* Minor junos_config module changes
* Add note for json config support
* Add example for lines argument
* Fix future warning for ElementTree
* Remove unwanted space
We fail-fast and display 'stderr' in case 'pacman' returns with 'rc != 0'.
There is no point computing 'module._diff' in such case anyway.
Fixes#23910
(cherry picked from commit 8c6a2a848cf6a6d6522c8f5be56decf8df1ed6ab)
* Fix systemd in chroot
The 'request ignored' message is in stderr, not stdout.
* Check both stdout and stderr for systemd message
Some versions of systemd report to stderr, others to stdout. Also check
whether output could be a valid normal response to avoid false positives.
* Use sys.stdout.buffer to write vault bytes to stdout on py3
We need sys.stdout.buffer on py3 so we can write bytes to it since the plaintext
of the vaulted object could be anything/binary/etc
Before, attempting to write bytes to stdout on py3 would cause:
TypeError: write() argument must be str, not bytes
* keep unsafe .. unsafe
fixes#23734, which was broken in previous fix that allowed non string types to be templated
use new 'is_template' function vs bastardizing others
refactored clean_data to allow for arbitrary data structures to clean
fixed/removed some tests
* deal with complex data for is_template
* typos
We have a list of specific messages that we scree-scrape and flag
them as legit errors.
However, we also have a catch-all regex that matches everything
starting with %.
That can cause issues on commands that return lines with that
character, like for example the 'crypto key generate'.
Fixes#23770
In current stable (2.2), ansible galaxy install --force do erase
a role, even if the version is not set. This commit should restore
that specific behavior, in accordance to people reports:
https://github.com/ansible/ansible/issues/11266#issuecomment-273801480
It was also the behavior planned in the initial discussion:
"if you're not fixing versions in your roles file, then it's fine
to expect that the role will be reinstalled each time you run
ansible-galaxy install.", cf https://github.com/ansible/ansible/pull/12904
* Revert "fixes play context connection user (#21776)"
This reverts commit 58ee661437.
fixes#23530
* preserve original in copy
updated comment to clarify wtf is going on here
fixes#17382
alternate to #22979
deal with cases in which group/host have . in name
updated as per feedbck
only be strict about extension when doing dirs
also avoid ~ endings
without this patch, ansible-galaxy will mangle files containing
the archive parent directory name, eg 'owncloud/files/owncloud.cron'
will become 'owncloud/files/.cron'.
The previous code could affect the entire path and even filenames.
If a file path has the top level dir name as a substring, galaxy
replaces it with ''. In one example, the archive top level dir
is 'go', so 'files/go-bin.sh' becomes 'files/-bin.sh'.
Fixes#22572, #23694, #23623
* Fix vault reading from stdin (avoid realpath() on non-links)
os.path.realpath() is used to find the target of file paths that
are symlinks so vault operations happen directly on the target.
However, in addition to resolving symlinks, realpath() also returns
a full path. when reading from stdin, vault cli uses '-' as a special
file path so VaultEditor() will replace with stdin.
realpath() was expanding '-' with the CWD to something like
'/home/user/playbooks/-' causing errors like:
ERROR! [Errno 2] No such file or directory: u'/home/user/ansible/-'
Fix is to specialcase '-' to not use realpath()
Fixes#23567
* to_text decrypt output when writing to stdout
* Make warning logs consistent
Arguments outside provider with default
value should not log as warning in case
it is not mentioned in play.
* Make nxos timeout default consistent and add comments
* Make comments more verbose
update module to support more standard state=present/absent syntax
update module to use required_if, required_together, mutually_exclusive functions where possible
per ryansb review: make documentation section more clear, fix some extra quotes, remove FIXME comment
pre willthames review: force private_zone to True if vpc_id is set and fix word wrap
The commit was started before 2.3 was branched, but was only merged once
2.3 was actually branched. This leads to documentation stating this
module is new in 2.3 when it will be actually new in 2.4
Regex patterns were not being escaped properly so package names
containing characters that could be interpreted as regex symbols
were causing failures.
Fixes: #19714
* Support check mode in ec2_vpc_dhcp_options_facts
As a facts module, ec2_vpc_dhcp_options_facts supports check mode
by default
* ec2_vpc_dhcp_options_facts tidy up
Use named method imports, move imports to top of code
Use shared code to handle filters and tags
Use snake case for parameter names while retaining backward compatibility
* Code cleanup
Removed 'add' method from CustomNetworkConfig. It is identical
to the one inherited from NetworkConfig
* Removed unused CustomNetworkConfig import
* Replaced
```
def get_existing(module, args):
existing = {}
netcfg = get_config(module)
config = netcfg.get_section(parents)
```
with
```
netcfg = CustomNetworkConfig(indent=2, contents=get_config(module))
```
get_config returns a string, not an object in 2.3.
* Removed non-functioning get_object method in CustomNetworkConfig in favor of the
inherited method.
Added child_objs property so that expand_selection would work. The original
verion never worked correctly as it compared NetworkConfig obj's and str's.
* Removed ShellError method in favor or new load_config method.
* Removed ShellError method in favor or new load_config method.
fixes#20260
* nxos requires a "no" statement to change mcase group. Corrected.
Corrected changed logic.
* Corrected deleted CustomNetworkConfig import
This addresses a problem where the action plugin would ignore the
remote_addr value for the host. In this case, only the inventory values
for the hostname would be considered and populate the remote host
remote_addr value for the connection plugin.
Only a few more modules were using Set-Attr on the $result object rather
than using a normal hashtable. This PR changes the PSObject to a
hashtable and gets rid of Set-Attr.
This fixes issue when list from module contains more than one element.
Ansible and/or boto may put same elements in list in different order,
thus resulting task as changed.
Fixes#3310
* Improve Fortios IPv4 policy with logging capabilities. While there, fix typos in examples. forti_config: use the backup_filename param and dont enforce the the filename value.
* forti-typos
* Add version_added for new options in the documentation
* Make it easier to find network modules
Feedback has been it's difficult (via Google or directly) to find
modules as some people search for the company name vs product name,
therefore specify both.
* "IOS XR" (not "IOS-XR")
It's possible that if the module has a low-level failure, such as
"unable to open shell", or something else in the action plugin that
stdout and stdout_lines will not be returned.
Update the documentation to clarify this point.
When the security groups specified to the os_server module change they
should be updated on the server. This will require shade 1.19 where the
server security group commands were added.
Fixes: #23206
* allow split horizon for route53_zone and refactor
* fix documentation
remove comment
fix version_added
* Remove unused imports
* Only include zone as matching if it has the same privacy setting
* Use `.endswith` instead of indexing into a string
* Update public zone behavior to only create new if there is no matching public zone
* Remove from legacy PEP8 files
We invoke /usr/bin/apt inside of the ansible module. When that command
exits, it doesn't always include a helpful error message. Include the
exit code so that user's have all the information we can gice them as to
why apt failed.
Addresses #19128
* msg_format parameter added
error message received from telegram API is added to fail json
compatibility with python3 added
* pep8 formatted
* version_added property added for msg_format
* bot token must be set without 'bot' prefix in module parameters
* formatting options described in documentation
* six module for compatibility used
telegram.py removed from legacy-files.txt
* rpm_key: Decode bytes to string to work with Python 3 (#20326)
The read() method will return bytes we need to then decode() those bytes
to a string before trying to match() it using the re module.
* Make the rpm_key pgp regex more robust on both py2 and py3
* Check for provider values inside check_args of respective network code
* Partial revert of b9ee5aa
The no_log change is okay, but take out the action result munging
Recent Python3 versions require open() to specify binary mode if the data is anything other than text.
Python3: Use int() instead of long() in unarchive
Changes long() to int() for CRC values in the unarchive module. Affects unarchiving of zip files. Since CRC values in zipfile are 32 bits the behaviour should be unchanged even in Python 2.
When retrieving file contents for diffing we need to get the contents as
binary. Otherwise python3 will try to convert the file to text and fail
with non-decodable contents.
Fixes#23171
* Build HTTPSClientAuthHandler more similarly to how HTTPSHandler works
* Add docs for new client cert authentication
* Support older versions of python
* Simplify logic
* Initial support for client certs in urls.py
* Add an extra test
* Add a get_url test for client cert auth
* Add additional test for client cert auth, with validation and ssl mismatch
* Skip assert when http tester not available
* Update version_added for new options
Copy module was walking over files in subdirectories repeatedly (a
directory tree a few levels deep could bring the time spent into the
tens of minutes)
This was traced to the fix for this bug report: https://github.com/ansible/ansible/issues/13013Fixed#13013 a different way and added an integration test to check for
regressions of #13013 as we optimize this code.
Fixes#21513
Ansible will now automatically retry a connection if SSH returns an error:
mux_client_hello_exchange: write packet: Broken pipe
This is probably a bug in SSH, but because it's safe to retry this
connection there is no need for Ansible to fail because of it.
If we run the task with 'login' banner, the 'show banner' command
will return a dict containing key 'loginBanner'.
However for motd, it will just return 'motd'.
Yay naming consistency!
We were hard-coding the protocol, port and validate_certs on
eos EAPI via the action plugin.
Put defaults on the eos_argument_spec and pull those values from it.
* 'unable to open shell' -> direct to web help
The "unable to open shell" error is returned for a number of different,
direct people to online docs (we we can update out of band of releases)
to guide them though the various solutions.
* fix pep8 errors
* Resolve#23239:
- path is missing when state=absent
- update doc for unclear policy ID
- required params based on state
* Fix pep8 + doc
* Fix doc
* Another doc problem...
* doc
* Update doc fot policy ID
* Fix doc string
* fix required in doc
* fix required in doc Required when I(state=present).
The openvswitch_db module uses the ovs-vsctl binary to
address changes.
On other network modules we follow the pattern of returning 'commands'
as part of the result, containing the commands run on the target device.
Follow that for code consistency and maintenance.
Also, adding state param, which allows to add/remove keys on columns.
This reverts commit 97cb2016d8.
It was causing issues downstream as facts seem to be merged back for
subsequent tasks. Will restore if I ever figure out how to avoid that.
* Add workaround for evasive in apache2_module
* Fixes#22635
* Clean up workarounds for php/shib
* Add test for evasive workaround
* Remove use of re module, since all searches work with native python
* Add unit tests to apache2_module name replacements
Go back to using re package where needed
* Rename replace_name to create_apache_identifier
* Add ability to use either sec group name or sec group id or combination to ec2_lc. Also fix header size in AWS Guidelines
* Fix ec2 import to only import neccessary packages. Remove pep8 double line
The current implementation matches libreoffice-oldstable when testing for libreoffice.
So uninstalling libreoffice fails when libreoffice-oldstable is installed.
```
PS C:\WINDOWS\system32> choco list --local-only libreoffice
Chocolatey v0.10.3
libreoffice-oldstable 5.2.6
1 packages installed.
PS C:\WINDOWS\system32> choco list --local-only --exact libreoffice
Chocolatey v0.10.3
0 packages installed.
```
The solution is easy, just add `--exact`.
Apparently in some devices the filesystems gathering command can return
a dict containing a 'messages' key with the filesystems, instead of a
plain string.
Fixes#23217
* re-raise exception as expected
The current ThrottlingException handling code hides other actual exceptions from the user, and basically goes infinite loop instead. eg when the api caller doesn't have permission (example below) to use the api, ansible effectively hangs. adding the re-raise stops execution and shows the error to the command line as expected
can test by removing permission to the efs api, and calling the efs: module
The error was: botocore.exceptions.ClientError: An error occurred (AccessDeniedException) when calling the DescribeFileSystems operation: User: <x> is not authorized to perform: elasticfilesystem:DescribeFileSystems on the specified resource
* PEP8 fix
* Remove DryRun parameter in ec2_vpc_igw_facts check_mode
Using DryRun in check mode causes errors, and is not required
(as nothing changes when calling describe_internet_gateways)
Prevents the following error:
```
{"changed": false,
"failed": true,
"msg": "An error occurred (DryRunOperation) when calling
the DescribeInternetGateways operation: Request
would have succeeded, but DryRun flag is set."}
```
* ec2_vpc_igw_facts pep8 tidy up
Due to the number of "real world" caveats in the current runas become method, it was agreed that we'd warn that it's experimental on use. A potential future version based on LogonUser/CreateProcessAsUser will have very different requirements and limitations.
