* add connect_as, username, password parameters
add tests
* fixed reference to undefined variable.
added version added to new options.
* add changelog fragment
* fix line endings
* use ansible facts to determine os version
remove unused iis version check
test checksum of iis configuration after backup
* correct assertion
* added more cleanup tasks.
* version added is now 2.10
* skip server 2008 r2 for now
* run tests on server 2012 and higher
* Adds win32_disk_drive object to win_disk_facts
* Names class parameter for Get-CimInstance as requested in the devdocs
* Maps whole class and adds docs
* Improve matching of disks when UniqueID is different format
* Improve logic for PNPDeviceID mapping
* Adds test for win32_disk_drive
* win_chocolatey: Fix error when choco.exe not found
* Slight tweak to check and added changelog fragment
* Removed ignore rule that's no longer needed
* win_domain_user: add retry logic for null user principal group
* win_domain_user.ps1: Fix "user without group" case use
* Added changelog fragment
* Fix up missing dollar sign
* Add default value to 0 for disk in nova_flavor module
* Apply suggestions from code review
Add type int for disk size
Co-Authored-By: John R Barker <john@johnrbarker.com>
* ec2_vpc_net: (integration tests) migrate to using module_defaults
* ec2_vpc_net: (integration tests) use a private subnet for the tests
* ec2_vpc_net_info: Add integration tests
* ec2_vpc_net_info: add cidr_block_association_set to documentation
* Update AWS hacking test policy to allow VPC CIDR disassociation
* Update test/integration/targets/ec2_vpc_net/tasks/main.yml
Co-Authored-By: Jill R <4121322+jillr@users.noreply.github.com>
* Store vpc2 ID to make it clearer which VPC we're changing
* Be more consistent with our quoting
* Explicitly test that the VPC IDs haven't changed
The ask was to add an option in the vmware_guest itself. Upon inspection, a serial port can
be created in multiple ways and so can be a module in itself. Therefore, created a new module
called vmware_serial_port.
Fixes: #54956
Eliminate `ResourceWarning: unclosed file` by closing all
file handles of each subprocess used by the SSH connection
plugin to execute commands.
This change prevents Ansible from accumulating "forgotten"
open file handles.
PR #64785 by Julien Palard
Fixes#64768
* Adjust conditional for disabling alert email
Conditional was improperly disabling existing alert email when it was found enabled. The expectation is that it should only disable if module.param['enabled'] was set to false.
* Adjusted disable logic
Added back in the logic of only disabling the alert email if it is module.params['enabled'] is false AND current value of enabled is true on the array
This is a fix for a regression introduced by Perfy. Since then we mainly
operate on host.name instead of the Host object. In a call to
set_nonpersistent_facts where we set ansible_failed_task and
ansible_failed_result variables we were still passing the object which
led to those vars being undefined.
Fixes#64789
While deleting gitlab user, several parameters such as email, name,
password are not required. This fix removes this requirement from the
module.
Fixes: #61921
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* win_domain_computer module: Minor documentation error
* Fix idempotence when name != samaccountname
* Added changelog
* Added unsupported alias for CI check
* Update win_firewall_rule.py
<!--- Your description here -->
Added example of enabling ICMP protocol, as ping is commonly used for troubleshooting in automation scenarios. Equivalent netsh command is:
netsh advfirewall firewall add rule name='ICMP Allow incoming V4 echo request' protocol=icmpv4:8,any dir=in action=allow
+label: docsite_pr
* Remove yaml-breaking space
Removed extraneous space that caused validation to fail.
* Remove more extraneous whitespace
* ec2_eip: (integration tests) move to using module_defaults
* ec2_eip: (integration tests) expand integration tests
Also clean up a little
- Delete EIPs when we finish testing them (reduce the chance of hitting limits)
- Rejig deletion so that it works when runs fail
- Add tests for ec2_eip_info
* ec2_eip: Minor doc tweaks
* ec2_eip: Don't throw an exception when we try to disassociate an already disassociated EIP
* ec2_eip: Add missing IAM policy (manage IGWs)
* ec2_eip: (integration tests) Use the VPC as a crude lock to avoid running parallel tests
We test that untagged EIPs come and go as we expect, if multiple tests are
running in parallel this confuses things
* Fix ec2_eip association
* ipaddr: add an option to return peer of a point-to-point link
Signed-off-by: Vincent Bernat <vincent@bernat.ch>
* ipaddr: extend "peer" to also work with /30
* Catch vmodl.fault.SystemError exception.
