From fee81b19a89f54e1bc40cc94915cbb623ca5e1ab Mon Sep 17 00:00:00 2001 From: Abhijeet Kasurde Date: Mon, 26 Jul 2021 17:27:14 +0530 Subject: [PATCH 01/37] Codecov comment=false Signed-off-by: Abhijeet Kasurde --- codecov.yml | 1 + 1 file changed, 1 insertion(+) create mode 100644 codecov.yml diff --git a/codecov.yml b/codecov.yml new file mode 100644 index 0000000..69cb760 --- /dev/null +++ b/codecov.yml @@ -0,0 +1 @@ +comment: false From 2b7a35c3460176d2d938eb599cc6ab1a4d13a08c Mon Sep 17 00:00:00 2001 From: piotrtrojanowski-dev <53664786+piotrtrojanowski-dev@users.noreply.github.com> Date: Tue, 27 Jul 2021 09:37:58 +0200 Subject: [PATCH 02/37] Fix requires firewalld version in comments for permanent parameter. --- plugins/modules/firewalld.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/modules/firewalld.py b/plugins/modules/firewalld.py index ae5c2a2..f892cd3 100644 --- a/plugins/modules/firewalld.py +++ b/plugins/modules/firewalld.py @@ -81,7 +81,7 @@ options: permanent: description: - Should this configuration be in the running firewalld configuration or persist across reboots. - - As of Ansible 2.3, permanent operations can operate on firewalld configs when it is not running (requires firewalld >= 3.0.9). + - As of Ansible 2.3, permanent operations can operate on firewalld configs when it is not running (requires firewalld >= 0.3.9). - Note that if this is C(no), immediate is assumed C(yes). type: bool immediate: From f7f5f89899224d0825f90f34accf33110b9ed168 Mon Sep 17 00:00:00 2001 From: Hideki Saito Date: Fri, 30 Jul 2021 17:07:57 +0900 Subject: [PATCH 03/37] Update AZP config * Fixes ansible-collections/overview#45 * Fixes #236 Signed-off-by: Hideki Saito --- .azure-pipelines/azure-pipelines.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.azure-pipelines/azure-pipelines.yml b/.azure-pipelines/azure-pipelines.yml index f1325c7..c0be539 100644 --- a/.azure-pipelines/azure-pipelines.yml +++ b/.azure-pipelines/azure-pipelines.yml @@ -57,10 +57,10 @@ stages: test: centos7 - name: CentOS 8 test: centos8 - - name: Fedora 32 - test: fedora32 - name: Fedora 33 test: fedora33 + - name: Fedora 34 + test: fedora34 - name: openSUSE 15 py2 test: opensuse15py2 - name: openSUSE 15 py3 @@ -161,12 +161,12 @@ stages: test: macos/11.1 - name: RHEL 7.9 test: rhel/7.9 - - name: RHEL 8.3 - test: rhel/8.3 - - name: FreeBSD 11.4 - test: freebsd/11.4 + - name: RHEL 8.4 + test: rhel/8.4 - name: FreeBSD 12.2 test: freebsd/12.2 + - name: FreeBSD 13.0 + test: freebsd/13.0 - stage: Remote_2_11 displayName: Remote 2.11 dependsOn: [] From dd2782d81c76ba6bd5dcc51e6dee37bf75153dbb Mon Sep 17 00:00:00 2001 From: Hideki Saito Date: Mon, 2 Aug 2021 08:29:49 +0900 Subject: [PATCH 04/37] Update README.md with ansible versions and release notes * Update ansible-core versions in the Tested with ansible section. * Change the Release notes section to use CHANGELOG.rst link. Signed-off-by: Hideki Saito --- README.md | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 73d8a05..db8e3ac 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,7 @@ https://dev.azure.com/ansible/ansible.posix/_apis/build/status/CI?branchName=mai An Ansible Collection of modules and plugins that target POSIX UNIX/Linux and derivative Operating Systems. - + ## Supported Versions of Ansible ## Ansible version compatibility @@ -75,9 +75,7 @@ This collection follows the Ansible project's Please read and familiarize yourself with this document. ## Release notes - -* 0.1.1 Initial stable build -* 0.1.0 Internal only build +See [changelog](https://github.com/ansible-collections/ansible.posix/blob/main/CHANGELOG.rst) for more details. ## External requirements @@ -87,9 +85,10 @@ None -* ansible-base 2.11 (devel) -* ansible-base 2.10 (Beta) -* ansible-base 2.9 (stable) +* ansible-core 2.12 (devel) +* ansible-core 2.11 (stable) +* ansible-base 2.10 (stable) +* ansible 2.9 (stable) ## Roadmap From 424004c4c046e993ccb288e217f2f5fa7e36f35a Mon Sep 17 00:00:00 2001 From: Abhijeet Kasurde Date: Mon, 2 Aug 2021 16:26:10 +0530 Subject: [PATCH 05/37] Enable firewalld tests Signed-off-by: Abhijeet Kasurde --- changelogs/fragments/firewalld_test.yml | 3 +++ tests/integration/targets/firewalld/aliases | 3 +-- .../targets/firewalld/tasks/main.yml | 1 + .../targets/firewalld/tasks/run_all_tests.yml | 4 +--- .../targets/setup_pkg_mgr/tasks/main.yml | 17 +++++++++++++++++ 5 files changed, 23 insertions(+), 5 deletions(-) create mode 100644 changelogs/fragments/firewalld_test.yml create mode 100644 tests/integration/targets/setup_pkg_mgr/tasks/main.yml diff --git a/changelogs/fragments/firewalld_test.yml b/changelogs/fragments/firewalld_test.yml new file mode 100644 index 0000000..4ed6020 --- /dev/null +++ b/changelogs/fragments/firewalld_test.yml @@ -0,0 +1,3 @@ +--- +bugfixes: +- firewalld - enable integration after migration (https://github.com/ansible-collections/ansible.posix/pull/239). diff --git a/tests/integration/targets/firewalld/aliases b/tests/integration/targets/firewalld/aliases index 96ae90e..95259df 100644 --- a/tests/integration/targets/firewalld/aliases +++ b/tests/integration/targets/firewalld/aliases @@ -1,6 +1,5 @@ destructive -shippable/posix/group3 +shippable/posix/group1 skip/aix skip/freebsd skip/osx -disabled # fixme diff --git a/tests/integration/targets/firewalld/tasks/main.yml b/tests/integration/targets/firewalld/tasks/main.yml index 4e83ee8..cb49104 100644 --- a/tests/integration/targets/firewalld/tasks/main.yml +++ b/tests/integration/targets/firewalld/tasks/main.yml @@ -40,3 +40,4 @@ - not (ansible_distribution == "Ubuntu" and ansible_distribution_version is version('14.04', '==')) # Firewalld package on OpenSUSE (15+) require Python 3, so we skip on OpenSUSE running py2 on these newer distros - not (ansible_os_family == "Suse" and ansible_distribution_major_version|int != 42 and ansible_python.version.major != 3) + - not (ansible_facts.distribution == "CentOS" and ansible_distribution_major_version is version('7', '==')) # FIXME diff --git a/tests/integration/targets/firewalld/tasks/run_all_tests.yml b/tests/integration/targets/firewalld/tasks/run_all_tests.yml index f46deb6..29d253d 100644 --- a/tests/integration/targets/firewalld/tasks/run_all_tests.yml +++ b/tests/integration/targets/firewalld/tasks/run_all_tests.yml @@ -9,8 +9,6 @@ # firewalld service operation test cases - include_tasks: service_test_cases.yml - # Skipping on CentOS 8 due to https://github.com/ansible/ansible/issues/64750 - when: not (ansible_facts.distribution == "CentOS" and ansible_distribution_major_version is version('8', '==')) # firewalld port operation test cases - include_tasks: port_test_cases.yml @@ -19,4 +17,4 @@ - import_tasks: source_test_cases.yml # firewalld zone target operation test cases -- import_tasks: zone_target_test_cases.yml +- import_tasks: zone_target_test_cases.yml \ No newline at end of file diff --git a/tests/integration/targets/setup_pkg_mgr/tasks/main.yml b/tests/integration/targets/setup_pkg_mgr/tasks/main.yml new file mode 100644 index 0000000..24d0222 --- /dev/null +++ b/tests/integration/targets/setup_pkg_mgr/tasks/main.yml @@ -0,0 +1,17 @@ +--- +#################################################################### +# WARNING: These are designed specifically for Ansible tests # +# and should not be used as examples of how to write Ansible roles # +#################################################################### + +- set_fact: + pkg_mgr: community.general.pkgng + ansible_pkg_mgr: community.general.pkgng + cacheable: yes + when: ansible_os_family == "FreeBSD" + +- set_fact: + pkg_mgr: community.general.zypper + ansible_pkg_mgr: community.general.zypper + cacheable: yes + when: ansible_os_family == "Suse" From 133ffe51fb317ec5182425eb33ac170d6a95306a Mon Sep 17 00:00:00 2001 From: Sagi Shnaidman Date: Sun, 25 Jul 2021 13:31:36 +0300 Subject: [PATCH 06/37] Complete adding podman connection to synchronize --- ...omplete_podman_support_for_synchronize.yml | 3 ++ plugins/action/synchronize.py | 35 +++++++++---------- 2 files changed, 20 insertions(+), 18 deletions(-) create mode 100644 changelogs/fragments/230_complete_podman_support_for_synchronize.yml diff --git a/changelogs/fragments/230_complete_podman_support_for_synchronize.yml b/changelogs/fragments/230_complete_podman_support_for_synchronize.yml new file mode 100644 index 0000000..e9c6c41 --- /dev/null +++ b/changelogs/fragments/230_complete_podman_support_for_synchronize.yml @@ -0,0 +1,3 @@ +--- +bugfixes: + - synchronize - complete podman support for synchronize module. diff --git a/plugins/action/synchronize.py b/plugins/action/synchronize.py index df3dab0..d86f005 100644 --- a/plugins/action/synchronize.py +++ b/plugins/action/synchronize.py @@ -28,6 +28,11 @@ from ansible.plugins.action import ActionBase from ansible.plugins.loader import connection_loader +DOCKER = ['docker', 'community.general.docker', 'community.docker.docker'] +PODMAN = ['podman', 'ansible.builtin.podman', 'containers.podman.podman'] +BUILDAH = ['buildah', 'containers.podman.buildah'] + + class ActionModule(ActionBase): def _get_absolute_path(self, path): @@ -66,15 +71,7 @@ class ActionModule(ActionBase): return path # If using docker or buildah, do not add user information - if self._remote_transport not in [ - 'docker', - 'community.general.docker', - 'community.docker.docker', - 'buildah', - 'containers.podman.buildah', - 'podman', - 'containers.podman.podman' - ] and user: + if self._remote_transport not in DOCKER + PODMAN + BUILDAH and user: user_prefix = '%s@' % (user, ) if self._host_is_ipv6_address(host): @@ -182,10 +179,14 @@ class ActionModule(ActionBase): self._remote_transport = self._connection.transport # Handle docker connection options - if self._remote_transport in ['docker', 'community.general.docker', 'community.docker.docker']: + if self._remote_transport in DOCKER: self._docker_cmd = self._connection.docker_cmd if self._play_context.docker_extra_args: self._docker_cmd = "%s %s" % (self._docker_cmd, self._play_context.docker_extra_args) + elif self._remote_transport in PODMAN: + self._docker_cmd = self._connection._options['podman_executable'] + if self._connection._options.get('podman_extra_args'): + self._docker_cmd = "%s %s" % (self._docker_cmd, self._connection._options['podman_extra_args']) # self._connection accounts for delegate_to so # remote_transport is the transport ansible thought it would need @@ -203,8 +204,8 @@ class ActionModule(ActionBase): # ssh paramiko docker buildah and local are fully supported transports. Anything # else only works with delegate_to - if delegate_to is None and self._connection.transport not in \ - ('ssh', 'paramiko', 'local', 'docker', 'community.general.docker', 'community.docker.docker', 'buildah', 'containers.podman.buildah'): + if delegate_to is None and self._connection.transport not in [ + 'ssh', 'paramiko', 'local'] + DOCKER + PODMAN + BUILDAH: result['failed'] = True result['msg'] = ( "synchronize uses rsync to function. rsync needs to connect to the remote " @@ -371,7 +372,7 @@ class ActionModule(ActionBase): if not dest_is_local: # don't escalate for docker. doing --rsync-path with docker exec fails # and we can switch directly to the user via docker arguments - if self._play_context.become and not rsync_path and self._remote_transport not in ['docker', 'community.general.docker', 'community.docker.docker']: + if self._play_context.become and not rsync_path and self._remote_transport not in DOCKER + PODMAN: # If no rsync_path is set, become was originally set, and dest is # remote then add privilege escalation here. if self._play_context.become_method == 'sudo': @@ -398,9 +399,7 @@ class ActionModule(ActionBase): # If launching synchronize against docker container # use rsync_opts to support container to override rsh options - if self._remote_transport in [ - 'docker', 'community.general.docker', 'community.docker.docker', 'buildah', 'containers.podman.buildah' - ] and not use_delegate: + if self._remote_transport in DOCKER + BUILDAH + PODMAN and not use_delegate: # Replicate what we do in the module argumentspec handling for lists if not isinstance(_tmp_args.get('rsync_opts'), MutableSequence): tmp_rsync_opts = _tmp_args.get('rsync_opts', []) @@ -413,14 +412,14 @@ class ActionModule(ActionBase): if '--blocking-io' not in _tmp_args['rsync_opts']: _tmp_args['rsync_opts'].append('--blocking-io') - if self._remote_transport in ['docker', 'community.general.docker', 'community.docker.docker']: + if self._remote_transport in DOCKER + PODMAN: if become and self._play_context.become_user: _tmp_args['rsync_opts'].append("--rsh=%s exec -u %s -i" % (self._docker_cmd, self._play_context.become_user)) elif user is not None: _tmp_args['rsync_opts'].append("--rsh=%s exec -u %s -i" % (self._docker_cmd, user)) else: _tmp_args['rsync_opts'].append("--rsh=%s exec -i" % self._docker_cmd) - elif self._remote_transport in ['buildah', 'containers.podman.buildah']: + elif self._remote_transport in BUILDAH: _tmp_args['rsync_opts'].append("--rsh=buildah run --") # run the module and store the result From db12a40a4c9d7f32e3cee23cef2abcce272a188d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tadej=20Borov=C5=A1ak?= Date: Wed, 4 Aug 2021 12:02:44 +0200 Subject: [PATCH 07/37] Synchronize: properly quote shell command components The synchronize action plugin and module were a bit sloppy when it came to the command-line parameter quoting and that caused failuer on some systems (for example, on Fedora 34). This commit makes sure any argumnts with potentially problematic characters are quoted before being used. --- changelogs/fragments/241-synchronize-shell-quoting.yml | 3 +++ plugins/action/synchronize.py | 9 +++++---- plugins/modules/synchronize.py | 6 +++--- 3 files changed, 11 insertions(+), 7 deletions(-) create mode 100644 changelogs/fragments/241-synchronize-shell-quoting.yml diff --git a/changelogs/fragments/241-synchronize-shell-quoting.yml b/changelogs/fragments/241-synchronize-shell-quoting.yml new file mode 100644 index 0000000..8b6df47 --- /dev/null +++ b/changelogs/fragments/241-synchronize-shell-quoting.yml @@ -0,0 +1,3 @@ +--- +bugfixes: + - synchronize - properly quote rsync CLI parameters (https://github.com/ansible-collections/ansible.posix/pull/241). diff --git a/plugins/action/synchronize.py b/plugins/action/synchronize.py index d86f005..5da2912 100644 --- a/plugins/action/synchronize.py +++ b/plugins/action/synchronize.py @@ -21,6 +21,7 @@ import os.path from ansible import constants as C from ansible.module_utils.six import string_types +from ansible.module_utils.six.moves import shlex_quote from ansible.module_utils._text import to_text from ansible.module_utils.common._collections_compat import MutableSequence from ansible.module_utils.parsing.convert_bool import boolean @@ -414,13 +415,13 @@ class ActionModule(ActionBase): if self._remote_transport in DOCKER + PODMAN: if become and self._play_context.become_user: - _tmp_args['rsync_opts'].append("--rsh=%s exec -u %s -i" % (self._docker_cmd, self._play_context.become_user)) + _tmp_args['rsync_opts'].append('--rsh=' + shlex_quote('%s exec -u %s -i' % (self._docker_cmd, self._play_context.become_user))) elif user is not None: - _tmp_args['rsync_opts'].append("--rsh=%s exec -u %s -i" % (self._docker_cmd, user)) + _tmp_args['rsync_opts'].append('--rsh=' + shlex_quote('%s exec -u %s -i' % (self._docker_cmd, user))) else: - _tmp_args['rsync_opts'].append("--rsh=%s exec -i" % self._docker_cmd) + _tmp_args['rsync_opts'].append('--rsh=' + shlex_quote('%s exec -i' % self._docker_cmd)) elif self._remote_transport in BUILDAH: - _tmp_args['rsync_opts'].append("--rsh=buildah run --") + _tmp_args['rsync_opts'].append('--rsh=' + shlex_quote('buildah run --')) # run the module and store the result result.update(self._execute_module('ansible.posix.synchronize', module_args=_tmp_args, task_vars=task_vars)) diff --git a/plugins/modules/synchronize.py b/plugins/modules/synchronize.py index 743deec..cf7418b 100644 --- a/plugins/modules/synchronize.py +++ b/plugins/modules/synchronize.py @@ -548,10 +548,10 @@ def main(): ssh_cmd_str = ' '.join(shlex_quote(arg) for arg in ssh_cmd) if ssh_args: ssh_cmd_str += ' %s' % ssh_args - cmd.append(shlex_quote('--rsh=%s' % ssh_cmd_str)) + cmd.append('--rsh=%s' % shlex_quote(ssh_cmd_str)) if rsync_path: - cmd.append(shlex_quote('--rsync-path=%s' % rsync_path)) + cmd.append('--rsync-path=%s' % shlex_quote(rsync_path)) if rsync_opts: if '' in rsync_opts: @@ -577,7 +577,7 @@ def main(): cmd.append('--link-dest=%s' % link_path) changed_marker = '<>' - cmd.append(shlex_quote('--out-format=' + changed_marker + '%i %n%L')) + cmd.append('--out-format=%s' % shlex_quote(changed_marker + '%i %n%L')) # expand the paths if '@' not in source: From 244c9b2066551f2d43bf5c6b13628f487804f0aa Mon Sep 17 00:00:00 2001 From: mandar242 Date: Mon, 19 Jul 2021 12:59:08 -0400 Subject: [PATCH 08/37] sysctl: Fix integration test virtualization type --- changelogs/fragments/226_sysctl_fix_integration_test.yml | 2 ++ tests/integration/targets/sysctl/tasks/main.yml | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) create mode 100644 changelogs/fragments/226_sysctl_fix_integration_test.yml diff --git a/changelogs/fragments/226_sysctl_fix_integration_test.yml b/changelogs/fragments/226_sysctl_fix_integration_test.yml new file mode 100644 index 0000000..4c2bc2a --- /dev/null +++ b/changelogs/fragments/226_sysctl_fix_integration_test.yml @@ -0,0 +1,2 @@ +bugfixes: +- sysctl - modifying conditional check for docker to fix tests being skipped (https://github.com/ansible-collections/ansible.posix/pull/226). diff --git a/tests/integration/targets/sysctl/tasks/main.yml b/tests/integration/targets/sysctl/tasks/main.yml index 6372128..c8532d3 100644 --- a/tests/integration/targets/sysctl/tasks/main.yml +++ b/tests/integration/targets/sysctl/tasks/main.yml @@ -22,7 +22,7 @@ - name: Test inside Docker when: - - ansible_facts.virtualization_type == 'docker' + - ansible_facts.virtualization_type == 'docker' or