Commit graph

179 commits

Author SHA1 Message Date
Matt Martz
a0d7d4b82f Change insertion order of apply block to not affect the include_X task itself (#44912) 2018-08-30 16:56:28 -04:00
Sam Doran
8cd8d17980
Add ability to unlock 1Password vault to lookup plugins (#44923)
* Add ability to use login to 1Password vault to 1Password lookups

* Adjust unit tests

* Add changelog
2018-08-30 16:24:06 -04:00
Matt Martz
9d89e15ff0
Ensure we only cache the loop when the task had a loop (#44901)
* Further restrict caching of loop when the task actually had a loop. Fixes #44874

* Extend tests for loop caching
2018-08-30 12:02:43 -05:00
Alex Stephen
3c6c7bae9d Allow home path expansion on GCP service account files (#44863)
* Allowing home path expansion on GCP service account files #42974

* wrong name for changelog
2018-08-30 10:27:29 -04:00
Dag Wieers
bf9ed0263a Ensure action plugins accept only valid args (#44779)
* Ensure action plugins accept only valid args

This fixes #25424
This also fixes #44773

* Add missing parameters, use private _VALID_ARGS
2018-08-30 09:40:36 -04:00
Matt Martz
0221d1ad20
Introduce and use locale-naive rfc2822 date format function (#44868)
* Introduce and use locale-naive rfc2822 date format function. Fixes #44857

* Adjust test expected response
2018-08-30 08:34:37 -05:00
Jordan Borean
533656694e
win_disk_image: return all mount paths in return value (#44799) 2018-08-30 16:25:45 +10:00
Matt Martz
d5ed818e7c
Make sure we skip handlers from includes in compile_roles_handlers. Fixes #44848 (#44852) 2018-08-29 15:05:55 -05:00
Matt Martz
cd2f66f731
Don't allow import_tasks to transition to dynamic when file is missing. See #44822 (#44836) 2018-08-29 11:43:26 -05:00
Jordan Borean
9d91607754
win_psexec: fix arg handling when command contains multiple args (#44797) 2018-08-29 10:12:29 +10:00
Xyon
03261b3053 Add new session parameter to win_psexec (#44263)
* Add new session parameter to win_psexec

* Indicate which version the session option was added in

* Added changelog fragment and minor edit on doc entry
2018-08-29 09:42:59 +10:00
Dag Wieers
5e814d8d17 Fix support for JSON output when charset is set (#44762)
* Fix support for JSON output when charset is set

This fixes #41797

* Add specific exception to catch

* Add Changelog fragment
2018-08-29 08:10:46 +10:00
Dag Wieers
f588b1cdf9 Fix issue when timeout and state=present (#43464)
* Fix issue when timeout and state=present

* added changelog fragment
2018-08-29 07:31:24 +10:00
Brian Coca
86037bc840
improved block docs (#43611)
* improved block docs

 - broke down examples per keyword
 - clarified which errors are handled
 - clarified forcing error in rescue
2018-08-28 13:40:12 -04:00
Toshio Kuratomi
6b40906bdb Add changelog for 2.7 2018-08-27 20:46:12 -07:00
Toshio Kuratomi
b3a57fabbb Make links anonymous so that they don't trigger rstcheck
rstcheck flags duplicate link targets as errors
2018-08-27 20:43:53 -07:00
Adam Miller
397febd343 YUM4/DNF compatibility via yum action plugin (#44322)
* YUM4/DNF compatibility via yum action plugin

DNF does not natively support allow_downgrade as an option, instead
that is always the default (not configurable by the administrator)
so it had to be implemented

