valitydev/salt
14
0
Fork 0
mirror of https://github.com/valitydev/salt.git synced 2024-11-07 17:09:03 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge branch '2018.3' into cloud_config_merge

Browse Source
This commit is contained in:
Daniel Wozniak 2019-01-29 19:43:26 -07:00 committed by GitHub
commit 48062c89a7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 126 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
salt/modules/git.py
View File

@ -979,7 +979,7 @@ def clone(cwd,
information on securing the keypair from the remote side in the
``authorized_keys`` file.
.. _`sshd(8)`: http://www.man7.org/linux/man-pages/man8/sshd.8.html#AUTHORIZED_KEYS_FILE%20FORMAT
.. _`sshd(8)`: http://www.man7.org/linux/man-pages/man8/sshd.8.html#AUTHORIZED_KEYS_FILE_FORMAT
.. versionchanged:: 2015.8.7
@ -2035,7 +2035,7 @@ def fetch(cwd,
information on securing the keypair from the remote side in the
``authorized_keys`` file.
.. _`sshd(8)`: http://www.man7.org/linux/man-pages/man8/sshd.8.html#AUTHORIZED_KEYS_FILE%20FORMAT
.. _`sshd(8)`: http://www.man7.org/linux/man-pages/man8/sshd.8.html#AUTHORIZED_KEYS_FILE_FORMAT
.. versionchanged:: 2015.8.7
@ -2847,7 +2847,7 @@ def ls_remote(cwd=None,
information on securing the keypair from the remote side in the
``authorized_keys`` file.
.. _`sshd(8)`: http://www.man7.org/linux/man-pages/man8/sshd.8.html#AUTHORIZED_KEYS_FILE%20FORMAT
.. _`sshd(8)`: http://www.man7.org/linux/man-pages/man8/sshd.8.html#AUTHORIZED_KEYS_FILE_FORMAT
.. versionchanged:: 2015.8.7
@ -2940,6 +2940,7 @@ def merge(cwd,
git_opts='',
user=None,
password=None,
identity=None,
ignore_retcode=False,
output_encoding=None,
**kwargs):
@ -2983,6 +2984,22 @@ def merge(cwd,
.. versionadded:: 2016.3.4
identity
Path to a private key to use for ssh URLs. Salt will not attempt to use
passphrase-protected keys unless invoked from the minion using
``salt-call``, to prevent blocking waiting for user input. Key can also
be specified as a SaltStack file server URL, eg.
``salt://location/identity_file``.
.. note::
For greater security with passphraseless private keys, see the
`sshd(8)`_ manpage for information on securing the keypair from the
remote side in the ``authorized_keys`` file.
.. _`sshd(8)`: http://www.man7.org/linux/man-pages/man8/sshd.8.html#AUTHORIZED_KEYS_FILE_FORMAT
.. versionadded:: 2018.3.5,2019.2.1,Neon
ignore_retcode : False
If ``True``, do not log an error to the minion log if the git command
returns a nonzero exit status.
@ -3024,10 +3041,12 @@ def merge(cwd,
command.extend(_format_opts(opts))
if rev:
command.append(rev)
return _git_run(command,
cwd=cwd,
user=user,
password=password,
identity=identity,
ignore_retcode=ignore_retcode,
output_encoding=output_encoding)['stdout']
@ -3382,7 +3401,7 @@ def pull(cwd,
information on securing the keypair from the remote side in the
``authorized_keys`` file.
.. _`sshd(8)`: http://www.man7.org/linux/man-pages/man8/sshd.8.html#AUTHORIZED_KEYS_FILE%20FORMAT
.. _`sshd(8)`: http://www.man7.org/linux/man-pages/man8/sshd.8.html#AUTHORIZED_KEYS_FILE_FORMAT
.. versionchanged:: 2015.8.7
@ -3508,7 +3527,7 @@ def push(cwd,
information on securing the keypair from the remote side in the
``authorized_keys`` file.
.. _`sshd(8)`: http://www.man7.org/linux/man-pages/man8/sshd.8.html#AUTHORIZED_KEYS_FILE%20FORMAT
.. _`sshd(8)`: http://www.man7.org/linux/man-pages/man8/sshd.8.html#AUTHORIZED_KEYS_FILE_FORMAT
.. versionchanged:: 2015.8.7
@ -3792,7 +3811,7 @@ def remote_refs(url,
information on securing the keypair from the remote side in the
``authorized_keys`` file.
.. _`sshd(8)`: http://www.man7.org/linux/man-pages/man8/sshd.8.html#AUTHORIZED_KEYS_FILE%20FORMAT
.. _`sshd(8)`: http://www.man7.org/linux/man-pages/man8/sshd.8.html#AUTHORIZED_KEYS_FILE_FORMAT
.. versionchanged:: 2015.8.7
@ -4101,6 +4120,7 @@ def reset(cwd,
git_opts='',
user=None,
password=None,
identity=None,
ignore_retcode=False,
output_encoding=None):
'''
@ -4137,6 +4157,22 @@ def reset(cwd,
.. versionadded:: 2016.3.4
identity
Path to a private key to use for ssh URLs. Salt will not attempt to use
passphrase-protected keys unless invoked from the minion using
``salt-call``, to prevent blocking waiting for user input. Key can also
be specified as a SaltStack file server URL, eg.
``salt://location/identity_file``.
.. note::
For greater security with passphraseless private keys, see the
`sshd(8)`_ manpage for information on securing the keypair from the
remote side in the ``authorized_keys`` file.
.. _`sshd(8)`: http://www.man7.org/linux/man-pages/man8/sshd.8.html#AUTHORIZED_KEYS_FILE_FORMAT
.. versionadded:: 2018.3.5,2019.2.1,Neon
ignore_retcode : False
If ``True``, do not log an error to the minion log if the git command
returns a nonzero exit status.
@ -4174,6 +4210,7 @@ def reset(cwd,
cwd=cwd,
user=user,
password=password,
identity=identity,
ignore_retcode=ignore_retcode,
output_encoding=output_encoding)['stdout']
@ -4662,7 +4699,7 @@ def submodule(cwd,
information on securing the keypair from the remote side in the
``authorized_keys`` file.
.. _`sshd(8)`: http://www.man7.org/linux/man-pages/man8/sshd.8.html#AUTHORIZED_KEYS_FILE%20FORMAT
.. _`sshd(8)`: http://www.man7.org/linux/man-pages/man8/sshd.8.html#AUTHORIZED_KEYS_FILE_FORMAT
.. versionchanged:: 2015.8.7

