Commit graph

273 commits

Author SHA1 Message Date
Sam Doran
c968020d52
[stable-2.10] Revert "Change default file permissions so they are not world readable (#70221) (#70824)" (#71236)
* [stable-2.10] Revert "Fix warning for new default permissions when mode is not specified (#70976) (#70985)"

This reverts commit 5cb96087e6.

* [stable-2.10] Revert "Change default file permissions so they are not world readable (#70221) (#70824)"

This reverts commit 7e4cffc5d2.
2020-08-12 14:30:47 -05:00
Sandra McCann
b9a406f890
Docs [2.10] Backportapalooza 6 (#71129)
* Misc typo fixes (#71089)

(cherry picked from commit 504ef607f3)

* Add some documentation for the format of meta/runtime.yml (#71035)

* Document the format of meta/runtime.yml

* Document multiple Ansible versions

Clarify difference between deprecation and tombstone fields

* add note

(cherry picked from commit a9eb8b0488)

* add note to uninstall older versions of ansible for pip (#71023)

* add note to uninstall older versions of ansible for pip

* combine with the other PR

(cherry picked from commit 72d3d44163)

* VMware: Inventory scenario guide for hostnames (#71055)

Added a scenario guide for ``hostnames`` parameter
for vmware_vm_inventory.

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 0055673c70)

* Document string tests a bit more (#71049)

- Explain how `regex` differs from `match` and `search`.
- Document `multiline` and `ignorecase`.

Signed-off-by: Rick Elrod <rick@elrod.me>
(cherry picked from commit 701c638757)

* docs: Add a note about package requirements for fact gathering (#70796)

Fixes: #26148

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit a6725d6e2a)

* added note about fakeroot (#71018)

see #70895

(cherry picked from commit 11a31e99e6)

* Update documentation of httpapi's handle_httperror method for clarity (#70991)

(cherry picked from commit a0523e5b8a)

* DOCS: add 2.10 collections roadmap (#70975)

* draft of 2.10 collections roadmap

* incorporates feedback from felixfontein

* gundalow and samccann feedback, fix link

Co-authored-by: Alicia Cozine <acozine@users.noreply.github.com>
(cherry picked from commit 9879da8e23)

* updates changelog types; some updates for easier translation (#71027)

Co-authored-by: Alicia Cozine <acozine@users.noreply.github.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 4f4436c124)

* Document common return values with examples (#71046)

* adding return value examples
* shift to console code blocks
* cleaning up whitespace and shortening invocation example
* reordering diff section

(cherry picked from commit 864573a38d)

* Update intro_getting_started.rst (#71039)

Added two additional learning resources in the See also: section- forgot closing backticks

(cherry picked from commit 9850915bd6)

* Guide users to use ansible-runner (#71063)

Update the docs to guide users to use `ansible-runner` instead of using Python API directly. In many use cases, executing Ansible playbooks are sufficient. In those use cases, `ansible-runner` is easier and much stable to use comparing with Python API, but there is no mention of it.

(cherry picked from commit 0c855dc70b)

* Porting guides for ansible-base 2.10 and ansible 2.10 (#70891)

* Fix changelog link title.

* Rename Ansible 2.10 and 2.11 porting guides to Ansible-base porting guides.

* Add stub for automatically generated 2.10 porting guide.

* Move things that should not be in the ansible-base porting guide to the ansible porting guide.

* Apply changes to base porting guides.

* Add remark that ansible-base is mainly for developers.

* Ansible Base -> Ansible-base

* Fix link in base porting guide.

* Add generated porting guide.

* Use same header signs as antsibull-changelog's RST builder.

* Update generated porting guide.

(cherry picked from commit 61b36c6f30)

* Update network platform guides with FQCN (#70699)

* fqcn all the docs things!

