* Fix bug with redundancy templates and add integration tests for redundancy templates.
* vlan_list absent state support and fix for vlans as strings in vlan_list
* Fix junos_config confirm commit issue
Fixes#40626
* Due to issue in ncclient commit() method for Juniper
device (ncclient/ncclient#238)
add a workaround in junos netconf plugin to generate proper
commit-configuration xml and execute it using ncclient
generic `rpc()` method.
* Update junos_config doc
* Add run_commands api for ios and vyos cliconf plugin
* Add run_commands api to ios and vyos cliconf plugin
* Refactor ios and vyos module_utils to check return code
in run_commands
* Fix Ci failures
Certain project functions are not available on the openstack public api. Creating and deleting projects are examples where you must use the admin api.
In most devstack or simple openstack deployments the public, internal and admin apis may live at the IP. However in most production deployments the admin APIs are on a separate network than the public APIs. Therefore for these examples to consistently work, we must specify the admin endpoint_type.
* Issue #39860: Add 'not_contains' method to parsing.py
* Issue #30860 Adds self.negate to Conditional class in lib/ansible/module_utils/network/common/parsing.py
* Issue #39860 Fix singleton-comparison issue per sanity tests
* Issue #39860 'test/integration/targets/nxos_command/tests/cli/not_comparison_operator.yaml' integration test
* Issue #39860 Add unit tests to '../../test/units/module_utils/network/common/test_parsing.py'
* Issue #39860 Fix singleton comparison issue
* Fix E302 expected 2 blank lines, found 1
* Issue #39860 Add license header to unit tests
* Issue #39860 Move integration test to 'test/integration/targets/nxos_command/tests/common/'; remove unnecessary comment from unit test
* Issue #39860 remove unnecessary comment from unit test
* refactor win_group_membership to use SIDs for comparisons instead of name parsing
* carry over previous doc cleanup changes
* remove trailing whitespace from docs
* If we evaluate task.loop/with_items when calculating delegate_to vars, cache the items. Fixes#28231
* Add comments about caching loop items
* Add test for delegate_to+loop+random
* Be more careful about where we update task.loop
* Create splunk.py
This is a new callback for logging to Splunk. It is based on sumologic.py and updated to work with the Splunk HTTP Event Collector.
This has been by our team and others.
It is working with Ansible 2.5.2
* Update splunk.py
Addressed white spaces and formatting issues
* Update splunk.py
* Update splunk.py
* Updated version to match target release
Following code review recommendations. Thanks for the help
* Updated colon impacting documentation
Updated based on code reviews. Thanks the help
* Updated quotes to be consistent
* Add diff capability in vyos edit_config
Fetch onbox diff within edit_config cliconf
plugin and return it in response
* Remove diff returned from ios edit_config
* Fix CI failure
* More CI fixes
* runas + async - get working on older hosts
* fixed up sanity issues
* Moved first task to end of test for CI race issues
* Minor change to async test to be more stable, change to runas become to not touch the disk
* moved async test back to normal spot
* Add productType property as an ansible fact
Suggest to add productType property from win32_operatingsystem CIM instance to differentiate between versions and add new fact.
* update code to display human-readable string
Commit added in response to nizmahone's suggestion to add humane-readable strings to the display. uses switch statement to evaluate and update $ansible_facts hash table with proper information
* remove string conversion, modify switch default
Adjusts line 202 to remove .String() conversion from uInt32.
Adjusts switch test values to integers
Uses switch default clause to handle null values
* formatting
fixed formatting issues, moved product_type into variable.
adjust ansible_fact hash table key to be consistent with the rest of the code.
* Moved product type within distribution
* Use context managers for interacting with files
* Account for empty string as regexp
Rather than explicitly testing for None, also test for an empty string which will evaluate to False. An empty string regexp matches every line, which ends up replacing the incorrect line.
* Store line parameter in a variable
* Add tests
If a line match is found in the file and no regexp is specified, insertbefore would improperly try to add a line if set to BOF.
Add tests for this scenario.
* Use inventory.get_host instead of direct access to inventory.hosts. Fixes#32152
* Prevent potential side effect, by using self._inventory.localhost directly instead of get_host
* Add a module parameter to configure the max fetched AWS CFN stack events
* Add version documentation for new configuration option
* Increase default in order to make sure that enough are fetched by default. This align roughly with the limit of manageable resources in CloudFormation.
This fix adds a new parameter 'dvswitch_name' in networks argument spec.
When there are multiple distributed portgroup with the same name in the given
environment, it is difficult to pick particular dvpg. By specifying dvswitch value
we can pin point exact distributed portgroup to attach virtual machine to.
Fixes: #41781
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
- Comparison was not happening properly as it lacked full data
- Module now creates a full data structure on payload
- Defaults to America/Los_Angeles as that's what Meraki seems to do
* Fix ios and vyos cliconf edit_config return type
Modify cliconf edit_config api to return a json string with
diff and response received from remote host for ios and vyos.
* Doc change
Upon preparing the commands for sending to the device, cliconf converts
the optional prompt to a byte string. However, since there might be
multiple prompts specified, the conversion has to happen for each prompt
individually. Otherwise, wrong regexes will be compiled in
_handle_prompt from network_cli Connection.
* vyos and ios cliconf plugin refactor
* Refactor vyos cliconf plugin
* Change vyos module_utils and vyos_config as per refactor
* Minor changes in ios cliconf plugin
* Fix unit test failure
* Fix sanity issues
* Add get_diff to rpc list
* fix: exclude using wildcards for tar archives
Fixes#37842, #22947
* fix: Remove quote() as it munges the exclude format
* test: Refactor to use single archive structure
A common structure archived by different methods should simplify some of
the feature tests.
