Commit Graph

47910 Commits (457a1115e8b7f5f7e5523a6cfc4c3a341ce1705f)
 

Author SHA1 Message Date
Matt Clay 457a1115e8 Update Ansible release version to v2.9.8.post0. 5 years ago
Matt Clay ed2a39d68e New release v2.9.8 5 years ago
Brian Coca 972e55327c [stable-2.9] added missing clog for 58461
(cherry picked from commit 96f504cd11)

Co-authored-by: Brian Coca <brian.coca+git@gmail.com>
5 years ago
Matt Clay 28e9121d94 Disable failing azure_rm_dnszone test.
The module requires updates to work with the current Azure API.
5 years ago
Matt Clay 8b2957aac3 Revert "2.9: native types: literal_eval all the things (#68938) (#69044)"
This reverts commit 70b4ce5efd.
5 years ago
Jordan Borean 330112a45c Fix win_psmodule and win_psrepository tests 5 years ago
Ganesh Nalawade e40b96ed88
Refactor CLI prompt mode check for network plugins (#63945) (#69210)
* Refactor CLI prompt mode check for network plugins (#63945)

* Refactor CLI prompt mode check for network plugins

*  Move the CLI prompt mode check logic from action plugin
   to the controller side with the cliconf plugins.

*  This refactor also allows the network modules
   to initialise the persistent connection with remote device
   only when it is required.

* Fix review comments

(cherry picked from commit c27e47327f)

* Fix cli context check for network_cli connection (#64697)

* Fix cli context check for network_cli connection

Fixes #64575

*  Check cli context for network_cli connection
   at the start of new task run only.

* Pass task_uuid around to identify start of new task run

* Handle for local connection

(cherry picked from commit ee3f8d28a4)

* Add test for reboot & wait_for_connection on EOS & IOS (#63014)

* Add test for reboot & wait_for_connection

* Add test for ios

* Collection-proof block test

* Add junos test

* Don't try to evaluate cli context unless using the connection

* Prevent infinite recursion

* Update change log

(cherry picked from commit e19b94f43b)
(cherry picked from commit ee3f8d28a4)
(cherry picked from commit e19b94f43b)

devel:
https://github.com/ansible/ansible/pull/63945
https://github.com/ansible/ansible/pull/64697
https://github.com/ansible/ansible/pull/63014

Co-authored-by: Nathaniel Case <ncase@redhat.com>
5 years ago
Chih-Hsuan Yen fbf93db4a8 [2.9] service_facts: fix for systemd 245
* service_facts: fix for systemd 245

Since systemd 245, `systemctl list-unit-files` comes with a new column
"VENDOR PRESET" [1] and breaks the service_facts module:

This patch drops the third column to make it work with old and new
systemd. With the new slice operation, IndexError instead of ValueError
is raised if the output contains less than 2 columns.

Test plan: running `ansible-test integration -v service_facts` on
up-to-date Arch Linux

[1] https://github.com/systemd/systemd/pull/14445

* add changelog

Signed-off-by: Chih-Hsuan Yen <yan12125@gmail.com>
Signed-off-by: Rick Elrod <rick@elrod.me>
Co-authored-by: Rick Elrod <rick@elrod.me>
(cherry picked from commit bd4fdb1ca2)
5 years ago
Dusan Matejka 28cc8e6155
[2.9] zabbix_template: fixed zabbix no longer returning macros as part of the template (#69235)
* fixed zabbix no longer returning macros as part of the template (#66996)


(cherry picked from commit c80d0c40ce)

* added changelog fragment
5 years ago
Matt Martz 99e6f4ff54 [stable-2.9] Handle non-ascii paths during role installation. Fixes #69133 (#69213)
(cherry picked from commit bc41dd4)

Co-authored-by: Matt Martz <matt@sivel.net>
5 years ago
Matt Martz 6c2b372d1b [stable-2.9] Address fixme and handle filter/test errors for collections better (#68047)
* Address fixme and handle fitler/test errors for collections better. Fixes #66721

* Re-arrange code
(cherry picked from commit ee6413a)

Co-authored-by: Matt Martz <matt@sivel.net>
5 years ago
Chris Holland ff3275f9bd [2.9] Added missing parameter
The call to daemonize() in sysvinit.py was missing the module parameter
included in the function definition in service.py.

