Fixes#40650Fixes#40245Fixes#41541
* Refactor netconf_config module as per proposal #104
* Update netconf_config module metadata to core network supported
* Refactor local connection to use persistent connection framework
for backward compatibility
* Update netconf connection plugin configuration varaibles (Fixes#40245)
* Add support for optional lock feature to Fixes#41541
* Add integration test for netconf_config module
* Documentation update
* Move deprecated options in netconf_config module
* restore task arg splatting
* reverts #41804
* supersedes #41295
* fixes#42192
* after lots of discussion amongst the core team, we decided to preserve this feature, clarify the runtime warnings/docs, and prioritize a path toward fixing the underlying behavior that causes this feature to be insecure (un-namespaced facts).
* update faq text
note that warning is disabled when inject_facts_as_vars is
* wordsmithing FAQ entry
The "viewdocs" target was removed in
0381bc170c681b6ea8a94467c62e0694e3d9029d; running "make webdocs" gets
you the output for initial testing purposes.
* Remove use of simplejson throughout code base. Fixes#42761
* Address failing tests
* Remove simplejson from contrib and other outlying files
* Add changelog fragment for simplejson removal
Example instantiates an AnsibleError which derives from Exception but doesn't actually raise it like intended. This is misleading as it's not clear without examining the code for AnsibleError to know that it's not some function which would raise the exception automatically.
Only print warning when ansible.cfg is actually skipped
* Also add unittests for the find_ini_config_file function
* Add documentation on world writable current working directory
config files can no longer be loaded from a world writable current
working directory but the end user is allowed to specify that
explicitly. Give appropriate warnings and information on how.
Fixes#42388
* Update troubleshooting doc for command timeout
* Update timeout document to reflect the new way to set
command timeout per task basis for network_cli and netconf
connection type as per PR #42847
* Fix CI failure
* Fix review comment
* Fix typo in doc
* Implement initial RouterOS support
* Correct matchers for license prompts
* Documentation updates & mild refactor
* Remove one last Cisco function
* Sanity test fixes
* Move imports to the beginning
* Remove authorize property
* Handle ANSI codes
* Revert to_lines function
* CR fixes
* test(routeros): add unit tests
* Added another test (with ANSI colors and banner in fixture).
* Ignore CRLF line endings in system_package_print file
* fix: review by ganeshrn
Now that we don't need to worry about python-2.4 and 2.5, we can make
some improvements to the way AnsiballZ handles modules.
* Change AnsiballZ wrapper to use import to invoke the module
We need the module to think of itself as a script because it could be
coded as:
main()
or as:
if __name__ == '__main__':
main()
Or even as:
if __name__ == '__main__':
random_function_name()
A script will invoke all of those. Prior to this change, we invoked
a second Python interpreter on the module so that it really was
a script. However, this means that we have to run python twice (once
for the AnsiballZ wrapper and once for the module). This change makes
the module think that it is a script (because __name__ in the module ==
'__main__') but it's actually being invoked by us importing the module
code.
There's three ways we've come up to do this.
* The most elegant is to use zipimporter and tell the import mechanism
that the module being loaded is __main__:
* 5959f11c9d/lib/ansible/executor/module_common.py (L175)
* zipimporter is nice because we do not have to extract the module from
the zip file and save it to the disk when we do that. The import
machinery does it all for us.
* The drawback is that modules do not have a __file__ which points
to a real file when they do this. Modules could be using __file__
to for a variety of reasons, most of those probably have
replacements (the most common one is to find a writable directory
for temporary files. AnsibleModule.tmpdir should be used instead)
We can monkeypatch __file__ in fom AnsibleModule initialization
but that's kind of gross. There's no way I can see to do this
from the wrapper.
* Next, there's imp.load_module():
* https://github.com/abadger/ansible/blob/340edf7489/lib/ansible/executor/module_common.py#L151
* imp has the nice property of allowing us to set __name__ to
__main__ without changing the name of the file itself
* We also don't have to do anything special to set __file__ for
backwards compatibility (although the reason for that is the
drawback):
* Its drawback is that it requires the file to exist on disk so we
have to explicitly extract it from the zipfile and save it to
a temporary file
* The last choice is to use exec to execute the module:
* https://github.com/abadger/ansible/blob/f47a4ccc76/lib/ansible/executor/module_common.py#L175
* The code we would have to maintain for this looks pretty clean.
