Without this modprobe always reports changed when modprobe-ing a builtin module.
With this, if a kernel module is a builtin, the modprobe module will:
- succeed (without incorrectly reporting changed) if ``state`` is ``present``;
- fail if ``state`` is ``absent``
The failure will have whatever error message modprobe returns when
attempting to remove a builtin module. For example:
``modprobe: ERROR: Module nfs is builtin.``
* MSC: Various bugfixes and features enhancements
This PR includes:
- Lookups of roles, labels and domains
- Auto-create new labels
- Improvements to comparing complex datastructures
- Force removal of sites
- Support non top-level queries
- Document internal functions
- Add parameter types to modules
- Fix documentation examples
- Improvements to idempotency wrt. returning changed
- Support site locations
- Update permission list
- Various improvements to integration tests
* Fix Ci issues
* Handle 'latest' version when installing module for first time
Otherwise, a fresh install of a plugin with 'version: latest' gets installed without its dependencies, rendering the plugin effectively useless.
* Add changelog
* Refactor integration test for lvg module to introduce grow/reduce test
* List correctly current PV in lvg module: fix lvg reduce
Previous behaviour was to only take into account PV passed in 'pvs'
argument. This lead to reduce not working as expecting:
* with state=present and list of wanted pvs, lvg found only the pvs to
add or already present and ignored the pv to remove (obviously absent
from the list of given PV)
* with state=absent and a pv to remove, lvg found that the remaining pvs
list is empty (ignoring possible other PV in the vg) and decides to
remove the vg entirely (as supposely no PV are left anymore to store
lvm metadata)
* Add changelog fragment
* Update `Unknown error` to specific error message
outputs the Exception received rather than just 'Unknown error'
fixes: issue/49713
* Update `Unknown error` to specific error message
improves the error message
When the security group the rule belongs to does not exist and
the state is absent, the module is not properly exited, leading
to a playbook execution failure.
Fixes issue #50057
* added new module to manage deploy keys for BitBucket repositories
* Modified module to pass CI tests
* Updated bitbucket_deploy_key module
* updated message returned when there is an existing deploy key
* bumped version_added to 2.8
* fixed issues reported by ansible-test
Mostly typo/grammar fixes. "Zabbix Server" was changed to just "Zabbix", as it could be slightly confusing - some people might interpret this referencing the server process, although API matters. "capital-case" was changed, as it usually is one of "capital" or "upper-case".
+label: docsite_pr
* Update vmware_deploy_ovf.py
Provided more detailed example using additional, often used parameters
Co-Authored-By: mhoffmann1 <marcin.hoffmann@intel.com>
* Replace variable values in example task
Co-Authored-By: mhoffmann1 <marcin.hoffmann@intel.com>
* Revert "Fix incorrect examples with random filter (#50137)"
This reverts commit 9a7dbd5213.
The correction is incomplete and also based on a 'fix' that was supposed to have been reverted already
* Revert "Added `+1` to the `end` in `random` filter so that it was inclusive (#27215)"
This reverts commit ea2b89c7ae.
reverted fix as agreed at the time, but missed by maintainers.
* Refactoring of cnos_interface module like what followed by other vendors
* To remove cnos-interface from E326 validation ignore list
* Effect of default parameters impacted UT
* Connections can queue messages to be returned from ansible-connection
* Provide fallback for invalid display level
* Strip display from plugins
* Route messages through helper method to try to avoid improper appends
verify_file was improperly always returning true if pyvimomi and requests libs were correct
moved library checking to parse, avoid unneded errors unless the file is actually meant for
this plugin
* rabbitmq_binding: Fix using empty routing key
If the routing key is an empty string we need to use the special props
value ~ in the URL. Otherwise the last part of the URL will be empty,
which will instead be equivalent to the "list all bindings" API call
which always returns 200 OK (as long as the exchange and queue exists).
* rabbitmq_binding: Move routing_key test outside format
Test the routing_key value and set the props value outside the format
call. We leave the original routing_key untouched since its original
value is later needed in create().
* Added organization in the scm_credential get
* Fallback looking for cred in project org
* Tests project with multi org credential
* Fixed CI issue
* Added changelog fragment
* Fix mandatory statement error for junos modules
Fixes#40267
* Add error regex in junos terminal plugin to error out
in case of commit fails
* If commit fails add logic to discard changes before existing
else next task will result in error
* Add integration test
* Minor update
* Revert "allow caller to deal with timeout (#49449)"
This reverts commit 63279823a7.
