Those "unused" doc fragments are still referenced
lib/ansible/modules/network/eos/eos_config.py:extends_documentation_fragment: eapi
lib/ansible/modules/network/eos/eos_facts.py:extends_documentation_fragment: eos
This reverts commit 246cd041d8.
* Disassociate subnets from route tables before deletion
If a route table still has subnets associated with it, it will fail
to delete:
```
"msg": "The routeTable 'rtb-abcd1234' has dependencies and cannot be deleted."
```
Avoid this by disassociating subnets before route table deletion
* Fix ec2_vpc_route_table flake8 complaints
* Check if EIP exists before deleting it
After deleting the NAT gateway, the EIP sometimes seems to
cease to exist afterwards. Check if it exists before deleting it.
Otherwise you get:
```
Failed to release EIP eipalloc-abdc1234: An error occurred (InvalidAllocationID.NotFound) \
when calling the ReleaseAddress operation: The allocation ID 'eipalloc-abcd1234' does not \
exist", "success": false}
```
* Fix flake8 errors with ec2_vpc_nat_gateway
* A method to validate and alter the ssh control path automatically.
* First tries %C to use the shortened hash
* On further failure, it removes section by section from the original path
* Fix hostname
* Implement bcoca's suggested changes
* Remove unused option
* Remove unused class var
* Use to_string to avoid unicode error
* Switch from to_text to to_bytes
* Update the example config for the new controlpath feature
* [GCE] External IP Address Module.
This module allows users to create and delete External IP Addresses. Both Regional and Global Addresses are supported.
* Removed whitespace causing pep8 issue
* added ec2_vpc_igw_facts module
* added cr at end of file
* corrected import json in wrong location
* corrected version added
* added snake_case conversion
* updated documentation and fixed for python 3'
* ec2_vpc_igw_facts: simplify logic
Make module arguments more 'Ansiblish'
Remove unnecessary intermediate variables in results generation
Use `ansible_dict_to_boto3_filter_list` rather than duplicating logic
Use `check_mode` rather than pass a `dryrun` argument
Update for flake8 improvements
* updated documentation
* # This is a combination of 6 commits.
# The first commit's message is:
new module to import software or configuration file onto firewall
# This is the 2nd commit message:
changes based on the review comments; remove unecessary if statements; change returned value docstring
# This is the 3rd commit message:
empty checkin to trigger ANSIBLEbot
# This is the 4th commit message:
added additional exception handling
# This is the 5th commit message:
- added new module info to the changelog as requested
# This is the 6th commit message:
removed blank space as tox checks were failing
* new module to import software or configuration file onto firewall
* Support logical or condition in required_if
Add logical 'or' condition support in 'required_if'
for requirements.
* If requirements is a list all parameters within it should
be present.
* If requirements is a set atleast one parameter should
be present
* Fix review comment
* Remove monkeypatching of rhn config in rhn_register
rhn_register.Rhn() was doing some complicated monkeypatching of
the up2date_client.config.Config() class to add a default config
value. Since that was only used in one place, remove the monkeypatch
and handle the single default case.
That case was 'server_url' option, so replace it with a Rhn.server_url
property. Also handle the error case when no server url is provided.
* refactoring
* flatten some indention levels
* add 'enable_eus' to module doc
* set enable_eus var and use it directly
* style/pep8/etc cleanups
* some import cleanups
types was unused, os/re were from module_utils * import
* remove * import from module_utils.redhat
* remove * imports from module_utils.base
* remove unused Rhn._subscribe method
* cleanup pep8 style stuff
* remove a unused default mutable arg from Rhn.subscribe
Rhn.subscribe() only gets called in one place, and thats
with channels from module_params which default to [] and
are typed as a list.
Update exception handling, remove use of iteritems
Update for better flake8 compliance
Use ansible_dict_to_boto3_filter_list rather than
duplicating its implementation
This version just gets the relevant paths from PluginLoader and then
uses the existing imp.find_plugin() calls in the AnsiballZ code to load
the proper module_utils.
Modify PluginLoader to optionally omit subdirectories (module_utils
needs to operate on top level dirs, not on subdirs because it has
a hierarchical namespace whereas all other plugins use a flat
namespace).
Rename snippet* variables to module_utils*
Add a small number of unittests for recursive_finder
Add a larger number of integration tests to demonstrate that
module_utils is working.
Whitelist module-style shebang in test target library dirs
Prefix module_data variable with b_ to be clear that it holds bytes data
added better way of adding warnings to return data
backwards compatible if warnings key already exists
added deprecations made iface more generic
changed to enforce type per item
added logging of warnings/deprecations
also display deprecations by default
Prescribing types is not necessary as the underlying shade library
does not do so, and the Neutron API will inform us if a disallowed
or non existent type is used.
Fixes#20830
* Add support for additional properties when creating new VMs.
All vmadm(1M) options except those specific to SDC(-docker)
are now supported.
* Mark password options as no_log
Change-Id: I9dfd80e7ba5ecfc8f45ecfbe9ec098e66647e9a4
* Set ansible_os_family to 'ClearLinux'
* Set ansible_distribution to 'ClearLinux'
* Add swupd.py plugin
Fixes#20824
Signed-off-by: Alberto Murillo Silva <alberto.murillo.silva@intel.com>
This prevents an exception from occurring when an image has no name. While images normally have names it is possible, at least on older versions of Docker, for an image to "lose" its name during a failed `docker rm`.
* Fix service's exec_command() for python3
exec_command() was mixing text and bytes in several places on python3.
Made changes so that we explicitly convert between the two.
Fixes#20818
* Also handle basestring and shlex.split in a python2/python3 compatible fashion
* Cleanup fork
* Add bigmon_policy module
* Remove docker files from commit, fix formatting, add CHANGELOG.md entry
* Put change in CHANGELOG.md in alph order and add the alias to access_token doc
* Fix access_token type, drop the alias, and fix doc
* Capitalize letter, delete redundant notes, make validates_certs True by default
* Add validate_certs to example
* Try fixing trailing space
* Try adding a trailing space
* Try removing trailing space at end of file
* Add newline at end of file and fix trailing space
* provides declarative resource for configuring eos system parameters
* supports network_cli connection plugin only
* adds unit tests for module using mock interfaces
* adds send_config function to handle pushing configuration commands
* adds support for handling multiline banner commands
* adds env var check to enable or disable config sessions
The following changes have been made:
- Added check-mode support
- Added parameter type support
- Replace PSObject by a normal dictionary
- Improve idempotency (only when $dest is provided it is not idempotent (yet)
I intended to update the documentation, but it appears the website docs
are behind the actual documentation (as the website doesn't show the
default values for booleans).
So I ended up adding the missing -type "path" and use the default $null
value for undefined parameters.
The following playbook:
```yaml
- hosts: localhost
tasks:
- file:
path: /tmp/non-existing-foo-bar
state: absent
recurse: yes
```
causes this error:
```
fatal: [localhost]: FAILED! => {"changed": false, "failed": true, "msg": "recurse option requires state to be 'directory'", "path": "/tmp/non-existing-foo-bar", "state": "absent"}
```
The included fix ensures that when recurse is added, we no longer assume
it is a file, but accept that it is a directory.
- Harmonize the name $params like most modules
- Use `return` consistently for return values (easier to read)
- Implement Get-AnsibleParam internally using -type "bool"
- Use a dictionary for $result
* update eos_config to use eapi exclusively and remove cli transport
* add unit test cases for eos_config
* updates action plugin to handle both eapi and network_cli connections
* Added support for a gce_snapshot module for managing snapshots in the Google Cloud Platform
* Fixed using sys.exit in favor of fail_json. Followed the pattern in gce_pd
* Fixed using sys.exit in favor of fail_json. Followed the pattern in gce_pd
* Fixed an issue when dealing with multiple disks. Added a bit more documentation explaining the disks argument
* Corrected a typo in the multi-disk snapshot example
* Updated module to return list of changed snapshots instead of just a message. Added a RETURN block
* include source file in error message
* win_copy: Fix for idempotency
This patch fixes an idempotency issue with win_copy. Without this patch
files would always be considered changed (unless the copy operation failed).
It also fixes the resulting output cfr. what was deocumented.
Small improvements:
- Remove obsolete comments
- Use $check_mode instead of my own $_ansible_check_mode
- Renamed "default" window style to "normal" (as is used by Windows
documentation)
- A fix for check-mode support (when state=absent)
* eos module now uses network_cli connection plugin
* adds unit tests for eos module
* eapi support now provided by eapi module
* updates doc fragment for eapi common properties
* Fixed issue in gce_net with firewall rules that have protocols that do not have ports.
* Fixed elif in gce_net to include check of the ports variable.
* Google Cloud Pubsub Module
The Google Cloud Pubsub module allows the Ansible user to:
* Create/Delete Topics
* Create/Delete Subscriptions
* Change subscription from pull to push (and configure endpoint)
* Publish messages to a topic
* Pull messages from a Subscription
An accessory module, gcpubsub_facts, has been added to list topics and subscriptions.
* Added docs for state field to DOCUMENTATION and RETURN blocks.
`force` option is not unique for non-activationkey registrations and it should
be parsed separately; it is possible to register host with activation key and
force such process.
* redhat_subscription: enforce the need for org_id when AK is used
also update the documentation to reflect that
Fixes: #20542
* redhat_subscription: check for existence of subscription-manager
After merging the latest update, these were the few remaining
differences with upstream.
(Plus the previous proposed fast match based on unique VM name which is
not longer needed)
- get rid of changed, rc, stderr, stdout juggling
- use get_bin_path() to get 'imgadm' path
- move actual implementation to Imgadm class
- fix 'changed' for imported images
Without this patch, the os_keystone_domain module is not idempotent if
the description is empty because the description parameter is None in
ansible, but the keystone client returns an empty unicode string.
