1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00
Commit graph

3019 commits

Author SHA1 Message Date
Matthias Fuchs
7871027c9d Share the implementation of hashing for both vars_prompt and password_hash (#21215)
* Share the implementation of hashing for both vars_prompt and password_hash.
* vars_prompt with encrypt does not require passlib for the algorithms
  supported by crypt.
* Additional checks ensure that there is always a result.
  This works around issues in the crypt.crypt python function that returns
  None for algorithms it does not know.
  Some modules (like user module) interprets None as no password at all,
  which is misleading.
* The password_hash filter supports all parameters of passlib.
  This allows users to provide a rounds parameter, fixing #15326.
* password_hash is not restricted to the subset provided by crypt.crypt,
  fixing one half of #17266.
* Updated documentation fixes other half of #17266.
* password_hash does not hard-code the salt-length, which fixes bcrypt
  in connection with passlib.
  bcrypt requires a salt with length 22, which fixes #25347
* Salts are only generated by ansible when using crypt.crypt.
  Otherwise passlib generates them.
* Avoids deprecated functionality of passlib with newer library versions.
* When no rounds are specified for sha256/sha256_crypt and sha512/sha512_crypt
  always uses the default values used by crypt, i.e. 5000 rounds.
  Before when installed passlibs' defaults were used.
  passlib changes its defaults with newer library versions, leading to non
  idempotent behavior.

  NOTE: This will lead to the recalculation of existing hashes generated
        with passlib and without a rounds parameter.
        Yet henceforth the hashes will remain the same.
        No matter the installed passlib version.
        Making these hashes idempotent.

Fixes #15326
Fixes #17266
Fixes #25347 except bcrypt still uses 2a, instead of the suggested 2b.

* random_salt is solely handled by encrypt.py.
  There is no _random_salt function there anymore.
  Also the test moved to test_encrypt.py.
* Uses pytest.skip when passlib is not available, instead of a silent return.
* More checks are executed when passlib is not available.

* Moves tests that require passlib into their own test-function.

* Uses the six library to reraise the exception.

* Fixes integration test.

When no rounds are provided the defaults of crypt are used.
In that case the rounds are not part of the resulting MCF output.
2018-08-27 08:40:41 -07:00
Rafael
ad993ca734 one_host environment variables, Fixes #44163 (#44568)
* including test case using environment variables as per issue #44163

* including missing environment variable in shared documentation fragement, related to issue #44163

* fixes parameters via environment variables, issue #44163
2018-08-27 10:55:04 -04:00
coreywan
50750c7363 Added nios_txt_record module (#39264)
* Added nios_txt_record module

Whitespace cleanup and version fix

First stab at txt record integration test

Fix for CI version requirement

Added nios_txt_record module

Whitespace cleanup and version fix

First stab at txt record integration test

Fix for CI version requirement

force re-run

* added alias for cloud group1
2018-08-26 12:25:16 +00:00
Shuang Wang
b03feb6d40 Implement part of #27617 [expend checksum format to <algorithm>:(<checksum>|<url>)] (#43751)
* expend checksum format to <algorithm>:(<checksum>|<url>)

* continue to code at office

* ALPHA - expend checksum format to <algorithm>:(<checksum>|<url>)

* clean up tmpfile and comment

* try to add test code for 27617

* try to add test code for 27617

* try to add test code for 27617

* try to fix [Could not find or access 'testserver.py']

* fix test code [Could not find or access 'testserver.py']

* fix test code [add files dir]

* fix test code [files dir not exists]

* as [connection was closed before a valid response was received]

* [connection was closed before a valid response was received]

* [connection was closed before a valid response was received]

* add test item [sha1 and sha256]

* since [connection was closed before a valid response was received]

* fix [connection was closed before a valid response was received]

* fix test code typo

* add docs for #27617

* PR #43751 is minor change

* fix pep8 issue.

* fix test code style.

* fix unexpected quote
2018-08-24 12:45:32 -04:00
Michael Price
ad91793428 Resolve issues in NetApp E-Series Host module (#39748)
* Resolve issues in NetApp E-Series Host module

The E-Series host module had some bugs relating to the update/creation
of host definitions when iSCSI initiators when included in the
configuration. This patch resolves this and other minor issues with
correctly detecting updates.

