Commit Graph

1252 Commits (b06dfbec5451e8ec5d66827e0fc169f8414afcfa)

Author SHA1 Message Date
Tim Rupp 00bf4ee210
routedomain fixes (#33501)
* routedomain fixes

Adds partition. Adds name. Makes name and id mutually exclusive.

* Fixes upstream errors
7 years ago
Tim Rupp dd94cc8229
Various bigip_selfip fixes (#33500)
* Various bigip_selfip fixes

Minor optimizations. Fixes address regex

* Fixing upstream errors
7 years ago
Tim Rupp df86d8f39e
Fixes ordered dict import (#33499)
Make it try to fallback to a pypi package if its not found in what
ships with python
7 years ago
Tim Rupp 07c9c28a06
Fixes for unit tests (#33498)
upstream unit tests broke downstream code. this rectifies that.
7 years ago
Tim Rupp da2e20ef45
Fixes various http monitor things (#33497)
Added token cleanup. Refactored a small amount of code. formatting
and cleanup of code.
7 years ago
Tim Rupp 798de98b0c
Adds hostname to remote-syslog (#33496)
* Adds hostname to remote-syslog

Previously, only an IP address wa allowed. This removes that restriction

* Fixes upstream errors
7 years ago
Tim Rupp a4aa00f556
Various bigip_user fixes (#33495)
There was a bit of refactoring that happened for coding standards.
Additionally, a bug fix was made for changing the root password
7 years ago
Tim Rupp bcda0db7db
Fixes tcp monitors (#33494)
* Fixes tcp monitors

Formatting fixes and a missing default parent. This patch fixes
that.

* Fixes upstream errors
7 years ago
Tim Rupp 212340bf0c
Fixes bug converning filenames with dots (#33493)
The name detminator was incorrect. This fixes it and fixes unit
tests related things that were broken downstream
7 years ago
Tim Rupp 1f1f1c9d04
Refactors bigip_node (#33492)
* Refactors bigip_node

Includes a number of fixes and enhancements in addition to refactoring
the code to be inline with f5 standards

* Fixes upstream errors
7 years ago
Tim Rupp 4f8f99479a
Various bigip policy fixes (#33491)
Test fixes, formatting, and added a difference checking method
7 years ago
Tim Rupp 008e23dcd1
Refactors bigip_sys_db (#33490)
Bringing it up to speed with the other f5 modules.
7 years ago
Tim Rupp 277d416b5b
Refactors bigip_vlan (#33489)
This patch adds tests and refactors the code to be inline with current
f5 coding standards
7 years ago
Tim Rupp 914829f56b
Adds bigip_monitor_snmp_dca module (#33483)
This module is a flavor of monitor for SNMP DCA's
7 years ago
Tim Rupp a2f19fbded
Adds bigip_policy_rule module (#33482)
* Adds bigip_policy_rule module

This module is the second component of managing LTM policies on
BIG-IP. This module lets you manage the rules of a policy

* Fixing upstream errors

* Correcting YAML errors
7 years ago
Tim Rupp abca68f5ac
Adds the bigip_monitor_udp module (#33481)
This module can be used to manage UDP monitors on a BIG-IP
7 years ago
Tim Rupp e3419fce87
Fixes and features for bigip_provision (#33480)
* Fixes and features for bigip_provision

Adds support for dedicated modules. Fixes bug in minimum name.
Adds wrappers around checking for up-ness so that they will contribute
to the watch loop

* Fixes upstream errors
7 years ago
Tim Rupp 2b1f056881
Fixes bugs in iapp template (#33478)
Fixes upstream bugs that broke downstream. Also fixes a name
matching error in the iApp's name
7 years ago
Tim Rupp f60b8a3abb
Fixes various things in bigip tests (#33477)
an upstream change was introduced that broke downstream code. This
path rectifies that error
7 years ago
Tim Rupp 1c373c112f
Minor fixes for gtm facts (#33476)
Removed unused code and fixed upstream changes that broke downstream
7 years ago
Tim Rupp e1062d1a7b
Refactors the gtm datacenter module (#33474)
* Refactors the gtm datacenter module

This module needed to be inline with current f5 coding standards.
This fixes that

* Fixes upstream errors
7 years ago
Tim Rupp 76135a500e
Refactors bigip device sshd (#33473)
* Refactors bigip device sshd

Fixes coding conventions for currect f5 conventions

* Fixes upstream errors
7 years ago
Tim Rupp a3b3dbe220
Refactors bigip_device_ntp (#33472)
* Refactors bigip_device_ntp

To be inline with current f5 conventions

* Fixed incorrect key
7 years ago
Tim Rupp 929a1df91d
Adds fixes to various bigip tests (#33471)
upstream changes broke downstream code. this rectifies that
7 years ago
Tim Rupp f6be12b5d8
Adds various fixes for bigip_config tests (#33470)
There were upstream changes that were incompatible with the downstream
code. This fixes those.
7 years ago
Samer Deeb 717b6e7c1a Add mlnxos_config module (#33356)
* Add new module mlnxos_config

Signed-off-by: Samer Deeb <samerd@mellanox.com>

* Add unit-test for mlnxos_config module

Signed-off-by: Samer Deeb <samerd@mellanox.com>
7 years ago
Tim Rupp 5fa25a0288
Adds fixes to bigip_asm_policy (#33440)
Integrates some upstream changes that were made and fixes several
spacing and testing errors
7 years ago
Toshio Kuratomi e499bccbaa
Port some tests away from nose as examples (#33437)
We don't need to use both nose and pytest.  Once we get rid of all uses
of nose we can remove the extra dependency
7 years ago
R. Francis Smith e957760d52 updated pamd rule args regexp to match file paths also (#33432)
* Added . and / to rule args regexp

Things like pam_echo.so file=/etc/foo.txt weren't being matched and
causing incorrect change counts.  Adding / and . fixed that.

Fixes #33351

* pamd: test argument with value

Relates #33351
7 years ago
Anil Kumar Muraleedharan bada3afee9 Adding module enos_config and its UT files (#33081)
* Adding module enos_config and its UT files

* Removing trailing line

* Removing trailing lines

* Editing enos_module.py to fix build errors

* Removing blank lines in end

* Updating enos_config.py based on review comments

* Adding one more blank line

* Removing training white space

* Removing test_enos_config_force method from UT

* Updating documentation

* Comments by John, Remove version_added: "2.5"
7 years ago
Toshio Kuratomi aa7bd8bc11 Port AnsibleModule deprecate and warning tests to pytest (#33162) 7 years ago
Nathaniel Case a1da3dc997
Auth to become (#33319)
* terminal.on_(de)?authorize -> terminal.on_(un)?become

* Update network_cli

* Readd on_(de)?authorize as wrappers

* Update tests
7 years ago
George Nikolopoulos 34f965addd New module: Issue NITRO requests to a Netscaler instance (network/netscaler/netscaler_nitro_request) (#33091)
* Add netscaler_nitro_request module

* Make changes as requested.

* Fix whitepsace in EXAMPLES block.

* Set module changed status according to operation performed.
7 years ago
Alex Monteiro 2114278947 DatacenterFactsModule for HPE OneView (#32701)
* Added support to Datacenter resources in HPE OneView

* Adjusting comments in oneview_datacenter_facts

* Adding no_log on the documentation

* Using Pytest to Oneview DatacenterFactsModule tests
7 years ago
Matt Martz 4fe08441be Deprecate tests used as filters (#32361)
* Warn on tests used as filters

* Update docs, add aliases for tests that fit more gramatically with test syntax

* Fix rst formatting

* Add successful filter, alias of success

* Remove renamed_deprecation, it was overkill

* Make directory alias for is_dir

* Update tests to use proper jinja test syntax

* Update additional documentation, living outside of YAML files, to reflect proper jinja test syntax

* Add conversion script, porting guide updates, and changelog updates

* Update newly added uses of tests as filters

* No underscore variable

* Convert recent tests as filter changes to win_stat

* Fix some changes related to rebasing a few integration tests

* Make tests_as_filters_warning explicitly accept the name of the test, instead of inferring the name

* Add test for tests_as_filters_warning

* Update tests as filters in newly added/modified tests

* Address recent changes to several integration tests

* Address recent changes in cs_vpc
7 years ago
Samer Deeb cbf28c20cb Add Support for Mellanox switches: first module: mlnxos_command (#33121)
* Add Support for Mellanox switches: first module: mlnxos_command

Signed-off-by: Samer Deeb <samerd@mellanox.com>

* Add cliconf support for mlnxos

Signed-off-by: Samer Deeb <samerd@mellanox.com>

* 1- Fix short description, 2- remove waitfor

Signed-off-by: Samer Deeb <samerd@mellanox.com>

* remove usage of check_args

Signed-off-by: Samer Deeb <samerd@mellanox.com>
7 years ago
Trishna Guha 25a465ffcb
loopback doesn't support passive_interface (#33252)
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
7 years ago
Ken Celenza 748107d369 Type manipulation (#28446)
* add type manipulation

* update for py3

* add tests for list to dict

* Add dict to list tests

* Update tests to search for regex in response

* pep8 clean up

* update Exception for py3

* update test to be py2/3 compat

* update for py26 compat

* potential fix for py3 and py26

* potential fix for py3 and py26 take2

* add new line to kick off shippable

* remove cache file created

* fix filter name

* add space for shipable
7 years ago
Ganesh Nalawade 3d63ecb6f3
Refactor junos modules to Use netconf and cliconf plugins (#32621)
* Fix junos integration test fixes as per connection refactor (#33050)

Refactor netconf connection plugin to work with netconf plugin

* Fix junos integration test fixes as per connection refactor (#33050)

Refactor netconf connection plugin to work with netconf plugin
Fix CI failure
Fix unit test failure
Fix review comments
7 years ago
James Cammarata d8ae4dfbf2 Adding aliases for field attributes and renaming async attribute (#33141)
* Adding aliases for field attributes and renaming async attribute

As of Python 3.7, the use of async raises an error, whereas before the use
of the reserved word was ignored. This adds an alias field for field attrs
so that both async and async_val (interally) work. This allows us to be
backwards-compatible with 3rd party plugins that may still reference Task.async,
but for the core engine to work on Py3.7+.

