* Remove support for resolvelib < 0.8.0
Remove code handling differences between resolvelib 0.5.3 and 0.8.0
Drop some versions from the test to reduce the time it takes to run
Co-authored-by: Sviatoslav Sydorenko <wk@sydorenko.org.ua>
* Remove type annotation
---------
Co-authored-by: Sviatoslav Sydorenko <wk@sydorenko.org.ua>
* When ssh-keygen fails, return rc and stderr in fail_json
in order to help debugging.
Fixes: #85850
Signed-off-by: Abhijeet Kasurde <Akasurde@redhat.com>
* Prevent run_command output truncation or hang
In cases when the selector used to monitor stdout/stderr activates without
data ready to read (a rare but normal condition), a read from a non-blocking
FD can return `None`, which was being conflated with an empty read (EOF)
condition. This caused the selector to be unregistered prematurely,
sometimes resulting in truncated output or hangs. `None` read results
are now excluded from EOF conditions.
* add changelog
---------
Co-authored-by: Matt Davis <nitzmahone@redhat.com>
* Add new play keyword validate_argspec
Set to True to use the play name as the argument spec identifier. A play name is required (i.e. a host pattern is not supported as an argument spec name).
Alternatively, set to a specific argument spec name.
A valid argument spec for the play is required. Example:
# playbook.meta.yml
argument_specs:
name of the play:
options: {}
* Play argument spec validation runs after fact gathering
Play keywords like tags are inherited and work similarly to fact gathering
* Add test for sidecar documentation for filter plugin in a subdirectory
Fix ansible-doc --list/--list_files/--metadata-dump for relative imports in nested filter/test plugin files
* ansible-galaxy - remove deprecated v2 API
Update unit tests exercising the v2 Galaxy API
Remove v2 API integration tests
* Remove internal test configuration for servers which support API v2 and v3
* Update and simplify verify tests by using the configured server list
On WSL, `os.rename` can't correctly move a file while a handle to that file is still open. It remains half-moved where neither the source or destination seem to exist (according to `os.path.exists`). However the move seems to complete correctly when the open handle is closed.
In `BaseFileCacheModule`, when writing a cache file, a temporary file is created with `mkstemp` that returns an open file descriptor and a filename. Once the cache is written to that file, it is renamed to the correct file name with `os.rename` and then its permissions set with `os.chmod`. On WSL the `os.chmod` fails because it doesn't think the file exists yet because the file descriptor returned by `mkstemp` is still open. This PR fixes this by closing that file descriptor before renaming.
Co-authored-by: Abhijeet Kasurde <akasurde@redhat.com>
Add handling for when a PowerShell module emits more than just the
module result JSON. The behaviour reflects the Python async wrapper
where trailing data after the module result will emit a warning.
* Added ca_path and cookies parameter arguments to fetch_file method
to specify CA path and Cookies to fetch file from URL. These parameters
are already supported by fetch_url.
Fixes: #85172
Signed-off-by: Abhijeet Kasurde <Akasurde@redhat.com>
Attempts to simplify the PowerShell code and special edge cases that
removes quotes from a value like a src or destination path on Windows
hosts. This should not be needed as paths should not be quoted when it
comes to this section of the code.
ci_complete
Deprecates the function `wrap_for_exec` on shell plugins. This is to
simplify the API and remove unecessary components that should live
elsewhere or have a better and more flexible API.
* Remove deprecated vars plugin fallback
Removes the vars plugin `get_host_vars` and `get_group_vars` fallback
which was deprecated.
* Remove integration tests for removed feature
Add an 'lvs' key to each value in ansible_facts['vgs'] to support extracting all logical volume facts.
Add note to consider deprecating ansible_facts['lvs'] in a future release since it is misleading if any volume groups have identical logical volume names.
Fixes#85632
* dnf: Check if installroot is directory or not
* dnf library creates installroot if it is missing.
check if installroot is directory or not.
Fixes: #85680
Signed-off-by: Abhijeet Kasurde <Akasurde@redhat.com>
* templating coerces None to empty string on multi-node result
* avoid simple cases of embedded `None` in multi-node string concatenated template results ala <=2.18
* single-node template results preserve NoneType
* add None->empty str equivalency to argspec validation
* fix integration tests
* remove conversion error message check from apt_repository test
* remove error message check on `None` value for required str argspec in roles_arg_spec test (now logically-equivalent to empty string)
* explanatory comment for None->empty str coalesce
* Resolve static actions when the FQCN is already known or demanded by a callback plugin
shorthand syntax (e.g. "- ping:") is resolved by ModuleArgsParser
action/local_action syntax (e.g. "- action: ping") is resolved on demand
* Emit a warning if a callback plugin accesses the property when it's None. This is expected if action/local_action is a template and a callback plugin uses this value too early (like in v2_playbook_on_task_start) or late (like in v2_runner_on_ok for a task with a loop).
* service_facts: Handle KeyError while processing service name
As a part of follow up review,
* Handle KeyError with exception handling
* Warn user about the missing service name in the given service details
Signed-off-by: Abhijeet Kasurde <Akasurde@redhat.com>
* remove internal collections earlier to ignore consistently for different sub-commands
* remove internal collection handling from the dependency resolver
* add a test to ensure ansible._protomatter is not in the output of ansible-galaxy collection list
* fix existing test to ensure an error is given if no valid collection path is configured
* changelog
* Add correct empty venv creation handling
Makes the module exit with changed=True
when an empty venv is created with correct
module output
* Add tests for creating an empty venv
* Use display.error_as_warning instead of self.warning
* Use display.error_as_warning instead of display.warning_as_error.
Signed-off-by: Abhijeet Kasurde <Akasurde@redhat.com>
* Prevents callback handle_exception from displaying the captured exception when the task is not failed.
