Commit graph

313 commits

Author SHA1 Message Date
Sam Doran
3a72e271ad Use unicode instead of bytes (#46234)
The stdout and stderr values returned from self._low_level_execute() are text, not bytes. This results in an error in Python 3 since str and bytes cannot be concatenated.

Changing to unicode type allows this to work without error on Python 2 and Python 3.

(cherry picked from commit 77f73f6d2a)
2018-10-09 10:19:57 -07:00
Dag Wieers
07ed487427 reboot: Fix typo and support bare Linux systems (#45607)
* reboot: Fix typo and support bare Linux systems

This fixes a problem for bare Linux systems that do not support 'who -b' or 'uptime -s'.

* Accumulate stdout and stderr information

(cherry picked from commit a7a99c5fd4)
2018-10-09 10:19:57 -07:00
Felix Fontein
8715f96af0 [2.7] docker_container: don't parse/interpret options if state is 'absent' (#45769)
* Don't parse/interpret options if state is 'absent'. (#45700)

* Added changelog.
2018-10-09 10:16:49 -07:00
Matt Martz
2293463320 [stable-2.7] Support empty files with piped transfer_method. Fixes #45426 (#45618)
(cherry picked from commit e68f895)

Co-authored-by: Matt Martz <matt@sivel.net>
2018-10-09 10:13:28 -07:00
Anton Nikulin
d2c72040b5 [stable-2.7] Store Authorization header inside HttpApi connection plugin (#45598) (#45608)
* Store Authorization header inside HttpApi connection plugin (#45598)


(cherry picked from commit b7263eab1d)

* Add changelog entry
2018-10-09 10:12:21 -07:00
Sam Doran
d9bd76dc8a Improve code stability is checksum checking
- use context manager for dealing with the checksum file
- use loop that can tolerate zero, one, or more items return rather than the previous expression which would break if anything other than exactly one item was returned

(cherry picked from commit 03dbb1d9c4)

squash
2018-10-09 10:11:14 -07:00
Sam Doran
9f0f66137f Add documentation on underlying tools in user module (#46455) (#46511)
(cherry picked from commit bcfdc37be0)
2018-10-08 14:13:52 -05:00
Toshio Kuratomi
0a07068054 New release v2.7.0 2018-10-03 20:27:28 -07:00
Matt Clay
2368c2e30b Revert "winrm: add further conditional to using pexect for kerb auth (#45952)"
This reverts commit 918d45f957.

Unintentionally merged before 2.7.0 final.
2018-09-25 13:52:38 -07:00
Jordan Borean
918d45f957 winrm: add further conditional to using pexect for kerb auth (#45952)
(cherry picked from commit d6251e5b27)
2018-09-25 13:49:27 -07:00
Toshio Kuratomi
2a33276385 New release 2.7.0rc3 2018-09-20 18:07:04 -07:00
Sloane Hertel
98e31e98c8 ec2_group: fix regression for targets that are a list containing strings and lists (#45594)
* Fix targets that may be a list containing strings and lists which worked prior to 2.6.

* Add ec2_group integration tests for lists of nested targets

* changelog

* Add diff mode support for lists of targets containing strings and lists.

(cherry picked from commit d7ca3f2bd3)
2018-09-19 13:20:31 -07:00
Trishna Guha
9b4bb04d07 [2.7]fix nxos_facts indefinite hang for text based output (#45846)
* fix nxos_facts indefinite hang for text based output (#45845)

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
(cherry picked from commit 1b0c4fde86)
2018-09-19 09:00:53 -07:00
Toshio Kuratomi
6fe6d04489 New release v2.7.0rc2 2018-09-13 11:41:10 -07:00
Yuwei Zhou
e16d36f0f7 Backport: fix the autoscale resource id #45477 (#45532)
* fix the autoscale resource id (#45477)

* fix the autoscale resource id

* Update main.yml

(cherry picked from commit fa04387550)
2018-09-12 12:46:16 -07:00
Harald Albers
9a0f1d8915 VMware: Fix wait_for_task backoff behavior
Signed-off-by: Harald Albers <github@albersweb.de>

(cherry picked from commit 796d8b5dc8)
2018-09-12 12:43:26 -07:00
David Rodríguez
c41681b888 [backport-2.7] Fix remote checksums when paths have leading dots (#45287) (#45501)
* Fix remote checksums when paths have leading dots (#45287)

* Fix remote checksums with paths have leading dots

* Fix result recorded from the wrong file

* Add changelog fragment

(cherry picked from commit 600c7ac108)
2018-09-12 08:05:25 -07:00
Matt Martz
99171a9c6f [stable-2.7] Fix logic to not re-download existing files when force=no (#45495) (#45509)
* [stable-2.7] Fix logic to not re-download existing files when force=no (#45495)

* Fix logic to not re-download existing files when force=no. Fixes #45491

* Reduce logic complexity.
(cherry picked from commit 5785de582f)

Co-authored-by: Matt Martz <matt@sivel.net>

* Backport of get_url fix cannot use result

result was only added in 2.8+
2018-09-12 07:28:54 -07:00
Sloane Hertel
4c080f649b [aws] cloudfront_distribution - fix method name, backport/2.7/45498 (#45512)
* [AWS] cloudfront_distribution - fix method name from 'validate_distribution_id_from_caller_reference' to 'validate_distribution_from_caller_reference' and set distribution_id to the distribution's key 'Id' (#45498)

(cherry picked from commit e5269c047c)

* changelog
2018-09-11 14:34:35 -07:00
Jordan Borean
d9d1c40932 win_group_membership - fix random issue with CI on 2012 R2 (#45462)
(cherry picked from commit 3371a779b6)
2018-09-11 07:05:18 -07:00
Jordan Borean
f2d5954d11 win_say - fix up syntax and test issues (#45450)
(cherry picked from commit c9c141fb6a)
2018-09-10 17:37:42 -07:00
Matt Martz
d956b6c64e [stable-2.7] Don't pass file_name to DataLoader.load in script inventory plugin (#45428)
* Don't pass file_name to DataLoader.load in script inventory plugin. Fixes #34164

* Add changelog fragment
(cherry picked from commit 263b9fa)

