Commit graph

435 commits

Author SHA1 Message Date
Monty Taylor
0f893027c4 Add a module_utils OpenStack Cloud constructor (#20974)
Start using this to construct shade OpenStack Cloud objects in a
consistent manner. This will let us centralize things like dealing with
password arguments and whatnot. It also allows us to introduce the
ability to pass a fully formed config dict directly to the module.

Migrate all OpenStack modules to use openstack_cloud_from_module.

Have it return the shade library since it's responsible for
importing shade and shade is needed for the exceptions.

Only pull specific OpenStack arguments for the constructor

Rather than passing **module.params to the shade constructor, pull out
only the values that make sense. This should prevent the issues with
module parameters stepping on shade parameters.

Replace module.params.pop with module.params.get

We don't need to pop these anymore since the shade constructor is now
using opt-in values.

Using real urls is ungood. Use example.com domains. Also, get rid of the
antiquated port numbers.
2018-02-15 15:20:49 +01:00
ABond
2940b9d5bb Removed sort from json dump since response is a mix of strings and integers (#34217) 2018-02-10 07:52:10 +05:30
Simon Wydooghe
c119f6e642 Add 'digital_ocean' as group (#21631) 2018-02-10 07:48:03 +05:30
Paul B
ccdc93ab59 contrib(inventory): fix Scaleway inventory used w/env variable token (#35701)
In order to authenticate with the Scaleway API for the contrib dynamic
inventory Scaleway the environment variable SCALEWAY_TOKEN was read
only if a value was set in the configuration .ini file.

This PR fixes that allowing to read only the environment variable
without needing to set a token in the configuration file.

Closes #35693
2018-02-05 08:32:49 +00:00
Richard Bywater
7dbcf752c8 Add ability to select to prefer IPv4 addresses for ansible_ssh_host (#35584)
Currently Cloudforms can return a mix of IPv4 and IPv6 addresses in the
ipaddresses field and this mix comes in a "random" order (that is the
first entry may be IPv4 sometimes but IPv6 other times). If you wish to
always use IPv4 for the ansible_ssh_host value then this is problematic.

This change adds a new prefer_ipv4 flag which will look for the first
IPv4 address in the ipaddresses list and uses that instead of just the
first entry.
2018-02-01 10:33:51 -05:00
Clement Trebuchet
862c439223 Contrib infoblox exattrs Fixes #35409 (#35410)
* *FIX: re-create the exattrs dict into the hostvars[name] dict

* *FIX: remove unwanted files

* Fixes #35409: put an str instead of variable
2018-01-31 09:17:34 -05:00
Peter Sprygada
c2d3b9cbd5
refactors nios api shared code to handle provider better (#35393)
* refactors nios api shared code to handle provider better

This change refactors the shared code to be easily shared between
modules, plugins and dynamic inventory scripts.  All parts now implement
the provider arguments uniformly.

This also provides a centralized fix to suppress urllib3 warnings coming
from the requests library implemented by infoblox_client

* fix up pep8 errors

* fix missing var name
2018-01-27 08:03:06 -05:00
Peter Sprygada
3f556f2e37
adds infoblox dynamic inventory script (#35328)
* adds infoblox dynamic inventory script

* fix up issues from sanity testing

* fix pep8 issues
2018-01-25 14:29:11 -05:00
Jonathan McCall
cdf8f29e70 Add hash making inventory caches unique to inventory script ran (#34742) 2018-01-23 13:10:22 -05:00
Sam Edwards
a1639abd71 Fix Digital Ocean inventory script pagination handling (#35153) 2018-01-23 19:29:50 +05:30
Kristóf Havasi
1c22d82c5e consul_io: fixed service availability check (#34293)
service is only up if the node publishing it is also available
2018-01-19 16:33:52 -05:00
Fabrice Flore-Thébault
5b52bfad6d azure_rm inventory should add "ansible_connection: winrm" in host_vars for windows hosts - fixes #34689 (#34691)
* fix for https://github.com/ansible/ansible/issues/34689
azure_rm inventory should add "ansible_connection: winrm" in host_vars for windows hosts

* add ansible_connection: winrm - fix for https://github.com/ansible/ansible/issues/34689
2018-01-18 05:49:50 +10:00
Richard Bywater
a7e27b74c9 Add ability to append suffix to host names for Cloudforms Inventory (#33565)
* Add ability to append suffix to host names for Cloudforms Inventory

Allows for use of a suffix that will be appended to host names returned
from Cloudforms API if that suffix is not present.

