* Add version ceiling for pypsrp
Add a version ceiling for the pypsrp requirements. This ensures that the
future v1.0.0 release won't impact existing users who install the
library using the version range specified.
* Use constraints file
* Add changelog for this change
(cherry picked from commit 2ed6c30929)
* Fix installing roles containing symlinks
Fix sanitizing tarfile symlinks relative to the link directory instead of the archive
For example:
role
├── handlers
│ └── utils.yml -> ../tasks/utils/suite.yml
The link ../tasks/utils/suite.yml will resolve to a path outside of the link's directory, but within the role
role/handlers/../tasks/utils/suite.yml
the resolved path relative to the role is tasks/utils/suite.yml, but if the symlink is set to that value, tarfile would extract it from role/handlers/tasks/utils/suite.yml
* Replace overly forgiving test case with tests for a symlink in a subdirectory of the archive and a symlink in the archive dir when these are not equivalent.
* Build test case from role files to make it easier to add test cases
Fixes#82702Fixes#81965Fixes#82051
(cherry picked from commit e84240db84)
Until ansible-core 2.12 the facts cache file created by this module, have permission set as 644 which allows the other users to read the cache, since ansible-core 2.13, we create the temporary file, but we do not set the permission after renaming the temporary file. Adding the line to set the permission to allow other users/groups to read this file.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
Co-authored-by: Rudnei Bertol Junior <rudnei@redhat.com>
When using winrm over HTTP with message encryption enabled and a task
has timed out the connection plugin will fail to cleanup the WinRM
command. This will change that exception into a warning as a timeout is
already an exception event and a failure to clean the operation should
not override the timeout error shown.
(cherry picked from commit 8aecd1f9b2)
* dnf5: replace removed API calls (#83020)
* dnf5: replace removed API calls
bfb6f32e1596c9188f9c
* call set_group_with_name instead of setting group_with_name
c7b88428f3
---------
Co-authored-by: Matt Martz <matt@sivel.net>
(cherry picked from commit 4e57249d59)
* Fallbacks for brand new APIs that don't exist in released dnf5 (#83022)
(cherry picked from commit 57750e2cf7)
---------
Co-authored-by: Matt Martz <matt@sivel.net>
allow_duplicates is not part of the role uniqueness, so the value on the cached role may not match the current role.
* remove the allow_duplicates check from Role.has_run() which operates on the deduplicated role
* check the current role's allow_duplicates value in the strategy
(cherry picked from commit b3d8cdde5d)
Co-authored-by: Martin Krizek <martin.krizek@gmail.com>
If the connection plugin fails to write the data to run to stdin we will
only attempt to get the output with one operation attempt. If this times
out we will consider the command to have failed and raise an exception
instead of forever attempting to get the output.
(cherry picked from commit 942424e10b)
* Remove role name conversion based on whether the repo name starts with
ansible-role
This was added in 2.3 to match the Galaxy ui behavior of truncating the
'ansible-role-' prefix automatically, but the new backend requires an
alternate name to be provided or defined in the ``galaxy_info``
metadata.
Roles that were imported using the ansible-role-$name convention will
need to use ``--role-name`` or add ``role_name`` to the ``galaxy_info``
dictionary in ``meta/main.yml``.
changelog
* Update changelogs/fragments/fix-default-ansible-galaxy-role-import-name.yml
* Update changelogs/fragments/fix-default-ansible-galaxy-role-import-name.yml
Co-authored-by: flowerysong <junk+github@flowerysong.com>
---------
Co-authored-by: flowerysong <junk+github@flowerysong.com>
(cherry picked from commit d7be3824fe)
Set the tarfile attribute to a normalized value from unfrackpath instead
of validating path parts and omiting potentially invald parts
Allow tarfile paths/links containing '..', '$', '~' as long as the
normalized realpath is in the tarfile's role directory
(cherry picked from commit 3a42a00368)
* Allow older pickle protocols to pickle unsafe classes. Fixes#82356
* Address issues when iterating or getting single index from AnsibleUnsafeBytes. Fixes#82375
* clog frag
(cherry picked from commit afe3fc1)
* [backport-2.15] Add FreeBSD 13.2 to ansible-test (#80698)
(cherry picked from commit d12aa7f69c)
* [backport-2.15] remove Freebsd 13.1 from test matrix (#81058)
* remove Freebsd 13.1 from test matrix
fixes#80416
Co-authored-by: Matt Clay <matt@mystile.com>
(cherry picked from commit 534f688a53)
* Revert to the original Python versions for the branch
Co-authored-by: Matt Martz <matt@sivel.net>
---------
Co-authored-by: Brian Coca <bcoca@users.noreply.github.com>
Co-authored-by: Matt Martz <matt@sivel.net>
* Ensure that unsafe is more difficult to lose
* Add Task.untemplated_args, and switch assert over to use it
* Don't use re in first_found, switch to using native string methods
* If nested templating results in unsafe, just error, don't continue
(cherry picked from commit 586f1924512b01305f896d9ae4732773023013a3)
* ci_complete
* Check if skeleton is /dev/null while creating home folder
* Add test for linux
(cherry picked from commit 25b3d3a)
Co-authored-by: Holger Dörner <42909210+HolgerDoerner@users.noreply.github.com>
* Import role public (#81772)
revert to previous behavior to push vars to play at compile time
add `public` parameter to allow per import control of exporting (vs just the global config)
Co-authored-by: tchernomax <maxime.deroucy@gmail.com>
Co-authored-by: Sloane Hertel <19572925+s-hertel@users.noreply.github.com>
(cherry picked from commit ab6a544e86)
* adapted to prev version
- removed new functionality
- restored global config functioning overriding specific public option
* remove typoe
* quote it
(cherry picked from commit 9a4bc7e7b3)
Matt Clay