18
salt/states/git.py
View File

@ -685,6 +685,15 @@ def latest(name,
if https_pass is not None and not isinstance(https_pass, six.string_types):
https_pass = six.text_type(https_pass)
# Check for lfs filter settings, and setup lfs_opts accordingly. These opts
# will be passed where appropriate to ensure that these commands are
# authenticated and that the git LFS plugin can download files.
use_lfs = bool(
__salt__['git.config_get_regexp'](
r'filter\.lfs\.',
**{'global': True}))
lfs_opts = {'identity': identity} if use_lfs else {}
if os.path.isfile(target):
return _fail(
ret,
@ -1560,7 +1569,8 @@ def latest(name,
opts=['--hard', remote_rev],
user=user,
password=password,
output_encoding=output_encoding)
output_encoding=output_encoding,
**lfs_opts)
ret['changes']['forced update'] = True
comments.append(
'Repository was hard-reset to {0}'.format(remote_loc)
@ -1613,7 +1623,8 @@ def latest(name,
opts=merge_opts,
user=user,
password=password,
output_encoding=output_encoding)
output_encoding=output_encoding,
**lfs_opts)
comments.append(
'Repository was fast-forwarded to {0}'
.format(remote_loc)
@ -1633,7 +1644,8 @@ def latest(name,
remote_rev if rev == 'HEAD' else rev],
user=user,
password=password,
output_encoding=output_encoding)
output_encoding=output_encoding,
**lfs_opts)
comments.append(
'Repository was reset to {0} (fast-forward)'
.format(rev)

