Use an alias to access the datastore host. This way, it's easier
to use an existing NFS server.
We can also disable the `write` access on the iso datastore.
This fixes a regression that was caused by switching from copy() to
deepcopy() when 'saving' variables before templating. Since HostVars
did not implement the __deepcopy__() method, deepcopy returned incorrect
results when host vars were present in the variables.
Fixes#63940
This is a change to the regression tests only. These tests were failing because of leftover device settings from previous tests:
- existing `channel-group` configurations on non-test interfaces were included in the before/after counts
- fixed by using the `nxos_lag_interfaces` module with `state: deleted` to remove `channel-group` configur
ations from all interfaces
- existing `L2` `port-channel` interfaces with the same ID as the test `channel-group` ID may prevent configuring `channel-group` on the test ethernet interface
- fixed by removing `port-channel` interfaces with the same ID; e.g.
```
interface port-channel98
switchport
switchport mode trunk
nx-1(config-if)# interface Ethernet1/19
nx-1(config-if)# channel-group 98
command failed: port not compatible [switching port]
```
Fixes passed on `N6K,N7K,N9K,N3K` (internal TBs: `dt-n9k5-1,n6k-77,n7k-99,n7k-j,n3k-173,evergreen-nx-1,greensboro-nx-1,hamilton-nx-1,camden-nx-1`)
The error below occurs when attempting to run `ansible-playbook` with nxos regression tests.
```
fatal: [dt-n9k5-1.cisco.com]: FAILED! => {
"changed": false,
"invocation": {
"module_args": {
"commands": [
"show interface brief | json"
],
"timeout": 60
}
},
"msg": "Unsupported parameters for (nxos_command) module: timeout Supported parameters include: commands, interval, match, provider, retries, wait_for"
}
```
This error appears to be a result of https://github.com/ansible/ansible/pull/62625, but that has not been verified.
* convert aws_acm_facts to AnsibleAWSModule
* factor aws_acm_facts into module_utils
* add more filtering options for aws_acm_info
* add aws_acm module and tests
* uncomment aws_acm test
* fix linting for aws_acm
* fix __future__ linting for aws_acm
* fix linting for aws_acm
* fix linting for aws_acm
* fix linting for aws_acm
* fix linting for aws_acm
* fix aws_acm_info arg type
* remove test for old module name aws_acm_facts
* simplify AWS ACM client creation
* fix indent typo in aws_acm test
* catch BotoCoreError in aws_acm
* fix indent typo in aws_acm test
* tighten AWS ACM test policy resource
* move aws acm int test to venv
* remove errant file
* fix AWS ACM int test perms
* undo copyright addition to wrong file
* fix invalid log message in aws_acm
Co-Authored-By: Jill R <4121322+jillr@users.noreply.github.com>
* rephrase aws_acm_info doc from facts to information
Co-Authored-By: Jill R <4121322+jillr@users.noreply.github.com>
* rename aws_facts var to aws_info
* remove case insensitivity for aws_acm pem compare
* add no_log for aws_acm credential setting
* add per-test prefix to aws_acm test resource names
* make aws_acm use crypto module_util
* clarify copyright for aws_acm
* make aws_acm int test clearer
* add explicit crypto dependency to aws_acm
* change requests for aws_acm pr
* fix wrong copyright owner aws_acm test
* fix wrong copyright owner aws_acm test
* rewrite aws_acm cert chain compare with regex, no dependency
* fix linting for aws_acm unit test
* fix linting for aws_acm unit test
* fix linting and duplicate ignore
* fix failed cert chain split in aws_acm, add more tests
* remove errant file
* more linting fixes for aws_acm
* fix sanity ignore
* rewrite cert compare in aws_acm to use base64 decode
* improve regex for pem cert chain split in aws_acm
* undo changes to crypto module util for aws_acm
* increment ansible version for new aws_acm module
* convert aws_acm return(x) to return x
* increment version added for aws_acm_info new features
* fix linting
* fix bugs with AWS ACM
* fix bad rebase
* disable AWS ACM integration test, due to AWS account limit issue
* remove aws acm integration test from shippable group
* Move var plugins handling to a separate file
* Allow var plugins to require whitelisting
* Add global configuration ('demand', 'start') for users to control when they execute
* Add 'stage' configuration ('all', 'task', 'inventory') for users to control on a per-plugin basis when they execute
* Update ansible-inventory and InventoryManager to the global and stage configuration
* Update host_group_vars to use stage configuration and whitelisting
* Add documentation for using new options and to the developer's guide
* Add integration tests to exercise whitelisting and the new configuration options, using vars plugins in collections, and maintain backward compatibility
* Changelog
Co-Authored-By: Brian Coca <brian.coca+git@gmail.com>
Co-Authored-By: Sandra McCann <samccann@redhat.com>
Add module podman_volume_info that collects data about podman
volumes on the host. Acts as docker_volume_info module.
