Commit graph

3048 commits

Author SHA1 Message Date
Michael DeHaan
642b183fb6 Use atomic move function on known host file in paramiko to prevent rare occurance of Control-C
during file operations.
2014-08-04 10:50:14 -04:00
Michael DeHaan
a7d2e729f8 Add some whitespace to make paramiko_ssh more browseable 2014-08-04 10:38:16 -04:00
Michael DeHaan
24f6f656cc Merge branch 'bug8392' of git://github.com/gnosek/ansible into devel 2014-08-04 10:22:29 -04:00
Monty Taylor
a05804bf8d Update the nova inventory plugin with new ip code
The provisioning module knows more about how nova deals with IP
addresses now. Ensure that the inventory module is similarly as smart
by separating out the logic into the openstack/module_utils.
2014-08-02 22:31:27 -07:00
Monty Taylor
d17a1b5c19 Add common auth handling across openstack modules
Taking a page out of the ec2 config, make sure that all of the
OpenStack modules handle the inbound auth config in the same way.
The one outlier is keystone wrt auth_url.
2014-08-02 17:39:19 -07:00
Luke Sneeringer
a4fce4818e Add support for environment variables in GCE module. 2014-08-01 11:44:58 -05:00
Grzegorz Nosek
7f33580eba Fix exponential regex performance issue
filter_leading_non_json_lines effectively does

re.match(".*\w+=\w+.*", line)

for every line of output. This has abysmal performance in case of large
Base64-encoded data (which ultimately does not match the regex but does
match the .*\w+= part) as returned e.g. by the template module (diffs).

Replacing the match with

re.search("\w=\w", line)

drops the complexity back to linear, and actually usable with large
diffs from the template module (a 150 KB Base64 diff kept Ansible
spinning at 100% cpu for minutes).

Also, check the easy cases (line.startswith) first while we're here.

Closes: #8932
2014-08-01 14:46:00 +02:00
James Cammarata
9c1a89ff4e Merge branch 'patch-1' of https://github.com/debfx/ansible into debfx-patch-1 2014-07-31 11:41:21 -05:00
James Cammarata
7a5076c8b8 Catching shlex splitting error in fact gathering get_cmdline call
Fixes #8352
2014-07-30 14:47:50 -05:00
James Cammarata
80df2135e9 Fix parsing of tasks with variable module names
Also adding an integration test for same.
2014-07-30 14:18:06 -05:00
James Cammarata
189824dd76 Remove whitespace around args
Fixes #8343
2014-07-30 08:51:27 -05:00
James Cammarata
e6fa50a306 Move splitter to module_utils so modules can use it and fix command arg splitting
Fixes #8338
2014-07-29 14:55:16 -05:00
Veeti Paananen
5780f3a8b4 Expand variables in configuration files, take two
e.g. $HOME.
2014-07-29 15:20:59 +03:00
Veeti Paananen
e6bd049892 Don't expand remote_tmp path locally 2014-07-29 15:19:54 +03:00
James Cammarata
a9f0f8e975 Revert "template.py: Handle purposely raised exceptions in lookup()"
This reverts commit 2fda9bc743.
2014-07-28 23:25:37 -05:00
James Cammarata
aee940aaca Reworking _clean_data() to be smarter about replaces
Fixes #8228
2014-07-28 16:50:18 -05:00
James Cammarata
6e814566de Unquote params passed to an include statement
Fixes #8315
2014-07-28 16:35:52 -05:00
Michael DeHaan
106f4ccc01 Revert "Expand variables in configuration files" - I feel I've been here before.
Breaks some test runs.

This reverts commit a9eef029b6.
2014-07-28 17:10:42 -04:00
Michael DeHaan
97fa9502aa Merge pull request #8309 from veeti/cfg-vars
Expand variables in configuration files
2014-07-28 15:47:45 -04:00
Michael DeHaan
645ab7baff Merge pull request #7950 from mesk41in/devel
Fix unsupported regexp parameter in assemble
2014-07-28 12:01:12 -04:00
Michael DeHaan
fb60e767a7 Taking alternate approach.
Revert "Fix hostname when get_distribution_version() returns a string."

