* Prevents callback handle_exception from displaying the captured exception when the task is not failed.
* Added tests.
Co-authored-by: Matt Clay <matt@mystile.com>
* Add AnsiballZ debugging support with debugpy
Adds support for debugging AnsiballZ modules with debugpy which is used
by VSCode as its Python debugger DAP. Debugging can either be done
through a manual Debugpy listening server through a launch.json
configuration or through the new ansible-test --dev-debug-on-deman
argument.
* Fix up integration test
* Simplify config option and move mypy ignore
* Use new API if available and fix typo
* Guard the import of debugpy
* Fix sanity import issue
* Minor cosmetic adjustments
* Simplify debugger setup
* ansible-test - Refactor debugging interface
* Add ansible-test debug integration tests
* Fix ansible-test shell when in unsupported dir
---------
Co-authored-by: Matt Clay <matt@mystile.com>
Fix ssh plugin host variables. Variable names should conform to Python variable naming rules.
, and not contain characters like "[" or "]".
Update unit test
* Test expect module for missing pexpect
* Test expect module for incorrect timeout type
* Test expect module for out of date pexpect failures
* Test pexpect.ExceptionPexpect
Also fixed task naming to be inline with the rest of the file.
* Change pexpect management to venv
* Normalize b_out to b'' when falsy for consistent handling
* Move test venv from /tmp/ to output_dir
* Update tests according to corrections
* Remove break_system_packages when installing pexpect 3.3
* Remove unnecessary if statement
pexpect.run(...) shouldn't ever return None, so it's safe
to remove the check entirely. Maintains 100% coverage
* Mark dependent packages as auto which are installed as part of
deb file installation
Fixes: #78123
Co-authored-by: Matt Clay <matt@mystile.com>
Signed-off-by: Abhijeet Kasurde <Akasurde@redhat.com>
* ansible-doc: print where the description is missing
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
Co-authored-by: Sloane Hertel <19572925+s-hertel@users.noreply.github.com>
* Short-circuit legacy network module prefix->action mapping
* Modified a non-short-circuit compound conditional in a legacy networking path that attempted to resolve an action for any module name containing `_`. The bug was always present, but the typical presentation (an ImportError) was ignored prior to 2.19.
* The legacy networking path should be deprecated and removed in 2.20- a module could still be run under the wrong action if one with a matching prefix is found.
* unit test fix
* Limit askpass prompts to single attempt
OpenSSH client option NumberOfPasswordPrompts defaults to 3 so in case
an incorrect connection password is provided it is excessively tried 3
times. Not only that but running the `_ssh_askpass` entry point multiple
times (via ssh) results in `json.decoder.JSONDecodeError` as after the
first run the shared memory is zero'd and the subsequent runs end up
calling `json.loads` on empty data.
`json.decoder.JSONDecodeError` does not happen prior to Python 3.13 as
the share memory is unlinked automatically on `.close()` and the
`_ssh_askpass` entry point exits with return code 1 before attempting to
load zero'd memory.
Fixes#85359
* changelog and tests
* Update changelogs/fragments/85359-askpass-incorrect-password-retries.yml
Co-authored-by: Matt Davis <6775756+nitzmahone@users.noreply.github.com>
* Update lib/ansible/cli/_ssh_askpass.py
Co-authored-by: Martin Krizek <martin.krizek@gmail.com>
* Avoid race condition in second unlink
---------
Co-authored-by: Matt Davis <6775756+nitzmahone@users.noreply.github.com>
Co-authored-by: Matt Clay <matt@mystile.com>
* The redundant FA declaration was not static, which broke a number of automatic validation behaviors.
* Added tests to assert deferred validation and lack of templating on `import_playbook.vars`.
Co-authored-by: Matt Clay <matt@mystile.com>
* Errors raised in most Jinja operations and plugin invocations are now propagated as Markers, allowing template pipeline to continue execution when a Marker-aware consumer is present.
* Added ability to inspect ExceptionMarkers to Protomatter `dump_object` filter.
* Added tests.
