mirror of https://github.com/ansible/ansible.git
update: latest devel branch
commit
9335ef980b
@ -0,0 +1,2 @@
|
||||
bugfixes:
|
||||
- Fix handlers not being executed in lockstep using the linear strategy in some cases (https://github.com/ansible/ansible/issues/82307)
|
@ -0,0 +1,2 @@
|
||||
bugfixes:
|
||||
- support the countme option when using yum_repository
|
@ -0,0 +1,3 @@
|
||||
---
|
||||
bugfixes:
|
||||
- lookup - Fixed examples of csv lookup plugin (https://github.com/ansible/ansible/issues/83031).
|
@ -0,0 +1,2 @@
|
||||
minor_changes:
|
||||
- facts - add systemd version and features
|
@ -0,0 +1,2 @@
|
||||
minor_changes:
|
||||
- ansible-config has new 'validate' option to find mispelled/forgein configurations in ini file or environment variables.
|
@ -0,0 +1,2 @@
|
||||
bugfixes:
|
||||
- ansible-galaxy role install - fix symlinks (https://github.com/ansible/ansible/issues/82702, https://github.com/ansible/ansible/issues/81965).
|
@ -0,0 +1,2 @@
|
||||
bugfixes:
|
||||
- ansible_managed restored it's 'templatability' by ensuring the possible injection routes are cut off earlier in the process.
|
@ -0,0 +1,3 @@
|
||||
---
|
||||
bugfixes:
|
||||
- assemble - update argument_spec with 'decrypt' option which is required by action plugin (https://github.com/ansible/ansible/issues/80840).
|
@ -0,0 +1,3 @@
|
||||
bugfixes:
|
||||
- dnf - honor installroot for ``cachedir``, ``logdir`` and ``persistdir``
|
||||
- dnf - perform variable substitutions in ``logdir`` and ``persistdir``
|
@ -0,0 +1,2 @@
|
||||
bugfixes:
|
||||
- dnf5 - replace removed API calls
|
@ -0,0 +1,3 @@
|
||||
---
|
||||
bugfixes:
|
||||
- systemd_service - handle mask operation failure (https://github.com/ansible/ansible/issues/81649).
|
@ -0,0 +1,3 @@
|
||||
---
|
||||
bugfixes:
|
||||
- facts - add a generic detection for VMware in product name.
|
@ -0,0 +1,47 @@
|
||||
# Get systemd version and features
|
||||
#
|
||||
# This file is part of Ansible
|
||||
#
|
||||
# Ansible is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# Ansible is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
from __future__ import annotations
|
||||
|
||||
import ansible.module_utils.compat.typing as t
|
||||
|
||||
from ansible.module_utils.facts.collector import BaseFactCollector
|
||||
from ansible.module_utils.facts.system.service_mgr import ServiceMgrFactCollector
|
||||
|
||||
|
||||
class SystemdFactCollector(BaseFactCollector):
|
||||
name = "systemd"
|
||||
_fact_ids = set() # type: t.Set[str]
|
||||
|
||||
def collect(self, module=None, collected_facts=None):
|
||||
systemctl_bin = module.get_bin_path("systemctl")
|
||||
if systemctl_bin and ServiceMgrFactCollector.is_systemd_managed(module):
|
||||
rc, stdout, stderr = module.run_command(
|
||||
[systemctl_bin, "--version"],
|
||||
check_rc=False,
|
||||
)
|
||||
|
||||
systemd_facts = {}
|
||||
|
||||
if rc != 0:
|
||||
return systemd_facts
|
||||
|
||||
systemd_facts["systemd"] = {}
|
||||
systemd_facts["systemd"]["features"] = str(stdout.split("\n")[1])
|
||||
systemd_facts["systemd"]["version"] = int(stdout.split(" ")[1])
|
||||
|
||||
return systemd_facts
|
@ -0,0 +1,5 @@
|
||||
[defaults]
|
||||
cow_selection=random
|
||||
|
||||
[ssh_connection]
|
||||
control_path=/var/tmp
|
@ -0,0 +1,2 @@
|
||||
[defaults]
|
||||
cow_selection=random
|
@ -0,0 +1,2 @@
|
||||
[defaults]
|
||||
cow_destruction=random
|
@ -0,0 +1,2 @@
|
||||
[ssh_connection]
|
||||
controller_road=/var/tmp
|
@ -0,0 +1 @@
|
||||
common_vars/subdir/group0/main.yml
|
@ -0,0 +1 @@
|
||||
../tasks/utils/suite.yml
|
@ -1,78 +1,38 @@
|
||||
- name: create test directories
|
||||
file:
|
||||
path: '{{ remote_tmp_dir }}/dir-traversal/{{ item }}'
|
||||
state: directory
|
||||
loop:
|
||||
- source
|
||||
- target
|
||||
- roles
|
||||
|
||||
- name: create subdir in the role content to test relative symlinks
|
||||
file:
|
||||
dest: '{{ remote_tmp_dir }}/dir-traversal/source/role_subdir'
|
||||
state: directory
|
||||
|
||||
- copy:
|
||||
dest: '{{ remote_tmp_dir }}/dir-traversal/source/role_subdir/.keep'
|
||||
content: ''
|
||||
|
||||
- set_fact:
|
||||
installed_roles: "{{ remote_tmp_dir | realpath }}/dir-traversal/roles"
|
||||
|
||||
- name: build role with symlink to a directory in the role
|
||||
script:
|
||||
chdir: '{{ remote_tmp_dir }}/dir-traversal/source'
|
||||
cmd: create-role-archive.py safe-link-dir.tar ./ role_subdir/..
