Change:
- Add Ubuntu 20.04 to CI now that venv is default instead of virtualenv in ansible-test.
Test Plan:
- CI
Tickets:
- Fixes#69203
Signed-off-by: Rick Elrod <rick@elrod.me>
combine_vars uses dict.update() to replace keys
(cherry picked from commit 5e03e322de)
* Add tests for merging and replacing vars from inventory sources (#73181)
(cherry picked from commit 9de2da8a7e)
* [stable-2.10] Add macOS 11 to CI (#72622)
* Fix connection_paramiko_ssh test for macOS 11
* Update Azure Pipelines config
* Add changelog
(cherry picked from commit a7e834071c)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* Prefer venv for tests
* Update pip integration test to use venv on py3.
(cherry picked from commit 456e9b7a33)
Co-authored-by: Matt Clay <matt@mystile.com>
Do the right thing on Linux when password lock and a password hash are provided by writing
out the password hash prepended by the appropriate lock string rather than using -U and -L.
This is the correct way to set and lock the account in one command.
On BSD, run separate commands as appropriate since locking and setting the password cannot
be done in a single action.
FreeBSD requires running several commands to get the account in the desired state. As a result,
the rc, output, and error from all commands need to be combined and evaluated so an accurate
and complete summary can be given at the end of module execution.
* Improve integration tests to cover this scenario.
* Break up user integration tests into smaller files
* Properly lock account when creating a new account and password is supplied
* Simplify rc collection in FreeBSD class
Since the _handle_lock() method was added, the rc would be set to None, which could make
task change reporting incorrect. My first attempt to solve this used a set and was a bit too
complicated. Simplify it my comparing the rc from _handle_lock() and the current value of rc.
* Improve the Linux password hash and locking behavior
If password lock and hash are provided, set the hash and lock the account by using a password
hash since -L cannot be used with -p.
* Ensure -U and -L are not combined with -p since they are mutually exclusive to usermod.
* Clarify password_lock behavior..
(cherry picked from commit 264e08f21a)
Co-authored-by: Sam Doran <sdoran@redhat.com>
Change:
- module_utils.basic.is_special_selinux_path() used a string ==
bytestring comparison which returned False and made Ansible think that
certain filesystems aren't, in fact, special-cased, when they should
be. Ensure both sides of the == are bytestrings.
Test Plan:
- Added `copy` integration tests for this case.
Tickets:
- Fixes#70244
Signed-off-by: Rick Elrod <rick@elrod.me>.
(cherry picked from commit 688cd8657b)
PR #72702 introduced a bug that changed the unit name when splitting it up for the purpose
of searching for the unit. This only happens on unit file templates on systems that have a 5.8
or newer kernel and a version of systemd that does not contain a bugfix that causes systmed
to fail to parse dbus.
* Use facts rather than a manual probe to determine if systmed is present
* Remove unnecessary block
* Use vars files instead of set_fact
* Add tests for using a templated unit file
* Update changelog fragment
* Use template to get correct path to sleep binary
(cherry picked from commit 48803604cd)
Co-authored-by: Sam Doooran <sdoran@redhat.com>
* Rename pylint plugin and add tests. (#70225)
* Update ansible-test pylint Python support. (#72972)
* Add integration tests for sanity test failures.
(cherry picked from commit fa48678a08)
* Python 3.8 is now officially supported.
* Python 3.9 is now skipped with a warning.
(cherry picked from commit 37d09f2488)
* Allow key None to prevent errors with import test.
(cherry picked from commit dbc2c996ab)
Backport of https://github.com/ansible/ansible/pull/73003
Co-authored-by: Felix Fontein <felix@fontein.de>
Having the trap exit with a specific code will override
the exit code that caused the trap to run, which could
mask errors
(cherry picked from commit 5157a92139)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* ansible-galaxy collection list and verify now utilize collections in site-packages.
This is a short term fix for #70147. The long term fix needs to handle
install (but that discussion is also bound up in how upgrade is going to
work and where things can get installed so it's deferred for 2.11.)
* Add test for ansible-galaxy collection list with site-packages
Co-authored-by: David Moreau Simard <moi@dmsimard.com>
Co-authored-by: Jordan Borean <jborean93@gmail.com>
(cherry picked from commit e7dee73774)
Co-authored-by: Toshio Kuratomi <a.badger@gmail.com>
* Ensure we only reset the connection when one has been previously established. Fixes#65812
* Ensure psrp doesn't trace
* winrm too
* Indentation fix
(cherry picked from commit a3b6485)
Co-authored-by: Matt Martz <matt@sivel.net>
* Fix 'role_name : tast_name' notation if task contains role name
* Add tests for notifying handler names which contain the role name
Co-authored-by: Thomas Wouters <thomaswouters@gmail.com>
(cherry picked from commit 0ed7bfc694)
The recent update of ptyprocess to 0.7.0 is incompatible with Python 2.6 and
is causing test failures.
