When enumerating connections with psutil, catch and ignore errors to avoid returning a stack trace.
Co-authored-by: Matt Martz <matt@sivel.net>
(cherry picked from commit fb09fd2a23)
* [stable-2.10] systemd - fix issue with capbpf and newer kernel (#72337)
A bug existed in systemd 245 that did not properly handle unknown kernel
capabilities gracefully. This resulted in incomplete output when querying
for the service status. It is possible to get service status by other means.
This PR works around this issue by getting service status using other commands
in the event of a failure due to this bug.
(cherry picked from commit db84e2c989)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* [stable-2.10] systemd - use list-unit-files rather than list-units (#72363)
list-unit-files will return all files on the system. list-units omits those
that are disabled.
Co-authored-by: Ken Dreyer <ktdreyer@ktdreyer.com>
(cherry picked from commit d6115887fa)
* systemd - account for templated unit files when searching for service (#72702)
Related to issue #71528 and PR #72337
Co-authored-by: Martin Polden <mpolden@mpolden.no>
(cherry picked from commit a788ea0132)
* ansible-doc: export has_action when --json is used.
* Remove docuri and now_data, which were not used resp. ignored in format_plugin_doc and the functions it calls anyway.
* Add function _combine_plugin_doc.
(cherry picked from commit 4fb336cef1)
* Fix missing ansible.builtin FQCNs in hardcoded action names (#71824)
* Make sure hard-coded action names also check for FQCN.
* Use _add_internal_fqcn() to avoid hardcoded lists and typoes.
(cherry picked from commit da60525610)
* Replace some more FQCNs.
(cherry picked from commit 72302dd611)
* Support docker and k8s action groups for moved modules in community.docker and community.kubevirt.
* Also support k8s action group for community.okd.
* Also add kubernetes.core.
* Fix changelog fragment.
* Remove community.okd.
* Revert "Remove community.okd."
This reverts commit 812b5aa6e2.
(cherry picked from commit c7a4b39633)
* file: add symlink is in a sticky directory tests
* file: handle symlink in a sticky directory
Co-Authored-By: Sviatoslav Sydorenko <wk.cvs.github@sydorenko.org.ua>
* Add changelog and fix unit test
The builtins import was removed since it was unused, but it is now needed.
(cherry picked from commit b464d18fd1)
Co-authored-by: Pilou <pierre-louis.bonicoli@libregerbil.fr>
* The implicit default for type=bool options is not 'false', but 'none' (#72699)
* Fix modules, resp. add ignore.txt entries.
(cherry picked from commit 5226ac5778)
* Add ignore.txt entries and fix deprecated option that was already removed in 2.11.
* Improve deprecations (#72697)
* Remove space before comma in '... bla , use ...'
* 'why' is inserted in the middle of a sentence, between two commas.
* Make deprecations from base.yml show source ansible-core.
* Add changelog fragment.
* Improve some more 'why's.
* Add PR URL to fragment.
(cherry picked from commit f569d80fde)
* 2.10 is ansible-base, not ansible-core
The recently released version of cffi fails to install on systems with an older version of gcc. In
our case, this in the CentOS 6 test image. There is a fix but it has not yet been released.
https://foss.heptapod.net/pypy/cffi/-/issues/480
(cherry picked from commit 1db9588279)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* Fix super annoying Python 2.6 multiprocessing.Queue stack trace in CI
A bug exists in Python 2.6 that sometimes raises an exception during interpreter shutdown. We
encounter this frequently in our CI since we run tests on CentOS 6 as the control node, which
has Python 2.6.6 with this bug.
This PR adds a very minor sleep only on Python 2.6 which gets around this issue. I did lot of testing
using a standalon script I found that easily duplicated the issue to find the minimum sleep value
needed to avoid this issue.
CPython issue: https://bugs.python.org/issue4106
Fix in CPython: https://hg.python.org/cpython/rev/d316315a8781
* Use correct attribute
(cherry picked from commit bbef250c2b)
Co-authored-by: Sam Doran <sdoran@redhat.com>
A new `--export` option for `ansible-test coverage combine` allows multi-step aggregation of code coverage for CI pipelines.
(cherry picked from commit fa2be89cd4)
Co-authored-by: Matt Clay <matt@mystile.com>
Change:
- Bump default, ansible-base, distro containers
- We do NOT add fedora33 yet, because it doesn't work right on Shippable
due to an old kernel. This will be added post-AZP.
Test Plan:
- CI
Signed-off-by: Rick Elrod <rick@elrod.me>
(cherry picked from commit e7bf0696ef)
* [stable-2.10] [dnf] Some fixes around filtering (#72483)
Change:
- Docs: Add note that security/bugfix apply to dependencies too, like
the dnf command.
- dnf: security/bugfix only makes sense for updates, so limit the
package query sack to available updates.
- tests: Limit tests to our known-good test packages, so that RHEL
packages marked security/bugfix without similarly marked dependencies
don't fail our tests.
Test Plan:
- Tested with `dnf upgrade-minimal --bugfix` and reproduced the same
error currently seen in CI, showing that we are consistent with what
dnf does.
