* Forgot to pass backend.
* Add changelog.
* Pass on backend from get_fingerprint.
* Handle cryptography backend in get_fingerprint.
(cherry picked from commit a0e5e2e4c5)
With the addition of [a], the minimum openstacksdk version needs to
be bumped to include [b], or the os_network module will return the
error:
TypeError: create_network() got an unexpected keyword argument 'dns_domain'
To handle this, we fail the module if the dns_domain argument is used
and the minimum openstacksdk version for that argument is not met.
[a] 6c74e29618
[b] a3e846e2b9Fixes: #64495Fixes: #64841
* Fixes#66478
* When no quantity is set, then candlepin server usually uses
default value 1. When more quantities are required, then
candlepin server can automatically choose correct minimal
value.
(cherry picked from commit 6f1bb37feb)
Redact GitLab Project variables which might include sensetive information
such as password, api_keys and other project related details.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 84b68aa05f)
* Update user module to support no_log=False. (#66219)
Updates the user module to support pull request #64733. Neither the
update_password or password_lock field contains sensitive information, so
mark them as such.
(cherry picked from commit 40394ed671)
* Backport PR #66219 to support PR #64733
Backport PR #66219 to support the backport of PR #64733
(see: https://github.com/ansible/ansible/pull/66219).
* Delete backport-66219-update-user-module-for-64733.yml
* Update 66219-update-user-module-for-64733.yml
Co-authored-by: Matt Davis <nitzmahone@users.noreply.github.com>
* pmrun - quote success command (#66929)
* Recreate the older behavior where the entire success command was quoted
* Use shlex_quote for a correct fix of this
* Add changelog fragment
(cherry picked from commit fd8eb77cc3)
* Backport of 66929-pmrun-quote-entire-success-command-string
* Update changelog fragment
* Delete 66929-pmrun-quote-entire-success-command-string.yml
Unclear from docs, but this is the devel fragment so removing.
* Update changelog
* Make banner detection non-greedy in ios_banner (#63092)
* Make banner detection non-greedy in ios_banner
* Added ios_banner unit test to detect bug #63091
* Corrected PEP8 errors
* Added integration test
* Corrected typo in integration test
(cherry picked from commit 01a92f0191)
* Added changelog fragment
* Update 66274-ios_banner_nongreedy.yml
Co-authored-by: kalimsshar <34369784+kalimsshar@users.noreply.github.com>
Co-authored-by: Matt Davis <nitzmahone@users.noreply.github.com>
* ovirt_job: add when job is detected but in state finished (#66810)
* ovirt_job: add when job is detected but in state finished
* add docs
* add changelog
* Fix#63077
If the package is already installed the stdout is not as expected by this function. Either remove `--needed` or just noop if we detect pacman returning. We cannot match the stdout string, as that is most likely localized.
```
[root@archBook user]# /usr/bin/pacman --upgrade --noconfirm --noprogressbar --needed /srv/aur/src/i3cat-git/i3cat-git-r38.c6d29dd-1-x86_64.pkg.tar.xz
loading packages...
warning: i3cat-git-r38.c6d29dd-1 is up to date -- skipping
there is nothing to do
```
* Add comment
Add comment
* Add changelog fragment.
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 14b1febf64)
Co-authored-by: Klaus Frank <agowa338@users.noreply.github.com>
Add integration test
There are a number of other parameters that result in stack traces as well when this module is used ad-hoc. I'm not sure if we're interested in fixing them all since this module isn't meant to be run ad-hoc.
(cherry picked from commit cc2376b782)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* throttle tests: fix detection of parallel execution
The test wasn't able to detect if too many workers were running.
On my laptop:
- without this change, the 'throttle' target takes ~20 seconds
- with this change, the 'throttle' target takes ~70 seconds
- 1 second isn't long enough to encounter the issue
* Fix throttle test when strategy is 'free' based
'free' strategy allows multiple tasks to be executed in parallel: use
one 'throttledir' per task.
Use 'linear' strategy with a dedicated play for cleanup/setup tasks
* throttle: reset worker idx before queuing a new task
* TestStrategyBase: define task.throttle
otherwise '1' will be used instead of the default value due to the
following expression being equal to '1':
int(templar.template(task_mock.throttle))
Co-authored-by: James Cammarata <jimi@sngx.net>
(cherry picked from commit bbbdc1c25c)
* Fix fact gathering for sensor-groups (#66439)
(cherry picked from commit 5c158755fc)
Add changelog for nxos_telemetry fix
* Update 66439_fix_nxos_telemetry_facts.yaml
Co-authored-by: Mike Wiebe <mwiebe@cisco.com>
Co-authored-by: Matt Davis <nitzmahone@users.noreply.github.com>
On Python 2, leave all fds open since there is no mechanism to close specific fds with subprocess.Popen() on Python 2
Add unit tests.
