* Added in support for 'agent' and 'node' types.
* Tidies and moves `consul_acl` module closer to PEP8 compliance.
* Switched from using byspoke code to handle py2/3 string issues to using `to_text`.
* Made changes suggested by jrandall in https://github.com/ansible/ansible/pull/23467#pullrequestreview-34021967.
* Refactored consul_acl to support scopes with no pattern (and therefore a different HCL defintion).
* Corrects whitespace in Consul ACL HCL representation.
* Fixes Consul ACL to return the HCL equivalent JSON (according to the Consul docs) for the set ACLs.
* Repositioned import to align with Ansible standard (!= PEP8 standard).
* Adds Python 2.6 compatibility.
* Fixes PEP8 issues.
* Removes consul_acl.py as it now passes PEP8.
* Follows advice in the "Documenting Your Module" guide and moves imports up from the bottom.
* Tidies consul_acl module documentation.
* Updates link to guide about Consul ACLs.
* Removes new line spaces from error message string.
* Provide better error message if user forgets to associate a value to a Consul ACL rule.
* Minor refactoring of Consul ACL module.
* Fixes bug that was breaking idempotence in Consul ACL module.
* Detects redefinition of same rule.
* Adds test to check the Consul ACL module can set rules for all supported scopes.
* Fixes return when updating an ACL.
* Clean up of Consul ACL integration test file.
* Verify correct changes to existing Consul ACL rule.
* Adds tests for idempotence.
* Splits Consul ACL tests into cohesive modules.
* Adds test for deleting Consul ACLs.
* Test that Consul ACL module can set all rule scopes.
* Fixes issues surrounding the creation of ACLs.
Thanks for the comments by manos in https://github.com/ansible/ansible/pull/25800#issuecomment-310137889.
* Stops Consul ACL's name being "forgotten" if ACL updated by token.
* Fixes incorrect assignment when a Consul ACL is deleted.
* Fixes value of `changed` when Consul ACL is removed.
* Fixes tests for Consul ACL.
* Adds interal documentation.
* Refactors to separate update and create (also makes it possible to unit test this module).
* Improves documentation.
* Completes RETURN documentation for Consul ACL module.
* Fixes issue with equality checking for `None` in ACL Consul.
* Fixes Python 2 issue with making a decision based on `str` type.
* Fixes inequality check bug in Python 2.
* Adds tests for setting ACL with token.
* Adds support for creating an ACL with a given token.
* Outputs operation performed on Consul ACL when changed.
* Fixs issue with test for creating a Consul ACL with rules.
* Corrects property used to set ACL token in python-consul library.
* Fixes tear-down issue in test that creates a Consul ACL using a token.
A fileglob may issue a warning `Unable to find xxxx in expected paths` when `ansible_search_path` is not defined, because it loops over the characters in the string instead of looping over a list of one element.
* fixes for edge cases - load_balancers has not been specified - don't want to delete existing elbs, wanted elbs aren't a superset of has_elbs (eg. 1 elb existing, adding another), specifying load_balancers: [] to delete existing elbs
* Fix module failure with pacemaker_cluster: state=cleanup
If state=cleanup was used, set_cluster() was being called
with 'cleanup' state which it doesn't handle. Instead
use existing clean_cluster() method.
Fixes#27799
* get and return cluster_state on state=clean as well
* Import original unmodified upstream version
This is another attempt to get the xml module upstream.
https://github.com/cmprescott/ansible-xml/
This is the original file from upstream,
without commit 1e7a3f6b6e2bc01aa9cebfd80ac5cd4555032774
* Add additional changes required for upstreaming
This PR includes the following changes:
- Clean up of DOCUMENTATION
- Rename "ensure" parameter to "state" parameter (kept alias)
- Added EXAMPLES
- Remove explicit type-case using str() for formatting
- Clean up AnsibleModule parameter handling
- Retained Python 2.4 compatibility
- PEP8 compliancy
- Various fixes as suggested by abadger during first review
This fixescmprescott/ansible-xml#108
* Added original integration tests
There is some room for improvement wrt. idempotency and check-mode
testing.
* Some tests depend on lxml v3.0alpha1 or higher
We are now expecting lxml v2.3.0 or higher.
We skips tests if lxml is too old.
Plus small fix.
* Relicense to GPLv3+ header
All past contributors have agreed to relicense this module to GPLv2+, and GPLv3 specifically.
