Commit graph

1941 commits

Author SHA1 Message Date
Felix Fontein
ca57871954
openssl_* modules: prevent crash on fingerprint determination in FIPS mode (#67515)
* openssl_* modules: prevent crash on fingerprint determination in FIPS mode.

* Add changelog.
2020-02-18 09:43:22 +01:00
Bruno Meneguello
9f41d0e914
route53: improve octal encoded characters handling (#60508)
* route53: improve octal encoded characters handling

* Update changelogs/fragments/60508-route53-improve-octal-characters-handling.yml

Co-Authored-By: Felix Fontein <felix@fontein.de>

Co-authored-by: Felix Fontein <felix@fontein.de>
2020-02-18 09:18:59 +01:00
Jan Meerkamp
cbc38d2e5a
Windows: Add multi-domain forest Support (#65138)
* Add multi-domain forest Support
cloned extra_args so there is no check for credentials needed.
Fixed Formatting
added missing extra_args to pure state

* minor Fixes
do not clone $extra_member_args again
do not overide $name
better description

* added Changelog
fixed typo in Documentation
2020-02-18 08:43:17 +10:00
Sam Doran
c64202a495
ansible-galaxy - fix role list bug (#67391)
Properly list roles even when the role name is the same or a substring of the
path to the role.
2020-02-17 16:16:14 -05:00
Sloane Hertel
6a8b1f867e
[aws_s3] fix deleting versioned objects before deleting bucket (#54435)
* [aws_s3] fix deleting the current objects and the previous versions from a version-enabled bucket

* use existing paginated_list function to keep compatibility with the other places it is called

* changelog

* Add noteworthy change to the porting guide

* Reword that with acozine's suggestion

Co-authored-by: Alicia Cozine <879121+acozine@users.noreply.github.com>
2020-02-17 13:16:09 -05:00
Martin Nečas
3bf6802cb2
ovirt_disk: correct description of storage_domain (#67454)
* ovirt_disk: correct description of storage_domain
* add changelog

Signed-off-by: mnecas <necas.marty@gmail.com>
Co-authored-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-02-17 11:19:57 -06:00
Max Bubenick
eff51c0122
Fix proxysql module cursor_class (#67339)
* Fix proxysql module cursor class

* Adding changelog file

* adding extension to changelog file
2020-02-17 13:55:44 +01:00
Brian Scholer
be26f4916f
win_dns_client DHCP improvements + more (#66451)
* Fix DHCP support in win_dns_client + more

* Fix bugs and test failures, add changelog fragment

* Add idempotency tests for DHCP

* Address review feedback; dedup address-family code

* Remove legacy function

* Remove old reference
2020-02-17 15:35:54 +10:00
Jordan Borean
e3d5dc0ed0
win_domain_controller: Added domain_log_path (#67448) 2020-02-17 07:25:22 +10:00
Sylvia van Os
ff0576802f
Support changing fetch_url settings for Rendeck modules (#66357) 2020-02-16 15:07:36 +01:00
tottoto
cc86748109
Fix url handling in lxd_container and lxd_profile module (#66097)
* Fix url handling in lxd_container module

* Fix url handling in lxd_profile module
2020-02-15 12:39:05 -05:00
Pilou
5aa60a5fa7
ovirt: don't ignore instance_cpus parameter (#64366) 2020-02-15 14:57:19 +00:00
Felix Fontein
b1de5d43fc
openssh_keypair and openssl_privatekey: add regenerate option (#67038)
* Add regenerate option to openssh_keypair and openssl_privatekey.

* Add changelog.
2020-02-15 14:39:36 +00:00
Felix Fontein
55cb8c5388
docker_login: fix permissions for ~/.docker/config.json (#67353)
* Fix permissions for ~/.docker/config.json.

