* Add quota for the number of floating IP's to allow in Network.
* Add nova_floating_ips and neutron_floating_ips aliases to avoid confusion.
* rename aliases to compute_floating_ips and network_floating_ips.
* fixes and improvments for win_iis_webapppool module
* fixes following review feedback on win_iis_webapppool
* Fixed a too-long line in win_iis_webapppool documentation.
* Fixed trailing whitespace for pep8 compliance in documentation win_iis_webapppool.py
* fixed bracket bug
* module parameter attributes now populated. Switched to hashtable for result object. Removed remaining ; statement terminators.
* Remove example that was causing CI check failure
The list_elbs call to boto doesn't use any pagination, so any time there
are more ELBs than the API page size, this module will fail. This change
uses the `next_token` attribute of `ResultSet` to check if there are
still more ELBs to return.
Fixes#21361
* clarify facts assignment for several corner cases
run_once/delegate_facts:
now delegate_facts > run_once, previously run_once always published facts to all hosts in play
include_vars/delegate_to:
now include_vars allows to delegate to a specific host
also fix task_vars exception in delegate_facts/loop as var was removed
fixes#15365
* removed unused loop_var
Gerrithub presents tgz downloads that do not have a containing
directory. This causes a stack trace.
As all roles must contain a meta/main.yml, change ansible-galaxy
to use that to determine the enclosing directory (in the case
of multiple meta/main.yml files, use the one with the shortest parent)
Fixes#15413
* Make more use of AWS Exception information
* Use pythonic dict assignments
* Improve documentation formatting to make option names clearer
in descriptions
* Meet ansible line length requirements
* Tidy up flake8 messages
* Subscibe to pools matched by id before name matches.
If the pools regex matches any pool ids, then subscribe only to those pools.
If there are no pool id matches, then attempt to match the regexp and pool names.
If there are pool name matches, subscribe to those pools.
Fixes#19466, https://github.com/ansible/ansible-modules-core/issues/3898 (partially)
* Add pool id/name matches to 'to keep' list
use subscribe() to use the pools-first logic on update
When trying to copy files onto a Virtio-9p filesystem[1][2] int the host
using something like the template module, ansible throws an error that
says something like:
invalid selinux context: [Errno 95] Operation not supported
Adding 9p to the list of exceptional filesystems forces ansible to not
try to set an SELinux context on copied files.
[1] such as one mounted in a qemu VM, using:
# http://www.linux-kvm.org/page/9p_virtio
qemu-kvm [...] -virtfs local,id=apps_dev,path=/host/dir,security_model=passthrough,mount_tag=host_dir
[2] https://www.kernel.org/doc/Documentation/filesystems/9p.txt
Change-Id: Ia868dadce1ffd2b5bebf5ee1804501676e9d7e5f
This is the original `hponcfg` module that was once accepted in
Ansible but had been removed subsequently because it could not be tested
by the Ansible project.
Since then it was moved to the ansible-provisioning project and
maintained by HP engineers going forward.
Now we are trying to get it upstreamed again.
* Fix vyos signatures to match new versions
* Fix test cases referring to 'updates' instead of 'commands'
* I think this is an artifact of `connection: network_cli`?
* module will now check protocol running state before return
* warns on config argument no longer being needed
* lots of integration test cases updated
* updates unit and integration test cases for state check
fixes#21908
eos_config module wasn't respecting config block path (parents). This
patch fixes that problem. Also fixes a number of integration tests
cases
fixes#21903
* win_copy: Add force parameter and check-mode support
The rationale behind this is that if you're working with +3GB files,
creating the checksum takes a lot of time, which we can avoid by simply
testing if the file exists.
I also took the liberty to put the various parameters together. It
probably takes a (neglible) performance hit but makes the code a bit
easier to inspect/work with, as its closer to all other windows modules.
On a normal run, the action plugin does a local checksum of the source
and a remote checksum of the destination. And afterwards, the module
will do another remote checksum of the copied source, a remote checksum
of the original destination, and another remote checksum of the copied
destination.
On a very huge file (think 4GB) that means 5x reading the complete file
(if you have a large cache you may get away with it, otherwise you're
doomed !).
This patch will ensure with `force: no` that not checksums are being
performed.
* Moving presence check before remote checksum
* Adapted to wishes
* Even more performance improvements
We can diff non-utf8 files (as part of copy, for instance) but when we
try to turn the bytes into text for display, the characters cause
a traceback. Since diff output is only informational, we can replace
those problematic bytes with replacement characters. We do not want to
do this to other fields because those fields may be used inside of the
playbook (for templating another variable or matching in a conditional).