* Remove files fixed for 'async' usage from the python 3.7 skip list
7 years ago
jctanner 218987eac1
ANSIBLE_SSH_USETTY configuration option (#33148)
* Allow the user to circumvent adding -tt on ssh commands to help aid in
debugging ssh related problems.
* Move config to the plugin
* Set version_added
* Change yaml section to "connection"
* Fix ssh unit tests
7 years ago
Brian Coca ebd08d2a01 jsonify inventory (#32990)
* jsonify inventory
* smarter import, dont pass kwargs where not needed
* added datetime
* Eventual plan for json utilities to migrate to common/json_utils when we split
  basic.py no need to move jsonify to another file now as we'll do that later.
* json_dict_bytes_to_unicode and json_dict_unicode_to_bytes will also
  change names and move to common/text.py at that time (not to json).
  Their purpose is to recursively change the elements of a container
  (dict, list, set, tuple) into text or bytes, not to json encode or
  decode (they could be a generic precursor to that but are not limited
  to that.)
* Reimplement the private _SetEncoder which changes sets and datetimes
  into objects that are json serializable into a private function
  instead.  Functions are more flexible, less overhead, and simpler than
  an object.
* Remove code that handled simplejson-1.5.x and earlier.  Raise an error
  if that's the case instead.
  * We require python-2.6 or better which has the json module builtin to
    the stdlib.  So this is only an issue if the stdlib json has been
    overridden by a third party module and the simplejson on the system
    is 1.5.x or less.  (1.5 was released on 2007-01-18)
7 years ago
Matt Clay e45c763b64 Fix invalid string escape sequences. 7 years ago
Ganesh Nalawade 0ddf092ae3
Add new filter to parse xml output for network use cases (#31562)
* Add new filter to parse xml output for network use cases

Fixes #31026
*  Add parse_xml filter
*  Add documentation for parse_xml filter

* Edited for clarity.

* Fix review comment and add unit tests

* Fix unit test CI failure

* Fix CI issues

* Fix unit test failures

* Fix review comments

* More copy edits.
7 years ago
Corban Johnson d9a52db17d Adding RPC attribute parameters to junos_rpc network module (#32649)
* Adding RPC attribute arguments to `junos_rpc` network module.

* Specifying module argument version.

* Fixing DOCUMENTATION block.

* First attempt at new test fixture.

* Updated RPC_CLI_MAP.

* Use `result` instead of `reply`.
7 years ago
Mike Wiebe 95a2140f4b Use show command to support wider platform set for nxos_interface module (#33037)
* Use show command to support wider platform set

* Fix unit tests
7 years ago
Arnaud 84117e57ba nxos: 32 bits AS in as-dot format not recognized by regexp asn_regex (#30569)
* added test for 32 bits AS

* Lint not happy.
7 years ago
Tim Rupp c94d57311c
Adds bigip_vcmp_guest module (#33024)
This module can be used to manage guests on a vCMP provisioned BIG-IP.
vCMP is a hardware-only feature, therefore this module cannot be used
on the VE editions of BIG-IP.
7 years ago
Pilou a5c9726502 Unit tests: share common code (#31456)
* move set_module_args to units.modules.utils
* unit tests: reuse set_module_args
* unit tests: mock exit/fail_json in module.utils.ModuleTestCase
* unit tests: use module.utils.ModuleTestCase
* unit tests: fix 'import shadowed by loop variable'
7 years ago
Brian Coca 23b1dbacaf
Config continued (#31024)
* included inventory and callback in new config

allow inventory to be configurable
updated connection options settings
also updated winrm to work with new configs
removed now obsolete set_host_overrides
added notes for future bcoca, current one is just punting, it's future's problem
updated docs per feedback
added remove group/host methods to inv data
moved fact cache from data to constructed
cleaner/better options
fix when vars are added
extended ignore list to config dicts
updated paramiko connection docs
removed options from base that paramiko already handles
left the look option as it is used by other plugin types
resolve delegation
updated cache doc options
fixed test_script
better fragment merge for options
fixed proxy command
restore ini for proxy
normalized options
moved pipelining to class
updates for host_key_checking
restructured mixins

* fix typo
7 years ago
Tim Rupp 3f3c526026
Removes deprecated "append" param from snat pool (#32953)
This param was deprecated in 2.4 and slated for removal in 2.5. This
patch removes it.
7 years ago
Tim Rupp 0c1f493b6c
Adds module for managing bigip device connectivity (#32950)
This module is a critical part of the HA process for BIG-IPs.
7 years ago
Adrian Likins 86dc3c09ac
Fix vault --ask-vault-pass with no tty (#31493)
* Fix vault --ask-vault-pass with no tty

2.4.0 added a check for isatty() that would skip setting up interactive
vault password prompts if not running on a tty.

But... getpass.getpass() will fallback to reading from stdin if
it gets that far without a tty. Since 2.4.0 skipped the interactive
prompts / getpass.getpass() in that case, it would never get a chance
to fall back to stdin.

So if 'echo $VAULT_PASSWORD| ansible-playbook --ask-vault-pass site.yml'
was ran without a tty (ie, from a jenkins job or via the vagrant
ansible provisioner) the 2.4 behavior was different than 2.3. 2.4
would never read the password from stdin, resulting in a vault password
error like:

        ERROR! Attempting to decrypt but no vault secrets found

Fix is just to always call the interactive password prompts based
on getpass.getpass() on --ask-vault-pass or --vault-id @prompt and
let getpass sort it out.

* up test_prompt_no_tty to expect prompt with no tty

We do call the PromptSecret class if there is no tty, but
we are back to expecting it to read from stdin in that case.

* Fix logic for when to auto-prompt vault pass

If --ask-vault-pass is used, then pretty much always
prompt.

If it is not used, then prompt if there are no other
vault ids provided and 'auto_prompt==True'.

Fixes vagrant bug https://github.com/hashicorp/vagrant/issues/9033

Fixes #30993
7 years ago
Trishna Guha 3ee2501c83
multiple fixes nxos (#32903)
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
7 years ago
Anil Kumar Muraleedharan 177a4fb3ec Adding enos_command module and unit test (#32782)
* Adding git_command module and its UT file

* Changing Author Name and removing 2 blank lines

* Removing blank lines

* Adding enos_config and its UT files

* Removing config module as I am allowed to have only module per PR

* Work on Ganesh's Review comments

* John Review Comments on enos_command.py

* Review comments of John
7 years ago
Trishna Guha c40de24e9c
fix mtu check nxos_interface (#32880)
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
7 years ago
Trishna Guha f49555d494
nxos_bgp_neighbor_af feature idea disable-peer-as-check (#32665)
* nxos_bgp_neighbor_af feature idea disable-peer-as-check

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>

* Add unit test

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
7 years ago
Trishna Guha e4052c1261
Add mtu option nxos_interface feature idea (#32680)
* Add mtu option nxos_interface feature idea

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>

* Add unit test for mtu feature

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
7 years ago
Adrian Likins 9c58827410
Better handling of malformed vault data envelope (#32515)
* Better handling of malformed vault data envelope

If an embedded vaulted variable ('!vault' in yaml)
had an invalid format, it would eventually cause
an error for seemingly unrelated reasons.
"Invalid" meaning not valid hexlify (extra chars,
non-hex chars, etc).

For ex, if a host_vars file had invalid vault format
variables, on py2, it would cause an error like:

  'ansible.vars.hostvars.HostVars object' has no
  attribute u'broken.example.com'

Depending on where the invalid vault is, it could
also cause "VARIABLE IS NOT DEFINED!". The behavior
can also change if ansible-playbook is py2 or py3.

Root cause is errors from binascii.unhexlify() not
being handled consistently.

Fix is to add a AnsibleVaultFormatError exception and
raise it on any unhexlify() errors and to handle it
properly elsewhere.

Add a _unhexlify() that try/excepts around a binascii.unhexlify()
and raises an AnsibleVaultFormatError on invalid vault data.
This is so the same exception type is always raised for this
case. Previous it was different between py2 and py3.

binascii.unhexlify() raises a binascii.Error if the hexlified
blobs in a vault data blob are invalid.

On py2, binascii.Error is a subclass of Exception.
On py3, binascii.Error is a subclass of TypeError

When decrypting content of vault encrypted variables,
if a binascii.Error is raised it propagates up to
playbook.base.Base.post_validate(). post_validate()
handles exceptions for TypeErrors but not for
base Exception subclasses (like py2 binascii.Error).

* Add a display.warning on vault format errors
* Unit tests for _unhexlify, parse_vaulttext*
* Add intg test cases for invalid vault formats

Fixes #28038
7 years ago
Frederic Lepied 35f79370e1 mock ncclient import in test_connection.py (#32786) 7 years ago
Nathaniel Case 9c0275a879
Connection plugins network_cli and netconf (#32521)
* implements jsonrpc message passing for ansible-connection

* implements more generic mechanism for persistent connections
* starts persistent connection in task_executor if enabled and supported
* supports using network_cli as top level connection plugin
* enhances logging for persistent connection to stdout

* Update action plugins

* Fix Python3 RPC

* Fix Junos bytes<-->str issues

* supports using netconf as top level connection plugin

* Error message when running netconf on an unsupported platform
* Update tests

* Fix `authorize: yes` for `connection: local`

* Handle potentially JSON data in terminal

* Add clarifying detail if possible on ConnectionError
7 years ago
Ganesh Nalawade 37b0537279
Fix ios_config file prompt issue (#32744)
Fixes #23263

Add a carriage return (\r) at end on copy config
command which results in prompt on cli terminal
7 years ago
Brian Coca db749de5b8 namespace facts
updated action plugins to use new guranteed facts
updated tests to new data clean
added cases for ansible_local and some docstrings
7 years ago
cnasten f1fe467c22 nso_config module for setting configuration in Cisco NSO (#30973) 7 years ago
Evgeny Fedoruk 59b49329b1 Module for running templates and workflows on vDirect (#31243)
Modure for running configuration templates and workflows on Radware vDirect server
7 years ago
Evgeny Fedoruk a06f06a9a3 Module for committing pending configuration on Radware devices (#31776)
With this module, pending configurations can be commited
on Radware ADC devices.
7 years ago
Anil Kumar Muraleedharan 9d98452032 New enos_facts, + module_utils/enos.py. modifying copyright year in rest all (#31696)
* Squashing all commits to one as suggested by John

* Adding Unit test method for the module enos_facts.py

* Pep8 and Ylint issues addressed

* Trying again to remove blank line. Some scripts are required for this.