This reverts commit 08f97c0b9d.
2014-07-28 11:35:33 -04:00
Michael DeHaan
628d828876 Merge pull request #8087 from neersighted/string_version
Fix hostname when get_distribution_version() returns a string.
2014-07-28 11:24:58 -04:00
Michael DeHaan
30e6a659ae Merge pull request #8171 from jbenden/osx-10.10
Support for OS X 10.10 DP3.
2014-07-28 11:08:53 -04:00
Michael DeHaan
20f65f2c79 Merge pull request #8262 from icoloma/patch-1
Bugfix: bulletproof unexpected_error_msg at gce.py
2014-07-28 11:03:54 -04:00
Veeti Paananen
a9eef029b6 Expand variables in configuration files
e.g. $HOME. Fixes #6373.
2014-07-28 17:36:14 +03:00
Nacho Coloma
979824eedc Moved import to the top 2014-07-28 08:36:56 +02:00
James Cammarata
6eac47e519 Use split_args instead of shlex.split for included params
Fixes #8296
2014-07-26 00:30:42 -05:00
James Cammarata
7344baeffa Make sure empty non-quoted tokens are not added to the arg params list 2014-07-25 15:23:10 -05:00
James Cammarata
3714c0742f Split args on single spaces only 2014-07-25 13:13:15 -05:00
James Cammarata
57f89b85eb Merge pull request #8271 from tksmd/fix-copy-set-fs-attributes-issue
fix an issue that copying directory will fail when trying to change file attributes
2014-07-25 09:38:24 -05:00
James Cammarata
63bcbd0af2 Fix for unicode decoding error in new splitting code
Also adds a new unicode integration test
2014-07-25 09:10:50 -05:00
James Cammarata
10a850c70f Merge branch 'new_arg_splitting' into devel 2014-07-24 21:27:25 -05:00
Michael DeHaan
8d42f5cbfa Smush ds removal 2014-07-24 20:38:02 -05:00
James Cammarata
b8a4ba26f0 Refactoring split_args into sub-functions 2014-07-24 20:00:57 -05:00
Michael DeHaan
630f080cf0 Start of unit tests for split_args function, moved split_args to utils since not needed by modules (so far). 2014-07-24 20:15:04 -04:00
Michael DeHaan
b5d64fdb36 Some notes/comment upgrades on split_args. 2014-07-24 16:34:06 -04:00
James Cammarata
43154e5101 Using custom splitting function for module param counting 2014-07-24 14:42:35 -05:00
Michael DeHaan
e143d7dab7 Merge pull request #7543 from yangliping/fix_local_facts_file_checking_portability
Fix portability issue when checking local facts file permission.
2014-07-24 09:37:22 -04:00
Michael DeHaan
635bea645c Merge pull request #7992 from dehylton/devel
fix swap translation on 4.x openbsd with 2.5.4 python
2014-07-24 09:34:38 -04:00
James Cammarata
b21875d5a9 Make sure 'item' variable is set when using first_available_file
Fixes #8220
2014-07-24 00:05:26 -05:00
someda
1b1d5d0d3d fix an issue that copying directory will fail when trying to change file attributes and the target file already exists on remote
- the issue was introduced by the commit 84759faa09
2014-07-24 14:03:36 +09:00
James Cammarata
2cc602beea Fixes for module param counting and additional shell quoting issues 2014-07-23 22:54:59 -05:00
Benno Joy
ac85d8444b fix for unarchive 8257 2014-07-23 14:50:16 +00:00
Nacho Coloma
57428c48a2 Bugfix: bulletproof unexpected_error_msg at gce.py
This method was still failing for me with a "missing http_code" message. After applying this change, the error message is:

```
msg: Unexpected response: {'value': 'PyCrypto library required for Service Account Authentication.'}
```

I wanted to contribute a rock-solid `unexpected_error_msg` implementation.
2014-07-23 16:45:24 +02:00
James Cammarata
84759faa09 Security fixes:
* Strip lookup calls out of inventory variables and clean unsafe data
  returned from lookup plugins (CVE-2014-4966)
* Make sure vars don't insert extra parameters into module args and prevent
  duplicate params from superseding previous params (CVE-2014-4967)
2014-07-21 11:20:49 -05:00
James Cammarata
00e089e503 Revert "Explicitly set the user option for ssh connections"
This reverts commit 0f91add86f.

Fixes #8216
2014-07-21 10:32:55 -05:00
Joseph Benden
da5e32b316 Needs additional divisor. 2014-07-18 07:55:24 -07:00
Michael DeHaan
0fad9575e9 Refine error message about invalid ops since people forget to indent tasks fairly often. 2014-07-17 10:13:10 -04:00
James Cammarata
0e5b0a2e97 Revert "Set Jinja2's keep_trailing_newline=True in template_from_string."
This reverts commit 7a8eb0b670.
2014-07-17 09:07:04 -05:00
Joseph Benden
b55791ef43 Support for OS X 10.10 DP3. 2014-07-16 12:37:11 -07:00
James Cammarata
62e9cf63b7 Merge pull request #8170 from sergevanginderachter/issue_8159
Load existing group_vars file for new group_by group
2014-07-16 14:28:14 -05:00
Serge van Ginderachter
4e9a253bef Load existing group_vars file for new group_by group
if it was not loaded yet, which happens if that group
didn't exist yet in the inventory.

