Commit graph

4823 commits

Author SHA1 Message Date
Toshio Kuratomi
f1144752c4 Pull in docs fix from core modules 2015-08-06 21:11:49 -07:00
James Cammarata
e7d0c9f820 Re-add vars to Base and standardize var processing
Fixes #11779
2015-08-07 00:06:30 -04:00
Brian Coca
dbe7a9fe2f Merge pull request #11857 from quinot/bug/playbook-init-comment
Minor comment fix
2015-08-06 23:39:08 -04:00
Brian Coca
3c57018a10 Merge pull request #11778 from Ensighten/add_credstash_plugin
add credstash lookup plugin
2015-08-06 23:27:18 -04:00
Brian Coca
d47d0b1d7f now continue/abort mode allows ignoring other input 2015-08-06 22:16:30 -04:00
Brian Coca
a555a0652e allow for vars_prompt and pause prompt to be skipped in non interactive settings
ansible-pull users rejoice
2015-08-06 19:20:45 -04:00
Toshio Kuratomi
ce52fdebe8 Pull in get_url checksum change 2015-08-06 15:45:23 -07:00
Brian Coca
29cd72b7d8 even simpler condition tree for pause 2015-08-06 18:40:15 -04:00
Brian Coca
dc80bc8929 now pause behaves like v1 pause 2015-08-06 18:09:59 -04:00
Brian Coca
f7707d8850 brought user_input back to pause 2015-08-06 17:49:14 -04:00
Toshio Kuratomi
00b1a2c865 Restore ValueError in md5 method and change finding the available hash algorithms so we only have to do it once 2015-08-06 14:40:28 -07:00
Brian Coca
15a20e814b added tags back to ansible-pull 2015-08-06 17:37:05 -04:00
Brian Coca
5f0359c119 keep banners at 79 2015-08-06 17:37:05 -04:00
Brian Coca
25e67bb716 text wrap now adapts to terminal 2015-08-06 17:37:05 -04:00
Toshio Kuratomi
80cb69214b Merge pull request #11840 from muffl0n/module_utils_hash_algorithms
Add get_available_hash_algorithms()
2015-08-06 14:29:31 -07:00
James Cammarata
d44daf53cc Allow wrapped text in deprecated messages 2015-08-06 17:21:02 -04:00
James Cammarata
5eb092b331 Handle top-level vars for include tasks to match v1 syntax
The "streamlined" syntax will be deprecated at some point in the future.

Fixes #11882
2015-08-06 17:21:02 -04:00
Toshio Kuratomi
e16b24c01e Update submodule ref 2015-08-06 08:45:09 -07:00
Toshio Kuratomi
e8452c864e Restore the relative path handling portion of #11865 2015-08-06 07:28:22 -07:00
James Cammarata
26d5a17b59 Make sure inventory loads files with non-relative paths
This is a slightly different fix than we originally committed, but fixes
the problem in a less invasive way (and I believe it's generally better
that we don't deal with relative paths internally past this point)

Fixes #11789
2015-08-06 10:18:58 -04:00
Brian Coca
b9433650d1 Revert "Path of group_vars and host_vars were getting the basedir added twice."
in view of simpler solution incomming from james
This reverts commit bae7a02be5.
2015-08-06 10:09:43 -04:00
Brian Coca
9f156e5550 updated submodule refs 2015-08-06 09:42:35 -04:00
Brian Coca
7bea04141b Merge pull request #11865 from ansible/fix-group_vars_path
Path of group_vars and host_vars were getting the basedir added twice.
2015-08-06 09:40:13 -04:00
Brian Coca
08e6c1d82b avoid possible errors with new broadcast handling in linux 2015-08-06 09:00:52 -04:00
Brian Coca
cb2cfaebda started porting chroot to v2 2015-08-06 08:55:22 -04:00
Brian Coca
262c75c253 Merge pull request #10971 from mightydok/debbraoadcastfix
Add missed broadcast address to linux network facts.
2015-08-06 08:52:55 -04:00
Scott Cunningham
87ef53c962 credstash lookup plugin: python 2.6-compatible string.format() 2015-08-05 23:40:43 -07:00
Scott Cunningham
c4629b72e0 credstash lookup plugin: error out in run function when credstash not installed, not at module scope 2015-08-05 23:37:10 -07:00
Toshio Kuratomi
bae7a02be5 Path of group_vars and host_vars were getting the basedir added twice.
Fix inventory so this won't happen and fix DataLoader so that it will
test relative paths relative to self._basedir

