* [stable-2.9] Allow the use of _paramiko_conn even if the connection hasn't been started. (#61570)
* Allow the use of _paramiko_conn even if the connection hasn't been started.
I'm not sure what the benefit is of Noneing paramiko_conn on close, but will keep for now
* Fix test
* Try to fix up net_put & net_get
* Add changelog.
(cherry picked from commit 50e09be14f)
Co-authored-by: Nathaniel Case <ncase@redhat.com>
* Restore check_prompt and task_uuid
* Fix filedescriptor out of range in select() when running commands
* Simplify the run_command() code
Now that we're using selectors in run_command(), we can simplify some of
the code.
* Use fileobj.read() instead of os.read()
* No longer use get_buffer_size() as we can just slurp all of the data
instead.
Also use a simpler conditional check of whether the selector map is
empty
Co-authored-by: Toshio Kuratomi <a.badger@gmail.com>.
(cherry picked from commit f200487414)
Co-authored-by: Bob Weinand <bobwei9@hotmail.com>
Co-authored-by: Bob Weinand <bobwei9@hotmail.com>
podman_image module uses 'podman push' command with wrong
flag '--remove_signatures' instead of '--remove-signatures'
This patch fixes the given typo.
Fixes: ansible/ansible#67965
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Prevent Ansible 2.9 to choke on collections using deprecation by date or collection_name for deprecation calls.
* Add changelog fragment.
* Fix YAML.
* Improve C# compatibility.
* Add tests for AnsibleModule.
* Fix var name.
* Fix type.
* Update C# code.
* Show deprecation warning if removed_at_date is used for Python modules.
* Update changelogs/fragments/69935-2.10-deprecation-support.yml
Co-authored-by: Alicia Cozine <879121+acozine@users.noreply.github.com>
* Prevent crash of validate-modules if 'removed_in' is not in 'deprecated'.
Co-authored-by: Alicia Cozine <879121+acozine@users.noreply.github.com>
* fix delegation vars usage (debug still shows inventory_hostname) (#69244)
* fix delegation vars usage and reporting
- just pass delegated host vars + task vars to plugins
and avoid poluting with original host vars
- updated tests
(cherry picked from commit 2165f9ac40)
* fix delegated interpreter discovery (#69604)
* fix delegated interpeter
* allow returning fact if it is 'the right host'
* added note for future fix/efficiency
as it stands we rerun discovery for the delegated host
unless its saving facts to itself
* fixed test lacking delegate_to mock
(cherry picked from commit de3f7c7739)
* Fix `ansible -K` become_pass regression (#69629)
* Fix `ansible -K` become_pass regression
Change:
- This fixes a breaking change introduced in
2165f9ac40
Test Plan:
- Local VM for now, with plans to add an integration test for -K going
forward.
Tickets:
Refs #69244
(cherry picked from commit fe9696be52)
* fix discovery on loop with delegation (#70013)
* fix discovery on loop with delegation
fixes#69963
(cherry picked from commit 4c9d9dbb56)
Co-authored-by: Rick Elrod <rick@elrod.me>
* Don't trigger full CI run for changes to changelogs/ and docs/ in collections.
* Add changelog fragment.
* Update changelogs/fragments/68550-ansible-test-docs-changelogs.yml
Co-Authored-By: Matt Clay <matt@mystile.com>
Co-authored-by: Matt Clay <matt@mystile.com>
(cherry picked from commit bae5f18f5c)
Now empty `*.py` files are ignored during module_utils import analysis for change detection.
This eliminates "No imports found" warnings for files which should have no imports.
(cherry picked from commit ab27680318)
Co-authored-by: Matt Clay <matt@mystile.com>
* Address compat issue for collection loading on py26
* Move import_module shim to utils for compat across the codebase
* Enable collection tests on py2.6
* Update changelog fragment
* Simplify code using sys.moduls
* Move compat to module_utils/compat/importlib
* Add back errantly deleted newline
* Remove hack comment
Co-Authored-By: Matt Clay <matt@mystile.com>
Co-authored-by: Matt Clay <matt@mystile.com>
(cherry picked from commit da3a90e88e)
Co-authored-by: Matt Martz <matt@sivel.net>
* fix get_data on case_insensitive fs
* implement case-sensitive-forcing versions of various os.path methods that just pass through on case-sensitive systems.
* catch broader IOError for py2/py3 compat
* optimization: factor out case-insensitive comparison
* implement case-sensitive open
* [stable-2.9] Pin Docker version at 19.03.1
(cherry picked from commit fe941a4045)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* [stable-2.9] Pin docker-ce-cli version in tests (#69620)
Installing docker-ce has a dependency of docker-ce-cli. If the version of docker-ci-cli is not specified, it installs the latest version.
(cherry picked from commit 889da811d7)
Since Ansible 2.9.8, if the fileglob plugin is passed a path containing
a subdirectory of a non-existent directory, it will fail. For example:
lookup('fileglob', '/'): ok
lookup('fileglob', '/foo'): (non-existent): ok
lookup('fileglob', '/foo/bar'): (non-existent): FAIL
The exact error depends on Python 2 or 3, but here is the error on
Python 2:
AttributeError: 'NoneType' object has no attribute 'endswith'
And on Python 3:
TypeError: expected str, bytes or os.PathLike object, not NoneType
This change fixes the issue by skipping paths that are falsey before
passing them to os.path.join().
