Commit graph

33475 commits

Author SHA1 Message Date
Matt Clay
614a53734c Fix Debian packaging Dockerfile and docs. 2017-10-13 15:07:02 -07:00
Adrian Likins
297dfb1d50 Vault secrets script client inc new 'keyring' client (#27669)
This adds a new type of vault-password script  (a 'client') that takes advantage of and enhances the 
multiple vault password support.

If a vault password script basename ends with the name '-client', consider it a vault password script client. 

A vault password script 'client' just means that the script will take a '--vault-id' command line arg.

The previous vault password script (as invoked by --vault-password-file pointing to an executable) takes
no args and returns the password on stdout. But it doesnt know anything about --vault-id or multiple vault
passwords.

The new 'protocol' of the vault password script takes a cli arg ('--vault-id') so that it can lookup that specific
vault-id and return it's password.

Since existing vault password scripts don't know the new 'protocol', a way to distinguish password scripts
that do understand the protocol was needed.  The convention now is to consider password scripts that are
named like 'something-client.py' (and executable) to be vault password client scripts.

The new client scripts get invoked with the '--vault-id' they were requested for. An example:

     ansible-playbook --vault-id my_vault_id@contrib/vault/vault-keyring-client.py some_playbook.yml

That will cause the 'contrib/vault/vault-keyring-client.py' script to be invoked as:

     contrib/vault/vault-keyring-client.py --vault-id my_vault_id

The previous vault-keyring.py password script was extended to become vault-keyring-client.py. It uses
the python 'keyring' module to request secrets from various backends. The plain 'vault-keyring.py' script
would determine which key id and keyring name to use based on values that had to be set in ansible.cfg.
So it was also limited to one keyring name.

The new vault-keyring-client.py will request the secret for the vault id provided via the '--vault-id' option.
The script can be used without config and can be used for multiple keyring ids (and keyrings).

On success, a vault password client script will print the password to stdout and exit with a return code of 0.
If the 'client' script can't find a secret for the --vault-id, the script will exit with return code of 2 and print an error to stderr.
2017-10-13 15:23:08 -04:00
Sloane Hertel
53e476ad4e [cloud] Only enforce state (running/stopped/etc) in EC2 "exact_count" when state is specified (#31648)
fix issue in ec2 module where exact count would create new instances if the instane state is stopped or terminated
2017-10-13 14:11:07 -04:00
Sloane Hertel
90b6178e61 [cloud] Don't try to deregister an instance that isn't in the load balancer (#31660) 2017-10-13 13:59:24 -04:00
Sloane Hertel
34e2019251 [cloud] Require src parameter when aws_s3 is used with mode 'put' (#31657) 2017-10-13 13:57:40 -04:00
Sloane Hertel
e26955fc9a [cloud] Document alias for aws_s3 'overwrite' option. (#31638) 2017-10-13 13:55:24 -04:00
Kenny Gillen
1234a79349 Fix gender pronouns and the odd typo (#31709) 2017-10-13 13:52:38 -04:00
Matt Martz
e2f16cfaf7 Port vault-keyring.py to properly load the config. Fixes #31304 (#31315) 2017-10-13 13:46:24 -04:00
Tim Rupp
ecee475a3a This patch fixes a number of outstanding bugs and code convention problems. (#31618)
* documentation was not inline with other Ansible modules
* Python 3 specific imports were missing
* monitor_type is no longer required when creating a new pool; it is now the default.
* A new monitor_type choice of "single" was added for a more intuitive way to specify "a single monitor". It uses "and_list" underneath, but provides additional checks to ensure that you are specifying only a single monitor.
* host and port arguments have been deprecated for now. Please use bigip_pool_member instead.
* 'partition' field was missing from documentation.
* A note that "python 2.7 or greater is required" has been added for those who were not aware that this applies for ALL F5 modules.
* Unit tests were fixed to support the above module
2017-10-13 09:47:49 -07:00
Ganesh Nalawade
89428a40b3 Validate parse_cli filter inputs (#31293)
* Validate parse_cli filter inputs

