Commit graph

30960 commits

Author SHA1 Message Date
Abhijeet Kasurde
e139739ab3
iptables: Add a note about ipv6-icmp (#70915)
ipv6-icmp ping is valid protocol and adding note about
it in protocol parameter.

Fixes: #70905

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-07-30 14:16:43 -05:00
Sloane Hertel
54e2ae79e7
fix downloading collections in git repos and tar.gz artifacts (#70524)
* Fix downloading tar files

* Fix downloading SCM collections

* changelog
2020-07-30 13:55:29 -04:00
Sam Doran
e6bf202738
linux facts - return proper broadcast address (#64528)
* linux facts - return proper broadcast address

Check that the value being returned is actually a broadcast address

* Add tests

* Cleanup tests
2020-07-30 19:40:14 +02:00
Sam Doran
c4f442ed5a
facts - fix incorrect time for some date_time_facts (#70665)
The iso8601_micro and iso8601 facts incorrectly called now.utcnow(), resulting
in a new timestamp at the time it was called, not a conversion of the previously
stored timestamp.

Correct this by capturing the UTC timestamp once then calculating the local
time using the UTC offset of the current system.

* Use time.time() for getting the current time
* Convert from that stored epoch timestamp to local and UTC times
* Used existing timestamp for epoch time
* Add unit tests that validate the formate of the return value rather than an exact value since mocking time and timezone is non-trivial
2020-07-30 11:39:58 -04:00
Quentin Dawans
fcea87926f
Support manjaro arm in hostname module (#69861) 2020-07-30 13:52:19 +05:30
Sam Doran
dc79528cc6
Fix warning for new default permissions when mode is not specified (#70976)
Follow up to #70221
Related to #67794
CVE-2020-1736

When set_mode_if_different() is called with mode of 'None', ensure we issue
a warning about the change in default permissions.

Add integration tests to ensure the warning works properly.

* Fix tests
- actually use custom module 🤦‍♂️
- verify file permission on created files
- use remote_tmp_dir so we're ready for split controller
- improve test module so we can skip the call to set_fs_attributes_if_different()
- fix tests for CentOS 6
2020-07-30 00:05:29 -04:00
Rick Elrod
14dc4de424
Update docs for --tags default, and add some tests (#70939)
Change:
- Clarify that not passing `--tags` will cause `ansible_run_tags` to
  default to `["all"]`.
- Add some extra coverage around `ansible_run_tags`

Test Plan:
- New integration and unit tests

Tickets:
- Fixes #69619

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-07-29 17:16:57 -05:00
Jordan Borean
b1cb2553af
ansible-galaxy - fix fallback for AH searches (#70957) 2020-07-30 07:28:43 +10:00
Sam Doran
a24f51d9e5
package - use existing list of package manages from facts (#70920) 2020-07-29 12:08:11 -04:00
Sam Doran
73a9ad9aea
ansiballz - remove deprecated excommunicate command (#70921) 2020-07-29 12:05:12 -04:00
Rick Elrod
20a7476064
git: verify, only use --raw when we need it (#70900)
Change:
- Allow older git to verify tags again
- Enable verification tests everywhere, even if most of them only work
  on newer git. Some of them work on older git and they test the --raw
  parameter.

Test Plan:
- Re-enabled subset of git tests

Tickets:
- Fixes #64469

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-07-29 10:45:51 -05:00
Brian Coca
f9c3c6cba6
Allow changed/failed mgmt on strategy actions (#70919)
* Allow changed/failed mgmt on strategy actions
2020-07-29 10:44:46 -04:00
Rick Elrod
c19a10e13a
RHEV virt facts: Detect vdsmd in addition to vdsm (#70901)
Change:
- Look for the `vdsmd` process in addition to `vdsm` as before.

Tickets:
- Fixes #66147

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-07-28 11:35:34 -04:00
Rick Elrod
7d32129efb
[dnf] show installations/removals in check_mode (#70892)
Change:
- Previously, we only showed that something would have changed, not what
  would have changed. This allows us to show what will chang as well.

