Commit graph

5657 commits

Author SHA1 Message Date
David Shrewsbury
ff47d3f766
Make sure collection is a list if a str is given (#69081)
* Make sure collection is a list if a str is given

* Call field validation early on collections

Because we are doing work on modifying the collections value before
it is actually validated, we can validate it ourselves early to make
sure the user supplies either a string or list. Dicts are not valid.

The new validation allows us to simplify the _ensure_default_collection()
function. And since the field is now static, we no longer need to specify
a default for it, which also allows us to simplify the function. Since
the default is now removed, we can also remove the sanity/ignore.txt entry
for collectionsearch.py.

New unit tests are added (and the existing one modified) that allow us to
make sure that we throw a parser error if a user specifies something other
than a string or list for the collections value everywhere it can be specified.

* Revert removing the collection default

The default is actually used, so restore it.

* Fix unit tests in test_helpers.py affected by early collection validation
2020-04-28 10:47:11 -05:00
Alexandre Chouinard
91bb5af688
Update ansible-galaxy to handle role requirements (#68288)
* Update galaxy role object to handle requirements

Co-Authored-By: Sandra McCann <samccann@redhat.com>
2020-04-28 10:42:57 -04:00
Joe Cropper
e8d3358427 Ignore GPG key checks on test repo
Disable GPG key checks when installing packages from the test repo.
2020-04-23 14:48:55 -07:00
Joe Cropper
e663391e77 Fix yum test case on ppc64le
This patch covers a few changes to get the yum test case working on ppc64le
CentOS.  Specifically we needed to enable the EPEL repository on CentOS
as well as ensure some of the architecture-specific tasks use the right
set of binaries during their test.
2020-04-23 14:48:30 -07:00
Jesse Pretorius (odyssey4me)
da390b297e [pip] Enable virtualenv_command to have arguments
Currently if virtualenv_command has arguments, then the
search for the binary in the path does not work so the
user has to specify the full path to it.

To allow arguments to be used without having to specify
the path to the binary, we split the module argument into
the command and anything after the first space.

This makes using this module argument more flexible and
user friendly.

Fixes: #52275
2020-04-23 18:13:30 +02:00
Rick Elrod
85bb804cda
Revert "Cap cryptography version for macOS openssl test (#69083)" (#69126)
This reverts commit 1e08bb7a6f.
2020-04-23 08:49:09 -05:00
Adam Miller
8b30360ca9
fixed handling of releasever for all known scenarios (#69057)
Signed-off-by: Adam Miller <admiller@redhat.com>
2020-04-23 09:02:00 +02:00
Rick Elrod
cace616aab
Filter BLACKLIST_EXTS in PluginLoader (#69029)
Change:
Rather than hardcoding .pyo and .pyc, filter on all BLACKLIST_EXTS in
the non-legacy logic of PluginLoader (_find_fq_plugin). The two harcoded
extensions are part of BLACKLIST_EXTS already and this simply adds the
rest of the blacklisted extensions to the check.

In addition, check .endswith() instead of an exact match of the suffix,
like everywhere else that uses BLACKLIST_EXTS. This allows for
blacklisting, for example, emacs's backup files which can appear after
any extension, leading to things like `foo.py~`.

Test Plan:
Ran `ansible-playbook` against a collection where a `foo.py~` module was
getting executed instead of `foo.py` which also appeared in the same
directory. `foo.py~` is no longer executed.

Tickets:
Fixes #22268
Refs #27235

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-04-22 17:20:12 -05:00
Matt Martz
da98fc267a
Allow a collection role to call a standalone role by default (#69102)
* Allow a collection role to call a standalone role by default. Fixes #69101

* tweaked changelog text

* Guard against NoneType

Co-authored-by: Matt Davis <nitzmahone@users.noreply.github.com>
2020-04-22 13:58:08 -05:00
rwagnergit
977b58740b
update ActionBase._low_level_execute_command to honor executable (#68315)
* update ActionBase._low_level_execute_command to honor executable

