Previously if `sysctl_set=no` (which is the default) this module only
checked for changes in the sysctl.conf file to decide whether it should
reload it or not. This means that if the values in the conf file are the
same as they are set with the module, but the current values on the
system are different, that this module wouldn't apply the changes on the
system and thus the value set with the module wouldn't be applied on the
OS. This isn't obvious and it doesn't make sense that the module works
like that by default, especially because there is a separate option
`reload`. Now sysctl will also check if the current value differs on the
system and if it does, it will reload the file again.
Commit b7724fdf85
appears to have caused a regression, where `ip4`, `gw4`, `ip6`, `gw6`
were converted to `ipv4.address`, `ipv4.gateway` etc.
This causes bootproto (or `ipv4.method`) to remain `dhcp`, as noted in https://github.com/ansible/ansible/issues/36615
This commit only reverts the key-value pairs to the original names,
which is in line with both expectation (manual ip addr == no dhcp) and
the language used in the playbook, which is, for example, "ip4" not
"ipv4.address"
Co-authored-by: Stuart Pollock <spollock@pivotal.io>
Co-authored-by: Tyler Ramer <tramer@pivotal.io>
vmware_guest accepts 0MB as valid value for memory reservation in
virtual machine hardware configuration. This fixes the regression
introduced via 193f69064f.
Fixes: #59190
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Print warning when both an option and its alias is specified.
* Improve output.
* Put warnings into self._warnings directly, resp. use self.warn() when handling subspecs.
* Add changelog.
* Add unit test.
* Added support to create/delete mulitiple databases in MySQL
Fixes: #58370
* Added additional tests cases and fixed documentation changes
* Code refactoring and added tests for better test coverage
- Removed db_exists usage from most of the code. Used existence_list
and non_existence_list instead
- Added additional tests to cover all scenarios w.r.t creation and deletion
on multiple databases
- Added tests for dump operations
* Minor fix
* Minor fix - create check mode test
* Added dump tests for better dump tests coverage
* Removed minor database connection details
* fixed error
* Added test case for import operations
* Code refactoring and review fixes
- Added dump all test case
* Fixed review comments
* Minor review comment fixes
* Altered db_create return value
* Removed db_list and altered "does exist" to just "exist"
* Kept db and db_list in module.exit_json
* Refactored tests
- Added removal of dump2 file
* Moved import tests to state_dump_import file
* Removed import tests from multi_db_create_delete
* Updated porting guide, added RETURN block
* Minor identation fix
* Added validation to check if databases are dumped
* Create a user home directory if it has parents that do not exist
The useradd command line tool does not create parent directories. Check if the specified home path has parents that do not exist. If so, create them prior to running useradd, then set the proper permission on the created directory.
Add tests
Signed-off-by: Sam Doran <sdoran@redhat.com>
* Use dict for default user group in tests
Signed-off-by: Sam Doran <sdoran@redhat.com>
* Fix tests
Signed-off-by: Sam Doran <sdoran@redhat.com>
* The description has been replaced with proxy_password and proxy_username.
* Rename 59068-fix doc for yum_repository.py to 59068-fix_doc_for_yum_repository.yml
* cosmetic: Remove useless call to ec2_argument_spec()
* aws_s3: Improve ETag handling
* Extract ETag calculation into a utility function for reuse by
aws_s3_sync.
* Reduce code duplication in put/get by restructuring the logic
* Only calculate ETag when overwrite == different
* Fail gracefully when overwrite == different and MD5 isn't available
(e.g. due to FIPS-140-2).
* aws_s3: clean up integration tests
Clean up tests, add tests for overwrite settings in both directions.
* ansible-galaxy: add collection init sub command
* Fix changelog and other sanity issues
* Slim down skeleton structure, fix encoding issue on template
* Fix doc generation code to include sub commands
* Added build step
* Tidy up the build action
* Fixed up doc changes and slight testing tweaks
* Re-organise tests to use pytest
* Added publish step and fixed up issues after working with Galaxy
* Unit test improvments
* Fix unit test on 3.5
* Add remaining build tests
* Test fixes, make the integration tests clearer to debug on failures
* Removed unicode name tests until I've got further clarification
* Added publish unit tests
* Change expected length value
* Added collection install steps, tests forthcoming
* Added unit tests for collection install entrypoint
* Added some more tests for collection install
* follow proper encoding rules and added more tests
* Add remaining tests
* tidied up tests and code based on review
* exclude pre-release versions from galaxy API
* Handles:
PSAvoidTrailingWhitespace
PSAvoidGlobalVars
PSAvoidAssignmentToAutomaticVariable
PSAvoidUsingCmdletAliases
PSAvoidUsingWriteHost
PSUseDeclaredVarsMoreThanAssignments
PSUsePSCredentialType
PSAvoidUsingPositionalParameters
PSAvoidUsingEmptyCatchBlock
PSAvoidUsingWMICmdlet
Replaced Write-Host with Write-Output
Added smart reboot check for win_domain feature installation
Modify the Creation of the pagefileto fit to CIM
Changelog fragment addition
Ignore.txt without fixes
* Changes after community reviews
* Change Out-Null to '> $null'
* Fixes after jborean93 comments
* Test
* Revert "Test"
This reverts commit 35c5c0648fa9d2868a18094d84954e53ffa28880.
* Removed all > $null since they broke the module since the output got dumped
* run test again
* Revert "run test again"
This reverts commit 80eaf07143f9d8cb0116cbbc68a6a69c0ace840c.
* Changes after community review
* ignore PSUseDeclaredVarsMoreThanAssignments that are on a diffrent PR
* CI failed on extra line in ignore.txt
* Review changes
* PSlint errors
* Trail space
* send to null breaks the tests for Set-Workgroup
* Lint stuff
* win_domain_user issue of indent.
