* Use locking for concurrent file access
This implements locking to be used for modules that are used for
concurrent file access, like lineinfile or known_hosts.
* Reinstate lock_timeout
This commit includes:
- New file locking infrastructure for modules
- Enable timeout tests
- Madifications to support concurrency with lineinfile
* Rebase, update changelog and tests
We need to specify ansible_python_interpreter to avoid running interpreter discovery and selecting the incorrect interpreter.
Remove the import of lock in known_hosts since it is not used.
* Fix service integration test python selection.
* Clean up source in ansible_test_service.
* Rename script to include in python tests.
* Make shebang templating sanity friendly.
* Fix checksum.
* Use realpath of python to avoid selinux issues.
* Add to_ipv6_subnet function
* Use the correct function for subnet
* Corrected code style and tests
* Corrected testcase assertion
64 bits make 8 octets, or 4 hextets
* Import from correct module directly
* Added support for types parameter
- Parameter is used to specify multiple network types
* Fix documentation
* Apply suggestions from code review
Co-Authored-By: kbreit <kevin.breit@kevinbreit.net>
* Reworked type parameter to be a list so types isn't needed
* Re-add tags documentation
* Fix documentation around compatibility
* Convert tags to list from string
* Add changelog fragment
* Add support for multiple IPv6 addresses in nxos_l3_interface module
Cisco support multiple IPv6 addresses on each interface but only the first
IPv6 is considered by this module. There is no impact on the configuration
but the module is not idempotent.
* Add internal support for IPv6 list
* Fix module idempotency
* Initialize tests for nxos_l3_interface
* Fix IPv4 removal idempotency
* Fix data extraction from nxos config
* Fix silently ignored interfaces in nxos_l3_interface
* Add warning when interface does not exist in nxos config
* Adding cnos_user module to Ansible
* Update cnos_user.py
* Adding Functional test cases and unit test cases.
* Fixing Bug found in testing with Lenovo Mars.
* Review comments incorporated
* Review comments implemented.
* Copy paste mistake
* Modify EXOS module utils to utilize 'httpapi' or 'network-cli' connection
* Changes to cliconf plugin to support 'json' or 'text' output for compatibility between network-cli and httpapi
* Add HTTPAPI plugin supportng JSONRPC and RESTCONF for EXOS
* exos_facts modify commands with run script cli2json.py to command dictionary specifying 'json' output
Load appropriate fixtures
* Update exos_config module to utilize the get_diff and get_default_flag functionality.
JSONRPC doesn't work well with pipes, regex MULTILINE
* Support for NOS agnostic 'cli_config' module by implementing 'get_default_flag' and 'get_diff' functionality
* Update Ansible Documentation regarding the connections available for EXOS
* Only update sshd_config for FreeBSD tests.
* Also skip service restart unless config changed.
* Only pip install virtualenv for macOS tests.
* Also add retries and disable pip version check.
* Fix indentation.
* Reduce noise during remote instance setup.
* Refactor and clean up pip install.
* Decrease verbosity of commands.
* Remove unnecessary package install.
* nxos_interfaces_ospf: fix passive-interface states & check_mode
This fix addresses issues #41704 and #45343.
The crux of the problem is that `passive-interface` should have been treated as a tri-state value instead of a boolean.
The `no` form of the command disables the passive state on an interface (allows it to form adjacencies and send routing updates). It's essentially an override for `passive-interface default` which enables passive state on all OSPF interfaces.\*
This `no` config will be present in `running-config`.
\**See `router ospf` configuration.*
Since both enable and disable states are explicit configs, the proper way to remove either of these is with the `default` syntax.
Passive-interface config syntax:
```
ip ospf passive-interface # enable (nvgens)
no ip ospf passive-interface # disable (nvgens)
default ip ospf passive-interface # default (removes config, does not nvgen)
```
Code changes:
* `passive_interface` param changed from boolean to string, restricted to `true`,`false`,`default`.
* Several passive-interface specific checks were added because the existing module logic tends to test for true or false and doesn't handle the None case.
* Fixed `check_mode`.
