Commit graph

5824 commits

Author SHA1 Message Date
David L Ballenger
970d7cadb7 Add ssh_host support for MacOSX El Capitan.
OS X El Capitan moved the /etc/ssh_* files into /etc/ssh/. This fix
adds a distribution version check for Darwin to set the keydir
appropriately on El Capitan and later.
2015-12-08 07:11:02 -08:00
Toshio Kuratomi
c8fd599e14 Merge pull request #13373 from no2a/boolean
BOOLEAN should contain boolean literals
2015-12-04 12:17:12 -08:00
Toshio Kuratomi
0434644d12 Transform exceptions into ansible messages via to_unicode instead of str to avoid tracebacks.
Fixes #13385
2015-12-04 11:50:39 -08:00
James Cammarata
84507aedd4 Adding a uuid field so we can track host equality across serialization too 2015-12-04 13:33:27 -05:00
James Cammarata
750adbaa27 Changing up how host (in)equality is checked
Fixes #13397
2015-12-04 12:57:46 -05:00
Toshio Kuratomi
e385c91fa5 Update submodule refs# 2015-12-04 09:57:06 -08:00
Brian Coca
d5446f9804 fixed ansible-pull broken options
* sudo was not working, now it supports full become
* now default checkout dir works, not only when specifying
* paths for checkout dir get expanded
* fixed limit options for playbook
* added verbose and debug info
2015-12-03 20:47:02 -08:00
Brian Coca
e1c62fb5af reverted to previous pull checkout dir behaviour
This fixes bugs with not finding plays when not specifying checkout dir
Also makes it backwards compatible
2015-12-03 19:42:05 -08:00
Brian Coca
8d5f36a6c2 return unique list of hosts 2015-12-03 19:39:57 -08:00
Brian Coca
a1f516824e corrected playbook path, reformated options help
the last just to make the help consistent and readable
2015-12-03 18:23:53 -08:00
Brian Coca
26520442bd Now and/or shell expressions depend on shell plugin
This should fix issues with fish shell users as && and || are
not valid syntax, fish uses actual 'and' and 'or' programs.
Also updated to allow for fish backticks pushed quotes to subshell,
fish seems to handle spaces w/o them.
Lastly, removed encompassing subshell () for fish compatibility.
fixes #13199
2015-12-03 16:38:34 -08:00
James Cammarata
f467f1770f Properly compare object references for Hosts when adding new ones
Fixes #13397
2015-12-03 15:25:54 -05:00
James Cammarata
4426b7f6e0 fix sorting of groups for host vars
Fixes #13371
2015-12-03 14:23:02 -05:00
Brian Coca
7d073bdd17 Merge pull request #13345 from amenonsen/extract
Add an 'extract' filter
2015-12-03 11:19:06 -08:00
James Cammarata
5f83a6aeda Properly default remote_user for delegated-to hosts
Fixes #13323
2015-12-03 11:31:33 -05:00
Toshio Kuratomi
e201a255d1 Revert "Make sudo+requiretty and ANSIBLE_PIPELINING work together"
This reverts commit f488de8599.

