* cleanup is already tested.
* Add test for paused.
* Add recreate and restart tests.
* timeout is a common docker option
* Implement paused and fix paused test.
* Add changelog.
* Improve paused test.
(cherry picked from commit 65768b996d)
* Store parsed docker-py / docker API versions in client.
* Began refactoring 'minimal required version' for docker_container options.
* Removing some fake defaults.
* Added changelog.
* Improve tests (check older docker versions).
* Fix comparison. The breaking point is not docker-py 2.0.0, but 1.10.0.
(Verified by testing with these versions.)
* Move docker-py/API version detection to setup_docker.
* Add YAML document starter.
* docker_network requirement for docker-py was bumped to 1.10.0 in #47492.
(cherry picked from commit 3cca4185be)
* Add support for POST-as-GET if GET fails with 405.
* Bumping ACME test container version to 1.4. This includes letsencrypt/pebble#162 and letsencrypt/pebble#168.
* Also use POST-as-GET for account data retrival.
This is not yet supported by any ACME server (see letsencrypt/pebble#171),
so we fall back to a regular empty update if a 'malformedRequest' error is
returned.
* Using newest ACME test container image.
Includes letsencrypt/pebble#171 and letsencrypt/pebble#172, which make Pebble behave closer to the current specs.
* Remove workaround for old Pebble version.
* Add changelog entry.
* First try POST-as-GET, then fall back to unauthenticated GET.
(cherry picked from commit 92d9569bc9)
Handle exception when there is no snapshot available in virtual machine or template while cloning using vmware_guest.
Fixes: #47920
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 487f2f25ce)
* Check if `enabled_snat` is set in modules arguments (#46754)
If `enabled_snat` is not set at all in module arguments but Neutron
policy sets it by default in Openstack, then `os_router` will attempt to
recreate otherwise perfectly good router.
Follow up for https://github.com/ansible/ansible/issues/44432#issuecomment-428531031
(cherry picked from commit c2b7174d31)
* Add changelog entry
* Fix idempotency issues in set_bios_attributes
- Added check to see if attribute even exists, if not, it exits.
- Then checks if attribute is already set to value we want to update
it to. If yes, then it exits and changed=False
- Otherwise updates the attribute and changed=True
(cherry picked from commit 1c37471274)
* add changelog fragment
* Parsing plugin filter may raise TypeError, gracefully handle this exception
and let user know about the syntax error in plugin filter file.
* Test for plugin_filtering
Fixes: #46658
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit b32b4111b2)
Due to refactoring of task_error and wait_for_task method,
SSL thumbprint was lost in error message. This fixes the
retry mechanism of AddHost task.
Fixes: #47563
(cherry picked from commit e7c83d6aa9)
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Don't die when get_container is called for container which is terminating during get_container call.
If it terminates between client.containers() and client.inspect_container(),
the module will fail with an error such as
Error inspecting container: 404 Client Error: Not Found ("No such container: xxx")
* Add changelog.
(cherry picked from commit b9706e2ff5)
* Addresses comments in #38971 (#44324)
* Controlled params within no section
* Added tests to control params within no section
* Cleaning output_file before creating no-section params and check the content
* addresses comment in PR "s/hate/beverage/g"
(cherry picked from commit d3fe6c01f2)
* 44324-ini_file
* Add missing self._supports_async to uri action plugin. Fixes#47660
* Additional changes needed to support async
* Missed a call to execute_module
(cherry picked from commit 3633e21)
Co-authored-by: Matt Martz <matt@sivel.net>
This PR is fixing following issues:
1) Don't try to check password.
2) Check options.
3) Order wasn't adding at the end, as doc says.
Signed-off-by: Ondra Machacek <omachace@redhat.com>
* Avoid misleading PyVmomi error if requests import fails
Requests is imported by the VMware module_utils as an external
dependency; however, because it is in a try/catch block containing the
imports for PyVmomi, if requests fails to import properly, Ansible will
instead complain about PyVmomi not being installed.