See: https://github.com/cmprescott/ansible-xml/issues/113
This fixescmprescott/ansible-xml#73
* Fix small typo in integration tests
* Python 3 support
This PR also includes:
- Python 3 support
- Documentation fixes
- Check-mode fixes and improvements
- Bugfix in check-mode support
- Always return xmlstring, even if there's no change
- Check for lxml 2.3.0 or newer
* Add return values
* Various fixes after review
* rm unneeded parens following assert
* rm unused parse_vaulttext_envelope from yaml.constructor
* No longer need index/enumerate over vault_ids
* rm unnecessary else
* rm unused VaultCli.secrets
* rm unused vault_id arg on VaultAES.decrypt()
pylint: Unused argument 'vault_id'
pylint: Unused parse_vaulttext_envelope imported from ansible.parsing.vault
pylint: Unused variable 'index'
pylint: Unnecessary parens after 'assert' keyword
pylint: Unnecessary "else" after "return" (no-else-return)
pylint: Attribute 'editor' defined outside __init__
* use 'dummy' for unused variables instead of _
Based on pylint unused variable warnings.
Existing code use '_' for this, but that is old
and busted. The hot new thing is 'dummy'. It
is so fetch.
Except for where we get warnings for reusing
the 'dummy' var name inside of a list comprehension.
* Add super().__init__ call to PromptVaultSecret.__init__
pylint: __init__ method from base class 'VaultSecret' is not called (super-init-not-called)
* Make FileVaultSecret.read_file reg method again
The base class read_file() doesnt need self but
the sub classes do.
Rm now unneeded loader arg to read_file()
* Fix err msg string literal that had no effect
pylint: String statement has no effect
The indent on the continuation of the msg_format was wrong
so the second half was dropped.
There was also no need to join() filename (copy/paste from
original with a command list I assume...)
* Use local cipher_name in VaultEditor.edit_file not instance
pylint: Unused variable 'cipher_name'
pylint: Unused variable 'b_ciphertext'
Use the local cipher_name returned from parse_vaulttext_envelope()
instead of the instance self.cipher_name var.
Since there is only one valid cipher_name either way, it was
equilivent, but it will not be with more valid cipher_names
* Rm unused b_salt arg on VaultAES256._encrypt*
pylint: Unused argument 'b_salt'
Previously the methods computed the keys and iv themselves
so needed to be passed in the salt, but now the key/iv
are built before and passed in so b_salt arg is not used
anymore.
* rm redundant import of call from subprocess
pylint: Imports from package subprocess are not grouped
use via subprocess module now instead of direct
import.
* self._bytes is set in super init now, rm dup
* Make FileVaultSecret.read_file() -> _read_file()
_read_file() is details of the implementation of
load(), so now 'private'.
* Changed rpm-keyid extraction and verification method
* minor style fixes
* fixed rpm key deletion,added integration test for mono key,fixed wording in integration tests
* Add delay and check configuration is right when interfaces is set on eos_vrf
Per the spec we put up for declarative intent modules, we need to check declarative
intent params (in the case of eos_vrf it's 'interfaces') after a delay and non-declarative
params have been set.
If that doesn't meet desired state after delay, we fail the task.
* Check declarative intent param only if config changed
* Fix pep8 issue
* Change default of delay param to 10
* Revert bogus change on eos_vlan
Since the module's path parameter is of the AnsibleModule type path
it's already being expanded. Hence no need to have the
set_fs_attributes_if_different method do its own expand.
This additional expand is an actual problem when the file module runs
recursively, as real existing file names can be mistakenly expanded to
something completely wrong and non-existing.
Fixes#25005Fixes#25639
Add support for adding multiple NICs in VMWare vSwitch.
Also, updated documetation with example.
Fixes: #23522
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* helpers.py: Fixes#27334 include empty task file within a 'block' disables the complete block
* include module: added warning if file without tasks is included
* moved aws elasticache module to boto3
* fixed error and improved code
* implemented requested changes
* now checking for missing boto3 packages in a better way
* now dynamically setting the default port depending on the engine if it is not set
* moved standard import in front of ansible ones
* now case insensitive in regards to engine name
* removed superfluous spaces
* now checking for None in the correct way
* removed elasticache module from exceptions to pep8 testing
* removed hardcoded default ports and letting aws decide if no port is given
Updates ec2_lc module to use boto3. Adds parameters:
instance_id
placement_tenancy
Also added a second example using instance_id and updated the docs with the new parameters.
