* Convert to AnsibleAWSModule and support IAM permission boundaries
* Handle adding boundary to existing role that lacks one
* Properly clean up role boundary associations on delete
* Handle case when policy boundary is `""` but does not exist
* Using ACME test container for acme_account integration test.
* Removing dependency on setup_openssl. Waiting for controller and Pebble.
* More tinkering.
* Reducing number of tries.
* One more try.
* Another try.
* Added acme_certificate tests.
* Removed double key.
* Added tests for acme_certificate_revoke.
* Making task names more meaningful (during certificate generation).
* Using newer test container which integrates letsencrypt/pebble#137. Adding test for revoking certificate by its private key.
* Using new version of Pebble which limits the random auth delay.
* Simplifying certificates for revocation tests.
* Reworking acme_certificate tests (there are now more, but they are faster).
* Test whether account_key_content works.
* Preparing TLS-ALPN-01 support.
* Using official Ansible image of testing container on quay.io.
* Bumping version.
* Bumping version of test container to 1.1.0.
* Adjusting to new CI group names.
* Pass ACME simulator IP as playbook variable.
* Let test plugin wait for controller and CA endpoints to become active.
* Refactor common setup parts of tests to setup_acme.
* _ -> dummy
* Moving common obtain-cert.yml to setup_acme.
* Update troubleshooting doc for command timeout
* Update timeout document to reflect the new way to set
command timeout per task basis for network_cli and netconf
connection type as per PR #42847
* Fix CI failure
* Fix review comment
* Fix typo in doc
While creating/reconfiguring vSwitch without NICs check if nics details
are gathered or not.
Fixes: #42619
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
This fix adds additional details of vswitch and dvswitch and their
respective nics used.
Fixes: #43009
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Implement initial RouterOS support
* Correct matchers for license prompts
* Documentation updates & mild refactor
* Remove one last Cisco function
* Sanity test fixes
* Move imports to the beginning
* Remove authorize property
* Handle ANSI codes
* Revert to_lines function
* CR fixes
* test(routeros): add unit tests
* Added another test (with ANSI colors and banner in fixture).
* Ignore CRLF line endings in system_package_print file
* fix: review by ganeshrn
* Changed Foreman timeout to be setable via a parameter
Added a Parameter to set the timout to wait for the started Foreman actions
by the user instead of using the hard coded 1000 Seconds
* katello module screamed for more docu :)
* fix docu + some ci findings
made docu better and moved chices in relations to other options to the description
* added a quote to description and removed wrong combination of param product
* Removed choices from params
also removed katello from a ignore file
* NXAPI ssl ciphers & protocols default values
* TLSv1, TLSv1.1, TLSv1.2 and weak cipher support
* NXOS NXAPI weak/strong cipher & TLSv 1.2, 1.1 & 1.0 support
* Version checking for strong/weak ciphers & TLS 1.2, 1.1 & 1.0 support
* Cleaned up erroneously committed changes.
* Specific NXOS platform checking for nxapi ssl ciphers & protocols
* Fixed ansibot reported errors.
* Resolved ansibot reported error.
* Added network_os_version to mocked up N7K unit test device_info
* Calling get_capabilities() once in main and passing results into methods.
* Removed raising exceptions when platform capabilities return None
per reviewers request. Skipping nxapi ssl options when capabilities
are None and generating a warning when these options are skipped
* Cleaned up explicit checks for None/not None
* Add new module for Redfish APIs
Communicates with Out-Of-Band Controller through Redfish APIs
Module gathers hardware information and sends back
* Removed unused library imports
* Removed token entry from headers
* Made 'command' optional and defined default value for each 'category'
* Replace 'result' with 'ansible_facts' for returned dict variable
* Removed unused variable definitions and library imports
* Renamed dicts where data is returned.
Should make it easier to sort through returned data that is placed
in one file.
* Defined dicts to specify available categories and commands in each one.
- Allows specifying default command for each category
- Allows specifying all commands for each category
- Removed Inventory category and moved commands to System category
- Renamed dicts where data is returned to allow to dump more than one in a file
* Remove choice[] since it's redundant
* Added flexibility when specifying categories
- If a category is not specified, it sets a default value
- Can handle more than one category
- Will accept value "all" for category which will set to all available
- Renamed category System to Systems to better reflect Redfish API
* Defined default category in a variable
* Made category argument a list
* Added examples
* Made command argument a list
* Replaced 'ansible_facts' with 'redfish_facts' for returned dict variable.
