Commit graph

470 commits

Author SHA1 Message Date
Matt Clay
4816bb4f43
More boilerplate fixes. (#70224)
* Fix boilerplate in hacking dir.
* Fix boilerplate in docs dir.
* Fix boilerplate in integration tests.
* Fix boilerplate in examples.
2020-06-22 19:05:30 -07:00
Brian Coca
06ecdaa7b1
comment heavy playbook (#68981)
* create examples/play.yml


Co-authored-by: flowerysong <junk+github@flowerysong.com>
2020-05-19 17:27:08 -04:00
Jakub Paweł Głazik
04b22a6b35
Change example ControlPath to be short and unique (#69347)
Use %C as the ControlPath setting in the example config file. The old setting used %h and %r tokens, which break ansible for a few use cases, including packer provisioning, where hostname is always 127.0.0.1. %C is a hash of local host, remote host, username and port.
2020-05-07 14:52:42 -05:00
Rowayda Khayri
d039eb9317
add punctuation marks to comments (#68882) 2020-05-06 13:14:06 -04:00
Hideki Saito
a67d5dbcb7
Add example setting for collections_paths parameter to examples/ansible.cfg (#69018)
Signed-off-by: Hideki Saito <saito@fgrep.org>
2020-04-30 14:29:50 -05:00
Matt Clay
601065cb7a
Remove old example playbooks dir. (#68409)
The content was relocated nearly 7 years ago.
2020-03-25 14:15:57 -04:00
Anatoly Kamchatnov
ebdb581e63 Fix typos in ansible.cfg comments
PR #65177
2019-11-23 22:15:25 +01:00
Sam Doran
1588ad77e2 Update ansible.cfg (#64855)
- clean out old options that are now deprecated
- clean up formatting of comments a bit
- add become plugin examples
2019-11-19 09:36:35 -06:00
James Cassell
8bca160363 add vfat to selinux special_context_filesystems (#59823)
vfat is the format of the /boot/efi partition on UEFI hosts and does
not support SELinux labels

add an environment variable for this config option
2019-08-12 14:45:27 -04:00
Shachaf92
7ddcaafee5 many pslint fixes (#55862)
* Handles:

PSAvoidTrailingWhitespace
PSAvoidGlobalVars
PSAvoidAssignmentToAutomaticVariable
PSAvoidUsingCmdletAliases
PSAvoidUsingWriteHost
PSUseDeclaredVarsMoreThanAssignments
PSUsePSCredentialType
PSAvoidUsingPositionalParameters
PSAvoidUsingEmptyCatchBlock
PSAvoidUsingWMICmdlet

Replaced Write-Host with Write-Output
Added smart reboot check for win_domain feature installation
Modify the Creation of the pagefileto fit to CIM
Changelog fragment addition
Ignore.txt without fixes

* Changes after community reviews

* Change Out-Null to '> $null'

* Fixes after jborean93 comments

* Test

* Revert "Test"

This reverts commit 35c5c0648fa9d2868a18094d84954e53ffa28880.

* Removed all  > $null since they broke the module since the output got dumped

* run test again

* Revert "run test again"

This reverts commit 80eaf07143f9d8cb0116cbbc68a6a69c0ace840c.

* Changes after community review

* ignore PSUseDeclaredVarsMoreThanAssignments that are on a diffrent PR

* CI failed on extra line in ignore.txt

* Review changes

* PSlint errors

* Trail space

* send to null breaks the tests for  Set-Workgroup

* Lint stuff

* win_domain_user issue of indent.

* Update win_domain_user.ps1

* Update win_domain_membership.ps1

* Fix redirect to null

* lint space issue

* removed return from set-workgroup

* removed send to null
2019-07-09 05:41:58 +10:00
Brian Coca
751134ff17 Clearer examples of hosts.yml inventory (#57999)
* Clearer examples of hosts.yml inventory
2019-06-18 15:58:28 -05:00
Chuck Douglas
0e9a79a589 Change the retry_files_enabled to False and modify the comments to reflect that this has been disabled (#52581)
* Change the retry_files_enabled to False and modify the comments to reflect that
this has been disabled.

