Commit graph

2051 commits

Author SHA1 Message Date
Mads Jensen
eaf648e600
Use context manager in yum module. (#65376) 2020-04-14 09:21:22 +02:00
Brian Coca
8077d8e401
avoid mkdir -p (#68921)
* also consolidated temp dir name generation, added pid for more 'uniqness'
* generalize error message
* added notes about remote expansion

CVE-2020-1733
fixes #67791
2020-04-13 17:16:29 -04:00
David Shrewsbury
18a66e291d
Force collections to be static (#68723)
* Force collections to be static

Templating of collection names does not work at all. Force them to
be static so that a warning is generated for the user.

* Add collectionsearch unit test and fix for reviews

New unit test validates the new _load_collections() code and moves
the new check to the end of the method.

* Change unit test to pytest

* Adjust unit test to use capsys instead of monkeypatch

* Fix pep8 error

* Add changelog fragment

Closes #68704
2020-04-13 11:53:05 -05:00
Sloane Hertel
d91658ec0c
subversion module - provide password securely when possible or warn (#67829)
* subversion module - provide password securely with svn command line option --password-from-stdin when possible, and provide a warning otherwise.
* Update lib/ansible/modules/source_control/subversion.py.
* Add a test.

Co-authored-by: Sam Doran <sdoran@redhat.com>
2020-04-13 10:21:10 -04:00
Zhanwei Wang
1097694355
get_url pass incorrect If-Modified-Since header(#67417) (#67419)
Fix #67417. HTTP header value of `If-Modified-Since` set by `get_url` does not follow HTTP protocol.
2020-04-10 12:17:55 -05:00
Matt Clay
a095172130 Fix ansible-test --docker without tests dir. 2020-04-09 18:12:21 -07:00
Matt Martz
d86d20a378
Fix label lookup in the default callback for includes (#68822)
* Replace included_file._args w/ included_file._vars

* Fix item value in output of include_tasks loop

Signed-off-by: Yadnyawalk Tale <ytale@redhat.com>

* Update tests for loop callback fix. Add changelog

Co-authored-by: Yadnyawalk Tale <ytale@redhat.com>

Fixes #65904
Fixes #66018
2020-04-09 13:27:58 -05:00
Abhijeet Kasurde
0f8937f2ed
basic: Update required library message (#68657)
Updated missing_required_lib API message.

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-04-09 11:49:04 -04:00
Felix Fontein
bae5f18f5c
ansible-test: don't trigger full CI run for changes to changelogs/ and docs/ in collections (#68550)
* Don't trigger full CI run for changes to changelogs/ and docs/ in collections.

* Add changelog fragment.

* Update changelogs/fragments/68550-ansible-test-docs-changelogs.yml

Co-Authored-By: Matt Clay <matt@mystile.com>

Co-authored-by: Matt Clay <matt@mystile.com>
2020-04-09 02:53:34 -07:00
Rick Elrod
38b7ceb75a
Update docker.txt to use the OpenSUSE 15.1 container image (devel edition) (#68785)
* Update docker.txt to use the OpenSUSE 15.1 container image

Signed-off-by: Rick Elrod <rick@elrod.me>

* handle installing mysql on suse

Signed-off-by: Rick Elrod <rick@elrod.me>

* add changelog fragment

Signed-off-by: Rick Elrod <rick@elrod.me>

* Update changelogs/fragments/ansible-test-opensuse-15.1.yml

Co-Authored-By: Matt Clay <matt@mystile.com>

Co-authored-by: Matt Clay <matt@mystile.com>
2020-04-09 00:26:59 -07:00
Matt Clay
04edd77c42
Update tests to use RHEL 7.8. (#68787)
* Update tests to use RHEL 7.8.

Keeping support for RHEL 7.6 since collections are still using it.

* Fix tests for RHEL 7.7+ due to extras repo name change.
2020-04-08 21:09:52 -07:00
Chris Holland
c9c1146cc8
dnf: remove un-needed function (#68482) 2020-04-08 20:36:28 +02:00
Brian Coca
ba87c225cd
fixed fetch traversal from slurp (#68720)
* fixed fetch traversal from slurp

  * ignore slurp result for dest
  * fixed naming when source is relative
  * fixed bug in local connection plugin
  * added tests with fake slurp
  * moved existing role tests into runme.sh
  * normalized on action excepts
  * moved dest transform down to when needed
  * added is_subpath check
  * fixed bug in local connection

fixes #67793

CVE-2019-3828
2020-04-08 14:28:51 -04:00
Matt Martz
087be1da50
Allow tasks to notify a fqcn handler name (#68213)
* Allow tasks to notify a fqcn handler name

* Add tests. Fixes #68181

* Add changelog fragment

* Add test to ensure handlers are deduped properly with fqcn, role, and just handler names

