* intersight_rest_api module and integration tests.
Fix intersight module_utils issues when using POST/PATCH/DELETE.
* Update json returns based on code review
* Revert "changes to clusteR"
This reverts commit 33ee1b71e4bc8435fb315762a871f8c4cb6c5f80.
* disk changes
* fix author
* Revert "Revert "changes to clusteR""
This reverts commit 2c517792115179665d43d74780dc356ca41b9abe.
* changes to clusteR
* Revert "changes to clusteR"
This reverts commit 33ee1b71e4bc8435fb315762a871f8c4cb6c5f80.
* Rewrite of user roles
* Rewrite of user roles
* Fix author tag
* update
* fix author
* Revert "changes to clusteR"
This reverts commit 33ee1b71e4bc8435fb315762a871f8c4cb6c5f80.
* New module Flexcache
* update documentation string, and copyright date
* fix issues
* Revert "Revert "changes to clusteR""
This reverts commit 4dab6f7607223037ab18e75a3247747f74ffbc8b.
Currently we are passing "initial_size" while creating the disk for
block based storage domains. Since this is equal to the size of the
disk, all the thin provisioned disk which is created using this
module will be having the size equal to the virtual size of the disk.
The "initial_size" is only required while uploading the image. The
patch take care of the same.
- xenserver module_util: fixed a bug in gather_vm_params function where
an exception was generated if XenServer product_version_text_short
parameter contained non numeric characters, e.g. "7.1 CU1" on
XenServer version 7.1 with Cummulative Update 1. Code was changed
to use product_version parameter instead which is all numeric.
- xenserver module_util: get_xenserver_version function is changed
to return a list of integers for major, minor and update version
instead of list of strings.
- xenserver module_util: unit tests are updated according to changes.
- xenserver module_util: removed unused imports.
* Add support for elements validation in argspec
Fixes#48473
* Add support to validate the elements value in argspec
when type is `list`
* Fix unit test failures
* Add unit test for elements validation
* Fix CI failures
* Fix review comments
* Fix unit test and CI failures after rebase
* Facts parsing for cmdline can now handle multiple values for a single key.
* Unit tests for cmdline fact parsing
* Review comments
Fixes: #22766
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Initial commit
- Module mostly works but doesn't work for URL categories
- Additional tests should be added
- Documentation is needed
- Module is close to being complete
* Improved documentation
- Added parameter documentation
- Added examples
* Lint changes and bug fixes
- Fixed content filtering syntax bug per Meraki documentation update
* Change test cases so they work
* Remove duplicate key
* Improve documentation and check mode
* Fix bug when specifying SSID by number
- Migrated integration test to blocks with always
- Minor URL fixes
(cherry picked from commit ed79c294f2e3f82d4828226004c055dcd7ce9f63)
* Create changelog file
* Add new line
According to the OpenStack Networking API
the attribute provider:segmentation_id of a network has to be
an integer.
Even if neutron accepts provider:segmentation_id to be a
string, other implementations may not.
* Performance fixes for net and org lookups
- Both methods had duplicate lookups
- This should significantly improve performance
- Currently untested
* Add ChangeLog file
* Change from bugfix to bugfixes and change indent
* Add missing option types for docker modules.
* Reorder argument_spec.
* First part of option reordering/reformatting.
* Second part of option reordering/reformatting.
* Forgot two required: false.
* Normalize booleans.
* Added missing period.
Currently when used with macro contexts that have a colon inside,
macro_name gets truncated. A common case is contexts that represent a
Windows drive. Examples:
- 'C_DRIVE_THRESHOLD: "C:"'
- 'C_DRIVE_THRESHOLD: "D:"'
This happens because line 189 assumes there are only one colon in
macro_name, and thus two substrings to join.
To solve this, it is necessary considering that macro_name could have
more that one colon. After the split, the first element is the proper
Zabbix macro name. Then, the solution is joining all the remaining
substrings after that.
This is backwards compatible in the case macro_name have only one colon.
* cloudscale_volume: fail fast on volume type change
Currently a volume gets resized before the type change check. With this
change, we check early and ensure we fail before any changes made.
* fix too many blank lines
* First pass at allowing unix socket with urls/uri. See #42341
* Only insert handler as needed
* Fix and add tests
* Add HTTPS functionality for unix sockets
* Additional test fixes
* Create context manager for monkey patching HTTPConnection.connect, de-dupe code, raise better errors
* doc
* Add a few more tests
* Fix __call__
* Remove unused import
* Patch HTTPConnection.connect with the functionality we want, instead of duplicating code and disabling
* Fix var name
* Remove unused var
* Add changelog fragment
* Update uri docs
* Fix rebase indentation issue
Added a new property, 'port_security_enabled' which is a boolean to
enable or disable port_security during network creation. The default
behaviour will enable port security, security group and anti spoofing
will act as before. When the attribute is set to False, security
group and anti spoofing are disabled on the ports created on this
network.
