* add sops lookup plugin
* fix pylint
* fix undefined encrypted_file variable
* decode sops output as text by default
* add variable to control decrypted content print in logs
* use Sops class decryption method
* lookup should return text, use appropriate ansible facility
* use ansible.module_utils._text.to_native
As required by Ansible documentation on [raising errors][raising-errors]
from plugins, use to_native to wrap errors to ensure string compatibility
between Python versions.
[raising-errors]: https://docs.ansible.com/ansible/latest/dev_guide/developing_plugins.html#id3
* use with_items instead of with_file in sops lookup documentation
[with_file][with-file], per Ansible documentation, returns the content of
the file. As sops is not able to decrypt a string by itself but requires
the file is passed as argument, passing the content breaks the lookup
plugin as reported by [here][bug-report].
[with_items][with-items] should be used instead.
[with-file]: https://docs.ansible.com/ansible/2.4/playbooks_loops.html#looping-over-files
[with-items]: https://docs.ansible.com/ansible/2.4/playbooks_loops.html#standard-loops
[bug-report]: https://github.com/ansible/ansible/pull/59639#issuecomment-540803722
* uniform sops exception handling between plugins
* Apply suggestions from code review
Co-Authored-By: Felix Fontein <felix@fontein.de>
* remove sops lookup plugin print option
Is no longer possible to print the decrypted secrets directly from this
plugin, but `debug` module can be used instead.
* add github handle to author
* add setup_sops integration target
* extract sops module
* add lookup_sops integration tests
* use sops module
* Update plugins/module_utils/sops.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/module_utils/sops.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/lookup/sops.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/module_utils/sops.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/module_utils/sops.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update test/integration/targets/lookup_sops/tasks/ubuntu.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/module_utils/sops.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update test/integration/targets/lookup_sops/files/simple.sops.yaml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Adding aliases file
* Emtpy spaces
* Update plugins/lookup/sops.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/lookup/sops.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/lookup/sops.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update test/integration/targets/lookup_sops/tasks/ubuntu.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/lookup/sops.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update test/integration/targets/lookup_sops/tasks/ubuntu.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update test/integration/targets/lookup_sops/tasks/ubuntu.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* gpg -> gnupg2
* with_items -> loop
* Move error logic to module_utils.
* Make Sops.decrypt() also handle errors and decode output.
* Improve error handling.
* Improve example formatting.
* Reorganize tests.
* Add test.
* Remove version_added.
Co-authored-by: Edoardo Tenani <edoardo.tenani@protonmail.com>
Co-authored-by: Edoardo Tenani <edoardo.tenani@gmail.com>
Co-authored-by: Edoardo T <endorama@users.noreply.github.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
* Added 'extra_install_args' option to allow extra upgrade/install
Example zypper args for this is
* --allow-vendor-change
* --replacefiles and
* --force-resolution
* Fix comment issue..
* Change extra_install_args option to a list.
Improved doc.
* Update plugins/modules/packaging/os/zypper.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/packaging/os/zypper.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Switch from using extra_install_args to individual module options.
* Fix syntax errors and limit 'allow-vendor-change' to 'dist-upgrade'
* Removed un-needed import
* Added changelog fragment
* Added tests for zypper replacefiles and allow_vendor_change options
* Removed dist-upgrade as it changes the test environment.
And it is hard to undo.
* Added proper test of replacefiles zypper option
Buiding two rpm packages containing same file path but with different content.
Making sure we fail to install them without the replacefiles options and that we succeed
using it.
* Make sure to create directory before writing files
* Fix indentation of ignore_errors
* Correct genereated rpm file name
* Improved duplicate file assertions
* Ensure no previous netcat package still exists.
* Corrected naming of example task.
* Fix variable name typo.
* Fix proper duplicate_content access
* Make sure to clean up duplicate rpms after tests.
