* ACI Tenant SPAN Src Grp to Dst Grp: Add new module to support managing Tenant SPAN Source Group and Dest Group Bindings
* Fix docstring errors
* Fix Metadata version
* Fix Shippable issues
This PR includes:
- Improvements to change-detection by comparing 2 objectified XML trees
- Implement better integration tests by comparing 2 files using copy
* Fix typo (#25161)
* Fixed cluster deletion: added final snapshot management
This adds 2 new options to the module API (only for the "delete" command):
* skip_final_cluster_snapshot: skip a final snapshot before deleting the cluster
* final_cluster_snapshot_identifier: identifier of the final snapshot to be created before deleting the cluster
Ref: http://boto.cloudhackers.com/en/latest/ref/redshift.html
* Fixed cluster deletion: added final snapshot management
This adds 2 new options to the module API (only for the "delete" command):
* skip_final_cluster_snapshot: skip a final snapshot before deleting the cluster
* final_cluster_snapshot_identifier: identifier of the final snapshot to be created before deleting the cluster
Ref: http://boto.cloudhackers.com/en/latest/ref/redshift.html
* add version_added information
* Review corrections:
* used required_if instead of checking parameters compatibility inside the code
* renamed aliases to be more explicit
Also added an example for the "delete" command
* Review corrections correction - make "delete" command specific parameters mandatory only when the command is "delete"
* updated doc with aliases
* Fix YAML docs syntax
* Set default to match API for skip_final_cluster_snapshot.
This change moves when the connection_user is set in the play_context to
set it before the magic variables are mapped. If the connection_user
is not set before the mapping, the connection_user will be incorrectly set
for local connections
fixes#26120
* cloudformation: dummy check mode
* cloudformation: use changesets to implement check mode
* cloudformation: wait at most 5min for change set
* cloudformation: handle stack creation and deletion in check mode
* cloudformation: standardize output format in check mode
msg is a string, meta is a list
* cloudformation: use same naming convention in get_changeset as create_changeset
also add comment about code duplication between said functions
* Remove unused imports
* PEP8 whitespace fix
* Fix CI, convert success=True check to for/else
* Add VPN module and unittests
* remove unnecessary imports
* fix documentation
* raise custom exception rather than passing module everywhere
* remove recordings
Rerecord tests
Fix docs
Ensure vpn_connection_id is a list of strings when checking if it exists
* fix check mode
* Rerecord tests
* remove superfluous code and comments and make exception handling uniform
fix docs
* Fix ec2_vpc_vpn documentation
* make ec2_vpc_vpn compatible with python 2.6 and make check mode logic more succinct
* fix comparison of list of dicts
* Fix typos and docstrings
make requested changes for imports
make code clearer
* Fix copyright and metadata version.
* Adding module to manage ethernet network on HPE OneView
* Adding unit tests to EthernetNetwork module
* Added OneViewModuleException custom exceptions to module
- Removed exception imports from hpOneView
- Updated unit tests
* Fixing mock import inside ethernet network module unit test
* Fixing issues found in METADATA by CI
* Updated paths to use solution name instead of vendor name
* Fixed documentation, removed redundant if and improved readability
* Updated _bulk_present to use and return `result`, same way as _present
* Changed __ to _ in private methods following ansible style
* Fixed some example inconsistencies and turned states doc into a list
* Added adriane-cardozo to list of maintainers
* win_robocopy: Cleanup logic, check-mode support
* win_robocopy: Cleanup logic, check-mode support
This PR includes:
- Improved check-mode support
- Clean up documentation
- Clean up code structure
- Add warnings in special cases
* minor fix for typo
* Check Windows service status before nssm STOP
Add a condition on calling nssm STOP inside Nssm-Remove, to check whether or not a service has already been stopped. Currently nssm throws an exception:
```
failed: [...] (item=...) => {"changed": false, "failed": true, "item": "...", "msg": "an exception occurred when invoking NSSM: serviceName: STOP: The service has not been started."}
failed: [...] (item=...) => {"changed": false, "failed": true, "item": "...", "msg": "an exception occurred when invoking NSSM: serviceName: The service has not been started."}
```
Behaviour after change:
```
ok: [...] => (item=...)
ok: [...] => (item=...)