* Add setup_pexpect role to expect test
(cherry picked from commit 003a9e890d)
Co-authored-by: Sam Doooran <sdoran@redhat.com>
* remove redundant remote_user for local setting
local action plugin already does and this also should fix
fork/thread issue by removing use of pwd library
fixes#59642
(cherry picked from commit 488b9d6c35)
* ensure local exposes correct user (#72543)
* ensure local exposes correct user
avoid corner case in which delegation relied on
playcontext fallback which was removed
fixes#72541
(cherry picked from commit aa4d53ccdf)
* Consolidate logic for determining whether or not session is interactive
into a single function, is_interactive()
* Increase test coverage
I wasn't able to find a good way of simulating running a backgrounded test with CI since the
whole test is essentially run not in a TTY, which is similar enough to cause the new is_interactive()
function to always return false.
(cherry picked from commit 4b8cb6582b)
Co-authored-by: Sam Doran <sdoran@redhat.com>
When enumerating connections with psutil, catch and ignore errors to avoid returning a stack trace.
Co-authored-by: Matt Martz <matt@sivel.net>
(cherry picked from commit fb09fd2a23)
* Fix missing ansible.builtin FQCNs in hardcoded action names (#71824)
* Make sure hard-coded action names also check for FQCN.
* Use _add_internal_fqcn() to avoid hardcoded lists and typoes.
(cherry picked from commit da60525610)
* Replace some more FQCNs.
(cherry picked from commit 72302dd611)
* file: add symlink is in a sticky directory tests
* file: handle symlink in a sticky directory
Co-Authored-By: Sviatoslav Sydorenko <wk.cvs.github@sydorenko.org.ua>
* Add changelog and fix unit test
The builtins import was removed since it was unused, but it is now needed.
(cherry picked from commit b464d18fd1)
Co-authored-by: Pilou <pierre-louis.bonicoli@libregerbil.fr>
* Add explicit apt tests for fnmatch and update_cache
* Add explicit apt_key tests for fetching key directly from url
* ci_complete ci_coverage
* Remove repo only by repo
* ci_complete ci_coverage
* Add apt cache update after apt_repository to show that the cache doesn't update
* ci_complete ci_coverage
* Add systemd tests for enabling and disabling a service
* ci_complete ci_coverage
* Remove incidental_zabbix_host
* ci_complete ci_coverage
(cherry picked from commit 2f8dbf673e)
* [stable-2.10] [dnf] Some fixes around filtering (#72483)
Change:
- Docs: Add note that security/bugfix apply to dependencies too, like
the dnf command.
- dnf: security/bugfix only makes sense for updates, so limit the
package query sack to available updates.
- tests: Limit tests to our known-good test packages, so that RHEL
packages marked security/bugfix without similarly marked dependencies
don't fail our tests.
Test Plan:
- Tested with `dnf upgrade-minimal --bugfix` and reproduced the same
error currently seen in CI, showing that we are consistent with what
dnf does.
Tickets:
- Likely fixes#72316
Signed-off-by: Rick Elrod <rick@elrod.me>
(cherry picked from commit d8c637da37)
Co-authored-by: Rick Elrod <rick@elrod.me>
* Add changelog (#72502)
(cherry picked from commit b33d7e2e29)
Co-authored-by: Rick Elrod <rick@elrod.me>
* Add a test suite for module_utils.common.dict_transformations
* ci_complete
ci_coverage
Add a wait_for test using delegate_to
* Remove incidental_ec2_instance
* Remove unused test support modules
* Requested changes
ci_complete
ci_coverage
* Oops, put everything back to test coverage again
ci_complete
ci_coverage
* Remove incidental_ec2_instance tests and supporting modules
(cherry picked from commit 960e4c0809)
Co-authored-by: Sloane Hertel <shertel@redhat.com>
* fixes missing set_options call and adhoc and stdout processing rules
* avoid dupes
* fixed to handle redirects
* also updated tests with new and more accurate skip message
* fix callback tests for envs with cowsay installed
* lots MOAR comments on why the code is as it is, some todos to refactor in future
* Use default group of staff on macos to prevent sudo issues
* Install gnu-tar for macos in git and unarchive tests
* Enable timezone module to support py3 on macos
* If the virtualenv command is missing, try python -m virtualenv
* Install passlib for filter_core on macos
* Install paramiko via pip on macos for paramiko tests
* Normalize discovered python interpreter on macos
* Get pip tests passing, by ensuring we have wheel installed
* Create /etc/ansible for ca certs on mac, list lookup_url as destructive
* Fixups for CA certs
* Include macos
* Dynamically get cafile instead of hardcoding the path
(cherry picked from commit 35b0fef536)
Co-authored-by: Matt Martz <matt@sivel.net>
Change:
- Previously when `security: true` and `bugfix: true` were both given,
only security updates would get applied. Filters now accumulate so
that both get applied in this case.