* Add changelog, remove debug output.
2020-02-15 14:38:58 +00:00
Andrew Klychkov
59bcc9f739
Bugfix of 67377: postgresql_set converts value to uppercase if "mb" or "gb" or "tb" is in the value string (#67418)
* Bugfix of 67377: postgresql_set converts value to uppercase if "mb" or "gb" or "tb" is in the value string

* fix CI

* add changelog
2020-02-15 13:03:53 +00:00
Markus Fischbacher
98bc53d3cb
zabbix_action - allowing string for esc_period (#66841)
* allowing string for esc_period

* add changelog fragment

* Update zabbix_action.py

* remove now unneeded test
2020-02-15 12:57:02 +00:00
Andrej Svenke
f98874e4f9
ec2_asg: max_instance_lifetime and respect wait on replace (#66863)
* ec2_asg: max_instance_lifetime and respect wait on replace

* ec2_asg: max_instance_lifetime integration tests

* ec2_asg: address review comments
2020-02-15 12:56:39 +00:00
René Moser
bcd145c111
vultr: Fix retry max delay param ignored (#67437)
* vultr: Fix retry max delay param not taken

* add changelog
2020-02-15 12:40:03 +00:00
Sam Doran
7ae34cef15
Fix role list regression (#67436)
Add the roles_path parent to the role_parser
object, so paths are passed to the list function

Add basic role list tests to prevent future regressions
2020-02-14 19:51:48 -05:00
Vasili
9b28f1f5d9
Fix incorrect "Could not match supplied host pattern" warning (#66764) (#67432) 2020-02-14 15:50:52 -06:00
Abhijeet Kasurde
7000c51c06 VMware: Add support for specify tag and category as dict
User can now specify tag and category using dict in vmware_tag_manager
module. This is useful when tag or category name contains colon.

Fixes: #65765

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-02-14 16:07:10 -05:00
Sam Doran
f506fd4730
Add ansible-galaxy collection list command (#65022)
* Start adding ansible-galaxy collection list options

* Working list all collections and list a specific collection

* Nuke debugging cruft

* Use to_text to get a string of the FQCN for sorting

* Improve collection output formatting

- add header
- display collection name and version in separate columns
- width of columns is dynamic based on collection name and version length

* Make role list output match collection output list

- add header
- add columns for role name and version
- make column width dynamic based on name and version length

* remove debug statemnt and extra header

* Revert "Make role list output match collection output list"

This reverts commit a0b3db47bb3b198aafd34c1f1be5b6561af2f928.

* Add validate_collection_path function

Utility function for ensuring a collection target ends with 'ansible_collection'

* Use validate_collection_path

* Do not warn if a specific collection in found in any search path

* Fix extraneous warning and remove duplicate code

Do not warn when listing a specific collection and it does not exist
in other collection paths.

Restructure the code that loops through collection paths to remove
duplicate conditional code.

* Indicate role path was found

* Use new function name

* WIP Save Point

* Use separate functions for role and collection list

* Wrap error message

There may be a better way to do this besides hard coding a line break, but this
does make the message a lot more readable.

* Add validate_collection_path function (#66441)

* Add validate_collection_path function

Utility function for ensuring a collection target ends with 'ansible_collection'

* Fix bad syntax

* Correct docstring

* Bikeshed the names

* Properly list a single role

* Simplify _display_warnings()

Only display warnings. Move exception raise back to each caller.

* Move private methods to private functions

They don't need self, so it makes sense to have them as functions
Get rid of _display_warnings() function since it doesn't do anything worthy of
an independent function.

* Add integration tests for ansible-galaxy collection list

* Fix docs sanity test

* Fix bug where ansible_collections dir does not exist

The path may exist, but if there is no ansible_collections dir inside that path,
an exception was raised in find_existing_collections().

Add integration test for this scenario

* Put execute_list() method back

* Add some informational messages for debugging

* Add unit tests

Units tests for the various private methods in support of collection list

* Start adding unit tests for test_execute_list

* Display collection path when listing specific collection

* Add unit tests for listing all collections and specific collection

- Create fixture for creating test objects
- Add function for controlling os.path.isdir results

* Set defaults for minimum collection widths

Ensure that collections with small FQCNs display correctly.
Add unit tests

* Split up unit tests and fix fixtures

Add more fixtures for mocking objects during the specific collection tests

* Change help message for -p in list subcommand

Give accurate description of what it actually does rather than trying to use language shared between sub commands.

