Commit Graph

40400 Commits (e31620e9db8562ebbd2bf567c67678f2b1e274e0)
 

Author SHA1 Message Date
Matt Martz 396a2f7471 [stable-2.7] Disallow use of remote home directories containing .. in their path (CVE-2019-3828) (#52133) (#52173)
* Disallow use of remote home directories containing .. in their path

* Add CVE to changelog
(cherry picked from commit b34d141)

Co-authored-by: Matt Martz <matt@sivel.net>
6 years ago
Bill Dodd 7918323832 Backport/2.7/51764 (#52126)
* Update GetBiosBootOrder to use standard spec resources (#51764)

* update GetBiosBootOrder to use standard spec resources

* handle case where BootOrder is present but BootOptions is missing

(cherry picked from commit e0538610bf)

* add changelog fragment and fix merge issue
6 years ago
Felix Fontein 6438ab2c46 ufw: check values for direction depending on situation (#50402)
* Check values of 'direction'.

* Add changelog.

* Update lib/ansible/modules/system/ufw.py

Co-Authored-By: felixfontein <felix@fontein.de>

* Update lib/ansible/modules/system/ufw.py

(cherry picked from commit 4d3d8dd60f)
6 years ago
Alicia Cozine 821f43eb9a
refines vmware sample scenario page (#47320) (#52134)
(cherry picked from commit cd7232eeb7)
6 years ago
Jordan Borean 03100cb647 Add Windows Server 2019 to Shippable matrix (#51685)
* Test out Server 2019 - ci_complete

* run tests and continue on error - ci_complete

* Add the full matrix back in

(cherry picked from commit 0334c20630)
6 years ago
Jordan Borean cc5088c9e1 win become - fix token elevation issues
This is an implementation of 8bffcf8e50
that was done in the PR https://github.com/ansible/ansible/pull/48082 to devel.
The changes have been manually brought across to the the stable-2.7 branch as it
cannot be cleanly cherry picked due to the substantial differences in become
between these versions.

Currently we impersonate the `SYSTEM` token in order to elevate our become
process with the highest privileges it has available but there are some edge
cases where the first `SYSTEM` token we come across doesn't have the
`SeTcbPrivilege` which is required for the above. This PR adds a further check
in the search for a `SYSTEM` token to make sure it has the `SeTcbPrivilege`
before continuing.
6 years ago
Bill Dodd 7f33c7def5 Backport/2.7/51028 (#52048)
* get standard properties for each firmware entry (#51028)


(cherry picked from commit 63f7536594)

* add changelog fragment
6 years ago
Felix Fontein c3271befda Prevent bug in 'ufw --dry-run reset' to delete firewall rules. 6 years ago
Felix Fontein 0093b69935 openssl_csr: ignore empty strings in altnames (#51473)
* Ignore empty strings in altnames.

* Add changelog.

* Add idempotence check without SAN.

* Fix bug in cryptography backend.

(cherry picked from commit 9b1cbcf3a4)
6 years ago
Viktor Utkin e7e47ca1fc [Backport 2.7] spot instance request stay opened when module exit with timeout
Fixes: #51534

* set valid_until equal to current time + spot_wait_timeout
* add setting ValidUntil to  value
* add changelog fragment
* fix shebang issue

(cherry picked from commit d40f0313e2)
6 years ago
Kevin Breit ec6a30b9ca meraki_admin - Add documentation about absent priority (#51766)
* Add documentation about absent priority

* Remove 7 at the end of file

(cherry picked from commit f9f7b29a5a)
6 years ago
Nathaniel Case df359e036c [stable-2.7] ios retry config if section filter fails (#49485) (#51871)
* [stable-2.7] ios retry config if section filter fails (#49485)

* Attempt to work around devices that don't understand | section

* Fix case of no flags
(cherry picked from commit 6caed0c)

Co-authored-by: Nathaniel Case <this.is@nathanielca.se>

* Add changelog
6 years ago
fboux0 aa73f8ea3c Backport/2.7/46478 - haproxy - fixes naming collision (#51822)
* fix drain mode 'bool' (#30833) (#46478)


(cherry picked from commit 4376417743)

* Create 46478-haproxy-fix-drain-mode.yaml
6 years ago
Martin Krizek 1492f46d78 yum: disableexcludes is supported on centos6 (#51698)
(cherry picked from commit 33b07f322c)
6 years ago
Felix Fontein a200cfb07f acme_challenge_cert_helper: fix bad module.fail_json() call (#51795)
* Fix bad module.fail_json() call.

* Add changelog.

