def test_prepare_env_ansible_vars(mocker, tmp_path):
mocker.patch.dict(
'os.environ', {
'PYTHONPATH': '/python_path_via_environ',
'AWX_LIB_DIRECTORY': '/awx_lib_directory_via_environ',
})
artifact_dir = tmp_path.joinpath('some_artifacts')
rc = BaseConfig(artifact_dir=artifact_dir.as_posix())
rc.ssh_key_data = None
rc.env = {}
rc.execution_mode = BaseExecutionMode.ANSIBLE_COMMANDS
rc._prepare_env()
assert not hasattr(rc, 'ssh_key_path')
assert not hasattr(rc, 'command')
assert rc.env['ANSIBLE_STDOUT_CALLBACK'] == 'awx_display'
assert rc.env['ANSIBLE_RETRY_FILES_ENABLED'] == 'False'
assert rc.env['ANSIBLE_HOST_KEY_CHECKING'] == 'False'
assert rc.env['AWX_ISOLATED_DATA_DIR'] == artifact_dir.joinpath(
rc.ident).as_posix()
assert rc.env['PYTHONPATH'] == '/python_path_via_environ:/awx_lib_directory_via_environ', \
"PYTHONPATH is the union of the env PYTHONPATH and AWX_LIB_DIRECTORY"
del rc.env['PYTHONPATH']
os.environ['PYTHONPATH'] = "/foo/bar/python_path_via_environ"
rc._prepare_env()
assert rc.env['PYTHONPATH'] == "/foo/bar/python_path_via_environ:/awx_lib_directory_via_environ", \
"PYTHONPATH is the union of the explicit env['PYTHONPATH'] override and AWX_LIB_DIRECTORY"
def test_containerization_unsafe_write_setting(tmp_path, runtime, mocker):
mock_containerized = mocker.patch(
'ansible_runner.config._base.BaseConfig.containerized',
new_callable=mocker.PropertyMock)
rc = BaseConfig(private_data_dir=tmp_path)
rc.ident = 'foo'
rc.cmdline_args = ['main.yaml', '-i', '/tmp/inventory']
rc.command = ['ansible-playbook'] + rc.cmdline_args
rc.process_isolation = True
rc.runner_mode = 'pexpect'
rc.process_isolation_executable = runtime
rc.container_image = 'my_container'
rc.container_volume_mounts = ['/host1:/container1', 'host2:/container2']
mock_containerized.return_value = True
rc.execution_mode = BaseExecutionMode.ANSIBLE_COMMANDS
rc._prepare_env()
rc._handle_command_wrap(rc.execution_mode, rc.cmdline_args)
expected = {
'docker': None,
'podman': '1',
}
assert rc.env.get('ANSIBLE_UNSAFE_WRITES') == expected[runtime]
def test_prepare_env_defaults():
rc = BaseConfig(host_cwd='/tmp/project')
rc._prepare_env()
assert rc.idle_timeout is None
assert rc.job_timeout is None
assert rc.pexpect_timeout == 5
assert rc.host_cwd == '/tmp/project'
def test_prepare_env_sshkey(mocker):
rc = BaseConfig()
value = '01234567890'
sshkey_side_effect = partial(load_file_side_effect, 'env/ssh_key', value)
mocker.patch.object(rc.loader, 'load_file', side_effect=sshkey_side_effect)
rc._prepare_env()
assert rc.ssh_key_data == value
def test_prepare_env_defaults():
with patch('os.path.exists') as path_exists:
