* show original exception for yaml (and other) errors
In places where we need to catch a yaml error and raise
an AnsibleError, add the orig yaml exc to the AnsibleError
via the orig_exc arg.
When the AnsibleError is displayed it will now include the
AnsibleError (AnsibleParserError for example) and the type
and message from the original yaml exception.
This provides more detail to the error messages related to
yaml errors.
This also improves errors from dataloader (for example,
previously if a wrong password was used for a vault encrypted
yaml file, the error was very vague and suggested yaml errors,
but now the message includes the original exception from vault
indicating the password was incorrect or missing).
Add a text note to playbook helper asserts. For playbook
syntax/layout errors that aren't yaml errors, but errors
indicating invalid data structures for a playbook/task/role/block,
we now include some info about where the assert was and
why it was raised.
In places we raise an AnsibleParserError in an except
clause, pass the original exception to AnsibleParserError via
orig_exc arg.
Make assorted error messages a little more specific (like
the playbook helper load methods)
* Revert "Include the original YAML error in syntax error messages"
This reverts commit 781bb44b02.
* Allow cert and private pem information to be passed in via string, eg when obtaining sensitive key details from anisble-vault at runtime
* Allow cert chain body to be passed as a string
* Ensure the new options are set in parameters
* Dont publish the private key in logs
* Set the version_added documentation
* Update documentation inline with review
* Removes file based certificates in favour of string only as suggested in feature review
* Documentation changes as suggested by review
* Make access_token type str, remove alias, and make validate_certs default value true
* Remove comma
* Add bcf switch module
* Remove white space in blank line
* Fix yaml
* Try removing the RETURN just like in the other modules
Given parent include path "{{ var | default('path/file.yml') }}"
os.path.dirname(parent_include_path) yields {{ var | default('path/
which is incorrect in itself but also causes templating errors
due to unbalanced quotes. Fix both problems by templating
parent include path before finding its dirname.
* Support NetBSD 7.1+ style ifconfig -a output
network facts on NetBSD after 7.1 cvs would fail
because of format changes in 'ifconfig -a' output.
update code to support new and old format.
add unit tests for both based on
examples from Bruce V Chiarelli.
* wrap use of interfaces.keys() in list() for py3 compat
* sort interface ids for stability
When creatinf a new VM from template, you can specify the storage domain
name and disk format where to copy all the template disks
For example if you want to create a VM from template into specific
storage domain you can do the following:
ovirt_vms:
name: vm_on_my_storage_domain
cluster: my_cluster
template: my_template
operating_system: other_linux
type: server
cpu_cores: 1
cpu_sockets: 1
state: stopped
clone: True
storage_domain: my_nfs_storage
format: COW
before this change adding nic was allowed only to a vm. Now it is
possible to add it to template.
example:
- name: test add nic to template
ovirt_nics:
auth: "{{ ovirt_auth }}"
state: present
template: mytemplate
name: nic1
interface: virtio
profile: ovirtmgmt
network: ovirtmgmt
* Fix ansible_cmdline initrd fact for UEFI
UEFI cmdline paths use \ path sep which would
get munged by cmdline fact collection.
* Make CmdLineFactCollector easier to test
extract the parsing of the /proc/cmdline content to
_parse_proc_cmdline()
add a wrapper method for get_file_content _get_proc_cmdline()
Add unit tests of _parse_proc_cmdline based on examples
from issue #23647Fixes#23647
* win_environment: Added tests and return info in document
* fixing up some yaml issues
* some more things I should have detected
* fixing up test tag name
* Implemented dconf module for manipulating and reading the dconf database.
* Fixed remote execution for the dconf module when state=present by wrapping the invocation with dbus-launch (dconf requires a running DBus user session). Updated documentation to mention external module dependencies.
* Fixed remote execution for the dconf module when state=absent by wrapping the invocation with dbus-launch (dconf requires a running DBus user session).
* Updated dconf module implementation to make it more robust:
- Detect running D-Bus session, and reuse that one if possible.
- If detection fails, try launching process via dbus-run-session to avoid
left-over D-Bus processes.
- As last resort run dbus-launch, and clean-up after the changes have been
made.
- Updated documentation to mention new dependencies and to be more explicit
about module limitations.
* Fixed PEP8 errors reported by ansibot in dconf module.
* Updated dconf module implementation:
- Fail early if psutil library is not available on the system.
- Go through all of user's processes to locate a running D-Bus daemon.
- Test potential D-Bus session bus address before deciding to (re)use it.
- Added a couple of debug statements.
- Updated documentation to include dbus-send as requirement.
* Updated dconf module implementation:
- Simplified module, removing all code for handling dbus-daemon, as discussed in
a community meeting.
- Module user must ensure that D-Bus user session is available and specified
either via module parameter or environment variable.
- Updated documentation for the change.
* Updated dconf module implementation:
- Add back ability to detect running D-Bus user session.
- Fail-back to using dbus-run-session if running session could not be detected.
* PEP8 fix for dconf module.
* Updated dconf module implementation:
- Introduce correct examples for Gnome DE.
- Rename existing examples to mark them as Cinnamon-specific.
- Use self.module.get_bin_path instead of custom check for dbus-run-session.
- Fixed typo in method documentation for DconfPreference.reset().
* netscaler_service initial implementation
* Changes as requested by reviewers
* Skip some tests if under python2.6 and importing requests library
* Change option "operation" to "state"
* Remove print statements from netscaler module utils
* Catch all exceptions during login
* Fix fail message
* Add common option save_config
PR #5165 at https://github.com/ansible/ansible-modules-core/pull/5165
adds redirection and capture of stdout during execution of
docker-compose.
This doesn't necessarily catch all errors, since some are printed to
stderr and lost.
This extends the redirection to include stderr, and does minor string
processing to attempt to find a 'useful' message to present as the
final Ansible error.
* Allow template files to be vaulted
* Make sure to import exceptions we need
* get_real_file can't take bytes, since it looks specifically for string_types
* Now that we aren't using open() we don't need b_source
* Expand playbooks_vault docs to include modules that support vaulted src files
* Add vaulted template test
If the temp directory creation failed in mkdtemp then temp_path is never
given a value. This would lead to a NameError exception which would
obfuscate the original error (out of disk space being a common one). By
catching NameError, python will raise the original exception as we want.
Fixes#17215
* using a _named_ capture in our assembled pattern, since before/after could potentially contain their own parenthesized captures
* ensuring we only replace against the named capture in question
* removing some duplication in the regexp replacement, that was introduced in ansible/ansible#22535
* fixed edge case of before/after not matching file content to replace
Fixesansible/ansible#24840
Initial commit to split includes into static imports/dynamic includes
This implements the new include/import syntax for Ansible 2.4:
* include_{tasks,role,variables} = dynamic
* import_{playbook,tasks,role} = static
The old bare `include` will be considered deprecated, as will any use of the `static: {yes|no}` option.
This also adds docs for import/include and reorganizing the "Playbook Reuse" section of the documentation.
* New facts module for AWS VPC Peering
* Update documentation and region catch for boto3
* Update ec2_vpc_peering_facts for python3 and flake8
Update version to 2.3
Update for python3 exception handling
Use ansible_dict_to_boto3_filter_list rather than duplicating
implementation
Use camel_dict_to_snake_dict on results for ansible standard results
Tidy up flake8 compliance
* Support check_mode for ec2_vpc_peering_facts
Add supports_check_mode to the module declaration
* Fix latest Ansible standards
Update version to 2.4
Add ANSIBLE_METADATA
Move imports
* Fix boto3 tags to remove; unable to remove a list of strings, need list of {'Key': key}
* pep8 fix
* cannot bugfix due to differences in AWS APIs - just document
* add more info to guidelines for using compare_aws_tags
* Add net_user platform agnostic module
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* Integration test for net_user
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* modify eos_user module to support name param as alias to username
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* Test collection of users
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
When operating on arbitrary return data from modules, it is possible to
hit the recursion limit when cleaning out no_log values from the data.
To fix this, we have to switch from recursion to iteration.