|
||||
executable: '{{ ansible_playbook_python }}'
|
||||
|
||||
- name: install role successfully
|
||||
command:
|
||||
cmd: 'ansible-galaxy role install --roles-path {{ remote_tmp_dir }}/dir-traversal/roles safe-link-dir.tar'
|
||||
chdir: '{{ remote_tmp_dir }}/dir-traversal/source'
|
||||
register: galaxy_install_ok
|
||||
|
||||
- name: check for the directory symlink in the role
|
||||
- delegate_to: localhost
|
||||
block:
|
||||
- name: Create archive
|
||||
command: "tar -cf safe-symlinks.tar {{ role_path }}/files/safe-symlinks"
|
||||
args:
|
||||
chdir: "{{ remote_tmp_dir }}"
|
||||
|
||||
- name: Install role successfully
|
||||
command: ansible-galaxy role install --roles-path '{{ remote_tmp_dir }}/roles' safe-symlinks.tar
|
||||
args:
|
||||
chdir: "{{ remote_tmp_dir }}"
|
||||
|
||||
- name: Validate each of the symlinks exists
|
||||
stat:
|
||||
path: "{{ installed_roles }}/safe-link-dir.tar/symlink"
|
||||
register: symlink_in_role
|
||||
|
||||
- assert:
|
||||
that:
|
||||
- symlink_in_role.stat.exists
|
||||
- symlink_in_role.stat.lnk_source == installed_roles + '/safe-link-dir.tar'
|
||||
|
||||
- name: remove tarfile for next test
|
||||
file:
|
||||
path: '{{ remote_tmp_dir }}/dir-traversal/source/safe-link-dir.tar'
|
||||
state: absent
|
||||
|
||||
- name: build role with safe relative symlink
|
||||
script:
|
||||
chdir: '{{ remote_tmp_dir }}/dir-traversal/source'
|
||||
cmd: create-role-archive.py safe.tar ./ role_subdir/../context.txt
|
||||
executable: '{{ ansible_playbook_python }}'
|
||||
|
||||
- name: install role successfully
|
||||
command:
|
||||
cmd: 'ansible-galaxy role install --roles-path {{ remote_tmp_dir }}/dir-traversal/roles safe.tar'
|
||||
chdir: '{{ remote_tmp_dir }}/dir-traversal/source'
|
||||
register: galaxy_install_ok
|
||||
|
||||
- name: check for symlink in role
|
||||
stat:
|
||||
path: "{{ installed_roles }}/safe.tar/symlink"
|
||||
register: symlink_in_role
|
||||
path: "{{ remote_tmp_dir }}/roles/safe-symlinks.tar/{{ item }}"
|
||||
loop:
|
||||
- defaults/main.yml
|
||||
- handlers/utils.yml
|
||||
register: symlink_stat
|
||||
|
||||
- assert:
|
||||
that:
|
||||
- symlink_in_role.stat.exists
|
||||
- symlink_in_role.stat.lnk_source == installed_roles + '/safe.tar/context.txt'
|
||||
|
||||
- name: remove test directories
|
||||
- symlink_stat.results[0].stat.exists
|
||||
- symlink_stat.results[0].stat.lnk_source == ((dest, 'roles/safe-symlinks.tar/defaults/common_vars/subdir/group0/main.yml') | path_join)
|
||||
- symlink_stat.results[1].stat.exists
|
||||
- symlink_stat.results[1].stat.lnk_source == ((dest, 'roles/safe-symlinks.tar/tasks/utils/suite.yml') | path_join)
|
||||
vars:
|
||||
dest: "{{ remote_tmp_dir | realpath }}"
|
||||
|
||||
always:
|
||||
- name: Clean up
|
||||
file:
|
||||
path: '{{ remote_tmp_dir }}/dir-traversal/{{ item }}'
|
||||
path: "{{ item }}"
|
||||
state: absent
|
||||
delegate_to: localhost