By moving the import outside of the try/catch block, if requests fails
to import, an error like the following will be returned:
ImportError: No module named requests
This should result in less confusion.
* catch requests ImportError
Signed-off-by: Jim Gu <jim@jimgu.com>
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 99ee30768a)
This adds scenario guide for using VMware HTTP API using uri module.
(cherry picked from commit e5318c5c4f)
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Default to sending text of exception, not the whole exception
(cherry picked from commit 6a866a5)
Co-authored-by: Nathaniel Case <this.is@nathanielca.se>
* Use kubeconfig if either context or kubeconfig is set (#47373)
kubeconfig should be loaded if *either* or both of context
or kubeconfig is set (this allows picking a context and default
kubeconfig or picking a kubeconfig with default context)
Fixes#47149
(cherry picked from commit 00ccad9764)
* Add changelog for k8s auth config fix
* WinRM/PSRP: Ensure shell returns UTF-8 output
This PR makes UTF-8 output work in PSRP shells.
* Add win_command and win_shell integration tests
* Fix tests
* more test fixes
(cherry picked from commit 691ff4b9e6)
* dnf properly gpg check local packages based on param
Fixes#43624
Signed-off-by: Adam Miller <admiller@redhat.com>
(cherry picked from commit 079705f8da)
* Ensure we don't overwrite roles from include/import_role when loading the play. Fixes#47454
* Add changelog fragment
(cherry picked from commit d5e4f37)
Co-authored-by: Matt Martz <matt@sivel.net>
* [2.7] escape default prompt detection in telnet action plugin (#46573)
This change fixes an issue with the default prompt handling. The value
needs to be escaped otherwise it does not work when converted to bytes.
(cherry picked from commit 9180d2c)
Co-authored-by: Peter Sprygada <privateip@users.noreply.github.com>
* Add changelog
This PR fixes the update check method so it now check also the next_run
configuration of the virtual machine if it exists.
So if previously the VM was updated with new parameters, and then reset
back, the module didn't set the parameters to be set back in next_run.
This PR fixes it so the next run configuration is set back with proper
parameters.
Signed-off-by: Ondra Machacek <omachace@redhat.com>
Bug-Url: https://bugzilla.redhat.com/show_bug.cgi?id=1639894
Signed-off-by: Ondra Machacek <omachace@redhat.com>
* [2.7] fix error checking if netns exists (#47397)
This patch fixes an error that occurs when attempting to see if the
netns already exists on the remote device. This change will now execute
`ip netns list` and check if the desired namespace is in the output.
Signed-off-by: Peter Sprygada <psprygada@ansible.com>
(cherry picked from commit 299a5e4)
Co-authored-by: Peter Sprygada <privateip@users.noreply.github.com>
* Add changelog entry
* Behave better if auto_remove and output_logs are combined. Warn if output cannot be retrieved because of auto_remove.
* Add tests.
* Added changelog.
(cherry picked from commit 3afdb28209)
* Only add parameters which are actually used.
* Fail if ipvX_address is used when not supported.
* Added changelog.
(cherry picked from commit 4ffe3b14d4)
Currently the module will disable the SSO if we didn't pass any
value for SSO option. The PR fixes the same.
Signed-off-by: Ondra Machacek <omachace@redhat.com>
* Fix prompt mismatch issue for ios
Fixes#40884#44463#46082
* If the command prompt is matched check if data is
still pending to be read from buffer.
* This fix adds a new timer `buffer_read_timeout`
which will be trigerred after command prompt
is matched and data is attempted to be read from channel.
If not data is present of channel the timer will expire
and response we be returned to calling function.
* Update doc
* Fix review comments
* Update changelog
* Fix unit test CI failure
(cherry picked from commit 335a979f1d)
Fixes: https://github.com/ansible/ansible/issues/45900
This PR fixes the case when the cloud_init_persist was used, but we
still sent use_cloud_init=False, which is in oVirt API evaluated as not
to use cloud_init in first VM execution. This patch is changing it to
send just None, instead of False.
