* Issue #41079. Failed to apply rule if there is a default IPv6 NACL
* Issue #41079. Failed to apply rule if there is a default IPv6 NACL
* Issue #41079. Failed to apply rule if there is a default IPv6 NACL
* Simplify logic to skip default deny-all rules
* Simplify logic to skip default deny-all rules
* Remove unnecessary tmp variables
* Add tests for check_mode at play and task level
These test inheritance of check_mode from the various levels (command
line, as a play attribute and as a task attribute) so they will be
useful for checking that the change to fieldattribute inheritance with
defaults works
* Add a sentinel object
The Sentinel object can be used in place of None when we need to mark an
entry as being special (usually used to mark something as not having
been set)
* Start of using a Sentinel object instead of None.
* Handle edge cases around use of Sentinel
* _get_parent_attribute needs to deal in Sentinel not None
* No need to special case any_errors_fatal in task.py any longer
* Handle more edge cases around Sentinel
* Use Sentinel instead of None in TaskInclude
* Update code to clarify the vars we are copying are class attrs
* Add changelog fragment
* Use a default of Sentinel for delegate_to, this also allows 'delegate_to: ~' now to unset inherited delegate_to
* Explain Sentinel stripping in _extend_value
* Fix ModuleArgsParser tests to compare with Sentinel
* Fixes for tasks inside of roles inheriting from play
* Remove incorrect note. ci_complete
* Remove commented code
* parallelize getting mount info
* fixed timeout and made 8 max thread count
- minor cleanup
- avoid empty mount entries
- set timeout on get
- enforce timeout per mount/thread
- make note on failure per mount
- make note on timeout per mount
- ensure proper pool control
- minor fixes
- less vars, simpler code
- move filter 'pre threading'
- remove timeout for all mounts, now per mount
- also use cpu count from multiprocessing lib
- moved 'bind' options out of thread as per comments
- warn on error, more info on failure to get info
* faster config loading
- used already loaded module var instead of doc functions
- add preload to populate config defs cache
- avoid debug work when not in debug
- generators, force consumption
* Catch SSH authentication errors and don't retry multiple times to prevent account lock out
Signed-off-by: Sam Doran <sdoran@redhat.com>
* Subclass AnsibleAuthenticationFailure from AnsibleConnectionFailure
Use comparison rather than range() because it's much more efficient.
Signed-off-by: Sam Doran <sdoran@redhat.com>
* Add tests
Signed-off-by: Sam Doran <sdoran@redhat.com>
* Make paramiko_ssh connection plugin behave the same way
Signed-off-by: Sam Doran <sdoran@redhat.com>
* Add changelog
Signed-off-by: Sam Doran <sdoran@redhat.com>
* - Fix sorting bug related to diff (attributes is sorted in the API, other lists are not)
- Remove null-valued entries from protocolMappers introduced by Ansible's argument spec checking (also fixes diff output).
* python2.6-ified dict comprehension
* avoid use of map
* Fix 'defaults' option in the nxos_config module
Nxos get_config is allways called with the 'all' option.
* Fix flag's calculation
* Add tests
* nxos_config: the 'backup' option take into account the value of 'defaults' option
If 'defaults' option is true, the running-config backup is done with the all
keyword.
* added nictagadm functionality for smartos
* Added mac address assertion and mutex's for etherstub params
* removed old commented code
* Responding to ansibot lint
* Responding to ansibot lint underscore
* doc wording, if rc to return rc
* Version Added bump to 2.6
* Grammer Fix
* match documentation with the arg spec
* removed default from Options since None evidently is 'None'
* Guessing to please the linter, No documentation
* Various changes
* PEP8 fixes
* Create a module for managing ZFS admin privileges
* Actually support check mode in zfs_permissions
* Fix Python 2.4 invalid syntax
* Update added_version to 2.1
* Remove superflous sys.exit() and add an empty RETURN doc (empty because the module does not return anything other than status-related stuff)
* Update version_added since zfs_permissions was not accepted in 2.1.
* - Rename zfs_permissions to zfs_delegate_admin to more accurately reflect
its purpose.
