* Add constraint for Jinja2 on Python 2.6.
* Fix constraint in inventory_aws_conformance test.
* Add constrraints for template_jinja2_latest test.
(cherry picked from commit 965854fbd2)
Co-authored-by: Matt Clay <matt@mystile.com>
* Add test constraint for setuptools.
* Update pip test to work on centos6 container.
(cherry picked from commit 51e5b714e0)
Co-authored-by: Matt Clay <matt@mystile.com>
* yum - only instantiate YumBase once (#63713)
* yum - only instantiate YumBase once
Previously, this code was re-instantiating the `YumBase` object
many times which is unnecessary and slow. However, we must do it
twice in the `state: absent` case because the `yumSack` and
`rpmSack` data of the previously instantiated object becomes
invalid and is no longer useful post transaction when we verify
that the package removal did in fact take place. Also, this patch
removes the repetitive re-processing of enable/disable of repos in
various places.
Here's a display of the speed increase against a RHEL7 host:
```yaml
- hosts: rhel7
remote_user: root
tasks:
- name: Install generic packages
yum:
state: present
name:
- iptraf-ng
- screen
- erlang
- name: Remove generic packages
yum:
state: absent
name:
- iptraf-ng
- screen
- erlang
```
Before this patch:
```
real 0m52.728s
user 0m5.645s
sys 0m0.482s
```
After this patch:
```
real 0m17.139s
user 0m3.238s
sys 0m0.277s
```
Fixes#63588Fixes#63551
Signed-off-by: Adam Miller <admiller@redhat.com>
* add changelog
Signed-off-by: Adam Miller <admiller@redhat.com>
* YUM - handle enable of non-existent repo (#53286)
* Ensure `allow_duplicates: true` enables to run single role multiple times(#64902)
* Changed return value in `_load_roles` . Fixes#64902
* Add changelog fragment
* Add an integration test for the issue
* Fix changelog generation error and integration test.
* Fix yaml syntax error in changelog fragment
* Fix typo in a changelog fragment of #64902
(cherry picked from commit daecbb9bf0)
(cherry picked from commit 33094e6c8e)
* Fix multiple subnet (of same IP version) idempotence for docker_network.
* Add changelog.
* Unit tests no longer make sense, since the part of the code they test has been removed.
* Re-add CIDR validation. Move it to better position (module setup instead of idempotence check).
* Update changelog.
* Only run new tests on VM test images.
* Actually do what is documented. Especially since an empty object is a valid value for aux_addresses.
(cherry picked from commit 17ef253ad1)
The check for this parameter was missing from BusyBox.modify_user(), resulting in unexpected password changes to existing user accounts.
(cherry picked from commit 18130e1419)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* Parse Healthcheck.StartPeriod properly
* Add changelog fragment
* Use proper markup in changelog
Co-Authored-By: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit f31b8e08b2)
This avoids installing dnf-plugins-core, which breaks the yum and dnf modules
when uninstalling packages using a wildcard after they have already been removed.
This should resolve issues with the yum integration tests failing after docker tests run.
(cherry picked from commit a5c36eedd8)
Co-authored-by: Matt Clay <matt@mystile.com>
* openssl_csr and openssl_certificate: fix support for Ed25519 and Ed448 private keys (#63984)
* Move X25519, X448, Ed25519 and Ed448 feature tests to module_utils.
* Correctly sign with Ed25519 and Ed448 keys.
* Fix public key comparison. Ed25519 and Ed448 do not have public_numbers().
* Add tests.
* Add changelog.
* Give better errors for cryptography 2.6.x and 2.7.x.
* Test for new errors.
* Forgot one.
* Used wrong private key.
* Use private key password for CA key. Add more stuff to its certificate.
(cherry picked from commit fed267df03)
* Pass select_crypto_backend also to test implementation. This exists in devel but not yet in stable-2.8.