* Change the default action of retry_files_enabled to False

* Update porting guide to reflect change in default state of retry_files_enabled variable

* Change log documenting a change in default behaviour of retry_files_enabled

* Revert config change to comment out the retry_files_enabled line to let the user decided what is best.
Comment above still states how to change.
2019-02-28 10:13:26 -05:00
Abhijeet Kasurde
1da5e21289 examples: fix Ansible API example (#51863)
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2019-02-12 15:35:49 -06:00
Matt Martz
445ff39f94
Become plugins (#50991)
* [WIP] become plugins

Move from hardcoded method to plugins for ease of use, expansion and overrides
  - load into connection as it is going to be the main consumer
  - play_context will also use to keep backwards compat API
  - ensure shell is used to construct commands when needed
  - migrate settings remove from base config in favor of plugin specific configs
  - cleanup ansible-doc
  - add become plugin docs
  - remove deprecated sudo/su code and keywords
  - adjust become options for cli
  - set plugin options from context
  - ensure config defs are avaialbe before instance
  - refactored getting the shell plugin, fixed tests
     - changed into regex as they were string matching, which does not work with random string generation
     - explicitly set flags for play context tests
 - moved plugin loading up front
 - now loads for basedir also
 - allow pyc/o for non m modules
 - fixes to tests and some plugins
 - migrate to play objects fro play_context
 - simiplify gathering
 -  added utf8 headers
 - moved option setting
 - add fail msg to dzdo
 - use tuple for multiple options on fail/missing
 - fix relative plugin paths
 - shift from play context to play
 - all tasks already inherit this from play directly
 - remove obsolete 'set play'
 - correct environment handling
 - add wrap_exe option to pfexec
 - fix runas to noop
 - fixed setting play context
 - added password configs
 - removed required false
 - remove from doc building till they are ready

future development:
  - deal with 'enable' and 'runas' which are not 'command wrappers' but 'state flags' and currently hardcoded in diff subsystems

* cleanup

  remove callers to removed func
  removed --sudo cli doc refs
  remove runas become_exe
  ensure keyerorr on plugin
  also fix backwards compat, missing method is attributeerror, not ansible error
  get remote_user consistently
  ignore missing system_tmpdirs on plugin load
  correct config precedence
  add deprecation
  fix networking imports
  backwards compat for plugins using BECOME_METHODS

* Port become_plugins to context.CLIARGS

This is a work in progress:
* Stop passing options around everywhere as we can use context.CLIARGS
  instead

* Refactor make_become_commands as asked for by alikins

* Typo in comment fix

* Stop loading values from the cli in more than one place

Both play and play_context were saving default values from the cli
arguments directly.  This changes things so that the default values are
loaded into the play and then play_context takes them from there.

* Rename BECOME_PLUGIN_PATH to DEFAULT_BECOME_PLUGIN_PATH

As alikins said, all other plugin paths are named
DEFAULT_plugintype_PLUGIN_PATH.  If we're going to rename these, that
should be done all at one time rather than piecemeal.

* One to throw away

This is a set of hacks to get setting FieldAttribute defaults to command
line args to work.  It's not fully done yet.

After talking it over with sivel and jimi-c this should be done by
fixing FieldAttributeBase and _get_parent_attribute() calls to do the
right thing when there is a non-None default.

What we want to be able to do ideally is something like this:

class Base(FieldAttributeBase):
    _check_mode = FieldAttribute([..] default=lambda: context.CLIARGS['check'])

class Play(Base):
    # lambda so that we have a chance to parse the command line args
    # before we get here.  In the future we might be able to restructure
    # this so that the cli parsing code runs before these classes are
    # defined.

class Task(Base):
    pass

And still have a playbook like this function:

---
- hosts:
  tasks:
  - command: whoami
    check_mode: True

(The check_mode test that is added as a separate commit in this PR will
let you test variations on this case).

There's a few separate reasons that the code doesn't let us do this or
a non-ugly workaround for this as written right now.  The fix that
jimi-c, sivel, and I talked about may let us do this or it may still
require a workaround (but less ugly) (having one class that has the
FieldAttributes with default values and one class that inherits from
that but just overrides the FieldAttributes which now have defaults)

* Revert "One to throw away"

This reverts commit 23aa883cbed11429ef1be2a2d0ed18f83a3b8064.

* Set FieldAttr defaults directly from CLIARGS

* Remove dead code

* Move timeout directly to PlayContext, it's never needed on Play

* just for backwards compat, add a static version of BECOME_METHODS to constants

* Make the become attr on the connection public, since it's used outside of the connection

* Logic fix

* Nuke connection testing if it supports specific become methods

* Remove unused vars

* Address rebase issues

* Fix path encoding issue

* Remove unused import

* Various cleanups

* Restore network_cli check in _low_level_execute_command

* type improvements for cliargs_deferred_get and swap shallowcopy to default to False

* minor cleanups

* Allow the su plugin to work, since it doesn't define a prompt the same way

* Fix up ksu become plugin

* Only set prompt if build_become_command was called

* Add helper to assist connection plugins in knowing they need to wait for a prompt

