Commit graph

3208 commits

Author SHA1 Message Date
James Cammarata
2cc602beea Fixes for module param counting and additional shell quoting issues 2014-07-23 22:54:59 -05:00
Benno Joy
ac85d8444b fix for unarchive 8257 2014-07-23 14:50:16 +00:00
Nacho Coloma
57428c48a2 Bugfix: bulletproof unexpected_error_msg at gce.py
This method was still failing for me with a "missing http_code" message. After applying this change, the error message is:

```
msg: Unexpected response: {'value': 'PyCrypto library required for Service Account Authentication.'}
```

I wanted to contribute a rock-solid `unexpected_error_msg` implementation.
2014-07-23 16:45:24 +02:00
James Cammarata
84759faa09 Security fixes:
* Strip lookup calls out of inventory variables and clean unsafe data
  returned from lookup plugins (CVE-2014-4966)
* Make sure vars don't insert extra parameters into module args and prevent
  duplicate params from superseding previous params (CVE-2014-4967)
2014-07-21 11:20:49 -05:00
James Cammarata
00e089e503 Revert "Explicitly set the user option for ssh connections"
This reverts commit 0f91add86f.

Fixes #8216
2014-07-21 10:32:55 -05:00
Joseph Benden
da5e32b316 Needs additional divisor. 2014-07-18 07:55:24 -07:00
Michael DeHaan
0fad9575e9 Refine error message about invalid ops since people forget to indent tasks fairly often. 2014-07-17 10:13:10 -04:00
James Cammarata
0e5b0a2e97 Revert "Set Jinja2's keep_trailing_newline=True in template_from_string."
This reverts commit 7a8eb0b670.
2014-07-17 09:07:04 -05:00
Joseph Benden
b55791ef43 Support for OS X 10.10 DP3. 2014-07-16 12:37:11 -07:00
James Cammarata
62e9cf63b7 Merge pull request #8170 from sergevanginderachter/issue_8159
Load existing group_vars file for new group_by group
2014-07-16 14:28:14 -05:00
Serge van Ginderachter
4e9a253bef Load existing group_vars file for new group_by group
if it was not loaded yet, which happens if that group
didn't exist yet in the inventory.

fixes #8159
2014-07-16 21:16:27 +02:00
James Cammarata
42b5294820 Merge branch 'devel' of https://github.com/leverich/ansible into leverich-devel 2014-07-16 14:02:13 -05:00
Felix Geyer
0ebd19e97b Fix regression: Sanitize sudo success_key from stdout
Commit 7e3dd10 caused a regression with sanitizing the sudo success_key from stdout.
There is no newline in front of SUDO-SUCCESS when using sudo.
This change adapts the regex to make the line break optional.

Tested on Ubuntu 14.04.
2014-07-16 18:14:35 +02:00
Ruggero Marchei
909955f2e2 fix get_distribution_version() on amazon linux 2014-07-15 18:04:46 +02:00
Jacob Leverich
7a8eb0b670 Set Jinja2's keep_trailing_newline=True in template_from_string.
Without this setting, the newline idempotence of scalar strings changes depending on whether
or not they contain any Jinja2 template blocks.
2014-07-14 13:36:17 -07:00
James Cammarata
e74853300a Merge branch 'task-host-loop-bypass' of https://github.com/sivel/ansible into sivel-task-host-loop-bypass 2014-07-14 14:21:25 -05:00
James Cammarata
cdb9f13559 Merge pull request #7605 from sivel/delegate-callback-hint
Show delegate_to hint in callback output
2014-07-14 11:10:52 -05:00
James Cammarata
4fc8d4b6fe Merge pull request #7649 from sivel/vault-password-script
Allow --vault-password-file to work with a script as well as a flat file
2014-07-14 10:57:16 -05:00
Serge van Ginderachter
e8b45a9ef7 Invalidate host/group variables cache when loading
extra varsiables based on playbook basedir.
2014-07-14 15:21:33 +02:00
Serge van Ginderachter
d39ff55688 Fix logic bug when loading vars for a new playbook basedir. 2014-07-14 15:12:53 +02:00
James Cammarata
db96344966 Re-fixing ability to have empty json files after inventory refactoring 2014-07-11 13:20:00 -05:00
James Cammarata
4e5eb7559e Merge branch 'svg_and_inventory_refactor' into devel 2014-07-10 14:43:07 -05:00
Bjorn Neergaard
08f97c0b9d Fix hostname when get_distribution_version() returns a string.
The distro version is a string ('jessie/sid') on Debian unstable and testing.
Because load_platform_subclass() evaluations every subclass as it loops,
comparing numbers when get_distribution_version() does not return a number will
break.