- Update with current Ansible module best practices.
- Stop checking whether changes need to be made (this was flawed since
it was not able to detect whether, for example, changes would be made
with `local=True` when the permissions already existed for
`Local+Descendent`. Instead, just make the changes (`zfs allow` is
idempotent) and compare the state before and after.
- Generally write things in a better way.
* Fix test errors
* Fix more tests.
* Catch exceptions when parsing `zfs allow` output. At least on one
version of ZFS (on a 2016 version of illumos) will have a single space
in the user or group column if the name can't be resolved by the
system's name services).
* Adding digital_ocean_space alias for s3_bucket module
* skipping alias to see if doc-build test passes
* undoing last change
* removing symlink
* oops -- readding module ref
* removing more of my changes
* removing unneeded doc line
* correcting another mistake
* Move relative time handling to module_utils and rewrite it
* Fix cases with no seconds defined
* fix a small typo along the way
* add relative time handling to the ownca provider in openssl_certificate
* add initial integration test for relative time ownca
* quote the documentation to produce valid yaml
* move timespec conversion and validation to the init function
* fix small edge case in conversion function
* add relative timestamp handling to the selfsigned provider
* add get_relative_time_option
* add relative timestamp handling to valid_in
* pep8 fix indentation
* add quotes in error message
* add changelog fragment
* Update changelogs/fragments/50570-relative_time_crypto.yaml
Co-Authored-By: MarkusTeufelberger <mteufelberger@mgit.at>
We should explain the danger of using relative paths, but we should not
say they aren't allowed. Relative paths work and are useful, but the
caveat is that the starting point can't be guaranteed by ansible. This
commit adds that note, and removes the claim that only absolute paths
are accepted.
* Replace loose string that should be a byte string
* Replace byte string literals with string literals
* These, on the other hand, need to be byte strings
* Added support for labels for Docker Network
* Fixed missing comma in Docker Network module
* Specified minimal versions for dependencies and added changelog
* Fixes based on suggestions after code review
* Added integration tests
* Add command option
* Fix test task name
* Changelog fragment
* Fix indendation
* Add version_added
* Better command description
* Test passing command as list
* Handle invalid command types
* Cleaner command type checking
* Check that all items in command list are strings
* Better error about command list items
* Better type checking errors
* Add tests for command type checking
* Update command tests
* Fix messed up rebase
* Fix crash when using configs parameter
* Don’t add difference for configs set to None
* Add changelog fragment
* Revert "Add changelog fragment"
This reverts commit 8df497e3881d976e7417d2662a167694fbc33147.
* Enable config tests
* Pass empty list of configs to docker
* Properly clean up after all tests
* Fix publish idempotency when mode is None
* Add changelog fragment
* Python 2.6 compat
* Use self.publish
* Check length of publish before comparing content
* Sort publish lists before zipping
* Enable publish tests
* python3 compat
* Don’t sort by mode as it is not safe
* Document publish suboptions and add them to args
* Add type to publish documentation
* Add choices to publish argument_spec suboptions
* Make tcp the default protocol
* Make documentation reflect protocol default
* Simplify setting mode
* Remove redundant string quoting
* Test order of publish
* Add comment about publish change detection
* Pass client to detect_usage function
* Use new client argument in detect_usage function
* Use option_minimal_versions
* Add min_docker_api_version
* Skip default since publish is always a list
* Add min Docker API version to module requirements
* Remove redundant keys()
* Move detect_ipvX_address_usage out of __init__
* Check for mode presence in publish ports
* Remove unused import
* Use port.get(‘mode’) to check for falsy values
* Update lib/ansible/modules/cloud/docker/docker_swarm_service.py
Co-Authored-By: hannseman <hannes@5monkeys.se>
* Add force_update to option_minimal_versions
* Detect publish mode better
* Add a trailing comma
* Modified description in nmcli module doc
The instructions for installing module's dependencies were incomplete.
I copied the CentOS/Fedora part from the examples section, while I figured out myself the Debian/Ubuntu package names.
