The call to refresh_modules() in saltutil.refresh_grains was resulting
in a race condition with the event I added to refresh the grains. This
meant that, even though self.opts['grains'] was being changed by the new
event, before that process could finish the module refresh was itself
re-loading the grains and re-packing these new grains into the
__grains__ dunder, negating the refresh.
Since the module refresh loads the grains anyway, this commit changes
saltutil.refresh_grains to refresh the modules. It also removes the
refresh argument recently added to the grains module functions, as we're
no longer using it to conditionally refresh modules.
RedHat updated cffi for RHEL/CentOS 7.3, which causes a pair of warnings
on the pygit2 import. This warning is spit out to the CLI on several
commands, when they result in the git fileserver backend to be loaded.
This commit squelches that warning as it is just noise. Upgrading
pygit2/libgit2 would solve this, but that is not likely to happen in
RHEL/CentOS 7.
In some cases (e.g. Ubuntu cloud-init) authorized_keys may contain quoted spaces as part of options:
`no-port-forwarding,no-agent-forwarding,no-X11-forwarding,command="echo 'Please login as the user \"ubuntu\" rather than the user \"root\".';echo;sleep 10" ssh-rsa xxxxxx`
which confused the split in _replace_auth_key() in modules/ssh.py.
Because we don't support groups with yubikeys (and can't, in fact)
we need to dummy up this to always return false. This allows individual
user auths to work, whereas they would fail prior to this change.
In 2014.7.0, default matcher in the top file was changed to the compound
matcher, but the docs still suggest that it is the glob matcher. This
commit updates the docs to explicitly mention that the compound matcher
is now the default, and adds a table describing all of the available
matchers that can be set in the top file.
This reverts commit b3805d825a ("cloud.clouds.ec2: cache each named
node (#33164)").
Commit 25771fc030 ("_get_node return instance info directly, not a
dict of instances") from 2016.3 feature release changed how the result
of _get_node should be interpreted. Before it was like
res = _get_node(...)
node = res[name]
and after the commit it became
node = _get_node(...)
Commit b3805d825a ("cloud.clouds.ec2: cache each named node (#33164)")
submitted into 2015.8 as a bugfix for #33162 added loops over the keys
of a dictionary returned by _get_node, fixing
salt.utils.cloud.cache_node calls in queue_instances() and
show_instance().
But after being merged into 2016.3 with merge commit 679200aeb2
("Merge branch '2015.8' into '2016.3'"), the commit in question
reintroduced the bug on 2016.3 because of changed return value of
_get_node.
Fixes#39782
Also use this function to refresh the grains when editing them using
grains.{delval,setval,setvals}, avoiding a full sync. This speeds up
these functions by skipping the syncing of custom grains modules. For
most use cases, walking all your fileserver environments (which could be
a lot if using gitfs) is unnecessary when you're simply using these
functions to add/remove grains from /etc/salt/grains.
Previously, the return code of the runner (if any) was supplied in
ret['data']['retcode']. This was problematic if ret['data'] was later processed
by check_state_result. With this change, runners return the optional return
code in ret['retcode'], like the other code (modules, etc.) already did before.