* Fix tests and code expectations

* Doc updates

* Various additional minor cleanups

* Make doas functional

* Don't change connection signature, load become plugin from TaskExecutor

* Remove unused imports

* Add comment about setting the become plugin on the playcontext

* Fix up tests for recent changes

* Support 'Password:' natively for the doas plugin

* Make default prompts raw

* wording cleanups. ci_complete

* Remove unrelated changes

* Address spelling mistake

* Restore removed test, and udpate to use new functionality

* Add changelog fragment

* Don't hard fail in set_attributes_from_cli on missing CLI keys

* Remove unrelated change to loader

* Remove internal deprecated FieldAttributes now

* Emit deprecation warnings now
2019-02-11 11:27:44 -06:00
Ganesh Nalawade
1b6228fa10
Increase persistent command_timeout default value (#51056)
* Increase persistent command_timeout default value

*  Increase command_timeout default value from 10 to 30 sec
   to reduce frequent timeout issue for network connection
   types (netconf/network_cli/httpapi/napalm)

* Fix review comments
2019-01-21 10:50:52 +05:30
jctanner
ce58ebf71d Fix usetty keyword in example ansible.cfg (#51084) 2019-01-18 18:48:28 -05:00
Pierre-Louis Bonicoli
7e278b23b4 inventory plugin order: update doc
add doc for #44428:
- add changelog fragment
- update porting guide
also:
- update auto inventory plugin doc
- mention toml plugin in examples
2018-12-12 09:35:13 -08:00
Pilou
1bad617f29 Inventory plugins move auto before ini (#44428)
* inventory plugins: try auto before ini

auto plugin should run before ini to avoid ini being able to parse
some plugin configuration YAML files successfully.

* Update comment

comment was added by 2ffe3c42bb but
related code was later removed by
506e6a0b2d.
2018-12-11 15:17:05 -05:00
Monty Taylor
2e8f166b8a Add comment about group merge in yaml inventory example (#24986)
* Add comment about group merge in yaml inventory example, w/bcoca feedback
2018-11-29 14:22:48 -06:00
Abhijeet Kasurde
834d9330e9 Misc Typo (#48918)
Changed hostames to hostnames

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2018-11-20 09:48:46 +01:00
Sloane Hertel
43d12c11be Add 'auto' to documented default enabled inventory plugins (#46621)
* Correct default inventory plugins enabled in docs and example/ansible.cfg

* Fix headers
2018-10-08 14:07:46 -05:00
Jordan Borean
24b4633481
explicitly set LocalAccountTokenFilterPolicy on WinRM configure script (#45947) 2018-09-25 08:01:03 +10:00
skylerbunny
a892a6ef03 Add undocumented configuration parameter and explain in porting guide (#36059)
* Add undocumented configuration parameter and explain in porting guide
2018-09-17 12:08:25 +01:00
Joren Vrancken
b954917761 Surround top-level function and class definitions with two blank lines. 2018-07-31 12:06:56 -07:00
John R Barker
e9dbebfa57
Fix some broken links (#42079)
* Fix some broken links

* We now only serve via https
* redirects don't work with anchors, so update those links (devel/dev_guide)
2018-06-29 11:12:01 -07:00
李宏杰
e9b658baae update ansible.cfg example (#41832) 2018-06-22 11:24:18 -04:00
Brian Coca
3b8b928e29 draft schema for inventory scripts (#39454)
* draft schema for inventory scripts

used by the script inventory plugin

* fixes and details for vars

* proper escape

* restrict additional
2018-05-24 23:38:16 -04:00
Matt Ralph
c47c16782f Add ssh_connection retries to ansible.cfg example (#38393)
I add the `retries` option under [ssh_connection] as it was missing, and
some brief comments on the backoff logic.
2018-05-24 23:22:26 -04:00
Matt Clay
c262dbfd30 Use https for links to ansible.com domains. 2018-04-23 11:33:56 -07:00
David Norman
7963279fc2 Generate SHA256 signed certificates for WinRM (#36668)
* Generate SHA256 signed certificates

Vulnerability scanners are increasingly reporting SHA-1 signed certificates as a vulnerability on servers. Before this change, -ForceNewSSLCert generates a signature algorithm that openssl shows as sha1WthRSAEncryption for WinRM port 5986. After, this forces certificates to be signed with SHA256, which openssl shows sha256WithRSAEncryption.