ansible_facts.virtualization_type == 'container' block: - set_fact: output_dir_test: "{{ output_dir }}/test_sysctl" From 944f5416c9d095b7b930744f0e0919e4b89d5a51 Mon Sep 17 00:00:00 2001 From: Hideki Saito Date: Sat, 7 Aug 2021 13:28:08 +0900 Subject: [PATCH 09/37] Added changelog fragment file to PR #233 Signed-off-by: Hideki Saito --- changelogs/fragments/233-fix-wrong-firewalld-version-info.yml | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 changelogs/fragments/233-fix-wrong-firewalld-version-info.yml diff --git a/changelogs/fragments/233-fix-wrong-firewalld-version-info.yml b/changelogs/fragments/233-fix-wrong-firewalld-version-info.yml new file mode 100644 index 0000000..f1bf525 --- /dev/null +++ b/changelogs/fragments/233-fix-wrong-firewalld-version-info.yml @@ -0,0 +1,3 @@ +--- +trivial: + - firewalld - fix wrong version number in the module document. From c244abd82f0c7ec2ac27cc54904c253ea643eea0 Mon Sep 17 00:00:00 2001 From: Abhijeet Kasurde Date: Tue, 10 Aug 2021 09:58:04 +0530 Subject: [PATCH 10/37] Fix integration test fedora 34 with firewalld Signed-off-by: Abhijeet Kasurde --- changelogs/fragments/firewalld_integ_test.yml | 3 +++ tests/integration/targets/firewalld/tasks/main.yml | 7 +++++++ 2 files changed, 10 insertions(+) create mode 100644 changelogs/fragments/firewalld_integ_test.yml diff --git a/changelogs/fragments/firewalld_integ_test.yml b/changelogs/fragments/firewalld_integ_test.yml new file mode 100644 index 0000000..1e7419f --- /dev/null +++ b/changelogs/fragments/firewalld_integ_test.yml @@ -0,0 +1,3 @@ +--- +bugfixes: +- firewalld - fix integration tests for Fedora 34 (https://github.com/ansible-collections/ansible.posix/pull/243). diff --git a/tests/integration/targets/firewalld/tasks/main.yml b/tests/integration/targets/firewalld/tasks/main.yml index cb49104..17f14c2 100644 --- a/tests/integration/targets/firewalld/tasks/main.yml +++ b/tests/integration/targets/firewalld/tasks/main.yml @@ -15,6 +15,13 @@ register: check_output ignore_errors: true + - name: Enable dbus-broker daemon + service: + name: dbus-broker + enabled: true + state: started + when: (ansible_distribution == 'Fedora' and ansible_distribution_major_version is version('34', '==')) + - name: Test Online Operations block: - name: start firewalld From dad537946142103a88f2e96d057d9e624b92f414 Mon Sep 17 00:00:00 2001 From: Abhijeet Kasurde Date: Tue, 10 Aug 2021 17:58:27 +0530 Subject: [PATCH 11/37] fix changelog entry Changed from `bugfixes` to `trivial` Signed-off-by: Abhijeet Kasurde --- changelogs/fragments/firewalld_integ_test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/changelogs/fragments/firewalld_integ_test.yml b/changelogs/fragments/firewalld_integ_test.yml index 1e7419f..e19ab9c 100644 --- a/changelogs/fragments/firewalld_integ_test.yml +++ b/changelogs/fragments/firewalld_integ_test.yml @@ -1,3 +1,3 @@ --- -bugfixes: +trivial: - firewalld - fix integration tests for Fedora 34 (https://github.com/ansible-collections/ansible.posix/pull/243). From a65807edc322ec403eb73e006aa9f6e2172026a3 Mon Sep 17 00:00:00 2001 From: Abhijeet Kasurde Date: Wed, 11 Aug 2021 10:45:52 +0530 Subject: [PATCH 12/37] synchronize: Use SSH args from SSH connection plugins (#223) SSH configuration migrated from Ansible configuration to SSH connection configuration. Make ``synchronize`` understand this. Fixes: #222 Signed-off-by: Abhijeet Kasurde --- changelogs/fragments/222_synchronize.yml | 3 +++ plugins/action/synchronize.py | 22 ++++++++++------------ plugins/modules/synchronize.py | 4 +++- 3 files changed, 16 insertions(+), 13 deletions(-) create mode 100644 changelogs/fragments/222_synchronize.yml diff --git a/changelogs/fragments/222_synchronize.yml b/changelogs/fragments/222_synchronize.yml new file mode 100644 index 0000000..af84610 --- /dev/null +++ b/changelogs/fragments/222_synchronize.yml @@ -0,0 +1,3 @@ +--- +bugfixes: +- synchronize - use SSH args from SSH connection plugin (https://github.com/ansible-collections/ansible.posix/issues/222). diff --git a/plugins/action/synchronize.py b/plugins/action/synchronize.py index 5da2912..a5752b9 100644 --- a/plugins/action/synchronize.py +++ b/plugins/action/synchronize.py @@ -77,8 +77,7 @@ class ActionModule(ActionBase): if self._host_is_ipv6_address(host): return '[%s%s]:%s' % (user_prefix, host, path) - else: - return '%s%s:%s' % (user_prefix, host, path) + return '%s%s:%s' % (user_prefix, host, path) def _process_origin(self, host, path, user): @@ -178,6 +177,15 @@ class ActionModule(ActionBase): # Store remote connection type self._remote_transport = self._connection.transport + use_ssh_args = _tmp_args.pop('use_ssh_args', None) + + if use_ssh_args and self._connection.transport == 'ssh': + ssh_args = [ + self._connection.get_option('ssh_args'), + self._connection.get_option('ssh_common_args'), + self._connection.get_option('ssh_extra_args'), + ] + _tmp_args['ssh_args'] = ' '.join([a for a in ssh_args if a]) # Handle docker connection options if self._remote_transport in DOCKER: @@ -215,8 +223,6 @@ class ActionModule(ActionBase): "so it cannot work." % self._connection.transport) return result - use_ssh_args = _tmp_args.pop('use_ssh_args', None) - # Parameter name needed by the ansible module _tmp_args['_local_rsync_path'] = task_vars.get('ansible_rsync_path') or 'rsync' _tmp_args['_local_rsync_password'] = task_vars.get('ansible_ssh_pass') or task_vars.get('ansible_password') @@ -390,14 +396,6 @@ class ActionModule(ActionBase): _tmp_args['rsync_path'] = rsync_path - if use_ssh_args: - ssh_args = [ - getattr(self._play_context, 'ssh_args', ''), - getattr(self._play_context, 'ssh_common_args', ''), - getattr(self._play_context, 'ssh_extra_args', ''), - ] - _tmp_args['ssh_args'] = ' '.join([a for a in ssh_args if a]) - # If launching synchronize against docker container # use rsync_opts to support container to override rsh options if self._remote_transport in DOCKER + BUILDAH + PODMAN and not use_delegate: diff --git a/plugins/modules/synchronize.py b/plugins/modules/synchronize.py index cf7418b..5f63dd4 100644 --- a/plugins/modules/synchronize.py +++ b/plugins/modules/synchronize.py @@ -137,7 +137,9 @@ options: default: yes use_ssh_args: description: - - Use the ssh_args specified in ansible.cfg. Setting this to `yes` will also make `synchronize` use `ansible_ssh_common_args`. + - In Ansible 2.10 and lower, it uses the ssh_args specified in C(ansible.cfg). + - In Ansible 2.11 and onwards, when set to C(true), it uses all SSH connection configurations like + C(ansible_ssh_args), C(ansible_ssh_common_args), and C(ansible_ssh_extra_args). type: bool default: no ssh_connection_multiplexing: From fad1d3a870324d6496db8c940d4613dac9506236 Mon Sep 17 00:00:00 2001 From: Hideki Saito Date: Wed, 11 Aug 2021 15:51:13 +0900 Subject: [PATCH 13/37] Release 1.3.0 commit Signed-off-by: Hideki Saito --- CHANGELOG.rst | 45 +- README.md | 1 + changelogs/changelog.yaml | 78 ++- changelogs/config.yaml | 2 +- changelogs/fragments/1.2.0.yml | 4 - .../101-sysctl-dont-persist-when-invalid.yml | 3 - .../fragments/11-action-plugins-use-fqcn.yml | 4 - .../fragments/118-synchronize_bugfix.yml | 2 - .../fragments/120-synchronize_add_option.yml | 2 - changelogs/fragments/124_acl.yml | 3 - .../126_mount_not_returning_backup_file.yml | 2 - .../12_migrate_cgroup_perf_recap_graph.yml | 2 - changelogs/fragments/134_authorized_key.yml | 2 - ...mmunity_docker_connection_plugin_alias.yml | 4 - changelogs/fragments/14_mount_option.yml | 2 - .../156-fix_no-log-needed_false_positives.yml | 4 - ...159-fix-60-deprecated-ansible_ssh_user.yml | 4 - changelogs/fragments/15_profile_tasks.yml | 2 - .../167-synchronize-add_delay_option.yml | 3 - .../169_add_lineseparator_to_command.yml | 3 - changelogs/fragments/175_synchronize.yml | 3 - changelogs/fragments/179_firewalld.yml | 3 - changelogs/fragments/17_authorized_keys.yml | 3 - .../fragments/181-update_codecov_sh_url.yml | 3 - changelogs/fragments/185_mount_at_boot.yml | 3 - .../187-fix-synchronize-become-user.yml | 4 - changelogs/fragments/193_firewalld.yml | 3 - .../fragments/196_boot_opt_for_linux.yml | 4 - changelogs/fragments/19_enable_tags.yml | 2 - changelogs/fragments/203_boot_opt_for_bsd.yml | 4 - changelogs/fragments/204_csh_shell.yml | 3 - changelogs/fragments/207-mount_tests.yml | 3 - .../21-mount-module_util-routing-issue.yml | 3 - changelogs/fragments/213_quote_cmd_args.yml | 4 - .../214-add_firewalld_info_module.yml | 3 - .../fragments/215_fix_REJECT_target_name.yml | 2 - .../217-restructure_authrized_key_test.yml | 3 - changelogs/fragments/222_synchronize.yml | 3 - .../226_sysctl_fix_integration_test.yml | 2 - ...odman_connection_plugin_to_synchronize.yml | 3 - ...inux-doesnt-create-missing-config-keys.yml | 3 - ...omplete_podman_support_for_synchronize.yml | 3 - .../233-fix-wrong-firewalld-version-info.yml | 3 - .../241-synchronize-shell-quoting.yml | 3 - changelogs/fragments/25_ansible_metadata.yml | 2 - changelogs/fragments/26_profile_tasks_doc.yml | 2 - changelogs/fragments/27_update_examples.yml | 2 - changelogs/fragments/33_mount.yml | 2 - changelogs/fragments/35_disable_tests.yml | 2 - ...ed_keys-inconsistent-check-mode-values.yml | 3 - changelogs/fragments/39_remove_license.yml | 2 - changelogs/fragments/43_remove_shippable.yml | 2 - changelogs/fragments/4_update_readme.yml | 2 - changelogs/fragments/5_enable_tests.yml | 2 - ...5931-json-callback-non-lockstep-output.yml | 4 - changelogs/fragments/6_test_devel.yml | 2 - .../fragments/74_synchronize_docker.yml | 2 - changelogs/fragments/7_env.yml | 2 - .../fragments/82-private-key-override-fix.yml | 3 - .../fragments/99-at_add_aix_support.yml | 2 - changelogs/fragments/firewalld_integ_test.yml | 3 - changelogs/fragments/firewalld_migration.yml | 3 - changelogs/fragments/firewalld_test.yml | 3 - .../fragments/firewalld_zone_target.yml | 2 - changelogs/fragments/initial_commit.yaml | 2 - changelogs/fragments/misc_fix.yml | 2 - .../fragments/sanity_test_ignore_file.yml | 2 - changelogs/fragments/skippy_deprecation.yml | 3 - changelogs/fragments/synchronize.yml | 3 - changelogs/fragments/test_matrix.yml | 2 - docs/ansible.posix.acl_module.rst | 19 +- docs/ansible.posix.at_module.rst | 4 +- docs/ansible.posix.authorized_key_module.rst | 4 +- docs/ansible.posix.firewalld_info_module.rst | 520 ++++++++++++++++++ docs/ansible.posix.firewalld_module.rst | 151 ++++- docs/ansible.posix.mount_module.rst | 16 +- docs/ansible.posix.patch_module.rst | 2 +- docs/ansible.posix.seboolean_module.rst | 4 +- docs/ansible.posix.selinux_module.rst | 10 +- docs/ansible.posix.synchronize_module.rst | 60 +- docs/ansible.posix.sysctl_module.rst | 14 +- galaxy.yml | 2 +- 82 files changed, 864 insertions(+), 248 deletions(-) delete mode 100644 changelogs/fragments/1.2.0.yml delete mode 100644 changelogs/fragments/101-sysctl-dont-persist-when-invalid.yml delete mode 100644 changelogs/fragments/11-action-plugins-use-fqcn.yml delete mode 100644 changelogs/fragments/118-synchronize_bugfix.yml delete mode 100644 changelogs/fragments/120-synchronize_add_option.yml delete mode 100644 changelogs/fragments/124_acl.yml delete mode 100644 changelogs/fragments/126_mount_not_returning_backup_file.yml delete mode 100644 changelogs/fragments/12_migrate_cgroup_perf_recap_graph.yml delete mode 100644 changelogs/fragments/134_authorized_key.yml delete mode 100644 changelogs/fragments/144_add_community_docker_connection_plugin_alias.yml delete mode 100644 changelogs/fragments/14_mount_option.yml delete mode 100644 changelogs/fragments/156-fix_no-log-needed_false_positives.yml delete mode 100644 changelogs/fragments/159-fix-60-deprecated-ansible_ssh_user.yml delete mode 100644 changelogs/fragments/15_profile_tasks.yml delete mode 100644 changelogs/fragments/167-synchronize-add_delay_option.yml delete mode 100644 changelogs/fragments/169_add_lineseparator_to_command.yml delete mode 100644 changelogs/fragments/175_synchronize.yml delete mode 100644 changelogs/fragments/179_firewalld.yml delete mode 100644 changelogs/fragments/17_authorized_keys.yml delete mode 100644 changelogs/fragments/181-update_codecov_sh_url.yml delete mode 100644 changelogs/fragments/185_mount_at_boot.yml delete mode 100644 changelogs/fragments/187-fix-synchronize-become-user.yml delete mode 100644 changelogs/fragments/193_firewalld.yml delete mode 100644 changelogs/fragments/196_boot_opt_for_linux.yml delete mode 100644 changelogs/fragments/19_enable_tags.yml delete mode 100644 changelogs/fragments/203_boot_opt_for_bsd.yml delete mode 100644 changelogs/fragments/204_csh_shell.yml delete mode 100644 changelogs/fragments/207-mount_tests.yml delete mode 100644 changelogs/fragments/21-mount-module_util-routing-issue.yml delete mode 100644 changelogs/fragments/213_quote_cmd_args.yml delete mode 100644 changelogs/fragments/214-add_firewalld_info_module.yml delete mode 100644 changelogs/fragments/215_fix_REJECT_target_name.yml delete mode 100644 changelogs/fragments/217-restructure_authrized_key_test.yml delete mode 100644 changelogs/fragments/222_synchronize.yml delete mode 100644 changelogs/fragments/226_sysctl_fix_integration_test.yml delete mode 100644 changelogs/fragments/229_add_podman_connection_plugin_to_synchronize.yml delete mode 100644 changelogs/fragments/23-selinux-doesnt-create-missing-config-keys.yml delete mode 100644 changelogs/fragments/230_complete_podman_support_for_synchronize.yml delete mode 100644 changelogs/fragments/233-fix-wrong-firewalld-version-info.yml delete mode 100644 changelogs/fragments/241-synchronize-shell-quoting.yml delete mode 100644 changelogs/fragments/25_ansible_metadata.yml delete mode 100644 changelogs/fragments/26_profile_tasks_doc.yml delete mode 100644 changelogs/fragments/27_update_examples.yml delete mode 100644 changelogs/fragments/33_mount.yml delete mode 100644 changelogs/fragments/35_disable_tests.yml delete mode 100644 changelogs/fragments/37-authorized_keys-inconsistent-check-mode-values.yml delete mode 100644 changelogs/fragments/39_remove_license.yml delete mode 100644 changelogs/fragments/43_remove_shippable.yml delete mode 100644 changelogs/fragments/4_update_readme.yml delete mode 100644 changelogs/fragments/5_enable_tests.yml delete mode 100644 changelogs/fragments/65931-json-callback-non-lockstep-output.yml delete mode 100644 changelogs/fragments/6_test_devel.yml delete mode 100644 changelogs/fragments/74_synchronize_docker.yml delete mode 100644 changelogs/fragments/7_env.yml delete mode 100644 changelogs/fragments/82-private-key-override-fix.yml delete mode 100644 changelogs/fragments/99-at_add_aix_support.yml delete mode 100644 changelogs/fragments/firewalld_integ_test.yml delete mode 100644 changelogs/fragments/firewalld_migration.yml delete mode 100644 changelogs/fragments/firewalld_test.yml delete mode 100644 changelogs/fragments/firewalld_zone_target.yml delete mode 100644 changelogs/fragments/initial_commit.yaml delete mode 100644 changelogs/fragments/misc_fix.yml delete mode 100644 changelogs/fragments/sanity_test_ignore_file.yml delete mode 100644 changelogs/fragments/skippy_deprecation.yml delete mode 100644 changelogs/fragments/synchronize.yml delete mode 100644 changelogs/fragments/test_matrix.yml create mode 100644 docs/ansible.posix.firewalld_info_module.rst diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 7781632..1fd693d 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -5,6 +5,49 @@ ansible.posix Release Notes .. contents:: Topics +v1.3.0 +====== + +Release Summary +--------------- + +This is the minor release of the ``ansible.posix`` collection. +This changelog contains all changes to the modules in this collection that +have been added after the release of ``ansible.posix`` 1.2.0. + +Minor Changes +------------- + +- acl - add new alias ``recurse`` for ``recursive`` parameter (https://github.com/ansible-collections/ansible.posix/issues/124). +- added 2.11 branch to test matrix, added ignore-2.12.txt. +- authorized_key - add ``no_log=False`` in ``argument_spec`` to clear false-positives of ``no-log-needed`` (https://github.com/ansible-collections/ansible.posix/pull/156). +- authorized_key - add a list of valid key types (https://github.com/ansible-collections/ansible.posix/issues/134). +- mount - Change behavior of ``boot`` option to set ``noauto`` on BSD nodes (https://github.com/ansible-collections/ansible.posix/issues/28). +- mount - Change behavior of ``boot`` option to set ``noauto`` on Linux nodes (https://github.com/ansible-collections/ansible.posix/issues/28). +- mount - add ``no_log=False`` in ``argument_spec`` to clear false-positives of ``no-log-needed`` (https://github.com/ansible-collections/ansible.posix/pull/156). +- mount - returns ``backup_file`` value when a backup fstab is created. +- synchronize - add ``delay_updates`` option (https://github.com/ansible-collections/ansible.posix/issues/157). +- synchronize - fix typo (https://github.com/ansible-collections/ansible.posix/pull/198). + +Bugfixes +-------- + +- Synchronize module not recognizing remote ssh key (https://github.com/ansible-collections/ansible.posix/issues/24). +- Synchronize not using quotes around arguments like --out-format (https://github.com/ansible-collections/ansible.posix/issues/190). +- at - append line-separator to the end of the ``command`` (https://github.com/ansible-collections/ansible.posix/issues/169). +- csh - define ``ECHO`` and ``COMMAND_SEP`` (https://github.com/ansible-collections/ansible.posix/issues/204). +- firewalld - enable integration after migration (https://github.com/ansible-collections/ansible.posix/pull/239). +- firewalld - ensure idempotency with firewalld 0.9.3 (https://github.com/ansible-collections/ansible.posix/issues/179). +- firewalld - fix setting zone target to ``%%REJECT%%`` (https://github.com/ansible-collections/ansible.posix/pull/215). +- mount - Handle ``boot`` option on Solaris correctly (https://github.com/ansible-collections/ansible.posix/issues/184). +- synchronize - add ``community.podman.podman`` to the list of supported connection