Commit Graph

913 Commits (stable)

Author SHA1 Message Date
Alex Willmer 02898d70a4 Merge commit 'd85d9a25ee02bddecf068b888c2d814cc918864c' into release-v0.3.18 3 weeks ago
Alex Willmer d85d9a25ee Prepare v0.3.18 3 weeks ago
Alex Willmer dd41ddf89b ansible_mitogen: Templated become flag
The code change to support this was already made in transport_config.py, as
part of templated become_user support (commit bf6607e27e, PR #1148). This
commit adds tests to confirm the functionality.
3 weeks ago
Alex Willmer e120cd2cae ansible_mitogen: Templated become method 3 weeks ago
Alex Willmer 35cc81b074 Merge commit '6cf6f69751e4533eb4f77d2e277c5989571357a5' into release-v0.3.17 3 weeks ago
Alex Willmer d2db3c3840 Begin v0.3.18dev 3 weeks ago
Alex Willmer 6cf6f69751 Prepare v0.3.17 3 weeks ago
Alex Willmer 905b87b71a tests: Test templated ansible_host_key_checking provided by task vars
missed by #1184
3 weeks ago
Alex Willmer 5ae5bb94ac docs: Changelog entry for templated ansible_host 3 weeks ago
Alex Willmer 9e0dad2a1a ansible_mitogen: Templated SSH host key checking
refs #1083
3 weeks ago
Alex Willmer c7df5c97c1 ansible_mitogen: Templated SSH private key file 3 weeks ago
Alex Willmer 43cc937bc6 CI: Fix incorrect u=r,g=r,o=rw file permissions on mitogen__has_sudo_pubkey.key
The wrong base was used when calculating the mode. So the file became world
readable and writable on a CI runner, until
ansible/integration/ssh/variables.yml happened to correct it near the end of
the integration tests.

I believe this was the only instance.

```console
mitogen git:(issue1182) ✗ ag --python 'int\(.+7\)' . .ci | wc -l
       0
```

fixes #1182
3 weeks ago
Alex Willmer a41a9544eb Merge commit 'd28dd09e23c17d82c3eedd5de64c94bebcf290f5' into release-v0.3.16 3 weeks ago
Alex Willmer 757527635d Begin v0.3.17dev 3 weeks ago
Alex Willmer d28dd09e23 Prepare v0.3.16 3 weeks ago
Alex Willmer 06df62c8b8 CI: Migrated macOS 12 runners to macOS 13, due to EOL.
macOS Python 2.7 jobs have been removed because the macOS 13 image doesn't
include CPython 2.7.
3 weeks ago
Alex Willmer 833e2845e9 ansible_mitogen: Templated ssh executable, templated reset_connection fix
Adding a the tt-ssh-executable test target uncovered an Ansible bug during
`meta: reset_connection` tasks. So this commit includes a workaround for
affected versions of Ansible.
3 weeks ago
Alex Willmer 66ea10d577 ansible_mitogen: Template become command arguments (become_flags)
Uses the same fallback for (mitogen_sudo et al) as become_exe (see #1173).

The new `Spec.become_flags()` is not yet explicitly tested. Note that it
returns a string (matching the Ansible option of the same name), whereas
`Spec.sudo_args()` returns a list.

refs #1083
4 weeks ago
Alex Willmer ec9b3e5c5d ansible_mitogen: Support templated become_exe option
Some ansible_mitogen connection plugins look more like become plugins (e.g.
mitogen_sudo) & use become plugin options. For now there's special handling in
PlayContextSpec._become_option(). Further design/discussion can go in #1173.

Refs #1087.
4 weeks ago
Alex Willmer f4d7385a9c Merge commit '7634e2c' into release-v0.3.15 4 weeks ago
Alex Willmer 26c4c33ad3 Begin 0.3.16dev 4 weeks ago
Alex Willmer 7634e2c469 Prepare v0.3.15 4 weeks ago
Alex Willmer 7e5b064139 ansible_mitogen: Support templated become passwords 4 weeks ago
Alex Willmer 8a34b925a4 tests: Re-enable become/sudo tests, fix them on macOS runners
The tasks in tests/imageprep/_user_accounts.yml that create users did not
specify a primary group for those users - this left the decision to Ansible's
user module, and/or the underlying OS. In Ansible 9+ (ansible-core 2.16+ the
user module defaults to primary group "staff." Earlier don't supply a default,
which releases probably results in a primary group nameed "None" (due to
stringifying the Python singleton of the same name), or whatever the macOS
Directory Services has for no data/NULL.

The invalid GID 4294967295 (MAX_UINT32 == 2**32-1) in the sudo error probably
enters the mix via something similar to sudo CVE-2019-14287.