For example with a suffix of 'example.org', the following results
would be shown for a particular Cloudforms host name:
someexample -> someexample.example.org
someexample.example.org -> someexample.example.org

The main use-case for this is when Cloudforms has short names rather
than FQDN and there is a desire to to use the FQDN as the name.

* Add example line into Cloudforms INI file

* Clarify that leading fullstop needed

* Add validation to ensure leading fullstop for suffix
2018-01-17 06:36:17 -08:00
Abhijeet Kasurde
191b934dbd
freeipa: support for host vars (#34535)
Adds method to return host vars related to FreeIPA hostname.

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2018-01-15 13:57:30 +05:30
Danilo Riecken P. de Morais
5540e2f8a9 cloudstack: inventory: Added feature list by tag (#31319) 2018-01-14 20:42:31 +01:00
Paul B
9302e8d2a4 contrib(inventory): adds a dynamic inventory for Scaleway cloud (#30313)
provider

Provides a dynamic inventory plugin for Scaleway cloud provider with
the following features:

- Configurable scaleway.ini file
- Cache API responses
- Choose public or private IPs
- Create groups per Scaleway 'tags'
- Create groups per Scaleway regions
2018-01-13 14:55:05 +00:00
Matt Clay
797664d9cb Python 2.6 str.format() compatibility fixes. 2018-01-10 14:08:11 -08:00
Fedele Mantuano
70fd5d4caf More stable explicit file close. (#34303) 2018-01-02 10:03:44 -06:00
Abhijeet Kasurde
0eb2644c1c Fix redeclaration of get_host_info function (#33608)
This fix redeclaration of get_host_info method in linode
inventory.

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2018-01-02 10:24:53 -05:00
Kristóf Havasi
a05ed65295 consul_io.py: typo fixed in docs (#34292) 2017-12-30 03:08:28 +01:00
Kristóf Havasi
6ba6c7e67c contrib/inventory/consul_io: typo fixed in documentation (#34291) 2017-12-29 16:49:37 +05:30
Robert "Bo" Davis
b5c0141fb0 Use hostname in group_by_aws_account to prevent duplicates. (#34053)
Fix typo. The use of `dest` for group_by_aws_account causes the group to be produced using IP and to duplicate the hosts in the inventory.

Fixes #23772

Signed-off-by: bo <robert@jbanetwork.com>
2017-12-19 17:04:46 -05:00
Ryan Groten
b34d150bec Use hostgroup_find(all=True) returns member hosts of all hostgroups in a single call (#29106) 2017-12-18 12:28:19 -05:00
Abhijeet Kasurde
36f82ae8cc Replace exit() with sys.exit()
This fix adds replacement for exit() to sys.exit(), as
exit() is not recommended way to exit from the program.

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2017-12-14 22:03:08 -05:00
Giovanni Sciortino
ff923fb6b0 Add scan_new_hosts feature in ansible foreman inventory (#33743) 2017-12-14 15:10:42 -05:00
pymag09
92c5b758f8 Improve consul_io.py execution speed (#33737)
* Improve execution speed

* fix missing whitespace
2017-12-13 13:33:28 +00:00
Abhijeet Kasurde
ebd6db7a1c
Digital Ocean Inventory refactor (#29176)
* Remove 'dopy' dependency
* Update documentation
* Incorporate BondAnthony's IP address related code
* Incorporate andrewsomething's Pagination code
* Add Tags support

Fixes: #15752

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2017-12-09 11:27:18 +05:30
Ryan MacLean
d7ca068c3f [cloud] Typo fixes for ec2 dynamic inventory (#32957) 2017-11-30 09:58:30 -05:00
Abhijeet Kasurde
449a0f33e1
Fix ConfigParser.set error in vmware_inventory (#31643)
Fix adds default 'vmware' section in configuration,
when this section is not found.

