Fixes#46257
* As per netconf rfc default-operation value is optional,
hence removing the default value for default_operation
option.
(cherry picked from commit 5e6eb921ae)
* Update changelog
* Add ssl support to consul_kv lookup (#42456)
* implemented lookup_consul_kv
* added missing version_added for consul_url ini section
* added default value for ANSIBLE_CONSUL_CLIENT_CERT and added some more documentation
* removed trailing whitespaces
* fixed indention
* Fixes in Documentation
* removed trailing whitespace
* removed trailing whitespace
(cherry picked from commit bacbd4e9fc)
* * added changelog fragment
This prevents a stack trace in Python 3 when the result is an empty file since
the file is open in binary mode and a native string in Python 3 is str,
not bytes.
(cherry picked from commit 8b1ae30e2e)
* Ensure that the value of PLUGIN_FILTERS_CFG is treated as type=path, and that we use the standard section of 'defaults' instead of 'default'
* deprecate the default section
* Don't add version_added for the corrected section
(cherry picked from commit 172137c)
Co-authored-by: Matt Martz <matt@sivel.net>
* Support nested JSON decoding in AnsibleJSONDecoder
* Add tests for vault portion of AnsibleJSONDecoder
(cherry picked from commit c0915e2)
Co-authored-by: Matt Martz <matt@sivel.net>
* fixes#45941
* corrects regression introduced by #26104; when the resource group doesn't exist, the module exits prematurely with an error instead of creating it.
(cherry picked from commit 3b52d968e6)
* ec2_group - fix VPC precedence for security group targets (#45787)
Update the dictionary with the preferred values last to get the right order of VPC precedence
Fixes#45782
(cherry picked from commit 8d2df9be52)
* Fix ec2_group for EC2-Classic accounts (#46242)
* Fix ec2_group for EC2-Classic accounts
* changelog
(cherry picked from commit 9efc3dc761)
* Merge changelogs
The stdout and stderr values returned from self._low_level_execute() are text, not bytes. This results in an error in Python 3 since str and bytes cannot be concatenated.
Changing to unicode type allows this to work without error on Python 2 and Python 3.
(cherry picked from commit 77f73f6d2a)
* reboot: Fix typo and support bare Linux systems
This fixes a problem for bare Linux systems that do not support 'who -b' or 'uptime -s'.
* Accumulate stdout and stderr information
(cherry picked from commit a7a99c5fd4)
- use context manager for dealing with the checksum file
- use loop that can tolerate zero, one, or more items return rather than the previous expression which would break if anything other than exactly one item was returned
(cherry picked from commit 03dbb1d9c4)
squash
* Fix targets that may be a list containing strings and lists which worked prior to 2.6.
* Add ec2_group integration tests for lists of nested targets
* changelog
* Add diff mode support for lists of targets containing strings and lists.
(cherry picked from commit d7ca3f2bd3)
* fix nxos_facts indefinite hang for text based output (#45845)
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
(cherry picked from commit 1b0c4fde86)
* Fix remote checksums when paths have leading dots (#45287)
* Fix remote checksums with paths have leading dots
* Fix result recorded from the wrong file
* Add changelog fragment
(cherry picked from commit 600c7ac108)
* [stable-2.7] Fix logic to not re-download existing files when force=no (#45495)
* Fix logic to not re-download existing files when force=no. Fixes#45491
* Reduce logic complexity.
(cherry picked from commit 5785de582f)
Co-authored-by: Matt Martz <matt@sivel.net>
* Backport of get_url fix cannot use result
result was only added in 2.8+
* [AWS] cloudfront_distribution - fix method name from 'validate_distribution_id_from_caller_reference' to 'validate_distribution_from_caller_reference' and set distribution_id to the distribution's key 'Id' (#45498)
(cherry picked from commit e5269c047c)
* changelog
* Don't pass file_name to DataLoader.load in script inventory plugin. Fixes#34164
* Add changelog fragment
(cherry picked from commit 263b9fa)
Co-authored-by: Matt Martz <matt@sivel.net>
* plugins/callbacks : fix some key documentation (#45267)
These are supposed to be a dictionary with section/key entries;
correct a few typos.
(cherry picked from commit c34e0f5e11)
* backport of #45267
* ec2_vpc_route_table - allow routes to be created if the CIDR already exists but its 'Origin' is 'EnableVgwRoutePropagation' (which cannot be replaced). (#43417)
Fixes#43415
(cherry picked from commit a6c97f2243)
* Add new session parameter to win_psexec
* Indicate which version the session option was added in
* Added changelog fragment and minor edit on doc entry
* YUM4/DNF compatibility via yum action plugin
DNF does not natively support allow_downgrade as an option, instead
that is always the default (not configurable by the administrator)
so it had to be implemented
- Fixed group actions in check mode to report correct changed state
- Better error handling for depsolve and transaction errors in DNF
- Fixed group action idempotent transactions
- Add use_backend to yum module/action plugin
- Fix dnf handling of autoremove (didn't used to work nor had a
default value specified, now does work and matches default
behavior of yum)
- Enable installroot tests for yum4(dnf) integration testing, dnf
backend now supports that
- Switch from zip to bc for certain package install/remove test
cases in yum integration tests. The dnf depsolver downgrades
python when you uninstall zip which alters the test environment
and we have no control over that.