* Update win_domain_user.ps1
* Update win_domain_membership.ps1
* Fix redirect to null
* lint space issue
* removed return from set-workgroup
* removed send to null
* Add purge_tags to s3_bucket to allow preservation of existing tags
Adding `purge_tags` with default `True` to maintain existing behaviour
allows users to set it to `False` to preserve existing tags
Fixes#29366
* s3_bucket: Add further tests and improve tag handling further
Additional tests for purge_tags: False suggested some incorrect
logic and thus further improvements
Increase wait timeout on bucket deletion as it wasn't always completing
in the default 100 seconds
* win_domain_user - MAke the query user try catch block more accurate for missing identity
* change to minor_changes
* Update win_domain_user-make-query-try-catch-accurate.yml
* Update win_domain_user-make-query-try-catch-accurate.yml
* Correct get_option function name and change flags to become_flags
* Remove the '--' from the returned command
* add changelog fragment
* change changelog fragment description
* move the -q argument to machinectl before the shell argument to resolve issues with machinectl v230 (see #56571)
os_quota checks the current quotas for compute, network and volume
services and fails when no volume service is found in the catalog.
Since openstack test deployments without volume services are common,
os_quota shouldn't fail if such service is missing.
This was originally fixed in d31a09ceb7
and later adapted to catch exceptions raised by shade. Since then, this
module moved to using openstacksdk, which doesn't catch the exception
raised by keystoneauth1.
Fixes#41240
In rabbitmq_binding.py the SSL parameters ca_cert, client_cert, client_key were only passed to requests for post requests.
This change updates the DELETE and GET requests to include these parameters as well.
* Fix onepassword lookup plugin crashing on fields with no 'name' or 't' property.
* Fix onepassword_facts module crashing on fields with no 'name' or 't' property.
* Add unit test for onepassword lookup plugin failing on entries without a name.
* Add changelog fragment for onepassword lookup plugin and onepassword_facts module fixes on fields without a name.
* Fix notifying handlers by using an exact match rather than a string subset if listen is text rather than a list
* Enforce better type checking for listeners
* Share code for validating handler listeners
* Add test for handlers without names
* Add test for templating in handlers
* Add test for include_role
* Add a couple notes about 'listen' for handlers
* changelog
* Add a test for handlers without names
* Test templating in handlers
* changelog
* Add some tests for include_role
* Add a couple notes about 'listen' for handlers
* make more sense
* move local function into a class method
* Lookup secret id by name if not set
* Lookup config id by name if not set
* Add changelog fragment
* Remove usage of secret/config_id in examples
* Python 2.6 compat
* Extend secrets and configs tests
Module tracebacks may be reported on stdout instead of stderr when
using some connection plugins. For example, the ssh connection plugin
will report tracebacks on stdout due to use of the -tt option.
This change results in tracebacks being recognized on both stdout
and stderr, instead of the previous behavior of just stderr.
ci_complete
When provided with a wrong password `rabbitmqctl
authenticate_user` returns a non-zero exit code
(65). This seems to be unexpected by the module and
it fails when `update_password` is set to 'always'.
To mitigate this behavior we augment the `_exec`
method by adding a `check_rc` flag (which defaults
to `True`, hence it's backward-compatible) and
override it when we need it (in `check_password`
method to address #56164).
* win_pagefile - Fix idempotency when same settings as current
* Fix tests and code
* Fix problem with system managed
* Fix again systemmanaged detection
* Change check of systemmanged in creation
* Fix readability and wrong flag for test
* openssh_keypair: bugfix make regenerating keypairs via force possible / add invalid file handling
* openssh_keypair: change permissions of read-only file instead of deleting it for regeneration; add changelog fragment
* address review feedbak, refactor
* add integration tests for bigfixes
* linter: fix indent
* fixup integration tests: use force when regenerating an invalid file
* linter: fix indent
* openssh_keypair: address review feedback
* openssh_keypair: fixup, remove backtick
* openssh_keypair: address review feedback
* Only pass 'y' into stdin of ssh-keygen when file exists.
* Allow multiple databases(not all) to be dumped from mysql
Fixes: #56059
* Altered fail message to provide atleast one database name
* Minor grammatical fix
* Fix failing SAN comparison for older cryptography versions due to not implemented __hashh__ functions.
* Fix SAN comparison: IPv6 addresses need to be normalized before comparing strings.
* Add changelog.
* Fix comment.
* Improve error for docker modules when docker-py can't be imported.
* Add changelog.
* Mention platform and Python interpreter in more cases.
* Clarify wording.
* Adjust tests.
* Adjust hostname classes based on output from distro
Corrects the following:
- OpenSUSE Leap
- ArchARM
- Oracle Linux
* Add CoreOS and Clear Linux distributions
Python 3 only allows strings through the config parser. This is fine for
the URL, Username, and Password since these values are required. The CA
File is optional so an empty string is used in leiu of None in the
config dictionary.
* Implement display_ok_hosts and display_skipped_hosts like default callback
* Implement show_custom_stats and display_failed_stderr like default callback
* Fix pep8
* Clarify conditional
* Changelog fragment
* Import from defaults.py per feedback
* Improve general error behavior if a Docker error is not caught.
* Don't die when network doesn't exist.
* Add changelog.
* Make API version always available. Also catch errors when retrieving version.
* Fix error message.
* Adjust fallback error messages.
