Commit Graph

961 Commits (ac22cd31b6a9b9659aeefd068175eee6b999ec6e)

Author SHA1 Message Date
Martin Krizek f37476e247 template lookup: restore variables between calls (#55126)
* template lookup: restore variables between calls

Fixes #55113

* Address issues from the review
6 years ago
Matt Clay 9961d02547 Fix changelog sanity test failure. 6 years ago
Brian Coca 45d21b6474 Fix and refix help text for CLI (#55831)
fixes #23395 giving clearer information on installed role path
  re-fixes 'home display issue' for module-path
6 years ago
Sloane Hertel 11279a909d fix combine filter using undefined vars (#55840)
* Check variables are defined before using combine filter

* Add tests for the combine filter

* Remove dependencies that should already be installed

* relocate the function to recursively check for undefined vars

add another test

* changelog
6 years ago
James Cammarata c4004b5fb1
Adding changelog for fix to issue #55515 (#55928) 6 years ago
Brian Coca 815a375177
allow empty plays again, for now (#55878) 6 years ago
Martin Krizek 8e82baba4a
zfs: deprecate key=value 'option' (#55699)
* zfs: deprecate key=value 'option'

Fixes #55318

* Not needed to ignore these anymore
6 years ago
Brian Coca 05fcb8502f
options not optional for callbacks (#55660)
fixes #55305
6 years ago
Matt Martz 2732cde031
Support using importlib on py>=3 to avoid imp deprecation (#54883)
* Support using importlib on py>=3 to avoid imp deprecation

* Add changelog fragment

* importlib coverage for py3

* Ansiballz execute should use importlib too

* recursive module_utils finder should utilize importlib too

* don't be dumb

* Fix up units

* Clean up tests

* Prefer importlib.util in plugin loader when available

* insert the module into sys.modules

* 3 before 2 for consistency

* ci_complete

* Address importlib.util.find_spec returning None
6 years ago
Martin Krizek 1a6df99aa5 apt: strip whitespaces in package names (#55750)
Fixes #55741
6 years ago
Matt Davis 03cac394cc
mark entire module result untrusted as template (#55717)
* prevents accidental templating on intra-action postprocessing of an untrusted module result
* makes the view of a module result within an action consistent with the way it would be stored for future use (eg facts, register)
6 years ago
Kevin Breit 56da3825c6 meraki_content_filtering - Remove redundant API call with get_nets() (#55531)
* Remove redundant API call with get_nets()

* Add changelog fragment
6 years ago
Kevin Breit 7b7d6a1fef meraki_static_route - Remove unnecessary API call (#55528)
* Make module not get all nets every time it's executed with net_id

* Add changelog fragment

* Update changelogs/fragments/meraki_static_route_api_calls.yml

Co-Authored-By: kbreit <kevin.breit@kevinbreit.net>
6 years ago
Martin Krizek bc9074404e ec2_instance: remove network.ebs_optimized option (#55694)
Fixes #55307
6 years ago
Martin Krizek 43712f81e5 ec2_lc: deprecate device_type option (#55697)
Fixes #55308
6 years ago
Martin Krizek 27b64d6524 ec2: deprecate device_type option (#55692)
Fixes #55306
6 years ago
René Moser 1705ef5f26
vultr_server: fix idempotency for private network and IPv6 options (#55619)
* vultr_server: fix idempotency for private network and IPv6 options

* add changelog
6 years ago
Matt Martz db6cc60352
Migrate command line parsing to argparse (#50610)
* Start of migration to argparse

* various fixes and improvements

* Linting fixes

* Test fixes

* Fix vault_password_files

* Add PrependAction for argparse

* A bunch of additional tweak/fixes

* Fix ansible-config tests

* Fix man page generation

* linting fix

* More adhoc pattern fixes

* Add changelog fragment

* Add support for argcomplete

* Enable argcomplete global completion

* Rename PrependAction to PrependListAction to better describe what it does

* Add documentation for installing and configuring argcomplete

* Address rebase issues

* Fix display encoding for vault

* Fix line length

* Address rebase issues

* Handle rebase issues

* Use mutually exclusive group instead of handling manually

* Fix rebase issues

* Address rebase issue

* Update version added for argcomplete support

* -e must be given a value

* ci_complete
6 years ago
Matt Martz 7ee6c136fd
Update bundled copy of six from 1.11.0 to 1.12.0 (#55456)
* Update bundled copy of six from 1.11.0 to 1.12.0. Fixes #55303