 - Fixed group actions in check mode to report correct changed state
 - Better error handling for depsolve and transaction errors in DNF
 - Fixed group action idempotent transactions
 - Add use_backend to yum module/action plugin
 - Fix dnf handling of autoremove (didn't used to work nor had a
   default value specified, now does work and matches default
   behavior of yum)
 - Enable installroot tests for yum4(dnf) integration testing, dnf
   backend now supports that
 - Switch from zip to bc for certain package install/remove test
   cases in yum integration tests. The dnf depsolver downgrades
   python when you uninstall zip which alters the test environment
   and we have no control over that.
 - Add changelog fragment
 - Return a pkg_mgr fact if it was not previously set.
2018-08-27 10:17:47 -07:00
Matthias Fuchs
7871027c9d Share the implementation of hashing for both vars_prompt and password_hash (#21215)
* Share the implementation of hashing for both vars_prompt and password_hash.
* vars_prompt with encrypt does not require passlib for the algorithms
  supported by crypt.
* Additional checks ensure that there is always a result.
  This works around issues in the crypt.crypt python function that returns
  None for algorithms it does not know.
  Some modules (like user module) interprets None as no password at all,
  which is misleading.
* The password_hash filter supports all parameters of passlib.
  This allows users to provide a rounds parameter, fixing #15326.
* password_hash is not restricted to the subset provided by crypt.crypt,
  fixing one half of #17266.
* Updated documentation fixes other half of #17266.
* password_hash does not hard-code the salt-length, which fixes bcrypt
  in connection with passlib.
  bcrypt requires a salt with length 22, which fixes #25347
* Salts are only generated by ansible when using crypt.crypt.
  Otherwise passlib generates them.
* Avoids deprecated functionality of passlib with newer library versions.
* When no rounds are specified for sha256/sha256_crypt and sha512/sha512_crypt
  always uses the default values used by crypt, i.e. 5000 rounds.
  Before when installed passlibs' defaults were used.
  passlib changes its defaults with newer library versions, leading to non
  idempotent behavior.

  NOTE: This will lead to the recalculation of existing hashes generated
        with passlib and without a rounds parameter.
        Yet henceforth the hashes will remain the same.
        No matter the installed passlib version.
        Making these hashes idempotent.

Fixes #15326
Fixes #17266
Fixes #25347 except bcrypt still uses 2a, instead of the suggested 2b.

* random_salt is solely handled by encrypt.py.
  There is no _random_salt function there anymore.
  Also the test moved to test_encrypt.py.
* Uses pytest.skip when passlib is not available, instead of a silent return.
* More checks are executed when passlib is not available.

* Moves tests that require passlib into their own test-function.

* Uses the six library to reraise the exception.

* Fixes integration test.

When no rounds are provided the defaults of crypt are used.
In that case the rounds are not part of the resulting MCF output.
2018-08-27 08:40:41 -07:00
Charles
a7f35e232e Switch to LiteralPath instead of Path. Closes #44508 (#44509)
* Switch to LiteralPath instead of Path. Closes #44508

* add changelog fragment

* fix line endings and remove final empty line

* Minor text changes in changelog
2018-08-27 16:18:45 +10:00
Daniel-Sanchez-Fabregas
af49627a08 Module win_domain_computer fix delete computer with child (#44500)
* Module win_domain_computer fix delete computer with child

* add changelog fragment
2018-08-27 15:54:16 +10:00
Sloane Hertel
d3f5238c09
Fix dangerous elb_application_lb state (#44646)
* elb_application_lb: fix dangerous default of deleting an ELB if state is omitted by changing state to default to present to be more like other AWS modules
2018-08-24 13:04:15 -04:00
Shuang Wang
b03feb6d40 Implement part of #27617 [expend checksum format to <algorithm>:(<checksum>|<url>)] (#43751)
* expend checksum format to <algorithm>:(<checksum>|<url>)

* continue to code at office

* ALPHA - expend checksum format to <algorithm>:(<checksum>|<url>)

* clean up tmpfile and comment

* try to add test code for 27617

* try to add test code for 27617

* try to add test code for 27617

* try to fix [Could not find or access 'testserver.py']

* fix test code [Could not find or access 'testserver.py']

* fix test code [add files dir]

* fix test code [files dir not exists]

* as [connection was closed before a valid response was received]

* [connection was closed before a valid response was received]

* [connection was closed before a valid response was received]

* add test item [sha1 and sha256]

* since [connection was closed before a valid response was received]

* fix [connection was closed before a valid response was received]

* fix test code typo

* add docs for #27617

* PR #43751 is minor change

* fix pep8 issue.

* fix test code style.

