* Add contains: validation for return values.
* Only require returned: on top level.
* Fix various return value problems.
* Update ignore.txt.
* Two more.
* s3_logging: (integration tests) updated AWS policy
* s3_logging: fix sanity test issues
* s3_logging: Integration tests
* Add pauses to cope with evenual consistency
* Mark s3_logging tests as 'unsupported' for now due to testing instability
* postgresql_privs: add support a type parameter option for types
* postgresql_privs: add support a type parameter option for types, add changelog fragment
* postgresql_privs: add support a type parameter option for types, add schema handling
* postgresql_privs: add support a type parameter option for types, fix typo
* postgresql_privs: add support a type parameter option for types, add comment
* Add support for format option.
* Improve private key format detection.
* Fix raw format handling.
* Improve error handling.
* Improve raw key handling.
* Add failed raw test.
* Improve raw key loading.
* Simplify tests.
* Add raw format tests.
* Fail if format != 'auto_ignore' is specified for pyopenssl backend.
* Fix quoting.
* Bump version.
* Allow to convert private keys between different formats.
* Improve description.
* Add extra args and executable name to podman connection plugin
Like there is for docker plugin, add extra arguments for command
line of podman. Also add configurable executable and checking if
this executable exists on host. Fail module if executable is not
in PATH.
* Update changelogs/fragments/63166-add-extra-args-executalbe-podman-connection.yaml
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Handle galaxy v2/v3 API diffs for artifact publish response
For publishing a collection artifact
(POST /v3/collections/artifacts/), the response
format is different between v2 and v3.
For v2 galaxy, the 'task' url returned is
a full url with scheme:
{"task": "https://galaxy-dev.ansible.com/api/v2/collection-imports/35573/"}
For v3 galaxy, the task url is relative:
{"task": "/api/automation-hub/v3/imports/collections/838d1308-a8f4-402c-95cb-7823f3806cd8/"}
So check which API we are using and update the task url approriately.
* Use full url for all wait_for_import messages
Update unit tests to parameterize the expected
responses and urls.
* update explanatory comment
* Rename n_url to full_url.
* Fix issue with overwrite of the complete path
* Fixes overwrite of the complete path in case there's extra path stored
in self.api_sever
* Normalizes the input to the wait_import_task function so it receives
the same value on both v2 and v3
Builds on #63523
* Update unittests for new call signature
* Add changelog for ansible-galaxy publish API fixes.
Eh, 2.10 is close enough
* drop top-level authorize
* Remove from documentation
* Remove load_params
* nxos_hsrp: I don't think this is an actual module parameter
* Move local params to provider
* Promote 'timeout' to a real parameter for eos_eapi
* Provider now always has auth_pass
* Get no_log parameters from subspec
* Add changelog and unit tests
* Handle list of dicts in suboptions
Add fancy error message (this will probably haunt me)
* Update unit tests to test for list of dicts in suboptions
* Add integration tests
* Validate parameters in dict and list
In case it comes in as a string
* Make changes based on feedback, fix tests
* Simplify validators since we only need to validate dicts
Add test for suboptions passed in as strings to ensure they get validated properly and turned into a dictionary.
ci_complete
* Add a few more integration tests
* add a new module to manage lacp
* add a new module to manage lacp
* add a new module to manage lacp
* add a new module to manage lacp
* add a new module to manage lacp
* update for shippable.
* update for shippable
* add units test to module ce_lacp.
* add units test to module ce_lacp.
* add units test to module ce_lacp.
* update
* update
* update
* update
* update
* update
* update for shippable.
* for shippable
* update ignore.txt to reslove conflict
* update for shippable
* update
* update unittest to remove provider.
* update unittest for shipppable.
* use to_native.
* intergration test
* syntax error
* syntax error
* syntax error
* update for `Andersson007` review and thanks.
* update for shippable
* Improve return value documentation by allowing entry for return values.
* Add docs formatting, adjust styling.
* Fix sample return value. (Taken from https://tools.ietf.org/html/rfc7517#appendix-A.1.)
* Work around abuse of .
* clean "changed" after it has been processed
without this change, a loop of `debug` tasks with `changed_when`
causes the "changed" status to get lost before output
* runme.sh tests for debug loop status
* fix default collection resolution in adhoc
* if an adhoc command is run with a playbook-dir under a configured collection, default collection resolution is used to resolve unqualified module/action names
* Set ANSIBLE_PLAYBOOK_DIR in integration tests.
* Fix config conflict in ansible integration test.
* add adhoc default collection test
* text-ify warning string
* mysql_replication: add connection_name param for MariaDB multi source support
* mysql_replication: add connection_name param for MariaDB multi source support, add changelog
* add ANSIBLE_PLAYBOOK_DIR envvar support
* allows `ANSIBLE_PLAYBOOK_DIR` envvar as a fallback on CLI types that support `--playbook-dir`. This should have been implemented with #59464, but was missed due to an oversight.
* added basic integration test
* make first-class PLAYBOOK_DIR config entry
* update changelog
* Stop appending '/api' to configured galaxy server url
Since not all galaxy REST api server URLs live
at '/api', stop always appending it to the
'url' value loaded from config.
* Add note about manually migrated galaxy configs and /api
* Add '/api/' to galaxy url and guessing if galaxy API
* Fix most unit tests (update to expect /api/)
* Fix test_initialise_unknown unit test
Since we retry now with an added /api/, mock it as well.
* Update fallback default avail_ver to new format
* Move EC2 networking objects into network-policy.json
* ec2_vpc_nacl: Add integration tests
* ec2_vpc_nacl: Migrate tests to use module_defaults
* ec2_vpc_nacl: (integration tests) Add missing AWS permissions
* ec2_vpc_nacl: (integration tests) Update tests for ipv6 support
* ec2_vpc_nacl: Migrate to AnsibleAWSModule
* Fix sanity tests for ec2_vpc_nacl and ec2_vpc_nacl_info
* ec2_vpc_nacl_info: Migrate to AnsibleAWSModule
* ec2_vpc_nacl_info: (integration tests) Rename from ec2_vpc_nacl_facts to ec2_vpc_nacl_info and add a test using a filter (by tag)
* Pick availability zones dynamically
Rather than assuming that AZa and AZb always exist (they don't), query to find out which AZs we have available first
* Test that the NACLs we get back are actually the *saml* NACL rather than duplicates/delete remove
* Cleanup IPv6 tests a little.
Note: IPv6 support for ec2_vpc_nacl not complete yet.
This provides the initial framework, and should ensure things don't start exploding when support is added.
