* aws integration tests - provide an IAM policy that can be used for running them
* move documentation of aws policies into main integration testing documentation + some updates there
* Update testing_integration.rst
Edits
CVE-2017-7481
Lookup returns wrap the result in unsafe, however when used through the
standard templar engine, this does not result in the jinja2 environment being
marked as unsafe as a whole. This means the lookup result looses the unsafe
protection and may become simple unicode strings, which can result in bad
things being re-templated.
This also adds a global lookup param and cfg options for lookups to allow
unsafe returns, so users can force the previous (insecure) behavior.
* Added test for 'RETURN' field in validate-modules
* print the field being tested.
Useful when the RETURN structure is complex.
* Fixed schema after CI traceback fail
* Fixed list_string_types
* Fixed line in 319 code for RETURN
* Big testing doc refactor
* Combine all the testing documentation in to one place to make it easier to find
* Convert everything to RST
* Create testing_network guide
* Create testing landing page
* For each section detail "how to run" and "how to extend testing"
* More examples
* Lots more detail
* Document deprecation of fetch module validate_md5 and update --tags merging deprecation
Update the default of --tags merging config option to merge by default
* Update CHANGELOG.md
Minor edit
This setting allows us to reference jinja2 and python stdlib docs
via docutils refs instead of hardcoding urls.
Fixes#18039
Remove extraneous sphinx config
* Add example task succeeding when RC is non-zero
I added an example on how to use the return code to decide yourself
what is considered a failure.
This might have helped for #23679.
* Use diff as example command, instead of robocopy
* Windows: Add Windows Subsystem for Linux documentation
As discussed during the Windows Working Group meeting we do want
documentation on running Ansible on Windows as it may help grow
the Windows/Ansible community and does work out-of-the-box.
However we do take care to emphasize that WSL is not fit for
production use.
* Update intro_windows.rst
Edits for mechanics and clarity.
The Python3 dev doc is more general than just modules
* Rename it to make that obvious.
* Move generally applicable Python3 information to the Controller section
* Add a Py3/Py2 section on formatting strings
* Fix code-blocks to highlight as python
* Enhance python3 support page
* Add Python3/Python2 compat note
Due to the number of "real world" caveats in the current runas become method, it was agreed that we'd warn that it's experimental on use. A potential future version based on LogonUser/CreateProcessAsUser will have very different requirements and limitations.
* fix 'sequence' lookup shortcut syntax and documentation
* Update playbooks_loops.rst
Minor edits for grammar and clarity.
* Update playbooks_loops.rst
Another tweak for clarity.
* Updated 2.4 roadmap for final publish
* Update ROADMAP_2_4.rst
* Remove "code refactor and unit tests"
This is just technical debt work, and not note-worthy for the roadmap
* Update ROADMAP_2_4.rst
* Update ROADMAP_2_4.rst
* Update module_utils.six to latest
We've been held back on the version of six we could use on the module
side to 1.4.x because of python-2.4 compatibility. Now that our minimum
is Python-2.6, we can update to the latest version of six in
module_utils and get rid of the second copy in lib/ansible/compat.
* cloudstack: fix connection by ENV vars and configs overloading
* cloudstack: pep8 cloudstack module_utils
* cloudstack: allow api_url to be set in ini config
* docsite: explain ENV vars support as written in python-cs for ansible
Changes to the metadata format were approved here:
https://github.com/ansible/proposals/issues/54
* Update documentation to the new metadata format
* Changes to metadata-tool to account for new metadata
* Add GPL license header
* Add upgrade subcommand to upgrade metadata version
* Change default metadata to the new format
* Fix exclusion of non-modules from the metadata report
* Fix ansible-doc for new module metadata
* Exclude metadata version from ansible-doc output
* Fix website docs generation for the new metadata
* Update metadata schema in valiate-modules test
* Update the metadata in all modules to the new version
Raise the bar for module `DOCUMENTAION`
This validator update was used to find the issues in https://github.com/ansible/ansible/pull/22297/files
**Validation**
* Updated Validation and docs to enforce more (items fixed in https://github.com/ansible/ansible/pull/22297/files)
* Use `suboptions` to document complex options
* Validate module name
* Validate deprecated modules have correct ANSIBLE_METADATA
**Module Documentation Generation**
* Document `suboptions:` Example https://gist.github.com/gundalow/4bdc3669d696268328ccc18528cc6718
* Tidy up HTML generation (valid HTML, no empty lists, etc)
**Documentation**
* Clarify the steps for deprecating a module
* Use correct RST headings
* Document `suboptions:` (options)
* Document `contains:` (returns)
**Details**
The aim is to get this (and corresponding module updates) complete by the time `devel` becomes `2.4`, as this allows us to raise the bar for new modules
Example `suboptions` https://gist.github.com/gundalow/4bdc3669d696268328ccc18528cc6718
The aim is to get this PR integrated into `devel` *before* we branch `stable-2.3`, this will allows us to:
* Raise the bar for new modules in 2.4
* Ensure the generated module documentation for 2.3 and higher is improved, important as we will be doing versioned docs moving forward.
