* Add network resource modules utils function
* `FactsBase` parent class to handle
facts gathering
* `ConfigBase` parent class for resource
module config handling
* utils funtions for resource modules
* Fix review comments
* Fix CI issues and review comments
* Fix review comments
* Fix CI issues and minor updates
* Get the most detailed version number from distro.version() for CentOS and Debian
* Update tests and fixtures
* Update fixture generation script to gather distro info and work with Python 3
* Update LinuxMint fixtures
* Cleanup fixture formatting
* Improvements based on feedback from abadger:
- use unicode since that is what distro returns
- use frozenset with a tuple
- include link Debian to bug
* Update the regular expression to match the more accurate
* Update the regular expression to match the more accurate
* Update the regular expression to match the more accurate
* add a util function to ce.
* add a util function to ce.
* update to fix bugs for ce_static_route
* update to fix bugs for ce_static_route
* update to fix bugs for ce_static_route
* update
* update for shippable.
* New & fixed examples for aws_ssm lookup
* Apply suggestions from code review
Co-Authored-By: Sloane Hertel <shertel@redhat.com>
* Clarify example name
* Fix onepassword lookup plugin crashing on fields with no 'name' or 't' property.
* Fix onepassword_facts module crashing on fields with no 'name' or 't' property.
* Add unit test for onepassword lookup plugin failing on entries without a name.
* Add changelog fragment for onepassword lookup plugin and onepassword_facts module fixes on fields without a name.
* nxos_vpc: pkl_vrf fixes for #57069Fixes#57069
- Symptom: When playbooks specify `pkl_vrf: default`, the result is that the cli does not set the `vrf` state.
- Analysis:
- First issue: 'default' is a reserved word when used with the `peer-keepalive` `vrf` keyword. It refers to the default rib.
- This is confusing in several ways because `peer-keepalive`'s *default* vrf is the `management` vrf.
- Second issue: When changing only one optional value (`pkl_vrf`) while other optional values are idempotent (`pkl_src`), the result is that the idempotent values are ignored; unfortunately the device cli *replaces* the entire command, in which case the idempotent values are removed.
- e.g. playbook specifies this:
```
{ pkl_dest: 10.1.1.1, pkl_src: 10.2.2.2, pkl_vrf: my_vrf }
```
```
peer-keepalive dest 10.1.1.1 src 10.2.2.2 # original
peer-keepalive dest 10.1.1.1 src 10.2.2.2 vrf my_vrf # intended result
peer-keepalive dest 10.1.1.1 vrf my_vrf # actual result
```
- Third issue: the `pkl` getter was relying on positional data. This broke when the `udp` keyword nvgen'd where `vrf` used to appear (shifting all keywords to the right).
- Tested on regression platforms: `N3K,N6k,N7K,N9K,N3K-F,N9K-F`
* PEP fixes
* PEP fix 2
* pkl should merge by default, not override
* rmv debugs
* add mike's tests
* fix comments
* Fix notifying handlers by using an exact match rather than a string subset if listen is text rather than a list
* Enforce better type checking for listeners
* Share code for validating handler listeners
* Add test for handlers without names
* Add test for templating in handlers
* Add test for include_role
* Add a couple notes about 'listen' for handlers
* changelog
* Add a test for handlers without names
* Test templating in handlers
* changelog
* Add some tests for include_role
* Add a couple notes about 'listen' for handlers
* make more sense
* move local function into a class method
* Lookup secret id by name if not set
* Lookup config id by name if not set
* Add changelog fragment
* Remove usage of secret/config_id in examples
* Python 2.6 compat
* Extend secrets and configs tests
* new module uses modern ansible AWS standards
* adds additional tests for snapshots
* Update return_skeleton_generator for python3 - should
set type to `str`, not `string`.
Module tracebacks may be reported on stdout instead of stderr when
using some connection plugins. For example, the ssh connection plugin
will report tracebacks on stdout due to use of the -tt option.
This change results in tracebacks being recognized on both stdout
and stderr, instead of the previous behavior of just stderr.
ci_complete
* Encoding fixes to support py2 and py3 non-ascii paths
* Remove unused import
* endswith instead of comparing slice on bytes
* join bytes, convert to to_native after
Co-Authored-By: Toshio Kuratomi <a.badger@gmail.com>
* Fix review comments
* Add missing comma
* Encoding fixes to support py2 and py3 non-ascii paths
* Use ascii encoding on paths added to the archive also
* datadog_monitor: Fix docs with datatypes of params
Fixes: #58342
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* indentation and other minor fixes
* ncclient uses same timeout value at the time
of connection initialisation and waiting response
* Ansible has connect_timeout to control the waiting
time during initial connection and `command_timeout`
to control the wait time for resposne. Hence set the
ncclient timeout seperately to Ansible command_timeout
after the connection object is created sucessfully.
* Update documentation for aci_interface_policy_cdp
##### SUMMARY
Documentation only changes. Improved the examples and changed the `version_added` from 2.8 to 2.9.
* Update lib/ansible/modules/network/aci/aci_interface_policy_cdp.py
Co-Authored-By: Sandra McCann <samccann@redhat.com>
* Converted from mixed indentation to spaces
openvswitch_db was not parsing properly some arguments, which caused
some commands to be executed when they shouldn't. This commit fixesit
and adds unit testing for the usecase.
Closes-Bug: #55432
Closes-bug: #43858
When provided with a wrong password `rabbitmqctl
authenticate_user` returns a non-zero exit code
(65). This seems to be unexpected by the module and
it fails when `update_password` is set to 'always'.
To mitigate this behavior we augment the `_exec`
method by adding a `check_rc` flag (which defaults
to `True`, hence it's backward-compatible) and
override it when we need it (in `check_password`
method to address #56164).
* tower_role: ensure alias of validate_certs is handled
* tower modules: remove tower_verify_ssl alias too
Error was:
Failed to update role: The Tower server claims it was sent a bad request.
