- use setup_epel role rather than task which contains correct URL now since it has changed for EL8
- add conditional to setup_epel to prevent attempted installation on non-RHEL distros
* add connect_as, username, password parameters
add tests
* fixed reference to undefined variable.
added version added to new options.
* add changelog fragment
* fix line endings
* use ansible facts to determine os version
remove unused iis version check
test checksum of iis configuration after backup
* correct assertion
* added more cleanup tasks.
* version added is now 2.10
* skip server 2008 r2 for now
* run tests on server 2012 and higher
* Adds win32_disk_drive object to win_disk_facts
* Names class parameter for Get-CimInstance as requested in the devdocs
* Maps whole class and adds docs
* Improve matching of disks when UniqueID is different format
* Improve logic for PNPDeviceID mapping
* Adds test for win32_disk_drive
In the VMware tests, we call the datastores `ds1` and `ds2`. The first
one is read-only, the second is read-write and can be used to deploy
VMs. The naming convention was not clear enough and source of a lot
confusion and mistake.
We now have two better names:
- ro_datastore, which is ... read-only
- rw_datastore, the one that we can use to deploy new VM.
* ec2_vpc_net: (integration tests) migrate to using module_defaults
* ec2_vpc_net: (integration tests) use a private subnet for the tests
* ec2_vpc_net_info: Add integration tests
* ec2_vpc_net_info: add cidr_block_association_set to documentation
* Update AWS hacking test policy to allow VPC CIDR disassociation
* Update test/integration/targets/ec2_vpc_net/tasks/main.yml
Co-Authored-By: Jill R <4121322+jillr@users.noreply.github.com>
* Store vpc2 ID to make it clearer which VPC we're changing
* Be more consistent with our quoting
* Explicitly test that the VPC IDs haven't changed
The ask was to add an option in the vmware_guest itself. Upon inspection, a serial port can
be created in multiple ways and so can be a module in itself. Therefore, created a new module
called vmware_serial_port.
Fixes: #54956
* Add a random component to state machine name in aws_step_functions_state_machine testsuite
* Pick a random number from a bigger set to avoid conflicts between parallel runs
Co-Authored-By: Matt Clay <matt@mystile.com>
This is a fix for a regression introduced by Perfy. Since then we mainly
operate on host.name instead of the Host object. In a call to
set_nonpersistent_facts where we set ansible_failed_task and
ansible_failed_result variables we were still passing the object which
led to those vars being undefined.
Fixes#64789
* win_domain_computer module: Minor documentation error
* Fix idempotence when name != samaccountname
* Added changelog
* Added unsupported alias for CI check
* ec2_eip: (integration tests) move to using module_defaults
* ec2_eip: (integration tests) expand integration tests
Also clean up a little
- Delete EIPs when we finish testing them (reduce the chance of hitting limits)
- Rejig deletion so that it works when runs fail
- Add tests for ec2_eip_info
* ec2_eip: Minor doc tweaks
* ec2_eip: Don't throw an exception when we try to disassociate an already disassociated EIP
* ec2_eip: Add missing IAM policy (manage IGWs)
* ec2_eip: (integration tests) Use the VPC as a crude lock to avoid running parallel tests
We test that untagged EIPs come and go as we expect, if multiple tests are
running in parallel this confuses things
* Fix ec2_eip association
* Fix eos_facts over local eapi
* Much better feedback when querying resources over local
* No need for that anymore
* Update comment
* Mkae sure facts are tested on local
resource modules might break this otherwise
* This test was not checking anything
* Pass over nxos_facts as well
* Add output_encoding_override params to win_command/win_shell (#54896)
This enhancement enables Ansible to parse the output of
localized commands that ignore the prompt code page.
* Added changelog and minor nits
* feature enhancement: make a snapshot from an existing managed disk.
