* support rabbitmq 3.8.x in version check (#66855)
* support rabbitmq 3.8.x in version check
* Removed extraneous white space
(cherry picked from commit 6b017db05b)
* Add changelog fragment.
Co-authored-by: bitchkat <kjh@flyballdogs.com>
Co-authored-by: Matt Clay <matt@mystile.com>
* subversion module - provide password securely with svn command line option --password-from-stdin when possible, and provide a warning otherwise.
* Update lib/ansible/modules/source_control/subversion.py.
* Add a test.
Co-authored-by: Sam Doran <sdoran@redhat.com>
(cherry picked from commit d91658ec0c)
* ansible-galaxy - Fix tar path traversal issue during install - CVE-2020-10691 (#68596)
(cherry picked from commit a20a527014)
* Remove extra tests missing from rebase
* [stable-2.9] Fix missing persistent connection messages (#68496)
* Be more proactive about returning module messages
* Move message display to a function, and replace handling already in shutdown().
(cherry picked from commit 5f6427b1fc)
Co-authored-by: Nathaniel Case <ncase@redhat.com>
* Add changelog
* Updated nxos_lacp tests to handle platforms not supporting lacp system mac command
* nxos_lacp: addressing comments
* nxos_lacp: Updating image tag search to include more tags
(cherry picked from commit 00193f27eb)
Add changelog for nxos_lacp fix
* Fix colorization to not extend across newline boundary
* Fix unit test to look for the newline outside the coloration
* Add changelog fragment
(cherry picked from commit 2068131589)
* Always set the discovered interpreter on the delegated host. Fixes#63180
* Make code a little more generic
* Move code into a function
* Implement some changes based on reviews
* Add changelog fragment
(cherry picked from commit 123c624)
Co-authored-by: Matt Martz <matt@sivel.net>
Fixed sphinx theme to navigate "Edit on Github" link to locate correct
plugin, cli source in GitHub repo.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 2728c2476e)
* also consolidated temp dir name generation, added pid for more 'uniqness'
* generalize error message
* added notes about remote expansion
CVE-2020-1733
fixes#67791
(cherry picked from commit 8077d8e401)
* Actually inspect the paths and prevent escape
* Add integration tests
* Generate zip files for use in integration test
* Adjust error message
(cherry picked from commit d30c57ab22)
* Update tests to use RHEL 7.8.
Keeping support for RHEL 7.6 since collections are still using it.
* Fix tests for RHEL 7.7+ due to extras repo name change..
(cherry picked from commit 04edd77c42)
Co-authored-by: Matt Clay <mclay@redhat.com>
* add changelog fragment
Signed-off-by: Rick Elrod <rick@elrod.me>
* Update changelogs/fragments/ansible-test-opensuse-15.1.yml
Co-Authored-By: Matt Clay <matt@mystile.com>
* Update docker.txt to use the OpenSUSE 15.1 container image
Signed-off-by: Rick Elrod <rick@elrod.me>
* handle installing mysql on suse
Signed-off-by: Rick Elrod <rick@elrod.me>
* attempt to get tests passing again
Signed-off-by: Rick Elrod <rick@elrod.me>
Co-authored-by: Matt Clay <matt@mystile.com>
* galaxy - preserve mode properly on artifact (#68418)
* galaxy - preserve mode properly on artifact
* Fix py2 encoding issue
* Update lib/ansible/galaxy/collection.py
Co-Authored-By: Matt Clay <matt@mystile.com>
* Use sane defaults instead of sourcing from tarfile
Co-authored-by: Matt Clay <matt@mystile.com>
(cherry picked from commit 127d54b363)
* added mode to dir creation that was missed in backport
wording in examples changed ios to eos (#66131)
wrong module was used in examples: should be eos_vlans not ios_vlans
(cherry picked from commit 506e2da0ff)
Add changelog for eos_vlans docs fix
Co-authored-by: qoreQyaS <github@gucke.net>
* Fix KeyError for iSCSI parameters (#67463)
The required parameters for the LUN mapping for destination LUN is
address, port and iqn. However if the user doesn't pass parameters
like CHAP authentication parameters, we will get KeyError. The patch
fixes the same.
