* add key_data argument
The key_data argument helps when using a private key stored in Vault.
* Add "version_added" line
Add version_added line to pass automated tests.
* remove unnecessary nesting
* Adding iam_password_policy module
* fixing various issues -- error handling, bugs
* fixing various issues based on tests
* renaming dummy var
* fixing type reference in documentation
* adding int tests and other updates
* removing typo
* fixing auth for int tests
* removing int tests for now
* readding integration tests w/ unsupported designation
* removing conflicting group
* Update aliases
* Fix unused variable
* removed hardcoded loader/plugins list
* updated a few errors to keep orig object
* fix httpapi/cliconf listing
* ansible-doc fixes
* show undocumented as UNDOCUMENTEd
* added missing undoc
* Add support for IOS vlan parsing filter.
Example usage below:
{% set parsed_vlans = vlans | vlan_parser %}
switchport trunk allowed vlan {{ parsed_vlans[0] }}
{% for i in range (1, parsed_vlans | count) %}
switchport trunk allowed vlan add {{ parsed_vlans[i] }}
* Update test_network.py
Add import statement for filter
* Fixed PEP8 issues relating to comments
* Fix PEP8 issues related to blank lines
* Removed magic numbers for line lengths. This should generalize support
to other IOS-like NOS that use similar methods for listing vlans. The
default arguments for line lengths will still be specific to Cisco IOS.
The unit tests for line length are still specific to Cisco IOS.
* An earlier optimization of ansible-doc -l caused failures.
The optimization quickly searches the plugin code for short_description
fields and then uses that in the -l output. The searching was a bit too
naive and ended up pulling out malformed yaml. This caused those
plugins to be omitted from the list of plugins of that type with
a warning that their documentation strings were wrong.
This change makes the documentation parser aware that the documentation
string could have a relative indent for all of its fields which makes it
robust in the face of this particular problem.
* Don't search for space after short_description:
Any whitespace would be valid. In particular newline
1. Add support for SCSI controller creation
2. Support for SCSI Type
3. Warn about Disk Unit Number 7
4. Allow specifying SCSI controller
5. Allow specifying Disk Unit Number
6. Idempotency
7. Remove disks
8. Do not allow to reduce disk
9. More than 15 disks support
10. No SCSI controller and unit number check
11. Thin support
12. Update documentation and example
13. Multiple Datastore and datastore cluster support
14. Check datatype of disk unit number and SCSI controller
15. Handle disk_size when it is int or float
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Update pydoc
* Update module documentation and example
* Add aliases for name as creation_token
Fixes: #28738
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Added secure boot enable/disable to vmware_guest_boot_manager. Also added its state to facts
* VMware does not support secure boot when boot_firmware is bios. Add some guardrails to protect the user from misconfiguration
* Address review comments
When multiple virtual machines or templates are found in environment,
module needs folder path. This fix adds facility to specify folder path
for template or virtual machine if multiples are found.
Fixes: #37087
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Fix in confirmed_commit capability in netconf_config modules
Fixes#46804
* If confirm value is greater than zero or confirm_commit option is set and confirmed-commit
capability is not supported but Netconf server only in that case fail the module
* Update confirm-commit flag
* Minor changes
* Don't execute mount or umount in check mode
* The datastore was mounted or unmounted when you execute the playbook in
check mode.
* Test if running in check mode before mounting or unmounting the
datastore.
* Add support for NFS v4.1 datastores
* Move ansible.compat.tests to test/units/compat/.
* Fix unit test references to ansible.compat.tests.
* Move builtins compat to separate file.
* Fix classification of test/units/compat/ dir.
Python sets the SIGPIPE handler to SIG_IGN. On execv() signal handlers are
reset to their defaults, EXCEPT those that are SIG_IGN which are left ignored.
