Files were being created in /tmp, but will now be created in $HOME/.ansible/cp/
Addresses CVE-2013-4259: ansible uses a socket with predictable filename in /tmp
relative pathing comes in handy on occasion, particularly when
delegating to localhost and running some command out of your playbook
repo. Making use of os.path.abspath will allow for the full path to
chdir and executable to be discovered if not provided.
The 'always_run' task clause allows one to execute a task even in
check mode.
While here implement Runner.noop_on_check() to check if a runner
really should execute its task, with respect to check mode option
and 'always_run' clause.
Also add the optional 'jinja2' argument to check_conditional() :
it allows to give this function a jinja2 expression without exposing
the 'jinja2_compare' implementation mechanism.
For some reason, ssh seems to ask for password even when
PasswordAuthentication is set to no, adding PreferredAuthentications
with the 2 options removed do the trick.
This extends ansible-pull so that it can support using other
source_control modules for checking out a playbook repository
(issue #3372). This will check to see if the module exists before
it attempts to do the checkout and will exit if the module is not found.
It requires that the module used to check out the repository support the
parameters 'name' and 'version'. The option -C, --checkout is now
optional and defaults to the module's default behavior for selecting a
branch, tag, or commit value. For git, this continues to be HEAD.
Other changes include:
* Remove git from help and use generic term(s) where needed.
* Use SortedOptParser from ansible.utils
* More abstraction of common options used between ansible and
ansible-playbook.
For issue #3372, apply consistent parameter aliases to source_control
modules. For hg, add name and version and add to documentation string.
For subversion, add version and document version and name aliases in
documentation string.
Tests `test_playbook_undefined_varsX_fail` check if ansible detects
undefined variables when `error_on_undefined_vars` is enabled. These
tests fail without "Improve behavior with error_on_undefined_vars
enabled" patch.
Tests `test_playbook_undefined_varsX_ignore` check if ansible ignores
undefined variables when `error_on_undefined_vars` is disabled.
Also modify PlayBook._run_task_internal() so error_on_undefined_vars is
testable.
Pass fail_on_undefined flag to recursive calls to `template` function,
so more undefined variables are detected.
Works only for Jinja style variables. Undefined legacy variables are
never detected.
Previously, hostvars would only expose a keys() list of hosts that had
been seen yet- however you could explicitly access the host if you knew
the name, and get the content that way. This precludes template code
from being able to safely access information about other hosts if any
limiters/tags were in use.
Additionally, the object was inconsistent for hostvars['myhost'] access
and [x[1] for x in hostvars.items() if x[0] == 'myhost'] access; this is
due to the original derivation from the dict object. .items() would be
handled by dict.items(), using the passed in setup_cache values without
using the actual lookup content.
This patch rebases the class implementation to a py2.6 dictmixin, fixing
those issues and restoring behaviour to match what the docs claim.
For link-local addresses, it is sometimes necessary to append the
interface to use for the ipv6 address. This patch extends the ipv6
regex to allow for '%ifnameX' at the end.
See https://bugzilla.redhat.com/show_bug.cgi?id=136852 for more info
Due to various inconsistencies of ssh and sftp regarding ipv6 and
ipv4 handling, some special arguments must be passed, and the
ipv6 must be passed in a specific format.
testing with a ipv6 :
ansible -u misc -i '[2002::c23e]:22,' '*' -m ping
fail due to parsing of ':' as a separator of port/ip with ipv4.
This commit add support for properly parsing 2002::c23 and the
bracket notation [2002::ce]:2222
Yum commandline permit to use a wildcard to enable and disable
repositories in the --enablerepo switch, permitting to enable
a complete set of repository at once ( like all rpmfusion, all
update-testing, etc ).
However, this doesn't work in yum due to more stringent checks
that verify that a exact match is given for the name of the
repository , see commit 5c26805.
This commit enhance the check by permitting to test more than
1 repository at a time, thus permitting to use wildcards.