[stable-2.14] Ensure that we do not squash keywords in validate (#79049) (#79062)

* [stable-2.14] Ensure that we do not squash keywords in validate (#79049) * Ensure that we do not squash keywords in validate. Fixes #79021 * become_user: nobody should only apply to the test tasks, not the setup_test_user role * Update how become_user is specified * Add test to ensure keyword inheritance is working for become * Add clog frag * Cache fattributes to prevent re-calculation * ci_complete * Remove unnecessary getattr. (cherry picked from commit 420564c5bcf752a821ae0599c3bd01ffba40f3ea) Co-authored-by: Matt Martz <matt@sivel.net> * Remove unneeded merge conflict changes
author: Matt Martz <matt@sivel.net> 2022-10-06 09:32:40 -0500
committer: GitHub <noreply@github.com> 2022-10-06 09:32:40 -0500
commit: cd9ef334d0a6e445cb95a096e4b34292c1e19d34 (patch)
tree: 99f6ae54ac2065fc3e821e548f3a04ddbdbceb10
parent: cd52ae459dd73991607a70956c844c711aae6b86 (diff)
download: ansible-cd9ef334d0a6e445cb95a096e4b34292c1e19d34.tar.gz
8 files changed, 31 insertions, 5 deletions
diff --git a/changelogs/fragments/79021-dont-squash-in-validate.yml b/changelogs/fragments/79021-dont-squash-in-validate.yml
new file mode 100644
index 0000000000..52a1e30e03
--- /dev/null
+++ b/changelogs/fragments/79021-dont-squash-in-validate.yml
@@ -0,0 +1,3 @@
+bugfixes:
+- keyword inheritance - Ensure that we do not squash keywords in validate
+  (https://github.com/ansible/ansible/issues/79021)
diff --git a/lib/ansible/playbook/base.py b/lib/ansible/playbook/base.py
index f254767227..669aa0ad4c 100644
--- a/lib/ansible/playbook/base.py
+++ b/lib/ansible/playbook/base.py
@@ -211,7 +211,7 @@ class FieldAttributeBase:
                     method(attribute, name, getattr(self, name))
                 else:
                     # and make sure the attribute is of the type it should be
-                    value = getattr(self, name)
+                    value = getattr(self, f'_{name}', Sentinel)
                     if value is not None:
                         if attribute.isa == 'string' and isinstance(value, (list, dict)):
                             raise AnsibleParserError(
diff --git a/lib/ansible/playbook/block.py b/lib/ansible/playbook/block.py
index 216d04e856..fabaf7f768 100644
--- a/lib/ansible/playbook/block.py
+++ b/lib/ansible/playbook/block.py
@@ -298,8 +298,10 @@ class Block(Base, Conditional, CollectionSearch, Taggable):
         '''
         Generic logic to get the attribute or parent attribute for a block value.
         '''
-        extend = self.fattributes.get(attr).extend
-        prepend = self.fattributes.get(attr).prepend
+        fattr = self.fattributes[attr]
+
+        extend = fattr.extend
+        prepend = fattr.prepend
 
         try:
             # omit self, and only get parent values
diff --git a/lib/ansible/playbook/task.py b/lib/ansible/playbook/task.py
index d0a4c6ecc8..50ac5df7f4 100644
--- a/lib/ansible/playbook/task.py
+++ b/lib/ansible/playbook/task.py
@@ -461,8 +461,10 @@ class Task(Base, Conditional, Taggable, CollectionSearch):
         '''
         Generic logic to get the attribute or parent attribute for a task value.
         '''
-        extend = self.fattributes.get(attr).extend
-        prepend = self.fattributes.get(attr).prepend
+        fattr = self.fattributes[attr]
+
+        extend = fattr.extend
+        prepend = fattr.prepend
 
         try:
             # omit self, and only get parent values
diff --git a/test/integration/targets/keyword_inheritance/aliases b/test/integration/targets/keyword_inheritance/aliases
new file mode 100644
index 0000000000..a6a33411a3
--- /dev/null
+++ b/test/integration/targets/keyword_inheritance/aliases
@@ -0,0 +1,3 @@
+shippable/posix/group4
+context/controller
+needs/target/setup_test_user
diff --git a/test/integration/targets/keyword_inheritance/roles/whoami/tasks/main.yml b/test/integration/targets/keyword_inheritance/roles/whoami/tasks/main.yml
new file mode 100644
index 0000000000..80252c0354
--- /dev/null
+++ b/test/integration/targets/keyword_inheritance/roles/whoami/tasks/main.yml
@@ -0,0 +1,3 @@
+- command: whoami
+  register: result
+  failed_when: result.stdout_lines|first != 'ansibletest0'
diff --git a/test/integration/targets/keyword_inheritance/runme.sh b/test/integration/targets/keyword_inheritance/runme.sh
new file mode 100755
index 0000000000..6b78a06dc4
--- /dev/null
+++ b/test/integration/targets/keyword_inheritance/runme.sh
@@ -0,0 +1,5 @@
+#!/usr/bin/env bash
+
+set -eux
+
+ANSIBLE_ROLES_PATH=../ ansible-playbook -i ../../inventory test.yml "$@"
diff --git a/test/integration/targets/keyword_inheritance/test.yml b/test/integration/targets/keyword_inheritance/test.yml
new file mode 100644
index 0000000000..886f9858ff
--- /dev/null
+++ b/test/integration/targets/keyword_inheritance/test.yml
@@ -0,0 +1,8 @@
+- hosts: testhost
+  gather_facts: false
+  become_user: ansibletest0
+  become: yes
+  roles:
+    - role: setup_test_user
+      become_user: root
+    - role: whoami
author	Matt Martz <matt@sivel.net>	2022-10-06 09:32:40 -0500
committer	GitHub <noreply@github.com>	2022-10-06 09:32:40 -0500
commit	cd9ef334d0a6e445cb95a096e4b34292c1e19d34 (patch)
tree	99f6ae54ac2065fc3e821e548f3a04ddbdbceb10
parent	cd52ae459dd73991607a70956c844c711aae6b86 (diff)
download	ansible-cd9ef334d0a6e445cb95a096e4b34292c1e19d34.tar.gz