* Fix for shared snapshot parameter
Fixing this bug:
`Unknown parameter in input: "IsShared", must be one of: DBInstanceIdentifier, DBSnapshotIdentifier, SnapshotType, Filters, MaxRecords, Marker, IncludeShared, IncludePublic, DbiResourceId`
* Updated documentation for shared snapshots
Tags can't get accessed for shared snapshots
* fixed indentation
* added test for shared snapshot
* fixed isPublic parameter to correct IncludePublic parameter
Co-authored-by: Oliver Kastler <oliver@realestate.co.nz>
User can now specify tag and category using dict in vmware_tag_manager
module. This is useful when tag or category name contains colon.
Fixes: #65765
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Start adding ansible-galaxy collection list options
* Working list all collections and list a specific collection
* Nuke debugging cruft
* Use to_text to get a string of the FQCN for sorting
* Improve collection output formatting
- add header
- display collection name and version in separate columns
- width of columns is dynamic based on collection name and version length
* Make role list output match collection output list
- add header
- add columns for role name and version
- make column width dynamic based on name and version length
* remove debug statemnt and extra header
* Revert "Make role list output match collection output list"
This reverts commit a0b3db47bb3b198aafd34c1f1be5b6561af2f928.
* Add validate_collection_path function
Utility function for ensuring a collection target ends with 'ansible_collection'
* Use validate_collection_path
* Do not warn if a specific collection in found in any search path
* Fix extraneous warning and remove duplicate code
Do not warn when listing a specific collection and it does not exist
in other collection paths.
Restructure the code that loops through collection paths to remove
duplicate conditional code.
* Indicate role path was found
* Use new function name
* WIP Save Point
* Use separate functions for role and collection list
* Wrap error message
There may be a better way to do this besides hard coding a line break, but this
does make the message a lot more readable.
* Add validate_collection_path function (#66441)
* Add validate_collection_path function
Utility function for ensuring a collection target ends with 'ansible_collection'
* Fix bad syntax
* Correct docstring
* Bikeshed the names
* Properly list a single role
* Simplify _display_warnings()
Only display warnings. Move exception raise back to each caller.
* Move private methods to private functions
They don't need self, so it makes sense to have them as functions
Get rid of _display_warnings() function since it doesn't do anything worthy of
an independent function.
* Add integration tests for ansible-galaxy collection list
* Fix docs sanity test
* Fix bug where ansible_collections dir does not exist
The path may exist, but if there is no ansible_collections dir inside that path,
an exception was raised in find_existing_collections().
Add integration test for this scenario
* Put execute_list() method back
* Add some informational messages for debugging
* Add unit tests
Units tests for the various private methods in support of collection list
* Start adding unit tests for test_execute_list
* Display collection path when listing specific collection
* Add unit tests for listing all collections and specific collection
- Create fixture for creating test objects
- Add function for controlling os.path.isdir results
* Set defaults for minimum collection widths
Ensure that collections with small FQCNs display correctly.
Add unit tests
* Split up unit tests and fix fixtures
Add more fixtures for mocking objects during the specific collection tests
* Change help message for -p in list subcommand
Give accurate description of what it actually does rather than trying to use language shared between sub commands.
* Disable colorized output in unit test
* Add docs for collection list
* Fix integration test on macOS
The temp file path is really long on macOS, so the warning message gets wrapped
across multiple lines. That make seth grep fail. Switch to matching on a smaller
part of the warning.
* Recreate common path options for collections
Improve help about what the '-p' option does and how it works.
* Remove unnecessary elif after continue statements
* Account for duplicate paths in collections_searh_paths
If someone specifies the same path via '-p' that is the COLLECTIONS_PATHS,
do not list the collections twice.
* Docs updates
We use `ansible.module_utils.compat.ipaddress()` just for trivial IP
validations that are not critical. This module will be ship in the
`ansible.netcommon` collection. If we continue this way, it means
the futur `community.vmware` will carry this extra dependency for
limited benefit.
This commit introduce a new `is_ipaddress()` that provide similar
feature.
* [WIP] Add verify subcommand command to 'ansible-galaxy collection'
* Fix pep8 and use consistent display order
* WIP - docs
* Remove some redundancy in verify display messages by using an error queue for each collection
* Share common code and improve output format
* clean up documentation
* typo
* Apply suggestions from code review
Co-Authored-By: Sandra McCann <samccann@redhat.com>
* Move ModifiedContent namedtuple to the global scope
Add a public metadata property
Rename function to _get_json_from_tar_file
* Add some unit tests
* fix using common functions after rebase
* changelog
* Improve efficiency finding specific installed collections
Improve efficiency by only downloading the tar.gz from the galaxy server for comparison after checking that the collection has been installed
Handle multiple collection paths
Fix up tests
* pep8
* reword that for accuracy
* use more common code and verify collection name
* Improve error message and add documentation
* Update unit tests and add coverage for both local and remote collections that are unable to be located
* Only validate collections using the format collection_namespace.collection_name
Fix tests to reflect that
Fix documentation
* Fix a bug when a local collection does not contain a file
* pep8
* Fix formatting
Co-authored-by: Sandra McCann <samccann@redhat.com>
* Hotfix for FortiAnalyzer HTTPAPI Plugin in response to connection issues introduced in Ansible 2.9.