Shade supports this option in versions > 1.27.1
* Work around problem with Docker daemon that sometimes won't find image if prefixed with docker.io repo name.
* When tring library/xxx, docker-py also doesn't sometimes find the image.
* Add changelog.
* Remove docker_* modules from validate-modules ignore list.
* Adjust types of cacert_path, cert_path and key_path.
* Fix type of update_failure_action in docker_swarm_service.
##### SUMMARY
Clarify that usernames - which Zabbix API documentation calls "aliases" - are to be specified for recipients
##### ISSUE TYPE
- Docs Pull Request
+label: docsite_pr
* Refactored code
* Added support for Cumulus Linux 2.5.4
* Added support for Cumulus Linux 3.7.3
* Test added
Fixes: #29969
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Fixing unexpected keyword argument 'cursorclass' error after migration from MySQLdb to PyMySQL
* Adoptions for mysql.py as suggested by felixfontein.
* Adding changelog fragment.
* Cisco Intersight module_utils and intersight_facts module
* Add RETURN information and fix pylint, import, and pep8 issues.
* Review updates for specifying type of params/returns and not polluting ansible_facts.
* BSD one line license, validate_certs used, urls.fetch_urls replaces requests
* postgresql_idx: ci tests, refactoring, return values
* postgresql_idx: ci tests, new params, return values
* postgresql_idx: ci tests, fix
* postgresql_idx: ci tests, fix
* postgresql_idx: ci tests, fix
* postgresql_idx: ci tests, fix
* postgresql_idx: ci tests, fix
* postgresql_idx: ci tests, fix
* postgresql_idx: ci tests, fix
* postgresql_idx: ci tests, fix
* postgresql_idx: ci tests, fix
* New module postgresql_table - fix tests
* New module postgresql_table - fix tests
* New module postgresql_table - fix tests
* New module postgresql_table - fix state choices order
* module_utils: Clean up parameter types
This PR includes:
- Parameter types added
- Copyright format fixes
- Short license statement
- Description fixes (only for a few files, then I stopped :-))
* More network stuff
* Fix typo
* Fix PEP8
* Fix booleans
* Fix typo
* New LUKS devices management module
- new module that uses cryptsetup (LUKS) functions for management
of encrypted devices
- unit tests included
* New LUKS devices management module
- modified interface by removing 'open' option and moving its functionality
into 'state' option
* module_utils: Clean up parameter types (database)
This PR includes:
- Parameter types added
- Copyright format fixes
- Short license statement
- Description fixes (only for a few files, then I stopped :-))
* Fix validate-modules test ignores
* module_utils: Clean up parameter types (storage)
This PR includes:
- Parameter types added
- Copyright format fixes
- Short license statement
- Description fixes (only for a few files, then I stopped :-))
* Fix quotes
* Fix rST issue
* Introduce new "required_by' argument_spec option
This PR introduces a new **required_by** argument_spec option which allows you to say *"if parameter A is set, parameter B and C are required as well"*.
- The difference with **required_if** is that it can only add dependencies if a parameter is set to a specific value, not when it is just defined.
- The difference with **required_together** is that it has a commutative property, so: *"Parameter A and B are required together, if one of them has been defined"*.
As an example, we need this for the complex options that the xml module provides. One of the issues we often see is that users are not using the correct combination of options, and then are surprised that the module does not perform the requested action(s).
