* Register projections and action plugin variable API
Co-authored-by: Matt Clay <matt@mystile.com>
Co-authored-by: Patrick Kingston <pkingsto@redhat.com>
* Add new psrp options and change service default
Add new options to the `psrp` connection plugin to specify the profile
loading behaviour and a password to use for decrypting the certificate
authentication private key.
This also changes the `negotiate_service` default from `WSMAN` to `host`
to improve compatibility with Windows targets that may not have the
`WSMAN` SPN registered like domain controllers and align with the
defaults the native PowerShell PSRemoting client uses.
* Update lib/ansible/plugins/connection/psrp.py
Co-authored-by: Abhijeet Kasurde <akasurde@redhat.com>
---------
Co-authored-by: Abhijeet Kasurde <akasurde@redhat.com>
* Add PowerShell 7 support
Add support for running PowerShell modules cross platform and with
PowerShell 7. Tidies up some PowerShell shell plugin methods to make
it more reflective of the target shell vs a shell used for Windows.
Currently only Windows is officially supported with a plan on adding
tests and official support for non-Windows platforms at a later date.
ci_complete
* Fix pslint sanity issues
* Fix up typos
* Update lib/ansible/plugins/connection/psrp.py
Co-authored-by: Brian Scholer <1260690+briantist@users.noreply.github.com>
* Add note about relative symlink
* Use TracebacksFor instead of Verbosity for debug info
* Use proper powershell name in CI script
* Remove extra ansible-test changes leftover from rebase
---------
Co-authored-by: Brian Scholer <1260690+briantist@users.noreply.github.com>
The local connection plugin is incorrectly passing a bytearray to methods of become plugins that expect bytes. A recent change to the su plugin exposed this by breaking the become plugin for different locale settings (the bytearray was not properly converted to a str for comparison operations). This changes the local connection plugin to send bytes.
* winrm - Add better Kerberos error
Adds a better error when Kerberos authentication is requested but the
`pykerberos` library is not installed. This also removes the fallback to
basic auth if the username is in the UPN format and no transport/auth
method is specified. This is because a UPN user must be a domain account
and domain accounts cannot be used with basic auth.
* Add more docs about user settings
* Fix some grammar issues
Fix ssh plugin host variables. Variable names should conform to Python variable naming rules.
, and not contain characters like "[" or "]".
Update unit test
* Fix handling FileExistsError, instead of only handling OSError when the human-readable error message is "File exists".
Co-authored-by: Matt Clay <matt@mystile.com>
- from_yaml/from_yaml_all filters now preserve trust
- YAML dumping can once again handle undecryptable vaulted values
- increased test coverage
Co-authored-by: Matt Davis <nitzmahone@redhat.com>
async_status and async_wrrapper now use booleans instead of 0/1 for 'thruthyness'
gather_facts also updated
Co-authored-by: 🇺🇦 Sviatoslav Sydorenko (Святослав Сидоренко) <wk.cvs.github@sydorenko.org.ua>
Co-authored-by: Matt Clay <matt@mystile.com>
* Add support for Windows App Control/WDAC
Adds preview support for Windows App Control, formerly known as WDAC.
This is a tech preview feature and is designed to test out improvements
needed in future versions of Ansible.
* Use psd1 and parse it through the Ast to avoid any unexpected execution results
* Add tests for various manifest permutations
* Ignore test shebang failure
* Apply suggestions from code review
Co-authored-by: Matt Davis <6775756+nitzmahone@users.noreply.github.com>
* Use more flexible test expectations
* Add type annotations for shell functions
---------
Co-authored-by: Matt Davis <6775756+nitzmahone@users.noreply.github.com>
* See changelog fragment for most changes.
* Defer early config warnings until display is functioning, eliminating related fallback display logic.
* Added more type annotations and docstrings.
* ansible-test - pylint sanity for deprecations improved.
* Refactored inline legacy resolutions in PluginLoader.
Co-authored-by: Matt Clay <matt@mystile.com>
* Implement TaskResult backward compatibility for callbacks
* general API cleanup
* misc deprecations
Co-authored-by: Matt Clay <matt@mystile.com>
* fix v2_on_any deprecation exclusion for base
---------
Co-authored-by: Matt Clay <matt@mystile.com>
Updates the Windows exec runner in preparation for the WDAC changes.
This new process is designed to improve the way modules are run by
Windows and expose common functionality to run PowerShell code in a
common environment. It also includes futher changes to improve the error
handling to make it easier to see where an error occurred in the running
code.
Removes the use of pexpect in the winrm connection plugin and rely on
just subprocess. In the past pexpect was used for macOS compatibility so
that it could handle the TTY prompt but after testing it seems like
subprocess with `start_new_session=True` is enough to get it reading
from stdin on all platforms. This simplifies the code as there's no
longer an optional library changing how things are called and will work
out of the box.
* Fixed various become-related issues in `local` connection plugin.
* Fixed various issues in `sudo` and `su` become plugins.
* Added unit and integration test coverage.
Co-authored-by: Matt Clay <matt@mystile.com>
Co-authored-by: Matt Davis <nitzmahone@redhat.com>
Improves the logic for parsing CLIXML values in the stderr returned by
SSH. This fixes encoding problems by having a fallback in case the
output is not valid UTF-8. It also can now extract embedded CLIXML
sequences in all of stderr rather than just at the start.
* Update triple single quotes to triple double quotes
This change was fully automated.
The updated Python files have been verified to tokenize the same as the originals, except for the expected change in quoting of strings, which were verified through literal_eval.
* Manual conversion of docstring quotes
* Added support for testing unit tests with mypy.
* Added support for ignoring individual mypy error codes.
* Added missing assert on unit tests and marked xfail.
* Added type hints for some unit tests.
* Added ignores for unit tests not passing mypy.
* Fixed incorrect autouse argument in unit test fixtures.
* Fixed minor issues causing problems with mypy in unit tests.
This greatly reduces run time on large inventories since meta tasks are
executed in the main process sequentially and just executing them is expensive.
This change avoids running the following implicit meta tasks:
* ``flush_handlers`` on hosts where no handlers are notified
* ``noop`` for the linear strategy's lockstep, instead hosts that are
not executing the current task are just not part of the current host loop
A playbook consiting of two simple plays both running on ~6000 hosts
runs in:
devel: 37s
this PR: 1.3s
Co-authored-by: Sloane Hertel <19572925+s-hertel@users.noreply.github.com>
Co-authored-by: Sviatoslav Sydorenko (Святослав Сидоренко) <wk.cvs.github@sydorenko.org.ua>
* psrp - Remove extras lookups
Removed the extras variable lookups for the psrp connection plugin. All
valid options are already documented and the extras functionality is
slated to be deprecated at a future point in time. This should have
affect on existing user's playbooks.
* Fix up sanity tests and add explicit boolean conversion test
Currently we match the load name, which can be an fqcn, but most users expect the 'naked' name
Now plugins can declare that name by setting _extras_prefix property or fallback to 'non fqcn' if no extras prefix
If the connection plugin fails to write the data to run to stdin we will
only attempt to get the output with one operation attempt. If this times
out we will consider the command to have failed and raise an exception
instead of forever attempting to get the output.
Sloane Hertel
Matt Davis
Jordan Borean
David Shrewsbury
Matt Clay
Brian Coca
Matt Martz
Abhijeet Kasurde
Martin Krizek
Lee Garrett
Sviatoslav Sydorenko