The Vultr API is inconsistent in the type of the value it returns
based on the resources. While most of the time it will be a dict, for
some resources it will be a list (/v1/user/list, /v1/block/list).
query_resource_by_key() fails if the return value isn't a dict (.items()
does not exist on list). This patch aims to support both list and dict.
* Hold httpapi response in BytesIO
* Let httpapi plugin deal with HTTP codes if it wants
* Python 3.5 won't json.loads() bytes
* Don't modify headers passed to send
* Move code handling back to send()
but let httpapi plugin have a say on how it happens
The bundled selectors library which is used by the local and ssh
connection plugins had a bug which caused a traceback in a cornercase.
If selectors were in use and a syscall was interrupted, selectors would
attempt to restart the syscall after the interrupt was processed. if
the attempt determined that the timeout for running the syscall had
already expired, the code attempted to raise OSError. The raise was
using a Python3-ism and needed to be ported to work on Python2.
Fixes#41630
* Fix cli_command junos test failure and update doc
* Fix cli_command module integration test failure
for junos
* Update cli_command module doc for prompt and
config command run scenario's
* Update cli_command module doc
* Collecting PEM -> DER conversions.
* Using cryptography instead of OpenSSL binary in some situations.
* Moving key-to-disk writing for key content to parse_account_key.
* Rename parse_account_key -> parse_key.
* Move OpenSSL specific code for key parsing and request signing into global functions.
* Also using cryptography for key parsing and request signing.
* Remove assert statements.
* Fixing handling of key contents for cryptography code path.
* Allow to disable the use of cryptography.
* Updating documentation.
* 1.5 seems to work as well (earlier versions don't have EC sign function). Making Python 2.x adjustments.
* Changing option to select_crypto_backend.
* Python 2.6 compatibility.
* Trying to test both backends separately for acme_account.
* Also testing both backends separately for acme_certificate and acme_certificate_revoke.
* Adding changelog entry which informs about select_crypto_backend option in case autodetect fails.
* Fixing YAML.
Fixes#42310
Previously, the firewalld module was making a call to
FirewallClientConfig.getZoneNames() which doesn't exist in versions
of firwalld older than 0.4.2, this patch implements the same logic
with older API calls to not require a newer version of firewalld.
Signed-off-by: Adam Miller <admiller@redhat.com>
In query_resource_by_key(), there is an equal comparison that is made to
know if the object we are looking for is present. Due to type difference
this comparison doesn't always retrieve true, even when it should.
This is due to the fact that the value in r_data dict are of type
unicode, while the other can be of type int, float,... .
```
>>> a = u'1'
>>> type(a)
<type 'unicode'>
>>> b = 1
>>> type(b)
<type 'int'>
>>> a == b
False
>>> str(a) == str(b)
True
```
Hence the values, for comparison purposes, are casted into strings.
* Merge again trickily similar Accelerated networking and IP forwarding
* Add type to enable_ip_forwarding documentation
* Fix merge error
* auth to auto
* azure_rm_networkinterface: remove auth_source from tests
* azure_rm_networkinterface: remove spurious auth_source from test
* azure_rm_networkinterface: Revert formatting on test
* azure_rm_networkinterface: Correct indentation
_parsed_return_data should only be used with the return from a module.
This location was invoking a remote shell command rather than a module
so we don't want it here.
they dropped the Linux so now it only shows as ALT, it should still be backwards compatible
pkg_mgr detection relies on `Altlinux` string, so properly setting os_distribution should take care of it as side effect
fixes#43539
* Remove use of simplejson throughout code base. Fixes#42761
* Address failing tests
* Remove simplejson from contrib and other outlying files
* Add changelog fragment for simplejson removal
* Change how data is sent to the persistent connection socket.
We can't rely on readline(), so send the size of the data first. We can
then read that many bytes from the stream on the recieving end.
* Set pty to noncanonical mode before sending
* Now that we send data length, we don't need a sentinel anymore
* Copy socket changes to persistent, too
* Use os.write instead of fdopen()ing and using that.
* Follow pickle with sha1sum of pickle
* Swap order of vars and init being passed to ansible-connection
* New module for managing EMC VNX Block storage
With the module emc_vnx_sg_member users can add or remove luns from
existing storage groups.
This module has been developed in couple with emc_vnx_mv_promote for
disaster recovery process automation, but can be used by itself.
This fix adds additional parameter 'datastore'. This parameter
provides a flexibility to specify custom datastore or datastore cluster
to deploy new virtual machine from template (which is located in different
datastore or datastore cluster from virtual machine's datastore or datastore
cluster).
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Remove wait_for & associated params
* Upgrade command dict to top-level, remove more wait_for accessories
* We don't need all this anymore
* Update docs
* Update tests to new argspec
* Be a little more explicit about sendonly
Also remove reference to the word provider.
* Add example of prompt and answer
This is to avoid users connecting to the APIC using SSH, which is likely
to fail. In the ACI documentation (linked from every module) we go into
more details on how people are supposed to work with the modules..
* Changing Lenovo Inc to Lenovo and update License file to be consistent.
* Moving code in util file to module file. This is done as per a review comment
* Update cnos_vlag.py
* Update cnos_vlan.py
* Update enos_config.py
Add exos_facts module. Known limitations at this time include:
- Interface MTU is not reported.
- Only primary interface IP is reported.
Add basic unit tests for the exos_facts module.
An EXOS CLI prompt can be prefixed with '! ' (shutting down), '* '
(running configuration does not match saved configuration), and
can include various status tokens within parentheses after these
prefixes. Update prompt regex to accept valid CLI prompts.
* Unified examples in all modules
* validate_certs is now 'no' instead of 'False'
* delegate_to changes
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* If the remote host supports session
capability set the `supports_generate_diff`
flag to false which identifies if config diff should
be generated within module or not
This functionality was not considered when the module was written, but
there's no reason why it shouldn't be supported.
We had to rework the query string construction and object filtering.
This new functionality allows to filter on arbitrary keys and supports
None values.
This PR fixes various issues with the existing framework, including
querying specific objects using construct_url_4 (i.e.
aci_epg_to_contract and aci_static_binding_to_epg)
Vultr API is being inconsisten in what it returns. An empty list when no
resources exists, but a dict of dict when they do. The case needs to be
handled so the module do not fail. An extra test has been added.
* Clarifications of parameters in yum_repo module
Added a note defining where the "name" parameter of the module will appear in the repo file and note explaining that the description parameter of the module is actually the name parameter in the repo file. It might help people transform their existing yum repository files in ansible managed repos.
If there are multiple distributed virtual portgroup network with same name
in different datacenter, vmware_guest module used to choose first DVPG irrespective
of the datacenter. This caused problem if two datacenter has same name for DVPG,
vmware_guest module failed with error "The object or item referred to could not be found."
This fix adds check to search for network (Distributed Virtual Portgroup)
till datacenter level. This avoids selection of same name DVPG from other datacenter.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
vmware_drs_rule_facts was missing details about vm_group and host_group
and their respective memeber names. This fix adds those details and updates documentation.
Fixes: #42980
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Added support for TLS-ALPN-01 verification.
* Unrelated commit to re-trigger tests.
* Added test for TLS-ALPN-01.
* Try to remove to_bytes in the hope that binary data survives in Python 2.
* Using Base64 encoding for TLS-ALPN-01 value.
delegate_to parameter in task only accepts string,
this fix will error out if other datatypes are provided instead of
string.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
Only print warning when ansible.cfg is actually skipped
* Also add unittests for the find_ini_config_file function
* Add documentation on world writable current working directory
config files can no longer be loaded from a world writable current
working directory but the end user is allowed to specify that
explicitly. Give appropriate warnings and information on how.
Fixes#42388
* Refactoring to persistence connection BGP, factory, reload, save, showrun modules
* Refactoring methods from Util to module file
* Removing BGP Utility methods
* Adding to errors that need to be ignored
* Allow for the specification of a rhsm_repo_ca_cert if changing baseurl
If changing the baseurl we should allow for a ca cert to be updated from redhat-uep.pem
* Fixing documentation section
* added version to option rhsm_repo_ca_cert
* got rid of extra CR
* Added changes for Issue #38828, adds scope paramater to systemd module
* Removed description for old paramater
* Added version_added field for new option
* Readded the user paramater as a deprecated paramater
* Changed version for the scope paramater since I missed the release window
* Implement signed_request for sigV4 requests
* Correct linting errors
* More linting changes. Correct import.
* Final linting fix for inline comments
* Correct import of urllib.parse
* Update copyright and shebang line
* Remove shebang
* Put boto3 requirement. Abtract out get_aws_key_pair for module consumption.
* Dummy out unused region variable.
* Handle Boto3 ImportError
* - implement get_aws_credentials_object with willthames suggestion
- Handle session_token
* Make quote style consistant
* Chop arugment line up
* Correct indent
* Support for postgresql default privileges
fix the following issues:
* #29701
* #23657
* The ALTER DEFAULT PRIVILEGES is implemented with type 'default_privs'
* Added a Query Builder for simplification
* Some minor lint
* Fixed Lint Issue in doc
Fixed misspelled method name
* Removed the damned empty space on line 243 ! (within the doc) x|
* Kept Compat in string interpolation for old beloved python 2.6
According to the do_encrypt interface, encrypt arg should be the hash method name used for encrypting returning password. But in the doc and lookup code it's a boolean flag, correct it to string.
* tower_* modules: move HAS_TOWER_CLI in TowerModule
Besides this change allows to define other common parameters such as
mutually_exclusive.
* tower_*: config file can not be used with auth params
* tower module_utils: remove useless call to expanduser
'path' type: expanduser & expandvars are automatically called
From terraform documentation:
```
The persistent data stored in the backend belongs to a workspace. Initially the backend has only one workspace, called "default", and thus there is only one Terraform state associated with that configuration.
Certain backends support multiple named workspaces, allowing multiple states to be associated with a single configuration. The configuration still has only one backend, but multiple distinct instances of that configuration to be deployed without configuring a new backend or changing authentication credentials.
```
This patch introduces the `workspace` parameter in the terraform module. The module will select
the workspace is it does not exists, or simply select it if it exists.
Fixes#43134
Add 'purge_workspace' parameter and handle the workspace context
The `purge_workspace` parameter allows to remove a workspace when asking for state = absent.
It allows to leave a clean state file without empty workspaces if the parameter is true.
Also adding the support of a workspace context that allows to restore the workspace
when that was active when the module started.
The existing rule priority comes from aws as a string. It is then
compared to the new rule priority, which is defined as an int. This change
casts the new rule priority as a string making the comparison work. The
reason to cast it as a string rather than an int is used because a priority
can also be set to 'default'. When trying to case 'default' as an int, it creates
an error.
* Raise exception if command timeout is triggered
Fixes#43076
If persistent connection timeout is triggered, riase
exception which will be send over socket to module code
instead of silently shutting down the socket.
* Fix CI failure
* Fix review comment
* Fix CI failure
* Fix review comment
* Fix review comment
If there were fatal bugs in this portion of config, they would never be displayed
because config would fail to load and then every^U (Exageration... only
half of every) other part of the code which depended on config to be
loaded would fail before we ever got around to a section of code that
would process UNABLE.
Remove the try except from here so that we are able to debug this code
On Python3, these would be text strings already. On Python2, we need to
convert them from bytes.
Use a new helper function py3compat to do this.
Fixes#43207
* remove leading dot in efs_facts mountpoint
* remove leading dot in efs_facts mountpoint
* remove leading dot in efs.py
* introduce filesystem_address var in efs* modules and revert changes to mount_point
* fixes issue 42420
* fixes issue 42420
* fix shippable docs error
* shippable fix and test case add
* shippable fix and test case add
* shippable fix and test case add
* shippable fix
* removing extra assert
* shippable fix
Some users have problems using the VMware modules because they use the
vCenter as target, and Ansible uses SSH to connect to the targets.
Eventually we need to update the VMware guide to explain how the modules
work, but the first fix is to update the examples.
(We should backport to v2.6 and v2.5 too)
* new nios module support
* new nios module support
* new nios module support
* new nios module support
* new nios module support
* new nios module support
* new nios module support
* new nios module integration test support
* new nios module integration test support
* new nios module integration test support
* new nios module integration test support
* new nios module integration test support
* new nios module integration test support
* new nios module integration test support
* new nios module integration test support
* new nios module integration test support
* new nios module integration test support
* new nios module integration test support
* new nios module integration test support
* new nios module integration test support
* new nios module integration test support
* new nios module integration test support
* new nios module integration test support
* new nios module integration test support
* new nios module integration test support
* new nios module integration test support
* new nios module integration test support
* new nios module integration test support
* new nios module integration test support
* new nios module integration test support
* new nios module integration test support
* test/integration/targets/nios_naptr_record/tasks/nios_naptr_record_idempotence.yml
new nios module integration test support
* fix pep8 error
* fix pep8 error
* adding newline at end
* adding newline at end
* adding newline at end
* adding newline at end
* adding newline at end
* adding newline at end
* adding newline at end
* adding newline at end
* adding newline at end
* adding newline at end
* adding newline at end
* adding newline at end
* adding newline at end
* adding newline at end
* New module request: azure_rm_virtualmachine_facts #38081
* New module request: azure_rm_virtualmachine_facts #38081#38279 pep8 fixes
* New module request: azure_rm_virtualmachine_facts #38081#38279 validate-modules fixes
* New module request: azure_rm_virtualmachine_facts #38081#38279 serialize_vm
* New module request: azure_rm_virtualmachine_facts #38081#38279 get_item
* New module request: azure_rm_virtualmachine_facts #38081#38279 avoid get vm twice
* New module request: azure_rm_virtualmachine_facts #38081#38279 some jborean93 requests
* New module request: azure_rm_virtualmachine_facts #38081#38279 camel_dict_to_snake_dict
* New module request: azure_rm_virtualmachine_facts #38081#38279 integration test
* New module request: azure_rm_virtualmachine_facts #38081#38279 virtual network required
* New module request: azure_rm_virtualmachine_facts #38081#38279 consider additional vms present
* New module request: azure_rm_virtualmachine_facts #38081#38279 trailing comma
* New module request: azure_rm_virtualmachine_facts #38081#38279 remove from smoketest
* New module request: azure_rm_virtualmachine_facts #38081#38279 filtering by tag fix
* New module request: azure_rm_virtualmachine_facts #38081#38279 virtual network issues fix
* New module request: azure_rm_virtualmachine_facts #38081#38279 remove trailing comma
* adding curated format for vm
* New module request: azure_rm_virtualmachine_facts #38081#38279 rights to zim + lint fixes
* clean up
* updates to vm facts
* commented out failing thing
* fixed mistake
* New module request: azure_rm_virtualmachine_facts #38081
* New module request: azure_rm_virtualmachine_facts #38081#38279 pep8 fixes
* New module request: azure_rm_virtualmachine_facts #38081#38279 validate-modules fixes
* fixed test
* fixed test problem
* New module request: azure_rm_virtualmachine_facts #38081#38279 serialize_vm
* New module request: azure_rm_virtualmachine_facts #38081#38279 get_item
* New module request: azure_rm_virtualmachine_facts #38081#38279 avoid get vm twice
* New module request: azure_rm_virtualmachine_facts #38081#38279 some jborean93 requests
* New module request: azure_rm_virtualmachine_facts #38081#38279 camel_dict_to_snake_dict
* New module request: azure_rm_virtualmachine_facts #38081#38279 integration test
* New module request: azure_rm_virtualmachine_facts #38081#38279 virtual network required
* New module request: azure_rm_virtualmachine_facts #38081#38279 consider additional vms present
* New module request: azure_rm_virtualmachine_facts #38081#38279 trailing comma
* New module request: azure_rm_virtualmachine_facts #38081#38279 remove from smoketest
* New module request: azure_rm_virtualmachine_facts #38081#38279 filtering by tag fix
* New module request: azure_rm_virtualmachine_facts #38081#38279 virtual network issues fix
* New module request: azure_rm_virtualmachine_facts #38081#38279 remove trailing comma
* adding curated format for vm
* New module request: azure_rm_virtualmachine_facts #38081#38279 rights to zim + lint fixes
* clean up
* updates to vm facts
* commented out failing thing
* fixed mistake
* fixed test
* fixed test problem
* ldap_entry 'Tuple_to_LDAPMod(): expected a byte string in the list' issue
* Revert "ldap_entry 'Tuple_to_LDAPMod(): expected a byte string in the list' issue"
This reverts commit efe316c52e5a70fc1aa9f58eff3a9d5b2599763f.
