* Ensure `allow_duplicates: true` enables to run single role multiple times(#64902)
* Changed return value in `_load_roles` . Fixes#64902
* Add changelog fragment
* Add an integration test for the issue
* Fix changelog generation error and integration test.
* Fix yaml syntax error in changelog fragment
(cherry picked from commit daecbb9bf0)
* Fix multiple subnet (of same IP version) idempotence for docker_network.
* Add changelog.
* Unit tests no longer make sense, since the part of the code they test has been removed.
* Re-add CIDR validation. Move it to better position (module setup instead of idempotence check).
* Update changelog.
* Only run new tests on VM test images.
* Actually do what is documented. Especially since an empty object is a valid value for aux_addresses.
(cherry picked from commit 17ef253ad1)
* #65993 - update restart policy (restart policy & restart retries) without restarting the container
* - proper indentation on the continuation-line
- set restart_policy to the correct value independent from the api version
* - move restart_policy definitions into the if block
- add a new variable for the restart_policy configuration value
* add changelog fragment
* typo; minus -> underscore
* rename changelog fragment to contain the correct module name
* rename restart_policy_config_value to just restart_policy and refer to the correct dict values
(cherry picked from commit 02c126f5ee)
* docker_container: wait for removal if removal is in process (#65854)
* Allow to inspect containers directly.
* Wait for containers to be removed before recreating them.
* Also wait for containers to be removed before creating them.
* Add changelog.
(cherry picked from commit 4df5bdb11e)
* Don't wait for removal during check mode. (#66145)
(cherry picked from commit 14e32c85b4)
Although it's not enforced that fail_json['msg'] should be a string
[1], I think it is pretty strongly implied.
In this case the failure_response['msg'] is sent through as the
fail_json['msg'], and the trailing commas here turn it into a tuple.
It's not clear if this is a typo or intended, but it does cause
problems for callbacks that expect this as a string (e.g. [2]).
Since there seems no point to having these values as a tuple, remove
the trailing commas so they return a string as per everywhere else.
[1] 4c589661c2/lib/ansible/module_utils/basic.py (L2078)
[2] https://review.opendev.org/#/c/696081
(cherry picked from commit fc54ae9227)
Since older versions of paramiko do not require cryptography,
we cannot catch the exact exception from cryptography.
Remove other exceptions since we're catching everything now
(cherry picked from commit d35c1a435b)
Co-authored-by: Sam Doran <sdoran@redhat.com>
The check for this parameter was missing from BusyBox.modify_user(), resulting in unexpected password changes to existing user accounts.
(cherry picked from commit 18130e1419)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* Parse Healthcheck.StartPeriod properly
* Add changelog fragment
* Use proper markup in changelog
Co-Authored-By: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit f31b8e08b2)
* Fix nxos_file_copy option value path validation (#65423)
* Fix nxos_file_copy option value path validation
* Modify `local_file`, `local_file_directory` and
`remote_file` option type from `str` to `path`
so that the option value is validated in Ansible
for a legitimate path value
* Fix review comments
(cherry picked from commit 88008badb1)
* Fix review comments
CVE-2019-14904 - solaris_zone module accepts zone name and performs actions related to that.
However, there is no user input validation done while performing actions.
A malicious user could provide a crafted zone name which allows executing commands
into the server manipulating the module behaviour.
Adding user input validation as per Solaris Zone documentation fixes this issue.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 7d2ae7e322)
* DNF Handle Empty AppStream stream definition
Fixes#63683
Signed-off-by: Adam Miller <admiller@redhat.com>
* Switch Fedora dnf test target modularity to stratis
In Fedora 29, the metadata was not properly set for a default stream
for ripgrep even though there is a profile called "default", however
that's an arbitrary string and the module maintainer must set the
default stream (which it never was for the ripgrep module, thus
failing the "empty stream" install test)
Signed-off-by: Adam Miller <admiller@redhat.com>
(cherry picked from commit ed86907587)
Co-authored-by: Adam Miller <admiller@redhat.com>
* fix all modules to be able to get parameter with value false (very important fix) (#65040)
* add import of future and __metaclass__
* fix all modules to be able to get parameter with value false (very importent fix)
* Update ignore.txt
(cherry picked from commit b1e6667664)
* Update ignore.txt
* Create 65043-enable-parameter-value-to-be-false.yaml
* Update 65043-enable-parameter-value-to-be-false.yaml
* renamed module tls client auth params to avoid overlaping with fetch_url (#59522)
* renamed module tls client auth parameters to avoid overlaping with ansible fetch_url
* added version_added info for params
* Updated version_added
Updated version_added info from 2.9 to 2.10
* Update pulp_repo.py
removed version_added for renamed params
* Apply suggestions from code review
added ca_cert alias and 'version_added'
Co-Authored-By: Mark Chappell <mchappel@redhat.com>
* Apply suggestions from code review
added old behavior for client_cert and client_key which will deprecate in 2.14
Co-Authored-By: Mark Chappell <mchappel@redhat.com>
* Update pulp_repo.py
fix for linting error ansibot is complaining
* added changelog fragment for 59522
* Apply suggestions from code review
more informative depreciation warning and changelog fragment
Co-Authored-By: Felix Fontein <felix@fontein.de>
* added mention for changes in client_key and client_cert behavior
* fixed too long line (linting)
* deprecated ca_cert alias to have consistent module params in Ansible 2.14
* fixed indentation for deprecation warning
* changed deprecated alias handling to argument_spec
* moved deprecated_aliases insied argument dict, thanks tremble
* suggestions from felixfontein
Move doc info about client_cert and client_key into its own paragraph
Co-Authored-By: Felix Fontein <felix@fontein.de>
(cherry picked from commit 1e59017d27)
* 2.10 -> 2.9.2
* * Adjust messages.