* Bug Fixing for interfaces

* Editing for over indenting issue

* E203 whitespace before ','

* Update enos.py

Added warnings argument as to check_args method

* Update enos_facts.py

Added warnings to check_args method
7 years ago
paulquack a5da2e44a1 ironware_config module (#32187) 7 years ago
paulquack 806f43a9c0 ironware_facts module (#32186) 7 years ago
Tim Rupp 2bf6ac6c78
Adds bigip_device_trust module (#32608)
This module can be used to manage trusts between two bigip devices.
7 years ago
James Mighion 749197b436 Updating the options to allow decryption and new save_when. (#32602) 7 years ago
Tim Rupp 06363f6ede
Removes bigip_snmp from skip file (#32530) 7 years ago
Tim Rupp 53940670fd
Removes bigip_qkview from skip file (#32529) 7 years ago
Tim Rupp 45787f6ef2
Removes bigip_provision from skip file (#32525) 7 years ago
Tim Rupp ab71a9de14
Removes bigip_irule from the skip file (#32509) 7 years ago
Jonathan Nuñez 67b1d0f274 CloudFormation module: get StackEvents when ClientRequestToken is not used (#32434)
* When getting the stack events we need to consider the case where we don't have ClientRequestToken fixes #32396

* Adding tests for the case when the ClientRequestToken is not present in the stack creation.

* Renaming the stack that the test for Client Request Token requires so it won't cause collisions with the basic test.
7 years ago
Pilou 43914b3837 Fix include_role unit tests (#31920)
* Ensure include_role unit tests check something

This is not the case: get_tasks_vars doesn't yield

* Fix include_role unit tests

Since e609618274, include_role are not
static anymore.
7 years ago
Tim Rupp 6b6df43eae
Removes bigip_iapp_template from the skip file (#32488) 7 years ago
Tim Rupp 015baf5149
Removes bigip_iapp_service from skip list (#32482) 7 years ago
Tim Rupp 60281b85fe
Refactored bigip_device_dns (#32483)
Module was using old coding standards. This updates the module
7 years ago
Tim Rupp cbc5c2d556
Removes bigip_hostname from skip file (#32479) 7 years ago
Tim Rupp d5d4683047
Removes bigip_snmp_trap from skip file (#32470) 7 years ago
Tim Rupp e3f1198a67
Removes bigip_ucs from skip file (#32462) 7 years ago
Tim Rupp 27188d46a9
Adds bigip_iapplx_package module (#32456)
This module can be used to manage the iAppLX packages you have
installed on a device. It can install and remove packages in
their RPM format.
7 years ago
Tim Rupp c239749052
Removes bigip_user from skip file (#32451) 7 years ago
Tim Rupp 83674af284
Removes virtual_address from skip file (#32425) 7 years ago
Dave Thelen 2c99cbc874 eos_eapi: adding the desired state config to the new vrf fixes #32111 (#32112)
* adding the desired state config to the new vrf fixes #32111

* fix default vrf initial configured

* add unit test
7 years ago
Sébastien DA ROCHA bc4ba6b638 Iptables unit tests (#30762)
* Add some tests for iptables

* Fix remove bug (calls 2 times check to remove a chain)

* Add me as maintainer

* Fix PEP8

* Doc: Give more information on issue #18988

* Fix #18988 and test it

* Fix doc (thanks Pillou)

* enable PEP8 check for iptables
7 years ago
Tim Rupp fc4580b4cc
Removes bigip ssl certificate from skip file (#32424) 7 years ago
Tim Rupp 6193d5bc65
Removes gtm wide ip from skip file (#32422) 7 years ago
Tim Rupp 8868b5fa85
Removes gtm pool from skip file (#32419) 7 years ago
Tim Rupp daaf8ca86c
Fixes skip imports for bigip_configsync_action module (#32413) 7 years ago
Tim Rupp 8f2b243a3e
Fixes bigip_config to remove from skip file (#32409) 7 years ago
Tim Rupp 8c5cd9c530
Removes bigip_command from the skip file (#32407)
Includes fixes and enhancements to make it unnecessary to include this
module in the skip file
7 years ago
Tim Rupp 8037eb7474
Various fixes for bigip_remote_syslog (#32404)
This patch addresses a number of issues, large and small, that were
identified by users in the downstream repo.

* formatting of some code
* specific option combinations leading to errors
* missing includes for unit tests
7 years ago
Paul Neumann 53fead7c96 ios_logging: Fix some smaller issues, add unit test (#32321)
* ios_logging: Fix typo in documentation

* ios_logging: Fix traceback when setting buffered destination without size

When the size parameter is not configured while configuring the buffered
destination, a traceback occurs due to the fact that validate_size expects the
parameter to be an int. Explicitely converting value to int makes the
check work for every case.

* ios_logging: Update size parameter documentation

Update the documentation of the size paramter to reflect the current behaviour
of setting a default of 4096 for the buffered dest.

* ios_logging: Add unit test

Add unit test for ios_logging testing the behaviour clarified in the previous
commits.

* ios_logging: Fix python 2.6 compliance
7 years ago
Ken Evensen 8724ff3eae pamd: fix issue with trailing commas in module_arguments 7 years ago
Paul Neumann 87f663b950 ios_system: Fix typo in unit test (#32284) 7 years ago
Tim Rupp 2a5f6c28cf
Adds bigip_asm_policy module (#32281)
This module can be used to import asm policies from file or existing
template. Supported file types are xml, compact xml, and binary
7 years ago
Tim Rupp a16db95ddb
Adds the bigip_ssl_key module (#32270)
This module's purpose is to specifically manage the ssl keys. It
is essentially the key component of the bigip_ssl_certificate module.
The modules were separated and the key portion deprecated from
bigip_ssl_certificate in favor of this module.
7 years ago
Tim Rupp cc4bbb2929 Various bigip_pool fixes (#32161)
* corrects copyrights and mocks in unit tests
* fixes module code to include code to cleanup tokens
7 years ago
Kedar K e2bed36d12 - Adds iosxr_netconf module to configure netconf service on IOSXR (#31715)
* - Adds iosxr_netconf module to configure netcong service on Cisco
  IOS-XR devices

* - Adds Integration test for module
- Handles diff return from load_config

* - Adds unit test for iosxr_netconf module
7 years ago
Ryan Brown 11c225e039 Start using ClientRequestTokens in event lists (#31997)
* Start using ClientRequestTokens in event lists

* Include request token in all reqs that support it (basically all but check mode/changeset)

* Update placebo recordings

* Add comments for CRQ popping
7 years ago
Kedar K 465fe5802b -Fixes JSON parsing(use JSON object instead of string) for facts modules. (#31818) 7 years ago
Tim Rupp 965e4151df Adds the bigip_policy module (#31915)
this module allows one to manage policies and re-order their
corresponding rules
7 years ago
Tim Rupp 8085c38e05 Refactors the bigip_gtm_facts module (#31917)
Includes pep fixes and inlining code with current conventions
7 years ago
Tim Rupp f94d337ef6 Adds new module allowing you to wait for a bigip (#31846)
Module allows you to wait for a bigip device to be
"ready" for configuration. This module will wait for things like
the device coming online as well as the REST API and MCPD being
ready.

If all of the above is not online and ready, then no configuration
will be able to be made.
7 years ago
paulquack 5a6ee054c0 Network command module for Brocade IronWare routers (#31429) 7 years ago
Chris Meyers cf938e9992 tests for InventoryModule error conditions (#31381)
* tests for InventoryModule error conditions

* modified unicode in tests to ahear to Ansible best practices

* flake8 fixes
7 years ago
Brian Coca 01b6c7c9c6 better cleanup on task results display (#27175)
* better cleanup on task results display

callbacks get 'clean' copy of result objects
moved cleanup into result object itself
removed now redundant callback cleanup
moved no_log tests

* moved import as per feedback
7 years ago
Tim Rupp 02cd881697 Refactors bigip_selfip (#31732)
In this refactor we moved to the most recent coding standards for
both F5 and Ansible. Many bugs were fixed and some features were
also added (such as ipv6 support).
7 years ago
Tim Rupp 0610f09dab Adds various provision fixes (#31731)
* vcmp provisioning support
* documentation fixes
* fixes for python3 causing an exception
7 years ago
Tim Rupp 53445ded84 Fixes documentation related bugs (#31730)
New conventions for ansible warrant fixes to accomodate those
in bigip_partition.

This patch also includes an import fix that can raise an error when
Ansible unit tests run
7 years ago
Tim Rupp a969a529ab Fixes various gtm pool issues (#31728)
Various formatting related fixes. Also fixed an idempotency problem
with the 'disabled' state
7 years ago
Brian Coca 386515281e additional configmanager tests
left placeholders for more
7 years ago
Adrian Likins 297dfb1d50 Vault secrets script client inc new 'keyring' client (#27669)
This adds a new type of vault-password script  (a 'client') that takes advantage of and enhances the 
multiple vault password support.

If a vault password script basename ends with the name '-client', consider it a vault password script client. 

A vault password script 'client' just means that the script will take a '--vault-id' command line arg.

The previous vault password script (as invoked by --vault-password-file pointing to an executable) takes
no args and returns the password on stdout. But it doesnt know anything about --vault-id or multiple vault
passwords.

The new 'protocol' of the vault password script takes a cli arg ('--vault-id') so that it can lookup that specific
vault-id and return it's password.

Since existing vault password scripts don't know the new 'protocol', a way to distinguish password scripts
that do understand the protocol was needed.  The convention now is to consider password scripts that are
named like 'something-client.py' (and executable) to be vault password client scripts.

The new client scripts get invoked with the '--vault-id' they were requested for. An example:

     ansible-playbook --vault-id my_vault_id@contrib/vault/vault-keyring-client.py some_playbook.yml

That will cause the 'contrib/vault/vault-keyring-client.py' script to be invoked as:

     contrib/vault/vault-keyring-client.py --vault-id my_vault_id

The previous vault-keyring.py password script was extended to become vault-keyring-client.py. It uses
the python 'keyring' module to request secrets from various backends. The plain 'vault-keyring.py' script
would determine which key id and keyring name to use based on values that had to be set in ansible.cfg.
So it was also limited to one keyring name.

The new vault-keyring-client.py will request the secret for the vault id provided via the '--vault-id' option.
The script can be used without config and can be used for multiple keyring ids (and keyrings).

