James Cammarata
bb723bedee
Merge branch 'atomic_move_restore_owner_group_rebase' of https://github.com/tyll/ansible into tyll-atomic_move_restore_owner_group_rebase
2014-03-24 09:34:51 -05:00
Herby Gillot
c0886a5f3a
Add a fact providing the full hostname, without the domain portion
...
truncated.
2014-03-23 21:59:47 -04:00
Francisco José Marques Vieira
e9d7476c28
Add missing sha1 import on known_hosts.py
2014-03-23 17:19:23 +00:00
Till Maas
898a38b074
module_utils/atomic_move(): Use tempfile module
...
Fix a potential race condition by using the tempfile module.
2014-03-20 12:34:19 +01:00
Till Maas
8f778a83df
module_utils/atomic_move(): Restore owner/group
...
Manually restore owner and group if both src and dest are on a separate
file system.
2014-03-20 12:34:19 +01:00
James Cammarata
4880cfb5ea
Merge pull request #6568 from sivel/ssl-cert-validation-osx
...
Make SSL verification on Mac OS X work out of the box
2014-03-19 13:45:45 -05:00
James Tanner
67517e96d3
Fixes #6567 put the git wrapper script in the module temp dir
2014-03-19 10:30:10 -04:00
Matt Martz
1d3d73a0b6
Only write the DUMMY_CA_CERT on OS X
2014-03-19 09:01:13 -05:00
Matt Martz
3b5aa8bd30
Provide a dummy ca to allow OS X to do it's OpenSSL keychain magic
2014-03-18 17:16:44 -05:00
James Cammarata
3f5440f7df
Make modules set a valid working directory
...
Fixes #6546
2014-03-18 10:37:52 -05:00
Michael DeHaan
13f69dad05
Merge pull request #6527 from patrickheeney/hosts-bug
...
Fix for hostkey directory
2014-03-17 17:35:27 -04:00
James Cammarata
5d8c9d3f0f
Merge branch 'file_fixes_clean' of https://github.com/bcoca/ansible into bcoca-file_fixes_clean
2014-03-17 14:03:26 -05:00
patrickheeney
a9aab23f11
Fix for hostkey directory
2014-03-17 09:00:08 -07:00
Greg Dallavalle
77229553a3
fetch_url: Avoid credential stripping for FTP-scheme URLs
2014-03-16 20:41:03 -05:00
Michael DeHaan
b0dbc61d63
Move facts to 'module_utils' so they can be referenced by other modules. Note unlike other module_utils/ dirs this keeps the original
...
license -- so usage of facts code in modules will be limited to GPLv3 modules.
2014-03-16 16:12:02 -04:00
Brian Coca
2d25577e11
Fixes and cleanup to file functions and module
...
- unified set attribute functions ... not sure why 2 identical functions
exist with diff names, now there are 3 while i repoint all modules to 1
- fixed issue with symlinks being created w/o existing src when force=no
- refactored conditionals, simplified where possible
- added tests for symlink to nonexistant source, with both force options
- made symlink on existing attomic (force)
2014-03-15 13:54:24 -04:00
James Cammarata
a0cb974575
Be sure to return to the old directory if cwd is set in run_command
2014-03-13 16:24:29 -05:00
James Tanner
a348f67238
Reset the current directory after running subprocess.Popen
2014-03-13 17:15:23 -04:00
James Cammarata
677008bef7
Rejoin args list into a string for run_command when using an unsafe shell
...
This allows the use of an args list with leading environment variables,
which otherwise would fail due to the way Popen works.
2014-03-13 14:31:32 -05:00
James Cammarata
5233d4bc31
Fix typo in run_command when sending data that is not binary
2014-03-13 14:28:51 -05:00
James Cammarata
b1a37dcc08
Revert "Rejoin args list into a string for run_command when using an unsafe shell"
...
This reverts commit 4273cb2d8e
.
2014-03-13 14:04:51 -05:00
James Cammarata
4273cb2d8e
Rejoin args list into a string for run_command when using an unsafe shell
...
This allows the use of an args list with leading environment variables,
which otherwise would fail due to the way Popen works.
2014-03-13 13:51:59 -05:00
James Cammarata
303e085f8b
Only use cwd in run_command kwargs if the directory exists
2014-03-12 15:59:55 -05:00
James Cammarata
60a7f57300
Make sure the cwd exists in run_command before trying to use it
2014-03-12 14:33:31 -05:00
Dan Koch
bbf320fd22
Work around for cwd stat problems with run_command and sudo
...
This fixes issue #6443
2014-03-12 14:59:50 -04:00
James Cammarata
2c7d58abe0
Compile ca certs into a temp file to reduce number of attempts
...
For those who may have a large number of certs found, this can reduce
the number of ssl connections attempted.