path_exists.return_value = True
rc = BaseConfig(private_data_dir='/tmp')
rc._prepare_env()
assert rc.idle_timeout is None
assert rc.job_timeout is None
assert rc.pexpect_timeout == 5
assert rc.cwd == '/tmp/project'
def test_prepare_env_sshkey():
rc = BaseConfig(private_data_dir='/tmp')
value = '01234567890'
sshkey_side_effect = partial(load_file_side_effect, 'env/ssh_key', value)
with patch.object(rc.loader, 'load_file', side_effect=sshkey_side_effect):
rc._prepare_env()
assert rc.ssh_key_data == value
def test_prepare_environment_pexpect_defaults():
rc = BaseConfig()
rc._prepare_env()
assert len(rc.expect_passwords) == 2
assert TIMEOUT in rc.expect_passwords
assert rc.expect_passwords[TIMEOUT] is None
assert EOF in rc.expect_passwords
assert rc.expect_passwords[EOF] is None
def test_prepare_env_settings():
rc = BaseConfig(private_data_dir='/tmp')
value = {'test': 'string'}
settings_side_effect = partial(load_file_side_effect, 'env/settings',
value)
with patch.object(rc.loader, 'load_file',
side_effect=settings_side_effect):
rc._prepare_env()
assert rc.settings == value
def test_prepare_env_settings(mocker):
rc = BaseConfig()
value = {'test': 'string'}
settings_side_effect = partial(load_file_side_effect, 'env/settings',
value)
mocker.patch.object(rc.loader,
'load_file',
side_effect=settings_side_effect)
rc._prepare_env()
assert rc.settings == value
def test_prepare_with_ssh_key(open_fifo_write_mock):
rc = BaseConfig(private_data_dir='/tmp')
rc.artifact_dir = '/tmp/artifact'
rc.env = {}
rc.execution_mode = BaseExecutionMode.ANSIBLE_COMMANDS
rc.ssh_key_data = '01234567890'
rc.command = 'ansible-playbook'
rc.cmdline_args = []
with patch.dict('os.environ', {'AWX_LIB_DIRECTORY': '/tmp/artifact'}):
rc._prepare_env()
assert rc.ssh_key_path == '/tmp/artifact/ssh_key_data'
assert open_fifo_write_mock.called
def test_prepare_env_passwords():
rc = BaseConfig(private_data_dir='/tmp')
value = {'^SSH [pP]assword.*$': 'secret'}
password_side_effect = partial(load_file_side_effect, 'env/passwords',
value)
with patch.object(rc.loader, 'load_file',
side_effect=password_side_effect):
rc._prepare_env()
rc.expect_passwords.pop(TIMEOUT)
rc.expect_passwords.pop(EOF)
assert len(rc.expect_passwords) == 1
assert isinstance(list(rc.expect_passwords.keys())[0], Pattern)
assert 'secret' in rc.expect_passwords.values()
def test_base_config_with_artifact_dir(tmp_path, patch_private_data_dir):
rc = BaseConfig(
artifact_dir=tmp_path.joinpath('this-is-some-dir').as_posix())
assert rc.artifact_dir == tmp_path.joinpath('this-is-some-dir').joinpath(
rc.ident).as_posix()
