Commit graph

15681 commits

Author SHA1 Message Date
Toshio Kuratomi
088682f518 Synchronize in wasn't running on localhost in the default case which meant that rsync was run on the wrong host.
Fixes #11649
2015-07-29 09:10:24 -07:00
Mahmoud Saada
ddd46f6599 Update rekey() in vault.py to validate files passed exist before prompting for password 2015-07-29 09:03:15 -07:00
Brian Coca
8798ce1973 Merge pull request #9365 from t0mk/ssh_config_fix
fix ssh_config inventory plugin to work with paramiko 1.7.2 till 1.15.2
2015-07-29 11:53:56 -04:00
Brian Coca
29347ac457 switched from png to svg
fixes #9885
2015-07-29 11:25:42 -04:00
Brian Coca
0784fa1765 removed import q 2015-07-29 11:00:04 -04:00
Brian Coca
96bcf50a94 implemented requirements file in v2
fixes #11179
2015-07-29 10:59:33 -04:00
Tomas Karasek
bb6a327c1b fix ssh_config inventory plugin to work with paramiko 1.7.2 till 1.15.2 2015-07-29 16:58:16 +03:00
James Cammarata
71867f9480 Remove vars attribute from base
Fixes #11779
2015-07-29 09:45:30 -04:00
Scott Cunningham
695e456cb0 add credstash lookup plugin 2015-07-29 11:18:13 +01:00
Vilmos Nebehaj
956fa80115 Add note about installing cryptography. 2015-07-29 11:43:10 +02:00
Brian Coca
132c14eb57 indented hosts 2015-07-28 22:31:40 -04:00
Brian Coca
c0c094c413 now all --list options are working! 2015-07-28 22:30:59 -04:00
Brian Coca
884435a1aa minor cosmetic changes to list options 2015-07-28 22:14:41 -04:00
Brian Coca
056602c424 rearranged --list- options, now they are consolidated when used toghether, less loops, more concise output
list-hosts works
list-tasks works, but needs better task naming (missing role info)
list-tags only shows play tags
2015-07-28 22:05:49 -04:00
Brian Coca
b8336f222d Merge pull request #11560 from oscarhealth/devel
ability to specify any combination of EC2 instance states to return
2015-07-28 21:11:30 -04:00
Brian Coca
d75b4cd190 Merge pull request #11006 from alexlo03/ec2_inventory_clear_errors
explain source of EC2 inventory error
2015-07-28 19:18:49 -04:00
Brian Coca
7a019d930e Merge pull request #8469 from srvg/packageversion_more_gitinfo
packaging: add short hash and branch name in package version for unoffici...
2015-07-28 19:17:30 -04:00
Brian Coca
cc85473c1e show role search path when not finding a role
fixes #9770
2015-07-28 19:07:47 -04:00
Brian Coca
adc8a32c65 added vca_nat and vca_fw to changelog 2015-07-28 18:47:16 -04:00
Brian Coca
d276b69b2a put proxmox inventory in correct dir and added to changelog 2015-07-28 18:38:23 -04:00
Brian Coca
018ca6ddef Merge pull request #9273 from gauthierl/proxmox_inventory
add a proxmox inventory plugin
2015-07-28 18:36:22 -04:00
James Cammarata
42cfacf83b Switch up the task/host overrides for PlayContext to use the compiled vars dict
Fixes #11436
2015-07-28 16:25:44 -04:00
Brian Coca
2d2ec058c8 added xenserver_Facts to changelog 2015-07-28 16:13:31 -04:00
Brian Coca
a8b2b5b0c9 avoids printing blank diffs
fixes #10147 fixes #9471
2015-07-28 15:47:52 -04:00
James Cammarata
5cf2781528 A little more cleanup regarding _compute_environment_string 2015-07-28 15:34:10 -04:00
James Cammarata
467432bef5 Fix incorrect module path for AnsibleError in action plugin base 2015-07-28 15:25:25 -04:00
Brian Coca
f5c8055879 removed debug stuff 2015-07-28 15:25:17 -04:00
Brian Coca
67ce15cd99 added ec2_vpc_route_table_facts to new module list 2015-07-28 14:59:27 -04:00
Brian Coca
b91a211663 added note on module urllib2 consolidation 2015-07-28 14:48:24 -04:00
Brian Coca
f4a997db49 added back but stderr, which was the original itnention 2015-07-28 14:36:06 -04:00
Brian Coca
3b9282fb90 fixed dupe output in raw/command cases 2015-07-28 14:31:49 -04:00
Brian Coca
a78fdde32c better handling for weird doc corner cases (abscense of options, bad text objects, etc)
also updated extras to get some docfixes on the module side
2015-07-28 14:30:46 -04:00
Toshio Kuratomi
0d7d22d530 Add json and fetch_url notes to checklist 2015-07-28 11:15:44 -07:00
Brian Coca
17103dd4cc update submodule refs 2015-07-28 13:08:05 -04:00
Brian Coca
6cdee94c33 added missing skipped item function to base 2015-07-28 11:02:25 -04:00
Brian Coca
6f93d228f6 made item output closer to v1 2015-07-28 10:59:39 -04:00
Brian Coca
4f9d719b14 removed debug 2015-07-28 10:43:11 -04:00
Brian Coca
d78c2fc212 now reports per task item 2015-07-28 10:41:40 -04:00
James Cammarata
2d90cbf78b Properly fail results with rc != 0
Fixes #11769
2015-07-28 10:15:14 -04:00
Brian Coca
787a0c4e04 fixed indent issues 2015-07-28 10:10:21 -04:00
Vilmos Nebehaj
58cccce384 Use PBKDF2HMAC() from cryptography for vault keys.
When stretching the key for vault files, use PBKDF2HMAC() from the
cryptography package instead of pycrypto. This will speed up the opening
of vault files by ~10x.