* Add exceptions for connection issues.
* Fix self._si not defined exception (L353), when trying to close a non existing connection.
* Fix vmware_tools connection reset
* Also catch InvalidGuestLogin exception, as it get's also thrown when trying to logging in too early on startup...
* win_acl no longer needs SeSecurityPrivilege
Set-ACL raises missing SeSecurityPrivilege error when the inheritance
from the parent directory is disabled.
* fixes test sanity
* registry rights can only be modified with Set-ACL
* add changelog
* Corrected Get-adcomputer
Corrected Get-adcomputer on "Remove-ConstructedState" and "Set-ConstructedState" functions.
resolved error: Unable to contact the server. This may be because this server does not exist, it is currently down, or it does not have the Active Directory Web Services running.
* Update lib/ansible/modules/windows/win_domain_computer.ps1
Co-Authored-By: Daniel-Sanchez-Fabregas <33929811+Daniel-Sanchez-Fabregas@users.noreply.github.com>
* Update win_domain_computer.ps1
changed
"-credential $credential" to "@extra_args" (Line 115 and 150)
corrected exception message (Line 122)
* Added changelog fragment, minor code tweak
* Ensure we work on only one user.
After the initial get/create use the GUID of the found/created user to
ensure we will not start to work with a different user. If we create a
user or modify it's attributes an he is not identified with the name
parameter afterwards this module fails in rather unpredictable ways.
This addressed #45298
* Use splatting create_args for creating user.
This prepars this for adding more optional create arguments without
nesting of condictions.
* Set the UserPrincipalName and SamAccountName on create.
Set the UserPrincipalName and SamAccountName on the create operation if
upn is given to ensure the User is created with a contollable
SamAccountName.
* Rename $username to $name.
$username is missleading as its not the SamAccountName.
* Add a identity parameter to win_domain_user
This gives the user full controll over how the user is identified in the
AD.
* Add version_added information for new parameter and fix yaml syntax.
* Added changelog fragment
wait_for_connection creates AnsiballZ_ping.py in temp directory,
which remains on remote machine even after playbook run.
Fixes: #62407
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Fix eos_facts over local eapi
* Much better feedback when querying resources over local
* No need for that anymore
* Update comment
* Mkae sure facts are tested on local
resource modules might break this otherwise
* This test was not checking anything
* Pass over nxos_facts as well
* Add output_encoding_override params to win_command/win_shell (#54896)
This enhancement enables Ansible to parse the output of
localized commands that ignore the prompt code page.
* Added changelog and minor nits
* feature enhancement: make a snapshot from an existing managed disk.
* remove default creation option in argu_spec of azure_rm_snapshot
* fix pep8 related issue
* fixing broken integration test
* Added install_dns option to the win_domain module.
* Added install_dns option to the win_domain_controller module.
* Updated version_added to devel branch version 2.10.
* Updates for ansible-test errors.
* Minor nits to docs
* Add Local Security Policy update example
##### SUMMARY
This real world example will be useful, but perhaps there is a better section?
##### ISSUE TYPE
- Docs Pull Request
+label: docsite_pr
* Move new example and add not to username
* Set alter_sys=True instead of False to address backwards incompat
* ci_complete
* Add integration test
* ci_complete
* sanity
* ci_complete
* Changelog fragment
* Update import test and validate-modules to match
* Updated nxos_lacp tests to handle platforms not supporting lacp system mac command
* nxos_lacp: addressing comments
* nxos_lacp: Updating image tag search to include more tags
* route53_info max_items and next_marker should be a str
Type was changed in #64358, however boto3 takes a str for this option
Add some basic tests for route53_info.
Fixes: #64534
This fixes a regression that was caused by switching from copy() to
deepcopy() when 'saving' variables before templating. Since HostVars
did not implement the __deepcopy__() method, deepcopy returned incorrect
results when host vars were present in the variables.
Fixes#63940
* docker_login: Use with statement for accessing files (#64382)
* Update changelogs/fragments/64382-docker_login-fix-invalid-json.yml
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Use "default" route info to help pick the default address.