On success, a vault password client script will print the password to stdout and exit with a return code of 0.
If the 'client' script can't find a secret for the --vault-id, the script will exit with return code of 2 and print an error to stderr.
7 years ago
Tim Rupp ecee475a3a This patch fixes a number of outstanding bugs and code convention problems. (#31618)
* documentation was not inline with other Ansible modules
* Python 3 specific imports were missing
* monitor_type is no longer required when creating a new pool; it is now the default.
* A new monitor_type choice of "single" was added for a more intuitive way to specify "a single monitor". It uses "and_list" underneath, but provides additional checks to ensure that you are specifying only a single monitor.
* host and port arguments have been deprecated for now. Please use bigip_pool_member instead.
* 'partition' field was missing from documentation.
* A note that "python 2.7 or greater is required" has been added for those who were not aware that this applies for ALL F5 modules.
* Unit tests were fixed to support the above module
7 years ago
Tim Rupp 381b18fd80 Adds a refactored bigip_monitor_http module. (#30998)
This patch refactors the bigip_monitor_http module to use REST
instead of SOAP. It additionally adds unit tests and current F5
code conventions.

Integration tests can be found here
* https://github.com/F5Networks/f5-ansible/blob/devel/test/integration/bigip_monitor_http.yaml
* https://github.com/F5Networks/f5-ansible/tree/devel/test/integration/targets/bigip_monitor_http/tasks
7 years ago
Brian Coca 12c8dd1893 config tests
also a couple of fixes to manager
7 years ago
James Mighion 50052b3d70 Adding a cli transport option for the bigip_command module. (#30391)
* Adding a cli transport option for the bigip_command module.

* Fixing keyerror when using other f5 modules. Adding version_added for new option in bigip_command.

* Removing local connection check because the F5 tasks can be delegated to any host that has the libraries for REST.

* Using the network_common load_provider.

* Adding unit test to cover cli transport and updating previous unit test to ensure cli was not called.
7 years ago
Ganesh Nalawade 88da95bb77 Fix rollback in junos_config (#31424)
* Fix rollback in junos_config

Fixes #30778

*  Call `load_configuration` with rollback id in case
   the id is given as input
*  Pass rollback id to `get_diff()` to fetch diff from device

* Fix unit test
7 years ago
Brian Coca d84df2405d move from with_<lookup>: to loop:
- old functionality is still available direct lookup use, the following are equivalent

  with_nested: [[1,2,3], ['a','b','c']]

  loop: "{{lookup('nested', [1,2,3], ['a','b','c'])}}"

- avoid squashing with 'loop:'
- fixed test to use new intenal attributes
- removed most of 'lookup docs' as these now reside in the plugins
7 years ago
Toshio Kuratomi 2db9b6d2ca Remove wildcard import in test_nclu 7 years ago
Tim Rupp 75c5d0fedc Adds the bigip_remote_syslog module
This patchs add a remote-syslog module that can be used by people
to manage their (basic, not HSL) syslog configuration
7 years ago
Pilou 1c9bffe248 pip module: fix TypeError (#31395)
* pip: add test: an error occurs when pip not found
* pip: fix TypeError exception when pip executable isn't found
7 years ago
Michael Vermaes fad3a4dc83 Fix typo in vault decrypt error message (#31335) 7 years ago
Sam Doran e7902d888c Make ansible_selinux facts a consistent type (#31065)
* Make ansible_selinux facts a consistent type

Rather than returning a bool if the Python library is missing, return a dict with one key containing a message explaining there is no way to tell the status of SELinux on the system becasue the Python library is not present.

* Fix unit test
7 years ago
Matt Clay a333f2e5b0 Fix ansible-test config management. 7 years ago
Tim Rupp 3717ff64cf Adds the bigip_monitor_https module (#31205)
This patch adds the https_monitor module which allows people
to create and manage HTTPS monitors.
7 years ago
Adrian Likins 65393e4747 Fix ansible_distribution on Ubuntu 10.04 (#31108)
The /etc/os-release based distro detection doesn't
seem to work for Ubuntu 10.04 (no /etc/os-release?).

So it was testing the next case which was /etc/lsb-release to
see if it is 'Mandriva'. Since the check for existence of
(/etc/lsb-release, Mandrive) was the first non-empty dist
file match, 'ansible_distribution' was being set to 'Mandriva'
expecting to be corrected by the data from the dist file content.

But since the dist file parsing for Mandriva didn't match for
Ubuntu 10.04 /etc/lsb-release _and_ there is no Debian specific
lsb-release check, 'ansible_distribution' stayed at 'Mandriva'
and the dist file checking loop keeps going and eventually off
the end of the list before finding a better match.

Adding a debian/ubuntu specific check for /etc/lsb-release after
the debian os-release sets the info correctly and stops further
checking of dist files.

Fixes #30693
7 years ago
Hervé Beraud db70eeb913 Feature/test inventory (#30707)
* [test] move inventory test to right path
* [feat] add unit test for yaml inventory plugin
7 years ago
Felipe Garcia Bulsoni 46fd083138 LogicalInterconnectGroupFactsModule for HPE OneView (#28847)
* Added support to retrieving LIG resources in HPE OneView

* Fixing copyright header according to review

* Swapping out config for full credentials in parameter for documentation
7 years ago
Felipe Garcia Bulsoni 7d74c126a9 EnclosureFactsModule for HPE OneView (#28852)
* Added support to retrieving Enclosures in HPE OneView

- Added unit tests

* Updated version_added to 2.5

* Changing return type of enclosure_script to string

* Fixing copyright header according to review

* Replaced config for credentials in parameters for documentation
7 years ago
Kedar K 916e6be888 - Fix to return error message back to the module. (#31035) 7 years ago
Adrian Likins 95abc1d82e Fix fact failures cause by ordering of collectors (#30777)
* Fix fact failures cause by ordering of collectors

Some fact collectors need info collected by other facts.
(for ex, service_mgr needs to know 'ansible_system').
This info is passed to the Collector.collect method via
the 'collected_facts' info.

But, the order the fact collectors were running in is
not a set order, so collectors like service_mgr could
run before the PlatformFactCollect ('ansible_system', etc),
so the 'ansible_system' fact would not exist yet. 

Depending on the collector and the deps, this can result
in incorrect behavior and wrong or missing facts.

To make the ordering of the collectors more consistent
and predictable, the code that builds that list is now
driven by the order of collectors in default_collectors.py,
and the rest of the code tries to preserve it.

* Flip the loops when building collector names

iterate over the ordered default_collectors list
selecting them for the final list in order instead
of driving it from the unordered collector_names set.

This lets the list returned by select_collector_classes
to stay in the same order as default_collectors.collectors

For collectors that have implicit deps on other fact collectors,
the default collectors can be ordered to include those early.

* default_collectors.py now uses a handful of sub lists of
collectors that can be ordered in default_collectors.collectors.

fixes #30753
fixes #30623
7 years ago
Felipe Garcia Bulsoni 637571abfb Added new module for managing LIGs in HPE OneView 7 years ago
Adrian Likins a14d0f3586 Use vault_id when encrypted via vault-edit (#30772)
* Use vault_id when encrypted via vault-edit

On the encryption stage of
'ansible-vault edit --vault-id=someid@passfile somefile',
the vault id was not being passed to encrypt() so the files were
always saved with the default vault id in the 1.1 version format.

When trying to edit that file a second time, also with a --vault-id,
the file would be decrypted with the secret associated with the
provided vault-id, but since the encrypted file had no vault id
in the envelope there would be no match for 'default' secrets.
(Only the --vault-id was included in the potential matches, so
the vault id actually used to decrypt was not).

If that list was empty, there would be an IndexError when trying
to encrypted the changed file. This would result in the displayed
error:

ERROR! Unexpected Exception, this is probably a bug: list index out of range

Fix is two parts:

1) use the vault id when encrypting from edit

2) when matching the secret to use for encrypting after edit,
include the vault id that was used for decryption and not just
the vault id (or lack of vault id) from the envelope.

add unit tests for #30575 and intg tests for 'ansible-vault edit'

Fixes #30575
7 years ago
Kedar K 4c21563ac6 - Adds sub-interface support for nxos_interface and nxos_ip_interface (#30830)
- Support dot1 encapsulation on routed sub-interface
7 years ago
Adrian Likins 3eab636b3f Fix 'distribution' fact for ArchLinux (#30723)
* Fix 'distribution' fact for ArchLinux

Allow empty wasn't breaking out of the process_dist_files
loop, so a empty /etc/arch-release would continue searching
and eventually try /etc/os-release. The os-release parsing
works, but the distro name there is 'Arch Linux' which does
not match the 2.3 behavior of 'Archlinux'

Add a OS_RELEASE_ALIAS map for the cases where we need to get
the distro name from os-release but use an alias.

We can't include 'Archlinux' in SEARCH_STRING because a name match on its keys
but without a match on the content causes a fallback to using the first
whitespace seperated item from the file content as the name.
For os-release, that is in form 'NAME=Arch Linux'

With os-release returning the right name, this also supports the
case where there is no /etc/arch-release, but there is a /etc/os-release

Fixes #30600

* pep8 and comment cleanup
7 years ago
Adrian Likins 12404f470a Fix pkg_mgr fact on OpenBSD (#30725)
* Fix pkg_mgr fact on OpenBSD

Add a OpenBSDPkgMgrFactCollector that hardcodes pkg_mgr
to 'openbsd_pkg'. The ansible collector will choose the
OpenBSD collector if the system is OpenBSD and the 'Generic'
one otherwise.

This removes PkgMgrFactCollectors depenency on the
'system' fact being in collected_facts, which also
avoids ordering issues (if the pkg mgr fact is collected
before the system fact...)

Fixes #30623
7 years ago
Ganesh Nalawade d72eb08902 Fix nxos provider transport warning issue (#30610)
* Fix nxos provider transport warning issue

*  Add default value of transport arg in provider spec
*  Remove default value if transport arg in top level spec
   This ensure deprecation warning is seen only in case transport
   is given as a top level arg in task
*  Refactor nxos modules to reference transport value from provider
   spec

* Fix unit test

* Remove transport arg assignment in nxos action plugin

* As assigning transport value is handled in provider spec
  top level task arg assignment is no longer required
7 years ago
Tim Rupp 0eb0d96286 Adds module which allows users to manage partitions on a BIG-IP (#30577) 7 years ago
dteach ca56a248d8 junos_facts: Add Hardware facts. (#30304)
* Add Routing Engine Facts

 - Map routing engine output information to routing_engines facts dict.
 - Add fact 'has_2RE', which is a quick way to determine how many REs
   the chassis has.

* Fix a typo

* Fix more typos

* Add slot number to routing_engine dict

* Add facts about the installed chassis modules

* Fix typo

* Fixed another typo

* Fix Path

* Change path again.

* More Typos

* Add some deubgging

* Add additional information for hardware components.

