* Don't return module error when mysql_connect fails (#64560)
mysql_user expects an Exception when using check_implicit_admin.
* Adds integration tests for mysql_user check_implicit_admin (#64560)
* Fix iosxr netconf plugin get device info
Fixes https://github.com/ansible/ansible/issues/64634
* Catch execption if the xml payload to get
device info is not valid for iosxr version
running on remote host.
* Fix CI issue
* win_find - refactor to make more performance and use newer style
* win_find - refactor for performance improvements and alignment to find
* More path alignment to find
* Fix yamllint error
* Fix encrypt command output when using --stdin-name
Add a new line after reading input if input doesn't end with a new line
* Only print is we're in a tty
* Add changelog fragment
* support for fetching lifecycle controller and system attributes
* Support for fetching lifecycle controller and system attributes
* fixed syntax error
* minor documentation update
Python now throws a RuntimeError if dict keys are modified mid-iteration.
https://bugs.python.org/issue36452
Cast filter dicts to list before iteration.
Fixes: 65024
Related: 65434
* Update the network common code to support the
new resource modules state - parsed, rendered
and gathered.
* For states parsed and rendered active connection
to remote host is not required.
* win_auto_logon - check, diff and store pass in LSA
* Ensure baseline keys are set for test
* Skip remove item prop on check mode due to win bug
* Start at a cleared baseline to ensure old LSA secrets are cleared
* add new modul
* correct password var
* fix for linting issues
* add return values documentation
* linting fixes
* Get tests working and simplify a bit
* Added an example with output.
##### SUMMARY
<!--- Added an example with output. -->
##### ISSUE TYPE
- Docs Pull Request
+label: docsite_pr
* Just use simpler debug tasks
Although it's not enforced that fail_json['msg'] should be a string
[1], I think it is pretty strongly implied.
In this case the failure_response['msg'] is sent through as the
fail_json['msg'], and the trailing commas here turn it into a tuple.
It's not clear if this is a typo or intended, but it does cause
problems for callbacks that expect this as a string (e.g. [2]).
Since there seems no point to having these values as a tuple, remove
the trailing commas so they return a string as per everywhere else.
[1] 4c589661c2/lib/ansible/module_utils/basic.py (L2078)
[2] https://review.opendev.org/#/c/696081
* Added required parameter to document DOC-string to produce Documentation.
Signed-off-by: Satyajit Bulage <sbulage@redhat.com>
* Just copy short_description as it was
* win_description Module
Module to change Windows description and Windows license owner information.
* LiteralPath updated
changed -path to -LiteralPath in the script
* Version and metadata_version
version_added updated to 2.10
Metadata_version set to 1.1
* version updated
version_added changed to '2.10'
* Changes based on feedback
* removed some redundant checks
* Rename win_description.ps1 to win_computer_description.ps1
* Rename win_description.py to win_computer_description.py
* Module name change
* Integration tests added
* added aliases file
* Change compatibility from 2008 to 2008R2
* Update aliases
* win_data_deduplication initial commit
* Ansible version added bump
* integration tests
* missing aliases
* Fixing documentation
* license and metadata
* documentation formating
* removing win_format ref
* documentation fixes
* trailing whitespace
* Fixing more documentation :(
* missing return
* documentation cleanup
* align copyright with doc
* indentation fixes...
* updated examples
* ignore meta and future for python doc
* removing when
* use Get-PSVolume
* Get-Volume not PSVolume
* missing updated var
* updated old drive refs
* make sure that the T drive is formated as NTFS
* path and drive_letter are exclusive
* idempotence test fix
* changing task order + reboot timeout
* implementing the requested changes to the code
* updating documentation to reflect code changes
* simplifying tests
* missing feature install before running the tasks
* pslint trailing whitespace
* putting old tests back
* missing win_format
* skip windows 2012
* Fixing message for OS check
* pass settings and dedup_job variables
* Removing unnecessary module
* logic issue
* replacing tabs with double space
* documentation fix + removing tabs
* Update documentation with recent changes
* Apply changes requested
* switch feature install with partition format
* replace tabs with spaces
* trailing whitespace
* we don't need those ignores anymore
* minor fixes
* updated test to match latest code changes
* removing dedup job task
* adding check mode yes test
* fixes for check_mode support
* updating examples in documentation
* wrong indentation for check_mode in tests
* convert indentation to spaces
* -not $check_mode
* removing unneeded spec in documentation
* Switch to Ansible.Basic
* 2.9 is already gone, so let's add this module to 2.10...
* removing useless else condition
* updated documentation
* fixing specs and removing useless try/catch + fix exit/fail
* spaces indentation
* $null check is actually needed if volume never had dedup
* Missing check_mode update
* removing required for default state in documentation
* converted tabs to spaces
* win_share - Implement append paramtere for access rules
* changed fragment
* add test
* missing bracket
* removed whitespace
* Wrong number of lines
* Forgot the actual new parameter in the test
* community review
* Change option names
* version update
* Update tests.yml
* Add idempotence to rule_action: add
* add win_initialize_disk module
* Add ability to specify disk by path or uniqueid
* Fix documentation
* fix shippable failures
* Update anisble version
* Slight tweaks to the documentation
* Small documentation fixes
* Ensure `allow_duplicates: true` enables to run single role multiple times(#64902)
* Changed return value in `_load_roles` . Fixes#64902
* Add changelog fragment
* Add an integration test for the issue
* Fix changelog generation error and integration test.
* Fix yaml syntax error in changelog fragment
When the ansible k8s module is refreshing the tokens from the local kube
config, it should save those token to the kube config file.
If this is not done, this might break the next kube client call as the
token in the local kube config file is not valid anymore and refreshing
can fail.
This commit is adding an env var K8S_AUTH_PERSIST_CONFIG that can be
used to set this flag to true (default is false, same as current
behavior).
* lightsail - Use AnsibleAWSModule
- Use AnsibleAWSModule
- Refactor the logic for wait into a separate function (Fixes#63869)
- Handle exceptions in find_instance_info and add a fail_if_not_found parameter
- Add a new state `rebooted` as an alias for `restarted`. AWS calls the action Reboot.
