saltstack/salt
1
0
Fork 0
mirror of https://github.com/saltstack/salt.git synced 2025-04-17 10:10:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Merge branch '2017.7' into win_unit_test_archive

Browse source
This commit is contained in:
Nicole Thomas 2017-11-10 11:48:51 -07:00 committed by GitHub
commit 5505a8819a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
10 changed files with 325 additions and 54 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

137
salt/client/ssh/wrapper/state.py
View file

@ -289,6 +289,143 @@ def apply_(mods=None,
return highstate(**kwargs)
def request(mods=None,
**kwargs):
'''
.. versionadded:: 2017.7.3
Request that the local admin execute a state run via
`salt-call state.run_request`
All arguments match state.apply
CLI Example:
.. code-block:: bash
salt '*' state.request
salt '*' state.request test
salt '*' state.request test,pkgs
'''
kwargs['test'] = True
ret = apply_(mods, **kwargs)
notify_path = os.path.join(__opts__['cachedir'], 'req_state.p')
serial = salt.payload.Serial(__opts__)
req = check_request()
req.update({kwargs.get('name', 'default'): {
'test_run': ret,
'mods': mods,
'kwargs': kwargs
}
})
cumask = os.umask(0o77)
try:
if salt.utils.is_windows():
# Make sure cache file isn't read-only
__salt__['cmd.run']('attrib -R "{0}"'.format(notify_path))
with salt.utils.fopen(notify_path, 'w+b') as fp_:
serial.dump(req, fp_)
except (IOError, OSError):
msg = 'Unable to write state request file {0}. Check permission.'
log.error(msg.format(notify_path))
os.umask(cumask)
return ret
def check_request(name=None):
'''
.. versionadded:: 2017.7.3
Return the state request information, if any
CLI Example:
.. code-block:: bash
salt '*' state.check_request
'''
notify_path = os.path.join(__opts__['cachedir'], 'req_state.p')
serial = salt.payload.Serial(__opts__)
if os.path.isfile(notify_path):
with salt.utils.fopen(notify_path, 'rb') as fp_:
req = serial.load(fp_)
if name:
return req[name]
return req
return {}
def clear_request(name=None):
'''
.. versionadded:: 2017.7.3
Clear out the state execution request without executing it
CLI Example:
.. code-block:: bash
salt '*' state.clear_request
'''
notify_path = os.path.join(__opts__['cachedir'], 'req_state.p')
serial = salt.payload.Serial(__opts__)
if not os.path.isfile(notify_path):
return True
if not name:
try:
os.remove(notify_path)
except (IOError, OSError):
pass
else:
req = check_request()
if name in req:
req.pop(name)
else:
return False
cumask = os.umask(0o77)
try:
if salt.utils.is_windows():
# Make sure cache file isn't read-only
__salt__['cmd.run']('attrib -R "{0}"'.format(notify_path))
with salt.utils.fopen(notify_path, 'w+b') as fp_:
serial.dump(req, fp_)
except (IOError, OSError):
msg = 'Unable to write state request file {0}. Check permission.'
log.error(msg.format(notify_path))
os.umask(cumask)
return True
def run_request(name='default', **kwargs):
'''
.. versionadded:: 2017.7.3
Execute the pending state request
CLI Example:
.. code-block:: bash
salt '*' state.run_request
'''
req = check_request()
if name not in req:
return {}
n_req = req[name]
if 'mods' not in n_req or 'kwargs' not in n_req:
return {}
req[name]['kwargs'].update(kwargs)
if 'test' in n_req['kwargs']:
n_req['kwargs'].pop('test')
if req:
ret = apply_(n_req['mods'], **n_req['kwargs'])
try:
os.remove(os.path.join(__opts__['cachedir'], 'req_state.p'))
except (IOError, OSError):
pass
return ret
return {}
def highstate(test=None, **kwargs):
'''
Retrieve the state data from the salt master for this minion and execute it

