* Update win_package.ps1
Update Test-Path to use -LiteralPath instead of -Path to fix issue where powershell will not detect path with special characters such as '=' and '[]'.
* Update win_package.ps1
modified other instances of -Path and changed to -LiteralPath. All except line L243 since it is a different function.
* added literal path to get-itemproperty
* Add a representer for AnsibleUnsafeBytes
* changelog
* Add unit tests
Remove native string test until we have time to evaluate how this the function should work
Add non-ASCII characters to test cases
* Compare to the string on Python 2
Add a comment in the test about this behavior
Microsoft's DNS server uses GSS-TSIG to secure Dynamic DNS
updates. That is a Kerberos based form of TSIG neither supported by
the Ansible nsupdate module nor the underlying dnspython module.
Related to #57294 and #62238.
* Ensure k8s apply works with check mode
Update the new predicted object with fields from the previous object
before applying in check mode
Don't log output of `file` with `state: absent` on huge virtualenvs!
Fixes#60510
* Use openshift client fix to improve apply for check mode
Use new apply_object method to get a better approximation
of the expected object in check mode.
Requires released upgrade to openshift
* Add changelog fragment for k8s apply check mode fix
* Update changelogs/fragments/60510-k8s-apply-check-mode.yml
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Fix plugin names for collection plugins.
Add an integration test to verify plugin __name__ is correct for collection plugins.
* Fix collection loader PEP 302 compliance.
The `find_module` function now returns `None` if the module cannot be found. Previously it would return `self` for modules which did not exist.
Returning a loader from `find_module` which cannot find the module will result in import errors on Python 2.x when using implicit relative imports.
* add changelog
* sanity/units/merge fixes
In some remote environments, the `crontab` executable is
overloaded with a custom executable, which typically does
some pre/post processing before forwarding to crontab.
Instead of using the hardcoded `/usr/bin/crontab`, this uses
the `get_bin_path` utility to locate the default crontab executable.
* Add integration tests for ansible-doc.
* Enable tests that now pass
* Cleanup processing of plugin docs
* Mostly separate the steps of processing plugin docs
1) Acquire source data
2) Transform and calculate additonal data
3) Format data for output
4) Output data
format_plugin_doc() is still mixing transformation and formatting but
that should be fixed in a devel-only change
* Raise exceptions in _get_plugin_doc() on errors.
* Remove check to exclude on blacklisted extensions. We already request
only .py files
* If there is no DOCUMENTATION entry in the plugin, raise an exception
from _get_plugin_doc(). Everywhere we use _get_plugin_doc(), this is
treated as an error
* If there is no ANSIBLE_METADATA raise an exception as well as
displaying of docs assumes that this has been set.
* If there is neither DOCUMENTATION nor ANSIBLE_METADATA, warn about the
lack of METADATA and error on the lack of DOCUMENTATION. Lack of
DOCUMENTATION is more important so it is what the user should see.
* Add a few special cases for backwards compat. These should probably
be made errors in 2.10:
* no docs but has metadata shows no documentation rather than an error
* empty plugin file shows no doumentation rather than an error
* Simplify backwards compatibility logic.
* Clarifying pip module requirements in reference to #47361
* Further clarifying message with link to ansible_python_interpreter
* Clarifies pip behavior
* incorporates review feedback
* Fix network_cli exec_command connection init
Fixes https://github.com/ansible/ansible/issues/61596
* If `exec_command` method is invoked from module side
on connection object to execute the command on target
host check if connection is created if not create the
connection.
* Fix review comment
* ce_bgp_neighbor_af: fix a typo in module's parameter
* ce_bgp_neighbor_af: fix a typo in module's parameter, add version_added and changelog
* ce_bgp_neighbor_af: fix a typo in module's parameter, add aliase
The os_keystone_endpoint module has two interface arguments -
'interface' for authentication, and 'endpoint_interface' for the
endpoint being registered. Currently the module documentation only
covers 'interface', when in fact it should cover 'endpoint_interface'
and pick up 'interface' from the standard OpenStack module parameter
documentation.
Fixes#62319
Change `enable` option to `enabled` in junos_interfaces
and junos_lldp_interfaces
data model to be in sync with other network platform
resource modules added in 2.9 version.
* Support large folder size comparisons for win_find
Changed [int] to [int64] to support larger folders. Otherwise module fails as soon as a large folder is encountered.