* . switched from 'user.id' to 'account.id' in REST API calls.
+ added ability to select desired account (by name or identifier) from list of accounts to which authorized user have access.
* + added account option addition version.
* Remove pubnub_blocks from PEP8-legacy list
* [cloud][tests] Create fixtures for using placebo to test boto3-using modules
* Use pytest's importorskip instead of manually skipping on missing deps
* Fix imports in cloudformation module
* Delete unused code
* Add maybe_sleep fixtures to speed up recorded test runs
* Build basic placebo-CFN tests
* Commit placebo recordings of basic stack operations
* Add placebo to test-requires
* Allow unit tests to run regardless of environment by setting a default region
* Use explicit relative import for Python 3 compat
* Use __name__ attribute that works on Python 2 and 3
These were deprecated back in the 1.x timeframe, so have been deprecated
for the 2 cycles required. They also do things wrong and should be
avoided anyway. Go ahead and remove them.
* GCP: backend service module
* GCP: rework param-checking code. Fixed a couple of bugs and changed to ValueError instead of custom tuple.
* GCP: fixed commit, spelled out Google Cloud for clarity in module description.
fixed itertools.imap busting several things that used to be lists,
profiles not being set correctly, upon create, when it was a separate
method, allowed port having the wrong lowest port (zero is allowed),
empty port value should just be interpreted as None.
The password_hash filter will generate a salt value if none is supplied.
The character set used by Ansible
(upper & lowercase letters, digits)
did not match that used by libc crypt
(upper & lowercase letters, digits, full stop, forward slash).
This resulted in a slightly smaller key space, and hence hashes would be
slightly easier to attack (e.g. by dictionary, brute force).
* Ansible 2.3 feature support for dellos6.
- With the new Ansible 2.3 infra changes, the dellos modules doesn't work
(the new infra changes are not backward compatible), so added the below
changes support it.
- Added the new terminal plugin for DellOS6
- Added the new action plugin for DellOS6
- Modified the modules to work with the new infra.
- with that it adds support for DellOS6 Persistent Connection support.
* Remove pep8 confirming files from dellos6.py and dellos6_config legacy-files
* add else statement to ensure instids is set
set res_list to None to avoid UnboundLocalError and fix iteration over a nonetype by adding an empty tuple
* make res_list empty tuple by default and check for instids before setting tags (fails otherwise)
* fix 'sequence' lookup shortcut syntax and documentation
* Update playbooks_loops.rst
Minor edits for grammar and clarity.
* Update playbooks_loops.rst
Another tweak for clarity.
If the banner is not set, the stdout of 'show configuration | begin banner <banner>'
returns empty string thus the re.search raises an exception.
Fixes#22216
The fix for leading junk in sudo output: fee6e29 causes problems with
ssh + sudo. On the initial connection using ControlPersist, the output
that we scan for the prompt contains both the command we're sending to
configure the prompt and the prompt itself. The code in fee6e29 ends up
sending the password when it sees the line configuring the prompt which
is too early.
Switch to a version that splits on lines and then checks whether the
first or last line starts with the prompt to decide if it's time to send
the password.
Fixes#23054
References #20858
The pass prompt expects an answer and compares a `str` to a binary buffer, thus crashing.
It's an obvious fix to help transitioning towards Python3 and hopes it does not need a specific test.
In old IOSXR versions, 'show commit changes diff' does not work.
Fall-back to 'show configuration' if that command fails so execution
can move forward.
Fixes#22235
When using state=latest with the package not being installled, Ansible complains that the package is not installed and fails the task.
Whereas the expected behaviour is to install the package when it is missing.
This PR fixes this behaviour.
* Fix a couple issues in synchronize with docker
* Make the rsync_opts parse as a list using the same criteria as
module_utils argumentspec parsing
* Do not quote arguments in the action plugin. The module will quote as
it knows whether it will invoke rsync with a shell or via exec.
Fixes#23046
The cron module forces changed=True when there was no real change,
but the original crontab did not contain a final newline, which is
mandatory.
When the user has no crontab or the user does not exist at all,
crontab -l exits with 1 and the cron module correctly interprets
this as "no crontab" and stores the old crontab as "".
However this triggers changed=True, even if we're not going to
change anything, e.g. when removing a crontab entry from a user
who has no crontabs at all.
Let's special-case the fact that the old crontab is empty and not
force changed=True in that case.
* Fixes bug https://github.com/ansible/ansible/issues/22455 - Git reset fails when file with the name 'origin' is present in the repository
* #22455 Integration test for git module to test if it clones a repository with a file named origin
* Fixed yaml errors for test/integration/roles/test_git_clone/tasks/main.yml
* Removed the newly added target git and moved the code to test/integration/targets/git
* Reorganised code structure as per comments
* Fixed playbook name
* Added code that didn't make it to the playbook before.
* No longer need git.yml
* Remove non tasks specific code from tasks file and use existing variables
* Removed msg var from the vars.yml
When the ios_config module has 'defaults' param it runs in the device the command
'show running-config all' but 'all' may not be available in older devices.
This change makes introspection by using the help command and run 'full' in case
'all' is not available.
Fixes#22747
* Add examples in os_server module showing userdata
Added an example using Bash and also using Cloud-init. Also, showing using {% raw %} and {% endraw %} to provide a pointer to those hitting similar issues to the ones I had.
* Removed erronious whitespace
* Ansible 2.3 feature support for dellos9 and dellos10
* Use Persistent Connection Manager
* Fix CI issue, revert the doc and metadata changes
* Reverted the meta_info (supported_by) to community from core
* Fixed the CI issues, use module_utisl.six and updated legacy-files
Set encrypted to default False, rather than None
Otherwise you get:
```
Invalid type for parameter Encrypted, value: None, type: <type 'NoneType'>, valid types: <type 'bool'>)
```
* Adding first checkin of resource_pool module
* fixing length issues and indentation multipliers
* mend
* mend
* mend
* remove * import from modules
* Add space on variable assignments
* changing line 321 to less characters
* fixing pep8 issues
* mend
* cleaning up example section
* Add RETURN section
* adding spacing to list
* all spacing consistent now
* move imports as per CI
* update integration tests for updated boto exception message
* integration tests fail on both "test credential" test cases
exception bubbles out of module. instead catch and wrap
* ec2_group does not support updating a security group's description
AWS security group descriptions are immutable.
if ec2_group finds a group that matches by name, but the descriptions do not match, the module does not support this case
previously it would check if the group was used, but would not do anything if it was
old behavior was erroneous because it could make a user expect that the description change of a group was fine when in fact it did not occur
also, it made an expensive check against all ec2 instances for no good reason
* comments not doc strings
* else must have pass w/o doc-string statement
* Catch specific BotoServerException, give context around error when fetching SGs
* python3 compatible exception blocks
* add traceback to fail_json
* two blank lines before first function
* fixes action handlers for sros
* fixes sros_config module execution to use AnsibleModule
* fixes sros_command module to use socket connection
* adds sros to constants
* key is ANSIBLE_METADATA, not METADATA
* Need to check that the node is an ast.Dict, not a real dict.
* Need to convert the ast.Dict into a real dict via literal_eval.
* synchronize: Convert cmd to list and fix handling of the copy_links argument
Converting cmd from str to list stops the pain of argument quoting/escaping.
* synchronize: Update imports according to #pullrequestreview-28758614
* fixes#15770
* When running under the UTF-8 codepage, Powershell subprocesses will fail (eg, Start-Job, others) if the input encoding is using the default BOM preamble. This fix forces it to use no preamble in leaf_exec and win_shell, and includes tests to verify that Start-Job works.
* win_command/win_shell: Clean up and make coherent
Changes include:
- Make win_command and win_shell more coherent
- Make condensed one-line more readable
* Revert to original formatting
This change to the template action plugin make template use the
platform's native newline_sequence for Jinja.
We also added the option `newline_sequence` to change the newline
sequence using by Jinja if you need to use another newline sequence than
the platform default.
This was previously discussed in
https://github.com/ansible/ansible/issues/16255#issuecomment-278289414
And also relates to issue #21128
* fixes#22441
* fixes#22655
* moves all env handling into the exec wrapper; this should work for everything but raw, which is consistent with non-Windows.
* Update module_utils.six to latest
We've been held back on the version of six we could use on the module
side to 1.4.x because of python-2.4 compatibility. Now that our minimum
is Python-2.6, we can update to the latest version of six in
module_utils and get rid of the second copy in lib/ansible/compat.
If the # is inside of quotes, it's a string. If it's outside of quotes
then an exception will be raised which we'll catch and then send to the
to_text() call at the end of the function anyhow.
Fixes#22868
The base64 stdlib functions require byte strings. So we have to
transform the strings into bytes before handing to the stdlib and then
transform them back into text before handing back to ansible.
Fixes#22873
The junos action handler was not honoring the host value in the provider
argument. This patch will now use the provider host entry if it exists
and falls back to the inventory hostname
Made ansible-doc more plugin agnostic
We can have docs in lookup, callback, connectionm strategy, etc
Use first docstring and make pepizis happy
generalized module_docs to plugin_docs
documented cartesian, ssh, default, jsonfile, etc as examples
changed lack of docs to warning when listing
made smarter about bad docstrings
better blacklisting
added handling of options/config/envs/etc
move blacklist to find_plugins, only need once
purge_subnets|routes were introduced recently.
ensure_subnet_associations now takes purge_subnets as a parameter. A
call to this function was missed when introducing this feature. With
out, results in a "got 5 expected 6" error.
Allows to health-check two services on one host. Before, asking for 2 health checks being present for `http://myhost:8888` and `http://myhost:9999` resulted in just a single health check, as this module considered the two specs as equal.
Bonus: route53_health_check now passes style guidelines
* ensure exit_json does not fail from stderr=False
- do a little bit of safety-checking in exit_json to not try to .splitlines() on a boolean
- remove the stderr=boolean from uri.py, this is the only spot that uses it (at least so obviously)
- add unit tests that call exit_json. These are useless because the stderr parsing is in _execute_module and is difficult to mock; deleting these tests after the commit.
* remove added unit tests per prev commit
exit_json doesn't do the param parsing, that is buried deep inside _execute_module.
* Fix get_s3_connection (fixes#22317)
Override aws_connect_kwargs rather than prepending to them. Should fix an issue in which `calling_format` is set twice in the kwargs passed to `boto.connect_s3` or `S3Connection` if a bucket name contains a `.`
* Revert "Fix get_s3_connection (fixes#22317)"
This reverts commit 7f61b8bebd2929940495204f1a98d660a55985d8.
* implements alternative way of fixing issue with aws_connect_kwargs for rgw and fakes3 (fixes 22317)
* add comment to explain why the keys are being removed from aws_connect_kwargs
* remove trailing whitespace on comment line
* don't modify an eni without eni_id
fix pep8
remove ec2_eni from pep8 legacy files
remove a couple unused variables in main()
fix the documentation
* fix yaml
If something else created the dir New-Item will throw an exception and
the task will fail. Check the existing file and as long as it's a dir,
we don't need to error out.
* cloudstack: fix connection by ENV vars and configs overloading
* cloudstack: pep8 cloudstack module_utils
* cloudstack: allow api_url to be set in ini config
* docsite: explain ENV vars support as written in python-cs for ansible
Add support for default credentials. Practically, this means that a playbook creator would not have to specify the service_account_email or credentials_file Ansible parameters.
Default Credentials only work when running on Google Cloud Platform. The 'project_id' is still required.
A test has been added to trigger this condition.
* allow users to control group var merge order
With ansible_group_priority var at each group will determine merge order with siblings,
falling back to sorted names when priority is equal as it did before.
Parent/children relationships still work as they did and have higher precedence than priority
* move priority setting to groups, sourc indep
* now both inventory and play group follow priority
* removed double exception handling
Due to how the result-dictionary is being used, in some codepaths it would have an empty dictionary.
This then is problematic if the code expects the 'changed' key later on.
I also improved the docs a bit, by clearly marking the parameter names and URL in the documentation.
