When using "use_regex: yes" and setting an excludes: without
specifying a pattern: the existing code passes the file-glob '*' to
the regex matcher. This results in an internal invalid-regex
exception being thrown.
This maintains the old semantics of a default match-all for pattern:
but switches the default to '.*' when use_regex is specified.
The code made sense as-is before excludes: was added (2.5). In that
case, it made no sense to set use_regex but *not* set a pattern.
However, with excludes: it now makes sense to only want to exclude a
given regex but not specify a specific matching pattern.
Closes: #50067
* moved change to new location
added changelog
* Update lib/ansible/modules/find.py
Co-authored-by: Ian Wienand <iwienand@redhat.com>.
(cherry picked from commit 089d0a0508)
Co-authored-by: Brian Coca <bcoca@users.noreply.github.com>
* Update fix_find_default.yml
Co-authored-by: Rick Elrod <rick@elrod.me>
Treat core and collections module_utils imports nested within any Python block statement (eg, `try`, `if`) as optional. This allows Ansible modules to implement runtime fallback behavior for missing module_utils (eg from a newer version of ansible-core), where previously, the module payload builder would always fail when unable to locate a module_util (regardless of any runtime behavior the module may implement).
* sanity test fixes
ci_complete
(cherry-picked from 3e1f6484d7)
* Ensure task from the worker is finalized/squashed. Fixes#57399. Fixes#49942
(cherry picked from commit 832631b)
Co-authored-by: Matt Martz <matt@sivel.net>
Change:
- Add missing no_log on fields and subfields which should have it.
- Update several changelogs with CVE id.
Signed-off-by: Rick Elrod <rick@elrod.me>
* Add changelog and fixtures for AlmaLinux support
Co-authored-by: Christoph Schug <com+github@schug.net>.
(cherry picked from commit 2f5c83dfb1)
Co-authored-by: Sam Doran <sdoran@redhat.com>
Change:
- podman > 2 && < 2.2 does not support "images --format {{json .}}"
- podman also now outputs images JSON differently than docker
- Work around both of the above.
Test Plan:
- Tested with podman 2.0.6 in Fedora 31.
Signed-off-by: Rick Elrod <rick@elrod.me>
Co-authored-by: Sviatoslav Sydorenko <wk.cvs.github@sydorenko.org.ua>
(cherry picked from commit 0332046699)
Ensure `yamllint`'s `check_assignment()` correctly ignore the
attribute assignment. Those don't have any `.id` attribute and will
trigger an `AttributeError` exception.
See: https://github.com/ansible/ansible/pull/73322
(cherry picked from commit 0a8d5c0983)
* [stable-2.9] Normalize ConfigParser between Python2 and Python3 (#73715)
* Normalize config parser between py2 and py3
* Add tests and changelog
* Use different config entry, since we supply certain env vars.
(cherry picked from commit 950ab74758)
Co-authored-by: Matt Martz <matt@sivel.net>
Change:
- The latest mongodb we install causes processes to not die correctly
(they end up as zombies), and this causes the ports they listen on to
be held in TIME_WAIT. We need to wait for them to fall out of
TIME_WAIT before we can continue and use them again.
Test Plan:
- CI
- Local playing in containers
Signed-off-by: Rick Elrod <rick@elrod.me>
Change:
- Other targets might remove rpm-build as they clean up after
themselves. Ensure that it's present in setup_rpm_repo because
rpmfluff needs it.
Test Plan:
- Local experimentation with yum_repository and mysql_db (the latter of
which depends on a handler which was removing rpm-build) on
stable-2.9.
Signed-off-by: Rick Elrod <rick@elrod.me>
(cherry picked from commit aca5b0e43b)
When the pause module is run in the background and seconds parameter is provided,
do not warn.
* Add tests
* Fix existing tests
The test wasn't failing when it should have.
(cherry picked from commit 0e6c334115)
Co-authored-by: Sam Doran <sdoran@redhat.com>
If a YAML file fails to load due to a syntax error in a file, or there is an error in the last line of a
file, PyYAML reports the last line number of the file as the index where the error occurred.
When reading the file lines, we use that index to the get the relevant line. If the index value is out
of range, the relevant line is lost for error reporting.
Subtract one from the index value to avoid the IndexError in this specific scenario. It is possible
to still get an IndexError, which will be handled as it is currently.
* Update existing tests and add new tests
(cherry picked from commit e8d4b62b41)
Co-authored-by: Sam Doran <sdoran@redhat.com>
Ability to add local variables into AnsibleJ2Vars was added in
18a9eff11f to fix#6653. Local variables
are added using ``AnsibleJ2Vars.add_locals()`` method when creating a
new context - typically when including/importing a template with
context. For that use case local template variables created using
``set`` should override variables from higher contexts - either from the
play or any parent template, or both; Jinja behaves the same way.
