* Fix dnf package matching (#75411)
* Fix a bug with the dnf module not using all components of a package name when filtering to determine if it's installed
* changelog
* Simplify splitting on the last '.'
* Update lib/ansible/modules/dnf.py
(cherry picked from commit b541a148d5)
* Fix dnf test assertion
(cherry picked from commit 91a26ddcef)
* [stable-2.9] allow env to override unspecified unsafe_writes (#73282)
* allow env var for fallback value for unspecified unsafe_writes.
(cherry picked from commit c7d4acc12f)
Co-authored-by: Brian Coca <bcoca@users.noreply.github.com>
* ensure unsafe writes fallback (#70722)
* Ensure we actually fallback to unsafe_writes when set to true
add integration test
add fix for get_url not passing the parameter from args
(cherry picked from commit 932ba36160)
* Added clog missing for issue 70722 (#73175)
(cherry picked from commit d6670da1d7)
Co-authored-by: Brian Coca <bcoca@users.noreply.github.com>
* Prevent ansible_failed_task from further templating
Fixes#74036
* Add changelog.
(cherry picked from commit 664531d7d6)
Co-authored-by: Martin Krizek <martin.krizek@gmail.com>
Change:
- websocket-client >= 1 requires python 3, so add constraint for python
2.
Test Plan:
- ci_complete
Signed-off-by: Rick Elrod <rick@elrod.me>
* avoid a mysql_variables check on rhel 8
Signed-off-by: Rick Elrod <rick@elrod.me>
* [stable-2.9] CI and compat fixes for Jinja2 >= 3.0 (#74666)
* Add constraint for MarkupSafe
MarkupSafe >= 2.0.0 requires Python >= 3.6.0. Add a constraint for older Python versions
and fix the `groupby_filter` test.
* Fix template_jinja2_latest test.
* patch filter decorators on newer Jinja2
* Jinja2 >= 3.0 renames several filter decorators used by Ansible itself, as well as by filters in collections. This patch ensures that the old names are usable within Ansible and by collections without warnings or errors.
* Ignore docs-build issues.
* Remove unnecessary ignore.
* Disable failing nuage_vspk test.
* Fix inventory_aws_conformance integration test.
(cherry picked from commit f99d024851)
Co-authored-by: Matt Clay <matt@mystile.com>
Co-authored-by: Matt Davis <mrd@redhat.com>.
Co-authored-by: Sam Doran <sdoran@redhat.com>
Previously it was hosted on bintray, but that service is shutting down on May 1. Using the new
repository also required using a newer version of RabbitMQ..
(cherry picked from commit 62cba4a6ad)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* [ansible-test] Sync opensuse containers with 2.10
Change:
- OpenSuSE 15.1 is now EOL
- Switch containers to use what 2.10 uses, which has 15.2.
Test Plan:
- ci_complete
Signed-off-by: Rick Elrod <rick@elrod.me>
* docker version
Signed-off-by: Rick Elrod <rick@elrod.me>
* needs p7zip-full, otherwise we only get 7zr
Signed-off-by: Rick Elrod <rick@elrod.me>
* Make sure py2 stays py2
Signed-off-by: Rick Elrod <rick@elrod.me>
* no wildcard?
Signed-off-by: Rick Elrod <rick@elrod.me>
* -x instead of --xml
Signed-off-by: Rick Elrod <rick@elrod.me>
When using "use_regex: yes" and setting an excludes: without
specifying a pattern: the existing code passes the file-glob '*' to
the regex matcher. This results in an internal invalid-regex
exception being thrown.
This maintains the old semantics of a default match-all for pattern:
but switches the default to '.*' when use_regex is specified.
The code made sense as-is before excludes: was added (2.5). In that
case, it made no sense to set use_regex but *not* set a pattern.
However, with excludes: it now makes sense to only want to exclude a
given regex but not specify a specific matching pattern.
Closes: #50067
* moved change to new location
added changelog
* Update lib/ansible/modules/find.py
Co-authored-by: Ian Wienand <iwienand@redhat.com>.
(cherry picked from commit 089d0a0508)
Co-authored-by: Brian Coca <bcoca@users.noreply.github.com>
* Update fix_find_default.yml
Co-authored-by: Rick Elrod <rick@elrod.me>
Treat core and collections module_utils imports nested within any Python block statement (eg, `try`, `if`) as optional. This allows Ansible modules to implement runtime fallback behavior for missing module_utils (eg from a newer version of ansible-core), where previously, the module payload builder would always fail when unable to locate a module_util (regardless of any runtime behavior the module may implement).
