Commit graph

1415 commits

Author SHA1 Message Date
Felix Fontein
fa70690e5c
openssl_certificate/csr(_info): add support for SubjectKeyIdentifier and AuthorityKeyIdentifier (#60741)
* Add support for SubjectKeyIdentifier and AuthorityKeyIdentifier to _info modules.

* Adding SubjectKeyIdentifier and AuthorityKeyIdentifier support to openssl_certificate and openssl_csr.

* Fix type of authority_cert_issuer.

* Add basic tests.

* Add changelog.

* Added proper tests for _info modules.

* Fix docs bug.

* Make sure new features are only used when cryptography backend for openssl_csr is available.

* Work around jinja2 being too old on some CI hosts.

* Add tests for openssl_csr.

* Add openssl_certificate tests.

* Fix idempotence test.

* Move one level up.

* Add ownca_create_authority_key_identifier option.

* Add ownca_create_authority_key_identifier option.

* Add idempotency check.

* Apparently the function call expected different args for cryptography < 2.7.

* Fix copy'n'paste errors and typos.

* string -> general name.

* Add disclaimer.

* Implement always_create / create_if_not_provided / never_create for openssl_certificate.

* Update changelog and porting guide.

* Add comments for defaults.
2019-08-23 14:01:42 +02:00
Mark Chappell
77e4371460 aws_kms: Update policy on existing keys (when passed) (#60059)
* aws_kms: (integration tests) Use module_defaults to reduce the copy and paste

* aws_kms: (integration tests) make sure policy option functions.

* aws_kms: (integration tests) Move iam_role creation to start of playbook.

iam_roles aren't fully created when iam_role completes, there's a delay on the Amazon side before they're fully recognised.

* aws_kms: Update policy on existing keys (when passed)
2019-08-23 20:38:38 +10:00
Andrey Klychkov
e3cf76533c postgresql_user: add groups parameter (#60638)
* postgresql_user: add groups parameter

* postgresql_user: add groups parameter, fail_on_role default True

* postgresql_user: add groups parameter, add changelog fragment
2019-08-23 08:17:23 +02:00
Felix Fontein
72365b01e0 acme_certificate: only return challenges that need to be satisfied (#61191)
* Only return challenges that need to be satisfied.

* Adjust PR #.
2019-08-22 23:10:53 -04:00
Felix Fontein
18f7c3b850
Netapp: rename _facts -> _info (#60980)
* Rename na_ontap_gather_facts -> na_ontap_info
Rename netapp_e_facts -> netapp_e_info

* Add changelog.

* Fix sanity.

* Forgot test.

* Forgot to remove 'gather'.

* Fix sanity ignore.

* Remove netapp_e_facts from PR.

* Remove superfluous version_added.
2019-08-22 22:51:45 +02:00
Matt Martz
0ff9978bc5
Ensure has_dead_workers functions (#60653)
* Ensure has_dead_workers functions

* Fix up tests

* Add changelog. Fixes #29124
2019-08-22 14:32:49 -05:00
Mark Chappell
70777020c4 Fix iam_password_policy integration tests (#60930)
* iam_password_policy: (integration tests) Use module defaults for AWS connection details

* iam_password_policy: (integration tests) Ensure the policy is removed when tests fail

* iam_password_policy: (integration tests) Add regression test for #59102

* iam_password_policy: Only return changed when the policy changes.

* iam_password_policy: PasswordReusePrevention must be omitted to remove/set to 0

* #60930 add changelog

* Update hacking AWS security policy to allow testing of Password Policy Management
2019-08-22 23:25:25 +10:00
Andrey Klychkov
191068a286 Issue 59955: add array handling to postgresql_query module (#60559)
* Issue 59955: add array handling to postgresql_query module

* Issue 59955: add array handling to postgresql_query module, improvements

* Issue 59955: add array handling to postgresql_query module, fix example comment
2019-08-22 08:53:29 +02:00
Lukas Kämmerling
96199be96b Rename hcloud_*_facts to hcloud_*_info (#60926)
* Rename hcloud_datacenter_facts to hcloud_datacenter_info

* Rename hcloud_location_facts to hcloud_location_info

* Rename hcloud_image_facts to hcloud_image_info

* Rename hcloud_floating_ip_facts to hcloud_floating_ip_info

* Rename hcloud_server_type_facts to hcloud_server_type_info

* Rename hcloud_server_facts to hcloud_server_info

* Rename hcloud_ssh_key_facts to hcloud_ssh_key_info

* Rename hcloud_volume_facts to hcloud_volume_info

* Fix typo in hcloud_image_info

* Add to porting guide and add changelog fragment

* Reword porting guide
2019-08-21 14:55:37 +02:00
Matt Davis
bfa004930a
add subdir support to collection loading (#60682)
* add subdir support to collection loading

* collections may now load plugins from subdirs under a plugin type or roles dir, eg `ns.coll.subdir1.subdir2.myrole`->ns.coll's roles/subdir1/subdir2/myrole, `ns.coll.subdir1.mymodule`->ns.coll's plugins/modules/subdir1/mymodule.py
* centralize parsing/validation in AnsibleCollectionRef class
* fix issues loading Jinja2 plugins from multiple sources 
* resolves #59462, #59890,

* sanity test fixes

* string fixes

* add changelog entry
2019-08-21 10:45:04 +01:00
Felix Fontein
c1b2aa1d11
nginx_status_facts: deprecate/rename to nginx_status_info (#60979)
* Rename nginx_status_facts -> nginx_status_info

* Add changelog.

* Remove warnings.

* Re-add ignore.txt entries.

* ...

* Raw strings for docs.

* Use U(...) for link.
2019-08-21 09:09:22 +02:00
Bojan Vitnik
04e0f9d4ea XenServer: When VM is in powered on state, plug newly added disks
Fixes: #60693
2019-08-21 10:50:14 +05:30
Sloane Hertel
3247626ac7 Warn when transforming constructed groups (#60912)
* Warn when transforming constructed groups

The `keyed_groups` field has used sanitization since 2.6, but `groups` only started doing so in 2.8.
This adds a warning for the change in behavior.