|
||||
loop:
|
||||
- source
|
||||
- target
|
||||
- roles
|
||||
- "{{ remote_tmp_dir }}/roles/"
|
||||
- "{{ remote_tmp_dir }}/safe-symlinks.tar"
|
||||
|
@ -0,0 +1,25 @@
|
||||
- hosts: A,B
|
||||
gather_facts: false
|
||||
tasks:
|
||||
- block:
|
||||
- command: echo
|
||||
notify:
|
||||
- handler1
|
||||
- handler2
|
||||
|
||||
- fail:
|
||||
when: inventory_hostname == "B"
|
||||
|
||||
- meta: flush_handlers
|
||||
always:
|
||||
- name: always
|
||||
debug:
|
||||
msg: always
|
||||
handlers:
|
||||
- name: handler1
|
||||
debug:
|
||||
msg: handler1
|
||||
|
||||
- name: handler2
|
||||
debug:
|
||||
msg: handler2
|
@ -0,0 +1,25 @@
|
||||
- name: Copy service file for mask operation
|
||||
template:
|
||||
src: mask_me.service
|
||||
dest: /etc/systemd/system/mask_me.service
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0644'
|
||||
notify: remove unit file
|
||||
|
||||
- name: Reload systemd
|
||||
systemd:
|
||||
daemon_reload: true
|
||||
|
||||
- name: Try to mask already masked service
|
||||
systemd:
|
||||
name: mask_me.service
|
||||
masked: true
|
||||
register: mask_test_1
|
||||
ignore_errors: true
|
||||
|
||||
- name: Test mask service test
|
||||
assert:
|
||||
that:
|
||||
- mask_test_1 is not changed
|
||||
- "'Failed to mask' in mask_test_1.msg"
|
@ -0,0 +1,11 @@
|
||||
---
|
||||
- name: Show Gathered Facts
|
||||
ansible.builtin.debug:
|
||||
msg: "{{ ansible_systemd }}"
|
||||
|
||||
- name: Assert the systemd version fact
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- ansible_systemd.version | int
|
||||
- ansible_systemd.version is match('^[1-9][0-9][0-9]$')
|
||||
- ansible_systemd.features | regex_search('(\\+|-)(PAM|AUDIT)')
|
@ -0,0 +1,9 @@
|
||||
[Unit]
|
||||
Description=Mask Me Server
|
||||
Documentation=Mask
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/yes
|
||||
|
||||
[Install]
|
||||
WantedBy=default.target
|
@ -1,29 +0,0 @@
|
||||
---
|
||||
- hosts: testhost
|
||||
gather_facts: false
|
||||
tasks:
|
||||
- set_fact:
|
||||
output_dir: "{{ lookup('env', 'OUTPUT_DIR') }}"
|
||||
|
||||
- name: check strftime
|
||||
block:
|
||||
- template:
|
||||
src: "templates/%necho Onii-chan help Im stuck;exit 1%n.j2"
|
||||
dest: "{{ output_dir }}/79129-strftime.sh"
|
||||
mode: '0755'
|
||||
|
||||
- shell: "exec {{ output_dir | quote }}/79129-strftime.sh"
|
||||
|
||||
- name: check jinja template
|
||||
block:
|
||||
- template:
|
||||
src: !unsafe "templates/completely{{ 1 % 0 }} safe template.j2"
|
||||
dest: "{{ output_dir }}/79129-jinja.sh"
|
||||
mode: '0755'
|
||||
|
||||
- shell: "exec {{ output_dir | quote }}/79129-jinja.sh"
|
||||
register: result
|
||||
|
||||
- assert:
|
||||
that:
|
||||
- "'Hello' in result.stdout"
|
@ -0,0 +1,2 @@
|
||||
[defaults]
|
||||
ansible_managed = Ansible managed: {file} modified on %Y-%m-%d %H:%M:%S by {uid} on {host}({{{{q('pipe', 'uname -a')}}}})
|
Loading…
Reference in New Issue