Commit graph

2373 commits

Author SHA1 Message Date
Tatsunori Uchino
b87944926d
Improve proposed fix for bare variables (#70687)
* Make proposed fix for bare variables clearer

* Add changelog fragment
2020-08-19 00:55:30 +02:00
Rick Elrod
ea58d7c233
Make it so callback plugins can act on implicit/explicit meta tasks (#71009)
Change:
- Now sends meta tasks to the task start callback
- Lets callback plugins opt-in to receiving implicit tasks

Test Plan:
- New integration tests

Tickets:
- Indirectly fixes #71007 by allowing custom callbacks with this data

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-08-18 16:56:48 -05:00
Abhijeet Kasurde
6d17736ef4
subelements: Clarify parameter docs (#71177)
skip_missing parameter in subelements lookup plugin is accepted from
inside the dictionary.

Fixes: #38182

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-08-18 12:03:28 -04:00
Sloane Hertel
88bfc7977d
Fix meta tasks used with --flush-cache (#71311)
* Remove incorrect code
2020-08-18 11:41:58 -04:00
David Shrewsbury
f2f6c34632
Fix play stats when rescue block is a child block (#70922)
* check run state of current block only

* Add changelog and test

* Add test for issue 29047

* Fix for both tests

* blerg

* Change test messages

* fix tests

* Add multi-level block in rescue test case

* Add recursive rescue check and multi-level test

* Should probably run the new test

* ci_complete

* Merge new tests

* ci_complete
2020-08-18 11:20:55 +02:00
Matt Martz
6289570234
epoch can be a float with strftime filter. Fixes #71257 (#71314) 2020-08-17 13:46:49 -05:00
Matt Martz
9da880182b
Allow the TOML inventory to dump unsafe. Fixes #71307 (#71309) 2020-08-17 13:46:13 -05:00
Matt Martz
959af7d90b
Don't do conflict check on sdist and egg_info (#71310)
* Don't do conflict check on sdist and egg_info. Fixes #71279

* Add changelog

* adjust changelog PR link

Co-authored-by: Rick Elrod <rick@elrod.me>

* add warning about bdist_wheel

Co-authored-by: Rick Elrod <rick@elrod.me>
2020-08-17 13:45:41 -05:00
Edwin Hermans
eb8b3a8479
get_url - Allow checksum file to be local file:// url (#71205)
This would be a partial solution for #69364 in that the SHASUMS file can be downloaded and gpg verified but then used from the downloaded location to verify the get_url's file.
* Make checksum url parsing more explicit

Use urlsplit to test if the checksum string has a (currently tested and) supported url scheme.

* Fix whitespace
* Changelog fragment
* Added tests
* Fix typo in test setup
2020-08-17 12:21:15 -04:00
Lorenzo Castelli
a1a50bb3cd
systemd - supports new systemctl output message for chroot (#71197)
The message generated by systemctl has been updated in 9321e23c40, which requires a corresponding change in the systemd module.

In addition, this fixes the module when the SYSTEMD_OFFLINE environment variable is set.
2020-08-17 12:09:07 -04:00
Matt Martz
5821128995
Allow callbacks from forks (#70501)
* POC for supporting callback events that come from the worker

* linting fixes. ci_complete

* fix up units. ci_complete

* Try moving the sentinel put higher. ci_complete

* safeguards. ci_complete

* Move queue killing to terminate

* LINTING. ci_complete

* Subclass Queue, to add helper send_callback method

* Just use _final_q instead of adding another queue and thread

* Revert a few changes

* Add helper for inserting a TaskResult into the _final_q

* Add changelog fragment

* Address rebase issue

* ci_complete

* Add test to assert async poll callback from fork

* Don't use full path

* ci_complete

* Use _results_lock as a context manager

* Add new generic lock decorator, and use it with send_callback
2020-08-17 10:51:01 -05:00
Felix Fontein
9f72ff80e3
Redirect gluster modules to gluster.gluster. (#71240) 2020-08-12 23:23:27 -07:00
Florent PIGOUT
336c176ebc
Fix cron file regression (#71207) 2020-08-12 14:04:29 -05:00
Sam Doran
888be697cb
Revert "Change default file permissions so they are not world readable (#70221)" (#71231)
* Revert "Change default file permissions so they are not world readable (#70221)"

This reverts commit 5260527c4a.