+label: docsite_pr
* Fix modified description in nmcli module doc
* Fix modified description in nmcli module doc again
* Fix modified description in nmcli module doc LB
* Revert "Revert "openssl_csr: Allow to use cryptography as backend (#50324)""
This reverts commit bbd2e31e9f.
* Remove more complicated selection copy'n'pasted from openssl_privatekey.
* Add tests for backend selection.
* Add openssl_csr test for arbitrary string commonName.
* Allow to disable commonName -> SAN copying (fixes#36690).
* Increase persistent command_timeout default value
* Increase command_timeout default value from 10 to 30 sec
to reduce frequent timeout issue for network connection
types (netconf/network_cli/httpapi/napalm)
* Fix review comments
* Adapt netbox_device to pynetbox changes
Pynetbox API has changed, resulting in errors at the creation or
deletion of any device with the netbox_device modules. Fixes these
errors.
rebase
* Refactor netbox_device
Better error handling
Split the return values to `device` and `msg`, containing the created
device (if any), and the message to get more info about what has been
achieved (or the error if any)
* ovirt hosts facts add cluster version filtration
* update filtering of ovirt hosts and input of cluster version
* ovirt host facts change compat version to string
* removed info declaration from documentation fragment as this is not implemented
* added optional headers for POST and PUT requests
* updated documentation
* added missing headers field decalaration
* removed info choice from state field
* added tests for the new utm_utils function
* fixed class invocation
* added missing required params
* fixed the pytests
* Fix malformed string error using ast
Signed-off-by: NilashishC <nilashishchakraborty8@gmail.com>
* Update doc for this option
Signed-off-by: NilashishC <nilashishchakraborty8@gmail.com>
* Revert "Update doc for this option"
This reverts commit 3579d1912129ab14d5009785ba896de820063d46.
* Revert type value
Signed-off-by: NilashishC <nilashishchakraborty8@gmail.com>
* added timestamps to nxos_command module
nxos_command module now returns timestamps field, which shows command execution time
* fixed unit test failure for /lib/ansible/module_utils/basic
* cosmetic changes to align with PEP 8
* Corner case in which import_role would add another instance of a role with the same signature into roles: when it already existed there.
roles:
- name: a
tasks:
- import_role: name=a
would execute role 'a' 3 times instead of the intended 2 (x2 in roles: phase +1 in tasks:)
* added tests
* Add object_type param to checkpoint_object_facts
* Add changelog fragment
* Fix sanity
* Fix sanity
* Pass type param to payload
Otherwise it does not do what is expected to do
* Add ip-only default to docstring
* Revert "avoid x2 setting of set_fact when 'cacheable' (#50564)"
This reverts commit 207848f354.
* clarify clear_facts with set_fact cacheable
revert previous 'fix' as it will break playbooks by changing precedence
opted to leave current behaviour but document it on both plugins to mitigate confusion
fixes#50556
also fix grammer, add comment, remove unused e
* Add autopublish and autoinstallpolicy behaviour to Checkpoint devices
Up till now we published and installed policy package for every operation,
however operators may not want that and only reconcile changes after a series
of changes.
Added flags to toggle this behaviour, which defaults to autopublish and
autoinstall policy package just as it was till now.
The policy package name defaults to 'standard', since it's the default one
created on the Checkpoint management server on AWS, unsure if that's common
in other setups.
* Change signature for publish and install policy
The module object is not needed
* Fix pep8
* Fix install_policy invocation
Also fix payload in publish/discard, since it seems passing the UID
when it's not needed has issues.
* Add doc fragments
* Remove default value of targets on install_policy method
It's already defaulting to None via checkpoint_arg_spec
* Fix pep8
* Remove doc fragment and push down auto options to resource modules
I realized if I put those options as doc fragments they will show up
on facts module, which do not apply, only on resource modules that
mangle with objects.