* Removed debug
* Removed version_added of option allow_vendor_change and replacefiles
Co-authored-by: Felix Fontein <felix@fontein.de>
* add a new module iso_create
* add elements in argument spec
* remove changelog for new module
* change the path of test file
* comment out pip check task in test case
* comment out install pip in test case
* move pip install task and add skip python2.6
* gitlab_project_variable: added support for variable_type
* gitlab_project_variable: Added integration tests for variable_type file.
* Changed test case variable name, ansible was masking the output.
* This fixes (#275)
* Migrated PR from https://github.com/ansible/ansible/pull/47768
* Applied requested changes
* Fixed issue with load_file_common_arguments
* Using args list when calling run_commands
* Keytool now reads passwords from stdin
* Fixed PEP8 indentation issues
* parted: consider current partition state even in check_mode
* Update changelogs/fragments/183-parted_check_mode.yml
Co-Authored-By: Andrew Klychkov <aaklychkov@mail.ru>
* Test check_mode considers get_device_info
* fixed pep8 E302: expected 2 blank lines
Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru>
Setting the exit code in a trap overrides the exit code that caused the
trap to be called. This means if the test failed and called the trap,
the test will exit with 0 rather than the failure exit code.
* Don't die when docker CLI doesn't want to work with docker daemon.
* Allow more 'docker volume ls' failures
* More.
* Fix more failures.
* Forgot ignore_errors.
* Another one.
* More places.
* Try to install newer docker on RHEL8.
* Also restrict docker-ce-cli.
* Adjust target directory so that ansible-test knows what to run when filters change.
* Divide by multiple instead of multiplying with product of 1/factor to improve numerical robustness.
* Allow to say what a year or month is (in days).
* Add changelog fragment announcing the time filters.
* Make sure unknown keyword args result in errors.
* Fix formatting screw-up.
* Un-remove wrongly removed ovirt modules and adjust deprecation to Ansible 2.14 (regular 4 version deprecation cycle).
* Update sanity-2.10.txt
* Vendor dependencies from ovirt.ovirt as deprecated, and remove dependency on ovirt.ovirt.
* Use ovirt_facts doc_fragment, and don't add _ovirt_info doc_fragment.
* filter: add new time convert filters
The plugin include:
- to_seconds
- to_minutes
- to_hours
* refactor and extend
* more UX improvements
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
* even more UX improvments
* fix indentation
* fix for py3
* enable aix in ci
* simplify
* add to_months, use 360d as year.
* rearrange tests
* year back to 365 days
Co-authored-by: Felix Fontein <felix@fontein.de>
* Add Fedora 32 to CI; drop Fedora 30 which is soon EOL.
* Docker only supports Fedora up to 31; fortunately the 31 package seems to work for 32 too.
* Also skip for Fedora 32, as it apparently has a similar problem to Fedora 31.
ci_complete
* Add info command to redis module
* Fix sanity test
* Create a separate redis_info module
* Type of arguments in documentation was determined
* Add redis_info test
* Fix sanity test
* Add integration test
* Add integration platforms (centos7/8,fedora30/31,opensuse15+py2,ubuntu1604/1804)
* Add centos6 support
* Fix suggestions
* Add contact email
Have added a trust_input option to the postgresql_user_obj_stat_info
module. This only checks the session_role since all other options are
passed as parameters.
* flatpak: Change use of Popen to module.run_command()
* Update changelogs/fragments/274-flatpak-run-command.yaml
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
* Add trust_input option to postgresql_slot module
Have added a trust_input option to the postgresql_slot module. This
only checks the session_role since all other options are passed as
parameters.
* Add Changelog fragment
* Update docs following PR review
* Tidyup deprecations
* Collections don't use a leading `_` for deprecation, they use
routing.yml instead
* Remove left over network entries
* ignore.txt
* botmeta
* review feedback
* ignore:check_matrix
* remove duplicated keys
* Add trust_input option to postgresql_sequence
Have added the trust_input option to the postgresql_sequence module.
* Add changelog fragment
Have added a changelog fragment for these changes.
* Add optional input check to postgresql_ext
Have added a new trust_input check to the postgresql_ext module that
allows for checking the input that is passed to the module.
