Currently during the check phase, the code considers the file to be
a public key if the file exist - which is not necessarily true.
This commits aims to ensure that the file is actually a publickey else
returns false for the check.
* Fix junos integration test fixes as per connection refactor (#33050)
Refactor netconf connection plugin to work with netconf plugin
* Fix junos integration test fixes as per connection refactor (#33050)
Refactor netconf connection plugin to work with netconf plugin
Fix CI failure
Fix unit test failure
Fix review comments
* add availability set for vm
* add test
* add import
* fix
* add test assert and output
* fix lint and version added
* add null check
* fix mirror
* fix mirror
* win_updates: removed scheduled task to use become instead
* updated docs to remove scheduled task info
* fix issue with only installing last update in group
This fix adds ability to set MAC address maunally. Before adding
any MAC address, the value is validated. If value is not valid, then
MAC address is set to vCenter generated MAC address.
Also, added integration tests for this change.
Fixes: #21161
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Added eagerzeroedthick disk option to disk spec
* Updated docstrings for vmware_guest disk
* VMware: Integration test for disk type
Signed-off-by: Steve Jacobs <sjacobs@brokencrew.com>
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
Adds facts about datastores, esxi_host, vm files, ha state, question, is_template, consolidation status and hw_files. Also, adds integration tests for vmware fact enhancement.
* Add integration test suite for ec2_vpc_subnet
* wrap boto3 connection in try/except
update module documentation and add RETURN docs
add IPv6 support to VPC subnet module
rename ipv6cidr to ipv6_cidr, use required_if for parameter testing, update some failure messages to be more descriptive
DryRun mode was removed from this function a while ago but exception handling was still checking for it, removed
add wait and timeout for subnet creation process
fixup the ipv6 cidr disassociation logic a bit per review
update RETURN values per review
added module parameter check
removed DryRun parameter from boto3 call since it would always be false here
fix subnet wait loop
add a purge_tags parameter, fix the ensure_tags function, update to use compare_aws_tags func
fix tags type error per review
remove **kwargs use in create_subnet function per review
* rebased on #31870, fixed merge conflicts, and updated error messages
* fixes to pass tests
* add test for failure on invalid ipv6 block and update tags test for purge_tags=true function
* fix pylint issue
* fix exception handling error when run with python3
* add ipv6 tests and fix module code
* Add permissions to hacking/aws_config/testing_policies/ec2-policy.json for adding IPv6 cidr blocks to VPC and subnets
* fix type in tests and update assert conditional to check entire returned value
* add AWS_SESSION_TOKEN into environment for aws cli commands to work in CI
* remove key and value options from call to boto3_tag_list_to_ansible_dict
* remove wait loop and use boto3 EC2 waiter
* remove unused register: result vars
* revert az argument default value to original setting default=None
* Allow backoff for describe_subnets
Improve exception handling to latest standards
* Add integration test suite for ec2_vpc_subnet
* Add test for creating subnet without AZ
Fix bug identified by test
Fixes#31905
* Several tests were marked as FIXME and should have been fixed with
the boto3 move.
* Improved tags output. Add purge_tags option (default: no)
* Allow description and tags update
* Return launch_permissions
* Allow empty launch permissions for image creation
* Empty launch permissions should work the same way for image
creation as no launch permissions
* Cope with ephemeral devices in AMI block device mapping
* Ephemeral devices can appear in AMI block devices, and this information should be returned
* Fix notation for creating sets from comprehensions
This fix adds new fact - 'Cores Per Socket' about vmware guest machine.
Also, adds integration test for this change.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Fix vault --ask-vault-pass with no tty
2.4.0 added a check for isatty() that would skip setting up interactive
vault password prompts if not running on a tty.
But... getpass.getpass() will fallback to reading from stdin if
it gets that far without a tty. Since 2.4.0 skipped the interactive
prompts / getpass.getpass() in that case, it would never get a chance
to fall back to stdin.
So if 'echo $VAULT_PASSWORD| ansible-playbook --ask-vault-pass site.yml'
was ran without a tty (ie, from a jenkins job or via the vagrant
ansible provisioner) the 2.4 behavior was different than 2.3. 2.4
would never read the password from stdin, resulting in a vault password
error like:
ERROR! Attempting to decrypt but no vault secrets found
Fix is just to always call the interactive password prompts based
on getpass.getpass() on --ask-vault-pass or --vault-id @prompt and
let getpass sort it out.
* up test_prompt_no_tty to expect prompt with no tty
We do call the PromptSecret class if there is no tty, but
we are back to expecting it to read from stdin in that case.