(cherry picked from commit 54bee7152b)

* Document how to upgrade to ansible with pip (#70768)

Fixes #70348

(cherry picked from commit 5019335660)

* document how to migrate between collections (#70243)

* document how to migrate between collections
* Apply suggestions from code review

Co-authored-by: John R Barker <john@johnrbarker.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 58145dff9c)

* remove github link from plugins (#70951)

(cherry picked from commit e28b20d729)

* Add latest rc from ansible-base (#70974)

* Add latest rc from ansible-base

(cherry picked from commit d62dffafb3)

* Document to_json will convert to ASCII strings by default (#70954)

... as reported in issue #68702

(cherry picked from commit 8c48366f1c)

* Update the porting guide for ansible-2.10.0a8 (#71141)

(cherry picked from commit 0a9638ce4b)

Co-authored-by: Abhijeet Kasurde <akasurde@redhat.com>
Co-authored-by: Sloane Hertel <shertel@redhat.com>
Co-authored-by: Rick Elrod <rick@elrod.me>
Co-authored-by: Brian Coca <bcoca@users.noreply.github.com>
Co-authored-by: Nathaniel Case <ncase@redhat.com>
Co-authored-by: Alicia Cozine <879121+acozine@users.noreply.github.com>
Co-authored-by: Terciero <terciero@users.noreply.github.com>
Co-authored-by: Brendon O'Sullivan <49501251+bjosullivan@users.noreply.github.com>
Co-authored-by: EthanHur <ethan0311@gmail.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Baptiste Mille-Mathias <baptiste.millemathias@gmail.com>
Co-authored-by: Toshio Kuratomi <a.badger@gmail.com>
2020-08-07 16:04:19 -05:00
Felix Fontein
58517e52e2
Porting guides for ansible-base 2.10 and ansible 2.10 (#70891) (#71029)
* Fix changelog link title.

* Rename Ansible 2.10 and 2.11 porting guides to Ansible-base porting guides.

* Add stub for automatically generated 2.10 porting guide.

* Move things that should not be in the ansible-base porting guide to the ansible porting guide.

* Apply changes to base porting guides.

* Add remark that ansible-base is mainly for developers.

* Ansible Base -> Ansible-base

* Fix link in base porting guide.

* Add generated porting guide.

* Use same header signs as antsibull-changelog's RST builder.

* Update generated porting guide.

(cherry picked from commit 61b36c6f30)
2020-07-31 15:52:55 -05:00
Sam Doran
5cb96087e6
Fix warning for new default permissions when mode is not specified (#70976) (#70985)
Follow up to #70221
Related to #67794
CVE-2020-1736

When set_mode_if_different() is called with mode of 'None', ensure we issue
a warning about the change in default permissions.

Add integration tests to ensure the warning works properly.

* Fix tests
- actually use custom module 🤦‍♂️
- verify file permission on created files
- use remote_tmp_dir so we're ready for split controller
- improve test module so we can skip the call to set_fs_attributes_if_different()
- fix tests for CentOS 6

(cherry picked from commit dc79528cc6)
2020-07-30 10:10:23 -07:00
Matt Davis
cc8d180801
fix internal cases of actions calling unqualified module names (#70818) (#70840)
* fix internal cases of actions calling unqualified module names

* add porting_guide entry
* misc other fixes around action/module resolution broken by redirection

ci_complete

* Update docs/docsite/rst/porting_guides/porting_guide_2.10.rst

Co-authored-by: Rick Elrod <rick@elrod.me>

* Update docs/docsite/rst/porting_guides/porting_guide_2.10.rst

Co-authored-by: Rick Elrod <rick@elrod.me>

* address review feedback

* pep8

* unit test fixes

* win fixes

* gather_facts fix module args ignores

* docs sanity

* pep8

* fix timeout test

* fix win name rewrites

Co-authored-by: Rick Elrod <rick@elrod.me>
(cherry picked from commit 4c0af6c808)
2020-07-23 10:29:09 -07:00
Sam Doran
7e4cffc5d2
[stable-2.10] Change default file permissions so they are not world readable (#70221) (#70824)
* Change default file permissions so they are not world readable

CVE-2020-1736

Set the default permissions for files we create with atomic_move() to 0o0660. Track
which files we create that did not exist and warn if the module supports 'mode'
and it was not specified and the module did not call set_mode_if_different(). This allows the user to take action and specify a mode rather than using the defaults.

