1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00
Commit graph

3238 commits

Author SHA1 Message Date
Colin Nolan
db50650365 Adds support for all Consul 0.8 ACL rule scopes (#25800)
* Added in support for 'agent' and 'node' types.

* Tidies and moves `consul_acl` module closer to PEP8 compliance.

* Switched from using byspoke code to handle py2/3 string issues to using `to_text`.

* Made changes suggested by jrandall in https://github.com/ansible/ansible/pull/23467#pullrequestreview-34021967.

* Refactored consul_acl to support scopes with no pattern (and therefore a different HCL defintion).

* Corrects whitespace in Consul ACL HCL representation.

* Fixes Consul ACL to return the HCL equivalent JSON (according to the Consul docs) for the set ACLs.

* Repositioned import to align with Ansible standard (!= PEP8 standard).

* Adds Python 2.6 compatibility.

* Fixes PEP8 issues.

* Removes consul_acl.py as it now passes PEP8.

* Follows advice in the "Documenting Your Module" guide and moves imports up from the bottom.

* Tidies consul_acl module documentation.

* Updates link to guide about Consul ACLs.

* Removes new line spaces from error message string.

* Provide better error message if user forgets to associate a value to a Consul ACL rule.

* Minor refactoring of Consul ACL module.

* Fixes bug that was breaking idempotence in Consul ACL module.

* Detects redefinition of same rule.

* Adds test to check the Consul ACL module can set rules for all supported scopes.

* Fixes return when updating an ACL.

* Clean up of Consul ACL integration test file.

* Verify correct changes to existing Consul ACL rule.

* Adds tests for idempotence.

* Splits Consul ACL tests into cohesive modules.

* Adds test for deleting Consul ACLs.

* Test that Consul ACL module can set all rule scopes.

* Fixes issues surrounding the creation of ACLs.

Thanks for the comments by manos in https://github.com/ansible/ansible/pull/25800#issuecomment-310137889.

* Stops Consul ACL's name being "forgotten" if ACL updated by token.

* Fixes incorrect assignment when a Consul ACL is deleted.

* Fixes value of `changed` when Consul ACL is removed.

* Fixes tests for Consul ACL.

* Adds interal documentation.

* Refactors to separate update and create (also makes it possible to unit test this module).

* Improves documentation.

* Completes RETURN documentation for Consul ACL module.

* Fixes issue with equality checking for `None` in ACL Consul.

* Fixes Python 2 issue with making a decision based on `str` type.

* Fixes inequality check bug in Python 2.

* Adds tests for setting ACL with token.

* Adds support for creating an ACL with a given token.

* Outputs operation performed on Consul ACL when changed.

* Fixs issue with test for creating a Consul ACL with rules.

* Corrects property used to set ACL token in python-consul library.

* Fixes tear-down issue in test that creates a Consul ACL using a token.
2017-08-09 15:21:12 -04:00
saichint
14186af558 Fix for nxos_ospf idempotent issue (#27913) 2017-08-09 11:25:35 -04:00
Nathaniel Case
01dda25e0f fix nxapi transport in nxos_snmp_location (#27849)
* fix nxapi transport in nxos_snmp_location

* Appease Shippable
2017-08-09 09:44:02 -04:00
Nathaniel Case
c1bf74283e Network load_config: Capture configuration output and display as warnings (#27851)
* Capture configuration output and display as warnings

* Don't break on nxapi

nxapi errors very loudly instead, so no need to muck about with warnings
2017-08-09 09:43:04 -04:00
Ricardo Carrillo Cruz
9f26b853e8 Remove vyos_facts neighbors integration tests (#27957)
The tests rely on setting the lldp IP on the management interface.
However, the IP discovered is the private IP of the node, and tests
require accessing it via Nodepool node public IP.
Removing that test for now to get CI green again, we'll reasses once we
release 2.4.
2017-08-09 15:24:27 +02:00
Trishna Guha
a005ca035d remove replace config test (#27953)
remove replace config eos_config test
2017-08-09 18:04:11 +05:30
Ricardo Carrillo Cruz
0f77afbd60 Change play timeout for persistent connection command timeout (#27948)
There's been a change in persistent connect framework that switches
playbook timeout (which corresponds to 'timeout' param) to command_timeout.
While we fix this and return the functionality, let's put the command_timeout
in place to avoid CI being red.
2017-08-09 12:44:36 +02:00
Ganesh Nalawade
c05b303db5 junos lldp interface test fix (#27946) 2017-08-09 15:17:36 +05:30
Trishna Guha
dd8b65395f fix eos failed tests (#27945)
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
2017-08-09 15:14:42 +05:30
Matt Clay
a40cb5a47f Miscellaneous ansible-test updates. (#27937)
* Add keep alives to ansible-test ssh delegation.
* Improve ansible-test JSON parsing error messages.
* Increase ansible-test delegation sleep and retry.
* Update ansible-test to recognize .psm1 files.
2017-08-08 22:55:17 -07:00
Dag Wieers
6874ba23ff New module: Support manipulating XML files (#25323)
* Import original unmodified upstream version

This is another attempt to get the xml module upstream.
https://github.com/cmprescott/ansible-xml/

This is the original file from upstream,
without commit 1e7a3f6b6e2bc01aa9cebfd80ac5cd4555032774

* Add additional changes required for upstreaming

This PR includes the following changes:

- Clean up of DOCUMENTATION
- Rename "ensure" parameter to "state" parameter (kept alias)
- Added EXAMPLES
- Remove explicit type-case using str() for formatting
- Clean up AnsibleModule parameter handling
- Retained Python 2.4 compatibility
- PEP8 compliancy
- Various fixes as suggested by abadger during first review

This fixes cmprescott/ansible-xml#108

* Added original integration tests

There is some room for improvement wrt. idempotency and check-mode
testing.

* Some tests depend on lxml v3.0alpha1 or higher

We are now expecting lxml v2.3.0 or higher.
We skips tests if lxml is too old.

Plus small fix.

* Relicense to GPLv3+ header

All past contributors have agreed to relicense this module to GPLv2+, and GPLv3 specifically.

