Commit Graph

182 Commits (1469ec448771a299fce9aefd877e3190a2bed91a)

Author SHA1 Message Date
Martin Krizek b618339c32 2.7: user: do not pass ssh_key_passphrase on cmdline (#47445)
* user: do not pass ssh_key_passphrase on cmdline

CVE-2018-16837

Co-authored-by: Toshio Kuratomi <a.badger@gmail.com>
(cherry picked from commit a0aa53d1a1)

* Ignore user module use of subprocess.

(cherry picked from commit 8d00afc013)

* Fix python3 problem in user module cve fix

(cherry picked from commit 9088671c4e)

* Fix changelog entry for user module CVE fix

(cherry picked from commit 210a43ebeb)
6 years ago
René Moser 083d2a6ad7 [2.7] backport cs_instance fixes (#46274)
* cs_instance: doc: fix typo in examples (#46035)


(cherry picked from commit c09b785a66)

* cs_instance: fix host migration without volume (#46115)


(cherry picked from commit e7926cf9f4)

* add changelog fragment
6 years ago
Sandra McCann 0c81145fd3 [WIP] Backport/2.7/second batch (#45927)
* Update influxdb_database.py (#39984)
(cherry picked from commit 049a462058)

* Link to the Galaxy platforms list from the meta file template (#34046)
(cherry picked from commit fa18d45eb3)

* fix gce_backend_service examples for healthchecks (#31134)
(cherry picked from commit e26d758d6f)

* Clarify the creates and removes options (#45485)
(cherry picked from commit bf90a44468)

* lineinfile note belongs in changelog for 2.6, not 2.7 (#45517)
(cherry picked from commit 228fee4f3a)

* Update keycloak_client.py (#43547)
(cherry picked from commit cb460dee74)

* The keyword 'cloud' has been deprecated in favor of the 'profile' keyword by os-client-config. (#31389)
(cherry picked from commit 17ca0a9bd9)

* Clarified documentation for the unsafe_writes option (#27471)
(cherry picked from commit dd5d191d7a)
6 years ago
Brian Coca 22f50e416d correct and clarify deprecation (#45234)
* correct and clarify deprecation

(cherry picked from commit 64c594d226)
6 years ago
newtonne 30fd326953 Various updates to macports module (#44605)
- Add support for installing specific variants of a port.
- Add support for using yaml lists with 'name' parameter, rather than comma-separated lists.
- Add to and clarify documentation and examples.
- Use Macports nomenclature:
  - s/package/port/g
  - Rename update_cache to sync_ports but keep update_cache as an alias. Remove undocumented update-cache alias.
  - Remove undocumented 'pkg' alias for 'name'. Replace with 'port' alias and document it.
- Print stdout and stderr output if `port sync` fails.
- Print stderr output, rather than stdout, if `port install/uninstall/activate/deactivate` fail.
6 years ago
Chris Archibald 7cded31ec9 Depreciate elementsw modules (#44792)
* rename deprecated files
6 years ago
René Moser dd953dbe96
cs_template: implement update and revamp (#37015) 6 years ago
Michael Price f89374bf6d Update the ignore and doc_fragments for E-Series
Make the generic updates to remove unneeded ignores and improve the
documentation for the NetApp E-Series modules.
6 years ago
Toshio Kuratomi 68c60ad307 Change validate-modules for removed modules
Removed modules now don't have documentation.  Need to account for that
when checking them in validte-modules
6 years ago
Aren 9db3e597f3 state: present added in docs (#37197)
* state: present added in docs

* atomic_container.py docs now match argspec, enforce test
6 years ago
Michael Price ad91793428 Resolve issues in NetApp E-Series Host module (#39748)
* Resolve issues in NetApp E-Series Host module

The E-Series host module had some bugs relating to the update/creation
of host definitions when iSCSI initiators when included in the
configuration. This patch resolves this and other minor issues with
correctly detecting updates.

There were also several minor issues found that were causing issues with
truly idepotent updates/changes to the host definition.

This patch also provides some unit tests and integration tests to help
catch future issues in these areas.

fixes #28272

* Improve NetApp E-Series Host module testing

The NetApp E-Series Host module integration test lacked feature test
verification to verify the changes made to the storage array.