Signed-off-by: Ondra Machacek <omachace@redhat.com>
Currently there is no way to reset the custom_compatibility_version to
NULL. If we provide a empty string('') to custom_compatibility_version,
it will fail with error "IndexError: list index out of range" at _get_minor
function.
To reset the custom_compatibility_version, we have to pass None value to
types.Version. The PR fixes the same.
Signed-off-by: Ondra Machacek <omachace@redhat.com>
This reverts commit 0e933f76ba.
The tests for this were broken on centos6 because jinja2 does not have
a map filter on that platform. Tests need to be rewritten.
(cherry picked from commit ccabc2bff5)
Co-authored-by: Toshio Kuratomi <a.badger@gmail.com>
* Fix auto scale create with fix date without recurrence (#47186)
* Fix auto scale create with fix date without recurrence
* fix indent
(cherry picked from commit 9258ffa478)
* Create azure_rm_autoscale-fixed_date.yml changelog
* Ensure that k8s_facts always returns resources key (#46733)
Fix bug returning `items` key if NotFound exception is hit
(cherry picked from commit b772485d97)
* Add changelog for k8s_facts fix
* add delete=False to NamedTemporaryFile and remove print statement from module
* add changelog fragment
* use module.tmpdir from (#47133) and add changelog fragment for it as well
(cherry picked from commit c67ab296bb)
* user: do not pass ssh_key_passphrase on cmdline
CVE-2018-16837
Co-authored-by: Toshio Kuratomi <a.badger@gmail.com>
(cherry picked from commit a0aa53d1a1)
* Ignore user module use of subprocess.
(cherry picked from commit 8d00afc013)
* Fix python3 problem in user module cve fix
(cherry picked from commit 9088671c4e)
* Fix changelog entry for user module CVE fix
(cherry picked from commit 210a43ebeb)
* Handle dnf immutable mutable datatypes
In DNF < 3.0 are lists, and modifying them works
In DNF >= 3.0 < 3.6 are lists, but modifying them doesn't work
In DNF >= 3.6 have been turned into tuples, to communicate that
modifying them doesn't work
Further explanation of this is available via Adam Williamson from
the Fedora QA Team.
https://www.happyassassin.net/2018/06/27/adams-debugging-adventures-the-immutable-mutable-object/
Signed-off-by: Adam Miller <admiller@redhat.com>
(cherry picked from commit 70025e7b56)
* add backport changelog
Signed-off-by: Adam Miller <admiller@redhat.com>
* mail: Fix regression when sending mail without SSL (v2.7)
When this module was refactored in #37098 the non-SSL use-case was broken.
The main cause is that we have no way to do integration tests for testing SMTP.
This is a back-port to v2.7 of #46403
* Add changelog fragment
Set _notified_handlers for the task's _uuid that is run as a handler
Fix#47287
(cherry picked from commit 6497049)
Co-authored-by: Pablo <pablorf.dev@outlook.com>
* Fix prompt mismatch issue for ios
Fixes#40884#44463
* If the command prompt is matched check if data is
still pending to be read from buffer.
* This fix adds a new timer `buffer_read_timeout`
which will be trigerred after command prompt
is matched and data is attempted to be read from channel.
If not data is present of channel the timer will expire
and response we be returned to calling function.
* Fix unit test failure
* Update to make buffer timeout float
* Update doc and fix review comment
* Fix CI issues
* Update doc
* Fix review comments
* Update changelog
(cherry picked from commit 335a979f1d)
* yum/dnf: fail when space separated string of names (#47109)
* yum/dnf: fail when space separated string of names
* Groups allow spaces in names
(cherry picked from commit e8b6864e21)
* Add changelog
* Fix AWS EC2 inventory plugin caching of groups
* Added changelog fragment for aws_ec2 caching fix
* Store the AWS query results
The underlying inventory object contains inventory from other sources,
so caching it as ours would be wrong.
It seems easiest and safest to just cache the boto query results
instead.