* test: Use common archive layout to validate exclude feature
* test: Use the same exclude checks for zip/tar archives
* validate vars_files entries are string_type or list
Fixes#17594
Signed-off-by: Adam Miller <admiller@redhat.com>
* use collections.Sequence to simplify if check
Signed-off-by: Adam Miller <admiller@redhat.com>
* fix minor issues with debug and item labels
- no more `item=None`, we always have a label now
- debug should only show expected information, either msg= or the var in var=
- also fixed method name, deprecated misleading _get_item
* Update zabbix_screen.py limit screen columns
Add option graphs_in_row that allows to limit the count of columns on zabbix screen. When graphs_in_row columns is filled, begins to draw next row. If there is many hosts with many graphs each, draws all graphs for one host in an column each below each other
* fix remove whitespaces before and after brackets
Fixing ansible-test sanity --test pep8 errors
moved
* fix documentation parsing error
Fixing error: missing documentation (or could not parse documentation): expected string or buffer
* ensure copy action plugin returns an invocation in result
Fixes#18232
Previously the action plugin for copy, which runs operations on the
control host to orchestrate executing both local actions on the
control host and remote actions on the remote host, is not returning
invocation dict in the result dict, this happens here where the
return from _copy_file() is None
When force is True, the _execute_module() method is called, which
returns the dict containing the invocation key. This patch ensures
there is always an invocation key.
Signed-off-by: Adam Miller <admiller@redhat.com>
* fix conditional, handle content no_log
Signed-off-by: Adam Miller <admiller@redhat.com>
* handle groups correctly when they are 'null'
- even if defined as mapping but having no keys, objects shoudl still be processed correctly
- also add ansilbe_verbosity to vars not to display in ansible-inventory
fixes#41692
* Initial commit for meraki_switchport module
- Query or modify swichport configurations
- Further optimizations are available
- Integration tests will require manual editing of file for others
* Remove blank lines
* Implement configuration template management
- Queries or removes templates
- Can bind or unbind templates to networks
- Module is idempotent only for binding and unbinding
- Meraki does not allow template creation via API
- Integration test is tedious b/c previous bullet point
- Fixed bug in construct_path() so it won't set self.function
* PEP8 changes
* Re-enable some integration tests, use variables, and fix broken code
* Initial commit of meraki_vlan module
- Create, delete, modify, and query VLANs within a network
- Support for all allowed objects in the VLAN data structure
- Meraki defaults networks to have VLANs disabled and there is no
way to use the API to enable VLAN support. It must be enabled
manually.
* Fix formatting error in documentation
* Formatting changes and added documentation
* PEP8 fix
* Initial commit for meraki_device module
- Allow claiming, removal, updating, and querying of devices
- Integration tests are included
- Integration tests are not complete because physical gear is required
- Integration tests also require Meraki subscriptions
* Added support for serial number query without network
* Added support for net_id and net_name
* Changes recommended by ansible-test for PEP8 and documentation
* Remove duplicate state in example
* Fix typo
* Add upgrade ('latest') support to pkgng module
* fixup for bad yaml
* fixup for bcoca review:
- add `version_added:` to description
- change examples to use `name:` and remove comments
- DRY out install_packages()
- clean up state conditional check in modules.params
* fixup to remove extra whitespace
* fixup to handle custom pkgsite when checking for updates
* fixup to remove misleading `version_added:`
* add notes to service_facts about accessing fact data
Signed-off-by: Adam Miller <admiller@redhat.com>
* remove unquoted :
Signed-off-by: Adam Miller <admiller@redhat.com>
* Enable to use greedy checks for outdated casks
When using brew cask outdated to check if an installed cask is outdated
or not, brew cask will skip casks that have auto_updates set to true or
version: latest. This means that Ansible tasks using the homebrew_cask
module to upgrade packages installed by brew cask will miss upgrading
such packages. However such packages can still be managed by brew cask
so we need to be able detect such packages. This can be done with the
--greedy flag passed to brew cask outdated as this will also include
such packages that are outdated. This commit adds a greedy parameter to
the homebrew_cask module to enable upgrading such packages using Ansible
tasks with the homebrew_cask module. The default behavior preserves the
same behavior as today. Example usage would be:
- homebrew_cask:
name: 1password
state: upgraded
update_homebrew: yes
greedy: yes
* Fix test issues
* Add extra comma to match style
* Fix vmware host config for all vmware OptionTypes
Setting some options and option types failed with invalid value errors being return from vmware, this resolves all known ways that issue can occur.
* Add logic for integer inputs as string
For example - "UserVars.ESXiShellInteractiveTimeOut": "20"
Fixes#40180Fixes#41212
When parsing the distribution files such as /etc/os-release, we extract
the full distribution version but not the major version. As such, the
ansible_distribution_major_version ends up being 'NA' whereas the
ansible_distribution_version contains the full version.
Before this patch we get this on openSUSE Leap 15
ansible -o localhost -m setup -a filter=ansible_distribution_major_version
localhost | SUCCESS => {"ansible_facts": {"ansible_distribution_major_version": "NA"}, "changed": false}
After this patch we get this
ansible -o localhost -m setup -a filter=ansible_distribution_major_version
localhost | SUCCESS => {"ansible_facts": {"ansible_distribution_major_version": "15"}, "changed": false}
This also fixes the Tumbleweed distribution test to report a proper
major version and also adds a test for openSUSE Leap 15.0 to avoid
potential future regressions.
Fixes: #41410
Read the Docs moved hosting to readthedocs.io instead of
readthedocs.org. Fix all links in the project.
For additional details, see:
https://blog.readthedocs.com/securing-subdomains/
> Starting today, Read the Docs will start hosting projects from
> subdomains on the domain readthedocs.io, instead of on
> readthedocs.org. This change addresses some security concerns around
> site cookies while hosting user generated data on the same domain as
> our dashboard.
There were bugs in this that needed to be resolved. No time to get the
fix reviewed sufficiently for 2.6.0.
We'll get this into 2.7.0 and try to get this into 2.6.1 as well.
Will need the work done in https://github.com/ansible/ansible/pull/36218
when it does get merged.
* service_facts correct meaning of state for systemd service units
Fixes#40809
Previously this module used the commend `systemctl list-unit-files
--type=service` to query state of services but list-unit-files only
shows enabled vs disabled which is not what we want for "state"
Signed-off-by: Adam Miller <admiller@redhat.com>
* make sure to define service_name before referencing it
Signed-off-by: Adam Miller <admiller@redhat.com>
* Support Smart Inventories
Add kind and host_filter fields and pass through to tower_cli.