plugins (https://github.com/ansible-community/molecule-podman/issues/45). +- synchronize - complete podman support for synchronize module. +- synchronize - properly quote rsync CLI parameters (https://github.com/ansible-collections/ansible.posix/pull/241). +- synchronize - replace removed ``ansible_ssh_user`` by ``ansible_user`` everywhere; do the same for ``ansible_ssh_port`` and ``ansible_ssh_host`` (https://github.com/ansible-collections/ansible.posix/issues/60). +- synchronize - use SSH args from SSH connection plugin (https://github.com/ansible-collections/ansible.posix/issues/222). +- synchronize - use become_user when invoking rsync on remote with sudo (https://github.com/ansible-collections/ansible.posix/issues/186). +- sysctl - modifying conditional check for docker to fix tests being skipped (https://github.com/ansible-collections/ansible.posix/pull/226). + v1.2.0 ====== @@ -26,9 +69,9 @@ Bugfixes -------- - at - add AIX support (https://github.com/ansible-collections/ansible.posix/pull/99). -- synchronize - fix for private_key overriding in synchronize module. - synchronize - add ``community.docker.docker`` to the list of supported transports (https://github.com/ansible-collections/ansible.posix/issues/132). - synchronize - do not prepend PWD when path is in form user@server:path or server:path (https://github.com/ansible-collections/ansible.posix/pull/118). +- synchronize - fix for private_key overriding in synchronize module. - sysctl - do not persist sysctl when value is invalid (https://github.com/ansible-collections/ansible.posix/pull/101). v1.1.1 diff --git a/README.md b/README.md index db8e3ac..2c7c169 100644 --- a/README.md +++ b/README.md @@ -28,6 +28,7 @@ Name | Description [ansible.posix.at](https://github.com/ansible-collections/ansible.posix/blob/main/docs/ansible.posix.at_module.rst)|Schedule the execution of a command or script file via the at command [ansible.posix.authorized_key](https://github.com/ansible-collections/ansible.posix/blob/main/docs/ansible.posix.authorized_key_module.rst)|Adds or removes an SSH authorized key [ansible.posix.firewalld](https://github.com/ansible-collections/ansible.posix/blob/main/docs/ansible.posix.firewalld_module.rst)|Manage arbitrary ports/services with firewalld +[ansible.posix.firewalld_info](https://github.com/ansible-collections/ansible.posix/blob/main/docs/ansible.posix.firewalld_info_module.rst)|Gather information about firewalld [ansible.posix.mount](https://github.com/ansible-collections/ansible.posix/blob/main/docs/ansible.posix.mount_module.rst)|Control active and configured mount points [ansible.posix.patch](https://github.com/ansible-collections/ansible.posix/blob/main/docs/ansible.posix.patch_module.rst)|Apply patch files using the GNU patch tool [ansible.posix.seboolean](https://github.com/ansible-collections/ansible.posix/blob/main/docs/ansible.posix.seboolean_module.rst)|Toggles SELinux booleans diff --git a/changelogs/changelog.yaml b/changelogs/changelog.yaml index fd899d5..828127b 100644 --- a/changelogs/changelog.yaml +++ b/changelogs/changelog.yaml @@ -107,11 +107,11 @@ releases: changes: bugfixes: - at - add AIX support (https://github.com/ansible-collections/ansible.posix/pull/99). - - synchronize - fix for private_key overriding in synchronize module. - synchronize - add ``community.docker.docker`` to the list of supported transports (https://github.com/ansible-collections/ansible.posix/issues/132). - synchronize - do not prepend PWD when path is in form user@server:path or server:path (https://github.com/ansible-collections/ansible.posix/pull/118). + - synchronize - fix for private_key overriding in synchronize module. - sysctl - do not persist sysctl when value is invalid (https://github.com/ansible-collections/ansible.posix/pull/101). minor_changes: - firewalld - bring the ``target`` feature back (https://github.com/ansible-collections/ansible.posix/issues/112). @@ -134,3 +134,79 @@ releases: - firewalld_zone_target.yml - misc_fix.yml release_date: '2021-03-08' + 1.3.0: + changes: + bugfixes: + - Synchronize module not recognizing remote ssh key (https://github.com/ansible-collections/ansible.posix/issues/24). + - Synchronize not using quotes around arguments like --out-format (https://github.com/ansible-collections/ansible.posix/issues/190). + - at - append line-separator to the end of the ``command`` (https://github.com/ansible-collections/ansible.posix/issues/169). + - csh - define ``ECHO`` and ``COMMAND_SEP`` (https://github.com/ansible-collections/ansible.posix/issues/204). + - firewalld - enable integration after migration (https://github.com/ansible-collections/ansible.posix/pull/239). + - firewalld - ensure idempotency with firewalld 0.9.3 (https://github.com/ansible-collections/ansible.posix/issues/179). + - firewalld - fix setting zone target to ``%%REJECT%%`` (https://github.com/ansible-collections/ansible.posix/pull/215). + - mount - Handle ``boot`` option on Solaris correctly (https://github.com/ansible-collections/ansible.posix/issues/184). + - synchronize - add ``community.podman.podman`` to the list of supported connection + plugins (https://github.com/ansible-community/molecule-podman/issues/45). + - synchronize - complete podman support for synchronize module. + - synchronize - properly quote rsync CLI parameters (https://github.com/ansible-collections/ansible.posix/pull/241). + - synchronize - replace removed ``ansible_ssh_user`` by ``ansible_user`` everywhere; + do the same for ``ansible_ssh_port`` and ``ansible_ssh_host`` (https://github.com/ansible-collections/ansible.posix/issues/60). + - synchronize - use SSH args from SSH connection plugin (https://github.com/ansible-collections/ansible.posix/issues/222). + - synchronize - use become_user when invoking rsync on remote with sudo (https://github.com/ansible-collections/ansible.posix/issues/186). + - sysctl - modifying conditional check for docker to fix tests being skipped + (https://github.com/ansible-collections/ansible.posix/pull/226). + minor_changes: + - acl - add new alias ``recurse`` for ``recursive`` parameter (https://github.com/ansible-collections/ansible.posix/issues/124). + - added 2.11 branch to test matrix, added ignore-2.12.txt. + - authorized_key - add ``no_log=False`` in ``argument_spec`` to clear false-positives + of ``no-log-needed`` (https://github.com/ansible-collections/ansible.posix/pull/156). + - authorized_key - add a list of valid key types (https://github.com/ansible-collections/ansible.posix/issues/134). + - mount - Change behavior of ``boot`` option to set ``noauto`` on BSD nodes + (https://github.com/ansible-collections/ansible.posix/issues/28). + - mount - Change behavior of ``boot`` option to set ``noauto`` on Linux nodes + (https://github.com/ansible-collections/ansible.posix/issues/28). + - mount - add ``no_log=False`` in ``argument_spec`` to clear false-positives + of ``no-log-needed`` (https://github.com/ansible-collections/ansible.posix/pull/156). + - mount - returns ``backup_file`` value when a backup fstab is created. + - synchronize - add ``delay_updates`` option (https://github.com/ansible-collections/ansible.posix/issues/157). + - synchronize - fix typo (https://github.com/ansible-collections/ansible.posix/pull/198). + release_summary: 'This is the minor release of the ``ansible.posix`` collection. + + This changelog contains all changes to the modules in this collection that + + have been added after the release of ``ansible.posix`` 1.2.0.' + fragments: + - 1.3.0.yml + - 124_acl.yml + - 126_mount_not_returning_backup_file.yml + - 134_authorized_key.yml + - 156-fix_no-log-needed_false_positives.yml + - 159-fix-60-deprecated-ansible_ssh_user.yml + - 167-synchronize-add_delay_option.yml + - 169_add_lineseparator_to_command.yml + - 175_synchronize.yml + - 179_firewalld.yml + - 181-update_codecov_sh_url.yml + - 185_mount_at_boot.yml + - 187-fix-synchronize-become-user.yml + - 193_firewalld.yml + - 196_boot_opt_for_linux.yml + - 203_boot_opt_for_bsd.yml + - 204_csh_shell.yml + - 207-mount_tests.yml + - 213_quote_cmd_args.yml + - 214-add_firewalld_info_module.yml + - 215_fix_REJECT_target_name.yml + - 217-restructure_authrized_key_test.yml + - 222_synchronize.yml + - 226_sysctl_fix_integration_test.yml + - 229_add_podman_connection_plugin_to_synchronize.yml + - 230_complete_podman_support_for_synchronize.yml + - 233-fix-wrong-firewalld-version-info.yml + - 241-synchronize-shell-quoting.yml + - firewalld_integ_test.yml + - firewalld_test.yml + - sanity_test_ignore_file.yml + - synchronize.yml + - test_matrix.yml + release_date: '2021-08-11' diff --git a/changelogs/config.yaml b/changelogs/config.yaml index e23c876..a4fbd6c 100644 --- a/changelogs/config.yaml +++ b/changelogs/config.yaml @@ -2,7 +2,7 @@ changelog_filename_template: ../CHANGELOG.rst changelog_filename_version_depth: 0 changes_file: changelog.yaml changes_format: combined -keep_fragments: true +keep_fragments: false mention_ancestor: true new_plugins_after_name: removed_features notesdir: fragments diff --git a/changelogs/fragments/1.2.0.yml b/changelogs/fragments/1.2.0.yml deleted file mode 100644 index 1a4be39..0000000 --- a/changelogs/fragments/1.2.0.yml +++ /dev/null @@ -1,4 +0,0 @@ -release_summary: |- - This is the minor release of the ``ansible.posix`` collection. - This changelog contains all changes to the modules in this collection that - have been added after the release of ``ansible.posix`` 1.1.0. diff --git a/changelogs/fragments/101-sysctl-dont-persist-when-invalid.yml b/changelogs/fragments/101-sysctl-dont-persist-when-invalid.yml deleted file mode 100644 index cfba0eb..0000000 --- a/changelogs/fragments/101-sysctl-dont-persist-when-invalid.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -bugfixes: - - sysctl - do not persist sysctl when value is invalid (https://github.com/ansible-collections/ansible.posix/pull/101). diff --git a/changelogs/fragments/11-action-plugins-use-fqcn.yml b/changelogs/fragments/11-action-plugins-use-fqcn.yml deleted file mode 100644 index b41bf3d..0000000 --- a/changelogs/fragments/11-action-plugins-use-fqcn.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -bugfixes: - - patch - fix FQCN usage for action plugin (https://github.com/ansible-collections/ansible.posix/issues/11) - - synchronize - fix FQCN usage for action plugin (https://github.com/ansible-collections/ansible.posix/issues/11) diff --git a/changelogs/fragments/118-synchronize_bugfix.yml b/changelogs/fragments/118-synchronize_bugfix.yml deleted file mode 100644 index 1b888dc..0000000 --- a/changelogs/fragments/118-synchronize_bugfix.yml +++ /dev/null @@ -1,2 +0,0 @@ -bugfixes: -- "synchronize - do not prepend PWD when path is in form user@server:path or server:path (https://github.com/ansible-collections/ansible.posix/pull/118)." diff --git a/changelogs/fragments/120-synchronize_add_option.yml b/changelogs/fragments/120-synchronize_add_option.yml deleted file mode 100644 index 2db7cec..0000000 --- a/changelogs/fragments/120-synchronize_add_option.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: -- synchronize - add the ``ssh_connection_multiplexing`` option to allow SSH connection multiplexing (https://github.com/ansible/ansible/issues/24365). diff --git a/changelogs/fragments/124_acl.yml b/changelogs/fragments/124_acl.yml deleted file mode 100644 index 5eee72a..0000000 --- a/changelogs/fragments/124_acl.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -minor_changes: -- acl - add new alias ``recurse`` for ``recursive`` parameter (https://github.com/ansible-collections/ansible.posix/issues/124). diff --git a/changelogs/fragments/126_mount_not_returning_backup_file.yml b/changelogs/fragments/126_mount_not_returning_backup_file.yml deleted file mode 100644 index b4746f4..0000000 --- a/changelogs/fragments/126_mount_not_returning_backup_file.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: -- mount - returns ``backup_file`` value when a backup fstab is created. diff --git a/changelogs/fragments/12_migrate_cgroup_perf_recap_graph.yml b/changelogs/fragments/12_migrate_cgroup_perf_recap_graph.yml deleted file mode 100644 index c5dd1f6..0000000 --- a/changelogs/fragments/12_migrate_cgroup_perf_recap_graph.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: -- Migrate hacking/cgroup_perf_recap_graph.py to this collection, since the cgroup_perf_recap callback lives here. \ No newline at end of file diff --git a/changelogs/fragments/134_authorized_key.yml b/changelogs/fragments/134_authorized_key.yml deleted file mode 100644 index 38a47dc..0000000 --- a/changelogs/fragments/134_authorized_key.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: -- authorized_key - add a list of valid key types (https://github.com/ansible-collections/ansible.posix/issues/134). diff --git a/changelogs/fragments/144_add_community_docker_connection_plugin_alias.yml b/changelogs/fragments/144_add_community_docker_connection_plugin_alias.yml deleted file mode 100644 index 345b777..0000000 --- a/changelogs/fragments/144_add_community_docker_connection_plugin_alias.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -bugfixes: - - synchronize - add ``community.docker.docker`` to the list of supported - transports (https://github.com/ansible-collections/ansible.posix/issues/132). diff --git a/changelogs/fragments/14_mount_option.yml b/changelogs/fragments/14_mount_option.yml deleted file mode 100644 index e34d4cb..0000000 --- a/changelogs/fragments/14_mount_option.yml +++ /dev/null @@ -1,2 +0,0 @@ -bugfixes: -- Mount - Handle remount with new options (https://github.com/ansible/ansible/issues/59460). \ No newline at end of file diff --git a/changelogs/fragments/156-fix_no-log-needed_false_positives.yml b/changelogs/fragments/156-fix_no-log-needed_false_positives.yml deleted file mode 100644 index 07f2996..0000000 --- a/changelogs/fragments/156-fix_no-log-needed_false_positives.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -minor_changes: - - authorized_key - add ``no_log=False`` in ``argument_spec`` to clear false-positives of ``no-log-needed`` (https://github.com/ansible-collections/ansible.posix/pull/156). - - mount - add ``no_log=False`` in ``argument_spec`` to clear false-positives of ``no-log-needed`` (https://github.com/ansible-collections/ansible.posix/pull/156). diff --git a/changelogs/fragments/159-fix-60-deprecated-ansible_ssh_user.yml b/changelogs/fragments/159-fix-60-deprecated-ansible_ssh_user.yml deleted file mode 100644 index 3005ce9..0000000 --- a/changelogs/fragments/159-fix-60-deprecated-ansible_ssh_user.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -bugfixes: - - synchronize - replace removed ``ansible_ssh_user`` by ``ansible_user`` everywhere; do the same for - ``ansible_ssh_port`` and ``ansible_ssh_host`` (https://github.com/ansible-collections/ansible.posix/issues/60). diff --git a/changelogs/fragments/15_profile_tasks.yml b/changelogs/fragments/15_profile_tasks.yml deleted file mode 100644 index bc37545..0000000 --- a/changelogs/fragments/15_profile_tasks.yml +++ /dev/null @@ -1,2 +0,0 @@ -bugfixes: -- Profile_tasks - result was a odict_items which is not subscriptable, so the slicing was failing (https://github.com/ansible/ansible/issues/59059). \ No newline at end of file diff --git a/changelogs/fragments/167-synchronize-add_delay_option.yml b/changelogs/fragments/167-synchronize-add_delay_option.yml deleted file mode 100644 index 38070f4..0000000 --- a/changelogs/fragments/167-synchronize-add_delay_option.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -minor_changes: - - synchronize - add ``delay_updates`` option (https://github.com/ansible-collections/ansible.posix/issues/157). diff --git a/changelogs/fragments/169_add_lineseparator_to_command.yml b/changelogs/fragments/169_add_lineseparator_to_command.yml deleted file mode 100644 index 9497ba5..0000000 --- a/changelogs/fragments/169_add_lineseparator_to_command.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -bugfixes: - - at - append line-separator to the end of the ``command`` (https://github.com/ansible-collections/ansible.posix/issues/169). diff --git a/changelogs/fragments/175_synchronize.yml b/changelogs/fragments/175_synchronize.yml deleted file mode 100644 index 4d1a161..0000000 --- a/changelogs/fragments/175_synchronize.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -trivial: -- synchronize - fix typo in ``delete`` parameter (https://github.com/ansible-collections/ansible.posix/issues/175). diff --git a/changelogs/fragments/179_firewalld.yml b/changelogs/fragments/179_firewalld.yml deleted file mode 100644 index 782cebb..0000000 --- a/changelogs/fragments/179_firewalld.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -bugfixes: -- firewalld - ensure idempotency with firewalld 0.9.3 (https://github.com/ansible-collections/ansible.posix/issues/179). diff --git a/changelogs/fragments/17_authorized_keys.yml b/changelogs/fragments/17_authorized_keys.yml deleted file mode 100644 index ab430fa..0000000 --- a/changelogs/fragments/17_authorized_keys.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -bugfixes: -- authorized_keys - Added FIDO2 security keys (https://github.com/ansible-collections/ansible.posix/issues/17). diff --git a/changelogs/fragments/181-update_codecov_sh_url.yml b/changelogs/fragments/181-update_codecov_sh_url.yml deleted file mode 100644 index 3042c3e..0000000 --- a/changelogs/fragments/181-update_codecov_sh_url.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -trivial: - - testing - update codecov.sh URL (https://github.com/ansible-collections/ansible.posix/pull/181). diff --git a/changelogs/fragments/185_mount_at_boot.yml b/changelogs/fragments/185_mount_at_boot.yml deleted file mode 100644 index 1979533..0000000 --- a/changelogs/fragments/185_mount_at_boot.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -bugfixes: -- "mount - Handle ``boot`` option on Solaris correctly (https://github.com/ansible-collections/ansible.posix/issues/184)." diff --git a/changelogs/fragments/187-fix-synchronize-become-user.yml b/changelogs/fragments/187-fix-synchronize-become-user.yml deleted file mode 100644 index 77d72e0..0000000 --- a/changelogs/fragments/187-fix-synchronize-become-user.