Commit graph

21132 commits

Author SHA1 Message Date
James Cammarata
2f0dba4f36 Fix for bug in Conditional for older jinja2 versions
Fixes #20309

(cherry picked from commit af96cba7e1)
2017-01-16 13:17:06 -06:00
Toshio Kuratomi
6a9572e1e5 Update submodule refs 2017-01-16 11:11:25 -08:00
James Cammarata
5362910000 New release v2.2.1.0-1 2017-01-16 10:13:31 -06:00
James Cammarata
009ac7b65e Forgot to add the release date to the CHANGELOG 2017-01-16 09:59:06 -06:00
James Cammarata
c6ef74d81b Updating CHANGELOG 2017-01-16 09:51:22 -06:00
James Cammarata
0c153146e3 New release v2.2.1.0-0.5.rc5 2017-01-13 16:44:45 -06:00
James Cammarata
86eadc5814 Additional security fixes for CVE-2016-9587
(cherry picked from commit b7cdc21aee)
2017-01-13 16:23:14 -06:00
Brian Coca
4b495d7e43 fix issue when proc read returns None
fixes #20225
2017-01-13 14:06:11 -05:00
Matt Clay
c846e915f8 Correct freebsd startup test for CI. 2017-01-13 10:03:11 -08:00
Matt Clay
a93e7506a8 Test with jinja2 < 2.9. 2017-01-12 14:00:39 -08:00
Brian Coca
49fc0cfe4f deal with remote_src and tmp dirs properly
fixes #20128

(cherry picked from commit 8c6b5621f8)
2017-01-12 14:10:16 -05:00
Brian Coca
d1c5a39420 ansible doc does not need plugin deprecation error
(cherry picked from commit 74421f42e1)
2017-01-12 13:10:44 -05:00
Toshio Kuratomi
06ed25e788 Add jinja2 version constraint.
We're not yet compatible with jinja2-2.9 so help out people using pip to
install to get a working installation.
2017-01-12 10:01:29 -08:00
James Cammarata
b3daa9dd64 New release v2.2.1.0-0.4.rc4 2017-01-11 16:25:28 -06:00
James Cammarata
6dee2b21e6 Partial revert of 76f7ce55
(cherry picked from commit a94a48f85f)
2017-01-11 15:53:39 -06:00
James Cammarata
cc4634a5e7 Additional fixes for security related to CVE-2016-9587
(cherry picked from commit d316068831)
2017-01-11 15:53:38 -06:00
Computest
eb8c26c105 Fixing another corner case for security related to CVE-2016-9587
(cherry picked from commit bcceada5d9)
2017-01-11 15:53:37 -06:00
Marius Gedminas
240c388e6c Fix a test failure on Python 3.6 (#20030)
* Fix a test failure on Python 3.6

tox -e py36 failed with

    ======================================================================
    ERROR: test_action_base__execute_module (units.plugins.action.test_action.TestActionBase)
    ----------------------------------------------------------------------
    Traceback (most recent call last):
      File "/home/mg/src/ansible/test/units/plugins/action/test_action.py", line 507, in test_action_base__execute_module
        self.assertEqual(action_base._execute_module(), dict(_ansible_parsed=True, rc=0, stdout="ok", stdout_lines=['ok']))
      File "/home/mg/src/ansible/lib/ansible/plugins/action/__init__.py", line 596, in _execute_module
        remote_module_path = self._connection._shell.join_path(tmp, remote_module_filename)
      File "/home/mg/opt/python36/lib/python3.6/unittest/mock.py", line 939, in __call__
        return _mock_self._mock_call(*args, **kwargs)
      File "/home/mg/opt/python36/lib/python3.6/unittest/mock.py", line 1005, in _mock_call
        ret_val = effect(*args, **kwargs)
      File "/home/mg/src/ansible/.tox/py36/lib/python3.6/posixpath.py", line 92, in join
        genericpath._check_arg_types('join', a, *p)
      File "/home/mg/src/ansible/.tox/py36/lib/python3.6/genericpath.py", line 149, in _check_arg_types
        (funcname, s.__class__.__name__)) from None
    TypeError: join() argument must be str or bytes, not 'MagicMock'

because os.path.join() now checks argument types since Python 3.6 (due
to pathlib support, I expect).