Flawed on many levels
* Adds poor API to a public function
* Papers over the fact that the public function is doing something bad
by catching exceptions it cannot handle in the first place
* Papers over the real cause of the issue which is a bug in the timeout
decorator
* Doesn't reraise properly
* Catches the wrong exception
Fixes#49824Fixes#49817
* Make the timeout decorator properly raise an exception outside of the function's scope
signal handlers which raise exceptions will never work well because the
exception can be raised anywhere in the called code. This leads to
exception race conditions where the exceptions could end up being
hanlded by unintended pieces of the called code.
The timeout decorator was using just that idiom. It was especially bad
because the decorator syntactically occurs outside of the called code
but because of the signal handler, the exception was being raised inside
of the called code.
This change uses a thread instead of a signal to manage the timeout in
parallel to the execution of the decorated function. Since raising of
the exception happens inside of the decorator, now, instead of inside of
a signal handler, the timeout exception is raised from outside of the
called code as expected which makes reasoning about where exceptions are
to be expected intuitive again.
Fixes#43884
* Add a common case test.
Adding an integration test driven from our unittests. Most of the time
we'll timeout in run_command which is running things in a subprocess.
Create a test for that specific case in case anything funky comes up
between threading and execve.
* Don't use OSError-based TimeoutError as a base class
Unlike most standard exceptions, OSError has a specific parameter list
with specific meanings. Instead follow the example of other stdlib
functions, concurrent.futures and multiprocessing and define a separate
TimeoutException.
* Add comment and docstring to point out that this is not hte Python3 TimeoutError
* Warn of standard behavior of 'default' key store
The default key store typically results in the key being stored as user. In instances where we're trying to install a cert to enable SSL binding in IIS, this will result in an unbind-able cert, as the IIS APPPOOL identity will not be able to read the private key, and presents a very cryptic error of 'A specified logon session does not exist'.
+label: docsite_pr
* fix trailing whitespace
* Use C(user) reference
* specify what's required for successful iis import
- store_location's default value is currently 'LocalMachine' but if this changes it could result in the documentation being inaccurate
- key_exportable is not required for a successful IIS import
* remove stray =
dang cat
Co-Authored-By: tdietrich513 <tom.dietrich@gmail.com>
* Fix example in ini.py
* Fix unittest in test_ini.py to pass CI as latest ansible returns list in
different order. To prevent such issues in future results are sorted
* PEP8 E501 styling improvements
Co-Authored-By: Sergii Golovatiuk <sgolovat@redhat.com>
Trying to use the apt module on a freshly install 16.04 Ubuntu VM with
"ansible -m apt -a 'name=* state=latest' all" fail with this backtrace:
Traceback (most recent call last):
File \"/tmp/ansible_2inxygge/ansible_module_apt.py\", line 1055, in <module>
main()
File \"/tmp/ansible_2inxygge/ansible_module_apt.py\", line 998, in main
upgrade(module, 'yes', force_yes, p['default_release'], use_apt_get, dpkg_options)
File \"/tmp/ansible_2inxygge/ansible_module_apt.py\", line 759, in upgrade
apt_cmd_path = m.get_bin_path(apt_cmd, required=True)
File \"/tmp/ansible_2inxygge/ansible_modlib.zip/ansible/module_utils/basic.py\", line 2182, in get_bin_path
File \"/usr/lib/python3.5/posixpath.py\", line 89, in join
genericpath._check_arg_types('join', a, *p)
File \"/usr/lib/python3.5/genericpath.py\", line 143, in _check_arg_types
(funcname, s.__class__.__name__)) from None
TypeError: join() argument must be str or bytes, not 'NoneType'
It seems that since aptitude is not installed on Xenial, so APTITUDE_CMD is None
and we later hit the bug in the upgrade function since it assume APTITUDE_CMD
is set.
* Improve the output when processing files
* Update docs/bin/plugin_formatter.py
Co-Authored-By: dagwieers <dag@wieers.com>
* Show progress indicator.
* Don't pp.pformat() huge structures when they aren't used anyway.
This saves ~10 seconds on my machine.
* Only show ASCII spinner if stdout is a TTY.
* Fix: E722 do not use bare 'except'
* Add GetManagerNicInventory command for Manager category, and tweak redfish_utils' get_nic_inventory to accommodate manager nic interfaces
* Remove get_manager_nic_inventory, since it is unnecessary while using get_manager in get_nic_inventory
* Rework get_nic_inventory() to take a resource_type as a string, which will be just the category parameter from redfish_facts, making it clearer
* remove extraneous blank line to conform with pep8
* Add GetManagerNicInventory example task to EXAMPLES docstring
* Add cryptography backend for openssl_privatekey.
* Adding ECC support.
