Merge "Mark as unsafe commit message at inventory"
This commit is contained in:
commit
236aa56bd8
6
tests/fixtures/config/inventory/git/common-config/playbooks/jinja2-message.yaml
vendored
Normal file
6
tests/fixtures/config/inventory/git/common-config/playbooks/jinja2-message.yaml
vendored
Normal file
|
@ -0,0 +1,6 @@
|
|||
- hosts: all
|
||||
tasks:
|
||||
- name: Dump commit message
|
||||
copy:
|
||||
content: "{{ zuul.message }}"
|
||||
dest: "{{ zuul.executor.log_root }}/commit-message.txt"
|
|
@ -74,3 +74,13 @@
|
|||
name: hostvars-inventory
|
||||
run: playbooks/hostvars-inventory.yaml
|
||||
nodeset: nodeset2
|
||||
|
||||
- job:
|
||||
name: jinja2-message
|
||||
nodeset:
|
||||
nodes:
|
||||
- name: ubuntu-xenial
|
||||
label: ubuntu-xenial
|
||||
run: playbooks/jinja2-message.yaml
|
||||
|
||||
|
||||
|
|
|
@ -0,0 +1,6 @@
|
|||
- project:
|
||||
check:
|
||||
jobs:
|
||||
- jinja2-message
|
||||
|
||||
|
|
@ -0,0 +1 @@
|
|||
test
|
|
@ -6,3 +6,4 @@
|
|||
- common-config
|
||||
untrusted-projects:
|
||||
- org/project
|
||||
- org/project2
|
||||
|
|
|
@ -16,6 +16,7 @@ import os
|
|||
|
||||
import yaml
|
||||
|
||||
from tests.base import AnsibleZuulTestCase
|
||||
from tests.base import ZuulTestCase
|
||||
|
||||
|
||||
|
@ -60,7 +61,7 @@ class TestInventory(TestInventoryBase):
|
|||
self.assertIn('src_root', z_vars['executor'])
|
||||
self.assertIn('job', z_vars)
|
||||
self.assertEqual(z_vars['job'], 'single-inventory')
|
||||
self.assertEqual(z_vars['message'], 'A')
|
||||
self.assertEqual(str(z_vars['message']), 'A')
|
||||
|
||||
self.executor_server.release()
|
||||
self.waitUntilSettled()
|
||||
|
@ -163,10 +164,55 @@ class TestInventory(TestInventoryBase):
|
|||
self.waitUntilSettled()
|
||||
|
||||
|
||||
class TestAnsibleInventory(AnsibleZuulTestCase):
|
||||
|
||||
tenant_config_file = 'config/inventory/main.yaml'
|
||||
|
||||
def _get_file(self, build, path):
|
||||
p = os.path.join(build.jobdir.root, path)
|
||||
with open(p) as f:
|
||||
return f.read()
|
||||
|
||||
def _jinja2_message(self, expected_message):
|
||||
|
||||
# This test runs a bit long and needs extra time.
|
||||
self.wait_timeout = 120
|
||||
# Keep the jobdir around to check inventory
|
||||
self.executor_server.keep_jobdir = True
|
||||
# Output extra ansible info so we might see errors.
|
||||
self.executor_server.verbose = True
|
||||
A = self.fake_gerrit.addFakeChange(
|
||||
'org/project2', 'master', expected_message)
|
||||
self.fake_gerrit.addEvent(A.getPatchsetCreatedEvent(1))
|
||||
self.waitUntilSettled()
|
||||
self.assertHistory([
|
||||
dict(name='jinja2-message', result='SUCCESS', changes='1,1')])
|
||||
|
||||
build = self.history[0]
|
||||
inv_path = os.path.join(build.jobdir.root, 'ansible', 'inventory.yaml')
|
||||
inventory = yaml.safe_load(open(inv_path, 'r'))
|
||||
|
||||
self.assertEqual(
|
||||
inventory['all']['vars']['zuul']['message'].unsafe_var,
|
||||
expected_message)
|
||||
|
||||
obtained_message = self._get_file(self.history[0],
|
||||
'work/logs/commit-message.txt')
|
||||
|
||||
self.assertEqual(obtained_message, expected_message)
|
||||
|
||||
def test_jinja2_message_brackets(self):
|
||||
self._jinja2_message("This message has {{ jinja2 }} in it ")
|
||||
|
||||
def test_jinja2_message_raw(self):
|
||||
self._jinja2_message("This message has {% raw %} in {% endraw %} it ")
|
||||
|
||||
|
||||
class TestWindowsInventory(TestInventoryBase):
|
||||
config_file = 'zuul-winrm.conf'
|
||||
|
||||
def test_windows_inventory(self):
|
||||
|
||||
inventory = self._get_build_inventory('hostvars-inventory')
|
||||
windows_host = inventory['all']['hosts']['windows']
|
||||
self.assertEqual(windows_host['ansible_connection'], 'winrm')
|
||||
|
|
|
@ -29,7 +29,7 @@ import traceback
|
|||
import git
|
||||
from urllib.parse import urlsplit
|
||||
|
||||
from zuul.lib.yamlutil import yaml
|
||||
from zuul.lib.yamlutil import yaml, UnsafeTag
|
||||
from zuul.lib.config import get_default
|
||||
from zuul.lib.statsd import get_statsd
|
||||
from zuul.lib import filecomments
|
||||
|
@ -591,6 +591,10 @@ def make_inventory_dict(nodes, args, all_vars):
|
|||
for node in nodes:
|
||||
hosts[node['name']] = node['host_vars']
|
||||
|
||||
zuul_vars = all_vars['zuul']
|
||||
if 'message' in zuul_vars:
|
||||
zuul_vars['message'] = UnsafeTag(zuul_vars['message'])
|
||||
|
||||
inventory = {
|
||||
'all': {
|
||||
'hosts': hosts,
|
||||
|
|
|
@ -25,6 +25,31 @@ except ImportError:
|
|||
Mark = yaml.Mark
|
||||
|
||||
|
||||
class UnsafeTag(yaml.YAMLObject):
|
||||
yaml_tag = u'!unsafe'
|
||||
|
||||
def __init__(self, unsafe_var):
|
||||
self.unsafe_var = unsafe_var
|
||||
|
||||
@classmethod
|
||||
def from_yaml(cls, loader, node):
|
||||
return UnsafeTag(node.value)
|
||||
|
||||
@classmethod
|
||||
def to_yaml(cls, dumper, data):
|
||||
return dumper.represent_scalar(cls.yaml_tag, data.unsafe_var)
|
||||
|
||||
def __str__(self):
|
||||
return self.unsafe_var
|
||||
|
||||
|
||||
# Just calling SafeLoader and SafeDumper without yaml module prefix
|
||||
# does not work and cyaml is using yaml.SafeConstructor yaml.SafeRepresenter
|
||||
# underneath so this just fine for both
|
||||
yaml.SafeLoader.add_constructor(UnsafeTag.yaml_tag, UnsafeTag.from_yaml)
|
||||
yaml.SafeDumper.add_multi_representer(UnsafeTag, UnsafeTag.to_yaml)
|
||||
|
||||
|
||||
def safe_load(stream, *args, **kwargs):
|
||||
return yaml.load(stream, *args, Loader=SafeLoader, **kwargs)
|
||||
|
||||
|
|
Loading…
Reference in New Issue