Commit graph

1436 commits

Author SHA1 Message Date
Jordan Borean
6e8d430872
win_become - don't dispose logon token until end (#61905) 2019-09-10 06:37:07 +10:00
Mario Lenz
900a51b283 VMware: Fix issue with order of changes in vmware_vcenter_statistics 2019-09-09 16:01:54 -04:00
Gonéri Le Bouder
3ea8e0a144 VMware: not ssl.SSLContext if validate_certs false (#57185)
Python < 2.7.9 does not have the ssl.SSLContext attribute.
ssl.SSLContext is only required when we want to validate the SSL
connection. If `validate_certs` is false, we don't initialize the
`ssl_context` variable.

Add unit-test coverage and a little refactoring:

- avoid the use of `mocker`, when we can push `monkeypatch` which is
  `pytest`'s default.
- use `mock.Mocker()` when possible

closes: #57072
2019-09-09 21:41:46 +05:30
Mark Chappell
1f38a12057 Fix behaviour of module_utils/ec2 compare_policies when dealing with bare bools and ints. (#61115)
* module_utils/ec2: (unit tests) Move unit tests for module_utils/ec2.py into test/units/module_utils

- compare_policies was refactored from s3_bucket
- "ec2_utils" doesn't seem to have ever existed

* module_utils/ec2: (unit tests) Add unit test for comparing quoted and unquoted bools and numbers within policies

As per https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_grammar.html

"Values are enclosed in quotation marks. Quotation marks are optional for numeric
and Boolean values."

* module_utils/ec2: Explicitly convert bools and ints to strings when comparing policies

See also: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_grammar.html
2019-09-09 12:08:25 -04:00
Abhijeet Kasurde
3703c3bb1a
atomic_image: Fix absent state (#61827)
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2019-09-09 14:38:32 +05:30
Simon Dodsley
df49a9e58c purefa_info: Fix failure due to API version check (#61925) 2019-09-09 09:14:46 +02:00
Felix Fontein
d40ba28fb4
docker_container: improve port range parsing error behavior (#61740)
* Improve port range parsing.

* Add changelog.
2019-09-08 20:30:18 +02:00
Chris Trufan
943888b955 Fixes to ecs_certificate cert chain for #61738 (#61858)
* Fixes to ecs_certificate cert chain for #61738

* Added changelog fragment

* Fixes to ecs_certificate for cleaner join, and better integration test

* Fix integration test formatting

* End cert chain with a \n

* Update changelogs/fragments/61738-ecs-certificate-invalid-chain.yaml

Co-Authored-By: Felix Fontein <felix@fontein.de>

* Update main.yml
2019-09-07 07:58:25 +02:00
Andreas Calminder
cac93cbd1f os_port allowed_address_pairs and extra_dhcp_opts list of dicts comparison fix (#56577)
* compare list of dicts

* update example for dhcp_server_opts to include ip_version which is automatically added by openstack

* add note about dhcp_server_opts

* add changelog fragment

* fix forgotten exception+pass

* no need to excplicitly check for None

* fix oops

* fix import error

* missed missing_required_lib

* changelog fragment formatting and grammar fixes

* update requirements in documentation and fix spelling
2019-09-06 22:44:25 +02:00
Mark Chappell
b8650c0a50 aws_asg: Fix idempotency when using tags and metrics (#61284)
* Update AWS hacking policy to enable ASG Tagging management

* aws_asg: Add tests for ASG Tagging (including idempotency)

* aws_asg: ignore sort order when comparing tags on the ASG (fix idempotency)

* ec2_asg: (integration tests) test for idempotency when managing metrics collection

* ec2_asg: sort list of enabled metrics to ensure clean comparisons.
2019-09-06 12:48:40 -07:00
Matt Martz
8331c8fdc3
Properly hide limit and list-hosts args from ansible-inventory (#61618)
* Properly hide limit and list-hosts args from ansible-inventory. Fixes #61604

* Add changelog fragment

* Consolidate limit

* Fix positional argument with --graph

* Properly error for hidden arguments

* linting issue

* host pattern changelog
2019-09-06 11:43:50 -05:00
Sam Doran
61efffcbe1
User - correct group removal description in docs (#61936) 2019-09-06 12:16:33 -04:00
Ganesh Nalawade
4f29b5a76b
Fix ansible-connection persist after playbook run complete issue (#61591)
* Fix ansible-connection persist after playbook run issue

*  PR https://github.com/ansible/ansible/pull/59153 to add support
   for delaying the ansible-connection added an old issue of
   ansible-connection persisting even after playbook run is finished
   till either command timeout or connect timeout is triggered.
   ansible-connection persist after playbook execution is done
   and also delays the connection initilization untill a method
   in invoked from module side on the connection object.

