Otherwise, it fail with:
Traceback (most recent call last):
File \"/tmp/ansible_c1zmq3i9/ansible_module_openssl_certificate.py\", line 808, in <module>
main()
File \"/tmp/ansible_c1zmq3i9/ansible_module_openssl_certificate.py\", line 787, in main
certificate.generate(module)
File \"/tmp/ansible_c1zmq3i9/ansible_module_openssl_certificate.py\", line 692, in generate
certfile.write(str(crt))
TypeError: a bytes-like object is required, not 'str'
* Verify that acme-tiny is present
* Use run_command rather than subprocess for acme-tiny
Besides consistency with the rest of the code base, this also
add 2 bug fixes:
- ansible should no longer show "warning, junk after json" when using the module
- it also verify the return code of acme-tiny, and so fail when the
verification fail. The previous code didn't check rc, so it would continue
with a empty file
The accumulated collected_facts was being update
with new facts _after_ filtering them. So only
facts that pass the filter would ever be passed
to other fact collectors.
For 'filter=ansible_service_mgr', even though it requires
the platform and distribution facts and even collects them,
they would get filtered out and never passed to the other
collectors that need them (service_mgr for ex).
Fix is just to add the unfiltered facts to collected_facts.
Adds unit tests for fact filter and collected_facts.
Fixes#32286
The search string used to look for Clear Linux
was changed in 45a9f96774 to
be more specific, but was too specific. Now finding
a substring match for 'Clear Linux' in /usr/lib/os-release
is enough to consider a match.
Since the details of the full name in os-release varies
('Clear Linux Software for Intel Architecture',
'Clear Linux OS for Intel Architecture', etc) the
search string match was failing and would fall back to the
'first word in the release file' method resulting in
ansible_distribution='NAME="Clear'
Also add a meta fact indicating which search string
was matched.
Test case info from:
https://github.com/ansible/ansible/issues/31501#issuecomment-340861535Fixes#31501
Extract vault related bits of DataLoader._get_file_contents to DataLoader._decrypt_if_vault_data
When loading vault password files, detect if they are vault encrypted, and if so, try to decrypt with any already known vault secrets.
This implements the 'Allow vault password files to be vault encrypted' (#31002) feature card from
the 2.5.0 project at https://github.com/ansible/ansible/projects/9Fixes#31002
People expect to be able to upload files to s3 using standard
locations for files.
Providing an action plugin that effectively rewrites the `src`
key to the result of finding such a file is a great help.
Tests added, and IAM permissions corrected
* npm module compatible with npm5
Uses the `--long` flag in `npm list` to get the `missing` key back.
* npm: add integration tests
* npm: test the module with npm 4 as well
* Remove debug tasks, use variables
* Use tests instead of filters
* Adds xcambar as a maintainer of the npm module
influxdb_user module has user_name, user_password which may confuse with existing
login arg username and password. Added aliases prefixed ith login_ to
help distinguish.
- Adding Let's Encrypt production ACME directory URL
- Marking examples as one big example with several alternatives for the first step
- Adding another example which uses aliases for options, and uses DNS-01 challenges
This fixes get_vm method to use propertyCollector which
can efficiently find the virtual machine from given VMware
infrastructure using only name.
* VMware: Refactor vmware_guest module
* Add nested paths of datacenter
* Add tchernomax suggestions
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* win_iis_webbinding: Fix bug with ipaddress * returning multiple bindings
instead of only the ones defined as *. Address possible future issues around
hostheader * by just disallowing it. Resolves 25473. Added new test for
this case.
Removed all validation for https binding collisions due to difficulty in
validating all cases in which they could or could not collide. As a
result, also removed return values relating to certificate data.
Updated testing and docs appropriately
* win_iis_webbinding: added break to remove binding loops
* Add monitoring/grafana_datasource module
added ds type mysql and postgres + check of parameters
* Added option max_concurrent_shard_requests for es_version >= 5.6
current_size is returned from the API as string, while self.size
(the requested size) is an integer. This caused the comparison
to always be False, and a resize request to always be sent.
* Moved the encryption to its own action method.
* removed silly default value for encryption type.
* Code formatting issues from pull request ANSIBOT.
