Commit graph

2496 commits

Author SHA1 Message Date
Sam Doran
dc79528cc6
Fix warning for new default permissions when mode is not specified (#70976)
Follow up to #70221
Related to #67794
CVE-2020-1736

When set_mode_if_different() is called with mode of 'None', ensure we issue
a warning about the change in default permissions.

Add integration tests to ensure the warning works properly.

* Fix tests
- actually use custom module 🤦‍♂️
- verify file permission on created files
- use remote_tmp_dir so we're ready for split controller
- improve test module so we can skip the call to set_fs_attributes_if_different()
- fix tests for CentOS 6
2020-07-30 00:05:29 -04:00
Rick Elrod
14dc4de424
Update docs for --tags default, and add some tests (#70939)
Change:
- Clarify that not passing `--tags` will cause `ansible_run_tags` to
  default to `["all"]`.
- Add some extra coverage around `ansible_run_tags`

Test Plan:
- New integration and unit tests

Tickets:
- Fixes #69619

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-07-29 17:16:57 -05:00
Sam Doran
7f0c84ea15
Update module debugging docs (#70847)
- Combine remote and local debugging instructions.
- Update the example code to match current AnsiballZ structure and behavior
- Change reference name and update references
- Clarify how PYTHON path is modified
- Also add note about other remote debugging tools.

Co-authored-by: Alicia Cozine <879121+acozine@users.noreply.github.com>
2020-07-29 12:14:49 -04:00
Emilien Macchi
37e9d2278a
Fix a typo in "restart mysql" example (#70950)
Fix a typo in "restart mysql" example task. It's missing a space between "state:" and "restarted".
2020-07-29 11:46:16 +05:30
PJ Waskiewicz
69e5c6c14a
Update network_best_practices_2.5.rst (#70962)
Fix a small typo in the playbook tasks sample section
2020-07-29 11:41:18 +05:30
Sandra McCann
748ba96610
How to use rst :ref: for modules in collections (#70567) 2020-07-28 17:40:16 -05:00
Sorin Sbarnea
787e6108e0
Document galaxy install from local clones (#70941) 2020-07-28 14:05:28 -04:00
Sandra McCann
8fb8f1b2a0
fix changelog link (#70883) 2020-07-28 11:11:15 -04:00
Felix Fontein
7e2cc7db12
validate-modules: fix version_added validation for top-level, fix error codes (#70869)
* Also validate top-level version_added.

* Fix error code.

* Produce same version_added validation error in schema than in code (and stop returning it twice).

* Return correct error codes for invalid version_added for options and return values.

* Add changelog.

* Fix forgotten closing braket.

* Accept 'historical' for some top-level version_added.
2020-07-28 10:10:35 -05:00
Fixmetal
7a42d27462
Proper example for splitext filter in docs (#70494)
* Update playbooks_filters.rst with a clear example of how to extract its 2 tokens. 

Co-authored-by: Sloane Hertel <shertel@redhat.com>
2020-07-23 15:07:55 -05:00
Sviatoslav Sydorenko
20bb915092
Refactor Python API examples and docs
PR #70446: it's a follow-up for #70445.

It includes a merge of `examples/scripts/uptime.py` and a similar
code snippet from `docs/docsite/rst/dev_guide/developing_api.rst`.

This patch also changes the docs RST file to include contents of
the example file instead of holding a copy of a similar code.
2020-07-23 18:24:02 +02:00
Matt Davis
4c0af6c808
fix internal cases of actions calling unqualified module names (#70818)
* fix internal cases of actions calling unqualified module names

* add porting_guide entry
* misc other fixes around action/module resolution broken by redirection

ci_complete

* Update docs/docsite/rst/porting_guides/porting_guide_2.10.rst

Co-authored-by: Rick Elrod <rick@elrod.me>

* Update docs/docsite/rst/porting_guides/porting_guide_2.10.rst

Co-authored-by: Rick Elrod <rick@elrod.me>

* address review feedback

* pep8

* unit test fixes

* win fixes

* gather_facts fix module args ignores

* docs sanity

* pep8

* fix timeout test

* fix win name rewrites

Co-authored-by: Rick Elrod <rick@elrod.me>
2020-07-23 09:02:57 -07:00
Alicia Cozine
b28d59124b
WIP: add collections as an intersphinx link (#70826)
* adds collections as a ref for intersphinx

* no need for intersphinx

Co-authored-by: Alicia Cozine <acozine@users.noreply.github.com>
2020-07-23 08:44:05 -07:00
Sam Doran
5260527c4a
Change default file permissions so they are not world readable (#70221)
* Change default file permissions so they are not world readable

CVE-2020-1736

Set the default permissions for files we create with atomic_move() to 0o0660. Track
which files we create that did not exist and warn if the module supports 'mode'
and it was not specified and the module did not call set_mode_if_different(). This allows the user to take action and specify a mode rather than using the defaults.