* Removing subnets by name from a NACL *is* now supported
* Fix ec2_vpc_nacl return documentation
Newer versions of ssh-keygen create PEM keys that are not recognized by Paramiko.
Now ansible-test compensates for this by updating they keys it generates so Paramiko will recognize them.
Previously the temporary directory used to run integration tests resided under the user's home directory. This prevented ansible-playbook from detecting the default collection when running tests.
Now the temporary directory is created within the collection to facilitate default collection detection.
* mysql_replication: add CI tests with MySQL 5.6
* mysql_replication: add CI tests with MySQL 5.6, add auxiliary checks
* mysql_replication: add CI tests with MySQL 5.6, fix comments
* mysql_replication: add CI tests with MySQL 5.6, add pause
Added vmware module vmware_guest_register_operation
This module can do the following.
Register VM to inventory
Unregister VM from inventory
This is useful when you want to unregister a VM from inventory and register it again.
The following modules depend on `vSphere Automation SDK`:
- `vmware_rest_client`
- `vmware_guest_info`
- `vmware_tag_manager`
- `vmware_vm_inventory`
The associated test cannot be run with `govcsim`. But the situation is
changing since we will soon run them on a regular lab, and so, we
need to install the dependency.
Bumping the default-test-container version to 1.9.3 to get a fresh version
of pip and requests.
Depends-On: https://github.com/ansible/ansible/pull/62412
This fixes test errors related to failures copying temporary test results files from a remote system back to the local system.
It also speeds up processing of test results and reduces network utilization by avoiding the temporary files.
* Specifying IP addresses needs API version 1.22 or newer.
* Simplify code.
* Use IPAMConfig.IPv*Address instead of IPAddress and GlobalIPv6Address.
* Add changelog.
* Fix syntax errors.
* Add integration test.
* Don't rely on netaddr.
* Normalize IPv6 addresses before comparison.
* Install netaddr, and use it.
* Move tests with docker registry into own target.
* Add docker_login tests.
* Add step which makes sure hello-world:latest is around.
* Make work inside docker container.
* Add dependency.
* Use plaintext password.
* Forgot check_mode.
* Add no_log to avoid double log output in verbose mode.
* AWS: new module iam_user_info
Signed-off-by: psharkey <psharkey@cleo.com>
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
Rename from iam_user_facts to iam_user_info.
Rename and target 2.10.
Fixing docs.
* Adding iam_user_info integration test.
Removing unnecessary tasks.
Fixing yamllint failure test/integration/targets/iam_user_info/defaults/main.yml:5:1: empty-lines: too many blank lines (1 > 0).
* name paramter is optional
* Switch to use AnsibleAWSModule.
* Convert to using fail_json_aws
* Rework asserts to inspect ARN.
* Move integration tests from iam_user_info to iam_user.
* Fix pep8 problems.
* ec2_argument_spec not needed with AnsibleAWSModule.
* Switch to use helper in AnsibleAWSModule.
* Add iam_user_info to the aws group.
* Add support for pagination and backoff.
* Check improper parameter usage first.
* Adding test cases for multiple users.
* Rmoving unneeded line.
* Remove unneeded imports.
* Switch to catch BotoCoreError.
* Adding tests for exception coverage.
* Compare user info directly with values from created user.
Running from an installed version of ansible-test now results in tests using a dedicated directory for PYTHONPATH instead of using the site-packages directory where ansible is installed.
This provides consistency with tests running from source, which already used a dedicated directory.
Resolves https://github.com/ansible/ansible/issues/62716
* Add APCON modules
* Fix cli regex
* revise for passing sanity tests
* Add unit test for apcon_command module
Remove apconos_config.py apconos_update.py apconos_cert.py for now
* Fix for santiy test
* test
* Ignore action-plugin-docs test
* Add apcon_command module
* conflict solved
* merge
* Fix for sanity test
* Revise integration test
* Mark integration test unstable
* Remove integration test temprorily
* 1. Ignored privilege escalation;
2. Ignored get_configure command;
3. Removed doc_fragments;
* iam_role: Add support for managing MaxSessionDuration
* iam_role: Add support for deleting the IAM Instance Profiles we created
* iam_role: migrate all boto failures to fail_json_aws for consistency
* iam_role: test validity of path so we can throw a more understandable error
* iam_role: (integration tests) Split iam_role integration tests from sts_assume_role tests
- Make the iam_role tests more comprehensive
- Add tests for iam_role_info
* iam_role: (integration tests) Make some of our pauses optional
If the tests appear to be flakey we may need to enable standard_pauses
Improve tests
- add more unit test cases
- add specific integration test with more cases
Testing shows no major downside to calling .strip() twice in a comprehension vs. using a regular for loop and only calling .strip() once. Going with the comprehension for ease of maintenance and because comprehensions are optimized in CPython.
when creating or deleting an object (e.g. via an API), before/after can
be `None` (or at least represented as such by the used library). to
avoid modules havig to do
diff={'before': before or '', 'after': after or ''}
let's just convert `None` to an empty string that can be diffed properly
Until now, the vcenter provider was switching between `static` and
`govcsim` depending on the presence of the following configuration file:
`test/integration/cloud-config-vcenter.ini`.
This was not consistent with Worldstream, which we enable with the
`VMWARE_TEST_PLATFORM` environment variable.
We now only rely on `VMWARE_TEST_PLATFORM` to know which platform should be
used. `govcsim` is still the default, this to preserve the original
behaviour.
This commit also rename the following variables to be consistent with the rest
of the code base. It also ensures they are alway defined, even with `govcsim`:
- `VCENTER_HOSTNAME`
- `VCENTER_USERNAME`
- `VCENTER_PASSWORD`
The `pids` module returns the list of the PID in a `pids` key.
This change ensures we correctly wait for the end of the previous mongod
instances before we start the next ones.
In addition, we remove an unnecessary `ignore_errors`.
* Add a representer for AnsibleUnsafeBytes
* changelog
* Add unit tests
Remove native string test until we have time to evaluate how this the function should work
Add non-ASCII characters to test cases
* Compare to the string on Python 2
Add a comment in the test about this behavior
* postgresql: move CI tests of *_tablespace, *_membership, *_idx to separate targets
* postgresql: move CI tests of *_tablespace, *_membership, *_idx to separate targets, change formatting
* Ensure k8s apply works with check mode
Update the new predicted object with fields from the previous object
before applying in check mode
Don't log output of `file` with `state: absent` on huge virtualenvs!
Fixes#60510
* Use openshift client fix to improve apply for check mode
Use new apply_object method to get a better approximation
of the expected object in check mode.
