* Refactor yum and dnf, add feature parity
Signed-off-by: Adam Miller <admiller@redhat.com>
* remove unnecessary module_utils, move the classes into the module code
Signed-off-by: Adam Miller <admiller@redhat.com>
* remove yum -> yum4, out of scope
Signed-off-by: Adam Miller <admiller@redhat.com>
* use ABCMeta
Signed-off-by: Adam Miller <admiller@redhat.com>
* re-arrange run() caller vs callee
Signed-off-by: Adam Miller <admiller@redhat.com>
* make sanity checks happy
Signed-off-by: Adam Miller <admiller@redhat.com>
* fix yum unit tests
Signed-off-by: Adam Miller <admiller@redhat.com>
* remove unecessary debug statements, fix typo
Signed-off-by: Adam Miller <admiller@redhat.com>
* fix licensing and attribution in yumdnf module_util
Signed-off-by: Adam Miller <admiller@redhat.com>
* include fix from PR 40737
original commit 5cbda9658a
original Author: Strahinja Kustudic <kustodian@gmail.com>
yum will fail on 'No space left on device', fixes#32791 (#40737)
During the installing of packages if yum runs out of free disk space,
some post install scripts could fail (like e.g. when the kernel
package generates initramfs), but yum would still exit with a status
0. This is bad, especially for the kernel package, because it makes
it unable to boot. Because the yum module is usually used for
automation, which means the users cannot read every message yum
prints, it's better that the yum module fails if it detects that
there is no free space on the disk.
Signed-off-by: Adam Miller <admiller@redhat.com>
* Revert "fix licensing and attribution in yumdnf module_util"
This reverts commit 59e11de5a2.
* move fetch_rpm_from_url out of yumdnf module_util
Signed-off-by: Adam Miller <admiller@redhat.com>
* fix the move of fetch_rpm_from_url
Signed-off-by: Adam Miller <admiller@redhat.com>
Make git module support --separate-git-dir option. When git version is higher than 1.7.5, use built-in --separate-git-dir option during the clone. When lower, adjust the location of git dir manually after clone to achieve the same effect.
The inventory plugin api grew a self.cache that wasn't there when we
first wrote it. There's also a need to pull in the documentation
fragments so that we have the cache parameters.
Due to blank line returned from vCenter, wrong values were appended
to NTP server list. This fix adds filter for such blank values of NTP servers.
Fixes: #44183
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
Grammar on the description for option 'list' was grammatically incorrect. Also suggest to add wording that clarifies that 'list' is indeed Access-Based Enumeration.
+label: docsite_pr
* Add note about adding new key requiring update
When a new repo and new key are added, attempts to install packages
signed by that key fail until `apt-get update` is run. This note
is an attempt to help users avoid getting errors when they miss
this step.
* related to issue #25091
* switch example to apt module
* Compress src interface into one key
* Modified regex to support varied interface types
* Fixed documentation
* Unpacking return values from splitting method
- support config operations for EXOS-based platforms
- add regex to detect command failure responses
- add exos action plugin for "backup" operation
- add unit tests for exos_command (currently 94% coverage of
exos_config.py)
* Add backup option
* Only backup shadow file when the OS has one
* Only backup shadow file for SunOS
* Update docs on backup feature
* Add changelog fragment
* Add tests for shadow backup
* Remove backup option, make it automatic
Remove the option to enable/disable backups and make it automatic. Add note to docs describing this behavior.
Change tests to account for new module behavior.
Change section name in changelog fragment since minor_features is not a valid section.
NOTE:
1. use os.open() with os.O_CREAT|os.O_EXCL to check existence
and create a lock file if not exists, it's an atomic operation
2. the fastest process will create the lock file and others will
wait until the lock file is removed
3. after the writer finished writing to the password file, all the reading
operations use built-in open so processes can read the file parallel
* strip additional comments from /etc/default/passwd
Strip trailling comments from /etc/default/passwd like
MINWEEKS=1 #MINWEEKS=2
MAXWEEKS=12 # MAXWEEKS=8
Which otherwise cause failures with "failed to read /etc/default/passwd: too many values to unpack"
* fix carriage return typo in commit
* yet another typo in commit
* Fix indent problem
* add changelog fragment for PR 43931
Ideally I would have liked to compare the TTL as part of the
prerequisite check. Sadly that isn't supported by the RFC 2136 update
protocol. Hence the additional query.
Resolves#39465
* Update cloudflare_dns account link
* Add SSHFP and TLSA records to cloudflare_dns module
These are record types which Cloudflare recently added support
for. They both go well together with DNSSEC.
