When the ansible k8s module is refreshing the tokens from the local kube
config, it should save those token to the kube config file.
If this is not done, this might break the next kube client call as the
token in the local kube config file is not valid anymore and refreshing
can fail.
This commit is adding an env var K8S_AUTH_PERSIST_CONFIG that can be
used to set this flag to true (default is false, same as current
behavior).
* lightsail - Use AnsibleAWSModule
- Use AnsibleAWSModule
- Refactor the logic for wait into a separate function (Fixes#63869)
- Handle exceptions in find_instance_info and add a fail_if_not_found parameter
- Add a new state `rebooted` as an alias for `restarted`. AWS calls the action Reboot.
- Add required_if clause for when state is present
* lightsail - Use the default keypair if one is not provided
* lightsail - add a required_if for when state=present
* Update short description for lightsail module
* Mention that Python keywords are invalid Ansible variable names
Using a Python keyword as a variable name triggers the error `Invalid variable name in 'register' specified: 'return'`.
* The ssh key may be created manually prior the task execution with a
passphrase. And the task will be executed on the same key.
* The ssh key may be broken and not usable.
The module will check the private key and if the key is password
protected or broken, it will be overridden.
The check of the ssh key performed by retrieve the public key from the
private key.
Set the "self.force" check before the "isPrivateKeyValid" check.
In case of any issue with the "isPrivateKeyValid" function, the user
will be able to force the regeneration of the key with the "force: yes"
argument.
* ufw: escalate privileges in integration tests
A few of the integration tests for the UFW module forgot to `become`.
This is problematic if the test suite is executed as a non-privileged
user. This commit amends that by adding `become` when appropriate.
* ufw: add unit tests for direction and interface
Extend the unit tests for the UFW module to test the `direction` and
`interface` parameters. This will help in the implementation of a fix
for issue #63903.
* ufw: add support for interface_in and interface_out
The UFW module has support for specifying `direction` and `interface`
for UFW rules. Rules with these parameters are built such that
per-interface filtering only apply to a single direction based on the
value of `direction`.
Not being able to specify multiple interfaces complicates things for
`routed` rules where one might want to apply filtering only for a
specific combination of `in` and `out` interfaces.
This commit introduces two new parameters to the UFW module:
`interface_in` and `interface_out`. These rules are mutually exclusive
with the old `direction` and `interface` parameter because of the
ambiguity of having e.g.:
direction: XXX
interface: foo
interface_XXX: bar
Fixes#63903
* Elevate privileges for luks_device integration tests
Several tests in `key-management.yml` don't `become` before executing,
despite needing elevated privileges. This commit fixes that.
* Add passphrase support for luks_device
Previously, the luks_device module only worked with keyfiles. The
implication was that the key had to be written to disk before the module
could be used.
This commit implements support for opening, adding and removing
passphrases supplied as strings to the module.
Closes#52408
* proxmox: use 'release' key for version detection if possible
* proxmox: fix PEP issues
* add changelog fragment
* Uses LooseVersion for proxmox version detection
* move imports
* removes useless comment
* adding encoding dump/import support for the mysql_db module, with updated documentation, and full test suite
* fixing lint issue test #3
* fixing lint issue test #1
* fixing lint issue test #1 second time
* Improving Test to be re-entrant
* improving test to not fail on centos/6
* Update test/integration/targets/mysql_db/tasks/encoding_dump_import.yml
Comminting suggestion
Co-Authored-By: Benjamin MALYNOVYTCH <bmalynovytch@users.noreply.github.com>
* Update test/integration/targets/mysql_db/tasks/encoding_dump_import.yml
comminting suggestion
Co-Authored-By: Benjamin MALYNOVYTCH <bmalynovytch@users.noreply.github.com>
* adding comment
Adding comment to explain test strategy
* Update test/integration/targets/mysql_db/tasks/encoding_dump_import.yml
Co-Authored-By: Benjamin MALYNOVYTCH <bmalynovytch@users.noreply.github.com>
* Update test/integration/targets/mysql_db/tasks/encoding_dump_import.yml
Co-Authored-By: Benjamin MALYNOVYTCH <bmalynovytch@users.noreply.github.com>
* Update test/integration/targets/mysql_db/tasks/encoding_dump_import.yml
accepted
Co-Authored-By: Andrey Klychkov <aaklychkov@mail.ru>
* Update test/integration/targets/mysql_db/tasks/encoding_dump_import.yml
Co-Authored-By: Andrey Klychkov <aaklychkov@mail.ru>
* Update encoding_dump_import.yml
* Fixing typoo
When a VM has been provisioned with unmanaged disks (VHD), the URI
schemes used for those disks are kept untouched. Unfortunately, the regexp that
parses the URI only accepts 'https' leading the module to fail if one
uses for instance 'http'.
Please note that the official Azure API documentation uses 'http' and
not 'https' as URI scheme.
Resolves#64506
Testing Done: Using an ARM template, provision a VM with one OS and one
data disk with 'http' as VHD URI scheme. Then use the
azure_rm_virtualmachine module to delete the VM. Finally check that the
module does not fail anymore and that the unmanaged disks are correctly
deleted from the storage account.
The 'azure_rm_storageaccount_info' module was calling the storage client
'list_by_resource_group()' method rather than the 'list()' one, leading
to callers not being able to fetch all the storage accounts of their
subscription.
Issue: #64319
Testing Done: was successfully able to call the module and retrieve
all the storage accounts in the subscription without having to
specify a resource group.
If a NIC has no primary ipConfiguration, the 'primary' field returned
by Azure is set to 'null' thus removed from the 'nic_model'
ipConfigurations properties. Unfortunately the code generating the
hostvars dict. assumes the 'primary' key always exists, leading the
entire host parsing to fail.
This patch changes the way the 'primary' field is accessed by using the
dict. 'get' method with a default value set to 'False'.
Resolves#63721
Testing Done: Run ansible-inventory with an azure_rm plugin that points
to a resource group that contain a two VMs, on with a primary
ipConfiguration and another one without. Check that without the patch
the inventory output does not contain the VMs (or just the one with the
primary ipConfiguration set, depending on the VM names). Finally check
that with the patched azure_rm.py file, both VMs show up.
* Replaced 'ansible_facts' by 'foreman_facts'
'foreman_facts' is the key that the foreman inventory script used
'ansible_facts' is a special key that is overwritten internally and has never worked in this inventory plugin
* Added changelog
Lookup 'first_found' returns empty list which results in
raw_params checking. Check NoneType for 'raw_params' before
proceeding.
Fixes: #64939
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Allow updating of ec2_group rules with EC2 classic ELB targets
Fix regression introduced in #45296 with EC2 Classic SGs
Fixes: #57247
Also add (unsupported) ec2 classic test suite with test case for this scenario
* move ec2 classic tests to conditional within ec2_group target
* clean up ec2_classic tests
* ec2_classic account can't run most ec2_group tests
