Commit graph

10700 commits

Author SHA1 Message Date
Jordan Borean
b615789fcc
psrp - fix hang when copying an empty file (#71649) 2020-09-05 14:57:15 +10:00
Matt Martz
48f12c14e9
AnsibleVaultEncryptedUnicode should be considered a string (#71609)
* AnsibleVaultEncryptedUnicode should be considered a string

* linting fix

* clog frag
2020-09-03 14:54:00 -05:00
Andrew Klychkov
d398a4b4f0
file: module should warn in check_mode when path and owner/group don't exist (#69640)
* file: module must fail in check_mode when path and owner/group don't exist
2020-09-03 09:11:50 -04:00
Martin Krizek
a3b954e5c9
Force template module to use non-native Jinja2 (#68560)
Fixes #46169
2020-09-03 09:01:34 +02:00
Matt Clay
3d769f3a76 Add pause to avoid same mtime in test. 2020-09-02 15:35:08 -07:00
Matt Martz
db98433e7a
Use InventoryManager for inventory_hostnames lookup (#71573)
* Use InventoryManager for inventory_hostnames lookup. Fixes #17268

* Add test for using patterns

* s/it's/its/

* Allow bypassing parse_sources in InventoryManager

* Remove unneeded method call
2020-09-02 15:42:09 -05:00
Matt Martz
05788c05d3 Remove incidental_postgresql_user tests 2020-09-02 13:14:04 -07:00
Rick Elrod
64e2b9da3b
[yum tests] add missing "always" block (#71564)
Change:
- So that if yum tests get re-run, we don't error out the second time.

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-09-02 11:35:20 -05:00
Rick Elrod
db519bc17c
[tests] Bump container versions (#71518)
Change:
- This pulls in python 3.9.0rc1

Test Plan:
- CI, hopefully

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-09-02 11:20:55 -05:00
Matt Clay
98febab975 Use new endpoint for Parallels based instances. 2020-09-01 13:20:20 -07:00
Tadej Borovšak
b9e2c4e37d
Add tests for ignore functionality of collection build (#69345)
In order to test this piece of functionality, we create a dedicated
collection that contains files that should be ignored when building
the collection tarball.

After the collection is built, we make sure the produced tarball does
not contain any files that should be ignored.
2020-09-01 11:51:35 -04:00
Abhijeet Kasurde
159544610e
get_url: Handle same SHA sum for downloaded files (#71435)
Fixes: #71420

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-09-01 09:55:08 -04:00
Rick Elrod
0f3b5bb4a6
[tests] fix fallout from dnf gpg fix (#71548)
Change:
- Missed needed gpg ignores

Test Plan:
- CI
- ci_complete

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-08-31 18:41:07 -05:00
Sam Doran
785012321f
Fix setup_paramiko test (#71547) 2020-08-31 15:39:41 -05:00
Rick Elrod
9bea33ffa3
[dnf] ensure packages are gpg-verified (#71537)
Change:
- By default the dnf API does not gpg-verify packages. This is a feature
  that is executed in its CLI code. It never made it into Ansible's
  usage of the API, so packages were previously not verified.
- This fixes CVE-2020-14365.

Test Plan:
- New integration tests

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-08-31 10:47:38 -04:00
Martin Krizek
d083307e36
Set global skipped result flag for looped tasks (#67847)
This allows for the skipped filter to be used on a registered looped
task results.

Fixes #16949
2020-08-28 08:01:26 +02:00
Matt Clay
2bbcbe99fd Support macOS 10.15 for ansible-test --remote.
Use of this new version is experimental, so it is not enabled in CI yet.
2020-08-27 15:48:11 -07:00
Martin Krizek
fbdfb85c20
Remove duplicate unit test (#71488)
test_dict_undefined_values is a duplicate of test_dict_undefined_values_is_defined.
It seems originally test_dict_undefined_values was supposed
to do what test_dict_undefined_values_bare does so it is safe to remove.
2020-08-27 15:55:30 -04:00
Martin Krizek
50f221c63e
Fix incorrect msg in the results dict in loops (#71482) 2020-08-27 15:49:53 -04:00
Matt Martz
a1a624b150
Normalize how None is handled in quote filter. Fixes #32174 (#71473) 2020-08-27 15:42:56 -04:00
Matt Martz
fdf5dd02b3
Updates for password hashing (#71120)
* Validate salt when using crypt. Respect salt_size in password lookup. Repair salt for bcrypt. Fixes #71107. Fixes #53750. Fixes #36129.

* Handle algorithms we don't know about, and make sure to return the salt

* Account for old passlib

* Add tests for salt constraints

* Add changelog fragment

* Add test for #36129
2020-08-26 14:54:38 -05:00
Martin Krizek
9792d631b1
_check_failed_state: always use the current/nested state (#71347)
Fixes #71306
2020-08-26 07:07:34 +02:00
Matt Clay
f5b6df14ab
Fix ansible-test coverage traceback. (#71446)
* Add integration test for ansible-test coverage.

* Fix ansible-test coverage traceback.

* Fix coverage reporting on Python 2.6.
2020-08-25 21:23:44 -07:00
Jordan Borean
72a7cb4a2c
powershell - fix quoting values (#71411)
* powershell - fix quoting values

* Add ignore for smart quote skip
2020-08-26 07:06:51 +10:00
Jordan Borean
8897d7e2ff
powershell - fix nested CLIXML parser (#71412) 2020-08-26 07:06:19 +10:00
Matt Clay
d099591964
Update ansible-test remote endpoint handling. (#71413)
* Request ansible-core-ci resources by provider.
* Remove obsolete us-east-2 CI endpoint.
* Add new --remote-endpoint option.
* Add warning for --remote-aws-region option.
* Update service endpoints.
* Allow non-standard remote stages.
* Add changelog fragment.
2020-08-24 15:17:03 -07:00
Sloane Hertel
1425e3597b
Allow meta tasks to use tags (#67508)
* Support tags for explicit meta tasks

Add --list-tasks tests for meta tags

Add breaking_changes changelog fragment and porting guide
2020-08-21 11:08:49 -04:00
Rick Elrod
e5bb7b1a16
Add skip_reason to meta task skips (#71355)
Change:
- Make them more consistent with other tasks.