* changed version_added to "2.5"
because of new new options available
* changed version_added to "2.5"
because of new new options available
* changed version_added to "2.5"
because of new new options available
* compare arg+aliases between docs and argument_spec
* Add some special handling for the network modules provider options that also appear in the top level arg spec
* Fix error code for bigip_hostname
* Address merge conflicts due to changes in f5 modules
* Update validate-modules ignore based off a clean execution
* Address merge conflicts
* Address renamed module
* Address recent changes to modules
* Add ignore for ucs_ip_pool
* Update aci modules to get more reliable documentation comparison, but not mutating the module_utils aci_argument_spec
* Update ignore.txt after recent aci updates
* Add extra guard to ensure we handle provider special only for network modules
* Address additional changes to modules
* added cloudfont.py, modified cloudfront_facts.py class name and fixed a minor bug
* Improvements to cloudfront_distribution
* Reduce the scope of the cloudfront_distribution module
* Remove presigning
* Remove streaming distribution functionality
* Add full test suite for cloudfront distribution
* Meet Ansible AWS guidelines
* Make requested changes
Fix tests
Use built-in waiter
Update copyright
* Added check to prevent failed empty changesets from being left behind
* Fixing comments from PR 34933, prevent infinte loop and stricter exception catching
* Clarify which ping module to use
Ensure each of the ping modules link to each other
ping - Requires Python on remote-node
nxos_ping - Only on Cisco NXOS
ios_ping - Only on Cisco IOS
net_ping - For network devices
win_ping - only for Windows
* Add additional properties to storage domains
* add warn low space for additional storage properties
* Fixing comments
1. Fixing documentation
2. Use default None
3. Remove redundant if condition
4. remove added discard since it was already added
* Apply comments #2
Fix default value to None
Use percentages instead of GB
* Adds custom_data parameter to azure virtual machine resource
Invoke custom_data in an integration test: This invocation of
custom_data should not cause any side effects.
* Bugfix: String encoding now works in both python2 and 3
* Fix pep8 violations
* Use nginx to serve a text file created via custom_data and verify that
that custom_data is working
* fix up azure_rm_virtualmachine custom_data
* tweaks #25924
* simplify string encoding fun
* don't rely on external packages
There are changes that the merge config can fail, but the module
will still report success. This adds a blob of code to start
collecting those failures and bubbling up a module failure
accordingly.
* adding azure_rm_mysqldatabase
* updates to azure_rm_mysqldatabase
* updates to azure_rm_mysqldatabase
* updates to azure_rm_mysqldatabase
* updates to azure_rm_mysqldatabase
* updates to azure_rm_mysqldatabase
* updates to azure_rm_mysqldatabase
* Updated docs around force_update
* adding azure_rm_postgresqldatabase
* updates to azure_rm_postgresqldatabase
* updates to azure_rm_postgresqldatabase
* updates to azure_rm_postgresqldatabase
* updates to azure_rm_postgresqldatabase
* updates to azure_rm_postgresqldatabase
* updates to azure_rm_postgresqldatabase
* Updated docs around force_update
* describe_images is very slow if not filtered to owner accounts
*or* if the Owners parameter is passed (unless the Owners parameter
is `self`). Convert Owners parameters to `owner-id` and `owner-alias`
filters where possible. Tests with CLI show that `--owners self` is
fast, `--owners 123456789012` is slow (with or without owner-id filter).
* describe_image_attributes fails against accounts other than your
own. Launch permissions are useful information, but not critical.