The NetApp E-Series rest api was used to verify host create, update, and
remove changes made to the NetApp E-Series storage arrays.
6 years ago
Ondra Machacek 24c26aded8 oVirt: Add depracation warning to all modules (#44440) 6 years ago
/v\atthew L Daniel d7e66f16a6 Correct the default doc for attached in ec2_eni (#44523)
* Correct the default doc for attached in ec2_eni

Also corrected a typo in the summary

* Address ansible-test sanity error about E324

* Fix and remove the E325 suppression for ec2_eni
6 years ago
Chris Archibald 9dceca8a88 Deprecated Old NetApp Cdot Modules (#43781)
* MVP2 Post ElementSW OSRB sync

* Revert "MVP2 Post ElementSW OSRB sync"

This reverts commit c13db2ad962cd56bffce052c2891c558a2240c72.

Undoing bad push

* move deprecated files

* add documentation

* add new line

* Fix version issue

* fix issue with ignore file, hopefully

* Add ontap modules to porting guide

* fix refs

* add _module to ref
6 years ago
René Moser 1fb0e11b56
vultr: rename prefix vr_to vultr_ (#43994)
* vultr: rename modules

* replace string vr_ with vultr_

* add deprecation warning

* fix sanity tests

* add changelog
6 years ago
Chris Archibald 479408330e Adding Common files for NetApp ElementSW release (#43727)
* MVP2 Post ElementSW OSRB sync

* Revert "MVP2 Post ElementSW OSRB sync"

This reverts commit c13db2ad962cd56bffce052c2891c558a2240c72.
6 years ago
Matt Martz 54e4c53f00
Ensure removed_in is StrictVersion before comparing (#43835)
* Ensure removed_in is StrictVersion before comparing

* Catch ValueError with StrictVersion on incompatible versions
6 years ago
Matt Martz 01c0446cb5
Add AnsibleModule signature schema, and fix associated issues (#43512) 6 years ago
Florian Braun 74af52533f Variable Timout for Katello Module + Documentation (#41834)
* Changed Foreman timeout to be setable via a parameter
Added a Parameter to set the timout to wait for the started Foreman actions
by the user instead of using the hard coded 1000 Seconds

* katello module screamed for more docu :)

* fix docu + some ci findings
made docu better and moved chices in relations to other options to the description

* added a quote to description and removed wrong combination of param product

* Removed choices from params
also removed katello from a ignore file
6 years ago
Toshio Kuratomi 52449cc01a AnsiballZ improvements
Now that we don't need to worry about python-2.4 and 2.5, we can make
some improvements to the way AnsiballZ handles modules.

* Change AnsiballZ wrapper to use import to invoke the module
  We need the module to think of itself as a script because it could be
  coded as:

      main()

  or as:

      if __name__ == '__main__':
          main()

  Or even as:

      if __name__ == '__main__':
          random_function_name()

  A script will invoke all of those.  Prior to this change, we invoked
  a second Python interpreter on the module so that it really was
  a script.  However, this means that we have to run python twice (once
  for the AnsiballZ wrapper and once for the module).  This change makes
  the module think that it is a script (because __name__ in the module ==
  '__main__') but it's actually being invoked by us importing the module
  code.

  There's three ways we've come up to do this.
  * The most elegant is to use zipimporter and tell the import mechanism
    that the module being loaded is __main__:
    * 5959f11c9d/lib/ansible/executor/module_common.py (L175)
    * zipimporter is nice because we do not have to extract the module from
      the zip file and save it to the disk when we do that.  The import
      machinery does it all for us.
    * The drawback is that modules do not have a __file__ which points
      to a real file when they do this.  Modules could be using __file__
      to for a variety of reasons, most of those probably have
      replacements (the most common one is to find a writable directory
      for temporary files.  AnsibleModule.tmpdir should be used instead)
      We can monkeypatch __file__ in fom AnsibleModule initialization
      but that's kind of gross.  There's no way I can see to do this
      from the wrapper.

