* Add auth_timeout parameter when supported
Paramiko 2.2 introduces the auth_timeout parameter. This will set the
parameter to the same value of the timeout parameter to prevent
"Authentication timeout" errors.
* Conditionally add auth_timeout to ssh.connect
Renamed sock_kwarg to ssh_connect_kwargs and conditionally added the
auth_timeout parameter based on the installed paramiko version.
* Add changelog fragment
* Included support to AIX group subsystems
AIX systems has subsystems as services but also uses group
subsystems.
For example, spooler is a group subsystem to services
qdaemon, writesrv, and lpd.
This change enables the possibility to use also the group
susbsystmes such as spooler, nfs, etc.
When the service name is informed, first the module will
check if the name is a subsystem, if not it will check if
the name is a group subsystem and also it subsystems states.
This change makes services more flexible with AIX systems.
* Included test/legacy/aix_services.yml for tests
As discussed on IRC ansible-devel channes, was include the
legacy tests for further manual tests.
* csv of memory usage
* Fix var
* Configurable output file
* Add cpu profiling
* Valdiate the existence of cgroup files
* Add guard to prevent exception when trying to reset max memory value
* to_bytes/to_text and docs updates
* Add support for CPU results
* Just track the max, don't log all results, and then calculate max
* Restore cgroup_memory_recap, and move new functionality into cgroup_perf_recap
* Add pid count tracking, restructure to support more profilers
* Add cli tool for graphing cgroup_perf_recap data
* csv_output_dir is a path
* Correct CALLBACK_NAME
* Include uuid in csv data
* fix linting errors
* Bump version_added
* Create helper funciton to create dict from list of keys, with callable default
* Updated notes to include pids
* Print a newline after each section
* Plugin improvements
* Add option to supporess recap display
* Add default for output directory
* Add option to dictate whether or not to write files
* Add JSON-seq output option
* s/uuid/task_uuid
* Use bytes for paths
* Increase polling interval length for pids/memory
* Reduce instance attrs, change how we invoke profilers
* Shorten some line lengths
* Remove more instance attrs
* Fix some typos
* document directory creation, and catch exceptions
* Enable per task file outputs, and filename customization
* s/per_task_file/file_per_task/g
* Introduce 'insertbefore' and 'insertafter' to specify the position children have to be inserted.
* Added version_added to new options
* Xpath in example needs single quotes
* Added integration tests for insertafter and insertbefore
* Changed version_added to 2.8
Currently deleting the storage connection just tries to delete the
connection but it doesn't detach the connection from storage domain.
The patch first tries to detach the connection from storage domain
before attempting to delete the same if the storage domain parameter
is provided.
* Cloudscale integration test setup
CloudProvider and CloudEnvironment classes for Cloudscale integration
tests. This also contains a cloudscale_common role with common
variables for all tests.
* cloudscale_volume module
New cloud module to manage volumes on the cloudscale.ch IaaS service.
* Add checkpoint httpapi plugin and access rule facts module
* WIP checkpoint_access_rule module
* Add publish and install policy, plus fix empty json object request for publish
* Refactor publish and install_policy onto module_utils
* Add update resource logic
* Add checkpoint_host_facts module
* Return code and response on get_acess_rule function
* Add checkpoint_host module
* Add checkpoint_run_script module
* Add checkpoint_task_facts module
* Show all tasks if no task id is passed
Note, this is only available on v1.3 of Checkpoint WS API
* Add update logic to checkpoint host
* Add full details on get task call
* Add checkpoint httpapi plugin
* Fix pep8
* Use auth instead of sid property and return False on handle_httperror method
* Fix version in docstring
* Remove constructor
* Remove Accept from base headers
* Do not override http error handler and assign Checkpoint sid to connection _auth
There is scaffolding in the base class to autoappend the token, given
it is assigned to connection _send
* Use new connection queue message method instead of display
* Remove unused display
* Catch ValueError, since it's a parent of JSONDecodeError
* Make static methods that are not used outside the class regular methods
* Add missing self to previously static methods
* Fix logout
Was carrying copy pasta from ftd plugin
* Remove send_auth_request
* Use BASE_HEADERS constant
* Simplify copyright header on httpapi plugin
* Remove access rule module
* Remove unused imports
* Add unit test
* Fix pep8
* Add test
* Add test
* Fix pep8
* new module: AIX LVM file system and NFS
This module creates, removes, mount and unmount LVM and NFS file system
for AIX using /etc/filesystems. For LVM file systems is also possible
to resize the file system.