* Create 58466-FIX_win_find-Bug-Get-FileStat_fails_on_large_files.yml
* Add ecs_domain module
* Fixes to integration tests and module
* Fixes to tests and module
* Corrections to revalidation behavior, cna only revalidate domains in expiring.
* Remove debugs for final test run, fix sanity check test fails.
* Add checks for domain status
* Add changelog fragment for new module.
* Removed extra space in backtick
* Minor fixes to make behavior more consistent and correct documentation.
* Update lib/ansible/modules/crypto/entrust/ecs_domain.py
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Update lib/ansible/modules/crypto/entrust/ecs_domain.py
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Update lib/ansible/modules/crypto/entrust/ecs_domain.py
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Apply suggestions from code review
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Change casing of verification method enum, remove redundant changelog fragment
* Return ov_eligible and ev_eligible fields even if false, as long as they're returned by ECS API
* Initial commit of VMware HttpApi REST
New directory structure created for httpapi-based modules. These will
live in the 'vmware_httpapi' directory under 'modules/cloud'. The
AnsibleModule class was extended to create the VmwareRestModule class
that lives in the 'vmware_httpapi' directory under 'module_utils'. It
implements comms with the httpapi plugin, and also provides debugging
output, url and filtering generation by object, and support for
multiple VMware REST APIs. It also provides dynamic handling of HTTP
return codes that can be tailored to each module's needs.
* Fix for junos cli_config replace option
* For device that support replace option by loading
configuration from a file on device `config` option
is not required and value of `replace` option is the
path of configuration file on device. This fix allows
invoking run() function in cli_config if `config` option
is None and `replace` option is not boolean
* The command to replace running config on junos device
is `load override <filename>` and not `load replace <filename>`
This is fixed in the junos cliconf plugin.
* Add integration test
Following module used internal results key as part of return json, this commit
changes this to appropriate values -
* vmware_datastore_maintenancemode.py
* vmware_host_kernel_manager.py
* vmware_host_ntp.py
* vmware_host_service_manager.py
* vmware_tag.py
Fixes: #62083
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* ansible-galaxy - add config to control the display wheel
* Fix changelog and make test more stable
* Don't use display thread at all if progress wheel isn't being shown
* luks_device.py: allow the user create LUKS based on specific versions
- Allow user pass an option 'type' that explicits define the version of LUKS
container that will be created. It should be 'luks1' or 'luks2' format.
- If 'label' option is defined the 'type' option will be 'luks2' independently
of the option 'type' informed by user. (labels NEED luks2 format)
Fixes: #58973
Signed-off-by: Alexandre Mulatinho <alex@mulatinho.net>
* added the changelog fragment
Signed-off-by: Alexandre Mulatinho <alex@mulatinho.net>
* luks_device.py: make it fail in certain conditions
- Not allow user especify luks1 type and label at the same playbook
Signed-off-by: Alexandre Mulatinho <alex@mulatinho.net>
* Pika v1.0.0 and above were causing issues for publish_message. Updated
to ensure publish_message works with pika 0.13.1 and 1.0.0 and above.
* Adding changelog fragment for rabbitmq_publish fix.
* Updating return value.
* Adding support for Plugin runnable type
Adding support for device arrays in vdirect_runnable module.
Adding "output" dictionary to the vdirect_runnable module result dictionary.
* Adding support for Plugin runnable type
Adding support for device arrays in vdirect_runnable module.
Adding "output" dictionary to the vdirect_runnable module result dictionary.
* Adding zabbix_valuemap module
* Minor corrections
* Fixing typos
Co-Authored-By: Dusan Matejka <D3DeFi@users.noreply.github.com>
* Sorting mappings based on the 'value' field
* Updating
Co-Authored-By: John R Barker <john@johnrbarker.com>
* Fixing "version_added"
Fixes situations where iosxr terminals that do not contain new line "/r/n" at the beginning of CLI timeouts due to regex error. Just make "/r/n" optional including "*" character in the regex
* In pika v1.0.0 BlockingChannel.is_closing was removed. Updating
plugin accordingly.
Ref: https://github.com/pika/pika/pull/1034
* Adding change fragment for is_closing bug.
* Updated change fragment description.
Use hostnamectl command to get current hostname for host while using
systemd strategy.
