Commit graph

2256 commits

Author SHA1 Message Date
Felix Fontein
40f21dfd3c
Version source tagging (automatic and manual) for version_added and deprecation versions (#69680)
* Track collection for version_added.
Validate *all* version numbers in validate-modules.
For tagged version numbers (i.e. version_added), consider source collection to chose validation.

* Make tagging/untagging functions more flexible.

* Tag all versions in doc fragments.

* Tag all deprecation versions issued by code.

* Make Display.deprecated() understand tagged versions.

* Extend validation to enforce tagged version numbers.

* Tag versions in tests.

* Lint and fix test.

* Mention collection name in collection loader's deprecation/removal messages.

* Fix error IDs.

* Handle tagged dates in Display.deprecated().

* Also require that removed_at_date and deprecated_aliases.date are tagged.

* Also automatically tag/untag removed_at_date; fix sanity module removal version check.

* Improve error message when invalid version number is used (like '2.14' in collections).
2020-05-28 22:46:16 -07:00
Felix Fontein
31bf3a5622
Deprecate module in collection: allow removal date in documentation, make validate-modules ensure version and date match (#69727)
* Allow to deprecate module by date in documentation.

* Make sure deprecation date/version match between module docs and meta/runtime.yml.

* Unrelated fix: don't compare deprecated module version to Ansible's version in collection.

* Allow documentation's removal version to be something else than fixed list of Ansible versions for collections.

* Linting.

* Allow to deprecate plugin options by date.

* Add changelog fragment for deprecation by date (also covers #68177).
2020-05-28 14:20:52 -07:00
Martin Krizek
061c6c7c6f
Prevent losing error info by including both loop and cond error msgs (#68485)
Fixes #66529
2020-05-28 17:13:39 -04:00
Ganesh Biradar
187de7a8aa
Updated CLI help for 'ansible-galaxy' for 'collection' subcommand (#69458)
* Added YAML header line and link to existing github issue
2020-05-28 10:38:48 -04:00
Sam Doran
d7618712fd
blockinfile - fix line end regression (#69734)
PR #66461 introduced a regression that resulted in an in correct block in the file
if the block to be inserted did not end with a line separator. Fix this bug and add
tests to cover this scenario.
2020-05-27 16:54:38 -04:00
Matt Clay
65c57a7f5b Update default-test-container to version 1.14. 2020-05-27 11:31:38 -07:00
Riyad Preukschas
e5cc12a64f
blockinfile - Preserve line endings (#66461)
Fixes #64966
* Fix "TypeError: splitlines() takes no keyword arguments" on Python2.7
* Add changelog fragment
* Don't use `grep -P` for BSD/macOS compatibility
* Fix sanity checks complaining about test fixtures with mixed line endings
* Update changelogs/fragments/66461-blockinfile_preserve_line_endings.yaml
2020-05-27 11:05:07 -04:00
Abhijeet Kasurde
564907d8ac
distribution: Refactor test_distribution_version testcases (#69300) 2020-05-27 14:01:31 +05:30
Rick Elrod
304c3e57e8
[ssh] Add new sshpass_prompt option (#68874)
Change:
Allows the user to configure sshpass (1.06+) to look for a different
substring than the default "assword" that it comes with.

Test Plan:
Set a custom ssh password prompt on a VM with PAM and tried connecting to
it. Without `ansible_sshpass_prompt` set in inventory: experienced hang.
With `ansible_sshpass_prompt` in inventory: connected successfully.

Tried setting `ansible_sshpass_prompt` with an older `sshpass` in PATH
and got a loud error, as expected.

Tickets:
Fixes #34722, fixes #54743, refs #11565.

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-05-26 19:58:31 -05:00
Matt Davis
f7dfa817ae
collection routing (#67684)
* `meta/` directory in collections
* runtime metadata for redirection/deprecation/removal of plugin loads
* a compatibility layer to keep existing content working on ansible-base + collections
* a Python import redirection layer to keep collections-hosted (and otherwise moved) content importable by things that don't know better
* supported Ansible version validation on collection loads
2020-05-26 09:42:06 -07:00
Brian Coca
de3f7c7739
fix delegated interpreter discovery (#69604)
* fix delegated interpeter
* allow returning fact if it is 'the right host'
* added note for future fix/efficiency
 as it stands we rerun discovery for the delegated host
unless its saving facts to itself
 * fixed test lacking delegate_to mock
2020-05-22 09:31:34 -04:00
James Cammarata
a4072ad0e9
Split regular and handler results into their own queues (#69498)
When mixed with the free strategy (or any custom strategy that does not behave in
a lock-step manner), the linear methodology of _wait_on_handler_results may cause
race conditions with regular task result processing if the strategy uses
_process_pending_results directly. This patch addresses that by splitting the queues
used for results and adding a flag to _process_pending_results to determine which
queue to check.

Fixes #69457
2020-05-21 15:55:08 -05:00
Sam Doran
cd8920af99
file - return 'state': 'absent' when a file does not exist (#66503)
This was changed in ansible/ansible#51350.
2020-05-21 16:35:45 -04:00
Matt Martz
e0f25a2b1f
Strip no log values from module response keys. Fixes #68400 (#69653) 2020-05-21 16:17:57 -04:00
Brian Coca
9281148b62
correctly merge multiple facts results (#68987)
* correctly merge multiple facts results

  fixes #68532
2020-05-20 18:53:37 -04:00
Matt Martz
b748edea45
Add multipart/form-data functionality (#69376)
* Add multipart/form-data functionality

* Fix some linting issues

* Fix error message

* Allow filename to be provided with content

* Add integration test

* Update examples

* General improvements to multipart handling

* Use prepare_multipart for galaxy collection publish

* Properly account for py2 vs py3, ensuring no max header length

* Address test assumptions

* Add unit tests

* Add changelog

* Ensure to use CRLF instead of NL

* Ignore line-endings in fixture

* Consolidate code, add comment

* Bump fallaxy container version

* ci_complete
2020-05-20 15:44:01 -05:00
Martin Krizek
ecd986006e
Properly handle unicode in safe_eval (#68576)
* Properly handle unicode in safe_eval

Fixes #66943

* Update lib/ansible/template/safe_eval.py

Co-authored-by: Sam Doran <sdoran@redhat.com>
2020-05-20 12:08:50 -04:00
Sam Doran
f01de15d25
ansible-galaxy - remove warning during collection install (#69541)
* ansible-galaxy - remove warning during collection install

If existing collections do not contain a MANIFEST.json, which is common
for collections under development that were not installed from Ansible
Galaxy, fall back to inspecting galaxy.yml rather than displaying a
warning.