GET https://tower/api/v2/projects/22/object_roles/
Params: [('tower_verify_ssl', False), ('role_field', 'admin_role')]
Data: None
Response: {"detail": "Role has no field named 'tower_verify_ssl'"}
Full traceback:
File "/tmp/ansible_tower_role_payload_7_2p0X/__main__.py", line 145, in main
result = role.grant(**params)
File "/usr/local/lib/python2.7/dist-packages/tower_cli/resources/role.py", line 365, in grant
return self.role_write(fail_on_found=fail_on_found, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/tower_cli/resources/role.py", line 242, in role_write
fail_on_multiple_results=True, **data)
File "/usr/local/lib/python2.7/dist-packages/tower_cli/models/base.py", line 301, in read
r = client.get(url, params=params)
File "/usr/local/lib/python2.7/dist-packages/requests/sessions.py", line 546, in get
return self.request('GET', url, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/tower_cli/api.py", line 299, in request
kwargs.get('data', None), r.content.decode('utf8'))
* win_pagefile - Fix idempotency when same settings as current
* Fix tests and code
* Fix problem with system managed
* Fix again systemmanaged detection
* Change check of systemmanged in creation
* Fix readability and wrong flag for test
* Add back _contains_vars method as maybe_template. Fixes#58282
* Remove template guard in a few places
* maybe_template sounds like it might template something, rename to is_possibly_template
* Add tests for is_possibly_template
Fixes: #22034
This patch adds support for a tls_version parameter that allows the
TLS version used to be configurable. By default the module will let
the underlying system libraries pick the maximum supported version.
This parameter is useful for servers that are unable to support
newer versions of TLS
* openssh_keypair: bugfix make regenerating keypairs via force possible / add invalid file handling
* openssh_keypair: change permissions of read-only file instead of deleting it for regeneration; add changelog fragment
* address review feedbak, refactor
* add integration tests for bigfixes
* linter: fix indent
* fixup integration tests: use force when regenerating an invalid file
* linter: fix indent
* openssh_keypair: address review feedback
* openssh_keypair: fixup, remove backtick
* openssh_keypair: address review feedback
* Only pass 'y' into stdin of ssh-keygen when file exists.
Fixes#57985
* The check `USE_PERSISTENT_CONNECTION` flag is no longer
required in action plugin as the junos modules in galaxy are renamed
to start with `juniper_`.
* Allow multiple databases(not all) to be dumped from mysql
Fixes: #56059
* Altered fail message to provide atleast one database name
* Minor grammatical fix
* Fix failing SAN comparison for older cryptography versions due to not implemented __hashh__ functions.
* Fix SAN comparison: IPv6 addresses need to be normalized before comparing strings.
* Add changelog.
* Fix comment.
* Improve error for docker modules when docker-py can't be imported.
* Add changelog.
* Mention platform and Python interpreter in more cases.
* Clarify wording.
* Adjust tests.
* Adjust hostname classes based on output from distro
Corrects the following:
- OpenSUSE Leap
- ArchARM
- Oracle Linux
* Add CoreOS and Clear Linux distributions
* Implement display_ok_hosts and display_skipped_hosts like default callback
* Implement show_custom_stats and display_failed_stderr like default callback
* Fix pep8
* Clarify conditional
* Changelog fragment
* Import from defaults.py per feedback
* Improve type information in module documentation
- Removed some duplicate documentation
- Ensure org_id is always string
- Add type information for items which don't have it
* Fix whitespace
* Since new junos resource modules will
support only network_cli connection type
modify the transport check from network_cli
connection netconf as netconf only supported modules
is a fronzen set.
* Improve general error behavior if a Docker error is not caught.
* Don't die when network doesn't exist.
* Add changelog.
* Make API version always available. Also catch errors when retrieving version.
* Fix error message.
* Adjust fallback error messages.
The following options can be set on a workflow template but the
functionallity to do so from this module was missing.
inventory
ask_variables_on_launch
ask_inventory_on_launch
Fixes#49728
Signed-off-by: Alberto Murillo <albertomurillosilva@gmail.com>
This adds a rudimentary wait functionality for the os_zone module.
It will wait for:
* Zone not in OpenStack API when choosing `absent`
* Zone `status` being `AVAILABLE` in OpenStack when choosing `present`
* ssh: Ensure debug messages are properly converted to text. Fixes#57843
* surrogate_then_replace is default, be less explicit
* We only needed to_text for display, not exceptions
* Change expected config source
* make it conditional
* rename property
* Add changelog fragment
* make it string
* Update changelogs/fragments/57969-docker_container-change-expected-config-source.yml
Co-Authored-By: Felix Fontein <felix@fontein.de>
* nxos_bgp_neighbor: Add bfd support
- Add support for bfd state in nxos_bgp_neighbor
- Feature Pull Request
- nxos_bgp_neighbor
- Tested on platforms: `N3K,N6K,N7K,N9K`
* bfd T/F now bfd enable/disable
* pep fix ws
* add IAM role assumption to aws_ec2 inventory
* Ensure inventory._options has necessary option keys populated since the plugin docs parser isn't accessible to unit tests yet
* Remove lexers which have been fixed in Pygments 2.4.0.
* Add Pygments >= 2.4.0 to test runner.
* Fix pages that triggered lexer errors.
Co-Authored-By: Sviatoslav Sydorenko <wk.cvs.github@sydorenko.org.ua>
* If case xml reply is transformed or namespace is removed in ncclient
device specific handler return modified xml response as string
* If data xml node is present in xml response return the xml string
with data node as root node
* If none above is true return raw xml string received from host
with rpc-reply as the root node
* Ignore `<rpc-reply>` node from candidate and
running configuration in xml diff
* Add route-policy as prerequisite to BGP coonfiguration
in integration test
* If dispatch() rpc response has data element
return the xml string from <data> element
else return the complete xml string from
<rpc-reply>.
Depends-On: #57909
Depends-On: #57919
* Update azure_rm_resource related document
* resolve shippable check error
* Resolve format error
* resolve format error---02
* Redefine the type variable
This fixes an index error issue when running tests on zuul.ansible.com
for iosxr. We can fix this by getting the last element in the list.