* Disable colorized output in unit test

* Add docs for collection list

* Fix integration test on macOS

The temp file path is really long on macOS, so the warning message gets wrapped
across multiple lines. That make seth grep fail. Switch to matching on a smaller
part of the warning.

* Recreate common path options for collections

Improve help about what the '-p' option does and how it works.

* Remove unnecessary elif after continue statements

* Account for duplicate paths in collections_searh_paths

If someone specifies the same path via '-p' that is the COLLECTIONS_PATHS,
do not list the collections twice.

* Docs updates
2020-02-14 14:00:00 -06:00
Sloane Hertel
97f011cf94
Add verify subcommand to 'ansible-galaxy collection' (#65618)
* [WIP] Add verify subcommand command to 'ansible-galaxy collection'

* Fix pep8 and use consistent display order

* WIP - docs

* Remove some redundancy in verify display messages by using an error queue for each collection

* Share common code and improve output format

* clean up documentation

* typo

* Apply suggestions from code review

Co-Authored-By: Sandra McCann <samccann@redhat.com>

* Move ModifiedContent namedtuple to the global scope

Add a public metadata property

Rename function to _get_json_from_tar_file

* Add some unit tests

* fix using common functions after rebase

* changelog

* Improve efficiency finding specific installed collections

Improve efficiency by only downloading the tar.gz from the galaxy server for comparison after checking that the collection has been installed

Handle multiple collection paths

Fix up tests

* pep8

* reword that for accuracy

* use more common code and verify collection name

* Improve error message and add documentation

* Update unit tests and add coverage for both local and remote collections that are unable to be located

* Only validate collections using the format collection_namespace.collection_name

Fix tests to reflect that

Fix documentation

* Fix a bug when a local collection does not contain a file

* pep8

* Fix formatting

Co-authored-by: Sandra McCann <samccann@redhat.com>
2020-02-14 08:57:04 -06:00
Jordan Borean
4881af2e7e
galaxy - Fix collection install dep resolver for bad versions (#67405)
* Also make sure version is a string and not an int/float
2020-02-13 17:23:17 -05:00
Mark Chappell
90898132e4
CloudRetry/AWSRetry : Disable catching of NotFound exceptions (#67281)
* CloudRetry/AWSRetry : Remove default catching of NotFound exceptions

* Add docs

* Changelog updates from review

* Update unit tests after removing 'NotFound' from default retries
2020-02-13 16:59:00 -05:00
Martin Krizek
a2c620819f
Remove a host from a play after meta: end_host (#66851)
* Remove a host from a play after meta: end_host

* Fix changelog
2020-02-13 15:35:00 -05:00
Mario Lenz
77c19daefa Fix creating IP specific firewall rules with Python 2 2020-02-13 12:32:42 -05:00
Jordan Borean
446a0c1b08
win_package - Refactor with msp, appx support (#66931)
* win_package - Refactor with msp, appx support

* Added msi test for ALLUSERS

* Added some msix tests, refactored tests

* Added remaining msix tests

* Enable msix sideloading for tests

* Added remaining exe path tests

* Added basic msp tests

* Remove url options now the util no longer has them

* Fix file version check for older Windows hosts

* Remove no_proxy ansible-test setting

* Use same mechanism of become to copy the file with explicit creds
2020-02-13 16:44:19 +10:00
tchernomax
53e043b5fe
combine filter: fine list handling (option b) (#57894) 2020-02-12 16:40:36 -05:00
Mark Chappell
8d574c3770
AnsibleAWSModule related cleanup - redshift (#66779)
* AnsibleAWSModule related cleanup - redshift

* Apply a backoff on modify_cluster to cope with concurrent operations

* Add AWS 'hacking' policy to allow creation of Redshift ServiceRole

* Adding the retry policies makes the redshift test suite more reliable
2020-02-12 11:17:18 -07:00
Felix Fontein
8ff62799c9
AnsibleModule.load_file_common_arguments: allow to override path (#61659)
* Allow to overwrite path in AnsibleModule.load_file_common_arguments

* Use path override.