* changelog
2019-08-20 10:32:02 -05:00
Matt Martz
ba25522db4
Remove ddeprecated redis_kv lookup. Fixes #59984 (#60826) 2019-08-20 10:27:09 -05:00
Felix Fontein
e58919bccd
gluster_heal_facts: rename to gluster_heal_info (#60919)
* Rename gluster_heal_facts -> gluster_heal_info

* Add changelog.
2019-08-20 15:43:41 +02:00
Felix Fontein
c66163b118
hpilo_facts: rename to hpilo_info (#60917)
* Rename hpilo_facts -> hpilo_info

* Fix porting guide.

* Add changelog.
2019-08-20 15:14:18 +02:00
Will Thames
362c45517d aws_kms: fix failing tests (#60206)
Preserve tag key case by only calling camel_dict_to_snake_dict once,
before the tags are added.

Don't call assert_policy_shape as it seems to fail

Use aws_caller_info in the test suite now that it exists rather
than running `aws sts get_caller_identity`

Ensure that calls using `grant_types` can also use key aliases
2019-08-20 07:15:40 -04:00
Dusan Matejka
31bfcd4745 Reworked zabbix_template to support XML import/export + updated documentation (#59040) 2019-08-19 10:53:58 -04:00
René Moser
4b743a2721
vultr: use exponential backoff for api query retries (#60529) 2019-08-19 16:09:09 +02:00
Mark Chappell
8e99f0ecc6 aws_kms: Rename various policy manipulation options to reduce confusion (#60561)
* aws_kms: Rename various policy manipulation options to reduce confusion

AWS KMS now has the concept of issuing a 'grant', which is independent
of the policy attached to a key.  Rename the following options to make
it clearer that the operate on the CMK Policy *not* on CMK Grants

* aws_kms: don't just rename grant_types/mode, deprecate them too.
2019-08-19 19:44:03 +10:00
Klaus Frank
fb2c1d4577 Make win_domain_user idempotent for password changes (#58383)
* Make win_domain_user idempotent for passwordchanges

* Add changelog fragment

* Use test-credentials function from win_user.

* Split domain from username

* Update win_domain_user.ps1

* Fix ci

* Update win_domain_user.ps1

Fix ci

* Implement review

* Logic cleanup and remove securestring

* Fix typo

* fix syntax

fix syntax

* Use AD object instead of user input as requested by review

* migrate to Ansible.AccessToken
2019-08-19 06:17:41 +10:00
Klaus Frank
811153afb1 Add exception handling to win_domain_controller (#58234)
* Add exception handling to win_domain_controller

* Add changelog

* Fix PSUseDeclaredVarsMoreThanAssignments

* Remove dns domain cannot be resolved error message

As requested by PR review in https://github.com/ansible/ansible/pull/58234#discussion_r300509880
2019-08-18 16:14:51 -04:00
Felix Fontein
0d88ec241f
openssl_certificate: fix idempotency (#60745)
* Fix openssl_certificate idempotency.

* Add changelog.

* Add integration test.
2019-08-18 20:48:34 +02:00
Felix Fontein
16056f4978
openssl_certificate: check for existence before loading CSR / private keys / ... (#60740)
* Check file existence before loading files.

* Remove superfluous import.

* Add changelog.
2019-08-18 11:41:50 +02:00
Hannes Ljungberg
13364fc530 docker_swarm_service: Allow passing dicts in networks (#58961)
* Add support for passing networks as dicts

* Add function to compare a list of different objects

* Handle comparing falsy values to missing values

* Pass docker versions to Service

* Move can_update_networks to Service class

* Pass Networks in TaskTemplate when supported

* Remove weird __str__

* Add networks integration tests

* Add unit tests

* Add example

* Add changelog fragment

* Make sure that network options are clean

Co-Authored-By: Felix Fontein <felix@fontein.de>

* Set networks elements as raw in arg spec

Co-Authored-By: Felix Fontein <felix@fontein.de>

* Fix wrong variable naming

* Check for network options that are not valid

* Only check for None options

* Validate that aliases is a list
2019-08-18 08:55:54 +02:00
Felix Fontein
ceff0029cb
openssl_certificate: deprecate assertonly provider (#60623)
* Add deprecation marks.

* Add conversion example.

* Split long line.

* Add changelog and porting guide entry.

* Fix unrelated porting guide entry.

* Fix format.

* Fix doc mistakes found in review.

* Fix filter name.

* Compare CSR and cert subject via subject_ordered.
2019-08-18 05:09:49 +02:00
Chris Trufan
86366530e8 Entrust Datacard - Support for "entrust" provider in openssl_certificate module (#59272)
* Addition of entrust provider to openssl_certificate module

* Fix native return values of error messages and JSON response.

* Documentation and syntax fixes per ansibot.

* Refactored structure of for loop due to ansible test failures in python 2.6

* Remove OCSP functionality for inclusion in possible seperate future pull request.

* Remove reissue support.

* Indicate the entrust parameters are specific to entrust.

* Comment fixes to make it clear module_utils request is used.

* Fixes to not_after documentation

* Response to pull request comments and cleanup of error handling for bad connections to properly use the 'six' HttpError for compatibility with both Python 2/3 underlying url libraries.

* pep8/pycodestyle fixes.

* Added code fragment and response to comments.

* Update license to simplified BSD

* Fixed botmeta typo

* Include license text in api.yml

* Remove unsupported certificate types, and always submit an explicit organization to match organization in CSR

* Fix documentation misquote, add expired to a comment, and fix path check timing.

* Update changelogs/fragments/59272-support-for-entrust-provider-in-openssl_certificate_module.yaml

Co-Authored-By: Felix Fontein <felix@fontein.de>
2019-08-17 21:32:02 +02:00
Felix Fontein
6a786d0d93
openssl_publickey: add cryptography backend (#60387)
* Add cryptography backend.

* Add changelog.

* Make sure requirements are satisfied.

* Use more compatible elliptic curve.

* Decrease required version numbers.

* PyOpenSSL >= 16.0.0 is really needed.

* Update lib/ansible/modules/crypto/openssl_publickey.py

Co-Authored-By: MarkusTeufelberger <mteufelberger@mgit.at>
2019-08-17 18:52:14 +02:00
Felix Fontein
601a4b8f47
get_certificate: add cryptography backend (#60599)
* Add cryptography backend for get_certificate.

* Add changelog.

* Use short names (if possible).

* Adjust version (to behave as pyOpenSSL).

* Work around bugs (needed for cryptography 1.2.3).

* Don't run cryptography backend tests for CentOS 6.

