This will account for settings that are provided by the hierarchy of
Dockerfiles used to construct your image, rather than only accounting
for settings provided to the module directly.
This allows setting the pid namespace for a container. Currently only
the 'host' pid namespace is supported.
This requires Docker 1.4.1 and docker-py 1.0.0
Organize each state into a distinct function for readability and composability.
Rework `present` to create but not start containers. Add a `restarted` state
to unconditionally restart a container and a `reloaded` state to restart a
container if and only if its configuration is incorrect. Store our most recent
knowledge about container states in a ContainerSet object. Improve the value
registered by this task to include not only the inspect data from any changed
containers, but also action counters in their native form, a summary message
for all actions taken, and a `reload_reasons` key to store a human-readable
diagnostic to determine why each container was reloaded.
Don't pass the volumes_from argument to the Docker create_container method.
If the volumes_from argument is passed to the create_container method, Docker
raises the following exception:
docker.errors.DockerException: 'volumes_from' parameter has no effect on
create_container(). It has been moved to start()
consider the following response body (content) of a REST/JSON webservice containing escaped quotation marks:
```json
{ "key": "\"works\"" }
```
decoding this string not as raw will lose the backslash as JSON escape. later json.loads will fail to parse.
Inspired by [this thread](https://groups.google.com/forum/#!topic/ansible-project/kymtiloDme4) on the mailing list and the following python shell code:
```python
import json
string=r'{ "key": "\"works\"" }'
json.loads(string)
json.loads(string.decode('raw_unicode_escape'))
json.loads(string.decode('unicode_escape'))
```
Ports are integer values but the old code was assuming they were
strings. When login_port is put into playbook complex_args as an
integer the code would fail. This update should make the argument
validating make sure we have an integer and then we can send that value
directly to the relevant APIs.
Fixes#818
If insertbefore/insertafter didn't match anything, lineinfile module was doing nothing, instead of adding the line at end of fille as it's supposed to.
There are a completely new set of modules that do all of the things like
keystone v3 and auth_plugins and the like correctly. Structurally
upgrading these would have been massively disruptive and there is no
real good way to do so without breaking people.
These modules should be kept around for several releases - they still
work for people - and they should get bug fixes. But they should not
take new features. New features should go to the os_ modules.
When using the "creates" option with the uri module, set changed
to False if the file already exists. This behavior is consistent with
other modules which use "creates", such as command and shell.
Having read the doc for this module several times and completely missing that it can be used for existing remote archives, I propose this update to the wording to make clear from the top the two ways in which this module can be used.
ansible-doc expects the value of the description field to be a list,
otherwise the output is not correct. This patch updates the flat
description to be a list.
This is a further fix for: https://github.com/ansible/ansible/issues/9092
when the relative path contains a subdirectory. Like:
ansible localhost -m copy -a 'src=/etc/group dest=foo/bar/'
Add a word boundary \b to the regexp for checking the output of a2{en,dis}mod,
to avoid a false positive for a module that ends with the same text as the
module we're working on.
For example, the previous regexp r'.*spam already enabled' would also match
against 'eggs_spam already enabled'.
Also, get rid of the redundant '.*' from the end of the regexp.
This small change corrects behavior when one uses an .rsync-filter file to exclude some paths from both being transferred and being deleted, so that these excluded paths can be handled separately with different tasks (e.g. in order to deploy the excluded paths independently from the rest paths and notify handlers appropriately). The problem with the double -FF option is that it excludes the .rsync-filter file from being transferred to the receiver. However, deletions are done on the side of the receiver, so it is absolutely necessary the .rsync-filter file to be transferred to the receiver, so that the receiver knows what files to delete and what not to delete.
The problem was introduced in commit f5789e8e. 'tenancy' is a parameter of
ec2.run_instances, but not in ec2.request_spot_instances. So it was breaking
the support for spot requests.
This option allows the module to ensure that ONLY the specified keys
exist in the authorized_keys file. All others will be removed. This is
quite useful when rotating keys and ensuring no other key will be
accepted.
As stated in #423, the commit 7f11c3d broke ec2 spot instance launching
after 1.7.2. This is because it acts on the 'res' variable which have 2
different types in the method, and in case we request spot instances,
the resulting object is not a result of ec2.run_instances() but
ec2.request_spot_instances(). Actually this fix doesn't seem to be
relevant in the spot instances case, because by construction we won't
retrieve 'terminated' instances in the end.