# Check that the private data dir is placed in our default location with our default prefix
# and has some extra uniqueness on the end.
base_private_data_dir = tmp_path.joinpath('.ansible-runner-').as_posix()
assert rc.private_data_dir.startswith(base_private_data_dir)
assert len(rc.private_data_dir) > len(base_private_data_dir)
rc._prepare_env()
assert not tmp_path.joinpath('artifacts').exists()
assert tmp_path.joinpath('this-is-some-dir').exists()
def test_prepare_environment_vars_only_strings():
rc = BaseConfig(private_data_dir="/tmp", envvars=dict(D='D'))
value = dict(A=1, B=True, C="foo")
envvar_side_effect = partial(load_file_side_effect, 'env/envvars', value)
with patch.object(rc.loader, 'load_file', side_effect=envvar_side_effect):
rc._prepare_env()
assert 'A' in rc.env
assert isinstance(rc.env['A'], six.string_types)
assert 'B' in rc.env
assert isinstance(rc.env['B'], six.string_types)
assert 'C' in rc.env
assert isinstance(rc.env['C'], six.string_types)
assert 'D' in rc.env
assert rc.env['D'] == 'D'
def test_prepare_with_ssh_key(mocker, tmp_path):
open_fifo_write_mock = mocker.patch(
'ansible_runner.config._base.open_fifo_write')
custom_artifacts = tmp_path.joinpath('custom_arts')
rc = BaseConfig(private_data_dir=tmp_path.as_posix(),
artifact_dir=custom_artifacts.as_posix())
rc.artifact_dir = custom_artifacts.as_posix()
rc.env = {}
rc.execution_mode = BaseExecutionMode.ANSIBLE_COMMANDS
rc.ssh_key_data = '01234567890'
rc.command = 'ansible-playbook'
rc.cmdline_args = []
rc._prepare_env()
assert rc.ssh_key_path == custom_artifacts.joinpath(
'ssh_key_data').as_posix()
assert open_fifo_write_mock.called
def test_containerization_settings(tmpdir, container_runtime):
with patch('ansible_runner.config._base.BaseConfig.containerized',
new_callable=PropertyMock) as mock_containerized:
rc = BaseConfig(private_data_dir=tmpdir)
rc.ident = 'foo'
rc.cmdline_args = ['main.yaml', '-i', '/tmp/inventory']
rc.command = ['ansible-playbook'] + rc.cmdline_args
rc.process_isolation = True
rc.runner_mode = 'pexpect'
rc.process_isolation_executable = container_runtime
rc.container_image = 'my_container'
rc.container_volume_mounts = [
'/host1:/container1', 'host2:/container2'
]
mock_containerized.return_value = True
rc.execution_mode = BaseExecutionMode.ANSIBLE_COMMANDS
rc._prepare_env()
rc._handle_command_wrap(rc.execution_mode, rc.cmdline_args)
extra_container_args = []
if container_runtime == 'podman':
extra_container_args = ['--quiet']
else:
extra_container_args = ['--user={os.getuid()}']
expected_command_start = [container_runtime, 'run', '--rm', '--interactive', '--tty', '--workdir', '/runner/project'] + \
['-v', '{}/.ssh/:/home/runner/.ssh/'.format(os.environ['HOME'])]
if container_runtime == 'podman':
expected_command_start += [
'--group-add=root', '--userns=keep-id', '--ipc=host'
]
expected_command_start += ['-v', '{}/artifacts:/runner/artifacts:Z'.format(rc.private_data_dir)] + \
['-v', '{}:/runner:Z'.format(rc.private_data_dir)] + \
['--env-file', '{}/env.list'.format(rc.artifact_dir)] + \
extra_container_args + \
['--name', 'ansible_runner_foo'] + \
['my_container', 'ansible-playbook', 'main.yaml', '-i', '/tmp/inventory']
for index, element in enumerate(expected_command_start):
if '--user='******'--user=' in rc.command[index]
else:
assert rc.command[index] == element
def test_prepare_env_ansible_vars():
rc = BaseConfig(private_data_dir='/tmp')
rc.ssh_key_data = None
rc.artifact_dir = '/tmp/artifact'
rc.env = {}
rc.execution_mode = BaseExecutionMode.ANSIBLE_COMMANDS
rc._prepare_env()
assert not hasattr(rc, 'ssh_key_path')
assert not hasattr(rc, 'command')
