* fixes guess_os for netconf connections
This change fixes invalid calls to play_context when the network_os is
not set and the connection attempts to guess the network_os. The method
will now check the correct values for ssh key file and allow agent
instead of returning errors.
* fix up pep8 issues
* Zabbix 3.4 support fix.
As of 3.4 Zabbix version application does not have 'updateExisting'.
* added updateExisting in applications for old zabbix support.
* small codestylefix
This fix adds following:
* hosts as argument spec
* cluster_name as argument spec
* refactor to use Pyvmomi class
* API refactor and documentation
Fixes: #18980
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* add acr
* acr
* acr
* fix a minor error
* add tests and fixes as suggested
* use get_mgmt_svc_client to enable bi
* fixes as zim suggested
* code refinement
* get acr instance before update
* fix a bug
* remove Classic sku as it's going to deprecate
* pass sanity test
* fix sanity
* fixes based on comments
* fix broken namespace unregistered error
* fix a bug
* fix a bug
* fix
* add register namespace
* fixes tests
* remove pdb
* add ci azure test
* removed required: false
* renamed acr -> containerregistry
* fixed spelling mistake
* fixed idempotence
* fix for idempotence was wrong
* fixed a few issues
* different log when exception different than ResourceNotFound
* self.fail instead of log
* updated sample return value
* added login server in results
* fixed else
* fixed line too long
* cmp -> __ne__
* fixed trailing whitespace
* output.changed is false when instance updated
* fix for state change
* one more update
* update instance only when location or sku has changed
* fixed syntax error
* fixed acr test
* just removed unnecessary comment to trigger ci
* update return value shape
* flatten `state`
* change credential dictionary state
* add credentials to integration tests
* fixed: win_copy: typo "file file" (double "file")
Signed-off-by: Alexey Shumkin <Alex.Crezoff@gmail.com>
* Add quotes around filenames/directories
* Fix tests for new quotes
* Fix tests for new quotes
* One more ?
* Another one...
* Added module to describe EC2 Placement Groups.
* Update to newer way of handling Boto3 connections and exceptions.
* Futzing around with imports and HAS_BOTO3
* Fix up exception imports.
* Fix license block
* Correct task indenting in doc
* Added list-filtering example to docs
Without this additional code snippet `ansible-pull` will still accept
the `--vault-id` option. It just won't pass the option along when
invoking `ansible-pull`.
* - Netconf plugin addition for iosxr
- Utilities refactoring to support netconf and cliconf
- iosx_banner refactoring for netconf and cliconf
- Integration testcases changes to accomodate above changes
* Fix sanity failures, shippable errors and review comments
* fix pep8 issue
* changes run_command method to send specific command args
* - Review comment fixes
- iosxr_command changes to remove ComplexDict based command_spec
* - Move namespaces removal method from utils to netconf plugin
* Minor refactoring in utils and change in deprecation message
* rewrite build_xml logic and import changes for new utils dir structure
* - Review comment changes and minor changes to documentation
* * refactor common code and docs updates
In case of workflow delete action, the returned 404 status code
considered as invalid although it's a valid code for not found (deleted)
entity.
Removed verification of the status. Only success should be verified.
Fixes#33524
* Fix typo in net_logging/eos
* This seems to be required to use eos_user in this way
* Fix indentation in net_static_route/eos
* Rework interface check in eos_vrf
This should do the right thing.
This fix make error message easily understable which is provided
by vcenter or ESXi server.
Fixes: #24672
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Adds a tmsh command fallback
The bigip terminal plugin assumes that the remote shell is tmsh.
This is not always true. The remote shell may be bash sometimes.
This adds a different shell command in the case that bash is the
remote shell
* Fixing upstream errors
This fix adds functionality to configure vmware guest parameter called
'maxMkconnections'. Also, added integration test for this change.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
This fix adds functionality to support memory_reservation and
memory_reservation_lock while managing Virtual Machine.
Fixes: #20407
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
This fix adds missing comma in different modules.
This removes implicit string concatenation in given list.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
This fix adds additional check to get details about roles
from pg_roles instead of pg_authid. On AWS RDS instances,
access to pg_authid is restricted for security reasons.
Fixes: #32358
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Fix azure_rm_acs due to Azure breaking API change
* resolve code review feedbacks
* resolve test failures
* better name
* ignore case for vm size
* reformat code
* resolve code review feedbacks
* new windows module win_audit_policy_system
* removed the backup/restore functionality
adjusted to use run-command rather than running the command directly
adjusted testing appropriately for the above changes
* fixed issue with variable naming in testing
removed .psm1 from requires
fixed copyright
* Updated audit_type to list and added appropriate error handling
Updated testing accordingly
Fixed up documentation
* Refactor common network shared and platform specific code into package (part-1)
As per proposal #76 refactor common network shared and platform specific
code into sub-package.
https://github.com/ansible/proposals/issues/76
* ansible.module_utils.network.common - command shared functions
* ansible.module_utils.network.{{ platform }} - where platform is platform specific shared functions
* Fix review comments
* Fix review comments
* Refactors bigip_node
Includes a number of fixes and enhancements in addition to refactoring
the code to be inline with f5 standards
* Fixes upstream errors
Digital Ocean changed their api to no longer accept an integer as a resource_id. Fix adds changed data type (from integer to string).
Signed-off-by: Anthony Bond <bond.anthony@outlook.com>
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Adds bigip_policy_rule module
This module is the second component of managing LTM policies on
BIG-IP. This module lets you manage the rules of a policy
* Fixing upstream errors
* Correcting YAML errors
* Fixes and features for bigip_provision
Adds support for dedicated modules. Fixes bug in minimum name.
Adds wrappers around checking for up-ness so that they will contribute
to the watch loop
* Fixes upstream errors
This fixes an issue where the check for an import error would occur
before checking to see if firewalld is in "offline mode" and if it
is, then checking to ensure the version of the firewall python
library was new enough to support offline operations. This patch
will now fail with a correct error message in the scenario that
someone attempts to perform an offline operation but has a version
of the firewall python library that is too old.