A code audit is needed to find all instances of modules that call atomic_move()
but do not call set_mode_if_different(). The findings need to be documented in
a changelog since we are not warning. Warning in those instances would be frustrating
to the user since they have no way to change the module code.

- use a set for storing list of created files
- just check the argument spac and params rather than using another property
- improve the warning message to include the default permissions
2020-07-22 17:05:38 -04:00
David Shrewsbury
bf98f031f3
Sanitize URI module keys with no_log values (#70762)
* Add sanitize_keys() to module_utils.

* More robust tests

* Revert 69653 change

* Allow list or dict

* fix pep8

* Sanitize lists within dict values

* words

* First pass at uri module

* Fix insane sanity tests

* fix integration tests

* Add changelog

* Remove unit test introduced in 69653

* Add ignore_keys param

* Sanitize all-the-things

* Ignore '_ansible*' keys

* cleanup

* Use module.no_log_values

* Avoid deep recursion issues by using deferred removal structure.

* Nit cleanups

* Add doc blurb

* spelling

* ci_complete
2020-07-22 14:49:37 -05:00
Sayee
1733253297
Modification of 'Adding modules and plugins locally' topic (#70659)
* Remediated the topic to comply with IBM style guide and minimalism practices
Co-authored-by: Alicia Cozine <879121+acozine@users.noreply.github.com>
2020-07-22 11:59:18 -05:00
Sorin Sbarnea
b7ee07215d
Update Molecule support contact (#70797)
As Molecule started to use https://github.com/ansible-community/molecule/discussions we need to update documentation before retiring
the molecule-users mailing list.
2020-07-22 11:53:52 +01:00
Sandra McCann
2a7df5e07b
add note for write permission on rst files (#70766)
* add note for write permission on rst files
* Update docs/docsite/rst/community/documentation_contributions.rst

Co-authored-by: Toshio Kuratomi <a.badger@gmail.com>
2020-07-21 16:00:47 -05:00
Sandra McCann
24e5d3a51c
fix rstcheck problem and gitignore collections dir (#70764) 2020-07-21 15:59:56 -05:00
Baptiste Mille-Mathias
59513ae673
Fix incorrect statement to set a variable for a playbook (#70712)
Fixes #70638
2020-07-20 13:45:40 -05:00
Baptiste Mille-Mathias
92e16c2838
Few fixes for reference_appendices/faq.html (#70719)
* Format using `` instead of `, add line breaks for long lines, rephrase or remove useless text.
Move some text.

* Add clearer version of OpenSSh is affected by SCP bug

* Review some pages using ansible doc writing guide.
2020-07-20 13:43:39 -05:00
Stef B
fb3db170cc
Make Sources, Plugins sections easier to read (#70652)
Re-wrote the Inventory Sources section and also the next section to have shorter, clearer sentences with a more active voice.
2020-07-20 13:30:06 -05:00
David Rieger
633c2d0522
Fix misleading documentation for naming blocks (#68458)
From what I have observed it is the block itself that doesn't support the name attribute rather than the tasks inside the block.

* Update docs/docsite/rst/user_guide/playbooks_blocks.rst

Co-authored-by: Alicia Cozine <879121+acozine@users.noreply.github.com>
2020-07-20 09:48:53 -05:00
Toshio Kuratomi
9dda393d70
Collections docs generation (#59761)
* Build documentation for Ansible-2.10 (formerly known as ACD).

Builds plugin docs from collections whose source is on galaxy

The new command downloads collections from galaxy, then finds the
plugins inside of them to get the documentation for those plugins.

* Update the python syntax checks
  * docs builds can now require python 3.6+.