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
* Initial proposal for new parameter option for response format
- output_version parameter dictates the response key case
- new is snake_case, old is camelCase
- If new, conversion is done at the end of module execution
- This is purely a proposal and not a final draft
* Add support for ANSIBLE_MERAKI_FORMAT env var
- If env var is set to 'camelcase' it will output camelcase
- Otherwise, will default to snakecase
- Added note to documentation fragment
- As of now, all module documentation needs to be updated
* Fix pep8 errors and remove output_version args
* Restructure check in exit_json so it actually works
* Add changelog fragment
* Change output_format to a parameter with env var fallback
- ANSIBLE_MERAKI_FORMAT is the valid env var
- Added documentation
* Convert to camel_dict_to_snake_dict() which is from Ansible
- Fixed integration tests
* Fix yaml lint error
* exit_json camel_case conversion handles no data
- exit_json would fail if data wasn't provided
- Updated 3 integration tests for new naming convention
* convert_camel_to_snake() handles lists and dicts
- The native Ansible method doesn't handle first level lists
- convert_camel_to_snake() acts simply as a wrapper for the method
- There maybe a situation where nested lists are a problem, must test
- Fixed integration tests in some modules
* A few integration test fixes
* Convert response documentation to snake case
* assign a sane default to yum/dnf lock_timeout, in line with cli
Fixes#57189
Signed-off-by: Adam Miller <admiller@redhat.com>
* fix typo in changelog snippet
Signed-off-by: Adam Miller <admiller@redhat.com>
Ansible galaxy role download checked for `.tar.gz`, but `tarfile.is_tarfile(...)` can identify and open any valid tarfile. This change uses transparent stream compression to make `.tar.gz` and `.tar.bz2` formats valid with python 2.6.x/2.7.x (as well as `.tar.xz` with python 3.x).
These openstacksdk calls are awkward special-case wrappers around
patch_machine, and I would like to deprecate them in openstacksdk change
https://review.openstack.org/647730. Use much simpler update_machine instead.
* Updated testcase
* Added check mode support
* Added check for mutual exclusive for Name and UUID
Fixes: #57580
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
To get all instances gcp_compute made a call to the Google API for each
zone separately. Because of this if all zones needed to be queried
fetching hosts lasted 30+ seconds. Now the module will use a single
query that will return all the instances, so the execution should last
just a few seconds.
This commit also suppresses a warning from the google-auth library about
using user credentials because if an Ansible user wants to use user
credentials, there is no need to warn him about it.
* update vxlan
* add a changelog fragment for the PR 57264
* Update 57264-update-vxlan-to-fix-bugs.yml
update for change request
* Update ce_vxlan_vap.py
remove commented codes.
* Split Avi Credentials into two parts - secrets and login_info
* Fixed indentation issue
* Removed trailing whitespaces
* Added sub-options to avi credentials
* Added sub-options to avi credentials
* Updated argument specs to use fallback instead of getting defaults from environment variable
* Improve change reporting for meraki_ssid
- Documentation is more clear about dependencies
- Not all change reports are accurate without new algorithm
- Improved integration tests
* Rename changelog fragment
* Enable all tests in integration tests
- Fix type merging
* Add more integration tests for code coverage
* Update URL creation
* Add support for check mode
* Add diff support
- diff support is based on "have" and "want" data structures.
- Review needs to be done on the diffs for accuracy and usefulness.
- Changed change mode changed responses to be accurate.
* Remove config template based integration tests
* fixes bug introduced by commit 8cb73720f0599b08794cb7a3fbdf36d430214446: "TypeError: argument of type 'NoneType' is not iterable" when using module systemd without param 'name' (e.g. with daemon_reload)
* set ovirt disk active default value to True
* disk default activate only when creating
* correct comment syntax
* add changelog
* ovirt disk activate update docs
* Remove usage of global var log_path
* Add changelog and edit ignore.txt
* win_pagefile: not using testPath
* Revert "win_pagefile: not using testPath"
This reverts commit c8bc10234048257414454905e1c860a8f57a3b3f.
* PSLint error
* Update win_domain_membership.ps1
* Update win_domain_controller.ps1
* "setup.ps1" - Change $env:COMPUTERNAME to [System.Net.Dns]::GetHostName(), to support non NETBIOS compliant hostnames
* Change method to base on WMI
* changed ansible_domain to use WMI
* Fixed per review
* Fixed dot stuff
* Revert "Fixed dot stuff"
This reverts commit a1d5be00f1.
* dot stuff
* dot stuff 2.0
* Update setup.ps1
* Wrap this up to go
Folder creation API is only supported by vCenter, specifying
Standalone ESXi system will raise error.
This fix adds an user warning for suggesting this restriction.
Fixes: #49938
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* postgresql_idx: self.__exec_sql -> module_utils.postgres.exec_sql
* postgresql_idx: exec_sql, added a changelog fragment
* postgresql_idx: exec_sql, fix the changelog fragment
* postgresql modules: use postgres.exec_sql instead of __exec_sql methods
* postgresql modules: use exec_sql, added changelog fragment
* Update changelogs/fragments/57674-postgres_modules_use_exec_sql_instead_of_methods.yml
Co-Authored-By: Felix Fontein <felix@fontein.de>
* network and install policy modules for example
network and install policy modules for example
* revert the changes in version
revert the changes in version
* documentation_fragment
documentation_fragment
* Checking the status code of the set request
* delete some of Rikis' files
* retrieve Rikis' files and call equals API method
* adding blanck line between functions
* implement host, address-range and group
* mostly sintax fixes
* try again with the old host and access rule
* small changes
* adding service udp and publish
* publish command
* little fix
* choises for state parameter
* support wait_for_task and API version
* imports
* refactor of function's name
* network module
* rename modules and return value from modules
* PR before examples to: tests, lookup, check_mode
* small fixes
* fixes for code review
* small fixes
* state parameter in examples and many /n
* white spaces
* 4 tries for how choices should be, and turn true to True
* win_domain_group_membership - Fix missing @extra_vars on Get-ADObject to support dirrent domain and credentials for retrival
* win_domain_group_membership - Fix missing extra_vars on Get-ADObject
rds_instance is boto3 based module, add a note in rds module documentation
about the same.