- Add required_if clause for when state is present
* lightsail - Use the default keypair if one is not provided
* lightsail - add a required_if for when state=present
* Update short description for lightsail module
* The ssh key may be created manually prior the task execution with a
passphrase. And the task will be executed on the same key.
* The ssh key may be broken and not usable.
The module will check the private key and if the key is password
protected or broken, it will be overridden.
The check of the ssh key performed by retrieve the public key from the
private key.
Set the "self.force" check before the "isPrivateKeyValid" check.
In case of any issue with the "isPrivateKeyValid" function, the user
will be able to force the regeneration of the key with the "force: yes"
argument.
* ufw: escalate privileges in integration tests
A few of the integration tests for the UFW module forgot to `become`.
This is problematic if the test suite is executed as a non-privileged
user. This commit amends that by adding `become` when appropriate.
* ufw: add unit tests for direction and interface
Extend the unit tests for the UFW module to test the `direction` and
`interface` parameters. This will help in the implementation of a fix
for issue #63903.
* ufw: add support for interface_in and interface_out
The UFW module has support for specifying `direction` and `interface`
for UFW rules. Rules with these parameters are built such that
per-interface filtering only apply to a single direction based on the
value of `direction`.
Not being able to specify multiple interfaces complicates things for
`routed` rules where one might want to apply filtering only for a
specific combination of `in` and `out` interfaces.
This commit introduces two new parameters to the UFW module:
`interface_in` and `interface_out`. These rules are mutually exclusive
with the old `direction` and `interface` parameter because of the
ambiguity of having e.g.:
direction: XXX
interface: foo
interface_XXX: bar
Fixes#63903
* Elevate privileges for luks_device integration tests
Several tests in `key-management.yml` don't `become` before executing,
despite needing elevated privileges. This commit fixes that.
* Add passphrase support for luks_device
Previously, the luks_device module only worked with keyfiles. The
implication was that the key had to be written to disk before the module
could be used.
This commit implements support for opening, adding and removing
passphrases supplied as strings to the module.
Closes#52408
* proxmox: use 'release' key for version detection if possible
* proxmox: fix PEP issues
* add changelog fragment
* Uses LooseVersion for proxmox version detection
* move imports
* removes useless comment
* adding encoding dump/import support for the mysql_db module, with updated documentation, and full test suite
* fixing lint issue test #3
* fixing lint issue test #1
* fixing lint issue test #1 second time
* Improving Test to be re-entrant
* improving test to not fail on centos/6
* Update test/integration/targets/mysql_db/tasks/encoding_dump_import.yml
Comminting suggestion
Co-Authored-By: Benjamin MALYNOVYTCH <bmalynovytch@users.noreply.github.com>
* Update test/integration/targets/mysql_db/tasks/encoding_dump_import.yml
comminting suggestion
Co-Authored-By: Benjamin MALYNOVYTCH <bmalynovytch@users.noreply.github.com>
* adding comment
Adding comment to explain test strategy
* Update test/integration/targets/mysql_db/tasks/encoding_dump_import.yml
Co-Authored-By: Benjamin MALYNOVYTCH <bmalynovytch@users.noreply.github.com>
* Update test/integration/targets/mysql_db/tasks/encoding_dump_import.yml
Co-Authored-By: Benjamin MALYNOVYTCH <bmalynovytch@users.noreply.github.com>
* Update test/integration/targets/mysql_db/tasks/encoding_dump_import.yml
accepted
Co-Authored-By: Andrey Klychkov <aaklychkov@mail.ru>
* Update test/integration/targets/mysql_db/tasks/encoding_dump_import.yml
Co-Authored-By: Andrey Klychkov <aaklychkov@mail.ru>
* Update encoding_dump_import.yml
* Fixing typoo
When a VM has been provisioned with unmanaged disks (VHD), the URI
schemes used for those disks are kept untouched. Unfortunately, the regexp that
parses the URI only accepts 'https' leading the module to fail if one
uses for instance 'http'.
Please note that the official Azure API documentation uses 'http' and
not 'https' as URI scheme.
Resolves#64506
Testing Done: Using an ARM template, provision a VM with one OS and one
data disk with 'http' as VHD URI scheme. Then use the
azure_rm_virtualmachine module to delete the VM. Finally check that the
module does not fail anymore and that the unmanaged disks are correctly
deleted from the storage account.
The 'azure_rm_storageaccount_info' module was calling the storage client
'list_by_resource_group()' method rather than the 'list()' one, leading
to callers not being able to fetch all the storage accounts of their
subscription.
Issue: #64319
Testing Done: was successfully able to call the module and retrieve
all the storage accounts in the subscription without having to
specify a resource group.
If a NIC has no primary ipConfiguration, the 'primary' field returned
by Azure is set to 'null' thus removed from the 'nic_model'
ipConfigurations properties. Unfortunately the code generating the
hostvars dict. assumes the 'primary' key always exists, leading the
entire host parsing to fail.
This patch changes the way the 'primary' field is accessed by using the
dict. 'get' method with a default value set to 'False'.
Resolves#63721
Testing Done: Run ansible-inventory with an azure_rm plugin that points
to a resource group that contain a two VMs, on with a primary
ipConfiguration and another one without. Check that without the patch
the inventory output does not contain the VMs (or just the one with the
primary ipConfiguration set, depending on the VM names). Finally check
that with the patched azure_rm.py file, both VMs show up.
* Replaced 'ansible_facts' by 'foreman_facts'
'foreman_facts' is the key that the foreman inventory script used
'ansible_facts' is a special key that is overwritten internally and has never worked in this inventory plugin
* Added changelog
Lookup 'first_found' returns empty list which results in
raw_params checking. Check NoneType for 'raw_params' before
proceeding.
