gentoo resync : 25.11.2020

6 files changed, 117 insertions, 101 deletions

diff --git a/app-admin/ansible/Manifest b/app-admin/ansible/Manifest
index c1afa7e4c554..b3d3d1a1d5ca 100644
--- a/app-admin/ansible/Manifest
+++ b/app-admin/ansible/Manifest
@@ -1,8 +1,7 @@
+AUX ansible-2.10.0-CVE-2020-25635-6.patch 2961 BLAKE2B bd023424bb075a743881056d6e0c0c194ae56cde0ed3b9aad2ef5a2f75d6a63994a0455a896e6e9f16cacd0f1c3438eb45cd2352d4f4b53810f19728b5a7de5e SHA512 36bb9321e9524d04f06d7156ad6f7f72ce4bd75332437a33ff49c226e12e8e4f8cd82976ccb0c02076ee95de762988d6783a2ed00453b1b8893fe8127847bc30
 DIST ansible-2.10.0.tar.gz 25454980 BLAKE2B 91f930518b90b36aa2c21f553092233059fada86fd1674c9c6e881484b1bd4e68a3eaa05d82e15115906e55da99c43394c3de36a898e26bb222f780b82f8a5bd SHA512 878036f06e1705e4392223bda210b2acae0232069d0cec02a47f13f6b3bc6c9538fb515a2d2dc6003695bcf0915fdd3dfc5b8dc59355e37e2ca8fa48bbd79657
-DIST ansible-2.9.12.tar.gz 14260349 BLAKE2B 6d7fdc82489df755196b890b39c166e9639c94e4238b4bf33686a3ab17fcc92c6b3a05f80e1276795b966aaa318ec7d9003099950102c014adb1a5d730928633 SHA512 6c05c49e363d4d68516dfea448cead3e2c281d1288c9467a0b6dd083504f303df694ed1c5957ae6582b28acc937d12d13333254328e13bac430b9b7fa4354f23
-DIST ansible-2.9.13.tar.gz 14261322 BLAKE2B 5de939a99cd703eaf240f536a9a4b707e3931364647782dde2bbebd5b755253594cbb1cf8c4e9f22a14fca85c9f018ee6ea26bce1cbe2145ba72e5f5ec313670 SHA512 cb08adf62df0f3650425a5d960baadd7439c7c1e95b8f9df3d08e7504f9622b9e5f7104b8700b0f1e9fe318d349a6a5728e9178f0193fb4a190456e30a2f1eb2
-EBUILD ansible-2.10.0.ebuild 1793 BLAKE2B d28af2621729fe04a885e1c453aa95b7541ffea6064d127046882793b472c37b7cee7df68088bada6111946cee1671d1382a1413527a22c1cebdf2465fc083f7 SHA512 e5a0c899b16e2948e03601559d525d3f46e430e4a805872d30b76dbc65afaa30850de7234ca92f6a6782eef3e7ab38fe565f13eb51899714bc1e3a20a91b6e71
-EBUILD ansible-2.9.12.ebuild 1761 BLAKE2B 6107712ccf535e58d00972c73b6a07b40d09b1b3180a69a4cbb0909d9de532d1f4c2699e51ad2b280fa66ff854d69a5e65c01530a527f600e45ba31c5fba8f5e SHA512 a53f8f993f8f77ddbeb41948a2a1dc1943f86784984ecad49ccd099d65af2faba7467f927193fa25bee6125baf9c9ee460986ea7d04ff7e78cd588c9e4a1621e