21
salt/modules/rh_ip.py
View file

@ -689,9 +689,24 @@ def _parse_settings_eth(opts, iface_type, enabled, iface):
if opt in opts:
result[opt] = opts[opt]
for opt in ['ipaddrs', 'ipv6addrs']:
if opt in opts:
result[opt] = opts[opt]
if 'ipaddrs' in opts:
result['ipaddrs'] = []
for opt in opts['ipaddrs']:
if salt.utils.validate.net.ipv4_addr(opt):
ip, prefix = [i.strip() for i in opt.split('/')]
result['ipaddrs'].append({'ipaddr': ip, 'prefix': prefix})
else:
msg = 'ipv4 CIDR is invalid'
log.error(msg)
raise AttributeError(msg)
if 'ipv6addrs' in opts:
for opt in opts['ipv6addrs']:
if not salt.utils.validate.net.ipv6_addr(opt):
msg = 'ipv6 CIDR is invalid'
log.error(msg)
raise AttributeError(msg)
result['ipv6addrs'] = opts['ipv6addrs']
if 'enable_ipv6' in opts:
result['enable_ipv6'] = opts['enable_ipv6']

34
salt/modules/win_lgpo.py
View file

@ -710,7 +710,9 @@ class _policy_info(object):
'lgpo_section': self.password_policy_gpedit_path,
'Settings': {
'Function': '_in_range_inclusive',
'Args': {'min': 0, 'max': 86313600}
'Args': {'min': 1,
'max': 86313600,
'zero_value': 0xffffffff}
},
'NetUserModal': {
'Modal': 0,
@ -718,7 +720,9 @@ class _policy_info(object):
},
'Transform': {
'Get': '_seconds_to_days',
'Put': '_days_to_seconds'
'Put': '_days_to_seconds',
'GetArgs': {'zero_value': 0xffffffff},
'PutArgs': {'zero_value': 0xffffffff}
},
},
'MinPasswordAge': {
@ -750,7 +754,7 @@ class _policy_info(object):
},
},
'PasswordComplexity': {
'Policy': 'Passwords must meet complexity requirements',
'Policy': 'Password must meet complexity requirements',
'lgpo_section': self.password_policy_gpedit_path,
'Settings': self.enabled_one_disabled_zero.keys(),
'Secedit': {
@ -2369,7 +2373,10 @@ class _policy_info(object):
'''
converts a number of seconds to days
'''
zero_value = kwargs.get('zero_value', 0)
if val is not None:
if val == zero_value:
return 0
return val / 86400
else:
return 'Not Defined'
@ -2379,7 +2386,10 @@ class _policy_info(object):
'''
converts a number of days to seconds
'''
zero_value = kwargs.get('zero_value', 0)
if val is not None:
if val == 0:
return zero_value
return val * 86400
else:
return 'Not Defined'
@ -2491,9 +2501,11 @@ class _policy_info(object):
def _in_range_inclusive(cls, val, **kwargs):
'''
checks that a value is in an inclusive range
The value for 0 used by Max Password Age is actually 0xffffffff
'''
minimum = 0
maximum = 1
minimum = kwargs.get('min', 0)
maximum = kwargs.get('max', 1)
zero_value = kwargs.get('zero_value', 0)
if isinstance(val, six.string_types):
if val.lower() == 'not defined':
@ -2503,12 +2515,8 @@ class _policy_info(object):
val = int(val)
except ValueError:
return False
if 'min' in kwargs:
minimum = kwargs['min']
if 'max' in kwargs:
maximum = kwargs['max']
if val is not None:
if val >= minimum and val <= maximum:
if minimum <= val <= maximum or val == zero_value:
return True
else:
return False
@ -2640,11 +2648,7 @@ class _policy_info(object):
or values
'''
log.debug('item == {0}'.format(item))
value_lookup = False
if 'value_lookup' in kwargs:
value_lookup = kwargs['value_lookup']
else:
value_lookup = False
value_lookup = kwargs.get('value_lookup', False)
if 'lookup' in kwargs:
for k, v in six.iteritems(kwargs['lookup']):
if value_lookup:

5
salt/templates/rh_ip/rh7_eth.jinja
View file

@ -19,12 +19,17 @@ DEVICE="{{name}}"
{%endif%}{% if ipaddr_end %}IPADDR_END="{{ipaddr_end}}"
{%endif%}{% if netmask %}NETMASK="{{netmask}}"
{%endif%}{% if prefix %}PREFIX="{{prefix}}"
{%endif%}{% if ipaddrs %}{% for i in ipaddrs -%}
IPADDR{{loop.index}}="{{i['ipaddr']}}"
PREFIX{{loop.index}}="{{i['prefix']}}"
{% endfor -%}
{%endif%}{% if gateway %}GATEWAY="{{gateway}}"
{%endif%}{% if enable_ipv6 %}IPV6INIT="yes"
{% if ipv6_autoconf %}IPV6_AUTOCONF="{{ipv6_autoconf}}"
{%endif%}{% if dhcpv6c %}DHCPV6C="{{dhcpv6c}}"
{%endif%}{% if ipv6addr %}IPV6ADDR="{{ipv6addr}}"
{%endif%}{% if ipv6gateway %}IPV6_DEFAULTGW="{{ipv6gateway}}"
{%endif%}{% if ipv6addrs %}IPV6ADDR_SECONDARIES="{{ ipv6addrs|join(' ') }}"
{%endif%}{% if ipv6_peerdns %}IPV6_PEERDNS="{{ipv6_peerdns}}"
{%endif%}{% if ipv6_defroute %}IPV6_DEFROUTE="{{ipv6_defroute}}"
{%endif%}{% if ipv6_peerroutes %}IPV6_PEERROUTES="{{ipv6_peerroutes}}"

4
tests/integration/files/file/base/ssh_state_tests.sls Normal file
View file

@ -0,0 +1,4 @@
ssh-file-test:
file.managed:
- name: /tmp/test
- contents: 'test'

72
tests/integration/ssh/test_state.py Normal file
View file

@ -0,0 +1,72 @@
# -*- coding: utf-8 -*-
# Import Python libs
from __future__ import absolute_import
import os
import shutil
# Import Salt Testing Libs
from tests.support.case import SSHCase
SSH_SLS = 'ssh_state_tests'
class SSHStateTest(SSHCase):
'''
testing the state system with salt-ssh
'''
def _check_dict_ret(self, ret, val, exp_ret):
for key, value in ret.items():
self.assertEqual(value[val], exp_ret)
def _check_request(self, empty=False):
check = self.run_function('state.check_request', wipe=False)
if empty:
self.assertFalse(bool(check))
else:
self._check_dict_ret(ret=check['default']['test_run']['local']['return'],
val='__sls__', exp_ret=SSH_SLS)
def test_state_apply(self):
'''
test state.apply with salt-ssh
'''
ret = self.run_function('state.apply', [SSH_SLS])
self._check_dict_ret(ret=ret, val='__sls__', exp_ret=SSH_SLS)
check_file = self.run_function('file.file_exists', ['/tmp/test'])
self.assertTrue(check_file)
def test_state_request_check_clear(self):
'''
test state.request system with salt-ssh
while also checking and clearing request
'''
request = self.run_function('state.request', [SSH_SLS], wipe=False)
self._check_dict_ret(ret=request, val='__sls__', exp_ret=SSH_SLS)
self._check_request()
clear = self.run_function('state.clear_request', wipe=False)
self._check_request(empty=True)
def test_state_run_request(self):
'''
test state.request system with salt-ssh
while also running the request later
'''
request = self.run_function('state.request', [SSH_SLS], wipe=False)
self._check_dict_ret(ret=request, val='__sls__', exp_ret=SSH_SLS)
run = self.run_function('state.run_request', wipe=False)
check_file = self.run_function('file.file_exists', ['/tmp/test'], wipe=False)
self.assertTrue(check_file)
def tearDown(self):
'''
make sure to clean up any old ssh directories
'''
salt_dir = self.run_function('config.get', ['thin_dir'], wipe=False)
if os.path.exists(salt_dir):
shutil.rmtree(salt_dir)

