* Add coherency between check and normal mode see issue #24633
* Add changelog fragment for the PR
* Make change following PR comment
* Remove trailing whitespace
(cherry picked from commit 240d1a6afb)
* Always check envvars when auth parameter is not provided
This will make it so that all code using the get_api_client
method will make use of the environment variables, instead of
silently ignoring them if default values haven't been set. This
affects at least the k8s lookup plugin.
* Add changelog
(cherry picked from commit 0be66113d4)
* If network cliconf support `supports_generate_diff` in
that case diff between running and cnadidate config
is generated within Ansible and if check_mode is enabled
in that case return only diff without actually invoking
edit_config()
(cherry picked from commit 8f5cd049d6)
* Catch SSH authentication errors and don't retry multiple times to prevent account lock out
Signed-off-by: Sam Doran <sdoran@redhat.com>
* Subclass AnsibleAuthenticationFailure from AnsibleConnectionFailure
Use comparison rather than range() because it's much more efficient.
Signed-off-by: Sam Doran <sdoran@redhat.com>
* Add tests
Signed-off-by: Sam Doran <sdoran@redhat.com>
* Make paramiko_ssh connection plugin behave the same way
Signed-off-by: Sam Doran <sdoran@redhat.com>
* Add changelog
Signed-off-by: Sam Doran <sdoran@redhat.com>.
(cherry picked from commit 9d4c0dc111)
Co-authored-by: Sam Doran <sdoran@redhat.com>
Signed-off-by: Sam Doran <sdoran@redhat.com>
* file - allow touch on files not owned by user
* use Sentinal value and preserved existing args
* Do no instantiate the Sentinel object
(cherry picked from commit 419727a6da)
* check for result['status'] in systemd module
* instead of checking for result['state'], actually check for chroot and warn
* allow systemctl status to work if in a chroot, update warn text
* simply change warning message
(cherry picked from commit 37960ccc87)
* Corner case in which import_role would add another instance of a role with the same signature into roles: when it already existed there.
roles:
- name: a
tasks:
- import_role: name=a
would execute role 'a' 3 times instead of the intended 2 (x2 in roles: phase +1 in tasks:)
* added tests
(cherry picked from commit eca7c3c8c7)
* [docker_container] Failing on non-string env values (#49843)
* [docker_container] Failing on non-string env values
Fixes#49802
* Clarify failure message
Co-Authored-By: DBendit <David@ibendit.com>
* Fixup from review
(cherry picked from commit d62d7176b0)
* Turn fail into warning for 2.7 backport.
* Fix test for backport
The behaviour in the backport is to warn rather than error
* Describe labels and container_labels correctly
* Clarify reserve_memory and limit_memory docs
* Remove default from container_labels doc
* Remove trailing whitespace
* Document min api version for configs and secrets
* Add changelog fragment
* Specify type on labels and container_labels
* Consolidate required API version descriptions
* Update reserve and limit memory docs
* Use correct power-of-two units
* Remove description about limit_memory minimum 4mb
(cherry picked from commit 644057e9ec)
* fixes issue 50296
* fixes the indentation of the return statement
* Adds a conditional test into `_find_systems_resource()` to check the existence
of the Members of System resource
* updates the error message
* harden the conditional test
* Add a changelog
(cherry picked from commit 94a1d86d70)
* docker_swarm_service: use exact name match when finding services
The Docker API's filtering support allows filtering for substring
matches which means that when we filter the list of running services we
may accidentally match a service called "foobar" when looking for a
service named "foo".
Fix this by filtering the list of services returned from the Docker API
so that name matches are exact. It is still worth passing the filter
parameter to the Docker API because it reduces the number of results
passed back which may be important for remote Docker connections.
Closes 50654.
* add changelog fragment for #50654
(cherry picked from commit fd32760d7a)
* Added documentation around using vmware dynamic inventory plugin
* Fixed bug for populating host_ip in hostvars for given inventory host
* VMware: Add properties in vmware_vm_inventory
Fixes: #50249
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit af914695e6)
* Expand user and variables in ca_certificates paths.
This is a fix specific for stable-2.7. In devel (and stable-2.8),
this problem is fixed by #48473. That PR adds argument spec
validation for list elements.
* Add changelog.
* Add ability for reboot module to work for AIX
* changelog for AIX reboot support.