No support for X25519 and X449, since they don't support serialization.
* Improve finterprint calculation to work with Python 3.
* Add fingerprint check.
* Fix typo.
* Use separate curve option for elliptic curves, and use type 'ECC'.
* Using curve names as defined in IANA registry.
* Bump minimal supported cryptography version. Older versions might work as well, but I couldn't test them.
* Improve documentation.
Fixes#48171Fixes#33742
Add force_host and issu options support in junos_package module
* Add force_host option to ignore warnings while installing package
* Add issu option to enable issu feature from Ansible
* PSRP: Add support for reconnection retries
This adds support for reconnection retries to overcome sudden Connection
Refused or other recoverable states. (Either because WinRM is (re)started,
or firewall changes make it briefly unavailable)
* Fixes from review comments
* Change test suite to fit expected behaviour
This reverts some changes from ansible/ansible@723daf3
If a line is found in the file, exactly or via regexp matching, it must
not be added again.
insertafter/insertbefore options are used only when a line is to be
inserted, to specify where it must be added.
* Implement the change in behaviour mentioned in the previous commit
* Fix comment to reflect what the code does
* Set the correct return message.
In these cases, the lines are added, not replaced.
* Add a changelog
* Allow tags to be templated from a variable. Fixes#49825
* Restore _load_tags to ensure we do csv tag splitting
* Add tests for csv tags and templated tags
* evaluate_tags doesn't need to accept strings, because _load_tags handles this
* Port bundled distro to use optparse instead of argparse (py2.6)
* Use an absolute import to satisfy the current import testing harness
* Port from subprocess.check_output to subprocess.Popen.communicate() (py2.6)
* Add license location
The changes have been proposed upstream here:
https://github.com/nir0s/distro/pull/232
Upstream is contemplating a branch where everyone wanting python-2.6
support can collaborate without it becoming part of the regularly
supported releases.
Since the 'platform.dist()' and 'platform.linux_distribution()'
methods will be removed from future versions of python, this
provides an alternative to replace ansibles use of those
methods.
lib/ansible/module_utils/distro.py is a copy of
https://github.com/nir0s/distro/blob/master/distro.py
This module is originally from https://github.com/nir0s/distro
and is license under the Apache License, Version 2.0.
* New module - postgresql_idx
* New module postgresql_idx: added returns block
* New module postgresql_idx: fixed documentation, typos and added idxname to fail_json
* In some cases, it appears that Exception should have been used instead
as there's no need to catch sys.exit KeyboardInterrupt and similar.
* In a few cases, it appears that BaseException is used because
a library we depend on calls sys.exit() contrary to good coding
design. Comment those so that we know that those have been audited
and found to be correct and change to use (Exception, SystemExit)
instead.
* Windows Privileges - moved util code to it's own C# util
* Rename Enabler class to PrivilegeEnabler to remove ambiguity
* rename Utils to PrivilegeUtil
* fix missing util name changes
This documents two common issues related to rebooting Windows systems.
- Updates can take a long time being applied during reboot
- Reboots can cause the WinRM service to start before system has settled
Reporting of install failures was improperly guarded behind a list of
packages to install when the first element changed in a list was found.
This lead to the dnf module silently failing at times when it should not
fail.
Fixes issue 49759
This work enables to add sit tunnel via nmcli module
Signed-off-by: Susant Sahani susant@redhat.com
SUMMARY
ISSUE TYPE
Feature Pull Request
COMPONENT NAME
nmcli
ANSIBLE VERSION
2.8
ADDITIONAL INFORMATION
- nmcli:
state: present
type: sit
conn_name: sit_test1
autoconnect: yes
ip_tunnel_dev: enp0s8
ip_tunnel_local: 192.168.1.2
ip_tunnel_remote: 192.168.1.5
* win become: refactor and add support for passwordless become
* make tests more stable
* fix up dep message for Load-CommandUtils
* Add further check for System impersonation token
* re-add support for become with accounts that have no password
* doc fixes and slight code improvements
* fix doc sanity issue
* replace math round with ceiling to report the actually installed RAM for ansible_memtotal_mb
* add new variable ansible_memtotal to display TotalPhysicalMemory in bytes
add new variable ansible_swap_min to display initial pagefile size
add new variable ansible_swap_max to display maximum pagefile size
removed the variable ansible_swaptotal_mb
* output ansible_swap_min & ansible_swap_max value in bytes
* re-add the ansible_swaptotal_mb fact and fix the conversion of the TotalSwapSpaceSize value from kilobytes to MB
* indentation fix, replace tab with spaces
* Create Windows facts for ansible_virtualization_role and ansible_virtualization_type
* Create Windows facts for ansible_virtualization_role and ansible_virtualization_type
Updated formatting
* Removed executable flag on setup.ps1
* Changed Get-WMIObject to Get-CimInstance as Get-WMIObject has been deprecated and fails testing.