Co-authored-by: Matt Martz <matt@sivel.net>
2018-09-10 17:36:22 -07:00
Matt Martz
3e14a34744 [stable-2.7] Ensure loop with delegate_to can short circuit the same as without delegate_to. Fixes #45189 (#45231)
(cherry picked from commit 2ac647d)

Co-authored-by: Matt Martz <matt@sivel.net>
2018-09-07 13:01:55 -07:00
Yunge Zhu
2fcae8b367 Cherrypick stable2.7 44802 (#45332)
* fix blob in non-public azure cloud (#44802)

(cherry picked from commit b58141555d)
2018-09-07 07:12:06 -07:00
Trishna Guha
351bb3dd9a [2.7] Add ambiguous command check as the error message is not persistent on nexus devices (#45341)
* Add ambiguous command check as the error message is not persistent on nexus devices (#45337)

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
(cherry picked from commit f18856d0e2)

* cli_config module doc update (#45345)

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
(cherry picked from commit d5bfd93e28)
2018-09-07 07:09:25 -07:00
Toshio Kuratomi
0202339461 New release 2.7.0rc1 2018-09-06 18:44:59 -07:00
Ryan Brown
283859ec88 Changelog for AWS bugfixes (#45319)
* Add changelog for AWS backports
2018-09-06 13:29:22 -07:00
Brian Coca
26a96c72b2 Fix callback config typos (#45316)
* plugins/callbacks : fix some key documentation (#45267)

These are supposed to be a dictionary with section/key entries;
correct a few typos.

(cherry picked from commit c34e0f5e11)

* backport of #45267
2018-09-06 13:27:59 -07:00
Brian Coca
22f50e416d correct and clarify deprecation (#45234)
* correct and clarify deprecation

(cherry picked from commit 64c594d226)
2018-09-06 11:36:28 -07:00
Sloane Hertel
66759810a0 elb_target_group - prevent a KeyError exception (#45169)
Ensure ports to integers after allowing the key 'Targets' to be available in params

(cherry picked from commit 038fd0d0f2)
2018-09-06 10:30:28 -07:00
Sloane Hertel
cc4854fdad ec2_vpc_route_table - allow routes to be created if the CIDR already … (#45178)
* ec2_vpc_route_table - allow routes to be created if the CIDR already exists but its 'Origin' is 'EnableVgwRoutePropagation' (which cannot be replaced). (#43417)

Fixes #43415
(cherry picked from commit a6c97f2243)
2018-09-06 10:22:10 -07:00
Trishna Guha
37d977c3b8 fix nxos terminal plugin
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
2018-09-06 10:09:27 -07:00
Trishna Guha
3b46dd144b terminal plugin nxos, iosxr changelog
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
2018-09-06 10:09:27 -07:00
Felix Fontein
82f8c2add9 [2.7] docker_*: changelogs (#45056)
* Add changelog entry for #16748.

* Changelog entry for #33579.

* Added changelog for #42380.

* Added changelog for #42641.

* Adding changelog entry for #42857.

* Added changelog for #44808.
2018-09-06 09:39:34 -07:00
Adam Miller
e857157072 Improve dnf group output for clarity
Add note about group removal bug upstream dnf

Signed-off-by: Adam Miller <admiller@redhat.com>
2018-09-06 09:27:37 -07:00
Toshio Kuratomi
77ed7545fa Add a summary for 2.7.0b1 2018-08-31 14:36:48 -07:00
Toshio Kuratomi
8323524e9f Rename the 2.7.0a1 summary.
I didn't realize these summary files need to be created unique for the
minor releases too
2018-08-31 11:41:34 -07:00
Matt Martz
2a4e92aab7
ensure if we get a non-Task object in _get_delegated_vars, we return early (#44934) 2018-08-30 17:11:32 -05:00
Matt Martz
a0d7d4b82f Change insertion order of apply block to not affect the include_X task itself (#44912) 2018-08-30 16:56:28 -04:00
Sam Doran
8cd8d17980
Add ability to unlock 1Password vault to lookup plugins (#44923)
* Add ability to use login to 1Password vault to 1Password lookups

* Adjust unit tests

* Add changelog
2018-08-30 16:24:06 -04:00
Matt Martz
9d89e15ff0
Ensure we only cache the loop when the task had a loop (#44901)
* Further restrict caching of loop when the task actually had a loop. Fixes #44874

* Extend tests for loop caching
2018-08-30 12:02:43 -05:00
Alex Stephen
3c6c7bae9d Allow home path expansion on GCP service account files (#44863)
* Allowing home path expansion on GCP service account files #42974

* wrong name for changelog
2018-08-30 10:27:29 -04:00
Dag Wieers
bf9ed0263a Ensure action plugins accept only valid args (#44779)
* Ensure action plugins accept only valid args

This fixes #25424
This also fixes #44773

* Add missing parameters, use private _VALID_ARGS
2018-08-30 09:40:36 -04:00
Matt Martz
0221d1ad20
Introduce and use locale-naive rfc2822 date format function (#44868)
* Introduce and use locale-naive rfc2822 date format function. Fixes #44857

* Adjust test expected response
2018-08-30 08:34:37 -05:00
Jordan Borean
533656694e
win_disk_image: return all mount paths in return value (#44799) 2018-08-30 16:25:45 +10:00
Matt Martz
d5ed818e7c
Make sure we skip handlers from includes in compile_roles_handlers. Fixes #44848 (#44852) 2018-08-29 15:05:55 -05:00
Matt Martz
cd2f66f731
Don't allow import_tasks to transition to dynamic when file is missing. See #44822 (#44836) 2018-08-29 11:43:26 -05:00
Jordan Borean
9d91607754
win_psexec: fix arg handling when command contains multiple args (#44797) 2018-08-29 10:12:29 +10:00
Xyon
03261b3053 Add new session parameter to win_psexec (#44263)
* Add new session parameter to win_psexec

* Indicate which version the session option was added in

* Added changelog fragment and minor edit on doc entry
2018-08-29 09:42:59 +10:00
Dag Wieers
5e814d8d17 Fix support for JSON output when charset is set (#44762)
* Fix support for JSON output when charset is set