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -bugfixes: - - synchronize - use become_user when invoking rsync on remote with sudo - (https://github.com/ansible-collections/ansible.posix/issues/186). diff --git a/changelogs/fragments/193_firewalld.yml b/changelogs/fragments/193_firewalld.yml deleted file mode 100644 index 088a268..0000000 --- a/changelogs/fragments/193_firewalld.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -trivial: -- firewalld - specify unit for ``timeout`` parameter in docs (https://github.com/ansible-collections/ansible.posix/issues/193). diff --git a/changelogs/fragments/196_boot_opt_for_linux.yml b/changelogs/fragments/196_boot_opt_for_linux.yml deleted file mode 100644 index 62afecf..0000000 --- a/changelogs/fragments/196_boot_opt_for_linux.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -minor_changes: - - mount - Change behavior of ``boot`` option to set ``noauto`` on Linux nodes - (https://github.com/ansible-collections/ansible.posix/issues/28). diff --git a/changelogs/fragments/19_enable_tags.yml b/changelogs/fragments/19_enable_tags.yml deleted file mode 100644 index f5e24ed..0000000 --- a/changelogs/fragments/19_enable_tags.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: -- Enabled tags in galaxy.yml (https://github.com/ansible-collections/ansible.posix/issues/18). \ No newline at end of file diff --git a/changelogs/fragments/203_boot_opt_for_bsd.yml b/changelogs/fragments/203_boot_opt_for_bsd.yml deleted file mode 100644 index 0fdd50a..0000000 --- a/changelogs/fragments/203_boot_opt_for_bsd.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -minor_changes: - - mount - Change behavior of ``boot`` option to set ``noauto`` on BSD nodes - (https://github.com/ansible-collections/ansible.posix/issues/28). diff --git a/changelogs/fragments/204_csh_shell.yml b/changelogs/fragments/204_csh_shell.yml deleted file mode 100644 index 6d157a8..0000000 --- a/changelogs/fragments/204_csh_shell.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -bugfixes: -- csh - define ``ECHO`` and ``COMMAND_SEP`` (https://github.com/ansible-collections/ansible.posix/issues/204). diff --git a/changelogs/fragments/207-mount_tests.yml b/changelogs/fragments/207-mount_tests.yml deleted file mode 100644 index f5256d6..0000000 --- a/changelogs/fragments/207-mount_tests.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -trivial: - - Make the mount module integration tests more human readable. diff --git a/changelogs/fragments/21-mount-module_util-routing-issue.yml b/changelogs/fragments/21-mount-module_util-routing-issue.yml deleted file mode 100644 index 08563a2..0000000 --- a/changelogs/fragments/21-mount-module_util-routing-issue.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -bugfixes: - - mount - fix issues with ismount module_util pathing for Ansible 2.9 (fixes https://github.com/ansible-collections/ansible.posix/issues/21) diff --git a/changelogs/fragments/213_quote_cmd_args.yml b/changelogs/fragments/213_quote_cmd_args.yml deleted file mode 100644 index e669d41..0000000 --- a/changelogs/fragments/213_quote_cmd_args.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -bugfixes: -- Synchronize module not recognizing remote ssh key (https://github.com/ansible-collections/ansible.posix/issues/24). -- Synchronize not using quotes around arguments like --out-format (https://github.com/ansible-collections/ansible.posix/issues/190). diff --git a/changelogs/fragments/214-add_firewalld_info_module.yml b/changelogs/fragments/214-add_firewalld_info_module.yml deleted file mode 100644 index a1bfccc..0000000 --- a/changelogs/fragments/214-add_firewalld_info_module.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -trivial: - - firewalld_info - add ``firewalld_info`` module to ``ansible.posix`` collection (https://github.com/ansible-collections/ansible.posix/issues/98) diff --git a/changelogs/fragments/215_fix_REJECT_target_name.yml b/changelogs/fragments/215_fix_REJECT_target_name.yml deleted file mode 100644 index 206589f..0000000 --- a/changelogs/fragments/215_fix_REJECT_target_name.yml +++ /dev/null @@ -1,2 +0,0 @@ -bugfixes: - - firewalld - fix setting zone target to ``%%REJECT%%`` (https://github.com/ansible-collections/ansible.posix/pull/215). diff --git a/changelogs/fragments/217-restructure_authrized_key_test.yml b/changelogs/fragments/217-restructure_authrized_key_test.yml deleted file mode 100644 index 0374b95..0000000 --- a/changelogs/fragments/217-restructure_authrized_key_test.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -trivial: -- authorized_key - Split tasks/main.yml in integration tests to each function block. diff --git a/changelogs/fragments/222_synchronize.yml b/changelogs/fragments/222_synchronize.yml deleted file mode 100644 index af84610..0000000 --- a/changelogs/fragments/222_synchronize.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -bugfixes: -- synchronize - use SSH args from SSH connection plugin (https://github.com/ansible-collections/ansible.posix/issues/222). diff --git a/changelogs/fragments/226_sysctl_fix_integration_test.yml b/changelogs/fragments/226_sysctl_fix_integration_test.yml deleted file mode 100644 index 4c2bc2a..0000000 --- a/changelogs/fragments/226_sysctl_fix_integration_test.yml +++ /dev/null @@ -1,2 +0,0 @@ -bugfixes: -- sysctl - modifying conditional check for docker to fix tests being skipped (https://github.com/ansible-collections/ansible.posix/pull/226). diff --git a/changelogs/fragments/229_add_podman_connection_plugin_to_synchronize.yml b/changelogs/fragments/229_add_podman_connection_plugin_to_synchronize.yml deleted file mode 100644 index c6f3030..0000000 --- a/changelogs/fragments/229_add_podman_connection_plugin_to_synchronize.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -bugfixes: - - synchronize - add ``community.podman.podman`` to the list of supported connection plugins (https://github.com/ansible-community/molecule-podman/issues/45). diff --git a/changelogs/fragments/23-selinux-doesnt-create-missing-config-keys.yml b/changelogs/fragments/23-selinux-doesnt-create-missing-config-keys.yml deleted file mode 100644 index cd32784..0000000 --- a/changelogs/fragments/23-selinux-doesnt-create-missing-config-keys.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -bugfixes: - - selinux - add missing configuration keys for /etc/selinux/config (https://github.com/ansible-collections/ansible.posix/issues/23) diff --git a/changelogs/fragments/230_complete_podman_support_for_synchronize.yml b/changelogs/fragments/230_complete_podman_support_for_synchronize.yml deleted file mode 100644 index e9c6c41..0000000 --- a/changelogs/fragments/230_complete_podman_support_for_synchronize.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -bugfixes: - - synchronize - complete podman support for synchronize module. diff --git a/changelogs/fragments/233-fix-wrong-firewalld-version-info.yml b/changelogs/fragments/233-fix-wrong-firewalld-version-info.yml deleted file mode 100644 index f1bf525..0000000 --- a/changelogs/fragments/233-fix-wrong-firewalld-version-info.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -trivial: - - firewalld - fix wrong version number in the module document. diff --git a/changelogs/fragments/241-synchronize-shell-quoting.yml b/changelogs/fragments/241-synchronize-shell-quoting.yml deleted file mode 100644 index 8b6df47..0000000 --- a/changelogs/fragments/241-synchronize-shell-quoting.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -bugfixes: - - synchronize - properly quote rsync CLI parameters (https://github.com/ansible-collections/ansible.posix/pull/241). diff --git a/changelogs/fragments/25_ansible_metadata.yml b/changelogs/fragments/25_ansible_metadata.yml deleted file mode 100644 index c2b0185..0000000 --- a/changelogs/fragments/25_ansible_metadata.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: -- Removed ANSIBLE_METADATA from all the modules. \ No newline at end of file diff --git a/changelogs/fragments/26_profile_tasks_doc.yml b/changelogs/fragments/26_profile_tasks_doc.yml deleted file mode 100644 index b40d085..0000000 --- a/changelogs/fragments/26_profile_tasks_doc.yml +++ /dev/null @@ -1,2 +0,0 @@ -bugfixes: -- Typecast results before use in profile_tasks callback (https://github.com/ansible/ansible/issues/69563). \ No newline at end of file diff --git a/changelogs/fragments/27_update_examples.yml b/changelogs/fragments/27_update_examples.yml deleted file mode 100644 index 1fcd35e..0000000 --- a/changelogs/fragments/27_update_examples.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: -- Update EXAMPLES section in modules to use FQCN. \ No newline at end of file diff --git a/changelogs/fragments/33_mount.yml b/changelogs/fragments/33_mount.yml deleted file mode 100644 index 794ba28..0000000 --- a/changelogs/fragments/33_mount.yml +++ /dev/null @@ -1,2 +0,0 @@ -bugfixes: -- Revert "mount - Check if src exists before mounted (ansible/ansible#61752)". \ No newline at end of file diff --git a/changelogs/fragments/35_disable_tests.yml b/changelogs/fragments/35_disable_tests.yml deleted file mode 100644 index ba46c43..0000000 --- a/changelogs/fragments/35_disable_tests.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: -- Revert "Enable at, patch and synchronize tests (https://github.com/ansible-collections/ansible.posix/pull/5)". \ No newline at end of file diff --git a/changelogs/fragments/37-authorized_keys-inconsistent-check-mode-values.yml b/changelogs/fragments/37-authorized_keys-inconsistent-check-mode-values.yml deleted file mode 100644 index eed6ec6..0000000 --- a/changelogs/fragments/37-authorized_keys-inconsistent-check-mode-values.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -bugfixes: - - authorized_keys - fix inconsistent return value for check mode (https://github.com/ansible-collections/ansible.posix/issues/37) diff --git a/changelogs/fragments/39_remove_license.yml b/changelogs/fragments/39_remove_license.yml deleted file mode 100644 index 89e2ffd..0000000 --- a/changelogs/fragments/39_remove_license.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: -- Remove license key from galaxy.yml. \ No newline at end of file diff --git a/changelogs/fragments/43_remove_shippable.yml b/changelogs/fragments/43_remove_shippable.yml deleted file mode 100644 index c7e9062..0000000 --- a/changelogs/fragments/43_remove_shippable.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: -- Remove sanity jobs from shippable (https://github.com/ansible-collections/ansible.posix/pull/43). \ No newline at end of file diff --git a/changelogs/fragments/4_update_readme.yml b/changelogs/fragments/4_update_readme.yml deleted file mode 100644 index d38f4cd..0000000 --- a/changelogs/fragments/4_update_readme.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: -- Update README.md (https://github.com/ansible-collections/ansible.posix/pull/4/). \ No newline at end of file diff --git a/changelogs/fragments/5_enable_tests.yml b/changelogs/fragments/5_enable_tests.yml deleted file mode 100644 index a5a60dd..0000000 --- a/changelogs/fragments/5_enable_tests.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: -- Enable tests for at, patch and synchronize modules (https://github.com/ansible-collections/ansible.posix/pull/5). \ No newline at end of file diff --git a/changelogs/fragments/65931-json-callback-non-lockstep-output.yml b/changelogs/fragments/65931-json-callback-non-lockstep-output.yml deleted file mode 100644 index c6854ae..0000000 --- a/changelogs/fragments/65931-json-callback-non-lockstep-output.yml +++ /dev/null @@ -1,4 +0,0 @@ -bugfixes: -- json callback - Fix host result to task references in the resultant JSON - output for non-lockstep strategy plugins such as free - (https://github.com/ansible/ansible/issues/65931) diff --git a/changelogs/fragments/6_test_devel.yml b/changelogs/fragments/6_test_devel.yml deleted file mode 100644 index 30510a2..0000000 --- a/changelogs/fragments/6_test_devel.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: -- CI should use devel (https://github.com/ansible-collections/ansible.posix/pull/6). \ No newline at end of file diff --git a/changelogs/fragments/74_synchronize_docker.yml b/changelogs/fragments/74_synchronize_docker.yml deleted file mode 100644 index 41ee488..0000000 --- a/changelogs/fragments/74_synchronize_docker.yml +++ /dev/null @@ -1,2 +0,0 @@ -bugfixes: -- Fix synchronize to work with renamed docker and buildah connection plugins. \ No newline at end of file diff --git a/changelogs/fragments/7_env.yml b/changelogs/fragments/7_env.yml deleted file mode 100644 index a8a663e..0000000 --- a/changelogs/fragments/7_env.yml +++ /dev/null @@ -1,2 +0,0 @@ -bugfixes: -- Allow unsetting existing environment vars via environment by specifying a null value (https://github.com/ansible/ansible/pull/68236). \ No newline at end of file diff --git a/changelogs/fragments/82-private-key-override-fix.yml b/changelogs/fragments/82-private-key-override-fix.yml deleted file mode 100644 index 341fe60..0000000 --- a/changelogs/fragments/82-private-key-override-fix.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -bugfixes: - - synchronize - fix for private_key overriding in synchronize module. diff --git a/changelogs/fragments/99-at_add_aix_support.yml b/changelogs/fragments/99-at_add_aix_support.yml deleted file mode 100644 index da92789..0000000 --- a/changelogs/fragments/99-at_add_aix_support.yml +++ /dev/null @@ -1,2 +0,0 @@ -bugfixes: -- at - add AIX support (https://github.com/ansible-collections/ansible.posix/pull/99). diff --git a/changelogs/fragments/firewalld_integ_test.yml b/changelogs/fragments/firewalld_integ_test.yml deleted file mode 100644 index e19ab9c..0000000 --- a/changelogs/fragments/firewalld_integ_test.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -trivial: -- firewalld - fix integration tests for Fedora 34 (https://github.com/ansible-collections/ansible.posix/pull/243). diff --git a/changelogs/fragments/firewalld_migration.yml b/changelogs/fragments/firewalld_migration.yml deleted file mode 100644 index 3d97e2b..0000000 --- a/changelogs/fragments/firewalld_migration.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -minor_changes: - - firewalld - add firewalld module to ansible.posix collection diff --git a/changelogs/fragments/firewalld_test.yml b/changelogs/fragments/firewalld_test.yml deleted file mode 100644 index 4ed6020..0000000 --- a/changelogs/fragments/firewalld_test.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -bugfixes: -- firewalld - enable integration after migration (https://github.com/ansible-collections/ansible.posix/pull/239). diff --git a/changelogs/fragments/firewalld_zone_target.yml b/changelogs/fragments/firewalld_zone_target.yml deleted file mode 100644 index 13597b0..0000000 --- a/changelogs/fragments/firewalld_zone_target.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: - - firewalld - bring the ``target`` feature back (https://github.com/ansible-collections/ansible.posix/issues/112). diff --git a/changelogs/fragments/initial_commit.yaml b/changelogs/fragments/initial_commit.yaml deleted file mode 100644 index 2ea98b5..0000000 --- a/changelogs/fragments/initial_commit.yaml +++ /dev/null @@ -1,2 +0,0 @@ -major_changes: -- Bootstrap Collection (https://github.com/ansible-collections/ansible.posix/pull/1). \ No newline at end of file diff --git a/changelogs/fragments/misc_fix.yml b/changelogs/fragments/misc_fix.yml deleted file mode 100644 index 66b7eff..0000000 --- a/changelogs/fragments/misc_fix.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: -- fix sanity test for various modules. diff --git a/changelogs/fragments/sanity_test_ignore_file.yml b/changelogs/fragments/sanity_test_ignore_file.yml deleted file mode 100644 index 8a9df55..0000000 --- a/changelogs/fragments/sanity_test_ignore_file.yml +++ /dev/null @@ -1,2 +0,0 @@ -trivial: -- Add sanity test ignore file for ansible version 2.12 diff --git a/changelogs/fragments/skippy_deprecation.yml b/changelogs/fragments/skippy_deprecation.yml deleted file mode 100644 index 88942a0..0000000 --- a/changelogs/fragments/skippy_deprecation.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -minor_changes: - - skippy - fixed the deprecation warning (by date) for skippy callback plugin diff --git a/changelogs/fragments/synchronize.yml b/changelogs/fragments/synchronize.yml deleted file mode 100644 index 29c5a2b..0000000 --- a/changelogs/fragments/synchronize.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -minor_changes: -- synchronize - fix typo (https://github.com/ansible-collections/ansible.posix/pull/198). diff --git a/changelogs/fragments/test_matrix.yml b/changelogs/fragments/test_matrix.yml deleted file mode 100644 index 0c41cdc..0000000 --- a/changelogs/fragments/test_matrix.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: -- added 2.11 branch to test matrix, added ignore-2.12.txt. diff --git a/docs/ansible.posix.acl_module.rst b/docs/ansible.posix.acl_module.rst index 2b47f98..aab5a37 100644 --- a/docs/ansible.posix.acl_module.rst +++ b/docs/ansible.posix.acl_module.rst @@ -59,7 +59,7 @@ Parameters entity
- - + string
@@ -74,7 +74,7 @@ Parameters entry
- - + string
@@ -94,7 +94,7 @@ Parameters etype
- - + string
@@ -151,13 +151,14 @@ Parameters permissions
- - + string
-
The permissions to apply/remove can be any combination of r, w, x (read, write and execute respectively), and X (execute permission if the file is a directory or already has execute permission for some user)
+
The permissions to apply/remove can be any combination of r, w, x
+
(read, write and execute respectively), and X (execute permission if the file is a directory or already has execute permission for some user)
@@ -166,7 +167,7 @@ Parameters recalculate_mask
- - + string
@@ -200,6 +201,8 @@ Parameters
Recursively sets the specified ACL.