Also removes AnsibleJ2Vars.extras instance variable which is not used.
Also adds missing test for #6653.
Fixes#72262Fixes#72615
ci_complete
(cherry picked from commit a2af8432f3)
* Improve setup_rpm_repo
- add handlers to remove repos
- add variable to control whethere or not repos are created
* Use local repo for all distros
* Change repo creation script to module.
(cherry picked from commit 997b2d2a19)
Co-authored-by: Sam Doran <sdoran@redhat.com>
combine_vars uses dict.update() to replace keys
(cherry picked from commit 5e03e322de)
* Add tests for merging and replacing vars from inventory sources (#73181)
(cherry picked from commit 9de2da8a7e)
* Use is_sequence, and Mapping throughout, add support for tuples. Fixes#65722
* Address tests
* Remove unused import
* Add changelog
* Add docstring for clarity
(cherry picked from commit f8654de851)
Co-authored-by: Matt Martz <matt@sivel.net>
Do the right thing on Linux when password lock and a password hash are provided by writing
out the password hash prepended by the appropriate lock string rather than using -U and -L.
This is the correct way to set and lock the account in one command.
On BSD, run separate commands as appropriate since locking and setting the password cannot
be done in a single action.
FreeBSD requires running several commands to get the account in the desired state. As a result,
the rc, output, and error from all commands need to be combined and evaluated so an accurate
and complete summary can be given at the end of module execution.
* Improve integration tests to cover this scenario.
* Break up user integration tests into smaller files
* Properly lock account when creating a new account and password is supplied
* Simplify rc collection in FreeBSD class
Since the _handle_lock() method was added, the rc would be set to None, which could make
task change reporting incorrect. My first attempt to solve this used a set and was a bit too
complicated. Simplify it my comparing the rc from _handle_lock() and the current value of rc.
* Improve the Linux password hash and locking behavior
If password lock and hash are provided, set the hash and lock the account by using a password
hash since -L cannot be used with -p.
* Ensure -U and -L are not combined with -p since they are mutually exclusive to usermod.
* Clarify password_lock behavior..
(cherry picked from commit 264e08f21a)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* systemd - do not overwrite unit name when searching
PR #72702 introduced a bug that changed the unit name when splitting it up for the purpose
of searching for the unit. This only happens on unit file templates on systems that have a 5.8
or newer kernel and a version of systemd that does not contain a bugfix that causes systmed
to fail to parse dbus.
* Use facts rather than a manual probe to determine if systmed is present
* Remove unnecessary block
* Use vars files instead of set_fact
* Add tests for using a templated unit file
* Update changelog fragment
* Use template to get correct path to sleep binary
(cherry picked from commit 48803604cd)
Having the trap exit with a specific code will override
the exit code that caused the trap to run, which could
mask errors
(cherry picked from commit 5157a92139)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* Ensure we only reset the connection when one has been previously established. Fixes#65812
* Ensure psrp doesn't trace
* winrm too
(cherry picked from commit a3b6485073)
Co-authored-by: Matt Martz <matt@sivel.net>
* ansible-test - prefer venv over virtualenv on Python 3 (#73000)
Also pin virtualenv to 16.7.10 for older Mac OS X systems. This was the version being installed
anway with the previous constraint (<20).
On systems with Python 3, now prefer venv over virtualenv. Test to see if venv is functional since
some systems have a non-functional venv installation (such as Debian).
(cherry picked from commit 850a77f639)
(cherry picked from commit a48b3d2089)
* Make the new ansible-test venv behavior opt-in
Co-authored-by: Sam Doooran <sdoran@redhat.com>
Change:
- module_utils.basic.is_special_selinux_path() used a string ==
bytestring comparison which returned False and made Ansible think that
certain filesystems aren't, in fact, special-cased, when they should
be. Ensure both sides of the == are bytestrings.
Test Plan:
- Added `copy` integration tests for this case.
Tickets:
- Fixes#70244
Signed-off-by: Rick Elrod <rick@elrod.me>.
(cherry picked from commit 688cd8657b)
Co-authored-by: Rick Elrod <rick@elrod.me>
The recent update of ptyprocess to 0.7.0 is incompatible with Python 2.6 and
is causing test failures.
* Add setup_pexpect role to expect test
(cherry picked from commit 003a9e890d)
Co-authored-by: Sam Doooran <sdoran@redhat.com>
Sam Doran