* Bump cryptography requirement to 1.6 or newer.

Otherwise, signature_algorithm_oid isn't there, either.

* Simplify requirement text.

* CentOS 6 has cryptography 1.9, so we still need to block.

* Add auto-detect test.

* Improve YAML.
2019-08-17 16:02:14 +02:00
Felix Fontein
38435e1bd0
openssl_certificate: various assertonly bugfixes (#60658)
* Fix get_relative_time_option for byte string input. Also fix it for None input.

* Using correct property for invalid_at check.

* Fix invalid_at comparison.

* Converting relative timestamps before comparison for valid_at and invalid_at.

* Fixing key usage display for cryptography backend.

* Fix key usage comparison. OBJ_txt2nid always returns 0 for key usage identifiers.

* Add changelog.

* Fix pyOpenSSL key usage comparison.
2019-08-17 15:58:25 +02:00
Felix Fontein
cf69b73c04
openssl_certificate/csr_info: add ordered issuer/subject return value (#60708)
* Add ordered issuer/subject return value.

* Add changelog.
2019-08-17 15:49:54 +02:00
Lukas Kämmerling
100b56439e hcloud_server: Allow users to enable/disable the rescue mode (#60070) 2019-08-17 11:29:58 +02:00
Mitsuru Nakakawaji
064cd63f3d fix: docker_swarm_service does not publish both tcp and udp ports (#60616)
* fix: docker_swarm_service does not publish both tcp and udp ports for same published port

* fix the linting problems and add the changelog fragment.

* add test

* modify test to ensure result rather than return value
2019-08-16 15:23:45 +02:00
Felix Fontein
48541910bf
docker_container: add mount endpoint collision detection (#60384)
* Add mount endpoint collision detection.

* Add changelog.

* Fix error.
2019-08-16 15:23:03 +02:00
Gonéri Le Bouder
c60676a118 VMware: add a changelog entry for PR #60476 (#60490)
Add a changelog entry for https://github.com/ansible/ansible/pull/60476.
2019-08-16 09:10:42 +05:30
Patrick Marques
39d249155a Deprecates Digital Ocean sshkey_facts in favor of new module sshkey_info (#60546)
* Renames Digital Ocean sshkey_facts modules to sshkey_info

* Change digital_ocean_sshkey_facts status to deprected

* Update digital_ocean_sshkey _facts _info doc

* Allow digital_ocean_sshkey_info in Check Mode

* Update lib/ansible/modules/cloud/digital_ocean/_digital_ocean_sshkey_facts.py

Co-Authored-By: Felix Fontein <felix@fontein.de>

* Fix _info added version
2019-08-15 23:45:05 +02:00
Simon Dodsley
491a47c7c5 Pure modules: rename _facts with ansible_facts result to _info (#60641) 2019-08-15 22:42:35 +02:00
Matt Clay
25b20adb94 Fix git module when using absolute repo path.
This prevents a traceback when `repo` is set to an absolute path.
2019-08-14 18:09:56 -07:00
Felix Fontein
99fb0fcb2f docker_logout: report change on successful logout (#60381)
* Mark logout as changed when docker logout does not return 'Not logged in to '.

* Add changelog.

* Improve logout detection.

* Also return output of 'docker logout'.
2019-08-14 05:23:38 -04:00
Sam Doran
0f35e4b7b9 apt_facts - Fix cache related performance regression (#60511)
* apt_facts - Fix cache related performance regression

* Another minor performance improvement
2019-08-14 03:43:52 -04:00
Jordan Borean
14a7722e39
ansible-galaxy tidy up arg parse with better validation (#59957)
* ansible-galaxy tidy up arg parse with better validation

* Add support back in for -v before sub aprser

* Added deprecation warning for manually parsed verbosity
2019-08-14 06:36:29 +10:00
pguermo
8923d13537 proxmox_kvm: While a VM is beeing created, vm has no name item (#58196)
* While a VM is beeing created, vm as no name attribute

* Add changelogs fragment
2019-08-13 19:22:17 +02:00
Matt Martz
ba81084a49
Provide nice error when the shell plugin is incompatible with the con figured become plugin (#60441)
* Provide nice error when the shell plugin is incompatible with the configured become plugin. Fixes #57770

* Add todo

* Add missing import
2019-08-13 09:37:53 -05:00
Shaun M
fa783c027b Adding waiter to cluster remove process (#57324)
* Adding waiter to cluster remove process

* blank line contains whitespace

* update aws_eks integration test

* Refactor aws_eks test suite to use pip

* update version testing

* missing parens...

* add changelog fragment

* Add waiter to module_utils, fix exception handling.

* Correct EKS waiter checks
2019-08-13 23:11:21 +10:00
Felix Fontein
2d98734ad5 Amazon modules: rename _facts with ansible_facts result to _info (#60178)
* aws_s3_bucket_facts -> aws_s3_bucket_info

* cloudformation_facts -> cloudformation_info

* cloudfront_facts -> cloudfront_info

* ecs_service_facts -> ecs_service_info

* efs_facts -> efs_info

* Add changelog and porting guide entry.

* lambda_facts -> lambda_info

* Improve examples.

* Add subsection on renamed modules.

* Add sentence on registering variables.

* Fix ReST.

* Instead of renaming lambda_facts, deprecate it and replace with new module.

* Rename internal variable.

* Re-add sanity ignores for lambda_facts.
2019-08-13 08:01:37 -04:00
Matt Davis
a40baf22fa
various mod_args fixes (#60290)
* various mod_args fixes

* filter task keywords when parsing actions from task_ds- prevents repeatedly banging on the pluginloader for things we know aren't modules/actions
* clean up module/action error messaging. Death to `no action in task!`- actually list the candidate modules/actions from the task if present.

