* Fix tests: use same command if not testing command option.
* Fix idempotency of init option.
* Fix shm_size idempotency (it is included in inspect results from docker API version 1.22 on).
* Add changelog.
(cherry picked from commit b1acabcd03)
* docker_container: make condition less specific (#48590)
* Code seems to have changed from 409 to 400, so let's not check the code.
* Unpause container before removing it.
* Improve code.
* Same for stop_container.
(cherry picked from commit f3a3f42490)
* Add changelog.
* clarify port.mode paramter requiremets, fail if unmet
* changelog fragment
* shorten too long line
* remove unnecessary indentation
* test version on docker_version for better maintainability
* normalize imports
* changelog fragment: minor_changes -> bugfixes
* rollback e96a7e57dfefd566fa47cf465a759637affd4795
* typo
Co-Authored-By: dariko <dariko@users.noreply.github.com>
(cherry picked from commit 89bcd3ff1e)
* ec2_instance: ebs_optimized is not sub-option of 'network' (#48341)
* ebs_optimized is not suboption of 'network'
* Add Shaps as ec2_instance maintainer
* Added workaround-backward compatible check for ebs_optimized
* Added ebs_optimized test
* CI fixes, dynamic select of ENA-enabled AMI
(cherry picked from commit b7d9feb7dc)
* Added changlog fragment for PR #48341
* fixed yaml errors in changelog
* Move check for 'dashboard' key to before the create/update if statement.
* Add changelog fragment for PR #47459
(cherry picked from commit 880762e07e)
* pamd: fixes for multiple issues (#47695)
* Providing fix for #47083 in pamd.py
* Providing fix for #47197
* Fixing pep8 errors
* update regex to account for leading dash and VALID_TYPES with dashes as well
* use a results dictionary and clean up unnecessary items
* remove unnessecary return value. action is already reported in invocation output
* make naming consistent across action returns
* fix comparison so it checks equality instead of identity and indentation in update_rule()
* make sure file always has EOF newline
* updated regex to skip spacing between path and args and add rule arg regex to capture complex args
* new module argument parsing code in function and DRY changes
* remove unused has_rule method on PamdService class
* fix error in parse_module_arguments()
* updated args_present action to make it handle key value args and fail on complex bracketed arguments
* pep8 and other fixes so units still work
* suggested change - make version removed 2.8
Co-Authored-By: shepdelacreme <shepdelacreme@users.noreply.github.com>
* add more error proof test to if statement
(cherry picked from commit ef690e928f)
* add changelog fragment for backport
* add action return value back for backport
PIP package names must be case insensitive, and must consider hyphens
and underscores to be equivalent
(https://www.python.org/dev/peps/pep-0426/#name), because of this the
module didn't work correctly in check mode. For example if the passed
package name had a different case or an underscore instead of a hyphen
(or the other way around) compared to the installed package, check mode
reported as changed, even though packages were installed. Now the module
ignores case and hyphens/underscores in package names, so check mode
works correctly.
(cherry picked from commit b89b688)
Co-authored-by: Strahinja Kustudic <kustodian@gmail.com>
* Simplify logic and add FreeBSD & NetBSD
* Remove incorrect flag for lock and unlock on FreeBSD
* Add tests and changelog
Co-authored-by: Chris Gadd <gaddman@email.com>
(cherry picked from commit f75a84e382)
Co-authored-by: Christopher Gadd <gaddman@email.com>
* Always use /proc/sys/kernel/random/boot_id to confirm reboot on Linux
/proc/sys/kernel/random/boot_id is available since kernel 2.3.16 and
should be safe to rely on.
The previously used method by checking the system boot time using who -b
turned out to be unreliable: Some systems lacking an RTC report the Unix
epoch as boot time, but the code trying to detect that did't always
work.
Closes#46562
* Change DEFAULT_BOOT_TIME_COMMAND
- change to usinsg /proc by default
- add BOOT_TIME_COMMANDS for BSD, Solaris, and macOS
(cherry picked from commit ae7b9ea8cd)
Co-authored-by: Stefan Siegel <ssiegel@sdas.net>
* Complie regular expressions for better performance
* Skip on empty lines
This fixes a bug where the previous repo would be inserted in the result twice since an empty line did not match any of the conditions that would exit the loop iteration.