* Revert "Fix warning for new default permissions when mode is not specified (#70976)"

This reverts commit dc79528cc6.
2020-08-12 12:29:04 -05:00
Matt Martz
c59472715a
Add support for non-yaml EXAMPLES (#71184)
* Add support for non-yaml EXAMPLES

* Make pattern raw string

* fmt tag should be the first non-whitespace line

* Add changelog fragment
2020-08-12 09:17:45 -05:00
Martin Krizek
b66d66027e
Skip literal_eval for string filters results in native jinja. (#70988)
Fixes #70831
2020-08-11 10:19:49 +02:00
Jordan Borean
3f22f79e73
Ensure -k is set to delegated hosts without a pass (#71136)
* Ensure -k is set to delegated hosts without a pass

* Fix up some broken tests

* Update task_executor.py

one possible fix, the other is updating winrm to normalize on 'password' like the other connection plugins

* Add alias for winrm and fix incorrect assumption

* Make sure aliases are used for keyword options

* Conditionally run test if sshpass is present, fix sanity

Co-authored-by: Brian Coca <bcoca@users.noreply.github.com>
2020-08-08 09:06:32 +10:00
Matt Martz
410b6a7109
Update integration tests to support rpmfluff-0.6 (#71155) 2020-08-07 14:09:09 -05:00
Felix Fontein
050841324c
ansible-test: bump acme test container version to 2.0.0 (#71097) 2020-08-07 09:34:52 -07:00
David Shrewsbury
2f77606aa1
Add CVE reference to changelog for PR 70762 (#71151) 2020-08-07 10:55:09 -05:00
David Shrewsbury
6bf1dd428b
Update 70762 changelog to use security_fixes (#71124) 2020-08-06 14:58:56 -05:00
Felix Fontein
fbfc0f99eb
Make changelog tool be more strict about suffixes (#70909)
* Bump antsibull-changelog version.

* Flag all dotfiles, except .keep and .gitkeep.

* Enable ignoring other fragment extensions.
2020-08-06 10:49:39 -05:00
Rick Elrod
4e55b93613
virt facts: allow guest/host to have >1 virt tech (#70832)
Change:
- Allow systems to declare multiple virt techs. For example if a system
  is both a docker container, but virtualized on KVM, show both. If a
  system is set up to run virtualbox and KVM VMs, show both.

- This is done by introducing new facts keys:
  - virtualization_tech_guest
  - virtualization_tech_host

- Backwards compatibility is preserved by keeping track of the previous
  return-points and refusing to update those keys after we would have
  returned, but now returning them at the end, so that the new keys can
  accumulate their data.

Test Plan:
- Local
- CI

Tickets:
- Refs #66304
- Refs #17151
- Refs #17058
- Probably others

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-08-06 09:45:37 -05:00
Felix Fontein
fc83055425
Fix changelog fragment type. (#70902) 2020-08-05 15:32:31 -04:00
Toshio Kuratomi
fb144c4414
Update ansible doc formats (#71070)
* Fix tty_ify bugs and refactor

* Move tty_ify() and supporting attributes to the DocCLI class as that's
  the only thing using it.
* Add unittest for the code.
* Fix a bug where the substitution macros can be detected when they are
  a part of another word.
* Add support for L(), R(), and HORIZONTALLINE which were added to the
  website docs many years ago.

* Update test/units/cli/test_doc.py

Co-authored-by: Matt Clay <matt@mystile.com>

Co-authored-by: Matt Clay <matt@mystile.com>
2020-08-05 10:53:25 -07:00
Brian Coca
662d34b9a7
add jinja2 global to reserved names (#71088)
* add jinja2 global to reserved names

  also allow expansion by additional context provided from caller

  fixes #41955

Co-authored-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-08-05 10:43:31 -04:00
Jordan Borean
aab9beccf7
Remove ANSIBLE_COLLECTIONS_PATHS dep warning (#71094) 2020-08-05 07:38:35 +10:00
Rick Elrod
0d7c144ce4
Allow macOS ACLs to work for unpriv -> unpriv (#70785)
Change:
- Use `chmod +a` in the fallback chain to allow MacOS to use ACLs to
  allow an unprivileged user to become an unprivileged user.

Test Plan:
- CI, new tests

Tickets:
- Fixes #70648

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-08-04 14:32:48 -04:00
Rick Elrod
810a9a5593
find: Allow reading whole file for contains regex (#71083)
Change:
- Add a parameter `read_whole_file` which allows for reading the whole
  file when doing a `contains` regex search.
- This allows for (for example) matching a pattern at the very end of
  a file.

Test Plan:
- New integration tests

Tickets:
- Fixes #63378

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-08-04 12:49:45 -05:00
Martin Krizek
5ca3aec3c4
native types: properly handle Undefined in nested data (#68432) 2020-08-04 19:06:07 +02:00
Jordan Borean
f6b3b4b430
ansible-galaxy - fix download for subdirs in SCM (#71005) 2020-08-04 11:10:00 -04:00
Felix Fontein
4bd7580dd7
Fix fortimanager httpapi redirect (#71073)
* The fortimanager httpapi plugin is in fortinet.fortimanager, not in fortinet.fortios.

* Add changelog fragment.
2020-08-04 05:42:46 +01:00
Matt Davis
86b6c4bbb6
fix collection package root location under pytest >=6.0.0 (#70963) 2020-08-03 17:31:32 -07:00
Rick Elrod
7f62a9d7b5
Make cache adjudicator's flush call plugin flush (#70987)
Change:
- Previously CachePluginAdjudicator#flush only removed entries from the
  cache backend that it knew about by using them earlier. Now it calls
  the underlying plugin's flush() method.