Signed-off-by: Sagi Shnaidman <sshnaidm@redhat.com>
* Move X25519, X448, Ed25519 and Ed448 feature tests to module_utils.
* Correctly sign with Ed25519 and Ed448 keys.
* Fix public key comparison. Ed25519 and Ed448 do not have public_numbers().
* Add tests.
* Add changelog.
* Give better errors for cryptography 2.6.x and 2.7.x.
* Test for new errors.
* Forgot one.
* Used wrong private key.
* Use private key password for CA key. Add more stuff to its certificate.
* Add tests that were originally part of pr59079 before being lost in a rebase
* missed a needed check_mode: yes and a test with a wrong group
* Clarify test name, fix resource, add user delete test
* Use AWSDenyAll for benign policy, chech policy with non-full ARN path works, fix wrong module copy-pasta
Since https://github.com/ansible/ansible/pull/56733, we were not able to apply
firewall rules with no `allowed_hosts` key.
closes: #61332
In addition, this patch ensures the `allowed_hosts` key accepts a dict,
instead of a dict in a single entry list.
```yaml
vmware_host_firewall_manager:
esxi_hostname: "{{ esxi1 }}"
rules:
- name: NFC
enabled: True
allowed_hosts:
- all_ip: False
ip_address:
- "1.2.3.4"
```
Should be written:
```yaml
vmware_host_firewall_manager:
esxi_hostname: "{{ esxi1 }}"
rules:
- name: NFC
enabled: True
allowed_hosts:
all_ip: False
ip_address:
- "1.2.3.4"
```
* postgresql_db: allow to pass users names with dots
* postgresql_db: allow to pass users names with dots, add changelog fragment
* postgresql_db: allow to pass users names with dots, fix ci
* Make banner detection non-greedy in ios_banner
* Added ios_banner unit test to detect bug #63091
* Corrected PEP8 errors
* Added integration test
* Corrected typo in integration test
* adjusted setup_zabbix integration tests role to work on distributions from Debian family
* bumped zabbix_host integration tests role to be run against bionic
* Add more kubernetes Service tests
Services can often go wrong, and one of the main motivations for
apply was being able to correctly modify them, so more tests are good
* Remove a port from a service for k8s testing
* Add a Service check mode to k8s tests
* Eh, 2.10 is close enough
* drop top-level authorize
* Remove from documentation
* Remove load_params
* Centralize this junos thing
* Fixup user modules
* I'm 95% sure this did not do what it was supposed to
* nxos_hsrp: I don't think this is an actual module parameter
* Try to fix junos_package tests
* Move local params to provider
* Promote 'timeout' to a real parameter for eos_eapi
* Don't assume provider exists?
* move another timeout
* Provider now always has auth_pass
* Fix junos tests to avoid NameErrors
* DNF Handle Empty AppStream stream definition
Fixes#63683
Signed-off-by: Adam Miller <admiller@redhat.com>
* Switch Fedora dnf test target modularity to stratis
In Fedora 29, the metadata was not properly set for a default stream
for ripgrep even though there is a profile called "default", however
that's an arbitrary string and the module maintainer must set the
default stream (which it never was for the ripgrep module, thus
failing the "empty stream" install test)
Signed-off-by: Adam Miller <admiller@redhat.com>
* ec2_vpc_route_table_info integration tests
Make sure ec2_vpc_route_table_info return value has the right attributes.
* ec2_vpc_route_table_info integration tests for tags
* Added missing param to lambda module to pass it through to boto3
* Allow updating of runtime, because there is no reason why not
* Updated version_added to 2.10 to make tests green again
* Updated RETURN docs of Lambda module
* Added tests to aws_lambda test-suite.
