Commit Graph

1737 Commits (1af72afdefd421c5b2434d8c259257d5f0dade38)

Author SHA1 Message Date
Sloane Hertel 1dd55acbc2 ec2_group: add rule description support - fixes #29040 (#30273)
* ec2_group: add support for rule descriptions.

* Document rule description feature and add an example using it.

* Fix removing rule descriptions.

* Add integration tests to verify adding/modifying/removing rule descriptions works as expected.

* Add permissions to hacking/aws_config/testing_policies/ec2-policy.json for updating ingress and egress rule descriptions.

* ec2_group: add backwards compatibility with older versions of botocore for rule descriptions.

* Add compatibility with older version of botocore for ec2_group integration tests.

* ec2_group: move HAS_RULE_DESCRIPTION to be checked first.

* Make requested change

* Pass around a variable instead of client

* Make sure has_rule_description defaults to None

* Fail if rule_desc is in any ingress/egress rules and the the botocore version < 1.7.2

* Remove unnecessary variable

* Fix indentation for changed=True when updating rule descriptions.

* minor refactor to remove duplicate code

* add missing parameter

* Fix pep8

* Update test policy.
7 years ago
Prasad Katti 8a9a9b84dd [ec2-ami] Use required_if with state parameter (#32009)
* [ec2-ami] Use required_if with state parameter

* Update failure msg on delete ami with no image_id task in integration test
7 years ago
Martin Krizek ee6ba5d590 yum: allow for downgrade using rpm file (#31647) 7 years ago
Kedar K e2bed36d12 - Adds iosxr_netconf module to configure netconf service on IOSXR (#31715)
* - Adds iosxr_netconf module to configure netcong service on Cisco
  IOS-XR devices

* - Adds Integration test for module
- Handles diff return from load_config

* - Adds unit test for iosxr_netconf module
7 years ago
Jordan Borean b004a6373a windows: add #AnsibleRequires for Windows modules (#31683)
* windows: add #AnsibleRequires to set whether a module requires module or a specific version

* fix up pep8 issues

* changed psversion to use the actual ps Requires -Version syntax

* missed the check on #Requires -Version

* fix #Requires module extensions
7 years ago
Kedar K 465fe5802b -Fixes JSON parsing(use JSON object instead of string) for facts modules. (#31818) 7 years ago
Jordan Borean 8e44cd5d10 win_command win_shell: add stdin option (#31619) 7 years ago
Jordan Borean b663f602bc windows argv to string module utility (#28970)
* windows argv to string module utility

* rebased PR with latest devel branch
7 years ago
Matt Clay 36b13e3e3d Fix ansible-test default image. (#31966)
* Add openssh-client to default docker container.
* Include Azure requirements in default container.

To do so, handling of pip requirements was updated to install each
set of requirements separately and then run a verification pass to
make sure there are no conflicts between requirements.

* Add missing --docker-no-pull option.
* Add documentation for the azure-requirements test.
7 years ago
Will Thames 0c10e1ebe4 Handle timezone updates on Ubuntu 16.04+ on containers (#27546)
* Handle timezone updates on Ubuntu 16.04+ on containers

Although Ubuntu 16.04 will use timedatectl by default,
containers without a working timedatectl need to use the
old method.

A bug in Ubuntu for the old method means having to write
a nasty hack

https://bugs.launchpad.net/ubuntu/+source/tzdata/+bug/1554806

* Add tests for timezones

Ensure timezone changes work across various OSs
7 years ago
nwsparks 5cccad8ed4 new windows module, win_audit_rule (#30473)
* added win_audit_rule with integration test

* Updated integration testing to target files as well as directories
and registry keys. Split testing files apart to be more organized.

Updated powershell for better handling when targetting file objects
and optimized a bit. Removed duplicated sections that got there from a
previous merge I think.

* Decided to make all the fact names the same in integration testing.
Seemed like there would be less change of accidentally using the wrong
variable when copy/pasting that way, and not much upside to having
unique names.

Did final cleanup and fixed a few errors in the integration testing.

* Fixed a bug where results was displaying a wrong value

Fixed a bug where removal was failing if multiple rules existed due to
inheritance from higher level objects.

* Resolved issue with unhandled error when used didn't have permissions
for get-acl.

Changed from setauditrule to addauditrule, see comment in script for reasoning.

Fixed state absent to be able to remove multiple entries if they exist.