Fixes #692

See
- https://github.com/ansible/ansible/pull/79999
- https://github.com/ansible/ansible/commit/c69c83c962f987c78af98da0746527df
- https://www.sudo.ws/security/advisories/minus_1_uid/

> Bruce Wayne : [confused]  Am I meant to understand any of that?
> Lucius Fox : Not at all, I just wanted you to know how hard it was.
> -- Batman Begins
4 weeks ago
Alex Willmer cdfaf31ebc ansible_mitogen: Template ssh_*_args connection options
This expands support to setting them in Play scoped variables. Task scoped
variables are also very likely to work, but untested for now.

refs #905
1 month ago
Alex Willmer 9e5d6bfb1b Merge commit 'c4ca015' into release-v0.3.14 1 month ago
Alex Willmer d35ca3e4af Begin 0.3.15.dev 1 month ago
Alex Willmer c4ca015266 Prepare v0.3.14 1 month ago
Alex Willmer bf6607e27e ansible_mitogen: Support templated become_user
This reads the become username from the `become_user` attribute of the play
context, to the `"become_user"` option of the loaded become plugin. This has
been supported by vanilla Ansible since Ansible 2.10 (ansible-base 2.10).

To support this I've also switched from using the `play_context.become` (a
bool), to `connection.become` (an instance of the appropriate) become plugin.

New tests have been added, modelled on those for templated connection
parameters (see #1147, #1153, #1159).

See
- 480b106d65

refs #1083

Co-authored-by: mordek <m.pirog@bonasoft.pl>
1 month ago
Alex Willmer 28e08ef94c ci: Reduce number of Jobs by parameterizing Mitogen Docker SSH tests
This reduces the number of jobs from 48 to 24. The Mitogen part of the test
suite has been parameterized on the Linux container targets to be run against.
Both the Ansible tests & Mitogen tests now use the same source of truth to
control which targets to use: environment variable MITOGEN_TEST_DISTRO_SPECS.
This replaces the two mutually exclusive env vars DISTRO and DISTROS. I've
also removed vestgial traces of an unused env var MITOGEN_TEST_DISTRO.

Parameterization adapted from
https://eli.thegreenplace.net/2014/04/02/dynamically-generating-python-test-cases

refs #1058, #1059
2 months ago
Alex Willmer 37684545e7 Merge commit '8dec03894170353a7588b1414cf88772d330d1f0' into release-0.3.13 2 months ago
Alex Willmer 47e25eb8c5 Begin 0.3.14 development 2 months ago
Alex Willmer 8dec038941 Prepare v0.3.13 2 months ago
Alex Willmer b91407a779 docs: Correct v0.3.12 version in changelog
fixes #1149
2 months ago
Alex Willmer 9cdd51cf5b Declare Python 3.13 support
No code changes needed, that I could find.
2 months ago
Alex Willmer 77a01ff8d6 ansible_mitogen: Support templated SSH port
fixes #978
2 months ago
Joshua K 2c4316fa16
Fix rST whitespace error in changelog entry.
Co-authored-by: Alex Willmer <alex@moreati.org.uk>
2 months ago
Joshua M. Keyes 6053e1b5cf ansible_mitogen: Handle templated ansible_ssh_user. 2 months ago
Alex Willmer 1773c9aba6 trivia: Fix trailing whitespace 2 months ago
Alex Willmer 9f0566b522 docs: Changelog entry for migration to GitHub Actions
refs #1138
2 months ago
Alex Willmer 644d42f831 Merge commit '298d28a650a2f154ce3db4bc98495eab964e0e7f' into release-v0.3.12 2 months ago
Alex Willmer 61b800781b Begin v0.3.13 development 2 months ago
Alex Willmer 298d28a650 Prep v0.3.12 2 months ago
Alex Willmer 3f288f934a docs: Correct 0.3.11 release month
Reports of Mitogen's time machine will have been greatly exaggerated.
2 months ago
Alex Willmer b05b2c8c8e CI: Add re-actors/alls-green GitHub Actions job
This will allow a single job to be required in the GitHub branch protection
web UI; regardless of which jobs are added to or removed from the matrix of
platform specific, Ansible specific jobs.
2 months ago
Alex Willmer 3504bea3bb tests: Ignore inventory files of inactive tests & benchmarks
These targets are not used by any active tests, and the large numbers of hosts
multiply the size of the taskvars disctionary in memory to many (10s) MiB.

refs #1058
2 months ago
Alex Willmer 6accc87da1 tests: Improve Ansible fail_msg formatting
By switching to block style (`|`) with clip (no `-` or `+`) the failure
messages don't require quoting and gain a single trailing newline. This causes
Ansible to print them as block style, when using the yaml stdout callback
plugin. As a result the values have one less layer of quoting and quote
escaping, making them much easier to read.
2 months ago
Alex Willmer 551690ee1d ansible_mitogen: Handle templated connection passwords and ansible_ssh_password
This switches `ansible_mitogen.transport_config.PlayContextSpec.password()` to
Ansible's plugin option framework. As a result
- The relatively recent `ansible_ssh_password` variable is now respected.
- The SSH connection password can be templated and specified as a play
  variable. Task variables will probably also work, but testing was blocked
  by #1132.

There is a chance this change will cause a regression in another connection
plugin (e.g. mitogen_docker), but nothing turned up in the test suite.
I intend ot migrate other connection configuration to
`ansible_mitogen.transport_config.PlayContextSpec._connect_option()`, the next
candidate is the remote port.

fixes #1106
2 months ago
Alex Willmer 3bdd3e237a tests: Coverage of support for ansible_ssh_password variable 2 months ago
michael.dsilva d0993e9918 allow ansible_ssh_password as it is documented as valid in current ansible documentation
Co-authored-by: Alex Willmer <alex@moreati.org.uk>
2 months ago