fixes #8159
2014-07-16 21:16:27 +02:00
James Cammarata
42b5294820 Merge branch 'devel' of https://github.com/leverich/ansible into leverich-devel 2014-07-16 14:02:13 -05:00
Felix Geyer
0ebd19e97b Fix regression: Sanitize sudo success_key from stdout
Commit 7e3dd10 caused a regression with sanitizing the sudo success_key from stdout.
There is no newline in front of SUDO-SUCCESS when using sudo.
This change adapts the regex to make the line break optional.

Tested on Ubuntu 14.04.
2014-07-16 18:14:35 +02:00
Ruggero Marchei
909955f2e2 fix get_distribution_version() on amazon linux 2014-07-15 18:04:46 +02:00
Jacob Leverich
7a8eb0b670 Set Jinja2's keep_trailing_newline=True in template_from_string.
Without this setting, the newline idempotence of scalar strings changes depending on whether
or not they contain any Jinja2 template blocks.
2014-07-14 13:36:17 -07:00
James Cammarata
e74853300a Merge branch 'task-host-loop-bypass' of https://github.com/sivel/ansible into sivel-task-host-loop-bypass 2014-07-14 14:21:25 -05:00
James Cammarata
cdb9f13559 Merge pull request #7605 from sivel/delegate-callback-hint
Show delegate_to hint in callback output
2014-07-14 11:10:52 -05:00
James Cammarata
4fc8d4b6fe Merge pull request #7649 from sivel/vault-password-script
Allow --vault-password-file to work with a script as well as a flat file
2014-07-14 10:57:16 -05:00
Serge van Ginderachter
e8b45a9ef7 Invalidate host/group variables cache when loading
extra varsiables based on playbook basedir.
2014-07-14 15:21:33 +02:00
Serge van Ginderachter
d39ff55688 Fix logic bug when loading vars for a new playbook basedir. 2014-07-14 15:12:53 +02:00
James Cammarata
db96344966 Re-fixing ability to have empty json files after inventory refactoring 2014-07-11 13:20:00 -05:00
James Cammarata
4e5eb7559e Merge branch 'svg_and_inventory_refactor' into devel 2014-07-10 14:43:07 -05:00
Bjorn Neergaard
08f97c0b9d Fix hostname when get_distribution_version() returns a string.
The distro version is a string ('jessie/sid') on Debian unstable and testing.
Because load_platform_subclass() evaluations every subclass as it loops,
comparing numbers when get_distribution_version() does not return a number will
break.

This patch fixes that by returning a number (`0`) when we have an invalid
version, instead of returning `None` or a string.
2014-07-10 11:27:03 -07:00
Dan Slimmon
307a3e8a9c Fixed regex square-bracket bug.
Regexes were being parsed like ordinary ansible host patterns, so
square-bracket groups were getting interpolated wrongly.
2014-07-10 00:08:12 +00:00
James Cammarata
b8ac094eaa Tweak to only show msg on assert failure if set 2014-07-08 14:05:24 -05:00
James Cammarata
16332b8488 Merge branch 'assert-with-msg' of https://github.com/darkk/ansible into darkk-assert-with-msg 2014-07-08 13:56:08 -05:00
James Cammarata
aa261bdd14 Optimizing groups_for_host() lookup in inventory 2014-07-07 21:08:39 -05:00
James Cammarata
fe892fccb1 Merge remote-tracking branch 'svg/varsplugins_refactor' into svg_and_inventory_refactor 2014-07-07 14:16:37 -05:00
James Cammarata
11a5fc85f4 Merge branch 'inventory_refactoring' into svg_and_inventory_refactor 2014-07-07 13:11:58 -05:00
James Cammarata
bcf83cbc24 Merge branch 'sergevanginderachter-inventorytree' into svg_and_inventory_refactor 2014-07-07 13:11:52 -05:00
Serge van Ginderachter
ff4119adc0 Performance optimization in resolving host patterns
Avoid resolving a pattern that is a plain host. When matching a hostname in the
hosts_cache, just use the host object from there.