Incompatible with state=query.
+
Alias recurse added in version 1.3.0.
+

aliases: recurse
@@ -208,7 +211,7 @@ Parameters state
- - + string
@@ -259,7 +262,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Grant user Joe read access to a file ansible.posix.acl: diff --git a/docs/ansible.posix.at_module.rst b/docs/ansible.posix.at_module.rst index 3d2b41f..d9f3cc8 100644 --- a/docs/ansible.posix.at_module.rst +++ b/docs/ansible.posix.at_module.rst @@ -62,7 +62,6 @@ Parameters
integer - / required
@@ -131,7 +130,6 @@ Parameters
string - / required
@@ -155,7 +153,7 @@ Parameters Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Schedule a command to execute in 20 minutes as root ansible.posix.at: diff --git a/docs/ansible.posix.authorized_key_module.rst b/docs/ansible.posix.authorized_key_module.rst index ceef3ef..69e80e3 100644 --- a/docs/ansible.posix.authorized_key_module.rst +++ b/docs/ansible.posix.authorized_key_module.rst @@ -113,7 +113,7 @@ Parameters key_options
- - + string
@@ -226,7 +226,7 @@ Parameters Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Set authorized key taken from file ansible.posix.authorized_key: diff --git a/docs/ansible.posix.firewalld_info_module.rst b/docs/ansible.posix.firewalld_info_module.rst new file mode 100644 index 0000000..8bb6508 --- /dev/null +++ b/docs/ansible.posix.firewalld_info_module.rst @@ -0,0 +1,520 @@ +.. _ansible.posix.firewalld_info_module: + + +**************************** +ansible.posix.firewalld_info +**************************** + +**Gather information about firewalld** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module gathers information about firewalld rules. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- firewalld >= 0.2.11 +- python-firewall +- python-dbus + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsComments
+
+ active_zones + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+
Gather information about active zones.
+
+
+ zones + +
+ list + / elements=string +
+ 		+ +
Gather information about specific zones.
+
If only works if active_zones is set to false.
+
+
+ + + + +Examples +-------- + +.. code-block:: yaml + + - name: Gather information about active zones + ansible.posix.firewalld_info: + active_zones: yes + + - name: Gather information about specific zones + ansible.posix.firewalld_info: + zones: + - public + - external + - internal + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ active_zones + +
+ boolean +
+ 		success +
Gather active zones only if turn it true.
+
+
+
+ collected_zones + +
+ list +
+ 		success +
A list of collected zones.
+
+
Sample:
+
['external', 'internal']
+
+
+ firewalld_info + +
+ complex +
+ 		success +
Returns various information about firewalld configuration.
+
+
  +
+ default_zones + +
+ string +
+ 		success +
The zone name of default zone.
+
+
Sample:
+
public
+
  +
+ version + +
+ string +
+ 		success +
The version information of firewalld.
+
+
Sample:
+
0.8.2
+
  +
+ zones + +
+ complex +
+ 		success +
A dict of zones to gather information.
+
+
   +
+ zone + +
+ complex +
+ 		success +
The zone name registered in firewalld.
+
+
Sample:
+
external
+
    +
+ forward + +
+ boolean +
+ 		success +
The network interface forwarding.
+
This parameter supports on python-firewall 0.9.0(or later) and is not collected in earlier versions.
+
+
    +
+ forward_ports + +
+ list +
+ 		success +
A list of forwarding port pair with protocol.
+
+
Sample:
+
['icmp', 'ipv6-icmp']
+
    +
+ icmp_block_inversion + +
+ boolean +
+ 		success +
The ICMP block inversion to block all ICMP requests.
+
+
    +
+ icmp_blocks + +
+ list +
+ 		success +
A list of blocking icmp protocol.
+
+
Sample:
+
['echo-request']
+
    +
+ interfaces + +
+ list +
+ 		success +
A list of network interfaces.
+
+
Sample:
+
['eth0', 'eth1']
+
    +
+ masquerade + +
+ boolean +
+ 		success +
The network interface masquerading.
+
+
    +
+ ports + +
+ list +
+ 		success +
A list of network port with protocol.
+
+
Sample:
+
[['22', 'tcp'], ['80', 'tcp']]
+
    +
+ protocols + +
+ list +
+ 		success +
A list of network protocol.
+
+
Sample:
+
['icmp', 'ipv6-icmp']
+
    +
+ rich_rules + +
+ list +
+ 		success +
A list of rich language rule.
+
+
Sample:
+
['rule protocol value="icmp" reject', 'rule priority="32767" reject']
+
    +
+ services + +
+ list +
+ 		success +
A list of network services.
+
+
Sample:
+
['dhcp', 'dns', 'ssh']
+
    +
+ source_ports + +
+ list +
+ 		success +
A list of network source port with protocol.
+
+
Sample:
+
[['30000', 'tcp'], ['30001', 'tcp']]
+
    +
+ sources + +
+ list +
+ 		success +
A list of source network address.
+
+
Sample:
+
['172.16.30.0/24', '172.16.31.0/24']
+
    +
+ target + +
+ string +
+ 		success +
A list of services in the zone.
+
+
Sample:
+
ACCEPT
+
+
+ undefined_zones + +
+ list +
+ 		success +
A list of undefined zones in zones option.
+
undefined_zones will be ignored for gathering process.
+
+
Sample:
+
['foo', 'bar']
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Hideki Saito (@saito-hideki) diff --git a/docs/ansible.posix.firewalld_module.rst b/docs/ansible.posix.firewalld_module.rst index 4a750ad..a041534 100644 --- a/docs/ansible.posix.firewalld_module.rst +++ b/docs/ansible.posix.firewalld_module.rst @@ -34,12 +34,12 @@ Parameters - + - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + + + + + - - - - + + + + + - @@ -235,7 +238,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Before 2.3, option 'name' was used instead of 'path' - name: Mount DVD read-only @@ -296,6 +299,15 @@ Examples state: mounted fstype: nfs + - name: Mount NFS volumes with noauto according to boot option + ansible.posix.mount: + src: 192.168.1.100:/nfs/ssd/shared_data + path: /mnt/shared_data + opts: rw,sync,hard,intr + boot: no + state: mounted + fstype: nfs + diff --git a/docs/ansible.posix.patch_module.rst b/docs/ansible.posix.patch_module.rst index 95d8e2e..60c30cf 100644 --- a/docs/ansible.posix.patch_module.rst +++ b/docs/ansible.posix.patch_module.rst @@ -212,7 +212,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Apply patch to one file ansible.posix.patch: diff --git a/docs/ansible.posix.seboolean_module.rst b/docs/ansible.posix.seboolean_module.rst index 31ab10e..b089b14 100644 --- a/docs/ansible.posix.seboolean_module.rst +++ b/docs/ansible.posix.seboolean_module.rst @@ -65,7 +65,7 @@ Parameters name
- - + string / required
@@ -129,7 +129,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Set httpd_can_network_connect flag on and keep it persistent across reboots ansible.posix.seboolean: diff --git a/docs/ansible.posix.selinux_module.rst b/docs/ansible.posix.selinux_module.rst index aec26e9..b7f7976 100644 --- a/docs/ansible.posix.selinux_module.rst +++ b/docs/ansible.posix.selinux_module.rst @@ -47,7 +47,7 @@ Parameters configfile
- - + string
@@ -79,7 +79,7 @@ Parameters state
- - + string / required
@@ -103,7 +103,7 @@ Parameters Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Enable SELinux ansible.posix.selinux: diff --git a/docs/ansible.posix.synchronize_module.rst b/docs/ansible.posix.synchronize_module.rst index efd892b..82458df 100644 --- a/docs/ansible.posix.synchronize_module.rst +++ b/docs/ansible.posix.synchronize_module.rst @@ -113,6 +113,26 @@ Parameters
Copy symlinks as the item that they point to (the referent) is copied, rather than the symlink.
+ + + + + @@ -165,7 +185,7 @@ Parameters @@ -233,6 +253,7 @@ Parameters
list + / elements=string
+ + + + + @@ -542,7 +586,7 @@ Notes - Inspect the verbose output to validate the destination user/host/path are what was expected. - To exclude files and directories from being synchronized, you may add ``.rsync-filter`` files to the source directory. - rsync daemon must be up and running with correct permission when using rsync protocol in source or destination path. - - The ``synchronize`` module forces `--delay-updates` to avoid leaving a destination in a broken in-between state if the underlying rsync process encounters an error. Those synchronizing large numbers of files that are willing to trade safety for performance should call rsync directly. + - The ``synchronize`` module enables `--delay-updates` by default to avoid leaving a destination in a broken in-between state if the underlying rsync process encounters an error. Those synchronizing large numbers of files that are willing to trade safety for performance should disable this option. - link_destination is subject to the same limitations as the underlying rsync daemon. Hard links are only preserved if the relative subtrees of the source and destination are the same. Attempts to hardlink into a directory that is a subdirectory of the source will be prevented. @@ -560,7 +604,7 @@ See Also Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Synchronization of src on the control machine to dest on the remote hosts ansible.posix.synchronize: @@ -678,7 +722,7 @@ Examples # Specify the rsync binary to use on remote host and on local host - hosts: groupofhosts vars: - ansible_rsync_path: /usr/gnu/bin/rsync + ansible_rsync_path: /usr/gnu/bin/rsync tasks: - name: copy /tmp/localpath/ to remote location /tmp/remotepath diff --git a/docs/ansible.posix.sysctl_module.rst b/docs/ansible.posix.sysctl_module.rst index 1d7b34b..1f49cf6 100644 --- a/docs/ansible.posix.sysctl_module.rst +++ b/docs/ansible.posix.sysctl_module.rst @@ -58,14 +58,14 @@ Parameters name
- - + string / required
@@ -94,7 +94,7 @@ Parameters state
- - + string
ParameterParameter Choices/Defaults Comments
+
icmp_block @@ -54,7 +54,7 @@ Parameters
+
icmp_block_inversion @@ -69,7 +69,7 @@ Parameters
+
immediate @@ -88,7 +88,7 @@ Parameters
+
interface @@ -103,7 +103,7 @@ Parameters
+
masquerade @@ -118,7 +118,7 @@ Parameters
+
offline @@ -137,7 +137,7 @@ Parameters
+
permanent @@ -153,12 +153,12 @@ Parameters
Should this configuration be in the running firewalld configuration or persist across reboots.
-
As of Ansible 2.3, permanent operations can operate on firewalld configs when it is not running (requires firewalld >= 3.0.9).
+
As of Ansible 2.3, permanent operations can operate on firewalld configs when it is not running (requires firewalld >= 0.3.9).
Note that if this is no, immediate is assumed yes.
+
port @@ -174,12 +174,13 @@ Parameters
+
port_forward
- string + list + / elements=dictionary
@@ -188,8 +189,80 @@ Parameters
Port and protocol to forward using firewalld.
+
+ port + +
+ string + / required +
+ 		+ +
Source port to forward from
+
+
+ proto + +
+ string + / required +
+ 		+
    Choices: +
  • udp
    • +
  • tcp
    • +
+ 		+
protocol to forward
+
+
+ toaddr + +
+ string +
+ 		+ +
Optional address to forward to
+
+
+ toport + +
+ string + / required +
+ 		+ +
destination port
+
rich_rule @@ -205,7 +278,7 @@ Parameters
+
service @@ -221,7 +294,7 @@ Parameters
+
source @@ -236,7 +309,7 @@ Parameters
+
state @@ -260,7 +333,30 @@ Parameters
+ +
+ target + +
+ string +
+
added in 1.2.0
+ 		+
    Choices: +
  • default
    • +
  • ACCEPT
    • +
  • DROP
    • +
  • %%REJECT%%
    • +
+ 		+
firewalld Zone target
+
If state is set to absent, this will reset the target to default
+
timeout @@ -272,11 +368,11 @@ Parameters Default:
0
 -
The amount of time the rule should be in effect for when non-permanent.
+
The amount of time in seconds the rule should be in effect for when non-permanent.
+
zone @@ -311,7 +407,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: permit traffic in default zone for https service ansible.posix.firewalld: @@ -375,13 +471,15 @@ Examples permanent: yes icmp_block: echo-request - - name: Redirect port 443 to 8443 - become: yes + - ansible.posix.firewalld: + zone: internal + state: present + permanent: yes + target: ACCEPT + + - name: Redirect port 443 to 8443 with Rich Rule ansible.posix.firewalld: - port_forward: - - port: 443 - proto: tcp - toport: 8443 + rich_rule: rule family=ipv4 forward-port port=443 protocol=tcp to-port=8443 zone: public permanent: yes immediate: yes @@ -389,6 +487,7 @@ Examples + Status ------ diff --git a/docs/ansible.posix.mount_module.rst b/docs/ansible.posix.mount_module.rst index d7b7535..d955f7b 100644 --- a/docs/ansible.posix.mount_module.rst +++ b/docs/ansible.posix.mount_module.rst @@ -69,7 +69,10 @@ Parameters
Determines if the filesystem should be mounted on boot.
-
Only applies to Solaris systems.
+
Only applies to Solaris and Linux systems.
+
For Solaris systems, true will set yes as the value of mount at boot in /etc/vfstab.
+
For Linux, FreeBSD, NetBSD and OpenBSD systems, false will add noauto to mount options in /etc/fstab.
+
To avoid mount option conflicts, if noauto specified in opts, mount module will ignore boot.
@@ -64,13 +64,13 @@ Parameters policy
- - + string
-
The name of the SELinux policy to use (e.g. targeted) will be required if state is not disabled.
+
The name of the SELinux policy to use (e.g. targeted) will be required if state is not disabled.
+
+ delay_updates + +
+ boolean +
+
added in 1.3.0
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+
This option puts the temporary file from each updated file into a holding directory until the end of the transfer, at which time all the files are renamed into place in rapid succession.
+
@@ -129,9 +149,9 @@ Parameters 		-
Delete files in dest that don't exist (after transfer, not before) in the src path.
-
This option requires recursive=yes.
-
This option ignores excluded files and behaves like the rsync opt --delete-excluded.
+
Delete files in dest that do not exist (after transfer, not before) in the src path.
+
This option requires recursive=yes.
+
This option ignores excluded files and behaves like the rsync opt --delete-after.
Port number for ssh on the destination host.
Prior to Ansible 2.0, the ansible_ssh_port inventory var took precedence over this value.
-
This parameter defaults to the value of ansible_ssh_port or ansible_port, the remote_port config setting or the value from ssh client configuration if none of the former have been set.
+
This parameter defaults to the value of ansible_port, the remote_port config setting or the value from ssh client configuration if none of the former have been set.
@@ -384,6 +405,7 @@ Parameters
list + / elements=string
@@ -463,6 +485,27 @@ Parameters
The path can be absolute or relative.
+
+ ssh_connection_multiplexing + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+
SSH connection multiplexing for rsync is disabled by default to prevent misconfigured ControlSockets from resulting in failed SSH connections. This is accomplished by setting the SSH ControlSocket to none.
+
Set this option to yes to allow multiplexing and reduce SSH connection overhead.
+
Note that simply setting this option to yes is not enough; You must also configure SSH connection multiplexing in your SSH client config by setting values for ControlMaster, ControlPersist and ControlPath.
+
@@ -499,7 +542,8 @@ Parameters 		-
Use the ssh_args specified in ansible.cfg.
+
In Ansible 2.10 and lower, it uses the ssh_args specified in ansible.cfg.
+
In Ansible 2.11 and onwards, when set to true, it uses all SSH connection configurations like ansible_ssh_args, ansible_ssh_common_args, and ansible_ssh_extra_args.
-
The dot-separated path (aka key) specifying the sysctl variable.
+
The dot-separated path (also known as key) specifying the sysctl variable.