* Fix one more.
(cherry picked from commit d1c58bc942)
* [stable-2.9] Do not treat AnsibleUndefined as being unsafe (#65202)
* Do not treat AnsibleUndefined as being unsafe. Fixes#65198
* fix yaml formatting.
(cherry picked from commit b08e7daf46)
Co-authored-by: Matt Martz <matt@sivel.net>
* Linting fix
* additional linting fix
* fix module that it reports the correct status of a change
(cherry picked from commit 2028734ac3)
* postgresql_privs - fix sort comparison (#65125)
The result of .sort() is None, not the sorted object. The comparison was comparing the result of the .sort() method and not the sorted values.
(cherry picked from commit 426e37ea92)
Lookup 'first_found' returns empty list which results in
raw_params checking. Check NoneType for 'raw_params' before
proceeding.
Fixes: #64939
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 8d0c2cd4d5)
* proxmox: use 'release' key for version detection if possible
* proxmox: fix PEP issues
* add changelog fragment
* Uses LooseVersion for proxmox version detection
* move imports
* removes useless comment
(cherry picked from commit 38193f6b60)
* Added changes into changelogs/fragments
* Removed no longer used 'LibraryError'.
Signed-off-by: Satyajit Bulage <sbulage@redhat.com>
(cherry picked from commit 5f8ec4d46e)
* docker_swarm_service: Sort lists when checking for changes
When two lists are checked for changes in this module, the lists are
reported changed when the order of the items is different. This PR
resolves this issue.
* docker_swarm_service: Minor typo fix
* docker_swarm_service: Another minor typo
* docker_swarm_service: Should use sorted(), not sort()
* docker_swarm_service: Sort lists of dictionaries
* docker_swarm_service: Fix style issues in tests
* docker_swarm_service: Updates to integration tests
* docker_swarm_service: Casting string types within lists when comparing
* docker_swarm_service: Special handling of unordered networks with ordered aliases
* docker_swarm_service: Sorting network lists
* docker_swarm_serivce: Better unit test code coverage for lists and networks
* docker_swarm_service: Fixed coding style for sanity tests
* docker_swarm_service: More coding style fixes
* docker_swarm_service: Ignoring test for Python < 3
* docker_swarm_service: Update to version info check for backwards compatibility
* docker_swarm_service: Added change fragment #63887
* docker_swarm_service: Better handling of missing sort key for dictionary of lists
* docker_swarm_service: Preventing sorts from modifying in-place
Co-Authored-By: Felix Fontein <felix@fontein.de>
* docker_swarm_service: Removed spurious import in test
* docker_swarm_service: Preventing sorts from modifying more data in-place
Co-Authored-By: Felix Fontein <felix@fontein.de>
(cherry picked from commit a096cd08c5)
* Set name_version when version is not specified, fix#55097
This will default to installing the latest version available
* Add changelog fragment
* update changelog
(cherry picked from commit 136dc27572)
* Windows coverage - output temp files with UTF-8 BOM
ci_complete ci_coverage
* Remove testing changes to get ready for merge
(cherry picked from commit 200fb00310)
* Revert most of PR #61605 commit e218c9814c
This removes the git error handling that converted all git errors into warnings.
* Fix ansible-test handling of git submodules.
(cherry picked from commit ba273c72d8)
Co-authored-by: Matt Clay <matt@mystile.com>
Due to confusion between 'Custom Attributes' and 'Advanced options',
this change got in devel. Revert to original behavior i.e. customizing
custom values using vmware_guest is done in this PR.