* changed return value
* fixed test
* fixed test mistake
* one space too much
* removed change made by mistake
* virtual machine description
* remove example
* fixed yaml
* actually check we can run scm command for roles
* a better error message than file not found
* more narrow exception hanlding
* refactor common functions for more extended use and further 'basic.py' separation
Some distribtuions like SUSE has the rc%.d directories under /etc/init.d
Quote of /etc/rc.d.README on SLES11.
"Some people expect the system startup scripts in /etc/rc.d/.
We use a slightly different structure for better LSB compliance."
* Use https:// for docs.aws.amazon.com in aws_s3 module
* Support Amazon S3 Dual-Stack Endpoints in aws_module
The default S3 endpoint only resolves to IPv4 addresses. By enabling
the dual-stack endpoint IPv6 too get added as an option.
* refactored from procedural to OOP
* updated ongoing maintenance windows to PagerDuty REST API v2
* update create maintenance windows to PagerDuty REST API v2
* update absent maintenance windows to PagerDuty REST API v2
* update pager alert module to PagerDuty REST API v2
* removed basic HTTP authorization
updated parameter description and examples
* fix failed sanity checks
* revised documentation according to review
* make obsolete service key parameter an alias to a new integration key parameter
Add back comma for required_one_of argument as it's
supposed to be an iterable of iterables.
PR #39787 by @Akasurde
Fixes: #39786
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Enable setting setting cliconf plugin options
Fixes#43367
* Add support to set configuration options for implementation plugins (eg: cliconf)
from `ansible-connection`
* Fix CI failure
* Add Ansible.ModuleUtils.PrivilegeUtil and converted code to use it
* Changed namespace and class to be a better standard and fixed some typos
* Changes from review
* changes to avoid out of bound mem of server 2008
* changes to detect failure when setting a privileged not allowed
* Convert to AnsibleAWSModule and support IAM permission boundaries
* Handle adding boundary to existing role that lacks one
* Properly clean up role boundary associations on delete
* Handle case when policy boundary is `""` but does not exist
While creating/reconfiguring vSwitch without NICs check if nics details
are gathered or not.
Fixes: #42619
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
This fix adds additional details of vswitch and dvswitch and their
respective nics used.
Fixes: #43009
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Implement initial RouterOS support
* Correct matchers for license prompts
* Documentation updates & mild refactor
* Remove one last Cisco function
* Sanity test fixes
* Move imports to the beginning
* Remove authorize property
* Handle ANSI codes
* Revert to_lines function
* CR fixes
* test(routeros): add unit tests
* Added another test (with ANSI colors and banner in fixture).
* Ignore CRLF line endings in system_package_print file
* fix: review by ganeshrn
* Changed Foreman timeout to be setable via a parameter
Added a Parameter to set the timout to wait for the started Foreman actions
by the user instead of using the hard coded 1000 Seconds
* katello module screamed for more docu :)
* fix docu + some ci findings
made docu better and moved chices in relations to other options to the description
* added a quote to description and removed wrong combination of param product
* Removed choices from params
also removed katello from a ignore file
* NXAPI ssl ciphers & protocols default values
* TLSv1, TLSv1.1, TLSv1.2 and weak cipher support
* NXOS NXAPI weak/strong cipher & TLSv 1.2, 1.1 & 1.0 support
* Version checking for strong/weak ciphers & TLS 1.2, 1.1 & 1.0 support
* Cleaned up erroneously committed changes.
* Specific NXOS platform checking for nxapi ssl ciphers & protocols
* Fixed ansibot reported errors.
* Resolved ansibot reported error.
* Added network_os_version to mocked up N7K unit test device_info
* Calling get_capabilities() once in main and passing results into methods.
* Removed raising exceptions when platform capabilities return None
per reviewers request. Skipping nxapi ssl options when capabilities
are None and generating a warning when these options are skipped
* Cleaned up explicit checks for None/not None
* Add new module for Redfish APIs
Communicates with Out-Of-Band Controller through Redfish APIs
Module gathers hardware information and sends back
* Removed unused library imports
* Removed token entry from headers
* Made 'command' optional and defined default value for each 'category'
* Replace 'result' with 'ansible_facts' for returned dict variable
* Removed unused variable definitions and library imports
* Renamed dicts where data is returned.
Should make it easier to sort through returned data that is placed
in one file.
* Defined dicts to specify available categories and commands in each one.
- Allows specifying default command for each category
- Allows specifying all commands for each category
- Removed Inventory category and moved commands to System category
- Renamed dicts where data is returned to allow to dump more than one in a file
* Remove choice[] since it's redundant
* Added flexibility when specifying categories
- If a category is not specified, it sets a default value
- Can handle more than one category
- Will accept value "all" for category which will set to all available
- Renamed category System to Systems to better reflect Redfish API
* Defined default category in a variable
* Made category argument a list
* Added examples
* Made command argument a list
* Replaced 'ansible_facts' with 'redfish_facts' for returned dict variable.
* Added default value for category in documentation
* Moving redfish_facts inside ansible_facts
* Updated how results dicts are constructed, where applicable
* Improved error messages
* Removed unused variables
* Undo commit 66a7dcd789726913bdb7a25e59cc3aa2125db95d due to variable 'e' oversight
* CNOS Vlag module is refactored to use persistence connection instead of paramiko.
* Changing interface and port channel modules to persistent connection and adding UT for them.
* Fixing pep8 issues
* Removing trailing new line
* Removing trailing new line
* Removing trailing new line
* Correcting indentation mistake
* Update cnos_vlag.py
* Removing commented examples
They are commented because those configurations are not meant for L2 ports
VSAN related facts (cluster_uuid) will be used in vmware_vsan_cluster
while adding new host in VSAN cluster.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* nxos cliconf plugin refactor
Fixes#39056
* Refactor nxos cliconf plugin as per new api definition
* Minor changes in ios, eos, vyos cliconf plugin
* Change nxos httpapi plugin edit_config method to be in sync with
nxos cliconf edit_config
* Fix CI failure
* Fix unit test failure and review comment
Now that we don't need to worry about python-2.4 and 2.5, we can make
some improvements to the way AnsiballZ handles modules.
* Change AnsiballZ wrapper to use import to invoke the module
We need the module to think of itself as a script because it could be
coded as:
main()
or as:
if __name__ == '__main__':
main()
Or even as:
if __name__ == '__main__':
random_function_name()
A script will invoke all of those. Prior to this change, we invoked
a second Python interpreter on the module so that it really was
a script. However, this means that we have to run python twice (once
for the AnsiballZ wrapper and once for the module). This change makes
the module think that it is a script (because __name__ in the module ==
'__main__') but it's actually being invoked by us importing the module
code.
There's three ways we've come up to do this.
* The most elegant is to use zipimporter and tell the import mechanism
that the module being loaded is __main__:
* 5959f11c9d/lib/ansible/executor/module_common.py (L175)
* zipimporter is nice because we do not have to extract the module from
the zip file and save it to the disk when we do that. The import
machinery does it all for us.
* The drawback is that modules do not have a __file__ which points
to a real file when they do this. Modules could be using __file__
to for a variety of reasons, most of those probably have
replacements (the most common one is to find a writable directory
for temporary files. AnsibleModule.tmpdir should be used instead)
We can monkeypatch __file__ in fom AnsibleModule initialization
but that's kind of gross. There's no way I can see to do this
from the wrapper.
* Next, there's imp.load_module():
* https://github.com/abadger/ansible/blob/340edf7489/lib/ansible/executor/module_common.py#L151
* imp has the nice property of allowing us to set __name__ to
__main__ without changing the name of the file itself
* We also don't have to do anything special to set __file__ for
backwards compatibility (although the reason for that is the
drawback):
* Its drawback is that it requires the file to exist on disk so we
have to explicitly extract it from the zipfile and save it to
a temporary file
* The last choice is to use exec to execute the module:
* https://github.com/abadger/ansible/blob/f47a4ccc76/lib/ansible/executor/module_common.py#L175
* The code we would have to maintain for this looks pretty clean.
In the wrapper we create a ModuleType, set __file__ on it, read
the module's contents in from the zip file and then exec it.
* Drawbacks: We still have to explicitly extract the file's contents
from the zip archive instead of letting python's import mechanism
handle it.
* Exec also has hidden performance issues and breaks certain
assumptions that modules could be making about their own code:
http://lucumr.pocoo.org/2011/2/1/exec-in-python/
Our plan is to use imp.load_module() for now, deprecate the use of
__file__ in modules, and switch to zipimport once the deprecation
period for __file__ is over (without monkeypatching a fake __file__ in
via AnsibleModule).
* Rename the name of the AnsiBallZ wrapped module
This makes it obvious that the wrapped module isn't the module file that
we distribute. It's part of trying to mitigate the fact that the module
is now named __main)).py in tracebacks.
* Shield all wrapper symbols inside of a function
With the new import code, all symbols in the wrapper become visible in
the module. To mitigate the chance of collisions, move most symbols
into a toplevel function. The only symbols left in the global namespace
are now _ANSIBALLZ_WRAPPER and _ansiballz_main.
revised porting guide entry
Integrate code coverage collection into AnsiballZ.
ci_coverage
ci_complete
* uri: Avoid exception in common scenario
So I was confused by the fact that the **uri** module, when not
returning an acceptable HTTP status code, returns:
The full traceback is:
File "/tmp/ansible_UQwiI4/ansible_module_uri.py", line 471, in main
uresp['location'] = absolute_location(url, uresp['location'])
While the actual error was:
Status code was 400 and not [201]: HTTP Error 400:
I also wonder why that message ends abruptly. I would have expected
`HTTP Error 400: Bad Request` which would be more useful.
* uri: Avoid false positive tracebacks in fail_json() on PY2
One of the earlier implementation of unified temp for 2.4 passed the
temp diretory to the remote side using this environment variable. We
later changed it to be passed via a module parameter but forgot to
remove the environment variable.
* fix fedora version dnf fact, default pkg_mgr detection per distro family
* loop over possible dnf/yum paths in case there are multiple canonical sources later in life
Signed-off-by: Adam Miller <admiller@redhat.com>
* Support multi-doc yaml in the from_yaml filter
* Most automatic method of handling multidoc
* Only use safe_load_all
* Implement separate filter
* Update plugin docs and changelog
Allow specifying the source and destination files' encodings in the template module
* Added output_encoding to the template module, default to utf-8
* Added documentation for the new variables
* Leveraged the encoding argument on to_text() and to_bytes() to keep the implementation as simple as possible
* Added integration tests with files in utf-8 and windows-1252 encodings, testing all combinations
* fix bad smell test by excluding windows-1252 files from the utf8 checks
* fix bad smell test by excluding valid files from the smart quote test
* Only add exception/traceback on Python 3
On Python 2 the traceback could be any exception from the stack frame
and likely unrelated to the fail_json call.
On Python 3 the traceback is cleared outside any exception frame, so the
call always returns the most inner traceback (if any), and therefor is
most likely related to the fail_json call.
* Add uncertainty to traceback on Python 2
On Python 2 the last exception in the stack frame is being returned,
this could be unrelated to the actual error, especially if fail_json()
is called outside an except: block.
* Add parameter to keep elb rules
Does not purge elb rules. This is usefull if running the elb_application_lb
role and there is the desire to keep existing rules.
* Change variable name keep_rules to purge_rules
The descriptor purge has been used in the past.
* Changed default for purge_rules
Default is purge_rules. This is how the module has functioned previously. This change maintains
the previous behavior.
* Add integration test for purge_rules flag
* Change wording of test task
* Fix merge conflcit
* Changed default for purge_rules
Default is purge_rules. This is how the module has functioned previously. This change maintains
the previous behavior.
* merge conflcit
* Change wording of test task
* Add purge_rules option to test
* Change test description wording
* Expand purge_rules documentation
* Clarifies documentation for purge_rules option
* Documentation change for resizefs
Changed documentation to match the default value of resizefs set in the code.
Added a note on the resizefs use on the example utilizing it.
* Remove test now it validates fine
This provides a more convenient way for testing (async) jobs.
When used with a non-async job it will report a warning so the user is
aware that he may be doing something incorrect.
Since the 'finished' result value is an integer (!), the test is turning
this in a proper boolean.
* cobbler_system: New module to manage Cobbler systems
This module is useful to provision new systems using Cobbler and Ansible.
* cobbler_system: warn on invalid properties
This fix checks if dirname is not equal to '' before proceeding
to create actual directory with name.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* The JSONDecodeError exception only exists in Python 3.
