Commit graph

8664 commits

Author SHA1 Message Date
Scott Miller
751434de9d describe choices in alias documentation 2016-12-08 11:22:51 -05:00
Mick Bass
9980205edc Add support for AWS Security Token Service (temporary credentials) to all AWS cloud modules. 2016-12-08 11:22:51 -05:00
Toshio Kuratomi
e710e46ff2 Make lack of boto call fail_json instead of sys.exit
Fixes #994
2016-12-08 11:22:51 -05:00
Brandon W Maister
c1571928e5 Make cache_subnet_group default to empty security groups
Since they can't be specified together, it seems like setting the
default to no security groups is the right option.
2016-12-08 11:22:51 -05:00
Tom Wadley
ad248376b1 use aws connect call in rds_subnet_group that allows boto profile use 2016-12-08 11:22:50 -05:00
Dan Abel
2250a95638 use simpler ec2_connect ec2 util call
This allows boto profile use
2016-12-08 11:22:50 -05:00
David Fritzsche
14720b54ac Add working status detection for pf on FreeBSD
The return code of "service pf onestatus" is usually zero on FreeBSD (tested with FreeBSD 10.0), even if pf is not running. So the service module always thinks that pf is running, even when it needs to be started.
2016-12-08 11:22:50 -05:00
Mick Bass
e9a0fad36b add retry with exponential backoff when we receive throttling error code from cloudformation 2016-12-08 11:22:50 -05:00
Brandon W Maister
cffb2bdee9 Add cache_subnet_group to elasticache module
According to the [docs] cache subnet groups are required inside a VPC.

[docs]: http://docs.aws.amazon.com/AmazonElastiCache/latest/UserGuide/CacheSubnetGroups.html
2016-12-08 11:22:50 -05:00
Brian Coca
7cd7bad2e8 added patch to workaround some s3 connection faliures 2016-12-08 11:22:50 -05:00
Brian Coca
252df8685a refactrored connection exception handling, added check to see if we actually get a connection before proceeding
Fixes #964
2016-12-08 11:22:50 -05:00
Toshio Kuratomi
a6643160c5 Fix stat code to return name of group owning the file rather than name of group that the file's owner belongs to.
Followup to #17
2016-12-08 11:22:50 -05:00
Ash Wilson
2dde45cea9 Only fetch details when necessary. 2016-12-08 11:22:50 -05:00
Ash Wilson
93b620ea8a Compare container images to Config.Image. 2016-12-08 11:22:50 -05:00
Sarah Zelechoski
17334b21ea fix syntax in last example 2016-12-08 11:22:50 -05:00
Sam Thursfield
5d2652f31b Fix authorized_key module crashing when given an invalid key
I tried a playbook with the following (accidentally wrong) task:

  tasks:
      - name: authorized key test
        authorized_key: key=/home/sam/.ssh/id_rsa.pub key_options='command="/foo/bar"' user=sam

I got the following traceback:

    TASK: [authorized key test] ***************************************************
    failed: [localhost] => {"failed": true, "parsed": false}
    Traceback (most recent call last):
    File "/home/sam/.ansible/tmp/ansible-tmp-1427110003.65-277897441194582/authorized_key", line 2515, in <module>
        main()
    File "/home/sam/.ansible/tmp/ansible-tmp-1427110003.65-277897441194582/authorized_key", line 460, in main
        results = enforce_state(module, module.params)
    File "/home/sam/.ansible/tmp/ansible-tmp-1427110003.65-277897441194582/authorized_key", line 385, in enforce_state
        parsed_new_key = (parsed_new_key[0], parsed_new_key[1], parsed_options, parsed_new_key[3])
    TypeError: 'NoneType' object has no attribute '__getitem__'

With this fix, I see the expected error instead:

    TASK: [authorized key test] ***************************************************
    failed: [localhost] => {"failed": true}
    msg: invalid key specified: /home/sam/.ssh/id_rsa.pub
2016-12-08 11:22:50 -05:00
Brian Coca
c04c84887e fix to return vals docs 2016-12-08 11:22:50 -05:00
James Martin
57cf6e8bb4 Re-wording of feature. 2016-12-08 11:22:50 -05:00
Toshio Kuratomi
e5149f3b30 Fix review comments from @bcoca in #745 2016-12-08 11:22:50 -05:00
Toshio Kuratomi
5378b5db98 Minor code formatting 2016-12-08 11:22:50 -05:00
Tim Rupp
db6c2bac75 Add missing import of apt.debfile
In cases when the python-apt package is not installed, ansible will
attempt to install it. After this attempt, it tries to import the
needed apt modules, but forgets to import the apt.debfile module.

The result is that playbooks that use the dpkg argument on a machine
that does not initially have the python-apt package available will
fail with the following error

AttributeError: 'module' object has no attribute 'debfile'

This patch adds the appropriate import to the apt module to ensure
that necessary libraries are available in cases when the dpkg argument
is being used on a system that does not initially have the python-apt
package installed
2016-12-08 11:22:50 -05:00
Rowan Wookey
04fcfdad2c Fixed group name not being passed to wait_for_new_instances when replacing instances
Fixed group_name not being passed to wait_for_elb
Minor code clean up
2016-12-08 11:22:49 -05:00
moe
bd09ebe5b4 Woops, make collect/delete loop more efficient. 2016-12-08 11:22:49 -05:00
moe
5e1e1a4dff Fixes #744.
The following cases work for me now:
- Create new ASG with tags
- Update tags on ASG (create/change/delete)

In short, the module should now work as expected
wrt tagging. The previous code did not work at all
with latest boto for me (serialization errors) and
the logic was buggy anyway; e.g. removed tags
would never get deleted from ec2.
2016-12-08 11:22:49 -05:00
James Martin
cadfd56304 check lb for instance healthy and some refactoring of rolling replace functions.
Optionally waiting for new instances to be in viable state on ASG creation/update.

Properly updating properties and terminating group.
2016-12-08 11:22:49 -05:00
Brian Coca
7f8094e977 undeprecated openstack modules as new ones are not making into release 2016-12-08 11:22:49 -05:00
moncho
0156188a54 Update docker.py
Fix typo that prevents use_tls 'encrypt' option from working properly.
2016-12-08 11:22:49 -05:00
Toshio Kuratomi
5262d768e0 Add another valid status from downloading images 2016-12-08 11:22:49 -05:00
nemunaire
7eebab43ae Convert tuple items to string before format 2016-12-08 11:22:49 -05:00
Robert Marsa
b7649cc5ca Added multiple allowed ranges. 2016-12-08 11:22:49 -05:00
Julien Syx
c676adde0b Fix the issue #931
Checking that the parameter doesn't exist. The old code had a bug when the parameter was 0.
2016-12-08 11:22:49 -05:00
Toshio Kuratomi
d5e3abc5d5 Some code cleanup (removed unused variables and imports) 2016-12-08 11:22:49 -05:00
Toshio Kuratomi
f892ca5b8f Also use DOCKER_TLS_VERIFY env var to turn on tls verification 2016-12-08 11:22:49 -05:00
Toshio Kuratomi
1bb98542d3 Fix a potential bug in docker pull 2016-12-08 11:22:49 -05:00
Toshio Kuratomi
0ad023a0ac When no use_tls is not specified and no tls parameters are given we need to not attempt tls. 2016-12-08 11:22:49 -05:00
Alex Rowley
eeb867daf0 cloud/amazon/s3: update documentation
update description to show that module can do more than just put files into s3
2016-12-08 11:22:48 -05:00
Toshio Kuratomi
2e93f8e9f7 Make state=running work for backwards compatibility with 1.8 2016-12-08 11:22:48 -05:00
Toshio Kuratomi
1946f05baf Fix lookup of parameter name to be pid instead of pid_mode 2016-12-08 11:22:48 -05:00
Toshio Kuratomi
09a0db1e1f Make pid_mode parameter do minimum docker-py/docker server version checks 2016-12-08 11:22:48 -05:00
Toshio Kuratomi
95df4bcbee Fix for problems found by @dguerri
* TLSConfig['verify'] has to be set to False if we're only encrypting the
  connection, not verifying the host.
* tls_hostname was not set if tls_ca_cert was not present