* remove shadowed_module test

* previous discussion was that this behavior isn't worth the complexity or performance costs in mod_args

* fix/add test, remove module shadow logic

* address review feedback
2019-08-13 09:57:49 +01:00
sky-joker
c27b5ae1a3 add option proxy to get_certificate module (#60076)
* add option proxy to get_certificate module

* Add python 2.7 or higher to requirements

* Modify requirements and add create_default_context module import check processing

* add changelog file for get_certificate

* Modify changelog file
2019-08-13 01:34:04 -04:00
James Cassell
8bca160363 add vfat to selinux special_context_filesystems (#59823)
vfat is the format of the /boot/efi partition on UEFI hosts and does
not support SELinux labels

add an environment variable for this config option
2019-08-12 14:45:27 -04:00
Pavan Bidkar
0a90ec90c0 VMware: handle KeyError in get_vm API (#60204)
Fixed if conditions for all VM params
2019-08-12 14:03:13 +05:30
Maxim Babushkin
dda80c46e9 openssh_keypair - Add key `comment` to return output (#59268)
If the comment will be provided during the key creation, it will be
diplayed in the return values.
Same will be on the comment change.
2019-08-11 13:47:34 +02:00
Maxim Babushkin
27e414200f openssh_keypair - Add public key and key comment validation (#57993)
- Split the key validation to separate private and public.
- In case public key does not exist, recreate it.
- Validate comment of the key.
- In case comment changed, update the private and public keys.
2019-08-10 18:57:35 -04:00
Felix Fontein
8b68feb67e
acme_certificate: allow to download alternate certificate chains (#56334)
* Improve link handling.

* Also fetch alternate certificate chains.

* Add retrieve_all_alternates option.

* Simplify code.

* Forgot when condition.

* Add tests for retrieve_all_alternates.

* Fixes.

* Moved utility function for link parsing to module_utils.

* Fix grammar.
2019-08-09 23:54:48 +02:00
Alex Stephen
2e90efd4a7 Changing GCP Facts modules to Info Modules (#60172)
* file changes, porting guide, changelog fragment, renaming autoscaler, removing rst links
* Apply suggestions from code review

Co-Authored-By: Alicia Cozine <879121+acozine@users.noreply.github.com>
Co-Authored-By: Felix Fontein <felix@fontein.de>
2019-08-09 15:13:08 -05:00
Toshio Kuratomi
84e3c0ef1d Fix changelog entry for playbook_dir fix
The final version of the fix makes the addition in two places instead of
moving the single addition from one place to another
2019-08-09 12:33:38 -07:00
Jordan Borean
dbd082efe4
Ansible.AccessToken - Added shared util for managing a Windows access token (#60302)
* Ansible.AccessToken - Added shared util for managing a Windows access token

* Fix tests when running in CI

* More fixes for older servers

* More fixes for Server 2008
2019-08-09 21:10:44 +10:00
Andrew Gaffney
b38cb37728
Transform octal escape sequences in mtab fields (#60122) 2019-08-08 16:31:42 -05:00
Matt Martz
707e33793d
Undeprecated the skip argument for first_found. Fixes #58942. Fixes #59949. (#60161) 2019-08-08 13:55:11 -05:00
James Cassell
c954c07271 TRANSFORM_INVALID_GROUP_CHARS: document "ignore" option (#57318)
Co-Authored-By: Alicia Cozine <879121+acozine@users.noreply.github.com>
2019-08-08 13:50:20 -04:00
Strahinja Kustudic
54d9d7805d systemd module will now wait on deactivating state (#59471)
If a service is in the 'deactivating' state running systemctl stop foo,
would wait for the foo service to actually stop before it exits. The
module didn't behave like that and it considered the deactivating state
as if the service wasn't running. This change will align the module with
the systemctl behaviour.
2019-08-08 12:56:17 -04:00
Jiri Hnidek
577bb88ad8 Added support for syspurpose to redhat_subscribtion module (#59850)
* Added several unit tests
* Added documentation for new syspurpose option and suboptions
* Simplified specification of module arguments
* Added new changelog file with fragments
2019-08-08 11:43:05 -04:00
Drew
6932a5b357 add npipe support to docker_swarm_service (#60073)
* add npipe support to docker_swarm_service

* add changelog fragment

* tweak changelog fragment formatting

* Update lib/ansible/modules/cloud/docker/docker_swarm_service.py

Co-Authored-By: Felix Fontein <felix@fontein.de>
2019-08-08 17:25:13 +02:00
Manu Lange
6a5cd9a820 prevent recursive logging csharp stackoverflow. (#59503)
* prevent recursive logging situation.

* Add changelog
2019-08-08 09:50:41 +10:00
silverwizard
5d8302120b Removed breaking type check from nagios module (#49568)
* Removed extraneous type check from nagios module, in order to allow python 3.x

* Removed now useless import types

* Added changelog fragment

* Update changelog.

* Rebased and removed check due to module adding earlier guardrails

* Updated changelog to mention earlier fix adding now completely removed guardrails

* Remove superfluous type checks. Fix docs type.

* Update ignore.txt.
2019-08-07 22:43:14 +02:00
Jill R
4308b87d72 Don't truncate cidr_ipv6 addresses in ec2_group.py (#59106)
* Better cidr_ipv6 validation in ec2_group.py

* Improve warning/error handling, add changelog

* Update unit test for ipv6 validation

* Fix logic that was causing non /128 cidrs with host bits to not be handled
2019-08-07 08:39:55 -04:00
Marat Sharafutdinov
8751319820 Add wait_sleep parameter for the k8s module (#59714) (#59854) 2019-08-07 21:27:54 +10:00
Jordan Borean
45d0e5994a
win_user - use proper error code when failing to validate creds (#60181) 2019-08-07 18:28:44 +10:00
Matt Martz
923e21836b
Move plugin loader playbook dir additions back to Playbook instead of PlaybookCLI (#59557)
* Move plugin loader playbook dir additions back to Playbook instead of PlaybookCLI. Fixes #59548

* Restore cli additions
2019-08-06 15:58:15 -05:00
Alex Stephen
61d60d07d1 no logging for service account contents (#60149)
* no logging for service account contents

* changelog

* fixes
2019-08-06 15:27:11 -05:00
Abhijeet Kasurde
2a1393e0e1
VMware: Check dvswitch presence before accessing it (#60052)
Check if dvswitch object is not None before accessing it's
properties such as UUID. This can be due to two reason

1. Permission issues
2. There is no association between given distributed virtual portgroup
distributed virtual switch

Fixes: #59952

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2019-08-06 10:38:50 +05:30
Felix Fontein
aecdfd397e ecs_taskdefinition_facts: rename to ecs_taskdefinition_info (#60023)
* Rename ecs_taskdefinition_facts to ecs_taskdefinition_info.
2019-08-05 12:47:35 -07:00
Matt Martz
df6b8d2a4a
Fix async output with adhoc callbacks. Fixes #15988 (#59935) 2019-08-05 10:36:41 -05:00
Sam Doran
6e8798fa88 Correct module name in changelog fragment (#60029) 2019-08-02 22:22:28 +02:00
Sam Doran
a9fe21bc62
docker_compose - use valid variable in exception message (#60020) 2019-08-02 15:57:22 -04:00
Matt Martz
38eee51057
Fix issue with empty cow_whitelist (#59946)
* Fix issue with empty cow_whitelist. Fixes #45631

* Account for None
2019-08-02 11:13:08 -05:00
Felix Fontein
f3e20346cb
Google: gcpubsub_facts -> gcpubsub_info (#57668)
* Rename gcpubsub_facts -> gcpubsub_info.