There were also several minor issues found that were causing issues with
truly idepotent updates/changes to the host definition.

This patch also provides some unit tests and integration tests to help
catch future issues in these areas.

fixes #28272

* Improve NetApp E-Series Host module testing

The NetApp E-Series Host module integration test lacked feature test
verification to verify the changes made to the storage array.

The NetApp E-Series rest api was used to verify host create, update, and
remove changes made to the NetApp E-Series storage arrays.
2018-08-24 15:44:59 +01:00
Trishna Guha
8b175d99c6
ignore file_pull (#44614)
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
2018-08-24 10:51:57 +05:30
Abhijeet Kasurde
33f5b1aa0f
VMware: new module: vmware_local_role_facts (#44553)
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2018-08-24 10:00:40 +05:30
Matt Clay
c2d16b754d Move azure_rm_appgateway certs into files.
This avoids ~20 minutes of runtime on the no-tests-as-filters sanity test.
2018-08-23 21:20:29 -07:00
Sam Doran
4d9218cec4 Add reboot action plugin (#35205)
* Update docs

* Add reboot action plugin

Refactor win_reboot so it is subclassed from reboot

* Use new connection methods

* Test fixes

* Use better uptime command for Linux

Use who -b to get the last time the system was booted rather than uptime, which changes every second.

* Use distribution specefic commands and flags

Query the managed node to determien its distribution, then set the appropriate command and flags.

* Tune debug messages a bit

* Update module docs with details about pre_reboot_delay

s docs

* Ensure that post_reboot_delay is a positive number

* Remove the stringification

* Add integration tests

* Make sure aliases are honored

* Handle systems that have an incorrect last boot time

SystemD and fakehw-clock do not properly set the
last boot time and instead always set it to epoch.
Use a different command if that is the case.

* Copyright and encoding fixes

* Minor fixes based on feedback

* Add exponential backoff to sucess check method

* Update integration test

Skip the integration test if it would try to reboot the control node. We need a new mechanism to account for this scenario in ansible-test, so tests must currently be run manually for this plugin.

* Update integration test

Skip the integration test if it would try to reboot the control node. We need a new mechanism to account for this scenario in ansible-test, so tests must currently be run manually for this plugin.

* Fail early with running with local connection

* Update docs based on feedback

* minor refactoring, state mgmt changes
2018-08-23 18:12:12 -07:00
Will Thames
60e3af42d5 sns_topic boto3 port (#39292)
* Port sns_topic to boto3 and add tests
2018-08-23 21:04:18 -04:00
Stephen SORRIAUX
a78cc15099 Add new parameters to manage mtime and atime for file module, fixes #30226 (#43230)
* Add new parameters related to mtime and atime for file module, fixes #30226
2018-08-23 17:20:54 -07:00
Brian Coca
9cc56981b5
Add new host_pinned strategy (#44586)
The 'free' strategy still attempts to do all hosts per task before going to the next, it just doesn't wait for slow hosts,
This strategy processes each host as fast as possible to the end of the play before trying to process another host in the pool.
2018-08-23 20:16:32 -04:00
Sloane Hertel
79ecb4c41f
Add diff mode for ec2_group (#44533)
* Add (preview) diff mode support ec2_group

* Add diff mode to some ec2_group integration tests

* Remove unnecessary arguments and add comment to the module notes

* Add changelog
2018-08-23 19:43:18 -04:00
Sloane Hertel
b152515fcb RDS inventory plugin (#41919)
Comments out uses of rds_instance in the integration tests and replace with AWS CLI until rds_instance has been merged
2018-08-23 19:42:32 -04:00
Dag Wieers
3d70274864
Added an async 'started' test (like 'finished') (#43445) 2018-08-24 01:29:34 +02:00
Matt Clay
18da873531 Ignore CentOS 6.10 for passwordstore test. 2018-08-23 15:39:57 -07:00
Felix Fontein
0e6234ab04 Adding module which allows to complete certificate chains (#44169)
* Adding certificate_complete_chain module.

* Avoid code smell errors.