11
tests/runtests.py
View file

@ -130,6 +130,9 @@ TEST_SUITES = {
'returners':
{'display_name': 'Returners',
'path': 'integration/returners'},
'ssh-int':
{'display_name': 'SSH Integration',
'path': 'integration/ssh'},
'spm':
{'display_name': 'SPM',
'path': 'integration/spm'},
@ -412,6 +415,14 @@ class SaltTestsuiteParser(SaltCoverageTestingParser):
'SSH server on your machine. In certain environments, this '
'may be insecure! Default: False'
)
self.test_selection_group.add_option(
'--ssh-int',
dest='ssh-int',
action='store_true',
default=False,
help='Run salt-ssh integration tests. Requires to be run with --ssh'
'to spin up the SSH server on your machine.'
)
self.test_selection_group.add_option(
'-A',
'--api',

17
tests/support/case.py
View file

@ -124,11 +124,13 @@ class ShellTestCase(TestCase, AdaptedConfigurationTestCaseMixin):
arg_str = '-c {0} {1}'.format(self.get_config_dir(), arg_str)
return self.run_script('salt', arg_str, with_retcode=with_retcode, catch_stderr=catch_stderr)
def run_ssh(self, arg_str, with_retcode=False, timeout=25, catch_stderr=False):
def run_ssh(self, arg_str, with_retcode=False, timeout=25,
catch_stderr=False, wipe=False):
'''
Execute salt-ssh
'''
arg_str = '-c {0} -i --priv {1} --roster-file {2} localhost {3} --out=json'.format(
arg_str = '{0} -c {1} -i --priv {2} --roster-file {3} localhost {4} --out=json'.format(
' -W' if wipe else '',
self.get_config_dir(),
os.path.join(RUNTIME_VARS.TMP_CONF_DIR, 'key_test'),
os.path.join(RUNTIME_VARS.TMP_CONF_DIR, 'roster'),
@ -453,11 +455,13 @@ class ShellCase(ShellTestCase, AdaptedConfigurationTestCaseMixin, ScriptPathMixi
catch_stderr=catch_stderr,
timeout=timeout)
def run_ssh(self, arg_str, with_retcode=False, catch_stderr=False, timeout=60): # pylint: disable=W0221
def run_ssh(self, arg_str, with_retcode=False, catch_stderr=False,
timeout=60, wipe=True): # pylint: disable=W0221
'''
Execute salt-ssh
'''
arg_str = '-ldebug -W -c {0} -i --priv {1} --roster-file {2} --out=json localhost {3}'.format(
arg_str = '-ldebug{0} -c {1} -i --priv {2} --roster-file {3} --out=json localhost {4}'.format(
' -W' if wipe else '',
self.get_config_dir(),
os.path.join(RUNTIME_VARS.TMP_CONF_DIR, 'key_test'),
os.path.join(RUNTIME_VARS.TMP_CONF_DIR, 'roster'),
@ -797,11 +801,12 @@ class SSHCase(ShellCase):
def _arg_str(self, function, arg):
return '{0} {1}'.format(function, ' '.join(arg))
def run_function(self, function, arg=(), timeout=90, **kwargs):
def run_function(self, function, arg=(), timeout=90, wipe=True, **kwargs):
'''
We use a 90s timeout here, which some slower systems do end up needing
'''
ret = self.run_ssh(self._arg_str(function, arg), timeout=timeout)
ret = self.run_ssh(self._arg_str(function, arg), timeout=timeout,
wipe=wipe)
try:
return json.loads(ret)['localhost']
except Exception:

65
tests/unit/modules/test_rh_ip.py
View file

@ -16,6 +16,7 @@ from tests.support.mock import (
patch)
# Import Salt Libs
from salt.ext.six.moves import range
import salt.modules.rh_ip as rh_ip
# Import 3rd-party libs
@ -60,7 +61,6 @@ class RhipTestCase(TestCase, LoaderModuleMockMixin):
'''
with patch.dict(rh_ip.__grains__, {'os': 'Fedora'}):
with patch.object(rh_ip, '_raise_error_iface', return_value=None):
self.assertRaises(AttributeError,
rh_ip.build_interface,
'iface', 'slave', True)
@ -70,34 +70,53 @@ class RhipTestCase(TestCase, LoaderModuleMockMixin):
rh_ip.build_interface,
'iface', 'eth', True, netmask='255.255.255.255', prefix=32,
test=True)
self.assertRaises(AttributeError,
rh_ip.build_interface,
'iface', 'eth', True, ipaddrs=['A'],
test=True)
self.assertRaises(AttributeError,
rh_ip.build_interface,
'iface', 'eth', True, ipv6addrs=['A'],
test=True)
with patch.object(rh_ip, '_parse_settings_bond', MagicMock()):
mock = jinja2.exceptions.TemplateNotFound('foo')
with patch.object(jinja2.Environment,
'get_template',
MagicMock(side_effect=mock)):
self.assertEqual(rh_ip.build_interface('iface',
'vlan',
True), '')
with patch.object(rh_ip, '_read_temp', return_value='A'):
for osrelease in range(5, 8):
with patch.dict(rh_ip.__grains__, {'os': 'RedHat', 'osrelease': str(osrelease)}):
with patch.object(rh_ip, '_raise_error_iface', return_value=None):
with patch.object(rh_ip, '_parse_settings_bond', MagicMock()):
mock = jinja2.exceptions.TemplateNotFound('foo')
with patch.object(jinja2.Environment,
'get_template', MagicMock()):
'get_template',
MagicMock(side_effect=mock)):
self.assertEqual(rh_ip.build_interface('iface',
'vlan',
True,
test='A'),
'A')
True), '')
with patch.object(rh_ip, '_write_file_iface',
return_value=None):
with patch.object(os.path, 'join',
return_value='A'):
with patch.object(rh_ip, '_read_file',
with patch.object(rh_ip, '_read_temp', return_value='A'):
with patch.object(jinja2.Environment,
'get_template', MagicMock()):
self.assertEqual(rh_ip.build_interface('iface',
'vlan',
True,
test='A'),
'A')
with patch.object(rh_ip, '_write_file_iface',
return_value=None):
with patch.object(os.path, 'join',
return_value='A'):
self.assertEqual(rh_ip.build_interface
('iface', 'vlan',
True), 'A')
with patch.object(rh_ip, '_read_file',
return_value='A'):
self.assertEqual(rh_ip.build_interface
('iface', 'vlan',
True), 'A')
if osrelease > 6:
with patch.dict(rh_ip.__salt__, {'network.interfaces': lambda: {'eth': True}}):
self.assertEqual(rh_ip.build_interface
('iface', 'eth', True,
ipaddrs=['127.0.0.1/8']), 'A')
self.assertEqual(rh_ip.build_interface
('iface', 'eth', True,
ipv6addrs=['fc00::1/128']), 'A')
def test_build_routes(self):
'''

13
tests/unit/test_doc.py
View file

@ -7,6 +7,7 @@
# Import Python libs
from __future__ import absolute_import
import os
import re
# Import Salt Testing libs
from tests.support.unit import TestCase
@ -44,7 +45,7 @@ class DocTestCase(TestCase):
salt_dir += '/'
cmd = 'grep -r :doc: ' + salt_dir
grep_call = salt.modules.cmdmod.run_stdout(cmd=cmd).split('\n')
grep_call = salt.modules.cmdmod.run_stdout(cmd=cmd).split(os.linesep)
test_ret = {}
for line in grep_call:
@ -52,12 +53,10 @@ class DocTestCase(TestCase):
if line.startswith('Binary'):
continue
if salt.utils.is_windows():
# Need the space after the colon so it doesn't split the drive
# letter
key, val = line.split(': ', 1)
else:
key, val = line.split(':', 1)
# Only split on colons not followed by a '\' as is the case with
# Windows Drives
regex = re.compile(r':(?!\\)')
key, val = regex.split(line, 1)
# Don't test man pages, this file,
# the page that documents to not use ":doc:", or