* making ec2 pep8
* remove ec2 from pep8 legacy files
* missed a couple
* fix imports and remove iteritems
* making group_id and group_name mutually exclusive and fixing whitespace
* Tidy up docs for network 2.3 modules
* Use suboptions
* Correct indentation
* more tidyup
* bulk updates
* more tidyup
* Bulk changes
* nxos_mtu is dead
* revert
* NXOS_mtu is dead, also better layout
* rebase
* rebase
* win_scheduled_task: Added frequency: once and check_mode support
This patch includes:
- Renamed `execute:` parameter to `executable:`
- Renamed `argument:` parameter to `arguments:`
- Implemented `frequency: once` support
- Implemented check_mode support
- Fix idempotency issue related to empty description
- Added integration tests
* Improve the integration test structure
I think this is a great way to test normal mode and check-mode from the same playbook.
* Small fixes after review
* Clean up parameter handling and added check-mode support
Changes include:
- Remove trailing semi-colons
- Replaced PSObjects into normal hashes
- Make use of Get-AnsibleParam and types
- Added check-mode support
* Implemented -WhatIf:$check_mode support
* powershell.ps1: Ensure Fail-Json() works with Hashtables
Without this change a dictionary $result object would be emptied if it
is anything but a PSCustomObject. Now we also support Hashtables.
* Revert to original formatting
Fixes#22575 - issue under new exec wrapper where unconstrained handle inheritance (for stdin) caused WinRM to block on breakaway processes. Uses explicit handle inheritance to ensure that only stdin read handle gets inherited. Adds test to ensure that async is actually async.
On EAPI, the multi-line commands are expected to be a dict,
with key/value pairs 'cmd'/'input' .
This change implements that behaviour and fixes the idempotency
on EAPI as well.
Fixes#22494
Changes to the metadata format were approved here:
https://github.com/ansible/proposals/issues/54
* Update documentation to the new metadata format
* Changes to metadata-tool to account for new metadata
* Add GPL license header
* Add upgrade subcommand to upgrade metadata version
* Change default metadata to the new format
* Fix exclusion of non-modules from the metadata report
* Fix ansible-doc for new module metadata
* Exclude metadata version from ansible-doc output
* Fix website docs generation for the new metadata
* Update metadata schema in valiate-modules test
* Update the metadata in all modules to the new version
Currently the documentation utilizes with_subelements, but it does not parse the results correctly. By changing to with_items: and specifying the proper list, we are able to tag the instances as expected.
This will now print a log message that displays how long the ssh
connection took to establish to the remote device. If the connection
established time is exceed it will also print a message to the log file
that the connection attempts have exceed.
Updates default connection retries to 30
fixes#22319
Unclear how useful it is to still be catching BotoServerError exceptions
generally, especially when we are now hopefully handling most instances
of throttling, but kept it as it was already in the code. Moved to main
as catching BotoServerErrors inside individual functions will bypass any
AWSRetry.backoff decorator.
Move additional imports to top.
Use python2.6 formatting
A bit of cleanup on imports
Make one more string interpolation Python 2.6 compatible.
* Fix connection_draining idempotency in ec2_elb_lb
Ensure connection_draining types are equivalent when comparing
whether or not connection_draining is being changed.
This means that running `ec2_elb_lb` with connection_draining
set a second time will now report `changed=False`
* ec2_elb_lb: fixed latest Ansible standards compliance
Update to current pep8 standards, fix module imports
and remove module from exclusion file
* candidate var can now be string, list or element
* fixes minor bug in junos_template for backup argument
* disabled invalid integration test for junos_template
This is basically a replay of #16064 from `gce.py` to other pertinent
`gce_*.py` files. It enables expansions of paths in `gce.ini` like
`~/.project.json`
* removes cli functions
* adds comment and confirm to arguments
* implements zeroize argument
* fixes get_diff function in junos shared lib to return diff
* lots of minor bug fixes in junos_config
* minor syntax fixes in junos_netconf
* updates netconf integration tests
* junos_command should send all cli commands over netconf
* task based credentials are now optional
* commands and rpcs are not mutually exclusive anymore
* removes cli functions from shared lib
* adds cli functions to junos_netconf module
* statically pins junos_netconf to cli transport
* all other modules use netconf transport
* adds command rpc function to junos shared
* Fixes for junos_config errors
* Check transport settings for core Junos
* Don't pop from the same list you iterate over
* use of persistent connections are now explicitly enabled in junos
* modules must now explicitly enable persistent connections
* adds rpc support to junos_command
fixes#22166
The provider arguments where not correctly being mapped in the action
plugin for eapi transport. This will now correctly map existing
arguments as well as set the correct defaults for values.
fixes#22442
* Add simple module to import/delete ssl certificate from/to java keystore.
* add diff/check mode support, fix reported issues and simplify decision logic
* Fix build by adding new line at the end of file.
* Some updates to module requested PR review
* Add simple executable parameter
* Fix build error
* fix module doc fields
* More module docs corrections
* More module docs corrections
* More module docs corrections
* More module docs corrections
* correct aliases
* Review comments
* Must quote ':'
* More authors
* Use suboptions:
* restore type: bool
* type should be in the same place
* More tidyups
* authors
* Use suboptions
* revert
* remove duplicate author
* More issues post rebase
* Update the docs to conform to implementation
Somehow the docs were still mentioning a default timeout of 300 seconds.
Whereas the implementation defaults to 600 seconds.
* Improve examples even more
The map_config_to_obj calls the run_commands helper function,
which returns a list of results.
However, the map_params_to_obj return a single string.
Therefore, the comparison between the two datasets could never be equal,
breaking idempotency.
Also, the 'no banner' command should be run on absent only if there's a banner
text set.
Fixes#22194
* include upgraded packages in pacman upgrade action
* display upgraded packages as diff output for pacman upgrade
* document the packages return key
* add --diff support for installing, removing and checking packages
* include package versions in pacman diff output
* Add a new module for Cisco Spark notifications
* Added authentication validation to check mode
* Re-added description and removed Pylint references
* Moved the authentication test to the spark_message function
* removed duplicate fetch_url statements
* documentation formatting updates and if __name__ update
* recipient typo fix and added correct Formatting options to documentation options
* updated version added to 2.3
- Close the socket after use
- Use proper parameter types
- Remove redundant parameter options
- Clean up docs
- Move module from network/ to remote_management/
- Add check-mode support
* Retain vault password as bytes in 2.2
Prior to 2.2.1, the vault password was read in as byes and then remained
bytes all the way through the code. A bug existed where bytes and text
were mixed, leading to a traceback with non-ascii passwords. In devel,
this was fixed by changing the read in password to text type to match
with our overall strategy of converting at the borders. This was
backported to stable-2.2 for the 2.2.1 release.
On reflection, this should not have been backported as it causes
passwords which were originally non-utf-8 to become utf-8. People will
then have their working 2.2.x vault files become in-accessible.
this commit pipes bytes all the way through the system for vault
password. That way if a password is read in as a non-utf-8 character
sequence, it will continue to work in 2.2.2+. This change is only for
the 2.2 branch, not for 2.3 and beyond.
Why not everywhere? The reason is that non-utf-8 passwords will cause
problems when vault files are shared between systems or users. If the
password is read from the prompt and one user/machine has a latin1
encoded locale while a second one has utf-8, the non-ascii password
typed in won't match between machines. Deal with this by making sure
that when we encrypt the data, we always use valid utf-8.
Fixes#20398
(cherry picked from commit 5dcce0666a81917c68b76286685642fd72d84327)
* description is only required when group state is present
also note that AWS requires a non-empty description when creating a security group
* clarify description requirement
One way to trigger this is having this snippet in meta/main.yml:
dependencies:
- role: foo
when: "use_foo == True"
It shouldn't show a warning but since we assume that 'foo' is the old
style format, it always show one. So we should verify the
style before calling role_spec_parse.
* virt.py: autostart VM attribute
autostart is now an idempotent VM attribute instead of a non idempotent forced autostart attribute set to True
* Make shippable happy
* Missing version added
* Fix some points
* Autostart default is now None
* Ident fix
1. Check less aggressively for resources that take a long time to return
(some resources can take an hour or more).
2. Handle throttling when checking for resources, and back off quickly
when it occurs.
* Add user_data_path parameter to ec2_lc module
* Improve user_data_path parameter documentation
- Specify mutual exclusivity
- Specify `version_added`
- Change module parameter type to `path`
* Use correct comparison for user_data result
* Include traceback on error and use with block
* Only hide user data if provided in file
* Use packaging.version.Version instead of LooseVersion for better support of prerelease tags (eg, 0.30.0 > 0.30.0rc6)
* Add explicit check/error for msrestazure package
If a key has expired it will not be added by this module, so check for "expired" in the list of keys.
Example output with expired key:
pub 1024D/5072E1F5 2003-02-03 [expired: 2017-02-16]
uid MySQL Release Engineering <mysql-build@oss.oracle.com>
ensure_tags fails if `tags` is None rather than an empty
dict. Ensure that not passing `tags` parameter is equivalent
to passing an empty dict.
Fixes#21778
If the host .bashrc holds a var named HOSTNAME, the container
where the lxc_container module will attach to will inherit from
this var, potentially breaking some applications (like rabbitmqctl)
due to an incorrect $HOSTNAME reported in the container.
* Add flag to Docker pull_image to know when the image is already latest
Whenever the flag pull is set to 'yes' the resource is always defined
as 'changed'. That is not true in case the image is already at the
latest version.
Related to ansible/ansible#19549
* Docker pull_image does not change status if the image is latest
This commit also adds a new test script (ansible-var-precedence-check.py in code-smell/)
to provide us with another line of defense against precedence bugs going forward.
The precedence docs state that the INI vars have a lower precedence than group/host
vars files for inventory and playbooks, however that has not been the case since 2.0
was released. This change fixes that in one way, though not exactly as the docs say.
The rules are:
1) INI/script < inventory dir < playbook dir
2) "all" group vars < other group_vars < host_vars
So the new order will be (from the test script mentioned above):
8. pb_host_vars_file - var in playbook/host_vars/host
9. ini_host_vars_file - var in inventory/host_vars/host
10. ini_host - host var inside the ini
11. pb_group_vars_file_child - var in playbook/group_vars/child
12. ini_group_vars_file_child - var in inventory/group_vars/child
13. pb_group_vars_file_parent - var in playbook/group_vars/parent
14. ini_group_vars_file_parent - var in inventory/group_vars/parent
15. pb_group_vars_file_all - var in playbook/group_vars/all
16. ini_group_vars_file_all - var in inventory/group_vars/all
17. ini_child - child group var inside the ini
18. ini_parent - parent group var inside the ini
19. ini_all - all group var inside the ini
Fixes#21845
* Move retry logic into _ssh_retry decorator, and apply to exec_command, put_file and fetch_file
* Update tests to reflect change
* Move _ssh_retry to _run, and update tests to reflect
* piped should use exec_command instead of removed _exec_command
* Rework tests to support selectors instead of select.select
fixes integration test to check for full rpc-reply string when
converted from xml. This is a change from 2.2 as the rpc-reply tag
is no longer stripped off
* Fixes#21316, add testcase based on this
* Add option `--branch NAME` to git clone command in case of branch or
tag in combination with depth=1
* This option should work back to at least git 1.8 and thus on all
supported distributions
* Provide better warning if depth is dropped
This patch addresses a problem in nxos_facts where certain commands are
not supported or return no data, the module would raise an exception.
With this patch, the nxos_facts module will now print a warning for any
commands that return no data and not populate the facts.
fixes#22001
* - new module used for security policy creation
* - added support for API key authentication
- added support for Panorama
* documentation changes
* documentation update
* minor doc changes based on review comments
* move ANSIBLE_METADATA
* changes to docs per reviewer comments
* new module that allows for address service object creation
* added missing check for external library
* doc changes per review
* fixed choices string
* doc changes based on reviewer comments
* - changes per reviewer comments
* VLAG module and tests
* Correct the link in the description of the module
* Move roles to integration/roles directory and remove aliases file.
* update module short description
* Change module directory name to Lenovo
* change import cnos statement
* Initial commit of cnos_conditional_template
* fix compile error in module, change module short description, move roles to integration/roles
* fix line length
* Change module directory name to Lenovo
* change import cnos statement
* Initial commit of cnos_condition_command
* fix pep8 error of line too long
* fix pep8 tab/space issue
* Move roles to integration/roles directory and remove aliases file.
* Update module short description
* Change module directory name to Lenovo
* change import cnos statement
* initial comment of cnos_save
* Move roles to integration/roles directory and remove aliases file.
