Add new type 'mode' for Unix permissions/umask #50035
Conversation
ansibot
added
affects_2.8
dagwieers
force-pushed
the
mode-type
branch
2 times, most recently
from
5f74734
to
22d01bc
Compare
ansibot
added
needs_ci
This comment has been minimized.
This comment has been minimized.
ansibot
added
cloud
and removed
needs_ci
dagwieers
force-pushed
the
mode-type
branch
3 times, most recently
from
e6c81de
to
42fe72f
Compare
|
Why not simply changing https://github.com/ansible/ansible/blob/devel/docs/bin/plugin_formatter.py#L150-L163 to output |
|
@sivel Do you have any thoughts on #50035 (comment) ? |
|
@felixfontein A possibility as well. It's only |
This PR alse fixes existing modules and examples.
|
I want to make sure I understand this correctly. Please forgive me for any misunderstanding up front. This change will be introducing a warning to a user who may be using an int in their playbooks for mode. So we suggest moving to a string as the new recommendation? I'd also like to see a porting guide addition for this change. Also, @kustodian, we do need a lint rule change for this. |
ansibot
added
core_review
The documentation of the mode-parameter usually recommends using strings for various reasons. Rather than giving users insights in how YAML and Ansible work together to make this a big problem, requiring a string takes away most of the pain. This is what we have in the documentation currently:
|
ansibot
added
files
ansibot
added
needs_rebase
| @@ -477,7 +477,7 @@ def main(): | |||
| backup=dict(type='bool', default=False), | |||
| force=dict(type='bool', default=True, aliases=['thirsty']), | |||
| validate=dict(type='str'), | |||
| directory_mode=dict(type='raw'), | |||
| directory_mode=dict(type='mode'), | |||
There was a problem hiding this comment.
Why isn't the parameter mode also defined here in the argspec? It's listed in the docs but not here.
There was a problem hiding this comment.
AnsibleModule() has an argument add_file_common_args, which will add common parameters such as mode to the argspec. The parametes which are added are the ones in FILE_COMMON_ARGUMENTS defined in module_utils/basic.py, which includes this change.
| @@ -155,8 +155,8 @@ | |||
| mode: | |||
| description: Unix permissions of the file in octal | |||
There was a problem hiding this comment.
This needs to change as well.
| @@ -36,6 +36,7 @@ | |||
| mode: | |||
| description: | |||
| - The octal mode for newly created files in sources.list.d | |||
|
We've passed Core feature freeze for 2.8. |
ansibot
added
collection
ansibot
added
pre_azp
|
When discussing this in the backlog meeting it seems like these changes here have been implemented by various other features over time and the changes here may not be needed anymore (or at least aren't needed to the same extent). Due to the age and the conflicts in the files we are going to close this PR. |
SUMMARY
To avoid any dangerous situations with octal or integer values as Unix mode, it is better to always rely on using strings for Unix permissions or umasks. It adds clarity and uniformity, as the current ambiguous situation leads to unforeseen consequences (e.g. with indirected values being converted to integers). It would have been better if we always had only accepted string octal representation IMO.
This implements a deprecation warning if a string was not provided, but by Ansible v2.12 we will only accept string values for type
mode. As a temporary measure we introduced amode_strtype to cover oldstr-type modes (whereasmodeis usingraw-type modes instead).This PR also:
This fixes #43256
ISSUE TYPE
COMPONENT NAME
apt_repository, copy, file, get_url, htpasswd, ini_file, java_keystore, jenkins_plugin, lineinfile, openssl_pkcs12, replace, stat, template, udm_share