Fixes: #64939
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Allow updating of ec2_group rules with EC2 classic ELB targets
Fix regression introduced in #45296 with EC2 Classic SGs
Fixes: #57247
Also add (unsupported) ec2 classic test suite with test case for this scenario
* move ec2 classic tests to conditional within ec2_group target
* clean up ec2_classic tests
* ec2_classic account can't run most ec2_group tests
* Fix cli context check for network_cli connection
Fixes#64575
* Check cli context for network_cli connection
at the start of new task run only.
* Pass task_uuid around to identify start of new task run
* Handle for local connection
* Fix empty and zeroed memory variables on Windows
The CIM elements about swap information are for Unix platform implementations of Powershell. CIM has separate elements for the "Windows swap". This fixes memory information being non-present or zero.
* Properly name Windows variables for Page File
See https://github.com/ansible/ansible/pull/65259 for discussion
* Update setup.ps1
* add win_compact module
* fixed line endings
* fix documentation
* Use cim method instead of wmi method
* renamed to win_file_compression
added single file support
added force option to avoid traversing large directory structures
* fixed end of file
* fixed renaming.
bench test still had win_compact as a module
* Removed more NTFS references and slight test tweaks
* Inventory CLI - Ignore settings for when vars plugins should run and just always run them
* Add note to porting guide
* Fix loading vars plugins
* changelog
* Remove a staging test for ansible-inventory since it ignores that setting
* Added logic to match on protocol 'any'
I personally use this to remove the default created egress rules from
security groups.
* Fixes for ansible-test
* Append is not a list
* Adding new example. Renaming reboot var to match other modules
* syspatch: Fixing if statement logic issue to properly compare integer
* Syspatch: Using get_bin_path to find path. Revert to reboot_needed instead of reboot_required.
* syspatch: Fix wording in playbook example
* docker_swarm_service: Sort lists when checking for changes
When two lists are checked for changes in this module, the lists are
reported changed when the order of the items is different. This PR
resolves this issue.
* docker_swarm_service: Minor typo fix
* docker_swarm_service: Another minor typo
* docker_swarm_service: Should use sorted(), not sort()
* docker_swarm_service: Sort lists of dictionaries
* docker_swarm_service: Fix style issues in tests
* docker_swarm_service: Updates to integration tests
* docker_swarm_service: Casting string types within lists when comparing
* docker_swarm_service: Special handling of unordered networks with ordered aliases
* docker_swarm_service: Sorting network lists
* docker_swarm_serivce: Better unit test code coverage for lists and networks
* docker_swarm_service: Fixed coding style for sanity tests
* docker_swarm_service: More coding style fixes
* docker_swarm_service: Ignoring test for Python < 3
* docker_swarm_service: Update to version info check for backwards compatibility
* docker_swarm_service: Added change fragment #63887
* docker_swarm_service: Better handling of missing sort key for dictionary of lists
* docker_swarm_service: Preventing sorts from modifying in-place
Co-Authored-By: Felix Fontein <felix@fontein.de>
* docker_swarm_service: Removed spurious import in test
* docker_swarm_service: Preventing sorts from modifying more data in-place
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Set name_version when version is not specified, fix#55097
This will default to installing the latest version available
* Add changelog fragment
* update changelog
self._get_user_property returns a string, so when doing a comparison
using this value, cast the second variable to a string so that the
comparison behaves correctly
* Add changelog
* Add to_text import
* Add integration test
VM relocate to destination host works without pool param when hosts are part of same cluster. but spec.pool is required when hosts are part different clusters.
Closes: #64503
* Add integration tests for aws lightsail
* lightsail - use module_defaults instead of aws_connection_info
* lightsail tests - assert instance state on create
* Fix yaml syntax error
Co-Authored-By: Jill R <4121322+jillr@users.noreply.github.com>
* [lightsail] create keypair as part of the testsuite
* Fix lightsail actions in compute-policy
* Add ability to delete keypair in lightsail_keypair
* iam_user: use AnsibleAWSModule.client to fetch connection rather than C&P code
* iam_role: Add deprecation warning so we can switch purge_polices default behaviour from true to false
* iam_user/role/group: Rename 'managed_policy' and 'purge_policy'
Rename from singluar to plural (we accept a *list* of policies), and add aliases for the old values.
* Cleanup documentation
* Changelog
* ansible.utils.color.stringc: add wrap_nonvisible_chars flag in stringc
* add exaplanation for `wrap_nonvisible_chars` case in utils.stringc
* add changelog entry
* reworked iam_policy
* Deprecate policy_document option
* deprecate defaulting skip_duplicates to true
* No longer explicitly catch ParamValidationError.
ParamValidationErrror is already caught by ClientError
* Work with complex policy objects rather than json documents
comparisons can better cope with the special cases (eg True vs "True" )
* Enable check_mode tests and fix related 'changed' bug
* changelog
* doc cleanup based on review
* Implementing ability to specify certificates.
* Changelog fragment for rabbitmq_publish certificate checking
* Fixing version_added
* Reducing line size.
* Minor documentation updates.
* Update to add missing space.
Co-Authored-By: Felix Fontein <felix@fontein.de>
* add new command SetManagerNic in redfish_config module
* use a more explicit/rigorous way to select the EthernetInterface, split port for default nic_addr if root_uri has port, update variable name to lower_case_with_underscores instead of CamelCase
* add missing whitespace around arithmetic operator, fix inline comment should start with '# '
* Add support for jumphost setting in junos_scp and junos_package
* Since junos_scp and junos_package module uses junos-eznc library
to transfer file and load package respectively to a remote device
it does not read the jumphost related configuration in netconf
connection plugin unlike other junos modules which uses the
Ansible persistent.
* Add `ssh_config` and `ssh_private_key_file` to add support to
read custom ssh config file and mention ssh private key file
for junos_scp and junos_package module
* Fix CI issue and update note section
If two tags with same name and different category exists, vmware_tag_manager
used to take first found tag.
This commit use combination of tag and category to identify the category.