Before this change, the address information used for the "default_ipv4"
and "default_ipv6" information is whatever is first on the interface
identified by the looking up the "default" route. On OpenBSD at
least, the first IPv6 address tends to be a link-local address,
which is not useful if you want to try and put a globally routable
v6 address in a template somewhere.
OpenBSD and NetBSD list the local address used for the default
route, so we can then use that to filter the addresses on the
interface and use the right one when it is available. This should
also help in situations where the interface has a lot of aliases,
or if you're doing IP multipath.
Thanks to John-Mark Gurney and Jared McNeill for providing me output
from the route command on FreeBSD and NetBSD respectively.
* Use "route get default" to get default route information.
Using some other arbitrary address makes these facts produce
unexpected results in some situations.
* ec2_* Sanity corrections
Cleanup some typos that were missed in #64230
* Update lib/ansible/modules/cloud/amazon/ec2_launch_template.py
Co-Authored-By: Felix Fontein <felix@fontein.de>
* convert aws_acm_facts to AnsibleAWSModule
* factor aws_acm_facts into module_utils
* add more filtering options for aws_acm_info
* add aws_acm module and tests
* uncomment aws_acm test
* fix linting for aws_acm
* fix __future__ linting for aws_acm
* fix linting for aws_acm
* fix linting for aws_acm
* fix linting for aws_acm
* fix linting for aws_acm
* fix aws_acm_info arg type
* remove test for old module name aws_acm_facts
* simplify AWS ACM client creation
* fix indent typo in aws_acm test
* catch BotoCoreError in aws_acm
* fix indent typo in aws_acm test
* tighten AWS ACM test policy resource
* move aws acm int test to venv
* remove errant file
* fix AWS ACM int test perms
* undo copyright addition to wrong file
* fix invalid log message in aws_acm
Co-Authored-By: Jill R <4121322+jillr@users.noreply.github.com>
* rephrase aws_acm_info doc from facts to information
Co-Authored-By: Jill R <4121322+jillr@users.noreply.github.com>
* rename aws_facts var to aws_info
* remove case insensitivity for aws_acm pem compare
* add no_log for aws_acm credential setting
* add per-test prefix to aws_acm test resource names
* make aws_acm use crypto module_util
* clarify copyright for aws_acm
* make aws_acm int test clearer
* add explicit crypto dependency to aws_acm
* change requests for aws_acm pr
* fix wrong copyright owner aws_acm test
* fix wrong copyright owner aws_acm test
* rewrite aws_acm cert chain compare with regex, no dependency
* fix linting for aws_acm unit test
* fix linting for aws_acm unit test
* fix linting and duplicate ignore
* fix failed cert chain split in aws_acm, add more tests
* remove errant file
* more linting fixes for aws_acm
* fix sanity ignore
* rewrite cert compare in aws_acm to use base64 decode
* improve regex for pem cert chain split in aws_acm
* undo changes to crypto module util for aws_acm
* increment ansible version for new aws_acm module
* convert aws_acm return(x) to return x
* increment version added for aws_acm_info new features
* fix linting
* fix bugs with AWS ACM
* fix bad rebase
* disable AWS ACM integration test, due to AWS account limit issue
* remove aws acm integration test from shippable group
* enable using any domain in the check point machine
* Update checkpoint.py
* trying to checge `test_chrckpoint` according to `test_ftd` in order to pass the tests
* Update test_checkpoint.py
* add GetHealthReport commands
* add NetworkInterfaces and SimpleStorage
* convert report uri property keys from plural to singular
* one more plural to sungular uri conversion
* change module name to redfish_info in EXAMPLES docstring
* Added module for attaching volumes in the Packet host
* Fix __future__ import sanity
* removed changed from RETURN doc
* Fix sanity tests, add check mode & few other minor changes
* Added module for IP address assignment in the Packet Host
* fixed CI bot issues
* rework of IP address handling to subnets
* fix pep8 in modules/cloud/packet/packet_ip_subnet
* Fix verison added
* Fix sanity tests, rebase, refactor & other improvements
* ec2_ boilerplate
* Deprecate unused options.