* ssh: Ensure debug messages are properly converted to text. Fixes#57843
* surrogate_then_replace is default, be less explicit
* We only needed to_text for display, not exceptions
* Change expected config source
* make it conditional
* rename property
* Add changelog fragment
* make it string
* Update changelogs/fragments/57969-docker_container-change-expected-config-source.yml
Co-Authored-By: Felix Fontein <felix@fontein.de>
* assign a sane default to yum/dnf lock_timeout, in line with cli
Fixes#57189
Signed-off-by: Adam Miller <admiller@redhat.com>
* fix typo in changelog snippet
Signed-off-by: Adam Miller <admiller@redhat.com>
* Updated testcase
* Added check mode support
* Added check for mutual exclusive for Name and UUID
Fixes: #57580
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
To get all instances gcp_compute made a call to the Google API for each
zone separately. Because of this if all zones needed to be queried
fetching hosts lasted 30+ seconds. Now the module will use a single
query that will return all the instances, so the execution should last
just a few seconds.
This commit also suppresses a warning from the google-auth library about
using user credentials because if an Ansible user wants to use user
credentials, there is no need to warn him about it.
* update vxlan
* add a changelog fragment for the PR 57264
* Update 57264-update-vxlan-to-fix-bugs.yml
update for change request
* Update ce_vxlan_vap.py
remove commented codes.
* Improve change reporting for meraki_ssid
- Documentation is more clear about dependencies
- Not all change reports are accurate without new algorithm
- Improved integration tests
* Rename changelog fragment
* Enable all tests in integration tests
- Fix type merging
* Add more integration tests for code coverage
* Update URL creation
* Add support for check mode
* Add diff support
- diff support is based on "have" and "want" data structures.
- Review needs to be done on the diffs for accuracy and usefulness.
- Changed change mode changed responses to be accurate.
* Remove config template based integration tests
* set ovirt disk active default value to True
* disk default activate only when creating
* correct comment syntax
* add changelog
* ovirt disk activate update docs
* Remove usage of global var log_path
* Add changelog and edit ignore.txt
* win_pagefile: not using testPath
* Revert "win_pagefile: not using testPath"
This reverts commit c8bc10234048257414454905e1c860a8f57a3b3f.
* PSLint error
* Update win_domain_membership.ps1
* Update win_domain_controller.ps1
* "setup.ps1" - Change $env:COMPUTERNAME to [System.Net.Dns]::GetHostName(), to support non NETBIOS compliant hostnames
* Change method to base on WMI
* changed ansible_domain to use WMI
* Fixed per review
* Fixed dot stuff
* Revert "Fixed dot stuff"
This reverts commit a1d5be00f1.
* dot stuff
* dot stuff 2.0
* Update setup.ps1
* Wrap this up to go
Folder creation API is only supported by vCenter, specifying
Standalone ESXi system will raise error.
This fix adds an user warning for suggesting this restriction.
Fixes: #49938
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* postgresql_idx: self.__exec_sql -> module_utils.postgres.exec_sql
* postgresql_idx: exec_sql, added a changelog fragment
* postgresql_idx: exec_sql, fix the changelog fragment
* postgresql modules: use postgres.exec_sql instead of __exec_sql methods
* postgresql modules: use exec_sql, added changelog fragment
* Update changelogs/fragments/57674-postgres_modules_use_exec_sql_instead_of_methods.yml
Co-Authored-By: Felix Fontein <felix@fontein.de>
* win_domain_group_membership - Fix missing @extra_vars on Get-ADObject to support dirrent domain and credentials for retrival
* win_domain_group_membership - Fix missing extra_vars on Get-ADObject
* Merge authentication options back into a single field to prevent losing options beyond the first
* Add integration test and changelog
* Fix multiple options for local type connections. Also fix sorting errors between local type connections that lack a src
* Build again because of github problems?
* Add spaces before comments
The extant documentation says that the fingerprint return value is a
single string, but it is currently being returned as a split list.
Convert the returned value to a string as documented, and add some
basic test-case coverage for the return values.
PR #55396
Make Git module support `--valid-pgpkeys` option, which allows
configuring a list of valid PGP fingerprints which are compared with the
used PGP fingerprint if verify_commit is true. This requires
verify_commit to be set to 'yes'.
Signed-off-by: Jelle van der Waa <jelle@vdwaa.nl>
Co-authored-by: Sviatoslav Sydorenko <webknjaz@redhat.com>
* Add support for check mode.
* Add diff support
- Need to analyze diff for accuracy
- Updated check mode changed value
* Improve test coverage
* Remove a duplicate integration test
* Add support for check mode
* Add changelog fragment
* Add diff support
- Fix a few changed status
- Removed auth_key check since that's done in module_utils now
* win_chocolatey - honour version when bootstrapping chocolatey
* skip upgrade all step
* Fix install latest step
* Remove test changes now that Chocolatey is released
* tweak the package version detection
* Fix order for warning on templated conditionals
Fix bare variable warnings when the variable is a boolean
* changelog
* Add tests for cases that should and should not give warnings
If the behavior may change when the default behavior for CONDITIONAL_BARE_VARS becomes False there should be a warning. Boolean type conditionals will not change in behavior so don't warn.
* oops, forgot to add files
* typo
* Allow syslog_json callback options to be set in an Ansible configuration file.
The syslog_json documentation says that it supports options via an Ansible
configuration file. In fact, they can only be specified via environment
variables.
I've updated the module to use the standard "get_options" handling which means
that it can now support options via environment variables *or* the
configuration file.
Options can be set in the configuration file as follows:
```
callback_whitelist = syslog_json
[callback_syslog_json]
syslog_server = localhost
syslog_port = 514
syslog_facility = user
```
* Use the original, documented, names for the modules options.
In the documentation text change syslog_server to server, syslog_port to port
and syslog_facility to facility.
* Add an item to the changelog.
* Update 57232-syslog-json-configuration-options.yml
Fix a YAML syntax error / typo.
