* Only change expiration date if it is different
Modify user_info() method to also return the password expiration.
Compare current and desired expiration times and only change if they are different.
* Improve formatting on user tests
* Add integration test for expiration
* Add changelog fragment
* Improve integration test
Skip macOS and use getent module for validating expiration date.
* Fix expiration change for FreeBSD
* Don't use datetime since the total_seconds method isn't available on CentOS 6
* Use better name for expiration index field
Use separate tasks for verifying expiration date on BSD
* Use calendar.timegm() rather than time.mktime()
calendar.timegm() is the inverse of time.gmtime() and returns a timestamp in UTC not localtime
Add tests that change the system timezone away from UTC
* Mark tests as destructive and use test for change status
* Fix account expiration for FreeBSD
Use DATE_FORMAT when setting expiration date on FreeBSD. Previously the argument passed to -e was an integer of days since epoch when the account will expire which was inserted directly into master.passwd. This value is interpreted as seconds since epoch by the system, meaning the account expiration was actually set to a few hours past epoch.
Greatly simply comparing desired and current expiration time by using the first three values of the struct_time tuple rather than doing a whole bunch of manipulations of the seconds since epoch.
(cherry picked from commit 5a6bdef76b)
debian:9
`apt-get install python-apt` - this will install python2.7 and python3
After this operation, *88.4 MB* of additional disk space will be used.
`apt-get install --no-install-recommends python-apt` - only python2.7
After this operation, *35.0 MB* of additional disk space will be used.
(cherry picked from commit c542e62)
(cherry picked from commit 58261a42e9)
* Remove provider (and transport, where applicable) from consideration
* Add tests that misplaced transport does not fail task
(cherry picked from commit c6270e15a6)
* show version brief does not work on iosxr virtual (#37609)
* show version brief does not work on iosxr virtual
* ci failures fix
(cherry picked from commit 66b389a00d)
* changelog entry
* Handling of configurations blocks with end-* at the end of the block (#39673)
* handle end-policy issue
* revert changes in iosxr cliconf
* fix trailing parents not included in difference
* Moving fix to platform specific fix
* pep 8 issues
(cherry picked from commit ef577b71cc)
* changelog entry
If default option is eanbled fetch the current
running configuration by adding `all` or `full`
flag
(cherry picked from commit 09e3b5c92b)
Update Changelog
* Update vars for loop_control on each loop iteration (fixes#38899) (#39818)
(cherry picked from commit 01e8139d74)
* Changelog snippet for cherry-pick of #39818
* facts: Detecting NVME partitions under Linux (#39730)
In the current state of the code, the nvme partitions are returned as empty as in :
"ansible_devices": {
"nvme0n1": {
"model": "SAMSUNG MZVLW256HEHP-000L7",
"partitions": {},
The parsing of the /sys/block/<diskname> try to find a disk named like :
<diskname><x> as in sda1 for sda
But in the nvme context, the partition of nvme0n1 is named nvme0n1p1.
This add a possible 'p' between the diskname and the partname.
This patch simply add the option of having a 'p' between the diskname
and the partname.
The patch works on my host :
"model": "INTEL SSDPEDMD400G4",
"partitions": {
"nvme0n1p1": {
...
"size": "93.13 GB",
}
Fixes#38742
Signed-off-by: Erwan Velu <erwan@redhat.com>
(cherry picked from commit 2214c747a2)
* Use a more exact regex (#39811)
The pattern we're matching can have zero or one p. Be more careful to
match exactly that.
Slight revision of #39730
(cherry picked from commit 75283983f6)
* Make sure that the implicit async_status gets the env from a task with async. Fixes#39699 (#39764)
(cherry picked from commit 3b496db4d8)
* Add changelog for #39764
`network['vlan']` should be a VLAN ID
Integers passed around using jinja variable references are
converted to strings (see # 9362)
The # 32738 PR should allow using 'NativeType' in ansible
Explicitly converting to integer will make the module works
as expected with or without the NativeType support
`network['vlan']` can also be a VLAN NAME (fallback)
Explicitly converting to string will make the module works
as expected with or without the NativeType support
Signed-off-by: Matthieu Fronton <m@tthieu.fr>
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit a0b4462aea)
* Fixes 30786 - add server response to the failure
(cherry picked from commit 0ac885f1c7)
* replace str(e) with to_native(e) according to code review
(cherry picked from commit e2e3bf6b9a)
* add changelogs/fragments
* Fix eos_vlan associated interface check
Fix eos_vlan associated interface check by comparing
the interface in want and have without converting the
interface name to lower
* Update eos_vlan docs
* Update changelog
(cherry picked from commit afdc2364f2)
There was a traceback when setting permissions on a directory tree when
there were broken symlinks inside of the tree and follow=true. chmod -R
ignores broken symlinks inside of the tree so we've fixed the file
module to do the same.