* Add changelog fragment
* Update tests/integration/targets/postgresql_ext/tasks/postgresql_ext_initial.yml
Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru>
Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru>
* fix broken etcd3 module integration test
* rewrite etcd3 test role as role-only integration test
* etcd3 module integration test changes:
- add setup_etcd3 as dependency in meta
- skip python2.6 target as etcd3 won't install
* fix aliases
* Convert integrated simple fetch_url() checking framework from hetzner_firewall tests to proper framework which can also be used by other modules.
* Linting.
* One more.
* Use community.internal_test_tools collection.
* mysql_db: prevent broken pipe errors by using an intermediate shell process
* use module.run_command()
* mysql_db: add use_shell parameter
* add changelog fragment
* Slack: Add bot/user token support, correct thread_ts support
Add support for user/bot/application tokens (and Slack WebAPI).
Fix input type for thread_id, which needs to be string.
Return thread_ts/thread_id when user/bot tokens are used, so they can be reused later
* Slack: Add changelog fragment, fix YAML syntax
Co-authored-by: Middleton, Michal <Michal.Middleton@concur.com>
* fix CI
* Added ldap_search module for searching in LDAP servers
* Fixes from pipeline
* Fixed second script as well
* fix DOCUMENTATION block
* fix DOCUMENTATION block
* fix DOCUMENTATION block
* fix examples and remove changelog fragment
* Added integration tests for ldap_search
* fixes
Co-authored-by: Sebastian Pfahl <sebastian.pfahl@dcso.de>
* Remove the params module option from ldap_attr and ldap_entry
Module options that circumvent Ansible's option handling were disallowed
in:
https://meetbot.fedoraproject.org/ansible-meeting/2017-09-28/ansible_dev_meeting.2017-09-28-15.00.log.html
Additionally, this particular usage can be insecure if bind_pw is set
this way as the password could end up in a logfile or displayed on
stdout.
Fixes CVE-2020-1746
* Remove checking the version of Ansible
Fix fail_json
* Apply suggestions from code review
Co-Authored-By: Felix Fontein <felix@fontein.de>
Co-authored-by: Toshio Kuratomi <a.badger@gmail.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
* Replace missing netapp parts with own copy.
* Localize final fragment.
* Mark netapps docs fragment as deprecated.
* Drop dependency on netapp.ontap.
* Remove all netapp_e_* modules.
* Remove docs fragment.
* Fix become plugins.
* Fix become unit tests to avoid play_context.make_become_cmd.
* Remove hack.
* Remove explicit defaults. Adjust tests to be more like Ansible itself.
* Forgot two lines.
* Rewrite tests (again).
* Rename play_context -> task, add possibility to pass var_options.
* Add var_options variants.
* Properly test overwriting.
* Fix ovirt collection name (ovirt.ovirt_collection, not ovirt.ovirt).
* Fix kubernetes module_utils references.
* Fix broken f5 imports on community.general side. The imports in that collection are still broken and will still cause failures.
* Fix Cisco ACI and MSO modules imports.
* Fix check_point.mgmt dependency, fix imports.
* Fix fortimanager imports.
* Fix cisco intersight imports.
* Fix ovirt module docs fragments.
* Fix usage of _ in unit tests to avoid sanity failures.
* Fix Cisco module docs fragments.
* Fix netapp.ontap module docs fragment name.
* Fix documentation.
* Fix some boilerplate (the ones not mentioned in ignore.txt).
* Fix unit test paths.
* Remove fallaxy targets.
* Remove unit test group 3.
* Avoid sanity tests to fail because they validate something in tests/utils/.
* Fix Hetzner firewall unit test imports.
* Make sure tests can actually access collections.
* Fix more relative imports.
* Fix more relative imports.
* Fix more includes.
* Fix more tests.
* One more.
* Fix syntax error in sanity import tests (invalid escape sequence "\$" caused by non-raw docs block)
* Fix permissions of ansible-test parts for sanity tests.
* Revert "Fix permissions of ansible-test parts for sanity tests."
This reverts commit c2713f0a12.