Use a separate variable for the boolean test rather than having the same variable sometimes be a boolean and sometimes be a regular expression match object
Add integration tests to cover this scenario
* s3_bucket: Allow empty encryption_key_id with aws:kms to use KMS master key
* Add idempotency check and cleanup example, dont require encryption_key_id
* ec2_instance/ec2_instance_info : Fixup sanity test errors
* Move ec2_instance integration tests to use aws_defaults
* Search for the AMI instead of hardcoding an AMI
* Make our VPC CIDR variable
* Remove AZ assumptions - no guarantees about specific AZs being available
* Make sure we terminate instances when we're done with them.
* Add a 10 second pause for IAM roles to become available before using them
* Wait on instance changes by default
* Switch out t2 instances for t3 they're cheaper and have more CPU available
* Pull t3.nano instance info a little earlier
* rework vpc_name and vpc_cidr a little
* Mark ec2_instance tests unsupported for now, they take too long
* s3_logging: (integration tests) updated AWS policy
* s3_logging: fix sanity test issues
* s3_logging: Integration tests
* Add pauses to cope with evenual consistency
* Mark s3_logging tests as 'unsupported' for now due to testing instability
* postgresql_privs: add support a type parameter option for types
* postgresql_privs: add support a type parameter option for types, add changelog fragment
* postgresql_privs: add support a type parameter option for types, add schema handling
* postgresql_privs: add support a type parameter option for types, fix typo
* postgresql_privs: add support a type parameter option for types, add comment
* Add support for format option.
* Improve private key format detection.
* Fix raw format handling.
* Improve error handling.
* Improve raw key handling.
* Add failed raw test.
* Improve raw key loading.
* Simplify tests.
* Add raw format tests.
* Fail if format != 'auto_ignore' is specified for pyopenssl backend.
* Fix quoting.
* Bump version.
* Allow to convert private keys between different formats.
* Improve description.
* Add extra args and executable name to podman connection plugin
Like there is for docker plugin, add extra arguments for command
line of podman. Also add configurable executable and checking if
this executable exists on host. Fail module if executable is not
in PATH.
* Update changelogs/fragments/63166-add-extra-args-executalbe-podman-connection.yaml
Co-Authored-By: Felix Fontein <felix@fontein.de>
Eh, 2.10 is close enough
* drop top-level authorize
* Remove from documentation
* Remove load_params
* nxos_hsrp: I don't think this is an actual module parameter
* Move local params to provider
* Promote 'timeout' to a real parameter for eos_eapi
* Provider now always has auth_pass
* Get no_log parameters from subspec
* Add changelog and unit tests
* Handle list of dicts in suboptions
Add fancy error message (this will probably haunt me)
* Update unit tests to test for list of dicts in suboptions
* Add integration tests
* Validate parameters in dict and list
In case it comes in as a string
* Make changes based on feedback, fix tests
* Simplify validators since we only need to validate dicts
Add test for suboptions passed in as strings to ensure they get validated properly and turned into a dictionary.
ci_complete
* Add a few more integration tests
* add a new module to manage lacp
* add a new module to manage lacp
* add a new module to manage lacp
* add a new module to manage lacp
* add a new module to manage lacp
* update for shippable.
* update for shippable
* add units test to module ce_lacp.
* add units test to module ce_lacp.
* add units test to module ce_lacp.
* update
* update
* update
* update
* update
* update
* update for shippable.
* for shippable
* update ignore.txt to reslove conflict
* update for shippable
* update
* update unittest to remove provider.
* update unittest for shipppable.
* use to_native.
* intergration test
* syntax error
* syntax error
* syntax error
* update for `Andersson007` review and thanks.
* update for shippable
* clean "changed" after it has been processed
without this change, a loop of `debug` tasks with `changed_when`
causes the "changed" status to get lost before output
* runme.sh tests for debug loop status
* fix default collection resolution in adhoc
* if an adhoc command is run with a playbook-dir under a configured collection, default collection resolution is used to resolve unqualified module/action names
* Set ANSIBLE_PLAYBOOK_DIR in integration tests.
* Fix config conflict in ansible integration test.