Test Plan:
- CI, new test

Tickets:
- Refs #71009

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-08-20 13:48:10 -05:00
Martin Krizek
2675768e3d
Make noop tasks implicit (#71344)
Signed-off-by: Rick Elrod <rick@elrod.me>
Co-authored-by: Rick Elrod <rick@elrod.me>
2020-08-19 13:10:54 -05:00
Brian Coca
f8aa307659
add extra vars to inventory plugins (#70970)
* add extra vars to inventory plugins
* disable by default for backwards compat
* also allow extra vars for options
2020-08-19 12:56:28 -04:00
Rick Elrod
ea58d7c233
Make it so callback plugins can act on implicit/explicit meta tasks (#71009)
Change:
- Now sends meta tasks to the task start callback
- Lets callback plugins opt-in to receiving implicit tasks

Test Plan:
- New integration tests

Tickets:
- Indirectly fixes #71007 by allowing custom callbacks with this data

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-08-18 16:56:48 -05:00
Abhijeet Kasurde
4f993922c8
Add documentation about info/facts module development (#71250)
Fixes: #40151

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-08-18 15:56:43 -04:00
David Shrewsbury
f2f6c34632
Fix play stats when rescue block is a child block (#70922)
* check run state of current block only

* Add changelog and test

* Add test for issue 29047

* Fix for both tests

* blerg

* Change test messages

* fix tests

* Add multi-level block in rescue test case

* Add recursive rescue check and multi-level test

* Should probably run the new test

* ci_complete

* Merge new tests

* ci_complete
2020-08-18 11:20:55 +02:00
Matt Martz
6289570234
epoch can be a float with strftime filter. Fixes #71257 (#71314) 2020-08-17 13:46:49 -05:00
Edwin Hermans
eb8b3a8479
get_url - Allow checksum file to be local file:// url (#71205)
This would be a partial solution for #69364 in that the SHASUMS file can be downloaded and gpg verified but then used from the downloaded location to verify the get_url's file.
* Make checksum url parsing more explicit

Use urlsplit to test if the checksum string has a (currently tested and) supported url scheme.

* Fix whitespace
* Changelog fragment
* Added tests
* Fix typo in test setup
2020-08-17 12:21:15 -04:00
Lorenzo Castelli
a1a50bb3cd
systemd - supports new systemctl output message for chroot (#71197)
The message generated by systemctl has been updated in 9321e23c40, which requires a corresponding change in the systemd module.

In addition, this fixes the module when the SYSTEMD_OFFLINE environment variable is set.
2020-08-17 12:09:07 -04:00
Matt Martz
5821128995
Allow callbacks from forks (#70501)
* POC for supporting callback events that come from the worker

* linting fixes. ci_complete

* fix up units. ci_complete

* Try moving the sentinel put higher. ci_complete

* safeguards. ci_complete

* Move queue killing to terminate

* LINTING. ci_complete

* Subclass Queue, to add helper send_callback method

* Just use _final_q instead of adding another queue and thread

* Revert a few changes

* Add helper for inserting a TaskResult into the _final_q

* Add changelog fragment

* Address rebase issue

* ci_complete

* Add test to assert async poll callback from fork

* Don't use full path

* ci_complete

* Use _results_lock as a context manager

* Add new generic lock decorator, and use it with send_callback
2020-08-17 10:51:01 -05:00
Toshio Kuratomi
d816a5966e Force an upgrade to a newer version of antsibull 2020-08-14 13:01:29 -07:00
Florent PIGOUT
336c176ebc
Fix cron file regression (#71207) 2020-08-12 14:04:29 -05:00
Sam Doran
888be697cb
Revert "Change default file permissions so they are not world readable (#70221)" (#71231)
* Revert "Change default file permissions so they are not world readable (#70221)"

This reverts commit 5260527c4a.

* Revert "Fix warning for new default permissions when mode is not specified (#70976)"

This reverts commit dc79528cc6.
2020-08-12 12:29:04 -05:00
Matt Martz
c59472715a
Add support for non-yaml EXAMPLES (#71184)
* Add support for non-yaml EXAMPLES

* Make pattern raw string

* fmt tag should be the first non-whitespace line

* Add changelog fragment
2020-08-12 09:17:45 -05:00
Martin Krizek
b66d66027e
Skip literal_eval for string filters results in native jinja. (#70988)
Fixes #70831
2020-08-11 10:19:49 +02:00
Matt Martz
ae1291004e
Make sure that apache2-webdav related packages get upgraded (#71187) 2020-08-10 13:10:20 -04:00
Rick Elrod
80ad1a17df
Remove incidental_lvg target (#71174)
Change:
- This no longer has any incidental coverage.

Test Plan:
- Coverage report

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-08-10 00:34:34 -05:00
Rick Elrod
4f54fb8d43
Remove incidental azure tests (#71164)
Change:
- All incidental coverage from these tests has moved to intentional
  coverage.