Unittest for remove_values recursion limit
Fixes#24560
* Fix proposal for bug 25151
* Fix proposal for bug 25151 - pip module, pyvenv validation
* Graceful fail when virtualenv_python is defined and virtualenv_command uses the venv module
* Making sure that venv is being used as a modue "-m venv"
* Updating syntax in validations
* Updating syntax in validations - fixing stupid typo "[)"
* Raising an error if virtualenv_command is pyvenv or venv and virtualenv_python is used
* trailing whitespace gone, pyvenv, venv validation and docs update
* cleaning whitespaces from blank lines
* Ultra basic api-gateway module based of lambda.py
* Ultra basic deployment added to api-gateway module
* ApiGateway module Allow creation of APIs, more documentation and better return value
* ApiGateway module incorporate review feedback
* ApiGateway module flake8 cleanup
* APIGateway module - more review fixes.
* slightly better messages in api_gateway module
* AWS api_gateway module - try to improve messages in case of exceptions
* rename api_gateway module to aws_api_gateway as discussed in PR 20230
* aws_api_gateway - Allow delivery of swagger either as text or dictionary.
* aws_api_gateway module - introduce 'unit' tests, improve imports using them and small fixes
* aws_api_gateway module - move path expand_user to avoid early typecheck
* aws_api_gateway - version means version of metadata not module - fix to 1.0
* aws_api_gateway module - Rely on module_utils.ec2 for imports & path type for expanduser / cleanups
* aws_api_gateway module - heavy cleanup and refactor of code + cloud retry functionality.
* api_gateway_module - failing test case for handling more than one deployment in succession and API deletion
* add TooManyRequestsException to AWSRetry exception list - makes API deployment work.
* api_gateway_module - Fixes for various review comments + errors from various linters
* api_gateway_module - Fixes for more review comments + linter error
* api_gateway_module - Major refactor into sensible functions - create_response becomes configure_response
* api_gateway_module - should be working under python3; remove test exclusion
* api_gateway_module - finish off remaining review fixes - use ansible defaults and fix mutually exclusive
* api_gateway_module - attempt to improve handling of botocore errors in python3
* api_gateway_module - implement state=absent / API deletion
Fix 'hostname' module Facts is not defined by updating
'hostname' module to use it.
is_systemd_managed() was previously on the module_utils.facts.Facts
class that no longer exists.
Fixes#25289
* Add 'exists' to win_stat return docs
Fix 25107 by adding documentation for 'exists' return value in win_stat module
* Added missing filename attribute to RETURN
Also made the path and filename sample values consistent.
default inventory plugin order now follows the hardcoded one in previous versions
yaml plugin shoudl run before ini to avoid ini being able to parse some yaml files succesfully.
fixes#25321
* Get AWS access and secret keys from boto config
* matching the elif pattern
* avoid setting credentials as empty strings by checking os.environ.get('cred')
put comments back
* remove None from os.environ.get()
* Support check_mode in ec2_vpc_nacl
Ensure that all API calls that make changes are guarded by
`if not module.check_mode`.
* Update ec2_vpc_nacl_facts to latest pep8 standards
* Platform agnostic net_system module
Also refactor the action network plugins for better code re-use
Still more refactoring to do once the connection plugin work is complete
* Replace importlib for imp
importlib is not available on 2.6, so we need to stick to imp
* Load action plugin via module metadata
* Better error message if no implementation is found
Now the plugin will show the module name and the network OS in the
error message
* Fix typo on documentation author line
* Fix pep8 issues
* Add missing options key on doc string and stringify version
* Return None in case module has no metadata
* Read module metadata only if it's a python module
Check for module suffix, if it's .py then read metadata.
Otherwise this fails on non-python modules, like Windows PS for example.
* Read metadata variable only if it's a python module
Fix referencing a variable before assignment
* Add action_handler to validate_modules metadata schema
* Pull metadata with plugin_docs get_docstring
Using load_source from PluginLoader is troublesome, it is not guaranteed
a module may be importable at the controller, e.g. if a module depends
on module_utils functions it won't work, because module_utils is not
in the sys path.
Rather than putting that module dependencies introspection, just
use plain parsing like plugin_docs get_docstring does as we only care
about reading ANSIBLE_METADATA.
* Add platform agnostic group of groups for integration tests
This will be the target for platform agnostic integration tests.
* Add integration tests for net_system
* Switch to action plugin inheritance from metadata driven action handler
As the metadata action driven action handler work is being worked on
on its standalone proposal+PR, let's just go back to have one
action handler per platform agnostic module.
Those action plugins will inherit from net_base.
* Add blank line to fix pep8
* Add aliases file to net_system integration test
This will avoid CI failure
* Fix integration tests for net_system
* Give more precedence to task network_os over inventory network_os
* Add support to fetch old style junos facts
Fixes#25050
Add support to fetch old style facts supported in Ansible <= 2.2
To fetch old style facts value `gather_subset` value shoule be `all`
and `junos-eznc` is required to be installed on control node as a
prerequisite.
* Remove unwanted import
* Added win_dsc module file
* mute output and track reboot requirements
* added tests
* proper conditionals for test
* Added moar conditionals for test
* ci fixes
* Added metadata
* fixed integration test yaml
* ci fix
* ci fix
* added module_version param and output, no longer chokes on multiple versions found.
* ci fix
* code review improvements, make return vars more pythonic, cleanup
removed reference to handles in commit message
* Fixed tests, clearer documentation
* fixed trailing whitespace
Facts Refresh (2.4 roadmap)
This commit implements most of the 2.4 roadmap 'Facts Refresh'
- move facts.py to facts/__init__.py
- move facts Distribution() to its own class
- add a facts/utils.py
- move get_file_content and get_uname_version to facts/utils.py
- move Facts() class from facts/__init__ to facts/facts.py
- mv get_file_lines to facts/utils.py
- mv Ohai()/Facter() class to facts/ohai.py and facter.py
- Start moving fact Hardware() classes to facts/hardware/*.py
- mv HPUX() hardware class to facts/hardware/hpux.py
- move SunOSHardware() fact class to facts/hardware/sunos.py
- move OpenBSDHardware() class to facts/hardware/openbsd.py
- mv FreeBsdHardware() and DragonFlyHardware() to facts/hardware/
- mv NetBSDHardware() to facts/hardware/netbsd.py
- mv Darwin() hardware class to facts/hardware/darwin.py
- pep8/etc cleanups on facts/hardware/*.py
- Mv network facts classes to facts/network/*.py
- mv Virtual fact classes to facts/virtual
- mv Hardware.get_sysctl to facts/sysctl.py:get_sysctl
- Also mv get_uname_version from facts/utils.py -> distribution.py
since distribution.py is the only thing using it.
- add collector.py with new BaseFactCollector
- add a subclass for AnsibleFactCollector
- hook up dict key munging FactNamespaces
- add some test cases for testing the names of facts
- mv timeout stuff to facts.timeout
- rm ansible_facts()/get_all_facts() etc
- Instead of calling facts.ansible_facts(), fact collection
api used by setup.py is now to create an AnsibleFactCollector()
and call it's collect method.
- replace Facts.get_user_facts with UserFactCollector
- add a 'systems' facts package, mv UserFactCollector there
- mv get_dns_facts to DnsFactCollector
- mv get_env_facts to EnvFactCollector
- include the timeout length in exception message
- modules and module_utils that use AnsibleFactCollector
can now theoretically set the 'valid_subsets'
May be useful for network facts module that currently have
to reimplement a good chunk of facts.py to get gather_subsets
to work.
- get_local_facts -> system/LocalFactCollector
- get_date_time -> system/date_time.py
- get_fips_facts -> system/fips.py
- get_caps_facts() -> system/caps.py
- get_apparmor_facts -> system/apparmor.py
- get_selinux_facts -> system/selinux.py
- get_lsb_facts -> system/lsb.py
- get_service_mgr_facts -> system/service_mgr.py
- Facts.is_systemd_managed -> system/service_mgr.py
- get_pkg_mgr_facts -> system/pkg_mgr.py
- Facts()._get_mount_size_facts() -> facts.utils.get_mount_size()
- add unit test for EnvFactCollector
- add a test case for minimal gather_subsets
- add test case for collect_ids
- Make gather_subset match existing behavior or '!all'
If 'gather_subset' is provided as '!all', the existing behavior
(in 2.2/2.3) is that means 'dont collect any facts except those
from the Facts() class'. So 'skip everything except
'apparmor', 'caps', 'date_time', 'env', 'fips', 'local', 'lsb',
'pkg_mgr', 'python', 'selinux', 'service_mgr', 'user', 'platform', etc.