This fixes #41797

* Add specific exception to catch

* Add Changelog fragment
2018-08-29 08:10:46 +10:00
Dag Wieers
f588b1cdf9 Fix issue when timeout and state=present (#43464)
* Fix issue when timeout and state=present

* added changelog fragment
2018-08-29 07:31:24 +10:00
Brian Coca
86037bc840
improved block docs (#43611)
* improved block docs

 - broke down examples per keyword
 - clarified which errors are handled
 - clarified forcing error in rescue
2018-08-28 13:40:12 -04:00
Toshio Kuratomi
b3a57fabbb Make links anonymous so that they don't trigger rstcheck
rstcheck flags duplicate link targets as errors
2018-08-27 20:43:53 -07:00
Adam Miller
397febd343 YUM4/DNF compatibility via yum action plugin (#44322)
* YUM4/DNF compatibility via yum action plugin

DNF does not natively support allow_downgrade as an option, instead
that is always the default (not configurable by the administrator)
so it had to be implemented

 - Fixed group actions in check mode to report correct changed state
 - Better error handling for depsolve and transaction errors in DNF
 - Fixed group action idempotent transactions
 - Add use_backend to yum module/action plugin
 - Fix dnf handling of autoremove (didn't used to work nor had a
   default value specified, now does work and matches default
   behavior of yum)
 - Enable installroot tests for yum4(dnf) integration testing, dnf
   backend now supports that
 - Switch from zip to bc for certain package install/remove test
   cases in yum integration tests. The dnf depsolver downgrades
   python when you uninstall zip which alters the test environment
   and we have no control over that.
 - Add changelog fragment
 - Return a pkg_mgr fact if it was not previously set.
2018-08-27 10:17:47 -07:00
Matthias Fuchs
7871027c9d Share the implementation of hashing for both vars_prompt and password_hash (#21215)
* Share the implementation of hashing for both vars_prompt and password_hash.
* vars_prompt with encrypt does not require passlib for the algorithms
  supported by crypt.
* Additional checks ensure that there is always a result.
  This works around issues in the crypt.crypt python function that returns
  None for algorithms it does not know.
  Some modules (like user module) interprets None as no password at all,
  which is misleading.
* The password_hash filter supports all parameters of passlib.
  This allows users to provide a rounds parameter, fixing #15326.
* password_hash is not restricted to the subset provided by crypt.crypt,
  fixing one half of #17266.
* Updated documentation fixes other half of #17266.
* password_hash does not hard-code the salt-length, which fixes bcrypt
  in connection with passlib.
  bcrypt requires a salt with length 22, which fixes #25347
* Salts are only generated by ansible when using crypt.crypt.
  Otherwise passlib generates them.
* Avoids deprecated functionality of passlib with newer library versions.
* When no rounds are specified for sha256/sha256_crypt and sha512/sha512_crypt
  always uses the default values used by crypt, i.e. 5000 rounds.
  Before when installed passlibs' defaults were used.
  passlib changes its defaults with newer library versions, leading to non
  idempotent behavior.

  NOTE: This will lead to the recalculation of existing hashes generated
        with passlib and without a rounds parameter.
        Yet henceforth the hashes will remain the same.
        No matter the installed passlib version.
        Making these hashes idempotent.

Fixes #15326
Fixes #17266
Fixes #25347 except bcrypt still uses 2a, instead of the suggested 2b.

* random_salt is solely handled by encrypt.py.
  There is no _random_salt function there anymore.
  Also the test moved to test_encrypt.py.
* Uses pytest.skip when passlib is not available, instead of a silent return.
* More checks are executed when passlib is not available.

* Moves tests that require passlib into their own test-function.

* Uses the six library to reraise the exception.

* Fixes integration test.

When no rounds are provided the defaults of crypt are used.
In that case the rounds are not part of the resulting MCF output.
2018-08-27 08:40:41 -07:00
Charles
a7f35e232e Switch to LiteralPath instead of Path. Closes #44508 (#44509)
* Switch to LiteralPath instead of Path. Closes #44508

* add changelog fragment

* fix line endings and remove final empty line

* Minor text changes in changelog
2018-08-27 16:18:45 +10:00
Daniel-Sanchez-Fabregas
af49627a08 Module win_domain_computer fix delete computer with child (#44500)
* Module win_domain_computer fix delete computer with child

* add changelog fragment
2018-08-27 15:54:16 +10:00
Sloane Hertel
d3f5238c09
Fix dangerous elb_application_lb state (#44646)
* elb_application_lb: fix dangerous default of deleting an ELB if state is omitted by changing state to default to present to be more like other AWS modules
2018-08-24 13:04:15 -04:00
Shuang Wang
b03feb6d40 Implement part of #27617 [expend checksum format to <algorithm>:(<checksum>|<url>)] (#43751)
* expend checksum format to <algorithm>:(<checksum>|<url>)

* continue to code at office

* ALPHA - expend checksum format to <algorithm>:(<checksum>|<url>)

* clean up tmpfile and comment

* try to add test code for 27617

* try to add test code for 27617

* try to add test code for 27617

* try to fix [Could not find or access 'testserver.py']

* fix test code [Could not find or access 'testserver.py']

* fix test code [add files dir]

* fix test code [files dir not exists]

* as [connection was closed before a valid response was received]

* [connection was closed before a valid response was received]

* [connection was closed before a valid response was received]

* add test item [sha1 and sha256]

* since [connection was closed before a valid response was received]

* fix [connection was closed before a valid response was received]

* fix test code typo

* add docs for #27617

* PR #43751 is minor change

* fix pep8 issue.

* fix test code style.

