* Revert "[stable-2.10] Revert "Change default file permissions so they are not world readable (#70221) (#70824)" (#71236)"
This reverts commit c968020d52.
* Revert "Remove porting guide entry related to reverted change (#71242)"
This reverts commit 006a21eae2.
* [stable-2.10] Revert "Fix warning for new default permissions when mode is not specified (#70976) (#70985)"
This reverts commit 5cb96087e6.
* [stable-2.10] Revert "Change default file permissions so they are not world readable (#70221) (#70824)"
This reverts commit 7e4cffc5d2.
* Misc typo fixes (#71089)
(cherry picked from commit 504ef607f3)
* Add some documentation for the format of meta/runtime.yml (#71035)
* Document the format of meta/runtime.yml
* Document multiple Ansible versions
Clarify difference between deprecation and tombstone fields
* add note
(cherry picked from commit a9eb8b0488)
* add note to uninstall older versions of ansible for pip (#71023)
* add note to uninstall older versions of ansible for pip
* combine with the other PR
(cherry picked from commit 72d3d44163)
* VMware: Inventory scenario guide for hostnames (#71055)
Added a scenario guide for ``hostnames`` parameter
for vmware_vm_inventory.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 0055673c70)
* Document string tests a bit more (#71049)
- Explain how `regex` differs from `match` and `search`.
- Document `multiline` and `ignorecase`.
Signed-off-by: Rick Elrod <rick@elrod.me>
(cherry picked from commit 701c638757)
* docs: Add a note about package requirements for fact gathering (#70796)
Fixes: #26148
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit a6725d6e2a)
* added note about fakeroot (#71018)
see #70895
(cherry picked from commit 11a31e99e6)
* Update documentation of httpapi's handle_httperror method for clarity (#70991)
(cherry picked from commit a0523e5b8a)
* DOCS: add 2.10 collections roadmap (#70975)
* draft of 2.10 collections roadmap
* incorporates feedback from felixfontein
* gundalow and samccann feedback, fix link
Co-authored-by: Alicia Cozine <acozine@users.noreply.github.com>
(cherry picked from commit 9879da8e23)
* updates changelog types; some updates for easier translation (#71027)
Co-authored-by: Alicia Cozine <acozine@users.noreply.github.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 4f4436c124)
* Document common return values with examples (#71046)
* adding return value examples
* shift to console code blocks
* cleaning up whitespace and shortening invocation example
* reordering diff section
(cherry picked from commit 864573a38d)
* Update intro_getting_started.rst (#71039)
Added two additional learning resources in the See also: section- forgot closing backticks
(cherry picked from commit 9850915bd6)
* Guide users to use ansible-runner (#71063)
Update the docs to guide users to use `ansible-runner` instead of using Python API directly. In many use cases, executing Ansible playbooks are sufficient. In those use cases, `ansible-runner` is easier and much stable to use comparing with Python API, but there is no mention of it.
(cherry picked from commit 0c855dc70b)
* Porting guides for ansible-base 2.10 and ansible 2.10 (#70891)
* Fix changelog link title.
* Rename Ansible 2.10 and 2.11 porting guides to Ansible-base porting guides.
* Add stub for automatically generated 2.10 porting guide.
* Move things that should not be in the ansible-base porting guide to the ansible porting guide.
* Apply changes to base porting guides.
* Add remark that ansible-base is mainly for developers.
* Ansible Base -> Ansible-base
* Fix link in base porting guide.
* Add generated porting guide.
* Use same header signs as antsibull-changelog's RST builder.
* Update generated porting guide.
(cherry picked from commit 61b36c6f30)
* Update network platform guides with FQCN (#70699)
* fqcn all the docs things!