* Added tests.
Co-authored-by: Matt Clay <matt@mystile.com>
Fix ssh plugin host variables. Variable names should conform to Python variable naming rules.
, and not contain characters like "[" or "]".
Update unit test
* Mark dependent packages as auto which are installed as part of
deb file installation
Fixes: #78123
Co-authored-by: Matt Clay <matt@mystile.com>
Signed-off-by: Abhijeet Kasurde <Akasurde@redhat.com>
* ansible-doc: print where the description is missing
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
Co-authored-by: Sloane Hertel <19572925+s-hertel@users.noreply.github.com>
* Limit askpass prompts to single attempt
OpenSSH client option NumberOfPasswordPrompts defaults to 3 so in case
an incorrect connection password is provided it is excessively tried 3
times. Not only that but running the `_ssh_askpass` entry point multiple
times (via ssh) results in `json.decoder.JSONDecodeError` as after the
first run the shared memory is zero'd and the subsequent runs end up
calling `json.loads` on empty data.
`json.decoder.JSONDecodeError` does not happen prior to Python 3.13 as
the share memory is unlinked automatically on `.close()` and the
`_ssh_askpass` entry point exits with return code 1 before attempting to
load zero'd memory.
Fixes#85359
* changelog and tests
* Update changelogs/fragments/85359-askpass-incorrect-password-retries.yml
Co-authored-by: Matt Davis <6775756+nitzmahone@users.noreply.github.com>
* Update lib/ansible/cli/_ssh_askpass.py
Co-authored-by: Martin Krizek <martin.krizek@gmail.com>
* Avoid race condition in second unlink
---------
Co-authored-by: Matt Davis <6775756+nitzmahone@users.noreply.github.com>
Co-authored-by: Matt Clay <matt@mystile.com>
* deprecate invalid variable names in inventory
* was previously a hard error for `Host`
* added missing check to `Group`
* swapped blanket Python keyword prohibition with Jinja singleton and `not` check
Co-authored-by: Matt Clay <matt@mystile.com>
* fix invalid variable name test
---------
Co-authored-by: Matt Clay <matt@mystile.com>
* added ansible-test integration env/set directive for aliases
* applied to module-serialization-profiles test to enable feature flag
Co-authored-by: Matt Clay <matt@mystile.com>
* Fix handling FileExistsError, instead of only handling OSError when the human-readable error message is "File exists".
Co-authored-by: Matt Clay <matt@mystile.com>
* Add test for a handler including tasks from a variable filename
* Add FieldAttributeBase attribute to indicate if the object should be post validated
Co-authored-by: Matt Davis <6775756+nitzmahone@users.noreply.github.com>
* always allow Marker args to pass through
* always disable pre-emptive trip-on-retrieval for Macro JinjaCallContext
* add macro-callable template expression result test cases
Co-authored-by: Matt Clay <matt@mystile.com>
* deprecate DEFAULT_MANAGED_STR and prevent masking of ansible_managed var
* adjust public API behavior
* restore backward-compatible behavior on existing public API
* doc - Dynamically document jinja builtins
This change has `ansible-doc` dynamically generate the documentation for
any Jinja builtin filter and test plugins. These dynamic stubs will
point to the official Jinja documentation pages for more information.
* Fix sanity issues
* Add tests
* Update Jinja builtin doc gen
Co-authored-by: Matt Clay <matt@mystile.com>
---------
Co-authored-by: Matt Davis <nitzmahone@redhat.com>
Co-authored-by: Matt Clay <matt@mystile.com>
* Clean up TE error handling, wrap sigalrm handler
* Preserve error detail on AnsibleAction and Connection exceptions.
* Remove multiple layers of unreachable or redundant error handling.
* Wrap manual alarm signal/timeout handling into a context manager, add tests.
Co-authored-by: Matt Clay <matt@mystile.com>
* update error message check in test
* update test timeout message assertions
---------
Co-authored-by: Matt Clay <matt@mystile.com>
async_status and async_wrrapper now use booleans instead of 0/1 for 'thruthyness'
gather_facts also updated
Co-authored-by: 🇺🇦 Sviatoslav Sydorenko (Святослав Сидоренко) <wk.cvs.github@sydorenko.org.ua>
Co-authored-by: Matt Clay <matt@mystile.com>
* Add support for Windows App Control/WDAC
Adds preview support for Windows App Control, formerly known as WDAC.
This is a tech preview feature and is designed to test out improvements
needed in future versions of Ansible.
* Use psd1 and parse it through the Ast to avoid any unexpected execution results
* Add tests for various manifest permutations
* Ignore test shebang failure
* Apply suggestions from code review
Co-authored-by: Matt Davis <6775756+nitzmahone@users.noreply.github.com>
* Use more flexible test expectations
* Add type annotations for shell functions
---------
Co-authored-by: Matt Davis <6775756+nitzmahone@users.noreply.github.com>
* ansible-test - Improve deprecated checking type inference
Also disabled the ``bad-super-call`` pylint rule due to false positives.
* Add type comment support
* Try without using register_transform
Fix the logic for a constructable inventory `keyed_groups` entry to use
the `default_value` if the ``key` expression result is `None` or `omit`
and not just an empty string. This bug was introduced with the changes
in data tagging and goes back to the original behaviour.
Co-authored-by: Sloane Hertel <19572925+s-hertel@users.noreply.github.com>
* template module - render `None` as empty string
* Update changelogs/fragments/template-none.yml
Co-authored-by: Matt Davis <6775756+nitzmahone@users.noreply.github.com>
---------
Co-authored-by: Matt Davis <6775756+nitzmahone@users.noreply.github.com>