aliases: key
@@ -113,7 +113,7 @@ Parameters sysctl_file
- - + path
@@ -148,7 +148,7 @@ Parameters value
- - + string
@@ -167,7 +167,7 @@ Parameters Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Set vm.swappiness to 5 in /etc/sysctl.conf - ansible.posix.sysctl: @@ -212,4 +212,4 @@ Status Authors ~~~~~~~ -- David CHANIAL (@davixx) +- David CHANIAL (@davixx) diff --git a/galaxy.yml b/galaxy.yml index da182e8..f472532 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -1,6 +1,6 @@ namespace: ansible name: posix -version: 1.2.0 +version: 1.3.0 readme: README.md authors: - Ansible (github.com/ansible) From 617302ba94dcce4cbdfb5c7e30a1dc1993544c5e Mon Sep 17 00:00:00 2001 From: Hideki Saito Date: Wed, 11 Aug 2021 18:43:09 +0900 Subject: [PATCH 14/37] Modify version number to prepare next release * 1.3.0 => 1.4.0 Signed-off-by: Hideki Saito --- galaxy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/galaxy.yml b/galaxy.yml index f472532..a3b9509 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -1,6 +1,6 @@ namespace: ansible name: posix -version: 1.3.0 +version: 1.4.0 readme: README.md authors: - Ansible (github.com/ansible) From 12941f6d9abe41040fe58e2422570cee32472022 Mon Sep 17 00:00:00 2001 From: Abhijeet Kasurde Date: Mon, 16 Aug 2021 13:51:39 +0530 Subject: [PATCH 15/37] firewalld: Correct usage of queryForwardPort * Correct queryForwardPort API usage * Enable port_foward_test_cases tests Fixes: #247 Signed-off-by: Abhijeet Kasurde --- changelogs/fragments/247_firewalld.yml | 3 +++ plugins/modules/firewalld.py | 2 +- .../integration/targets/firewalld/tasks/run_all_tests.yml | 7 +++++-- 3 files changed, 9 insertions(+), 3 deletions(-) create mode 100644 changelogs/fragments/247_firewalld.yml diff --git a/changelogs/fragments/247_firewalld.yml b/changelogs/fragments/247_firewalld.yml new file mode 100644 index 0000000..2a45b48 --- /dev/null +++ b/changelogs/fragments/247_firewalld.yml @@ -0,0 +1,3 @@ +--- +bugfixes: +- firewalld - Correct usage of queryForwardPort (https://github.com/ansible-collections/ansible.posix/issues/247). diff --git a/plugins/modules/firewalld.py b/plugins/modules/firewalld.py index f892cd3..95bfe53 100644 --- a/plugins/modules/firewalld.py +++ b/plugins/modules/firewalld.py @@ -706,7 +706,7 @@ class ForwardPortTransaction(FirewallTransaction): if self.fw_offline: dummy, fw_settings = self.get_fw_zone_settings() return fw_settings.queryForwardPort(port=port, protocol=proto, to_port=toport, to_addr=toaddr) - return self.fw.queryForwardPort(port=port, protocol=proto, to_port=toport, to_addr=toaddr) + return self.fw.queryForwardPort(zone=self.zone, port=port, protocol=proto, toport=toport, toaddr=toaddr) def get_enabled_permanent(self, port, proto, toport, toaddr, timeout): dummy, fw_settings = self.get_fw_zone_settings() diff --git a/tests/integration/targets/firewalld/tasks/run_all_tests.yml b/tests/integration/targets/firewalld/tasks/run_all_tests.yml index 29d253d..4270e89 100644 --- a/tests/integration/targets/firewalld/tasks/run_all_tests.yml +++ b/tests/integration/targets/firewalld/tasks/run_all_tests.yml @@ -14,7 +14,10 @@ - include_tasks: port_test_cases.yml # firewalld source operation test cases -- import_tasks: source_test_cases.yml +- include_tasks: source_test_cases.yml # firewalld zone target operation test cases -- import_tasks: zone_target_test_cases.yml \ No newline at end of file +- include_tasks: zone_target_test_cases.yml + +# firewalld port forwarding operation test cases +- include_tasks: port_forward_test_cases.yml From 249e64a64dde382efc904e7af6db420f4d9ccca1 Mon Sep 17 00:00:00 2001 From: Abhijeet Kasurde Date: Mon, 16 Aug 2021 16:04:29 +0530 Subject: [PATCH 16/37] sanity fixes for pylint test Signed-off-by: Abhijeet Kasurde --- changelogs/fragments/sanity_fixes.yml | 3 +++ tests/sanity/ignore-2.12.txt | 2 +- tests/unit/mock/loader.py | 4 ++-- 3 files changed, 6 insertions(+), 3 deletions(-) create mode 100644 changelogs/fragments/sanity_fixes.yml diff --git a/changelogs/fragments/sanity_fixes.yml b/changelogs/fragments/sanity_fixes.yml new file mode 100644 index 0000000..4920b88 --- /dev/null +++ b/changelogs/fragments/sanity_fixes.yml @@ -0,0 +1,3 @@ +--- +trivial: +- sanity fixes for pylint test. diff --git a/tests/sanity/ignore-2.12.txt b/tests/sanity/ignore-2.12.txt index 013403f..0b6905e 100644 --- a/tests/sanity/ignore-2.12.txt +++ b/tests/sanity/ignore-2.12.txt @@ -1,4 +1,4 @@ -plugins/modules/synchronize.py pylint:blacklisted-name +plugins/modules/synchronize.py pylint:disallowed-name plugins/modules/synchronize.py use-argspec-type-path plugins/modules/synchronize.py validate-modules:doc-default-does-not-match-spec plugins/modules/synchronize.py validate-modules:nonexistent-parameter-documented diff --git a/tests/unit/mock/loader.py b/tests/unit/mock/loader.py index 0ee47fb..e5dff78 100644 --- a/tests/unit/mock/loader.py +++ b/tests/unit/mock/loader.py @@ -46,8 +46,8 @@ class DictDataLoader(DataLoader): # TODO: the real _get_file_contents returns a bytestring, so we actually convert the # unicode/text it's created with to utf-8 - def _get_file_contents(self, path): - path = to_text(path) + def _get_file_contents(self, file_name): + path = to_text(file_name) if path in self._file_mapping: return (to_bytes(self._file_mapping[path]), False) else: From 4a67de7b08adccf16fbc613cea25513affb8875d Mon Sep 17 00:00:00 2001 From: Hideki Saito Date: Tue, 24 Aug 2021 19:11:45 +0900 Subject: [PATCH 17/37] Display warning message if wrong parameter set to masquerade or icmp-block-inversion * This PR is a part of #249 Signed-off-by: Hideki Saito --- changelogs/fragments/254_variable_warnings.yml | 5 +++++ plugins/modules/firewalld.py | 17 +++++++++++++++++ 2 files changed, 22 insertions(+) create mode 100644 changelogs/fragments/254_variable_warnings.yml diff --git a/changelogs/fragments/254_variable_warnings.yml b/changelogs/fragments/254_variable_warnings.yml new file mode 100644 index 0000000..4b87e31 --- /dev/null +++ b/changelogs/fragments/254_variable_warnings.yml @@ -0,0 +1,5 @@ +--- +minor_changes: +- firewalld - Show warning message that variable type of ``masquerade`` and + ``icmp_block_inversion`` will be changed from ``str`` to ``boolean`` + in the future release (https://github.com/ansible-collections/ansible.posix/pull/254). diff --git a/plugins/modules/firewalld.py b/plugins/modules/firewalld.py index 95bfe53..f7a4a67 100644 --- a/plugins/modules/firewalld.py +++ b/plugins/modules/firewalld.py @@ -213,6 +213,7 @@ EXAMPLES = r''' ''' from ansible.module_utils.basic import AnsibleModule +from ansible.module_utils.parsing.convert_bool import boolean from ansible_collections.ansible.posix.plugins.module_utils.firewalld import FirewallTransaction, fw_offline try: @@ -875,6 +876,14 @@ def main(): if changed is True: msgs.append("Changed icmp-block-inversion %s to %s" % (icmp_block_inversion, desired_state)) + # Type of icmp_block_inversion will be changed to boolean in a future release. + try: + boolean(icmp_block_inversion, True) + except TypeError: + module.warn('The value of the icmp_block_inversion option is "%s". ' + 'The type of the option will be changed from string to boolean in a future release. ' + 'To avoid unexpected behavior, please change the value to boolean.' % icmp_block_inversion) + if service is not None: transaction = ServiceTransaction( @@ -992,6 +1001,14 @@ def main(): changed, transaction_msgs = transaction.run() msgs = msgs + transaction_msgs + # Type of masquerade will be changed to boolean in a future release. + try: + boolean(masquerade, True) + except TypeError: + module.warn('The value of the masquerade option is "%s". ' + 'The type of the option will be changed from string to boolean in a future release. ' + 'To avoid unexpected behavior, please change the value to boolean.' % masquerade) + if target is not None: transaction = ZoneTargetTransaction( From 1626c3d5e613514b58db28fb67f420133353e6b7 Mon Sep 17 00:00:00 2001 From: Simon Legner Date: Wed, 8 Sep 2021 08:00:56 +0200 Subject: [PATCH 18/37] docs(authorized_key): add lookup.url example --- changelogs/fragments/255_authorized_key_url.yml | 3 +++ plugins/modules/authorized_key.py | 6 ++++++ 2 files changed, 9 insertions(+) create mode 100644 changelogs/fragments/255_authorized_key_url.yml diff --git a/changelogs/fragments/255_authorized_key_url.yml b/changelogs/fragments/255_authorized_key_url.yml new file mode 100644 index 0000000..556f13b --- /dev/null +++ b/changelogs/fragments/255_authorized_key_url.yml @@ -0,0 +1,3 @@ +--- +trivial: +- authorized_keys - add example involving lookup.url diff --git a/plugins/modules/authorized_key.py b/plugins/modules/authorized_key.py index 7f203e3..e11b416 100644 --- a/plugins/modules/authorized_key.py +++ b/plugins/modules/authorized_key.py @@ -94,6 +94,12 @@ EXAMPLES = r''' state: present key: https://github.com/charlie.keys +- name: Set authorized keys taken from url using lookup + ansible.posix.authorized_key: + user: charlie + state: present + key: "{{ lookup('url', 'https://github.com/charlie.keys', split_lines=False) }}" + - name: Set authorized key in alternate location ansible.posix.authorized_key: user: charlie From dc8f7d68dfe8da1f57e610610f5925c0fc5d1cee Mon Sep 17 00:00:00 2001 From: Abhijeet Kasurde Date: Wed, 8 Sep 2021 11:39:17 +0530 Subject: [PATCH 19/37] Update changelogs --- changelogs/fragments/255_authorized_key_url.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/changelogs/fragments/255_authorized_key_url.yml b/changelogs/fragments/255_authorized_key_url.yml index 556f13b..5381935 100644 --- a/changelogs/fragments/255_authorized_key_url.yml +++ b/changelogs/fragments/255_authorized_key_url.yml @@ -1,3 +1,3 @@ --- trivial: -- authorized_keys - add example involving lookup.url +- authorized_keys - add an example involving ``url`` lookup plugin (https://github.com/ansible-collections/ansible.posix/pull/260). From 3d57a17ed6c2f3547153da35aac481dc991caa15 Mon Sep 17 00:00:00 2001 From: Hideki Saito Date: Fri, 10 Sep 2021 13:21:37 +0900 Subject: [PATCH 20/37] Correctly calculate task execution time with serial execution - Fixes #83 Signed-off-by: Hideki Saito --- .../fragments/263_profile_tasks_with_serial.yml | 3 +++ plugins/callback/profile_tasks.py | 16 ++++++++++++---- 2 files changed, 15 insertions(+), 4 deletions(-) create mode 100644 changelogs/fragments/263_profile_tasks_with_serial.yml diff --git a/changelogs/fragments/263_profile_tasks_with_serial.yml b/changelogs/fragments/263_profile_tasks_with_serial.yml new file mode 100644 index 0000000..f3032e9 --- /dev/null +++ b/changelogs/fragments/263_profile_tasks_with_serial.yml @@ -0,0 +1,3 @@ +--- +bugfixes: +- profile_tasks - Correctly calculate task execution time with serial execution (https://github.com/ansible-collections/ansible.posix/issues/83). diff --git a/plugins/callback/profile_tasks.py b/plugins/callback/profile_tasks.py index 6edb325..e4b5e91 100644 --- a/plugins/callback/profile_tasks.py +++ b/plugins/callback/profile_tasks.py @@ -92,7 +92,8 @@ def filled(msg, fchar="*"): def timestamp(self): if self.current is not None: - self.stats[self.current]['time'] = time.time() - self.stats[self.current]['time'] + elapsed = time.time() - self.stats[self.current]['started'] + self.stats[self.current]['elapsed'] += elapsed def tasktime(): @@ -151,8 +152,15 @@ class CallbackModule(CallbackBase): timestamp(self) # Record the start time of the current task + # stats[TASK_UUID]: + # started: Current task start time. This value will be updated each time a task + # with the same UUID is executed when `serial` is specified in a playbook. + # elapsed: Elapsed time since the first serialized task was started self.current = task._uuid - self.stats[self.current] = {'time': time.time(), 'name': task.get_name()} + if self.current not in self.stats: + self.stats[self.current] = {'started': time.time(), 'elapsed': 0.0, 'name': task.get_name()} + else: + self.stats[self.current]['started'] = time.time() if self._display.verbosity >= 2: self.stats[self.current]['path'] = task.get_path() @@ -178,7 +186,7 @@ class CallbackModule(CallbackBase): if self.sort_order is not None: results = sorted( self.stats.items(), - key=lambda x: x[1]['time'], + key=lambda x: x[1]['elapsed'], reverse=self.sort_order, ) @@ -187,7 +195,7 @@ class CallbackModule(CallbackBase): # Print the timings for uuid, result in results: - msg = u"{0:-<{2}}{1:->9}".format(result['name'] + u' ', u' {0:.02f}s'.format(result['time']), self._display.columns - 9) + msg = u"{0:-<{2}}{1:->9}".format(result['name'] + u' ', u' {0:.02f}s'.format(result['elapsed']), self._display.columns - 9) if 'path' in result: msg += u"\n{0:-<{1}}".format(result['path'] + u' ', self._display.columns) self._display.display(msg) From f0f0b0a2e2be67d5223c7bbc37960de79fbb9c99 Mon Sep 17 00:00:00 2001 From: Paul Belanger Date: Tue, 14 Sep 2021 07:54:33 -0400 Subject: [PATCH 21/37] Add bindep.txt file for execution environments This adds rsync to the bindep.txt file, which will ensure rsync is installed as a dependency for execution environments. Signed-off-by: Paul Belanger --- bindep.txt | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 bindep.txt diff --git a/bindep.txt b/bindep.txt new file mode 100644 index 0000000..6632897 --- /dev/null +++ b/bindep.txt @@ -0,0 +1,4 @@ +# This is a cross-platform list tracking distribution packages needed by tests; +# see https://docs.openstack.org/infra/bindep/ for additional information. + +rsync [platform:centos-8 platform:rhel-8] From 53d47e17633ce3dbaba148a54a61b2970c14af06 Mon Sep 17 00:00:00 2001 From: Ondrej Mosnacek Date: Tue, 15 Dec 2020 17:24:37 +0100 Subject: [PATCH 22/37] selinux: update kernel boot params when disabling/re-enabling SELinux The ability to disable SELinux from userspace based on the configuration file is being deprecated in favor of the selinux=0 kernel boot parameter. (Note that this affects only the "full" disable; switching to/from permissive mode will work the same as before.) Therefore, add an 'update_kernel_param' module parameter that will cause it to set/unset the kernel command-line parameter using grubby when enabling/disabling SELinux. (An explicit parameter was chosen for backwards compatibility.) More information: https://lore.kernel.org/selinux/157836784986.560897.13893922675143903084.stgit@chester/ https://fedoraproject.org/wiki/Changes/Remove_Support_For_SELinux_Runtime_Disable Signed-off-by: Ondrej Mosnacek --- .../disable_selinux_via_kernel_cmdline.yml | 2 + plugins/modules/selinux.py | 71 +++++++++++++++++++ .../targets/selinux/tasks/selinux.yml | 48 ++++++++++++- 3 files changed, 120 insertions(+), 1 deletion(-) create mode 100644 changelogs/fragments/disable_selinux_via_kernel_cmdline.yml diff --git a/changelogs/fragments/disable_selinux_via_kernel_cmdline.yml b/changelogs/fragments/disable_selinux_via_kernel_cmdline.yml new file mode 100644 index 0000000..505a134 --- /dev/null +++ b/changelogs/fragments/disable_selinux_via_kernel_cmdline.yml @@ -0,0 +1,2 @@ +minor_changes: +- selinux - optionally update kernel boot params when disabling/re-enabling SELinux (https://github.com/ansible-collections/ansible.posix/pull/142). diff --git a/plugins/modules/selinux.py b/plugins/modules/selinux.py index a22c282..89e6b63 100644 --- a/plugins/modules/selinux.py +++ b/plugins/modules/selinux.py @@ -28,6 +28,13 @@ options: required: true choices: [ disabled, enforcing, permissive ] type: str + update_kernel_param: + description: + - If set to I(true), will update also the kernel boot parameters when disabling/enabling SELinux. + - The C(grubby) tool must be present on the target system for this to work. + default: no + type: bool + version_added: '1.4.0' configfile: description: - The path to the SELinux configuration file, if non-standard. @@ -97,6 +104,7 @@ except ImportError: HAS_SELINUX = False from ansible.module_utils.basic import AnsibleModule, missing_required_lib +from ansible.module_utils.common.process import get_bin_path from ansible.module_utils.facts.utils import get_file_lines @@ -119,6 +127,34 @@ def get_config_policy(configfile): return line.split('=')[1].strip() +def get_kernel_enabled(module, grubby_bin): + if grubby_bin is None: + module.fail_json(msg="'grubby' command not found on host", + details="In order to update the kernel command line" + "enabled/disabled setting, the grubby package" + "needs to be present on the system.") + + rc, stdout, stderr = module.run_command([grubby_bin, '--info=ALL']) + if rc != 0: + module.fail_json(msg="unable to run grubby") + + all_enabled = True + all_disabled = True + for line in stdout.split('\n'): + match = re.match('^args="(.