Co-authored-by: Matt Clay <matt@mystile.com>
* added basic key visitor support to variable visitor (off by default)
* transform_to_native_types enables new key visit/conversion
* add test
Co-authored-by: Matt Clay <matt@mystile.com>
* deprecate invalid variable names in inventory
* was previously a hard error for `Host`
* added missing check to `Group`
* swapped blanket Python keyword prohibition with Jinja singleton and `not` check
Co-authored-by: Matt Clay <matt@mystile.com>
* fix invalid variable name test
---------
Co-authored-by: Matt Clay <matt@mystile.com>
* use declarative FA validation
* deleted redundant/broken imperative validation
* added test case to ensure templating
Co-authored-by: Matt Clay <matt@mystile.com>
* added ansible-test integration env/set directive for aliases
* applied to module-serialization-profiles test to enable feature flag
Co-authored-by: Matt Clay <matt@mystile.com>
* Fix handling FileExistsError, instead of only handling OSError when the human-readable error message is "File exists".
Co-authored-by: Matt Clay <matt@mystile.com>
* fix script failed_when bypass
* misuse of AnsibleActionFail for a retryable/alterable error case
* add tests
Co-authored-by: Matt Clay <matt@mystile.com>
* type annotation fixes
---------
Co-authored-by: Matt Clay <matt@mystile.com>
* Add test for a handler including tasks from a variable filename
* Add FieldAttributeBase attribute to indicate if the object should be post validated
Co-authored-by: Matt Davis <6775756+nitzmahone@users.noreply.github.com>
* always allow Marker args to pass through
* always disable pre-emptive trip-on-retrieval for Macro JinjaCallContext
* add macro-callable template expression result test cases
Co-authored-by: Matt Clay <matt@mystile.com>
* replace usage of `IOError` as it is an alias to `OSError`
* replace usage of `socket.error` as it is an alias to `OSError`
* use subclasses of `OSError` rather than inspecting `errno`s
* utilize `exist_ok` parameter of `os.makedirs` rather than ignoring
`FileExistsError`
Make the following changes to the exception handling this patch already
updates to be consistent with the new code:
* use `ex` as a name for exception being handled
* use `from ex` when re-raising exception for additional context
* use f-strings and `!r` for quoting
* pass exceptions to the `exception` parameter of `fail_json`
* use `display.error_as_warning` rather than passing stringified
exception into `display.warning`
Co-authored-by: Matt Clay <matt@mystile.com>
* deprecate DEFAULT_MANAGED_STR and prevent masking of ansible_managed var
* adjust public API behavior
* restore backward-compatible behavior on existing public API
- from_yaml/from_yaml_all filters now preserve trust
- YAML dumping can once again handle undecryptable vaulted values
- increased test coverage
Co-authored-by: Matt Davis <nitzmahone@redhat.com>
* doc - Dynamically document jinja builtins
This change has `ansible-doc` dynamically generate the documentation for
any Jinja builtin filter and test plugins. These dynamic stubs will
point to the official Jinja documentation pages for more information.
* Fix sanity issues
* Add tests
* Update Jinja builtin doc gen
Co-authored-by: Matt Clay <matt@mystile.com>
---------
Co-authored-by: Matt Davis <nitzmahone@redhat.com>
Co-authored-by: Matt Clay <matt@mystile.com>
* Clean up TE error handling, wrap sigalrm handler
* Preserve error detail on AnsibleAction and Connection exceptions.
* Remove multiple layers of unreachable or redundant error handling.
* Wrap manual alarm signal/timeout handling into a context manager, add tests.
Co-authored-by: Matt Clay <matt@mystile.com>
* update error message check in test
* update test timeout message assertions
---------
Co-authored-by: Matt Clay <matt@mystile.com>
async_status and async_wrrapper now use booleans instead of 0/1 for 'thruthyness'
gather_facts also updated
Co-authored-by: 🇺🇦 Sviatoslav Sydorenko (Святослав Сидоренко) <wk.cvs.github@sydorenko.org.ua>
Co-authored-by: Matt Clay <matt@mystile.com>
* Add support for Windows App Control/WDAC
Adds preview support for Windows App Control, formerly known as WDAC.
This is a tech preview feature and is designed to test out improvements
needed in future versions of Ansible.
* Use psd1 and parse it through the Ast to avoid any unexpected execution results
* Add tests for various manifest permutations
* Ignore test shebang failure
* Apply suggestions from code review
Co-authored-by: Matt Davis <6775756+nitzmahone@users.noreply.github.com>
* Use more flexible test expectations
* Add type annotations for shell functions
---------
Co-authored-by: Matt Davis <6775756+nitzmahone@users.noreply.github.com>
* ansible-test - Improve deprecated checking type inference
Also disabled the ``bad-super-call`` pylint rule due to false positives.