https://github.com/ansible/ansible-modules-core/pull/926#issuecomment-78573877
2016-12-08 11:22:48 -05:00
Toshio Kuratomi
7c261b3954 Implement comments from @smashwilson:
* if tls_ca_cert is set then use tls to verify the server
* take tls_hostname from the environment variable DOCKER_TLS_HOSTNAME
  if it's not specified in the playbook

https://github.com/ansible/ansible-modules-core/pull/926#issuecomment-78542210
2016-12-08 11:22:48 -05:00
Ian Babrou
3bfe9a7b50 fixed: global name 'e' is not defined 2016-12-08 11:22:48 -05:00
Toshio Kuratomi
3284359894 Alternative implementation of tls for docker
Alternative to #854
2016-12-08 11:22:48 -05:00
Toshio Kuratomi
c9b33d5de2 Fix for py2.6 (no dict comprehensions on py2.6) 2016-12-08 11:22:48 -05:00
Toshio Kuratomi
c9cc8d0b70 Initialize the value of vpc_id variable 2016-12-08 11:22:48 -05:00
Mario Loria
00613cd4f3 Setting the actual passno and dump defaults, and warning user of consequences in nulling
Using ansible 1.8.4, I found that these two options actually work slightly different than advertised.
2016-12-08 11:22:48 -05:00
Toshio Kuratomi
ba90eea165 Also don't fail if files are different and overwrite is false for uploads (this mimics copy and template).
Related to #489
2016-12-08 11:22:48 -05:00
Hagai Kariti
7d16ec283e Fix KeyError in public zones in route53 2016-12-08 11:22:48 -05:00
Toshio Kuratomi
a02641b4f3 Documentation style changes 2016-12-08 11:22:48 -05:00
James Bowes
0d3aed3e1f Fix C() formatting typo in file module 2016-12-08 11:22:48 -05:00
Matt Martz
bcd9f83521 Prevent an empty error message 2016-12-08 11:22:48 -05:00
Brian Coca
34dbd69e12 updated to keep same info as in extras repo 2016-12-08 11:22:47 -05:00
Ian Babrou
005d02b185 not triggering reload for links and not string env variables 2016-12-08 11:22:47 -05:00
Ash Wilson
7c4e8774d8 Use {0}, {1} style format indices for 2.6 compat 2016-12-08 11:22:47 -05:00
Ash Wilson
ff0d0ceb70 Expect module env vars to override Dockerfile ones. 2016-12-08 11:22:47 -05:00
Ash Wilson
4e7d766e8f Include bind mounts in VOLUMES check. 2016-12-08 11:22:47 -05:00
Ash Wilson
959d135b60 Exposed ports, env vars, volumes from the image.
This will account for settings that are provided by the hierarchy of
Dockerfiles used to construct your image, rather than only accounting
for settings provided to the module directly.
2016-12-08 11:22:47 -05:00
Ash Wilson
0d822c0c02 Full image inspection and just repo tags
Hat tip to @bobrik.
2016-12-08 11:22:47 -05:00
Toshio Kuratomi
bba322a10e Sort subnets by the order they are specified in the play
Fixes #172
2016-12-08 11:22:47 -05:00
Bret Martin
650a7365f9 Allow vpc_subnet_id to remain unspecified (see bc0c169) 2016-12-08 11:22:47 -05:00
Sam Yaple
42fd85f041 Updated version and fixed default 2016-12-08 11:22:47 -05:00
Sam Yaple
24f1cf80bd Add pid mode support to docker module
This allows setting the pid namespace for a container. Currently only
the 'host' pid namespace is supported.

