Commit graph

2483 commits

Author SHA1 Message Date
Sam Doran
5260527c4a
Change default file permissions so they are not world readable (#70221)
* Change default file permissions so they are not world readable

CVE-2020-1736

Set the default permissions for files we create with atomic_move() to 0o0660. Track
which files we create that did not exist and warn if the module supports 'mode'
and it was not specified and the module did not call set_mode_if_different(). This allows the user to take action and specify a mode rather than using the defaults.

A code audit is needed to find all instances of modules that call atomic_move()
but do not call set_mode_if_different(). The findings need to be documented in
a changelog since we are not warning. Warning in those instances would be frustrating
to the user since they have no way to change the module code.

- use a set for storing list of created files
- just check the argument spac and params rather than using another property
- improve the warning message to include the default permissions
2020-07-22 17:05:38 -04:00
David Shrewsbury
bf98f031f3
Sanitize URI module keys with no_log values (#70762)
* Add sanitize_keys() to module_utils.

* More robust tests

* Revert 69653 change

* Allow list or dict

* fix pep8

* Sanitize lists within dict values

* words

* First pass at uri module

* Fix insane sanity tests

* fix integration tests

* Add changelog

* Remove unit test introduced in 69653

* Add ignore_keys param

* Sanitize all-the-things

* Ignore '_ansible*' keys

* cleanup

* Use module.no_log_values

* Avoid deep recursion issues by using deferred removal structure.

* Nit cleanups

* Add doc blurb

* spelling

* ci_complete
2020-07-22 14:49:37 -05:00
Sayee
1733253297
Modification of 'Adding modules and plugins locally' topic (#70659)
* Remediated the topic to comply with IBM style guide and minimalism practices
Co-authored-by: Alicia Cozine <879121+acozine@users.noreply.github.com>
2020-07-22 11:59:18 -05:00
Sorin Sbarnea
b7ee07215d
Update Molecule support contact (#70797)
As Molecule started to use https://github.com/ansible-community/molecule/discussions we need to update documentation before retiring
the molecule-users mailing list.
2020-07-22 11:53:52 +01:00
Sandra McCann
2a7df5e07b
add note for write permission on rst files (#70766)
* add note for write permission on rst files
* Update docs/docsite/rst/community/documentation_contributions.rst

Co-authored-by: Toshio Kuratomi <a.badger@gmail.com>
2020-07-21 16:00:47 -05:00
Sandra McCann
24e5d3a51c
fix rstcheck problem and gitignore collections dir (#70764) 2020-07-21 15:59:56 -05:00
Baptiste Mille-Mathias
59513ae673
Fix incorrect statement to set a variable for a playbook (#70712)
Fixes #70638
2020-07-20 13:45:40 -05:00
Baptiste Mille-Mathias
92e16c2838
Few fixes for reference_appendices/faq.html (#70719)
* Format using `` instead of `, add line breaks for long lines, rephrase or remove useless text.
Move some text.

* Add clearer version of OpenSSh is affected by SCP bug

* Review some pages using ansible doc writing guide.
2020-07-20 13:43:39 -05:00
Stef B
fb3db170cc
Make Sources, Plugins sections easier to read (#70652)
Re-wrote the Inventory Sources section and also the next section to have shorter, clearer sentences with a more active voice.
2020-07-20 13:30:06 -05:00
David Rieger
633c2d0522
Fix misleading documentation for naming blocks (#68458)
From what I have observed it is the block itself that doesn't support the name attribute rather than the tasks inside the block.

* Update docs/docsite/rst/user_guide/playbooks_blocks.rst

Co-authored-by: Alicia Cozine <879121+acozine@users.noreply.github.com>
2020-07-20 09:48:53 -05:00
Toshio Kuratomi
9dda393d70
Collections docs generation (#59761)
* Build documentation for Ansible-2.10 (formerly known as ACD).

Builds plugin docs from collections whose source is on galaxy

The new command downloads collections from galaxy, then finds the
plugins inside of them to get the documentation for those plugins.