Sanity verified on: N9K,N7K,N3K,N6K
* Fix doc header
* Unit tests for passive-interface
* doc fix#2
* Fix indent for SA
* Remove 'default' keyword, restore bool behavior
* remove changes to sanity
When using before and after in combination, the opposite behavior was induced. This PR makes the the replacement happen between the specified patterns as intended.
* Added integration tests
* Add changelog, porting guide entry, and minor doc fixes
* Removed required_together, updated tests
Since required_together: privatekey_path -> friendly_name, is not always
required it has been removed.
Updated openssl_pkcs12 integration tests to be in line with other
openssl_* modules, and added a test for export with no privatekey_path.
* linter fixes
* Removed cryptography from tests
* Added changelog fragment
* Removed non-necessary select_crypto_backend
* fix AWS plugin credential precedence for environment variables
* Allow aliases in direct plugins options
Consolidate precedence fix just in the doc fragment using aliases for mismatched options
* Access options with the option name rather than alias
* fix indentation
* update unit tests
* Improve readability
* Adding networks_cli_compatible option.
* Move network tests into own test file.
* Extend tests (for networks_cli_compatible=no).
* Adding tests for networks_cli_compatible=yes.
* There seems to be no way to create a container without at least one network attached.
* Integrate networks / purge_networks with comparisons.
* Speed up tests.
* Removing double dot.
* Add changelog.
* Use comparisons value only if the networks option has been specified. purge_networks on the other hand also removes networks if it has not been specified.
* add missing integration tests for postgresql_schema module
* add missing integration tests for postgresql_schema module
* postgresql_schema: add CI test with function in module from #54237
* postgresql_schema: add CI test with function in module from #54237
* add DROP SCHEMA test with check_mode=yes #54185
* Add the constructed config with legacy settings enabled to match the script
* Add interesting characters in tags and security group names
* add strict to config
* Add a stopped instance in inventory
* Create symlinks in the test
* Add reservation details to mock
* run script and plugin with a virtual env
* call the script with ansible-inventory
* Fix code coverage collection.
* Add write helper.
* Adjust modules (except openssl_certificate).
* Adding tests for mode (with openssl_privatekey).
* Add openssl_certificate support.
* Never, ever remove the output file before actually trying to generate new content for it.
Removal is only allowed when state=absent, or when the object has been regenerated and the result needs to be written to that place.
* Add changelog.
* Extend test.
* Add documentation for tags and network access
* Documentation changes from dag and sam
* Change examples to include proper YAML and not dict
* Update lib/ansible/modules/network/meraki/meraki_admin.py
Co-Authored-By: kbreit <kevin.breit@kevinbreit.net>
Announcements taken from https://github.com/ansible/community/wiki/RelEng:-ReleaseProcess
and then cleaned up:
* Update issue reporting blurb from feedback from acozine and gundalow
* Add a subject and to line for email output
* Ignore long line tests on the jinja templates (as jinja doesn't give
enough control to get rid of newlines when text wrapping)
* Skip shebang and compile tests for older pythons since this is a
release engineer-only script. (ok'd by mattclay)
* New cryptography backend for openssl_certificate
load_* functions in module_utils/crypto.py now have a backend paramter
which when set to 'cryptography' will return cryptography objects so
they can be used for both pyopenssl and cryptography backends.
Added a select_message_digest function too returning a cryptography
digest hash from `cryptography.hazmat.primitives.hashes`
Added new classes for Cryptography backend
* Run test with various backends.
* Prefixing tests.
* Make sure we have the correct backend available.
* Linting (flake8).
* Moved cryptography import to separate try/except
* Make sure certificate is actually valid at some time in the past.
* Improve error handling.
* Trying to fix validation for cryptography backend.
* Fixed issue with keyUsage test in assertonly
* Fixed CI/Lint issues
* Fix private key problem for OwnCA.
* Cryptography backend doesn't support v2 certs.