Test Plan:
- Local RHEL8 VM
- New integration tests

Tickets:
- Fixes #66132

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-07-28 11:23:55 -04:00
Matt Davis
45c2eb6c0a
lineinfile - fix broken exception handling (#70846)
* prevent (ExceptionType) is not subscriptable errors
* tweak error message and use text conversion
* add to_text import
2020-07-28 10:30:32 -04:00
Rick Elrod
be4be926c4
subversion Give subversion module a validate_certs option (#70890)
* Give subversion module a validate_certs option

Change:
- Add `validate_certs` option to subversion module. Defaults to off for
  backwards compatibility.

Tickets:
- Fixes #22599

Signed-off-by: Rick Elrod <rick@elrod.me>

* Update changelogs/fragments/22599_svn_validate_certs.yml

Co-authored-by: Abhijeet Kasurde <akasurde@redhat.com>

* test verify_certs codepaths

Signed-off-by: Rick Elrod <rick@elrod.me>

Co-authored-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-07-27 14:18:54 -04:00
fosslinux
4cc4cebc97
reboot - fix Void Linux (#70704)
Add entry for appropriate commands for Void Linux
2020-07-27 09:39:36 -04:00
Amin Vakil
9d2982549d
dnf: Add nobest option (#70318)
* dnf: Add nobest option

* dnf: Fix indent, add nobest specifically to dnf not yum

* Add changelog for dnf: add nobest option

* dnf: Add nobest to yumdnf module argument_spec

* dnf: remove nobest from module paramaters in yumdnf.py

* dnf: Add test for nobest option

* dnf: Cleanup packages in nobest test at last

* dnf: Cleanup manually added repos in nobest test at last

* dnf: Remove dnf-plugins-core as well in nobest test

* dnf: Change nobest release version to 2.11

* Change changelog number according to change in PR number

* Change changelog number according to change in PR number
2020-07-27 12:02:07 +02:00
Rick Elrod
205eda335f
[ansible_builtin_runtime.yml] fix text[fs]m typo (#70893)
Change:
- textsfm -> textfsm

Test Plan:
- Out-of-band ansible_builtin_runtime.yml checker script

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-07-25 17:44:43 -05:00
Brian Coca
1223ce656a
reset logging to INFO (#70878)
- due to CVE-2019-14846
 - also added comments and test to avoid 'oportunistic' reversion
2020-07-24 15:53:17 -04:00
Mykola Grygoriev
953aa26286
Get serial number of NVMe device without sg_inq (#70284)
* Get serial number of NVMe device without sg_inq

* Add changlelog for #70284

* Use get_file_content() to get serial number from a file
2020-07-24 00:35:10 -05:00
Rick Elrod
21ac550828
virtualization facts: check /dev/kvm as a fallback (#70829)
Change:
- On Linux, there are situations where a host might be a KVM host but
  not have the kernel module enabled (it might be compiled in instead).
  In these cases, /dev/kvm will still exist, and rather than reporting
  NA, we should report that the host is a KVM host.

Test Plan:
- Local

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-07-23 19:50:04 -05:00
Jordan Borean
5e1a968983
Do not add connection vars to the output results (#70853)
* Do not add connection vars to the output results

* Also revert the delgated scenario JIC

* Added regression test
2020-07-24 09:53:08 +10:00
Matt Davis
4c0af6c808
fix internal cases of actions calling unqualified module names (#70818)
* fix internal cases of actions calling unqualified module names

* add porting_guide entry
* misc other fixes around action/module resolution broken by redirection

ci_complete

* Update docs/docsite/rst/porting_guides/porting_guide_2.10.rst

Co-authored-by: Rick Elrod <rick@elrod.me>

* Update docs/docsite/rst/porting_guides/porting_guide_2.10.rst

Co-authored-by: Rick Elrod <rick@elrod.me>

* address review feedback

* pep8

* unit test fixes

* win fixes

* gather_facts fix module args ignores

* docs sanity

* pep8

* fix timeout test

* fix win name rewrites

Co-authored-by: Rick Elrod <rick@elrod.me>
2020-07-23 09:02:57 -07:00
Abhijeet Kasurde
e439194c8c
basic: Add name of aliases in error message (#69427)
With this patch, user will be notified with available aliases
of arg parameter.