 - Return information about the Routing Engines.
 - Return a fact to easily determine if the device
   has two routing engines.
 - Return information about the hardware modules.

* Addressed pep8 stardard failures.

* Add unit test fixtures.

* Rename fixture.

* Fix unit test failures.

 - Rename the fixture file to what the unit test expects.
 - Strip out junos namespace attributes.
Rename file to match what the unit test expects.

* Scrubbed the routing engine serial numbers.

* Add unit test facts for new tests.

 - Add unit test for ansible_net_routing_engines fact
 - Add unit test for ansible_net_modules fact
 - Add unit test for ansible_net_has_2RE

* Fixed spacing.
7 years ago
Adrian Likins 307be59092 Don't ask for password confirm on 'ansible-vault edit' (#30514)
* Don't ask for password confirm on 'ansible-vault edit'

This is to match the 2.3 behavior on:

        ansible-vault edit encrypted_file.yml

Previously, the above command would consider that a 'new password'
scenario and prompt accordingly, ie:

        $ ansible-vault edit encrypted_file.yml
        New Password:
        Confirm New Password:

The bug was cause by 'create_new_password' being used for
'edit' action. This also causes the previous implicit 'auto prompt'
to get triggered and prompt the user.

Fix is to make auto prompt explicit in the calling code to handle
the 'edit' case where we want to auto prompt but we do not want
to request a password confirm.

Fixes #30491
7 years ago
Toshio Kuratomi 0a69e27e62 Fix jenkins_plugin test for no net situations (#30568)
Unittests are sometimes run without network connectivity in build
systems.  Make that work correctly by mocking out _get_url_data with the
expected return value.
7 years ago
Matt Clay dbf9634b1b Enable more pylint rules and fix reported issues. (#30543)
* Enable pylint invalid-encoded-data test.
* Enable pylint anomalous-unicode-escape-in-string test.
7 years ago
Matt Clay 7714dcd04e Enable more pylint rules and fix reported issues. (#30539)
* Enable pylint unreachable test.
* Enable pylint suppressed-message test.
* Enable pylint redundant-unittest-assert test.
* Enable pylint bad-open-mode test.
* Enable pylint signature-differs test.
* Enable pylint unnecessary-pass test.
* Enable pylint unnecessary-lambda test.
* Enable pylint raising-bad-type test.
* Enable pylint logging-not-lazy test.
* Enable pylint logging-format-interpolation test.
* Enable pylint useless-else-on-loop test.
7 years ago
Dag Wieers 6a6f88d035 Clean up ACI error text (#30501)
* Clean up ACI error text
* Get rid of explicit unicode strings, use PY2
7 years ago
Toshio Kuratomi 1fa3fb45bc Update aci tests for new messages from lxml-4.0+ 7 years ago
Mike Wiebe 173c41aefe Rel240/fix nxos pim interface (#29885)
* fix nxos_pim_interface

* Add integration test coverage and fix unit test

* Add clarifying comments

* Make ansibot happy
7 years ago
Ganesh Nalawade 3ff527b1d2 Fixes #30281 eos_banner integration test failure (#30283)
* Fixes #30281 Configure login prompt for eos_banner

* Fix unit test

* Fix pep8 issue
7 years ago
Felipe Garcia Bulsoni 18707136e2 Added support to retrieving SAN Manager resources in HPE OneView
- Added unit tests
- Added _main_ function to oneview unit tests which were missing it
7 years ago
Felipe Garcia Bulsoni eeb8128baf Added __main__ method to tests so they can be run directly through Python 7 years ago
Matt Clay 442af3744e Miscellaneous pylint fixes.
The following rules are no longer disabled:

- bad-format-string
- duplicate-key
- lost-exception
- trailing-newlines
- unexpected-keyword-arg
- useless-suppression
- using-constant-test
7 years ago
Matt Clay 68aeaa58a8 Fix dangerous default args. (#29839) 7 years ago
Tim Rupp 74ace093b8 Renames the bigip_configsync_actions module (#29747)
Retains the old name by making a symlink. We can remove it in a later
release.
7 years ago
Miguel Ángel Ajo 8e4f112b39 Fixes #23680 bug with py3.x due to binary string handling (#23688)
* This commit includes a unit test to exercise the _is_role
function and make sure it doesn't break in any Python version.
* Import os.path and other minor fixups
7 years ago
Toshio Kuratomi 75249e311e Fix set theory filters for python3
The set theory filters need to use lists rather than generators on python3.

Also add unit tests for most of the mathstuff filters

Fixes #26494
7 years ago
Brian Coca fe3b4325c2 less confusing 'args' message (#29053)
* less confusing 'args' message

* fix test

* gone native
7 years ago
Nathaniel Case f84ff216b6 Generalize nxos_bgp event-history detection (#28890)
* More general handling of event-history

* Update unit tests
7 years ago
Nathaniel Case 8bfdbd0f73 nxos_bgp_neighbor: Fix regex &report warnings (#28888)
* Fix over-detection of log-neighbor-as

* Report nxos warnings

* Update nxos_bgp_neighbor unit tests to test remove-private-as
7 years ago
Trishna Guha 252efcebf5 module should fail if eos_user is added without configured_password or nopassword or sshkey (#28780)
* module should fail if eos_user is added without configured_password or nopassword or sshkey

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>

* fix eos_user unit test

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>

* fix eos_user integration test

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
7 years ago
Felipe Garcia Bulsoni fd304d9b5b Added support to SAN Manager resource in HPE OneView (#28787)
- Added unit tests
7 years ago
Felipe Garcia Bulsoni 1e785d4117 FcoeNetworkFactsModule for HPE OneView (#28728)
* Add FcoeNetworkFactsModule for retrieving HPE OneView FCoE Networks

- Allow querying for FCoE Network resources in HPE OneView
- Adds unit tests to new module

* Fix "required: no"
7 years ago
Felipe Garcia Bulsoni 6ea2099ee4 EthernetNetworkFactsModule for HPE OneView (#28723)
* Adds EthernetNetworkFactsModule for retrieve HPE OneView

- Allows retrieving Ethernet Network resources from HPE OneView
- Adds unit tests

* Removed required: no
7 years ago
Felipe Garcia Bulsoni a4ae8536d9 NetworkSetFactsModule for HPE OneView (#28730)
* Add NetworkSetFactsModule for retrieving HPE OneView Network Sets

- Allow querying for Network Set resources in HPE OneView
- Adds unit tests to new module
- Updates oneview_module_loader copyright header to short GPL3 version

* Adding possibility to pass in credentials as parameters

* Removed required false and changed format of filter_by_name declaration

* Updated examples in docs to reflect new way to pass in credentials

- All examples of the oneview_network_set_facts updated to use
credential parameters
- All required=False from oneview base module removed
- Shared docs updated to bring attention to API version being used
7 years ago
jacky.chen 75998d3ca3 [cloud] Add the ability to modify shard count to kinesis_stream module (#24805)
* Add the ability to modify shard count to kinesis_stream module

* Fixed an issue in kinesis_stream where update() reports not changed when it is changed

* Remove unreachable message and make the try and catch block shorter
7 years ago
Mike Wiebe d9fc3def94 Fixes #28779 eth_mode key error (#28782)
* Fixes #28779 eth_mode key error

* Remove unused get_config references

* Addressed PR comment
7 years ago
Nathaniel Case 64dac346c9 Fix nxos_pim_interface dr-priority handling (#28472)
* Fix nxos_pim_interface dr-priority handling

* Prefer execute_show over `| json`

* Mock get_config

* Fix sparse-mode detection
7 years ago
Brian Coca aec1dfd1fa fix improt order to actually skip when no boto 7 years ago
Jacob McGill 1c4fe510d0 IOS Ping: Add new module to support ping tests from IOS devices (#28557)
* IOS Ping: Add new module to support ping tests from IOS devices

* Add tests

* Add fixtures for ios_ping
7 years ago
Kai 3251aecd95 Fix leading slashes being stripped from mount src (#24013)
* Tidy mount module for testing

Fix spelling mistakes in comments. I *think* the example for omitting parents
root has the wrong parent ID.

Make mountinfo file a parameter for testing.

* Don't strip leading slash from mounts

The current code does not follow the example, it produces src=tmp/aaa instead
of src=/tmp/aaa. This causes problems with bind mounts under /rootfs.

* Use dictionary to store mounts by ID

Instead of looping over each one to check if the ID matches. This does not
preserve the order of the output on < Python3.6, but that is not necessary.

* Make linux_mounts a dict

Always accessed by 'dst', so avoid looping by just making it a key.

* Add test case for get_linux_mounts
7 years ago
Brian Coca f9b3f4f934 make groups magic var dependant on inventory (#28677)
* make groups magic var dependant on inventory

it was overtly restricted by 'host'
minor fixes to test_var_manager.py, need to test other values also

* pepe hates extra blank line
7 years ago
Michael De La Rue fbec5ab12d [cloud] new module lambda_policy (PR #24951)
- Fixes to lambda
- reformatting + tests for lambda_facts
- lambda module integration test
- switch lambda and lambda_facts to AnsibleAwsModule
- Get the account ID from STS, GetUser, and finally error message
7 years ago
Mike Wiebe 3d46258cff Refactor/fix nxos_nxapi to use show run (#28675)
* Refactor/fix nxos_nxapi to use show run

* Fix unit tests

* Python 3 compatibility
7 years ago
Felipe Garcia Bulsoni 791a029203 Added support to HPE Network Set resources (#28614)
- Added unit tests
7 years ago
Felipe Garcia Bulsoni 978c64afc5 Support retrieving Facts about Fibre Channel resource of HPE OneView (#28608)
* Added FcNetworkFactsModule to query FC Network Resources in HPE OneView

- Added unit tests

* Removing unnecessary quotes from example and documentation
7 years ago
George Nikolopoulos c01dd6470c Add disable operation for netscaler_servicegroup (#28327) 7 years ago
George Nikolopoulos 2281a6676b Add enable, disable operation in netscaler_service (#28321) 7 years ago
Evgeny Fedoruk 71313ce04d Module for uploading templates into vDirect server (#27570)
* Module for uploading templates into vDirect server

Module for uploading configuration and workflow templates
into Radware vDirect server

* Module for uploading templates into vDirect server

Module for uploading configuration and workflow templates
into Radware vDirect server
7 years ago
Peter Sprygada 75293d83ca configures address-families when vrf is created (#28615)
* configures address-families when vrf is created

fixes #26725

* fix up unit test cases
7 years ago
Nicolas Porcel ba420c47cd synchronize: Use private_key and ssh_user with delegate_to (Fixes #16215) (#21686) 7 years ago
Sloane Hertel cf1a9d4d22 New module: Add ec2 Vpn Connection module and tests (cloud/amazon/ec2_vpc_vpn) (#24385)
* Add VPN module and unittests

