo that requires authentication + apt_key: keyserver=keyserver.ubuntu.com id='{{test_ppa_key}}' state=present + +- name: 'name=<spec> (expect: pass)' + apt_repository: repo='{{test_ppa_spec}}' state=present + register: result + +- name: update the cache + apt: + update_cache: true + register: result_cache + +- assert: + that: + - 'result.changed' + - 'result.state == "present"' + - 'result.repo == "{{test_ppa_spec}}"' + - result_cache is not changed + +- name: 'examine apt cache mtime' + stat: path='/var/cache/apt/pkgcache.bin' + register: cache_after + +- name: 'assert the apt cache did change' + assert: + that: + - 'cache_before.stat.mtime != cache_after.stat.mtime' + +- name: remove repo by spec + apt_repository: repo='{{test_ppa_spec}}' state=absent + register: result + +# When installing a repo with the spec, the key is *NOT* added +- name: 'ensure ppa key is absent (expect: pass)' + apt_key: id='{{test_ppa_key}}' state=absent + +# +# TEST: apt_repository: repo=<spec> filename=<filename> +# +- import_tasks: 'cleanup.yml' + +- name: 'record apt cache mtime' + stat: path='/var/cache/apt/pkgcache.bin' + register: cache_before + +- name: ensure ppa key is present before adding repo that requires authentication + apt_key: keyserver=keyserver.ubuntu.com id='{{test_ppa_key}}' state=present + +- name: 'name=<spec> filename=<filename> (expect: pass)' + apt_repository: repo='{{test_ppa_spec}}' filename='{{test_ppa_filename}}' state=present + register: result + +- assert: + that: + - 'result.changed' + - 'result.state == "present"' + - 'result.repo == "{{test_ppa_spec}}"' + +- name: 'examine source file' + stat: path='/etc/apt/sources.list.d/{{test_ppa_filename}}.list' + register: source_file + +- name: 'assert source file exists' + assert: + that: + - 'source_file.stat.exists == True' + +- name: 'examine apt cache mtime' + stat: path='/var/cache/apt/pkgcache.bin' + register: cache_after + +- name: 'assert the apt cache did change' + assert: + that: + - 'cache_before.stat.mtime != cache_after.stat.mtime' + +# When installing a repo with the spec, the key is *NOT* added +- name: 'ensure ppa key is absent (expect: pass)' + apt_key: id='{{test_ppa_key}}' state=absent + +- name: Test apt_repository with a null value for repo + apt_repository: + repo: + register: result + ignore_errors: yes + +- assert: + that: + - result is failed + - result.msg == 'Please set argument \'repo\' to a non-empty value' + +- name: Test apt_repository with an empty value for repo + apt_repository: + repo: "" + register: result + ignore_errors: yes + +- assert: + that: + - result is failed + - result.msg == 'Please set argument \'repo\' to a non-empty value' + +# +# TEARDOWN +# +- import_tasks: 'cleanup.yml' diff --git a/test/integration/targets/apt_repository/tasks/cleanup.yml b/test/integration/targets/apt_repository/tasks/cleanup.yml new file mode 100644 index 0000000..92280ce --- /dev/null +++ b/test/integration/targets/apt_repository/tasks/cleanup.yml @@ -0,0 +1,17 @@ +--- +# tasks to cleanup a repo and assert it is gone + +- name: remove existing ppa + apt_repository: repo={{test_ppa_name}} state=absent + ignore_errors: true + +- name: test that ppa does not exist (expect pass) + shell: cat /etc/apt/sources.list /etc/apt/sources.list.d/* | grep "{{test_ppa_spec}}" + register: command + failed_when: command.rc == 0 + changed_when: false + +# Should this use apt-key, maybe? +- name: remove ppa key + apt_key: id={{test_ppa_key}} state=absent + ignore_errors: true diff --git a/test/integration/targets/apt_repository/tasks/main.yml b/test/integration/targets/apt_repository/tasks/main.yml new file mode 100644 index 0000000..5d72f6f --- /dev/null +++ b/test/integration/targets/apt_repository/tasks/main.yml @@ -0,0 +1,25 @@ +# test code for the apt_repository module +# (c) 2014, James Laska <jlaska@ansible.com> + +# This file is part of Ansible +# +# Ansible is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# Ansible is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with Ansible. If not, see <http://www.gnu.org/licenses/>. + +- import_tasks: 'apt.yml' + when: ansible_distribution in ('Ubuntu') + +- import_tasks: mode.yaml + when: ansible_distribution in ('Ubuntu') + tags: + - test_apt_repository_mode diff --git a/test/integration/targets/apt_repository/tasks/mode.yaml