Commit Graph

795 Commits (6a2b9c2a861cdbef754cb9c13e5a700529d3d379)

Author SHA1 Message Date
Martin Krizek 63ea96d5f1 assemble: avoid extra newline on Python 3 (#54176)
Fixes #44739
6 years ago
Andrea Tartaglia 36a790dcde New cryptography backend for openssl_certificate (#53924)
* New cryptography backend for openssl_certificate

load_* functions in module_utils/crypto.py now have a backend paramter
which when set to 'cryptography' will return cryptography objects so
they can be used for both pyopenssl and cryptography backends.
Added a select_message_digest function too returning a cryptography
digest hash from `cryptography.hazmat.primitives.hashes`
Added new classes for Cryptography backend

* Run test with various backends.

* Prefixing tests.

* Make sure we have the correct backend available.

* Linting (flake8).

* Moved cryptography import to separate try/except

* Make sure certificate is actually valid at some time in the past.

* Improve error handling.

* Trying to fix validation for cryptography backend.

* Fixed issue with keyUsage test in assertonly

* Fixed CI/Lint issues

* Fix private key problem for OwnCA.

* Cryptography backend doesn't support v2 certs.

* issue an expired cert with command when using cryptography backend

* Added warning when backend is auto and v2 cert is requested

* Bumped min cryptography version to  1.6

* Correctly check for failure when backend is cryptography and cert is v2

* Use self.backend where possible

* Use secp521r1 EC when testing on CentOS6

* Fixed pylint issue

* AcmeCertificate support for both backends

* Review fixes

* Fixed missing '(' when raising error

* Fixed date_fmt loop

* Updated docs and requirements with cryptography

* Add openssl_certificate to changelog.
6 years ago
Christian Rohmann 90c092a104 Allow configuration of connection_limit per postgresql database (postgresql_db) (#40345)
Fixes #40060

* Fix coding style errors
* Use CONNECTION LIMIT (no underscore)
* From review done by amenonsen and bcoca - Set default at None, make the change detection less confusing
* Added EXAMPLE on how to apply a database specific connection limit
* Added some basic tests for conn_limit applied to a database
* Check that conn_limit has actually been set / updated to 200
* Add changelog fragment regarding postgresql_db conn_limit parameter
6 years ago
Felix Fontein 1a94cf140c openssl_publickey: fix handling of OpenSSH private keys with passphrase (#54192)
* Cleanup.
* Make sure that OpenSSH passphrases are handled correctly.
* Add changelog.
6 years ago
David Passante aa32164d15 cs_volume: add volumes extraction and upload features (#54111)
* cs_volume: add volumes extraction and upload features

* cs_volume: Update doc, remove deprecated code

* cs_volume: Add unit tests for extract and upload features
6 years ago
Alexander Bethke f9c7ccbb41 Fixes flatpak module to work with flatpak >=1.2.0, fixes #51485 (#51482)
* Fixes flatpak module to work with flatpak >=1.2.0, fixes #51481

This keeps backwards-compatibility for flatpak versions before 1.2.0

* Fixes typeo

Co-Authored-By: oolongbrothers <oolongbrothers@zeibar.net>
6 years ago
tcraxs bb61d7527f #50877: add support to postgresql_privs to use "FOR { ROLE | USER } target_role" in "ALTER DEFAULT PRIVILEGES" (#51073)
* #50877:
* add support to postgresql_privs to use "FOR { ROLE | USER } target_role"
   in "ALTER DEFAULT PRIVILEGES"

* fix sanity errors

* #50877: fix documentation and add a check for correct usage
of target_roles

*  #50877: fix missing absent option for default privs with target_role

* #50877: add clear description, when target_roles can be used

* #50877: fix conflicts, formatting, and add a changelog fragment

* #50877: fix sanity error E335

* #50877: swap conditions and fix error to warning msg

*  #50877: add tests for default privileges

* #50877: fix tests for default privileges

* #50877: fix tests for default privileges on centos 6
6 years ago
René Moser f885717f74 fix typo (#54166) 6 years ago
Felix Fontein 8d62794f91 docker: rename docker_*_facts -> docker_*_info (#54124)
* Rename docker_*_facts -> docker_*_info.