* update the module short description
* Change module directory name to Lenovo
* change import cnos statement
* fix in cnos.py utility file
* fix compile errors in cnos.py, update module short description in cnos_vlan.py, move vlan roles under integration/roles
* corrections in readme
* Change module directory name to Lenovo
* change import cnos statement
* initial commit
* fix tab/space issue
* fix space issue in vars/main.yml
* Move roles to integration/roles directory and remove aliases file.
* update module short description
* change module directory name to Lenovo and change import cnos statement
* cnos_portchannel initial commit
* Fix line length issue in module
* fix whitespace on line 90
* correct yamllint space issue
* Move roles to integration/roles directory and remove aliases file.
* update module short description
* Change module directory name to Lenovo
* change import cnos statement
* Updated win_acl.ps1 module with registry functionality
* adding registry functionality to the most recent win_acl module in ansible/ansible
* updated in sync with win_regedit.ps1
* Add role skeleton support
The default role skeleton used by ansible-galaxy is good, but it doesn't
allow organizations to customize it to suit their needs. This patch
addresses that by adding the option to point ansible-galaxy at a
role skeleton directory. The contents of this directory are then
copied (or rendered) into the output role directory. Appropriate
command line options and configuration entries are added to allow for
further customization from the role skeleton.
* Remove dependency on platforms list from test
Platforms are no longer provided to the template by galaxy init.
Removing the code in our test meta/main.yml template that relied on it.
* Fix whitespace issue
* New module fortios_address_group
* New module fortios_ipv4_policy
* New module fortios_ipv4_policy
* Fix pep8
* Fix alias doc problem
* Fix string format for 2.5 compat + close cnx
* Forgoten if string != ""
* Fix doc, change action to policy_action & add action as alias
* fix doc + bug in timeout + duplicate code for config compare
* Create class AnsibleFortios in module_utils/forios.py + use in ipv4_policy module
* remove json import
* python3 error handling compatibility
bad examples for srcadd or dstaddr s/any/all/
remove pyFG dependency in module (moved to module_utils)
id type is int but casted as string
call fortiosansible object sooner
typo in doc
* add gce_template.py
gce template manage GCE Instance Templates in Google Cloud Plateform.
* change gce_template on style/formating
Apply change on style/formating from reviewer request.
* change gce_template on style/formating again.
* Rename gce_template.py to gce_instance_template.py
* update gce_instance_template.py to pass CI
Oops :)
ERROR: Import found before documentation variables.
All imports must appear below DOCUMENTATION/EXAMPLES/RETURN/ANSIBLE_METADATA.
* Update gce_instance_template.py
change documentation replace gce_template by gce_instance_template
* Update gce_instance_template.py
Sorry for the typography fault. The day begins badly.
* Update gce_instance_template.py
apply text change
s/Compte/Compute/
s/Plateform/Platform/
s/forword/forward/
change documentation for subnetwork, subnetwork is name.
add mutually_exclusive in AnsibleModule arguments.
change disk_type as an option type.
* Update gce_instance_template.py
change the documentation.
* Update gce_instance_template.py
RETURN is required for all new modules. Is empty because no new return variable returned.
* Update gce_instance_template.py
Ansible will verify that only present/absent are passed as the state. This else is not needed.
* Added parted module
* Amended documentation
* Improved documentation
* Managed the case of parted not returning device information.
* Fixed Shippable test not passing
* Fixed compatibility with Python 2.4
* Cleanup of the state option, improved flags management, documentation refinements.
* Compacted format function, code style cleanups, amended comments.
* Fixed bug related to parted data parsing.
* Support for check-mode, amended size data type.
* Fixed Shippable test not passing.
* Added full suport for CHS and CYL units, applied suggested changes.
* Ansible Tower job_launch module
* Added RETURN documentation and fixed import locations
* remove superfluos required attributes, make tags a list, and fix some typos
* only join tags if they are actually a list
* use isinstance instead of type, cleanup imports
* [GCE] Google Cloud Spanner module
Supports the creation/updating/deletion of Spanner instances and create/drop databases.
* [GCE] On update, node count will not be reset to one if not specified.
* [GCE] fixed some imports.
* [GCE] rename display_name to instance_display_name
* [GCE] Recreate instance in order to have desired values at create time.
* Fix linter error on imports
* [GCE] Added force_instance_delete option to ensure an instance is not removed by mistake.
* [GCE] Google Cloud Spanner module
Supports the creation/updating/deletion of Spanner instances and create/drop databases.
* [GCE] On update, node count will not be reset to one if not specified.
* [GCE] rename display_name to instance_display_name
* Fix linter error on imports
* fixed doc bug
* Remove imports mistakenly brought in during merge
* WIP: wait_for_connection: Wait for system to be reachable
This action plugin allows to check when a system is back online and
usable by Ansible.
As an example, when doing a SysPrep and running Enable-WinRM.ps1, it
takes between 10 to 20 seconds between the WinRM TCP port to open, and
it actually being able to server Ansible requests. This time is variable
and depends on the boot process.
Current implementation is specific for Windows (WinRM) only, this will
be fixed shortly.
This fixes#19998
* Support other transport types
* Various improvements
- Fix reported typo
- Add transport_test support in accelerate plugin
- Ensure port is an integer
* Improve examples
* Small fixes
- Use correct ConfigureRemotingForAnsible.ps1 script name
- Only use win_ping when remote shell is known to be Powershell
- Add integration tests to CI framework
* Make sure the uri module warns about using the deprecated HEADER_ arguments, so that we can actually deprecate in a future version
* Use module.deprecate
* No need to de-dupe ourselves, looks like it is done somewhere I didn't initially see
* Renamed the avi_ansible_utils to avi. Fixed the import error and cleaned up code.
* Refactored all new modules to use the new module_utils.avi
* Added module_utils.avi to python 2.4 skip list
This is the original `hpilo_facts` module that was once accepted in
Ansible but had been removed subsequently because it could not be tested
by the Ansible project.
Since then it was moved to the ansible-provisioning project and
maintained by HP engineers going forward.
Now we are trying to get it upstreamed again.
* new implementation of win_msg. TODO tests
* added check_mode. Get-AnsibleParam for parameters. Default msg is now 'Hello world!'. Use hash for $results.
Re-ordered some parameters alphabetically.
Documentation now in raw strings. Removed spurious required: false. Added metadata.
* Keep pep8 checks happy
* Really keep pep8 checks happy this time
* update Changelog.md
* make bracket style internally consistent
* added units to display_seconds description
This is the original iso_extract module from the ansible-provisioning project.
We are upstreaming all our modules, and this PR is part of that process.
This is the original `hpilo_boot` module that was once accepted in
Ansible but had been removed subsequently because it could not be tested
by the Ansible project.
Since then it was moved to the ansible-provisioning project and
maintained by HP engineers going forward.
Now we are trying to get it upstreamed again.
Fixes ansible#21796 Prevent users from deleting buckets rather than objects by making object parameter and mode=delobj mutually exclusive in task.
https://github.com/ansible/ansible/issues/21796
* Added check for avi SDK version as suggested in review.
* Fixed documentation based on review.
* Renamed module_utils.avi to module_utils.avi_ansible_utils
as import of avi.sdk would fail due to name collisions.
Moved the code to check for AVI version into the ansible modules.
* Updated the module with note about reason for name change.
* Add quota for the number of floating IP's to allow in Network.
* Add nova_floating_ips and neutron_floating_ips aliases to avoid confusion.
* rename aliases to compute_floating_ips and network_floating_ips.
* fixes and improvments for win_iis_webapppool module
* fixes following review feedback on win_iis_webapppool
* Fixed a too-long line in win_iis_webapppool documentation.
* Fixed trailing whitespace for pep8 compliance in documentation win_iis_webapppool.py
* fixed bracket bug
* module parameter attributes now populated. Switched to hashtable for result object. Removed remaining ; statement terminators.
* Remove example that was causing CI check failure
The list_elbs call to boto doesn't use any pagination, so any time there
are more ELBs than the API page size, this module will fail. This change
uses the `next_token` attribute of `ResultSet` to check if there are
still more ELBs to return.
Fixes#21361
* clarify facts assignment for several corner cases
run_once/delegate_facts:
now delegate_facts > run_once, previously run_once always published facts to all hosts in play
include_vars/delegate_to:
now include_vars allows to delegate to a specific host
also fix task_vars exception in delegate_facts/loop as var was removed
fixes#15365
* removed unused loop_var
Gerrithub presents tgz downloads that do not have a containing
directory. This causes a stack trace.
As all roles must contain a meta/main.yml, change ansible-galaxy
to use that to determine the enclosing directory (in the case
of multiple meta/main.yml files, use the one with the shortest parent)
Fixes#15413
* Make more use of AWS Exception information
* Use pythonic dict assignments
* Improve documentation formatting to make option names clearer
in descriptions
* Meet ansible line length requirements
* Tidy up flake8 messages
* Subscibe to pools matched by id before name matches.
If the pools regex matches any pool ids, then subscribe only to those pools.
If there are no pool id matches, then attempt to match the regexp and pool names.
If there are pool name matches, subscribe to those pools.
Fixes#19466, https://github.com/ansible/ansible-modules-core/issues/3898 (partially)
* Add pool id/name matches to 'to keep' list
use subscribe() to use the pools-first logic on update
When trying to copy files onto a Virtio-9p filesystem[1][2] int the host
using something like the template module, ansible throws an error that
says something like:
invalid selinux context: [Errno 95] Operation not supported
Adding 9p to the list of exceptional filesystems forces ansible to not
try to set an SELinux context on copied files.
[1] such as one mounted in a qemu VM, using:
# http://www.linux-kvm.org/page/9p_virtio
qemu-kvm [...] -virtfs local,id=apps_dev,path=/host/dir,security_model=passthrough,mount_tag=host_dir
[2] https://www.kernel.org/doc/Documentation/filesystems/9p.txt
Change-Id: Ia868dadce1ffd2b5bebf5ee1804501676e9d7e5f
This is the original `hponcfg` module that was once accepted in
Ansible but had been removed subsequently because it could not be tested
by the Ansible project.
Since then it was moved to the ansible-provisioning project and
maintained by HP engineers going forward.
Now we are trying to get it upstreamed again.
* Fix vyos signatures to match new versions
* Fix test cases referring to 'updates' instead of 'commands'
* I think this is an artifact of `connection: network_cli`?
* module will now check protocol running state before return
* warns on config argument no longer being needed
* lots of integration test cases updated
* updates unit and integration test cases for state check
fixes#21908
eos_config module wasn't respecting config block path (parents). This
patch fixes that problem. Also fixes a number of integration tests
cases
fixes#21903
* win_copy: Add force parameter and check-mode support
The rationale behind this is that if you're working with +3GB files,
creating the checksum takes a lot of time, which we can avoid by simply
testing if the file exists.
I also took the liberty to put the various parameters together. It
probably takes a (neglible) performance hit but makes the code a bit
easier to inspect/work with, as its closer to all other windows modules.
On a normal run, the action plugin does a local checksum of the source
and a remote checksum of the destination. And afterwards, the module
will do another remote checksum of the copied source, a remote checksum
of the original destination, and another remote checksum of the copied
destination.
On a very huge file (think 4GB) that means 5x reading the complete file
(if you have a large cache you may get away with it, otherwise you're
doomed !).
This patch will ensure with `force: no` that not checksums are being
performed.
* Moving presence check before remote checksum
* Adapted to wishes
* Even more performance improvements
We can diff non-utf8 files (as part of copy, for instance) but when we
try to turn the bytes into text for display, the characters cause
a traceback. Since diff output is only informational, we can replace
those problematic bytes with replacement characters. We do not want to
do this to other fields because those fields may be used inside of the
playbook (for templating another variable or matching in a conditional).
Fixes#21803Fixes#21804
Since vault edit attempts to unlink
edited files before creating a new file
with the same name and writing to it, if
the file was a symlink, the symlink would
be replaced with a regular file.
VaultEditor file ops now check if files
it is changing are symlinks and instead
works directly on the target, so that
os.rename() and shutils do the right thing.
Add unit tests cases for this case and
assorted VaultEditor test cases.
Fixes#20264
Fix 'task name is not templated in retry callback'
Add a task_name property to TaskResult that knows to
check in TaskResult._task_fields.