The new facts setup was making '!all' mean no facts at all, since
it can add/exclude at a finer granularity. Since that makes more
sense for the ansible collector, and the set of minimal facts to
collect is really more up to setup.py to decide we do just that.
So if setup.py needs to always collect some gather_subset, even
on !all, setup.py needs to have the that subset added to the
list it passes as minimal_gather_subset.
This should fix some intg tests that assume '!all' means that
some facts are still collected (user info and env for example).
If we want to make setup.py collect a more minimal set, we can do that.
- force facts_dicts.keys() to a list so py3 works
- split fact collector tests to test_collectors.py
- convert Facter(Facts) -> other/facter.py:FacterFactCollector
- add FactCollector.collect_with_namespace()
regular .collect() will return a dict with the key names
using the base names ('ip_address', 'service_mgr' etc)
.collect_with_namespace() will return a dict where the key names
have been transformed with the collectors namespace, if there is
one. For most, this means a namespace that adds 'ansible_' to the
start of the key name.
For 'FacterFactCollector', the namespace transforms the key to
'facter_*'.
- add test cases for collect_with_namespace
- move all the concrete 'which facts does setup.py' stuff to setup.py
The caller of AnsibleFactCollector.from_gather_subset() needs to
pass in the list of collector classes now.
- update system/setup.py to import all of the fact classes and pass
in that list.
- split the Distribution fact class up a bit
extracted the 'distro release' file handling (ie, linux
boxes with /etc/release, /etc/os-release etc) into its
own class.
- extract get_cmdline_facts -> cmdline.py
- extract get_public_ssh_host_keys -> system/ssh_pub_keys.py
- extract get_platform_facts -> system/platform.py
platform.py may be a good candidate for further splitting.
- rm test for plain Facts() base class
- let the base class for Collector unit tests provide collected_facts
some Collectors and/or their migrated Facts() subsclasses need
to look at facts collected by other modules ('ansible_architecture'
the main one...).
Collector.collect() has the collected_facts arg for this, so add
a class variable to BaseFactsTest so we can specify it.
- mv Ohai to other/ohai.py and convert to Collector
- update hardware/*.py to return facts (no side effects)
- mv AnsibleFactCollector to setup.py
- extra collector class gathering to module method in
facts/__init__.py (collector_classes_from_gather_subset)
- add a CollectorMetaDataCollector collector used to provide
the 'gather_setup' fact
- add unit test module for 'setup' module
(test/units/modules/system/setup.py)
- Collector init now doesnt need a module, but collect does
An instance of a FactCollector() isnt tied to a AnsibleModule
instance, but the collect() method can be, so optionally pass
in module to FactCollector.collect() (everywhere)
- add a default_collectors for list of default collectors
import and use it from setup.py module
eventually, would like to replace this with a plugin loader
style class finder/loader
- unit tests for module_utils/facts/__init__.py
- add unit tests for ohai facts collector
- remove self.facts side effect on populate() in hardware/sunos.py
- convert OpenBSDHardware() to rm side effects on self.facts
- try to rm some self.facts side effects in Network()
plumb in collected_facts from populate() where it is needed.
stop passing collected_facts into Network() [via cached_facts=,
where it eventually becomes self.facts]
- nothing provides Fact() cached_facts arg now, rm it
Facts() should be internal only implementation so nothing
should be using it.
Of course, now someone will.
- add a Collector.name attr to build a map of name->_fact_ids
To properly exclude a gather_subset spec like '!hardware', we
need to know that 'hardware' also means 'devices', 'dmi', etc.
Before, '!hardware' would remove the 'hardware' collector name
but not 'devices'. Since both would end up in id_collector_map,
we would still end up with the HardwareCollector in the collector
list. End result being that '!hardware' wouldn't stop hardware
from being collected.
So we need to be able to build that map, so add the Collector.name
attribute that is the primary name (like 'hardware') and let
Collector._fact_ids be the other fact ids that a collector is
responsible for.
Construct the aliases_map of Collector.name -> set of _fact_ids
in fact/__init__.py get_collector_names, and use it when we are
populating the exclude set.
- refactor of distribution.py
make the big OS_FAMILY literal a little easier to read
Also keys can now be any string instead of python literals
99% sure the test for 'KDE Neon' was wrong
I don't see how/where it should or could get 'Neon' instead
of 'KDE Neon' as provided in os-release NAME=
Use 'distribution' string for key to OS_MAP
ie, we dont need to make it a valid python label anymore so dont.
move _has_dist_file to module as _file_exists
easier to mock without mucking with os.path
mv platform.system() calls to within get_distribution_facts() instead
of Distribution() init.
- remove _json compat module
The code in here was to support:
-a 'json' python module that was not the standard one included
with python since 2.6.
- potentially fallback to simplejson if 'json' was not available.
'json' is available for all supported python versions now so
no longer needed.
- mv get_collector_names -> facts.collector
- mv collector_classes_from_gather_subset -> facts.collector
- mv collector tests from test_facts -> test_collector
- Use six's reduce() in sunos/netbsd hardware facts
- rm extraneous get_uname_version in utils
only system/distribution.py uses it
- Remove Facts() subclass metaclass usage
- using fact_id and a platform id for matching collectors
gut most of Facts() subclasses
rm Facts() subclasses with weird metaclass
only add collectors that match the fact_ids and the platform_info
to the list of collectors used.
atm, a collectors platform_id will default to 'Generic', and
any platform matches 'Generic'
goal is to select collector classes including matching the
systems platform in collector.py, instead of relying on
metaclasses in hardware/*. To finish this, the various
Facts() subclasses will need to be replaced entirely with
Collector() subclasses.
use collector classmethod platform_match() to match the platform
This lets the particular class decide if it is compatible with
a given platform_info. platform_info is a dict like obj, so it could be
expanded in the future.
Add a default platform_match to BaseFactCollector that matches
platform_info['system'] == cls._platform
They were needed previously to trigger a module
load on all the collector classes when we import
facts/hardare so that the Hardware() and related
classes that used __new__ and find_all_subclasses()
would work.
Now that is done in collectors based on platform matching
at runtime we dont need to do it py module import/parse
time. So the non empty __init__.pys are no longer needed
and their is a more flexible mechanism for selection
platform specific stuff.
facts/facts.py is no longer used, rm'ed
- if we dont find an implement class for gather spec.. just ignore it.
Would be useful to add a warn to warn about this case.
- Fix SD-UX typo (should be HP-UX)
- Port fix for #21893 (0 sockets) to this branch
This readds the change from 8ad182059d
that got lost in merge/rebase
Fixes#21893
- port sunos fact locale fix for #24542 to this branch
based on e558ec19cdFixes#24542
Solaris fact fix (#24793)
ensure locale for solaris fact gathering
fixes issue with locale interfering with proper reading of decimals
- raise exceptions in the air like we just dont care.
Pretty much ignore any not exit exception in facts
collection. And add some test cases.
- added new selinux fact to clarify python lib
the selinux fact is boolean false when the library is not installed,
a dictionary/hash otherwise, but this is ambigous
added new fact so we can eventually remove the type dichtomy and normalize it as a dict
Re-add of devel commit 85c7a7b844 to
the new code layout, since it got removed in merge/rebase
An empty `target_group_arns` list represents no target groups.
This is different to not passing a `target_group_arns` list at all
which can signify no change.
Remove unnecessary empty list construction, as it must already be
an empty list to get to that point.
* Import from urllib and not url
In Python 3, the correct way to import
urlparse is through urllib.parse.
* Use six module to import urlparse
Import urlparse from ansible.module_utils.six.
This way, the import statement is compatible both
with Python 3 and Python 2.
