This fix adds a verbose message about non-existent VM when specified
with operation, due to idempotency we can not detect correct state.
Fixes: #27384
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* When using private networking the ip_address key contains the private ip.
Add the following info to module output when available:
- private_ipv4_address
- public_ipv4_address
- private_ipv6_address
- public_ipv6_address
* ACI: Change result output as discussed
* Update all modules to use new aci.exit_json()
* Update output_level spec and docs
* Fix integration tests
* Small PEP8 fix
* Asorted fixes to tests and aci_rest
* More test fixes and support for ANSIBLE_DEBUG
* Fix another PEP8 issues
* Move response handling inside ACI module
* Reform of ACI error handling and error output
* Diff multiline json output
* Fix a few more tests
* Revert aci_bd tests
* Small correction
* UI change: existing->current, original->previous
* UI change: config->sent
* Update all modules with RETURN values
* Fix a few more tests
* Improve docstring and add 'raw' return value
* Fix thinko
* Fix sanity/pep8 issues
* Rewrite unit tests to comply with new design
* Remove redundant default for target_paths
* Make invalidation requests idempotent
* Remove redundant exception handling around boto3_conn
* Add cloudfront_invalidation to the changelog
* ACI: Implement aci.boolean() to return an ACI boolean
A boolean value in ACI is not always standardized to yes/no.
Sometimes we have active/inactive, or enabled/disabled
Whereas the interface we want is a true YAML boolean.
We did not modify enabled/disabled values at this time.
I first want to determine if this implementation is acceptable.
* Support enabled/disabled as well, with deprecation messages
* Fix typo
* Fix PEP8 issue
* Ensure the aci object exists before using it
* Add comment to ensure this gets fixed in v2.9
* Fix typo
* Fix over-byte
* Update ios tests to call `provider`
To continue to support testing `connection: local`
* Fix command dict handling in ios_user
* Clean up unit tests, too
This change deprecates vsphere_guest in favor of vmware_guest and other
related modules.
The major reasons behind deprecation are -
- Pysphere - Unofficial Python bindings of vCenter deprecated in the year 2013.
- VMware provides official Python bindings for vCenter, which is used in vmware_guest.
- vcsim - simulator used in integration testing of vmware module does not support PySphere
APIs, which makes it more difficult to test vsphere_guest.
Please see [deprecation plan](https://github.com/ansible/community/wiki/VMware%3A-vsphere_guest_deprecation)
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Insert lines before or after when the regexp exists elsewhere in the file
* Correct filter syntax in lineinfile integration test
* Use multi-line YAML syntax on lineinfile tests
Unify indentation
* Add lineinfile tests for same line matched to different regexps
* Remove debug statement from test
* added force option to hostmacro to allow control of overwriting existing macro
* wording changes as suggested by eikef in PR 35516
* further wording changes from eikef
* added 'version_added: 2.5' to the documenation for the force option
* aci_aaa_user: Manage AAA users on ACI fabrics
* Fix module documentation
* Ensure we allow to not set accountStatus and expires
* Added aaa_password_lifetime and aaa_password_update_required support
* Improvements to integration tests in light of issue 35544
* Fix ACI ISO 8601 formatted string
* Add HAS_DATEUTIL
Add an Ansible module for VDO (Virtual Data Optimizer), a
device-mapper module that provides deduplication, compression,
and thin provisioning. This module provides the ability to create,
remove, and modify parameters on storage volumes created by VDO.
The return documentation for ios_facts used an inconsistent mix
of str and string to denote a string data type.
This patch modifies all to be "string".
* Test for include_tasks & include_role bug
Related to ansible/ansible:#21890
* Fix nested include_tasks called from role
This fixes the path of included files when you want
to call include_task inside a role's task file and this
role is itself called from multiple level of playbook include_tasks
Related to ansible/ansible:#21890
This fixes ansible/ansible:#35109
* keycloak_clienttemplate
* BOTMETA maintainership for identity/keycloak namespace
* fix superfluous blank line
* catch ValueError when trying to decode JSON
* further documentation for protocol mappers and some checks
* whitespace fixes, YAML fixes
* remove state: dump, update argument_spec and documentation with suboptions
* add documentation for realm option
* document aliases for auth_keycloak_url, auth_username, and auth_password (i.e. url, username, and password)
* remove bearer_only, consent_required, standard_flow_enabled, implicit_flow_enabled, direct_access_grants_enabled, service_accounts_enabled, public_client, and frontchannel_logout from module options.
* Handle multiple sub prompts for network_cli connection
Fixes#35349
* Check if the same prompt is repeated in consecutive window
if it is repeated it indicates there is problem with answer
provided
* In that case report error to user
* Fix CI failure
* Fixes#35349
* Add prompt_retry count to control max number of times
to expect the same prompt before it error's out
* Make required changes in ios and eos terminal plugin to handle
wrong enable password correctly and return proper error
message to user.
* Check if the same prompt is repeated in consecutive window
if it is repeated it indicates there is the problem with an answer
provided
* In that case report error to user
Fixes#33993
In current implementation while trying to fetch the
current cli prompt terminal plugin executes `\r` on remote host.
This causes if command execution results in a prompt for
example executing `enable` command results in `Password:` prompt
there by executing `\r` on password prompt which is not intended.
To fix it while fetching current prompt from terminal plugin use `get_prompt()`
api in network_cli that returns the latest matched prompt instead of
unnecessary executing `\r` on remote host.
* Add jenkins_job_facts module
* Fix docs
* Fix connection error handling
* Add support for filtering by color
* Miscellaneous code cleanup
* Spell out "underscore" in comment
* Update required state in docs
* Adding warnings.