* Without a properly parsed JSON response there is no more error
processing to be done, no matter the http response code.
Relates to #38178
* Detect failed sysvinit module
- This checks the stderr instead of the rc to detect whether the
sysvinit module was successful or not, as even when failing, the
rc would be 0.
- It immediatly became obvious that the debug info when failing
was far too little to properly debug the role. To improve this,
I also added the rc, stderr and stdout to the debug output.
* Revert stderr check to rc check, rename out->stdout, err->stderr
* win_user: use different method to validate credentials that does not rely on SMB/RPC
* Use Add-Type as SetLastError on .net reflection not working on 2012 R2
* win_chocolatey: refactor module to fix bugs and add new features
* Fix some typos and only emit install warning not in check mode
* Fixes when testing out installing chocolatey from a server
* Added changelog fragment
* Enable check_mode in command module
This only works if supplying creates or removes since it needs
something to base the heuristic off. If none are supplied it will just
skip as usual.
Fixes#15828
* Add documentation for new check_mode behavior
* ec2.py:
* source_dest_check default value is now None, updated docs
* Refactor restart_instances and startstop_instances -> Two new functions to prevent repetition: check_source_dest_attr and check_termination_protection
* Properly handle default package manager vs apt
For distros where apt might be installed but is not the default
package manager for the distro, properly identify the default distro
package manager during fact finding and re-use fact finding from
DistributionFactCollector and instead of reimplementing small
portions of it in PkgMgrFactCollector
Add unit test to always check the apt + Fedora combination to test
the new code.
Fixes#34014
Signed-off-by: Adam Miller <admiller@redhat.com>
* remove q debugging output I accidentally left behind
Signed-off-by: Adam Miller <admiller@redhat.com>
* add os_family to the conditional so we're only hitting that code path when needed
Signed-off-by: Adam Miller <admiller@redhat.com>
* setup for a _check* pattern for general os_family group pkg_mgr checking
Signed-off-by: Adam Miller <admiller@redhat.com>
* use Mock.patch decorator for os.path.exists in TestPkgMgrFactsAptFedora
Signed-off-by: Adam Miller <admiller@redhat.com>
Allows patching of custom Kubernetes resources that
don't support strategic merge patching
Check that openshift module supports content_type param
(requires version newer than 0.6.0)
* Update dnsimple-python minimum version to 1.0.0 as it supports API v2 and API v1 is deprecated.
* Update examples.
* Update documentation.
Fixes: #42495
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
This commit introduces a new module called vr_startup_script_facts.
This module aims to return the list of startup scripts avaiable
avaiable in Vultr.
Sample available here:
```
"vultr_startup_script_facts": [
{
"date_created": "2018-07-19 08:52:55",
"date_modified": "2018-07-19 08:52:55",
"id": 327140,
"name": "myteststartupscript",
"script": "#!/bin/bash\necho Hello World > /root/hello",
"type": "boot"
}
]
```
* Add src parameter to elasticsearch_plugin
Previously specifying a URL or a file name (which is supported by the
Elasticsearch plugin tooling) would not work correctly with Ansible, because the
detection of the current installation state did not handle this well.
This commit adds a new "src" parameter for the module, which can be specified in
addition to the plugin name. It will be used to retrieve the plugin from
a custom location while keeping the final plugin name available to determine if
it is already present or not.
The url parameter remains for ES 1.x compatiblity.
* Fix sanity test errors
* Add version_added for src option
* Increase first added version to 2.7
* Update nclu.py
Stop module from running `net` on empty commands.
* Update nclu.py
Updated the copyright date
* Update nclu.py
Returned metadata version to 1.1
* Update nclu.py
Fix indentation to be a multiple of 4.
* Create changelog fragment
linked_clone requires snapshot_src parameter. This fix makes them required_together
and update documentation. Also, testcase is added.
Fixes: #42349
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Support setting persistent command timeout per task basis
Fixes#42200
* Add variable `ansible_command_timeout` to `persistent_command_timeout`
option for `network_cli` and `netconf` connection plugin so that the
command_timeout can be set per task basis while using `connection=network_cli`
or `connection=netconf`
eg:
```
- name: run copy command
ios_command:
commands:
- show version
vars:
ansible_command_timeout: 40
```
* Modify `ansible-connection` to read command_timeout value from
connection plugin options.
* Add `ansible_command_timeout` to `persistent_command_timeout`
option in `persistent` to support `connection=local` so that
it is backward compatibilty
* To support `connection=local` pass the timeout value as variables
from persistent connection to `ansible-connection` instead of sending
it in playcontext
* Fix CI failure
* Fix review comment
* Check get_option method works with inventory plugins
This use case is already tested by some cloud inventoty plugin but
these tests are slow and aren't always executed, hence this new quick
test.
* AnsiblePlugin: Fix typo in docstring
* change infoblox_client to infobblox-client
* change infoblox_client to infobblox-client
* change infoblox_client to infobblox-client
* change infoblox_client to infobblox-client
* change infoblox_client to infobblox-client
* change infoblox_client to infobblox-client
* change infoblox_client to infobblox-client
* change infoblox_client to infobblox-client
* change infoblox_client to infobblox-client
* change infoblox_client to infobblox-client
* change infoblox_client to infobblox-client
* change infoblox_client to infobblox-client
* ios_user module - add sshkey support
* ios_user - Add version_added to sshkey option
* ios_user - pep8 indentation fixes in unit tests
* ios_user - use b64decode method that works on python 2 and 3
* Only report change when home directory is different
Add tests with home: parameter
Have to skip macOS for now since there is a bug when specifying the home directory path for an existing user that results in a module failure. That needs to be fixed in a separate PR.
Ensure that FieldLevelEncryptionId is properly handled - passing it if
set, and keeping it if returned by GetDistribution
Update cloudfront_distribution tests to remove references to
test_identifier so test suite actually works
Fixes#40724
<!--- Your description here -->
This change is intended to help users know that a win_wait_for module exists and should be used for working on Windows hosts, as the documentation gives the impression that this module works on Windows - but if tried, it produces a large amount of stderr output.
+label: docsite_pr
This commit adds a conditional inside the constructor so that if a user
didn't specified an image parameter all the code related to the image
version comparison is omitted.
This is extremely useful when a user want to just stop and start
containers using just the name, keeping everything as it is, without the
need of specifying all the image and command stuff used at creation.
Today if you don't specify the image you get an error, and this is a
confusing [1] behavior.
[1] https://github.com/ansible/ansible/issues/27960
* JM: allow choco to install 32 bit version
* JM: style corrections
* Revert style changes in lists
* JM: changing from boolean to string choice
* JM: updating example
* ucs_storage_profile module and integration tests
* Remove space in doc link to fix docs-build issue.
* Added suboption documentation and argument spec supporting list suboptions.
* Various small edits
This commit introduces a new module called vr_firewall_group_facts.
This module aims to return the list of firewall groups avaiable
avaiable in Vultr.
Sample available here:
```
"vultr_firewall_group_facts": [
{
"date_created": "2018-07-17 12:22:51",
"date_modified": "2018-07-17 12:24:47",
"description": "ansible-firewall-group",
"id": "fb5a0876",
"instance_count": 0,
"max_rule_count": 50,
"rule_count": 1
}
]
```
This commit introduces a new module called vr_dns_domain_facts.
This module aims to return the list of DNS domains avaiable avaiable in
Vultr.
Sample available here:
```
"vultr_dns_domain_facts": [
{
"date_created": "2018-07-19 07:31:14",
"domain": "ansibletest.com",
}
]
```
This commit introduces a new module called vr_user_facts.
This module aims to return the list of user avaiable avaiable in Vultr.
Sample available here:
```
"vultr_user_facts": [
{
"acls": [],
"api_enabled": "yes",
"email": "mytestuser@example.com",
"id": "a235b4f45e87f",
"name": "mytestuser"
}
]
```
* implementing disable_excludes
* add check for yum version
* limit choices
* add testcases for disable_exclude
* fix formating
* add documentation
* syntax fix for test case
* fix indentation
* need to ignore errors when we want to do a test that fails
* test disable_excludes with zip and not sos
* add tests for yum < 3.4 not supported
* fix formating
* centos 6.1 does not support map
* drop unsupported selectattr
* cleanup testcases
* fix test cases beloging to wrong test scenarion (propper when)
* evaluate expression
* minor test fixes
* check output of msg
* Add support for global IGMP configuration on onyx switches
Signed-off-by: Samer Deeb <samerd@mellanox.com>
* Add support for global IGMP configuration on onyx switches
Signed-off-by: Samer Deeb <samerd@mellanox.com>
* Changing Lenovo Inc to Lenovo and update License file to be consistent.
* Changing cnos_vlan from paramiko to persistence connection of Ansible. Also talking care of CLI changes in CNOS commands with backward compatibility.
* Fixing Validation issues
* Trailing lines removal
* Review comments of Gundalow are getting addressed. He mentioned only at one place for cnos.py. But I have covered the entire file.
* Changes to incorporate Review comments from Qalthos
* Removing configure terminal command from module code
* Aligning with change in run_cnos_commands method changes
* Editing cliconf for latest CNOS CLIs
* Delete all versions and deletemarkers in S3_Bucket when force parameter is passed
* Fix PEP8 style conformance
* Clarify explanation of force parameter
This commit introduces a new module called vr_plan_facts.
This module aims to return the list of plan avaiable avaiable to use on
booted servers.
Sample available here:
```
"vultr_plan_facts": [
{
"available_locations": [
1
],
"bandwidth": 40.0,
"bandwidth_gb": 40960,
"disk": 110,
"id": 118,
"name": "32768 MB RAM,110 GB SSD,40.00 TB BW",
"plan_type": "DEDICATED",
"price_per_month": 240.0,
"ram": 32768,
"vcpu_count": 8,
"windows": false
}
]
```
This commit introduces a new module called vr_os_facts.
This module aims to return the list of OSes avaiable avaiable to use to
boot servers.
Sample available here:
```
"vultr_os_facts": [
{
"arch": "i386",
"family": "ubuntu",
"id": 216,
"name": "Ubuntu 16.04 i386",
"windows": false
}
]
```
This commit introduces a new module called vr_region_facts.
This module aims to return the list of region avaiable avaiable to use
where boot servers.
Sample available here:
```
"vultr_region_facts": [
{
"block_storage": false,
"continent": "Europe",
"country": "FR",
"ddos_protection": true,
"id": 24,
"name": "Paris",
"regioncode": "CDG",
"state": ""
}
]
```
This commit introduces a new module called vr_sshkey_facts.
This module aims to return the list of SSH keys avaiable in Vultr.
Sample available here:
```
"vultr_sshkey_facts": [
{
"date_created": "2018-07-10 14:49:13",
"id": "5b43c760d7d84",
"name": "me@home",
"ssh_key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC+ZFQv3MyjtL1BMpSA0o0gIkzLVVC711rthT29hBNeORdNowQ7FSvVWUdAbTq00U7Xzak1ANIYLJyn+0r7olsdG4XEiUR0dqgC99kbT/QhY5mLe5lpl7JUjW9ctn00hNmt+TswpatCKWPNwdeAJT2ERynZaqPobENgewrwerqewqIVew7qFeZygxsPVn36EUr2Cdq7Nb7U0XFXh3x1p0v0+MbL4tiJwPlMAGvFTKIMt+EaA+AsRIxiOo9CMk5ZuOl9pT8h5vNuEOcvS0qx4v44EAD2VOsCVCcrPNMcpuSzZP8dRTGU9wRREAWXngD0Zq9YJMH38VTxHiskoBw1NnPz me@home"
}
]
```
* win_chocolatey_source: add new module to manage Chocolatey sources
* Added examples and fix diff run
* Minor fixes from review
* When editing a source, recreate with the explicit options instead of using the existing source
* Fixed up copyright header in PowerShell file
This fix adds dns_suffix as a list of domain suffixes and
also updates documentation and example.
Fixes: #42229
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Windows: Add special parameter types
Adding explicit parameter types now exposes this information in the
module documentation, and proves really helpful.
We only do this for non-string types as strings, mostly because strings
are implicit.
PS We also make copyright statements consistent and use #Requires for
explicit library imports
* Type "string" must be type "str"
* A few more Copyright corrections
* More fixes
* Don't add file encoding to Powershell files
* Don't add missing interfacetypes parameter
Otherwise CI demands an incorrect version_added
* Small fix
This library is a backport (to 2.x versions of Python) of the code
that is found in the mainline versions of Python 3.x. It is being
included so that networking vendors, and others, can make use of it
without needing to add a python module dependency to their own modules.
A separate dependency would add to user burden of satisfying those
dependencies before using some Ansible modules.
In a previous core meeting, this was approved. Naming of the directory
it is found in was up for debate, but "compat" was the first directory
to have some sort of concensus.
Currently get_result() can only handle a dict. When requiring facts, and
when there is more than one fact, get_result() should be able to handle
a list of dicts, so the normalization process happens to all the items.
* Update yum_repository.py
Having spent some time trying and googling how to enable an installed repo with this, I discovered that the thread at https://github.com/ansible/ansible-modules-extras/issues/2384 had decided that this would not be supported and recommended use of ini_file instead. Since I am sure I'm not alone in expecting yum-repository to support enabling/disabling a configured repo, I suggest adding a note so people find this easier.
This fix adds additional check for getting template from
virtual machine before using it.
Fixes: #42011
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Do not compare result to unset parameter in sysvinit module
* Fix misformed command in sysvinit module
* Small None-comparison style fix in sysvinit module
* fix a (forgotten?) change in moving createhome -> create_home
Fix for following bug on FreeBSD host whith user module:
```
fatal: [webssp]: FAILED! => {"changed": false, "module_stderr": "X11 forwarding request failed
Traceback (most recent call last):
File \"/tmp/ansible_2rmlBl/ansible_module_user.py\", line 2487, in <module>
main()\n File \"/tmp/ansible_2rmlBl/ansible_module_user.py\", line 2426, in main
(rc, out, err) = user.modify_user()
File \"/tmp/ansible_2rmlBl/ansible_module_user.py\", line 1011, in modify_user
if (info[5] != self.home and self.move_home) or (not os.path.exists(self.home) and self.createhome):
AttributeError: 'FreeBsdUser' object has no attribute 'createhome'
", "module_stdout": "", "msg": "MODULE FAILURE", "rc": 1}
```
It happenned with 'createhome' AND with 'create_home' form, with python 2.7 AND python 3.6
* Add changelog
Co-authored-by: dgeo <dgeo@users.noreply.github.com>
If user exports https_proxy without scheme, then generic_urlparse
fails to parse SCHEME and HOSTNAME from https_proxy variable.