This would be solved by adding the correct dependencies, and mutual exclusives. For us this is important to get this shipped together with the new xml module in Ansible v2.4. (This is related to bugfix https://github.com/ansible/ansible/pull/28657)
```python
module = AnsibleModule(
argument_spec=dict(
path=dict(type='path', aliases=['dest', 'file']),
xmlstring=dict(type='str'),
xpath=dict(type='str'),
namespaces=dict(type='dict', default={}),
state=dict(type='str', default='present', choices=['absent',
'present'], aliases=['ensure']),
value=dict(type='raw'),
attribute=dict(type='raw'),
add_children=dict(type='list'),
set_children=dict(type='list'),
count=dict(type='bool', default=False),
print_match=dict(type='bool', default=False),
pretty_print=dict(type='bool', default=False),
content=dict(type='str', choices=['attribute', 'text']),
input_type=dict(type='str', default='yaml', choices=['xml',
'yaml']),
backup=dict(type='bool', default=False),
),
supports_check_mode=True,
required_by=dict(
add_children=['xpath'],
attribute=['value', 'xpath'],
content=['xpath'],
set_children=['xpath'],
value=['xpath'],
),
required_if=[
['count', True, ['xpath']],
['print_match', True, ['xpath']],
],
required_one_of=[
['path', 'xmlstring'],
['add_children', 'content', 'count', 'pretty_print', 'print_match', 'set_children', 'value'],
],
mutually_exclusive=[
['add_children', 'content', 'count', 'print_match','set_children', 'value'],
['path', 'xmlstring'],
],
)
```
* Rebase and fix conflict
* Add modules that use required_by functionality
* Update required_by schema
* Fix rebase issue
Previously the yum module would provide a `changes` dict when
executed in check mode but omit it when not in check mode in favor
of the `results` data which is raw output from the yum command. This
pull request makes that output uniform.
Fixes#51724
Signed-off-by: Adam Miller <admiller@redhat.com>
* Raise AnsibleConnectionError on winrm con errors
Currently all uncaught exceptions of the requests library that is used
in winrm will lead to an "Unexpected failure during module execution".
Instead of letting all exceptions bubble up we catch the connection
related errors (inkl. timeouts) and re-raise them as
AnsibleConnectionError so Ansible will mark the host as unreachable and
exit with the correct return code.
This is especially important for Zuul (https://zuul-ci.org) to
distinguish between failures and connection/host related errors.
* Update lib/ansible/plugins/connection/winrm.py
Co-Authored-By: westphahl <westphahl@gmail.com>
* Add changelog fragment
* identity: Add GSSAPI suport for FreeIPA authentication
This enables the usage of GSSAPI for authentication, instead of having
to pass the username and password as part of the playbook run.
If there is GSSAPI support, this makes the password optional, and will
be able to use the KRB5_CLIENT_KTNAME or the KRB5CCNAME environment
variables; which are standard when using kerberos authentication.
Note that this depends on the urllib_gssapi library, and will only
enable this if that library is available.
* identity: Add documentation for GSSAPI authentication for FreeIPA
This documentation describes how to use GSSAPI authentication with the
IPA identity modules.
* identity: Add changelog for GSSAPI support for IPA
This adds the changelog entry for the GSSAPI authentication feature for
the IPA identity module.
* Check that verify_ssl defined in tower_cli.cfg isn't ignored
* Avoid to override verify_ssl value defined in tower_cli.cfg
By default, tower-cli library enables SSL certificates check. But
verify_ssl false value defined in config files read by default by
tower-cli library (for example /etc/tower/tower_cli.cfg) was ignored
because overriden by the tower_verify_ssl parameter default value.
* fix a typo in comment
* Correct usage of sorted() in mongodb_user
sorted() can't be called on a list of dicts
without supplying a key parameter. This is
explained really well in the Sorting HOWTO
https://docs.python.org/3.6/howto/sorting.html#key-functions
This commit fixes#46791
* Fix PEP8 issues
* Added support for user-specified log file in win_package - feature (#38353)
* added integration tests for win_package log_path support feature (#38353), and applied review feedback
* win_package log_path support feature (#38353) - fixed typo in win-package.py documentation
* win_package log_path support feature (#38353) - improved an integration test and better doc in win-package.py
* Allow creation and deletion of keys (deletion just schedules for
deletion, recreating an old key is just cancelling its deletion)
* Allow grants to be set, thus enabling encryption contexts to be
used with keys
* Allow tags to be added and modified
* Add testing for KMS module
* Tidy up aws_kms module to latest standards
* Add posibilities to run the integration tests for PowerShell < 5.0
* Update of tests - based at a review comments for #50612
* The correction of YAML structure
There are other chat systems with hook implementations more or less
compatible with Slack, such as Rocket.Chat. The latter requires the
Content-Type header to be set to "application/json" (the body is JSON).
Signed-off-by: Michael Hanselmann <public@hansmi.ch>
* Remove misleading statement passwords must be same
Since 2.4 Ansible has supported multiple vault passwords:
<https://docs.ansible.com/ansible/latest/user_guide/vault.html#multiple-vault-passwords>
Meaning lines like the following are misleading:
> The password used with vault currently must be the same for all files you wish
> to use together at the same time.