* Forgot choices for acme_version in code.
* Removed 'errors' support again.
* For DNS challenges, also return complete record to simplify wildcard generation (see #35283).
* Also returning order URI and account URI. This is mainly for debugging purposes.
* Adding more clear separation between the two calls. Avoids problems where code during second call thinks it is during first call and doesn't stop with error, but doesn't obtain a new certificate either.
* Added validate_certs parameter.
* Actively discouraging from setting validate_certs to false.
* Fixing DNS challenge example.
* Adding new output challenge_data_dns, which simplifies DNS challenges.
1. Removed redundant default values in argument_spec
2. Enclosed non standard python libraries in Try Except ImportError block
3. Added region as a mandatory element in argument_spec
4. Updated the typo in api_params while accessing job queue. Changed it from job_queue to jobQueue
5. Updated the set_api_params() method to use snake_dict_to_camel_dict()
6. Updated the ANSIBLE_METADATA version from 1.0 to 1.1
7. Updated the version_added in Documentation from 2.4 to 2.5
8. Initialized response value to None
9. Updated the RETUN documentation
10. Updated the return from manage_state() method to not embed batch_job_queue_action in ansible_facts
11. Updated the module.exit_json() in main() to convert any keys back to snake_dict format using camel_dict_to_snake_dict to maintain consistency throughout the module
12. Changed the filename from batch_job_queue.py to aws_batch_job_queue.py
The rpc method should be exposed to the modules over the connection rpc
mechanism. This fix will expose the rpc method to call generalized rpc
endpoints on remote devices
This fixes an indention bug introduced in
45a9f96774
that was causing the virtualization_role to be set to 'host'
for many cases incorrectly.
Fixes https://github.com/ansible/ansible/pull/21621
(the issue mentioned in the pr)
* galaxy remove incorrect check for role path before extraction
Fixes#35217
Currently lib/ansible/galaxy/role.py checks roles_path and will
ignore paths that don't currently exist which it should not because
the path will attempt to be created by the role extraction process
(which is valid and expected behavior) and if unable to write at the
time of role extraction into the role_path, that error will be
handled properly at that point in the process.
Signed-off-by: Adam Miller <admiller@redhat.com>
* add test case for galaxy install with rolefile and rolepath
Verify we don't regress GitHub Issue #35217
Signed-off-by: Adam Miller <admiller@redhat.com>
* fix the integration test
Signed-off-by: Adam Miller <admiller@redhat.com>
* double quote for shellcheck glob warning
Signed-off-by: Adam Miller <admiller@redhat.com>
* fix galaxy install tests to not need remote resources
Signed-off-by: Adam Miller <admiller@redhat.com>
* make shellcheck sanity tests happy
Signed-off-by: Adam Miller <admiller@redhat.com>
* prep git global conf for running the galaxy install tests in docker
Signed-off-by: Adam Miller <admiller@redhat.com>
* move ansible-galaxy tests into their own target, make git conf non-global
Signed-off-by: Adam Miller <admiller@redhat.com>
* fix up tests based on feedback
Signed-off-by: Adam Miller <admiller@redhat.com>
* remove extra newline from aliases file
Signed-off-by: Adam Miller <admiller@redhat.com>
* Revert model and serialnum to older version
* Add stacked versions of model and serialnum as separate facts
* Add unit test to check stacked output
* Alter model regex to address #34768
Change the code and comments around recovering from a TypeError in
handling the return value from lookup plugins to make it clearer what
we're recovering from.
Enforce module deprecation.
After module has reached the end of it's deprecation cycle we will replace it with a docs stub.
* Replace deprecated modules with docs-only sub
* Use of deprecated past deprecation cycle gives meaningful message (see examples below)
* Enforce documentation.deprecation dict via `schema.py`
* Update `ansible-doc` and web docs to display documentation.deprecation
* Document that structure in `dev_guide`
* Ensure that all modules starting with `_` have a `deprecation:` block
* Ensure `deprecation:` block is only used on modules that start with `_`
* `removed_in` A string which represents when this module needs **deleting**
* CHANGELOG.md and porting_guide_2.5.rst list removed modules as well as alternatives
* CHANGELOG.md links to porting guide index
To ensure that meaningful messages are given to the user if they try to use a module at the end of it's deprecation cycle we enforce the module to contain:
```python
if __name__ == '__main__':
removed_module()
```
* Add an AWS Direct Connect virtual interface module
Fix DirectConnectError exception wrapper to be compatible with fail_json_aws()
* Fix documentation and handle BotoCoreErrors as well
* Add the aws and ec2 documentation fragments
* add purge option for secondary ip addresses and fix changed to reflect when addresses are modified
* Improve option documentation and make the secondary_private_ip_addresses option required if purging secondary private ip addresses.
* ec2_eni: update version_added to 2.5 for purge_secondary_private_ip_addresses option.
* Add aws_ses_identity module
* Update CI alias, add BotoCoreError exception handling.
* Add SES and SNS permissions to hacking/aws_config to run aws_ses_identity integration tests
* Fix edit_config multiline commands on IOS
The current code for multiline commands in IOS is broken: If you
pass a dict containing a command, prompt and answer it is seen
later as unicode string, but if you do a json.loads it fails
as the keys/values are enclosed in single quotes but JSON requires
double quotes.
Fixes#23539
* Fix pep8
* Use ast literal_eval
It's safe to use, as it is just for types and wont execute arbitrary code.
This adds a new module called vmware_vm_vm_drs_rule. This module add
affinity/antiaffinity rule for VM-VM in given cluster.