* Add chanegelog
2019-09-06 14:23:18 +05:30
Matt Davis
7f4328ad12
allow external collections under the ansible NS (#61908)
* fixes #59988
2019-09-05 18:50:22 -07:00
Felix Fontein
e06dbe6e4f
Azure _info modules: fix returned ansible_facts when called as _info (#61805)
* Fix Azure _info modules which still returned ansible_facts.

* Adjust PR #.

* Fix wrong assignment.

* Reorganize code for clarity.
2019-09-05 11:51:56 +02:00
Bill Dodd
2a932ad7cf Fix power command ResetType mapping logic (#59927)
* fix power command ResetType mapping logic

* add changelog fragment
2019-09-05 05:39:21 -04:00
Jordan Borean
3a7b77a94c
ansible-galaxy fix --server option for roles (#61820) 2019-09-05 11:46:44 +10:00
Matt Martz
8214d188cf Don't truncate the last character from galaxy urls. Fixes #61624 (#61775) 2019-09-05 07:06:42 +10:00
Scott Luther
0c73e47a42 fix erroneous failures in docker_compose due to deprecation warnings … (#61650)
* fix erroneous failures in docker_compose due to deprecation warnings from docker (#60961)

* Update error handling to work with new method of capturing output

Co-Authored-By: Felix Fontein <felix@fontein.de>

* update error handling

* fix syntax error

* fix indentation

* fix indentation (again)

* remove erroneous line
2019-09-04 19:34:05 +02:00
kucharskim
1dea661ce8 Allow 13 asterisk characters in password field without warning (#54893)
On OpenBSD, 13 asterisk characters as a password hash, marks the
account as disabled. Otherwise daily(8) script which executes
security(8) will email operator about not properly locked accounts.

Before the diff, we see following warning:

> [WARNING]: The input password appears not to have been hashed. The 'password' argument must be encrypted for this module to work properly.

After the diff, warning is gone.
2019-09-04 11:49:16 -04:00
Sloane Hertel
91ccb03552 aws_s3 - wait for the bucket before setting ACLs (#61735)
* Wait for the bucket to become available if possible before setting ACLs
2019-09-04 09:42:28 -04:00
Mark Chesney
01f4081b66 Fix creation of DigitalOcean droplets using digital_ocean_droplet module (#61655)
* Omit disallowed 'id' attribute in request body to create a droplet

* Add changelog fragment for PR #61655
2019-09-04 02:28:56 -04:00
Bill Dodd
088d821f75 Fix KeyError exceptions in GetLogs command (#59877)
* fix KeyError exceptions in GetLogs command

* add changelog fragment

* refine the list of LogEntry properties to collect
2019-09-03 21:44:07 -04:00
Alexandre Mulatinho
e4d72dd981 luks_device.py: Allow manipulate LUKS containers with label or UUID (#61603)
* luks_device.py: Allow manipulate LUKS containers with label or UUID

- Allow create a LUKS2 container format with label support
- Allow manipulate (open, close, modify) an LUKS container based on
  both label (LUKS2 format) or UUID instead of using devices only.

Fixes: #58973
Signed-off-by: Alexandre Mulatinho <alex@mulatinho.net>

* test_luks_device.py: organizing tests to support labels

- Add label on some tests and fix errors reported by Shippable

Signed-off-by: Alexandre Mulatinho <alex@mulatinho.net>

* luks_device.py: adjusting versions and messages

- Modifying version_added from 2.9 to 2.10
- Fixing some messages
- Created a changelog fragment
- Moving blkid from scope

Fixes #58973
Signed-off-by: Alexandre Mulatinho <alex@mulatinho.net>
2019-09-03 05:40:09 +02:00
Maxim Babushkin
f1a1b72f07 os_server - add "tag" to instance nics (#61119)
A custom "tag" could be passed to the instance metadata with the nics.
Add support for the "tag" to the module.
2019-09-02 05:07:53 -04:00
Guillaume Leroy
21b101f8e1 add option to define keysize at luks partition creation (#61522)
* add option to define keysize at luks partition creation

* Bump version_added.