-EBUILD ansible-2.9.13.ebuild 1763 BLAKE2B 968a38a35b853ead47f04d4094cb86be79972d5d13415272472776403e63e160842a6cc7e3d1c936efc80a6945fd580d56cfdad185f9efa7ad2ce161b58c4b2e SHA512 bb0dbd464c6c3edfb4aad153e1b558b1e1e4bc076b6ca787b17aed61b9d7a21505c65a3b345a02528a41598bf9a558f5ea4f300152fefa7aa8a5af008d294b9a
-EBUILD ansible-9999.ebuild 1747 BLAKE2B 8f93eabc728ab74ad23a341e1d58bedd9547562532eb55f43d1045d67a17a9ea4bc4cc8c8a386b4791bc5010713d1d4769970dc660ea126499fb172f2fc1fcb5 SHA512 e36d1d4adc1136e01a294c361ec18cd611dc2e7ac4061d139efb6fda14b3e396a3503200fa2c371865c78c38ec8b27db3c24e9329785d2f833da95e6f2cd7532
+DIST ansible-2.10.1.tar.gz 25851704 BLAKE2B f9f42ab9f7864a48f0d960b4e8149dfba3ece6c4b01c08db59f9ba5fbcd39771c7b315bf7c9853641d15c2bb6319c9b9ebc791440fc8933780895024c9b74c12 SHA512 46bbbfb22e5c3715df0069d420b174877dffd59f91613779e7057648d15751d528a9cb57357709d0c04a507a60e20c87b109ba1904e1f313441cf5832ba93b5e
+EBUILD ansible-2.10.0-r2.ebuild 1985 BLAKE2B 30885a55981450ae698183239f9659e770e5afafb774722dc4dfeb48789c3b4e8985f39e917ff497911f84363dceaf1bdf7c2d45537c8f6e3bf21e57fc88a67e SHA512 e48e28eaf5ee8bfa2e54e3245b448105e6687cca172ba1f3fba5b68b2c165a16045d94f5794b936426658bdc53883342aaf7fc7a4eb4bb7ef7b3bb8bc0e014b9
+EBUILD ansible-2.10.1.ebuild 1923 BLAKE2B 63317a87180642d280eabbb19f5858b3d45a87b6aa503ff2f86bfb0d04accbbf2269ad6ede57b6617d3e7252844f0839e487f06c87abe5062eed2be02cdbe0ae SHA512 57478bab16bb0432ef913f8402ac239b7882d47d7c1e4c0c01c01607c35b0604d1c0f9eabb816f0fd3164373fe7bb3dab020c5876515ea100c135ed2e6de19cb
+EBUILD ansible-9999.ebuild 1937 BLAKE2B 98ab62b10f1d118b9d491639800cf12c61d89c76d7c825bee3f944baec488d7de3ac699e8e4ee024ce80b97ecc5625fdffa04c32b1a6590c3c2dd73103b9ca60 SHA512 c067bbb92042d932316ee2a26f43f974586eff96b8f5f679a8b51e4a66f2e6a7c532edc0d0bf996bf665a875c7af61e29d6fb5ac1b4ac10896140e77004778c8
 MISC metadata.xml 952 BLAKE2B 53640d081ebb558274f8c10095aa6e477820e28a7fdf62c169f5fb3b82153223a7f8ecd1807d14646eae2ec2262b50341919bbb13255293d379ba017b30b20bd SHA512 03b75d65cd0a4b32021b34d9f7ba21b6c4c6893cf185a36dbe6fc10728e0f18c65fc5b6a4c197be8c2b1dadb7243ddce02dbe2f504034a2df1c621f8ba6e26a7
diff --git a/app-admin/ansible/ansible-2.9.13.ebuild b/app-admin/ansible/ansible-2.10.0-r2.ebuild
index 7a568caa73b3..eae0967a94af 100644
--- a/app-admin/ansible/ansible-2.9.13.ebuild
+++ b/app-admin/ansible/ansible-2.10.0-r2.ebuild
@@ -3,17 +3,26 @@
 