* first dirty container instance
* added my name ;-)
* more updates
* more updates
* removed unnecessary stuff
* container instance updates
* several fixes
* undo changes in common
* removed unnecessary references, fixed delete
* added / updated parameters
* updated samples & comments
* updated docs, comments, samples and added registry credentials
* added ip address and port
* query existing container instance (but result not used yet)
* some major changes to the module
* more fixes
* added requirement for containerinstance module
* adding integration test
* fixes for pull request
* updated version
* updated version to 2.5
* updated version
* updated integration.cloud.azure.txt as requested by test framework
* removed due to merge reasons
* updated requirements-azure.txt
* undone azure-rm-common
* lf
* properly update test requirements
* first dirty container instance
* container instance updates
* several fixes
* review related updates
* review related fixes
* undo changes in common
* added / updated parameters
* query existing container instance (but result not used yet)
* updated version to 2.5
* updated version
* removed due to merge reasons
* updated requirements-azure.txt
* undone azure-rm-common
* properly update test requirements
* minor fix - sanity
* fix one issue after rebasing
* removed files accidentally added while rebasing
* removed checking for changes
* several fixes
* fixed sanity
* updates as requested by reviewers
* removed ci as it doesn't work
* reenabled ci
* renamed container instance, removed required: false
* removed default: null
* final updates according to the review
* one more fix
* first dirty container instance
* added my name ;-)
* more updates
* more updates
* removed unnecessary stuff
* container instance updates
* several fixes
* undo changes in common
* removed unnecessary references, fixed delete
* added / updated parameters
* updated samples & comments
* updated docs, comments, samples and added registry credentials
* added ip address and port
* query existing container instance (but result not used yet)
* some major changes to the module
* more fixes
* adding integration test
* fixes for pull request
* updated version
* updated version to 2.5
* updated version
* updated integration.cloud.azure.txt as requested by test framework
* removed due to merge reasons
* updated requirements-azure.txt
* undone azure-rm-common
* lf
* properly update test requirements
* review related updates
* first dirty container instance
* container instance updates
* several fixes
* review related fixes
* undo changes in common
* added / updated parameters
* query existing container instance (but result not used yet)
* updated version to 2.5
* updated version
* removed due to merge reasons
* updated requirements-azure.txt
* undone azure-rm-common
* properly update test requirements
* minor fix - sanity
* fix one issue after rebasing
* removed files accidentally added while rebasing
* removed checking for changes
* several fixes
* fixed sanity
* updates as requested by reviewers
* removed ci as it doesn't work
* reenabled ci
* renamed container instance, removed required: false
* removed default: null
* final updates according to the review
* one more fix
* changed location as default from resource group can't handle containers
* updates to container instance
* fixed mistakes during merge
* one more fix
* another mistake
* container instance fixes
* several fixes to container instance
* return value fix
* minor update
* just one api version right now
* fixed api version
* container instance does not suppurt api version
* removed unnecessary try blocks
* removed tags related things
* fixed pep8
* final fixes?
* final updates to the module
* more fixes
* Fix ec2_vpc_net tags
PR #33105 broke the tags returned by ec2_vpc_net - it was returning the raw boto3 list instead of a dict as expected.
* Add a test for tags
* `validate` or `ignore` values may be set by module, credential profile, or env. Module has highest precedence, followed by credential profile, then environment, and defaults to `validate` if not otherwise specified.
* fixes#33455
* IP address pool module and integration tests
* Examples corrected and imports moved to beginning of module.
* Revert ucsmsdk import lines to avoid import sanity test failures.
* Add comment around imports for ucsmsdk.
* Module DOCUMENTATION should match argspec
Large update of many modules so that DOCUMENTATION option name and
aliases match those defined in the argspec.
Issues identified by https://github.com/ansible/ansible/pull/34809
In addition to many typos and missing aliases, the following notable
changes were made:
* Create `module_docs_fragments/url.py` for `url_argument_spec`
* `dellos*_command` shouldn't have ever had `waitfor` (was incorrectly copied)
* `ce_aaa_server_host.py` `s/raduis_server_type/radius_server_type/g`
* `Junos_lldp` enable should be part of `state`.
Fixes # 34917
* Remove spaces from in between interface name
* Convert interface name to lower case as interface name
is case insensitive wrt configuring on remote device.
* Add VnicProfileMapping to register VM
Add vnic profile mappings to be supported in vm registration
* Add VnicProfileMapping to register template
Add vnic profile mappings to be supported in template registration
* Add reassign bad macs to register VM
Add reassign bad macs to be supported in vm registration.
* Add additional mappings params for VM registration
As part of the effort to support DR with oVirt
the "Register" operation is being added with a new mapping parameter
that describes the configuration of the registration.
The idea of supporting DR site to site in oVirt is to have 2 active
setups using storage replication between the primary setup and the
secondary setup.
Both setups will have active DCs, clusters, and hosts, although those
will not be identical.
