Commit graph

290 commits

Author SHA1 Message Date
Martin Krizek
a3b954e5c9
Force template module to use non-native Jinja2 (#68560)
Fixes #46169
2020-09-03 09:01:34 +02:00
Toshio Kuratomi
1882c60b04
Update the porting guide for ansible-2.10.0b1 (#71583) 2020-09-01 18:47:51 -04:00
Rick Elrod
0c50ee1abe
[docs] Fix up porting guides for CVE revert (#71580)
Change:
- Fix up wording and do proper backports for porting guide entries.

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-09-01 17:25:58 -05:00
Patrick Reader
2b7461eb52
fix broken links due to master -> main branch rename (#71426) 2020-08-24 15:39:21 -04:00
Sloane Hertel
1425e3597b
Allow meta tasks to use tags (#67508)
* Support tags for explicit meta tasks

Add --list-tasks tests for meta tags

Add breaking_changes changelog fragment and porting guide
2020-08-21 11:08:49 -04:00
Felix Fontein
a479b003e8
Fix module links. (#71030) 2020-08-20 14:08:41 -04:00
Rick Elrod
ea58d7c233
Make it so callback plugins can act on implicit/explicit meta tasks (#71009)
Change:
- Now sends meta tasks to the task start callback
- Lets callback plugins opt-in to receiving implicit tasks

Test Plan:
- New integration tests

Tickets:
- Indirectly fixes #71007 by allowing custom callbacks with this data

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-08-18 16:56:48 -05:00
Felix Fontein
61b7f234bd
Update auto-generated 2.10 porting guide in devel. (#71276) 2020-08-17 13:49:38 -04:00
Baptiste Mille-Mathias
92d59a58c0
Fix code markups and add link to CVE (#71082) 2020-08-17 10:55:30 -04:00
Sam Doran
888be697cb
Revert "Change default file permissions so they are not world readable (#70221)" (#71231)
* Revert "Change default file permissions so they are not world readable (#70221)"

This reverts commit 5260527c4a.

* Revert "Fix warning for new default permissions when mode is not specified (#70976)"

This reverts commit dc79528cc6.
2020-08-12 12:29:04 -05:00
Sandra McCann
56748a8060
remove network for 2.10 base porting guide (#71158) 2020-08-07 14:27:01 -05:00
Sandra McCann
abe4a1d533
remove network section from base porting guide (#71157) 2020-08-07 14:26:49 -05:00
Toshio Kuratomi
0a9638ce4b
Update the porting guide for ansible-2.10.0a8 (#71141) 2020-08-07 12:22:02 -04:00
Rick Elrod
4e55b93613
virt facts: allow guest/host to have >1 virt tech (#70832)
Change:
- Allow systems to declare multiple virt techs. For example if a system
  is both a docker container, but virtualized on KVM, show both. If a
  system is set up to run virtualbox and KVM VMs, show both.

- This is done by introducing new facts keys:
  - virtualization_tech_guest
  - virtualization_tech_host

- Backwards compatibility is preserved by keeping track of the previous
  return-points and refusing to update those keys after we would have
  returned, but now returning them at the end, so that the new keys can
  accumulate their data.

Test Plan:
- Local
- CI

Tickets:
- Refs #66304
- Refs #17151
- Refs #17058
- Probably others

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-08-06 09:45:37 -05:00
Rick Elrod
7f62a9d7b5
Make cache adjudicator's flush call plugin flush (#70987)
Change:
- Previously CachePluginAdjudicator#flush only removed entries from the
  cache backend that it knew about by using them earlier. Now it calls
  the underlying plugin's flush() method.

Test Plan:
- New unit tests

Tickets:
- Fixes #68770

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-08-03 17:16:15 -05:00
Felix Fontein
61b36c6f30
Porting guides for ansible-base 2.10 and ansible 2.10 (#70891)
* Fix changelog link title.

* Rename Ansible 2.10 and 2.11 porting guides to Ansible-base porting guides.

* Add stub for automatically generated 2.10 porting guide.

* Move things that should not be in the ansible-base porting guide to the ansible porting guide.

* Apply changes to base porting guides.

* Add remark that ansible-base is mainly for developers.

* Ansible Base -> Ansible-base

* Fix link in base porting guide.

* Add generated porting guide.

* Use same header signs as antsibull-changelog's RST builder.