 EAPI=7
 
-PYTHON_COMPAT=( python3_{6,7} )
+PYTHON_COMPAT=( python3_{6..9} )
+DISTUTILS_USE_SETUPTOOLS=bdepend
 
 inherit distutils-r1 eutils
 
 DESCRIPTION="Model-driven deployment, config management, and command execution framework"
 HOMEPAGE="https://ansible.com/"
-SRC_URI="https://releases.ansible.com/${PN}/${P}.tar.gz"
+
+if [[ ${PV} == 9999 ]]; then
+	inherit git-r3
+	EGIT_REPO_URI="https://github.com/ansible/ansible.git"
+	EGIT_BRANCH="devel"
+	KEYWORDS=""
+else
+	SRC_URI="mirror://pypi/${PN:0:1}/${PN}/${P}.tar.gz"
+	KEYWORDS="amd64 ~arm arm64 ~ppc64 x86 ~x64-macos"
+fi
 
 LICENSE="GPL-3"
 SLOT="0"
-KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~x86 ~x64-macos"
 IUSE="doc test"
 RESTRICT="test"
 
@@ -21,7 +30,6 @@ RDEPEND="
 	dev-python/paramiko[${PYTHON_USEDEP}]
 	dev-python/jinja[${PYTHON_USEDEP}]
 	dev-python/pyyaml[${PYTHON_USEDEP}]
-	dev-python/setuptools[${PYTHON_USEDEP}]
 	dev-python/cryptography[${PYTHON_USEDEP}]
 	dev-python/httplib2[${PYTHON_USEDEP}]
 	dev-python/six[${PYTHON_USEDEP}]
@@ -29,12 +37,11 @@ RDEPEND="
 	dev-python/pexpect[${PYTHON_USEDEP}]
 	net-misc/sshpass
 	virtual/ssh
-	!app-admin/ansible-base
+	app-admin/ansible-base
 "
 DEPEND="
-	!app-admin/ansible-base
-	dev-python/setuptools[${PYTHON_USEDEP}]
 	>=dev-python/packaging-16.6[${PYTHON_USEDEP}]
+	app-admin/ansible-base
 	doc? (
 		dev-python/sphinx[${PYTHON_USEDEP}]
 		dev-python/sphinx-notfound-page[${PYTHON_USEDEP}]
@@ -50,6 +57,13 @@ DEPEND="
 		dev-vcs/git
 	)"
 