A warning will still be displayed in neither a MANIFEST.json nor
galaxy.yml are present.

* Update unit tests
2020-05-19 10:31:49 -05:00
Felix Fontein
43acd61901
ansible-test local change detection: use --base-branch if specified (#69508) 2020-05-18 13:18:31 -07:00
Jordan Borean
ecea15c508
Unify ansible-galaxy install -r (#67843)
* Unify ansible-galaxy install -r

* Minor nit fixes for docs

* Re-align warnings

* Fix up integration test

* Fix up test where no roles/collections were in file
2020-05-19 05:09:42 +10:00
Matt Clay
86743292ec Remove incorrect function args in unarchive. 2020-05-15 18:31:43 -07:00
Matt Clay
c495c92a6e Code cleanup in ansible-test. 2020-05-15 18:17:11 -07:00
Matt Clay
ed4fd9be67 Code cleanup in ansible-inventory. 2020-05-15 18:02:18 -07:00
Matt Clay
159d79995c Freeze pycodestyle in ansible-test. 2020-05-15 16:38:50 -07:00
Matt Clay
e7c2eb519b
Add Shippable request signing to ansible-test. (#69526) 2020-05-15 15:38:02 -07:00
Sam Doran
b8469d5c7a
lineinfile - Use ANSIBLE_REMOTE_TMP for temporary file (#69543) 2020-05-15 15:52:17 -04:00
Lukas Pirl
34db57a47f
introduce fact "ansible_processor_nproc": number of usable vcpus (#66569)
This fact reflects the number of usable vcpus (which might be different
from ansible_processor_vcpus, e.g., in containers with limits). See
also #51504.

* Add fixture data and update unit tests

Co-authored-by: Sam Doran <sdoran@redhat.com>
2020-05-15 09:38:56 -04:00
Matt Clay
83381cd912 Update the default-test-container in ansible-test.
The updated container includes fewer requirements now that the collection migration has completed.

Collections which encounter test issues with this new container should update their test requirements files to include the necessary requirements.
2020-05-14 21:24:58 -07:00
Matt Clay
d8e0aadc0d Update ansible-test support for CI providers.
Refactored CI provider code to simplify multiple provider support and addition of new providers.
2020-05-14 17:08:30 -07:00
Richard Lau
9d8cf1ed21
Add path for yum on IBM i to PKG_MGRS (#69484)
* Add path for yum on IBM i to PKG_MGRS

On IBM i, yum is installed under the `/QOpenSys/pkgs` prefix, see:
https://bitbucket.org/ibmi/opensource/src/master/docs/yum/#markdown-header-must-know-usage-notes-read-this-after-you-install

* Add changelog fragment
2020-05-14 19:09:09 -04:00
Chris Holland
dfa2863dee
Remove FIXME where no change is needed (#69466)
* Added exception

* Added changelog fragment

* Remove FIXME comment

* Edit changelog fragment
2020-05-14 15:44:33 -04:00
Bob Weinand
f200487414
Fix filedescriptor out of range in select() when running commands (#65058)
* Fix filedescriptor out of range in select() when running commands

* Simplify the run_command() code

Now that we're using selectors in run_command(), we can simplify some of
the code.

* Use fileobj.read() instead of os.read()
* No longer use get_buffer_size() as we can just slurp all of the data
  instead.

Also use a simpler conditional check of whether the selector map is
empty

Co-authored-by: Toshio Kuratomi <a.badger@gmail.com>
2020-05-14 11:46:34 -04:00
Brian Coca
87d9b49de2
Fix listing of colleciton plugins with symlinks (#69305)
* Fix listing of colleciton plugins with symlinks
2020-05-14 11:45:02 -04:00
Ted Pearson
c13b040e67
systemd: set scope default to "system" (#67006)
- Make "system" default scope for systemd
- Remove extra None checks since there is now a default
2020-05-14 11:36:47 -04:00
Matt Martz
4c4406b2df
Flatten the directory hierarchy of modules (#68966)
* Flatten the directory hierarchy of modules

* Update ignore.txt, flatten units

* Update imports

* Completely flatten the modules directory

* Update sanity ignore

* Fix some sanity test ignores

* Fix relative import

* Fix docs builds without category

* ci_complete

* Clean up docs. ci_complete

* Adjust needs/file alias

* ci_complete

* fix hardcoded ping module paths

Co-authored-by: Matt Davis <mrd@redhat.com>
2020-05-13 19:14:53 -07:00
Felix Fontein
0e15375ffe
Add deprecated removed_in_version and deprecated_aliases version tests (#66920) 2020-05-13 13:58:09 -07:00
Brian Coca
f0b6f76bc6
only show_vars when showing vars (#69365)
* only show_vars when showing vars

avoid processing function params that can be very expensive
and might not be used at all in called function.