* add changelog
Co-authored-by: Nijin Ashok <nashok@redhat.com>
Use hostnamectl command to get current hostname for host while using
systemd strategy.
Fixes: #67661
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 53aa258d78)
* Fix implicit string - only looked right because of the vault __repr__
* Add tests for strings and implicit strings
(cherry picked from commit 8eb00dd14c)
* Run modules on windows container
This provides an ability to run Powershell modules on windows container via docker connection. Otherwise, Ansible tries to run python modules on windows containers and fails.
* Removing whitespace in the blank lines
* Adding a changelog fragment
(cherry picked from commit e0eee3c37e)
Co-authored-by: Ruheena Ansari <ruheena0105@tamu.edu>
To make use of the port_security_enabled [a] and mtu [b] parameters,
[c] and [d] need to be present in the openstacksdk or the os_network
module with return an error like:
TypeError: create_network() got an unexpected keyword argument 'port_security_enabled'
or:
TypeError: create_network() got an unexpected keyword argument 'mtu'
To handle this, we fail the module if one of the arguments are used
and the minimum openstacksdk version for that argument is not met.
[a] eaf238b033
[b] c6a8e99d34
[c] 8eb788af07
[d] a1fc820a2f
Backport-of: https://review.opendev.org/708119
Fixes: https://github.com/ansible/ansible/issues/62062
Change-Id: I2b80dc721a08bbdb530af3705ae99cf1b579d9f0
* ansible-galaxy - optimise some paths and use fake galaxy int tests (#67685)
* ansible-galaxy - optimise some paths and use fake galaxy int tests
* Added init, built, and publish tests
* Test against both mocked Galaxy and AH server
* Finish off writing the install tests
* Fix up broken tests
* Rename test target and add migrated tests
* Use cloud provider for Galaxy implementation
* Added blank static config
* Use correct alias group
* Set release version and fix copy typo
* Remove reset step as it is no longer needed
* Use sane env var names for test container name
(cherry picked from commit 26129fcb80)
* Use --api-key and not --token
* Set fallaxy tests as a smoketest
(cherry picked from commit b241c021b7)
* Refactor net_base action plugin to invoke platform
action plugin with implementation module name updated
in the new task copy.
(cherry picked from commit 0d85ab1fe3)
As AnsibleModule._log_invocation is currently implemented, any parameter
with a name that matches PASSWORD_MATCH triggers the no_log warning as a
precaution against parameters that may contain sensitive data, but have not
been marked as sensitive by the module author.
This patch would allow module authors to explicitly mark the aforementioned
parameters as not sensitive thereby bypassing an erroneous warning message,
while still catching parameters which have not been marked at all by the
author.
Adds tests for various no_log states including True, False, and None (as
extracted by AnsibleModule._log_invocation) when applied to an argument with
a name that matches PASSWORD_MATCH.
Fixes: #49465#64656
(cherry picked from commit 3ca4580cb4)
* ansible-test - add constraint for virtualenv
* Limit virtualenv only on macOS.
Co-authored-by: Matt Clay <matt@mystile.com>
(cherry picked from commit 8f296a6533)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* nxos_interfaces: RMB state fixes
* shippable fixes
* Add add'l comments per review
* fix long line
* Fix mode/enabled system defaults handling
* fix N3L test skips
* lint
* test updates for titanium images
* doc fix
(cherry picked from commit d72025be75)
Add changelog for nxos_interfaces fix
Co-authored-by: Chris Van Heuveln <cvanheuv@cisco.com>
self._discovered_interpreter_key is None unless a previous iteration
has attempted discovery. In that case, force re-discovery, as the
previous attempt certainly failed.
(cherry picked from commit fd954a9c5c)
* Forgot to pass backend.
* Add changelog.
* Pass on backend from get_fingerprint.
* Handle cryptography backend in get_fingerprint.
(cherry picked from commit a0e5e2e4c5)
With the addition of [a], the minimum openstacksdk version needs to
be bumped to include [b], or the os_network module will return the
error:
TypeError: create_network() got an unexpected keyword argument 'dns_domain'
To handle this, we fail the module if the dns_domain argument is used
and the minimum openstacksdk version for that argument is not met.