* Update generated porting guide.
2020-07-31 15:28:18 -05:00
Felix Fontein
698efb8981
'Foreport' changes to 2.10 porting guide from stable-2.10 to devel. (#71024)
Without this, this change would get lost when backporting #70891, or would make backporting a lot harder.
2020-07-31 12:53:23 -05:00
Sam Doran
dc79528cc6
Fix warning for new default permissions when mode is not specified (#70976)
Follow up to #70221
Related to #67794
CVE-2020-1736

When set_mode_if_different() is called with mode of 'None', ensure we issue
a warning about the change in default permissions.

Add integration tests to ensure the warning works properly.

* Fix tests
- actually use custom module 🤦‍♂️
- verify file permission on created files
- use remote_tmp_dir so we're ready for split controller
- improve test module so we can skip the call to set_fs_attributes_if_different()
- fix tests for CentOS 6
2020-07-30 00:05:29 -04:00
Sandra McCann
8fb8f1b2a0
fix changelog link (#70883) 2020-07-28 11:11:15 -04:00
Matt Davis
4c0af6c808
fix internal cases of actions calling unqualified module names (#70818)
* fix internal cases of actions calling unqualified module names

* add porting_guide entry
* misc other fixes around action/module resolution broken by redirection

ci_complete

* Update docs/docsite/rst/porting_guides/porting_guide_2.10.rst

Co-authored-by: Rick Elrod <rick@elrod.me>

* Update docs/docsite/rst/porting_guides/porting_guide_2.10.rst

Co-authored-by: Rick Elrod <rick@elrod.me>

* address review feedback

* pep8

* unit test fixes

* win fixes

* gather_facts fix module args ignores

* docs sanity

* pep8

* fix timeout test

* fix win name rewrites

Co-authored-by: Rick Elrod <rick@elrod.me>
2020-07-23 09:02:57 -07:00
Sam Doran
5260527c4a
Change default file permissions so they are not world readable (#70221)
* Change default file permissions so they are not world readable

CVE-2020-1736

Set the default permissions for files we create with atomic_move() to 0o0660. Track
which files we create that did not exist and warn if the module supports 'mode'
and it was not specified and the module did not call set_mode_if_different(). This allows the user to take action and specify a mode rather than using the defaults.

A code audit is needed to find all instances of modules that call atomic_move()
but do not call set_mode_if_different(). The findings need to be documented in
a changelog since we are not warning. Warning in those instances would be frustrating
to the user since they have no way to change the module code.

- use a set for storing list of created files
- just check the argument spac and params rather than using another property
- improve the warning message to include the default permissions
2020-07-22 17:05:38 -04:00
Amin Vakil
9c40b1b2ff
Replace filename with file in apt_key (#70492)
* Replace filename with file from apt_key check

  one is internal variable, the other is actual parameter used and required for parameter check.
2020-07-10 12:42:49 -04:00
Rick Elrod
707458cc8c
Make netbsd virtualization facts more specific (#70467)
Change:
Our handling of NetBSD virtualization facts led to facts that were just
plain incorrect. One example is reporting Xen even when the system is
running on something completely different (like KVM).

As stated by the reporter of #69352, NetBSD has a better sysctl setting
to use for this information, machdep.hypervisor.

This PR does the following:

- Try to use machdep.hypervisor sysctl value if the other sysctl values
  we check don't end up with enough information to be useful
- Only look for /dev/xencons and assume Xen if nothing else works
  (Really this should probably return 'unknown' since the file exists on
  non-Xen systems and is not very useful).
- Add a few more patterns (Xen matches and also Hyper-V) to
  VirtualSysctlDetectionMixin#detect_virt_product.

This change is slightly breaking:
- If the first two attempts at using sysctl worked before,
  (machdep.dmi.system-product and machdep.dmi.system-vendor), they will
  continue to work.
- For cases when those values didn't work, previously the existence of
  /dev/xencons was checked, and if found, we reported 'xen' (even on
  non-Xen systems when the file existed). After this PR, we try the
  machdep.hypervisor sysctl key before still falling back to
  /dev/xencons. This means that in some cases, we might go from
  (wrongly) saying "xen" to giving a more accurate value such as "kvm"
  or "Hyper-V".

Test Plan:
- Tested with local NetBSD VM and got 'kvm' instead of 'xen' back.

Tickets:
- Fixes #69352

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-07-07 17:28:13 -05:00
Rick Elrod
cc071cdea6
Bump devel to 2.11.0 (#70121)
Signed-off-by: Rick Elrod <rick@elrod.me>
2020-06-17 14:22:38 -05:00
Felix Fontein
9c753341e2
Porting guide: transfer entries to collection changelogs (#70064)
* Remove community.crypto parts from porting guide.
* Remove community.general parts from porting guide.
* Removed 'modules removed' section, since this is better suited for a general entry on the collection split.
2020-06-16 10:04:32 -05:00
Rick Elrod
2abaf320d7
[ansiballz] ensure that '' is not in sys.path (#69342)
Change:
On OpenBSD when using pipelining, we do not set cwd which results in a
permissions fatal. Ensure that `''` - cwd - is not in `sys.path`.