* Extend tests.
2019-08-31 19:32:41 +02:00
René Moser
1ff20e9804 apt_repository: implement update cache retrying (#57266)
* use exponential backoff
* make cache update retries and max delay in between configurable
2019-08-30 16:14:15 -04:00
René Moser
fd4ff54580 apt: honor cache_update=false on auto-install deps (#56549)
* apt: honor cache_update=false on auto-install deps
* add porting guide
2019-08-30 15:57:58 -04:00
René Moser
01ae6991bd apt: use exponential backoff for apt update cache retries (#60527)
* make retries and max delay configurable
2019-08-30 15:55:38 -04:00
Mark Chappell
35359959de aws_codecommit: Fix integration tests and Add support for updating the description (#61263)
* Update DevOps AWS policy
- Fix typos in permission names
- While AWS claims you can use 'arn:aws:codecommit:*' it errors unless you use '*'

* aws_codecommit: (integration tests) Migrate to module_defaults

* aws_codecommit: (integration tests) Fix integration tests

* aws_codecommit: (integration tests) Add tests for updating the description

* aws_codecommit: Add support for updating the description and rename "comment" option to "description"
2019-08-30 11:25:37 -07:00
Toshio Kuratomi
8f6dbb732a
[WIP] Cleanups and version bumping for 2.10 (#61572)
* Cleanups and version bumping for 2.10

* Fix changelog url now that stable has been branched

* Fix the lenth of the porting guide title now that the version is two digits
2019-08-30 09:54:12 -07:00
Jordan Borean
951dac7691
Azure fix _info/_facts return values for some modules (#61584)
* Azure fix _info/_facts return values for some modules

* Further test fixes

* securitygroup fixes after the move to _info module
2019-08-30 16:00:47 +10:00
Simon Dodsley
cd24d57636 Add IOPs bandwidth support to volumes (#61577) 2019-08-30 01:12:39 -04:00
Matt Clay
4063d58339 Use relative submodule status in ansible-test.
The `git submodule status` command is relative to the current git repository by default.
When running from a repository subdirectory paths can be returned above the current directory.
Specifying the current directory with `git submodule status` avoids listing submodules above that directory.

This will fix issues when testing a collection that is rooted below the repository root when that repository uses submodules.
2019-08-29 20:29:38 -07:00
Felix Fontein
0c592c8225
CloudStack modules: rename _facts -> _info (#61090)
* Rename cloudstack _facts -> _info

* Add changelog.

* Fix errors due to overloaded get_result having different parameter names.

* Fix examples.

* Change debug tasks.

* Remove unneeded code.

* Change from rename -> deprecate+new module.

* Make cs_zone_info return a list.

* Make cs_instance_info return a list.

* Fix return value docs.

* Fix typo.

* Improve tests.

* Fix cs_zone_info.

* Linting.

* Fix alias/option switch.

* Fix version numbers.

* Extend docs.
2019-08-29 16:14:51 +02:00
René Moser
3bfeae9040 vultr: add changelog and update porting guide (#61520) 2019-08-29 11:49:00 +02:00
Matt Davis
d81ae27a4a
Collection role relative deps (#61517)
* default collection support

* playbooks run from inside a registered collection will set that collection as the first item in the search order (as will all non-collection roles)
* this allows easy migration of runme.sh style playbook/role integration tests to collections without the playbooks/roles needing to know the name of their enclosing collection

* disable default collection test under Windows

* enable collection search for role dependencies

* unqualified role deps in collection-hosted roles will first search the containing collection
* if the calling role has specified a collections search list in metadata, it will be appended to the search order for unqualified role deps

* disable cycle detection unit test

* failing on 3.7+, needs proper cycle detection
* see #61527
2019-08-29 02:25:44 -07:00
James Cammarata
51b33b79c0
T woerner max concurrent (#60702)
* play, block, task: New attribute forks

With this it is possible to limit the number of concurrent task runs.
forks can now be used in play, block and task. If forks is set in different
levels in the chain, then the smallest value will be used for the task.

The attribute has been added to the Base class as a list to easily provide
all the values that have been set in the different levels of the chain.

A warning has been added because of the conflict with run_once. forks will
be ignored in this case.

The forks limitation in StrategyBase._queue_task is not used for the free
strategy.

Signed-off-by: Thomas Woerner <twoerner@redhat.com>

* Handle forks in free strategy

The forks attribute for the free strategy is handled in run in the free
StrategyModule. This is dony by counting the amount of tasks where the uuid
is the same as the current task, that should be queued next. If this amount
is bigger or equal to the forks attribute from the chain (task, block,
play), then it will be skipped to the next host. Like it is also done with
blocked_hosts.

Signed-off-by: Thomas Woerner <twoerner@redhat.com>

* Test cases for forks with linear and free strategy

With ansible_python_interpreter defined in inventory file using
ansible_playbook_python.