* Add changelog.
2020-02-12 12:52:36 +01:00
petoju
8ac0bbcbf6
mysql_replication: add option to fail on error (#67322) 2020-02-12 12:18:51 +05:30
Felix Fontein
f6815040fd
add_file_common_arguments: fix defaults and tpyes, improve sanity checking (#67243)
* Make validate-modules stop ignore FILE_COMMON_ARGUMENTS.

* Add types to FILE_COMMON_ARGUMENTS and update document fragment to match it.

* Update ignore.txt.

* Add changelog.
2020-02-12 01:44:11 -05:00
Piotr Stawarski
a0247d13d8
New magic var: ansible_config_file (#66085)
* Add `ansible_config_file` magic variable

* Add ansible_config_file to INTERNAL_VARS

* Add changelog fragment

* Update Special Variables docs
2020-02-11 15:49:55 -05:00
Mario Lenz
808bf02588
Remove options from some vmware modules that are not used in the code (#67282) 2020-02-11 12:30:22 +01:00
Nilashish Chakraborty
88f0c85228
Remove deprecated attributes from nxos_igmp_interface (#67186)
Signed-off-by: NilashishC <nilashishchakraborty8@gmail.com>
2020-02-11 12:27:07 +01:00
Sam Doran
8f296a6533
ansible-test - add constraint for virtualenv (#67289)
* ansible-test - add constraint for virtualenv

* Limit virtualenv only on macOS.

Co-authored-by: Matt Clay <matt@mystile.com>
2020-02-10 16:29:47 -08:00
ksagle77
b9d22b901d
Allow default network mode, as required for windows containers. (#59597)
* Allow default network option for network_mode, required for windows containers.

* Add change fragment and param description

* Update changelogs/fragments/59597-ecs-allow_default_network_mode.yml

Co-Authored-By: Mark Chappell <mchappel@redhat.com>

* Update lib/ansible/modules/cloud/amazon/ecs_taskdefinition.py

Co-Authored-By: Mark Chappell <mchappel@redhat.com>

* Correct descriptions. Remove whitespaces.

* Remove empty line.

* Add single space after comma

* Update lib/ansible/modules/cloud/amazon/ecs_taskdefinition.py

Co-Authored-By: Mark Chappell <mchappel@redhat.com>

* Update lib/ansible/modules/cloud/amazon/ecs_taskdefinition.py

Co-Authored-By: Mark Chappell <mchappel@redhat.com>

* Update lib/ansible/modules/cloud/amazon/ecs_taskdefinition.py

Co-Authored-By: Mark Chappell <mchappel@redhat.com>

Co-authored-by: kevinsagle <44478308+kevinsagle@users.noreply.github.com>
Co-authored-by: Mark Chappell <mchappel@redhat.com>
2020-02-10 11:01:13 -07:00
Stefan Horning
fa8c07a33c
Revert "Make cloudfront_info work with Python3 … (#66695)" (#67085)
This reverts commit aad286b403.
2020-02-10 10:22:00 -05:00
Sloane Hertel
4719072c49
Fix describing transit gateways with backoff in ec2_transit_gateway (#67247)
* Fix ec2_transit_gateway retries. AWSRetry must be used within ClientError handling to have any effect

* changelog
2020-02-08 21:48:11 +01:00
Felix Fontein
f725dce936
Clean up FILE_COMMON_ARGUMENTS (#66389)
* Clean up FILE_COMMON_ARGUMENTS.

* postgresql_pg_hba doesn't declare the backup option.

* uri doesn't declare the remote_src option.

* Add documentation.

* maven_artifact seems to use directory_mode, which it doesn't declare.

* Update changelogs/fragments/66389-file-common-arguments.yml
Update docs/docsite/rst/porting_guides/porting_guide_2.10.rst

ci_complete

Co-Authored-By: Jill R <4121322+jillr@users.noreply.github.com>
2020-02-07 18:56:01 -05:00
Gonéri Le Bouder
802cc60242 vmware_guest_tools_wait: add timeout parameter
Add a new `timeout` parameter to `vmware_guest_tools_wait`.