Test Plan:
- New unit tests

Tickets:
- Fixes #68770

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-08-03 17:16:15 -05:00
Sloane Hertel
991714b9d1
copy - redact 'content' from invocation in check mode (#71033)
* sanitize copy module invocation secrets in check mode
2020-08-03 11:41:45 -04:00
Rick Elrod
74c14c6743
Strip spaces in module names in explicit actions (#71040)
* Strip spaces in module names in explicit actions

Change:
- When an action is called like "action: copy foo=bar", strip spaces
  around the action name.
- This allows "action: copy        foo=bar" to work as expected.

Test Plan:
- New integration tests

Tickets:
- Fixes #62136

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-08-03 11:30:45 -04:00
Martin Krizek
bf7276a4e8
Emit proper error for x in y when y is undefined (#70990)
Fixes #70984
2020-07-30 15:57:01 -04:00
Philip Douglass
ac5f3f8bef
unarchive - Check 'fut_gid' against 'run_gid' in addition to supplemental groups (#65666)
Add integration tests for unarchiving as unprivileged user
Break tasks into separate files for easier reading and maintenance

Create a user by specifying a default group of 'staff' for macOS.

The user module does not actually remove the user directory on macOS,
so explicitly remove it.

Put the removal tasks in an always block to ensure they always run

Co-authored-by: Philip Douglass <philip.douglass@amadeus.com>
Co-authored-by: Sam Doran <sdoran@redhat.com>
2020-07-30 15:28:05 -04:00
Abhijeet Kasurde
e139739ab3
iptables: Add a note about ipv6-icmp (#70915)
ipv6-icmp ping is valid protocol and adding note about
it in protocol parameter.

Fixes: #70905

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-07-30 14:16:43 -05:00
Sloane Hertel
54e2ae79e7
fix downloading collections in git repos and tar.gz artifacts (#70524)
* Fix downloading tar files

* Fix downloading SCM collections

* changelog
2020-07-30 13:55:29 -04:00
Sam Doran
e6bf202738
linux facts - return proper broadcast address (#64528)
* linux facts - return proper broadcast address

Check that the value being returned is actually a broadcast address

* Add tests

* Cleanup tests
2020-07-30 19:40:14 +02:00
Sam Doran
c4f442ed5a
facts - fix incorrect time for some date_time_facts (#70665)
The iso8601_micro and iso8601 facts incorrectly called now.utcnow(), resulting
in a new timestamp at the time it was called, not a conversion of the previously
stored timestamp.

Correct this by capturing the UTC timestamp once then calculating the local
time using the UTC offset of the current system.

* Use time.time() for getting the current time
* Convert from that stored epoch timestamp to local and UTC times
* Used existing timestamp for epoch time
* Add unit tests that validate the formate of the return value rather than an exact value since mocking time and timezone is non-trivial
2020-07-30 11:39:58 -04:00
Matt Clay
2e0097ada3 Fix ansible-test relative import analysis. 2020-07-30 08:05:28 -07:00
Sam Doran
dc79528cc6
Fix warning for new default permissions when mode is not specified (#70976)
Follow up to #70221
Related to #67794
CVE-2020-1736

When set_mode_if_different() is called with mode of 'None', ensure we issue
a warning about the change in default permissions.

Add integration tests to ensure the warning works properly.

* Fix tests
- actually use custom module 🤦‍♂️
- verify file permission on created files
- use remote_tmp_dir so we're ready for split controller
- improve test module so we can skip the call to set_fs_attributes_if_different()
- fix tests for CentOS 6
2020-07-30 00:05:29 -04:00
Jordan Borean
b1cb2553af
ansible-galaxy - fix fallback for AH searches (#70957) 2020-07-30 07:28:43 +10:00
Sam Doran
a24f51d9e5
package - use existing list of package manages from facts (#70920) 2020-07-29 12:08:11 -04:00
Sam Doran
73a9ad9aea
ansiballz - remove deprecated excommunicate command (#70921) 2020-07-29 12:05:12 -04:00
Rick Elrod
20a7476064
git: verify, only use --raw when we need it (#70900)
Change:
- Allow older git to verify tags again
- Enable verification tests everywhere, even if most of them only work
  on newer git. Some of them work on older git and they test the --raw
  parameter.

Test Plan:
- Re-enabled subset of git tests

Tickets:
- Fixes #64469

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-07-29 10:45:51 -05:00
Brian Coca
f9c3c6cba6
Allow changed/failed mgmt on strategy actions (#70919)
* Allow changed/failed mgmt on strategy actions
2020-07-29 10:44:46 -04:00
Matt Clay
3a8ac62596 Cap pytest version to avoid relative import issue. 2020-07-28 14:51:39 -07:00