* fix for when status codes are provided as a comma separated list (#38080)
* fix for when status codes are provided as an array of strings
* convert status codes to int, additional tests
(cherry picked from commit c38617a736)
* Added changelog fragment
* Fix 'New Vault password' on vault 'edit'
ffe0ddea96 introduce a
change on 'ansible-vault edit' that tried to check
for --encrypt-vault-id in that mode. But '--encrypt-vault-id'
is not intended for 'edit' since the 'edit' should always
reuse the vault secret that was used to decrypt the text.
Change cli to not check for --encrypt-vault-id on 'edit'.
VaultLib.decrypt_and_get_vault_id() was change to return
the vault secret used to decrypt (in addition to vault_id
and the plaintext).
VaultEditor.edit_file() will now use 'vault_secret_used'
as returned from decrypt_and_get_vault_id() so that
an edited file always gets reencrypted with the same
secret, regardless of any vault id configuration or
cli options.
Fixes#35834
(cherry picked from commit 6e737c8cb6)
* openssl_certificate: Handle dump() in check_mode (#38386)
Currently, when ones run the module in check_mode it tries to retrieve
values from the actual certificate generated in the generate() function.
Since in check_mode we call dump() without calling generate(), self.cert
is None, leading to self.cert.get_notBefore(), self.cert.get_notAfter()
and self.cert.get_serial_number() raising an error.
> NoneType' object has no attribute 'get_notBefore'
The solution is to have two way to handle dump() method, whether its run
in check_mode=True or check_mode=False leading to different way the
information is retrieved.
(cherry picked from commit 99497ce54c)
* added eos_smoke tests
* removed left over file
* added note to uncomment broken eapi test when #36919 is fixed
* uncommented fixed test, added unbecome test
* skip become tests when connection=local
(cherry picked from commit 712d30f46c)
* Eos :do not push config to device if check_mode is enabled (#37287)
* eos can not check config without config session support
* add testcase for check_mode without config session
* fix eos eapi to read use_session env var
(cherry picked from commit a1026dbce5)
* Backport/2.5/37287 - Eos do not push config is check_mode is enabled
* Close & remove paramiko connection where appropriate (#37528)
* Update unit test
(cherry picked from commit 594840c1d6)
* Put back $PATH checking in ansible-connection call (#37933)
(cherry picked from commit 169209c32a)
* issue:38167 add support for onyx version 3.6.6000 for onyx_linkagg (#38191)
Signed-off-by: Samer Deeb <samerd@mellanox.com>
(cherry picked from commit 72d42bd065)
* fragment
* issue:37307 Add support for changes in pfc output in onyx 3.6.6000 (#37651)
* issue:37307 Add support for changes in pfc output in onyx 3.6.6000
Signed-off-by: Samer Deeb <samerd@mellanox.com>
(cherry picked from commit 9dfb665e43)
* fragment
* issue:37306 Fix issue with vlan support for onyx version 3.6.6000
Signed-off-by: Samer Deeb <samerd@mellanox.com>
(cherry picked from commit a89bafce2e)
* nso_verify handle leaf-list in 4.5 and identityref (#37393)
NSO verify did not handle leaf-list value verification in 4.5 and
later due to changes made for configuration writing made.
map prefix for identityref types in verification.
(cherry picked from commit 6308047dc9)
* Remove timeout
* win_service: fix when dealing with paths with special chars and change WMI to CIM cmdlets (#37897)
* win_service: fix when dealing with paths with special chars and change WMI to CIM cmdlets
* compare username in lowercase for test
(cherry picked from commit f37a44430f)
* Added changelog fragment
* azure_rm_networkinterface: fixed issue when public ip address should not be created (#36824)
* fixed issue when public ip address should not be created
* adding test for public ip address
* fixed samples
* another fix to sample formatting
* fixed test
* fix test
* fixed test
* another attempt to fix test
* maybe it works now
* still wrong
* improved check per customer request
* removed stupid semicolon
* updated test to match main scenario
* changed ip configurations to list
* another attempt
(cherry picked from commit 89401f13f7)
* Added changelog fragment
* Fix redundant yaml error blurbs on ModArgs parse errors
Some of the AnsibleParserErrors from parsing.mod_args
are created with the obj=some_yaml_ds options but
some are not.
If they were, we don't want to add another yaml_ds to
it, because that will result in double yaml error blurbs.