This fix raises ProxyError is generic_urlparse API fails to parse
either of them.
Fixes: #25421
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Make the code more PowerShell compliant
* Correction of the mistaken comment
* Revert style changes to If/Else/Elseif
* Remove an ignored PSScriptAnalyzer rule due to the code correction
* Decreasing of an entropy ;-) and replacing the next to aliases
* minor whitespace changes
* First pass at making 'private' work on include_role, imports are always public
* Prevent dupe task execution and overwriting handlers
* New functionality will use public instead of deprecated private
* Add tests for public exposure
* Validate vars before import/include to ensure they don't expose too early
* Add porting guide docs about public argument and change to import_role
* Add additional docs about public and vars exposure to module docs
* Insert role handlers at parse time, exposing them globally
* construct_path() now supports custom keys
- Allows for much more flexible test substitution
- Implemented functionality in meraki_vlan for test case
* Fix comments for PEP8
* use get_option instead of directly internal dict
as get_option can populate it, while direct access cannot
also setup fallback values for derived plugins not using config system correctly
The given example causes the pip module to fail. If the umask is given as an octal string without quotation marks, the pip module converts it into an integer (i.e., an invalid umask).
+label: docsite_pr
* add submode features ipv4/ipv6
* add tests for submode
* the parameters both_ * were not idempotent, in what is read in the configuration we have a list with 2 entries (import, export) while the input parameter has only one parameter which will be applied twice
* add docstring to the ios_vrf module + provide a fix for: https://github.com/ansible/ansible/issues/41581
* complete tests
* add missing description
* fix KeyError for address-family ipv*
* fix both_* tests
* fix E231, W292, W293
* fix W293
* remove set has it doesn't preserve order of routes
* fix E106
* remove ImportError: cannot import name OrderedDict
* We should be able to mix the parameters for the routes targets , while remaining imdepotent. During the first implementation we did not take this into account, which did not correspond to the reality of the needs in production (to be able to use each parameter indifemently together)
* remove epdb reference
* FIX E111, E106
* FIX E302
* using loop produce a result who was not imdepotent
* FIX E241
* fix: used pass intead of list
This change adds a new argument to the telnet action plugin that will
cause the module to send a newline character before trying to login.
This is convienent when using telnet over a console connection that
needs an initial newline character to start the login process.
This change also will cause the sent command and command response to be
displayed on stdout when running in verbose mode (5 v's).
* Added Scaleway volume module.
* Fixed imports order.
* Fixed version added.
* Improved sanity checks.
* Fixing style formatting.
* Added new line at the end of file. Fixed typo in comment.
If parameter scope is not set (is None) the usual handling of lists does
not apply, and should be avoided or we get an exception.
This needs to be backported to earlier versions of Ansible.
* Make fetching old style facts optional
and try to fetch the old style facts only when
`ofacts` value is present in `gather_facts`
* Fix in junos_facts integration test
* Add the NIOS RECORD PTR Module
* FIX E241,E231, E105
* FIX module should not be executable
* FIX module RWX
* Remove change in nios_srv_record
* Remove change in nios_srv_record
* FIX test_nios_ptr_record_update_comment
* ADD: Integration and target tests for the NIOS PTR RECORD module.
* FIX module name in integrations tests
* Update integration
* Refactor nios_ptr_record module
* Refactor the nios_ptr_record_idempotence
* FIX name
* Smoketests for the NIOS modules does not take care of the PTR:RECORD object
* REM the default for view
* Add finals test, after adding the PR (https://github.com/ansible/nios-test-container/pull/1) in order to handle PTR:RECORD
* add the define nios specific constant for PTR:RECORD
* fix: documentation style
* add create an ipv6 ptr record
* rename class name, add ipv6 unittest
Move dict_merge from azure_rm_resource module to
module_utils.common.dict_transformations and add tests.
Use dict_merge to provide a fairly realistic, reliable
diff output when k8s-based modules are run in check_mode.
Rename unit tests so that they actually run and reflect
the module_utils they're based on.
* win_reboot: fix 2.6 issues and better handle post reboot reboot
* changed winrm _reset to reset
* Add handler to reset calls when .reset() throws an AnsibleError on older hosts
* Moving back to _reset to get the issue fixed
The ssh connection plugin is overzealous in thinking that error code 255
can only come from ssh. Python can return 255 in some circumstances and
error from php does as well.
* __file__ won't work if we want to invoke modules via -m or if we
figure out how to keep modules from hitting the disk with pipelining.
* module.tmpdir is the new way to place a file where it will be cleaned
automatically.
Change format string to not depend on __file__:
* cloud/amazon/ec2_elb_lb.py
* cloud/amazon/elb_classic_lb.py
Use module.tempdir:
* packaging/os/apt.py
* files/unarchive.py
* complete plugin docs
* add missing 'plugin' option
* user and password are now 'correctly' required
* added inventory source example and extension information for user
The OVSDB schema consists of typed columns. The 'key' parameter is
required only for columns with type of a 'map'. This patch makes 'key'
an optional parameter to allow setting values for other column types
like int.
Fixes#42108
* allow user to pass list of resources in to definition parameter
* Add new validator for list|dict|string
* use string_types instead of string
* state/force information is lost after the first item in the list
* Add tests
* Appease ansibot
* ios_facts: Report file system space
Parse total and free space from dir output. For this, add a hash
filesystems_info containing the keys spacetotal_kb and spacefree_kb.
* ios_facts: Add unit test for file system space reporting
* ios_facts: Add integration test for file system space reporting
* Add support for disable_my_meraki parameter
- Meraki added support for the disabling access to Meraki websites on
devices. This module now supports this.
- I haven't tested this as it was developed on an iPad. It will work
before submitting PR.
- Rework of payload generation code is required or at least
recommended.
- Integration tests need to be developed.
* Added support for disableMyMerakiCom parameter
* - Remove proposed functions as it isn't required for updates
- Add integration tests
- Still pending a case response from Meraki since I can't seem to
set disableMyMerakiCom to false after it's true
* Fixed word wrap problem
* Add version_added to disable_my_meraki
* Initial commit of meraki_ssid module
- CRUD functionality for Meraki wireless SSIDs
- Much more testing is needed
- Module is not currently idempotent
* Improve integration tests
- Original integration tests didn't have any assertions in it
- Single bug fix in module found via integration test
* Added idempotency support
- Changes are only made when needed.
- Added integration test to check for idempotency.
- Relies on a forthcoming PR to make idempotency check a single pass.
* Improved documentation
* Initial commit for meraki_mr_l3_firewall module
- CRUD functionality for layer 3 firewall rules on the Meraki MR access points
- Complimentary integration test
- Need to add support for SSID lookup
* Added support for specifying SSID name and improved documentation
* Added examples to documentation
* Removed whitespace
* Enable get_net() to download nets if data isn't provided
- Currently, get_net() requires data to be passed to it
- PR enables get_net() to download all networks if data isn't passed
- Slightly simpler code
- Best practice is to download nets early in execution
* Apply fixes related to get_net()
* Removed extra code from the rebase
* Enabled support for configuration template configuration
- get_nets() now pulls down templates and networks
- A few changes in VLAN and network to operate as a POC
* Ansibot changes
- Fix undefined variable
- Document net_id in meraki_vlan
* Fix indentation
- Before this, it allowed claiming devices into a network only
- Make integration tests a block
- Note, API doesn't allow unclaiming in an organization, only net
- Added an integration test for claiming into an org
- Requires unclaiming manually
- There is a bug in the API which isn't showing claimed devices
* Added full return documentation for normal responses
* Changed returned for responses
- Old responses were saying always returned, should have been success
or something more refined
* docker_container: ensure 'init' is supported
Check docker-py version too.
Move API version check in docker_container module since 'init' module
parameter isn't defined by other docker modules.
docker-py supports 'init' since 2.2.0:
https://github.com/docker/docker-py/blob/2.2.0/docs/change-log.md
* docker_container: fix compat with docker-py<2.2
Exception was:
TypeError: create_host_config() got an unexpected keyword argument 'init'
fatal: [localhost]: FAILED! => {
"changed": false,
"module_stderr": "Traceback (most recent call last):
File ansible_module_docker_container.py, line 2089, in <module>
main()
File ansible_module_docker_container.py, line 2084, in main
cm = ContainerManager(client)
File ansible_module_docker_container.py, line 1704, in __init__
self.present(state)
File ansible_module_docker_container.py, line 1724, in present
new_container = self.container_create(self.parameters.image, self.parameters.create_parameters)
File ansible_module_docker_container.py, line 826, in create_parameters
host_config=self._host_config(),
File ansible_module_docker_container.py, line 932, in _host_config
return self.client.create_host_config(**params)
File lib/python3.6/site-packages/docker/api/container.py, line 157, in create_host_config
return utils.create_host_config(*args, **kwargs)
TypeError: create_host_config() got an unexpected keyword argument 'init'",
"module_stdout": "",
"msg": "MODULE FAILURE",
"rc": 1
}
* Add additional puppet options
Add support for puppet options --debug, --verbose, --summary,
and extend logdest to support logging to stdout and syslog at
the same time.
Fixes issue: #37986
* Fix docs
* Doc fix, add release note
* Fix silly yaml error
* Correct changelog, add C() to params in doc
* Fix tmpdir on non root become
- also avoid exception if tmpdir and remote_tmp are None
- give 'None' on deescalation so tempfile will fallback to it's default behaviour
and use system dirs
- fix issue with bad tempdir (not existing/not createable/not writeable)
i.e nobody and ~/.ansible/tmp
- added tests for blockfile case
* Revert "Temporarily revert c119d54"
This reverts commit 5c614a59a6.
* changes based on PR feedback and changelog fragment
* changes based on the review
* Fix tmpdir when makedirs failed so we just use the system tmp
* Let missing remote_tmp fail
If remote_tmp is missing then there's something more basic wrong in the
communication from the controller to the module-side. It's better to
be alerted in this case than to silently ignore it.
jborean and I have independently checked what happens if the user sets
ansible_remote_tmp to empty string and !!null and both cases work fine.
(null is turned into a default value controller-side. empty string
triggers the warning because it is probably not a directory that the
become user is able to use).
The docker API init parameter is the dependency requiring this bump. It was introduced 2.3.0 release of the docker package as per commit 13b5f785a7ab459960aae82fae00e4245e391387 in github.com/docker/docker-py.
* inventory plugin docs
* added set options
* minor wording and formatting fixes
* changed headers to std as per #35520, also added to main readme
* unified inventory plugin devel, referenced from generic plugin dev
* fixed typos and update as per feedback
NOTE:
1. Use unsafe decorator but not builtin escape wrapper in jinja2
since ansible will try parse ssh password twice, the builtin
escape wrapper will be removed during the first parse.
2. Use class AnsibleUnsafeText but not '!unsafe' syntax since
passwords are not loaded by YAML env, '!unsafe' syntax doesn't
work for them.
* Fix fetching old style facts in junos_facts module
Fixes#42298
* To fetch old style facts from junos device it requires
login credentials in provider, hence while using
connection=nectonf do not delete provider values
as it might not be ignored
* Add `ofacts` as one of the options in `gather_subset`
* Minor update in documentation
* Fix CI failure
* Update eos cliconf plugin methods
* Refactor eos cliconf plugin
* Changes in eos module_utils as per cliconf plugin refactor
* Fix unit test and sanity failures
* Fix review comment
* Always using current draft when referring to ACME v2.
* Adding URL for ACME v1 protocol.
* Improve cross-referencing of acme_* modules.
* General improvements.
* Fixing syntax error.
* aws_eks_cluster: Improve output documentation
This data is already returned by the module, it just wasn't documented. These
fields are required for accessing the created Kubernetes API with e.g. the
k8s_raw module.
* aws_eks_cluster: Add wait functionality
This enables further cluster configuration once it's created and active.
20 minutes was chosen as an arbitrary default, so that if it takes longer than
the documented "usually less than 10 minutes" it's still likely to succeed.
* Correct security group name in aws_eks tests
* Improve teardown of aws_eks tests
Fix minor teardown issues. The `pause` step is a placeholder until
a waiter for `state: absent`
* Add execution_role_arn parameter
* Change ecs_taskdefinition to use AnsibleAWSmodule
Botocore version checking is becomming more common. Changing the ecs_taskdefinition
to use AnsibleAWSmodule allows more easily for this.
* Change launch type check to use botocore_at_least function
* Remove execution_role_arn param from params dict
* Change check to use parameter
* Fix typo
* Add test for old botocore version
* Add test for execution role parameter
* Remove iam_role_facts task
Task was unecessary. The same information could be gathered by registering
the iam_role task.
* add check description update
* Ensure 'Description' is in the role so KeyError isn't caused
* Fix changed when modifying the description with check mode
Fixes#37262Fixes#36284
* Updates options in netconf connection to enable
bastion/jump host setting using configuration/enviornment
varaibles.
* Update troubleshooting docs from using bastion host with netconf
connection
- Module utility now has orgs, nets, org_id, and net_id properties
- get_nets and get_orgs sets nets and orgs properties respectively
- Allows for storage of this data in the module. org_id and net_id aren’t set as I cannot guarantee that’s always desired.