* fix unexpected quote
2018-08-24 12:45:32 -04:00
Toshio Kuratomi
f46c943d3d Fix another corner case of too many warnings for world readable current working directory
There should be no warning if there is no ansible.cfg file i nthe
current working directory.
2018-08-23 20:23:59 -07:00
Will Thames
60e3af42d5 sns_topic boto3 port (#39292)
* Port sns_topic to boto3 and add tests
2018-08-23 21:04:18 -04:00
Sloane Hertel
79ecb4c41f
Add diff mode for ec2_group (#44533)
* Add (preview) diff mode support ec2_group

* Add diff mode to some ec2_group integration tests

* Remove unnecessary arguments and add comment to the module notes

* Add changelog
2018-08-23 19:43:18 -04:00
Sloane Hertel
b152515fcb RDS inventory plugin (#41919)
Comments out uses of rds_instance in the integration tests and replace with AWS CLI until rds_instance has been merged
2018-08-23 19:42:32 -04:00
Sam Doran
05fff27415
Pass path to GalaxyRole object (#43051)
This will list all roles in all paths in roles_path rather than just the first path in roles_path.
2018-08-23 12:44:48 -04:00
jctanner
653d9c0f87 New keyword: ignore_unreachable (#43857) 2018-08-23 11:41:02 -04:00
guoqiao
6ef9c2d7b7 Fix mail module for python 3.7.0 (#44550) (#44552)
In python 3.7.0, changes in `ssl.py` breaks `smtplib.SMTP_SSL`, which
then breaks `mail` module in ansible.

Run this line in python shell:

    import smtplib;smtplib.SMTP_SSL().connect(host='smtp.gmail.com', port=465)

Before python 3.7.0, we will get:

    (220, b'smtp.gmail.com ESMTP j13-v6sm3086685pgq.56 - gsmtp')

In python 3.7.0, we get such error at `lib/python3.7/ssl.py` line 843, method `_create`:

    ValueError: server_hostname cannot be an empty string or start with a leading dot.

The ssl module is using host info on SMTP_SSL instance, which is not set.
The fix/workaround is simple, just pass host info to it:

    import smtplib;smtplib.SMTP_SSL(host='smtp.gmail.com').connect(host='smtp.gmail.com', port=465)

Fixes: #44550

Signed-off-by: Guo Qiao <guoqiao@gmail.com>
2018-08-23 16:50:54 +10:00
Jordan Borean
e07352b9de basic.py: catch ValueError when trying to import hash algorithms (#44551)
* basic.py: catch more Exceptions when trying to import md5 hash algorithms
2018-08-22 23:34:50 -07:00
Guilherme Steinmuller
3db93e4c2a Add missing changelog for PR #44418 (#44478)
The PR[1] was merged but we noticed that the
changelog file is missing.

[1] https://github.com/ansible/ansible/pull/44418
2018-08-23 12:32:34 +10:00
Ryan Brown
4c8808ec9d
Extend module_defaults by adding default groups for cloud modules (#44127)
Extends `module_defaults` by adding a prefix to defaults `group/` which denotes a builtin list of modules. Initial groups are: `group/aws`, `group/azure`, and `group/gcp`
2018-08-22 21:33:27 -04:00
Matt Martz
a1febd95b7
Remove deprecated ec2_facts (#44536)
* Remove deprecated ec2_facts

* Add changelog
2018-08-22 16:48:22 -05:00
Matt Martz
5ea7480e90
Remove deprecated s3 module (#44537)
* Remove deprecated s3 module

* Add changelog
2018-08-22 16:48:09 -05:00
sdubrul
061877d584 added account_alias in the response of module aws_caller_facts (#42345)
* added account_alias in the response of module aws_caller_facts

* added comment to explain list_account_aliases

* renamed caller_identity to caller_facts as the content is extended

* created changelog

* security-policy needs the iam:ListAccountAliases for this module to work

* test now checks for the added field account_alias

* gracefully handle missing iam:ListAccountAliases permission
2018-08-22 17:21:12 -04:00
Vladimir Dobriakov
6f480fd03d Fixes #23078 - eliminate trailing whitespace in to_nice_json (#42633)
* Fix #23078 - eliminate trailing whitespace in to_nice_json

* Add changelog fragment for #42633
2018-08-22 14:55:30 -05:00
Matt Martz
81ca04512d
Raise a nicer error when we cannot execute the editor (#44423)
* Raise a nicer error when we cannot execute the editor. Fixes #44419

* Don't use to_bytes when constructing an exception

* Add changelog fragment
2018-08-22 10:24:11 -05:00
Brian Coca
bda074d34e
fix tempating issues with no_log and loops (#44468)
* fix tempating issues with no_log and loops

 - task is no log if any item is
 - added test cases

fixes #43294
2018-08-21 21:53:56 -04:00
Toshio Kuratomi
0e7b470a01 Remove deprecated tags config option (#44479)
* Remove deprecated tags config option

* wordsmith porting guide entry

acozine via github
2018-08-21 14:57:06 -05:00
Matt Martz
2bf6507c44
Use newer is_sequence function instead of MutableSequence (#44331)
* Use newer is_sequence function instead of MutableSequence. Fixes #44327

* Add changelog for #44331

* Update changelog fragment to describe the fix in more detail
2018-08-21 10:42:11 -05:00
Matt Martz
617372f8c0
Mass nuke deprecated items that are easily removed. ci_complete (#44320) 2018-08-20 16:26:10 -05:00
Matt Martz
9b2baebe64
Don't use copy.deepcopy in high workload areas, use naive_deepcopy (#44337)
* Don't use copy.deepcopy in high workload areas, use deepishcopy. ci_complete

* Add tests

* Add changelog fragment

* rename to naive_deepcopy and add extra docs

* Rename to module_response_deepcopy and move to vars/clean
2018-08-20 15:08:29 -05:00
Monty Taylor
27ac2fc67c Ensure that apt is always chosen on debian/ubuntu (#44413)
One can install alternate packages managers on debuntu machines.
However, doing so doesn't mean you want to suddenly start using them.

Add in a check similar to the fedora yum/dnf check that sets apt as the
pkg_mgr if the ansible_os_family is Debian.
2018-08-20 15:59:56 -04:00
Martin Krizek
a66588129f
Add changelog for Jinja2 native types (#44309) 2018-08-17 16:27:16 +02:00
Sam Doran
00e7c020b2 Add backup feature to user module (#41854)
*  Add backup option

* Only backup shadow file when the OS has one

* Only backup shadow file for SunOS

* Update docs on backup feature

* Add changelog fragment

* Add tests for shadow backup

* Remove backup option, make it automatic

Remove the option to enable/disable backups and make it automatic. Add note to docs describing this behavior.

Change tests to account for new module behavior.

