As per the plugin documentation and the Hashicorp Vault documentation (https://www.vaultproject.io/docs/auth/approle#secretid)
secret_id is not mandatory.
Moreover, using this lookup plugin without a secret_id used to work in
Ansible 2.9.
Co-authored-by: Jonathan Piron <jonathanpiron@gmail.com>
* Add support for Hashicorp Vault JWT auth
* Add support for HashiCorp Vault JWT auth (continued)
Co-authored-by: Brian Scholer <1260690+briantist@users.noreply.github.com>
Co-authored-by: Mike Brancato <mike@mikebrancato.com>
Co-authored-by: Brian Scholer <1260690+briantist@users.noreply.github.com>
* added description parameter to create request
* added changelog fragment
* Update changelogs/fragments/1196-use_description-in-gitlab-group-creation.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* added integration test for description in gitlab_group
* per request in the PR, creating separate task for the description issue in the integration test
* replaced deprecated param names with new names
* description should be optional to keep backward compatibility
* Update plugins/modules/source_control/gitlab/gitlab_group.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Disable docker tests.
ci_complete
* Get rid of shippable groups 4 and 5. Redistribute the few remaining entries of group 4 to groups 1 to 3.
ci_complete
* Try group 1.
* add support for filesystem removal (fix#355)
- Add 'state' option, defaults to 'present'.
- When state=absent, ignore other options (even 'dev' if the device
doesn't exist)
* test filesystem state=absent (+ check_mode + idempotency)
* fix doc-required-mismatch
* add changelog fragment
* fix blkid return code
* ext4dev may be deprecated
* base checks on UUID instead
* Update changelogs/fragments/1149-filesystem-fix-355-state-absent.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/system/filesystem.py (version_added)
Co-authored-by: Felix Fontein <felix@fontein.de>
* use array for new run_command() calls; do not wipefs if no fs found
* use dd as a fallback
* do not use bare 'except' (pep8)
* force string type
* use dd anyway (wipefs not supported everywhere, possibly buggy with vfat, etc.)
* do not truncate regular files; update changelog fragment
* doc: update state description and an example; notice check_mode support
* do not wipe mounted fs, fail instead
* back to wipefs implementation
* update test's main conditions
* update changelog fragment
* explicit types
* fail state=absent on freebsd
* remove doc-missing-type exceptions (2.9, 2.10, 2.11)
Co-authored-by: Felix Fontein <felix@fontein.de>
* refactor and test
* require version >= 5.21.0
Prior to this version the status output was different
* python version compatability
* use exception classes from utils
* modify monit to use 'status' output instead of 'summary' output
The summary output is a fixed width table which truncates the
contents and prevents us from parsing the actual status of the
program.
* add integration tests + fixes
* remove unused handlers in monit integration test
* fix lint
* add '__metaclass__ = type' to integration python files
* raise AttributeError
* simplify status
* lint: add type to parameter docs
* remove lint ignore
* move monit process config into main file
* specify path to monit PID file
* set config location based on os_family
* create required directories
* update aliases to set group and skips
* add changelog
* add author
* add types to docs
* add EPEL repo
* custom vars for centos-6
* uninstall EPEL
* support older versions
* wait for status to change before exiting
* use 'validate' to force status updates
* handle 'execution failed'
* better status output for errors
* add more context to failure + standardize
* don't check rc for validate
* legacy string format support
* add integration test for 'reloaded' and 'present'
* don't wait after reload
* lint
* Revert "uninstall EPEL"
This reverts commit 4d548718d0.
* make 'present' more robust
* Apply suggestions from code review
Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru>
* add license header
* drop daemon.py and use python-daemon instead
* skip python2.6 which is not supported by python-daemon
* refactor test tasks for reuse
* cleanup files after test
* lint
* start process before enabling monit
This shouldn't be necessary but I'm adding it in the hopes
it will make tests more robust.
* retry task
* attempt to rescue the task on failure
* fix indentation
* ignore check if rescue ran
* restart monit instead of reload
Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru>
* docker_login: fix internal config file storage to handle credentials for more than one registry
* Improve setup for docker registry.
* Add second registry frontend. Add tests for #1118.
* Fix cleanup.