Requires released upgrade to openshift
* Add changelog fragment for k8s apply check mode fix
* Update changelogs/fragments/60510-k8s-apply-check-mode.yml
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Fix plugin names for collection plugins.
Add an integration test to verify plugin __name__ is correct for collection plugins.
* Fix collection loader PEP 302 compliance.
The `find_module` function now returns `None` if the module cannot be found. Previously it would return `self` for modules which did not exist.
Returning a loader from `find_module` which cannot find the module will result in import errors on Python 2.x when using implicit relative imports.
* add changelog
* sanity/units/merge fixes
* Add integration tests for ansible-doc.
* Enable tests that now pass
* Cleanup processing of plugin docs
* Mostly separate the steps of processing plugin docs
1) Acquire source data
2) Transform and calculate additonal data
3) Format data for output
4) Output data
format_plugin_doc() is still mixing transformation and formatting but
that should be fixed in a devel-only change
* Raise exceptions in _get_plugin_doc() on errors.
* Remove check to exclude on blacklisted extensions. We already request
only .py files
* If there is no DOCUMENTATION entry in the plugin, raise an exception
from _get_plugin_doc(). Everywhere we use _get_plugin_doc(), this is
treated as an error
* If there is no ANSIBLE_METADATA raise an exception as well as
displaying of docs assumes that this has been set.
* If there is neither DOCUMENTATION nor ANSIBLE_METADATA, warn about the
lack of METADATA and error on the lack of DOCUMENTATION. Lack of
DOCUMENTATION is more important so it is what the user should see.
* Add a few special cases for backwards compat. These should probably
be made errors in 2.10:
* no docs but has metadata shows no documentation rather than an error
* empty plugin file shows no doumentation rather than an error
* Simplify backwards compatibility logic.
VMware VSphere SDK needs an up to date version of `pip` for the
installation step. With the current image, we face the following error:
```
(...)
02:27 Collecting git+https://github.com/vmware/vsphere-automation-sdk-python.git (from -r /root/ansible/test/lib/ansible_test/_data/requirements/integration.cloud.vcenter.txt (line 2))
02:27 Cloning https://github.com/vmware/vsphere-automation-sdk-python.git to /tmp/pip-req-build-pm27t16b
02:33 Requirement already satisfied: pyvmomi in /usr/local/lib/python3.6/dist-packages (from -r /root/ansible/test/lib/ansible_test/_data/requirements/integration.cloud.vcenter.txt (line 1)) (6.7.1.2018.12)
02:33 Requirement already satisfied: lxml>=4.3.0 in /usr/local/lib/python3.6/dist-packages (from vSphere-Automation-SDK==1.4.0->-r /root/ansible/test/lib/ansible_test/_data/requirements/integration.cloud.vcenter.txt (line 2)) (4.4.0)
02:33 Processing ./\\localhost/tmp/pip-req-build-pm27t16b/lib/vapi-runtime/vapi_runtime-2.12.0-py2.py3-none-any.whl
02:33 Could not install packages due to an EnvironmentError: [Errno 2] No such file or directory: '/root/ansible/\\\\localhost/tmp/pip-req-build-pm27t16b/lib/vapi-runtime/vapi_runtime-2.12.0-py2.py3-none-any.whl'
```
Bump default-test-container to 1.9.3 to get an up to date release of
`pip` (was 19.0.2, is now 19.2.3).
The os_keystone_endpoint module has two interface arguments -
'interface' for authentication, and 'endpoint_interface' for the
endpoint being registered. Currently the module documentation only
covers 'interface', when in fact it should cover 'endpoint_interface'
and pick up 'interface' from the standard OpenStack module parameter
documentation.
Fixes#62319
Change `enable` option to `enabled` in junos_interfaces
and junos_lldp_interfaces
data model to be in sync with other network platform
resource modules added in 2.9 version.
* Add ecs_domain module
* Fixes to integration tests and module
* Fixes to tests and module
* Corrections to revalidation behavior, cna only revalidate domains in expiring.
* Remove debugs for final test run, fix sanity check test fails.
* Add checks for domain status
* Add changelog fragment for new module.
* Removed extra space in backtick
* Minor fixes to make behavior more consistent and correct documentation.
* Update lib/ansible/modules/crypto/entrust/ecs_domain.py
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Update lib/ansible/modules/crypto/entrust/ecs_domain.py
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Update lib/ansible/modules/crypto/entrust/ecs_domain.py
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Apply suggestions from code review
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Change casing of verification method enum, remove redundant changelog fragment
* Return ov_eligible and ev_eligible fields even if false, as long as they're returned by ECS API
The documentation links are now displayed when running from an install.
Previously the links were only displayed when running from source.
This was due to ansible-test checking for the presence of documentation files locally, which are only present when running from source.
The check is no longer necessary since there is a sanity test in place to enforce the presence of documentation for all sanity tests.
* Fix for junos cli_config replace option
* For device that support replace option by loading
configuration from a file on device `config` option
is not required and value of `replace` option is the
path of configuration file on device. This fix allows
invoking run() function in cli_config if `config` option
is None and `replace` option is not boolean
* The command to replace running config on junos device
is `load override <filename>` and not `load replace <filename>`
This is fixed in the junos cliconf plugin.
* Add integration test
* ansible-galaxy - add config to control the display wheel
* Fix changelog and make test more stable
* Don't use display thread at all if progress wheel isn't being shown
The default behavior of the ansible-test vcenter plugin is to use the govcsim container to run tests.
However, unless the govcsim mode was specified using the VMWARE_TEST_PLATFORM environment variable, the filter code would skip the tests unless the tests ran on Shippable or the user had an ansible-core-ci key.
Now the filter correctly recognizes that govcsim is the default.
* Fix location of unit test requirements.
* Preserve ansible-test unit test requirements.
* Remove redundant unit test requirements.
* Fix location of network test requirements.
* Preserve ansible-test network test requirements.
* Remove redundant network test requirements.
* Add missing ordereddict requirements.
* Load collection requirements correctly.
* Add changelog fragment.
* Adding support for Plugin runnable type
Adding support for device arrays in vdirect_runnable module.
Adding "output" dictionary to the vdirect_runnable module result dictionary.
* Adding support for Plugin runnable type
Adding support for device arrays in vdirect_runnable module.
Adding "output" dictionary to the vdirect_runnable module result dictionary.
* Avoid assertion rewriting in pytest plugins.
Adding PYTEST_DONT_REWRITE to the ansible-test pytest plugin docstrings disables assertion rewriting in pytest for those plugins.
