PR #55396
Make Git module support `--valid-pgpkeys` option, which allows
configuring a list of valid PGP fingerprints which are compared with the
used PGP fingerprint if verify_commit is true. This requires
verify_commit to be set to 'yes'.
Signed-off-by: Jelle van der Waa <jelle@vdwaa.nl>
Co-authored-by: Sviatoslav Sydorenko <webknjaz@redhat.com>
* Initial commit for meraki_malware module
- Allows for manipulation of malware configuration
* Add full documentation and improve code coverage
* Add diff support
* Type change
* Sanity check fixes
* Convert org_id from str to int for consistency
* Sanity fixes again
* Fix argument type errors
* Remove ignore items for some Meraki modules so shippable is happy
* Restructure meraki_network to be simpler and work for all int tests
* Enable all integration tests and enhance error reports
* Slight tweaks to integration tests
* Add support for check mode.
* Add diff support
- Need to analyze diff for accuracy
- Updated check mode changed value
* Improve test coverage
* Remove a duplicate integration test
* Add support for check mode
* Add changelog fragment
* Add diff support
- Fix a few changed status
- Removed auth_key check since that's done in module_utils now
* win_chocolatey - honour version when bootstrapping chocolatey
* skip upgrade all step
* Fix install latest step
* Remove test changes now that Chocolatey is released
* tweak the package version detection
If IAM Role is created without description using aws cli or UI,
then Ansible failed to update description for such IAM role.
This fixes such condition.
Fixes: #52942
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* nxos_vlan: fix broken purge behavior (issue #57101)
Symptoms/Analysis:
- `nxos_vlan` `purge: true` would fail when `purge` was trying to delete all unspecified vlans, including vlan 1.
- `nxos` devices do not allow removing vlan 1 and raise a cli exception error
- Previous fix#55144 caused a side effect when `purge` was used: vlan changes specified by `aggregate` were ignored; e.g.
- vlan 4 is not present; playbook specifies `aggregate: { vlan: 4 }, purge: true`
- results in proper purging but vlan 4 is not created
Solutions:
- ignore vlan 1 when purging
- remove the `not purge` check from state present logic
Added additional unit tests and integration tests.
Tested against all regression platforms.
* PEP fixes
* Add agg_show_vlan_brief.txt fixture
* Add warning for removing vlan 1
* change method name check
Handle exceptions raised while describing the metric alarms rather than
printing tracebacks.
Fixes: #55786
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Specify that the pattern is matched against the dirent basename
* Specify that regexen must match the whole name of the dirent. It has been a pitfall for me.
* Fix order for warning on templated conditionals
Fix bare variable warnings when the variable is a boolean
* changelog
* Add tests for cases that should and should not give warnings
If the behavior may change when the default behavior for CONDITIONAL_BARE_VARS becomes False there should be a warning. Boolean type conditionals will not change in behavior so don't warn.
* oops, forgot to add files
* typo
* New module postgresql_copy
* New module postgresql_copy: added tests
* New module postgresql_copy: changed tests
* New module postgresql_copy: doc format fixes
* New module postgresql_copy: fixes
* New module postgresql_copy: added upper, PostgreSQL
* New module postgresql_copy: fixed description
* New module postgresql_copy: added note about superuser
* New module postgresql_copy: remove SQLParseError
* New module postgresql_copy: fixed opt_need_quotes type
* New module postgresql_copy: fixed check_mode
* New module postgresql_copy: small fix
* Attempt 2 of cert validation fixes
* Remove unused code
* Cleanup the tmp cert using atexit
* Fix linting issues
* Only add SSLValidationHandler when not HAS_SSLCONTEXT
* Catch value errors on non PEM certs
* Only catch NotImplementedError to avoid masking issues
* set self._context even with PyOpenSSLContext for conformity
* Fix error building
* normalize how we interact with the context we create
* Remove unused code
* Address test for py3.7 message difference
* open_url should pass the ca_path through
* Account for new error in url lookup test
* Guard some code behind whether or not we are validating certs
* Make _make_context public
* Move atexit.register up to where the tmp file is created
* Allow syslog_json callback options to be set in an Ansible configuration file.
The syslog_json documentation says that it supports options via an Ansible
configuration file. In fact, they can only be specified via environment
variables.
I've updated the module to use the standard "get_options" handling which means
that it can now support options via environment variables *or* the
configuration file.