* Check for HTTP status code
- All requests now check returned status code
- Fail if status code isn’t what is expected
* Fix blank line error
* Change HTTP check logic and improve integration tests
- Set HTTP status code check so default path is accept
- Added create and delete network for integration test
- Remove a few comments to clean up code
* Added support for checking HTTP response codes
- All request calls now check for response code before responding
- If the response code isn't what it should be, it fails or returns nothing
- Breaking this into multiple PRs to make backporting easier
- Using status property in Meraki module utility which has the code
* Change logic of HTTP checks so success is default
- Previously all data between both data structures was compared
- Results in situations where updates are done when not needed
- Changes to single pass so only data in payload is compared
[AWS iam_policy] Avoid the _undefined name_ by catching the raised exception into the variable __e__ so it can be reported on the following line.
flake8 testing of https://github.com/ansible/ansible on Python 3.6.3
$ __flake8 . --count --select=E901,E999,F821,F822,F823 --show-source --statistics__
```
./lib/ansible/modules/cloud/amazon/iam_policy.py:305:16: F821 undefined name 'e'
if e.errno == 2:
^
./lib/ansible/modules/cloud/misc/rhevm.py:594:24: F821 undefined name 'e'
setMsg(str(e))
^
./lib/ansible/modules/files/archive.py:391:92: F821 undefined name 'e'
module.fail_json(dest=dest, msg='Error deleting some source files: ' + str(e), files=errors)
^
3 F821 undefined name 'e'
3
```
* Create base class for network-style connections
* clean up some differences
* Move NetworkConnectionBase
* Tweak netconf for tests
* Tweak when network_os is checked to avoid failing tests
* Pull back exec_command
* request() has improved error reporting
- 5xx errors show same as before
- 3xx and 4xx errors show error body
* Print body for errors greater than 300, but less than 500
* Remove trailing whitespace
Avoid the _undefined name_ and mirror lines 389 and 459 by catching the raised exception in the variable __exc__ so it can be reported on the following line.
flake8 testing of https://github.com/ansible/ansible on Python 3.6.3
$ __flake8 . --count --select=E901,E999,F821,F822,F823 --show-source --statistics__
```
./lib/ansible/module_utils/network/iosxr/iosxr.py:414:42: F821 undefined name 'exc'
module.fail_json(msg=to_text(exc))
^
```
* Revert "Account for empty string regexp in lineinfile (#41451)"
This reverts commit 4b5b4a760c.
* Use context managers for interacting with files
* Store line and regexp parameters in a variable
* Add warning when regexp is an empty string
* Remove '=' from error messages
* Update warning message and add changelog
* Add tests
* Improve warning message
Offer an equivalent regexp that won't trigger the warning.
Update tests to match new warning.
* Add porting guide entry for lineinfile change
* pamd: typo fix sufficicent->sufficient
* pamd: is_valid is a property, not a method; return a tuple
* pamd: define is_valid for all PamdLine classes
* pamd: use validate() for verbose errors, define generically
* pamd: PamdRule: rule_control is always str, use _control
Fixes https://github.com/ansible/ansible/issues/41179
* elasticsearch_plugin - Show STDERR on module failures.
I tried to install a ES plugin without
become: yes
and found after debugging the module that the module failed ude to permission issues.
The only error message I got was
Is analysis-icu a valid plugin name?
That was strange considering I followed the example documentation by the letter.
I found out that when this module fails, it hides the real reason for failure.
This patch replaces the generic error with more meaningful diagnostics.
* elasticsearch_plugin - Show STDERR on module failures. Changelog fragment
samdoran commented 2 days ago
This looks good. Please create a changelog fragment to go along with this change. See fragments for examples.
* Fix bug with redundancy templates and add integration tests for redundancy templates.
* vlan_list absent state support and fix for vlans as strings in vlan_list
* Fix junos_config confirm commit issue
Fixes#40626
* Due to issue in ncclient commit() method for Juniper
device (ncclient/ncclient#238)
add a workaround in junos netconf plugin to generate proper
commit-configuration xml and execute it using ncclient
generic `rpc()` method.
* Update junos_config doc
* Add run_commands api for ios and vyos cliconf plugin
* Add run_commands api to ios and vyos cliconf plugin
* Refactor ios and vyos module_utils to check return code
in run_commands
* Fix Ci failures
Certain project functions are not available on the openstack public api. Creating and deleting projects are examples where you must use the admin api.
In most devstack or simple openstack deployments the public, internal and admin apis may live at the IP. However in most production deployments the admin APIs are on a separate network than the public APIs. Therefore for these examples to consistently work, we must specify the admin endpoint_type.
* Issue #39860: Add 'not_contains' method to parsing.py
* Issue #30860 Adds self.negate to Conditional class in lib/ansible/module_utils/network/common/parsing.py
* Issue #39860 Fix singleton-comparison issue per sanity tests
* Issue #39860 'test/integration/targets/nxos_command/tests/cli/not_comparison_operator.yaml' integration test
* Issue #39860 Add unit tests to '../../test/units/module_utils/network/common/test_parsing.py'
* Issue #39860 Fix singleton comparison issue
* Fix E302 expected 2 blank lines, found 1
* Issue #39860 Add license header to unit tests
* Issue #39860 Move integration test to 'test/integration/targets/nxos_command/tests/common/'; remove unnecessary comment from unit test
* Issue #39860 remove unnecessary comment from unit test
* refactor win_group_membership to use SIDs for comparisons instead of name parsing
* carry over previous doc cleanup changes
* remove trailing whitespace from docs
* If we evaluate task.loop/with_items when calculating delegate_to vars, cache the items. Fixes#28231
* Add comments about caching loop items
* Add test for delegate_to+loop+random
* Be more careful about where we update task.loop
* Create splunk.py
This is a new callback for logging to Splunk. It is based on sumologic.py and updated to work with the Splunk HTTP Event Collector.
This has been by our team and others.
It is working with Ansible 2.5.2
* Update splunk.py
Addressed white spaces and formatting issues
* Update splunk.py
* Update splunk.py
* Updated version to match target release
Following code review recommendations. Thanks for the help
* Updated colon impacting documentation
Updated based on code reviews. Thanks the help
* Updated quotes to be consistent
* Add diff capability in vyos edit_config
Fetch onbox diff within edit_config cliconf
plugin and return it in response
* Remove diff returned from ios edit_config
* Fix CI failure
* More CI fixes
* runas + async - get working on older hosts
* fixed up sanity issues
* Moved first task to end of test for CI race issues
* Minor change to async test to be more stable, change to runas become to not touch the disk
* moved async test back to normal spot
* Add productType property as an ansible fact
Suggest to add productType property from win32_operatingsystem CIM instance to differentiate between versions and add new fact.
* update code to display human-readable string
Commit added in response to nizmahone's suggestion to add humane-readable strings to the display. uses switch statement to evaluate and update $ansible_facts hash table with proper information
* remove string conversion, modify switch default
Adjusts line 202 to remove .String() conversion from uInt32.
Adjusts switch test values to integers
Uses switch default clause to handle null values
* formatting
fixed formatting issues, moved product_type into variable.
adjust ansible_fact hash table key to be consistent with the rest of the code.
* Moved product type within distribution
* Use context managers for interacting with files
* Account for empty string as regexp
Rather than explicitly testing for None, also test for an empty string which will evaluate to False. An empty string regexp matches every line, which ends up replacing the incorrect line.
* Store line parameter in a variable
* Add tests
If a line match is found in the file and no regexp is specified, insertbefore would improperly try to add a line if set to BOF.
Add tests for this scenario.
* Use inventory.get_host instead of direct access to inventory.hosts. Fixes#32152
* Prevent potential side effect, by using self._inventory.localhost directly instead of get_host
* Add a module parameter to configure the max fetched AWS CFN stack events
* Add version documentation for new configuration option
* Increase default in order to make sure that enough are fetched by default. This align roughly with the limit of manageable resources in CloudFormation.
This fix adds a new parameter 'dvswitch_name' in networks argument spec.
When there are multiple distributed portgroup with the same name in the given
environment, it is difficult to pick particular dvpg. By specifying dvswitch value
we can pin point exact distributed portgroup to attach virtual machine to.
Fixes: #41781
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
- Comparison was not happening properly as it lacked full data
- Module now creates a full data structure on payload
- Defaults to America/Los_Angeles as that's what Meraki seems to do
* Fix ios and vyos cliconf edit_config return type
Modify cliconf edit_config api to return a json string with
diff and response received from remote host for ios and vyos.
* Doc change
Upon preparing the commands for sending to the device, cliconf converts
the optional prompt to a byte string. However, since there might be
multiple prompts specified, the conversion has to happen for each prompt
individually. Otherwise, wrong regexes will be compiled in
_handle_prompt from network_cli Connection.
* vyos and ios cliconf plugin refactor
* Refactor vyos cliconf plugin
* Change vyos module_utils and vyos_config as per refactor
* Minor changes in ios cliconf plugin
* Fix unit test failure
* Fix sanity issues
* Add get_diff to rpc list
* fix: exclude using wildcards for tar archives
Fixes#37842, #22947
* fix: Remove quote() as it munges the exclude format
* test: Refactor to use single archive structure
A common structure archived by different methods should simplify some of
the feature tests.
* test: Use common archive layout to validate exclude feature
* test: Use the same exclude checks for zip/tar archives
* validate vars_files entries are string_type or list
Fixes#17594
Signed-off-by: Adam Miller <admiller@redhat.com>
* use collections.Sequence to simplify if check
Signed-off-by: Adam Miller <admiller@redhat.com>
* fix minor issues with debug and item labels
- no more `item=None`, we always have a label now
- debug should only show expected information, either msg= or the var in var=
- also fixed method name, deprecated misleading _get_item
* Update zabbix_screen.py limit screen columns
Add option graphs_in_row that allows to limit the count of columns on zabbix screen. When graphs_in_row columns is filled, begins to draw next row. If there is many hosts with many graphs each, draws all graphs for one host in an column each below each other
* fix remove whitespaces before and after brackets
Fixing ansible-test sanity --test pep8 errors
moved
* fix documentation parsing error
Fixing error: missing documentation (or could not parse documentation): expected string or buffer
* ensure copy action plugin returns an invocation in result
Fixes#18232
Previously the action plugin for copy, which runs operations on the
control host to orchestrate executing both local actions on the
control host and remote actions on the remote host, is not returning
invocation dict in the result dict, this happens here where the
return from _copy_file() is None
When force is True, the _execute_module() method is called, which
returns the dict containing the invocation key. This patch ensures
there is always an invocation key.
Signed-off-by: Adam Miller <admiller@redhat.com>
* fix conditional, handle content no_log
Signed-off-by: Adam Miller <admiller@redhat.com>
* handle groups correctly when they are 'null'
- even if defined as mapping but having no keys, objects shoudl still be processed correctly
- also add ansilbe_verbosity to vars not to display in ansible-inventory
fixes#41692
* Initial commit for meraki_switchport module
- Query or modify swichport configurations
- Further optimizations are available
- Integration tests will require manual editing of file for others
* Remove blank lines
* Implement configuration template management
- Queries or removes templates
- Can bind or unbind templates to networks
- Module is idempotent only for binding and unbinding
- Meraki does not allow template creation via API
- Integration test is tedious b/c previous bullet point
- Fixed bug in construct_path() so it won't set self.function
* PEP8 changes
* Re-enable some integration tests, use variables, and fix broken code
* Initial commit of meraki_vlan module
- Create, delete, modify, and query VLANs within a network
- Support for all allowed objects in the VLAN data structure
- Meraki defaults networks to have VLANs disabled and there is no
way to use the API to enable VLAN support. It must be enabled
manually.
* Fix formatting error in documentation
* Formatting changes and added documentation
* PEP8 fix
* Initial commit for meraki_device module
- Allow claiming, removal, updating, and querying of devices
- Integration tests are included
- Integration tests are not complete because physical gear is required
- Integration tests also require Meraki subscriptions
* Added support for serial number query without network
* Added support for net_id and net_name
* Changes recommended by ansible-test for PEP8 and documentation
* Remove duplicate state in example
* Fix typo
* Add upgrade ('latest') support to pkgng module
* fixup for bad yaml
* fixup for bcoca review:
- add `version_added:` to description
- change examples to use `name:` and remove comments
- DRY out install_packages()
- clean up state conditional check in modules.params
* fixup to remove extra whitespace
* fixup to handle custom pkgsite when checking for updates
* fixup to remove misleading `version_added:`
* add notes to service_facts about accessing fact data
Signed-off-by: Adam Miller <admiller@redhat.com>
* remove unquoted :
Signed-off-by: Adam Miller <admiller@redhat.com>
* Enable to use greedy checks for outdated casks
When using brew cask outdated to check if an installed cask is outdated
or not, brew cask will skip casks that have auto_updates set to true or
version: latest. This means that Ansible tasks using the homebrew_cask
module to upgrade packages installed by brew cask will miss upgrading
such packages. However such packages can still be managed by brew cask
so we need to be able detect such packages. This can be done with the
--greedy flag passed to brew cask outdated as this will also include
such packages that are outdated. This commit adds a greedy parameter to
the homebrew_cask module to enable upgrading such packages using Ansible
tasks with the homebrew_cask module. The default behavior preserves the
same behavior as today. Example usage would be:
- homebrew_cask:
name: 1password
state: upgraded
update_homebrew: yes
greedy: yes
* Fix test issues
* Add extra comma to match style
* Fix vmware host config for all vmware OptionTypes
Setting some options and option types failed with invalid value errors being return from vmware, this resolves all known ways that issue can occur.
* Add logic for integer inputs as string
For example - "UserVars.ESXiShellInteractiveTimeOut": "20"
Fixes#40180Fixes#41212
When parsing the distribution files such as /etc/os-release, we extract
the full distribution version but not the major version. As such, the
ansible_distribution_major_version ends up being 'NA' whereas the
ansible_distribution_version contains the full version.
Before this patch we get this on openSUSE Leap 15
ansible -o localhost -m setup -a filter=ansible_distribution_major_version
localhost | SUCCESS => {"ansible_facts": {"ansible_distribution_major_version": "NA"}, "changed": false}
After this patch we get this
ansible -o localhost -m setup -a filter=ansible_distribution_major_version
localhost | SUCCESS => {"ansible_facts": {"ansible_distribution_major_version": "15"}, "changed": false}
This also fixes the Tumbleweed distribution test to report a proper
major version and also adds a test for openSUSE Leap 15.0 to avoid
potential future regressions.
Fixes: #41410
Read the Docs moved hosting to readthedocs.io instead of
readthedocs.org. Fix all links in the project.
For additional details, see:
https://blog.readthedocs.com/securing-subdomains/
> Starting today, Read the Docs will start hosting projects from
> subdomains on the domain readthedocs.io, instead of on
> readthedocs.org. This change addresses some security concerns around
> site cookies while hosting user generated data on the same domain as
> our dashboard.
There were bugs in this that needed to be resolved. No time to get the
fix reviewed sufficiently for 2.6.0.
We'll get this into 2.7.0 and try to get this into 2.6.1 as well.
Will need the work done in https://github.com/ansible/ansible/pull/36218
when it does get merged.
* service_facts correct meaning of state for systemd service units
Fixes#40809
Previously this module used the commend `systemctl list-unit-files
--type=service` to query state of services but list-unit-files only
shows enabled vs disabled which is not what we want for "state"
Signed-off-by: Adam Miller <admiller@redhat.com>
* make sure to define service_name before referencing it
Signed-off-by: Adam Miller <admiller@redhat.com>
* Support Smart Inventories
Add kind and host_filter fields and pass through to tower_cli.