* Update the python syntax checks
  * docs builds can now require python 3.6+.

* Move plugin formatter code out to an external tool, antsibull-docs.
  Collection owners want to be able to extract docs for their own
  websites as well.
* The jinja2 filters, tests, and other support code have moved to antsibull
* Remove document_plugins as that has now been integrated into antsibull-docs

* Cleanup and bugfix to other build script code:
  * The Commands class needed to have its metaclass set for abstractmethod
    to work correctly
  * Fix lint issues in some command plugins

* Add the docs/docsite/rst/collections to .gitignore as
  everything in that directory will be generated so we don't want any of
  it saved in the git repository
* gitignore the build dir and remove edit docs link on module pages

* Add docs/rst/collections as a directory to remove on make clean
* Split the collections docs from the main docs

* remove version and edit on github
* remove version banner for just collections
* clarify examples need collection keyword defined

* Remove references to plugin documentation locations that no longer exist.
  * Perhaps the pages in plugins/*.rst should be deprecated
    altogether and their content moved?
  * If not, perhaps we want to rephrase and link into the collection
    documentation?
  * Or perhaps we want to link to the plugins which are present in
    collections/ansible/builtin?

* Remove PYTHONPATH from the build-ansible calls
  One of the design goals of the build-ansible.py script was for it to
  automatically set its library path to include the checkout of ansible
  and the library of code to implement itself.  Because it automatically
  includes the checkout of ansible, we don't need to set PYTHONPATH in
  the Makefile any longer.

* Create a command to only build ansible-base plugin docs
  * When building docs for devel, only build the ansible-base docs for
    now.  This is because antsibull needs support for building a "devel
    tree" of docs.  This can be changed once that is implemented
  * When building docs for the sanity tests, only build the ansible-base
    plugin docs for now.  Those are the docs which are in this repo so
    that seems appropriate for now.
2020-07-17 13:07:35 -07:00
Matt Davis
02c63ec285
update roadmap rc1 date (#70662) 2020-07-15 11:47:36 -07:00
Alicia Cozine
db354c0300
Docs: User guide overhaul, part 5 (#70307) 2020-07-14 17:00:44 -04:00
Alicia Cozine
f1f782fc37
partial update of community docs to reflect collections transition (#70488) 2020-07-14 15:47:18 -04:00
Abhijeet Kasurde
375c6b4ae4
docs: update date format in removed_at_date (#70597)
removed_at_date requires YYYY-MM-DD format.

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-07-14 11:43:25 -04:00
Abhijeet Kasurde
20209c508f
docs: update module development docs (#70594)
Update module development docs for flattened modules directory.

Fixes: #70261 (at least partially)

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-07-13 14:41:59 -05:00
Sayee
38ccfb4a3e
updated requirements file for docs build (#70609) 2020-07-13 15:35:08 -04:00
Karl Goetz
c410311f55
Clarify that index_var is 0 indexed (#70548)
A little further down the page is another index, ansible_loop.index, which shares a similar description but is 1 indexed.
Its zero indexed twin has a 0 suffix.

``ansible_loop.index``      The current iteration of the loop. (1 indexed)
``ansible_loop.index0``     The current iteration of the loop. (0 indexed)

To remove ambiguity around the usage of index_var, explicitly mention that this variable is 0 indexed.
2020-07-13 14:15:44 -05:00
mahadelmi
f4ea43c4a0
Update windows_winrm.rst (#70306)
gcc also needed to be installed alongside python-devel, krb5-devel, krb5-libs, and krb5-workstation.
2020-07-13 13:43:39 -05:00
Andrew Klychkov
edcd1a1a70
Doc: fix examples of changelog entries. (#70551) 2020-07-10 16:17:03 -04:00
Amin Vakil
9c40b1b2ff
Replace filename with file in apt_key (#70492)
* Replace filename with file from apt_key check

  one is internal variable, the other is actual parameter used and required for parameter check.
2020-07-10 12:42:49 -04:00
FloMiau
f7db428375
update documentation link to python 3 (#70509)
update the docs link for strftime on the filters page to point to the python3 docs
2020-07-09 11:58:39 -05:00
Mark Chappell
e1ba7dc52a
Update AWS Integration test docmentation (#70454) 2020-07-08 08:01:37 +05:30
Rick Elrod
707458cc8c
Make netbsd virtualization facts more specific (#70467)
Change:
Our handling of NetBSD virtualization facts led to facts that were just
plain incorrect. One example is reporting Xen even when the system is
running on something completely different (like KVM).

