Commit Graph

538 Commits (f8e29c81f13df3bc04e98bead22070e6df82bc44)

Author SHA1 Message Date
Zim Kalinowski 3929cfea85 merged change 6 years ago
Zim Kalinowski e531356d07 Backport/2.7/50120 (#52444)
* fixed crash in facts (#50120)

(cherry picked from commit 756ad176cc)

* added changelog
6 years ago
Alan Rominger b159fc38ce Send openstack inventory logs to stderr (#51827) 6 years ago
Martin Krizek 7fb1549152 Native Jinja2: raise undefined error immediately (#52237)
Fixes #52158

(cherry picked from commit 50d7483632)
6 years ago
T. Ichikawa dc3b7aebd6 Backport/2.7/51548 - Properly handle unauthenticated yum proxy config (#52245)
* Properly handle unauthenticated yum proxy config (#51915)

Fixes #51548

Signed-off-by: Adam Miller <admiller@redhat.com>
(cherry picked from commit 2721ed260e)

* Fix: Yum module does not use proxy when username is not set #51548 (#51994)

* add test of yum with proxy

* Properly handle unauthenticated yum proxy config

Fixes #51548

* shell executable is bash

(cherry picked from commit c2a409a9e0)
6 years ago
Simon Westphahl b97caade8a Backport: Raise AnsibleConnectionError on winrm connnection errors (#52227)
* Raise AnsibleConnectionError on winrm con errors

Currently all uncaught exceptions of the requests library that is used
in winrm will lead to an "Unexpected failure during module execution".

Instead of letting all exceptions bubble up we catch the connection
related errors (inkl. timeouts) and re-raise them as
AnsibleConnectionError so Ansible will mark the host as unreachable and
exit with the correct return code.

This is especially important for Zuul (https://zuul-ci.org) to
distinguish between failures and connection/host related errors.

* Update lib/ansible/plugins/connection/winrm.py

Co-Authored-By: westphahl <westphahl@gmail.com>

* Add changelog fragment
6 years ago
Wojciech Sciesinski b7b4182bbd Install the NuGet package provider if needed (#52129)
* Install the NuGet package provider if needed

* Add the changelog fragment file
6 years ago
Matt Martz 396a2f7471 [stable-2.7] Disallow use of remote home directories containing .. in their path (CVE-2019-3828) (#52133) (#52173)
* Disallow use of remote home directories containing .. in their path

* Add CVE to changelog
(cherry picked from commit b34d141)

Co-authored-by: Matt Martz <matt@sivel.net>
6 years ago
Bill Dodd 7918323832 Backport/2.7/51764 (#52126)
* Update GetBiosBootOrder to use standard spec resources (#51764)

* update GetBiosBootOrder to use standard spec resources

* handle case where BootOrder is present but BootOptions is missing

(cherry picked from commit e0538610bf)

* add changelog fragment and fix merge issue
6 years ago
Felix Fontein 6438ab2c46 ufw: check values for direction depending on situation (#50402)
* Check values of 'direction'.

* Add changelog.

* Update lib/ansible/modules/system/ufw.py

Co-Authored-By: felixfontein <felix@fontein.de>

* Update lib/ansible/modules/system/ufw.py

(cherry picked from commit 4d3d8dd60f)
6 years ago
Jordan Borean cc5088c9e1 win become - fix token elevation issues
This is an implementation of 8bffcf8e50
that was done in the PR https://github.com/ansible/ansible/pull/48082 to devel.
The changes have been manually brought across to the the stable-2.7 branch as it
cannot be cleanly cherry picked due to the substantial differences in become
between these versions.