* Removing input_chain_src.

* Make sure line ending is there.
2018-08-23 23:18:36 +02:00
Zim Kalinowski
1704c5932a adding app gateway module (#39940)
* adding app gateway module

* improved application gateway

* added register output

* subnet_output

* debugging

* dumping params

* fix dump

* fixed mapping

* fixed bug

* fixed param problem

* small fixes in code and added sample test

* fixed syntax

* fixing sanity stuff

* sanity fixes

* more sanity tests fixed

* added azure_tags

* tags

* pruning app gateway

* pruning app gateway

* string -> str

* removed type: str

* trying to add idempotency

* fixed syntax

* fix sanity

* fixed bugs

* fixed error

* disabled ssl policy check for  a while

* fixed dict comparison

* fixed syntax

* compare just http listeners & frontend ports

* fix syntax

* syntax

* syntax

* just compare sku

* fix syntax

* just http settings collections

* fixing appgw module

* make it green

* fix items issue

* compare all arrays

* fixed sanity

* adding snake_to_camel transformations

* fix

* another fix

* snake to camel

* additional snake to camel fixes

* fixed public ip address conversion

* version added is now 2.7

* changed alias

* dict_merge

* added ssl policy spec

* fixed new sanity issue

* renamed module

* fixed ssl policy translation

* added test for ssl & certificates

* updated doc

* fixed docs improved tests

* fix

* fixed test
2018-08-23 10:24:21 -07:00
Sam Doran
df335d91b0
Properly un expire account on creation (#44174)
When creating a new account, check to see if the expiration parameter is negative and pass in the appropriate parameter. Since the negative integer passed into expires is converted to time.struct_time which in turn gets converted to a formatted time string when passed to the underlying command, a -1 or large negative number would result in passing a date before 1970-01-01 to the underlying command.

This had the opposite effect of creating an account with no expiration account resulting in a newly created account that was already expired, or just throwing an error on certain systems.
2018-08-23 12:29:33 -04:00
jctanner
653d9c0f87 New keyword: ignore_unreachable (#43857) 2018-08-23 11:41:02 -04:00
Pilou
2603604fd6 gather facts improvements (#44008)
* gather_subset is a list of strings

When gather_subset is an integer, a message pointing out the problem, current tb error 
is replaced by this one:

    ERROR! the field 'gather_subset' should be a list of (<class 'str'>,), but the item '42' is a <class 'int'>
...
* gathering_facts test: ensure smart gathering is on
2018-08-23 11:36:06 -04:00
Guillaume Delpierre
23e44319ce crypto: Add new module openssl_pkcs12 (#27320)
[module] Create new module to handle PKCS#12 file.
2018-08-23 08:15:22 -07:00
Ganesh Nalawade
7a4ed53d08
Fix junos cli_command integration test (#44558)
* Issue rollback command before exit from config
  mode
2018-08-23 14:48:44 +05:30
Zim Kalinowski
9788951789
Adding os_disk_size_gb parameter to Virtual Machine (#43316)
* added os disk size gb

* fixed mistake

* added os_disk_size_gb to test

* fixed test

* no default for disk size
2018-08-23 15:36:58 +08:00
Ryan Brown
4c8808ec9d
Extend module_defaults by adding default groups for cloud modules (#44127)
Extends `module_defaults` by adding a prefix to defaults `group/` which denotes a builtin list of modules. Initial groups are: `group/aws`, `group/azure`, and `group/gcp`
2018-08-22 21:33:27 -04:00
Yuwei Zhou
fff5fb2077 Add route table and route module (#41175)
* add route module

* add test

* add table

* add  route table

* fix dict

* fix

* fix

* route  table accept no name

* add default

* fix

* fix

* fix

* fix pep

* support route table

* fix line ending

* fix pep

* fix

* fix

* set the default to 'None'

* make return value only id

* camel and snake

* set test alias

* change facts line ending

* change test

* fix

* add default

* fix

* fix line break

* remove unsafe args

* fix comment

* fix
2018-08-22 15:24:57 -07:00
Zim Kalinowski
a73340ee74 adding postgresql server facts (#43328)
* adding postgresql server facts

