Commit graph

7027 commits

Author SHA1 Message Date
Pilou
57eb60757c Lookup password omit salt (#16361)
* Lookup unencrypted password must not include salt
* Integration test lookup: remove previous directory
* Test that lookup password doesn't return salt
* Lookup password: test behavior with empty encrypt parameter

Closes #16189

(cherry picked from commit b361bf90d7)
2016-06-27 10:47:33 -07:00
Toshio Kuratomi
25c5314f2e Update submodule refs 2016-06-24 09:02:38 -07:00
James Cammarata
084a3e13b0 Fix off-by-one error with retries
Fixes #16408

(cherry picked from commit 948682dbe2)
2016-06-23 18:08:00 -05:00
James Cammarata
eeba5e2c3e Remove unnecessary role initialization and lookup stuff
* Remove unnecessary copying of values from parents to role deps, as
  this can cause problems when roles have multiple parents (or the same
  parents with different params speficied through deps)
* Since we're already checking the dep chain in the block for role
  things (which every task in a role should have), it is not necessary
  to check the role directly in case it improperly grabs something

Fixes #14438

(cherry picked from commit 3e4755f7e4)
2016-06-23 17:02:14 -05:00
James Cammarata
7da2265e10 Properly wrap objects using json default encoder
Our custom encoder for the to_json filter was simply returning the
object if it was not a HostVars object, leading in some cases to a
TypeError when the data contained an undefined variable. This lead
to an odd error message being propagated up, so we now properly catch
this as an undefined variable error.

Fixes #15610

(cherry picked from commit c24c0f5f6b)
2016-06-23 09:20:35 -05:00
ivovangeel
cb520bd86a Fixed bug in find_mount_point function
The find_mount_point function does not resolve the mount point of paths with a soft-link correctly and returns the wrong mount-point.

I have mounted an NFS filesystem on /nfs-mount. This directory contains a directory called "directory". I also created a soft-link to this last directory: /soft-link-to-directory -> /nfs-mount/directory. I created the following task to copy a file into /soft-link-to-directory:

    - name: copy file to nfs-mount
      copy:
        src: "file"
        dest: "/soft-link-to-directory/file"

This throws an exception:

invalid selinux context: [Errno 95] Operation not supported

This is caused by the find_mount_point function to return '/' as the mount point for '/soft-link-to-directory/file'. This should have been /nfs-mount. Because the find_mount_point returns the wrong mount-point, the is_special_selinux_path function does not recognise the file is on an NFS mount and tries to set the default SELinux context (system_u:object_r:default_t:s0), which fails. The context should have been: system_u:object_r:nfs_t:s0

Full Ansible output:

TASK [copy file to nfs-mount] **************************************************
fatal: [hostname]: FAILED! => {"changed": false, "checksum": "f34b60930a5d6d689cf49a4c16bd7f9806be608c", "cur_context": ["system_u", "object_r", "nfs_t", "s0"], "failed": true, "gid": 24170, "group": "foundation", "input_was": ["system_u", "object_r", "default_t", "s0"], "mode": "0644", "msg": "invalid selinux context: [Errno 95] Operation not supported", "new_context": ["system_u", "object_r", "default_t", "s0"], "owner": "root", "path": "/soft-link-to-directory/.ansible_tmpWCT6Z4file", "secontext": "system_u:object_r:nfs_t:s0", "size": 37, "state": "file", "uid": 0}
(cherry picked from commit 23349911f1)
2016-06-22 22:39:30 -05:00
nitzmahone
62b3909ef5 bump extras submodule ref 2016-06-22 17:20:30 -07:00
nitzmahone
5f1d50d53d bump core submodule ref 2016-06-22 11:52:53 -07:00
James Cammarata
a7199abb74 Take previously failed/unreachable hosts into account when checking the batch
Again, as we're carrying failed/unreachable hosts forward from play to play via
internal structures, we need to remember which ones had previously failed so that
unrelated host failures don't inflate the numbers for a given serial batch in the
PlaybookExecutor causing a premature exit.