+PATCHES=( "${FILESDIR}/ansible-2.10.0-CVE-2020-25635-6.patch" )
+
+python_compile() {
+	export ANSIBLE_SKIP_CONFLICT_CHECK=1
+	distutils-r1_python_compile
+}
+
 python_compile_all() {
 	if use doc; then
 		cd docs/docsite || die
@@ -65,6 +79,4 @@ python_test() {
 python_install_all() {
 	use doc && local HTML_DOCS=( docs/docsite/_build/html/. )
 	distutils-r1_python_install_all
-
-	dodoc -r examples
 }
diff --git a/app-admin/ansible/ansible-2.10.0.ebuild b/app-admin/ansible/ansible-2.10.0.ebuild
deleted file mode 100644
index c19820e359f3..000000000000
--- a/app-admin/ansible/ansible-2.10.0.ebuild
+++ /dev/null
@@ -1,69 +0,0 @@
-# Copyright 1999-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-PYTHON_COMPAT=( python3_{6,7} )
-
-inherit distutils-r1 eutils
-
-DESCRIPTION="Model-driven deployment, config management, and command execution framework"
-HOMEPAGE="https://ansible.com/"
-SRC_URI="mirror://pypi/${PN:0:1}/${PN}/${P}.tar.gz"
-
-LICENSE="GPL-3"
-SLOT="0"
-KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~x86 ~x64-macos"
-IUSE="doc test"
-RESTRICT="test"
-
-BDEPEND="!<app-admin/ansible-2.10.0[${PYTHON_USEDEP}]"
-RDEPEND="
-	dev-python/paramiko[${PYTHON_USEDEP}]
-	dev-python/jinja[${PYTHON_USEDEP}]
-	dev-python/pyyaml[${PYTHON_USEDEP}]
-	dev-python/setuptools[${PYTHON_USEDEP}]
-	dev-python/cryptography[${PYTHON_USEDEP}]
-	dev-python/httplib2[${PYTHON_USEDEP}]
-	dev-python/six[${PYTHON_USEDEP}]
-	dev-python/netaddr[${PYTHON_USEDEP}]
-	dev-python/pexpect[${PYTHON_USEDEP}]
-	net-misc/sshpass
-	virtual/ssh
-	!app-admin/ansible-base
-"
-DEPEND="
-	!app-admin/ansible-base
-	dev-python/setuptools[${PYTHON_USEDEP}]
-	>=dev-python/packaging-16.6[${PYTHON_USEDEP}]
-	doc? (
-		dev-python/sphinx[${PYTHON_USEDEP}]
-		dev-python/sphinx-notfound-page[${PYTHON_USEDEP}]
-		>=dev-python/pygments-2.4.0[${PYTHON_USEDEP}]
-	)
-	test? (
-		${RDEPEND}
-		dev-python/nose[${PYTHON_USEDEP}]
-		>=dev-python/mock-1.0.1[${PYTHON_USEDEP}]
-		dev-python/passlib[${PYTHON_USEDEP}]
-		dev-python/coverage[${PYTHON_USEDEP}]
-		dev-python/unittest2[${PYTHON_USEDEP}]
-		dev-vcs/git
-	)"
-
-python_compile_all() {
-	if use doc; then
-		cd docs/docsite || die
-		export CPUS=4
-		emake -f Makefile.sphinx html
-	fi
-}
-
-python_test() {
-	nosetests -d -w test/units -v --with-coverage --cover-package=ansible --cover-branches || die
-}
-
-python_install_all() {
-	use doc && local HTML_DOCS=( docs/docsite/_build/html/. )
-	distutils-r1_python_install_all
-}
diff --git a/app-admin/ansible/ansible-2.9.12.ebuild b/app-admin/ansible/ansible-2.10.1.ebuild
index 7d5eb95e9a9e..3bfcb1fab2c6 100644
--- a/app-admin/ansible/ansible-2.9.12.ebuild
+++ b/app-admin/ansible/ansible-2.10.1.ebuild
@@ -3,17 +3,26 @@
 
 EAPI=7
 
-PYTHON_COMPAT=( python3_{6,7} )
+PYTHON_COMPAT=( python3_{6..9} )
+DISTUTILS_USE_SETUPTOOLS=bdepend
 
 inherit distutils-r1 eutils
 
 DESCRIPTION="Model-driven deployment, config management, and command execution framework"
 HOMEPAGE="https://ansible.com/"
-SRC_URI="https://releases.ansible.com/${PN}/${P}.tar.gz"
+
+if [[ ${PV} == 9999 ]]; then
+	inherit git-r3
+	EGIT_REPO_URI="https://github.com/ansible/ansible.git"
+	EGIT_BRANCH="devel"
+	KEYWORDS=""
+else
+	SRC_URI="mirror://pypi/${PN:0:1}/${PN}/${P}.tar.gz"
+	KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~x86 ~x64-macos"
+fi
 
 LICENSE="GPL-3"
 SLOT="0"
-KEYWORDS="amd64 ~arm ~arm64 ~ppc64 x86 ~x64-macos"
 IUSE="doc test"
 RESTRICT="test"
 
