Commit graph

42558 commits

Author SHA1 Message Date
Abhijeet Kasurde
a4e79584ec include_vars: elaborate description of dir option (#52022)
based on work of thecjharries

Additional behavior documentation of 'dir' option in include_vars.

Fixes: #31761
2019-02-11 13:25:51 -05:00
Matt Martz
445ff39f94
Become plugins (#50991)
* [WIP] become plugins

Move from hardcoded method to plugins for ease of use, expansion and overrides
  - load into connection as it is going to be the main consumer
  - play_context will also use to keep backwards compat API
  - ensure shell is used to construct commands when needed
  - migrate settings remove from base config in favor of plugin specific configs
  - cleanup ansible-doc
  - add become plugin docs
  - remove deprecated sudo/su code and keywords
  - adjust become options for cli
  - set plugin options from context
  - ensure config defs are avaialbe before instance
  - refactored getting the shell plugin, fixed tests
     - changed into regex as they were string matching, which does not work with random string generation
     - explicitly set flags for play context tests
 - moved plugin loading up front
 - now loads for basedir also
 - allow pyc/o for non m modules
 - fixes to tests and some plugins
 - migrate to play objects fro play_context
 - simiplify gathering
 -  added utf8 headers
 - moved option setting
 - add fail msg to dzdo
 - use tuple for multiple options on fail/missing
 - fix relative plugin paths
 - shift from play context to play
 - all tasks already inherit this from play directly
 - remove obsolete 'set play'
 - correct environment handling
 - add wrap_exe option to pfexec
 - fix runas to noop
 - fixed setting play context
 - added password configs
 - removed required false
 - remove from doc building till they are ready

future development:
  - deal with 'enable' and 'runas' which are not 'command wrappers' but 'state flags' and currently hardcoded in diff subsystems

* cleanup

  remove callers to removed func
  removed --sudo cli doc refs
  remove runas become_exe
  ensure keyerorr on plugin
  also fix backwards compat, missing method is attributeerror, not ansible error
  get remote_user consistently
  ignore missing system_tmpdirs on plugin load
  correct config precedence
  add deprecation
  fix networking imports
  backwards compat for plugins using BECOME_METHODS

* Port become_plugins to context.CLIARGS

This is a work in progress:
* Stop passing options around everywhere as we can use context.CLIARGS
  instead

* Refactor make_become_commands as asked for by alikins

* Typo in comment fix

* Stop loading values from the cli in more than one place

Both play and play_context were saving default values from the cli
arguments directly.  This changes things so that the default values are
loaded into the play and then play_context takes them from there.

* Rename BECOME_PLUGIN_PATH to DEFAULT_BECOME_PLUGIN_PATH

As alikins said, all other plugin paths are named
DEFAULT_plugintype_PLUGIN_PATH.  If we're going to rename these, that
should be done all at one time rather than piecemeal.

* One to throw away

This is a set of hacks to get setting FieldAttribute defaults to command
line args to work.  It's not fully done yet.

After talking it over with sivel and jimi-c this should be done by
fixing FieldAttributeBase and _get_parent_attribute() calls to do the
right thing when there is a non-None default.

What we want to be able to do ideally is something like this:

class Base(FieldAttributeBase):
    _check_mode = FieldAttribute([..] default=lambda: context.CLIARGS['check'])

class Play(Base):
    # lambda so that we have a chance to parse the command line args
    # before we get here.  In the future we might be able to restructure
    # this so that the cli parsing code runs before these classes are
    # defined.

class Task(Base):
    pass

And still have a playbook like this function:

---
- hosts:
  tasks:
  - command: whoami
    check_mode: True

(The check_mode test that is added as a separate commit in this PR will
let you test variations on this case).