Technically it's a bit of a simplification to use the hash_type
parameter for TLSA records. Yet, it fits with all the real world usage
I have seen, and it keeps the module from sprawling too much.
Related to #43803
* Update netconf plugins for junos and iosxr
Fixes#39160
* Update api signature for netcon api's
from variable arguments to named arguments
* Udpate get default rpc supported
* Fix CI issue
* restore task arg splatting
* reverts #41804
* supersedes #41295
* fixes#42192
* after lots of discussion amongst the core team, we decided to preserve this feature, clarify the runtime warnings/docs, and prioritize a path toward fixing the underlying behavior that causes this feature to be insecure (un-namespaced facts).
* update faq text
note that warning is disabled when inject_facts_as_vars is
* wordsmithing FAQ entry
As of today, self.returns it not the source of truth. If the return
value from querying the resource contains more values than the one
listed in self.returns, those value will be returned even though not
explicitly specified in self.returns.
This commit ensures that only the values listed on self.returns are
actually returned. The other values not listed are supressed.
Every scaleway modules will require the same base of parameters. Instead
of documenting it each and every time, we build a doc fragment that will
allow one to simply extend documentation for every new module.
extends_documentation_fragment: scaleway
During the installing of packages if yum runs out of free disk space,
some post install scripts could fail (like e.g. when the kernel package
generates initramfs), but yum would still exit with a status 0. This is
bad, especially for the kernel package, because it makes it unable to
boot. Because the yum module is usually used for automation, which
means the users cannot read every message yum prints, it's better that
the yum module fails if it detects that there is no free space on the
disk.
* Common Rest Module using httpapi transport
* comparing json objects
* platform independant Rest Api
* FTD rest module
* Remove FTD module which will be committed later from cisco team
* remove debug code
* remove common rest module
* fix shippable errors
* Add notification users
* more shipable errors
* 29891 use os.path.realpath to follow keyfile symlinks
* 29891 add parameter follow
* updated changelog fragment
* add documentation and set default to false
* pip: combine chdir and env only when env is set
This fixes an AttributeError when chdir without virtualenv is specified:
File "/tmp/ansible_2UAFsZ/ansible_module_pip.py", line 387, in main
env = os.path.join(chdir, env)
File "/usr/lib64/python2.7/posixpath.py", line 75, in join
if b.startswith('/'):
AttributeError: 'NoneType' object has no attribute 'startswith'
* Add test for pip with chdir
Signed-off-by: Till Maas <opensource@till.name>
* Only template values in vars_prompt rather than all vars
This allows the use of variables in vars_prompt fields but allows variables entered in the prompt to affect play vars rather than throwing an undefined error.
Only post validate if there was a vars_prompt
* Add tests for vars_prompt
* Check the password format
Check the password format and notify user if they
input unencrypted password.
* Fix sanity error
* Add integration test
* Missed a task name
* Hard code the testing password
Since some testing platfrom has no passlib installed
* Add changelog fragment
* Rework some English sentences
* Fix a grammar mistake
The Vultr API is inconsistent in the type of the value it returns
based on the resources. While most of the time it will be a dict, for
some resources it will be a list (/v1/user/list, /v1/block/list).
query_resource_by_key() fails if the return value isn't a dict (.items()
does not exist on list). This patch aims to support both list and dict.
* Hold httpapi response in BytesIO
* Let httpapi plugin deal with HTTP codes if it wants
* Python 3.5 won't json.loads() bytes
* Don't modify headers passed to send
* Move code handling back to send()
but let httpapi plugin have a say on how it happens
The bundled selectors library which is used by the local and ssh
connection plugins had a bug which caused a traceback in a cornercase.
If selectors were in use and a syscall was interrupted, selectors would
attempt to restart the syscall after the interrupt was processed. if
the attempt determined that the timeout for running the syscall had
already expired, the code attempted to raise OSError. The raise was
using a Python3-ism and needed to be ported to work on Python2.
Fixes#41630
* Fix cli_command junos test failure and update doc
* Fix cli_command module integration test failure
for junos
* Update cli_command module doc for prompt and
config command run scenario's
* Update cli_command module doc
* Collecting PEM -> DER conversions.
* Using cryptography instead of OpenSSL binary in some situations.
* Moving key-to-disk writing for key content to parse_account_key.
* Rename parse_account_key -> parse_key.
* Move OpenSSL specific code for key parsing and request signing into global functions.
* Also using cryptography for key parsing and request signing.
* Remove assert statements.
* Fixing handling of key contents for cryptography code path.
* Allow to disable the use of cryptography.
* Updating documentation.
* 1.5 seems to work as well (earlier versions don't have EC sign function). Making Python 2.x adjustments.
