* Fix the function_name handling logic for lambda_policy
Switch the logic handling function_names that are ARNs
so that ARNs are correctly handled and detected
* Add tests for lambda_policy function_arn
Ensure that function_arn works.
Needs a reasonable ansible_lambda_role.
* Skip self._parent on dynamic, defer to grandparent for attr lookup
* Revert _inheritable
* Add tests for include inheritance from static blocks
Fixes#38037#36194
If user does not specify any network type then set network type
to dhcp. There are additional checks around 'ip', 'netmask' and
'type' in network spec.
Fixes: #38466
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Include change classification data in metadata.
* Add support for disabled tests.
* Add support for unstable tests.
* Add support for unsupported tests.
* Overhaul integration aliases sanity test.
* Update Shippable scripts to handle unstable tests.
* Mark unstable Azure tests.
* Mark unstable Windows tests.
* Mark disabled tests.
* Add include_import tests for many top level include_tasks
Rename a few test playbooks to make more sense
* Use fewer include_tasks due to memory limits in CI
* get_url should accept headers as a dict, instead of only a complicated string
* update headers description text
* Add headers string and dict tests for get_url
* Add intg test for string header format parsing error
* Adjust deprecation version ahead 1 release, add the version dict format was added in to description
* Handle duplicate headers, and make it easier for users to use cookies, by providing a pre-built string
* Ensure proper cookie ordering, make key plural
* Add note about cookie sort order
* Add tests for duplicate headers and cookies_string
* Extend tests, normalize headers between py2 and py3
* Add some notes in test code
* Don't use AttributeError, use six.PY3. Use better names.
* Error if a module is found to shadow a reserved keyword
* Add test for shadowed module
* Bring in functools.wraps for the decorator
* Drop the decorator, make _find_plugin the real function, find_plugin now holds the shadow logic
* Swap order of functions for bottom to top execution order
* Only error for modules
* Add test for loading a lookup plugin that shadows a keyword
Currently, when ones run the module in check_mode it tries to retrieve
values from the actual certificate generated in the generate() function.
Since in check_mode we call dump() without calling generate(), self.cert
is None, leading to self.cert.get_notBefore(), self.cert.get_notAfter()
and self.cert.get_serial_number() raising an error.
> NoneType' object has no attribute 'get_notBefore'
The solution is to have two way to handle dump() method, whether its run
in check_mode=True or check_mode=False leading to different way the
information is retrieved.
* Required changes to support redirects on HTTP 307/308
This ensures HTTP 307 and 308 will redirect the request to the new
location without modification.
* Fix the unused newheaders reference
* Be more compliant
* Add integration tests for follow_redirects=all
* Improve other tests for new behaviour
* Make follow_redirects values more strict
* added eos_smoke tests
* removed left over file
* added note to uncomment broken eapi test when #36919 is fixed
* uncommented fixed test, added unbecome test
* skip become tests when connection=local
* Added module win_pester and relatives integration tests
* Corrected issues as stated by ansible-test
* Added defaults variable in integration tests
* Added task to install Pester if needed in the integration test
* Corrected error in win_psmodule task
* Added Pester installation with Chocolatey when Powershell version < 5
* Get facts...
* Disabled invoke-pester output
* Added pester_result type
* Added jhawkesworth changes proposal
* Corrected documentation linting
* Corrected linting
* Added dagwieers recommendations
* Added dagwieers recommendations
* Corrected linting errors and task error in integration test
* Corrected error in integration test
* Added dagwieers recommendations
* Corrected requirements in the DOCUMENTATION block
* tolerate windows line endings when loading windows module utils. Helpful for old custom windows modules.
* add test modules to demonstrate win line ending module load behaviour.
* attempt to fix sanity check failures
* pep8 fix
* explict skip of test modules from shebang check (core modules must still have expected unix style line endings)
* switch to rstrip() following core team meeting feedback
* Add aws_ses_identity_policy module for managing SES sending policies
* Add option to AnsibleAWSModule for applying a retry decorator to all calls.
* Add per-callsite opt in to retry behaviours in AnsibleAWSModule
* Update aws_ses_identity_policy module to opt in to retries at all callsites.
* Add test for aws_ses_identity_policy module with inline policy.
* Remove implicit retrys on boto resources since they're not working yet.
* Mark UCS integration tests as unsupported.
* Mark various connection tests as unsupported.
* Mark win_domain_group test as unsupported.
* Mark java_cert test as unsupported.
* Mark synchronize-buildah test as unsupported.
* Mark various AWS tests as unsupported.
* Mark azure_rm_acs test as unsupported.