* Changed _connect behavior per Mr. Case.
Co-authored-by: Luke Weighall <lweighall@users.noreply.github.com>
Co-authored-by: Nathaniel Case <this.is@nathanielca.se>
* try to handle default when state is absent
* remove default target_type
* Update lib/ansible/modules/cloud/amazon/elb_target_group.py
Co-authored-by: Mark Chappell <mchappel@redhat.com>
* win_package - Refactor with msp, appx support
* Added msi test for ALLUSERS
* Added some msix tests, refactored tests
* Added remaining msix tests
* Enable msix sideloading for tests
* Added remaining exe path tests
* Added basic msp tests
* Remove url options now the util no longer has them
* Fix file version check for older Windows hosts
* Remove no_proxy ansible-test setting
* Use same mechanism of become to copy the file with explicit creds
* Added Ansible.Service util and win_service_info
* Fix up util test
* Sigh forgot to update the test and fix sanity
* Try to make tests more robust
* That didn't work, just check the username
* Betraying Queen and country with this doc fix
* More changes for compat
* More OS compatibility
* Hotfix for connection manager persistent connection initialization.
* PEP8 Fixes
* First Round of fixes requested by Qualthos.
* Removed _connection check per Mr. Case.
* Somehow the wrong version got sent... should be all good.
Co-authored-by: Luke Weighall <lweighall@users.noreply.github.com>
Co-authored-by: Nathaniel Case <this.is@nathanielca.se>
* AnsibleAWSModule related cleanup - redshift
* Apply a backoff on modify_cluster to cope with concurrent operations
* Add AWS 'hacking' policy to allow creation of Redshift ServiceRole
* Adding the retry policies makes the redshift test suite more reliable
* Make validate-modules stop ignore FILE_COMMON_ARGUMENTS.
* Add types to FILE_COMMON_ARGUMENTS and update document fragment to match it.
* Update ignore.txt.
* Add changelog.
* Update digital_ocean_droplet.py
here's new term of `ssh_keys` from `SSH key (numeric) ID` and in fact it's fingerprint. correctly term so people can easily know how to do it.
* Update digital_ocean_droplet.py
* Change socket_path error messages to not directly refer to socket_path
* Apply suggestions from code review
Co-Authored-By: Nathaniel Case <this.is@nathanielca.se>
##### SUMMARY
The info command also does not require the name option, which is completely ignored.
##### ISSUE TYPE
- Docs Pull Request
+label: docsite_pr
##### SUMMARY
To globally install from local node.js library. Prepend "file:" to the path of the node.js library.
##### ISSUE TYPE
- Docs Pull Request
+label: docsite_pr
##### SUMMARY
<!--- The example to call the method batch_job_definition is bad, the good method name is aws_batch_job_definition-->
##### ISSUE TYPE
- Docs Pull Request
+label: docsite_pr
* Clean up FILE_COMMON_ARGUMENTS.
* postgresql_pg_hba doesn't declare the backup option.
* uri doesn't declare the remote_src option.
* Add documentation.
* maven_artifact seems to use directory_mode, which it doesn't declare.
* Update changelogs/fragments/66389-file-common-arguments.yml
Update docs/docsite/rst/porting_guides/porting_guide_2.10.rst
ci_complete
Co-Authored-By: Jill R <4121322+jillr@users.noreply.github.com>
This looks to be causing issues for our new ansible.netcommon
collection. Revert for now, until we can properly address.
This reverts commit 53c7f8cbde.
The edgeos_config module had a list of commands to filter out to avoid
load failures. This list had a single regular expression which caught
commands that attempted to set pre-encrypted passwords. This behavior is
undesirable for a few reasons.
* It's poorly documented. The documentation makes cryptic mention of a
return value that some commands might be filtered out, but offers no
explanation as to what they are or why.
* It's hard-coded. There's no way for the user to change or disable this
functionality, rendering the commands caught by that expression
completely unusable with the edgeos_config module.
* The obvious workaround is unsafe. The filter catches passwords that
are already encrypted, but is perfectly fine letting the user set
plain-text passwords. EdgeOS will encrypt them upon commit, but this
module encourages unsafe handling of secrets up to that point.