* Changing option to select_crypto_backend.
* Python 2.6 compatibility.
* Trying to test both backends separately for acme_account.
* Also testing both backends separately for acme_certificate and acme_certificate_revoke.
* Adding changelog entry which informs about select_crypto_backend option in case autodetect fails.
* Fixing YAML.
Fixes#42310
Previously, the firewalld module was making a call to
FirewallClientConfig.getZoneNames() which doesn't exist in versions
of firwalld older than 0.4.2, this patch implements the same logic
with older API calls to not require a newer version of firewalld.
Signed-off-by: Adam Miller <admiller@redhat.com>
In query_resource_by_key(), there is an equal comparison that is made to
know if the object we are looking for is present. Due to type difference
this comparison doesn't always retrieve true, even when it should.
This is due to the fact that the value in r_data dict are of type
unicode, while the other can be of type int, float,... .
```
>>> a = u'1'
>>> type(a)
<type 'unicode'>
>>> b = 1
>>> type(b)
<type 'int'>
>>> a == b
False
>>> str(a) == str(b)
True
```
Hence the values, for comparison purposes, are casted into strings.
* Merge again trickily similar Accelerated networking and IP forwarding
* Add type to enable_ip_forwarding documentation
* Fix merge error
* auth to auto
* azure_rm_networkinterface: remove auth_source from tests
* azure_rm_networkinterface: remove spurious auth_source from test
* azure_rm_networkinterface: Revert formatting on test
* azure_rm_networkinterface: Correct indentation
_parsed_return_data should only be used with the return from a module.
This location was invoking a remote shell command rather than a module
so we don't want it here.
they dropped the Linux so now it only shows as ALT, it should still be backwards compatible
pkg_mgr detection relies on `Altlinux` string, so properly setting os_distribution should take care of it as side effect
fixes#43539
* Remove use of simplejson throughout code base. Fixes#42761
* Address failing tests
* Remove simplejson from contrib and other outlying files
* Add changelog fragment for simplejson removal
* Change how data is sent to the persistent connection socket.
We can't rely on readline(), so send the size of the data first. We can
then read that many bytes from the stream on the recieving end.
* Set pty to noncanonical mode before sending
* Now that we send data length, we don't need a sentinel anymore
* Copy socket changes to persistent, too
* Use os.write instead of fdopen()ing and using that.
* Follow pickle with sha1sum of pickle
* Swap order of vars and init being passed to ansible-connection
* New module for managing EMC VNX Block storage
With the module emc_vnx_sg_member users can add or remove luns from
existing storage groups.
This module has been developed in couple with emc_vnx_mv_promote for
disaster recovery process automation, but can be used by itself.
This fix adds additional parameter 'datastore'. This parameter
provides a flexibility to specify custom datastore or datastore cluster
to deploy new virtual machine from template (which is located in different
datastore or datastore cluster from virtual machine's datastore or datastore
cluster).
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Remove wait_for & associated params
* Upgrade command dict to top-level, remove more wait_for accessories
* We don't need all this anymore
* Update docs
* Update tests to new argspec
* Be a little more explicit about sendonly
Also remove reference to the word provider.
* Add example of prompt and answer
This is to avoid users connecting to the APIC using SSH, which is likely
to fail. In the ACI documentation (linked from every module) we go into
more details on how people are supposed to work with the modules..
* Changing Lenovo Inc to Lenovo and update License file to be consistent.
* Moving code in util file to module file. This is done as per a review comment
* Update cnos_vlag.py
* Update cnos_vlan.py
* Update enos_config.py
Add exos_facts module. Known limitations at this time include:
- Interface MTU is not reported.
- Only primary interface IP is reported.
Add basic unit tests for the exos_facts module.
An EXOS CLI prompt can be prefixed with '! ' (shutting down), '* '
(running configuration does not match saved configuration), and
can include various status tokens within parentheses after these
prefixes. Update prompt regex to accept valid CLI prompts.
* Unified examples in all modules
* validate_certs is now 'no' instead of 'False'
* delegate_to changes
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* If the remote host supports session
capability set the `supports_generate_diff`
flag to false which identifies if config diff should
be generated within module or not
This functionality was not considered when the module was written, but
there's no reason why it shouldn't be supported.
We had to rework the query string construction and object filtering.
This new functionality allows to filter on arbitrary keys and supports
None values.
This PR fixes various issues with the existing framework, including
querying specific objects using construct_url_4 (i.e.
aci_epg_to_contract and aci_static_binding_to_epg)
Vultr API is being inconsisten in what it returns. An empty list when no
resources exists, but a dict of dict when they do. The case needs to be
handled so the module do not fail. An extra test has been added.
