* aci_aaa_user: Manage AAA users on ACI fabrics
* Fix module documentation
* Ensure we allow to not set accountStatus and expires
* Added aaa_password_lifetime and aaa_password_update_required support
* Improvements to integration tests in light of issue 35544
* Fix ACI ISO 8601 formatted string
* Add HAS_DATEUTIL
We introduced the new loop keyword as a replacement for with without
adding tests that it behaved as we expected. This test asserts that
behaviour.
Incidentally, it also shows how to use parameters with lookups and loops
now.
* Test for include_tasks & include_role bug
Related to ansible/ansible:#21890
* Fix nested include_tasks called from role
This fixes the path of included files when you want
to call include_task inside a role's task file and this
role is itself called from multiple level of playbook include_tasks
Related to ansible/ansible:#21890
This fixes ansible/ansible:#35109
* ec2_group: fix ipv6 tests to use an explicit VPC
* otherwise would fail on old AWS accounts supporting EC2-classic
* ec2_group: fix tests to use an explicit VPC
* Only run some tests if there is a default vpc associated with the account
* galaxy remove incorrect check for role path before extraction
Fixes#35217
Currently lib/ansible/galaxy/role.py checks roles_path and will
ignore paths that don't currently exist which it should not because
the path will attempt to be created by the role extraction process
(which is valid and expected behavior) and if unable to write at the
time of role extraction into the role_path, that error will be
handled properly at that point in the process.
Signed-off-by: Adam Miller <admiller@redhat.com>
* add test case for galaxy install with rolefile and rolepath
Verify we don't regress GitHub Issue #35217
Signed-off-by: Adam Miller <admiller@redhat.com>
* fix the integration test
Signed-off-by: Adam Miller <admiller@redhat.com>
* double quote for shellcheck glob warning
Signed-off-by: Adam Miller <admiller@redhat.com>
* fix galaxy install tests to not need remote resources
Signed-off-by: Adam Miller <admiller@redhat.com>
* make shellcheck sanity tests happy
Signed-off-by: Adam Miller <admiller@redhat.com>
* prep git global conf for running the galaxy install tests in docker
Signed-off-by: Adam Miller <admiller@redhat.com>
* move ansible-galaxy tests into their own target, make git conf non-global
Signed-off-by: Adam Miller <admiller@redhat.com>
* fix up tests based on feedback
Signed-off-by: Adam Miller <admiller@redhat.com>
* remove extra newline from aliases file
Signed-off-by: Adam Miller <admiller@redhat.com>
Enforce module deprecation.
After module has reached the end of it's deprecation cycle we will replace it with a docs stub.
* Replace deprecated modules with docs-only sub
* Use of deprecated past deprecation cycle gives meaningful message (see examples below)
* Enforce documentation.deprecation dict via `schema.py`
* Update `ansible-doc` and web docs to display documentation.deprecation
* Document that structure in `dev_guide`
* Ensure that all modules starting with `_` have a `deprecation:` block
* Ensure `deprecation:` block is only used on modules that start with `_`
* `removed_in` A string which represents when this module needs **deleting**
* CHANGELOG.md and porting_guide_2.5.rst list removed modules as well as alternatives
* CHANGELOG.md links to porting guide index
To ensure that meaningful messages are given to the user if they try to use a module at the end of it's deprecation cycle we enforce the module to contain:
```python
if __name__ == '__main__':
removed_module()
```
* Add aws_ses_identity module
* Update CI alias, add BotoCoreError exception handling.
* Add SES and SNS permissions to hacking/aws_config to run aws_ses_identity integration tests
This adds a new module called vmware_vm_vm_drs_rule. This module add
affinity/antiaffinity rule for VM-VM in given cluster.
Fixes: #32109
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* use tests instead of filters
* Don't check 'rc', use success/failed tests
- yum module use 'fail_json' which set 'failed'
- 'rc' is for backward compatibility:
bbd6b8bb42/lib/ansible/executor/task_executor.py (L571)
- besides yum module doesn't document any return values
* Allow to run tests twice in a row
ansible-test is executed with '--retry-on-error' switch, then tests must
be able to executed twice in a row.