* Changed new variables to snake_case and also changed Get-CimInstance to Get-LazyCimInstance
* removed -class from Get-LazyCimInstance call as failed test.
this example shows two things not shown here already->
- dynamically looking up hosted zone id using the route53_zone module (vs knowing the ID we can use the name)
- showing an example of start_record_name which takes an entire record, not just a partial name
* Docs: Add a separate "seealso" section to the module docs
to list related modules and/or related references. This clears up the notes
section for things that are actual notes.
So you can add a section in your module documentation and four types of
references are possible.
seealso:
# Reference by module name
- module: aci_tenant
# Reference by module name, including description
- module: aci_tenant
description: ACI module to create tenants on a Cisco ACI fabric.
# Reference by rST documentation anchor
- ref: aci_guide
description: Detailed information on how to manage your ACI infrastructure using Ansible.
# Reference by Internet resource
- name: APIC Management Information Model reference
description: Complete reference of the APIC object model.
link: https://developer.cisco.com/docs/apic-mim-ref/
This PR also includes:
- Implements ansible-doc support
- Implements schema support for the seealso options
- Updates to the development documentation
- Rename filter convert_symbols_to_format to rst_ify, cfr the existing html_ify and tty_ify filters
- This makes the existing template a lot easier to read and fixes the confusion I had myself rereading the template (again).
- We fixed the possible suboption types (which was limited to 'bool' only)
* Use latest stable instead of devel docs
* Fix for 36950. Added support for missing options capabilities and root_device in properties of os_ironic.py ansible module
* Updated docstring to pass documentation validation
* Updated review comments from juliakreger
* version_added: "2.8"
- Require username and password for unregistering and avoid "cannot marshal None unless allow_none is enabled" error when using an activation key and no channels specified.
- Update test fixtures and add changelog
Co-authored-by: WhyIsThisOpen <WhyIsThisOpen@users.noreply.github.com>
* k8s: add k8s_kind arg to KubernetesRawModule
Single–kind k8s modules (e.g. k8s_service) do not have a module
parameter called 'kind' and need to pass a static 'kind' on
KubernetesRawModule class creation. Hence this change.
* k8s: make 'validate' and 'wait' mod params optional
Not all k8s modules utilizing KubernetesRawModule will use these.
* k8s_service: new k8s module for handling Services
* Pluribus Networks pn access list ip module with unit test cases
* Changes according to ansibot standards in unit test modules
* Remove unwanted variables
* Removed unwanted super call
Previously we returned only nested attributes of the lists not of the
structs, this patch fixes it.
Signed-off-by: Ondra Machacek <omachace@redhat.com>
* [docker] Consolidating Python Boolean conversion for Docker API (#49563)
* [docker] Consolidating docker option min version checks (#49564)
* [docker] Moving option min version checks out of docker_swarm (#49564)
Also renaming Boolean cleanup function and fixing docker_container minimum
version check for network interfaces.
* Cleanup from PR feedback
* Bare minimum rip out cliconf
* nxapi changeover
* Update documentation, move options
* Memoize device_info
* Gratuitous rename to underscore use of local api implementation
Fixup eos module_utils like nxos
* Streamline version and image scans
* Expose get_capabilities through module_utils
* Add load_config to module_utils
* Support rpcs using both args and kwargs
* Add get_config for nxos
* Add get_diff
* module context, pulled from nxapi
We could probably do this correctly later
* Fix eos issues
* Limit connection._sub_plugin to only one plugin
* set ansible_os_family from name variable in os-release for clearlinux system
Signed-off-by: Josue David Hernandez Gutierrez <josue.d.hernandez.gutierrez@intel.com>
* Add os_family for clear linux and clear linux mixes
Signed-off-by: Josue David Hernandez Gutierrez <josue.d.hernandez.gutierrez@intel.com>
* inventory plugins: try auto before ini
auto plugin should run before ini to avoid ini being able to parse
some plugin configuration YAML files successfully.
* Update comment
comment was added by 2ffe3c42bb but
related code was later removed by
506e6a0b2d.
Use a simple multiprocessing pipe to delay exiting the parent process
until after the child has been doubly forked.
Using a simple IPC to allow the forked process to start avoids the
control node waiting unnecessarily for lightly loaded systems.