A code audit is needed to find all instances of modules that call atomic_move()
but do not call set_mode_if_different(). The findings need to be documented in
a changelog since we are not warning. Warning in those instances would be frustrating
to the user since they have no way to change the module code.

- use a set for storing list of created files
- just check the argument spac and params rather than using another property
- improve the warning message to include the default permissions.
(cherry picked from commit 5260527c4a)

Co-authored-by: Sam Doran <sdoran@redhat.com>
2020-07-23 09:07:18 -07:00
Rick Elrod
ed2de20bca bump porting guide link
Signed-off-by: Rick Elrod <rick@elrod.me>
2020-06-17 13:12:52 -05:00
Felix Fontein
9c753341e2
Porting guide: transfer entries to collection changelogs (#70064)
* Remove community.crypto parts from porting guide.
* Remove community.general parts from porting guide.
* Removed 'modules removed' section, since this is better suited for a general entry on the collection split.
2020-06-16 10:04:32 -05:00
Rick Elrod
2abaf320d7
[ansiballz] ensure that '' is not in sys.path (#69342)
Change:
On OpenBSD when using pipelining, we do not set cwd which results in a
permissions fatal. Ensure that `''` - cwd - is not in `sys.path`.

Test Plan:
Tested against local OpenBSD VM

Tickets:
Fixes #69320

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-06-01 03:43:20 -05:00
Sandra McCann
3a4e227efa
remove build errors including guess (#69711)
* remove build errors including guess

* fixed shippable errors
2020-05-29 11:56:49 -05:00
Lukas Pirl
34db57a47f
introduce fact "ansible_processor_nproc": number of usable vcpus (#66569)
This fact reflects the number of usable vcpus (which might be different
from ansible_processor_vcpus, e.g., in containers with limits). See
also #51504.

* Add fixture data and update unit tests

Co-authored-by: Sam Doran <sdoran@redhat.com>
2020-05-15 09:38:56 -04:00
Sloane Hertel
34458f3569
Update inventory caching documentation (#69100) 2020-05-05 15:10:57 -05:00
Brian Coca
babac66f9c
Be strict about what is a boolean for keywords (#67625)
* be strict about what is a boolean for keywords

 - found and fixed typo in test , 'yes' != 'yes.'
2020-04-28 13:55:26 -04:00
Alicia Cozine
69543b47c9 fix last 7 docs errors on post-migration test runs (#68115)
* address toc-tree-glob-pattern-no-match errors

* address Include-file-not-found error

* address 2.10 porting guide errors, add warning to page

* updates individual plugin type pages

* Add ignores.

Co-authored-by: Alicia Cozine <acozine@users.noreply.github.com>
Co-authored-by: Matt Clay <matt@mystile.com>
2020-03-23 11:14:21 -05:00
Alicia Cozine
4e8b240b8b
Intersphinx (#68090)
* try to route 2.9 porting guide links to 2.9 module docs

* refreshed existing .inv files

* better URL

* new .inv file for version-specific links

* adds targets for version-specific docs

* fixes 2.5 porting guide refs

* fixes 2.8 porting guide refs

* fixes 2.7 porting guide refs

* fixes links on ACI guide

* adds .inv files for versions 2.5 through 2.8

Co-authored-by: Alicia Cozine <acozine@users.noreply.github.com>
2020-03-06 14:16:35 -08:00
Mark Chappell
052e8b7be4
ec2_tag - Deprecate the use of state=list (#66840)
* ec2_tag - Deprecate the use of state=list

* Update lib/ansible/modules/cloud/amazon/ec2_tag.py

* Add changelog and porting_guide entries

Co-authored-by: flowerysong <junk+github@flowerysong.com>
2020-02-19 13:54:34 -05:00
Rohit
9eb7709c61
Vyos static route module added (#62193)
* Vyos static route module added