This pull request simply adds that parameter, as the module is
used for error handling in daemonize().

(cherry picked from commit 339c442250)
5 years ago
Andre Lehmann 0ec98cffe2 hostname - Add Manjaro Linux distribution (#64810)
* Add Manjaro Linux distribution

(cherry picked from commit a75a79b84c)
5 years ago
Jesse Pretorius (odyssey4me) 82378406ea [pip] Enable virtualenv_command to have arguments
Currently if virtualenv_command has arguments, then the
search for the binary in the path does not work so the
user has to specify the full path to it.

To allow arguments to be used without having to specify
the path to the binary, we split the module argument into
the command and anything after the first space.

This makes using this module argument more flexible and
user friendly.

Fixes: #52275
(cherry picked from commit da390b297e)
5 years ago
rwagnergit 081ce0e4e1 update ActionBase._low_level_execute_command to honor executable (#68315)
* update ActionBase._low_level_execute_command to honor executable

* adding changelog fragment

* renaming changelog fragment to .yml

* noop change to bump shippable

* adding raw_executable integration test

* copying aliases from raw

* removing blank lines

* skipping aix and freebsd

* noop to bump shippable

* moving tests to raw/

* removing become_method: sudo ; it doesn't work on AIX

* removing trailing blank line

* forcing become_method: su to try to get AIX to work

Co-authored-by: Rob Wagner <rob.wagner@sas.com>
(cherry picked from commit 977b58740b)
5 years ago
Martin Nečas f252494ff2
ovirt_network: allow to remove vlan_tag (#69123)
* ovirt_network: allow to remove vlan_tag

* add changelog

* fix backport

* fix changelog
5 years ago
Martin Nečas ec73968b5d
ovirt_disk: upload image auto detect size (#69150)
* ovirt_disk: upload image autodetect size

* add changelog
5 years ago
Martin Nečas 1432a947e7
ovirt_disk: add warning when uploading wrong format (#69153)
* ovirt_disk: add warning when wrong format

* add changelog

* Update ignore.txt
5 years ago
Andrew Klychkov 7cb8594e97 Bugfix of 67377: postgresql_set converts value to uppercase if "mb" or "gb" or "tb" is in the value string (#67418)
* Bugfix of 67377: postgresql_set converts value to uppercase if "mb" or "gb" or "tb" is in the value string

* fix CI

* add changelog

(cherry picked from commit 59bcc9f739)
5 years ago
Martin Krizek 70b4ce5efd
2.9: native types: literal_eval all the things (#68938) (#69044)
* native types: literal_eval all the things (#68938)

With https://github.com/pallets/jinja/pull/1190 merged our short-circuit
is no longer valid (has it ever been?) as now data like ' True ' may go
through our ansible_native_concat function as opposed to going through
intermediate call to Jinja2's native_concat before. Now we need to always
send data through literal_eval to ensure native types are returned.

(cherry picked from commit acdc9eb76d)

* Fix tests
5 years ago
Evgeni Golov 4f909589c2 [2.9] plugin_formatter: sys.exit does not take a file argument
Cleanup of leftover from bcdfdc0cc3.

sys.exit does not take any named argument.

(cherry picked from commit cdad594b16)
5 years ago
Brian Coca b3a1288150 preserve json parsing error (#58461)
* preserve json parsing error
* added test

(cherry picked from commit bbdf77a59f)
5 years ago
Matt Martz e2f7676c5a [stable-2.9] Allow a collection role to call a standalone role by default (#69102)
* Allow a collection role to call a standalone role by default. Fixes #69101

* tweaked changelog text

* Guard against NoneType

Co-authored-by: Matt Davis <nitzmahone@users.noreply.github.com>.
(cherry picked from commit da98fc267a)

Co-authored-by: Matt Martz <matt@sivel.net>
5 years ago
Brian Coca f8a5377cc6 Fix fileglob when using 'file*' vs 'stuff/file*' (#68945)
* Fix fileglob when using 'file*' vs 'stuff/file*'

 when not having dir in glob, files/ subdir was being ignored.

