Commit graph

182 commits

Author SHA1 Message Date
Martin Krizek
b618339c32 2.7: user: do not pass ssh_key_passphrase on cmdline (#47445)
* user: do not pass ssh_key_passphrase on cmdline

CVE-2018-16837

Co-authored-by: Toshio Kuratomi <a.badger@gmail.com>
(cherry picked from commit a0aa53d1a1)

* Ignore user module use of subprocess.

(cherry picked from commit 8d00afc013)

* Fix python3 problem in user module cve fix

(cherry picked from commit 9088671c4e)

* Fix changelog entry for user module CVE fix

(cherry picked from commit 210a43ebeb)
2018-10-22 19:59:34 -07:00
René Moser
083d2a6ad7 [2.7] backport cs_instance fixes (#46274)
* cs_instance: doc: fix typo in examples (#46035)


(cherry picked from commit c09b785a66)

* cs_instance: fix host migration without volume (#46115)


(cherry picked from commit e7926cf9f4)

* add changelog fragment
2018-10-09 18:22:07 -07:00
Sandra McCann
0c81145fd3 [WIP] Backport/2.7/second batch (#45927)
* Update influxdb_database.py (#39984)
(cherry picked from commit 049a462058)

* Link to the Galaxy platforms list from the meta file template (#34046)
(cherry picked from commit fa18d45eb3)

* fix gce_backend_service examples for healthchecks (#31134)
(cherry picked from commit e26d758d6f)

* Clarify the creates and removes options (#45485)
(cherry picked from commit bf90a44468)

* lineinfile note belongs in changelog for 2.6, not 2.7 (#45517)
(cherry picked from commit 228fee4f3a)

* Update keycloak_client.py (#43547)
(cherry picked from commit cb460dee74)

* The keyword 'cloud' has been deprecated in favor of the 'profile' keyword by os-client-config. (#31389)
(cherry picked from commit 17ca0a9bd9)

* Clarified documentation for the unsafe_writes option (#27471)
(cherry picked from commit dd5d191d7a)
2018-09-20 14:10:39 -05:00
Brian Coca
22f50e416d correct and clarify deprecation (#45234)
* correct and clarify deprecation

(cherry picked from commit 64c594d226)
2018-09-06 11:36:28 -07:00
newtonne
30fd326953 Various updates to macports module (#44605)
- Add support for installing specific variants of a port.
- Add support for using yaml lists with 'name' parameter, rather than comma-separated lists.
- Add to and clarify documentation and examples.
- Use Macports nomenclature:
  - s/package/port/g
  - Rename update_cache to sync_ports but keep update_cache as an alias. Remove undocumented update-cache alias.
  - Remove undocumented 'pkg' alias for 'name'. Replace with 'port' alias and document it.
- Print stdout and stderr output if `port sync` fails.
- Print stderr output, rather than stdout, if `port install/uninstall/activate/deactivate` fail.
2018-08-30 05:03:29 +02:00
Chris Archibald
7cded31ec9 Depreciate elementsw modules (#44792)
* rename deprecated files
2018-08-29 17:51:52 +01:00
René Moser
dd953dbe96
cs_template: implement update and revamp (#37015) 2018-08-28 19:55:21 +02:00
Michael Price
f89374bf6d Update the ignore and doc_fragments for E-Series
Make the generic updates to remove unneeded ignores and improve the
documentation for the NetApp E-Series modules.
2018-08-27 13:52:58 -07:00
Toshio Kuratomi
68c60ad307 Change validate-modules for removed modules
Removed modules now don't have documentation.  Need to account for that
when checking them in validte-modules
2018-08-24 15:37:13 -07:00
Aren
9db3e597f3 state: present added in docs (#37197)
* state: present added in docs

* atomic_container.py docs now match argspec, enforce test
2018-08-24 12:22:18 -05:00
Michael Price
ad91793428 Resolve issues in NetApp E-Series Host module (#39748)
* Resolve issues in NetApp E-Series Host module

The E-Series host module had some bugs relating to the update/creation
of host definitions when iSCSI initiators when included in the
configuration. This patch resolves this and other minor issues with
correctly detecting updates.

There were also several minor issues found that were causing issues with
truly idepotent updates/changes to the host definition.

This patch also provides some unit tests and integration tests to help
catch future issues in these areas.

fixes #28272

* Improve NetApp E-Series Host module testing

The NetApp E-Series Host module integration test lacked feature test
verification to verify the changes made to the storage array.