* Move plugin formatter code out to an external tool, antsibull-docs.
  Collection owners want to be able to extract docs for their own
  websites as well.
* The jinja2 filters, tests, and other support code have moved to antsibull
* Remove document_plugins as that has now been integrated into antsibull-docs

* Cleanup and bugfix to other build script code:
  * The Commands class needed to have its metaclass set for abstractmethod
    to work correctly
  * Fix lint issues in some command plugins

* Add the docs/docsite/rst/collections to .gitignore as
  everything in that directory will be generated so we don't want any of
  it saved in the git repository
* gitignore the build dir and remove edit docs link on module pages

* Add docs/rst/collections as a directory to remove on make clean
* Split the collections docs from the main docs

* remove version and edit on github
* remove version banner for just collections
* clarify examples need collection keyword defined

* Remove references to plugin documentation locations that no longer exist.
  * Perhaps the pages in plugins/*.rst should be deprecated
    altogether and their content moved?
  * If not, perhaps we want to rephrase and link into the collection
    documentation?
  * Or perhaps we want to link to the plugins which are present in
    collections/ansible/builtin?

* Remove PYTHONPATH from the build-ansible calls
  One of the design goals of the build-ansible.py script was for it to
  automatically set its library path to include the checkout of ansible
  and the library of code to implement itself.  Because it automatically
  includes the checkout of ansible, we don't need to set PYTHONPATH in
  the Makefile any longer.

* Create a command to only build ansible-base plugin docs
  * When building docs for devel, only build the ansible-base docs for
    now.  This is because antsibull needs support for building a "devel
    tree" of docs.  This can be changed once that is implemented
  * When building docs for the sanity tests, only build the ansible-base
    plugin docs for now.  Those are the docs which are in this repo so
    that seems appropriate for now.
2020-07-17 13:07:35 -07:00
Matt Davis
02c63ec285
update roadmap rc1 date (#70662) 2020-07-15 11:47:36 -07:00
Alicia Cozine
db354c0300
Docs: User guide overhaul, part 5 (#70307) 2020-07-14 17:00:44 -04:00
Alicia Cozine
f1f782fc37
partial update of community docs to reflect collections transition (#70488) 2020-07-14 15:47:18 -04:00
Abhijeet Kasurde
375c6b4ae4
docs: update date format in removed_at_date (#70597)
removed_at_date requires YYYY-MM-DD format.

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-07-14 11:43:25 -04:00
Abhijeet Kasurde
20209c508f
docs: update module development docs (#70594)
Update module development docs for flattened modules directory.

Fixes: #70261 (at least partially)

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-07-13 14:41:59 -05:00
Sayee
38ccfb4a3e
updated requirements file for docs build (#70609) 2020-07-13 15:35:08 -04:00
Karl Goetz
c410311f55
Clarify that index_var is 0 indexed (#70548)
A little further down the page is another index, ansible_loop.index, which shares a similar description but is 1 indexed.
Its zero indexed twin has a 0 suffix.

``ansible_loop.index``      The current iteration of the loop. (1 indexed)
``ansible_loop.index0``     The current iteration of the loop. (0 indexed)

To remove ambiguity around the usage of index_var, explicitly mention that this variable is 0 indexed.
2020-07-13 14:15:44 -05:00
mahadelmi
f4ea43c4a0
Update windows_winrm.rst (#70306)
gcc also needed to be installed alongside python-devel, krb5-devel, krb5-libs, and krb5-workstation.
2020-07-13 13:43:39 -05:00
Andrew Klychkov
edcd1a1a70
Doc: fix examples of changelog entries. (#70551) 2020-07-10 16:17:03 -04:00
Amin Vakil
9c40b1b2ff
Replace filename with file in apt_key (#70492)
* Replace filename with file from apt_key check

  one is internal variable, the other is actual parameter used and required for parameter check.
2020-07-10 12:42:49 -04:00
FloMiau
f7db428375
update documentation link to python 3 (#70509)
update the docs link for strftime on the filters page to point to the python3 docs
2020-07-09 11:58:39 -05:00
Mark Chappell
e1ba7dc52a
Update AWS Integration test docmentation (#70454) 2020-07-08 08:01:37 +05:30
Rick Elrod
707458cc8c
Make netbsd virtualization facts more specific (#70467)
Change:
Our handling of NetBSD virtualization facts led to facts that were just
plain incorrect. One example is reporting Xen even when the system is
running on something completely different (like KVM).

As stated by the reporter of #69352, NetBSD has a better sysctl setting
to use for this information, machdep.hypervisor.