fixes #69357

* Update changelogs/fragments/69357_optimize_inventory_graph_wo_vars.yml

Co-authored-by: Sloane Hertel <shertel@redhat.com>

Co-authored-by: Sloane Hertel <shertel@redhat.com>
2020-05-13 15:03:30 -04:00
Brian Coca
0aa76503dc
avoid fatal tb on bad fqcn callback name (#69440) 2020-05-13 12:02:31 -04:00
Martin Krizek
6086ea62ee
Remove deprecation for TRANSFORM_INVALID_GROUP_CHARS (#66650)
Fixes #61889
2020-05-13 10:16:32 -04:00
Matt Davis
776f4840fc
fix ansible-test units to work(ish) under podman (#69462)
* ignore the missing `Networks` key, issue a warning that network disconnection won't function
2020-05-12 10:46:22 -07:00
Mark Goddard
aa36b02ede
Fix fileglob plugin with non-existent subdirectory (#69451)
Since Ansible 2.9.8, if the fileglob plugin is passed a path containing
a subdirectory of a non-existent directory, it will fail. For example:

lookup('fileglob', '/'): ok
lookup('fileglob', '/foo'): (non-existent): ok
lookup('fileglob', '/foo/bar'): (non-existent): FAIL

The exact error depends on Python 2 or 3, but here is the error on
Python 2:

    AttributeError: 'NoneType' object has no attribute 'endswith'

And on Python 3:

    TypeError: expected str, bytes or os.PathLike object, not NoneType

This change fixes the issue by skipping paths that are falsey before
passing them to os.path.join().

Fixes: #69450
2020-05-12 09:12:21 -04:00
Martin Krizek
9645304da3
Validate args for includes in handlers too (#57537) 2020-05-12 09:35:58 +02:00
Rylan Polster
eb40ecc843
Check for correct version of systemd Python library (#60692)
Fix issue where some versions of systemd don't have journal.sendv
2020-05-12 11:01:08 +05:30
Brian Coca
96f504cd11 added missing clog for 58461 2020-05-11 15:09:24 -07:00
Adrian Likins
cd8dd4a272
Fix galaxy publish sha256 value format. (#67942)
* Fix galaxy publish sha256 value format.

The multipart/form content used for the body
of the POST to /api/automation-hub/v3/collections
was missing a newline before the line with the value
of the sha256.

automation-hub/galaxy/django skips the field entirely in
that case and automation-hub code will use None for default
to indicate that no sha256 is provided (an available option).

Fixes ansible/galaxy-dev#246

* Add changelog fragment

Co-authored-by: Matt Martz <matt@sivel.net>
2020-05-11 12:52:38 -05:00
Rick Elrod
de59b17c7f
Add Fedora 32 to CI (#69222)
Change:
Adds Fedora 32 to shippable and alters tests slightly for new Fedora.

Test Plan:
CI

Tickets:
Fixes #69230

Co-authored-by: Matt Clay <matt@mystile.com>
2020-05-08 18:59:43 -05:00
Abhijeet Kasurde
e28e86a428
hostname: PopOS support (#69295)
Added support for PopOS in hostname module.

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-05-07 15:36:14 -04:00
John R Barker
084587913a
validate-modules: deprecated modules in collections (#68646)
* validate-modules: deprecated modules in collections

In Collections a module is marked as deprecated via meta/routing.yml

Use this file, rather than the leading `_` as part of the deprecated
test.

* Correct variable

* review comments

* indentation

* Read routing.yml only once

* pep8

* Apply suggestions from code review

Co-authored-by: Matt Clay <matt@mystile.com>

* review: remove duplicated conditional

Co-authored-by: Matt Clay <matt@mystile.com>
2020-05-07 08:11:46 +01:00
Brian Coca
4e72ce805d
Order my dicts (#58000)
* use orderdict for yaml dictionaries

* clog

* SSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS

* allow user to toggle odict off

* removed config, since requored to load config

* remove unused import

* Update changelogs/fragments/yaml_orderd_mappings.yml

Co-authored-by: Matt Clay <matt@mystile.com>

* Update lib/ansible/parsing/yaml/objects.py

Co-authored-by: Matt Clay <matt@mystile.com>

* Update lib/ansible/parsing/yaml/objects.py

Co-authored-by: Matt Clay <matt@mystile.com>

Co-authored-by: Matt Clay <matt@mystile.com>
2020-05-06 11:05:37 -04:00
flowerysong
d446a4f70d
yum: avoid running non-yum modules via the action (#69296)
If the system's detected package manager is not yum or dnf it should
refuse to run without an explicit backend, instead of running the
non-yum module.
2020-05-05 11:48:54 -05:00
Abhijeet Kasurde
794d269a4d
Distribution: Add PopOS as Debian OS_FAMILY (#69294)
PopOS is a Debian based OS distribution, added support to detect
ansible_os_family as 'debian' instead of 'Pop!_OS'

Fixes: #69286

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-05-05 11:43:28 -05:00
Felix Fontein
947fa3bad3
ansible-test validate-modules: don't allow arbitrary lists and dicts for 'default', 'sample' and 'example' (#69287)
* Don't allow arbitrary lists and dicts for 'default', 'sample' and 'example'.

* Add changelog.

* Make compile with Python 2.
2020-05-05 11:38:10 -05:00
Toshio Kuratomi
049800c063 Fix metadata defaults
* Metadata defaults were not being set if only a few fields were missing.

* ansible-doc with no documentation and no status in metadata should
  return empty, just like if there was no documentation and no metadata
  at all.
2020-05-05 09:06:52 -07:00
Chris Holland
6d8cfcf539
Addressed FIXME's in hurd.py (Extracted functionality and exit early) (#69226)
* Addressed FIXME's in hurd.py

* Added changelog fragment

* Fix function order

* Added self reference

* Changed to 'is None'
2020-05-05 10:47:25 -05:00
Abhijeet Kasurde
8d43d79191
galaxy: Handle empty roles and collections (#69199)
Galaxy collection install command raised indexError,
when requirements.yml contains empty roles and collections.

This fix handles empty roles and/or empty collections.