See: https://github.com/cmprescott/ansible-xml/issues/113

This fixes cmprescott/ansible-xml#73

* Fix small typo in integration tests

* Python 3 support

This PR also includes:
- Python 3 support
- Documentation fixes
- Check-mode fixes and improvements
- Bugfix in check-mode support
- Always return xmlstring, even if there's no change
- Check for lxml 2.3.0 or newer

* Add return values

* Various fixes after review
2017-08-08 20:21:03 -07:00
Matt Clay
5cb3acaed1 Add missing unit test requirement. 2017-08-08 17:15:23 -07:00
Adrian Likins
c38ff3b8f8 pylint fixes for vault related code (#27721)
* rm unneeded parens following assert
* rm unused parse_vaulttext_envelope from yaml.constructor
* No longer need index/enumerate over vault_ids
* rm unnecessary else
* rm unused VaultCli.secrets
* rm unused vault_id arg on VaultAES.decrypt()

pylint: Unused argument 'vault_id'
pylint: Unused parse_vaulttext_envelope imported from ansible.parsing.vault
pylint: Unused variable 'index'
pylint: Unnecessary parens after 'assert' keyword
pylint: Unnecessary "else" after "return" (no-else-return)
pylint: Attribute 'editor' defined outside __init__

* use 'dummy' for unused variables instead of _

Based on pylint unused variable warnings.

Existing code use '_' for this, but that is old
and busted. The hot new thing is 'dummy'. It
is so fetch.

Except for where we get warnings for reusing
the 'dummy' var name inside of a list comprehension.

* Add super().__init__ call to PromptVaultSecret.__init__
pylint: __init__ method from base class 'VaultSecret' is not called (super-init-not-called)

* Make FileVaultSecret.read_file reg method again

The base class read_file() doesnt need self but
the sub classes do.

Rm now unneeded loader arg to read_file()

* Fix err msg string literal that had no effect
pylint: String statement has no effect

The indent on the continuation of the msg_format was wrong
so the second half was dropped.

There was also no need to join() filename (copy/paste from
original with a command list I assume...)

* Use local cipher_name in VaultEditor.edit_file not instance
pylint: Unused variable 'cipher_name'
pylint: Unused variable 'b_ciphertext'

Use the local cipher_name returned from parse_vaulttext_envelope()
instead of the instance self.cipher_name var.

Since there is only one valid cipher_name either way, it was
equilivent, but it will not be with more valid cipher_names

* Rm unused b_salt arg on VaultAES256._encrypt*
pylint: Unused argument 'b_salt'

Previously the methods computed the keys and iv themselves
so needed to be passed in the salt, but now the key/iv
are built before and passed in so b_salt arg is not used
anymore.

* rm redundant import of call from subprocess
pylint: Imports from package subprocess are not grouped

use via subprocess module now instead of direct
import.

* self._bytes is set in super init now, rm dup

* Make FileVaultSecret.read_file() -> _read_file()

_read_file() is details of the implementation of
load(), so now 'private'.
2017-08-08 16:10:03 -04:00
schwatvogel
b8d371ca8b Fixes #23558 rpm key ids (#27847)
* Changed rpm-keyid extraction and verification method
* minor style fixes
* fixed rpm key deletion,added integration test for mono key,fixed wording in integration tests
2017-08-08 11:56:03 -07:00
Matt Clay
2d2377bccc Remove f5 test requirements to fix CI. 2017-08-08 11:20:53 -07:00
saichint
babec35faa Fix nxos_vtp_password and nxos_vrf_interface for remove idempotency tests (#27724)
* fixes for 27600 27676

* add sanity tests
2017-08-08 12:40:22 -04:00
David Newswanger
b985c34dd4 added integration tests for vyos_facts (#26748)
* broke vyos facts into two files

* list vyos facts when failing

* dynamically determine ip

* broke up assert
2017-08-08 18:20:47 +02:00
Abhijeet Kasurde
e244deedbd Add wait for vcsim to come online (#27887)
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2017-08-08 09:15:51 -04:00
mzizzi
4648dc9702 [cloud] Add more configurable backoff implementations to CloudRetry/AWSRetry (#27251) 2017-08-08 08:56:46 -04:00
Moritz Grimm
11af034255 moved aws elasticache module to boto3 (#27441)
* moved aws elasticache module to boto3

* fixed error and improved code

* implemented requested changes

* now checking for missing boto3 packages in a better way

* now dynamically setting the default port depending on the engine if it is not set

* moved standard import in front of ansible ones

* now case insensitive in regards to engine name

* removed superfluous spaces

* now checking for None in the correct way

* removed elasticache module from exceptions to pep8 testing

* removed hardcoded default ports and letting aws decide if no port is given
2017-08-08 08:39:09 -04:00
Willem van Ketwich
6d402de25e ec2 launch configuration boto3 upgrade (#26348)
Updates ec2_lc module to use boto3. Adds parameters:

instance_id
placement_tenancy

Also added a second example using instance_id and updated the docs with the new parameters.
2017-08-08 22:11:06 +10:00
Toshio Kuratomi
44935a5db6 Add a (disabled) code-smell test for detecting _ variables
We are reserving the _ identifier for i18n work.  Code should use the
identifier dummy for dummy variables instead.

This test is currently skipped as someone needs to generate the list of
files which are currently out of compliance before this can be turned
on.
2017-08-07 11:11:31 -07:00
Mike Wiebe
65cf31e1ce Fix nxos_interface_ospf idempotence issue (#27783)
* Add tests and fix 27167

* Add modify test
2017-08-07 13:54:31 -04:00
Dag Wieers
3a86579b69 vcenter_license: New module to manage vCenter licenses (#25143)
This module supports check-mode and diff output.
It also includes basic integration tests.

