updates docs/docsite/rst/user_guide/vault.rst
* Add reference to single variable vault encryption
* rST ref to jump to the section
* Clarify the two targets of vault encryption, with notes about advantages and drawbacks of each
* Add the default form for --vault-id
* Add Vault ID examples for normal operations
Co-Authored-By: tacatac <taca@kadisius.eu>
* Start of migration to argparse
* various fixes and improvements
* Linting fixes
* Test fixes
* Fix vault_password_files
* Add PrependAction for argparse
* A bunch of additional tweak/fixes
* Fix ansible-config tests
* Fix man page generation
* linting fix
* More adhoc pattern fixes
* Add changelog fragment
* Add support for argcomplete
* Enable argcomplete global completion
* Rename PrependAction to PrependListAction to better describe what it does
* Add documentation for installing and configuring argcomplete
* Address rebase issues
* Fix display encoding for vault
* Fix line length
* Address rebase issues
* Handle rebase issues
* Use mutually exclusive group instead of handling manually
* Fix rebase issues
* Address rebase issue
* Update version added for argcomplete support
* -e must be given a value
* ci_complete
-Add: Test cases for ansible_parent_role_names and ansible_parent_role_paths
-Add: ansible_parent_role_names/paths variables for when a role is being included by another role.
* initial port over from gdoc
* crosslink httpapi pages
* Add some examples?
* Add quick example of using Connection
* Fix indentation of python code blocks
* moved to a full developer guide for networks
* Try to clarify some examples
* Fix typos
How did I even do that?
* Update docs/docsite/rst/dev_guide/testing_units_modules.rst
`set_unit_args()` should be imported and used in the unit test documentation.
Co-Authored-By: kbreit <kevin.breit@kevinbreit.net>
* migration docs for gce, with example playbook
* Update docs/docsite/rst/scenario_guides/guide_gce.rst
Co-Authored-By: rambleraptor <alexstephen@google.com>
* Document replacements
Document suggested replacement moduels for kubernetes, oc, and ec2_ami_find
modules in the porting guide
* remember the _module suffix
* Remove code but leave the metadata so that they can be listed as
removed in documentation.
* Remove removed modules from validate-modules ignore
* Remove unittests for the removed nodules
* Remove links to removed modules and add list of removed moduels to the
2.9 porting guide
* Fewer connection: local lines in module examples and scenario guides
The line 'connection: local' is not required. See
./docs/docsite/rst/inventory/implicit_localhost.rst
* Initial commit for module to manage Vexata storage volumes + fixes form code review in pr #47091.
* Fix indent errors reported by lint.
* Refactor, implement code review changes
* Moved doc fragment file to new layout
* Added explicit types for all module parameters, updated copyrights + raw string for block text.
* Added idempotency logic to openssl_pkcs12
Also decoupled the 'parse' and 'generate' function from the file write
as they are now used in different places that do not need the file to be
written to disk.
* Added idempotency tests for openssl_pkcs12
Also adds a new test for pkcs12 files with multiple certificates
* Regenerate if parsed file is invalid
* pkcs12_other_certificates check was wrong
* Updated ca_certificates to other_certificates
ca_certificates is left as an alias to other_certificates;
friendlyname depends on private key, so it will be ignored while
checking for idempotency if the pkey is not set;
idempotency check only checks for correct certs in the stack
* use different keys for different certs
* Added other_certificates in module docs
* Added changelog and porting guide
* removed unrelated porting guide entry
* renamed ca_cert* occurrence with other_cert
This reverts commit 85d836171b.
As discussed in WWG IRC meeting, we don't want Get-ADObject to be a dependency of win_domain_membership, and we need to be able to authenticate to the DC in some configs. We can revisit this change a different way for 2.9.
* Adding more information about blocks and blocks error handling.
* Update docs/docsite/rst/user_guide/playbooks_error_handling.rst and playbooks_blocks.rst
* Removing undefined variables as not rescuable errors.
Signed-off-by: Caio Ramos <caioramos97@gmail.com>
Signed-off-by: Gabriely Pereira <gabriely.pereira@usp.br>
* Apply suggestions from code review
Co-Authored-By: caiohsramos <caioramos97@gmail.com>
* Update guide_azure.rst
Added a note to the 'Storing in a file' section, that the secret value of the ini file should be UrlEncoded.
Otherwise the user might get login errors (depends on the characters used in the secret).
* Remove default use of paramiko connection plugin on macOS
This fix was originally to work around a bug that caused a kernel panic on macOS
that has since been fixed.
* Remove paramiko from requirements.txt
* Move paramiko checking to common place
* Drop the warnings obfiscation code
* Update pip installation instructions to reflect upstream instructions
* Fix tests on CentOS 6 (Python 2.6) that now show Python deprecation warnings
* Add changelog fragment
* win_nssm: rename cmdlets to use approved verbs, rename service name parameters
* win_nssm: improve code style and cmdlets ordering
* win_nssm: always escape all command line parameters with Argv-ToString
fix error when the service name contains quotes
* win_nssm: use Fail-Json instead of exceptions and remove global try/catch
* win_nssm: small refactoring, inline some functions
* win_nssm: refactoring - add a generic cmdlet to idempotently set any nssm service parameter
* win_nssm: refactoring - inline some functions
To make the code more malleable for future changes
* win_nssm: change application, stdout_file and stderr_file options type to path
* win_nssm: deprecates app_parameters, rename app_parameters_free_form to arguments, and add support for list of parameters
* win_nssm: add support of check mode
* win_nssm: add working_directory option
* win_nssm: add display_name and description options
* win_nssm: minor changes
* win_nssm: remove some sanity exclusions
* win_nssm: avoid using aliases and minor style fixes
* win_nssm: doc and ui improvements
* win_nssm: remove sanity exclusions
* win_nssm: minor revision
* win_nssm: deprecates dependencies, start_mode, user and password parameters and some choices of state in favor of win_service
* win_nssm: fix style
* win_nssm: add executable option to specify the location of the NSSM utility
* win_nssm: add missing parameter types
* win_nssm: add diff mode support
* win_nssm: avoid displaying depreciation warning if default value is assigned
* win_nssm: fix variable scope
* win_nssm: use the explicit -LiteralPath parameter name instead of -Path
* win_nssm: fix documentation
* win_nssm: add porting guide entries
* win_nssm: add changelog fragment
* docs: Add example of anchor and aliases in playbook
YAML supports anchors and aliases, add examples for explaining
this functionality with respect to Ansible playbook. Fix headers, fix
local TOC, remove unused section on YAML tags and Python types.
* Add a force_replace_host flag to win_domain_membership
Satisfies https://github.com/ansible/ansible/issues/53539
* Rework backticks
* Bump version_added
* Check for existence of current hostname as well; use LDAPFilter during search
* Rename $force_replace_host to $allow_existing_computer_account
* Added docs, porting guide and minor nit in code
<!--- Your description here -->
`192.168.128.0/20` does not contain `192.168.144.5`, the correct subnet is `192.168.144.0/20` (which is what is rendered on my test template).
+label: docsite_pr
* Allows the use of Private_Keys to be entered as a string instead of just a file. Making it possible to use VAULT to encrypt the key
* Fixed Issues auto check found
* Provide helpful information while avoiding credential exposure
* Restore original variable name :-)
* Fix a few other things
* Influence the default certificate_name in both cases
* Update documentation
* Add contributed docs
* Fix CI issue
* Modify EXOS module utils to utilize 'httpapi' or 'network-cli' connection
* Changes to cliconf plugin to support 'json' or 'text' output for compatibility between network-cli and httpapi
* Add HTTPAPI plugin supportng JSONRPC and RESTCONF for EXOS
* exos_facts modify commands with run script cli2json.py to command dictionary specifying 'json' output
Load appropriate fixtures
* Update exos_config module to utilize the get_diff and get_default_flag functionality.
JSONRPC doesn't work well with pipes, regex MULTILINE
* Support for NOS agnostic 'cli_config' module by implementing 'get_default_flag' and 'get_diff' functionality
* Update Ansible Documentation regarding the connections available for EXOS
When using before and after in combination, the opposite behavior was induced. This PR makes the the replacement happen between the specified patterns as intended.
* Added integration tests
* Add changelog, porting guide entry, and minor doc fixes
* update _facts and _info in checklist in docs/docsite/rst/dev_guide/developing_modules_checklist.rst
Co-Authored-By: bcoca <bcoca@users.noreply.github.com>
* Remove nose from unittests
This PR migrates the last of our unittests from using nose to using
pytest. We don't need to install nose in our testing environments
anymore
* Add a warning about vault leaving secrets in the shell history.
* Add a warning about accidental newlines in vault encrypted strings.
+label: docsite_pr
* modify regex to use implicit charsets this should solve issues in py3 and unicode names
* fix issue with subgroups in yaml inventory
* clarify deprecation message
* separated per name warning from deprecation
* move noise to verbosity, simplify warnings
* fix docs to reflect actual 'good' practice
* change toggle to choice list to give users more options
* docs: refresh testing_integration.rst
Ensures the examples can be run:
- fedora25 is not available anymore, use fedora29 instead
- the posix/ci alias does not exist anymore, use shippable/posix/ instead
- explain how to list the target without argcomplete
* ansible-test should be in $PATH
* call ansible-runner from bin/, not test/runner
* we don't use credentials.template anymore, we use a collection of .template files.
