* Properly handle unauthenticated yum proxy config (#51915)
Fixes#51548
Signed-off-by: Adam Miller <admiller@redhat.com>
(cherry picked from commit 2721ed260e)
* Fix: Yum module does not use proxy when username is not set #51548 (#51994)
* add test of yum with proxy
* Properly handle unauthenticated yum proxy config
Fixes#51548
* shell executable is bash
(cherry picked from commit c2a409a9e0)
* Raise AnsibleConnectionError on winrm con errors
Currently all uncaught exceptions of the requests library that is used
in winrm will lead to an "Unexpected failure during module execution".
Instead of letting all exceptions bubble up we catch the connection
related errors (inkl. timeouts) and re-raise them as
AnsibleConnectionError so Ansible will mark the host as unreachable and
exit with the correct return code.
This is especially important for Zuul (https://zuul-ci.org) to
distinguish between failures and connection/host related errors.
* Update lib/ansible/plugins/connection/winrm.py
Co-Authored-By: westphahl <westphahl@gmail.com>
* Add changelog fragment
* Disallow use of remote home directories containing .. in their path
* Add CVE to changelog
(cherry picked from commit b34d141)
Co-authored-by: Matt Martz <matt@sivel.net>
* Update GetBiosBootOrder to use standard spec resources (#51764)
* update GetBiosBootOrder to use standard spec resources
* handle case where BootOrder is present but BootOptions is missing
(cherry picked from commit e0538610bf)
* add changelog fragment and fix merge issue
* Test out Server 2019 - ci_complete
* run tests and continue on error - ci_complete
* Add the full matrix back in
(cherry picked from commit 0334c20630)
This is an implementation of 8bffcf8e50
that was done in the PR https://github.com/ansible/ansible/pull/48082 to devel.
The changes have been manually brought across to the the stable-2.7 branch as it
cannot be cleanly cherry picked due to the substantial differences in become
between these versions.
Currently we impersonate the `SYSTEM` token in order to elevate our become
process with the highest privileges it has available but there are some edge
cases where the first `SYSTEM` token we come across doesn't have the
`SeTcbPrivilege` which is required for the above. This PR adds a further check
in the search for a `SYSTEM` token to make sure it has the `SeTcbPrivilege`
before continuing.
Fixes: #51534
* set valid_until equal to current time + spot_wait_timeout
* add setting ValidUntil to value
* add changelog fragment
* fix shebang issue
(cherry picked from commit d40f0313e2)
* [stable-2.7] ios retry config if section filter fails (#49485)
* Attempt to work around devices that don't understand | section
* Fix case of no flags
(cherry picked from commit 6caed0c)
Co-authored-by: Nathaniel Case <this.is@nathanielca.se>
* Add changelog
* aws_ec2 Implement the missing 'region discovery' (#51333)
* aws_ec2 Implement the missing 'region discovery'
fixes#45288
tries to use api as documented (which seems to fail in latest boto3 versions)
and fallback to boto3 'hardcoded' list of regions
* fixes and cleanup, add error for worst case scenario
* fix tests, remove more unused code
* add load_name
* acually load the plugin
* set plugin as required
* reverted test changes, removed options tests
* fixes as per feedback and cleanup
* Allow default regions list to use flexible credential types
* recent changes to args for hosted template file broke the test; changed test to use a specific known-working commit instead of `master`.
* long-term may want to consider hosting the template in httptester or just embedding a local copy
(cherry picked from commit 46bf387)
Co-authored-by: Matt Davis <mrd@redhat.com>
* remove default from delegate_facts to inherit (#45492)
* remove default from delegate_facts to inherit
fixes#45456
* test delegate_facts
* added note about inheritance and defaults
* yamllint
(cherry picked from commit 8743e6ae2e)
* added changelog
* Add coherency between check and normal mode see issue #24633
* Add changelog fragment for the PR
* Make change following PR comment
* Remove trailing whitespace
(cherry picked from commit 240d1a6afb)
* Always check envvars when auth parameter is not provided
This will make it so that all code using the get_api_client
method will make use of the environment variables, instead of
silently ignoring them if default values haven't been set. This
affects at least the k8s lookup plugin.
* Add changelog
(cherry picked from commit 0be66113d4)
* description updated to mention valid value
The only valid value for userns_mode on docker run command is "host". This should be mentioned in description because it is hard to find in docker documentation as well: https://github.com/docker/docker.github.io/issues/7071
(cherry picked from commit d9135f3960)
* Update lib/ansible/modules/cloud/docker/docker_container.py
Co-Authored-By: TimoKramer <4785848+TimoKramer@users.noreply.github.com>
(cherry picked from commit 27dc399885)
* If network cliconf support `supports_generate_diff` in
that case diff between running and cnadidate config
is generated within Ansible and if check_mode is enabled
in that case return only diff without actually invoking
edit_config()
(cherry picked from commit 8f5cd049d6)
Alan Rominger