Fixes#39456
(cherry picked from commit 6b159fdb03)
* Fix for file module with symlinks to nonexistent target
When creating a symlink to a nonexistent target, creating the symlink
would work but subsequent runs of the task would fail because it was
trying to operate on the target instead of the symlink.
Fixes#39558
(cherry picked from commit 4f664f8ff6)
* removed additional check for name parameter
(cherry picked from commit 91357d07f4)
* Added empty default
Fix for issue https://github.com/ansible/ansible/issues/38482
(cherry picked from commit 60a3277103)
* [ec2_ami] Ensure name or image_id is provided for state=present (#38972)
Add integration tests for backward compatibility and ensuring name or image_id is provided
(cherry picked from commit e2aa1155ba)
Fixes#27262
(cherry picked from commit 81b2529159)
Add tests for template with non-ascii filenames
This is a test in response to #27262 but I could not provoke the error
so it only shows that the current code is working with non-ascii
filenames in this case. It doesn't show whether there's some other bug
somewhere.
(cherry picked from commit f91d961cb4)
* ensure 'home' translations
* removed slash as it created issues on diff plats
(cherry picked from commit cc1c7c63db)
* fixed bug introduced by orig commit, this should only affect single ~ paths
Currently, the module fail with a error saying that --acme-dir is mandatory.
Looking at the commandline:
/usr/sbin/acme-tiny --chain --account-key /srv/letsencrypt/acme_key/acme.key
--csr /srv/letsencrypt/nginx_certs/www.example.org.csr--acme-dir /srv/letsencrypt/webroot",
We can see that the space before --acme-dir is missing.
avoids some repetitive loading
- read config file only once
- now cache the ini parser per file
- optimize shell plugin loading
tried to 'optimize' vars_plugins loading but it creates issues with precedence,
probalby due to iterator not being reset, will look into it in subsequent fix/PR
(cherry picked from commit 42912e1ac8)
* ignore version when deciding callback loading
The code already defaulted to load the callback if the properties are not present
there was no need for us to also check the version
fixes#38270
* fix error msg on set optoins to use correct name
(cherry picked from commit 1850bb752f)
Under a non-utf-8 locale (for instance, LC_ALL=C), passing a non-ascii
filename to many APIs will traceback. Fix that by explicitly converting
to byte strings before passing to external APIs.
May fix#27262
(cherry picked from commit 2976b653ce)
Add a changelog for filename encoding in template action fix
(cherry picked from commit d90c36e320)
* [cloud] ec2_vpc_route_table: ignore routes without DestinationCidrBlock
Add module warnings rather than silently skipping
* Permit warnings for routes tables containing vpc endpoints to be turned off
* Add tests to ensure a VPC endpoint associated with a route table does not result in a traceback
(cherry picked from commit da3f7a8db1)
In the particular case of executin "chkconfig --list NAME", ansible
checks the stderr looking for a particular english message.
This message is different in other languages, Spanish for example
(although it have been corrected in the latests versions)
Fixes#29818
(cherry picked from commit e7db3c0eba)
* win_file: Handle [] in paths, fix touch in check mode (#37901)
* win_file: Handle [] in paths, fix touch in check mode
* Fixed typo for p/invoke command
(cherry picked from commit 4b57fa91d0)
* Added changelog fragment for win_file special char fix
(cherry picked from commit 61bcf4740f)
* ovirt_disks: Fix fail condition for LUN disk
Fixes: https://github.com/ansible/ansible/issues/38661
* ovirt_host_networks: Fix removing of network attachments
* ovirt: Support removing unmanaged networks
* ovirt: FCP storage domains don't have to have target
Exceptions need to use native strings. We need to make sure we're
combining native strings with native strings.
(cherry picked from commit 0b643009db)
Add changelog entry for winrm encoding fix
(cherry picked from commit a5e33969b1)
Node port field is not populated on K8S pods, and it's certainely the most useful port to use in pod when we need to interact with ansible outside of the cluster
* Ansible.ModuleUtils.FileUtil - Add ability to test non file system provider paths (#39200)
(cherry picked from commit b6afe6946d)
* Added changelog fragment
Fixes#38732
Make matching leading newline for cli prompt
optional as there are cases when returned repsonse
for ios/iosx remote host doesn't have newline before
cli prompt.