As stated by the reporter of #69352, NetBSD has a better sysctl setting
to use for this information, machdep.hypervisor.

This PR does the following:

- Try to use machdep.hypervisor sysctl value if the other sysctl values
  we check don't end up with enough information to be useful
- Only look for /dev/xencons and assume Xen if nothing else works
  (Really this should probably return 'unknown' since the file exists on
  non-Xen systems and is not very useful).
- Add a few more patterns (Xen matches and also Hyper-V) to
  VirtualSysctlDetectionMixin#detect_virt_product.

This change is slightly breaking:
- If the first two attempts at using sysctl worked before,
  (machdep.dmi.system-product and machdep.dmi.system-vendor), they will
  continue to work.
- For cases when those values didn't work, previously the existence of
  /dev/xencons was checked, and if found, we reported 'xen' (even on
  non-Xen systems when the file existed). After this PR, we try the
  machdep.hypervisor sysctl key before still falling back to
  /dev/xencons. This means that in some cases, we might go from
  (wrongly) saying "xen" to giving a more accurate value such as "kvm"
  or "Hyper-V".

Test Plan:
- Tested with local NetBSD VM and got 'kvm' instead of 'xen' back.

Tickets:
- Fixes #69352

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-07-07 17:28:13 -05:00
Baptiste Mille-Mathias
bd1378405b
Small documentation fixes (#70480)
* Add type for options in the sample module shown in Developing Modules, as this is required to have the tests being
green
* Remove duplicated strings: the same sentence is in "Python tips" and "Module security", keeping the
latter.
2020-07-06 12:53:10 -05:00
Sviatoslav Sydorenko
8d97c8c222 Fix the internal Python API usage examples
Previous version initialized the `TaskQueueManager` after calling
`Play.load()` while advertising a way to inject a custom library
location path. This caused the tasks loader not to find any custom
modules because it was triggered before the path was actually added
to the module loader.

This patch changes the order of the operations to ensure that the
customized `context.CLIARGS` actually influences things.

Resolves https://github.com/ansible/ansible/issues/69758.
2020-07-03 10:44:54 +02:00
Michael Ritsema
82e5d03bdb
Suggest ansible ad-hoc command while developing module (#70308)
If a local module has no documentation, the doc command will fail without any hints of what is wrong. Add another way to confirm the presence of a local module.
* Update docs/docsite/rst/dev_guide/developing_locally.rst

Co-authored-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-07-02 17:23:37 -05:00
David Shrewsbury
4e41e37aa7
Fix flatten null perserve versionadded (#70435) 2020-07-02 13:28:39 -05:00
Sandra McCann
aa59c23aed
update platform table with links to collections (#70373) 2020-07-02 10:20:11 -05:00
Baptiste Mille-Mathias
9eb904ea61
Add documentation for ipaddr filters (#70343) 2020-07-02 11:17:46 -04:00
jafiala
7c90a2d2a6
Update playbooks.rst (#70317) 2020-07-02 11:11:09 -04:00
Brian Coca
7a15a3a109
fix flatten handling of nulls/nones (#70141)
* fix flatten loop control issue (break -> continue)

fix issue #69012

(cherry picked from commit 2127be5ec5)

* fixed null break bug and added option to include

 fixes #69012
 fixes #69013

Co-authored-by: pseudocoder <borisovano@users.noreply.github.com>
Co-authored-by: David Shrewsbury <Shrews@users.noreply.github.com>
2020-07-01 18:52:03 -04:00
Brian Coca
5d3d097de3
more correct info about role main.yml (#70326)
fixes #40496
2020-07-01 16:16:21 -04:00
Alicia Cozine
c89f3cda9e
incorporate minimalism feedback on filters page (#70366)
Co-authored-by: Alicia Cozine <acozine@users.noreply.github.com>
2020-07-01 16:15:32 -04:00
Rick Elrod
91aea92c62
Add ability to fallback to chgrp remote_tmp and its files. (#68627)
* Add ability to fallback to chgrp remote_tmp and its files.