Fixes #11789
2015-08-05 17:41:17 -07:00
Toshio Kuratomi
e7b5cb8782 Fix synchronize source path with roles and local connection
Fixes #8261
2015-08-05 13:32:12 -07:00
Toshio Kuratomi
dd7fa07038 Update submodule refs so synchronize plugin works 2015-08-05 13:19:28 -07:00
Toshio Kuratomi
308bf80055 Cleanups to synchronize including:
* Better comments
* Reorganize code so related settings are close to each other
* Add ::1 to the "localhost" patterns we look for
* Make the dest_port parameter override the ansible_ssh_port setting
* Fix dest_port (wasn't being set)
* more complete detection of delegate_to
* Fix set_remote_user (wasn't being looked for in parameters)
* Instead of removing mode here, have the ansible module accept it
  (better documents the parameters doing it htat way)
2015-08-05 13:16:08 -07:00
James Cammarata
37e38924de Allow field attributes to have priorities
So that roles are loaded ahead of all other play fields, meaning any
plugins contained within the roles are loaded first before tasks.

Fixes #11858
2015-08-05 13:54:00 -04:00
Jon Hawkesworth
f69da544f7 add win_basename and win_dirname filters 2015-08-05 18:38:15 +01:00
James Cammarata
fad44862a5 Implementing includes in the free strategy 2015-08-05 11:53:04 -04:00
Brian Coca
2b9b3a08a1 make sure you only update pci data if there is a match 2015-08-05 09:44:37 -04:00
Yannig Perré
09d257e637 Porting ini lookup plugin against ansible v2. 2015-08-05 12:07:16 +02:00
Thomas Quinot
5d3cb636ad Minor comment fix 2015-08-05 11:30:26 +02:00
Yannig Perré
47db352725 Merge remote-tracking branch 'ansible/devel' into devel 2015-08-05 11:20:41 +02:00
Yannig Perré
733d40a77c When value does not exist, return default value instead of stopping ansible with an exception. 2015-08-05 10:54:24 +02:00
James Cammarata
faf4c3bb6c Merge pull request #11816 from amenonsen/ssh-ipv6
Fix ssh connections to IPv6 addresses
2015-08-05 00:10:34 -04:00
James Cammarata
dbd755e0f4 Fix jinja2 template search pathing
Fixes #9933
2015-08-04 22:50:16 -04:00
Scott Cunningham
934ce86d35 update credstash lookup plugin to use Python 2.4-compatible exception catching 2015-08-04 18:29:37 -07:00
James Cammarata
61e76fd707 Allow conditionals on PlaybookInclude statements
Fixes #11852
2015-08-04 15:24:28 -04:00
James Cammarata
b6c3e5d797 Validate variable names given in set_fact
Fixes #11851
2015-08-04 13:30:47 -04:00
James Cammarata
5266679964 Use templar all the way down
Fixes bugs related to creating Templar() objects on the fly, where
the shared loader objects (serialized to TaskExecutor) aren't used
so information loaded into plugin loaders after forking is lost.

Fixes #11815
2015-08-04 12:25:53 -04:00
muffl0n
8d6d711a5c move get_available_hash_algorithms() from get_url 2015-08-04 08:57:36 +02:00
James Cammarata
c3ce140dd2 Exclude loop_args from post_validation for tasks
This field is templated specially during the TaskExecutor's loop
calculation, so there's no need to post validate it again.

Fixes #11481
2015-08-04 01:12:27 -04:00
Brian Coca
015b922c1f fix quoting for become commands
fixes #11808
2015-08-03 18:49:23 -04:00
Toshio Kuratomi
ca941ec632 style cleanup because -ECANNOTUNDERSTAND without it 2015-08-03 15:05:26 -07:00
Toshio Kuratomi
f86245dcb0 Add a warning about python3 in the synchronize plugin 2015-08-03 15:05:26 -07:00
Toshio Kuratomi
f0431eaea9 Make ansible_python_interpreter work with synchronize
Fixes #11836
2015-08-03 13:32:24 -07:00
James Cammarata
8279557e8f Allow role names to be templated
Fixes #10858
2015-08-03 16:26:13 -04:00
James Cammarata
ed603f7030 Fix free strategy only running first play in a multi-play playbook
Fixes #11839
2015-08-03 14:40:16 -04:00
James Cammarata
c2435fab7e Inject the play context vars into the variables used for loop item templating 2015-08-03 12:12:45 -04:00
James Cammarata
bcbcfc79be Fix relative paths for included files
Also modifies the Play class to not include become* fields in the
post-validation step.