Currently we impersonate the `SYSTEM` token in order to elevate our become
process with the highest privileges it has available but there are some edge
cases where the first `SYSTEM` token we come across doesn't have the
`SeTcbPrivilege` which is required for the above. This PR adds a further check
in the search for a `SYSTEM` token to make sure it has the `SeTcbPrivilege`
before continuing.
6 years ago
Bill Dodd 7f33c7def5 Backport/2.7/51028 (#52048)
* get standard properties for each firmware entry (#51028)


(cherry picked from commit 63f7536594)

* add changelog fragment
6 years ago
Felix Fontein c3271befda Prevent bug in 'ufw --dry-run reset' to delete firewall rules. 6 years ago
Felix Fontein 0093b69935 openssl_csr: ignore empty strings in altnames (#51473)
* Ignore empty strings in altnames.

* Add changelog.

* Add idempotence check without SAN.

* Fix bug in cryptography backend.

(cherry picked from commit 9b1cbcf3a4)
6 years ago
Viktor Utkin e7e47ca1fc [Backport 2.7] spot instance request stay opened when module exit with timeout
Fixes: #51534

* set valid_until equal to current time + spot_wait_timeout
* add setting ValidUntil to  value
* add changelog fragment
* fix shebang issue

(cherry picked from commit d40f0313e2)
6 years ago
Nathaniel Case df359e036c [stable-2.7] ios retry config if section filter fails (#49485) (#51871)
* [stable-2.7] ios retry config if section filter fails (#49485)

* Attempt to work around devices that don't understand | section

* Fix case of no flags
(cherry picked from commit 6caed0c)

Co-authored-by: Nathaniel Case <this.is@nathanielca.se>

* Add changelog
6 years ago
fboux0 aa73f8ea3c Backport/2.7/46478 - haproxy - fixes naming collision (#51822)
* fix drain mode 'bool' (#30833) (#46478)


(cherry picked from commit 4376417743)

* Create 46478-haproxy-fix-drain-mode.yaml
6 years ago
Martin Krizek 1492f46d78 yum: disableexcludes is supported on centos6 (#51698)
(cherry picked from commit 33b07f322c)
6 years ago
Felix Fontein a200cfb07f acme_challenge_cert_helper: fix bad module.fail_json() call (#51795)
* Fix bad module.fail_json() call.

* Add changelog.

(cherry picked from commit c9b08db979)
6 years ago
Jordan Borean 718e011168 psrp - do not display bootstrap wrapper for eachach task (#51779)
(cherry picked from commit 146a89b612)
6 years ago
Elijah DeLee fe79534415 Backport aws ec2 missing region discovery (#51626)
* aws_ec2 Implement the missing 'region discovery' (#51333)

* aws_ec2 Implement the missing 'region discovery'

  fixes #45288

  tries to use api as documented (which seems to fail in latest boto3 versions)
  and fallback to boto3 'hardcoded' list of regions

* fixes and cleanup, add error for worst case scenario

* fix tests, remove more unused code

* add load_name

* acually load the plugin

* set plugin as required

* reverted test changes, removed options tests

* fixes as per feedback and cleanup

* Allow default regions list to use flexible credential types
6 years ago
Toshio Kuratomi 11a2bafa21 New release v2.7.7 6 years ago
Brian Coca 7589d496fc remove default from delegate_facts to inherit (#45492) (#51553)
* remove default from delegate_facts to inherit (#45492)

* remove default from delegate_facts to inherit

fixes #45456

* test delegate_facts

* added note about inheritance and defaults

* yamllint

(cherry picked from commit 8743e6ae2e)

* added changelog
6 years ago
Andrea Tartaglia d064534df6 Added description to single net interface (#51602)
* Added description to single net interface

* ec2_instance single iface description changelog

(cherry picked from commit b8790abcbe)
6 years ago
Sumit Jaiswal 483aa64216 Fixes issue where uppercase named A_Record delete was getting skipped (#51592)
* Fixes issue where uppercase named A_Record delete was getting skipped (#51539)

* fixes 51193

Signed-off-by: Sumit Jaiswal <sjaiswal@redhat.com>

* fixes 51193

Signed-off-by: Sumit Jaiswal <sjaiswal@redhat.com>

* fixes 51193

Signed-off-by: Sumit Jaiswal <sjaiswal@redhat.com>
(cherry picked from commit 15cef845ca)