Fixes: #54686
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
While including var files using _raw_params adds additional new line
character, which makes Ansible to fail to include that file in.
This fix removes extraneous new line character while parsing the var file.
Fixes: #57593
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
This uses to_text to ensure tostring() from lxml is decoded properly.
Depends-On: https://github.com/ansible/ansible/pull/57309
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
* Update dependence's name to firepower-kickstart
* Check response type before getting attributes
* Add unit test for construct_ansible_facts method
* Update error message
* Adding device_facts module for contribution
* changes added for pylint error
* Updated code to solve ansible-test compile error
* Changes to avoide comile error added
* Review Comments changes update
* Avoided blank line
* pylint error changes
* Removed ansible_facts return in error case
* Updated description
* modules renamed
* changing from ansible_facts to device_info
* avoide pep8 error
* Updated sample output
* version changed to 2.9
* Changed Copyright license to BSD
* Changed 3-clause BSD license to 2-clause BSD
* Added unit test support for ome_device_info
* version change
* removed pylint error in unit test modules
* Avoid Sanity error for unit test modules
* updated version
* Extended cloudfront_facts module to have a predictable return value for getting results.
* Updated RETURN docs with new field.
* Corrected the RETURN docs
* Fix typo in YAML
* Merge authentication options back into a single field to prevent losing options beyond the first
* Add integration test and changelog
* Fix multiple options for local type connections. Also fix sorting errors between local type connections that lack a src
* Build again because of github problems?
* Add spaces before comments
* Fix rds_instance module to run against an (older) existing RDS instance successfully
* Only pop Iops param if no storage_type is given. If given and set to wrong type we get to the AWS client error that informs the user
* Docs syntax fix
* Fix typo in docs
Co-Authored-By: stefanhorning <stefan@hornings.de>
* postgresql_sequence: initial commit with new module and tests
* change return variables and adjust tests
* fix sanity checks
* fix linter errors
* change formatting functions and put params alphabetically
* add new examples and remove restrict option
* remove restrict option
* remove `required: false`
* add links to documentation
* change some minor parts in documentation
* add new integration tests for
** drop cascade
** change owner
* change usage of owner and created a test case for set owner during creation
* remove some documents and use docsfragments
* add aliases for minvalue and maxvalue
* change to warn if sequence not exists but should be removed
* use connect_to_db from module_utils/postgres.py
* add checkmode for several tests
* fix psycopg2 import and connect_to_db
* add a test for drop nonexistent sequence
* change get_info funcrtion to use only one SQL statement
* rewrite the module for cleaner code
* remove psycopg2
* change check_mode behavior
* add docstrings for class and methods
* add test for create sequence with owner in check_mode
* fix typo in set_schema()
* fix docu and cleanup the code
* adjust documentation for state, schema and newschema
* remove mutually_exclusive for 'absent'
* remove unused code comments
* remove warning for drop non-exicsting sequence
* change autocommit condition
* adjust state documentation
* nxos_interface_ospf: Add bfd support
Add support for `bfd` state in `nxos_interface_ospf`
- Feature Pull Request
`nxos_interface_ospf`
* Fix pep issues
* sanity loop: syntax
* bfd states changed from T/F to enable/disable/default
* doc hdr fixes
* Implement a new module to support Batch Account.
* Fix the schema definition.
* Fix some lint errors.
* Normalize line endings.
* Remove not-recommended idempotency check.
* adding stubs for discussion
* Add one more output attribute.
* Leverage `idempotency_check` and `normalize_resource_id`.
* Fix line is too long error.
* normalize resource id implementation
* normalizing resource id fix indentation
* Fix linting issues.
* Fix runtime errors of Azure Python SDK.
* Add info module to Batch Account.
* Remove info module per suggestion.
* adding initial comparison function
* fix in idempotency check
* batch account update to support idempotence
* don't modify azure_rm_common for timebeing to avoid excessive ci
* adding first ci
* added more description on comparison function
* fixed storage account name
* fix
* fixed indent in common function + batch account name unpacking
* fix bug
* fixing sanity
* updated class relations
* fix in common
* updated disposition
* Add two more updatable/disposition in module_arg_spec
* updated common file
* Fix documentation for auto_storage_account.
* fixed line too long
* fixed keyvault reference
* fixed batch account creation
* fix pep8
* Regenerate code according to the feedbacks.
* test deleting batch account
* Add auto-generate comments to test file.
* renamed delete task, removed unstable
* clean up storage account
* nxos_bfd_global: initial commit
This is an initial POC with just a few commands included. The code has been written somewhat generically so that it can act as a best practices template for re-use in future modules. The implementation follows the yaml cmd_ref style to define each command's getter/setter/type/default. It supports platform-specific defaults.
The basic logic is to collect all relevant data in a `cmd_ref` dict and pass that around to various methods.
In the BFD case the devices don't provide JSON output so we have to screen-scrape with show runs.
BFD does not support present/absent states so there is no state param.
BFD has three different property types to handle. We can add add'l types as needed:
- int
- int_list (list of ints)
- str (needs support for 'no' keyword)
* Use get_capabilities to find platform type
* PR comment fixes, round 1
* Minor cleanups
* nxos_bfd_global: create NxosCmdRef in module_utils
This commit just takes the latest bfd global code and moves the bulk
of the code into new `class NxosCmdRef` in `module_utils/nxos/nxos.py`.
The only remaining code in `nxos_bfd_global.py` are the calls from `main()`.