This PR does the following:

- Try to use machdep.hypervisor sysctl value if the other sysctl values
  we check don't end up with enough information to be useful
- Only look for /dev/xencons and assume Xen if nothing else works
  (Really this should probably return 'unknown' since the file exists on
  non-Xen systems and is not very useful).
- Add a few more patterns (Xen matches and also Hyper-V) to
  VirtualSysctlDetectionMixin#detect_virt_product.

This change is slightly breaking:
- If the first two attempts at using sysctl worked before,
  (machdep.dmi.system-product and machdep.dmi.system-vendor), they will
  continue to work.
- For cases when those values didn't work, previously the existence of
  /dev/xencons was checked, and if found, we reported 'xen' (even on
  non-Xen systems when the file existed). After this PR, we try the
  machdep.hypervisor sysctl key before still falling back to
  /dev/xencons. This means that in some cases, we might go from
  (wrongly) saying "xen" to giving a more accurate value such as "kvm"
  or "Hyper-V".

Test Plan:
- Tested with local NetBSD VM and got 'kvm' instead of 'xen' back.

Tickets:
- Fixes #69352

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-07-07 17:28:13 -05:00
Baptiste Mille-Mathias
bd1378405b
Small documentation fixes (#70480)
* Add type for options in the sample module shown in Developing Modules, as this is required to have the tests being
green
* Remove duplicated strings: the same sentence is in "Python tips" and "Module security", keeping the
latter.
2020-07-06 12:53:10 -05:00
Sviatoslav Sydorenko
8d97c8c222 Fix the internal Python API usage examples
Previous version initialized the `TaskQueueManager` after calling
`Play.load()` while advertising a way to inject a custom library
location path. This caused the tasks loader not to find any custom
modules because it was triggered before the path was actually added
to the module loader.

This patch changes the order of the operations to ensure that the
customized `context.CLIARGS` actually influences things.

Resolves https://github.com/ansible/ansible/issues/69758.
2020-07-03 10:44:54 +02:00
Michael Ritsema
82e5d03bdb
Suggest ansible ad-hoc command while developing module (#70308)
If a local module has no documentation, the doc command will fail without any hints of what is wrong. Add another way to confirm the presence of a local module.
* Update docs/docsite/rst/dev_guide/developing_locally.rst

Co-authored-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-07-02 17:23:37 -05:00
David Shrewsbury
4e41e37aa7
Fix flatten null perserve versionadded (#70435) 2020-07-02 13:28:39 -05:00
Sandra McCann
aa59c23aed
update platform table with links to collections (#70373) 2020-07-02 10:20:11 -05:00
Baptiste Mille-Mathias
9eb904ea61
Add documentation for ipaddr filters (#70343) 2020-07-02 11:17:46 -04:00
jafiala
7c90a2d2a6
Update playbooks.rst (#70317) 2020-07-02 11:11:09 -04:00
Brian Coca
7a15a3a109
fix flatten handling of nulls/nones (#70141)
* fix flatten loop control issue (break -> continue)

fix issue #69012

(cherry picked from commit 2127be5ec5)

* fixed null break bug and added option to include

 fixes #69012
 fixes #69013

Co-authored-by: pseudocoder <borisovano@users.noreply.github.com>
Co-authored-by: David Shrewsbury <Shrews@users.noreply.github.com>
2020-07-01 18:52:03 -04:00
Brian Coca
5d3d097de3
more correct info about role main.yml (#70326)
fixes #40496
2020-07-01 16:16:21 -04:00
Alicia Cozine
c89f3cda9e
incorporate minimalism feedback on filters page (#70366)
Co-authored-by: Alicia Cozine <acozine@users.noreply.github.com>
2020-07-01 16:15:32 -04:00
Rick Elrod
91aea92c62
Add ability to fallback to chgrp remote_tmp and its files. (#68627)
* Add ability to fallback to chgrp remote_tmp and its files.

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-07-01 15:16:56 -04:00
Sir Mobus Gochfulshigan Dorphin Esquire XXIII
a1ac595d42
Minor grammatical fix (#70405)
'you' -> 'your'
2020-07-01 10:47:08 +05:30
Sandra McCann
5a28b2b86c
Add steps for how to create changelog.rst for a collection (#70262)
* Update docs/docsite/rst/dev_guide/developing_collections.rst
* add steps to create changelogs, add sentence about not using the tool
* add note for rerunning the command

Co-authored-by: Felix Fontein <felix@fontein.de>
2020-06-29 14:22:31 -05:00