Update: query_package documentation
Fix: Number of Packages to Updated was one to high,
'cause of counting the '\n'
Fix: Pacman was reinstalling state=latest packages,
even when it was unable to load the remote version
cloudstack: cs_volume: fix not usable in older cloudstack versions
affects CCP 4.3.0.2 , but not ACS / CCP 4.5.1
closes#1321
cloudstack: cs_volume: fix uable to create volumes with the same name on multiple zones
cloudstack: cs_volume: use type bool and fix python3 support
Infra has been keeping a local copy of this waiting for ansible 2 to
release. In getting ready for ansible 2 (and our ability to delete our
local copy of the file, I noticed we had a couple of minor cleanups.
Also, the timeout command is there to improve life and workaround puppet
deficiencies. However, it's not working around deficiencies on systems
that do not have the timeout command if we blindly use it.
The puppet specific timeout options are more complex and out of scope of
this.
Issue: #1273
- cs_instance: fix VM not updated with states given stopped, started, restarted
A missing VM will be created though but an existing not updated. This fixes the lack of consistency.
- cs_instance: fix user data can not be cleared
- cs_instance: fix deleted VM not recovered on state=present
Instead of waiting for up to a certain number of retries we set a high
timeout and only re-check every five seconds. Certain services can
take a minute or more to start and we want to avoid waisting resources
by polling too often.
@mpeters reported that we're not checking that the named service is
actually there after a reload. And that sometimes monit doesn't actually
return anything at all after a reload.
If there are already ongoing actions for a process managed by monit, the
module would exit unsuccessfully. It could also give off false positives
because it did not determine whether the service was started/stopped
when it was in a pending state. Which might be turning the service off,
but the action was to start it.
For example "Running - pending stop" would be regarded as the service
running and "state=enabled" would do nothing.
This will make Ansible wait for the state to finalize, or a timeout decided
by the new `max_retries` option, before it decides what to do.
This fixes issue #244.
* Remove leading module parameter on open_url call as it's no longer used
by module_utils.urls.open_url
* Force basic auth otherwise vsphere will just return a 401
If a bucket is being created in us-east-1, the module passed
'us-east-1' to boto's s3.create_bucket method rather than
Location.DEFAULT (an empty string). This caused boto to generate
invalid XML which AWS was unable to interpret.
This patch is adding a new module which allows to add and remove YUM
repository definitions. The module implements all repository options
as described in the `yum.conf` manual page.
In Homebew, a formula is installed in a location relative to the actual
`brew` command. The documentation clarifies that.
Additionally, removed redundant 'path' reconstruction in multiple places.
if the rpm query is missing a package name (or giving some error): fail soft
before the patch: the module fails because the installed_state dict is missing the package name
after the patch: the missing package is assumed to not be in the correct state and is installed/removed with zypper
This was originally to match what puppet agent --test is, since the
rest of the options defaulted to on are grabbed from --test. However,
some security concerns have since been raised - namely that since this
is not the same invocation as --test but instead a remote orchestration
of puppet, the fact that passwords leak into the diff is a dangerous
default.
This reverts commit b86762c1806aa7f021a4780d06db2d3937910a62.
Early pam_limits module didn't support special values for items.
This patch is adding support to special values unlimited, infinity and -1.
Issue: https://github.com/ansible/ansible-modules-extras/issues/1033
Signed-off-by: Ondra Machacek <machacek.ondra@gmail.com>
package_latest was calling package_present but did not care
about the return code so errors in package_present were hidden
and everthing look ok on the console when zypper update did not fail,
but no packages where installed.
pkgin searches for packages such as 'emacs' can return multiple matches,
the first of which is not guaranteed to match. So, iterate through
found packages until we have an appropriate match. Should we *not* find
a match, then return False indicating match failure.
This is a very much needed flag. To turn on/off existing firewall rules. And like the recent fix of the 'Profile' key, the netsh cmd prints 'Enabled' in the textual output. (at least on win10 it does). So again a similar small code added for the necessary exception handling when the difference check happens.
Please merge / push upstream like the other fixes. Many thanks. This is the last fix I have put together for this patch set. So I will raise my PR now.
But if you want to fix more bugs, it seems there may be others. In terms of the control code. Sometimes it will delete a rule under 'force' condition (when found difference) - but instead it is supposed to just modify the existing rule. Some weird behaviour regarding that. The other problem is that ansible does not return the error text printed by 'netsh' cmd verbatim... but it should as that makes debugging these errors a *lot* easier.
Hi again. This commit removes a small portion of your script's own internal error checking. In specific: for the value of the profile: key. This is essential to avoid errors on other verisons of the windows operating system which are not win2008r2 (your version).
For example: on win10 (and most likely win8x too), the names of the profiles don't include the values 'current' and 'all'. But instead the values are 'Public' 'Private' 'Domain' and 'Any. But in addition, there are also certain combinatorial values, such as profile=Public,Private etc. Which is too many to error check yourself.
Yet removing the error checking here should not cause any ill effects however: since the netsh advfirewall ... cmds themselves to add / remove / modify actually to their own error checking of the profile=value. So when the cmd is run, it will error out itself with an appropriate / informative error msg. No harm done.
Therefore please remove the highlighed portions from your own script. It is essential for interoperability with win10 and win8x. Many thanks.
In win10 (and pribably win8x also):
The output of 'show rule' key includes the line "Profiles:<TAB>Public,Private".
Yet your script expects the key name printed out to be "Profile:<TAB>value".
This commit added the necessary exception handling to avoid flagging 'different=true' under the false circumstance. The key name to SET a firewall rule is still "profile=" and not "profiles=".
There is coming up another commit to fix the value handling for win10/win8. Which is another (different) error with the profile: key.
Without this fix, the 'netsh' command gets name=Firewall Rule Name instead of name="Firewall Rule Name". Thus causing all sorts of havoc. Basic shell quoting rules seems to apply to Windows Powershell too. This is very much needed as many of windows 10's default firewall rules contain spaces and brackets () characters.
- Remove choice list for boolean values in argument_spec and make it
more consistent with core modules
- Add 'package' alias and support for list type for 'name' parameter
- Added self as maintainer
To get all available options in json for each command, `composer help <command> --format=json` can be used. This allows us to simply parse the output and dynamically find out if an option is available. Neat!
Allows to define and update Route53 health-checks
Create and update actions are defined in the module because boto is
broken in the first case and doesn't implement the second-one.