Fixes #11353
2015-08-03 12:04:31 -04:00
James Cammarata
2673eb0afb Add option to fail on undefined variables to listify
And use it in the call to get the loop items for a task.
2015-08-03 12:04:31 -04:00
James Cammarata
a586c74967 Merge pull request #11838 from cchurch/stringify_powershell_unquote_value
Fix for PowerShell unquote method when passed None.
2015-08-02 22:57:27 -04:00
James Cammarata
f6d1b5e233 Merge pull request #11835 from cchurch/raw_is_not_raw_enough
Raw is not raw enough
2015-08-02 22:56:45 -04:00
James Cammarata
7b9aee7077 Merge pull request #11832 from amenonsen/zeroforks
Disallow --forks 0
2015-08-02 22:39:21 -04:00
Chris Church
cafc35fd5b Fix for PowerShell unquote method when passed None. 2015-08-02 18:38:29 -04:00
Abhijit Menon-Sen
7d9689c1c5 Slice ascii_letters directly instead of using 'for x in range()' 2015-08-02 23:47:18 +05:30
Abhijit Menon-Sen
bfe708a189 Make host range parsing errors issue better messages
Now we always say "host range must …specific thing…"
2015-08-02 23:47:18 +05:30
Abhijit Menon-Sen
1413496292 Implement step for alphabetic ranges: [a:e:2] => a,c,e 2015-08-02 23:47:18 +05:30
Abhijit Menon-Sen
72715c6add Fix ssh connections to IPv6 addresses
We can unconditionally wrap remote_addr in square brackets for scp and
sftp (both of which require them for IPv6 addresses), but not wrap them
at all for ssh (which doesn't accept them). This way, we don't have to
detect and treat IPv6 addresses specially. This works for hostnames,
IPv4 addresses, and IPv6 addresses.

The earlier code seemed to intend to wrap all IPv6 addresses in square
brackets, which would have broken ssh, but it actually made no attempt
to detect IPv6 addresses at all (so it broke only with IPv6 addresses
for scp and sftp).

Based on a review of PR #11677 by @JuiceBoxSingularity
2015-08-02 23:46:01 +05:30
Chris Church
6969b5ac8b Make sure raw doesn't eat key=value arguments. 2015-08-02 11:57:32 -04:00
Abhijit Menon-Sen
861da614cc Make 'pause: prompt=…' print the prompt
In stable-1.9, the prompt string is passed to raw_input(), which prints
it without an extra \n. Here we're just print()ing it, so the \n would
be doubled.
2015-08-02 20:08:28 +05:30
James Cammarata
9936c5f9f6 Fixing the pause module for devel 2015-08-02 09:29:13 -04:00
Abhijit Menon-Sen
8de70fa657 Disallow --forks 0
Without at least one worker process, things break:

Traceback (most recent call last):
  File "/home/ams/extern/ansible/ansible/lib/ansible/executor/process/result.py", line 103, in run
    result = self._read_worker_result()
  File "/home/ams/extern/ansible/ansible/lib/ansible/executor/process/result.py", line 69, in _read_worker_result
    (worker_prc, main_q, rslt_q) = self._workers[self._cur_worker]
IndexError: list index out of range
2015-08-02 14:10:45 +05:30
Toshio Kuratomi
cf35bdbdf9 Merge pull request #11827 from amenonsen/trivial-fixmes
Remove TODO: the play already overrides options
2015-08-01 07:40:15 -07:00
Abhijit Menon-Sen
a9b020d6de Remove TODO: the play already overrides options 2015-08-01 20:09:02 +05:30
Abhijit Menon-Sen
1f2adb5e14 Show a better message when ansible.cfg is not found
Earlier we would say «Using  as config file» if we didn't find one.
2015-08-01 19:44:20 +05:30
Abhijit Menon-Sen
2cb7cd8379 Remove outdated FIXME; _compute_delegate is called below 2015-08-01 09:35:32 +05:30
Abhijit Menon-Sen
7b3cb2126c Remove outdated FIXME; ROLE_CACHE is already implemented below 2015-08-01 09:34:32 +05:30
Toshio Kuratomi
91a77b8603 Fix potential bug in parameter passing 2015-07-31 20:35:01 -07:00
James Cammarata
13b8a57d3d Undo previous travis/tox fixes and fix underlying issue 2015-07-31 23:01:43 -04:00
Toshio Kuratomi
0d72be3953 become protection for local connections no longer needed 2015-07-31 18:26:30 -07:00
Toshio Kuratomi
d1933accc3 Fixes for synchronize with delegate_to 2015-07-31 17:41:41 -07:00
Toshio Kuratomi
3939348286 Fix HostVars to support containment tests 2015-07-31 13:58:09 -07:00
Chris Church
74df17de29 Add an option for PowerShell modules to indicate support for check mode, skip running module if check mode is not supported. 2015-07-31 14:48:51 -04:00
Chris Church
e87cf4a3cc Fixes for WinRM/PowerShell support in v2.
- Add support for inserting module args into PowerShell modules.  Fixes #11661.
- Support Windows paths containing spaces.  Applies changes from #10727 to v2.  Fixes #9999.  Should also fix ansible/ansible-modules-core#944 and ansible/ansible-modules-core#1007.
- Change how execution policy is set for running remote scripts.  Applies changes from #11092 to v2.  Also fixes ansible/ansible-modules-core#1776.
- Use codepage 65001 (UTF-8) for WinRM connection instead of default (CP437), convert command to UTF-8 and results from UTF-8.  Replaces changes from #10024.  Fixes #11198.
- Close WinRM connection when task completes.
- Use win_stat, win_file and win_copy modules instead of stat, file and copy when called from within other action plugins (only when using WinRM+PowerShell).
- Unquote Windows path arguments before passing to win_stat, win_file, win_copy and slurp modules (only when using WinRM/PowerShell).
- Check for win_ping module to determine if core modules are missing (only when using WinRM/PowerShell).
- Add stdout_lines to result from running low level commands (so stdout_lines is available when using raw/script).
- Update copy action plugin to use shell functions for joining paths and checking for trailing slash.
- Update fetch action plugin to unquote source path when using Windows paths.
- Add win_copy and win_template action plugins that inherit from copy and template.
- Support running .bat and .cmd scripts using default system encoding instead of UTF-8.
- Always send PowerShell commands as base64-encoded blobs to allow for running simple PowerShell commands via raw.
- Support running modules on Windows with interpreters other than PowerShell.
- Update integration tests to support above changes and test unicode fixes.
- Add test for win_user error from ansible/ansible-modules-core#1241 (fixed by ansible/ansible-modules-core#1774).
- Add test for additional win_stat output values (implemented by ansible/ansible-modules-core#1473).
- Add test for OS architecture and name from setup.ps1 (implemented by ansible/ansible-modules-core#1100).