* low-case bash bc we refresh to name of the binary
* refresh the command of Windows-CI example
* Update docs/docsite/rst/dev_guide/testing_integration.rst
Co-Authored-By: goneri <goneri@lebouder.net>
* Add support for Windows hosts in the SSH connection plugin
* fix Python 2.6 unit test and sanity issues
* fix up connection tests in CI, disable SCP for now
* ensure we don't pollute the existing environment during the test
* Add connection_windows_ssh to classifier
* use test dir for inventory file
* Required powershell as default shell and fix tests
* Remove exlicit become_methods on connection
* clarify console encoding comment
* ignore recent SCP errors in integration tests
* Add cmd shell type and added more tests
* Fix some doc issues
* revises windows faq
* add anchors for windows links
* revises windows setup page
* Update changelogs/fragments/windows-ssh.yaml
Co-Authored-By: jborean93 <jborean93@gmail.com>
* Replace InventoryFileCacheModule with a better developer-interface
Use new interface for inventory plugins with backwards compatibility
Auto-update the backing cache-plugin if the cache has changed after parsing the inventory plugin
* Update CacheModules to use the config system and add a deprecation warning if they are being imported directly rather than using cache_loader
* Fix foreman inventory caching
* Add tests
* Add integration test to check that fact caching works normally with cache plugins using ansible.constants and inventory caching provides a helpful error for non-compatible cache plugins
* Add some developer documentation for inventory and cache plugins
* Add user documentation for inventory caching
* Add deprecation docs
* Apply suggestions from docs review
* Add changelog
* Add a new check to ensure that module arguments are valid python identifiers
* Move the check up higher, out of the if docs block
* Skip validate-modules on py2
* Remove errant alias
* Change the retry_files_enabled to False and modify the comments to reflect that
this has been disabled.
* Change the default action of retry_files_enabled to False
* Update porting guide to reflect change in default state of retry_files_enabled variable
* Change log documenting a change in default behaviour of retry_files_enabled
* Revert config change to comment out the retry_files_enabled line to let the user decided what is best.
Comment above still states how to change.
* Python interpreter discovery
* No longer blindly default to only `/usr/bin/python`
* `ansible_python_interpreter` defaults to `auto_legacy`, which will discover the platform Python interpreter on some platforms (but still favor `/usr/bin/python` if present for backward compatibility). Use `auto` to always use the discovered interpreter, append `_silent` to either value to suppress warnings.
* includes new doc utility method `get_versioned_doclink` to generate a major.minor versioned doclink against docs.ansible.com (or some other config-overridden URL)
* docs revisions for python interpreter discovery
(cherry picked from commit 5b53c0012ab7212304c28fdd24cb33fd8ff755c2)
* verify output on some distros, cleanup
Based on https://docs.ansible.com/ansible/latest/reference_appendices/config.html
the default callback paths do not contain `_plugin`. Thus `~/.ansible/plugins/callback_plugins` and `/usr/share/ansible/plugins/plugin_type/action_plugins` are incorrect. Verified on 2.7.5 that by default `plugins/action` works and `plugins/action_plugins` does not.
* Add new module property to Windows modules
* Add brief pause to file tests to ensure the stat times are not equal, which was happening sometimes.
* Raise TypeError on error rather than fail_json()
* Rework error message to be less verbose
* Add porting guide entry
* update the developing_inventory docs to show ungrouped as a dict with a "children" key; avoid
[WARNING]: Found both group and host with same name: ungrouped
* Fix and update vault docs, add and clarify examples and options, introduce the concept of labeling a vault for clarity even if only a single password is in use for a given run, rework multi-password section to align to these concepts.
* Document -client scripts for ansible vault.
Co-Authored-By: orthanc <orthanc@users.noreply.github.com>
* Facts parsing for cmdline can now handle multiple values for a single key.
* Unit tests for cmdline fact parsing
* Review comments
Fixes: #22766
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
`ansible-galaxy init` creates a directory named `role_name` (in the given example) instead of adding the structure in the current working directory.
Additionally adding a clarification for repository creation as the proper repository root is not described yet.
+label: docsite_pr
* validate-modules: Documentation bool
This check allows to catch cases where type of argument is different than documentation does.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Wrong comparison for 'str'
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Add ignore.txt
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Fix logic and clean up ignore.txt
* Updated the ansible-galaxy docs
<!--- Your description here -->
Updated the documentation that reflects the default branch that will be used for the `version` option in ansible-galaxy.
+label: docsite_pr
* Updated the documentation
As per the code (6d4307377f/lib/ansible/galaxy/role.py (L237))[ansible/galaxy/role.py] Defaults to the branch set as a default in the repository otherwise defaults to the master.
* Update docs/docsite/rst/reference_appendices/galaxy.rst
Co-Authored-By: anis016 <anis016@users.noreply.github.com>
* Remove misleading statement passwords must be same
Since 2.4 Ansible has supported multiple vault passwords:
<https://docs.ansible.com/ansible/latest/user_guide/vault.html#multiple-vault-passwords>
Meaning lines like the following are misleading:
> The password used with vault currently must be the same for all files you wish
> to use together at the same time.
-- `docs/docsite/rst/user_guide/vault.rst`
To demonstrate this with Ansible 2.7, save the following as `example.yaml`:
```
- name: Display output from two vaults with different passwords
hosts: localhost
connection: local
vars_files: [one.yaml, two.yaml]
tasks:
- name: View secret from one.yaml vault
debug: { var: one }
- name: View secret from two.yaml vault
debug: { var: two }
```
Then run the three following commands choosing two different passwords:
```
$ echo 'one: 1' | ansible-vault encrypt --vault-id id1@prompt --output=one.yaml
$ echo 'two: 2' | ansible-vault encrypt --vault-id id2@prompt --output=two.yaml
$ ansible-playbook --vault-id id1@prompt --vault-id id2@prompt example.yaml
```
`ansible-vault` stores an ID in plain text in the vault file.
* Remove note about default in Ansible 2.1
As requested by gundalow in https://github.com/ansible/ansible/pull/49798
* [WIP] become plugins
Move from hardcoded method to plugins for ease of use, expansion and overrides
- load into connection as it is going to be the main consumer
- play_context will also use to keep backwards compat API
- ensure shell is used to construct commands when needed
- migrate settings remove from base config in favor of plugin specific configs
- cleanup ansible-doc
- add become plugin docs
- remove deprecated sudo/su code and keywords
- adjust become options for cli
- set plugin options from context
- ensure config defs are avaialbe before instance
- refactored getting the shell plugin, fixed tests
- changed into regex as they were string matching, which does not work with random string generation
- explicitly set flags for play context tests
- moved plugin loading up front
- now loads for basedir also
- allow pyc/o for non m modules
- fixes to tests and some plugins
- migrate to play objects fro play_context
- simiplify gathering
- added utf8 headers
- moved option setting
- add fail msg to dzdo
- use tuple for multiple options on fail/missing
- fix relative plugin paths
- shift from play context to play
- all tasks already inherit this from play directly
- remove obsolete 'set play'
- correct environment handling
- add wrap_exe option to pfexec
- fix runas to noop
- fixed setting play context
- added password configs
- removed required false
- remove from doc building till they are ready
future development:
- deal with 'enable' and 'runas' which are not 'command wrappers' but 'state flags' and currently hardcoded in diff subsystems
* cleanup
remove callers to removed func
removed --sudo cli doc refs
remove runas become_exe
ensure keyerorr on plugin
also fix backwards compat, missing method is attributeerror, not ansible error
get remote_user consistently
ignore missing system_tmpdirs on plugin load
correct config precedence
add deprecation
fix networking imports
backwards compat for plugins using BECOME_METHODS
* Port become_plugins to context.CLIARGS
This is a work in progress:
* Stop passing options around everywhere as we can use context.CLIARGS
instead
* Refactor make_become_commands as asked for by alikins
* Typo in comment fix
* Stop loading values from the cli in more than one place
Both play and play_context were saving default values from the cli
arguments directly. This changes things so that the default values are
loaded into the play and then play_context takes them from there.
* Rename BECOME_PLUGIN_PATH to DEFAULT_BECOME_PLUGIN_PATH
As alikins said, all other plugin paths are named
DEFAULT_plugintype_PLUGIN_PATH. If we're going to rename these, that
should be done all at one time rather than piecemeal.
* One to throw away
This is a set of hacks to get setting FieldAttribute defaults to command
line args to work. It's not fully done yet.
After talking it over with sivel and jimi-c this should be done by
fixing FieldAttributeBase and _get_parent_attribute() calls to do the
right thing when there is a non-None default.
What we want to be able to do ideally is something like this:
class Base(FieldAttributeBase):
_check_mode = FieldAttribute([..] default=lambda: context.CLIARGS['check'])
class Play(Base):
# lambda so that we have a chance to parse the command line args
# before we get here. In the future we might be able to restructure
# this so that the cli parsing code runs before these classes are
# defined.
class Task(Base):
pass
And still have a playbook like this function:
---
- hosts:
tasks:
- command: whoami
check_mode: True
(The check_mode test that is added as a separate commit in this PR will
let you test variations on this case).
