Commit graph

49092 commits

Author SHA1 Message Date
Lihu Ben-Ezri-Ravin
48505af9d2
Remove filtering from edgeos_config module (#63362)
The edgeos_config module had a list of commands to filter out to avoid
load failures. This list had a single regular expression which caught
commands that attempted to set pre-encrypted passwords. This behavior is
undesirable for a few reasons.

* It's poorly documented. The documentation makes cryptic mention of a
  return value that some commands might be filtered out, but offers no
  explanation as to what they are or why.

* It's hard-coded. There's no way for the user to change or disable this
  functionality, rendering the commands caught by that expression
  completely unusable with the edgeos_config module.

* The obvious workaround is unsafe. The filter catches passwords that
  are already encrypted, but is perfectly fine letting the user set
  plain-text passwords. EdgeOS will encrypt them upon commit, but this
  module encourages unsafe handling of secrets up to that point.

* It's a security vulnerability if the user doesn't know about this
  behavior. While the module will warn if commands are filtered, the
  user won't know what got filtered out until after the fact, and may
  easily miss that warning if they are not vigilant. For something as
  sensitive as setting a password, it's not hard to imagine naive use of
  this module resulting in incorrect credentials being deployed.

* It provides no discernible benefit. Using the module without filtering
  does not result in load failures. If those commands are indeed harmful
  for some reason on (old?) versions of EdgeOS, it should be incumbent
  upon the user to be scrupulous in what commands they issue, rather
  than the module maintaining a blacklist of possible ways the user
  might misuse their own system.
2020-02-05 14:57:55 -05:00
Jørgen Lien Sellæg
43f93d275c
openssl_certificate: Selecting which acme directory to use to get certificate (#67109)
* "openssl_certificate - Add option for changing which ACME directory to use with acme-tiny. Set the default ACME directory to Let's Encrypt instead of using acme-tiny's default. (acme-tiny also uses Let's Encrypt at the time being, so no action should neccessary.)"
  * "openssl_certificate - Change the required version of acme-tiny to >= 4.0.0"
2020-02-05 14:10:27 -05:00
Ruediger Pluem
80c4b86abe
group - correctly determine if a local group exists. (#59772)
Fixes #58619
Add integration test
2020-02-05 12:34:41 -05:00
Mark Chappell
50eb2f6957
sns_topic: Retry on Topic 'NotFound' Exceptions when attempting to list subscriptions (#67089)
* sns_topic: Retry on Topic 'NotFound' Exceptions when attempting to list subscriptions

* add changelog
2020-02-05 12:16:07 -05:00
Adam Miller
2f77a6f1f0
migrate qradar and splunk httpapi plugins to collections (#67132)
Signed-off-by: Adam Miller <admiller@redhat.com>
2020-02-05 11:07:03 -06:00
anshulbehl
f3f9671e01
Adding migration for netapp content (#67081)
* Adding migration for netapp elementsw content

* Adding migration data for netapp ontap content
2020-02-05 18:05:53 +01:00
Mitsuru Nakakawaji
c55ba658c6
add note for Azure Availbility Zone (#66200)
* add note for Azure Availbility Zone