Fixes: #59379
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
Due to confusion between 'Custom Attributes' and 'Advanced options',
this change got in devel. Revert to original behavior i.e. customizing
custom values using vmware_guest is done in this PR.
Fixes: #64291
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
Domain is newly added in 2.10 release, specify this in the
documentation section in Checkpoint httpapi connection plugin.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Add example showing that when using the `argv` syntax for command module instead of the string one, we can directly provide other parameters in the "command" block, rather than using an "args" block.
* iam_role tags support
* Make sure we don't Camel -> Snake tags in our return values
* Minor documentation tweaks
* Add tagging tests
* Make sure we return the state of tags once we updated them
* Update lib/ansible/modules/cloud/amazon/iam_role.py
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Move boto3/botocore before we start making changes
* renamed module tls client auth parameters to avoid overlaping with ansible fetch_url
* added version_added info for params
* Updated version_added
Updated version_added info from 2.9 to 2.10
* Update pulp_repo.py
removed version_added for renamed params
* Apply suggestions from code review
added ca_cert alias and 'version_added'
Co-Authored-By: Mark Chappell <mchappel@redhat.com>
* Apply suggestions from code review
added old behavior for client_cert and client_key which will deprecate in 2.14
Co-Authored-By: Mark Chappell <mchappel@redhat.com>
* Update pulp_repo.py
fix for linting error ansibot is complaining
* added changelog fragment for 59522
* Apply suggestions from code review
more informative depreciation warning and changelog fragment
Co-Authored-By: Felix Fontein <felix@fontein.de>
* added mention for changes in client_key and client_cert behavior
* fixed too long line (linting)
* deprecated ca_cert alias to have consistent module params in Ansible 2.14
* fixed indentation for deprecation warning
* changed deprecated alias handling to argument_spec
* moved deprecated_aliases insied argument dict, thanks tremble
* suggestions from felixfontein
Move doc info about client_cert and client_key into its own paragraph
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Add full IPv6 support to win_dns_client - Fixes#55962
* Fix missing cast
* Add type to win_dns_client.py
* Remove version_added again, to hopefully make ansibot happy. Even though it was added as a response to the bot...
* Fix $params undefined error, that was introduced by fixing the "global variable" linting issue
* Fix casting error
* Fix inverted logic
* Fix rebase error
* Fix assignment to readonly variable
* Fix "reset IPv4 DNS back to DHCP adapter_name"
* Fix legacy windows server support (2008/2008R2)
* Fix 2k8
* Remove unecessary pslint ignore
* Added IPv6 tests, changelog fragment and further docs
This info about backing_disk_mode was renamed to backing_diskmode,
to keep backward compatability re-introducing backing_disk_mode along
with backing_diskmode info.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Add ldap_attrs module
* Fix codesyle error
* Apply deprecation rules
* Add support for X-ORDERED extension in ldap_attrs
The 'X-ORDERED' LDAP extension allows definition of ordered LDAP object
attributes. This extension is used in OpenLDAP "cn=config" database to
support ordered configuration options.
Specification: https://tools.ietf.org/html/draft-chu-ldap-xordered-00
* Update ldap_attr deprecation notice
* Documentation improvements based on suggestions
* Remove redundant dots from documentation
* Correct 'insertations' to 'insertions'
* Remove insecure 'params' option
* Fix sanity ignore errors
* Improve module documentation
* Change example value from string to list
* Fix support for "" values
* Restore module vmware_dns_config
* Remove domainname and change_hostname_to
* Changed version_added from 2.10 to '2.10'
* Add setup_attach_host: true to test case
* Add 'vcsim is not defined' block to integration tests
* Change 'result' to 'dns_config_result'
* Bugfix: Changing some static configurations while keeping others can crash the module
* Implement changing DNS config from DHCP to static on a cluster
* Update documentation for vmware_host_dns
* vmware_host_dns integration tests: Always revert to original DNS configuration, even if a test fails
* Deprecate vmware_dns_config
##### SUMMARY
The second example of the documentation uses an argument "hostname" that does not exist in this module.
It should be replaced by argument "name"
##### ISSUE TYPE
- Docs Pull Request
+label: docsite_pr
The following modules a new, and were not yet in `module_defaults.yml`:
- vmware_guest_register_operation
- vmware_guest_serial_port
- vmware_guest_tools_info
* Add support for multiple manager attributes configuration
* Updated version_added to 2.10
* Added support for modifying LC and system attributes
* Added support for LC and system attributes
* Pylint fixes
* Add support for multiple manager attributes
* Add support for multiple manager attributes
* Add support for multiple manager attributes
* add connect_as, username, password parameters
add tests
* fixed reference to undefined variable.
added version added to new options.
* add changelog fragment
* fix line endings
* use ansible facts to determine os version
remove unused iis version check
test checksum of iis configuration after backup
* correct assertion
* added more cleanup tasks.
* version added is now 2.10
* skip server 2008 r2 for now
* run tests on server 2012 and higher
* Adds win32_disk_drive object to win_disk_facts
* Names class parameter for Get-CimInstance as requested in the devdocs
* Maps whole class and adds docs
* Improve matching of disks when UniqueID is different format
* Improve logic for PNPDeviceID mapping
* Adds test for win32_disk_drive
* win_chocolatey: Fix error when choco.exe not found
* Slight tweak to check and added changelog fragment
* Removed ignore rule that's no longer needed
* win_domain_user: add retry logic for null user principal group
* win_domain_user.ps1: Fix "user without group" case use
* Added changelog fragment
* Fix up missing dollar sign
* Add default value to 0 for disk in nova_flavor module
* Apply suggestions from code review
Add type int for disk size
Co-Authored-By: John R Barker <john@johnrbarker.com>
* ec2_vpc_net: (integration tests) migrate to using module_defaults
* ec2_vpc_net: (integration tests) use a private subnet for the tests
* ec2_vpc_net_info: Add integration tests
* ec2_vpc_net_info: add cidr_block_association_set to documentation
* Update AWS hacking test policy to allow VPC CIDR disassociation
* Update test/integration/targets/ec2_vpc_net/tasks/main.yml
Co-Authored-By: Jill R <4121322+jillr@users.noreply.github.com>
* Store vpc2 ID to make it clearer which VPC we're changing
* Be more consistent with our quoting
* Explicitly test that the VPC IDs haven't changed
The ask was to add an option in the vmware_guest itself. Upon inspection, a serial port can
be created in multiple ways and so can be a module in itself. Therefore, created a new module
called vmware_serial_port.