The user can define a mapping which will be used to recover its setup.
Each mapping can be used to map any VM's attribute stored in the OVF
with its correlated entity.
For example, there could be a primary setup with a VM configured on cluster A.
We also keep an active secondary setup which only have cluster B.
Cluster B is compatible for that VM and in case of a DR scenario theoretically
the storage domain can be imported to the secondary setup and the use can
register the VM to cluster B.
In that case, we can automate the recovery process by defining a cluster mapping,
so once the entity will be registered its OVF will indicate it belongs to
cluster A but the mapping which will be sent will indicate that cluster B should
be valid for every thing that is configured on cluster A.
The engine should do the switch, and register the VM to cluster B in the secondary site.
Cluster mapping is just one example.
The following list describes the different mappings which were
introduced:
LUN mapping
Role mapping
Permissions mapping
Affinity group mapping
Affinity label mapping
Each mapping will be used for its specific OVF's data once the register operation
will take place in the engine.
* Add additional mappings params for Template registration
As part of the effort to support DR with oVirt
the "Register" operation is being added with a new mapping parameter
that describes the configuration of the registration.
The idea of supporting DR site to site in oVirt is to have 2 active
setups using storage replication between the primary setup and the
secondary setup.
Both setups will have active DCs, clusters, and hosts, although those
will not be identical.
The user can define a mapping which will be used to recover its setup.
Each mapping can be used to map any Template's attribute stored in the OVF
with its correlated entity.
For example, there could be a primary setup with a Template configured on cluster A.
We also keep an active secondary setup which only have cluster B.
Cluster B is compatible for that Template and in case of a DR scenario theoretically
the storage domain can be imported to the secondary setup and the use can
register the Template to cluster B.
In that case, we can automate the recovery process by defining a cluster mapping,
so once the entity will be registered its OVF will indicate it belongs to
cluster A but the mapping which will be sent will indicate that cluster B should
be valid for every thing that is configured on cluster A.
The engine should do the switch, and register the Template to cluster B in the
secondary site.
Cluster mapping is just one example.
The following list describes the different mappings which were
introduced:
Role mapping
Permissions mapping
Each mapping will be used for its specific OVF's data once the register operation
will take place in the engine.
* Add support for update OVF store
Add support for task of update OVF store in a storage domain.
* allow shells to have per host options, remote_tmp
added language to shell
removed module lang setting from general as plugins have it now
use get to avoid bad powershell plugin
more resilient tmp discovery, fall back to `pwd`
add shell to docs
fixed options for when frags are only options
added shell set ops in t_e and fixed option frags
normalize tmp dir usag4e
- pass tmpdir/tmp/temp options as env var to commands, making it default for tempfile
- adjusted ansiballz tmpdir
- default local tempfile usage to the configured local tmp
- set env temp in action
add options to powershell
shift temporary to internal envvar/params
ensure tempdir is set if we pass var
ensure basic and url use expected tempdir
ensure localhost uses local tmp
give /var/tmp priority, less perms issues
more consistent tempfile mgmt for ansiballz
made async_dir configurable
better action handling, allow for finally rm tmp
fixed tmp issue and no more tempdir in ballz
hostvarize world readable and admin users
always set shell tempdir
added comment to discourage use of exception/flow control
* Mostly revert expand_user as it's not quite working.
This was an additional feature anyhow.
Kept the use of pwd as a fallback but moved it to a second ssh
connection. This is not optimal but getting that to work in a single
ssh connection was part of the problem holding this up.
(cherry picked from commit 395b714120522f15e4c90a346f5e8e8d79213aca)
* fixed script and other action plugins
ensure tmpdir deletion
allow for connections that don't support new options (legacy, 3rd party)
fixed tests
When using the -c option, like "ansible-config -c ~/.ansible.cfg view"
with python 3, it fail with this error message:
ERROR! Unsupported configuration file extension for b'/home/misc/.ansible.cfg': .cfg
* port elb_classic_facts to boto3
update module to use AnsibleAWSModule
* Add RETURN docs for elb_classic_lb_facts
* Remove superfluous exception handling around connection
Fix exit_json call and RETURN docs
This fixes fact gathering of VMware guest machines with
older Linux Kernel versions. These older Kernels do not support /sys
filesystem which is used to gather virtualization related facts.