There's a few separate reasons that the code doesn't let us do this or
a non-ugly workaround for this as written right now.  The fix that
jimi-c, sivel, and I talked about may let us do this or it may still
require a workaround (but less ugly) (having one class that has the
FieldAttributes with default values and one class that inherits from
that but just overrides the FieldAttributes which now have defaults)

* Revert "One to throw away"

This reverts commit 23aa883cbed11429ef1be2a2d0ed18f83a3b8064.

* Set FieldAttr defaults directly from CLIARGS

* Remove dead code

* Move timeout directly to PlayContext, it's never needed on Play

* just for backwards compat, add a static version of BECOME_METHODS to constants

* Make the become attr on the connection public, since it's used outside of the connection

* Logic fix

* Nuke connection testing if it supports specific become methods

* Remove unused vars

* Address rebase issues

* Fix path encoding issue

* Remove unused import

* Various cleanups

* Restore network_cli check in _low_level_execute_command

* type improvements for cliargs_deferred_get and swap shallowcopy to default to False

* minor cleanups

* Allow the su plugin to work, since it doesn't define a prompt the same way

* Fix up ksu become plugin

* Only set prompt if build_become_command was called

* Add helper to assist connection plugins in knowing they need to wait for a prompt

* Fix tests and code expectations

* Doc updates

* Various additional minor cleanups

* Make doas functional

* Don't change connection signature, load become plugin from TaskExecutor

* Remove unused imports

* Add comment about setting the become plugin on the playcontext

* Fix up tests for recent changes

* Support 'Password:' natively for the doas plugin

* Make default prompts raw

* wording cleanups. ci_complete

* Remove unrelated changes

* Address spelling mistake

* Restore removed test, and udpate to use new functionality

* Add changelog fragment

* Don't hard fail in set_attributes_from_cli on missing CLI keys

* Remove unrelated change to loader

* Remove internal deprecated FieldAttributes now

* Emit deprecation warnings now
2019-02-11 11:27:44 -06:00
Zim Kalinowski
c581fbd0be adding missing items in postgresql facts documentation (#51677)
* adding missing items in postgresql facts documentation

* removed trailing whitespace
2019-02-11 11:07:38 -05:00
Zim Kalinowski
beba2fdc65 adding missing items in the documentation of mysql server facts (#51676)
* adding missing items in the documentation of mysql server facts

* removed trailing whitespace
2019-02-11 11:06:32 -05:00
James Cassell
953058d025 standardize connection variable names (#51776)
* standardize user/password connection vars

* docs: use ansible_user and ansible_password

* docs: var precedence for connection vars

* docs: ansible_become_pass -> ansible_become_password etc
2019-02-11 10:43:10 -05:00
Akira Yokochi
51061f8a5f fix a little typo in ini inventory doc (#52025) 2019-02-11 15:34:01 +00:00
Rémy Léone
accbcdeccb Add a Scaleway load-balancer module (#51741) 2019-02-11 15:28:55 +00:00
getjack
9dbb551528 - Initial commit (#51729)
- Fix sanity checks
  - Fixed documentation trailing whitespaces
2019-02-11 15:12:10 +00:00
Matt Martz
3c85ac1788
Promote include_tasks/role and import_tasks/role to stableinterface (#51975) 2019-02-11 09:06:38 -06:00
Bill Dodd
e0538610bf Update GetBiosBootOrder to use standard spec resources (#51764)
* update GetBiosBootOrder to use standard spec resources

* handle case where BootOrder is present but BootOptions is missing
2019-02-11 14:50:10 +00:00
Fabian von Feilitzsch
e81b74d6c8 Properly parse boolean env values as boolean (#51836) 2019-02-11 14:49:00 +00:00
Felix Fontein
4d3d8dd60f ufw: check values for direction depending on situation (#50402)
* Check values of 'direction'.

* Add changelog.

* Update lib/ansible/modules/system/ufw.py

Co-Authored-By: felixfontein <felix@fontein.de>

* Update lib/ansible/modules/system/ufw.py
2019-02-11 14:47:35 +00:00
Felix Fontein
a279892fae ufw: allow gre and igmp protocols (#51166)
* ufw: allow gre and igmp protocols.