* Add some docs about new special vars
2020-04-08 11:36:38 -05:00
Toshio Kuratomi
4f8e98d322 Update changelogs/fragments/allow-fail-json-msg-to-be-positional.yaml
Co-Authored-By: Matt Martz <matt@sivel.net>
2020-04-08 07:56:11 -07:00
Toshio Kuratomi
e0e7713fd8 Fix yaml in changelog 2020-04-08 07:56:11 -07:00
Toshio Kuratomi
6531ba38f8 Allow the msg argument to fail_json() to be a positional argument
fial_json() requires a message be given to it to inform the end user of
why the module failed.  Prior to this commit, the message had to be a
keyword argument:

    module.fail_json(msg='Failed due to error')

Since this is a required parameter, this commit allows the message to be
given as a positional argument instead:

   module.fail_json('Failed due to an error')
2020-04-08 07:56:11 -07:00
Matt Clay
148e83f832
Fix ansible-test submodule handling. (#68759)
* Refactor ansible-test integration test.
* Add env --list-files option.
* Add tests for collection files tracked by git.
* Fix ansible-test submodule usage on older git.
* Fix submodule directory detection as files.
* Improve handling of nested source control.
2020-04-08 01:15:49 -07:00
Rick Elrod
13aef3c2e5
Add --docker-terminate flag to ansible-test (#68688)
* Add --docker-terminate flag to ansible-test

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-04-06 20:38:29 -05:00
Rick Elrod
4916be24fd
[git] make force=True apply to git fetches (#68691)
Fixes #67972

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-04-06 15:25:24 -05:00
Matt Martz
123c624b28
Always set the discovered interpreter on the delegated host (#64906)
* Always set the discovered interpreter on the delegated host. Fixes #63180

* Make code a little more generic

* Move code into a function

* Implement some changes based on reviews

* Add changelog fragment
2020-04-06 15:09:00 -05:00
Rick Elrod
82c60db49b
pip - Fix check_mode for prerelease packages (#68690)
* pip - Fix check_mode for prerelease packages

Fixes #68592.

Signed-off-by: Rick Elrod <rick@elrod.me>
Co-authored-by: Matt Martz <matt@sivel.net>
2020-04-06 11:18:48 -05:00
Brian Coca
28f9fbdb5e
safely use vault to edit secrets (#68644)
* when possible, use filedescriptors from mkstemp to avoid race
  * when using path strings, ensure we are always creating the file

CVE-2020-1740
Fixes #67798

Co-authored-by: samdoran
2020-04-03 10:19:01 -04:00
Jordan Borean
ae1cd27b57
WebRequest - Fix use_proxy: no on module options (#68603)
* WebRequest - Fix use_proxy: no on module options

* Fix up changelog fragment
2020-04-02 07:17:50 +10:00
Matt Martz
f5178f9705
Reap collections changelog fragments - 5 (#68618)
* Reap collections changelog fragments - 5

* One more
2020-04-01 12:52:53 -05:00
Jordan Borean
6db66bcadd
Add relative module_util support for powershell (#68321)
* Add relative module_util support for powershell

* Added ansible-test classification support
2020-04-01 09:01:18 +10:00
Jordan Borean
a20a527014
ansible-galaxy - Fix tar path traversal issue during install - CVE-2020-10691 (#68596) 2020-04-01 06:39:02 +10:00
Andre Lehmann
a3d6b6bc48
Add pacman support to package_facts (#66596)
* Add pacman support
2020-03-31 13:03:54 -04:00
Matt Martz
d8d7a30ea6
Reap collections changelog fragments - 4 (#68570)
* Reap collections changelog fragments - 4

* Reap collections changelog fragments - 4
2020-03-30 14:57:37 -05:00
Matt Martz
2c294d0cbf
Reap collections changelog fragments - 3 (#68567) 2020-03-30 14:28:50 -05:00
Matt Martz
af27d1a5ad
Reap collections changelog fragments - 2 (#68565) 2020-03-30 14:06:08 -05:00
Matt Martz
5c7746e521
Remove changelog entries related to content that has migrated to collections (#68498)
* Reap changelog fragments

* remove changelogs/fragments/60510-k8s-apply-check-mode.yml

* Reap more

* Reap a few more
2020-03-30 11:47:53 -05:00
Matt Clay
735885d57c Fix ansible-test requirements installation. 2020-03-29 08:46:25 -07:00
Matt Clay
c888035e02
Update Ubuntu 18.04 test container to 1.13. (#68534) 2020-03-28 17:35:21 -07:00
Brian Coca
1570098e86
fallback to uid when no uname (#68466)
* fallback to uid when no uname

 fixes #68007

Co-Authored-By: Matt Clay <matt@mystile.com>
2020-03-27 22:09:51 -04:00
Rick Elrod
835ad75a0a
add test coverage for core filters (#68518)
Also remove now-useless exception handling.
2020-03-27 17:18:27 -07:00
Graham Mainwaring
2068131589
Fix colorization to not extend across newline boundary (#68517)
* Fix colorization to not extend across newline boundary

* Fix unit test to look for the newline outside the coloration

* Add changelog fragment
2020-03-27 17:10:38 -07:00
Matt Clay
53a3d1ffdb Fix ansible-test change detection traceback. 2020-03-27 15:56:02 -07:00
Matt Clay
d8b5c11a63 Report error for coverage 5+ in ansible-test. 2020-03-27 12:29:02 -07:00
Matt Clay
27fc049993
Fix ansible-test code coverage collection. (#68502)
The last task in a play should now properly report code coverage.