* Add documentation for new Smart Inventories options
* Add missing description header for host_filter documentation
* Add version added tags to new options
* Bumped vesion_added to 2.7
* Add aws/core.py function to check for specific AWS error codes
* Use sys.exc_info to get exception object if it isn't passed in
* Allow catching exceptions with is_boto3_error_code
* Replace from_code with is_boto3_error_code
* Return a type that will never be raised to support stricter type comparisons in Python 3+
* Use is_boto3_error_code in aws_eks_cluster
* Add duplicate-except to ignores when using is_boto3_error_code
* Add is_boto3_error_code to module development guideline docs
* When using ANSIBLE_JINJA2_NATIVE bypass our None filtering in _finalize. Fixes#41392
* Add tests for _finalize bypass
* Address python3 failures in tests
* Connecting app network to vApp
This fixes connection mechanism for connecting app network to vApp and VM
after vApp creation, returning the IP assigned to the VM as fact 'vm_ip'
* removed duplicate check on task fail for vApp creation. Fixed issue with network_mode value for VCD version > 5.7
* fixed trailing white space
Signed-off-by: Kaneda-fr <sebastien@lacoste-seris.net>
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* pip tests: remove trailing spaces
* pip tests: use Jinja tests
* fixup! pip tests: remove trailing spaces
* pip tests: use 'command' instead of 'shell' module
* pip tests: remove unused variable
* pip tests: use a package with fewer dependencies
sampleproject has one dependency: 'peppercorn' and peppercorn doesn't
have any dependency.
* pip tests: check that 'name' param handles list
* pip: squash package parameters
Note that squashing will be removed in 2.11, new code should directly
use a list with the 'name' parameter.
python2-lxc module needs bytes, on the other hand python3-lxc requires text.
To solve such incompatibility, use to_native other than to_bytes.
This fixes#41060.
When we read files from disk we always want to read them as bytes and
then convert them to text ourselves. This gives us greater control over
what encodings are used, what to do in case of errors decoding the bytes
to text, and better resilience against problems on both Python 2 and
Python 3.
If we left it up to Python to do this, on Python2, this could mean
that config values end up as bytes (leading to tracebacks elsewhere in
the code). In Python3, it could traceback if the user's locale did not
match with the encoding of the ini file or config files could be decoded
as the user's locale encoding instead of as utf-8.
* VMware: Allow user to select disk_mode
This fix allows user to select disk modes for given disk configuration
in the given VM.
Fixes: #37749
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Review comments
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Don't ignore a duplicate host for an already processed include, assume that the repetition indicates a new include. Fixes#40317
* Add intg tests to ensure duplicate items in loop are not deduped
* Add note about relative indexing
* add example using peer keepalive vrf and delay restore
<!--- Your description here -->
add example using peer keepalive vrf and delay restore
+label: docsite_pr
+label: issue ansible/community#311
* Update nxos_vpc.py
update task name to include "existing"
The LDAP values may be of any kind (pictures, bytes, etc.) thus, ldap module enforce a "bytes" type.
We should pass properly encoded values instead of str
Fixes: #39569
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Test case for missing permissions
* Update aws_s3 module to latest standards
* Use AnsibleAWSModule
* Handle BotoCoreErrors properly
* Test for BotoCoreErrors
* Check for XNotImplemented exceptions (#38569)
* Don't prematurely fail if user does not have s3:GetObject permission
* Allow S3 drop-ins to ignore put_object_acl and put_bucket_acl
* If the command input is dict from module
in that case the check to see if command is
end or `!` to exclude it from executing on remote
host is wrong. Fix the logic to check `end` and
`!` commands
* aws_eks: New module for managing AWS EKS
aws_eks module is used for creating and removing EKS clusters.
Includes full test suite and updates to IAM policies to enable it.
* Clean up all security groups
* appease shippable
* Rename aws_eks module to aws_eks_cluster
* changing metadata to core support
* changing metadata to core support
* changing metadata to core support
* changing metadata to core support
* changing metadata to core support
* Changed request() to run json.loads() instead of module doing it
- Removed json.loads() from modules
- Removed some unreliable integration tests
- Removed self.function setting in construct_path()
-
* PEP8 changes
* Remove debug line for push
* Allow the use of 'aws:kms' as an encryption method
* Allow the use of a non standard KMS key
* Deduce whether AWS Signature Version 4 is required rather than specifying with a parameter
The compute policy was exceeding maximum size and contained
policies that already exist in ecs-policy.
Look up suitable AMIs rather than hardcode
We don't want to maintain multiple image IDs for multiple regions
so use ec2_ami_facts to set a suitable image ID
Improve exception handling
Fargate instances do not require memory and cpu descriptors. EC2 instances
do require descriptions. https://botocore.readthedocs.io/en/latest/reference/services/ecs.html#ECS.Client.describe_task_definition
Fargate requires that cpu and memory be defined at task definition level.
EC2 launch requires them to be defined at the container level.
Fargate requires the use of awsvpc for the networking_mode. Also updated,
the documentation regarding where and when memory/cpu needs to the assigned.
The task_definition variable for the awspvc configuration colided with
the ecs_service for the bridge network. This would cause the test to fail.
Add testing for fargate
Add examples for fargate and ec2
* Adding a switch to print logs
* Update to docs
* Adding `version_added` for the new option
* Updating version added
* Moving `output_logs` before `paued` for alphabetically ordering.
When using an empty string as the version argument, the module would
before attempt to run something akin to:
pip install module==""
This changes the behavior to:
pip install module
Fixes#41043
* Add support for classmap-authoritative option for composer
* Add support for apcu-autoloader option for composer
* Fix a typo for the no-plugins option
* Refactor ios cliconf plugin and ios_config module
* Refactor ios cliconf plugin to support generic network_config module
* Refactor ios_config module to work with cliconf api's
* Enable command and response logging in cliconf pulgin
* cliconf api documentation
* Fix unit test and other minor changes
* Doc update
* Fix CI failure
* Add default flag related changes
* Minor changes
* redact input command logging by default
In the process of building up the inventory by parsing each inventory
source with each available inventory plugin, there are three kinds of
possible errors (listed in order from earliest to latest):
1. One source could not be parsed by a particular plugin.
2. One source could not be parsed by any available plugin.
3. ALL sources could not be parsed by any available plugin.
The errors in (1) are a part of normal operation, e.g., the script
plugin is expected to fail to parse an ini-format source, and we will
ignore that error and try the next plugin. There is currently no way to
control this, and no known compelling use-case for a setting to control
it. This commit does not make any changes here.
We implement "any_unparsed_is_failed" to handle (2) above. If enabled,
this requires that every available source be parsed validly by at least
one plugin. In an inventory comprising a static hosts file and ec2.py,
this setting will cause a fatal error if ec2.py fails (a situation that
attracted only a warning earlier).
We clarify that the existing "unparsed_is_failed=true" setting causes a
fatal error only in (3) above, i.e., if NO inventory source could be
parsed. In other words, if there is ANY valid source in the inventory
(e.g., an ini-format static file), no combination of errors and the
setting will cause a fatal error.
If you want to execute your playbooks when your inventory is…
(a) complete, use "any_unparsed_is_failed=true".
(b) not empty, use "unparsed_is_failed=true".
The "unparsed_is_failed" setting should be renamed to
"all_unparsed_is_failed", but this commit does not do so.
Fixes#40512Fixes#40996
* Updating tower_job_template.py
* tower_job_template: Update parameter version_added to 2.7
* Ensure that unset credentials aren't passed
Passing empty strings for unset credentials causes ValueErrors as
the API expects an integer. Don't pass unset credentials
* tower_inventory_source: Add support for the inventory source via ansible-tower-cli.
* Add test coverage for tower_inventory_source.
* Update version_added to 2.7
* diff in as-path-set or prefix-set
* fix caveat diff can not have last line with comma in prefix-set/as-path/community-set
* Simplify fix to include indentation before parse
* remove debugger
* route-policy diffs
* fix iosxr_config crash issue
* new changes in iosxr_config after git add
* end-policy-map and end-class-map are properly indented so match misplaced children only when end-* is at the beigining also fix pep8
* Remaining config blocks of route-policy which needs exclusion from diff. added new tests
* pylint/pep8 warnings
* Review comments , sanity test fix
* shbang warning
* remove unused import
* added validate_certs option to zabbix_*_facts modules and fixed documentation to use doc fragment
* removed code duplication from zabbix_host_facts module
The parent parameter was not being used in the module. This meant
that all child profiles would use the system-defined parent instead
of the parent specified in the module
* fix ec2_ami block_device_mapping size to be int
* fixed cr issues
renamed `type` to `attribute_type`
reused `new_item` instead of creating new variable `value`
Fixes: #40631
The module was not correctly handling a certain state where the node
could be down, but the monitor was enabled on the node.
This patch fixes it.
With the addition on ajson.py in cbb6a7f4e8, two
new classes were created: AnsibleJSONDecoder and AnsibleJSONEncoder. These
classes are used when calling json.looads() and json.dumps().
This works fine with everything except the jsonfile.py cache plugin, which would
first try to import simplejson as json, then fall back to json. When simplejson
is installed, the load() or dump methods from simplejson are called, which then
try to use the AnsibleJSONEncoder/AnsibleJSONDecoder subclass from ajson.py.
But asjon.py imports json, not simplejson, and things blow up.
The debug message stated that the vault password client script was invoked as `example.py --vault-id=example`, while it's actually `example.py --vault-id example`.
* Adds requests.Session like class
* py2 syntax fix
* Add a few examples to the Request docstrings
* Add helper methods and docs
* Fix test failures
* Switch tests to test Request instead of open_url, add simple open_url test to validate funcitonality
* Fix filename in replace-urlopen code smell test
Removes the SSH enforcement because it breaks situations where, for example,
an admin maintains Ansible Tower and another team needs to use Ansible
with the BIG-IP modules, but the Tower admin does not want to install
the F5-SDK on the Ansible Tower instance.
In this situation, the user needs to delegate the execution of the BIG-IP
module to another linux host that does have the dependencies installed.
Usually this is done with delegation, often over SSH. Limiting the SSH
connection here prevents this from working.
* Support 'apply' to apply attributes to included tasks
* Cannot validate args for task_include
* Only allow apply on include_
* Re-enable arg validation, but only for include_tasks and import_tasks
* s/task/ir/
* Add tests for include_ apply
* Include context with AnsibleParserError
* Add docs for apply
* version_added
* Add free-form documentation back
* Add example of free-form with apply
* First pass at a src parameter that can be used in place of body. Supports binary files
* Add test for uri src body
* Bump version_added to 2.6
* Close the open file handle
* Add uri action plugin that handles src/remote_src
* Document remote_src
* Remove duplicate info about remote_src
* Bump version_added to 2.7
* Fixes ios_logging idempotency issues
* Added intergration tests & minor fixes
* Minor fixes in tests
* Minor fixes in tests #2
* eos_logging fixes after PR review
* Adding changed option to save_when for aireos
* Deprecating save option for aireos_config.
* Updating version_added to 2.7 since the PR missed the window for 2.6
* To fix following github issues 35774, 36574 and 39494
* To fix following github issues 35774, 36574 and 39494
* To fix following github issues 35774, 36574 and 39494
* To fix following github issues 35774, 36574 and 39494
* To fix following github issues 35774, 36574 and 39494
* To fix following github issues 35774, 36574 and 39494
* removed old_name new entry to make ui cleaner
* removed old_name new entry to make ui cleaner
* removed old_name new entry to make ui cleaner
* removed old_name new entry to make ui cleaner
* removed old_name new entry to make ui cleaner
* removed old_name new entry to make ui cleaner
* to resolve the bug 40709
* reslove shippable error
* reslove shippable error
* reslove shippable error
* reslove shippable error
* reslove shippable error
* reslove shippable error
* reslove shippable error
* reslove shippable error
* reslove shippable error
* to fix shippable nios automation error
* modified the name input parsing method
* modified the name input parsing method
* modified the name input parsing method
* modified the name input parsing method
* modified the name input parsing method
* modified the name input parsing method
* modified the name input parsing method
* modified the name input parsing method
* modified the name input parsing method
* shippable error fix
* shippable error fix
* shippable error fix
* shippable error fix
* shippable error fix
* review comment fix
* shippable error fix
* shippable error fix
* All instances of local connection should use _remote_is_local=True. Fixes#40551
* Switch to instance attribute for synchronize
* Add test that shows that synchronize _remote_is_local addresses tmpdir building
* Move k8s modules to dynamic backend
* update required openshift version
* update -> patch
* use new dynamic client exceptions
* style
* guard urllib3 import
* guard ansibleerror import
* give more information about error cause
* format in variable
* style
* rename tests
* Search for provided kind in a few more places to match old behavior, properly handle failure
* make common code use fail instead of fail_json, to work for lookup plugins as well
* update docs
* move openshift_raw tests into k8s tests
* fix typo
* Use diff of response and resource to determine change, don't do any checking client-side before making requests
* remove duplicate yaml blocks
* Update porting guide for k8s module
* remove invalid doc refs
* If fuzzy searching finds a resource, update resource_definition to match proper kind and version
* remote unsupported openshift_raw variables
* properly check environment variables when determining auth method:
* Remove 1.1.1.1 from *_config tests
* remove from *_smoke and *_system
* Miscellaneous other tests
* Remove from module documentation as well
* Remove from unit tests as well
* Remove accidental duplication from rebase
* Add a module to create a java key store (jks) from a certificate
* Create a jks from a certificate and a private key (secured by a password)
* Add an option to recreate the jks (useful when you want to update the jks password)
* If the certificate changed, recreate the jks
* Version added is now 2.7
One of Ansible best practices is "Always Name Tasks".
This should include tasks in examples as well so people can learn
what is the right way to use it.
Also fixes a discovered bug in block rescue detection related to inserting
the ansible_failed_{result|task} variables when the rescue is in a nested
block.
* Return the expected prompt character based on become status
* Update eos_banner tests for eapi
* Update eos_config tests for eapi
* Update eos_facts tests for eapi
* Update eos_interface tests for eapi
* Update eos_l3_interface tests for eapi
* Update eos_lldp tests for eapi
* Update eos_logging tests for eapi
* Update eos_smoke tests for eapi
* Update eos_system tests for eapi
* Do not gather mem facts if command invalid
In some firmwares, 'show memory statistics' fail, thus
do not populate mem if we got a failure after running that command.
