* Update get_certificate.py with an example to calculate number of days until cert expires from get_certificate result.
* Update lib/ansible/modules/crypto/get_certificate.py
Co-Authored-By: Felix Fontein <felix@fontein.de>
* [docker] images: add support for lookup by sha256 digest
Signed-off-by: Jakob Ackermann <das7pad@outlook.com>
* [tests] docker image by digest: work on a minimal test case
Signed-off-by: Jakob Ackermann <das7pad@outlook.com>
* [docker] group branch conditions per lookup
Co-Authored-By: Felix Fontein <felix@fontein.de>
* [misc] add a news fragment for the added digest lookup for docker images
Signed-off-by: Jakob Ackermann <das7pad@outlook.com>
* Allow python_requirements_facts to cope with packages with dashes
```
python_requirements_facts:
dependencies:
- kubernetes-validate
```
should work as expected
* Ensure tests run for python_requirements_facts
The remove_policies function in iam_role.py enumerates a list of policies to remove. However, due to an indentation issue on the return True line, only the first such policy would be removed.
This change outdents the return True so that all of the the requested policies are removed.
* azure_rm_azurefirewall
* a few updates
* fixed mistake
* updated docs, fixed syntax
* updated priority
* use checkmode for idempotence test, as it's very long
* fix check mode
Without this commit, `vmware_datastore_facts` ignores the datastores are
not associated with a cluster of a datastore. This case can happen if a NFS
share is mounted directly on a ESXi instance.
* Adding New Model onyx_qos for Configuring QoS on Onyx Switches
Signed-off-by: Anas Badaha <anasb@mellanox.com>
* Fix Pep8 Failures in onyx_qos
Signed-off-by: Anas Badaha <anasb@mellanox.com>
* Fix Pep8 Failures phase 2
Signed-off-by: Anas Badaha <anasb@mellanox.com>
* Fix Samer's Comments on onyx_qos Module
Signed-off-by: Anas Badaha <anasb@mellanox.com>
* Fix Shippable Comments Phase 3
Signed-off-by: Anas Badaha <anasb@mellanox.com>
* Fix Current Version 2.9
Signed-off-by: Anas Badaha <anasb@mellanox.com>
* Updated utils to remove Avi SDK dependency and Avi 18.2.2 version update
* Fixed the python 3.x errors failing for avi_disable_session_cache_as_fact not properly documented
* Updated version added fields for new parameters
* fixed pep8 errors
* made requests import optional
* removed setting requests to None
* Added try catch for the avi helper methods such that any import fails then module fail gracefully. This was needed to pass the requests library not found error
* removed deprecated modules. Also, trying another fix to deal with requests import error
* Fixed python3 errors
* fixed pep8, no-dict-iteritems and import test failures
* added version 2.8 for new field
* some more code cleanup and formatting
* updated the fail message and fixed plint errors
* added workaround for unicode pylint
* fixed the version added for new parameter app_learning_memory_percent and removed unicode_literals import
* Removed check of HAS_AVI for common argument spec
* Updated version added value from 2.8 to 2.9
* Version added value fixes of CI error
* Attempt to handle just mode trunk properly
* Add test for trunk-only config and clean up tests
* Add missing eapi tests and remove references to provider as we do not test local
* Fix typo that breaks invocation of os_stack
* Apply tags conditionally so that the module does not throw up an error when using an older distro of openstacksdk
* Unchanged requests now return the original data
* Add changelog fragment
* Add integration tests for returned data for meraki_network
* Add integration tests for returned data
* Improve idempoetent output
- Make MX l3 rules always show default rule
- Add integration tests
* Add integration tests for returned data on meraki_network
* Improved idempotency in a few modules and improved tests
* Add waiter for AWSRegional
* Add support for WAF Regional
* Add support for regional waf web acl
* Remove set_trace, pep formatting
* Add paginator for regional_waf
* Change name of param for waf_regional
This is more in line with how AWS refers to the service. Additional
changes made to how client is called. Used ternary to reduce if
statements
* Change parameter name to waf_regional
* Add support for removal waf regional condition
* Change parameter from cloudfront to waf_regional
* Added state: absent waf rule
* Remove set_trace
* Add integration tests for waf regional
* WIP: adding region parameter to tests
* Add support for waf facts module
* Add region to waf regional integration tests
* Update security policy for waf regional testing
* Add type to documentation for waf_regional param
Resolve the two following errors:
ERROR: lib/ansible/modules/cloud/vmware/vsphere_copy.py:0:0: E309 version_added for new option (host) should be '2.9'. Currently None
ERROR: lib/ansible/modules/cloud/vmware/vsphere_copy.py:0:0: E309 version_added for new option (login) should be '2.9'. Currently None
##### SUMMARY
qos is not defined when port_mirroring is enabled, a NoneType is returned for entity.qos in this case
getattr is safer to use than using a direct call to entity.qos.name
##### ISSUE TYPE
- Bugfix Pull Request
+label: docsite_pr
* Rewrite much of the execution of meraki_switchport
- Previous versions had problems with idempotency and allowed_vlans
* Modified payload creation
- Parameter map is used
- propsed is created using .copy()
- Much cleaner this way
* Add whitespace for lint
* Add bugfix snippet for changelog
* Moves developer docs for AWS, ovirt, and openstack modules out of lib/ansible/, integrates them with dev_guide, with abadger's fix to make python snippets pass rstcheck
* Adds a new vmware module to support getting the folders and their paths within a datacenter
* Add integration tests
* Bump version added
* Refactor integration test
* Improve grammar in docs
*`vsphere_copy` was only able to interact with a vCenter instance. This
patch change that.