I issued a command with action=disable_alerts host=webserver services=all set and get this results:
"nagios_commands": [
"[1438593631] DISABLE_SVC_NOTIFICATIONS;webserver;a",
"[1438593631] DISABLE_SVC_NOTIFICATIONS;webserver;l",
"[1438593631] DISABLE_SVC_NOTIFICATIONS;webserver;l"
]
This is not a big deal because i have just overlooked the action=silence command. Nevertheless a more predictable result would be a nice thing to have.
This fully implements all expected functionality of the dnf module.
Group removal may behave oddly due to hiccups in tagging groups as being
installed.
A pkg_types option could be added to specify the group package types.
disable_gpg_check was configured backwards, so it was toggled. Typos in
enablerepo/disablerepo are removed. fill_sack() calls are relocated to
occur after repo decisions. The "changed" key is now set for new
installations.
Pivotal's packaging of RabbitMQ shows a banner at the end of the plugin
listing talking about their official plugins. The start of the banner is
divided by a blank line so the changed plugin listing will now
break after the first empty line.
An example listing with the rabbitmq_management plugin enabled:
```
$ rabbitmq-plugins list -E -m
rabbitmq_management
Pivotal officially maintains and supports the plugins:
rabbitmq_auth_backend_ldap, rabbitmq_auth_mechanism_ssl,
rabbitmq_consistent_hash_exchange, rabbitmq_federation,
rabbitmq_federation_management, rabbitmq_jms_topic_exchange,
rabbitmq_management, rabbitmq_management_agent,
rabbitmq_mqtt, rabbitmq_shovel, rabbitmq_shovel_management,
and rabbitmq_stomp.
```
It is not documented but it seems only registered templates have checksums. Templates created from VMs and snapshot don't.
This change fixes the traceback. But we must re-thinking, if it still makes sense to look for the checksum.
Before this change, an instance must be present for make use of state=stopped/started. Now we are deploying an instance in the desire state if it does not exist.
In this case all args needed to deploy the instance must be passed. However the short form for stopping/starting an _existing_ instance still works as before.
Creates a VMware vSwitch
We have an end-to-end playbook that performs bare metal provisioning and
configuration of vSphere.
The playbooks/tasks and results from that testing is what will be listed
in this PR.
If there are any questions please let either @jcpowermac or @mtnbikenc
know.
Tested with version
```
$ ansible-playbook --version
ansible-playbook 1.9.2
configured module search path = None
```
Associated tasks used for testing below
```
- name: Add a temporary vSwitch
local_action:
module: vmware_vswitch
hostname: "{{ inventory_hostname }}"
username: "{{ esxi_username }}"
password: "{{ site_passwd }}"
switch_name: temp_vswitch
nic_name: "{{ vss_vmnic }}"
mtu: 9000
```
Verbose testing output and results
```
TASK: [Configure ESXi hostname and DNS servers]
*******************************
<127.0.0.1> REMOTE_MODULE vmware_dns_config password=VALUE_HIDDEN
hostname=foundation-esxi-01 change_hostname_to=cscesxtmp001
domainname=lordbusiness.local dns_servers=192.168.70.3,192.168.70.4
username=root
<127.0.0.1> REMOTE_MODULE vmware_dns_config password=VALUE_HIDDEN
hostname=foundation-esxi-02 change_hostname_to=cscesxtmp002
domainname=lordbusiness.local dns_servers=192.168.70.3,192.168.70.4
username=root
<127.0.0.1> REMOTE_MODULE vmware_dns_config password=VALUE_HIDDEN
hostname=foundation-esxi-03 change_hostname_to=cscesxtmp003
domainname=lordbusiness.local dns_servers=192.168.70.3,192.168.70.4
username=root
changed: [foundation-esxi-01 -> 127.0.0.1] => {"changed": true}
changed: [foundation-esxi-03 -> 127.0.0.1] => {"changed": true}
changed: [foundation-esxi-02 -> 127.0.0.1] => {"changed": true}
```
Right now even if you pass in an empty tags list to the module (either with
an empty string or null) it will erroneously think the tags list have changed
and re-apply the tags on every run
* Changed 'config' from a list to a string so any valid zonecfg(1M) syntax is accepted.
* Made default state 'present'
* Added 'attached', 'detached' and 'configured' states to allow zones to be moved between hosts.
* Updated documentation and examples.
* Code tidy up and refactoring.
The double nesting causes an issue with setting a default empty list if you need to loop over this using with_items. This fixes the issue since it looks like ansible silently fails at setting the default if you use with_items: registered_var['one']['two'] where one is not set.
Added documentation for ignore_state and updated the example since you
would really only use this module if you are going to register it to a
variable.
This module lets you get information about any number of ec2 instances
in your environment. It also has the option of creating hostnames based
on the ip of your server.
When no repositories are defined in zypper, the return code
of "zypper repos" is 6. Handle that case and don't fail
if zypper_repository has to deal with an empty repo list.
Fixes https://github.com/ansible/ansible-modules-extras/issues/795
got connected. It is possible for an intiator to successfully connect to a
target, whilst getting no LUN's back. If no devicenodes get detected, it makes
more sense to return an empty list than plainly None.
This potentially avoids further tasks to have to check if devicenodes is
iterable.
Since people can generate their own image with debootstrap, and
this wouldn't create a file /var/lib/locales/supported.d/local,
better check if it exist and work if it doesn't.
Fix#656
Chocolatey 0.9.9+ deprecated support for the `webpi` custom source, so I needed to write this.
[Windows Web Platform Installer](http://www.microsoft.com/web/downloads/platform.aspx) is a way of installing products and applications for Microsoft IIS on Windows. It has a [command line](http://www.iis.net/learn/install/web-platform-installer/web-platform-installer-v4-command-line-webpicmdexe-rtw-release); this ansible module allows IIS modules to be installed via this means.
To find out names of modules, use `webpicmd /list /listoption:available`.
Notes:
* `webpicmd` must be installed and on `PATH` first (see `win_chocolatey` module; package is `webpicmd`)
* `webpicmd` does not allow modules to be uninstalled
* IIS must be installed first (see `win_feature` module; package is `Web-Server`)
* Installations will
* accept EULA (which otherwise requires user input)
* suppress reboots (so you have to manage those; see `win_reboot` module)
When .NET is installed or updated, ngen is triggered to optimise the installation. This triggers high CPU while it's happening, and usually happens at an inconvenient time.