* Linting fix

* ci_complete
6 years ago
Matt Martz acc675e4a8
Update bundled copy of backports.ssl_match_hostname from 3.4.0.2 to 3.7.0.1 (#55461)
* Update bundled copy of backports.ssl_match_hostname from 3.4.0.2 to 3.7.0.1. Fixes #51794

* Address linting issues

* ci_complete
6 years ago
Matt Martz 8f2976dcee
Update bundled copy of distro from 1.3.0 to 1.4.0 (#55459)
* Update bundled copy of distro from 1.3.0 to 1.4.0. Fixes #55302

* ci_complete
6 years ago
Matt Martz e0f30ed0ee
Update bundled copy of selectors2 from 1.1.0 to 1.1.1 (#55457)
* Update bundled copy of selectors2 from 1.1.0 to 1.1.1. Fixes #55300

* ci_complete
6 years ago
Xaroth a9f24e097f Add ansible_parent_role_names magic variable (#46687)
-Add: Test cases for ansible_parent_role_names and ansible_parent_role_paths
-Add: ansible_parent_role_names/paths variables for when a role is being included by another role.
6 years ago
Brian Coca 780ee45819
ensure inventory plugin loading rel to play (#51177)
Ensure inventory plugin loading rel to play

  fixes #51033

*  clarify paths
* now adding dirs funciton in loader
* better warnings
* each cli should handle adding dirs depending on context
6 years ago
Sam Doran f27eccabbd
User - Fix shadow file parsing on AIX (#55230)
Implement a new method for shadow file parsing so it can be subclassed.
6 years ago
Marko Stanković 7e0603282d Add changelog fragments for #44811 (#55427) 6 years ago
Hannes Ljungberg 14c60e6ec8 docker_swarm_service: Use str type for configs/secrets gid/uid (#55591)
* Change type of secrets gid/uid to str
* Add changelog fragment

Co-Authored-By: hannseman <hannes@5monkeys.se>
6 years ago
rajaspachipulusu17 19c87d829f Pluribus Networks modules handling empty output (#54971)
* Handling empty output string
* Change log fragment for PR 54971
6 years ago
Anatoly Pugachev 701cf25891 [cosmetic] solaris wwn fix (#55154)
* Solaris WWN parsing cosmetic fix (commit 924f5b5467)

* simplify module.run_command by removing use_unsafe_shell and remove calling of external grep

* add changelog fragment
6 years ago
Felix Fontein c8a15b9dbc crypto modules: use module_utils.compat.ipaddress when possible (#55278)
* Use module_utils.compat.ipaddress where possible.

* Simplify reverse pointer computation.

* Use dummy for unused variables.

* Remove from ignore list.

* Adjust fix.

* Fix text handling for Python 2.

* Add changelog.
6 years ago
Abhijeet Kasurde ffce456de9
VMware: Check return of FindByInventoryPath (#55282)
Check return value of FindByInventoryPath API which is used for
finding desired folder to deploy OVF.

Fixes: #54823

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
6 years ago
Jordan Borean f247c21d23
win_region - fix format issues when using psrp (#55487) 6 years ago
Felix Fontein 12d26eceb1 docker modules: make sure everything works with older docker-py versions (#55258)
* General test improvements.

* Adjust tests to older docker-py versions.

* docker_swarm_server_info: work around problems with older docker-py versions

* Bump minimal docker-py version for options network_filters and disk_usage.

* More general test improvements.

* Correct usage of docker_image.

* Put files into output directory.

* Speed up test.

* Remove old check.
6 years ago
Brian Coca 24b44e1772
Ensure discovery unsafe (#55295)
* Ensure safe discovery by marking it Unsafe
6 years ago
Jordan Borean fdf9df89f5
psrp - Fix raw and script tests for connection plugin (#55357)
* psrp - Fix raw and script tests for connection plugin

* Fix error propagation with raw in psrp

* uncomment test
6 years ago
Jordan Borean 49655a452d
psrp - fix test_command rc for win_reboot (#55354) 6 years ago
Jordan Borean 52946c49a4
psrp - Fix fetch for large files (#55351)
* psrp - Fix fetch for large files

* Fix typo
6 years ago
Brian Coca aa8d23b42f
ensure facts marked as unsafe (#55326)
dont rely on plugin layer to do so
6 years ago
Matt Martz ca83a5c110
Version in deprecate calls should be a string (#55395)
* Version in deprecate calls should be a string. Fixes #55312. Fixes #55313. Fixes #55314. Fixes #55315. Fixes #55316. Fixes #55317.