Fixes: #58752

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-07-23 16:02:18 +05:30
Sam Doran
5260527c4a
Change default file permissions so they are not world readable (#70221)
* Change default file permissions so they are not world readable

CVE-2020-1736

Set the default permissions for files we create with atomic_move() to 0o0660. Track
which files we create that did not exist and warn if the module supports 'mode'
and it was not specified and the module did not call set_mode_if_different(). This allows the user to take action and specify a mode rather than using the defaults.

A code audit is needed to find all instances of modules that call atomic_move()
but do not call set_mode_if_different(). The findings need to be documented in
a changelog since we are not warning. Warning in those instances would be frustrating
to the user since they have no way to change the module code.

- use a set for storing list of created files
- just check the argument spac and params rather than using another property
- improve the warning message to include the default permissions
2020-07-22 17:05:38 -04:00
David Shrewsbury
bf98f031f3
Sanitize URI module keys with no_log values (#70762)
* Add sanitize_keys() to module_utils.

* More robust tests

* Revert 69653 change

* Allow list or dict

* fix pep8

* Sanitize lists within dict values

* words

* First pass at uri module

* Fix insane sanity tests

* fix integration tests

* Add changelog

* Remove unit test introduced in 69653

* Add ignore_keys param

* Sanitize all-the-things

* Ignore '_ansible*' keys

* cleanup

* Use module.no_log_values

* Avoid deep recursion issues by using deferred removal structure.

* Nit cleanups

* Add doc blurb

* spelling

* ci_complete
2020-07-22 14:49:37 -05:00
Brian Coca
84adaba6f5
Allow hostvars delegation (#70331)
* ensure hostvars are available on delegation
* also inventory_hostname must point to current host and not delegated one
* fix get_connection since it was still mixing original host vars and delegated ones
* also return connection vars for delegation and non delegation alike
* add test to ensure we have expected usage when directly assigning for non delegated host
2020-07-22 11:13:57 -04:00
Nathaniel Case
06a4fc2833
Document existing ansi_re sequences and add ESC[m (#70683)
* Document existing ansi_re sequences and add `ESC[m`

* Add changelog
2020-07-22 08:56:21 -04:00
John R Barker
481cd30129
runtime: aws_netapp_cvs_filesystems (#70781) 2020-07-22 11:15:48 +01:00
Abhijeet Kasurde
8cccede0d4
basic: use PollSelector implementation (#70352)
Some platform such as ESXi does not implement EpollSelector,
which is selected by DefaultSelector. Use SelectSelector which is
based upon 'select' implementation. This works perfectly with
a platform like VMware ESXi.

Fixes: #70238

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-07-22 09:18:21 +05:30
Matt Martz
96b74d3e0b
Ensure single vaulted values aren't counted as sequences. Fixes #70784 (#70786) 2020-07-21 16:48:35 -05:00
Baptiste Mille-Mathias
0ead4306a8
user - Create home and parent directories only when requested (#70600)
The home user and the parents directories should only be created when
create_home == True
2020-07-21 15:50:44 -04:00
psi / Ryo Hirafuji
5ce47646ad
cron - Allow non-ascii (UTF-8) chars in cron file paths and jobs (#70426)
* Encode/Decode files in UTF-8
* Use helper function in ansible
* Add an integration test
* Use emoji in test data.
* add changelog
* Also support non-ascii chars in filepath and add tests about this.
* Also use non-ascii chars in replaced text and ensure not to break cron syntax.
* rename self.existing to self.n_existing
* rename crontab.existing to crontab.n_existing
2020-07-21 15:00:21 -04:00
Abhijeet Kasurde
4f96f9826c
distribution: Add support for DragonFly (#70748)
partially fixes #43739

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-07-21 13:47:11 -04:00
John R Barker
1e0d83524c
runtime os_image_facts is now called os_image_info (#70776) 2020-07-21 11:45:26 -04:00
Felix Fontein
8188bce0ff
Redirect restored modules to community.general. (#70769) 2020-07-21 07:46:03 +01:00
Rick Elrod
69472a5f8d
Refactor _fixup_perms2 to remove way-nested logic (#70701)
Change:
- Refactoring to make it harder to get wrong and easier to read.
- Generalize become_unprivileged tests and fix some that never worked
  but also never failed.