Options can be set in the configuration file as follows:
```
callback_whitelist = syslog_json
[callback_syslog_json]
syslog_server = localhost
syslog_port = 514
syslog_facility = user
```
* Use the original, documented, names for the modules options.
In the documentation text change syslog_server to server, syslog_port to port
and syslog_facility to facility.
* Add an item to the changelog.
* Update 57232-syslog-json-configuration-options.yml
Fix a YAML syntax error / typo.
* Adding integration test for 127.0.0.1/32 and ::1/128.
* Making sure file is not corrupted when render fails
* Fixes#56430
* Adding changelog for MR 57147/Issue 56430
##### SUMMARY
Suggest to use sequential IDs - otherwise action is considered to be changed always.
##### ISSUE TYPE
- Docs Pull Request
+label: docsite_pr
* Add support for check mode
* Check mode returns proper changed status
- Added is_template_valid()
- Restructured check_mode so it will always return data
- Check mode should show proper changed status
- Code is untested and integration tests need to be expanded
* Fix deleting networks
- Add integration tests for deleting networks
- Refine tests based on changed/unchanged
* Remove one task from integration test
* Add support for disableRemoteStatusPage
- New feature in the Meraki API
- Yes, it's a double negative, I may fix at some point
* Remove double negative
- All disables became enable and logic is reversed
- This isn't yet tested
* Switching computers!!!
* Apply changes to make the logic work, even reversed
* Attempt to fix some formatting errors
* Add documentation fragment
* Fix whitespace
* Add disable_my_meraki back, with deprecation notice
* Edit changelog notice
* Update deprecation version
* Update example to be a block and change deprecation message.
* Remove duplicate delegate_to
* Change deprecation notice.
The jinja2 query() function (or lookup with wantslist=True, which is
the same thing) should always return a list.
However, if you combine a query with errors='ignore' and take the
error path, the current code returns a None value. This is important
in a case such as
- name: Conditional include file
import_tasks: '{{ item }}'
vars:
params:
files:
- path/file1.yaml
- path/file2.yaml
loop: "{{ q('first_found', params, errors='ignore') }}"
If neither file1.yaml or file2.yaml exist, this should do nothing by
returning an empty list to the loop. Currently if you run the above
task you'll get a rather unhelpful:
Invalid data passed to 'loop', it requires a list, got this instead: .
This change ensures that when a query ignores an error, it returns a
empty list. The errors='ignore' case is tested in several variants
with first_found. The extant (but deprecated) "skip: True" for
first_found doesn't seem to be explicitly tested; a test is added here
to avoid regressions before removal in 2.12.
This fixes a regression you'll hit if you follow the suggestion in the
deprecation message included with
e17a2b502d to use errors=ignore over
"skip: True" for first_found. This change adds an example that points
out the query/lookup difference and also fixes the error message to
not mention the now deprecated "skip: True".
Closes#56775
* Rewrite idempotency check
- Check now operates recursively and works on multiple types
- Order of lists matter
* Remove blank line for lint
* Fixed idempotency checks in meraki_ssid
- New sanitize() method for finding keys unique in compared dicts
- Fixed bug in meraki_ssid where SSID specified by number breaks
- This will require a backport
- Converted ignored_keys from tuple to list
* Made changes required for idempotency
* Add changelog fragment
* Add unidirectional option for testing
* Disable option 1 check
* General fixes for is_update_required testing
- Added commented out debug statements in method
- Fixed ignored_keys modifications
* Remove old commented algorithm
Add check for all policy fields (name, apply_to, pattern, tags,
priority) to have correct changed state. Previosly changed state was
based on policy name only.
* Add support for rabbitmq 3.7
* Fix exec args for rabbitmqctl status
* Add changelog and fix description for Ansible 2.9
* Return results even when the cache is disabled
By default the cache is disabled and so the results of the API call
are not placed in there for the return statement to fetch.
* Always update self._cache to return
It is possible for provider.authorize to exist, but set to None. Rather
then loading this value blindly, assume the default is False.