* Add changelog fragment
6 years ago
Matt Martz 07443a2bcd
Address 2.9 uri deprecations (#55330)
* Address 2.9 uri deprecations. Fixes #55310

* Add changelog fragment
6 years ago
Matt Martz 9f83139dcb
Don't register tests as filters (#55332)
* Don't register tests as filters. Fixes #55319

* Remove tests for deprecated functionality

* Remove no-tests-as-filters sanity tests

* Remove docs too

* Revert "Remove docs too"

This reverts commit 7daf457a74.

* Make no-tests-as-filters doc an orphan
6 years ago
Martin Krizek 4ec8599c38 apt: remove deprecated installed/removed aliases (#55338)
* apt: remove deprecated installed/removed aliases

Fixes #55311
6 years ago
Anatoly Pugachev b28c73af62 Fixes solaris (sunos) uptime in ansible facts module (#54626)
* correct uptime on solaris by using system boot_time instead of snaptime
* add unit test
6 years ago
Hideki Saito 83f20e0ea0 Fixed wrong variable specification format in examples (#55252)
Signed-off-by: Hideki Saito <saito@fgrep.org>
6 years ago
Kevin Breit fb3cc7f687 meraki_vlan - Remove unnecessary API calls when net_id is specified (#54939)
* Remove unnecessary API calls when net_id is specified

* Remove temp_get_nets commented out code
6 years ago
Andrey Klychkov 4190985995 postgresql_slot - sslrootcert fix (#55277) 6 years ago
Felix Fontein cb5c57bcd5 openssl_csr: fix idempotency problems (#55142)
* Add test for generating a CSR with everything, and testing idempotency.

* Proper SAN normalization before comparison.

* Fix check in cryptography backend.

* Convert SANs to text. Update comments.

* Add changelog.
6 years ago
Felix Fontein d64b17731d docker_container: improve log_options idempotency by converting to string (#54955)
* Warn when log_options values are not strings.

* Add changelog.

* Improve message.

* Improve formatting and formulation of other messages.

* Add test for warning.

* Trying double escaping.
6 years ago
Abhijeet Kasurde 6ff4547489 VMware: get_all_host_objs accepts list of host (#55146)
vmware_portgroup accepts list of hosts, get_all_host_objs API modified
to accept list of hosts.

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
6 years ago
Toshio Kuratomi bc955b9d60 Cleanup the tree for post-2.8-branch
After branch, we do the following tasks:
* Remove all old changelog fragments.  The devel tree starts fresh.
* Remove all old generated changelog info (CHANGELOG-v2.8.rst and .changes.yaml)
* Set the new codename and version in release.py
6 years ago
Brian Coca 9f87552f06
add option to display per host start to default (#53819)
* add option to display per host start to default
6 years ago
Brian Coca e40832df84
become mixin is no more (#54002)
* become mixin is no more
  since sudo/su keywords are removed in 2.9 .. no need to keep this code around
 * also don't need test for code that is removed
 * made preprocess_data on base noop
   its not used by anything anymore, but kept for backwards compat since other methods of same name are used
6 years ago
Jordan Borean 6039ff9a24
win_domain - fix for checking for domain on new host (#55195) 6 years ago
Brian Coca 6579dfda17
Correct plugin loader context for persistent (#54860)
* Correct plugin loader context for persistent
6 years ago
Martin Krizek a40c1ed811
setup: properly detect is_chroot on Btrfs (#55089)
* setup: properly detect is_chroot on Btrfs

Fixes #55006

* Use get_bin_path for stat

* Remove comment
6 years ago
Tobias Rüetschi cd00934375 Add a changelog fragment for PR 55083. (#55130) 6 years ago
Anatoly Pugachev 19f6634353 Add support of facts gathering WWNs on AIX OS (#51704)
* Extend git commit c65909d6db "Add network fact to obtain FC WWN initiator ports"
adding support of enumerating AIX device WWN ports

$ lsdev -Cc adapter -l fcs*
fcs0 Defined   00-00 8Gb PCI Express Dual Port FC Adapter (df1000f114108a03)
fcs1 Defined   00-01 8Gb PCI Express Dual Port FC Adapter (df1000f114108a03)
fcs2 Available 04-00 8Gb PCI Express Dual Port FC Adapter (df1000f114108a03)
fcs3 Available 04-01 8Gb PCI Express Dual Port FC Adapter (df1000f114108a03)

$ lscfg -vpl fcs3 | grep 'Network Address'
        Network Address.............10000090FA551509

* no self in this code

* Two fixes:

- fix run_command execution, passing 'use_unsafe_shell=True' since we have a pipe in it ( | grep )
  if we don't set unsafe shell, it will return error on execution.