* better parameters options structure
better parameters options structure
* Improved file system resize returns
Added better tratment for return codes for file system resize.
When a resize is not possible because no enough space on lv or
shrink is not allowed.
* improved doc and creation file system return code
- improved doc
- creation file system return code 10 was treated.
* Doc recomendations, dict result, line limit
- Added doc recomendations
- Changed return to dict results on main()
- Using 159 columns for code limit
* wrong changed return when file system is already
Fixed wrong changed return when file system is already mounted.
When the file system is already mounted the return for changed
is False.
* Fixed description and included playbook for tests
- Fixed description
- Included playbook for manual tests
* Various small bits to get this merged ASAP
* Rename test/legacy/aix_filesystem.yml to test/integration/targets/aix_filesystem/tasks/main.yml
Move integration test to its proper location
* Create aliases
* Fix CI issues
* Fix backup issue in network config modules
* Fix `get_working_path` not found issue introduced due to
backup config code refactor (PR #50208)
* Further refactor config related action plugins to minimize
duplicate code
* Remove unwated imports in config action plugins
* Add common network class for action plugin and related code refactor
* Fix review comment
* Correct Errors in Documentation
According to the module, "compose" is not required, but the docs said it was - removed the "required" tag. Additionally, the example for removing a stack did not include the required "name" option (this method is why "compose" is not required.
+label: docsite_pr
* Removed change to description
Corrected issue to my "correction" on the description.
* Removed required false
* Removed all instances of required: false.
User module can contain Indentation errors or syntax errors.
Handle AST exceptions rather than showing traceback while importing such module.
Fixes: #21707
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Simplify the requirement section to avoid duplicating info already in mysql_document_fragment.
* Package installation section simplified, mentioned RHEL; a typo fix in "than".
* added dnf for Fedora
* Note: Python2 is not as intelligent at detecting false import loops as
Python3. context_objects.py cannot be added to cli/arguments because it
would set up an import loop between cli/__init__.py,
cli/arguments/context_objects.py, and context.py on Python2.
ci_complete
* Mark methods which are really functions as staticmethod
* Fix calls to other staticmethods to use the subclass rather than the
base class so that any inheritance overriding will be honored.
* Remove unnecessary logic and dead code
* Fix a typo in a docstring of how to implement subclass init_parser()
methods
* Call superclass's post_process_args in ansible-doc
* Fix copyright comment according to suggested practice
The goal of breaking apart the base_parser() function is to get rid of
a bunch of conditionals and parameters in the code and, instead, make
code look like simple composition.
When splitting, a choice had to be made as to whether this would operate
by side effect (modifying a passed in parser) or side effect-free
(returning a new parser everytime).
Making a version that's side-effect-free appears to be fighting with the
optparse API (it wants to work by creating a parser object, configuring
the object, and then parsing the arguments with it) so instead, make it
clear that our helper functions are modifying the passed in parser by
(1) not returning the parser and (2) changing the function names to be
more clear that it is operating by side-effect.
Also move all of the generic optparse code, along with the argument
context classes, into a new subdirectory.
* Once cli args are parsed, they're constant. So, save the parsed args
into the global context for everyone else to use them from now on.
* Port cli scripts to use the CLIARGS in the context
* Refactor call to parse cli args into the run() method
* Fix unittests for changes to the internals of CLI arg parsing
* Port callback plugins to use context.CLIARGS
* Got rid of the private self._options attribute
* Use context.CLIARGS in the individual callback plugins instead.
* Also output positional arguments in default and unixy plugins
* Code has been simplified since we're now dealing with a dict rather
than Optparse.Value
* Move get_all_subclasses out of sys_info as it is unrelated to system
information.
* get_all_subclasses now returns a set() instead of a list.
* Don't port get_platform to sys_info as it is deprecated. Code using
the common API should just use platform.system() directly.
* Rename load_platform_subclass() to get_platform_subclass and do not
instantiate the rturned class.
* Test the compat shims in module_utils/basic.py separately from the new
API in module_utils/common/sys_info.py and module_utils/common/_utils.py
* urldecode filter for Jinja2
We needed this in order to deconstruct correct URLs using Jinja2.