Add integration test for v2_retry_runner callback
Fixes#18236
get_masquerade_* functions only take one arg. The action_handler
wrapper function expected a tuple, but was being passed (zone)
instead of (zone,) making for an ambiquous tuple. The
(zone) arg was being treated as a tuple/list of six chars
(the zone name) instead of a tuple of one string.
This would cause errors like:
get_masquerade_enabled_permanent() takes exactly 1 argument (6 given)
Fixes#21632
* New module for setting up Avi Pool
* Fixed inconsistency between argspec and documentation regarding defaults and required attributes
* Added support for module_check
* Added new module to setup Avi VirtualService
* Fixed the documentation error where [] brackets where used making it incompatible with yaml
* Fixed inconsistency between argspec and documentation regarding defaults and required attributes
* Added support for check mode
* New module for setting up Avi SSL Key and Certificates for Virtual Services
* Fixed inconsistency between argspec and documentation regarding defaults and required attributes
* Added support for module_check
* New module for setting up Avi Pool Group settings.
* Fixed inconsistency between argspec and documentation regarding defaults and required attributes
* Added support for module_check
* New module for setting up Avi Pool Health Monitors
* Fixed inconsistency between argspec and documentation regarding defaults and required attributes
* Added support for module_check
* Update metadata on existing openstack instances
This adds or updates existing keys, but doesn't remove them
Fixes#5500
* Set meta to {} if None
* Move common metadata parsing into a method
* win_environment: Clean up, check-mode and diff support
Changes include:
- Remove trailing semi-colons
- Replaced PSObjects into normal hashes
- Make use of Get-AnsibleParam and types
- Added check-mode support
- Added diff support
* Improve diff-support by using standard naming
I started to use the variable $diff_support for the boolean that takes
care of diff output support.
Changes include:
- Use Get-AnsibleParam with -type/-validateset
- Replace $result PSObject with normal hash
- Deprecate 'upgrade' parameter by using state=latest
* win_user: Clean up parameter handling and $result hash
Changes include:
- Use of Get-AnsibleParam and parameter types/validateset
- Removed parameter validation
- Replace $result PSObject with normal hash
* Revert to original formatting
* Parameter "groups" is a list
The requests python module is needed, however it is not a dependency of
the python-winrm package. The python-winrm package does require
python-requests_ntlm, which does not seem to pull python-requests.
So for the time being (until Red Hat fixes their package) give a more
informative error message.
* win_file_version: Clean up parameter handling and $result hash
Changes include:
- Replacing $result PSObject with hash
- Use Gt-AnsibleParam using -type
* Revert to original formatting
* win_group: Clean up and check-mode support
Changes include:
- Use Get-AnsibleParam with -type/-validateset support
- Replace $result PSObject with normal hash
- Add check-mode support
* Revert to original formatting
* win_owner: Clean up and check-mode support
Changes include:
- Use Get-AnsibleParam with -type/-validateset
- Replace $result PSObject with normal hash
- Add check-mode support
* Implemented -WhatIf:$check_mode support
* Revert to original formatting
* win_share: Clean up parameter handling
Changes include:
- Use Get-AnsibleParam with -type/-validateset
- Replace $result PSObject with normal hash
* Revert to original formatting
* win_lineinfile: Clean up and check-mode and diff support
Changes include:
- Use Get-AnsibleParam with -type support
- Replace $result PSObject with normal hash
- Remove trailing semi-colons
- Fix indentation (majority is tabs, few lines using spaces)
- Add check-mode support
- Support `r and `n for CR and LF
- Add diff support
* Implement -WhatIf:$check_mode support
* Keep original formatting as requested
* win_stat: Clean up and bugfixes
- Fix an issue where LastWriteTime was actually LastAccessTime
- Return lnk_source = $null for a broken link
- Remove a useless -Replace '\\','\\'
- Make use of new parameter options (-type and -aliases)
* Deprecate get_md5 with checksum_algorithm: md5
As suggested in comments we deprecate get_md5 and internally
replace it with `get_checksum` and `checksum_algorithm: md5`.
We show a warning to the user about this change.
Also remove empty warnings output. This simplifies modules code
(e.g. standard empty list is provided and snippets can add items).
* Adapted to use the new Add-DeprecationWarning() mechanism
* Revert to original formatting
* powershell.ps1: Add str type and ignore $null values
Changes include:
- New "str" type support using -type "str"
- Ensure that $null values are retained (for bool and str types)
(Note: $null means unspecified value for parameters)
- Some minor cosmetic changes
* Also add -type "int" and -type "float"
No modules require this at the moment though.
* win_slurp: Small cleanup
Included changes:
- Rewriting the parameter handling (aliases and type)
- Modified the $result hash for both Exit-Json and Fail-Json
- Changed the Test-Path statement
* Revert to original formatting
* win_get_url: Clean up and check-mode support
Changes include:
- Clean up parameter handling
- Replace $result PSObject with hash
* Revert to original formatting
When parsing the configuration, the wrong indent level was set so the
configurations could not be properly compared. Also noted that
defaults: yes needed to be added to the integration tests to make the
test cases valid, which is also included in this patch
fixes#21828
* Added the aix_inittab module to be able to modify the inittab at AIX systems.
* fixed identation errors
* fixed identations and trailing whitespace
changed if conditions
* repaired tab-identation
* adjusted to long line and identation
* Adjusted the yaml in the example documentation
* Adjusted the documentation yaml
* Repaired return yaml
* repaired typo
* Removed unnecessary parameters from comment
changed action to state, and changed the way to call this module
changed proccessaction to action
* adjusted result['warnings'] to module.warn()
* adjusted the documentation
* changed warning to failed
ran module against autopep8
* added check_mode
* fixed typo
* changed description and short description, to be able to push again after a failure at shippable
Set the `force` flag to false to:
- protect existing Keys from being overwritten
- check if a Key was already existing by evaluating
the returned `changed` status
When retrieving the http_port, https_port values from the configuration
of the device, the values need to cast to int in order to correctly
compare against the argspec values. This patch fixes that problem.
fixes#21832
trying to import from the wrong shared lib, this patch changes
network_common to connection. Also fixes a bug found in the nxos
action plugin to detect transport
fixes#21829
The reverted change (Examples syntax batch7 (#5624), 99de7f0) makes the
example not match its description.
modified: lib/ansible/modules/utilities/logic/set_fact.py
Sending the save command over nxapi requires text mode otherwise nxapi
will reject the command. This commit ensures that the command is always
sent in text mode
fixes#18971
The nxos action handler did not map the nxapi value to the provider
argument properly. There as an additional fix in the nxos shared lib
to properly detect nxapi being set
CentOS's cloud image wiki page (wiki.centos.org/Cloud/AWS) gives an
example of using their product code to search for AMIs. This commit
adds an optional parameter to ec2_ami_find to allow this filtering.
Does't map remote_user back into vars if connection is local to preserve
the user variable. This is done to be able to set connection_user
prop in play_context for the network_cli plugin connection
added new base class for file based cache plugins as 99% of code was common
now also catches unexpected decoding exceptions
allows per module file modes and encoding
moved jsonfile code to base
There as an invalid key in the command dict that would cause failure
using prompts. This changes the key from response to answer which is
what is expected by network_cli
* Fix string formatting
* Provide better tracebacks
* When options is None and extends_documentation_fragment is in use, add an error that options must be a dict
* If options was specified and not a dict, then error
MySQL returns privileges on columns as "PRIVILEGES (column)".
For permissions to be correctly matched, it must be specified exactly the
same in the module argument. A resulting string is like
"dbname.dbtable:PRIVILEGES (column)". Thus, the space before the opening
parenthesis must also be removed when creating the set of privileges for
validation.
* #19587: refactor to PEP8
* Issue: #19587: add skip_broken option to yum module
PNTSYSOPS-1901 - internal reference
Signed-off-by: Veaceslav Mindru <vmindru@redhat.com> <mindruv@gmail.com>
* Issue: #19587: fix line break, attempt to make readble
things at line 646 look ugly ..
trying to make them look a bit more human readble
though the entire approach should be rewriten
PNTSYSOPS-1901 - internal reference
Signed-off-by: Veaceslav Mindru <vmindru@redhat.com> <mindruv@gmail.com>
* #19587: fixing typo, skip-broken has to be passed as list
* PR: #21475: peer review changes
relates to: revert comment deletion https://github.com/ansible/ansible/pull/21475#discussion_r101574146
relates to: remove irelevant var https://github.com/ansible/ansible/pull/21475#discussion_r101573388
relates to: reformat https://github.com/ansible/ansible/pull/21475#discussion_r101572840
Signed-off-by: Veaceslav Mindru <vmindru@redhat.com> <mindruv@gmail.com>
* PR: #21475: peer review changes
relates to: https://github.com/ansible/ansible/pull/21475#discussion_r101573736
Signed-off-by: Veaceslav Mindru <vmindru@redhat.com> <mindruv@gmail.com>
* Issue: #21475: fixing typo in the Man section
Signed-off-by: Veaceslav Mindru <vmindru@redhat.com> <mindruv@gmail.com>
* PR: #21475 - Peer review: revert variable a
Relates to: https://github.com/ansible/ansible/pull/21475#pullrequestreview-22404868
Signed-off-by: Veaceslav Mindru <vmindru@redhat.com> <mindruv@gmail.com>
* Issue: 19587 - small correction
Signed-off-by: Veaceslav Mindru <vmindru@redhat.com> <mindruv@gmail.com>
In order to populate the total and free mem of an IOS device, we run
the 'show memory statistics' command.
The output shows something similar to:
Head Total(b) Used(b) Free(b) Lowest(b) Largest(b)
Processor BEAE880 335215488 64044364 271171124 268918092 268463852
I/O 8DAE880 51380224 41880736 9499488 9461552 9352252
We need to just parse the line containing 'Processor' and get the first and third
number for total and free mem, instaed for first and second as the code wrongly
does.
* Adding Cumulus NCLU module
* Delete incorrect testing folder
* wrong import location for nclu test
* another wrong import location for nclu test
* unittest library doesn't support 'skip', removing 'real' nclu tests
* Don't need stringio since I'm not doing real tests
* got rid of unnecessary shebang in test_nclu
* version set to 1.0
* Documentation fixes
'encrypt_string' only options were being referenced when using
other vault subcommands. That code is moved inside a check
for 'encrypt_string' action now.
This allows getting the Vault token from the `VAULT_TOKEN` env var or
from the file `$HOME/.vault-token`, as both of these are understood by
the Vault CLI and are a common place to put Vault tokens. This allows
avoiding hard-coding a Vault token into playbooks or having to include
lookups.
`HOME/.vault-token` is nice because a user can authenticate with the CLI
using `vault auth` and then the token will be stored in
`$HOME/.vault-token`. If we read this file, then we allow someone to do
`vault auth` "out of band" to set up Vault access.
The following items were implemented:
- Replace PSObject with normal hash
- Replace Set-Attr function with normal hash assignment
- Re-indent code (make sure everything uses 4 spaces)
- Remove trailing semi-colons
* fixes error where eos would close the cli shell
* fixes network_cli connection plugin to check before calling open_shell()
* fixes json commands being sent over eapi
* Add new module aos_logical_device
* Add hard stop to documentation
* Removed required false from documentation
* Add comment before sleep
* Replace IP Pool by Logical Device in the doc
* Add module aos_login
* Cleanup documentation and add hard stop
* Add default value in doc for port and remove required: false
* Fix typo in doc for check mode
* Add module aos_asn_pool
* Add hard stop to documentation
* Remove required: false from doc
* Add pool name in error message when in_use
Change Asn for ASN
* Change the documentation for content
* Initial version of aos_device
* Clean up documentation
* Move try/except closer to device.approve
* Remove non valid characters
* Change option approve to type bool and fix some typo
* Move availability_zone docs to each OpenStack module
This argument is in the central list for hysterical raisins (mostly me
being a doofus) but is used in almost none of them. Document it
explicitly in each module to stop the confusion.
* Fix two docs formatting bugs
This patch adds some checks on the path that is accessed as a container,
making sure it looks like one. It implements the connection method and
add adaptations to the modern way of writing connections for Ansible.
It also rewords docs and vars to use the nspawn terminology instead of
chroot.
