Commit graph

1296 commits

Author SHA1 Message Date
Mark Chappell
8e99f0ecc6 aws_kms: Rename various policy manipulation options to reduce confusion (#60561)
* aws_kms: Rename various policy manipulation options to reduce confusion

AWS KMS now has the concept of issuing a 'grant', which is independent
of the policy attached to a key.  Rename the following options to make
it clearer that the operate on the CMK Policy *not* on CMK Grants

* aws_kms: don't just rename grant_types/mode, deprecate them too.
2019-08-19 19:44:03 +10:00
Klaus Frank
fb2c1d4577 Make win_domain_user idempotent for password changes (#58383)
* Make win_domain_user idempotent for passwordchanges

* Add changelog fragment

* Use test-credentials function from win_user.

* Split domain from username

* Update win_domain_user.ps1

* Fix ci

* Update win_domain_user.ps1

Fix ci

* Implement review

* Logic cleanup and remove securestring

* Fix typo

* fix syntax

fix syntax

* Use AD object instead of user input as requested by review

* migrate to Ansible.AccessToken
2019-08-19 06:17:41 +10:00
Klaus Frank
811153afb1 Add exception handling to win_domain_controller (#58234)
* Add exception handling to win_domain_controller

* Add changelog

* Fix PSUseDeclaredVarsMoreThanAssignments

* Remove dns domain cannot be resolved error message

As requested by PR review in https://github.com/ansible/ansible/pull/58234#discussion_r300509880
2019-08-18 16:14:51 -04:00
Felix Fontein
0d88ec241f
openssl_certificate: fix idempotency (#60745)
* Fix openssl_certificate idempotency.

* Add changelog.

* Add integration test.
2019-08-18 20:48:34 +02:00
Felix Fontein
16056f4978
openssl_certificate: check for existence before loading CSR / private keys / ... (#60740)
* Check file existence before loading files.

* Remove superfluous import.

* Add changelog.
2019-08-18 11:41:50 +02:00
Hannes Ljungberg
13364fc530 docker_swarm_service: Allow passing dicts in networks (#58961)
* Add support for passing networks as dicts

* Add function to compare a list of different objects

* Handle comparing falsy values to missing values

* Pass docker versions to Service

* Move can_update_networks to Service class

* Pass Networks in TaskTemplate when supported

* Remove weird __str__

* Add networks integration tests

* Add unit tests

* Add example

* Add changelog fragment

* Make sure that network options are clean

Co-Authored-By: Felix Fontein <felix@fontein.de>

* Set networks elements as raw in arg spec

Co-Authored-By: Felix Fontein <felix@fontein.de>

* Fix wrong variable naming

* Check for network options that are not valid

* Only check for None options

* Validate that aliases is a list
2019-08-18 08:55:54 +02:00
Felix Fontein
ceff0029cb
openssl_certificate: deprecate assertonly provider (#60623)
* Add deprecation marks.

* Add conversion example.

* Split long line.

* Add changelog and porting guide entry.

* Fix unrelated porting guide entry.

* Fix format.

* Fix doc mistakes found in review.

* Fix filter name.

* Compare CSR and cert subject via subject_ordered.
2019-08-18 05:09:49 +02:00
Chris Trufan
86366530e8 Entrust Datacard - Support for "entrust" provider in openssl_certificate module (#59272)
* Addition of entrust provider to openssl_certificate module

* Fix native return values of error messages and JSON response.

* Documentation and syntax fixes per ansibot.

* Refactored structure of for loop due to ansible test failures in python 2.6

* Remove OCSP functionality for inclusion in possible seperate future pull request.

* Remove reissue support.

* Indicate the entrust parameters are specific to entrust.

* Comment fixes to make it clear module_utils request is used.

* Fixes to not_after documentation

* Response to pull request comments and cleanup of error handling for bad connections to properly use the 'six' HttpError for compatibility with both Python 2/3 underlying url libraries.

* pep8/pycodestyle fixes.

* Added code fragment and response to comments.

* Update license to simplified BSD

* Fixed botmeta typo

* Include license text in api.yml

* Remove unsupported certificate types, and always submit an explicit organization to match organization in CSR

* Fix documentation misquote, add expired to a comment, and fix path check timing.

* Update changelogs/fragments/59272-support-for-entrust-provider-in-openssl_certificate_module.yaml

Co-Authored-By: Felix Fontein <felix@fontein.de>
2019-08-17 21:32:02 +02:00
Felix Fontein
6a786d0d93
openssl_publickey: add cryptography backend (#60387)
* Add cryptography backend.