And we might as well upstream this.
* Add integration tests
* Fixes for Python 3
* Add urlencode for older Jinja2
* gcp: documentation update
* Update example about dynamic inventory
* minor typo fixes in gcp_utils
* Additional information about enabling inventory plugin in ansible.cfg
partially fixes: #44404
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* add openssh_cert module
* fix some linter issues
* address review feedback
* add basis for integration tests
* change valid datetime formats
* handle principals as set not as list
* handle principals as set not as list
* handle principals as set not as list
* fix order of dnf api operations so transactions don't fail
Previously dnf.base.fill_sack() was called before
dnf.base.update_cache() which apparently breaks dnf transaction
logic as per https://bugzilla.redhat.com/show_bug.cgi?id=1658694Fixes#49060
Signed-off-by: Adam Miller <admiller@redhat.com>
* add changelog and test case
Signed-off-by: Adam Miller <admiller@redhat.com>
Under Python 3.7 at least, the split of the port field fails
ungracefully if there is no slash. The fix also addresses the
case of an empty protocol after the slash.
* Add support for NRDP notifications
* Correct pep-8 check, adding copyright
* Correct pep-8 check using autopep8
* Update nrdp to 2.6 version
* Update nrdp to 2.7 version
* Use internal ansible url and options modules
* Remove useless comments
* Add option to validate https certs
* Update nrdp to 2.8 version
* Correct nrdp pep8
* Combine systemd units/unit-files output for service_facts
Fixes#47118
Previously we were only taking the output of `systemd units` which
would leave out information about the service units that were
disabled, static, masked, etc. Now we're aggregating the results so
that anything not active/inactive/dead at least is pulled as fact
data with it's state provided.
Signed-off-by: Adam Miller <admiller@redhat.com>
* provide state and status information about services
Fixes#45730
Signed-off-by: Adam Miller <admiller@redhat.com>
* docker_image: add network parameter
Add a network parameter to the docker_image module to specify the
network to use for RUN commands.
Called it network instead of network_mode as the latter seems like a
legacy of when there were just a few default options to choose from,
while now the name of an arbitrary network can be specified.
Fixes#21433
* Format description
* Update docker_image option_minimal_versions
* Ensure network_mode param optional
conn_limit type is set to 'int'. This will allow module to compare conn_limit with record value without type casting.
Fixes: #38118
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Add session tracing support for network_cli, netconf and httapi connection
* Add `persistent_log_messages` configuration option to log device inteaction
in log file for network_cli, netconf and httapi connection
type
* Log jsonrpc request and response in log file is configuration option
is enabled
* Update docs to talk about warning shown when persistent_log_messages is on
* Fix Issue #39598
Signed-off-by: Anas Badaha <anasb@mellanox.com>
* Fix unit test for onyx_config
Signed-off-by: Anas Badaha <anasb@mellanox.com>
* Add comments for save running config
Signed-off-by: Anas Badaha <anasb@mellanox.com>
* Enhance onyx_config bug fix
Signed-off-by: Anas Badaha <anasb@mellanox.com>
* Fix result['changed'] = True comment
Signed-off-by: Anas Badaha <anasb@mellanox.com>
Without this modprobe always reports changed when modprobe-ing a builtin module.
With this, if a kernel module is a builtin, the modprobe module will:
- succeed (without incorrectly reporting changed) if ``state`` is ``present``;
- fail if ``state`` is ``absent``
The failure will have whatever error message modprobe returns when
attempting to remove a builtin module. For example:
``modprobe: ERROR: Module nfs is builtin.``
* MSC: Various bugfixes and features enhancements
This PR includes:
- Lookups of roles, labels and domains
- Auto-create new labels
- Improvements to comparing complex datastructures
- Force removal of sites
- Support non top-level queries
- Document internal functions
- Add parameter types to modules
- Fix documentation examples
- Improvements to idempotency wrt. returning changed
- Support site locations
- Update permission list
- Various improvements to integration tests
* Fix Ci issues
* Handle 'latest' version when installing module for first time
Otherwise, a fresh install of a plugin with 'version: latest' gets installed without its dependencies, rendering the plugin effectively useless.