2014-03-12 13:45:16 -05:00
Michael DeHaan
d37f0c6d12
Use same implementation as ssh.py for "is in host file" checks in module code, prevents git module from adding keys more than once.
2014-03-12 14:11:45 -04:00
Michael DeHaan
6d841d120e
Don't process shell commands as arrays.
2014-03-12 11:57:28 -04:00
James Cammarata
a9017af2bb
Adding validate_certs to all modules that use fetch_url
2014-03-12 10:19:54 -05:00
Michael DeHaan
cfabc2e28a
module.run_command is intended to bypass the shell here, so can't do ">>"
2014-03-12 10:57:49 -04:00
James Cammarata
7f38cff989
Remove unused code from get_ca_certs() function
2014-03-12 09:33:19 -05:00
James Cammarata
804e4166c8
Rewriting ssl validation to try multiple certs found in paths
...
Previously, the function checked only for a single CA root cert, however
some distributions may have multiple certs in a directory. This will now
try any .crt or .pem file contained within several common paths for
each platform.
Fixes #6412
2014-03-12 09:21:19 -05:00
Michael DeHaan
0b0ca95731
Expand environment variables and tildes passed to commands generically across the board.
2014-03-12 10:11:09 -04:00
James Cammarata
430cce9df3
Merge branch 'ec2_security_token' of https://github.com/willthames/ansible into willthames-ec2_security_token
2014-03-11 10:45:38 -05:00
Michael DeHaan
411bcb7161
Merge remote branch 'real/devel' into devel
2014-03-10 19:11:21 -04:00
James Tanner
ba0fec4f42
Force command action to not be executed by the shell unless specifically enabled
2014-03-10 16:13:30 -05:00
James Cammarata
9730157525
Validate SSL certs accessed through urllib*
...
* Adds another module utility file which generalizes the
access of urls via the urllib* libraries.
* Adds a new spec generator for common arguments.
* Makes the user-agent string configurable.
Fixes #6211
2014-03-10 16:06:52 -05:00
Franck Cuny
82f99bfa3d
Add BSD license to module_utils/gce.py
2014-03-10 12:02:45 -07:00
James Cammarata
2a0028e687
Sanitize run_command argument output
...
Fixes #6316
2014-03-06 13:34:22 -06:00
Will Thames
b9a7352e0a
Work to allow security tokens and profiles to work with Ansible
...
Allow security tokens and profiles to be used as arguments
to the 'common' ec2 modules
Mostly refactoring to provide two new methods,
`get_aws_connection_info`, which results in a dict that can be
passed through to the boto `connect_to_region` calls, and
`connect_to_aws` that can pass that dict through to the
`connect_to_region` method of the appropriate module.
Tidied up some variable names
Works around boto/boto#2100
profiles don't work with boto < 2.24, but this detects for that
and fails with an appropriate message. It is designed to work
if profile is not passed but boto < 2.24 is installed.
Modifications to allow empty aws auth variables to be passed
(this is useful if wanting to have the keys as an optional
parameter in ec2 calls - if set, use this value, if not set,
use boto config or env variables)
Reworked validate_certs improvements to work with refactoring
Added documentation for profile and security_token to affected modules
2014-03-06 16:28:30 +10:00
Franck Cuny
6294264dc4
Add credential parameters to the GCE modules.
...
In order to simplify the workflow with the GCE modules, it's now
possible to add the parameters and project name as arguments to the
various GCE modules.
The inventory plugin also returns the IP of the host in
`ansible_ssh_host` so that you don't have to specify IPs into the
inventory file.
Some update to the documentation are also added.
Closes #5583 .
2014-03-04 19:27:49 -08:00
James Cammarata
14ba10393b
Minor tweak to region config in boto configuration file
2014-02-26 15:40:33 -06:00
James Cammarata
88acb48e61
Merge branch 'ec2_boto_config_region' of https://github.com/willthames/ansible into willthames-ec2_boto_config_region
2014-02-26 15:32:05 -06:00
James Cammarata
8a7c68dc18
Merge branch 'ec2-params' of https://github.com/scottanderson42/ansible into scottanderson42-ec2-params
...
Conflicts:
lib/ansible/module_utils/ec2.py
library/cloud/ec2
2014-02-26 09:37:26 -06:00
James Cammarata
3b2d409906
Fixing several bugs in assemble and updating tests
...
Bugfixes:
* the remote_src param was not being converted to a boolean correctly,
resulting in it never being used by the module as the default behavior
was remote_src=True (issue #5581 )
* the remote_src param was not listed in the generic file params, leading
to a failure when the above bug regarding remote_src was fixed
* the delimiter should always end with a newline to ensure that the file
fragments do not run together on one line
Fixes #5581
2014-02-24 14:27:23 -06:00
James Cammarata
b6222abee6
Fix unicode decode error in syslog for modules
...