Fixes: #68186

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-05-05 10:34:04 -05:00
Chris Holland
70219df905
Address FIXME's in sysctl.py (#69175)
* Address FIXME's in sysctl.py

* Added changelog fragment

* Updated check

* Update conditions

* if not instead of is None

* Restore and delete FIXME comments
2020-05-05 10:25:46 -05:00
Hideki Saito
a67d5dbcb7
Add example setting for collections_paths parameter to examples/ansible.cfg (#69018)
Signed-off-by: Hideki Saito <saito@fgrep.org>
2020-04-30 14:29:50 -05:00
David Shrewsbury
1142faa213
Do not pass file mode during recursive copy on symlink files. (#69011)
* Do not pass file mode during recursive copy on symlink files.

The 'file' module cannot deal with mode=preserve. Do not pass that
mode to the module when 'preserve' is used.

* Fix changelog fragment filename
2020-04-30 14:22:16 -05:00
Adam Miller
dba17aeb13
dnf allowerasing (#48319)
Add the ability to pass allowerasing to alter the dnf transaction
behavior.

Fixes #24161

This is effectively a port of the original pull request from
poettler-ric who has since abandoned the PR

    https://github.com/ansible/ansible/pull/34111

Signed-off-by: Adam Miller <admiller@redhat.com>
2020-04-30 09:33:05 +02:00
Rick Elrod
1c5c89baa6 Add RHEL 8.2 to CI
Change:
RHEL 8.2 GA was released this week, test it in CI instead of 8.1.

Test Plan:
CI

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-04-29 20:51:28 -05:00
Rick Elrod
f6cfcba346 [dnf] Make behavior/errors compatible for new DNF
Change:
Extend the logic for custom error handling in the dnf module, so that on
newer DNF (such as DNF that ships with modern Fedora 31 container
images, and ships with RHEL 8.2) we report errors consistently with
older DNF.

Test Plan:
Ran dnf integration tests against an old Fedora 31 container image and a
brand new Fedora 32 container image; tess passed on both.

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-04-29 20:51:28 -05:00
Abhijeet Kasurde
b437236633
Redirect inventory script links (#69143)
With inventory script migrated to their respective collection,
redirect links in documentation to their respective collection
location.

Fixes: #69139

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-04-29 16:05:39 -04:00
Matt Martz
bc41dd4514
Handle non-ascii paths during role installation. Fixes #69133 (#69213) 2020-04-28 15:33:44 -05:00
Brian Coca
babac66f9c
Be strict about what is a boolean for keywords (#67625)
* be strict about what is a boolean for keywords

 - found and fixed typo in test , 'yes' != 'yes.'
2020-04-28 13:55:26 -04:00
David Shrewsbury
ff47d3f766
Make sure collection is a list if a str is given (#69081)
* Make sure collection is a list if a str is given

* Call field validation early on collections

Because we are doing work on modifying the collections value before
it is actually validated, we can validate it ourselves early to make
sure the user supplies either a string or list. Dicts are not valid.

The new validation allows us to simplify the _ensure_default_collection()
function. And since the field is now static, we no longer need to specify
a default for it, which also allows us to simplify the function. Since
the default is now removed, we can also remove the sanity/ignore.txt entry
for collectionsearch.py.

New unit tests are added (and the existing one modified) that allow us to
make sure that we throw a parser error if a user specifies something other
than a string or list for the collections value everywhere it can be specified.

* Revert removing the collection default

The default is actually used, so restore it.

* Fix unit tests in test_helpers.py affected by early collection validation
2020-04-28 10:47:11 -05:00
Alexandre Chouinard
91bb5af688
Update ansible-galaxy to handle role requirements (#68288)
* Update galaxy role object to handle requirements

Co-Authored-By: Sandra McCann <samccann@redhat.com>
2020-04-28 10:42:57 -04:00
Chris Holland
d42151e676
Removed redundant conditional in paramiko_ssh.py (#69164)
* Removed redundant conditional

* Added changelog fragment

* Removed trailing whitespace
2020-04-28 10:36:22 -04:00
Chris Holland
339c442250
Added missing parameter (#69160)
The call to daemonize() in sysvinit.py was missing the module parameter included in the function definition in service.py.

This pull request simply adds that parameter, as the module is used for error handling in daemonize().
2020-04-28 15:31:48 +05:30
Matt Clay
a050d892d8 Remove obsolete vcenter setup from ansible-test. 2020-04-26 19:56:40 -07:00
Chih-Hsuan Yen
bd4fdb1ca2
service_facts: fix for systemd 245 (#68211)
* service_facts: fix for systemd 245

Since systemd 245, `systemctl list-unit-files` comes with a new column
"VENDOR PRESET" [1] and breaks the service_facts module:

$ ansible localhost -m service_facts
localhost | FAILED! => {
    "changed": false,
    "msg": "Malformed output discovered from systemd list-unit-files: auditd.service                             disabled        disabled     "
}

This patch drops the third column to make it work with old and new
systemd. With the new slice operation, IndexError instead of ValueError
is raised if the output contains less than 2 columns.

Test plan: running `ansible-test integration -v service_facts` on
up-to-date Arch Linux

[1] https://github.com/systemd/systemd/pull/14445

* add changelog

Signed-off-by: Rick Elrod <rick@elrod.me>

Co-authored-by: Rick Elrod <rick@elrod.me>
2020-04-24 18:26:42 -05:00
Matt Clay
d7da1d9bd0 Fix ansible-test coverage constraints. 2020-04-24 10:52:21 -07:00
Abhijeet Kasurde
572fe9e480
Adjust Openstack Inventory script path (#69058) 2020-04-24 11:15:51 +05:30
Abhijeet Kasurde
fce66b9707
Openstack inventory script moved to openstack.cloud (#68908)
Openstack dynamic inventory script is moved from community.general to
openstack.cloud, adjust the bot meta accordingly.