Signed-off-by: rohitthakur2590 <rohitthakur2590@outlook.com>

* sanity fixes

Signed-off-by: rohitthakur2590 <rohitthakur2590@outlook.com>

* empty config traceback fix

Signed-off-by: rohitthakur2590 <rohitthakur2590@outlook.com>

* sanity check fix

* model specific changes and SI test cases updated

Signed-off-by: rohitthakur2590 <rohitthakur2590@outlook.com>

* new state changes and SI test cases updated

Signed-off-by: rohitthakur2590 <rohitthakur2590@outlook.com>

* sanity fixes

Signed-off-by: rohitthakur2590 <rohitthakur2590@outlook.com>

* UT cases added

Signed-off-by: rohitthakur2590 <rohitthakur2590@outlook.com>

* replaced operation fix

Signed-off-by: rohitthakur2590 <rohitthakur2590@outlook.com>

* review comments incorporated

Signed-off-by: rohitthakur2590 <rohitthakur2590@outlook.com>

* shippable fix

Signed-off-by: rohitthakur2590 <rohitthakur2590@outlook.com>

* sanity fix

Signed-off-by: rohitthakur2590 <rohitthakur2590@outlook.com>

* delete opr updated

Signed-off-by: rohitthakur2590 <rohitthakur2590@outlook.com>

* comments incorporated

Signed-off-by: rohitthakur2590 <rohitthakur2590@outlook.com>
2020-02-18 07:32:26 -05:00
Abhijeet Kasurde
b6753b46a9
Replace 'message' in module parameters (#60051)
* 'message' parameter is replaced by 'commit_message' in grafana_dashboard
* 'message' parameter is replaced by 'notification_message' in datadog_monitor

This change is required since 'message' as parameter name is used internally by
Ansible core engine.

Fixes: #39295 #45362 #47132 #59617

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-02-18 13:00:16 +01:00
Sloane Hertel
6a8b1f867e
[aws_s3] fix deleting versioned objects before deleting bucket (#54435)
* [aws_s3] fix deleting the current objects and the previous versions from a version-enabled bucket

* use existing paginated_list function to keep compatibility with the other places it is called

* changelog

* Add noteworthy change to the porting guide

* Reword that with acozine's suggestion

Co-authored-by: Alicia Cozine <879121+acozine@users.noreply.github.com>
2020-02-17 13:16:09 -05:00
Mark Chappell
90898132e4
CloudRetry/AWSRetry : Disable catching of NotFound exceptions (#67281)
* CloudRetry/AWSRetry : Remove default catching of NotFound exceptions

* Add docs

* Changelog updates from review

* Update unit tests after removing 'NotFound' from default retries
2020-02-13 16:59:00 -05:00
Jordan Borean
ed863b377b
win_package: add missing porting guide entries (#67374) 2020-02-13 16:59:44 +10:00
Mario Lenz
808bf02588
Remove options from some vmware modules that are not used in the code (#67282) 2020-02-11 12:30:22 +01:00
Nilashish Chakraborty
88f0c85228
Remove deprecated attributes from nxos_igmp_interface (#67186)
Signed-off-by: NilashishC <nilashishchakraborty8@gmail.com>
2020-02-11 12:27:07 +01:00
Felix Fontein
f725dce936
Clean up FILE_COMMON_ARGUMENTS (#66389)
* Clean up FILE_COMMON_ARGUMENTS.

* postgresql_pg_hba doesn't declare the backup option.

* uri doesn't declare the remote_src option.

* Add documentation.

* maven_artifact seems to use directory_mode, which it doesn't declare.

* Update changelogs/fragments/66389-file-common-arguments.yml
Update docs/docsite/rst/porting_guides/porting_guide_2.10.rst

ci_complete

Co-Authored-By: Jill R <4121322+jillr@users.noreply.github.com>
2020-02-07 18:56:01 -05:00
Jordan Borean
12e3adb23a
win_domain_controller - add a deprecation warning for the log_path option (#67108) 2020-02-05 10:46:47 +10:00
Jordan Borean
78470c43c2
Removed deprecated items in Windows modules (#67105) 2020-02-05 09:02:04 +10:00
Felix Fontein
23b2bb4f4d
docker_container: change behavior for one-port container ranges to be same as docker CLI (#66382)
* Adjust docker_container behavior for one-port container ranges to be similar to docker CLI.