  * Next, there's imp.load_module():
    * https://github.com/abadger/ansible/blob/340edf7489/lib/ansible/executor/module_common.py#L151
    * imp has the nice property of allowing us to set __name__ to
      __main__ without changing the name of the file itself
    * We also don't have to do anything special to set __file__ for
      backwards compatibility (although the reason for that is the
      drawback):
    * Its drawback is that it requires the file to exist on disk so we
      have to explicitly extract it from the zipfile and save it to
      a temporary file

  * The last choice is to use exec to execute the module:
    * https://github.com/abadger/ansible/blob/f47a4ccc76/lib/ansible/executor/module_common.py#L175
    * The code we would have to maintain for this looks pretty clean.
      In the wrapper we create a ModuleType, set __file__ on it, read
      the module's contents in from the zip file and then exec it.
    * Drawbacks: We still have to explicitly extract the file's contents
      from the zip archive instead of letting python's import mechanism
      handle it.
    * Exec also has hidden performance issues and breaks certain
      assumptions that modules could be making about their own code:
      http://lucumr.pocoo.org/2011/2/1/exec-in-python/

  Our plan is to use imp.load_module() for now, deprecate the use of
  __file__ in modules, and switch to zipimport once the deprecation
  period for __file__ is over (without monkeypatching a fake __file__ in
  via AnsibleModule).

* Rename the name of the AnsiBallZ wrapped module
  This makes it obvious that the wrapped module isn't the module file that
  we distribute.  It's part of trying to mitigate the fact that the module
  is now named __main)).py in tracebacks.

* Shield all wrapper symbols inside of a function
  With the new import code, all symbols in the wrapper become visible in
  the module.  To mitigate the chance of collisions, move most symbols
  into a toplevel function.  The only symbols left in the global namespace
  are now _ANSIBALLZ_WRAPPER and _ansiballz_main.

revised porting guide entry

Integrate code coverage collection into AnsiballZ.

ci_coverage
ci_complete
6 years ago
saichint fa5f396a4b nxos_file_copy enhancement (#42424)
* add file_pull option

* typo correction

* fix shippable error

* review comments

* fix for review comments by mwiebe

* possible shippable fix

* remove file_copy from ignore

* more review comments addressed

* review comments

* add localhost for remote scp server in tests

* timeout fix
6 years ago
tomelrod 5eb47066e3 Documentation change for resizefs (#43224)
* Documentation change for resizefs

Changed documentation to match the default value of resizefs set in the code.
Added a note on the resizefs use on the example utilizing it.

* Remove test now it validates fine
6 years ago
Abhijeet Kasurde b02e0c07d8
dnsimple: refactor dnsimple module (#42548)
* Update dnsimple-python minimum version to 1.0.0 as it supports API v2 and API v1 is deprecated.
* Update examples.
* Update documentation.

Fixes: #42495

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
6 years ago
Dag Wieers e899824c49
ACI: Add parameter types to module docs (#42893)
* ACI: Add parameter types to module docs

* Update validate-modules ignore list
6 years ago
Sloane Hertel 2c3e6f8bd3 [elb_target_group] fix docs and add default for wait_timeout - fixes #42324 (#42477)
Add default for wait_timeout and version_added flag
6 years ago
Yanis Guenane 593f484d77 Fix E324 for vultr modules. (#42464) 6 years ago
John R Barker d962611528 Allow documentation of module options type (#42285)
* Allow documentation of module options

Pass through the `type` of a modules option so it's displayed on the
html module docs

* docs
7 years ago
fxfitz f92b95b8cb Remove ipa_ modules from sanity ignore; fix the docs 7 years ago
Dag Wieers 57c0471b54
Fix ACI validate-modules issues (#42222) 7 years ago
tstoner db7300904d Enforcing NXAPI default HTTP behavior (#41817)
* nxos_nxapi http default behavior

* Use nxos_nxapi module in prepare_nxos_tests

* Refactor nxos_nxapi configure test to use yaml block

* Extend nxos_nxapi https & http test cases

* Removed NXOS internal release naming

* Resolved ansibot sanity errors

* Fix typo in prepare_nxos_tests

* Address PR comments

* Shippable indicates this is no longer needed

* Add port change logic and testing
7 years ago
John R Barker 6024a766e9
Allow removed_in 2.11 (#42119) 7 years ago
Andrea Tartaglia a342538aba Add shell out checks (#41545)
* Added error codes for shell_out checks

* Added ignore lines for allowed Modules

* Added shell out checks

* Fixed pep8

* Updated regex to only match subprocess.Popen

* Added failing modules to ignore.txt

* Wrong postgresql module in ignore.txt

* Removed bigip from ignore.txt
7 years ago
Abhijeet Kasurde 27b85e732d Argument spec must be dict/hash (#40858)
validate-modules should fail when argument is not dict/hash.