Test Plan:
Tested against local OpenBSD VM

Tickets:
Fixes #69320

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-06-01 03:43:20 -05:00
Sandra McCann
3a4e227efa
remove build errors including guess (#69711)
* remove build errors including guess

* fixed shippable errors
2020-05-29 11:56:49 -05:00
Lukas Pirl
34db57a47f
introduce fact "ansible_processor_nproc": number of usable vcpus (#66569)
This fact reflects the number of usable vcpus (which might be different
from ansible_processor_vcpus, e.g., in containers with limits). See
also #51504.

* Add fixture data and update unit tests

Co-authored-by: Sam Doran <sdoran@redhat.com>
2020-05-15 09:38:56 -04:00
Sloane Hertel
34458f3569
Update inventory caching documentation (#69100) 2020-05-05 15:10:57 -05:00
Brian Coca
babac66f9c
Be strict about what is a boolean for keywords (#67625)
* be strict about what is a boolean for keywords

 - found and fixed typo in test , 'yes' != 'yes.'
2020-04-28 13:55:26 -04:00
Alicia Cozine
69543b47c9 fix last 7 docs errors on post-migration test runs (#68115)
* address toc-tree-glob-pattern-no-match errors

* address Include-file-not-found error

* address 2.10 porting guide errors, add warning to page

* updates individual plugin type pages

* Add ignores.

Co-authored-by: Alicia Cozine <acozine@users.noreply.github.com>
Co-authored-by: Matt Clay <matt@mystile.com>
2020-03-23 11:14:21 -05:00
Alicia Cozine
4e8b240b8b
Intersphinx (#68090)
* try to route 2.9 porting guide links to 2.9 module docs

* refreshed existing .inv files

* better URL

* new .inv file for version-specific links

* adds targets for version-specific docs

* fixes 2.5 porting guide refs

* fixes 2.8 porting guide refs

* fixes 2.7 porting guide refs

* fixes links on ACI guide

* adds .inv files for versions 2.5 through 2.8

Co-authored-by: Alicia Cozine <acozine@users.noreply.github.com>
2020-03-06 14:16:35 -08:00
Mark Chappell
052e8b7be4
ec2_tag - Deprecate the use of state=list (#66840)
* ec2_tag - Deprecate the use of state=list

* Update lib/ansible/modules/cloud/amazon/ec2_tag.py

* Add changelog and porting_guide entries

Co-authored-by: flowerysong <junk+github@flowerysong.com>
2020-02-19 13:54:34 -05:00
Rohit
9eb7709c61
Vyos static route module added (#62193)
* Vyos static route module added

Signed-off-by: rohitthakur2590 <rohitthakur2590@outlook.com>

* sanity fixes

Signed-off-by: rohitthakur2590 <rohitthakur2590@outlook.com>

* empty config traceback fix

Signed-off-by: rohitthakur2590 <rohitthakur2590@outlook.com>

* sanity check fix

* model specific changes and SI test cases updated

Signed-off-by: rohitthakur2590 <rohitthakur2590@outlook.com>

* new state changes and SI test cases updated

Signed-off-by: rohitthakur2590 <rohitthakur2590@outlook.com>

* sanity fixes

Signed-off-by: rohitthakur2590 <rohitthakur2590@outlook.com>

* UT cases added

Signed-off-by: rohitthakur2590 <rohitthakur2590@outlook.com>

* replaced operation fix

Signed-off-by: rohitthakur2590 <rohitthakur2590@outlook.com>

* review comments incorporated

Signed-off-by: rohitthakur2590 <rohitthakur2590@outlook.com>

* shippable fix

Signed-off-by: rohitthakur2590 <rohitthakur2590@outlook.com>

* sanity fix

Signed-off-by: rohitthakur2590 <rohitthakur2590@outlook.com>

* delete opr updated

Signed-off-by: rohitthakur2590 <rohitthakur2590@outlook.com>

* comments incorporated

Signed-off-by: rohitthakur2590 <rohitthakur2590@outlook.com>
2020-02-18 07:32:26 -05:00
Abhijeet Kasurde
b6753b46a9
Replace 'message' in module parameters (#60051)
* 'message' parameter is replaced by 'commit_message' in grafana_dashboard
* 'message' parameter is replaced by 'notification_message' in datadog_monitor

This change is required since 'message' as parameter name is used internally by
Ansible core engine.