* Add remaining command properties and documentation
* update argument_spec
* Add check for _exclude; add sanity test
* Add targets files for bfd
* Context and state absent updates
* Add dict support to cmd_ref
* Changed remaining list commands to dict usage
* Add idempotence check for dict
* Fix existing overwrite bug
* Move pattern matching logic into its own method
* add support for 'command: absent'
* Add `get_platform_shortname`; update BFD platform-specific settings
* /absent/deleted/
* /sh/show/ in prepare_nxos_tests
* add dict check to get_platform_shortname
* Add normalize_defaults()
* UTs for bfd_global
* support yaml for both py2/py3
* update cmd_ref doc header
* Fix python2.6 incompatibility with dict comprehensions
* Fix bfd_global doc header (yaml syntax fail)
* more shippable fixes
* yet more shippable fixes
* shippable: remove r' ' wrappers
* docfix - remove ':'
* escape regex ctl chars in yaml table
* remove extra blank lines
* Fix str(None) issue
* Command context updates
* import PY2,PY3 instead of import sys
* fix ordereddict import & parent_context
* try/except for yaml import
* fix import issue for ordereddict
* remove epdb
* nxosCmdRef_import_check() workaround for shippable
* fix PEP ws errors
* Fix#56643: Map ansible keys to api keys
* Remove errant print line
* Fix pep8 issue
* Fix doc line
* Added test for validate_certs -> verify_ssl translation for k8s module
The extant documentation says that the fingerprint return value is a
single string, but it is currently being returned as a split list.
Convert the returned value to a string as documented, and add some
basic test-case coverage for the return values.
PR #55396
Make Git module support `--valid-pgpkeys` option, which allows
configuring a list of valid PGP fingerprints which are compared with the
used PGP fingerprint if verify_commit is true. This requires
verify_commit to be set to 'yes'.
Signed-off-by: Jelle van der Waa <jelle@vdwaa.nl>
Co-authored-by: Sviatoslav Sydorenko <webknjaz@redhat.com>
* Initial commit for meraki_malware module
- Allows for manipulation of malware configuration
* Add full documentation and improve code coverage
* Add diff support
* Type change
* Sanity check fixes
* Convert org_id from str to int for consistency
* Sanity fixes again
* Fix argument type errors
* Remove ignore items for some Meraki modules so shippable is happy
* Restructure meraki_network to be simpler and work for all int tests
* Enable all integration tests and enhance error reports
* Slight tweaks to integration tests
* Add support for check mode.
* Add diff support
- Need to analyze diff for accuracy
- Updated check mode changed value
* Improve test coverage
* Remove a duplicate integration test
* Add support for check mode
* Add changelog fragment
* Add diff support
- Fix a few changed status
- Removed auth_key check since that's done in module_utils now
* win_chocolatey - honour version when bootstrapping chocolatey
* skip upgrade all step
* Fix install latest step
* Remove test changes now that Chocolatey is released
* tweak the package version detection
If IAM Role is created without description using aws cli or UI,
then Ansible failed to update description for such IAM role.
This fixes such condition.
Fixes: #52942
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* nxos_vlan: fix broken purge behavior (issue #57101)
Symptoms/Analysis:
- `nxos_vlan` `purge: true` would fail when `purge` was trying to delete all unspecified vlans, including vlan 1.
- `nxos` devices do not allow removing vlan 1 and raise a cli exception error
- Previous fix#55144 caused a side effect when `purge` was used: vlan changes specified by `aggregate` were ignored; e.g.
- vlan 4 is not present; playbook specifies `aggregate: { vlan: 4 }, purge: true`
- results in proper purging but vlan 4 is not created
Solutions:
- ignore vlan 1 when purging
- remove the `not purge` check from state present logic
Added additional unit tests and integration tests.
Tested against all regression platforms.
* PEP fixes
* Add agg_show_vlan_brief.txt fixture
* Add warning for removing vlan 1
* change method name check
Handle exceptions raised while describing the metric alarms rather than
printing tracebacks.
Fixes: #55786
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Specify that the pattern is matched against the dirent basename
* Specify that regexen must match the whole name of the dirent. It has been a pitfall for me.
* Fix order for warning on templated conditionals
Fix bare variable warnings when the variable is a boolean
* changelog
* Add tests for cases that should and should not give warnings
If the behavior may change when the default behavior for CONDITIONAL_BARE_VARS becomes False there should be a warning. Boolean type conditionals will not change in behavior so don't warn.
* oops, forgot to add files
* typo
* New module postgresql_copy
* New module postgresql_copy: added tests
* New module postgresql_copy: changed tests
* New module postgresql_copy: doc format fixes
* New module postgresql_copy: fixes
* New module postgresql_copy: added upper, PostgreSQL
* New module postgresql_copy: fixed description
* New module postgresql_copy: added note about superuser
* New module postgresql_copy: remove SQLParseError
* New module postgresql_copy: fixed opt_need_quotes type
* New module postgresql_copy: fixed check_mode
* New module postgresql_copy: small fix
* Attempt 2 of cert validation fixes
* Remove unused code
* Cleanup the tmp cert using atexit
* Fix linting issues
* Only add SSLValidationHandler when not HAS_SSLCONTEXT
* Catch value errors on non PEM certs
* Only catch NotImplementedError to avoid masking issues
* set self._context even with PyOpenSSLContext for conformity
* Fix error building
* normalize how we interact with the context we create
* Remove unused code
* Address test for py3.7 message difference
* open_url should pass the ca_path through
* Account for new error in url lookup test
* Guard some code behind whether or not we are validating certs
* Make _make_context public
* Move atexit.register up to where the tmp file is created
* Allow syslog_json callback options to be set in an Ansible configuration file.
The syslog_json documentation says that it supports options via an Ansible
configuration file. In fact, they can only be specified via environment
variables.
I've updated the module to use the standard "get_options" handling which means
that it can now support options via environment variables *or* the
configuration file.
Options can be set in the configuration file as follows:
```
callback_whitelist = syslog_json
[callback_syslog_json]
syslog_server = localhost
syslog_port = 514
syslog_facility = user
```
* Use the original, documented, names for the modules options.
In the documentation text change syslog_server to server, syslog_port to port
and syslog_facility to facility.
* Add an item to the changelog.
* Update 57232-syslog-json-configuration-options.yml
Fix a YAML syntax error / typo.
* Adding integration test for 127.0.0.1/32 and ::1/128.
* Making sure file is not corrupted when render fails
* Fixes#56430
* Adding changelog for MR 57147/Issue 56430
##### SUMMARY
Suggest to use sequential IDs - otherwise action is considered to be changed always.