* Fix bogus param name and validate modules issues
* Fix bogus param name on checkpoint_host
* Bubble up import exception content for k8s module
Signed-off-by: Fabian von Feilitzsch <fabian@fabianism.us>
* Track down other places import exception is reported
* Add changelog fragment
The previous code was using the legacy Group Chat 1.0 (GC1.0)
protocol to join [XEP-0045 Multi User Chats][1]. The legacy
protocol is described in § 7.2.1 of that document, the current
protocol is described in § 7.2.2.
The legacy protocol has not been in active use for more than ten
years, and servers are fading out support for it because its
presence causes issues (see for example the lengthy discussion
in [2], particularly the part starting with "A MUC
misunderstanding a presence update for a GC1.0 join").
The effect of servers fading out GC1.0 is that jabber.py cannot
send messages to rooms on servers which have done that step any
more.
This commit implements the modern join protocol, restoring
functionality. The modern join protocol is, to my knowledge,
supported by all XMPP servers which are still in use.
Prosody 0.11 is an example of a server implementation which does
not support GC1.0 anymore.
[1]: https://xmpp.org/extensions/xep-0045.html
[2]: https://mail.jabber.org/pipermail/standards/2017-October/033501.html
* Fix encoding issues with file paths.
Discovered while testing with ANSIBLE_CONFIG env var set to a path
that contained unicode characters while LC_ALL=C.
* Fix unit tests.
* Fix another path encoding issue.
When a user home dir is not created with `useradd`, the home dir will now
be created with umask from /etc/login.defs. Also fixed a bug in which
after a local user is deleted, and the same user exists in the central
user management system, the module would create that user's home.
* check for result['status'] in systemd module
* instead of checking for result['state'], actually check for chroot and warn
* allow systemctl status to work if in a chroot, update warn text
* simply change warning message
* Added new vmware module for gathering facts for DRS groups
* Update lib/ansible/modules/cloud/vmware/vmware_drs_group_facts.py
* Updated doc
* Fixed integration test with mutual exclusive paramteres
Co-Authored-By: karstenjakobsen <karsten@karstenjakobsen.dk>
* Added new vmware module for creating DRS VM or Host groups in a given cluster
* Fixed typo in module name
* Added better docstrings. Fixed better messaging for existing groups. Added delete example.
* Update doc
* Update lib/ansible/modules/cloud/vmware/vmware_drs_group.py
* Updated logic, so result is populated with correct data even if no changes are made
* Update lib/ansible/modules/cloud/vmware/vmware_drs_group.py
* Improved performance by getting group_obj in init()
* Fixed syntax error and added group_name as required if state is
* Added state= to integration test
Co-Authored-By: karstenjakobsen <karsten@karstenjakobsen.dk>
* Updated document fragment
* Used PyVmomi Helper class
* Added check for vcenter server
Fixes: #50752
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Allow to use cryptography as backend for openssl_csr.
* Use different curve.
* Adding changelog.
Includes changelog fragment for #49416, which didn't include one.
* Describe labels and container_labels correctly
* Clarify reserve_memory and limit_memory docs
* Remove default from container_labels doc
* Remove trailing whitespace
* Document min api version for configs and secrets
* Add changelog fragment
* Specify type on labels and container_labels
* Consolidate required API version descriptions
* Update reserve and limit memory docs
* Use correct power-of-two units
* Remove description about limit_memory minimum 4mb
* docker_swarm_service: use exact name match when finding services
The Docker API's filtering support allows filtering for substring
matches which means that when we filter the list of running services we
may accidentally match a service called "foobar" when looking for a
service named "foo".
Fix this by filtering the list of services returned from the Docker API
so that name matches are exact. It is still worth passing the filter
parameter to the Docker API because it reduces the number of results
passed back which may be important for remote Docker connections.
Closes 50654.
* add changelog fragment for #50654
* Added documentation around using vmware dynamic inventory plugin
* Fixed bug for populating host_ip in hostvars for given inventory host
* VMware: Add properties in vmware_vm_inventory
Fixes: #50249
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* fixes issue 50296
* fixes the indentation of the return statement
* Adds a conditional test into `_find_systems_resource()` to check the existence
of the Members of System resource
* updates the error message
* harden the conditional test
* Add a changelog
* Added description, admin commit and VSYS commit features.