* Workaround increasing per_page to max
* Update plugins/modules/source_control/gitlab/gitlab_group_variable.py
* Create 968-gitlab_variables-pagination-increase.yml
* Update changelogs/fragments/968-gitlab_variables-pagination-increase.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update changelogs/fragments/968-gitlab_variables-pagination-increase.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Proper support of pagination
* Fix E303 too many blank lines
* Add test for pagination
* Fix last vars removal test
* Apply suggestions from code review
Check misalignement fixed
Co-authored-by: Felix Fontein <felix@fontein.de>
* Run tests with macOS 10.15.
* Restrict to macOS CI runs for now until they pass.
* Skip tests on macOS that are skipped on OSX.
* Disable consul test for macOS.
* Disable chroot connection tests for macOS.
* Add setup_gnutar role from https://github.com/ansible/ansible/pull/71841.
* Use setup_gnutar for yarn and npm tests.
* Revert "Restrict to macOS CI runs for now until they pass."
This reverts commit d945d0399f.
* hashi_vault lookup tests seem to be always unstable, disabling for now.
* Use homebrew module instead of command.
* Fix xml reports changed when node is not deleted
* Added changelog fragment
* Added tests for xml no change remove
* Added PR to changeling fragment
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
* pkgutil: add update all, check-mode, squashing and examples
Taken from https://github.com/ansible/ansible/pull/51651 by dagwieers, which was taken from https://github.com/ansible/ansible/pull/27866 by scathatheworm. Let’s have one last attempt to get this merged.
> ##### SUMMARY
>
> Original PR #27866 from scathatheworm
>
> When working with Solaris pkgutil CSW packages, I came across this module being very basic in functionality, in particular, that I could not use it to update all CSW packages.
>
> When going into details into the code I also found it did not incorporate a possibility of doing dry-run from the underlying utility, or supported to specify multiple packages for operations.
>
> This module probably sees very little use, but it seemed like nice functionality to add and make it behave a little more like other package modules.
> ##### ISSUE TYPE
>
> * Feature Pull Request
>
>
> ##### COMPONENT NAME
>
> pkgutil module
> ##### ANSIBLE VERSION
>
> ```
> ansible 2.3.1.0
> config file = /etc/ansible/ansible.cfg
> configured module search path = Default w/o overrides
> python version = 2.7.5 (default, Aug 2 2016, 04:20:16) [GCC 4.8.5 20150623 (Red Hat 4.8.5-4)]
> ```
>
> ##### ADDITIONAL INFORMATION
>
> * Added ability to upgrade all packages:
>
>
> ```yaml
> - pkgutil:
> name: '*'
> state: latest
> ```
>
> * Added ability to modify state of a list of packages:
>
>
> ```yaml
> - pkgutil:
> name:
> - CSWtop
> - CSWwget
> - CSWlsof
> state: present
> ```
>
> * Added ability to have underlying tool perform a dry-run when using check mode, pkgutil -n
>
> * Added ability to configure force option to force packages to state determined by repository (downgrade for example)
>
>
> ```yaml
> - pkgutil:
> name: CSWtop
> state: latest
> force: yes
> ```
>
> * Added more examples and documentation to show the new functionality
* Add changelog fragment.
* Observe changelog style guide
https://docs.ansible.com/ansible/devel/community/development_process.html#changelogs
Co-authored-by: Felix Fontein <felix@fontein.de>
* Since module split, version_added no-longer refers to core Ansbile
Co-authored-by: Felix Fontein <felix@fontein.de>
* Tweak documentation
* Apply the new `elements` feature for specifying list types
Co-authored-by: Felix Fontein <felix@fontein.de>
* Set version_added
Co-authored-by: Felix Fontein <felix@fontein.de>
* Document `pkg` alias for `name`
* Be explicit about the purpose of states `installed` and `removed`.
* Force the user to specify their desired state.
* Review documentation for pkgutil module.