* remove default creation option in argu_spec of azure_rm_snapshot
* fix pep8 related issue
* fixing broken integration test
* Set alter_sys=True instead of False to address backwards incompat
* ci_complete
* Add integration test
* ci_complete
* sanity
* ci_complete
* Changelog fragment
* Update import test and validate-modules to match
* Updated nxos_lacp tests to handle platforms not supporting lacp system mac command
* nxos_lacp: addressing comments
* nxos_lacp: Updating image tag search to include more tags
* nxos_lacp_interfaces: Updating the tests to handle platforms that dont support - lacp mode delay
* nxos_lacp_interfaces: Updating search string to include all 9500 series switches
* nxos_lacp_interfaces: Adding a comment about chassis_type
* route53_info max_items and next_marker should be a str
Type was changed in #64358, however boto3 takes a str for this option
Add some basic tests for route53_info.
Fixes: #64534
Use an alias to access the datastore host. This way, it's easier
to use an existing NFS server.
We can also disable the `write` access on the iso datastore.
This fixes a regression that was caused by switching from copy() to
deepcopy() when 'saving' variables before templating. Since HostVars
did not implement the __deepcopy__() method, deepcopy returned incorrect
results when host vars were present in the variables.
Fixes#63940
This is a change to the regression tests only. These tests were failing because of leftover device settings from previous tests:
- existing `channel-group` configurations on non-test interfaces were included in the before/after counts
- fixed by using the `nxos_lag_interfaces` module with `state: deleted` to remove `channel-group` configur
ations from all interfaces
- existing `L2` `port-channel` interfaces with the same ID as the test `channel-group` ID may prevent configuring `channel-group` on the test ethernet interface
- fixed by removing `port-channel` interfaces with the same ID; e.g.
```
interface port-channel98
switchport
switchport mode trunk
nx-1(config-if)# interface Ethernet1/19
nx-1(config-if)# channel-group 98
command failed: port not compatible [switching port]
```
Fixes passed on `N6K,N7K,N9K,N3K` (internal TBs: `dt-n9k5-1,n6k-77,n7k-99,n7k-j,n3k-173,evergreen-nx-1,greensboro-nx-1,hamilton-nx-1,camden-nx-1`)
The error below occurs when attempting to run `ansible-playbook` with nxos regression tests.
```
fatal: [dt-n9k5-1.cisco.com]: FAILED! => {
"changed": false,
"invocation": {
"module_args": {
"commands": [
"show interface brief | json"
],
"timeout": 60
}
},
"msg": "Unsupported parameters for (nxos_command) module: timeout Supported parameters include: commands, interval, match, provider, retries, wait_for"
}
```
This error appears to be a result of https://github.com/ansible/ansible/pull/62625, but that has not been verified.
* convert aws_acm_facts to AnsibleAWSModule
* factor aws_acm_facts into module_utils
* add more filtering options for aws_acm_info
* add aws_acm module and tests
* uncomment aws_acm test
* fix linting for aws_acm
* fix __future__ linting for aws_acm
* fix linting for aws_acm
* fix linting for aws_acm
* fix linting for aws_acm
* fix linting for aws_acm
* fix aws_acm_info arg type
* remove test for old module name aws_acm_facts
* simplify AWS ACM client creation
* fix indent typo in aws_acm test
* catch BotoCoreError in aws_acm
* fix indent typo in aws_acm test
* tighten AWS ACM test policy resource
* move aws acm int test to venv
* remove errant file
* fix AWS ACM int test perms
* undo copyright addition to wrong file
* fix invalid log message in aws_acm
Co-Authored-By: Jill R <4121322+jillr@users.noreply.github.com>
* rephrase aws_acm_info doc from facts to information
Co-Authored-By: Jill R <4121322+jillr@users.noreply.github.com>
* rename aws_facts var to aws_info
* remove case insensitivity for aws_acm pem compare
* add no_log for aws_acm credential setting
* add per-test prefix to aws_acm test resource names
* make aws_acm use crypto module_util
* clarify copyright for aws_acm
* make aws_acm int test clearer
* add explicit crypto dependency to aws_acm
* change requests for aws_acm pr
* fix wrong copyright owner aws_acm test
* fix wrong copyright owner aws_acm test