Fixes: #32109
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
Fix adds ipa host_add functionality of generating random
passwords for host enrollement. This fix also preserves the
idempotency of host_add and host_mod IPA APIs.
Fixes: #30328
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Added 'quota_id','sso', 'boot_menu', 'usb_support', 'serial_console' fields to ovirt_vms module
* always run ansible-test first
* always run ansible-test first 2
* suggested changes applied
* refactors nios api shared code to handle provider better
This change refactors the shared code to be easily shared between
modules, plugins and dynamic inventory scripts. All parts now implement
the provider arguments uniformly.
This also provides a centralized fix to suppress urllib3 warnings coming
from the requests library implemented by infoblox_client
* fix up pep8 errors
* fix missing var name
* add checking of interfaces, providing defaults or errors if required keys are not defined
* fix so that iteration of interfaces only happens if defined
* permit tagging of lambda functions
Signed-off-by: fernandoalex <jfernandoalex@gmail.com>
* changed iteritems for items and test for identity to is not
* fixed task name in example
* module object was not being passed to the function
Module object was not being passed to the funtions whitch was causing error in the error handling.
* Use compare_aws_tags
Check for attribute and fail if botocore needs to be updated
Update version_added
* Fix examples
* pep8
* Remove unnecessary var
Handle BotoCoreError
ecs_taskdefinition_facts should not populate ansible_facts with
so much information.
Better to just return the contents of the dict directly.
Reduce line lengths, use AnsibleAWSModule, don't reimplement
camel_dict_to_snake_dict.
`wait_for_instances: no` means do not wait for instances to become
InService/Healthy before terminating them. It does not mean don't
wait for the ASG to delete.
Not waiting for the ASG to delete can cause problems when recreating it.
Ensure that waiting for the ASG to delete respects `wait_timeout`.
Add `iam_user` module that supports check mode
Based entirely on `iam_group` with check mode support added.
Does not support management of groups, so as not to interfere with the
`iam_group` module.
* Update the copyright
* Remove e.message from exception handling since it is not available on python 3
* New aws_region_facts module to be able to get facts from AWS regions
* Fix copyright
Handle BotoCoreError too
Remove exception handling around around boto3_conn
Fix docs
Fix version_added
* Update metadata_version
Fix return doc
* Adding new code for new module and new module_utils with the pip pyfmg package
* Changed login and logout functionality and renamed mod_utils file as well as cleaned up PEP8 syntax
* Removing extra Ansible parameters and fixing more syntax issues
* Fixing more syntax issues and comparing against previous FTNT script module
* Changing import location to pass syntax checks
* Fixing pylint errors
* Removing test files
* Add unit tests and enabling a login session check within main in order to throw error if network connection exception
* Fixing syntax issues for adding unit tests
* Changing case for pip package requirements
* adding comments
* adding version restriction on pip package for testing
* adding version restriction on pip package for testing
* More comments
* Fixing documentation errors and add the ability to skip a test if it isn't present
* Fixing Pep8 error with whitespace (tab) in the row
Do not assume that all exception constructors accept a single string
argument. For example UnicodeError's __init__ takes 5 parameters:
encoding, object, start, end, reason.
Also, if e.message is present but empty, fall back on stringifying
the exception occurrence.
Fixes#35270
* Add transfer checksum verification in copy module, to ensure that the file was transferred to the remote successfully. Fixes#35029
* Guard on no checksum
* Add version_added
* New module: ec2_vpc_egress_igw
* minor pep8 fix and doc update
* add test dir and files
* add tests for gateway module
* fix up return documentation per review
* remove HAS_BOTO3 stuff as it is handled in AnsibleAWSModule per review
* fix an error with failure message and add custom handler for non-existent vpc ID
* add additional tests and update tests per review
* ignore errors on clean up tasks
* update module copyright to newer format
* fix exception handling since BotoCoreError doesnt have response attribute
* actually fix exception handling this time so it works with Py3 as well
* add functionality to create thin pool / volume on Linux LVM to lvol module
add `thinpool' parameter.
change `lv' parameter to not required.
To create thin poll, specify `thinpool'(, `vg' and `size') parameter and omit `lv' parameter.
It will create thin pool, nameed by `thinpool' parameter.
To create thin volume, specify both `thinpool' and `lv' parameter (also `vg' and `size' paramter is need).
It will create thin volume on `thinpool' pool, named by `lv' parameter.
Thin volume and pool can delete whith 'state=absent' parameter.
Thin volume is resizable like normal volume.
Thin pool can extend, but not reduce. This limitation is in Linux's LVM.
* Add thin volume support
- Based on f816618
- Indicate that either lv or thinpool are required parameters using
AnsibleModule's required_one_of.
- Resolve conflict with snapshot functionality
* Fix typo in documentation
* Fix and simplify logical volume check
* Rebase fixes
* Convert examples to native YAML syntax
* Fix failure with snapshot creation
* Properly fail when trying to snapshot a thinpool volume
* Don't fail when no size given for thin volume snapshot
Fixesansible/ansible-modules-extras#2478
* Convert old style required property sneaked in through rebase
* Fix 'too many leading #' syntax check
* Module to generate Diffie-Hellman parameters
Implements #32577
* Add integration tests for openssl_dhparam
* Slightly refactor check to prevent unnecessary regeneration
* Fix code smell in tests
Highly annoying to have to do this again and again and again as the rules change during the game
* Using module.run_command() and module.atomic_move() from a tempfile.