This avoids warnings during test execution if the plugins are loaded multiple times (such as being imported within tests).
* Run ansible-test pytest plugins early.
The ansible-test pytest plugins need to load and run earlier than conftest modules.
To facilitate this, the pytest_configure function is run during loading, which works since they are loaded (but not always run) before conftest modules are loaded.
A check has also been added to the pytest_configure functions to prevent them from running multiple times in the same process.
* Load pytest plugins using an env var.
The -p command line option loads plugins before conftest, but only during collection.
The PYTEST_PLUGINS environment variable loads plugins before confest, both during collection and test execution.
Creating a virtual environment using `venv` when running in a virtual environment created by `virtualenv` results in a copy of the original virtual environment instead of creation of a new one.
To work around this, `ansible-test` now identifies when it is running in a `virtualenv` created virtual environment and uses the real Python interpreter to create the `venv` virtual environment.
* AWS ec2_vpc_net: Enable ipv6 CIDR assignment
Enable IPv6 CIDRs in ec2_vpc_net, and fix ec2_vpc_subnet tests that
were depending on the aws cli for CIDR assignment.
Related to: #27800
The `test/results/` directory for Ansible test output was already ignored when not using git.
When Ansible Collections were switched to `tests/output/` the ignore entry was previously overlooked.
* bump hcloud version to 1.4.1
`hcloud`<=1.4.0 has requirement `requests==2.20.0`. This prevents the
installation of the Vcenter Automation SDK which depends on `requests>=2.22.0`.
`hcloud` 1.4.1 does not have the problem: 8bff356efb
Bumping the dependency will resolve the issue.
* Fix ansible-doc traceback for removed modules.
This avoids tracebacks with errors like the following when a module has been removed:
module module_name missing documentation (or could not parse documentation): 'NoneType' object does not support item assignment
* Fix ansible-doc sanity test warning handling.
Warnings about removed modules/plugins on stderr are now properly ignored.
Previously an ansible-doc error could result in unrelated errors going undetected because tests were stopped early and the underlying error was ignored.
* Fix ansible-test venv activation.
When using the ansible-test --venv option, an execv wrapper for each python interpreter is now used instead of a symbolic link.
* Fix ansible-test execv wrapper generation.
Use the currently running Python interpreter for the shebang in the execv wrapper instead of the selected interpreter.
This allows the wrapper to work when the selected interpreter is a script instead of a binary.
* Fix ansible-test sanity requirements install.
When running sanity tests on multiple Python versions, install requirements for all versions used instead of only the default version.
* Fix ansible-test --venv when installed.
When running ansible-test from an install, the --venv delegation option needs to make sure the ansible-test code is available in the created virtual environment.
Exposing system site packages does not work because the virtual environment may be for a different Python version than the one on which ansible-test is installed.
* create-deprecated-issues script can now add to a specified project
* Migrate the create deprecated issues script into a subcommand of build-ansible
* Remove deprecated-issue script from ignore list
* aws_secret: (integration tests) Move tests to using module_defaults
* Update hacking aws security policy to enable management of secrets
* aws_secret: (integration tests) Fixup integration tests
- Update tests to use resource_prefix as a prefix rather than a suffix
- Pause after role creation to cope with AWS being slow (and returning before the role it ready)
* Allow the use of _paramiko_conn even if the connection hasn't been started.
I'm not sure what the benefit is of Noneing paramiko_conn on close, but will keep for now
* Fix test
* Try to fix up net_put & net_get
* Add changelog
* Fix ec2_vpc_vgw broken tests
Add waiter function to wait for API to report detached vgw is available.
Also catch extra error code in attach retry as EC2 sometimes reports that
the vgw is available several seconds before permitting the attachment.
Fixes: #53185
* Re-enable ec2_vgc_vgw test target
* add new module: aws_stepfunctions_state_machine
* add integration tests for new module: aws_stepfunctions_state_machine
* fix sanity checks
* use files/ folder instead for integration test
* rename role name in integration test
* attempt further permissions
* iam states prefix
* iam integration test prefix
* add iam policy for running step functions state machine actions
* slightly increase iam permission scope
* rename integration test folder to proper name
* move main() method to end of file
* move contents of integration-policy.json for state machines to compute-policy.json
* make check_mode return proper changed value + add check_mode integration tests
* rename module to aws_step_functions_state_machine
* fix missed rename in integration test variable
* add purge_tags option
* bump to version 2.10
Python < 2.7.9 does not have the ssl.SSLContext attribute.
ssl.SSLContext is only required when we want to validate the SSL
connection. If `validate_certs` is false, we don't initialize the
`ssl_context` variable.
Add unit-test coverage and a little refactoring:
- avoid the use of `mocker`, when we can push `monkeypatch` which is
`pytest`'s default.
- use `mock.Mocker()` when possible
closes: #57072
* module_utils/ec2: (unit tests) Move unit tests for module_utils/ec2.py into test/units/module_utils
- compare_policies was refactored from s3_bucket
- "ec2_utils" doesn't seem to have ever existed
* module_utils/ec2: (unit tests) Add unit test for comparing quoted and unquoted bools and numbers within policies
As per https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_grammar.html
"Values are enclosed in quotation marks. Quotation marks are optional for numeric
and Boolean values."
* module_utils/ec2: Explicitly convert bools and ints to strings when comparing policies
See also: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_grammar.html
* Fixes to ecs_certificate cert chain for #61738
* Added changelog fragment
* Fixes to ecs_certificate for cleaner join, and better integration test
* Fix integration test formatting
* End cert chain with a \n
* Update changelogs/fragments/61738-ecs-certificate-invalid-chain.yaml
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Update main.yml
* Update AWS hacking policy to enable ASG Tagging management
* aws_asg: Add tests for ASG Tagging (including idempotency)
* aws_asg: ignore sort order when comparing tags on the ASG (fix idempotency)
* ec2_asg: (integration tests) test for idempotency when managing metrics collection
* ec2_asg: sort list of enabled metrics to ensure clean comparisons.
Add a list of previously used release names to make it easy to tell what
release names are no longer usable.
Add a test that new release names have been added to the used list.
Fixes#61616
* iam_group: (integration tests) migrate tests to module_defaults
* iam_group: (integration tests) migrate to using temporary user and group with {{ resource_prefix }}
* iam_group: (integration tests) fix test, checking the return values
* iam_group: (integration tests) Add some more tests around the behaviour of 'changed'
* iam_group: (docs) Update documentation of iam_group return value
* Update AWS testing policies to enable group/user management
* aws_vpc_subnet: (integration tests) migrate to module_defaults
* aws_vpc_subnet: (integration tests) remove hard coded assumption that AZ A exists.