* Return the request dictionary in the results
It's sometimes useful to have access to the request params in a k8s
style. The dictionary returned by the request_params call can be
serialized into YAML to produce a k8s like file.
* Add dry_run option to skip module execution
By having support for dry_run executions, it'll be possible to generate
YAML files from the results dictionary by using the data in the
`requests` key.
This PR includes:
- Documentation improvements (mostly related to boolean defaults)
- Make PEP8 compliant
- Ensure imports are specific
- Few cosmetic changes (sort lists, casing, punctuation)
* add new module do_sshkeys
* Deprecate digital_ocean_sshkey.py in favor of do_sshkeys
* Should not exit changed if name not set and key exist
* Add ansible metadata
* Return "ansible_facts" instead of "data" key
* Update documentation and remove unused import
* Remove facts module (1 module / PR)
* Fix
* Fix
* fix version_added
* Change old module status to deprecated
* Change old module status to deprecated
* Fix module deprecation
* Add support for new DO_OAUTH_TOKEN env var
* Fix python 2.6 positional index
* Update deprecation info
* Configure timeout and validate_certs for fetch_url
* rename do_sshkeys to digital_ocean_sshkeys
* Module is replaced, not deprecated anymore
* Fix module name
* Add version to new parameters
* Update module from boilerplate
We use ansible+cloudformation pretty heavily in our CI environments and occasionally bump into throttling issues. By adding this error code to the retry system we should be able to achieve better stability.
It's not clear from the docs whether you need to set `update_cache`
when using `cache_valid_time`.
Setting `cache_valid_time` should imply `update_cache`. Update docs
to reflect this.
* Reimplement iso_extract using 7zip (not requiring root)
So one of the drawbacks of the original implementation is that it required root for mounting/unmount the ISO image.
This is now no longer needed as we use 7zip for extracting files from the ISO.
* Fall back to using mount/umount if 7zip not found
As discussed with others.
Also improved integration tests.
This exposed some additional errors in logic in IncludeFile, which
had to be fixed to deal with the fact that the role path (unlike paths
from includes) are always absolute paths.
Fixes#27345
It allows retaining the version number in the downloaded artifact's name when the version to be downloaded is dynamically determined ('latest').
So far, the behavior was to overwrite the version string in the artifact name with 'latest' which leaves no trace of what version the downloaded artifact has. E.g., you cannot use this information for further processing like transferring it to an RPM that is built from the artifact.
This fulfills feature request ansible/ansible#22337
This PR includes:
- RETURN information (since the difference between status_code and
status was confusing)
- Improvements to parameter definition (and docs)
- PEP8 compliancy
Fix 'module' object is not callable
* rhn_register: fix Python 3 compatibility
* rhn_register: update requirements
* rhn_register: add unit tests
* Add missing method name
* use a dedicated line for XML related requirements
* rhn_register: drop support for Python 2.4
* rhn_register unit tests: fix Python 3 compatibility
* refactor in order to check order of the requests
* Fix for issue ansible/ansible#27715
* Also fixing mutually exclusive check
* Updating subspec checks
These changes take into account a spec with all features enabled and do
the following tests for subspecs:
1. Test proper specs
2. Test Alias
3. Test missing required param
4. Test mutually exclusive params
5. Test required if params
6. Test required one of params
7. Test required together params
8. Test required if params with a default value
9. Test basis subspec params
10. Test invalid subsec params
* adds new filter plugins for network use cases
* adds parse_cli filter
* adds parse_cli_textfsm filter
* adds Template class to network_common
* adds conditional function to network_common
* fix up PEP8 issues
* Add aggregate for junos modules and sub spec validation
* aggregate support of junos modules
* aggregate sub spec validation
* relevant changes to junos integration test
* junos module boilerplate changes
* Add new boilerplate for junos modules
* Fix CI issues
The IMC interface can be quite slow depending on the XML fragments used.
So we increase the default timeout to 60 seconds, and return the elapsed
time so it is easier to determine what timeout value makes sense from
earlier runs.
We also renamed **imc_xml** to **imc_rest**, now that we still can.
* win_stat: Add stat.isreg support
This PR includes the following changes:
- Adds stat.isreg support (cfr. the stat module)
- Always returns stat.isdir, stat.islnk, stat.isreg, stat.isshared
* Remove the controversial part
* s3_bucket: fix policy sorting for python3 so strings are evaluated as less than tuples.
