Commit graph

1330 commits

Author SHA1 Message Date
ygelfand
36b7baca4d getent - add service support(#60295) 2019-08-27 11:58:37 -04:00
Felix Fontein
c91929b2b3 OpenStack: rename _facts -> _info (#61197)
* Rename openstack _facts -> _info

* Add new module names to module_defaults.yml.
2019-08-27 11:50:14 -04:00
Jordan Webb
27cac742ca Fix pipelining in buildah connection plugin (#59745)
* Fix pipelining in buildah plugin

* Add changelog fragment
2019-08-27 10:11:47 -04:00
claudioiuliano
ab559c4629 Remove 'network-interface' for tag_specifications (#53398)
* Remove 'network-interface' for tag_specifications

https://github.com/aws/aws-cli/issues/2865

* changelog
2019-08-26 19:37:00 -04:00
pratikgadiya12
8ee7d9f598 VMWare - Rename _facts to _info (#57474)
Deprecate vmware's _facts modules and add new modules.

Fixes: #57278
2019-08-26 14:45:34 -04:00
Felix Fontein
47c2ff4c26
Redfish modules: rename _facts -> _info (#60992)
* Rename redfish_facts -> redfish_info, idrac_redfish_facts -> idrac_redfish_info

* Update porting guide.

* Add changelog.

* Fix metadata.

* Remove copy artefacts.

* Change from deprecate/new module to rename.
2019-08-26 20:42:04 +02:00
Felix Fontein
e536d0e128
openssl_*: deprecate PyOpenSSL backends (#59907)
* Deprecate PyOpenSSL backends.

* Add changelog.

* Add porting guide entry.

* Improve tests to ignore deprecations when comparing results.

* Deprecating pyopenssl backend for get_certificate and openssl_publickey.

* Fix typo.
2019-08-26 18:26:10 +02:00
Felix Fontein
7f4f2506a0
acme_certificate: make compatible to Buypass' ACME v2 testing endpoint (#60727)
* Don't unnecessarily use location from header.

* Add changelog.
2019-08-26 18:19:55 +02:00
Felix Fontein
14974f5fc2
openssl_certificate_info: add ocsp_uri return value (#60393)
* Add ocsp_uri return value.

* Add changelog.

* Add integration test.

* Fix rebase error.
2019-08-26 17:42:52 +02:00
Nathaniel Case
f3f30c146b
Deprecate net_* modules (#60818)
* Deprecate net_ modules

* Move modules to finish deprecation

* Add missing `why`, move net_static_route

* Add changelogs and porting guide
2019-08-26 09:07:54 -04:00
Michał Szczepańczyk
8ed3a0b360 fix bug - k8s was crashing when yaml ended with 3 dashes (#61182)
* fix bug - k8s was crashing when yaml ended with 3 dashes

* #61182 - add changelog
2019-08-26 17:28:01 +10:00
Felix Fontein
c3b1a0a7e8 Vultr: rename _facts -> _info (#61239) 2019-08-24 17:54:17 +02:00
Mark Chappell
5434bf74c6 Fix issues with aws_kms when working cross-account and with IDs (#60805)
* aws_kms: (integration tests) Test updating a key by ID rather than just my alias

* aws_kms: (integration tests) Test deletion of non-existent and keys that are already marked for deletion

* aws_kms: Ensure we can perform actions on a specific key_id rather than just aliases

In the process switch over to using get_key_details rather than listing all keys.

* aws_kms: When updating keys use the ARN rather than just the ID.

This is important when working with cross-account trusts.
2019-08-23 16:56:45 -07:00
Søren Kröger
1cf43e5017 Handle multiple Content-Type headers correctly (#31238)
* Handle multiple Content-Type headers correctly

Avoids situations where mulitple Content-Type headers including charset information can result in errors like 
```
LookupError: unknown encoding: UTF-8, text/html
```

* Account for multiple conflicting values for content-type and charset

* Add changelog fragment
2019-08-23 16:48:16 -05:00
Ryan Conway
e4c1c05363 Renaming onepassword_facts to onepassword_info. (#61237)
* Renaming `onepassword_facts` to `onepassword_info`.

* Update module examples.

* Add changelog fragment.

* Add module rename to the 2.9 porting guide.

* Document the parameter types in the module docs.

* Fix incorrect parameter name.

* Update docs/docsite/rst/porting_guides/porting_guide_2.9.rst

Co-Authored-By: Felix Fontein <felix@fontein.de>

* Remove `onepassword_facts` as it has been renamed to `onepassword_info` including fixes for the sanity tests.
2019-08-23 20:45:13 +02:00
Felix Fontein
fa70690e5c
openssl_certificate/csr(_info): add support for SubjectKeyIdentifier and AuthorityKeyIdentifier (#60741)
* Add support for SubjectKeyIdentifier and AuthorityKeyIdentifier to _info modules.