* adding changelog fragment

* renaming changelog fragment to .yml

* noop change to bump shippable

* adding raw_executable integration test

* copying aliases from raw

* removing blank lines

* skipping aix and freebsd

* noop to bump shippable

* moving tests to raw/

* removing become_method: sudo ; it doesn't work on AIX

* removing trailing blank line

* forcing become_method: su to try to get AIX to work

Co-authored-by: Rob Wagner <rob.wagner@sas.com>
2020-04-22 11:56:35 -05:00
Rick Elrod
1e08bb7a6f
Cap cryptography version for macOS openssl test (#69083)
Change:
New `cryptography` statically links an openssl that is too new for macOS
10.11, so limit to an older cryptography for now.

Test Plan:
Ran the test with `--remote osx/10.11` and it passed.

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-04-21 15:13:46 -05:00
Rick Elrod
d17a44b0c5
Add new arches/OSes for binary_modules tests (#69052) 2020-04-21 00:52:23 -07:00
David Shrewsbury
af44bd4ddd
Fix --start-at-task when skipping tasks with no name (#68951)
Using --start-at-task on a playbook with tasks with no name would fail
if those unnamed tasks were encountered before the targetted start task.
2020-04-21 09:39:17 +02:00
Matt Clay
a8a61829b8 Enable passing tests on power. 2020-04-20 10:07:54 -07:00
Rick Elrod
648b3d43d3
[copy] Add some test coverage for check_mode (#68895)
Change:
Adds some missing coverage for the copy module when `check_mode: True`.

Test Plan:
Ran test with --coverage and looked at the resulting report.

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-04-17 16:09:32 -05:00
Rick Elrod
44a471f6ba
Enable service integration tests for FreeBSD (#68980)
* Enable service integration tests for FreeBSD

Change:
Adds necessary rc file for freebsd, and gets tests passing for it.

Test Plan:
Ran test with `--remote freebsd/12.1` and `--remote freebsd/11.1`. Both
passed.

Signed-off-by: Rick Elrod <rick@elrod.me>

* Update test/integration/targets/service/tasks/rc_setup.yml

Co-Authored-By: Matt Clay <matt@mystile.com>

* fix up comment

Signed-off-by: Rick Elrod <rick@elrod.me>

Co-authored-by: Matt Clay <matt@mystile.com>
2020-04-17 10:41:08 -07:00
Brian Coca
d3cab602a5
Fix fileglob when using 'file*' vs 'stuff/file*' (#68945)
* Fix fileglob when using 'file*' vs 'stuff/file*'

 when not having dir in glob, files/ subdir was being ignored.

* tests for fileglob
2020-04-17 09:51:05 -04:00
Martin Krizek
acdc9eb76d
native types: literal_eval all the things (#68938)
With https://github.com/pallets/jinja/pull/1190 merged our short-circuit
is no longer valid (has it ever been?) as now data like ' True ' may go
through our ansible_native_concat function as opposed to going through
intermediate call to Jinja2's native_concat before. Now we need to always
send data through literal_eval to ensure native types are returned.
2020-04-17 14:59:52 +02:00
Abhijeet Kasurde
3591451bc7
include_role: Strictly check string datatype for *_from (#68958)
Strictly check string datatype for 'tasks_from', 'vars_from',
'defaults_from', and 'handlers_from' in include_role

Fixes: #68515

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-04-17 10:57:41 +05:30
Brian Coca
ac509d489b
Revert "stricter permissions on atomic_move when creating new file (#68970)" (#68983)
This reverts commit 566f2467f6.
2020-04-16 12:52:15 -04:00
Brian Coca
566f2467f6
stricter permissions on atomic_move when creating new file (#68970)
fixes #67794
  updated some tests that expected previous defaults
  CVE-2020-1736
2020-04-16 09:06:18 -04:00
Jordan Borean
702949e64c
windows - fix up env var quoting for unicode single quotes (#68968)
* windows - fix up env var quoting for unicode single quotes

* Add sanity ignore check for smart quotes
2020-04-16 20:24:23 +10:00
Matt Clay
77a916e763
Add more integration tests. (#68972) 2020-04-16 00:53:08 -07:00
Yanis Guenane
46d82179d8
Testing: Add support for CentOS Linux On Power platform (#68130)
* Testing: Add CentOS Linux On Power platform

* Add arch designation to remotes.