* Add type comment support
* Try without using register_transform
For calling setup_test_user, which adds a user to the system (and thus requiring
root):
- become
- become_su
- become_sudo
- slurp
And also:
- apt, which installs/removes system packages
- deb822_repository, which adds/removes apt repos
- hardware_facts calls losetup, which requires root
- package_facts, which installs/removes system packages
Co-authored-by: Lee Garrett <lgarrett@rocketjump.eu>
Fix the logic for a constructable inventory `keyed_groups` entry to use
the `default_value` if the ``key` expression result is `None` or `omit`
and not just an empty string. This bug was introduced with the changes
in data tagging and goes back to the original behaviour.
Co-authored-by: Sloane Hertel <19572925+s-hertel@users.noreply.github.com>
* template module - render `None` as empty string
* Update changelogs/fragments/template-none.yml
Co-authored-by: Matt Davis <6775756+nitzmahone@users.noreply.github.com>
---------
Co-authored-by: Matt Davis <6775756+nitzmahone@users.noreply.github.com>
* remove dead config comment noise
* update `list` typed config defaults to be lists
* fix tag preservation/propagation in config
* numerous other ensure_type bugfixes
* 100% unit test coverage of ensure_type
* emit warnings on template_default failures
* fix unhandled exception in convert_bool on unhashable inputs
Co-authored-by: Matt Clay <matt@mystile.com>
---------
Co-authored-by: Matt Clay <matt@mystile.com>
* See changelog fragment for most changes.
* Defer early config warnings until display is functioning, eliminating related fallback display logic.
* Added more type annotations and docstrings.
* ansible-test - pylint sanity for deprecations improved.
* Refactored inline legacy resolutions in PluginLoader.
Co-authored-by: Matt Clay <matt@mystile.com>
* Implement TaskResult backward compatibility for callbacks
* general API cleanup
* misc deprecations
Co-authored-by: Matt Clay <matt@mystile.com>
* fix v2_on_any deprecation exclusion for base
---------
Co-authored-by: Matt Clay <matt@mystile.com>
* Fix test_range_templating on 32-bit architectures
32-bit archtectures like i386, armel, armhf will fail with the error
ansible._internal._templating._errors.AnsibleTemplatePluginRuntimeError: The
filter plugin 'ansible.builtin.random' failed: Python int too large to convert
to C ssize_t
So just pick sys.maxsize (2**31 - 1) so it works on 32 bit machines.
---------
Co-authored-by: Lee Garrett <lgarrett@rocketjump.eu>
Co-authored-by: Matt Clay <matt@mystile.com>
* Use `_UNSET` instead of allowing `ellipsis`
* Fix deprecation warning pre-check
* Deprecation warnings from modules can now be disabled.
* Deprecation warnings from modules get the "can be disabled" notice.
* Include help text in pre-display fatal errors
* Simplify lookup warning/debug messaging
* Fix return type of `timedout` test plugin
* Use `object` for `_UNSET`
* Remove obsolete `convert_data` tests
* Remove unnecessary template from test
* Improve legacy YAML objects backward compat
* Fix templar backward compat for None overrides
* Added support for URL-safe decoding into b64decode
* Added support for URL-safe encoding into b64encode
Fixes: #84147
Signed-off-by: Abhijeet Kasurde <Akasurde@redhat.com>
* Add ssh-agent launching, and ssh-agent python client
* Move things around, is this better??
* docs
* postpone creating dir after bin lookup
* fix method name
* changelog ssh agent
* address reviews
* fix typing
* do not redefine public_key
* typing
* more typing
* Catch OSError when starting ssh agent
* likely copy pasted old code
* var type fix
* why is this needed?
ci_complete
* ignoring the change for now
* write out pub key file atomically
* defensive timeout for the socket
* _populate_agent docstring
* do not allow setting these in config
* check expected length before slicing blobs
* test all key types
* remove lock/unlock functionality
* docstring
* private _ssh_agent
* .
* launch agent in cli and ansible_ssh_*
* additional info for ssh-agent comment
* Add tests for remove and remove_all
* comment on os.rename
* hopefully mitigate agent startup/delays problems
* exceptions
* unused import
* fix sanity
* perf
---------
Co-authored-by: Matt Martz <matt@sivel.net>
Matt Martz