- Add changelog fragment
- Return a pkg_mgr fact if it was not previously set.
* Share the implementation of hashing for both vars_prompt and password_hash.
* vars_prompt with encrypt does not require passlib for the algorithms
supported by crypt.
* Additional checks ensure that there is always a result.
This works around issues in the crypt.crypt python function that returns
None for algorithms it does not know.
Some modules (like user module) interprets None as no password at all,
which is misleading.
* The password_hash filter supports all parameters of passlib.
This allows users to provide a rounds parameter, fixing #15326.
* password_hash is not restricted to the subset provided by crypt.crypt,
fixing one half of #17266.
* Updated documentation fixes other half of #17266.
* password_hash does not hard-code the salt-length, which fixes bcrypt
in connection with passlib.
bcrypt requires a salt with length 22, which fixes#25347
* Salts are only generated by ansible when using crypt.crypt.
Otherwise passlib generates them.
* Avoids deprecated functionality of passlib with newer library versions.
* When no rounds are specified for sha256/sha256_crypt and sha512/sha512_crypt
always uses the default values used by crypt, i.e. 5000 rounds.
Before when installed passlibs' defaults were used.
passlib changes its defaults with newer library versions, leading to non
idempotent behavior.
NOTE: This will lead to the recalculation of existing hashes generated
with passlib and without a rounds parameter.
Yet henceforth the hashes will remain the same.
No matter the installed passlib version.
Making these hashes idempotent.
Fixes#15326Fixes#17266Fixes#25347 except bcrypt still uses 2a, instead of the suggested 2b.
* random_salt is solely handled by encrypt.py.
There is no _random_salt function there anymore.
Also the test moved to test_encrypt.py.
* Uses pytest.skip when passlib is not available, instead of a silent return.
* More checks are executed when passlib is not available.
* Moves tests that require passlib into their own test-function.
* Uses the six library to reraise the exception.
* Fixes integration test.
When no rounds are provided the defaults of crypt are used.
In that case the rounds are not part of the resulting MCF output.
* Switch to LiteralPath instead of Path. Closes#44508
* add changelog fragment
* fix line endings and remove final empty line
* Minor text changes in changelog
* elb_application_lb: fix dangerous default of deleting an ELB if state is omitted by changing state to default to present to be more like other AWS modules
* expend checksum format to <algorithm>:(<checksum>|<url>)
* continue to code at office
* ALPHA - expend checksum format to <algorithm>:(<checksum>|<url>)
* clean up tmpfile and comment
* try to add test code for 27617
* try to add test code for 27617
* try to add test code for 27617
* try to fix [Could not find or access 'testserver.py']
* fix test code [Could not find or access 'testserver.py']
* fix test code [add files dir]
* fix test code [files dir not exists]
* as [connection was closed before a valid response was received]
* [connection was closed before a valid response was received]
* [connection was closed before a valid response was received]
* add test item [sha1 and sha256]
* since [connection was closed before a valid response was received]
* fix [connection was closed before a valid response was received]
* fix test code typo
* add docs for #27617
* PR #43751 is minor change
* fix pep8 issue.
* fix test code style.
* fix unexpected quote
* Add (preview) diff mode support ec2_group
* Add diff mode to some ec2_group integration tests
* Remove unnecessary arguments and add comment to the module notes
* Add changelog
In python 3.7.0, changes in `ssl.py` breaks `smtplib.SMTP_SSL`, which
then breaks `mail` module in ansible.
Run this line in python shell:
import smtplib;smtplib.SMTP_SSL().connect(host='smtp.gmail.com', port=465)
Before python 3.7.0, we will get:
(220, b'smtp.gmail.com ESMTP j13-v6sm3086685pgq.56 - gsmtp')
In python 3.7.0, we get such error at `lib/python3.7/ssl.py` line 843, method `_create`:
ValueError: server_hostname cannot be an empty string or start with a leading dot.
The ssl module is using host info on SMTP_SSL instance, which is not set.
The fix/workaround is simple, just pass host info to it:
import smtplib;smtplib.SMTP_SSL(host='smtp.gmail.com').connect(host='smtp.gmail.com', port=465)
Fixes: #44550
Signed-off-by: Guo Qiao <guoqiao@gmail.com>
Extends `module_defaults` by adding a prefix to defaults `group/` which denotes a builtin list of modules. Initial groups are: `group/aws`, `group/azure`, and `group/gcp`
* added account_alias in the response of module aws_caller_facts
* added comment to explain list_account_aliases
* renamed caller_identity to caller_facts as the content is extended
* created changelog
* security-policy needs the iam:ListAccountAliases for this module to work
* test now checks for the added field account_alias
* gracefully handle missing iam:ListAccountAliases permission
* Use newer is_sequence function instead of MutableSequence. Fixes#44327
* Add changelog for #44331
* Update changelog fragment to describe the fix in more detail
* Don't use copy.deepcopy in high workload areas, use deepishcopy. ci_complete
* Add tests
* Add changelog fragment
* rename to naive_deepcopy and add extra docs
* Rename to module_response_deepcopy and move to vars/clean
One can install alternate packages managers on debuntu machines.
However, doing so doesn't mean you want to suddenly start using them.
Add in a check similar to the fedora yum/dnf check that sets apt as the
pkg_mgr if the ansible_os_family is Debian.
Ganesh Nalawade