This commit adds a connection driver built on top of systemd-nspawn.
This is similar to the existing `chroot` driver, except that nspawn
offers a variety of additional services. For example, it takes care of
automatically mounting `/proc` and `/sys` inside the chroot environment,
which will make a variety of tools work correctly that would otherwise
fail.
You can take advantage of other system-nspawn features to perform more
complicated tasks. For example, on my x86_64 system I have a Raspberry
Pi disk image mounted on `/rpi`. I can't use `chroot` with this because
the binaries contained in the image are for the wrong architecture.
However, I can use the systemd-nspawn `--bind` option to automatically
insert the appropriate qemu-arm binary into the container using an
inventory file like this:
pi ansible_host=/rpi ansible_nspawn_extra_args='--bind /usr/bin/qemu-arm --bind /lib64'
See http://www.freedesktop.org/software/systemd/man/systemd-nspawn.html
for more information about systemd-nspawn itself.
* Add a vault 'encrypt_string' command.
The command will encrypt the string on the command
line and print out the yaml block that can be included
in a playbook.
To be prompted for a string to encrypt:
ansible-vault encrypt_string --prompt
To specify a string on the command line:
ansible-vault encrypt_string "some string to encrypt"
To read a string from stdin to encrypt:
echo "the plaintext to encrypt" | ansible-vault encrypt_string
If a --name or --stdin-name is provided, the output will include that name in yaml key value format:
$ ansible-vault encrypt_string "42" --name "the_answer"
the_answer: !vault-encrypted |
$ANSIBLE_VAULT;1.1;AES256
<vault cipher text here>
plaintext provided via prompt, cli, and/or stdin can be mixed:
$ ansible-vault encrypt_string "42" --name "the_answer" --prompt
Vault password:
Variable name (enter for no name): some_variable
String to encrypt: microfiber
# The encrypted version of variable ("some_variable", the string #1 from the interactive prompt).
some_variable: !vault-encrypted |
$ANSIBLE_VAULT;1.1;AES256
< vault cipher text here>
# The encrypted version of variable ("the_answer", the string #2 from the command line args).
the_answer: !vault-encrypted |
$ANSIBLE_VAULT;1.1;AES256
< vault cipher text here>
Encryption successful
* add stdin and prompting to vault 'encrypt_string'
* add a --name to encrypt_string to optional specify a var name
* prompt for a var name to use with --prompt
* add a --stdin-name for the var name for value read from stdin
* removes unneeded supports_multiplexing var
* refactors terminal_prompts_re to terminal_stdout_re
* refactors terminal_errors_re to terminal_stderr_re
* updates network_cli unit test cases
The network_cli plugin would return immediately if an error was
detected. This patch will force the connection plugin to still try to
detect the current prompt even if an error is found.
Moving it to after the blocks where per-item results are calculated,
as it's not used there and causes quite a performance hit being there.
Fixes#21340
* refactors supports_sessions to a property
* exposes supports_sessions as a toplevel function
* adds open_shell() to network_cli
* implements open_shell() in eos action plugin
* Add NetApp SolidFire volume module
* Make requested changes
* Make requested changes
* Set supports_check_mode to True
* Make requested changes
* Change new_account_id to account_id, 512emulation
* Make requested changes
* Add alias for enable512e
* Move byte_map to utils and add exit message
* Update description for ‘attributes’
* refactor postgres,
* adds a basic unit test module
* first step towards a common utils module
* set postgresql_db doc argument defaults to what the code actually uses
* unit tests that actually test a missing/found psycopg2, no dependency needed
* add doc fragments, use common args, ansible2ify the imports
* update dict
* add AnsibleModule import
* mv AnsibleModule import to correct file
* restore some database utils we need
* rm some more duplicated pg doc fragments
* change ssl_mode from disable to prefer, add update docs
* use LibraryError pattern for import verification
per comments on #21435. basically LibraryError and touching up its usage in pg_db and the tests.
fix failing fail_json call in postgresql_schema
- Bugfix Pull Request
modules/database/postgresql/postgresql_schema
```
2.3.0
```
Here's an example of the error that was coming out. Massaged some linebreaks and backslashes to make it more readable:
"module_stderr": "Traceback (most recent call last):
File "/tmp/ansible_3X05GE/ansible_module_postgresql_schema.py", line 274, in <module>
main()
File "/tmp/ansible_3X05GE/ansible_module_postgresql_schema.py", line 265, in main
module.fail_json(msg="Database query failed: %s" %(text, str(e)))
NameError: global name 'text' is not defined
",
Now it triggers with the correct exception and shows the traceback. This duplication of str(e) and traceback seems to be the best design pattern.
Sample of the new output:
An exception occurred during task execution. The full traceback is:
Traceback (most recent call last):
File "/tmp/ansible_gp4v1Q/ansible_module_postgresql_schema.py", line 254, in main
changed = schema_create(cursor, schema, owner)
...
return super(DictCursor, self).execute(query, vars)
ProgrammingError: permission denied for database schemadb
fatal: [localhost]: FAILED! => {
"changed": false,
"failed": true,
...
},
"msg": "Database query failed: permission denied for database schemadb\n"
allows user to force persistent connection to close, needed for when
you want to benefit from changes applied to the current play but persistent connections
prevent them from being realized.
If versioning is not enabled, then `get_bucket_versioning`
can return an empty dict.
If that happens, the code to enable versioning should still
run!
The logic for suspending versioning was also incorrect, so
have updated that too.
Fixes#20491
Introduces `ignore_nonexistent_bucket` option that does not require ListBuckets permission, so less permissioned IAM roles can still be used with this module.
Fixes#20501
This change will now check the cli context after a module runs and if
the cli is still in config mode it will exit config mode. Also fixes a
minor issue with converting list of commands to a dict
fixes#21481
* First set of CNOS network modules
Two modules: cnos_vlan and cnos_command. First 2 of 17 CNOS modules
* Revert "First set of CNOS network modules"
This reverts commit 63da68b2a857e622b449f514050eed25fbcf0a35.
* cnos_vlan module
First of 17 CNOS modules
* Modify playbook for cnos_vlan module testing
* fix issue found by shippable in cnos.py
* cnos_backup module
* Fix Python3.5 compilation error
* remove cnos_backup module from this PR
* add aliases file so that testing of the cnos_vlan module will be skipped.
* Use empty aliases file
* utility scripts under module_utils changed to BSD license.
* clean up PEP8 issues, add cnos_vlan tests
* remove blank lines from yml files
* remove more blank lines
* remove even more blank lines
* Revert "remove even more blank lines"
This reverts commit bb3998661ce387260340bca39d5f146f5ec54f44.
* re-submit last commit
* fix blank lines in this file under parsing
* fix yamllint errors in doc section of cnos_vlan
* Fix errors reported by Sanity check using validate-modules
* change test playbook to include tasks for all modules
* fix additional pep8 errors
* more fixes, plus fix for python3
* fix for empty options section, removed unnecessary documentation
* fix up documentation section
* Correct options capitalization
* fix example section, add options
* Fix example section of the documentation
* Bug Fix for win_lineinfile and updated examples.
- changed $backrefs to a bool so it works with true/false/yes/no. This also fixes idempotency.
- Updated Docs with an example of using backrefs.
* Made suggested updates and converted two more parameters to "bool"
* Updated the Exception message
- Now contains the Windows Exception message as well as a custom message to help point in the right direction of a failed write.
* Updated Exception Handling
- Added Exception checks for Creating and removing the temporary files.
- Changed the ErrorAction on the copy tmpfile and remove tmp file to "Stop" to
cause the exception handler to catch all errors so we can fail gracefully
every time.
* resolve#21056 - Add support for full cloning. Fix some issues. Update doc
* Fix condition and update doc. Fixes#28585
* Using built-in helper for argspec, revert ansible metadata, add more control and remove type in documentation
* PEP8 style compliance
I have from time to time a need of random password without
wanting to write them down (one example is mailman list creation,
that requires a password to be given to be sent to the list owner).
But using /dev/null do not return null, but the empty string, which
doesn't generate a password at all and so do not achieve my use case.
* Add tests for `get_fqdn_and_port` method.
Currently tests verify original behavior - returning default `ssh-keyscan` port
Add test around `add_host_key` to verify underlying command arguments
Add some new expectations for `get_fqdn_and_port`
Test that non-standard port is passed to `ssh-keyscan` command
* Ensure ssh hostkey checks respect server port
ssh-keyscan will default to getting the host key for port 22.
If the ssh service is running on a different port, ssh-keyscan
will need to know this.
Tidy up minor flake8 issues
* Update known_hosts tests for port being None
Ensure that git urls don't try and set port when a path
is specified
Update known_hosts tests to meet flake8
* Fix stdin swap context for test_known_hosts
Move test_known_hosts from under basic, as it is its own library.
Remove module_utils.known_hosts from pep8 legacy files list
hashlib hashes operate on byte strings. When given a text string on
Python3, hashlib backtraces. When given a text string on Python2,
hashlib will backtrace if the string contains non-ascii characters.
Encode the text string to utf-8 prior to hashing to avoid this problem.
Fixes#21452
'#' and ';' are both valid comment chars for sysctl.conf files
according to the 'man sysctl.conf':
"Lines which begin with a # or ; are considered comments and ignored."
Fixes#20569
* removes unused code
* removes module_utils/local.py
* removes plugins/action/network.py
* removes action_handler from connection plugins
* removes code to use action_handler in task_executor
* updates action plugins to subclass from normal
The f5 module utils were using a file name that appeared to
conflict with the f5 python SDK's namespace. This patch just changes
the name of the included class to be f5_utils to avoid the issue
of namespace collisions
This completes the refactor of the nxos modules to use the persistent
connection. It also updates all of the nxos modules to use the
new connection module and preserves use of nxapi as well.
* updates all iosxr modules to support persistent socket
* adds iosxr action plugin to connect to device
* adds exec_command() to iosxr shared module
* fixes iosxr_config and iosxr_template local action
* update all unit test cases
* adds base test module for iosxr module testing
Don't try to create tags on a vpc that you've just removed.
Avoids
```
"msg": "An error occurred (InvalidParameterValue) when calling the CreateTags operation: You must specify one or more tags to create"
```
Although not quite sure why the `create_tags` was being called
as `module.params.get('tags')` *should* have returned `None`.
I plan on converting most all f5 modules to use the rest api, so
this is part of that conversion. it adds a factory method to get
the various rest management root apis provided in the f5 sdk
* Refactor E-Series AMG module to use module_utils
Refactor the NetApp E-Series module to utlize the common module_utils
and doc_fragments.
* Resolve a PEP8 issue with a missing newline
* Resolve compatibility issue with json import
* removes connection functions refactored into connection
* updates ComplexDict and ComplexList objects to use with AnsibleModule
* updates modules to add new argument to ComplexList & ComplexDict
* fixes issue with load_provider() not checking for an existing key
* adds updates to eos_config results key
* lots of minor syntax fixes in eos shared module
* adds eos_argument_spec to eos_eapi
fixes#21402
* Marks metadata files as outdated
Eliminates time records of the metadata and mirrorlists download
for each repository. This forces yum to revalidate the cache for
each repository the next time it is used.
* Command arguments in two separate strings to be compatible if run_command implementation changes. Doc explains a little better what is that parameter doing
* Added PubNub BLOCKS management module.
* . increased block start/stop wait to 30 seconds
* . fixed multi-line documentation
* . fixed YAML formatting in documentation section
* . removed multi-line commits
. fixed YAML format in description section
* . updated test script to upload event handler sources if non-local connection used for tests
. changed module configuration parameter from 'block' to 'name' (represent target block name)
. updated module docs regarding 'chanes' configuration parameter. Only block 'name' can be changed using this parameter ('description' can be changed directly in module call configuration)
. changed module configuration parameter from 'pwd' tp 'password'
. migrated 'urlencode' import from try..catch to six module imported from Ansible module utils
. removed custom method which is used to verify whether value is empty
* ^ fixed value for key-path function usage with names of application/keyset/block and handlers.
. reduced unnecessary requests (better pre-procesing of previous results)
. event handler name change won't trigger block restart
* ^ fixed too long documentation lines
* . moved PubNub BLOCKS client code into separate package under PyPi
. updated module code to utilize new package
. changed block start stop state to: started and started
* . small changes in documentation format
* Adding an elasticache snapshot module.