- strip new line characters at the end of WWNs.

* fix pep8 , E225 missing whitespace around operator

* use module.get_bin_path() instead of hardcoded values

* move module.get_bin_path() out of for loop

* use python string parsing instead of calling external grep

* use in operator instead of find() for simplicity and readability

* add changelog fragment
6 years ago
Toshio Kuratomi 04e5c550a8 Do not look for a paramiko compat package anymore (#55106) 6 years ago
Matt Martz e89f8bae86
Extend jinja2 nested undefined support to keys/indices (#55094) 6 years ago
Wilmar den Ouden 877ce12970 VMware: Rename results key to ansible_module_results (#55038)
* Rename results key to ansible_module_results

* Update to a better variable name

* Update example and adds change to porting guide
6 years ago
junji hashimoto c3e50db1d5 Renamed SafeConfigParser to ConfigParser in gce inventory script (#54974) 6 years ago
Andrea Tartaglia 0303ea2bfa openssl_pkcs12: Add idempotency checks (#54633)
* Added idempotency logic to openssl_pkcs12

Also decoupled the 'parse' and 'generate' function from the file write
as they are now used in different places that do not need the file to be
written to disk.

* Added idempotency tests for openssl_pkcs12

Also adds a new test for pkcs12 files with multiple certificates

* Regenerate if parsed file is invalid

* pkcs12_other_certificates check was wrong

* Updated ca_certificates to other_certificates

ca_certificates is left as an alias to other_certificates;
friendlyname depends on private key, so it will be ignored while
checking for idempotency if the pkey is not set;
idempotency check only checks for correct certs in the stack

* use different keys for different certs

* Added other_certificates in module docs

* Added changelog and porting guide

* removed unrelated porting guide entry

* renamed ca_cert* occurrence with other_cert
6 years ago
Andreas Calminder 7adfb1f714 os_volume: Modify existing volume (#54905)
* add support for: volume resize, check_mode and diff

* add changelog fragment
6 years ago
Adam Miller a2eb227970 facts: correctly detect xen paravirt vs hvm cpuinfo (#49320)
* facts: correctly detect xen paravirt vs hvm cpuinfo

Fixes #49039

Signed-off-by: Adam Miller <admiller@redhat.com>

* provide default val if we IndexError

Signed-off-by: Adam Miller <admiller@redhat.com>
6 years ago
Matt Davis 97446f0eca
Revert "Add a force_replace_host flag to win_domain_membership (#53542)" (#55056)
This reverts commit 85d836171b.

As discussed in WWG IRC meeting, we don't want Get-ADObject to be a dependency of win_domain_membership, and we need to be able to authenticate to the DC in some configs. We can revisit this change a different way for 2.9.
6 years ago
Sloane Hertel ba8b5ec0d3
[ec2] Use user_data if specified (#54494)
* Use user_data if specified

* changelog
6 years ago
Adam Miller d53c3cd4f2
Force pkg_mgr yum for rhel < 8, dnf for rhel > 8 (#54010)
* Force pkg_mgr yum for rhel < 8, dnf for rhel > 8

This solves the scenario in which someone using RHEL or a clone
decides to install dnf, which can break their system in certain ways
under certain scenarios (a dnf bug that's been resolved upstream but
left user systems broken happened recently). Currently Red Hat
provides dnf to RHEL7 in an optional Tech Preview Channel under the
YUM4 branding, as does the CentOS Content Management SIG. There may
be others in the ecosystem I'm not familiar with.

Signed-off-by: Adam Miller <admiller@redhat.com>

* add changelog

Signed-off-by: Adam Miller <admiller@redhat.com>
6 years ago
Sam Doran 3cd98a9fcc Use ansible.module_utils.six in inventory scripts (#55000)
* Use six from ansible.module_utils for inventory scripts

Remove skips from sanity test

* Change all imports of ConfigParser to use module_utils.six.moves

* Remove commented out lines

* Fix six imports
6 years ago
Brian Coca 5f69ab7f46 Better test for cache method availability (#54740)
* Better test for cache method availability

  fixes #54737

* try and ignore missing method

* avoid plugin cross contamination

* ammend clog
6 years ago
Benjamin MALYNOVYTCH 9c5275092f mysql_user: fix compatibility issues with various MySQL/MariaDB versions (#45355)
* mysql_user: fix MySQL/MariaDB version check

To handle properly user management, version check needed refacto, as well as the query used to get existing password hash