* tests for fileglob

(cherry picked from commit d3cab602a5)
5 years ago
Abhijeet Kasurde 17458a16ca influxdb: Fix documentation (#67807)
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit ed306c7991)
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
5 years ago
Jacob Yundt e5d93a4f11 redfish_config: fix support for boolean BIOS attributes
Backport of ansible-collections/community.general#189 to stable-2.9

Currently the redfish_config module will convert boolean bios_attribute_value
settings to strings (type str). This will cause BMCs expecting booleans to
error out.

This PR will change the default type of bios_attribute_value to 'raw' in order
to support strings and booleans.

Fixes #68251
5 years ago
Andrew Klychkov 604f797f0e mysql_user: fix error No database selected 5 years ago
Abhijeet Kasurde 3fd73750dc [2.9] Docs: point inventory script to respective version
With collections migration, inventory scripts are moved from devel (2.10).
Point docs for inventory script to their respective version.

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
5 years ago
Felix Fontein 2939a90097
Backport of ansible-collections/azure@40fac2381e (ansible-collections/azure#101) to stable-2.9. (#69221) 5 years ago
Abhijeet Kasurde fd828672a5
[2.9] constructed inventory plugin: correct example (#69189)
Fixed 'intersect' filter name in constructed inventory plugin example.

(cherry picked from commit 91d02e1c1f)

Co-authored-by: Kenyon Ralph <kenyon@kenyonralph.com>
5 years ago
Felix Fontein c49f2218de
Mention acme_certificate behavior changes in porting guide caused by a bugfix and previously incorrect examples. (#69167) 5 years ago
Felix Fontein d6dc085b06
[2.9] Fix docs issues in aws_s3_bucket_info and ec2_vpc_vpn (#69166)
* Backport of ansible-collections/community.aws@dedf734b21 (ansible-collections/community.aws#47).

* Backport of ansible-collections/community.aws@4a0e1a4d87 (ansible-collections/community.aws#55).
5 years ago
Rick Elrod b4d66c4991 Add RHEL 8.2 to CI
Change:
RHEL 8.2 GA was released this week, test it in CI instead of 8.1.

Test Plan:
CI

Signed-off-by: Rick Elrod <rick@elrod.me>
5 years ago
Rick Elrod 4a20196492 Enable dnf integration tests on CentOS 8
Change:
We were only testing dnf on RHEL previously.
Test on CentOS 8 as well.

Test Plan:
Ran locally in docker.

Signed-off-by: Rick Elrod <rick@elrod.me>
5 years ago
Rick Elrod 07084217dc [dnf] Make behavior/errors compatible for new DNF
Change:
Extend the logic for custom error handling in the dnf module, so that on
newer DNF (such as DNF that ships with modern Fedora 31 container
images, and ships with RHEL 8.2) we report errors consistently with
older DNF.

Test Plan:
Ran dnf integration tests against an old Fedora 31 container image and a
brand new Fedora 32 container image; tess passed on both.

Signed-off-by: Rick Elrod <rick@elrod.me>
5 years ago
Daniel Mellado a4f13acd85 Revert "Fix missing persistent connection messages (#68496)" (#69147)
This reverts commit 5f6427b1fc.
as it breaks netconf connection. This will be a temporary measure
for unlocking CI until a proper fix is shipped.

Fixes #69065

(cherry picked from commit 9217aeeac1)
Signed-off-by: Daniel Mellado <dmellado@redhat.com>
5 years ago
Matt Clay 8f1a614428 [stable-2.9] Remove obsolete vcenter setup from ansible-test..
(cherry picked from commit a050d892d8)

Co-authored-by: Matt Clay <matt@mystile.com>
5 years ago
Rick Elrod 18f91bbb88 Fix incorrect CVE reference in changelog fragment
Change:
This corrects an incorrect CVE identifier in the changelog entry for
CVE-2020-1735.

Test Plan:
N/A

Tickets:
Refs #67793, #68720

Signed-off-by: Rick Elrod <rick@elrod.me>
5 years ago
Rick Elrod e4a5b4b797 [stable-2.9] pip - Fix check_mode for prerelease packages (#68690)
* pip - Fix check_mode for prerelease packages

Fixes #68592.