Add integration test for copy: deep recursive with remote_src=True
(cherry picked from commit b7e38dfa52)
Co-authored-by: Alexander Korsunsky <A.Korsunsky@gmail.com>
Use a separate variable for the boolean test rather than having the same variable sometimes be a boolean and sometimes be a regular expression match object
Add integration tests to cover this scenario
(cherry picked from commit 29d4d318a5)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* Fix issue when setting an empty pass to no_log param (#62804)
* Fix issue when setting an empty pass to no_log param
* Fix typo
(cherry picked from commit 322e225830)
* Fix up actual get for older versions
* Get no_log parameters from subspec
* Add changelog and unit tests
* Handle list of dicts in suboptions
Add fancy error message (this will probably haunt me)
* Update unit tests to test for list of dicts in suboptions
* Add integration tests
* Validate parameters in dict and list
In case it comes in as a string
* Make changes based on feedback, fix tests
* Simplify validators since we only need to validate dicts
Add test for suboptions passed in as strings to ensure they get validated properly and turned into a dictionary.
ci_complete
* Add a few more integration tests
(cherry picked from commit e9d29b1fe4)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* clean "changed" after it has been processed
without this change, a loop of `debug` tasks with `changed_when`
causes the "changed" status to get lost before output
* runme.sh tests for debug loop status
(cherry picked from commit bfd32c9b00)
* isa string should rewrap as unsafe in get_validated_value
* _is_unsafe shouldn't be concerned with underlying types
* Start with passwords as text, instead of bytes
* Remove unused imports
* Add changelog fragment
* Update changelog with CVE
(cherry picked from commit baeff74)
Co-authored-by: Matt Martz <matt@sivel.net>
* docker_container: fix idempotency for network IP addresses (#62928)
* Specifying IP addresses needs API version 1.22 or newer.
* Simplify code.
* Use IPAMConfig.IPv*Address instead of IPAddress and GlobalIPv6Address.
* Add changelog.
* Fix syntax errors.
* Add integration test.
* Don't rely on netaddr.
* Normalize IPv6 addresses before comparison.
* Install netaddr, and use it.
(cherry picked from commit 62c0cae29a)
* Remove IPv6 tests, use intermediate state of tests from PR which don't need ipaddr filter.
Temporarily disable `hcloud_floating_ip_info`, this until #62414 is
resolved..
(cherry picked from commit edf15b346f)
Co-authored-by: Gonéri Le Bouder <goneri@lebouder.net>
Fixes#61978
* moar tests for get_url fetch behavior with existing file
* add changelog fragment
(cherry picked from commit 7d51cac)
Co-authored-by: Matt Martz <matt@sivel.net>
* win_template - use shared doc fragment for shared options (#59701)
* win_template - use shared doc fragment for shared options
* Change smart quote to em dash and fix whitespace issue
(cherry picked from commit 652bfc7e19)
* template - move backup to its own doc (#59893)
* template - move backup to its own doc
* Use the backup doc fragment for template
(cherry picked from commit 737a500a30)
On OpenBSD, 13 asterisk characters as a password hash, marks the
account as disabled. Otherwise daily(8) script which executes
security(8) will email operator about not properly locked accounts.
Before the diff, we see following warning:
> [WARNING]: The input password appears not to have been hashed. The 'password' argument must be encrypted for this module to work properly.
After the diff, warning is gone..
(cherry picked from commit 1dea661ce8)
Co-authored-by: kucharskim <mikolaj@kucharski.name>
* Make sure postgresql tests are run for all postgres_* modules (#61647)
(cherry picked from commit 4d057e0331)
* Make sure postgresql tests are run for all postgres_* modules (#61647), remove non-existent
This should be ansible_connection, not connection_type. We can also
update local testing logic.
Remove nxos_install_os/tasks/network_local.yaml as it is nolonger used.
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
(cherry picked from commit 9e1b19e364)
* Backport to stable-2.8: Fix#56640: Map k8s ansible keys to api keys (#57418)
* Fix#56643: Map ansible keys to api keys
* Remove errant print line
* Fix pep8 issue
* Fix doc line
* Added test for validate_certs -> verify_ssl translation for k8s module
(cherry picked from commit 6e94b472e8)
* Removed proxy from AUTH_ARG_MAP and added fragment for backport
* Rename backport-57418.yaml to 60683-backport-57418.yaml
* Update 60683-backport-57418.yaml
Matt Clay