* Remove unused functions
(cherry picked from commit 7ba09adee1)
* Documentation for docker_container: fix documentation for memory_swappiness. Default value will not equal 0, it will be inherited from the host machine (#47296)
(cherry picked from commit 4c2efa4b67)
* Add changelog.
* [2.7] Update some cliconf plugins (#47141)
* Add `check_all` to many community cliconf plugins
(cherry picked from commit 7844a40)
Co-authored-by: Nathaniel Case <this.is@nathanielca.se>
* Add changelog entry
* Adoc fixes (#47137)
* removed hardcoded loader/plugins list
* updated a few errors to keep orig object
* fix httpapi/cliconf listing
* ansible-doc fixes
* show undocumented as UNDOCUMENTEd
* added missing undoc
(cherry picked from commit fce9673ac1)
* An earlier optimization of ansible-doc -l caused failures. (#47012)
The optimization quickly searches the plugin code for short_description
fields and then uses that in the -l output. The searching was a bit too
naive and ended up pulling out malformed yaml. This caused those
plugins to be omitted from the list of plugins of that type with
a warning that their documentation strings were wrong.
This change makes the documentation parser aware that the documentation
string could have a relative indent for all of its fields which makes it
robust in the face of this particular problem.
* Don't search for space after short_description:
Any whitespace would be valid. In particular newline
(cherry picked from commit 61ae6424a3)
Python sets the SIGPIPE handler to SIG_IGN. On execv() signal handlers are
reset to their defaults, EXCEPT those that are SIG_IGN which are left ignored.
In Python 3 subprocess.popen explicitly resets the SIGPIPE handler to SIG_DFL,
but unfortunately in Python 2.7 it does not. This leads to subprocesses being
executed with SIGPIPE ignored. This is often a problem with bash scripts which
rely on SIGPIPE to terminate commands in a pipe, but can easily be a problem
with other applications.
This implements the Python 3 behaviour for Python 2.7 by using a preexec_fn.
(cherry picked from commit f2dccb9)
Co-authored-by: Jonathan Oddy <jonathan.oddy@transferwise.com>
* Fix in confirmed_commit capability in netconf_config modules
Fixes#46804
* If confirm value is greater than zero or confirm_commit option is set and confirmed-commit
capability is not supported but Netconf server only in that case fail the module
* Update confirm-commit flag
* Update changelog
(cherry picked from commit 5394638047)
* Locate prtdiag even when absent from /usr/bin
On Solaris 8 hosts, this prevents fact collection from aborting with:
Argument 'args' to run_command must be list or string
* Lint fix.
* Style: pass /usr/platform/.../sbin as optional path to get_bin_path().
(cherry picked from commit 40fb992a6f)
* Refactoring related to network device
* Assign unique random temporary key while creating SCSI or/and IDE controller devices
* Add testcase for this change
Fixes: #38679
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit fd985db72d)
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
If enable_snat is False, this should be used to build the
request, because the default value in the OpenStack Networking
API is True.
Fixes the issue #45915.
(cherry picked from commit 452a4ab781)
* yum module properly check for None config_file (#46641)
* yum module properly check for None config_file
* add conf_file test cases to yum integration tests
Signed-off-by: Adam Miller <admiller@redhat.com>
(cherry picked from commit fb6e91bf98)
* add changelog for 2.7 backport
Signed-off-by: Adam Miller <admiller@redhat.com>
* yum module handle list optional empty strings properly (#46634)
Fixes#46517
Signed-off-by: Adam Miller <admiller@redhat.com>
(cherry picked from commit ad405fc21e)
* add changelog
Signed-off-by: Adam Miller <admiller@redhat.com>
* [aws_ssm_parameter_store] use describe_parameters paginator (#45632)
Fix the service reaching an internal limit while processing the results and returning unexpected data
(cherry picked from commit 7aaa5da41d)
* changelog
* nmcli: fix vlan connection modification Fixes#42322 (#42415)
* ensure optional items are set to empty strings rather than not presented
fix syntax of vlan modification command
* extended tests for nmcli
(cherry picked from commit fb72a5424c)
* Changelog fragment for nmcli fix
* win_reboot: Fix for ignore post_reboot_delay (#46360)
* win_reboot: Fix for ignore post_reboot_delay
This fixes an issue where win_reboot would be ignoring the provided
post_reboot_delay (and on Windows timing/waiting is everything!)