* Remove underscore variable
Ansible prefers dummy
* fix broken import
Error was:
lib/ansible/modules/cloud/azure/azure_rm_dnsrecordset.py:223:0: NameError: name 'ARecord' is not defined
* doc: use formatting functions
* remove unused dict
If the module is set to absent, read all possible configurations and remove them.
i.e. not just do a 'no switchport', as leaving around other options make
the logic handling harder.
If the user wants to remove switchport, remove all config for the interface
and finally push a 'no switchport'.
Also, I needed to map all possible params from interface regardless if state
is absent or present, so I can later detect what I need to remove in case of absent.
* Fix debug logs failing with persistent connection
Fixes#33047
* As debug logs are written on stdout, it interrupts
the communication between ansible-connection(background)
process and main process. To avoid this add a string similar
to exactly identify the response string.
* Remove unwanted code in ansible-connection
* Fix review comments
* Fix spurious log emitted on ansible-connection stdout issue
* ansible-connection which runs as a background process sends a
json string (contains response received from remote device)
to foreground ansible-playbook process over stdout.
* If in case debug flag is enabled the connection_loader api
invoked from ansible-connection `ssh = connection_loader.get('ssh', class_only=True)`
results in emitting debug logs on stdout. This spurious log
interfere with the actual response and results in failure while
reading json string in ansible-playbook process
* To avoid this save stdout of ansible-connection and redirect it string
buffer to accumulate all the logs emitted by core API's
* Add these logs in `result['messages']` which is send a json string after reinstating saved stdout
* Remove unwanted code in ansible-connection
* Fix review comment
* adding support to manage ipa services
* IPA Services does not have a description
* fixes from code review
* Cosmetic changes (indentation) + documentation
* adds support for using connection=netconf
This change updates the module to provide support for using
connection=netconf instead of connection=local. If connection=netconf
is used, then the various connection arguments will be silently ignored.
* adds netconf plugin default
This adds a default implementation for netconf plugins if the network_os
is not specified. The default plugin will implement only the standard
netconf rpcs
* fix up pep8 issues
* Don't skip an inventory source just because it has a comma, make sure it's also doesn't exist as a path. Fixes#34931
* Add integration test for inventory path with commas
* Adding enos_config.py action plugin to create backup properly
* Changing BSD to GPL
* Changing License file to GPL
* Updating enos_config.py
* Updated copy right year to 2017
* Look for password prompts at the beginning of the line only
* Adds secondary checks for the supplied sub-prompts
Handles the case for enable prompts where enable_pass may be incorrect
and the deivce is still prompting for the password
* * Changes to enable network_cli and netconf on modules.
* limits connection local for single TC per playbook.
* * adds a note on why only 1 TC is executed with connection: local
* adds two new infoblox lookup plugins
* nios - lookup plugin to return nios objects to the playbook
* nios_next_ip - lookup plugin to return the next avaiable ip address
* adds some additional examples to nios lookup
* fix up pep8 failures
* updates in response to review comments
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* updates to azure_rm_sqldatabase
* support the mutilple ip configuration
* Update azure_rm_networkinterface.py
* add test
* fix spell
* make the virtual network name more flexiable
* add test
* fix
* fix lint
* add test
* fix parameter
* deprecate the flatten ip configuration
* fix lint
* fix encoding
* fix mirror
* fix
* load model from common
* ecs_ecr: Remove registry ID from create repository call
[Boto3 documentation][1] specifies 'repositoryName' as the only expected
argument. The `**build_kwargs(registry_id)` part also adds 'registryId' which,
when executed, fails with: 'Unknown parameter in input: “registryId”, must be
one of: repositoryName'.
[AWS API documentation][2] also lists only the 'repositoryName' parameter. I.e.
this is not a problem with the boto3 library.
The default registry ID for the account that's making the request will be used
when creating the rpository. This means that if the `registry_id` specified by
the user is different from the default registry ID, then the policy changes
following the repository creation would fail, because the repository will have
been created in one repository but subsequent calls try to modify it in
another. Added a safeguard against this scenario.
[1]: https://boto3.readthedocs.io/en/latest/reference/services/ecr.html#ECR.Client.create_repository
[2]: https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_CreateRepository.html
* Fix concurrent ECR integration tests
If the `ecr_name` is the same in multiple concurrent test runs, then they can
interfere with one another causing both to fail. The `resource_prefix` is
guaranteed to be unique for different jobs running in CI an so avoids this
issue while also making it easier to identify the test which created the
resource.
* Remove compat code for to_unicode, to_str and to_bytes
Code was marked as deprecated and to be removed after 2.4
* Remove is_encrypted and is_encrypted_file
Code was marked as deprecated after 2.4 release.
* Add identifier option to apache2_module
There is a convention connecting the name passed to a2enmod and the one
appearing in apache2ctl -M. Not all modules follow this convention and
we have added a growing list of implicit conversions.
As a better long-term solution this adds an "identifier" option to be
able to set both strings explicitly.
* Run debian-specific tests only there
* Improve cleanup after apache2 tests
This is a follow-up/extension of https://github.com/ansible/ansible/pull/33630
* Add example for the new identifier option
* Put all debian tests in a block
* Imported lookup plugin from Role
* Plugin cleanup, including:
* Use existing Python YAML parsing
* Remove environment variables as connection options
* Added initial debugging information
* Reworked the lookup plugin using the Python Request library. As it's available through Ansible, it makes communication with Conjur much more straight forward.
* Removed un-used libraries
* Fixed linting issues
* Standardized output on `format` and insure it works for 2.6, 2.7, and 3.x.
* Use quote_plus from the six library for improved python 2/3 behavior.