All WinRM integration tests pass for me with these changes.
2015-07-31 14:38:31 -04:00
Brian Coca
fa8043c0ba corrected typo 2015-07-31 13:49:48 -04:00
Brian Coca
f16b745f17 now properly uses default port if defined 2015-07-31 12:01:58 -04:00
Brian Coca
496186f5de makes ssh plugin resilient against invalid entries in hosts file
fixes #10238
2015-07-31 12:01:58 -04:00
Toshio Kuratomi
e349004325 Update submodule ref to pull in apt_repo fixes 2015-07-31 08:22:48 -07:00
Jonathan Süssemilch Poulain
02294c52ce Typo 2015-07-31 13:25:42 +02:00
Jonathan Süssemilch Poulain
4614a574ea Allows network network interface facts collection as an unprivileged user and adds more facts 2015-07-31 10:39:02 +02:00
Jonathan Süssemilch Poulain
e181bcf62b Allows to fetch machine architecture as an unprivileged user 2015-07-31 10:35:10 +02:00
Brian Coca
9aa4214417 fixed delegate_to ref in syncronize 2015-07-30 20:53:18 -04:00
Brian Coca
8a00dff989 updated submodule refs 2015-07-30 18:37:41 -04:00
Brian Coca
07e5e98cbf removed jinaj2 override restrictions 2015-07-30 16:53:39 -04:00
Brian Coca
113f709eac brought up to date with default 2015-07-30 16:53:38 -04:00
Brian Coca
51de207197 Merge pull request #11805 from amenonsen/trivial-fixmes
A series of trivial FIXMEs for devel
2015-07-30 16:40:17 -04:00
Scott Cunningham
193e857bc4 credstash lookup plugin: raise AnsibleError when credstash library not installed 2015-07-30 21:04:26 +01:00
James Cammarata
222f04e387 Submodule pointer update 2015-07-30 14:50:53 -04:00
Abhijit Menon-Sen
807079ec2f Remove outdated FIXME; HostVars is imported and used below 2015-07-31 00:09:49 +05:30
Brian Coca
d05c4b82aa Merge pull request #11803 from amenonsen/prompt_encrypt
Uncomment encrypt handling for vars_prompt
2015-07-30 14:21:32 -04:00
Abhijit Menon-Sen
845784b572 Remove outdated FIXMEs; all use combine_vars already 2015-07-30 23:47:41 +05:30
James Cammarata
efcad3aa6d Re-allow vars on tasks, specifically for includes 2015-07-30 14:14:49 -04:00
James Cammarata
0ad52a403f Merge pull request #11804 from amenonsen/fixme
Easy FIXMEs
2015-07-30 13:58:40 -04:00
Abhijit Menon-Sen
1541e331c9 Also fix UTF-8 handling in vars_prompt 2015-07-30 23:27:39 +05:30
James Cammarata
549c204051 Submodule pointer update 2015-07-30 13:48:09 -04:00
Abhijit Menon-Sen
694d2103b1 Remove outdated FIXME code
This is already handled in PlayContext.set_options.
2015-07-30 23:12:06 +05:30
Abhijit Menon-Sen
ff2d160fff Correct invalid reference to global display 2015-07-30 22:52:47 +05:30
Abhijit Menon-Sen
10def3aa54 Uncomment encrypt handling for vars_prompt 2015-07-30 22:42:21 +05:30
Brian Coca
b2dc66c7ea now check stderr also on become for ssh plugin for the cases where sudo or su do not want to prompt/echo on stdin
fixes #11796
2015-07-30 13:11:41 -04:00
Brian Coca
17f659a143 added some debug to galaxy 2015-07-30 12:35:27 -04:00
Brian Coca
29bc8f51d7 made tags display closer to v1 2015-07-30 12:35:27 -04:00
Brian Coca
b37be236d9 Merge pull request #11475 from nibalizer/cfacter_support
Use cfacter instead of facter if possible
2015-07-29 22:46:21 -04:00
Abhijit Menon-Sen
3d581e5306 Don't stat None
Fixes #11794, regression introduced by #11010
2015-07-30 08:02:27 +05:30
Brian Coca
527ae360b0 Merge pull request #10652 from vodik/nspawn
Support querying systemd container information
2015-07-29 21:51:58 -04:00
Brian Coca
4b8e368039 Merge pull request #11010 from sillydong/devel
Add judgment to to fix path0 if ANSIBLE_CONFIG is set to a dir
2015-07-29 21:36:07 -04:00
Brian Coca
0e77871426 fixed non ignore errors path to actually interrupt
fixed cases where missing/inaccessible file gave exception, now you get nice error
2015-07-29 20:13:17 -04:00
Brian Coca
8153c34abf now returns false on bad role_data 2015-07-29 19:48:21 -04:00
Brian Coca
e81ec32719 made galaxy more resilient with bad yaml files and comments/spaces in non yaml files
fixes #10641
2015-07-29 19:28:29 -04:00
Joseph Callen
2f5ced8856 Moving VMware Utilites module
Moved `vmware.py` from v1 to `lib/ansible/module_utils/vmware.py`.