(cherry picked from commit 1e3b704ff1)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* user: fix removing the expiry time when it's 0
* Improve tests and add changelog
Co-authored-by: Martin Krizek <martin.krizek@gmail.com>
(cherry picked from commit 41dfc5162f)
Co-authored-by: Martin Krizek <martin.krizek@gmail.com>
* yum also parse obsolete package output
This is a rebase of the patch originally proposed in
https://github.com/ansible/ansible/pull/40001 by machacekondra
Fixes#39978
Signed-off-by: Adam Miller <admiller@redhat.com>
* properly parse the obsoletes, provide a new output entry, add changelog
Signed-off-by: Adam Miller <admiller@redhat.com>
* make pep8 happy
Signed-off-by: Adam Miller <admiller@redhat.com>
* remove q debugging output
Signed-off-by: Adam Miller <admiller@redhat.com>
(cherry picked from commit 091fb1dc3f)
* Correct yum and dnf autoremove behavior
Sanity check args passed to autoremove
Fixes#47184
Signed-off-by: Adam Miller <admiller@redhat.com>
* fix docs
Signed-off-by: Adam Miller <admiller@redhat.com>
(cherry picked from commit 1c777976c5)
* Allow bang and exclamation without warning
Allow the password field to be ! or * without warning when using this feature to create accounts that are locked.
Add documentation and tests to cover this.
* Use set() rather than braces for Python 2.6
(cherry picked from commit 066af3b6ca)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* NetApp bugfix for na_ontap_snapmirror (#47621)
* Bug fixes for Snapmirror
* Bug fixes for Snapmirror
(cherry picked from commit 8f3e297d7d)
* add fragment
* Fix argument_spec for modules that are using the old version (#47693)
* Use correct argument spec
(cherry picked from commit 0cf88809ef)
* Add fragment
In [1] changes were made to ensure that the physical
devices were appropriately filtered, but the dev_list
which is used to prepare the filter is modified from
the original arguments to resolve any symlinks. This
results in the existing devices given in the module
args to be left out of the filter, resulting
in the module trying to add the same device again
every time the task is executed.
In this PR we change dev_list to be a copy of the
module arguments so that we're able to add the given
pv list from the module arguments into the filter
as well, ensuring that there is idempotence when
running the task again.
[1] https://github.com/ansible/ansible/pull/38446
(cherry picked from commit 1bae00b5d2)
* cleanup is already tested.
* Add test for paused.
* Add recreate and restart tests.
* timeout is a common docker option
* Implement paused and fix paused test.
* Add changelog.
* Improve paused test.
(cherry picked from commit 65768b996d)
* More generic comparison code from docker_container to docker_common.
* More flexibility if a is None and method is allow_to_present.
Note that this odes not affect docker_container, as there a is never None.
* Update docker_secret and docker_config: simplify labels comparison.
* Added unit tests.
* Use proper subsequence test for allow_more_present for lists.
Note that this does not affect existing code in docker_container, since lists
don't use allow_more_present. Using allow_more_present will only be possible
in Ansible 2.8.
* pep8
(cherry picked from commit 73533d3fc2)
* Store parsed docker-py / docker API versions in client.
* Began refactoring 'minimal required version' for docker_container options.
* Removing some fake defaults.
* Added changelog.
* Improve tests (check older docker versions).
* Fix comparison. The breaking point is not docker-py 2.0.0, but 1.10.0.
(Verified by testing with these versions.)
* Move docker-py/API version detection to setup_docker.
* Add YAML document starter.
* docker_network requirement for docker-py was bumped to 1.10.0 in #47492.
(cherry picked from commit 3cca4185be)
* Use expect module to copy files
* Add force option for disruptive upgrades
* Revert changes to copy_kick_system_images.yaml
(cherry picked from commit c53e3ca8e9)
* Add support for POST-as-GET if GET fails with 405.
* Bumping ACME test container version to 1.4. This includes letsencrypt/pebble#162 and letsencrypt/pebble#168.
* Also use POST-as-GET for account data retrival.
This is not yet supported by any ACME server (see letsencrypt/pebble#171),
so we fall back to a regular empty update if a 'malformedRequest' error is
returned.
* Using newest ACME test container image.
Includes letsencrypt/pebble#171 and letsencrypt/pebble#172, which make Pebble behave closer to the current specs.
* Remove workaround for old Pebble version.
* Add changelog entry.
* First try POST-as-GET, then fall back to unauthenticated GET.
(cherry picked from commit 92d9569bc9)
Handle exception when there is no snapshot available in virtual machine or template while cloning using vmware_guest.
Fixes: #47920
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 487f2f25ce)
* Check if `enabled_snat` is set in modules arguments (#46754)
If `enabled_snat` is not set at all in module arguments but Neutron
policy sets it by default in Openstack, then `os_router` will attempt to
recreate otherwise perfectly good router.