* Add changelog.

* Update scenario guide.
6 years ago
René Moser c5609c51bf
include_tasks: fix traceback if no file specified (#54044) 6 years ago
Martin Krizek 0e28ab4528
Template run_once for handlers (#54030)
Fixes #27237
6 years ago
Brian Coca d1a688b1d7
dict is dict (#54057) 6 years ago
Felix Fontein 05bca95ab1 ACME: rename acme_account_facts -> acme_account_info (#54082)
* Rename acme_account_facts -> acme_account_info.

* Add changelog fragment.
6 years ago
Hannes Ljungberg 7a3f9456ef docker_swarm_service: Make resolve_image default to false (#54018)
* Make resolve_image default to false

* Check resolve_image versions regularly
6 years ago
Felix Fontein 847a86beef docker_image: allow proxy config (#53905)
* Simplify checks.

* Add use_config_proxy option.

* Add changelog.

* Avoid docker-py crash.
6 years ago
Sorin Sbarnea 014cb73694 Facts: Use vm_stat instead of sysctl for free memory (#52917)
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
6 years ago
Jordan Borean 7ab77f6c8a
win_psexec - support paths with a space (#54009) 6 years ago
Jordan Borean cf24542e9f
win_get_url - fix glob like paths (#54008) 6 years ago
Jordan Borean eb18df1a0f
win_certificate_store - fix glob like paths (#54007) 6 years ago
Jordan Borean 2f1bc34589
win_copy - fix glob like paths (#54006) 6 years ago
Jordan Borean 8a4079ddbf
win_find - fix glob like paths (#54005) 6 years ago
Jordan Borean c053bc1fc7
win_file - fix glob like paths (#54003) 6 years ago
Felix Fontein e00f315358 openssl_privatekey: add backup option (#53593)
* Add backup option to openssl_privatekey.

* Add changelog fragment.

* Make module available in remove().

* Add tests for backup.

* Update lib/ansible/modules/crypto/openssl_privatekey.py

Co-Authored-By: felixfontein <felix@fontein.de>

* Update lib/ansible/modules/crypto/openssl_privatekey.py

Co-Authored-By: felixfontein <felix@fontein.de>

* Update lib/ansible/modules/crypto/openssl_privatekey.py

Co-Authored-By: felixfontein <felix@fontein.de>

* Update lib/ansible/modules/crypto/openssl_privatekey.py
6 years ago
MonsieurBon eb790cd3c6 Added support for iptables module iprange (#53732) (#53732) 6 years ago
Felix Fontein 50d56ca89d docker_image: stop pulling by default on build (#53911)
* Prepare to change default of build.pull from yes to no in Ansible 2.12.

* Specify build.pull.

* Add changelog.

* Fix bad indent.
6 years ago
David Passante e62fc508ad cs_network_offering: Add choice list for supported_services in arg_spec (#53901) 6 years ago
Jordan Borean 980ca564ce
windows - Fix module utils with glob paths (#53835)
* windows - Fix module utils with glob paths

* fix link util tests when using DOS 8.3 paths
6 years ago
Jordan Borean cac3c6efcf
win_chocolatey - Fix incompatibilities with latest Chocolatey release (#53841) 6 years ago
Jordan Borean d00418c924
win_slurp - fix glob like paths (#53831) 6 years ago
Jordan Borean d063cefb64
win_owner - fix glob like paths (#53830)
* win_owner - fix glob like paths

* Fix issues on older PS versions
6 years ago
Jordan Borean 3cfa71bff0
win_acl_inheritance - fix glob like paths (#53829) 6 years ago
Jordan Borean aba6f5f50d
win_acl - fix glob file paths (#53828) 6 years ago
Jordan Borean 4f9de45785
win_tempfile - return absolute path on created temp file (#53827)
* win_tempfile - return absolute path on created temp file

* Fix tests for CI
6 years ago
Sam Doran 1e595493d9
User module - Check local database when local is specified in the task (#51088)
The output of pw.getpwnam() does not distinbuish between local and remote accounts. It will return a result if an account exists locally or in the directory. When local is set to True in the task parameters, look through the local password database explicitly.

