* Git allows embedding username and password in repo URL for
https authentication. This may lead to exposing the user sensitive
information to logs and unautheticated users.
Adding no_log will partially solve this.
* Added documentation warning user about URL embedded with username
and password.
* Added logic to remember user sensitive information for later sanitization
Fixes: #84557
(cherry picked from commit 19e9f3d)
Signed-off-by: Abhijeet Kasurde <Akasurde@redhat.com>
* skip 'no such file or directory' error code while files and
directories and report them.
Fixes: #84873
Signed-off-by: Abhijeet Kasurde <Akasurde@redhat.com>
(cherry picked from commit 5280850130)
connection: local is wrong as configured remote python does not always match controller
missing the timeout to wait 300s before error
(cherry picked from commit 3690819ee8)
* uri: form location correctly from relative redirect
Previously, the original URL would be combined with the relative location incorrectly, especially for URL of any complexity.
Add simple tests demonstrating the problem that fail without the fix
* fix pylint error, import the method similar to other uri methods
* add changelog fragment
Signed-off-by: Abhijeet Kasurde <Akasurde@redhat.com>
(cherry picked from commit 61a6222e0e)
Co-authored-by: Robert Muir <rmuir@apache.org>
Fix up bug when attempting to run any module on a Windows host that has
been configured with WDAC and Dynamic Code Security in audit mode. This
does not enable WDAC support with signed scripts so Ansible will still
not pass the audit events but it no longer fails to run.
(cherry picked from commit e5ec1ee76c)
Prevents `Group state for \"customenvgroup\" not found` error which may
or may not be a regression in dnf5. Just name groups/envs uniquely to
workaround the issue.
(cherry picked from commit 09391f38f0)
* Link to amazon.aws.aws_ec2 inventory plugin.
* Mention that refresh_inventory does not update the selected hosts for a play.
* Address comments by bcoca.
* Apply suggestions from code review
---------
Co-authored-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit ea2fe793aa)
* [fix] `warn_if_reserved` expects a list (#84624)
Fixes#84623
(cherry picked from commit 48d71ba3aa)
* changelog
* Test include_vars reserved variable matching (#84678)
* Add test case for include_vars
* Revise test to catch erroneous warnings
(cherry picked from commit 333ee8d010)
---------
Co-authored-by: Dominique Quatravaux <dominique@quatravaux.org>
Also added automatic retries on HTTP request exceptions, since all currently implemented methods (GET/PUT/DELETE) are idempotent.
(cherry picked from commit 7677bf1c9b)
Improves the logic for parsing CLIXML values in the stderr returned by
SSH. This fixes encoding problems by having a fallback in case the
output is not valid UTF-8. It also can now extract embedded CLIXML
sequences in all of stderr rather than just at the start.
(cherry picked from commit f86c58e2d2)
Fixes the coverage path translation for modules located in integration
test paths. Instead of trying to match by the unique temporary path name
that the module is executed as, the reporting tool will translate it to
the static path that the module is actually located under.
(cherry picked from commit f9b58fa13f)
prompt now only errors if stdin is specifically triggered and not due to lack of other args
fixes#84489
---------
Co-authored-by: Sloane Hertel <19572925+s-hertel@users.noreply.github.com>
(cherry picked from commit a046ef5a95)
* fix warnings about reserved variable names to cover all sources (#84432)
Also remove redundant check from tqm
Now covers module output (set_fact/include_vars)
Includes play objects at any stage (tasks that error were not covered)
Added tests, moved them to role structure
(cherry picked from commit 20baf29a2a)
* fix template (#84563)
also fix gather_subset warning and add some comments/notes
---------
Co-authored-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 675d7201d8)
* reserved vars, avoid gather_subset (#84575)
(cherry picked from commit 3398c102b5)
gather_facts, fix network_os and smart logic and defaults
setup will be default for smart only if network_os is not set, now you get warnings and errors when missing a valid facts module for a network os
Co-authored-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit c64c389007)
* Make sure we are always using Lock from our multiprocessing context
* add clog frag
(cherry picked from commit 73d8f4ad46)
Co-authored-by: Matt Martz <matt@sivel.net>
The test has been updated to use a custom type which does not support pickling,
instead of relying on Jinja's `Undefined` type. As of Jinja 3.1.5 that type now
supports pickle, which breaks the original implementation of the test.
(cherry picked from commit 5ec236b)
Matt Martz