In the wrapper we create a ModuleType, set __file__ on it, read
the module's contents in from the zip file and then exec it.
* Drawbacks: We still have to explicitly extract the file's contents
from the zip archive instead of letting python's import mechanism
handle it.
* Exec also has hidden performance issues and breaks certain
assumptions that modules could be making about their own code:
http://lucumr.pocoo.org/2011/2/1/exec-in-python/
Our plan is to use imp.load_module() for now, deprecate the use of
__file__ in modules, and switch to zipimport once the deprecation
period for __file__ is over (without monkeypatching a fake __file__ in
via AnsibleModule).
* Rename the name of the AnsiBallZ wrapped module
This makes it obvious that the wrapped module isn't the module file that
we distribute. It's part of trying to mitigate the fact that the module
is now named __main)).py in tracebacks.
* Shield all wrapper symbols inside of a function
With the new import code, all symbols in the wrapper become visible in
the module. To mitigate the chance of collisions, move most symbols
into a toplevel function. The only symbols left in the global namespace
are now _ANSIBALLZ_WRAPPER and _ansiballz_main.
revised porting guide entry
Integrate code coverage collection into AnsiballZ.
ci_coverage
ci_complete
* Support multi-doc yaml in the from_yaml filter
* Most automatic method of handling multidoc
* Only use safe_load_all
* Implement separate filter
* Update plugin docs and changelog
* Update Shippable integration test groups.
* Update integration test group aliases.
* Rebalance AWS and Azure tests with extra group.
* Rebalance Windows tests with another group.
* win_chocolatey: refactor module to fix bugs and add new features
* Fix some typos and only emit install warning not in check mode
* Fixes when testing out installing chocolatey from a server
* Added changelog fragment
* Enable check_mode in command module
This only works if supplying creates or removes since it needs
something to base the heuristic off. If none are supplied it will just
skip as usual.
Fixes#15828
* Add documentation for new check_mode behavior
<!--- Your description here -->
The example has:
`{{ 'Some DNS servers are 8.8.8.8 and 8.8.4.4' | regex_findall('\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b') }}`
It needs be double backslashes to escape the backslashes:
`{{ 'Some DNS servers are 8.8.8.8 and 8.8.4.4' | regex_findall('\\b(?:[0-9]{1,3}\\.){3}[0-9]{1,3}\\b') }}`
+label: docsite_pr
* Update Openstack dynamic inventory link
* Add note for change of script name
* Change name of script to prevent Python module import errors.
Fixes#41562
* First pass at making 'private' work on include_role, imports are always public
* Prevent dupe task execution and overwriting handlers
* New functionality will use public instead of deprecated private
* Add tests for public exposure
* Validate vars before import/include to ensure they don't expose too early
* Add porting guide docs about public argument and change to import_role
* Add additional docs about public and vars exposure to module docs
* Insert role handlers at parse time, exposing them globally
* VMware: Remove VM using vmware_guest
This adds scenario guide for removing VM using vmware_guest module.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* code review comments
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* inventory plugin docs
* added set options
* minor wording and formatting fixes
* changed headers to std as per #35520, also added to main readme
* unified inventory plugin devel, referenced from generic plugin dev
* fixed typos and update as per feedback
Fixes#37262Fixes#36284
* Updates options in netconf connection to enable
bastion/jump host setting using configuration/enviornment
varaibles.
* Update troubleshooting docs from using bastion host with netconf
connection
* Revert "Account for empty string regexp in lineinfile (#41451)"
This reverts commit 4b5b4a760c.
* Use context managers for interacting with files
* Store line and regexp parameters in a variable
* Add warning when regexp is an empty string
* Remove '=' from error messages
* Update warning message and add changelog
* Add tests
* Improve warning message
Offer an equivalent regexp that won't trigger the warning.
Update tests to match new warning.