* Refactored identity & configuration to prefer user's file. This also includes a refactor to remove an un-needed dictionary merge method.
* Removed `requests` in favor of `ansible.module_utils.urls`.
* Refactored netrc loading to warn if host is not present.
* Tests and a refactor to support easier testing.
* Added reference to website
* Fixed two linting errors
* Fixed an extra line found by linting
* Updated file write to use binary to insure config files are written correctly
* Resolved linting issues
* Refactored config & identity loading to take advantage of plugin options
* Cleanup a bunch of small items caught by linting
* Removed extra line caught by linting
* Swapped in pytest and added some tests with mocked network responses
* Pushing to see if this approach works better...
* Refactored be open_url mocking based on feedback
* Fixed a couple linting issues & refactored mocking into each method to attempt to resolve a failing test
* Use a generic MagicMock for python 2.6
* Fixes doc typo
require -> required
* Use `type: path` in identity_file and config_file
Also removes `expanduser` calls below (which will now be called automatically on
paths.)
* Defines maintainers for conjur_variable plugin
* BOTMETA.yml:
** defines $team_cyberark_conjur as maintainers of Conjur Variable plugin
** adds myself and @jvanderhoof to that team
* Adds URLs to relevant documentation for Conjur Variable lookup plugin
* Clarifies "the server," "the machine" -> "controlling host"
The machine identity used is that of the Ansible controlling host, not any
server being provisioned or instructed. This documentation change aims to make
that relationship clear.
* Adds response code to exception message on authentication failure
* Enhances exception messages to specify the controlling host
These error messages are less likely to confuse a user as to which machine is
associated with the files, identities, and configurations being described.
* Adds ANSIBLE_METADATA for Conjur variable lookup plugin
* UCS LAN Connectivity Policies and integration tests
* Docs updated
* UCS LAN Connectivity Policy and integration tests
* Fix use of description in docs and argument_spec so validate-modules passes
* UCS vNIC templates and integration tests
* docs updated
* UCS vNIC template and integration test
* Update docs and argument_spec for description, mtu, and target.
* Azure: added auth_source to override the source of the credentials
* removed broken cli auth and fix some review changes
* missed some more cli auth stuff that isn't required
* Added cli auth back in
* Added docs around cli auth
* fix azure CLI auth issues
* tweak error messages
* fix auto fallback to cli
* fix import issues when azure-cli not installed
This fix corrects the module state returned by github_module.
Now,
* When the release already exists, state is "ok"
* When the release is created, state is "changed"
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
The code that depends on this is all in the action plugins so we should
leave it there until we either move that action plugin code over
(fixup_perms2) or we give action plugins the ability to register new
config.
* win_setup: Add Product ID and Product Key in facts
So this is actually a very nice way to get product key information from
systems collected centrally.
Especially with systems that have been upgraded from Windows 7 or
Windows 8 to Windows 10 may not have a valid Windows 10 product
license key printed anywhere, it was a digital license.
If you ever have to reinstall the system, you may recover the system
from the recovery partition, or the original media, but cannot upgrade
to Windows 10 for free. By collecting the product key, one can always
reinstall your free Windows upgrade.
My only question is, do we want this to be part of the default facts, as
it may be considered important information. Or should we make a special
**win_product_key_facts** ?
* Add ACPI product key support
* Add integration test
* Remove Get-ProductKey function, move inline
* Inventory caching
* Add inventory caching for virtualbox
* Don't populate cache for virtualbox with stdout, use a dict of inventory instead
* Fix error creating the cache dir if it doesn't exist
* Keep cache default False and set to True in VariableManager __init__
* Check all groups before determining if a host is ungrouped.
aws_ec2 is an inventory plugin intended to replace uses of the `contrib/inventory/ec2.py`
inventory script.
For advanced grouping, please use the `constructed` inventory plugin.
Add deps/requires for fact collectors
Fact collectors can now set a required_facts
class attribute that will be a set of the names
of fact collectors they require to be run first.
ie, if a collector needs to know the ansible_distribution,
it should set it's required_facts to include 'distribution'
required_facts = set(['distribution'])
If a collector requires another collector, it gets added
to the selected collector names.
We then topological sort the ordering of the collectors
so that deps work out (ie, 'distribution' will run before
'service_mgr')
required_facts were added to the collectors for:
- network (requires 'distribution', 'platform')
- hardware (requires 'platform')
- service_mgr (requires 'distribution', 'platform')
Fix name references for facts (need 'ansible_' prefix)
is service_mgr
Fixes#30753
Enforce that there can be only one --new-vault-id or
--new-vault-password-file and use this instead of
--encrypt-vault-id
* Add a config option for default vault encrypt id
* add documentation around commonly-used Facts for Conditionals
There are a few Facts that are often used for Conditionals, so
documenting them on the Conditionals page with their possible values.
* Edit
* win_setup: Add Product ID and Product Key in facts
So this is actually a very nice way to get product key information from
systems collected centrally.
Especially with systems that have been upgraded from Windows 7 or
Windows 8 to Windows 10 may not have a valid Windows 10 product
license key printed anywhere, it was a digital license.
If you ever have to reinstall the system, you may recover the system
from the recovery partition, or the original media, but cannot upgrade
to Windows 10 for free. By collecting the product key, one can always
reinstall your free Windows upgrade.
My only question is, do we want this to be part of the default facts, as
it may be considered important information. Or should we make a special
**win_product_key_facts** ?
* Add ACPI product key support
It is not possible to modify the load balancer configuration
for ECS Service.