* sanity test fixes
ci_complete
(cherry-picked from 3e1f6484d7)
* Ensure task from the worker is finalized/squashed. Fixes#57399. Fixes#49942
(cherry picked from commit 832631b)
Co-authored-by: Matt Martz <matt@sivel.net>
* [stable-2.9] Normalize ConfigParser between Python2 and Python3 (#73715)
* Normalize config parser between py2 and py3
* Add tests and changelog
* Use different config entry, since we supply certain env vars.
(cherry picked from commit 950ab74758)
Co-authored-by: Matt Martz <matt@sivel.net>
Change:
- The latest mongodb we install causes processes to not die correctly
(they end up as zombies), and this causes the ports they listen on to
be held in TIME_WAIT. We need to wait for them to fall out of
TIME_WAIT before we can continue and use them again.
Test Plan:
- CI
- Local playing in containers
Signed-off-by: Rick Elrod <rick@elrod.me>
Change:
- Other targets might remove rpm-build as they clean up after
themselves. Ensure that it's present in setup_rpm_repo because
rpmfluff needs it.
Test Plan:
- Local experimentation with yum_repository and mysql_db (the latter of
which depends on a handler which was removing rpm-build) on
stable-2.9.
Signed-off-by: Rick Elrod <rick@elrod.me>
(cherry picked from commit aca5b0e43b)
When the pause module is run in the background and seconds parameter is provided,
do not warn.
* Add tests
* Fix existing tests
The test wasn't failing when it should have.
(cherry picked from commit 0e6c334115)
Co-authored-by: Sam Doran <sdoran@redhat.com>
Ability to add local variables into AnsibleJ2Vars was added in
18a9eff11f to fix#6653. Local variables
are added using ``AnsibleJ2Vars.add_locals()`` method when creating a
new context - typically when including/importing a template with
context. For that use case local template variables created using
``set`` should override variables from higher contexts - either from the
play or any parent template, or both; Jinja behaves the same way.
Also removes AnsibleJ2Vars.extras instance variable which is not used.
Also adds missing test for #6653.
Fixes#72262Fixes#72615
ci_complete
(cherry picked from commit a2af8432f3)
* Improve setup_rpm_repo
- add handlers to remove repos
- add variable to control whethere or not repos are created
* Use local repo for all distros
* Change repo creation script to module.
(cherry picked from commit 997b2d2a19)
Co-authored-by: Sam Doran <sdoran@redhat.com>
combine_vars uses dict.update() to replace keys
(cherry picked from commit 5e03e322de)
* Add tests for merging and replacing vars from inventory sources (#73181)
(cherry picked from commit 9de2da8a7e)
Do the right thing on Linux when password lock and a password hash are provided by writing
out the password hash prepended by the appropriate lock string rather than using -U and -L.
This is the correct way to set and lock the account in one command.
On BSD, run separate commands as appropriate since locking and setting the password cannot
be done in a single action.
FreeBSD requires running several commands to get the account in the desired state. As a result,
the rc, output, and error from all commands need to be combined and evaluated so an accurate
and complete summary can be given at the end of module execution.
* Improve integration tests to cover this scenario.
* Break up user integration tests into smaller files
* Properly lock account when creating a new account and password is supplied
* Simplify rc collection in FreeBSD class
Since the _handle_lock() method was added, the rc would be set to None, which could make
task change reporting incorrect. My first attempt to solve this used a set and was a bit too
complicated. Simplify it my comparing the rc from _handle_lock() and the current value of rc.
* Improve the Linux password hash and locking behavior
If password lock and hash are provided, set the hash and lock the account by using a password
hash since -L cannot be used with -p.
* Ensure -U and -L are not combined with -p since they are mutually exclusive to usermod.
* Clarify password_lock behavior..
(cherry picked from commit 264e08f21a)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* systemd - do not overwrite unit name when searching
PR #72702 introduced a bug that changed the unit name when splitting it up for the purpose
of searching for the unit. This only happens on unit file templates on systems that have a 5.8
or newer kernel and a version of systemd that does not contain a bugfix that causes systmed
to fail to parse dbus.
* Use facts rather than a manual probe to determine if systmed is present
* Remove unnecessary block
* Use vars files instead of set_fact
* Add tests for using a templated unit file
* Update changelog fragment
* Use template to get correct path to sleep binary
(cherry picked from commit 48803604cd)
Having the trap exit with a specific code will override
the exit code that caused the trap to run, which could
mask errors
(cherry picked from commit 5157a92139)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* Ensure we only reset the connection when one has been previously established. Fixes#65812
* Ensure psrp doesn't trace
* winrm too
(cherry picked from commit a3b6485073)
Co-authored-by: Matt Martz <matt@sivel.net>
Sloane Hertel