* In addition, it also makes use of the `vmware_argument_spec`.
Co-Authored-By: Abhijeet Kasurde <akasurde@redhat.com>
* auth_key parameter is required
- This will have to change when httpapi is implemented
* Add integration test
* Add assertion
* Enable VLANs on network
* Add required for auth_key
* hetzner changed image tag for server, so its working with ids and names
* changed trailing whitespace
* added higher retries count since server creation from own image takes a lot longer
* Fixed error handling in github_issue module
Due to recent changes in github3.py library module stopped working.
This fix adds extra error handling for new changes in library.
Fixes: #39627
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Check version
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Refactor github_issue
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
Presently setting noreplace: no/false has no effect. Negating the default
to true from false and modifying conditionals seems to correct this.
Making it such that you can re-install and existing package. That did not
seem possible without such modifications.
Potential fix for issue #55365 pending issue reporter testing and feedback.
* fix module defaults
- corrected precedence (specific module > group)
- made into reusable function
- use from gather_facts/service/package to match 'actual module used'
* Rewrite vmware_portgroup module
* support check mode
* VLAN ID isn't required anymore
* VLAN ID 0 (no tagging) is the default
* Options match values in vSphere Client and vmware_vswitch module
* Policy override is configured properly
* VMware: vmware_portgroup updates
Ensure the module still work with the ESXi where CustomFieldsManager
does not exist.
From: https://www.vmware.com/support/developer/converter-sdk/conv60_apireference/vim.CustomFieldsManager.html
The CustomFieldsManager object is used to add and remove custom fields to
managed entities.
The custom fields values set on managed entities are available through the
customValue property and through the summary objects for VirtualMachine
and HostSystem. They are not available directly through this managed object.
This functionality is only available through VirtualCenter.
Fixes: #56071
The networking API v2 specification, which is implemented
by openstack neutron, features an optional MTU parameter that
allows operators to specify the value for the maximum
transmission unit value.
* Adding Support For EVPN in BGP Module
Signed-off-by: Anas Badaha <anasb@mellanox.com>
* Fix Pep8 Failures in onyx_bgp.py
Signed-off-by: Anas Badaha <anasb@mellanox.com>
* Fix Pep8 Failures in onyx_bgp.py Phase 2
Signed-off-by: Anas Badaha <anasb@mellanox.com>
* Fix Samer's Comments
Signed-off-by: Anas Badaha <anasb@mellanox.com>
* Remove file Variable
Signed-off-by: Anas Badaha <anasb@mellanox.com>
* Adding Support for NVE Protocol in onyx_protocol
Signed-off-by: Anas Badaha <anasb@mellanox.com>
* Fix Pep8 Failures in onyx_protocol.py
Signed-off-by: Anas Badaha <anasb@mellanox.com>
* Adding Support for Traffic Class in Onyx Switches
Signed-off-by: Anas Badaha <anasb@mellanox.com>
* Enhancing the code and elemenating code duplicate
Signed-off-by: Anas Badaha <anasb@mellanox.com>
All vmware_guest_* module support for use_instance_uuid from Ansible 2.8,
somehow vmware_guest_disk missed from this change.
This fix adds support for use_instance_uuid in vmware_guest_disk.
Fixes: #56021
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* nxos_vpc:Fix idempotency issues with multiple attributes
Several attributes were causing idempotency problems on various platforms:
- `auto_recovery`
- This command can be disabled on certain platforms and will nvgen as `no auto-recovery`
- When enabled it has an additional optional-keyword for changing the `reload-delay` timer value
- This was addressed by adding a new attribute `auto_recovery_reload_delay` to handle setting the timer value
- This new attribute is mutually exclusive with `auto_recovery`
- `/show run vpc/show run vpc all/`
- Changed the command that gets state to `all` so that it could differentiate between `auto-recovery` and `auto-recovery reload-delay`
- This change resulted in also changing some attribute handling withing `get_vpc`, since some attributes like `peer_gw` relied on presence of the config to determine state true or false. With `all` the config is always there so these attrs must specifically check for `'no '` in the string.
