* Use visudo to validate sudoers rules before use
* Replace use of subprocess.Popen with module.run_command
* Switch out apt for package
* Check file mode when verifying file to determine whether something needs to change
* Only install sudo package for debian and redhat environments (when testing)
* Attempt to install sudo on FreeBSD too
* Try just installing sudo for non-darwin machines
* Don't validate file ownership
* Attempt to install sudo on all platforms
* Revert "Attempt to install sudo on all platforms"
This reverts commit b9562a8916.
* Remove file permissions changes from this PR
* Add changelog fragment for 4794 sudoers validation
* Add option to control when sudoers validation is used
* Update changelog fragment
Co-authored-by: Felix Fontein <felix@fontein.de>
* Add version_added to validation property
Co-authored-by: Felix Fontein <felix@fontein.de>
* Also validate failed sudoers validation error message
Co-authored-by: Felix Fontein <felix@fontein.de>
* Make visudo not executable instead of trying to delete it
* Update edge case validation
* Write invalid sudoers file to alternative path to avoid breaking sudo
* Don't try to remove or otherwise modify visudo on Darwin
* Update plugins/modules/system/sudoers.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Remove trailing extra empty line to appease sanity checker
Co-authored-by: Felix Fontein <felix@fontein.de>
* passwordstore: Make compatible with shims, add backend config
This allows using the passwordstore plugin with scripts that wrap other
password managers. Also adds an explicit configuration (`backend` in
`ini` and `passwordstore_backend` in `vars`) to set the backend to `pass`
(the default) or `gopass`, which allows using gopass as the backend
without the need of a wrapper script. Please be aware that gopass
support is currently limited, but will work for basic operations.
Includes integrations tests.
Resolves#4766
* Apply suggestions from code review
* Only pass subcommands when they are specified as module arguments.
* When 'subcommands' is specified, 'link' must be given for every subcommand.
* Extend subcommand tests.
* alternatives: Fix bug with priority default
If neigther the priority nor the subcommands where specified the module decided to update the priority with the default value anyway. This resulted in bug #4803 and #4804
* Add changelog fragment.
* Distinguish None from 0.
* Address review comments.
* Update plugins/modules/system/alternatives.py
Co-authored-by: Pilou <pierre-louis@libregerbil.fr>
* Remove unrelated issues from changelog.
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Pilou <pierre-louis@libregerbil.fr>
* Ensure sudoers config files are created with 0440 permissions to appease visudo validation
* Remove change not required by the bugfix
* Add changelog fragment for 4814 sudoers file permissions
* Update changelogs/fragments/4814-sudoers-file-permissions.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Have less oct casting
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
* Add slaves parameter for module alternatives.
* alternatives: Improve documentation abous slaves parameter
* alternatives: Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
* alternatives: Add schangelog for slaves parameter
* alernatives: Add integration tests
* alternatives: Improv tests
* alternatives: Update tests/integration/targets/alternatives/tasks/slaves.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* alternatives: Rework logic to support updating priority and subcommands
* alternatives: Use more inclusive naming
* alternatives: Fix linter warnings
* alternatives: Dont fail if link is absent
* alternatives: Update changelog fragment
* alternatives: Add tests for prio change and removing
* alternatives: Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
* alternatives: Add `state=auto`to reset mode to auto
* alternatives: Fix linter warnings
* alternatives: Fix documentation.
* alternatives: Combine multiple messages.
* alternatives: Set command env for all commands.
* alternatives: Do not update subcommands if parameter is omited
* alternatives: Fix a bug with python 2.7 var scoping
* alternatives: Improce diff before generation
* alternatives: Fix linter warnings
* alternatives: Fix test names
* alternatives: Simplify subcommands handling and improve diffs
* aliases: Only test for subcommand changes if subcommands parameter is set.
* Update plugins/modules/system/alternatives.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
* Add RHEL 9.0 and FreeBSD 13.1 to CI.
* RHEL 9 has no pyOpenSSL apparently.
* Adjust URL for EPEL.
* Fix cargo install on FreeBSD 13.1.
* Add Ubuntu 22.04 and Fedora 36 to CI.
* Fix logic.
* filesystem: do not die output line does not contain ':'
* Skip django_manage tests on RHEL 9 as well.
* homectl tests don't work with RHEL 9.0.
* Improve error handling, improve fatresize output handling.