The NetApp E-Series rest api was used to verify host create, update, and
remove changes made to the NetApp E-Series storage arrays.
2018-08-24 15:44:59 +01:00
Ondra Machacek
24c26aded8 oVirt: Add depracation warning to all modules (#44440) 2018-08-23 09:42:05 -04:00
/v\atthew L Daniel
d7e66f16a6 Correct the default doc for attached in ec2_eni (#44523)
* Correct the default doc for attached in ec2_eni

Also corrected a typo in the summary

* Address ansible-test sanity error about E324

* Fix and remove the E325 suppression for ec2_eni
2018-08-23 12:44:49 +10:00
Chris Archibald
9dceca8a88 Deprecated Old NetApp Cdot Modules (#43781)
* MVP2 Post ElementSW OSRB sync

* Revert "MVP2 Post ElementSW OSRB sync"

This reverts commit c13db2ad962cd56bffce052c2891c558a2240c72.

Undoing bad push

* move deprecated files

* add documentation

* add new line

* Fix version issue

* fix issue with ignore file, hopefully

* Add ontap modules to porting guide

* fix refs

* add _module to ref
2018-08-14 09:39:52 -07:00
René Moser
1fb0e11b56
vultr: rename prefix vr_to vultr_ (#43994)
* vultr: rename modules

* replace string vr_ with vultr_

* add deprecation warning

* fix sanity tests

* add changelog
2018-08-13 10:21:50 +02:00
Chris Archibald
479408330e Adding Common files for NetApp ElementSW release (#43727)
* MVP2 Post ElementSW OSRB sync

* Revert "MVP2 Post ElementSW OSRB sync"

This reverts commit c13db2ad962cd56bffce052c2891c558a2240c72.
2018-08-10 09:33:08 -07:00
Matt Martz
54e4c53f00
Ensure removed_in is StrictVersion before comparing (#43835)
* Ensure removed_in is StrictVersion before comparing

* Catch ValueError with StrictVersion on incompatible versions
2018-08-08 14:29:14 -05:00
Matt Martz
01c0446cb5
Add AnsibleModule signature schema, and fix associated issues (#43512) 2018-07-31 15:04:22 -05:00
Florian Braun
74af52533f Variable Timout for Katello Module + Documentation (#41834)
* Changed Foreman timeout to be setable via a parameter
Added a Parameter to set the timout to wait for the started Foreman actions
by the user instead of using the hard coded 1000 Seconds

* katello module screamed for more docu :)

* fix docu + some ci findings
made docu better and moved chices in relations to other options to the description

* added a quote to description and removed wrong combination of param product

* Removed choices from params
also removed katello from a ignore file
2018-07-27 12:31:12 -07:00
Toshio Kuratomi
52449cc01a AnsiballZ improvements
Now that we don't need to worry about python-2.4 and 2.5, we can make
some improvements to the way AnsiballZ handles modules.

* Change AnsiballZ wrapper to use import to invoke the module
  We need the module to think of itself as a script because it could be
  coded as:

      main()

  or as:

      if __name__ == '__main__':
          main()

  Or even as:

      if __name__ == '__main__':
          random_function_name()

  A script will invoke all of those.  Prior to this change, we invoked
  a second Python interpreter on the module so that it really was
  a script.  However, this means that we have to run python twice (once
  for the AnsiballZ wrapper and once for the module).  This change makes
  the module think that it is a script (because __name__ in the module ==
  '__main__') but it's actually being invoked by us importing the module
  code.

  There's three ways we've come up to do this.
  * The most elegant is to use zipimporter and tell the import mechanism
    that the module being loaded is __main__:
    * 5959f11c9d/lib/ansible/executor/module_common.py (L175)
    * zipimporter is nice because we do not have to extract the module from
      the zip file and save it to the disk when we do that.  The import
      machinery does it all for us.
    * The drawback is that modules do not have a __file__ which points
      to a real file when they do this.  Modules could be using __file__
      to for a variety of reasons, most of those probably have
      replacements (the most common one is to find a writable directory
      for temporary files.  AnsibleModule.tmpdir should be used instead)
      We can monkeypatch __file__ in fom AnsibleModule initialization
      but that's kind of gross.  There's no way I can see to do this
      from the wrapper.

  * Next, there's imp.load_module():
    * https://github.com/abadger/ansible/blob/340edf7489/lib/ansible/executor/module_common.py#L151
    * imp has the nice property of allowing us to set __name__ to
      __main__ without changing the name of the file itself
    * We also don't have to do anything special to set __file__ for
      backwards compatibility (although the reason for that is the
      drawback):
    * Its drawback is that it requires the file to exist on disk so we
      have to explicitly extract it from the zipfile and save it to
      a temporary file

  * The last choice is to use exec to execute the module:
    * https://github.com/abadger/ansible/blob/f47a4ccc76/lib/ansible/executor/module_common.py#L175
    * The code we would have to maintain for this looks pretty clean.
      In the wrapper we create a ModuleType, set __file__ on it, read
      the module's contents in from the zip file and then exec it.
    * Drawbacks: We still have to explicitly extract the file's contents
      from the zip archive instead of letting python's import mechanism
      handle it.
    * Exec also has hidden performance issues and breaks certain
      assumptions that modules could be making about their own code:
      http://lucumr.pocoo.org/2011/2/1/exec-in-python/

  Our plan is to use imp.load_module() for now, deprecate the use of
  __file__ in modules, and switch to zipimport once the deprecation
  period for __file__ is over (without monkeypatching a fake __file__ in
  via AnsibleModule).