* Fix urlparse import using six module
The correct import is:
from six.moves.urllib.parse import urlparse
* Import six from ansible.compat
* Import from six.moves. Don't make six global.
Prevent code smell by not making six available
in the global namespace and instead importing from
one of its subpackages.
* moved the logging statement
moved the logging statement before the actual action
* added status code check
In the existing implementation when the ssh command fails the command
result is silently discarded. It hides the fact that the disconnection
did not go as expected. Effectively the intended action was not
successful, but the play continues.
* Revert "added status code check"
This reverts commit fe2eb2ae4a.
* added command status code check
In the existing implementation the command is checked for the success.
As a result failed execution is silently discarded. The change tests for
return code and fails if it did not work.
Refer to 689f135 for similar fix in s3 module. This change makes `OrdinaryCallingFormat` default for handling S3 connections.
Signed-off-by: Yury V. Zaytsev <yury.zaytsev@moneymeets.com>
* New module = elb_target_group
* Update elb_target_group.py
Adds support for adding and removing targets from a target group
* Better error handling
* Bump version_added
* Minor fixes
* Scope ec2 imports, add better doco, fix up examples, allow for both upper and lower case in protocol
* Yaml fixes
* ci fix
* Added targets parameter to doc and added new modify_targets flag to prevent runs from modifying targets
* Update to metadata_version
* Update to metadata support
* Remove defaults for some params. Add tags parameter
* Use paginator to get target groups
* Add tag support
* Add tg attributes to module
* Quote multilines
* Remove unnecessary defaults. Fix multiline
* Fix line ending
* New module = elb_application_lb
* Update elb_application_lb.py
Adds support for rules, adds wait option for ALB creation, adds support for using target group names instead of ARNs when referencing target groups in rules. All additional features should be idempotent.
* Better exception error messages. Bump version_added. Pep8 fixes
* Add missing full stop to description
* Review changes and fixes
* Fix pep issues
* Fix up examples
* Fix pep8
* half way through sorting elb attributes
* Add access logs enabled param
* Finish implementing elb attributes
* Use paginator to get elbs
* Dont snake_case the tags
* Add listeners to return output and fixed up examples
* review changes
* fix line lengths
* pep8 fixes
`e.message` is a string, and `camel_dict_to_snake_dict` fails when
given a string. The intended code is to run `camel_dict_to_snake_dict`
on `e.response`, the result of which includes a `message` key.
Make exception handling lines more consistent and wrap for slightly
shorter lines.
* win_firewall_rule: Small idempotency fix
This PR includes the following changes:
- an idempotency fix when `profile: any`
- better difference output to debug idempotency issues
- documentation fixes (remove `required: false`)
- Parameter handling fixes
- RDP example that matches default RDP rule
- Renamed parameter 'enable' to 'enabled' (kept alias)
- Renamed parameter 'profile' to 'profiles' (kept alias)
* Rewrite module completely
The logic is still intact, but various changes with a single goal:
- Make the module idempotent
- Implement check-mode
- Implement diff-mode
- Adapted integration tests
This fixes#18807 and #23455.
* Change casing to lowercase
* Improve the logic wrt. diff
This is required for modules that may return a non-zero `rc` value for a
successful run, similar to #24865 for Windows fixing **win_chocolatey**.
We also disable the dependency on `rc` value only, even if `failed` was
set.
Adapted unit and integration tests to the new scheme.
Updated raw, shell, script, expect to take `rc` into account.
* apt: include arch in check for installed packages on multi-arch systems
Thanks: Stefan Löwen <stefan.loewen@gmail.com>
Fixes: #24673
* add an integration test for apt's multi-arch handling
The `when` condition templating warning should only happen
if the condition itself contains templating, not if variables
in the condition are themselves composed through templating
Before
```
vars:
x: hello
y: "{{ x }}"
tasks:
- debug: msg=hello
when: y
```
would fire a warning because `y` would get expanded to `{{ x }}`.
This checks whether a warning is required prior to expansion.
* Simplify apply_key_map
* Fix nxapi
* Clean up get_value
* Fix missing non-values
* Add test for existing bgp_af case
* Fix small issues with bgp_neighbor_af
When an unchanged MD5-hashed password was used and passlib was
unavailable, an useless 'ALTER USER' query was executed.
Once this useless query avoided, the last 'SELECT' query becomes
useless too.
* Prevent IndexError when deleting multiple lines
The old code will raise `IndexError: list assignment index out of range` when deleting multiple lines because the indexes of the original and the copy get out of sync. Solved by deleting from the high indexes first so the lower ones remain stable.
* Don't load configuration if nothing to load
Instead of sending an empty candidate config (for example because the candidate only consisted of `delete` lines, and all of them were filtered out by `filter_delete_statements`) just return. JunOS seems to get confused by empty changes, and if the candidate config is empty then it's a no-op anyway.
1) Examples: Remove double space between "option:" and "value"
2) Documentation: Fix rendering usses
3) Documentation: Remove `required: true` to match argspec
* Change default port for aos_login and force type to Integer
* Add check to make sure aos-pyez is present and has the right version
* Update min version requirement in doc
* Change default port in documentation as well
* adding module to control management of sensu silence entries
* adding doc stanza
* fixing some issues
* more cleanup
* fixing defaults
* fixing more doc issues
* fixing examples
* more fixes
- Removed alias autoclean from autoremove.
- Added independent execution of apt-get autoclean/autoremove
- Continued to support --auto-remove as a flag to install/remove
Fixes#22222#24718
Fix adds check for values provided by user for
name and value in sysctl module.
While providing name and value as in-line params,
check for blank values
Fixes#20176
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
the selinux fact is boolean false when the library is not installed,
a dictionary/hash otherwise, but this is ambigous
added new fact so we can eventually remove the type dichtomy and normalize it as a dict
`variable_manager` is passed to the constructor of `PlayIterator`,
and then used to access the fact cache when fact gathering.
Make `_variable_manager` an attribute of the `PlayIterator` class
* Use double-quotes for expect integration tests
* Cast user input to string for expect integration tests
* Remove usage of cmp() for python3 compatibility
- Add code smell test to look for cmp usage
- Fixes#24756
* docker_container: add working_dir (fixes#20044)
Added a working directory option that will get passed with the other
docker container parameters. This is optional and addresses feature
request #20044.
* apk: Allow update and upgrade in same task
* apk: Add repository option
* apk: Add available option
* apk: Add stdout and stderr output where possible
* apk: Add packages return with list of changed packages
* Add doc for password
* Add example to change user password
* Add dot at the end of the doc for password
* Add disclaimer in documentation for password
* Correct provider option name in description
* eos python3 changes
* changes to convert response from byte to text
* Add dellos6 python3 changes
Make `execute_command` arguments and its
return value complaint to PY3 changes
made in PR #24431
* Fix py3 prompt issue for invalid show command
* Fix review comments
* Add generic fix for error prompt in py3
* Fix CI issue
* Fix network_cli unit test failure
* Added timeout to jenkins_script POST request
The timeout value is passed to fetch_url to allow a custom timeout
bigger than the predefined 10 seconds.