@@ -21,7 +30,6 @@ RDEPEND="
 	dev-python/paramiko[${PYTHON_USEDEP}]
 	dev-python/jinja[${PYTHON_USEDEP}]
 	dev-python/pyyaml[${PYTHON_USEDEP}]
-	dev-python/setuptools[${PYTHON_USEDEP}]
 	dev-python/cryptography[${PYTHON_USEDEP}]
 	dev-python/httplib2[${PYTHON_USEDEP}]
 	dev-python/six[${PYTHON_USEDEP}]
@@ -29,12 +37,11 @@ RDEPEND="
 	dev-python/pexpect[${PYTHON_USEDEP}]
 	net-misc/sshpass
 	virtual/ssh
-	!app-admin/ansible-base
+	app-admin/ansible-base
 "
 DEPEND="
-	!app-admin/ansible-base
-	dev-python/setuptools[${PYTHON_USEDEP}]
 	>=dev-python/packaging-16.6[${PYTHON_USEDEP}]
+	app-admin/ansible-base
 	doc? (
 		dev-python/sphinx[${PYTHON_USEDEP}]
 		dev-python/sphinx-notfound-page[${PYTHON_USEDEP}]
@@ -50,6 +57,11 @@ DEPEND="
 		dev-vcs/git
 	)"
 
+python_compile() {
+	export ANSIBLE_SKIP_CONFLICT_CHECK=1
+	distutils-r1_python_compile
+}
+
 python_compile_all() {
 	if use doc; then
 		cd docs/docsite || die
@@ -65,6 +77,4 @@ python_test() {
 python_install_all() {
 	use doc && local HTML_DOCS=( docs/docsite/_build/html/. )
 	distutils-r1_python_install_all
-
-	dodoc -r examples
 }
diff --git a/app-admin/ansible/ansible-9999.ebuild b/app-admin/ansible/ansible-9999.ebuild
index 6ff1f27cd47b..d3bff29efe2f 100644
--- a/app-admin/ansible/ansible-9999.ebuild
+++ b/app-admin/ansible/ansible-9999.ebuild
@@ -3,14 +3,23 @@
 
 EAPI=7
 
-PYTHON_COMPAT=( python3_{6,7} )
+PYTHON_COMPAT=( python3_{6..9} )
+DISTUTILS_USE_SETUPTOOLS=bdepend
 
-inherit distutils-r1 git-r3 eutils
+inherit distutils-r1 eutils
 
 DESCRIPTION="Model-driven deployment, config management, and command execution framework"
 HOMEPAGE="https://ansible.com/"
-EGIT_REPO_URI="https://github.com/ansible/ansible.git"
-EGIT_BRANCH="devel"
+
+if [[ ${PV} == 9999 ]]; then
+	inherit git-r3
+	EGIT_REPO_URI="https://github.com/ansible/ansible.git"
+	EGIT_BRANCH="devel"
+	KEYWORDS=""
+else
+	SRC_URI="mirror://pypi/${PN:0:1}/${PN}/${P}.tar.gz"
+	KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~x86 ~x64-macos"
+fi
 
 LICENSE="GPL-3"
 SLOT="0"
@@ -22,7 +31,6 @@ RDEPEND="
 	dev-python/paramiko[${PYTHON_USEDEP}]
 	dev-python/jinja[${PYTHON_USEDEP}]
 	dev-python/pyyaml[${PYTHON_USEDEP}]
-	dev-python/setuptools[${PYTHON_USEDEP}]
 	dev-python/cryptography[${PYTHON_USEDEP}]
 	dev-python/httplib2[${PYTHON_USEDEP}]
 	dev-python/six[${PYTHON_USEDEP}]
@@ -34,7 +42,6 @@ RDEPEND="
 "
 DEPEND="
 	!app-admin/ansible-base
-	dev-python/setuptools[${PYTHON_USEDEP}]
 	>=dev-python/packaging-16.6[${PYTHON_USEDEP}]
 	doc? (
 		dev-python/sphinx[${PYTHON_USEDEP}]
@@ -51,6 +58,11 @@ DEPEND="
 		dev-vcs/git
 	)"
 