Fixes: #31549

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2017-11-28 22:52:59 +05:30
Matt Clay
e45c763b64 Fix invalid string escape sequences. 2017-11-21 10:03:34 -08:00
Abhijeet Kasurde
d372cea2f8
VMware: change default host_filter to gueststate (#32839)
This fix changes default value of host_filter in vmware_inventory.py
and vmware_inventory.ini to 'runtime.powerstate' from 'guest.gueststate'.
This change is added as 'guest.gueststate' requires vmware tools to be
installed on given VM, which may not be the case everytime.

Fixes: #25086

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2017-11-21 04:32:18 +00:00
gamuniz
10866bfb8b Exception handling in vmware_inventory for vcsim (#32700)
* vmware_inventory changes to support vcsim
* updated debug message per maintainer request
2017-11-12 21:29:25 -05:00
Kenny Woodson
c4af03118b Add support for tags and instance attributes for destination variable for the ec2 dynamic inventory. (#29033) 2017-10-24 16:09:59 -04:00
Ondra Machacek
a7df2322e4 ovirt: Add env variables to dynamic inventory (#31821)
This patch add new environment variables to oVirt dynamic inventory
to be consistent with all other oVirt modules:

 OVIRT_URL
 OVIRT_USERNAME
 OVIRT_CAFILE
 OVIRT_PASSWORD

Those variables are used as fallback if user don't specify a ini file,
with appropriate variables there.
2017-10-18 11:26:03 +01:00
Adrian Likins
297dfb1d50 Vault secrets script client inc new 'keyring' client (#27669)
This adds a new type of vault-password script  (a 'client') that takes advantage of and enhances the 
multiple vault password support.

If a vault password script basename ends with the name '-client', consider it a vault password script client. 

A vault password script 'client' just means that the script will take a '--vault-id' command line arg.

The previous vault password script (as invoked by --vault-password-file pointing to an executable) takes
no args and returns the password on stdout. But it doesnt know anything about --vault-id or multiple vault
passwords.

The new 'protocol' of the vault password script takes a cli arg ('--vault-id') so that it can lookup that specific
vault-id and return it's password.

Since existing vault password scripts don't know the new 'protocol', a way to distinguish password scripts
that do understand the protocol was needed.  The convention now is to consider password scripts that are
named like 'something-client.py' (and executable) to be vault password client scripts.

The new client scripts get invoked with the '--vault-id' they were requested for. An example:

     ansible-playbook --vault-id my_vault_id@contrib/vault/vault-keyring-client.py some_playbook.yml

That will cause the 'contrib/vault/vault-keyring-client.py' script to be invoked as:

     contrib/vault/vault-keyring-client.py --vault-id my_vault_id

The previous vault-keyring.py password script was extended to become vault-keyring-client.py. It uses
the python 'keyring' module to request secrets from various backends. The plain 'vault-keyring.py' script
would determine which key id and keyring name to use based on values that had to be set in ansible.cfg.
So it was also limited to one keyring name.

The new vault-keyring-client.py will request the secret for the vault id provided via the '--vault-id' option.
The script can be used without config and can be used for multiple keyring ids (and keyrings).

On success, a vault password client script will print the password to stdout and exit with a return code of 0.
If the 'client' script can't find a secret for the --vault-id, the script will exit with return code of 2 and print an error to stderr.
2017-10-13 15:23:08 -04:00
Matt Martz
e2f16cfaf7 Port vault-keyring.py to properly load the config. Fixes #31304 (#31315) 2017-10-13 13:46:24 -04:00
François Scala
aade5234a9 Fix urlparse import for Python3 (#31240)
* Fix urlparse import for Python3 in

* contrib/inventory/consul_io.py
* contrib/inventory/rudder.py
* contrib/inventory/windows_azure.py
* lib/ansible/module_utils/known_hosts.py
* lib/ansible/modules/cloud/centurylink/clc_firewall_policy.py
* lib/ansible/modules/cloud/docker/_docker.py
* lib/ansible/modules/cloud/ovirt/ovirt_disk.py
* lib/ansible/plugins/action/ce_template.py
2017-10-09 20:18:09 -07:00
Thomas Stringer
cb01f33d1e refactor azure dynamic inventory script configparser import to support python3 (#31370)
* refactor configparser import to support python3