* Add changelog.

* Add documented examples for ports:.
2020-02-03 23:27:40 +01:00
Simon Dodsley
b1a8bded3f
Remove deprecated parameter for 2.10 in purefb_fs (#67026) 2020-02-02 15:30:01 +01:00
Mark Chappell
919a9e33e8
Minor AWS argument checks (required_if / mutually_exclusive) fixups (#66966)
* aws_netapp_cvs_snapshots - minor required_if fixup (state must be set if state=present)

* ec2 - fix typo in mutually_exclusive definition

* rds_instance: fix typo in mutually_exclusive restore_to_time should be restore_time - currently throws a boto error
2020-01-31 22:17:46 +01:00
Felix Fontein
5fdc9a61f0
docker_container: pass volumes only for anonymous volumes (#66600)
* Simplify code.

* Only pass anonymous volumes.

* Add changelog and update porting guide.

* Add integration tests.
2020-01-30 14:08:25 +01:00
Dusan Matejka
57805b7def
zabbix_proxy interface option documentation and argspec fixes (#66837)
* zabbix_proxy interface option documentation and argspec fixes

* Update changelogs/fragments/66837-zabbix-proxy-interface.yml

Co-Authored-By: Felix Fontein <felix@fontein.de>

Co-authored-by: Felix Fontein <felix@fontein.de>
2020-01-30 14:06:44 +01:00
Martin Krizek
4ca0c7f116 Fix case sensitivity for lookup() (#66521)
This brings consistency to lookup(), with_ and ansible-doc.

Fixes #66464

* Add a porting guide entry
2020-01-27 15:09:45 -05:00
Abhijeet Kasurde
fc6476bd72
VMware: Handle multiple tags with different category (#66465)
vmware_tag_info used to return dict of tag information which caused
data loss when there are multiple tags with same name and different category ids.
This fix will add additional fact "tag_info" which will deprecated existing fact
"tag_facts".
The "tag_info" is a list which handles multiple tags with same name.

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-01-23 10:15:57 +05:30
Jordan Borean
6f04f87a13
Deprecate Windows 2008, and 2008 R2 (#66257)
* Deprecate Windows 2008, and 2008 R2

* Remove shippable nodes

* Update windows_faq.rst

Be less specific about 2008/R2 timeframes

* Update setup.ps1

tweak warning text

Co-authored-by: Matt Davis <nitzmahone@users.noreply.github.com>
2020-01-14 11:22:39 +10:00
Bill Dodd
5f966ef664 Update deprecation version and porting guide for resource_id option (#66060)
* update deprecation version and porting guide for resource_id option

* add changelog fragment
2020-01-10 16:37:53 -06:00
Sandra McCann
9922014441 add details on network gather facts improvements (#66220)
* add details on network gather facts improvements, implement feedback
2020-01-10 15:06:49 -06:00
Pilou
7ee3103a86 clc_aa_policy: deprecate unused 'wait' parameter (#64367) 2019-12-20 23:46:53 -05:00
Bill Dodd
973e36c6b6 Fix version param in deprecate() call and update porting guide (#65894)
* fix version= param in deprecate() call and update porting guide

* add changelog fragment
2019-12-19 07:09:28 +01:00
Mark Chappell
d8943d495e AWS NLB: Deprecate current default behaviour of 'absent' (#65468)
* Deprecate elb_network_lb default of *delete*.

* Add changelog fragment

* Porting guide entry
2019-12-09 15:55:32 +01:00
Jordan Borean
fcdebe41e9
win_find - Refactor for better performance and alignment to find (#65536)
* win_find - refactor to make more performance and use newer style

* win_find - refactor for performance improvements and alignment to find

* More path alignment to find

* Fix yamllint error
2019-12-06 10:01:11 +10:00
Trevor Pounds
8daa42bb3d Support non-KV and KV v1/v2 secret engines (#64288)
* Support generic and KV v1/v2 secret engines.

Fixes #41132
Fixes #50598
Fixes #54462
Fixes #64150

* Update KV v2 compatibility notes/usage docs.