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-04-23 15:45:35 -04:00
Sylvia van Os
3f47610d94
Don't crash ansible-vault create when no arguments (#68667)
* Don't crash ansible-vault create when no arguments

* Add changelog entry
2020-04-23 15:15:25 -04:00
Jesse Pretorius (odyssey4me)
da390b297e [pip] Enable virtualenv_command to have arguments
Currently if virtualenv_command has arguments, then the
search for the binary in the path does not work so the
user has to specify the full path to it.

To allow arguments to be used without having to specify
the path to the binary, we split the module argument into
the command and anything after the first space.

This makes using this module argument more flexible and
user friendly.

Fixes: #52275
2020-04-23 18:13:30 +02:00
Matt Martz
f27c417fc4
Use Templar for galaxy skeletons (#69106)
* Use Templar for galaxy skeletons. Fixes #69104

* Update checksum, our templar doesn't remove trailing newline, jinja2 seems to remove it
2020-04-23 10:36:14 -05:00
Adam Miller
8b30360ca9
fixed handling of releasever for all known scenarios (#69057)
Signed-off-by: Adam Miller <admiller@redhat.com>
2020-04-23 09:02:00 +02:00
Rick Elrod
cace616aab
Filter BLACKLIST_EXTS in PluginLoader (#69029)
Change:
Rather than hardcoding .pyo and .pyc, filter on all BLACKLIST_EXTS in
the non-legacy logic of PluginLoader (_find_fq_plugin). The two harcoded
extensions are part of BLACKLIST_EXTS already and this simply adds the
rest of the blacklisted extensions to the check.

In addition, check .endswith() instead of an exact match of the suffix,
like everywhere else that uses BLACKLIST_EXTS. This allows for
blacklisting, for example, emacs's backup files which can appear after
any extension, leading to things like `foo.py~`.

Test Plan:
Ran `ansible-playbook` against a collection where a `foo.py~` module was
getting executed instead of `foo.py` which also appeared in the same
directory. `foo.py~` is no longer executed.

Tickets:
Fixes #22268
Refs #27235

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-04-22 17:20:12 -05:00
Matt Martz
da98fc267a
Allow a collection role to call a standalone role by default (#69102)
* Allow a collection role to call a standalone role by default. Fixes #69101

* tweaked changelog text

* Guard against NoneType

Co-authored-by: Matt Davis <nitzmahone@users.noreply.github.com>
2020-04-22 13:58:08 -05:00
rwagnergit
977b58740b
update ActionBase._low_level_execute_command to honor executable (#68315)
* update ActionBase._low_level_execute_command to honor executable

* adding changelog fragment

* renaming changelog fragment to .yml

* noop change to bump shippable

* adding raw_executable integration test

* copying aliases from raw

* removing blank lines

* skipping aix and freebsd

* noop to bump shippable

* moving tests to raw/

* removing become_method: sudo ; it doesn't work on AIX

* removing trailing blank line

* forcing become_method: su to try to get AIX to work

Co-authored-by: Rob Wagner <rob.wagner@sas.com>
2020-04-22 11:56:35 -05:00
Rick Elrod
2a90e9b615 Fix incorrect CVE reference in changelog fragment
Change:
This corrects an incorrect CVE identifier in the changelog entry for
CVE-2020-1735.

Test Plan:
N/A

Tickets:
Refs #67793, #68720

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-04-21 11:42:52 -07:00
David Shrewsbury
af44bd4ddd
Fix --start-at-task when skipping tasks with no name (#68951)
Using --start-at-task on a playbook with tasks with no name would fail
if those unnamed tasks were encountered before the targetted start task.
2020-04-21 09:39:17 +02:00
Martin Krizek
cb389f6c31
Prevent rewriting nested Block's data in filter_tagged_tasks (#68337)
This patch fixes the issue where nested Block copies were created from
incorrect Block object. This resulted in nested Blocks data like ``name``
or ``_uuid`` to contain values from the Block the filter_tagged_tasks
method was called on.
2020-04-21 09:36:35 +02:00
Matt Clay
122743ae30
Update ansible-test handling of delegation paths. (#69056) 2020-04-20 22:04:25 -07:00
Brian Coca
d3cab602a5
Fix fileglob when using 'file*' vs 'stuff/file*' (#68945)
* Fix fileglob when using 'file*' vs 'stuff/file*'

 when not having dir in glob, files/ subdir was being ignored.

* tests for fileglob
2020-04-17 09:51:05 -04:00
Abhijeet Kasurde
3591451bc7
include_role: Strictly check string datatype for *_from (#68958)
Strictly check string datatype for 'tasks_from', 'vars_from',
'defaults_from', and 'handlers_from' in include_role

Fixes: #68515

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-04-17 10:57:41 +05:30
Brian Coca
ac509d489b
Revert "stricter permissions on atomic_move when creating new file (#68970)" (#68983)
This reverts commit 566f2467f6.
2020-04-16 12:52:15 -04:00
Brian Coca
566f2467f6
stricter permissions on atomic_move when creating new file (#68970)
fixes #67794
  updated some tests that expected previous defaults
  CVE-2020-1736
2020-04-16 09:06:18 -04:00
Jordan Borean
de6b047fc3
Add variable for DEFAULT_NO_TARGET_SYSLOG (#68971)
* Add variable for DEFAULT_NO_TARGET_SYSLOG

* Added version_added to new var
2020-04-16 20:25:09 +10:00
Jordan Borean
702949e64c
windows - fix up env var quoting for unicode single quotes (#68968)
* windows - fix up env var quoting for unicode single quotes

* Add sanity ignore check for smart quotes
2020-04-16 20:24:23 +10:00
Yanis Guenane
46d82179d8
Testing: Add support for CentOS Linux On Power platform (#68130)
* Testing: Add CentOS Linux On Power platform

* Add arch designation to remotes.