Test Plan:
- CI

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-08-08 00:56:53 -05:00
Jordan Borean
3f22f79e73
Ensure -k is set to delegated hosts without a pass (#71136)
* Ensure -k is set to delegated hosts without a pass

* Fix up some broken tests

* Update task_executor.py

one possible fix, the other is updating winrm to normalize on 'password' like the other connection plugins

* Add alias for winrm and fix incorrect assumption

* Make sure aliases are used for keyword options

* Conditionally run test if sshpass is present, fix sanity

Co-authored-by: Brian Coca <bcoca@users.noreply.github.com>
2020-08-08 09:06:32 +10:00
Matt Martz
7c60dadb9a
Updates to Integration tests to pass against Alpine (#70946)
* Start of alpine testing

* More updates

* Add forgotten file

* remove debug

* Add alpine3

* equal

* group 4

* group 4

* group 5

* Try to decrease test length

* libuser only available in testing

* Remove debug

* Make loops target work on hosts without gnu date

* Enable alpine testing

* ci_complete

* Don't specify uid for creating test user

* ci_complete

* Re-sort docker completion

* use newer container image

* ci_complete

* fix indentation

Co-authored-by: Matt Clay <matt@mystile.com>

Co-authored-by: Matt Clay <matt@mystile.com>
2020-08-07 14:28:10 -05:00
Matt Martz
410b6a7109
Update integration tests to support rpmfluff-0.6 (#71155) 2020-08-07 14:09:09 -05:00
Felix Fontein
050841324c
ansible-test: bump acme test container version to 2.0.0 (#71097) 2020-08-07 09:34:52 -07:00
Sam Doran
6ac4439a6a
Drop "rhui-" prefix from RHEL repositories in AMI (#71130)
The repository names seem to have changed and no longer have the "rhui-" prefix
2020-08-06 16:07:35 -05:00
Felix Fontein
fbfc0f99eb
Make changelog tool be more strict about suffixes (#70909)
* Bump antsibull-changelog version.

* Flag all dotfiles, except .keep and .gitkeep.

* Enable ignoring other fragment extensions.
2020-08-06 10:49:39 -05:00
Toshio Kuratomi
fb144c4414
Update ansible doc formats (#71070)
* Fix tty_ify bugs and refactor

* Move tty_ify() and supporting attributes to the DocCLI class as that's
  the only thing using it.
* Add unittest for the code.
* Fix a bug where the substitution macros can be detected when they are
  a part of another word.
* Add support for L(), R(), and HORIZONTALLINE which were added to the
  website docs many years ago.

* Update test/units/cli/test_doc.py

Co-authored-by: Matt Clay <matt@mystile.com>

Co-authored-by: Matt Clay <matt@mystile.com>
2020-08-05 10:53:25 -07:00
Brian Coca
662d34b9a7
add jinja2 global to reserved names (#71088)
* add jinja2 global to reserved names

  also allow expansion by additional context provided from caller

  fixes #41955

Co-authored-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-08-05 10:43:31 -04:00
Abhijeet Kasurde
504ef607f3
Misc typo fixes (#71089) 2020-08-05 10:16:44 +05:30
Brian Coca
f9af27c631
dont clobber facts in loop (#71032)
* dont clobber facts in loop

	fixes #71031
2020-08-04 15:41:42 -04:00
Rick Elrod
0d7c144ce4
Allow macOS ACLs to work for unpriv -> unpriv (#70785)
Change:
- Use `chmod +a` in the fallback chain to allow MacOS to use ACLs to
  allow an unprivileged user to become an unprivileged user.

Test Plan:
- CI, new tests

Tickets:
- Fixes #70648

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-08-04 14:32:48 -04:00
Matt Martz
4e27569347
Add more include and yaml parsing tests (#70506)
These additional tests should provide coverage for features currently tested by the postgres incidental tests.
2020-08-04 11:24:52 -07:00
Rick Elrod
cdcf0aa42a
Intentional coverage, incidental_azure_rm_resource (#71052)
Change:
- Adds some intentional coverage around PluginLoader for cases that
  incidental_azure_rm_resource covered.
- Specifically, modules starting with an underscore, and starting with
  an underscore but a symlink.

Test Plan:
- CI

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-08-04 12:53:31 -05:00
Rick Elrod
8af3079640
Add intentional coverage for incidental_lvg (#71043)
Change:
- Add hardware_facts test target which manually sets up some LVM devices
  and tests facts against them.

Test Plan:
- New integration tests

Tickets:
- Refs #71041 and #71042 both of which I discovered during this

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-08-04 12:52:38 -05:00
Rick Elrod
810a9a5593
find: Allow reading whole file for contains regex (#71083)
Change:
- Add a parameter `read_whole_file` which allows for reading the whole
  file when doing a `contains` regex search.
- This allows for (for example) matching a pattern at the very end of
  a file.

Test Plan:
- New integration tests

Tickets:
- Fixes #63378

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-08-04 12:49:45 -05:00
Martin Krizek
5ca3aec3c4
native types: properly handle Undefined in nested data (#68432) 2020-08-04 19:06:07 +02:00
Rick Elrod
3bec27dc34
Allow cache_timeout=0 to reach inv. cache plugins (#70977)
Change:
- Previously, `cache_timeout=0` was seen as falsey and not passed along
  to cache plugins as an option. Now only "nulley" values are not sent.

Test Plan:
- New integration tests

Tickets:
- Fixes #70702

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-08-04 11:54:28 -05:00
Jordan Borean
f6b3b4b430
ansible-galaxy - fix download for subdirs in SCM (#71005) 2020-08-04 11:10:00 -04:00
Matt Davis
86b6c4bbb6
fix collection package root location under pytest >=6.0.0 (#70963) 2020-08-03 17:31:32 -07:00
Matt Clay
b53e7f8720 Fix ansible-test self-test change classification.
Changes to sanity and unit tests now trigger the ansible-test self-test integration tests.

No changelog entry since this only affects tests for ansible itself and not collections.
2020-08-03 15:24:54 -07:00
Rick Elrod
7f62a9d7b5
Make cache adjudicator's flush call plugin flush (#70987)
Change:
- Previously CachePluginAdjudicator#flush only removed entries from the
  cache backend that it knew about by using them earlier. Now it calls
  the underlying plugin's flush() method.

Test Plan:
- New unit tests

Tickets:
- Fixes #68770

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-08-03 17:16:15 -05:00
Toshio Kuratomi
e10902d744
Add the ansible_2_10 intersphinx reference. (#71028)
There are links from the scenario guides to collections but collections
docs aren't built in testing or locally when we're on the devel branch.
Due to that we need to make sure those references resolve to the
production docsite.  We can use intersphinx to make sure that happens.