* add adhoc default collection test
* text-ify warning string
* mysql_replication: add connection_name param for MariaDB multi source support
* mysql_replication: add connection_name param for MariaDB multi source support, add changelog
* add ANSIBLE_PLAYBOOK_DIR envvar support
* allows `ANSIBLE_PLAYBOOK_DIR` envvar as a fallback on CLI types that support `--playbook-dir`. This should have been implemented with #59464, but was missed due to an oversight.
* added basic integration test
* make first-class PLAYBOOK_DIR config entry
* update changelog
* Move EC2 networking objects into network-policy.json
* ec2_vpc_nacl: Add integration tests
* ec2_vpc_nacl: Migrate tests to use module_defaults
* ec2_vpc_nacl: (integration tests) Add missing AWS permissions
* ec2_vpc_nacl: (integration tests) Update tests for ipv6 support
* ec2_vpc_nacl: Migrate to AnsibleAWSModule
* Fix sanity tests for ec2_vpc_nacl and ec2_vpc_nacl_info
* ec2_vpc_nacl_info: Migrate to AnsibleAWSModule
* ec2_vpc_nacl_info: (integration tests) Rename from ec2_vpc_nacl_facts to ec2_vpc_nacl_info and add a test using a filter (by tag)
* Pick availability zones dynamically
Rather than assuming that AZa and AZb always exist (they don't), query to find out which AZs we have available first
* Test that the NACLs we get back are actually the *saml* NACL rather than duplicates/delete remove
* Cleanup IPv6 tests a little.
Note: IPv6 support for ec2_vpc_nacl not complete yet.
This provides the initial framework, and should ensure things don't start exploding when support is added.
* Removing subnets by name from a NACL *is* now supported
* Fix ec2_vpc_nacl return documentation
* mysql_replication: add CI tests with MySQL 5.6
* mysql_replication: add CI tests with MySQL 5.6, add auxiliary checks
* mysql_replication: add CI tests with MySQL 5.6, fix comments
* mysql_replication: add CI tests with MySQL 5.6, add pause
Added vmware module vmware_guest_register_operation
This module can do the following.
Register VM to inventory
Unregister VM from inventory
This is useful when you want to unregister a VM from inventory and register it again.
* Specifying IP addresses needs API version 1.22 or newer.
* Simplify code.
* Use IPAMConfig.IPv*Address instead of IPAddress and GlobalIPv6Address.
* Add changelog.
* Fix syntax errors.
* Add integration test.
* Don't rely on netaddr.
* Normalize IPv6 addresses before comparison.
* Install netaddr, and use it.
* Move tests with docker registry into own target.
* Add docker_login tests.
* Add step which makes sure hello-world:latest is around.
* Make work inside docker container.
* Add dependency.
* Use plaintext password.
* Forgot check_mode.
* Add no_log to avoid double log output in verbose mode.
* AWS: new module iam_user_info
Signed-off-by: psharkey <psharkey@cleo.com>
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
Rename from iam_user_facts to iam_user_info.
Rename and target 2.10.
Fixing docs.
* Adding iam_user_info integration test.
Removing unnecessary tasks.
Fixing yamllint failure test/integration/targets/iam_user_info/defaults/main.yml:5:1: empty-lines: too many blank lines (1 > 0).
* name paramter is optional
* Switch to use AnsibleAWSModule.
* Convert to using fail_json_aws
* Rework asserts to inspect ARN.
* Move integration tests from iam_user_info to iam_user.
* Fix pep8 problems.
* ec2_argument_spec not needed with AnsibleAWSModule.
* Switch to use helper in AnsibleAWSModule.
* Add iam_user_info to the aws group.
* Add support for pagination and backoff.
* Check improper parameter usage first.
* Adding test cases for multiple users.
* Rmoving unneeded line.
* Remove unneeded imports.
* Switch to catch BotoCoreError.
* Adding tests for exception coverage.
* Compare user info directly with values from created user.
* iam_role: Add support for managing MaxSessionDuration
* iam_role: Add support for deleting the IAM Instance Profiles we created
* iam_role: migrate all boto failures to fail_json_aws for consistency
* iam_role: test validity of path so we can throw a more understandable error
* iam_role: (integration tests) Split iam_role integration tests from sts_assume_role tests
- Make the iam_role tests more comprehensive
- Add tests for iam_role_info
* iam_role: (integration tests) Make some of our pauses optional
If the tests appear to be flakey we may need to enable standard_pauses
Improve tests
- add more unit test cases
- add specific integration test with more cases
Testing shows no major downside to calling .strip() twice in a comprehension vs. using a regular for loop and only calling .strip() once. Going with the comprehension for ease of maintenance and because comprehensions are optimized in CPython.