There's a few separate reasons that the code doesn't let us do this or
a non-ugly workaround for this as written right now. The fix that
jimi-c, sivel, and I talked about may let us do this or it may still
require a workaround (but less ugly) (having one class that has the
FieldAttributes with default values and one class that inherits from
that but just overrides the FieldAttributes which now have defaults)
* Revert "One to throw away"
This reverts commit 23aa883cbed11429ef1be2a2d0ed18f83a3b8064.
* Set FieldAttr defaults directly from CLIARGS
* Remove dead code
* Move timeout directly to PlayContext, it's never needed on Play
* just for backwards compat, add a static version of BECOME_METHODS to constants
* Make the become attr on the connection public, since it's used outside of the connection
* Logic fix
* Nuke connection testing if it supports specific become methods
* Remove unused vars
* Address rebase issues
* Fix path encoding issue
* Remove unused import
* Various cleanups
* Restore network_cli check in _low_level_execute_command
* type improvements for cliargs_deferred_get and swap shallowcopy to default to False
* minor cleanups
* Allow the su plugin to work, since it doesn't define a prompt the same way
* Fix up ksu become plugin
* Only set prompt if build_become_command was called
* Add helper to assist connection plugins in knowing they need to wait for a prompt
* Fix tests and code expectations
* Doc updates
* Various additional minor cleanups
* Make doas functional
* Don't change connection signature, load become plugin from TaskExecutor
* Remove unused imports
* Add comment about setting the become plugin on the playcontext
* Fix up tests for recent changes
* Support 'Password:' natively for the doas plugin
* Make default prompts raw
* wording cleanups. ci_complete
* Remove unrelated changes
* Address spelling mistake
* Restore removed test, and udpate to use new functionality
* Add changelog fragment
* Don't hard fail in set_attributes_from_cli on missing CLI keys
* Remove unrelated change to loader
* Remove internal deprecated FieldAttributes now
* Emit deprecation warnings now
* standardize user/password connection vars
* docs: use ansible_user and ansible_password
* docs: var precedence for connection vars
* docs: ansible_become_pass -> ansible_become_password etc
* Changed 'Control Machine' to 'Control Node' in the documentation. Changing the term 'Control Machine' to 'Control Node', to be in line with the basic concepts here: https://docs.ansible.com/ansible/latest/network/getting_started/basic_concepts.html
Also for both entities; Control/Managed using the same common denominator 'Node' brings consistency.
* Updated reference links to new term.
* Create new documentation pages for httpapi and cliconf
* Add new documentation to plugins toctree and Makefile
* Add DOCUMENTATION to cliconf
* Apply suggestions from code review
* dellos module doc updates for network_cli
* remove ansible 2.6 reference from dellos10
Co-Authored-By: ryanmerolle <ryanmerolle@users.noreply.github.com>
* remove ansible 2.6 reference from dellos6
Co-Authored-By: ryanmerolle <ryanmerolle@users.noreply.github.com>
* remove ansible 2.6 reference from dellos10
Co-Authored-By: ryanmerolle <ryanmerolle@users.noreply.github.com>
* remove ansible 2.6 reference from dellos6
Co-Authored-By: ryanmerolle <ryanmerolle@users.noreply.github.com>
* fix dellos6 register copy mistake
Co-Authored-By: ryanmerolle <ryanmerolle@users.noreply.github.com>
* remove ansible 2.6 reference from dellos9
Co-Authored-By: ryanmerolle <ryanmerolle@users.noreply.github.com>
* fix dellos6 register copy mistake
Co-Authored-By: ryanmerolle <ryanmerolle@users.noreply.github.com>
* removed indicator of dellos modules being maintained by ansible network team
dellos modules are maintained by Dell
Co-Authored-By: ryanmerolle <ryanmerolle@users.noreply.github.com>
* removed indicator of dellos modules being maintained by ansible network team
dellos modules are maintained by Dell
Co-Authored-By: ryanmerolle <ryanmerolle@users.noreply.github.com>
* Removed indicator of dellos modules being maintained by ansible network team
DellOS modules are maintained by Dell
Co-Authored-By: ryanmerolle <ryanmerolle@users.noreply.github.com>
* remove ansible 2.6 reference from dellos9
Co-Authored-By: ryanmerolle <ryanmerolle@users.noreply.github.com>
* priority setting note in inventory doc
The `ansible_group_priority` variable is also described in *Using Variables* and was given a clarification in issue #41512. The variable is also documented in *Working with Inventory* without the caveat that it needs to be declared on the inventory and not a group_vars file. This change adds that as a note
+label: docsite_pr
* promote doc_fragments into actual plugins
change tests hardcoded path to doc fragments
avoid sanity in fragments
avoid improper testing of doc_fragments
also change runner paths
fix botmeta
updated comment for fragments
updated docs
Add a section to the documentation describing precisely how Ansible
merges custom module_utils/* Python code into the "ansible.module_utils"
namespace.
* Increase persistent command_timeout default value
* Increase command_timeout default value from 10 to 30 sec
to reduce frequent timeout issue for network connection
types (netconf/network_cli/httpapi/napalm)
* Fix review comments
* Revert "avoid x2 setting of set_fact when 'cacheable' (#50564)"
This reverts commit 207848f354.
* clarify clear_facts with set_fact cacheable
revert previous 'fix' as it will break playbooks by changing precedence
opted to leave current behaviour but document it on both plugins to mitigate confusion
fixes#50556
also fix grammer, add comment, remove unused e
* Added documentation around using vmware dynamic inventory plugin
* Fixed bug for populating host_ip in hostvars for given inventory host
* VMware: Add properties in vmware_vm_inventory
Fixes: #50249
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Add a porting guide entry for ansible_distribution facts
Switching away from platform.distro() will cause changes sometimes due
to the new code using new sources of information that may be out of sync
with the old ones. Just have to make people aware of that and also what
we are doing to mitigate it when appropriate.
* wordsmithed, added links for new distro backend
* Once cli args are parsed, they're constant. So, save the parsed args
into the global context for everyone else to use them from now on.
* Port cli scripts to use the CLIARGS in the context
* Refactor call to parse cli args into the run() method
* Fix unittests for changes to the internals of CLI arg parsing
* Port callback plugins to use context.CLIARGS
* Got rid of the private self._options attribute
* Use context.CLIARGS in the individual callback plugins instead.
* Also output positional arguments in default and unixy plugins
* Code has been simplified since we're now dealing with a dict rather
than Optparse.Value
Make WinRM security warning more explicit.
Currently the warning is "viewed by anyone", this is a much lower risk than arbitrary command injection. Therefore the risk should be phrased appropriately.
+label: docsite_pr
* gcp: documentation update
* Update example about dynamic inventory
* minor typo fixes in gcp_utils
* Additional information about enabling inventory plugin in ansible.cfg
partially fixes: #44404
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
Added examples in playbooks_error_handling doc for handlining
multiple conditions in changed_when and failed_when
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Add session tracing support for network_cli, netconf and httapi connection
* Add `persistent_log_messages` configuration option to log device inteaction
in log file for network_cli, netconf and httapi connection
type
* Log jsonrpc request and response in log file is configuration option
is enabled
* Update docs to talk about warning shown when persistent_log_messages is on
Without this modprobe always reports changed when modprobe-ing a builtin module.
With this, if a kernel module is a builtin, the modprobe module will:
- succeed (without incorrectly reporting changed) if ``state`` is ``present``;
- fail if ``state`` is ``absent``
The failure will have whatever error message modprobe returns when
attempting to remove a builtin module. For example:
``modprobe: ERROR: Module nfs is builtin.``
* Revert "Fix incorrect examples with random filter (#50137)"
This reverts commit 9a7dbd5213.
The correction is incomplete and also based on a 'fix' that was supposed to have been reverted already
* Revert "Added `+1` to the `end` in `random` filter so that it was inclusive (#27215)"
This reverts commit ea2b89c7ae.
reverted fix as agreed at the time, but missed by maintainers.
* win become: refactor and add support for passwordless become
* make tests more stable
* fix up dep message for Load-CommandUtils
* Add further check for System impersonation token
* re-add support for become with accounts that have no password
* doc fixes and slight code improvements
* fix doc sanity issue
* Docs: Add a separate "seealso" section to the module docs
to list related modules and/or related references. This clears up the notes
section for things that are actual notes.
So you can add a section in your module documentation and four types of
references are possible.
seealso:
# Reference by module name
- module: aci_tenant
# Reference by module name, including description
- module: aci_tenant
description: ACI module to create tenants on a Cisco ACI fabric.
# Reference by rST documentation anchor
- ref: aci_guide
description: Detailed information on how to manage your ACI infrastructure using Ansible.