[a] 6c74e29618
[b] a3e846e2b9Fixes: #64495Fixes: #64841
* Fixes#66478
* When no quantity is set, then candlepin server usually uses
default value 1. When more quantities are required, then
candlepin server can automatically choose correct minimal
value.
(cherry picked from commit 6f1bb37feb)
Redact GitLab Project variables which might include sensetive information
such as password, api_keys and other project related details.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 84b68aa05f)
* Update user module to support no_log=False. (#66219)
Updates the user module to support pull request #64733. Neither the
update_password or password_lock field contains sensitive information, so
mark them as such.
(cherry picked from commit 40394ed671)
* Backport PR #66219 to support PR #64733
Backport PR #66219 to support the backport of PR #64733
(see: https://github.com/ansible/ansible/pull/66219).
* Delete backport-66219-update-user-module-for-64733.yml
* Update 66219-update-user-module-for-64733.yml
Co-authored-by: Matt Davis <nitzmahone@users.noreply.github.com>
* pmrun - quote success command (#66929)
* Recreate the older behavior where the entire success command was quoted
* Use shlex_quote for a correct fix of this
* Add changelog fragment
(cherry picked from commit fd8eb77cc3)
* Backport of 66929-pmrun-quote-entire-success-command-string
* Update changelog fragment
* Delete 66929-pmrun-quote-entire-success-command-string.yml
Unclear from docs, but this is the devel fragment so removing.
* Update changelog
* Make banner detection non-greedy in ios_banner (#63092)
* Make banner detection non-greedy in ios_banner
* Added ios_banner unit test to detect bug #63091
* Corrected PEP8 errors
* Added integration test
* Corrected typo in integration test
(cherry picked from commit 01a92f0191)
* Added changelog fragment
* Update 66274-ios_banner_nongreedy.yml
Co-authored-by: kalimsshar <34369784+kalimsshar@users.noreply.github.com>
Co-authored-by: Matt Davis <nitzmahone@users.noreply.github.com>
* ovirt_job: add when job is detected but in state finished (#66810)
* ovirt_job: add when job is detected but in state finished
* add docs
* add changelog
* Fix#63077
If the package is already installed the stdout is not as expected by this function. Either remove `--needed` or just noop if we detect pacman returning. We cannot match the stdout string, as that is most likely localized.
```
[root@archBook user]# /usr/bin/pacman --upgrade --noconfirm --noprogressbar --needed /srv/aur/src/i3cat-git/i3cat-git-r38.c6d29dd-1-x86_64.pkg.tar.xz
loading packages...
warning: i3cat-git-r38.c6d29dd-1 is up to date -- skipping
there is nothing to do
```
* Add comment
Add comment
* Add changelog fragment.
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 14b1febf64)
Co-authored-by: Klaus Frank <agowa338@users.noreply.github.com>
Add integration test
There are a number of other parameters that result in stack traces as well when this module is used ad-hoc. I'm not sure if we're interested in fixing them all since this module isn't meant to be run ad-hoc.
(cherry picked from commit cc2376b782)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* throttle tests: fix detection of parallel execution
The test wasn't able to detect if too many workers were running.
On my laptop:
- without this change, the 'throttle' target takes ~20 seconds
- with this change, the 'throttle' target takes ~70 seconds
- 1 second isn't long enough to encounter the issue
* Fix throttle test when strategy is 'free' based
'free' strategy allows multiple tasks to be executed in parallel: use
one 'throttledir' per task.
Use 'linear' strategy with a dedicated play for cleanup/setup tasks
* throttle: reset worker idx before queuing a new task
* TestStrategyBase: define task.throttle
otherwise '1' will be used instead of the default value due to the
following expression being equal to '1':
int(templar.template(task_mock.throttle))
Co-authored-by: James Cammarata <jimi@sngx.net>
(cherry picked from commit bbbdc1c25c)
* Fix fact gathering for sensor-groups (#66439)
(cherry picked from commit 5c158755fc)
Add changelog for nxos_telemetry fix
* Update 66439_fix_nxos_telemetry_facts.yaml
Co-authored-by: Mike Wiebe <mwiebe@cisco.com>
Co-authored-by: Matt Davis <nitzmahone@users.noreply.github.com>
On Python 2, leave all fds open since there is no mechanism to close specific fds with subprocess.Popen() on Python 2
Add unit tests.