Fixes#21803Fixes#21804
Since vault edit attempts to unlink
edited files before creating a new file
with the same name and writing to it, if
the file was a symlink, the symlink would
be replaced with a regular file.
VaultEditor file ops now check if files
it is changing are symlinks and instead
works directly on the target, so that
os.rename() and shutils do the right thing.
Add unit tests cases for this case and
assorted VaultEditor test cases.
Fixes#20264
Fix 'task name is not templated in retry callback'
Add a task_name property to TaskResult that knows to
check in TaskResult._task_fields.
Add integration test for v2_retry_runner callback
Fixes#18236
get_masquerade_* functions only take one arg. The action_handler
wrapper function expected a tuple, but was being passed (zone)
instead of (zone,) making for an ambiquous tuple. The
(zone) arg was being treated as a tuple/list of six chars
(the zone name) instead of a tuple of one string.
This would cause errors like:
get_masquerade_enabled_permanent() takes exactly 1 argument (6 given)
Fixes#21632
* New module for setting up Avi Pool
* Fixed inconsistency between argspec and documentation regarding defaults and required attributes
* Added support for module_check
* Added new module to setup Avi VirtualService
* Fixed the documentation error where [] brackets where used making it incompatible with yaml
* Fixed inconsistency between argspec and documentation regarding defaults and required attributes
* Added support for check mode
* New module for setting up Avi SSL Key and Certificates for Virtual Services
* Fixed inconsistency between argspec and documentation regarding defaults and required attributes
* Added support for module_check
* New module for setting up Avi Pool Group settings.
* Fixed inconsistency between argspec and documentation regarding defaults and required attributes
* Added support for module_check
* New module for setting up Avi Pool Health Monitors
* Fixed inconsistency between argspec and documentation regarding defaults and required attributes
* Added support for module_check
* Update metadata on existing openstack instances
This adds or updates existing keys, but doesn't remove them
Fixes#5500
* Set meta to {} if None
* Move common metadata parsing into a method
* win_environment: Clean up, check-mode and diff support
Changes include:
- Remove trailing semi-colons
- Replaced PSObjects into normal hashes
- Make use of Get-AnsibleParam and types
- Added check-mode support
- Added diff support
* Improve diff-support by using standard naming
I started to use the variable $diff_support for the boolean that takes
care of diff output support.
Changes include:
- Use Get-AnsibleParam with -type/-validateset
- Replace $result PSObject with normal hash
- Deprecate 'upgrade' parameter by using state=latest
* win_user: Clean up parameter handling and $result hash
Changes include:
- Use of Get-AnsibleParam and parameter types/validateset
- Removed parameter validation
- Replace $result PSObject with normal hash
* Revert to original formatting
* Parameter "groups" is a list
The requests python module is needed, however it is not a dependency of
the python-winrm package. The python-winrm package does require
python-requests_ntlm, which does not seem to pull python-requests.
So for the time being (until Red Hat fixes their package) give a more
informative error message.
* win_file_version: Clean up parameter handling and $result hash
Changes include:
- Replacing $result PSObject with hash
- Use Gt-AnsibleParam using -type
* Revert to original formatting
* win_group: Clean up and check-mode support
Changes include:
- Use Get-AnsibleParam with -type/-validateset support
- Replace $result PSObject with normal hash
- Add check-mode support
* Revert to original formatting
* win_owner: Clean up and check-mode support
Changes include:
- Use Get-AnsibleParam with -type/-validateset
- Replace $result PSObject with normal hash
- Add check-mode support
* Implemented -WhatIf:$check_mode support
* Revert to original formatting
* win_share: Clean up parameter handling
Changes include:
- Use Get-AnsibleParam with -type/-validateset
- Replace $result PSObject with normal hash
* Revert to original formatting
* win_lineinfile: Clean up and check-mode and diff support
Changes include:
- Use Get-AnsibleParam with -type support
- Replace $result PSObject with normal hash
- Remove trailing semi-colons
- Fix indentation (majority is tabs, few lines using spaces)
- Add check-mode support
- Support `r and `n for CR and LF
- Add diff support
* Implement -WhatIf:$check_mode support
* Keep original formatting as requested
* win_stat: Clean up and bugfixes
- Fix an issue where LastWriteTime was actually LastAccessTime
- Return lnk_source = $null for a broken link
- Remove a useless -Replace '\\','\\'
- Make use of new parameter options (-type and -aliases)
* Deprecate get_md5 with checksum_algorithm: md5
As suggested in comments we deprecate get_md5 and internally
replace it with `get_checksum` and `checksum_algorithm: md5`.