This avoids overloading the provider with the arch.

Also add a changelog entry.

Co-authored-by: Matt Clay <matt@mystile.com>
2020-04-15 16:22:17 -07:00
Abhijeet Kasurde
6493a190f6
docs: Update inventory script paths (#68905)
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-04-15 16:29:55 -04:00
Sam Doran
cdb24e0078
ansible-galaxy - fix listing specific role and role description (#67409)
* ansible-galaxy - fix listing specific role

If the role was not in the first search path, it was reported as not found

* Properly display role description

Default to description to top level description, falling back to the description from within galaxy_info

* Display proper message when a role does not exist

* Add integration tests

* Use context manager

* BSD and macOS ruining all the fun
2020-04-15 15:26:45 -04:00
Martin Krizek
ff1ba39c8a
Prevent templating unused variables for {%include%} (#68749)
Fixes #68699
2020-04-14 10:27:02 +02:00
Mads Jensen
eaf648e600
Use context manager in yum module. (#65376) 2020-04-14 09:21:22 +02:00
Brian Coca
8077d8e401
avoid mkdir -p (#68921)
* also consolidated temp dir name generation, added pid for more 'uniqness'
* generalize error message
* added notes about remote expansion

CVE-2020-1733
fixes #67791
2020-04-13 17:16:29 -04:00
David Shrewsbury
18a66e291d
Force collections to be static (#68723)
* Force collections to be static

Templating of collection names does not work at all. Force them to
be static so that a warning is generated for the user.

* Add collectionsearch unit test and fix for reviews

New unit test validates the new _load_collections() code and moves
the new check to the end of the method.

* Change unit test to pytest

* Adjust unit test to use capsys instead of monkeypatch

* Fix pep8 error

* Add changelog fragment

Closes #68704
2020-04-13 11:53:05 -05:00
Sloane Hertel
d91658ec0c
subversion module - provide password securely when possible or warn (#67829)
* subversion module - provide password securely with svn command line option --password-from-stdin when possible, and provide a warning otherwise.
* Update lib/ansible/modules/source_control/subversion.py.
* Add a test.

Co-authored-by: Sam Doran <sdoran@redhat.com>
2020-04-13 10:21:10 -04:00
Zhanwei Wang
1097694355
get_url pass incorrect If-Modified-Since header(#67417) (#67419)
Fix #67417. HTTP header value of `If-Modified-Since` set by `get_url` does not follow HTTP protocol.
2020-04-10 12:17:55 -05:00
Matt Clay
a095172130 Fix ansible-test --docker without tests dir. 2020-04-09 18:12:21 -07:00
Matt Martz
d86d20a378
Fix label lookup in the default callback for includes (#68822)
* Replace included_file._args w/ included_file._vars

* Fix item value in output of include_tasks loop

Signed-off-by: Yadnyawalk Tale <ytale@redhat.com>

* Update tests for loop callback fix. Add changelog

Co-authored-by: Yadnyawalk Tale <ytale@redhat.com>

Fixes #65904
Fixes #66018
2020-04-09 13:27:58 -05:00
Abhijeet Kasurde
0f8937f2ed
basic: Update required library message (#68657)
Updated missing_required_lib API message.

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-04-09 11:49:04 -04:00
Felix Fontein
bae5f18f5c
ansible-test: don't trigger full CI run for changes to changelogs/ and docs/ in collections (#68550)
* Don't trigger full CI run for changes to changelogs/ and docs/ in collections.

* Add changelog fragment.

* Update changelogs/fragments/68550-ansible-test-docs-changelogs.yml

Co-Authored-By: Matt Clay <matt@mystile.com>

Co-authored-by: Matt Clay <matt@mystile.com>
2020-04-09 02:53:34 -07:00
Rick Elrod
38b7ceb75a
Update docker.txt to use the OpenSUSE 15.1 container image (devel edition) (#68785)
* Update docker.txt to use the OpenSUSE 15.1 container image

Signed-off-by: Rick Elrod <rick@elrod.me>

* handle installing mysql on suse

Signed-off-by: Rick Elrod <rick@elrod.me>

* add changelog fragment

Signed-off-by: Rick Elrod <rick@elrod.me>

* Update changelogs/fragments/ansible-test-opensuse-15.1.yml

Co-Authored-By: Matt Clay <matt@mystile.com>

Co-authored-by: Matt Clay <matt@mystile.com>
2020-04-09 00:26:59 -07:00
Matt Clay
04edd77c42
Update tests to use RHEL 7.8. (#68787)
* Update tests to use RHEL 7.8.

Keeping support for RHEL 7.6 since collections are still using it.

* Fix tests for RHEL 7.7+ due to extras repo name change.
2020-04-08 21:09:52 -07:00
Chris Holland
c9c1146cc8
dnf: remove un-needed function (#68482) 2020-04-08 20:36:28 +02:00
Brian Coca
ba87c225cd
fixed fetch traversal from slurp (#68720)
* fixed fetch traversal from slurp

  * ignore slurp result for dest
  * fixed naming when source is relative
  * fixed bug in local connection plugin
  * added tests with fake slurp
  * moved existing role tests into runme.sh
  * normalized on action excepts
  * moved dest transform down to when needed
  * added is_subpath check
  * fixed bug in local connection

fixes #67793

CVE-2019-3828
2020-04-08 14:28:51 -04:00
Matt Martz
087be1da50
Allow tasks to notify a fqcn handler name (#68213)
* Allow tasks to notify a fqcn handler name

* Add tests. Fixes #68181

* Add changelog fragment

* Add test to ensure handlers are deduped properly with fqcn, role, and just handler names