Signed-off-by: Adam Miller <maxamillion@fedoraproject.org>
This fix makes name and folder as required together
parameters in vmware_guest_snapshot.
Update integration tests for vmware_guest_snapshot.
Fixes: #22644
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
Fix adds esxi_hostname as Ansible module argument for user
to define ESXi hostname to deploy VMware vSwitch.
Fixes: #24647
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* In order to maintain a single api call across
netconf and cli transport from module code change
signature of commit api to accept genric args.
* Fix doc string
Empty __init__ will allow us to use python namespaces with all of these
files. That may be something we want to take advantage of for allowign
them to be expanded by user dirs. Also might be needed for AnsiballZ or
other wrapper enhancements in the future.
* Add idempotency and import/export support to zabbix_template
Adds idempotency to the template update functions and check mode,
also adds the ability to dump and import json template
configurations.
* Fix issue clearing groups from template
When an empty list is provided for group names, all groups associations
should be cleared from the template. Previous behavior caused the
template to be associated to all existing groups if an empty list
was provided.
* Fix undefined variable references
* Add example importing template from ansible variable
Document a sample template import with bare minimum structure.
No items or graphs are added, only 1 application is added to the
template.
* Added . and / to rule args regexp
Things like pam_echo.so file=/etc/foo.txt weren't being matched and
causing incorrect change counts. Adding / and . fixed that.
Fixes#33351
* pamd: test argument with value
Relates #33351
Fixes#33406Fixes#33405
* Fix typo in network_cli for sendonly
* Send `abort` to remote device in case configuration fails
* Fix indentation issue in eos_static_route integration test
* Revert network_cli change
All the values currently documented as return values are returned inside a 'result' key.
So if you registered the output of the task as 'output', then you would need to do 'output.result.zone_id' instead of 'output.zone_id'.
This commit fixes that so that you can do 'output.zone_id'.
This fix adds support for hardware parameter 'numCoresPerSocket'
in vmware_guest module. Also, adds integration tests for this change.
Fixes: #20406
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
'true' needs to be quoted as a string, otherwise it is stored as boolean and ends up getting capitalized to 'True' when presented to debconf
Subsequent install of oracle-java8-installer fails with "oracle-license-v1-1 license could not be presented"
ansible version: 2.3.1.0
Actual: value: true
debconf-show oracle-java8-installer
* shared/accepted-oracle-license-v1-1: True
Expected: value: 'true'
debconf-show oracle-java8-installer
* shared/accepted-oracle-license-v1-1: true
Various fixes to correct the BIG-IQ sdk args, and remove common
bigip stuff if requested in bigiq modules. Will move this to
separate module includes at a later time.
* Adding module enos_config and its UT files
* Removing trailing line
* Removing trailing lines
* Editing enos_module.py to fix build errors
* Removing blank lines in end
* Updating enos_config.py based on review comments
* Adding one more blank line
* Removing training white space
* Removing test_enos_config_force method from UT
* Updating documentation
* Comments by John, Remove version_added: "2.5"
* Refactor VyOS to use cliconf
* Use show configuration commands on get_config
* Remove debug statement
* Construct command/answer/prompt if needed and fix commit comments
* Convert command/prompt/answer to bytes
Set hw_guest_ha_state as None if `vm.summary.runtime.dasVmProtection` isn't printable/json-able. So if vm.summary.runtime.dasVmProtection is defined, return
vm.summary.runtime.dasVmProtection.dasProtected.
* check if need update for internal port
* validate port ip
* os_router modified in local
* my_os_router.py tested upto port not found
* tested need update
* default port attached with subnet getting deleted
* update happened with subnet and port id but rerun update=true?
* update working with portid converted subnetid for match checking
* tested and worked
* extra debug commnets cleaned up
* os_router with port ip tested fine
* deleted test files used wq for my development
* interface type changed for backward compatibility
* check if need update for internal port
* validate port ip
* os_router modified in local
* my_os_router.py tested upto port not found
* tested need update
* default port attached with subnet getting deleted
* update happened with subnet and port id but rerun update=true?
* update working with portid converted subnetid for match checking
* tested and worked
* extra debug commnets cleaned up
* os_router with port ip tested fine
* deleted test files used wq for my development
* check if need update for internal port
* validate port ip
* os_router modified in local
* my_os_router.py tested upto port not found
* tested need update
* default port attached with subnet getting deleted
* update happened with subnet and port id but rerun update=true?
* update working with portid converted subnetid for match checking
* tested and worked
* extra debug commnets cleaned up
* os_router with port ip tested fine
* deleted test files used wq for my development
* interface type changed for backward compatibility
* interface type changed for backward compatibility
* restoring requirement.txt which was deleted accidentally
* isinstance instead of type and white space removal
* trailing spaces removal
* multiple space after keyword 379,441
* fail.json interface type and deug msg changes
* test for membership should be 'not in'
* reorder interfaces handling for force=no, making sure it works when no interfaces are specified in the module parameters
when no interfaces are specified on update, use existing interfaces obtained from API.
check whether visible_name is set in check_all_properties; if not set as module parameter, no comparison is necessary.
Check if description is set as module parameter before comparing as well
* link_templates need the same treatment
* add inventory update checks and simplify update procedure
* make specifying proxy optional on update (keeping it as is when not specified), as well
* pep8 fixes
* add tls_*-checks for updates and make tls_*-options actually optional
* Add netscaler_nitro_request module
* Make changes as requested.
* Fix whitepsace in EXAMPLES block.
* Set module changed status according to operation performed.
* Added support to Datacenter resources in HPE OneView
* Adjusting comments in oneview_datacenter_facts
* Adding no_log on the documentation
* Using Pytest to Oneview DatacenterFactsModule tests
This fix adds debugging details for 'no folder found' error.
This will allow to debug the user's setup easily.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
Currently the check() method for idempotence only assumes the public
key is under the form of a PEM file when its not always the case.