* The test for binary files wasn't reading enough of the file.

Checking for null bytes in the first 1024 bytes failed to diagnose the
ansible_2_10.inv file as binary
2020-08-03 12:31:36 -05:00
Sloane Hertel
991714b9d1
copy - redact 'content' from invocation in check mode (#71033)
* sanitize copy module invocation secrets in check mode
2020-08-03 11:41:45 -04:00
Rick Elrod
74c14c6743
Strip spaces in module names in explicit actions (#71040)
* Strip spaces in module names in explicit actions

Change:
- When an action is called like "action: copy foo=bar", strip spaces
  around the action name.
- This allows "action: copy        foo=bar" to work as expected.

Test Plan:
- New integration tests

Tickets:
- Fixes #62136

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-08-03 11:30:45 -04:00
Ganesh Nalawade
6160e82bf2
Update network integration auth timeout (#71057)
*  Incase of network integration test for connection local
   test the paramiko_ssh auth_timeout is the value of timeout
   under defaults section which is 10 seconds.
*  For slower connection 10sec timout value result in authentication
   timeout error hence increase the timeout value to 90 seconds
2020-08-03 19:28:30 +05:30
Rick Elrod
96aa81e8ff
Remove incidental_azure_rm_mariadbserver tests (#71037)
Change:
- Remove incidental test which has no remaining incidental coverage.

Test Plan:
- CI

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-08-01 15:34:35 -05:00
Sam Doran
f99f96ceb6
Fix unstable unarchive test (#71004)
* Add mode to copy tasks
* Fix unreliable test by ignoring errors
2020-07-30 19:25:45 -04:00
Martin Krizek
bf7276a4e8
Emit proper error for x in y when y is undefined (#70990)
Fixes #70984
2020-07-30 15:57:01 -04:00
Philip Douglass
ac5f3f8bef
unarchive - Check 'fut_gid' against 'run_gid' in addition to supplemental groups (#65666)
Add integration tests for unarchiving as unprivileged user
Break tasks into separate files for easier reading and maintenance

Create a user by specifying a default group of 'staff' for macOS.

The user module does not actually remove the user directory on macOS,
so explicitly remove it.

Put the removal tasks in an always block to ensure they always run

Co-authored-by: Philip Douglass <philip.douglass@amadeus.com>
Co-authored-by: Sam Doran <sdoran@redhat.com>
2020-07-30 15:28:05 -04:00
Sloane Hertel
54e2ae79e7
fix downloading collections in git repos and tar.gz artifacts (#70524)
* Fix downloading tar files

* Fix downloading SCM collections

* changelog
2020-07-30 13:55:29 -04:00
Sam Doran
e6bf202738
linux facts - return proper broadcast address (#64528)
* linux facts - return proper broadcast address

Check that the value being returned is actually a broadcast address

* Add tests

* Cleanup tests
2020-07-30 19:40:14 +02:00
Sam Doran
c4f442ed5a
facts - fix incorrect time for some date_time_facts (#70665)
The iso8601_micro and iso8601 facts incorrectly called now.utcnow(), resulting
in a new timestamp at the time it was called, not a conversion of the previously
stored timestamp.

Correct this by capturing the UTC timestamp once then calculating the local
time using the UTC offset of the current system.

* Use time.time() for getting the current time
* Convert from that stored epoch timestamp to local and UTC times
* Used existing timestamp for epoch time
* Add unit tests that validate the formate of the return value rather than an exact value since mocking time and timezone is non-trivial
2020-07-30 11:39:58 -04:00
Matt Clay
2e0097ada3 Fix ansible-test relative import analysis. 2020-07-30 08:05:28 -07:00
Sam Doran
dc79528cc6
Fix warning for new default permissions when mode is not specified (#70976)
Follow up to #70221
Related to #67794
CVE-2020-1736

When set_mode_if_different() is called with mode of 'None', ensure we issue
a warning about the change in default permissions.

Add integration tests to ensure the warning works properly.

* Fix tests
- actually use custom module 🤦‍♂️
- verify file permission on created files
- use remote_tmp_dir so we're ready for split controller
- improve test module so we can skip the call to set_fs_attributes_if_different()
- fix tests for CentOS 6
2020-07-30 00:05:29 -04:00
Rick Elrod
14dc4de424
Update docs for --tags default, and add some tests (#70939)
Change:
- Clarify that not passing `--tags` will cause `ansible_run_tags` to
  default to `["all"]`.
- Add some extra coverage around `ansible_run_tags`

Test Plan:
- New integration and unit tests

Tickets:
- Fixes #69619

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-07-29 17:16:57 -05:00
Jordan Borean
b1cb2553af
ansible-galaxy - fix fallback for AH searches (#70957) 2020-07-30 07:28:43 +10:00
Rick Elrod
20a7476064
git: verify, only use --raw when we need it (#70900)
Change:
- Allow older git to verify tags again
- Enable verification tests everywhere, even if most of them only work
  on newer git. Some of them work on older git and they test the --raw
  parameter.

Test Plan:
- Re-enabled subset of git tests

Tickets:
- Fixes #64469

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-07-29 10:45:51 -05:00
Brian Coca
f9c3c6cba6
Allow changed/failed mgmt on strategy actions (#70919)
* Allow changed/failed mgmt on strategy actions
2020-07-29 10:44:46 -04:00
Matt Clay
3a8ac62596 Cap pytest version to avoid relative import issue. 2020-07-28 14:51:39 -07:00
Sloane Hertel
5c8520fbd9
Fix verbosity for var_templating test (#70943)
* Fix verbosity for var_templating test

Display the subtests

* fix specificity and set ANSIBLE_BECOME_ALLOW_SAME_USER

Co-authored-by: Matt Martz <matt@sivel.net>

Co-authored-by: Matt Martz <matt@sivel.net>
2020-07-28 12:02:43 -05:00
Rick Elrod
7d32129efb
[dnf] show installations/removals in check_mode (#70892)
Change:
- Previously, we only showed that something would have changed, not what
  would have changed. This allows us to show what will chang as well.