(cherry picked from commit 1dac10e5c3)
Co-authored-by: trogdor_the_burninator <gforster@users.noreply.github.com>
Signed-off-by: Sam Doran <sdoran@redhat.com>
* resolved conflicst
* adding fragment
* generalize using rest api
* make vmss smaller
* even smaller
* size can't be smaller
* removed some unnecessary things
* removed too much
* additional fix needed
Add auth_timeout parameter when supported
Paramiko 2.2 introduces the auth_timeout parameter. This will set the
parameter to the same value of the timeout parameter to prevent
"Authentication timeout" errors.
(cherry picked from commit e7f21dd1af)
Conditionally add auth_timeout to ssh.connect
Renamed sock_kwarg to ssh_connect_kwargs and conditionally added the
auth_timeout parameter based on the installed paramiko version.
(cherry picked from commit 6c41e97eee)
Add changelog fragment
(cherry picked from commit 7679a92db7)
* Ensure that the src file contents is converted to unicode in diff info. Fixes#45717
* Fix up and cleanup
* The diff functionality in the callback plugins should have the
to_text() calls removed since we're now doing it in ActionBase
* catching of UnicodeError and warnings in the callback diff
functionality from 61d01f549f haven't been
needed since we switched to to_text so remove them.
* Add a note to ActionBase's diff function giving an example of when the
diff function will be inaccurate and how to fix it
* Fix callback get_diff() tests
I believe the unittests of callback's get_diff() were wrong. They were
sending in a list where strings were expected. Because previous code
was transforming the lists into strings via their repr, the previous
tests did not fail but they would have formatted the test cases output
in an odd way if we had looked at it.
(cherry picked from commit 95e77ac)
Co-authored-by: Matt Martz <matt@sivel.net>
* set ansible_os_family from name variable in os-release for clearlinux OS (#49639)
* set ansible_os_family from name variable in os-release for clearlinux system
Signed-off-by: Josue David Hernandez Gutierrez <josue.d.hernandez.gutierrez@intel.com>
* Add os_family for clear linux and clear linux mixes
Signed-off-by: Josue David Hernandez Gutierrez <josue.d.hernandez.gutierrez@intel.com>
(cherry picked from commit 9202ef60b0)
* Adding Changelog fragment
Signed-off-by: Josue David Hernandez Gutierrez <josue.d.hernandez.gutierrez@intel.com>
* [stable-2.7] Fix reverse_inventory order to work on python3 (#49895)
(cherry picked from commit a0d71e7)
Co-authored-by: Matt Martz <matt@sivel.net>
* Clarify the change made to reverse_inventory
* Fix firewalld module failing on missing protocol. (#50242)
Under Python 3.7 at least, the split of the port field fails
ungracefully if there is no slash. The fix also addresses the
case of an empty protocol after the slash.
(cherry picked from commit 69deb73803)
* add changelog for #50242 (#50480)
Signed-off-by: Adam Miller <admiller@redhat.com>
(cherry picked from commit b81a74f551)
* fix order of dnf api operations so transactions don't fail
Previously dnf.base.fill_sack() was called before
dnf.base.update_cache() which apparently breaks dnf transaction
logic as per https://bugzilla.redhat.com/show_bug.cgi?id=1658694Fixes#49060
Signed-off-by: Adam Miller <admiller@redhat.com>
* add changelog and test case
Signed-off-by: Adam Miller <admiller@redhat.com>
(cherry picked from commit ca084889c7)
* Add module for Pure Storage FlashBlade to manage directory services
* Fix facts not correctly passing into ansible_facts dict
(cherry picked from commit 507f89e693)
* Do not filter out exception, warnings, deprecations on failure when using debug. Fixes#47576
* Add changelog fragment
(cherry picked from commit 40e5d2c)
Co-authored-by: Matt Martz <matt@sivel.net>
When the security group the rule belongs to does not exist and
the state is absent, the module is not properly exited, leading
to a playbook execution failure.
Fixes issue #50057
(cherry picked from commit 4951e5a5b7)
verify_file was improperly always returning true if pyvimomi and requests libs were correct
moved library checking to parse, avoid unneded errors unless the file is actually meant for
this plugin
(cherry picked from commit 49993a55e5)
* Fix mandatory statement error for junos modules
Fixes#40267
* Add error regex in junos terminal plugin to error out
in case of commit fails
* If commit fails add logic to discard changes before existing
else next task will result in error
* Add integration test
* Minor update
(cherry picked from commit cc8e90395a)
* Change test suite to fit expected behaviour
This reverts some changes from ansible/ansible@723daf3
If a line is found in the file, exactly or via regexp matching, it must
not be added again.
insertafter/insertbefore options are used only when a line is to be
inserted, to specify where it must be added.