Co-authored-by: Matt Martz <matt@sivel.net>
(cherry picked from commit 617fbad743)
Co-authored-by: Sam Doran <sdoran@redhat.com>
Fixes#66263
Signed-off-by: Adam Miller <admiller@redhat.com>
(cherry picked from commit 077a8b4898)
Co-authored-by: Adam Miller <admiller@redhat.com>
Co-authored-by: Adam Miller <admiller@redhat.com>
* Add integration tests
* Handle error in _get_diff_data()
* Change to warning rather than error
* Also change failure to warning in assemble action plugin
(cherry picked from commit 9b7198d25e)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* Add constraint for Jinja2 on Python 2.6.
* Fix constraint in inventory_aws_conformance test.
* Add constrraints for template_jinja2_latest test.
(cherry picked from commit 965854fbd2)
Co-authored-by: Matt Clay <matt@mystile.com>
Fixes#66549
The inefficiency improvement
https://github.com/ansible/ansible/pull/63713 introduced a bug where
`enablerepo` was not being honored if combined with
`disablerepo="*"`. This fixes that issue.
Signed-off-by: Adam Miller <admiller@redhat.com>
(cherry picked from commit 22fe22f796)
Co-authored-by: Adam Miller <admiller@redhat.com>
Co-authored-by: Adam Miller <admiller@redhat.com>
* Add test constraint for setuptools.
* Update pip test to work on centos6 container.
(cherry picked from commit 51e5b714e0)
Co-authored-by: Matt Clay <matt@mystile.com>
* Fix iosxr netconf plugin get device info
Fixes https://github.com/ansible/ansible/issues/64634
* Catch execption if the xml payload to get
device info is not valid for iosxr version
running on remote host.
* Fix CI issue
(cherry picked from commit 3919a891c2)
* Fix netconf plugin related to collections
Fixes#65655 (partly)
* Make netconf plugins configurable so that the
information of ncclient device handler
for give platform resides in the platform
specific netconf plugin.
* If the device handler value in ncclient is
different from the ansible_network_os value
the right value of `ncclient_device_handler`
should be set in the plugin documentation.
* Fix review comments
* Fix CI issue
* Fix review comment
(cherry picked from commit 1cfab26fab)
Fix to nxos_vrf purge breaks with empty aggregate (#66004)
* resolving conflicts
* fixed issue with purge and state var. fixed space issue with vrf name
* lint issues
(cherry picked from commit a3d67edfca)
Add changelog for nxos_vrf fix
* Fix network action plugin load in collection
Fixes https://github.com/ansible/ansible/issues/65071
* Load network action plugin that matches the module
prefix name from list of collections.
* Update changelog
* Fix unit test
(cherry picked from commit 74e9b1e219)
pacman output is localized and the Ansible module is parsing its output.
So, we need to force the locale.
Add changelog fragment
Fixes#65237
(cherry picked from commit 10b6038e21)
* yum - only instantiate YumBase once
Previously, this code was re-instantiating the `YumBase` object
many times which is unnecessary and slow. However, we must do it
twice in the `state: absent` case because the `yumSack` and
`rpmSack` data of the previously instantiated object becomes
invalid and is no longer useful post transaction when we verify
that the package removal did in fact take place. Also, this patch
removes the repetitive re-processing of enable/disable of repos in
various places.
Here's a display of the speed increase against a RHEL7 host:
```yaml
- hosts: rhel7
remote_user: root
tasks:
- name: Install generic packages
yum:
state: present
name:
- iptraf-ng
- screen
- erlang
- name: Remove generic packages
yum:
state: absent
name:
- iptraf-ng
- screen
- erlang
```
Before this patch:
```
real 0m52.728s
user 0m5.645s
sys 0m0.482s
```
After this patch:
```
real 0m17.139s
user 0m3.238s
sys 0m0.277s
```
Fixes#63588Fixes#63551
Signed-off-by: Adam Miller <admiller@redhat.com>
* add changelog
Signed-off-by: Adam Miller <admiller@redhat.com>
* Allow updating of ec2_group rules with EC2 classic ELB targets
Fix regression introduced in #45296 with EC2 Classic SGs
Fixes: #57247
Also add (unsupported) ec2 classic test suite with test case for this scenario
* move ec2 classic tests to conditional within ec2_group target
* clean up ec2_classic tests
* ec2_classic account can't run most ec2_group tests
* Use correct var, move cleanup for async
* Add changelog and tests. Fixes#65393. Fixes#65277.