This change should also eliminate empty coverage files, as well as incomplete coverage files resulting from early worker termination.
2020-03-27 12:24:08 -07:00
Rick Elrod
3c3ffc09c2
Fix and add tests for some module_utils.common.validation (#67771)
* Fix test_check_mutually_exclusive exception-checking

Asserting inside of the `with` context of `pytest.raises`
doesn't actually have any effect. So we move the assert
out, using the exception that gets placed into the scope
after we leave the context, and ensure that it actually gets
checked.

This is also what the pytest documentation says to do:
https://docs.pytest.org/en/latest/assert.html#assertions-about-expected-exceptions

Signed-off-by: Rick Elrod <rick@elrod.me>

* Add some tests for check_required_together

Signed-off-by: Rick Elrod <rick@elrod.me>

* use to_native instead of str, for consistency

Signed-off-by: Rick Elrod <rick@elrod.me>

* Add newlines for pep8

Signed-off-by: Rick Elrod <rick@elrod.me>

* Add tests for check_required_arguments

Signed-off-by: Rick Elrod <rick@elrod.me>

* Sort missing keys in error message, since hashes are unsorted and this can be random

Signed-off-by: Rick Elrod <rick@elrod.me>

* Add changelog entry

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-03-26 18:18:56 -05:00
Brian Coca
6452a82452
fix vault temp file handling (#68433)
* fix vault tmpe file handling

 * use local temp dir instead of system temp
 * ensure each worker clears dataloader temp files
 * added test for dangling temp files
 * added notes to data loader

CVE-2020-10685
2020-03-25 15:24:04 -04:00
Jordan Borean
e12cea2c7c
ansible-test - fix up powershell module_util analysis for collections (#68422) 2020-03-24 23:44:50 -07:00
Jordan Borean
a2deeb8fa2
ansible-galaxy - add download option (#67632)
* ansible-galaxy - add download option

* Fix sanity issues and added integration tests

* Fix doc suggestions

* Added --pre option
2020-03-25 08:32:43 +10:00
Jordan Borean
127d54b363
galaxy - preserve mode properly on artifact (#68418)
* galaxy - preserve mode properly on artifact

* Fix py2 encoding issue

* Update lib/ansible/galaxy/collection.py

Co-Authored-By: Matt Clay <matt@mystile.com>

* Use sane defaults instead of sourcing from tarfile

Co-authored-by: Matt Clay <matt@mystile.com>
2020-03-25 08:08:23 +10:00
Brian Coca
a9d2ceafe4
prevent ansible_facts injection (#68431)
- also only replace when needed
 - switched from replace to index
 - added test to verify bogus_facts are not accepted

CVE-2020-10684
2020-03-24 15:46:56 -04:00
Martin Krizek
550e021cd2
ansible_native_concat: use to_text rather than jinja2's text_type (#68038)
jinja2._compat.text_type has been removed in jinja2's master branch so
use ansible's to_text instead.
2020-03-24 12:03:31 +01:00
Matt Martz
8d8c73729f
Merge pull request #67093 from sivel/acd-content-dir
Add content dir where Ansible will look for the content provided by ACD
2020-03-23 23:30:40 +01:00
Rick Elrod
dbd8d0a492
Pull timezone's incidental file coverage into file tests (#68247)
* Remove some unreachable code in the file module

Remove some cases in file.py which are covered by conditionals a few
lines earlier. Remove the duplicate code which will never be hit.

Signed-off-by: Rick Elrod <rick@elrod.me>

* Restore incidental file coverage from timezone module

Signed-off-by: Rick Elrod <rick@elrod.me>

* Combine two conditionals, add a changelog entry

Signed-off-by: Rick Elrod <rick@elrod.me>

* Make new test syntax consistent, add two stat tests

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-03-23 15:28:53 -07:00
Matt Martz
d3ec31f8d5
Support pre-releases via new SemanticVersion (#68258)
* Support pre-releases via new SemanticVersion. Fixes #64905

* Don't treat buildmeta as prerelease

* Don't inherit from str and int

* Add helper method to try and construct a SemanticVersion from a LooseVersion

* Don't count major 0 as pre-release, it's different

* Guard against invalid or no version in LooseVersion

* return a bool

* Add integration tests for pre-release

* Fix up lingering issues with comparisons

* typo fix

* Always allow pre-releases in verify

* Move pre-release filtering into CollectionRequirement, add messaging when a collection only contains pre-releases

* Update changelog

* If explicit requirement allow pre releases

* Enable pre-releases for tar installs, and collections already installed when they are pre-releases

* Drop --pre-release alias, make arg name more clear

* Simplify code into a single line

* Remove build metadata precedence, add some comments, and is_stable helper

* Improve from_loose_version

* Increase test coverage

* linting fix

* Update changelog
2020-03-23 16:04:07 -05:00