Fixes: #69450
* Refactor CLI prompt mode check for network plugins (#63945)
* Refactor CLI prompt mode check for network plugins
* Move the CLI prompt mode check logic from action plugin
to the controller side with the cliconf plugins.
* This refactor also allows the network modules
to initialise the persistent connection with remote device
only when it is required.
* Fix review comments
(cherry picked from commit c27e47327f)
* Fix cli context check for network_cli connection (#64697)
* Fix cli context check for network_cli connection
Fixes#64575
* Check cli context for network_cli connection
at the start of new task run only.
* Pass task_uuid around to identify start of new task run
* Handle for local connection
(cherry picked from commit ee3f8d28a4)
* Add test for reboot & wait_for_connection on EOS & IOS (#63014)
* Add test for reboot & wait_for_connection
* Add test for ios
* Collection-proof block test
* Add junos test
* Don't try to evaluate cli context unless using the connection
* Prevent infinite recursion
* Update change log
(cherry picked from commit e19b94f43b)
(cherry picked from commit ee3f8d28a4)
(cherry picked from commit e19b94f43b)
devel:
https://github.com/ansible/ansible/pull/63945https://github.com/ansible/ansible/pull/64697https://github.com/ansible/ansible/pull/63014
Co-authored-by: Nathaniel Case <ncase@redhat.com>
Currently if virtualenv_command has arguments, then the
search for the binary in the path does not work so the
user has to specify the full path to it.
To allow arguments to be used without having to specify
the path to the binary, we split the module argument into
the command and anything after the first space.
This makes using this module argument more flexible and
user friendly.
Fixes: #52275
(cherry picked from commit da390b297e)
* update ActionBase._low_level_execute_command to honor executable
* adding changelog fragment
* renaming changelog fragment to .yml
* noop change to bump shippable
* adding raw_executable integration test
* copying aliases from raw
* removing blank lines
* skipping aix and freebsd
* noop to bump shippable
* moving tests to raw/
* removing become_method: sudo ; it doesn't work on AIX
* removing trailing blank line
* forcing become_method: su to try to get AIX to work
Co-authored-by: Rob Wagner <rob.wagner@sas.com>
(cherry picked from commit 977b58740b)
* Bugfix of 67377: postgresql_set converts value to uppercase if "mb" or "gb" or "tb" is in the value string
* fix CI
* add changelog
(cherry picked from commit 59bcc9f739)
* native types: literal_eval all the things (#68938)
With https://github.com/pallets/jinja/pull/1190 merged our short-circuit
is no longer valid (has it ever been?) as now data like ' True ' may go
through our ansible_native_concat function as opposed to going through
intermediate call to Jinja2's native_concat before. Now we need to always
send data through literal_eval to ensure native types are returned.
(cherry picked from commit acdc9eb76d)
* Fix tests
* Allow a collection role to call a standalone role by default. Fixes#69101
* tweaked changelog text
* Guard against NoneType
Co-authored-by: Matt Davis <nitzmahone@users.noreply.github.com>.
(cherry picked from commit da98fc267a)
Co-authored-by: Matt Martz <matt@sivel.net>
* Fix fileglob when using 'file*' vs 'stuff/file*'
when not having dir in glob, files/ subdir was being ignored.
* tests for fileglob
(cherry picked from commit d3cab602a5)
Change:
We were only testing dnf on RHEL previously.
Test on CentOS 8 as well.
Test Plan:
Ran locally in docker.
Signed-off-by: Rick Elrod <rick@elrod.me>
Change:
Extend the logic for custom error handling in the dnf module, so that on
newer DNF (such as DNF that ships with modern Fedora 31 container
images, and ships with RHEL 8.2) we report errors consistently with
older DNF.
Test Plan:
Ran dnf integration tests against an old Fedora 31 container image and a
brand new Fedora 32 container image; tess passed on both.
Signed-off-by: Rick Elrod <rick@elrod.me>
* fixed fetch traversal from slurp
* ignore slurp result for dest
* fixed naming when source is relative
* fixed bug in local connection plugin
* added tests with fake slurp
* moved existing role tests into runme.sh
* normalized on action excepts
* moved dest transform down to when needed
* added is_subpath check
* fixed bug in local connection
fixes#67793
CVE-2019-3828
(cherry picked from commit ba87c225cd)
* Remove the params module option from ldap_attr and ldap_entry
Module options that circumvent Ansible's option handling were disallowed
in:
https://meetbot.fedoraproject.org/ansible-meeting/2017-09-28/ansible_dev_meeting.2017-09-28-15.00.log.html
Additionally, this particular usage can be insecure if bind_pw is set
this way as the password could end up in a logfile or displayed on
stdout.
Fixes CVE-2020-1746
(cherry picked from commit 0ff609f1bc)
* Fix formatting for option names
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Fix fail_json
* fix indentation error
Co-authored-by: Toshio Kuratomi <a.badger@gmail.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
Nilashish Chakraborty