* issue an expired cert with command when using cryptography backend
* Added warning when backend is auto and v2 cert is requested
* Bumped min cryptography version to 1.6
* Correctly check for failure when backend is cryptography and cert is v2
* Use self.backend where possible
* Use secp521r1 EC when testing on CentOS6
* Fixed pylint issue
* AcmeCertificate support for both backends
* Review fixes
* Fixed missing '(' when raising error
* Fixed date_fmt loop
* Updated docs and requirements with cryptography
* Add openssl_certificate to changelog.
Fixes#40060
* Fix coding style errors
* Use CONNECTION LIMIT (no underscore)
* From review done by amenonsen and bcoca - Set default at None, make the change detection less confusing
* Added EXAMPLE on how to apply a database specific connection limit
* Added some basic tests for conn_limit applied to a database
* Check that conn_limit has actually been set / updated to 200
* Add changelog fragment regarding postgresql_db conn_limit parameter
* Add Bitbucket pipelines variable module
* Add tests
* Remove parameters check for `absent` state
* Update version_added documentation field
* Minor fixes
* A few additional cosmetic changes
* Move to source_control
* Rename lib/ansible/modules/source_control/bitbucket_pipelines_variable.py to lib/ansible/modules/source_control/bitbucket/bitbucket_pipelines_variable.py
* Reflect directory change
* Move these imports as well
* Rename 'key' parameter (API) to 'name' (GUI)
* Add missing __init__.py files to mark modules
* Rename module (pipeline should be singular)
* Adjust module references and variable names after renaming
* cs_volume: add volumes extraction and upload features
* cs_volume: Update doc, remove deprecated code
* cs_volume: Add unit tests for extract and upload features
* Force tests to set ansible_python_interpreter.
This avoids use of interpreter discovery unless tests opt-in to using it.
Avoiding interpreter discovery helps avoid selecting the wrong interpreter for tests.
* Prevent use of global inventory in tests.
This will avoid issues with tests picking up global inventory
instead of using implicit localhost as intended.
* Require hosts to exist in inventory for tests.
This will prevent tests from unintentionally passing
when hosts are not found in inventory. Does not prevent
the use of implicit localhost.
changing status option to statuses in the documentation
Adding choices to the argument spec to match the documentation from AWS.
Adding 'REVOKED', 'FAILED' to statuses documentation to match implementation.
Removing E322, E323 ignores for aws_acm_facts
* Move check_type_str() out of basic.py
* Move check_type_list() out of basic.py
* Move safe_eval() out of basic.py
* Move check_type_dict() out of basic.py
* Move json importing code to common location
* Move check_type_bool() out of basic.py
* Move _check_type_int() out of basic.py
* Move _check_type_float() out of basic.py
* Move _check_type_path() out of basic.py
* Move _check_type_raw() out of basic.py
* Move _check_type_bytes() out of basic.py
* Move _check_type_bits() out of basic.py
* Create text.formatters.py
Move human_to_bytes, bytes_to_human, and _lenient_lowercase out of basic.py into text.formatters.py
Change references in modules to point to function at new location
* Move _check_type_jsonarg() out of basic.py
* Rename json related functions and put them in common.text.converters
Move formatters.py to common.text.formatters.py and update references in modules.
* Rework check_type_str()
Add allow_conversion option to make the function more self-contained.
Move the messaging back to basic.py since those error messages are more relevant to using this function in the context of AnsibleModule and not when using the function in isolation.
* Add unit tests for type checking functions
* Change _lenient_lowercase to lenient_lowercase per feedback
* #50877:
* add support to postgresql_privs to use "FOR { ROLE | USER } target_role"
in "ALTER DEFAULT PRIVILEGES"
* fix sanity errors
* #50877: fix documentation and add a check for correct usage
of target_roles
* #50877: fix missing absent option for default privs with target_role
* #50877: add clear description, when target_roles can be used
* #50877: fix conflicts, formatting, and add a changelog fragment
* #50877: fix sanity error E335
* #50877: swap conditions and fix error to warning msg
* #50877: add tests for default privileges
* #50877: fix tests for default privileges
* #50877: fix tests for default privileges on centos 6
* * `reconcile_candidate()`
* old code searched the ip route configs for a given prefix+nexthop and then tried to remove the route based on prefix+nexthop only; this would fail when a static route was configured with `track` values.