Fixes: #59438
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* AWS ec2_vpc_net: Enable ipv6 CIDR assignment
Enable IPv6 CIDRs in ec2_vpc_net, and fix ec2_vpc_subnet tests that
were depending on the aws cli for CIDR assignment.
Related to: #27800
* issue #61672: make jenkins_plugin module work in a session when CSRF enabled
This commit modifies the signature of `fetch_url` so that a cookie jar can be
specified allowing multiple calls to operate with the same session. It uses
a similar construct to the `Request` class to initialise the cookie jar if
it is not provided.
The jenkins_plugin module is modified to create a cookie jar if CSRF is
enabled. This cookie jar is then submitted with every call to fetch_url.
Also changed is to submit the crumb in the request headers rather than
in the data field.
This has been tested with Jenkins 2.176.
* issue #61672: fix jenkins_script module
This commit modifies the jenkins_script module to use the authorization crumb
in a session in a similar fashion to the jenkins_plugin change for the same
issue.
* Fix ansible-doc traceback for removed modules.
This avoids tracebacks with errors like the following when a module has been removed:
module module_name missing documentation (or could not parse documentation): 'NoneType' object does not support item assignment
* Fix ansible-doc sanity test warning handling.
Warnings about removed modules/plugins on stderr are now properly ignored.
Previously an ansible-doc error could result in unrelated errors going undetected because tests were stopped early and the underlying error was ignored.
* Allow the use of _paramiko_conn even if the connection hasn't been started.
I'm not sure what the benefit is of Noneing paramiko_conn on close, but will keep for now
* Fix test
* Try to fix up net_put & net_get
* Add changelog
* Fix ec2_vpc_vgw broken tests
Add waiter function to wait for API to report detached vgw is available.
Also catch extra error code in attach retry as EC2 sometimes reports that
the vgw is available several seconds before permitting the attachment.
Fixes: #53185
* Re-enable ec2_vgc_vgw test target
* add new module: aws_stepfunctions_state_machine
* add integration tests for new module: aws_stepfunctions_state_machine
* fix sanity checks
* use files/ folder instead for integration test
* rename role name in integration test
* attempt further permissions
* iam states prefix
* iam integration test prefix
* add iam policy for running step functions state machine actions
* slightly increase iam permission scope
* rename integration test folder to proper name
* move main() method to end of file
* move contents of integration-policy.json for state machines to compute-policy.json
* make check_mode return proper changed value + add check_mode integration tests
* rename module to aws_step_functions_state_machine
* fix missed rename in integration test variable
* add purge_tags option
* bump to version 2.10
Python < 2.7.9 does not have the ssl.SSLContext attribute.
ssl.SSLContext is only required when we want to validate the SSL
connection. If `validate_certs` is false, we don't initialize the
`ssl_context` variable.
Add unit-test coverage and a little refactoring:
- avoid the use of `mocker`, when we can push `monkeypatch` which is
`pytest`'s default.
- use `mock.Mocker()` when possible
closes: #57072
* module_utils/ec2: (unit tests) Move unit tests for module_utils/ec2.py into test/units/module_utils
- compare_policies was refactored from s3_bucket
- "ec2_utils" doesn't seem to have ever existed
* module_utils/ec2: (unit tests) Add unit test for comparing quoted and unquoted bools and numbers within policies
As per https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_grammar.html
"Values are enclosed in quotation marks. Quotation marks are optional for numeric
and Boolean values."
* module_utils/ec2: Explicitly convert bools and ints to strings when comparing policies
See also: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_grammar.html
This allows junos_config to changes the candidate configuration only and
does not commit it as the active configuration at once w/ the
'check_commit' option.
* Fixes to ecs_certificate cert chain for #61738
* Added changelog fragment
* Fixes to ecs_certificate for cleaner join, and better integration test
* Fix integration test formatting
* End cert chain with a \n
* Update changelogs/fragments/61738-ecs-certificate-invalid-chain.yaml
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Update main.yml
* compare list of dicts
* update example for dhcp_server_opts to include ip_version which is automatically added by openstack
* add note about dhcp_server_opts
* add changelog fragment
* fix forgotten exception+pass
* no need to excplicitly check for None
* fix oops
* fix import error
* missed missing_required_lib
* changelog fragment formatting and grammar fixes
* update requirements in documentation and fix spelling
* Update AWS hacking policy to enable ASG Tagging management
* aws_asg: Add tests for ASG Tagging (including idempotency)
* aws_asg: ignore sort order when comparing tags on the ASG (fix idempotency)
* ec2_asg: (integration tests) test for idempotency when managing metrics collection
* ec2_asg: sort list of enabled metrics to ensure clean comparisons.