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-07-01 15:16:56 -04:00
Sir Mobus Gochfulshigan Dorphin Esquire XXIII
a1ac595d42
Minor grammatical fix (#70405)
'you' -> 'your'
2020-07-01 10:47:08 +05:30
Sandra McCann
5a28b2b86c
Add steps for how to create changelog.rst for a collection (#70262)
* Update docs/docsite/rst/dev_guide/developing_collections.rst
* add steps to create changelogs, add sentence about not using the tool
* add note for rerunning the command

Co-authored-by: Felix Fontein <felix@fontein.de>
2020-06-29 14:22:31 -05:00
Abhijeet Kasurde
e4f48c920c
Docs: mention about Ansible workshops (#70353)
Lightbulb is deprecated in favor of https://ansible.github.io/workshops/
Update links accordingly.
Fixes: #70296

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-06-29 14:06:04 -05:00
Mark Sanders
dc6f4b6502
Fix bullet points in intro_getting_started.rst. (#70365)
The layout was jumbled due to issues with whitespace.
2020-06-29 14:05:05 -05:00
Sandra McCann
83f6e4850b
document FQCN for M() and :seealso: in DOCUMENTATION blocks (#70245)
* document FQCN for M() in DOCUMENTATION blocks

* add note about c
2020-06-29 11:16:59 -05:00
Gonéri Le Bouder
b491f776b9
doc: avoid mix of single and double quotes (#70115)
Avoid mix of single and double quotes in the `ternary`, this way
we can copy/past the example without any surprise.
2020-06-29 09:16:20 -05:00
Sam Doran
5833af9e2a
Add description of collections and become_exe keywords (#68055)
* Add description of collections keyword
* Update based on feedback.
- Add link to become plugins.
- Add note about how the collections keyword works with roles.
2020-06-25 18:49:57 -05:00
Adam Miller
3c9be97e16
fix runtime.yml splunk.enterprise_security -> splunk.es (#70305)
Signed-off-by: Adam Miller <admiller@redhat.com>
2020-06-25 18:34:11 +01:00
Abhijeet Kasurde
40a42de081
async_status: Update documentation (#70196)
Fixes: #38164

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-06-23 11:45:54 -04:00
Matt Clay
4816bb4f43
More boilerplate fixes. (#70224)
* Fix boilerplate in hacking dir.
* Fix boilerplate in docs dir.
* Fix boilerplate in integration tests.
* Fix boilerplate in examples.
2020-06-22 19:05:30 -07:00
Alicia Cozine
4a0f42923b
adds japanese translation as a version-switcher option (#70214)
Co-authored-by: Alicia Cozine <acozine@users.noreply.github.com>
2020-06-22 16:25:44 -04:00
Westley Argentum Hennigh-Palermo
5885ed4455
remove gendered example (#70117)
Changed example to not assume things about names and genders
2020-06-19 14:35:03 -05:00
Abhijeet Kasurde
da868d9d60
docs: Add note about ansible-doc (#70162)
ansible-doc can only parse Python modules, added a note about
this is developer guide; Fixes: #69109
2020-06-19 14:28:02 -05:00
Jill R
0ef75f65d9
Fix broken link in AWS Guide (#70153)
Point to collection rather than ansible/ansible for example.
2020-06-19 14:18:55 -05:00
Sandra McCann
647c6cd289
updates to ansible-maintained collections guidelines (#70178) 2020-06-19 14:04:19 -05:00