# Reference by Internet resource
- name: APIC Management Information Model reference
description: Complete reference of the APIC object model.
link: https://developer.cisco.com/docs/apic-mim-ref/
This PR also includes:
- Implements ansible-doc support
- Implements schema support for the seealso options
- Updates to the development documentation
- Rename filter convert_symbols_to_format to rst_ify, cfr the existing html_ify and tty_ify filters
- This makes the existing template a lot easier to read and fixes the confusion I had myself rereading the template (again).
- We fixed the possible suboption types (which was limited to 'bool' only)
* Use latest stable instead of devel docs
* inventory plugins: try auto before ini
auto plugin should run before ini to avoid ini being able to parse
some plugin configuration YAML files successfully.
* Update comment
comment was added by 2ffe3c42bb but
related code was later removed by
506e6a0b2d.
* Add info about loop based on jinja2 loop var
* ansible_loop
* Update test count
* Add extended loop_control that defines whether ansible_loop should be added
* Extended needs to be defaulted
* Revert "Update test count"
This reverts commit f1e93ee469825f4cdcd90fb28667d29aa088275c.
* Add docs about loop_control.extended
* Add revindex and revindex0
* Document ansible_loop in special vars
* Add changelog fragment
* Add tests, change items to allitems so that dot notation works, fix logic error with previtem
It was super incomplete, and the interface was pretty strange; it had
built-in features to handle pretty bespoke workflows ("clean504",
e.g.) but was lacking lots of other useful features (like the ability
to create a webhook with a shared secret). Rather than try to update
the interface in a backwards compatible way, I've replaced it with the
more predictable, single-purpose github_webhook and
github_webhook_facts modules.
* Fix FactCache to conform to the dict API
* update needs to take a dict rather than a key and a value
* __init__ needs to allow for setting the intial dictionary
* Remove unneeded _display and _cache attributes
* Move ansible.plugins.cache.FactCache to
ansible.vars.fact_cache.FactCache because this isn't part of the cache
plugin API.
* Add backwards compatibility when calling update on the new FactCache
* Remove code for calling old FactCache. There's no way to call the old
FactCache so there's no need for backwards compatible code for calling
code. Backwards compatibility is handling things which are calling
the new FactCache.
* Port our code to the new FactCache location.
* Added recommendation about module name
Added general guidelines for naming a module.
Fixes: #19665
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
The ansible-test shell command doesn't have a --python option; you
have to specify the tox environment directly to the --tox command
Partially fixes: #49349
Currently there is no `netplan` support in open-vm-tools. Therefore it's
nice to have a quick workaround in our documentation
Signed-off-by: Christian Rebischke <chris@nullday.de>
* Add append_hash functionality to k8s module
append_hash adds a hash based on the contents of a ConfigMap
or Secret to the name - this enables immutable ConfigMaps and
Secrets.
* Provide k8s_config_resource_name plugin
The k8s_config_resource_name filter plugin provides a means of determining
the name of ConfigMaps and Secrets created with append_hash
* Add changelog fragment
* fix failing tests
* Update openshift version needed for append_hash
* Add difference tracking tool
* Improve --diff mode for docker_container.
* Improve diffs of sets by ordering the sets.
* Rewrite imports, get rid of HAS_DOCKER_PY_x variables and use docker_version instead.
* Rename container -> active (more generic).
* Add --diff for docker_volume. Change old diff output.
* Add --diff for docker_network. Change old diff output.
* Add --diff for docker_swarm_service.
* Add changelog.
* Add entry for porting guide on docker_network and docker_volume.
* XenServer related modules - initial commit
- New module_util: xenserver. Contains common module arguments, functions
and classes useful for future XenServer related modules.
- New module_docs_fragment: xenserver. Describes common module arguments.
- New module: xenserver_guest. Supports VM deployment, reconfiguration,
removal, detection of changes, state management, fact gathering and
Ansible check mode. Module is fully documented.
- Updated: developing_module_utilities.rst.
- Module params, workflow and some functions are based on or taken from
vmware_guest module.
* Implemented support for configuring custom VM params in xenserver_guest module
* Compatibility fixes and documentation update
- xenserver module_util: implemented support for XenAPI.py version older
than 7.2.
- xenserver module_util: PEP8 fixes.
- xenserver module_util: Added missing imports.
- xenserver module_util: Copyright notice fixes.
- xenserver_guest module: updated module documentation with notes regarding
module requirements and compatibility.
- xenserver_guest module: bumped version_added to 2.7.
- xenserver_guest module: minor fixes.
* VM power state management refactoring, subargument specs in xenserver_guest module, other fixes
- VM power state management code moved from xenserver_guest module to xenserver
module_util (set_vm_power_state function).
- Code for waiting for VM IP address moved from xenserver_guest module to
xenserver module_util (wait_for_vm_ip_address function).
- xenserver module_util: implemented get_object_ref function to clean up
a lot of repeated code in xenserver_guest module.
- xenserver module_util: added additional aliases 'host' and 'pool' for
'hostname' common module argument. They are more in line with what
XenServer users are familiar with.
- xenserver module_util: minor fixes.
- xenserver_guest module: removed VM state management other than 'present',
'absent' and 'poweredon'. Other states are to be managed by separate module.
- xenserver_guest module: added subargument specs and cleaned up custom code
for subargument validation.
- xenserver_guest module: reorganized code for disk and network reconfiguation
to minimize code duplication.
- xenserver_guest module: renamed 'cdrom.iso' module argument to
'cdrom.iso_name', avoids cryptic error message when parameter is
missing.
- xenserver_guest module: documentation update.
- xenserver_guest module: changes in error messages.
- xenserver_guest module: minor fixes.
* Implemented guest OS network parameter configuration and other
- xenserver module_util: moved code for validating MAC addresses from
xenserver_guest module and implemented a range of functions for validating
IP addresses and related entities and converting prefixes to netmasks and
vice versa.
- xenserver module_util: updated fact gathering code to support guest OS
network parameters.
- xenserver module_util: added docstrings.
- xenserver module_util: minor changes.
- xenserver_guest module: implemented support for guest OS network parameter
configuration.
- xenserver_guest module: changed CD-ROM handling code.
- xenserver_guest module: changed so that user friendly version of changes
list is always returned in module result.
- xenserver_guest module: error message changes.
- xenserver_guest module: added docstrings.
- xenserver_guest module: documentation update.
- xenserver_guest module: minor changes and fixes.
* Various fixes and code cleanup
- xenserver module_util: implemented get_xenserver_version function.
- xenserver module_util: moved customization agent detection code to
gather_vm_params function. customization_agent variable is now part of
vm_params. An exception in customization agent detection code that prevented
deployment of new VMs is also fixed.
- xenserver module_util: added support for alternative VM state names with
dash and underscore in set_power_state function.
- xenserver_guest module: removed customization agent detection code
as it is now implemented in xenserver module_util.
- xenserver_guest module: fixed a bug in xenserver_data update code that
occured when "networks.mac" was not specified in module params and
other fixes.
- xenserver_guest module: some code cleanup.
- xenserver_guest module: bumped version_added to 2.8.
* Support skip of platforms by version in tests.
Previously a remote platform could be skipped completely using the alias:
`skip/{platform}` such as `skip/rhel`
Now a specific platform version can be skipped using the alias:
`skip/{platform}{version}` such as `skip/rhel7.6`
This feature is available for platforms specified with the `--remote` option.
* Add skip by version to the docs.
* -Change: Include dependency role names in `role_names`.
-Add: `play_role_names` magic variable to include only explicitly named roles (formerly `role_names`).
-Add: `dependent_role_names` magic variable to include all dependency names for all roles.
* -Change: use the ansible_ prefix for new magic variables.
-Change: keep `role_names` as a deprecated variable, using the old functionality.
* -Add: changelog fragment for the role_names rework.
* -Add: Tests for the role_names (and ansible_*role_names) special variables
* -Fix: resolve erroneous documentation snippet that was introduced after rebasing.
* -Fix: explicitly sort to ensure list comparison works in test.
* docs - adapted abadger's changelog announcement email into dev process
Signed-off-by: Adam Miller <admiller@redhat.com>
* migrate changelog docs to one place, add ref to old location
Signed-off-by: Adam Miller <admiller@redhat.com>
* add changes based on feedback
Signed-off-by: Adam Miller <admiller@redhat.com>
* Refines changelog docs, minor re-org of page
* moves links and anchors for new content
* Further reorg of page
* fixes header per jamescassell
* Start of code-smell test that can find deprecated config items
* Strip deprecated.version from config item
* Don't use os.walk, rely on explictly passed list of files
* Properly disable the test
* Add docs
* Make config an orphan
* add note regarding {host,group}_vars directory lookup semantics
While the 'ansible-playbook' command will look for {host,group}_vars in
both the playbook and inventory directories, the 'ansible' command
will only look in the inventory directory. This follows from a close
reading of the documentation but isn't explicit and leads to the
perhaps unexpected result that you can run both commands with the same
configuration in the same directory and get different results.
This commit adds a note to the documentation making the difference in
behavior explicit.
Closes#48065
* incorporates bcoca feedback
From installing / Running from source.
Since the repomerge, Ansible doesn't use submodules. Also, between 2.12.0 and 2.13.0 git dropped '--recursive' in favor of '--recurse-submodules'.