* Add documentation for new Smart Inventories options
* Add missing description header for host_filter documentation
* Add version added tags to new options
* Bumped vesion_added to 2.7
* Add aws/core.py function to check for specific AWS error codes
* Use sys.exc_info to get exception object if it isn't passed in
* Allow catching exceptions with is_boto3_error_code
* Replace from_code with is_boto3_error_code
* Return a type that will never be raised to support stricter type comparisons in Python 3+
* Use is_boto3_error_code in aws_eks_cluster
* Add duplicate-except to ignores when using is_boto3_error_code
* Add is_boto3_error_code to module development guideline docs
* When using ANSIBLE_JINJA2_NATIVE bypass our None filtering in _finalize. Fixes#41392
* Add tests for _finalize bypass
* Address python3 failures in tests
* Connecting app network to vApp
This fixes connection mechanism for connecting app network to vApp and VM
after vApp creation, returning the IP assigned to the VM as fact 'vm_ip'
* removed duplicate check on task fail for vApp creation. Fixed issue with network_mode value for VCD version > 5.7
* fixed trailing white space
Signed-off-by: Kaneda-fr <sebastien@lacoste-seris.net>
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* pip tests: remove trailing spaces
* pip tests: use Jinja tests
* fixup! pip tests: remove trailing spaces
* pip tests: use 'command' instead of 'shell' module
* pip tests: remove unused variable
* pip tests: use a package with fewer dependencies
sampleproject has one dependency: 'peppercorn' and peppercorn doesn't
have any dependency.
* pip tests: check that 'name' param handles list
* pip: squash package parameters
Note that squashing will be removed in 2.11, new code should directly
use a list with the 'name' parameter.
python2-lxc module needs bytes, on the other hand python3-lxc requires text.
To solve such incompatibility, use to_native other than to_bytes.
This fixes#41060.
When we read files from disk we always want to read them as bytes and
then convert them to text ourselves. This gives us greater control over
what encodings are used, what to do in case of errors decoding the bytes
to text, and better resilience against problems on both Python 2 and
Python 3.
If we left it up to Python to do this, on Python2, this could mean
that config values end up as bytes (leading to tracebacks elsewhere in
the code). In Python3, it could traceback if the user's locale did not
match with the encoding of the ini file or config files could be decoded
as the user's locale encoding instead of as utf-8.
* VMware: Allow user to select disk_mode
This fix allows user to select disk modes for given disk configuration
in the given VM.
Fixes: #37749
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Review comments
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Don't ignore a duplicate host for an already processed include, assume that the repetition indicates a new include. Fixes#40317
* Add intg tests to ensure duplicate items in loop are not deduped
* Add note about relative indexing
* add example using peer keepalive vrf and delay restore
<!--- Your description here -->
add example using peer keepalive vrf and delay restore
+label: docsite_pr
+label: issue ansible/community#311
* Update nxos_vpc.py
update task name to include "existing"
The LDAP values may be of any kind (pictures, bytes, etc.) thus, ldap module enforce a "bytes" type.
We should pass properly encoded values instead of str
Fixes: #39569
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Test case for missing permissions
* Update aws_s3 module to latest standards
* Use AnsibleAWSModule
* Handle BotoCoreErrors properly
* Test for BotoCoreErrors
* Check for XNotImplemented exceptions (#38569)
* Don't prematurely fail if user does not have s3:GetObject permission
* Allow S3 drop-ins to ignore put_object_acl and put_bucket_acl
* If the command input is dict from module
in that case the check to see if command is
end or `!` to exclude it from executing on remote
host is wrong. Fix the logic to check `end` and
`!` commands
* aws_eks: New module for managing AWS EKS
aws_eks module is used for creating and removing EKS clusters.
Includes full test suite and updates to IAM policies to enable it.
* Clean up all security groups
* appease shippable
* Rename aws_eks module to aws_eks_cluster
* changing metadata to core support
* changing metadata to core support
* changing metadata to core support
* changing metadata to core support
* changing metadata to core support
* Changed request() to run json.loads() instead of module doing it
- Removed json.loads() from modules
- Removed some unreliable integration tests
- Removed self.function setting in construct_path()
-
* PEP8 changes
* Remove debug line for push
* Allow the use of 'aws:kms' as an encryption method
* Allow the use of a non standard KMS key
* Deduce whether AWS Signature Version 4 is required rather than specifying with a parameter
The compute policy was exceeding maximum size and contained
policies that already exist in ecs-policy.
Look up suitable AMIs rather than hardcode
We don't want to maintain multiple image IDs for multiple regions
so use ec2_ami_facts to set a suitable image ID
Improve exception handling
Fargate instances do not require memory and cpu descriptors. EC2 instances
do require descriptions. https://botocore.readthedocs.io/en/latest/reference/services/ecs.html#ECS.Client.describe_task_definition
Fargate requires that cpu and memory be defined at task definition level.
EC2 launch requires them to be defined at the container level.
Fargate requires the use of awsvpc for the networking_mode. Also updated,
the documentation regarding where and when memory/cpu needs to the assigned.
The task_definition variable for the awspvc configuration colided with
the ecs_service for the bridge network. This would cause the test to fail.
Add testing for fargate
Add examples for fargate and ec2
* Adding a switch to print logs
* Update to docs
* Adding `version_added` for the new option
* Updating version added
* Moving `output_logs` before `paued` for alphabetically ordering.
When using an empty string as the version argument, the module would
before attempt to run something akin to:
pip install module==""
This changes the behavior to:
pip install module
Fixes#41043
* Add support for classmap-authoritative option for composer
* Add support for apcu-autoloader option for composer
* Fix a typo for the no-plugins option
* Refactor ios cliconf plugin and ios_config module
* Refactor ios cliconf plugin to support generic network_config module
* Refactor ios_config module to work with cliconf api's
* Enable command and response logging in cliconf pulgin
* cliconf api documentation
* Fix unit test and other minor changes
* Doc update
* Fix CI failure
* Add default flag related changes
* Minor changes
* redact input command logging by default
In the process of building up the inventory by parsing each inventory
source with each available inventory plugin, there are three kinds of
possible errors (listed in order from earliest to latest):
1. One source could not be parsed by a particular plugin.
2. One source could not be parsed by any available plugin.
3. ALL sources could not be parsed by any available plugin.
The errors in (1) are a part of normal operation, e.g., the script
plugin is expected to fail to parse an ini-format source, and we will
ignore that error and try the next plugin. There is currently no way to
control this, and no known compelling use-case for a setting to control
it. This commit does not make any changes here.