* fixed docs issue

* updated to fail if invalid inheritance_rule when defining a file rather than warn
7 years ago
Matt Clay 3c271e6bf6 Remove unsupported comments from aliases. 7 years ago
Matt Clay eb899c9bcd Fix docker_secret integration test dependencies. 7 years ago
Marek Nogacki b9223cdc89 ec2_group: do not fail on description mismatch (#31704) (#31734)
* ec2_group: do not fail on description mismatch (#31704)

* ec2_group: do not fail on description mismatch (#31704) - fix test case
7 years ago
Martin Krizek e2fc61c554 Add yum integration tests using fake repo (#31646) 7 years ago
Matt Clay 7623c2fbda Disable flakey win_rabbitmq_plugin test. 7 years ago
Jordan Borean 743ff4897a win_regedit: added function to load a dat file for editing (#31289)
* win_regedit: added function to load a dat file for editing

* try to make the tests more resiliant

* more stability changes
7 years ago
Matt Clay 264452e0a8 Fix bad syntax in test_infra integration test. 7 years ago
Jordan Borean 888de842b3 win_regedit: fix extra info coming into stdout (#31813) 7 years ago
Adrian Likins 297dfb1d50 Vault secrets script client inc new 'keyring' client (#27669)
This adds a new type of vault-password script  (a 'client') that takes advantage of and enhances the 
multiple vault password support.

If a vault password script basename ends with the name '-client', consider it a vault password script client. 

A vault password script 'client' just means that the script will take a '--vault-id' command line arg.

The previous vault password script (as invoked by --vault-password-file pointing to an executable) takes
no args and returns the password on stdout. But it doesnt know anything about --vault-id or multiple vault
passwords.

The new 'protocol' of the vault password script takes a cli arg ('--vault-id') so that it can lookup that specific
vault-id and return it's password.

Since existing vault password scripts don't know the new 'protocol', a way to distinguish password scripts
that do understand the protocol was needed.  The convention now is to consider password scripts that are
named like 'something-client.py' (and executable) to be vault password client scripts.

The new client scripts get invoked with the '--vault-id' they were requested for. An example:

     ansible-playbook --vault-id my_vault_id@contrib/vault/vault-keyring-client.py some_playbook.yml

That will cause the 'contrib/vault/vault-keyring-client.py' script to be invoked as:

     contrib/vault/vault-keyring-client.py --vault-id my_vault_id

The previous vault-keyring.py password script was extended to become vault-keyring-client.py. It uses
the python 'keyring' module to request secrets from various backends. The plain 'vault-keyring.py' script
would determine which key id and keyring name to use based on values that had to be set in ansible.cfg.
So it was also limited to one keyring name.

The new vault-keyring-client.py will request the secret for the vault id provided via the '--vault-id' option.
The script can be used without config and can be used for multiple keyring ids (and keyrings).

On success, a vault password client script will print the password to stdout and exit with a return code of 0.
If the 'client' script can't find a secret for the --vault-id, the script will exit with return code of 2 and print an error to stderr.
7 years ago
Abhijeet Kasurde a047fe0e4c Correct usage for shutil.rmtree (#31541)
* Correct usage for shutil.rmtree

Fix adds correct usage of shutil.rmtree in git module

Fixes: #31225

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>

* Include archive tests so they get run

* Use new include syntax

* Cleanup syntax on git tests

- use multi-line YAML
- remove unneeded {{ }} around vars in conditionals
- remove unneeded quotes
- add task file name to task names for easier troubleshooting when things fail

* Make archive tests work for RHEL/CentOS 6

The older versions of Jinja2 in RHEL/CentOS 6 required assertion tasks using the map filter to be skipped.

The older version of git required gzip compression to be skipped on RHEL/CentOS 6.

* Account for ansible_distribution_major_version missing
7 years ago
Lujeni 91ab88dac7 pip: Use chdir directive in the venv path (fixes #25122) (#26865) 7 years ago
Matt Clay 80b0e0e05a Remove cryptography version limit in Azure tests.
No longer needed now that cryptography 2.1.1 has been released.
7 years ago
jctanner c05a7add5f Only install pyvmomi if user is root (#31628) 7 years ago
Trishna Guha e7145e249f fix ios_interface test unsupported param (#31622)
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
7 years ago
Matt Clay 8acb901bf2 Update Azure tests to limit cryptography version. (#31616)
* Revert "Work around cryptography 2.1 requiring pip 8.1.2+"

This reverts commit a10a80b8a3.

* Update Azure tests to limit cryptography version.
7 years ago
Rene Moser 0c416b5891 tests: cs_snapshot_policy: add integration tests 7 years ago
Philippe Dellaert 9580a6569e Fix #21112 : Adding support for configuring a CD-rom iso image (#28155)
* Initial CD-ROM support

* create cdrom bugfix

* Improving CDROM change detection and fixing template creation bug
Running MarkAsTemplate on an existing template will fail with an error

* Better change detection for guest ID
Should only mark a change in case it actually changes