* Update porting guide and add changelog fragment.
2019-08-02 17:27:28 +02:00
Dave Bendit
fc558fb85f [docker_container] Adding support for mounts option (#49808)
* [WIP][docker_container] Adding support for `mounts` option

Fixes #42054

* Adjusting to current standards.

* Add changelog.

* Adjust types.

* Cleanup.

* Add idempotency checks for mounts.

* Improve diff for mounts.

* Linting.

* Python 2.6 compatibility.

* Fix error message formatting.

* Move mounts and volumes tests into own file.

* Add set of mount tests.

* Golang's omitempty for bool omits false values.

* Simplify sanity checks. Correct order of volume_options sanitization and usage.

* Fix key.

* Fix check.

* Add tests where both volumes and mounts show up.

* Add collision test.
2019-08-02 17:11:14 +02:00
Felix Fontein
a7573102bc
docker_container: fix port bindings with IPv6 addresses (#59715)
* Pass IPv6 addresses for port bindings without square brackets.

* Add changelog.

* Add test.
2019-08-02 17:10:39 +02:00
Ruediger Pluem
f94772f807 Only error out if the gid exists with a different group name (#59769)
Only error out if the gid exists with a different group name as
otherwise it will error out if the group with this gid already
exists, like on a rerun of the playbook. This fixes a regression
introduced by 4898b0a4a2.
2019-08-02 15:51:10 +02:00
Sam Doran
372f21e3b5 Handle new output for podman image build (#59807) 2019-08-02 00:55:32 -04:00
James Cassell
17f2b5f73e os_subnet: allow using non-default subnet pool (#52608) 2019-08-01 10:11:53 -04:00
Abhijeet Kasurde
025e30ea0c VMware: add support for http_proxy in connection API
This commit allows users to access a vCenter or a ESXi through a
HTTP CONNECT based proxy.

To do so, the users have to set the `proxy_host` and `proxy_port`
variables.

The can also use the `VMWARE_PROXY_HOST` and `VMWARE_PROXY_PORT`
environment variables.

This feature depends on pyvmomi > v6.7.1.2018.12.

Fixes: #42221

Co-Author: Abhijeet Kasurde <akasurde@redhat.com>
Co-Author: Gonéri Le Bouder <goneri@redhat.com>
2019-08-01 15:57:26 +02:00
Mario Lenz
3aa73cb6b8 VMware: Refactor vmware_cluster into several modules (#58468)
Refactor vmware_cluster into several modules (vmware_cluster, vmware_cluster_drs, vmware_cluster_ha and vmware_cluster_vsan) as discussed in #58023.

vmware_cluster lacks a lot of configuration options for DRS, HA and vSAN. Implementing them
all in vmware_cluster would make the module hard to maintain. Therefore, splitting it into several
modules and implementing the missing configuration options in them seems a good idea to me.

This is step one, refactoring vmware_cluster into several modules. Step two, implementing more
configuration options for DRS, HA and vSAN, will follow.
2019-08-01 10:35:29 +02:00
glyngholm
f46eb8ebcd Headers in URL lookup plugin (#59555)
* Update url.py

Allow passing of headers to URL lookup plugin
2019-07-31 14:23:55 -04:00
Simon Dodsley
288d74ca48 Update FlashBlade Directory Service config module to support NIS (#59608) 2019-07-31 13:33:24 -04:00
Maciej Delmanowski
75be309242 Don't warn if local user is found in user database (#56838)
If the 'local' parameter of the 'user' Ansible module is enabled, and
the user has been found in the local user database, don't emit
a warning, because this is an expected outcome.

Add changelog and integration tests

Co-authored-by: drybed <drybjed@gmail.com>
2019-07-31 12:14:22 -04:00
Mark Chappell
934d25a820 iam_password_policy: boto expects pw_expire to be ommitted when setting no expiration requirements (#59848)
Fixes #59102
2019-07-31 12:03:30 -04:00
Mark Chappell
c1e5758c4c Add missing aws modules to aws module defaults group (#59788)
* Add missing aws modules to aws module defaults group

* add changelog
2019-07-31 11:53:14 -04:00
Marc Hörsken
98df8e01db Fix py3 decoding issues in cyberarkpassword (#59500)
* Fix py3 decoding issues in cyberarkpassword.py
* Use to_native instead of forced utf-8 decoding
* Use to_bytes to avoid trouble with Popen
* Create 59500-cyberarkpassword-fix-py3-decoding.yaml
2019-07-31 13:46:47 +05:30
Jordan Borean
04ec47bdf1
win_dsc - be more lenient with datetime parsing (#59703)
* win_dsc - be more lenient with datetime parsing

* Remove l that shouldn't be there
2019-07-31 08:45:37 +10:00
Simon Dodsley
4c1f52c6c0 Add support for preferred arrays to host configuration (purefa_host) (#59735) 2019-07-30 17:31:40 -04:00
Simon Dodsley
27c60a7cec Add ability to force immeadiate replication of a pgroup (#59785) 2019-07-30 17:31:23 -04:00
Abhijeet Kasurde
2ebc4e1e7e inventory: Handle IndexError while parsing limit file (#59776)
Handle IndexError exception raised while parsing the limit file.

