* tests: Use `hg serve` instead of bitbucket for hg
Change:
- Uses `hg serve` instead of a bitbucket repo for hg tests
- bitbucket no longer serves hg
Test Plan:
- CI, fixed integration tests
Signed-off-by: Rick Elrod <rick@elrod.me>
* Disable mongodb_replicaset tests for now
Change:
- 4.0.20 breaks tests, disable for now
Test Plan:
- CI
Tickets:
- https://github.com/ansible-collections/community.mongodb/issues/136
Signed-off-by: Rick Elrod <rick@elrod.me>
* setup_mongodb: Nix RH package installation/removal
Change:
- Our RHEL and CentOS images make these unnecessary and they were
broken.
Test Plan:
- CI
Signed-off-by: Rick Elrod <rick@elrod.me>
* Disable mongodb_shard tests for now
Change:
- 4.0.20 breaks tests, disable for now
Test Plan:
- CI
Tickets:
- https://github.com/ansible-collections/community.mongodb/issues/136
Signed-off-by: Rick Elrod <rick@elrod.me>
* adds year-round link to AnsibleFest from the Ansible docs index page
Co-authored-by: Alicia Cozine <acozine@users.noreply.github.com>
(cherry picked from commit ae3b8eec12)
* Ensure -k is set to delegated hosts without a pass (#71136)
* Ensure -k is set to delegated hosts without a pass
* Fix up some broken tests
* Update task_executor.py
one possible fix, the other is updating winrm to normalize on 'password' like the other connection plugins
* Add alias for winrm and fix incorrect assumption
* Make sure aliases are used for keyword options
* Conditionally run test if sshpass is present, fix sanity
Co-authored-by: Brian Coca <bcoca@users.noreply.github.com>
(cherry picked from commit 3f22f79e73)
* Backport subset of https://github.com/ansible/ansible/pull/69670
* reset logging to INFO (#70878)
- due to CVE-2019-14846
- also added comments and test to avoid 'oportunistic' reversion
(cherry picked from commit 1223ce656a)
* Update keep_log_at_info.yml
Co-authored-by: Rick Elrod <rick@elrod.me>
* template connection variables accessed directly before using (#70657)
* template variables accessed directly when using them instead of FieldAttributes
(cherry picked from commit 8c213c9334)
* changelog
* Detect failure in always block after rescue (#70094)
* Detect failure in always block after rescue
Fixes#70000
ci_complete
* Add more tests
(cherry picked from commit 0ed5b77377)
* add changelog
Co-authored-by: Matt Davis <mrd@redhat.com>
* Allow hostvars delegation (#70331)
* ensure hostvars are available on delegation
* also inventory_hostname must point to current host and not delegated one
* fix get_connection since it was still mixing original host vars and delegated ones
* also return connection vars for delegation and non delegation alike
* add test to ensure we have expected usage when directly assigning for non delegated host
(cherry picked from commit 84adaba6f5)
* avoid returning more data
* remove unused return vars
* Encode/Decode files in UTF-8
* Use helper function in ansible
* Add an integration test
* Use emoji in test data.
* add changelog
* Also support non-ascii chars in filepath and add tests about this.
* Also use non-ascii chars in replaced text and ensure not to break cron syntax.
* rename self.existing to self.n_existing
* rename crontab.existing to crontab.n_existing.
(cherry picked from commit 5ce47646ad)
Co-authored-by: psi / Ryo Hirafuji <ryo.hirafuji@link-u.co.jp>
* try removing name references for state=absent
Signed-off-by: Rick Elrod <rick@elrod.me>
Co-authored-by: psi / Ryo Hirafuji <ryo.hirafuji@link-u.co.jp>
Co-authored-by: Rick Elrod <rick@elrod.me>
* [stable-2.9] Change default file permissions so they are not world readable (#70221)
* Change default file permissions so they are not world readable
CVE-2020-1736
Set the default permissions for files we create with atomic_move() to 0o0660. Track
which files we create that did not exist and warn if the module supports 'mode'
and it was not specified and the module did not call set_mode_if_different(). This allows the user to take action and specify a mode rather than using the defaults.
A code audit is needed to find all instances of modules that call atomic_move()
but do not call set_mode_if_different(). The findings need to be documented in
a changelog since we are not warning. Warning in those instances would be frustrating
to the user since they have no way to change the module code.