Allows user to create, copy, or delete a snapshot.
* Removing unnecessary function
* Make indentation uniform.
* Making requested changes.
Fixing PEP8
Adding a more graceful fail for delete() if the snapshot's state valid (such as when it is in the process of being created).
* PEP8
* Fixing some formatting
move imports
fix parameter alignment
* move imports to the top of the file below documentation
This patch enhances waiting operation of stateless VM to be down.
Because stateless VM creates a snapshot and removes it after the
VM is shutdown, we must wait until the VM is really prepared to
start again.
When loading the params in the local action, the provider key was
inadvertently being loaded as well. This created the circular
reference. The load_provider() method will now check for the provider
key and skip it when encountered.
fixes#21399
* Added Ordnance network module.
* Tidied up code base as per PR20436
* Whitespace blocking PEP8 test
* Removed acciental addition to VERSION
* Removed acciental addition to VERSION
* Documentation YAML issues
* removed force arg (depreciated)
Including this check in module utils so that it can be done
automatically in all F5 modules. This includes the ones that
do not yet use the f5-sdk because those modules too will move
to the SDK in the future
* updates eos modules to use persistent connection socket
* removes split eos shared module and combines into one
* adds singular eos doc frag (eos_local to be removed after module updates)
* updates unit test cases
* adds conversion to command dict into ios shared lib
* fixes hardware commands in ios_facts
* adds network_os value to play_context in ios action plugin
fixes#21190
Replaces the usage of expanduser with the type 'path' for the
dest and object options as that functionality is available
in that type automatically.
patch related to #12263
The usage of type 'path' for the path option makes the use
of expanduser redundant. This patch removes the expanduser
call because the path type is already used for the path
option
* updates all vyos modules to use socket connection
* adds vyos local action handler
* adds exec_command() to vyos
* updates vyos_config local action
* update unit test cases
* add base class for testing vyos modules
* updates all ios modules to support persistent socket
* adds ios action plugin to connect to device
* adds exec_command() to ios shared module
* fixes ios_config and ios_template local action
* update all unit test cases
* adds base test module for ios module testing
* initial commit of cloudfront_facts.py
* modification as per review from @georgepsarakis
* fixed shippable build error
* fixed shippable build error
* removed wildcard imports and replaced with specific imports from ansible.module_utils.ec2 as advised by @georgepsarakis
* renamed all instances of cloud_front_origin_access_identity to origin_access_identity as advised by @georgepsarakis
* show facts based on alias and distribution id for easy referencing as advised by @ryansb. have done for both distribution and distribution_config
* fixed incorrect logic for default list_distributions, fixed list_distributions_by_web_acl - wasn't passing web_acl_id, fixed list_invalidations keyword args missing DistributionId
* fixed last fact added clobbering all previous facts for an alias or an id
* removed list_ prefix from list keys
* removed unnecessary boto fields. made list_distributions and list_streaming_distributions dictionaries with id/alias as key. fixed list_invalidations.
* initial commit of cloudfront_facts summary
* checks for empty list returned from boto, standardised list naming
* neatened up parameters
* added summary documentation
* refactoring of functions for modularity
* refactoring, neatening code, fix for if cname not present, added try-catch blocks
* more refactoring, cleaning
* more cleaning, allowed streaming distributions to be found by domain name alias
* removed unnecessary line
* fixed tabs
* fixed indentation
* removed trailing whitespace
* removed more whitespace
* more refactoring, modified where invalidations dict is set
* added ETag to summary
* refactored summary list
* moved list out of for loop
* trailing white space
* reverted line lengthening as advised by @willthames
* modified exceptions to multi line as advised by @willthames
* reverted variable spacing to be more pythonic'
* reverted spacing in YAML as advised by @ryansb
* reverted line spacing for parameters for correct blame attribution as advised by @ryansb
* removed white space
* more white space
* reverted line spacings for parameters as advised by @ryansb
* removed spaces between parameters as advised by @ryansb
* Avoid having module documentation links to itself
A lot of modules use M(own_module) in their documentation causing a link
in the documentation to itself.
* Make note more clear now
Add nsupdate module to manage DNS records on a DNS server
This uses dnspython library
It's greatly inspired by https://github.com/mskarbek/ansible-nsupdate with some rework, better feedbacks and documentation addition
Signed-off-by: nerzhul <loic.blot@unix-experience.fr>
* Make access_token type str, remove alias, and make validate_certs default value true
* Remove extra white space and add end of file newline
* Remove comma
* Try removing that whitespace again
* new module for private cert generation
* - changes based on the reviewer's comments
* - changes based on the reviewer's comments
* extra documentation per request
>>> timeit.timeit("uuid.uuid4()", setup="import uuid")
9.518647909164429
>>> timeit.timeit("get_unique_id()", setup="from __main__ import get_unique_id")
0.40436601638793945
This will mainly be beneficial when a very large inventory is being
used, however it may also help with some very large playbooks.
* Removing cmp to be compatible with Python3
* fix syntax
* Added an overlooked return
* Fixing making things overly complicated
* Simplifying since tags will always be hashable. Don't need to use cmp at all.
For F5 modules, the options that are commonly specified can
also be specified in the environment variables. This patch
adds the doc fragments that describe which env var goes
with which module option.
* Add swupd plugin
Add support for ClearLinux update manager (swupd)
Signed-off-by: Alberto Murillo Silva <alberto.murillo.silva@intel.com>
* swupd: Document RETURN values
Signed-off-by: Alberto Murillo Silva <alberto.murillo.silva@intel.com>
* swupd: Add a meaningful description for failures
Signed-off-by: Alberto Murillo Silva <alberto.murillo.silva@intel.com>
* swupd: Clarify documentation
Provide more information about the options supported by the module
since some concepts are new for people not used to clearlinux/swupd
Signed-off-by: Alberto Murillo Silva <alberto.murillo.silva@intel.com>
* Add NetApp SolidFire volume access group module
* Minor fixes
* Make requested changes
* Set supports_check_mode to True
* Add Ansible metadata
* Make requested changes
* Minor fix to documentation
* Add a surrogate_then_replace error strategy to keep to_bytes from tracebacking by default
* Port all code that explicitly used surrogate_or_replace to surrogate_then_replace
The default Package Manager for Solaris 11 has been set to the module pkg, but there is no such module. Instead pkg5 exists and will be used from now on.
* Initial version of aos_ip_pool module
* Add examples for IP Pool
* Break down ip_pool into smaller function
* Refactor do_load_resource
* Add get_display_name_from_file
* Add ‘src’ as an option to load ip pool from JSON file
* Rename directory network/apstra to network/aos
* Remove exception handling temporary
* Remove all ‘Exception as XX’ to be python 2.4 compatible
* Replace ‘== False’ with ‘is False’ for PEP8 Test
* Update documentation to be Yaml compatible
* Lisg all method imported from module_utils.aos
* Refactor to align with collection.find() changes
* Update examples by @gundalow’s recommendations
* Update Documentation per @gundalow’s recommendations
* Change the license per @gundalow recommendation
* Add exception handling for get_aos_session
* Change Auth format and add check_aos_version() to check minimum version
* Add a check for minimum version
* Refactor ‘src’ into ‘content’ to allow more options
Remove get_display_name_from_file in aos.py
Add content_to_dict in aos.py
* Fix variable name in do_load_resource
* Add mention of aos.py in module_utilities doc
* Add try/except for import yaml
* Add try/Except around main block of code and function
* Refactor to auto detect content_format, update doc accordingly
* Change create_new_ip_pool inputs
* Remove unused import
* Remove in_use as it’s never used
* Fix doc format
* Add version number in requirement doc
* Adding environment variable support for lambda.py in response to feature idea #20479.
Plus a 1-character bug fix.
* fix yaml syntax
* Fixing option name, adding alias, and fixing a line to allow the user to delete environment variables by setting an empty dict.
* Fix NetApp doc_fragment
* Add NetApp SolidFire Snapshot schedule manager module
* Minor fixes
* Change supports_check_mode to True
* Fix PEP8 issue
* Make requested changes
* Change 'pause' to 'paused'
* Add schedule ID as a returned parameter
* Make requested changes
* replaces persistent connection digest with _create_control_path()
* adds _ansible_socket to _legal_inputs in basic.py
* adds connection_user to play_context
* maps remote_user to connection_user when connection is local
* maps ansible_socket in task_vars to module_args _ansible_socket if exists
* Windows: Add Warn() and Deprecate() mechanisms
Similar to what already exists for python modules.
* Turn deprecations from list of strings, to list of dicts
Since #20884 the internal representations of deprecation messages is
changed from a list of strings to a list of dicts.
* Rename to Add-Warning() and Add-DeprecationWarning()
Implemented as discussed.
* Refactor dimensiondata_network to use shared base class for common functionality.
* Experiment: remove the assignments in the "except ImportError:" block that keep PyCharm happy. If this fixes the build, then I reckon there's a bug in the validate-modules script (https://github.com/ansible/ansible/blob/devel/test/sanity/validate-modules/validate-modules#L322).
* Remove unused imports.
* Changes based on feedback from @gundalow for ansible/ansible#21043.
- Use no_log=True for mcp_password parameter.
- Collapse module parameter definitions.
* Use shared definitions and doc fragments for common module arguments (ansible/ansible#21043).
* Make default network plan "ESSENTIALS", rather than "ADVANCED" (this is consistent with our other tooling).
Tidy up module parameter documentation.
* Simplify dimensiondata module documentation fragments (didn't know you could include multiple fragments).
* Change 'verify_ssl_cert' module parameter to 'validate_certs'.
* fix#19487
* add 'version_added'
* Check for version compatibility, Ignore keys if incompatible
* add comment about version support
* remove 'type' as requested
* fix merge error
* Don't check for var._obj in template._clean_data
AnsibleUnsafe or other unsafe vars used to have a
'_obj' slot but no longer do. This was causing attribute
errors if a object was 'unsafe' but not a string.
Add tests for AnsibleUnsafe, lookups, and AnsibleContext
* Fix 'yum skips updates' bug
When the 'yum check-update' output is parsed, the regex used
to stitch wrapped lines together would fail on the first package.
It would fail because there is an empty line before the first
package, and this triggered the regex. To avoid a more complicated
regex, preprocess the check-update output to strip out any
empty lines.
The regex is also updated to include a group on the non whitespace
match to be used in the sub.
Add test cases based on info provided in the bug reports.
Fixes#20608
In 159aa26b36
the result of _get_serialized_branches when no hosts were matched
changed from [[]] to []. Thus, the v2_playbook_on_no_hosts_matched
callback would not fire. Change the check so we get the error message
again. Fixes#17706
* known_hosts: support --diff
* known_hosts: support --diff also without --check
* Add unit tests and fix incorrect diff in one corner case
Tests are good!
* Refactor for readability
* Python 3 compat
* More Python 3 compat
* Add an integration test for known_hosts
* Handle ssh-keygen -HF returning non-zero exit code
AFAICT this is a bug in ssh-keygen in some newer OpenSSH versions
(>= 6.4 probably; see commit dd9d5cc670):
when you invoke ssh-keygen with -H and -F <host> options, it always
returns exit code 1. This is because in ssh-keygen.c there's a function
do_known_hosts() which calls
exit (find_host && !ctx.found_key);
at the end, and find_host is 1 (because we passed -F on the command line),
but ctx.found_key is always 0. Why is found_key always 0? Because the
callback passed to hostkeys_foreach(), which is known_hosts_hash(),
never bothers to set found_key to 1.
* This test does not need root
* Avoid ssh-ed25519 keys in sample known_hosts file
Older versions of OpenSSH do not like them and ssh-keygen -HF
aborts with an error when it sees such keys:
line 5 invalid key: example.net...
/root/ansible_testing/known_hosts is not a valid known_hosts file.
* Fix Python 3 errors
Specifically, the default mode of tempfile.NamedTemporaryFile is 'w+b',
which means Python 3 wants us to write bytes objects to it -- but the
keys we have are all unicode strings.
* Avi Networks Ansible modules.
Avi Version: 16.3.4
* Fixed Review comments
1. Changed description to be full sentences
2. Fixed Pep8 warnings.
3. Fixed comments and descriptions.
* 1. Fixed descriptions and messages as per review comments.