This PR fixes #24971
2017-08-07 12:49:29 -04:00
Dag Wieers
71163d4d61 vmware_cluster: PEP8, imports, cosmetics (#25140)
This PR includes:
- Documentation improvements (mostly related to boolean defaults)
- Make PEP8 compliant
- Ensure imports are specific
- Few cosmetic changes (sort lists, casing, punctuation)
2017-08-07 12:44:27 -04:00
Nathaniel Case
b9e80b6117 nxos_vrf_interface cleanup (#27642)
* Update RETURN, results, & execute_show_command
2017-08-07 10:57:45 -04:00
Jordan Borean
0b69f3e40d win_stat: removed file in use test as it is too tempormental (#27832) 2017-08-07 14:23:01 +10:00
Jordan Borean
107e177658 win_stat: add explicit error message when file is in use (#27826)
* win_stat: add explicit error message when file is in use

* make the lock last a bit longer
2017-08-07 12:04:42 +10:00
Ricardo Carrillo Cruz
0343ac1a9d Fix asserts of junos_command netconf_json notequal and lessthanorequal (#27818) 2017-08-06 10:06:53 +02:00
Matt Clay
f7bfa96caf Use 0 instead of None for line and offset. 2017-08-05 23:12:02 -07:00
Matt Clay
af9b0ba47b Replace opensuse42.1 with opensuse42.3 in CI. 2017-08-05 12:56:31 -07:00
Ricardo Carrillo Cruz
99e92f4bca Fix junos_command netconf_json lessthanorequal (#27808) 2017-08-05 20:55:11 +02:00
Ricardo Carrillo Cruz
0e4cbb4bf1 Remove inventory_hostname assert on junos_command netconf_text contains (#27807)
CI nodes have UUIDs as hostnames, not Ansible inventory hostnames.
2017-08-05 19:44:25 +02:00
Ricardo Carrillo Cruz
6a6bcb6749 Fix junos_command netconf_xml notequal asserts (#27806) 2017-08-05 17:49:48 +02:00
Ricardo Carrillo Cruz
2ad56c0700 Add a timeout to force socket creation on re-setting netconf port (#27801) 2017-08-05 15:28:06 +02:00
René Moser
fdaa803cca cloudstack: cs_vmsnapshot: fix pep8 (#27792) 2017-08-05 10:34:17 +02:00
René Moser
f1ef61da4e cloudstack: cs_domain: tests: add update tests (#27791) 2017-08-05 10:33:01 +02:00
Matt Clay
e1cfcdbbc6 Add opensuse42.3 docker image. 2017-08-05 00:03:11 -07:00
Matt Clay
c59e32469f Add Fedora Python 3 Docker images and fix tests. (#27794)
* Add new Fedora docker images with Python 3.
* Use consistent env var for lookup test.
* Fix testing of virtualenv with Python 3.
* Fix docker_secret tests on Fedora 26.
* Add Python 3 support to Fedora postgresql test.
* Add Python 3 support to Fedora mysql tests.
* Fix uri test server for Python 3 on Fedora.
* Fix iso_extract test for Python 3 on Fedora.
* Add Python 3 support for Fedora to openssl tests.
* Fix dnf group test for Python 3 on Fedora.
* Use force with user deletion in become test.
2017-08-04 21:12:35 -07:00
Dag Wieers
941738a686 ansible-test: Fix environments with LD_LIBRARY_PATH 2017-08-04 13:53:52 -07:00
Matt Clay
bf17cb6edd Test iso_extract on OS X. 2017-08-04 13:46:05 -07:00
Matt Clay
2cafb934eb Update vcenter-simulator base to fedora:26 image.
This is required because govmomi now requires go 1.8+ to be installed.
2017-08-04 13:44:25 -07:00
Ganesh Nalawade
634327c5f6 Fix ios_fact integration test issue (#27771)
Fixes #27563
2017-08-05 00:47:53 +05:30
Ganesh Nalawade
02bcd7c0ed Fix for junos_netconf test failures in dci (#27776) 2017-08-05 00:47:32 +05:30
Dag Wieers
25e67d804c iso_extract: Reimplement using 7zip (not requiring root) (#24937)
* Reimplement iso_extract using 7zip (not requiring root)

So one of the drawbacks of the original implementation is that it required root for mounting/unmount the ISO image.
This is now no longer needed as we use 7zip for extracting files from the ISO.

* Fall back to using mount/umount if 7zip not found

As discussed with others.

Also improved integration tests.
2017-08-04 14:38:42 -04:00
Ricardo Carrillo Cruz
8e9fe76434 Replace mtu for for local-index on junos_command lessthan (#27772) 2017-08-04 17:56:41 +02:00
Dag Wieers
a98e3fb81f Add RETURN information, doc improvements and PEP8
This PR includes:
- RETURN information (since the difference between status_code and
  status was confusing)
- Improvements to parameter definition (and docs)
- PEP8 compliancy
2017-08-04 08:21:50 -07:00
Ganesh Nalawade
0f261964f7 Make junos integration test checks platform independent (#27768) 2017-08-04 17:18:57 +02:00
Pilou
b57af4428d rhn_register: fix broken imports, add unit tests (#26878)
Fix 'module' object is not callable

* rhn_register: fix Python 3 compatibility
* rhn_register: update requirements
* rhn_register: add unit tests
* Add missing method name
* use a dedicated line for XML related requirements
* rhn_register: drop support for Python 2.4
* rhn_register unit tests: fix Python 3 compatibility
* refactor in order to check order of the requests
2017-08-04 10:12:27 -04:00
Dag Wieers
0342760f5b sefcontext: PEP8 compliancy (#27742) 2017-08-04 10:01:17 -04:00
Ganesh Nalawade
3c09f69765 change netconf test port from 8080 to 22 (#27761) 2017-08-04 19:30:00 +05:30
Philippe Dellaert
6d33e59ca1 Fix for subspec options validation issue #27715 (#27728)
* Fix for issue ansible/ansible#27715

* Also fixing mutually exclusive check

* Updating subspec checks
These changes take into account a spec with all features enabled and do
the following tests for subspecs:
1. Test proper specs
2. Test Alias
3. Test missing required param
4. Test mutually exclusive params
5. Test required if params
6. Test required one of params
7. Test required together params
8. Test required if params with a default value
9. Test basis subspec params
10. Test invalid subsec params
2017-08-04 19:10:38 +05:30
Ganesh Nalawade
181b31e282 junos integration test fixes for dci (#27759) 2017-08-04 18:46:57 +05:30
René Moser
5700b09610 cloudstack: new module cs_instance_nic_secondaryip, replaces cs_nic (#26491) 2017-08-04 15:01:12 +02:00
Ricardo Carrillo Cruz
c4c99d66fc Replace fxp0 for lo0 on junos_command equal and notequal tests (#27758)
The nodes in the CI do not use fxp nomenclature, but em.
Use lo0, as that's common for nodes in our CI and our test lab.
2017-08-04 14:46:59 +02:00
Peter Sprygada
7b604368d3 adds new filter plugins for network use cases (#27695)
* adds new filter plugins for network use cases

* adds parse_cli filter
* adds parse_cli_textfsm filter
* adds Template class to network_common
* adds conditional function to network_common