* Added basic equivalent to PowerShell modules
* changes based on latest review
* Added tests
* ignore sanity test due to how tests are set up
* Changes to work with PSCore
* Added documentation and change updated more modules
* Add some speed optimisations to AddType
* fix some issues in the doc changes
* doc changes
* Removed deprecated ANSIBLE_HOSTS
* Bump sudo/su configs to match deprecation version for cli and playbook args
* Bump include configs to match deprecation version for 'include'
* There were 2 introduction headings
line 36 was a duplicate 'introduction' heading, and the section is more of a requisites description.
+label: docsite_pr
* edit for line 32+33 & 45>50 added
* Fixes#18568
* Commit of the first set of utm modules
* added documentation line for module_utils file
* removed other utm modules for the first pr
* added maintainers to botmeta
* implemented fixes for shippable
* fixed whitespaces and newlines in included doc fragment
* added types and choices to documentation
* fix for E501
* Implemented change requests
* changed utm_utils license to BSD
* changed str() to to_native()
* added a status state that will just return information about my object
* renamed state 'status' to 'info'
* added team_e-spirit to botmeta and added the team as maintainer for the utm_utils
* only return a result if the lookup was not empty. Do not return a null result
* removed info state
* added boilerplate
* made preparation for info-only modules
* Add shorthand debugger method to recreate the task from the original ds, and re-template. Fixes#46321
* Fix rst header
* Indicate update_task was added in 2.8
* Fix prompt mismatch issue for ios
Fixes#40884#44463
* If the command prompt is matched check if data is
still pending to be read from buffer.
* This fix adds a new timer `buffer_read_timeout`
which will be trigerred after command prompt
is matched and data is attempted to be read from channel.
If not data is present of channel the timer will expire
and response we be returned to calling function.
* Fix unit test failure
* Update to make buffer timeout float
* Update doc and fix review comment
* Fix CI issues
* Update doc
* Fix review comments
* Fix review comments
* add note about named tasks in blocks
Signed-off-by: Adam Miller <admiller@redhat.com>
* adds names to tasks within example block, removes 2nd example
* removes traces of bad rebase
<!--- Your description here -->
+label: docsite_pr
Windows Subsystem for Linux is now officially supported by Microsoft. It is out of beta and will be shipping on Windows Sever 2019.
* Add symlinks sanity test.
* Replace legacy test symlinks with actual content.
* Remove dir symlink from template_jinja2_latest.
* Update import test to use generated library dir.
* Fix copy test symlink setup.
* Fix spelling of 'separate' throughout.
* Various cleanups in the User Guide for Vault.
- Fix spelling of 'algorithm'
- Fix indentation of nested list in payload format
- Fix mysterious refernce to 'b_pkey1'.
- Fix reference to newline as '\n': the backslash is lost when rendered
to the docs website. Specify the hex value for newline instead of the
backslash escape.
* Fix formatting
* Update vault.rst
* adds support for null values to the ternary filter
This change adds a third optional argument to the ternary filter to
handle a null value. If the third option is specified null and false
are treated differently.
For instance, take the following example:
{{ enabled | ternary('no shutdown', 'shutdown') }}
If enabled == True, then 'no shutdown' is used.
If enabled in (False, None), then 'shutdown' is used.
With this change the following is possible:
{{ enabled | ternary('no shutdown', 'shutdown', omit) }}
If enabled == True, then 'no shutdown'
If enabled == False, then 'shutdown'
If enabled == None, then omit
* update documentation with example of filter
* update filter documentation example per comments
* fix logic error in user_guide example
* win async: use async_dir for the async results file directory
* tried to unify POSIX and PowerShell async implementations of async_dir
* fix sanity issue
The documented way to execute module code locally wasn't always working:
$ python ./lib/ansible/modules/files/file.py <<< '{"ANSIBLE_MODULE_ARGS": {}}'
Traceback (most recent call last):
File "./lib/ansible/modules/files/file.py", line 177, in <module>
from ansible.module_utils.basic import AnsibleModule
File "~/ansible/lib/ansible/module_utils/basic.py", line 78, in <module>
import tempfile
File "~/ansible/lib/ansible/modules/files/tempfile.py", line 69, in <module>
from tempfile import mkstemp, mkdtemp
ImportError: cannot import name 'mkstemp'
* Add the key_name/value_name options to dict2items - as with items2dict, allow users to configure the key/value name for dict2items, add "version added" and examples
Adds the `--update` flag to automatically update the cache and the `--yes` flag to disable the Ansible repo description and skips confirmation dialog. +label: docsite_pr
* Merge issue
* Update cnos_rollback.py
* Updating license for the refactored method
* Update cnos_rollback.py
* Removing the BSD License as suggested by Legal
* To add Documentation for ENOS as well as CNOS
* Merge issue
* Revert "To add Documentation for ENOS as well as CNOS"
This reverts commit 80e6e39054be0c3a8f95d16dc39ca9d93baf8c4b.
* Adding Docs for ENOS and CNOS
* Update cnos.py
* Update cnos_rollback.py
* Update cnos.py
* Update platform_cnos.rst
* Update platform_enos.rst
* Removed version 2.7
* Removing 2.7
plugins/ is COMMUNITY
Set sensible defaults for directories
support:network for the platforms that we Networking SUPPORTS,
everything else is COMMUNITY
Mark other support:network (ansible-connection, etc)
Infoblox is support:core
contrib/ by definition should be support:community
Remove duplicated labels
Make yamllint happy(ier)
Adds sanity test to ensure BOTMETA.yml is valid
* Make the following scripts idempotent so that we only have to rebuild changed docs, not all docs:
* plugin_formatter
* generate_man
* dump_keywords.py
* dump_config.py
* testing_formatter.sh
* update porting guides
With PR #40532 `shade` library was retired and replaced with direct use
of `openstacksdk`. Porting guides and doc about dynamic inventory were
not updated.
* orphans testing pages to avoid not-in-toctree errors
* orphans various pages pending reorg
* adds module_utils and special_vars to main TOC
* uses a glob for scenario_guide TOC
* normalize and Sentence-case headings on community pages, typos
* re-orgs community TOC, adds all pages to toctree
* removes scenario guides index page
* adds style guide to community index
* basic update to style guide
* fix typo that created a new error
* removes not-in-toctree from ignore errors list
* leave removing files for future cleanup task
* Add docs on how to write changelog fragments
* Make recommended changes
* Restore lines and make recommended changes
* Add link to new style changelog
Remove redundant mention of old style changelog
* Initial commit for the Meraki scenario guide
* Added Meraki guide to indexes, fixed an error
* Added common parameters to scenario guide
* Add additional information for first draft
- Added very common parameters everyone uses.
- Documented common format for returned data from Meraki.
- High level explanation of error handling.
* Fix .rst formatting error
* Added section about handling returned data. More to come.
* Small formatting changes
* expect ssh_key_data to be a string instead of path
ssh_key_data should be a string filled with the private key
the old behavior can be archived with a lookup
Fixes#45119
* clarifies ssh_key_data description, adds newline
<!--- Your description here -->
`pip install ansible[azure]` results in `zsh: no matches found: ansible[azure]` at least in my computer (zsh on Ubuntu). I don't know if it is the case with all shells, but at least for me it is. Since square brackets `[]` are special characters in bash, I propose adding single quotes to make sure that package name is always interpreted as literal. The same error is also resolvable by setting noglob.
Correct and clarify "set_fact" example, expanding on what is happening
in the easy-to-get-wrong import mode. Add some additional links to "group_by" documentation and the main import/include discussion.
Closes: #31596
* Improve clarity of precedence when command-line parameters are used.
* Add command-line values into the precedence list.
* Several sample config snippets were included without any explanation
of how those snippets would be processed. Added descriptions so that
the reader can understand what each snippet will (or won't) accomplish.
* Don't focus on inventory as much
Expand on the fact that it's the fact that a variable is set that
matters, not the source of the variable.
* fixed network automation index issues
* replace :doc: with :ref:
* fixed anchor misspelling
* fix toc/nav issue -do not put toctree under a subheader
* Share the implementation of hashing for both vars_prompt and password_hash.
* vars_prompt with encrypt does not require passlib for the algorithms
supported by crypt.
* Additional checks ensure that there is always a result.
This works around issues in the crypt.crypt python function that returns
None for algorithms it does not know.
Some modules (like user module) interprets None as no password at all,
which is misleading.
* The password_hash filter supports all parameters of passlib.
This allows users to provide a rounds parameter, fixing #15326.
* password_hash is not restricted to the subset provided by crypt.crypt,
fixing one half of #17266.
* Updated documentation fixes other half of #17266.
* password_hash does not hard-code the salt-length, which fixes bcrypt
in connection with passlib.
bcrypt requires a salt with length 22, which fixes#25347
* Salts are only generated by ansible when using crypt.crypt.
Otherwise passlib generates them.
* Avoids deprecated functionality of passlib with newer library versions.
* When no rounds are specified for sha256/sha256_crypt and sha512/sha512_crypt
always uses the default values used by crypt, i.e. 5000 rounds.