* Ensure luseradd is present for tests
* Add docs and warnings about local mode
6 years ago
Sloane Hertel 87ebc56de6 Allow parent groups to be variables or literal (#53649)
* Allow parent groups to be variables or literal, requires {{ }}
* Check strict before failing on templating errors
* Don't add a group if an invalid parent group was provided
6 years ago
Brian Coca e280f2f7b0
Try to get correct buffer size to avoid races (#53547)
* Try to get correct buffer size to avoid races

  fixes #51393

* fix test, mock buffer function since all is mocked
6 years ago
Matteo Ferrando 86405b8fe4 (postgresql_privs) accept 'ALL_IN_SCHEMA' objs for 'function' type (#35331)
* avoid using Postgres formatting function
* add tests for ALL FUNCTIONS IN SCHEMA
* documentation and changelog
* requested changes in tests
* fixed changelog
6 years ago
Felix Fontein fbbab7429e docker_*: report more warnings (#53710)
* More warnings.

* Add changelog.

* Improve docstring.
6 years ago
Felix Fontein 35e7fb776a docker_image: improve usage (#52894)
* Add source option.

* Split force parameter into force_source, force_absent and force_tag.

* Move all build-related options into a suboption called build.

* Add changelog.
6 years ago
Matt Clay f6d12fc918 Fix changelog entries using strings for sections. 6 years ago
Matt Clay 7f0e09aa31
Keep existing to_yaml behavior with pyyaml >= 5.1. (#53772)
In pyyaml versions before 5.1 the default_flow_style for yaml.dump
was None. Starting with 5.1 it is now False. This change explicitly
sets the value to None to maintain the original to_yaml behavior.

The change to pyyaml was made in the following commit:

507a464ce6
6 years ago
Brian Coca 42e6700a71 Undeprecate force handlers (#53705)
* removed deprecation notice, made comment instead

* remove noisy deprecation

* space
6 years ago
David Passante 244a9a83aa cs_iso: fix missing param "is_public" (#53740)
* cs_iso: fix missing param "is_public"

* add changelog fragment
6 years ago
Andrey Klychkov d30879a0b7 postgresql_db - Handle pg_dump return code (#52985)
Handle return code return by pg_dump command

Fixes: #40424
6 years ago
Abhijeet Kasurde f0ef4dae05
iptables: Add support for gateway parameter (#53465)
When user specifies the JUMP value to 'tee', gateway is required.
This fix adds new parameter 'gateway' to support this functionality.

Fixes: #53170

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
6 years ago
Felix Fontein c2cb82ec14 ACME: add support for IP identifiers (#53660)
* Adding support for IP identifiers according to https://tools.ietf.org/html/draft-ietf-acme-ip-05.

* Add changelog.

* Make sure that the authorizations return value is unchanged for CSRs with DNS-only SANs.

* Remove unneeded import.

* type -> identifier_type

* Python 2.6 compatibility.

* Fix unit tests.

* Add IP address normalization.

* Extend tests.

* Move data into fixtures.

* Adjust BOTMETA.
6 years ago
Felix Fontein 028facdfed acme_challenge_cert_helper: add support for IP identifiers (#53661)
* Add IP address identifier support to acme_challenge_cert_helper.

* Add changelog.

* type -> identifier_type.
6 years ago
Jason Witkowski acdb4c3ede Fix min_size reference where type is None (#53669) 6 years ago
Jordan Borean 3d23e47c53
win_reboot - Fix rc validation when using psrp and add extra docs (#53711)
* win_reboot - Fix rc validation when using psrp and add extra docs

* Revert boot time command and fix docs
6 years ago
Brian Coca b793f08a92
fixes for stripping (#52930)
function changed to do in place replacement, should be less expensive even with copy as it avoids 'sub copies', can compose with module_args_copy to create replacement for old behavior

  attempt to fix #52910

* handle lists and subdicts correctly
* added  missing exception case, which was not noticed since 'cleaning' was not working
* added comments to clarify exceptions
6 years ago