- `delay_restore`
- This command has two additional, optional keywords that exist on some platforms and not others.
- New attrs:
- `delay_restore_interface_vlan`
- `delay_restore_orphan_port`
- Modified the `sanity` test to include the new attributes and to fix the platform issues.
- Bugfix Pull Request
`modules/network/nxos/nxos_vpc.py`
- Validated `nxos_vpc` `sanity` test on these platforms, all are now 100% Pass: N35, N3K, N3K-F, N6K, N7K, N9K, N9K-F
- TBD: Future work is needed to add support for `peer_gw_exclude_gw` timers. This could be addressed in the same way as the `auto_recovery_reload_delay` changes included here.
* lint fix
* Add 'version_added' tags for new options
* nxos_snmp_user: platform fixes for get_snmp_user
snmp user output behavior varies quite a bit for the different nxos platforms and required several workarounds:
- N5K/N6k
- These platforms do not support structured output for `show snmp user`.
- The current code lands in an `except` clause when the output is not structured; so I added a new `get_non_structured_snmp_user` method to scrape the state from the regular cli output if it's present.
- N9K-F
- The `group` data in the JSON output is different for this platform; it has a different key (just `group` instead of `TABLE_groups` or `group_names`) and it is not indexed
- For a single group the value is a string, for multiple groups it's a list
- sanity
- N5K/N6K/N9K-F platforms will reject `no snmp user <name> <role>` when it's the last role defined for the user.
- workaround is to use `nxos_user` to remove the user
- Changes validated on:
- `N3K, N3K-F, N35, N6K, N7K, N9K, N9K-F`
- `6.0(2)A8`
- `7.0(3)I2, 7.0(3)I4, 7.0(3)I5, 7.0(3)I6, 7.0(3)I7`
- `7.3(2)D1`
- `7.3(3)N1, 7.3(4)N1`
- `8.3(2)`
- `9.2(2), 9.2(3)`
* fix lint warning
With the example, the `file_result.folderPath` of the file
does not have any trailing '/'. `target_folder_path` is correctly
generated and equal: `[nfs_1] images`.
As described in #53385 (and #31759), the docker connection driver did
not support privilege escalation. This commit is a shameless
cut-and-paste of the privilege escalation support from the `local`
connection plugin into the `docker` plugin.
Closes: #53385
Aggregate delete task will fail in case it has hosts within the aggregate.
As by the OpenStack, the hosts should be removed from the aggregate
prior aggregate delete.
Add remove host in case provided.
* use navigate_value instead navigate_hash
* add async wait method
* update dict compare
* remove unuse methods
* not all modules have timeouts parameter
* navigate_value, the input data may be None
* Same api client can be used for other service as well
* Incorporated Review comments. Modified Category and Guest Fact modules which are also dependent on vmware_rest_client module util
* Adding Integration Tests for vmware_rest_client changes
* Changes to incroporate changes in vcsim testware
* Change to get vm name to attach the tag
* Alter tests to pass
* Change diff_against to make changed work again
* Add another diff_against
* Expose supports_sessions across all EOS connection types
* Change session warning to failure
* supports_sessions needs to be a method to survive the rpc boundary
* Alter tests to match
* sysctl will now return an error if the value is invalid
sysctl can fail to set a value even if it returns an exit status 0. More
details: https://bugzilla.redhat.com/show_bug.cgi?id=1264080. Because of
this in case of an invalid value or a read-only file system, sysctl
module would return OK, even though it didn't set anything. To be sure
that sysctl correctly applied the changes we also need to check the
output of stderr.
* Run sysctl with LANG=C
Because we are parsing sysctl stderr we need to make sure that errors
are persistent across different system language settings.
* Add changelog fragment for sysctl
* remove deprecated get_md5 from stat
fixes#55309
* removed get_md5 from tests involving stat
* keep get_md5 but hide it
* rst it
* ammended comment
* ws
* added ignore for hidden md5
* Make ansible adhoc work with include_role
Fix logic condition so that include_role works
without
```
ERROR! 'async_val' is not a valid attribute for a IncludeRole
The error appears to be in 'None': line 0, column 0, but may
be elsewhere in the file depending on the exact syntax problem.
(could not open file to display line)
```
* Add include_role test for adhoc
* XenServer: Minor changes and fixes in xenserver_guest
- xenserver_guest module: ignore wait_for_ip_address when
state=absent (fixes#55348). Module docs are updated to reflect this.
- xenserver_guest module: show proper error message when maximum number
of network interfaces is reached and multiple network interfaces are
added at once (fix for changes introduced in #54697).
- xenserver_guest module: fixed a bug in reconfigure() where VM would
be powered off even though check mode is used when reconfiguration
needs VM to be powered off.
* Added changelog fragment