* Adding integration tests

* Pep8 compliance fixes

* Adding CDROM support, including iso, client and none types

* Updating added release version for CDROM option
7 years ago
rahushen c976ac7ed6 change ports to non well known ports and drop time_range for N1 (#31261) 7 years ago
Ricardo Carrillo Cruz 7acb0bb187 Parameterize the ssh port on ios_user tests (#31573)
On CI we use 8022 for SSH, thus we need to explicitly pass
ansible_ssh_port to the ssh command to work.
7 years ago
Ricardo Carrillo Cruz ac95ecaf13 Remove duped authorize on ios_ping anchored tasks (#31572)
Otherwise, we get warnings.
7 years ago
Ricardo Carrillo Cruz c75c4cbfc8 Introspect the management IP on ios_ping (#31571)
On our CI we don't have external connectivity, so let's ping to
the management interface IP.
Also, ignore errors on the expected failures tests.
7 years ago
Ganesh Nalawade 88da95bb77 Fix rollback in junos_config (#31424)
* Fix rollback in junos_config

Fixes #30778

*  Call `load_configuration` with rollback id in case
   the id is given as input
*  Pass rollback id to `get_diff()` to fetch diff from device

* Fix unit test
7 years ago
Toshio Kuratomi dde2c96d67 Try to cleanup after the rpm_key test 7 years ago
Ricardo Carrillo Cruz bd17edd5ed Run neighbors intent tests for ios_interface only if show lldp contains netdev (#31539) 7 years ago
Sam Doran 2610b521bc Remove sysctl entries when state=absent (#31486)
* Remove sysctl entry when state=absent
* Cleanup sysctl integration test syntax
* Correct grammar on error message
* Add sysctl integration test for state=absent
7 years ago
Lukas Bednar 5ccc1072ea [rpm_key] Fix to import first key on the system (#31514)
* [rpm_key] Fix to import first key on the system

Fixes: #31483

* [rpm_key] removed unsafe_shell and "throwaway" underscore

* [rpm_key] adding test to add the first key on system
7 years ago
Artem Zinenko 2b63ae61f2 minor updates + tests to win_firewall_rule as per jborean93 review (#29148)
* Added warning for 'force' option

* Changed 'profiles' type to list

* Changed 'interfacetypes' type to list

* Added deprecation warning and fixed doc

* updated force parameter
7 years ago
Jordan Borean 82fa922491 win_become: Added support to become a service user (#30407)
* win_become: Added support to become a service user

* fixes for linting

* changes to get local and network service working

* fixed linting issues again

* pleasing pepe
7 years ago
Jordan Borean f2bc89a880 win_copy: added decrypt option (#31291) 7 years ago
Jordan Borean c4b51009f0 win_copy: allow src to have invalid windows chars (#31392)
* win_copy: allow src to have invalid windows chars

* create file with colon instead of avoid checkout errors
7 years ago
Martin Krizek 08bffbcbaa yum: add integration tests for installing from URL (#30616) 7 years ago
Martin Krizek 488534b906 yum: add integration test for incompatible arch rpm (#31185) 7 years ago
Matt Clay a333f2e5b0 Fix ansible-test config management. 7 years ago
Stephen 9c6ad3d076 Add update_only parameter for yum module (#22206)
* Add update_only parameter for yum module

When using latest, `update_only: yes` will ensure that only existing
packages are updated and no additional packages are installed.

* Update yum.py

Update version added for `update_only` parameter to 2.5

* add unit tests for update_only flag in yum module
7 years ago
Sam Doran 00df1fda10 Correctly write SELinux config file (#31251)
* Add new lines to end of config file lines

* Properly write out selinux config file

Change module behavior to not always report a change but warn if a reboot is needed and return reboot_required.

Improve the output messages.

Add strip parameter to get_file_lines utility to help with parsing the selinux config file.

* Add return documentation

* Add integration tests for selinux module

* Use consistent capitalization for SELinux

* Use atomic_move in selinux module

* Don't copy the config file initially

There's no need to make a copy just for reading.

* Put message after set_config_policy in case the change fails

* Add aliases to selinux tests
7 years ago
Jordan Borean e61c2799ff win_become: move error handling to Ansible outside of shell (#31227)
* win_become: move error handling to Ansible outside of shell

* trimmed the output so double newlines don't get set

* added test for non-zero exit code

* missed issue URL on test

* changed exit to SetShouldExit
7 years ago
Jordan Borean bba941cd5b win_copy: fix for copying encrypted file without pass (#31084)
* win_copy: fix for copying encrypted file without pass

* fix pep8 issue

* reduced the diff and fixed some minor issues
7 years ago
Adrian Likins 278ff19bea Handle vault decrypt --output=- (#31066)
In cli.CLI.unfrack_path callback, special case if the
value of '--output' is '-', and avoid expanding
it to a full path.

vault cli already has special cases for '-', so it
just needs to get the original value to work.

Fixes #30550
7 years ago
Jordan Borean 12a4dca447 win_dotnet_ngen: fix after broken in 2.4 (#31076)
* win_dotnet_ngen: fix after broken in 2.4

* added description to return values
7 years ago