(cherry picked from commit 31c11de2af)
* Implement the change in behaviour mentioned in the previous commit
(cherry picked from commit a4141cfa2e)
* Fix comment to reflect what the code does
(cherry picked from commit 150f5cb232)
* Set the correct return message.
In these cases, the lines are added, not replaced.
(cherry picked from commit 3216c31401)
* Add a changelog
(cherry picked from commit c39cf6b332)
* [2.7] Don't fail if a remote_addr with a '/' hits ansible_connection (#49781)
* Fail if a remote_addr with a '/' hist ansible_connection
This is _probably_ a CIDR block, but anything with a slash will fail,
so no need to try to parse to make sure
* Locks are now per-socket_path.
Locks use the same value as socket_path. Locks are also cleaned up in
shutdown like sockets.
(cherry picked from commit 61a649c)
Co-authored-by: Nathaniel Case <this.is@nathanielca.se>
* Add changelog
* Fix various bugs related in reboot
- Use format strings for consistency and improve debug log messages
- Use local variables instead of class attributes in order to be thread safe
- Run setup module to get distribution and version
- Run find module to get full path of shutdown command
- Use ansible_os_family and ansible_distribution to find commands and args
- Use same command for all Solaris/SunOS distributions
- Move delay calculations to properties
- Reliably check for module run failure
- Fix bug in run_test_command() that accidentally made the method work properly
- Use better exceptions rather than Exception
- Use dict literals rather than constructors
- Correct _check_delay() so it always returns a value, not None
- Don't store and return result in run_test_command() because it's not used anywhere
- add test for post reboot command that fails
- test negative values for delay parameters.
(cherry picked from commit c1589c33c4)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* [stable-2.7] openstack: fix parameter handling when cloud provided as dict (#42899)
* openstack: fix parameter handling when cloud provided as dict
If a cloud is provided as dictionary:
* Do not assert that 'interface' parameter is None. Instead,
assert that it is 'public'.
* Assert that 'auth_type' parameter is not set.
Fixes#42858
* os_user: Include domain parameter in user lookup
If a "domain" parameter is provided, use it in looking up
whether the user already exists.
Fixes#42901
* os_user: Include domain parameter in user deletion
If a "domain" parameter is provided, use it in deleting
the user also.
Fixes#42901
(cherry picked from commit e25dac9)
Co-authored-by: Carsten Koester <carsten@ckoester.net>
* Add changelog for openstack fixes
* docker_swarm: fix minimal API version (#49691)
* Reduce minimally required docker API version to 1.25, with selective features requiring 1.30.
* Adjust test requirements.
* Forgot some imports.
(cherry picked from commit 495a426039)
* Add changelog for docker swarm minimum api fix
* ensure idempotency for user set to None
* Update `user` documentation and add changelog fragment
* clarify changelog fragments and parameters documentation
* use restructuredtext syntax in changelog fragment
(cherry picked from commit b183eb4464)
* fix: ensure than all item of a list of excluded files aren't checked (#45122)
* fix: ensure than list of excluded files aren't checked
* test: exclude a list of files
(cherry picked from commit 4f9f1754b4)
* added changelog
When the user specified caching plugin doesn't initialize correctly, we
were falling back to a dict. however, dicts do not have the same
update() method as the FactCache. We use the update method when we
update a cache with a subsequent value. So when that combination of
things happened, the code would traceback.
In devel, we made this change to fix things: https://github.com/ansible/ansible/pull/49516
but that involves several deprecations. So we're doing this smaller
hack in 2.7 to fix the traceback without introducing those deprecations
in a stable release.
* Support version 3 of the redis python library. Fixes#49341
* Document 2.4.5 minimum redis-py version
(cherry picked from commit 77de219)
Co-authored-by: Matt Martz <matt@sivel.net>
* Fix for changes in clearlinux
clearlinux is now providing /etc/os-release file and ansible is identifying as NA
then this change allow ansible to find it
Signed-off-by: Josue David Hernandez Gutierrez <josue.d.hernandez.gutierrez@intel.com>
* Add changelog fragment for clearlinux changes
Signed-off-by: Josue David Hernandez Gutierrez <josue.d.hernandez.gutierrez@intel.com>
(cherry picked from commit 6d42c5020a)
There are several services e.g. vmware-fdm, which does not have package name and
package description which will raise a error if queried for.
(cherry picked from commit b3b65d16b8)
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Fix win_nssm credentials quoting
Fix credential quoting for win_nssm after changes to the way nssm command is invoked in Ansible 2.7.1.
* Updating nssm command to update credentials to use Argv-ToString to properly escape password variable.