We implement "any_unparsed_is_failed" to handle (2) above. If enabled,
this requires that every available source be parsed validly by at least
one plugin. In an inventory comprising a static hosts file and ec2.py,
this setting will cause a fatal error if ec2.py fails (a situation that
attracted only a warning earlier).
We clarify that the existing "unparsed_is_failed=true" setting causes a
fatal error only in (3) above, i.e., if NO inventory source could be
parsed. In other words, if there is ANY valid source in the inventory
(e.g., an ini-format static file), no combination of errors and the
setting will cause a fatal error.
If you want to execute your playbooks when your inventory is…
(a) complete, use "any_unparsed_is_failed=true".
(b) not empty, use "unparsed_is_failed=true".
The "unparsed_is_failed" setting should be renamed to
"all_unparsed_is_failed", but this commit does not do so.
Fixes#40512Fixes#40996
* Updating tower_job_template.py
* tower_job_template: Update parameter version_added to 2.7
* Ensure that unset credentials aren't passed
Passing empty strings for unset credentials causes ValueErrors as
the API expects an integer. Don't pass unset credentials
* tower_inventory_source: Add support for the inventory source via ansible-tower-cli.
* Add test coverage for tower_inventory_source.
* Update version_added to 2.7
* diff in as-path-set or prefix-set
* fix caveat diff can not have last line with comma in prefix-set/as-path/community-set
* Simplify fix to include indentation before parse
* remove debugger
* route-policy diffs
* fix iosxr_config crash issue
* new changes in iosxr_config after git add
* end-policy-map and end-class-map are properly indented so match misplaced children only when end-* is at the beigining also fix pep8
* Remaining config blocks of route-policy which needs exclusion from diff. added new tests
* pylint/pep8 warnings
* Review comments , sanity test fix
* shbang warning
* remove unused import
* added validate_certs option to zabbix_*_facts modules and fixed documentation to use doc fragment
* removed code duplication from zabbix_host_facts module
The parent parameter was not being used in the module. This meant
that all child profiles would use the system-defined parent instead
of the parent specified in the module
* fix ec2_ami block_device_mapping size to be int
* fixed cr issues
renamed `type` to `attribute_type`
reused `new_item` instead of creating new variable `value`
Fixes: #40631
The module was not correctly handling a certain state where the node
could be down, but the monitor was enabled on the node.
This patch fixes it.
With the addition on ajson.py in cbb6a7f4e8, two
new classes were created: AnsibleJSONDecoder and AnsibleJSONEncoder. These
classes are used when calling json.looads() and json.dumps().
This works fine with everything except the jsonfile.py cache plugin, which would
first try to import simplejson as json, then fall back to json. When simplejson
is installed, the load() or dump methods from simplejson are called, which then
try to use the AnsibleJSONEncoder/AnsibleJSONDecoder subclass from ajson.py.
But asjon.py imports json, not simplejson, and things blow up.
The debug message stated that the vault password client script was invoked as `example.py --vault-id=example`, while it's actually `example.py --vault-id example`.
* Adds requests.Session like class
* py2 syntax fix
* Add a few examples to the Request docstrings
* Add helper methods and docs
* Fix test failures
* Switch tests to test Request instead of open_url, add simple open_url test to validate funcitonality
* Fix filename in replace-urlopen code smell test
Removes the SSH enforcement because it breaks situations where, for example,
an admin maintains Ansible Tower and another team needs to use Ansible
with the BIG-IP modules, but the Tower admin does not want to install
the F5-SDK on the Ansible Tower instance.
In this situation, the user needs to delegate the execution of the BIG-IP
module to another linux host that does have the dependencies installed.
Usually this is done with delegation, often over SSH. Limiting the SSH
connection here prevents this from working.
* Support 'apply' to apply attributes to included tasks
* Cannot validate args for task_include
* Only allow apply on include_
* Re-enable arg validation, but only for include_tasks and import_tasks
* s/task/ir/
* Add tests for include_ apply
* Include context with AnsibleParserError
* Add docs for apply
* version_added
* Add free-form documentation back
* Add example of free-form with apply
* First pass at a src parameter that can be used in place of body. Supports binary files
* Add test for uri src body
* Bump version_added to 2.6
* Close the open file handle
* Add uri action plugin that handles src/remote_src
* Document remote_src
* Remove duplicate info about remote_src
* Bump version_added to 2.7
* Fixes ios_logging idempotency issues
* Added intergration tests & minor fixes
* Minor fixes in tests
* Minor fixes in tests #2
* eos_logging fixes after PR review
* Adding changed option to save_when for aireos
* Deprecating save option for aireos_config.