- use a set for storing list of created files
- just check the argument spac and params rather than using another property
- improve the warning message to include the default permissions.
(cherry picked from commit 5260527c4a)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* Fix jboss test
* Fix lamdba_policy test
* Fix aws_lamdba test
* Fix warning for new default permissions when mode is not specified (#70976)
Follow up to #70221
Related to #67794
CVE-2020-1736
When set_mode_if_different() is called with mode of 'None', ensure we issue
a warning about the change in default permissions.
Add integration tests to ensure the warning works properly.
* Fix tests
- actually use custom module 🤦♂️
- verify file permission on created files
- use remote_tmp_dir so we're ready for split controller
- improve test module so we can skip the call to set_fs_attributes_if_different()
- fix tests for CentOS 6
(cherry-picked from commit dc79528cc6)
* Use new category in changelog fragments
* banner should not be placed on pages with 'devel' in their titles
* Update docs/docsite/_themes/sphinx_rtd_theme/ansible_banner.html
* Only match paths at the beginning
Co-authored-by: Alicia Cozine <acozine@users.noreply.github.com>
Co-authored-by: Sviatoslav Sydorenko <webknjaz@redhat.com>
(cherry picked from commit 8313cc8fb1)
The repository names seem to have changed and no longer have the "rhui-" prefix.
(cherry picked from commit 6ac4439a6a)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* Fix missing quoting for remote_tmp in second mkdir of shell module. Issue #69577
* adding changelog
* fixing typo in changelog entry
* adding test case
Adding test case written by bmillemayhias.
* using $HOME instead of ~
* fixing commit measage
* Update 69578-shell-remote_tmp-quoting.yaml
Co-authored-by: Brian Kohles <me@briankohles.com>
(cherry picked from commit 77d0effcc5)
Co-authored-by: Brian Kohles <briankohles@users.noreply.github.com>
debconf module exposes sensitive information to logs, console.
Add a note to user about using no_log=True to hide such
information from console.
Fixes: #32386
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 84b4387702)
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
A couple of years ago Slackware -current began using a plus (“+”) at the end of the distribution version string to indicate a future version work-in-progress.
Rearrange distribution_files unit tests to easily support more tests
- add conftest with common fixtures
- use parametrize for testing multiple scenarios
* Add changelog
* Add unit tests for Slackware distribution parsing
* Use correct fixtures for Slackware
Data comes from /etc/slackware-version
Co-authored-by: Sam Doran <sdoran@redhat.com>
Co-authored-by: <Eduard Rozenberg <eduardr@pobox.com>>.
(cherry picked from commit 566c5e6ce1)
Co-authored-by: Eduard Rozenberg <2648417+edrozenberg@users.noreply.github.com>
Co-authored-by: Eduard Rozenberg <2648417+edrozenberg@users.noreply.github.com>
* Add boilerplate snippet into `examples/`
It is a partial backport of #70224
(partially cherry picked from commit 4816bb4f43)
* Refactor Python API examples and docs
PR #70446: it's a follow-up for #70445.
It includes a merge of `examples/scripts/uptime.py` and a similar
code snippet from `docs/docsite/rst/dev_guide/developing_api.rst`.
This patch also changes the docs RST file to include contents of
the example file instead of holding a copy of a similar code.
(cherry picked from commit 20bb915092)
Some platform such as ESXi does not implement EpollSelector,
which is selected by DefaultSelector. Use PollSelector which is
based upon 'Poll' implementation. This works perfectly with
a platform like VMware ESXi.
Fixes: #70238
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 8cccede0d4)
Previous version initialized the `TaskQueueManager` after calling
`Play.load()` while advertising a way to inject a custom library
location path. This caused the tasks loader not to find any custom
modules because it was triggered before the path was actually added
to the module loader.
This patch changes the order of the operations to ensure that the
customized `context.CLIARGS` actually influences things.
Resolves https://github.com/ansible/ansible/issues/69758.
(cherry picked from commit 8d97c8c222)
* prevent (ExceptionType) is not subscriptable errors
* tweak error message and use text conversion
* add to_text import
(cherry picked from commit 45c2eb6c0a)
Co-authored-by: nitzmahone <nitzmahone@users.noreply.github.com>
Co-authored-by: Matt Davis <nitzmahone@users.noreply.github.com>
Martin Krizek