Test Plan:
- New integration tests for both check_mode and not. These tests make
use of a contrived yum repository which is stored in S3.
Tickets:
- Fixes#70854
Signed-off-by: Rick Elrod <rick@elrod.me>
Co-authored-by: Matt Martz <matt@sivel.net>
Co-authored-by: Matt Martz <matt@sivel.net>
(cherry picked from commit fdf80690e4)
The luseradd / lusermod commands do not support the -e option. Set
the expiry time in this case via lchage after the user was
created / modified.
Fixes: #71942
In Python3 math.floor returns an integer whereas Python2 returns a float.
Hence always convert the result of math.floor to an int to ensure that
lexpires is an integer.
Move local expires tests in a separate file and import the tasks to the
main.yml to keep main.yml smaller.
(cherry picked from commit a7170da851)
Change:
- Previously, we only showed that something would have changed, not what
would have changed. This allows us to show what will chang as well.
Test Plan:
- Local RHEL8 VM
- New integration tests
Tickets:
- Fixes#66132
Signed-off-by: Rick Elrod <rick@elrod.me>
(cherry picked from commit 7d32129efb)
Change:
- In this test we end up upgrading dnf (and python3-dnf) so that we can
test its new logging behavior. However, the latest Fedora 32 dnf had a
packaging issue which caused it to not pull in the latest
python3-libdnf. This is fixed, but not synced out to mirrors yet.
Fixing it in this test will get CI passing again in the meanwhile.
Test Plan:
- CI
Tickets:
- https://bugzilla.redhat.com/show_bug.cgi?id=1887502
Signed-off-by: Rick Elrod <rick@elrod.me>
(cherry picked from commit 9ddb1d76af)
This allows collections to specify requirements and constraints for packages that ansible-test has requirements or constraints for.
(cherry picked from commit 5f76bd2af7)
Co-authored-by: Matt Clay <matt@mystile.com>
Change:
- Adds some intentional coverage around PluginLoader for cases that
incidental_azure_rm_resource covered.
- Specifically, modules starting with an underscore, and starting with
an underscore but a symlink.
Test Plan:
- CI
Signed-off-by: Rick Elrod <rick@elrod.me>
(cherry picked from commit cdcf0aa42a)
* Add link to remote.sh from macos.sh
* Add skip/macos to tests that have skip/osx.
(cherry picked from commit 6984081111)
Co-authored-by: Sam Doran <sdoran@redhat.com>
Change:
- pip packages should get removed after, not try to add them again
- Try removing containerd.io package too
Test Plan:
- CI
Signed-off-by: Rick Elrod <rick@elrod.me>
(cherry picked from commit 6a7e637c5f)
Change:
- The docker-ce.repo file for centos does not work on RHEL since it uses
$releasever and on RHEL that is, e.g., "7Server".
- Instead, set up the repo manually.
- Additionally, the docker centos8 repo no longer has old versions, so
we use the (only) version in the repo instead.
Test Plan:
- CI
Signed-off-by: Rick Elrod <rick@elrod.me>
(cherry picked from commit 31ddca4c0d)
The file test will no longer attempt to test attributes if `lsattr -vd` does not work on the system under test.
(cherry picked from commit 17765cd4e8)
Co-authored-by: Matt Clay <mclay@redhat.com>
A recent update to cffi that was yanked is still being installed on our
Mac OS X 10.11 test image since the version of pip there is very old and
does not ignore yanked packages.
Pin the version of pyOpenSSL and its dependencies to fix this and avoid
future spontaneous failures.
(cherry picked from commit 65cdb86c8a)
Co-authored-by: Sam Doran <sdoran@redhat.com>