There are multiple settings that are defined at a global level for
E-Series systems, but don't necessarily fit with anything else. This
module is intended to provide a place to encapsulate those.
* Create copy of HostConfig object before adding it to results.
* Create general sanitize function in docker_common. Using it for all return values of docker_container.
* Make Python 2.6 compatible.
* Check if service is already masked
Newer versions of Systemd now report a 'LoadError' when the unit file
is masked. This causes the play to fail with an error stating that the
service is already masked.
Now the systemd module checks if the service is masked and doesn't
fail if it's masked and LoadError is reported.
Fixes issue #42384.
* Remove useless parens
* YUM4/DNF compatibility via yum action plugin
DNF does not natively support allow_downgrade as an option, instead
that is always the default (not configurable by the administrator)
so it had to be implemented
- Fixed group actions in check mode to report correct changed state
- Better error handling for depsolve and transaction errors in DNF
- Fixed group action idempotent transactions
- Add use_backend to yum module/action plugin
- Fix dnf handling of autoremove (didn't used to work nor had a
default value specified, now does work and matches default
behavior of yum)
- Enable installroot tests for yum4(dnf) integration testing, dnf
backend now supports that
- Switch from zip to bc for certain package install/remove test
cases in yum integration tests. The dnf depsolver downgrades
python when you uninstall zip which alters the test environment
and we have no control over that.
- Add changelog fragment
- Return a pkg_mgr fact if it was not previously set.
* Share the implementation of hashing for both vars_prompt and password_hash.
* vars_prompt with encrypt does not require passlib for the algorithms
supported by crypt.
* Additional checks ensure that there is always a result.
This works around issues in the crypt.crypt python function that returns
None for algorithms it does not know.
Some modules (like user module) interprets None as no password at all,
which is misleading.
* The password_hash filter supports all parameters of passlib.
This allows users to provide a rounds parameter, fixing #15326.
* password_hash is not restricted to the subset provided by crypt.crypt,
fixing one half of #17266.
* Updated documentation fixes other half of #17266.
* password_hash does not hard-code the salt-length, which fixes bcrypt
in connection with passlib.
bcrypt requires a salt with length 22, which fixes#25347
* Salts are only generated by ansible when using crypt.crypt.
Otherwise passlib generates them.
* Avoids deprecated functionality of passlib with newer library versions.
* When no rounds are specified for sha256/sha256_crypt and sha512/sha512_crypt
always uses the default values used by crypt, i.e. 5000 rounds.
Before when installed passlibs' defaults were used.
passlib changes its defaults with newer library versions, leading to non
idempotent behavior.
NOTE: This will lead to the recalculation of existing hashes generated
with passlib and without a rounds parameter.
Yet henceforth the hashes will remain the same.
No matter the installed passlib version.
Making these hashes idempotent.
Fixes#15326Fixes#17266Fixes#25347 except bcrypt still uses 2a, instead of the suggested 2b.
* random_salt is solely handled by encrypt.py.
There is no _random_salt function there anymore.
Also the test moved to test_encrypt.py.
* Uses pytest.skip when passlib is not available, instead of a silent return.
* More checks are executed when passlib is not available.
* Moves tests that require passlib into their own test-function.
* Uses the six library to reraise the exception.
* Fixes integration test.
When no rounds are provided the defaults of crypt are used.
In that case the rounds are not part of the resulting MCF output.
* including test case using environment variables as per issue #44163
* including missing environment variable in shared documentation fragement, related to issue #44163
* fixes parameters via environment variables, issue #44163
The AWS API and console docs are inconsistent about whether EC2 instances have IAM profiles or roles. Things which follow the API tend to use profile but the console uses “IAM Role”. This adds that term to the help text so it's searchable.
+label: docsite_pr
* Switch to LiteralPath instead of Path. Closes#44508
* add changelog fragment
* fix line endings and remove final empty line
* Minor text changes in changelog
* Override description for account_key_src and account_key_content to also mention private_key_*.