Test Plan:
- Local RHEL8 VM
- New integration tests

Tickets:
- Fixes #66132

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-07-28 11:23:55 -04:00
Felix Fontein
7e2cc7db12
validate-modules: fix version_added validation for top-level, fix error codes (#70869)
* Also validate top-level version_added.

* Fix error code.

* Produce same version_added validation error in schema than in code (and stop returning it twice).

* Return correct error codes for invalid version_added for options and return values.

* Add changelog.

* Fix forgotten closing braket.

* Accept 'historical' for some top-level version_added.
2020-07-28 10:10:35 -05:00
Rick Elrod
be4be926c4
subversion Give subversion module a validate_certs option (#70890)
* Give subversion module a validate_certs option

Change:
- Add `validate_certs` option to subversion module. Defaults to off for
  backwards compatibility.

Tickets:
- Fixes #22599

Signed-off-by: Rick Elrod <rick@elrod.me>

* Update changelogs/fragments/22599_svn_validate_certs.yml

Co-authored-by: Abhijeet Kasurde <akasurde@redhat.com>

* test verify_certs codepaths

Signed-off-by: Rick Elrod <rick@elrod.me>

Co-authored-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-07-27 14:18:54 -04:00
Amin Vakil
9d2982549d
dnf: Add nobest option (#70318)
* dnf: Add nobest option

* dnf: Fix indent, add nobest specifically to dnf not yum

* Add changelog for dnf: add nobest option

* dnf: Add nobest to yumdnf module argument_spec

* dnf: remove nobest from module paramaters in yumdnf.py

* dnf: Add test for nobest option

* dnf: Cleanup packages in nobest test at last

* dnf: Cleanup manually added repos in nobest test at last

* dnf: Remove dnf-plugins-core as well in nobest test

* dnf: Change nobest release version to 2.11

* Change changelog number according to change in PR number

* Change changelog number according to change in PR number
2020-07-27 12:02:07 +02:00
Brian Coca
1223ce656a
reset logging to INFO (#70878)
- due to CVE-2019-14846
 - also added comments and test to avoid 'oportunistic' reversion
2020-07-24 15:53:17 -04:00
Matt Clay
8b96caf712
Update ansible-base test container to 1.5.0. (#70856) 2020-07-23 20:49:57 -05:00
Jordan Borean
5e1a968983
Do not add connection vars to the output results (#70853)
* Do not add connection vars to the output results

* Also revert the delgated scenario JIC

* Added regression test
2020-07-24 09:53:08 +10:00
Matt Davis
4c0af6c808
fix internal cases of actions calling unqualified module names (#70818)
* fix internal cases of actions calling unqualified module names

* add porting_guide entry
* misc other fixes around action/module resolution broken by redirection

ci_complete

* Update docs/docsite/rst/porting_guides/porting_guide_2.10.rst

Co-authored-by: Rick Elrod <rick@elrod.me>

* Update docs/docsite/rst/porting_guides/porting_guide_2.10.rst

Co-authored-by: Rick Elrod <rick@elrod.me>

* address review feedback

* pep8

* unit test fixes

* win fixes

* gather_facts fix module args ignores

* docs sanity

* pep8

* fix timeout test

* fix win name rewrites

Co-authored-by: Rick Elrod <rick@elrod.me>
2020-07-23 09:02:57 -07:00
Abhijeet Kasurde
e439194c8c
basic: Add name of aliases in error message (#69427)
With this patch, user will be notified with available aliases
of arg parameter.

Fixes: #58752

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-07-23 16:02:18 +05:30
Sam Doran
5260527c4a
Change default file permissions so they are not world readable (#70221)
* Change default file permissions so they are not world readable

CVE-2020-1736

Set the default permissions for files we create with atomic_move() to 0o0660. Track
which files we create that did not exist and warn if the module supports 'mode'
and it was not specified and the module did not call set_mode_if_different(). This allows the user to take action and specify a mode rather than using the defaults.

A code audit is needed to find all instances of modules that call atomic_move()
but do not call set_mode_if_different(). The findings need to be documented in
a changelog since we are not warning. Warning in those instances would be frustrating
to the user since they have no way to change the module code.

- use a set for storing list of created files
- just check the argument spac and params rather than using another property
- improve the warning message to include the default permissions
2020-07-22 17:05:38 -04:00
David Shrewsbury
bf98f031f3
Sanitize URI module keys with no_log values (#70762)
* Add sanitize_keys() to module_utils.

* More robust tests

* Revert 69653 change

* Allow list or dict

* fix pep8

* Sanitize lists within dict values

* words

* First pass at uri module

* Fix insane sanity tests

* fix integration tests

* Add changelog

* Remove unit test introduced in 69653

* Add ignore_keys param

* Sanitize all-the-things

* Ignore '_ansible*' keys

* cleanup

* Use module.no_log_values

* Avoid deep recursion issues by using deferred removal structure.