* It's a security vulnerability if the user doesn't know about this
behavior. While the module will warn if commands are filtered, the
user won't know what got filtered out until after the fact, and may
easily miss that warning if they are not vigilant. For something as
sensitive as setting a password, it's not hard to imagine naive use of
this module resulting in incorrect credentials being deployed.
* It provides no discernible benefit. Using the module without filtering
does not result in load failures. If those commands are indeed harmful
for some reason on (old?) versions of EdgeOS, it should be incumbent
upon the user to be scrupulous in what commands they issue, rather
than the module maintaining a blacklist of possible ways the user
might misuse their own system.
* "openssl_certificate - Add option for changing which ACME directory to use with acme-tiny. Set the default ACME directory to Let's Encrypt instead of using acme-tiny's default. (acme-tiny also uses Let's Encrypt at the time being, so no action should neccessary.)"
* "openssl_certificate - Change the required version of acme-tiny to >= 4.0.0"
self._discovered_interpreter_key is None unless a previous iteration
has attempted discovery. In that case, force re-discovery, as the
previous attempt certainly failed.
* Fix UNC path joining in the powershell shell plugin, add test
* Remove testy bits and a redundant line
* Fix style nits
* Update to use os.ntpath
* Add changelog for #66604
* Added omitted logpath parameter to win_domain
The Install-ADDSForest -LogPath param seems to have been omitted in the win_domain module. We do not use this module organisation-wide as its non trivial to change the log patch once AD is set up. I will also update docs
* Removed trailing whitespace
* Added logpath option to win_domain module docs
Update the example so that the task name matches the filename being updated
The first example shows how you might template a file to destination /etc/file.conf. The description of this task appears to have a typo as it refers to '/etc/files.conf' rather than '/etc/file.conf'
* Fix#63077
If the package is already installed the stdout is not as expected by this function. Either remove `--needed` or just noop if we detect pacman returning. We cannot match the stdout string, as that is most likely localized.
```
[root@archBook user]# /usr/bin/pacman --upgrade --noconfirm --noprogressbar --needed /srv/aur/src/i3cat-git/i3cat-git-r38.c6d29dd-1-x86_64.pkg.tar.xz
loading packages...
warning: i3cat-git-r38.c6d29dd-1 is up to date -- skipping
there is nothing to do
```
* Add comment
Add comment
* Add changelog fragment.
Co-authored-by: Felix Fontein <felix@fontein.de>
This patch fixes "IndexError: list index out of range" error for https://console.cloud.croc.ru.
When key pair is new, croc return dict with an empty list for key KeyPairs that causes ansible to crush.
* aws_netapp_cvs_snapshots - minor required_if fixup (state must be set if state=present)
* ec2 - fix typo in mutually_exclusive definition
* rds_instance: fix typo in mutually_exclusive restore_to_time should be restore_time - currently throws a boto error
* Try to load network action plugin from the same collection as the module
* Alter tests to match
Just make sure the action plugin is as qualified as the module it is paired with
This makes it behave in a more idiomatic way
* Fix bug in Darwin facts for free memory
If the vm_stat command is not found, fact gathering would fail with an unhelpful
error message. Handle this gracefully and return a default value for free memory.
* Add unit tests
Add 'force_basic_auth' option
By default "force_basic_auth" option is set to False, with this adjustment it is up to the user if it wants to enforce basic authentication.
* Fixes#66478
* When no quantity is set, then candlepin server usually uses
default value 1. When more quantities are required, then
candlepin server can automatically choose correct minimal
value.
* Move warn() and deprecate() methods out of basic.py
* Use _global_warnings and _global_deprications and create accessor functions
- This lays the foundation for future functions being moved outside of AnsibleModule
that need an interface to warnings and deprecations without modifying them.
* Add unit tests for new warn and deprecate functions
Add integration test
There are a number of other parameters that result in stack traces as well when this module is used ad-hoc. I'm not sure if we're interested in fixing them all since this module isn't meant to be run ad-hoc.
##### SUMMARY
S3 lifecycle rule prefixes starting with slash (/) have no effects. If an S3 bucket contains a file 'apache.log' under the (virtual) folder 'logs/', for the lifecycle rule to be effective the prefix to be configured must be 'logs/'. If you put '/logs/' (with a trailing slash) as a prefix the file will never be matched by the lifecycle rule.
The example with set_cookie value in cookie header can fail if the server
has set many cookies. The set_cookie value is the cookies sent by server in
set-cookie header, not what the client should send in cookie header to
server.
#33792 introduced cookies_string to solve the problem, but did not update
the uri module example.
content and cookies were also missing from RETURN.
I consistently reach a timeout with the current (10s) timeout. This
commit increases the default value to 30s, this should simplify the life
of our users.