'dmidecode' is the safest option to find out virtualization related facts.
Fixes: #21573
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Cache tasks as they are queued instead of en masse
This also moves the task caching from the PlayIterator to the
StrategyBase class, where it makes more sense (and makes it easier
to not have to change the strategy class methods leading to an API
change).
Fixes#31673
* Cleaning up unit tests due to 502ca780
* Add validation for the next to last line of a module
* Fix last error code
* Reduce to a single conditional
* Fix conditionals
* Move the final warnings statement to main() in mysql_replication
oVirt modules support environment variables to be passed as
authentication details for connection. But ovirt_auth doesn't support
it. This patch add support for it.
Change cb1b705218 introduced the newline
parameter on network_cli plugin, but that was never introduced on cliconf.
This causes ios_user to break, since the newline value is never plumbed thru
to network_cli
* updates to azure_rm_sqlserver_facts
* updates to azure_rm_sqlserver_facts
* updates to azure_rm_sqlserver_facts
* updates to azure_rm_sqlserver_facts
* updates to azure_rm_sqlserver_facts
* updates to azure_rm_sqlserver_facts
* updates to azure_rm_sqlserver_facts
* updates to azure_rm_sqlserver_facts
* updates to azure_rm_sqlserver_facts
* updates to azure_rm_sqlserver_facts
Currently the ManageIQ API does not support azure_tenant_id but
this is in the process of being fixed. This commit changes
the recently-committed parameter to allow for the upcoming change.
* Fix persistent command timeout handling
We were using play context timeout on ansible-connect to set
the persistent command timeout handler. Thus, we were ignoring
the persistent_command_timeout setting.
Moreover, even by changing that on ansible-connection, were again
overriding it on cliconf send_command, since in a same process we can
just set a single alarm and cliconf send_command alarm setup is executed
after ansible-connection alarm setup.
* Remove alarm setting on cliconf send_command
The alarm is set regardless before it is executed by ansible-connection.
Setting an alarm again, overrides/disables the previous ones as a single
process can just have a single alarm set.
* Move the setting of persistent command timeout to network_cli
We do also use ansible-connection for connection local, so if a
user provides a timeout via provider that would be ignored if we
set the value on ansible-connection.
Moving that logic to network_cli plugin constructor makes both
connections to work.
* Remove debug statements
* Set the persistent command timeout on task_executor
We can't set the timeout on ansible-connection nor network_cli,
otherwise tasks using provider timeout won't work.
This patch is primarily a refactor to make the validate-modules arg-spec
no longer generate a traceback. It additionally includes removal of deprecated
code in the virtual server module.
The main patch is to remove the traceback generating code. There are
other small fixes that were made in addition to doing that.
* Removed re-def of cleanup_tokens.
* Changed parameter args to be keywords.
* Changed imports to include new module_util locations.
* Imports also include developing (sideband) module_util locations.
* Changed to using F5Client and plain AnsibleModule to prevent tracebacks caused by missing libraries.
* Removed init and update methods from most Parameter classes (optimization) as its now included in module_utils.
* Changed module and module param references to take into account the new self.module arg.
* Minor bug fixes made during this refactor.
The main purpose of this patch is to do the refactor that
supports replacing tracebacks with fail_json. Additionally, the
following was done.
* Removed re-def of cleanup_tokens.
* Changed parameter args to be keywords.
* Changed imports to include new module_util locations.
* Imports also include developing (sideband) module_util locations.
* Changed to using F5Client and plain AnsibleModule to prevent tracebacks caused by missing libraries.
* Removed init and update methods from most Parameter classes (optimization) as its now included in module_utils.
* Changed module and module param references to take into account the new self.module arg.
* Minor bug fixes made during this refactor.
Primarily, this patch contains refactors to remove tracebacks that
are generated when libraries are missing. There is also,
* Removed re-def of cleanup_tokens.
* Changed parameter args to be keywords.
* Changed imports to include new module_util locations.
* Imports also include developing (sideband) module_util locations.
* Changed to using F5Client and plain AnsibleModule to prevent tracebacks caused by missing libraries.