While Amazon now tends to enable all AZs in a region, new customers in us-west-1 are only assigned 2 out of the 3 AZs, which might not include AZ a
* ec2_vpc_subnet: (integration tests) General cleanup
- use "is changed" rather than .changed
- clean up labelling of a couple of assertions (C&P fail)
* ec2_launch_template: (integration tests) make sure security_token is optional
* ec2_launch_template: (integration tests) add dependencies at the top level so they're pulled into the docker containers
* Update Hacking Compute Policies for Launch Templates
* Fix bad assumption about shippable resource_prefix for codebuild and codepipeline tests
* Update test/integration/targets/aws_codepipeline/defaults/main.yml
On OpenBSD, 13 asterisk characters as a password hash, marks the
account as disabled. Otherwise daily(8) script which executes
security(8) will email operator about not properly locked accounts.
Before the diff, we see following warning:
> [WARNING]: The input password appears not to have been hashed. The 'password' argument must be encrypted for this module to work properly.
After the diff, warning is gone.
- Add retries instead of a pause task
- Shorten the IAM role name length
- Put the IAM role name in defaults/main.yml instead
- Fix the aws_codepipeline tests too
* Migrate ec2_eip module to boto3
This patch is a step towards the integration of several PRs that have
attempted to migrate this code
closes#55190closes#45478
Follow-up PRs will address the outstanding changes made in #55190
* luks_device.py: Allow manipulate LUKS containers with label or UUID
- Allow create a LUKS2 container format with label support
- Allow manipulate (open, close, modify) an LUKS container based on
both label (LUKS2 format) or UUID instead of using devices only.
Fixes: #58973
Signed-off-by: Alexandre Mulatinho <alex@mulatinho.net>
* test_luks_device.py: organizing tests to support labels
- Add label on some tests and fix errors reported by Shippable
Signed-off-by: Alexandre Mulatinho <alex@mulatinho.net>
* luks_device.py: adjusting versions and messages
- Modifying version_added from 2.9 to 2.10
- Fixing some messages
- Created a changelog fragment
- Moving blkid from scope
Fixes#58973
Signed-off-by: Alexandre Mulatinho <alex@mulatinho.net>
* ansible-test - Contiune if the git command returns an error
* Just return stdout
* Use to_text() when displaying exception
* Add a message property to SubprocessError
* Update DevOps AWS policy
- Fix typos in permission names
- While AWS claims you can use 'arn:aws:codecommit:*' it errors unless you use '*'
* aws_codecommit: (integration tests) Migrate to module_defaults
* aws_codecommit: (integration tests) Fix integration tests
* aws_codecommit: (integration tests) Add tests for updating the description
* aws_codecommit: Add support for updating the description and rename "comment" option to "description"
The `git submodule status` command is relative to the current git repository by default.
When running from a repository subdirectory paths can be returned above the current directory.
Specifying the current directory with `git submodule status` avoids listing submodules above that directory.
This will fix issues when testing a collection that is rooted below the repository root when that repository uses submodules.
* Refactor galaxy collection API for v3 support
* Added unit tests for GalaxyAPI and starting to fix other failures
* finalise tests
* more unit test fixes
* Initial nxos_file_copy action plugin work
* Remove code from nxos_file_copy module
* Add file_push and file_pull support
* Additional refactoring and shipable updates
* Simplify outcomes and update doc header
* Add more error data information for easier debugging
* Reorder outcomes and add additional tests
* Capture more data for permission denied outcome
* Properly load module_prefix for collections
Now that we are using collections for tasks, we need to properly split
the name and load the prefix properly.
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
* Add unit tests for task_executor
This commit adds missing unit tests for action handler in test_task_executor.
Signed-off-by: Daniel Mellado <dmellado@redhat.com>
Add support for create or re-configure VM with multiple CD-ROMs attaching to IDE controller now, will implement SATA controller support later.
parameters can be set as below:
cdrom:
- controller_type: ide
controller_number: 0
unit_number: 0
type: client
* Update collections integration targets path.
* Fix integration path handling.
* Add collections test target fallback.
Also add warnings and errors for common path mistakes.
* Improve role target detection.
This directory is currently a fixed location to make troubleshooting easier.
It is cleared before each test target runs, but is preserved when a test target finishes.
This allows the contents to be inspected when a test fails.
The previous location was `~/ansible_testing/`.
The new location is within the content root:
- `test/results/.tmp/output_dir` for Ansible
- `tests/output/.tmp/output_dir` for Ansible Collections
Moving the directory reduces the number of places on the filesystem where tests create output.
It also enables the results to be returned from delegated systems.
* default collection support
* playbooks run from inside a registered collection will set that collection as the first item in the search order (as will all non-collection roles)
* this allows easy migration of runme.sh style playbook/role integration tests to collections without the playbooks/roles needing to know the name of their enclosing collection
* disable default collection test under Windows
* enable collection search for role dependencies
* unqualified role deps in collection-hosted roles will first search the containing collection
* if the calling role has specified a collections search list in metadata, it will be appended to the search order for unqualified role deps
* disable cycle detection unit test
* failing on 3.7+, needs proper cycle detection
* see #61527
* rename modules
* created links
* fixed sanity
* removed unnecessary ignore rules
* added depreciation warning
* update ignore.txt to match
* removed unnecessary ignore rules
* update ignore.txt to match
* make ignore.txt same as in devel
* cr
* additional sanity
* Clean up layout paths for integration tests.
* Remove "special" integration test target type.
* Remove unnecessary role detection logic.
* Remove support for non-sh runme scripts.
* Simplify reading of aliases.
The directories used for collections tests are changing as follows:
`test/` -> `tests/`
`test/results/` -> `tests/output/`
This is a breaking change for collections tests executed by ansible-test.
All collections will need to be updated to use the new directory.
The `tests/output/` directory should be added to the `.gitignore` or equivalent in each collection.
This change is being made before the first pre-release of Ansible 2.9 since ansible-test has not yet been shipped.
Using the `tests/` directory matches the other collections directories `plugins/` and `roles/`.
This resolves https://github.com/ansible/ansible/issues/60218
* play, block, task: New attribute forks
With this it is possible to limit the number of concurrent task runs.
forks can now be used in play, block and task. If forks is set in different
levels in the chain, then the smallest value will be used for the task.
The attribute has been added to the Base class as a list to easily provide
all the values that have been set in the different levels of the chain.
A warning has been added because of the conflict with run_once. forks will
be ignored in this case.
The forks limitation in StrategyBase._queue_task is not used for the free
strategy.