##### ISSUE TYPE
- Docs Pull Request
+label: docsite_pr
* Add support for check mode
* Check mode returns proper changed status
- Added is_template_valid()
- Restructured check_mode so it will always return data
- Check mode should show proper changed status
- Code is untested and integration tests need to be expanded
* Fix deleting networks
- Add integration tests for deleting networks
- Refine tests based on changed/unchanged
* Remove one task from integration test
* Add support for disableRemoteStatusPage
- New feature in the Meraki API
- Yes, it's a double negative, I may fix at some point
* Remove double negative
- All disables became enable and logic is reversed
- This isn't yet tested
* Switching computers!!!
* Apply changes to make the logic work, even reversed
* Attempt to fix some formatting errors
* Add documentation fragment
* Fix whitespace
* Add disable_my_meraki back, with deprecation notice
* Edit changelog notice
* Update deprecation version
* Update example to be a block and change deprecation message.
* Remove duplicate delegate_to
* Change deprecation notice.
The jinja2 query() function (or lookup with wantslist=True, which is
the same thing) should always return a list.
However, if you combine a query with errors='ignore' and take the
error path, the current code returns a None value. This is important
in a case such as
- name: Conditional include file
import_tasks: '{{ item }}'
vars:
params:
files:
- path/file1.yaml
- path/file2.yaml
loop: "{{ q('first_found', params, errors='ignore') }}"
If neither file1.yaml or file2.yaml exist, this should do nothing by
returning an empty list to the loop. Currently if you run the above
task you'll get a rather unhelpful:
Invalid data passed to 'loop', it requires a list, got this instead: .
This change ensures that when a query ignores an error, it returns a
empty list. The errors='ignore' case is tested in several variants
with first_found. The extant (but deprecated) "skip: True" for
first_found doesn't seem to be explicitly tested; a test is added here
to avoid regressions before removal in 2.12.
This fixes a regression you'll hit if you follow the suggestion in the
deprecation message included with
e17a2b502d to use errors=ignore over
"skip: True" for first_found. This change adds an example that points
out the query/lookup difference and also fixes the error message to
not mention the now deprecated "skip: True".
Closes#56775
* Rewrite idempotency check
- Check now operates recursively and works on multiple types
- Order of lists matter
* Remove blank line for lint
* Fixed idempotency checks in meraki_ssid
- New sanitize() method for finding keys unique in compared dicts
- Fixed bug in meraki_ssid where SSID specified by number breaks
- This will require a backport
- Converted ignored_keys from tuple to list
* Made changes required for idempotency
* Add changelog fragment
* Add unidirectional option for testing
* Disable option 1 check
* General fixes for is_update_required testing
- Added commented out debug statements in method
- Fixed ignored_keys modifications
* Remove old commented algorithm
Add check for all policy fields (name, apply_to, pattern, tags,
priority) to have correct changed state. Previosly changed state was
based on policy name only.
* Add support for rabbitmq 3.7
* Fix exec args for rabbitmqctl status
* Add changelog and fix description for Ansible 2.9
* Return results even when the cache is disabled
By default the cache is disabled and so the results of the API call
are not placed in there for the return statement to fetch.
* Always update self._cache to return
It is possible for provider.authorize to exist, but set to None. Rather
then loading this value blindly, assume the default is False.
File "/home/zuul/src/github.com/ansible/ansible/lib/ansible/executor/task_executor.py", line 145, in run
res = self._execute()
File "/home/zuul/src/github.com/ansible/ansible/lib/ansible/executor/task_executor.py", line 635, in _execute
result = self._handler.run(task_vars=variables)
File "/home/zuul/src/github.com/ansible/ansible/lib/ansible/plugins/action/ios.py", line 50, in run
provider = load_provider(ios_provider_spec, self._task.args)
File "/home/zuul/src/github.com/ansible/ansible/lib/ansible/module_utils/network/common/utils.py", line 424, in load_provider
provider['authorize'] = boolean(provider['authorize'])
File "/home/zuul/src/github.com/ansible/ansible/lib/ansible/module_utils/parsing/convert_bool.py", line 26, in boolean
raise TypeError("The value '%s' is not a valid boolean. Valid booleans include: %s" % (to_text(value), ', '.join(repr(i) for i in BOOLEANS)))
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
* Add support to start a vm and put it on hold in one_vm
* Add version_added to vm_start_on_hold option for one_vm
* Add version_added to vm_start_on_hold option for one_vm#2
* Add version_added to vm_start_on_hold option for one_vm#3
* Fix indentation for one_vm
* route53_facts: add check mode support
* route53_facts: add changelog fragment mentioning check mode support
* route53_facts: alter changelog fragment type from `minor_changes` to `bugfixes`
* Update changelogs/fragments/56900-route53-facts-check-mode.yaml
Co-Authored-By: Felix Fontein <felix@fontein.de>
dict.items() in pytho2 returns a list of tuples which can be iterated
while modifying the dict. In python 3 it returns a view which is tied to
the underlying dict, meaning the modifications to the dict while
iterating are unsafe.
This commit generates new list containing the tuples from the iterator
in python 3 which breaks the link to the dict, allowing the dict to be
modified while iterating the list.
In python 2 it would simply copy the list.
Fixes#56902
* [docker_network] Fix idempotency when using aux_addresses in ipam_config
Mismatch between keys returned by Docker API (AuxilliaryAddresses) vs
expected by Ansible module (aux_addresses) resulted in tasks always
have status 'changed'. The existing code normalizing one set of
keys to another missed this special case where converting
CamelCase to lowercase is not sufficent.
Please see
https://github.com/moby/moby/blob/master/api/types/network/network.go
for reference.
* Correct keywords formatting in changelog file
Co-Authored-By: Felix Fontein <felix@fontein.de>
The "-" does not work as expected if I want to get a specific version of a package. After replacing the dash with the equal sign. the task passed successfully.
Depends on package manager - adds example so we show both syntaxes.