* Nit cleanups

* Add doc blurb

* spelling

* ci_complete
2020-07-22 14:49:37 -05:00
Brian Coca
84adaba6f5
Allow hostvars delegation (#70331)
* ensure hostvars are available on delegation
* also inventory_hostname must point to current host and not delegated one
* fix get_connection since it was still mixing original host vars and delegated ones
* also return connection vars for delegation and non delegation alike
* add test to ensure we have expected usage when directly assigning for non delegated host
2020-07-22 11:13:57 -04:00
Matt Martz
96b74d3e0b
Ensure single vaulted values aren't counted as sequences. Fixes #70784 (#70786) 2020-07-21 16:48:35 -05:00
Baptiste Mille-Mathias
0ead4306a8
user - Create home and parent directories only when requested (#70600)
The home user and the parents directories should only be created when
create_home == True
2020-07-21 15:50:44 -04:00
psi / Ryo Hirafuji
5ce47646ad
cron - Allow non-ascii (UTF-8) chars in cron file paths and jobs (#70426)
* Encode/Decode files in UTF-8
* Use helper function in ansible
* Add an integration test
* Use emoji in test data.
* add changelog
* Also support non-ascii chars in filepath and add tests about this.
* Also use non-ascii chars in replaced text and ensure not to break cron syntax.
* rename self.existing to self.n_existing
* rename crontab.existing to crontab.n_existing
2020-07-21 15:00:21 -04:00
Abhijeet Kasurde
4f96f9826c
distribution: Add support for DragonFly (#70748)
partially fixes #43739

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-07-21 13:47:11 -04:00
Rick Elrod
69472a5f8d
Refactor _fixup_perms2 to remove way-nested logic (#70701)
Change:
- Refactoring to make it harder to get wrong and easier to read.
- Generalize become_unprivileged tests and fix some that never worked
  but also never failed.

Test Plan:
- CI, new units/integration tests

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-07-20 18:46:47 -05:00
Brian Kohles
77d0effcc5
Fix missing quoting for remote_tmp in second mkdir of shell module. Issue #69577 (#69578)
* Fix missing quoting for remote_tmp in second mkdir of shell module. Issue #69577

* adding changelog

* fixing typo in changelog entry

* adding test case

Adding test case written by bmillemayhias.

* using $HOME instead of ~

* fixing commit measage

* Update 69578-shell-remote_tmp-quoting.yaml

Co-authored-by: Brian Kohles <me@briankohles.com>
2020-07-20 11:25:29 -05:00
Abhijeet Kasurde
c1402ddee0
validate_modules: added missing single quote (#70744)
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-07-20 09:26:17 -05:00
Matt Martz
f90aa5599f
Don't treat empty excludes as a match. Fixes #70640 (#70710) 2020-07-17 17:34:24 -04:00
Eduard Rozenberg
566c5e6ce1
Handle Slackware OS version strings containing a plus (“+”) (#68142)
A couple of years ago Slackware -current began using a plus (“+”) at the end of the distribution version string to indicate a future version work-in-progress.

Rearrange distribution_files unit tests to easily support more tests
  - add conftest with common fixtures 
  - use parametrize for testing multiple scenarios

* Add changelog
* Add unit tests for Slackware distribution parsing
* Use correct fixtures for Slackware
Data comes from /etc/slackware-version

Co-authored-by: Sam Doran <sdoran@redhat.com>
Co-authored-by: <Eduard Rozenberg <eduardr@pobox.com>>
2020-07-17 16:39:26 -04:00
Toshio Kuratomi
9dda393d70
Collections docs generation (#59761)
* Build documentation for Ansible-2.10 (formerly known as ACD).

Builds plugin docs from collections whose source is on galaxy

The new command downloads collections from galaxy, then finds the
plugins inside of them to get the documentation for those plugins.

* Update the python syntax checks
  * docs builds can now require python 3.6+.

* Move plugin formatter code out to an external tool, antsibull-docs.
  Collection owners want to be able to extract docs for their own
  websites as well.
* The jinja2 filters, tests, and other support code have moved to antsibull
* Remove document_plugins as that has now been integrated into antsibull-docs

* Cleanup and bugfix to other build script code:
  * The Commands class needed to have its metaclass set for abstractmethod
    to work correctly
  * Fix lint issues in some command plugins

* Add the docs/docsite/rst/collections to .gitignore as
  everything in that directory will be generated so we don't want any of
  it saved in the git repository
* gitignore the build dir and remove edit docs link on module pages

* Add docs/rst/collections as a directory to remove on make clean
* Split the collections docs from the main docs

* remove version and edit on github
* remove version banner for just collections
* clarify examples need collection keyword defined

* Remove references to plugin documentation locations that no longer exist.
  * Perhaps the pages in plugins/*.rst should be deprecated
    altogether and their content moved?
  * If not, perhaps we want to rephrase and link into the collection
    documentation?
  * Or perhaps we want to link to the plugins which are present in
    collections/ansible/builtin?

* Remove PYTHONPATH from the build-ansible calls
  One of the design goals of the build-ansible.py script was for it to
  automatically set its library path to include the checkout of ansible
  and the library of code to implement itself.  Because it automatically
  includes the checkout of ansible, we don't need to set PYTHONPATH in
  the Makefile any longer.

* Create a command to only build ansible-base plugin docs
  * When building docs for devel, only build the ansible-base docs for
    now.  This is because antsibull needs support for building a "devel
    tree" of docs.  This can be changed once that is implemented
  * When building docs for the sanity tests, only build the ansible-base
    plugin docs for now.  Those are the docs which are in this repo so
    that seems appropriate for now.
2020-07-17 13:07:35 -07:00
Matt Davis
c616e54a6e
refactor Python module_utils locator (#70610)
* refactor Python module_utils locator

* no longer recursive
* embed special-case module code internally
* share common code between collections/not cases
* fixes #70134
* properly support subpackage redirection
* adds support for FQCN redirect targets used by migration (expands to FQ Python name)
* add tests

* add changelog
2020-07-16 17:57:47 -07:00
Sloane Hertel
8c213c9334
template connection variables accessed directly before using (#70657)
* template variables accessed directly when using them instead of FieldAttributes
2020-07-16 11:21:39 -04:00
Abhijeet Kasurde
055871cbb8
api: time.clock compatible code (#70650)
time.clock is removed in Python 3.8. Add time.clock
compatible code.

Fixes: #70649

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-07-16 12:24:22 +05:30
Sam Doran
9d27d7c8b1
ansible_runner test - Add constraints (#70667)
A recent updated to psutil, which is a dependency of ansible-runner, fails
to install on older versions of pip.