The module openssl_publickey allows one to generate OpenSSH format
publickey. This leads to idempotence not being detected.
Removing 'md5' checksum checking as simply comparing current and desired publickey does the expected job.
Signed-off-by: Satyajit Bulage <sbulage@redhat.com>
* Warn on tests used as filters
* Update docs, add aliases for tests that fit more gramatically with test syntax
* Fix rst formatting
* Add successful filter, alias of success
* Remove renamed_deprecation, it was overkill
* Make directory alias for is_dir
* Update tests to use proper jinja test syntax
* Update additional documentation, living outside of YAML files, to reflect proper jinja test syntax
* Add conversion script, porting guide updates, and changelog updates
* Update newly added uses of tests as filters
* No underscore variable
* Convert recent tests as filter changes to win_stat
* Fix some changes related to rebasing a few integration tests
* Make tests_as_filters_warning explicitly accept the name of the test, instead of inferring the name
* Add test for tests_as_filters_warning
* Update tests as filters in newly added/modified tests
* Address recent changes to several integration tests
* Address recent changes in cs_vpc
locale.setlocale() call removed in 6b5291d68f150c629e9958bb6e910b529b0d8cef
is actually needed by time.strptime(). AnsibleModule() changes both: environment
variables and python level locale settings so both need to be reset.
All crypto modules uses file common arguments to specify generated file
permissions. This commits aims to add the extends_documentation_fragment
in the doc so it is automatically stated.
This fix allows user to specify resizefs in logical volume extension.
Fix placement of new option, document.
Signed-off-by: Tim Rightnour <root@garbled.net>
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
Currently during the check phase, the code considers the file to be
a public key if the file exist - which is not necessarily true.
This commits aims to ensure that the file is actually a publickey else
returns false for the check.
* add type manipulation
* update for py3
* add tests for list to dict
* Add dict to list tests
* Update tests to search for regex in response
* pep8 clean up
* update Exception for py3
* update test to be py2/3 compat
* update for py26 compat
* potential fix for py3 and py26
* potential fix for py3 and py26 take2
* add new line to kick off shippable
* remove cache file created
* fix filter name
* add space for shipable
* Fix junos integration test fixes as per connection refactor (#33050)
Refactor netconf connection plugin to work with netconf plugin
* Fix junos integration test fixes as per connection refactor (#33050)
Refactor netconf connection plugin to work with netconf plugin
Fix CI failure
Fix unit test failure
Fix review comments
* add availability set for vm
* add test
* add import
* fix
* add test assert and output
* fix lint and version added
* add null check
* fix mirror
* fix mirror
* Unifying wording and formatting of all include and import modules
* Changes based on comments from dharmabumstead
* Removed instances of the term ‘Ansible Engine’
* Removed instances of term ‘Ansible Engine’
* Updated term
* Updated wording
* Updated wording
* Removed the term ‘Ansible Engine’
* Adding aliases for field attributes and renaming async attribute
As of Python 3.7, the use of async raises an error, whereas before the use
of the reserved word was ignored. This adds an alias field for field attrs
so that both async and async_val (interally) work. This allows us to be
backwards-compatible with 3rd party plugins that may still reference Task.async,
but for the core engine to work on Py3.7+.
* Remove files fixed for 'async' usage from the python 3.7 skip list
* Allow the user to circumvent adding -tt on ssh commands to help aid in
debugging ssh related problems.
* Move config to the plugin
* Set version_added
* Change yaml section to "connection"
* Fix ssh unit tests
* use less intrusive algorithm for syncing cs_policybindings
* fix some pylint and pep issues
* fix one other pylint and pep issue
* fix two lines between methods
This change will now track any created persistent connection and shut it
down at the end of the play run. This change also includes an update to
properly honor the reset_connection meta handler.
* Add a 'validate' parameter to the juniper_package module to optionally skip checking configuration compatibility against the JUNOS package being installed
* Fixing CI failure - E309 version_added for new option (validate) should be 2.5
* Revert previous change and add version_added to 'validate' parameter
* Improve error message in cloudscale_server module
Fix punctuation and add the full contents of "info" to the output in
case of failed API calls. This is useful in case of connection timeouts
and other error conditions where there is no response body available.
* Increase timeouts in cloudscale_server module
Increase the timeouts to not fail in case the API calls take a bit
longer than usual. The default timeout of fetch_url is 10s which is
quite short. Increase it to 30s. The timeout for waiting for a server
change is increased as well as it calls the API in a loop. Therefore
this value should be larger than the API timeout.
* Send API parameters as JSON in cloudscale_server module
Use JSON to send the POST data to the API instead of an urlencoded
string. Urlencoding is not really a good match for some Python
datatypes.
This fixes an issue when submitting a list of SSH keys which did not get
translated properly.
* Fix typo in cloudscale_server documentation
* cloudscale_sever: Replace timeout const by api_timeout param
Replace the static TIMEOUT_API constant by a user configurable
api_timeout parameter. Also eliminate the TIMEOUT_WAIT constant by
2*api_timeout. This means that the timeout to wait for server changes is
always double the timeout for API calls.
* Use Debian 9 image for cloudscale_server tests
Currently it's reporting an inverted version number about the
python library and it shouldn't be. Also it's currently claiming
python2 as a requirement, which it is not.
Signed-off-by: Adam Miller <maxamillion@fedoraproject.org>
* fix for breaking metadata change in various Azure Python SDK bits; some members were marked `readonly` for validation, which the default msrest serializer ignores. Added `keep_readonly` flag to serializer call to ensure they're preserved.
* win_updates: removed scheduled task to use become instead
* updated docs to remove scheduled task info
* fix issue with only installing last update in group
* jsonify inventory
* smarter import, dont pass kwargs where not needed
* added datetime
* Eventual plan for json utilities to migrate to common/json_utils when we split
basic.py no need to move jsonify to another file now as we'll do that later.
* json_dict_bytes_to_unicode and json_dict_unicode_to_bytes will also
change names and move to common/text.py at that time (not to json).