* Add changelog.

* Make sure requirements are satisfied.

* Use more compatible elliptic curve.

* Decrease required version numbers.

* PyOpenSSL >= 16.0.0 is really needed.

* Update lib/ansible/modules/crypto/openssl_publickey.py

Co-Authored-By: MarkusTeufelberger <mteufelberger@mgit.at>
2019-08-17 18:52:14 +02:00
Felix Fontein
601a4b8f47
get_certificate: add cryptography backend (#60599)
* Add cryptography backend for get_certificate.

* Add changelog.

* Use short names (if possible).

* Adjust version (to behave as pyOpenSSL).

* Work around bugs (needed for cryptography 1.2.3).

* Don't run cryptography backend tests for CentOS 6.

* Bump cryptography requirement to 1.6 or newer.

Otherwise, signature_algorithm_oid isn't there, either.

* Simplify requirement text.

* CentOS 6 has cryptography 1.9, so we still need to block.

* Add auto-detect test.

* Improve YAML.
2019-08-17 16:02:14 +02:00
Felix Fontein
38435e1bd0
openssl_certificate: various assertonly bugfixes (#60658)
* Fix get_relative_time_option for byte string input. Also fix it for None input.

* Using correct property for invalid_at check.

* Fix invalid_at comparison.

* Converting relative timestamps before comparison for valid_at and invalid_at.

* Fixing key usage display for cryptography backend.

* Fix key usage comparison. OBJ_txt2nid always returns 0 for key usage identifiers.

* Add changelog.

* Fix pyOpenSSL key usage comparison.
2019-08-17 15:58:25 +02:00
Felix Fontein
cf69b73c04
openssl_certificate/csr_info: add ordered issuer/subject return value (#60708)
* Add ordered issuer/subject return value.

* Add changelog.
2019-08-17 15:49:54 +02:00
Lukas Kämmerling
100b56439e hcloud_server: Allow users to enable/disable the rescue mode (#60070) 2019-08-17 11:29:58 +02:00
Mitsuru Nakakawaji
064cd63f3d fix: docker_swarm_service does not publish both tcp and udp ports (#60616)
* fix: docker_swarm_service does not publish both tcp and udp ports for same published port

* fix the linting problems and add the changelog fragment.

* add test

* modify test to ensure result rather than return value
2019-08-16 15:23:45 +02:00
Felix Fontein
48541910bf
docker_container: add mount endpoint collision detection (#60384)
* Add mount endpoint collision detection.

* Add changelog.

* Fix error.
2019-08-16 15:23:03 +02:00
Gonéri Le Bouder
c60676a118 VMware: add a changelog entry for PR #60476 (#60490)
Add a changelog entry for https://github.com/ansible/ansible/pull/60476.
2019-08-16 09:10:42 +05:30
Patrick Marques
39d249155a Deprecates Digital Ocean sshkey_facts in favor of new module sshkey_info (#60546)
* Renames Digital Ocean sshkey_facts modules to sshkey_info

* Change digital_ocean_sshkey_facts status to deprected

* Update digital_ocean_sshkey _facts _info doc

* Allow digital_ocean_sshkey_info in Check Mode

* Update lib/ansible/modules/cloud/digital_ocean/_digital_ocean_sshkey_facts.py

Co-Authored-By: Felix Fontein <felix@fontein.de>

* Fix _info added version
2019-08-15 23:45:05 +02:00
Simon Dodsley
491a47c7c5 Pure modules: rename _facts with ansible_facts result to _info (#60641) 2019-08-15 22:42:35 +02:00
Matt Clay
25b20adb94 Fix git module when using absolute repo path.
This prevents a traceback when `repo` is set to an absolute path.
2019-08-14 18:09:56 -07:00
Felix Fontein
99fb0fcb2f docker_logout: report change on successful logout (#60381)
* Mark logout as changed when docker logout does not return 'Not logged in to '.

* Add changelog.

* Improve logout detection.