The existing examples in the "Gotchas" section were rather simple. Expanded upon those to add some additional clarity around how the quoting in YAML works.
* Added example of referring to AWS-credentials
.. when they're stored in variables. Spent few hours trying to figure out why credentials from vault/variables were not used.
* Update guide_aws.rst
Edited for grammar.
* inventory: test 'all' & 'ungrouped' groups created by default
* Mention default groups 'all' & 'ungrouped'
* Update intro_inventory.rst
Minor grammatical edit.
This commit also adds a new test script (ansible-var-precedence-check.py in code-smell/)
to provide us with another line of defense against precedence bugs going forward.
The precedence docs state that the INI vars have a lower precedence than group/host
vars files for inventory and playbooks, however that has not been the case since 2.0
was released. This change fixes that in one way, though not exactly as the docs say.
The rules are:
1) INI/script < inventory dir < playbook dir
2) "all" group vars < other group_vars < host_vars
So the new order will be (from the test script mentioned above):
8. pb_host_vars_file - var in playbook/host_vars/host
9. ini_host_vars_file - var in inventory/host_vars/host
10. ini_host - host var inside the ini
11. pb_group_vars_file_child - var in playbook/group_vars/child
12. ini_group_vars_file_child - var in inventory/group_vars/child
13. pb_group_vars_file_parent - var in playbook/group_vars/parent
14. ini_group_vars_file_parent - var in inventory/group_vars/parent
15. pb_group_vars_file_all - var in playbook/group_vars/all
16. ini_group_vars_file_all - var in inventory/group_vars/all
17. ini_child - child group var inside the ini
18. ini_parent - parent group var inside the ini
19. ini_all - all group var inside the ini
Fixes#21845
* Add role skeleton support
The default role skeleton used by ansible-galaxy is good, but it doesn't
allow organizations to customize it to suit their needs. This patch
addresses that by adding the option to point ansible-galaxy at a
role skeleton directory. The contents of this directory are then
copied (or rendered) into the output role directory. Appropriate
command line options and configuration entries are added to allow for
further customization from the role skeleton.
* Remove dependency on platforms list from test
Platforms are no longer provided to the template by galaxy init.
Removing the code in our test meta/main.yml template that relied on it.
* Fix whitespace issue
* Fixes passlib example in FAQ to reduce the number of rounds to 5000
As stated in issue #15326, the default number for glibc is 5000, where
the default for passlib is 656000.
I actually found out when I spend few hours trying to understand why
ansible was taking almost x3 the time to run a playbook when using a
user with sudo and password (comparared to sudo with NOPASSWD set).
Well, it was because the user was created using ansible and the passlib
example found in the docs' FAQ.
Reducing the numbers of rounds to 5000 will ensure a better experience
with ansible for newcomers when using sudo with a password.
* Fixes passlib example in FAQ to reflect the API changes in passlib 1.7
Method encrypt() was deprecated in 1.7 and renamed to hash(), which
happened almost a year ago.
https://passlib.readthedocs.io/en/stable/lib/passlib.ifc.html#passlib.ifc.PasswordHash.encrypt
* Remove assemble from list of windows modules, but advise you can delegate appropriate modules to localhost. Try to fix list of usable on windows modules to appear as a list instead of on one line.
* Update intro_windows.rst
Minor edit
I have from time to time a need of random password without
wanting to write them down (one example is mailman list creation,
that requires a password to be given to be sent to the list owner).
But using /dev/null do not return null, but the empty string, which
doesn't generate a password at all and so do not achieve my use case.
Move to using a requirements.txt to install the python packages.
This makes it easy to keep the documentation and actual package
dependencies in sync.
Fixes#18453
* WIP Partners guide for adding multiple modules
* WIP
* WIP
* WIP
* WIP
* WIP
* HACK
* Revert hack
* Brian's feedback
* Remove squash notes
* Minor tidyups
* Unit & Integration tests (& minor tweaks)
* Details about Unit tests
* As we are about to feature freeze on Ansible 2.3 remove the notes about Ansible 2.4 and py2.4.