* Skip Fedora 36.
* Skip filesystem vfat tests on Ubuntu 22.04.
There, resizing fails with a bug:
Bug: Assertion (disk != NULL) at ../../libparted/disk.c:1620 in function ped_disk_get_partition_by_sector() failed.
* 'trusty' is 14.04. Adding 22.04 to skip list.
* Skip jail tests for FreeBSD 13.1.
* Add config for postgres on Ubuntu 22.04.
* Make CentOS 6 happy.
* Adjust postgres version.
* Try installing EPEL a bit differently.
* Skip ufw and iso_extract tests on RHEL 9.
* Skip odbc tests on RHEL 9.
* Skip RHEL 9.0 for snap tests.
* Add changelog fragment for filesystem code changes.
* Add 'activate' parameter for alternatives
Allow alternatives to be installed without being set as the current
selection.
* add changelog fragment
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
* rename 'activate' -> 'selected'
* rework 'selected' parameter -> 'state'
* handle unsetting of currently selected alternative
* add integration tests for 'state' parameter
* fix linting issues
* fix for Python 2.7 compatibility
* Remove alternatives file.
Co-authored-by: Felix Fontein <felix@fontein.de>
* initial commit, passing unit tests
* passing one very silly integration test
* multiple changes:
- updated copyright year
- cmd_runner
- added fmt_optval
- created specific exceptions
- fixed bug in context class where values from module params were not
being used for resolving cmd arguments
- changed order of class declaration for readability purpose
- tests
- minor improvements in integration test code
- removed some extraneous code in msimple.yml
- minor improvements in unit tests
- added few missing cases to unit test
* multiple changes
cmd_runner.py
- renamed InvalidParameterName to MissingArgumentFormat
- improved exception parameters
- added repr and str to all exceptions
- added unpacking decorator for fmt functions
- CmdRunner
- improved parameter validation
- _CmdRunnerContext
- Context runs must now pass named arguments
- Simplified passing of additional arguments to module.run_command()
- Provided multiple context variables with info about the run
Integration tests
- rename msimple.py to cmd_echo.py for clarity
- added more test cases
* cmd_runner: env update can be passed to runner
* adding runner context info to output
* added comment on OrderedDict
* wrong variable
* refactored all fmt functions into static methods of a class
Imports should be simpler now, only one object fmt, with attr access to all callables
* added unit tests for CmdRunner
* fixed sanity checks
* fixed mock imports
* added more unit tests for CmdRunner
* terminology consistency
* multiple adjustments:
- remove extraneous imports
- renamed some variables
- added wrapper around arg formatters to handle individual arg ignore_none behaviour
* removed old code commented out in test
* multiple changes:
- ensure fmt functions return list of strings
- renamed fmt parameter from `option` to `args`
- renamed fmt.mapped to fmt.as_map
- simplified fmt.as_map
- added tests for fmt.as_fixed
* more improvements in formats
* fixed sanity
* args_order can be a string (to be split())
and improved integration test
* simplified integration test
* removed overkill str() on values - run_command does that for us
* as_list makes more sense than as_str in that context
* added changelog fragment
* Update plugins/module_utils/cmd_runner.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* adjusted __repr__ output for the exceptions
* added superclass object to classes
* added additional comment on the testcase sample/example
* suggestion from PR
Co-authored-by: Felix Fontein <felix@fontein.de>
* pacman: Fix removing locally installed packages
Without this, using `absent` state for a locally installed package (for example from AUR, or from a package that was dropped from repositories) would return that package is already removed, despite remaining installed
* Undo unwanted whitespace removal
* Add changelog fragment
* Update changelogs/fragments/4464-pacman-fix-local-remove.yaml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Add test.
Co-authored-by: Felix Fontein <felix@fontein.de>
* Adds optional `-upgrade` flag to terraform init.
This allows Terraform to install provider dependencies into an existing project when the provider constraints change.
* fix transposed documentation keys
* Add integration tests for terraform init
* Revert to validate_certs: yes for general public testing
* skip integration tests on irrelevant platforms
* skip legacy Python versions from CI tests
* add changelog fragment
* Update plugins/modules/cloud/misc/terraform.py
Adds version_added metadata to the new module option.
