The tearDown appears to only be removing the grain if it matches a
specific value. This may be leading to the grain value not being blank
at the time the next test is run.
Instead of only deleting the grain if it matches a specific value,
instead delete all items from that grain to ensure that it is empty for
the next test.
Under some circumstances (which I can't reliably reproduce), the
docker.Client() instance does not have a timeout attribute, causing
anything that needs to use the docker client to result in a traceback.
This fixes this corner case (later branches initialize the timeout
differently).
The call to refresh_modules() in saltutil.refresh_grains was resulting
in a race condition with the event I added to refresh the grains. This
meant that, even though self.opts['grains'] was being changed by the new
event, before that process could finish the module refresh was itself
re-loading the grains and re-packing these new grains into the
__grains__ dunder, negating the refresh.
Since the module refresh loads the grains anyway, this commit changes
saltutil.refresh_grains to refresh the modules. It also removes the
refresh argument recently added to the grains module functions, as we're
no longer using it to conditionally refresh modules.
RedHat updated cffi for RHEL/CentOS 7.3, which causes a pair of warnings
on the pygit2 import. This warning is spit out to the CLI on several
commands, when they result in the git fileserver backend to be loaded.
This commit squelches that warning as it is just noise. Upgrading
pygit2/libgit2 would solve this, but that is not likely to happen in
RHEL/CentOS 7.
In some cases (e.g. Ubuntu cloud-init) authorized_keys may contain quoted spaces as part of options:
`no-port-forwarding,no-agent-forwarding,no-X11-forwarding,command="echo 'Please login as the user \"ubuntu\" rather than the user \"root\".';echo;sleep 10" ssh-rsa xxxxxx`
which confused the split in _replace_auth_key() in modules/ssh.py.
Because we don't support groups with yubikeys (and can't, in fact)
we need to dummy up this to always return false. This allows individual
user auths to work, whereas they would fail prior to this change.
In 2014.7.0, default matcher in the top file was changed to the compound
matcher, but the docs still suggest that it is the glob matcher. This
commit updates the docs to explicitly mention that the compound matcher
is now the default, and adds a table describing all of the available
matchers that can be set in the top file.
This reverts commit b3805d825a ("cloud.clouds.ec2: cache each named
node (#33164)").
Commit 25771fc030 ("_get_node return instance info directly, not a
dict of instances") from 2016.3 feature release changed how the result
of _get_node should be interpreted. Before it was like
res = _get_node(...)
node = res[name]
and after the commit it became
node = _get_node(...)
Commit b3805d825a ("cloud.clouds.ec2: cache each named node (#33164)")
submitted into 2015.8 as a bugfix for #33162 added loops over the keys
of a dictionary returned by _get_node, fixing
salt.utils.cloud.cache_node calls in queue_instances() and
show_instance().
But after being merged into 2016.3 with merge commit 679200aeb2
("Merge branch '2015.8' into '2016.3'"), the commit in question
reintroduced the bug on 2016.3 because of changed return value of
_get_node.
Fixes#39782