Change section name in changelog fragment since minor_features is not a valid section.
2018-08-15 16:22:26 -04:00
Tom Matthews
5c1e620504 Strip trailing comments from /etc/default/passwd (#43931)
* strip additional comments from /etc/default/passwd

Strip trailling comments from /etc/default/passwd like
MINWEEKS=1 #MINWEEKS=2
MAXWEEKS=12  # MAXWEEKS=8
Which otherwise cause failures with "failed to read /etc/default/passwd: too many values to unpack"

* fix carriage return typo in commit

* yet another typo in commit

* Fix indent problem

* add changelog fragment for PR 43931
2018-08-15 15:04:45 -04:00
Andreas Calminder
21066410be authorized_key 29891 use os.path.realpath to follow keyfile symlinks (#40417)
* 29891 use os.path.realpath to follow keyfile symlinks
* 29891 add parameter follow
* updated changelog fragment
* add documentation and set default to false
2018-08-13 16:06:33 -07:00
Sam Doran
6d38167d49
Only template values in vars_prompt rather than all vars (#39304)
* Only template values in vars_prompt rather than all vars

This allows the use of variables in vars_prompt fields but allows variables entered in the prompt to affect play vars rather than throwing an undefined error.

Only post validate if there was a vars_prompt

* Add tests for vars_prompt
2018-08-13 12:54:31 -04:00
Zhikang Zhang
b20d903cc4 Give warning if user inputs not encrypted password to user module (#43615)
* Check the password format

Check the password format and notify user if they
input unencrypted password.

* Fix sanity error

* Add integration test

* Missed a task name

* Hard code the testing password

Since some testing platfrom has no passlib installed

* Add changelog fragment

* Rework some English sentences

* Fix a grammar mistake
2018-08-13 12:45:37 -04:00
Toshio Kuratomi
a0e6ab09d1 Add note to the porting guide about why we're dropping python-2.6 controller support 2018-08-13 07:38:38 -07:00
Toshio Kuratomi
da26ba3760 Documentatin fixes 2018-08-13 07:38:38 -07:00
Toshio Kuratomi
c4951cce0b Exorcise Python-2.6 2018-08-13 07:38:38 -07:00
Toshio Kuratomi
e2e44f846c Fix the local and ssh plugins for a cornercase retrying a syscall
The bundled selectors library which is used by the local and ssh
connection plugins had a bug which caused a traceback in a cornercase.
If selectors were in use and a syscall was interrupted, selectors would
attempt to restart the syscall after the interrupt was processed.  if
the attempt determined that the timeout for running the syscall had
already expired, the code attempted to raise OSError.  The raise was
using a Python3-ism and needed to be ported to work on Python2.

Fixes #41630
2018-08-13 07:17:11 -07:00
René Moser
1fb0e11b56
vultr: rename prefix vr_to vultr_ (#43994)
* vultr: rename modules

* replace string vr_ with vultr_

* add deprecation warning

* fix sanity tests

* add changelog
2018-08-13 10:21:50 +02:00
Felix Fontein
aef16ee195 ACME: use Cryptography (if a new enough version is available) instead of OpenSSL (#42170)
* Collecting PEM -> DER conversions.

* Using cryptography instead of OpenSSL binary in some situations.

* Moving key-to-disk writing for key content to parse_account_key.

* Rename parse_account_key -> parse_key.

* Move OpenSSL specific code for key parsing and request signing into global functions.

* Also using cryptography for key parsing and request signing.

* Remove assert statements.

* Fixing handling of key contents for cryptography code path.

* Allow to disable the use of cryptography.

* Updating documentation.

* 1.5 seems to work as well (earlier versions don't have EC sign function). Making Python 2.x adjustments.

* Changing option to select_crypto_backend.

* Python 2.6 compatibility.

* Trying to test both backends separately for acme_account.

* Also testing both backends separately for acme_certificate and acme_certificate_revoke.

* Adding changelog entry which informs about select_crypto_backend option in case autodetect fails.

* Fixing YAML.
2018-08-12 19:12:01 +02:00
Brian Coca
abe68d523c
fix alt linux detection for new versions (#43723)
they dropped the Linux so now it only shows as ALT, it should still be backwards compatible
pkg_mgr detection relies on `Altlinux` string, so properly setting os_distribution should take care of it as side effect
fixes #43539
2018-08-10 15:16:33 -04:00
Brian Coca
9be3a7dde5
handle env exception in gathering even no inject (#43569)
* handle env exception in gathering even no inject

(cherry picked from commit 60e3b9b3527daea6d9fb75a80cc14b35923748f3)
2018-08-10 15:11:20 -04:00
Matt Martz
c1c229c6d4
Remove use of simplejson throughout code base (#43548)
* Remove use of simplejson throughout code base. Fixes #42761

* Address failing tests

* Remove simplejson from contrib and other outlying files

* Add changelog fragment for simplejson removal
2018-08-10 11:13:29 -05:00
Jordan Borean
7b1cc11685
win_domain modules: ensure Netlogon service is still running after promotion (#43703) 2018-08-10 16:17:45 +10:00
Toshio Kuratomi
08e8d8c1d5 changelog for lxd idempotence fix 2018-08-05 15:29:40 -07:00
Toshio Kuratomi
30662bedad
Only print warning when ansible.cfg is actually skipped (#43583)
Only print warning when ansible.cfg is actually skipped

* Also add unittests for the find_ini_config_file function
* Add documentation on world writable current working directory
  config files can no longer be loaded from a world writable current
  working directory but the end user is allowed to specify that
  explicitly.  Give appropriate warnings and information on how.

Fixes #42388
2018-08-03 10:39:33 -07:00
Brian Coca
62d8c8fde6 more useful messages when module failure (#43576)
* more useful messages when module failure

specially if the 'interpreter' is not found

* 1 less var

* shebang can be none

* remove typoes
2018-08-02 13:30:57 -04:00
Seuf
6f4b2e8f7f Moved grafana 5 dashboard compatible changelog to fragments dir (#43593) 2018-08-02 19:07:42 +10:00
Toshio Kuratomi
d483d646eb Normalize config from environment as text strings
On Python3, these would be text strings already.  On Python2, we need to
convert them from bytes.