Until now, the vcenter provider was switching between `static` and
`govcsim` depending on the presence of the following configuration file:
`test/integration/cloud-config-vcenter.ini`.
This was not consistent with Worldstream, which we enable with the
`VMWARE_TEST_PLATFORM` environment variable.
We now only rely on `VMWARE_TEST_PLATFORM` to know which platform should be
used. `govcsim` is still the default, this to preserve the original
behaviour.
This commit also rename the following variables to be consistent with the rest
of the code base. It also ensures they are alway defined, even with `govcsim`:
- `VCENTER_HOSTNAME`
- `VCENTER_USERNAME`
- `VCENTER_PASSWORD`
The `pids` module returns the list of the PID in a `pids` key.
This change ensures we correctly wait for the end of the previous mongod
instances before we start the next ones.
In addition, we remove an unnecessary `ignore_errors`.
* postgresql: move CI tests of *_tablespace, *_membership, *_idx to separate targets
* postgresql: move CI tests of *_tablespace, *_membership, *_idx to separate targets, change formatting
* Ensure k8s apply works with check mode
Update the new predicted object with fields from the previous object
before applying in check mode
Don't log output of `file` with `state: absent` on huge virtualenvs!
Fixes#60510
* Use openshift client fix to improve apply for check mode
Use new apply_object method to get a better approximation
of the expected object in check mode.
Requires released upgrade to openshift
* Add changelog fragment for k8s apply check mode fix
* Update changelogs/fragments/60510-k8s-apply-check-mode.yml
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Fix plugin names for collection plugins.
Add an integration test to verify plugin __name__ is correct for collection plugins.
* Fix collection loader PEP 302 compliance.
The `find_module` function now returns `None` if the module cannot be found. Previously it would return `self` for modules which did not exist.
Returning a loader from `find_module` which cannot find the module will result in import errors on Python 2.x when using implicit relative imports.
* add changelog
* sanity/units/merge fixes
* Add integration tests for ansible-doc.
* Enable tests that now pass
* Cleanup processing of plugin docs
* Mostly separate the steps of processing plugin docs
1) Acquire source data
2) Transform and calculate additonal data
3) Format data for output
4) Output data
format_plugin_doc() is still mixing transformation and formatting but
that should be fixed in a devel-only change
* Raise exceptions in _get_plugin_doc() on errors.
* Remove check to exclude on blacklisted extensions. We already request
only .py files
* If there is no DOCUMENTATION entry in the plugin, raise an exception
from _get_plugin_doc(). Everywhere we use _get_plugin_doc(), this is
treated as an error
* If there is no ANSIBLE_METADATA raise an exception as well as
displaying of docs assumes that this has been set.
* If there is neither DOCUMENTATION nor ANSIBLE_METADATA, warn about the
lack of METADATA and error on the lack of DOCUMENTATION. Lack of
DOCUMENTATION is more important so it is what the user should see.
* Add a few special cases for backwards compat. These should probably
be made errors in 2.10:
* no docs but has metadata shows no documentation rather than an error
* empty plugin file shows no doumentation rather than an error
* Simplify backwards compatibility logic.
Fixes#62319
Change `enable` option to `enabled` in junos_interfaces
and junos_lldp_interfaces
data model to be in sync with other network platform
resource modules added in 2.9 version.
* Add ecs_domain module
* Fixes to integration tests and module
* Fixes to tests and module
* Corrections to revalidation behavior, cna only revalidate domains in expiring.
* Remove debugs for final test run, fix sanity check test fails.
* Add checks for domain status
* Add changelog fragment for new module.
* Removed extra space in backtick
* Minor fixes to make behavior more consistent and correct documentation.
* Update lib/ansible/modules/crypto/entrust/ecs_domain.py
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Update lib/ansible/modules/crypto/entrust/ecs_domain.py
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Update lib/ansible/modules/crypto/entrust/ecs_domain.py
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Apply suggestions from code review
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Change casing of verification method enum, remove redundant changelog fragment
* Return ov_eligible and ev_eligible fields even if false, as long as they're returned by ECS API