Commit Graph

47892 Commits (7cb8594e974666e3bdc8e3ae2ab89c707ba1f7eb)
 

Author SHA1 Message Date
Andrew Klychkov 7cb8594e97 Bugfix of 67377: postgresql_set converts value to uppercase if "mb" or "gb" or "tb" is in the value string (#67418)
* Bugfix of 67377: postgresql_set converts value to uppercase if "mb" or "gb" or "tb" is in the value string

* fix CI

* add changelog

(cherry picked from commit 59bcc9f739)
5 years ago
Martin Krizek 70b4ce5efd
2.9: native types: literal_eval all the things (#68938) (#69044)
* native types: literal_eval all the things (#68938)

With https://github.com/pallets/jinja/pull/1190 merged our short-circuit
is no longer valid (has it ever been?) as now data like ' True ' may go
through our ansible_native_concat function as opposed to going through
intermediate call to Jinja2's native_concat before. Now we need to always
send data through literal_eval to ensure native types are returned.

(cherry picked from commit acdc9eb76d)

* Fix tests
5 years ago
Evgeni Golov 4f909589c2 [2.9] plugin_formatter: sys.exit does not take a file argument
Cleanup of leftover from bcdfdc0cc3.

sys.exit does not take any named argument.

(cherry picked from commit cdad594b16)
5 years ago
Brian Coca b3a1288150 preserve json parsing error (#58461)
* preserve json parsing error
* added test

(cherry picked from commit bbdf77a59f)
5 years ago
Matt Martz e2f7676c5a [stable-2.9] Allow a collection role to call a standalone role by default (#69102)
* Allow a collection role to call a standalone role by default. Fixes #69101

* tweaked changelog text

* Guard against NoneType

Co-authored-by: Matt Davis <nitzmahone@users.noreply.github.com>.
(cherry picked from commit da98fc267a)

Co-authored-by: Matt Martz <matt@sivel.net>
5 years ago
Brian Coca f8a5377cc6 Fix fileglob when using 'file*' vs 'stuff/file*' (#68945)
* Fix fileglob when using 'file*' vs 'stuff/file*'

 when not having dir in glob, files/ subdir was being ignored.

* tests for fileglob

(cherry picked from commit d3cab602a5)
5 years ago
Abhijeet Kasurde 17458a16ca influxdb: Fix documentation (#67807)
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit ed306c7991)
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
5 years ago
Jacob Yundt e5d93a4f11 redfish_config: fix support for boolean BIOS attributes
Backport of ansible-collections/community.general#189 to stable-2.9

Currently the redfish_config module will convert boolean bios_attribute_value
settings to strings (type str). This will cause BMCs expecting booleans to
error out.

This PR will change the default type of bios_attribute_value to 'raw' in order
to support strings and booleans.

Fixes #68251
5 years ago
Andrew Klychkov 604f797f0e mysql_user: fix error No database selected 5 years ago
Abhijeet Kasurde 3fd73750dc [2.9] Docs: point inventory script to respective version
With collections migration, inventory scripts are moved from devel (2.10).
Point docs for inventory script to their respective version.

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
5 years ago
Felix Fontein 2939a90097
Backport of ansible-collections/azure@40fac2381e (ansible-collections/azure#101) to stable-2.9. (#69221) 5 years ago
Abhijeet Kasurde fd828672a5
[2.9] constructed inventory plugin: correct example (#69189)
Fixed 'intersect' filter name in constructed inventory plugin example.

(cherry picked from commit 91d02e1c1f)

Co-authored-by: Kenyon Ralph <kenyon@kenyonralph.com>
5 years ago
Felix Fontein c49f2218de
Mention acme_certificate behavior changes in porting guide caused by a bugfix and previously incorrect examples. (#69167) 5 years ago
Felix Fontein d6dc085b06
[2.9] Fix docs issues in aws_s3_bucket_info and ec2_vpc_vpn (#69166)
* Backport of ansible-collections/community.aws@dedf734b21 (ansible-collections/community.aws#47).

* Backport of ansible-collections/community.aws@4a0e1a4d87 (ansible-collections/community.aws#55).
5 years ago
Rick Elrod b4d66c4991 Add RHEL 8.2 to CI
Change:
RHEL 8.2 GA was released this week, test it in CI instead of 8.1.

Test Plan:
CI

Signed-off-by: Rick Elrod <rick@elrod.me>
5 years ago
Rick Elrod 4a20196492 Enable dnf integration tests on CentOS 8
Change:
We were only testing dnf on RHEL previously.
Test on CentOS 8 as well.

Test Plan:
Ran locally in docker.

Signed-off-by: Rick Elrod <rick@elrod.me>
5 years ago
Rick Elrod 07084217dc [dnf] Make behavior/errors compatible for new DNF
Change:
Extend the logic for custom error handling in the dnf module, so that on
newer DNF (such as DNF that ships with modern Fedora 31 container
images, and ships with RHEL 8.2) we report errors consistently with
older DNF.

Test Plan:
Ran dnf integration tests against an old Fedora 31 container image and a
brand new Fedora 32 container image; tess passed on both.