This patch fixes that by returning a number (`0`) when we have an invalid
version, instead of returning `None` or a string.
2014-07-10 11:27:03 -07:00
Dan Slimmon
307a3e8a9c Fixed regex square-bracket bug.
Regexes were being parsed like ordinary ansible host patterns, so
square-bracket groups were getting interpolated wrongly.
2014-07-10 00:08:12 +00:00
James Cammarata
b8ac094eaa Tweak to only show msg on assert failure if set 2014-07-08 14:05:24 -05:00
James Cammarata
16332b8488 Merge branch 'assert-with-msg' of https://github.com/darkk/ansible into darkk-assert-with-msg 2014-07-08 13:56:08 -05:00
James Cammarata
aa261bdd14 Optimizing groups_for_host() lookup in inventory 2014-07-07 21:08:39 -05:00
James Cammarata
fe892fccb1 Merge remote-tracking branch 'svg/varsplugins_refactor' into svg_and_inventory_refactor 2014-07-07 14:16:37 -05:00
James Cammarata
11a5fc85f4 Merge branch 'inventory_refactoring' into svg_and_inventory_refactor 2014-07-07 13:11:58 -05:00
James Cammarata
bcf83cbc24 Merge branch 'sergevanginderachter-inventorytree' into svg_and_inventory_refactor 2014-07-07 13:11:52 -05:00
Serge van Ginderachter
ff4119adc0 Performance optimization in resolving host patterns
Avoid resolving a pattern that is a plain host. When matching a hostname in the
hosts_cache, just use the host object from there.

When running a task on say 750 hosts, this yields a huge improvement.
2014-07-07 12:50:50 -05:00
Matt Martz
6591dd560d Show delegate_to hint in callbacks 2014-07-07 12:39:08 -05:00
Leonid Evdokimov
d94395f48c assert: add optional msg argument
Sample playbook when it may be useful:
```
- uri: return_content=yes url={{ api_base }}/action/{{ inventory_hostname }}
  register: output
- assert:
    msg: '{{ output.json | to_nice_json }}'
    that:
      - output.json.foo != "bar"
      - output.json.boo == 42
```
2014-07-07 19:05:17 +04:00
James Cammarata
7f8de3a265 Merge pull request #8024 from kcghost/7941
removed port from domain name qualification, fixes #7941
2014-07-04 23:15:17 -05:00
James Cammarata
ff04b2b532 Allow empty yaml vars files
Fixes #7843
2014-07-04 23:10:32 -05:00
Michael DeHaan
51e014d915 Merge pull request #8012 from cchurch/callback_cleanup
Callback plugin cleanup
2014-07-03 19:29:59 -05:00
Michael DeHaan
c2ac8fda1e Data from inventory scripts should be able to use nested Jinja2 expressions. 2014-07-03 16:11:14 -04:00
Henry Finucane
de64bbdc5f Support a whitelisted subset of jinja2 template options 2014-07-02 21:14:26 -07:00
Casey Fitzpatrick
7115cb1f37 removed port from domain name qualification, fixes 7941 2014-07-02 19:54:50 -04:00
Marc Abramowitz
5b783e0bc6 Error if private_key_file is group/world readable
Currently, if you have this, ansible fails with a generic error and
suggests running again with `-vvvv`. This isn't bad but pinpointing the
specific problem immediately is even more user-friendly.

```
$ ls -l devops.pem
-rw-r--r--+ 1 marca  staff  1679 Jul  2 11:25 devops.pem

$ ansible -m ping --private-key=devops.pem mt3-pyweb01
mt3-pyweb01 | FAILED => private_key_file (devops.pem) is group-readable or world-readable and thus insecure - you will probably get an SSH failure
```
2014-07-02 13:44:53 -07:00
James Cammarata
81f35323e9 Revert "Fix get_distribution() for platforms that may have spaces"
This reverts commit 2493020d9f.
2014-07-02 09:44:44 -05:00
Chris Church
955dadf743 Remove runner_on_error callback that is never used. 2014-07-01 17:02:10 -04:00
Chris Church
4e98e3785a Reset play attribute on callback plugins when a play fails. 2014-07-01 17:02:10 -04:00
Chris Church
30fae95efe Change variable from pattern to name to correctly indicate what is being passed to the callback. 2014-07-01 17:02:09 -04:00
James Cammarata
8ed6350e65 When parsing json from untrusted sources, remove templating tags 2014-07-01 14:14:14 -05:00
James Cammarata
eeb597360e Further safe_eval fixes 2014-07-01 14:14:14 -05:00
dewey hylton
379e1a49cb fix swap translation on 4.x openbsd with 2.5.4 python 2014-06-30 17:23:55 -04:00
Michael Scherer
f0a7139290 Fix exec_command prototype for the plugin 2014-06-28 13:06:40 +02:00
mesk41in
488aec3936 Fix unsupported regexp parameter in assemble 2014-06-27 13:54:59 +04:00
James Cammarata
539426f612 Performance tuning inventory functions for large inventories 2014-06-26 23:15:39 -05:00