* change ModuleNotFoundError to ImportError
2017-10-05 11:49:35 -07:00
Avner Cohen
d313c2d5e9 [cloud] RDS config should be getboolean, as per ec2.ini instructions (#31168) 2017-10-02 15:08:31 -04:00
Jiri Tyr
d35ef1fc21 [cloud][contrib] Set missing default values for EC2 inventory (#28375)
* Set missing default values for EC2 inventory

* Make it run even with no ec2.ini file

* Fixing INI file reading

* Refactor how defaults are handeled

Define defaults in a dictionary and use .get rather than if statements with has_option

* Removing double keys and fixing logic for instance_filter

* Removing one more doubled key
2017-09-29 10:48:48 -04:00
jctanner
219a6a67f1 Add a select_chain_match filter to vmware_inventory (#28778) 2017-09-27 19:06:01 -04:00
Martin Krizek
d804ac6f4b Implement AND'd filters in ec2.py/ini (#30272)
* Implement AND'd filters in ec2.py/ini

remove debug print

* Adjusting code to changed filters' data structure
2017-09-21 12:06:56 -04:00
Matt Clay
7714dcd04e Enable more pylint rules and fix reported issues. (#30539)
* Enable pylint unreachable test.
* Enable pylint suppressed-message test.
* Enable pylint redundant-unittest-assert test.
* Enable pylint bad-open-mode test.
* Enable pylint signature-differs test.
* Enable pylint unnecessary-pass test.
* Enable pylint unnecessary-lambda test.
* Enable pylint raising-bad-type test.
* Enable pylint logging-not-lazy test.
* Enable pylint logging-format-interpolation test.
* Enable pylint useless-else-on-loop test.
2017-09-18 23:20:32 -07:00
jchristi
9d5671db76 Allow filtering RDS instances by tags in the ec2 dynamic inventory script (#24423)
* Allow filtering RDS instances by tags in the ec2.py dynamic inventory script

* PEP8 fix

* Fix no-bastring code smell

* Simplify logic in ec2.py RDS filtering by tag
2017-09-14 10:58:16 -04:00
Matt Clay
442af3744e Miscellaneous pylint fixes.
The following rules are no longer disabled:

- bad-format-string
- duplicate-key
- lost-exception
- trailing-newlines
- unexpected-keyword-arg
- useless-suppression
- using-constant-test
2017-09-13 01:53:08 -07:00
Matt Clay
68aeaa58a8 Fix dangerous default args. (#29839) 2017-09-12 00:11:13 -07:00
Will Thames
f9a179f770 Handle missing docker-py better (#27540)
* Update docker inventory to use APIClient

docker-py has been updated, and the `Client` class no longer
exists. We use the new `APIClient` class.

To provide graceful failure when docker-py is not installed,
we need to create a dummy `Client` class so that the inventory
script will get as far as displaying a useful error message

Before

```
$ contrib/inventory/docker.py --pretty
Traceback (most recent call last):
  File "contrib/inventory/docker.py", line 418, in <module>
    class AnsibleDockerClient(Client):
NameError: name 'Client' is not defined
```

After

```
$ contrib/inventory/docker.py --pretty
Failed to import docker-py. Try `pip install docker-py` - cannot import name Client
```

* docker inventory configuration file location

Allow docker.yml to live next to docker.py, as well as in the
current directory
2017-09-10 19:06:57 -07:00
Matt Davis
12700f61e7 fixed incorrect endpoint selection in azure_rm.py 2017-09-01 11:49:56 -07:00
Maciej Lasyk
5c0b94217e Added handling optional GCE_CREDENTIALS_FILE_PATH (#25526)
Ansible documentation states that env variable based authentication bases on variable GCE_CREDENTIALS_FILE_PATH while gce.py reads only GCE_PEM_FILE_PATH (see https://docs.ansible.com/ansible/guide_gce.html). This commit adds GCE_CREDENTIALS_FILE_PATH to the configuration chain; if set it will be used.
2017-08-30 14:46:45 -04:00
Matt Davis
b3f2d1befe expose cloud_environment override in azure_rm modules (#28743)
* Can be set via env, credential profile, or module arg
* Valid values defined by Azure Python SDK, currently `AzureCloud`,`AzureChinaCloud`,`AzureUSGovernment`,`AzureGermanCloud` or any Azure Stack metadata discovery URL.
2017-08-29 13:35:24 -04:00
Alejandro Bednarik
9aa5e0cc3e Add GPL License header to freeipa inventory file. (#24353)
* Add GPl License header to freeipa incentory file.

