* linux facts - return proper broadcast address
Check that the value being returned is actually a broadcast address
* Add tests
* Cleanup tests
(cherry picked from commit e6bf202738)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* Ensure we have enough values to split (#56802)
Avoid raising an exception if pkgstr does not complains with expected
value.
(cherry picked from commit 433c98eae0)
* Add changelog
Co-authored-by: Adrián López <adrianlzt+github@gmail.com>
* use security_fix category in changelogs
(cherry picked from commit 3d5217b6d5)
* these fragments do not say CVE but are security fixes
(cherry picked from commit 8d0c1ff51d)
Co-authored-by: Alicia Cozine <acozine@users.noreply.github.com>
* Make changelog tool be more strict about suffixes
Change:
- Files must end in .yml or .yaml, and must not be dotfiles.
- This is to prevent (for example) emacs backup files (.yml~) from being
included in changelogs during releases.
- Backport of https://github.com/ansible-community/antsibull-changelog/pull/33
Signed-off-by: Rick Elrod <rick@elrod.me>
As Molecule started to use https://github.com/ansible-community/molecule/discussions we need to update documentation before retiring
the molecule-users mailing list.
(cherry picked from commit b7ee07215d)
Co-authored-by: Sorin Sbarnea <ssbarnea@users.noreply.github.com>
* rebase conflicts
* [stable-2.9] Allow single vault encrypted values to be used directly as module parameters. Fixes#68275 (#70607).
(cherry picked from commit a77dbf0866)
Co-authored-by: Matt Martz <matt@sivel.net>
pipe lookup plugin uses Popen with shell=True intentionally.
This is considered a security issue if user input is not validated.
Updated docs to reflect this information for the user. Also, added
Bandit B602 documentation link for further reading.
Fixes: #70159
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit e5649ca3e8)
Added additional condition to detect failed task in
selective callback plugin when ran with loop or with_items.
Fixes: ansible/ansible#63767
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
- ensure we preserve the typeerror part of the exception so loop defereed error handling
can postpone those caused by undefined variables until the when check is done.
- fix tests to comply with the 'new normal'
- human_to_bytes and others can issue TypeError not only on 'non string'
but also bad string that is not convertable.
Co-authored-by: Sloane Hertel <shertel@redhat.com>
Co-authored-by: Sloane Hertel <shertel@redhat.com>
(cherry picked from commit cf89ca8a03)
* Do not pass decrypt parameter to assemble module
* Add integration tests where decrypt=True
* Add changelog #70465
(cherry picked from commit 71c378e139)
* Add user flags before container id in podman exec
When user provides an ansible_ssh_user, podman connection
plugin includes this values as `--user` flag. This patch
fixes the location of this flag according to podman exec command help.
Fixes: ansible/ansible#65220
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Don't use mount in case of specified user
Co-authored-by: Sagi Shnaidman <sshnaidm@redhat.com>
(cherry picked from commit cc8d4bb4510bcc79537ed3fa591fb9cace576ae9)
* Make sure ansible_become treated as a boolean (#70484)
* Make sure ansible_become treated as a boolean
(cherry picked from commit 8aca464b8b)
* Update test/integration/targets/inventory_ini/aliases
Co-authored-by: Sam Doran <sdoran@redhat.com>
Co-authored-by: Sam Doran <sdoran@redhat.com>
* Use the first galaxy server supporting v1 for roles. Fixes#65440
* Add changelog fragment
* This is best effort, fall back to original behavior if something bad happens
(cherry picked from commit 1f1d6e5)
Co-authored-by: Matt Martz <matt@sivel.net>
Fix command line construction in the puppet module
related to check mode and using manifests directly.
Also, fixes 69ead0ba78 which
introduced another if-statement in the middle of a if/elif pair,
which causes the elif to execute together with the original if
which created '--noop --no-noop' commands.
Fixes: #60576
Fixes#70168
ci_complete
Co-authored-by: Brian Coca <bcoca@users.noreply.github.com>
Co-authored-by: Matt Clay <matt@mystile.com>
(cherry picked from commit b05e00e99a)
A recent updated to psutil, which is a dependency of ansible-runner, fails
to install on older versions of pip.
Commit with the breaking change:
135628639b
(cherry picked from commit 9d27d7c8b1)
Co-authored-by: Sam Doran <sdoran@redhat.com>
Previously windows instances on Shippable would be automatically directed to us-east-2.
(cherry picked from commit 1cf26896c5)
Co-authored-by: Matt Clay <matt@mystile.com>
Lightbulb is deprecated in favor of https://ansible.github.io/workshops/. Update links accordingly.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit e4f48c920c)
The current author line wants to match a github author id. But
some people, including the OpenStack project, do not use github,
and additionally do not claim individual ownership but instead
group ownership.
Since there are already a couple of hard-coded examples in the
regex, just add one more. Alternately we could come up with some
mechanism to indicate that the author is purposely not listing
a github id, but that seems a bit heavywight.
Now empty `*.py` files are ignored during module_utils import analysis for change detection.
This eliminates "No imports found" warnings for files which should have no imports.
(cherry picked from commit ab27680318)
Martin Krizek