* Fix various bugs related in reboot
- Use format strings for consistency and improve debug log messages
- Use local variables instead of class attributes in order to be thread safe
- Run setup module to get distribution and version
- Run find module to get full path of shutdown command
- Use ansible_os_family and ansible_distribution to find commands and args
- Use same command for all Solaris/SunOS distributions
- Move delay calculations to properties
- Reliably check for module run failure
- Fix bug in run_test_command() that accidentally made the method work properly
- Use better exceptions rather than Exception
- Use dict literals rather than constructors
- Correct _check_delay() so it always returns a value, not None
- Don't store and return result in run_test_command() because it's not used anywhere
- add test for post reboot command that fails
- test negative values for delay parameters
* Consolidate handler tracking
- Remove unused code. ci_complete
- unit test fixes. ci_complete
- Restore previous behavior of matching a single handler
- when notifying a host for a handler, return True if it was added, False otherwise, to reduce copied logic
- rename funcitons for clarity. ci_complete
- Remove handler logic for static includes which was disabled previously
- use the generic `package` module, this way it will cover dnf and yum
- to not specify the x86_64 arch, the package manager will pull the fine
version anyway
- with_items with package is deprecated
- libnm-qt-devel is only in Fedora 27 and 28.
Template lookup plugin now support variable_start_string and
variable_end_string, just like template module.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
fixes to ansible-doc
- change json to always be type dependent
- change changelog generation to loop over the options
- warn about ignoring module path
* read_csv: new module to read CSV files
* Add a doc reference to the csvfile lookup plugin
* Enable the use of custom dialect options
* Improve error handling
* Fix PEP8
* Fix more PEP8
* Simplify custom dialect code
* Add integration tests
* Fixes for CI
* Fix for python 2.6
* openstack: fix parameter handling when cloud provided as dict
If a cloud is provided as dictionary:
* Do not assert that 'interface' parameter is None. Instead,
assert that it is 'public'.
* Assert that 'auth_type' parameter is not set.
Fixes#42858
* os_user: Include domain parameter in user lookup
If a "domain" parameter is provided, use it in looking up
whether the user already exists.
Fixes#42901
* os_user: Include domain parameter in user deletion
If a "domain" parameter is provided, use it in deleting
the user also.
Fixes#42901
* ensure idempotency for user set to None
* Update `user` documentation and add changelog fragment
* clarify changelog fragments and parameters documentation
* use restructuredtext syntax in changelog fragment
* Add info about loop based on jinja2 loop var
* ansible_loop
* Update test count
* Add extended loop_control that defines whether ansible_loop should be added
* Extended needs to be defaulted
* Revert "Update test count"
This reverts commit f1e93ee469825f4cdcd90fb28667d29aa088275c.
* Add docs about loop_control.extended
* Add revindex and revindex0
* Document ansible_loop in special vars
* Add changelog fragment
* Add tests, change items to allitems so that dot notation works, fix logic error with previtem
* Fix python 3 compatibility in flatpak_remote module
* Fix flatpak module for recent versions of flatpak
* Add reminder for contributors to run integration tests manually
There has been several Python version compatibility regressions
introduced into the module which could have been avoided by the
integration tests.
- Module extends the existing RedfishUtils class and leverages its methods
- Acknowlegements to Bill Dodd (@billdodd) for creating original Proof-of-Concept
* Initial commit for firewall_vip46
* Initial commit for fortios_policy46
* Revert "Initial commit for fortios_policy46"
This reverts commit dd568b603965aabcbb9952b2ef2caf0bb9c571e9.
Have added some extra arguments to the postgresql_ext module to allow
configuring an SSL connection to the postgresql server and explicit
support for connecting via a unix socket. The arguments and method used
here for the connection are the same as used by the postgresql_database
module.
* Simplify permission changing code for rabbitmq_user module
* Add check for multiple permission dicts for same host to rabbitmq_user module
* Add docstring for _get_permission method of rabbitmq_user
* Fix method that compares vhost permissions in rabbitmq_user
* Add tests for rabbitmq_user module
* Add helper function for simulating collections.Counter functionality
Incorporating the abandoned work from PRs #35288 and #45552. Also adding in
the version checking from `docker_container.py`, which should be abstracted
out to `docker_common.py`.
There is no API or AWS command to list down latest available
runtimes. Updated documentation with AWS official lambda docs.
Fixes: #49552
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
It was super incomplete, and the interface was pretty strange; it had
built-in features to handle pretty bespoke workflows ("clean504",
e.g.) but was lacking lots of other useful features (like the ability
to create a webhook with a shared secret). Rather than try to update
the interface in a backwards compatible way, I've replaced it with the
more predictable, single-purpose github_webhook and
github_webhook_facts modules.