Signed-off-by: Thomas Woerner <twoerner@redhat.com>
* Handle forks in free strategy
The forks attribute for the free strategy is handled in run in the free
StrategyModule. This is dony by counting the amount of tasks where the uuid
is the same as the current task, that should be queued next. If this amount
is bigger or equal to the forks attribute from the chain (task, block,
play), then it will be skipped to the next host. Like it is also done with
blocked_hosts.
Signed-off-by: Thomas Woerner <twoerner@redhat.com>
* Test cases for forks with linear and free strategy
With ansible_python_interpreter defined in inventory file using
ansible_playbook_python.
Signed-off-by: Thomas Woerner <twoerner@redhat.com>
* Changing forks keyword to throttle and adding some more docs
* default collection support
* playbooks run from inside a registered collection will set that collection as the first item in the search order (as will all non-collection roles)
* this allows easy migration of runme.sh style playbook/role integration tests to collections without the playbooks/roles needing to know the name of their enclosing collection
* ignore bogus sanity error
* filed #61460
* fixed task unit test failure
* don't append an empty collections list to the ds
* ignore leftover local_action in mod_args ds action parsing
* fix async_extra_data test to not require ssh and bogus locale
* disable default collection test under Windows
* ensure collection location FS code is always bytes
* add changelog
* Fix TypeError in ec2_group.py for Python3 when sorting dictionary list
* Using json.loads() and dumps() to replace sorting
* Bug fixes for ec2_group.py
* Dictionaries cannot be compared/sorted in Python3
* Diff will occur when the IpPermissions have the same IpRanges but have different ordering
* 'before' will be sorted by 'Type' with high priority than 'IP', but 'boto3.describe_security_groups()' function cannot get 'Type' from Amazon
* Add some basic diff mode testing to exercise the rule-sorting code
* Addition of ecs_certificate module.
* Documentation and code fixes
* Updates per code review
* Doc fixes, rename of chain_path to full_chain_path, add regex for cert_Expiry check
* Fixes to pep8 check to make regexp string 'raw'.
* Mistakes with find/replace of caseing.
* Added integration tests and some doc cleanup
* Some additional assertions and test typo cleanup
* Update lib/ansible/modules/crypto/entrust/ecs_certificate.py
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Responses to code review comments
* Remove fake passwords from aliases file.
* Add na_santricity_firmware module.
Manages NetApp E-Series firmware upgrades.
Includes unit and integration tests.
* Add legacy support to na_santricity_firmware module.
* Rename na_santricity_firmware to netapp_e_firmware
* Improved netapp_e_firmware example documentation.
* Add na_santricity_drive_firmware module
Manage NetApp E-Series drive firmware downloads
Includes unit and integration tests
* Rename na_santricity_drive_firmware to netapp_e_drive_firmware
* Add galaxy collections API v3 support
Issue: ansible/galaxy-dev#60
- Determine if server supports v3
Use 'available_versions' from `GET /api`
to determine if 'v3' api is available on
the server.
- Support v3 pagination style
ie, 'limit/offset style', with the paginated
responses based on https://jsonapi.org/format/#fetching-pagination
v2 galaxy uses pagination that is more or less
'django rest framework style' or 'page/page_size style',
based on the default drf pagination described
at https://www.django-rest-framework.org/api-guide/pagination/#pagenumberpagination
- Support galaxy v3 style error response
The error objects returned by the galaxy v3 api are based
on the JSONAPI response/errors format
(https://jsonapi.org/format/#errors).
This handles that style response. At least for publish_collection
for now. Needs extracting/generalizing.
Handle HTTPError in CollectionRequirement.from_name()
with _handle_http_error(). It will raise AnsibleError
based on the json in an error response.
- Update unit tests
update test/unit/galaxy/test_collection*
to paramaterize calls to test against
mocked v2 and v3 servers apis.
Update artifacts_versions_json() to tale an
api version paramater.
Add error_json() for generating v3/v3 style error
responses.
So now, the urls generated and the pagination schema
of the response will use the v3 version if
the passed in GalaxyAPI 'galaxy_api' instance
has 'v3' in it's available_api_versions
* Move checking of server avail versions to collections.py
collections.py needs to know the server api versions
supported before it makes collection related calls,
so the 'lazy' server version check in api.GalaxyAPI
is never called and isn't set, so 'v3' servers weren't
found.
Update unit tests to mock the return value of the
request instead of GalaxyAPI itself.
* Model->Role->Module.
Yet to import modules/exos_facts.py
* exos_facts refactor
* future-import and metaclass
* Fix unit tests
* Fix openconfig-lldp word and send_request API from Httpapi class
idempotent, json.dumps in base class, send_requests from base exos class
* action file for exos_lldp_global
* Add intergration tests for exos_lldp_global
* Test data field of the request
* network module
* delete cp_network, cp_network_facts, and change test_cp_network to match the new network module
* Update ignore.txt
* adding state: present
* update example
* list to dict
* Update test_cp_mgmt_network.py
* remove white-space
* Add --venv delegation to ansible-test.
* Update import sanity test venv creation.
* Fix import test when using --venv on Python 2.x.
* Improve virtualenv setup overhead.
* Hide pip noise for import sanity test.
* Raise verbosity on venv info messages.
* Get rid of base branch noise for collections.
* Add missing --requirements check.
* Files from PR#60621, continue working on fortios_facts modules
* PR#61405 unit test module test_fortios_facts.py
* sanity fixed in test_fortios_facts unit test module
* support wjh module config with testing file
* Fix version, fix enable/disable all groups
* refactor get current group status
* fix indentation and change command_generate function, add test cases and check them
* Update onyx_wjh.py
fix description
* Update onyx_wjh.py
remove extra spaces, add type to choices after run validate-modules
* fix format string - pytest use 2.6.6 format function
* Remove unused imports
* chenge onyx_wjh file permessions
* Fix version, fix enable/disable all groups
* fix indentation and change command_generate function, add test cases and check them
* support wjh module config with testing file
* Fix version, fix enable/disable all groups
* refactor get current group status
* fix indentation and change command_generate function, add test cases and check them
* Update onyx_wjh.py
fix description
* Update onyx_wjh.py
remove extra spaces, add type to choices after run validate-modules
* fix format string - pytest use 2.6.6 format function
* fix format string - pytest use 2.6.6 format function
* chenge onyx_wjh file permessions
* new module
* icx_cliconf
* icx test units module
* icx units module
* added notes
* new changes
* new module
* new fix
* new changes
* new fixes
* new changes
* Rebase
* Remove .keep files from test/results/ dirs.
