* 29891 use os.path.realpath to follow keyfile symlinks
* 29891 add parameter follow
* updated changelog fragment
* add documentation and set default to false
* Add comment option to authorized_keys
* Update version_added for authorized_keys comment
* PEP8
* Include index rank in parsed_key_key
* Properly display diff
Only display diff if specificed via settings
* Fix PEP8 test failure
Removed from legacy files since it is now properly formatted
* Cleanup integration test formatting and add test for new comment feature
* Correct version_added for new option
Made the following changes:
* Removed wildcard imports
* Replaced long form of GPL header with short form
* Removed get_exception usage
* Added from __future__ boilerplate
* Adjust division operator to // where necessary
For the following files:
* web_infrastructure modules
* system modules
* linode, lxc, lxd, atomic, cloudscale, dimensiondata, ovh, packet,
profitbricks, pubnub, smartos, softlayer, univention modules
* compat dirs (disabled as its used intentionally)
Changes to the metadata format were approved here:
https://github.com/ansible/proposals/issues/54
* Update documentation to the new metadata format
* Changes to metadata-tool to account for new metadata
* Add GPL license header
* Add upgrade subcommand to upgrade metadata version
* Change default metadata to the new format
* Fix exclusion of non-modules from the metadata report
* Fix ansible-doc for new module metadata
* Exclude metadata version from ansible-doc output
* Fix website docs generation for the new metadata
* Update metadata schema in valiate-modules test
* Update the metadata in all modules to the new version
* Refactoring: split readkeys() into readfile() and parsekeys()
* Refactoring: split writekeys() into writefile() and serialize()
* authorized_key: support --diff
* Refactoring: remove no-longer used readkeys()/writekeys()
* Integration test for authorized_key in check mode
* Code smell test for iteritems and itervalues
* Change the keydict object in authorized_keys so it doesn't throw a false postive
keydict is a bad data structure anyway. We don't use the iteritems and
itervalues methods so just disable them so that the code-smell tests do
not trigger on it.
* Change release templates so they work with py3
* Change example syntax on authorized_key module
* Change example syntax on cron module
* Change example syntax on group module
* Change example syntax on hostname module
* Change example syntax on seboolean module
* Change example syntax on selinux module
* Change example syntax on service module
* Change example syntax on sysctl module
* Change example syntax on systemd module
* Change example syntax on user module
* Change example syntax on debug module
* Change example syntax on fail module
* Change example syntax on include module
* Change example syntax on include_role module
* Change example syntax on include_vars module
* Change example syntax on pause module
* Change example syntax on wait_for module
* Change example syntax on apache2_module module
* > Change example syntax on django_manage module
* Change example syntax on htpasswd module
* Make authorized_key preserve key order
Track the ordering of keys in the original file (rank)
and try to preserve it when writing out updates.
Fixes#4780
The last fix allowing multiple definitions of the same option key (for
permitopen support) introduced a set() which removed the guaranteed
ordering of the options.
This change restores ordering. The change is larger than simply
removing the set because we do need to handle the non-dict semantics
around keys not being unique in the data structure. The new code make
use of __setitem__() and items() to do its work. Trying to use
getitem() or keys() should be looked upon with suspicion as neither of
those follow dictionary semantics and it is quite possible the coder
doesn't realize this. The next time we need to touch or enhance the
keydict code it should probably be rewritten to not pretend to extend
the dictionary interface.
Since dict.keys return a dictkeys under python 3, we hav to cast it
to a list to avoid traceback:
Traceback (most recent call last):
File "/tmp/ansible_sh16ejbd/ansible_module_authorized_key.py", line 496, in <module>
main()
File "/tmp/ansible_sh16ejbd/ansible_module_authorized_key.py", line 490, in main
results = enforce_state(module, module.params)
File "/tmp/ansible_sh16ejbd/ansible_module_authorized_key.py", line 410, in enforce_state
parsed_new_key = parsekey(module, new_key)
File "/tmp/ansible_sh16ejbd/ansible_module_authorized_key.py", line 308, in parsekey
options = parseoptions(module, options)
File "/tmp/ansible_sh16ejbd/ansible_module_authorized_key.py", line 259, in parseoptions
options_dict[key] = value
File "/tmp/ansible_sh16ejbd/ansible_module_authorized_key.py", line 164, in __setitem__
self.itemlist.append(key)
AttributeError: 'dict_keys' object has no attribute 'append'
Yet another fix for https://github.com/ansible/ansible/pull/18053
Test suite block on:
Traceback (most recent call last):
File "/tmp/ansible_fhootp1e/ansible_module_authorized_key.py", line 496, in <module>
main()
File "/tmp/ansible_fhootp1e/ansible_module_authorized_key.py", line 490, in main
results = enforce_state(module, module.params)
File "/tmp/ansible_fhootp1e/ansible_module_authorized_key.py", line 410, in enforce_state
parsed_new_key = parsekey(module, new_key)
File "/tmp/ansible_fhootp1e/ansible_module_authorized_key.py", line 308, in parsekey
options = parseoptions(module, options)
File "/tmp/ansible_fhootp1e/ansible_module_authorized_key.py", line 253, in parseoptions
if options_dict.has_key(key):
AttributeError: 'keydict' object has no attribute 'has_key'
With keydict being a subclass of dict.
PR #1651 fixed issue #1515 but the requirement for path to be defined is unecessarily strict. If the user has previously been created a path isn't necessary.
This change is in response to issue #1515.
Original pull request #1580.
The original problem is: in authorized_key module you have no idea about users
which will be created by Ansible at first run. I can propose next two ways to
solve this problem:
1. Combine modules system/user.py and system/authorized_key.py in one module
(so you will know everything about users in that module)
2. Use small workaround: add my commit and always provide 'path' parameter
for authorized_key module during runs with --check option.
I tried a playbook with the following (accidentally wrong) task:
tasks:
- name: authorized key test
authorized_key: key=/home/sam/.ssh/id_rsa.pub key_options='command="/foo/bar"' user=sam
I got the following traceback:
TASK: [authorized key test] ***************************************************
failed: [localhost] => {"failed": true, "parsed": false}
Traceback (most recent call last):
File "/home/sam/.ansible/tmp/ansible-tmp-1427110003.65-277897441194582/authorized_key", line 2515, in <module>
main()
File "/home/sam/.ansible/tmp/ansible-tmp-1427110003.65-277897441194582/authorized_key", line 460, in main
results = enforce_state(module, module.params)
File "/home/sam/.ansible/tmp/ansible-tmp-1427110003.65-277897441194582/authorized_key", line 385, in enforce_state
parsed_new_key = (parsed_new_key[0], parsed_new_key[1], parsed_options, parsed_new_key[3])
TypeError: 'NoneType' object has no attribute '__getitem__'
With this fix, I see the expected error instead:
TASK: [authorized key test] ***************************************************
failed: [localhost] => {"failed": true}
msg: invalid key specified: /home/sam/.ssh/id_rsa.pub
Dag Wieers
Michael Scherer
Andreas Calminder
JP Mens
Abhijeet Kasurde
Matt Clay
Toshio Kuratomi
Sam Doran
Rafał Osiecki
Andrea Tartaglia
James Cooke
Fabio Alessandro Locati
Marius Gedminas
Adrian Likins
Ali Ok
Marcos Diez
Allen Sanabria
Michael Scherer
Brian Coca
Toshio Kuratomi
Veaceslav (Slava) Mindru
Greg DeKoenigsberg
Simon Li
Александр Костырев
verm666
Sam Thursfield
Edward Larkey