* Use a more realistic module name in test

(cherry picked from commit d9b89ca577)
2017-01-10 07:37:36 -08:00
Matt Clay
941552d107 Fix group_by test to work with jinja2 >= 2.9.
(cherry picked from commit cc3d131f50)
2017-01-09 15:26:52 -08:00
James Cammarata
d8c9b8d347 New release v2.2.1.0-0.3.rc3 2017-01-09 10:49:01 -06:00
James Cammarata
ec84ff6de6 Fixing security bugs for CVE-2016-9587
(cherry picked from c8f8d0607c5c123522951835603ccb7948e663d5)
2017-01-09 10:43:38 -06:00
Toshio Kuratomi
56de9d8ae7 Update submodule refs 2017-01-05 15:56:25 -08:00
Toshio Kuratomi
3e2f6e5094 Allow OSError to skip scriptdir removal
On Ubuntu the scriptdir gets placed into sys.path.  This makes some
modules (copy) fail because the ansible module gets loaded instead of
the stdlib copy module.  So we remove scriptdir there.  Unfortunately,
the scriptdir code uses abspath().  When pipelining, abspath() has to
find the cwd.  On OSX, finding the cwd when that directory is not
executable by the user raises an OSError.  Since OSX does not suffer
from the scriptdir problem we're able to just skip scriptdir handling if
we get that exception.

Fixes #19729

(cherry picked from commit 03510ec4ce)
2017-01-05 15:56:00 -08:00
Brian Coca
577ea88f78 bad module commit 2017-01-05 18:01:30 -05:00
Brian Coca
7e10994b6d allow modules to set custom stats
can be per run or per host, also aggregate or not
set_stats action plugin as reference implementation
added doc stub
2017-01-05 16:39:39 -05:00
Toshio Kuratomi
f6a3c4f071 Update submodule refs 2017-01-04 17:19:08 -08:00
Toshio Kuratomi
8439d1813e Fix for atomic_move on RHEL5
When becoming an unprivileged user using non-sudo on a platform where
getlogin() failed in our situation we were not able to detect that the
user had switched.  This meant that all of our logic to use move vs copy
if the user had switched was attempting the wrong thing.  This change
tries the to do the right thing but then falls back to an acceptable
second choice if it doesn't work.

The bug wasn't easily detected because:
* sudo was not affected because sudo records that the user's have been
  switched so we were able to detect that.
* getlogin() works on most platforms.  RHEL5 with python-2.4 seems to be
  the only platform we still care about where getlogin() fails for this
  case.
* It had to be becoming an unprivileged user.  When becoming
  a privileged user, the user would be able to successfully perform the
  best case tasks.

(cherry picked from commit 02e3f4b526)
2017-01-04 14:10:36 -08:00
Brian Coca
e223349edc fixed id queries, should rely on effective
(cherry picked from commit 92e8c53879)
2017-01-04 14:23:50 -05:00
Toshio Kuratomi
b25c06725a Update submodule refs 2017-01-04 10:17:05 -08:00
Adrian Likins
22f7ca8c97 Add a encode() to AnsibleVaultEncryptedUnicode (#19840)
* Add a encode() to AnsibleVaultEncryptedUnicode

Without it, calling encode() on it results in a bytestring
of the encrypted !vault-encrypted string.

ssh connection plugin triggers this if ansible_password
is from a var using !vault-encrypted. That path ends up
calling .encode() instead of using the __str__.

Fixes #19795

* Fix str.encode() errors on py2.6

py2.6 str.encode() does not take keyword arguments.

(cherry picked from commit c771ab34c7)
2017-01-04 12:17:38 -05:00
James Cammarata
a0a2392c87 Fixing an iteration bug introduced by fed079e4
(cherry picked from commit ac00c8a660)
2017-01-04 10:34:38 -06:00
Toshio Kuratomi
3c4ac877f6 Fix traceback on Darwin with Python3
os.write() needs bytes objects on python3 while python2 can work with
either a byte or unicode string.  Mark the DUMMY_CA_CERT string as
a byte string so it will work.