No other changes has been made since these two PRs:
https://github.com/ansible/ansible/pull/10812
https://github.com/ansible/ansible/pull/10760
2015-07-29 17:16:15 -04:00
Brian Coca
ced93d35ca adjusted list hosts across adhoc and playbook cli 2015-07-29 15:46:13 -04:00
James Cammarata
3a50c08c01 Merge branch 'pluggable_jinja_tests' of https://github.com/quixoten/ansible into quixoten-pluggable_jinja_tests 2015-07-29 15:16:27 -04:00
James Cammarata
782c2f75df Make sure role deps inherit conditionals/tags specified via params
Fixes #7353
2015-07-29 14:49:08 -04:00
Brian Coca
bedfe00de8 Merge pull request #11336 from saada/patch-1
Update Vault rekey() in vault.py to validate files passed before input
2015-07-29 12:52:14 -04:00
Toshio Kuratomi
4f1d365a25 Merge pull request #11783 from ansible/synchronize-fix
Synchronize in wasn't running on localhost in the default case which …
2015-07-29 09:33:01 -07:00
Toshio Kuratomi
088682f518 Synchronize in wasn't running on localhost in the default case which meant that rsync was run on the wrong host.
Fixes #11649
2015-07-29 09:10:24 -07:00
Mahmoud Saada
ddd46f6599 Update rekey() in vault.py to validate files passed exist before prompting for password 2015-07-29 09:03:15 -07:00
Brian Coca
0784fa1765 removed import q 2015-07-29 11:00:04 -04:00
Brian Coca
96bcf50a94 implemented requirements file in v2
fixes #11179
2015-07-29 10:59:33 -04:00
James Cammarata
71867f9480 Remove vars attribute from base
Fixes #11779
2015-07-29 09:45:30 -04:00
Scott Cunningham
695e456cb0 add credstash lookup plugin 2015-07-29 11:18:13 +01:00
Brian Coca
132c14eb57 indented hosts 2015-07-28 22:31:40 -04:00
Brian Coca
c0c094c413 now all --list options are working! 2015-07-28 22:30:59 -04:00
Brian Coca
884435a1aa minor cosmetic changes to list options 2015-07-28 22:14:41 -04:00
Brian Coca
056602c424 rearranged --list- options, now they are consolidated when used toghether, less loops, more concise output
list-hosts works
list-tasks works, but needs better task naming (missing role info)
list-tags only shows play tags
2015-07-28 22:05:49 -04:00
Brian Coca
cc85473c1e show role search path when not finding a role
fixes #9770
2015-07-28 19:07:47 -04:00
James Cammarata
42cfacf83b Switch up the task/host overrides for PlayContext to use the compiled vars dict
Fixes #11436
2015-07-28 16:25:44 -04:00
Brian Coca
a8b2b5b0c9 avoids printing blank diffs
fixes #10147 fixes #9471
2015-07-28 15:47:52 -04:00
James Cammarata
5cf2781528 A little more cleanup regarding _compute_environment_string 2015-07-28 15:34:10 -04:00
James Cammarata
467432bef5 Fix incorrect module path for AnsibleError in action plugin base 2015-07-28 15:25:25 -04:00
Brian Coca
f4a997db49 added back but stderr, which was the original itnention 2015-07-28 14:36:06 -04:00
Brian Coca
3b9282fb90 fixed dupe output in raw/command cases 2015-07-28 14:31:49 -04:00
Brian Coca
a78fdde32c better handling for weird doc corner cases (abscense of options, bad text objects, etc)
also updated extras to get some docfixes on the module side
2015-07-28 14:30:46 -04:00
Brian Coca
17103dd4cc update submodule refs 2015-07-28 13:08:05 -04:00
Brian Coca
6cdee94c33 added missing skipped item function to base 2015-07-28 11:02:25 -04:00
Brian Coca
6f93d228f6 made item output closer to v1 2015-07-28 10:59:39 -04:00
Brian Coca
4f9d719b14 removed debug 2015-07-28 10:43:11 -04:00
Brian Coca
d78c2fc212 now reports per task item 2015-07-28 10:41:40 -04:00
James Cammarata
2d90cbf78b Properly fail results with rc != 0
Fixes #11769
2015-07-28 10:15:14 -04:00
Brian Coca
787a0c4e04 fixed indent issues 2015-07-28 10:10:21 -04:00
Vilmos Nebehaj
58cccce384 Use PBKDF2HMAC() from cryptography for vault keys.
When stretching the key for vault files, use PBKDF2HMAC() from the
cryptography package instead of pycrypto. This will speed up the opening
of vault files by ~10x.