Add tests to ensure this behavior is maintained.
* Fix s3_bucket comparison function to work on both Python 3.5 and 3.6
* s3_bucket: document that cmp_to_key is used for python 2.7.
Add another test for s3_bucket to compare policies of different sizes.
* fix pep8
* Work around code-smell grepping by not using the word 'cmp'.
* New module for managing AWS Datapipelines
* Supports create/activate/deactivate and deletion
* Handles idempotent creation by embeding the version in the
uniqueId field
* Waits for requested state to be reached, as Botocore doesn't
have waiters yet for datapipelines
* rename module, fix imports, add tags option, improve exit_json results, fix a couple bugs, add a TODO so I don't forget
fix pep8
allow timeout to be used for pipeline creation
make .format syntax uniform
fix pep8
fix exception handling
allow pipeline to be modified, refactor, add some comments, remove unnecessary imports
pipeline activation may not be in the activated state long
remove datapipeline version option
change a loop to a list comprehension
create idempotence by hashing the options given to the module minus the objects (which can be modified)
small bugfix
* data_pipeline unittests
make unittests pep8
fix bug in unittests
* remove exception handling that serves no purpose
* Fix python3 incompatibilities in datapipeline tests and add placebo fixture maybe_sleep for faster tests
Fix python3 incompatibilities in data_pipeline build_unique_id()
Don't delete a pipeline in diff_pipeline() because it's unexpected
Don't use time.time() because it causes an issue with placebo testing
re-recorded tests
fix pep8 in data_pipeline
Remove disable_rollback from tests
Make sure unique identifier is a string
re-record tests
* improve documentation and add another example
* use a placebo fixture instead of redundant code in tests
fix tests for PLACEBO_RECORD=false
* Fix data_pipeline docs
use isinstance instead of type()
fix documentation
* fix documentation
* Remove use of undefined variable from data_pipeline module and fix license
* fix copyright header
* Properly include aliases in ansible-doc output
Use correct variable name for storing aliases and only print them out if the list isn't empty.
Fixes#24498
* Only include choices in output if choices exist in the list
Fix adds missing imports and boilerplate for proxysql.
It also remove get_exception calls in-favor of native exception.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
Added fix for missing imports and boilerplate in files modules,
also, removed get_exception calls to match 2.6> exception handling.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
A playbook that does `timezone name=Australia/Brisbane` on
a host previously in UTC will appear to take 10 hours.
Improve the seconds handling for playbooks that take longer
than one hour.
Improve the hours handling for playbooks that take longer than
one day.
TZ change before:
```
Playbook run took 0 days, 10 hours, 0 minutes, 36055 seconds
```
After:
```
Playbook run took 0 days, 0 hours, 0 minutes, 55 seconds
```
Sleep for 100s more than one hour before:
```
Playbook run took 0 days, 1 hours, 1 minutes, 3641 seconds
```
After:
```
Playbook run took 0 days, 1 hours, 1 minutes, 41 seconds
```
* add option for path to pear executable
this is useful if you have multiple versions of PHP installed at once,
using SCL PHP RPMs from Red Hat or some other method
* update version number
* improve wording
* ManageIQ: manageiq_user module, module utils and doc_fragment
ManageIQ is an open source management platform for Hybrid IT.
This change is adding:
- manageiq_user module, responsible for user management in ManageIQ
- manageiq utils
- manageiq doc_fragment
* Handle import error
* Use formatting options
* group parameter is required
* changed doesn't need to be an attribute
* resource dictionary should contain values which isn't None
* move from monitoring to remote-management
* Use ManageIQ nameing convention
* Do not set defauts in arguments
* Use idempotent state parameter instead of action
* Check import error in the manageiq util class
* Update the miq documentation
* rename the connection configuration from miq to manageiq_connection
* All messeges start with non cap, fix typos, add examples, rename vars
* more typos fixes
* Make sure we insert only strings to logs by using % formating
* use suboptions keyword for the manageiq connection
* do not log the managiq connection struct (it include sensitive information like username and password)
* add missing from __future__
* ahh, wrong no-log line
* Use sub options
Fix adds check for requests Python module and suggests user to install,
if no requests module installation found.