* Add porting guide entry for lineinfile change
* runas + async - get working on older hosts
* fixed up sanity issues
* Moved first task to end of test for CI race issues
* Minor change to async test to be more stable, change to runas become to not touch the disk
* moved async test back to normal spot
This commit: fa5c0282a4 relied upon
features present in Jinja-2.10 and above. The changes here allow us to
build the *rst* with older versions of jinja2.
* add a third way to disable cows
Cows are great, but there's a third way to disable. I'm sure my RST markup can be improved.
* oops, actually in ansible.cfg
While the HTML produced is perfectly valid, without the `trim` filter,
a lot of warnings are emitted (700 lines of warnings out of 2812 are
eliminated by this change)
Read the Docs moved hosting to readthedocs.io instead of
readthedocs.org. Fix all links in the project.
For additional details, see:
https://blog.readthedocs.com/securing-subdomains/
> Starting today, Read the Docs will start hosting projects from
> subdomains on the domain readthedocs.io, instead of on
> readthedocs.org. This change addresses some security concerns around
> site cookies while hosting user generated data on the same domain as
> our dashboard.
Documented procedure to handle package dependencies required by
packages which are Ansible dependencies.
Fixes: #30732Fixes: #16571
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Add docs detailing how to convert many with_X style loops to use loop and filters. Fixes#40727
* Switch lookup used in query vs lookup comparison, to not recommend use of nested lookup
* Improve docs based on feedback
Address Firefox table-rendering issues in docs. Refactor to use colspan to provide table cells which can vary in width and indentation; the outermost has the greatest colspan, and each nested key has a colspan of one less than the parent, with padding cells for indentation.
Apply styling to table cells to get the table height to work without hacks or browser-specific
styling. Simplify the markup and CSS by removing extra divs. Use two passes over the options, return values, and return facts in the Jinja2 module-docs template: one to determine the maximum nesting depth to compute the maximum colspan needed, plus one to lay out the rows.
* Move k8s modules to dynamic backend
* update required openshift version
* update -> patch
* use new dynamic client exceptions
* style
* guard urllib3 import
* guard ansibleerror import
* give more information about error cause
* format in variable
* style
* rename tests
* Search for provided kind in a few more places to match old behavior, properly handle failure
* make common code use fail instead of fail_json, to work for lookup plugins as well
* update docs
* move openshift_raw tests into k8s tests
* fix typo
* Use diff of response and resource to determine change, don't do any checking client-side before making requests
* remove duplicate yaml blocks
* Update porting guide for k8s module
* remove invalid doc refs
* If fuzzy searching finds a resource, update resource_definition to match proper kind and version
* remote unsupported openshift_raw variables
* properly check environment variables when determining auth method:
* Add a 'machinectl shell' become_method
* docs: add explanations for the machinectl become_method
* docs: machinectl become_method: specify this part is specific to Linux+systemd setups
This Makefile uses non-standard constructs. As such it can only be
parsed by GNU make, which is often installed as 'gmake' instead of
'make'. Using $(MAKE) ensures the same version of make gets called that
is used to execute the top level.
OpenBSD comes with its own encryption utility as well, which must be run on the password text `encrypt <password>`. following the code block above, i just included the base command in the code block. I wasn't quite sure where to add my change, so I put it at the bottom of the section since the rest all flows well together.
+label: docsite_pr
* Docs - add shared snippet note about password prompts for ssh keys
Signed-off-by: Adam Miller <admiller@redhat.com>
* add note to ssh connection plugin, fix markup, fix typo
Signed-off-by: Adam Miller <admiller@redhat.com>
* * Memset:
* module_utils and associated documentation.
* module to manage DNS zones.
* integration tests to run against Memset's API.
* * memset.py:
* remove import of requests from memset.py in favour of internal Ansible modules.
* import necessary Ansible modules for request and response handling.
* create a response object in order to retain a stable interface to memset_api_call from existing modules.
* rework memset_api_call to remove requests.
* memset_zone.py:
* improve short description to be more verbose.
* ensure all imports directly follow documentation.
* remove any reference to requests.
* correct keyerror carried over from elsewhere.