* Added version, removed no_log
* Fix expect for python 3
- Change generator next to python 3 compatible
- Added tests for expect
* Add pexpect to integration.txt
- add pexpect library to requirements for integration tests
* Use ansible_python_interpreter in integration tests for expect
* Use double-quotes for expect integration tests
* Cast user input to string for expect integration tests
* Cast user input to string earlier in expect integration tests
* Use ansible.module_utils.six.moves input for expect integration tests
* Fix yamllint errors in the expect test
* Use cat to trigger timeout for expect integration tests
* Use realpath filter in expect integration tests
* draft new inventory plugin arch, yaml sample
- split classes, moved out of init
- extra debug statements
- allow mulitple invenotry files
- dont add hosts more than once
- simplified host vars
- since now we can have multiple, inventory_dir/file needs to be per host
- ported yaml/script/ini/virtualbox plugins, dir is 'built in manager'
- centralized localhost handling
- added plugin docs
- leaner meaner inventory (split to data + manager)
- moved noop vars plugin
- added 'postprocessing' inventory plugins
- fixed ini plugin, better info on plugin run group declarations can appear in any position relative to children entry that contains them
- grouphost_vars loading as inventory plugin (postprocessing)
- playbook_dir allways full path
- use bytes for file operations
- better handling of empty/null sources
- added test target that skips networking modules
- now var manager loads play group/host_vars independant from inventory
- centralized play setup repeat code
- updated changelog with inv features
- asperioribus verbis spatium album
- fixed dataloader to new sig
- made yaml plugin more resistant to bad data
- nicer error msgs
- fixed undeclared group detection
- fixed 'ungrouping'
- docs updated s/INI/file/ as its not only format
- made behaviour of var merge a toggle
- made 'source over group' path follow existing rule for var precedence
- updated add_host/group from strategy
- made host_list a plugin and added it to defaults
- added advanced_host_list as example variation
- refactored 'display' to be availbe by default in class inheritance
- optimized implicit handling as per @pilou's feedback
- removed unused code and tests
- added inventory cache and vbox plugin now uses it
- added _compose method for variable expressions in plugins
- vbox plugin now uses 'compose'
- require yaml extension for yaml
- fix for plugin loader to always add original_path, even when not using all()
- fix py3 issues
- added --inventory as clearer option
- return name when stringifying host objects
- ajdust checks to code moving
* reworked vars and vars precedence
- vars plugins now load group/host_vars dirs
- precedence for host vars is now configurable
- vars_plugins been reworked
- removed unused vars cache
- removed _gathered_facts as we are not keeping info in host anymore
- cleaned up tests
- fixed ansible-pull to work with new inventory
- removed version added notation to please rst check
- inventory in config relative to config
- ensures full paths on passed inventories
* implicit localhost connection local
Reads the directory_mode param as 'raw' type to mirror the same behavior as mode.
This'll cause non-quoted values to be represented as an int, rather than a str.
Covered by 'assert recursive copied directories mode' test.
Fixes#24202
* nxos_evpn_global refactor
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* ansibot told me to do this
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* Add nxos changes for Python3
Make `execute_command` arguments and its
return value complaint to PY3 changes
made in PR #24431
* Fix CI issues
* Fix review comment
Replace surrogate_or_strict with
surrogate_then_replace as per review
comment os PR #24601
* nxos_hsrp fix
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* unit test nxos_hsrp
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* ansibot told me to do this
* revert apply_key_map and simplify method
Fix allows user to specify username and password for
using github_release to perform various operations
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Lookup credential id and pass in credential rather than scm_credential
* Change the excepting handling to catch missing credentials
* Make error messages for not found lookups more useful
* add ce_vlan.py
* metadata_version update
* fix review issues
* Update ce_vlan.py
* fix check issue
required_if not work well when the option value is "not None"
* Revert to using url_map internal to the module to allow parameter generation to work. module parameter is still url_map_name.
* [GCP] Cross Region Load Balancer Integration Test
* [GCP] Healthcheck module
* fix return YAML block
* removed update_ return value; removed python26 check; typos and docs updates
* doc fix
* Updated int test for no-update conditions
* added filter_gcp_fields test
* fixed bug in update where dictionary wasn't built correctly and port was not being set.
* added default values to documentation block
Tags should retain case, and should not be snake cased.
Easiest way to do this is to snake before converting tag
list as while that affects the keys of the boto3 tag lists,
it doesn't affect the values. Need to use `tag_value_key_name`
and `tag_name_key_name` following recent change to
`boto3_tag_list_to_ansible_dict`, which used to handle both
`key`/`Key` and `value`/`Value`
Fix converts commit_timeout to string as
Elementree.SubElement requires text as string.
Fixes#24611
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
When only looking at the failed state of the TaskResult, certain failures
cause the linear strategy to fail out sooner than it should and not execute
the always portion of blocks.
Fixes#24301
* Remove organization field from the tower_user module re: issue #24510
* Fix trailing spaces.
* Fixes for Shippable errors, pep8
* Remove a random inserted space.
* Add ios changes for Python3
Make `execute_command` arguments and its
return value complaint to PY3 changes
made in PR #24431
pep8 fixes
* Fix CI issues
* Fix review comment
* fix eni lookup logic to update them only when univocally specified (Fixes#19972)
remove redundant eni lookup
* Rename the univocally_find_eni method to uniquely_find_eni
* Idempotency logic minor fixes
* Fixing pep8 reported issues
* Adding a required_together constraint for instance_id and device_index
* Fix ec2_eni private_ip_address matching
* Adding an example of matching via subnet_id and private_ip_address
* Removing the required_together and subnet_id constraints
* Addding some notes to explain the module assumptions
* Implementing Ryan's wording proposal
remove cloudtrail.py from legacy-files as it passes pep8 tests now
update return values to use snake case per coding guidelines
update boto3 exception handling to use method outlined in coding guidelines
update parameter spec and return value code per PR code review
* Add sros changes for Python3
Make `execute_command` arguments and its
return value complaint to PY3 changes
made in PR #24431
Code cleanup
pep8 fixes
* Fix CI issue
* Add vyos changes for Python3
Make `execute_command` arguments and its
return value complaint to PY3 changes
made in PR #24431
pep8 fixes
* Fix CI issues
In _process_pending_results (strategy/__init__.py), we were using the delegate_to
field directly from the original task, which was not being templated correctly.
As an alternate to #23599, this patch instead pulls the host name out of the delegated
vars passed back in the task result dictionary to avoid having to re-template things.
Fixes#23599Fixes#20508
Ensure newly created NAT gateways get converted to snake dict
Remove custom code, and associated test, for generating snake
dict and use `camel_dict_to_snake_dict`
Make use of `required_if` rather than bespoke parameter checks
Remove ec2_vpc_nat_gateway from pep8 legacy files list
If a lambda exists but does not have a VPC configuration,
add the VPC configuration when it's present in the ansible
parameters.
Prior to this change, setting VPC configuration on a lambda
that did not have any VPC configuration would ignore that config.
* Fixes#24251 save config only if it is changed
Save to startup configuration only when it is different
from running configuration.
* Fix unit test issue
* vmware_guest: Add support for Linked Clones
* Resolve PEP8 Issues
* Change snapshot_name to snapshot_src
* Add additional option 'snapshot_linked' to specify whether to use a linked clone or not
* Changed snapshot_linked parameter to "linked_clone"
* Remove unnecessary conditional
We have a protection against a user setting use_default_subnetpool in
their playbook - but then we sure do pass the kwarg anyway. Maybe let's
not do that.
With newer versions of ansible, module arguments are assumed to
be strings unless otherwise specified. Our 'facts' argument is
expected to be a dictionary, so tell ansible that.
Without this, the argument will arrive as a string and be written
to the facter file inside string quotes. Facter will produce the
following error:
undefined method `each' for #<String:0x000000016ee640>
This was originally fixed and found in the Ansible Puppet role which
is maintained by the OpenStack infrastructure team.
8d0f0bfd0a
On Python3 and Python2 use pickle slightly differently so we need to be
explicit about some things.
If pickles could be shared between python2 and python3, as in
ansible-connection and the pickle cache, we need to specify the protocol
to use when dumping and the encoding to use for byte strings when
loading.
The dumping protocol needs to be no higher than 2 as python-2 only
supports up to protocol 2. The encoding should usually be 'bytes' so
that python2 str type becomes python3 bytes type. However, doing this
means that we must make sure that the objects being serialized properly
make their strings into text strings except when they're supposed to be
bytes. If strings are improperly byte strings, they may cause
tracebacks on the receiving end
Fix for persistent connection plugin on Python3. Note that fixes are also needed to each terminal plugin. This PR only fixes the ios terminal (as proof that this approach is workable.) Future PRs can address the other terminal types.
* On Python3, pickle needs to work with byte strings, not text strings.
* Set the pickle protocol version to 0 because we're using a pty to feed data to the connection plugin. A pty can't have control characters. So we have to send ascii only. That means
only using protocol=0 for pickling the data.
* ansible-connection isn't being used with py3 in the bug but it needs
several changes to work with python3.