Following the example of other OpenStack modules, this patch fixes the
issue by checking whether the module parameter is None before going on
to check its value.
Instead of populating the platform comment in the default
meta/main.yml with a dict of platforms fetch from the
galaxy REST API, this removes the API call and adds a
commented out example platforms list to the default meta/main.yml
Fixes#18103
The following changes have been made:
- Added check-mode support
- Added diff support
- Corrected HCCC to HKCC (according to windows documentation)
- Updated documentation, and examples
- Added -aliases support to module_utils/powershell.ps1
- Renamed `key > value > data` to `path > name > data`
- Re-indented code and consistency changes
- Added support for expandstring type
This fixes#20595
when using "state: link", and particularly when using
"force: yes".
Symbolic link resolution can be expensive. In our case,
the symbolic links are legacy links to automounts, and
the "file" task was causing all of the legacy links to
be traversed and mounted on every host every time the
task executed, even when the links were correct and there
was nothing to do.
This change avoids the system calls that perform the
symbolic link resolution by taking advantage of the short
circuit behaviur of the boolean "and" operator. The code
behaviour is unchanged except that it no longer performs
unnecessary system calls.
As it turns out, this change is not sufficient to fully
solve the symbolic link resolution problem, as the "file"
module still performs a stat() at the end of execution to
provide the caller with information about the file.
However, this change is very simple, it will eliminate
unnecessary system calls in a number of use cases, and it
gets the "file" module closer to the desired end result.
* update instance image with Debian 8 Jessie
* debian-7 is marked as "DEPRECATED" in Google Compute Engine Images
* as a result, by default use `debian-8` Jessie
Resolves:
Related:
Signed-off-by: Daniel Andrei Minca <danielandrei.minca@gameloft.com>
* update docs regarding latest stable default image
* after speaking with @gundalow, we decided it's better for the users to
know that the default image will follow latest stable debian by GCE
Resolves: #20558
Related:
Signed-off-by: Daniel Andrei Minca <danielandrei.minca@gameloft.com>
self.instance may be overwritten before the user data comparsion which result in a false positive changed state.
With this commit, we make sure we have the userdata when we need to.
* new AWS module for ec2 VPC vgw facts
* fixed documentation as suggested by reviewers
* changed iteritems to items for py 3
* improvements to bring in line with #19787
* corrected documentation
* updated doco and exception path
* win_psexec: execute cmds on remote systems as any user
This module uses the versatile psexec tool to run any command remotely
as any user (incl. domain users).
* Add missing documentation
Now that this module is deemed acceptable for inclusion,
the documentation is an essential part.
* win_psexec: Small cosmetic changes
* win_psexec: add more options (priority, elevated, ...)
* Fixes after more testing
* Renamed 'cmd' to 'psexec_command' + more
- Also replaced PSObject() with a hash table
- Made $chdir of type "path"
- Renamed $args to $extra_args
* Various improvements
- Switched to using booleans for most parameters
- Added type 'bool' to boolean parameters
- Added 'interactive' parameter
- Added 'wait' parameter
- Added an interactive example
* Added -type "bool" support to Get-AnsibleParam
* Fix deadlock
* When using `wait:no` return code is PID of process
The same ssh key may be registered with different names. Before we only looked at the names and marked as changed when names differ. However internally cloudstack seems to ignore the change, if the fingerprints are identical.
As a result we also have to compare the fingerprints and only mark the keys as changed if the fingerprints differ.
* Fix git remote url change detection.
When comparing paths, unfrackgitpath must be called on both sides
of the comparison. Otherwise comparisons involving symlinks will
return incorrect results.
* Re-enable git test on OS X.
* Return None from unfrackgitpath when path is None.
Per official docker document, it support setting `--log-driver=none` to
disable any logging for the container. So let's add it to this module.
Fixes#5337
Per a change in jinja2 2.9, local variables no longer are prefixed
with l_, so this updates AnsibleJ2Vars to pull in all locals (while
excluding some) regardless of name.
Fixes#20063
(cherry picked from commit 4d49b317929b86e1fc1b0cbace825ff73b372dc7)
After much plumbing through the source code, python-gitlab and the Gitlab API I found out why I cannot update my ssh keys through this module - because it expects the user to have admin rights on the server. This could be made clearer in the requirements because the Gitlab API allows one to change his/her own profile, it's just that the module or the underlying library doesn't cover this use case.
* Add jinja2 groupby filter override to cast namedtuple to tuple. Fixes#20098
* Address some of the requested changes
* Quoting
* Print the python path and version
* Be less explicitly verbose, rely on implicit verbosity
* Deprecate ec2_vpc module
The deprecation of ec2_vpc module has been discussed for
2 years and is causing duplication of effort as changes
are implemented for ec2_vpc rather than for the newer
alternatives
* Improve module deprecation documentation
Update the developing modules documentation with the latest
instructions on how to deprecate a module.
* Windows: Fix documentation strings to be raw strings
Especially when using Windows paths they easily get confused as escaped
sequences or unicode characters. So by default use raw strings
This fixes#20295
* Fixed as hinted by @abadger
And some trailing whitespace fixes.
Rather than trying to enumerate tasks or track an ever changing cur_role
flag in PlayIterator, this change simply sets a flag on the last block in
the list of blocks returned by Role.compile(). The PlayIterator then checks
for that flag when the cur_block number is incremented, and marks the role
as complete if the given host had any tasks run in that role.
Fixes#20224
* New module for managing VMs and zones on SmartOS.
Currently allows for creating new instances and state changes.
Updating existing VMs is not supported yet
* Fix identation in DOCUMENTATION
* Add RETURN block
* Apply flake8 recommendations and split up main() into separate functions.
* Be more about the states this module accepts and trim the exposed list
* Be more verbose about states and the implications
* Fail with a more descriptive error messages than just 'stderr'
* Valid all UUIDs before exiting
* Incorporate feedback from bcoca
* Print field name that contains invalid uuid, not the value
* More changes as suggested by bcoca:
- drop save_payload completel
- make 'name' the options with an 'alias' alias
- use get_bin_path() for locating 'vmadm'
* Doc fixes
Change-Id: Ia23704c99d24b7782d8884fd22e11af61cef724c
* More fixes suggested by jtyr
Change-Id: Ia3e65277bf5a499651c70b096e2988d7cc9eceb5
* Drop local changed variable
Change-Id: Ia8beaa615ba4a47004d7af791c28a5a5855bcf61
* Use correct ANSIBLE_METADATA format
Change-Id: I51ded34e543005933c7c739501388e24e5f80c1d
* Re-indent RETURN
Change-Id: I0c266d7a83517be54fc6242dfb0496a0a480f628
* Fix documentation formatting for options and fix an unused variable
* Move imports to their original location again
* Fail if there's invalid json returned instead of trying to continue
* Betterer error handling for json.loads()
This patch add additional filtering of VNIC profiles by the cluster
parameter. It is a must, because there could be same names of the
VNIC profiles in system, as every datacenter can have VNIC profile
same name, which can be in other datacenter.
This patch fixes issue #20246
* Fixes: #3217 - Add a new parameter for the kms_key_id to the ec2_vol module.
* Fixes: #3217 - Correcting comment string as requested.
* Fixes: #3217 - Adding boto version when kms_key_id is used. Also re-adding accidentally removed comment line.
* Cleanup of EBS volume key pull request
* Adding support for Amazon ECR
This patch adds a new module named ecr, which can create, update or
destroy Amazon EC2 Container Registries. It also handles the management
of ECR policies.
* ecs_ecr: addressed review feeback
* Renaming ecr to ecs_ecr
* Fixed docs
* Removed bad doc about empty string handling
* Added example of `delete_policy`
* Removed `policy_text` option; switched policy to `json` type so
it can accept string or dict
* Added support for specifying registry_id
* Added explicit else after returned if clauses
* Added `force_set_policy` option
* Improved `set_repository_policy` error handling
* Fixed policy comparisons when AWS doesn't keep the ordering stable
* Moved `boto_exception` into the module
* Improve ansible-galaxy handling of role versions
Ensure that role versions are considered when deciding
whether or not to (re-)install a role.
Issue a warning when the version of a dependency conflicts
with the version of an already installed role
Display what version of a role is being installed
Show the versions when upgrading/downgrading a role.
Implements #11266
* Improve force logic for galaxy version changes
Ensure that force is required to change role versions
* Add dimensiondata_network module
* Remove shebang
* Use Python-2.4-compatible exception handling.
* Ok, add shebang back in.
* Add 'mcp_user' and 'mcp_password' parameters'.
As suggested by @abadger, these values will now be used for CloudControl credentials, but will fall back to existing behaviour (environment variables and dotfile).
* Minor fixes based on feedback for ansible/ansible#19325.
This PR is based on #20164 functionality to specify the parameter type
(e.g. as done for python modules).
In this case only -type "path" has a specific meaning, as it will expand
environment variables for paths. Which is typically done on Windows.
So you can do:
- win_copy:
src: files/some.doc
dest: '%UserProfile%\My Documents'
* win_shortcut: Create, manage, remove Windows shortcuts
This modules manages Windows shortcuts and all its properties.
The module is idempotent and supports check-mode.
This relates to #19694
* Changes required after @nitzmahone review
* Added -type "path" to parameter definitions
* Small fixes
- Add conversion from window style name to window style id
- Fix error message output (Why didn't the original work ?)