This allows you to trigger it when you like. Full details and background in doc.
I don't know a way to figure out whether this is required without actually running it.
This change is related to 2 issues;
- The API does not return destroyed VMs if zone ID is passed for CS version < 4.5.2. Also see CLOUDSTACK-8578. This only affects domain and root admins.
- The instance name must be unique across all zones. If we pass the zone ID to find a VM, it will not be found if it is in a different zone but a deployment with the name would fail.
Due to a software bug in vSphere, it fails to handle ampersand in datacenter names.
The solution is to do what vSphere does (when browsing) and double-encode ampersands.
It is likely other characters need special treatment like this as well, haven't found any.
This fixes::
Traceback (most recent call last):
File "/home/jpic/.ansible/tmp/ansible-tmp-1435080800.61-38257321141340/lxc_container", line 3353, in <module>
main()
File "/home/jpic/.ansible/tmp/ansible-tmp-1435080800.61-38257321141340/lxc_container", line 1712, in main
if not HAS_LXC:
NameError: global name 'HAS_LXC' is not defined
This fixes::
Traceback (most recent call last):
File "/home/jpic/.ansible/tmp/ansible-tmp-1435080916.98-133068627776311/lxc_container", line 3355, in <module>
main()
File "/home/jpic/.ansible/tmp/ansible-tmp-1435080916.98-133068627776311/lxc_container", line 1724, in main
lxc_manage.run()
File "/home/jpic/.ansible/tmp/ansible-tmp-1435080916.98-133068627776311/lxc_container", line 1605, in run
action()
File "/home/jpic/.ansible/tmp/ansible-tmp-1435080916.98-133068627776311/lxc_container", line 1145, in _started
self._config()
File "/home/jpic/.ansible/tmp/ansible-tmp-1435080916.98-133068627776311/lxc_container", line 714, in _config
_, _value = option_line.split('=')
ValueError: too many values to unpack
With such a task::
tasks:
- lxc_container:
name: buildbot-master
container_config:
- "lxc.mount.entry = {{ cwd }} srv/peopletest none defaults,bind,uid=0,create=dir 0 0"
The `--noreplace` argument to `emerge` is generally coupled with
`--newuse` or `--changed-use`, and can be used instruct Portage to
rebuild a package only if necessary. Simply checking to see if the
package is already installed using `equery` is not sufficient to
determine if any changes would be made, so that step is skipped when
the `noreplace` module argument is specified. The module then falls back
to parsing the output from `emerge` to determine if anything changed. In
check mode, `emerge` is called with `--pretend`, so it produces
different output, and the parsing fails to correctly infer that a change
would be made.
This commit adds another regular expression to check when running in
check mode that matches the pretend output from `emerge`.
Signed-off-by: Dustin C. Hatch <dustin@hatch.name>
When running in check mode, the *portage* module always reports that no
changes were made, even if the requested packages do not exist on the
system. This is because it was erroneously expecting `emerge --pretend`
to produce the same output as `emerge` by itself would, and attempts to
parse it. This is not correct, for several reasons. Most specifically,
the string for which it is searching does not exist in the pretend
output. Additionally, `emerge --pretend` always prints the requested
packages, whether they are already installed or not; in the former case,
it shows them as reinstalls.
This commit adjusts the behavior to rely on `equery` alone when running
in check mode. If `equery` reports at least one package is not
installed, then nothing else is done: the system will definitely be
changed.
Signed-off-by: Dustin C. Hatch <dustin@hatch.name>
Due to a spurious newline we corrupted the payload. It depends on the order of the headers and if there were headers added by vSphere.
The Accept header was also not needed.
Starting point for a reference when doing pull request reviews.
If something doesn't meet the guidelines we can point people
at them. If something is bad but is not mentioned in the
guidelines, we should add it here.
The lxc container restart state does not ensure that the container
is in fact started unless another config or command is passed into
the task. to fix this the module simply needs to have the function
call added ``self._container_startup()`` after the container is
put into a stopped state.
Signed-off By: Kevin Carter <kevin.carter@rackspace.com>
* Refactor code to be more robust. Run main logic inside a try {} catch {}
block. If there is any error, bail out and log all the command output
automatically.
* Rely on error code generated by chocolatey instead of scraping text
output to determine success/failure.
* Add support for unattended installs: (`-y` flag is a requirement by
chocolatey)
* Before (un)installing, check existence of files.
* Use functions to abstract logic
* The great rewrite of 0.9.9, the `choco` interface has changed, check
if chocolatey is installed and an older version. If so upgrade to
latest.
* Allow upgrading packages that are already installed
* Use verbose logging for chocolate actions
* Adding functionality to specify a source for a chocolatey repository.
(@smadam813)
* Removing pre-determined sources and adding specified source url in
it's place. (@smadam813)
Contains contributions from:
* Adam Keech <akeech@chathamfinancial.com> (@smadam813)
The python2-lxc library has been uploaded to pypi as such this commit
updates the requirements and doc information for the module such that
it instructs the user to install the pip package "lxc-python2" while
also noting that the package could be gotten from source as well. In
the update comments have been added to the requirements list which
notes where the package should come from,
Closes-Bug: https://github.com/ansible/ansible-modules-extras/issues/550
puppetmaster was used to determine if `agent` or `apply` should be used. But puppetmaster is not required by puppet per default. Puppet may have a config or could find out by itself (...) where the puppet master is.
It changed the code so we only use `apply` if a manifest was passed, otherwise we use `agent`.
This also fixes the example, which did not work the way without this change.
~~~
# Run puppet agent and fail if anything goes wrong
- puppet
~~~
puppet may be configured to operate in `--noop` mode per default.
That is why we must pass a `--no-noop` to make sure, changes are going to be applied.
There is a growing pattern for using ansible to orchestrate runs of
existing puppet code. For instance, the OpenStack Infrastructure team
started using ansible for this very reason. It also turns out that
successfully running puppet and interpreting success or failure is
harder than you'd expect, thus warranting a module and not just a shell
command.
This is ported in from
http://git.openstack.org/cgit/openstack-infra/ansible-puppet
This is necessary for instance when setting MX records on the root of a domain.
This is different than leaving record_name out completely which has the same
behaviour as before
This is necessary for instance when setting CNAMEs that point to the root
of the domain. This is different than leaving record_value out completely
which has the same behaviour as before
MAN page states the following :
Rules for traffic not destined for the host itself but instead for
traffic that should be routed/forwarded through the firewall should
specify the route keyword before the rule (routing rules differ
significantly from PF syntax and instead take into account netfilter
FORWARD chain conventions). For example:
ufw route allow in on eth1 out on eth2
This commit introduces a new parameter "route=yes/no" to allow just that.