```
* Added named parameter to new Get-Service cmdlet
So the module was now not doing anything except adding a nic to a
vswitch. This PR adds idempotency checks, and removal checks.
We should probably add modification chacks as well, but I don't know
what the limitations are for vcsim.
* Create persistent socket path using port and connection type
* Use remote address, port, connection type and remote user
to create a socket path.
* Fix review comment
Initial implementation of waf_facts module
* Enhance waf_facts module to provide more info
Support check_mode trivially
Enhance rule and predicate information
Use AWSretry and wrap proper exception handling
Finish documentation
Remove arbitrary limits
Meet latest ansible standards.
* Rename module to use aws_ prefix.
Fix copyright.
Fix metadata version.
* Fixing Issue #27270 regarding a TypeError invoked by the addition of a Filter type and List type.
* Fix SecurityGroup from always being reported as changed on PY3
On Python3, filter returns a generator. This causes us to report that
security groups are always defined on Python3 even when there are none.
Also change filter() calls into list comprehensions.
* New module for AWS Direct Connect connections
Unittests for new module
Added utils that will be used by other Direct Connect modules
* pep8 fixes
* Correct aws_direct_connect_connection EXAMPLES to be valid yaml
* Make requested changes
* remove use of the variable changed
get rid of unnecessary parentheses
* Fix unit test
* Rename variable.
* Fix metadata version
* amazon: extract boto_exception to ec2 module
This function was copy/pasted throughout several Amazon modules. This
causes a consistency problem, since some improvements to message
formatting were applied to some modules but not others. Now all modules
use the same, improved function.
* Rebase and make requested changes
* Rebase and make requested changes
* aws module Guidelines - rewrite - add AWS WG - add fail_json_aws - more modern
practices and fix some spelling
* aws module Guidelines - minor further changes with agressive fill to 99 width
* aws module Guidelines - formatting fix as per gundalow request
* aws module Guidelines - mark more keywords and code with backquotes
* AWS module guidelines - fixes from ryansb review + minor other changes
* ovirt_disks: added option to export disk to glance
* ovirt_disks: Moving exporting to separate branch
* ovirt_disks: removed redundant line obtaining disk obj
* ovirt_templates: Update the argument spec of templates.
Add id of template since it is needed for register.
* ovirt_vms: Register unregistered VM.
Use register of VM with id instead of name since an
unregitered entity can be registered also without name attribute.
* ovirt_hosts: Add iscsidiscover to ovirt_hosts
Adding functionality of iscsidiscover to be used to discover iscsi
targets.
* ovirt_storage_domains: Add support for import block storage domain.
* Add functionality of partial import to unregistered VMs.
* Add functionality of partial import to unregistered Templates.
* ovirt_hosts: Add iscsilogin to ovirt hosts.
Add functionality of iscsi login to ovirt hosts to be used to connect to
iscsi targets and to be able to import iSCSI storage domain eventually.
* Add ovirt_storage_templates_facts
Adding fact module for storage templates.
The module should help with registering unregistered templates.
* Add ovirt_storage_vms_facts
Adding fact module for storage VMs.
The module should help with registering unregistered VMs.
* Add module_utils/aws/direct_connect.py for frequently used functions
* new AWS Direct Connect link aggregation group module with tests and placebo recordings
* remove extra argument
* Remove use of undefined var
* Fix param name for extra exception codes for AWSRetry to use.
* Fix undefined var and line length and metadata version number
* Fix copyright headers
* Added new oneview_fcoe_network module and unit tests
* Fixing metadata issues and importing unittest from ansible.compat.tests
* Fixing shebang and adding correct copyright header
* Renamed remote_management/hpe to remote_management/oneview
* Updated documentation and default state according to review comments
- Added present as the default state
- Added delegate_to: localhost in all examples
- Changed config path from a variable to illustrate a location
- Other documentation fixes
Refactore delete_user() since most of the heavy lifting was being done in the exception handling, which is not at all necessary and resulted in changed=False being shown after changes were successfully made.
* Added the ability to extend the exception list in CloudRetry
* AWSRetry boto and boto compatible
* Updated tests to reflect boto/boto3
* Added boto to shippable requirements
* Have base_class and added_exceptions default to None in CloudRetry
AWSRetry - only retry on boto3 exceptions and remove boto requirement from tests
* Make requested changes.