* Tweaks for SmartOS:
- prevent attempting from changing timezone in the global zone (read-only)
- provide meaningful error message in the unlikely case smtools isn't present
* Add support for FreeBSD and NetBSD to timezone module
* vmware_guest: networks definition as a list
Currently the networks definition is a dict, with the network range as
key. This is problematic if the network information is coming from other
sources.
This patch turns the networks definition into a list.
This fixes#19222.
* Remove the option to provide either netmask or network
It is more concise if there's only one way to configure it.
So provide both `ip` and `network`.
(I also re-indented a section due to a useless check)
* Fix bugs reported by @dav1x
Thanks !
Changes missing from a poor merge probably, but also a few new things.
- Reordered the examples from important (often used) to less important
(fewer used)
- Remove the new_name: option and replace it with the uuid/name
combination for renaming + added example
- Added an example using the VM uuid instead of the VM name
- Also check whether the password is non-empty (rogue merge)
- Wait for all tasks to finish (to be sure the new facts reflect the
state)
- Ensure that on failure we still set the change-bit
- Moved a set of functions that are unused (related to transfering
files to guest, or running commands) to module_utils
* Allow the use of paths like ~/.project.json
This makes it easy to manage credentials files outside of the repo
(and/or user specific credentials).
* Fix format string to log credentials_file.
* checks if signal hander is set and sets it if not (will be set if coming
from ansible-connection)
* will now timeout long running commands based on DEFAULT_TIMEOUT setting
The password param conflicts with os-client-config's password grabbing.
The rest of the params really probably should also be popped - but
keeping this just to password for now. Will follow up with a change that
does an audit of all the os_ modules
This patch was previously contributed by @emonty to the former
ansible-modules-core repo however since the merge, it was closed
and not completed. This patch includes the necessary changes cleaned
up to work with the latest release of Ansible. This has been
tested to work internally
In our environment we have custom services that need to be stopped and
restarted very gracefully to not interrupt active sessions.
A stop job, depending on the state, can take up to 20 minutes until the
process exits. It simply reacts to SIGTERM with a graceful shutdown.
By default, systemctl blocks until the job has completed, which leads to
Ansible hanging on this task for up to 20 minutes.
Thankfully systemctl supports the `--no-block` flag which lets the job
continue in the background.
This PR adds support for that flag as the `no_block` boolean option.
From the man page:
--no-block
Do not synchronously wait for the requested operation to
finish. If this is not specified, the job will be
verified, enqueued and systemctl will wait until the
unit's start-up is completed. By passing this argument,
it is only verified and enqueued. This option may not be
combined with --wait.
Not all file-related modules consistently use "path" as the attribute to specify a single filename, some use "dest", others use "name". Most do have aliases for either "name" or "destfile".
This change makes "path" the default attribute for (single) file-related modules, but also adds "dest" and "name" as aliases, so that people can use a consistent way of attributing paths, but also to ensure backward compatibility with existing playbooks.
NOTE: The reason for changing this, is that it makes Ansible needlessly harder to use if you have to remember that e.g. the xattr module requires the name attribute, the lineinfile module requires a dest attribute, and the stat module requires a path attribute.
* removed bad iteration from execute meta
most of the tasks should not be iterated over, others needed to include unreachable hosts
fixes#19673
* corrected host var
* Only add Content-Type if not specified in headers. Fixes#20046
* Update documentation to indicate body_format will not override Content-Type if specified in headers
* Add dimensiondata.py in module_utils
This is required by the Dimension Data modules under
lib/ansible/modules/extras/cloud/dimensiondata
* Implement change requests from PR #17604
Requests are listed in:
https://github.com/ansible/ansible/pull/17604#pullrequestreview-819380
* Changes requested for Ansible PR #16704.
As noted by @abadger:
- Use Py3-compatible import syntax for ConfigParser.
- Use comprehensions instead of filter function.
- Fix buggy comparison of False to 'False'.
- Change b_dict to block_dict.
- Fix invalid syntax for except block that handles multiple exception types.
* Additional changes requested for Ansible PR #16704.
As noted by @abadger:
- Missed a couple of places where we still had invalid exception-handling syntax.
* Remove shebang from dimensiondata.py (Ansible PR #16704).
* Switch to MCP_USER / MCP_PASSWORD.
This is consistent with other Dimension Data Tooling.
* Implement get_configured_credentials.
* Fix typo (missing comma).
* Unify get_credentials implementation (ansible/ansible#17604).
get_credentials will now look in environment, dotfile, and module configuration for credentials (in that order).
* Resolve user Id and password from module configuration before trying environment or dotfile (ansible/ansible#17604).
* new module to check FW readines
* added missing parameter
* changes based on the review comments; remove unecessary if statements; change returned value docstring
* Make ModuleArgsParser more understandable
Both comments and method names for handling new/old
style parameters are switched around
Made comments and method names reflect actual code paths
taken.
* Further improve mod_args.py comments
Ensure output formats are correctly documented,
remove some of the 'opinion' about which formats are
valid, and try and clarify the situations under which
certain code paths are hit.
Stop talking about the YAML command-type form as 'extra
gross' when it's the documented example form for command
etc.!
* Fixes#3539 "win_robocopy does not return changed properly"
Remove .win_robocopy from $result so that ansible can see the values properly. This also matches up with the existing documentation.
* Update documentation to match new return values
* add support for AIX mount facts
* add nfs mount support for AIX mount facts
* make nfs parsing a bit more resilient and correctly parse options if provided
* self.module.xxx call instead of wrong module.xxx
Because we add the names of all filters to the callable whitelist used
by safe_eval, adding a filter named type makes it so code calling "type()"
gets eval'd. We can't think of a way to exploit this but it's
sufficiently sketchy that we're renaming it in case someone smarter than
us can think of a problem.
When you become: with synchronize and docker it sets the rsync-path to
"sudo rsync" to launch rsync on the server as root. Unfortunately due to
docker exec doing stricter argument parsing than ssh this fails to
launch rsync on the server and the sync fails.
For docker though we don't need to launch rsync with sudo we can simply
docker exec -u <user> and rsync as normal to get around the problem.
Closes#20117
- Replace nose usage with pytest.
- Remove legacy Shippable integration.sh.
- Update Makefile to use pytest and ansible-test.
- Convert most yield unit tests to pytest parametrize.
* Small tweaks for timezone module:
- small textual fixes
- ensure the generated docs list either hwclock or name as required
by using a non-generated value for required_one_of
* Update docs with the DOCUMENTATION block about either name/hwclock being required
This refactors the iosxr shared module to make use of the network_cli
connection plugin and removes the dependency on the shared shell
module. This change will break current modules until the modules
are updated.
* Previous fix to this failed to account for open_url returning a filehandle
Fixes the bugs introduced by c6fb355
* read() from HTTPError for python-3.6+
HTTPError is funny. It contains a filehandle to read the response from
and also makes it available via a read() method. On earlier versions of
python (2 and 3) the read() method was enough to make it work with
json.load(). The newer version of json.load() needs a more complete
file interface than this and has stopped working. Read the bytes,
transform to str and pass it in manually to fix it.
* initial commit of cloudfront_facts.py
* modification as per review from @georgepsarakis
* fixed shippable build error
* fixed shippable build error
* removed wildcard imports and replaced with specific imports from ansible.module_utils.ec2 as advised by @georgepsarakis
* renamed all instances of cloud_front_origin_access_identity to origin_access_identity as advised by @georgepsarakis
* added input option requirements where missing. fixed a typo in an error message, added '.' to the end of sentences.
* fixed typo in documentation
* simplified paginated_response method as advised by @georgepsarakis
* set default option to list_defaults when no option specified as advised by @ryansb
* bumped version to 2.3 as advised by @ryansb
* removed double-nesting of ansible_facts as advised by @ryansb
* show facts based on alias and distribution id for easy referencing as advised by @ryansb. have done for both distribution and distribution_config
* made comments clearer
* fixed incorrect logic for default list_distributions, fixed list_distributions_by_web_acl - wasn't passing web_acl_id, fixed list_invalidations keyword args missing DistributionId
* neatened up logic for list_distributions default
* facts now return Etag as well as specific facts. modified paginated_response to handle this. also all requests that use distribution id also list the facts under the corresponding alias now.
* fixed last fact added clobbering all previous facts for an alias or an id
* removed list_ prefix from list keys
* removed unnecessary boto fields. made list_distributions and list_streaming_distributions dictionaries with id/alias as key. fixed list_invalidations.
* fixed incorrectly named list_distributions_by_web_acl to ..web_acl_id. added id/alias dict for list_distributions_by_web_acl_id
* minor doc changes
* removed merge tag
* fixed more of merge
When get_url or other functions receive an SSL failure it prints a
standard message regardless of the failure. Include the actual OpenSSL
message in the error message so alternative failures can be debugged.
Closes: #20024
* Idempotency fix on annotations permitting to change them on reconfiguration
* Permit to set VMware customvalues attributes on VM
* Gather annotation & customvalues and report it into module facts
* vmware_guest: various changes and fixes
Most of my queued changes were already implemented by @aperigault !
This was still open
- Typos
- Various fixes to dict.get() without quotes
- Defaults to fullname and orgname (so they are no longer mandatory)
- Add missing timezone implementation
- Remove the customize flag from the options
- Rename 'customizations' to 'customization' (cfr VMware docs and fora)
* Important fixes for idempotency and customization
- A password is mandatory for customization to work on Windows !
- An important fix for idempotency related to guestId
- Support all types of Windows guestId entries
* Suggestion by @aperigault
* Small documentation fixes
The behavior now matches GNU diff.
Fixes#14094.