b/test/integration/targets/apt_repository/tasks/mode.yaml new file mode 100644 index 0000000..4b4fabf --- /dev/null +++ b/test/integration/targets/apt_repository/tasks/mode.yaml @@ -0,0 +1,135 @@ +--- + +# These tests are likely slower than they should be, since each +# invocation of apt_repository seems to end up querying for +# lots (all?) configured repos. + +- set_fact: + test_repo_spec: "deb http://apt.postgresql.org/pub/repos/apt/ {{ ansible_distribution_release }}-pgdg main" + test_repo_path: /etc/apt/sources.list.d/apt_postgresql_org_pub_repos_apt.list + +- import_tasks: mode_cleanup.yaml + +- name: Add GPG key to verify signatures + apt_key: + id: 7FCC7D46ACCC4CF8 + keyserver: keyserver.ubuntu.com + +- name: Mode specified as yaml literal 0600 + apt_repository: + repo: "{{ test_repo_spec }}" + state: present + mode: 0600 + update_cache: false + register: mode_given_results + +- name: Gather mode_given_as_literal_yaml stat + stat: + path: "{{ test_repo_path }}" + register: mode_given_yaml_literal_0600 + +- name: Show mode_given_yaml_literal_0600 + debug: + var: mode_given_yaml_literal_0600 + +- import_tasks: mode_cleanup.yaml + +- name: Assert mode_given_yaml_literal_0600 is correct + assert: + that: "mode_given_yaml_literal_0600.stat.mode == '0600'" + +- name: No mode specified + apt_repository: + repo: "{{ test_repo_spec }}" + state: present + update_cache: false + register: no_mode_results + +- name: Gather no mode stat + stat: + path: "{{ test_repo_path }}" + register: no_mode_stat + +- name: Show no mode stat + debug: + var: no_mode_stat + +- import_tasks: mode_cleanup.yaml + +- name: Assert no_mode_stat is correct + assert: + that: "no_mode_stat.stat.mode == '0644'" + +- name: Mode specified as string 0600 + apt_repository: + repo: "{{ test_repo_spec }}" + state: present + mode: "0600" + update_cache: false + register: mode_given_string_results + +- name: Gather mode_given_string stat + stat: + path: "{{ test_repo_path }}" + register: mode_given_string_stat + +- name: Show mode_given_string_stat + debug: + var: mode_given_string_stat + +- import_tasks: mode_cleanup.yaml + +- name: Mode specified as string 600 + apt_repository: + repo: "{{ test_repo_spec }}" + state: present + mode: "600" + update_cache: false + register: mode_given_string_600_results + +- name: Gather mode_given_600_string stat + stat: + path: "{{ test_repo_path }}" + register: mode_given_string_600_stat + +- name: Show mode_given_string_stat + debug: + var: mode_given_string_600_stat + +- import_tasks: mode_cleanup.yaml + +- name: Assert mode is correct + assert: + that: "mode_given_string_600_stat.stat.mode == '0600'" + +- name: Mode specified as yaml literal 600 + apt_repository: + repo: "{{ test_repo_spec }}" + state: present + mode: 600 + update_cache: false + register: mode_given_short_results + +- name: Gather mode_given_yaml_literal_600 stat + stat: + path: "{{ test_repo_path }}" + register: mode_given_yaml_literal_600 + +- name: Show mode_given_yaml_literal_600 + debug: + var: mode_given_yaml_literal_600 + +- import_tasks: mode_cleanup.yaml + +# a literal 600 as the mode will fail currently, in the sense that it +# doesn't guess and consider 600 and 0600 to be the same, and will instead +# intepret literal 600 as the decimal 600 (and thereby octal 1130). +# The literal 0600 can be interpreted as octal correctly. Note that +# a decimal 644 is octal 420. The default perm is 0644 so a mis intrpretation +# of 644 was previously resulting in a default file mode of 0420. +# 'mode: 600' is likely not what a user meant but there isnt enough info +# to determine that. Note that a string arg of '600' will be intrepeted as 0600. +# See https://github.com/ansible/ansible/issues/16370 +- name: Assert mode_given_yaml_literal_600 is correct + assert: + that: "mode_given_yaml_literal_600.stat.mode == '1130'" diff --git a/test/integration/targets/apt_repository/tasks/mode_cleanup.yaml b/test/integration/targets/apt_repository/tasks/mode_cleanup.yaml new file mode 100644 index 0000000..726de11 --- /dev/null +++ b/test/integration/targets/apt_repository/tasks/mode_cleanup.yaml @@ -0,0 +1,7 @@ +--- +# tasks to cleanup after creating a repo file, specifically for testing the 'mode' arg + +- name: Delete existing repo + file: + path: "{{ test_repo_path }}" + state: absent
\ No newline at end of file |