Reverting for now due to hard to pin down bugs: #13410  #13411
2015-12-03 08:01:05 -08:00
Toshio Kuratomi
9b81c35d06 Don't compare or merge str with unicode
Fixes #13387
2015-12-02 20:53:50 -08:00
James Cammarata
a183972477 Don't use play vars in HostVars
Fixes #13398
2015-12-02 14:16:47 -05:00
James Cammarata
8ff67e0494 Default msg param to AnsibleError to avoid serialization problems 2015-12-02 14:16:47 -05:00
James Cammarata
5f1f2acfea Merge pull request #13405 from sivel/v2-playbook-on-start
Get v2_playbook_on_start working
2015-12-02 12:40:24 -05:00
Matt Martz
384b2e0234 Get v2_playbook_on_start working
* Move self._tqm.load_callbacks() earlier to ensure that v2_on_playbook_start can fire
* Pass the playbook instance to v2_on_playbook_start
* Add a _file_name instance attribute to the playbook
2015-12-02 11:29:51 -06:00
Brian Coca
7708661270 Merge pull request #13402 from amenonsen/expandpath
Use CLI.expand_tilde also for the vault --output file
2015-12-02 09:23:46 -08:00
Brian Coca
94d2958e1f Merge pull request #13403 from amenonsen/module-lang
Make module_lang default to whatever LANG is set to on the control node
2015-12-02 09:06:57 -08:00
Abhijit Menon-Sen
0d16d16ab8 Make module_lang default to whatever LANG is set to on the control node 2015-12-02 22:25:10 +05:30
Abhijit Menon-Sen
fac7626230 Use CLI.expand_tilde also for the vault --output file 2015-12-02 22:08:37 +05:30
Matt Martz
ce54a59cdc Catch additional assertion errors for load_list_of_blocks 2015-12-02 10:35:20 -06:00
Brian Coca
53cd802251 better error on invalid task lists 2015-12-02 08:14:20 -08:00
James Cammarata
f7dc5a9515 Minor tweak and comment addition to 974a0ce3 2015-12-02 09:11:08 -05:00
James Cammarata
f1d53a87e5 Merge pull request #13394 from Christoph-D/issue-13370
Fix #13370
2015-12-02 08:57:09 -05:00
Abhijit Menon-Sen
8cf1815867 Add an 'extract' filter
At its most basic, this is nothing more than an array or hash lookup,
but when used in conjunction with map, it is very useful. For example,
while constructing an "ssh-keyscan …" command to update known_hosts on
all hosts in a group, one can get a list of IP addresses with:

    groups['x']|map('extract', hostvars, 'ec2_ip_address')|list

This returns hostvars[a].ec2_ip_address, hostvars[b].ec2_ip_address, and
so on. You can even specify an array of keys for a recursive lookup, and
mix string and integer keys depending on what you're looking up:

    ['localhost']|map('extract', hostvars, ['vars','group_names',0])|first
        == hostvars['localhost']['vars']['group_names'][0]
            == 'ungrouped'

Includes documentation and tests.
2015-12-02 18:16:38 +05:30
Abhijit Menon-Sen
22381be253 Bump version in devel now that stable-2.0 has been branched 2015-12-02 17:57:53 +05:30
Christoph Dittmann
267199fdd5 Update debug messages and comments
The comment was taken literally from lib/plugins/strategy/linear.py and
makes no sense in free.py where we have no noop tasks.

Also update the debug messages.
2015-12-02 11:17:24 +01:00
Christoph Dittmann
c6e400fbea Fix issue #13370
all_blocks is referenced after the loop over included_files, so it needs
to be initialized before this loop, not inside.
2015-12-02 11:17:24 +01:00
Christoph Dittmann
9a6ae1d62a Let PlayIterator.add_tasks accept empty task lists
PlayIterator.add_tasks raised an error when trying to add an empty task
list.  This was the root cause of ansible issue #13370.
2015-12-02 11:17:24 +01:00
Brian Coca
b92cb93539 unconditionally set vars on init to avoid issues with var precedence 2015-12-01 21:24:46 -08:00
Peter Sprygada
2491afc8b6 fixes a syntax issue with module_utils/eapi.py
This patch fixes an issue with the common args dict in the eapi shared
module.  This patch is required for the eapi shared module to be properly
imported and is therefore should be applied to all instances.
2015-12-01 23:34:59 -05:00
Brian Coca
8c630406c9 Merge pull request #13357 from privateip/feature_ssh_shared_module
initial add of ssh shared module.
2015-12-01 19:15:03 -08:00
Brian Coca
923b5467e3 Merge pull request #13354 from privateip/feature_eapi
adds device common argument to shared module
2015-12-01 19:14:07 -08:00
Brian Coca
574d7be8d5 Merge pull request #13358 from privateip/feature_ios_shared_module
Feature ios shared module
2015-12-01 19:04:24 -08:00
Peter Sprygada
93cd7a2a5f adds module create function for eapi.py shared module
This commit changes the way modules create an instance of AnsibleModule to
now use a common function, eapi_module.  This function will now automatically
append the common argument spec to the module argument_spec.  Module
arguments can override common module arguments
2015-12-01 20:00:41 -05:00
Peter Sprygada
8638e0ccf8 initial add of the ios shared module
This adds shared module support for building modules that connect to Cisco
IOS devices.  It builds on the module_utils/ssh.py shared module.
2015-12-01 19:55:41 -05:00
Brian Coca
3e01516783 fixed signature for init on callbacks
also removed passing display to base class which already handles this
2015-12-01 14:06:54 -08:00
nitzmahone
c94509f273 allow shell plugin to affect remote module filename
Fix for 13368, added get_remote_filename to shell plugins, powershell version appends .ps1 if necessary, base shell plugin no-ops
2015-12-01 13:39:02 -08:00
Abhijit Menon-Sen
f488de8599 Make sudo+requiretty and ANSIBLE_PIPELINING work together
Pipelining is a *significant* performance benefit, because each task can
be completed with a single SSH connection (vs. one ssh connection at the
start to mkdir, plus one sftp and one ssh per task).