The problem is here in lib/ansible/utils/vault.py:

    hash_function = SHA256

    # make two keys and one iv
    pbkdf2_prf = lambda p, s: HMAC.new(p, s, hash_function).digest()

    derivedkey = PBKDF2(password, salt, dkLen=(2 * keylength) + ivlength,
                        count=10000, prf=pbkdf2_prf)

`PBKDF2()` calls a Python callback function (`pbkdf2_pr()`) 10000 times.
If one has several vault files, this will cause excessive start times
with `ansible` or `ansible-playbook` (we experience ~15 second startup
times).

Testing the original implementation in 1.9.2 with a vault file:

In [2]: %timeit v.decrypt(encrypted_data)
1 loops, best of 3: 265 ms per loop

Having a recent OpenSSL version and using the vault.py changes in this commit:

In [2]: %timeit v.decrypt(encrypted_data)
10 loops, best of 3: 23.2 ms per loop
2015-07-28 14:51:36 +02:00
Brian Coca
77fc3ce759 removed unused import 2015-07-28 08:28:52 -04:00
Lukas Pirl
d9aa14feea fixes remote code execution for su/sudo and strict remote umasks
* temporarily changes umask for creating temporary directories
    * otherwise parent directories may not get chmod'ed and end up
      unreadable
refs #9902
2015-07-28 19:24:23 +12:00
Brian Coca
80ecab5317 Merge pull request #11761 from amenonsen/9843-rebase
Add pciid to LinuxNetwork interface fact
2015-07-27 22:20:04 -04:00
Hugh Saunders
f344ec463f Add LVM facts to setup module
This commit adds LinuxHardware.get_device_facts() and calls that from
.populate().

LVM facts are only gathered if the setup module is running as root and
the lvm utilities are available (tested by searching for 'vgs').

If the conditions are met, facts are set for each volume group and
logical volume.