Use a new helper function py3compat to do this.

Fixes #43207
2018-08-01 19:42:35 -07:00
Shuang Wang
68683b4c73 fix issue [ get_url does not change mode when checksum matches ] (#43342)
* fix  #29614

* add change log for #43342

* Cleanup tests and add tests for this scenario


Co-authored-by: ptux
2018-08-01 15:02:27 -04:00
Jiri Tyr
c93f24b45b Fix for creation and removal of swap record in fstab (fixes #42706, #31437 and #30090) (#42837) 2018-07-31 17:09:38 -04:00
Alex
29a62038b7 module_utils_service: Fix glob path of rc.d (#43018)
Some distribtuions like SUSE has the rc%.d directories under /etc/init.d

Quote of /etc/rc.d.README on SLES11.

"Some people expect the system startup scripts in /etc/rc.d/.
We use a slightly different structure for better LSB compliance."
2018-07-31 11:56:11 -04:00
Jordan Borean
9259f31fee Add Ansible.ModuleUtils.PrivilegeUtil and converted code to use it (#43179)
* Add Ansible.ModuleUtils.PrivilegeUtil and converted code to use it

* Changed namespace and class to be a better standard and fixed some typos

* Changes from review

* changes to avoid out of bound mem of server 2008

* changes to detect failure when setting a privileged not allowed
2018-07-30 14:48:54 -07:00
Artem Goncharov
6667ec4474 fixes #42042 (#42939)
Do not create group with empty name when region (optional argument) is 
not given in the openstack connection
2018-07-27 10:02:34 -04:00
Toshio Kuratomi
52449cc01a AnsiballZ improvements
Now that we don't need to worry about python-2.4 and 2.5, we can make
some improvements to the way AnsiballZ handles modules.

* Change AnsiballZ wrapper to use import to invoke the module
  We need the module to think of itself as a script because it could be
  coded as:

      main()

  or as:

      if __name__ == '__main__':
          main()

  Or even as:

      if __name__ == '__main__':
          random_function_name()

  A script will invoke all of those.  Prior to this change, we invoked
  a second Python interpreter on the module so that it really was
  a script.  However, this means that we have to run python twice (once
  for the AnsiballZ wrapper and once for the module).  This change makes
  the module think that it is a script (because __name__ in the module ==
  '__main__') but it's actually being invoked by us importing the module
  code.

  There's three ways we've come up to do this.
  * The most elegant is to use zipimporter and tell the import mechanism
    that the module being loaded is __main__:
    * 5959f11c9d/lib/ansible/executor/module_common.py (L175)
    * zipimporter is nice because we do not have to extract the module from
      the zip file and save it to the disk when we do that.  The import
      machinery does it all for us.
    * The drawback is that modules do not have a __file__ which points
      to a real file when they do this.  Modules could be using __file__
      to for a variety of reasons, most of those probably have
      replacements (the most common one is to find a writable directory
      for temporary files.  AnsibleModule.tmpdir should be used instead)
      We can monkeypatch __file__ in fom AnsibleModule initialization
      but that's kind of gross.  There's no way I can see to do this
      from the wrapper.

  * Next, there's imp.load_module():
    * https://github.com/abadger/ansible/blob/340edf7489/lib/ansible/executor/module_common.py#L151
    * imp has the nice property of allowing us to set __name__ to
      __main__ without changing the name of the file itself
    * We also don't have to do anything special to set __file__ for
      backwards compatibility (although the reason for that is the
      drawback):
    * Its drawback is that it requires the file to exist on disk so we
      have to explicitly extract it from the zipfile and save it to
      a temporary file

  * The last choice is to use exec to execute the module:
    * https://github.com/abadger/ansible/blob/f47a4ccc76/lib/ansible/executor/module_common.py#L175
    * The code we would have to maintain for this looks pretty clean.
      In the wrapper we create a ModuleType, set __file__ on it, read
      the module's contents in from the zip file and then exec it.
    * Drawbacks: We still have to explicitly extract the file's contents
      from the zip archive instead of letting python's import mechanism
      handle it.
    * Exec also has hidden performance issues and breaks certain
      assumptions that modules could be making about their own code:
      http://lucumr.pocoo.org/2011/2/1/exec-in-python/

  Our plan is to use imp.load_module() for now, deprecate the use of
  __file__ in modules, and switch to zipimport once the deprecation
  period for __file__ is over (without monkeypatching a fake __file__ in
  via AnsibleModule).

* Rename the name of the AnsiBallZ wrapped module
  This makes it obvious that the wrapped module isn't the module file that
  we distribute.  It's part of trying to mitigate the fact that the module
  is now named __main)).py in tracebacks.

* Shield all wrapper symbols inside of a function
  With the new import code, all symbols in the wrapper become visible in
  the module.  To mitigate the chance of collisions, move most symbols
  into a toplevel function.  The only symbols left in the global namespace
  are now _ANSIBALLZ_WRAPPER and _ansiballz_main.

revised porting guide entry

Integrate code coverage collection into AnsiballZ.

ci_coverage
ci_complete
2018-07-26 20:07:25 -07:00
Toshio Kuratomi
6eacfecb73 ANSIBLE_REMOTE_TMP was an implementation of unified temp that was later changed
One of the earlier implementation of unified temp for 2.4 passed the
temp diretory to the remote side using this environment variable.  We
later changed it to be passed via a module parameter but forgot to
remove the environment variable.
2018-07-25 16:57:46 -07:00
Fabian von Feilitzsch
d27de6acd9 Add from_yaml_all to support multi document yaml strings (#43037)
* Support multi-doc yaml in the from_yaml filter

* Most automatic method of handling multidoc

* Only use safe_load_all

* Implement separate filter

* Update plugin docs and changelog
2018-07-25 16:12:22 -04:00
Julien Champseix
19dc267e4c Allow specifying the output encoding in the template module (#42171)
Allow specifying the source and destination files' encodings in the template module