(cherry picked from commit 54bee7152b)
* Document how to upgrade to ansible with pip (#70768)
Fixes#70348
(cherry picked from commit 5019335660)
* document how to migrate between collections (#70243)
* document how to migrate between collections
* Apply suggestions from code review
Co-authored-by: John R Barker <john@johnrbarker.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 58145dff9c)
* remove github link from plugins (#70951)
(cherry picked from commit e28b20d729)
* Add latest rc from ansible-base (#70974)
* Add latest rc from ansible-base
(cherry picked from commit d62dffafb3)
* Document to_json will convert to ASCII strings by default (#70954)
... as reported in issue #68702
(cherry picked from commit 8c48366f1c)
* Update the porting guide for ansible-2.10.0a8 (#71141)
(cherry picked from commit 0a9638ce4b)
Co-authored-by: Abhijeet Kasurde <akasurde@redhat.com>
Co-authored-by: Sloane Hertel <shertel@redhat.com>
Co-authored-by: Rick Elrod <rick@elrod.me>
Co-authored-by: Brian Coca <bcoca@users.noreply.github.com>
Co-authored-by: Nathaniel Case <ncase@redhat.com>
Co-authored-by: Alicia Cozine <879121+acozine@users.noreply.github.com>
Co-authored-by: Terciero <terciero@users.noreply.github.com>
Co-authored-by: Brendon O'Sullivan <49501251+bjosullivan@users.noreply.github.com>
Co-authored-by: EthanHur <ethan0311@gmail.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Baptiste Mille-Mathias <baptiste.millemathias@gmail.com>
Co-authored-by: Toshio Kuratomi <a.badger@gmail.com>
* The version comparison for determining what ansible package to build
docs against was comparing the version number for ansible-base but it
needed to check the version number for ansible instead
* add a comment about some bad logic than needs to be fixed after 2.10.0
(cherry picked from commit 37a7485)
Co-authored-by: Toshio Kuratomi <a.badger@gmail.com>
The repository names seem to have changed and no longer have the "rhui-" prefix
(cherry picked from commit 6ac4439a6a)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* Update docs/docsite/_themes/sphinx_rtd_theme/ansible_banner.html
* Only match paths at the beginning
Co-authored-by: Alicia Cozine <acozine@users.noreply.github.com>
Co-authored-by: Sviatoslav Sydorenko <webknjaz@redhat.com>
(cherry picked from commit 8313cc8fb1)
* Fix changelog link title.
* Rename Ansible 2.10 and 2.11 porting guides to Ansible-base porting guides.
* Add stub for automatically generated 2.10 porting guide.
* Move things that should not be in the ansible-base porting guide to the ansible porting guide.
* Apply changes to base porting guides.
* Add remark that ansible-base is mainly for developers.
* Ansible Base -> Ansible-base
* Fix link in base porting guide.
* Add generated porting guide.
* Use same header signs as antsibull-changelog's RST builder.
* Update generated porting guide.
(cherry picked from commit 61b36c6f30)
* misc typo fixes (#70736)
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 8915f262b4)
* How to use rst :ref: for modules in collections (#70567)
(cherry picked from commit 748ba96610)
* Update network_best_practices_2.5.rst (#70962)
Fix a small typo in the playbook tasks sample section
(cherry picked from commit 69e5c6c14a)
* Fix a typo in "restart mysql" example (#70950)
Fix a typo in "restart mysql" example task. It's missing a space between "state:" and "restarted".
(cherry picked from commit 37e9d2278a)
Co-authored-by: Abhijeet Kasurde <akasurde@redhat.com>
Co-authored-by: PJ Waskiewicz <pjwaskiewicz@gmail.com>
Co-authored-by: Emilien Macchi <EmilienM@users.noreply.github.com>
* [stable-2.10] facts - fix incorrect time for some date_time_facts (#70665)
The iso8601_micro and iso8601 facts incorrectly called now.utcnow(), resulting
in a new timestamp at the time it was called, not a conversion of the previously
stored timestamp.
Correct this by capturing the UTC timestamp once then calculating the local
time using the UTC offset of the current system.