When running a task on say 750 hosts, this yields a huge improvement.
2014-07-07 12:50:50 -05:00
Matt Martz
6591dd560d Show delegate_to hint in callbacks 2014-07-07 12:39:08 -05:00
Leonid Evdokimov
d94395f48c assert: add optional msg argument
Sample playbook when it may be useful:
```
- uri: return_content=yes url={{ api_base }}/action/{{ inventory_hostname }}
  register: output
- assert:
    msg: '{{ output.json | to_nice_json }}'
    that:
      - output.json.foo != "bar"
      - output.json.boo == 42
```
2014-07-07 19:05:17 +04:00
James Cammarata
7f8de3a265 Merge pull request #8024 from kcghost/7941
removed port from domain name qualification, fixes #7941
2014-07-04 23:15:17 -05:00
James Cammarata
ff04b2b532 Allow empty yaml vars files
Fixes #7843
2014-07-04 23:10:32 -05:00
Michael DeHaan
51e014d915 Merge pull request #8012 from cchurch/callback_cleanup
Callback plugin cleanup
2014-07-03 19:29:59 -05:00
Michael DeHaan
c2ac8fda1e Data from inventory scripts should be able to use nested Jinja2 expressions. 2014-07-03 16:11:14 -04:00
Henry Finucane
de64bbdc5f Support a whitelisted subset of jinja2 template options 2014-07-02 21:14:26 -07:00
Casey Fitzpatrick
7115cb1f37 removed port from domain name qualification, fixes 7941 2014-07-02 19:54:50 -04:00
Marc Abramowitz
5b783e0bc6 Error if private_key_file is group/world readable
Currently, if you have this, ansible fails with a generic error and
suggests running again with `-vvvv`. This isn't bad but pinpointing the
specific problem immediately is even more user-friendly.

```
$ ls -l devops.pem
-rw-r--r--+ 1 marca  staff  1679 Jul  2 11:25 devops.pem

$ ansible -m ping --private-key=devops.pem mt3-pyweb01
mt3-pyweb01 | FAILED => private_key_file (devops.pem) is group-readable or world-readable and thus insecure - you will probably get an SSH failure
```
2014-07-02 13:44:53 -07:00
James Cammarata
81f35323e9 Revert "Fix get_distribution() for platforms that may have spaces"
This reverts commit 2493020d9f.
2014-07-02 09:44:44 -05:00
Chris Church
955dadf743 Remove runner_on_error callback that is never used. 2014-07-01 17:02:10 -04:00
Chris Church
4e98e3785a Reset play attribute on callback plugins when a play fails. 2014-07-01 17:02:10 -04:00
Chris Church
30fae95efe Change variable from pattern to name to correctly indicate what is being passed to the callback. 2014-07-01 17:02:09 -04:00
James Cammarata
8ed6350e65 When parsing json from untrusted sources, remove templating tags 2014-07-01 14:14:14 -05:00
James Cammarata
eeb597360e Further safe_eval fixes 2014-07-01 14:14:14 -05:00
dewey hylton
379e1a49cb fix swap translation on 4.x openbsd with 2.5.4 python 2014-06-30 17:23:55 -04:00
Michael Scherer
f0a7139290 Fix exec_command prototype for the plugin 2014-06-28 13:06:40 +02:00
mesk41in
488aec3936 Fix unsupported regexp parameter in assemble 2014-06-27 13:54:59 +04:00
James Cammarata
539426f612 Performance tuning inventory functions for large inventories 2014-06-26 23:15:39 -05:00
James Cammarata
35368e531b Additional fixes for safe_eval 2014-06-25 21:26:32 -05:00
James Cammarata
5429b85b9f Change safe_eval to a strict white list 2014-06-25 14:00:21 -05:00
James Cammarata
d8a7b49b59 Merge branch 'inventorytree' of https://github.com/sergevanginderachter/ansible into sergevanginderachter-inventorytree 2014-06-24 15:21:08 -05:00
Matt Martz
19f5ce2c9c Allow --vault-password-file to work with a script as well as a flat file 2014-06-24 15:02:24 -05:00
James Cammarata
1adb6dfa05 Remove redundant 'self.user or' added by 0f91add 2014-06-24 10:45:38 -05:00
Thomas Mangin
0f91add86f Explicitly set the user option for ssh connections
Fixes #7170
2014-06-23 15:57:49 -05:00
Paul Sokolovsky
f8bf9cdeec Handle TemplateNotFound to render more helpful error message.
At the point the exception is handled, it is likely due to error loading
a sub-template included from main template. Besides file not found, it
can be caused also by include path failing Jinja2 checks. Now, when
rendering the exception from Jinja, it will include exception name. This
will give basic context or *what* the error is.

Fixes #7103
Fixes #7105
2014-06-23 15:02:58 -05:00
James Cammarata
5d65c1c4a4 Merge branch 'Mbosco-patch-1' into devel 2014-06-23 13:00:51 -05:00
James Cammarata
6bd0621037 Merge branch 'devel' of https://github.com/ansible/ansible into devel 2014-06-23 12:59:12 -05:00