Follow up for https://github.com/ansible/ansible/issues/44432#issuecomment-428531031
(cherry picked from commit c2b7174d31)
* Add changelog entry
* Fix idempotency issues in set_bios_attributes
- Added check to see if attribute even exists, if not, it exits.
- Then checks if attribute is already set to value we want to update
it to. If yes, then it exits and changed=False
- Otherwise updates the attribute and changed=True
(cherry picked from commit 1c37471274)
* add changelog fragment
* Parsing plugin filter may raise TypeError, gracefully handle this exception
and let user know about the syntax error in plugin filter file.
* Test for plugin_filtering
Fixes: #46658
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit b32b4111b2)
Due to refactoring of task_error and wait_for_task method,
SSL thumbprint was lost in error message. This fixes the
retry mechanism of AddHost task.
Fixes: #47563
(cherry picked from commit e7c83d6aa9)
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Don't die when get_container is called for container which is terminating during get_container call.
If it terminates between client.containers() and client.inspect_container(),
the module will fail with an error such as
Error inspecting container: 404 Client Error: Not Found ("No such container: xxx")
* Add changelog.
(cherry picked from commit b9706e2ff5)
* Addresses comments in #38971 (#44324)
* Controlled params within no section
* Added tests to control params within no section
* Cleaning output_file before creating no-section params and check the content
* addresses comment in PR "s/hate/beverage/g"
(cherry picked from commit d3fe6c01f2)
* 44324-ini_file
* Add missing self._supports_async to uri action plugin. Fixes#47660
* Additional changes needed to support async
* Missed a call to execute_module
(cherry picked from commit 3633e21)
Co-authored-by: Matt Martz <matt@sivel.net>
This PR is fixing following issues:
1) Don't try to check password.
2) Check options.
3) Order wasn't adding at the end, as doc says.
Signed-off-by: Ondra Machacek <omachace@redhat.com>
* Avoid misleading PyVmomi error if requests import fails
Requests is imported by the VMware module_utils as an external
dependency; however, because it is in a try/catch block containing the
imports for PyVmomi, if requests fails to import properly, Ansible will
instead complain about PyVmomi not being installed.
By moving the import outside of the try/catch block, if requests fails
to import, an error like the following will be returned:
ImportError: No module named requests
This should result in less confusion.
* catch requests ImportError
Signed-off-by: Jim Gu <jim@jimgu.com>
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 99ee30768a)
Description for the name and description was vague. I didn't get the first time reading that it was talking about a character limit.
(cherry picked from commit 7e9141e26e)
* Default to sending text of exception, not the whole exception
(cherry picked from commit 6a866a5)
Co-authored-by: Nathaniel Case <this.is@nathanielca.se>
* Major slow down due to using the wrong loader for plugin_types
* traceback due to adding httpapi and cliconf plugins to the plugins we
allow ansible-doc to process
(cherry picked from commit e5a245d)
Co-authored-by: Toshio Kuratomi <a.badger@gmail.com>
* Use kubeconfig if either context or kubeconfig is set (#47373)
kubeconfig should be loaded if *either* or both of context
or kubeconfig is set (this allows picking a context and default
kubeconfig or picking a kubeconfig with default context)
Fixes#47149
(cherry picked from commit 00ccad9764)
* Add changelog for k8s auth config fix
* WinRM/PSRP: Ensure shell returns UTF-8 output
This PR makes UTF-8 output work in PSRP shells.
* Add win_command and win_shell integration tests
* Fix tests
* more test fixes
(cherry picked from commit 691ff4b9e6)
* dnf properly gpg check local packages based on param
Fixes#43624
Signed-off-by: Adam Miller <admiller@redhat.com>
(cherry picked from commit 079705f8da)
* Ensure we don't overwrite roles from include/import_role when loading the play. Fixes#47454
* Add changelog fragment
(cherry picked from commit d5e4f37)
Co-authored-by: Matt Martz <matt@sivel.net>
* [2.7] escape default prompt detection in telnet action plugin (#46573)
This change fixes an issue with the default prompt handling. The value
needs to be escaped otherwise it does not work when converted to bytes.
(cherry picked from commit 9180d2c)
Co-authored-by: Peter Sprygada <privateip@users.noreply.github.com>
* Add changelog
This PR fixes the update check method so it now check also the next_run
configuration of the virtual machine if it exists.
So if previously the VM was updated with new parameters, and then reset
back, the module didn't set the parameters to be set back in next_run.
This PR fixes it so the next run configuration is set back with proper
parameters.