Also, a functional test to cover the module.
2020-02-07 17:48:29 -05:00
Allen Smith
fd8eb77cc3
pmrun - quote success command (#66929)
* Recreate the older behavior where the entire success command was quoted

* Use shlex_quote for a correct fix of this

* Add changelog fragment
2020-02-07 12:15:55 -05:00
Todd Lewis
640bf31f87
user - allow 'groups', 'append' with 'local' (#62134) 2020-02-06 12:32:44 -05:00
Andrew Klychkov
637eed5a5c
postgresql modules: fix sanity issues (#67046)
* postgresql modules: fix sanity issues

* add changelog

* fix changelog
2020-02-06 16:05:42 +01:00
Matt Clay
5e68bb3d93
Add code coverage target analysis to ansible-test. (#67141)
* Refactor coverage file enumeration.
* Relocate sanitize_filename function.
* Support sets when writing JSON files.
* Generalize setting of info_stderr mode.
* Split out coverage path checking.
* Split out collection regex logic.
* Improve sanitize_filename type hints and docs.
* Clean up coverage erase command.
* Fix docs and type hints for initialize_coverage.
* Update type hints on CoverageConfig.
* Split out logic for finding modules.
* Split out arc enumeration.
* Split out powershell coverage enumeration.
* Raise verbosity level of empty coverage warnings.
* Add code coverage target analysis to ansible-test.
2020-02-05 22:16:15 -08:00
James Cassell
b868f1c933
fix systemd use in container builds (#66062)
* systemd: unify "systemctl show" failure cases

* systemd: is-enabled to detect configured state

* systemd: is-enabled to detect masked status
2020-02-05 15:14:57 -05:00
Lihu Ben-Ezri-Ravin
48505af9d2
Remove filtering from edgeos_config module (#63362)
The edgeos_config module had a list of commands to filter out to avoid
load failures. This list had a single regular expression which caught
commands that attempted to set pre-encrypted passwords. This behavior is
undesirable for a few reasons.

* It's poorly documented. The documentation makes cryptic mention of a
  return value that some commands might be filtered out, but offers no
  explanation as to what they are or why.

* It's hard-coded. There's no way for the user to change or disable this
  functionality, rendering the commands caught by that expression
  completely unusable with the edgeos_config module.

* The obvious workaround is unsafe. The filter catches passwords that
  are already encrypted, but is perfectly fine letting the user set
  plain-text passwords. EdgeOS will encrypt them upon commit, but this
  module encourages unsafe handling of secrets up to that point.

* It's a security vulnerability if the user doesn't know about this
  behavior. While the module will warn if commands are filtered, the
  user won't know what got filtered out until after the fact, and may
  easily miss that warning if they are not vigilant. For something as
  sensitive as setting a password, it's not hard to imagine naive use of
  this module resulting in incorrect credentials being deployed.

* It provides no discernible benefit. Using the module without filtering
  does not result in load failures. If those commands are indeed harmful
  for some reason on (old?) versions of EdgeOS, it should be incumbent
  upon the user to be scrupulous in what commands they issue, rather
  than the module maintaining a blacklist of possible ways the user
  might misuse their own system.
2020-02-05 14:57:55 -05:00
Jørgen Lien Sellæg
43f93d275c
openssl_certificate: Selecting which acme directory to use to get certificate (#67109)
* "openssl_certificate - Add option for changing which ACME directory to use with acme-tiny. Set the default ACME directory to Let's Encrypt instead of using acme-tiny's default. (acme-tiny also uses Let's Encrypt at the time being, so no action should neccessary.)"
  * "openssl_certificate - Change the required version of acme-tiny to >= 4.0.0"
2020-02-05 14:10:27 -05:00
Ruediger Pluem
80c4b86abe
group - correctly determine if a local group exists. (#59772)
Fixes #58619
Add integration test
2020-02-05 12:34:41 -05:00