* Adding SubjectKeyIdentifier and AuthorityKeyIdentifier support to openssl_certificate and openssl_csr.

* Fix type of authority_cert_issuer.

* Add basic tests.

* Add changelog.

* Added proper tests for _info modules.

* Fix docs bug.

* Make sure new features are only used when cryptography backend for openssl_csr is available.

* Work around jinja2 being too old on some CI hosts.

* Add tests for openssl_csr.

* Add openssl_certificate tests.

* Fix idempotence test.

* Move one level up.

* Add ownca_create_authority_key_identifier option.

* Add ownca_create_authority_key_identifier option.

* Add idempotency check.

* Apparently the function call expected different args for cryptography < 2.7.

* Fix copy'n'paste errors and typos.

* string -> general name.

* Add disclaimer.

* Implement always_create / create_if_not_provided / never_create for openssl_certificate.

* Update changelog and porting guide.

* Add comments for defaults.
2019-08-23 14:01:42 +02:00
Mark Chappell
77e4371460 aws_kms: Update policy on existing keys (when passed) (#60059)
* aws_kms: (integration tests) Use module_defaults to reduce the copy and paste

* aws_kms: (integration tests) make sure policy option functions.

* aws_kms: (integration tests) Move iam_role creation to start of playbook.

iam_roles aren't fully created when iam_role completes, there's a delay on the Amazon side before they're fully recognised.

* aws_kms: Update policy on existing keys (when passed)
2019-08-23 20:38:38 +10:00
Andrey Klychkov
e3cf76533c postgresql_user: add groups parameter (#60638)
* postgresql_user: add groups parameter

* postgresql_user: add groups parameter, fail_on_role default True

* postgresql_user: add groups parameter, add changelog fragment
2019-08-23 08:17:23 +02:00
Felix Fontein
72365b01e0 acme_certificate: only return challenges that need to be satisfied (#61191)
* Only return challenges that need to be satisfied.

* Adjust PR #.
2019-08-22 23:10:53 -04:00
Felix Fontein
18f7c3b850
Netapp: rename _facts -> _info (#60980)
* Rename na_ontap_gather_facts -> na_ontap_info
Rename netapp_e_facts -> netapp_e_info

* Add changelog.

* Fix sanity.

* Forgot test.

* Forgot to remove 'gather'.

* Fix sanity ignore.

* Remove netapp_e_facts from PR.

* Remove superfluous version_added.
2019-08-22 22:51:45 +02:00
Matt Martz
0ff9978bc5
Ensure has_dead_workers functions (#60653)
* Ensure has_dead_workers functions

* Fix up tests

* Add changelog. Fixes #29124
2019-08-22 14:32:49 -05:00
Mark Chappell
70777020c4 Fix iam_password_policy integration tests (#60930)
* iam_password_policy: (integration tests) Use module defaults for AWS connection details

* iam_password_policy: (integration tests) Ensure the policy is removed when tests fail

* iam_password_policy: (integration tests) Add regression test for #59102

* iam_password_policy: Only return changed when the policy changes.

* iam_password_policy: PasswordReusePrevention must be omitted to remove/set to 0

* #60930 add changelog

* Update hacking AWS security policy to allow testing of Password Policy Management
2019-08-22 23:25:25 +10:00
Andrey Klychkov
191068a286 Issue 59955: add array handling to postgresql_query module (#60559)
* Issue 59955: add array handling to postgresql_query module

* Issue 59955: add array handling to postgresql_query module, improvements

* Issue 59955: add array handling to postgresql_query module, fix example comment
2019-08-22 08:53:29 +02:00
Lukas Kämmerling
96199be96b Rename hcloud_*_facts to hcloud_*_info (#60926)
* Rename hcloud_datacenter_facts to hcloud_datacenter_info

* Rename hcloud_location_facts to hcloud_location_info

* Rename hcloud_image_facts to hcloud_image_info

* Rename hcloud_floating_ip_facts to hcloud_floating_ip_info

* Rename hcloud_server_type_facts to hcloud_server_type_info

* Rename hcloud_server_facts to hcloud_server_info

* Rename hcloud_ssh_key_facts to hcloud_ssh_key_info

* Rename hcloud_volume_facts to hcloud_volume_info

* Fix typo in hcloud_image_info

* Add to porting guide and add changelog fragment

* Reword porting guide
2019-08-21 14:55:37 +02:00
Matt Davis
bfa004930a
add subdir support to collection loading (#60682)
* add subdir support to collection loading

* collections may now load plugins from subdirs under a plugin type or roles dir, eg `ns.coll.subdir1.subdir2.myrole`->ns.coll's roles/subdir1/subdir2/myrole, `ns.coll.subdir1.mymodule`->ns.coll's plugins/modules/subdir1/mymodule.py
* centralize parsing/validation in AnsibleCollectionRef class
* fix issues loading Jinja2 plugins from multiple sources 
* resolves #59462, #59890,

* sanity test fixes

* string fixes

* add changelog entry
2019-08-21 10:45:04 +01:00
Felix Fontein
c1b2aa1d11
nginx_status_facts: deprecate/rename to nginx_status_info (#60979)
* Rename nginx_status_facts -> nginx_status_info

* Add changelog.