* Mark GCP tests as unsupported.
* stabilize ec2_vpc_subnet module
* Add waiters for ec2_vpc_subnet
Clean up integration tests
* Reenable CI for stabilized ec2_vpc_subnet tests
* rename waiters
* Use module_json_aws where applicable
Handle WaiterError first if waiting failed
* Fix traceback when tagging with keys/values that look like booleans
* Fix check mode with tags
* Add integration tests for tags that look like booleans and check mode
* Add waiter for deleting subnet
* Sleep a few seconds after using aws command line
* Use AnsibleAWSModule to simplify AWS connection
* Add Exception handling, pagination, retries and backoff
* Allow events to be switched off
* Allow details to be obtained without having to specify services
This is required if we want to ensure that #36809 doesn't cause any
important behavioral changes.
This PR changes the uri module to support follow_redirects=urllib2
It also adds a better error message when the connection closes before
any data was returned.
* Fix apt tests
* Enable the test in CI
* Additional fixes not discovered locally
* Don't break mysql tests and fix for 14.04 upgrade
* Remove not needed when cond
* Add shebang to fix-udev script
* Remove workaround in favor of rebuilding containers
* Remove leftover script
SGs created when a VPC ID was not specified would not necessarily
get the default egress rule, even when no explicit egress rules
were set.
Add some checks for egress rules in results from existing tests
* Fix 'New Vault password' on vault 'edit'
ffe0ddea96 introduce a
change on 'ansible-vault edit' that tried to check
for --encrypt-vault-id in that mode. But '--encrypt-vault-id'
is not intended for 'edit' since the 'edit' should always
reuse the vault secret that was used to decrypt the text.
Change cli to not check for --encrypt-vault-id on 'edit'.
VaultLib.decrypt_and_get_vault_id() was change to return
the vault secret used to decrypt (in addition to vault_id
and the plaintext).
VaultEditor.edit_file() will now use 'vault_secret_used'
as returned from decrypt_and_get_vault_id() so that
an edited file always gets reencrypted with the same
secret, regardless of any vault id configuration or
cli options.
Fixes#35834
Fixes#37208
If check_mode is enabled instead of committing th config need to
discard all the chnages to cnadidate db
In case of cli to discard changes issue `rollback 0` command
and for netconf execute `discard-changes` rpc call
* Add tests using a variable in tasks_from field
Related to #32503
* Do not test using hostvars with import_role
hostvars cannot be used with import_role — use include_role instead
* template: Add integration tests for `lstrip_blocks'
Signed-off-by: Alex Tsitsimpis <alextsi@arrikto.com>
* template: Fix passing `trim_blocks' inline
Fix passing `trim_blocks' option to the template module as inline
argument. Previously passing the `trim_blocks' option inline instead of
using the YAML dictionary format resulted in it always being set to
`True', even if `trim_blocks=False' was used.
Signed-off-by: Alex Tsitsimpis <alextsi@arrikto.com>
* template: Add option to `lstrip_blocks'
Add option to set `lstrip_blocks' when using the template module to
render Jinja templates. The Jinja documentation suggests that
`trim_blocks' and `lstrip_blocks' is a great combination and the
template module already provides an option for `trim_blocks'.
Note that although `trim_blocks' in Ansible is enabled by default since
version 2.4, in order to avoid breaking things keep `lstrip_blocks'
disabled by default. Maybe in a future version it could be enabled by
default.
This seems to address issue #10725 in a more appropriate way than the
suggested.
Signed-off-by: Alex Tsitsimpis <alextsi@arrikto.com>
* template: Add integration tests for `trim_blocks'
Signed-off-by: Alex Tsitsimpis <alextsi@arrikto.com>
* template: Check Jinja2 support for `lstrip_blocks'
Since the `lstrip_blocks' option was added in Jinja2 version 2.7, raise
an exception when `lstrip_blocks' is set but Jinja2 does not support it.
Check support for `lstrip_blocks' option by checking `jinja2.defaults'
for `LSTRIP_BLOCKS' and do not use `jinja2.__version__' because the
latter is set to `unknown' in some cases, perhaps due to bug in
`pkg_resources' in Python 2.6.6.
Also update option description to state that Jinja2 version >=2.7 is
required.
Signed-off-by: Alex Tsitsimpis <alextsi@arrikto.com>
* Fix loading of filter and test plugins
Filter and test plugins are different than other plugins in that they
can have many plugins in a single file. Therefore they need to operate
a little differently. They need to have all of the potential files
returned. Then the caller takes care of passing those onto jinja2 in
order for jinja2 to make use of them.