* In python3, closing the pty too early causes no data to be sent. So
leave stdin open until after we finish with the ansible-connection
process.
* Fix typo using traceback.format_exc()
* Cleanup unnecessary StringIO, BytesIO, and to_bytes calls
* Modify the network_cli and terminal plugins for py3 compat. Lots of mixing of text and byte strings that needs to be straightened out to be compatible with python3
* Documentation for the bytes<=>text strategy for terminal plugins
* Update unittests for more bytes-oriented internals
Fixes#24355
* New module fortios_address_group
* Fix issue when fortigate don't contain any address group
* Add alias & change member from str to list type
* Fix pep8
* Fix aliases format in doc
* Fix pep8
* Remove duplicate arg spec with module_utils/fortios.py
* Change string format for better compat + better exception catching + cosmetic changes
* Use set, specify exception, RE pattern one time...
* fix pep8
* Improving of nxos_ip_interface module
Added features:
* Route tags for an IP address at interface level with 'tag' option
* Support of IPv4 secondary addresses if option 'allow_secondary' is
true (false by default). If option 'allow_secondary' is true primary
IPv4 address will be replaced
All features support NXAPI and CLI transport, but only with text/raw
output. Currently not possible to get route tags for secondary IPv4/IPv6
addresses from JSON output.
Other changes:
* Module return state 'changed' only when configuration commands were
executed
* Module result includes multiple prefixes if IPv4 addresses were
found
* Fix PEP8 issues
* Addition fix of PEP8 issues
* Remove unused variable from main()
* Fix "proposed" sample in RETURN variable
* Fix "existing" sample in RETURN variable
* Update RETURN variable
Add 'secondary' for every element of 'addresses' list.
* Restore old version number
* Added exception when ipaddress module is imported
* DOCUMENTATION string was updated
* Added 'version_added' for new features
* Added 'requirements' for module
* Added compatibility with latest commit in devel branch
* DOCUMENTATION was fixed
* Improve changes of route tag for existing ip addresses
* Added compatibility with core code
* Fixed mistypes in the DOCUMENTATION variable
* argument_spec fixed
allow_secondary argument type was changed according to allowed choices.
Template can take a directory as the destination. When that's the case,
we need to diff between the source and the file inside of the directory.
That happened when the directory was specified with a trailing slash but
not when it was specified on its own. This change fixes that.
Fixes#24413
For playbook base objects, when dumping attributes via dump_attrs() an
attribute like loop_control is a class. Using the default serialization
for these is slow and consumes a lot of memory. Since LoopControl is also
based on the Base class, we can use serialize() instead and save a lot of
resources.
This also adds a from_attrs() complimentary method to nicely turn the
dumped attrs back into proper field attributes.
Fixes#23579
* [GCP] UrlMap module
This module provides support for UrlMaps on Google Cloud Platform. UrlMaps allow users to segment requests by hostname and path and direct those requests to Backend Services.
UrlMaps are a powerful and necessary part of HTTP(S) Global Load Balancing on Google Cloud Platform.
UrlMap takes advantage of the python-api so the appropriate infrastructure has been added to module_utils.
More about UrlMaps can be found at:
https://cloud.google.com/compute/docs/load-balancing/http/url-map
UrlMap API:
https://cloud.google.com/compute/docs/reference/latest/
Google Cloud Platform HTTP(S) Cross-Region Load Balancer:
https://cloud.google.com/compute/docs/load-balancing/http/
* updated documentation, remmoved parens
* fixed tabs
* Create netconf_config.py
To support new attribute 'src' for the netconf_config module.
Cross-check with #24323
* Update netconf_config.py
* Update netconf_config.py
* switch to boto3 and add support for application ELBs with target groups.
* use py23 compatible dict iterator.
* removing commented out fail_json calls
utilize sets to simplify logic
remove setting a redundant variable
add bounds checking in two places
add AWSRetry decorator - do we want this for other functions too?
change xrange to range so python3 doesn't fail
remove sorting lists of dicts; in python2 this returns None, in python3 this fails
* remove error variable from traceback.format_exc
* Remove boto2-style calls brought in by rebase
Old boto-style calls to `as_group` attributes break in boto3
Also remove module from legacy-PEP8 list
* Add parameter to target_group_arn option
* Fix HAS_BOTO3 check
* use tags.items() instead of iteritems
* import botocore
* Fixed bugs in deleting autoscaling groups
* make changes in deleting autoscaling groups pep8
* more pep8
* fix version
* fix bugs so local integration tests run
* fix launch config check
* reflect changed status for ASG updates
* Fix existing exception handling and use traceback.
Fix imports
* line length
* Fix notification setup
* Fix mutually exclusive arguments
Only one of the AvailabilityZones and VPCZoneIdentifier arguments should be provided to the CreateAutoScalingGroup call.
* Allow desired_capacity, min_size, max_size, launch_config_name to be derived from the existing ASG if not specified
Remove code updating dict after ASG already uses it
* Add new helper function for comparing AWS tag key pair dicts. Also modify boto3_tag_list_to_ansible_dict function to be more generic when looking for key names because AWS sometimes uses 'Key', sometimes 'TagKey' and who knows what the future holds! Fixed modules to work with changes.
* Review changes
* Add some more doc to GUIDELINES for tags and fix var name for snaked values in ec2_group_facts
* nxos_vrf_af fix and unit test
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* ansibot told me to do this
* use sorted() as the test list elements differ in order for python2.x and 3.x
* fixes nxos_evpn_vni
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* fixes pep8 issue and syntax error
* ansibot tole me to do this
* Unit test
* win_psexec: Enable -nobanner option by default
PR also includes:
- Option `nobanner:` to remove this flag
- Improvements to Examples
- Improvement to Return Value
- Add types to all parameters now
- Add (limited) integration tests
* Move sysinternals into C:\Windows\Temp
* Support auto_remove in docker_container
* Fail if not docker>=2 and auto_remove=True, don't set auto_remove in host_config if not docker>=2
* Make quoting more readable in ansible errors
* allow elb scheme to be updated by restarting the resource
use ensure_gone and require wait option
* fix pep8
* fix yaml
* requested changes
* fix fail_json
Simplified the logic, and fix the issue of having a nested list as
entry.
Also indicate that we deliberately want to retain $null values
(and i.e. do not want them to be turned into a boolean).
Previously, this module could throw the following error message:
NameError: global name 'current_roles_attrs' is not defined
The referencing key should also match the name of the column, which is
rolvaliduntil, not rol_valid_until
* WIP file_mode
* WIP
* Add file_mode + integration tests
* fix pep8
* Update doc fragments
Create mutualy_exclusive param
Fix yamllint problem in tests
* Add aliases file + main playbook for fortios
* Install pyfg before running tests
* Install pyfg before running tests in role
* Remove pre_task as it's done in roles
* Force pyFG minimal version for python3
* role_path not role_dir :(
* Change requirements
* Specify Error type when error on import
* Bug in pygf library with python 2.5 (PR is waiting https://github.com/spotify/pyfg/pull/19)
* Bad requirement format
* still bad format -_-'
* remove test/integration/fortios.py (auto generated by tests)
missing new lines at end of file
* pyFG is now fixed in 0.50
Fix adds check if app_key and api_key provided by
user is correct or not. If this combination is wrong
then fail with appropriate error message given by
Datadog server
Fixes https://github.com/ansible/ansible/issues/24325
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
CVE-2017-7481
Lookup returns wrap the result in unsafe, however when used through the
standard templar engine, this does not result in the jinja2 environment being
marked as unsafe as a whole. This means the lookup result looses the unsafe
protection and may become simple unicode strings, which can result in bad
things being re-templated.
This also adds a global lookup param and cfg options for lookups to allow
unsafe returns, so users can force the previous (insecure) behavior.
Output of `yum check-update` can contain lines with long package names and long
repository label names, which will be broken into multiple lines, which need to
be sanitized. The solution to this has been fixed and refactored in 2.3 in form
of parse_check_update(), but it still contains subtle bug, which makes such
multi-lines invisible to later logic (such packages aren't included in
parse_check_update()) output. The problem is caused by using '\1' in re.sub(),
instead of proper r'\1', which literally puts unicode symbol \1 into resulting
output.
ssh-keyscan isn't very verbose about errors. Give the user whatever
information we have available even if it isn't much. At least they will
know how we were running ssh-keyscan and why there's an error now.