Commit with the breaking change:

  135628639b
2020-07-15 18:22:44 -04:00
Rick Elrod
8455bc6838
Some more coverage for csvfile (#70661)
* Some more coverage for csvfile

Change:
- Add a few tests

Test Plan:
- CI, new tests

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-07-15 14:44:52 -05:00
Rick Elrod
e1a33a6a84
inventory_hostnames lookup plugin -> 100% coverage (#70628)
Change:
- Add tests to get inventory_hostnames up to 100% coverage.

Test Plan:
- CI

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-07-15 11:31:48 -05:00
Rick Elrod
01e30993fd
Get subelements lookup plugin coverage to 100% (#70634)
Change:
- Add a bunch of tests to bump coverage to 100%

Test Plan:
- CI, new tests

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-07-15 11:00:57 -05:00
Mykola Grygoriev
fe86a93482
Add a new date_time fact to provide DST timezone
PR #70449
2020-07-14 18:22:51 +02:00
Jordan Borean
e22e103cdf
winrm - Added kinit_args to control the args for kinit calls (#70624) 2020-07-14 12:05:11 -04:00
Matt Martz
a77dbf0866
Allow single vault encrypted values to be used directly as module parameters. Fixes #68275 (#70607) 2020-07-14 11:56:26 -04:00
jabdr
0690b68bd3
Support datetime.date object in module result (#70595)
* Support datetime.date object in module result

Fixes #70583

* change blank lines for pep8 sanity test
2020-07-14 11:42:40 -04:00
Mark Chappell
8d160b1881
Remove remaining examples of 1.1.1.1 (#70552)
* Remove remaining examples of 1.1.1.1

* Update ec2_group.py
2020-07-14 11:19:59 -04:00
Matt Clay
1e02a201a6 Fix ansible-test virtualenv management. 2020-07-14 01:26:06 -07:00
Matt Clay
09f02980a4 Update ansible-test change detection for plugins. 2020-07-13 18:28:59 -07:00
Rick Elrod
d372ce2c5d
Get m_u.facts.utils coverage up to 100% (#70614)
* Get m_u.facts.utils coverage up to 100%

Change:
- Add tests to 'gathering_facts' integration target to get
  module_utils.facts.utils coverage up to 100%.
- This also clears incidental coverage from incidental_selinux.

Test Plan:
- CI

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-07-13 16:52:56 -07:00
Rick Elrod
d16018fe72
Add intentional coverage for an async_wrapper case (#70593)
Change:
- Test async_wrapper when the module it runs has stderr output

Test Plan:
- CI
- Looked at coverage report and saw green for a few lines that weren't
  previously green.

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-07-13 11:58:14 -05:00
Rick Elrod
d5480572c8
varnames: add tests, fix exception grammar (#70573)
Change:
- Add integration tests for various cases
- Fix wrong use of "its" in an exception thrown in varnames when it
  throws an AnsibleError, given a term of the wrong type.

Test Plan:
- new tests, CI

Tickets:
- Fixes #70546

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-07-10 21:04:02 -05:00
Matt Clay
df45dcdae0
Add integration tests for test plugins. (#70576) 2020-07-10 18:48:51 -07:00
Brian Coca
cf89ca8a03
Make filter type errors 'loop friendly' (#70417)
- ensure we preserve the typeerror part of the exception so loop defereed error handling
 can postpone those caused by undefined variables until the when check is done.
 - fix tests to comply with the 'new normal'

 - human_to_bytes and others can issue TypeError not only on 'non string'
 but also bad string that is not convertable.

Co-authored-by: Sloane Hertel <shertel@redhat.com>

Co-authored-by: Sloane Hertel <shertel@redhat.com>
2020-07-10 18:49:57 -04:00
Felix Fontein
24dcaf8974
plugin loader: return collection name; ansible-doc: handle ansible.builtin correctly (#70026)
* Determine collection in plugin loader.

* Fix test.

* Use PluginPathContext objects in PluginLoader._plugin_path_cache instead of tuples.
2020-07-11 00:24:08 +02:00
Rick Elrod
1b4fd23ba6
csvfile: use parse_kv() for args, add tests (#70550)
Change:
- Use parse_kv() for parsing in the csvfile lookup plugin. This allows
  us to handle multi-word search keys and filenames. Previously, the
  plugin split on space and so none of these things worked as expected.
- Add integration tests for csvfile, testing a plethora of weird cases.

Test Plan:
- New integration tests, CI

Tickets:
- Fixes #70545

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-07-10 16:21:03 -05:00
Felix Fontein
f4c89eab23
ansible-doc: include collection name in text output (#70401)
* ansible-doc: include collection name in text output

* Be more careful to not accidentally pass ansible.builtin for user-supplied modules.
2020-07-10 22:52:47 +02:00
Amin Vakil
9c40b1b2ff
Replace filename with file in apt_key (#70492)
* Replace filename with file from apt_key check

  one is internal variable, the other is actual parameter used and required for parameter check.
2020-07-10 12:42:49 -04:00
Rick Elrod
9fbd65958d
hostname: hostnamectl check -> SystemdStrategy (#70532)
Change:
- Move hostnamectl check out of GenericStrategy because it was incorrect
  for everything except the SystemdStrategy which is where it belongs.
- Add some initial tests for the hostname module, though we are limited
  by the fact that we can't do much testing with it in containers.