* Add some docs about new special vars
2020-04-08 11:36:38 -05:00
Toshio Kuratomi
4f8e98d322 Update changelogs/fragments/allow-fail-json-msg-to-be-positional.yaml
Co-Authored-By: Matt Martz <matt@sivel.net>
2020-04-08 07:56:11 -07:00
Toshio Kuratomi
e0e7713fd8 Fix yaml in changelog 2020-04-08 07:56:11 -07:00
Toshio Kuratomi
6531ba38f8 Allow the msg argument to fail_json() to be a positional argument
fial_json() requires a message be given to it to inform the end user of
why the module failed.  Prior to this commit, the message had to be a
keyword argument:

    module.fail_json(msg='Failed due to error')

Since this is a required parameter, this commit allows the message to be
given as a positional argument instead:

   module.fail_json('Failed due to an error')
2020-04-08 07:56:11 -07:00
Matt Clay
148e83f832
Fix ansible-test submodule handling. (#68759)
* Refactor ansible-test integration test.
* Add env --list-files option.
* Add tests for collection files tracked by git.
* Fix ansible-test submodule usage on older git.
* Fix submodule directory detection as files.
* Improve handling of nested source control.
2020-04-08 01:15:49 -07:00
Rick Elrod
13aef3c2e5
Add --docker-terminate flag to ansible-test (#68688)
* Add --docker-terminate flag to ansible-test

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-04-06 20:38:29 -05:00
Rick Elrod
4916be24fd
[git] make force=True apply to git fetches (#68691)
Fixes #67972

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-04-06 15:25:24 -05:00
Matt Martz
123c624b28
Always set the discovered interpreter on the delegated host (#64906)
* Always set the discovered interpreter on the delegated host. Fixes #63180

* Make code a little more generic

* Move code into a function

* Implement some changes based on reviews

* Add changelog fragment
2020-04-06 15:09:00 -05:00
Rick Elrod
82c60db49b
pip - Fix check_mode for prerelease packages (#68690)
* pip - Fix check_mode for prerelease packages

Fixes #68592.

Signed-off-by: Rick Elrod <rick@elrod.me>
Co-authored-by: Matt Martz <matt@sivel.net>
2020-04-06 11:18:48 -05:00
Brian Coca
28f9fbdb5e
safely use vault to edit secrets (#68644)
* when possible, use filedescriptors from mkstemp to avoid race
  * when using path strings, ensure we are always creating the file

CVE-2020-1740
Fixes #67798

Co-authored-by: samdoran
2020-04-03 10:19:01 -04:00
Jordan Borean
ae1cd27b57
WebRequest - Fix use_proxy: no on module options (#68603)
* WebRequest - Fix use_proxy: no on module options

* Fix up changelog fragment
2020-04-02 07:17:50 +10:00
Matt Martz
f5178f9705
Reap collections changelog fragments - 5 (#68618)
* Reap collections changelog fragments - 5

* One more
2020-04-01 12:52:53 -05:00
Jordan Borean
6db66bcadd
Add relative module_util support for powershell (#68321)
* Add relative module_util support for powershell

* Added ansible-test classification support
2020-04-01 09:01:18 +10:00
Jordan Borean
a20a527014
ansible-galaxy - Fix tar path traversal issue during install - CVE-2020-10691 (#68596) 2020-04-01 06:39:02 +10:00
Andre Lehmann
a3d6b6bc48
Add pacman support to package_facts (#66596)
* Add pacman support
2020-03-31 13:03:54 -04:00
Matt Martz
d8d7a30ea6
Reap collections changelog fragments - 4 (#68570)
* Reap collections changelog fragments - 4

* Reap collections changelog fragments - 4
2020-03-30 14:57:37 -05:00
Matt Martz
2c294d0cbf
Reap collections changelog fragments - 3 (#68567) 2020-03-30 14:28:50 -05:00
Matt Martz
af27d1a5ad
Reap collections changelog fragments - 2 (#68565) 2020-03-30 14:06:08 -05:00
Matt Martz
5c7746e521
Remove changelog entries related to content that has migrated to collections (#68498)
* Reap changelog fragments

* remove changelogs/fragments/60510-k8s-apply-check-mode.yml

* Reap more

* Reap a few more
2020-03-30 11:47:53 -05:00
Matt Clay
735885d57c Fix ansible-test requirements installation. 2020-03-29 08:46:25 -07:00
Matt Clay
c888035e02
Update Ubuntu 18.04 test container to 1.13. (#68534) 2020-03-28 17:35:21 -07:00
Brian Coca
1570098e86
fallback to uid when no uname (#68466)
* fallback to uid when no uname

 fixes #68007

Co-Authored-By: Matt Clay <matt@mystile.com>
2020-03-27 22:09:51 -04:00
Rick Elrod
835ad75a0a
add test coverage for core filters (#68518)
Also remove now-useless exception handling.
2020-03-27 17:18:27 -07:00
Graham Mainwaring
2068131589
Fix colorization to not extend across newline boundary (#68517)
* Fix colorization to not extend across newline boundary

* Fix unit test to look for the newline outside the coloration

* Add changelog fragment
2020-03-27 17:10:38 -07:00
Matt Clay
53a3d1ffdb Fix ansible-test change detection traceback. 2020-03-27 15:56:02 -07:00
Matt Clay
d8b5c11a63 Report error for coverage 5+ in ansible-test. 2020-03-27 12:29:02 -07:00
Matt Clay
27fc049993
Fix ansible-test code coverage collection. (#68502)
The last task in a play should now properly report code coverage.

This change should also eliminate empty coverage files, as well as incomplete coverage files resulting from early worker termination.
2020-03-27 12:24:08 -07:00
Rick Elrod
3c3ffc09c2
Fix and add tests for some module_utils.common.validation (#67771)
* Fix test_check_mutually_exclusive exception-checking

Asserting inside of the `with` context of `pytest.raises`
doesn't actually have any effect. So we move the assert
out, using the exception that gets placed into the scope
after we leave the context, and ensure that it actually gets
checked.