Example of output before this change:
TASK [healthchecks.io : hourly healthchecks.io ping] ***************************
changed: [ranka]
--- before: /etc/cron.hourly/mg-healthchecks-dot-io
+++ after: /tmp/tmpOTvXTw
@@ -1,2 +1,2 @@
#!/bin/sh
-curl -sS https://hchk.io/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx > /dev/null+curl -sS https://hchk.io/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx > /dev/null
after this change:
TASK [healthchecks.io : hourly healthchecks.io ping] ***************************
changed: [ranka]
--- before: /etc/cron.hourly/mg-healthchecks-dot-io
+++ after: /tmp/tmpOTvXTw
@@ -1,2 +1,2 @@
#!/bin/sh
-curl -sS https://hchk.io/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx > /dev/null
\ No newline at end of file
+curl -sS https://hchk.io/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx > /dev/null
The added unit tests contain more examples.
This commit also takes care to avoid "no newline at EOF" warnings when
no_log is in effect, and also when modules return dicts rather than
strings. (It also removes trailing whitespace from using json
serialization when diffing dicts, because I hate trailing whitespace in
Python source files, even if they're test files.)
* updates the ios_config module to use the network_cli plugin
* updates the local action plugin to derive from network
* add unit test cases for ios_config
The add() method was not properly setting childen and parents objects
on instances of ConfigLine. This only applied to the add method. This
change fixes the problem by adding child and parent to the right
attribute.
* Add modules for gathering facts about ZFS datasets and pools
* Move zfs module to storage/zfs subcategory
* Replace dict.iteritems() with iteritems(dict)
* Add ANSIBLE_METADATA
Document return values
Make imports explicit
Use native YAML syntax in EXAMPLES
* Add zfs_facts and zpool_facts modules to CHANGELOG.md
* Add facts to return values
* Add module for managing boot environments on FreeBSD/Solaris/illumos systems
* Add ANSIBLE_METADATA
Document return values
Make imports explicit
Use native YAML syntax in EXAMPLES
* Add beadm module to CHANGELOG.md
* Update version to 2.3
* Gather device information on Solarish systems
* Gather uptime information on Solarish systems
* Fix typo in variable name
* Add comments and example output from kstat command
Use frozenset instead of set
Make parsing of line a little bit safer
* Adding os_quota support to the OpenStack modules
* Updated descriptions in doc string
* Updated version_added to 2.2 based on CI test feedback
* ready_for_review
* Changed exit_json to remove updating host var facts
* Updated version_added and docs
* Added support for state:absent paramater
This includes:
- Updated the doc string with the paramater information
- Updated the example section showing how to reset a project quota
- Added code support to handle state:absent
- Encountered a bug in delete_network_quota where it returns
an error instead of the current quota. Added support code to
workaround that issue until a proper fix can be added.
* Updated security groups kwarg to reflect Neutron kwargs
* Updated iteritems to be items based on CI feedback
* Updated descriptions and import statements based on code review feedback
* Updated CHANGELOG.md to include os_quota under new mods.
* updates the deprecated ios_template module to use network_cli
* adds unit test cases for ios_template
* adds check for provider argument and displays warning message
The main purpose of this PR is to add the subnet associations to the
dict returned by ec2_vpc_route_table_facts. This commit also
re-formats code to make it PEP8 compliant.
- If an absolute path is provided, ensure it starts with /vm
- Also ensure there are no trailing slashes
This gets rid of a few locations where the same was being done.
It also fixes the cases of multiple trailing slashes, or ending up with
/vm/ instead of /vm.
The `except` block with exception matching throught
`if 'connection refused' in str(e).lower():` is funny,
but is not user-friendly.
Probably related issues:
- #15679
- #12161
- #9966
- #8221
- #7218
... and more
On Ubuntu the scriptdir gets placed into sys.path. This makes some
modules (copy) fail because the ansible module gets loaded instead of
the stdlib copy module. So we remove scriptdir there. Unfortunately,
the scriptdir code uses abspath(). When pipelining, abspath() has to
find the cwd. On OSX, finding the cwd when that directory is not
executable by the user raises an OSError. Since OSX does not suffer
from the scriptdir problem we're able to just skip scriptdir handling if
we get that exception.
Fixes#19729
In modern ansible, parameters default to string type. This causes
issues for polymorphic parameters like this module's value param. note
that this fix restores ansible-2.0 and previous behaviour but it is not
perfect. If a parameter is specified via key=value or given on the
commandline then it will be a string before it reaches the module code.
There's nothing we can do about that.
Fixes#19585
can be per run or per host, also aggregate or not
set_stats action plugin as reference implementation
added doc stub
display stats in calblack
made custom stats showing configurable
* Add new module to manage SmartOS images through imgadm(1M)
* Explain why check_mode is not supported
* Add imgadm module
* Incorporate feedback from abadger
* Reenable yum install root tests
No need for sos to test installroot. Something with less deps works
just as well.
* Fix yum installroot.
Fix module import to use fail_json when the modules aren't installed.
Remove wildcard imports
* Lsat task is supposed to remove sos so make that happen
eval can have security consequences. It doesn't look bad here but it
does introduce unnecessary complexity and would make it harder if we
ever want to use static analysis to detect and prohibit eval. So we
should get rid of it.
Note: this could be even more efficient if we combined the checks into
a single condition instead of looping but that does change the error
messages a bit. For instance:
- for arg in ('name', 'linode_id'):
- if not eval(arg):
+ if not (name and linode_id):
+ module.fail_json(msg='name and linode_id are required for active state')
This PR improves the documentation so that it is clear that this module does
not clean the repository metadata cache on removal, and add an example
notification handler to the removal example as an extra reminder.
This fixes#19730
This patch adds support for all other virtual NICs, including:
- pcnet32
- vmxnet2
- e1000e
- sriov
Without this change, VMs with one of these NICs will fail with a
fault.NicSettingMismatch.summary error as it will only add interfaces,
not edit these.
This fixes#19860
New module by @tedder for handling granting/revoking access to KMS secrets.
For example:
```
- name: grant user-style access to production secrets
kms:
args:
mode: grant
key_alias: "alias/my_production_secrets"
role_name: "prod-appServerRole-1R5AQG2BSEL6L"
grant_types: "role,role grant"
```
* Add --installroot to YUM and DNF modules, issue #11310
This continues ansible-modules-core#1558, and
ansible-modules-core#1669
Allow specifying installroot for the yum and dnf modules
to install and remove packages in a location other than /.
* Remove empty aliases
* Simpler installroot set default logic
This allows the ios_* modules to take advantage of the new network_cli
connection plugin by refactoring the ios shared module. Individual modules
need to be udpated as well
* net_config now subclasses action plugin network
* net_template now subclasses action plugin network
This will break existing modules until those modules have been refactored.
* moves parse() into the instance
* removes old Config instance and supporting code
* adds net_common shared module
* minor tweaks to NetworkConfig class for parsing config files
This commit also adds the module to DEFAULT_SQUASH_ACTIONS which is
possible with this change.
The module still calls the pkg_* tools once per name internally, so the only
difference is less invocations of the module itself when using with_items.
Couldn't find any code that does this now but left a comment so that we
don't change something in the future without seeing that it could be
a problem.
A small collection of fixes and improvements:
- Simplify should_deploy_from_template()
- Bugfix for x.config that can be None
- Bugfix for mandatory guest_id (not when using templates)
- Simplify key testing and defaults
- Fix an incorrect reference to the last network
- Duplicate alias 'folder' removed
When becoming an unprivileged user using non-sudo on a platform where
getlogin() failed in our situation we were not able to detect that the
user had switched. This meant that all of our logic to use move vs copy
if the user had switched was attempting the wrong thing. This change
tries the to do the right thing but then falls back to an acceptable
second choice if it doesn't work.
The bug wasn't easily detected because:
* sudo was not affected because sudo records that the user's have been
switched so we were able to detect that.
* getlogin() works on most platforms. RHEL5 with python-2.4 seems to be
the only platform we still care about where getlogin() fails for this
case.
* It had to be becoming an unprivileged user. When becoming
a privileged user, the user would be able to successfully perform the
best case tasks.
* Issue #19575: Adding Dest Param to win_uri
Added `dest` param to win_uri. Outputs the response body to a specified
file.
Addresses Issue #19575
* Was setting the wrong attribute
* Add a encode() to AnsibleVaultEncryptedUnicode
Without it, calling encode() on it results in a bytestring
of the encrypted !vault-encrypted string.
ssh connection plugin triggers this if ansible_password
is from a var using !vault-encrypted. That path ends up
calling .encode() instead of using the __str__.
Fixes#19795
* Fix str.encode() errors on py2.6
py2.6 str.encode() does not take keyword arguments.
os.write() needs bytes objects on python3 while python2 can work with
either a byte or unicode string. Mark the DUMMY_CA_CERT string as
a byte string so it will work.
Fixes#19265Fixes#19266
Wrap the fh.write(str) in b() to ensure the string is of the proper type in py2/py3. Otherwise, the following error occurs when using its ssh_wrapper:
An exception occurred during task execution. The full traceback is:
Traceback (most recent call last):
File "/tmp/ansible_8r299r6t/ansible_module_git.py", line 1049, in <module>
main()
File "/tmp/ansible_8r299r6t/ansible_module_git.py", line 928, in main
ssh_wrapper = write_ssh_wrapper()
File "/tmp/ansible_8r299r6t/ansible_module_git.py", line 330, in write_ssh_wrapper
fh.write(template)
TypeError: 'str' does not support the buffer interface
In some cases it is desirable to have a send only function that doesn't
wait for the response from the CLI (such as reloading a device). This
adds a new key to the command json string sendonly that will
achieve this behavior.
When the same role is listed consecutively in a play, the previous role
completion detection failed to mark it as complete as it only checked to
see if the role changed.
