Sudoers is a great example to show how you can prevent shutting yourself
out. But SSHd is at least as important to avoid syntax errors causing a
lot of grieve. So I think it deserves a spot in this list :-)
Currently this function directs to the standard NetworkModule,
whose run_commands function takes no arguments (other than self).
This directs the call to the connection's cli method to run the command
directly on the device.
Connection plugin can define default action plugin to use by providing
action_handler instance variable. This will override the default
action plugin normal
* adds new error AnsibleModuleExit to handle module returns
* adds new action plugin network for attaching connection to network modules
* adds new shared module local to receive connection
* splits out function to update task_args with common updates
This commit provides a mechansim for running local modules that require
a connection object for interative commands tyically implemented for
network devices. It provides a way to locally import modules (post fork)
and run them using exception handling to exit.
* Fix bug #5328 apache module loading
Currently, the apache2_module module parses apache configs
for correctness when enabling or disabling apache2 modules.
This behavior introduced a conflict condition when transitioning
between mpm modules, such as mpm_worker and mpm_event.
This change accounts for the specific error condition raised
by ``apachectl -M``:
``AH00534: apache2: Configuration error: No MPM loaded.``
When loading or unloading a module with a name that contains 'mpm_',
apache2_module will ignore the error raised by apachectl if stderr
contains 'AH00534'.
Fixes#5328
* Add AH00534 warning
* Added changes from PR #5629
* Modified ignore_configcheck behavior
* Code smell test for iteritems and itervalues
* Change the keydict object in authorized_keys so it doesn't throw a false postive
keydict is a bad data structure anyway. We don't use the iteritems and
itervalues methods so just disable them so that the code-smell tests do
not trigger on it.
* Change release templates so they work with py3
The process to poll for data in the stdout and/or stderr pipes during a
low-level command execution was repetitive. Factoring this out into a
function DRYs out the code.
Signed-off-by: Steve Kuznetsov <skuznets@redhat.com>
For the comparisions that need to be done, this map call needs
to convert to a list because the six import in ansible changes
the behavior of map to return an iterator instead of a list
* Fix UnboundLocalError remote_head in git
Fixes#5505
The use of remote_head was a leftover of #4562.
remote_head is not necessary, since the repo is unchanged anyway and
after is set correctly.
Further changes:
* Set changed=True and msg once local_mods are detected and reset.
* Remove need_fetch that is always True (due to previous if) to improve
clarity
* Don't exit early for local_mods but run submodules update and
switch_version
* Add test for git with local modifications
* Enable tests on python 3 for uri
* Added one more node type to SAFE_NODES into safe_eval module.
ast.USub represents unary operators. This is necessary for
parsing some unusual but still valid JSON files during testing
with Python 3.
* Rebase of https://github.com/ansible/ansible-modules-extras/pull/708
708 was full of extraneous merge commits interwoven with commits to
implement the feature. In the end the only way I could clean this up
in reasonable time was to just take a regular diff between the PR and
the base. This lost the history of intermediate commits but I've
preserved attribution to @dayton967 via git's --author field.
Although I preserved the logic of the PR, there were a few additional
things that I cleaned up:
* Fixed import of email.mime.multipart
* Used the argspec to set port and timeout to integers instead of having
ad hoc code inside of the module.
* Used argspec's choices for secure instead of ad hoc code inside of the
module.
* Removed some unused variables
* Made secure_state a python boolean instead of using 0 and 1
* Used secure with string comparisons instead of turning it into an
integer code. This is much more readable.
* Fixed catching of SMTPExceptions (SMTPException wasn't imported
directly so it needed to use the smtplib namespace.)
* Fix synchronize retries
The synchronize module munges its task args on every invocation of
run(). This was problematic because the munged data was not fit for use
by a second pass of the synchronize module. Correct this by using a copy
of the task args on every invocation of run() so that the original args
are not affected.
Local testing using this playbook seems to confirm that things work as
expected:
- hosts: all
tasks:
- delay: 2
register: task_result
retries: 1
until: task_result.rc == 0
synchronize:
dest: /tmp/out
mode: pull
src: /tmp/nonexistent/
fixes#18281
* Update synchroncization fixture assertions
When we started operating on a copy of the task args the test assertions
were no longer asserting things about the munged state but of the
pristine state. Convert the copy of task args to a class member so that
it can be compared against later in testing and update the assertions to
check this munged copy.