* rewrite aws_acm cert chain compare with regex, no dependency
* fix linting for aws_acm unit test
* fix linting for aws_acm unit test
* fix linting and duplicate ignore
* fix failed cert chain split in aws_acm, add more tests
* remove errant file
* more linting fixes for aws_acm
* fix sanity ignore
* rewrite cert compare in aws_acm to use base64 decode
* improve regex for pem cert chain split in aws_acm
* undo changes to crypto module util for aws_acm
* increment ansible version for new aws_acm module
* convert aws_acm return(x) to return x
* increment version added for aws_acm_info new features
* fix linting
* fix bugs with AWS ACM
* fix bad rebase
* disable AWS ACM integration test, due to AWS account limit issue
* remove aws acm integration test from shippable group
* Move var plugins handling to a separate file
* Allow var plugins to require whitelisting
* Add global configuration ('demand', 'start') for users to control when they execute
* Add 'stage' configuration ('all', 'task', 'inventory') for users to control on a per-plugin basis when they execute
* Update ansible-inventory and InventoryManager to the global and stage configuration
* Update host_group_vars to use stage configuration and whitelisting
* Add documentation for using new options and to the developer's guide
* Add integration tests to exercise whitelisting and the new configuration options, using vars plugins in collections, and maintain backward compatibility
* Changelog
Co-Authored-By: Brian Coca <brian.coca+git@gmail.com>
Co-Authored-By: Sandra McCann <samccann@redhat.com>
Add module podman_volume_info that collects data about podman
volumes on the host. Acts as docker_volume_info module.
Signed-off-by: Sagi Shnaidman <sshnaidm@redhat.com>
* Move X25519, X448, Ed25519 and Ed448 feature tests to module_utils.
* Correctly sign with Ed25519 and Ed448 keys.
* Fix public key comparison. Ed25519 and Ed448 do not have public_numbers().
* Add tests.
* Add changelog.
* Give better errors for cryptography 2.6.x and 2.7.x.
* Test for new errors.
* Forgot one.
* Used wrong private key.
* Use private key password for CA key. Add more stuff to its certificate.
* Add tests that were originally part of pr59079 before being lost in a rebase
* missed a needed check_mode: yes and a test with a wrong group
* Clarify test name, fix resource, add user delete test
* Use AWSDenyAll for benign policy, chech policy with non-full ARN path works, fix wrong module copy-pasta
Since https://github.com/ansible/ansible/pull/56733, we were not able to apply
firewall rules with no `allowed_hosts` key.
closes: #61332
In addition, this patch ensures the `allowed_hosts` key accepts a dict,
instead of a dict in a single entry list.
```yaml
vmware_host_firewall_manager:
esxi_hostname: "{{ esxi1 }}"
rules:
- name: NFC
enabled: True
allowed_hosts:
- all_ip: False
ip_address:
- "1.2.3.4"
```
Should be written:
```yaml
vmware_host_firewall_manager:
esxi_hostname: "{{ esxi1 }}"
rules:
- name: NFC
enabled: True
allowed_hosts:
all_ip: False
ip_address:
- "1.2.3.4"
```
* postgresql_db: allow to pass users names with dots
* postgresql_db: allow to pass users names with dots, add changelog fragment
* postgresql_db: allow to pass users names with dots, fix ci
* Make banner detection non-greedy in ios_banner
* Added ios_banner unit test to detect bug #63091
* Corrected PEP8 errors
* Added integration test
* Corrected typo in integration test
* adjusted setup_zabbix integration tests role to work on distributions from Debian family
* bumped zabbix_host integration tests role to be run against bionic
* Add more kubernetes Service tests
Services can often go wrong, and one of the main motivations for
apply was being able to correctly modify them, so more tests are good
* Remove a port from a service for k8s testing
* Add a Service check mode to k8s tests
* Eh, 2.10 is close enough
* drop top-level authorize
* Remove from documentation
* Remove load_params
* Centralize this junos thing
* Fixup user modules
* I'm 95% sure this did not do what it was supposed to
* nxos_hsrp: I don't think this is an actual module parameter
* Try to fix junos_package tests
* Move local params to provider
* Promote 'timeout' to a real parameter for eos_eapi
* Don't assume provider exists?