Signed-off-by: Rick Elrod <rick@elrod.me>
Co-authored-by: Matt Martz <matt@sivel.net>
(cherry picked from commit 82c60db49b)

Co-authored-by: Rick Elrod <rick@elrod.me>
5 years ago
Matt Clay 6410570643 Update Ansible release version to v2.9.7.post0. 5 years ago
Matt Clay ff7bbbcaf1 New release v2.9.7 5 years ago
Brian Coca 290bfa820d fixed fetch traversal from slurp (#68720)
* fixed fetch traversal from slurp

  * ignore slurp result for dest
  * fixed naming when source is relative
  * fixed bug in local connection plugin
  * added tests with fake slurp
  * moved existing role tests into runme.sh
  * normalized on action excepts
  * moved dest transform down to when needed
  * added is_subpath check
  * fixed bug in local connection

fixes #67793

CVE-2019-3828

(cherry picked from commit ba87c225cd)
5 years ago
Brian Coca 685a4b6d3f safely use vault to edit secrets (#68644)
* when possible, use filedescriptors from mkstemp to avoid race
  * when using path strings, ensure we are always creating the file

CVE-2020-1740
Fixes #67798

Co-authored-by: samdoran
(cherry picked from commit 28f9fbdb5e)
5 years ago
Sloane Hertel d41e38435b
[2.9] CVE-2020-1746 - Remove the params module option from ldap_attr and ldap_entry (#68714)
* Remove the params module option from ldap_attr and ldap_entry

Module options that circumvent Ansible's option handling were disallowed
in:
https://meetbot.fedoraproject.org/ansible-meeting/2017-09-28/ansible_dev_meeting.2017-09-28-15.00.log.html

Additionally, this particular usage can be insecure if bind_pw is set
this way as the password could end up in a logfile or displayed on
stdout.

Fixes CVE-2020-1746

(cherry picked from commit 0ff609f1bc)

* Fix formatting for option names

Co-Authored-By: Felix Fontein <felix@fontein.de>

* Fix fail_json

* fix indentation error

Co-authored-by: Toshio Kuratomi <a.badger@gmail.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
5 years ago
Brian Coca 0b4788a71f prevent ansible_facts injection (#68431)
- also only replace when needed
 - switched from replace to index
 - added test to verify bogus_facts are not accepted

CVE-2020-10684

(cherry picked from commit a9d2ceafe4)
5 years ago
Brian Coca 51d2514753 fix vault temp file handling (#68433)
* fix vault tmpe file handling

 * use local temp dir instead of system temp
 * ensure each worker clears dataloader temp files
 * added test for dangling temp files
 * added notes to data loader

CVE-2020-10685

(cherry picked from commit 6452a82452)
5 years ago
Dmitriy Rabotyagov 65866519e4
support rabbitmq 3.8.x in version check (#66855) (#68137)
* support rabbitmq 3.8.x in version check (#66855)

* support rabbitmq 3.8.x in version check

* Removed extraneous white space

(cherry picked from commit 6b017db05b)

* Add changelog fragment.

Co-authored-by: bitchkat <kjh@flyballdogs.com>
Co-authored-by: Matt Clay <matt@mystile.com>
5 years ago
Sloane Hertel c6c4fbf4a1 subversion module - provide password securely when possible or warn (#67829)
* subversion module - provide password securely with svn command line option --password-from-stdin when possible, and provide a warning otherwise.
* Update lib/ansible/modules/source_control/subversion.py.
* Add a test.

Co-authored-by: Sam Doran <sdoran@redhat.com>
(cherry picked from commit d91658ec0c)
5 years ago
Jordan Borean b2551bb694
ansible-galaxy - Fix tar path traversal issue during install - CVE-2020-10691 - 2.9 (#68601)
* ansible-galaxy - Fix tar path traversal issue during install - CVE-2020-10691 (#68596)

(cherry picked from commit a20a527014)

* Remove extra tests missing from rebase
5 years ago
Jordan Borean cef6296735 WebRequest - Fix use_proxy: no on module options (#68603)
* WebRequest - Fix use_proxy: no on module options

* Fix up changelog fragment

(cherry picked from commit ae1cd27b57)
5 years ago