Fixes: #59695

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2019-07-30 13:02:17 -04:00
Jordan Webb
20c4ad3b95 Add pipelining to podman connection plugin (#57579)
* Add pipelining to podman connection plugin

* Add changelog fragment
2019-07-30 10:14:19 +02:00
Martin Krizek
fd899956b4
Use correct delegate_to hostnames in loops (#59659)
Fixes #59650
2019-07-30 09:46:29 +02:00
Jiri Hnidek
978fe81a6d Added unit tests for redhat_subscription module (#58665)
* Fixed the redhat_subscription module:
  - Option 'pool_ids' works in Python3 now
  - It tries to attach only pools IDs that are available
  - Optimization of code: do not call list --available, when
    no pool is requested
  - Simplified configure() method
  - Small changes to generate same commands on Python2 and Python3.
    Order of arguments/options and pool IDs have to be same to
    be able to run unit test using Python2 and Python3.
  - Added fragments file for redhat_subscribtion module
2019-07-29 16:11:29 -04:00
Tommy Brecher
4d775cbbf1 ec2_eip - added support for BYOIP and filtering reuse addresses by tag/value (#59180)
* change variable name from isinstance to is_instance (prevent overriding builtin function)

* Added support for:
  - Filtering existing Elastic IPs based on a tag name or it's value (when reuse_existing_ip_allowed is true)
  - Allocating new Elastic IPs from a given IPv4 pool (BYOIP support)

* yamllint corrections

* added examples for:
  -  tag_name,
  -  tag_value
  -  public_ipv4_pool

* remove aliases

* Added changelog fragment

* added integration tests for ec2_eip module

* removed space to trigger rebuild
2019-07-29 19:40:19 +10:00
Sorin Sbarnea
7c6fb57b7d Implements extra_hosts for docker_image module (#59540)
* Implements etc_hosts for docker_image module

Allows custom hosts on docker_image module.

The of this option made impossible to use docker_image module to build
images that required a custom hostname in /etc/hosts. For running
containers this option was already present.

While the python-docker API uses extra_hosts term, our existing module
already uses etc_hosts argument, so it sounds better to have some
consistency between docker_container and docker_image.

Fixes: #59233

* Update test/integration/targets/docker_image/files/EtcHostsDockerfile

Co-Authored-By: Felix Fontein <felix@fontein.de>

* Update lib/ansible/modules/cloud/docker/docker_image.py

Co-Authored-By: Felix Fontein <felix@fontein.de>

* Update changelogs/fragments/docker_image_etc_hosts.yml

Co-Authored-By: Felix Fontein <felix@fontein.de>
2019-07-26 16:39:21 -04:00
Ihor Borodin
3b5a96fcb7 Fixing race condition in ec2 inventory plugin (#59638)
* Fixing race condition in ec2 inventory plugin

Co-Authored-By: Sviatoslav Sydorenko <wk.cvs.github@sydorenko.org.ua>

* Fixing code block according to suggestion

* Adding changelog fragment
2019-07-26 13:27:48 -04:00
Pilou
65013c4001 consul_session: ensure certificate is checked when HTTPS is used (#58693)
* consul_session: ensure SSL certificate is checked

* consul_session: don't ignore validate_certs param
2019-07-26 15:05:38 +02:00
Simon Dodsley
d82446652f Update FlashBlade filesystem module to support quotas and NFS v4.1 (#59559) 2019-07-26 04:06:08 -04:00
basos g
3c8838f0f7 Add check mode indicators at the beginning and the end of the playbook, play, and task (#49432)
* Add integration tests for default callback check mode markers
2019-07-25 12:05:43 -04:00
Brian Coca
a5d409a8b2
point at corresponding version (#59200) 2019-07-25 11:54:01 -04:00
Andrey Klychkov
db26fe2f1e module_utils.common.*: removed unused objects (#59570) 2019-07-25 11:04:18 -04:00
Brian Coca
e9a37f8e31
prevent templating of passwords from prompt (#59246)
* prevent templating of passwords from prompt

  fixes CVE-2019-10206
2019-07-24 16:00:20 -04:00
Strahinja Kustudic
5fc769f6b1 sysctl - Reload also when current system values differ (#56153)
Previously if `sysctl_set=no` (which is the default) this module only
checked for changes in the sysctl.conf file to decide whether it should
reload it or not. This means that if the values in the conf file are the
same as they are set with the module, but the current values on the
system are different, that this module wouldn't apply the changes on the
system and thus the value set with the module wouldn't be applied on the
OS. This isn't obvious and it doesn't make sense that the module works
like that by default, especially because there is a separate option
`reload`. Now sysctl will also check if the current value differs on the
system and if it does, it will reload the file again.
2019-07-24 10:04:15 -04:00
Abhijeet Kasurde
401e70c0a2
VMware: add facts about tags in vmware_cluster_facts (#56848)
Fixes: #46458

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2019-07-24 15:45:15 +05:30
Martin Nečas
c7f414dece ovirt vm when creating Nonetypefix (#59377)
* ovirt vm when creating Nonetypefix

* update fix and add comment

* add changelog

* Update 59377-ovirt-vm-when-creating-fix.yml
2019-07-22 16:18:08 -07:00
Brian Coca
8a886a6bee
Fix gather facts ignoring gather_subsets config (#59271)
* Fix gather facts ignoring gather_subsets config

 fixes #58728

* Update lib/ansible/playbook/play.py

Co-Authored-By: Abhijeet Kasurde <akasurde@redhat.com>
2019-07-22 17:59:22 -04:00
Jordan Borean
9ff26a4a22
psrp - Added proper reconnection variable name (#59369) 2019-07-23 05:55:52 +10:00
Brian Coca
74ac229fa8 fix all cases of none remote/become users (#59397)
some cases failed, when defaults were None on the plugins
2019-07-22 12:24:31 -05:00
Martin Krizek
d6b1376006
Add changelog for #59280 (#59380) 2019-07-22 13:42:10 +02:00
Tyler Ramer
8d0f2e5725 Address regression causing bootproto=dhcp for manual IP addresses (#56376)
Commit b7724fdf85
appears to have caused a regression, where `ip4`, `gw4`, `ip6`, `gw6`
were converted to `ipv4.address`, `ipv4.gateway` etc.

This causes bootproto (or `ipv4.method`) to remain `dhcp`, as noted in https://github.com/ansible/ansible/issues/36615

This commit only reverts the key-value pairs to the original names,
which is in line with both expectation (manual ip addr == no dhcp) and
the language used in the playbook, which is, for example, "ip4" not
"ipv4.address"

Co-authored-by: Stuart Pollock <spollock@pivotal.io>
Co-authored-by: Tyler Ramer <tramer@pivotal.io>
2019-07-22 09:30:24 +05:30
Abhijeet Kasurde
1f49abb51c
VMware: Accept 0 as valid value for memory reservation (#59230)
vmware_guest accepts 0MB as valid value for memory reservation in
virtual machine hardware configuration. This fixes the regression
introduced via 193f69064f.

