Commit Graph

3736 Commits

Author SHA1 Message Date
Alex Willmer 4b0954a441
Merge pull request #1195 from moreati/release-v0.3.18
Release v0.3.18
2024-11-07 17:46:39 +00:00
Alex Willmer 02898d70a4 Merge commit 'd85d9a25ee02bddecf068b888c2d814cc918864c' into release-v0.3.18 2024-11-07 16:56:53 +00:00
Alex Willmer d85d9a25ee Prepare v0.3.18 2024-11-07 16:53:30 +00:00
Alex Willmer 4a2ba525a7
Merge pull request #1193 from moreati/issue1083-become
ansible_mitogen: Templated become flag
2024-11-07 16:01:49 +00:00
Alex Willmer dd41ddf89b ansible_mitogen: Templated become flag
The code change to support this was already made in transport_config.py, as
part of templated become_user support (commit bf6607e27e, PR #1148). This
commit adds tests to confirm the functionality.
2024-11-07 15:08:11 +00:00
Alex Willmer 8e64459bbf
Merge pull request #1192 from moreati/issue-1083-become_method
ansible_mitogen: Templated become method
2024-11-07 15:01:23 +00:00
Alex Willmer e120cd2cae ansible_mitogen: Templated become method 2024-11-07 14:18:58 +00:00
Alex Willmer d8408b1f25
Merge pull request #1191 from moreati/release-v0.3.17
Release v0.3.17
2024-11-07 13:23:22 +00:00
Alex Willmer 61c8267605
Merge pull request #1190 from moreati/test-port-keyword
Prepare v0.3.17 and some washup tests
2024-11-07 13:16:02 +00:00
Alex Willmer 35cc81b074 Merge commit '6cf6f69751e4533eb4f77d2e277c5989571357a5' into release-v0.3.17 2024-11-07 13:03:37 +00:00
Alex Willmer d2db3c3840 Begin v0.3.18dev 2024-11-07 12:46:47 +00:00
Alex Willmer 6cf6f69751 Prepare v0.3.17 2024-11-07 12:46:47 +00:00
Alex Willmer 905b87b71a tests: Test templated ansible_host_key_checking provided by task vars
missed by #1184
2024-11-07 12:46:47 +00:00
Alex Willmer 5ae5bb94ac docs: Changelog entry for templated ansible_host 2024-11-07 12:21:10 +00:00
Alex Willmer 6da2c6a80f
Merge pull request #1189 from moreati/issue1083-host
ansible_mitogen: Templated target host
2024-11-07 11:40:14 +00:00
Alex Willmer f50a61f981 ansible_mitogen: Templated host option (e.g. ansible_host, ansible_ssh_host)
A twist - for the connection option "host" the corresponding legacy
PlayContext attribute is PlayContext.remote_addr. This may be the only case
where a connection option name and the PlayContext attribute name differ.
2024-11-07 11:25:11 +00:00
Alex Willmer 6d9f2e12d9 tests: Switch remaining tt_targets_inventory group vars to host vars
This is ground work for adding/testing templated hostnames and python
interpreters. The extreme wideness will hopefully be temporary, e.g. by
switching to YAML inventories. The INI inventory plugin doesn't support
multiline host entries.

> 640 K(olumns) should be enough for anyone
> -- Apocryphal, not Bill Gates
2024-11-07 10:18:00 +00:00
Alex Willmer 0d09174031
Merge pull request #1184 from moreati/issue1083-host_key_checking
ansible_mitogen: Templated SSH host key checking
2024-11-07 01:05:34 +00:00
Alex Willmer 3a1b5ec620 CI: Increase sshd MaxAuthRetries to 50 on macOS runners
refs #1186
2024-11-07 00:32:01 +00:00
Alex Willmer 8cfcb66cda CI: Refactor sshd configuration into a role
Prep for applying it to macOS 13 GitHub runners.

refs #1186
2024-11-07 00:18:16 +00:00
Alex Willmer 9e0dad2a1a ansible_mitogen: Templated SSH host key checking
refs #1083
2024-11-06 09:17:09 +00:00
Alex Willmer 9189c01c16
Merge pull request #1181 from moreati/issue1083-private_key_file
ansible_mitogen: Templated SSH private key file
2024-11-06 06:57:55 +00:00
Alex Willmer c7df5c97c1 ansible_mitogen: Templated SSH private key file 2024-11-06 00:28:38 +00:00
Alex Willmer 5895ccadd2
Merge pull request #1183 from moreati/issue1182
CI: Fix incorrect u=r,g=r,o=rw file permissions on mitogen__has_sudo_pubkey.key
2024-11-05 18:11:04 +00:00
Alex Willmer 43cc937bc6 CI: Fix incorrect u=r,g=r,o=rw file permissions on mitogen__has_sudo_pubkey.key
The wrong base was used when calculating the mode. So the file became world
readable and writable on a CI runner, until
ansible/integration/ssh/variables.yml happened to correct it near the end of
the integration tests.