Signed-off-by: Rick Elrod <rick@elrod.me>
5 years ago
Daniel Mellado a4f13acd85 Revert "Fix missing persistent connection messages (#68496)" (#69147)
This reverts commit 5f6427b1fc.
as it breaks netconf connection. This will be a temporary measure
for unlocking CI until a proper fix is shipped.

Fixes #69065

(cherry picked from commit 9217aeeac1)
Signed-off-by: Daniel Mellado <dmellado@redhat.com>
5 years ago
Matt Clay 8f1a614428 [stable-2.9] Remove obsolete vcenter setup from ansible-test..
(cherry picked from commit a050d892d8)

Co-authored-by: Matt Clay <matt@mystile.com>
5 years ago
Rick Elrod 18f91bbb88 Fix incorrect CVE reference in changelog fragment
Change:
This corrects an incorrect CVE identifier in the changelog entry for
CVE-2020-1735.

Test Plan:
N/A

Tickets:
Refs #67793, #68720

Signed-off-by: Rick Elrod <rick@elrod.me>
5 years ago
Rick Elrod e4a5b4b797 [stable-2.9] pip - Fix check_mode for prerelease packages (#68690)
* pip - Fix check_mode for prerelease packages

Fixes #68592.

Signed-off-by: Rick Elrod <rick@elrod.me>
Co-authored-by: Matt Martz <matt@sivel.net>
(cherry picked from commit 82c60db49b)

Co-authored-by: Rick Elrod <rick@elrod.me>
5 years ago
Matt Clay 6410570643 Update Ansible release version to v2.9.7.post0. 5 years ago
Matt Clay ff7bbbcaf1 New release v2.9.7 5 years ago
Brian Coca 290bfa820d fixed fetch traversal from slurp (#68720)
* fixed fetch traversal from slurp

  * ignore slurp result for dest
  * fixed naming when source is relative
  * fixed bug in local connection plugin
  * added tests with fake slurp
  * moved existing role tests into runme.sh
  * normalized on action excepts
  * moved dest transform down to when needed
  * added is_subpath check
  * fixed bug in local connection

fixes #67793

CVE-2019-3828

(cherry picked from commit ba87c225cd)
5 years ago
Brian Coca 685a4b6d3f safely use vault to edit secrets (#68644)
* when possible, use filedescriptors from mkstemp to avoid race
  * when using path strings, ensure we are always creating the file

CVE-2020-1740
Fixes #67798

Co-authored-by: samdoran
(cherry picked from commit 28f9fbdb5e)
5 years ago
Sloane Hertel d41e38435b
[2.9] CVE-2020-1746 - Remove the params module option from ldap_attr and ldap_entry (#68714)
* Remove the params module option from ldap_attr and ldap_entry

Module options that circumvent Ansible's option handling were disallowed
in:
https://meetbot.fedoraproject.org/ansible-meeting/2017-09-28/ansible_dev_meeting.2017-09-28-15.00.log.html

Additionally, this particular usage can be insecure if bind_pw is set
this way as the password could end up in a logfile or displayed on
stdout.

Fixes CVE-2020-1746

(cherry picked from commit 0ff609f1bc)

* Fix formatting for option names

Co-Authored-By: Felix Fontein <felix@fontein.de>

* Fix fail_json

* fix indentation error

Co-authored-by: Toshio Kuratomi <a.badger@gmail.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
5 years ago
Brian Coca 0b4788a71f prevent ansible_facts injection (#68431)
- also only replace when needed
 - switched from replace to index
 - added test to verify bogus_facts are not accepted

CVE-2020-10684

(cherry picked from commit a9d2ceafe4)
5 years ago
Brian Coca 51d2514753 fix vault temp file handling (#68433)
* fix vault tmpe file handling

 * use local temp dir instead of system temp
 * ensure each worker clears dataloader temp files
 * added test for dangling temp files
 * added notes to data loader

CVE-2020-10685

(cherry picked from commit 6452a82452)
5 years ago
Dmitriy Rabotyagov 65866519e4
support rabbitmq 3.8.x in version check (#66855) (#68137)
* support rabbitmq 3.8.x in version check (#66855)

* support rabbitmq 3.8.x in version check

* Removed extraneous white space

(cherry picked from commit 6b017db05b)

* Add changelog fragment.

Co-authored-by: bitchkat <kjh@flyballdogs.com>
Co-authored-by: Matt Clay <matt@mystile.com>
5 years ago
Sloane Hertel c6c4fbf4a1 subversion module - provide password securely when possible or warn (#67829)
* subversion module - provide password securely with svn command line option --password-from-stdin when possible, and provide a warning otherwise.
* Update lib/ansible/modules/source_control/subversion.py.
* Add a test.

