From 43396efa2c17d71fa905576e1d137f8d72dd3da1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gr=C3=A9goire=20Martini?= Date: Thu, 28 Sep 2023 21:04:58 +0200 Subject: [PATCH] feat(redis_info): use module_utils redis to support TLS (#7267) feat(redis_info): use redis module_utils to support TLS --- changelogs/fragments/7267-redis_info.yml | 2 + plugins/modules/redis_info.py | 48 +++++++------------ tests/unit/plugins/modules/test_redis_info.py | 36 +++++++++++++- 3 files changed, 53 insertions(+), 33 deletions(-) create mode 100644 changelogs/fragments/7267-redis_info.yml diff --git a/changelogs/fragments/7267-redis_info.yml b/changelogs/fragments/7267-redis_info.yml new file mode 100644 index 00000000000..4bf2631bb35 --- /dev/null +++ b/changelogs/fragments/7267-redis_info.yml @@ -0,0 +1,2 @@ +minor_changes: + - redis_info - refactor the redis_info module to use the redis module_utils enabling to pass TLS parameters to the Redis client (https://github.com/ansible-collections/community.general/pull/7267). diff --git a/plugins/modules/redis_info.py b/plugins/modules/redis_info.py index b9900a7caf3..f352d53d79c 100644 --- a/plugins/modules/redis_info.py +++ b/plugins/modules/redis_info.py @@ -17,30 +17,21 @@ description: - Gathers information and statistics about Redis servers. extends_documentation_fragment: +- community.general.redis - community.general.attributes - community.general.attributes.info_module options: - login_host: - description: - - The host running the database. - type: str - default: localhost - login_port: - description: - - The port to connect to. - type: int - default: 6379 - login_password: - description: - - The password used to authenticate with, when authentication is enabled for the Redis server. - type: str -notes: -- Requires the redis-py Python package on the remote host. You can - install it with pip (C(pip install redis)) or with a package manager. - U(https://github.com/andymccurdy/redis-py) + login_user: + version_added: 7.5.0 + validate_certs: + version_added: 7.5.0 + tls: + default: false + version_added: 7.5.0 + ca_certs: + version_added: 7.5.0 seealso: - module: community.general.redis -requirements: [ redis ] author: "Pavlo Bashynskyi (@levonet)" ''' @@ -199,8 +190,10 @@ REDIS_IMP_ERR = traceback.format_exc() HAS_REDIS_PACKAGE = False -from ansible.module_utils.basic import AnsibleModule, missing_required_lib +from ansible.module_utils.basic import AnsibleModule from ansible.module_utils.common.text.converters import to_native +from ansible_collections.community.general.plugins.module_utils.redis import ( + fail_imports, redis_auth_argument_spec, redis_auth_params) def redis_client(**client_params): @@ -210,23 +203,16 @@ def redis_client(**client_params): # Module execution. def main(): module = AnsibleModule( - argument_spec=dict( - login_host=dict(type='str', default='localhost'), - login_port=dict(type='int', default=6379), - login_password=dict(type='str', no_log=True), - ), + argument_spec=redis_auth_argument_spec(tls_default=False), supports_check_mode=True, ) - if not HAS_REDIS_PACKAGE: - module.fail_json(msg=missing_required_lib('redis'), exception=REDIS_IMP_ERR) + fail_imports(module, module.params['tls']) - login_host = module.params['login_host'] - login_port = module.params['login_port'] - login_password = module.params['login_password'] + redis_params = redis_auth_params(module) # Connect and check - client = redis_client(host=login_host, port=login_port, password=login_password) + client = redis_client(**redis_params) try: client.ping() except Exception as e: diff --git a/tests/unit/plugins/modules/test_redis_info.py b/tests/unit/plugins/modules/test_redis_info.py index 8b30a231667..cdc78680e52 100644 --- a/tests/unit/plugins/modules/test_redis_info.py +++ b/tests/unit/plugins/modules/test_redis_info.py @@ -50,7 +50,12 @@ def test_without_parameters(self): set_module_args({}) self.module.main() self.assertEqual(redis_client.call_count, 1) - self.assertEqual(redis_client.call_args, ({'host': 'localhost', 'port': 6379, 'password': None},)) + self.assertEqual(redis_client.call_args, ({'host': 'localhost', + 'port': 6379, + 'password': None, + 'ssl': False, + 'ssl_ca_certs': None, + 'ssl_cert_reqs': 'required'},)) self.assertEqual(result.exception.args[0]['info']['redis_version'], '999.999.999') def test_with_parameters(self): @@ -64,7 +69,34 @@ def test_with_parameters(self): }) self.module.main() self.assertEqual(redis_client.call_count, 1) - self.assertEqual(redis_client.call_args, ({'host': 'test', 'port': 1234, 'password': 'PASS'},)) + self.assertEqual(redis_client.call_args, ({'host': 'test', + 'port': 1234, + 'password': 'PASS', + 'ssl': False, + 'ssl_ca_certs': None, + 'ssl_cert_reqs': 'required'},)) + self.assertEqual(result.exception.args[0]['info']['redis_version'], '999.999.999') + + def test_with_tls_parameters(self): + """Test with tls parameters""" + with self.patch_redis_client(side_effect=FakeRedisClient) as redis_client: + with self.assertRaises(AnsibleExitJson) as result: + set_module_args({ + 'login_host': 'test', + 'login_port': 1234, + 'login_password': 'PASS', + 'tls': True, + 'ca_certs': '/etc/ssl/ca.pem', + 'validate_certs': False + }) + self.module.main() + self.assertEqual(redis_client.call_count, 1) + self.assertEqual(redis_client.call_args, ({'host': 'test', + 'port': 1234, + 'password': 'PASS', + 'ssl': True, + 'ssl_ca_certs': '/etc/ssl/ca.pem', + 'ssl_cert_reqs': None},)) self.assertEqual(result.exception.args[0]['info']['redis_version'], '999.999.999') def test_with_fail_client(self):