* Fix pep8
* Warn if got error when running 'sh memory statistics'
* Fix pep8
* nxos_vlan fix
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* uncomment mode test as nxapi now has get_capabilities
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* First pass at vmware_deploy_ovf functionality
* Add OVA file support, re-structure code
* Move some useful functions to module_utils.vmware, and perform a little DRY too
* Better handling of errors during spec validation and import
* Properly calculate the lease progress percentage for all vmdk files
* Make warnings and errors a little better
* Add an allow_duplicates argument, that defaults to true, to allow users to have name based idempotency
* Add fail_on_spec_warnings to cause the module to treat warnings as errors
* Support non-vmdk uploads
* Add ova alias for ovf
* Rename vmdk_post_url to device_upload_url so it does not sound to specific to VMDK files
* Safer handling of * hostname in urls
* Add default Content-Type, remove unused headers var
* Add deploymentOptions and propertyMapping functionalities
* Add basic check_mode support
* Add vmware_deploy_ovf to list of use-argspec-type-path ignores
* Update version_added and fix path for use-argspec-type-path
* Add configurable folder
* Doc changes
* Add nxos_install_os integration tests
* Update call to check timers
* Update check_ansible_timer method
* Modify network_cli integration tests
* Add timer check for nxos_install_os
* Add comments for clear_persistent_sockets
* Update connection info for tests
* More updates
* Restructure files for provider and non-provider testing
* Update env var name and add check for ISSU switchover
The openstack modules do not support python 2.6 as the underlying
library dependency (openstacksdk) does not support python 2.6. Update
the docs to make this clear.
* check if timestamp is set in maven-metadata.xml. If it is not set, we don't have unique snapshot artifacts and can return the artifact name with the appended -SNAPSHOT
* Make use of a python module that is not deprecated anymore
* Updating version_added: "2.6" to version_added: "2.7"
* Added missing line
* Added notification about using different python module
PR #39373
* Add extra_specs to os_subnet module
This change removes the parameter limitation on `os_subnet` module for
Neutron subnet creation.
This way, any key value passed via `extra_specs` argument is included in
shade's API call.
Signed-off-by: Mário Santos <mario.rf.santos@gmail.com>
* Set default value of extra_specs to None
Signed-off-by: Mário Santos <mario.rf.santos@gmail.com>
* Raise ValueError in case of duplicate keys found
Signed-off-by: Mário Santos <mario.rf.santos@gmail.com>
* Update docs default value of extra_specs to {}
* Move cidr to kwargs to avoid positional argument
Signed-off-by: Mário Santos <mario.rf.santos@gmail.com>
* Print explicit list of duplicate keys
Signed-off-by: Mário Santos <mario.rf.santos@gmail.com>
* Fix precedence on the dict merge
Signed-off-by: Mário Santos <mario.rf.santos@gmail.com>
* Bump version_added of the extra_specs parameter
Signed-off-by: Mário Santos <mario.rf.santos@gmail.com>
* Add support for `mysqldump`'s `--ignore_table` switch.
* Fix documentation and default linter warning re: default parameter
* Add number to replacement field in cmd string
* Bump version_added to 2.7
* adds name server group support to nios_zone
* fixes style issues
* adds support for restart_if_needed
* adds type: bool to documentation for restart_if_needed
* doc fix
This is a helper for identifying whether the var is a sequence,
but is not of string-like type (optionally).
Co-authored-by: Toshio Kuratomi <toshio@fedoraproject.org>
Co-authored-by: Brian Coca <briancoca+dev@gmail.com>
Co-authored-by: Abhijeet Kasurde <akasurde@redhat.com>
The current example configuration is not
quite right, so this patch implements a
fix which corrects it
The 'inventory_hostname' argument is removed
as it's the same value as the default.
* Establish connection through openstacksdk
* Switch from shade to openstacksdk
* fix typo in link to openstacksdk
* remove nova_client usage
* further remove of min_version from openstack modules
* Initial commit for meraki_admin module
* Initial commit for meraki_snmp module
* Update code to be operational for SNMP settings
- Add optional_ignore value to is_update_required for one-time fields
- Write documentation
- Perform checks and execute changes
* Minor fixes and test improvements
- Fix some documentation errors
- Implement and test for idempotency
* Removed meraki_admin which shouldn't be there, ansibot changes
* Rename params to be lower case
- Updated integration tests
- Changed CamelCase to lowercase and underscore
* Code cleanup changes based on comments from Dag.
* Add cleaning function to handle **params
The cleaning function is only added to tower modules which pass a `**params`
argument as an unpacked dictionnary to the tower-cli method calls.
Fix#39745
* Remove previous code added only for tower_role
In 872a7b4, the `update_resources` function was modified so that it would clear unwanted
parameters. However, this behaviour is desired for other modules too, modified in
another commit. (see tower_clean_params).
* Port aws_ses_identity module to use AnsibleAWSModule
* Support Check Mode in aws_ses_identity
* Add tests for check mode
* Move feedback forwarding parameter check to before any changes are made.
* Fixed check_mode status to be the same as normal execution
* Now when setting the status to `disabled` in check_mode it correctly
returns the state changed and prints a warning like it does in normal
model. Before it always returned changed even if everything was set
correctly and a reboot was required.
* Add changelog entry
Co-authored by: Strahinja Kustudic <kustodian@gmail.com>
* Added interpreter parameter to the script module
* Let required and default parameters get documented implicitly for binary parameter
* Renamed interpreter parameter to executable
When running the test test/units/module_utils/urls/test_open_url.py
test_open_url_no_validate_certs, the test fails because of the SSLv2
check.
Test is run on a machine using openssl 1.1.0g. By reading the openssl
man page[1], one can see that support for SSLv2 has been removed.
> Support for SSLv2 and the corresponding SSLv2_method(),
> SSLv2_server_method() and SSLv2_client_method() functions where removed
> in OpenSSL 1.1.0.
>
> SSLv23_method(), SSLv23_server_method() and SSLv23_client_method() were
> deprecated and the preferred TLS_method(), TLS_server_method() and
> TLS_client_method() functions were introduced in OpenSSL 1.1.0.
Hence this commit remove the uses of this flag when it is not defined.
[1] https://www.openssl.org/docs/man1.1.0/ssl/SSLv23_method.html
As mentioned in this answer https://stackoverflow.com/a/41549694/6778826 we was able to solve a bad behaviour of `blockinfile` module.
We must change two parts in one file which we have done in two tasks. Every run have rewriten the first block with the second block in the wrong position. **After** we have set the `marker` in the second task to another value was the `blockinfile` module able to insert both parts in the right position in the same file.
* os_project_access: correct example tasks
The example task does not work. Fix it so that it does.
* os_project_access: Remove unused function
The _get_allowed_projects function is not used anywhere,
so we can remove it and be free of nova_client for this
module.
The os_server module uses the deprecated nova_client function, and
therefore ends up requiring python-novaclient installed. In this
patch we switch the ip detachment to make use of a shade function,
removing the need for python-novaclient.
* The module now correctly sets the timezone in both the config file and
in /etc/localtime; while hwclock is set in both the config and
/etc/adjtime.
* Module checks if the timezone is actually set by checking
/etc/localtime. Before it only checked if it was set in the config file.
* Fixed module not setting the timezone on RedHat systems if
/etc/localtime was a symbolic link.
* Fixed module failures in case of missing config files or incorrect data
in them.
* Added a lot of integrations tests to cover most of these situations.
* Add start and end timestamp to task result in json callback
Currently, the timestamp information is only provided directly by a few
Ansible modules (e.g. the command module, which shows the runtime of a
command per host result).
This change adds an 'overall' time information to all executed tasks. The
delta between both timestamps shows how long it took a task to finish
across all hosts/nodes.
This patch is also proposed for zuul and can be found here:
https://review.openstack.org/#/c/563888
* Add missing timezone information to 'start' and 'end' timestamps
As the datetime.isoformat() function is missing the timezone information,
we assume it's local time.
* Nest 'start' and 'end' timestamps in 'duration' field.
To clarify the purpose of those fields.
* Add 'start' and 'end' timestamps also for plays
* Add a 'machinectl shell' become_method
* docs: add explanations for the machinectl become_method
* docs: machinectl become_method: specify this part is specific to Linux+systemd setups
* cs_instance: implement host migration support
* fix build
* fail fast on update if user is not admin
* improve tests a bit
* expunge it
* fix typo
* disable temporarly verify for host on starting instance.
Add `mode` option which sets permission mode of a VM in octet format
Add `owner_id` and `group_id` which set the ownership of a VM
Move the waiting for state at the end of the module, so it could fail faster if there is some error
tagged_instances will only be returned only if count_attributes and/or count_labels are used, as specified in the documentation
Update relevant tests
Add tests for mode, owner_id, group_id
* Fix errors decrypted non-ascii vault vars
AnsibleVaultEncryptedUnicode was just using b"".decode()
instead of to_text() on the bytestrings returned from
vault.decrypt() and could cause errors on python2
if non-ascii since decode() defaults to ascii.
Use to_text() to default to decoding utf-8.
add intg and unit tests for value of vaulted vars
being non-ascii utf8
based on https://github.com/ansible/ansible/issues/37258Fixes#37258
* yamllint fixups
* Subversion: If the directory exists, we want the ability to checkout into it
and use the content as existing files; equivalent to svn checkout --force
I was expecting the force option to do this, however I understand why it
doesn't do that currently. I was debating with changing the meaning of force
to include this behaviour, however I've opted for a seperate flag for now
for backwards compatibility.
* Subversion: Sanity tests have failed suggesting this is the correct value
https://app.shippable.com/github/ansible/ansible/runs/60302/1/console
* Add documentation for setting multiple options.
* Do not set `cluster' to myhostname, if cluster is not set. This will cause
parse error, since module will try to parse the brick and hosts.
* Also fixes issue #40410
* gluster_peer: Module to create/dismantle trusted storage pool
* gluster_peer: Module to create/dismantle trusted storage pool
Added __init__.py and added function main() in the module.
* gluster_peer: Module to create/dismantle trusted storage pool
Empty __init__.py was needed. Removed comment from the file.
* gluster_peer: Module to create/dismantle trusted storage pool
Addressed review comments.
* gluster_peer: Module to create/dismantle trusted storage pool
Do version check more sanely, improve parameter handling.
* gluster_peer: Module to create/dismantle trusted storage pool
Use isinstance for type comparison.
* gluster_peer: Module to create/dismantle trusted storage pool
Use type=list for nodes parameter, get rid of literal_eval.
* gluster_peer: Module to create/dismantle trusted storage pool
Add parameter check_mode, had missed this somewhere in between.
* gluster_peer: do not set `force' in case of state=present
* gluster_peer: Fix typo in the documentation
* gluster_peer: make peer probe idempotent
* gluster_peer: Fix a logical error while evaluating booleans
* gluster_peer: set locale to C, pass list to run_command
* Adding module for AWS Config service
* adding integration tests
* Split resource types into their own modules
* Properly use resource_prefix and retry on IAM "eventual consistency"
* Add config aggregator module
* AWS config aggregator integration test fixes
* AWS config recorder module
* Config aggregation auth rule
* Use resource_prefix in IAM role name
* Disable config tests
* seconds set of netapp modules
* fixes
* Fix issues
* Fix future issues
* fix issues
* Fix issues
* changes
* Change force
* made fixes
* add new line to end of file
* Fix setting the cache when refresh_cache or --flush-cache are used
* Use jsonify function that handles datetime objects in jsonfile cache plugin
* Don't access self._options directly
* Add initial integration tests for aws_ec2 inventory plugin
* Add CI alias
* Fix and add a few more unit tests
* Add integration tests for constructed
* Fix typo
* Use inventory config templates
* Collect all instances that are not terminated by default
* Create separate playbook for setting up the VPC, subnet, security group, and finding an image for the host
Create a separate playbook for removing the resources
* Allow easier grouping by region and add an example
* use a unified json encode/decode that can handle unsafe and vault
* Refactor ec2_group
Replace nested for loops with list comprehensions
Purge rules before adding new ones in case sg has maximum permitted rules
* Add check mode tests for ec2_group
* add tests
* Remove dead code
* Fix integration test assertions for old boto versions
* Add waiter for security group that is autocreated
* Add support for in-account group rules
* Add common util to get AWS account ID
Fixes#31383
* Fix protocol number and add separate tests for egress rule handling
* Return egress rule treatment to be backwards compatible
* Remove functions that were obsoleted by `Rule` namedtuple
* IP tests
* Move description updates to a function
* Fix string formatting missing index
* Add tests for auto-creation of the same group in quick succession
* Resolve use of brand-new group in a rule without a description
* Clean up duplicated get-security-group function
* Add reverse cleanup in case of dependency issues
* Add crossaccount ELB group support
* Deal with non-STS calls to account API
* Add filtering of owner IDs that match the current account
* New module = AWS Glue connection
* Add a few initial integration tests
* Add alias for CI
* module rename
* finish module rename
* add loop when getting glue connection again so we dont get None
* Limit number of retries to get new glue connection info
Without this change, the module will simply fail with an error when
doing a query and not specifying the **lag_type** parameter.
The integration tests expect **lag_type** too, so this simply codifies
what was expected since inception.
This change addresses an issue where the prompt matching regular
expressions would not match a prompt if the hostname starts with a
numeric value. Before this change, the connection would fail with a
socket.timeout() error. This change updates the termnal_stdout_re
values to now check for a number.
See Github issue #38639
* Add auth key for OpenStack Volume Provider
For adding OpenStack Volume Provider we need to also add auth key,
value, for Ceph. This patch allows to add/update/remove auth keys.
Also fixing the issue for attach cinder SD to the datacenter.
* Fixing documentation
* Small fixes in ovirt_external_provider module.
Fixed doc for param and small changes.
* Fix comments from review.
Adds conditions for check mode.