* remove dependency on requests from documentation string
* disable integration tests until we have a cleanup method available
* HTTPAPI connection
* Punt run_commands to cliconf or httpapi
* Fake enable_mode on eapi
* Pull changes to nxos
* Move load_config to edit_config for future-preparedness
* Don't fail on lldp disabled
* Re-enable check_rc on nxos' run_commands
* Reorganize nxos httpapi plugin for compatibility
* draft docs for connection: httpapi
* restores docs for connection:local for eapi
* Add _remote_is_local to httpapi
* Change behavior to behaviour
- use existing fact to get hash setting rather than shell task
- fix code highlighting syntax in playbooks_variables.rst
* Re-wrote intro section; this entire topic needs a clean-up/rewrite.
* Set src in the state functions rather than the toplevel
A good API should only require passing one version of a piece of data
around so do that for src
* Move the rewriting of path into additional_parameter_handling
When the path is a directory we can rewrite the path to be a file inside
of the directory
* Emit a warning when src is used with a state where it should be ignored
* Update structure to include file extensions
It is not clear to novice users that the host/group_vars files should be yaml files. This highlights that IMHO a bit more clearer.
* pluralize
* Treat C(...) as inline literal (as opposed to interpreted text).
* Making test for true and false more precise, to avoid matching 1, 1.0, etc.
* The 'is sameas' test already takes care of definedness.
ARA is an Ansible callback that records playbook run data in a local
or remote database. This data is exposed through a CLI client as well
as a reporting web application.
* Allow subspec defaults to be processed when the parent argument is not supplied
* Allow this to be configurable via apply_defaults on the parent
* Document attributes of arguments in argument_spec
* Switch manageiq_connection to use apply_defaults
* add choices to api_version in argument_spec
* base64 filter: Added ability to specify encoding
* Added unicode chars for further testing
* Removed errors to keep previous behaviour in place
* Removed surrogate pairs due to issues loading YAML in CI
* Initial commit
Query an organization within Meraki. No support is in place for managing
or creating yet
* Change output_level method and make the state parameter required.
* Implemented listing all organizations
- Updated documentation
- Parse results and return all organizations
- Parse results and return specified organization
* Framework for creating an organization
- Documentation example for organization creation
- Framework exists for creating organizations, pending PR 36809
- Created functions for HTTP calls
- Renamed from dashboard.meraki.com to api.meraki.com
- Added required_if for state
* Remove absent state
- Meraki API does not support deleting an organization so absent is removed
- Updated documentation to call it state instead of status
* Small change to documentation
* Support all parameters associated to organization
- Added all parameters needed for all organization actions.
- None of the added ones work at this time.
- Added documentation for clone.
* Integration test for meraki_organization module
* Rename module to meraki for porting to module utility
* Meraki documentation fragment
- Created initial documentation fragment for Meraki modules
* Add meraki module utility to branch. Formerly was on a separate branch.
* CRU support for Meraki organization module
* CRU is supported for Meraki organizations
* There is no DELETE function for organizations in the API
* This code is very messy and needs cleanup
* Create and Update actions don't show status as updated, must fix
* Added Meraki module utility to module utility documentation list
* Added support for organization cloning
* Renamed use_ssl to use_https
* Removed define_method()
* Removed is_org()
* Added is_org_valid() which does all org sanity checks
* Fixes for ansibot
- Changed default of use_proxy from true to false
- Removed some commented out code
- Updated documentation
* Changes for ansibot
- Removed requirement for state parameter. I may readd this.
- Updated formatting
diff --git a/lib/ansible/module_utils/network/meraki/meraki.py b/lib/ansible/module_utils/network/meraki/meraki.py
index 3acd3d1038..395ac7c4b4 100644
--- a/lib/ansible/module_utils/network/meraki/meraki.py
+++ b/lib/ansible/module_utils/network/meraki/meraki.py
@@ -42,7 +42,7 @@ def meraki_argument_spec():
return dict(auth_key=dict(type='str', no_log=True, fallback=(env_fallback, ['MERAKI_KEY'])),
host=dict(type='str', default='api.meraki.com'),
name=dict(type='str'),
- state=dict(type='str', choices=['present', 'absent', 'query'], required=True),
+ state=dict(type='str', choices=['present', 'absent', 'query']),
use_proxy=dict(type='bool', default=False),
use_https=dict(type='bool', default=True),
validate_certs=dict(type='bool', default=True),
diff --git a/lib/ansible/modules/network/meraki/meraki_organization.py b/lib/ansible/modules/network/meraki/meraki_organization.py
index 923d969366..3789be91d6 100644
--- a/lib/ansible/modules/network/meraki/meraki_organization.py
+++ b/lib/ansible/modules/network/meraki/meraki_organization.py
@@ -20,11 +20,9 @@ short_description: Manage organizations in the Meraki cloud
version_added: "2.6"
description:
- Allows for creation, management, and visibility into organizations within Meraki
-
notes:
- More information about the Meraki API can be found at U(https://dashboard.meraki.com/api_docs).