* Also return output of 'docker logout'.
2019-08-14 05:23:38 -04:00
Sam Doran
0f35e4b7b9 apt_facts - Fix cache related performance regression (#60511)
* apt_facts - Fix cache related performance regression

* Another minor performance improvement
2019-08-14 03:43:52 -04:00
Jordan Borean
14a7722e39
ansible-galaxy tidy up arg parse with better validation (#59957)
* ansible-galaxy tidy up arg parse with better validation

* Add support back in for -v before sub aprser

* Added deprecation warning for manually parsed verbosity
2019-08-14 06:36:29 +10:00
pguermo
8923d13537 proxmox_kvm: While a VM is beeing created, vm has no name item (#58196)
* While a VM is beeing created, vm as no name attribute

* Add changelogs fragment
2019-08-13 19:22:17 +02:00
Matt Martz
ba81084a49
Provide nice error when the shell plugin is incompatible with the con figured become plugin (#60441)
* Provide nice error when the shell plugin is incompatible with the configured become plugin. Fixes #57770

* Add todo

* Add missing import
2019-08-13 09:37:53 -05:00
Shaun M
fa783c027b Adding waiter to cluster remove process (#57324)
* Adding waiter to cluster remove process

* blank line contains whitespace

* update aws_eks integration test

* Refactor aws_eks test suite to use pip

* update version testing

* missing parens...

* add changelog fragment

* Add waiter to module_utils, fix exception handling.

* Correct EKS waiter checks
2019-08-13 23:11:21 +10:00
Felix Fontein
2d98734ad5 Amazon modules: rename _facts with ansible_facts result to _info (#60178)
* aws_s3_bucket_facts -> aws_s3_bucket_info

* cloudformation_facts -> cloudformation_info

* cloudfront_facts -> cloudfront_info

* ecs_service_facts -> ecs_service_info

* efs_facts -> efs_info

* Add changelog and porting guide entry.

* lambda_facts -> lambda_info

* Improve examples.

* Add subsection on renamed modules.

* Add sentence on registering variables.

* Fix ReST.

* Instead of renaming lambda_facts, deprecate it and replace with new module.

* Rename internal variable.

* Re-add sanity ignores for lambda_facts.
2019-08-13 08:01:37 -04:00
Matt Davis
a40baf22fa
various mod_args fixes (#60290)
* various mod_args fixes

* filter task keywords when parsing actions from task_ds- prevents repeatedly banging on the pluginloader for things we know aren't modules/actions
* clean up module/action error messaging. Death to `no action in task!`- actually list the candidate modules/actions from the task if present.

* remove shadowed_module test

* previous discussion was that this behavior isn't worth the complexity or performance costs in mod_args

* fix/add test, remove module shadow logic

* address review feedback
2019-08-13 09:57:49 +01:00
sky-joker
c27b5ae1a3 add option proxy to get_certificate module (#60076)
* add option proxy to get_certificate module

* Add python 2.7 or higher to requirements

* Modify requirements and add create_default_context module import check processing

* add changelog file for get_certificate

* Modify changelog file
2019-08-13 01:34:04 -04:00
James Cassell
8bca160363 add vfat to selinux special_context_filesystems (#59823)
vfat is the format of the /boot/efi partition on UEFI hosts and does
not support SELinux labels

add an environment variable for this config option
2019-08-12 14:45:27 -04:00
Pavan Bidkar
0a90ec90c0 VMware: handle KeyError in get_vm API (#60204)
Fixed if conditions for all VM params
2019-08-12 14:03:13 +05:30
Maxim Babushkin
dda80c46e9 openssh_keypair - Add key `comment` to return output (#59268)
If the comment will be provided during the key creation, it will be
diplayed in the return values.
Same will be on the comment change.
2019-08-11 13:47:34 +02:00
Maxim Babushkin
27e414200f openssh_keypair - Add public key and key comment validation (#57993)
- Split the key validation to separate private and public.
- In case public key does not exist, recreate it.
- Validate comment of the key.
- In case comment changed, update the private and public keys.
2019-08-10 18:57:35 -04:00
Felix Fontein
8b68feb67e
acme_certificate: allow to download alternate certificate chains (#56334)
* Improve link handling.

* Also fetch alternate certificate chains.

* Add retrieve_all_alternates option.

* Simplify code.

* Forgot when condition.

* Add tests for retrieve_all_alternates.

* Fixes.

* Moved utility function for link parsing to module_utils.