* Fully qualify svr4pkg module name
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
* add a custom module for managing group membership in gitlab
* add integration test & modify the module
* modify the module
* modify the module
* remove whitespace
* add aliases file & modify the module
* minor and suggested modifications
* suggested modifications
* more minor modifications
* modified the module to use gitlabAuth
* removed api_url from the doc
* remove api_token
* add update access level for an existing user
* remove access level if statement
* restart from last state
* test (sanity) doc fragment placeholder
* test (sanity) remove doc fragment placeholder
* remove internal params from DOCUMENTATION
* update ignore-2.10.txt
* doc: add changelog fragment
* shorten changelog fragment
* Revert "shorten changelog fragment"
This reverts commit f9aea0d1eaefda139fd5b79bd0eb127c09a433fb.
* test with posix/group1
* test with posix/group3
* test with posix/group5
* test with posix/group4
* test with posix/group3
* New modules/action plugins automatically get a changelog entry
* fix: styles
* Revert "remove internal params from DOCUMENTATION"
This reverts commit 7d5fcf4b17e4cd5b0afc08fd1bd3fcef5fcaee26.
* drop neutral/informative/stateless behaviour
* update tasks after changes in module
* use FQCN in EXAMPLES
* add tests to validate error handling about required params
* doc: remove outdated sentence
* do not document internal parameters
* display timeout value in failure message
* remove inapropriate comment
* merge results and clean them up only once
* conditionally remove tmp path
* at least one iteration is required
* remove deprecated code
* move variables declaration to conditional block
* dissociate async and connection timeout
* improve warnings (conditions + values)
* remove ANSIBLE_METADATA (no more needed); fix typo
* update DOCUMENTATION
* Drop field 'version_added' (no more needed).
* Add a note about check_mode support.
* catch early errors before resetting connection and processing the loop
* fix typo
* change posix group (due to xtables locks); add 'version_added' in doc
* update deprecation (replace Ansible 2.12 by community.general 2.0.0)
* bump version_added to 1.0.0
* update ignore-2.11.txt
* ignore errors for 2.9 as for 2.10 & 2.11
* move action plugin to system/ and replace it by a symlink
* remove action-plugin-docs override in tests/sanity/ignore*.txt
* update action plugin docstrings
* bump version_added to 1.1.0
* use lowercase booleans
* extend usage of namespaces to ansible builtin modules
* postgresql_set: allow to pass an empty string as a value
* add check_mode to CI for the case
* add changelog fragment
* add pause
* fix
* fix ci
* fix
* fix
* add suggested
* New module: shutdown
* Add symlink to plugin
* Fix
Signed-off-by: Amin Vakil <info@aminvakil.com>
* Fix
* Fix
* Add seealso
* Fix seealso
* Add future-import, metaclass boilerplate
* Change pre_shutdown_delay to delay
* Cleanup before executing shutdown
* Fix
* Remove unused connect_timeout paramater
* Improve documentation
* Remove deprecated function and calling it
* Remove double calling delay function
* Remove unneeded call in check delay function
* Make check mode more realistic
* Remove extra blank line
* Remove unnecessary imports and fix copyright year
* Add shutdown_command and integration test
* Fix integration test
* Don't fail on local AND enabled check_mode
* Add copyright
* Skip ubuntu1804 as systemd-sysv is not installed on container
* Ignore ubuntu 18 on task
* Readd integration tests
* Do not run integration test on ubuntu 18
* Improve integration test and add delay, msg testing
* Fix ubuntu 18 integration test
* Remove unnecessary condition
* initial commit
* add contrib info
* remove nonfunctional \n in error messate
* add documentation and optional quiet and raw arguments
* add changelog fragment
* add aliases
* add initial test
* change folder name
* add pip install jc for tests
* simplify changelog since tests were failing
* add newline to end of file
* fix trailing whitespace in comment causing test failure
* use pip3 since tests are failing using python2.6 pip
* skip python 2.7 tests since jc only supports python 3
* use pip instead of pip3
* add python version requirement
* Fixed index out of range in yarn module when no packages are outdated
* Fixed handling of yarn dependencies when scoped modules are installed
* Added changelog fragment for yarn module fixes