The alternatives module parses the output of update-alternatives, but the expected English phrases may not show up if the system locale is not English. Setting LC_ALL=C when invoking update-alternatives fixes this problem.
- Backport config file handling from the DNF module rewrite #527
(Current config handling does not work with dnf and leads to
tracebacks when run as an unprivileged user).
- Make a mandatory requirement on yum-utils (for /usr/bin/repoquery)
because none of the fallback code works for dnf (it's unported yum API
code).
Both of these issues will be fixed better in the dnf rewrite when it is
feature complete.
Fixes#471
Added functionality to set rules for egress using this module at these are very similar. The only real difference is that egress firewall API uses the networkid. That is why the new arguments `type` for choosing `egress` or `ingress` and `network` was added.
For `type=ingress`, which is the default, `ip_address` is required and for `type=egress` the argument `network` is required.
The clone state was removed in favor of making the module more
declarative. This change was done in response to review in PR #328
from @bcoca.
In the commit new examples were created on how this feature works.
This commit adds the overlayfs type to the lxc_container module. In
Adding the overlayfs type the commit adds the ability to clone a
container. While cloning is not locked down to only the overlayfs
container backend it is of particular interest when using the overlayfs
backend as it provides for amazingly fast snapshots.
Changes to the resource types and documentation have been added on how
the new backend type can be used along with the clone operation.
This PR addresses a question asked on the original merged pull request
for overlayfs support which came from @fghaas on PR
"https://github.com/ansible/ansible-modules-extras/pull/123".
The overlayfs archive function is a first class function and will
allow for the containers to be backed-up using all methods which
brings support up to that of all other storage backends.
The HipChat module declares to support check_mode,
but the message is sent in any case.
With this, if executed in check mode, the module will exit
before actually sending the message to HipChat.
It will return changed=False, as per the convention
for notifications modules.
The documentation for the `state` field is not very clear.
It says possible values are "installed, uninstalled" and default value is "present"
The examples below alow uses `present` and `absent`.
This patch uses "absent" and "present" instead of "installed" and "uninstalled"
Moreover, this is consistent with other packaging modules, like homebrew itself
This submission makes extensive use of the python-consul library and this is required
as a dependency and can be installed from pip.
The tests were written to target a vagrant cluster which can be setup by following the
instructions here http://github.com/sgargan/consul-vagrant
The 'msg' alias for 'subject' isn't in the documentation, so adding it.
In the gmail example, it uses both the 'subject' and 'msg' params, but 'msg' is an alias of 'subject', so you are essentially declaring the same param twice. If you use this example, then no subject is sent (I tested with gmail). Documentation example is updated to use 'body' as intended.
Also, updated the simple example to use 'subject' instead of the 'msg' alias since it is more explicit.
This manages environment variables in Vixie crontabs. It includes
addition/removal/replacement of variables and ordering via the
insertbefore/insertafter parameters.
Some devices return their description on multiple lines such as:
lldp.eth0.chassis.descr=cisco CISCO7609-S running on
Cisco IOS Software, c7600s72033_rp Software (c7600s72033_rp-IPSERVICESK9-M), Version 12.2(33)SRE3, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2011 by Cisco Systems, Inc.
Compiled Wed 26-Jan-11 06:54 by prod_rel_team
The generated fact will result as:
"descr": "cisco CISCO7609-S running on"
This patch fixes the line wrapping to return the full description
handling line breaks:
"descr": "cisco CISCO7609-S running on\nCisco IOS Software, c7600s72033_rp Software (c7600s72033_rp-IPSERVICESK9-M), Version 12.2(33)SRE3, RELEASE SOFTWARE (fc1)\nTechnical Support: http://www.cisco.com/techsupport\nCopyright (c) 1986-2011 by Cisco Systems, Inc.\nCompiled Wed 26-Jan-11 06:54 by prod_rel_team"
The device option was already implemented but omitted from docs and allowed
choices. With the addition of device, a devices failover_state can be
determined.
Fix bug in ansible get_package_state and get_current_version that breaks when there are multiple versions of a package installed and there is a list of packages to install.
The previous implementation used 'zip' to match requested names to installed names which fails, because rpm outputs multiple lines per package when there are multiple versions.
Testcase: Install opensuse, install multiple kernel versions (happens by update)
Before patch: calling
zypper: state=present for name={{item}}
with_items:
- kernel-desktop
- git
leads to ansible aborting.
After the patch ansible performs as expected and makes sure both packages are present.
Also the last version number is used for further update information in this version (before if only one package name was given the oldest version number was used).
According the patch(1) manpage:
The --directory option change to the directory dir immediately, before
doing anything else.
Thus if file is not relative to dir and making file absolute ensure that
patch will find it.
Prior to openssh 6.4, ssh-keygen -F returned 0 (and no output) when no
host was found. After then, it instead returned 1 and no output. This
revised code behaves correctly with either behaviour. There is
currently no other code path that results in exit(1) and no output.
The option parsing object within the module was performing a split
on an '=' sign and assuming that there would only ever be one '='
in a user provided option. Sadly, the assumption is incorrect and
the list comprehension that is building the options list needs to
be set to split on the first occurrence of an '=' sign in a given
option string. This commit adds the required change to make it
possible for options to contain additional '=' signs and be handled
correctly.
This allows one to enable or disable a node, useful for when doing
maintenance on a node to prevent connections from being attempted to it.
This will completely disable the node for any pool it might be in.
* update expected inclusion version
* fix consistency on enabled/absent (now enabled/disabled)
* safely import boto per now style of single-exit and proper JSON
* use new `required_together` module style
Cloudtrail is the AWS auditing configuration. It's fairly simple, but also very important to configuration management/devops/security to ensure it remains enabled. That's why I created it as a module.
- Changes are no longer erroneously reported on RHEL (#12)
- Adding new link groups on Debian works again.
- This was broken in a previous commit by assuming the OS was RHEL
if `update-alternatives --query <name>` had a return code of 2
- Prefer `--display` over `--query` for determining available
alternatives
- --display is more distro-agnostic and simplifies the code
- Fix missing `msg=` in `fail_json` call when `link` is missing
- Document that `link` is required on RHEL-based distros
Tested on Ubuntu 12.04+ and CentOS 6/7
This update will allow people to add a color bar at the front of a
Slack notification using the default 3 colors by name Slack specify
(good, warning, danger).