* Short GPL license
2017-08-29 11:38:33 -04:00
furhouse
af9396841e zabbix_inventory PEP8 compliance. (#28680) 2017-08-28 20:12:32 +02:00
jctanner
443b25d72a Fixup the property collection for dictionaries vs. objects (#28609)
* Fixup the property collection for dictionaries vs. objects

* Remove debug lines

* Do not attempt to sort because it's a waste

* Remove unused code

* Remove extra code

* Capture lowercase keys
2017-08-25 09:53:01 -04:00
jctanner
65feaa11b2 Fix valueerror in vmware_inventory.py (#28597) 2017-08-24 10:04:52 -04:00
David Kretch
beed59f303 Fix trailing space in ec2_vol example, fix 'the the' typos (#28440)
* Fix 'the the' typos, fix 'pahting' filename typo

* Change 'the the' typos to a single 'the'.
* Change `playbook_pahting.rst` to `playbook_pathing.rst`.

* Delete trailing space in ec2_vol example

Delete the trailing space in `instance: "{{ item.id }} "`, which makes the
example fail when run because it looks for instance "i-xxxx ".
2017-08-19 23:00:51 +02:00
Abhijeet Kasurde
c876f4f3cf Make FreeIPA inventory work (#25354)
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2017-08-18 15:46:43 -04:00
Andrea Tartaglia
fd01a9bb99 Added GPL header to vmware_inventory.py (#24443) 2017-08-18 15:23:45 -04:00
Michael Overmeyer
930d5d88b7 Fix #24546 (#24562) 2017-08-18 15:16:06 -04:00
Sam Doran
f35975f114 PEP8 fixes 2017-08-18 01:10:25 -04:00
Peter Hoffmann
6c9cb05cfd Use tenant in UserPassCredentials if set.
If you have multiple Tenants you need to set the tenant in https://github.com/Azure/msrestazure-for-python/blob/master/msrestazure/azure_active_directory.py otherwise the azure_rm.py call will fail.
2017-08-18 01:10:25 -04:00
Achraf Cherti
e45d5b7e8e Compatibility of gce.py (Google Cloud Ansible inventory) with Python 3 (#26032)
* Compatibility of gce.py (inventory) with Python 3

* Revert './secrets.py' file check (will import 'secrets' from PYTHONPATH)

Instead of checking if secrets.py exists in the current directory, this
commit will make gce import 'secrets' from one of PYTHONPATH's paths.

There are 2 possibilities:
1. secrets.py will be used if secrets.GCE_PARAMS and
secrets.GCE_KEYWORD_PARAMS are declared.

2. secrets.py will be ignored if secrets.GCE_PARAMS and
secrets.GCE_KEYWORD_PARAMS aren't declared. This could happen in Python
>=3.6 where a module named 'secrets' could be imported if a custom
secrets.py doesn't exist in PYTHONPATH.
Check out https://www.python.org/dev/peps/pep-0506/ and
https://docs.python.org/3/library/secrets.html for more information.
2017-08-18 00:27:03 -04:00
James Portman
950e4b6505 Added checks for machine.os_profile is not None before trying to access child attributes (#22906) 2017-08-15 10:59:41 -07:00
Alvaro Aleman
bb9c6694a7 Allow the Openstack dynamic inventory to discover ansible_user (#17944) 2017-08-11 18:00:59 +02:00
Gerard Lynch
d9d983160d support OS_CLOUD in openstack dynamic inventory
allow a user to limit to a single cloud in clouds.yaml, and support
per-cloud caching.
2017-08-10 12:43:16 -07:00
Alvaro Aleman
fe5e1a4bc4 OS dynamic inventory: respect OS_CLOUD env var 2017-08-10 12:43:16 -07:00
Do Hoang Khiem
3b12a85750 Add node private & public ips to gce groups (#12539) 2017-08-09 12:45:00 -06:00
Sebastian Cruz
223f94ec56 Fix missing option in #27848 (#27892) 2017-08-09 08:41:12 -04:00
Sebastian Cruz
ce5e4dfc38 Add option to group ec2 instances by platform. (#27848)
All credits to https://github.com/felipecvo