This requires Docker 1.4.1 and docker-py 1.0.0
2016-12-08 11:22:47 -05:00
Ash Wilson
1c5601a0b5 Connect to Docker with optional TLS. 2016-12-08 11:22:47 -05:00
Ash Wilson
4224dd1acb Rework docker module states.
Organize each state into a distinct function for readability and composability.
Rework `present` to create but not start containers. Add a `restarted` state
to unconditionally restart a container and a `reloaded` state to restart a
container if and only if its configuration is incorrect. Store our most recent
knowledge about container states in a ContainerSet object. Improve the value
registered by this task to include not only the inspect data from any changed
containers, but also action counters in their native form, a summary message
for all actions taken, and a `reload_reasons` key to store a human-readable
diagnostic to determine why each container was reloaded.
2016-12-08 11:22:47 -05:00
Matt Ferrante
aaca9b5127 check keys is in dim2 before evaluating 2016-12-08 11:22:47 -05:00
Lorin Hochstein
09e10ea031 Don't pass volumes_from to create_container
Don't pass the volumes_from argument to the Docker create_container method.

If the volumes_from argument is passed to the create_container method, Docker
raises the following exception:

    docker.errors.DockerException: 'volumes_from' parameter has no effect on
    create_container(). It has been moved to start()
2016-12-08 11:22:47 -05:00
zitterbacke
264a16d822 fix uri modul for JSON-escape quotation marks
consider the following response body (content) of a REST/JSON webservice containing escaped quotation marks:

```json
{ "key": "\"works\"" }
```

decoding this string not as raw will lose the backslash as JSON escape. later json.loads will fail to parse.

Inspired by [this thread](https://groups.google.com/forum/#!topic/ansible-project/kymtiloDme4) on the mailing list and the following python shell code:

```python
import json
string=r'{ "key": "\"works\"" }'
json.loads(string)
json.loads(string.decode('raw_unicode_escape'))
json.loads(string.decode('unicode_escape'))
```
2016-12-08 11:22:47 -05:00
Ash Wilson
338bbf6efc Pull newer image versions when requested. 2016-12-08 11:22:46 -05:00
Ash Wilson
6505ce3940 Another documentation commit. 2016-12-08 11:22:46 -05:00
Dag Wieers
43ef3a2bd9 Update authorized_key.py
Fix a (common) error in the examples. This is something that may go unnoticed during troubleshooting when copy&pasting the example.
2016-12-08 11:22:46 -05:00
Lev Popov
5f31654704 Allow to keep instance boot disk after instance deletion in google cloud module 2016-12-08 11:22:46 -05:00
Toshio Kuratomi
e5ba4e87d8 Fix for int port assignment in a playbook failing
Ports are integer values but the old code was assuming they were
strings.  When login_port is put into playbook complex_args as an
integer the code would fail.  This update should make the argument
validating make sure we have an integer and then we can send that value
directly to the relevant APIs.