This must be backported to the v2.7 branch.
* Merge post-reboot handling into run()
(cherry picked from commit 8c64b4af7c)
* Add a changelog for the win_reboot fix
* Return correct version on installed VyOS (#39115)
* Return correct version on installed VyOS
Previously existing regexp will shows only "VyOS" without numeric output of router version.
For example: from "Version: VyOS 1.1.6" only VyOS will be written in ansible_net_version variable
For more informative output numeric value should be returned as well
* Fixed unittests
(cherry picked from commit 235b11f681)
* Added changelog
* module/systemd: fix logic determining if a service needs to be enabled (#46245)
* modules/systemd: fix logic: allow scope to default to 'system'
Fix logic introduced in 7ea909418e: if 'scope' param is not specified,
it defaults to system, but the value of module.params['scope'] is None,
not 'system' - so allow for that.
* modules/systemd: fix logic: disabled means disabled
Fix logic determining whether a service with both systemd and initd files is enabled or disabled.
In situations where systemd thinks service is disabled, but rc.d symlinks mark it as enabled,
this module wrongly assumes the service is enabled.
Fix this logic: disabled means disabled
Only when the output from does NOT include disabled, consider the status of rc.d symlinks.
This essentially replicates the fixes done to the systemd handling in the "service" module in 3c89a21e0cFixes#22303Fixes#44409
(cherry picked from commit ef131c7556)
* backport/2.7/46245: add changelog fragment
* [aws] route53 module: fix idempotency for CAA records (#46049)
* Fixing record order for CAA records to properly handle idempotency.
* Add integration tests that reproduce CAA failure
(cherry picked from commit a727a1ee67)
* Added changelog.
* Sorting args.
* Doing comparisons of options with container parameters in a more context-sensitive way.
This prevents unnecessary restarts, or missing restarts (f.ex. if parameters are removed from ``cmd``).
* Make blkio_weight work.
* Fix cap_drop idempotency problem.
* Making groups idempotent if it contains integers.
* Make cpuset_mems work.
* Make dns_opts work.
* Fixing log_opts: docker expects string values, returns error for integer.
* Adding tests from felixfontein/ansible-docker_container-test#2.
* Make uts work.
* Adding changelog entry.
* Forgot option security_opts.
* Fixing typo.
* Explain strict set(dict) comparison a bit more.
* Improving idempotency tests.
* Making dns_servers a list, since the ordering is relevant.
* Making dns_search_domains a list, since the ordering is relevant.
* Improving dns_search_domains/dns_servers.
* Fixing entrypoint test.
* Making sure options are only supported for correct docker-py versions.
* [2.7] Clean up after ansible-connection if failure occurred in start() (#45929)
(cherry picked from commit 0d143ed)
Co-authored-by: Nathaniel Case <this.is@nathanielca.se>
* Add changelog fragment
* rewrite get_resource_pool method for correct resource_pool selection
* only keep name if path is given for cluster, esxi_hostname or resource_pool
* Revert "only keep name if path is given for cluster, esxi_hostname or resource_pool"
* This reverts commit 50293ec763c024b0eaceac5d775ccc0ad3ff8bd7.
* if the name argument contains a path, only use the last part for matching
* remove path from cluster argument in tests
* remove find_objs in favour of reusing find_obj with an extra folder argument
* fix find_obj ignoring first if name is not given
(cherry picked from commit 1a810f8f11)
* Don't simply ignore container in present() if image is not specified.
* Use image from existing container for recreation if not specified.
* Added changelog.
* Improve comment.