Signed-off-by: Thomas Woerner <twoerner@redhat.com>

* Changing forks keyword to throttle and adding some more docs
2019-08-28 18:47:39 -05:00
Matt Davis
7d1a981b61
default collection support (#61415)
* default collection support

* playbooks run from inside a registered collection will set that collection as the first item in the search order (as will all non-collection roles)
* this allows easy migration of runme.sh style playbook/role integration tests to collections without the playbooks/roles needing to know the name of their enclosing collection

* ignore bogus sanity error

* filed #61460

* fixed task unit test failure

* don't append an empty collections list to the ds

* ignore leftover local_action in mod_args ds action parsing

* fix async_extra_data test to not require ssh and bogus locale

* disable default collection test under Windows

* ensure collection location FS code is always bytes

* add changelog
2019-08-28 16:31:40 -07:00
robertchung
caa5abdfc9 Fix TypeError in ec2_group.py for Python3 when sorting dictionary list (#59844)
* Fix TypeError in ec2_group.py for Python3 when sorting dictionary list

* Using json.loads() and dumps() to replace sorting

* Bug fixes for ec2_group.py

* Dictionaries cannot be compared/sorted in Python3

* Diff will occur when the IpPermissions have the same IpRanges but have different ordering

* 'before' will be sorted by 'Type' with high priority than 'IP', but 'boto3.describe_security_groups()' function cannot get 'Type' from Amazon

* Add some basic diff mode testing to exercise the rule-sorting code
2019-08-28 16:28:42 -07:00
Sam Doran
73248bf27d validate-modules - Use error codes instead of numbers (#60711) 2019-08-28 14:12:56 -07:00
Felix Fontein
59ab4d9307
oVirt: rename _facts -> _info (#61299)
* Rename oVirt _facts -> _info

* Adjust PR #.

* Forgot update BOTMETA / ignore.txt for doc fragment.

* Compatibility for 3rd-party modules using module_utils or info doc fragment.

* Update note.

* Fix/improve docs.

* Update lib/ansible/modules/cloud/ovirt/ovirt_event_info.py

Co-Authored-By: Sloane Hertel <shertel@redhat.com>

* Fix variable.

* Fix return value documentation for ovirt_external_provider_info.
2019-08-28 21:01:46 +02:00
smile37773
161c1ce17e Rename Azure modules: "facts"->"info" (#61417)
* rename

* add symlink

* add the log

* fix the ignore file

* fix

* fix
2019-08-28 19:01:10 +08:00
Matt Clay
f510d59943
Support relative imports in AnsiballZ. (#61196) 2019-08-27 18:11:21 -07:00
Jordan Borean
66f52b74b1 Change collection PS util import pattern (#61307)
* Change collection PS util import pattern

* Add changes for py2 compat

* fix up regex and doc errors

* fix up import analysis

* Sanity fix for 2.6 CI workers

* Get collection util path for coverage collection
2019-08-27 16:02:27 -07:00
Simon Dodsley
21f0c0f42f Change references to ansible_facts (#61353) 2019-08-27 18:00:25 -04:00
Simon Dodsley
948023176e Changes references to ansible_facts (FA_RA) (#61355) 2019-08-27 18:00:12 -04:00
Simon Dodsley
05afc28d08 Changes references to ansible_facts (FB_S3USER) (#61356) 2019-08-27 18:00:01 -04:00
Felix Fontein
c9a9bd9d64
OneView: rename _facts -> _info (#61208)
* Rename OneView _facts modules -> _info

* Adjust PR #.

* Forgot to update test names.

* Remove superfluous blank line.

* Some more things from review.
2019-08-27 23:21:40 +02:00
smile37773
5438013191 Rename Azure modules: facts -> info (#60987) 2019-08-28 04:44:57 +08:00
Felix Fontein
2db4e044ab smartos_image_facts: rename to smartos_image_info (#60915)
* Rename smartos_image_facts -> smartos_image_info

* Add changelog.
2019-08-27 16:43:10 -04:00
Felix Fontein
e176023c6b Scaleway: rename _facts -> _info (#61095)
* Rename scaleway _facts -> _info

* Add changelog.

* Improve docs.
2019-08-27 16:39:24 -04:00
Felix Fontein
185a1fcb07 Online: rename _facts -> _info (#61091)
* Rename online _facts -> _info

* Add changelog.
2019-08-27 16:36:55 -04:00
Kevin Breit
489156378c Meraki - Enable API call rate limiting for requests (#54827)
* Initial commit for rate limiting
- Detects if error code is 429
- Pauses for random time between .5 and 5 seconds before retrying
- If it fails 10 times, give up and tell user

* Redo structure of request() to support rate limiting

* Hold down timer is now a sliding scale
- 3 * number of retries
- Fails after the 30 second wait

* Whitespace fixes

* Redo implementation using decorators
- Errors aren't tested but code works for regular calls

* Unit tests work for error handling

* Add integration tests for successful retries

* Add condition for 502 errors and retry

* Move _error_report out of the class

* PEP8 fixes

* Add changelog entry
2019-08-27 16:32:09 -04:00
Felix Fontein
1906c05348
vertica_facts: rename to vertica_info (#60916)
* Rename vertica_facts -> vertica_info

* Add changelog.