This patch addresses that by also keeping track of which task in the role
we are on, so that even if the same role is encountered during later passes
the task number will be less than or equal to the last noted task position.
Related to #15409
* new lookup module: mongodb lookup
* fix versionadded for MongoDB Lookup
* tests should run again
* removed use of basestring
* we don't use iteritems anymore
* run tests again
* run tests again2
* run tests again3
* run tests again4
* Added 2 modules for Packet Host: packet_device and packet_sshkey
* Fixed comments from @mmlb
* Fixed comments from @gundalow
* Fix typos pointed by @gundalow
* Mention new Packet modules in the CHANGELOG.md
* vmware_guest: various fixes, improvements & additions
* Add template_flag attribute to define if the destination machine is a
template
* Add helper class to create:
* SCSI controller
* Disks
* Network devices
* New feature: create VM without using templates
* New feature: multiple NIC
* New feature: multiple disks
* New feature: custom SCSI controller types (default: paravirtual)
* New feature: NIC can now be E1000 or VMXNet3 (default)
* New feature: customize NIC mac address
* New feature: new disk option autoselect_datastore permit to select the less used datastore. If datastore field is provided, filter the datastore list before selection
* New feature: Implement disk resizing + addition when state=present and VM exists
* New feature: when state=present and vm exists, modify the current CPU, Memory and disk space
* New feature: add guest_id support permitting to customize & change current VM guest ID in VMWare
* New feature: resource pool support
* New feature: change VM configuration without recreating it (CPU, memory, disks, network, guest ID, resource pool)
* Add 'gatherfacts' state to gather facts on a VM instead of previous 'present' state ('present' ensure the VM configuration)
* Add PyVmomiCache class to cache read only object
* Various python code fixes
* Various documentation fixes
* esxi_hostname & cluster are now exclusive
* Drop ips attribute & set ip directly into networks
* Little performance fixes by removing some duplicate calls to VMWare API
* Python 3 portability fixes
* Create many functions to make the code maintainable
* Cleanup some useless attributes
* Add 'suspended' as desired state for VM
* Make guest_id, memory & CPU number optional in reconfiguration mode
* Note: guest_id is now mandatory to create a VM from scratch (not templating)
* Bux fixes + Do network IP optinal + Add network vlan option
* Refactoring: split readkeys() into readfile() and parsekeys()
* Refactoring: split writekeys() into writefile() and serialize()
* authorized_key: support --diff
* Refactoring: remove no-longer used readkeys()/writekeys()
* Integration test for authorized_key in check mode
This module managed DHCPd hosts using OMAPI protocol
Features:
* Add a host
* Remove a host
* Modify host IP (it's impossible to modify only mac or only hostname, this doesn't have any effect)
* Add custom DHCP attributes (at creation only)
- Consistent capitalisation in the descriptions
- Removed redundant 'optional' notes when this is covered by the Boolean `optional` column
- Clarified `instance_id` description
* set is_public 'true' or 'false'
Despite being a boolean property, https://github.com/melta/boto/blob/master/boto/ec2/image.py:63 sets is_public = True only if the argument is passed in as the string 'true'. Likewise for False/'false'.
This is a workaround for that bug in boto2, to allow the documented parameter to work with valid yaml values.
fixes#5600
* only set is_public if true
Support for the Google API and GCloud-Python Clients have been added.
The three libraries:
* GCloud-Python: A new function, get_google_cloud_credentials, should be used. The credentials-object returned can be passed to any gcloud-python client. Using this client library requires in the installation of gcloud-python. This is preferred library for new modules.
* Google API: A new function, gcp_api_auth, should be used to take advantage of services requiring this client. This client library should be used if the desired functionality is not available in GCloud-Python. Using this library requires the installation of google-api-python-client.
* libcloud: Existing function, gcp_connect, should be used. The interface and return values have not changed and existing modules (such as gce, gce_pd and gce_net) should work without modification. Note that the credentials-fetching code has been refactored out of gcp_connect so that can be reused by all connection functions. To use this function, apache-libcloud must be installed.
Import guards have been added and will only be trigger if a user tries to use a function that is missing dependencies.
Credential-specifying mechanisms (i.e, ansible module params, env vars and libcloud secrets.py) have not changed. They have been refactored and unit tests have been added to allow for changes going forward. We are deprecating (and removing in a subsequent release) the ability to specify credentials via the libcloud secrets file. Also, we have deprecated (and also plan to remove in a subsequent release) the ability to use a p12 pem file for a key - the JSON format is strongly preferred. Deprecation warnings have been added for both of these issues (see the Ansible docs on how to disable deprecation warnings).
Actual doc give this error
```
fatal: [localhost]: FAILED! => {
"changed": false,
"failed": true,
"invocation": {
"module_args": {
"command": "facts",
"register": "new_database_facts"
},
"module_name": "rds"
},
"msg": "unsupported parameter for module: register"
}
```
Register should be at the module `rds` level and not at args level in this example :
```
- rds:
command: facts
instance_name: new-database
- register: new_database_facts
+ register: new_database_facts
```
The gce_tag module can support updating tags on multiple instances via an instance_pattern field. Full Python regex is supported in the instance_pattern field.
'instance_pattern' and 'instance_name' are mutually exclusive and one must be specified.
The integration test for the gce_tag module has been updated to support the instance_pattern parameter. Unit tests have been added to test the list-manipulation functionality.
Run the integration test with:
TEST_FLAGS='--tags "test_gce_tag"' make gce
Run the unit tests with:
python test/units/modules/cloud/google/test_gce_tag.py
When using ansible deployment on git push, git insert "remote:"
at the start of ansible output. If you force the color on ansible,
the "remote:" also get colored if the string to display is on
more than 1 line.
This change make sure that each end of line reset the color, instead
of reseting only at the end of the string.
Added iocage connector that extends the jail connector. Uses iocage to translate iocage tags or UUIDs/partial UUIDs to the actual jail name and then uses the jail connector for actual functionality.
This plugin can be used with the lpass cli interface for lastpass.
[lastpass-cli](https://github.com/lastpass/lastpass-cli)
Example:
Add a lookup to your playbooks/variables somewhere:
```
some_variable: "{{ lookup('lastpass','Some Lastpass entry name or ID', field='username') }}"
```
Usage:
* start a lpass session prior to using ansible
* run ansible
* logout when finished
```
lpass login user@domain.com
ansible-playbook foo.yml
lpass logout
```
* Initial Commit for Infinidat Ansible Modules
Skip tests for python 2.4 as infinisdk doesn't support python 2.4
Move common code and arguments into module_utils/infinibox.py
Move common documentation to documentation_fragments. Cleanup Docs and Examples
Fix formating in modules description
Add check mode support for all modules
Import AnsibleModule only from ansible.module_utils.basic in all modules
Skip python 2.4 tests for module_utils/infinibox.py
Documentation and code cleanup
Rewrite examples in multiline format
Misc Changes
Test
* Add Infinibox modules to CHANGELOG.md
* Add ANSIBLE_METADATA to all modules
* Add update parameter in junos_config module which supports
configuration action like merge, replace and overwrite.
* Add support for replace along with update
argument
Since we no longer use a post-validated task in _process_pending_results, we
need to be sure to template fields used in original_task as they are raw and
may contain variables.
This patch also moves the handler tracking to be per-uuid, not per-object.
Doing it per-object had implications for the above due to the fact that the
copy of the original task is now being used, so the only sure way is to track
based on the uuid instead.
Fixes#18289
If the plugin version expected is, say '1.20', then specifying it
as...
version: 1.20
... will make the YAML parser interpret it as a float, and the
value obtained by the module will be 1.2 instead of 1.20, which
will cause downloading of wrong version of the module.
This patch updates the docs so that users don't face this issue.
* Fix # #5839 Add 'update' parameter in junos_config module
Add update parameter in junos_config module which supports
configuration action like merge, replace and overwrite.
* Fix documentation issue
* Fix review comment to add replace argument
Make replace and update argument mutually
exclusive, to support replace for backward
compatibility.
Previously, packages were installed one at a time in a loop. This caused
a couple of problems.
First, it was a performance issue - pacman would have to perform all of
its checks once per package. This is unnecessarily costly, especially
when you're trying to install several related packages at the same time.
Second, if a package you're trying to install depends on a virtual
package that is provided by several different packages (such as the
"libgl" package on Arch) and you aren't also installing something that
provides that virtual package at the same time, pacman will produce an
interactive prompt to allow the user to select a relevant package. This
is obviously incompatible with how ansible operates. Yes, this problem
could be avoided by installing packages in a different order, but the
order of installation shouldn't matter, and there may be situations
where it is not possible to control the order of installation.
With this refactoring, all of the above problems are avoided. The code
will now work out all of the packages that need to be installed from any
configured repositories and any packages that need to be installed from
local files, and then install all the repository packages in one go and
then all of the local file packages in one go.
This is a redesign in how plugins call _remote_checksum().
- _remote_stat() has been modified to report the real error as
AnsiblError
- Action plugin **unarchive** calls _remote_stat() directly instead of
_remote_checksum()
- Action plugin **unarchive** also handles the exceptions directly
- Ensure get_exception() returns native text
Two other action plugins, **template** and **fetch**, also do a remote checksum.
In **template** we already call _remote_stat(), just like we now do for
unarchive, in **fetch** we do call _remote_checksum() and we make the
exact same mistake as the unarchive plugin. So that one could use a
redesign as well.