* Adding changelog fragment for fix of #48728.
(cherry picked from commit 15c5dbcc20)
This change address a problem where the dict_merge function would fail
due to the value being a nested dict. This will now recursively pass
the value back through the dict_merge function.
Merge to devel https://github.com/ansible/ansible/pull/41107
(cherry picked from commit 2a4be2748f)
Update changelog
Fix review comments
* VMware: Fix module usages in module_utils
* Skip test for Python 2.6 as SSL context is not available in Python 2.6
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 1b04571ea0)
* Revert back to getting the AWS role name from the URI with a small change (#49113)
- The role name and instance profile name _can_ be different
- Change the delimiter to `:` for keys that are discovered through the JSON parsing (which is not a valid delimiter for AWS IAM role names), this delimiter is still converted to underscore
- Now checks for the existence of that delimiter to remove the cases where the JSON keys are appended to the role name to find the role name
(cherry picked from commit ff9b86f560)
* Changelog update
* templar: ensure that exceptions are handled
* Fix AttributeError: object has no attribute 'message'
'message' attribute is deprecated since Python 2.6 and not available
with Python 3.
Simple reproducer:
- hosts: localhost
vars:
not_json: "{{ 'test str' | from_json }}"
tasks:
- command: "echo {{ not_json }}"
(cherry picked from commit 62c05033d6)
* Improve error handling: when parse_json_result is False, still return the error message.
* Remove content body from info dict.
* Add changelog.
(cherry picked from commit b842b1b97e)
* [stable-2.7] Improve log message (#49004)
This is the only connection plugin that doesn't state explicitly what it is in the log.
(cherry picked from commit 8f9ced4005)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* Add changelog
* Fix iosxr netconf plugin response namespace
* iosxr netconf plugin removes namespace by default
for all the responses as parsing of xml is easier
without namepsace in iosxr module. However to validate
the response received from device against yang model requires
namespace to be present in resposne.
* Add a parameter in iosxr netconf plugin to control if namespace
should be removed from response or not.
* Fix CI issues
* Fix review comment
(cherry picked from commit 829fc0feda)
* require git when trying to use it in ansible-galaxy cli
Previously we weren't setting `required=True` when calling
`get_bin_path` and the path would return `None`, this would cause
a traceback when attempting to ' '.join() to create a string
representation of the failed command for error output
Fixes#49200
Signed-off-by: Adam Miller <admiller@redhat.com>
* add changelog
Signed-off-by: Adam Miller <admiller@redhat.com>
(cherry picked from commit 81540bd754)
* [stable-2.7] pip: Fix the mistake replacement from 'distribute' to 'setuptools' (#47403)
* Fix the mistake replace from distribute to setuptools
* Add a testcase for this bug
(cherry picked from commit 93c5781)
Co-authored-by: Zhikang Zhang <zzhang63@ncsu.edu>
* Add a change note
* Don't check options for idempotency which are not supported.
This check should be superfluous if every option would adhere to
the convention that options not specified should have value None.
Unfortunately, some options (such as init) which correspond to
container properties have an explicit default set.
(cherry picked from commit 9caaf7b109)
* Added changelog fragment
* Fix comparison of determining which rules to purge by ignoring descriptions (#48443)
AWS uses rule type, protocol, port range, and source as an idempotent identifier.
There can only be one rule with that unique combination. Rules that differ only by description are allowed but overwritten by AWS.
Add a test
Co-authored-by: Will Thames <will@thames.id.au>
(cherry picked from commit 54a2f21f93)
Document that Path and Port are mutually exclusive parameters in the wait_for module.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 70f992c618)
Fixes#48743
Signed-off-by: Adam Miller <admiller@redhat.com>
(cherry picked from commit 4a06e95671)
fix up sanity tests and with_modules conditional
Signed-off-by: Adam Miller <admiller@redhat.com>
(cherry picked from commit 23b60035a1)
fix yamllint sanity
Signed-off-by: Adam Miller <admiller@redhat.com>
(cherry picked from commit 2b878546d3)
fix group-missing/invalid-group detection
Signed-off-by: Adam Miller <admiller@redhat.com>
(cherry picked from commit 41176b5e0f)
* Make puppet module useable on puppet 6 (#46044)
The unused ignorecache setting has been removed and so you
can't run puppet through this module anymore.
See PUP-8533 / https://tickets.puppetlabs.com/browse/PUP-8533
(cherry picked from commit 475d69da69)
* changelog
* Fix tests: use same command if not testing command option.
* Fix idempotency of init option.