* Move update auth key method in the module
* Remove empty line which pep8 complains about
* New ansible module netconf_rpc
* add integration test for module netconf_rpc
* pep8/meta-data corrections
* usage of jxmlease for all XML processing
separation of attributes "rpc" and "content"
* removed unused imports
improved error handling
* fixed pep8
* usage of ast.literal_eval instead of eval
added description to SROS integration test for cases commented out
* mismatch type between function arguments
* add testcase for prompt
* yamllint issues
* remove overwriting response in case of connectionError exception
* remove import of ConnectionError as it is not required
* add loadbalancer
* dict check nullable
* add default vallue when get list
* create backend addr pool
* fix the set
* fix to dict
* fix ideponement
* use param security group name when create
* nic can has no nsg
* add test
* fix
* fix
* fix
* add document
* add configuration
* fix
* fix
* remove all resources
* fix
* fix test
* add version added
* fix lint
* fix lint
* Fixes some NIC bugs (#39213)
* add loadbalancer
* dict check nullable
* add default vallue when get list
* create backend addr pool
* fix the set
* fix to dict
* fix ideponement
* use param security group name when create
* nic can has no nsg
* add test
* fix
* fix
* fix
* fix idemponet
* add document
* fix test
* add configuration
* fix
* fix
* remove all resources
* fix
* fix test
* add version added
* fix lint
* fix lint
* fix lint
* remove new feature and only submit bugfix
* remove useless test
* fix
* fix indent
* Update azure_rm_networkinterface.py
* fix comment
* support 3 types to specific name and resource group
* avoid test racing
* fix test
* add sample
* add resource id test
* zfs: Fix handling of parameters passed via check_invalid_arguments
cc7a5228 had a typo, so the merged set of arguments was shoved into the
wrong parameter and ignored.
`origin` is an actual module parameter and should be processed like one.
pop()ing makes debug output misleading.
* zfs: fix command generation for `zfs snapshot`
Creating a snapshot and supplying an origin are mutually exclusive,
but were not treated as such. We should throw an error instead of
running an invalid command (`zfs snapshot origin foo@snapname`.)
* Update jenkins_plugin.py
When setting state=latest, plugin are always updated because plugin_data['sha1'] contains trailing '\r\n' (so it always detecting a sha1 change)
+label: docsite_pr
* rstrip wasn't the solution but to_bytes is
In `2.5` (d1b63bd5), the `yum` module received the capability to disable
and enable specific plugins. However, these changes only applied to
certain parts of the logic. This change propagates those changes to the
rest of the module, specifically those using the `yum` API.
* Docs - add shared snippet note about password prompts for ssh keys
Signed-off-by: Adam Miller <admiller@redhat.com>
* add note to ssh connection plugin, fix markup, fix typo
Signed-off-by: Adam Miller <admiller@redhat.com>
* winrm: add better exception handling for krb5 auth with pexpect
* Added changelog fragment
* Added exception handler in case kinit path isn't valid, added test cases
* fixed for Python 2 compatibility
* win_updates: add scheduled tasks back in for older hosts
* Fixed up typo in category name error message
* Fixed up some minor issues after merge
* added changelog fragment
* Default to become but add override to use scheduled tasks
* Added basic unit tests for win_updates
* fix minor typos
* Add update_password parameter to rabbitmq_user
Inspiration for this feature is taken from the `user` module.
While `always` is the default in that module, it is not here. We default
to `on_create` to avoid changing existing behaviour.
Resolves#29260
* Update instructions for changing passwords
* Bump version_added as requested
* Check password before changing it
This allows accurate reporting of changed status even though
`rabbitmqctl change_password` doesn't.
* Remove instruction to use 'force' to update password
* Adds support to get value from Consul KV.
* Updates documentation.
* Corrects GRL copyright years.
* Resolves PEP 8 issues.
* Changes consul_kv NOT_SET value to `None`.
* Support getting Consul KV values recursively.
* Adds example of retrieving key value.
* parted module not idempotent for esp flag and name
Fixes#40452
Currently the parted module doesn't take into account names with
spaces in them which leads to non-idempotent transactions on the
state of the system because the name comparison will never succeed.
Also, when the esp flag is set, parted infers the boot flag and the
parted module did not previously account for this. This lead to
non-idempotent transactions as well.
Signed-off-by: Adam Miller <admiller@redhat.com>
* fix unit tests, expected command changed in the patch
Signed-off-by: Adam Miller <admiller@redhat.com>
Change the command to get the interface in a vlan "show vlan" => "show vlan brief"
Change the parsing of the return command of the switch.
The return of the ios command is fixed so i cut with fix number of carracter.
Adding looking for the next line to add the forgeted interfaces.
The snmp_facts module lacked any information on what kind
of data can be expected on the return of successful execution.
This patch expands the docs to included info on return output
including sample data and full descriptions.
Signed-off-by: Eric Brown <browne@vmware.com>
* fixing azure sanity tests
* fixing sanity
* fixing some tags issues
* removed unnecessary things from managed disk
* fixed location problem
* more sanity fixes
* sanity test fixes
* final sanity fixes?
* final fixes again
* undo changes related to container instance
* removed container instance
* readd again
* fixed stupid mistake
* removed _azure from changes
* one more mistake
* Adding flatpack_remote module
Includes contributions by oolongbrothers: adding documentation fixes, fixing import placements, fix module idempotency, improving error propagation.
* Aligns module with conventions and best practices
For improved robustness and readability; based on feedback by
dagwieers.
* Improves the module documentation
* Aligns copyright statement to conventions
* Renames remote > flatpakrepo_url and reworks documentation
* Adding flatpak module
Includes contributions by dagwieers
* Incorporates feedback by dagwieers
* Improves and aligns documentation to conventions
* Makes matching for url more robust
* Get the str value of xmlrpc.client.DateTime
* get_all_records should be used instead of get_all
* Facts returned with 'ansible_facts'
* Remove some redundant code
* Add cheese as maintainer
* Add changelog entry
* Return messages generated from edit_config to module
* This does not seem to work that way
* Change test IP addresses to not conflict with device config
* Set encrypted as default and fix empty password reporting changed
* Starting with Postgres 10 `UNENCRYPTED` passwords are removed and
because of that this module fails with the default `encrypted=no`.
Also encrypted passwords are suported since version 7.2
(https://www.postgresql.org/docs/7.2/static/sql-createuser.html) which
went EOL in 2007 and since 7.3 it is the default. Because of this it
makes a lot more sense to make `encrypted=yes` the default. This won't
break backward compatibility, the module would just update the user's
password in the DB in the hashed format and everything else will work
like before. It's also a security bad practice to store passwords in
plain text. fixes#25823
* There was also a bug with `encrypted=yes` and an empty password always
reported as changed.
* Improved documentation for `encrypted`/`password` parameters, and
removed some obsolete notes about passlib.
* Fix clearing user's password to work with all versions of Postgres
* Add tests for clearing the user password
* Fix documentation atfer rebase
* Add changelog fragment
In the last commit I modified the code to run commands when they are
daemonized. But the execution of "chkconfig" is not daemonized so it
uses "self.module.run_command(cmd)".
This commit set the default localize to allow proper screen scraping of
chkconfig command.
* I seem to have forgotten the back half of tests
* Set http timeout from persistent_command_timeout
* Tweak URL generation and provide URL on error
* Push var_options to connection process
* Don't wait forever if coming from persistent
* Don't send the entire contents of variables to ansible-connection
* Fix all cases with pause and ctrl+c
- naked:
- pause:
- with prompt
- pause: prompt=hi
- time wait
- pause: seconds=60
- time wait with prompt
- pause: seconds=60 prompt=hi
Fixes#35372
* Use curses to control stdout
* Use curses to clear lines on interactive input
* Validate input for echo parameter and fail nicely if invalid
* Add integration tests for pause module using pexpect
* Use try except when trying to determine erase sequence to account for lack of TTY in containers in tests
* Improve output validation for regular paus test
* Accept two digit precision for pause length in test
* Check for seconds when seconds is specificed, minutes when minutes is specified
* Add test for no TTY mode
Co-authored by: Toshio Kuratomi <a.badger@gmail.com>
Co-authored by: Brian Coca <brian.coca+git@gmail.com>
* Add the ability to specify an install_dir to the gem module
* Add GEM_HOME when installing a non-global gem
* Add tests for custom gem path
* Fix sanity tests
* Add changelog entry
* Rebase and add tests for incorrect options
Co-authored by: Antoine Catton <devel@antoine.catton.fr>
* add first module
* fix case
* Create na_ontap
* Fix small pep8 errors
* Fixes for issues found by Amit
* fixes for amit
* fix doc
* get doc to compile
* format code in gce_net module
The values passed to the module weren't being highlighted properly in
the documentation page.
As a result, use markup code format for the values provided in order to
be spotted easily on the page.
Signed-off-by: Daniel Andrei Minca <mandrei17@gmail.com>
* separate phrases
Signed-off-by: Daniel Andrei Minca <mandrei17@gmail.com>
* apply review fix for module options
According to http://docs.ansible.com/ansible/devel/dev_guide/developing_modules_documenting.html#formatting-functions
Signed-off-by: Daniel Andrei Minca <mandrei17@gmail.com>
* * Memset:
* module_utils and associated documentation.
* module to manage DNS zones.
* integration tests to run against Memset's API.
* * memset.py:
* remove import of requests from memset.py in favour of internal Ansible modules.
* import necessary Ansible modules for request and response handling.
* create a response object in order to retain a stable interface to memset_api_call from existing modules.
* rework memset_api_call to remove requests.
* memset_zone.py:
* improve short description to be more verbose.
* ensure all imports directly follow documentation.
* remove any reference to requests.
* correct keyerror carried over from elsewhere.
* remove dependency on requests from documentation string
* disable integration tests until we have a cleanup method available
* HTTPAPI connection
* Punt run_commands to cliconf or httpapi
* Fake enable_mode on eapi
* Pull changes to nxos
* Move load_config to edit_config for future-preparedness
* Don't fail on lldp disabled
* Re-enable check_rc on nxos' run_commands
* Reorganize nxos httpapi plugin for compatibility
* draft docs for connection: httpapi
* restores docs for connection:local for eapi
* Add _remote_is_local to httpapi
* Don't rewrite remote paths when remote is secretly local
* Remote overriding is configurable in connection
* Use c.DEFAULT_LOCAL_TMP instead of remote_tmp
* Remove remote_is_local from ConnectionBase
* remote_is_local->_remote_is_local
* Add warning signs to _remote_is_local and explanatory comments to its use
* add pytest_cache to gitignore
* onepassword lookup plugin
* fix linter/style test complaints
* second pass at making pycodestyle happy
* use json module instead of jq
* update copyrights, license & version added
* fix python2 compatibility
* doh. fix spacing issue.
* use standard ansible exception
* remove potentially problematic stdin argument
* actually call assertion method
* add support for top-level fields
* make vault uuids pedantically consistent in fixture
* fix new style issues
* ability specify section & correct case handling
* improve error handling
* add onepassword_raw plugin
* Add maintainer info
* Move common code to module_utils/onepassword.py
* Load raw data JSON data for easier use in Ansible
* Put OnePass class back inside lookup plugin
There is no good place for sharing code across lookups currently.
* Remove debugging code in unit tests
* Patche proper module in raw unit tests
* Add changelog entry
Co-authored-by: Scott Buchanan <sbuchanan@ri.pn>
* Add new OpenStack module for changing metadata of compute instances
* Add missing RETURN documentation
* Fix API calls to match shade's implementation.
API was changed in the following PR (openstack-infra/shade):
https://review.openstack.org/#/c/319395
* Replace type by isinstance when type checking
* Add ANSIBLE_METADATA
Signed-off-by: Mário Santos <mario.rf.santos@gmail.com>
* Bump the ansible version
Signed-off-by: Mário Santos <mario.rf.santos@gmail.com>
* Add support for check_mode
Signed-off-by: Mário Santos <mario.rf.santos@gmail.com>
* Fix sanity tests
Signed-off-by: Mário Santos <mario.rf.santos@gmail.com>
* Force the meta parameter to be a string
Signed-off-by: Mário Santos <mario.rf.santos@gmail.com>
* Use short GPL license
Signed-off-by: Mário Santos <mario.rf.santos@gmail.com>
* Change meta argument to dict
Signed-off-by: Mário Santos <mario.rf.santos@gmail.com>
handle incorrect data type in list lookup plugin
Fixes#35481
test to ensure that loops properly handle incorrect datatypes
Signed-off-by: Adam Miller <admiller@redhat.com>
* - add tests for s3_lifecycle
- fix a bug comparing transitions with different storage_types
* make s3_lifecycle work with boto3
* add noncurrent version lifecycle rules
* Do not join flag parameters
This put a comma between every character of the tcp flag parameters, resulting in a bad iptables command.
Fixes#36490
* Use suboptions to ensure tcp_flags options are lists
* Add unit tests for tcp_flags
* Add example of how to use tcp_flags
* Added gitlab_hooks module and related tests
* Fix sanity check issues
* Refactor to use common util method, add check_mode support
* Fix module shebang
* Added module gitlab_deploy_key and related tests
* Fix sanity check issues
* Refactor to use common util method, add check_mode support
* Fix module shebang
* Fix failing aws_ses_identity integration tests
Reduce boilerplate with yaml anchor
* remove unstable test alias
* Update feedback forwarding check to use desired state rather than
repeated API calls.
* uri: Add form-urlencoded support to body_format
This PR adds form-urlencoded support so the user does not need to take
care of correctly encode input and have the same convenience as using
JSON.
This fixes#37182
* Various fixes
* Undo documentation improvements
No longer my problem
* Fix the remaining review comments
* Allow negative values to expires to unexpire a user
Fixes#20096
(cherry picked from commit 34f8080a19c09cd20ec9c045fca1e37ef74bb1e6)
(cherry picked from commit 54619f70f4b79f121c5062d54e9732d3cbb24377)
(cherry picked from commit 8c2fae27d6e2af810112032bb1dfef5459035b7e)
(cherry picked from commit db1a32f8caa8c8b9f989baa65784d4b2b5cad1f8)
* tweaked and normalized
- also added tests, made checking resilient
Using Ubuntu 14.04, test fails because 'blkid' < 2.21 doesn't recognize
'ocfs2' filesystem smaller than 108Mo:
6baa150398
filesystem: fix MKFS_FORCE_FLAGS for ocfs2
mkfs.ocfs2 -F won't work because mkfs.ocfs2 asks for a confirmation:
$ mkfs.ocfs2 -F img
mkfs.ocfs2 1.6.4
Cluster stack: classic o2cb
Overwriting existing ocfs2 partition.
WARNING: Cluster check disabled.
Proceed (y/N):
The undocumented 'x' switch must be used too.
add new line and update choice documentation
adding description for ocfs2 support
use correct variable ansible_distribution to test ocfs2 with Debian
distribution
use ansible_os_family for Debian
increase ocfs2 fs size to 20M (minimal size 11 instead of 10M)
add ocfs2 support for module filesystem
Update setup.yml
delete trailing spaces
add ocsfs2 defaut var
Install ocfs2-tools for all linux
Testing ocfs2 on for Ubuntu - restrict blkid to be be done