Their purpose is to recursively change the elements of a container
(dict, list, set, tuple) into text or bytes, not to json encode or
decode (they could be a generic precursor to that but are not limited
to that.)
* Reimplement the private _SetEncoder which changes sets and datetimes
into objects that are json serializable into a private function
instead. Functions are more flexible, less overhead, and simpler than
an object.
* Remove code that handled simplejson-1.5.x and earlier. Raise an error
if that's the case instead.
* We require python-2.6 or better which has the json module builtin to
the stdlib. So this is only an issue if the stdlib json has been
overridden by a third party module and the simplejson on the system
is 1.5.x or less. (1.5 was released on 2007-01-18)
* AWS S3: fix method call for fakes3 S3 backend
Fixes#33083
Signed-off-by: Marc-Aurèle Brothier <m@brothier.org>
* Auto append port based on proto
Signed-off-by: Marc-Aurèle Brothier <m@brothier.org>
This fix adds ability to set MAC address maunally. Before adding
any MAC address, the value is validated. If value is not valid, then
MAC address is set to vCenter generated MAC address.
Also, added integration tests for this change.
Fixes: #21161
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Add new filter to parse xml output for network use cases
Fixes#31026
* Add parse_xml filter
* Add documentation for parse_xml filter
* Edited for clarity.
* Fix review comment and add unit tests
* Fix unit test CI failure
* Fix CI issues
* Fix unit test failures
* Fix review comments
* More copy edits.
* Adding RPC attribute arguments to `junos_rpc` network module.
* Specifying module argument version.
* Fixing DOCUMENTATION block.
* First attempt at new test fixture.
* Updated RPC_CLI_MAP.
* Use `result` instead of `reply`.
- authorize was not working as expected
- use end command to get to exec context instead of exit
- error due to mishandling of global variable _DEVICE_CONFIG
* Added eagerzeroedthick disk option to disk spec
* Updated docstrings for vmware_guest disk
* VMware: Integration test for disk type
Signed-off-by: Steve Jacobs <sjacobs@brokencrew.com>
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* win_reboot: change to sample system uptime instead of checking port status
* added connection timeout back in as now we can manually set it per connection.
* some pep8 fixes
* fix up error message on timeout in case an exception wasn't fired
* Changed doc to English (US) and simplified uptime check
* moved conn timeout over to new config connection options
Adds facts about datastores, esxi_host, vm files, ha state, question, is_template, consolidation status and hw_files. Also, adds integration tests for vmware fact enhancement.
This module can be used to manage guests on a vCMP provisioned BIG-IP.
vCMP is a hardware-only feature, therefore this module cannot be used
on the VE editions of BIG-IP.
* fixed .loads error for non decoded json in Python 3
* fixed .loads error Python 3.5 - refactor code to one line
* fixed .loads error python 3.5 - mod to use to_text instead of .decode as per reviewer comment
This fix uses '_get_vm_prop' API to handle virtual machine related
properties rather than failing with AttributeError.
Handled invalid request type while connecting to ESXi server, which
is caused by malformed request.
Fixes: #32477
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Add integration test suite for ec2_vpc_subnet
* wrap boto3 connection in try/except
update module documentation and add RETURN docs
add IPv6 support to VPC subnet module
rename ipv6cidr to ipv6_cidr, use required_if for parameter testing, update some failure messages to be more descriptive
DryRun mode was removed from this function a while ago but exception handling was still checking for it, removed
add wait and timeout for subnet creation process
fixup the ipv6 cidr disassociation logic a bit per review
update RETURN values per review
added module parameter check
removed DryRun parameter from boto3 call since it would always be false here
fix subnet wait loop
add a purge_tags parameter, fix the ensure_tags function, update to use compare_aws_tags func
fix tags type error per review
remove **kwargs use in create_subnet function per review
* rebased on #31870, fixed merge conflicts, and updated error messages
* fixes to pass tests
* add test for failure on invalid ipv6 block and update tags test for purge_tags=true function
* fix pylint issue
* fix exception handling error when run with python3
* add ipv6 tests and fix module code
* Add permissions to hacking/aws_config/testing_policies/ec2-policy.json for adding IPv6 cidr blocks to VPC and subnets
* fix type in tests and update assert conditional to check entire returned value
* add AWS_SESSION_TOKEN into environment for aws cli commands to work in CI
* remove key and value options from call to boto3_tag_list_to_ansible_dict
* remove wait loop and use boto3 EC2 waiter
* remove unused register: result vars
* revert az argument default value to original setting default=None
* included inventory and callback in new config
allow inventory to be configurable
updated connection options settings
also updated winrm to work with new configs
removed now obsolete set_host_overrides
added notes for future bcoca, current one is just punting, it's future's problem
updated docs per feedback
added remove group/host methods to inv data
moved fact cache from data to constructed
cleaner/better options
fix when vars are added
extended ignore list to config dicts
updated paramiko connection docs
removed options from base that paramiko already handles
left the look option as it is used by other plugin types
resolve delegation
updated cache doc options
fixed test_script
better fragment merge for options
fixed proxy command
restore ini for proxy
normalized options
moved pipelining to class
updates for host_key_checking
restructured mixins
* fix typo
* Allow backoff for describe_subnets
Improve exception handling to latest standards
* Add integration test suite for ec2_vpc_subnet
* Add test for creating subnet without AZ
Fix bug identified by test
Fixes#31905
* Allow ec2_lc module to use volume_type for block devices
Makes ec2_lc consistent with ec2, ec2_ami, ec2_vol etc.
* Add deprecation message for device_type
New module for obtaining facts from elasticache clusters
Fixes#30373
* Removed unnecessary boto3 and exception checking
* AnsibleAWSModule checks for lack of boto3
* boto3_conn handles error checking of AWS connection
* Several tests were marked as FIXME and should have been fixed with
the boto3 move.