* Shuffle objects around for cleaner testing
Attach the temporary args dict to the task rather than the action as
this makes updating the existing tests cleaner.
The overwrite parameter is forcibly set to false, meaning a module
passing that parameter will have no effect. The overwrite facility
is necessary to ensure that conflicting options can be written the
configuration (which, in replace mode, they cannot).
This change ensures that if overwrite is set, it will not be changed
to False in the logic.
* Fixes#18663. Bad handling of existing config in dellos9 module.
The dellos9 module doesn't build correctly the internal
structures used to represent the existing config of the managed
network device. This leads to apply changes every time the
playbook is run, even if the existing config is the same that the
one you are trying to push into the device.
Probably this problem exist also in the dellos6 and dellos10
modules, but I only fixed it in the dellos9 module.
The fix modifies two methods. The first one is `get_config`,
where the return clause didn't work correctly when the flow
doesn't enter in the `if` block. In that case the `contents`
variable is not an array an this should be handled.
The second fix is in the `get_sublevel_config` method. In this
case the indentation whitespaces of the parents should be rebuild
because further functions and methods required it to handle
correctly comparisons used to check if changes should be pushed
into device.
* Fixes#18663 for dellos10 module with the same patches as dellos9.
mkstemp() returns a tuple containing an OS-level handle to an open file
(as would be returned by os.open()) and the absolute pathname of that
file, in that order.
This patch makes sure that the fd opened by tempfile.mkstemp() is
re-used and closed properly.
* added alpha version of the 'sorcery' module
* fully conforming YAML
* use bundled check for executables
* - codex_list(): use commands instead of checksums to get sorcery version and verify codex equality - renamed: - manage_depends() -> match_depends() - tocast -> cast_queue, todispel -> dispel_queue, needs_recast -> depends_ok - SORCERY_LOG -> SORCERY_LOG_DIR, SORCERY_STATE -> SORCERY_STATE_DIR - removed: - SORCERY_VERSION_FILE - CODEX - added commentary to match_depends() and manage_spells() - fixed bug about dropped dependency line for previously existed dependency - fixed bug about not fixing depends for the 'latest' state - simplified several code constructions
* cleaned up some docs
* do not use separate message for Codex update, rely on the 'changed' status instead
* use built-in list conversion (_check_type_list()) for spells
* corrected spell name extraction from list in match_depends()
* avoid non-matching dependencies line duplication in depends file
* added more complex playbook example
* tiny stylistic fix for docs
* replaced ternary construction with a regular statement
* replaced yet another ternary construction with a regular statement
* enable Python 2.4 compatibility by splitting try-finally block
* enable Python 2.4 compatibility by replacing 'with' statement with try-except+try-finally blocks
* unify spells' assign
* replaced one regex with startswith()
* go Ansible 2.1
* added dummy RETURN template
* go Ansible 2.2
* better clarify permissions' requirements
* - updated copyright years - fixed rebuild command bug - re-used run_command_environ_update dict for env var management
* handle Python 3.5
* Revert "handle Python 3.5"
This reverts commit 33a5a0eb64c1193318298e111f063cdd5f93b73a.
* handle Python 3.5 (2nd try)
* go Ansible 2.3
* clarity++
* For realz this time
* Fix tempfile.mkstemp (#2)
* back to square one, removing temp file from the mix
* Adding temp back
* Adding tuple back
* Adding another tuple back
* Trying to get around weird Jenkins behavior of blowing up when both .hpi and jpi file found
* Incorporating PR feedback
* Delete .hpi file instead of backing it up, some basic clean up
* Moving file deletion to the right location
* Blank lines. They always get me.
* Allow re-using an existing template when updating a stack by not passing 'template' or 'template_url'. This is a big one for me as our deploy process creates a new stack and then modifies the old one; to avoid changing the resources inside the old one, we have had to avoid using the Ansible module and use the AWS CLI instead in order to pass `--use-previous-template`.
* Split create and update logic into separate functions
* Remove dead `update` variable