Error was:
TASK [yum : install group] ***
ok: [testhost] => {
"attempts": 1,
"changed": false,
"failed": false,
"invocation": { [...] },
"msg": "",
"rc": 0,
"results": []
}
TASK [yum : verify installation of the group] ***
fatal: [testhost]: FAILED! => {
"assertion": "yum_result.changed",
"attempts": 1,
"changed": false,
"evaluated_to": false,
"failed": true
}
ecs_taskdefinition_facts should not populate ansible_facts with
so much information.
Better to just return the contents of the dict directly.
Reduce line lengths, use AnsibleAWSModule, don't reimplement
camel_dict_to_snake_dict.
* New module: ec2_vpc_egress_igw
* minor pep8 fix and doc update
* add test dir and files
* add tests for gateway module
* fix up return documentation per review
* remove HAS_BOTO3 stuff as it is handled in AnsibleAWSModule per review
* fix an error with failure message and add custom handler for non-existent vpc ID
* add additional tests and update tests per review
* ignore errors on clean up tasks
* update module copyright to newer format
* fix exception handling since BotoCoreError doesnt have response attribute
* actually fix exception handling this time so it works with Py3 as well
* Module to generate Diffie-Hellman parameters
Implements #32577
* Add integration tests for openssl_dhparam
* Slightly refactor check to prevent unnecessary regeneration
* Fix code smell in tests
Highly annoying to have to do this again and again and again as the rules change during the game
* Using module.run_command() and module.atomic_move() from a tempfile.
* Remove underscore variable
Ansible prefers dummy
* Admin account is not always called Administrator (eg Azure)
* this fixes some, but not all issues related to the Administrator account on non-English Windows as well (still numerous references to "Administrators" and other en-US Windows group names)
* Add missing pylint test for invalid path.
* Fix syntax in integration test.
* Use Write-Output in win_script test script.
* Fix pylint in explain mode.
* Don't skip an inventory source just because it has a comma, make sure it's also doesn't exist as a path. Fixes#34931
* Add integration test for inventory path with commas
* * Changes to enable network_cli and netconf on modules.
* limits connection local for single TC per playbook.
* * adds a note on why only 1 TC is executed with connection: local
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* support the mutilple ip configuration
* Update azure_rm_networkinterface.py
* add test
* fix spell
* make the virtual network name more flexiable
* add test
* fix
* fix lint
* add test
* fix parameter
* deprecate the flatten ip configuration
* fix lint
* fix encoding
* fix mirror
* fix
* load model from common
* ecs_ecr: Remove registry ID from create repository call
[Boto3 documentation][1] specifies 'repositoryName' as the only expected
argument. The `**build_kwargs(registry_id)` part also adds 'registryId' which,
when executed, fails with: 'Unknown parameter in input: “registryId”, must be
one of: repositoryName'.
[AWS API documentation][2] also lists only the 'repositoryName' parameter. I.e.
this is not a problem with the boto3 library.
The default registry ID for the account that's making the request will be used
when creating the rpository. This means that if the `registry_id` specified by
the user is different from the default registry ID, then the policy changes
following the repository creation would fail, because the repository will have
been created in one repository but subsequent calls try to modify it in
another. Added a safeguard against this scenario.
[1]: https://boto3.readthedocs.io/en/latest/reference/services/ecr.html#ECR.Client.create_repository
[2]: https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_CreateRepository.html
* Fix concurrent ECR integration tests
If the `ecr_name` is the same in multiple concurrent test runs, then they can
interfere with one another causing both to fail. The `resource_prefix` is
guaranteed to be unique for different jobs running in CI an so avoids this
issue while also making it easier to identify the test which created the
resource.
* Add identifier option to apache2_module
There is a convention connecting the name passed to a2enmod and the one
appearing in apache2ctl -M. Not all modules follow this convention and
we have added a growing list of implicit conversions.
As a better long-term solution this adds an "identifier" option to be
able to set both strings explicitly.
* Run debian-specific tests only there
* Improve cleanup after apache2 tests
This is a follow-up/extension of https://github.com/ansible/ansible/pull/33630
* Add example for the new identifier option
* Put all debian tests in a block
* UCS LAN Connectivity Policies and integration tests
* Docs updated
* UCS LAN Connectivity Policy and integration tests
* Fix use of description in docs and argument_spec so validate-modules passes
* UCS vNIC templates and integration tests
* docs updated
* UCS vNIC template and integration test
* Update docs and argument_spec for description, mtu, and target.
* win_setup: Add Product ID and Product Key in facts
So this is actually a very nice way to get product key information from
systems collected centrally.