*)"$', line) + if match is None: + continue + args = match.group(1).split(' ') + if 'selinux=0' in args: + all_enabled = False + else: + all_disabled = False + if all_disabled == all_enabled: + # inconsistent config - return None to force update + return None + return all_enabled + + # setter subroutines def set_config_state(module, state, configfile): # SELINUX=permissive @@ -153,6 +189,17 @@ def set_state(module, state): module.fail_json(msg=msg) +def set_kernel_enabled(module, grubby_bin, value): + rc, stdout, stderr = module.run_command([grubby_bin, '--update-kernel=ALL', + '--remove-args' if value else '--args', + 'selinux=0']) + if rc != 0: + if value: + module.fail_json(msg='unable to remove selinux=0 from kernel config') + else: + module.fail_json(msg='unable to add selinux=0 to kernel config') + + def set_config_policy(module, policy, configfile): if not os.path.exists('/etc/selinux/%s/policy' % policy): module.fail_json(msg='Policy %s does not exist in /etc/selinux/' % policy) @@ -183,6 +230,7 @@ def main(): policy=dict(type='str'), state=dict(type='str', required=True, choices=['enforcing', 'permissive', 'disabled']), configfile=dict(type='str', default='/etc/selinux/config', aliases=['conf', 'file']), + update_kernel_param=dict(type='bool', default=False), ), supports_check_mode=True, ) @@ -196,9 +244,11 @@ def main(): configfile = module.params['configfile'] policy = module.params['policy'] state = module.params['state'] + update_kernel_param = module.params['update_kernel_param'] runtime_enabled = selinux.is_selinux_enabled() runtime_policy = selinux.selinux_getpolicytype()[1] runtime_state = 'disabled' + kernel_enabled = None reboot_required = False if runtime_enabled: @@ -215,6 +265,12 @@ def main(): config_policy = get_config_policy(configfile) config_state = get_config_state(configfile) + if update_kernel_param: + try: + grubby_bin = get_bin_path('grubby') + except ValueError: + grubby_bin = None + kernel_enabled = get_kernel_enabled(module, grubby_bin) # check to see if policy is set if state is not 'disabled' if state != 'disabled': @@ -269,6 +325,21 @@ def main(): msgs.append("Config SELinux state changed from '%s' to '%s'" % (config_state, state)) changed = True + requested_kernel_enabled = state in ('enforcing', 'permissive') + # Update kernel enabled/disabled config only when setting is consistent + # across all kernels AND the requested state differs from the current state + if update_kernel_param and kernel_enabled != requested_kernel_enabled: + if not module.check_mode: + set_kernel_enabled(module, grubby_bin, requested_kernel_enabled) + if requested_kernel_enabled: + states = ('disabled', 'enabled') + else: + states = ('enabled', 'disabled') + if kernel_enabled is None: + states = ('', states[1]) + msgs.append("Kernel SELinux state changed from '%s' to '%s'" % states) + changed = True + module.exit_json(changed=changed, msg=', '.join(msgs), configfile=configfile, policy=policy, state=state, reboot_required=reboot_required) diff --git a/tests/integration/targets/selinux/tasks/selinux.yml b/tests/integration/targets/selinux/tasks/selinux.yml index a262f8b..2d8cfdd 100644 --- a/tests/integration/targets/selinux/tasks/selinux.yml +++ b/tests/integration/targets/selinux/tasks/selinux.yml @@ -20,6 +20,11 @@ # ############################################################################## # Test changing the state, which requires a reboot +- name: TEST 1 | Make sure grubby is present + package: + name: grubby + state: present + - name: TEST 1 | Get current SELinux config file contents set_fact: selinux_config_original: "{{ lookup('file', '/etc/sysconfig/selinux').split('\n') }}" @@ -104,11 +109,52 @@ - selinux_config_after[selinux_config_after.index('SELINUX=disabled')] is search("^SELINUX=\w+$") - selinux_config_after[selinux_config_after.index('SELINUXTYPE=targeted')] is search("^SELINUXTYPE=\w+$") -- name: TEST 1 | Reset SELinux configuration for next test +- name: TEST 1 | Disable SELinux again, with kernel arguments update + selinux: + state: disabled + policy: targeted + update_kernel_param: true + register: _disable_test2 + +- name: Check kernel command-line arguments + ansible.builtin.command: grubby --info=DEFAULT + register: _grubby_test1 + +- name: TEST 1 | Assert that kernel cmdline contains selinux=0 + assert: + that: + - "' selinux=0' in _grubby_test1.stdout" + +- name: TEST 1 | Enable SELinux, without kernel arguments update + selinux: + state: disabled + policy: targeted + register: _disable_test2 + +- name: Check kernel command-line arguments + ansible.builtin.command: grubby --info=DEFAULT + register: _grubby_test1 + +- name: TEST 1 | Assert that kernel cmdline still contains selinux=0 + assert: + that: + - "' selinux=0' in _grubby_test1.stdout" + +- name: TEST 1 | Reset SELinux configuration for next test (also kernel args) selinux: state: enforcing + update_kernel_param: true policy: targeted +- name: Check kernel command-line arguments + ansible.builtin.command: grubby --info=DEFAULT + register: _grubby_test2 + +- name: TEST 1 | Assert that kernel cmdline doesn't contain selinux=0 + assert: + that: + - "' selinux=0' not in _grubby_test2.stdout" + # Second Test # ############################################################################## From 5a2b3662cbe336df41b127bf4967a837738217a3 Mon Sep 17 00:00:00 2001 From: Hideki Saito Date: Sat, 19 Jun 2021 12:08:47 +0900 Subject: [PATCH 23/37] mount - add a newline at the end of line in fstab * Fixes #210 Signed-off-by: Hideki Saito --- .../fragments/211_fstab_append_newline.yml | 3 ++ plugins/modules/mount.py | 4 ++ .../integration/targets/mount/tasks/main.yml | 43 +++++++++++++++++-- 3 files changed, 47 insertions(+), 3 deletions(-) create mode 100644 changelogs/fragments/211_fstab_append_newline.yml diff --git a/changelogs/fragments/211_fstab_append_newline.yml b/changelogs/fragments/211_fstab_append_newline.yml new file mode 100644 index 0000000..6861798 --- /dev/null +++ b/changelogs/fragments/211_fstab_append_newline.yml @@ -0,0 +1,3 @@ +--- +bugfixes: +- mount - add a newline at the end of line in ``fstab`` (https://github.com/ansible-collections/ansible.posix/issues/210). diff --git a/plugins/modules/mount.py b/plugins/modules/mount.py index ae2ac27..dce7b2a 100644 --- a/plugins/modules/mount.py +++ b/plugins/modules/mount.py @@ -254,6 +254,10 @@ def _set_mount_save_old(module, args): '%(src)s - %(name)s %(fstype)s %(passno)s %(boot)s %(opts)s\n') for line in open(args['fstab'], 'r').readlines(): + # Append newline if the line in fstab does not finished with newline. + if not line.endswith('\n'): + line += '\n' + old_lines.append(line) if not line.strip(): diff --git a/tests/integration/targets/mount/tasks/main.yml b/tests/integration/targets/mount/tasks/main.yml index 64d40e5..be1850f 100644 --- a/tests/integration/targets/mount/tasks/main.yml +++ b/tests/integration/targets/mount/tasks/main.yml @@ -280,7 +280,7 @@ - name: Fail if they are the same fail: msg: Filesytem was not remounted, testing of the module failed! - when: last_write is defined and last_write_time2 is defined and last_write_time.stdout == last_write_time2.stdout + when: last_write is defined and last_write_time2 is defined and last_write_time.stdout == last_write_time2.stdout - name: Remount filesystem with different opts using remounted option (Linux only) mount: @@ -311,7 +311,7 @@ assert: that: - "'backup_file' in mount_backup_out" - + always: - name: Umount the test FS mount: @@ -368,4 +368,41 @@ loop: - /tmp/myfs.img - /tmp/myfs - when: ansible_system in ('Linux') \ No newline at end of file + when: ansible_system in ('Linux') + +- name: Block to test missing newline at the EOF of fstab + block: + - name: Create empty file + community.general.filesize: + path: /tmp/myfs1.img + size: 20M + - name: Format FS + community.general.filesystem: + fstype: ext3 + dev: /tmp/myfs1.img + - name: Create custom fstab file without newline + copy: + content: '#TEST COMMENT WITHOUT NEWLINE' + dest: /tmp/test_fstab + - name: Mount the FS using the custom fstab + mount: + path: /tmp/myfs1 + src: /tmp/myfs1.img + fstype: ext3 + state: mounted + opts: defaults + fstab: /tmp/test_fstab + - name: Unmount the mount point in the custom fstab + mount: + path: /tmp/myfs1 + state: absent + fstab: /tmp/test_fstab + - name: Remove the test FS and the custom fstab + file: + path: '{{ item }}' + state: absent + loop: + - /tmp/myfs1.img + - /tmp/myfs1 + - /tmp/test_fstab + when: ansible_system in ('Linux') From 4304552677046fd7dd379a2c9232502718bdc274 Mon Sep 17 00:00:00 2001 From: Andrew Klychkov Date: Tue, 28 Sep 2021 13:03:36 +0200 Subject: [PATCH 24/37] Copy ignore-2.12.txt to ignore-2.13.txt --- tests/sanity/ignore-2.13.txt | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 tests/sanity/ignore-2.13.txt diff --git a/tests/sanity/ignore-2.13.txt b/tests/sanity/ignore-2.13.txt new file mode 100644 index 0000000..0b6905e --- /dev/null +++ b/tests/sanity/ignore-2.13.txt @@ -0,0 +1,8 @@ +plugins/modules/synchronize.py pylint:disallowed-name +plugins/modules/synchronize.py use-argspec-type-path +plugins/modules/synchronize.py validate-modules:doc-default-does-not-match-spec +plugins/modules/synchronize.py validate-modules:nonexistent-parameter-documented +plugins/modules/synchronize.py validate-modules:parameter-type-not-in-doc +plugins/modules/synchronize.py validate-modules:undocumented-parameter +tests/utils/shippable/check_matrix.py replace-urlopen +tests/utils/shippable/timing.py shebang From 6ca7a7c0a48a55b6d79dbab595e982c27c91bbe5 Mon Sep 17 00:00:00 2001 From: Andrew Klychkov Date: Tue, 28 Sep 2021 13:09:10 +0200 Subject: [PATCH 25/37] Add fragment --- changelogs/fragments/272-copy_ignore_txt.yml | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 changelogs/fragments/272-copy_ignore_txt.yml diff --git a/changelogs/fragments/272-copy_ignore_txt.yml b/changelogs/fragments/272-copy_ignore_txt.yml new file mode 100644 index 0000000..7537d54 --- /dev/null +++ b/changelogs/fragments/272-copy_ignore_txt.yml @@ -0,0 +1,3 @@ +--- +trivial: + - Copy ignore-2.12.txt to ignore-2.13.txt. From 8f58cbb41cfb09e78c04a685a37189082bd5d9df Mon Sep 17 00:00:00 2001 From: Hideki Saito Date: Fri, 1 Oct 2021 00:25:55 +0900 Subject: [PATCH 26/37] Fix integration test error on ansible devel branch - Remove centos6 platforms for integration tests on the ansible devel branch from the azure-pipelines. - Add delegate_to to each task of integration test for synchronized module on devel branch - Modify invalid parameter test to use key instead of name for sysctl module - Replace lookup plugin to slurp module in integration tests for selinux module - Add creating working directory task in integration tests for acl module Signed-off-by: Hideki Saito --- .azure-pipelines/azure-pipelines.yml | 4 -- .../277_fix_integration_test_on_devel.yml | 3 ++ tests/integration/targets/acl/tasks/acl.yml | 10 ++++ .../targets/selinux/tasks/selinux.yml | 33 ++++++++++-- .../targets/synchronize/tasks/main.yml | 52 ++++++++++++++++--- .../integration/targets/sysctl/tasks/main.yml | 12 ++--- 6 files changed, 94 insertions(+), 20 deletions(-) create mode 100644 changelogs/fragments/277_fix_integration_test_on_devel.yml diff --git a/.azure-pipelines/azure-pipelines.yml b/.azure-pipelines/azure-pipelines.yml index c0be539..c9d5b08 100644 --- a/.azure-pipelines/azure-pipelines.yml +++ b/.azure-pipelines/azure-pipelines.yml @@ -51,8 +51,6 @@ stages: parameters: testFormat: devel/linux/{0}/1 targets: - - name: CentOS 6 - test: centos6 - name: CentOS 7 test: centos7 - name: CentOS 8 @@ -61,8 +59,6 @@ stages: test: fedora33 - name: Fedora 34 test: fedora34 - - name: openSUSE 15 py2 - test: opensuse15py2 - name: openSUSE 15 py3 test: opensuse15 - name: Ubuntu 18.04 diff --git a/changelogs/fragments/277_fix_integration_test_on_devel.yml b/changelogs/fragments/277_fix_integration_test_on_devel.yml new file mode 100644 index 0000000..d2b4c69 --- /dev/null +++ b/changelogs/fragments/277_fix_integration_test_on_devel.yml @@ -0,0 +1,3 @@ +--- +trivial: +- Fix integration tests of synchronize and sysctl to address chaging behavior on devel branch (https://github.com/ansible-collections/overview/issues/45). diff --git a/tests/integration/targets/acl/tasks/acl.yml b/tests/integration/targets/acl/tasks/acl.yml index 7770ed4..30cfebb 100644 --- a/tests/integration/targets/acl/tasks/acl.yml +++ b/tests/integration/targets/acl/tasks/acl.yml @@ -23,6 +23,16 @@ group: name: "{{ test_group }}" +- name: Clean up working directory and files + file: + path: "{{ output_dir }}" + state: absent + +- name: Create working directory + file: + path: "{{ output_dir }}" + state: directory + - name: Create ansible file file: path: "{{ test_file }}" diff --git a/tests/integration/targets/selinux/tasks/selinux.yml b/tests/integration/targets/selinux/tasks/selinux.yml index 2d8cfdd..d936ec6 100644 --- a/tests/integration/targets/selinux/tasks/selinux.yml +++ b/tests/integration/targets/selinux/tasks/selinux.yml @@ -26,10 +26,19 @@ state: present - name: TEST 1 | Get current SELinux config file contents + slurp: + src: /etc/sysconfig/selinux + register: selinux_config_original_base64 + +- name: TEST 1 | Register SELinux config and SELinux status set_fact: - selinux_config_original: "{{ lookup('file', '/etc/sysconfig/selinux').split('\n') }}" + selinux_config_original_raw: "{{ selinux_config_original_base64.content | b64decode }}" before_test_sestatus: "{{ ansible_selinux }}" +- name: TEST 1 | Split by line and register original config + set_fact: + selinux_config_original: "{{ selinux_config_original_raw.split('\n') }}" + - debug: var: "{{ item }}" verbosity: 1 @@ -95,8 +104,17 @@ - _disable_test2.reboot_required - name: TEST 1 | Get modified config file + slurp: + src: /etc/sysconfig/selinux + register: selinux_config_after_base64 + +- name: TEST 1 | Register modified config set_fact: - selinux_config_after: "{{ lookup('file', '/etc/sysconfig/selinux').split('\n') }}" + selinux_config_after_raw: "{{ selinux_config_after_base64.content | b64decode }}" + +- name: TEST 1 | Split by line and register modified config + set_fact: + selinux_config_after: "{{ selinux_config_after_raw.split('\n') }}" - debug: var: selinux_config_after @@ -209,8 +227,17 @@ - not _state_test2.reboot_required - name: TEST 2 | Get modified config file + slurp: + src: /etc/sysconfig/selinux + register: selinux_config_after_base64 + +- name: TEST 2 | Register modified config set_fact: - selinux_config_after: "{{ lookup('file', '/etc/sysconfig/selinux').split('\n') }}" + selinux_config_after_raw: "{{ selinux_config_after_base64.content | b64decode }}" + +- name: TEST 2 | Split by line and register modified config + set_fact: + selinux_config_after: "{{ selinux_config_after_raw.split('\n') }}" - debug: var: selinux_config_after diff --git a/tests/integration/targets/synchronize/tasks/main.yml b/tests/integration/targets/synchronize/tasks/main.yml index ac1aa03..8df2c75 100644 --- a/tests/integration/targets/synchronize/tasks/main.yml +++ b/tests/integration/targets/synchronize/tasks/main.yml @@ -2,16 +2,29 @@ package: name: rsync when: ansible_distribution != "MacOSX" -- name: cleanup old files - shell: rm -rf {{output_dir}}/* +- name: Clean up the working directory and files + file: + path: '{{ output_dir }}' + state: absent +- name: Create the working directory + file: + path: '{{ output_dir }}' + state: directory - name: create test new files - copy: dest={{output_dir}}/{{item}} mode=0644 content="hello world" + copy: + dest: '{{output_dir}}/{{item}}' + mode: '0644' + content: 'hello world' with_items: - foo.txt - bar.txt + - name: synchronize file to new filename - synchronize: src={{output_dir}}/foo.txt dest={{output_dir}}/foo.result + synchronize: + src: '{{output_dir}}/foo.txt' + dest: '{{output_dir}}/foo.result' register: sync_result + delegate_to: '{{ inventory_hostname }}' - assert: that: - '''changed'' in sync_result' @@ -31,9 +44,13 @@ that: - stat_result.stat.exists == True - stat_result.stat.checksum == '2aae6c35c94fcfb415dbe95f408b9ce91ee846ed' + - name: test that the file is not copied a second time - synchronize: src={{output_dir}}/foo.txt dest={{output_dir}}/foo.result + synchronize: + src='{{output_dir}}/foo.txt' + dest='{{output_dir}}/foo.result' register: sync_result + delegate_to: '{{ inventory_hostname }}' - assert: that: - sync_result.changed == False @@ -44,12 +61,14 @@ with_items: - foo.result - bar.result + - name: Synchronize using the mode=push param synchronize: src: '{{output_dir}}/foo.txt' dest: '{{output_dir}}/foo.result' mode: push register: sync_result + delegate_to: '{{ inventory_hostname }}' - assert: that: - '''changed'' in sync_result' @@ -69,12 +88,14 @@ that: - stat_result.stat.exists == True - stat_result.stat.checksum == '2aae6c35c94fcfb415dbe95f408b9ce91ee846ed' + - name: test that the file is not copied a second time synchronize: src: '{{output_dir}}/foo.txt' dest: '{{output_dir}}/foo.result' mode: push register: sync_result + delegate_to: '{{ inventory_hostname }}' - assert: that: - sync_result.changed == False @@ -85,12 +106,14 @@ with_items: - foo.result - bar.result + - name: Synchronize using the mode=pull param synchronize: src: '{{output_dir}}/foo.txt' dest: '{{output_dir}}/foo.result' mode: pull register: sync_result + delegate_to: '{{ inventory_hostname }}' - assert: that: - '''changed'' in sync_result' @@ -110,12 +133,14 @@ that: - stat_result.stat.exists == True - stat_result.stat.checksum == '2aae6c35c94fcfb415dbe95f408b9ce91ee846ed' + - name: test that the file is not copied a second time synchronize: src: '{{output_dir}}/foo.txt' dest: '{{output_dir}}/foo.result' mode: pull register: sync_result + delegate_to: '{{ inventory_hostname }}' - assert: that: - sync_result.changed == False @@ -126,12 +151,16 @@ with_items: - foo.result - bar.result + - name: synchronize files using with_items (issue#5965) - synchronize: src={{output_dir}}/{{item}} dest={{output_dir}}/{{item}}.result + synchronize: + src: '{{output_dir}}/{{item}}' + dest: '{{output_dir}}/{{item}}.result' with_items: - foo.txt - bar.txt register: sync_result + delegate_to: '{{ inventory_hostname }}' - assert: that: - sync_result.changed @@ -151,9 +180,14 @@ with_items: - foo.txt - bar.txt + - name: synchronize files using rsync_path (issue#7182) - synchronize: src={{output_dir}}/foo.txt dest={{output_dir}}/foo.rsync_path rsync_path="sudo rsync" + synchronize: + src: '{{output_dir}}/foo.txt' + dest: '{{output_dir}}/foo.rsync_path' + rsync_path: 'sudo rsync' register: sync_result + delegate_to: '{{ inventory_hostname }}' - assert: that: - '''changed'' in sync_result' @@ -186,6 +220,7 @@ dest: '{{output_dir}}/{{item}}/foo.txt' with_items: - directory_a + delegate_to: '{{ inventory_hostname }}' - name: synchronize files using link_dest synchronize: src: '{{output_dir}}/directory_a/foo.txt' @@ -193,6 +228,7 @@ link_dest: - '{{output_dir}}/directory_a' register: sync_result + delegate_to: '{{ inventory_hostname }}' - name: get stat information for directory_a stat: path: '{{ output_dir }}/directory_a/foo.txt' @@ -214,6 +250,8 @@ - '{{output_dir}}' register: sync_result ignore_errors: true + delegate_to: '{{ inventory_hostname }}' + - assert: that: - sync_result is not changed diff --git a/tests/integration/targets/sysctl/tasks/main.yml b/tests/integration/targets/sysctl/tasks/main.yml index c8532d3..c9a63c4 100644 --- a/tests/integration/targets/sysctl/tasks/main.yml +++ b/tests/integration/targets/sysctl/tasks/main.yml @@ -123,10 +123,10 @@ that: - sysctl_test2_change_test is not changed - - name: Try sysctl with an invalid value + - name: Try sysctl with an invalid name sysctl: - name: net.ipv4.ip_forward - value: foo + name: test.invalid + value: 1 register: sysctl_test3 ignore_errors: yes @@ -196,10 +196,10 @@ - sysctl_no_value is failed - "sysctl_no_value.msg == 'value cannot be None'" - - name: Try sysctl with an invalid value + - name: Try sysctl with an invalid name sysctl: - name: net.ipv4.ip_forward - value: foo + name: test.invalid + value: 1 sysctl_set: yes register: sysctl_test4 ignore_errors: yes From 399f5e2f097854d7c4e20ac62d9c1ff5d89dc711 Mon Sep 17 00:00:00 2001 From: Hideki Saito Date: Thu, 21 Oct 2021 08:18:17 +0900 Subject: [PATCH 27/37] Fix unit test for synchronize action plugin - use yaml.safe_load() instead of load() Signed-off-by: Hideki Saito --- changelogs/fragments/282_fix_unit_test_for_synchronize.yml | 3 +++ tests/unit/plugins/action/test_synchronize.py | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) create mode 100644 changelogs/fragments/282_fix_unit_test_for_synchronize.yml diff --git a/changelogs/fragments/282_fix_unit_test_for_synchronize.yml b/changelogs/fragments/282_fix_unit_test_for_synchronize.yml new file mode 100644 index 0000000..23521af --- /dev/null +++ b/changelogs/fragments/282_fix_unit_test_for_synchronize.yml @@ -0,0 +1,3 @@ +--- +trivial: +- Fix unit tests of synchronize action plugin to use yaml.safe_load(). diff --git a/tests/unit/plugins/action/test_synchronize.py b/tests/unit/plugins/action/test_synchronize.py index 39d9697..bc1efca 100644 --- a/tests/unit/plugins/action/test_synchronize.py +++ b/tests/unit/plugins/action/test_synchronize.py @@ -125,7 +125,7 @@ class SynchronizeTester(object): metapath = os.path.join(fixturepath, 'meta.yaml') with open(metapath, 'rb') as f: fdata = f.read() - test_meta = yaml.load(fdata) + test_meta = yaml.safe_load(fdata) # load initial play context vars if '_play_context' in test_meta: From 9890937bccdfc1192d2c3ff576a2b75f2f3e68df Mon Sep 17 00:00:00 2001 From: Hideki Saito Date: Wed, 20 Oct 2021 15:21:02 +0900 Subject: [PATCH 28/37] Remove centos8 environment for devel from CI - Fixes https://github.com/ansible-collections/overview/issues/45 Signed-off-by: Hideki Saito --- .azure-pipelines/azure-pipelines.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.azure-pipelines/azure-pipelines.yml b/.azure-pipelines/azure-pipelines.yml index c9d5b08..25d7a37 100644 --- a/.azure-pipelines/azure-pipelines.yml +++ b/.azure-pipelines/azure-pipelines.yml @@ -53,8 +53,6 @@ stages: targets: - name: CentOS 7 test: centos7 - - name: CentOS 8 - test: centos8 - name: Fedora 33 test: fedora33 - name: Fedora 34 From d1be5519e60e0d111715ba4cceb9b0f6d428c171 Mon Sep 17 00:00:00 2001 From: Mike Wallis Date: Fri, 8 Oct 2021 12:29:55 +0100 Subject: [PATCH 29/37] Whitespaces in paths or current working directory path of playbook causes rsync to incorrectly chdir to current source dir, Example : cd "/home/a/ansible plays" task: - synchronize: src: a dest: b Results in the following error being thrown fatal: [remote-host]: FAILED! => {"changed": false, "cmd": "/usr/bin/rsync --delay-updates -F --compress --archive --rsh='/usr/bin/ssh -S none -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null' --rsync-path='sudo -u root rsync' --out-format='<>%i %n%L' /home/a/ansible plays/deployments// remote-user@remote-host:/data/", "msg": "rsync: [sender] link_stat \"/home/a/ansible\" failed: No such file or directory (2)\nrsync: [sender] change_dir \"/home/a/ansible plays/plays/a/\" failed: No such file or directory (2)\nrsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1330) [sender=3.2.3]\n", "rc": 23} --- .../shell_escape_full_path_for_rsync.yml | 3 ++ plugins/modules/synchronize.py | 4 +- .../targets/synchronize/tasks/main.yml | 43 +++++++++++++++++++ 3 files changed, 48 insertions(+), 2 deletions(-) create mode 100644 changelogs/fragments/shell_escape_full_path_for_rsync.yml diff --git a/changelogs/fragments/shell_escape_full_path_for_rsync.yml b/changelogs/fragments/shell_escape_full_path_for_rsync.yml new file mode 100644 index 0000000..d37bee7 --- /dev/null +++ b/changelogs/fragments/shell_escape_full_path_for_rsync.yml @@ -0,0 +1,3 @@ +--- +bugfixes: + - Fix for whitespace in source full path causing error ```code 23) at main.c(1330) [sender=3.2.3]``` (https://github.com/ansible-collections/ansible.posix/pull/278) diff --git a/plugins/modules/synchronize.py b/plugins/modules/synchronize.py index 5f63dd4..86cf360 100644 --- a/plugins/modules/synchronize.py +++ b/plugins/modules/synchronize.py @@ -587,8 +587,8 @@ def main(): if '@' not in dest: dest = os.path.expanduser(dest) - cmd.append(source) - cmd.append(dest) + cmd.append(shlex_quote(source)) + cmd.append(shlex_quote(dest)) cmdstr = ' '.join(cmd) # If we are using password authentication, write the password into the pipe diff --git a/tests/integration/targets/synchronize/tasks/main.yml b/tests/integration/targets/synchronize/tasks/main.yml index 8df2c75..125a406 100644 --- a/tests/integration/targets/synchronize/tasks/main.yml +++ b/tests/integration/targets/synchronize/tasks/main.yml @@ -265,3 +265,46 @@ - directory_a/foo.txt - directory_a - directory_b + +- name: setup - test for source with working dir with spaces in path + file: + state: directory + path: '{{output_dir}}/{{item}}' + delegate_to: '{{ inventory_hostname }}' + with_items: + - 'directory a' + - 'directory b' +- name: setup - create test new files + copy: + dest: '{{output_dir}}/directory a/{{item}}' + mode: '0644' + content: 'hello world' + with_items: + - foo.txt + delegate_to: '{{ inventory_hostname }}' +- name: copy source with spaces in dir path + synchronize: + src: '{{output_dir}}/directory a/foo.txt' + dest: '{{output_dir}}/directory b/' + delegate_to: '{{ inventory_hostname }}' + register: sync_result + ignore_errors: true +- name: get stat information for directory_b + stat: + path: '{{ output_dir }}/directory b/foo.txt' + register: stat_result_b +- assert: + that: + - '''changed'' in sync_result' + - sync_result.changed == true + - stat_result_b.stat.exists == True + - stat_result_b.stat.checksum == '2aae6c35c94fcfb415dbe95f408b9ce91ee846ed' +- name: Cleanup + file: + state: absent + path: '{{output_dir}}/{{item}}' + with_items: + - 'directory b/foo.txt' + - 'directory a/foo.txt' + - 'directory a' + - 'directory b' From 2768c58f905cc534aec7613c582cedcc7ef029ce Mon Sep 17 00:00:00 2001 From: Hideki Saito Date: Sun, 7 Nov 2021 10:20:12 +0900 Subject: [PATCH 30/37] Add python-firewall to requirements of firewalld - Fixes #286 Signed-off-by: Hideki Saito --- changelogs/fragments/287_firewalld_requirements.yml | 3 +++ plugins/modules/firewalld.py | 3 +++ 2 files changed, 6 insertions(+) create mode 100644 changelogs/fragments/287_firewalld_requirements.yml diff --git a/changelogs/fragments/287_firewalld_requirements.yml b/changelogs/fragments/287_firewalld_requirements.yml new file mode 100644 index 0000000..621701b --- /dev/null +++ b/changelogs/fragments/287_firewalld_requirements.yml @@ -0,0 +1,3 @@ +--- +trivial: +- firewalld - add python-firewall to requirements (https://github.com/ansible-collections/ansible.posix/issues/286). diff --git a/plugins/modules/firewalld.py b/plugins/modules/firewalld.py index f7a4a67..cd7fae2 100644 --- a/plugins/modules/firewalld.py +++ b/plugins/modules/firewalld.py @@ -128,8 +128,11 @@ notes: The module will not take care of this for you implicitly because that would undo any previously performed immediate actions which were not permanent. Therefore, if you require immediate access to a newly created zone it is recommended you reload firewalld immediately after the zone creation returns with a changed state and before you perform any other immediate, non-permanent actions on that zone. + - This module needs C(python-firewall) or C(python3-firewall) on managed nodes. + It is usually provided as a subset with C(firewalld) from the OS distributor for the OS default Python interpreter. requirements: - firewalld >= 0.2.11 +- python-firewall >= 0.2.11 author: - Adam Miller (@maxamillion) ''' From 40a9ff36bb206a791b8eebd56d5a8055675d3647 Mon Sep 17 00:00:00 2001 From: Tim Herren Date: Mon, 8 Nov 2021 16:14:01 +0100 Subject: [PATCH 31/37] Remove deprecated option from nfs mount example --- plugins/modules/mount.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/plugins/modules/mount.py b/plugins/modules/mount.py index dce7b2a..8b28f12 100644 --- a/plugins/modules/mount.py +++ b/plugins/modules/mount.py @@ -172,7 +172,7 @@ EXAMPLES = r''' ansible.posix.mount: src: 192.168.1.100:/nfs/ssd/shared_data path: /mnt/shared_data - opts: rw,sync,hard,intr + opts: rw,sync,hard state: mounted fstype: nfs @@ -180,7 +180,7 @@ EXAMPLES = r''' ansible.posix.mount: src: 192.168.1.100:/nfs/ssd/shared_data path: /mnt/shared_data - opts: rw,sync,hard,intr + opts: rw,sync,hard boot: no state: mounted fstype: nfs From af2af9cff3e48c674793aec1b7026f7420daca23 Mon Sep 17 00:00:00 2001 From: Hideki Saito Date: Tue, 9 Nov 2021 22:20:33 +0900 Subject: [PATCH 32/37] Replace Fedora 33 with Fedora 35 for devel tests - Relates to ansible-collections/overview#45 Signed-off-by: Hideki Saito --- .azure-pipelines/azure-pipelines.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.azure-pipelines/azure-pipelines.yml b/.azure-pipelines/azure-pipelines.yml index 25d7a37..03a4aec 100644 --- a/.azure-pipelines/azure-pipelines.yml +++ b/.azure-pipelines/azure-pipelines.yml @@ -53,10 +53,10 @@ stages: targets: - name: CentOS 7 test: centos7 - - name: Fedora 33 - test: fedora33 - name: Fedora 34 test: fedora34 + - name: Fedora 35 + test: fedora35 - name: openSUSE 15 py3 test: opensuse15 - name: Ubuntu 18.04 From 69a46eb0e853a57c15d76f5bcdd6da948dd73d25 Mon Sep 17 00:00:00 2001 From: Hideki Saito Date: Wed, 10 Nov 2021 11:17:33 +0900 Subject: [PATCH 33/37] Add CI tests for Ansible Core 2.12 release - Fixes #290 Signed-off-by: Hideki Saito --- .azure-pipelines/azure-pipelines.yml | 48 +++++++++++++++++++++++++++- 1 file changed, 47 insertions(+), 1 deletion(-) diff --git a/.azure-pipelines/azure-pipelines.yml b/.azure-pipelines/azure-pipelines.yml index 03a4aec..86e68c6 100644 --- a/.azure-pipelines/azure-pipelines.yml +++ b/.azure-pipelines/azure-pipelines.yml @@ -63,6 +63,32 @@ stages: test: ubuntu1804 - name: Ubuntu 20.04 test: ubuntu2004 + - stage: Docker_2_12 + displayName: Docker 2.12 + dependsOn: [] + jobs: + - template: templates/matrix.yml + parameters: + testFormat: 2.12/linux/{0}/1 + targets: + - name: CentOS 6 + test: centos6 + - name: CentOS 7 + test: centos7 + - name: CentOS 8 + test: centos8 + - name: Fedora 33 + test: fedora33 + - name: Fedora 34 + test: fedora34 + - name: openSUSE 15 py2 + test: opensuse15py2 + - name: openSUSE 15 py3 + test: opensuse15 + - name: Ubuntu 18.04 + test: ubuntu1804 + - name: Ubuntu 20.04 + test: ubuntu2004 - stage: Docker_2_11 displayName: Docker 2.11 dependsOn: [] @@ -161,6 +187,24 @@ stages: test: freebsd/12.2 - name: FreeBSD 13.0 test: freebsd/13.0 + - stage: Remote_2_12 + displayName: Remote 2.12 + dependsOn: [] + jobs: + - template: templates/matrix.yml + parameters: + testFormat: 2.12/{0}/1 + targets: + - name: MacOS 11.1 + test: macos/11.1 + - name: RHEL 7.9 + test: rhel/7.9 + - name: RHEL 8.4 + test: rhel/8.4 + - name: FreeBSD 12.2 + test: freebsd/12.2 + - name: FreeBSD 13.0 + test: freebsd/13.0 - stage: Remote_2_11 displayName: Remote 2.11 dependsOn: [] @@ -224,9 +268,11 @@ stages: - Remote_2_9 - Docker_2_9 - Remote_2_10 - - Remote_2_11 - Docker_2_10 + - Remote_2_11 - Docker_2_11 + - Remote_2_12 + - Docker_2_12 - Remote_devel - Docker_devel jobs: From deac6a412e039c265d0d7d39eb50c83337d45e09 Mon Sep 17 00:00:00 2001 From: Hideki Saito Date: Wed, 10 Nov 2021 15:13:28 +0900 Subject: [PATCH 34/37] Fixed the tested version list in Tested with Ansible section - Fixes #290 Signed-off-by: Hideki Saito --- README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 2c7c169..9144f77 100644 --- a/README.md +++ b/README.md @@ -86,7 +86,8 @@ None -* ansible-core 2.12 (devel) +* ansible-core 2.13 (devel) +* ansible-core 2.12 (stable) * ansible-core 2.11 (stable) * ansible-base 2.10 (stable) * ansible 2.9 (stable) From a42d7f042024b8d411528fd1d959ce708d7606c7 Mon Sep 17 00:00:00 2001 From: Tim Herren Date: Thu, 11 Nov 2021 21:38:24 +0100 Subject: [PATCH 35/37] added changelog fragment for documentation change --- changelogs/fragments/288_mounts_options.yml | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 changelogs/fragments/288_mounts_options.yml diff --git a/changelogs/fragments/288_mounts_options.yml b/changelogs/fragments/288_mounts_options.yml new file mode 100644 index 0000000..23b6edd --- /dev/null +++ b/changelogs/fragments/288_mounts_options.yml @@ -0,0 +1,3 @@ +--- +trivial: +- mount - remove deprecated option from nfs example From 35a910a698194a153310a7dfadad5d296d379a16 Mon Sep 17 00:00:00 2001 From: Hideki Saito Date: Thu, 18 Nov 2021 11:08:21 +0900 Subject: [PATCH 36/37] Replace RHEL8.4 with RHEL8.5 for devel tests - Relates to ansible-collections/overview#45 Signed-off-by: Hideki Saito --- .azure-pipelines/azure-pipelines.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.azure-pipelines/azure-pipelines.yml b/.azure-pipelines/azure-pipelines.yml index 86e68c6..65e35d9 100644 --- a/.azure-pipelines/azure-pipelines.yml +++ b/.azure-pipelines/azure-pipelines.yml @@ -181,8 +181,8 @@ stages: test: macos/11.1 - name: RHEL 7.9 test: rhel/7.9 - - name: RHEL 8.4 - test: rhel/8.4 + - name: RHEL 8.5 + test: rhel/8.5 - name: FreeBSD 12.2 test: freebsd/12.2 - name: FreeBSD 13.0 From 667ebef95c6e10005995e8dc707f24cdc3a5884a Mon Sep 17 00:00:00 2001 From: Hideki Saito Date: Mon, 29 Nov 2021 17:49:26 +0900 Subject: [PATCH 37/37] Refine the handling of exclusive options using mutually_exclusive - Fixes #255 Signed-off-by: Hideki Saito --- ...7_firewalld_exclusive_options_handling.yml | 3 ++ plugins/modules/firewalld.py | 38 +++++-------------- .../firewalld/tasks/source_test_cases.yml | 2 +- 3 files changed, 14 insertions(+), 29 deletions(-) create mode 100644 changelogs/fragments/297_firewalld_exclusive_options_handling.yml diff --git a/changelogs/fragments/297_firewalld_exclusive_options_handling.yml b/changelogs/fragments/297_firewalld_exclusive_options_handling.yml new file mode 100644 index 0000000..4727000 --- /dev/null +++ b/changelogs/fragments/297_firewalld_exclusive_options_handling.yml @@ -0,0 +1,3 @@ +--- +bugfixes: +- firewalld - Refine the handling of exclusive options (https://github.com/ansible-collections/ansible.posix/issues/255). diff --git a/plugins/modules/firewalld.py b/plugins/modules/firewalld.py index cd7fae2..39a3b18 100644 --- a/plugins/modules/firewalld.py +++ b/plugins/modules/firewalld.py @@ -760,6 +760,10 @@ def main(): target=('zone',), source=('permanent',), ), + mutually_exclusive=[ + ['icmp_block', 'icmp_block_inversion', 'service', 'port', 'port_forward', 'rich_rule', + 'interface', 'masquerade', 'source', 'target'] + ], ) permanent = module.params['permanent'] @@ -816,33 +820,11 @@ def main(): if 'toaddr' in port_forward: port_forward_toaddr = port_forward['toaddr'] - modification_count = 0 - if icmp_block is not None: - modification_count += 1 - if icmp_block_inversion is not None: - modification_count += 1 - if service is not None: - modification_count += 1 - if port is not None: - modification_count += 1 - if port_forward is not None: - modification_count += 1 - if rich_rule is not None: - modification_count += 1 - if interface is not None: - modification_count += 1 - if masquerade is not None: - modification_count += 1 - if source is not None: - modification_count += 1 - if target is not None: - modification_count += 1 - - if modification_count > 1: - module.fail_json( - msg='can only operate on port, service, rich_rule, masquerade, icmp_block, icmp_block_inversion, interface or source at once' - ) - elif (modification_count > 0) and (desired_state in ['absent', 'present']) and (target is None): + modification = False + if any([icmp_block, icmp_block_inversion, service, port, port_forward, rich_rule, + interface, masquerade, source, target]): + modification = True + if modification and desired_state in ['absent', 'present'] and target is None: module.fail_json( msg='absent and present state can only be used in zone level operations' ) @@ -1027,7 +1009,7 @@ def main(): msgs = msgs + transaction_msgs ''' If there are no changes within the zone we are operating on the zone itself ''' - if modification_count == 0 and desired_state in ['absent', 'present']: + if not modification and desired_state in ['absent', 'present']: transaction = ZoneTransaction( module, diff --git a/tests/integration/targets/firewalld/tasks/source_test_cases.yml b/tests/integration/targets/firewalld/tasks/source_test_cases.yml index f7c4f00..172a47e 100644 --- a/tests/integration/targets/firewalld/tasks/source_test_cases.yml +++ b/tests/integration/targets/firewalld/tasks/source_test_cases.yml @@ -82,4 +82,4 @@ assert: that: - result is not changed - - "result.msg == 'can only operate on port, service, rich_rule, masquerade, icmp_block, icmp_block_inversion, interface or source at once'" + - "result.msg == 'parameters are mutually exclusive: icmp_block|icmp_block_inversion|service|port|port_forward|rich_rule|interface|masquerade|source|target'"