* Fix logic for when to auto-prompt vault pass
If --ask-vault-pass is used, then pretty much always
prompt.
If it is not used, then prompt if there are no other
vault ids provided and 'auto_prompt==True'.
Fixes vagrant bug https://github.com/hashicorp/vagrant/issues/9033Fixes#30993
* Update vmware.py
Incorrect chain of attributes to obtain snapshots from virtual machine. Module 'vmware_guest_facts' uses method 'gather_vm_facts' of vmware.py and always gets empty list of snapshots.
* Added test for module vmware_guest_facts. Checked VM snapshots.
* Fixed tests for vmware_guest_facts. Ignored certificate for vmware_guest_snapshot module.
* Integrated publickey import and removal in iosxr_user
* Fixed linting issues
* Added version added for publickeyfile option
* Added quotation marks to version, oops
* Added some integration tests, added some checks to prevent aggregate users with public keys.
* Added some integration test files
* Created mutually exclusive public_key and public_key_contents versions of config
* Modified tests to use both methods and test more logins
* Added supports for aggregates
* Incorporated provider auth
* Fixed some lint issues
* Fixed a YAML lint issue
* Implemented catches for unconfigured providers.
* Fixed catches, hopefully
* Another test
* Added groups support so you can add users to multiple groups
* Trailing whitespace
Add new module vmware_host_facts ,it can get remote vmware host system info like setup module
* modify ansible version
* optimized output for human readable
* add serial number get_system_facts() add ansible_product_serial
* fix pep8 issue and ansible module required format
* Use find_obj method instead get_obj
* add ansible_hostname ansible_distribution_build
* add integration test
* vmware_host_facts integration test add verify
* fix yamllint issue
* fix boilerplate test
* Update vmware_host_facts.py
* fix RETURN key's name
* ios_vlan DI module
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* Integration test
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* comment out testcases since the image is not available in dci
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* add aggregate test
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* Do not run script in check mode
Fixes#30676
* Reformat script integration test
* Add integration tests for check mode of script module
* Fix name on test
* Cleanup temp file
* win_script integration test syntaxt changes
* Add check mode tests for win_script
* Use proper variable in test
* Fail if source file does not exist
* Verify script is accessible and don't copy in check mode
Use shlex to properly split shell arguments, though a path with spaces in it still needs to be quoted in the playbook.
Add note to docs describing such.
Improve error message if file is not found indicating there may be a space in the path.
* Properly encode path now that path is split using shlex
* Allow for spaces in both path and script name
* Add unicode character test to Linux script tests
* Add Linux test for space in path to script
* Clean up after two recent synchronize tests
- add clean up after the last two tests in synchronize to make them
match with the expectations in the previous tests
Signed-off-by: Robert Marshall <rmarshall@redhat.com>
* Add link-dest functionality to synchronize module
- add the link-dest option to the synchronize module code
- add tests for the link-dest option
- add documentation of the link_dest option to synchronize
- modify changed flag so it can properly work around rsync
upstream not flagging hardlinks as a change properly in
formatted output
Signed-off-by: Robert Marshall <rmarshall@redhat.com>
* Minor change to test
* Better handling of malformed vault data envelope
If an embedded vaulted variable ('!vault' in yaml)
had an invalid format, it would eventually cause
an error for seemingly unrelated reasons.
"Invalid" meaning not valid hexlify (extra chars,
non-hex chars, etc).
For ex, if a host_vars file had invalid vault format
variables, on py2, it would cause an error like:
'ansible.vars.hostvars.HostVars object' has no
attribute u'broken.example.com'
Depending on where the invalid vault is, it could
also cause "VARIABLE IS NOT DEFINED!". The behavior
can also change if ansible-playbook is py2 or py3.
Root cause is errors from binascii.unhexlify() not
being handled consistently.
Fix is to add a AnsibleVaultFormatError exception and
raise it on any unhexlify() errors and to handle it
properly elsewhere.
Add a _unhexlify() that try/excepts around a binascii.unhexlify()
and raises an AnsibleVaultFormatError on invalid vault data.
This is so the same exception type is always raised for this
case. Previous it was different between py2 and py3.
binascii.unhexlify() raises a binascii.Error if the hexlified
blobs in a vault data blob are invalid.
On py2, binascii.Error is a subclass of Exception.