File "/home/zuul/src/github.com/ansible/ansible/lib/ansible/executor/task_executor.py", line 145, in run
res = self._execute()
File "/home/zuul/src/github.com/ansible/ansible/lib/ansible/executor/task_executor.py", line 635, in _execute
result = self._handler.run(task_vars=variables)
File "/home/zuul/src/github.com/ansible/ansible/lib/ansible/plugins/action/ios.py", line 50, in run
provider = load_provider(ios_provider_spec, self._task.args)
File "/home/zuul/src/github.com/ansible/ansible/lib/ansible/module_utils/network/common/utils.py", line 424, in load_provider
provider['authorize'] = boolean(provider['authorize'])
File "/home/zuul/src/github.com/ansible/ansible/lib/ansible/module_utils/parsing/convert_bool.py", line 26, in boolean
raise TypeError("The value '%s' is not a valid boolean. Valid booleans include: %s" % (to_text(value), ', '.join(repr(i) for i in BOOLEANS)))
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
* Add support to start a vm and put it on hold in one_vm
* Add version_added to vm_start_on_hold option for one_vm
* Add version_added to vm_start_on_hold option for one_vm#2
* Add version_added to vm_start_on_hold option for one_vm#3
* Fix indentation for one_vm
* route53_facts: add check mode support
* route53_facts: add changelog fragment mentioning check mode support
* route53_facts: alter changelog fragment type from `minor_changes` to `bugfixes`
* Update changelogs/fragments/56900-route53-facts-check-mode.yaml
Co-Authored-By: Felix Fontein <felix@fontein.de>
dict.items() in pytho2 returns a list of tuples which can be iterated
while modifying the dict. In python 3 it returns a view which is tied to
the underlying dict, meaning the modifications to the dict while
iterating are unsafe.
This commit generates new list containing the tuples from the iterator
in python 3 which breaks the link to the dict, allowing the dict to be
modified while iterating the list.
In python 2 it would simply copy the list.
Fixes#56902
* [docker_network] Fix idempotency when using aux_addresses in ipam_config
Mismatch between keys returned by Docker API (AuxilliaryAddresses) vs
expected by Ansible module (aux_addresses) resulted in tasks always
have status 'changed'. The existing code normalizing one set of
keys to another missed this special case where converting
CamelCase to lowercase is not sufficent.
Please see
https://github.com/moby/moby/blob/master/api/types/network/network.go
for reference.
* Correct keywords formatting in changelog file
Co-Authored-By: Felix Fontein <felix@fontein.de>
The "-" does not work as expected if I want to get a specific version of a package. After replacing the dash with the equal sign. the task passed successfully.
Depends on package manager - adds example so we show both syntaxes.
* openstacksdk < 0.10.0: fix AttributeError
`openstack.version.__version__` expression raises an `AttributeError`
exception when openstacksdk < 0.10.0 is used. `openstack.version` is
now imported as a module, which works for all openstacksdk versions.
Error was:
The full traceback is:
Traceback (most recent call last):
File "$HOME/.ansible/tmp/ansible-tmp-1545612308.8-46792777824159/AnsiballZ_os_security_group.py", line 113, in <module>
_ansiballz_main()
File "$HOME/.ansible/tmp/ansible-tmp-1545612308.8-46792777824159/AnsiballZ_os_security_group.py", line 105, in _ansiballz_main
invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)
File "$HOME/.ansible/tmp/ansible-tmp-1545612308.8-46792777824159/AnsiballZ_os_security_group.py", line 48, in invoke_module
imp.load_module('__main__', mod, module, MOD_DESC)
File "/tmp/ansible_os_security_group_payload_keFTIJ/__main__.py", line 163, in <module>
File "/tmp/ansible_os_security_group_payload_keFTIJ/__main__.py", line 115, in main
File "/tmp/ansible_os_security_group_payload_keFTIJ/ansible_os_security_group_payload.zip/ansible/module_utils/openstack.py", line 121, in openstack_cloud_from_module
AttributeError: 'module' object has no attribute 'version'
* Add missing space & dot in error message
* Always require openstacksdk >= 0.12
According to the OpenStack Networking API
the attribute binding:vnic_type of a port is optional.
This change enables the os_port module to handle
binding:vnic_type as optional.
* Returns zone ID for existing zone or `null`
* route53_zone: add module unit tests
* route53_zone: add compatibility with Python 2.6 to the unit tests
* route53_zone: address pycodestyle warning (add blank line)
Until now, the module was only able to interact with vcenter. This
commit adds the ability to directly target an ESXi without the
`esxi_hostname` parameter.