* new code still looks for prefix+nexthop but uses the route config it finds on the device to remove it; e.g.
* search for: `ip route 192.168.20.64/24 192.0.2.3`
* find: `ip route 192.168.20.64/24 192.0.2.3 track 1 10`
* remove: `no ip route 192.168.20.64/24 192.0.2.3 track 1 10`
* logic cleanups:
* old code did a `show run` for every prefix. This can be a lot of data when there are large configs.
* new code uses filters to only return the static route configs.
* The filters now allow a common code path so no need for default vs vrf code paths
* `sanity` test: 100% Pass rate on N9K,N7K,N6K,N3K
- Bugfix Pull Request
`nxos_static_route`
* filter() does not return a list with python3
`filter()` was breaking pytest when it ran with python3, since it returns
an iterable instead of a list with python3.
Found that I didn't really need `filter()` anyway so just removed it
* restore var names /w/want/
The unstable alias wasn't intended for slow but otherwise stable
tests. However, the alternatives are to either dedicate an entire
test group to this one test or mark it unsupported.
Marking it unstable at least permits the test to run when changes
are made to the integration test or the module itself, which is
better than not running the tests at all.
* [WIP] Additional DevTest Lab modules
* updates
* try global schedule again
* dtl schedule
* try full dtl schedule test
* fixing schedule
* fixed problem
* another fix
* fixed test
* different time format
* fixed absent state
* test policy idempotence
* more updates
* updated devtestlabpolicy
* fixed syntax
* updated dtl policy test
* updated image id
* fixed test
* fixed bug
* fixed bugs and docs
* fixed bug
* + small cleanup
* reenabled tests but disabled leaking tests
* disabled test
* Mention Docker SDK for Python instead of docker-py / docker.
* Docs fixes.
* Add myself as docker_container author.
* Use array syntax for running command.
* Break long lines.
* Avoid failure when docker_version is None.
* Improve docker-py vs. docker note in requirements.
* Canonicalize Docker SDK for Python upgrade instructions.
* Split long line.
* Make it clearer which hostnames are meant.
* Adding cnos_system module to Ansible.
* Adding UT, Functional test required for cnos_system. Bugs came up are fixed
* Adding more files to the cnos_system suit.
* Fixed another problem where `group-timeout` was processed before `ip igmp snooping` was enabled
* `sanity` playbook:
* N6K: `show ip igmp snooping | json` succeeds on the device but doesn't return any data in body; added a skip to the sanity playbook to keep it out of CI
* Added a setup task to do initial cleanup on the device
* initial commit
* fix execute and \r\n
* \r attempt 2
* updated with integration tests and using new csharp import
* Apply suggestions from code review
Co-Authored-By: rcanderson23 <rcanderson23@gmail.com>
* fixed small docuement inaccuracies wrt returns
* removal of state in feature result
* removal of rc
* small fixes suggested in code review
* fixed variable assigning to result
* addition of comments on conditionals for clarity on matching
* swap logic of check_mode
* set $reboot_required so it is always returned
* removal of extraneous return information
* addition of integration tests
* set installation of parent features to true
* remove 2008 from tests
* changed test for TelnetClient from NetFx3
* change of tabs to spaces
* Add test check for OS version
* Remove nose from unittests
This PR migrates the last of our unittests from using nose to using
pytest. We don't need to install nose in our testing environments
anymore
* Use local dummy repo for flatpak_remote integration tests
* Excludes versions of Ubuntu older than 16.04 from tests
Since there are no flatpak packages available for these Ubuntu versions
* Adds handler that removes temporary symlink
Adds variable types to docs
Refactors unit tests to remove deprecated parameters
Adds missing Return values to documentation
Removes deprecated modules unit tests
adds ha order, ha group and ha load as failover types
refactors main() function and module manager to accomodate new patterns
updates docs
refactors unit tests
Refactors main() function and module manager in multiple modules in line with recent changes
Adds variable types to docs
Refactors unit tests to remove deprecated parameters
* Revert "changes to clusteR"
This reverts commit 33ee1b71e4bc8435fb315762a871f8c4cb6c5f80.