Before when installed passlibs' defaults were used.
passlib changes its defaults with newer library versions, leading to non
idempotent behavior.
NOTE: This will lead to the recalculation of existing hashes generated
with passlib and without a rounds parameter.
Yet henceforth the hashes will remain the same.
No matter the installed passlib version.
Making these hashes idempotent.
Fixes#15326Fixes#17266Fixes#25347 except bcrypt still uses 2a, instead of the suggested 2b.
* random_salt is solely handled by encrypt.py.
There is no _random_salt function there anymore.
Also the test moved to test_encrypt.py.
* Uses pytest.skip when passlib is not available, instead of a silent return.
* More checks are executed when passlib is not available.
* Moves tests that require passlib into their own test-function.
* Uses the six library to reraise the exception.
* Fixes integration test.
When no rounds are provided the defaults of crypt are used.
In that case the rounds are not part of the resulting MCF output.
Since the ACI modules (like most network-related modules) run on the
local controller, this PR adds the necessary details so users are aware
of this particular feature.
Extends `module_defaults` by adding a prefix to defaults `group/` which denotes a builtin list of modules. Initial groups are: `group/aws`, `group/azure`, and `group/gcp`
Wow, this does not seem to be an uncommon misspelling. Might be there
are some left that span over two lines. I noticed the one in the git
module and then used `grep -rw 'the the'` to find some more.
Blocks currently don't support loops such as with_items or sequence. It would be helpful to make this clear in the docs otherwise it's a bit of a gotcha.
+label: docsite_pr
Fixes#40650Fixes#40245Fixes#41541
* Refactor netconf_config module as per proposal #104
* Update netconf_config module metadata to core network supported
* Refactor local connection to use persistent connection framework
for backward compatibility
* Update netconf connection plugin configuration varaibles (Fixes#40245)
* Add support for optional lock feature to Fixes#41541
* Add integration test for netconf_config module
* Documentation update
* Move deprecated options in netconf_config module
* restore task arg splatting
* reverts #41804
* supersedes #41295
* fixes#42192
* after lots of discussion amongst the core team, we decided to preserve this feature, clarify the runtime warnings/docs, and prioritize a path toward fixing the underlying behavior that causes this feature to be insecure (un-namespaced facts).
* update faq text
note that warning is disabled when inject_facts_as_vars is
* wordsmithing FAQ entry
The "viewdocs" target was removed in
0381bc170c681b6ea8a94467c62e0694e3d9029d; running "make webdocs" gets
you the output for initial testing purposes.
* Remove use of simplejson throughout code base. Fixes#42761
* Address failing tests
* Remove simplejson from contrib and other outlying files
* Add changelog fragment for simplejson removal
Example instantiates an AnsibleError which derives from Exception but doesn't actually raise it like intended. This is misleading as it's not clear without examining the code for AnsibleError to know that it's not some function which would raise the exception automatically.
* Update troubleshooting doc for command timeout
* Update timeout document to reflect the new way to set
command timeout per task basis for network_cli and netconf
connection type as per PR #42847
* Fix CI failure
* Fix review comment
* Fix typo in doc
* Implement initial RouterOS support
* Correct matchers for license prompts
* Documentation updates & mild refactor
* Remove one last Cisco function
* Sanity test fixes
* Move imports to the beginning
* Remove authorize property
* Handle ANSI codes
* Revert to_lines function
* CR fixes
* test(routeros): add unit tests
* Added another test (with ANSI colors and banner in fixture).
* Ignore CRLF line endings in system_package_print file
* fix: review by ganeshrn
Now that we don't need to worry about python-2.4 and 2.5, we can make
some improvements to the way AnsiballZ handles modules.
* Change AnsiballZ wrapper to use import to invoke the module
We need the module to think of itself as a script because it could be
coded as:
main()
or as:
if __name__ == '__main__':
main()
Or even as:
if __name__ == '__main__':
random_function_name()
A script will invoke all of those. Prior to this change, we invoked
a second Python interpreter on the module so that it really was
a script. However, this means that we have to run python twice (once
for the AnsiballZ wrapper and once for the module). This change makes
the module think that it is a script (because __name__ in the module ==
'__main__') but it's actually being invoked by us importing the module
code.
There's three ways we've come up to do this.
* The most elegant is to use zipimporter and tell the import mechanism
that the module being loaded is __main__:
* 5959f11c9d/lib/ansible/executor/module_common.py (L175)
* zipimporter is nice because we do not have to extract the module from
the zip file and save it to the disk when we do that. The import
machinery does it all for us.
* The drawback is that modules do not have a __file__ which points
to a real file when they do this. Modules could be using __file__
to for a variety of reasons, most of those probably have
replacements (the most common one is to find a writable directory
for temporary files. AnsibleModule.tmpdir should be used instead)
We can monkeypatch __file__ in fom AnsibleModule initialization
but that's kind of gross. There's no way I can see to do this
from the wrapper.
* Next, there's imp.load_module():
* https://github.com/abadger/ansible/blob/340edf7489/lib/ansible/executor/module_common.py#L151
* imp has the nice property of allowing us to set __name__ to
__main__ without changing the name of the file itself
* We also don't have to do anything special to set __file__ for
backwards compatibility (although the reason for that is the
drawback):
* Its drawback is that it requires the file to exist on disk so we
have to explicitly extract it from the zipfile and save it to
a temporary file
* The last choice is to use exec to execute the module:
* https://github.com/abadger/ansible/blob/f47a4ccc76/lib/ansible/executor/module_common.py#L175
* The code we would have to maintain for this looks pretty clean.
In the wrapper we create a ModuleType, set __file__ on it, read
the module's contents in from the zip file and then exec it.
* Drawbacks: We still have to explicitly extract the file's contents
from the zip archive instead of letting python's import mechanism
handle it.
* Exec also has hidden performance issues and breaks certain
assumptions that modules could be making about their own code:
http://lucumr.pocoo.org/2011/2/1/exec-in-python/
Our plan is to use imp.load_module() for now, deprecate the use of
__file__ in modules, and switch to zipimport once the deprecation
period for __file__ is over (without monkeypatching a fake __file__ in
via AnsibleModule).
* Rename the name of the AnsiBallZ wrapped module
This makes it obvious that the wrapped module isn't the module file that
we distribute. It's part of trying to mitigate the fact that the module
is now named __main)).py in tracebacks.
* Shield all wrapper symbols inside of a function
With the new import code, all symbols in the wrapper become visible in
the module. To mitigate the chance of collisions, move most symbols
into a toplevel function. The only symbols left in the global namespace
are now _ANSIBALLZ_WRAPPER and _ansiballz_main.
revised porting guide entry
Integrate code coverage collection into AnsiballZ.
ci_coverage
ci_complete
* Support multi-doc yaml in the from_yaml filter
* Most automatic method of handling multidoc
* Only use safe_load_all
* Implement separate filter
* Update plugin docs and changelog
* Update Shippable integration test groups.
* Update integration test group aliases.
* Rebalance AWS and Azure tests with extra group.
* Rebalance Windows tests with another group.
* win_chocolatey: refactor module to fix bugs and add new features
* Fix some typos and only emit install warning not in check mode
* Fixes when testing out installing chocolatey from a server
* Added changelog fragment
* Enable check_mode in command module
This only works if supplying creates or removes since it needs
something to base the heuristic off. If none are supplied it will just
skip as usual.
Fixes#15828
* Add documentation for new check_mode behavior
<!--- Your description here -->
The example has:
`{{ 'Some DNS servers are 8.8.8.8 and 8.8.4.4' | regex_findall('\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b') }}`
It needs be double backslashes to escape the backslashes:
`{{ 'Some DNS servers are 8.8.8.8 and 8.8.4.4' | regex_findall('\\b(?:[0-9]{1,3}\\.){3}[0-9]{1,3}\\b') }}`
+label: docsite_pr
* Update Openstack dynamic inventory link
* Add note for change of script name
* Change name of script to prevent Python module import errors.
Fixes#41562
* First pass at making 'private' work on include_role, imports are always public
* Prevent dupe task execution and overwriting handlers
* New functionality will use public instead of deprecated private
* Add tests for public exposure
* Validate vars before import/include to ensure they don't expose too early
* Add porting guide docs about public argument and change to import_role
* Add additional docs about public and vars exposure to module docs
* Insert role handlers at parse time, exposing them globally
* VMware: Remove VM using vmware_guest
This adds scenario guide for removing VM using vmware_guest module.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* code review comments
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* inventory plugin docs
* added set options
* minor wording and formatting fixes
* changed headers to std as per #35520, also added to main readme
* unified inventory plugin devel, referenced from generic plugin dev
* fixed typos and update as per feedback
Fixes#37262Fixes#36284
* Updates options in netconf connection to enable
bastion/jump host setting using configuration/enviornment
varaibles.
* Update troubleshooting docs from using bastion host with netconf
connection
* Revert "Account for empty string regexp in lineinfile (#41451)"
This reverts commit 4b5b4a760c.
* Use context managers for interacting with files
* Store line and regexp parameters in a variable
* Add warning when regexp is an empty string
* Remove '=' from error messages
* Update warning message and add changelog
* Add tests
* Improve warning message
Offer an equivalent regexp that won't trigger the warning.