Pipelining is disabled by default in Ansible because it conflicts with
the use of sudo if 'Defaults requiretty' is set in /etc/sudoers (as it
is on Red Hat) and su (which always requires a tty).

We can (and already do) make sudo/su happy by using "ssh -t" to allocate
a tty, but then the python interpreter goes into interactive mode and is
unhappy with module source being written to its stdin, per the following
comment from connections/ssh.py:

        # we can only use tty when we are not pipelining the modules.
        # piping data into /usr/bin/python inside a tty automatically
        # invokes the python interactive-mode but the modules are not
        # compatible with the interactive-mode ("unexpected indent"
        # mainly because of empty lines)

Instead of the (current) drastic solution of turning off pipelining when
we use a tty, we can instead use a tty but suppress the behaviour of the
Python interpreter to switch to interactive mode. The easiest way to do
this is to make its stdin *not* be a tty, e.g. with cat|python.

This works, but there's a problem: ssh will ignore -t if its input isn't
really a tty. So we could open a pseudo-tty and use that as ssh's stdin,
but if we then write Python source into it, it's all echoed back to us
(because we're a tty). So we have to use -tt to force tty allocation; in
that case, however, ssh puts the tty into "raw" mode (~ICANON), so there
is no good way for the process on the other end to detect EOF on stdin.
So if we do:

    echo -e "print('hello world')\n"|ssh -tt someho.st "cat|python"

…it hangs forever, because cat keeps on reading input even after we've
closed our pipe into ssh's stdin. We can get around this by writing a
special __EOF__ marker after writing in_data, and doing this:

    echo -e "print('hello world')\n__EOF__\n"|ssh -tt someho.st "sed -ne '/__EOF__/q' -e p|python"

This works fine, but in fact I use a clever python one-liner by mgedmin
to achieve the same effect without depending on sed (at the expense of a
much longer command line, alas; Python really isn't one-liner-friendly).

We also enable pipelining by default as a consequence.
2015-12-01 23:32:20 +05:30
Toshio Kuratomi
50553bc2ba _connect no longer takes a port argument 2015-12-01 09:12:25 -08:00
Brian Coca
f1fcab4610 ignore password flags in become conflict check
since all the --ask pass options end up triggering the same code
and are functionally equivalent, ignore them when it comes to checking
privilege escalation conflicts. This allows using -K when --become-method=su
and so on.
2015-12-01 08:18:31 -08:00
Brian Coca
a6f6a80caa avoid inheritance issues with default=dict declaration at class level
this should avoid the issue of subsequent plays not prompting for a var
prompted for in a previous play.
2015-12-01 08:18:31 -08:00
Toshio Kuratomi
30094912eb boto is expecting that we pass it unicode strings.
The secret_key parameter especially can contain non-ascii characters and
will throw an error if such a string is passed as a byte str.

Potential fix for #13303
2015-12-01 07:03:57 -08:00
Arata Notsu
6d6d4f0c8e BOOLEAN should contain boolean literals
It is natural that an argument_spec with choises=BOOLEAN accepts
boolean literal (True, False) though the current implementation
allows only string or int.
2015-12-01 23:51:39 +09:00
Toshio Kuratomi
ba4e571029 Update submodule refs to go along with the StandardError change in ec2 moudles 2015-11-30 19:05:33 -08:00