* pep8 fixing
* Ansible pylint fixing + module.fail on commit fail
* Ported from lxml.etree to xml.etree. Changed username to fall back to admin if nothing else defined.
* Fixed documentation for username defaults.
* Pluribus Networks port cos bw module
* Indentation fix
* Documentation fix
* Corrected indetentation for required_one_of
* Added maintainer name in BOTMETA.yml
* Removed maintainer name in BOTMETA.yml as my team is already there
* Add checkpoint_host module
* Add state param to docstring
* Require ip_address if state is present
* Make else more explicit by doing and elif 404
* Remove bogus paren
* Add checkpoint_host module
Provide toggle flag to allow display of unreachable task to stderr
using default callback plugin.
Fixes: #48069
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
Previously, the index got out of sync with the actual config list. Invoked with lines:
- bad
- first
- bad
- second
the sanitization would first delete index 0 and then index 2, which would result in the output
- first
- bad
By reversing the list, we avoid that problem (though a filter() would be nicer)
* fixing the exception import from tower modules
* Adding tests for checking tower modules are failing with correct msg
* fixed failing tests
* fixed failing test in tower_team
* Add auth_timeout parameter when supported
Paramiko 2.2 introduces the auth_timeout parameter. This will set the
parameter to the same value of the timeout parameter to prevent
"Authentication timeout" errors.
* Conditionally add auth_timeout to ssh.connect
Renamed sock_kwarg to ssh_connect_kwargs and conditionally added the
auth_timeout parameter based on the installed paramiko version.
* Add changelog fragment
* Included support to AIX group subsystems
AIX systems has subsystems as services but also uses group
subsystems.
For example, spooler is a group subsystem to services
qdaemon, writesrv, and lpd.
This change enables the possibility to use also the group
susbsystmes such as spooler, nfs, etc.
When the service name is informed, first the module will
check if the name is a subsystem, if not it will check if
the name is a group subsystem and also it subsystems states.
This change makes services more flexible with AIX systems.
* Included test/legacy/aix_services.yml for tests
As discussed on IRC ansible-devel channes, was include the
legacy tests for further manual tests.
* csv of memory usage
* Fix var
* Configurable output file
* Add cpu profiling
* Valdiate the existence of cgroup files
* Add guard to prevent exception when trying to reset max memory value
* to_bytes/to_text and docs updates
* Add support for CPU results
* Just track the max, don't log all results, and then calculate max
* Restore cgroup_memory_recap, and move new functionality into cgroup_perf_recap
* Add pid count tracking, restructure to support more profilers
* Add cli tool for graphing cgroup_perf_recap data
* csv_output_dir is a path
* Correct CALLBACK_NAME
* Include uuid in csv data
* fix linting errors
* Bump version_added
* Create helper funciton to create dict from list of keys, with callable default
* Updated notes to include pids
* Print a newline after each section
* Plugin improvements
* Add option to supporess recap display
* Add default for output directory
* Add option to dictate whether or not to write files
* Add JSON-seq output option
* s/uuid/task_uuid
* Use bytes for paths
* Increase polling interval length for pids/memory
* Reduce instance attrs, change how we invoke profilers
* Shorten some line lengths
* Remove more instance attrs
* Fix some typos
* document directory creation, and catch exceptions
* Enable per task file outputs, and filename customization
* s/per_task_file/file_per_task/g
* Introduce 'insertbefore' and 'insertafter' to specify the position children have to be inserted.
* Added version_added to new options
* Xpath in example needs single quotes
* Added integration tests for insertafter and insertbefore
* Changed version_added to 2.8
Currently deleting the storage connection just tries to delete the
connection but it doesn't detach the connection from storage domain.
The patch first tries to detach the connection from storage domain
before attempting to delete the same if the storage domain parameter
is provided.
* Cloudscale integration test setup
CloudProvider and CloudEnvironment classes for Cloudscale integration
tests. This also contains a cloudscale_common role with common
variables for all tests.