If no color is specified, or the default is used (normal) then no bar
will be added.
Description and example also added in this update.
Color bars are added by using the attachments json object inside the
payload - this is a very simplistic implementation as using custom
colors or adding titles or other formatting are not included in this
update and if needed I’m sure somebody else can spend the time to add
them later…
Tested with ansible 1.7
Occasionally, `lvcreate` will prompt on stdin for confirmation. In
particular, this may happen when the volume is being created close to
the location on disk where another volume existed previously. When this
happens, Ansible will hang indefinitely with no indication of the
problem. To work prevent this problem, the `--yes` command-line argument
can be passed to `lvcreate`, which will instruct it not to prompt.
Signed-off-by: Dustin C. Hatch <dustin@hatch.name>
* Add support for check mode
* Use "pkgin search" to guarantee 0 or 1 result
* Edit documentation for style, new feature, etc.
* General refactoring
* Lay some groundwork for future support of "state=latest"
These are all the code changes from Brian's review:
* change #! line
* rename "host" to "name" [keep as alias]
* make documentation clearer
* imports 1 per line
* use get_bin_path to find ssh-keygen
* key not actually required when removing host
The known_hosts module lets you add or remove a host from the
known_hosts file. This is useful if you're going to want to use the
git module over ssh, for example. If you have a very large number of
host keys to manage, you will find the template module more useful.
This was pull request 7840 from the old ansible repo, which was
accepted-in-principle but not yet merged. The mailing list thread
reading it is:
https://groups.google.com/forum/#!topic/ansible-devel/_e7H_VT6UJE/discussion
Analyze the given token and use the old webhook format if the token
is old style and use the new format if the token is new style. Make
domain optional with new-style tokens.
Fixes#157
Fix `changed` status that always returns False with composer.
This [previous PR](https://github.com/ansible/ansible-modules-extras/pull/61) had fixed the issue but because of a [Composer recent change](cb336a5416) stderr is now used for reporting information meant for humans while stdout is more for the output of the command.
This PR would definilty solve this issue.
The previous version of this code was supporting only locales using the
format "<language>_<territory>.<charset>". But all the locales that
doesn't have this format were not installable (such as "fr_FR" or
"fr_FR@euro").
Also, if an invalid locales was provided, the module kept sending a
"changed" status.
Now :
* if the user provides an invalid locales, the module failed. Locales
are verified using /etc/locale.gen or /usr/share/i18n/SUPPORTED if
Ubuntu
* Every types of valid locales are now supported.
* The locale module was not working on Archlinux, as there's no space
between the "#" and the locale. This is now supported. Credits goes
to danderson189, this is his code.
This module was tested on debian jessie, ubuntu 14 LTS and last
Archlinux.
The volume create methods were making an assumption on the unit
sizes being presented by the `vgdisplay` and the `lvdisplay`
commands. To correct the assumption the commands will now enforce
a unit size of "g" which will alway convert sives to gigabytes.
This was an issue brought up by @hughsaunders.
The new module will allow users to control LXC containers from ansible.
The module was built for use in LXC >= 1.0 or greater and implements most
of what can be done using the various lxc clients with regards to running
containers. This first module is geared only at managing lxc containers.
The module provides:
build containers
destroy containers
archive containers
info from a single container
start / stop / restart containers
run commands within containers
add/modify lxc config for a container
supports backends including LVM
Some packages attempt to prompt the user for certain settings during
installation. Thus, this parameter sets the environment variable
$BATCH to 'yes', which forces package installation scripts to accept
default values for these interactive prompts. This should work for all
prompts that have a default value and aren't implemented through a
custom script (as this variable is built into the ports/package system).
FIXME: Package install should fail if it prompts and batch isn't set;
currently, the install hangs indefinitely.
TODO: Allow user to specify the answers to certain prompts.
I (github.com/mwpher) have NOT tested this with any packages besides
bsdstats. It's a small improvement, but not a complete answer to all
the complexities of package installation.
The function normalizes checks for UTF-8, but the same issue exists for
other locales as well. This fix adds normalization for EUC-JP, a Japanese
locale.
In case of release repositories or other special cases you might not
need the autorefreshing of the repos. This patch adds a configure
option instead of hard enabling this.
Signed-off-by: Justin Lecher <jlec@gentoo.org>
Currently, either you apply the change in the configuration
of firewalld ( without permanent=True ), or you apply it live.
I most of the time want to do the 2 at the same time, ie open the
port ( so I can use the service ) and make sure it stay open on reboot.
The definition was leaking into ansible.module_utils.basic and causing
type checking to fail when running module as script. Not entirely clear
why this should be the case.
RedHat-based OSes have a version of update-alternatives which comes from
the chkconfig package and does not support the --query parameter. Work
around that.
* The policy is shown in `status verbose`, so all the check mode stuff should keep working.
* `--dry-run` works as expected.
* No idea whether it's legal as an argument to `interface`
re.match in has_changed function never worked properly, because match
requires searched sequence to be present exactly at a start of processed
string, which is not the case here.
All the actions by the mysql_replication plugin can be done by connecting to the NULL database. There is no need to connect to the 'mysql' db, since there are permissions problems when connecting to remote hosts, e.g. when you want to query "SHOW MASTER STATUS" on a remote host.
module.exit_json() does not like when the "changed" variable contains a
match object:
TypeError: <_sre.SRE_Match object at 0x81e2ae58> is not JSON serializable
Running the module with the argument "upgrade=yes" invokes an upgrade of
all installed packages.
While here clean up some comments.
Functionality requested by @qbit.
* Do not use the fstab parameter on openbsd for mounting
OpenBSD's mount command doesn't allow selecting which fstab file to use.
So if we're operating on the live filesystem (mount or remount) return
an error if the user specified an fstab file.
Fixes#5591
* Fix the logic inversion (thanks to @landryb)
The `service` module starts services that are not running when
`action=restarted` or `action=reloaded`, which is especially convenient
for initial deployments because it eliminates an extraneous operation
for when the service starts for the first time. This commit adjusts the
behavior of the `systemd` module to match.
Sets the SSH option `IdentitiesOnly=yes` in the SSH wrapper when a
`key_file` is provided to the git module. This option ensures that
the provided key is used. Otherwise, the system's ssh-agent could
provide undesired identities when connecting.