* Add changelog.
2019-02-11 14:46:38 +00:00
Miguel Angel Muñoz González
95557077b6 Fortinet's FortiOS Extender Controller Extender (#51891) 2019-02-11 14:39:11 +00:00
Miguel Angel Muñoz González
06b725619b Fortinet's FortiOS Firewall Auth (#51892) 2019-02-11 14:36:15 +00:00
Bill Dodd
3b20b186d7 remove non-standard GetManagerAttributes, SetManagerAttributes (#51898) 2019-02-11 14:33:15 +00:00
Miguel Angel Muñoz González
158ae76d65 Fortinet's FortiOS Firewall Central SNAT Map (#51929) 2019-02-11 14:28:54 +00:00
Miguel Angel Muñoz González
b14008abb9 Fortinet's FortiOS Firewall DNStranslation (#51930) 2019-02-11 14:28:20 +00:00
Miguel Angel Muñoz González
c7af56849f Fortinet's FortiOS Firewall DoSPolicy6 (#51931) 2019-02-11 14:27:49 +00:00
Miguel Angel Muñoz González
a40ceb448e Fortinet's FortiOS Firewall DoSPolicy (#51932) 2019-02-11 14:26:17 +00:00
Miguel Angel Muñoz González
de077e60f5 Fortinet's FortiOS Firewall Identity based Route (#51933) 2019-02-11 14:26:00 +00:00
Miguel Angel Muñoz González
e7f4447092 Fortinet's FortiOS Firewall Interface Policy6 (#51935) 2019-02-11 14:25:44 +00:00
Miguel Angel Muñoz González
6f12e0d54e Fortinet's FortiOS Firewall Interface Policy (#51936) 2019-02-11 14:20:35 +00:00
Miguel Angel Muñoz González
cb6c8a0d26 Fortinet's FortiOS Firewall Internet Service Custom (#51937) 2019-02-11 14:20:22 +00:00
Miguel Angel Muñoz González
e0867459c7 Fortinet's FortiOS Firewall Internet Service (#51943) 2019-02-11 14:19:16 +00:00
Miguel Angel Muñoz González
bbb1e9e335 Fortinet's FortiOS Firewall Internet Service Group (#51945) 2019-02-11 14:19:03 +00:00
Miguel Angel Muñoz González
29567c9fdc Fortinet's FortiOS Firewall IpMacBinding Setting (#51947) 2019-02-11 14:18:24 +00:00
Miguel Angel Muñoz González
4742a55f31 Fortinet's FortiOS Firewall IpMacBinding Table (#51948) 2019-02-11 14:16:13 +00:00
Miguel Angel Muñoz González
e2f03df2b2 Fortinet's FortiOS Firewall IP translation (#51950) 2019-02-11 14:14:50 +00:00
Miguel Angel Muñoz González
6667604a3f Fortinet's FortiOS Firewall IPv6 EH Filter (#51954) 2019-02-11 14:14:20 +00:00
Miguel Angel Muñoz González
ebacea2116 Fortinet's FortiOS Firewall Multicast Address (#51964) 2019-02-11 13:47:01 +00:00
Mariusz Mazur
34671a64b3 k8s_auth: new k8s module for handling auth (#50807)
* k8s*: add a reference to k8s_auth in all the modules' descriptions

* k8s_auth: new k8s module for handling auth

* k8s_auth: ignore E203

Can't use module_utils.urls, since that lacks user CA support, which is
a critical feature of what this module does.
2019-02-11 07:55:34 -05:00
Miguel Angel Muñoz González
2aa500c9a4 Fortinet's FortiOS Firewall Multicast Policy6 (#51966) 2019-02-11 12:27:03 +00:00
Jérôme BAROTIN
b99de25f32 Enable changed var with ufw check mode (#49948)
* Enable 'changed' var with ufw check mode

* Fix from comment of the PR + Unit Test

* Fix on ufw module after the second review

- delete rules change works in check mode
- simplify execute def & use it on every call process
- improved regexp
- rename vars defaults to current_default_values

* Add ignore error to execute() and use it in get_current_rules()

* Update after third code review (introduce change in changed status)

* Adjust tests and fix some problems (#1)

* 'active' also appears in 'inactive'.