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
7 years ago
Sloane Hertel 7d2c71462d gluster_volume: add 'volume' alias to 'name' param (#40845)
* gluster_volume: add 'volume' alias to 'name' param

* remove gluster_volume from validate-modules/ignore.txt
7 years ago
Pilou de385560a8 jenkins_jobs: fix typos (#40844)
* jenkins_job: fix typos

* jenkins_job: add type for 'enabled' parameter
7 years ago
Matt Clay 45c6fa9784 Update gluster_volume path in ignore.txt. 7 years ago
Matt Martz b07f779296 Update dnf module argument_spec and docs to match (#39819)
* Update dnf module argument_spec and docs to match. Fixes #39800

* Always evaluate autoremove as boolean
7 years ago
Zim Kalinowski dde48560fb fixing container instance sanity & integration tests (#40774) 7 years ago
Strahinja Kustudic de57fa71c1 Improve timezone module for none systemd Linux distributions (#38032)
* The module now correctly sets the timezone in both the config file and
in /etc/localtime; while hwclock is set in both the config and
/etc/adjtime.
* Module checks if the timezone is actually set by checking
/etc/localtime. Before it only checked if it was set in the config file.
* Fixed module not setting the timezone on RedHat systems if
/etc/localtime was a symbolic link.
* Fixed module failures in case of missing config files or incorrect data
in them.
* Added a lot of integrations tests to cover most of these situations.
7 years ago
René Moser 5dd3aa26ea
cs_instance: implement host migration support (#40309)
* cs_instance: implement host migration support

* fix build

* fail fast on update if user is not admin

* improve tests a bit

* expunge it

* fix typo

* disable temporarly verify for host on starting instance.
7 years ago
Jiri Tyr e6e5e45d7e Fixing choices for transport option in gluster_volume module (#38815) 7 years ago
Zim Kalinowski 8e38668285 fixing disabled azure sanity tests (#40519)
* fixing azure sanity tests

* fixing sanity

* fixing some tags issues

* removed unnecessary things from managed disk

* fixed location problem

* more sanity fixes

* sanity test fixes

* final sanity fixes?

* final fixes again

* undo changes related to container instance

* removed container instance

* readd again

* fixed stupid mistake

* removed _azure from changes

* one more mistake
7 years ago
Matt Clay 8deced3e04
Fix shebangs and file modes and update tests. (#40563)
* Add execute bit sanity test and apply fixes.
* Add shebang test for `lib` dirs and apply fixes.
* Shebang and execute bit cleanup.
7 years ago
Matt Clay 8d39515914 Remove tab check from validate-modules.
It is redundant with the pycodestyle W191 "indentation contains tabs" check.
7 years ago
Strahinja Kustudic 32d6a354d7 postgresql_user: set encrypted as default and fix empty password reporting changed (#36931)
* Set encrypted as default and fix empty password reporting changed

* Starting with Postgres 10 `UNENCRYPTED` passwords are removed and
because of that this module fails with the default `encrypted=no`.
Also encrypted passwords are suported since version 7.2
(https://www.postgresql.org/docs/7.2/static/sql-createuser.html) which
went EOL in 2007 and since 7.3 it is the default. Because of this it
makes a lot more sense to make `encrypted=yes` the default. This won't
break backward compatibility, the module would just update the user's
password in the DB in the hashed format and everything else will work
like before. It's also a security bad practice to store passwords in
plain text. fixes #25823
* There was also a bug with `encrypted=yes` and an empty password always
reported as changed.
* Improved documentation for `encrypted`/`password` parameters, and
removed some obsolete notes about passlib.

* Fix clearing user's password to work with all versions of Postgres

* Add tests for clearing the user password

* Fix documentation atfer rebase

* Add changelog fragment
7 years ago
John R Barker fe4368ce15
removed_in: 2.6 is valid (#40399) 7 years ago
Toshio Kuratomi 46d35d8919 unarchive now passes the E322 test 7 years ago
René Moser de8b6b55f7
cs_vpc: implement state=started (#40319) 7 years ago
Anil Kumar Muraleedharan 1cb4619c9a Modifying cnos-facts, cnos_command and cnos-config in line with the design followed in Ansible. Adding unit test cases for these modules. Added plugins to support them. (#39955)
* Modifying cnos-facts, cnos_command and cnos-config in line with the design followed in Ansible. Adding unit test cases for these modules. Added plugins to support them.

* Removing doc fragment conflicts with other modules

* Replacing show with display
7 years ago
Dag Wieers 3cdd5da247
xml: Fix validate-modules issue (#40121) 7 years ago