* Change title

* Update docs/docsite/rst/scenario_guides/guide_azure.rst

Co-Authored-By: Sandra McCann <samccann@redhat.com>

* Update docs/docsite/rst/scenario_guides/guide_azure.rst

Co-Authored-By: Sandra McCann <samccann@redhat.com>

* Update docs/docsite/rst/scenario_guides/guide_azure.rst

Co-Authored-By: Sandra McCann <samccann@redhat.com>

* Update docs/docsite/rst/scenario_guides/guide_azure.rst

Co-Authored-By: Sandra McCann <samccann@redhat.com>

* Update docs/docsite/rst/scenario_guides/guide_azure.rst

Co-Authored-By: Sandra McCann <samccann@redhat.com>

* Update docs/docsite/rst/scenario_guides/guide_azure.rst

Co-Authored-By: Sandra McCann <samccann@redhat.com>

* Update docs/docsite/rst/scenario_guides/guide_azure.rst

Co-Authored-By: Sandra McCann <samccann@redhat.com>

* Update docs/docsite/rst/scenario_guides/guide_azure.rst

Co-Authored-By: Sandra McCann <samccann@redhat.com>

* Update docs/docsite/rst/scenario_guides/guide_azure.rst

Co-Authored-By: Sandra McCann <samccann@redhat.com>

* Update docs/docsite/rst/scenario_guides/guide_azure.rst

Co-Authored-By: Sandra McCann <samccann@redhat.com>

* Update docs/docsite/rst/scenario_guides/guide_azure.rst

Co-Authored-By: Sandra McCann <samccann@redhat.com>

* Update docs/docsite/rst/scenario_guides/guide_azure.rst

Co-Authored-By: Sandra McCann <samccann@redhat.com>

* Update docs/docsite/rst/scenario_guides/guide_azure.rst

Co-Authored-By: Sandra McCann <samccann@redhat.com>

* Update docs/docsite/rst/scenario_guides/guide_azure.rst

Co-Authored-By: Sandra McCann <samccann@redhat.com>

* Update docs/docsite/rst/scenario_guides/guide_azure.rst

Co-Authored-By: Sandra McCann <samccann@redhat.com>

* Update docs/docsite/rst/scenario_guides/guide_azure.rst

Co-Authored-By: Sandra McCann <samccann@redhat.com>

* Update docs/docsite/rst/scenario_guides/guide_azure.rst

Co-Authored-By: Sandra McCann <samccann@redhat.com>

* Update docs/docsite/rst/scenario_guides/guide_azure.rst

Co-Authored-By: Sandra McCann <samccann@redhat.com>

* Update docs/docsite/rst/scenario_guides/guide_azure.rst

Co-Authored-By: Sandra McCann <samccann@redhat.com>

Co-authored-by: Sandra McCann <samccann@redhat.com>
2020-02-05 12:04:47 -05:00
Newptone
0a8f5aba74
Bugfix for os_coe_cluster_template module (#54819) (#54820)
* Support 'overlay2' in docker_storage_driver

* Fixed the data type in labels

* Improve string process with parsing labels
2020-02-05 10:41:15 -05:00
Mads Jensen
3dd4b3c8a3
Replaces a open/close to validate access with os.access in azure storageblob. (#65608) 2020-02-05 08:20:39 -05:00
Martin Nečas
52f2081e62
Ovirt_host_network: add custom_properties (#67117)
* init of cp

* set update_custom_properties

* update check_mode

* correct examples

* add version_added

* update sanity
2020-02-05 07:03:32 -05:00
Markus Bergholz
822077fefd
Asg mixed instance types (#67045)
* merge from origin pr 55067

* handle update existing asg with mixed-instance-policy

* fix documentation and append output

* update output documentation

* update documentation version added

* add integration test for mixed instance policy using launch template

* add changelog fragment

* Update lib/ansible/modules/cloud/amazon/ec2_asg.py

Co-Authored-By: Mark Chappell <mchappel@redhat.com>

* Update lib/ansible/modules/cloud/amazon/ec2_asg.py

Co-Authored-By: Mark Chappell <mchappel@redhat.com>

* Update lib/ansible/modules/cloud/amazon/ec2_asg.py

Co-Authored-By: Jill R <4121322+jillr@users.noreply.github.com>

* add warning about botocore version and add expand example documentation

* Update changelogs/fragments/67045-ec2_asg_mixed_instance_policy.yml

Co-Authored-By: Mark Chappell <mchappel@redhat.com>

* Update lib/ansible/modules/cloud/amazon/ec2_asg.py

Co-Authored-By: Mark Chappell <mchappel@redhat.com>

* Update lib/ansible/modules/cloud/amazon/ec2_asg.py

Co-Authored-By: Mark Chappell <mchappel@redhat.com>

* remove useless line

Co-authored-by: Yi-Tse Hong <yitse.hong@soocii.me>
Co-authored-by: Mark Chappell <mchappel@redhat.com>
Co-authored-by: Jill R <4121322+jillr@users.noreply.github.com>
2020-02-05 09:04:15 +01:00
Jordan Borean
f23cee2145
win_mapped_drive - Add WebDAV information (#67111) 2020-02-05 13:23:52 +10:00
Jordan Borean
12e3adb23a
win_domain_controller - add a deprecation warning for the log_path option (#67108) 2020-02-05 10:46:47 +10:00
Jordan Borean
78470c43c2
Removed deprecated items in Windows modules (#67105) 2020-02-05 09:02:04 +10:00
James Cassell
1bb94ec92f
service_mgr: detect systemd, even offline (#66071)
* service_mgr: detect systemd, even offline

* service_mgr=systemd iff /sbin/init is symlink
2020-02-04 17:32:36 -05:00
GomathiselviS
4ac89b8ac7
Added Fix - Allow nxos_l2_interfaces to append the allowed vlans list (#66517)
* Added Integration tests

* Corrected lint errors

* Added fix for bug # 54400

* Revert "Added fix for bug # 54400"

This reverts commit bf42db4269.

* Revert "Adding files for RM static_routes"

This reverts commit dafdd92d43.

* Revert "Added Integration tests"

This reverts commit 129dc87682.