* Added output_encoding to the template module, default to utf-8
* Added documentation for the new variables
* Leveraged the encoding argument on to_text() and to_bytes() to keep the implementation as simple as possible
* Added integration tests with files in utf-8 and windows-1252 encodings, testing all combinations
* fix bad smell test by excluding windows-1252 files from the utf8 checks
* fix bad smell test by excluding valid files from the smart quote test
2018-07-25 13:10:40 -07:00
Brian Coca
ac1f05478e Allow to specifically customize console's color 2018-07-24 13:21:58 -04:00
Jordan Borean
04431216e7
win_user: use different method to validate credentials that does not rely on SMB/RPC (#43059)
* win_user: use different method to validate credentials that does not rely on SMB/RPC

* Use Add-Type as SetLastError on .net reflection not working on 2012 R2
2018-07-24 08:16:42 +10:00
Jordan Borean
93c05074ee
win_chocolatey: refactor module to fix bugs and add new features (#43013)
* win_chocolatey: refactor module to fix bugs and add new features

* Fix some typos and only emit install warning not in check mode

* Fixes when testing out installing chocolatey from a server

* Added changelog fragment
2018-07-24 07:52:13 +10:00
Jarryd Tilbrook
460f858640 Enable check_mode in command module (#40428)
* Enable check_mode in command module

This only works if supplying creates or removes since it needs
something to base the heuristic off. If none are supplied it will just
skip as usual.
Fixes #15828

* Add documentation for new check_mode behavior
2018-07-23 14:06:41 -07:00
Matt Martz
8d933928d2 Only assume GET if no data, otherwise POST (#43133)
* Only assume GET if no data, otherwise POST. Fixes #42876 #43091 #42750
2018-07-23 07:30:10 -07:00
Barry Peddycord III
dc42b43cd1 NCLU Module: Improve performance by not operating on empty lines (#43024)
* Update nclu.py

Stop module from running `net` on empty commands.

* Update nclu.py

Updated the copyright date

* Update nclu.py

Returned metadata version to 1.1

* Update nclu.py

Fix indentation to be a multiple of 4.

* Create changelog fragment
2018-07-20 11:38:29 -04:00
Thierry Bouvet
5d23406926 Fix ssl_version default value. (#42955)
* Fix ssl_version default value.

* Add changelog
2018-07-20 11:32:04 -04:00
Brian Coca
9217fbb7dd
better error messasge (#42770)
* better error messasge
2018-07-19 12:13:09 -04:00
Sam Doran
0ca61e9d87
Only report change when home directory is different on FreeBSD (#42865)
* Only report change when home directory is different

Add tests with home: parameter

Have to skip macOS for now since there is a bug when specifying the home directory path for an existing user that results in a module failure. That needs to be fixed in a separate PR.
2018-07-19 10:07:00 -04:00
dgeo
ae96ba0d4f fix a (forgotten?) change in moving createhome -> create_home (#42711)
* fix a (forgotten?) change in moving createhome -> create_home

Fix for following bug on FreeBSD host whith user module:
```
fatal: [webssp]: FAILED! => {"changed": false, "module_stderr": "X11 forwarding request failed
Traceback (most recent call last):
  File \"/tmp/ansible_2rmlBl/ansible_module_user.py\", line 2487, in <module>
    main()\n  File \"/tmp/ansible_2rmlBl/ansible_module_user.py\", line 2426, in main
    (rc, out, err) = user.modify_user()
  File \"/tmp/ansible_2rmlBl/ansible_module_user.py\", line 1011, in modify_user
    if (info[5] != self.home and self.move_home) or (not os.path.exists(self.home) and self.createhome):
AttributeError: 'FreeBsdUser' object has no attribute 'createhome'
", "module_stdout": "", "msg": "MODULE FAILURE", "rc": 1}
```
It happenned with 'createhome' AND with 'create_home' form, with python 2.7 AND python 3.6

* Add changelog


Co-authored-by: dgeo <dgeo@users.noreply.github.com>
2018-07-16 16:55:57 -04:00
Filippo125
5864871fc1 Zabbix inventory improvement (#42669)
* Add validate_certs option to zabbix inventory

* Add validation option

* Fix pep8

* Add changelog
2018-07-14 09:10:16 -04:00
jamessemai
dc32842573 win_security_policy: Allow setting a value to empty (#42051)
* win_security_policy: allow removing values (resolves #40869)

* Removing warning

* Adding test for remove policy setting

* Fixing string comparison

* Make idempotent

* Adding idempotency and diff test

* added changelog fragment
2018-07-13 14:08:14 +10:00
Jordan Borean
e3521776f5
win_chocolatey: add TLSv1.2 support for install phase (#41992) 2018-07-13 13:38:24 +10:00
Jordan Borean
d723b8541d changed winrm _reset to reset and make ssh reset show warning (#42651)
* changed winrm _reset to reset and make ssh reset show warning

* minor changelog update
2018-07-11 20:22:01 -07:00
Matt Davis
a5fc9a17f0
return wu result from inner job (#42647)
fixes #42423
2018-07-11 18:01:42 -07:00
Brian Coca
e115e6496f
preserve delegation info on no_log (#42577)
* preserve delegation info on no_log

fixes #42344
2018-07-11 20:41:37 -04:00
Jerry Chong
42f44b24c6 Fix NameError in pause module (#42038)
* Fix NameError in pause module

* Add comment and changelog

Co-authored-by: Jerry Chong <jchong@netbase.com>
2018-07-11 11:49:32 -04:00
Jordan Borean
940d4a0e89
win_reboot: fix 2.6 issues and better handle post reboot reboot (#42330)
* win_reboot: fix 2.6 issues and better handle post reboot reboot

* changed winrm _reset to reset

* Add handler to reset calls when .reset() throws an AnsibleError on older hosts

* Moving back to _reset to get the issue fixed
2018-07-11 09:12:29 +10:00
Andreas Calminder
577e66660d Simple file locking feature (#42024)
* class for file locking feature
2018-07-10 14:13:27 -07:00
Brian Coca
937e710485
ensure 'text' source assumptions (#42522)
* ensure 'text' source assumptions
2018-07-10 09:45:37 -04:00
Brian Coca
1c08eb8b27
fix irc module to work with py3 (#42267)
* fix irc module to work with py3

fixes #42256
2018-07-10 09:42:14 -04:00
Toshio Kuratomi
673c55f2ef Separate some 255 exit codes that are not ssh errors
The ssh connection plugin is overzealous in thinking that error code 255
can only come from ssh.  Python can return 255 in some circumstances and
error from php does as well.
2018-07-09 15:51:20 -07:00
Toshio Kuratomi
9350a81ae4 Port modules away from __file__
* __file__ won't work if we want to invoke modules via -m or if we
  figure out how to keep modules from hitting the disk with pipelining.
* module.tmpdir is the new way to place a file where it will be cleaned
  automatically.

