* rebase conflicts
* [stable-2.9] Allow single vault encrypted values to be used directly as module parameters. Fixes#68275 (#70607).
(cherry picked from commit a77dbf0866)
Co-authored-by: Matt Martz <matt@sivel.net>
pipe lookup plugin uses Popen with shell=True intentionally.
This is considered a security issue if user input is not validated.
Updated docs to reflect this information for the user. Also, added
Bandit B602 documentation link for further reading.
Fixes: #70159
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit e5649ca3e8)
Added additional condition to detect failed task in
selective callback plugin when ran with loop or with_items.
Fixes: ansible/ansible#63767
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
- ensure we preserve the typeerror part of the exception so loop defereed error handling
can postpone those caused by undefined variables until the when check is done.
- fix tests to comply with the 'new normal'
- human_to_bytes and others can issue TypeError not only on 'non string'
but also bad string that is not convertable.
Co-authored-by: Sloane Hertel <shertel@redhat.com>
Co-authored-by: Sloane Hertel <shertel@redhat.com>
(cherry picked from commit cf89ca8a03)
* Do not pass decrypt parameter to assemble module
* Add integration tests where decrypt=True
* Add changelog #70465
(cherry picked from commit 71c378e139)
* Add user flags before container id in podman exec
When user provides an ansible_ssh_user, podman connection
plugin includes this values as `--user` flag. This patch
fixes the location of this flag according to podman exec command help.
Fixes: ansible/ansible#65220
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Don't use mount in case of specified user
Co-authored-by: Sagi Shnaidman <sshnaidm@redhat.com>
(cherry picked from commit cc8d4bb4510bcc79537ed3fa591fb9cace576ae9)
* Make sure ansible_become treated as a boolean (#70484)
* Make sure ansible_become treated as a boolean
(cherry picked from commit 8aca464b8b)
* Update test/integration/targets/inventory_ini/aliases
Co-authored-by: Sam Doran <sdoran@redhat.com>
Co-authored-by: Sam Doran <sdoran@redhat.com>
* Use the first galaxy server supporting v1 for roles. Fixes#65440
* Add changelog fragment
* This is best effort, fall back to original behavior if something bad happens
(cherry picked from commit 1f1d6e5)
Co-authored-by: Matt Martz <matt@sivel.net>
Fix command line construction in the puppet module
related to check mode and using manifests directly.
Also, fixes 69ead0ba78 which
introduced another if-statement in the middle of a if/elif pair,
which causes the elif to execute together with the original if
which created '--noop --no-noop' commands.
Fixes: #60576
Fixes#70168
ci_complete
Co-authored-by: Brian Coca <bcoca@users.noreply.github.com>
Co-authored-by: Matt Clay <matt@mystile.com>
(cherry picked from commit b05e00e99a)
A recent updated to psutil, which is a dependency of ansible-runner, fails
to install on older versions of pip.
Commit with the breaking change:
135628639b
(cherry picked from commit 9d27d7c8b1)
Co-authored-by: Sam Doran <sdoran@redhat.com>
Previously windows instances on Shippable would be automatically directed to us-east-2.
(cherry picked from commit 1cf26896c5)
Co-authored-by: Matt Clay <matt@mystile.com>
Lightbulb is deprecated in favor of https://ansible.github.io/workshops/. Update links accordingly.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit e4f48c920c)
The current author line wants to match a github author id. But
some people, including the OpenStack project, do not use github,
and additionally do not claim individual ownership but instead
group ownership.
Since there are already a couple of hard-coded examples in the
regex, just add one more. Alternately we could come up with some
mechanism to indicate that the author is purposely not listing
a github id, but that seems a bit heavywight.
Now empty `*.py` files are ignored during module_utils import analysis for change detection.
This eliminates "No imports found" warnings for files which should have no imports.
(cherry picked from commit ab27680318)
* galaxy - preserve symlinks on build/install (#69959)
* galaxy - preserve symlinks on build/install
* Handle directory symlinks
* py2 compat change
* Updated changelog fragment
(cherry picked from commit d30fc6c0b3)
* Fix integration test
* ansible-galaxy - fix collection installation with trailing slashes (#70016)
If we fail to find a member when extracting a directory, try adding a trailing
slash to the member name. In certain cases, the member in the tarfile will
contain a trailing slash but the file name in FILES.json will never contain
the trailing slash.
If unable to find the member, handle the KeyError and print a nicer error.
Also check if a directory exists before creating it since it may have been
extracted from the archive.
Fixes#70009
* Add unit tests
* Use loop for trying to get members
(cherry picked from commit d45cb01b84)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* added changelog fragment
* added quick and basic test
* Revert "added quick and basic test"
* This reverts commit 75f4141656.
* added better tests
* now also creating files to copy on the remote
* removed tests for recursive copying which is not supported by remote_src
Fixes: #47050
(cherry picked from commit 79dfae9624)
Co-authored-by: Moritz Grimm <memo42@users.noreply.github.com>
Jordan Borean