Fixes #6056
2014-02-19 09:42:01 -05:00
Martin Thorsen Ranang
7e23ed345f
Avoid breaking on unicode input when logging to syslog in modules
...
After commit 254f87e
, non-ascii input broke logging to syslog.
2014-02-17 23:56:08 +01:00
James Cammarata
0cfaabf9cb
Make sure unicode params don't break logging in modules
2014-02-17 13:37:48 -06:00
James Cammarata
faa645c834
Merge pull request #6001 from jimi-c/issue_4087_sanitize_output
...
Filter out messages that match the pattern username:password@host
2014-02-14 09:54:05 -06:00
Chris Hoffman
affed67ebd
Small fix for ec2 validate_certs option
2014-02-13 16:30:31 -05:00
James Cammarata
b8646991db
Filter out messages that match the pattern username:password@host
...
This filtering is done in both the module invocation logging and in
the regular verbose() logging output.
Fixes #4087
2014-02-13 14:23:49 -06:00
James Cammarata
056d54ebd3
Adding 'validate_certs' option to EC2 modules
...
When disabled, the boto connection will be instantiated without validating
the SSL certificate from the target endpoint. This allows the modules to connect
to Eucalyptus instances running with self-signed certs without errors.
Fixes #3978
2014-02-13 12:32:49 -06:00
James Cammarata
254f87e7dd
Fix log handling of unicode output to syslog in modules
2014-02-12 11:27:52 -06:00
James Cammarata
a023cbce14
When using jsonify in modules, try several unicode encoding for dumps()
...
Fixes #4821
2014-02-11 14:19:40 -06:00
Scott Anderson
baf508a379
Change standard AWS access and secret key parameter names to aws_access_key and aws_secret_key. Fixes an authentication problem with the rds module and standardizes the naming convention on something more encompassing than ec2_*_key.
2014-02-08 18:35:26 -05:00
James Tanner
b3ab7e7885
Check mutually_exclusive parameters before applying defaults
2014-02-07 13:42:08 -05:00
Will Thames
d5c309e20d
Pick up default EC2 region from boto.config
...
This doesn't account for boto configs where e.g. RDS has one
default region and EC2 another - all will default to `ec2_region_name`.
However, this is just handy to allow an easy site wide default
region if existing configuration already relies on it.
Modules can be improved to mention this in the documentation and
turn off required=True where needed. But it works with `ec2`
and `ec2_vol` without change.
2014-02-07 22:30:16 +10:00
Will Thames
7600c664fe
Create a common EC2 connection argument spec for EC2 modules
...
Refactor the currently well-factored ec2 modules (i.e. those that already use ec2_connect) to
have a common argument spec. The idea is that new modules can use this spec without duplication
of code, and that new functionality can be added to the ec2 connection code (e.g. security
token argument)
2014-02-06 15:27:41 +10:00
James Cammarata
75e3b59bbd
Adding no_log: capability for tasks
...
Fixes #4088
2014-01-31 16:58:46 -06:00
Matt Martz
ac666e63e0
Support providing a tenant_name also
2014-01-28 13:58:41 -06:00
Matt Martz
aa709012ba
Make sure to also include the region when using keyring_auth
2014-01-28 13:58:41 -06:00
Matt Martz
021b926235
Only specify to USE_KEYRING as the api_key/password when we actually got a keyring_username from ~/.pyrax.cfg
2014-01-28 13:58:41 -06:00
Matt Martz
1ac7dffd55
Support using ~/.pyrax.cfg and multi environments
2014-01-28 13:58:41 -06:00
Matt Martz
139e905e98
identity_type is set dynamically above
2014-01-28 13:58:41 -06:00
Matt Martz
bc473c5be3
Support additional attributes that would allow the rax modules to work with other OpenStack clouds
2014-01-28 13:58:41 -06:00
Matt Martz
d7597414b8
Support keyring for the api_key
2014-01-28 13:58:40 -06:00
James Tanner
3ec043ec17
Fixes #5750 Fail on missing ~/.ssh and ignore accept_hostkey if stricthoskeychecking is off
2014-01-28 11:49:35 -05:00
Rob Smith
953dc6b345
When not finding a host in ~/.ssh/known_hosts, the return value is 0 if the host just is not found. We then never check the system host file in /etc. This fixes the code to check /etc on any failure, not just a bad return code.
2014-01-20 18:56:39 -08:00
Matt Martz
d46037d64c
Do not log the rax api_key argument in module invocation
2014-01-15 16:38:03 -06:00
willthames
31f5ecea60
Allow float as an argument type in AnsibleModule
2014-01-13 14:15:23 +10:00
Rob Smith
c15cffabdd
This fixes bugs added as a part of 8665b0638a
...
1. if accept_hostkey is false, no matter if the host key is known or not, it will fail.
2. We don't check for the host key in /etc/ssh/ssh_known_hosts
This fixes both of those issues.