* Improved tags output. Add purge_tags option (default: no)
* Allow description and tags update
* Return launch_permissions
* Allow empty launch permissions for image creation
* Empty launch permissions should work the same way for image
creation as no launch permissions
* Cope with ephemeral devices in AMI block device mapping
* Ephemeral devices can appear in AMI block devices, and this information should be returned
* Fix notation for creating sets from comprehensions
This fix adds new fact - 'Cores Per Socket' about vmware guest machine.
Also, adds integration test for this change.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
Noticed that there was just one old and one new place in the default
callback that did not use Display.display() to show data. Changed those
two places so that everything is uniform.
* Add support for generating full chain certificates from LetsEncrypt.
* Add version_added field to document for fullchain option.
* Update version_added for fullchain option to be 2.4.
* Fix Pep-8 violation.
* Fix vault --ask-vault-pass with no tty
2.4.0 added a check for isatty() that would skip setting up interactive
vault password prompts if not running on a tty.
But... getpass.getpass() will fallback to reading from stdin if
it gets that far without a tty. Since 2.4.0 skipped the interactive
prompts / getpass.getpass() in that case, it would never get a chance
to fall back to stdin.
So if 'echo $VAULT_PASSWORD| ansible-playbook --ask-vault-pass site.yml'
was ran without a tty (ie, from a jenkins job or via the vagrant
ansible provisioner) the 2.4 behavior was different than 2.3. 2.4
would never read the password from stdin, resulting in a vault password
error like:
ERROR! Attempting to decrypt but no vault secrets found
Fix is just to always call the interactive password prompts based
on getpass.getpass() on --ask-vault-pass or --vault-id @prompt and
let getpass sort it out.
* up test_prompt_no_tty to expect prompt with no tty
We do call the PromptSecret class if there is no tty, but
we are back to expecting it to read from stdin in that case.
* Fix logic for when to auto-prompt vault pass
If --ask-vault-pass is used, then pretty much always
prompt.
If it is not used, then prompt if there are no other
vault ids provided and 'auto_prompt==True'.
Fixes vagrant bug https://github.com/hashicorp/vagrant/issues/9033Fixes#30993
* Update vmware.py
Incorrect chain of attributes to obtain snapshots from virtual machine. Module 'vmware_guest_facts' uses method 'gather_vm_facts' of vmware.py and always gets empty list of snapshots.
* Added test for module vmware_guest_facts. Checked VM snapshots.
* Fixed tests for vmware_guest_facts. Ignored certificate for vmware_guest_snapshot module.
* Integrated publickey import and removal in iosxr_user
* Fixed linting issues
* Added version added for publickeyfile option
* Added quotation marks to version, oops
* Added some integration tests, added some checks to prevent aggregate users with public keys.
* Added some integration test files
* Created mutually exclusive public_key and public_key_contents versions of config
* Modified tests to use both methods and test more logins
* Added supports for aggregates
* Incorporated provider auth
* Fixed some lint issues
* Fixed a YAML lint issue
* Implemented catches for unconfigured providers.
* Fixed catches, hopefully
* Another test
* Added groups support so you can add users to multiple groups
* Trailing whitespace
* Update connection play_context when socket exists
* Don't fail on connections other than network_cli
* Fix enable prompt detection on ios & eos
* Check against "Module not found" error code, defined in modules/jsonrpc.py
Add new module vmware_host_facts ,it can get remote vmware host system info like setup module
* modify ansible version
* optimized output for human readable
* add serial number get_system_facts() add ansible_product_serial
* fix pep8 issue and ansible module required format
* Use find_obj method instead get_obj
* add ansible_hostname ansible_distribution_build
* add integration test
* vmware_host_facts integration test add verify
* fix yamllint issue
* fix boilerplate test
* Update vmware_host_facts.py
* fix RETURN key's name
* Adding git_command module and its UT file
* Changing Author Name and removing 2 blank lines
* Removing blank lines
* Adding enos_config and its UT files
* Removing config module as I am allowed to have only module per PR
* Work on Ganesh's Review comments
* John Review Comments on enos_command.py
* Review comments of John
This patch fixes IndexError, that may be raised When trying
to install a role with `ansible-galaxy` in case of
access error to roles directory.
Issue: ansible/galaxy#149
* Add prompt check in action plugin for network platform
In case of ignore_errors for a wrong configuration
the prompt is left in configuration mode and moved to
next task, if the next taks requires prompt to be
in operational state it results in failure.
Hence add a check to ensure right prompt at start of
each task run.
* Add prompt check in action plugin for network platform
* In case of ignore_errors for a wrong configuration
the prompt is left in configuration mode and moved to
next task, if the next taks requires prompt to be
in operational state it results in failure.
* Hence add a check to ensure right prompt at start of
each task run.
* Fix CI issue
* Fix CI issues
Fix review comment
Change iosxr exit command to abort as per review comment
After the connection refactor if response value returned from
the remote device is empty in that case an `ok` return value is send
to module side code. To avoid this do not overwrite the empty response
received from remote device in `jsonrpc` reply.
* ios_vlan DI module
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* Integration test
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* comment out testcases since the image is not available in dci
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* add aggregate test
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* update nxos_facts to handle errors in n35 platform
* switch show commands to output text
* replace basestring which is not supported in python3
* do it like the other modules: use string_types
* incorporate PR review
Bug fix: Permissions were not parsed correctly if the database name contains a colon (:) character. For example, a privilege string of "*.*:USAGE/`lnx-www-prod:wordpress`.*:ALL" would fail with "invalid privileges string: Invalid privileges specified: frozenset(['WORDPRESS`.*'])". This 1-line fix works around the problem.
* Do not run script in check mode
Fixes#30676
* Reformat script integration test
* Add integration tests for check mode of script module
* Fix name on test
* Cleanup temp file
* win_script integration test syntaxt changes
* Add check mode tests for win_script
* Use proper variable in test
* Fail if source file does not exist
* Verify script is accessible and don't copy in check mode
Use shlex to properly split shell arguments, though a path with spaces in it still needs to be quoted in the playbook.
Add note to docs describing such.