See PR: https://github.com/ansible/ansible/pull/14246
2017-08-07 12:45:04 -06:00
Eric L
1fe14da226 Add possibility to interpret global parameters value as JSON with rich_params flag (#26180) 2017-08-07 12:41:41 -06:00
Adam Johnson
3f85aa3abd Use a real list comprehension rather than list() around a generator (#25594)
It's faster and more idiomatic.
2017-08-07 12:30:01 -06:00
Tian You
9364fa202f [cloud] Group RDS instances by tag keys in ec2 dynamic inventory (#24763) 2017-08-04 14:38:04 -04:00
jctanner
3b20585ada Fix 23417 (#27770)
* Expose user_metadat to ansible

* Fixed exception when no userData
2017-08-04 13:28:40 -04:00
Will Weber
bfbdb3f3f0 assumption made that dopy only dep in dopy (#27536) 2017-08-03 13:44:07 -07:00
Nick Ball
edf31f56af Linode inventory improvements: Add _meta/hostvars to inventory output. Add a 'linode' host group with all the hosts (#19329) 2017-08-02 13:26:30 -04:00
Toshio Kuratomi
225fa5d092 Fix undefined variables, basestring usage, and some associated python3 issues 2017-07-25 15:58:23 -07:00
Brian Coca
8f8e53acbe updated readme with vault and 2.4 inv plugins (#26361)
* updated readme with vault and 2.4 inv plugins

* fixed as per feedback

* Edits

Need clarification for lines 10 and 11.
2017-07-24 16:37:59 -04:00
Toshio Kuratomi
edccfd5908 Fix undefined variable in libcloud dyn inv script
References #27193
2017-07-23 12:01:57 -07:00
Greg Dahlman
1d8854b045 Python 3 fix for consul_io inventory (#26510)
* Python 3 fix for consul_io inventory

* Remove configparser CamelCase try statement

* revert to python2.6 compatible try;except

* Fix pip8 error E302
2017-07-20 10:35:17 -07:00
Tomáš Karásek
a5c41dcd49 Add grouping by hostname for the Packet inventory (#21069)
* Add grouping by hostname for the Packet inventory

* remove space after eol
2017-07-18 09:31:42 -04:00
Abhijeet Kasurde
f7c8e7bdab Update vmware_inventory (#26308)
Fix adds
* Exception handling
* Unit tests

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2017-07-18 07:20:23 -04:00
Josh Smift
290d84f904 Update ansible_ssh_host->ansible_host in ec2.py dynamic inventory (#17113) 2017-07-17 15:30:11 -04:00
Toshio Kuratomi
ff22528b07 Consolidate boolean/mk_boolean conversion functions into a single location
Consolidate the module_utils, constants, and config functions that
convert values into booleans into a single function in module_utils.

Port code to use the module_utils.validate.convert_bool.boolean function
isntead of mk_boolean.
2017-07-17 11:48:05 -07:00
Alejandro Bednarik
2420bca0b5 Add GPl License header to rackhd inventory file. (#24354) 2017-07-10 08:09:29 +01:00
Ryan S. Brown
7cee903118 [cluster] Name Consul dynamic inventory config consistently w/ the script 2017-07-05 11:24:21 -04:00
Brian Coca
365f3dc9d9 switched to elif 2017-07-05 11:02:47 -04:00
Lorin Hochstein
b17da1fae9 ec2.py: Better error messages for OptInRequired
Improve error messages for RDS and ElastiCache failures for code OptInRequired.
2017-07-05 11:02:10 -04:00
Matt Clay
2e85272cd5 PEP 8 fixes. 2017-06-28 09:41:03 -07:00
Ronny
955f8923e7 Update dynamic inventory zabbix.py (#19862)
Added _meta to improve the speed when using this dynamic inventory file
2017-06-28 11:48:27 -04:00
Toshio Kuratomi
e238ae999b Cyptography pr 20566 rebase (#25560)
Make pyca/cryptography the preferred backend for cryptographic needs (mainly vault) falling back to pycrypto

pyca/cryptography is already implicitly a dependency in many cases
through paramiko (2.0+) as well as the new openssl_publickey module,
which requires pyOpenSSL 16.0+. Additionally, pyca/cryptography is
an optional dep for better performance with vault already.