Some example SHA-1 deprecations include:
- https://docs.microsoft.com/en-us/security-updates/SecurityAdvisories/2017/4010323
- https://blog.mozilla.org/security/2014/09/23/phasing-out-certificates-with-sha-1-based-signature-algorithms/

Also note that RDP 3389 on Windows 2016 also defaults to a SHA256 certificate.

The specifics were merged from a script mod I found at https://gallery.technet.microsoft.com/scriptcenter/PowerShell-script-to-7a0321b7 intended for Exchange. It also includes a mod to add an alternate DNS listing so the cert contains CN=HOSTNAME plus now also an alternative of the FQDN.

I tested this change on Windows 2008R2, 2012R2, and 2016 Datacenter.

* Keep WinRM cert key length at 4096.

* Remove WinRM cert exportpolicy setting.
2018-04-20 09:01:48 +10:00
Toshio Kuratomi
340a7be7c3 Implement plugin filtering 2018-01-22 16:54:53 -08:00
John Bond
d72587084b Update example uptime script to provide correct type for explicit individual hosts (#34740) 2018-01-16 11:39:15 -06:00
Matt Clay
797664d9cb Python 2.6 str.format() compatibility fixes. 2018-01-10 14:08:11 -08:00
Erwan Quélin
e3b49a7aeb Added possibility to disable basic auth (#33224) 2018-01-02 10:13:20 +10:00
Matt Davis
853fa8223a avoid use of Write-Host in config script 2017-12-20 22:51:16 -08:00
Matt Davis
898eead48f
add GlobalHttpFirewallAccess arg (#34124) 2017-12-20 20:36:26 -08:00
jctanner
218987eac1
ANSIBLE_SSH_USETTY configuration option (#33148)
* Allow the user to circumvent adding -tt on ssh commands to help aid in
debugging ssh related problems.
* Move config to the plugin
* Set version_added
* Change yaml section to "connection"
* Fix ssh unit tests
2017-11-22 11:19:43 -05:00
Jason Travis
be4a0f1f3d Set example ansible.cfg *includes_static options to default value 2017-11-02 19:42:08 -04:00
Dag Wieers
1140d6ecd7
Explain -EnableCredSSP in header
The new Windows documentation references the top of this file for a list and explanation of options, however `-EnableCredSSP` was missing from this list.
2017-11-02 16:59:13 +01:00
James Mighion
9d4e0a8acb Fixes default format of network_group_modules to ini list. Removing trailing whitespaces from comments for style consistency. Fixes #26154 (#32460) 2017-11-01 19:02:08 +00:00
Sudheer Satyanarayana
7197186366 minor text fixes 2017-10-23 11:18:28 -04:00
Brian Coca
d2c7539ae8 removed example for restricted facts namespace
(cherry picked from commit e1fab37316)

fixes #31330
2017-10-04 20:39:01 -04:00
Matt Martz
2b08e00a54 Update uptime.py example script with changes to the API. Fixes #31229 2017-10-04 08:50:10 -07:00
Brian Coca
d3e85bd045 dont override previous ini entries with defaults
corrected setting example, quotes mess up the regex
fixes #30633
2017-09-20 16:38:11 -04:00
Brian Coca
142869d266 fixed typo 2017-08-29 11:49:29 -04:00
Brian Coca
de6ba4daff add toggle to controle inventory parse as error (#28729)
* add toggle to controle inventory parse as error

also rearranged new inventory options into it's own ini section

* updated with inventory features

also minor fixes/consolidation on deprecated/removed modules

* tweaked settings
2017-08-28 17:17:19 -04:00
Brian Coca
a897193bce Moar constructive (#28254)
* made composite vars and groups generic

now you can do both in every plugin that chooses to suport it
renamed constructed_groups as it now also constructs vars ... to constructed
moved most of constructed_groups logic into base class to easily share

* documented inventory_hostname

* typo fix
2017-08-21 16:06:15 -04:00
Simon Liddicott
3ceeb5124e Set startup type to automatic before attempting to start the service. Otherwise it will fail if the service is disabled. (#27751) 2017-08-07 08:14:56 +10:00
Ganesh Nalawade
70ce394840 Persistent connection timer changes (#27272)
*  Add command_timeout timer that defines the amount
   of time to wait for a command or RPC call before
   timing out.
*  Remove connect_retries and connect_interval configuration
   varaible and replace it with connect_retry_timeout to control
   the timeout value of connection to local scoket.
*  Make required changes to netowrk action plugins and relevant
   network files in module_utils.
*  Required documentation changes.
2017-08-01 11:45:45 -06:00
Toshio Kuratomi
87a192fe66 Fix one name in module error due to rewritten VariableManager 2017-07-27 15:37:26 -07:00