From ssh_config(5):
> Specifies that ssh(1) should only use the authentication identity and
> certificate files explicitly configured in the ssh_config files or
> passed on the ssh(1) command-line, even if ssh-agent(1) or a
> PKCS11Provider offers more identities. The argument to this keyword
> must be “yes” or “no”. This option is intended for situations where
> ssh-agent offers many different identities. The default is “no”.
* Change example syntax on nxos_feature module
* Change example syntax on nxos_hsrp module
* Change example syntax on nxos_igmp module
* Change example syntax on nxos_interface module
* Change example syntax on nxos_interface_ospf module
* Change example syntax on nxos_ip_interface module
* Change example syntax on nxos_ping module
* Change example syntax on nxos_switchport module
* Change example syntax on nxos_vlan module
* Change example syntax on nxos_vrf module
* Change example syntax on nxos_vrf_interface module
* Change example syntax on nxos_vrrp module
* Change example syntax on meta module
* Change example syntax on set_fact module
* Change example syntax on win_copy module
* Change example syntax on win_file module
* Change example syntax on win_get_url module
Remove escaping of \ characeter in Windows paths since it's no longer required for single quoted or unquoted values when using multi-line YAML syntax.
* Change example syntax on win_lineinfile module
* Change example syntax on win_msi module
* Change example syntax on win_stat module
* Remove nxos_bgp example from nxos_igmp module
* Mark examples as regexp to avoid syntax error
* Cleanup win_copy.py examples
* Cleanup win_file.py examples
* Remove quotes in win_get_url.py examples
* Cleanup quotes and languare in win_lineinfile.py
* Cleanup examples in win_group.py
* Cleanup examples in win_service.py
* Don't use : in documentation because it breaks the YAML syntax check
* Cleanup win_copy.py examples
* Cleanup win_copy.py examples
* Minor change to fix test failure
* Use single quotes
* Update documentation for vyos_command
Add information on new environment variable added in #18546.
Add note on command that should not be run via Ansible.
* White space changes
Two spaces after period.
If 'src_format' is not mentioned in playbook
and config is in text format a list object is
passed to 'guess_format' function instead
of string, hence TypeError execption is seen.
Fix is to pass string object instead of list.
When using a file:// or ftp:// URL the normal provisions that a non-200 status code means error have been disabled.
But the common error status -1 from fetch_url is not properly returning an error message.
This fix ensures that if the status code returns -1, we return a proper error message.
This fixes#3563
* win_msi - Dont list choices twise
http://docs.ansible.com/ansible/win_msi_module.html shows
Choices:
True
True
False
False
As the yes/no are expanded to true/false by the docs generation
* Update win_msi.py
* allow mount to try remount
falls back to unmount/mount
* fixed fstab handling and switched to ismount
custom function deals with bind mounts unlike built in
* un ** args
* last ** args
This updates the pull request template to provide more context about why specific things may be needed. This helps to make it feel like it is being asked for to help the team rather than arbitrary questions that don't seem applicable, such as command output for a docs change.
Allow some operations on missing services
Better sysv handling
Rearranged error reporting
fixed load error catching and order logic
also minor doc/comment updates
added warnings
- Adds the 'link' file_type for finding symbolic or hard links
- Use `os.lstat` instead of `os.stat` to prevent the following
of links when statting the file.
* Change example syntax on os_auth module
* Change example syntax on os_client_config module
* Change example syntax on os_image_facts module
* Change example syntax on os_networks_facts module
* Change example syntax on os_nova_flavor module
* Change example syntax on os_object module
* Change example syntax on os_server module
* Change example syntax on os_subnet_facts module
* Change example syntax on rax_files module
* Change example syntax on rax_files_objects module
* Change example syntax on mysql_db module
* Change example syntax on file module
* Change example syntax on uri module
* Change example syntax on cl_bond module
* Change example syntax on cl_bridge module
* Change example syntax on cl_img_install module
* Change example syntax on cl_interface module
* Change example syntax on cl_license module
* Change example syntax on cl_ports module
* Remove trailing colon
I broke backwards compat with the addition to define when a password
should be updated. It was requiring that a password value be passed when
deleting a user, which seems silly.
This moves the argument logic out of the argument spec and into when it
would be needed, when state is present.
* Change example syntax on supervisorctl module
* Change example syntax or _ec2_ami_search module
* Change example syntax on cloudformation module
* Change example syntax on ec2 module
* Change example syntax on ec2_facts module
* Change example syntax on ec2_eip module
* Change example syntax on rds module
* Change example syntax on route53 module
* Change example syntax on s3 module
* Change example syntax on digital_ocean module
* Change example syntax on docker_service module
* Change example syntax on cloudformation module
* Change example syntax on gc_storage module
* Change example syntax on gce module
* Change example syntax on gce_mig module
* Change example syntax on _glance_image module
* Change example syntax on _keystone_user module
* Change example syntax on _nova_keypair module
* Change example syntax on _quantum_floating module
* Change example syntax on _quantum_floating_ip_associate module
* Change example syntax on _quantum_network module
* Change example syntax on _quantum_router module
* Change example syntax on _quantum_router_gateway module
* Change example syntax on _quantum_router_interface module
* Change example syntax on _quantum_subnet module
* SQUASH _quantum_subnet
* Add missing quotes
* Change example syntax on authorized_key module
* Change example syntax on cron module
* Change example syntax on group module
* Change example syntax on hostname module
* Change example syntax on seboolean module
* Change example syntax on selinux module
* Change example syntax on service module
* Change example syntax on sysctl module
* Change example syntax on systemd module
* Change example syntax on user module
* Change example syntax on debug module
* Change example syntax on fail module
* Change example syntax on include module
* Change example syntax on include_role module
* Change example syntax on include_vars module
* Change example syntax on pause module
* Change example syntax on wait_for module
* Change example syntax on apache2_module module
* > Change example syntax on django_manage module
* Change example syntax on htpasswd module
The new create option with the default value 'no' changes the
behavior from the previous Ansible releases. Change the default to
'yes' to create missing ini files by default.