* Use time.time() for getting the current time
* Convert from that stored epoch timestamp to local and UTC times
* Used existing timestamp for epoch time
* Add unit tests that validate the formate of the return value rather than an exact value since mocking time and timezone is non-trivial
(cherry picked from commit c4f442ed5a)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* Remove tests for tz_dst since that only exists in newer versions
Follow up to #70221
Related to #67794
CVE-2020-1736
When set_mode_if_different() is called with mode of 'None', ensure we issue
a warning about the change in default permissions.
Add integration tests to ensure the warning works properly.
* Fix tests
- actually use custom module 🤦♂️
- verify file permission on created files
- use remote_tmp_dir so we're ready for split controller
- improve test module so we can skip the call to set_fs_attributes_if_different()
- fix tests for CentOS 6
(cherry picked from commit dc79528cc6)
- Combine remote and local debugging instructions.
- Update the example code to match current AnsiballZ structure and behavior
- Change reference name and update references
- Clarify how PYTHON path is modified
- Also add note about other remote debugging tools.
Co-authored-by: Alicia Cozine <879121+acozine@users.noreply.github.com>
(cherry picked from commit 7f0c84ea15)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* Also validate top-level version_added.
* Fix error code.
* Produce same version_added validation error in schema than in code (and stop returning it twice).
* Return correct error codes for invalid version_added for options and return values.
* Add changelog.
* Fix forgotten closing braket.
* Accept 'historical' for some top-level version_added.
(cherry picked from commit 7e2cc7db12)
* prevent (ExceptionType) is not subscriptable errors
* tweak error message and use text conversion
* add to_text import
(cherry picked from commit 45c2eb6c0a)
Co-authored-by: nitzmahone <nitzmahone@users.noreply.github.com>
Co-authored-by: Matt Davis <nitzmahone@users.noreply.github.com>
Add entry for appropriate commands for Void Linux
(cherry picked from commit 4cc4cebc97)
Co-authored-by: fosslinux <fosslinux@aussies.space>
Co-authored-by: fosslinux <fosslinux@aussies.space>
* Fix ansible-test error in community.aws
* Add changelog entry for fix
* Change check from None to string_types
* Update changelogs/fragments/70507-validate-null-author.yaml
clarify wording "or a list of strings"
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update test/lib/ansible_test/_data/sanity/validate-modules/validate_modules/schema.py
clarify wording - single string or not specified valid
Co-authored-by: Felix Fontein <felix@fontein.de>
* Do not fail but return None when given outside list
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit b0d9deeae3)
Co-authored-by: Alan Rominger <arominge@redhat.com>
* Add boilerplate snippet into `examples/`
It is a partial backport of #70224
(partially cherry picked from commit 4816bb4f43)
* Refactor Python API examples and docs
PR #70446: it's a follow-up for #70445.
It includes a merge of `examples/scripts/uptime.py` and a similar
code snippet from `docs/docsite/rst/dev_guide/developing_api.rst`.
This patch also changes the docs RST file to include contents of
the example file instead of holding a copy of a similar code.
(cherry picked from commit 20bb915092)
* Pipe lookup plugin usage example documentation fix (#70679)
(cherry picked from commit 58d24584c0)
* Fix misleading documentation for naming blocks (#68458)
From what I have observed it is the block itself that doesn't support the name attribute rather than the tasks inside the block.
* Update docs/docsite/rst/user_guide/playbooks_blocks.rst
Co-authored-by: Alicia Cozine <879121+acozine@users.noreply.github.com>
(cherry picked from commit 633c2d0522)
* Fix incorrect statement to set a variable for a playbook (#70712)
Fixes#70638
(cherry picked from commit 59513ae673)
* Make Sources, Plugins sections easier to read (#70652)
Re-wrote the Inventory Sources section and also the next section to have shorter, clearer sentences with a more active voice.