This fixes#19494
Before:
```
[dag@moria ansible.testing]$ ansible-playbook -v test137.yml
Using /home/dag/home-made/ansible.testing/ansible.cfg as config file
PLAY [localhost]
******************************************************************************************************
TASK [unarchive]
******************************************************************************************************
fatal: [localhost]: FAILED! => {"changed": false, "failed": true, "msg":
"python isn't present on the system. Unable to compute checksum"}
PLAY RECAP
******************************************************************************************************
localhost : ok=0 changed=0 unreachable=0
failed=1
```
After:
```
[dag@moria ansible.testing]$ ansible-playbook -v test137.yml
Using /home/dag/home-made/ansible.testing/ansible.cfg as config file
PLAY [localhost]
*************************************************************************************************************
TASK [unarchive]
*************************************************************************************************************
fatal: [localhost]: FAILED! => {"changed": false, "failed": true, "msg":
"Failed to get information on remote file (/tmp/): sudo: unknown user:
foobar\nsudo: unable to initialize policy plugin\n"}
PLAY RECAP
*******************************************************************************************************************
localhost : ok=0 changed=0 unreachable=0
failed=1
```
* Update system/user.py module.
Add ability to add real system users with next free system uid (< 500) on macOS.
* Improve syntax in system/user.py module.
Remove complex if else line and replace by simple comparison which yields the same boolean value.
* Remove "True" comparison of user.py.
Remove comparison to true, as it is not pep8 conform.
* Add new parameters to taskdefinition module - network_mode and task_role_arn
* Add version_added field for doco
* Change version_added parameter to 2.3
For devices that do not support mutliplexing, we cannot automatically
determine the network os. This removes the os guess static method
from the terminal plugin. For this devices, the network_os
value must be configured
It's possible to compress packages using several different compression
methods, or not compressed at all. Previously, the pacman module only
supported files compressed using xz. This update ensures that all
compression types currently supported by pacman are supported by the
ansible pacman module.
The list of supported compression methods at the time of writing can be
found here:
https://git.archlinux.org/pacman.git/tree/scripts/makepkg.sh.in#n747
This fix ensures that if there are specific module errors (in our case
the python interpreter was not found) then command and shell returns a
proper error.
It also fixes a few other imperfections that we noticed during
troubleshooting:
- Return the real RC if it were available
- Improve a dictionary evaluation using .get()
- Return an RC of -1 if it is unknown (instead of returning 0)
This fixes#18846
This fix ensures a proper error is shown when a group_vars files cannot
be parsed correctly. Without this patch you get:
```
[dag@moria ansible.testing]$ ansible-playbook test132.yml
ERROR! Unexpected Exception: dictionary update sequence element #0 has length 1; 2 is required
to see the full traceback, use -vvv
```
With this patch you get:
```
[dag@moria ansible.testing]$ ansible-playbook test132.yml
ERROR! Problem parsing file '/home/dag/home-made/ansible.testing/group_vars/test135': line 1, column 1
```
This fixes#18843
Sudoers is a great example to show how you can prevent shutting yourself
out. But SSHd is at least as important to avoid syntax errors causing a
lot of grieve. So I think it deserves a spot in this list :-)
Currently this function directs to the standard NetworkModule,
whose run_commands function takes no arguments (other than self).
This directs the call to the connection's cli method to run the command
directly on the device.
Connection plugin can define default action plugin to use by providing
action_handler instance variable. This will override the default
action plugin normal
* adds new error AnsibleModuleExit to handle module returns
* adds new action plugin network for attaching connection to network modules
* adds new shared module local to receive connection
* splits out function to update task_args with common updates
This commit provides a mechansim for running local modules that require
a connection object for interative commands tyically implemented for
network devices. It provides a way to locally import modules (post fork)
and run them using exception handling to exit.
* Fix bug #5328 apache module loading
Currently, the apache2_module module parses apache configs
for correctness when enabling or disabling apache2 modules.
This behavior introduced a conflict condition when transitioning
between mpm modules, such as mpm_worker and mpm_event.
This change accounts for the specific error condition raised
by ``apachectl -M``:
``AH00534: apache2: Configuration error: No MPM loaded.``
When loading or unloading a module with a name that contains 'mpm_',
apache2_module will ignore the error raised by apachectl if stderr
contains 'AH00534'.
Fixes#5328
* Add AH00534 warning
* Added changes from PR #5629
* Modified ignore_configcheck behavior
* Code smell test for iteritems and itervalues
* Change the keydict object in authorized_keys so it doesn't throw a false postive
keydict is a bad data structure anyway. We don't use the iteritems and
itervalues methods so just disable them so that the code-smell tests do
not trigger on it.
* Change release templates so they work with py3
The process to poll for data in the stdout and/or stderr pipes during a
low-level command execution was repetitive. Factoring this out into a
function DRYs out the code.
Signed-off-by: Steve Kuznetsov <skuznets@redhat.com>
For the comparisions that need to be done, this map call needs
to convert to a list because the six import in ansible changes
the behavior of map to return an iterator instead of a list
* Fix UnboundLocalError remote_head in git
Fixes#5505
The use of remote_head was a leftover of #4562.
remote_head is not necessary, since the repo is unchanged anyway and
after is set correctly.
Further changes:
* Set changed=True and msg once local_mods are detected and reset.
* Remove need_fetch that is always True (due to previous if) to improve
clarity
* Don't exit early for local_mods but run submodules update and
switch_version
* Add test for git with local modifications
Depending on the OpenStack installation it may be quicker to create a volume from an existing volume (copy-on-write) compared to from a snapshot (allocating a completely new volume).
This adds a new `volume_src` parameter to the `os_module` which accepts a volume id or name.
* Enable tests on python 3 for uri
* Added one more node type to SAFE_NODES into safe_eval module.
ast.USub represents unary operators. This is necessary for
parsing some unusual but still valid JSON files during testing
with Python 3.
* Rebase of https://github.com/ansible/ansible-modules-extras/pull/708
708 was full of extraneous merge commits interwoven with commits to
implement the feature. In the end the only way I could clean this up
in reasonable time was to just take a regular diff between the PR and
the base. This lost the history of intermediate commits but I've
preserved attribution to @dayton967 via git's --author field.
Although I preserved the logic of the PR, there were a few additional
things that I cleaned up:
* Fixed import of email.mime.multipart
* Used the argspec to set port and timeout to integers instead of having
ad hoc code inside of the module.
* Used argspec's choices for secure instead of ad hoc code inside of the
module.
* Removed some unused variables
* Made secure_state a python boolean instead of using 0 and 1
* Used secure with string comparisons instead of turning it into an
integer code. This is much more readable.
* Fixed catching of SMTPExceptions (SMTPException wasn't imported
directly so it needed to use the smtplib namespace.)
* Fix synchronize retries
The synchronize module munges its task args on every invocation of
run(). This was problematic because the munged data was not fit for use
by a second pass of the synchronize module. Correct this by using a copy
of the task args on every invocation of run() so that the original args
are not affected.
Local testing using this playbook seems to confirm that things work as
expected:
- hosts: all
tasks:
- delay: 2
register: task_result
retries: 1
until: task_result.rc == 0
synchronize:
dest: /tmp/out
mode: pull
src: /tmp/nonexistent/
fixes#18281
* Update synchroncization fixture assertions
When we started operating on a copy of the task args the test assertions
were no longer asserting things about the munged state but of the
pristine state. Convert the copy of task args to a class member so that
it can be compared against later in testing and update the assertions to
check this munged copy.
* Shuffle objects around for cleaner testing
Attach the temporary args dict to the task rather than the action as
this makes updating the existing tests cleaner.
The overwrite parameter is forcibly set to false, meaning a module
passing that parameter will have no effect. The overwrite facility
is necessary to ensure that conflicting options can be written the
configuration (which, in replace mode, they cannot).
This change ensures that if overwrite is set, it will not be changed
to False in the logic.
* Fixes#18663. Bad handling of existing config in dellos9 module.
The dellos9 module doesn't build correctly the internal
structures used to represent the existing config of the managed
network device. This leads to apply changes every time the
playbook is run, even if the existing config is the same that the
one you are trying to push into the device.
Probably this problem exist also in the dellos6 and dellos10
modules, but I only fixed it in the dellos9 module.
The fix modifies two methods. The first one is `get_config`,
where the return clause didn't work correctly when the flow
doesn't enter in the `if` block. In that case the `contents`
variable is not an array an this should be handled.
The second fix is in the `get_sublevel_config` method. In this
case the indentation whitespaces of the parents should be rebuild
because further functions and methods required it to handle
correctly comparisons used to check if changes should be pushed
into device.
* Fixes#18663 for dellos10 module with the same patches as dellos9.
mkstemp() returns a tuple containing an OS-level handle to an open file
(as would be returned by os.open()) and the absolute pathname of that
file, in that order.
This patch makes sure that the fd opened by tempfile.mkstemp() is
re-used and closed properly.
* added alpha version of the 'sorcery' module
* fully conforming YAML
* use bundled check for executables
* - codex_list(): use commands instead of checksums to get sorcery version and verify codex equality - renamed: - manage_depends() -> match_depends() - tocast -> cast_queue, todispel -> dispel_queue, needs_recast -> depends_ok - SORCERY_LOG -> SORCERY_LOG_DIR, SORCERY_STATE -> SORCERY_STATE_DIR - removed: - SORCERY_VERSION_FILE - CODEX - added commentary to match_depends() and manage_spells() - fixed bug about dropped dependency line for previously existed dependency - fixed bug about not fixing depends for the 'latest' state - simplified several code constructions
* cleaned up some docs
* do not use separate message for Codex update, rely on the 'changed' status instead
* use built-in list conversion (_check_type_list()) for spells
* corrected spell name extraction from list in match_depends()
* avoid non-matching dependencies line duplication in depends file
* added more complex playbook example
* tiny stylistic fix for docs
* replaced ternary construction with a regular statement
* replaced yet another ternary construction with a regular statement
* enable Python 2.4 compatibility by splitting try-finally block
* enable Python 2.4 compatibility by replacing 'with' statement with try-except+try-finally blocks
* unify spells' assign
* replaced one regex with startswith()
* go Ansible 2.1
* added dummy RETURN template
* go Ansible 2.2
* better clarify permissions' requirements
* - updated copyright years - fixed rebuild command bug - re-used run_command_environ_update dict for env var management
* handle Python 3.5
* Revert "handle Python 3.5"
This reverts commit 33a5a0eb64c1193318298e111f063cdd5f93b73a.