On py3, binascii.Error is a subclass of TypeError
When decrypting content of vault encrypted variables,
if a binascii.Error is raised it propagates up to
playbook.base.Base.post_validate(). post_validate()
handles exceptions for TypeErrors but not for
base Exception subclasses (like py2 binascii.Error).
* Add a display.warning on vault format errors
* Unit tests for _unhexlify, parse_vaulttext*
* Add intg test cases for invalid vault formats
Fixes#28038
* azure_rm_virtualmachine: added support for specifying custom image
* Use separate parameter for custom_image, add very basic test
* missed the version_added tag for doco
* removed whitespace I accidentally left in
* merged custom image into the image dict and added more tests
* added one more test
* Protect AWS credentials from accidental commits
* Improve documentation for IAM policies
* Update ELB tests to be multi region
Allow AZs to reflect the region in which the tests are run.
This will not work for regions with fewer than three AZs,
but those are relatively rare
This fix adds details about snapshots in result of
vmware_guest_snapshot, when operation is successful.
Fixes: #32154
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Move profile and region checking to module_utils.ec2
Remove ProfileNotFound checking from individual modules
There are plenty of `if not region:` checks that could be removed,
once more thorough testing of this change has occured
The ec2_asg, iam_managed_policy and ec2_vpc_subnet_facts modules
would also benefit from this change but as they do not have tests
and are marked stableinterface, they do not get this change.
* Add configuration of vlan trunk, security settings and port policies, and tests
This commit adds the following capabilities to the
vmware_dvs_portgroup module:
- Support for VLAN trunk portgroup
- Support for all security settings (promiscuous, forged transmits & mac
address changes)
- Support for all the port specific policies
- port specific policies match the vCenter UI behaviour (for instance:
block override is enabled by default)
- Cleanup and use of proper API entities not root entities
- Integration testing
* Cleanup of docs and adding more examples
* win_dsc: improved parameter handling
* removed uneeded try/catch leftover from testing
* removed undeed return values
* added custom DSC to fully test out casting
* fix up codestyle issues
* using new Requires ps version check
* fixed up error message check on earlier ps version
* win_become: make it easier to become with an admin token
* Fixed up pep8 whitespace
* fix for Server 2008
* Added support for async and become on newer hosts and fix warnings
* show specific undefined var errors on -v in debug
allows users to get more specific information about undefined errors
as they might be looking at a complex data structure and need to find
the specific leaf that has the issue
* now tests works at all verbosity levels
* updated to unicode objects
* win_package: add support for arguments as list
* re-added failure tests as they were accidentally commented out
* changed exit_code in failure messages to rc
* [ec2_ami_facts] new boto3-based module as a replacement for ec2_ami_find
- new boto3-based module to gather facts about ec2 images
- intended to replace ec2_ami_find which uses boto
- an ami find task (using new module) added to the ec2_ami integration test
* [ec2_ami_facts] Use AnsibleAWSModule. Catch BotoCoreError.
* add ec2_ami_facts alias to tests
* [ec2_ami_facts] return ami launch permissions as well
* Fix wrong prompt issue for network moodules
Fixes#31161Fixes#32416
* Store the device prompt in case of error
from remote device
* Check for prompt value in ios action plugin
* Add integration test
* add support to vmware_guest for template => vm conversion
While the vmware_guest currently supports conversion of VMs to templates
using the is_template argument, it does not support the inverse:
converting templates back into VMs. This change adds that
functionality.
When converting a template back into a VM, the extra config option
"uuid.action" is also set so that VMware will automatically create a new
UUID for the converted VM. If the "uuid.action" setting is already
configured, it will not be modified. Setting this prevents an
interactive question from being raised when attempting to boot the VM.
* Add integration tests for vmware_guest is_template
* Add additional idempotency test for vmware_guest is_template
Also add tests for vmware_guest_snapshot, but disable them due to
vcsim not fully supporting such operations yet.
Implement changes suggested in review. Also fix same in remove_or_revert_snapshot() for consistency
These tests are doing string matches on the error condition. Update
them to match the new strings. This is probably okay to push out to old
releases even though it's technically backwards incompatible because
production playbooks won't be checking that a parameter was missing.
Param missing is something detected and fixed while writing the playbook.
* add static route and hsrp it cases
* add snmp_user and snapshot it
* password strength correction
* fix typo
* add compare snapshot as it is fixed in the code now
* skip snapshot tests for titanium
* titanium and nxapi conditions added
Turns out on devices where only Gigabit is available (like our
csr nodes in CI), duplex is not configurable, thus the test fail.
Removing, since we are testing modification of other properties like
description and mtu and have good coverage.