* fix unexpected quote
2018-08-24 12:45:32 -04:00
Toshio Kuratomi
f46c943d3d Fix another corner case of too many warnings for world readable current working directory
There should be no warning if there is no ansible.cfg file i nthe
current working directory.
2018-08-23 20:23:59 -07:00
Will Thames
60e3af42d5 sns_topic boto3 port (#39292)
* Port sns_topic to boto3 and add tests
2018-08-23 21:04:18 -04:00
Sloane Hertel
79ecb4c41f
Add diff mode for ec2_group (#44533)
* Add (preview) diff mode support ec2_group

* Add diff mode to some ec2_group integration tests

* Remove unnecessary arguments and add comment to the module notes

* Add changelog
2018-08-23 19:43:18 -04:00
Sloane Hertel
b152515fcb RDS inventory plugin (#41919)
Comments out uses of rds_instance in the integration tests and replace with AWS CLI until rds_instance has been merged
2018-08-23 19:42:32 -04:00
Sam Doran
05fff27415
Pass path to GalaxyRole object (#43051)
This will list all roles in all paths in roles_path rather than just the first path in roles_path.
2018-08-23 12:44:48 -04:00
jctanner
653d9c0f87 New keyword: ignore_unreachable (#43857) 2018-08-23 11:41:02 -04:00
guoqiao
6ef9c2d7b7 Fix mail module for python 3.7.0 (#44550) (#44552)
In python 3.7.0, changes in `ssl.py` breaks `smtplib.SMTP_SSL`, which
then breaks `mail` module in ansible.

Run this line in python shell:

    import smtplib;smtplib.SMTP_SSL().connect(host='smtp.gmail.com', port=465)

Before python 3.7.0, we will get:

    (220, b'smtp.gmail.com ESMTP j13-v6sm3086685pgq.56 - gsmtp')

In python 3.7.0, we get such error at `lib/python3.7/ssl.py` line 843, method `_create`:

    ValueError: server_hostname cannot be an empty string or start with a leading dot.

The ssl module is using host info on SMTP_SSL instance, which is not set.
The fix/workaround is simple, just pass host info to it:

    import smtplib;smtplib.SMTP_SSL(host='smtp.gmail.com').connect(host='smtp.gmail.com', port=465)

Fixes: #44550

Signed-off-by: Guo Qiao <guoqiao@gmail.com>
2018-08-23 16:50:54 +10:00
Jordan Borean
e07352b9de basic.py: catch ValueError when trying to import hash algorithms (#44551)
* basic.py: catch more Exceptions when trying to import md5 hash algorithms
2018-08-22 23:34:50 -07:00
Guilherme Steinmuller
3db93e4c2a Add missing changelog for PR #44418 (#44478)
The PR[1] was merged but we noticed that the
changelog file is missing.

[1] https://github.com/ansible/ansible/pull/44418
2018-08-23 12:32:34 +10:00
Ryan Brown
4c8808ec9d
Extend module_defaults by adding default groups for cloud modules (#44127)
Extends `module_defaults` by adding a prefix to defaults `group/` which denotes a builtin list of modules. Initial groups are: `group/aws`, `group/azure`, and `group/gcp`
2018-08-22 21:33:27 -04:00
Matt Martz
a1febd95b7
Remove deprecated ec2_facts (#44536)
* Remove deprecated ec2_facts

* Add changelog
2018-08-22 16:48:22 -05:00
Matt Martz
5ea7480e90
Remove deprecated s3 module (#44537)
* Remove deprecated s3 module

* Add changelog
2018-08-22 16:48:09 -05:00
sdubrul
061877d584 added account_alias in the response of module aws_caller_facts (#42345)
* added account_alias in the response of module aws_caller_facts

* added comment to explain list_account_aliases

* renamed caller_identity to caller_facts as the content is extended

* created changelog

* security-policy needs the iam:ListAccountAliases for this module to work

* test now checks for the added field account_alias

* gracefully handle missing iam:ListAccountAliases permission
2018-08-22 17:21:12 -04:00
Vladimir Dobriakov
6f480fd03d Fixes #23078 - eliminate trailing whitespace in to_nice_json (#42633)
* Fix #23078 - eliminate trailing whitespace in to_nice_json

* Add changelog fragment for #42633
2018-08-22 14:55:30 -05:00
Matt Martz
81ca04512d
Raise a nicer error when we cannot execute the editor (#44423)
* Raise a nicer error when we cannot execute the editor. Fixes #44419