* Module names should be in the singular
* Scot & Dylan's feedback
* 5 PRs at once. Remove FIXMEs
* Formatting
* How to use Git & GitHub
* directories are in category & topic
* Expectations of Module authors
* Better wording for module author's responsibilities
* How to document your module
* Remove blank lines
* note:: Versions should be strings
* requirements on the host that executes the module.
* option names & option values
* Feedback
* formatting
* Scott's final feedback
The list of ignored by default extensions is outdated in doc for dynamic
inventories, and this option is completely missing from configuration
file overview.
* Initial version of aos_ip_pool module
* Add examples for IP Pool
* Break down ip_pool into smaller function
* Refactor do_load_resource
* Add get_display_name_from_file
* Add ‘src’ as an option to load ip pool from JSON file
* Rename directory network/apstra to network/aos
* Remove exception handling temporary
* Remove all ‘Exception as XX’ to be python 2.4 compatible
* Replace ‘== False’ with ‘is False’ for PEP8 Test
* Update documentation to be Yaml compatible
* Lisg all method imported from module_utils.aos
* Refactor to align with collection.find() changes
* Update examples by @gundalow’s recommendations
* Update Documentation per @gundalow’s recommendations
* Change the license per @gundalow recommendation
* Add exception handling for get_aos_session
* Change Auth format and add check_aos_version() to check minimum version
* Add a check for minimum version
* Refactor ‘src’ into ‘content’ to allow more options
Remove get_display_name_from_file in aos.py
Add content_to_dict in aos.py
* Fix variable name in do_load_resource
* Add mention of aos.py in module_utilities doc
* Add try/except for import yaml
* Add try/Except around main block of code and function
* Refactor to auto detect content_format, update doc accordingly
* Change create_new_ip_pool inputs
* Remove unused import
* Remove in_use as it’s never used
* Fix doc format
* Add version number in requirement doc
* added docs for vault and made trigger shorter: !vault
* added single var valuting
* Update playbooks_vault.rst
Edit pass for spelling and grammar. Ship it!
* Update playbooks_vault.rst
Typo fixes.
* Make the module_utils path configurable
* Add a config value to define the path site module_utils files
* Handle module_utils that do not have source as an error
* Make an integration test for module_utils envvar working
* Add documentation for the ANSIBLE_MODULE_UTILS config option/envvar
* Add it to the sample ansible.cfg
* Add it to intro_configuration.
* Also modify intro_configuration to place envvars on equal footing with
the config options (will need to document the envvar names in the
future)
* Also add the ANSIBLE_LIBRARY use case from
https://github.com/ansible/ansible/issues/15432 so we can close out
that bug.
* Revamping module development docs - work in progress
* Refurb of developing modules content continues.
* Developing modules refurb work continues
* Continued refurb of developing modules content. Work-in-progress.
* Ibid
* Dev guide content refurb continues - WIP
* Ibid.
* Removed reference to old extras module repo
* Tweaks
* Removed some non-intro material; added link to github module PRs.
* Incorporated review feedback from @gundalow and @tkuratomi; fixed some links; renamed '*contributing' to '*checklist'
* build-site.py is no longer used, remove
Replacement is using the standard sphinx-build script.
Makefiles already use that, but standalone use of
build-site.py is no longer needed.
* build.sh no longer used in docs build
* Deprecate ec2_vpc module
The deprecation of ec2_vpc module has been discussed for
2 years and is causing duplication of effort as changes
are implemented for ec2_vpc rather than for the newer
alternatives
* Improve module deprecation documentation
Update the developing modules documentation with the latest
instructions on how to deprecate a module.
* cleanup to reflect current builds
* consolidate templating docs and minor rewording
* new templating intro page
* fixed warnings as per feedback
* Update playbooks_filters.rst
Edited for clarity.
* Update playbooks_templating.rst
Light edits
Replace docs build-site.py with default-ish sphinx build
This seems to speed up docsite build _alot_.
The Makefile.sphinx is the sphinx-quickstart generated makefile with a few changes.
The CPUS env var or 'nproc' output is used for the number of cpus passed to 'sphinx-build -j'
Because we add the names of all filters to the callable whitelist used
by safe_eval, adding a filter named type makes it so code calling "type()"
gets eval'd. We can't think of a way to exploit this but it's
sufficiently sketchy that we're renaming it in case someone smarter than
us can think of a problem.
Instead of asking the user to type something prior to running the script, why not allow -Verbose on the command line directly.
Also log important events to EventLog, so that it can be traced e.g. when running via RunOnce mechanism.
The documentation is updated as well.