Fixes: #39295 #45362 #47132 #59617

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-02-18 13:00:16 +01:00
Sloane Hertel
6a8b1f867e
[aws_s3] fix deleting versioned objects before deleting bucket (#54435)
* [aws_s3] fix deleting the current objects and the previous versions from a version-enabled bucket

* use existing paginated_list function to keep compatibility with the other places it is called

* changelog

* Add noteworthy change to the porting guide

* Reword that with acozine's suggestion

Co-authored-by: Alicia Cozine <879121+acozine@users.noreply.github.com>
2020-02-17 13:16:09 -05:00
Mark Chappell
90898132e4
CloudRetry/AWSRetry : Disable catching of NotFound exceptions (#67281)
* CloudRetry/AWSRetry : Remove default catching of NotFound exceptions

* Add docs

* Changelog updates from review

* Update unit tests after removing 'NotFound' from default retries
2020-02-13 16:59:00 -05:00
Jordan Borean
ed863b377b
win_package: add missing porting guide entries (#67374) 2020-02-13 16:59:44 +10:00
Mario Lenz
808bf02588
Remove options from some vmware modules that are not used in the code (#67282) 2020-02-11 12:30:22 +01:00
Nilashish Chakraborty
88f0c85228
Remove deprecated attributes from nxos_igmp_interface (#67186)
Signed-off-by: NilashishC <nilashishchakraborty8@gmail.com>
2020-02-11 12:27:07 +01:00
Felix Fontein
f725dce936
Clean up FILE_COMMON_ARGUMENTS (#66389)
* Clean up FILE_COMMON_ARGUMENTS.

* postgresql_pg_hba doesn't declare the backup option.

* uri doesn't declare the remote_src option.

* Add documentation.

* maven_artifact seems to use directory_mode, which it doesn't declare.

* Update changelogs/fragments/66389-file-common-arguments.yml
Update docs/docsite/rst/porting_guides/porting_guide_2.10.rst

ci_complete

Co-Authored-By: Jill R <4121322+jillr@users.noreply.github.com>
2020-02-07 18:56:01 -05:00
Jordan Borean
12e3adb23a
win_domain_controller - add a deprecation warning for the log_path option (#67108) 2020-02-05 10:46:47 +10:00
Jordan Borean
78470c43c2
Removed deprecated items in Windows modules (#67105) 2020-02-05 09:02:04 +10:00
Felix Fontein
23b2bb4f4d
docker_container: change behavior for one-port container ranges to be same as docker CLI (#66382)
* Adjust docker_container behavior for one-port container ranges to be similar to docker CLI.

* Add changelog.

* Add documented examples for ports:.
2020-02-03 23:27:40 +01:00
Simon Dodsley
b1a8bded3f
Remove deprecated parameter for 2.10 in purefb_fs (#67026) 2020-02-02 15:30:01 +01:00
Mark Chappell
919a9e33e8
Minor AWS argument checks (required_if / mutually_exclusive) fixups (#66966)
* aws_netapp_cvs_snapshots - minor required_if fixup (state must be set if state=present)

* ec2 - fix typo in mutually_exclusive definition

* rds_instance: fix typo in mutually_exclusive restore_to_time should be restore_time - currently throws a boto error
2020-01-31 22:17:46 +01:00
Felix Fontein
5fdc9a61f0
docker_container: pass volumes only for anonymous volumes (#66600)
* Simplify code.

* Only pass anonymous volumes.

* Add changelog and update porting guide.

* Add integration tests.
2020-01-30 14:08:25 +01:00
Dusan Matejka
57805b7def
zabbix_proxy interface option documentation and argspec fixes (#66837)
* zabbix_proxy interface option documentation and argspec fixes

* Update changelogs/fragments/66837-zabbix-proxy-interface.yml

Co-Authored-By: Felix Fontein <felix@fontein.de>

Co-authored-by: Felix Fontein <felix@fontein.de>
2020-01-30 14:06:44 +01:00
Martin Krizek
4ca0c7f116 Fix case sensitivity for lookup() (#66521)
This brings consistency to lookup(), with_ and ansible-doc.

Fixes #66464

* Add a porting guide entry
2020-01-27 15:09:45 -05:00
Abhijeet Kasurde
fc6476bd72
VMware: Handle multiple tags with different category (#66465)
vmware_tag_info used to return dict of tag information which caused
data loss when there are multiple tags with same name and different category ids.
This fix will add additional fact "tag_info" which will deprecated existing fact
"tag_facts".
The "tag_info" is a list which handles multiple tags with same name.

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-01-23 10:15:57 +05:30