Fixes: #5488
Moving the "check if min_size/max_size/desired_capacity..." code to execute BEFORE the desired_capacity code is used in the following operation:
num_new_inst_needed = desired_capacity - len(new_instances)
Otherwise the following exception occurs when desired_capacity is not specified and you're replacing instances:
num_new_inst_needed = desired_capacity - len(new_instances)
TypeError: unsupported operand type(s) for -: 'NoneType' and 'int'
Stack Trace:
An exception occurred during task execution. The full traceback is:
Traceback (most recent call last):
File "/var/lib/awx/.ansible/tmp/ansible-tmp-1478229985.74-62334493713074/ec2_asg", line 3044, in <module>
main()
File "/var/lib/awx/.ansible/tmp/ansible-tmp-1478229985.74-62334493713074/ec2_asg", line 3038, in main
replace_changed, asg_properties=replace(connection, module)
File "/var/lib/awx/.ansible/tmp/ansible-tmp-1478229985.74-62334493713074/ec2_asg", line 2778, in replace
num_new_inst_needed = desired_capacity - len(new_instances)
TypeError: unsupported operand type(s) for -: 'NoneType' and 'int'
fatal: [localhost]: FAILED! => {"changed": false, "failed": true, "invocation": {"module_name": "ec2_asg"}, "module_stderr": "Traceback (most recent call last):\n File \"/var/lib/awx/.ansible/tmp/ansible-tmp-1478229985.74-62334493713074/ec2_asg\", line 3044, in <module>\n main()\n File \"/var/lib/awx/.ansible/tmp/ansible-tmp-1478229985.74-62334493713074/ec2_asg\", line 3038, in main\n replace_changed, asg_properties=replace(connection, module)\n File \"/var/lib/awx/.ansible/tmp/ansible-tmp-1478229985.74-62334493713074/ec2_asg\", line 2778, in replace\n num_new_inst_needed = desired_capacity - len(new_instances)\nTypeError: unsupported operand type(s) for -: 'NoneType' and 'int'\n", "module_stdout": "", "msg": "MODULE FAILURE", "parsed": false}
to retry, use: --limit @
In cases where a CFN stack could not complete (due to lack of
permissions or similar) but also failed to roll back, the gathering of
stack resources would fail because successfully deleted items in the
rollback would no longer have a `PhysicalResourceId` property.
This PR fixes that by soft-failing when there's no physical ID
associated to a resource.
The Instance UUID(refered to as PersistenceUUID in the API) is a the ID
vcenter uses to idenify VMs.
My use case for this is that I configure Zabbix using ansible and its
vmware module relies on using these to identify VMs.
* Expose internal_network in os_floating_ip
Shade project has finally exposed this argument so now this module
matches old quantum_floatingip module's capabilities.
Use "nat_destination" term instead of "internal_network" to match shade
terminology.
* Add (private|internal)_network aliases to os_floating_ip
* Fix typo in os_floating_ip
stdout lines are now available when certain exceptions occur
(Ref ansible/ansible#18241)
Also noticed that to_lines was essentially handled in
lib/ansible/plugins/action/__init__.py -- only difference was
it didn't handle a list. to_lines() could be removed across
network modules now, but this commit is only for ios_command.
Also adds disconnect() to ios_command that was added
to ios_config in #5247
After installing a package from the ports collection on a
fresh FreeBSD 11.0, Ansible was unable to enable it, failing with
"unable to get current rcvar value". Debugging showed that sysrc
didn't see the variable from /usr/local/etc/rc.d/myservice, but
adding the value was working.
So we will just fallback to the default value if we can't find it.
There is a desire to not have this module always result in a change if a
password argument is supplied. The OpenStack API does not return a
password back when we get a user, so we've been assuming that if a
password argument was supplied, we should attempt to change the password
(even if nothing else is changing), and that results in a "changed"
state. Now we will only send along a password change attempt if the user
wants one (the default to match history).
Fixes#5217
this fix will now handle loading a multiline banner on ios based
devices without hanging. It separates the processing of banners
from the remainder of the config
link #5318
The module will error if it tries to use a cli command that is not available
on a given platform. This fix will address that problem. If the cli
command is not available, then the command is silently discarded and the
facts that the command output is based on is not returned. Any failed
commands are provided in the module return under the failed_commands
key. This fix also updates the Examples docstring to make it consistent
with other ios_* modules
fixes#5444fixes#5372
Allow installation of PPA repositories on non-Ubuntu Debian derived
distribution targets (e.g. neon, Mint, Debian itself) by removing the
specific check for UbuntuDistribution before allowing PPA: format
sources. This fixes the addition of PPA repositories under KDE neon (as
the codenames match the base Ubuntu distribution).
To make the functionality also useful under Mint and Debian which have
different codenames to their Ubuntu upstream / downstream releases, add
a 'codename' option to override the default used in the PPA source
entry.
* Add 'on the remote server' to `file` parameter description
* Add example showing how to use the `file` parameter, with specific
language about the file's location being on the 'remote server'
This fixes the behavior that the dest is directory,
when we set the "force: no" argument.
To be join the dest and the src's basename,
before checking the "force" argument.
* apt: If the cache object fails to lost due to a corrupt file, try to update the cache until it is fixed.
* Append -q to the update parameters
* Remove unused variable
* Use a string that doesn't rely on internationalization
* Use py24 exception style
* Use get_exception
Fixes#2951
* updated `find_job` method to find by exact match of job, when no matching header comment is found
* note this fallback injects a header comment for later calls to `update_job` or `remove_job`
* abstracted header comment building to `do_comment` method
Fixes#3256
In the description of the find module return value, the sample dict
has its key=value strings converted to key=value: None in the
web documentation. This commit updates the sample output to a 'real'
dict.
Minor additional edit in the description: "return list *of* files".
* Use the `to_native` conversion method to convert a command output to the
appropriate form when looking for branch names in the command output,
therefore avoiding a `TypeError` in Python 3.
In python3, response fields are title cased whereas in python2 they were
not. We return these fields to the module's caller so we need to
normalize all of them to be lower case.
This reverts the lowercase check from 454f741ef5b56cccd123e12d7b2e6fe31d47c755
as that one was only targetted as a single field.
Records whether existing cron file (or CRONCMD output) has a terminating newline, and ensures a trailing newline is written as necessary EVEN IF NO CHANGE WAS MADE to the target env/job
Fixes#2316
make format function 'format only'
added platform dependant info, when it is available
avoid rechecking same info
added comments to each info gathering section
(cherry picked from commit a79acf73d7eb79b76d808ff8a1d6c505dfd9ec82)
builddep only requires a source package to be in the repos but our code
was checking for a binary package before running buiddep. Reversing the
order makes it work correctly.