(cherry picked from commit c9b08db979)
6 years ago
Jordan Borean 718e011168 psrp - do not display bootstrap wrapper for eachach task (#51779)
(cherry picked from commit 146a89b612)
6 years ago
Matt Davis 0708c80c40 fix string_format sanity check (#51780)
* newer version of Pylint moved the impl; use conditional import to find for new/old

(cherry picked from commit 6654c7aeea)
6 years ago
Wojciech Sciesinski 90203d0a11 Correct integration tests for the win_disk_facts module (#51044)
* Correct integration tests for the win_disk_facts module

* Exclude W2K8, W2K8-R2 from tests run under CI
6 years ago
Elijah DeLee fe79534415 Backport aws ec2 missing region discovery (#51626)
* aws_ec2 Implement the missing 'region discovery' (#51333)

* aws_ec2 Implement the missing 'region discovery'

  fixes #45288

  tries to use api as documented (which seems to fail in latest boto3 versions)
  and fallback to boto3 'hardcoded' list of regions

* fixes and cleanup, add error for worst case scenario

* fix tests, remove more unused code

* add load_name

* acually load the plugin

* set plugin as required

* reverted test changes, removed options tests

* fixes as per feedback and cleanup

* Allow default regions list to use flexible credential types
6 years ago
Toshio Kuratomi bedfa3f3ff Update Ansible release version to v2.7.7.post0. 6 years ago
Toshio Kuratomi 11a2bafa21 New release v2.7.7 6 years ago
Jordan Borean ad71a9a7ed Get docker tests working on OpenSUSE (#51896)
(cherry picked from commit c92fcf0b57)
6 years ago
Matt Davis ac3a3ce599 [stable-2.7] fix azure_rm_deployment test
* recent changes to args for hosted template file broke the test; changed test to use a specific known-working commit instead of `master`.
* long-term may want to consider hosting the template in httptester or just embedding a local copy
(cherry picked from commit 46bf387)

Co-authored-by: Matt Davis <mrd@redhat.com>
6 years ago
Brian Coca 7589d496fc remove default from delegate_facts to inherit (#45492) (#51553)
* remove default from delegate_facts to inherit (#45492)

* remove default from delegate_facts to inherit

fixes #45456

* test delegate_facts

* added note about inheritance and defaults

* yamllint

(cherry picked from commit 8743e6ae2e)

* added changelog
6 years ago
Jordan Borean bdf7f42b7c test win_setup - make py3 compatible (#51693)
(cherry picked from commit f78cdcd2c5)
6 years ago
Jordan Borean aedad64c8f win_service - use custom binary for tests (#51689)
(cherry picked from commit 2e99dea867)
6 years ago
Jordan Borean 06505fc521 add pause to make test more stable (#51680)
(cherry picked from commit ebc9e4caf7)
6 years ago
Kevin Breit d56d7997c4 Add response documentation (#51647)
(cherry picked from commit 4493ba86ec)
6 years ago
Andrea Tartaglia d064534df6 Added description to single net interface (#51602)
* Added description to single net interface

* ec2_instance single iface description changelog

(cherry picked from commit b8790abcbe)
6 years ago
Sumit Jaiswal 483aa64216 Fixes issue where uppercase named A_Record delete was getting skipped (#51592)
* Fixes issue where uppercase named A_Record delete was getting skipped (#51539)

* fixes 51193

Signed-off-by: Sumit Jaiswal <sjaiswal@redhat.com>

* fixes 51193

Signed-off-by: Sumit Jaiswal <sjaiswal@redhat.com>

* fixes 51193

Signed-off-by: Sumit Jaiswal <sjaiswal@redhat.com>
(cherry picked from commit 15cef845ca)

* shippable fix

Signed-off-by: Sumit Jaiswal <sjaiswal@redhat.com>
6 years ago
chronidev 22c4745b96 Add coherency between check and normal mode for copy plugin action see issue #24633 (#51582)
* Add coherency between check and normal mode see issue #24633

* Add changelog fragment for the PR

* Make change following PR comment

* Remove trailing whitespace

(cherry picked from commit 240d1a6afb)
6 years ago
Jordan Borean 6ce98295c1 fix for proper variable name 6 years ago
Jordan Borean 9168e6844a win_power_plan: fix for Windows 10 and Server 2008 compatibility (#51471)
(cherry picked from commit f27078df52)
6 years ago
Fabian von Feilitzsch ce033c6762 [k8s] Always check envvars when auth parameter is not provided (#51495)
* Always check envvars when auth parameter is not provided

This will make it so that all code using the get_api_client
method will make use of the environment variables, instead of
silently ignoring them if default values haven't been set. This
affects at least the k8s lookup plugin.

* Add changelog

(cherry picked from commit 0be66113d4)
6 years ago
Brian Coca 3bf030ddcc Handle complex quoting in extra args in pull cli (#50212)
* added proper testing

fixes #40729

(cherry picked from commit b6824669df)
(cherry picked from commit e010034151)
6 years ago
Kevin Breit aa37d4bdd7 Correct spelling in meraki_ssid documentation (#51563) (#51584)
Fix spelling error for address, which was addres.