Co-authored-by: Sam Doran <sdoran@redhat.com>
(cherry picked from commit d91658ec0c)
5 years ago
Jordan Borean b2551bb694
ansible-galaxy - Fix tar path traversal issue during install - CVE-2020-10691 - 2.9 (#68601)
* ansible-galaxy - Fix tar path traversal issue during install - CVE-2020-10691 (#68596)

(cherry picked from commit a20a527014)

* Remove extra tests missing from rebase
5 years ago
Jordan Borean cef6296735 WebRequest - Fix use_proxy: no on module options (#68603)
* WebRequest - Fix use_proxy: no on module options

* Fix up changelog fragment

(cherry picked from commit ae1cd27b57)
5 years ago
Florian Apolloner 3bebeb9cc3 Fixed mysql_user module idempotency for long privilege lists. (Fixes #68044) 5 years ago
Abhijeet Kasurde 8d387802ec [2.9] ipa: Remove redundant encoding in json.loads
Backport of https://github.com/ansible-collections/community.general/pull/87

Fixes: ansible/ansible#66592

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
5 years ago
Felix Fontein 2b536b8e82 Backport of ansible-collections/community.general@07e8911fd8 to stable-2.9. 5 years ago
Nathaniel Case a41f09901b
[stable-2.9] Fix missing persistent connection messages (#68496) (#68562)
* [stable-2.9] Fix missing persistent connection messages (#68496)

* Be more proactive about returning module messages

* Move message display to a function, and replace handling already in shutdown().
(cherry picked from commit 5f6427b1fc)

Co-authored-by: Nathaniel Case <ncase@redhat.com>

* Add changelog
5 years ago
nkshrishail ea4f6e1539 nxos_lacp: updated tests to handle platforms not supporting lacp system mac command (#64074)
* Updated nxos_lacp tests to handle platforms not supporting lacp system mac command

* nxos_lacp: addressing comments

* nxos_lacp: Updating image tag search to include more tags

(cherry picked from commit 00193f27eb)

Add changelog for nxos_lacp fix
5 years ago
Egor Zaitsev 852b64b3ba
routeros_facts: prevent crash of module when ipv6 package is not installed (#68554)
* routeros_facts: fix crash when ipv6 is disabled

* Update 64958-routeros-facts-ipv6.yml
5 years ago
Abhijeet Kasurde eec5cc4f73 [2.9] VMware: Use existing DVPG network in vmware_guest_network
* Handle all cases of networks

Fixes: #65968

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit afb71c14bd)
5 years ago
Martin Nečas 61c6a6b7b3
ovirt_storage_domain: fix update_check warning_low_space (#68505)
* ovirt_storage_domain: fix update_check warning_low_space

* add changelog
5 years ago
Sam Doran 0e51aadd8e
[stable-2.9] Add CentOS 8 to the test matrix (#68025)
* Add CentOS 8 to the test matrix (#63649)

(cherry picked from commit 2a7623dd5c)

* Skip PostgreSQL tests on CentOS 8

The tests in devel have diverged significantly from what is in
stable-2.9. It is easiest to skip these test for CentOS 8 in this branch
since they are still being run in devel.
5 years ago
Jordan Borean b0e2321a17 setup - Use original logic for FQDN hostname builder 5 years ago
Simon Dodsley 281af782e2 Fix purefa_snmp errors 5 years ago
Graham Mainwaring 32f41334fb Fix colorization to not extend across newline boundary (#68517)
* Fix colorization to not extend across newline boundary

* Fix unit test to look for the newline outside the coloration

* Add changelog fragment

(cherry picked from commit 2068131589)
5 years ago
Brian Coca 52d509717e fallback to uid when no uname (#68466)
* fallback to uid when no uname

 fixes #68007

Co-Authored-By: Matt Clay <matt@mystile.com>
(cherry picked from commit 1570098e86)
5 years ago
Abhijeet Kasurde 8088ffb853 [2.9] Fix warning message in dense callback plugin
Fix dense callback plugin access to its configuration variables
and remove a warning message

Backport of https://github.com/ansible-collections/community.general/pull/83

Fixes: #64628
5 years ago
Matt Martz 76f1aeb188 [stable-2.9] Always set the discovered interpreter on the delegated host (#64906)
* Always set the discovered interpreter on the delegated host. Fixes #63180

* Make code a little more generic

* Move code into a function

* Implement some changes based on reviews

* Add changelog fragment
(cherry picked from commit 123c624)

Co-authored-by: Matt Martz <matt@sivel.net>
5 years ago
gp 859cdc8695 [2.9] VMware: Fix cluster argument of module vmware_content_deploy_template
(cherry picked from commit 98f19c970f)

Signed-off-by: gp <gp@gparent.net>
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
5 years ago
Abhijeet Kasurde 64d8947f7f [2.9] docs: Fixed "Edit on GitHub" link for plugin, cli
Fixed sphinx theme to navigate "Edit on Github" link to locate correct
plugin, cli source in GitHub repo.

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 2728c2476e)
5 years ago
Brian Coca 80b9a0a25c avoid mkdir -p (#68921)
* also consolidated temp dir name generation, added pid for more 'uniqness'
* generalize error message
* added notes about remote expansion

CVE-2020-1733
fixes #67791

(cherry picked from commit 8077d8e401)
5 years ago