* Adding integration test for 127.0.0.1/32 and ::1/128.
* Making sure file is not corrupted when render fails
* Fixes#56430
* Adding changelog for MR 57147/Issue 56430
* Add support for check mode
* Check mode returns proper changed status
- Added is_template_valid()
- Restructured check_mode so it will always return data
- Check mode should show proper changed status
- Code is untested and integration tests need to be expanded
* Fix deleting networks
- Add integration tests for deleting networks
- Refine tests based on changed/unchanged
* Remove one task from integration test
* Add support for disableRemoteStatusPage
- New feature in the Meraki API
- Yes, it's a double negative, I may fix at some point
* Remove double negative
- All disables became enable and logic is reversed
- This isn't yet tested
* Switching computers!!!
* Apply changes to make the logic work, even reversed
* Attempt to fix some formatting errors
* Add documentation fragment
* Fix whitespace
* Add disable_my_meraki back, with deprecation notice
* Edit changelog notice
* Update deprecation version
* Update example to be a block and change deprecation message.
* Remove duplicate delegate_to
* Change deprecation notice.
* Rewrite idempotency check
- Check now operates recursively and works on multiple types
- Order of lists matter
* Remove blank line for lint
* Fixed idempotency checks in meraki_ssid
- New sanitize() method for finding keys unique in compared dicts
- Fixed bug in meraki_ssid where SSID specified by number breaks
- This will require a backport
- Converted ignored_keys from tuple to list
* Made changes required for idempotency
* Add changelog fragment
* Add unidirectional option for testing
* Disable option 1 check
* General fixes for is_update_required testing
- Added commented out debug statements in method
- Fixed ignored_keys modifications
* Remove old commented algorithm
Add check for all policy fields (name, apply_to, pattern, tags,
priority) to have correct changed state. Previosly changed state was
based on policy name only.
* Add support for rabbitmq 3.7
* Fix exec args for rabbitmqctl status
* Add changelog and fix description for Ansible 2.9
* Return results even when the cache is disabled
By default the cache is disabled and so the results of the API call
are not placed in there for the return statement to fetch.
* Always update self._cache to return
* route53_facts: add check mode support
* route53_facts: add changelog fragment mentioning check mode support
* route53_facts: alter changelog fragment type from `minor_changes` to `bugfixes`
* Update changelogs/fragments/56900-route53-facts-check-mode.yaml
Co-Authored-By: Felix Fontein <felix@fontein.de>
* [docker_network] Fix idempotency when using aux_addresses in ipam_config
Mismatch between keys returned by Docker API (AuxilliaryAddresses) vs
expected by Ansible module (aux_addresses) resulted in tasks always
have status 'changed'. The existing code normalizing one set of
keys to another missed this special case where converting
CamelCase to lowercase is not sufficent.
Please see
https://github.com/moby/moby/blob/master/api/types/network/network.go
for reference.
* Correct keywords formatting in changelog file
Co-Authored-By: Felix Fontein <felix@fontein.de>
According to the OpenStack Networking API
the attribute binding:vnic_type of a port is optional.
This change enables the os_port module to handle
binding:vnic_type as optional.
Until now, the module was only able to interact with vcenter. This
commit adds the ability to directly target an ESXi without the
`esxi_hostname` parameter.
- Also return url and update docs for other values to indicate they are only returned on success.
- Add integration tests
- Use info variable for common return values
- Use -1 as default status rather than None. This is lines up with with existing code in urls.py
- Add unit tests to ensure status and url are returned on failure
* Make datacenter as alias and optional
* Add folder param to place datastore cluster in specific folder
* Updated examples
* Updated tests
Fixes: #48010
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Add a new "log_folder" option to the log_plays callback plugin.
A a new option for the log_plays callback plugin which allows the user to
control where the callback where creates log files.
The option can be set via the ANSIBLE_LOG_FOLDER environment variable or in the
Ansible configuration file, e.g.:
[callback_log_plays]
log_folder = /path/to/my/log/folder
Ensure `wait_condition`s with `Status: Unknown` actually
complete
Return k8s object after wait rather than k8s object before
wait when object is patched.
* [docker] images: add support for lookup by sha256 digest
Signed-off-by: Jakob Ackermann <das7pad@outlook.com>
* [tests] docker image by digest: work on a minimal test case
Signed-off-by: Jakob Ackermann <das7pad@outlook.com>
* [docker] group branch conditions per lookup
Co-Authored-By: Felix Fontein <felix@fontein.de>
* [misc] add a news fragment for the added digest lookup for docker images
Signed-off-by: Jakob Ackermann <das7pad@outlook.com>
* Allow python_requirements_facts to cope with packages with dashes
```
python_requirements_facts:
dependencies:
- kubernetes-validate
```
should work as expected
* Ensure tests run for python_requirements_facts
* Unchanged requests now return the original data
* Add changelog fragment
* Add integration tests for returned data for meraki_network
* Add integration tests for returned data
* Improve idempoetent output
- Make MX l3 rules always show default rule
- Add integration tests
* Add integration tests for returned data on meraki_network
* Improved idempotency in a few modules and improved tests
* Rewrite much of the execution of meraki_switchport
- Previous versions had problems with idempotency and allowed_vlans
* Modified payload creation
- Parameter map is used
- propsed is created using .copy()
- Much cleaner this way
* Add whitespace for lint
* Add bugfix snippet for changelog
*`vsphere_copy` was only able to interact with a vCenter instance. This
patch change that.
* In addition, it also makes use of the `vmware_argument_spec`.
Co-Authored-By: Abhijeet Kasurde <akasurde@redhat.com>
* fix module defaults
- corrected precedence (specific module > group)
- made into reusable function
- use from gather_facts/service/package to match 'actual module used'
The networking API v2 specification, which is implemented
by openstack neutron, features an optional MTU parameter that
allows operators to specify the value for the maximum
transmission unit value.