As it is possible to detect this, it's nicer to fail gracefully
than return AWS's less meaningful failure message.
Fix PEP8 compliance
Otherwise, it fail with:
Traceback (most recent call last):
File \"/tmp/ansible_c1zmq3i9/ansible_module_openssl_certificate.py\", line 808, in <module>
main()
File \"/tmp/ansible_c1zmq3i9/ansible_module_openssl_certificate.py\", line 787, in main
certificate.generate(module)
File \"/tmp/ansible_c1zmq3i9/ansible_module_openssl_certificate.py\", line 692, in generate
certfile.write(str(crt))
TypeError: a bytes-like object is required, not 'str'
* Verify that acme-tiny is present
* Use run_command rather than subprocess for acme-tiny
Besides consistency with the rest of the code base, this also
add 2 bug fixes:
- ansible should no longer show "warning, junk after json" when using the module
- it also verify the return code of acme-tiny, and so fail when the
verification fail. The previous code didn't check rc, so it would continue
with a empty file
The accumulated collected_facts was being update
with new facts _after_ filtering them. So only
facts that pass the filter would ever be passed
to other fact collectors.
For 'filter=ansible_service_mgr', even though it requires
the platform and distribution facts and even collects them,
they would get filtered out and never passed to the other
collectors that need them (service_mgr for ex).
Fix is just to add the unfiltered facts to collected_facts.
Adds unit tests for fact filter and collected_facts.
Fixes#32286
The search string used to look for Clear Linux
was changed in 45a9f96774 to
be more specific, but was too specific. Now finding
a substring match for 'Clear Linux' in /usr/lib/os-release
is enough to consider a match.
Since the details of the full name in os-release varies
('Clear Linux Software for Intel Architecture',
'Clear Linux OS for Intel Architecture', etc) the
search string match was failing and would fall back to the
'first word in the release file' method resulting in
ansible_distribution='NAME="Clear'
Also add a meta fact indicating which search string
was matched.
Test case info from:
https://github.com/ansible/ansible/issues/31501#issuecomment-340861535Fixes#31501
Extract vault related bits of DataLoader._get_file_contents to DataLoader._decrypt_if_vault_data
When loading vault password files, detect if they are vault encrypted, and if so, try to decrypt with any already known vault secrets.
This implements the 'Allow vault password files to be vault encrypted' (#31002) feature card from
the 2.5.0 project at https://github.com/ansible/ansible/projects/9Fixes#31002
People expect to be able to upload files to s3 using standard
locations for files.
Providing an action plugin that effectively rewrites the `src`
key to the result of finding such a file is a great help.
Tests added, and IAM permissions corrected
* npm module compatible with npm5
Uses the `--long` flag in `npm list` to get the `missing` key back.
* npm: add integration tests
* npm: test the module with npm 4 as well
* Remove debug tasks, use variables
* Use tests instead of filters
* Adds xcambar as a maintainer of the npm module
influxdb_user module has user_name, user_password which may confuse with existing
login arg username and password. Added aliases prefixed ith login_ to
help distinguish.
- Adding Let's Encrypt production ACME directory URL
- Marking examples as one big example with several alternatives for the first step
- Adding another example which uses aliases for options, and uses DNS-01 challenges
This fixes get_vm method to use propertyCollector which
can efficiently find the virtual machine from given VMware
infrastructure using only name.
* VMware: Refactor vmware_guest module
* Add nested paths of datacenter
* Add tchernomax suggestions
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* win_iis_webbinding: Fix bug with ipaddress * returning multiple bindings
instead of only the ones defined as *. Address possible future issues around
hostheader * by just disallowing it. Resolves 25473. Added new test for
this case.
Removed all validation for https binding collisions due to difficulty in
validating all cases in which they could or could not collide. As a
result, also removed return values relating to certificate data.
Updated testing and docs appropriately
* win_iis_webbinding: added break to remove binding loops
* Add monitoring/grafana_datasource module
added ds type mysql and postgres + check of parameters
* Added option max_concurrent_shard_requests for es_version >= 5.6
current_size is returned from the API as string, while self.size
(the requested size) is an integer. This caused the comparison
to always be False, and a resize request to always be sent.
* Moved the encryption to its own action method.
* removed silly default value for encryption type.
* Code formatting issues from pull request ANSIBOT.
* changed version_added to "2.5"
because of new new options available
* changed version_added to "2.5"
because of new new options available
* changed version_added to "2.5"
because of new new options available
* compare arg+aliases between docs and argument_spec
* Add some special handling for the network modules provider options that also appear in the top level arg spec
* Fix error code for bigip_hostname
* Address merge conflicts due to changes in f5 modules
* Update validate-modules ignore based off a clean execution
* Address merge conflicts
* Address renamed module
* Address recent changes to modules
* Add ignore for ucs_ip_pool
* Update aci modules to get more reliable documentation comparison, but not mutating the module_utils aci_argument_spec
* Update ignore.txt after recent aci updates
* Add extra guard to ensure we handle provider special only for network modules
* Address additional changes to modules
* added cloudfont.py, modified cloudfront_facts.py class name and fixed a minor bug
* Improvements to cloudfront_distribution
* Reduce the scope of the cloudfront_distribution module
* Remove presigning
* Remove streaming distribution functionality
* Add full test suite for cloudfront distribution
* Meet Ansible AWS guidelines
* Make requested changes
Fix tests
Use built-in waiter
Update copyright
* Added check to prevent failed empty changesets from being left behind
* Fixing comments from PR 34933, prevent infinte loop and stricter exception catching
* Clarify which ping module to use
Ensure each of the ping modules link to each other
ping - Requires Python on remote-node
nxos_ping - Only on Cisco NXOS
ios_ping - Only on Cisco IOS
net_ping - For network devices
win_ping - only for Windows
* Add additional properties to storage domains
* add warn low space for additional storage properties
* Fixing comments
1. Fixing documentation
2. Use default None
3. Remove redundant if condition
4. remove added discard since it was already added
* Apply comments #2
Fix default value to None
Use percentages instead of GB
* Adds custom_data parameter to azure virtual machine resource
Invoke custom_data in an integration test: This invocation of
custom_data should not cause any side effects.