* Clarifications of parameters in yum_repo module
Added a note defining where the "name" parameter of the module will appear in the repo file and note explaining that the description parameter of the module is actually the name parameter in the repo file. It might help people transform their existing yum repository files in ansible managed repos.
If there are multiple distributed virtual portgroup network with same name
in different datacenter, vmware_guest module used to choose first DVPG irrespective
of the datacenter. This caused problem if two datacenter has same name for DVPG,
vmware_guest module failed with error "The object or item referred to could not be found."
This fix adds check to search for network (Distributed Virtual Portgroup)
till datacenter level. This avoids selection of same name DVPG from other datacenter.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
vmware_drs_rule_facts was missing details about vm_group and host_group
and their respective memeber names. This fix adds those details and updates documentation.
Fixes: #42980
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Added support for TLS-ALPN-01 verification.
* Unrelated commit to re-trigger tests.
* Added test for TLS-ALPN-01.
* Try to remove to_bytes in the hope that binary data survives in Python 2.
* Using Base64 encoding for TLS-ALPN-01 value.
delegate_to parameter in task only accepts string,
this fix will error out if other datatypes are provided instead of
string.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
Only print warning when ansible.cfg is actually skipped
* Also add unittests for the find_ini_config_file function
* Add documentation on world writable current working directory
config files can no longer be loaded from a world writable current
working directory but the end user is allowed to specify that
explicitly. Give appropriate warnings and information on how.
Fixes#42388
* Refactoring to persistence connection BGP, factory, reload, save, showrun modules
* Refactoring methods from Util to module file
* Removing BGP Utility methods
* Adding to errors that need to be ignored
* Allow for the specification of a rhsm_repo_ca_cert if changing baseurl
If changing the baseurl we should allow for a ca cert to be updated from redhat-uep.pem
* Fixing documentation section
* added version to option rhsm_repo_ca_cert
* got rid of extra CR
* Added changes for Issue #38828, adds scope paramater to systemd module
* Removed description for old paramater
* Added version_added field for new option
* Readded the user paramater as a deprecated paramater
* Changed version for the scope paramater since I missed the release window
* Implement signed_request for sigV4 requests
* Correct linting errors
* More linting changes. Correct import.
* Final linting fix for inline comments
* Correct import of urllib.parse
* Update copyright and shebang line
* Remove shebang
* Put boto3 requirement. Abtract out get_aws_key_pair for module consumption.
* Dummy out unused region variable.
* Handle Boto3 ImportError
* - implement get_aws_credentials_object with willthames suggestion
- Handle session_token
* Make quote style consistant
* Chop arugment line up
* Correct indent
* Support for postgresql default privileges
fix the following issues:
* #29701
* #23657
* The ALTER DEFAULT PRIVILEGES is implemented with type 'default_privs'
* Added a Query Builder for simplification
* Some minor lint
* Fixed Lint Issue in doc
Fixed misspelled method name
* Removed the damned empty space on line 243 ! (within the doc) x|
* Kept Compat in string interpolation for old beloved python 2.6
According to the do_encrypt interface, encrypt arg should be the hash method name used for encrypting returning password. But in the doc and lookup code it's a boolean flag, correct it to string.
* tower_* modules: move HAS_TOWER_CLI in TowerModule
Besides this change allows to define other common parameters such as
mutually_exclusive.
* tower_*: config file can not be used with auth params
* tower module_utils: remove useless call to expanduser
'path' type: expanduser & expandvars are automatically called
From terraform documentation:
```
The persistent data stored in the backend belongs to a workspace. Initially the backend has only one workspace, called "default", and thus there is only one Terraform state associated with that configuration.
Certain backends support multiple named workspaces, allowing multiple states to be associated with a single configuration. The configuration still has only one backend, but multiple distinct instances of that configuration to be deployed without configuring a new backend or changing authentication credentials.
```
This patch introduces the `workspace` parameter in the terraform module. The module will select
the workspace is it does not exists, or simply select it if it exists.
Fixes#43134
Add 'purge_workspace' parameter and handle the workspace context
The `purge_workspace` parameter allows to remove a workspace when asking for state = absent.
It allows to leave a clean state file without empty workspaces if the parameter is true.
Also adding the support of a workspace context that allows to restore the workspace
when that was active when the module started.
The existing rule priority comes from aws as a string. It is then
compared to the new rule priority, which is defined as an int. This change
casts the new rule priority as a string making the comparison work. The
reason to cast it as a string rather than an int is used because a priority
can also be set to 'default'. When trying to case 'default' as an int, it creates
an error.