Fixes: #64291
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit a6bc43ba47)
This is a fix for a regression introduced by Perfy. Since then we mainly
operate on host.name instead of the Host object. In a call to
set_nonpersistent_facts where we set ansible_failed_task and
ansible_failed_result variables we were still passing the object which
led to those vars being undefined.
Fixes#64789
(cherry picked from commit 5c0b2c151c)
* win_chocolatey: Fix error when choco.exe not found
* Slight tweak to check and added changelog fragment
* Removed ignore rule that's no longer needed
(cherry picked from commit 521d6465f6)
* win_domain_computer module: Minor documentation error
* Fix idempotence when name != samaccountname
* Added changelog
* Added unsupported alias for CI check
(cherry picked from commit 04b8f75ffa)
* allow using --check on win_iis_webapppool module
* Added changelog and slight logic tweak
* Fix typo in changelog fragment
(cherry picked from commit 23a751323b)
Since https://github.com/ansible/ansible/pull/56733, we were not able to apply
firewall rules with no `allowed_hosts` key.
closes: #61332
In addition, this patch ensures the `allowed_hosts` key accepts a dict,
instead of a dict in a single entry list.
```yaml
vmware_host_firewall_manager:
esxi_hostname: "{{ esxi1 }}"
rules:
- name: NFC
enabled: True
allowed_hosts:
- all_ip: False
ip_address:
- "1.2.3.4"
```
Should be written:
```yaml
vmware_host_firewall_manager:
esxi_hostname: "{{ esxi1 }}"
rules:
- name: NFC
enabled: True
allowed_hosts:
all_ip: False
ip_address:
- "1.2.3.4"
```
(cherry picked from commit ab2aaca61d)
* [stable-2.9] Eos vlan override (#63639)
* Fix overridden & deleted in eos_vlans
* Fix vlan creation in overridden
* Right, Python 2.6
(cherry picked from commit 741d529)
Co-authored-by: Nathaniel Case <ncase@redhat.com>
* eos_vlans: Never try to set vlan_id as a property (#63689)
(cherry picked from commit d98482c294)
* Add changelog
* win_acl no longer needs SeSecurityPrivilege
Set-ACL raises missing SeSecurityPrivilege error when the inheritance
from the parent directory is disabled.
* fixes test sanity
* registry rights can only be modified with Set-ACL
* add changelog
(cherry picked from commit 95d613f3ab)
* Corrected Get-adcomputer
Corrected Get-adcomputer on "Remove-ConstructedState" and "Set-ConstructedState" functions.
resolved error: Unable to contact the server. This may be because this server does not exist, it is currently down, or it does not have the Active Directory Web Services running.
* Update lib/ansible/modules/windows/win_domain_computer.ps1
Co-Authored-By: Daniel-Sanchez-Fabregas <33929811+Daniel-Sanchez-Fabregas@users.noreply.github.com>
* Update win_domain_computer.ps1
changed
"-credential $credential" to "@extra_args" (Line 115 and 150)
corrected exception message (Line 122)
* Added changelog fragment, minor code tweak
(cherry picked from commit e77426dad3)
Improve tests
- add more unit test cases
- add specific integration test with more cases
Testing shows no major downside to calling .strip() twice in a comprehension vs. using a regular for loop and only calling .strip() once. Going with the comprehension for ease of maintenance and because comprehensions are optimized in CPython.
(cherry picked from commit 987265a6ef)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* Fix network plugin config option load from collection
Fixes#63975
* Update the complete sub-plugin name within network
connection plugins to handle sub-plugin in collection
scenario.
* Fix review comments
(cherry picked from commit 60276d3d8d)
* Master (#62626)
* Update win_package.ps1
Update Test-Path to use -LiteralPath instead of -Path to fix issue where powershell will not detect path with special characters such as '=' and '[]'.
* Update win_package.ps1
modified other instances of -Path and changed to -LiteralPath. All except line L243 since it is a different function.
* added literal path to get-itemproperty
(cherry picked from commit 153a322f54)
* add fragment
* Fix up role version pagination for Galaxy install
* Fix sanity issue
(cherry picked from commit 7acae62fa8)
Co-authored-by: Jordan Borean <jborean93@gmail.com>
This fixes a regression that was caused by switching from copy() to
deepcopy() when 'saving' variables before templating. Since HostVars
did not implement the __deepcopy__() method, deepcopy returned incorrect
results when host vars were present in the variables.
Fixes#63940
(cherry picked from commit cd8ce16d48)
update_resource and delete_resource takes and requires four argument.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 21c8dae83b)
This isn't used any place, lets remove it to fix lint checks on our
network collections.
(cherry picked from commit 119acc1afe)
Signed-off-by: Paul Belanger <pabelanger@redhat.com>