We show a warning to the user about this change.
Also remove empty warnings output. This simplifies modules code
(e.g. standard empty list is provided and snippets can add items).
* Adapted to use the new Add-DeprecationWarning() mechanism
* Revert to original formatting
* powershell.ps1: Add str type and ignore $null values
Changes include:
- New "str" type support using -type "str"
- Ensure that $null values are retained (for bool and str types)
(Note: $null means unspecified value for parameters)
- Some minor cosmetic changes
* Also add -type "int" and -type "float"
No modules require this at the moment though.
* win_slurp: Small cleanup
Included changes:
- Rewriting the parameter handling (aliases and type)
- Modified the $result hash for both Exit-Json and Fail-Json
- Changed the Test-Path statement
* Revert to original formatting
* win_get_url: Clean up and check-mode support
Changes include:
- Clean up parameter handling
- Replace $result PSObject with hash
* Revert to original formatting
When parsing the configuration, the wrong indent level was set so the
configurations could not be properly compared. Also noted that
defaults: yes needed to be added to the integration tests to make the
test cases valid, which is also included in this patch
fixes#21828
* Added the aix_inittab module to be able to modify the inittab at AIX systems.
* fixed identation errors
* fixed identations and trailing whitespace
changed if conditions
* repaired tab-identation
* adjusted to long line and identation
* Adjusted the yaml in the example documentation
* Adjusted the documentation yaml
* Repaired return yaml
* repaired typo
* Removed unnecessary parameters from comment
changed action to state, and changed the way to call this module
changed proccessaction to action
* adjusted result['warnings'] to module.warn()
* adjusted the documentation
* changed warning to failed
ran module against autopep8
* added check_mode
* fixed typo
* changed description and short description, to be able to push again after a failure at shippable
Set the `force` flag to false to:
- protect existing Keys from being overwritten
- check if a Key was already existing by evaluating
the returned `changed` status
When retrieving the http_port, https_port values from the configuration
of the device, the values need to cast to int in order to correctly
compare against the argspec values. This patch fixes that problem.
fixes#21832
trying to import from the wrong shared lib, this patch changes
network_common to connection. Also fixes a bug found in the nxos
action plugin to detect transport
fixes#21829
The reverted change (Examples syntax batch7 (#5624), 99de7f0) makes the
example not match its description.
modified: lib/ansible/modules/utilities/logic/set_fact.py
Sending the save command over nxapi requires text mode otherwise nxapi
will reject the command. This commit ensures that the command is always
sent in text mode
fixes#18971
The nxos action handler did not map the nxapi value to the provider
argument properly. There as an additional fix in the nxos shared lib
to properly detect nxapi being set
CentOS's cloud image wiki page (wiki.centos.org/Cloud/AWS) gives an
example of using their product code to search for AMIs. This commit
adds an optional parameter to ec2_ami_find to allow this filtering.
Does't map remote_user back into vars if connection is local to preserve
the user variable. This is done to be able to set connection_user
prop in play_context for the network_cli plugin connection
added new base class for file based cache plugins as 99% of code was common
now also catches unexpected decoding exceptions
allows per module file modes and encoding
moved jsonfile code to base
There as an invalid key in the command dict that would cause failure
using prompts. This changes the key from response to answer which is
what is expected by network_cli
* Fix string formatting
* Provide better tracebacks
* When options is None and extends_documentation_fragment is in use, add an error that options must be a dict
* If options was specified and not a dict, then error
MySQL returns privileges on columns as "PRIVILEGES (column)".
For permissions to be correctly matched, it must be specified exactly the
same in the module argument. A resulting string is like
"dbname.dbtable:PRIVILEGES (column)". Thus, the space before the opening
parenthesis must also be removed when creating the set of privileges for
validation.
* #19587: refactor to PEP8
* Issue: #19587: add skip_broken option to yum module
PNTSYSOPS-1901 - internal reference
Signed-off-by: Veaceslav Mindru <vmindru@redhat.com> <mindruv@gmail.com>
* Issue: #19587: fix line break, attempt to make readble
things at line 646 look ugly ..