* win_wait_for: added module
* Increased timeout on async task
* added more debug messages for test debug
* revert to using win_shell instead of win_command
* rebased from master and updated copyright string
* Updated metadata version
* Capitalised start of short_description
* disabled win_wait_for tests until async issues are solved
* Fix check_mode in nxos_command
* Fix check_mode for ios_command
* fix check_mode for iosxr_command
* Fix check_mode in vyos_command
* Fix check_mode in eos_command
* Fix check_mode in junos_config
This commit aims to add the openssl_certificate module.
This module allows a user to manage openssl certificates.
This module implement the notion of backend provider, making this module
extensible to anyone wish as long as a provider is coded for it.
The current three providers are the following:
* selfsigned: Allows a user to self signed a certificate
* acme: Allow a user to generate acme-based CA challenges certificate.
(As of this writing this targets letsencrypt)
* assertonly: Allow a user to assert the characteristic of her SSL
certificate
Co-Authored-By: Markus Teufelberger <mteufelberger+ansible@mgit.at>
* Add tags support to cloud/amazon/ec2_group
* Finish making ec2_group tag support boto3 compatible.
Add integration tests to validate that tags are working as expected.
* Improvements and fixes in the packet_device module
* add version_added to new args
* remove default value from facility
* changed 'lock' from deprecated arg to alias of 'locked'
These were the changes I propose twice, a nullified PR edit, and then as
review comments when the PR was being merged.
I made those changes now to all purestorage modules.
* made composite vars and groups generic
now you can do both in every plugin that chooses to suport it
renamed constructed_groups as it now also constructs vars ... to constructed
moved most of constructed_groups logic into base class to easily share
* documented inventory_hostname
* typo fix
Fixes#28198
Changed how string format method is used to support Python 2.6 syntax. By adding in positional arguments to braces in format method (e.g. {0}, {1}), Python 2.6 can support this module, without causing issues in newer versions of Python.
See ref for info on format differences w/ 2.6:
https://docs.python.org/2/library/string.html#format-string-syntax
* openssl_privatekey: Extend test coverage
Extend the coverage of the integration test for the module
openssl_privatekey.
New tests have been added:
* passphrase
* idempotence
* removal
Co-Authored-By: Pierre-Louis Bonicoli <pierre-louis.bonicoli@gmx.fr>
* openssl_publickey: Extend test coverage
Extend the coverage on the integration test for the module
openssl_publickey.
New tests have been added:
* OpenSSH format
* passphrase
* idempotence
* removal
* Fixes#28444: Renamed print_match function to match_print due to name conflict
* Rename `match_print` to `do_print_match`
I think this is less confusing.
* Fix 'the the' typos, fix 'pahting' filename typo
* Change 'the the' typos to a single 'the'.
* Change `playbook_pahting.rst` to `playbook_pathing.rst`.
* Delete trailing space in ec2_vol example
Delete the trailing space in `instance: "{{ item.id }} "`, which makes the
example fail when run because it looks for instance "i-xxxx ".
* win_copy rewrite with new tests and functionality
* minor pep fixes
* Handle UTF-8 filenames in zip
* fix for template
* when zip assemblies are not available in .net revert to old behaviour of copying one by one
* typo fix
* some more typos
* updated logic to correctly handle when new directories can be created
* removed testing file as it is not needed
* updated documentation based on PR
- Changed zone_name to name - Changed cluster_name to cluster - Changed pod_name to pod - Corrected tags type in docs - Remove unneeded returns - Other simplifications
* Fix KeyError bug by appending None if key doesn't exist
ensure value is the expected type; if if expecting something parsed as truthy try to turn it back into the desired value - fixes result showing always changed since bool compared to str
use to_text
* use string_types instead of str, remove inline conditionals, abbreviate boolean logic
* s3_sync was setting HAS_BOTO3 by the existence of botocore alone. Fixed to import from module_utils.ec2 to ensure boto3 + botocore are present.
Also documented module requirements.
* Remove unused import
Changed string check to verify that EOS device is not in config mode. This was required in order to work with Arista 7500 series modular switches.
Resolves#2830
* Added support to GCE module for image families and external projects.
* Added image_family and external_projects to gce_pd.