-- `docs/docsite/rst/user_guide/vault.rst`
To demonstrate this with Ansible 2.7, save the following as `example.yaml`:
```
- name: Display output from two vaults with different passwords
hosts: localhost
connection: local
vars_files: [one.yaml, two.yaml]
tasks:
- name: View secret from one.yaml vault
debug: { var: one }
- name: View secret from two.yaml vault
debug: { var: two }
```
Then run the three following commands choosing two different passwords:
```
$ echo 'one: 1' | ansible-vault encrypt --vault-id id1@prompt --output=one.yaml
$ echo 'two: 2' | ansible-vault encrypt --vault-id id2@prompt --output=two.yaml
$ ansible-playbook --vault-id id1@prompt --vault-id id2@prompt example.yaml
```
`ansible-vault` stores an ID in plain text in the vault file.
* Remove note about default in Ansible 2.1
As requested by gundalow in https://github.com/ansible/ansible/pull/49798
* Initial commit for xenserver_guest_facts module
* New module: xenserver_guest_facts. Returns facts of XenServer VMs. Module is fully documented.
* Added unit tests for the module
* Moved FakeXenAPI import to a dedicated fixture, other fixes
* Removed unused imports, minor fixes to unit test code
* docker_swarm_facts: PR cleanup after rebasing
* docker_swarm_facts: Adding the features similar to docker_host_facts
* docker_swarm_facts: Minor documentation and documentation updates
* docker_swarm_facts: Minor documentation and documentation adjustments to changes in #51700
* docker_swarm_facts: Using AnsibleDockerSwarmClient class method to fail module if not run on swarm manager
module_utils\docker\swarm.py: Adjustment of error message to me bore descriptive if module fails because it is not run on swarm manager node
* docker_node_facts: Query may contain single or multiple nodes, additional option to query about the docker manager itself
docker_node_facts: Code update to use the module_utils/docker_swarm.py AnsibleDockerSwarmClient class methods
* docker_node_facts: Minor documentation update and error handling
* docker_node_facts: Minor documentation and code updates
* docker_node_facts: Minor documentation adjustments
* Add state option to git_config module
State present/absent option works like --set/--unset option for 'git config'.
* Change git_config to avoid useless parameter passed to git command
When unsetting value, command was : git config --unset foo ''.
Now command is : git config --unset foo.
* Add some integration tests to git_config module
* Add missing aliases file
* Change set up method
Using git command seems to cause troubles on some OS : changing config
by changing '.gitconfig' file.
* Remove some distros from tests pool
Git is not installed or is out of date on these distros.
* Fix aliases to skip tests on centos6
* Refactor tests of the git_config module
* Add use case when state=absent and value is defined
* k8s wait - don't try to call to_dict on None
Need to ensure that the resource dict is correctly returned for absent
resources
* Cope with resources without a namespace
Some resources (e.g. ClusterRoleBinding) do not have a Namespace.
Handle the lack of a namespace key.
* [WIP] become plugins
Move from hardcoded method to plugins for ease of use, expansion and overrides
- load into connection as it is going to be the main consumer
- play_context will also use to keep backwards compat API
- ensure shell is used to construct commands when needed
- migrate settings remove from base config in favor of plugin specific configs
- cleanup ansible-doc
- add become plugin docs
- remove deprecated sudo/su code and keywords
- adjust become options for cli
- set plugin options from context
- ensure config defs are avaialbe before instance
- refactored getting the shell plugin, fixed tests
- changed into regex as they were string matching, which does not work with random string generation
- explicitly set flags for play context tests
- moved plugin loading up front
- now loads for basedir also
- allow pyc/o for non m modules
- fixes to tests and some plugins
- migrate to play objects fro play_context
- simiplify gathering
- added utf8 headers
- moved option setting
- add fail msg to dzdo
- use tuple for multiple options on fail/missing
- fix relative plugin paths
- shift from play context to play
- all tasks already inherit this from play directly
- remove obsolete 'set play'
- correct environment handling
- add wrap_exe option to pfexec
- fix runas to noop
- fixed setting play context
- added password configs
- removed required false
- remove from doc building till they are ready
future development:
- deal with 'enable' and 'runas' which are not 'command wrappers' but 'state flags' and currently hardcoded in diff subsystems
* cleanup
remove callers to removed func
removed --sudo cli doc refs
remove runas become_exe
ensure keyerorr on plugin
also fix backwards compat, missing method is attributeerror, not ansible error
get remote_user consistently
ignore missing system_tmpdirs on plugin load
correct config precedence
add deprecation
fix networking imports
backwards compat for plugins using BECOME_METHODS
* Port become_plugins to context.CLIARGS
This is a work in progress:
* Stop passing options around everywhere as we can use context.CLIARGS
instead
* Refactor make_become_commands as asked for by alikins
* Typo in comment fix
* Stop loading values from the cli in more than one place
Both play and play_context were saving default values from the cli
arguments directly. This changes things so that the default values are
loaded into the play and then play_context takes them from there.