Fixes #19265
Fixes #19266
2017-01-04 00:34:52 -08:00
Matt Clay
38bf7ab71f Use newer test images for Fedora and openSUSE. 2017-01-03 13:56:53 -08:00
James Cammarata
47e16bef08 Fix role completion detection problem
When the same role is listed consecutively in a play, the previous role
completion detection failed to mark it as complete as it only checked to
see if the role changed.

This patch addresses that by also keeping track of which task in the role
we are on, so that even if the same role is encountered during later passes
the task number will be less than or equal to the last noted task position.

Related to #15409

(cherry picked from commit fed079e4cb)
2017-01-03 14:33:11 -06:00
Arne Demmers
e05222a4cc Fix key lookup in gather facts flag.
(cherry picked from commit bd7466d56c)
2017-01-03 13:53:33 -05:00
Antonio Huete Jimenez
32dad09d2e Check for DragonFly BSD as well for DATE
(cherry picked from commit b9e4a4dede)
2017-01-02 12:59:28 -05:00
Brian Coca
a04d0f485b warn when examined group_vars is not dir
(cherry picked from commit 6f5ecb7efd)
2017-01-02 12:59:28 -05:00
Matt Davis
7683715caf fix multiple handler notifications
Fixes #19647
Adds integration test to catch multiple handler notifications
(cherry picked from commit c2495677b0)
2016-12-23 09:48:23 -08:00
James Cammarata
3c7987f3a4 Removing print debug statements
(cherry picked from commit 78d4f6bbc1)
2016-12-22 19:14:53 -06:00
Gordon Gao
3e72e0c173 let chdir support relative path in more modules (#16736)
(cherry picked from commit d9e1e374b2)
2016-12-22 00:21:30 -08:00
James Cammarata
10a3053525 Correctly set loader path when using list tags/tasks
Fixes #19398

(cherry picked from commit b688f11474)
2016-12-21 21:04:57 -06:00
bart2
29762c87c8 Fixes #16936 - Digest authentication not working in uri module (#18736) 2016-12-21 18:15:21 -08:00
James Cammarata
477043c422 Wrap unhandled errors from lookups in an AnsibleError
This provides better error handling, and prevents errors like KeyError
from bubbliing up to code in odd places.

Fixes #17482

(cherry picked from commit 85bbce9d6b)
2016-12-21 11:49:26 -06:00
James Cammarata
f89abc705b Also fix default callback to use ignore_errors param
Rather than the value in the task, which may not be templated.

Related to #18289

(cherry picked from commit d70d279c4e)
2016-12-21 11:37:25 -06:00
James Cammarata
2d8ebbfe8c Template "original_task" fields in _process_pending_results
Since we no longer use a post-validated task in _process_pending_results, we
need to be sure to template fields used in original_task as they are raw and
may contain variables.

This patch also moves the handler tracking to be per-uuid, not per-object.
Doing it per-object had implications for the above due to the fact that the
copy of the original task is now being used, so the only sure way is to track
based on the uuid instead.

Fixes #18289

(cherry picked from commit dd0257b995)
2016-12-21 10:11:59 -06:00
Brian Coca
e1b459470d log on target based on nolog, not verbosity
fies #18569

(cherry picked from commit b1cefcf176)
2016-12-21 11:09:33 -05:00
Brian Coca
1bdf25561a initialize module name
removing verbosity exposed missing name at certain stages, initialize to file name
and update later once module args are parsed

(cherry picked from commit cea1acf146)
2016-12-21 11:09:32 -05:00
Brian Coca
b1e44d1195 still needs static for task object
(cherry picked from commit 48dee1b6d0)
2016-12-16 23:52:25 -05:00
Brian Coca
8ad67b44dc removed unused static
backport of #19454
2016-12-16 15:17:39 -05:00
Jake Morrison
cfbb58adae Handle inability to read /proc for ansible_service_mgr. Fixes #18957
(cherry picked from commit 00859a4ced)
2016-12-16 12:28:55 -05:00