Commit graph

30642 commits

Author SHA1 Message Date
Kenyon Ralph
91d02e1c1f
constructed inventory plugin: correct example (#69165)
Fixed 'intersect' filter name in constructed inventory plugin example.
2020-04-27 12:04:51 +05:30
Chih-Hsuan Yen
bd4fdb1ca2
service_facts: fix for systemd 245 (#68211)
* service_facts: fix for systemd 245

Since systemd 245, `systemctl list-unit-files` comes with a new column
"VENDOR PRESET" [1] and breaks the service_facts module:

$ ansible localhost -m service_facts
localhost | FAILED! => {
    "changed": false,
    "msg": "Malformed output discovered from systemd list-unit-files: auditd.service                             disabled        disabled     "
}

This patch drops the third column to make it work with old and new
systemd. With the new slice operation, IndexError instead of ValueError
is raised if the output contains less than 2 columns.

Test plan: running `ansible-test integration -v service_facts` on
up-to-date Arch Linux

[1] https://github.com/systemd/systemd/pull/14445

* add changelog

Signed-off-by: Rick Elrod <rick@elrod.me>

Co-authored-by: Rick Elrod <rick@elrod.me>
2020-04-24 18:26:42 -05:00
anshulbehl
42cc3fa923
collection build should ignore .git files (#68750) 2020-04-23 15:27:19 -04:00
Sylvia van Os
3f47610d94
Don't crash ansible-vault create when no arguments (#68667)
* Don't crash ansible-vault create when no arguments

* Add changelog entry
2020-04-23 15:15:25 -04:00
Jordan Borean
813ea48fcf
Bring back more objects that were exposes in _text (#69090) 2020-04-24 04:56:59 +10:00
Jesse Pretorius (odyssey4me)
da390b297e [pip] Enable virtualenv_command to have arguments
Currently if virtualenv_command has arguments, then the
search for the binary in the path does not work so the
user has to specify the full path to it.

To allow arguments to be used without having to specify
the path to the binary, we split the module argument into
the command and anything after the first space.

This makes using this module argument more flexible and
user friendly.

Fixes: #52275
2020-04-23 18:13:30 +02:00
Matt Martz
f27c417fc4
Use Templar for galaxy skeletons (#69106)
* Use Templar for galaxy skeletons. Fixes #69104

* Update checksum, our templar doesn't remove trailing newline, jinja2 seems to remove it
2020-04-23 10:36:14 -05:00
Adam Miller
8b30360ca9
fixed handling of releasever for all known scenarios (#69057)
Signed-off-by: Adam Miller <admiller@redhat.com>
2020-04-23 09:02:00 +02:00
Rick Elrod
cace616aab
Filter BLACKLIST_EXTS in PluginLoader (#69029)
Change:
Rather than hardcoding .pyo and .pyc, filter on all BLACKLIST_EXTS in
the non-legacy logic of PluginLoader (_find_fq_plugin). The two harcoded
extensions are part of BLACKLIST_EXTS already and this simply adds the
rest of the blacklisted extensions to the check.

In addition, check .endswith() instead of an exact match of the suffix,
like everywhere else that uses BLACKLIST_EXTS. This allows for
blacklisting, for example, emacs's backup files which can appear after
any extension, leading to things like `foo.py~`.

Test Plan:
Ran `ansible-playbook` against a collection where a `foo.py~` module was
getting executed instead of `foo.py` which also appeared in the same
directory. `foo.py~` is no longer executed.

Tickets:
Fixes #22268
Refs #27235

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-04-22 17:20:12 -05:00
Matt Martz
da98fc267a
Allow a collection role to call a standalone role by default (#69102)
* Allow a collection role to call a standalone role by default. Fixes #69101

* tweaked changelog text

* Guard against NoneType

Co-authored-by: Matt Davis <nitzmahone@users.noreply.github.com>
2020-04-22 13:58:08 -05:00
rwagnergit
977b58740b
update ActionBase._low_level_execute_command to honor executable (#68315)
* update ActionBase._low_level_execute_command to honor executable

* adding changelog fragment

* renaming changelog fragment to .yml

* noop change to bump shippable

* adding raw_executable integration test

* copying aliases from raw

* removing blank lines

* skipping aix and freebsd

* noop to bump shippable

* moving tests to raw/

* removing become_method: sudo ; it doesn't work on AIX

* removing trailing blank line

* forcing become_method: su to try to get AIX to work

Co-authored-by: Rob Wagner <rob.wagner@sas.com>
2020-04-22 11:56:35 -05:00
David Shrewsbury
af44bd4ddd
Fix --start-at-task when skipping tasks with no name (#68951)
Using --start-at-task on a playbook with tasks with no name would fail
if those unnamed tasks were encountered before the targetted start task.
2020-04-21 09:39:17 +02:00
Martin Krizek
cb389f6c31
Prevent rewriting nested Block's data in filter_tagged_tasks (#68337)
This patch fixes the issue where nested Block copies were created from
incorrect Block object. This resulted in nested Blocks data like ``name``
or ``_uuid`` to contain values from the Block the filter_tagged_tasks
method was called on.
2020-04-21 09:36:35 +02:00
Robert de Bock
fd8b874273
Update docs, pointing to an existing chapter. (#69026)
The chapter that described more information about become to an unprivileged user has moved. This commit points to an existing chapter