* remove unnecessary imports

* fix documentation

* raise custom exception rather than passing module everywhere

* remove recordings

Rerecord tests

Fix docs

Ensure vpn_connection_id is a list of strings when checking if it exists

* fix check mode

* Rerecord tests

* remove superfluous code and comments and make exception handling uniform

fix docs

* Fix ec2_vpc_vpn documentation

* make ec2_vpc_vpn compatible with python 2.6 and make check mode logic more succinct

* fix comparison of list of dicts

* Fix typos and docstrings

make requested changes for imports

make code clearer

* Fix copyright and metadata version.
7 years ago
Felipe Garcia Bulsoni fb6ed8d76c EthernetNetworkModule for HPE OneView (#28336)
* Adding module to manage ethernet network on HPE OneView

* Adding unit tests to EthernetNetwork module

* Added OneViewModuleException custom exceptions to module

- Removed exception imports from hpOneView
- Updated unit tests

* Fixing mock import inside ethernet network module unit test

* Fixing issues found in METADATA by CI

* Updated paths to use solution name instead of vendor name

* Fixed documentation, removed redundant if and improved readability

* Updated _bulk_present to use and return `result`, same way as _present

* Changed __ to _ in private methods following ansible style

* Fixed some example inconsistencies and turned states doc into a list

* Added adriane-cardozo to list of maintainers
7 years ago
Brian Coca 725d4d4bc8 added diff as new keyword (#28581)
added diff to fake options in ec2_vpc_nat_gateway test
7 years ago
Michael Tinning 282e743eb0 elb_application_lb: fix issue with boto parameter validation on Rules (#27333) 7 years ago
Sloane Hertel 24b49c2539 [cloud] New module: AWS Direct Connect connection (#26152)
* New module for AWS Direct Connect connections

Unittests for new module

Added utils that will be used by other Direct Connect modules

* pep8 fixes

* Correct aws_direct_connect_connection EXAMPLES to be valid yaml

* Make requested changes

* remove use of the variable changed

get rid of unnecessary parentheses

* Fix unit test

* Rename variable.

* Fix metadata version
7 years ago
Sloane Hertel a48e0b5101 New Module to manage AWS direct connect link aggregation groups (#27250)
* Add module_utils/aws/direct_connect.py for frequently used functions

* new AWS Direct Connect link aggregation group module with tests and placebo recordings

* remove extra argument

* Remove use of undefined var

* Fix param name for extra exception codes for AWSRetry to use.

* Fix undefined var and line length and metadata version number

* Fix copyright headers
7 years ago
Felipe Garcia Bulsoni 84005498bc Support Fibre Channel over Ethernet resource of HPE OneView (#28359)
* Added new oneview_fcoe_network module and unit tests

* Fixing metadata issues and importing unittest from ansible.compat.tests

* Fixing shebang and adding correct copyright header

* Renamed remote_management/hpe to remote_management/oneview

* Updated documentation and default state according to review comments

- Added present as the default state
- Added delegate_to: localhost in all examples
- Changed config path from a variable to illustrate a location
- Other documentation fixes
7 years ago
Sloane Hertel 7551e8c921 AWSRetry: allow retrying on additional ClientError exceptions (#28483)
* Added the ability to extend the exception list in CloudRetry

* AWSRetry boto and boto compatible

* Updated tests to reflect boto/boto3

* Added boto to shippable requirements

* Have base_class and added_exceptions default to None in CloudRetry

AWSRetry - only retry on boto3 exceptions and remove boto requirement from tests

* Make requested changes.
7 years ago
Brian Coca 788a0d1b9e skip test when no s3 lib 7 years ago
Mike Wiebe ec11cd2696 nxos_bgp_neighbor_af fix problem with advertise-map properties (#28413)
* Fix problem with advertise-map properties

* Change limit_to back to run all tests

* Fix unit tests

* Move advertise_map out of get_custom_value
7 years ago
David Newswanger b818e986b6 Change network *_user modules to use configured_password to set a users password (#28187)
* WIP, update eos_user args

* refactor password for ios_user

* add eos tests, fix ios tests

* fixed password check

* refactor iosxr_user password

* fixed password arg for nxos

* [WIP] fix vyos_user password

* fix vyos tests

* update docs for net_user

* fix typo

* fix eos tests

* add warning when attempting to use password arg

* fix sanity/unit tests

* fix eos unit tests

* fix vyos_user aggregate

* fix typo in eos documentation string

* re add configured_password to vyos tests after rebase
7 years ago
George Nikolopoulos b339f23485 Various small fixes (#27766) 7 years ago
Peter Sprygada 6886153b54 refactors nxos_vrf_af module (#28208)
* refactors nxos_vrf_af module

fixes #27595

* fix up unit test cases

* add commands to result dict

* add route-target on afi create

* adds deprecation note to safi argument
7 years ago
David Newswanger a37c5e53e6 fix prompt error when deleting ios user (#28175)
* fix prompt error when deleting ios user

* placate pep8

* wrap delete user command in function

* fix python 3 unit tests
7 years ago
Trishna Guha ce3d1c6ba0 eos_user fix username param (#28114)
* eos_user fix username param

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>

* Add setup eos_user test and rename username for consistency

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>

* update unit test and pep8 fix

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>

* pep8 fix
7 years ago
Toshio Kuratomi af2073d057 metadata 1.1
* Add network value to support_by field.
* New support_by value, certified
* Deprecate curated in favor of certified
* Add conversion from 1.0 to 1.1 to metadata-tool
* Add supported by Red Hat field to ansible-doc output
7 years ago
Pierre-Louis Bonicoli c6efb81707 circonus_annotation: reason becomes a string 7 years ago
Pierre-Louis Bonicoli 2bbe99dc26 circonus_annotation: add unit tests 7 years ago
Brian Coca f921369445 Ansible Config part2 (#27448)
* Ansible Config part2

- made dump_me nicer, added note this is not prod
- moved internal key removal function to vars
- carry tracebacks in errors we can now show tracebacks for plugins on vvv
- show inventory plugin tracebacks on vvv
- minor fixes to cg groups plugin
- draft config from plugin docs
- made search path warning 'saner' (top level dirs only)
- correctly display config entries and others
- removed unneeded code
- commented out some conn plugin specific from base.yml
- also deprecated sudo/su
- updated ssh conn docs
- shared get option method for connection plugins
- note about needing eval for defaults
- tailored yaml ext
- updated strategy entry
- for connection pliugins, options load on plugin load
- allow for long types in definitions
- better display in ansible-doc
- cleaned up/updated source docs and base.yml
- added many descriptions
- deprecated include toggles as include is
- draft backwards compat get_config
- fixes to ansible-config, added --only-changed
- some code reoorg
- small license headers
- show default in doc type
- pushed module utils details to 5vs
- work w/o config file
- PEPE ATE!
- moved loader to it's own file
- fixed rhn_register test
- fixed boto requirement in make tests
- I ate Pepe
- fixed dynamic eval of defaults
- better doc code

skip ipaddr filter tests when missing netaddr
removed devnull string from config
better becoem resolution

* killed extra space with extreeme prejudice

cause its an affront against all that is holy that 2 spaces touch each other!

shippable timing out on some images, but merging as it passes most
7 years ago
Adrian Likins 8003437ebc prompt for new pass on create/encrypt if none specified (#28185)
* prompt for new pass on create/encrypt if none specified

Make 'ansible-vault' edit or encrypt prompt for a password
if none or provided elsewhere.

Note: ansible-playbook does not prompt if not vault password
is provided

* dont show vault password prompts if not a tty
7 years ago
saichint d69440c4ef Fix nxos_vpc issues (#28188)
* fix for nxos_vpc issues

* fix unit tests

* clean documentation
7 years ago
Adrian Likins 5739bb075f Vault secrets default vault ids list (#28190)
* Add config option for a default list of vault-ids

This is the vault-id equilivent of ANSIBLE_DEFAULT_PASSWORD_FILE
except ANSIBLE_DEFAULT_VAULT_IDENTITY_LIST is a list.
7 years ago
Adrian Likins e287af1ac8 Vault secrets empty password (#28186)
* Better handling of empty/invalid passwords

empty password files are global error and cause an
exit. A warning is also emitted with more detail.

ie, if any of the password/secret sources provide
a bogus password (ie, empty) or fail (exception,
 ctrl-d, EOFError), we stop at the first error and exit. 

This makes behavior when entering empty password at
prompt match 2.3 (ie, an error)
7 years ago
3onyc 554496c404 [passwordstore] Use builtin _random_password function instead of pwgen (#25843)
* [password] _random_password -> random_password and moved to util/encrypt.py
* [passwordstore] Use built-in random_password instead of pwgen utility
* [passwordstore] Add integration tests
7 years ago
saichint 9d84a4e530 fix for nxos_ospf_vrf invalid cmd and ntp errors (#27977)
* fix for nxos_ospf_vrf invalid cmd

* fix for nxos_ntp issues
7 years ago
Toshio Kuratomi 3edac559d3 the smart transport is broken by ssh retry code
1fe67f9 introduced retries to the ssh connection put file and fetch
file.  Unfortunately, that change broke the smart transport because it
started raising exceptions instead of returning from _run().  This
breakage is documented in #23711.

An attempt to fix it was made at #23717 but the first attempt was
objected to as needing to touch too much code.  The second attmept was
objected to as smart was forced to encapsulate retries (thus retrying
a sftp "rety" times before trying scp "retry" times and then finally
moving onto piped).  This third attempt has retries encapsulate smart.
So each sub-transport is tried once and if all three fail, another retry
attempt is made which tries each of the three again.