* Fix shm_size idempotency (it is included in inspect results from docker API version 1.22 on).
* Add changelog.
(cherry picked from commit b1acabcd03)
* docker_container: make condition less specific (#48590)
* Code seems to have changed from 409 to 400, so let's not check the code.
* Unpause container before removing it.
* Improve code.
* Same for stop_container.
(cherry picked from commit f3a3f42490)
* Add changelog.
* clarify port.mode paramter requiremets, fail if unmet
* changelog fragment
* shorten too long line
* remove unnecessary indentation
* test version on docker_version for better maintainability
* normalize imports
* changelog fragment: minor_changes -> bugfixes
* rollback e96a7e57dfefd566fa47cf465a759637affd4795
* typo
Co-Authored-By: dariko <dariko@users.noreply.github.com>
(cherry picked from commit 89bcd3ff1e)
* ec2_instance: ebs_optimized is not sub-option of 'network' (#48341)
* ebs_optimized is not suboption of 'network'
* Add Shaps as ec2_instance maintainer
* Added workaround-backward compatible check for ebs_optimized
* Added ebs_optimized test
* CI fixes, dynamic select of ENA-enabled AMI
(cherry picked from commit b7d9feb7dc)
* Added changlog fragment for PR #48341
* fixed yaml errors in changelog
* Move check for 'dashboard' key to before the create/update if statement.
* Add changelog fragment for PR #47459
(cherry picked from commit 880762e07e)
* pamd: fixes for multiple issues (#47695)
* Providing fix for #47083 in pamd.py
* Providing fix for #47197
* Fixing pep8 errors
* update regex to account for leading dash and VALID_TYPES with dashes as well
* use a results dictionary and clean up unnecessary items
* remove unnessecary return value. action is already reported in invocation output
* make naming consistent across action returns
* fix comparison so it checks equality instead of identity and indentation in update_rule()
* make sure file always has EOF newline
* updated regex to skip spacing between path and args and add rule arg regex to capture complex args
* new module argument parsing code in function and DRY changes
* remove unused has_rule method on PamdService class
* fix error in parse_module_arguments()
* updated args_present action to make it handle key value args and fail on complex bracketed arguments
* pep8 and other fixes so units still work
* suggested change - make version removed 2.8
Co-Authored-By: shepdelacreme <shepdelacreme@users.noreply.github.com>
* add more error proof test to if statement
(cherry picked from commit ef690e928f)
* add changelog fragment for backport
* add action return value back for backport
PIP package names must be case insensitive, and must consider hyphens
and underscores to be equivalent
(https://www.python.org/dev/peps/pep-0426/#name), because of this the
module didn't work correctly in check mode. For example if the passed
package name had a different case or an underscore instead of a hyphen
(or the other way around) compared to the installed package, check mode
reported as changed, even though packages were installed. Now the module
ignores case and hyphens/underscores in package names, so check mode
works correctly.
(cherry picked from commit b89b688)
Co-authored-by: Strahinja Kustudic <kustodian@gmail.com>
* Simplify logic and add FreeBSD & NetBSD
* Remove incorrect flag for lock and unlock on FreeBSD
* Add tests and changelog
Co-authored-by: Chris Gadd <gaddman@email.com>
(cherry picked from commit f75a84e382)
Co-authored-by: Christopher Gadd <gaddman@email.com>
* Always use /proc/sys/kernel/random/boot_id to confirm reboot on Linux
/proc/sys/kernel/random/boot_id is available since kernel 2.3.16 and
should be safe to rely on.
The previously used method by checking the system boot time using who -b
turned out to be unreliable: Some systems lacking an RTC report the Unix
epoch as boot time, but the code trying to detect that did't always
work.
Closes#46562
* Change DEFAULT_BOOT_TIME_COMMAND
- change to usinsg /proc by default
- add BOOT_TIME_COMMANDS for BSD, Solaris, and macOS
(cherry picked from commit ae7b9ea8cd)
Co-authored-by: Stefan Siegel <ssiegel@sdas.net>
* user: fix removing the expiry time when it's 0
* Improve tests and add changelog
Co-authored-by: Martin Krizek <martin.krizek@gmail.com>
(cherry picked from commit 41dfc5162f)
Co-authored-by: Martin Krizek <martin.krizek@gmail.com>
* yum also parse obsolete package output
This is a rebase of the patch originally proposed in
https://github.com/ansible/ansible/pull/40001 by machacekondra
Fixes#39978
Signed-off-by: Adam Miller <admiller@redhat.com>
* properly parse the obsoletes, provide a new output entry, add changelog
Signed-off-by: Adam Miller <admiller@redhat.com>
* make pep8 happy
Signed-off-by: Adam Miller <admiller@redhat.com>
* remove q debugging output
Signed-off-by: Adam Miller <admiller@redhat.com>
(cherry picked from commit 091fb1dc3f)
* Correct yum and dnf autoremove behavior
Sanity check args passed to autoremove
Fixes#47184
Signed-off-by: Adam Miller <admiller@redhat.com>
* fix docs
Signed-off-by: Adam Miller <admiller@redhat.com>
(cherry picked from commit 1c777976c5)
* Allow bang and exclamation without warning
Allow the password field to be ! or * without warning when using this feature to create accounts that are locked.