Update tests to match new warning.
* Add porting guide entry for lineinfile change
* runas + async - get working on older hosts
* fixed up sanity issues
* Moved first task to end of test for CI race issues
* Minor change to async test to be more stable, change to runas become to not touch the disk
* moved async test back to normal spot
* add a third way to disable cows
Cows are great, but there's a third way to disable. I'm sure my RST markup can be improved.
* oops, actually in ansible.cfg
Read the Docs moved hosting to readthedocs.io instead of
readthedocs.org. Fix all links in the project.
For additional details, see:
https://blog.readthedocs.com/securing-subdomains/
> Starting today, Read the Docs will start hosting projects from
> subdomains on the domain readthedocs.io, instead of on
> readthedocs.org. This change addresses some security concerns around
> site cookies while hosting user generated data on the same domain as
> our dashboard.
Documented procedure to handle package dependencies required by
packages which are Ansible dependencies.
Fixes: #30732Fixes: #16571
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Add docs detailing how to convert many with_X style loops to use loop and filters. Fixes#40727
* Switch lookup used in query vs lookup comparison, to not recommend use of nested lookup
* Improve docs based on feedback
Address Firefox table-rendering issues in docs. Refactor to use colspan to provide table cells which can vary in width and indentation; the outermost has the greatest colspan, and each nested key has a colspan of one less than the parent, with padding cells for indentation.
Apply styling to table cells to get the table height to work without hacks or browser-specific
styling. Simplify the markup and CSS by removing extra divs. Use two passes over the options, return values, and return facts in the Jinja2 module-docs template: one to determine the maximum nesting depth to compute the maximum colspan needed, plus one to lay out the rows.
* Move k8s modules to dynamic backend
* update required openshift version
* update -> patch
* use new dynamic client exceptions
* style
* guard urllib3 import
* guard ansibleerror import
* give more information about error cause
* format in variable
* style
* rename tests
* Search for provided kind in a few more places to match old behavior, properly handle failure
* make common code use fail instead of fail_json, to work for lookup plugins as well
* update docs
* move openshift_raw tests into k8s tests
* fix typo
* Use diff of response and resource to determine change, don't do any checking client-side before making requests
* remove duplicate yaml blocks
* Update porting guide for k8s module
* remove invalid doc refs
* If fuzzy searching finds a resource, update resource_definition to match proper kind and version
* remote unsupported openshift_raw variables
* properly check environment variables when determining auth method:
* Add a 'machinectl shell' become_method
* docs: add explanations for the machinectl become_method
* docs: machinectl become_method: specify this part is specific to Linux+systemd setups
This Makefile uses non-standard constructs. As such it can only be
parsed by GNU make, which is often installed as 'gmake' instead of
'make'. Using $(MAKE) ensures the same version of make gets called that
is used to execute the top level.
OpenBSD comes with its own encryption utility as well, which must be run on the password text `encrypt <password>`. following the code block above, i just included the base command in the code block. I wasn't quite sure where to add my change, so I put it at the bottom of the section since the rest all flows well together.
+label: docsite_pr
* Docs - add shared snippet note about password prompts for ssh keys
Signed-off-by: Adam Miller <admiller@redhat.com>
* add note to ssh connection plugin, fix markup, fix typo
Signed-off-by: Adam Miller <admiller@redhat.com>
* * Memset:
* module_utils and associated documentation.
* module to manage DNS zones.
* integration tests to run against Memset's API.
* * memset.py:
* remove import of requests from memset.py in favour of internal Ansible modules.
* import necessary Ansible modules for request and response handling.
* create a response object in order to retain a stable interface to memset_api_call from existing modules.
* rework memset_api_call to remove requests.
* memset_zone.py:
* improve short description to be more verbose.
* ensure all imports directly follow documentation.
* remove any reference to requests.
* correct keyerror carried over from elsewhere.
* remove dependency on requests from documentation string
* disable integration tests until we have a cleanup method available
* HTTPAPI connection
* Punt run_commands to cliconf or httpapi
* Fake enable_mode on eapi
* Pull changes to nxos
* Move load_config to edit_config for future-preparedness
* Don't fail on lldp disabled
* Re-enable check_rc on nxos' run_commands
* Reorganize nxos httpapi plugin for compatibility
* draft docs for connection: httpapi
* restores docs for connection:local for eapi
* Add _remote_is_local to httpapi
* Change behavior to behaviour
- use existing fact to get hash setting rather than shell task
- fix code highlighting syntax in playbooks_variables.rst
* Re-wrote intro section; this entire topic needs a clean-up/rewrite.
* Set src in the state functions rather than the toplevel
A good API should only require passing one version of a piece of data
around so do that for src
* Move the rewriting of path into additional_parameter_handling
When the path is a directory we can rewrite the path to be a file inside
of the directory
* Emit a warning when src is used with a state where it should be ignored
* Update structure to include file extensions
It is not clear to novice users that the host/group_vars files should be yaml files. This highlights that IMHO a bit more clearer.
* pluralize
ARA is an Ansible callback that records playbook run data in a local
or remote database. This data is exposed through a CLI client as well
as a reporting web application.
* Allow subspec defaults to be processed when the parent argument is not supplied
* Allow this to be configurable via apply_defaults on the parent
* Document attributes of arguments in argument_spec
* Switch manageiq_connection to use apply_defaults
* add choices to api_version in argument_spec
* base64 filter: Added ability to specify encoding
* Added unicode chars for further testing
* Removed errors to keep previous behaviour in place
* Removed surrogate pairs due to issues loading YAML in CI
* Initial commit
Query an organization within Meraki. No support is in place for managing
or creating yet
* Change output_level method and make the state parameter required.
* Implemented listing all organizations
- Updated documentation
- Parse results and return all organizations
- Parse results and return specified organization
* Framework for creating an organization
- Documentation example for organization creation
- Framework exists for creating organizations, pending PR 36809
- Created functions for HTTP calls
- Renamed from dashboard.meraki.com to api.meraki.com
- Added required_if for state
* Remove absent state
- Meraki API does not support deleting an organization so absent is removed
- Updated documentation to call it state instead of status
* Small change to documentation
* Support all parameters associated to organization
- Added all parameters needed for all organization actions.
- None of the added ones work at this time.
- Added documentation for clone.
* Integration test for meraki_organization module
* Rename module to meraki for porting to module utility
* Meraki documentation fragment
- Created initial documentation fragment for Meraki modules
* Add meraki module utility to branch. Formerly was on a separate branch.
* CRU support for Meraki organization module
* CRU is supported for Meraki organizations
* There is no DELETE function for organizations in the API
* This code is very messy and needs cleanup
* Create and Update actions don't show status as updated, must fix
* Added Meraki module utility to module utility documentation list
* Added support for organization cloning
* Renamed use_ssl to use_https
* Removed define_method()
* Removed is_org()
* Added is_org_valid() which does all org sanity checks
* Fixes for ansibot
- Changed default of use_proxy from true to false
- Removed some commented out code
- Updated documentation
* Changes for ansibot
- Removed requirement for state parameter. I may readd this.
- Updated formatting
diff --git a/lib/ansible/module_utils/network/meraki/meraki.py b/lib/ansible/module_utils/network/meraki/meraki.py
index 3acd3d1038..395ac7c4b4 100644
--- a/lib/ansible/module_utils/network/meraki/meraki.py
+++ b/lib/ansible/module_utils/network/meraki/meraki.py
@@ -42,7 +42,7 @@ def meraki_argument_spec():
return dict(auth_key=dict(type='str', no_log=True, fallback=(env_fallback, ['MERAKI_KEY'])),
host=dict(type='str', default='api.meraki.com'),
name=dict(type='str'),
- state=dict(type='str', choices=['present', 'absent', 'query'], required=True),
+ state=dict(type='str', choices=['present', 'absent', 'query']),
use_proxy=dict(type='bool', default=False),
use_https=dict(type='bool', default=True),
validate_certs=dict(type='bool', default=True),
diff --git a/lib/ansible/modules/network/meraki/meraki_organization.py b/lib/ansible/modules/network/meraki/meraki_organization.py
index 923d969366..3789be91d6 100644
--- a/lib/ansible/modules/network/meraki/meraki_organization.py
+++ b/lib/ansible/modules/network/meraki/meraki_organization.py
@@ -20,11 +20,9 @@ short_description: Manage organizations in the Meraki cloud
version_added: "2.6"
description:
- Allows for creation, management, and visibility into organizations within Meraki
-
notes:
- More information about the Meraki API can be found at U(https://dashboard.meraki.com/api_docs).
- Some of the options are likely only used for developers within Meraki
-
options:
name:
description:
@@ -32,21 +30,18 @@ options:
- If C(clone) is specified, C(name) is the name of the new organization.
state:
description:
- - Create or query organizations
- choices: ['query', 'present']
+ - Create or modify an organization
+ choices: ['present', 'query']
clone:
description:
- Organization to clone to a new organization.
- type: string
org_name:
description:
- Name of organization.
- Used when C(name) should refer to another object.