* Bugfix: String encoding now works in both python2 and 3
* Fix pep8 violations
* Use nginx to serve a text file created via custom_data and verify that
that custom_data is working
* fix up azure_rm_virtualmachine custom_data
* tweaks #25924
* simplify string encoding fun
* don't rely on external packages
There are changes that the merge config can fail, but the module
will still report success. This adds a blob of code to start
collecting those failures and bubbling up a module failure
accordingly.
* adding azure_rm_mysqldatabase
* updates to azure_rm_mysqldatabase
* updates to azure_rm_mysqldatabase
* updates to azure_rm_mysqldatabase
* updates to azure_rm_mysqldatabase
* updates to azure_rm_mysqldatabase
* updates to azure_rm_mysqldatabase
* Updated docs around force_update
* adding azure_rm_postgresqldatabase
* updates to azure_rm_postgresqldatabase
* updates to azure_rm_postgresqldatabase
* updates to azure_rm_postgresqldatabase
* updates to azure_rm_postgresqldatabase
* updates to azure_rm_postgresqldatabase
* updates to azure_rm_postgresqldatabase
* Updated docs around force_update
* describe_images is very slow if not filtered to owner accounts
*or* if the Owners parameter is passed (unless the Owners parameter
is `self`). Convert Owners parameters to `owner-id` and `owner-alias`
filters where possible. Tests with CLI show that `--owners self` is
fast, `--owners 123456789012` is slow (with or without owner-id filter).
* describe_image_attributes fails against accounts other than your
own. Launch permissions are useful information, but not critical.
* first dirty container instance
* added my name ;-)
* more updates
* more updates
* removed unnecessary stuff
* container instance updates
* several fixes
* undo changes in common
* removed unnecessary references, fixed delete
* added / updated parameters
* updated samples & comments
* updated docs, comments, samples and added registry credentials
* added ip address and port
* query existing container instance (but result not used yet)
* some major changes to the module
* more fixes
* added requirement for containerinstance module
* adding integration test
* fixes for pull request
* updated version
* updated version to 2.5
* updated version
* updated integration.cloud.azure.txt as requested by test framework
* removed due to merge reasons
* updated requirements-azure.txt
* undone azure-rm-common
* lf
* properly update test requirements
* first dirty container instance
* container instance updates
* several fixes
* review related updates
* review related fixes
* undo changes in common
* added / updated parameters
* query existing container instance (but result not used yet)
* updated version to 2.5
* updated version
* removed due to merge reasons
* updated requirements-azure.txt
* undone azure-rm-common
* properly update test requirements
* minor fix - sanity
* fix one issue after rebasing
* removed files accidentally added while rebasing
* removed checking for changes
* several fixes
* fixed sanity
* updates as requested by reviewers
* removed ci as it doesn't work
* reenabled ci
* renamed container instance, removed required: false
* removed default: null
* final updates according to the review
* one more fix
* first dirty container instance
* added my name ;-)
* more updates
* more updates
* removed unnecessary stuff
* container instance updates
* several fixes
* undo changes in common
* removed unnecessary references, fixed delete
* added / updated parameters
* updated samples & comments
* updated docs, comments, samples and added registry credentials
* added ip address and port
* query existing container instance (but result not used yet)
* some major changes to the module
* more fixes
* adding integration test
* fixes for pull request
* updated version
* updated version to 2.5
* updated version
* updated integration.cloud.azure.txt as requested by test framework
* removed due to merge reasons
* updated requirements-azure.txt
* undone azure-rm-common
* lf
* properly update test requirements
* review related updates
* first dirty container instance
* container instance updates
* several fixes
* review related fixes
* undo changes in common
* added / updated parameters
* query existing container instance (but result not used yet)
* updated version to 2.5
* updated version
* removed due to merge reasons
* updated requirements-azure.txt
* undone azure-rm-common
* properly update test requirements
* minor fix - sanity
* fix one issue after rebasing
* removed files accidentally added while rebasing
* removed checking for changes
* several fixes
* fixed sanity
* updates as requested by reviewers
* removed ci as it doesn't work
* reenabled ci
* renamed container instance, removed required: false
* removed default: null
* final updates according to the review
* one more fix
* changed location as default from resource group can't handle containers
* updates to container instance
* fixed mistakes during merge
* one more fix
* another mistake
* container instance fixes
* several fixes to container instance
* return value fix
* minor update
* just one api version right now
* fixed api version
* container instance does not suppurt api version
* removed unnecessary try blocks
* removed tags related things
* fixed pep8
* final fixes?
* final updates to the module
* more fixes
* Fix ec2_vpc_net tags
PR #33105 broke the tags returned by ec2_vpc_net - it was returning the raw boto3 list instead of a dict as expected.
* Add a test for tags
* `validate` or `ignore` values may be set by module, credential profile, or env. Module has highest precedence, followed by credential profile, then environment, and defaults to `validate` if not otherwise specified.
* fixes#33455
* IP address pool module and integration tests
* Examples corrected and imports moved to beginning of module.