In Python 3 subprocess.popen explicitly resets the SIGPIPE handler to SIG_DFL,
but unfortunately in Python 2.7 it does not. This leads to subprocesses being
executed with SIGPIPE ignored. This is often a problem with bash scripts which
rely on SIGPIPE to terminate commands in a pipe, but can easily be a problem
with other applications.
This implements the Python 3 behaviour for Python 2.7 by using a preexec_fn.
Adding a value to an attribute or removing a value from an attribute of a LDAP entry throws the exception TypeError: object of type 'filter' has no len()
* Update win_scheduled_task.py to document that the duration of a task trigger can be null, which will cause it to run indefinitely - docs update makes use of suboptions
* Add a fix for the validate-modules schema
* Locate prtdiag even when absent from /usr/bin
On Solaris 8 hosts, this prevents fact collection from aborting with:
Argument 'args' to run_command must be list or string
* Lint fix.
* Style: pass /usr/platform/.../sbin as optional path to get_bin_path().
* Making username password etc non mandatory as we use persistence connection.
Some documentation fine tuning also done.
* To update version which was tested against.
* Adding Bacon switch (NE0152T) to device rules
* Qalthos Review catch
* Updating version
* Changing documentation to add Bacon switch. This is effective since 2.8
* Add url_username and url_password options for url lookup
* Update url.py
Fix documentation
* Fix options documentation
Default value for url_password and url_username is None not an empty string
* Add version added to documentation
* Break command over multiple lines to fix linting
* Fix more linting
* Update version_added in url.py to 2.8
Switches will accept the previously used syntax for /32 ACL entries, but they get changed to host ipaddress in the config file.
This results in the config check failing every time (permit ip 1.1.1.1/32 any log != permit ip host 1.1.1.1 any log), resulting in the ACL getting re-created on every single run of the Playbook.
Making this proposed change to the example will make it work in an idempotent manner.
+label: docsite_pr
This fix initializes current_version to None so that
module proceeds in check mode.
Fixes: #46654
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
If enable_snat is False, this should be used to build the
request, because the default value in the OpenStack Networking
API is True.
Fixes the issue #45915.
* ios_facts: Fix LLDP gathering without neighbors
When LLDP is enabled but no neighbors are present, the following
structure is generated:
...
"ansible_net_neighbors": {
"null": [
{
"host": null,
"port": null
}
]
},
...
If we are not able to find any relevant LLDP information, bail out early
so cases like shown above are handled more gracefully.
* ios_facts: Remove trailing space in lineprotocol
Some Cisco devices (at least CSR1000V 16.6.4) add a space after the
line protocol. This causes the space to be present in the result of
fact gathering:
"ansible_net_interfaces": {
"GigabitEthernet2": {
...
"lineprotocol": "up ",
Be more clear about scanning the output to avoid this behaviour.
* adding explanation of replace_all_instances
How does "replace_all_instances" work? does it increase the number of instances by 1 in the Load balancer and it scales in a server and waits for it to complete its health check, OR does it terminate a node a that causes an autoscale event to happen and then adds a new server?
+label: docsite_pr
* Enable communication to management API over HTTPS.
* Specify version added tags to new parameters
* Set proper parameter type.
* Corrected version_added numbers.
* Extracted commons to ansible utils.
* Fix PEP8 error
* Fix documentation extension syntax.
Fixes#22953
When python is compiled in debug mode, or certain command line flags are
passed, python issues helpful warnings to let users know of files opened
by not closed.
This can be fairly spammy on an ansible run. This change reduces the
number of such warnings by a factor of 10.