Improve error message if file is not found indicating there may be a space in the path.
* Properly encode path now that path is split using shlex
* Allow for spaces in both path and script name
* Add unicode character test to Linux script tests
* Add Linux test for space in path to script
* fixes asa action plugin for connection=local
This change fixes asa modules when using connection=local to load the
provider values.
* fix up pep8 issues
* Remove uses of assert in production code
* Fix assertion
* Add code smell test for assertions, currently limited to lib/ansible
* Fix assertion
* Add docs for no-assert
* Remove new assert from enos
* Fix assert in module_utils.connection
* Clean up after two recent synchronize tests
- add clean up after the last two tests in synchronize to make them
match with the expectations in the previous tests
Signed-off-by: Robert Marshall <rmarshall@redhat.com>
* Add link-dest functionality to synchronize module
- add the link-dest option to the synchronize module code
- add tests for the link-dest option
- add documentation of the link_dest option to synchronize
- modify changed flag so it can properly work around rsync
upstream not flagging hardlinks as a change properly in
formatted output
Signed-off-by: Robert Marshall <rmarshall@redhat.com>
* Minor change to test
* Add mtu option nxos_interface feature idea
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* Add unit test for mtu feature
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* nxos_inteface TypeError fix
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* Make sure that run_commands does not list of strings for json output
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* return default value to handle exception
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* When splitting, use rsplit and 1 just in case the string has more pipe
characters than anticipated
* When converting to text, make decoding errors an error instead of
silently corrupting data
* When converting to text for message strings, use the default error
handler as that is already surrogate_then_replace
* update sros local action plugin to support network_cli
This updates the sros local action plugin to only start the connection
if connection=local is specified. This is to support network_cli
connection plugin
* fix up pep8 issues
* Better handling of malformed vault data envelope
If an embedded vaulted variable ('!vault' in yaml)
had an invalid format, it would eventually cause
an error for seemingly unrelated reasons.
"Invalid" meaning not valid hexlify (extra chars,
non-hex chars, etc).
For ex, if a host_vars file had invalid vault format
variables, on py2, it would cause an error like:
'ansible.vars.hostvars.HostVars object' has no
attribute u'broken.example.com'
Depending on where the invalid vault is, it could
also cause "VARIABLE IS NOT DEFINED!". The behavior
can also change if ansible-playbook is py2 or py3.
Root cause is errors from binascii.unhexlify() not
being handled consistently.
Fix is to add a AnsibleVaultFormatError exception and
raise it on any unhexlify() errors and to handle it
properly elsewhere.
Add a _unhexlify() that try/excepts around a binascii.unhexlify()
and raises an AnsibleVaultFormatError on invalid vault data.
This is so the same exception type is always raised for this
case. Previous it was different between py2 and py3.
binascii.unhexlify() raises a binascii.Error if the hexlified
blobs in a vault data blob are invalid.
On py2, binascii.Error is a subclass of Exception.
On py3, binascii.Error is a subclass of TypeError
When decrypting content of vault encrypted variables,
if a binascii.Error is raised it propagates up to
playbook.base.Base.post_validate(). post_validate()
handles exceptions for TypeErrors but not for
base Exception subclasses (like py2 binascii.Error).
* Add a display.warning on vault format errors
* Unit tests for _unhexlify, parse_vaulttext*
* Add intg test cases for invalid vault formats
Fixes#28038
* vmware cfg backup module
* used ansible's urllib
* pep8 changes
* pep8 changes
* added ansible metadata
* user can define also the backup filename
* fixed required_if values
* Changes for vmware_cfg_backup as per recommendation
* small changes (pep, specific imports etc)
* added import from future
* Automatically loads and executes an inventory plugin specified by a standard YAML inventory config file containing a `plugin` key at its root.
* Moved inventory PluginLoader to a shared global instance.
* azure_rm_virtualmachine: added support for specifying custom image
* Use separate parameter for custom_image, add very basic test
* missed the version_added tag for doco
* removed whitespace I accidentally left in
* merged custom image into the image dict and added more tests
* added one more test
* fixes to events/callbacks
- made note of 'not called' methods for future fixes
- removed uncalled v2_runner_on_file_diff because dupe of v2_on_file_diff, which is called
- removed v2_runner_on_no_hosts due to existing pb level ones, which are called
- removed v2_on_setup, it is just a task, triggers normal task events
- v2_on_notify is now called when a handler is notified
- TODO: async, cleanup? and import events
these currently occur in code that has no access to sending events
* corrected display
* implements jsonrpc message passing for ansible-connection
* implements more generic mechanism for persistent connections
* starts persistent connection in task_executor if enabled and supported
* supports using network_cli as top level connection plugin
* enhances logging for persistent connection to stdout
* Update action plugins
* Fix Python3 RPC
* Fix Junos bytes<-->str issues
* supports using netconf as top level connection plugin
* Error message when running netconf on an unsupported platform
* Update tests
* Fix `authorize: yes` for `connection: local`
* Handle potentially JSON data in terminal
* Add clarifying detail if possible on ConnectionError
`synchronize` has supported the `private_key` option for a long time,
apparently. But for some reason it was never documented.
Today I managed to workaround the synchronize quoting bug by just using
```
private_key: /path/to/id_rsa
```
instead of
```
rsync_opts:
- "--rsh 'ssh -i /path/to/id_rsa'"
```
So, I'll just go ahead and document this useful option ...
This fix adds details about snapshots in result of
vmware_guest_snapshot, when operation is successful.
Fixes: #32154
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
Platform agnostic action plugin (net_base) calls
`get_provider_argspec()` to fetch the provider specific
details for each platform. This fix adds the function in
eos module_utils and retuns a dict of provider spec.