* Revert ucsmsdk import lines to avoid import sanity test failures.
* Add comment around imports for ucsmsdk.
* Module DOCUMENTATION should match argspec
Large update of many modules so that DOCUMENTATION option name and
aliases match those defined in the argspec.
Issues identified by https://github.com/ansible/ansible/pull/34809
In addition to many typos and missing aliases, the following notable
changes were made:
* Create `module_docs_fragments/url.py` for `url_argument_spec`
* `dellos*_command` shouldn't have ever had `waitfor` (was incorrectly copied)
* `ce_aaa_server_host.py` `s/raduis_server_type/radius_server_type/g`
* `Junos_lldp` enable should be part of `state`.
Fixes # 34917
* Remove spaces from in between interface name
* Convert interface name to lower case as interface name
is case insensitive wrt configuring on remote device.
* Add VnicProfileMapping to register VM
Add vnic profile mappings to be supported in vm registration
* Add VnicProfileMapping to register template
Add vnic profile mappings to be supported in template registration
* Add reassign bad macs to register VM
Add reassign bad macs to be supported in vm registration.
* Add additional mappings params for VM registration
As part of the effort to support DR with oVirt
the "Register" operation is being added with a new mapping parameter
that describes the configuration of the registration.
The idea of supporting DR site to site in oVirt is to have 2 active
setups using storage replication between the primary setup and the
secondary setup.
Both setups will have active DCs, clusters, and hosts, although those
will not be identical.
The user can define a mapping which will be used to recover its setup.
Each mapping can be used to map any VM's attribute stored in the OVF
with its correlated entity.
For example, there could be a primary setup with a VM configured on cluster A.
We also keep an active secondary setup which only have cluster B.
Cluster B is compatible for that VM and in case of a DR scenario theoretically
the storage domain can be imported to the secondary setup and the use can
register the VM to cluster B.
In that case, we can automate the recovery process by defining a cluster mapping,
so once the entity will be registered its OVF will indicate it belongs to
cluster A but the mapping which will be sent will indicate that cluster B should
be valid for every thing that is configured on cluster A.
The engine should do the switch, and register the VM to cluster B in the secondary site.
Cluster mapping is just one example.
The following list describes the different mappings which were
introduced:
LUN mapping
Role mapping
Permissions mapping
Affinity group mapping
Affinity label mapping
Each mapping will be used for its specific OVF's data once the register operation
will take place in the engine.
* Add additional mappings params for Template registration
As part of the effort to support DR with oVirt
the "Register" operation is being added with a new mapping parameter
that describes the configuration of the registration.
The idea of supporting DR site to site in oVirt is to have 2 active
setups using storage replication between the primary setup and the
secondary setup.
Both setups will have active DCs, clusters, and hosts, although those
will not be identical.
The user can define a mapping which will be used to recover its setup.
Each mapping can be used to map any Template's attribute stored in the OVF
with its correlated entity.
For example, there could be a primary setup with a Template configured on cluster A.
We also keep an active secondary setup which only have cluster B.
Cluster B is compatible for that Template and in case of a DR scenario theoretically
the storage domain can be imported to the secondary setup and the use can
register the Template to cluster B.
In that case, we can automate the recovery process by defining a cluster mapping,
so once the entity will be registered its OVF will indicate it belongs to
cluster A but the mapping which will be sent will indicate that cluster B should
be valid for every thing that is configured on cluster A.
The engine should do the switch, and register the Template to cluster B in the
secondary site.
Cluster mapping is just one example.
The following list describes the different mappings which were
introduced:
Role mapping
Permissions mapping
Each mapping will be used for its specific OVF's data once the register operation
will take place in the engine.
* Add support for update OVF store
Add support for task of update OVF store in a storage domain.
* allow shells to have per host options, remote_tmp
added language to shell
removed module lang setting from general as plugins have it now
use get to avoid bad powershell plugin
more resilient tmp discovery, fall back to `pwd`
add shell to docs
fixed options for when frags are only options
added shell set ops in t_e and fixed option frags
normalize tmp dir usag4e
- pass tmpdir/tmp/temp options as env var to commands, making it default for tempfile
- adjusted ansiballz tmpdir
- default local tempfile usage to the configured local tmp
- set env temp in action
add options to powershell
shift temporary to internal envvar/params
ensure tempdir is set if we pass var
ensure basic and url use expected tempdir
ensure localhost uses local tmp
give /var/tmp priority, less perms issues
more consistent tempfile mgmt for ansiballz
made async_dir configurable
better action handling, allow for finally rm tmp
fixed tmp issue and no more tempdir in ballz
hostvarize world readable and admin users
always set shell tempdir
added comment to discourage use of exception/flow control
* Mostly revert expand_user as it's not quite working.
This was an additional feature anyhow.
Kept the use of pwd as a fallback but moved it to a second ssh
connection. This is not optimal but getting that to work in a single
ssh connection was part of the problem holding this up.
(cherry picked from commit 395b714120522f15e4c90a346f5e8e8d79213aca)
* fixed script and other action plugins
ensure tmpdir deletion
allow for connections that don't support new options (legacy, 3rd party)
fixed tests
When using the -c option, like "ansible-config -c ~/.ansible.cfg view"
with python 3, it fail with this error message:
ERROR! Unsupported configuration file extension for b'/home/misc/.ansible.cfg': .cfg
* port elb_classic_facts to boto3
update module to use AnsibleAWSModule
* Add RETURN docs for elb_classic_lb_facts
* Remove superfluous exception handling around connection
Fix exit_json call and RETURN docs