Fixes #16364

(cherry picked from commit 4c1601e9f2)
2016-06-22 08:33:08 -05:00
Toshio Kuratomi
a7f93be2b6 Use find -exec + so that failures will be visible in find's exit code (#16389)
Fixes #16385
2016-06-22 05:44:35 -07:00
nitzmahone
05536b3be5 bump extras submodule ref 2016-06-20 13:04:01 -07:00
James Cammarata
4d4bbcbb33 New release v2.1.1.0-0.1.rc1 2016-06-17 14:33:25 -05:00
Ryan S. Brown
d6fef6f9a6 Update ansible-modules-core ref
Includes cherry-pick of [ansible-modules-core#3347](https://github.com/ansible/ansible-modules-core/pull/3347)
2016-06-17 15:15:22 -04:00
Toshio Kuratomi
cd348abaa6 Update core submodule ref for wait_for fix 2016-06-17 10:17:21 -07:00
Toshio Kuratomi
9d91d2c6b8 Use find instead of -R for recursive setfacl (#16340)
(-R is not present on Solaris or freebsd setfacl)

Fixes #16322
2016-06-17 09:40:53 -07:00
Mark Szymanski
552172b141 Allowing changed colour to be set properly from ansible.cfg (#16338)
(cherry picked from commit 2b0d0d0323)
2016-06-17 12:28:05 -04:00
nitzmahone
55f2829e0c bump core submodule ref 2016-06-16 13:16:01 -07:00
nitzmahone
8ec11e9d6c bump extras submodule ref 2016-06-16 12:38:12 -07:00
nitzmahone
8223b83758 bump submodule refs 2016-06-15 14:50:02 -07:00
Colin Hoglund
877347ad20 allow spaces before the filter string (#16312)
(cherry picked from commit 5a2b34e159)
2016-06-15 14:17:56 -04:00
Toshio Kuratomi
8fc5a6a6f5 Update core submodule ref 2016-06-15 10:34:34 -07:00
Toshio Kuratomi
9a00b2d4af Check that required arguments src and dest are present.
Fixes #16301
2016-06-15 09:58:25 -07:00
Brian Coca
d0cf725ef8 updated submodule refs 2016-06-15 11:26:32 -04:00
Brian Coca
d88264ee3b add executable if none exists when become
this is needed as become adds commands that require shell

(cherry picked from commit 4acac55d23)
2016-06-15 11:26:32 -04:00
Adrian Likins
969c6a4443 zone plugin updates for newer api (#16289)
Fixes errors on import.
2016-06-15 07:39:33 -07:00
Toshio Kuratomi
7248314233 Make sure we don't end up with an empty PYTHONPATH (#16240)
When the PYTHONPATH is an empty string python will treat it as though
the cwd is in the PYTHONPATH.  This can be undesirable.  So make sure we
delete PYTHONPATH from the environment altgether in this case.

Fixes #16195
2016-06-15 07:07:11 -07:00
jctanner
73a3a5839b Force an include to be a static task if no vars or loops are being used. (#16192)
Fixes #15735
2016-06-15 00:54:09 -05:00
James Cammarata
43d1ea0cfc Track notified handlers by object rather than simply their name
Due to the fact that roles may be instantiated with different sets of
params (multiple inclusions of the same role or via role dependencies),
simply tracking notified handlers by name does not work. This patch
changes the way we track handler notifications by using the handler
object itself instead of just the name, allowing for multiple internal
instances. Normally this would be bad, but we also modify the way we
search for handlers by first looking at the notifying tasks dependency
chain (ensuring that roles find their own handlers first) and then at
the main list of handlers, using the first match it finds.

This patch also modifies the way we setup the internal list of handlers,
which should allow us to correctly identify if a notified handler exists
more easily.

Fixes #15084
2016-06-14 22:34:51 -05:00
jctanner
f6727aff39 Add further commentary about synchronize process_remote. (#16292)
Addresses #16284
(cherry picked from commit dc9b53a6aa)
2016-06-14 22:30:14 -05:00
Sergei Smolianinov
304493e795 Fix synchronize module incorrect remote host processing. (#15993)
Fixes  #15539
(cherry picked from commit 9753cac530)
2016-06-14 22:29:59 -05:00
Toshio Kuratomi
75beca22a5 Be more lenient of symlinked /bin/sh inside the chroot (#16239)
Symlinks inside of the chroot were failng because we weren't able to
    determine if they were pointing to a real file or not.  We could write
    some complicated code to walk the symlink path taking into account where
    the root of the tree is but that could be fragile.  Since this is just
    a sanity check, instead we just assume that the chroot is fine if we
    find that /bin/sh in the chroot is a symlink.  Can revisit if it turns
    out that many chroots have a /bin/sh that's a broken symlink.