* 'reject' is also a valid option here.

* For example for reloaded, changed will be set back to False here.

* Improve and adjust tests.

* Fix after merging integration test

* handle "disabled" on default routed

* Add /var/lib/ufw/.. rules files

* add unit test

* Fix pep8 formatting error

* Separate ipv6 and ipv4 rules process from checkmode

* fix non-ascii error on ci

* Some change after review

* Add unit test with sub network mask

* rename is_match function by is_starting

* add changelog fragment
2019-02-11 11:05:35 +00:00
Miguel Angel Muñoz González
708f0b07ba Fortinet's FortiOS Firewall LDB monitor (#51955) 2019-02-11 10:59:54 +00:00
Miguel Angel Muñoz González
5c04f7c256 Fortinet's FortiOS Firewall Local In Policy6 (#51957) 2019-02-11 10:59:30 +00:00
Miguel Angel Muñoz González
70e738cfec Fortinet's FortiOS Firewall Local In Policy (#51962) 2019-02-11 10:58:58 +00:00
Miguel Angel Muñoz González
c9cea22854 Fortinet's FortiOS Firewall Multicast Address6 (#51963) 2019-02-11 10:49:34 +00:00
Miguel Angel Muñoz González
2016037fa5 Fortinet's FortiOS Firewall Multicast Policy (#51968) 2019-02-11 10:49:05 +00:00
Miguel Angel Muñoz González
30951d1db3 Fortinet's FortiOS Firewall Profile Group (#51969) 2019-02-11 10:47:59 +00:00
Miguel Angel Muñoz González
4219242aed Fortinet's FortiOS Firewall Profile Protocol Options (#51970) 2019-02-11 10:47:14 +00:00
Miguel Angel Muñoz González
bfd4e2a591 Fortinet's FortiOS Firewall Proxy Address (#51974) 2019-02-11 10:40:38 +00:00
Miguel Angel Muñoz González
da2eda41f7 Fortinet's FortiOS Firewall Proxy AddrGrp (#51982) 2019-02-11 10:39:37 +00:00
Miguel Angel Muñoz González
4262910e76 Fortinet's FortiOS Firewall Proxy Policy (#51983) 2019-02-11 10:37:33 +00:00
Felix Fontein
9b1cbcf3a4 openssl_csr: ignore empty strings in altnames (#51473)
* Ignore empty strings in altnames.

* Add changelog.

* Add idempotence check without SAN.

* Fix bug in cryptography backend.
2019-02-11 10:30:56 +00:00
Andrea Tartaglia
52d0d51f97 Added Shaps GH handle to team_crypto (#52020) 2019-02-11 10:23:20 +00:00
Yanis Guenane
339658dee2 BOTMETA: Fix Spredzy's case (#52019) 2019-02-11 09:33:22 +00:00
Karsten Jakobsen
e6ae688e47 netbox: inventory: Fix VMs do not have device_roles, but instead use roles (#50761)
This makes sure that roles show up as device_role when using VMs
2019-02-11 06:40:24 +01:00
Guillaume Martinez
7b84c0ee80 gitlab_hook: renaming module name (#51979)
* gitlab_hook: renaming module name

* gitlab_hook: rename module in documentation

* gitlab_hook: remove plural in docs and code

* gitlab_hook: fix unit test functions
2019-02-11 00:30:36 +01:00
Andrii Radyk
07cff73719 Fix yaml indentation for from_yaml_all filter example (#51998) 2019-02-10 21:21:15 +05:30