Add documentation and tests to cover this.
* Use set() rather than braces for Python 2.6
(cherry picked from commit 066af3b6ca)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* NetApp bugfix for na_ontap_snapmirror (#47621)
* Bug fixes for Snapmirror
* Bug fixes for Snapmirror
(cherry picked from commit 8f3e297d7d)
* add fragment
* Fix argument_spec for modules that are using the old version (#47693)
* Use correct argument spec
(cherry picked from commit 0cf88809ef)
* Add fragment
* cleanup is already tested.
* Add test for paused.
* Add recreate and restart tests.
* timeout is a common docker option
* Implement paused and fix paused test.
* Add changelog.
* Improve paused test.
(cherry picked from commit 65768b996d)
* Store parsed docker-py / docker API versions in client.
* Began refactoring 'minimal required version' for docker_container options.
* Removing some fake defaults.
* Added changelog.
* Improve tests (check older docker versions).
* Fix comparison. The breaking point is not docker-py 2.0.0, but 1.10.0.
(Verified by testing with these versions.)
* Move docker-py/API version detection to setup_docker.
* Add YAML document starter.
* docker_network requirement for docker-py was bumped to 1.10.0 in #47492.
(cherry picked from commit 3cca4185be)
* Add support for POST-as-GET if GET fails with 405.
* Bumping ACME test container version to 1.4. This includes letsencrypt/pebble#162 and letsencrypt/pebble#168.
* Also use POST-as-GET for account data retrival.
This is not yet supported by any ACME server (see letsencrypt/pebble#171),
so we fall back to a regular empty update if a 'malformedRequest' error is
returned.
* Using newest ACME test container image.
Includes letsencrypt/pebble#171 and letsencrypt/pebble#172, which make Pebble behave closer to the current specs.
* Remove workaround for old Pebble version.
* Add changelog entry.
* First try POST-as-GET, then fall back to unauthenticated GET.
(cherry picked from commit 92d9569bc9)
Handle exception when there is no snapshot available in virtual machine or template while cloning using vmware_guest.
Fixes: #47920
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 487f2f25ce)
* Check if `enabled_snat` is set in modules arguments (#46754)
If `enabled_snat` is not set at all in module arguments but Neutron
policy sets it by default in Openstack, then `os_router` will attempt to
recreate otherwise perfectly good router.
Follow up for https://github.com/ansible/ansible/issues/44432#issuecomment-428531031
(cherry picked from commit c2b7174d31)
* Add changelog entry
* Fix idempotency issues in set_bios_attributes
- Added check to see if attribute even exists, if not, it exits.
- Then checks if attribute is already set to value we want to update
it to. If yes, then it exits and changed=False
- Otherwise updates the attribute and changed=True
(cherry picked from commit 1c37471274)
* add changelog fragment
* Parsing plugin filter may raise TypeError, gracefully handle this exception
and let user know about the syntax error in plugin filter file.
* Test for plugin_filtering
Fixes: #46658
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit b32b4111b2)
Due to refactoring of task_error and wait_for_task method,
SSL thumbprint was lost in error message. This fixes the
retry mechanism of AddHost task.
Fixes: #47563
(cherry picked from commit e7c83d6aa9)
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Don't die when get_container is called for container which is terminating during get_container call.
If it terminates between client.containers() and client.inspect_container(),
the module will fail with an error such as
Error inspecting container: 404 Client Error: Not Found ("No such container: xxx")
* Add changelog.
(cherry picked from commit b9706e2ff5)
* Addresses comments in #38971 (#44324)
* Controlled params within no section
* Added tests to control params within no section
* Cleaning output_file before creating no-section params and check the content
* addresses comment in PR "s/hate/beverage/g"
(cherry picked from commit d3fe6c01f2)
* 44324-ini_file
* Add missing self._supports_async to uri action plugin. Fixes#47660
* Additional changes needed to support async
* Missed a call to execute_module
(cherry picked from commit 3633e21)
Co-authored-by: Matt Martz <matt@sivel.net>
This PR is fixing following issues:
1) Don't try to check password.