* handle Python 3.5 (2nd try)
* go Ansible 2.3
* clarity++
* For realz this time
* Fix tempfile.mkstemp (#2)
* back to square one, removing temp file from the mix
* Adding temp back
* Adding tuple back
* Adding another tuple back
* Trying to get around weird Jenkins behavior of blowing up when both .hpi and jpi file found
* Incorporating PR feedback
* Delete .hpi file instead of backing it up, some basic clean up
* Moving file deletion to the right location
* Blank lines. They always get me.
* Allow re-using an existing template when updating a stack by not passing 'template' or 'template_url'. This is a big one for me as our deploy process creates a new stack and then modifies the old one; to avoid changing the resources inside the old one, we have had to avoid using the Ansible module and use the AWS CLI instead in order to pass `--use-previous-template`.
* Split create and update logic into separate functions
* Remove dead `update` variable
PR move of https://github.com/ansible/ansible-modules-core/pull/3588
##### ISSUE TYPE
- Docs Pull Request
##### COMPONENT NAME
ec2_group.py
##### ANSIBLE VERSION
```
ansible 2.0.2.0
config file = /Users/tpai/src/cm-secure/ansible.cfg
configured module search path = Default w/o overrides
```
##### SUMMARY
Make it clear you can specify the created group in the rules list, allowing idempotent use for group<->group networking rules.
This is a really useful feature that isn't obvious enough in the docs.
Fixes unnecessary VM restart.
VM userdata is currently not returned by the API listVirtualMachine and task will always be marked as changed in has_changed(), which will result in an unnecessary VM restart if force=true.
Reported by @Mayeu
The vmid is no longer a required parameter
For the 'present' state:
If not set, the next available one will be fetched from the API
For the 'started', 'stopped', 'restarted' and 'absent' states:
If not set, the module will try to fetch it from the API based on the hostname
Inspired from the behavior of the proxmox_kvm module
Creation of a maintenance window returns a 201 (PagerDuty Developer documentation is unfortunately incorrect). Deleting a maintenance window returns a 204.
This whole module is really lacking in security guidelines, but
downloading RPMs via plain `http://` without gpg is quite bad. Let's
use `https://` for the EPEL examples for a start.
This change makes os_stack module idempotent. Otherwise, re-use of the
module fails with:
Error updating stack: ERROR: The Parameter (...) was not provided.
Fixes#3165.
* Moved JSON-RPC client IPAClient class to ansible.module_utils.ipa, which is extended by all ipa modules
* ipa_user: incorporate displayname and userpassword attributes in module_user
* ipa_user: capitalized "I" in comment
* ipa_user: updated get_ssh_key_fingerprint to include possibility of the uploaded SSH key including user@hostname comment, which also appears in the queried fingerprint. This fixes a mismatch in the calculated and queried SSH key fingerprint in the user_diff calculation when the user already exists.
* ipa_hbacrule: ipaenabledflag must be 'TRUE' or 'FALSE', not 'NO'
* ipa_sudorule: ipaenabledflag must be 'TRUE' or 'FALSE', not 'NO'
* Add author to files missing it
* Fix kibana
* More native YAML
* More native YAML
* More native YAML
* More native YAML. Now only languages/ is missing
* Use native yaml sintax for packaging/languages as well
* Some more and quote fixes
* Fix wrong grouping
The policycoreutils python API for RHEL6 and RHEL7 are sufficiently
different, requiring some additional definitions and specific conversion
that works on old and new implementations.
It also implements a fix for non-ascii error messages (like when using a
French locale configuration).
This fixes#3551.
* Added new option to select the active a10 partition
* added version_added to the description of the new option
* added RETURN documentation
* fixed indents
* Removed empty cases, removed unneeded aliases
* removed artifacts from merging
* updated version_added to 2.3
* removed host, username and password option
* removed write_config and validate_certs documentation
* add a10_server_axapi3 module
* added return documentation
* modified a10_server_axapi3.py per feedback
* fixed line 60 s/action/operation/
* modified a10_server_axapi3.py per feedback
* modified a10_server_axapi3.py per feedback
* corrected YAML format error in documentation
* removed slp_server_ip and slp_server check in code since the arguments are labeled as required, per feedback
* modified: a10_server.py
modified: a10_service_group.py
modified: a10_virtual_server.py
Changed main() block, restricted import to only functions used.
* removed space for main() to be last line
* removed invalid lines
* Modified Documentations for a10_server.py, a10_service_group.py, a10_virtual_server.py
* Take out alias:[] and choices:[] in Documentation from a10_service_group.py and a10_virtual_server.py since they are now the default
* deleted a10_server.py, a10_service_group.py, a10_virtual_server.py
* deleted 'version_last_modified' line in Documentation across a10_server.py, a10_service_group.py and a10_virtual_server.py as they were added in error, change validate_certs version_added in a10_server.py
* added newline after main()
* added newline after main() for a10_server_axapi3.py
* Create `serverless` module for handling deploys on the Serverless Framework
* fix interpreter line
* Successfully exit when a stage is already absent
Both the `homebrew` and `homebrew_cask` modules iterate over
dictionaries using `iteritems`. This is a Python 2-specific method whose
behavior is similar to `items` in Python 3+. The `iteritems` function in
the six library was designed to make it possible to use the correct
method.
Traceback:
Traceback (most recent call last):
File \"/tmp/ansible_d28_6uwl/ansible_module_make.py\", line 153, in <module>
main()
File \"/tmp/ansible_d28_6uwl/ansible_module_make.py\", line 119, in main
rc, out, err = run_command(base_command + ['--question'], module, check_rc=False)
File \"/tmp/ansible_d28_6uwl/ansible_module_make.py\", line 79, in run_command
return rc, sanitize_output(out), sanitize_output(err)
File \"/tmp/ansible_d28_6uwl/ansible_module_make.py\", line 95, in sanitize_output
return output.rstrip(b(\"\\r\\n\"))
TypeError: rstrip arg must be None or str
There is also a six.iteritems issue, fixed using six.
* gluster_volume: Fixes issue when creating a new volume failing due to peers not being present. The peers which are not 'localhost' should invoke wait_for_peer, but the find method returns -1 (not 0) on non-localhost peers.
By default, sparse option is true in ovirt. So the raw disk
creation in a block storage domain will fail with error "Disk
configuration (RAW Sparse) is incompatible with the storage domain
type".
The commit adds sparse option where it is send as False when
format is raw and True when format is qcow2
* New module proxmox_kvm
* fixed qxl value vor vga param
> | Name | Type | Format | Description |
> |------|------|--------|-------------|
> | vga | enum | std \| cirrus \| vmware \| qxl \| serial0 \| serial1 \| serial2 \| serial3 \| qxl2 \| qxl3 \| qxl4 | Select the VGA type. If you want to use high resolution modes (>= 1280x1024x16) then you should use the options 'std' or 'vmware'. Default is 'std' for win8/win7/w2k8, and 'cirrus' for other OS types. The 'qxl' option enables the SPICE display sever. For win* OS you can select how many independent displays you want, Linux guests can add displays them self. You can also run without any graphic card, using a serial device as terminal. |
* Fix create_vm() fail on PV 4.3
* Set default for force as null in doc
* proxmox_kvm: revision fixes
* proxmox_kvm: more revision fixes
* Fix indentation
* revision fixes
* Ensure PEP-3110: Catching Exceptions
* KeyError, to KeyError as -- PEP-3110: Catching Exceptions
* Fix Yaml document syntax; Notes: => Notes -
* Refix documentation issue
* Fix Documentation
* Remove Notes: in description
* Add current state and it return value
* Update documentation
* fixed local variable 'results' referenced before assignment
* Fix fixed local variable 'results' referenced before assignment
* minor fixes in error messages
* merge upstream/devel int devel
* minor fixes in error messages
* Fix indentation and documentation
* Update validate_certs description
* translate() has a different api for text vs byte strings
* maketrans must be imported from a different location on py2 vs py3
Since this is such a small string outside of a loop we don't have to
worry too much about speed so it's better to have a single piece of code
that works on both py2 and py3
Fixes#3249
The python-consul library already supports this, so it is just a simple
case of enablement.
This does not break the current logic in `add` of parsing as a check,
then parsing as a service if that fails… because service_name is
mandatory on a service registration and is invalid on a check
registration.
* ipa_group: Fix: 'list' object has no attribute 'get'
* ipa_hbacrule: Fix: 'list' object has no attribute 'get'
* ipa_host: Fix: 'list' object has no attribute 'get'
* ipa_hostgroup: Fix: 'list' object has no attribute 'get'
* ipa_role: Fix: 'list' object has no attribute 'get'
* ipa_sudocmd: Fix: 'list' object has no attribute 'get'
* ipa_sudocmdgroup: Fix: 'list' object has no attribute 'get'
* ipa_sudorule: Fix: 'list' object has no attribute 'get'
* ipa_user: Fix: 'list' object has no attribute 'get'
* ipa_sudorule: Fix: invalid 'cn': Only one value is allowed
* ipa_hostgroup: module returns changed if assigned hosts or hostgroups are not in lowercase
* extra detail on which step triggered 'change', detect and handle powershell mishandling nssm's unicode as utf8
* Simpler handling of nssm output encoding
Thanks @nitzmahone for a cleaner way to control PowerShell's behavior
While I still have no idea why or how the `map` call is being swapped out while still running in python 2.7, this change will fix the following error, as well as improve py3 compatibility.