Signed-off-by: Ondra Machacek <omachace@redhat.com>
Bug-Url: https://bugzilla.redhat.com/show_bug.cgi?id=1639894
Signed-off-by: Ondra Machacek <omachace@redhat.com>
* [2.7] fix error checking if netns exists (#47397)
This patch fixes an error that occurs when attempting to see if the
netns already exists on the remote device. This change will now execute
`ip netns list` and check if the desired namespace is in the output.
Signed-off-by: Peter Sprygada <psprygada@ansible.com>
(cherry picked from commit 299a5e4)
Co-authored-by: Peter Sprygada <privateip@users.noreply.github.com>
* Add changelog entry
* Behave better if auto_remove and output_logs are combined. Warn if output cannot be retrieved because of auto_remove.
* Add tests.
* Added changelog.
(cherry picked from commit 3afdb28209)
* Only add parameters which are actually used.
* Fail if ipvX_address is used when not supported.
* Added changelog.
(cherry picked from commit 4ffe3b14d4)
Currently the module will disable the SSO if we didn't pass any
value for SSO option. The PR fixes the same.
Signed-off-by: Ondra Machacek <omachace@redhat.com>
* Fix prompt mismatch issue for ios
Fixes#40884#44463#46082
* If the command prompt is matched check if data is
still pending to be read from buffer.
* This fix adds a new timer `buffer_read_timeout`
which will be trigerred after command prompt
is matched and data is attempted to be read from channel.
If not data is present of channel the timer will expire
and response we be returned to calling function.
* Update doc
* Fix review comments
* Update changelog
* Fix unit test CI failure
(cherry picked from commit 335a979f1d)
Fixes: https://github.com/ansible/ansible/issues/45900
This PR fixes the case when the cloud_init_persist was used, but we
still sent use_cloud_init=False, which is in oVirt API evaluated as not
to use cloud_init in first VM execution. This patch is changing it to
send just None, instead of False.
Signed-off-by: Ondra Machacek <omachace@redhat.com>
Currently there is no way to reset the custom_compatibility_version to
NULL. If we provide a empty string('') to custom_compatibility_version,
it will fail with error "IndexError: list index out of range" at _get_minor
function.
To reset the custom_compatibility_version, we have to pass None value to
types.Version. The PR fixes the same.
Signed-off-by: Ondra Machacek <omachace@redhat.com>
This reverts commit 0e933f76ba.
The tests for this were broken on centos6 because jinja2 does not have
a map filter on that platform. Tests need to be rewritten.
(cherry picked from commit ccabc2bff5)
Co-authored-by: Toshio Kuratomi <a.badger@gmail.com>
* Fix auto scale create with fix date without recurrence (#47186)
* Fix auto scale create with fix date without recurrence
* fix indent
(cherry picked from commit 9258ffa478)
* Create azure_rm_autoscale-fixed_date.yml changelog
* Ensure that k8s_facts always returns resources key (#46733)
Fix bug returning `items` key if NotFound exception is hit
(cherry picked from commit b772485d97)
* Add changelog for k8s_facts fix
* add delete=False to NamedTemporaryFile and remove print statement from module
* add changelog fragment
* use module.tmpdir from (#47133) and add changelog fragment for it as well
(cherry picked from commit c67ab296bb)
* user: do not pass ssh_key_passphrase on cmdline
CVE-2018-16837
Co-authored-by: Toshio Kuratomi <a.badger@gmail.com>
(cherry picked from commit a0aa53d1a1)
* Ignore user module use of subprocess.
(cherry picked from commit 8d00afc013)
* Fix python3 problem in user module cve fix
(cherry picked from commit 9088671c4e)
* Fix changelog entry for user module CVE fix
(cherry picked from commit 210a43ebeb)
* Handle dnf immutable mutable datatypes
In DNF < 3.0 are lists, and modifying them works
In DNF >= 3.0 < 3.6 are lists, but modifying them doesn't work
In DNF >= 3.6 have been turned into tuples, to communicate that
modifying them doesn't work
Further explanation of this is available via Adam Williamson from
the Fedora QA Team.
https://www.happyassassin.net/2018/06/27/adams-debugging-adventures-the-immutable-mutable-object/
Signed-off-by: Adam Miller <admiller@redhat.com>
(cherry picked from commit 70025e7b56)
* add backport changelog
Signed-off-by: Adam Miller <admiller@redhat.com>
* mail: Fix regression when sending mail without SSL (v2.7)
When this module was refactored in #37098 the non-SSL use-case was broken.
The main cause is that we have no way to do integration tests for testing SMTP.