Fixes: #54956
Eliminate `ResourceWarning: unclosed file` by closing all
file handles of each subprocess used by the SSH connection
plugin to execute commands.
This change prevents Ansible from accumulating "forgotten"
open file handles.
PR #64785 by Julien Palard
Fixes#64768
* Adjust conditional for disabling alert email
Conditional was improperly disabling existing alert email when it was found enabled. The expectation is that it should only disable if module.param['enabled'] was set to false.
* Adjusted disable logic
Added back in the logic of only disabling the alert email if it is module.params['enabled'] is false AND current value of enabled is true on the array
This is a fix for a regression introduced by Perfy. Since then we mainly
operate on host.name instead of the Host object. In a call to
set_nonpersistent_facts where we set ansible_failed_task and
ansible_failed_result variables we were still passing the object which
led to those vars being undefined.
Fixes#64789
While deleting gitlab user, several parameters such as email, name,
password are not required. This fix removes this requirement from the
module.
Fixes: #61921
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* win_domain_computer module: Minor documentation error
* Fix idempotence when name != samaccountname
* Added changelog
* Added unsupported alias for CI check
* Update win_firewall_rule.py
<!--- Your description here -->
Added example of enabling ICMP protocol, as ping is commonly used for troubleshooting in automation scenarios. Equivalent netsh command is:
netsh advfirewall firewall add rule name='ICMP Allow incoming V4 echo request' protocol=icmpv4:8,any dir=in action=allow
+label: docsite_pr
* Remove yaml-breaking space
Removed extraneous space that caused validation to fail.
* Remove more extraneous whitespace
* ec2_eip: (integration tests) move to using module_defaults
* ec2_eip: (integration tests) expand integration tests
Also clean up a little
- Delete EIPs when we finish testing them (reduce the chance of hitting limits)
- Rejig deletion so that it works when runs fail
- Add tests for ec2_eip_info
* ec2_eip: Minor doc tweaks
* ec2_eip: Don't throw an exception when we try to disassociate an already disassociated EIP
* ec2_eip: Add missing IAM policy (manage IGWs)
* ec2_eip: (integration tests) Use the VPC as a crude lock to avoid running parallel tests
We test that untagged EIPs come and go as we expect, if multiple tests are
running in parallel this confuses things
* Fix ec2_eip association
* ipaddr: add an option to return peer of a point-to-point link
Signed-off-by: Vincent Bernat <vincent@bernat.ch>
* ipaddr: extend "peer" to also work with /30
* Catch vmodl.fault.SystemError exception.
* Add exceptions for connection issues.
* Fix self._si not defined exception (L353), when trying to close a non existing connection.
* Fix vmware_tools connection reset
* Also catch InvalidGuestLogin exception, as it get's also thrown when trying to logging in too early on startup...
* win_acl no longer needs SeSecurityPrivilege
Set-ACL raises missing SeSecurityPrivilege error when the inheritance
from the parent directory is disabled.
* fixes test sanity
* registry rights can only be modified with Set-ACL
* add changelog
* Corrected Get-adcomputer
Corrected Get-adcomputer on "Remove-ConstructedState" and "Set-ConstructedState" functions.
resolved error: Unable to contact the server. This may be because this server does not exist, it is currently down, or it does not have the Active Directory Web Services running.
* Update lib/ansible/modules/windows/win_domain_computer.ps1
Co-Authored-By: Daniel-Sanchez-Fabregas <33929811+Daniel-Sanchez-Fabregas@users.noreply.github.com>
* Update win_domain_computer.ps1
changed
"-credential $credential" to "@extra_args" (Line 115 and 150)
corrected exception message (Line 122)
* Added changelog fragment, minor code tweak
* Ensure we work on only one user.
After the initial get/create use the GUID of the found/created user to
ensure we will not start to work with a different user. If we create a
user or modify it's attributes an he is not identified with the name
parameter afterwards this module fails in rather unpredictable ways.
This addressed #45298
* Use splatting create_args for creating user.
This prepars this for adding more optional create arguments without
nesting of condictions.
* Set the UserPrincipalName and SamAccountName on create.
Set the UserPrincipalName and SamAccountName on the create operation if
upn is given to ensure the User is created with a contollable
SamAccountName.
* Rename $username to $name.
$username is missleading as its not the SamAccountName.
* Add a identity parameter to win_domain_user
This gives the user full controll over how the user is identified in the
AD.
* Add version_added information for new parameter and fix yaml syntax.
* Added changelog fragment
wait_for_connection creates AnsiballZ_ping.py in temp directory,
which remains on remote machine even after playbook run.
Fixes: #62407
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Fix eos_facts over local eapi
* Much better feedback when querying resources over local
* No need for that anymore
* Update comment
* Mkae sure facts are tested on local
resource modules might break this otherwise
* This test was not checking anything
* Pass over nxos_facts as well
* Add output_encoding_override params to win_command/win_shell (#54896)
This enhancement enables Ansible to parse the output of
localized commands that ignore the prompt code page.
* Added changelog and minor nits
* feature enhancement: make a snapshot from an existing managed disk.
* remove default creation option in argu_spec of azure_rm_snapshot
* fix pep8 related issue
* fixing broken integration test
* Added install_dns option to the win_domain module.
* Added install_dns option to the win_domain_controller module.
* Updated version_added to devel branch version 2.10.
* Updates for ansible-test errors.
* Minor nits to docs
* Add Local Security Policy update example
##### SUMMARY
This real world example will be useful, but perhaps there is a better section?