Co-authored-by: Matt Martz <matt@sivel.net>
(cherry picked from commit 617fbad743)
Co-authored-by: Sam Doran <sdoran@redhat.com>
Fixes#66263
Signed-off-by: Adam Miller <admiller@redhat.com>
(cherry picked from commit 077a8b4898)
Co-authored-by: Adam Miller <admiller@redhat.com>
Co-authored-by: Adam Miller <admiller@redhat.com>
* Add integration tests
* Handle error in _get_diff_data()
* Change to warning rather than error
* Also change failure to warning in assemble action plugin
(cherry picked from commit 9b7198d25e)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* Add constraint for Jinja2 on Python 2.6.
* Fix constraint in inventory_aws_conformance test.
* Add constrraints for template_jinja2_latest test.
(cherry picked from commit 965854fbd2)
Co-authored-by: Matt Clay <matt@mystile.com>
Fixes#66549
The inefficiency improvement
https://github.com/ansible/ansible/pull/63713 introduced a bug where
`enablerepo` was not being honored if combined with
`disablerepo="*"`. This fixes that issue.
Signed-off-by: Adam Miller <admiller@redhat.com>
(cherry picked from commit 22fe22f796)
Co-authored-by: Adam Miller <admiller@redhat.com>
Co-authored-by: Adam Miller <admiller@redhat.com>
* Add test constraint for setuptools.
* Update pip test to work on centos6 container.
(cherry picked from commit 51e5b714e0)
Co-authored-by: Matt Clay <matt@mystile.com>
* Fix iosxr netconf plugin get device info
Fixes https://github.com/ansible/ansible/issues/64634
* Catch execption if the xml payload to get
device info is not valid for iosxr version
running on remote host.
* Fix CI issue
(cherry picked from commit 3919a891c2)
* Fix netconf plugin related to collections
Fixes#65655 (partly)
* Make netconf plugins configurable so that the
information of ncclient device handler
for give platform resides in the platform
specific netconf plugin.
* If the device handler value in ncclient is
different from the ansible_network_os value
the right value of `ncclient_device_handler`
should be set in the plugin documentation.
* Fix review comments
* Fix CI issue
* Fix review comment
(cherry picked from commit 1cfab26fab)
Fix to nxos_vrf purge breaks with empty aggregate (#66004)
* resolving conflicts
* fixed issue with purge and state var. fixed space issue with vrf name
* lint issues
(cherry picked from commit a3d67edfca)
Add changelog for nxos_vrf fix
* Fix network action plugin load in collection
Fixes https://github.com/ansible/ansible/issues/65071
* Load network action plugin that matches the module
prefix name from list of collections.
* Update changelog
* Fix unit test
(cherry picked from commit 74e9b1e219)
pacman output is localized and the Ansible module is parsing its output.
So, we need to force the locale.
Add changelog fragment
Fixes#65237
(cherry picked from commit 10b6038e21)
* yum - only instantiate YumBase once
Previously, this code was re-instantiating the `YumBase` object
many times which is unnecessary and slow. However, we must do it
twice in the `state: absent` case because the `yumSack` and
`rpmSack` data of the previously instantiated object becomes
invalid and is no longer useful post transaction when we verify
that the package removal did in fact take place. Also, this patch
removes the repetitive re-processing of enable/disable of repos in
various places.
Here's a display of the speed increase against a RHEL7 host:
```yaml
- hosts: rhel7
remote_user: root
tasks:
- name: Install generic packages
yum:
state: present
name:
- iptraf-ng
- screen
- erlang
- name: Remove generic packages
yum:
state: absent
name:
- iptraf-ng
- screen
- erlang
```
Before this patch:
```
real 0m52.728s
user 0m5.645s
sys 0m0.482s
```
After this patch:
```
real 0m17.139s
user 0m3.238s
sys 0m0.277s
```
Fixes#63588Fixes#63551
Signed-off-by: Adam Miller <admiller@redhat.com>
* add changelog
Signed-off-by: Adam Miller <admiller@redhat.com>
* Allow updating of ec2_group rules with EC2 classic ELB targets
Fix regression introduced in #45296 with EC2 Classic SGs
Fixes: #57247
Also add (unsupported) ec2 classic test suite with test case for this scenario
* move ec2 classic tests to conditional within ec2_group target
* clean up ec2_classic tests
* ec2_classic account can't run most ec2_group tests
* Use correct var, move cleanup for async
* Add changelog and tests. Fixes#65393. Fixes#65277.