* Remove warnings.

* Re-add ignore.txt entries.

* ...

* Raw strings for docs.

* Use U(...) for link.
2019-08-21 09:09:22 +02:00
Bojan Vitnik
04e0f9d4ea XenServer: When VM is in powered on state, plug newly added disks
Fixes: #60693
2019-08-21 10:50:14 +05:30
Sloane Hertel
3247626ac7 Warn when transforming constructed groups (#60912)
* Warn when transforming constructed groups

The `keyed_groups` field has used sanitization since 2.6, but `groups` only started doing so in 2.8.
This adds a warning for the change in behavior.

* changelog
2019-08-20 10:32:02 -05:00
Matt Martz
ba25522db4
Remove ddeprecated redis_kv lookup. Fixes #59984 (#60826) 2019-08-20 10:27:09 -05:00
Felix Fontein
e58919bccd
gluster_heal_facts: rename to gluster_heal_info (#60919)
* Rename gluster_heal_facts -> gluster_heal_info

* Add changelog.
2019-08-20 15:43:41 +02:00
Felix Fontein
c66163b118
hpilo_facts: rename to hpilo_info (#60917)
* Rename hpilo_facts -> hpilo_info

* Fix porting guide.

* Add changelog.
2019-08-20 15:14:18 +02:00
Will Thames
362c45517d aws_kms: fix failing tests (#60206)
Preserve tag key case by only calling camel_dict_to_snake_dict once,
before the tags are added.

Don't call assert_policy_shape as it seems to fail

Use aws_caller_info in the test suite now that it exists rather
than running `aws sts get_caller_identity`

Ensure that calls using `grant_types` can also use key aliases
2019-08-20 07:15:40 -04:00
Dusan Matejka
31bfcd4745 Reworked zabbix_template to support XML import/export + updated documentation (#59040) 2019-08-19 10:53:58 -04:00
René Moser
4b743a2721
vultr: use exponential backoff for api query retries (#60529) 2019-08-19 16:09:09 +02:00
Mark Chappell
8e99f0ecc6 aws_kms: Rename various policy manipulation options to reduce confusion (#60561)
* aws_kms: Rename various policy manipulation options to reduce confusion

AWS KMS now has the concept of issuing a 'grant', which is independent
of the policy attached to a key.  Rename the following options to make
it clearer that the operate on the CMK Policy *not* on CMK Grants

* aws_kms: don't just rename grant_types/mode, deprecate them too.
2019-08-19 19:44:03 +10:00
Klaus Frank
fb2c1d4577 Make win_domain_user idempotent for password changes (#58383)
* Make win_domain_user idempotent for passwordchanges

* Add changelog fragment

* Use test-credentials function from win_user.

* Split domain from username

* Update win_domain_user.ps1

* Fix ci

* Update win_domain_user.ps1

Fix ci

* Implement review

* Logic cleanup and remove securestring

* Fix typo

* fix syntax

fix syntax

* Use AD object instead of user input as requested by review

* migrate to Ansible.AccessToken
2019-08-19 06:17:41 +10:00
Klaus Frank
811153afb1 Add exception handling to win_domain_controller (#58234)
* Add exception handling to win_domain_controller

* Add changelog

* Fix PSUseDeclaredVarsMoreThanAssignments

* Remove dns domain cannot be resolved error message

As requested by PR review in https://github.com/ansible/ansible/pull/58234#discussion_r300509880
2019-08-18 16:14:51 -04:00
Felix Fontein
0d88ec241f
openssl_certificate: fix idempotency (#60745)
* Fix openssl_certificate idempotency.

* Add changelog.

* Add integration test.
2019-08-18 20:48:34 +02:00
Felix Fontein
16056f4978
openssl_certificate: check for existence before loading CSR / private keys / ... (#60740)
* Check file existence before loading files.

* Remove superfluous import.

* Add changelog.
2019-08-18 11:41:50 +02:00
Hannes Ljungberg
13364fc530 docker_swarm_service: Allow passing dicts in networks (#58961)
* Add support for passing networks as dicts

* Add function to compare a list of different objects

* Handle comparing falsy values to missing values

* Pass docker versions to Service

* Move can_update_networks to Service class

* Pass Networks in TaskTemplate when supported

* Remove weird __str__

* Add networks integration tests

* Add unit tests

* Add example

* Add changelog fragment

* Make sure that network options are clean

Co-Authored-By: Felix Fontein <felix@fontein.de>

* Set networks elements as raw in arg spec

Co-Authored-By: Felix Fontein <felix@fontein.de>

* Fix wrong variable naming

* Check for network options that are not valid

* Only check for None options

* Validate that aliases is a list
2019-08-18 08:55:54 +02:00
Felix Fontein
ceff0029cb
openssl_certificate: deprecate assertonly provider (#60623)
* Add deprecation marks.