Fixes: #59190

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2019-07-22 09:03:25 +05:30
Jordan Borean
2f2b106423
Fix win_reg_stat for HKU hives (#59359) 2019-07-22 09:12:14 +10:00
Felix Fontein
4a574c4d0c Option parsing: warn if both an option and its alias are specified for a module (#53698)
* Print warning when both an option and its alias is specified.

* Improve output.

* Put warnings into self._warnings directly, resp. use self.warn() when handling subspecs.

* Add changelog.

* Add unit test.
2019-07-19 13:11:41 -04:00
Sam Doran
f231f21669
Handle situation where ansible_architecure may not be defined when gathering facts (#55466) 2019-07-19 11:33:05 -04:00
Raul Mahiques
fd2116e26a Added state "remount" which will remount the device (#52649) 2019-07-19 08:59:27 +02:00
Martin Krizek
a752e2a467
Clear 'connection related' plugin vars for next loop iteration (#59024)
Fixes #58876
2019-07-19 08:39:05 +02:00
pratikgadiya12
393e4a41d0 Added support to create and delete multiple databases in MySQL (#58602)
* Added support to create/delete mulitiple databases in MySQL

Fixes: #58370

* Added additional tests cases and fixed documentation changes

* Code refactoring and added tests for better test coverage

- Removed db_exists usage from most of the code. Used existence_list
 and non_existence_list instead

- Added additional tests to cover all scenarios w.r.t creation and deletion
 on multiple databases

- Added tests for dump operations

* Minor fix

* Minor fix - create check mode test

* Added dump tests for better dump tests coverage

* Removed minor database connection details

* fixed error

* Added test case for import operations

* Code refactoring and review fixes

- Added dump all test case

* Fixed review comments

* Minor review comment fixes

* Altered db_create return value

* Removed db_list and altered "does exist" to just "exist"

* Kept db and db_list in module.exit_json

* Refactored tests

- Added removal of dump2 file

* Moved import tests to state_dump_import file

* Removed import tests from multi_db_create_delete

* Updated porting guide, added RETURN block

* Minor identation fix

* Added validation to check if databases are dumped
2019-07-18 16:56:32 +02:00
Hannes Ljungberg
0e8eb1d17f pip: Remove unused option use_mirrors and remove all ignore.txt entries
PR #58977

* Remove unused option use_mirrors

* Add changelog fragment
2019-07-18 16:38:37 +02:00
Sam Doran
d2edf1d435 User - Create parent directories if they do not exist in the specified home path (#51043)
* Create a user home directory if it has parents that do not exist

The useradd command line tool does not create parent directories. Check if the specified home path has parents that do not exist. If so, create them prior to running useradd, then set the proper permission on the created directory.

Add tests

Signed-off-by: Sam Doran <sdoran@redhat.com>

* Use dict for default user group in tests

Signed-off-by: Sam Doran <sdoran@redhat.com>

* Fix tests

Signed-off-by: Sam Doran <sdoran@redhat.com>
2019-07-18 10:19:11 -04:00
James Cassell
28259ee247 dzdo: fix password prompt (#59208) 2019-07-18 10:42:00 +10:00
Matt Davis
277690bcc6 add changelog 2019-07-17 19:11:56 -04:00
Brian Coca
c2253c8133
Allow for no role_versions to be present (#56519)
* Allow for no role_versions to be present

  fixes #46650

  better info on fetch, ensure list return

* use correct to_
2019-07-17 12:35:24 -04:00
Brian Coca
48d4d6ec69
Stop ignoring merge hash behaviour in inventory (#58460)
* stop ignoring merge hash behaviour in inventory

fixes #58120

* added porting note

Co-Authored-By: Alicia Cozine <879121+acozine@users.noreply.github.com>
2019-07-17 11:16:56 -04:00
Brian Coca
a39b721db5
fixes to config manager (#58530)
* skip unreadable ansible.cfg

* all types should check for type

* patch access for tests and fix tests that relied on missing files not being checked
2019-07-17 10:39:30 -04:00
Hannes Ljungberg
6f94995b52 npm: Validate all option types (#58965)
* Add type validation for name, version and registry
* Add changelog fragment
* Remove ignore of E337 and E338
2019-07-17 09:34:58 +05:30
Matt Davis
d28f25d118
patch ansible-connection collection plugin loading (#59119) 2019-07-16 13:46:15 -07:00
Jonathan
f0eaf1fb39 Module mail : Add Date header (#59080)
* Mail module : add date header (#58808)
2019-07-16 10:55:59 -04:00
Martin Krizek
4898b0a4a2 group: detect duplicate GIDs when local=yes (#58469) 2019-07-15 12:52:15 -04:00
Alvaro Olmedo Rodriguez
a1dcba63b3 java_keystore - Prefer SHA256 and solve SHA256 keytool in java11 version (#57302) 2019-07-15 12:44:30 -04:00
Kevin Dwyer
ec35cbc437 Pass allow_unauthenticated when installing a deb directly - allowing unauthenticated dependencies (#58771)
* Pass allow_unauthenticated when installing a deb directly - allowing unauthenticated dependencies.

* Add changelog for ansible/ansible#58771
2019-07-15 12:02:14 +02:00
shiro
644eead954 Fix docs for yum_repository.py (#59068)
* The description has been replaced with proxy_password and proxy_username.
* Rename 59068-fix doc for yum_repository.py to 59068-fix_doc_for_yum_repository.yml
2019-07-15 15:19:40 +05:30
Felix Fontein
8d6f1846a6
docker_* modules: improve tag validation and requests error handling (#58791)
* Add method to validate docker tags.

* Validate tag option of docker_image.

* Fix regex. Always return boolean, not None vs. Matcher object.

* Also catch requests errors.

* Linting.

* Add changelog.
2019-07-13 22:36:18 +02:00
Felix Fontein
fa7c387f9b docker_container: add support for nocopy mode (#59043)
* Add support for nocopy mode.