* Kill off all long running async tasks from listen_ports_facts
* Update task to work with older jinja2
(cherry picked from commit 03a4edb)
Co-authored-by: Matt Martz <matt@sivel.net>
* Simply sorting of Windows files below other plugin types
Using the sort method with a custom key function uses less memory than creating multiple lists then joining them.
This seemed to be an acceptable use of a lamdba, even though I geneally try to avoid them.
* Fix sorting of plugins inside of collections
Explicitly sort Windows files below others, mimicking what we do in plugin/loader.py
* Add documentation about ansible.builtin and ansible.legacy
Also document to the two different methods used for searching based on the candidate type.
* Add changelog
* Add integration test
* Update comment with expected sort order
(cherry picked from commit 6f76a48f59)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* Add aws elb multiple host header support (#65021)
* Add support for aws elbv2 multiple host header actions
* Add example of multiple host header
* Add test for multiple host headers
* Add missing quote
* Update test/integration/targets/elb_application_lb/tasks/test_modifying_alb_listeners.yml
Co-Authored-By: Jill R <4121322+jillr@users.noreply.github.com>
* Update test/integration/targets/elb_application_lb/tasks/test_modifying_alb_listeners.yml
Co-Authored-By: Jill R <4121322+jillr@users.noreply.github.com>
* Remove debug statements
(cherry picked from commit d52af75c68)
* elbv2 - print() statement results an task failure, even if the task itself was successfull (#65183)
(cherry picked from commit cba9abcbec)
* Add changelog fragment.
* Update changelogs/fragments/65021-65183-elb-bugs.yml
* Force values to be sorted when compared. (#65315)
* Force values to be sorted when compared.
This avoids problems where lists of values could be generated in
indeterminate order.
* Update lib/ansible/module_utils/aws/elbv2.py
Thank you felixfontein, sorry I missed this detail.
Co-Authored-By: Felix Fontein <felix@fontein.de>
(cherry picked from commit 777b6d3e30)
* Update changelog.
Co-authored-by: Michael Mayer <mjmayer@gmail.com>
Co-authored-by: Markus Bergholz <markuman@gmail.com>
Co-authored-by: roberbri <roberbri@cisco.com>
* Fix RuntimeError in ec2_group_info (#65434)
Modifying dictionary while iterating over it
* Fix ec2 filter dict iteration for python3.8 (#65521)
Python now throws a RuntimeError if dict keys are modified mid-iteration.
https://bugs.python.org/issue36452
Cast filter dicts to list before iteration.
Fixes: 65024
Related: 65434
* Backport of 65434, 65521 to address ec2 filter dictionary iteration on Py3.8
https://bugs.python.org/issue36452
* spell changelog entry correctly
Co-authored-by: Aaryn <10469251+arin-c@users.noreply.github.com>
* The become method name check is not required in network_cli
as the become command is specific to platform and is implemented
in the platform specific terminal plugins
(cherry picked from commit ff5253fa0e)
* Fix action plugin issue with network connection type in common collection (#65078)
* Fix action plugin isse with network connection type in common collection
* For network connection in common collection the value of
ansible_connection is the FQCN of the connection type
For example ansible_connection=network.common.network_cli
* Add fix in supported network action plugins to extract
the connection name from FQCN
* Fix CI issue
* Fix review comments and update community network action plugins
(cherry picked from commit 2ef47148cd)
* Fix CI failures
* mysql: add changelog fragment for PR 64585 (#65594)
* mysql: add changelog fragment for PR 64585
* change fragment name and bug description
(cherry picked from commit 85486b1ce4)
* Don't return module error when mysql_connect fails (#64560) (#64585)
* Don't return module error when mysql_connect fails (#64560)
mysql_user expects an Exception when using check_implicit_admin.