Co-authored-by: Felix Fontein <felix@fontein.de>
* Change terraform_arch constant to Ansible fact mapping
* correct var typo, clarify task purpose
* Squashed some logic bugs, added override for local Terraform
If `existing_terraform_path` is provided, the playbook will not download Terraform or check its version.
I also tested this on a local system with Terraform installed, and squashed some bugs related to using of an
existing binary.
* revert to previous test behavior for TF install
* readability cleanup
* Update plugins/modules/cloud/misc/terraform.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* [WIP] pids: re-enabled tests on Alpine Linux
* trying to compile a simple-faked sleep command
* make FreeBSD happy
* remove the block testing for Alpine Linux
* simpler version of sleeper.c
* simpler version of sleeper.c, part II
* Update tests/integration/targets/pids/tasks/main.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update tests/integration/targets/pids/tasks/main.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* added license to sleeper.c file
Co-authored-by: Felix Fontein <felix@fontein.de>
* feat: sudoers module supports runas parameter with default of root
* fix: sudoers tests now pass
* chore: add changelog fragment for 4380
* fix: runas feature now a non-breaking change wh no def with no default
* fix: no trailing space in sudoers.py
* Update plugins/modules/system/sudoers.py
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
* Implement change detection for update_cache=true. Add cache_updated return value.
* ...
* Make sure pacman --sync --list is called only as often as necessary.
* pacman: add support for remove_nosave
New parameter: remove_nosave
When enabled, will pass --nosave to pacman when removing packages.
--nosave cannot be used with --print-format and thus it couldn't be
passed via extra_args. See #4315
The code adds the option right before the actual removal of the pkgs.
(This is based on an initial diff from MorphBonehunter)
* changelog
* Update plugins/modules/packaging/os/pacman.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* wording
* ssss
* remove_package: simplify {force,extra,nosave}_args
Co-authored-by: Felix Fontein <felix@fontein.de>
* pacman: re-adding support for URL based pkgs
* Update plugins/modules/packaging/os/pacman.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/packaging/os/pacman.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* cmd=cmd in every call to self.fail()
* pacman: integration test for mixed pkg sources
* Add more tests + fix minor bug with URL packages
Version checking for URL packages is left to pacman, so add a check
after the dry run to see if it would actually install anything.
* remove double templating
Co-authored-by: Felix Fontein <felix@fontein.de>
* Make sure that every test that uses package: requires setup_pkg_mgr.
* Upgrade system packages for Arch Linux.
* Re-enable java keytool tests on Arch.
* fix sparse file creation on Alpine linux
* re-enable tests for Alpine
* remove `conv=sparse` flag (rely only on `seek=fullsize` & `count=0`)
* doc: add a reference to busybox's dd
* doc: remove restrictions for OpenBSD, Solaris & AIX (should work as
for Alpine linux now)
* add a changelog fragment
* fix typo
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
* Rework of gitlab_project_variable over gitlab_group_variable
* Linting and removed unused example
* Fix test 2
* Sync from review of gitlab_project_variable #4038
* Linting, default protected True, value optional
* Next version is 4.5.0
* Roll back protected default true, and value not required
* Apply suggestions from code review
Missing check_mode
Co-authored-by: Markus Bergholz <git@osuv.de>
* Fix one unit test, comment test that requires premium gitlab
* Add changelog
* Update plugins/modules/source_control/gitlab/gitlab_group_variable.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update changelogs/fragments/4086-rework_of_gitlab_proyect_variable_over_gitlab_group_variable.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Added conditional gitlab_premium_tests variable when required
* Allow delete without value
* Fix variable name
* Linting
* Value should not be required in doc
* Linting missing new-line
* Update changelogs/fragments/4086-rework_of_gitlab_proyect_variable_over_gitlab_group_variable.yml
Co-authored-by: Markus Bergholz <git@osuv.de>
Co-authored-by: Markus Bergholz <git@osuv.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
* value is not required when state is absent
* fix integration test. missing value
* fix condition
* add changelog fragment
* fail fast
* try required_if on suboptions
* revert
* Update plugins/modules/source_control/gitlab/gitlab_project_variable.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* fix naming in doc
* typo in name
Co-authored-by: Felix Fontein <felix@fontein.de>
* homebrew_cask: reinstall when force is install option
* add changelog entry
* Fix OSX CI runs - run as non-root
* test with cask that has no macos dependencies
* use `brooklyn` cask to test