* Adhere changelogs/fragments/474-yarn_fix-outdated-fix-list.yml to current standards
Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru>
* Added scoped package to yarn integration test
Co-authored-by: Jan Gaßner <jan.gassner@plusserver.com>
Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru>
* postgresql_query: add search_path parameter
* add CI tests
* add ref to seealso
* add changelog fragment
* fix test syntax
* fix test syntax
* fix
* fix
* fix CI syntax
* cosmetic change
* improve CI test
* move CI tests to the right place
* improve CI
* Adding ODBC module
* Adding symink and fixing docs and argspec
* Another sanity issue
* Hopefully last fix for elements
* Making changes suggested by felixfontein
* Making changes suggested by Andersson007
* Removing defaults and added info in description
* Fixing line too long
* More cleanup suggested by felixfontein
* Changing module call
* migrate firewalld to ansible.posix
Signed-off-by: Adam Miller <admiller@redhat.com>
* fix removal_version for runtime.yml
Signed-off-by: Adam Miller <admiller@redhat.com>
* add changelog fragment
Signed-off-by: Adam Miller <admiller@redhat.com>
* Update meta/runtime.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update changelogs/fragments/firewalld_migration.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* add module_util routing entry
Signed-off-by: Adam Miller <admiller@redhat.com>
* Update meta/runtime.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
* modules: fix names with hyphens (#656)
* modules: fix names with hyphens (#656)
* Fix param name for postgresql_schema
* Add double quotes for schema name
* Add delete created DB objects
* Fix module code
* Set correct test tasks order
Co-authored-by: Maxim Voskresenskiy <maxim.voskresenskiy@uptick.com>
* Stop using ansible.netcommon.next_nth_usable.
It requires netaddr to be installed before running the playbook, which isn't the case in CI.
This undoes cf61474c3b.
* Use own filter to avoid needing netaddr installed.
* firewalld: add zone target set
Fixes https://github.com/ansible/ansible/issues/49232
Signed-off-by: Adam Miller <admiller@redhat.com>
* fix sanity tests, add example of zone target setting
Signed-off-by: Adam Miller <admiller@redhat.com>
* test different zone/target combination as we're not hitting default settings
Signed-off-by: Adam Miller <admiller@redhat.com>
* fix enabled values for zone operations
Signed-off-by: Adam Miller <admiller@redhat.com>
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
* fix and enable firewalld tests
Signed-off-by: Adam Miller <admiller@redhat.com>
* skip docker for firewalld tests
Signed-off-by: Adam Miller <admiller@redhat.com>
* Adjust deprecation versions.
* Remove redirects that are already made in ansible/ansible's ansible_builtin_runtime.yml
* Remove modules that were moved to the google.cloud collection according to ansible/ansible's ansible_builtin_runtime.yml.
* The _info module is in google.cloud.
* The gcp doc_fragment is a copy of the one in google.cloud and is only used by one lookup. Mark as deprecated/internal.
* Remove entries of modules that no longer exist.
* Update ignore.txt.
* Try to fix test.
* Remove debug output.
* feature: module dpkg_divert + tests
* try to skip non-deb linux distrib
* use collection namespace in EXAMPLES
* skip unsupported OS/distrib in tasks instead
* tests: remove unskipped distribs
* apply changes suggested by Andersson007
* Remove ANSIBLE_METADATA (no more needed).
* Normalize docstrings (capitalize descriptions, fix styling, use yes/no
booleans).
* fix descriptions
* update DOCUMENTATION
* Drop field 'version_added' (no more needed).
* Add a note about check_mode support.
* use list comprehension
* support diff mode
* Move 'before'/'after' dicts into 'diff' dictionary.
* Set 'diversion' as the actual state (or the state that would be
reached, when in check mode).
* Always return 'diversion' on handled exits (exit_json & fail_json).
* enable 'diff' mode in tests, add missing 'become'
* add sops lookup plugin
* fix pylint
* fix undefined encrypted_file variable
* decode sops output as text by default
* add variable to control decrypted content print in logs
* use Sops class decryption method
* lookup should return text, use appropriate ansible facility
* use ansible.module_utils._text.to_native
As required by Ansible documentation on [raising errors][raising-errors]
from plugins, use to_native to wrap errors to ensure string compatibility
between Python versions.
