* remove redundant remote_user for local setting
local action plugin already does and this also should fix
fork/thread issue by removing use of pwd library
fixes#59642
(cherry picked from commit 488b9d6c35)
* ensure local exposes correct user (#72543)
* ensure local exposes correct user
avoid corner case in which delegation relied on
playcontext fallback which was removed
fixes#72541
(cherry picked from commit aa4d53ccdf)
Change:
- `udev` is provided by `systemd-udev`, which our `state=present` check
doesn't match. For now, work around this so we don't end up trying to
upgrade all of systemd.
- In the future, we should discuss if the `yum` module does the right
thing here.
Test Plan:
- Locally in docker
- CI
Signed-off-by: Rick Elrod <rick@elrod.me>
When enumerating connections with psutil, catch and ignore errors to avoid returning a stack trace.
Co-authored-by: Matt Martz <matt@sivel.net>
(cherry picked from commit fb09fd2a23)
* Fix missing ansible.builtin FQCNs in hardcoded action names (#71824)
* Make sure hard-coded action names also check for FQCN.
* Use _add_internal_fqcn() to avoid hardcoded lists and typoes.
(cherry picked from commit da60525610)
ci_complete
* Replace some more FQCNs.
(cherry picked from commit 72302dd611)
* Fix another case which was already fixed in stable-2.10.
* Consolidate logic for determining whether or not session is interactive
into a single function, is_interactive()
* Increase test coverage
I wasn't able to find a good way of simulating running a backgrounded test with CI since the
whole test is essentially run not in a TTY, which is similar enough to cause the new is_interactive()
function to always return false.
(cherry picked from commit 4b8cb6582b)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* file: add symlink is in a sticky directory tests
* file: handle symlink in a sticky directory
The builtins import was removed since it was unused, but it is now needed.
(cherry picked from commit b464d18fd1)
Co-authored-by: Pilou <pierre-louis.bonicoli@libregerbil.fr>
Co-Authored-By: Sviatoslav Sydorenko <wk.cvs.github@sydorenko.org.ua>
* [centos6] update container for EOL
Change:
- Reference:
https://lists.centos.org/pipermail/centos-devel/2020-December/056208.html
- Bump centos6 container to 1.25.0
Test Plan:
- ci_complete
Signed-off-by: Rick Elrod <rick@elrod.me>
* update EPEL 6 too which is now archived
Signed-off-by: Rick Elrod <rick@elrod.me>
* bump to 1.26.0
Signed-off-by: Rick Elrod <rick@elrod.me>
* Pull image from Quay to avoid Dockerhub limits
CI tests are failing in certain situations due to the new Docker Hub limits on anonymous pulls. Switch
to pulling an equivalent image from Quay.io.
* Use correct layer SHAs
* Use an image with enough older shas to do the test correctly
* Use images we control on Quay for testing
* Use correct SHA for new images
* Use images from a single repo in Quay but with tags
* Use correct nginx image
* Use correct tags in docker-registry test
* Fix incorrect image name in debug message
* Use our busybox image
* Little more alpine image cleanup
Change:
- The repo we were testing with no longer seems to exist. Point to one
that does.
Test Plan:
- local test in docker
- CI
Signed-off-by: Rick Elrod <rick@elrod.me>
The recently released version of cffi fails to install on systems with an older version of gcc. In
our case, this in the CentOS 6 test image. There is a fix but it has not yet been released.
https://foss.heptapod.net/pypy/cffi/-/issues/480
* Try to load network action plugin from the same collection as the module
* Alter tests to match
Just make sure the action plugin is as qualified as the module it is paired with
(cherry picked from commit 3dbc03d58a)
Co-authored-by: Nathaniel Case <ncase@redhat.com>
* [stable-2.9] [dnf] Some fixes around filtering (#72483)
Change:
- Docs: Add note that security/bugfix apply to dependencies too, like
the dnf command.
- dnf: security/bugfix only makes sense for updates, so limit the
package query sack to available updates.
- tests: Limit tests to our known-good test packages, so that RHEL
packages marked security/bugfix without similarly marked dependencies
don't fail our tests.
Test Plan:
- Tested with `dnf upgrade-minimal --bugfix` and reproduced the same
error currently seen in CI, showing that we are consistent with what
dnf does.