Fixes #818
2016-12-08 11:22:46 -05:00
Toshio Kuratomi
49511ea078 Small code cleanup 2016-12-08 11:22:46 -05:00
Toshio Kuratomi
86f8a3d381 Clarify the documented behaviour of insertbefore slightly. 2016-12-08 11:22:46 -05:00
Toshio Kuratomi
9fa04de137 In service_enable, the default of changed is True so we have to set it to False explicitly if it is False.
Fixes #875
2016-12-08 11:22:46 -05:00
Brandon W Maister
2121bbc208 ec2: Apply all security groups at instance-creation
The code was picking out the first instance from the security groups
specified, even when multiple groups were specified. Now we use all of
them.
2016-12-08 11:22:46 -05:00
Lev Popov
6d1fd1afcc Allow to spawn instances without external ip in google cloud module 2016-12-08 11:22:46 -05:00
Michael Laccetti
8efb138fdc Moving the import to the top of the file and getting rid of the redundancy
I sure do wish I knew where the whitespace change was coming from, though. Frustrating.
2016-12-08 11:22:46 -05:00
Michael Laccetti
0bd25a9a38 Change s3 to use connect_to_region
* Allows us to use Ansible/s3 for GovCloud when accessing a pre-existing bucket
2016-12-08 11:22:46 -05:00
Jonathan Mainguy
1608163b26 Now correctly gzip/bzips file back up in case of import failure
Removed gunzip and bunzip2 dependency
2016-12-08 11:22:46 -05:00
Peter Gehres
878ff1e929 Issue #489: s3 should not fail on checksum mismtach when overwrite=no 2016-12-08 11:22:46 -05:00
Piotr Gosławski
9dd4f22430 update docs for insertbefore/insertafter 2016-12-08 11:22:46 -05:00
Piotr Gosławski
d388516046 Fix behavior when insert* doesn't match anything
If insertbefore/insertafter didn't match anything, lineinfile module was doing nothing, instead of adding the line at end of fille as it's supposed to.
2016-12-08 11:22:46 -05:00
Achilleas Pipinellis
302c6f9b82 Add note about using version 1 of DigitalOcean API. 2016-12-08 11:22:45 -05:00
Feanil Patel
a0caaf7f42 Compare DNS names case insensitively. 2016-12-08 11:22:45 -05:00
Carlo Mandelli
1f93a052d6 Added HP-UX subclass 2016-12-08 11:22:47 -05:00
James Cammarata
7fd7cffb61 Updating version added fields for new alias parameters in route53 2016-12-08 11:22:45 -05:00
Monty Taylor
3e3486b813 One more OpenStack deprecation notice
Fixes #858
2016-12-08 11:22:45 -05:00
Oleg A. Mamontov
845b6d78be On FreeBSD apply 'login_class' only if there is real change. 2016-12-08 11:22:45 -05:00
James Cammarata
657d9d1f25 Add private_zone parameter for route53
Fixes #473
2016-12-08 11:22:45 -05:00
Monty Taylor
411c7e22b6 Add deprecation notices for old OpenStack modules 2016-12-08 11:22:45 -05:00
Brian Coca
fb61d5e795 fixed add_host docs indentation 2016-12-08 11:22:45 -05:00
Monty Taylor
7c9a36a999 Deprecate old OpenStack modules
There are a completely new set of modules that do all of the things like
keystone v3 and auth_plugins and the like correctly. Structurally
upgrading these would have been massively disruptive and there is no
real good way to do so without breaking people.

These modules should be kept around for several releases - they still
work for people - and they should get bug fixes. But they should not
take new features. New features should go to the os_ modules.
2016-12-08 11:22:45 -05:00
Brian Coca
d6305bc938 fixed file module to use realpath when following links, readlink could be relative and fail in corner cases as per #852 2016-12-08 11:22:45 -05:00
Edward Larkey
d17726bae9 Fix typo in authorized key module documentation.
Added opening double quote
2016-12-08 11:22:45 -05:00
Toshio Kuratomi
b9984b1dfe Fix documentation to have correct param name 2016-12-08 11:22:45 -05:00
Dann Bohn
2cbaf16bcd rhn_channel using depriciated methods. swapped out with their replacements 2016-12-08 11:22:45 -05:00
Brian Coca
5c90040626 undeprecated docker_image until replacement actually arives 2016-12-08 11:22:45 -05:00
blxd
35c414c271 Added check mode support to the ini_file module 2016-12-08 11:22:45 -05:00
Gerard Lynch
1fcc1a7374 wait_for: updated docs, must be resolvable hostname, updated example 2016-12-08 11:22:45 -05:00