[raising-errors]: https://docs.ansible.com/ansible/latest/dev_guide/developing_plugins.html#id3
* use with_items instead of with_file in sops lookup documentation
[with_file][with-file], per Ansible documentation, returns the content of
the file. As sops is not able to decrypt a string by itself but requires
the file is passed as argument, passing the content breaks the lookup
plugin as reported by [here][bug-report].
[with_items][with-items] should be used instead.
[with-file]: https://docs.ansible.com/ansible/2.4/playbooks_loops.html#looping-over-files
[with-items]: https://docs.ansible.com/ansible/2.4/playbooks_loops.html#standard-loops
[bug-report]: https://github.com/ansible/ansible/pull/59639#issuecomment-540803722
* uniform sops exception handling between plugins
* Apply suggestions from code review
Co-Authored-By: Felix Fontein <felix@fontein.de>
* remove sops lookup plugin print option
Is no longer possible to print the decrypted secrets directly from this
plugin, but `debug` module can be used instead.
* add github handle to author
* add setup_sops integration target
* extract sops module
* add lookup_sops integration tests
* use sops module
* Update plugins/module_utils/sops.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/module_utils/sops.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/lookup/sops.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/module_utils/sops.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/module_utils/sops.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update test/integration/targets/lookup_sops/tasks/ubuntu.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/module_utils/sops.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update test/integration/targets/lookup_sops/files/simple.sops.yaml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Adding aliases file
* Emtpy spaces
* Update plugins/lookup/sops.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/lookup/sops.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/lookup/sops.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update test/integration/targets/lookup_sops/tasks/ubuntu.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/lookup/sops.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update test/integration/targets/lookup_sops/tasks/ubuntu.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update test/integration/targets/lookup_sops/tasks/ubuntu.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* gpg -> gnupg2
* with_items -> loop
* Move error logic to module_utils.
* Make Sops.decrypt() also handle errors and decode output.
* Improve error handling.
* Improve example formatting.
* Reorganize tests.
* Add test.
* Remove version_added.
Co-authored-by: Edoardo Tenani <edoardo.tenani@protonmail.com>
Co-authored-by: Edoardo Tenani <edoardo.tenani@gmail.com>
Co-authored-by: Edoardo T <endorama@users.noreply.github.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
* Added 'extra_install_args' option to allow extra upgrade/install
Example zypper args for this is
* --allow-vendor-change
* --replacefiles and
* --force-resolution
* Fix comment issue..
* Change extra_install_args option to a list.
Improved doc.
* Update plugins/modules/packaging/os/zypper.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/packaging/os/zypper.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Switch from using extra_install_args to individual module options.
* Fix syntax errors and limit 'allow-vendor-change' to 'dist-upgrade'
* Removed un-needed import
* Added changelog fragment
* Added tests for zypper replacefiles and allow_vendor_change options
* Removed dist-upgrade as it changes the test environment.
And it is hard to undo.
* Added proper test of replacefiles zypper option
Buiding two rpm packages containing same file path but with different content.
Making sure we fail to install them without the replacefiles options and that we succeed
using it.
* Make sure to create directory before writing files
* Fix indentation of ignore_errors
* Correct genereated rpm file name
* Improved duplicate file assertions
* Ensure no previous netcat package still exists.
* Corrected naming of example task.
* Fix variable name typo.
* Fix proper duplicate_content access
* Make sure to clean up duplicate rpms after tests.
* Removed debug
* Removed version_added of option allow_vendor_change and replacefiles
Co-authored-by: Felix Fontein <felix@fontein.de>
* add a new module iso_create
* add elements in argument spec
* remove changelog for new module
* change the path of test file
* comment out pip check task in test case
* comment out install pip in test case
* move pip install task and add skip python2.6
* gitlab_project_variable: added support for variable_type
* gitlab_project_variable: Added integration tests for variable_type file.
* Changed test case variable name, ansible was masking the output.
Setting the exit code in a trap overrides the exit code that caused the
trap to be called. This means if the test failed and called the trap,
the test will exit with 0 rather than the failure exit code.
* Don't die when docker CLI doesn't want to work with docker daemon.
* Allow more 'docker volume ls' failures
* More.
* Fix more failures.
* Forgot ignore_errors.
* Another one.
* More places.
* Try to install newer docker on RHEL8.
* Also restrict docker-ce-cli.