* openstacksdk < 0.10.0: fix AttributeError
`openstack.version.__version__` expression raises an `AttributeError`
exception when openstacksdk < 0.10.0 is used. `openstack.version` is
now imported as a module, which works for all openstacksdk versions.
Error was:
The full traceback is:
Traceback (most recent call last):
File "$HOME/.ansible/tmp/ansible-tmp-1545612308.8-46792777824159/AnsiballZ_os_security_group.py", line 113, in <module>
_ansiballz_main()
File "$HOME/.ansible/tmp/ansible-tmp-1545612308.8-46792777824159/AnsiballZ_os_security_group.py", line 105, in _ansiballz_main
invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)
File "$HOME/.ansible/tmp/ansible-tmp-1545612308.8-46792777824159/AnsiballZ_os_security_group.py", line 48, in invoke_module
imp.load_module('__main__', mod, module, MOD_DESC)
File "/tmp/ansible_os_security_group_payload_keFTIJ/__main__.py", line 163, in <module>
File "/tmp/ansible_os_security_group_payload_keFTIJ/__main__.py", line 115, in main
File "/tmp/ansible_os_security_group_payload_keFTIJ/ansible_os_security_group_payload.zip/ansible/module_utils/openstack.py", line 121, in openstack_cloud_from_module
AttributeError: 'module' object has no attribute 'version'
* Add missing space & dot in error message
* Always require openstacksdk >= 0.12
According to the OpenStack Networking API
the attribute binding:vnic_type of a port is optional.
This change enables the os_port module to handle
binding:vnic_type as optional.
* Returns zone ID for existing zone or `null`
* route53_zone: add module unit tests
* route53_zone: add compatibility with Python 2.6 to the unit tests
* route53_zone: address pycodestyle warning (add blank line)
Until now, the module was only able to interact with vcenter. This
commit adds the ability to directly target an ESXi without the
`esxi_hostname` parameter.
- Also return url and update docs for other values to indicate they are only returned on success.
- Add integration tests
- Use info variable for common return values
- Use -1 as default status rather than None. This is lines up with with existing code in urls.py
- Add unit tests to ensure status and url are returned on failure
The `network.type` parameter is set to default on default on `static`.
As a consequence, the network parameter is always defined as `dict`.
This patch ensures we don't check the value of the network configuration
if we want to delete the interface.
* Make datacenter as alias and optional
* Add folder param to place datastore cluster in specific folder
* Updated examples
* Updated tests
Fixes: #48010
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Quick and dirty attempt to handle eapi error
* Well this should probably change
* Hopefully this works correctly?
* Fix check_rc handling with httpapi
* Add tests that should hopefully cover the error
* Fix warnings
* Improve tests
* initial commit
* Fix typo in integration test which caused an assertion to fail
* Updated integration testing
* Fix Ansible Sanity Errors
* Changed version added to 2.8 from 2.9
* added from __future__ import absolute_import, division, print_function
__metaclass__ = type
* Updates aci.py with the ability to add ACI objects to any depth
Changes start at line 411 (construct_deep_url() and supporting functions). One minor change to line 633 (the original construct_url()) to provide for testability: ...join(sorted(self.child_classes)) vs ...join(self.child_classes)
I am also attaching two test files. One characterizing the existing construct_url() and the matching test set for construct_deep_url() to support my efforts and proof of parity
* Two PyTest files to support construct_deep_url
These two files provide testing parity, one characterizing the original construct_url() function and the other proofing construct_deep_url(). The ...deep_url.py test file goes five layers deep to provide better validation for the function
* Correcting previous upload to incorrect folder
These two files provide testing parity, one characterizing the original construct_url() function and the other proofing construct_deep_url(). The ...deep_url.py test file goes five layers deep to provide better validation for the function
* Deleting for file name change per Matt Clay
* Deleting for file name change per Matt Clay
* Correcting file names per Matt Clay
@mattclay Thanks again for your continued guidance and patience. Please cancel the previous (incorrect) request
* Wrong location for test file
* Wrong location for test file
* First attempt to comply with suggestions
lib/ansible/module_utils/network/aci/aci.py:517:0: SyntaxWarning: "is not" with a literal. Did you mean "!="?
lib/ansible/module_utils/network/aci/aci.py:534:0: SyntaxWarning: "is not" with a literal. Did you mean "!="?
lib/ansible/module_utils/network/aci/aci.py:558:161: E501 line too long (210 > 160 characters)
* First attempt to comply with suggestions
test/units/module_utils/network/aci/test_aci_construct_url.py:1:14: SyntaxError: import pytest
test/units/module_utils/network/aci/test_aci_deep_url.py:1:14: SyntaxError: import pytest
test/units/module_utils/network/aci/test_aci_construct_url.py:0:0: use "\n" for line endings instead of "\r\n"
test/units/module_utils/network/aci/test_aci_deep_url.py:0:0: use "\n" for line endings instead of "\r\n"
Shortened test function names (less descriptive)
* Second attempt to comply with suggestions
* Second attempt to comply with suggestions
* Third attempt to comply with suggestions
* Third attempt to comply with suggestions
* Pro Tip: Convert from 'CRLF' to 'LF' in VSCode
It's on the status bar to the right
* Added setup() support for tests
* Continued corrections to support testing
* Added two mocks to support testing
I could not find where to place fakes/mocks, so please let me know if the current location is incorrect
* Adding tmpdir property to mock_basic.py
* Added last blank line to mock_basic.py
To pass sanity test
* Attempt to correct setup() issues
* Attempt to correct setup() issues
* Attempt to correct setup() issues
* Attempt to correct setup() issues
* Withdrawing pending injectability tweak to aci.py
* Withdrawing pending injectability tweak to aci.py
* Withdrawing pending injectability tweak to aci.py
* Withdrawing pending injectability tweak to aci.py
* Add a new "log_folder" option to the log_plays callback plugin.
A a new option for the log_plays callback plugin which allows the user to
control where the callback where creates log files.
The option can be set via the ANSIBLE_LOG_FOLDER environment variable or in the
Ansible configuration file, e.g.:
[callback_log_plays]
log_folder = /path/to/my/log/folder
Ensure `wait_condition`s with `Status: Unknown` actually
complete
Return k8s object after wait rather than k8s object before
wait when object is patched.