There is no call to yum_base using 'cachedir' argument, so
while it work fine from a cursory look, that's useless code,
and so should be removed to clarify the code.
Using the rpm module prevent a uneeded fork, and permit
to skip the signature checking which slow down a bit the
operation, and which would be done by yum on installation
anyway.
The default is changed from 'yes' to 'no' to follow
subversion behavior (ie, requiring explicit confirmation
to erase a existing repository). Since that was not working before
cf #370 and since the option was ignored before and unused, this
should be safe to change.
We need to handle the string returned by 'default' in the same way we handle
the string returned by 'status' since the resulting flags are compared later.
If you try to set rwX permissions, ACL fails to set them at all.
Expected:
$ sudo setfacl -m 'group::rwX' www
...
drwxrwxr-x 2 root root 4096 Nov 10 17:09 www
With Ansible:
acl: name=/var/www permissions=rwX etype=group state=present
...
drwxrw-r-x 2 root root 4096 Nov 10 17:30 www
x for group is erased. =/
* Use the newly added 'default' argument to know if the default flags are set
or not.
* Handle that 'status' may either return flags or YES/NO.
* Centralize flag handling logic.
* Set action variable after check if we need to keep going.
Big thanks to @ajacoutot for implementing the rcctl 'default' argument.
Removes default value from ec2_lc so it can create launch configurations valid on a EC2-Classic environment. AWS API will not accept a assign_public_ip when creating an ASG outside of VPC.
The default is not very useful to sort between different
keys and user. Adding the hostname in the comment permit to later
sort them if you start to reuse the key and set them in different
servers. See https://github.com/ansible/ansible/pull/7420
for the rational.
This argument may be used to fetch additional refs beyond the default
refs/heads/* and refs/tags/*. Checking out GitHub pull requests or Gerrit
patch sets are two examples where this is useful.
Without this, specifying version=<sha1> with a SHA1 unreachable from any
tag or branch can't work.
De-duplicate repetitive code checking the exit code.
Include the stdout/stderr of the failed process in all cases.
Remove the returned values because no caller uses them.
Combine git commands where possible. There is no need to fetch branches
and tags as two separate operations.
Starting from docker-py>=0.5.0 it is impossible to work with private registries based on HTTP.
So we need additional parameter to allow pull from insecure registry
Related to ansible/ansible#9111
Make use of improved connect_to_aws that throws an exception
if a region can't be connected to (e.g. eu-central-1 requires
boto 2.34 onwards)
Add eu-central-1 to the two modules that hardcode their regions
Add us-gov-west-1 to ec2_ami_search to match documentation!
This pull request makes use of the changes in ansible/ansible#9419
the AIX class uses a unsafe shell for setting the user password (containing a pipe in the command). This patch adopts to the new behavior of module_utils/basic.py (since somewhere around 1.7).
besides it changes the qoutes for the echo command from double to single, because password-hashes contain $-signs and one would not have this variables expanded.
Allow passing the database option to the django_manage module for migrations. This is usefull in situations where multiple databases are used by a django application.
In particular, if `rsync` is not installed on the remote machine the following error message will be encountered:
"rsync error: remote command not found"
AWS does not recognize the subnet if it is presented in a comma delimited format with spaces. you must remove the space for Amazon to recognize the second subnet.
The default value is 'no' instead of the currently documented 'yes'.
See cloud/openstack/nova_compute.py line 543:
auto_floating_ip = dict(default=False, type='bool'),
This can be tested with this command :
ansible -c local -m copy -a 'src=/etc/group dest=foo/' all
This is a corner case of the algorithm used to find how we should
copy recursively a folder, and this commit detect it and avoid it.
Check https://github.com/ansible/ansible/issues/9092 for the story
* Make the module support enable/disable of special services like pf via rcctl.
Idea and method from @jarmani.
* Make the module handle when the user supplied 'arguments' variable does not
match the current flags in rc.conf.local.
* Update description now that the code tries to use rcctl for everything if it
is available.
Based on input from @jarmani:
* A return value of 2 now means a service does not exist. Instead of
trying to handle the different meanings of rc after running "status",
just look at stderr to know if something failed.
* Skip looking at stdout to make the code cleaner. Any errors should
turn up on stderr.
Using rds2 allows tags and the control over whether or not DBs are
publicly accessible.
Move RDS towards a pair of interfaces implementing the details of rds
and rds2
Added tests to ensure that all operations work correctly as well as
requirements files that allow virtualenvs to test either boto.rds or
boto.rds2