* Fix porting guide.
2019-08-27 21:28:36 +02:00
Jack Parsons
80b73712a9 Template value of debugger and then check for validity (#53587)
* Template value of debugger and then check for validity

* Removed if/else and forcing failure on undefined as per comments

* Added changelog

* changed colon to brackets so it appears as a string
2019-08-27 12:02:26 -05:00
ygelfand
36b7baca4d getent - add service support(#60295) 2019-08-27 11:58:37 -04:00
Felix Fontein
c91929b2b3 OpenStack: rename _facts -> _info (#61197)
* Rename openstack _facts -> _info

* Add new module names to module_defaults.yml.
2019-08-27 11:50:14 -04:00
Jordan Webb
27cac742ca Fix pipelining in buildah connection plugin (#59745)
* Fix pipelining in buildah plugin

* Add changelog fragment
2019-08-27 10:11:47 -04:00
claudioiuliano
ab559c4629 Remove 'network-interface' for tag_specifications (#53398)
* Remove 'network-interface' for tag_specifications

https://github.com/aws/aws-cli/issues/2865

* changelog
2019-08-26 19:37:00 -04:00
pratikgadiya12
8ee7d9f598 VMWare - Rename _facts to _info (#57474)
Deprecate vmware's _facts modules and add new modules.

Fixes: #57278
2019-08-26 14:45:34 -04:00
Felix Fontein
47c2ff4c26
Redfish modules: rename _facts -> _info (#60992)
* Rename redfish_facts -> redfish_info, idrac_redfish_facts -> idrac_redfish_info

* Update porting guide.

* Add changelog.

* Fix metadata.

* Remove copy artefacts.

* Change from deprecate/new module to rename.
2019-08-26 20:42:04 +02:00
Felix Fontein
e536d0e128
openssl_*: deprecate PyOpenSSL backends (#59907)
* Deprecate PyOpenSSL backends.

* Add changelog.

* Add porting guide entry.

* Improve tests to ignore deprecations when comparing results.

* Deprecating pyopenssl backend for get_certificate and openssl_publickey.

* Fix typo.
2019-08-26 18:26:10 +02:00
Felix Fontein
7f4f2506a0
acme_certificate: make compatible to Buypass' ACME v2 testing endpoint (#60727)
* Don't unnecessarily use location from header.

* Add changelog.
2019-08-26 18:19:55 +02:00
Felix Fontein
14974f5fc2
openssl_certificate_info: add ocsp_uri return value (#60393)
* Add ocsp_uri return value.

* Add changelog.

* Add integration test.

* Fix rebase error.
2019-08-26 17:42:52 +02:00
Nathaniel Case
f3f30c146b
Deprecate net_* modules (#60818)
* Deprecate net_ modules

* Move modules to finish deprecation

* Add missing `why`, move net_static_route

* Add changelogs and porting guide
2019-08-26 09:07:54 -04:00
Michał Szczepańczyk
8ed3a0b360 fix bug - k8s was crashing when yaml ended with 3 dashes (#61182)
* fix bug - k8s was crashing when yaml ended with 3 dashes

* #61182 - add changelog
2019-08-26 17:28:01 +10:00
Felix Fontein
c3b1a0a7e8 Vultr: rename _facts -> _info (#61239) 2019-08-24 17:54:17 +02:00
Mark Chappell
5434bf74c6 Fix issues with aws_kms when working cross-account and with IDs (#60805)
* aws_kms: (integration tests) Test updating a key by ID rather than just my alias

* aws_kms: (integration tests) Test deletion of non-existent and keys that are already marked for deletion

* aws_kms: Ensure we can perform actions on a specific key_id rather than just aliases

In the process switch over to using get_key_details rather than listing all keys.

* aws_kms: When updating keys use the ARN rather than just the ID.