* Remove unnecessary workaround
* add test: set RABBITMQ_NODENAME environment variable
The following error occurs:
TASK [rabbitmq_user : Add user] ***
fatal: [testhost]: FAILED! => {
"changed": false,
"cmd": "/usr/sbin/rabbitmqctl -q list_users",
"rc": 69,
"msg": "Error:********@c65c2bc59398'. Please see diagnostics information and suggestions below.\n\nMost common reasons for this are:\n\n * Target node is unreachable (e.g. due to hostname resolution, TCP connection or firewall issues)\n * CLI tool fails to authenticate with the server (e.g. due to CLI tool's Erlang cookie not matching that of the server)\n * Target node is not running\n\nIn addition to the diagnostics info below:\n\n * See the CLI, clustering and networking guides on http://rabbitmq.com/documentation.html to learn more\n * Consult server logs on node test@c65c2bc59398\n\nDIAGNOSTICS\n===========\n\nattempted to contact:********@c65c2bc59398\n * effective user's home directory: /var/lib/rabbitmq\n * Erlang cookie hash: 3MxcYFrJzfhEL+FlUfLlQw==",
"stderr": [...],
"stderr_lines": [
"Error: unable to perform an operation on node 'test@c65c2bc59398'. Please see diagnostics information and suggestions below.", "",
"Most common reasons for this are:", "",
" * Target node is unreachable (e.g. due to hostname resolution, TCP connection or firewall issues)",
" * CLI tool fails to authenticate with the server (e.g. due to CLI tool's Erlang cookie not matching that of the server)",
" * Target node is not running", "",
"In addition to the diagnostics info below:", "",
" * See the CLI, clustering and networking guides on http://rabbitmq.com/documentation.html to learn more",
" * Consult server logs on node test@c65c2bc59398", "",
"DIAGNOSTICS", "===========", "",
"attempted to contact: [test@c65c2bc59398]", "",
"test@c65c2bc59398:",
" * connected to epmd (port 4369) on c65c2bc59398",
" * epmd reports: node 'test' not running at all",
" other nodes on c65c2bc59398: [rabbit]",
" * suggestion: start the node", "",
"Current node details:",
" * node name: rabbitmqcli2@c65c2bc59398",
" * effective user's home directory: /var/lib/rabbitmq",
" * Erlang cookie hash: 3MxcYFrJzfhEL+FlUfLlQw==", ""
],
"stdout": "",
"stdout_lines": []
}
* node parameter: fix default value
'rabbit' is the default value mentioned in the module documentation.
This fix checks if executable exists in local connection specified using
ANSIBLE_EXECUTABLE variable.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* module_utils.urls: add fetch_file function
* apt: use fetch_file instead of own download()
* unarchive: use fetch_file instead of own codecopy
* apt: add test for deb=http://…
* unarchive: add test for a remote file download and unarchive
* yum: replace fetch_rpm_from_url by fetch_file
* use NamedTemporaryFile
* don't add a dot to fileext, it's already there
* allow update_cache as stand alone operation for yum/dnf
Fixes#40068
Signed-off-by: Adam Miller <admiller@redhat.com>
* make sanity tests happy
Signed-off-by: Adam Miller <admiller@redhat.com>
On connection errors the influxdb python module raises an exception with
an empty message leading to a fail_json with an empty error message:
265d14736b/influxdb/influxdb08/client.py (L252)
Fail with a more descriptive error in this case.
Currently, Ansible interprets variables with a True|False value as
boolean. This causes the vmware_deploy_ovf module to break, because
it can only accept string values as properties.
This fix checks if a value is boolean, and converts it to a string
if it is. Since integers do not seem to be causing the same error, this
is the only check we appear to need.
After completion, OVF properties that are boolean can be specified as
yes|no or true|false.
Closes: #45528
* Add chdir support to win_package
* Add chdir support to uninstall too.
* Update docs to account for uninstall.
* Correct variable substitution for hashtable.
* added changelog fragment
* Added module to manage manageiq tenants
* Fixed pep8 and module validation issues for manageiq_tenant
* Changes based on review
- Added parent attribute to specify the parent
- Cleanup return of tenant
- Update documentation on quotas
* Updated version added to 2.8
* Allow to specify images by hash for docker_container and docker_image_facts.
* flake8
* More sanity checks.
* Added changelog.