Fixes#19440
Use the default repr of AnsibleVaultEncryptedUnicode.data instead
of a custom one, since jinja templating ends up using the repr()
results.
Fixes#23846, #24175
os_quota checks the current quotas for compute, network and volume
services and fails when no volume service is found in the catalog.
Since openstack test deployments without volume services are common
os_quota shouldn't fail if such service is missing.
Fixes#23085
Signed-off-by: Alberto Murillo Silva <alberto.murillo.silva@intel.com>
This allow users to write better playbooks by replacing
- shell: dnf autoremove -y
with
- dnf: autoremove=yes
Fixes#18815
Signed-off-by: Alberto Murillo Silva <alberto.murillo.silva@intel.com>
Fix adds correct warning after deleting Windows User.
Also, adds modular function to get group
Fixes https://github.com/ansible/ansible/issues/24190
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* ansible-doc -s is supposed to output a sample snippet of how you could
add the module into a playbook. These changes update the style:
* Use yaml mappings instead of key=value
* Use the module name directly instead of action: modulename
* Fixes a bug when displaying option descritpions which are yaml strings
instead of lists.
This fixes in code the bad formatting reported in #24201
Using github_issue module, user can retrive status of issue
listed on Github repository and depending upon status takes
various actions e.g., workarounds and downloading patches.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
When unittesting, the framework creates a pipes module that is picked up
by the basic module_utils test. Switch to using shlex_quote as that is
the right thing to use for portability anyway.
* Added new common argument api_version for all Avi modules
* Updated dependency for the new modules to use avi sdk 17.1 and above
* Updated Avi 17.1.1 modules with descriptions and moddule dependencies
* Updated version_added for new options
This fix adds a module option `validate_certs' to check
self-signed certificate of LDAP server.
Fixes https://github.com/ansible/ansible/issues/24009
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
This fix makes it so that the module works as expected when
`server_hostname` is provided. It was being silently ignored
previously. I suppose this may also fix similar behavior with
`server_insecure`, but I did not check that explicitly.
* Fix netconf port validation and minor doc change
Add check to confirm if `validate_*` funcion is
callable.
Add `config_format` in `junos_facts` documentation
* Fix review comments
- Use `fail_json` for `get_all_load_balancers` unhandled exception.
- Do not mask error message on failure of `enable_zones`.
- Do not mask error message on failure of `disable_zones`.
Also added/removed blank lines to improve PEP 8 compliance.
If a bridge does not have a fail mode set, it returns nothing, i.e.
empty string.
This causes a failure when doing the want vs have compare in plays
where the fail-mode is missing, as we compare "" vs None respectively.
If a bridge does not have external_ids, ovs-vsctl returns '{}'.
This causes issues on the current want vs have comparison in cases
where the play does not define external_ids, as the comparison
is None vs '{}'.
* fix documentation and correct exception handling
* follow AWS exception guidelines
* fix parameter_group_family req; only needed when creating cache parameter group
make pep8 and remove from legacy files
* Added Composer Command global
Added a parameter to run composer commands globally. The `working_dir`
parameter is only required if `global_command` is `False`.
Fixes#24052
* Added Composer Command global
Added a parameter to run composer commands globally. The `working_dir`
parameter is only required if `global_command` is `False`.
Fixes#24052
The timeout for gathering facts needs to be settable from three places
(highest precedence to lowest):
* programmatically
* ansible.cfg (equivalent to the user specifying it explicitly when
calling setup)
* from the default value
The code was changed in b4bd6c80de to
allow programmatically and the default value to work correctly but
setting via ansible.cfg/parameter was broken.
This change should fix setting via ansible.cfg and adds unittests for
all three cases
Fixes#23753
ClearLinux has changed its pretty name in os-release file
from: 'Clear Linux Software for Intel Architecture'
to: 'Clear Linux OS for Intel Architecture'
This patch makes the SEARCH_STRING 'Clear Linux' rather than
the full name to make it compatible with the old and new name.
Signed-off-by: Alberto Murillo Silva <alberto.murillo.silva@intel.com>
template/__init__.py imported unsafe_proxy from vars which caused
vars/__init__.py to load. vars/__init__.py needed template/__init__.py
which caused issues. Loading unsafe_proxy from another location fixes
that.
Just after release of 2.0.0 (in 2.0.0.1) we had a change to the API of
callbacks without bumping the API version. We added the playbook to the
arguments passed to the callbacks.
This wasn't in the Tower callback at the time. In order to prevent
breaking that callback we added a temporary hack to inspect the
callback's API to decide if we needed to call it with arguments or not.
We scheduled the hack for removal in January 2017. Since that's now
past, removing the hack.
Change signed off by matburt on the Tower side.
Puppet modules are not always installed in the default location
(i.e, /etc/puppet/modules) so it is useful to be able to specify
an alternate location.
Fixes issue [#24078](https://github.com/ansible/ansible/issues/24078)
Resource pools are retrieved from VSphere regardless of the state of the `resource_pool` parameter. During this process, each retrieved Resource Pool is checked for the `parent` attribute, and if it exists, the currently-scoped parent object is compared against the Resource Pool's parent object. The method doing the check, however, `assert`s that the parent object is not `None`. In some cases, a Resource Pool will have the `parent` attr, but that `parent` object will be `None`, causing the `assert` to fail.
This should avoid that. :-)
* Add check_mode to get_url that does a HEAD request to make sure the URL exists, but doesn't write the real file
* Add info about new --check behavior to docs. Add tests for the new behavior. Populate res_args with the info the tests are looking for.
* Add trailing comma
* Change nonexistent test URL to http://{{httpbin_host}/DOESNOTEXIST. Fix spacing while I'm at it
* Further spacing cleanup
* State that this functionality is in Ansible 2.4+
* Split modules/network into two parts
Given the dedicated team we we have working on Ansible Networking a
clearer split is needed between Networking modules and "things that
happen to use the network"
* nmcli to net_tools
* nmcli moved
* Run `save` before exiting config mode.
* Fix unit tests for `save`
* Allow `save` to be on its own again and introspect success
* Introspecting `compare running` makes this a lot harder.
Move `save` tests to integration tests
Ok, so for openvswitch_db in particular we just return one command
but in the sake of consistency and code re-use, let's return a list
of "commands", even if it's just one.
* Document deprecation of fetch module validate_md5 and update --tags merging deprecation
Update the default of --tags merging config option to merge by default
* Update CHANGELOG.md
Minor edit
Added an integration test for fetch module idempotence. (Testing
that validate_checksum is doing what it's supposed to is harder as we'd
have to create a race condition with the downloaded data to trigger it.
Probably need to make that a unittest eventually).
Also give a deprecation message to the validate_md5 parameter so that we
can eventually get rid of it.
* atomic_image: add support for pull --storage=
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* atomic_container: new module
Manage atomic containers
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Minor junos_config module changes
* Add note for json config support
* Add example for lines argument
* Fix future warning for ElementTree
* Remove unwanted space
We fail-fast and display 'stderr' in case 'pacman' returns with 'rc != 0'.
There is no point computing 'module._diff' in such case anyway.
Fixes#23910
(cherry picked from commit 8c6a2a848c)
* Fix systemd in chroot
The 'request ignored' message is in stderr, not stdout.
* Check both stdout and stderr for systemd message
Some versions of systemd report to stderr, others to stdout. Also check
whether output could be a valid normal response to avoid false positives.
* Use sys.stdout.buffer to write vault bytes to stdout on py3
We need sys.stdout.buffer on py3 so we can write bytes to it since the plaintext
of the vaulted object could be anything/binary/etc
Before, attempting to write bytes to stdout on py3 would cause:
TypeError: write() argument must be str, not bytes
* keep unsafe .. unsafe
fixes#23734, which was broken in previous fix that allowed non string types to be templated
use new 'is_template' function vs bastardizing others
refactored clean_data to allow for arbitrary data structures to clean
fixed/removed some tests
* deal with complex data for is_template
* typos
We have a list of specific messages that we scree-scrape and flag
them as legit errors.