Tickets:
- Likely fixes#72316
Signed-off-by: Rick Elrod <rick@elrod.me>
(cherry picked from commit d8c637da37)
Co-authored-by: Rick Elrod <rick@elrod.me>
* Add changelog (#72502)
(cherry picked from commit b33d7e2e29)
Co-authored-by: Rick Elrod <rick@elrod.me>
* GitHub is removing the underlying API used to implement the `login` command. Since the general consensus seems to be that relatively nobody currently uses this command (in favor of explicit token passing), support was simply removed for interactive login. If a future need arises, this command should be reimplemented via OAuth Device Auth Grants.
* login or role login commands now produce a fatal error with a descriptive message
* updated 2.10 porting guide entry
* remove dead code/config, update messages and porting guides
(cherry picked from commit 83909bfa22)
Change:
- Cryptography 3.2 drops support for OpenSSL 1.0.2. Some of our CI
infrastructure still uses this version (FreeBSD, namely). For now,
just add a constraint to use old cryptography.
Test Plan:
- CI
Signed-off-by: Rick Elrod <rick@elrod.me>
* Fix various sanity errors in plugins (#71736)
* Fix various sanity errors in plugins.
* Revert callback_type -> type transform.
* Undo paramiko_ssh 'connection' change, since this discrepancy is hardcoded in the plugin loader.
* Standardize on name and type (for callbacks).
* Fix existing author entries.
* Add 'Unknown (!UNKNOWN)' as author when author is missing.
* These are actually parsed as integers in the code.
* Revert "Add 'Unknown (!UNKNOWN)' as author when author is missing."
This reverts commit 29d1438aca.
(cherry picked from commit aff78f4cbc)
* Undo potentially disrupting normalizations.
* Add changelog fragment for #71736. (#72323)
(cherry picked from commit 0b2b82c0b6)
AnsibleModule.run_command returns a tuple of return code, stdout and stderr.
The module main function of the user module expects user.create_user to
return a tuple of return code, stdout and stderr.
Fix the locations where stdout and stderr got reversed.
Co-authored-by: Ruediger Pluem <53253255+rpluem-vf@users.noreply.github.com>
* fixes missing set_options call and adhoc and stdout processing rules
* avoid dupes
* fixed to handle redirects
* also updated tests with new and more accurate skip message
* fix callback tests for envs with cowsay installed
* lots MOAR comments on why the code is as it is, some todos to refactor in future
Change:
- Previously when `security: true` and `bugfix: true` were both given,
only security updates would get applied. Filters now accumulate so
that both get applied in this case.
Test Plan:
- New integration tests for both check_mode and not. These tests make
use of a contrived yum repository which is stored in S3.
Tickets:
- Fixes#70854
Signed-off-by: Rick Elrod <rick@elrod.me>
Co-authored-by: Matt Martz <matt@sivel.net>
Co-authored-by: Matt Martz <matt@sivel.net>
(cherry picked from commit fdf80690e4)
* Fix ansible-test docker container detection.
* Attach test containers to the correct network.
* Do not assume `localhost` for accesing Docker.
* Look for containers on current network.
* Always map /var/run/docker.sock into containers.
This fixes issues when using a remote Docker host.
* Support container IP lookup from networks list.
* Fix container network attachment.
* Remove redundant container detection messages.
* Limit DOCKER_HOST parsing to TCP.
* Restore docker socket existence check.
The check is skipped if the docker hostname is not localhost.
* Correct changelog entry..
(cherry picked from commit 3c2e8b99be)
Co-authored-by: Matt Clay <mclay@redhat.com>
* AnsibleVaultEncryptedUnicode should be considered a string
* linting fix
* clog frag
(cherry picked from commit 48f12c14e9)
Co-authored-by: Matt Martz <matt@sivel.net>
The luseradd / lusermod commands do not support the -e option. Set
the expiry time in this case via lchage after the user was
created / modified.
Fixes: #71942
In Python3 math.floor returns an integer whereas Python2 returns a float.
Hence always convert the result of math.floor to an int to ensure that
lexpires is an integer.
Move local expires tests in a separate file and import the tasks to the
main.yml to keep main.yml smaller.
(cherry picked from commit a7170da851)
* Add changelog fragment.
* Use correct field that's expected by lib/ansible/cli/__init__.py..
* Add basic unit tests.
(cherry picked from commit 1107aace1b)
b6b238a fixed the SLES4SAP detection, which was at this time ok.
Sadly Suse changed with SLES 15 the /etc/os-release file, so the above
change will no longer work.
This commit updates the SLES4SAP detection regarding
https://www.suse.com/support/kb/doc/?id=000019341.
The symlink realpath is matched with endswith, because in SLES 12+ the
link target is SLES_SAP.prod, but in SLES 11 the link target is
SUSE_SLES_SAP.prod.
(cherry picked from commit ea119d3089)
Change:
- Previously, we only showed that something would have changed, not what
would have changed. This allows us to show what will chang as well.
Test Plan:
- Local RHEL8 VM
- New integration tests
Tickets:
- Fixes#66132
Signed-off-by: Rick Elrod <rick@elrod.me>
(cherry picked from commit 7d32129efb)
This allows collections to specify requirements and constraints for packages that ansible-test has requirements or constraints for.
(cherry picked from commit 5f76bd2af7)
Co-authored-by: Matt Clay <matt@mystile.com>
* Make Azure Pipelines resource_prefix lowercase.
* Make classification of CI files consistent.
* Update package-data sanity test for AZP.
(cherry picked from commit 92b66e3e31)
Co-authored-by: Matt Clay <mclay@redhat.com>