* Convert generic OpenSSL/cryptography remark from description to note.
This avoids the whole description list to be sorted alphabetically, which will be done by plugin_docs.py in case description is mentioned in both module fragment and module itself.
* Moving more notes to the notes: section.
* Uniformization of first paragraph. Mainly mention ACME supporting CAs, and only then mention Let's Encrypt as one of them.
* Adjusting to current drafts.
* Adjusting to updated drafts.
* Harmonizing short module descriptions.
* Referencing helper modules.
* Move general Let's Encrypt remark to doc fragment.
* Changing some Let's Encrypt references to more generic statements.
This fix allows user to specify idle timeout for fetch_url used
internally in IPA connection and post_json call.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Added nios_txt_record module
Whitespace cleanup and version fix
First stab at txt record integration test
Fix for CI version requirement
Added nios_txt_record module
Whitespace cleanup and version fix
First stab at txt record integration test
Fix for CI version requirement
force re-run
* added alias for cloud group1
This PR includes:
- Removal of maintainers that are listed as author in the module
- Removal of entries that do not extend the original author list
- Move ignored-statement to namespace/directory (where useful)
- In some cases, fix the authors-list or add missing github id
We end up with a list of exceptions/additions and a large set of
namespace/directory maintainers or team of maintainers.
Some entries could be further improved by discussing with some
maintainers.
* Fix ansible-doc wrt removed modules
* Fix listing of modules ia ansible-doc to not complain about removed modules
Removed modules are marked as such in the metadata but nowhere else.
Need to retrieve the metadata when a module doesn't have a doc so that
we can tell if it falls under this case.
* omit removed modules from json dump
* Print an error that the module has been removed if attempting to run
ansible-doc on that specific module
* Get plugin_formatter to stop outputting removed modules
* Removed modules no longer have documentation
Decided this was causing people to think that modules were supported
even after being removed. This change is a new strategy to have the
error message trying to use a removed module point people to the older
documentation.
* Add stubs for modules removed in 2.7
These are freshly removed so we want people who are still using them
when they upgrade Ansible to have a hint as to where to find information
on how to port.
* Finish properly undeprecating include
include was undeprecated earlier but not all of the pieces that marked
it as deprecated were reverted. This change fixes the remaining
pieces
The AnsiballZ optimization which only uses one pyton interpreter
currently monkeypatches the arguments into a global argument in module_utils
so we need to always include basic.py. In the future we should fix this
so that it monkeypatches its own file. That way we won't need to always
include basic.py
* elb_application_lb: fix dangerous default of deleting an ELB if state is omitted by changing state to default to present to be more like other AWS modules
* expend checksum format to <algorithm>:(<checksum>|<url>)
* continue to code at office
* ALPHA - expend checksum format to <algorithm>:(<checksum>|<url>)
* clean up tmpfile and comment
* try to add test code for 27617
* try to add test code for 27617
* try to add test code for 27617
* try to fix [Could not find or access 'testserver.py']
* fix test code [Could not find or access 'testserver.py']
* fix test code [add files dir]
* fix test code [files dir not exists]
* as [connection was closed before a valid response was received]
* [connection was closed before a valid response was received]
* [connection was closed before a valid response was received]
* add test item [sha1 and sha256]
* since [connection was closed before a valid response was received]
* fix [connection was closed before a valid response was received]
* fix test code typo
* add docs for #27617
* PR #43751 is minor change
* fix pep8 issue.
* fix test code style.
* fix unexpected quote
* Resolve issues in NetApp E-Series Host module
The E-Series host module had some bugs relating to the update/creation
of host definitions when iSCSI initiators when included in the
configuration. This patch resolves this and other minor issues with
correctly detecting updates.
There were also several minor issues found that were causing issues with
truly idepotent updates/changes to the host definition.
