summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMatt Martz <matt@sivel.net>2023-09-26 21:23:15 +0200
committerGitHub <noreply@github.com>2023-09-26 21:23:15 +0200
commit68ab02a504fff650288ed0c4a614ab7649a142d7 (patch)
tree12b199afb7fa081637aa89968e224bff7c3a1f74
parentFix typo in finished.yml (#81784) (diff)
downloadansible-68ab02a504fff650288ed0c4a614ab7649a142d7.tar.xz
ansible-68ab02a504fff650288ed0c4a614ab7649a142d7.zip
Test heuristic_log_sanitize (#81730)
* Test heuristic_log_sanitize. See #81689 * Add note about what this test is doing * grammar Co-authored-by: Matt Clay <matt@mystile.com> --------- Co-authored-by: Matt Clay <matt@mystile.com>
-rw-r--r--test/integration/targets/module_utils/library/test_heuristic_log_sanitize.py52
-rw-r--r--test/integration/targets/module_utils/module_utils_test.yml4
2 files changed, 56 insertions, 0 deletions
diff --git a/test/integration/targets/module_utils/library/test_heuristic_log_sanitize.py b/test/integration/targets/module_utils/library/test_heuristic_log_sanitize.py
new file mode 100644
index 0000000000..2e8782c58e
--- /dev/null
+++ b/test/integration/targets/module_utils/library/test_heuristic_log_sanitize.py
@@ -0,0 +1,52 @@
+#!/usr/bin/python
+
+from __future__ import (absolute_import, division, print_function)
+__metaclass__ = type
+
+from ansible.module_utils import basic
+from ansible.module_utils.basic import AnsibleModule
+
+heuristic_log_sanitize = basic.heuristic_log_sanitize
+
+
+def heuristic_log_sanitize_spy(*args, **kwargs):
+ heuristic_log_sanitize_spy.return_value = heuristic_log_sanitize(*args, **kwargs)
+ return heuristic_log_sanitize_spy.return_value
+
+
+basic.heuristic_log_sanitize = heuristic_log_sanitize_spy
+
+
+def main():
+
+ module = AnsibleModule(
+ argument_spec={
+ 'data': {
+ 'type': 'str',
+ 'required': True,
+ }
+ },
+ )
+
+ # This test module is testing that the data that will be used for logging
+ # to syslog is properly sanitized when it includes URLs that contain a password.
+ #
+ # As such, we build an expected sanitized string from the input, to
+ # compare it with the output from heuristic_log_sanitize.
+ #
+ # To test this in the same way that modules ultimately operate this test
+ # monkeypatches ansible.module_utils.basic to store the sanitized data
+ # for later inspection.
+ data = module.params['data']
+ left = data.rindex(':') + 1
+ right = data.rindex('@')
+ expected = data[:left] + '********' + data[right:]
+
+ sanitized = heuristic_log_sanitize_spy.return_value
+ if sanitized != expected:
+ module.fail_json(msg='Invalid match', expected=expected, sanitized=sanitized)
+ module.exit_json(match=True)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/test/integration/targets/module_utils/module_utils_test.yml b/test/integration/targets/module_utils/module_utils_test.yml
index 352bc58259..f2da776343 100644
--- a/test/integration/targets/module_utils/module_utils_test.yml
+++ b/test/integration/targets/module_utils/module_utils_test.yml
@@ -119,3 +119,7 @@
that:
- optionaltest is success
- optionaltest.msg == 'all missing optional imports behaved as expected'
+
+ - name: Test heuristic_log_sanitize
+ test_heuristic_log_sanitize:
+ data: https://user:pass@example.org/