    Fixes #16097
2016-06-14 12:05:31 -07:00
nitzmahone
fc8d8b5cde bump core submodule ref for windows setup fix 2016-06-14 11:35:57 -07:00
Brian Coca
97a9eaa299 ignore closing file error when file not open
fixes #16268

(cherry picked from commit 07846f7bec)
2016-06-14 09:34:57 -04:00
Peter Sprygada
6e2651ce07 fixes using ssh keyfile with junos network module
The junos network module will now properly use the ssh key file if its
passed from the playbook to authenticate to the remote device.  Prior
to this commit, the ssh keyfile was ignored.
2016-06-13 22:50:49 -04:00
Toshio Kuratomi
9cbb1a196b Workaround bad interaction with .pth files. (#16238)
When setuptools installs a python module (as is done via python setup.py
install)  It puts the module into a subdirectory of site-packages and
then creates an entry in easy-install.pth to load that directory.  This
makes it difficult for Ansiballz to function correctly as the .pth file
overrides the sys.path that the wrapper constructs.  Using
sitecustomize.py fixes this because sitecustomize overrides the
directories handled in .pth files.

Fixes #16187
2016-06-13 08:00:59 -07:00
nitzmahone
467ef193fd call base _connect() from winrm._connect()
without it, we don't get the base's free become method error check

(cherry picked from commit 445a88d3e8)
2016-06-10 14:41:11 -07:00
Brian Coca
2982b99b8e better handling of retry files
(cherry picked from commit 734bbcb1d3)
2016-06-10 14:03:53 -04:00
nitzmahone
6b286ee0c8 fix for psuedo-connection hostvars not propagating to connection
(mostly done by jimi-c, tested working)

(cherry picked from commit 9f998dbfc49ab5b7a587db6a7099096a414f5841)
2016-06-10 10:17:56 -07:00
Brian Coca
efed4e577c raw should not use default executable (#16085)
also removed unused cruft in script
(cherry picked from commit a529a60478)
2016-06-10 11:41:49 -04:00
J. Javier Maestro
9bb754c0a7 Fix: create retry_files_save_path if it doesn't exist (#15659)
* Fix: create retry_files_save_path if it doesn't exist

Ansible documentation states that retry_files_save_path directory will be
created if it does not already exist. It currently doesn't, so this patch
fixes it :)

* Use makedirs_safe to ensure thread-safe dir creation

@bcoca suggested to use the makedirs_safe helper function :)

(cherry picked from commit 828b73dd2d)
2016-06-10 09:41:30 -04:00
Toshio Kuratomi
d65e2aec81 Update submodule ref 2016-06-09 15:52:23 -07:00
Brian Coca
e971a63c33 avoid processing bad mtab entries (#16206)
fixes #16174
(cherry picked from commit c376954ecf)
2016-06-09 15:14:26 -04:00
Toshio Kuratomi
553ceefe81 Update submodule refs 2016-06-09 08:58:54 -07:00
James Cammarata
c9b125d21a Fix hostvars lookup of locahost based on 5f1bbb4
(cherry picked from commit b51d0dd69b)
2016-06-08 14:15:02 -05:00
James Cammarata
00cf1cbac1 There can be only one localhost
The changes to exclude implicit localhosts from group patterns exposed
the bug that we sometimes create multiple implicit localhosts, which
caused some bugs with things like includes, where the host was used as
an entry into a dict, so having multiple meant that the incorrect host
(with a different uuid) was found and includes were not executed for
implicit localhosts.
2016-06-08 13:01:47 -05:00
James Cammarata
2e003adbc8 Expand return code values returned by TQM and strategies
This allows the PlaybookExecutor to receive more information regarding
what happened internal to the TaskQueueManager and strategy, to determine
things like whether or not the play iteration should stop.

Fixes #15523

(cherry picked from commit fbec2d9692)
2016-06-08 10:44:59 -05:00
Peter Sprygada
d4c78b84f0 fixes issue with ssh keyfile and nxos authentication
The nxos cli provider would not properly handle ssh key files passed
from the playbook task.   The ssh_keyfile argument is now properly
passed to the ssh authentication method

This fix address the bug reported in #3862
2016-06-07 21:28:31 -04:00
nitzmahone
405f636cc7 bump submodule refs 2016-06-07 17:13:53 -07:00
James Cammarata
a2c1247dff Revert "don't tempalte register"
This reverts commit 7ba790bbaf.

Fixes #15700
2016-06-07 13:40:36 -05:00
James Cammarata
3ced6d3e90 Further tweaks to variable precedence to make it match our docs
Also removes looking at role variables from the Block, as those are
merged in separately via VariableManager
2016-06-07 12:09:05 -05:00