* mysql_user: break long query in multiple lines

* mysql_user: fix query fetch existing password hash

* mysql_user: MariaDB version check 100.2 != 10.2

* mysql_user: fix existing password fetch

In some cases, both columns (Password and authentication_string) may exist and be populated.
In other cases one exist, but not the second.
This fix should handle properly all situations

* mysql_user: break long queries

* mysql_user: refactor duplicated code

* mysql_user: handle updates from root with empty passwd to new passwd

* mysql_user: GC debug statement and readd trailing new line

* mysql_user: fix pep8 under indentation

* mysql_user: fix privileges management
https://github.com/ansible/ansible/pull/45355#issuecomment-428200244

* mysql_user: raise exception if exception caught doesn't match the one that is managed

* mysql_user: improve plugins output (add msg field with explicit informations)

* mysql_user: fix old / new password hash comparison

* mysql_user: fix reference to old MySQLdb lib

* mysql_user: fix cursor when root password is left empty (mysql DB invisible)

* mysql_user: add changelog

* ALL privileges comparison

* fixed blank line

* added mysql 8 fixes

* fixed version compatibility

* mysql_user: fix MySQL/MariaDB version check

To handle properly user management, version check needed refacto, as well as the query used to get existing password hash

* mysql_user: break long query in multiple lines

* mysql_user: fix query fetch existing password hash

* mysql_user: MariaDB version check 100.2 != 10.2

* mysql_user: fix existing password fetch

In some cases, both columns (Password and authentication_string) may exist and be populated.
In other cases one exist, but not the second.
This fix should handle properly all situations

* mysql_user: break long queries

* mysql_user: refactor duplicated code

* mysql_user: handle updates from root with empty passwd to new passwd

* mysql_user: GC debug statement and readd trailing new line

* mysql_user: fix pep8 under indentation

* mysql_user: fix privileges management
https://github.com/ansible/ansible/pull/45355#issuecomment-428200244

* mysql_user: raise exception if exception caught doesn't match the one that is managed

* mysql_user: improve plugins output (add msg field with explicit informations)

* mysql_user: fix old / new password hash comparison

* mysql_user: fix reference to old MySQLdb lib

* mysql_user: fix cursor when root password is left empty (mysql DB invisible)

* mysql_user: add contrib

* Rename changelogs/fragments/45355-mysql_user-fix-versions-compatibilities to add YML extension
6 years ago
Abhijeet Kasurde b142b6f0e8 Move changelog entries to fragments directory (#55017)
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
6 years ago
Hideki Saito 377fba3d76 Fix handling of inventory and credential options for tower_job_launch (#54967)
- Fixed issue #25017,#37567
- Add example for prompt on launch
- Add integration test for prompt on launch

Signed-off-by: Hideki Saito <saito@fgrep.org>
6 years ago
Raymond Roelands 8edae1bc61 updated tests and changelog for 54516 (#54670)
* updated tests and changelog for 54516

* Handle errors if PG does not support partitioning.

* Check for PG > 10 in tasks

* Show changes for partitioned tables in ansible

* Added documentation in the tests

* Update test/integration/targets/postgresql/tasks/postgresql_privs.yml

Co-Authored-By: raymondroelands <raymondroelands@users.noreply.github.com>

* Update test/integration/targets/postgresql/tasks/postgresql_privs.yml

Co-Authored-By: raymondroelands <raymondroelands@users.noreply.github.com>

* Added check for 0 tables after revoking rights

* Added test and moved tests
Added check mode test and moved test right after the change.

* Rebased postgresql_privs.py
6 years ago
Christopher Snyder 09f68fc659 redhat_subscription: Fix usage of ConfigParser (#54815) 6 years ago
Jason Witkowski 87f8e37c2c Fix for neither LaunchConfigName nor LaunchTemplate existing on object (#54692) 6 years ago
Matt Martz 56ae8ebd60 Don't swallow exceptions when processing included files (#54791)
* Don't swallow exceptions when processing included files. Fixes #54786
6 years ago
Felix Fontein 7d27348356 ufw: fix default, direction is not necessary for it (#54799)
* Correct behavior so that direction isn't required for default.
* Add more tests.
* 'disabled' values cannot be changed.
* Include 'not specified' in messages.
6 years ago
Felix Fontein e079758b31 Move refactoring steps from #54635 to own PR. (#54690) 6 years ago
Robert Osowiecki 1532e31ec0 Allow all of yum version compare operators (#54603)
* Allow all of yum version compare operators

* * yum: name="foo >= VERSION" integration test
* changelog fragment
6 years ago
Adam Miller 21d692cace fix dnf module removal in dnf upstream 4.2.2+ (#54923)
* fix dnf module removal in dnf upstream 4.2.2+

Signed-off-by: Adam Miller <admiller@redhat.com>

* Remove extra blank line in changelog fragment.
6 years ago
Toshio Kuratomi ae667d3d86 New release v2.8.0a1 6 years ago
Felix Fontein 8cba1f9397 docker_network: add IPAM driver options support (#54632)
* Tidying up.