- type: string
org_id:
description:
- ID of organization
-
author:
- Kevin Breit (@kbreit)
extends_documentation_fragment: meraki
@@ -86,7 +81,6 @@ RETURN = '''
response:
description: Data returned from Meraki dashboard.
type: dict
- state: query
returned: info
'''
@@ -103,6 +97,7 @@ def main():
argument_spec = meraki_argument_spec()
argument_spec.update(clone=dict(type='str'),
+ state=dict(type='str', choices=['present', 'query']),
)
@@ -125,11 +120,9 @@ def main():
meraki.function = 'organizations'
meraki.params['follow_redirects'] = 'all'
- meraki.required_if=[
- ['state', 'present', ['name']],
- ['clone', ['name']],
- # ['vpn_PublicIP', ['name']],
- ]
+ meraki.required_if = [['state', 'present', ['name']],
+ ['clone', ['name']],
+ ]
create_urls = {'organizations': '/organizations',
}
@@ -162,23 +155,16 @@ def main():
-
- # method = None
- # org_id = None
-
-
- # meraki.fail_json(msg=meraki.is_org_valid(meraki.get_orgs(), org_name='AnsibleTestOrg'))
-
if meraki.params['state'] == 'query':
- if meraki.params['name'] is None: # Query all organizations, no matter what
- orgs = meraki.get_orgs()
- meraki.result['organization'] = orgs
- elif meraki.params['name'] is not None: # Query by organization name
- module.warn('All matching organizations will be returned, even if there are duplicate named organizations')
- orgs = meraki.get_orgs()
- for o in orgs:
- if o['name'] == meraki.params['name']:
- meraki.result['organization'] = o
+ if meraki.params['name'] is None: # Query all organizations, no matter what
+ orgs = meraki.get_orgs()
+ meraki.result['organization'] = orgs
+ elif meraki.params['name'] is not None: # Query by organization name
+ module.warn('All matching organizations will be returned, even if there are duplicate named organizations')
+ orgs = meraki.get_orgs()
+ for o in orgs:
+ if o['name'] == meraki.params['name']:
+ meraki.result['organization'] = o
elif meraki.params['state'] == 'present':
if meraki.params['clone'] is not None: # Cloning
payload = {'name': meraki.params['name']}
@@ -193,7 +179,10 @@ def main():
payload = {'name': meraki.params['name'],
'id': meraki.params['org_id'],
}
- meraki.result['response'] = json.loads(meraki.request(meraki.construct_path('update', org_id=meraki.params['org_id']), payload=json.dumps(payload), method='PUT'))
+ meraki.result['response'] = json.loads(meraki.request(meraki.construct_path('update',
+ org_id=meraki.params['org_id']),
+ payload=json.dumps(payload),
+ method='PUT'))
diff --git a/lib/ansible/utils/module_docs_fragments/meraki.py b/lib/ansible/utils/module_docs_fragments/meraki.py
index e268d02e68..3569d83b99 100644
--- a/lib/ansible/utils/module_docs_fragments/meraki.py
+++ b/lib/ansible/utils/module_docs_fragments/meraki.py
@@ -35,6 +35,7 @@ options:
description:
- Set amount of debug output during module execution
choices: ['normal', 'debug']
+ default: 'normal'
timeout:
description:
- Time to timeout for HTTP requests.
diff --git a/test/integration/targets/meraki_organization/aliases b/test/integration/targets/meraki_organization/aliases
new file mode 100644
index 0000000000..ad7ccf7ada
--- /dev/null
+++ b/test/integration/targets/meraki_organization/aliases
@@ -0,0 +1 @@
+unsupported
* Formatting fix
* Minor updates due to testing
- Made state required again
- Improved formatting for happier PEP8
- request() now sets instance method
* Fix reporting of the result
* Enhance idempotency checks
- Remove merging functionality as the proposed should be used
- Do check and reverse check to look for differences
* Rewrote and added additional integration tests. This isn't done.
* Updated is_update_required method:
- Original and proposed data is passed to method
- Added ignored_keys list so it can be skipped if needed
* Changes per comments from dag
- Optionally assign function on class instantiation
- URLs now have {} for substitution method
- Move auth_key check to module utility
- Remove is_new and get_existing
- Minor changes to documentation
* Enhancements for future modules and organization
- Rewrote construct_path method for simplicity
- Increased support for network functionality to be committed
* Changes based on Dag feedback and to debug problems
* Minor fixes for validitation testing
* Small changes for dag and Ansibot
- Changed how auth_key is processed
- Removed some commented lines
- Updated documentation fragment, but that may get reverted
* Remove blank line and comment
* Improvements for testing and code simplification
- Added network integration tests
- Modified error handling in request()
- More testing to come on this
- Rewrote construct_path again. Very simple now.
* Remove trailing whitespace
* Small changes based on dag's response
* Removed certain sections from exit_json and fail_json as they're old
* Adding initial skeleton of VMWare docs
* Updated product name capitaliztion; ready for initial PR.
* Add few files and updated some links
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Fixed duplicate anchor tag
Updated GitHub Repos section to better explain what ansible-network@redhat.com is for (not an email list, but adding to the network-automation github repo.
* should not need <>, but fails without
* adds anchor to keywords page, uses it on plugins pages
* fixes envvar link errors
* harmonize file name and ref name as python_3
* removes undefined-lable from ignore list
* Update the documentation to list Python 3 as official
* Add some reference targets for inventory variables so we can link to docs
* Add a platform FAQ section
Populate it with
* virtualenv info (previously on the python3 support page)
* BSD (Link to the working with BSD page)
* Solaris (Document how to work around the non-POSIX shell on some
Solaris hosts)
Fixes#21594
* Fix some refs in the release_and_maintenance document
* Fix unindent error in module template
Fix for the module/plugin template unintentionally unindented inside of
a raw block, leading to errors like:
ERROR: docs/docsite/rst/modules/redshift_facts_module.rst:289:0: Explicit markup ends without a blank line; unexpected unindent.
* Make wording for Solaris troubleshooting better.
The big one is that we needed to set plugin_type when we processed the by_support template.
Also added to list_of_CATEGORY_plugins page (which might not be used)
and corrected a place where I did module_name instead of name_module
* centralize doc/config plugin lists
also update list for generation in docsite
added note to ensure they are in sync
* updated shell page to list plugins
added some more docs hinting at plugins being configurable
* fix edit link for plugins
* docs: Document disabling diff on task level
Tasks that deal with secrets may leak sensitive information when
running in Check Mode. This change updates the documentation explaining
that the diff can be deactivated on task level.
The feature was requested in #14860 and got introduced in Ansible 2.4
with #28581.
* Updated for clarity
The example regarding `include_*` is a bit unclear. First it seems like the v2.4 and v2.5 examples are the same. So I attempted to make the relevant change in the examples more obvious.
label: docsite_pr
I hastily did a copy/paste of the `async` example and it took me
a while to understand that `async` specified a maximum runtime in seconds.
The docs are actually mostly clear on this, but I made this PR while
reading the code.
This also fixes the spelling of "asynchronously".
* Use arg_spec type for comparisons on default and choices
* Further improve type casting
* Make sure to capture output in more places
* Individually report invalid choices
* Update ignore.txt after resolving merge conflicts
* Correct method to get timedelta seconds value
This also adds additional clarification for extracting different time/date values for time deltas
* Small edit
* allow ANSIBLE_KEEP_REMOTE_FILES for local test runner
* add ANSIBLE_KEEP_REMOTE_FILES to tox.ini, update docs
* Clarify handling of environment variables.
* Improve module docs return values
Currently the 5 columns shown doesn't make optimal use of the screen
estate, especially for facts modules this is a problem.
* Add returned facts as a separate section
* Remove whitespace and add support section
Since Notes were moved higher up, the Author, Status and Maintainer
information was now placed under the Return Values section.
* Switch Last Updated and Copyright
* Remove Sphinx/Read-the-Docs plug on every doc page
No need to have this on every page.
This fixes#37021
* Reinstated RTD credit with revised wording.
* Re-removed RTD footer boilerplate.
* Make use of named links in documentation notes
Now that it is possible to name external links, we are making use of
this to make the documentation better.
* Add improvements to ACI documentation
* Disable QA for long line
* Add :menuselection: and :guilabel:
* Improve links on some modules
* Adds the ability to override the doc build output from the command line.
* For safety, removed straight rm of BUILDDIR and removed subdirectories instead.
* Added check to see if BUILDDIR was defined to main makefile
* Automatically stuff reference in commit message
So we probably want to track which edits were performed through the
Github interface, and this change automatically adds a label to the
commit message.
```yaml
<!--- Your description here -->
+label: docsite_pr
```
Eventually this allows to (on regular basis) list the changes from
documentation readers and process them in a separate process.
* Explain what the Ansible Quickstart video does
Rewrote what video does. The video is really not teaching you how to do the work. It explains why you'd want to use Ansible and shows you what it takes (some sample code) . Video also introduces you to other products in the Ansible ecosystem.
* Edit
This PR includes:
- A fix to untemplated {{ plugin_type }} in docs
- Remove the additional info on how to edit module docs (see #36667)
- Add missing delimiter