This patch also provides some unit tests and integration tests to help
catch future issues in these areas.
fixes#28272
* Improve NetApp E-Series Host module testing
The NetApp E-Series Host module integration test lacked feature test
verification to verify the changes made to the storage array.
The NetApp E-Series rest api was used to verify host create, update, and
remove changes made to the NetApp E-Series storage arrays.
When removing an instance via its ID, it is not clearly explained that one should use the `name` parameter.
Also a simple example is provided.
+label: docsite_pr
This PR includes:
- Use uppercase in descriptions
- Add trailing dot to descriptions
- Grammar/spelling fixes
- Adding names to examples as a best practice
- Simplify structure
* issue:43021 add support for onyx version 3.6.6000
Signed-off-by: Samer Deeb <samerd@mellanox.com>
* issue:43021 add support for onyx version 3.6.6000
Signed-off-by: Samer Deeb <samerd@mellanox.com>
* Update docs
* Add reboot action plugin
Refactor win_reboot so it is subclassed from reboot
* Use new connection methods
* Test fixes
* Use better uptime command for Linux
Use who -b to get the last time the system was booted rather than uptime, which changes every second.
* Use distribution specefic commands and flags
Query the managed node to determien its distribution, then set the appropriate command and flags.
* Tune debug messages a bit
* Update module docs with details about pre_reboot_delay
s docs
* Ensure that post_reboot_delay is a positive number
* Remove the stringification
* Add integration tests
* Make sure aliases are honored
* Handle systems that have an incorrect last boot time
SystemD and fakehw-clock do not properly set the
last boot time and instead always set it to epoch.
Use a different command if that is the case.
* Copyright and encoding fixes
* Minor fixes based on feedback
* Add exponential backoff to sucess check method
* Update integration test
Skip the integration test if it would try to reboot the control node. We need a new mechanism to account for this scenario in ansible-test, so tests must currently be run manually for this plugin.
* Update integration test
Skip the integration test if it would try to reboot the control node. We need a new mechanism to account for this scenario in ansible-test, so tests must currently be run manually for this plugin.
* Fail early with running with local connection
* Update docs based on feedback
* minor refactoring, state mgmt changes
The 'free' strategy still attempts to do all hosts per task before going to the next, it just doesn't wait for slow hosts,
This strategy processes each host as fast as possible to the end of the play before trying to process another host in the pool.
* Add (preview) diff mode support ec2_group
* Add diff mode to some ec2_group integration tests
* Remove unnecessary arguments and add comment to the module notes
* Add changelog
Since the ACI modules (like most network-related modules) run on the
local controller, this PR adds the necessary details so users are aware
of this particular feature.
When creating a new account, check to see if the expiration parameter is negative and pass in the appropriate parameter. Since the negative integer passed into expires is converted to time.struct_time which in turn gets converted to a formatted time string when passed to the underlying command, a -1 or large negative number would result in passing a date before 1970-01-01 to the underlying command.
This had the opposite effect of creating an account with no expiration account resulting in a newly created account that was already expired, or just throwing an error on certain systems.
* gather_subset is a list of strings
When gather_subset is an integer, a message pointing out the problem, current tb error
is replaced by this one:
ERROR! the field 'gather_subset' should be a list of (<class 'str'>,), but the item '42' is a <class 'int'>
...
* gathering_facts test: ensure smart gathering is on
* Currently network_cli support multiple prompts
single answer as response. This PR adds support
for multiple answers.
* In case of multiple prompts and mulitple answers the
index of a particular prompt in the prompts list should
match with the index in the answer list.
In python 3.7.0, changes in `ssl.py` breaks `smtplib.SMTP_SSL`, which
then breaks `mail` module in ansible.
Run this line in python shell:
import smtplib;smtplib.SMTP_SSL().connect(host='smtp.gmail.com', port=465)
Before python 3.7.0, we will get:
(220, b'smtp.gmail.com ESMTP j13-v6sm3086685pgq.56 - gsmtp')
In python 3.7.0, we get such error at `lib/python3.7/ssl.py` line 843, method `_create`:
ValueError: server_hostname cannot be an empty string or start with a leading dot.