* Updating version_added to 2.7 since the PR missed the window for 2.6
* To fix following github issues 35774, 36574 and 39494
* To fix following github issues 35774, 36574 and 39494
* To fix following github issues 35774, 36574 and 39494
* To fix following github issues 35774, 36574 and 39494
* To fix following github issues 35774, 36574 and 39494
* To fix following github issues 35774, 36574 and 39494
* removed old_name new entry to make ui cleaner
* removed old_name new entry to make ui cleaner
* removed old_name new entry to make ui cleaner
* removed old_name new entry to make ui cleaner
* removed old_name new entry to make ui cleaner
* removed old_name new entry to make ui cleaner
* to resolve the bug 40709
* reslove shippable error
* reslove shippable error
* reslove shippable error
* reslove shippable error
* reslove shippable error
* reslove shippable error
* reslove shippable error
* reslove shippable error
* reslove shippable error
* to fix shippable nios automation error
* modified the name input parsing method
* modified the name input parsing method
* modified the name input parsing method
* modified the name input parsing method
* modified the name input parsing method
* modified the name input parsing method
* modified the name input parsing method
* modified the name input parsing method
* modified the name input parsing method
* shippable error fix
* shippable error fix
* shippable error fix
* shippable error fix
* shippable error fix
* review comment fix
* shippable error fix
* shippable error fix
* All instances of local connection should use _remote_is_local=True. Fixes#40551
* Switch to instance attribute for synchronize
* Add test that shows that synchronize _remote_is_local addresses tmpdir building
* Move k8s modules to dynamic backend
* update required openshift version
* update -> patch
* use new dynamic client exceptions
* style
* guard urllib3 import
* guard ansibleerror import
* give more information about error cause
* format in variable
* style
* rename tests
* Search for provided kind in a few more places to match old behavior, properly handle failure
* make common code use fail instead of fail_json, to work for lookup plugins as well
* update docs
* move openshift_raw tests into k8s tests
* fix typo
* Use diff of response and resource to determine change, don't do any checking client-side before making requests
* remove duplicate yaml blocks
* Update porting guide for k8s module
* remove invalid doc refs
* If fuzzy searching finds a resource, update resource_definition to match proper kind and version
* remote unsupported openshift_raw variables
* properly check environment variables when determining auth method:
* Remove 1.1.1.1 from *_config tests
* remove from *_smoke and *_system
* Miscellaneous other tests
* Remove from module documentation as well
* Remove from unit tests as well
* Remove accidental duplication from rebase
* Add a module to create a java key store (jks) from a certificate
* Create a jks from a certificate and a private key (secured by a password)
* Add an option to recreate the jks (useful when you want to update the jks password)
* If the certificate changed, recreate the jks
* Version added is now 2.7
One of Ansible best practices is "Always Name Tasks".
This should include tasks in examples as well so people can learn
what is the right way to use it.
Also fixes a discovered bug in block rescue detection related to inserting
the ansible_failed_{result|task} variables when the rescue is in a nested
block.
* Return the expected prompt character based on become status
* Update eos_banner tests for eapi
* Update eos_config tests for eapi
* Update eos_facts tests for eapi
* Update eos_interface tests for eapi
* Update eos_l3_interface tests for eapi
* Update eos_lldp tests for eapi
* Update eos_logging tests for eapi
* Update eos_smoke tests for eapi
* Update eos_system tests for eapi
* Do not gather mem facts if command invalid
In some firmwares, 'show memory statistics' fail, thus
do not populate mem if we got a failure after running that command.
* Fix pep8
* Warn if got error when running 'sh memory statistics'
* Fix pep8
* nxos_vlan fix
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* uncomment mode test as nxapi now has get_capabilities
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* First pass at vmware_deploy_ovf functionality
* Add OVA file support, re-structure code
* Move some useful functions to module_utils.vmware, and perform a little DRY too
* Better handling of errors during spec validation and import
* Properly calculate the lease progress percentage for all vmdk files
* Make warnings and errors a little better
* Add an allow_duplicates argument, that defaults to true, to allow users to have name based idempotency
* Add fail_on_spec_warnings to cause the module to treat warnings as errors
* Support non-vmdk uploads
* Add ova alias for ovf
* Rename vmdk_post_url to device_upload_url so it does not sound to specific to VMDK files
* Safer handling of * hostname in urls
* Add default Content-Type, remove unused headers var
* Add deploymentOptions and propertyMapping functionalities
* Add basic check_mode support
* Add vmware_deploy_ovf to list of use-argspec-type-path ignores
* Update version_added and fix path for use-argspec-type-path
* Add configurable folder
* Doc changes
* Add nxos_install_os integration tests
* Update call to check timers
* Update check_ansible_timer method
* Modify network_cli integration tests
* Add timer check for nxos_install_os
* Add comments for clear_persistent_sockets
* Update connection info for tests
* More updates
* Restructure files for provider and non-provider testing
* Update env var name and add check for ISSU switchover
The openstack modules do not support python 2.6 as the underlying
library dependency (openstacksdk) does not support python 2.6. Update
the docs to make this clear.
* check if timestamp is set in maven-metadata.xml. If it is not set, we don't have unique snapshot artifacts and can return the artifact name with the appended -SNAPSHOT
* Make use of a python module that is not deprecated anymore
* Updating version_added: "2.6" to version_added: "2.7"
* Added missing line
* Added notification about using different python module
PR #39373
* Add extra_specs to os_subnet module
This change removes the parameter limitation on `os_subnet` module for
Neutron subnet creation.
This way, any key value passed via `extra_specs` argument is included in
shade's API call.
Signed-off-by: Mário Santos <mario.rf.santos@gmail.com>
* Set default value of extra_specs to None
Signed-off-by: Mário Santos <mario.rf.santos@gmail.com>
* Raise ValueError in case of duplicate keys found
Signed-off-by: Mário Santos <mario.rf.santos@gmail.com>
* Update docs default value of extra_specs to {}
* Move cidr to kwargs to avoid positional argument
Signed-off-by: Mário Santos <mario.rf.santos@gmail.com>
* Print explicit list of duplicate keys
Signed-off-by: Mário Santos <mario.rf.santos@gmail.com>
* Fix precedence on the dict merge
Signed-off-by: Mário Santos <mario.rf.santos@gmail.com>
* Bump version_added of the extra_specs parameter
Signed-off-by: Mário Santos <mario.rf.santos@gmail.com>
* Add support for `mysqldump`'s `--ignore_table` switch.
* Fix documentation and default linter warning re: default parameter
* Add number to replacement field in cmd string
* Bump version_added to 2.7
* adds name server group support to nios_zone
* fixes style issues
* adds support for restart_if_needed
* adds type: bool to documentation for restart_if_needed
* doc fix
This is a helper for identifying whether the var is a sequence,
but is not of string-like type (optionally).
Co-authored-by: Toshio Kuratomi <toshio@fedoraproject.org>
Co-authored-by: Brian Coca <briancoca+dev@gmail.com>
Co-authored-by: Abhijeet Kasurde <akasurde@redhat.com>
The current example configuration is not
quite right, so this patch implements a
fix which corrects it
The 'inventory_hostname' argument is removed
as it's the same value as the default.