* Added version_added for new options.
This was causing wrong behaviour when `prev_state` was `hard`-link,
since the `file` module tried to apply the same `state` on the new
file, causing unexpected errors.
Particularly, both `overlay` and `devicemapper` storage drivers in
docker use hardlinks to share files between layers. This causes
most ansible playbooks to fail when working with files from layers
below.
This PR includes:
- PEP8 compliancy
- A fix to ensure the module fails when it failed for a package
- Various cosmetic changes to documentation
- Make `state: present` the default (and not required)
* Handle errors in jmespath in json_query better
Catch any exceptions raised from jmespath and raise
an AnsibleFilterError instead.
Avoid a traceback.
Fixes#20379
* pep8
* Fix logic in os_nova_host_aggregate module
Fix logic around adding availability zone to metadata and comparing existing host list to parameter host list.
Previously, when no availability zone was defined, an empty availability zone was being appended to metadata. This was causing 'empty named availability zone' errors when running the module against an already existing host aggregate with no availability zone. This was fixed by only appending availability zone to metadata if it is not an empty parameter.
Also added set() casting when comparing existing and new host lists. Previously, if existing host list was not in the same order as the host list in the .yml parameter file the module would consider this a change even if the two lists had the same entries.
* Update os_nova_host_aggregate.py
Currently the ignore_image option can be set, but can not work as it is
descripted in document. The reason is the code will check the difference
of configurations between current container and target image, and it
will mark the `different` to `True` when the image is different even we
set `ignore_image=true`, that will cause the container being re-create.
Add new option to pass the path to the hponcfg binary which may not live in
$PATH. For example on ESXi hypervisors it tends to be located in
/opt/hp/tools/ instead. Also properly implement a verbose option for which the
code was already commented out.
The command lxc-clone is deprecated in favor of lxc-copy. This patch
changes the lxc module to use the new lxc-copy command by default. If
not present, it will fallback to the old lxc-clone command to keep it
backward compatible with older versions of lxc.
As discussed in full at https://github.com/datacenter/aci-ansible
we desired a better naming convention for ACI modules before they ship
with Ansible v2.4
The result is summarized in this PR.
The modules now also include the classes from the object model, as well
as a link to the documentation.
When verifying if a router needs update, the os_router module should
take into account only network ports which are owned by routers. Other
ports might have been added e.g. by the HA network tenant, which would
lead the router to always be detected as changed and cause the module to
try removing these network interfaces.
* add infinity ansible module into ansible package
* move infinity to be the correct direction without a folder
* remove dependency on requests library and use ansible built-in method to send rest api call
* add missing whitespace
* Use open_url from module_utils instead of urlopen based on suggestions
* correct the path for infinity ansible modue, moving it into the ansible/modules/network/infinity
* make change on the documentation and code based on feedback
* change the data type in the Return documentation based on feedback
* add importing for path and define metaclass based on testing failure
* change the postion of importing __future__
* Move Infinity module from Network module into net_tools directory based on review
* put back the file that is accidently removed
* change ansible-metadata version to be 1.1
* Fix for os_recordset.py to filter based on record type. Fixes https://github.com/ansible/ansible/issues/19572
* remove redundant variable
* Needing to use recordset ID to update and delete records. Using the record name for update/delete causes issues when A and AAAA records exist for a name
* Adding exception handling for dictionary item
* alternatives: add integration tests
* alternatives: handle absent link (fix AttributeError)
Error occurred at least on Debian Stretch and OpenSuse 42.2:
Traceback (most recent call last):
File "/tmp/ansible_RY6X41/ansible_module_alternatives.py", line 161, in <module>
main()
File "/tmp/ansible_RY6X41/ansible_module_alternatives.py", line 113, in main
current_path = current_path_regex.search(display_output).group(1)
AttributeError: 'NoneType' object has no attribute 'group'
update-alternatives stdout sample:
dummy - manual mode
link best version is /usr/bin/dummy1
link currently absent
link dummy is /usr/bin/dummy
* alternatives: PEP 8 fixes
* alternatives: fix copyright in integration tests
* alternatives: nested loops handle more than 2 items
Thanks to Michael Scherer (@mscherer) for pointing that.