* Bug Fix 65332

* Added testcase for #66517

* Removed unnecessary commit

* fixing conflicts

* fixing conflicts

* addressed mikeweibe's comments

* Corrected lint errors

* Added idempotent tc for add vlans

* Added replaced and overridded tcs for trunk vlan add
2020-02-04 15:14:04 -05:00
James Cassell
fd954a9c5c
wait_for_connection: also retry interpreter discovery (#67040)
self._discovered_interpreter_key is None unless a previous iteration
has attempted discovery.  In that case, force re-discovery, as the
previous attempt certainly failed.
2020-02-04 11:40:09 -08:00
Matt Clay
f4a80bb600
Code cleanup and refactoring in ansible-test. (#67063)
* Code cleanup in ansible-test.
* Split out encoding functions.
* Consoldate loading of JSON files.
* Split out disk IO functions.
* Simplify file access.
* Add functions for opening files.
* Replace open calls with appropriate functions.
* Expose more types from typing module.
* Support writing compact JSON.
* Add verbosity argument to display.warning.
* Add changelog entry.
* Update files overlooked during rebase.
* Use `io.open` instead of `open`.
* Fix file opening for imp.load_module.
* Remove use of `r+` mode to access files.
* Add missing import.
* Fix httptester on Python 2.x.
* Clarify changelog fragment.
* Consolidate imports. Remove extra newlines.
* Fix indirect imports.
2020-02-04 11:21:53 -08:00
tavery321
994a6b0c5a
fixes ANSIBLE_DUPLICATE_YAML_DICT_KEY=error crashes (#66786)
* Fix #65366
2020-02-04 13:53:13 -05:00
Erwin Oegema
3b32f95fb3
user - warn if "append" is set but not "groups" (#65795)
This fixes people unknowingly changing the primary group rather than adding a secondary group.

* Add integration test
2020-02-04 12:35:05 -05:00
Felix Fontein
fe454d27a1
Fix removed_in_version to support honor suboptions (#66918)
* Add unit tests.
* Fix reporting for removed_in_version.
* Add changelog.
2020-02-04 10:14:55 -05:00
Felix Fontein
28b2428d22
docker_container: fix port order in docs (#67071)
* Fix port order.

* Forgot to remove random.
2020-02-04 10:05:53 +01:00
Felix Wong
8b2ead5870
add jittered backoff for elb (#66673) 2020-02-04 08:57:26 +01:00
Brian Scholer
fc7980af9a
Fix UNC path support in the powershell shell plugin (#66604)
* Fix UNC path joining in the powershell shell plugin, add test

* Remove testy bits and a redundant line

* Fix style nits

* Update to use os.ntpath

* Add changelog for #66604
2020-02-04 16:34:11 +10:00
AirCombat
81378b3e74
Added -LogPath param from Install-ADDSForest to win_domain module (#66956)
* Added omitted logpath parameter to win_domain

The Install-ADDSForest -LogPath param seems to have been omitted in the win_domain module. We do not use this module organisation-wide as its non trivial to change the log patch once AD is set up. I will also update docs

* Removed trailing whitespace

* Added logpath option to win_domain module docs
2020-02-04 14:52:24 +10:00
Jordan Borean
6d792838e4
Move url option from util to individual modules (#67068) 2020-02-04 10:43:33 +10:00
Matt Clay
be9471b251 Temporarily remove AIX from test matrix.
AIX provisioning is failing.
2020-02-03 16:36:51 -08:00
Jordan Borean
3ada0b2f65
win_uri: fix up tests (#67064) 2020-02-04 09:57:44 +10:00
Felix Fontein
23b2bb4f4d
docker_container: change behavior for one-port container ranges to be same as docker CLI (#66382)
* Adjust docker_container behavior for one-port container ranges to be similar to docker CLI.

* Add changelog.

* Add documented examples for ports:.
2020-02-03 23:27:40 +01:00
Andrew Klychkov
21ae66db2e
postgresql_user_obj_stat_info: new module (#66892)
* postgresql_user_obj_stat_info: new module

* fix sanity

* add schema parameter

* add CI tests

* add RETURN section

* add example with schema

* fix CI

* fix example comments

* skip aix

* fixes part 1

* fixes part 2

* fix CI

* fix CI

* fix doc formatting
2020-02-03 23:06:31 +01:00
Matt Clay
622f1c4c01 Revert "Temporarily remove AIX from test matrix."
This reverts commit 6024c09be5.
2020-02-03 13:34:10 -08:00
Dick Visser
5b93a14a0f
Add anchor to each parameter row (#66895)
* Add anchor to each paramater row

* Update docs/templates/plugin.rst.j2

Co-Authored-By: Felix Fontein <felix@fontein.de>

* Insert full keys into plugin docs.

* Added visible links.

