* [stable-2.7] Wrap CLI passwords as AnsibleUnsafeText (#63352)
* isa string should rewrap as unsafe in get_validated_value
* _is_unsafe shouldn't be concerned with underlying types
* Start with passwords as text, instead of bytes
* Remove unused imports
* Add changelog fragment
* Update changelog with CVE.
(cherry picked from commit baeff7462d)
Co-authored-by: Matt Martz <matt@sivel.net>
* Update tests
This new script does not depend on ansible-test and provides much more robust job matrix testing.
It is also run on every job in the matrix now, to detect issues with jobs being re-run after matrix changes are made.
(cherry picked from commit d3da8e4a5b)
This avoids displaying the credentials in CI when retrying tests at maximum verbosity.
(cherry picked from commit b73e772)
Co-authored-by: Matt Clay <matt@mystile.com>
* prevent templating of passwords from prompt (#59246)
* prevent templating of passwords from prompt
fixes CVE-2019-10206
(cherry picked from commit e9a37f8e31)
* Improve performane of UnsafeProxy __new__
This adds an early return to the __new__ method of the UnsafeProxy object
which avoids creating the unsafe object if the incoming object is already
unsafe.
(cherry picked from commit c1e23c22a9fedafaaa88c2119b26dc123ff1392e)
(cherry picked from commit 490f17c7f9)
The docs now have multi-level breadcrumbs so including "Sanity Tests »" in the title on a sanity test page is redundant.
(cherry picked from commit b4494fa547)
(cherry picked from commit dd42aac878)
The nightly rpm builds were using a timestamp from the last git commit
in their Release field. Unfortunately, that was using author timestamp
which is nonsequential. Change to using commit timestamp which is
sequential.
note that this still has a cornercase if the branch's history is ever
rewritten.
(cherry picked from commit 97edfcc)
Co-authored-by: Toshio Kuratomi <a.badger@gmail.com>
- use include_vars to set appropriate packages and pip packages per distribution and version
- install an older version of Docker CE on RHEL 8 since a dependency is unavailable
- disable warnings on tasks that are ok
- skip tests for CentOS/RHEL 6.
(cherry picked from commit d50c8c2b83)
Co-authored-by: Sam Doran <sdoran@redhat.com>
- use single include_vars task rather than multiple set_fact tasks
- use multi-line YAML to break up long conditionals
- use version() test rather than direct comparisions
- use different appstream package on RHEL since '@swig:3.0/default' is not working in the GA.
(cherry picked from commit 16d6fcf514)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* Skip gitlab tests if dependencies aren't met
* Skip certain unittests if passlib is not installed
* Fix tests with deps on paramiko to skip if paramiko is not installed
* Use pytest to skip for cloudstack
If either on Python-2.6 or the cs library is not installed we cannot run
this test so skip it.
(cherry picked from commit 8acf71f78f)
Co-authored-by: Toshio Kuratomi <a.badger@gmail.com>
- don't background the nuage-vsd-sim
- increase the asncy timeout
- use uri to actually query the simulator API to make sure it is ready for connections
(cherry picked from commit 911a2ec6d3)
* docsite: remove lexers which have been fixed in Pygments 2.4.0 (#57508)
* Remove lexers which have been fixed in Pygments 2.4.0.
* Add Pygments >= 2.4.0 to test runner.
* Fix pages that triggered lexer errors.
Co-Authored-By: Sviatoslav Sydorenko <wk.cvs.github@sydorenko.org.ua>
(cherry picked from commit 505c99265c)
* fixes 'could not lex literal_block' errors
- Replace private key that expired an 2019-06-20 with a key that does not expire
- Document how to generate a new GPG key using an input file
(cherry picked from commit b9d77b997e)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* Use different package for DNF tests
Ninja caused errors in Fedora 30. This works in both Fedora 29 and 30.
* Fix git integration tests
Git >= 2.21.0 has either a bug or change in behavior where it errors when fetching a
repository containing submodules that are behind the upstream submodule commits.
It's weird and I don't fully understand it.
Get around this my checking out specific commits from a repository rather than
switch the origin URL.
* Fix PostgreSQL tests
The error message is slightly different.
(cherry picked from commit 18feeb51a8)
Co-authored-by: Sam Doran <sdoran@redhat.com>