* Update get_certificate.py with an example to calculate number of days until cert expires from get_certificate result.
* Update lib/ansible/modules/crypto/get_certificate.py
Co-Authored-By: Felix Fontein <felix@fontein.de>
* [docker] images: add support for lookup by sha256 digest
Signed-off-by: Jakob Ackermann <das7pad@outlook.com>
* [tests] docker image by digest: work on a minimal test case
Signed-off-by: Jakob Ackermann <das7pad@outlook.com>
* [docker] group branch conditions per lookup
Co-Authored-By: Felix Fontein <felix@fontein.de>
* [misc] add a news fragment for the added digest lookup for docker images
Signed-off-by: Jakob Ackermann <das7pad@outlook.com>
* Allow python_requirements_facts to cope with packages with dashes
```
python_requirements_facts:
dependencies:
- kubernetes-validate
```
should work as expected
* Ensure tests run for python_requirements_facts
The remove_policies function in iam_role.py enumerates a list of policies to remove. However, due to an indentation issue on the return True line, only the first such policy would be removed.
This change outdents the return True so that all of the the requested policies are removed.
* azure_rm_azurefirewall
* a few updates
* fixed mistake
* updated docs, fixed syntax
* updated priority
* use checkmode for idempotence test, as it's very long
* fix check mode
Without this commit, `vmware_datastore_facts` ignores the datastores are
not associated with a cluster of a datastore. This case can happen if a NFS
share is mounted directly on a ESXi instance.
* Adding New Model onyx_qos for Configuring QoS on Onyx Switches
Signed-off-by: Anas Badaha <anasb@mellanox.com>
* Fix Pep8 Failures in onyx_qos
Signed-off-by: Anas Badaha <anasb@mellanox.com>
* Fix Pep8 Failures phase 2
Signed-off-by: Anas Badaha <anasb@mellanox.com>
* Fix Samer's Comments on onyx_qos Module
Signed-off-by: Anas Badaha <anasb@mellanox.com>
* Fix Shippable Comments Phase 3
Signed-off-by: Anas Badaha <anasb@mellanox.com>
* Fix Current Version 2.9
Signed-off-by: Anas Badaha <anasb@mellanox.com>
* Updated utils to remove Avi SDK dependency and Avi 18.2.2 version update
* Fixed the python 3.x errors failing for avi_disable_session_cache_as_fact not properly documented
* Updated version added fields for new parameters
* fixed pep8 errors
* made requests import optional
* removed setting requests to None
* Added try catch for the avi helper methods such that any import fails then module fail gracefully. This was needed to pass the requests library not found error
* removed deprecated modules. Also, trying another fix to deal with requests import error
* Fixed python3 errors
* fixed pep8, no-dict-iteritems and import test failures
* added version 2.8 for new field
* some more code cleanup and formatting
* updated the fail message and fixed plint errors
* added workaround for unicode pylint
* fixed the version added for new parameter app_learning_memory_percent and removed unicode_literals import
* Removed check of HAS_AVI for common argument spec
* Updated version added value from 2.8 to 2.9
* Version added value fixes of CI error
* Attempt to handle just mode trunk properly
* Add test for trunk-only config and clean up tests
* Add missing eapi tests and remove references to provider as we do not test local
* Fix typo that breaks invocation of os_stack
* Apply tags conditionally so that the module does not throw up an error when using an older distro of openstacksdk
* Unchanged requests now return the original data
* Add changelog fragment
* Add integration tests for returned data for meraki_network
* Add integration tests for returned data
* Improve idempoetent output
- Make MX l3 rules always show default rule
- Add integration tests
* Add integration tests for returned data on meraki_network
* Improved idempotency in a few modules and improved tests
* Add waiter for AWSRegional
* Add support for WAF Regional
* Add support for regional waf web acl
* Remove set_trace, pep formatting
* Add paginator for regional_waf
* Change name of param for waf_regional
This is more in line with how AWS refers to the service. Additional
changes made to how client is called. Used ternary to reduce if
statements
* Change parameter name to waf_regional
* Add support for removal waf regional condition
* Change parameter from cloudfront to waf_regional
* Added state: absent waf rule
* Remove set_trace
* Add integration tests for waf regional
* WIP: adding region parameter to tests
* Add support for waf facts module
* Add region to waf regional integration tests
* Update security policy for waf regional testing
* Add type to documentation for waf_regional param
Resolve the two following errors:
ERROR: lib/ansible/modules/cloud/vmware/vsphere_copy.py:0:0: E309 version_added for new option (host) should be '2.9'. Currently None
ERROR: lib/ansible/modules/cloud/vmware/vsphere_copy.py:0:0: E309 version_added for new option (login) should be '2.9'. Currently None
##### SUMMARY
qos is not defined when port_mirroring is enabled, a NoneType is returned for entity.qos in this case
getattr is safer to use than using a direct call to entity.qos.name
##### ISSUE TYPE
- Bugfix Pull Request
+label: docsite_pr
* Rewrite much of the execution of meraki_switchport
- Previous versions had problems with idempotency and allowed_vlans
* Modified payload creation
- Parameter map is used
- propsed is created using .copy()
- Much cleaner this way
* Add whitespace for lint
* Add bugfix snippet for changelog
* Moves developer docs for AWS, ovirt, and openstack modules out of lib/ansible/, integrates them with dev_guide, with abadger's fix to make python snippets pass rstcheck
* Adds a new vmware module to support getting the folders and their paths within a datacenter
* Add integration tests
* Bump version added
* Refactor integration test
* Improve grammar in docs
*`vsphere_copy` was only able to interact with a vCenter instance. This
patch change that.
* In addition, it also makes use of the `vmware_argument_spec`.
Co-Authored-By: Abhijeet Kasurde <akasurde@redhat.com>
* auth_key parameter is required
- This will have to change when httpapi is implemented
* Add integration test
* Add assertion
* Enable VLANs on network
* Add required for auth_key