* fix up PEP8 issues
2017-08-04 07:47:12 -04:00
Ricardo Carrillo Cruz
19b1361184 Remove assert that junos command xml contains inventory_hostname_short (#27754)
The test assumes the node has the hostname set as the inventory_hostname_short.
That's not the case in our CI, we the inventory_hostname is a UUID, returned
by the openstack dynamic inventory.
2017-08-04 13:38:59 +02:00
Ricardo Carrillo Cruz
623235857f Change tx delay to 2 on the rest of junos_lldp tests (#27753) 2017-08-04 12:57:36 +02:00
Ricardo Carrillo Cruz
3acd192843 Fix assert on junos_lldp tx delay (#27752) 2017-08-04 12:46:35 +02:00
Ricardo Carrillo Cruz
a904f9c047 Change the transmit delay on junos_lldp test (#27750)
We are getting this error message:
"Advertisement-interval should be greater than or equal to four times the tx-delay".
Changing transmit delay to 2 meets that constraint.
2017-08-04 12:04:42 +02:00
Dag Wieers
a34ef12d73 hpilo modules: PEP8 fixes (#27739) 2017-08-04 11:52:31 +02:00
Ganesh Nalawade
d3e5d30f7c Add aggregate for junos modules and sub spec validation (#27726)
* Add aggregate for junos modules and sub spec validation

*  aggregate support of junos modules
*  aggregate sub spec validation
*  relevant changes to junos integration test
*  junos module boilerplate changes

* Add new boilerplate for junos modules

* Fix CI issues
2017-08-04 14:55:58 +05:30
Dag Wieers
bcb3e33adb command: PEP8 compliancy (#27740) 2017-08-04 08:39:13 +02:00
Toshio Kuratomi
fbf6cb8fff Add boilerplate to fetch.py
This completes the modules/files directory so we can now check it for
regressions.
2017-08-03 13:15:12 -07:00
Toshio Kuratomi
f4d7b9a596 code-smell test changes
* Create get_exception and wildcard import code-smell tests
* Add more detail to boilerplate and no-basestring descriptions
* Remove the no-list-cmp test as the pylint undefined-variable test covers it
2017-08-03 13:15:12 -07:00
Pierre-Louis Bonicoli
33e8c83fde vca_nat: 'import' test is successful 2017-08-03 13:12:25 -07:00
Sloane Hertel
467a1f54a3 s3_bucket: fix python3 sorting incompatibility (#27502)
* s3_bucket: fix policy sorting for python3 so strings are evaluated as less than tuples.

Add tests to ensure this behavior is maintained.

* Fix s3_bucket comparison function to work on both Python 3.5 and 3.6

* s3_bucket: document that cmp_to_key is used for python 2.7.

Add another test for s3_bucket to compare policies of different sizes.

* fix pep8

* Work around code-smell grepping by not using the word 'cmp'.
2017-08-03 15:41:26 -04:00
Sloane Hertel
dbbad16385 [cloud] New module: Add module for managing AWS Datapipelines (cloud/amazon/data_pipeline) (#22878)
* New module for managing AWS Datapipelines

* Supports create/activate/deactivate and deletion
* Handles idempotent creation by embeding the version in the
uniqueId field
* Waits for requested state to be reached, as Botocore doesn't
have waiters yet for datapipelines

* rename module, fix imports, add tags option, improve exit_json results, fix a couple bugs, add a TODO so I don't forget

fix pep8

allow timeout to be used for pipeline creation

make .format syntax uniform

fix pep8

fix exception handling

allow pipeline to be modified, refactor, add some comments, remove unnecessary imports

pipeline activation may not be in the activated state long

remove datapipeline version option

change a loop to a list comprehension

create idempotence by hashing the options given to the module minus the objects (which can be modified)

small bugfix

* data_pipeline unittests

make unittests pep8

fix bug in unittests

* remove exception handling that serves no purpose

* Fix python3 incompatibilities in datapipeline tests and add placebo fixture maybe_sleep for faster tests

Fix python3 incompatibilities in data_pipeline build_unique_id()

Don't delete a pipeline in diff_pipeline() because it's unexpected

Don't use time.time() because it causes an issue with placebo testing

re-recorded tests

fix pep8 in data_pipeline

Remove disable_rollback from tests

Make sure unique identifier is a string

re-record tests

* improve documentation and add another example

* use a placebo fixture instead of redundant code in tests

fix tests for PLACEBO_RECORD=false

* Fix data_pipeline docs

use isinstance instead of type()

fix documentation

* fix documentation

* Remove use of undefined variable from data_pipeline module and fix license

* fix copyright header
2017-08-03 15:04:10 -04:00
Abhijeet Kasurde
97240a9ebc Fix for missing import and boilerplate
Fix adds missing imports and boilerplate for proxysql.
It also remove get_exception calls in-favor of native exception.

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2017-08-03 09:40:44 -07:00
George Nikolopoulos
31b4ae2e6a New module: manage Citrix Netscaler GSLB site configuration (network/netscaler/netscaler_gslb_site) (#27639)
* Add netscaler_gslb_site

* Lowercase enabled, disabled option values

* Add fixes in netscaler module utils needed for unit test success
2017-08-03 15:26:17 +01:00
George Nikolopoulos
d88c07a037 New module: manage Citrix Netscaler GSLB service configuration (network/netscaler/netscaler_gslb_service)) (#27638)
* Add netscaler_gslb_service

* Lowercase enabled, disabled option values

* Add fixes in netscaler module utils needed for unit test success
2017-08-03 15:26:05 +01:00
George Nikolopoulos
cd865be987 New module: manage Citrix Netscaler SSL certificate keys (network/netscaler/netscaler_ssl_certkey)) (#27641)
* Add netscaler_ssl_certkey

* Fix options

* Lowercase enabled, disabled option values

* Add fixes in netscaler module utils needed for unit test success
2017-08-03 15:24:56 +01:00
George Nikolopoulos
e2f907ae3e Add netscaler_gslb_vserver (#27640) 2017-08-03 12:32:10 +01:00
Trishna Guha
60b3f80c6c add replace testcase eos_config (#27693)
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
2017-08-03 12:30:35 +01:00
Matt Clay
9965435b56 Switch back to FreeBSD 11.0 for CI stability. 2017-08-02 22:24:40 -07:00
Matt Clay
66c35f60d2 Update ansible-test completions to match CI. 2017-08-02 21:20:45 -07:00
Felipe Garcia Bulsoni
b060d0ccba Initial commits for integration of HPE OneView resources with Ansible (#26026)
* Initial commit for integration of HPE OneView resources with Ansible Core. Adding FC Network and FC Network Fact modules and unit tests, and OneView base class for all OV resources.
2017-08-02 19:54:32 -07:00
Jordan Borean
8bb10bb225 removed requirements on WANT_JSON and POWERSHELL_COMMON (#27679) 2017-08-02 18:47:17 -07:00
Adrian Likins
6fbd0a8bb5 Add set_fact_persistent action and module. (#26153)
* Add 'cacheable' param to  set_fact action and module.

