library: exit on user creation failure

When the ceph dashboard user creation fails then the issue is hidden
as we don't check the return code and don't print the error message
in the module output.

This ends up with a failure on the ceph dashboard set roles command saying
that the user doesn't exist.

By failing on the user creation, we will have an explicit explaination of
the issue (like weak password).

Closes: #6197
Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>

diff --git a/library/ceph_dashboard_user.py b/library/ceph_dashboard_user.py
index 2183926c6270a04dba733438fdbed83a6f722bca..22cc760f19dd412781d2b58a7388b24db7eb4e86 100644 (file)
--- a/library/ceph_dashboard_user.py
+++ b/library/ceph_dashboard_user.py
@@ -20,9 +20,10 @@ try:
     from ansible.module_utils.ca_common import generate_ceph_cmd, \
                                                is_containerized, \
                                                exec_command, \
-                                               exit_module
+                                               exit_module, \
+                                               fatal
 except ImportError:
-    from module_utils.ca_common import generate_ceph_cmd, is_containerized, exec_command, exit_module  # noqa: E501
+    from module_utils.ca_common import generate_ceph_cmd, is_containerized, exec_command, exit_module, fatal  # noqa: E501
 
 import datetime
 import json
@@ -260,6 +261,8 @@ def run_module():
             rc, cmd, out, err = exec_command(module, set_password(module, container_image=container_image), stdin=password)  # noqa: E501
         else:
             rc, cmd, out, err = exec_command(module, create_user(module, container_image=container_image), stdin=password)  # noqa: E501
+            if rc != 0:
+                fatal(err, module)
             rc, cmd, out, err = exec_command(module, set_roles(module, container_image=container_image))  # noqa: E501
             changed = True
 

diff --git a/tests/library/test_ceph_dashboard_user.py b/tests/library/test_ceph_dashboard_user.py
index e9e8f6e668d6004541981d6d967ec7fcd66b74c8..d0d6e9c18e46f55bb3484c88922456bd2447d4c7 100644 (file)
--- a/tests/library/test_ceph_dashboard_user.py
+++ b/tests/library/test_ceph_dashboard_user.py
@@ -1,5 +1,7 @@
 from mock.mock import MagicMock, patch
+import pytest
 import os
+import ca_test_common
 import ceph_dashboard_user
 
 fake_container_binary = 'podman'
@@ -143,3 +145,26 @@ class TestCephDashboardUserModule(object):
         ]
 
         assert ceph_dashboard_user.remove_user(self.fake_module) == expected_cmd
+
+    @patch('ansible.module_utils.basic.AnsibleModule.fail_json')
+    @patch('ansible.module_utils.basic.AnsibleModule.run_command')
+    def test_create_user_fail_with_weak_password(self, m_run_command, m_fail_json):
+        ca_test_common.set_module_args(self.fake_module.params)
+        m_fail_json.side_effect = ca_test_common.fail_json
+        get_rc = 2
+        get_stderr = 'Error ENOENT: User {} does not exist.'.format(self.fake_user)
+        get_stdout = ''
+        create_rc = 22
+        create_stderr = 'Error EINVAL: Password is too weak.'
+        create_stdout = ''
+        m_run_command.side_effect = [
+            (get_rc, get_stdout, get_stderr),
+            (create_rc, create_stdout, create_stderr)
+        ]
+
+        with pytest.raises(ca_test_common.AnsibleFailJson) as result:
+            ceph_dashboard_user.main()
+
+        result = result.value.args[0]
+        assert result['msg'] == create_stderr
+        assert result['rc'] == 1