* ec2_vol: Perform explicit type checking on volume_size and iops when parsing the args
Boto would through a type exception if the string couldn't be converted to an int.
* ec2_lc_find: remove duplicate definition of region
It's defined in ec2_argument_spec and ec2 doc fragment
* ec2_lc_info: Move responsibility for type checking/conversion of sort_start and sort_end into arg parser
* General sanity test related doc fixups
* Remove EC2 related sanity/ignore.txt entries
* Add changelog fragment
* Remove sanity/ignore.txt entries
* replace use of "_" as a variable name
* Cleanup boilerplate
* Remove default values from mandatory parameters
* Sanity test documentation updates
* Remove unused imports from iam_role
* Move var plugins handling to a separate file
* Allow var plugins to require whitelisting
* Add global configuration ('demand', 'start') for users to control when they execute
* Add 'stage' configuration ('all', 'task', 'inventory') for users to control on a per-plugin basis when they execute
* Update ansible-inventory and InventoryManager to the global and stage configuration
* Update host_group_vars to use stage configuration and whitelisting
* Add documentation for using new options and to the developer's guide
* Add integration tests to exercise whitelisting and the new configuration options, using vars plugins in collections, and maintain backward compatibility
* Changelog
Co-Authored-By: Brian Coca <brian.coca+git@gmail.com>
Co-Authored-By: Sandra McCann <samccann@redhat.com>
* Remove Sanity test ignore.txt entries
* Fixup boilerplate
* Remove use of blacklisted _ variable name
* cloudformation: Add an explicit removal version for template_format
This option's been ignored since ansible 2.3
* General docs cleanup to clear sanity errors
* elasticache_parameter_group: Add list of choices
- matches documented choices
- other values wouldn't have worked
* data_pipeline: Deprecate 'version' - always ignored
* Add deprecation documentation
* Refactor CLI prompt mode check for network plugins
* Move the CLI prompt mode check logic from action plugin
to the controller side with the cliconf plugins.
* This refactor also allows the network modules
to initialise the persistent connection with remote device
only when it is required.
* Fix review comments
Using os_server_action to perform start, stop and pause actions on a
server in OpenStack results in an error when 'wait' is False.
The command is successfully sent to OpenStack, however Ansible fails the
task:
fatal: [127.0.0.1]: FAILED! => {
"changed": false,
"msg": "New-style module did not handle its own exit"
}
This patch ensures that those actions always exit, whether running with
'wait' set to True or False.
As we are not waiting to confirm the result, this assumes that the
actions were successful.
Fixes#62958
Signed-off-by: Chris Smart <chris.smart@humanservices.gov.au>
* Fixes#63937
* Add the environment variables VMWARE_HOST, VMWARE_USER, and VMWARE_VALIDATE_CERTS for consistency
* Follow the general pattern for config file naming requirements and update the documentation
Let the caller choose a namespace for `to_uuid` and document the
behaviour of both the default case, and the new explicit case.
This PR does not change the existing behaviour of the `to_uuid` UUIDv5
filter.
* Fix network plugin config option load from collection
Fixes#63975
* Update the complete sub-plugin name within network
connection plugins to handle sub-plugin in collection
scenario.
* Fix review comments
* add option to specify ID of System/Manager/Chassis to modify
* added version to deprecate() call
* fix merge TODOs to use new self.systems_uri variable
Add module podman_volume_info that collects data about podman
volumes on the host. Acts as docker_volume_info module.
Signed-off-by: Sagi Shnaidman <sshnaidm@redhat.com>
* add GetManagerServices in redfish_info module, and add SetManagerServices in redfish_config module
* fix incorrect-version-added, fix incorrect Comparison to None, fix continuation line under-indented for visual indent, fix line too long, fix blank line at end of file
* update parameter format to allow multi-services update and additional parameter update
* fix bad-whitespace and trailing-whitespace detected by ansible-test
* change command name from GetManagerServices/SetManagerServices to GetNetworkProtocols/SetNetworkProtocols, and update parameter name to network_protocols with dict type, and enhance set_network_protocols() to follow suggestions
* donot need to import ast any more
* fix problems caused by code merge
* Move X25519, X448, Ed25519 and Ed448 feature tests to module_utils.
* Correctly sign with Ed25519 and Ed448 keys.