Used just like set_fact, except facts set with cacheable: true
will be stored in the fact cache if fact caching is enabled.

set_fact normally only sets facts in the non_persistent_fact_cache, so they
are lost between invocations.

* update set_facts docs

* use 'ansible_facts_cacheable' in module/actions result

* pop fact cacheable related items out of args/results

We dont want to use 'ansible_facts_cacheable' result item
or 'cacheable' arg as actual facts, so pop them out of the
dicts.
2017-08-02 15:57:58 -04:00
Abhijeet Kasurde
5e2184c683 Fixing broken imports and get_exception for ipa
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2017-08-02 09:53:02 -07:00
Adrian Likins
27a015f0ad add a 'min' type for gather_subset to collect nothing (#27085)
previously gather_subset=['!all'] would still gather the
min set of facts, and there was no way to collect no facts.

The 'min' specifier in gather_subset is equilivent to
exclude the minimal_gather_subset facts as well.

   gather_subset=['!all', '!min'] will collect no facts

This also lets explicitly added gather_subsets override excludes.

   gather_subset=['pkg_mgr', '!all', '!min'] will collect only the pkg_mgr
fact.
2017-08-02 11:04:01 -04:00
mharista
c85f363aaa Add module cv_server_provision for integration with Arista CloudVision Portal. (#25450)
* Add module cv_server_provision for integration with Arista CloudVision Portal.

* Doc update.

* Remove shebang from test file. Update short description with company and product name.

* Update exception syntax to Python3 style.

* Remove blank line between imports.

* Remove newlines from RETURN documentation.

* Add cvprac to unittest requirements.

* Update unittest format. Add a few additional tests.

* Mock exceptions from cvprac so the library is not needed for unittests.

* Mock cvprac imports.

* Update unit tests to support python 3.5.

* Mock full cvprac library for unittests.

* Update Jinja2 import to pass updated CI checks.

* Update cvprac imports format for new CI tests.

* Add __metaclass__ and __future__.
2017-08-02 15:24:52 +01:00
jctanner
baf1ed9100 [WIP] Create preserved_copy function in basic.py to perserve file ownership. (#27344)
Create preserved_copy function in basic.py to perserve file ownership.

* Add a test for template preserved backup
* Use a script to get the random names
* bytes to strings
* Remove dump of hostvars
* Stop being fancy and create a testuser instead
* Fix pep8
* set file attributes
* Pass the correct data to set_attributes_if_different
* Use -j instead -b and pass the attributes as a string instead of a list
* remove debugging message
* Use shell to softly set the attr

Fixes #24408
2017-08-02 10:04:09 -04:00
Nathaniel Case
b93878b685 Minor cleanup to nxos_vrrp (#27593)
* Safe changes

* Fold `[0]` into `execute_show_command()`

We only ever execute one command, so only return the one response

* Streamline `results`
2017-08-02 08:46:44 -04:00
Ganesh Nalawade
94748e1728 Fix junos_command test failure (#27627)
Add a loopback interface check instead
of device specific management interface
2017-08-02 15:18:13 +05:30
Ganesh Nalawade
505f3bfcac Fix multiple issues in junos integration test (#27624) 2017-08-02 14:11:10 +05:30
John R Barker
2233d9aeb2 network-integration UserKnownHostsFile=/dev/null (#27622) 2017-08-02 09:18:22 +01:00
Ganesh Nalawade
37670b09f5 Fix junos_linkagg integration test failure (#27621)
Fixes #27574
2017-08-02 12:46:15 +05:30
Ganesh Nalawade
6e0741e8b6 Add dependency to run junos integration test (#27620) 2017-08-02 11:28:34 +05:30
Trishna Guha
9304d6cb01 fix nxos_user integration test (#27619)
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
2017-08-02 10:28:12 +05:30
Sloane Hertel
517c91df18 ec2_group: add integration test for port ranges (#27112)
* fix port ranges for ec2_group and add a test to verify
2017-08-02 13:58:26 +10:00
Andrew Saraceni
435a562630 Rename win_group_member module to win_group_membership (#27614)
* rename win_group_member to win_group_membership

* adding details to BOTMETA.yml
2017-08-02 12:06:39 +10:00
Jordan Bach
24e393aef1 allow use of jinja2 variables for ec2_group from_port/to_port params (#27145) 2017-08-02 10:26:38 +10:00
Adrian Likins
2b0a7338d4 Handle win style CRLF newlines in vault text (#27590)
When parsing a vaulttext blob, use .splitlines()
instead of split(b'\n') to handle \n newlines and
windows style \r\n (CRLF) new lines.

The vaulttext enevelope at this point is just the header line
and a hexlify()'ed blob, so CRLF is a valid newline here.

Fixes #22914
2017-08-01 18:53:22 -04:00
Ricardo Carrillo Cruz
8f18ca45f1 Comment cli provider creds on junos group_vars (#27611)
We set the ansible_ssh_user and ansible_ssh_pass at the inventory level,
commenting these out to avoid precedence issue.
2017-08-02 00:46:31 +02:00
Ricardo Carrillo Cruz
f8582c985a Comment the user/pass of Junos group_vars netconf provider (#27610)
We set the ansible_ssh_user and ansible_ssh_pass on the Junos
group. However, that has lower precedence than group_vars.
Commenting the group_vars so we have the creds for all Nodepool nodes
within the inventory.
2017-08-02 00:26:06 +02:00
Ricardo Carrillo Cruz
2de404e90a Enable log_path on network integration targets (#27608)
Logs it to /tmp/ansible-test.out
2017-08-02 00:09:51 +02:00
Adrian Likins
75a8be9a5d Add back support for vault_password_file config var (#27597)
Got removed in arg parsing updates. Now added back in
setup_vault_secrets().

