Netconf support is provided using the junos-eznc library and the shared
module depends on junos-eznc to be installed on the local Ansible host. This
commit also adds changes to the netcfg library to handle receiving messages
over netconf.
To use netconf, specify transport=netconf for junos module. Be sure that
netconf has been enabled on the remote device.
Which we're use on a case-by-case basis if we find people were actually
using comma-separated strings for list values outside of hosts. Support
for doing so is now deprecated and users should instead use the full
YAML syntax for lists of values.
Fixes#15291
* Don't rely on username to check for root privileges
The SSH username isn't a reliable way to check if we've got root privileges on
the remote system (think "toor" on FreeBSD). Because of this check, Ansible
previously tried to use the fallback solutions for granting file access (ACLs,
world-readable files) even on systems where it had root privileges when the
remote username didn't match the literal string "root".
Instead of running checks on the username, just try using `chmod` in any case
and fall back to the previous "non-root" solution when that fails.
* Fail if we are root and changing ownership failed
Since this code is security sensitive we document exactly the expected
permissions of the temporary files once this function has run. That way
if a flaw is found in one end-result we know more precisely what scenarios
are affected and which are not.
Instead of using the old OpenSwitch runconfig, we'll use
Mir's new ops.dc declarative config for the DC interaction
with OpenSwitch. This gives us the clearer separation between
ansible and the OpenSwitch, as well as the performance
improvement done inside the ops.dc module itself.
Squashed the original Mir's change into single commit.
Tested-by: Kei Nohguchi <kei@nohguchi.com>
* Move zipcache temp dir creation into the locked section otherwise it
races with other workers.
* Catch IOError and turn it into an AnsibleError. IOErrors can hang
multiprocessng.
Updated python module wrapper explode method to drop 'args' file next to module.
Both execute() and excommunicate() debug methods now pass the module args via file to enable debuggers that are picky about stdin.
Updated unit tests to use a context manager for masking/restoring default streams and argv.
If add_host is performed with hostname existing in inventory, but
not yet accessed and put in inventory cache, additional host with
same hostname and different uuid is created, causing patterns to
misbehave.
- search entity by path
- search vm based on folder
- search for a vm based on given id ( uuid/name/dns_name/ip/inventory_path)
- search for a cluster by name, in a given datacenter (optionally)
- search for objects of a given type in a folder
Note: instance uuid is unique to a VM
The first filter is regex_search which adds the ability to do a regex
search on a fact. The filter supports returning either all capture groups
or a set of capture groups (either by index or named).
Example usage of regex_search filter
debug: msg="{{ out.stdout[0] | regex_search('image version. (?P<test>\d+).(\d+)', '\\g<test>', '\\2' ) }}"
The second filter is regex_findall with adds the capability to do a
regex findall on a fact or variable and return all occurances of a pattern.
debug: msg="{{ out.stdout[0] | regex_findall('vlan (\d+)' }}"
The filter supports two addtional keyword arguments, ignorecase=[true, false]
and multiline=[true, false]
rm _del_ as it might leak memory
renamed to tmp file cleanup
added exception handling when traversing file list, even if one fails try rest
added cleanup to finally to ensure removal in most cases
- get_real_file will decrypt vault encrypted files and return a path to
a temporary file.
- cleanup_real_file will remove a temporary file created previously with
get_real_file
Ansible when there was a percentage that was calculated to be less than
1.0 would run all hosts as the value for a rolling update.
The error is due to the fact that Python will round a
float that is under 1.0 to 0, which will trigger the case of
0 hosts. The 0 host case tells ansible to run all hosts.
The fix will see if the percentage calculation after int
conversion is 0 and will else to 1 host.
This makes our recursive, ast.parse performance measures as fast as
pre-ziploader baseline.
Since this unittest isn't testing that the returned module data is
correct we don't need to worry about os.rename not having any module
data. Should devise a separate test for the module and caching code
Since 2.0 made all includes dynamic, it is now possible to create and
include a file in the course of executing a playbook. However, with the
introduction of implicit static includes this can cause problems if an
include is thought to be static but does not yet exist. For now, we're
handling missing implicit static includes as a potential dynamic include
but also adding a deprecation message to show includes like this will
need to be marked as `static: no` in the future.
Fixes#15342
Due to an apparent race condition while using pty's on a heavily loaded
system, rarely a request to create a temp directory returns an empty
string rather than the newly created path, causing an error. Disabling
forced pty's appears to resolve the issue, so this patch modifies the
mkdtemp remote call not use -tt as we're not escalating privileges and
thus no pty is required.
Fixes#13876
* Could only have one alias before. Subsequent aliases overrode the
previous ones. Now multiple aliases work.
* Fix BLACKLISTED_MODULES. Previously, modules were listed in the
generated documentation despite being blacklisted
* Deprecated modules form extras were showing the (E) tag and not the
(D) tag. Reversed that now (Probably not necessary to also show the
E tag).
* Sort the deprecated modules alphabetically in the Category docs as
well as the list of all modules
* Optimization: Previously rendered the modules to rst twice once in all
group and once in individual categories. Fixed to only render them
once.
* Add fireball to blacklist and remove async_status (as people need to
use that).
* Remove workaround for fixed bug.
The bug where PluginLoader required objects to directly inherit from
base_classes has been fixed. Remove workaround from this strategy
plugin Also switched to using super so that we don't have to modify
all of hte code anytime something like that happens.
* These should be to_uniocde because they're being sent to display()
* now you can specify a yaml invenotry file
* ansible_group_priority will now set this property on groups
* added example yaml inventory
* TODO: make group var merging depend on priority
groups, child/parent relationships should remain unchanged.
Some debuggers are easier to work with when we do everything in a single
process. This debug option caters to that at the expense of being
different from what Ansible will actually do to invoke a module.
When we document this we should be clear that this shouldn't be used for
general purpose debugging and that some modules may show strange
"errors" when used with this. Those won't be considered real bugs as
it's not how ansible really invokes the modules.
action plugins will now skip _fixup_perms for Powershell. We'll have to come up with another way to do this at some point, but it's not necessary yet since we don't support become on Windows. Also added NotImplementedError throws to chmod/chown/set_facl operations on Powershell (instead of returning '') in case anyone tries to use them in the future.
fixes#15312