* shippable fix

Signed-off-by: Sumit Jaiswal <sjaiswal@redhat.com>
6 years ago
chronidev 22c4745b96 Add coherency between check and normal mode for copy plugin action see issue #24633 (#51582)
* Add coherency between check and normal mode see issue #24633

* Add changelog fragment for the PR

* Make change following PR comment

* Remove trailing whitespace

(cherry picked from commit 240d1a6afb)
6 years ago
Jordan Borean 9168e6844a win_power_plan: fix for Windows 10 and Server 2008 compatibility (#51471)
(cherry picked from commit f27078df52)
6 years ago
Fabian von Feilitzsch ce033c6762 [k8s] Always check envvars when auth parameter is not provided (#51495)
* Always check envvars when auth parameter is not provided

This will make it so that all code using the get_api_client
method will make use of the environment variables, instead of
silently ignoring them if default values haven't been set. This
affects at least the k8s lookup plugin.

* Add changelog

(cherry picked from commit 0be66113d4)
6 years ago
Brian Coca 3bf030ddcc Handle complex quoting in extra args in pull cli (#50212)
* added proper testing

fixes #40729

(cherry picked from commit b6824669df)
(cherry picked from commit e010034151)
6 years ago
Ganesh Nalawade 97a3e4acc0 Allow check_mode with supports_generate_diff capability in cli_config (#51384)
* If network cliconf support `supports_generate_diff` in
  that case diff between running and cnadidate config
  is generated within Ansible and if check_mode is enabled
  in that case return only diff without actually invoking
  edit_config()

(cherry picked from commit 8f5cd049d6)
6 years ago
Dag Wieers 0d5f083a52 aci_aaa_user: Fix changing user description
This fixes a reported problem with the aci_aaa_user module.
6 years ago
Felix Fontein 51cd9c991b [2.7] docker_swarm_service: Fix endpoint mode idempotency (#51370)
* docker_swarm_service: Fix endpoint mode idempotency (#51232)

* Fix endpoint mode idempotency

* Remove newline

(cherry picked from commit ee39853426)

* Add changelog.
6 years ago
Matt Davis f759b5463b Backport #47219 fixes Python 3.7 bugs
* Resolve invalid-unary-operand-type.

* Resolve stop-iteration-return.

(cherry-picked from c24c19594e)
6 years ago
Sam Doran 44d7c1e23e [stable-2.7] Catch sshpass authentication errors and don't retry multiple times to prevent account lockout (#50776)
* Catch SSH authentication errors and don't retry multiple times to prevent account lock out

Signed-off-by: Sam Doran <sdoran@redhat.com>

* Subclass AnsibleAuthenticationFailure from AnsibleConnectionFailure

Use comparison rather than range() because it's much more efficient.

Signed-off-by: Sam Doran <sdoran@redhat.com>

* Add tests

Signed-off-by: Sam Doran <sdoran@redhat.com>

* Make paramiko_ssh connection plugin behave the same way

Signed-off-by: Sam Doran <sdoran@redhat.com>

* Add changelog

Signed-off-by: Sam Doran <sdoran@redhat.com>.
(cherry picked from commit 9d4c0dc111)

Co-authored-by: Sam Doran <sdoran@redhat.com>
Signed-off-by: Sam Doran <sdoran@redhat.com>
6 years ago
Trishna Guha bb28719541 fix ansible_connect_timeout variable in connection plugins and nxos_install_os timeout check (#51209)
* fix ansible_connect_timeout variable in connection plugins and nxos_install_os timeout check (#50965)

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
(cherry picked from commit a1ea7e430a)

* changelog

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
6 years ago
Jordan Borean 44474bf424 file - allow touch on files not owned by user (#50964)
* file - allow touch on files not owned by user