* Remove classification of test/results/ dir.
* Add results_relative to data context.
* Use variables in delegation paths.
* Standardize file writing and results paths.
* Fix issues reported by PyCharm.
* Clean up invocation of coverage command.
It now runs through the injector.
* Hack to allow intercept_command in cover.py.
* Simplify git ignore for test results.
* Use test result tmp dir instead of cache dir.
* Remove old .pytest_cache reference.
* Fix unit test docker delegation.
* Show HTML report link.
* Clean up more results references.
* Move import sanity test output to .tmp dir.
* Exclude test results dir from coverage.
* Fix import sanity test lib paths.
* Fix hard-coded import test paths.
* Fix most hard-coded integration test paths.
* Fix PyCharm warnings.
* Fix import placement.
* Fix integration test dir path.
* Fix Shippable scripts.
* Fix Shippable matrix check.
* Overhaul key pair management.
* new module
* new module
* new module
* new terminal
* new terminal
* new terminal
* new terminal
* new terminal
* new terminal
* new cliconf
* new cliconf
* cliconf
* cliconf
* icx cliconf
* icx cliconf
* icx_cliconf
* icx_cliconf
* icx test units module
* icx test units module
* icx units module
* icx units module
* icx banner unit test
* icx banner unit test
* icx banner unit test
* PR changes resolved
* PR changes resolved
* changes resolved
* changes resolved
* Changes Resolved
* Changes Resolved
* check_running_config changes resolved
* check_running_config changes resolved
* check_running_config changes resolved
* added notes
* added notes
* new changes
* PR comments resolved
* new module icx_interface
* new module icx_interface
* new changes
* new changes
* new changes
* new changes
* new changes
* new changes
* new changes
* new changes
* new changes
* new changes
* new changes
* new changes
* new changes
* new changes
* new changes
* new fix
* new fix
* new fix
* new fix
* new fix
* new fix
* new fix
* new fix
* new fix
* new fix
* new fix
* new changes
* new changes
* new changes
* new changes
* new changes
* new changes
* notes updated
* Update icx.py
* Whitespace error
* new module
* icx_cliconf
* icx test units module
* icx test units module
* icx units module
* icx units module
* icx banner unit test
* added notes
* new changes
* New branch to prevent complex rebase
* Rebase had problems
* win_updates: Add flag to only download updates without installing them
* Fix test
* Fixes ansible-test (pep8)
* Fix integration test
* Fix actual fix.
* Change collection PS util import pattern
* Add changes for py2 compat
* fix up regex and doc errors
* fix up import analysis
* Sanity fix for 2.6 CI workers
* Get collection util path for coverage collection
* add locks
* rename the module
* add test
* add test
* address comments
* add quote
* can list child scope lock
* minor docs tweaks
* Add files via upload (#62)
* change '\r\n' to '\n' (#63)
* Small changes, just to trigger CI verify.
* trigger CI verify
* remove 's'
* Update according by comments
* change small for trigger CI check
* Rename OneView _facts modules -> _info
* Adjust PR #.
* Forgot to update test names.
* Remove superfluous blank line.
* Some more things from review.
* Added coverage collection for PowerShell - ci_complete ci_coverage
* uncomment out coverage uploader call
* Generate XML for PowerShell coverage
* Use whitelist to exclude coverage run on non content plugins
* Remove uneeded ignore entry
* Try to reduce diff in cover.py
* Fix up coverage report package - ci_complete ci_coverage
* Initial commit for rate limiting
- Detects if error code is 429
- Pauses for random time between .5 and 5 seconds before retrying
- If it fails 10 times, give up and tell user
* Redo structure of request() to support rate limiting
* Hold down timer is now a sliding scale
- 3 * number of retries
- Fails after the 30 second wait
* Whitespace fixes
* Redo implementation using decorators
- Errors aren't tested but code works for regular calls
* Unit tests work for error handling
* Add integration tests for successful retries
* Add condition for 502 errors and retry
* Move _error_report out of the class
* PEP8 fixes
* Add changelog entry
ansible-test: async deployment w/ vcenter provider
So far, `ansible-test`'s vcenter provider was trigger by a blocking POST
call. Since the depoyment take a lot of time (> 8m), we decided to use
an async call instead and poll the API server until the deployment
is ready.
`vmware_guest_disk_info` expects the VM to be running. Since
964783fbd2, `prepare_vmware_tests`
creates the test VM with the `powered-off` state. This to increase
the performance.
This commit ensures the test-suite actually run against a running VM,
as expected.
* Add controller ownership and cache without batteries option
* Add unit test for new netapp_e_volume options
* Add integration tests for netapp_e_volume module.
* Changed default read_ahead_enable option to true in netapp_e_volume module.
* Fix off-segment aligned volume size in netapp_e_volume module.
* add module to create aci VMM credential objects
add initial remove and add integration tests for VMM credential objects
* update 'credential' var name to 'name'
* move vmware tests to domain type specific file
* move vmware tests to domain type specific file
add include task in main file to reference domain type specific tests
* update task names
add test to remove credential prior to first credential add
add tests for querying individual credentials
add tests for query all credentials
add additional tests for removing credentials
* update version added to 2.9
remove invalid module references from 'seealso' section
* fix list reference in query all assertions
* add reference to VM_PROVIDER_MAPPING keys for vm_provider arg
* FortiOS System Fimrware Upgrade Module
* default timeout 12 seconds is not enough for large firmware or slow connection, increase it to 300 seconds
* update fortios system firmware upgrade module together with unit test
* minor updates based on the new templates
* minor updates and remove fortiosapi dependency in unit test module
* add author, remove unused method, fix descriptions, apply some sanity fixes
* FortiOS modules for 2.9 - 9
* Undo ignore file
* Remove non valid identifiers
* Leave fortios_switch_controller_lldp_profile and fortios_switch_controller_managed_switch out of this PR
* Updated fortios_switch_controller_lldp_profile and fortios_switch_controller_managed_switch
* Fix junos resource modules group based config and minor updates
Fixes https://github.com/ansible/ansible/issues/61183
* Add support to get inherited configuration for resource
modules to handle group based configuration
* Add task input check for merged, replaced and overridden
states in junos resource modules
* Integration test for group based configuration
* Fix CI test failures
* Fix test failures
* Fortinet's new module for fortios_wireless_controller_hotspot20_hs_profile
* Update fortios_wireless_controller_hotspot20_hs_profile.py and test_fortios_wireless_controller_hotspot20_hs_profile.py
* Remove pointless sanity tests on `bin` dir.