All vmware_guest_* module support for use_instance_uuid from Ansible 2.8,
somehow vmware_guest_disk missed from this change.
This fix adds support for use_instance_uuid in vmware_guest_disk.
Fixes: #56021
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
As described in #53385 (and #31759), the docker connection driver did
not support privilege escalation. This commit is a shameless
cut-and-paste of the privilege escalation support from the `local`
connection plugin into the `docker` plugin.
Closes: #53385
* sysctl will now return an error if the value is invalid
sysctl can fail to set a value even if it returns an exit status 0. More
details: https://bugzilla.redhat.com/show_bug.cgi?id=1264080. Because of
this in case of an invalid value or a read-only file system, sysctl
module would return OK, even though it didn't set anything. To be sure
that sysctl correctly applied the changes we also need to check the
output of stderr.
* Run sysctl with LANG=C
Because we are parsing sysctl stderr we need to make sure that errors
are persistent across different system language settings.
* Add changelog fragment for sysctl
* remove deprecated get_md5 from stat
fixes#55309
* removed get_md5 from tests involving stat
* keep get_md5 but hide it
* rst it
* ammended comment
* ws
* added ignore for hidden md5
* Make ansible adhoc work with include_role
Fix logic condition so that include_role works
without
```
ERROR! 'async_val' is not a valid attribute for a IncludeRole
The error appears to be in 'None': line 0, column 0, but may
be elsewhere in the file depending on the exact syntax problem.
(could not open file to display line)
```
* Add include_role test for adhoc
* XenServer: Minor changes and fixes in xenserver_guest
- xenserver_guest module: ignore wait_for_ip_address when
state=absent (fixes#55348). Module docs are updated to reflect this.
- xenserver_guest module: show proper error message when maximum number
of network interfaces is reached and multiple network interfaces are
added at once (fix for changes introduced in #54697).
- xenserver_guest module: fixed a bug in reconfigure() where VM would
be powered off even though check mode is used when reconfiguration
needs VM to be powered off.
* Added changelog fragment
mem_reservation and memory_reservation has redundant implementation.
Combining them together.
Fixes: #54335
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* remove external grep call and parse with python
* use function for repeated code
* use module.get_bin_path() for iscsiutil on HPUX
* some code opt for HPUX
* clean up non-module code, module being defined is a requirement for this code
* import get_bin_path() directly and use without module prefix
* Add integration tests for AIX and HP-UX
* add changelog fragment
* Apply suggestions from code review
Co-Authored-By: mator <matorola@gmail.com>
* Apply suggestions from code review #2
Co-Authored-By: Sam Doran <sdoran@redhat.com>
* Remove strict requirement on executable to exist for get_bin_path() as
it will allow facts gathering to continue without an error. Almost all
other files under facts do not have "required=True" (except 2 files,
which should be probably fixed). And check return value for
get_bin_path() , before run attempt.
* add check for AIX lsattr run_command return code
When `vmware_datastore_facts` does not fine any datastore, it raises an error.
This is not consistent with the other _facts modules. It should just return
an empty list instead.
* Fix loading namespaced doc_fragments
The syntax for specifying a different fragment name was already
using '.' as a separator, so the code needed to be tweaked to
avoid choking on names like `testns.testcoll.fragname` and
`testns.testcoll.fragname.altvar`.
`get_plugin_class()` returns 'docfragment' for the fragment loader;
mangling `subdir` provides consistent alignment with the normal plugin
directory names and avoids needing special handling of plugin types
with 'module' in the name.
* Add changelog entry
* add multi-node manipulation, delete on xpath match only and count capability to win_xml
* fix pep8 and yamllint errors identified by ci tests
* fixed bugs when handling multiple elements, multiple attribute nodes and handling for attribute nodes when using xpaths that only select attributes like //@lang. Added more tests and tweaked documentation.
* fixed line-too-long error
* fixed trailing space errors
* trailing whitespace expunged
* bump version_added to 2.9 for new changes
* fix PSAvoidUsingPositionalParameters sanity check failure
* refix sanity check as it broke the msg return value
* Check variables are defined before using combine filter
* Add tests for the combine filter
* Remove dependencies that should already be installed
* relocate the function to recursively check for undefined vars
add another test
* changelog
* Support using importlib on py>=3 to avoid imp deprecation
* Add changelog fragment
* importlib coverage for py3
* Ansiballz execute should use importlib too
* recursive module_utils finder should utilize importlib too
* don't be dumb
* Fix up units
* Clean up tests
* Prefer importlib.util in plugin loader when available
* insert the module into sys.modules
* 3 before 2 for consistency
* ci_complete
* Address importlib.util.find_spec returning None
* prevents accidental templating on intra-action postprocessing of an untrusted module result
* makes the view of a module result within an action consistent with the way it would be stored for future use (eg facts, register)
* Make module not get all nets every time it's executed with net_id
* Add changelog fragment
* Update changelogs/fragments/meraki_static_route_api_calls.yml
Co-Authored-By: kbreit <kevin.breit@kevinbreit.net>
* Start of migration to argparse
* various fixes and improvements
* Linting fixes
* Test fixes
* Fix vault_password_files
* Add PrependAction for argparse
* A bunch of additional tweak/fixes
* Fix ansible-config tests
* Fix man page generation
* linting fix
* More adhoc pattern fixes
* Add changelog fragment
* Add support for argcomplete
* Enable argcomplete global completion
* Rename PrependAction to PrependListAction to better describe what it does
* Add documentation for installing and configuring argcomplete
* Address rebase issues
* Fix display encoding for vault
* Fix line length
* Address rebase issues
* Handle rebase issues
* Use mutually exclusive group instead of handling manually
* Fix rebase issues
* Address rebase issue
* Update version added for argcomplete support
* -e must be given a value
* ci_complete
-Add: Test cases for ansible_parent_role_names and ansible_parent_role_paths
-Add: ansible_parent_role_names/paths variables for when a role is being included by another role.