trying to make them look a bit more human readble
though the entire approach should be rewriten
PNTSYSOPS-1901 - internal reference
Signed-off-by: Veaceslav Mindru <vmindru@redhat.com> <mindruv@gmail.com>
* #19587: fixing typo, skip-broken has to be passed as list
* PR: #21475: peer review changes
relates to: revert comment deletion https://github.com/ansible/ansible/pull/21475#discussion_r101574146
relates to: remove irelevant var https://github.com/ansible/ansible/pull/21475#discussion_r101573388
relates to: reformat https://github.com/ansible/ansible/pull/21475#discussion_r101572840
Signed-off-by: Veaceslav Mindru <vmindru@redhat.com> <mindruv@gmail.com>
* PR: #21475: peer review changes
relates to: https://github.com/ansible/ansible/pull/21475#discussion_r101573736
Signed-off-by: Veaceslav Mindru <vmindru@redhat.com> <mindruv@gmail.com>
* Issue: #21475: fixing typo in the Man section
Signed-off-by: Veaceslav Mindru <vmindru@redhat.com> <mindruv@gmail.com>
* PR: #21475 - Peer review: revert variable a
Relates to: https://github.com/ansible/ansible/pull/21475#pullrequestreview-22404868
Signed-off-by: Veaceslav Mindru <vmindru@redhat.com> <mindruv@gmail.com>
* Issue: 19587 - small correction
Signed-off-by: Veaceslav Mindru <vmindru@redhat.com> <mindruv@gmail.com>
In order to populate the total and free mem of an IOS device, we run
the 'show memory statistics' command.
The output shows something similar to:
Head Total(b) Used(b) Free(b) Lowest(b) Largest(b)
Processor BEAE880 335215488 64044364 271171124 268918092 268463852
I/O 8DAE880 51380224 41880736 9499488 9461552 9352252
We need to just parse the line containing 'Processor' and get the first and third
number for total and free mem, instaed for first and second as the code wrongly
does.
* Adding Cumulus NCLU module
* Delete incorrect testing folder
* wrong import location for nclu test
* another wrong import location for nclu test
* unittest library doesn't support 'skip', removing 'real' nclu tests
* Don't need stringio since I'm not doing real tests
* got rid of unnecessary shebang in test_nclu
* version set to 1.0
* Documentation fixes
'encrypt_string' only options were being referenced when using
other vault subcommands. That code is moved inside a check
for 'encrypt_string' action now.
This allows getting the Vault token from the `VAULT_TOKEN` env var or
from the file `$HOME/.vault-token`, as both of these are understood by
the Vault CLI and are a common place to put Vault tokens. This allows
avoiding hard-coding a Vault token into playbooks or having to include
lookups.
`HOME/.vault-token` is nice because a user can authenticate with the CLI
using `vault auth` and then the token will be stored in
`$HOME/.vault-token`. If we read this file, then we allow someone to do
`vault auth` "out of band" to set up Vault access.
The following items were implemented:
- Replace PSObject with normal hash
- Replace Set-Attr function with normal hash assignment
- Re-indent code (make sure everything uses 4 spaces)
- Remove trailing semi-colons
* fixes error where eos would close the cli shell
* fixes network_cli connection plugin to check before calling open_shell()
* fixes json commands being sent over eapi
* Add new module aos_logical_device
* Add hard stop to documentation
* Removed required false from documentation
* Add comment before sleep
* Replace IP Pool by Logical Device in the doc
* Add module aos_login
* Cleanup documentation and add hard stop
* Add default value in doc for port and remove required: false
* Fix typo in doc for check mode
* Add module aos_asn_pool
* Add hard stop to documentation
* Remove required: false from doc
* Add pool name in error message when in_use
Change Asn for ASN
* Change the documentation for content
* Initial version of aos_device
* Clean up documentation
* Move try/except closer to device.approve
* Remove non valid characters
* Change option approve to type bool and fix some typo
* Move availability_zone docs to each OpenStack module
This argument is in the central list for hysterical raisins (mostly me
being a doofus) but is used in almost none of them. Document it
explicitly in each module to stop the confusion.
* Fix two docs formatting bugs
This patch adds some checks on the path that is accessed as a container,
making sure it looks like one. It implements the connection method and
add adaptations to the modern way of writing connections for Ansible.
It also rewords docs and vars to use the nspawn terminology instead of
chroot.
This commit adds a connection driver built on top of systemd-nspawn.
This is similar to the existing `chroot` driver, except that nspawn
offers a variety of additional services. For example, it takes care of
automatically mounting `/proc` and `/sys` inside the chroot environment,
which will make a variety of tools work correctly that would otherwise
fail.
You can take advantage of other system-nspawn features to perform more
complicated tasks. For example, on my x86_64 system I have a Raspberry
Pi disk image mounted on `/rpi`. I can't use `chroot` with this because
the binaries contained in the image are for the wrong architecture.