2. Added descriptions for the missing parameters.
* Fixed the shippable break due to the incorrect description format
* Removed the extra modules so that there is a single module for the first commit
* Updated license to BSD based on review comments
* updated comments based on review feedback
* Refactored code to handle POST and PUT scenarios where playbook does not need to check whether object is present.
Moved ansible helper utilities to module_utils as now roles can be patched with module_utils as well.
* fixed pep8 warnings
commit fails for devices with no candidate config, such as when configuraion is written to running-config store. Commit is set to True in main's call of netconf_edit_config. The simple edit is to add the additional logic around sending the commit. Otherwise you could change commit could be set to (if ":candidate" in m.server_capabilities) in the call of netconf_edit_config. Either way would work. I'll defer for the decision of which.
* cloudstack: cs_portforward: implement vpc support
* cloudstack: cs_portforward: add vpc and network to returns
* cloudstack: cs_portforward: networkid must not be used for rule listing
* cloudstack: fail for get_network when vpc but no network name
This seem to be a global pattern for get_network, we want to enforce a
network name to be set if a vpn param is given.
This is used for cs_portforward.
* cloudstack: cs_portforward: doc: fix defaults for vpc, network
Fixes#20754.
Details: UbuntuSourcesList.add_source() had a quick check for PPAs being
already present in the source lists. The check was looking for the PPAs
URL to be present in self.repo_urls, which should contain all valid and
enabled repositories.
The enabled check in repo_urls was incorrect. It was checking the tuple's
2nd item (which means "valid") and ignoring the 3rd item (which means
"enabled").
self.files contains tuples (line_number, valid, enabled, source_line,
comment_text). Ideally it would be using named tuples instead of
indexing, to avoid bugs like that, but Python 2.4 didn't have named
tuples, so we can't do that (yet).
* Make unused redhat_subscriptions do something
rhsm_baseurl/server_insecure were module params that were
never used previously. Hook them up for register options.
* pep8/style cleanups
* Set a module scope SUBMAN_CMD before we ref it as a global
* move ansible imports to top, remove '*' imports
* remove redhat_subscriptions from pep8 legacy
* Reminder that lookup(‘file’) can be used
Sometimes the block of text does not easily fit into a playbook, so this acts as a reminder (or a prompt for anyone who hasn't used this before) that the content could be stored in an separate file.
I've also included `backup: yes` as I think this is a good example of where a backup might be needed.
* Correct the not so "smart quotes"
* Update blockinfile.py
Replace – with an an ASCII -
- centralized skipping
- also fixed module name broken by previous refactor
- let action modules handle async processing
- moved async into base action class's module exec
- action plugins can now run final action as async
- actually skip copy if base skips
- fixed normal for new paths
- ensure internal stat is never async
- default poll to 10 as per docs
- added hint for callback fix on poll
- restructured late tmp, now a pipeline query
- moving action handler to connection as networking does
- fixed network assumption invocation is always passed
- centralized key cleanup, normalized internal var
- _supress_tmpdir_delete now in _ansible_xxx and gets removed from results
- delay internal key removal till after we use em
- nicer tmp removing, using existing methods
- moved cleanup tmp flag to mking tmp func
* Add Check Mode capability to kernel_blacklist module
* Add suggested changes from @tmshn
* Pass a bool into `Blacklist` that'll just be `module.check_mode`
* Move detection and creation of a file to a separate function within `Blacklist`
* If there's no file on the system and we are running under `Check Mode`, set `self.filename` to `os.devnull` AND mark a change, as the module would have created an empty file.
* Whenever a `self.filename` is being opened in a mode where changes can be made, replace with an if statement that checks `self.checkmode` and if true then open up `os.devnull` instead
* Move gather_facts action outside of vmware_guest module
* Move facts gathering method to vmware.py library
* vmware_guest use some vmware.py library methods
* vmware.py lib: fix some PEP 8 issues
* Move snapshot actions to vmware_guest_snapshot
* Move common snapshot facts to vmware.py library
* the `only_update` param description was kinda vague:
* either install if not installed
* or upgrade if installed
* or both!?
* as a result, remove the "install" statement from this sentence
Resolves:
Related:
Signed-off-by: Daniel Andrei Minca <mandrei17@gmail.com>
If same config hierarchy is set and deleted in one playbook
for delete statement add support to check if the config is present
on device or in the playbook. If it is present add delete statement in
updated config list.
* added docs for vault and made trigger shorter: !vault
* added single var valuting
* Update playbooks_vault.rst
Edit pass for spelling and grammar. Ship it!
* Update playbooks_vault.rst
Typo fixes.
At the moment, this change will use EPoll on Linux, KQueue on *BSDs,
etc, so it should alleviate problems with too many open file
descriptors.
* Bundle a copy of selectors2 so that we have the selectors API everywhere.
* Add licensing information to selectors2 file so it's clear what the
licensing terms and conditions are.
* Exclude the bundled copy of selectors2 from our boilerplate code-smell test
* Rewrite ssh_run tests to attempt to work around problem with mocking
select on shippable
Fixes#14143
* returns support for prompt/response over cli
* now sends native dict instead of str command
* fixes issue with run_commands() in ios to jsonify request
* updates unit test cases
* Make the module_utils path configurable
* Add a config value to define the path site module_utils files
* Handle module_utils that do not have source as an error
* Make an integration test for module_utils envvar working
* Add documentation for the ANSIBLE_MODULE_UTILS config option/envvar
* Add it to the sample ansible.cfg
* Add it to intro_configuration.
* Also modify intro_configuration to place envvars on equal footing with
the config options (will need to document the envvar names in the
future)
* Also add the ANSIBLE_LIBRARY use case from
https://github.com/ansible/ansible/issues/15432 so we can close out
that bug.
* Check for the prompt as a substring of the output
sudo sometimes spits out warnings to stdout before getting to the
password prompt. Account for that when trying to match a password
prompt.
Fixes#20858
We need to use ssh_executable instead of hardcoding ssh in the command
we run but we need to use "ssh" when we lookup the value of the
{command}_extra_args variable. Do this by leaving binary as "ssh" and
only expanding when we place it into b_command.
Fixes#20862
* cloud: ovirt: add snapshots module
* Move imports in ovirt_snapshots module to match style & pass CI
* Move ovirt_snapshot_facts imports to comply w/ CI
* Update validate-modules
* Validates ANSIBLE_METADATA
* Ensures imports happen after documentation vars
* Some pep8 cleanup
* Clean up some left over unneeded code
* Update modules for new module guidelines and validate-modules checks
* Update imports for ec2_vpc_route_table and ec2_vpc_nat_gateway
* cloud: ovirt: add function to get id by name
* cloud: ovirt: add instance type parameter
* cloud: ovirt: use param method instead of module.params
* cloud: ovirt: use 'and' at begging of next line
* cloud: ovirt: add description parameter to vms module
* cloud: ovirt: add comment parameter to vms module
* cloud: ovirt: add timezone parameter to vms module
* cloud: ovirt: add serial_policy parameter to vms module
* Rename vyos2 over vyos
* Update vyos_config to LocalAnsibleModule
Change result key 'updates' -> 'commands'
vyos_config is supported by core
* vyos_config tests
* Enable bracket config use
* Sanitize config before use
Boolean options that default as `None` but are set to `False` by the user were ignored on update. This change checks to distinguish None & False so that options like multi_az can be turned off during an update.
* Modifying how optional parameters are handled in rds.py. Fixes#20370
Allowing options to be set to false/no. Previously ignored unless set to true/yes.
Added a conditional for invalid parameters since the default is false instead of null for some options (e.g. force_failover, apply_immediately, upgrade).
* Making requested revision.
* win_shortcut: Add missing $check_mode definition
For some reason this entry was missing, possible a merge-conflict gone
wrong :-(
* Added integration tests and bugfix
Add missing changes.
Those "unused" doc fragments are still referenced
lib/ansible/modules/network/eos/eos_config.py:extends_documentation_fragment: eapi
lib/ansible/modules/network/eos/eos_facts.py:extends_documentation_fragment: eos
This reverts commit 246cd041d8.
* Disassociate subnets from route tables before deletion
If a route table still has subnets associated with it, it will fail
to delete:
```
"msg": "The routeTable 'rtb-abcd1234' has dependencies and cannot be deleted."
```
Avoid this by disassociating subnets before route table deletion
* Fix ec2_vpc_route_table flake8 complaints
* Check if EIP exists before deleting it
After deleting the NAT gateway, the EIP sometimes seems to
cease to exist afterwards. Check if it exists before deleting it.
Otherwise you get:
```
Failed to release EIP eipalloc-abdc1234: An error occurred (InvalidAllocationID.NotFound) \
when calling the ReleaseAddress operation: The allocation ID 'eipalloc-abcd1234' does not \
exist", "success": false}
```
* Fix flake8 errors with ec2_vpc_nat_gateway
* A method to validate and alter the ssh control path automatically.
* First tries %C to use the shortened hash
* On further failure, it removes section by section from the original path
* Fix hostname
* Implement bcoca's suggested changes
* Remove unused option
* Remove unused class var
* Use to_string to avoid unicode error
* Switch from to_text to to_bytes
* Update the example config for the new controlpath feature
* [GCE] External IP Address Module.
This module allows users to create and delete External IP Addresses. Both Regional and Global Addresses are supported.
* Removed whitespace causing pep8 issue
* added ec2_vpc_igw_facts module
* added cr at end of file
* corrected import json in wrong location
* corrected version added
* added snake_case conversion
* updated documentation and fixed for python 3'
* ec2_vpc_igw_facts: simplify logic
Make module arguments more 'Ansiblish'
Remove unnecessary intermediate variables in results generation
Use `ansible_dict_to_boto3_filter_list` rather than duplicating logic
Use `check_mode` rather than pass a `dryrun` argument
Update for flake8 improvements
* updated documentation
* # This is a combination of 6 commits.
# The first commit's message is:
new module to import software or configuration file onto firewall
# This is the 2nd commit message:
changes based on the review comments; remove unecessary if statements; change returned value docstring
# This is the 3rd commit message:
empty checkin to trigger ANSIBLEbot
# This is the 4th commit message:
added additional exception handling
# This is the 5th commit message:
- added new module info to the changelog as requested
# This is the 6th commit message:
removed blank space as tox checks were failing
* new module to import software or configuration file onto firewall
* Support logical or condition in required_if
Add logical 'or' condition support in 'required_if'
for requirements.
* If requirements is a list all parameters within it should
be present.
* If requirements is a set atleast one parameter should
be present
* Fix review comment
* Remove monkeypatching of rhn config in rhn_register
rhn_register.Rhn() was doing some complicated monkeypatching of
the up2date_client.config.Config() class to add a default config
value. Since that was only used in one place, remove the monkeypatch
and handle the single default case.
That case was 'server_url' option, so replace it with a Rhn.server_url
property. Also handle the error case when no server url is provided.
* refactoring
* flatten some indention levels
* add 'enable_eus' to module doc
* set enable_eus var and use it directly
* style/pep8/etc cleanups
* some import cleanups
types was unused, os/re were from module_utils * import
* remove * import from module_utils.redhat
* remove * imports from module_utils.base
* remove unused Rhn._subscribe method
* cleanup pep8 style stuff
* remove a unused default mutable arg from Rhn.subscribe
Rhn.subscribe() only gets called in one place, and thats
with channels from module_params which default to [] and
are typed as a list.
Update exception handling, remove use of iteritems
Update for better flake8 compliance
Use ansible_dict_to_boto3_filter_list rather than
duplicating its implementation
This version just gets the relevant paths from PluginLoader and then
uses the existing imp.find_plugin() calls in the AnsiballZ code to load
the proper module_utils.
Modify PluginLoader to optionally omit subdirectories (module_utils
needs to operate on top level dirs, not on subdirs because it has
a hierarchical namespace whereas all other plugins use a flat
namespace).
Rename snippet* variables to module_utils*
Add a small number of unittests for recursive_finder
Add a larger number of integration tests to demonstrate that
module_utils is working.
Whitelist module-style shebang in test target library dirs
Prefix module_data variable with b_ to be clear that it holds bytes data
added better way of adding warnings to return data
backwards compatible if warnings key already exists
added deprecations made iface more generic
changed to enforce type per item
added logging of warnings/deprecations
also display deprecations by default