* Add changelog.
2019-07-13 14:50:32 -04:00
Hannes Ljungberg
34a68fa0fb pip: Document option types and validate name elements
PR #58966

Also:
* Validate that name elements are strings
2019-07-13 17:05:37 +02:00
Martin Krizek
aea5b795c0 Make ansible_index_var accessible as a magic var (#59030) 2019-07-12 08:50:19 -04:00
Brian Coca
adea964c3e
Fix gather_facts error/skipped reporting (#58927)
now give back full output from each module executed
 fixes #57204
2019-07-11 14:18:32 -04:00
Brian Coca
a7b14ec1be
Fix strat inv (#58982)
* Fix strategy functions that update inventory

* added tests
2019-07-11 13:49:49 -04:00
pratikgadiya12
e8f4ebb22c nmcli: Argument vlanid (int) is changed internally to string (#58963)
* Argument vlanid (int) is changed internally to string
* Modified test case to check vlan id

Fixes: #58949
2019-07-11 18:02:02 +05:30
Valeriy Zabawski
cc4dc075f7 Adds minor improvements to 'zabbix_actions' module (#58379)
Changes:

    1. Update mandatory arguments in accordance with Zabbix API.
       Only esc_period, eventsource and name fields are mandatory.

       Reference: https://www.zabbix.com/documentation/3.0/manual/api/reference/action/object

    2. Add default values to argument options in order to prevent "TypeError: 'NoneType' object is not iterable" error.

    3. Add new condition operators (introduced in Zabbix 4.0 and 4.2)

    References:
      - https://www.zabbix.com/documentation/4.2/manual/api/reference/action/object#action_filter_condition
      - https://www.zabbix.com/documentation/4.0/manual/api/reference/action/object#action_filter_condition

    4. Update module documentation
2019-07-11 06:14:00 -04:00
flowerysong
c513c1e2d3 aws_s3: Improve ETag handling (#46332)
* cosmetic: Remove useless call to ec2_argument_spec()

* aws_s3: Improve ETag handling

* Extract ETag calculation into a utility function for reuse by
  aws_s3_sync.
* Reduce code duplication in put/get by restructuring the logic
* Only calculate ETag when overwrite == different
* Fail gracefully when overwrite == different and MD5 isn't available
  (e.g. due to FIPS-140-2).

* aws_s3: clean up integration tests

Clean up tests, add tests for overwrite settings in both directions.
2019-07-10 14:05:12 -07:00
Pilou
b58c64e3b1 consul_session: ensure empty result is handled (#58694) 2019-07-10 15:15:18 -04:00
Matt Martz
d1afcbced1
Cache handler name for included handlers. Fixes #58769 (#58780) 2019-07-10 13:53:56 -05:00
Pilou
ef1cf2d2e8 consul_session: ensure scheme parameter is used (#58692)
* Ensure an error occurs when unknown scheme is used
* consul_session: don't ignore 'scheme' parameter
2019-07-10 09:16:17 -04:00
Martin Krizek
7346b699ee
Use templated loop_var/index_var when looping include_* (#58866)
Fixes #58820
2019-07-10 13:49:24 +02:00
Jordan Borean
b6791e6ae3
ansible-galaxy: add collection sub command (#57106)
* ansible-galaxy: add collection init sub command

* Fix changelog and other sanity issues

* Slim down skeleton structure, fix encoding issue on template

* Fix doc generation code to include sub commands

* Added build step

* Tidy up the build action

* Fixed up doc changes and slight testing tweaks

* Re-organise tests to use pytest

* Added publish step and fixed up issues after working with Galaxy

* Unit test improvments

* Fix unit test on 3.5

* Add remaining build tests

* Test fixes, make the integration tests clearer to debug on failures

* Removed unicode name tests until I've got further clarification

* Added publish unit tests

* Change expected length value

* Added collection install steps, tests forthcoming

* Added unit tests for collection install entrypoint

* Added some more tests for collection install

* follow proper encoding rules and added more tests

* Add remaining tests

* tidied up tests and code based on review

* exclude pre-release versions from galaxy API
2019-07-10 05:47:25 +10:00
Sam Doran
1c2c1c15d0 dnf - fix error formatting of module name in error message (#58647) 2019-07-09 10:16:42 +02:00
Shachaf92
7ddcaafee5 many pslint fixes (#55862)
* Handles:

PSAvoidTrailingWhitespace
PSAvoidGlobalVars
PSAvoidAssignmentToAutomaticVariable
PSAvoidUsingCmdletAliases
PSAvoidUsingWriteHost
PSUseDeclaredVarsMoreThanAssignments
PSUsePSCredentialType
PSAvoidUsingPositionalParameters
PSAvoidUsingEmptyCatchBlock
PSAvoidUsingWMICmdlet

Replaced Write-Host with Write-Output
Added smart reboot check for win_domain feature installation
Modify the Creation of the pagefileto fit to CIM
Changelog fragment addition
Ignore.txt without fixes

* Changes after community reviews

* Change Out-Null to '> $null'

* Fixes after jborean93 comments

* Test

* Revert "Test"

This reverts commit 35c5c0648fa9d2868a18094d84954e53ffa28880.

* Removed all  > $null since they broke the module since the output got dumped

* run test again

* Revert "run test again"

This reverts commit 80eaf07143f9d8cb0116cbbc68a6a69c0ace840c.

* Changes after community review

* ignore PSUseDeclaredVarsMoreThanAssignments that are on a diffrent PR

* CI failed on extra line in ignore.txt

* Review changes

* PSlint errors

* Trail space

* send to null breaks the tests for  Set-Workgroup

* Lint stuff

* win_domain_user issue of indent.

* Update win_domain_user.ps1

* Update win_domain_membership.ps1

* Fix redirect to null

* lint space issue

* removed return from set-workgroup

* removed send to null
2019-07-09 05:41:58 +10:00
Will Thames
88364d4cfd Add purge_tags to s3_bucket to allow preservation of existing tags (#58754)
* Add purge_tags to s3_bucket to allow preservation of existing tags

Adding `purge_tags` with default `True` to maintain existing behaviour
allows users to set it to `False` to preserve existing tags

Fixes #29366

* s3_bucket: Add further tests and improve tag handling further

Additional tests for purge_tags: False suggested some incorrect
logic and thus further improvements

Increase wait timeout on bucket deletion as it wasn't always completing
in the default 100 seconds
2019-07-08 10:19:01 -07:00