* Establish connection through openstacksdk
* Switch from shade to openstacksdk
* fix typo in link to openstacksdk
* remove nova_client usage
* further remove of min_version from openstack modules
* Initial commit for meraki_admin module
* Initial commit for meraki_snmp module
* Update code to be operational for SNMP settings
- Add optional_ignore value to is_update_required for one-time fields
- Write documentation
- Perform checks and execute changes
* Minor fixes and test improvements
- Fix some documentation errors
- Implement and test for idempotency
* Removed meraki_admin which shouldn't be there, ansibot changes
* Rename params to be lower case
- Updated integration tests
- Changed CamelCase to lowercase and underscore
* Code cleanup changes based on comments from Dag.
* Add cleaning function to handle **params
The cleaning function is only added to tower modules which pass a `**params`
argument as an unpacked dictionnary to the tower-cli method calls.
Fix#39745
* Remove previous code added only for tower_role
In 872a7b4, the `update_resources` function was modified so that it would clear unwanted
parameters. However, this behaviour is desired for other modules too, modified in
another commit. (see tower_clean_params).
* Port aws_ses_identity module to use AnsibleAWSModule
* Support Check Mode in aws_ses_identity
* Add tests for check mode
* Move feedback forwarding parameter check to before any changes are made.
* Fixed check_mode status to be the same as normal execution
* Now when setting the status to `disabled` in check_mode it correctly
returns the state changed and prints a warning like it does in normal
model. Before it always returned changed even if everything was set
correctly and a reboot was required.
* Add changelog entry
Co-authored by: Strahinja Kustudic <kustodian@gmail.com>
* Added interpreter parameter to the script module
* Let required and default parameters get documented implicitly for binary parameter
* Renamed interpreter parameter to executable
When running the test test/units/module_utils/urls/test_open_url.py
test_open_url_no_validate_certs, the test fails because of the SSLv2
check.
Test is run on a machine using openssl 1.1.0g. By reading the openssl
man page[1], one can see that support for SSLv2 has been removed.
> Support for SSLv2 and the corresponding SSLv2_method(),
> SSLv2_server_method() and SSLv2_client_method() functions where removed
> in OpenSSL 1.1.0.
>
> SSLv23_method(), SSLv23_server_method() and SSLv23_client_method() were
> deprecated and the preferred TLS_method(), TLS_server_method() and
> TLS_client_method() functions were introduced in OpenSSL 1.1.0.
Hence this commit remove the uses of this flag when it is not defined.
[1] https://www.openssl.org/docs/man1.1.0/ssl/SSLv23_method.html
As mentioned in this answer https://stackoverflow.com/a/41549694/6778826 we was able to solve a bad behaviour of `blockinfile` module.
We must change two parts in one file which we have done in two tasks. Every run have rewriten the first block with the second block in the wrong position. **After** we have set the `marker` in the second task to another value was the `blockinfile` module able to insert both parts in the right position in the same file.
* os_project_access: correct example tasks
The example task does not work. Fix it so that it does.
* os_project_access: Remove unused function
The _get_allowed_projects function is not used anywhere,
so we can remove it and be free of nova_client for this
module.
The os_server module uses the deprecated nova_client function, and
therefore ends up requiring python-novaclient installed. In this
patch we switch the ip detachment to make use of a shade function,
removing the need for python-novaclient.
* The module now correctly sets the timezone in both the config file and
in /etc/localtime; while hwclock is set in both the config and
/etc/adjtime.
* Module checks if the timezone is actually set by checking
/etc/localtime. Before it only checked if it was set in the config file.
* Fixed module not setting the timezone on RedHat systems if
/etc/localtime was a symbolic link.
* Fixed module failures in case of missing config files or incorrect data
in them.
* Added a lot of integrations tests to cover most of these situations.
* Add start and end timestamp to task result in json callback
Currently, the timestamp information is only provided directly by a few
Ansible modules (e.g. the command module, which shows the runtime of a
command per host result).
This change adds an 'overall' time information to all executed tasks. The
delta between both timestamps shows how long it took a task to finish
across all hosts/nodes.
This patch is also proposed for zuul and can be found here:
https://review.openstack.org/#/c/563888
* Add missing timezone information to 'start' and 'end' timestamps
As the datetime.isoformat() function is missing the timezone information,
we assume it's local time.
* Nest 'start' and 'end' timestamps in 'duration' field.
To clarify the purpose of those fields.
* Add 'start' and 'end' timestamps also for plays
* Add a 'machinectl shell' become_method
* docs: add explanations for the machinectl become_method
* docs: machinectl become_method: specify this part is specific to Linux+systemd setups
* cs_instance: implement host migration support
* fix build
* fail fast on update if user is not admin
* improve tests a bit
* expunge it
* fix typo
* disable temporarly verify for host on starting instance.
Add `mode` option which sets permission mode of a VM in octet format
Add `owner_id` and `group_id` which set the ownership of a VM
Move the waiting for state at the end of the module, so it could fail faster if there is some error
tagged_instances will only be returned only if count_attributes and/or count_labels are used, as specified in the documentation
Update relevant tests
Add tests for mode, owner_id, group_id
* Fix errors decrypted non-ascii vault vars
AnsibleVaultEncryptedUnicode was just using b"".decode()
instead of to_text() on the bytestrings returned from
vault.decrypt() and could cause errors on python2
if non-ascii since decode() defaults to ascii.
Use to_text() to default to decoding utf-8.
add intg and unit tests for value of vaulted vars
being non-ascii utf8
based on https://github.com/ansible/ansible/issues/37258Fixes#37258
* yamllint fixups
* Subversion: If the directory exists, we want the ability to checkout into it
and use the content as existing files; equivalent to svn checkout --force
I was expecting the force option to do this, however I understand why it
doesn't do that currently. I was debating with changing the meaning of force
to include this behaviour, however I've opted for a seperate flag for now
for backwards compatibility.
* Subversion: Sanity tests have failed suggesting this is the correct value
https://app.shippable.com/github/ansible/ansible/runs/60302/1/console
* Add documentation for setting multiple options.
* Do not set `cluster' to myhostname, if cluster is not set. This will cause
parse error, since module will try to parse the brick and hosts.
* Also fixes issue #40410
* gluster_peer: Module to create/dismantle trusted storage pool
* gluster_peer: Module to create/dismantle trusted storage pool
Added __init__.py and added function main() in the module.