* alternatives: enable integration tests
* refactors nxos_vrf_af module
fixes#27595
* fix up unit test cases
* add commands to result dict
* add route-target on afi create
* adds deprecation note to safi argument
* updates network parse_cli filter to handle blocks from output
* minor updates to finish up parse_cli filter
* all vars are now under the vars key
* attributes key has been changed to keys
* added the start_block and end_block directives
* update PEP8 failures
When comparing expected and current value for keyUsage and
extendedKeyUsage current behavior is not deterministic.
As we compare two arrays, based on the order the value have been
specified, False might be returned when the two arrays actually matches.
In order to have a deterministic comparison we compare sets rather than
arrays.
* Add network value to support_by field.
* New support_by value, certified
* Deprecate curated in favor of certified
* Add conversion from 1.0 to 1.1 to metadata-tool
* Add supported by Red Hat field to ansible-doc output
* Added cyberarkpassword lookup plugin
Added cyberarkpassword lookup plugin: It allows to retrieve credentials
(password, sshkey) from CyberArk Digital Vault
* non-uac works
* switch become/runas to LogonUser/CreateProcessWithTokenW
* fixes#22218
* provides consistent behavior across authtypes
* auto-elevates on UAC if target user has SE_TCB_NAME ("Act as part of the operating system") privilege
* sets us up for much more granular capabilities later (eg, network/service/batch logons)
* New Cisco ACI Attachable Entity Profile Module
* PEP8 Verified
* Various Fixes
* Refactored: aci_aep
* Updated to the latest changes from aci-ansible
* And a small cosmetic change
* - deprecated panos_nat_policy in lieu of pano_nat_rule that uses next generation SDK (PanDevice). Also renamed the module so that is aligns with API calls and UI framework.
* - ansible_metadata requires metadata_version instead of just version key in 2.4
* PEP8 changes
* PEP8 changes
* Emit deprecation warning and add boilerplate
* ansible-inventory cli tool
added vars dump to graph
made yaml inventory dump actual yaml inventory format
cleaner dump
fixed graph, no dump needed
add pulling in host/group vars
pep indentation crime
added docstring for manpage autodoc
remove ansible_facts from output
added api compat layer
allow import from new and old APIs
better conditional for <2.4
pe4+p4
test stuck on OS X (seems popular today) but passes rest, merging anyways
* - renamed panos_security_policy to panos_security_rule in order to better align with UI and API calls
* - fixed PEP8 issues
* - ansible bot does not like multiline comments. Using > for now.
* Add deprecation warning and boilerplate
* Ansible Config part2
- made dump_me nicer, added note this is not prod
- moved internal key removal function to vars
- carry tracebacks in errors we can now show tracebacks for plugins on vvv
- show inventory plugin tracebacks on vvv
- minor fixes to cg groups plugin
- draft config from plugin docs
- made search path warning 'saner' (top level dirs only)
- correctly display config entries and others
- removed unneeded code
- commented out some conn plugin specific from base.yml
- also deprecated sudo/su
- updated ssh conn docs
- shared get option method for connection plugins
- note about needing eval for defaults
- tailored yaml ext
- updated strategy entry
- for connection pliugins, options load on plugin load
- allow for long types in definitions
- better display in ansible-doc
- cleaned up/updated source docs and base.yml
- added many descriptions
- deprecated include toggles as include is
- draft backwards compat get_config
- fixes to ansible-config, added --only-changed
- some code reoorg
- small license headers
- show default in doc type
- pushed module utils details to 5vs
- work w/o config file
- PEPE ATE!
- moved loader to it's own file
- fixed rhn_register test
- fixed boto requirement in make tests
- I ate Pepe
- fixed dynamic eval of defaults
- better doc code
skip ipaddr filter tests when missing netaddr
removed devnull string from config
better becoem resolution
* killed extra space with extreeme prejudice
cause its an affront against all that is holy that 2 spaces touch each other!
shippable timing out on some images, but merging as it passes most
* - deprecated panos_address and panos_service in lieu of common panos_object
* - deprecated/removed panos_address and panos_service in lieu for panos_object
* squash! - deprecated/removed panos_address and panos_service in lieu for panos_object
* - fixed PEP8 issues
* - ansible_metadata requires metadata_version instead of just version key in 2.4
* add > to multi line descriptions
* update version string to 2.4
* Update legacy-files.txt
* prompt for new pass on create/encrypt if none specified
Make 'ansible-vault' edit or encrypt prompt for a password
if none or provided elsewhere.