* Added test.
* Make compatible with Python < 3.4.
* Remove out-commented imports.
* Don't simply ignore container in present() if image is not specified.
* Use image from existing container for recreation if not specified.
* Added changelog.
* Improve comment.
* Ovirt_disk - Add ability to refresh passthrough disks
A new paramter "host" is added. When this paramter is specified the newly
created disk or an existing disk will refresh its information about the
underlying storage via the specified host. This oprion is only valid for
passthrough disks. This option requires at least the logical_unit.id to be
specified.
* Host search modification and some other minor changes.
* pep8 correction
* ovirt add snapshot delete after x days
* update logic of deleting snapshot and rename it
* update docs and names of vars
* update docs syntax
* Update ovirt_snapshot.py
* put remove logic to function
* use default removing function for snapshot
* win_reboot: Fix for ignore post_reboot_delay
This fixes an issue where win_reboot would be ignoring the provided
post_reboot_delay (and on Windows timing/waiting is everything!)
This must be backported to the v2.7 branch.
* Merge post-reboot handling into run()
* Adding a basic get lookup for rabbitmq.
* Always return a list
* If content type is JSON, make accessible via dict.
* Fixed incorrect json.loads variable and missing raise
* Change to document returned data
* Fixed pep8 issues
* Adding integration testing
* Moving lookup intgration tests to new target
* New rabbitmq lookup plugin (#44070).
* New rabbitmq lookup plugin (#44070).
* PR review feedback updates
* Testing pika is installed
* Minor mods to tests
* Check if connection is already closed or closing
* Updated tests and connection testing
* PR review feedback updates
* PR review include ValueError in AnsibleError output
* Suggesting to use set_fact when using returned variable more than once.
* Cleaned up some tests, added some notes and handling connection closure on some exceptions.
* Removed finally statement and added some additional error handling.
* Added some additional error handling.
* PR review updates.
* Additional integration tests and removing return in finally
* Updated version
* Changing back to running tests on ubuntu.
* Additional tests
* Running tests on Ubuntu only
* Fixing syntax error
* Fixing ingtegration tests and a string/byte issue
* Removed non-required test and fixed BOTMETA
* Trying to fix integration test failure on ubuntu1404
* Some issues occured when handling messages from the queue with to_native. Switching to to_text resolved the issues.
* Renaming channel to queue (thanks dch). Disabling trusty tests.
* macports: Replace update_ports with selfupdate
- Macports discourages use of `port sync` and recommends using `port
selfupdate` instead.
- Keep `update_cache` and `update_ports` as aliases.
- No longer require the `name` parameter so that `selfupdate` can be
used in a task by itself.
* macports: Add upgrade parameter
- New upgrade parameter which can be used to upgrade all outdated ports.
* Add changelog fragment
Fixes#35120 : the redis cache plugin keeps key/value
entries in an in-memory cache to avoid hitting the
redis database each time.
The problem is that a cache entry is only set when
a value is get or set but it is always deleted when
trying to delete a value.
When the --flush-cache ansible-playbook option is used,
the redis cache plugin is first asked to remove every
entry corresponding to every hostname present in the inventory.
As no value as been set/get so far, it then tries to delete
an unexisting value from the cache and hence crashes with
a KeyError exception.
* win_exec: refactor PS exec runner
* more changes for PSCore compatibility
* made some changes based on the recent review
* split up module exec scripts for smaller payload
* removed C# module support to focus on just error msg improvement
* cleaned up c# test classifier code
* New option JUNIT_TASK_RELATIVE_PATH to output relative paths.
It makes the output in Jenkins much more readable as the absolute
path was taking the whole width of the screen, leaving no space for
the actual message.
A makedirs instead of mkdir slipped in as to make the creation of
the output directory recursive, hope this is OK.