* Add tests for KV v1/v2 and generic secrets engines.

* Add changelog fragment.

* Add KV v2 behavior changes to porting guide.

* Fix pylint blacklisted name warnings.
2019-11-25 06:18:49 +01:00
Felix Fontein
f4d45ffdff
docker_container: change network_host default behavior for Ansible 2.14 (#64635)
* Update network_mode docs.

* Announce default change for 2.14.

* Add changelog fragment.
2019-11-24 05:05:00 +01:00
Mark Chappell
6e652ae6df Improve consistency of IAM_{role,user,group} behaviour (#64258)
* iam_user: use AnsibleAWSModule.client to fetch connection rather than C&P code

* iam_role: Add deprecation warning so we can switch purge_polices default behaviour from true to false

* iam_user/role/group: Rename 'managed_policy' and 'purge_policy'

Rename from singluar to plural (we accept a *list* of policies), and add aliases for the old values.

* Cleanup documentation

* Changelog
2019-11-21 14:38:44 -07:00
Mark Chappell
f1311d3e98 Rewrite iam_policy using boto3 (#63924)
* reworked iam_policy

* Deprecate policy_document option

* deprecate defaulting skip_duplicates to true

* No longer explicitly catch ParamValidationError.

ParamValidationErrror is already caught by ClientError

* Work with complex policy objects rather than json documents

comparisons can better cope with the special cases (eg True vs "True" )

* Enable check_mode tests and fix related 'changed' bug

* changelog

* doc cleanup based on review
2019-11-20 16:59:02 -07:00
Maciej Delmanowski
45527716fd Add module ldap_attrs; deprecate ldap_attr (#62701)
* Add ldap_attrs module

* Fix codesyle error

* Apply deprecation rules

* Add support for X-ORDERED extension in ldap_attrs

The 'X-ORDERED' LDAP extension allows definition of ordered LDAP object
attributes. This extension is used in OpenLDAP "cn=config" database to
support ordered configuration options.

Specification: https://tools.ietf.org/html/draft-chu-ldap-xordered-00

* Update ldap_attr deprecation notice

* Documentation improvements based on suggestions

* Remove redundant dots from documentation

* Correct 'insertations' to 'insertions'

* Remove insecure 'params' option

* Fix sanity ignore errors

* Improve module documentation

* Change example value from string to list

* Fix support for "" values
2019-11-16 15:53:35 +01:00
Mario Lenz
034df49c56 VMware: New module vmware_host_dns (#64458)
* Restore module vmware_dns_config
* Remove domainname and change_hostname_to
* Changed version_added from 2.10 to '2.10'
* Add setup_attach_host: true to test case
* Add 'vcsim is not defined' block to integration tests
* Change 'result' to 'dns_config_result'
* Bugfix: Changing some static configurations while keeping others can crash the module
* Implement changing DNS config from DHCP to static on a cluster
* Update documentation for vmware_host_dns
* vmware_host_dns integration tests: Always revert to original DNS configuration, even if a test fails
* Deprecate vmware_dns_config
2019-11-16 11:25:06 +05:30
Jordan Borean
762fcf78b9
win_pester - Align dir scanning with Pester's defaults (#64880)
* win_pester - Align dir scanning with Pester's defaults

Co-authored-by: Coby Caldwell <cobycaldwell@gmail.com>

* Fix sanity issues
2019-11-15 13:53:30 +10:00
Abhijeet Kasurde
eac7fa1860
gitlab_user: Remove optional parameters while state is absent (#64832)
While deleting gitlab user, several parameters such as email, name,
password are not required. This fix removes this requirement from the
module.

Fixes: #61921

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2019-11-14 17:21:14 +05:30
Timothy Appnel
0573e51482 Remove deprecated kubernetes and oc module "indirection" in v2.9 changelog doc (#64572)
+label: docsite_pr
2019-11-08 16:07:42 -05:00
Dusan Matejka
0cb19e655c zabbix_action shouldn't require args other than name when state=absent 2019-11-08 16:45:13 +05:30