The default value for DEFAULT_VAULT_PASSWORD_FILE was also
set to '~' for some reason, change to to no default.

Add integration tests.
2017-08-01 18:07:33 -04:00
Robin Roth
b134352d8c WIP: Replace boilerplate (#27554)
* Replace boilerplate

* Enable test on packaging/os
2017-08-01 14:37:37 -07:00
saichint
37392318a6 fix nxos_vlan and nxos_switchport issues (#27505) 2017-08-01 16:27:12 -04:00
Sloane Hertel
ad2c1e1838 [cloud] ec2_customer_gateway: add routing option to allow bgp_asn to be optional (#27276)
fixes #27157

 add routing option to allow bgp_asn to be optional
2017-08-01 14:54:34 -04:00
Roman Belyakovsky
42039cd436 New module: manage debian network interfaces file /etc/network/interfaces (system/interfaces_file) (#25295)
* Added new module interfaces_file

* interfaces_file: added unit tests

* interfaces_file: added golden files for unit tests

* interfaces_file: moved to system modules

* interfaces_file: fixed code formatting and convention issues
2017-08-01 12:11:43 -06:00
Ganesh Nalawade
c4e06a1735 ios implementation for net_interface (#27459)
* ios implementation for net_interface

*  ios_interface implementation
*  ios_interface integration test

* net_interface integration test for ios and other refactor

* Update boilerplate and minor refactor
2017-08-01 11:50:08 -06:00
James Mighion
4dd8f281d6 Adding aruba_config module (#27130)
* Adding aruba_config module.

* Fixing documentation.

* Forgot action plugin.
2017-08-01 11:44:26 -06:00
George Nikolopoulos
f204e7cb33 New module: manage Citrix Netscaler content switching virtual server configuration (network/netscaler/netscaler_cs_vserver) (#26245)
* Add netscaler_cs_vserver

* Correct version_added
2017-08-01 18:43:59 +01:00
George Nikolopoulos
36537186e3 New module: manage Citrix Netscaler content switching policy configuration (network/netscaler/netscaler_cs_policy) (#26189)
* Add netscaler_cs_policy

* Correct version_added
2017-08-01 18:35:29 +01:00
George Nikolopoulos
e329c9da8c New module: manage Citrix Netscaler servicegroup configuration (network/netscaler/netscaler_servicegroup)) (#26183)
* Add netscaler_servicegroup

* Correct version_added
2017-08-01 18:34:28 +01:00
George Nikolopoulos
7df14bd2b0 New module: manage Citrix Netscaler load balancer virtual servers configuration (network/netscaler/netscaler_lb_vserver) (#26144)
* Add netscaler_lb_vserver

* Correct version_added
2017-08-01 18:33:35 +01:00
George Nikolopoulos
ac0c5dec2f Add netscaler_lb_monitor (#26143) 2017-08-01 11:30:47 -06:00
Benjamin Jolivot
753b26ccf9 Manage Fortios/Fortigate Address (#21542)
* New module fortios_address

* Add module_utils required_if + fix Doc

* Merge spec & required_if from module_utils

* Fix pep8

* Py2.5 compat , cosmetic changes

* Fix param timeout

* Fortios_address module + integration tests

* add netaddr library in requirements for integration tests

* Pep8 problems

* ANSIBLE_METADATA.version -> ANSIBLE_METADATA.metadata_version
2017-08-01 11:17:12 -06:00
Trishna Guha
1b7ac73c85 fix enabling nxapi for nxos integration testsuite (#27587)
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
2017-08-01 18:08:44 +01:00
Adrian Likins
17ab546c48 Add 2.0-2.3 facts api compat (ansible_facts(), get_all_facts()) (#27294)
* Add 2.0-2.3 facts api compat (ansible_facts(), get_all_facts())

These are intended to provide compatibilty for modules that
use 'ansible.module_utils.facts.ansible_facts' and
'ansible.module_utils.facts.get_all_facts' from 2.0-2.3 facts
API.

Fixes #25686

Some related changes/fixes needed to provide the compat api:

* rm ansible.constants import from module_utils.facts.compat

Just use a hard coded default for gather_subset/gather_timeout
instead of trying to load it from non existent config if the
module params dont include it.

* include 'external' collectors in compat ansible_facts()

* Add facter/ohai back to the valid collector classes

facter/ohai had  gotten removed from the default_collectors
class used as the default list for all_collector_classes by
setup.py and compat.py

That made gather_subset['facter'] fail.
2017-08-01 12:51:33 -04:00
Ganesh Nalawade
97a34cf008 Add options sub spec validation (#27119)
* Add aggregate parameter validation

aggregate parameter validation will support checking each individual dict
to resolve conditions for aliases, no_log, mutually_exclusive,
required, type check, values, required_together, required_one_of
and required_if conditions in argspec. It will also set default values.

eg:
tasks:
  - name: Configure interface attribute with aggregate
    net_interface:
      aggregate:
        - {name: ge-0/0/1, description: test-interface-1, duplex: full, state: present}
        - {name: ge-0/0/2, description: test-interface-2, active: False}
    register: response
    purge: Yes

Usage:
```
from ansible.module_utils.network_common import AggregateCollection

transform = AggregateCollection(module)
param = transform(module.params.get('aggregate'))
```

Aggregate allows supports for `purge` parameter, it will instruct the module
to remove resources from remote device that hasn’t been explicitly
defined in aggregate. This is not supported by with_* iterators

Also, it improves performace as compared to with_* iterator for network device
that has seperate candidate and running datastore.
For with_* iteration the sequence of operartion is
load-config-1 (candidate db) -> commit (running db) -> load_config-2
(candidate db) -> commit (running db) ...

With aggregate the sequence of operation is
load-config-1 (candidate db) -> load-config-2 (candidate db) -> commit
(running db)

As commit is executed only once per task for aggregate it has
huge perfomance benefit for large configurations.

* Fix CI issues

* Fix review comments

*  Add support for options validation for aliases, no_log,
   mutually_exclusive, required, type check, value check,
   required_together, required_one_of and required_if
   conditions in sub-argspec.
*  Add unit test for options in argspec.
*  Reverted aggregate implementaion.

* Minor change

* Add multi-level argspec support

*  Multi-level argspec support with module's top most
   conditionals options.