This is also what the pytest documentation says to do:
https://docs.pytest.org/en/latest/assert.html#assertions-about-expected-exceptions

Signed-off-by: Rick Elrod <rick@elrod.me>

* Add some tests for check_required_together

Signed-off-by: Rick Elrod <rick@elrod.me>

* use to_native instead of str, for consistency

Signed-off-by: Rick Elrod <rick@elrod.me>

* Add newlines for pep8

Signed-off-by: Rick Elrod <rick@elrod.me>

* Add tests for check_required_arguments

Signed-off-by: Rick Elrod <rick@elrod.me>

* Sort missing keys in error message, since hashes are unsorted and this can be random

Signed-off-by: Rick Elrod <rick@elrod.me>

* Add changelog entry

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-03-26 18:18:56 -05:00
Brian Coca
6452a82452
fix vault temp file handling (#68433)
* fix vault tmpe file handling

 * use local temp dir instead of system temp
 * ensure each worker clears dataloader temp files
 * added test for dangling temp files
 * added notes to data loader

CVE-2020-10685
2020-03-25 15:24:04 -04:00
Jordan Borean
e12cea2c7c
ansible-test - fix up powershell module_util analysis for collections (#68422) 2020-03-24 23:44:50 -07:00
Jordan Borean
a2deeb8fa2
ansible-galaxy - add download option (#67632)
* ansible-galaxy - add download option

* Fix sanity issues and added integration tests

* Fix doc suggestions

* Added --pre option
2020-03-25 08:32:43 +10:00
Jordan Borean
127d54b363
galaxy - preserve mode properly on artifact (#68418)
* galaxy - preserve mode properly on artifact

* Fix py2 encoding issue

* Update lib/ansible/galaxy/collection.py

Co-Authored-By: Matt Clay <matt@mystile.com>

* Use sane defaults instead of sourcing from tarfile

Co-authored-by: Matt Clay <matt@mystile.com>
2020-03-25 08:08:23 +10:00
Brian Coca
a9d2ceafe4
prevent ansible_facts injection (#68431)
- also only replace when needed
 - switched from replace to index
 - added test to verify bogus_facts are not accepted

CVE-2020-10684
2020-03-24 15:46:56 -04:00
Martin Krizek
550e021cd2
ansible_native_concat: use to_text rather than jinja2's text_type (#68038)
jinja2._compat.text_type has been removed in jinja2's master branch so
use ansible's to_text instead.
2020-03-24 12:03:31 +01:00
Matt Martz
8d8c73729f
Merge pull request #67093 from sivel/acd-content-dir
Add content dir where Ansible will look for the content provided by ACD
2020-03-23 23:30:40 +01:00
Rick Elrod
dbd8d0a492
Pull timezone's incidental file coverage into file tests (#68247)
* Remove some unreachable code in the file module

Remove some cases in file.py which are covered by conditionals a few
lines earlier. Remove the duplicate code which will never be hit.

Signed-off-by: Rick Elrod <rick@elrod.me>

* Restore incidental file coverage from timezone module

Signed-off-by: Rick Elrod <rick@elrod.me>

* Combine two conditionals, add a changelog entry

Signed-off-by: Rick Elrod <rick@elrod.me>

* Make new test syntax consistent, add two stat tests

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-03-23 15:28:53 -07:00
Matt Martz
d3ec31f8d5
Support pre-releases via new SemanticVersion (#68258)
* Support pre-releases via new SemanticVersion. Fixes #64905

* Don't treat buildmeta as prerelease

* Don't inherit from str and int

* Add helper method to try and construct a SemanticVersion from a LooseVersion

* Don't count major 0 as pre-release, it's different

* Guard against invalid or no version in LooseVersion

* return a bool

* Add integration tests for pre-release

* Fix up lingering issues with comparisons

* typo fix

* Always allow pre-releases in verify

* Move pre-release filtering into CollectionRequirement, add messaging when a collection only contains pre-releases

* Update changelog

* If explicit requirement allow pre releases

* Enable pre-releases for tar installs, and collections already installed when they are pre-releases

* Drop --pre-release alias, make arg name more clear

* Simplify code into a single line

* Remove build metadata precedence, add some comments, and is_stable helper

* Improve from_loose_version

* Increase test coverage

* linting fix

* Update changelog
2020-03-23 16:04:07 -05:00
Matt Davis
ed9de94ad9
remove azure extras and extras_require support (#67822)
* remove azure extras and extras_require support

* Since Azure will be collectionized, the requirements will float more frequently than Ansible releases; the Azure collection needs to host the requirements now.
* Removed the dynamic extras support as well, since Azure was the only thing using it. If we need it again, it's easy to pull back from history.

* Mark azure-requirements as orhpaned.

This keeps the docs around so that existing links from old test runs remain valid.

Co-authored-by: Matt Clay <matt@mystile.com>
2020-03-23 13:07:33 -07:00
Matt Clay
f1b3e8364e Fix ansible-test PATH handling. 2020-03-23 13:06:03 -07:00
Matt Martz
ee6413af47
Address fixme and handle filter/test errors for collections better (#68047)
* Address fixme and handle fitler/test errors for collections better. Fixes #66721

* Re-arrange code
2020-03-23 14:47:58 -05:00
Jordan Borean
7c9889a72b validate-modules - fix ps module delegate type inspection 2020-03-23 11:14:21 -05:00
Matt Clay
10fe54de58 Fix ansible-test module_utils import analysis.
Now empty `*.py` files are ignored during module_utils import analysis for change detection.
This eliminates "No imports found" warnings for files which should have no imports.
2020-03-23 11:14:21 -05:00
Matt Clay
cf75e3f526 Fix ansible-test import analysis for collections. (#68352)
* Fix ansible-test import analysis for collections.

* Ignore plugins/module_utils/__init__.py
2020-03-23 11:14:21 -05:00