* Revert "changes to clusteR"
This reverts commit 33ee1b71e4bc8435fb315762a871f8c4cb6c5f80.
* Revert "Revert "changes to clusteR""
This reverts commit f1104a37b42886aebb4d2b2ab27c91c96d97858a.
* Revert "Revert "changes to clusteR""
This reverts commit f1104a37b42886aebb4d2b2ab27c91c96d97858a.
* documentation changes
* Revert "documentation changes"
This reverts commit 02c369d0414fdff492d90865c903bdade3174261.
* Issue with port being removed and added on modify
* adds function to do version checks for bigiq
* adds version limitation to bigiq application modules
Refactors main() function and module manager in multiple modules in line with recent changes
Adds variable types to docs
Refactors unit tests to remove deprecated parameters
* win_dns: Initial work
* win_dns: initial commit
* Renaming win_dns -> win_dns_record
* win_dns_record: Fix record leakage in output
* win_dns_record: Fix erroneous minimums enforcement
It is apparently completely legitimate to specify a TTL that is below
minimum; it will just get ignored in favor of the server's minimum.
* win_dns_record: Fix new-host changes reported incorrectly
* win_dns_record: Fix TTL changes reported incorrectly
* win_dns_record: Fix existing records not recognized
* win_dns_record: Remove obsolete object
* Refactorize check mode
* Add computer_name parameter
* Refactorize diff and changed to read DNS end state
* Fix pslint tests PSUseDeclaredVarsMoreThanAssignments and PSAvoidUsingCmdletAliases
* Minor fix, misnamed variable.
* win_dns_record: Fix "changed" state in check mode
* win_dns_record: cleanups
* win_dns_record: fix TTL update not changed regression
* Add initial integration tests
* win_dns_record: integration tests
* win_dns_record: Reverted 9cf5f2d8e6507cf477ab9e7ca166b1857169d6b5
The approach from that commit breaks check mode.
* win_dns_record: de-scope some records
These are either esoteric (meaning limited realworld testing)
or require additional thought to do properly (eg MX, which
has its "priority" level).
* win_dns_records tests: Ensure DNS services are installed
* Update lib/ansible/modules/windows/win_dns_record.py
Co-Authored-By: johnboy2
* Update lib/ansible/modules/windows/win_dns_record.py
Co-Authored-By: johnboy2
* Aggregated suggestions from dagwieers
* Fix bad powershell test argument
* win_dns_record partially converted to new Powershell module interface
win_dns_record converted to new Powershell module interface, except diff
and required_if
* win_dns_record: convert diff support
* win_dns_record: convert diff support to after-before style
* Don't test for Add-WindowsFeature
* win_dns_record: Fix diff
When check mode is used diff changes must be simulated.
* Style consistency/clean-ups
* Fix integration test typos
* Improve readability of diff output
The original intention of the diff output was to resemble zone file records
(except that the zone-name is added onto each record). In that light, the
missing *record class* information (always "IN" in our case) was an oversight.
This just makes the diff output more "instantly readable" for DNS gurus.
* win_dns_record: Add diff tests
* Fix ansible-test sanity check fails
* Apply suggestions from code review
Added suggestions from dagwieers
Co-Authored-By: johnboy2 <john@jnelson.ca>
* win_dns_record: Skip 2008 and friends
* Reword error messages so they start capitalized.
* Fix sanity error
* win_dns_record: Document ttl range
* win_dns_record: Additional supportability barriers in tests
* win_dns_record: Typo
* win_dns_record: Sanity fix
* win_dns_record: Use OS-test only for compat checking
* Moving comparision functions to compare.py from common.py
* Refactors main() function and module manager in multiple modules in line with recent changes
Adds variable types to docs
Refactors unit tests to remove deprecated parameters
* Moving comparision functions to compare.py from common.py
* fixes issue with data group elements containing IPs with Route Domains
refactors main() function and module_manager to accomodate new patterns
updates doc variables
Refactors main() function and module manager in multiple modules in line with recent changes
Adds variable types to docs
Refactors unit tests to remove deprecated parameters