* updating postgresql server facts, minor changes

* changed return dict to list

* fixed test

* fixed several issues

* several updates

* fixed naming

* list -> complex

* try again

* fixed mistake

* added user_visible_state to the result

* added fully_qualified_domain_name

* fixed second test

* updates

* fixed test

* updated samples in return value

* wait for postgresql server to be actually ready

* another approach for test

* second server was not created

* fixing pr comments

* fix sanity

* removed forgotten  ansible_facts
2018-08-22 15:18:01 -07:00
sdubrul
061877d584 added account_alias in the response of module aws_caller_facts (#42345)
* added account_alias in the response of module aws_caller_facts

* added comment to explain list_account_aliases

* renamed caller_identity to caller_facts as the content is extended

* created changelog

* security-policy needs the iam:ListAccountAliases for this module to work

* test now checks for the added field account_alias

* gracefully handle missing iam:ListAccountAliases permission
2018-08-22 17:21:12 -04:00
Felix Fontein
960d99a785 ACME: new helper module for ACME challenges which need TLS certs (#43756)
* Added helper module for generating ACME challenge certificates.

* Soft-fail on missing cryptography. Also check version.

* Adding integration test.

* Move acme_challenge_cert_helper from web_infrastructure to crypto/acme.

* Adjusting to draft-05.

* The cryptography branch has already been merged.
2018-08-22 23:12:43 +02:00
Felix Fontein
ad0d10db0d ACME: improve tests (new Pebble version, strict mode) (#44518)
* Bump ACME test container version.

* Re-adding key rollover test.
2018-08-22 22:15:35 +02:00
Alex Stephen
261b90edc0 New GCP Module: gcp_compute_ssl_policy (#42797) 2018-08-22 13:00:15 -04:00
Alex Stephen
613a53c114 New GCP Module: gcp_compute_target_vpn_gateway (#42798) 2018-08-22 10:50:55 -04:00
Brian Coca
bda074d34e
fix tempating issues with no_log and loops (#44468)
* fix tempating issues with no_log and loops

 - task is no log if any item is
 - added test cases

fixes #43294
2018-08-21 21:53:56 -04:00
Jordan Borean
6982dfc756 psrp: Added new Windows connection plugin (#41729)
* psrp: Added new Windows connection plugin

* Tweaks to connection options from review
2018-08-21 16:43:13 -07:00
Florian Apolloner
6cf341b40e Fixed hash_host option in known_hosts module. Fixes #44284 2018-08-21 10:28:45 -07:00
Matt Martz
2bf6507c44
Use newer is_sequence function instead of MutableSequence (#44331)
* Use newer is_sequence function instead of MutableSequence. Fixes #44327

* Add changelog for #44331

* Update changelog fragment to describe the fix in more detail
2018-08-21 10:42:11 -05:00
Ganesh Nalawade
ce541454e9
Update netconf_config module (#44379)
Fixes #40650
Fixes #40245
Fixes #41541

*  Refactor netconf_config module as per proposal #104
*  Update netconf_config module metadata to core network supported
*  Refactor local connection to use persistent connection framework
   for backward compatibility
*  Update netconf connection plugin configuration varaibles (Fixes #40245)
*  Add support for optional lock feature to Fixes #41541
*  Add integration test for netconf_config module
*  Documentation update
* Move deprecated options in netconf_config module
2018-08-21 20:41:18 +05:30
Ryan Brown
91a16990d8 New module: Python Requirements Facts (#43108)
* New boto3_facts module

boto3_facts aims to help users see whether their python and module
versions are as expected.

* Rename to `assert_python_requirements`

* Update integration tests

* Document options

* fix imports

* boilerplate

* fix docs

* reorder import

* Make distutils optional and fail gracefully when it is not available

* fix example doc

* fix docs on requirements_facts
2018-08-21 09:19:10 +10:00
Matt Martz
617372f8c0
Mass nuke deprecated items that are easily removed. ci_complete (#44320) 2018-08-20 16:26:10 -05:00
Monty Taylor
27ac2fc67c Ensure that apt is always chosen on debian/ubuntu (#44413)
One can install alternate packages managers on debuntu machines.
However, doing so doesn't mean you want to suddenly start using them.

