* Add note about adding new key requiring update
When a new repo and new key are added, attempts to install packages
signed by that key fail until `apt-get update` is run. This note
is an attempt to help users avoid getting errors when they miss
this step.
* related to issue #25091
* switch example to apt module
* Compress src interface into one key
* Modified regex to support varied interface types
* Fixed documentation
* Unpacking return values from splitting method
- support config operations for EXOS-based platforms
- add regex to detect command failure responses
- add exos action plugin for "backup" operation
- add unit tests for exos_command (currently 94% coverage of
exos_config.py)
* Add backup option
* Only backup shadow file when the OS has one
* Only backup shadow file for SunOS
* Update docs on backup feature
* Add changelog fragment
* Add tests for shadow backup
* Remove backup option, make it automatic
Remove the option to enable/disable backups and make it automatic. Add note to docs describing this behavior.
Change tests to account for new module behavior.
Change section name in changelog fragment since minor_features is not a valid section.
NOTE:
1. use os.open() with os.O_CREAT|os.O_EXCL to check existence
and create a lock file if not exists, it's an atomic operation
2. the fastest process will create the lock file and others will
wait until the lock file is removed
3. after the writer finished writing to the password file, all the reading
operations use built-in open so processes can read the file parallel
* strip additional comments from /etc/default/passwd
Strip trailling comments from /etc/default/passwd like
MINWEEKS=1 #MINWEEKS=2
MAXWEEKS=12 # MAXWEEKS=8
Which otherwise cause failures with "failed to read /etc/default/passwd: too many values to unpack"
* fix carriage return typo in commit
* yet another typo in commit
* Fix indent problem
* add changelog fragment for PR 43931
Ideally I would have liked to compare the TTL as part of the
prerequisite check. Sadly that isn't supported by the RFC 2136 update
protocol. Hence the additional query.
Resolves#39465
* Update cloudflare_dns account link
* Add SSHFP and TLSA records to cloudflare_dns module
These are record types which Cloudflare recently added support
for. They both go well together with DNSSEC.
Technically it's a bit of a simplification to use the hash_type
parameter for TLSA records. Yet, it fits with all the real world usage
I have seen, and it keeps the module from sprawling too much.
Related to #43803
* Update netconf plugins for junos and iosxr
Fixes#39160
* Update api signature for netcon api's
from variable arguments to named arguments
* Udpate get default rpc supported
* Fix CI issue
* restore task arg splatting
* reverts #41804
* supersedes #41295
* fixes#42192
* after lots of discussion amongst the core team, we decided to preserve this feature, clarify the runtime warnings/docs, and prioritize a path toward fixing the underlying behavior that causes this feature to be insecure (un-namespaced facts).
* update faq text
note that warning is disabled when inject_facts_as_vars is
* wordsmithing FAQ entry
As of today, self.returns it not the source of truth. If the return
value from querying the resource contains more values than the one
listed in self.returns, those value will be returned even though not
explicitly specified in self.returns.
This commit ensures that only the values listed on self.returns are
actually returned. The other values not listed are supressed.
Every scaleway modules will require the same base of parameters. Instead
of documenting it each and every time, we build a doc fragment that will
allow one to simply extend documentation for every new module.
extends_documentation_fragment: scaleway
During the installing of packages if yum runs out of free disk space,
some post install scripts could fail (like e.g. when the kernel package
generates initramfs), but yum would still exit with a status 0. This is
bad, especially for the kernel package, because it makes it unable to
boot. Because the yum module is usually used for automation, which
means the users cannot read every message yum prints, it's better that
the yum module fails if it detects that there is no free space on the
disk.
* Common Rest Module using httpapi transport
* comparing json objects
* platform independant Rest Api
* FTD rest module
* Remove FTD module which will be committed later from cisco team
* remove debug code
* remove common rest module
* fix shippable errors
* Add notification users
* more shipable errors
* 29891 use os.path.realpath to follow keyfile symlinks
* 29891 add parameter follow
* updated changelog fragment
* add documentation and set default to false
* pip: combine chdir and env only when env is set
This fixes an AttributeError when chdir without virtualenv is specified:
File "/tmp/ansible_2UAFsZ/ansible_module_pip.py", line 387, in main
env = os.path.join(chdir, env)
File "/usr/lib64/python2.7/posixpath.py", line 75, in join
if b.startswith('/'):
AttributeError: 'NoneType' object has no attribute 'startswith'
* Add test for pip with chdir
Signed-off-by: Till Maas <opensource@till.name>
* Only template values in vars_prompt rather than all vars
This allows the use of variables in vars_prompt fields but allows variables entered in the prompt to affect play vars rather than throwing an undefined error.
Only post validate if there was a vars_prompt
* Add tests for vars_prompt
* Check the password format
Check the password format and notify user if they
input unencrypted password.