* Add FreeIPA modules
* Update version_added from 2.2 to 2.3
* ipa_*: Use Python 2.4 syntax to concatenate strings
* ipa_*: Replace 'except Exception as e' with 'e = get_exception()'
* ipa_*: import simplejson if json can't be imported
* ipa_hbacrule: Fix: 'SyntaxError' on Python 2.4
* ipa_sudorule: Fix: 'SyntaxError' on Python 2.4
* ipa_*: Fix 'SyntaxError' on Python 2.4
* ipa_*: Import get_exception from ansible.module_utils.pycompat24
* Add FreeIPA modules
* Update version_added from 2.2 to 2.3
* ipa_*: Fix 'SyntaxError' on Python 2.4
* ipa_*: Replace Python requests by ansible.module_utils.url
* ipa_*: Replace Python requests by ansible.module_utils.url
* ipa_*: Add option validate_certs
* ipa_*: Remove requests from Ansible module documentation requirements
* ipa_sudorule: Remove unnecessary empty line
* ipa_sudorule: Remove markdown code from example
* ipa_group: Add choices of state option
* ipa_host: Rename options nshostlocation to ns_host_location, nshardwareplatform to ns_hardware_platform, nsosversion to ns_os_version, macaddress to mac_address and usercertificate to user_certificate and add aliases to be backward compatible
* Return actual queue attributes with result
Previously this was only returning the desired queue attributes, and not even returning the QueueARN for use elsewhere. Now it will return "results.attributes" that is retrieved with boto's get_queue_attributes().
* update return structure to reflect current SQS config; add documentation of return values
* Remove redundancy from if/else statement
Added support to explicitly manage task definitions be revision. If the
revision expectations of the ansible task cannot be met, an error is
thrown.
If revision is not explicitly specified, enhanced module to be
idempotent with respect to task definitions. It will search for an
active revision of the task definition that matches the containers and
volumes specified. If none can be found, a new revision will be created.
Currently <active> tag is passed within the disk element which is
incorrect. As a result, disk will remain inactive even though the
default option is true.
In Zabbix, the visible name defaults to the hostname. This is not very
useful if you try to manage vmware VMs as the so called host_name within
zabbix must be set to the vcenter UUID.
This patch allows you to provide an alias which will be shown with
zabbix. If its not supplied it will default to host_name.
* Adding support for proxysql
* Moved and restricted imports, updated exception handling
* Updated version_added, and mysqldb_found constant name
* Removed unnecessary parentheses
In dnf, environment groups are separate from groups. Need to handle
them separately when calling the API.
Fixes#2178
After upstream review, hande dnf-2.0 mandatory packages in groups
If mandatory packages in a group are not installed, a group will report
failure. Fix this by catching the error and reporting after trying
to install the other packages and groups in the transaction.
* dnf: fix compatibility with DNF 2.0
* Reimplement (copy) old dnf.cli.commands.parse_spec_group_file(),
upstream uses argparse since 2.0.
* add_remote_rpm() has been changed to the add_remote_rpms()
Closes: https://github.com/ansible/ansible-modules-extras/issues/3310
Signed-off-by: Igor Gnatenko <ignatenko@redhat.com>
* fixup! dnf: fix compatibility with DNF 2.0
This module aims to allow a user to manage the lifecycle of OpenSSL
private keys. Internally it relies on the pyOpenSSL python library
to interact with openssl.
A user is able to specify :
* key size (via `size` parameter)
* key algorithm (via `type` parameter)
* key location (via `path` parameter)
The most simple use case is:
```
- name: Generate ansible.com.pem SSL private key
openssl_privatekey: name=ansible.com.pem
path=/etc/ssl/private
```
A user can speficy more settings:
```
- name: Generate ansible.com.pem SSL private key
openssl_privatekey: name=ansible.com.pem
path=/etc/ssl/private
size=2048
type=DSA
```
A user can also force the regeneration of an SSL key:
```
- name: Generate ansible.com.pem SSL private key
openssl_privatekey: name=ansible.com.pem
path=/etc/ssl/private
force=true
```
* Changed default deployment mode to match with azure -cli behaviour. "Complete" mode by default is too dangerous.
* Set incremental as default behaviour for deployment mode.
This commit adds module settings for configuring TLS encyption on the
mqtt notification module. Previously there was no way to configure
sending the messages encrpyted to mqtt.
* Add initial support for using a cluster instead of an esxi hostname
* FindByInventoryPath doesn't always work, so implement a fallback method to match the path
Traceback (most recent call last):
File \"/tmp/ansible_ueg52c0b/ansible_module_blockinfile.py\", line 319, in <module>
main()
File \"/tmp/ansible_ueg52c0b/ansible_module_blockinfile.py\", line 259, in main
if line.startswith(marker0):
TypeError: startswith first arg must be bytes or a tuple of bytes, not str
Also clean imports while on it.
When using the `make:` extras module, often the action taken
by the Make target is large. It is useful, therefore, to see
the output that `make` had to std{out,err} during execution
even when the target did not fail.
Signed-off-by: Steve Kuznetsov <skuznets@redhat.com>
Fail with:
Traceback (most recent call last):
File \"/tmp/ansible_2rsl4fg1/ansible_module_pkgng.py\", line 353, in <module>
main()
File \"/tmp/ansible_2rsl4fg1/ansible_module_pkgng.py\", line 330, in main
_changed, _msg = install_packages(module, pkgng_path, pkgs, p[\"cached\"], p[\"pkgsite\"], dir_arg)
File \"/tmp/ansible_2rsl4fg1/ansible_module_pkgng.py\", line 161, in install_packages
old_pkgng = pkgng_older_than(module, pkgng_path, [1, 1, 4])
File \"/tmp/ansible_2rsl4fg1/ansible_module_pkgng.py\", line 121, in pkgng_older_than
while compare_version[i] == version[i]:
TypeError: 'map' object is not subscriptable
Fix an issue with _nic_to_public_ips_instance() function. There was an assumption in the code that the Public IP sits in the same resource group, this isn't always the case.
ansible-validate-modules is now in ansible/ansible
During 2.3 we will be merge the modules into ansible/ansible so this file will go away.
The new testing documentation will refer to `ansible-test` which will wrap up the unit, integration, and ansible-validate-modules. So no need to document here.
* openbsd_pkg: Use correct part of name in match.
Previously this part of the code could assume that the name was a stem
with nothing else attached (like "autoconf"). With the introduction of the
branch syntax ("autoconf%2.13") this is no longer true.
Check if the package name was identified as using a "branch" style name,
and base the match on the leading part of the name if that is the case.
While here remove unnecessary "pass" and tidy up debug log message.
Problem reported by @jasperla.
* openbsd_pkg: Add missing "." in comment.
Fix mongodb_user.py version detection logic for mongo srv 2.6 and mongo driver 2.7. The wrong variable was used for detecting the mongo driver version. This fix resolves the error "(Note: you must use pymongo 2.7+ with MongoDB 2.6.. 2.6.11)" no matter what version of pymongo you had installed for mongodb 2.6.
When archiving multiple files, the full length of the calculated
`arcroot` would be removed from the beginning of all file names. If
there was no arcroot, the first two characters of all files would be
removed, so `file.txt` would become `le.txt`.
This patch uses the regular expressions substitution anchored to the
start of the string, so the arcroot is only removed if it is actually
present.
* Fix error in crypttab doc
* Use path type for file argument
This permit to make sure that $HOME and '~' are properly
expanded, even if in the case of crypttab, this might not make
a lot of sense
* PanOS module that allows admin password change.
* fixed a typo
* empty __init__.py
* added require ansible Python extension .py
* added version string
* added return docstring
* changed version to 2.2
* - changes to the format and module as requested by @privateip
* changed version back to 2.2 as 2.3 was failing automated tests
* Revert "changed version back to 2.2 as 2.3 was failing automated tests"
reverting version info
This reverts commit 71d520f3b4b69eb017c2b9f287a74cb77fae9d1c.
The modules listed in this PR were using YAML that resulted in
blockquote tages being inserted into the generated RestructedText.
This PR fixes that so that the documentation once again looks correct
The returns are actually nested under `configuration` keys, so the docs
need to reflect that. Also add the automatic return of the function
version, so it can be used to feed the `lambda_alias` module.
The fix allows the asa_config module to request the config to contain
all default statements or password information necessary for vpn
tunnel endpoints
This argument had a couple of issues with it. First, as it was
being interpreted in the code, it did not check for idempotency.
Second, the model of having the parameters be "all_*" is going to
hinder the ability to "undo", so-to-speak, what the user did while
maintaining legibility.
Consider if the user specified "all_enabled_vlans='net1'" and then
decided they wanted to backout of this decision. What is the proper
argument to fulfill this wish? "all_enabled_vlans='...?'
This patch changes the all_enabled_vlans argument to be "enabled_vlans",
ensures that idempotency works, and also provides for a way to "undo" a
change to the enabled VLANs by allowing the user to specify the special
case VLAN named "ALL" (all capitals).
This makes the parameter more intuitive because the users will specify
which vlans they want to make the virtual available on
* enabled_vlans="net1"
but also allows them to "undo" what they did by setting it back with
the case of all
* enabled_vlans="ALL"