However, we also have a catch-all regex that matches everything
starting with %.
That can cause issues on commands that return lines with that
character, like for example the 'crypto key generate'.
Fixes#23770
In current stable (2.2), ansible galaxy install --force do erase
a role, even if the version is not set. This commit should restore
that specific behavior, in accordance to people reports:
https://github.com/ansible/ansible/issues/11266#issuecomment-273801480
It was also the behavior planned in the initial discussion:
"if you're not fixing versions in your roles file, then it's fine
to expect that the role will be reinstalled each time you run
ansible-galaxy install.", cf https://github.com/ansible/ansible/pull/12904
* Revert "fixes play context connection user (#21776)"
This reverts commit 58ee661437.
fixes#23530
* preserve original in copy
updated comment to clarify wtf is going on here
fixes#17382
alternate to #22979
deal with cases in which group/host have . in name
updated as per feedbck
only be strict about extension when doing dirs
also avoid ~ endings
without this patch, ansible-galaxy will mangle files containing
the archive parent directory name, eg 'owncloud/files/owncloud.cron'
will become 'owncloud/files/.cron'.
The previous code could affect the entire path and even filenames.
If a file path has the top level dir name as a substring, galaxy
replaces it with ''. In one example, the archive top level dir
is 'go', so 'files/go-bin.sh' becomes 'files/-bin.sh'.
Fixes#22572, #23694, #23623
* Fix vault reading from stdin (avoid realpath() on non-links)
os.path.realpath() is used to find the target of file paths that
are symlinks so vault operations happen directly on the target.
However, in addition to resolving symlinks, realpath() also returns
a full path. when reading from stdin, vault cli uses '-' as a special
file path so VaultEditor() will replace with stdin.
realpath() was expanding '-' with the CWD to something like
'/home/user/playbooks/-' causing errors like:
ERROR! [Errno 2] No such file or directory: u'/home/user/ansible/-'
Fix is to specialcase '-' to not use realpath()
Fixes#23567
* to_text decrypt output when writing to stdout
* Make warning logs consistent
Arguments outside provider with default
value should not log as warning in case
it is not mentioned in play.
* Make nxos timeout default consistent and add comments
* Make comments more verbose
update module to support more standard state=present/absent syntax
update module to use required_if, required_together, mutually_exclusive functions where possible
per ryansb review: make documentation section more clear, fix some extra quotes, remove FIXME comment
pre willthames review: force private_zone to True if vpc_id is set and fix word wrap
The commit was started before 2.3 was branched, but was only merged once
2.3 was actually branched. This leads to documentation stating this
module is new in 2.3 when it will be actually new in 2.4
Regex patterns were not being escaped properly so package names
containing characters that could be interpreted as regex symbols
were causing failures.
Fixes: #19714
* Support check mode in ec2_vpc_dhcp_options_facts
As a facts module, ec2_vpc_dhcp_options_facts supports check mode
by default
* ec2_vpc_dhcp_options_facts tidy up
Use named method imports, move imports to top of code
Use shared code to handle filters and tags
Use snake case for parameter names while retaining backward compatibility
* Code cleanup
Removed 'add' method from CustomNetworkConfig. It is identical
to the one inherited from NetworkConfig
* Removed unused CustomNetworkConfig import
* Replaced
```
def get_existing(module, args):
existing = {}
netcfg = get_config(module)
config = netcfg.get_section(parents)
```
with
```
netcfg = CustomNetworkConfig(indent=2, contents=get_config(module))
```
get_config returns a string, not an object in 2.3.
* Removed non-functioning get_object method in CustomNetworkConfig in favor of the
inherited method.
Added child_objs property so that expand_selection would work. The original
verion never worked correctly as it compared NetworkConfig obj's and str's.
* Removed ShellError method in favor or new load_config method.
* Removed ShellError method in favor or new load_config method.
fixes#20260
* nxos requires a "no" statement to change mcase group. Corrected.
Corrected changed logic.
* Corrected deleted CustomNetworkConfig import
This addresses a problem where the action plugin would ignore the
remote_addr value for the host. In this case, only the inventory values
for the hostname would be considered and populate the remote host
remote_addr value for the connection plugin.
Only a few more modules were using Set-Attr on the $result object rather
than using a normal hashtable. This PR changes the PSObject to a
hashtable and gets rid of Set-Attr.
This fixes issue when list from module contains more than one element.
Ansible and/or boto may put same elements in list in different order,
thus resulting task as changed.
Fixes#3310
* Improve Fortios IPv4 policy with logging capabilities. While there, fix typos in examples. forti_config: use the backup_filename param and dont enforce the the filename value.
* forti-typos
* Add version_added for new options in the documentation
* Make it easier to find network modules
Feedback has been it's difficult (via Google or directly) to find
modules as some people search for the company name vs product name,
therefore specify both.
* "IOS XR" (not "IOS-XR")
It's possible that if the module has a low-level failure, such as
"unable to open shell", or something else in the action plugin that
stdout and stdout_lines will not be returned.
Update the documentation to clarify this point.
When the security groups specified to the os_server module change they
should be updated on the server. This will require shade 1.19 where the
server security group commands were added.
Fixes: #23206
* allow split horizon for route53_zone and refactor
* fix documentation
remove comment
fix version_added
* Remove unused imports
* Only include zone as matching if it has the same privacy setting
* Use `.endswith` instead of indexing into a string
* Update public zone behavior to only create new if there is no matching public zone
* Remove from legacy PEP8 files
We invoke /usr/bin/apt inside of the ansible module. When that command
exits, it doesn't always include a helpful error message. Include the
exit code so that user's have all the information we can gice them as to
why apt failed.
Addresses #19128
* msg_format parameter added
error message received from telegram API is added to fail json
compatibility with python3 added
* pep8 formatted
* version_added property added for msg_format
* bot token must be set without 'bot' prefix in module parameters
* formatting options described in documentation
* six module for compatibility used
telegram.py removed from legacy-files.txt
* rpm_key: Decode bytes to string to work with Python 3 (#20326)
The read() method will return bytes we need to then decode() those bytes
to a string before trying to match() it using the re module.
* Make the rpm_key pgp regex more robust on both py2 and py3
* Check for provider values inside check_args of respective network code
* Partial revert of b9ee5aa
The no_log change is okay, but take out the action result munging
Recent Python3 versions require open() to specify binary mode if the data is anything other than text.
Python3: Use int() instead of long() in unarchive
Changes long() to int() for CRC values in the unarchive module. Affects unarchiving of zip files. Since CRC values in zipfile are 32 bits the behaviour should be unchanged even in Python 2.
When retrieving file contents for diffing we need to get the contents as
binary. Otherwise python3 will try to convert the file to text and fail
with non-decodable contents.
Fixes#23171
* Build HTTPSClientAuthHandler more similarly to how HTTPSHandler works
* Add docs for new client cert authentication
* Support older versions of python
* Simplify logic
* Initial support for client certs in urls.py
* Add an extra test
* Add a get_url test for client cert auth
* Add additional test for client cert auth, with validation and ssl mismatch
* Skip assert when http tester not available
* Update version_added for new options
Copy module was walking over files in subdirectories repeatedly (a
directory tree a few levels deep could bring the time spent into the
tens of minutes)
This was traced to the fix for this bug report: https://github.com/ansible/ansible/issues/13013Fixed#13013 a different way and added an integration test to check for
regressions of #13013 as we optimize this code.
Fixes#21513
Ansible will now automatically retry a connection if SSH returns an error:
mux_client_hello_exchange: write packet: Broken pipe
This is probably a bug in SSH, but because it's safe to retry this
connection there is no need for Ansible to fail because of it.
If we run the task with 'login' banner, the 'show banner' command
will return a dict containing key 'loginBanner'.
However for motd, it will just return 'motd'.
Yay naming consistency!
We were hard-coding the protocol, port and validate_certs on
eos EAPI via the action plugin.
Put defaults on the eos_argument_spec and pull those values from it.