* Rename the name of the AnsiBallZ wrapped module
  This makes it obvious that the wrapped module isn't the module file that
  we distribute.  It's part of trying to mitigate the fact that the module
  is now named __main)).py in tracebacks.

* Shield all wrapper symbols inside of a function
  With the new import code, all symbols in the wrapper become visible in
  the module.  To mitigate the chance of collisions, move most symbols
  into a toplevel function.  The only symbols left in the global namespace
  are now _ANSIBALLZ_WRAPPER and _ansiballz_main.

revised porting guide entry

Integrate code coverage collection into AnsiballZ.

ci_coverage
ci_complete
2018-07-26 20:07:25 -07:00
saichint
fa5f396a4b nxos_file_copy enhancement (#42424)
* add file_pull option

* typo correction

* fix shippable error

* review comments

* fix for review comments by mwiebe

* possible shippable fix

* remove file_copy from ignore

* more review comments addressed

* review comments

* add localhost for remote scp server in tests

* timeout fix
2018-07-25 17:46:55 +05:30
tomelrod
5eb47066e3 Documentation change for resizefs (#43224)
* Documentation change for resizefs

Changed documentation to match the default value of resizefs set in the code.
Added a note on the resizefs use on the example utilizing it.

* Remove test now it validates fine
2018-07-25 00:22:24 +02:00
Abhijeet Kasurde
b02e0c07d8
dnsimple: refactor dnsimple module (#42548)
* Update dnsimple-python minimum version to 1.0.0 as it supports API v2 and API v1 is deprecated.
* Update examples.
* Update documentation.

Fixes: #42495

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2018-07-21 08:58:39 +05:30
Dag Wieers
e899824c49
ACI: Add parameter types to module docs (#42893)
* ACI: Add parameter types to module docs

* Update validate-modules ignore list
2018-07-17 18:03:55 +02:00
Sloane Hertel
2c3e6f8bd3 [elb_target_group] fix docs and add default for wait_timeout - fixes #42324 (#42477)
Add default for wait_timeout and version_added flag
2018-07-13 15:09:33 -04:00
Yanis Guenane
593f484d77 Fix E324 for vultr modules. (#42464) 2018-07-10 07:51:05 +02:00
John R Barker
d962611528 Allow documentation of module options type (#42285)
* Allow documentation of module options

Pass through the `type` of a modules option so it's displayed on the
html module docs

* docs
2018-07-05 09:57:58 -04:00
fxfitz
f92b95b8cb Remove ipa_ modules from sanity ignore; fix the docs 2018-07-03 18:16:09 -07:00
Dag Wieers
57c0471b54
Fix ACI validate-modules issues (#42222) 2018-07-03 04:04:35 +02:00
tstoner
db7300904d Enforcing NXAPI default HTTP behavior (#41817)
* nxos_nxapi http default behavior

* Use nxos_nxapi module in prepare_nxos_tests

* Refactor nxos_nxapi configure test to use yaml block

* Extend nxos_nxapi https & http test cases

* Removed NXOS internal release naming

* Resolved ansibot sanity errors

* Fix typo in prepare_nxos_tests

* Address PR comments

* Shippable indicates this is no longer needed

* Add port change logic and testing
2018-07-02 14:58:37 -04:00
John R Barker
6024a766e9
Allow removed_in 2.11 (#42119) 2018-06-29 09:42:54 -07:00
Andrea Tartaglia
a342538aba Add shell out checks (#41545)
* Added error codes for shell_out checks

* Added ignore lines for allowed Modules

* Added shell out checks

* Fixed pep8

* Updated regex to only match subprocess.Popen

* Added failing modules to ignore.txt

* Wrong postgresql module in ignore.txt

* Removed bigip from ignore.txt
2018-06-21 11:58:39 -04:00
Abhijeet Kasurde
27b85e732d Argument spec must be dict/hash (#40858)
validate-modules should fail when argument is not dict/hash.