Fixes#4519
* Only change to short IDs for delete
If the user specifies long IDs, use them for all commands except for
deleting a key. Need to use short IDs there because of an upstream
apt_key bug. Fixed in apt_key 1.10 (fix is present in Ubuntu 16.04 but
not Ubuntu 14.0 or some Debians).
Fixes#5237
* Check that apt-key really erased the key
When erasing a key, apt-key does not understand how to process subkeys.
This update explicitly checks that the key_id is no longer present and
throws an error if it is. It also hints at subkeys being a possible
problem in the error message and the documentation.
Fixes#5119
* Fix apt_key check mode with long ids
apt-key can be given a key id longer than 16 chars to more accurately
define what key to download. However, we can use a maximum of 16
chars to verify whether a key is installed or not. So we need to use
different lengths for the id depending on what we're doing with it.
Fixes#2622
Also:
* Some style cleanups
* Use get_bin_path to find the path to apt-key and then use that when
invoking apt-key
* Return a nice user error message if the key was not found on the
keyserver
* Make file and keyring parameters type='path' so envars and tilde are
expanded
* Make authorized_key preserve key order
Track the ordering of keys in the original file (rank)
and try to preserve it when writing out updates.
Fixes#4780
Comparing to the output of run_command() needs to use native strings
Also fix imports: We were relying on them coming from the import of
basic. A few (like yaml) weren't imported at all.
* Add option for number parameter to generate manually provisioned clusters from a base name
* Refactor code to work with starting and stopped when number is specified
* Update docs
* Fix documentation error breaking Travis
* Fixes for async gce operations
* Fix documentation
* base_name from parameter to alias for name and fixes for renaming variables
* Fix breaking change on gce.py
* Fix bugs with name parameter
* Fix comments for Github build checks
* Add logic to set changed appropriately for cluster provisioning
The last fix allowing multiple definitions of the same option key (for
permitopen support) introduced a set() which removed the guaranteed
ordering of the options.
This change restores ordering. The change is larger than simply
removing the set because we do need to handle the non-dict semantics
around keys not being unique in the data structure. The new code make
use of __setitem__() and items() to do its work. Trying to use
getitem() or keys() should be looked upon with suspicion as neither of
those follow dictionary semantics and it is quite possible the coder
doesn't realize this. The next time we need to touch or enhance the
keydict code it should probably be rewritten to not pretend to extend
the dictionary interface.
* Add separate checkout and update parameters
This brings the svn module in line with the git module for controlling
individual update and checkout functionality based on whether the
directory exists or not.
It also allows specifying `no` for both to pull the remote revision
without performing a checkout
* Update version-added for new parameters
* Add separate clone parameter
This brings the hg module in line with the git module for controlling
individual update and checkout functionality based on whether the
directory exists or not.
It also allows specifying `no` for both to pull the remote revision
without performing a checkout
* Reflect the right added ver for the hg clone arg
Support the new native YAML format in the CloudFormation API. This means
the existing `template_format` parameter is deprecated. This commit also
adds a warning for the deprecated parameter.
* Run validate-modules from devel
Use a clean dir for checkout
typo
Correct path
validate-modules requires mock and voluptuous==0.8.8
typo
Ensure script is running
Remove testing debug
Install Ansible only once
Install ansible and validate_modules requirements
Now that we no longer pip install Ansible we need to manually install
it's dependencies
Debug
Dependencies are listed in ansible/ansible
debug
submodules
typo
typo
working
* Matt's feedback
* Use mktemp to checkout and delete directory after running
* Single quotes
the docker container module's `exposed_ports` was slightly ambigous.
Use the official Docker documentation to define what an `exposed port`
is.
Resolves: ansible/ansible-modules-core#5303
Signed-off-by: Daniel Andrei Minca <mandrei17@gmail.com>
Since dict.keys return a dictkeys under python 3, we hav to cast it
to a list to avoid traceback:
Traceback (most recent call last):
File "/tmp/ansible_sh16ejbd/ansible_module_authorized_key.py", line 496, in <module>
main()
File "/tmp/ansible_sh16ejbd/ansible_module_authorized_key.py", line 490, in main
results = enforce_state(module, module.params)
File "/tmp/ansible_sh16ejbd/ansible_module_authorized_key.py", line 410, in enforce_state
parsed_new_key = parsekey(module, new_key)
File "/tmp/ansible_sh16ejbd/ansible_module_authorized_key.py", line 308, in parsekey
options = parseoptions(module, options)
File "/tmp/ansible_sh16ejbd/ansible_module_authorized_key.py", line 259, in parseoptions
options_dict[key] = value
File "/tmp/ansible_sh16ejbd/ansible_module_authorized_key.py", line 164, in __setitem__
self.itemlist.append(key)
AttributeError: 'dict_keys' object has no attribute 'append'
Yet another fix for https://github.com/ansible/ansible/pull/18053
- Don't rewrite the result; this is causing 'changed=true' on update
- Move AWSRetry import to top since it's a decorator, and is needed at definition-time
- removed star-imports, which wasn't possible in Ansible 1.x
- boto doesn't have any of the modern features (most notably, changesets), so this rewrite goes all-in on boto3.
- tags are updateable, at least in boto3. Fix documentation.
- staying with "ansible yaml to json conversion" because I'm trying to keep this scoped properly. The next PR will have AWS-native yaml support.
- documented the output. Tried to leave it backwards-compatible but the changes to 'events' might break someone's flow. However, the existing data wasn't terribly useful so I don't assume it will hurt.
- split up the code into functions. This should make unit testing possible.
- added forward-facing code: 'six' for iterating, started using AWSRetry, common tag conversion.
- add todo list
- Pass `exception` parameter to fail_json
Since the module use re and os, we need to import them.
And rather than importing '*', we should limit to the
only object/function needed, so we can more easily refactor
later.
The implementation is fairly simple, we force the rc= parameter to not be zero so that the check in _executor/task_result.py_ correctly determines that it failed. Without this change Ansible would report the task to be ok (despite failed=True and msg=Some_error_message) although Ansible stops and the summary output reports a failed task.
This fixes#4214, #4384 and also relates to ansible/ansible#12070, ansible/ansible#16006, ansible/ansible##16597, ansible/ansible#17208 and ansible/ansible#17252
This fixes a bug where the module fails to verify tags. I added a conditional statement in `verify_commit_sign()` that checks if `version` argument is a tag, if so, use `git verify-tag` instead.