Fixes #23711
Fixes #23717
7 years ago
Trishna Guha 60ce6438e3 fix nxos_overlay_global idempotence (#28150)
* fix nxos_overlay_global idempotence

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>

* modify nxos_overlay_global unittest

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
7 years ago
David Newswanger a01aa6e9df Fix structured output not supported in nxos_pim_interface (#28125)
* fixed unstructured error

* fix unit tests so they accept commands in dictionary form
7 years ago
Trishna Guha 12460dd713 Add ios_vrf declarative intent config check (#28001)
* Add ios_vrf declarative intent config check

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>

* add version for delay param

* modify ios_vrf unit test
7 years ago
Pierre-Louis Bonicoli 94a327dd09 rhn_channel: add unit tests 7 years ago
Sloane Hertel 1de91a9aa0 [cloud] Convert `s3` module to use boto3 (#21529)
* replace boto with boto3 for the s3 module

make s3 pep8 and remove from legacy files

fix s3 unit tests

* fix indentation

* s3 module - if we can't create an MD5 sum return None and always upload file

* remove Location.DEFAULT which isn't used in boto3 and tidy up the docs

* pep8

* s3: remove default: null, empty aliases, and required: false from documentation

fix incorrectly documented defaults

* Porting s3 to boto3. Simplify some logic and remove unused imports

* Fix s3 module variables

* Fix a typo in s3 module and remove from pep8 legacy files

* s3: add pagination for listing objects.

Fix logic and use head_object instead of get_object for efficiency.

Fix typo in unit test.

* Fix pagination to maintain backwards compatibility.

Fix incorrect conditional.

Remove redundant variable assignment.

Fix s3 list_object pagination to return all pages

* Use the revised List Objects API as recommended.

* Wrap call to paginated_list in a try/except

Also remembered to allow marker/prefix/max_keys to modify what keys are listed

* Simplify argument
7 years ago
Ganesh Nalawade 3b0e9ded91 Fix fallback and boolean check in argspec (#27994)
Fixes #27978

*  Add missing assignment for param key in fallback handling
*  Add check for frozenset type
*  Unit testcase
7 years ago
Adrian Likins 220db9cdd2 Better vault pass prompt behav on EOF, more unit tests (#27981) 7 years ago
Adrian Likins 82f550e8cd Add prompt formats for 2.3 compat ask-vault-pass (#27974)
The prompt_formats dict didn't get the 'prompt_ask_vault_pass'
item added for interactive --ask-vault-pass, which
caused "KeyError: u'prompt_ask_vault_pass'"

Fixes #27885
7 years ago
Zac Medico 501fc7a248 template: fix KeyError: 'undefined variable: 0 (#27972)
* template: fix KeyError: 'undefined variable: 0

For compatibility with the Context.get_all() implementation
in jinja 2.9, make AnsibleJ2Vars implement collections.Mapping.
Also, make AnsibleJ2Template.newcontext() handle dict type
for the 'vars' parameter.

See: d67f0fd4cc
Fixes: https://github.com/ansible/ansible/issues/20494

* add units/template/test_vars

* intg tests for jinja-2.9 issues like 20494

test cases here are based on
https://github.com/ansible/ansible/issues/20494#issue-202108318
7 years ago
Nathaniel Case a78f3faa6c nxos_bgp_neighbor_af does not want required_together (#26370)
* nxos_bgp_neighbor_af does not want required_together

* fixup tests

* Fix max_prefix_* issues

* Require address-family

* Fix idempotency for next_hop_third_party

* Fix idempotency for allowas_in*

* Fix idempotency for *_in and *_out

* Reorder command generation again

`default` is first, then `max-prefix`, then booleans
7 years ago
Nathaniel Case c1bf74283e Network load_config: Capture configuration output and display as warnings (#27851)
* Capture configuration output and display as warnings

* Don't break on nxapi

nxapi errors very loudly instead, so no need to muck about with warnings
7 years ago
Adrian Likins c38ff3b8f8 pylint fixes for vault related code (#27721)
* rm unneeded parens following assert
* rm unused parse_vaulttext_envelope from yaml.constructor
* No longer need index/enumerate over vault_ids
* rm unnecessary else
* rm unused VaultCli.secrets
* rm unused vault_id arg on VaultAES.decrypt()

pylint: Unused argument 'vault_id'
pylint: Unused parse_vaulttext_envelope imported from ansible.parsing.vault
pylint: Unused variable 'index'
pylint: Unnecessary parens after 'assert' keyword
pylint: Unnecessary "else" after "return" (no-else-return)
pylint: Attribute 'editor' defined outside __init__

* use 'dummy' for unused variables instead of _

Based on pylint unused variable warnings.

Existing code use '_' for this, but that is old
and busted. The hot new thing is 'dummy'. It
is so fetch.

Except for where we get warnings for reusing
the 'dummy' var name inside of a list comprehension.

* Add super().__init__ call to PromptVaultSecret.__init__
pylint: __init__ method from base class 'VaultSecret' is not called (super-init-not-called)

* Make FileVaultSecret.read_file reg method again

The base class read_file() doesnt need self but
the sub classes do.

Rm now unneeded loader arg to read_file()

* Fix err msg string literal that had no effect
pylint: String statement has no effect

The indent on the continuation of the msg_format was wrong
so the second half was dropped.

There was also no need to join() filename (copy/paste from
original with a command list I assume...)

* Use local cipher_name in VaultEditor.edit_file not instance
pylint: Unused variable 'cipher_name'
pylint: Unused variable 'b_ciphertext'

Use the local cipher_name returned from parse_vaulttext_envelope()
instead of the instance self.cipher_name var.

Since there is only one valid cipher_name either way, it was
equilivent, but it will not be with more valid cipher_names

* Rm unused b_salt arg on VaultAES256._encrypt*
pylint: Unused argument 'b_salt'

Previously the methods computed the keys and iv themselves
so needed to be passed in the salt, but now the key/iv
are built before and passed in so b_salt arg is not used
anymore.

* rm redundant import of call from subprocess
pylint: Imports from package subprocess are not grouped

use via subprocess module now instead of direct
import.

* self._bytes is set in super init now, rm dup

* Make FileVaultSecret.read_file() -> _read_file()

_read_file() is details of the implementation of
load(), so now 'private'.
7 years ago
mzizzi 4648dc9702 [cloud] Add more configurable backoff implementations to CloudRetry/AWSRetry (#27251) 7 years ago
Pilou b57af4428d rhn_register: fix broken imports, add unit tests (#26878)
Fix 'module' object is not callable

* rhn_register: fix Python 3 compatibility
* rhn_register: update requirements
* rhn_register: add unit tests
* Add missing method name
* use a dedicated line for XML related requirements
* rhn_register: drop support for Python 2.4
* rhn_register unit tests: fix Python 3 compatibility
* refactor in order to check order of the requests
7 years ago
Philippe Dellaert 6d33e59ca1 Fix for subspec options validation issue #27715 (#27728)
* Fix for issue ansible/ansible#27715

* Also fixing mutually exclusive check

* Updating subspec checks
These changes take into account a spec with all features enabled and do
the following tests for subspecs:
1. Test proper specs
2. Test Alias
3. Test missing required param
4. Test mutually exclusive params
5. Test required if params
6. Test required one of params
7. Test required together params
8. Test required if params with a default value
9. Test basis subspec params
10. Test invalid subsec params
7 years ago
Peter Sprygada 7b604368d3 adds new filter plugins for network use cases (#27695)
* adds new filter plugins for network use cases

* adds parse_cli filter
* adds parse_cli_textfsm filter
* adds Template class to network_common
* adds conditional function to network_common

* fix up PEP8 issues
7 years ago
Sloane Hertel 467a1f54a3 s3_bucket: fix python3 sorting incompatibility (#27502)
* s3_bucket: fix policy sorting for python3 so strings are evaluated as less than tuples.

Add tests to ensure this behavior is maintained.

* Fix s3_bucket comparison function to work on both Python 3.5 and 3.6

* s3_bucket: document that cmp_to_key is used for python 2.7.

Add another test for s3_bucket to compare policies of different sizes.

* fix pep8

* Work around code-smell grepping by not using the word 'cmp'.
7 years ago
Sloane Hertel dbbad16385 [cloud] New module: Add module for managing AWS Datapipelines (cloud/amazon/data_pipeline) (#22878)
* New module for managing AWS Datapipelines

* Supports create/activate/deactivate and deletion
* Handles idempotent creation by embeding the version in the
uniqueId field
* Waits for requested state to be reached, as Botocore doesn't
have waiters yet for datapipelines

* rename module, fix imports, add tags option, improve exit_json results, fix a couple bugs, add a TODO so I don't forget

fix pep8

allow timeout to be used for pipeline creation

make .format syntax uniform

fix pep8

fix exception handling

allow pipeline to be modified, refactor, add some comments, remove unnecessary imports

pipeline activation may not be in the activated state long

remove datapipeline version option

change a loop to a list comprehension

create idempotence by hashing the options given to the module minus the objects (which can be modified)

small bugfix

* data_pipeline unittests

make unittests pep8

fix bug in unittests

* remove exception handling that serves no purpose

* Fix python3 incompatibilities in datapipeline tests and add placebo fixture maybe_sleep for faster tests

Fix python3 incompatibilities in data_pipeline build_unique_id()

Don't delete a pipeline in diff_pipeline() because it's unexpected

Don't use time.time() because it causes an issue with placebo testing

re-recorded tests

fix pep8 in data_pipeline

Remove disable_rollback from tests

Make sure unique identifier is a string

re-record tests

* improve documentation and add another example

* use a placebo fixture instead of redundant code in tests

fix tests for PLACEBO_RECORD=false

* Fix data_pipeline docs

use isinstance instead of type()

fix documentation

* fix documentation

* Remove use of undefined variable from data_pipeline module and fix license

* fix copyright header
7 years ago
George Nikolopoulos 31b4ae2e6a New module: manage Citrix Netscaler GSLB site configuration (network/netscaler/netscaler_gslb_site) (#27639)
* Add netscaler_gslb_site

* Lowercase enabled, disabled option values

* Add fixes in netscaler module utils needed for unit test success
7 years ago
George Nikolopoulos d88c07a037 New module: manage Citrix Netscaler GSLB service configuration (network/netscaler/netscaler_gslb_service)) (#27638)
* Add netscaler_gslb_service

* Lowercase enabled, disabled option values

* Add fixes in netscaler module utils needed for unit test success
7 years ago
George Nikolopoulos cd865be987 New module: manage Citrix Netscaler SSL certificate keys (network/netscaler/netscaler_ssl_certkey)) (#27641)
* Add netscaler_ssl_certkey

* Fix options

* Lowercase enabled, disabled option values

* Add fixes in netscaler module utils needed for unit test success
7 years ago
George Nikolopoulos e2f907ae3e Add netscaler_gslb_vserver (#27640) 7 years ago
Felipe Garcia Bulsoni b060d0ccba Initial commits for integration of HPE OneView resources with Ansible (#26026)
* Initial commit for integration of HPE OneView resources with Ansible Core. Adding FC Network and FC Network Fact modules and unit tests, and OneView base class for all OV resources.
7 years ago
Adrian Likins 27a015f0ad add a 'min' type for gather_subset to collect nothing (#27085)
previously gather_subset=['!all'] would still gather the
min set of facts, and there was no way to collect no facts.