* Fix unit test failure

* Add parent context in errors for sub options

* Resolve merge conflict

* Fix CI issue
2017-08-01 09:32:18 -07:00
Ganesh Nalawade
19fac707fa junos_netconf integration test failure fix (#27569)
*  Create socket using port value and not connection type
*  Correct error message in integration test task
2017-08-01 21:33:11 +05:30
Will Thames
5f73bdc3bf [cloud] Improve Camel to Snake conversion in EC2 module_utils (#25015)
* Make camel_to_snake work on capitalized plurals

`TargetGroupARNs` should become `target_group_arns`, not
`target_group_ar_ns`

Promote `camel_to_snake` to top layer function but prefix
it with an underscore.

Add tests for improved `_camel_to_snake` function.

Reduce use of `re.compile` as it makes no sense when the
compilation result is not reused.

* Remove unused LooseVersion check

* Fix PLURALs case for camel_to_snake

Also renamed EXPECTED_CAMELIZATION to EXPECTED_SNAKIFICATION
2017-08-01 11:09:22 -04:00
David Newswanger
e599a01bdc added lines to mode: strict (#27442) 2017-08-01 16:06:33 +01:00
Ganesh Nalawade
60676add33 iosxr implemetation for net_interface (#27513)
* iosxr implemetation for net_interface

*  iosxr_interface implementation

* Add integration test

*  iosxr_interface integration test
*  net_interface intergration test for iosxr

* update boilerplate
2017-08-01 20:19:54 +05:30
Will Thames
f972994662 [cloud] fix VPC behavior for ec2_group module, improve integration tests (#27038)
* Add tests for group in a VPC

* Improve ec2_group output and documentation

Update ec2_group to provide full security group information
Add RETURN documentation to match

* Fix ec2_group creation within a VPC

Ensure VPC ID gets passed when creating security group

* Add test for auto creating SG

* Fix ec2_group auto group creation

* Add backoff to describe_security_groups

Getting LimitExceeded from describe_security_groups is definitely
possible (source: me) so add backoff to increase likelihood of
success.

To ensure that all `describe_security_group` calls are backed off,
remove implicit ones that use `ec2.SecurityGroup`. From there,
the decision to remove the `ec2` boto3 resource and rely on the client
alone makes good sense.

* Tidy up auto created security group

Add resource_prefix to auto created security group and delete
it in the `always` section.
Use YAML argument form for all module parameters
2017-08-01 06:53:43 -04:00
Ganesh Nalawade
2d734c7ea7 Fix for ios integration test failuers (#27552)
Fixes #27116
2017-08-01 14:33:04 +05:30
John R Barker
499875f897 host_key_checking = False (#27553) 2017-08-01 09:51:22 +01:00
Jordan Borean
7a7a0cae94 win_service: added support for paused services (#27216)
* win_service: added support for paused services

* change pausable service for local computers

* more fixes for older hosts

* sigh

* skip pause tests for Server 2008 as it relies on the service
2017-08-01 18:48:14 +10:00
Pilou
ade593da52 Copy module: improve tests allowing to use a managed host which isn't the controller host (#25672)
* set output_dir_expanded using module result

'path' values are expanded using 'expandvars' too

* foo.txt is located in 'files' directory

* Use 'role_path' and 'connection: local' for local paths

'{{ role_path }}/tmp' is used for generated paths

* Use local connection with local paths

/tmp/ansible-test-abs-link and /tmp/ansible-test-abs-link-dir are
defined by targets/copy/files/subdir/subdir1/ansible-test-abs-link
and targets/copy/files/subdir/subdir1/ansible-test-abs-link-dir links.

* task names: add a suffix when same name is reused

* Check that item exists before checking file mode

then error message is more explicit when item doesn't exist

* Use output_dir_expanded only when necessary

* Enforce remote_user when root is required

* Fix remote path

* Use different local & remote user

this is useful when controller and managed hosts are identical

* Checks must not expect output of tested module to be right

* Use a temporary directory on the controller

* Use sha1 & md5 filters instead of hardcoded values

* Use 'remote_dir' for directory on managed host

* Workaround tempfile error on OS X

Error was:
temp_path = tempfile.mkdtemp(prefix='ansible_')
AttributeError: 'module' object has no attribute 'mkdtemp'"
2017-07-31 22:07:22 -07:00
Pilou
49b8bd0358 Fix broken import in utilities.helper._accelerate (#27088)
* Fix py3 compatibility using six.moves.socketserver

* Remove useless call to str
2017-07-31 22:05:46 -07:00
Toshio Kuratomi
0b9a78f0b3 Remove wildcard, add boilerplate and get rid of get_exception
* smaller collections of database modules
* Some of the smaller collections of network modules
2017-07-31 13:51:38 -07:00
Matt Clay
0c7602fb59 Add potential work-around for expect on macOS.
http://pexpect.readthedocs.io/en/stable/commonissues.html#truncated-output-just-before-child-exits
2017-07-31 13:22:07 -07:00
Nathaniel Case
13948b6d72 More nxos integration fixes (#27507)
* nxos does not have `authorize`

* Enable nxos_banner nxapi tests
2017-07-31 14:13:32 -04:00
Andrew Saraceni
7b3d893f2d New Module: Manage Windows local group membership (win_group_member) (#26307)
* initial commit for win_group_member module

* fix variable name change for split_adspath

* correct ordering of examples/return data to match documentation verbiage

* change tests setup/teardown to use new group rather than an inbult group
2017-07-31 11:10:57 -07:00
David Newswanger
a01884ca2f added register: result to nxos_interface tests (#27504) 2017-07-31 13:37:27 -04:00
Matt Davis
91f4c37ed7 rename legacy PS module_utils to remove PowerShell prefix (#27495) 2017-07-31 10:06:12 -07:00
Martin Krizek
43d3c092fa Add dnf group install/upgrade integration tests (#27482) 2017-07-31 08:54:34 -04:00
saichint
350018de73 nxos_vxlan_vtep fixes and integration tests (#27405)
* fix issue 27404

* conflict resolve
2017-07-31 08:37:31 -04:00
Dag Wieers
97aaf103e8 ACI module_utils library for ACI modules (#27070)
* ACI module_utils library for ACI modules

This PR includes:
- the ACI argument_spec
- an aci_login function
- an experimental aci_request function
- an aci_response function
- included the ACI team

* New prototype using ACIModule

This PR includes:
- A new ACIModule object with various useful methods
2017-07-31 12:44:27 +01:00
John R Barker
82a0a05406 Revert "Use needs/root, rather than become: yes" (#27483)
* Revert "Add test_items to junos_system integration target (#27481)"

This reverts commit 9e03953fce.