* Adding ipam_driver_options parameter.

* Add tests.

* Add changelog.
6 years ago
Brian Coca bda541fa0d
fix missing attribs with dirct module execution (#53875)
* fix missing attribs with dirct module execution
* also make remote tmp handling smarter
 update tests
* set default if attrib does not exist
* add simple test
6 years ago
Sam Doran 6ce9cf7741
Change default smart connection to ssh on macOS and remove paramiko from requirements.txt (#54738)
* Remove default use of paramiko connection plugin on macOS
    This fix was originally to work around a bug that caused a kernel panic on macOS
    that has since been fixed.
* Remove paramiko from requirements.txt
* Move paramiko checking to common place
* Drop the warnings obfiscation code
* Update pip installation instructions to reflect upstream instructions
* Fix tests on CentOS 6 (Python 2.6) that now show Python deprecation warnings
* Add changelog fragment
6 years ago
Felix Fontein e422f18898 acme_certficate: allow to write files to CWD (#54754)
* Allow to write files to CWD.

* Add changelog.
6 years ago
Martin Krizek d15812fabf
Fix copy module to reset filesystem acls (#51868)
The controller's fixup_perms2 uses filesystem acls to make the temporary
file for copy readable by an unprivileged become user. On Python3, the
acls are then copied to the destination filename so we have to remove
them from there.

We can't remove them prior to the copy because we may not have
permission to read the file if the acls are not present. We can't
remove them in atomic_move() because the move function shouldn't know
anything about controller features. We may want to generalize this into
a helper function, though.

Fixes #44412

Co-authored-by: Toshio Kuratomi <a.badger@gmail.com>
6 years ago
Jordan Borean e56fb48873
psrp - auth options (#54705) 6 years ago
Łukasz Szczęsny bcdd1dc951 pamd: fix idempotence issue when removing rules (#54105) 6 years ago
Hannes Ljungberg e58f23b73e docker_swarm: Return UnlockKey (#54490)
* Return UnlockKey

* Add changelog fragment

* Add method to check if a parameter exists in diffs

* Add method to get swarm unlock key

* Add option unlock_key

* Only return unlock key when created or changed

* Rename difference check

* Extend unlock key example

* Assert that unlock_key is a string

* Fix docker_swarm_info authors

* Don’t silence APIErrors

* Test unlock_key on unlocked swarm

* Catch APIError when retrieving unlock key

* Better return value description

* Lint

* Fix UnlockKey return value documentation

Co-Authored-By: hannseman <hannes@5monkeys.se>

* Get unlock key safely

Co-Authored-By: hannseman <hannes@5monkeys.se>

* Return None on empty UnlockKey

* Assert swarm_unlock_key is undefined if unqueried

* Add documentation about swarm_info unlock_key

* Add change log fragment for unlock_key option

* Revert "Add change log fragment for unlock_key option"

This reverts commit e3cb2325b5.

* Use generator expression instead

* Restart docker more decisively

* Use systemctl kill

Co-Authored-By: hannseman <hannes@5monkeys.se>

* Try to restart docker daemon
6 years ago
Felix Fontein fa47bed71c openssl_certificate: fix ACME provider (#54656)
* Change default of acme_chain to no.

* Stop using string command lines.

* Add changelog.

* Fix changelog.
6 years ago
René Moser 01f63ee871
cloudstack: fix E326 (#54657)
* cloudstack: remove choice list for hypervisor param

* cloudstack: streamline network_type with returned value by the API

* cloudstack: remove E326

* add changelog fragment
6 years ago
Hannes Ljungberg 833512b07c docker_swarm: Add support for default_addr_pool and subnet_size (#54642)
* Add support for default_addr_pool and subnet_size

* Add changelog fragment

* Document options only used on init / join
6 years ago
Kevin Subileau 09979e899f win_nssm: refactor to fix issues, support check mode and add more features (#45693)
* win_nssm: rename cmdlets to use approved verbs, rename service name parameters