Tickets:
- Likely fixes#72316
Signed-off-by: Rick Elrod <rick@elrod.me>
(cherry picked from commit d8c637da37)
Co-authored-by: Rick Elrod <rick@elrod.me>
* Add changelog (#72502)
(cherry picked from commit b33d7e2e29)
Co-authored-by: Rick Elrod <rick@elrod.me>
* GitHub is removing the underlying API used to implement the `login` command. Since the general consensus seems to be that relatively nobody currently uses this command (in favor of explicit token passing), support was simply removed for interactive login. If a future need arises, this command should be reimplemented via OAuth Device Auth Grants.
* login or role login commands now produce a fatal error with a descriptive message
* updated 2.10 porting guide entry
* remove dead code/config, update messages and porting guides
(cherry picked from commit 83909bfa22)
Change:
- Previously, we only showed that something would have changed, not what
would have changed. This allows us to show what will chang as well.
Test Plan:
- Local RHEL8 VM
- New integration tests
Tickets:
- Fixes#66132
Signed-off-by: Rick Elrod <rick@elrod.me>
Change:
- Previously when `security: true` and `bugfix: true` were both given,
only security updates would get applied. Filters now accumulate so
that both get applied in this case.
Test Plan:
- New integration tests for both check_mode and not. These tests make
use of a contrived yum repository which is stored in S3.
Tickets:
- Fixes#70854
Signed-off-by: Rick Elrod <rick@elrod.me>
Co-authored-by: Matt Martz <matt@sivel.net>
Co-authored-by: Matt Martz <matt@sivel.net>
The luseradd / lusermod commands do not support the -e option. Set
the expiry time in this case via lchage after the user was
created / modified.
Fixes: #71942
In Python3 math.floor returns an integer whereas Python2 returns a float.
Hence always convert the result of math.floor to an int to ensure that
lexpires is an integer.
Move local expires tests in a separate file and import the tasks to the
main.yml to keep main.yml smaller.
(cherry picked from commit a7170da851)
b6b238a fixed the SLES4SAP detection, which was at this time ok.
Sadly Suse changed with SLES 15 the /etc/os-release file, so the above
change will no longer work.
This commit updates the SLES4SAP detection regarding
https://www.suse.com/support/kb/doc/?id=000019341.
The symlink realpath is matched with endswith, because in SLES 12+ the
link target is SLES_SAP.prod, but in SLES 11 the link target is
SUSE_SLES_SAP.prod.
(cherry picked from commit ea119d3089)
* Fix ansible-test docker container detection.
* Attach test containers to the correct network.
* Do not assume `localhost` for accesing Docker.
* Look for containers on current network.
* Always map /var/run/docker.sock into containers.
This fixes issues when using a remote Docker host.
* Support container IP lookup from networks list.
* Fix container network attachment.
* Remove redundant container detection messages.
* Limit DOCKER_HOST parsing to TCP.
* Restore docker socket existence check.
The check is skipped if the docker hostname is not localhost.
* Correct changelog entry..
(cherry picked from commit 3c2e8b99be)
Co-authored-by: Matt Clay <mclay@redhat.com>.
(cherry picked from commit 6362232c30)
Co-authored-by: Matt Clay <mclay@redhat.com>
This allows collections to specify requirements and constraints for packages that ansible-test has requirements or constraints for..
(cherry picked from commit 5f76bd2af7)
Co-authored-by: Matt Clay <matt@mystile.com>
Change:
- This enables the inventory_kubevirt_conformance test to pass again on
freebsd.
- This was due to a google-auth version bump. The dep chain looks like
this: openshift -> kubernetes -> google-auth -> aiohttp -> multidict
Test Plan:
- ansible-test integration inventory_kubevirt_conformance --remote
freebsd/12.0
Signed-off-by: Rick Elrod <rick@elrod.me>
* Make Azure Pipelines resource_prefix lowercase.
* Make classification of CI files consistent.
* Update package-data sanity test for AZP.
(cherry picked from commit 92b66e3e31)
Co-authored-by: Matt Clay <mclay@redhat.com>
Change:
- pip packages should get removed after, not try to add them again
- Try removing containerd.io package too
- Backport of #71949
Test Plan:
- CI
- ci_complete
Signed-off-by: Rick Elrod <rick@elrod.me>
Brian Coca