This is important when working with cross-account trusts.
2019-08-23 16:56:45 -07:00
Søren Kröger
1cf43e5017 Handle multiple Content-Type headers correctly (#31238)
* Handle multiple Content-Type headers correctly

Avoids situations where mulitple Content-Type headers including charset information can result in errors like 
```
LookupError: unknown encoding: UTF-8, text/html
```

* Account for multiple conflicting values for content-type and charset

* Add changelog fragment
2019-08-23 16:48:16 -05:00
Ryan Conway
e4c1c05363 Renaming onepassword_facts to onepassword_info. (#61237)
* Renaming `onepassword_facts` to `onepassword_info`.

* Update module examples.

* Add changelog fragment.

* Add module rename to the 2.9 porting guide.

* Document the parameter types in the module docs.

* Fix incorrect parameter name.

* Update docs/docsite/rst/porting_guides/porting_guide_2.9.rst

Co-Authored-By: Felix Fontein <felix@fontein.de>

* Remove `onepassword_facts` as it has been renamed to `onepassword_info` including fixes for the sanity tests.
2019-08-23 20:45:13 +02:00
Felix Fontein
fa70690e5c
openssl_certificate/csr(_info): add support for SubjectKeyIdentifier and AuthorityKeyIdentifier (#60741)
* Add support for SubjectKeyIdentifier and AuthorityKeyIdentifier to _info modules.

* Adding SubjectKeyIdentifier and AuthorityKeyIdentifier support to openssl_certificate and openssl_csr.

* Fix type of authority_cert_issuer.

* Add basic tests.

* Add changelog.

* Added proper tests for _info modules.

* Fix docs bug.

* Make sure new features are only used when cryptography backend for openssl_csr is available.

* Work around jinja2 being too old on some CI hosts.

* Add tests for openssl_csr.

* Add openssl_certificate tests.

* Fix idempotence test.

* Move one level up.

* Add ownca_create_authority_key_identifier option.

* Add ownca_create_authority_key_identifier option.

* Add idempotency check.

* Apparently the function call expected different args for cryptography < 2.7.

* Fix copy'n'paste errors and typos.

* string -> general name.

* Add disclaimer.

* Implement always_create / create_if_not_provided / never_create for openssl_certificate.

* Update changelog and porting guide.

* Add comments for defaults.
2019-08-23 14:01:42 +02:00
Mark Chappell
77e4371460 aws_kms: Update policy on existing keys (when passed) (#60059)
* aws_kms: (integration tests) Use module_defaults to reduce the copy and paste

* aws_kms: (integration tests) make sure policy option functions.

* aws_kms: (integration tests) Move iam_role creation to start of playbook.

iam_roles aren't fully created when iam_role completes, there's a delay on the Amazon side before they're fully recognised.

* aws_kms: Update policy on existing keys (when passed)
2019-08-23 20:38:38 +10:00
Andrey Klychkov
e3cf76533c postgresql_user: add groups parameter (#60638)
* postgresql_user: add groups parameter

* postgresql_user: add groups parameter, fail_on_role default True

* postgresql_user: add groups parameter, add changelog fragment
2019-08-23 08:17:23 +02:00
Felix Fontein
72365b01e0 acme_certificate: only return challenges that need to be satisfied (#61191)
* Only return challenges that need to be satisfied.

* Adjust PR #.
2019-08-22 23:10:53 -04:00
Felix Fontein
18f7c3b850
Netapp: rename _facts -> _info (#60980)
* Rename na_ontap_gather_facts -> na_ontap_info
Rename netapp_e_facts -> netapp_e_info

* Add changelog.

* Fix sanity.

* Forgot test.

* Forgot to remove 'gather'.

* Fix sanity ignore.

* Remove netapp_e_facts from PR.

* Remove superfluous version_added.
2019-08-22 22:51:45 +02:00
Matt Martz
0ff9978bc5
Ensure has_dead_workers functions (#60653)
* Ensure has_dead_workers functions

* Fix up tests

* Add changelog. Fixes #29124
2019-08-22 14:32:49 -05:00
Mark Chappell
70777020c4 Fix iam_password_policy integration tests (#60930)
* iam_password_policy: (integration tests) Use module defaults for AWS connection details

* iam_password_policy: (integration tests) Ensure the policy is removed when tests fail

* iam_password_policy: (integration tests) Add regression test for #59102

* iam_password_policy: Only return changed when the policy changes.