Relates to #69021
2020-04-18 07:52:29 -05:00
Brian Coca
561725bace
corrected comment (#69006) 2020-04-17 16:07:26 -05:00
Brian Coca
d3cab602a5
Fix fileglob when using 'file*' vs 'stuff/file*' (#68945)
* Fix fileglob when using 'file*' vs 'stuff/file*'

 when not having dir in glob, files/ subdir was being ignored.

* tests for fileglob
2020-04-17 09:51:05 -04:00
Martin Krizek
acdc9eb76d
native types: literal_eval all the things (#68938)
With https://github.com/pallets/jinja/pull/1190 merged our short-circuit
is no longer valid (has it ever been?) as now data like ' True ' may go
through our ansible_native_concat function as opposed to going through
intermediate call to Jinja2's native_concat before. Now we need to always
send data through literal_eval to ensure native types are returned.
2020-04-17 14:59:52 +02:00
Abhijeet Kasurde
3591451bc7
include_role: Strictly check string datatype for *_from (#68958)
Strictly check string datatype for 'tasks_from', 'vars_from',
'defaults_from', and 'handlers_from' in include_role

Fixes: #68515

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-04-17 10:57:41 +05:30
Jordan Borean
79fff7da69
Expose to_<str> as a public function (#68965)
* Expose to_<str> as a public function

* Fix sanity checks

* Move docstring to start of util
2020-04-17 07:54:00 +10:00
Brian Coca
e4ea6a15b0
import where? (#68943) 2020-04-16 17:41:23 -04:00
Brian Coca
ac509d489b
Revert "stricter permissions on atomic_move when creating new file (#68970)" (#68983)
This reverts commit 566f2467f6.
2020-04-16 12:52:15 -04:00
Brian Coca
566f2467f6
stricter permissions on atomic_move when creating new file (#68970)
fixes #67794
  updated some tests that expected previous defaults
  CVE-2020-1736
2020-04-16 09:06:18 -04:00
Jordan Borean
de6b047fc3
Add variable for DEFAULT_NO_TARGET_SYSLOG (#68971)
* Add variable for DEFAULT_NO_TARGET_SYSLOG

* Added version_added to new var
2020-04-16 20:25:09 +10:00
Jordan Borean
702949e64c
windows - fix up env var quoting for unicode single quotes (#68968)
* windows - fix up env var quoting for unicode single quotes

* Add sanity ignore check for smart quotes
2020-04-16 20:24:23 +10:00
Jordan Borean
cce6153cd1
Remove unused functions (#68969) 2020-04-16 13:01:20 +10:00
Sam Doran
cdb24e0078
ansible-galaxy - fix listing specific role and role description (#67409)
* ansible-galaxy - fix listing specific role

If the role was not in the first search path, it was reported as not found

* Properly display role description

Default to description to top level description, falling back to the description from within galaxy_info

* Display proper message when a role does not exist

* Add integration tests

* Use context manager

* BSD and macOS ruining all the fun
2020-04-15 15:26:45 -04:00
Felix Fontein
d3d301e776
Adjust openssl_certificate* module names (ansible-collections/community.crypto#7) (#68719) 2020-04-14 16:52:44 -05:00
Martin Krizek
ff1ba39c8a
Prevent templating unused variables for {%include%} (#68749)
Fixes #68699
2020-04-14 10:27:02 +02:00
Mads Jensen
eaf648e600
Use context manager in yum module. (#65376) 2020-04-14 09:21:22 +02:00
Brian Coca
8077d8e401
avoid mkdir -p (#68921)
* also consolidated temp dir name generation, added pid for more 'uniqness'
* generalize error message
* added notes about remote expansion

CVE-2020-1733
fixes #67791
2020-04-13 17:16:29 -04:00
David Shrewsbury
18a66e291d
Force collections to be static (#68723)
* Force collections to be static

Templating of collection names does not work at all. Force them to
be static so that a warning is generated for the user.

* Add collectionsearch unit test and fix for reviews

New unit test validates the new _load_collections() code and moves
the new check to the end of the method.

* Change unit test to pytest

* Adjust unit test to use capsys instead of monkeypatch

* Fix pep8 error

* Add changelog fragment

Closes #68704
2020-04-13 11:53:05 -05:00
Sloane Hertel
d91658ec0c
subversion module - provide password securely when possible or warn (#67829)
* subversion module - provide password securely with svn command line option --password-from-stdin when possible, and provide a warning otherwise.
* Update lib/ansible/modules/source_control/subversion.py.
* Add a test.