+python_compile() {
+	export ANSIBLE_SKIP_CONFLICT_CHECK=1
+	distutils-r1_python_compile
+}
+
 python_compile_all() {
 	if use doc; then
 		cd docs/docsite || die
@@ -66,6 +78,4 @@ python_test() {
 python_install_all() {
 	use doc && local HTML_DOCS=( docs/docsite/_build/html/. )
 	distutils-r1_python_install_all
-
-	dodoc -r examples
 }
diff --git a/app-admin/ansible/files/ansible-2.10.0-CVE-2020-25635-6.patch b/app-admin/ansible/files/ansible-2.10.0-CVE-2020-25635-6.patch
new file mode 100644
index 000000000000..df88be4264ff
--- /dev/null
+++ b/app-admin/ansible/files/ansible-2.10.0-CVE-2020-25635-6.patch
@@ -0,0 +1,54 @@
+From 921bd53103c2b543e95c9e6b863702db3ff54d0c Mon Sep 17 00:00:00 2001
+From: Jill R <4121322+jillr@users.noreply.github.com>
+Date: Fri, 2 Oct 2020 11:37:37 -0700
+Subject: [PATCH] aws_ssm: Namespace S3 buckets and delete transferred files
+ (#237)
+
+Files transferred to instances via the SSM connection plugin should use
+folders within the bucket that are namespaced per-host, to prevent collisions.
+Files should also be deleted from buckets when they are no longer required.
+
+Fixes: #221
+Fixes: #222
+
+Based on work by abeluck
+
+changelog
+---
+ ansible_collections/community/aws/changelogs/fragments/221_222_ssm_bucket_operations.yaml | 2 ++
+ ansible_collections/community/aws/plugins/connection/aws_ssm.py                           | 6 +++++-
+ 2 files changed, 7 insertions(+), 1 deletion(-)
+ create mode 100644 ansible_collections/community/aws/changelogs/fragments/221_222_ssm_bucket_operations.yaml
+
+diff --git a/ansible_collections/community/aws/changelogs/fragments/221_222_ssm_bucket_operations.yaml b/ansible_collections/community/aws/changelogs/fragments/221_222_ssm_bucket_operations.yaml
+new file mode 100644
+index 00000000..247d5e36
+--- /dev/null
++++ b/ansible_collections/community/aws/changelogs/fragments/221_222_ssm_bucket_operations.yaml
+@@ -0,0 +1,2 @@
++bugfixes:
++  - aws_ssm connection plugin - namespace file uploads to S3 into unique folders per host, to prevent name collisions. Also deletes files from S3 to ensure temp files are not left behind. (https://github.com/ansible-collections/community.aws/issues/221, https://github.com/ansible-collections/community.aws/issues/222)
+diff --git a/ansible_collections/community/aws/plugins/connection/aws_ssm.py b/ansible_collections/community/aws/plugins/connection/aws_ssm.py
+index 7f7d6926..94289eee 100644
+--- a/ansible_collections/community/aws/plugins/connection/aws_ssm.py
++++ b/ansible_collections/community/aws/plugins/connection/aws_ssm.py
+@@ -522,7 +522,8 @@ def _get_boto_client(self, service, region_name=None):
+     def _file_transport_command(self, in_path, out_path, ssm_action):
+         ''' transfer a file from using an intermediate S3 bucket '''
+ 
+-        s3_path = out_path.replace('\\', '/')
++        path_unescaped = "{0}/{1}".format(self.instance_id, out_path)
++        s3_path = path_unescaped.replace('\\', '/')
+         bucket_url = 's3://%s/%s' % (self.get_option('bucket_name'), s3_path)
+ 
+         if self.is_windows:
+@@ -546,6 +547,9 @@ def _file_transport_command(self, in_path, out_path, ssm_action):
+                 client.upload_fileobj(data, self.get_option('bucket_name'), s3_path)
+             (returncode, stdout, stderr) = self.exec_command(get_command, in_data=None, sudoable=False)
+ 
++        # Remove the files from the bucket after they've been transferred
++        client.delete_object(Bucket=self.get_option('bucket_name'), Key=s3_path)
++
+         # Check the return code
+         if returncode == 0:
+             return (returncode, stdout, stderr)