* Fix grammar.
2019-08-09 23:54:48 +02:00
Alex Stephen
2e90efd4a7 Changing GCP Facts modules to Info Modules (#60172)
* file changes, porting guide, changelog fragment, renaming autoscaler, removing rst links
* Apply suggestions from code review

Co-Authored-By: Alicia Cozine <879121+acozine@users.noreply.github.com>
Co-Authored-By: Felix Fontein <felix@fontein.de>
2019-08-09 15:13:08 -05:00
Toshio Kuratomi
84e3c0ef1d Fix changelog entry for playbook_dir fix
The final version of the fix makes the addition in two places instead of
moving the single addition from one place to another
2019-08-09 12:33:38 -07:00
Jordan Borean
dbd082efe4
Ansible.AccessToken - Added shared util for managing a Windows access token (#60302)
* Ansible.AccessToken - Added shared util for managing a Windows access token

* Fix tests when running in CI

* More fixes for older servers

* More fixes for Server 2008
2019-08-09 21:10:44 +10:00
Andrew Gaffney
b38cb37728
Transform octal escape sequences in mtab fields (#60122) 2019-08-08 16:31:42 -05:00
Matt Martz
707e33793d
Undeprecated the skip argument for first_found. Fixes #58942. Fixes #59949. (#60161) 2019-08-08 13:55:11 -05:00
James Cassell
c954c07271 TRANSFORM_INVALID_GROUP_CHARS: document "ignore" option (#57318)
Co-Authored-By: Alicia Cozine <879121+acozine@users.noreply.github.com>
2019-08-08 13:50:20 -04:00
Strahinja Kustudic
54d9d7805d systemd module will now wait on deactivating state (#59471)
If a service is in the 'deactivating' state running systemctl stop foo,
would wait for the foo service to actually stop before it exits. The
module didn't behave like that and it considered the deactivating state
as if the service wasn't running. This change will align the module with
the systemctl behaviour.
2019-08-08 12:56:17 -04:00
Jiri Hnidek
577bb88ad8 Added support for syspurpose to redhat_subscribtion module (#59850)
* Added several unit tests
* Added documentation for new syspurpose option and suboptions
* Simplified specification of module arguments
* Added new changelog file with fragments
2019-08-08 11:43:05 -04:00
Drew
6932a5b357 add npipe support to docker_swarm_service (#60073)
* add npipe support to docker_swarm_service

* add changelog fragment

* tweak changelog fragment formatting

* Update lib/ansible/modules/cloud/docker/docker_swarm_service.py

Co-Authored-By: Felix Fontein <felix@fontein.de>
2019-08-08 17:25:13 +02:00
Manu Lange
6a5cd9a820 prevent recursive logging csharp stackoverflow. (#59503)
* prevent recursive logging situation.

* Add changelog
2019-08-08 09:50:41 +10:00
silverwizard
5d8302120b Removed breaking type check from nagios module (#49568)
* Removed extraneous type check from nagios module, in order to allow python 3.x

* Removed now useless import types

* Added changelog fragment

* Update changelog.

* Rebased and removed check due to module adding earlier guardrails

* Updated changelog to mention earlier fix adding now completely removed guardrails

* Remove superfluous type checks. Fix docs type.

* Update ignore.txt.
2019-08-07 22:43:14 +02:00
Jill R
4308b87d72 Don't truncate cidr_ipv6 addresses in ec2_group.py (#59106)
* Better cidr_ipv6 validation in ec2_group.py

* Improve warning/error handling, add changelog

* Update unit test for ipv6 validation

* Fix logic that was causing non /128 cidrs with host bits to not be handled
2019-08-07 08:39:55 -04:00
Marat Sharafutdinov
8751319820 Add wait_sleep parameter for the k8s module (#59714) (#59854) 2019-08-07 21:27:54 +10:00
Jordan Borean
45d0e5994a
win_user - use proper error code when failing to validate creds (#60181) 2019-08-07 18:28:44 +10:00
Matt Martz
923e21836b
Move plugin loader playbook dir additions back to Playbook instead of PlaybookCLI (#59557)
* Move plugin loader playbook dir additions back to Playbook instead of PlaybookCLI. Fixes #59548

* Restore cli additions
2019-08-06 15:58:15 -05:00
Alex Stephen
61d60d07d1 no logging for service account contents (#60149)
* no logging for service account contents

* changelog

* fixes
2019-08-06 15:27:11 -05:00
Abhijeet Kasurde
2a1393e0e1
VMware: Check dvswitch presence before accessing it (#60052)
Check if dvswitch object is not None before accessing it's
properties such as UUID. This can be due to two reason

1. Permission issues
2. There is no association between given distributed virtual portgroup
distributed virtual switch

Fixes: #59952

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2019-08-06 10:38:50 +05:30