Co-authored-by: Sam Doran <sdoran@redhat.com>
2020-04-13 10:21:10 -04:00
Zhanwei Wang
1097694355
get_url pass incorrect If-Modified-Since header(#67417) (#67419)
Fix #67417. HTTP header value of `If-Modified-Since` set by `get_url` does not follow HTTP protocol.
2020-04-10 12:17:55 -05:00
Abhijeet Kasurde
25650cb592
Updating routing data for gcp_kms_* filters (#68807)
gcp_kms_encrypt and gcp_kms_decrypt located in
google.cloud collection and not in community.general collection

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-04-10 16:25:17 +01:00
Jeff Geerling
3b5ba22f52
Fixes #68121: Move kubectl plugin migration to proper place. (#68122) 2020-04-10 16:24:52 +01:00
Matt Martz
d86d20a378
Fix label lookup in the default callback for includes (#68822)
* Replace included_file._args w/ included_file._vars

* Fix item value in output of include_tasks loop

Signed-off-by: Yadnyawalk Tale <ytale@redhat.com>

* Update tests for loop callback fix. Add changelog

Co-authored-by: Yadnyawalk Tale <ytale@redhat.com>

Fixes #65904
Fixes #66018
2020-04-09 13:27:58 -05:00
Abhijeet Kasurde
0f8937f2ed
basic: Update required library message (#68657)
Updated missing_required_lib API message.

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-04-09 11:49:04 -04:00
Jordan Borean
780067e6a1
url_windows - Add not around no redirection for auth headers (#68791) 2020-04-09 11:46:54 -04:00
Rick Elrod
4e3068dd5e
reroute zabbix to its dedicated collection (#68806)
Refs https://github.com/ansible-collections/community.general/pull/11
Refs https://github.com/ansible-collections/community.zabbix/pull/1

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-04-09 10:12:00 -05:00
Jordan Borean
6f8a1d083e
patch is in ansible.posix part deux (#68796) 2020-04-09 07:14:01 +01:00
Rick Elrod
9b43a57916
Add some missing dmi facts when we use dmidecode (#68756)
On OSes where we fall back to dmidecode (freebsd and linux currently),
add some missing fields that dmidecode provides when it is able.

Closes #59317.

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-04-09 00:33:11 -05:00
Chris Holland
c9c1146cc8
dnf: remove un-needed function (#68482) 2020-04-08 20:36:28 +02:00
Brian Coca
ba87c225cd
fixed fetch traversal from slurp (#68720)
* fixed fetch traversal from slurp

  * ignore slurp result for dest
  * fixed naming when source is relative
  * fixed bug in local connection plugin
  * added tests with fake slurp
  * moved existing role tests into runme.sh
  * normalized on action excepts
  * moved dest transform down to when needed
  * added is_subpath check
  * fixed bug in local connection

fixes #67793

CVE-2019-3828
2020-04-08 14:28:51 -04:00
Matt Martz
087be1da50
Allow tasks to notify a fqcn handler name (#68213)
* Allow tasks to notify a fqcn handler name

* Add tests. Fixes #68181

* Add changelog fragment

* Add test to ensure handlers are deduped properly with fqcn, role, and just handler names

* Add some docs about new special vars
2020-04-08 11:36:38 -05:00
Toshio Kuratomi
6531ba38f8 Allow the msg argument to fail_json() to be a positional argument
fial_json() requires a message be given to it to inform the end user of
why the module failed.  Prior to this commit, the message had to be a
keyword argument:

    module.fail_json(msg='Failed due to error')

Since this is a required parameter, this commit allows the message to be
given as a positional argument instead:

   module.fail_json('Failed due to an error')
2020-04-08 07:56:11 -07:00
Rick Elrod
4916be24fd
[git] make force=True apply to git fetches (#68691)
Fixes #67972

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-04-06 15:25:24 -05:00
Matt Martz
123c624b28
Always set the discovered interpreter on the delegated host (#64906)
* Always set the discovered interpreter on the delegated host. Fixes #63180

* Make code a little more generic

* Move code into a function

* Implement some changes based on reviews

* Add changelog fragment
2020-04-06 15:09:00 -05:00
Rick Elrod
82c60db49b
pip - Fix check_mode for prerelease packages (#68690)
* pip - Fix check_mode for prerelease packages

Fixes #68592.

Signed-off-by: Rick Elrod <rick@elrod.me>
Co-authored-by: Matt Martz <matt@sivel.net>
2020-04-06 11:18:48 -05:00
Sumit Jaiswal
f921b1e3bd
asa_facts (#68076) 2020-04-06 19:32:54 +05:30
Brian Coca
28f9fbdb5e
safely use vault to edit secrets (#68644)
* when possible, use filedescriptors from mkstemp to avoid race
  * when using path strings, ensure we are always creating the file

CVE-2020-1740
Fixes #67798

Co-authored-by: samdoran
2020-04-03 10:19:01 -04:00