* Don't use to_bytes when constructing an exception

* Add changelog fragment
2018-08-22 10:24:11 -05:00
Brian Coca
bda074d34e
fix tempating issues with no_log and loops (#44468)
* fix tempating issues with no_log and loops

 - task is no log if any item is
 - added test cases

fixes #43294
2018-08-21 21:53:56 -04:00
Toshio Kuratomi
0e7b470a01 Remove deprecated tags config option (#44479)
* Remove deprecated tags config option

* wordsmith porting guide entry

acozine via github
2018-08-21 14:57:06 -05:00
Matt Martz
2bf6507c44
Use newer is_sequence function instead of MutableSequence (#44331)
* Use newer is_sequence function instead of MutableSequence. Fixes #44327

* Add changelog for #44331

* Update changelog fragment to describe the fix in more detail
2018-08-21 10:42:11 -05:00
Matt Martz
617372f8c0
Mass nuke deprecated items that are easily removed. ci_complete (#44320) 2018-08-20 16:26:10 -05:00
Matt Martz
9b2baebe64
Don't use copy.deepcopy in high workload areas, use naive_deepcopy (#44337)
* Don't use copy.deepcopy in high workload areas, use deepishcopy. ci_complete

* Add tests

* Add changelog fragment

* rename to naive_deepcopy and add extra docs

* Rename to module_response_deepcopy and move to vars/clean
2018-08-20 15:08:29 -05:00
Monty Taylor
27ac2fc67c Ensure that apt is always chosen on debian/ubuntu (#44413)
One can install alternate packages managers on debuntu machines.
However, doing so doesn't mean you want to suddenly start using them.

Add in a check similar to the fedora yum/dnf check that sets apt as the
pkg_mgr if the ansible_os_family is Debian.
2018-08-20 15:59:56 -04:00
Martin Krizek
a66588129f
Add changelog for Jinja2 native types (#44309) 2018-08-17 16:27:16 +02:00
Sam Doran
00e7c020b2 Add backup feature to user module (#41854)
*  Add backup option

* Only backup shadow file when the OS has one

* Only backup shadow file for SunOS

* Update docs on backup feature

* Add changelog fragment

* Add tests for shadow backup

* Remove backup option, make it automatic

Remove the option to enable/disable backups and make it automatic. Add note to docs describing this behavior.

Change tests to account for new module behavior.

Change section name in changelog fragment since minor_features is not a valid section.
2018-08-15 16:22:26 -04:00
Tom Matthews
5c1e620504 Strip trailing comments from /etc/default/passwd (#43931)
* strip additional comments from /etc/default/passwd

Strip trailling comments from /etc/default/passwd like
MINWEEKS=1 #MINWEEKS=2
MAXWEEKS=12  # MAXWEEKS=8
Which otherwise cause failures with "failed to read /etc/default/passwd: too many values to unpack"

* fix carriage return typo in commit

* yet another typo in commit

* Fix indent problem

* add changelog fragment for PR 43931
2018-08-15 15:04:45 -04:00
Andreas Calminder
21066410be authorized_key 29891 use os.path.realpath to follow keyfile symlinks (#40417)
* 29891 use os.path.realpath to follow keyfile symlinks
* 29891 add parameter follow
* updated changelog fragment
* add documentation and set default to false
2018-08-13 16:06:33 -07:00
Sam Doran
6d38167d49
Only template values in vars_prompt rather than all vars (#39304)
* Only template values in vars_prompt rather than all vars

This allows the use of variables in vars_prompt fields but allows variables entered in the prompt to affect play vars rather than throwing an undefined error.

Only post validate if there was a vars_prompt

* Add tests for vars_prompt
2018-08-13 12:54:31 -04:00
Zhikang Zhang
b20d903cc4 Give warning if user inputs not encrypted password to user module (#43615)
* Check the password format

Check the password format and notify user if they
input unencrypted password.

* Fix sanity error

* Add integration test

* Missed a task name

* Hard code the testing password

Since some testing platfrom has no passlib installed

* Add changelog fragment

* Rework some English sentences

* Fix a grammar mistake
2018-08-13 12:45:37 -04:00
Toshio Kuratomi
a0e6ab09d1 Add note to the porting guide about why we're dropping python-2.6 controller support 2018-08-13 07:38:38 -07:00