2) Check options.
3) Order wasn't adding at the end, as doc says.
Signed-off-by: Ondra Machacek <omachace@redhat.com>
* Avoid misleading PyVmomi error if requests import fails
Requests is imported by the VMware module_utils as an external
dependency; however, because it is in a try/catch block containing the
imports for PyVmomi, if requests fails to import properly, Ansible will
instead complain about PyVmomi not being installed.
By moving the import outside of the try/catch block, if requests fails
to import, an error like the following will be returned:
ImportError: No module named requests
This should result in less confusion.
* catch requests ImportError
Signed-off-by: Jim Gu <jim@jimgu.com>
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 99ee30768a)
This adds scenario guide for using VMware HTTP API using uri module.
(cherry picked from commit e5318c5c4f)
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Default to sending text of exception, not the whole exception
(cherry picked from commit 6a866a5)
Co-authored-by: Nathaniel Case <this.is@nathanielca.se>
* Use kubeconfig if either context or kubeconfig is set (#47373)
kubeconfig should be loaded if *either* or both of context
or kubeconfig is set (this allows picking a context and default
kubeconfig or picking a kubeconfig with default context)
Fixes#47149
(cherry picked from commit 00ccad9764)
* Add changelog for k8s auth config fix
* WinRM/PSRP: Ensure shell returns UTF-8 output
This PR makes UTF-8 output work in PSRP shells.
* Add win_command and win_shell integration tests
* Fix tests
* more test fixes
(cherry picked from commit 691ff4b9e6)
* dnf properly gpg check local packages based on param
Fixes#43624
Signed-off-by: Adam Miller <admiller@redhat.com>
(cherry picked from commit 079705f8da)
* Ensure we don't overwrite roles from include/import_role when loading the play. Fixes#47454
* Add changelog fragment
(cherry picked from commit d5e4f37)
Co-authored-by: Matt Martz <matt@sivel.net>
* [2.7] escape default prompt detection in telnet action plugin (#46573)
This change fixes an issue with the default prompt handling. The value
needs to be escaped otherwise it does not work when converted to bytes.
(cherry picked from commit 9180d2c)
Co-authored-by: Peter Sprygada <privateip@users.noreply.github.com>
* Add changelog
This PR fixes the update check method so it now check also the next_run
configuration of the virtual machine if it exists.
So if previously the VM was updated with new parameters, and then reset
back, the module didn't set the parameters to be set back in next_run.
This PR fixes it so the next run configuration is set back with proper
parameters.
Signed-off-by: Ondra Machacek <omachace@redhat.com>
Bug-Url: https://bugzilla.redhat.com/show_bug.cgi?id=1639894
Signed-off-by: Ondra Machacek <omachace@redhat.com>
* [2.7] fix error checking if netns exists (#47397)
This patch fixes an error that occurs when attempting to see if the
netns already exists on the remote device. This change will now execute
`ip netns list` and check if the desired namespace is in the output.
Signed-off-by: Peter Sprygada <psprygada@ansible.com>
(cherry picked from commit 299a5e4)
Co-authored-by: Peter Sprygada <privateip@users.noreply.github.com>
* Add changelog entry
* Behave better if auto_remove and output_logs are combined. Warn if output cannot be retrieved because of auto_remove.
* Add tests.
* Added changelog.
(cherry picked from commit 3afdb28209)
* Only add parameters which are actually used.
* Fail if ipvX_address is used when not supported.
* Added changelog.
(cherry picked from commit 4ffe3b14d4)
Currently the module will disable the SSO if we didn't pass any
value for SSO option. The PR fixes the same.
Signed-off-by: Ondra Machacek <omachace@redhat.com>
* Fix prompt mismatch issue for ios
Fixes#40884#44463#46082
* If the command prompt is matched check if data is
still pending to be read from buffer.
* This fix adds a new timer `buffer_read_timeout`
which will be trigerred after command prompt
is matched and data is attempted to be read from channel.
If not data is present of channel the timer will expire
and response we be returned to calling function.
* Update doc
* Fix review comments
* Update changelog
* Fix unit test CI failure
(cherry picked from commit 335a979f1d)
Fixes: https://github.com/ansible/ansible/issues/45900
This PR fixes the case when the cloud_init_persist was used, but we
still sent use_cloud_init=False, which is in oVirt API evaluated as not
to use cloud_init in first VM execution. This patch is changing it to
send just None, instead of False.