* Adds integration tests for mysql_user check_implicit_admin (#64560)
(cherry picked from commit 47aea84924)
* remove tests
Co-authored-by: Jürgen Hötzel <juergen@hoetzel.info>
self._get_user_property returns a string, so when doing a comparison
using this value, cast the second variable to a string so that the
comparison behaves correctly
* Add changelog
* Add to_text import
* Add integration test.
(cherry picked from commit c73288ad53)
Co-authored-by: John Chen <kryptonite303@users.noreply.github.com>
* Make docker_stack adhere to standard return values
The names of the various fields returned from ansible modules are e.g defined here https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#msg.
Adhering to this improves usability and makes use of functionality for e.g stdout_lines etc.
* Update lib/ansible/modules/cloud/docker/docker_stack.py
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Fix under-indentation of continuation line (pep8)
Issue exposed in test here https://app.shippable.com/github/ansible/ansible/runs/146667/1/console
* Don't break old playbooks/roles
Made sure the changes are only adding new variables, not removing anything existing yet.
* Added comment
* Minor fixes
* Update lib/ansible/modules/cloud/docker/docker_stack.py
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Update lib/ansible/modules/cloud/docker/docker_stack.py
Co-Authored-By: Felix Fontein <felix@fontein.de>
* minor change to docker_stack.py
* Add changelog fragment for PR 63467
* Format changelog fragment
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Add fragment about docker_stack return val depr
* Add docker_stack doc note about deprecated vals
* Remove whitespace in empty line
* Add docker_stack depr notice to porting guide
* Update changelogs/fragments/63467-docker-stack-return-fix.yml
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Update docs/docsite/rst/porting_guides/porting_guide_2.10.rst
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Update lib/ansible/modules/cloud/docker/docker_stack.py
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Added back a missing new line
(cherry picked from commit a5d69f2a26)
* Ensure `allow_duplicates: true` enables to run single role multiple times(#64902)
* Changed return value in `_load_roles` . Fixes#64902
* Add changelog fragment
* Add an integration test for the issue
* Fix changelog generation error and integration test.
* Fix yaml syntax error in changelog fragment
(cherry picked from commit daecbb9bf0)
* Fix multiple subnet (of same IP version) idempotence for docker_network.
* Add changelog.
* Unit tests no longer make sense, since the part of the code they test has been removed.
* Re-add CIDR validation. Move it to better position (module setup instead of idempotence check).
* Update changelog.
* Only run new tests on VM test images.
* Actually do what is documented. Especially since an empty object is a valid value for aux_addresses.
(cherry picked from commit 17ef253ad1)
* #65993 - update restart policy (restart policy & restart retries) without restarting the container
* - proper indentation on the continuation-line
- set restart_policy to the correct value independent from the api version
* - move restart_policy definitions into the if block
- add a new variable for the restart_policy configuration value
* add changelog fragment
* typo; minus -> underscore
* rename changelog fragment to contain the correct module name
* rename restart_policy_config_value to just restart_policy and refer to the correct dict values
(cherry picked from commit 02c126f5ee)
* docker_container: wait for removal if removal is in process (#65854)
* Allow to inspect containers directly.
* Wait for containers to be removed before recreating them.
* Also wait for containers to be removed before creating them.
* Add changelog.
(cherry picked from commit 4df5bdb11e)
* Don't wait for removal during check mode. (#66145)
(cherry picked from commit 14e32c85b4)
Although it's not enforced that fail_json['msg'] should be a string
[1], I think it is pretty strongly implied.
In this case the failure_response['msg'] is sent through as the
fail_json['msg'], and the trailing commas here turn it into a tuple.
It's not clear if this is a typo or intended, but it does cause
problems for callbacks that expect this as a string (e.g. [2]).
Since there seems no point to having these values as a tuple, remove
the trailing commas so they return a string as per everywhere else.
[1] 4c589661c2/lib/ansible/module_utils/basic.py (L2078)
[2] https://review.opendev.org/#/c/696081
(cherry picked from commit fc54ae9227)
Since older versions of paramiko do not require cryptography,
we cannot catch the exact exception from cryptography.
Remove other exceptions since we're catching everything now
(cherry picked from commit d35c1a435b)
Co-authored-by: Sam Doran <sdoran@redhat.com>
The check for this parameter was missing from BusyBox.modify_user(), resulting in unexpected password changes to existing user accounts.