* Kill off all long running async tasks from listen_ports_facts
* Update task to work with older jinja2
(cherry picked from commit 03a4edb)
Co-authored-by: Matt Martz <matt@sivel.net>
* Simply sorting of Windows files below other plugin types
Using the sort method with a custom key function uses less memory than creating multiple lists then joining them.
This seemed to be an acceptable use of a lamdba, even though I geneally try to avoid them.
* Fix sorting of plugins inside of collections
Explicitly sort Windows files below others, mimicking what we do in plugin/loader.py
* Add documentation about ansible.builtin and ansible.legacy
Also document to the two different methods used for searching based on the candidate type.
* Add changelog
* Add integration test
* Update comment with expected sort order
(cherry picked from commit 6f76a48f59)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* Add aws elb multiple host header support (#65021)
* Add support for aws elbv2 multiple host header actions
* Add example of multiple host header
* Add test for multiple host headers
* Add missing quote
* Update test/integration/targets/elb_application_lb/tasks/test_modifying_alb_listeners.yml
Co-Authored-By: Jill R <4121322+jillr@users.noreply.github.com>
* Update test/integration/targets/elb_application_lb/tasks/test_modifying_alb_listeners.yml
Co-Authored-By: Jill R <4121322+jillr@users.noreply.github.com>
* Remove debug statements
(cherry picked from commit d52af75c68)
* elbv2 - print() statement results an task failure, even if the task itself was successfull (#65183)
(cherry picked from commit cba9abcbec)
* Add changelog fragment.
* Update changelogs/fragments/65021-65183-elb-bugs.yml
* Force values to be sorted when compared. (#65315)
* Force values to be sorted when compared.
This avoids problems where lists of values could be generated in
indeterminate order.
* Update lib/ansible/module_utils/aws/elbv2.py
Thank you felixfontein, sorry I missed this detail.
Co-Authored-By: Felix Fontein <felix@fontein.de>
(cherry picked from commit 777b6d3e30)
* Update changelog.
Co-authored-by: Michael Mayer <mjmayer@gmail.com>
Co-authored-by: Markus Bergholz <markuman@gmail.com>
Co-authored-by: roberbri <roberbri@cisco.com>
* Fix RuntimeError in ec2_group_info (#65434)
Modifying dictionary while iterating over it
* Fix ec2 filter dict iteration for python3.8 (#65521)
Python now throws a RuntimeError if dict keys are modified mid-iteration.
https://bugs.python.org/issue36452
Cast filter dicts to list before iteration.
Fixes: 65024
Related: 65434
* Backport of 65434, 65521 to address ec2 filter dictionary iteration on Py3.8
https://bugs.python.org/issue36452
* spell changelog entry correctly
Co-authored-by: Aaryn <10469251+arin-c@users.noreply.github.com>
* The become method name check is not required in network_cli
as the become command is specific to platform and is implemented
in the platform specific terminal plugins
(cherry picked from commit ff5253fa0e)
* Fix action plugin issue with network connection type in common collection (#65078)
* Fix action plugin isse with network connection type in common collection
* For network connection in common collection the value of
ansible_connection is the FQCN of the connection type
For example ansible_connection=network.common.network_cli
* Add fix in supported network action plugins to extract
the connection name from FQCN
* Fix CI issue
* Fix review comments and update community network action plugins
(cherry picked from commit 2ef47148cd)
* Fix CI failures
* mysql: add changelog fragment for PR 64585 (#65594)
* mysql: add changelog fragment for PR 64585
* change fragment name and bug description
(cherry picked from commit 85486b1ce4)
* Don't return module error when mysql_connect fails (#64560) (#64585)
* Don't return module error when mysql_connect fails (#64560)
mysql_user expects an Exception when using check_implicit_admin.
* Adds integration tests for mysql_user check_implicit_admin (#64560)
(cherry picked from commit 47aea84924)
* remove tests
Co-authored-by: Jürgen Hötzel <juergen@hoetzel.info>
self._get_user_property returns a string, so when doing a comparison
using this value, cast the second variable to a string so that the
comparison behaves correctly
* Add changelog
* Add to_text import
* Add integration test.
(cherry picked from commit c73288ad53)
Co-authored-by: John Chen <kryptonite303@users.noreply.github.com>
* Make docker_stack adhere to standard return values
The names of the various fields returned from ansible modules are e.g defined here https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#msg.
Adhering to this improves usability and makes use of functionality for e.g stdout_lines etc.
* Update lib/ansible/modules/cloud/docker/docker_stack.py
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Fix under-indentation of continuation line (pep8)
Issue exposed in test here https://app.shippable.com/github/ansible/ansible/runs/146667/1/console
* Don't break old playbooks/roles
Made sure the changes are only adding new variables, not removing anything existing yet.
