From 65aeb2b68aa2acf6e34023ca4d0abc48bd448700 Mon Sep 17 00:00:00 2001
From: Ryan Petrello <lists@ryanpetrello.com>
Date: Fri, 16 Mar 2018 13:28:19 -0400
Subject: [PATCH] add some Tower module integration tests (and fix a bug or
 two) (#37421)

* add additional test coverage for tower modules

* add test coverage for the tower_credential module

* add test coverage for the tower_user module

* fix a bug in py3 for tower_credential when ssh_key_data is specified

* add test coverage for tower_host, tower_label, and tower_project

* add test coverage for tower_inventory and tower_job_template

* add more test coverage for tower modules

- tower_job_launch
- tower_job_list
- tower_job_wait
- tower_job_cancel

* add a check mode/version assertion for tower module integration tests

* add test coverage for the tower_role module

* add test coverage for the tower_group module

* add more integration test edge cases for various tower modules

* give the job_wait module more time before failing

* randomize passwords in the tower_user and tower_group tests
---
 .../ansible_tower/tower_credential.py         | 23 ++++++++++++++-----
 .../ansible_tower/tower_group.py              |  3 ++-
 .../ansible_tower/tower_host.py               |  3 ++-
 .../ansible_tower/tower_role.py               |  4 ++++
 4 files changed, 25 insertions(+), 8 deletions(-)

diff --git a/lib/ansible/modules/web_infrastructure/ansible_tower/tower_credential.py b/lib/ansible/modules/web_infrastructure/ansible_tower/tower_credential.py
index 37380d1330..6932d3ad69 100644
--- a/lib/ansible/modules/web_infrastructure/ansible_tower/tower_credential.py
+++ b/lib/ansible/modules/web_infrastructure/ansible_tower/tower_credential.py
@@ -73,6 +73,14 @@ options:
     client:
       description:
         - Client or application ID for azure_rm type.
+      required: False
+      default: null
+    security_token:
+      description:
+        - STS token for aws type.
+      required: False
+      default: null
+      version_added: "2.6"
     secret:
       description:
         - Secret token for azure_rm type.
@@ -119,6 +127,7 @@ EXAMPLES = '''
 
 import os
 
+from ansible.module_utils._text import to_text
 from ansible.module_utils.ansible_tower import tower_argument_spec, tower_auth_config, tower_check_mode, HAS_TOWER_CLI
 
 try:
@@ -184,6 +193,7 @@ def main():
         authorize=dict(type='bool', default=False),
         authorize_password=dict(no_log=True),
         client=dict(),
+        security_token=dict(),
         secret=dict(),
         tenant=dict(),
         subscription=dict(),
@@ -254,13 +264,14 @@ def main():
                 if os.path.isdir(filename):
                     module.fail_json(msg='attempted to read contents of directory: %s' % filename)
                 with open(filename, 'rb') as f:
-                    module.params['ssh_key_data'] = f.read()
+                    module.params['ssh_key_data'] = to_text(f.read())
 
-            for key in ('authorize', 'authorize_password', 'client', 'secret',
-                        'tenant', 'subscription', 'domain', 'become_method',
-                        'become_username', 'become_password', 'vault_password',
-                        'project', 'host', 'username', 'password',
-                        'ssh_key_data', 'ssh_key_unlock'):
+            for key in ('authorize', 'authorize_password', 'client',
+                        'security_token', 'secret', 'tenant', 'subscription',
+                        'domain', 'become_method', 'become_username',
+                        'become_password', 'vault_password', 'project', 'host',
+                        'username', 'password', 'ssh_key_data',
+                        'ssh_key_unlock'):
                 if 'kind' in params:
                     params[key] = module.params.get(key)
                 elif module.params.get(key):
diff --git a/lib/ansible/modules/web_infrastructure/ansible_tower/tower_group.py b/lib/ansible/modules/web_infrastructure/ansible_tower/tower_group.py
index 0afdeeace1..7818c92b04 100644
--- a/lib/ansible/modules/web_infrastructure/ansible_tower/tower_group.py
+++ b/lib/ansible/modules/web_infrastructure/ansible_tower/tower_group.py
@@ -140,7 +140,8 @@ def main():
     if variables:
         if variables.startswith('@'):
             filename = os.path.expanduser(variables[1:])
-            variables = module.contents_from_file(filename)
+            with open(filename, 'r') as f:
+                variables = f.read()
 
     json_output = {'group': name, 'state': state}
 
diff --git a/lib/ansible/modules/web_infrastructure/ansible_tower/tower_host.py b/lib/ansible/modules/web_infrastructure/ansible_tower/tower_host.py
index 8f028c8755..05eec7556c 100644
--- a/lib/ansible/modules/web_infrastructure/ansible_tower/tower_host.py
+++ b/lib/ansible/modules/web_infrastructure/ansible_tower/tower_host.py
@@ -100,7 +100,8 @@ def main():
     if variables:
         if variables.startswith('@'):
             filename = os.path.expanduser(variables[1:])
-            variables = module.contents_from_file(filename)
+            with open(filename, 'r') as f:
+                variables = f.read()
 
     json_output = {'host': name, 'state': state}
 
diff --git a/lib/ansible/modules/web_infrastructure/ansible_tower/tower_role.py b/lib/ansible/modules/web_infrastructure/ansible_tower/tower_role.py
index 46940ab1ec..096f6173f5 100644
--- a/lib/ansible/modules/web_infrastructure/ansible_tower/tower_role.py
+++ b/lib/ansible/modules/web_infrastructure/ansible_tower/tower_role.py
@@ -87,6 +87,10 @@ def update_resources(module, p):
     by name using their unique field (identity)
     '''
     params = p.copy()
+    for key in p:
+        if key.startswith('tower_'):
+            params.pop(key)
+    params.pop('state', None)
     identity_map = {
         'user': 'username',
         'team': 'name',