- Some of the options are likely only used for developers within Meraki
-
options:
name:
description:
@@ -32,21 +30,18 @@ options:
- If C(clone) is specified, C(name) is the name of the new organization.
state:
description:
- - Create or query organizations
- choices: ['query', 'present']
+ - Create or modify an organization
+ choices: ['present', 'query']
clone:
description:
- Organization to clone to a new organization.
- type: string
org_name:
description:
- Name of organization.
- Used when C(name) should refer to another object.
- type: string
org_id:
description:
- ID of organization
-
author:
- Kevin Breit (@kbreit)
extends_documentation_fragment: meraki
@@ -86,7 +81,6 @@ RETURN = '''
response:
description: Data returned from Meraki dashboard.
type: dict
- state: query
returned: info
'''
@@ -103,6 +97,7 @@ def main():
argument_spec = meraki_argument_spec()
argument_spec.update(clone=dict(type='str'),
+ state=dict(type='str', choices=['present', 'query']),
)
@@ -125,11 +120,9 @@ def main():
meraki.function = 'organizations'
meraki.params['follow_redirects'] = 'all'
- meraki.required_if=[
- ['state', 'present', ['name']],
- ['clone', ['name']],
- # ['vpn_PublicIP', ['name']],
- ]
+ meraki.required_if = [['state', 'present', ['name']],
+ ['clone', ['name']],
+ ]
create_urls = {'organizations': '/organizations',
}
@@ -162,23 +155,16 @@ def main():
-
- # method = None
- # org_id = None
-
-
- # meraki.fail_json(msg=meraki.is_org_valid(meraki.get_orgs(), org_name='AnsibleTestOrg'))
-
if meraki.params['state'] == 'query':
- if meraki.params['name'] is None: # Query all organizations, no matter what
- orgs = meraki.get_orgs()
- meraki.result['organization'] = orgs
- elif meraki.params['name'] is not None: # Query by organization name
- module.warn('All matching organizations will be returned, even if there are duplicate named organizations')
- orgs = meraki.get_orgs()
- for o in orgs:
- if o['name'] == meraki.params['name']:
- meraki.result['organization'] = o
+ if meraki.params['name'] is None: # Query all organizations, no matter what
+ orgs = meraki.get_orgs()
+ meraki.result['organization'] = orgs
+ elif meraki.params['name'] is not None: # Query by organization name
+ module.warn('All matching organizations will be returned, even if there are duplicate named organizations')
+ orgs = meraki.get_orgs()
+ for o in orgs:
+ if o['name'] == meraki.params['name']:
+ meraki.result['organization'] = o
elif meraki.params['state'] == 'present':
if meraki.params['clone'] is not None: # Cloning
payload = {'name': meraki.params['name']}
@@ -193,7 +179,10 @@ def main():
payload = {'name': meraki.params['name'],
'id': meraki.params['org_id'],
}
- meraki.result['response'] = json.loads(meraki.request(meraki.construct_path('update', org_id=meraki.params['org_id']), payload=json.dumps(payload), method='PUT'))
+ meraki.result['response'] = json.loads(meraki.request(meraki.construct_path('update',
+ org_id=meraki.params['org_id']),
+ payload=json.dumps(payload),
+ method='PUT'))
diff --git a/lib/ansible/utils/module_docs_fragments/meraki.py b/lib/ansible/utils/module_docs_fragments/meraki.py
index e268d02e68..3569d83b99 100644
--- a/lib/ansible/utils/module_docs_fragments/meraki.py
+++ b/lib/ansible/utils/module_docs_fragments/meraki.py
@@ -35,6 +35,7 @@ options:
description:
- Set amount of debug output during module execution
choices: ['normal', 'debug']
+ default: 'normal'
timeout:
description:
- Time to timeout for HTTP requests.