This avoids overloading the provider with the arch.

Also add a changelog entry.

Co-authored-by: Matt Clay <matt@mystile.com>
2020-04-15 16:22:17 -07:00
Sam Doran
cdb24e0078
ansible-galaxy - fix listing specific role and role description (#67409)
* ansible-galaxy - fix listing specific role

If the role was not in the first search path, it was reported as not found

* Properly display role description

Default to description to top level description, falling back to the description from within galaxy_info

* Display proper message when a role does not exist

* Add integration tests

* Use context manager

* BSD and macOS ruining all the fun
2020-04-15 15:26:45 -04:00
Martin Krizek
ff1ba39c8a
Prevent templating unused variables for {%include%} (#68749)
Fixes #68699
2020-04-14 10:27:02 +02:00
Sloane Hertel
d91658ec0c
subversion module - provide password securely when possible or warn (#67829)
* subversion module - provide password securely with svn command line option --password-from-stdin when possible, and provide a warning otherwise.
* Update lib/ansible/modules/source_control/subversion.py.
* Add a test.

Co-authored-by: Sam Doran <sdoran@redhat.com>
2020-04-13 10:21:10 -04:00
Matt Martz
d86d20a378
Fix label lookup in the default callback for includes (#68822)
* Replace included_file._args w/ included_file._vars

* Fix item value in output of include_tasks loop

Signed-off-by: Yadnyawalk Tale <ytale@redhat.com>

* Update tests for loop callback fix. Add changelog

Co-authored-by: Yadnyawalk Tale <ytale@redhat.com>

Fixes #65904
Fixes #66018
2020-04-09 13:27:58 -05:00
Rick Elrod
38b7ceb75a
Update docker.txt to use the OpenSUSE 15.1 container image (devel edition) (#68785)
* Update docker.txt to use the OpenSUSE 15.1 container image

Signed-off-by: Rick Elrod <rick@elrod.me>

* handle installing mysql on suse

Signed-off-by: Rick Elrod <rick@elrod.me>

* add changelog fragment

Signed-off-by: Rick Elrod <rick@elrod.me>

* Update changelogs/fragments/ansible-test-opensuse-15.1.yml

Co-Authored-By: Matt Clay <matt@mystile.com>

Co-authored-by: Matt Clay <matt@mystile.com>
2020-04-09 00:26:59 -07:00
Matt Clay
04edd77c42
Update tests to use RHEL 7.8. (#68787)
* Update tests to use RHEL 7.8.

Keeping support for RHEL 7.6 since collections are still using it.

* Fix tests for RHEL 7.7+ due to extras repo name change.
2020-04-08 21:09:52 -07:00
Brian Coca
ba87c225cd
fixed fetch traversal from slurp (#68720)
* fixed fetch traversal from slurp

  * ignore slurp result for dest
  * fixed naming when source is relative
  * fixed bug in local connection plugin
  * added tests with fake slurp
  * moved existing role tests into runme.sh
  * normalized on action excepts
  * moved dest transform down to when needed
  * added is_subpath check
  * fixed bug in local connection

fixes #67793

CVE-2019-3828
2020-04-08 14:28:51 -04:00
Matt Martz
087be1da50
Allow tasks to notify a fqcn handler name (#68213)
* Allow tasks to notify a fqcn handler name

* Add tests. Fixes #68181

* Add changelog fragment

* Add test to ensure handlers are deduped properly with fqcn, role, and just handler names

* Add some docs about new special vars
2020-04-08 11:36:38 -05:00
Matt Clay
148e83f832
Fix ansible-test submodule handling. (#68759)
* Refactor ansible-test integration test.
* Add env --list-files option.
* Add tests for collection files tracked by git.
* Fix ansible-test submodule usage on older git.
* Fix submodule directory detection as files.
* Improve handling of nested source control.
2020-04-08 01:15:49 -07:00
Rick Elrod
4916be24fd
[git] make force=True apply to git fetches (#68691)
Fixes #67972

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-04-06 15:25:24 -05:00
Rick Elrod
f50df67517
coverage for lookup_list (#68683)
* coverage for lookup_list

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-04-06 13:39:18 -05:00
Rick Elrod
82c60db49b
pip - Fix check_mode for prerelease packages (#68690)
* pip - Fix check_mode for prerelease packages

Fixes #68592.

