b822f20007
Follwing fixes in Ansible 7-9 for CVE-2023-5764 cating `AnsibleUnsafeBytes` & `AnsibleUnsafeText` to `bytes()` or `str()` requires special handling. The handling is Ansible specific, so it shouldn't go in the mitogen package but rather the ansible_mitogen package. `ansible_mitogen.utils.unsafe.cast()` is most like `mitogen.utils.cast()`. During development it began as `ansible_mitogen.utils.unsafe.unwrap_var()`, closer to an inverse of `ansible.utils.unsafe_procy.wrap_var()`. Future enhancements may move in this direction. refs #977, refs #1046 See also - https://github.com/advisories/GHSA-7j69-qfc3-2fq9 - https://github.com/ansible/ansible/pull/82293 - https://github.com/mitogen-hq/mitogen/wiki/AnsibleUnsafe-notes |
||
|---|---|---|
| .. | ||
| group_vars | ||
| host_vars | ||
| README.md | ||
| _container_create.yml | ||
| _container_finalize.yml | ||
| _container_setup.yml | ||
| _user_accounts.yml | ||
| ansible.cfg | ||
| hosts.ini | ||
| py24-build.sh | ||
| py24.sh | ||
| setup.yml | ||
| tox.ini | ||
README.md
image_prep
This directory contains Ansible playbooks for building the Docker containers used for testing, or for setting up an OS X laptop so the tests can (mostly) run locally.
The Docker config is more heavily jinxed to trigger adverse conditions in the code, the OS X config just has the user accounts.
See ../README.md for a (mostly) description of the accounts created.
Building the containers
No single version of Ansible supports every Linux distribution that we target. To workaround this Tox is used, to install and run multiple versions of Ansible, in Python virtualenvs.
tox
Preparing an OS X box
WARNING: this creates a ton of accounts with preconfigured passwords. It is generally impossible to restrict remote access to these, so your only option is to disable remote login and sharing.
ansible-playbook -b -c local -i localhost, -l localhost setup.yml