Test Plan:
- new hostname integration tests

Signed-off-by: Rick Elrod <rick@elrod.me>

Co-authored-by: Sam Doran <sdoran@redhat.com>
2020-07-09 20:04:23 -05:00
Matt Clay
bbd8f15a58 Correct name of fileglob lookup integration test. 2020-07-09 12:28:06 -07:00
Mykola Grygoriev
71c378e139
Fix decrypt argument in assemble module (#70465)
* Do not pass decrypt parameter to assemble module

* Add integration tests where decrypt=True

* Add changelog #70465
2020-07-09 15:24:12 -04:00
Alan Rominger
b0d9deeae3
Fix ansible-test error in community.aws (#70507)
* Fix ansible-test error in community.aws

* Add changelog entry for fix

* Change check from None to string_types

* Update changelogs/fragments/70507-validate-null-author.yaml

clarify wording "or a list of strings"

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update test/lib/ansible_test/_data/sanity/validate-modules/validate_modules/schema.py

clarify wording - single string or not specified valid

Co-authored-by: Felix Fontein <felix@fontein.de>

* Do not fail but return None when given outside list

Co-authored-by: Felix Fontein <felix@fontein.de>
2020-07-08 15:17:12 -05:00
David Shrewsbury
8aca464b8b
Make sure ansible_become treated as a boolean (#70484)
* Make sure ansible_become treated as a boolean
2020-07-08 14:53:38 -04:00
Rick Elrod
f3ef4ed076
Remove some constants.py deprecated items (#70466)
Change:
- Remove mk_boolean
- Remove BECOME_METHODS
- Remove get_config

Test Plan:
- CI, removed mk_boolean unit tests

Tickets:
- Fixes #69678

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-07-07 18:41:19 -05:00
Rick Elrod
41414ed475
Deprecate command warnings feature (#70504)
Change:
- The command warnings feature which suggests that users use modules
  instead of certain commands is now deprecated. Its `warn` paramater
  and `COMMAND_WARNINGS` configuration options are also deprecated.
  Their use will become an error in version 2.13.

Test Plan:
- CI

Signed-off-by: Rick Elrod <rick@elrod.me>
Co-authored-by: Sam Doran <sdoran@redhat.com>
2020-07-07 18:40:38 -05:00
Rick Elrod
688cd8657b
Fix string/bytestring comparsion in m_u.basic (#70439)
Change:
- module_utils.basic.is_special_selinux_path() used a string ==
  bytestring comparison which returned False and made Ansible think that
  certain filesystems aren't, in fact, special-cased, when they should
  be. Ensure both sides of the == are bytestrings.

Test Plan:
- Added `copy` integration tests for this case.

Tickets:
- Fixes #70244

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-07-07 11:48:05 -04:00
Abhijeet Kasurde
f5037314e3
sanity: remove ansible-bad-function (#70431)
* Updated docs and ignore.txt
* Replaced with correct function calls

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-07-07 11:46:28 -04:00
Sloane Hertel
5b03267a1f
Add ansible-doc tests for documentation containing YAML anchors (#70436)
Co-authored-by: Tadej Borovšak <tadej.borovsak@xlab.si>
2020-07-07 08:33:55 -04:00
Felix Fontein
9164b96774
ansible-doc man formatter: fail with better error message when description isn't there (#70046)
* ansible-doc man formatter: do not crash when description isn't there.
* Change to report a better error message when description is not there.
* Add test.
2020-07-06 13:29:03 -04:00
Rick Elrod
1be78dbfc5
Updated bundled libraries (#70418)
Change:
- Update bundled six to 1.13 (last with py2.6 support)
- Make it pass lint
- Fix check to allow skipping over compat __init__.py files we authored
- Fix check to allow files that can't be updated for some reason

Test Plan:
- ansible-test sanity --docker
- CI

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-07-02 12:39:00 -05:00
Brian Coca
7a15a3a109
fix flatten handling of nulls/nones (#70141)
* fix flatten loop control issue (break -> continue)

fix issue #69012

(cherry picked from commit 2127be5ec5)

* fixed null break bug and added option to include

 fixes #69012
 fixes #69013

Co-authored-by: pseudocoder <borisovano@users.noreply.github.com>
Co-authored-by: David Shrewsbury <Shrews@users.noreply.github.com>
2020-07-01 18:52:03 -04:00
Matt Martz
ce570691e7
Test against galaxy_ng (#70303)
* Test against galaxy_ng

* Switch container image

* Remove redundant |default

* Re-enable

* Update image

* Update wording

* Don't use pulp as the container name
2020-07-01 16:20:03 -04:00
Rick Elrod
91aea92c62
Add ability to fallback to chgrp remote_tmp and its files. (#68627)
* Add ability to fallback to chgrp remote_tmp and its files.

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-07-01 15:16:56 -04:00
Rick Elrod
f7078c1f8f
Throw a prettier error in m_u.basic syslog (#70312)
Change:
- In certain situations, such as when the input string contains null
  bytes (\0), syslog.syslog will throw a TypeError. Handle that and
  fail_json instead.

Test Plan:
- New test
- ansible-test --docker centos[68] (for py2 and py3 respectively)

Tickets:
- Refs #70269

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-07-01 09:28:48 -05:00
Jordan Borean
40ce448657
ansible-test - do not validate blacklisted ps modules (#70376)
* ansible-test - do not validate blacklisted ps modules

* Update changelogs/fragments/validate-modules-ps-doc-blacklist.yaml

Co-authored-by: Matt Clay <matt@mystile.com>

Co-authored-by: Matt Clay <matt@mystile.com>
2020-07-01 07:59:53 +10:00
Abhijeet Kasurde
a8ae8f4d72
setup: Handle CIFS share with backward slash (#70006)
CIFS can be mounted using backward slash as well in /etc/fstab like

\\Windows\share /data/ cifs credentials=/root/.creds 0 0

Handle this condition while gather mount information in Linux.

Fixes: #48813

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-06-30 16:09:35 -04:00
Dmitriy Rabotyagov
8324db7cb5
Add new option for YUM4/DNF repositories (#70042)
Documentation reference:
  https://dnf.readthedocs.io/en/stable/conf_ref.html

Co-authored-by: Estelle Poulin <dev@inspiredby.es>
2020-06-30 15:48:36 -04:00
Abhijeet Kasurde
74bedab8a9
known_hosts: update documentation (#70342)
* Update documentation as per sanity tests
* Added example about custom SSH port in example section

Fixes: #29236

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-06-30 12:03:31 -04:00