(cherry picked from commit eebfa66c2b)
* Attempt 4: Prevent reparenting a block with itself (#38747)
* More concisely reparent, ensuring we don't go too shallow or too deep in this process. Fixes#38357
* More explicit reparenting, with a short circuit for a common case
* We need new_block to have a parent, otherwise we lose context with this approach
* Remove duplicate parent assignment
* Change callers of Block.copy to not use exclude_parent=True, when including the parent, exclude tasks
(cherry picked from commit f474195a3b)
* Add changelog for #38747
* Skip self._parent on dynamic, defer to grandparent for attr lookup (#38827)
* Skip self._parent on dynamic, defer to grandparent for attr lookup
* Revert _inheritable
* Add tests for include inheritance from static blocks
Fixes#38037#36194
(cherry picked from commit 354aa8d602)
* Add changelog for #38827
* Consider parent also when comparing IncludedFile (#37083)
* Consider parent also when comparing IncludedFile
* Add new tests for IncludedFile and convert to pytest
(cherry picked from commit cdb79b0e3a)
* Add changelog for #37083
* Error if docker and docker-py are simultaneously (#38884)
* Error if docker and docker-py are simultaneously installed over top of each other. Fixes#36125
* Remove duplicate installed
(cherry picked from commit 68e3ff80a7)
* Add changelog for #36470
If recursive is set to yes, the module changes the attributes of the directory recursively even though state: directory is not set.
(cherry picked from commit 785c660432)
* File module: correct description of "state"
It was probably intended to say "intermediate subdirectories will be created" and not "immediate subdirectories will be created".
(cherry picked from commit a81c6668eb)
Fixes#36063, fixes#37323, fixes#36078 (#37354)
* Add AWSRetry when describing VPCs to help stabilize integration tests
* Add retry on create_tags because it is possible to reach this API call before the VPC is finished creating
* Increase delay and tries for ec2_vpc_net backoff
* Wait for DHCP option to be created in ec2_vpc_dhcp_option
* Wait for all modifications to the VPC
* Use the vpc_available waiter because is uses Filters
* Optimize retries to only occur if the functionality is available
Cherry-from:
- 16f8a993a0
- e9c57e732f
The docs suggest that `port` parameter is the default port upon
which targets listen. As such, a target need only provide a `Port`
key to override the default.
(cherry picked from commit dc09ddfbd5)
As per docs, the current set of values is
```
'SSLv3'|'TLSv1'|'TLSv1_2016'|'TLSv1.1_2016'|'TLSv1.2_2018'
```
Fixes#38642
(cherry picked from commit 6b970348b1)
* Clean up Grafana docs a bit
But more is needed, default values, missing choices, proper
descriptions, actual sentences :-)
* Remove validate-modules entries
(cherry picked from commit 51662acc6c)
* module_common: set required parameter templar
Fix the following error (related to b455901):
$ ./hacking/test-module -m ./lib/ansible/modules/system/ping.py -I ansible_python_interpreter=/usr/bin/python
Traceback (most recent call last):
File "./hacking/test-module", line 268, in <module>
main()
File "./hacking/test-module", line 249, in main
(modfile, modname, module_style) = boilerplate_module(options.module_path, options.module_args, interpreters, options.check, options.filename)
File "./hacking/test-module", line 152, in boilerplate_module
task_vars=task_vars
File "ansible/lib/ansible/executor/module_common.py", line 910, in modify_module
environment=environment)
File "ansible/lib/ansible/executor/module_common.py", line 736, in _find_module_utils
shebang, interpreter = _get_shebang(u'/usr/bin/python', task_vars, templar)
File "ansible/lib/ansible/executor/module_common.py", line 452, in _get_shebang
interpreter = templar.template(task_vars[interpreter_config].strip())
AttributeError: 'NoneType' object has no attribute 'template'
* module_common.modify_module: templar is required
(cherry picked from commit 7908f78fa6)
When the URI module returns complex JSON objects, the YAML callback
fails while trying to represent these objects. The problem arises
because the filter method returns an iterator in Python 3, rather than a
str object. Therefore, the str method expandtabs() is not available,
and the callback fails with the following error:
[WARNING]: Failure using method (v2_runner_on_failed) in callback plugin (<ansible.plugins.callback.yaml.CallbackModule object at 0x7f7c7ed8aa20>): 'filter' object has no attribute 'expandtabs'
Issue can be replicated by running this playbook:
- hosts: localhost
gather_facts: false
tasks:
- uri:
url: https://jsonplaceholder.typicode.com/posts
ansible-playbook tmp.yml -v
(cherry picked from commit 5839f07e0f)
* fix inventory plugin source caching
- avoid caching invetnory sources in loader in base
- same fix for yaml plugin
- idem for 'auto' plugin
fixes#37162
* fix mock dataloader func sig
(cherry picked from commit 886c4edfb9)
This offers an optimization that allows loading larger
inventories of various structure by improving the
scaling laws involved for adding hosts and groups.