##### ISSUE TYPE
- Docs Pull Request
+label: docsite_pr
* Move new example and add not to username
* Set alter_sys=True instead of False to address backwards incompat
* ci_complete
* Add integration test
* ci_complete
* sanity
* ci_complete
* Changelog fragment
* Update import test and validate-modules to match
* Updated nxos_lacp tests to handle platforms not supporting lacp system mac command
* nxos_lacp: addressing comments
* nxos_lacp: Updating image tag search to include more tags
* route53_info max_items and next_marker should be a str
Type was changed in #64358, however boto3 takes a str for this option
Add some basic tests for route53_info.
Fixes: #64534
This fixes a regression that was caused by switching from copy() to
deepcopy() when 'saving' variables before templating. Since HostVars
did not implement the __deepcopy__() method, deepcopy returned incorrect
results when host vars were present in the variables.
Fixes#63940
* docker_login: Use with statement for accessing files (#64382)
* Update changelogs/fragments/64382-docker_login-fix-invalid-json.yml
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Use "default" route info to help pick the default address.
Before this change, the address information used for the "default_ipv4"
and "default_ipv6" information is whatever is first on the interface
identified by the looking up the "default" route. On OpenBSD at
least, the first IPv6 address tends to be a link-local address,
which is not useful if you want to try and put a globally routable
v6 address in a template somewhere.
OpenBSD and NetBSD list the local address used for the default
route, so we can then use that to filter the addresses on the
interface and use the right one when it is available. This should
also help in situations where the interface has a lot of aliases,
or if you're doing IP multipath.
Thanks to John-Mark Gurney and Jared McNeill for providing me output
from the route command on FreeBSD and NetBSD respectively.
* Use "route get default" to get default route information.
Using some other arbitrary address makes these facts produce
unexpected results in some situations.
* ec2_* Sanity corrections
Cleanup some typos that were missed in #64230
* Update lib/ansible/modules/cloud/amazon/ec2_launch_template.py
Co-Authored-By: Felix Fontein <felix@fontein.de>
* convert aws_acm_facts to AnsibleAWSModule
* factor aws_acm_facts into module_utils
* add more filtering options for aws_acm_info
* add aws_acm module and tests
* uncomment aws_acm test
* fix linting for aws_acm
* fix __future__ linting for aws_acm
* fix linting for aws_acm
* fix linting for aws_acm
* fix linting for aws_acm
* fix linting for aws_acm
* fix aws_acm_info arg type
* remove test for old module name aws_acm_facts
* simplify AWS ACM client creation
* fix indent typo in aws_acm test
* catch BotoCoreError in aws_acm
* fix indent typo in aws_acm test
* tighten AWS ACM test policy resource
* move aws acm int test to venv
* remove errant file
* fix AWS ACM int test perms
* undo copyright addition to wrong file
* fix invalid log message in aws_acm
Co-Authored-By: Jill R <4121322+jillr@users.noreply.github.com>
* rephrase aws_acm_info doc from facts to information
Co-Authored-By: Jill R <4121322+jillr@users.noreply.github.com>
* rename aws_facts var to aws_info
* remove case insensitivity for aws_acm pem compare
* add no_log for aws_acm credential setting
* add per-test prefix to aws_acm test resource names
* make aws_acm use crypto module_util
* clarify copyright for aws_acm
* make aws_acm int test clearer
* add explicit crypto dependency to aws_acm
* change requests for aws_acm pr
* fix wrong copyright owner aws_acm test
* fix wrong copyright owner aws_acm test
* rewrite aws_acm cert chain compare with regex, no dependency
* fix linting for aws_acm unit test
* fix linting for aws_acm unit test
* fix linting and duplicate ignore
* fix failed cert chain split in aws_acm, add more tests
* remove errant file
* more linting fixes for aws_acm
* fix sanity ignore
* rewrite cert compare in aws_acm to use base64 decode
* improve regex for pem cert chain split in aws_acm
* undo changes to crypto module util for aws_acm
* increment ansible version for new aws_acm module
* convert aws_acm return(x) to return x
* increment version added for aws_acm_info new features
* fix linting
* fix bugs with AWS ACM
* fix bad rebase
* disable AWS ACM integration test, due to AWS account limit issue
* remove aws acm integration test from shippable group
* enable using any domain in the check point machine
* Update checkpoint.py
* trying to checge `test_chrckpoint` according to `test_ftd` in order to pass the tests
* Update test_checkpoint.py
* add GetHealthReport commands
* add NetworkInterfaces and SimpleStorage
* convert report uri property keys from plural to singular
* one more plural to sungular uri conversion
* change module name to redfish_info in EXAMPLES docstring
* Added module for attaching volumes in the Packet host
* Fix __future__ import sanity
* removed changed from RETURN doc
* Fix sanity tests, add check mode & few other minor changes
* Added module for IP address assignment in the Packet Host
* fixed CI bot issues
* rework of IP address handling to subnets
* fix pep8 in modules/cloud/packet/packet_ip_subnet
* Fix verison added
* Fix sanity tests, rebase, refactor & other improvements
* ec2_ boilerplate
* Deprecate unused options.
* ec2_vol: Perform explicit type checking on volume_size and iops when parsing the args
Boto would through a type exception if the string couldn't be converted to an int.