13
tests/integration/modules/test_data.py
View File

@ -11,34 +11,28 @@ class DataModuleTest(ModuleCase):
'''
Validate the data module
'''
def _clear_db(self):
'''
Clear out the database
'''
def setUp(self):
self.run_function('data.clear')
self.addCleanup(self.run_function, 'data.clear')
def test_load_dump(self):
'''
data.load
data.dump
'''
self._clear_db()
self.assertTrue(self.run_function('data.dump', ['{"foo": "bar"}']))
self.assertEqual(self.run_function('data.load'), {'foo': 'bar'})
self._clear_db()
def test_get_update(self):
'''
data.get
data.update
'''
self._clear_db()
self.assertTrue(self.run_function('data.update', ['spam', 'eggs']))
self.assertEqual(self.run_function('data.get', ['spam']), 'eggs')
self.assertTrue(self.run_function('data.update', ['unladen', 'swallow']))
self.assertEqual(self.run_function('data.get', ['["spam", "unladen"]']), ['eggs', 'swallow'])
self._clear_db()
self.assertEqual(self.run_function('data.get', [["spam", "unladen"]]), ['eggs', 'swallow'])
def test_cas_update(self):
'''
@ -46,7 +40,6 @@ class DataModuleTest(ModuleCase):
data.cas
data.get
'''
self._clear_db()
self.assertTrue(self.run_function('data.update', ['spam', 'eggs']))
self.assertTrue(self.run_function('data.cas', ['spam', 'green', 'eggs']))
self.assertEqual(self.run_function('data.get', ['spam']), 'green')