However, I can use the systemd-nspawn `--bind` option to automatically
insert the appropriate qemu-arm binary into the container using an
inventory file like this:
pi ansible_host=/rpi ansible_nspawn_extra_args='--bind /usr/bin/qemu-arm --bind /lib64'
See http://www.freedesktop.org/software/systemd/man/systemd-nspawn.html
for more information about systemd-nspawn itself.
* Add a vault 'encrypt_string' command.
The command will encrypt the string on the command
line and print out the yaml block that can be included
in a playbook.
To be prompted for a string to encrypt:
ansible-vault encrypt_string --prompt
To specify a string on the command line:
ansible-vault encrypt_string "some string to encrypt"
To read a string from stdin to encrypt:
echo "the plaintext to encrypt" | ansible-vault encrypt_string
If a --name or --stdin-name is provided, the output will include that name in yaml key value format:
$ ansible-vault encrypt_string "42" --name "the_answer"
the_answer: !vault-encrypted |
$ANSIBLE_VAULT;1.1;AES256
<vault cipher text here>
plaintext provided via prompt, cli, and/or stdin can be mixed:
$ ansible-vault encrypt_string "42" --name "the_answer" --prompt
Vault password:
Variable name (enter for no name): some_variable
String to encrypt: microfiber
# The encrypted version of variable ("some_variable", the string #1 from the interactive prompt).
some_variable: !vault-encrypted |
$ANSIBLE_VAULT;1.1;AES256
< vault cipher text here>
# The encrypted version of variable ("the_answer", the string #2 from the command line args).
the_answer: !vault-encrypted |
$ANSIBLE_VAULT;1.1;AES256
< vault cipher text here>
Encryption successful
* add stdin and prompting to vault 'encrypt_string'
* add a --name to encrypt_string to optional specify a var name
* prompt for a var name to use with --prompt
* add a --stdin-name for the var name for value read from stdin
* removes unneeded supports_multiplexing var
* refactors terminal_prompts_re to terminal_stdout_re
* refactors terminal_errors_re to terminal_stderr_re
* updates network_cli unit test cases
The network_cli plugin would return immediately if an error was
detected. This patch will force the connection plugin to still try to
detect the current prompt even if an error is found.
Moving it to after the blocks where per-item results are calculated,
as it's not used there and causes quite a performance hit being there.
Fixes#21340
* refactors supports_sessions to a property
* exposes supports_sessions as a toplevel function
* adds open_shell() to network_cli
* implements open_shell() in eos action plugin
* Add NetApp SolidFire volume module
* Make requested changes
* Make requested changes
* Set supports_check_mode to True
* Make requested changes
* Change new_account_id to account_id, 512emulation
* Make requested changes
* Add alias for enable512e
* Move byte_map to utils and add exit message
* Update description for ‘attributes’
* refactor postgres,
* adds a basic unit test module
* first step towards a common utils module
* set postgresql_db doc argument defaults to what the code actually uses
* unit tests that actually test a missing/found psycopg2, no dependency needed
* add doc fragments, use common args, ansible2ify the imports
* update dict
* add AnsibleModule import
* mv AnsibleModule import to correct file
* restore some database utils we need
* rm some more duplicated pg doc fragments
* change ssl_mode from disable to prefer, add update docs
* use LibraryError pattern for import verification
per comments on #21435. basically LibraryError and touching up its usage in pg_db and the tests.
fix failing fail_json call in postgresql_schema
- Bugfix Pull Request
modules/database/postgresql/postgresql_schema
```
2.3.0
```
Here's an example of the error that was coming out. Massaged some linebreaks and backslashes to make it more readable:
"module_stderr": "Traceback (most recent call last):
File "/tmp/ansible_3X05GE/ansible_module_postgresql_schema.py", line 274, in <module>
main()
File "/tmp/ansible_3X05GE/ansible_module_postgresql_schema.py", line 265, in main
module.fail_json(msg="Database query failed: %s" %(text, str(e)))
NameError: global name 'text' is not defined
",
Now it triggers with the correct exception and shows the traceback. This duplication of str(e) and traceback seems to be the best design pattern.
Sample of the new output:
An exception occurred during task execution. The full traceback is:
Traceback (most recent call last):
File "/tmp/ansible_gp4v1Q/ansible_module_postgresql_schema.py", line 254, in main
changed = schema_create(cursor, schema, owner)
...
return super(DictCursor, self).execute(query, vars)
ProgrammingError: permission denied for database schemadb
fatal: [localhost]: FAILED! => {
"changed": false,
"failed": true,
...
},
"msg": "Database query failed: permission denied for database schemadb\n"
allows user to force persistent connection to close, needed for when
you want to benefit from changes applied to the current play but persistent connections
prevent them from being realized.