assert rc.env['ANSIBLE_STDOUT_CALLBACK'] == 'awx_display'
assert rc.env['ANSIBLE_RETRY_FILES_ENABLED'] == 'False'
assert rc.env['ANSIBLE_HOST_KEY_CHECKING'] == 'False'
assert rc.env['AWX_ISOLATED_DATA_DIR'] == '/tmp/artifact'
assert rc.env['PYTHONPATH'] == '/python_path_via_environ:/awx_lib_directory_via_environ', \
"PYTHONPATH is the union of the env PYTHONPATH and AWX_LIB_DIRECTORY"
del rc.env['PYTHONPATH']
os.environ['PYTHONPATH'] = "/foo/bar/python_path_via_environ"
rc._prepare_env()
assert rc.env['PYTHONPATH'] == "/foo/bar/python_path_via_environ:/awx_lib_directory_via_environ", \
"PYTHONPATH is the union of the explicit env['PYTHONPATH'] override and AWX_LIB_DIRECTORY"
def test_containerization_settings(tmp_path, runtime, mocker):
mocker.patch.dict('os.environ', {'HOME': str(tmp_path)}, clear=True)
tmp_path.joinpath('.ssh').mkdir()
mock_containerized = mocker.patch(
'ansible_runner.config._base.BaseConfig.containerized',
new_callable=mocker.PropertyMock)
mock_containerized.return_value = True
rc = BaseConfig(private_data_dir=tmp_path)
rc.ident = 'foo'
rc.cmdline_args = ['main.yaml', '-i', '/tmp/inventory']
rc.command = ['ansible-playbook'] + rc.cmdline_args
rc.process_isolation = True
rc.runner_mode = 'pexpect'
rc.process_isolation_executable = runtime
rc.container_image = 'my_container'
rc.container_volume_mounts = ['/host1:/container1', 'host2:/container2']
rc.execution_mode = BaseExecutionMode.ANSIBLE_COMMANDS
rc._prepare_env()
rc._handle_command_wrap(rc.execution_mode, rc.cmdline_args)
extra_container_args = []
if runtime == 'podman':
extra_container_args = ['--quiet']
else:
extra_container_args = [f'--user={os.getuid()}']
expected_command_start = [
runtime,
'run',
'--rm',
'--tty',
'--interactive',
'--workdir',
'/runner/project',
'-v',
'{}/.ssh/:/home/runner/.ssh/'.format(str(tmp_path)),
'-v',
'{}/.ssh/:/root/.ssh/'.format(str(tmp_path)),
]
if runtime == 'podman':
expected_command_start.extend(['--group-add=root', '--ipc=host'])
expected_command_start.extend([
'-v',
'{}/artifacts/:/runner/artifacts/:Z'.format(rc.private_data_dir),
'-v',
'{}/:/runner/:Z'.format(rc.private_data_dir),
'--env-file',
'{}/env.list'.format(rc.artifact_dir),
])
expected_command_start.extend(extra_container_args)
expected_command_start.extend([
'--name',
'ansible_runner_foo',
'my_container',
'ansible-playbook',
'main.yaml',
'-i',
'/tmp/inventory',
])
assert expected_command_start == rc.command
def test_prepare_env_sshkey_defaults():
rc = BaseConfig(private_data_dir='/tmp')
rc._prepare_env()
assert rc.ssh_key_data is None
def test_prepare_env_sshkey_defaults():
rc = BaseConfig()
rc._prepare_env()
assert rc.ssh_key_data is None
def test_prepare_env_settings_defaults():
rc = BaseConfig()
rc._prepare_env()
assert rc.settings == {}
def test_prepare_env_settings_defaults():
rc = BaseConfig(private_data_dir='/tmp')
rc._prepare_env()
assert rc.settings == {}
def test_prepare_environment_subprocess_defaults():
rc = BaseConfig()
rc._prepare_env(runner_mode="subprocess")
assert rc.subprocess_timeout is None
def test_prepare_environment_subprocess_timeout():
rc = BaseConfig(timeout=100)
rc._prepare_env(runner_mode="subprocess")
assert rc.subprocess_timeout == 100
def test_combine_python_and_file_settings(project_fixtures):
rc = BaseConfig(private_data_dir=str(project_fixtures / 'job_env'),
settings={'job_timeout': 40})
rc._prepare_env()
assert rc.settings == {'job_timeout': 40, 'process_isolation': True}
def test_prepare_environment_subprocess_defaults():
rc = BaseConfig(private_data_dir="/tmp")
rc._prepare_env(runner_mode="subprocess")
assert rc.subprocess_timeout == 300