* Fix sanity error
* Add integration test
* Missed a task name
* Hard code the testing password
Since some testing platfrom has no passlib installed
* Add changelog fragment
* Rework some English sentences
* Fix a grammar mistake
The Vultr API is inconsistent in the type of the value it returns
based on the resources. While most of the time it will be a dict, for
some resources it will be a list (/v1/user/list, /v1/block/list).
query_resource_by_key() fails if the return value isn't a dict (.items()
does not exist on list). This patch aims to support both list and dict.
* Hold httpapi response in BytesIO
* Let httpapi plugin deal with HTTP codes if it wants
* Python 3.5 won't json.loads() bytes
* Don't modify headers passed to send
* Move code handling back to send()
but let httpapi plugin have a say on how it happens
The bundled selectors library which is used by the local and ssh
connection plugins had a bug which caused a traceback in a cornercase.
If selectors were in use and a syscall was interrupted, selectors would
attempt to restart the syscall after the interrupt was processed. if
the attempt determined that the timeout for running the syscall had
already expired, the code attempted to raise OSError. The raise was
using a Python3-ism and needed to be ported to work on Python2.
Fixes#41630
* Fix cli_command junos test failure and update doc
* Fix cli_command module integration test failure
for junos
* Update cli_command module doc for prompt and
config command run scenario's
* Update cli_command module doc
* Collecting PEM -> DER conversions.
* Using cryptography instead of OpenSSL binary in some situations.
* Moving key-to-disk writing for key content to parse_account_key.
* Rename parse_account_key -> parse_key.
* Move OpenSSL specific code for key parsing and request signing into global functions.
* Also using cryptography for key parsing and request signing.
* Remove assert statements.
* Fixing handling of key contents for cryptography code path.
* Allow to disable the use of cryptography.
* Updating documentation.
* 1.5 seems to work as well (earlier versions don't have EC sign function). Making Python 2.x adjustments.
* Changing option to select_crypto_backend.
* Python 2.6 compatibility.
* Trying to test both backends separately for acme_account.
* Also testing both backends separately for acme_certificate and acme_certificate_revoke.
* Adding changelog entry which informs about select_crypto_backend option in case autodetect fails.
* Fixing YAML.
Fixes#42310
Previously, the firewalld module was making a call to
FirewallClientConfig.getZoneNames() which doesn't exist in versions
of firwalld older than 0.4.2, this patch implements the same logic
with older API calls to not require a newer version of firewalld.
Signed-off-by: Adam Miller <admiller@redhat.com>
In query_resource_by_key(), there is an equal comparison that is made to
know if the object we are looking for is present. Due to type difference
this comparison doesn't always retrieve true, even when it should.
This is due to the fact that the value in r_data dict are of type
unicode, while the other can be of type int, float,... .
```
>>> a = u'1'
>>> type(a)
<type 'unicode'>
>>> b = 1
>>> type(b)
<type 'int'>
>>> a == b
False
>>> str(a) == str(b)
True
```
Hence the values, for comparison purposes, are casted into strings.
* Merge again trickily similar Accelerated networking and IP forwarding
* Add type to enable_ip_forwarding documentation
* Fix merge error
* auth to auto
* azure_rm_networkinterface: remove auth_source from tests
* azure_rm_networkinterface: remove spurious auth_source from test
* azure_rm_networkinterface: Revert formatting on test
* azure_rm_networkinterface: Correct indentation
_parsed_return_data should only be used with the return from a module.
This location was invoking a remote shell command rather than a module
so we don't want it here.
they dropped the Linux so now it only shows as ALT, it should still be backwards compatible
pkg_mgr detection relies on `Altlinux` string, so properly setting os_distribution should take care of it as side effect
fixes#43539
* Remove use of simplejson throughout code base. Fixes#42761
* Address failing tests
* Remove simplejson from contrib and other outlying files
* Add changelog fragment for simplejson removal
* Change how data is sent to the persistent connection socket.
We can't rely on readline(), so send the size of the data first. We can
then read that many bytes from the stream on the recieving end.
* Set pty to noncanonical mode before sending
* Now that we send data length, we don't need a sentinel anymore
* Copy socket changes to persistent, too
* Use os.write instead of fdopen()ing and using that.
* Follow pickle with sha1sum of pickle
* Swap order of vars and init being passed to ansible-connection
* New module for managing EMC VNX Block storage
With the module emc_vnx_sg_member users can add or remove luns from
existing storage groups.
This module has been developed in couple with emc_vnx_mv_promote for
disaster recovery process automation, but can be used by itself.
This fix adds additional parameter 'datastore'. This parameter
provides a flexibility to specify custom datastore or datastore cluster
to deploy new virtual machine from template (which is located in different
datastore or datastore cluster from virtual machine's datastore or datastore
cluster).
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Remove wait_for & associated params
* Upgrade command dict to top-level, remove more wait_for accessories
* We don't need all this anymore
* Update docs
* Update tests to new argspec
* Be a little more explicit about sendonly
Also remove reference to the word provider.
* Add example of prompt and answer
This is to avoid users connecting to the APIC using SSH, which is likely
to fail. In the ACI documentation (linked from every module) we go into
more details on how people are supposed to work with the modules..