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2018-06-20 12:05:49 -04:00
Sloane Hertel
7d2c71462d gluster_volume: add 'volume' alias to 'name' param (#40845)
* gluster_volume: add 'volume' alias to 'name' param

* remove gluster_volume from validate-modules/ignore.txt
2018-05-30 02:06:46 +02:00
Pilou
de385560a8 jenkins_jobs: fix typos (#40844)
* jenkins_job: fix typos

* jenkins_job: add type for 'enabled' parameter
2018-05-30 01:44:02 +02:00
Matt Clay
45c6fa9784 Update gluster_volume path in ignore.txt. 2018-05-29 08:35:13 -07:00
Matt Martz
b07f779296 Update dnf module argument_spec and docs to match (#39819)
* Update dnf module argument_spec and docs to match. Fixes #39800

* Always evaluate autoremove as boolean
2018-05-28 06:26:04 -04:00
Zim Kalinowski
dde48560fb fixing container instance sanity & integration tests (#40774) 2018-05-28 12:59:26 +08:00
Strahinja Kustudic
de57fa71c1 Improve timezone module for none systemd Linux distributions (#38032)
* The module now correctly sets the timezone in both the config file and
in /etc/localtime; while hwclock is set in both the config and
/etc/adjtime.
* Module checks if the timezone is actually set by checking
/etc/localtime. Before it only checked if it was set in the config file.
* Fixed module not setting the timezone on RedHat systems if
/etc/localtime was a symbolic link.
* Fixed module failures in case of missing config files or incorrect data
in them.
* Added a lot of integrations tests to cover most of these situations.
2018-05-25 12:01:03 -05:00
René Moser
5dd3aa26ea
cs_instance: implement host migration support (#40309)
* cs_instance: implement host migration support

* fix build

* fail fast on update if user is not admin

* improve tests a bit

* expunge it

* fix typo

* disable temporarly verify for host on starting instance.
2018-05-25 11:20:04 +02:00
Jiri Tyr
e6e5e45d7e Fixing choices for transport option in gluster_volume module (#38815) 2018-05-25 03:30:30 -04:00
Zim Kalinowski
8e38668285 fixing disabled azure sanity tests (#40519)
* fixing azure sanity tests

* fixing sanity

* fixing some tags issues

* removed unnecessary things from managed disk

* fixed location problem

* more sanity fixes

* sanity test fixes

* final sanity fixes?

* final fixes again

* undo changes related to container instance

* removed container instance

* readd again

* fixed stupid mistake

* removed _azure from changes

* one more mistake
2018-05-23 00:49:04 -04:00
Matt Clay
8deced3e04
Fix shebangs and file modes and update tests. (#40563)
* Add execute bit sanity test and apply fixes.
* Add shebang test for `lib` dirs and apply fixes.
* Shebang and execute bit cleanup.
2018-05-22 14:25:36 -07:00
Matt Clay
8d39515914 Remove tab check from validate-modules.
It is redundant with the pycodestyle W191 "indentation contains tabs" check.
2018-05-21 14:45:19 -07:00
Strahinja Kustudic
32d6a354d7 postgresql_user: set encrypted as default and fix empty password reporting changed (#36931)
* Set encrypted as default and fix empty password reporting changed

* Starting with Postgres 10 `UNENCRYPTED` passwords are removed and
because of that this module fails with the default `encrypted=no`.
Also encrypted passwords are suported since version 7.2
(https://www.postgresql.org/docs/7.2/static/sql-createuser.html) which
went EOL in 2007 and since 7.3 it is the default. Because of this it
makes a lot more sense to make `encrypted=yes` the default. This won't
break backward compatibility, the module would just update the user's
password in the DB in the hashed format and everything else will work
like before. It's also a security bad practice to store passwords in
plain text. fixes #25823
* There was also a bug with `encrypted=yes` and an empty password always
reported as changed.
* Improved documentation for `encrypted`/`password` parameters, and
removed some obsolete notes about passlib.

* Fix clearing user's password to work with all versions of Postgres

* Add tests for clearing the user password

* Fix documentation atfer rebase

* Add changelog fragment
2018-05-21 14:49:44 -05:00
John R Barker
fe4368ce15
removed_in: 2.6 is valid (#40399) 2018-05-18 15:32:31 +01:00
Toshio Kuratomi
46d35d8919 unarchive now passes the E322 test 2018-05-17 15:24:56 -07:00
René Moser
de8b6b55f7
cs_vpc: implement state=started (#40319) 2018-05-17 22:42:53 +02:00
Anil Kumar Muraleedharan
1cb4619c9a Modifying cnos-facts, cnos_command and cnos-config in line with the design followed in Ansible. Adding unit test cases for these modules. Added plugins to support them. (#39955)
* Modifying cnos-facts, cnos_command and cnos-config in line with the design followed in Ansible. Adding unit test cases for these modules. Added plugins to support them.

* Removing doc fragment conflicts with other modules

* Replacing show with display
2018-05-17 10:06:24 -04:00
Dag Wieers
3cdd5da247
xml: Fix validate-modules issue (#40121) 2018-05-15 02:29:48 +02:00