This fix adds additional error handling for vmware connect
method, where username provided user does not have required
permissions to use/login ESXi.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Moving modules from lenovo to cnos
* Merge conflicts
* Update cnos_conditional_template.py
Removed
180:5: E265 block comment should start with '# '
188:34: E226 missing whitespace around arithmetic operator
* Update cnos_template.py
155:5: E265 block comment should start with '# '
162:34: E226 missing whitespace around arithmetic operator
* Update cnos_vlan.py
210:1: E302 expected 2 blank lines, found 1
* Update cnos_backup.py
Adding
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
* Update cnos_bgp.py
Added
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
* Update cnos_backup.py
Added a line extra
* Update cnos_command.py
Adding
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
* Update cnos_conditional_command.py
Adding
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
* Update cnos_conditional_template.py
Adding
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
* Update cnos_factory.py
Adding
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
* Update cnos_facts.py
Adding
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
* Update cnos_image.py
Adding
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
* Update cnos_interface.py
Adding
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
* Update cnos_portchannel.py
Adding
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
* Update cnos_reload.py
Adding
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
* Update cnos_rollback.py
Adding
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
* Update cnos_save.py
Add
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
* Update cnos_showrun.py
Add
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
* Update cnos_template.py
Adding
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
* Update cnos_vlag.py
Adding
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
* Update cnos_vlan.py
Adding
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
* Update cnos_backup.py
Moving it to top of file
* Update cnos_backup.py
* Moving future and metaclass to top
* Moving future and metaclass to top
* Moving future and metaclass to top
* Moving future and metaclass to top
* Moving future and metaclass to top
* Moving future and metaclass to top
* Moving future and metaclass to top
* Moving future and metaclass to top
* Moving future and metaclass to top
* Moving future and metaclass to top
* Moving future and metaclass to top
* Moving future and metaclass to top
* Moving future and metaclass to top
* Moving future and metaclass to top
* Moving future and metaclass to top
* Moving future and metaclass to top
* Putting condition to bye pass paramiko
* Condition to byepass paramiko import error
* Condition to byepass paramiko import error
* Condition to byepass paramiko import error
* Condition to byepass paramiko import error
* Condition to byepass paramiko import error
* Condition to byepass paramiko import error
* Condition to byepass paramiko import error
* Condition to byepass paramiko import error
* Condition to byepass paramiko import error
* Condition to byepass paramiko import error
* Condition to byepass paramiko import error
* Condition to byepass paramiko import error
* Condition to byepass paramiko import error
* Condition to byepass paramiko import error
* Condition to byepass paramiko import error
* Condition to byepass paramiko import error
* Removing unused import and white spaces
* Dealing with white space and import issues
* Dealing with white space and import issues
* Dealing with white space and import issues
* Dealing with white space and import issues
* Dealing with white space and import issues
* Dealing with white space and import issues
* Dealing with white space and import issues
* Dealing with white space and import issues
* Dealing with white space and import issues
* Dealing with white space and import issues
* Dealing with white space and import issues
* Dealing with white space and import issues
* Dealing with white space and import issues
* Dealing with white space and import issues
* Dealing with white space and import issues
* Dealing with white space and import issues
* Update cnos_template.py
* Squashing all commits to one as suggested by John
* Adding Unit test method for the module enos_facts.py
* Pep8 and Ylint issues addressed
* Trying again to remove blank line. Some scripts are required for this.
* Bug Fixing for interfaces
* Editing for over indenting issue
* E203 whitespace before ','
* Update enos.py
Added warnings argument as to check_args method
* Update enos_facts.py
Added warnings to check_args method
* Add yaml output plugin
Using YAML instead of JSON for detailed output can (IMO) improve
readability; especially for tasks with either lots of output, or
multi-line output.
* Fix yaml output plugin documentation
* Added copyright header to yaml.py
* Moved mention of yaml output plugin to `New Modules` section
* Use AnsibleDumper in yaml output plugin
Also moved the `represent_scalar` setup into the init method. As a
global statement, it was causing exceptions trying to get an `id`
field that does not exist.
* Remove trailing whitespace
* Remove useless json.loads/dumps from yaml output
* Move profile and region checking to module_utils.ec2
Remove ProfileNotFound checking from individual modules
There are plenty of `if not region:` checks that could be removed,
once more thorough testing of this change has occured
The ec2_asg, iam_managed_policy and ec2_vpc_subnet_facts modules
would also benefit from this change but as they do not have tests
and are marked stableinterface, they do not get this change.
* Ansible files module sanity pep8 fixes
* Ansible system module and playbook base.py
* Undo empty lines not required by sanity checks
* Undo empty lines not required by sanity checks
* Undo empty lines not required by sanity checks
* Undo empty lines not required by sanity checks
* Undo empty lines not required by sanity checks
* Undo empty lines not required by sanity checks
* Undo empty lines not required by sanity checks
* Undo empty lines not required by sanity checks
* Undo empty lines not required by sanity checks
* Undo empty lines not required by sanity checks
* Undo empty lines not required by sanity checks
* Various changes
* Various changes
* Various changes
* Various changes
* Undo blank lines not required by sanity checks
* Various changes
* Various changes
* Various changes
* Various changes
* Various changes
* Undo blank line changes not required by sanity checks
* Various changes
* Various changes
* Various changes
* Various changes
* Various changes
* Missing piece after merge
* Blank lines
* Blank line
* Line too long
* Fix typo
* Unnecessary quotes
* Fix example error
Better document what exceptions to handle, when and why.
Describe how to handle client auth exceptions, and that
AWSRetry retries on `XYZNotFound` exceptions.
* removed/blobified unused PInvoke stuff
* added try/finally around impersonation to ensure RevertToSelf is called in all cases
* added a few explanatory comments
* Add configuration of vlan trunk, security settings and port policies, and tests
This commit adds the following capabilities to the
vmware_dvs_portgroup module:
- Support for VLAN trunk portgroup
- Support for all security settings (promiscuous, forged transmits & mac
address changes)
- Support for all the port specific policies
- port specific policies match the vCenter UI behaviour (for instance:
block override is enabled by default)
- Cleanup and use of proper API entities not root entities
- Integration testing
* Cleanup of docs and adding more examples
The copy module has been failing since we changed the default of the
file module's follow parameter. Make this change to try to get tests
working and then we'll diagnose and fix this afterwards.