Co-authored-by: Felix Fontein <felix@fontein.de>
2020-02-03 20:11:48 +01:00
Matt Clay
6024c09be5 Temporarily remove AIX from test matrix.
AIX provisioning is failing.
2020-02-03 10:13:33 -08:00
Felix Fontein
5c1a3a3ac2
docker_container and docker_swarm_service: allow to actually disable healthcheck of image (#66599)
* Allow to actually disable healthcheck of image.

* Add changelog.
2020-02-03 13:13:17 -05:00
Ilias Trichopoulos
d6f2b4e788
Fix indentation (#66991) 2020-02-03 12:30:12 -05:00
unixsysadmin
ea105dcb2f
Update template.py (#67010)
Update the example so that the task name matches the filename being updated
The first example shows how you might template a file to destination /etc/file.conf.  The description of this task appears to have a typo as it refers to  '/etc/files.conf' rather than '/etc/file.conf'
2020-02-03 12:28:55 -05:00
Sander
87a5e433ef
update guide_azure.rst (#66940)
changed example for ping linux machines. Looks liked it was wrongly copy paste.
2020-02-03 12:26:14 -05:00
Gregor Riepl
f49408287a
Document difference between ec2 and ec2_instance modules (#67009)
Co-Authored-By: Mark Chappell <mchappel@redhat.com>
2020-02-03 12:12:13 -05:00
Martin Nečas
fad261b04f
ovirt_job: add when job is detected but in state finished (#66810)
* ovirt_job: add when job is detected but in state finished

* add docs
2020-02-03 09:21:10 -05:00
Nathaniel Case
53c7f8cbde
Allow httpapi for EOS resource modules (#66871)
* Redo tests to be transport agnostic

cli -> eos config

* Redirect connection for httpapi

* Fix tests

* Handle missing platform imports
2020-02-03 08:04:08 -05:00
ndclt
0ee28c14c2
Add maintainer for keycloak module (#61521)
* add maintainer for keycloak module

* typo correction
2020-02-03 11:57:11 +01:00
Felix Fontein
a0e5e2e4c5
openssl_publickey: forgot to pass backend (#67036)
* Forgot to pass backend.

* Add changelog.

* Pass on backend from get_fingerprint.

* Handle cryptography backend in get_fingerprint.
2020-02-03 06:18:19 +01:00
Simon Dodsley
b1a8bded3f
Remove deprecated parameter for 2.10 in purefb_fs (#67026) 2020-02-02 15:30:01 +01:00
Felix Fontein
8f10db8552
Do fail instead of regenerate for password protected and invalid keys. (#65638) 2020-02-02 07:54:28 -05:00
Felix Fontein
d6fb9da8ed
openssl_* modules: allow direct input and output for some files (#65400)
* Allow to return generated object.

* Use slurp module instead of file lookup + b64encode.

* Rename return_xxx_content -> return_content.
2020-02-02 12:42:52 +01:00
Evert Mulder
4d345813ea
Group ids are strings now (#66939) 2020-02-02 04:57:23 -05:00
Klaus Frank
14b1febf64
Fix pacman: "IndexError: list index out of range" #63077 (#65750)
* Fix #63077

If the package is already installed the stdout is not as expected by this function. Either remove `--needed` or just noop if we detect pacman returning. We cannot match the stdout string, as that is most likely localized.

```
[root@archBook user]# /usr/bin/pacman --upgrade --noconfirm --noprogressbar --needed  /srv/aur/src/i3cat-git/i3cat-git-r38.c6d29dd-1-x86_64.pkg.tar.xz
loading packages...
warning: i3cat-git-r38.c6d29dd-1 is up to date -- skipping
 there is nothing to do
```

* Add comment

Add comment

* Add changelog fragment.

Co-authored-by: Felix Fontein <felix@fontein.de>
2020-02-01 14:37:27 +01:00
Andrew Klychkov
3baea92ec9
Bugfix of 54239: mysql_variables not supporting variables name with dot (#66806)
* Bugfix of 54239: mysql_variables not supporting variables name with dot

* add changelog

* add CI tests
2020-02-01 12:39:52 +05:30
Toshio Kuratomi
f5e194cbcd
Move random_mac into its own file (#67000)
* Move random_mac into its own file

This is likely to be the only filter which is not included in
ansible-base.  So it needs to be in its own file.
2020-01-31 14:33:16 -08:00
Rotaru Sergey
ef1fd19c00
croc cloud - ec2 key patch (#60929)
This patch fixes "IndexError: list index out of range" error for https://console.cloud.croc.ru.
When key pair is new, croc return dict with an empty list for key KeyPairs that causes ansible to crush.
2020-01-31 17:20:58 -05:00