Ensure inventory plugin loading rel to play
fixes#51033
* clarify paths
* now adding dirs funciton in loader
* better warnings
* each cli should handle adding dirs depending on context
* Solaris WWN parsing cosmetic fix (commit 924f5b5467)
* simplify module.run_command by removing use_unsafe_shell and remove calling of external grep
* add changelog fragment
* Use module_utils.compat.ipaddress where possible.
* Simplify reverse pointer computation.
* Use dummy for unused variables.
* Remove from ignore list.
* Adjust fix.
* Fix text handling for Python 2.
* Add changelog.
Check return value of FindByInventoryPath API which is used for
finding desired folder to deploy OVF.
Fixes: #54823
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* General test improvements.
* Adjust tests to older docker-py versions.
* docker_swarm_server_info: work around problems with older docker-py versions
* Bump minimal docker-py version for options network_filters and disk_usage.
* More general test improvements.
* Correct usage of docker_image.
* Put files into output directory.
* Speed up test.
* Remove old check.
* Version in deprecate calls should be a string. Fixes#55312. Fixes#55313. Fixes#55314. Fixes#55315. Fixes#55316. Fixes#55317.
* Add changelog fragment
* Add test for generating a CSR with everything, and testing idempotency.
* Proper SAN normalization before comparison.
* Fix check in cryptography backend.
* Convert SANs to text. Update comments.
* Add changelog.
* Warn when log_options values are not strings.
* Add changelog.
* Improve message.
* Improve formatting and formulation of other messages.
* Add test for warning.
* Trying double escaping.
After branch, we do the following tasks:
* Remove all old changelog fragments. The devel tree starts fresh.
* Remove all old generated changelog info (CHANGELOG-v2.8.rst and .changes.yaml)
* Set the new codename and version in release.py
* become mixin is no more
since sudo/su keywords are removed in 2.9 .. no need to keep this code around
* also don't need test for code that is removed
* made preprocess_data on base noop
its not used by anything anymore, but kept for backwards compat since other methods of same name are used
* Extend git commit c65909d6db "Add network fact to obtain FC WWN initiator ports"
adding support of enumerating AIX device WWN ports
$ lsdev -Cc adapter -l fcs*
fcs0 Defined 00-00 8Gb PCI Express Dual Port FC Adapter (df1000f114108a03)
fcs1 Defined 00-01 8Gb PCI Express Dual Port FC Adapter (df1000f114108a03)
fcs2 Available 04-00 8Gb PCI Express Dual Port FC Adapter (df1000f114108a03)
fcs3 Available 04-01 8Gb PCI Express Dual Port FC Adapter (df1000f114108a03)
$ lscfg -vpl fcs3 | grep 'Network Address'
Network Address.............10000090FA551509
* no self in this code
* Two fixes:
- fix run_command execution, passing 'use_unsafe_shell=True' since we have a pipe in it ( | grep )
if we don't set unsafe shell, it will return error on execution.
- strip new line characters at the end of WWNs.
* fix pep8 , E225 missing whitespace around operator
* use module.get_bin_path() instead of hardcoded values
* move module.get_bin_path() out of for loop
* use python string parsing instead of calling external grep
* use in operator instead of find() for simplicity and readability
* add changelog fragment
* Added idempotency logic to openssl_pkcs12
Also decoupled the 'parse' and 'generate' function from the file write
as they are now used in different places that do not need the file to be
written to disk.
* Added idempotency tests for openssl_pkcs12
Also adds a new test for pkcs12 files with multiple certificates
* Regenerate if parsed file is invalid
* pkcs12_other_certificates check was wrong
* Updated ca_certificates to other_certificates
ca_certificates is left as an alias to other_certificates;
friendlyname depends on private key, so it will be ignored while
checking for idempotency if the pkey is not set;
idempotency check only checks for correct certs in the stack
* use different keys for different certs
* Added other_certificates in module docs
* Added changelog and porting guide
* removed unrelated porting guide entry
* renamed ca_cert* occurrence with other_cert
* facts: correctly detect xen paravirt vs hvm cpuinfo
Fixes#49039
Signed-off-by: Adam Miller <admiller@redhat.com>
* provide default val if we IndexError
Signed-off-by: Adam Miller <admiller@redhat.com>
This reverts commit 85d836171b.
As discussed in WWG IRC meeting, we don't want Get-ADObject to be a dependency of win_domain_membership, and we need to be able to authenticate to the DC in some configs. We can revisit this change a different way for 2.9.
* Force pkg_mgr yum for rhel < 8, dnf for rhel > 8
This solves the scenario in which someone using RHEL or a clone
decides to install dnf, which can break their system in certain ways
under certain scenarios (a dnf bug that's been resolved upstream but
left user systems broken happened recently). Currently Red Hat
provides dnf to RHEL7 in an optional Tech Preview Channel under the
YUM4 branding, as does the CentOS Content Management SIG. There may
be others in the ecosystem I'm not familiar with.