The ssl module is using host info on SMTP_SSL instance, which is not set.
The fix/workaround is simple, just pass host info to it:
import smtplib;smtplib.SMTP_SSL(host='smtp.gmail.com').connect(host='smtp.gmail.com', port=465)
Fixes: #44550
Signed-off-by: Guo Qiao <guoqiao@gmail.com>
This prevents the accidental creation of TXT records where every
single word gets split into its own string, such as TXT record values
in the format of `"foo" "bar" "baz"`. That being an implicit behavior
I have very hard to see anyone purposely relying on.
TXT record values can still explicitly be defined as one or more
strings, without any change in syntax.
Resolves#43380
* adding next network pluggin
* include exclude option for next_ip search
* changing example provider input
* adding new line at end
* version added info
* to fix shippable errors
* to fix shippable errors
* adding exclude option in doc section
* fix review comment
* fix review comment
* Correct the default doc for attached in ec2_eni
Also corrected a typo in the summary
* Address ansible-test sanity error about E324
* Fix and remove the E325 suppression for ec2_eni
Extends `module_defaults` by adding a prefix to defaults `group/` which denotes a builtin list of modules. Initial groups are: `group/aws`, `group/azure`, and `group/gcp`
* add route module
* add test
* add table
* add route table
* fix dict
* fix
* fix
* route table accept no name
* add default
* fix
* fix
* fix
* fix pep
* support route table
* fix line ending
* fix pep
* fix
* fix
* set the default to 'None'
* make return value only id
* camel and snake
* set test alias
* change facts line ending
* change test
* fix
* add default
* fix
* fix line break
* remove unsafe args
* fix comment
* fix
* adding postgresql server facts
* updating postgresql server facts, minor changes
* changed return dict to list
* fixed test
* fixed several issues
* several updates
* fixed naming
* list -> complex
* try again
* fixed mistake
* added user_visible_state to the result
* added fully_qualified_domain_name
* fixed second test
* updates
* fixed test
* updated samples in return value
* wait for postgresql server to be actually ready
* another approach for test
* second server was not created
* fixing pr comments
* fix sanity
* removed forgotten ansible_facts
* added account_alias in the response of module aws_caller_facts
* added comment to explain list_account_aliases
* renamed caller_identity to caller_facts as the content is extended
* created changelog
* security-policy needs the iam:ListAccountAliases for this module to work
* test now checks for the added field account_alias
* gracefully handle missing iam:ListAccountAliases permission
* Added helper module for generating ACME challenge certificates.
* Soft-fail on missing cryptography. Also check version.
* Adding integration test.
* Move acme_challenge_cert_helper from web_infrastructure to crypto/acme.
* Adjusting to draft-05.
* The cryptography branch has already been merged.
Wow, this does not seem to be an uncommon misspelling. Might be there
are some left that span over two lines. I noticed the one in the git
module and then used `grep -rw 'the the'` to find some more.
Many OpenStack modules provide the ability to register a resource in a
project other than the one being used to authenticate with, by adding a
project parameter to the module. Examples include os_network, os_subnet,
and os_router. This change adds a project parameter to the
os_security_group module.
Fixes: #34467Fixes: #30292
This allows to parse the output when the user's locale changes the
commands' output. For example chkconfig uses 'Ein' and 'Aus' instead of
'on' and 'off' when using LANG=de_DE.UTF-8 breaking the service
detection on RHEL 6.
* Docker: Convert units for kernel_memory
Other memory arguments already use human_to_bytes to convert the
units. This change makes the behavior more consistent.
* Update Docker unit parsing documentation
This explains the units more precisely and makes the documentation
more consistent.
This fixes#16526.
when using only an activation key without any channels.
As already suggested by mattclay in
https://github.com/ansible/ansible/pull/25079
and also patch unit test for rhn_register and
add test case for activationkey only
