* Improve setup_rpm_repo
- add handlers to remove repos
- add variable to control whethere or not repos are created
* Use local repo for all distros
* Change repo creation script to module.
(cherry picked from commit 997b2d2a19)
Co-authored-by: Sam Doran <sdoran@redhat.com>
combine_vars uses dict.update() to replace keys
(cherry picked from commit 5e03e322de)
* Add tests for merging and replacing vars from inventory sources (#73181)
(cherry picked from commit 9de2da8a7e)
* Use is_sequence, and Mapping throughout, add support for tuples. Fixes#65722
* Address tests
* Remove unused import
* Add changelog
* Add docstring for clarity
(cherry picked from commit f8654de851)
Co-authored-by: Matt Martz <matt@sivel.net>
Do the right thing on Linux when password lock and a password hash are provided by writing
out the password hash prepended by the appropriate lock string rather than using -U and -L.
This is the correct way to set and lock the account in one command.
On BSD, run separate commands as appropriate since locking and setting the password cannot
be done in a single action.
FreeBSD requires running several commands to get the account in the desired state. As a result,
the rc, output, and error from all commands need to be combined and evaluated so an accurate
and complete summary can be given at the end of module execution.
* Improve integration tests to cover this scenario.
* Break up user integration tests into smaller files
* Properly lock account when creating a new account and password is supplied
* Simplify rc collection in FreeBSD class
Since the _handle_lock() method was added, the rc would be set to None, which could make
task change reporting incorrect. My first attempt to solve this used a set and was a bit too
complicated. Simplify it my comparing the rc from _handle_lock() and the current value of rc.
* Improve the Linux password hash and locking behavior
If password lock and hash are provided, set the hash and lock the account by using a password
hash since -L cannot be used with -p.
* Ensure -U and -L are not combined with -p since they are mutually exclusive to usermod.
* Clarify password_lock behavior..
(cherry picked from commit 264e08f21a)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* systemd - do not overwrite unit name when searching
PR #72702 introduced a bug that changed the unit name when splitting it up for the purpose
of searching for the unit. This only happens on unit file templates on systems that have a 5.8
or newer kernel and a version of systemd that does not contain a bugfix that causes systmed
to fail to parse dbus.
* Use facts rather than a manual probe to determine if systmed is present
* Remove unnecessary block
* Use vars files instead of set_fact
* Add tests for using a templated unit file
* Update changelog fragment
* Use template to get correct path to sleep binary
(cherry picked from commit 48803604cd)
Having the trap exit with a specific code will override
the exit code that caused the trap to run, which could
mask errors
(cherry picked from commit 5157a92139)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* Ensure we only reset the connection when one has been previously established. Fixes#65812
* Ensure psrp doesn't trace
* winrm too
(cherry picked from commit a3b6485073)
Co-authored-by: Matt Martz <matt@sivel.net>
* ansible-test - prefer venv over virtualenv on Python 3 (#73000)
Also pin virtualenv to 16.7.10 for older Mac OS X systems. This was the version being installed
anway with the previous constraint (<20).
On systems with Python 3, now prefer venv over virtualenv. Test to see if venv is functional since
some systems have a non-functional venv installation (such as Debian).
(cherry picked from commit 850a77f639)
(cherry picked from commit a48b3d2089)
* Make the new ansible-test venv behavior opt-in
Co-authored-by: Sam Doooran <sdoran@redhat.com>
Change:
- module_utils.basic.is_special_selinux_path() used a string ==
bytestring comparison which returned False and made Ansible think that
certain filesystems aren't, in fact, special-cased, when they should
be. Ensure both sides of the == are bytestrings.
Test Plan:
- Added `copy` integration tests for this case.
Tickets:
- Fixes#70244
Signed-off-by: Rick Elrod <rick@elrod.me>.
(cherry picked from commit 688cd8657b)
Co-authored-by: Rick Elrod <rick@elrod.me>
The recent update of ptyprocess to 0.7.0 is incompatible with Python 2.6 and
is causing test failures.
* Add setup_pexpect role to expect test
(cherry picked from commit 003a9e890d)
Co-authored-by: Sam Doooran <sdoran@redhat.com>
* make collection callbacks follow normal flow (#59932)
make collections whitelist follow normal flow
* fixes missing set_options call and adhoc and stdout processing rules
* avoid dupes
* fixed to handle redirects
* also updated tests with new and more accurate skip message
* fix callback tests for envs with cowsay installed
* lots MOAR comments on why the code is as it is, some todos to refactor in future
Co-authored-by: Matt Davis <nitzmahone@users.noreply.github.com>
(cherry picked from commit 5ec53f9db8)
* fixed bad merge
* hack in redirected names
* ensure we run additional calblacks
* remove redundant remote_user for local setting
local action plugin already does and this also should fix
fork/thread issue by removing use of pwd library
fixes#59642
(cherry picked from commit 488b9d6c35)
* ensure local exposes correct user (#72543)
* ensure local exposes correct user
avoid corner case in which delegation relied on
playcontext fallback which was removed
fixes#72541
(cherry picked from commit aa4d53ccdf)
Change:
- `udev` is provided by `systemd-udev`, which our `state=present` check
doesn't match. For now, work around this so we don't end up trying to
upgrade all of systemd.