* Fix public key comparison. Ed25519 and Ed448 do not have public_numbers().
* Add tests.
* Add changelog.
* Give better errors for cryptography 2.6.x and 2.7.x.
* Test for new errors.
* Forgot one.
* Used wrong private key.
* Use private key password for CA key. Add more stuff to its certificate.
Currently first check was by checksum only, and if there are 2
images with the same checksum, but different names, this check
fails with error:
* Multiple matches found for None *
To prevent this let's add more exact check in the beginning:
1. Firstly try to find by unique ID if it's given, most safe way.
2. Try to find by combination of name and checksum, not only
checksum, it will drop duplicates with different name.
3. Try to find just by name, as most general approach.
By going from most narrow to more general checks we can drop
duplicates in more efficient manner.
* Add AWS_ boilier plate
* AWS_ modules: clean up missing parameter types
* Remove documentation duplicated by ec2 document fragment
* Add missing documentation for options and sub-options
* Add missing return type documentation
* Remove AWS_ sanity-check ignores
* aws_waf_info: fixup conflicting 'defaults' information about the use of waf_regional
* Wrap URLs in U()
* Add elements entries, because felixfontein asked nicely
* Apply suggestions from code review
Co-Authored-By: Jill R <4121322+jillr@users.noreply.github.com>
* Second round of review comments.
* Make docker_stack adhere to standard return values
The names of the various fields returned from ansible modules are e.g defined here https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#msg.
Adhering to this improves usability and makes use of functionality for e.g stdout_lines etc.
* Update lib/ansible/modules/cloud/docker/docker_stack.py
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Fix under-indentation of continuation line (pep8)
Issue exposed in test here https://app.shippable.com/github/ansible/ansible/runs/146667/1/console
* Don't break old playbooks/roles
Made sure the changes are only adding new variables, not removing anything existing yet.
* Added comment
* Minor fixes
* Update lib/ansible/modules/cloud/docker/docker_stack.py
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Update lib/ansible/modules/cloud/docker/docker_stack.py
Co-Authored-By: Felix Fontein <felix@fontein.de>
* minor change to docker_stack.py
* Add changelog fragment for PR 63467
* Format changelog fragment
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Add fragment about docker_stack return val depr
* Add docker_stack doc note about deprecated vals
* Remove whitespace in empty line
* Add docker_stack depr notice to porting guide
* Update changelogs/fragments/63467-docker-stack-return-fix.yml
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Update docs/docsite/rst/porting_guides/porting_guide_2.10.rst
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Update lib/ansible/modules/cloud/docker/docker_stack.py
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Added back a missing new line
* check status code value lower boundary
Any HTTP code below 200 cannot be considered a success, should be
handled like a failure instead.
This is particularly true for below zero status codes.
Fixes#63139
* provide changelog fragment
* ensure connection errors are handled in Acme module
* add fetch_url check to ACME.send_signed_request
* remove module.fail_json
* move _assert_fetch_url_success out of ACMEAccount
* fix ansible-lint errors
* use simplified syntax status checking
* add new command UpdateUserName and UpdatePasswordPolicy in redfish_command module
* fix errors detected by ansible-test
* fix error detected by ansible-test
* change command name UpdatePasswordPolicy to UpdateAccountServiceProperties, and update parameter to account_properties to support mlti-properties setting
Since https://github.com/ansible/ansible/pull/56733, we were not able to apply
firewall rules with no `allowed_hosts` key.
closes: #61332
In addition, this patch ensures the `allowed_hosts` key accepts a dict,
instead of a dict in a single entry list.
```yaml
vmware_host_firewall_manager:
esxi_hostname: "{{ esxi1 }}"
rules:
- name: NFC
enabled: True
allowed_hosts:
- all_ip: False
ip_address:
- "1.2.3.4"
```
Should be written:
```yaml
vmware_host_firewall_manager:
esxi_hostname: "{{ esxi1 }}"
rules:
- name: NFC
enabled: True
allowed_hosts:
all_ip: False
ip_address:
- "1.2.3.4"
```
* postgresql_db: allow to pass users names with dots
* postgresql_db: allow to pass users names with dots, add changelog fragment
* postgresql_db: allow to pass users names with dots, fix ci