The 'min' specifier in gather_subset is equilivent to
exclude the minimal_gather_subset facts as well.

   gather_subset=['!all', '!min'] will collect no facts

This also lets explicitly added gather_subsets override excludes.

   gather_subset=['pkg_mgr', '!all', '!min'] will collect only the pkg_mgr
fact.
7 years ago
mharista c85f363aaa Add module cv_server_provision for integration with Arista CloudVision Portal. (#25450)
* Add module cv_server_provision for integration with Arista CloudVision Portal.

* Doc update.

* Remove shebang from test file. Update short description with company and product name.

* Update exception syntax to Python3 style.

* Remove blank line between imports.

* Remove newlines from RETURN documentation.

* Add cvprac to unittest requirements.

* Update unittest format. Add a few additional tests.

* Mock exceptions from cvprac so the library is not needed for unittests.

* Mock cvprac imports.

* Update unit tests to support python 3.5.

* Mock full cvprac library for unittests.

* Update Jinja2 import to pass updated CI checks.

* Update cvprac imports format for new CI tests.

* Add __metaclass__ and __future__.
7 years ago
Adrian Likins 2b0a7338d4 Handle win style CRLF newlines in vault text (#27590)
When parsing a vaulttext blob, use .splitlines()
instead of split(b'\n') to handle \n newlines and
windows style \r\n (CRLF) new lines.

The vaulttext enevelope at this point is just the header line
and a hexlify()'ed blob, so CRLF is a valid newline here.

Fixes #22914
7 years ago
Roman Belyakovsky 42039cd436 New module: manage debian network interfaces file /etc/network/interfaces (system/interfaces_file) (#25295)
* Added new module interfaces_file

* interfaces_file: added unit tests

* interfaces_file: added golden files for unit tests

* interfaces_file: moved to system modules

* interfaces_file: fixed code formatting and convention issues
7 years ago
James Mighion 4dd8f281d6 Adding aruba_config module (#27130)
* Adding aruba_config module.

* Fixing documentation.

* Forgot action plugin.
7 years ago
George Nikolopoulos f204e7cb33 New module: manage Citrix Netscaler content switching virtual server configuration (network/netscaler/netscaler_cs_vserver) (#26245)
* Add netscaler_cs_vserver

* Correct version_added
7 years ago
George Nikolopoulos 36537186e3 New module: manage Citrix Netscaler content switching policy configuration (network/netscaler/netscaler_cs_policy) (#26189)
* Add netscaler_cs_policy

* Correct version_added
7 years ago
George Nikolopoulos e329c9da8c New module: manage Citrix Netscaler servicegroup configuration (network/netscaler/netscaler_servicegroup)) (#26183)
* Add netscaler_servicegroup

* Correct version_added
7 years ago
George Nikolopoulos 7df14bd2b0 New module: manage Citrix Netscaler load balancer virtual servers configuration (network/netscaler/netscaler_lb_vserver) (#26144)
* Add netscaler_lb_vserver

* Correct version_added
7 years ago
George Nikolopoulos ac0c5dec2f Add netscaler_lb_monitor (#26143) 7 years ago
Adrian Likins 17ab546c48 Add 2.0-2.3 facts api compat (ansible_facts(), get_all_facts()) (#27294)
* Add 2.0-2.3 facts api compat (ansible_facts(), get_all_facts())

These are intended to provide compatibilty for modules that
use 'ansible.module_utils.facts.ansible_facts' and
'ansible.module_utils.facts.get_all_facts' from 2.0-2.3 facts
API.

Fixes #25686

Some related changes/fixes needed to provide the compat api:

* rm ansible.constants import from module_utils.facts.compat

Just use a hard coded default for gather_subset/gather_timeout
instead of trying to load it from non existent config if the
module params dont include it.

* include 'external' collectors in compat ansible_facts()

* Add facter/ohai back to the valid collector classes

facter/ohai had  gotten removed from the default_collectors
class used as the default list for all_collector_classes by
setup.py and compat.py

That made gather_subset['facter'] fail.
7 years ago
Ganesh Nalawade 97a34cf008 Add options sub spec validation (#27119)
* Add aggregate parameter validation

aggregate parameter validation will support checking each individual dict
to resolve conditions for aliases, no_log, mutually_exclusive,
required, type check, values, required_together, required_one_of
and required_if conditions in argspec. It will also set default values.

eg:
tasks:
  - name: Configure interface attribute with aggregate
    net_interface:
      aggregate:
        - {name: ge-0/0/1, description: test-interface-1, duplex: full, state: present}
        - {name: ge-0/0/2, description: test-interface-2, active: False}
    register: response
    purge: Yes

Usage:
```
from ansible.module_utils.network_common import AggregateCollection

transform = AggregateCollection(module)
param = transform(module.params.get('aggregate'))
```

Aggregate allows supports for `purge` parameter, it will instruct the module
to remove resources from remote device that hasn’t been explicitly
defined in aggregate. This is not supported by with_* iterators

Also, it improves performace as compared to with_* iterator for network device
that has seperate candidate and running datastore.
For with_* iteration the sequence of operartion is
load-config-1 (candidate db) -> commit (running db) -> load_config-2
(candidate db) -> commit (running db) ...

With aggregate the sequence of operation is
load-config-1 (candidate db) -> load-config-2 (candidate db) -> commit
(running db)

As commit is executed only once per task for aggregate it has
huge perfomance benefit for large configurations.

* Fix CI issues

* Fix review comments

*  Add support for options validation for aliases, no_log,
   mutually_exclusive, required, type check, value check,
   required_together, required_one_of and required_if
   conditions in sub-argspec.
*  Add unit test for options in argspec.
*  Reverted aggregate implementaion.

* Minor change

* Add multi-level argspec support

*  Multi-level argspec support with module's top most
   conditionals options.

* Fix unit test failure

* Add parent context in errors for sub options

* Resolve merge conflict

* Fix CI issue
7 years ago
Will Thames 5f73bdc3bf [cloud] Improve Camel to Snake conversion in EC2 module_utils (#25015)
* Make camel_to_snake work on capitalized plurals

`TargetGroupARNs` should become `target_group_arns`, not
`target_group_ar_ns`

Promote `camel_to_snake` to top layer function but prefix
it with an underscore.

Add tests for improved `_camel_to_snake` function.

Reduce use of `re.compile` as it makes no sense when the
compilation result is not reused.

* Remove unused LooseVersion check

* Fix PLURALs case for camel_to_snake

Also renamed EXPECTED_CAMELIZATION to EXPECTED_SNAKIFICATION
7 years ago
Dag Wieers 97aaf103e8 ACI module_utils library for ACI modules (#27070)
* ACI module_utils library for ACI modules

This PR includes:
- the ACI argument_spec
- an aci_login function
- an experimental aci_request function
- an aci_response function
- included the ACI team

* New prototype using ACIModule

This PR includes:
- A new ACIModule object with various useful methods
7 years ago
Adrian Likins 934b645191 Support multiple vault passwords (#22756)
Fixes #13243

** Add --vault-id to name/identify multiple vault passwords

Use --vault-id to indicate id and path/type

 --vault-id=prompt  # prompt for default vault id password
 --vault-id=myorg@prompt  # prompt for a vault_id named 'myorg'
 --vault-id=a_password_file  # load ./a_password_file for default id
 --vault-id=myorg@a_password_file # load file for 'myorg' vault id

vault_id's are created implicitly for existing --vault-password-file
and --ask-vault-pass options.

Vault ids are just for UX purposes and bookkeeping. Only the vault
payload and the password bytestring is needed to decrypt a
vault blob.

Replace passing password around everywhere with
a VaultSecrets object.

If we specify a vault_id, mention that in password prompts

Specifying multiple -vault-password-files will
now try each until one works

** Rev vault format in a backwards compatible way

The 1.2 vault format adds the vault_id to the header line
of the vault text. This is backwards compatible with older
versions of ansible. Old versions will just ignore it and
treat it as the default (and only) vault id.

Note: only 2.4+ supports multiple vault passwords, so while
earlier ansible versions can read the vault-1.2 format, it
does not make them magically support multiple vault passwords.

use 1.1 format for 'default' vault_id

Vaulted items that need to include a vault_id will be
written in 1.2 format.

If we set a new DEFAULT_VAULT_IDENTITY, then the default will
use version 1.2

vault will only use a vault_id if one is specified. So if none
is specified and C.DEFAULT_VAULT_IDENTITY is 'default'
we use the old format.

** Changes/refactors needed to implement multiple vault passwords

raise exceptions on decrypt fail, check vault id early

split out parsing the vault plaintext envelope (with the
sha/original plaintext) to _split_plaintext_envelope()

some cli fixups for specifying multiple paths in
the unfrack_paths optparse callback

fix py3 dict.keys() 'dict_keys object is not indexable' error

pluralize cli.options.vault_password_file -> vault_password_files
pluralize cli.options.new_vault_password_file -> new_vault_password_files
pluralize cli.options.vault_id -> cli.options.vault_ids

** Add a config option (vault_id_match) to force vault id matching.

With 'vault_id_match=True' and an ansible
vault that provides a vault_id, then decryption will require
that a matching vault_id is required. (via
--vault-id=my_vault_id@password_file, for ex).

In other words, if the config option is true, then only
the vault secrets with matching vault ids are candidates for
decrypting a vault. If option is false (the default), then
all of the provided vault secrets will be selected.

If a user doesn't want all vault secrets to be tried to
decrypt any vault content, they can enable this option.

Note: The vault id used for the match is not encrypted or
cryptographically signed. It is just a label/id/nickname used
for referencing a specific vault secret.
7 years ago
James Mighion a328e96455 Adding aireos_config module (#27408)
* Adding aireos_config module.

* Fixing pep8 W291.
7 years ago
Trishna Guha 6d1bd33aa5 fix iosxr_banner (#27378)
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
7 years ago
Trishna Guha a49c419651 fix nxos_vrf_af nxapi & cli (#27307)
* fix nxapi failure #27142

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>

* fix nxos_vrf_af nxapi and cli

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
7 years ago
David Newswanger 81151ef02c Remove Deprecated Template network modules (#27076)
* removed deprecated networking template modules

* update changelog

* update changelog
7 years ago