(cherry picked from commit 18130e1419)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* Parse Healthcheck.StartPeriod properly
* Add changelog fragment
* Use proper markup in changelog
Co-Authored-By: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit f31b8e08b2)
* Fix nxos_file_copy option value path validation (#65423)
* Fix nxos_file_copy option value path validation
* Modify `local_file`, `local_file_directory` and
`remote_file` option type from `str` to `path`
so that the option value is validated in Ansible
for a legitimate path value
* Fix review comments
(cherry picked from commit 88008badb1)
* Fix review comments
CVE-2019-14904 - solaris_zone module accepts zone name and performs actions related to that.
However, there is no user input validation done while performing actions.
A malicious user could provide a crafted zone name which allows executing commands
into the server manipulating the module behaviour.
Adding user input validation as per Solaris Zone documentation fixes this issue.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 7d2ae7e322)
* DNF Handle Empty AppStream stream definition
Fixes#63683
Signed-off-by: Adam Miller <admiller@redhat.com>
* Switch Fedora dnf test target modularity to stratis
In Fedora 29, the metadata was not properly set for a default stream
for ripgrep even though there is a profile called "default", however
that's an arbitrary string and the module maintainer must set the
default stream (which it never was for the ripgrep module, thus
failing the "empty stream" install test)
Signed-off-by: Adam Miller <admiller@redhat.com>
(cherry picked from commit ed86907587)
Co-authored-by: Adam Miller <admiller@redhat.com>
* fix all modules to be able to get parameter with value false (very important fix) (#65040)
* add import of future and __metaclass__
* fix all modules to be able to get parameter with value false (very importent fix)
* Update ignore.txt
(cherry picked from commit b1e6667664)
* Update ignore.txt
* Create 65043-enable-parameter-value-to-be-false.yaml
* Update 65043-enable-parameter-value-to-be-false.yaml
* renamed module tls client auth params to avoid overlaping with fetch_url (#59522)
* renamed module tls client auth parameters to avoid overlaping with ansible fetch_url
* added version_added info for params
* Updated version_added
Updated version_added info from 2.9 to 2.10
* Update pulp_repo.py
removed version_added for renamed params
* Apply suggestions from code review
added ca_cert alias and 'version_added'
Co-Authored-By: Mark Chappell <mchappel@redhat.com>
* Apply suggestions from code review
added old behavior for client_cert and client_key which will deprecate in 2.14
Co-Authored-By: Mark Chappell <mchappel@redhat.com>
* Update pulp_repo.py
fix for linting error ansibot is complaining
* added changelog fragment for 59522
* Apply suggestions from code review
more informative depreciation warning and changelog fragment
Co-Authored-By: Felix Fontein <felix@fontein.de>
* added mention for changes in client_key and client_cert behavior
* fixed too long line (linting)
* deprecated ca_cert alias to have consistent module params in Ansible 2.14
* fixed indentation for deprecation warning
* changed deprecated alias handling to argument_spec
* moved deprecated_aliases insied argument dict, thanks tremble
* suggestions from felixfontein
Move doc info about client_cert and client_key into its own paragraph
Co-Authored-By: Felix Fontein <felix@fontein.de>
(cherry picked from commit 1e59017d27)
* 2.10 -> 2.9.2
* * Adjust messages.
* Fix one more.
(cherry picked from commit d1c58bc942)
* [stable-2.9] Do not treat AnsibleUndefined as being unsafe (#65202)
* Do not treat AnsibleUndefined as being unsafe. Fixes#65198
* fix yaml formatting.
(cherry picked from commit b08e7daf46)
Co-authored-by: Matt Martz <matt@sivel.net>
* Linting fix
* additional linting fix
* fix module that it reports the correct status of a change
(cherry picked from commit 2028734ac3)
* postgresql_privs - fix sort comparison (#65125)
The result of .sort() is None, not the sorted object. The comparison was comparing the result of the .sort() method and not the sorted values.
(cherry picked from commit 426e37ea92)
Lookup 'first_found' returns empty list which results in
raw_params checking. Check NoneType for 'raw_params' before
proceeding.
Fixes: #64939
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 8d0c2cd4d5)
Dmitriy Rabotyagov