* win_dsc: improved parameter handling
* removed uneeded try/catch leftover from testing
* removed undeed return values
* added custom DSC to fully test out casting
* fix up codestyle issues
* using new Requires ps version check
* fixed up error message check on earlier ps version
* Adds the uid-/gidnumber as an argument to ipa_user
* Fixes issue #32555
* Adds the uidnumber which is called UID in the IPA web interface most
often, but called uidnumber in the JSON-API of IPA's `user_mod`
call.
* Adds the gidnumber which is called GID in the IPA web interface, but
called gidnumber in the JSON-API
* Code changes analogue to PR #32369
* Removed wrong version_number from telephonenumber
Remove wrongly placed version_number information
* Put arguments in different lines
Following PEP-8 the uidnumber and gidnumber are on different lines in the update method
This fix allows user to specify alternative maintenance DB
required for initial connection in Postgresql_db module.
Also, adds pep8 related fixes.
Fixes: #30017
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
So we fixed everything that was not a module to be PEP8 compliant, and
in the meantime these 5 new files were additionally disabled from PEP8
testing.
This fixes it.
Also update Copyright/License statements.
* win_become: make it easier to become with an admin token
* Fixed up pep8 whitespace
* fix for Server 2008
* Added support for async and become on newer hosts and fix warnings
* Enable ECHO in prompt module
Fixes#14160
* Add option for controlling echo behavior with pause module
* Improve option logic
Allow all options to be used in varying combinations, rather than being mutually exclusive.
Always capture output and return it, even when a time limit is set.
* Add version_added to docs
* Improve behavior of echo output
Set a few more flags to allow interactive deletion and hide control characters.
Do not capture or echo input when a time is set. Tried to get this working nicely, but ran into too many issues/oddities to keep it. Maybe in the future if there is demand for capturing/echoing input when a time is set I'll take another pass at it.
* show specific undefined var errors on -v in debug
allows users to get more specific information about undefined errors
as they might be looking at a complex data structure and need to find
the specific leaf that has the issue
* now tests works at all verbosity levels
* updated to unicode objects
* When getting the stack events we need to consider the case where we don't have ClientRequestToken fixes#32396
* Adding tests for the case when the ClientRequestToken is not present in the stack creation.
* Renaming the stack that the test for Client Request Token requires so it won't cause collisions with the basic test.
* Replace Twitter username with GitHub ID
See 8bfa19c4af
* Replace Twitter username with GitHub ID
See 22766906b0
* Fix GitHub ID: add missing letters
See:
- nxos_banner.py: 9c6ee8d0bb
- nxos_logging.py: e37e736ddb
- net_user.py: f6a4803669
* Remove nonexistent author, use GitHub organization
See https://github.com/ansible/ansible-modules-core/pull/2880
Not sure how Ansibullbot will handle an organization ID, but
other deprecated modules already use it.
* Replace Twitter username with GitHub ID
* Replace Twitter username with GitHub ID
See bf59d1cc1e
* Replace Twitter username with GitHub ID
See d02a9016a2
* Author: use GitHub ID
See 0847bfecd672f6b2e0e4429e998df7c6e7042b1c
* Replace Twitter username with GitHub ID
See a59684fddd
* Replace Twitter username with GitHub ID
See 94f9bb962f
* Replace Twitter username with GitHub ID
See 40b7dffea8
* win_package: add support for arguments as list
* re-added failure tests as they were accidentally commented out
* changed exit_code in failure messages to rc
* [ec2_ami_facts] new boto3-based module as a replacement for ec2_ami_find
- new boto3-based module to gather facts about ec2 images
- intended to replace ec2_ami_find which uses boto
- an ami find task (using new module) added to the ec2_ami integration test
* [ec2_ami_facts] Use AnsibleAWSModule. Catch BotoCoreError.
* add ec2_ami_facts alias to tests
* [ec2_ami_facts] return ami launch permissions as well
This makes adhoc mirror playbook callback functionality by running a
callback before and after all tasks have run. Adhoc commands now call:
- v2_playbook_on_start
- v2_playbook_on_stats
NOTE: When v2_playbook_on_start is called, a dummy playbook is provided
that says its _file_name is __adhoc_playbook__. All callback plugins
that provide v2_playbook_on_start access the _file_name attribute, so
this should maintain backward compatibility when those plugins are
called with adhoc commands even though they would not have been called
previously. The adhoc play is also added to _entries for any private
callback plugins that might be using this callback.
This fix adds handling of error/exception message using
to_native API instead of decoding.
Also, fixes PEP8 errors.
Fixes: #31825
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
This fix adds documentation update and example update
for user's password expiration option 'expire' in postgresql_user.
Now, option is more clear and explicit about default value.
Fixes: #30195
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
The fix adds exception handling while user add operation in
postgresql_user module.
Fixes: #29738
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
currently it is doing only from the 'active' hosts in the batch which means
the percentage goes up as hosts fail instead of staying the same.
added debug info for max fail
fixes#32255
avoid making gathered facts high precedence, only set_fact is supposed to be.
vars set via set_fact with cacheable are higher precedence than plain facts.
Previously (after 6fbd0a8bb5) regular facts would end up with a
higher precedence than host or play vars, but they should not be. Facts were getting added to 'non_persistent_facts' (equivalent to 'register' vars) which is higher precedence than facts should be.
added 'cacheable set_facts' to precedence docs
'ansible_facts_cacheable' -> '_ansible_facts_cacheable' (made 'private')
* Fix wrong prompt issue for network moodules
Fixes#31161Fixes#32416
* Store the device prompt in case of error
from remote device
* Check for prompt value in ios action plugin
* Add integration test
* Add some tests for iptables
* Fix remove bug (calls 2 times check to remove a chain)
* Add me as maintainer
* Fix PEP8
* Doc: Give more information on issue #18988
* Fix#18988 and test it
* Fix doc (thanks Pillou)
* enable PEP8 check for iptables