* use Sentinal value and preserved existing args

* Do no instantiate the Sentinel object

(cherry picked from commit 419727a6da)
6 years ago
Nathaniel Case e828d54675 Redo #50208 on a per-plugin basis 6 years ago
John Nelson e44468738f win_chocolatey: Fix hang on missing/required base env vars (#51154)
* win_chocolatey: Fix crash on missing/required base env vars

* Add changelog fragment

(cherry picked from commit 5540d66747)
6 years ago
aaronk1 b2fbd7fd35 [backport/2.7] Update vmware.py minor typo
"supported added" changed to "support added"

(cherry picked from commit 0d97629e4d)
6 years ago
Jacob Olsen 8f2e6abbcf check for chroot in systemd module (#43904)
* check for result['status'] in systemd module

* instead of checking for result['state'], actually check for chroot and warn

* allow systemctl status to work if in a chroot, update warn text

* simply change warning message


(cherry picked from commit 37960ccc87)
6 years ago
Jordan Borean 970669b70e reboot - Fix connection timeout reset (#51000)
* only reset if we could retrieve the conn timeout

(cherry picked from commit 9fa46e7f94)
6 years ago
Brian Coca 4a89749dd5 Prevent duplicate role insertion into roles: (#50552)
* Corner case in which import_role would add another instance of a role with the same signature into roles: when it already existed there.

  roles:
	- name: a
  tasks:
       - import_role: name=a

  would execute role 'a' 3 times instead of the intended 2 (x2 in roles: phase +1 in tasks:)

* added tests

(cherry picked from commit eca7c3c8c7)
6 years ago
Ryan Conway 41214d4426 Merge pull request #50160 from Rylon/backport/2.7/47213
Fix an issue retrieving some types of 1Password items. (#47213)
6 years ago
Brian Coca 016bc83b58 ensure we have required systemd env var (#50607)
* ensure we have required systemd env var
* add clarification about systemd and user scope

  fixes #50272


(cherry picked from commit a7e81ba500)
6 years ago
Yunge Zhu 9c19df3fd2 fix new inventory azure_rm.py (#50006)
* fix new inventory

* fix lint

* resolve comments

* resolve comments

* add defensive code

* fix response not match handler

* remove useless import

* fix lint

* add changelog

(cherry picked from commit 0f846f39ca)
6 years ago
feranwq f2d4187761 archive: Fix check if archive is created in path to be removed (#29420) (#49444)
* archive: Fix check if archive is created in path to be removed (#29420)

(cherry picked from commit 3a45de4209)

* add changelog
6 years ago
Toshio Kuratomi 1594ccf533 New release v2.7.6 6 years ago
Felix Fontein 8cc23c0802 [2.7] [docker_container] Failing on non-string env values (#50899)
* [docker_container] Failing on non-string env values (#49843)

* [docker_container] Failing on non-string env values

Fixes #49802

* Clarify failure message

Co-Authored-By: DBendit <David@ibendit.com>

* Fixup from review

(cherry picked from commit d62d7176b0)

* Turn fail into warning for 2.7 backport.

* Fix test for backport

The behaviour in the backport is to warn rather than error
6 years ago
Hannes Ljungberg 2730e43e7b docker_swarm_service: Documentation fixes (#50861)
* Describe labels and container_labels correctly

* Clarify reserve_memory and limit_memory docs

* Remove default from container_labels doc

* Remove trailing whitespace

* Document min api version for configs and secrets

* Add changelog fragment

* Specify type on labels and container_labels

* Consolidate required API version descriptions

* Update reserve and limit memory docs

* Use correct power-of-two units

* Remove description about limit_memory minimum 4mb

(cherry picked from commit 644057e9ec)
6 years ago
Dhanuka 361f34b4fe redfish_utils: fix reference to local variable 'systems_service' (#50298)
* fixes issue 50296

* fixes the indentation of the return statement

* Adds a conditional test into `_find_systems_resource()` to check the existence
of the Members of System resource

* updates the error message

* harden the conditional test

* Add a changelog

(cherry picked from commit 94a1d86d70)
6 years ago