(cherry picked from commit fb3db170cc)
* fix rstcheck problem and gitignore collections dir (#70764)
(cherry picked from commit 24e5d3a51c)
* add note for write permission on rst files (#70766)
* add note for write permission on rst files
* Update docs/docsite/rst/community/documentation_contributions.rst
Co-authored-by: Toshio Kuratomi <a.badger@gmail.com>
(cherry picked from commit 2a7df5e07b)
* Modification of 'Adding modules and plugins locally' topic (#70659)
* Remediated the topic to comply with IBM style guide and minimalism practices
Co-authored-by: Alicia Cozine <879121+acozine@users.noreply.github.com>
(cherry picked from commit 1733253297)
* WIP: add collections as an intersphinx link (#70826)
* adds collections as a ref for intersphinx
* no need for intersphinx
Co-authored-by: Alicia Cozine <acozine@users.noreply.github.com>
(cherry picked from commit b28d59124b)
* Proper example for splitext filter in docs (#70494)
* Update playbooks_filters.rst with a clear example of how to extract its 2 tokens.
Co-authored-by: Sloane Hertel <shertel@redhat.com>
(cherry picked from commit 7a42d27462)
* Few fixes for reference_appendices/faq.html (#70719)
* Format using `` instead of `, add line breaks for long lines, rephrase or remove useless text.
Move some text.
* Add clearer version of OpenSSh is affected by SCP bug
* Review some pages using ansible doc writing guide.
(cherry picked from commit 92e16c2838)
Co-authored-by: Roman Gorshunov <34521622+gorshunovr@users.noreply.github.com>
Co-authored-by: David Rieger <david@isan.engineer>
Co-authored-by: Baptiste Mille-Mathias <baptiste.millemathias@gmail.com>
Co-authored-by: Stef B <regendo@users.noreply.github.com>
Co-authored-by: Sayee <57951841+sayee-jadhav@users.noreply.github.com>
Co-authored-by: Alicia Cozine <879121+acozine@users.noreply.github.com>
Co-authored-by: Fixmetal <fixmetal@gmail.com>
* Do not add connection vars to the output results
* Also revert the delgated scenario JIC
* Added regression test
(cherry picked from commit 5e1a968983)
Previous version initialized the `TaskQueueManager` after calling
`Play.load()` while advertising a way to inject a custom library
location path. This caused the tasks loader not to find any custom
modules because it was triggered before the path was actually added
to the module loader.
This patch changes the order of the operations to ensure that the
customized `context.CLIARGS` actually influences things.
Resolves https://github.com/ansible/ansible/issues/69758.
(cherry picked from commit 8d97c8c222)
* Change default file permissions so they are not world readable
CVE-2020-1736
Set the default permissions for files we create with atomic_move() to 0o0660. Track
which files we create that did not exist and warn if the module supports 'mode'
and it was not specified and the module did not call set_mode_if_different(). This allows the user to take action and specify a mode rather than using the defaults.
A code audit is needed to find all instances of modules that call atomic_move()
but do not call set_mode_if_different(). The findings need to be documented in
a changelog since we are not warning. Warning in those instances would be frustrating
to the user since they have no way to change the module code.
- use a set for storing list of created files
- just check the argument spac and params rather than using another property
- improve the warning message to include the default permissions.
(cherry picked from commit 5260527c4a)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* ensure hostvars are available on delegation
* also inventory_hostname must point to current host and not delegated one
* fix get_connection since it was still mixing original host vars and delegated ones
* also return connection vars for delegation and non delegation alike
* add test to ensure we have expected usage when directly assigning for non delegated host
(cherry picked from commit 84adaba6f5)
Some platform such as ESXi does not implement EpollSelector,
which is selected by DefaultSelector. Use PollSelector.
This works perfectly with a platform like VMware ESXi.
Fixes: #70238
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 8cccede0d4)
* Encode/Decode files in UTF-8
* Use helper function in ansible
* Add an integration test
* Use emoji in test data.
* add changelog
* Also support non-ascii chars in filepath and add tests about this.
* Also use non-ascii chars in replaced text and ensure not to break cron syntax.
* rename self.existing to self.n_existing
* rename crontab.existing to crontab.n_existing