Test Plan:
- CI, new units/integration tests

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-07-20 18:46:47 -05:00
Felix Fontein
707e8b6e0c
ansible_builtin_runtime.yml fixes (#70767)
* Correct name is modules, not mso: https://github.com/CiscoDevNet/ansible-mso/blob/master/plugins/doc_fragments/modules.py

* The port_ went missing.

https://github.com/CiscoDevNet/ansible-aci/blob/master/plugins/modules/aci_interface_policy_port_channel.py
https://github.com/ansible/ansible/blob/stable-2.9/lib/ansible/modules/network/aci/aci_interface_policy_port_channel.py

https://github.com/CiscoDevNet/ansible-aci/blob/master/plugins/modules/aci_interface_policy_port_security.py
https://github.com/ansible/ansible/blob/stable-2.9/lib/ansible/modules/network/aci/aci_interface_policy_port_security.py

* Fix typo.
2020-07-20 15:38:50 -07:00
Matt Martz
eb06488e1d
Remove preview status from TOML inventory (#70770) 2020-07-20 17:47:29 -04:00
Mohamed Javeed
f9bb5c9c5a
dellemc related module name changes (#70749)
* dellemc related module name changes

* Addressing review comments
2020-07-20 18:53:24 +01:00
Brian Kohles
77d0effcc5
Fix missing quoting for remote_tmp in second mkdir of shell module. Issue #69577 (#69578)
* Fix missing quoting for remote_tmp in second mkdir of shell module. Issue #69577

* adding changelog

* fixing typo in changelog entry

* adding test case

Adding test case written by bmillemayhias.

* using $HOME instead of ~

* fixing commit measage

* Update 69578-shell-remote_tmp-quoting.yaml

Co-authored-by: Brian Kohles <me@briankohles.com>
2020-07-20 11:25:29 -05:00
Abhijeet Kasurde
84b4387702
debconf: add a note about no_log usage (#70738)
debconf module exposes sensitive information to logs, console.
Add a note to user about using no_log=True to hide such
information from console.

Fixes: #32386

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-07-20 21:08:13 +05:30
Sloane Hertel
2811d9486f
Update default from True to False for CONDITIONAL_BARE_VARS (#70709)
ci_complete
2020-07-20 09:29:31 -05:00
Felix Fontein
cf217178c7
Followup to #70610: fix ansible_builtin_runtime.yml redirects to wrong collections (#70725)
* Followup to #70610: fix redirects to wrong collections

* gcp module_utils is in community.general.

* dellos10_* modules are in dellemc_networking.os10, not dellemc.os10.

* intersight_facts was renamed to intersight_info in cisco.intersight in version 1.0.7.

* Fix more dellos10 redirects.
2020-07-19 20:16:52 -05:00
Abhijeet Kasurde
8915f262b4
misc typo fixes (#70736)
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-07-19 18:51:29 -05:00
Matt Martz
f90aa5599f
Don't treat empty excludes as a match. Fixes #70640 (#70710) 2020-07-17 17:34:24 -04:00
Eduard Rozenberg
566c5e6ce1
Handle Slackware OS version strings containing a plus (“+”) (#68142)
A couple of years ago Slackware -current began using a plus (“+”) at the end of the distribution version string to indicate a future version work-in-progress.

Rearrange distribution_files unit tests to easily support more tests
  - add conftest with common fixtures 
  - use parametrize for testing multiple scenarios

* Add changelog
* Add unit tests for Slackware distribution parsing
* Use correct fixtures for Slackware
Data comes from /etc/slackware-version

Co-authored-by: Sam Doran <sdoran@redhat.com>
Co-authored-by: <Eduard Rozenberg <eduardr@pobox.com>>
2020-07-17 16:39:26 -04:00
Jordan Borean
154efd97f2
win async - use full path for powershell (#70703) 2020-07-18 06:08:29 +10:00
Julien
ca5197f784
package_facts - correct package parsing for apk (#70668)
* remove atoms, use rsplit instead of regex
2020-07-17 11:03:49 -04:00