* Add version_added field to doc set to 2.8
* Separate networking tools that may be used by modules outside of networking so changes to networking-only utilities don't trigger AWS integration tests
* Add unit tests for moved network utils
* Add comment to prevent imports from being mistakenly removed
* Move to_bits as well
* Check that union Jinja filter can be chained
* set filters: fix unexpected templating type error
this error occurs with Jinja 2.10 since 32ec69d827,
for example when union filters are chained:
$ ansible all -i localhost, -mdebug -a"msg={{ []|union([])|union([]) }}"
localhost | FAILED! => {
"msg": "Unexpected templating type error occurred on ({{ []|union([])|union([]) }}):
unsupported operand type(s) for +: 'set' and 'list'"
}
* fix callback Plugin json to support global stat set by set_stats module
* refactor to not break compatiblity, add trailing comma on output dict
* Remove sorted, as it not needed
* refactor, to sivels better code
* clean some code messup
* add changelog fragment
* added missing new line
* fix pep8 stuff
In a scenario where you've set your logstash heap size high, you may need to set your heap lower in order to execute logstash-plugin while logstash is still running.
Here's an example of someone running into insufficient memory while executing logstash-plugin: https://discuss.elastic.co/t/logstash-plugin-and-jvm-options/99646
This scenario is probably fairly common, so it may be worth documenting as an example.
+label: docsite_pr
* docker_container: Honour stop_timeout when creating docker containers (#43814)
* Adjusting description to what actually happens.
See docker-py changelog for 2.7.0: 'APIClient.stop will
no longer override the stop_timeout value present in the
container’s configuration.'
* Add a test whether stop_timeout can be configured for the container.
* Added changelog.
* Integrate with comparisons (by default, ignore stop_timeout value for restarts; will be configurable with PR ansible/ansible#44789).
* Fix config change code and tests (#2)
* Improving wildcard test.
* Using correct config.
Previously, when the active SELinux value was the same as the desired value, regardless of the value of `persistent`, the module would simply exit successfully, assuming no need for update. This made the assumption that the active and persistent values should be the same, but that is not always the case. This modification treats both the active and persistent values separately when checking for the need to update. Note that the persistent update mode, however, will still update the active as well as the persistent value. If this is not desired, it is possible to separately toggle the active value alone.
Other changes:
* Make the check mode actually perform checks for changes
* Organizes semanage commands into set of logical steps
This prevents a stack trace in Python 3 when the result is an empty file since
the file is open in binary mode and a native string in Python 3 is str,
not bytes.
The stdout and stderr values returned from self._low_level_execute() are text, not bytes. This results in an error in Python 3 since str and bytes cannot be concatenated.
Changing to unicode type allows this to work without error on Python 2 and Python 3.
* modules/systemd: fix logic: allow scope to default to 'system'
Fix logic introduced in 7ea909418e: if 'scope' param is not specified,
it defaults to system, but the value of module.params['scope'] is None,
not 'system' - so allow for that.
* modules/systemd: fix logic: disabled means disabled
Fix logic determining whether a service with both systemd and initd files is enabled or disabled.
In situations where systemd thinks service is disabled, but rc.d symlinks mark it as enabled,
this module wrongly assumes the service is enabled.
Fix this logic: disabled means disabled
Only when the output from does NOT include disabled, consider the status of rc.d symlinks.
This essentially replicates the fixes done to the systemd handling in the "service" module in 3c89a21e0cFixes#22303Fixes#44409
* Fix spelling of 'separate' throughout.
* Various cleanups in the User Guide for Vault.
- Fix spelling of 'algorithm'
- Fix indentation of nested list in payload format
- Fix mysterious refernce to 'b_pkey1'.
- Fix reference to newline as '\n': the backslash is lost when rendered
to the docs website. Specify the hex value for newline instead of the
backslash escape.
* Fix formatting
* Update vault.rst
A lot of modules have a short_description with a trailing dot even
though we don't want trailing dots in the index. This change removes
it when creating the document index.