* Fix ansible-connection persist after playbook run issue
* PR https://github.com/ansible/ansible/pull/59153 to add support
for delaying the ansible-connection added an old issue of
ansible-connection persisting even after playbook run is finished
till either command timeout or connect timeout is triggered.
ansible-connection persist after playbook execution is done
and also delays the connection initilization untill a method
in invoked from module side on the connection object.
* Add chanegelog
Add a list of previously used release names to make it easy to tell what
release names are no longer usable.
Add a test that new release names have been added to the used list.
Fixes#61616
* iam_group: (integration tests) migrate tests to module_defaults
* iam_group: (integration tests) migrate to using temporary user and group with {{ resource_prefix }}
* iam_group: (integration tests) fix test, checking the return values
* iam_group: (integration tests) Add some more tests around the behaviour of 'changed'
* iam_group: (docs) Update documentation of iam_group return value
* Update AWS testing policies to enable group/user management
* meraki_organization - Add warning about organization deletion
The documentation is now more explicit about the ramifications of using `state: absent` in a task.
* fix erroneous failures in docker_compose due to deprecation warnings from docker (#60961)
* Update error handling to work with new method of capturing output
Co-Authored-By: Felix Fontein <felix@fontein.de>
* update error handling
* fix syntax error
* fix indentation
* fix indentation (again)
* remove erroneous line
On OpenBSD, 13 asterisk characters as a password hash, marks the
account as disabled. Otherwise daily(8) script which executes
security(8) will email operator about not properly locked accounts.
Before the diff, we see following warning:
> [WARNING]: The input password appears not to have been hashed. The 'password' argument must be encrypted for this module to work properly.
After the diff, warning is gone.
* remove choices from gather_network_resources facts and allow negating subset without needing to add a new subset specific for negation
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* negated all, min should not return any fact
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* Migrate ec2_eip module to boto3
This patch is a step towards the integration of several PRs that have
attempted to migrate this code
closes#55190closes#45478
Follow-up PRs will address the outstanding changes made in #55190
* fix issues and limitations in account mgmt commands
* fix pep8 and example yaml errors
* remove new option and update option aliases
* find next empty slot when adding user via PATCH
##### SUMMARY
Looks like the "parent_group" option in "keyed_groups" is a very recent feature that is not being documented.
This pull request just adds a simple example of the usage of this useful feature.
##### ISSUE TYPE
- Docs Pull Request
+label: docsite_pr
* docs: Update apt_key.py add requirements of gpg. The module needs to have gpg installed, otherwise it will end up with error {"changed": false, "msg": "Failed to find required executable gpg in paths: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
Co-Authored-By: John R Barker <john@johnrbarker.com>
##### SUMMARY
Although there is an example showing that username is not required with personal access token, it will be nice to more clearly state in options description.
##### ISSUE TYPE
- Docs Pull Request
+label: docsite_pr
* luks_device.py: Allow manipulate LUKS containers with label or UUID
- Allow create a LUKS2 container format with label support
- Allow manipulate (open, close, modify) an LUKS container based on
both label (LUKS2 format) or UUID instead of using devices only.
Fixes: #58973
Signed-off-by: Alexandre Mulatinho <alex@mulatinho.net>
* test_luks_device.py: organizing tests to support labels
- Add label on some tests and fix errors reported by Shippable
Signed-off-by: Alexandre Mulatinho <alex@mulatinho.net>
* luks_device.py: adjusting versions and messages
- Modifying version_added from 2.9 to 2.10
- Fixing some messages
- Created a changelog fragment
- Moving blkid from scope
Fixes#58973
Signed-off-by: Alexandre Mulatinho <alex@mulatinho.net>
While it's possible to host InfluxDB on a different path prefix
(through a reverse proxy such as nginx or traefik), the Ansible
influxdb_* modules did't support that use case.
The patch adds a 'path' parameter, which is passed to the influxdb
Python client.
Example for connecting to InfluxDB running on http://localhost/influxdb
- hosts: all
tasks:
- influxdb_database:
database_name: test
path: influxdb
port: 80