* cloudscale_volume module
New cloud module to manage volumes on the cloudscale.ch IaaS service.
* Add checkpoint httpapi plugin and access rule facts module
* WIP checkpoint_access_rule module
* Add publish and install policy, plus fix empty json object request for publish
* Refactor publish and install_policy onto module_utils
* Add update resource logic
* Add checkpoint_host_facts module
* Return code and response on get_acess_rule function
* Add checkpoint_host module
* Add checkpoint_run_script module
* Add checkpoint_task_facts module
* Show all tasks if no task id is passed
Note, this is only available on v1.3 of Checkpoint WS API
* Add update logic to checkpoint host
* Add full details on get task call
* Add checkpoint httpapi plugin
* Fix pep8
* Use auth instead of sid property and return False on handle_httperror method
* Fix version in docstring
* Remove constructor
* Remove Accept from base headers
* Do not override http error handler and assign Checkpoint sid to connection _auth
There is scaffolding in the base class to autoappend the token, given
it is assigned to connection _send
* Use new connection queue message method instead of display
* Remove unused display
* Catch ValueError, since it's a parent of JSONDecodeError
* Make static methods that are not used outside the class regular methods
* Add missing self to previously static methods
* Fix logout
Was carrying copy pasta from ftd plugin
* Remove send_auth_request
* Use BASE_HEADERS constant
* Simplify copyright header on httpapi plugin
* Remove access rule module
* Remove unused imports
* Add unit test
* Fix pep8
* Add test
* Add test
* Fix pep8
* new module: AIX LVM file system and NFS
This module creates, removes, mount and unmount LVM and NFS file system
for AIX using /etc/filesystems. For LVM file systems is also possible
to resize the file system.
* better parameters options structure
better parameters options structure
* Improved file system resize returns
Added better tratment for return codes for file system resize.
When a resize is not possible because no enough space on lv or
shrink is not allowed.
* improved doc and creation file system return code
- improved doc
- creation file system return code 10 was treated.
* Doc recomendations, dict result, line limit
- Added doc recomendations
- Changed return to dict results on main()
- Using 159 columns for code limit
* wrong changed return when file system is already
Fixed wrong changed return when file system is already mounted.
When the file system is already mounted the return for changed
is False.
* Fixed description and included playbook for tests
- Fixed description
- Included playbook for manual tests
* Various small bits to get this merged ASAP
* Rename test/legacy/aix_filesystem.yml to test/integration/targets/aix_filesystem/tasks/main.yml
Move integration test to its proper location
* Create aliases
* Fix CI issues
* Fix backup issue in network config modules
* Fix `get_working_path` not found issue introduced due to
backup config code refactor (PR #50208)
* Further refactor config related action plugins to minimize
duplicate code
* Remove unwated imports in config action plugins
* Add common network class for action plugin and related code refactor
* Fix review comment
* Correct Errors in Documentation
According to the module, "compose" is not required, but the docs said it was - removed the "required" tag. Additionally, the example for removing a stack did not include the required "name" option (this method is why "compose" is not required.
+label: docsite_pr
* Removed change to description
Corrected issue to my "correction" on the description.
* Removed required false
* Removed all instances of required: false.
User module can contain Indentation errors or syntax errors.
Handle AST exceptions rather than showing traceback while importing such module.
Fixes: #21707
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Simplify the requirement section to avoid duplicating info already in mysql_document_fragment.
* Package installation section simplified, mentioned RHEL; a typo fix in "than".
* added dnf for Fedora
* Note: Python2 is not as intelligent at detecting false import loops as
Python3. context_objects.py cannot be added to cli/arguments because it
would set up an import loop between cli/__init__.py,
cli/arguments/context_objects.py, and context.py on Python2.
ci_complete
* Mark methods which are really functions as staticmethod
* Fix calls to other staticmethods to use the subclass rather than the
base class so that any inheritance overriding will be honored.
* Remove unnecessary logic and dead code
* Fix a typo in a docstring of how to implement subclass init_parser()
methods
* Call superclass's post_process_args in ansible-doc
* Fix copyright comment according to suggested practice