Example:

Test LVM Data:
$ sudo vgs
  VG   #PV #LV #SN Attr   VSize VFree
  test   1   2   0 wz--n- 5.00g 2.00g
$ sudo lvs
  LV      VG   Attr      LSize Pool Origin Data%  Move Log Copy%  Convert
  testlv  test -wi-a---- 1.00g
  testlv2 test -wi-a---- 2.00g

Facts Returned:
$ ansible localhost -i /tmp/inv -m setup -a 'filter=ansible_lvm'
localhost | success >> {
    "ansible_facts": {
        "ansible_lvm": {
            "lvs": {
                "testlv": {
                    "size_g": "1.00",
                    "vg": "test"
                },
                "testlv2": {
                    "size_g": "2.00",
                    "vg": "test"
                }
            },
            "vgs": {
                "test": {
                    "free_g": "2.00",
                    "num_lvs": "2",
                    "num_pvs": "1",
                    "size_g": "5.00"
                }
            }
        }
    },
    "changed": false
}

Test as non-root:
$ ansible localhost -i /tmp/inv-user -m setup -a 'filter=ansible_lvm'
localhost | success >> {
    "ansible_facts": {},
    "changed": false
}

Test without lvm utilities available
$ sudo mv /sbin/vgs{,.bk}
$ ansible localhost -i /tmp/inv -m setup -a 'filter=ansible_lvm'
localhost | success >> {
    "ansible_facts": {},
    "changed": false
}
2015-07-28 07:46:01 +05:30
Brian Coca
5f8db9cd4b changed verbose_override to the new _ansible_verbose_override to keep in line with previous changes
output now defaults back to having indent=4
2015-07-27 22:15:44 -04:00
Trapier Marshall
250620f2ab Add pciid to LinuxNetwork interface fact
This commit adds pciid to the LinuxNetwork fact object.

pciid is gathered if the symlink /sys/class/net/*/device exists.

Example [>>>> emphasis <<<<]:

$ readlink /sys/class/net/eth0/device
../../../0000:01:00.0

$ ansible localhost --ask-pass -i /tmp/hosts -m setup -a "filter=ansible_eth0"
SSH password:
localhost | success >> {
    "ansible_facts": {
        "ansible_eth0": {
            "active": false,
            "device": "eth0",
            "macaddress": "0c:d2:92:5d:6e:8e",
            "module": "alx",
            "mtu": 1500,
       >>>> "pciid": "0000:01:00.0", <<<<
            "promisc": true,
            "type": "ether"
        }
    },
    "changed": false
}
2015-07-28 07:30:03 +05:30
Brian Coca
8746e692c1 changed check to allow for powerpc
fixes #11528
2015-07-27 21:44:17 -04:00
Brian Coca
0c21196633 moved openvz inventory script to new home 2015-07-27 20:53:53 -04:00
Brian Coca
164092a835 optimized module docs 2015-07-27 20:52:53 -04:00
Brian Coca
2575e1540a Merge pull request #11740 from amenonsen/8602-rebase
Encrypt the vault file after editing only if the contents changed
2015-07-27 20:45:03 -04:00
Toshio Kuratomi
d2346fd2e2 Python2.4 compat fix 2015-07-27 15:34:51 -07:00
James Cammarata
d6cafff2f9 Additional changes to fix fileglob relative path lookups 2015-07-27 16:35:57 -04:00
Toshio Kuratomi
6a68be4e28 Handle quoting of values in dict parameters 2015-07-27 12:31:05 -07:00
James Cammarata
cb262449c7 Reworking internal result flags and making sure include_vars hides vault data
Fixes #10194
2015-07-27 14:04:31 -04:00
James Cammarata
eebf437d87 Submodule pointer update 2015-07-27 12:51:58 -04:00
Brian Coca
b2b19a1dc4 Merge pull request #11751 from amenonsen/playwithoutbook
A better error message for «ansible playbook.yml»
2015-07-27 12:42:56 -04:00
James Cammarata
49a6601856 Further cleanup of internal use of ansible_ssh_host 2015-07-27 10:42:39 -04:00
James Cammarata
ee835ff7ad Add a base-level get_basedir method for lookup plugins and fix relative lookups
Fixes #11746
2015-07-27 10:41:28 -04:00
Abhijit Menon-Sen
65d62090c2 A better error message for «ansible playbook.yml»
This is a very conservative change: we add the hint only if we're
definitely going to die already.
2015-07-27 12:43:21 +05:30
James Cammarata
3a4dd523d3 Fix bug where we calculated the relative path of recurisive copies wrong
Fixes #11470
2015-07-27 02:29:38 -04:00
James Cammarata
a1a8997e89 Merge pull request #11663 from whereismyjetpack/fix_ansible_ssh_host
only set ansible_ssh_host if not already set
2015-07-26 23:46:21 -04:00
Brian Coca
a56ff7ae54 now it really is oneline 2015-07-26 23:14:07 -04:00
Brian Coca
5d1d9f1505 fixed diff output to be as it was in 1.x, copy and template now use the same
functions to do difs.
2015-07-26 22:29:56 -04:00
James Cammarata
c56a304ad9 Merge pull request #9195 from reedloden/add-dns-facts
Add several DNS-related facts by parsing /etc/resolv.conf
2015-07-26 14:59:55 -04:00
James Cammarata
ccb7fb3b4c Submodule pointer update 2015-07-26 14:41:49 -04:00
James Cammarata
034c766439 Fixing logic in template.py to not assume 'changed' is in the result 2015-07-26 13:57:25 -04:00
James Cammarata
a78ed39f93 Merge pull request #11743 from renard/regex_escape-filter
Regex escape filter
2015-07-26 13:52:01 -04:00
James Cammarata
db4b3544d7 Fix syntax error in action plugin template.py 2015-07-26 13:49:27 -04:00
Reed Loden
eb1fb41576 Add several DNS-related facts by parsing /etc/resolv.conf
Facts include nameservers, domain, search path, sortlist, and options.
2015-07-26 10:46:59 -07:00
Sébastien Gross
36534668f0 Change name from re_escape to regex_escape to fit existing function names. 2015-07-26 19:03:56 +02:00
Sébastien Gross
c1e4085251 Add regular expression escaping filter. 2015-07-26 19:03:27 +02:00
Brian Coca
0b6fadaad7 started implementing diff
diff now works with template
also fixed check mode for template and copy
2015-07-26 12:22:22 -04:00
Pablo Figue
f8bf2ba1bd Encrypt the vault file after editing only if the contents changed 2015-07-26 14:41:34 +05:30
James Cammarata
73aa5686cc Remove octal escapes from unicode escape handling
Fixes #11673
2015-07-25 16:30:11 -04:00
Brian Coca
5be384bab0 Merge pull request #11733 from amenonsen/csvfile
v2 breakage: lookupfile should lookup the given file=xxx
2015-07-25 11:53:22 -04:00
Brian Coca
b19eb0f4dc minor improvements to display 2015-07-25 09:15:33 -04:00
Abhijit Menon-Sen
8737061a8f lookupfile should lookup the given file=xxx
(Earlier it used to lookup the pre-split term.)
2015-07-25 15:38:26 +05:30
James Cammarata
eca88d4253 Merge pull request #11732 from amenonsen/9212-rebase
Forbid copy: content="" with a directory destination
2015-07-25 02:47:19 -04:00
Mario de Frutos
4ed664f4d0 Forbid copy: content="" with a directory destination
Fixes #9107, closes PR #9212
2015-07-25 11:21:14 +05:30
Brian Coca
b9710b4a34 wrapped new system ssh key lookup in case file does not exist 2015-07-24 23:54:13 -04:00
Patrick Michaud
e4df8c3d36 Have paramiko use /etc/ssh_known_hosts
Fixes an issue with a confusing error: "paramiko: The authenticity of host '[host]' can't be established" when ssh on the command line doesn't complain