* Revert "Use needs/root, rather than become: yes (#27479)"

This reverts commit 5576cc6769.
2017-07-31 11:36:57 +01:00
Ricardo Carrillo Cruz
9e03953fce Add test_items to junos_system integration target (#27481) 2017-07-31 12:09:13 +02:00
John R Barker
5576cc6769 Use needs/root, rather than become: yes (#27479) 2017-07-31 08:03:47 +01:00
John R Barker
3ea421d9da root when installing packages (#27477) 2017-07-31 07:46:29 +01:00
John R Barker
42298f890e Install Python (#27476) 2017-07-31 07:20:19 +01:00
John R Barker
ea4eb8f1c8 prepare_ovs call gather facts (#27468)
* prepare_ovs call gather facts

As we are no longer using run_ovs_integration_tests.yml we need to
explicitly gather facts so we can call the correct package manager.

* typo
2017-07-30 18:39:22 +01:00
Toshio Kuratomi
4109a82d0a remove wildcards and add boilerplate
* cloud/centurylink
* source_control
* cloud/google
* notification
* cloud/rackspace
* cloud/vmware
2017-07-29 14:13:30 -07:00
Toshio Kuratomi
21564cdb98 Add some features to the pylint sanity check
* Enable specific tests (this lets us disable a group and then
  enable a particular test inside of it)
* Comment out tests in the enable and disable files
2017-07-29 14:13:30 -07:00
Toshio Kuratomi
0765ceb66d revise ordered list of boilerplate work 2017-07-29 07:02:12 -07:00
Toshio Kuratomi
8de6cff2b1 more wildcards 2017-07-29 07:02:12 -07:00
Toshio Kuratomi
1ee08c0f06 Get rid of more wildcard imports and add boilerplate to more modules
This commit cleans up the following module categories:
* messaging
* inventory
* crypto
* commands
* clustering
* cloud/webfaction
* cloud/docker
* cloud/digital_ocean
2017-07-29 07:02:12 -07:00
Toshio Kuratomi
6f69cd4501 Add code to allow from __future__ in docs-only modules 2017-07-28 22:10:17 -07:00
Toshio Kuratomi
8b7db55a94 Modify boilerplate code-smell test to check some of the module dirs 2017-07-28 22:10:17 -07:00
Toshio Kuratomi
4e6cce354e Remove wildcard imports
Made the following changes:

* Removed wildcard imports
* Replaced long form of GPL header with short form
* Removed get_exception usage
* Added from __future__ boilerplate
  * Adjust division operator to // where necessary

For the following files:

* web_infrastructure modules
* system modules
* linode, lxc, lxd, atomic, cloudscale, dimensiondata, ovh, packet,
  profitbricks, pubnub, smartos, softlayer, univention modules
* compat dirs (disabled as its used intentionally)
2017-07-28 22:10:17 -07:00
Matt Clay
f6d7fc548e Fix ansible-test type hints. 2017-07-28 21:47:04 -07:00
Toshio Kuratomi
0a2cdb2585 New tests for copy recursive with absolute paths
Absolute path trailing slash handling in absolute directories

find_needle() isn't passing a trailing slash through verbatim.  Since
copy uses that to determine if it should copy a directory or just the
files inside of it, we have to detect that and restore it after calling
find_needle()

Fixes #27439
2017-07-28 21:00:51 -07:00
Matt Clay
e241e15899 Add support for non_local alias in ansible-test. 2017-07-28 12:24:55 -07:00
Adrian Likins
934b645191 Support multiple vault passwords (#22756)
Fixes #13243

** Add --vault-id to name/identify multiple vault passwords

Use --vault-id to indicate id and path/type

 --vault-id=prompt  # prompt for default vault id password
 --vault-id=myorg@prompt  # prompt for a vault_id named 'myorg'
 --vault-id=a_password_file  # load ./a_password_file for default id
 --vault-id=myorg@a_password_file # load file for 'myorg' vault id

vault_id's are created implicitly for existing --vault-password-file
and --ask-vault-pass options.

Vault ids are just for UX purposes and bookkeeping. Only the vault
payload and the password bytestring is needed to decrypt a
vault blob.

Replace passing password around everywhere with
a VaultSecrets object.

If we specify a vault_id, mention that in password prompts

Specifying multiple -vault-password-files will
now try each until one works

** Rev vault format in a backwards compatible way

The 1.2 vault format adds the vault_id to the header line
of the vault text. This is backwards compatible with older
versions of ansible. Old versions will just ignore it and
treat it as the default (and only) vault id.

Note: only 2.4+ supports multiple vault passwords, so while
earlier ansible versions can read the vault-1.2 format, it
does not make them magically support multiple vault passwords.

use 1.1 format for 'default' vault_id

Vaulted items that need to include a vault_id will be
written in 1.2 format.

If we set a new DEFAULT_VAULT_IDENTITY, then the default will
use version 1.2

vault will only use a vault_id if one is specified. So if none
is specified and C.DEFAULT_VAULT_IDENTITY is 'default'
we use the old format.

** Changes/refactors needed to implement multiple vault passwords

raise exceptions on decrypt fail, check vault id early

split out parsing the vault plaintext envelope (with the
sha/original plaintext) to _split_plaintext_envelope()

some cli fixups for specifying multiple paths in
the unfrack_paths optparse callback

fix py3 dict.keys() 'dict_keys object is not indexable' error

pluralize cli.options.vault_password_file -> vault_password_files
pluralize cli.options.new_vault_password_file -> new_vault_password_files
pluralize cli.options.vault_id -> cli.options.vault_ids

** Add a config option (vault_id_match) to force vault id matching.

With 'vault_id_match=True' and an ansible
vault that provides a vault_id, then decryption will require
that a matching vault_id is required. (via
--vault-id=my_vault_id@password_file, for ex).

In other words, if the config option is true, then only
the vault secrets with matching vault ids are candidates for
decrypting a vault. If option is false (the default), then
all of the provided vault secrets will be selected.

If a user doesn't want all vault secrets to be tried to
decrypt any vault content, they can enable this option.

Note: The vault id used for the match is not encrypted or
cryptographically signed. It is just a label/id/nickname used
for referencing a specific vault secret.
2017-07-28 15:20:58 -04:00