* Update action-plugin-docs test for collections.
* Update no-main-display test for collections.
* Update empty-init test for collections.
* Update no-assert test for collections.
* Move required-and-default-attributes test.
This test only applies to Ansible itself.
* Update use-argspec-type-path test for collections.
* add azure monitor log profile module
* fix version
* fix lint
* mark test as unsupported
* fix lint
* fix lint
* Fix the error prompted in the comments
* Add retrieve_orders option.
* Run acme_certificate tests also for acme_account_info; use acme_account_info to get list of orders.
* Doing some quoting.
* Improve returned description.
* Added comment field to na_ontap_volume module
* fixed zapi attribute name in create_volume_options(), and fix to ensure comment field can be set back to an empty string
* Properly JSON encode AnsibleUnsafe, using a pre-processor. Fixes#47295
* Add AnsibleUnsafe json tests
* Require preprocess_unsafe to be enabled for that functionality
* Support older json
* sort keys in tests
* Decouple AnsibleJSONEncoder from isinstance checks in preparation to move to module_utils
* Move AnsibleJSONEncoder to module_utils, consolidate instances
* add missing boilerplate
* remove removed.py from ignore
* Add missing HA admission control policies
* Add new parameter host_isolation_response
* Bugfix: 'das_vm_config' referenced before assignment
* Implement test cases
* new cliconf
* cliconf
* icx cliconf
* icx test units module
* icx units module
* icx banner unit test
* added notes
* new changes
* icx .rst
* modified platform_index.rst
* test
* Revert "test"
This reverts commit 99b72c6614.
* new module icx_facts
* fixtures added
* Rebase causing problem on branch-PR4. So created new PR
* new commit
* new changes
* adding group parameter for win_firewall_rule
* integration test fix
* changing the version add to 2.9
* setting group optional
* fix:setting required to optional
* Added NetApp ONTAP Adaptive QoS Policy Module
* updated documentation to fix validation errors
* Updates to documentation fields and modified logging function to log against the current vserver
* Fixed minor formatting issues
* Documentation update for consistency - author field
* Empty commit to force CI
* fixes
* ec2 inventory/rds: (integration tests) migrate to module_defaults and cope with missing security_token
* ec2 inventory/rds: (integration tests) Avoid hard coding the parameter group name
Generated it based on the information returned when creating the RDS instance.
* ec2 inventory/rds: (integration tests) rename templates to .j2 rather than .yml
- avoids throwing yamllint errors
- makes it clear they're templates not the final yaml files.
* Relocate ansible-test self tests outside package.
We don't want to include the tests for verifying ansible-test within the ansible-test package.
* Add `test/ansible_test/` to classification.py.
* Fix test invocation.
* Relocate tests in MANIFEST.in.
* Improve package-data sanity test error checking.
* Only use includes for ansible-test in MANIFEST.in.
* Improve readability of MANIFEST.in.
* Run no-unwanted-files sanity test only on Ansible.
Since collections should be able to use binary modules there is not really any limit on what could exist in a collection `plugins` directory.
* Add support for symlinks in sanity target lists:
- Sanity tests that need to analyze symlinks can do so using the supplied target list.
- Tests that analyze directories will now only look at symlinks if requested.
- Directory symlinks will now be seen as directories instead of files.
* Enable symlinks on filename based sanity tests.
Sanity tests that evalulate filenames instead of content should include symlinks.
* Update symlinks sanity test.
Use the sanity test target list now that it can include symlinks.
* aws_kms: (integration tests) Test updating a key by ID rather than just my alias
* aws_kms: (integration tests) Test deletion of non-existent and keys that are already marked for deletion
* aws_kms: Ensure we can perform actions on a specific key_id rather than just aliases
In the process switch over to using get_key_details rather than listing all keys.
* aws_kms: When updating keys use the ARN rather than just the ID.
This is important when working with cross-account trusts.
* Renaming `onepassword_facts` to `onepassword_info`.
* Update module examples.
* Add changelog fragment.
* Add module rename to the 2.9 porting guide.
* Document the parameter types in the module docs.
* Fix incorrect parameter name.
* Update docs/docsite/rst/porting_guides/porting_guide_2.9.rst
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Remove `onepassword_facts` as it has been renamed to `onepassword_info` including fixes for the sanity tests.
* Add support for SubjectKeyIdentifier and AuthorityKeyIdentifier to _info modules.
* Adding SubjectKeyIdentifier and AuthorityKeyIdentifier support to openssl_certificate and openssl_csr.
* Fix type of authority_cert_issuer.
* Add basic tests.
* Add changelog.
* Added proper tests for _info modules.
* Fix docs bug.
* Make sure new features are only used when cryptography backend for openssl_csr is available.
* Work around jinja2 being too old on some CI hosts.
* Add tests for openssl_csr.
* Add openssl_certificate tests.
* Fix idempotence test.
* Move one level up.
* Add ownca_create_authority_key_identifier option.
* Add ownca_create_authority_key_identifier option.
* Add idempotency check.
* Apparently the function call expected different args for cryptography < 2.7.
* Fix copy'n'paste errors and typos.
* string -> general name.
* Add disclaimer.
* Implement always_create / create_if_not_provided / never_create for openssl_certificate.
* Update changelog and porting guide.
* Add comments for defaults.
* aws_kms: (integration tests) Use module_defaults to reduce the copy and paste
* aws_kms: (integration tests) make sure policy option functions.
* aws_kms: (integration tests) Move iam_role creation to start of playbook.
iam_roles aren't fully created when iam_role completes, there's a delay on the Amazon side before they're fully recognised.
* aws_kms: Update policy on existing keys (when passed)
* Fortinet's new module for fortios_wireless_controller_hotspot20_anqp_roaming_consortium
* Update fortios_wireless_controller_hotspot20_anqp_roaming_consortium.py
* Fortinet's new module for fortios_wireless_controller_hotspot20_h2qp_conn_capability
* Update fortios_wireless_controller_hotspot20_h2qp_conn_capability.py
DCI uses an inventory directory instead of a file, along with --no-temp-workdir.
This changes the inventory check to keep that scenario working until all DCI jobs can be migrated to Zuul.
* iam_password_policy: (integration tests) Use module defaults for AWS connection details
* iam_password_policy: (integration tests) Ensure the policy is removed when tests fail
* iam_password_policy: (integration tests) Add regression test for #59102
* iam_password_policy: Only return changed when the policy changes.
* iam_password_policy: PasswordReusePrevention must be omitted to remove/set to 0
* #60930 add changelog
* Update hacking AWS security policy to allow testing of Password Policy Management