* iam_password_policy: PasswordReusePrevention must be omitted to remove/set to 0

* #60930 add changelog

* Update hacking AWS security policy to allow testing of Password Policy Management
2019-08-22 23:25:25 +10:00
Andrey Klychkov
191068a286 Issue 59955: add array handling to postgresql_query module (#60559)
* Issue 59955: add array handling to postgresql_query module

* Issue 59955: add array handling to postgresql_query module, improvements

* Issue 59955: add array handling to postgresql_query module, fix example comment
2019-08-22 08:53:29 +02:00
Lukas Kämmerling
96199be96b Rename hcloud_*_facts to hcloud_*_info (#60926)
* Rename hcloud_datacenter_facts to hcloud_datacenter_info

* Rename hcloud_location_facts to hcloud_location_info

* Rename hcloud_image_facts to hcloud_image_info

* Rename hcloud_floating_ip_facts to hcloud_floating_ip_info

* Rename hcloud_server_type_facts to hcloud_server_type_info

* Rename hcloud_server_facts to hcloud_server_info

* Rename hcloud_ssh_key_facts to hcloud_ssh_key_info

* Rename hcloud_volume_facts to hcloud_volume_info

* Fix typo in hcloud_image_info

* Add to porting guide and add changelog fragment

* Reword porting guide
2019-08-21 14:55:37 +02:00
Matt Davis
bfa004930a
add subdir support to collection loading (#60682)
* add subdir support to collection loading

* collections may now load plugins from subdirs under a plugin type or roles dir, eg `ns.coll.subdir1.subdir2.myrole`->ns.coll's roles/subdir1/subdir2/myrole, `ns.coll.subdir1.mymodule`->ns.coll's plugins/modules/subdir1/mymodule.py
* centralize parsing/validation in AnsibleCollectionRef class
* fix issues loading Jinja2 plugins from multiple sources 
* resolves #59462, #59890,

* sanity test fixes

* string fixes

* add changelog entry
2019-08-21 10:45:04 +01:00
Felix Fontein
c1b2aa1d11
nginx_status_facts: deprecate/rename to nginx_status_info (#60979)
* Rename nginx_status_facts -> nginx_status_info

* Add changelog.

* Remove warnings.

* Re-add ignore.txt entries.

* ...

* Raw strings for docs.

* Use U(...) for link.
2019-08-21 09:09:22 +02:00
Bojan Vitnik
04e0f9d4ea XenServer: When VM is in powered on state, plug newly added disks
Fixes: #60693
2019-08-21 10:50:14 +05:30
Sloane Hertel
3247626ac7 Warn when transforming constructed groups (#60912)
* Warn when transforming constructed groups

The `keyed_groups` field has used sanitization since 2.6, but `groups` only started doing so in 2.8.
This adds a warning for the change in behavior.

* changelog
2019-08-20 10:32:02 -05:00
Matt Martz
ba25522db4
Remove ddeprecated redis_kv lookup. Fixes #59984 (#60826) 2019-08-20 10:27:09 -05:00
Felix Fontein
e58919bccd
gluster_heal_facts: rename to gluster_heal_info (#60919)
* Rename gluster_heal_facts -> gluster_heal_info

* Add changelog.
2019-08-20 15:43:41 +02:00
Felix Fontein
c66163b118
hpilo_facts: rename to hpilo_info (#60917)
* Rename hpilo_facts -> hpilo_info

* Fix porting guide.

* Add changelog.
2019-08-20 15:14:18 +02:00
Will Thames
362c45517d aws_kms: fix failing tests (#60206)
Preserve tag key case by only calling camel_dict_to_snake_dict once,
before the tags are added.

Don't call assert_policy_shape as it seems to fail

Use aws_caller_info in the test suite now that it exists rather
than running `aws sts get_caller_identity`

Ensure that calls using `grant_types` can also use key aliases
2019-08-20 07:15:40 -04:00
Dusan Matejka
31bfcd4745 Reworked zabbix_template to support XML import/export + updated documentation (#59040) 2019-08-19 10:53:58 -04:00
René Moser
4b743a2721
vultr: use exponential backoff for api query retries (#60529) 2019-08-19 16:09:09 +02:00
Mark Chappell
8e99f0ecc6 aws_kms: Rename various policy manipulation options to reduce confusion (#60561)
* aws_kms: Rename various policy manipulation options to reduce confusion

AWS KMS now has the concept of issuing a 'grant', which is independent
of the policy attached to a key.  Rename the following options to make
it clearer that the operate on the CMK Policy *not* on CMK Grants

* aws_kms: don't just rename grant_types/mode, deprecate them too.
2019-08-19 19:44:03 +10:00
Klaus Frank
fb2c1d4577 Make win_domain_user idempotent for password changes (#58383)
* Make win_domain_user idempotent for passwordchanges

* Add changelog fragment

* Use test-credentials function from win_user.