* Removed init and update methods from most Parameter classes (optimization) as its now included in module_utils.
* Changed module and module param references to take into account the new self.module arg. Minor bug fixes made during this refactor.
This patch was primarily an effort to reduce traceback errors for
work that sivel was doing. Part of (and in some cases in addition to)
that, the following was done.
* Removed re-def of cleanup_tokens.
* Changed parameter args to be keywords.
* Changed imports to include new module_util locations.
* Imports also include developing (sideband) module_util locations.
* Changed to using F5Client and plain AnsibleModule to prevent tracebacks caused by missing libraries.
* Removed init and update methods from most Parameter classes (optimization) as its now included in module_utils.
* Changed module and module param references to take into account the new self.module arg.
* Minor bug fixes made during this refactor.
This fix refactor vmware_host module to use PyVmomi.
Also, handle SSLVerifyFault exception to get hostsystem's certificate
thumbprint.
Fixes: #20819
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* aci_aep_to_domain: New module to bind AEP to domain
* Changes to bring in line with aci_domain
* Rename aep_domain to domain_dn, add types
* Fix pylint errors
The jira module uses ansible.module_utils.urls.fetch_url which will
attempt to get that value of the validate_certs parameter from the
module; if present it will honor it's value, otherwise it defaults
to True.
This patch adds that parameter to jira so that it can be specified
by the user and honored by ansible.module_utils.urls.fetch_url
Signed-off-by: Adam Miller <admiller@redhat.com>
* fix broken import
* ansible.module_utils.ec2.HAS_BOTO is already used
* wait_timeout parameter: use 'int' type
* wait is always True there
* doc: use formatting function
* Update validate-modules arg_spec introspection to be faster, by only mocking the imports we explicitly list
* The use of types.MethodType in redhat_subscription wasn't py3 compatible, use partial instead
* Remove argument_spec import hacks, make them errors, we can ignore them with ansible-test
* Enable the --arg-spec flag for validate-modules
* aci_domain_to_vlan_pool: Add domain to VLAN pool
A new ACI module to bind a domain to a VLAN pool.
This module still needs integration tests once it is formally review and
accepted.
* Add examples to documentation
* aci_domain_to_encap_pool: Add domain to encap pool
A new ACI module to bind a domain to an encap pool.
This module still needs integration tests once it is formally review and
accepted.
* Fix domain RN and attributes
* aci_domain: Manage phys, vmm, l2ext, l3ext and FC domain profiles
A new ACI module from the high priority list.
* Add RHEV VMM provider as Redhat
* PEP compliancy
* Make variables specific to domain
* Add examples
* aci_vlan_pool_encap_block: New module to manage VLAN encap blocks
This module is a simplified version of the aci_encap_pool_range module.
* PEP8 fixes (closer to the original)
* Add integration tests
* Mellanox OS name change: MLNXOS changed to ONYX
Signed-off-by: Samer Deeb <samerd@mellanox.com>
* Fix alphabetical order of modules metadata
Signed-off-by: Samer Deeb <samerd@mellanox.com>
Adding "-SyncWindow 0" flag to the Compare-Object call used to determine if the existing and proposed IP address lists are the same. This makes the array comparison mark changes in order as a difference.
Fix for bug #34651
* aci_vlan_pool: Module to manage VLAN pools
This is a simplified version of the aci_encap_pool module.
* Add integration tests, based on aci_encap_pool
* Add new module for managing ospf protocol on mlnxos devices
Signed-off-by: Samer Deeb <samerd@mellanox.com>
* Fix test name, and documentation.
Signed-off-by: Samer Deeb <samerd@mellanox.com>
This module is mostly written to make room for the option of not
setting the `value` parameter while `state=absent`. That choice being
a feature, since it allows both for the removal of individual records
as well as the removal of full record sets.
The opposite goes for the `record` parameter, which needs to be defined
at least by its default value for the module to be able to produce any
meaningful result. Hence making it explicit as part of required_if.
The MX record type is already plenty covered. In addition to the
priority parameter having a default value, the `ensure_dns_record`
method does its own parameter checking.
SRV records on the other hand do need additional parameter
checking. Primarily with the `delete_dns_records` method in mind.
Fixes#23957