Signed-off-by: Ondra Machacek <omachace@redhat.com>
Currently there is no way to reset the custom_compatibility_version to
NULL. If we provide a empty string('') to custom_compatibility_version,
it will fail with error "IndexError: list index out of range" at _get_minor
function.
To reset the custom_compatibility_version, we have to pass None value to
types.Version. The PR fixes the same.
Signed-off-by: Ondra Machacek <omachace@redhat.com>
This reverts commit 0e933f76ba.
The tests for this were broken on centos6 because jinja2 does not have
a map filter on that platform. Tests need to be rewritten.
(cherry picked from commit ccabc2bff5)
Co-authored-by: Toshio Kuratomi <a.badger@gmail.com>
* Fix auto scale create with fix date without recurrence (#47186)
* Fix auto scale create with fix date without recurrence
* fix indent
(cherry picked from commit 9258ffa478)
* Create azure_rm_autoscale-fixed_date.yml changelog
* Ensure that k8s_facts always returns resources key (#46733)
Fix bug returning `items` key if NotFound exception is hit
(cherry picked from commit b772485d97)
* Add changelog for k8s_facts fix
* add delete=False to NamedTemporaryFile and remove print statement from module
* add changelog fragment
* use module.tmpdir from (#47133) and add changelog fragment for it as well
(cherry picked from commit c67ab296bb)
* user: do not pass ssh_key_passphrase on cmdline
CVE-2018-16837
Co-authored-by: Toshio Kuratomi <a.badger@gmail.com>
(cherry picked from commit a0aa53d1a1)
* Ignore user module use of subprocess.
(cherry picked from commit 8d00afc013)
* Fix python3 problem in user module cve fix
(cherry picked from commit 9088671c4e)
* Fix changelog entry for user module CVE fix
(cherry picked from commit 210a43ebeb)
* Handle dnf immutable mutable datatypes
In DNF < 3.0 are lists, and modifying them works
In DNF >= 3.0 < 3.6 are lists, but modifying them doesn't work
In DNF >= 3.6 have been turned into tuples, to communicate that
modifying them doesn't work
Further explanation of this is available via Adam Williamson from
the Fedora QA Team.
https://www.happyassassin.net/2018/06/27/adams-debugging-adventures-the-immutable-mutable-object/
Signed-off-by: Adam Miller <admiller@redhat.com>
(cherry picked from commit 70025e7b56)
* add backport changelog
Signed-off-by: Adam Miller <admiller@redhat.com>
* mail: Fix regression when sending mail without SSL (v2.7)
When this module was refactored in #37098 the non-SSL use-case was broken.
The main cause is that we have no way to do integration tests for testing SMTP.
This is a back-port to v2.7 of #46403
* Add changelog fragment
Set _notified_handlers for the task's _uuid that is run as a handler
Fix#47287
(cherry picked from commit 6497049)
Co-authored-by: Pablo <pablorf.dev@outlook.com>
* Fix prompt mismatch issue for ios
Fixes#40884#44463
* If the command prompt is matched check if data is
still pending to be read from buffer.
* This fix adds a new timer `buffer_read_timeout`
which will be trigerred after command prompt
is matched and data is attempted to be read from channel.
If not data is present of channel the timer will expire
and response we be returned to calling function.
* Fix unit test failure
* Update to make buffer timeout float
* Update doc and fix review comment
* Fix CI issues
* Update doc
* Fix review comments
* Update changelog
(cherry picked from commit 335a979f1d)
* yum/dnf: fail when space separated string of names (#47109)
* yum/dnf: fail when space separated string of names
* Groups allow spaces in names
(cherry picked from commit e8b6864e21)
* Add changelog
* Fix AWS EC2 inventory plugin caching of groups
* Added changelog fragment for aws_ec2 caching fix
* Store the AWS query results
The underlying inventory object contains inventory from other sources,
so caching it as ours would be wrong.
It seems easiest and safest to just cache the boto query results
instead.
* Remove unused functions
(cherry picked from commit 7ba09adee1)
* Documentation for docker_container: fix documentation for memory_swappiness. Default value will not equal 0, it will be inherited from the host machine (#47296)
(cherry picked from commit 4c2efa4b67)
* Add changelog.
* [2.7] Update some cliconf plugins (#47141)
* Add `check_all` to many community cliconf plugins
(cherry picked from commit 7844a40)
Co-authored-by: Nathaniel Case <this.is@nathanielca.se>
* Add changelog entry
Andrea Tartaglia