Fixes #30517

*  Add check to validate input is of type string
*  Add check to confirm template file exist

* Update error message for parse_cli_textfsm invalid template path

* Add input validation for parse_cli_textfsm filter
2017-10-13 21:26:24 +05:30
Katerina Koukiou
8d4c059275 cloud: ovirt: Add ovirt_disk_facts module (#30422) 2017-10-13 10:32:41 -04:00
Abhijeet Kasurde
a047fe0e4c Correct usage for shutil.rmtree (#31541)
* Correct usage for shutil.rmtree

Fix adds correct usage of shutil.rmtree in git module

Fixes: #31225

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>

* Include archive tests so they get run

* Use new include syntax

* Cleanup syntax on git tests

- use multi-line YAML
- remove unneeded {{ }} around vars in conditionals
- remove unneeded quotes
- add task file name to task names for easier troubleshooting when things fail

* Make archive tests work for RHEL/CentOS 6

The older versions of Jinja2 in RHEL/CentOS 6 required assertion tasks using the map filter to be skipped.

The older version of git required gzip compression to be skipped on RHEL/CentOS 6.

* Account for ansible_distribution_major_version missing
2017-10-13 10:30:15 -04:00
James Molet
42deaf2c71 updating argument validation for activation keys to match subscription-manager command line, fixes #27283 (#30236) 2017-10-13 08:59:49 -04:00
Kevin Burke
434e9e1d8f Un-nest nested if statements (#19190)
Easier and clearer to write

if a and b:
    foo()

than

if a:
    if b:
        foo()
2017-10-13 08:32:59 -04:00
Clemens Weiß
2a987f59d2 Update Zabbix maintenance if it already exists to set new period, hosts etc. (#24371)
* Update Zabbix maintenance if it already exists to set new period, hosts etc.

* Whitespace
2017-10-13 13:30:15 +02:00
Lujeni
91ab88dac7 pip: Use chdir directive in the venv path (fixes #25122) (#26865) 2017-10-13 12:39:47 +02:00
rahushen
046d430a26 Fixes #31056 (#31057) 2017-10-13 10:38:44 +05:30
wxdao
8a86746223 Fix typo in playbooks_error_handling (#31636) 2017-10-12 21:08:35 -07:00
Ryan Brown
e0c2b6bbb4 Rename ssm_parameter_store module and ssm lookup to be prefixed with aws (#31662) 2017-10-13 13:52:10 +10:00
Jordan Borean
f2fed10ad8 update Windows docs (#30783)
* first round of splitting and expanding Windows docs

* Added info about WinRM and started the usage page

* more details onf usage around command/shell

* added more info

* missed a page

* added info about hotfix and ps upgrade script

* Added DSC information

* filled in FAQ and fixed up links

* changes per PR review and typo fixes found by myself

* fixed sanity check

* updated external script URLS

* Edits

* Edits

* Edits

* Copy edits.

* More copy edits.

* Added info about becoming a local service account

* some formatting changes on become and DSC indent fix

* Copy edits/rewrites

* Copy edits/rewrites

* minor updates to UAC text, typos

* minor wording updates

* minor wording tweaks/typos

* minor wording tweaks/typos

* minor tweaks/typos

* fix indent issue

* fix title underline length

* fix quote issue
2017-10-12 18:40:47 -07:00
Tim Rupp
381b18fd80 Adds a refactored bigip_monitor_http module. (#30998)
This patch refactors the bigip_monitor_http module to use REST
instead of SOAP. It additionally adds unit tests and current F5
code conventions.