This problem was (most recently) introduced with f921369445
This commit also restructures how we deduplicate plugins to take paths
into account. If we want to start scoping which set of modules are
loaded (due to roles, for instance) we'll need to hang on to the path
information.
* add integration test for override
* Fix style checks for bcoca code
* Implement jinja2 plugin loader as a subclass
Having a subclass allows us to customize the overriding of jinja
plugins. We can then move common parts of common code into the Loader.
* [cloud] ec2_vpc_route_table: ignore routes without DestinationCidrBlock
Add module warnings rather than silently skipping
* Permit warnings for routes tables containing vpc endpoints to be turned off
* Add tests to ensure a VPC endpoint associated with a route table does not result in a traceback
* adding possibility to specify resource group for referred virtual network
* fixed sanity issues
* removed trailing whitespace
* added test
* fixed documentation
* try to fix unstable test
* Tidied up the description of virtual_network_resource_group
* adding possibility of disabling public ip address
* fixed indent
* fixed whitespace
* fixed mistake
* try to create test with vm without public ip address
* try to fix test
* another attempt for test
* fixing test
* create vm with no ip with different name and delete it immediately
* a few additional fixes
* another attempt to pass test
* must be deleted
* simplified no ip test
* reorganised tests
* Wrapped choice in C()
* fixed issue when public ip address should not be created
* adding test for public ip address
* fixed samples
* another fix to sample formatting
* fixed test
* fix test
* fixed test
* another attempt to fix test
* maybe it works now
* still wrong
* improved check per customer request
* removed stupid semicolon
* updated test to match main scenario
* changed ip configurations to list
* another attempt
* add additional test coverage for tower modules
* add test coverage for the tower_credential module
* add test coverage for the tower_user module
* fix a bug in py3 for tower_credential when ssh_key_data is specified
* add test coverage for tower_host, tower_label, and tower_project
* add test coverage for tower_inventory and tower_job_template
* add more test coverage for tower modules
- tower_job_launch
- tower_job_list
- tower_job_wait
- tower_job_cancel
* add a check mode/version assertion for tower module integration tests
* add test coverage for the tower_role module
* add test coverage for the tower_group module
* add more integration test edge cases for various tower modules
* give the job_wait module more time before failing
* randomize passwords in the tower_user and tower_group tests
* Check that connection error msg are not unsafe
* Connection error messages are unsafe: wrap them
For example, in case of error, docker connection plugin returns exception
message containing Go template. These messages weren't tagged as unsafe
and were consequently rendered:
The conditional check 'result is failed' failed. The error was:
{
'msg': u'Docker version check ([\'/usr/bin/docker\', \'version\', \'--format\', "\'{{.Server.Version}}\'"]) failed: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.35/version: dial unix /var/run/docker.sock: connect: permission denied\n',
'failed': True
}:
template error while templating string: unexpected '.'.
String: Docker version check (['/usr/bin/docker', 'version', '--format', "'{{.Server.Version}}'"]) failed: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.35/version: dial unix /var/run/docker.sock: connect: permission denied
* eos can not check config without config session support
* add testcase for check_mode without config session
* fix eos eapi to read use_session env var
Fixes#36979
If `abort` is not issued in the top level session prompt
the existing session goes to pending state.
The fix is to come out of config mode by issuing `end` command
and again to same config session and execute `abort` which
`abort` is issued at the top level session prompt.
Fixes#35993 - Changes to update_size in commit eb4cc31 made it so
the group dict passed into update_size was not modified. As a result,
the 'replace' call does not see an updated min_size like it previously
did and doesn't pause to wait for any new instances to spin up. Instead,
it moves straight into terminating old instances. Fix is to add batch_size
to min_size when calling wait_for_new_inst.
Fixes#28087 - Make replace_all_instances and replace_instances behave
exactly the same by setting replace_instances = current list of instances
when replace_all_instances used. Root cause of issue was that without lc_check
terminate_batch will terminate all instances passed to it and after updating
the asg size we were querying the asg again for the list of instances - so terminate batch
saw the list including new ones just spun up.
When creating new asg with replace_all_instances: yes and lc_check: false
the instances that are initially created are then subsequently replaced.
This change makes it so replace only occurs if the asg already existed.
Add integration tests for #28087 and #35993.
* Remove default admin_distance and fix the idempotence thereof
Fixes#33290
* Fix tests and use yaml anchors to shorten tests
* Add test for undefined admin_distance
* Read config from `show run` if `show ip static route` fails
* Restore flags to ios.get_config & use get_config where appropriate