* Split domain from username

* Update win_domain_user.ps1

* Fix ci

* Update win_domain_user.ps1

Fix ci

* Implement review

* Logic cleanup and remove securestring

* Fix typo

* fix syntax

fix syntax

* Use AD object instead of user input as requested by review

* migrate to Ansible.AccessToken
2019-08-19 06:17:41 +10:00
Klaus Frank
811153afb1 Add exception handling to win_domain_controller (#58234)
* Add exception handling to win_domain_controller

* Add changelog

* Fix PSUseDeclaredVarsMoreThanAssignments

* Remove dns domain cannot be resolved error message

As requested by PR review in https://github.com/ansible/ansible/pull/58234#discussion_r300509880
2019-08-18 16:14:51 -04:00
Felix Fontein
0d88ec241f
openssl_certificate: fix idempotency (#60745)
* Fix openssl_certificate idempotency.

* Add changelog.

* Add integration test.
2019-08-18 20:48:34 +02:00
Felix Fontein
16056f4978
openssl_certificate: check for existence before loading CSR / private keys / ... (#60740)
* Check file existence before loading files.

* Remove superfluous import.

* Add changelog.
2019-08-18 11:41:50 +02:00
Hannes Ljungberg
13364fc530 docker_swarm_service: Allow passing dicts in networks (#58961)
* Add support for passing networks as dicts

* Add function to compare a list of different objects

* Handle comparing falsy values to missing values

* Pass docker versions to Service

* Move can_update_networks to Service class

* Pass Networks in TaskTemplate when supported

* Remove weird __str__

* Add networks integration tests

* Add unit tests

* Add example

* Add changelog fragment

* Make sure that network options are clean

Co-Authored-By: Felix Fontein <felix@fontein.de>

* Set networks elements as raw in arg spec

Co-Authored-By: Felix Fontein <felix@fontein.de>

* Fix wrong variable naming

* Check for network options that are not valid

* Only check for None options

* Validate that aliases is a list
2019-08-18 08:55:54 +02:00
Felix Fontein
ceff0029cb
openssl_certificate: deprecate assertonly provider (#60623)
* Add deprecation marks.

* Add conversion example.

* Split long line.

* Add changelog and porting guide entry.

* Fix unrelated porting guide entry.

* Fix format.

* Fix doc mistakes found in review.

* Fix filter name.

* Compare CSR and cert subject via subject_ordered.
2019-08-18 05:09:49 +02:00
Chris Trufan
86366530e8 Entrust Datacard - Support for "entrust" provider in openssl_certificate module (#59272)
* Addition of entrust provider to openssl_certificate module

* Fix native return values of error messages and JSON response.

* Documentation and syntax fixes per ansibot.

* Refactored structure of for loop due to ansible test failures in python 2.6

* Remove OCSP functionality for inclusion in possible seperate future pull request.

* Remove reissue support.

* Indicate the entrust parameters are specific to entrust.

* Comment fixes to make it clear module_utils request is used.

* Fixes to not_after documentation

* Response to pull request comments and cleanup of error handling for bad connections to properly use the 'six' HttpError for compatibility with both Python 2/3 underlying url libraries.

* pep8/pycodestyle fixes.

* Added code fragment and response to comments.

* Update license to simplified BSD

* Fixed botmeta typo

* Include license text in api.yml

* Remove unsupported certificate types, and always submit an explicit organization to match organization in CSR

* Fix documentation misquote, add expired to a comment, and fix path check timing.

* Update changelogs/fragments/59272-support-for-entrust-provider-in-openssl_certificate_module.yaml

Co-Authored-By: Felix Fontein <felix@fontein.de>
2019-08-17 21:32:02 +02:00
Felix Fontein
6a786d0d93
openssl_publickey: add cryptography backend (#60387)
* Add cryptography backend.

* Add changelog.

* Make sure requirements are satisfied.

* Use more compatible elliptic curve.

* Decrease required version numbers.

* PyOpenSSL >= 16.0.0 is really needed.

* Update lib/ansible/modules/crypto/openssl_publickey.py

Co-Authored-By: MarkusTeufelberger <mteufelberger@mgit.at>
2019-08-17 18:52:14 +02:00
Felix Fontein
601a4b8f47
get_certificate: add cryptography backend (#60599)
* Add cryptography backend for get_certificate.

* Add changelog.

* Use short names (if possible).

* Adjust version (to behave as pyOpenSSL).

* Work around bugs (needed for cryptography 1.2.3).

* Don't run cryptography backend tests for CentOS 6.

* Bump cryptography requirement to 1.6 or newer.

Otherwise, signature_algorithm_oid isn't there, either.

* Simplify requirement text.

* CentOS 6 has cryptography 1.9, so we still need to block.

* Add auto-detect test.

* Improve YAML.
2019-08-17 16:02:14 +02:00