* Add changelog
* Refactor integration test for lvg module to introduce grow/reduce test
* List correctly current PV in lvg module: fix lvg reduce
Previous behaviour was to only take into account PV passed in 'pvs'
argument. This lead to reduce not working as expecting:
* with state=present and list of wanted pvs, lvg found only the pvs to
add or already present and ignored the pv to remove (obviously absent
from the list of given PV)
* with state=absent and a pv to remove, lvg found that the remaining pvs
list is empty (ignoring possible other PV in the vg) and decides to
remove the vg entirely (as supposely no PV are left anymore to store
lvm metadata)
* Add changelog fragment
* Update `Unknown error` to specific error message
outputs the Exception received rather than just 'Unknown error'
fixes: issue/49713
* Update `Unknown error` to specific error message
improves the error message
When the security group the rule belongs to does not exist and
the state is absent, the module is not properly exited, leading
to a playbook execution failure.
Fixes issue #50057
* added new module to manage deploy keys for BitBucket repositories
* Modified module to pass CI tests
* Updated bitbucket_deploy_key module
* updated message returned when there is an existing deploy key
* bumped version_added to 2.8
* fixed issues reported by ansible-test
Mostly typo/grammar fixes. "Zabbix Server" was changed to just "Zabbix", as it could be slightly confusing - some people might interpret this referencing the server process, although API matters. "capital-case" was changed, as it usually is one of "capital" or "upper-case".
+label: docsite_pr
* Update vmware_deploy_ovf.py
Provided more detailed example using additional, often used parameters
Co-Authored-By: mhoffmann1 <marcin.hoffmann@intel.com>
* Replace variable values in example task
Co-Authored-By: mhoffmann1 <marcin.hoffmann@intel.com>
* Revert "Fix incorrect examples with random filter (#50137)"
This reverts commit 9a7dbd5213.
The correction is incomplete and also based on a 'fix' that was supposed to have been reverted already
* Revert "Added `+1` to the `end` in `random` filter so that it was inclusive (#27215)"
This reverts commit ea2b89c7ae.
reverted fix as agreed at the time, but missed by maintainers.
* Refactoring of cnos_interface module like what followed by other vendors
* To remove cnos-interface from E326 validation ignore list
* Effect of default parameters impacted UT
* Connections can queue messages to be returned from ansible-connection
* Provide fallback for invalid display level
* Strip display from plugins
* Route messages through helper method to try to avoid improper appends
verify_file was improperly always returning true if pyvimomi and requests libs were correct
moved library checking to parse, avoid unneded errors unless the file is actually meant for
this plugin
* rabbitmq_binding: Fix using empty routing key
If the routing key is an empty string we need to use the special props
value ~ in the URL. Otherwise the last part of the URL will be empty,
which will instead be equivalent to the "list all bindings" API call
which always returns 200 OK (as long as the exchange and queue exists).
* rabbitmq_binding: Move routing_key test outside format
Test the routing_key value and set the props value outside the format
call. We leave the original routing_key untouched since its original
value is later needed in create().
* Added organization in the scm_credential get
* Fallback looking for cred in project org
* Tests project with multi org credential
* Fixed CI issue
* Added changelog fragment
* Fix mandatory statement error for junos modules
Fixes#40267
* Add error regex in junos terminal plugin to error out
in case of commit fails
* If commit fails add logic to discard changes before existing
else next task will result in error
* Add integration test
* Minor update
* Revert "allow caller to deal with timeout (#49449)"
This reverts commit 63279823a7.
Flawed on many levels
* Adds poor API to a public function
* Papers over the fact that the public function is doing something bad
by catching exceptions it cannot handle in the first place
* Papers over the real cause of the issue which is a bug in the timeout
decorator
* Doesn't reraise properly
* Catches the wrong exception
Fixes#49824Fixes#49817
* Make the timeout decorator properly raise an exception outside of the function's scope
signal handlers which raise exceptions will never work well because the
exception can be raised anywhere in the called code. This leads to
exception race conditions where the exceptions could end up being
hanlded by unintended pieces of the called code.
The timeout decorator was using just that idiom. It was especially bad
because the decorator syntactically occurs outside of the called code
but because of the signal handler, the exception was being raised inside
of the called code.