* ec2_lc_find: remove duplicate definition of region
It's defined in ec2_argument_spec and ec2 doc fragment
* ec2_lc_info: Move responsibility for type checking/conversion of sort_start and sort_end into arg parser
* General sanity test related doc fixups
* Remove EC2 related sanity/ignore.txt entries
* Add changelog fragment
* Remove sanity/ignore.txt entries
* replace use of "_" as a variable name
* Cleanup boilerplate
* Remove default values from mandatory parameters
* Sanity test documentation updates
* Remove unused imports from iam_role
* Move var plugins handling to a separate file
* Allow var plugins to require whitelisting
* Add global configuration ('demand', 'start') for users to control when they execute
* Add 'stage' configuration ('all', 'task', 'inventory') for users to control on a per-plugin basis when they execute
* Update ansible-inventory and InventoryManager to the global and stage configuration
* Update host_group_vars to use stage configuration and whitelisting
* Add documentation for using new options and to the developer's guide
* Add integration tests to exercise whitelisting and the new configuration options, using vars plugins in collections, and maintain backward compatibility
* Changelog
Co-Authored-By: Brian Coca <brian.coca+git@gmail.com>
Co-Authored-By: Sandra McCann <samccann@redhat.com>
* Remove Sanity test ignore.txt entries
* Fixup boilerplate
* Remove use of blacklisted _ variable name
* cloudformation: Add an explicit removal version for template_format
This option's been ignored since ansible 2.3
* General docs cleanup to clear sanity errors
* elasticache_parameter_group: Add list of choices
- matches documented choices
- other values wouldn't have worked
* data_pipeline: Deprecate 'version' - always ignored
* Add deprecation documentation
* Refactor CLI prompt mode check for network plugins
* Move the CLI prompt mode check logic from action plugin
to the controller side with the cliconf plugins.
* This refactor also allows the network modules
to initialise the persistent connection with remote device
only when it is required.
* Fix review comments
Using os_server_action to perform start, stop and pause actions on a
server in OpenStack results in an error when 'wait' is False.
The command is successfully sent to OpenStack, however Ansible fails the
task:
fatal: [127.0.0.1]: FAILED! => {
"changed": false,
"msg": "New-style module did not handle its own exit"
}
This patch ensures that those actions always exit, whether running with
'wait' set to True or False.
As we are not waiting to confirm the result, this assumes that the
actions were successful.
Fixes#62958
Signed-off-by: Chris Smart <chris.smart@humanservices.gov.au>
* Fixes#63937
* Add the environment variables VMWARE_HOST, VMWARE_USER, and VMWARE_VALIDATE_CERTS for consistency
* Follow the general pattern for config file naming requirements and update the documentation
Let the caller choose a namespace for `to_uuid` and document the
behaviour of both the default case, and the new explicit case.
This PR does not change the existing behaviour of the `to_uuid` UUIDv5
filter.
* Fix network plugin config option load from collection
Fixes#63975
* Update the complete sub-plugin name within network
connection plugins to handle sub-plugin in collection
scenario.
* Fix review comments
* add option to specify ID of System/Manager/Chassis to modify
* added version to deprecate() call
* fix merge TODOs to use new self.systems_uri variable
Add module podman_volume_info that collects data about podman
volumes on the host. Acts as docker_volume_info module.
Signed-off-by: Sagi Shnaidman <sshnaidm@redhat.com>
* add GetManagerServices in redfish_info module, and add SetManagerServices in redfish_config module
* fix incorrect-version-added, fix incorrect Comparison to None, fix continuation line under-indented for visual indent, fix line too long, fix blank line at end of file
* update parameter format to allow multi-services update and additional parameter update
* fix bad-whitespace and trailing-whitespace detected by ansible-test
* change command name from GetManagerServices/SetManagerServices to GetNetworkProtocols/SetNetworkProtocols, and update parameter name to network_protocols with dict type, and enhance set_network_protocols() to follow suggestions
* donot need to import ast any more
* fix problems caused by code merge
* Move X25519, X448, Ed25519 and Ed448 feature tests to module_utils.
* Correctly sign with Ed25519 and Ed448 keys.
* Fix public key comparison. Ed25519 and Ed448 do not have public_numbers().
* Add tests.
* Add changelog.
* Give better errors for cryptography 2.6.x and 2.7.x.
* Test for new errors.
* Forgot one.
* Used wrong private key.
* Use private key password for CA key. Add more stuff to its certificate.
Currently first check was by checksum only, and if there are 2
images with the same checksum, but different names, this check
fails with error:
* Multiple matches found for None *
To prevent this let's add more exact check in the beginning:
1. Firstly try to find by unique ID if it's given, most safe way.
2. Try to find by combination of name and checksum, not only
checksum, it will drop duplicates with different name.
3. Try to find just by name, as most general approach.
By going from most narrow to more general checks we can drop
duplicates in more efficient manner.
* Add AWS_ boilier plate
* AWS_ modules: clean up missing parameter types
* Remove documentation duplicated by ec2 document fragment
* Add missing documentation for options and sub-options
* Add missing return type documentation
* Remove AWS_ sanity-check ignores
* aws_waf_info: fixup conflicting 'defaults' information about the use of waf_regional
* Wrap URLs in U()
* Add elements entries, because felixfontein asked nicely
* Apply suggestions from code review
Co-Authored-By: Jill R <4121322+jillr@users.noreply.github.com>
* Second round of review comments.
* Make docker_stack adhere to standard return values
The names of the various fields returned from ansible modules are e.g defined here https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#msg.
Adhering to this improves usability and makes use of functionality for e.g stdout_lines etc.
* Update lib/ansible/modules/cloud/docker/docker_stack.py
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Fix under-indentation of continuation line (pep8)
Issue exposed in test here https://app.shippable.com/github/ansible/ansible/runs/146667/1/console
* Don't break old playbooks/roles
Made sure the changes are only adding new variables, not removing anything existing yet.
* Added comment
* Minor fixes
* Update lib/ansible/modules/cloud/docker/docker_stack.py
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Update lib/ansible/modules/cloud/docker/docker_stack.py
Co-Authored-By: Felix Fontein <felix@fontein.de>
* minor change to docker_stack.py
* Add changelog fragment for PR 63467
* Format changelog fragment
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Add fragment about docker_stack return val depr
* Add docker_stack doc note about deprecated vals
* Remove whitespace in empty line
* Add docker_stack depr notice to porting guide
* Update changelogs/fragments/63467-docker-stack-return-fix.yml
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Update docs/docsite/rst/porting_guides/porting_guide_2.10.rst
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Update lib/ansible/modules/cloud/docker/docker_stack.py
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Added back a missing new line
* check status code value lower boundary
Any HTTP code below 200 cannot be considered a success, should be
handled like a failure instead.