+label: docsite_pr

(cherry picked from commit c8484e19ca)
6 years ago
Felix Fontein af977daec7 Adjusting to differences between Ansible 2.7 and Ansible 2.8.
(cherry picked from commit 6cdb357826ffb1446e4ceb1050349fe30f511b41)
6 years ago
Akshay Gaikwad 03bc4be1c3 Add integration tests for docker_image options (#48574)
* Add integration tests for docker_image options

Tests for options in docker_image module

Signed-off-by: Akshay Gaikwad <akgaikwad001@gmail.com>

* Add force option tests

Signed-off-by: Akshay Gaikwad <akgaikwad001@gmail.com>

* Add repository option tests

Signed-off-by: Akshay Gaikwad <akgaikwad001@gmail.com>

* Modify test for option force

Signed-off-by: Akshay Gaikwad <akgaikwad001@gmail.com>
(cherry picked from commit 0493ef359a)
6 years ago
Felix Fontein 7b0c342dce [2.7] docker_container: userns_mode description updated to mention valid value (#51470)
* description updated to mention valid value

The only valid value for userns_mode on docker run command is "host". This should be mentioned in description because it is hard to find in docker documentation as well: https://github.com/docker/docker.github.io/issues/7071

(cherry picked from commit d9135f3960)

* Update lib/ansible/modules/cloud/docker/docker_container.py

Co-Authored-By: TimoKramer <4785848+TimoKramer@users.noreply.github.com>
(cherry picked from commit 27dc399885)
6 years ago
Jordan Borean 1d3f29d4be ansible-test: make the httptester for Windows more resiliant around the shell chosen (#51416)
(cherry picked from commit ce8db479f0)
6 years ago
Dag Wieers 67606bfa66 aci_aaa_user: Fix an issue with clear_password_history 6 years ago
Toshio Kuratomi 30824c92e6 [stable-2.7] Toshio is now release manager for 2.8 and future 2.6 (#51452).
(cherry picked from commit b0ac7d9652)

Co-authored-by: Toshio Kuratomi <a.badger@gmail.com>
6 years ago
Ganesh Nalawade 97a3e4acc0 Allow check_mode with supports_generate_diff capability in cli_config (#51384)
* If network cliconf support `supports_generate_diff` in
  that case diff between running and cnadidate config
  is generated within Ansible and if check_mode is enabled
  in that case return only diff without actually invoking
  edit_config()

(cherry picked from commit 8f5cd049d6)
6 years ago
Dag Wieers 0d5f083a52 aci_aaa_user: Fix changing user description
This fixes a reported problem with the aci_aaa_user module.
6 years ago
Sandra McCann c372d95c69 add network roles info (#49501) (#51400)
* add network roles info
* add role update instructions
* implemented feedback

Co-Authored-By: samccann <samccann@redhat.com>
(cherry picked from commit 47d22bbcd8)
6 years ago
Dag Wieers 34113f6cc5 Docs: Fix highlight line (#50756)
(cherry picked from commit 646c34dcde)
6 years ago
Felix Fontein 6c61fabdd1 Sort suboptions and subresults in docs. (#50315)
Fixes #50041.

(cherry picked from commit 4c473ecef4)
6 years ago
Dag Wieers 50d06d9889 Docs: Show parameter types (in purple) (#49966)
* Docs: Show parameter types (in purple)

* Changes based on feedback

* Remove leftover statement after review

* Simplify TOC and support section

* Add missing 'v' to version_added

* Remove the v for version

* Update docs/templates/plugin.rst.j2

Co-Authored-By: dagwieers <dag@wieers.com>

* Update docs/templates/plugin.rst.j2

Co-Authored-By: dagwieers <dag@wieers.com>

* Move Author into Support section

* Avoid more "isn't included in any toctree" errors

* Add Red Hat support section, list module status

(cherry picked from commit 76450fd1c2)
6 years ago
Dag Wieers a22f46bacf Docs: Add a "seealso" section to the module docs (#45949)
* Docs: Add a separate  "seealso" section to the module docs
to list related modules and/or related references. This clears up the notes
section for things that are actual notes.

So you can add a section in your module documentation and four types of
references are possible.

    seealso:

    # Reference by module name
    - module: aci_tenant

    # Reference by module name, including description
    - module: aci_tenant
      description: ACI module to create tenants on a Cisco ACI fabric.

    # Reference by rST documentation anchor
    - ref: aci_guide
      description: Detailed information on how to manage your ACI infrastructure using Ansible.

    # Reference by Internet resource
    - name: APIC Management Information Model reference
      description: Complete reference of the APIC object model.
      link: https://developer.cisco.com/docs/apic-mim-ref/

This PR also includes:

- Implements ansible-doc support
- Implements schema support for the seealso options
- Updates to the development documentation
- Rename filter convert_symbols_to_format to rst_ify, cfr the existing html_ify and tty_ify filters
  - This makes the existing template a lot easier to read and fixes the confusion I had myself rereading the template (again).
- We fixed the possible suboption types (which was limited to 'bool' only)

* Use latest stable instead of devel docs

(cherry picked from commit baf0ad2309)
6 years ago
Sandra McCann 14bb798052 added build artifact to .gitignore (#47518)
(cherry picked from commit e1c2dd383a)
6 years ago