Note: ansible-playbook does not prompt if not vault password
is provided
* dont show vault password prompts if not a tty
* Fail if an empty string is set as src for copy module
Fixes#27363
* Cleanup task formatting on copy tests
Use multi-line YAML
Add debug statements with verbosity: 1 rather than leave them in there commented out.
* Add test for empty string as source
* Do more checks in order to add more specific errors messages
Add more integration tests for the various failure scenarios.
Cleanup some syntax on existing integration test tasks.
* Add config option for a default list of vault-ids
This is the vault-id equilivent of ANSIBLE_DEFAULT_PASSWORD_FILE
except ANSIBLE_DEFAULT_VAULT_IDENTITY_LIST is a list.
* Better handling of empty/invalid passwords
empty password files are global error and cause an
exit. A warning is also emitted with more detail.
ie, if any of the password/secret sources provide
a bogus password (ie, empty) or fail (exception,
ctrl-d, EOFError), we stop at the first error and exit.
This makes behavior when entering empty password at
prompt match 2.3 (ie, an error)
* Add comment option to authorized_keys
* Update version_added for authorized_keys comment
* PEP8
* Include index rank in parsed_key_key
* Properly display diff
Only display diff if specificed via settings
* Fix PEP8 test failure
Removed from legacy files since it is now properly formatted
* Cleanup integration test formatting and add test for new comment feature
* Correct version_added for new option
* Add intent arguments for ios_interface
* Intent argument support
* Integration test case for intent arguments
* Fix ci issue
* Add intent arguments for iosxr_interface
* Add intent check support for iosxr_interface
* Integration test for intent + configuration
* Fix ci failure
* Handle common agrument in aggregate parameter for vyos module
* Add supoort to set parameter in aggregate to it's respctive
top level argument if value not provided in aggregate.
* Aggregate argument spec validation
* Documentation for aggregate
* Fix unit test failure
Allow user to mark the x509v3 extensions as critical, by specifying the
$extension_critical boolean, where $extension is the name of the
extension.
Currently this module supports only 3 differents x509v3 extensions:
* keyUsage
* extendedKeyUsage
* subjectAtlName
There are more to come.
* circonus_annotation: clean description
- add 'default' field
- default value for 'required' field is false
- use formatting function
* circonus_annotation: clean argument_spec
remove useless conversion
default of 'required' False
use 'default' when possible
* circonus_annotation: fix pep8
* circonus_annotation: add RETURN block
* circonus_annotation: check_mode isn't supported, add a note
* aci_lldp_interface_policy: Manage LLDP interface policies
Module to manage LLDP interface policies on Cisco ACI fabrics.
This module is idempotent, and supports check-mode and has diff-support.
* Rename aci_lldp_interface_policy to aci_lldp_policy
* [password] _random_password -> random_password and moved to util/encrypt.py
* [passwordstore] Use built-in random_password instead of pwgen utility
* [passwordstore] Add integration tests
* First batch of modules renamed from plural to singular
Related to this proposal: https://github.com/ansible/proposals/issues/10
* Emit rename deprication warning
* Update legacy-files.txt and skip.txt to reflect new names
pip to core because users frequently use pip to install packages to run
ansible modules.
win_chocolatey to community as it still needs some work before we'd be
ready to include it in core support.
vca module utility uses response object instead of
response.content which raises exception in while fail_json
call. Use content attribute from response object instead which
is exact description of HTTP Response error.
Fixes#25378
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
1fe67f9 introduced retries to the ssh connection put file and fetch
file. Unfortunately, that change broke the smart transport because it
started raising exceptions instead of returning from _run(). This
breakage is documented in #23711.
An attempt to fix it was made at #23717 but the first attempt was
objected to as needing to touch too much code. The second attmept was
objected to as smart was forced to encapsulate retries (thus retrying
a sftp "rety" times before trying scp "retry" times and then finally
moving onto piped). This third attempt has retries encapsulate smart.
So each sub-transport is tried once and if all three fail, another retry
attempt is made which tries each of the three again.
Fixes#23711Fixes#23717