Also, the documentation was incorrect. The value is in second, not minute.
* enable new update rule to delete missing linked templates
New update rule is available from 4.0.16 and 4.4.4 up. Add check for version and enable new update rule.
fixes#66720
* adding fragment file
* Update zabbix_template.py
* Update zabbix_template.py
* Remove redundant use of ec2_argument_spec where we're using AnsibleAWSModule
* Use module.client() instead of the get_aws_connection_info/boto3_conn combo.
* AnsibleAWSModule handles 'HAS_BOTO3'
* Remove unused imports
* Update error message that lambda_policy integration test is looking for when the region's missing
* Revert redshift and s3_bucket
* make sure current_pass_hash is a string before using it in comparison
* add changelogs/fragments file
* fix changelogs/fragments file: it is actually a bugfix, not a minor change
* Added integrations test for ecs_tag
Testing invalid cluster test for the expected message.
Add idempotency test is for adding tests to service and task_definition.
* throttle tests: fix detection of parallel execution
The test wasn't able to detect if too many workers were running.
On my laptop:
- without this change, the 'throttle' target takes ~20 seconds
- with this change, the 'throttle' target takes ~70 seconds
- 1 second isn't long enough to encounter the issue
* Fix throttle test when strategy is 'free' based
'free' strategy allows multiple tasks to be executed in parallel: use
one 'throttledir' per task.
Use 'linear' strategy with a dedicated play for cleanup/setup tasks
* throttle: reset worker idx before queuing a new task
* TestStrategyBase: define task.throttle
otherwise '1' will be used instead of the default value due to the
following expression being equal to '1':
int(templar.template(task_mock.throttle))
Co-authored-by: James Cammarata <jimi@sngx.net>
* Add new configuration parameter to make this timeout configurable
* Rename keys to be more correct and reformat exception message for whitespace handling
* Rename config away from default prefix. Add vars element and associated changes to support.
* Update 65001-allow_configuring_async_startup_timeout.yml
Co-authored-by: Matt Davis <nitzmahone@users.noreply.github.com>
* Fixing errors on empty linked templates
fixes#66417
Line 409 fixes KeyError if existing template has no linked templates - as Zabbix API isn't returning an empty array either.
Line 417 is needed to mark as changed if new/modified template has no linked but existing one has.
Line 442 is needed to actually update even if link_templates was None.
* decode parsed xml root
fixes#66466
Line 533: without .decode() the ET.tostring on python3 returns byte-like object
* Create 66463-zabbix_template-fix-error-linktemplate-and-importdump.yml
* Update changelogs/fragments/66463-zabbix_template-fix-error-linktemplate-and-importdump.yml
Co-Authored-By: Dusan Matejka <D3DeFi@users.noreply.github.com>
* Update changelogs/fragments/66463-zabbix_template-fix-error-linktemplate-and-importdump.yml
Co-Authored-By: Dusan Matejka <D3DeFi@users.noreply.github.com>
Co-authored-by: Dusan Matejka <D3DeFi@users.noreply.github.com>
vmware_tag_info used to return dict of tag information which caused
data loss when there are multiple tags with same name and different category ids.
This fix will add additional fact "tag_info" which will deprecated existing fact
"tag_facts".
The "tag_info" is a list which handles multiple tags with same name.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Add validate_collection_path function
Utility function for ensuring a collection target ends with 'ansible_collection'
* Fix bad syntax
* Correct docstring
When HostVars are part of the data that goes through (de)serialization
when being passed from a worker process to the main process, its
variable manager reference loses some of its attributes due to the
implementation of __getstate__ and __setstate__ (perf utilization).
Since HostVars already has those attributes, use __setstate__ to assign
them.
Fixes#65365
Allow the built in commands for checking boot time to be overridden. This is mainly for containers and other odd systems where it would add too much complexity to the plugin code to try and discern the correct command to use.
On Python 2, leave all fds open since there is no mechanism to close specific fds with subprocess.Popen() on Python 2
Add unit tests.
Co-authored-by: Matt Martz <matt@sivel.net>
This change contains fixes for argument spec and respective datatypes.
Created separate PR since these changes might alter the behavior of these modules.
Will need shipit from individual module owner(s).
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
Fixes#66549
The inefficiency improvement
https://github.com/ansible/ansible/pull/63713 introduced a bug where
`enablerepo` was not being honored if combined with
`disablerepo="*"`. This fixes that issue.
Signed-off-by: Adam Miller <admiller@redhat.com>
* Removed "encode" on color in get_job_status
In Python3 (tested in 3.8.1), variable.encode('utf-8') returns as a byte string versus just a string in Python2 (tested in 2.7.17). Removed encode method on return of get_job_status when color exists and wrapped in str() for good measure.
* Swap str() for to_native() per feedback