* gluster_peer: Module to create/dismantle trusted storage pool
Empty __init__.py was needed. Removed comment from the file.
* gluster_peer: Module to create/dismantle trusted storage pool
Addressed review comments.
* gluster_peer: Module to create/dismantle trusted storage pool
Do version check more sanely, improve parameter handling.
* gluster_peer: Module to create/dismantle trusted storage pool
Use isinstance for type comparison.
* gluster_peer: Module to create/dismantle trusted storage pool
Use type=list for nodes parameter, get rid of literal_eval.
* gluster_peer: Module to create/dismantle trusted storage pool
Add parameter check_mode, had missed this somewhere in between.
* gluster_peer: do not set `force' in case of state=present
* gluster_peer: Fix typo in the documentation
* gluster_peer: make peer probe idempotent
* gluster_peer: Fix a logical error while evaluating booleans
* gluster_peer: set locale to C, pass list to run_command
* Adding module for AWS Config service
* adding integration tests
* Split resource types into their own modules
* Properly use resource_prefix and retry on IAM "eventual consistency"
* Add config aggregator module
* AWS config aggregator integration test fixes
* AWS config recorder module
* Config aggregation auth rule
* Use resource_prefix in IAM role name
* Disable config tests
* seconds set of netapp modules
* fixes
* Fix issues
* Fix future issues
* fix issues
* Fix issues
* changes
* Change force
* made fixes
* add new line to end of file
* Fix setting the cache when refresh_cache or --flush-cache are used
* Use jsonify function that handles datetime objects in jsonfile cache plugin
* Don't access self._options directly
* Add initial integration tests for aws_ec2 inventory plugin
* Add CI alias
* Fix and add a few more unit tests
* Add integration tests for constructed
* Fix typo
* Use inventory config templates
* Collect all instances that are not terminated by default
* Create separate playbook for setting up the VPC, subnet, security group, and finding an image for the host
Create a separate playbook for removing the resources
* Allow easier grouping by region and add an example
* use a unified json encode/decode that can handle unsafe and vault
* Refactor ec2_group
Replace nested for loops with list comprehensions
Purge rules before adding new ones in case sg has maximum permitted rules
* Add check mode tests for ec2_group
* add tests
* Remove dead code
* Fix integration test assertions for old boto versions
* Add waiter for security group that is autocreated
* Add support for in-account group rules
* Add common util to get AWS account ID
Fixes#31383
* Fix protocol number and add separate tests for egress rule handling
* Return egress rule treatment to be backwards compatible
* Remove functions that were obsoleted by `Rule` namedtuple
* IP tests
* Move description updates to a function
* Fix string formatting missing index
* Add tests for auto-creation of the same group in quick succession
* Resolve use of brand-new group in a rule without a description
* Clean up duplicated get-security-group function
* Add reverse cleanup in case of dependency issues
* Add crossaccount ELB group support
* Deal with non-STS calls to account API
* Add filtering of owner IDs that match the current account
* New module = AWS Glue connection
* Add a few initial integration tests
* Add alias for CI
* module rename
* finish module rename
* add loop when getting glue connection again so we dont get None
* Limit number of retries to get new glue connection info
Without this change, the module will simply fail with an error when
doing a query and not specifying the **lag_type** parameter.
The integration tests expect **lag_type** too, so this simply codifies
what was expected since inception.
This change addresses an issue where the prompt matching regular
expressions would not match a prompt if the hostname starts with a
numeric value. Before this change, the connection would fail with a
socket.timeout() error. This change updates the termnal_stdout_re
values to now check for a number.
See Github issue #38639
* Add auth key for OpenStack Volume Provider
For adding OpenStack Volume Provider we need to also add auth key,
value, for Ceph. This patch allows to add/update/remove auth keys.
Also fixing the issue for attach cinder SD to the datacenter.
* Fixing documentation
* Small fixes in ovirt_external_provider module.
Fixed doc for param and small changes.
* Fix comments from review.
Adds conditions for check mode.
* Move update auth key method in the module
* Remove empty line which pep8 complains about
* New ansible module netconf_rpc
* add integration test for module netconf_rpc
* pep8/meta-data corrections
* usage of jxmlease for all XML processing
separation of attributes "rpc" and "content"
* removed unused imports
improved error handling
* fixed pep8
* usage of ast.literal_eval instead of eval
added description to SROS integration test for cases commented out
* mismatch type between function arguments
* add testcase for prompt
* yamllint issues
* remove overwriting response in case of connectionError exception
* remove import of ConnectionError as it is not required
* add loadbalancer
* dict check nullable
* add default vallue when get list
* create backend addr pool
* fix the set
* fix to dict
* fix ideponement
* use param security group name when create
* nic can has no nsg
* add test
* fix
* fix
* fix
* add document
* add configuration
* fix
* fix
* remove all resources
* fix
* fix test
* add version added
* fix lint
* fix lint
* Fixes some NIC bugs (#39213)
* add loadbalancer
* dict check nullable
* add default vallue when get list
* create backend addr pool
* fix the set
* fix to dict
* fix ideponement
* use param security group name when create
* nic can has no nsg
* add test
* fix
* fix
* fix
* fix idemponet
* add document
* fix test
* add configuration
* fix
* fix
* remove all resources
* fix
* fix test
* add version added
* fix lint
* fix lint
* fix lint
* remove new feature and only submit bugfix
* remove useless test
* fix
* fix indent
* Update azure_rm_networkinterface.py
* fix comment
* support 3 types to specific name and resource group
* avoid test racing
* fix test
* add sample
* add resource id test
* zfs: Fix handling of parameters passed via check_invalid_arguments
cc7a5228 had a typo, so the merged set of arguments was shoved into the
wrong parameter and ignored.
`origin` is an actual module parameter and should be processed like one.
pop()ing makes debug output misleading.
* zfs: fix command generation for `zfs snapshot`
Creating a snapshot and supplying an origin are mutually exclusive,
but were not treated as such. We should throw an error instead of
running an invalid command (`zfs snapshot origin foo@snapname`.)