Signed-off-by: Rick Elrod <rick@elrod.me>
Co-authored-by: Matt Martz <matt@sivel.net>
2020-04-06 11:18:48 -05:00
Jordan Borean
ae1cd27b57
WebRequest - Fix use_proxy: no on module options (#68603)
* WebRequest - Fix use_proxy: no on module options

* Fix up changelog fragment
2020-04-02 07:17:50 +10:00
Jordan Borean
6db66bcadd
Add relative module_util support for powershell (#68321)
* Add relative module_util support for powershell

* Added ansible-test classification support
2020-04-01 09:01:18 +10:00
Jordan Borean
a20a527014
ansible-galaxy - Fix tar path traversal issue during install - CVE-2020-10691 (#68596) 2020-04-01 06:39:02 +10:00
Rick Elrod
541384e7b7
coverage for lookup_config (#68566)
Signed-off-by: Rick Elrod <rick@elrod.me>
2020-03-31 09:57:50 -05:00
Matt Clay
7323d5dd0d Fix references to old egg-info directory. 2020-03-30 13:56:43 -07:00
Matt Clay
0fb5593abf
Add initial ansible-test tests for collections. (#68533) 2020-03-29 09:04:27 -07:00
Rick Elrod
835ad75a0a
add test coverage for core filters (#68518)
Also remove now-useless exception handling.
2020-03-27 17:18:27 -07:00
Matt Clay
6a7e438012 Fix code coverage in tests.
Code coverage < 5 must be used.

ci_coverage
2020-03-26 22:41:12 -07:00
Rick Elrod
2af76f16be
Unify yaml style in unarchive tests to be dict-style (refs #68272) (#68477)
Signed-off-by: Rick Elrod <rick@elrod.me>
2020-03-26 18:02:17 -05:00
Sloane Hertel
5945415398
fix using inventory and cache plugins in a collection (#56469)
* Allow custom inventory plugins and cache plugins

If _load_name is not set correctly the cache plugin can't load the documentation (which is also the arg spec)

Fix the existing inventory plugin in the collections tests

Add integration tests for using a cache plugin in a collection

* Set the attribute on the instance instead of the class

Deprecate importing custom CacheModules directly - they should use the cache_loader
2020-03-26 12:05:46 -04:00
Rick Elrod
0651e1c25f
Add some more test coverage for unarchive (#68272)
* Add some more test coverage for unarchive

This moves over (and slightly extends) coverage which was found in
incidental_flatpak_remote.

Signed-off-by: Rick Elrod <rick@elrod.me>

* add a group for testing too, user creation does not mean group creation on all platforms

Signed-off-by: Rick Elrod <rick@elrod.me>

* update the test group assert

Signed-off-by: Rick Elrod <rick@elrod.me>

* Fix style

Signed-off-by: Rick Elrod <rick@elrod.me>

* block/always

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-03-25 16:23:55 -05:00
Rick Elrod
11e678b1b0
coverage for filter/urls.py, including fallback to custom implementations (#68412)
Signed-off-by: Rick Elrod <rick@elrod.me>
2020-03-25 16:23:14 -05:00
Rick Elrod
01638e0ea2
[mathstuff] Get coverage into the 90% range (#68395)
Signed-off-by: Rick Elrod <rick@elrod.me>
2020-03-25 15:33:37 -05:00
Brian Coca
6452a82452
fix vault temp file handling (#68433)
* fix vault tmpe file handling

 * use local temp dir instead of system temp
 * ensure each worker clears dataloader temp files
 * added test for dangling temp files
 * added notes to data loader

CVE-2020-10685
2020-03-25 15:24:04 -04:00