Fixes: #27643
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* openssl_csr: make subjectAltNames a list
* csr module now uses the new standard way to build openssl crypto modules
* add check functions for subject and subjectAltNames
* added support for keyUsage and extendedKeyUsage
* check if CSR signature is correct (aka the privatekey belongs to the CSR)
* fixes for first PR review
* fixes for second PR review
* openssl_csr: there is no need to pass on privatekey as it can be accessed directly
* openssl_csr: documentation fixes
* Initial commit for integration of HPE OneView resources with Ansible Core. Adding FC Network and FC Network Fact modules and unit tests, and OneView base class for all OV resources.
* Add 'cacheable' param to set_fact action and module.
Used just like set_fact, except facts set with cacheable: true
will be stored in the fact cache if fact caching is enabled.
set_fact normally only sets facts in the non_persistent_fact_cache, so they
are lost between invocations.
* update set_facts docs
* use 'ansible_facts_cacheable' in module/actions result
* pop fact cacheable related items out of args/results
We dont want to use 'ansible_facts_cacheable' result item
or 'cacheable' arg as actual facts, so pop them out of the
dicts.
* ec2_ami_copy.py: Fix WaiterError handling.
Change suggested by Adam Johnson at https://github.com/ansible/ansible/issues/26971
* ec2_ami_copy.py: WaiterError: fail_json: add exception parameter.
* ec2_ami_copy.py: import traceback
previously gather_subset=['!all'] would still gather the
min set of facts, and there was no way to collect no facts.
The 'min' specifier in gather_subset is equilivent to
exclude the minimal_gather_subset facts as well.
gather_subset=['!all', '!min'] will collect no facts
This also lets explicitly added gather_subsets override excludes.
gather_subset=['pkg_mgr', '!all', '!min'] will collect only the pkg_mgr
fact.
* fail the execution instead of panicking when the hostname is not found and the vmid was not provided
* return an empty vmid list if the hostname doesn't exist
* Add module cv_server_provision for integration with Arista CloudVision Portal.
* Doc update.
* Remove shebang from test file. Update short description with company and product name.
* Update exception syntax to Python3 style.
* Remove blank line between imports.
* Remove newlines from RETURN documentation.
* Add cvprac to unittest requirements.
* Update unittest format. Add a few additional tests.
* Mock exceptions from cvprac so the library is not needed for unittests.
* Mock cvprac imports.
* Update unit tests to support python 3.5.
* Mock full cvprac library for unittests.
* Update Jinja2 import to pass updated CI checks.
* Update cvprac imports format for new CI tests.
* Add __metaclass__ and __future__.
Create preserved_copy function in basic.py to perserve file ownership.
* Add a test for template preserved backup
* Use a script to get the random names
* bytes to strings
* Remove dump of hostvars
* Stop being fancy and create a testuser instead
* Fix pep8
* set file attributes
* Pass the correct data to set_attributes_if_different
* Use -j instead -b and pass the attributes as a string instead of a list
* remove debugging message
* Use shell to softly set the attr
Fixes#24408
Fix corrects the parsing of JSON output in Python 3
environment by using to_text API.
Fixes: #26489
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
This allows a single template to be evaluated with different values in
the same task. For example, with a template like 'x:{{a}}', one could do
something like this:
- foo:
a: "{{ lookup('template', 'x.j2', template_vars=dict(a=foo[item])) }}"
b: "{{ lookup('template', 'x.j2', template_vars=dict(a=bar[item])) }}"
with_items:
- x
- y
…and "a" and "b" would expand to different strings based on what we
passed in to the template lookup.
When parsing a vaulttext blob, use .splitlines()
instead of split(b'\n') to handle \n newlines and
windows style \r\n (CRLF) new lines.
The vaulttext enevelope at this point is just the header line
and a hexlify()'ed blob, so CRLF is a valid newline here.
Fixes#22914
The AnsiBallZ wrapper is transferred to the remote machine with
a filename similar to the Ansible-module it runs. For modules like copy
and tempfile, this can end up conflicting with stdlib modules on the
remote machine depending on how python is setup there. We have a little
bit of code in the wrapper to deal with this by removing the path that
the ansible module resides in from sys.path.
On MacOSX, that code was having a problem. The path the module ends up
in included a symlinked directory so we were looking for a path in
sys.path but we had to look for the unsymlinked path instead.
Fix that by using os.path.realpath() instead of os.path.abspath()
Got removed in arg parsing updates. Now added back in
setup_vault_secrets().
The default value for DEFAULT_VAULT_PASSWORD_FILE was also
set to '~' for some reason, change to to no default.
Add integration tests.