This is particularly true for below zero status codes.
Fixes#63139
* provide changelog fragment
* ensure connection errors are handled in Acme module
* add fetch_url check to ACME.send_signed_request
* remove module.fail_json
* move _assert_fetch_url_success out of ACMEAccount
* fix ansible-lint errors
* use simplified syntax status checking
* add new command UpdateUserName and UpdatePasswordPolicy in redfish_command module
* fix errors detected by ansible-test
* fix error detected by ansible-test
* change command name UpdatePasswordPolicy to UpdateAccountServiceProperties, and update parameter to account_properties to support mlti-properties setting
Since https://github.com/ansible/ansible/pull/56733, we were not able to apply
firewall rules with no `allowed_hosts` key.
closes: #61332
In addition, this patch ensures the `allowed_hosts` key accepts a dict,
instead of a dict in a single entry list.
```yaml
vmware_host_firewall_manager:
esxi_hostname: "{{ esxi1 }}"
rules:
- name: NFC
enabled: True
allowed_hosts:
- all_ip: False
ip_address:
- "1.2.3.4"
```
Should be written:
```yaml
vmware_host_firewall_manager:
esxi_hostname: "{{ esxi1 }}"
rules:
- name: NFC
enabled: True
allowed_hosts:
all_ip: False
ip_address:
- "1.2.3.4"
```
* postgresql_db: allow to pass users names with dots
* postgresql_db: allow to pass users names with dots, add changelog fragment
* postgresql_db: allow to pass users names with dots, fix ci
* Make banner detection non-greedy in ios_banner
* Added ios_banner unit test to detect bug #63091
* Corrected PEP8 errors
* Added integration test
* Corrected typo in integration test
* enable grafana_annotations callback plugin message sending to multiple panels
* remove new line at end of file
* restructuring code of grafana_annotations cb plugin
* add missing self keyword
* grafana callback: use list for panel_ids
* grafana callback: convert panel_id to integer
annotations HTTP API states that panelId are integer (same as
dashboardId which is also converted).
* Introduce context manager for temporary templar context changes. Fixes#60106
* Rename and docstring
* Make set_temporary_context more generic, don't hardcode each thing you can set, apply to template action too
* not None
* linting fix
* Ignore invalid attrs
* Catch the right things, loop the right things
* Use set_temporary_context in a few extra action plugins
Added exception handling when module tries to modify user details,
and /etc/shadow file is missing or not found.
Fixes: #63490
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Eh, 2.10 is close enough
* drop top-level authorize
* Remove from documentation
* Remove load_params
* Centralize this junos thing
* Fixup user modules
* I'm 95% sure this did not do what it was supposed to
* nxos_hsrp: I don't think this is an actual module parameter
* Try to fix junos_package tests
* Move local params to provider
* Promote 'timeout' to a real parameter for eos_eapi
* Don't assume provider exists?
* move another timeout
* Provider now always has auth_pass
* Fix junos tests to avoid NameErrors
* DNF Handle Empty AppStream stream definition
Fixes#63683
Signed-off-by: Adam Miller <admiller@redhat.com>
* Switch Fedora dnf test target modularity to stratis
In Fedora 29, the metadata was not properly set for a default stream
for ripgrep even though there is a profile called "default", however
that's an arbitrary string and the module maintainer must set the
default stream (which it never was for the ripgrep module, thus
failing the "empty stream" install test)
Signed-off-by: Adam Miller <admiller@redhat.com>
##### SUMMARY
Currently, it is not possible to delete specific versions of an ec2 launch template. The module docs incorrectly suggest that there is a `version` param to the module that can be used to do that. This patch aims to correct that error.
##### ISSUE TYPE
- Docs Pull Request
+label: docsite_pr
* yum - only instantiate YumBase once
Previously, this code was re-instantiating the `YumBase` object
many times which is unnecessary and slow. However, we must do it
twice in the `state: absent` case because the `yumSack` and
`rpmSack` data of the previously instantiated object becomes
invalid and is no longer useful post transaction when we verify
that the package removal did in fact take place. Also, this patch
removes the repetitive re-processing of enable/disable of repos in
various places.
Here's a display of the speed increase against a RHEL7 host:
```yaml
- hosts: rhel7
remote_user: root
tasks:
- name: Install generic packages
yum:
state: present
name:
- iptraf-ng
- screen
- erlang
- name: Remove generic packages
yum:
state: absent
name:
- iptraf-ng
- screen
- erlang
```
Before this patch:
```
real 0m52.728s
user 0m5.645s
sys 0m0.482s
```
After this patch:
```
real 0m17.139s
user 0m3.238s
sys 0m0.277s
```
Fixes#63588Fixes#63551
Signed-off-by: Adam Miller <admiller@redhat.com>
* add changelog
Signed-off-by: Adam Miller <admiller@redhat.com>
- xenserver module_util: XenAPI lib import error message handling is now
ported to missing_required_lib(). Updated unit tests.
- xenserver_guest, xenserver_guest_info, xenserver_guest_powerstate modules:
docs are updated to reflect recent changes in availability of XenAPI lib
on PyPI.
- xenserver_guest, xenserver_guest_info, xenserver_guest_powerstate modules:
docs are updated to reflect recent Citrix rebranding of XenServer. Broken
URLs to external resources are fixed.
- xenserver_guest, xenserver_guest_info, xenserver_guest_powerstate modules:
more tested platforms are mentioned in docs.
* Added missing param to lambda module to pass it through to boto3
* Allow updating of runtime, because there is no reason why not
* Updated version_added to 2.10 to make tests green again
* Updated RETURN docs of Lambda module
* Added tests to aws_lambda test-suite.
Use a separate variable for the boolean test rather than having the same variable sometimes be a boolean and sometimes be a regular expression match object
Add integration tests to cover this scenario
* s3_bucket: Allow empty encryption_key_id with aws:kms to use KMS master key
* Add idempotency check and cleanup example, dont require encryption_key_id