The problem is here in lib/ansible/utils/vault.py:

    hash_function = SHA256

    # make two keys and one iv
    pbkdf2_prf = lambda p, s: HMAC.new(p, s, hash_function).digest()

    derivedkey = PBKDF2(password, salt, dkLen=(2 * keylength) + ivlength,
                        count=10000, prf=pbkdf2_prf)

`PBKDF2()` calls a Python callback function (`pbkdf2_pr()`) 10000 times.
If one has several vault files, this will cause excessive start times
with `ansible` or `ansible-playbook` (we experience ~15 second startup
times).

Testing the original implementation in 1.9.2 with a vault file:

In [2]: %timeit v.decrypt(encrypted_data)
1 loops, best of 3: 265 ms per loop

Having a recent OpenSSL version and using the vault.py changes in this commit:

In [2]: %timeit v.decrypt(encrypted_data)
10 loops, best of 3: 23.2 ms per loop
2015-07-28 14:51:36 +02:00
Brian Coca
77fc3ce759 removed unused import 2015-07-28 08:28:52 -04:00
Brian Coca
aa5bd8c2b5 added pam_limits to changelog 2015-07-28 08:23:31 -04:00
Lukas Pirl
d9aa14feea fixes remote code execution for su/sudo and strict remote umasks
* temporarily changes umask for creating temporary directories
    * otherwise parent directories may not get chmod'ed and end up
      unreadable
refs #9902
2015-07-28 19:24:23 +12:00
James Cammarata
e505a1b7c4 Fix variable precedence integrationt test 2015-07-28 00:51:58 -04:00
Brian Coca
c76a66694f fixed typo 2015-07-27 22:54:57 -04:00
Brian Coca
d9c63fb273 added openvz to inventory 2015-07-27 22:52:12 -04:00
Brian Coca
80ecab5317 Merge pull request #11761 from amenonsen/9843-rebase
Add pciid to LinuxNetwork interface fact
2015-07-27 22:20:04 -04:00
Hugh Saunders
f344ec463f Add LVM facts to setup module
This commit adds LinuxHardware.get_device_facts() and calls that from
.populate().

LVM facts are only gathered if the setup module is running as root and
the lvm utilities are available (tested by searching for 'vgs').

If the conditions are met, facts are set for each volume group and
logical volume.

Example:

Test LVM Data:
$ sudo vgs
  VG   #PV #LV #SN Attr   VSize VFree
  test   1   2   0 wz--n- 5.00g 2.00g
$ sudo lvs
  LV      VG   Attr      LSize Pool Origin Data%  Move Log Copy%  Convert
  testlv  test -wi-a---- 1.00g
  testlv2 test -wi-a---- 2.00g

Facts Returned:
$ ansible localhost -i /tmp/inv -m setup -a 'filter=ansible_lvm'
localhost | success >> {
    "ansible_facts": {
        "ansible_lvm": {
            "lvs": {
                "testlv": {
                    "size_g": "1.00",
                    "vg": "test"
                },
                "testlv2": {
                    "size_g": "2.00",
                    "vg": "test"
                }
            },
            "vgs": {
                "test": {
                    "free_g": "2.00",
                    "num_lvs": "2",
                    "num_pvs": "1",
                    "size_g": "5.00"
                }
            }
        }
    },
    "changed": false
}

Test as non-root:
$ ansible localhost -i /tmp/inv-user -m setup -a 'filter=ansible_lvm'
localhost | success >> {
    "ansible_facts": {},
    "changed": false
}

Test without lvm utilities available
$ sudo mv /sbin/vgs{,.bk}
$ ansible localhost -i /tmp/inv -m setup -a 'filter=ansible_lvm'
localhost | success >> {
    "ansible_facts": {},
    "changed": false
}
2015-07-28 07:46:01 +05:30
Brian Coca
5f8db9cd4b changed verbose_override to the new _ansible_verbose_override to keep in line with previous changes
output now defaults back to having indent=4
2015-07-27 22:15:44 -04:00