This change uses a thread instead of a signal to manage the timeout in
parallel to the execution of the decorated function. Since raising of
the exception happens inside of the decorator, now, instead of inside of
a signal handler, the timeout exception is raised from outside of the
called code as expected which makes reasoning about where exceptions are
to be expected intuitive again.
Fixes#43884
* Add a common case test.
Adding an integration test driven from our unittests. Most of the time
we'll timeout in run_command which is running things in a subprocess.
Create a test for that specific case in case anything funky comes up
between threading and execve.
* Don't use OSError-based TimeoutError as a base class
Unlike most standard exceptions, OSError has a specific parameter list
with specific meanings. Instead follow the example of other stdlib
functions, concurrent.futures and multiprocessing and define a separate
TimeoutException.
* Add comment and docstring to point out that this is not hte Python3 TimeoutError
* Warn of standard behavior of 'default' key store
The default key store typically results in the key being stored as user. In instances where we're trying to install a cert to enable SSL binding in IIS, this will result in an unbind-able cert, as the IIS APPPOOL identity will not be able to read the private key, and presents a very cryptic error of 'A specified logon session does not exist'.
+label: docsite_pr
* fix trailing whitespace
* Use C(user) reference
* specify what's required for successful iis import
- store_location's default value is currently 'LocalMachine' but if this changes it could result in the documentation being inaccurate
- key_exportable is not required for a successful IIS import
* remove stray =
dang cat
Co-Authored-By: tdietrich513 <tom.dietrich@gmail.com>
* Fix example in ini.py
* Fix unittest in test_ini.py to pass CI as latest ansible returns list in
different order. To prevent such issues in future results are sorted
* PEP8 E501 styling improvements
Co-Authored-By: Sergii Golovatiuk <sgolovat@redhat.com>
Trying to use the apt module on a freshly install 16.04 Ubuntu VM with
"ansible -m apt -a 'name=* state=latest' all" fail with this backtrace:
Traceback (most recent call last):
File \"/tmp/ansible_2inxygge/ansible_module_apt.py\", line 1055, in <module>
main()
File \"/tmp/ansible_2inxygge/ansible_module_apt.py\", line 998, in main
upgrade(module, 'yes', force_yes, p['default_release'], use_apt_get, dpkg_options)
File \"/tmp/ansible_2inxygge/ansible_module_apt.py\", line 759, in upgrade
apt_cmd_path = m.get_bin_path(apt_cmd, required=True)
File \"/tmp/ansible_2inxygge/ansible_modlib.zip/ansible/module_utils/basic.py\", line 2182, in get_bin_path
File \"/usr/lib/python3.5/posixpath.py\", line 89, in join
genericpath._check_arg_types('join', a, *p)
File \"/usr/lib/python3.5/genericpath.py\", line 143, in _check_arg_types
(funcname, s.__class__.__name__)) from None
TypeError: join() argument must be str or bytes, not 'NoneType'
It seems that since aptitude is not installed on Xenial, so APTITUDE_CMD is None
and we later hit the bug in the upgrade function since it assume APTITUDE_CMD
is set.
* Improve the output when processing files
* Update docs/bin/plugin_formatter.py
Co-Authored-By: dagwieers <dag@wieers.com>
* Show progress indicator.
* Don't pp.pformat() huge structures when they aren't used anyway.
This saves ~10 seconds on my machine.
* Only show ASCII spinner if stdout is a TTY.
* Fix: E722 do not use bare 'except'
* Add GetManagerNicInventory command for Manager category, and tweak redfish_utils' get_nic_inventory to accommodate manager nic interfaces
* Remove get_manager_nic_inventory, since it is unnecessary while using get_manager in get_nic_inventory
* Rework get_nic_inventory() to take a resource_type as a string, which will be just the category parameter from redfish_facts, making it clearer
* remove extraneous blank line to conform with pep8
* Add GetManagerNicInventory example task to EXAMPLES docstring
* Add cryptography backend for openssl_privatekey.
* Adding ECC support.
No support for X25519 and X449, since they don't support serialization.
* Improve finterprint calculation to work with Python 3.
* Add fingerprint check.
* Fix typo.
* Use separate curve option for elliptic curves, and use type 'ECC'.
* Using curve names as defined in IANA registry.
* Bump minimal supported cryptography version. Older versions might work as well, but I couldn't test them.
* Improve documentation.