* Update jenkins_plugin.py
When setting state=latest, plugin are always updated because plugin_data['sha1'] contains trailing '\r\n' (so it always detecting a sha1 change)
+label: docsite_pr
* rstrip wasn't the solution but to_bytes is
In `2.5` (d1b63bd5), the `yum` module received the capability to disable
and enable specific plugins. However, these changes only applied to
certain parts of the logic. This change propagates those changes to the
rest of the module, specifically those using the `yum` API.
* Docs - add shared snippet note about password prompts for ssh keys
Signed-off-by: Adam Miller <admiller@redhat.com>
* add note to ssh connection plugin, fix markup, fix typo
Signed-off-by: Adam Miller <admiller@redhat.com>
* winrm: add better exception handling for krb5 auth with pexpect
* Added changelog fragment
* Added exception handler in case kinit path isn't valid, added test cases
* fixed for Python 2 compatibility
* win_updates: add scheduled tasks back in for older hosts
* Fixed up typo in category name error message
* Fixed up some minor issues after merge
* added changelog fragment
* Default to become but add override to use scheduled tasks
* Added basic unit tests for win_updates
* fix minor typos
* Add update_password parameter to rabbitmq_user
Inspiration for this feature is taken from the `user` module.
While `always` is the default in that module, it is not here. We default
to `on_create` to avoid changing existing behaviour.
Resolves#29260
* Update instructions for changing passwords
* Bump version_added as requested
* Check password before changing it
This allows accurate reporting of changed status even though
`rabbitmqctl change_password` doesn't.
* Remove instruction to use 'force' to update password
* Adds support to get value from Consul KV.
* Updates documentation.
* Corrects GRL copyright years.
* Resolves PEP 8 issues.
* Changes consul_kv NOT_SET value to `None`.
* Support getting Consul KV values recursively.
* Adds example of retrieving key value.
* parted module not idempotent for esp flag and name
Fixes#40452
Currently the parted module doesn't take into account names with
spaces in them which leads to non-idempotent transactions on the
state of the system because the name comparison will never succeed.
Also, when the esp flag is set, parted infers the boot flag and the
parted module did not previously account for this. This lead to
non-idempotent transactions as well.
Signed-off-by: Adam Miller <admiller@redhat.com>
* fix unit tests, expected command changed in the patch
Signed-off-by: Adam Miller <admiller@redhat.com>
Change the command to get the interface in a vlan "show vlan" => "show vlan brief"
Change the parsing of the return command of the switch.
The return of the ios command is fixed so i cut with fix number of carracter.
Adding looking for the next line to add the forgeted interfaces.
The snmp_facts module lacked any information on what kind
of data can be expected on the return of successful execution.
This patch expands the docs to included info on return output
including sample data and full descriptions.
Signed-off-by: Eric Brown <browne@vmware.com>
* fixing azure sanity tests
* fixing sanity
* fixing some tags issues
* removed unnecessary things from managed disk
* fixed location problem
* more sanity fixes
* sanity test fixes
* final sanity fixes?
* final fixes again
* undo changes related to container instance
* removed container instance
* readd again
* fixed stupid mistake
* removed _azure from changes
* one more mistake
* Adding flatpack_remote module
Includes contributions by oolongbrothers: adding documentation fixes, fixing import placements, fix module idempotency, improving error propagation.
* Aligns module with conventions and best practices
For improved robustness and readability; based on feedback by
dagwieers.
* Improves the module documentation
* Aligns copyright statement to conventions
* Renames remote > flatpakrepo_url and reworks documentation
* Adding flatpak module
Includes contributions by dagwieers
* Incorporates feedback by dagwieers
* Improves and aligns documentation to conventions
* Makes matching for url more robust
* Get the str value of xmlrpc.client.DateTime
* get_all_records should be used instead of get_all
* Facts returned with 'ansible_facts'
* Remove some redundant code
* Add cheese as maintainer
* Add changelog entry
* Return messages generated from edit_config to module
* This does not seem to work that way
* Change test IP addresses to not conflict with device config
* Set encrypted as default and fix empty password reporting changed
* Starting with Postgres 10 `UNENCRYPTED` passwords are removed and
because of that this module fails with the default `encrypted=no`.
Also encrypted passwords are suported since version 7.2
(https://www.postgresql.org/docs/7.2/static/sql-createuser.html) which
went EOL in 2007 and since 7.3 it is the default. Because of this it
makes a lot more sense to make `encrypted=yes` the default. This won't
break backward compatibility, the module would just update the user's
password in the DB in the hashed format and everything else will work
like before. It's also a security bad practice to store passwords in
plain text. fixes#25823
* There was also a bug with `encrypted=yes` and an empty password always
reported as changed.
* Improved documentation for `encrypted`/`password` parameters, and
removed some obsolete notes about passlib.
* Fix clearing user's password to work with all versions of Postgres
* Add tests for clearing the user password
* Fix documentation atfer rebase
* Add changelog fragment
In the last commit I modified the code to run commands when they are
daemonized. But the execution of "chkconfig" is not daemonized so it
uses "self.module.run_command(cmd)".
This commit set the default localize to allow proper screen scraping of
chkconfig command.
* I seem to have forgotten the back half of tests
* Set http timeout from persistent_command_timeout
* Tweak URL generation and provide URL on error
* Push var_options to connection process
* Don't wait forever if coming from persistent
* Don't send the entire contents of variables to ansible-connection
* Fix all cases with pause and ctrl+c
- naked:
- pause:
- with prompt
- pause: prompt=hi
- time wait
- pause: seconds=60
- time wait with prompt
- pause: seconds=60 prompt=hi
Fixes#35372
* Use curses to control stdout
* Use curses to clear lines on interactive input
* Validate input for echo parameter and fail nicely if invalid
* Add integration tests for pause module using pexpect
* Use try except when trying to determine erase sequence to account for lack of TTY in containers in tests
* Improve output validation for regular paus test
* Accept two digit precision for pause length in test
* Check for seconds when seconds is specificed, minutes when minutes is specified
* Add test for no TTY mode
Co-authored by: Toshio Kuratomi <a.badger@gmail.com>
Co-authored by: Brian Coca <brian.coca+git@gmail.com>