* Add conversion example.

* Split long line.

* Add changelog and porting guide entry.

* Fix unrelated porting guide entry.

* Fix format.

* Fix doc mistakes found in review.

* Fix filter name.

* Compare CSR and cert subject via subject_ordered.
2019-08-18 05:09:49 +02:00
Chris Trufan
86366530e8 Entrust Datacard - Support for "entrust" provider in openssl_certificate module (#59272)
* Addition of entrust provider to openssl_certificate module

* Fix native return values of error messages and JSON response.

* Documentation and syntax fixes per ansibot.

* Refactored structure of for loop due to ansible test failures in python 2.6

* Remove OCSP functionality for inclusion in possible seperate future pull request.

* Remove reissue support.

* Indicate the entrust parameters are specific to entrust.

* Comment fixes to make it clear module_utils request is used.

* Fixes to not_after documentation

* Response to pull request comments and cleanup of error handling for bad connections to properly use the 'six' HttpError for compatibility with both Python 2/3 underlying url libraries.

* pep8/pycodestyle fixes.

* Added code fragment and response to comments.

* Update license to simplified BSD

* Fixed botmeta typo

* Include license text in api.yml

* Remove unsupported certificate types, and always submit an explicit organization to match organization in CSR

* Fix documentation misquote, add expired to a comment, and fix path check timing.

* Update changelogs/fragments/59272-support-for-entrust-provider-in-openssl_certificate_module.yaml

Co-Authored-By: Felix Fontein <felix@fontein.de>
2019-08-17 21:32:02 +02:00
Felix Fontein
6a786d0d93
openssl_publickey: add cryptography backend (#60387)
* Add cryptography backend.

* Add changelog.

* Make sure requirements are satisfied.

* Use more compatible elliptic curve.

* Decrease required version numbers.

* PyOpenSSL >= 16.0.0 is really needed.

* Update lib/ansible/modules/crypto/openssl_publickey.py

Co-Authored-By: MarkusTeufelberger <mteufelberger@mgit.at>
2019-08-17 18:52:14 +02:00
Felix Fontein
601a4b8f47
get_certificate: add cryptography backend (#60599)
* Add cryptography backend for get_certificate.

* Add changelog.

* Use short names (if possible).

* Adjust version (to behave as pyOpenSSL).

* Work around bugs (needed for cryptography 1.2.3).

* Don't run cryptography backend tests for CentOS 6.

* Bump cryptography requirement to 1.6 or newer.

Otherwise, signature_algorithm_oid isn't there, either.

* Simplify requirement text.

* CentOS 6 has cryptography 1.9, so we still need to block.

* Add auto-detect test.

* Improve YAML.
2019-08-17 16:02:14 +02:00
Felix Fontein
38435e1bd0
openssl_certificate: various assertonly bugfixes (#60658)
* Fix get_relative_time_option for byte string input. Also fix it for None input.

* Using correct property for invalid_at check.

* Fix invalid_at comparison.

* Converting relative timestamps before comparison for valid_at and invalid_at.

* Fixing key usage display for cryptography backend.

* Fix key usage comparison. OBJ_txt2nid always returns 0 for key usage identifiers.

* Add changelog.

* Fix pyOpenSSL key usage comparison.
2019-08-17 15:58:25 +02:00
Felix Fontein
cf69b73c04
openssl_certificate/csr_info: add ordered issuer/subject return value (#60708)
* Add ordered issuer/subject return value.

* Add changelog.
2019-08-17 15:49:54 +02:00
Lukas Kämmerling
100b56439e hcloud_server: Allow users to enable/disable the rescue mode (#60070) 2019-08-17 11:29:58 +02:00
Mitsuru Nakakawaji
064cd63f3d fix: docker_swarm_service does not publish both tcp and udp ports (#60616)
* fix: docker_swarm_service does not publish both tcp and udp ports for same published port

* fix the linting problems and add the changelog fragment.

* add test

* modify test to ensure result rather than return value
2019-08-16 15:23:45 +02:00
Felix Fontein
48541910bf
docker_container: add mount endpoint collision detection (#60384)
* Add mount endpoint collision detection.

* Add changelog.

* Fix error.
2019-08-16 15:23:03 +02:00
Gonéri Le Bouder
c60676a118 VMware: add a changelog entry for PR #60476 (#60490)
Add a changelog entry for https://github.com/ansible/ansible/pull/60476.
2019-08-16 09:10:42 +05:30