I believe this was the only instance.

```console
mitogen git:(issue1182) ✗ ag --python 'int\(.+7\)' . .ci | wc -l
       0
```

fixes #1182
2024-11-05 17:38:27 +00:00
Alex Willmer c883f177f3
Merge pull request #1180 from moreati/release-v0.3.16
Release v0.3.16
2024-11-05 08:33:15 +00:00
Alex Willmer a35b208acd
Merge pull request #1179 from moreati/prep-v0.3.16
Prepare v0.3.16
2024-11-05 08:19:41 +00:00
Alex Willmer a41a9544eb Merge commit 'd28dd09e23c17d82c3eedd5de64c94bebcf290f5' into release-v0.3.16 2024-11-05 01:35:48 +00:00
Alex Willmer 757527635d Begin v0.3.17dev 2024-11-05 01:33:40 +00:00
Alex Willmer d28dd09e23 Prepare v0.3.16 2024-11-05 01:32:33 +00:00
Alex Willmer df8f11d731
Merge pull request #1176 from moreati/issue1133
CI: Migrate to from macOS 12 to 13 test runners
2024-11-05 01:27:15 +00:00
Alex Willmer 06df62c8b8 CI: Migrated macOS 12 runners to macOS 13, due to EOL.
macOS Python 2.7 jobs have been removed because the macOS 13 image doesn't
include CPython 2.7.
2024-11-05 00:43:09 +00:00
Alex Willmer 88e7c568d2
Merge pull request #1175 from moreati/issue1083-ssh_executable
ansible_mitogen: Templated ssh executable
2024-11-05 00:38:29 +00:00
Alex Willmer 833e2845e9 ansible_mitogen: Templated ssh executable, templated reset_connection fix
Adding a the tt-ssh-executable test target uncovered an Ansible bug during
`meta: reset_connection` tasks. So this commit includes a workaround for
affected versions of Ansible.
2024-11-04 15:17:30 +00:00
Alex Willmer 89244703ff
Merge pull request #1174 from moreati/issue1083-become_flags
ansible_mitogen: Template become command arguments (become_flags)
2024-10-29 10:49:30 +00:00
Alex Willmer 66ea10d577 ansible_mitogen: Template become command arguments (become_flags)
Uses the same fallback for (mitogen_sudo et al) as become_exe (see #1173).

The new `Spec.become_flags()` is not yet explicitly tested. Note that it
returns a string (matching the Ansible option of the same name), whereas
`Spec.sudo_args()` returns a list.

refs #1083
2024-10-29 10:27:24 +00:00
Alex Willmer 04f7b7a282
Merge pull request #1172 from moreati/issue1083-become_exe
ansible_mitogen: Support templated become_exe option
2024-10-29 09:54:12 +00:00
Alex Willmer ec9b3e5c5d ansible_mitogen: Support templated become_exe option
Some ansible_mitogen connection plugins look more like become plugins (e.g.
mitogen_sudo) & use become plugin options. For now there's special handling in
PlayContextSpec._become_option(). Further design/discussion can go in #1173.

Refs #1087.
2024-10-29 09:33:55 +00:00
Alex Willmer 33b082f432
Merge pull request #1171 from moreati/release-v0.3.15
Release v0.3.15
2024-10-28 15:22:04 +00:00
Alex Willmer 06a82d3944
Merge pull request #1170 from moreati/prep-v0.3.15
Prep v0.3.15
2024-10-28 15:21:28 +00:00
Alex Willmer f4d7385a9c Merge commit '7634e2c' into release-v0.3.15 2024-10-28 14:37:51 +00:00
Alex Willmer 26c4c33ad3 Begin 0.3.16dev 2024-10-28 14:35:16 +00:00
Alex Willmer 7634e2c469 Prepare v0.3.15 2024-10-28 14:33:39 +00:00
Alex Willmer 0526f8e167
Merge pull request #1169 from moreati/issue1083-become_pass
ansible_mitogen: Support templated become passwords
2024-10-28 14:27:44 +00:00
Alex Willmer 7e5b064139 ansible_mitogen: Support templated become passwords 2024-10-28 13:59:14 +00:00
Alex Willmer 21e002af2d
Merge pull request #1168 from moreati/issue1083-become_pass
tests: Re-enable become/sudo tests, fix them on macOS runners
2024-10-28 00:04:30 +00:00
Alex Willmer 8a34b925a4 tests: Re-enable become/sudo tests, fix them on macOS runners
The tasks in tests/imageprep/_user_accounts.yml that create users did not
specify a primary group for those users - this left the decision to Ansible's
user module, and/or the underlying OS. In Ansible 9+ (ansible-core 2.16+ the
user module defaults to primary group "staff." Earlier don't supply a default,
which releases probably results in a primary group nameed "None" (due to
stringifying the Python singleton of the same name), or whatever the macOS
Directory Services has for no data/NULL.

The invalid GID 4294967295 (MAX_UINT32 == 2**32-1) in the sudo error probably
enters the mix via something similar to sudo CVE-2019-14287.

Fixes #692

See
- https://github.com/ansible/ansible/pull/79999
- https://github.com/ansible/ansible/commit/c69c83c962f987c78af98da0746527df
- https://www.sudo.ws/security/advisories/minus_1_uid/

> Bruce Wayne : [confused]  Am I meant to understand any of that?
> Lucius Fox : Not at all, I just wanted you to know how hard it was.
> -- Batman Begins
2024-10-27 23:26:49 +00:00
Alex Willmer 257d602a11
Merge pull request #1167 from moreati/issue905
ansible_mitogen: Template `ssh_args`, `ssh_common_args`, `ssh_extra_args`
2024-10-24 14:57:13 +01:00
Alex Willmer cdfaf31ebc ansible_mitogen: Template ssh_*_args connection options
This expands support to setting them in Play scoped variables. Task scoped
variables are also very likely to work, but untested for now.

refs #905
2024-10-24 13:00:55 +01:00
Alex Willmer 4bc0d9a050
Merge pull request #1164 from moreati/release-v0.3.14
Release v0.3.14
2024-10-16 16:07:27 +01:00