2014-01-12 02:12:44 -08:00
James Tanner
3719f3f496
Do not fetch or add keys for http based git urls
2014-01-11 15:15:23 -05:00
James Tanner
eeee1e1c5a
Set accept_hostkey to False by default in the git module and fail
...
early if the key is unknown
2014-01-11 11:02:01 -05:00
James Tanner
8665b0638a
Add an "accept_hostkey" parameter to the git module to help automatically
...
accept hostkeys for git repos and prevent task hangs when the key is unknown
2014-01-11 10:36:45 -05:00
willthames
12005a1cd0
Move more responsibility to common EC2 module
...
Moved `AWS_REGIONS` into `ec2` module
Created `ec2_connect` method in `ec2` module
Updated modules able to use `ec2_connect` and `AWS_REGIONS`
2013-12-17 14:07:24 +10:00
jctanner
301a1189dd
Merge pull request #5122 from willthames/openlog_str
...
Make first argument to syslog.openlog be a string
2013-12-13 08:51:48 -08:00
Paulo Bittencourt
fc3597af5d
files/file: add support for symbolic permission modes
2013-12-09 04:32:36 +00:00
James Tanner
bf78d8cf73
Addresses #5090 setup module was using path.is_file instead of path.isfile
2013-12-05 11:36:54 -05:00
jctanner
2670529671
Merge pull request #5090 from dragon3/hostname_support_amazon_linux
...
hostname module: add support for Amazon Linux
2013-12-03 12:34:55 -08:00
Will Thames
76aca4d547
Make first argument to syslog.openlog be a string
...
syslog.openlog expects its first argument to be a string.
Without this change running under ipython fails.
2013-12-02 19:11:27 +10:00
dragon3
d39e6fda92
hostname module: add support for Amazon Linux
2013-11-28 09:31:25 +09:00
Matt Martz
3f2cbb7583
Add ansible.module_utils.rax
2013-11-21 15:46:25 -06:00
jctanner
009fdbf96a
Merge pull request #4896 from mjschultz/aws-access-keys
...
Check for AWS keys using boto names
2013-11-14 12:59:07 -08:00
jctanner
e4494be8c6
Merge pull request #4803 from dragon3/devel
...
Don't fail if ec2_access_key/ec2_secret_key not specified to use IAM rol...
2013-11-14 05:55:48 -08:00
Michael J. Schultz
5f9485499c
Check for AWS keys using boto names
...
- see https://github.com/boto/boto#getting-started-with-boto
2013-11-13 16:01:39 -06:00
James Tanner
74e7eba528
Fixes #4506 test length of context before checking invalid indexes
2013-11-08 13:17:02 -05:00
James Tanner
898de833b0
Merge pull request #4413 from jerm/ansible
...
Add capability to pass in a PATH prefix to run_command and allow pip module
to utilize that to make virtualenv bin/ available in pip installs
2013-11-07 15:51:27 -05:00
dragon3
ff5bd7fe06
Don't fail if ec2_access_key/ec2_secret_key not specified to use IAM role.
2013-11-04 23:41:44 +09:00
willthames
76c810afe3
AWS_ACCESS_KEY misspelt in shared EC2 connection library
2013-11-04 15:24:53 +10:00
James Tanner
afa5988391
Fixes #4540 Use shared module snippet to evaluate ec2 credentials
2013-11-01 11:59:24 -04:00
James Tanner
dc4d589ce0
Fixes #4767 detect hard links and set state in add_file_info
2013-11-01 09:41:22 -04:00
Michael DeHaan
b1b5280075
Reapply pep8 changes from previous revert.
2013-10-31 19:47:44 -04:00
Michael DeHaan
465f3b1c91
This allows type=dict in a module to allow passing in a real dict or JSON.
2013-10-31 18:46:13 -04:00
Michael DeHaan
d34a26e307
Undo an inadvertant revert from template changes so we still allow pythonic imports in module land.
2013-10-31 16:53:05 -04:00
James Tanner
d154bf8781
Revert templating enhancements from 73dbab70
e6c28658
d409352c
9858b1f2
4587528b
9b1fe455
214b0b05
8d3db803
7f9504d1
5031104c
35cb9dc2
2bd8cb57
1e85c754
2013-10-30 10:50:16 -04:00
Michael DeHaan
54c902f102
Identation + misc PEP8 fixes.
2013-10-26 11:18:11 -04:00
Michael DeHaan
bbb359870e
Add package file.
2013-10-26 11:10:54 -04:00
Michael DeHaan
9858b1f2f3
Enable imports to work on a snippet based system, allowing for instance a library of common EC2 functions
...
to be reused between modules. See library/system/service and library/system/ping for initial examples. Can
work the old way to just import 'basic', or can import the new way to import multiple pieces of code from
module_utils/.
2013-10-26 11:09:30 -04:00