diff options
author | Matt Martz <matt@sivel.net> | 2023-09-26 21:23:15 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-09-26 21:23:15 +0200 |
commit | 68ab02a504fff650288ed0c4a614ab7649a142d7 (patch) | |
tree | 12b199afb7fa081637aa89968e224bff7c3a1f74 | |
parent | Fix typo in finished.yml (#81784) (diff) | |
download | ansible-68ab02a504fff650288ed0c4a614ab7649a142d7.tar.xz ansible-68ab02a504fff650288ed0c4a614ab7649a142d7.zip |
Test heuristic_log_sanitize (#81730)
* Test heuristic_log_sanitize. See #81689
* Add note about what this test is doing
* grammar
Co-authored-by: Matt Clay <matt@mystile.com>
---------
Co-authored-by: Matt Clay <matt@mystile.com>
-rw-r--r-- | test/integration/targets/module_utils/library/test_heuristic_log_sanitize.py | 52 | ||||
-rw-r--r-- | test/integration/targets/module_utils/module_utils_test.yml | 4 |
2 files changed, 56 insertions, 0 deletions
diff --git a/test/integration/targets/module_utils/library/test_heuristic_log_sanitize.py b/test/integration/targets/module_utils/library/test_heuristic_log_sanitize.py new file mode 100644 index 0000000000..2e8782c58e --- /dev/null +++ b/test/integration/targets/module_utils/library/test_heuristic_log_sanitize.py @@ -0,0 +1,52 @@ +#!/usr/bin/python + +from __future__ import (absolute_import, division, print_function) +__metaclass__ = type + +from ansible.module_utils import basic +from ansible.module_utils.basic import AnsibleModule + +heuristic_log_sanitize = basic.heuristic_log_sanitize + + +def heuristic_log_sanitize_spy(*args, **kwargs): + heuristic_log_sanitize_spy.return_value = heuristic_log_sanitize(*args, **kwargs) + return heuristic_log_sanitize_spy.return_value + + +basic.heuristic_log_sanitize = heuristic_log_sanitize_spy + + +def main(): + + module = AnsibleModule( + argument_spec={ + 'data': { + 'type': 'str', + 'required': True, + } + }, + ) + + # This test module is testing that the data that will be used for logging + # to syslog is properly sanitized when it includes URLs that contain a password. + # + # As such, we build an expected sanitized string from the input, to + # compare it with the output from heuristic_log_sanitize. + # + # To test this in the same way that modules ultimately operate this test + # monkeypatches ansible.module_utils.basic to store the sanitized data + # for later inspection. + data = module.params['data'] + left = data.rindex(':') + 1 + right = data.rindex('@') + expected = data[:left] + '********' + data[right:] + + sanitized = heuristic_log_sanitize_spy.return_value + if sanitized != expected: + module.fail_json(msg='Invalid match', expected=expected, sanitized=sanitized) + module.exit_json(match=True) + + +if __name__ == '__main__': + main() diff --git a/test/integration/targets/module_utils/module_utils_test.yml b/test/integration/targets/module_utils/module_utils_test.yml index 352bc58259..f2da776343 100644 --- a/test/integration/targets/module_utils/module_utils_test.yml +++ b/test/integration/targets/module_utils/module_utils_test.yml @@ -119,3 +119,7 @@ that: - optionaltest is success - optionaltest.msg == 'all missing optional imports behaved as expected' + + - name: Test heuristic_log_sanitize + test_heuristic_log_sanitize: + data: https://user:pass@example.org/ |