Integration tests can be found here
* https://github.com/F5Networks/f5-ansible/blob/devel/test/integration/bigip_monitor_http.yaml
* https://github.com/F5Networks/f5-ansible/tree/devel/test/integration/targets/bigip_monitor_http/tasks
2017-10-12 17:02:05 -07:00
Brian Coca
12c8dd1893 config tests
also a couple of fixes to manager
2017-10-12 19:26:39 -04:00
Matt Clay
80b0e0e05a Remove cryptography version limit in Azure tests.
No longer needed now that cryptography 2.1.1 has been released.
2017-10-12 15:34:36 -07:00
James Mighion
50052b3d70 Adding a cli transport option for the bigip_command module. (#30391)
* Adding a cli transport option for the bigip_command module.

* Fixing keyerror when using other f5 modules. Adding version_added for new option in bigip_command.

* Removing local connection check because the F5 tasks can be delegated to any host that has the libraries for REST.

* Using the network_common load_provider.

* Adding unit test to cover cli transport and updating previous unit test to ensure cli was not called.
2017-10-12 15:07:15 -07:00
Samprita Hegde
6d16739926 [cloud] Support changeset_name parameter on CloudFormation stack create (#31436) 2017-10-12 15:44:06 -04:00
Ted Timmons
bc1e3d22c2 [cloud][docs] Document default/required 'state' in CloudFormation module (#31642)
* fix documentation to match default/required status of 'state'

* add 'choices'
2017-10-12 15:31:42 -04:00
Brian Coca
341db894f5 update delegated var fetching for new 'loop' (#31588)
* update delegated var fetching for new 'loop'

* mixed loop/terms
2017-10-12 14:57:38 -04:00
Pilou
840a57a4ed s3_sync: fix broken import (#31460) 2017-10-12 20:48:05 +02:00
Brian Coca
83dec70ad8 validate that existing dest is valid directory 2017-10-12 14:19:58 -04:00
Ondra Machacek
8dd1267e6b ovirt: Add new api facts module (#28875)
* ovirt: Add new api facts module

* Simplify boilerplate and add Python 3 import
2017-10-12 13:57:33 -04:00
Brian Coca
1bf09a7d84 warn on bad keys in group 2017-10-12 12:02:11 -04:00
Kairo Araujo
8415d2e60a new module: AIX rootvg backup image using mksysb (#30460)
* new module: AIX rootvg backup image using mksysb

This module is simple but very useful for AIX system
administrators. Easy to construct playbooks to generate
and manage rootvg backups using mksysb tool.

* added module_check, pep8, non-written convention

- implemented module_check;
- fixed some pep8 and non-written convention

* removed parameters as global variables and doc

Moved global variables parameters to inside main()
Better doc format for mentioned files
2017-10-12 11:58:43 -04:00
sethp-nr
402b095841 wait_for: treat broken connections as "unready" (#28839)
* wait_for: treat broken connections as "unready"

We have observed the following condition while waiting for hosts:

```
Traceback (most recent call last):
  File "/var/folders/f8/23xp00654plcv2b2tcc028680000gn/T/ansible_8hxm4_/ansible_module_wait_for.py", line 585, in <module>
    main()
  File "/var/folders/f8/23xp00654plcv2b2tcc028680000gn/T/ansible_8hxm4_/ansible_module_wait_for.py", line 535, in main
    s.shutdown(socket.SHUT_RDWR)
  File "/usr/local/opt/python/Frameworks/Python.framework/Versions/2.7/lib/python2.7/socket.py", line 228, in meth
    return getattr(self._sock,name)(*args)
socket.error: [Errno 57] Socket is not connected
```

This appears to happen while the host is still starting; we believe something is
accepting our connection but immediately resetting it. In these cases, we'd
prefer to continue waiting instead of immediately failing the play.

This patch has been applied locally for some time, and we have seen no adverse
effects.

