Since there is no shell escape of the password parameter, a password with
a single quote (or even worst, a single quote and a pipe) could have
unattended consequences. Also, the less we use use_unsafe_shell=True, the
better.
As of Ansible 2.x, invocation of Django's ```manage.py``` requires a valid "shebang". Additionally, ```manage.py``` must be executable.
The old invocation was hardcoded as ```python manage.py ...``` while the new invocation is ```./manage.py ...```. See [this PR](https://github.com/ansible/ansible-modules-core/pull/1165).
This change allows more flexibility for which Python interpreter is invoked, but breaks existing deployment when ```manage.py``` is not properly configured. This documentation update adds a note explaining the new requirements for ```manage.py```.
Add the ability to completely delete a floating IP from the pool
when disassociating it from a server. When state is absent and
purge is true, the IP will be completely deleted. The default
keeps the current behavior, which is to only disassociate the IP
from the server.
The exception message, when shade fails, will contain much more
specific information about the failure if the exception is treated
as a string. The 'message' attribute alone is usually not helpful.
Support specifying an absolute path (typically /etc/crontab) rather than
a path relative to /etc/cron.d, to allow modifying the main system crontab.
Particularly useful for target systems that have /etc/crontab but no
/etc/cron.d.
Since use_unsafe_shell is suspicious from a security point
of view (or it wouldn't be unsafe), the less we have, the less
code we have to toroughly inspect for a security audit.
In this case, the '&&' can be replaced by doing 2 calls to run_command.
Starting in Django 1.7, the createcachetable command looks for cache
table names in the CACHES settings dictionary, so cache_table is no
longer required, but is still allowed.
Otherwise CDN (Akamai) downloads file without the headers. The sequence
is following:
1. Ansible uploads file to CF.
2. Akamai downloads the file and caches it in CDN.
3. Ansible sets headers.
As a result Akamai serves file without headers.
This is backwards incompatible change, because headers keys are not
prefixed with `x-object-meta-`. Which allows user to set headers like
`Access-Control-Allow-Origin`.
The command `hg up -C` by default moves to the latest revision on the
current branch. The `discard` function was trying to update to a
different branch, in case it was provided, by passing a `-r REVISION`
argument. Not only is this not the intended effect of the `discard`
function, but this also could update to a different branch that hasn't
been pulled yet, which is how we were experiencing trouble.
Instead, we unconditionally do `hg up -C -r .` to "update" to the
current revision (i.e. to "."), while `-C/--clean`ing the current
directory. This is similar to `hg revert --all`, except that it also
undoes the merge state of the working directory, in case there was
any.
Previously the logging module hard coded the default logging driver. This means
if the docker daemon is started with a different logging driver, the ansible
module would continually restart it when run.
This fix adds a call to docker.Client.info(), which is inspected if a logging
driver is not supplied in the playbook, and the container only restarted if
the logging driver applied differs from the configured default.
In usage, this has solved issues with using alternative logging drivers.
Fixes require ssl in combination with grant option
Refactoring: code cleanup to make it easier to understand
Code rewritten inspired by @willthames
Added WITH GRANT OPTION as exception; when only REQUIRESSL and/or GRANT are specified we have to add USAGE
Without this change, some trouble may occur when "deb" parameter
is used as env vars controlling dpkg are not set. For example,
installing a package that requires user input will never end since
DEBIAN_FRONTEND=noninteractive is not set.
So export env vars in APT_ENV_VARS before run dpkg, like in cases
using apt-get/aptitude.
Now module will assume that if the argument is a string it is already formated as json
and will only try to convert non strings into json string.
Also removed unused 'msg' var declarations and the ifs that set them
fixes#2009