Add in a check similar to the fedora yum/dnf check that sets apt as the
pkg_mgr if the ansible_os_family is Debian.
2018-08-20 15:59:56 -04:00
Ryan Brown
6d52afeed6 New module cloudformation_stack_set (#41669)
* [AWS] new module cloudformation_stack_set with integration tests
2018-08-20 14:38:14 -04:00
Julien PRIGENT
3921f34253 ec2_instance.py: Add CpuOptions to EC2 (#43799)
* ec2_instance.py: Add CpuOptions to EC2

* ec2_instance_facts.py: Add CpuOptions to EC2 facts

* ec2_instance.py: LooseVersion and pylint indentation

* Implement nested cpu_options dict

* Fix botocore required version

* ec2_instance: Split integration tests to add executions with old botocore versions

* Ensure runme.sh is executable
2018-08-20 20:49:00 +10:00
Abhijeet Kasurde
adf3ab5e72
VMware: Add cluster fact in vmware_vm_facts (#44292)
This fix adds an additional fact about cluster in VM facts.

Fixes: #44101

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2018-08-18 18:51:37 +05:30
Fabian von Feilitzsch
519987d1b0 Revert "Disabled failing k8s integration test."
This reverts commit 9cc16ca9d8.
2018-08-17 13:26:45 -07:00
Matt Clay
9cc16ca9d8 Disabled failing k8s integration test. 2018-08-17 11:34:32 -07:00
Matt Martz
727beaf9f5 Fix invalid task attrs. ci_complete 2018-08-17 10:22:31 -07:00
Nathaniel Case
b56639447f
Replace missing become: yes (#44312) 2018-08-17 12:50:04 -04:00
Alex Stephen
0c0fce7532 New GCP Module: gcp_compute_vpn_tunnel (#44051) 2018-08-17 12:35:12 -04:00
Zhikang Zhang
501503f4cb
Allow version specifiers for pip install (#41792)
Allow version specifiers for pip install.
2018-08-17 11:46:53 -04:00
Adam Miller
6d95624c22 Refactor yum and dnf, add feature parity (#43621)
* Refactor yum and dnf, add feature parity

Signed-off-by: Adam Miller <admiller@redhat.com>

* remove unnecessary module_utils, move the classes into the module code

Signed-off-by: Adam Miller <admiller@redhat.com>

* remove yum -> yum4, out of scope

Signed-off-by: Adam Miller <admiller@redhat.com>

* use ABCMeta

Signed-off-by: Adam Miller <admiller@redhat.com>

* re-arrange run() caller vs callee

Signed-off-by: Adam Miller <admiller@redhat.com>

* make sanity checks happy

Signed-off-by: Adam Miller <admiller@redhat.com>

* fix yum unit tests

Signed-off-by: Adam Miller <admiller@redhat.com>

* remove unecessary debug statements, fix typo

Signed-off-by: Adam Miller <admiller@redhat.com>

* fix licensing and attribution in yumdnf module_util

Signed-off-by: Adam Miller <admiller@redhat.com>

* include fix from PR 40737

original commit 5cbda9658a
original Author: Strahinja Kustudic <kustodian@gmail.com>

yum will fail on 'No space left on device', fixes #32791 (#40737)

During the installing of packages if yum runs out of free disk space,
some post install scripts could fail (like e.g. when the kernel
package generates initramfs), but yum would still exit with a status
0.  This is bad, especially for the kernel package, because it makes
it unable to boot.  Because the yum module is usually used for
automation, which means the users cannot read every message yum
prints, it's better that the yum module fails if it detects that
there is no free space on the disk.

Signed-off-by: Adam Miller <admiller@redhat.com>

* Revert "fix licensing and attribution in yumdnf module_util"

This reverts commit 59e11de5a2a6efa17ac3f0076bb162348c02e1bd.

* move fetch_rpm_from_url out of yumdnf module_util

Signed-off-by: Adam Miller <admiller@redhat.com>

* fix the move of fetch_rpm_from_url

Signed-off-by: Adam Miller <admiller@redhat.com>
2018-08-17 11:15:11 -04:00