Signed-off-by: Adam Miller <admiller@redhat.com>
* add changelog
Signed-off-by: Adam Miller <admiller@redhat.com>
* Use six from ansible.module_utils for inventory scripts
Remove skips from sanity test
* Change all imports of ConfigParser to use module_utils.six.moves
* Remove commented out lines
* Fix six imports
* mysql_user: fix MySQL/MariaDB version check
To handle properly user management, version check needed refacto, as well as the query used to get existing password hash
* mysql_user: break long query in multiple lines
* mysql_user: fix query fetch existing password hash
* mysql_user: MariaDB version check 100.2 != 10.2
* mysql_user: fix existing password fetch
In some cases, both columns (Password and authentication_string) may exist and be populated.
In other cases one exist, but not the second.
This fix should handle properly all situations
* mysql_user: break long queries
* mysql_user: refactor duplicated code
* mysql_user: handle updates from root with empty passwd to new passwd
* mysql_user: GC debug statement and readd trailing new line
* mysql_user: fix pep8 under indentation
* mysql_user: fix privileges management
https://github.com/ansible/ansible/pull/45355#issuecomment-428200244
* mysql_user: raise exception if exception caught doesn't match the one that is managed
* mysql_user: improve plugins output (add msg field with explicit informations)
* mysql_user: fix old / new password hash comparison
* mysql_user: fix reference to old MySQLdb lib
* mysql_user: fix cursor when root password is left empty (mysql DB invisible)
* mysql_user: add changelog
* ALL privileges comparison
* fixed blank line
* added mysql 8 fixes
* fixed version compatibility
* mysql_user: fix MySQL/MariaDB version check
To handle properly user management, version check needed refacto, as well as the query used to get existing password hash
* mysql_user: break long query in multiple lines
* mysql_user: fix query fetch existing password hash
* mysql_user: MariaDB version check 100.2 != 10.2
* mysql_user: fix existing password fetch
In some cases, both columns (Password and authentication_string) may exist and be populated.
In other cases one exist, but not the second.
This fix should handle properly all situations
* mysql_user: break long queries
* mysql_user: refactor duplicated code
* mysql_user: handle updates from root with empty passwd to new passwd
* mysql_user: GC debug statement and readd trailing new line
* mysql_user: fix pep8 under indentation
* mysql_user: fix privileges management
https://github.com/ansible/ansible/pull/45355#issuecomment-428200244
* mysql_user: raise exception if exception caught doesn't match the one that is managed
* mysql_user: improve plugins output (add msg field with explicit informations)
* mysql_user: fix old / new password hash comparison
* mysql_user: fix reference to old MySQLdb lib
* mysql_user: fix cursor when root password is left empty (mysql DB invisible)
* mysql_user: add contrib
* Rename changelogs/fragments/45355-mysql_user-fix-versions-compatibilities to add YML extension
- Fixed issue #25017,#37567
- Add example for prompt on launch
- Add integration test for prompt on launch
Signed-off-by: Hideki Saito <saito@fgrep.org>
* updated tests and changelog for 54516
* Handle errors if PG does not support partitioning.
* Check for PG > 10 in tasks
* Show changes for partitioned tables in ansible
* Added documentation in the tests
* Update test/integration/targets/postgresql/tasks/postgresql_privs.yml
Co-Authored-By: raymondroelands <raymondroelands@users.noreply.github.com>
* Update test/integration/targets/postgresql/tasks/postgresql_privs.yml
Co-Authored-By: raymondroelands <raymondroelands@users.noreply.github.com>
* Added check for 0 tables after revoking rights
* Added test and moved tests
Added check mode test and moved test right after the change.
* Rebased postgresql_privs.py
* Correct behavior so that direction isn't required for default.
* Add more tests.
* 'disabled' values cannot be changed.
* Include 'not specified' in messages.
* fix missing attribs with dirct module execution
* also make remote tmp handling smarter
update tests
* set default if attrib does not exist
* add simple test
* Remove default use of paramiko connection plugin on macOS
This fix was originally to work around a bug that caused a kernel panic on macOS
that has since been fixed.
* Remove paramiko from requirements.txt
* Move paramiko checking to common place
* Drop the warnings obfiscation code
* Update pip installation instructions to reflect upstream instructions
* Fix tests on CentOS 6 (Python 2.6) that now show Python deprecation warnings
* Add changelog fragment
The controller's fixup_perms2 uses filesystem acls to make the temporary
file for copy readable by an unprivileged become user. On Python3, the
acls are then copied to the destination filename so we have to remove
them from there.
We can't remove them prior to the copy because we may not have
permission to read the file if the acls are not present. We can't
remove them in atomic_move() because the move function shouldn't know
anything about controller features. We may want to generalize this into
a helper function, though.
Fixes#44412
Co-authored-by: Toshio Kuratomi <a.badger@gmail.com>
* Return UnlockKey
* Add changelog fragment
* Add method to check if a parameter exists in diffs
* Add method to get swarm unlock key
* Add option unlock_key
* Only return unlock key when created or changed
* Rename difference check
* Extend unlock key example
* Assert that unlock_key is a string
* Fix docker_swarm_info authors
* Don’t silence APIErrors
* Test unlock_key on unlocked swarm
* Catch APIError when retrieving unlock key
* Better return value description
* Lint
* Fix UnlockKey return value documentation
Co-Authored-By: hannseman <hannes@5monkeys.se>
* Get unlock key safely
Co-Authored-By: hannseman <hannes@5monkeys.se>
* Return None on empty UnlockKey
* Assert swarm_unlock_key is undefined if unqueried
* Add documentation about swarm_info unlock_key
* Add change log fragment for unlock_key option
* Revert "Add change log fragment for unlock_key option"
This reverts commit e3cb2325b5.