* win_nssm: improve code style and cmdlets ordering

* win_nssm: always escape all command line parameters with Argv-ToString

fix error when the service name contains quotes

* win_nssm: use Fail-Json instead of exceptions and remove global try/catch

* win_nssm: small refactoring, inline some functions

* win_nssm: refactoring - add a generic cmdlet to idempotently set any nssm service parameter

* win_nssm: refactoring - inline some functions

To make the code more malleable for future changes

* win_nssm: change application, stdout_file and stderr_file options type to path

* win_nssm: deprecates app_parameters, rename app_parameters_free_form to arguments, and add support for list of parameters

* win_nssm: add support of check mode

* win_nssm: add working_directory option

* win_nssm: add display_name and description options

* win_nssm: minor changes

* win_nssm: remove some sanity exclusions

* win_nssm: avoid using aliases and minor style fixes

* win_nssm: doc and ui improvements

* win_nssm: remove sanity exclusions

* win_nssm: minor revision

* win_nssm: deprecates dependencies, start_mode, user and password parameters and some choices of state in favor of win_service

* win_nssm: fix style

* win_nssm: add executable option to specify the location of the NSSM utility

* win_nssm: add missing parameter types

* win_nssm: add diff mode support

* win_nssm: avoid displaying depreciation warning if default value is assigned

* win_nssm: fix variable scope

* win_nssm: use the explicit -LiteralPath parameter name instead of -Path

* win_nssm: fix documentation

* win_nssm: add porting guide entries

* win_nssm: add changelog fragment
6 years ago
Felix Fontein 188903448a openssl_*: add backup option (#54294) 6 years ago
Scott Luther 5517b0384f fix remove_orphans using APIs exposed via AnsibleDockerClient (#54316)
Co-Authored-By: sluther <neenach2002@gmail.com>
6 years ago
Kevin Breit d16dcb8dbb meraki_device - Support for creating and modifying device notes (#51100)
* Add support for notes

* Add test for notes

* Device notes changes
- Renamed from notes to note
- Modified tests to work

* Comment device test since it only works once

* Remove assertion stanza and move assertion to existing one

* Add version_added to note documentation

* Converted from tabs to spaces

* Added changelog fragment

* Remove changelog file since it's a feature

* Add changelog fragment
6 years ago
David Passante 7c57caf8fa cs_network_offering: add a for_vpc parameter (#54551)
* cs_network_offering: add for_vpc parameter

* add changelog fragment
6 years ago
Matt Davis f86345f777
Collection content loading (#52194)
* basic plugin loading working (with many hacks)

* task collections working

* play/block-level collection module/action working

* implement PEP302 loader

* implicit package support (no need for __init.py__ in collections)
* provides future options for secure loading of content that shouldn't execute inside controller (eg, actively ignore __init__.py on content/module paths)
* provide hook for synthetic collection setup (eg ansible.core pseudo-collection for specifying built-in plugins without legacy path, etc)

* synthetic package support

* ansible.core.plugins mapping works, others don't

* synthetic collections working for modules/actions

* fix direct-load legacy

* change base package name to ansible_collections

* note

* collection role loading

* expand paths from installed content root vars

* feature complete?

* rename ansible.core to ansible.builtin

* and various sanity fixes

* sanity tweaks

* unittest fixes

* less grabby error handler on has_plugin

* probably need to replace with a or harden callers

* fix win_ping test

* disable module test with explicit file extension; might be able to support in some scenarios, but can't see any other tests that verify that behavior...

* fix unicode conversion issues on py2

* attempt to keep things working-ish on py2.6

* python2.6 test fun round 2

* rename dirs/configs to "collections"

* add wrapper dir for content-adjacent

* fix pythoncheck to use localhost

* unicode tweaks, native/bytes string prefixing

* rename COLLECTION_PATHS to COLLECTIONS_PATHS

* switch to pathspec

* path handling cleanup

* change expensive `all` back to or chain

* unused import cleanup

* quotes tweak

* use wrapped iter/len in Jinja proxy

* var name expansion

* comment seemingly overcomplicated playbook_paths resolution

* drop unnecessary conditional nesting

* eliminate extraneous local

* zap superfluous validation function

* use slice for rolespec NS assembly

* misc naming/unicode fixes

* collection callback loader asks if valid FQ name instead of just '.'
* switch collection role resolution behavior to be internally `text` as much as possible

* misc fixmes

* to_native in exception constructor
* (slightly) detangle tuple accumulation mess in module_utils __init__ walker