(cherry picked from commit 895019c59b)
* [rabbitmq_binding] Fix the quoting of vhost and other names, which was broken in PR #35651
* Merge missing urllib_parse.quote from PR #42422
* Missed one line, where also needs to be escaped, i.e., the destination
(cherry picked from commit d5f8738bf2)
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
Fixes#35120 : the redis cache plugin keeps key/value
entries in an in-memory cache to avoid hitting the
redis database each time.
The problem is that a cache entry is only set when
a value is get or set but it is always deleted when
trying to delete a value.
When the --flush-cache ansible-playbook option is used,
the redis cache plugin is first asked to remove every
entry corresponding to every hostname present in the inventory.
As no value as been set/get so far, it then tries to delete
an unexisting value from the cache and hence crashes with
a KeyError exception.
(cherry picked from commit ee3dfef016)
Fixes#46257
* As per netconf rfc default-operation value is optional,
hence removing the default value for default_operation
option.
(cherry picked from commit 5e6eb921ae)
* Update changelog
* Add ssl support to consul_kv lookup (#42456)
* implemented lookup_consul_kv
* added missing version_added for consul_url ini section
* added default value for ANSIBLE_CONSUL_CLIENT_CERT and added some more documentation
* removed trailing whitespaces
* fixed indention
* Fixes in Documentation
* removed trailing whitespace
* removed trailing whitespace
(cherry picked from commit bacbd4e9fc)
* * added changelog fragment
This prevents a stack trace in Python 3 when the result is an empty file since
the file is open in binary mode and a native string in Python 3 is str,
not bytes.
(cherry picked from commit 8b1ae30e2e)
* Ensure that the value of PLUGIN_FILTERS_CFG is treated as type=path, and that we use the standard section of 'defaults' instead of 'default'
* deprecate the default section
* Don't add version_added for the corrected section
(cherry picked from commit 172137c)
Co-authored-by: Matt Martz <matt@sivel.net>
* Support nested JSON decoding in AnsibleJSONDecoder
* Add tests for vault portion of AnsibleJSONDecoder
(cherry picked from commit c0915e2)
Co-authored-by: Matt Martz <matt@sivel.net>
* fixes#45941
* corrects regression introduced by #26104; when the resource group doesn't exist, the module exits prematurely with an error instead of creating it.
(cherry picked from commit 3b52d968e6)
* ec2_group - fix VPC precedence for security group targets (#45787)
Update the dictionary with the preferred values last to get the right order of VPC precedence
Fixes#45782
(cherry picked from commit 8d2df9be52)
* Fix ec2_group for EC2-Classic accounts (#46242)
* Fix ec2_group for EC2-Classic accounts
* changelog
(cherry picked from commit 9efc3dc761)
* Merge changelogs
The stdout and stderr values returned from self._low_level_execute() are text, not bytes. This results in an error in Python 3 since str and bytes cannot be concatenated.
Changing to unicode type allows this to work without error on Python 2 and Python 3.
(cherry picked from commit 77f73f6d2a)
* reboot: Fix typo and support bare Linux systems
This fixes a problem for bare Linux systems that do not support 'who -b' or 'uptime -s'.
* Accumulate stdout and stderr information
(cherry picked from commit a7a99c5fd4)
- use context manager for dealing with the checksum file
- use loop that can tolerate zero, one, or more items return rather than the previous expression which would break if anything other than exactly one item was returned
(cherry picked from commit 03dbb1d9c4)
squash
* Fix targets that may be a list containing strings and lists which worked prior to 2.6.
* Add ec2_group integration tests for lists of nested targets
* changelog
* Add diff mode support for lists of targets containing strings and lists.
(cherry picked from commit d7ca3f2bd3)
* fix nxos_facts indefinite hang for text based output (#45845)
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
(cherry picked from commit 1b0c4fde86)
* Fix remote checksums when paths have leading dots (#45287)
* Fix remote checksums with paths have leading dots
* Fix result recorded from the wrong file
* Add changelog fragment
(cherry picked from commit 600c7ac108)