* Added default value for category in documentation
* Moving redfish_facts inside ansible_facts
* Updated how results dicts are constructed, where applicable
* Improved error messages
* Removed unused variables
* Undo commit 66a7dcd789 due to variable 'e' oversight
* CNOS Vlag module is refactored to use persistence connection instead of paramiko.
* Changing interface and port channel modules to persistent connection and adding UT for them.
* Fixing pep8 issues
* Removing trailing new line
* Removing trailing new line
* Removing trailing new line
* Correcting indentation mistake
* Update cnos_vlag.py
* Removing commented examples
They are commented because those configurations are not meant for L2 ports
VSAN related facts (cluster_uuid) will be used in vmware_vsan_cluster
while adding new host in VSAN cluster.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* nxos cliconf plugin refactor
Fixes#39056
* Refactor nxos cliconf plugin as per new api definition
* Minor changes in ios, eos, vyos cliconf plugin
* Change nxos httpapi plugin edit_config method to be in sync with
nxos cliconf edit_config
* Fix CI failure
* Fix unit test failure and review comment
Now that we don't need to worry about python-2.4 and 2.5, we can make
some improvements to the way AnsiballZ handles modules.
* Change AnsiballZ wrapper to use import to invoke the module
We need the module to think of itself as a script because it could be
coded as:
main()
or as:
if __name__ == '__main__':
main()
Or even as:
if __name__ == '__main__':
random_function_name()
A script will invoke all of those. Prior to this change, we invoked
a second Python interpreter on the module so that it really was
a script. However, this means that we have to run python twice (once
for the AnsiballZ wrapper and once for the module). This change makes
the module think that it is a script (because __name__ in the module ==
'__main__') but it's actually being invoked by us importing the module
code.
There's three ways we've come up to do this.
* The most elegant is to use zipimporter and tell the import mechanism
that the module being loaded is __main__:
* 5959f11c9d/lib/ansible/executor/module_common.py (L175)
* zipimporter is nice because we do not have to extract the module from
the zip file and save it to the disk when we do that. The import
machinery does it all for us.
* The drawback is that modules do not have a __file__ which points
to a real file when they do this. Modules could be using __file__
to for a variety of reasons, most of those probably have
replacements (the most common one is to find a writable directory
for temporary files. AnsibleModule.tmpdir should be used instead)
We can monkeypatch __file__ in fom AnsibleModule initialization
but that's kind of gross. There's no way I can see to do this
from the wrapper.
* Next, there's imp.load_module():
* https://github.com/abadger/ansible/blob/340edf7489/lib/ansible/executor/module_common.py#L151
* imp has the nice property of allowing us to set __name__ to
__main__ without changing the name of the file itself
* We also don't have to do anything special to set __file__ for
backwards compatibility (although the reason for that is the
drawback):
* Its drawback is that it requires the file to exist on disk so we
have to explicitly extract it from the zipfile and save it to
a temporary file
* The last choice is to use exec to execute the module:
* https://github.com/abadger/ansible/blob/f47a4ccc76/lib/ansible/executor/module_common.py#L175
* The code we would have to maintain for this looks pretty clean.
In the wrapper we create a ModuleType, set __file__ on it, read
the module's contents in from the zip file and then exec it.
* Drawbacks: We still have to explicitly extract the file's contents
from the zip archive instead of letting python's import mechanism
handle it.
* Exec also has hidden performance issues and breaks certain
assumptions that modules could be making about their own code:
http://lucumr.pocoo.org/2011/2/1/exec-in-python/
Our plan is to use imp.load_module() for now, deprecate the use of
__file__ in modules, and switch to zipimport once the deprecation
period for __file__ is over (without monkeypatching a fake __file__ in
via AnsibleModule).
* Rename the name of the AnsiBallZ wrapped module
This makes it obvious that the wrapped module isn't the module file that
we distribute. It's part of trying to mitigate the fact that the module
is now named __main)).py in tracebacks.
* Shield all wrapper symbols inside of a function
With the new import code, all symbols in the wrapper become visible in
the module. To mitigate the chance of collisions, move most symbols
into a toplevel function. The only symbols left in the global namespace
are now _ANSIBALLZ_WRAPPER and _ansiballz_main.
revised porting guide entry
Integrate code coverage collection into AnsiballZ.
ci_coverage
ci_complete
Ryan Brown