Closes PR #7730
2015-07-25 09:09:28 +05:30
Brian Coca
0858d97c44 also captures typeerrors for when not getting a proper string in output 2015-07-24 18:43:40 -04:00
Toshio Kuratomi
8ee3b7384d Guard the PROTOCOL setting so that we work on older pythons 2015-07-24 15:07:02 -07:00
Toshio Kuratomi
36382face9 Add a warning about mode being octal 2015-07-24 14:52:21 -07:00
James Cammarata
eccfb7e0b5 Adding initial support for includes in handlers
Fixes #11694
2015-07-24 16:22:02 -04:00
Brian Coca
7215470c6f implemented galaxy list in v2 2015-07-24 16:18:55 -04:00
Will Thames
9abd9a8f57 Make ansible-galaxy work with galaxy.ansible.com
Now works with role files that use Ansible Galaxy roles
Still work to do on making this work with internal roles
2015-07-24 16:04:10 -04:00
Brian Coca
cff77de917 added todo for future of feature 2015-07-24 12:00:38 -04:00
Brian Coca
0089eb8102 reimplemented logging based on log_path var 2015-07-24 12:00:38 -04:00
James Cammarata
ff49c5adac Make sure we're actually looping before looking at 'results' in TaskResult
Fixes #11696
2015-07-24 11:55:22 -04:00
James Cammarata
0fcd53e887 Make sure the command is sudoable before checking for the become password
Fixes #11714
2015-07-24 11:37:26 -04:00
James Cammarata
e526743b4f Allowing args: "{{some_var}}" for task params again
This is unsafe and we debated re-adding it to the v2/2.0 codebase,
however it is a common-enough feature that we will simply mark it
as deprecated for now and remove it at some point in the future.

Fixes #11718
2015-07-24 10:33:12 -04:00
Brian Coca
681eab1158 fix adhoc that broke with assuming step is always in options 2015-07-24 10:03:43 -04:00