Change format string to not depend on __file__:

* cloud/amazon/ec2_elb_lb.py
* cloud/amazon/elb_classic_lb.py

Use module.tempdir:

* packaging/os/apt.py
* files/unarchive.py
2018-07-09 15:51:20 -07:00
Matt Martz
abb05c98f3 Make sure we are comparing bytes extensions in inventory plugins (#42475)
* Ensure we are comparing text paths with extensions. Fixes #42118

* Add changelog
2018-07-09 12:24:51 -04:00
Sam Doran
1d1595b990
Fix pause module so it does not stack trace when redirecting stdout. (#42217)
* Use separate variables for stdin and stdout file descriptors

* Do not set stdout to raw mode when output is not a TTY
2018-07-06 17:19:55 -04:00
Jill R
8606fb33f0 Add additional puppet options (#42218)
* Add additional puppet options

Add support for puppet options --debug, --verbose, --summary,
and extend logdest to support logging to stdout and syslog at
the same time.

Fixes issue: #37986

* Fix docs

* Doc fix, add release note

* Fix silly yaml error

* Correct changelog, add C() to params in doc
2018-07-06 13:52:17 -04:00
Jordan Borean
8bdd04c147 Fix remote_tmp when become with non admin user (#42396)
* Fix tmpdir on non root become

 - also avoid exception if tmpdir and remote_tmp are None
 - give 'None' on deescalation so tempfile will fallback to it's default behaviour
   and use system dirs
 - fix issue with bad tempdir (not existing/not createable/not writeable)
   i.e nobody and ~/.ansible/tmp
 - added tests for blockfile case

* Revert "Temporarily revert c119d54"

This reverts commit 5c614a59a6.

* changes based on PR feedback and changelog fragment

* changes based on the review

* Fix tmpdir when makedirs failed so we just use the system tmp

* Let missing remote_tmp fail

If remote_tmp is missing then there's something more basic wrong in the
communication from the controller to the module-side.  It's better to
be alerted in this case than to silently ignore it.

jborean and I have independently checked what happens if the user sets
ansible_remote_tmp to empty string and !!null and both cases work fine.
(null is turned into a default value controller-side.  empty string
triggers the warning because it is probably not a directory that the
become user is able to use).
2018-07-06 10:49:19 -07:00
Toshio Kuratomi
ae55e9f5d6 fix changelog (#42272) 2018-07-03 14:31:19 -04:00
Abhijeet Kasurde
087fc0c20c Restore BOOLEANS import in basic.py (#42008)
This import was removed by mistake. This is required for backward
compatibility.

Fixes: #41988

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2018-07-02 10:27:16 -04:00
Sam Doran
fb55038d75 Add warning when using an empty regexp in lineinfile (#42013)
* Revert "Account for empty string regexp in lineinfile (#41451)"

This reverts commit 4b5b4a760c.

* Use context managers for interacting with files

* Store line and regexp parameters in a variable

* Add warning when regexp is an empty string

* Remove '=' from error messages

* Update warning message and add changelog

* Add tests

* Improve warning message

Offer an equivalent regexp that won't trigger the warning.
Update tests to match new warning.

* Add porting guide entry for lineinfile change
2018-06-29 17:15:43 -07:00
Brian Coca
b6f2aad600 ignore ansible.cfg in world writable cwd (#42070)
* ignore ansible.cfg in world writable cwd
 * also added 'warnings' to config
 * updated man page template
2018-06-29 16:46:10 -07:00
Brian Coca
de0e11c0d5 avoid loading vars on unspecified basedir (cwd) (#42067)
* avoid loading vars on unspecified basedir (cwd)
2018-06-29 16:45:38 -07:00
Olli-Antti Kivilahti
8eacbd0381 elasticsearch_plugin - Show STDERR on module failures. (#41954)
* elasticsearch_plugin - Show STDERR on module failures.

I tried to install a ES plugin without
  become: yes
and found after debugging the module that the module failed ude to permission issues.

The only error message I got was
  Is analysis-icu a valid plugin name?

That was strange considering I followed the example documentation by the letter.

I found out that when this module fails, it hides the real reason for failure.

This patch replaces the generic error with more meaningful diagnostics.

* elasticsearch_plugin - Show STDERR on module failures. Changelog fragment

 samdoran commented 2 days ago

This looks good. Please create a changelog fragment to go along with this change. See fragments for examples.
2018-06-29 17:28:17 -04:00
Sloane Hertel
22a6927dbd Fix file module with check_mode - Fixes #42111 (#42115)
* Fix file module check_mode
2018-06-29 11:19:34 -07:00
Lukas Beumer
26abdbf0fd Add the possiblity to force a plugin installation (#41688) 2018-06-27 12:36:51 -04:00
Jordan Borean
77526a5036
win_domain: fix typo in cmdlet call (#41993) 2018-06-27 11:29:45 +10:00
Jordan Borean
2af36412f9
runas + async - get working on older hosts (#41772)
* runas + async - get working on older hosts

* fixed up sanity issues

* Moved first task to end of test for CI race issues

* Minor change to async test to be more stable, change to runas become to not touch the disk

* moved async test back to normal spot
2018-06-26 14:40:49 +10:00
Jordan Borean
abfcc35e6f
win_iis_webapppool: do not output some cmdlet outputs (#41884) 2018-06-26 11:19:09 +10:00
Jordan Borean
9b7b564d75
Stop displaying kinit pass input on a failure (#41882)
* Stop displaying kinit pass input on a failure

* Fixed up minor logic info and added tests
2018-06-26 05:49:19 +10:00
Andrew Gaffney
9c5d40ff15
Merge various stdout callback plugins into 'default' (#41058)
This allows mixing and matching of stdout callback features
2018-06-24 23:00:07 -05:00