* Fail on attrs that don't work for includes
* Prefix with VALID_ to make it more clear
* Sort keywords
* Remove unnecessary list
* Adjust dynamic/static checking
In DNF < 3.0 are lists, and modifying them works
In DNF >= 3.0 < 3.6 are lists, but modifying them doesn't work
In DNF >= 3.6 have been turned into tuples, to communicate that
modifying them doesn't work
Further explanation of this is available via Adam Williamson from
the Fedora QA Team.
https://www.happyassassin.net/2018/06/27/adams-debugging-adventures-the-immutable-mutable-object/
Signed-off-by: Adam Miller <admiller@redhat.com>
* win_nssm: add failing tests for issue #44079
* win_nssm: use Run-Command instead of Invoke-Expression to prevent interpretation issue
Fix#44079
* win_nssm: add more failing tests
These tests highlight several issues with this module:
* Service not started when state=started
* Errors with app_parameters (see #25265)
* Exception when passing several dependencies separated by comma as specified in doc
* win_nssm: fix service not started when state=started
Nssm status returns a multiline output that doesn't match any of the strict patterns in the switch statement.
* win_nssm: fix incorrect separator in doc for service dependencies
The dependencies parameter works with space as separator, but not with comma as shown in the documentation
* win_nssm: fix error with app_parameters parameter
Fix#25265
* win_nssm: add idempotence tests
* win_nssm: fix several idempotence issues and misbehaviors
Add missing space between arguments when app_parameters contains several keys.
Use Argv-ToString and Escape-Argument to improve arguments handling (parameters with quotes, backslashes or spaces).
* win_nssm: test parameters with spaces, quotes or backslashes
* win_nssm: restore comma as separator for service dependencies
Revert commit ddd4b4b
* win_nssm: restore support of string as dict form for app_parameters and remove support of literal YAML dict
* win_nssm: wrong variable in tests
* openshift inventory: fix exception when auth fails
Fix 'ForbiddenError' object has no attribute 'message':
[WARNING]: * Failed to parse test.yml with openshift plugin: 'ForbiddenError' object has no attribute 'message'
File "ansible/lib/ansible/inventory/manager.py", line 270, in parse_source
plugin.parse(self._inventory, self._loader, source, cache=cache)
File "ansible/lib/ansible/plugins/inventory/openshift.py", line 122, in parse
self.setup(config_data, cache, cache_key)
File "ansible/lib/ansible/module_utils/k8s/inventory.py", line 58, in setup
self.fetch_objects(connections)
File "ansible/lib/ansible/module_utils/k8s/inventory.py", line 250, in fetch_objects
super(OpenShiftInventoryHelper, self).fetch_objects(connections)
File "ansible/lib/ansible/module_utils/k8s/inventory.py", line 81, in fetch_objects
namespaces = self.get_available_namespaces(client)
File "ansible/lib/ansible/module_utils/k8s/inventory.py", line 95, in get_available_namespaces
raise K8sInventoryException('Error fetching Namespace list: {0}'.format(exc.message))
Don't try to get 'message' attribute from:
- K8sInventoryException instances
- Exception instances
- KubernetesException instances (because KubernetesException can be
Exception)
* move k8s/OpenShift inventory plugin dedicated code
inventory plugin specific code should not be located in
lib/ansible/module_utils directory. Then ansible.utils methods can be
reused (for example Display).
* Remove unused class variables 'helper'
unused since 4d77878654.
* Update win_robocopy.py
<!--- Show example of UNC path copy of a single file, noting trailing backslash required -->
+label: docsite_pr
* addresses jborean comment, removes double quotes
* Remove trailing slash part
* Added feature facts to nxos_facts
* Fixed ansibot indentation
* Resolved ansibot whitespace missing after ','
* Per PR suggestion, created method in base class to gather switch config
and store in global variable to prevent multiple calls to switch.
* Addressed ansibot blank line & whitespace after ,