52
tests/integration/netapi/rest_tornado/test_app.py
View File

@ -100,6 +100,11 @@ class TestSaltAPIHandler(_SaltnadoIntegrationTestCase):
)
response_obj = salt.utils.json.loads(response.body)
self.assertEqual(len(response_obj['return']), 1)
# If --proxy is set, it will cause an extra minion_id to be in the
# response. Since there's not a great way to know if the test
# runner's proxy minion is running, and we're not testing proxy
# minions here anyway, just remove it from the response.
response_obj['return'][0].pop('proxytest', None)
self.assertEqual(response_obj['return'][0], {'minion': True, 'sub_minion': True})
def test_simple_local_post_no_tgt(self):
@ -142,6 +147,11 @@ class TestSaltAPIHandler(_SaltnadoIntegrationTestCase):
)
response_obj = salt.utils.json.loads(response.body)
self.assertEqual(len(response_obj['return']), 1)
# If --proxy is set, it will cause an extra minion_id to be in the
# response. Since there's not a great way to know if the test
# runner's proxy minion is running, and we're not testing proxy
# minions here anyway, just remove it from the response.
response_obj['return'][0].pop('proxytest', None)
self.assertEqual(response_obj['return'][0], {'minion': True, 'sub_minion': True})
def test_simple_local_post_invalid_request(self):
@ -175,6 +185,14 @@ class TestSaltAPIHandler(_SaltnadoIntegrationTestCase):
response_obj = salt.utils.json.loads(response.body)
ret = response_obj['return']
ret[0]['minions'] = sorted(ret[0]['minions'])
try:
# If --proxy is set, it will cause an extra minion_id to be in the
# response. Since there's not a great way to know if the test
# runner's proxy minion is running, and we're not testing proxy
# minions here anyway, just remove it from the response.
ret[0]['minions'].remove('proxytest')
except ValueError:
pass
# TODO: verify pub function? Maybe look at how we test the publisher
self.assertEqual(len(ret), 1)
@ -201,6 +219,15 @@ class TestSaltAPIHandler(_SaltnadoIntegrationTestCase):
ret = response_obj['return']
ret[0]['minions'] = sorted(ret[0]['minions'])
ret[1]['minions'] = sorted(ret[1]['minions'])
try:
# If --proxy is set, it will cause an extra minion_id to be in the
# response. Since there's not a great way to know if the test
# runner's proxy minion is running, and we're not testing proxy
# minions here anyway, just remove it from the response.
ret[0]['minions'].remove('proxytest')
ret[1]['minions'].remove('proxytest')
except ValueError:
pass
self.assertEqual(len(ret), 2)
self.assertIn('jid', ret[0])
@ -235,6 +262,15 @@ class TestSaltAPIHandler(_SaltnadoIntegrationTestCase):
ret = response_obj['return']
ret[0]['minions'] = sorted(ret[0]['minions'])
ret[1]['minions'] = sorted(ret[1]['minions'])
try:
# If --proxy is set, it will cause an extra minion_id to be in the
# response. Since there's not a great way to know if the test
# runner's proxy minion is running, and we're not testing proxy
# minions here anyway, just remove it from the response.
ret[0]['minions'].remove('proxytest')
ret[1]['minions'].remove('proxytest')
except ValueError:
pass
self.assertEqual(len(ret), 3) # make sure we got 3 responses
self.assertIn('jid', ret[0]) # the first 2 are regular returns
@ -279,9 +315,13 @@ class TestSaltAPIHandler(_SaltnadoIntegrationTestCase):
request_timeout=30,
)
response_obj = salt.utils.json.loads(response.body)
self.application.opts['order_masters'] = []
self.application.opts['syndic_wait'] = 5
# If --proxy is set, it will cause an extra minion_id to be in the
# response. Since there's not a great way to know if the test runner's
# proxy minion is running, and we're not testing proxy minions here
# anyway, just remove it from the response.
response_obj[0]['return'].pop('proxytest', None)
self.assertEqual(response_obj['return'], [{'minion': True, 'sub_minion': True}])
# runner tests
@ -299,7 +339,15 @@ class TestSaltAPIHandler(_SaltnadoIntegrationTestCase):
)
response_obj = salt.utils.json.loads(response.body)
self.assertEqual(len(response_obj['return']), 1)
self.assertEqual(set(response_obj['return'][0]), set(['minion', 'sub_minion']))
try:
# If --proxy is set, it will cause an extra minion_id to be in the
# response. Since there's not a great way to know if the test
# runner's proxy minion is running, and we're not testing proxy
# minions here anyway, just remove it from the response.
response_obj['return'][0].remove('proxytest')
except ValueError:
pass
self.assertEqual(sorted(response_obj['return'][0]), sorted(['minion', 'sub_minion']))
# runner_async tests
def test_simple_local_runner_async_post(self):

13
tests/integration/netapi/test_client.py
View File

@ -36,6 +36,11 @@ class NetapiClientTest(TestCase):
low.update(self.eauth_creds)
ret = self.netapi.run(low)
# If --proxy is set, it will cause an extra minion_id to be in the
# response. Since there's not a great way to know if the test
# runner's proxy minion is running, and we're not testing proxy
# minions here anyway, just remove it from the response.
ret.pop('proxytest', None)
self.assertEqual(ret, {'minion': True, 'sub_minion': True})
def test_local_batch(self):
@ -59,6 +64,14 @@ class NetapiClientTest(TestCase):
self.assertIn('jid', ret)
ret.pop('jid', None)
ret['minions'] = sorted(ret['minions'])
try:
# If --proxy is set, it will cause an extra minion_id to be in the
# response. Since there's not a great way to know if the test
# runner's proxy minion is running, and we're not testing proxy
# minions here anyway, just remove it from the response.
ret['minions'].remove('proxytest')
except ValueError:
pass
self.assertEqual(ret, {'minions': sorted(['minion', 'sub_minion'])})
def test_wheel(self):

1
tests/unit/states/test_git.py
View File

@ -60,6 +60,7 @@ class GitTestCase(TestCase, LoaderModuleMockMixin):
git_diff = Mock()
dunder_salt = {
'git.current_branch': MagicMock(return_value=branches[0]),
'git.config_get_regexp': MagicMock(return_value={}),
'git.diff': git_diff,
'git.fetch': MagicMock(return_value={}),
'git.is_worktree': MagicMock(return_value=False),