* Rename BECOME_PLUGIN_PATH to DEFAULT_BECOME_PLUGIN_PATH
As alikins said, all other plugin paths are named
DEFAULT_plugintype_PLUGIN_PATH. If we're going to rename these, that
should be done all at one time rather than piecemeal.
* One to throw away
This is a set of hacks to get setting FieldAttribute defaults to command
line args to work. It's not fully done yet.
After talking it over with sivel and jimi-c this should be done by
fixing FieldAttributeBase and _get_parent_attribute() calls to do the
right thing when there is a non-None default.
What we want to be able to do ideally is something like this:
class Base(FieldAttributeBase):
_check_mode = FieldAttribute([..] default=lambda: context.CLIARGS['check'])
class Play(Base):
# lambda so that we have a chance to parse the command line args
# before we get here. In the future we might be able to restructure
# this so that the cli parsing code runs before these classes are
# defined.
class Task(Base):
pass
And still have a playbook like this function:
---
- hosts:
tasks:
- command: whoami
check_mode: True
(The check_mode test that is added as a separate commit in this PR will
let you test variations on this case).
There's a few separate reasons that the code doesn't let us do this or
a non-ugly workaround for this as written right now. The fix that
jimi-c, sivel, and I talked about may let us do this or it may still
require a workaround (but less ugly) (having one class that has the
FieldAttributes with default values and one class that inherits from
that but just overrides the FieldAttributes which now have defaults)
* Revert "One to throw away"
This reverts commit 23aa883cbed11429ef1be2a2d0ed18f83a3b8064.
* Set FieldAttr defaults directly from CLIARGS
* Remove dead code
* Move timeout directly to PlayContext, it's never needed on Play
* just for backwards compat, add a static version of BECOME_METHODS to constants
* Make the become attr on the connection public, since it's used outside of the connection
* Logic fix
* Nuke connection testing if it supports specific become methods
* Remove unused vars
* Address rebase issues
* Fix path encoding issue
* Remove unused import
* Various cleanups
* Restore network_cli check in _low_level_execute_command
* type improvements for cliargs_deferred_get and swap shallowcopy to default to False
* minor cleanups
* Allow the su plugin to work, since it doesn't define a prompt the same way
* Fix up ksu become plugin
* Only set prompt if build_become_command was called
* Add helper to assist connection plugins in knowing they need to wait for a prompt
* Fix tests and code expectations
* Doc updates
* Various additional minor cleanups
* Make doas functional
* Don't change connection signature, load become plugin from TaskExecutor
* Remove unused imports
* Add comment about setting the become plugin on the playcontext
* Fix up tests for recent changes
* Support 'Password:' natively for the doas plugin
* Make default prompts raw
* wording cleanups. ci_complete
* Remove unrelated changes
* Address spelling mistake
* Restore removed test, and udpate to use new functionality
* Add changelog fragment
* Don't hard fail in set_attributes_from_cli on missing CLI keys
* Remove unrelated change to loader
* Remove internal deprecated FieldAttributes now
* Emit deprecation warnings now
* standardize user/password connection vars
* docs: use ansible_user and ansible_password
* docs: var precedence for connection vars
* docs: ansible_become_pass -> ansible_become_password etc
* k8s*: add a reference to k8s_auth in all the modules' descriptions
* k8s_auth: new k8s module for handling auth
* k8s_auth: ignore E203
Can't use module_utils.urls, since that lacks user CA support, which is
a critical feature of what this module does.
* Enable 'changed' var with ufw check mode
* Fix from comment of the PR + Unit Test
* Fix on ufw module after the second review
- delete rules change works in check mode
- simplify execute def & use it on every call process
- improved regexp
- rename vars defaults to current_default_values
* Add ignore error to execute() and use it in get_current_rules()
* Update after third code review (introduce change in changed status)
* Adjust tests and fix some problems (#1)
* 'active' also appears in 'inactive'.
* 'reject' is also a valid option here.
* For example for reloaded, changed will be set back to False here.
* Improve and adjust tests.
* Fix after merging integration test
* handle "disabled" on default routed
* Add /var/lib/ufw/.. rules files
* add unit test
* Fix pep8 formatting error
* Separate ipv6 and ipv4 rules process from checkmode
* fix non-ascii error on ci
* Some change after review
* Add unit test with sub network mask
* rename is_match function by is_starting
* add changelog fragment