This commit leverages cryptography's padding, constant time comparisons,
and CBC/CTR modes to reduce the amount of code ansible needs to
maintain.

* Handle wrong password given for VaultAES format

* Do not display deprecation warning for cryptography on python-2.6

* Namespace all of the pycrypto imports and always import them

  Makes unittests better and the code less likely to get stupid mistakes
  (like using HMAC from cryptogrpahy when the one from pycrypto is needed)

* Add back in atfork since we need pycrypto to reinitialize its RNG just in case we're being used with old paramiko

* contrib/inventory/gce: Remove spurious require on pycrypto

(cherry picked from commit 9e16b9db275263b3ea8d1b124966fdebfc9ab271)

* Add cryptography to ec2_win_password module requirements
  * Fix python3 bug which would pass text strings to a function which
    requires byte strings.

* Attempt to add pycrypto version to setup deps

* Change hacking README for dual pycrypto/cryptography

* update dependencies for various CI scripts

* additional CI dockerfile/script updates

* add paramiko to the windows and sanity requirement set

  This is needed because ansible lists it as a requirement. Previously
  the missing dep wasn't enforced, but cryptography imports pkg_resources
  so you can't ignore a requirement any more

* Add integration test cases for old vault and for wrong passwords

* helper script for manual testing of pycrypto/cryptography

* Skip the pycrypto tests so that users without it installed can still run the unittests

* Run unittests for vault with both cryptography and pycrypto backend
2017-06-27 06:00:15 -07:00
loqutus
8edcef7a84 fix comment in inventory/digital_ocean.py (#25828) 2017-06-18 10:51:42 +02:00
Abhijeet Kasurde
b89cb95609 Fix spelling mistakes (comments only) (#25564)
Original Author : klemens <ka7@github.com>

Taking over previous PR as per
https://github.com/ansible/ansible/pull/23644#issuecomment-307334525

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2017-06-12 07:55:19 +01:00
Carsten Clasohm
cd31f4a102 foreman.py: create Ansible groups from Satellite 6 host collections (#25269)
* create Ansible groups from host collections

* fix paging logic in _get_json

* replace Satellite with Foreman

* improve comment for environment variables

* enable host collections by default

* use requests params instead of urllib.quote_plus

* disable host collections by default

* change organization filter

* clean up load_cache methods

* remove usage of function defaults

* replace environment variables with host_filters
2017-06-09 17:10:55 -07:00
James Elford
bc9dbf38b0 python 3 compatibility: import guard around ConfigParser
In python3 `ConfigParser` has become `configparser`. Added
an import guard that aliases it back to the old name.
2017-06-03 13:56:10 -07:00
Eric L
eb53f3c129 Fix inventory script for Foreman where group by pattern are not prope… (#25173)
* Fix inventory script for Foreman where group by pattern are not properly safe-guarded.

* Fix pep8 error about tab mixed with blanks.
2017-05-31 16:35:28 -04:00
Sloane Hertel
e67cdd448e [cloud] EC2 dynamic inventory default filename is documented as ec2.ini - fixes #24396 (#24515)
* the default filename is ec2.ini

(to override that use the env var EC2_INI_PATH)

* allow fallback to ec2.ini
2017-05-31 14:59:55 -04:00
Dag Wieers
758cfeb73e contrib: PEP8 compliancy (#24680)
- Make PEP8 compliant
2017-05-30 21:08:09 +01:00
Abhijeet Kasurde
3a82246d82 Misc typo fix in fleet inventory (#25174)
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2017-05-30 13:31:35 -04:00
Michael
b65ebf3519 Fixed import of urlencode and pathname2url from urllib for python3 (#24424) 2017-05-19 12:22:16 -05:00
Jorge Quintás
d3c94e82a5 take into account if cache file exists when loading data from digitalocean even with --force-cache 2017-05-17 10:45:54 -04:00
Matt Martz
d3249e7875 pep8 fixes for contrib (#24344) 2017-05-09 16:38:08 -05:00