* Use generator expression instead
* Restart docker more decisively
* Use systemctl kill
Co-Authored-By: hannseman <hannes@5monkeys.se>
* Try to restart docker daemon
* cloudstack: remove choice list for hypervisor param
* cloudstack: streamline network_type with returned value by the API
* cloudstack: remove E326
* add changelog fragment
* win_nssm: rename cmdlets to use approved verbs, rename service name parameters
* win_nssm: improve code style and cmdlets ordering
* win_nssm: always escape all command line parameters with Argv-ToString
fix error when the service name contains quotes
* win_nssm: use Fail-Json instead of exceptions and remove global try/catch
* win_nssm: small refactoring, inline some functions
* win_nssm: refactoring - add a generic cmdlet to idempotently set any nssm service parameter
* win_nssm: refactoring - inline some functions
To make the code more malleable for future changes
* win_nssm: change application, stdout_file and stderr_file options type to path
* win_nssm: deprecates app_parameters, rename app_parameters_free_form to arguments, and add support for list of parameters
* win_nssm: add support of check mode
* win_nssm: add working_directory option
* win_nssm: add display_name and description options
* win_nssm: minor changes
* win_nssm: remove some sanity exclusions
* win_nssm: avoid using aliases and minor style fixes
* win_nssm: doc and ui improvements
* win_nssm: remove sanity exclusions
* win_nssm: minor revision
* win_nssm: deprecates dependencies, start_mode, user and password parameters and some choices of state in favor of win_service
* win_nssm: fix style
* win_nssm: add executable option to specify the location of the NSSM utility
* win_nssm: add missing parameter types
* win_nssm: add diff mode support
* win_nssm: avoid displaying depreciation warning if default value is assigned
* win_nssm: fix variable scope
* win_nssm: use the explicit -LiteralPath parameter name instead of -Path
* win_nssm: fix documentation
* win_nssm: add porting guide entries
* win_nssm: add changelog fragment
* Add support for notes
* Add test for notes
* Device notes changes
- Renamed from notes to note
- Modified tests to work
* Comment device test since it only works once
* Remove assertion stanza and move assertion to existing one
* Add version_added to note documentation
* Converted from tabs to spaces
* Added changelog fragment
* Remove changelog file since it's a feature
* Add changelog fragment
* basic plugin loading working (with many hacks)
* task collections working
* play/block-level collection module/action working
* implement PEP302 loader
* implicit package support (no need for __init.py__ in collections)
* provides future options for secure loading of content that shouldn't execute inside controller (eg, actively ignore __init__.py on content/module paths)
* provide hook for synthetic collection setup (eg ansible.core pseudo-collection for specifying built-in plugins without legacy path, etc)
* synthetic package support
* ansible.core.plugins mapping works, others don't
* synthetic collections working for modules/actions
* fix direct-load legacy
* change base package name to ansible_collections
* note
* collection role loading
* expand paths from installed content root vars
* feature complete?
* rename ansible.core to ansible.builtin
* and various sanity fixes
* sanity tweaks
* unittest fixes
* less grabby error handler on has_plugin
* probably need to replace with a or harden callers
* fix win_ping test
* disable module test with explicit file extension; might be able to support in some scenarios, but can't see any other tests that verify that behavior...
* fix unicode conversion issues on py2
* attempt to keep things working-ish on py2.6
* python2.6 test fun round 2
* rename dirs/configs to "collections"
* add wrapper dir for content-adjacent
* fix pythoncheck to use localhost
* unicode tweaks, native/bytes string prefixing
* rename COLLECTION_PATHS to COLLECTIONS_PATHS
* switch to pathspec
* path handling cleanup
* change expensive `all` back to or chain
* unused import cleanup
* quotes tweak
* use wrapped iter/len in Jinja proxy
* var name expansion
* comment seemingly overcomplicated playbook_paths resolution
* drop unnecessary conditional nesting
* eliminate extraneous local
* zap superfluous validation function
* use slice for rolespec NS assembly
* misc naming/unicode fixes
* collection callback loader asks if valid FQ name instead of just '.'
* switch collection role resolution behavior to be internally `text` as much as possible
* misc fixmes
* to_native in exception constructor
* (slightly) detangle tuple accumulation mess in module_utils __init__ walker
* more misc fixmes
* tighten up action dispatch, add unqualified action test
* rename Collection mixin to CollectionSearch
* (attempt to) avoid potential confusion/conflict with builtin collections, etc
* stale fixmes
* tighten up pluginloader collections determination
* sanity test fixes
* ditch regex escape
* clarify comment
* update default collections paths config entry
* use PATH format instead of list
* skip integration tests on Python 2.6
ci_complete
* Add a force_replace_host flag to win_domain_membership
Satisfies https://github.com/ansible/ansible/issues/53539
* Rework backticks
* Bump version_added
* Check for existence of current hostname as well; use LDAPFilter during search
* Rename $force_replace_host to $allow_existing_computer_account
* Added docs, porting guide and minor nit in code
* Catch all request timeouts for winrm connection
The current implementation only catches 'ConnectTimeout' exceptions.
Instead we should catch 'Timout' which also catches ReadTimeout
exceptions.
Improves on: #51744
Co-Authored-By: westphahl <westphahl@gmail.com>
* Changelog for winrm error handling improvement
* Use locking for concurrent file access
This implements locking to be used for modules that are used for
concurrent file access, like lineinfile or known_hosts.
* Reinstate lock_timeout
This commit includes:
- New file locking infrastructure for modules
- Enable timeout tests
- Madifications to support concurrency with lineinfile
* Rebase, update changelog and tests
We need to specify ansible_python_interpreter to avoid running interpreter discovery and selecting the incorrect interpreter.
Remove the import of lock in known_hosts since it is not used.
* start fixing gcp inv plugin
* minor fixes
* added clog
* ajust comments
* link indv zone/project
* separate specific zone/project from other params
* restoring zones query per project
* also work when zones given
* fixed scopes, removed incorrect docs as not option