And since we dont need to add info, we can just re raise it.
But if there is no ._obj, add it here so we get the extra
detail in the error message (see issue #14790) and raise
a new AnsibleParserError instance.
Fixes#36848
* cleanup existing test_tasks pep8/sanity issues
(cherry picked from commit e166946a0a)
This fix adds environment variables for connection in vmware_*
modules.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 0ae7a0e88c)
The generated file was completely unusable by the system
therefore the fix which ensures that diffing the file
prior to changes and after only shows diffs
Furthermore the code did not work for Python 3.6
> f.writelines(to_bytes(lines, errors='surrogate_or_strict'))
E TypeError: a bytes-like object is required, not 'int'
The other modifications (lambda variable renaming) is to
comply with default flake8 rules
(cherry picked from commit 612d0d6634)
Fixes#37208
If check_mode is enabled instead of committing th config need to
discard all the chnages to cnadidate db
In case of cli to discard changes issue `rollback 0` command
and for netconf execute `discard-changes` rpc call
(cherry picked from commit 8eaa9cc938)
Fixes#36979
If `abort` is not issued in the top level session prompt
the existing session goes to pending state.
The fix is to come out of config mode by issuing `end` command
and again to same config session and execute `abort` which
`abort` is issued at the top level session prompt.
(cherry picked from commit 017ea018d0)
SGs created when a VPC ID was not specified would not necessarily
get the default egress rule, even when no explicit egress rules
were set.
Add some checks for egress rules in results from existing tests
(cherry picked from commit 98b29f8ad6)
Fixes#35993 - Changes to update_size in commit eb4cc31 made it so
the group dict passed into update_size was not modified. As a result,
the 'replace' call does not see an updated min_size like it previously
did and doesn't pause to wait for any new instances to spin up. Instead,
it moves straight into terminating old instances. Fix is to add batch_size
to min_size when calling wait_for_new_inst.
Fixes#28087 - Make replace_all_instances and replace_instances behave
exactly the same by setting replace_instances = current list of instances
when replace_all_instances used. Root cause of issue was that without lc_check
terminate_batch will terminate all instances passed to it and after updating
the asg size we were querying the asg again for the list of instances - so terminate batch
saw the list including new ones just spun up.
When creating new asg with replace_all_instances: yes and lc_check: false
the instances that are initially created are then subsequently replaced.
This change makes it so replace only occurs if the asg already existed.
Add integration tests for #28087 and #35993.
(cherry picked from commit a2b3120e85)
* Fix name parameter templating in include_role module (#36372)
An IncludedFile() object built using the original_task will have
its _task bound to the original_task. The iterative reassignment of
original_task._role_name during with_item loops leaves all returned
included_files with the same ._task._role_name (the final name from
the with_items list). This commit builds IncludedFile() objects
from an original_task.copy() to avoid the problematic binding.
(cherry picked from commit 54e70fc783)
* Test include role with items in name #36372 (#37001)
* Tests for #36372
* Tests for #36372
* Tests for #36372
(cherry picked from commit 8c4f349743)
* Add changelog for #36372
* Connection error messages are unsafe: wrap them (#37329)
* Check that connection error msg are not unsafe
* Connection error messages are unsafe: wrap them
For example, in case of error, docker connection plugin returns exception
message containing Go template. These messages weren't tagged as unsafe
and were consequently rendered:
The conditional check 'result is failed' failed. The error was:
{
'msg': u'Docker version check ([\'/usr/bin/docker\', \'version\', \'--format\', "\'{{.Server.Version}}\'"]) failed: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.35/version: dial unix /var/run/docker.sock: connect: permission denied\n',
'failed': True
}:
template error while templating string: unexpected '.'.
String: Docker version check (['/usr/bin/docker', 'version', '--format', "'{{.Server.Version}}'"]) failed: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.35/version: dial unix /var/run/docker.sock: connect: permission denied
(cherry picked from commit 4378542ac7)
* Add a changelog for the no-template error message fix
* win: handle non string as an environment value (#37215)
* win: handle non string as an environment value
* Changed powershell environment handler to use .net function instead for special chars
(cherry picked from commit 708869edd6)
* Added changelog fragement for powershell environment handler fix
* typo in changelog
* win_uri: return response info on non 200 responses, convert DateTime values to ISO 8601 (#37104)
(cherry picked from commit c1f5e11cdf)
* Added changelog fragment for win_uri return value fix