* Added comment
* Minor fixes
* Update lib/ansible/modules/cloud/docker/docker_stack.py
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Update lib/ansible/modules/cloud/docker/docker_stack.py
Co-Authored-By: Felix Fontein <felix@fontein.de>
* minor change to docker_stack.py
* Add changelog fragment for PR 63467
* Format changelog fragment
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Add fragment about docker_stack return val depr
* Add docker_stack doc note about deprecated vals
* Remove whitespace in empty line
* Add docker_stack depr notice to porting guide
* Update changelogs/fragments/63467-docker-stack-return-fix.yml
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Update docs/docsite/rst/porting_guides/porting_guide_2.10.rst
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Update lib/ansible/modules/cloud/docker/docker_stack.py
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Added back a missing new line
(cherry picked from commit a5d69f2a26)
* Ensure `allow_duplicates: true` enables to run single role multiple times(#64902)
* Changed return value in `_load_roles` . Fixes#64902
* Add changelog fragment
* Add an integration test for the issue
* Fix changelog generation error and integration test.
* Fix yaml syntax error in changelog fragment
(cherry picked from commit daecbb9bf0)
* Fix multiple subnet (of same IP version) idempotence for docker_network.
* Add changelog.
* Unit tests no longer make sense, since the part of the code they test has been removed.
* Re-add CIDR validation. Move it to better position (module setup instead of idempotence check).
* Update changelog.
* Only run new tests on VM test images.
* Actually do what is documented. Especially since an empty object is a valid value for aux_addresses.
(cherry picked from commit 17ef253ad1)
* #65993 - update restart policy (restart policy & restart retries) without restarting the container
* - proper indentation on the continuation-line
- set restart_policy to the correct value independent from the api version
* - move restart_policy definitions into the if block
- add a new variable for the restart_policy configuration value
* add changelog fragment
* typo; minus -> underscore
* rename changelog fragment to contain the correct module name
* rename restart_policy_config_value to just restart_policy and refer to the correct dict values
(cherry picked from commit 02c126f5ee)
* docker_container: wait for removal if removal is in process (#65854)
* Allow to inspect containers directly.
* Wait for containers to be removed before recreating them.
* Also wait for containers to be removed before creating them.
* Add changelog.
(cherry picked from commit 4df5bdb11e)
* Don't wait for removal during check mode. (#66145)
(cherry picked from commit 14e32c85b4)
Although it's not enforced that fail_json['msg'] should be a string
[1], I think it is pretty strongly implied.
In this case the failure_response['msg'] is sent through as the
fail_json['msg'], and the trailing commas here turn it into a tuple.
It's not clear if this is a typo or intended, but it does cause
problems for callbacks that expect this as a string (e.g. [2]).
Since there seems no point to having these values as a tuple, remove
the trailing commas so they return a string as per everywhere else.
[1] 4c589661c2/lib/ansible/module_utils/basic.py (L2078)
[2] https://review.opendev.org/#/c/696081
(cherry picked from commit fc54ae9227)
Since older versions of paramiko do not require cryptography,
we cannot catch the exact exception from cryptography.
Remove other exceptions since we're catching everything now
(cherry picked from commit d35c1a435b)
Co-authored-by: Sam Doran <sdoran@redhat.com>
The check for this parameter was missing from BusyBox.modify_user(), resulting in unexpected password changes to existing user accounts.
(cherry picked from commit 18130e1419)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* Parse Healthcheck.StartPeriod properly
* Add changelog fragment
* Use proper markup in changelog
Co-Authored-By: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit f31b8e08b2)
* Fix nxos_file_copy option value path validation (#65423)
* Fix nxos_file_copy option value path validation
* Modify `local_file`, `local_file_directory` and
`remote_file` option type from `str` to `path`
so that the option value is validated in Ansible
for a legitimate path value
* Fix review comments
(cherry picked from commit 88008badb1)
* Fix review comments
CVE-2019-14904 - solaris_zone module accepts zone name and performs actions related to that.
However, there is no user input validation done while performing actions.
A malicious user could provide a crafted zone name which allows executing commands
into the server manipulating the module behaviour.
Adding user input validation as per Solaris Zone documentation fixes this issue.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 7d2ae7e322)
* DNF Handle Empty AppStream stream definition
Fixes#63683
Signed-off-by: Adam Miller <admiller@redhat.com>
* Switch Fedora dnf test target modularity to stratis
In Fedora 29, the metadata was not properly set for a default stream
for ripgrep even though there is a profile called "default", however
that's an arbitrary string and the module maintainer must set the
default stream (which it never was for the ripgrep module, thus
failing the "empty stream" install test)
Signed-off-by: Adam Miller <admiller@redhat.com>
(cherry picked from commit ed86907587)
Co-authored-by: Adam Miller <admiller@redhat.com>