diff --git a/test/integration/targets/meraki_organization/aliases b/test/integration/targets/meraki_organization/aliases
new file mode 100644
index 0000000000..ad7ccf7ada
--- /dev/null
+++ b/test/integration/targets/meraki_organization/aliases
@@ -0,0 +1 @@
+unsupported
* Formatting fix
* Minor updates due to testing
- Made state required again
- Improved formatting for happier PEP8
- request() now sets instance method
* Fix reporting of the result
* Enhance idempotency checks
- Remove merging functionality as the proposed should be used
- Do check and reverse check to look for differences
* Rewrote and added additional integration tests. This isn't done.
* Updated is_update_required method:
- Original and proposed data is passed to method
- Added ignored_keys list so it can be skipped if needed
* Changes per comments from dag
- Optionally assign function on class instantiation
- URLs now have {} for substitution method
- Move auth_key check to module utility
- Remove is_new and get_existing
- Minor changes to documentation
* Enhancements for future modules and organization
- Rewrote construct_path method for simplicity
- Increased support for network functionality to be committed
* Changes based on Dag feedback and to debug problems
* Minor fixes for validitation testing
* Small changes for dag and Ansibot
- Changed how auth_key is processed
- Removed some commented lines
- Updated documentation fragment, but that may get reverted
* Remove blank line and comment
* Improvements for testing and code simplification
- Added network integration tests
- Modified error handling in request()
- More testing to come on this
- Rewrote construct_path again. Very simple now.
* Remove trailing whitespace
* Small changes based on dag's response
* Removed certain sections from exit_json and fail_json as they're old
* Adding initial skeleton of VMWare docs
* Updated product name capitaliztion; ready for initial PR.
* Add few files and updated some links
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Fixed duplicate anchor tag
Updated GitHub Repos section to better explain what ansible-network@redhat.com is for (not an email list, but adding to the network-automation github repo.
* should not need <>, but fails without
* adds anchor to keywords page, uses it on plugins pages
* fixes envvar link errors
* harmonize file name and ref name as python_3
* removes undefined-lable from ignore list
* Update the documentation to list Python 3 as official
* Add some reference targets for inventory variables so we can link to docs
* Add a platform FAQ section
Populate it with
* virtualenv info (previously on the python3 support page)
* BSD (Link to the working with BSD page)
* Solaris (Document how to work around the non-POSIX shell on some
Solaris hosts)
Fixes#21594
* Fix some refs in the release_and_maintenance document
* Fix unindent error in module template
Fix for the module/plugin template unintentionally unindented inside of
a raw block, leading to errors like:
ERROR: docs/docsite/rst/modules/redshift_facts_module.rst:289:0: Explicit markup ends without a blank line; unexpected unindent.
* Make wording for Solaris troubleshooting better.
The big one is that we needed to set plugin_type when we processed the by_support template.
Also added to list_of_CATEGORY_plugins page (which might not be used)
and corrected a place where I did module_name instead of name_module
The regex to find labels inside of angle brackets was not detecting
anything before so I missed all of those.
* Fixed the regex in find-plugin-refs to take care of that.
* Fixed plugin_formatter to emit namespaced labels for the M() macro.
We're porting autogenerated plugin docs so that :ref: targets are
namespaced by plugin type. To do this effectively, we need to know
where all the :ref: targets which refer to the bare plugin names are in
the rst files. This script will find those.
* centralize doc/config plugin lists
also update list for generation in docsite
added note to ensure they are in sync
* updated shell page to list plugins
added some more docs hinting at plugins being configurable
* fix edit link for plugins
The :ref: syntax is for linking to targets which are defined for the
whole document tree. `link`_ is for linking to targets which are inside
of the document. We want the latter for deprecated sections because
otherwise we'd have to create namespaced link targets for them.
Also fix expansion of version a deprecated module will be removed in