Especially with systems that have been upgraded from Windows 7 or
Windows 8 to Windows 10 may not have a valid Windows 10 product
license key printed anywhere, it was a digital license.
If you ever have to reinstall the system, you may recover the system
from the recovery partition, or the original media, but cannot upgrade
to Windows 10 for free. By collecting the product key, one can always
reinstall your free Windows upgrade.
My only question is, do we want this to be part of the default facts, as
it may be considered important information. Or should we make a special
**win_product_key_facts** ?
* Add ACPI product key support
* Add integration test
* Remove Get-ProductKey function, move inline
Add deps/requires for fact collectors
Fact collectors can now set a required_facts
class attribute that will be a set of the names
of fact collectors they require to be run first.
ie, if a collector needs to know the ansible_distribution,
it should set it's required_facts to include 'distribution'
required_facts = set(['distribution'])
If a collector requires another collector, it gets added
to the selected collector names.
We then topological sort the ordering of the collectors
so that deps work out (ie, 'distribution' will run before
'service_mgr')
required_facts were added to the collectors for:
- network (requires 'distribution', 'platform')
- hardware (requires 'platform')
- service_mgr (requires 'distribution', 'platform')
Fix name references for facts (need 'ansible_' prefix)
is service_mgr
Fixes#30753
Enforce that there can be only one --new-vault-id or
--new-vault-password-file and use this instead of
--encrypt-vault-id
* Add a config option for default vault encrypt id
This avoids breaking other tests which depend on backports
modules, since the backports.lzma module is currently
incompatible with other backports modules.
Extract vault related bits of DataLoader._get_file_contents to DataLoader._decrypt_if_vault_data
When loading vault password files, detect if they are vault encrypted, and if so, try to decrypt with any already known vault secrets.
This implements the 'Allow vault password files to be vault encrypted' (#31002) feature card from
the 2.5.0 project at https://github.com/ansible/ansible/projects/9Fixes#31002
People expect to be able to upload files to s3 using standard
locations for files.
Providing an action plugin that effectively rewrites the `src`
key to the result of finding such a file is a great help.
Tests added, and IAM permissions corrected
* First pass at include_role tests
* Reorganize test structure
Do all import and include tests in a single target.
* Build out more tests and test with linear and free strategy for each type
* import_role tests
* Set target host for play test
* Basic import_playbook tests
* Basic import/include_tasks tests
* Add recursion test
* import_playbook tests
* Add import_playbook group_vars test
Issue #33177
* Additional group_var tests for import_playbook
* Enable recursion test
* More work on import_tasks
* Run all tests via run.sh, improve conditional tests, add never tag
Add never tag to certain failining tests and explicitly skip it for now until #34104 is merged. Some tasks need to remain commented out because they cause the entire play to fail and aren't skippable by tags because they are syntax and/or variable checks.
Improve test for whether or not a role was run based on a conditional. Since the [import|include]_role does not register a variable, use a variable that is set inside a role as a canary test for whether or not the role was run.
* Use a fail task rather than trigger a failure via bogus command
This should resolve the "unstable" test results.
* Import tag tests
Fix bug it tests where validate tasks weren't run on tag tests.
Add tests for task import/include with tags.
* Remove test for playbook group_var inheritance
* npm module compatible with npm5
Uses the `--long` flag in `npm list` to get the `missing` key back.
* npm: add integration tests
* npm: test the module with npm 4 as well
* Remove debug tasks, use variables
* Use tests instead of filters
* Adds xcambar as a maintainer of the npm module
* win_iis_webbinding: Fix bug with ipaddress * returning multiple bindings
instead of only the ones defined as *. Address possible future issues around
hostheader * by just disallowing it. Resolves 25473. Added new test for
this case.
Removed all validation for https binding collisions due to difficulty in
validating all cases in which they could or could not collide. As a
result, also removed return values relating to certificate data.
Updated testing and docs appropriately
* win_iis_webbinding: added break to remove binding loops
* added cloudfont.py, modified cloudfront_facts.py class name and fixed a minor bug
* Improvements to cloudfront_distribution
* Reduce the scope of the cloudfront_distribution module
* Remove presigning
* Remove streaming distribution functionality
* Add full test suite for cloudfront distribution
* Meet Ansible AWS guidelines
* Make requested changes
Fix tests
Use built-in waiter
Update copyright