* more misc fixmes

* tighten up action dispatch, add unqualified action test

* rename Collection mixin to CollectionSearch

* (attempt to) avoid potential confusion/conflict with builtin collections, etc

* stale fixmes

* tighten up pluginloader collections determination

* sanity test fixes

* ditch regex escape

* clarify comment

* update default collections paths config entry

* use PATH format instead of list

* skip integration tests on Python 2.6

ci_complete
6 years ago
Sam Doran 023c5167fd Revert "Use locking for concurrent file access (#52567)" (#54547)
This reverts commit e152b277cf.
6 years ago
James Cassell bc4ef99533 standardize TLS connection properties (#54315)
* openstack: standardize tls params

* tower: tower_verify_ssl->validate_certs

* docker: use standard tls config params

- cacert_path -> ca_cert
- cert_path -> client_cert
- key_path -> client_key
- tls_verify -> validate_certs

* k8s: standardize tls connection params

- verify_ssl -> validate_certs
- ssl_ca_cert -> ca_cert
- cert_file -> client_cert
- key_file -> client_key

* ingate: verify_ssl -> validate_certs

* manageiq: standardize tls params

- verify_ssl -> validate_certs
- ca_bundle_path -> ca_cert

* mysql: standardize tls params

- ssl_ca -> ca_cert
- ssl_cert -> client_cert
- ssl_key -> client_key

* nios: ssl_verify -> validate_certs

* postgresql: ssl_rootcert -> ca_cert

* rabbitmq: standardize tls params

- cacert -> ca_cert
- cert -> client_cert
- key -> client_key

* rackspace: verify_ssl -> validate_certs

* vca: verify_certs -> validate_certs

* kubevirt_cdi_upload: upload_host_verify_ssl -> upload_host_validate_certs

* lxd: standardize tls params

- key_file -> client_key
- cert_file -> client_cert

* get_certificate: ca_certs -> ca_cert

* get_certificate.py: clarify one or more certs in a file

Co-Authored-By: jamescassell <code@james.cassell.me>

* zabbix: tls_issuer -> ca_cert

* bigip_device_auth_ldap: standardize tls params

- ssl_check_peer -> validate_certs
- ssl_client_cert -> client_cert
- ssl_client_key -> client_key
- ssl_ca_cert -> ca_cert

* vdirect: vdirect_validate_certs -> validate_certs

* mqtt: standardize tls params

- ca_certs -> ca_cert
- certfile -> client_cert
- keyfile -> client_key

* pulp_repo: standardize tls params

remove `importer_ssl` prefix

* rhn_register: sslcacert -> ca_cert

* yum_repository: standardize tls params

The fix for yum_repository is not straightforward since this module is
only a thin wrapper for the underlying commands and config.  In this
case, we add the new values as aliases, keeping the old as primary,
only due to the internal structure of the module.

Aliases added:
- sslcacert -> ca_cert
- sslclientcert -> client_cert
- sslclientkey -> client_key
- sslverify -> validate_certs

* gitlab_hook: enable_ssl_verification -> hook_validate_certs

* Adjust arguments for docker_swarm inventory plugin.

* foreman callback: standardize tls params

- ssl_cert -> client_cert
- ssl_key -> client_key

* grafana_annotations: validate_grafana_certs -> validate_certs

* nrdp callback: validate_nrdp_certs -> validate_certs

* kubectl connection: standardize tls params

- kubectl_cert_file -> client_cert
- kubectl_key_file -> client_key
- kubectl_ssl_ca_cert -> ca_cert
- kubectl_verify_ssl -> validate_certs

* oc connection: standardize tls params

- oc_cert_file -> client_cert
- oc_key_file -> client_key
- oc_ssl_ca_cert -> ca_cert
- oc_verify_ssl -> validate_certs

* psrp connection: cert_trust_path -> ca_cert

TODO: cert_validation -> validate_certs (multi-valued vs bool)

* k8s inventory: standardize tls params

- cert_file -> client_cert
- key_file -> client_key
- ca_cert -> ca_cert
- verify_ssl -> validate_certs

* openshift inventory: standardize tls params

- cert_file -> client_cert
- key_file -> client_key
- ca_cert -> ca_cert
- verify_ssl -> validate_certs

* tower inventory: verify_ssl -> validate_certs

* hashi_vault lookup: cacert -> ca_cert

* k8s lookup: standardize tls params

- cert_file -> client_cert
- key_file -> client_key
- ca_cert -> ca_cert
- verify_ssl -> validate_certs

* laps_passord lookup: cacert_file -> ca_cert

* changelog for TLS parameter standardization
6 years ago