* move another timeout
* Provider now always has auth_pass
* Fix junos tests to avoid NameErrors
* DNF Handle Empty AppStream stream definition
Fixes#63683
Signed-off-by: Adam Miller <admiller@redhat.com>
* Switch Fedora dnf test target modularity to stratis
In Fedora 29, the metadata was not properly set for a default stream
for ripgrep even though there is a profile called "default", however
that's an arbitrary string and the module maintainer must set the
default stream (which it never was for the ripgrep module, thus
failing the "empty stream" install test)
Signed-off-by: Adam Miller <admiller@redhat.com>
* ec2_vpc_route_table_info integration tests
Make sure ec2_vpc_route_table_info return value has the right attributes.
* ec2_vpc_route_table_info integration tests for tags
* Added missing param to lambda module to pass it through to boto3
* Allow updating of runtime, because there is no reason why not
* Updated version_added to 2.10 to make tests green again
* Updated RETURN docs of Lambda module
* Added tests to aws_lambda test-suite.
Use a separate variable for the boolean test rather than having the same variable sometimes be a boolean and sometimes be a regular expression match object
Add integration tests to cover this scenario
* s3_bucket: Allow empty encryption_key_id with aws:kms to use KMS master key
* Add idempotency check and cleanup example, dont require encryption_key_id
* ec2_instance/ec2_instance_info : Fixup sanity test errors
* Move ec2_instance integration tests to use aws_defaults
* Search for the AMI instead of hardcoding an AMI
* Make our VPC CIDR variable
* Remove AZ assumptions - no guarantees about specific AZs being available
* Make sure we terminate instances when we're done with them.
* Add a 10 second pause for IAM roles to become available before using them
* Wait on instance changes by default
* Switch out t2 instances for t3 they're cheaper and have more CPU available
* Pull t3.nano instance info a little earlier
* rework vpc_name and vpc_cidr a little
* Mark ec2_instance tests unsupported for now, they take too long
* s3_logging: (integration tests) updated AWS policy
* s3_logging: fix sanity test issues
* s3_logging: Integration tests
* Add pauses to cope with evenual consistency
* Mark s3_logging tests as 'unsupported' for now due to testing instability
* postgresql_privs: add support a type parameter option for types
* postgresql_privs: add support a type parameter option for types, add changelog fragment
* postgresql_privs: add support a type parameter option for types, add schema handling
* postgresql_privs: add support a type parameter option for types, fix typo
* postgresql_privs: add support a type parameter option for types, add comment
* Add support for format option.
* Improve private key format detection.
* Fix raw format handling.
* Improve error handling.
* Improve raw key handling.
* Add failed raw test.
* Improve raw key loading.
* Simplify tests.
* Add raw format tests.
* Fail if format != 'auto_ignore' is specified for pyopenssl backend.
* Fix quoting.
* Bump version.
* Allow to convert private keys between different formats.
* Improve description.
* Add extra args and executable name to podman connection plugin
Like there is for docker plugin, add extra arguments for command
line of podman. Also add configurable executable and checking if
this executable exists on host. Fail module if executable is not
in PATH.
* Update changelogs/fragments/63166-add-extra-args-executalbe-podman-connection.yaml
Co-Authored-By: Felix Fontein <felix@fontein.de>
Eh, 2.10 is close enough
* drop top-level authorize
* Remove from documentation
* Remove load_params
* nxos_hsrp: I don't think this is an actual module parameter
* Move local params to provider
* Promote 'timeout' to a real parameter for eos_eapi
* Provider now always has auth_pass
* Get no_log parameters from subspec
* Add changelog and unit tests
* Handle list of dicts in suboptions
Add fancy error message (this will probably haunt me)
* Update unit tests to test for list of dicts in suboptions
* Add integration tests
* Validate parameters in dict and list
In case it comes in as a string
* Make changes based on feedback, fix tests
* Simplify validators since we only need to validate dicts
Add test for suboptions passed in as strings to ensure they get validated properly and turned into a dictionary.
ci_complete
* Add a few more integration tests