- In the future, we should discuss if the `yum` module does the right
thing here.
Test Plan:
- Locally in docker
- CI
Signed-off-by: Rick Elrod <rick@elrod.me>
When enumerating connections with psutil, catch and ignore errors to avoid returning a stack trace.
Co-authored-by: Matt Martz <matt@sivel.net>
(cherry picked from commit fb09fd2a23)
* Fix missing ansible.builtin FQCNs in hardcoded action names (#71824)
* Make sure hard-coded action names also check for FQCN.
* Use _add_internal_fqcn() to avoid hardcoded lists and typoes.
(cherry picked from commit da60525610)
ci_complete
* Replace some more FQCNs.
(cherry picked from commit 72302dd611)
* Fix another case which was already fixed in stable-2.10.
* Consolidate logic for determining whether or not session is interactive
into a single function, is_interactive()
* Increase test coverage
I wasn't able to find a good way of simulating running a backgrounded test with CI since the
whole test is essentially run not in a TTY, which is similar enough to cause the new is_interactive()
function to always return false.
(cherry picked from commit 4b8cb6582b)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* file: add symlink is in a sticky directory tests
* file: handle symlink in a sticky directory
The builtins import was removed since it was unused, but it is now needed.
(cherry picked from commit b464d18fd1)
Co-authored-by: Pilou <pierre-louis.bonicoli@libregerbil.fr>
Co-Authored-By: Sviatoslav Sydorenko <wk.cvs.github@sydorenko.org.ua>
* [centos6] update container for EOL
Change:
- Reference:
https://lists.centos.org/pipermail/centos-devel/2020-December/056208.html
- Bump centos6 container to 1.25.0
Test Plan:
- ci_complete
Signed-off-by: Rick Elrod <rick@elrod.me>
* update EPEL 6 too which is now archived
Signed-off-by: Rick Elrod <rick@elrod.me>
* bump to 1.26.0
Signed-off-by: Rick Elrod <rick@elrod.me>
* Pull image from Quay to avoid Dockerhub limits
CI tests are failing in certain situations due to the new Docker Hub limits on anonymous pulls. Switch
to pulling an equivalent image from Quay.io.
* Use correct layer SHAs
* Use an image with enough older shas to do the test correctly
* Use images we control on Quay for testing
* Use correct SHA for new images
* Use images from a single repo in Quay but with tags
* Use correct nginx image
* Use correct tags in docker-registry test
* Fix incorrect image name in debug message
* Use our busybox image
* Little more alpine image cleanup
Change:
- The repo we were testing with no longer seems to exist. Point to one
that does.
Test Plan:
- local test in docker
- CI
Signed-off-by: Rick Elrod <rick@elrod.me>
The recently released version of cffi fails to install on systems with an older version of gcc. In
our case, this in the CentOS 6 test image. There is a fix but it has not yet been released.
https://foss.heptapod.net/pypy/cffi/-/issues/480
* Try to load network action plugin from the same collection as the module
* Alter tests to match
Just make sure the action plugin is as qualified as the module it is paired with
(cherry picked from commit 3dbc03d58a)
Co-authored-by: Nathaniel Case <ncase@redhat.com>
* [stable-2.9] [dnf] Some fixes around filtering (#72483)
Change:
- Docs: Add note that security/bugfix apply to dependencies too, like
the dnf command.
- dnf: security/bugfix only makes sense for updates, so limit the
package query sack to available updates.
- tests: Limit tests to our known-good test packages, so that RHEL
packages marked security/bugfix without similarly marked dependencies
don't fail our tests.
Test Plan:
- Tested with `dnf upgrade-minimal --bugfix` and reproduced the same
error currently seen in CI, showing that we are consistent with what
dnf does.
Tickets:
- Likely fixes#72316
Signed-off-by: Rick Elrod <rick@elrod.me>
(cherry picked from commit d8c637da37)
Co-authored-by: Rick Elrod <rick@elrod.me>
* Add changelog (#72502)
(cherry picked from commit b33d7e2e29)
Co-authored-by: Rick Elrod <rick@elrod.me>
Sloane Hertel