This is a back-port to v2.7 of #46403
* Add changelog fragment
Set _notified_handlers for the task's _uuid that is run as a handler
Fix#47287
(cherry picked from commit 6497049)
Co-authored-by: Pablo <pablorf.dev@outlook.com>
* Fix prompt mismatch issue for ios
Fixes#40884#44463
* If the command prompt is matched check if data is
still pending to be read from buffer.
* This fix adds a new timer `buffer_read_timeout`
which will be trigerred after command prompt
is matched and data is attempted to be read from channel.
If not data is present of channel the timer will expire
and response we be returned to calling function.
* Fix unit test failure
* Update to make buffer timeout float
* Update doc and fix review comment
* Fix CI issues
* Update doc
* Fix review comments
* Update changelog
(cherry picked from commit 335a979f1d)
* yum/dnf: fail when space separated string of names (#47109)
* yum/dnf: fail when space separated string of names
* Groups allow spaces in names
(cherry picked from commit e8b6864e21)
* Add changelog
* Fix AWS EC2 inventory plugin caching of groups
* Added changelog fragment for aws_ec2 caching fix
* Store the AWS query results
The underlying inventory object contains inventory from other sources,
so caching it as ours would be wrong.
It seems easiest and safest to just cache the boto query results
instead.
* Remove unused functions
(cherry picked from commit 7ba09adee1)
* Documentation for docker_container: fix documentation for memory_swappiness. Default value will not equal 0, it will be inherited from the host machine (#47296)
(cherry picked from commit 4c2efa4b67)
* Add changelog.
* [2.7] Update some cliconf plugins (#47141)
* Add `check_all` to many community cliconf plugins
(cherry picked from commit 7844a40)
Co-authored-by: Nathaniel Case <this.is@nathanielca.se>
* Add changelog entry
* Fixes the example for headers in documentation
* remove whitespace
* missed a whitespace
(cherry picked from commit 3b5471a)
Co-authored-by: Nate Borener <33846287+borener@users.noreply.github.com>
* Adoc fixes (#47137)
* removed hardcoded loader/plugins list
* updated a few errors to keep orig object
* fix httpapi/cliconf listing
* ansible-doc fixes
* show undocumented as UNDOCUMENTEd
* added missing undoc
(cherry picked from commit fce9673ac1)
* An earlier optimization of ansible-doc -l caused failures. (#47012)
The optimization quickly searches the plugin code for short_description
fields and then uses that in the -l output. The searching was a bit too
naive and ended up pulling out malformed yaml. This caused those
plugins to be omitted from the list of plugins of that type with
a warning that their documentation strings were wrong.
This change makes the documentation parser aware that the documentation
string could have a relative indent for all of its fields which makes it
robust in the face of this particular problem.
* Don't search for space after short_description:
Any whitespace would be valid. In particular newline
(cherry picked from commit 61ae6424a3)
Python sets the SIGPIPE handler to SIG_IGN. On execv() signal handlers are
reset to their defaults, EXCEPT those that are SIG_IGN which are left ignored.
In Python 3 subprocess.popen explicitly resets the SIGPIPE handler to SIG_DFL,
but unfortunately in Python 2.7 it does not. This leads to subprocesses being
executed with SIGPIPE ignored. This is often a problem with bash scripts which
rely on SIGPIPE to terminate commands in a pipe, but can easily be a problem
with other applications.
This implements the Python 3 behaviour for Python 2.7 by using a preexec_fn.
(cherry picked from commit f2dccb9)
Co-authored-by: Jonathan Oddy <jonathan.oddy@transferwise.com>
* Fix in confirmed_commit capability in netconf_config modules
Fixes#46804
* If confirm value is greater than zero or confirm_commit option is set and confirmed-commit
capability is not supported but Netconf server only in that case fail the module
* Update confirm-commit flag
* Update changelog
(cherry picked from commit 5394638047)
* Locate prtdiag even when absent from /usr/bin
On Solaris 8 hosts, this prevents fact collection from aborting with:
Argument 'args' to run_command must be list or string
* Lint fix.
* Style: pass /usr/platform/.../sbin as optional path to get_bin_path().
(cherry picked from commit 40fb992a6f)
* Refactoring related to network device
* Assign unique random temporary key while creating SCSI or/and IDE controller devices
* Add testcase for this change
Fixes: #38679
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit fd985db72d)
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
If enable_snat is False, this should be used to build the
request, because the default value in the OpenStack Networking
API is True.
Fixes the issue #45915.
(cherry picked from commit 452a4ab781)