* wait_for: fixup change

We were missing an import and a space after the `#`
2017-10-12 11:37:20 -04:00
Mihai Moldovanu
79f2cfbcf9 etcd.py module improved . added posibility to configure from playbook… (#18580)
* etcd.py module improved . added posibility to configure from playbook etcd server to query

* Update playbooks_lookups.rst

documented etcd lookups

* Update playbooks_lookups.rst

* Update playbooks_lookups.rst

* Update playbooks_lookups.rst

* Update playbooks_lookups.rst

* Update playbooks_lookups.rst

* Fixed errors reported by ansibot

* Update playbooks_lookups.rst

* Update playbooks_lookups.rst

* Copy edits.
2017-10-12 15:55:59 +01:00
Zubair Lutfullah Kakakhel
4034630625 vmware_vm_facts: Add error check for config.vm (#31629)
Add a simple check to see if vm.config exists before looking for
vm.config.hardware
2017-10-12 10:32:06 -04:00
jctanner
c05a7add5f Only install pyvmomi if user is root (#31628) 2017-10-12 10:20:33 -04:00
Brian Coca
b68fe2cd23 highlight dynamic parts of error msg 2017-10-12 10:00:06 -04:00
Ondra Machacek
f5c0e2895b ovirt_vms: Wait for VM disks when adding VM (#31468)
Fixes: https://github.com/ansible/ansible/issues/30515
2017-10-12 08:56:13 -04:00
Ondra Machacek
e5c0958dbb ovirt_templates: Fix exlusive parameter (#31470) 2017-10-12 08:49:38 -04:00
Ondra Machacek
23c47a65c1 ovirt_networks: Add label to network (#31517) 2017-10-12 08:49:30 -04:00
Ondra Machacek
c71394a13a ovirt_clusters: add alias performance_preset for memory_policy (#31523) 2017-10-12 08:49:22 -04:00
Anil Kumar Muraleedharan
de53e280f1 Adding enos/__init__.py (#31580)
##### SUMMARY
Creating the modules for enos from Lenovo.

##### ISSUE TYPE
- New Module Pull Request

##### COMPONENT NAME
<!--- Name of the module/plugin/module/task -->
lib/ansible/modules/network/enos/__init__.py

##### ANSIBLE VERSION
ansible 2.5.0
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/root/.ansible/plugins/modules',
u'/usr/share/ansible/plugins/modules']
ansible python module location =
/usr/local/lib/python2.7/dist-packages/ansible-2.5.0-py2.7.egg/ansible
executable location = /usr/local/bin/ansible
python version = 2.7.6 (default, Oct 26 2016, 20:30:19) [GCC 4.8.4]

##### ADDITIONAL INFORMATION

This is an effort to create modules for enos based switches from Lenovo.
2017-10-12 13:34:36 +01:00
Anil Kumar Muraleedharan
1c85ff0e68 Update base.yml to add enos from lenovo (#31565)
* Update base.yml to add enos from lenovo

* Update base.yml
2017-10-12 13:34:08 +01:00
Anil Kumar Muraleedharan
295a0e9225 Create document fragment for enos modules (#31512) 2017-10-12 13:33:04 +01:00
Anil Kumar Muraleedharan
ead00e9cae create terminal plugin for enos modules (#31510) 2017-10-12 13:32:27 +01:00
Anil Kumar Muraleedharan
fa9421ef98 create cliconf plugin for enos - enos.py (#31509) 2017-10-12 13:31:57 +01:00
Anil Kumar Muraleedharan
34cc563727 Create action file enos.py (#31508)
* Create action file enos_facts.py

* Update and rename enos_facts.py to enos.py

* Taking chances on Dealing with Unstable issues

* Removing blank space/ white line
2017-10-12 13:31:23 +01:00
Matt Clay
05ec376197 Multiple Parallels host support for ansible-test. (#31552) 2017-10-12 01:22:18 -07:00
Matt Clay
03e18aa52e Remove cryptography install from CI other test. 2017-10-12 00:36:12 -07:00
Trishna Guha
c002b47a79 fix nxos_vlan unexpected deprecation warning (#31624)
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
2017-10-12 12:00:35 +05:30