The primary speed benefit is the elimination of duplicate
recusion from traversing converging paths.
(cherry picked from commit 153c9bd539)
* made missing cli tools non fatal
* remove bare exceptions
these shoudl not be there as they can prevent 'wanted' exits
(cherry picked from commit 0c2e7fd841)
* Tolerate win line endings on windows module_util load (#37291)
* tolerate windows line endings when loading windows module utils. Helpful for old custom windows modules.
* add test modules to demonstrate win line ending module load behaviour.
* attempt to fix sanity check failures
* pep8 fix
* explict skip of test modules from shebang check (core modules must still have expected unix style line endings)
* switch to rstrip() following core team meeting feedback
(cherry picked from commit ad94d03ba1)
* Added changelog fragment
* Added ignore rules to older sanity tests
* Removed test files due to old shebang not being possible without bigger change
* Update win_certificate_store.py
Improvements to describe the different destination stores.
+label: docsite_pr
* Update win_certificate_store.py
Whole line needs to be quoted -- lingfish YAML fail.
(cherry picked from commit d684c51815)
This fix adds exception handling which is raised when user
does not have correct set of permissions/privileges to read virtual machine
facts especially host system configuration.
Fixes: #37056
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit efc3f4f824)
This fixes documentation related to datacenter in vmware_guest_find
module.
Fixes: #38290
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 2367130ba3)
* Add supported connection in junos module documentation
Add supported connection type in junos module doucmentation.
* adds link to platform docs
* makes recommended connection a code snippet
* does this fix banner and command?
* does this fix the rest of the errors?
(cherry picked from commit 67d561b0c8)
* centralize doc/config plugin lists
also update list for generation in docsite
added note to ensure they are in sync
* updated shell page to list plugins
added some more docs hinting at plugins being configurable
* fix edit link for plugins
(cherry picked from commit bdbb89378f)
If user does not specify any network type then set network type
to dhcp. There are additional checks around 'ip', 'netmask' and
'type' in network spec.
Fixes: #38466
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 9b139baacb)
There was discrepancy between documentation and actual code.
Fixes: #38671
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit f1cd254265)
If format is passed as None to get_config api, wrong command is
genereted ie. `show running-configuration | None | section interface`.
Add format type in command only if format value is either not `text`
or `None`.
(cherry picked from commit 88662d0c56)
Update changelog
* Add troubleshooting URL for persistent socket path related issue
socket path timeout related error messages are not displayed on the
console as the ansible-connection process does not have access to it.
Until this is fixed need to point to troubleshooting URL so that
users can take corrective actions.
* Fix CI issue
* Update changelog fragments
(cherry picked from commit 53d3e7e306)
* restore showing stderr on script success
accidentally removed during transition to plugin, with toggle for those
who prefer the quiet way
fixes#33776
* stderr display if no other errors capture first
* fixed issue with error encoding
(cherry picked from commit eef70d028f)
junos_netconf works only with connection=network_cli
Add check to report appropriate error if any other
connection type is used.
(cherry picked from commit 16c2d3717e)
Update Changelog fragments
* consul_kv: decodes kv values from Consul to utf-8 (#35894)
* Decodes kv values from Consul to utf-8.
* Switches to using module utils to perform text decoding.
* Adds self to authors list to help community maintenance.
(cherry picked from commit a4a2b4a381)
* Add a changelog fragment for consul_kv python3 fix
* eos_vlan: Modified logic to allow for more than 6 interfaces to be assigned to … (#35568)
* Modified logic to allow for more than 6 interfaces to be assigned to a vlan
* arista output to json. removing logic for string size.
(cherry picked from commit 99627ab99d)
* Add changelog fragment
* winrm: added flag handler for kinit to request forwardable ticket when delegation is set (#37815)
(cherry picked from commit 22f2388ef1)
* Added changelog fragment
* fix for when status codes are provided as a comma separated list (#38080)
* fix for when status codes are provided as an array of strings
* convert status codes to int, additional tests
(cherry picked from commit c38617a736)
* Added changelog fragment
* Fix 'New Vault password' on vault 'edit'
ffe0ddea96 introduce a
change on 'ansible-vault edit' that tried to check
for --encrypt-vault-id in that mode. But '--encrypt-vault-id'
is not intended for 'edit' since the 'edit' should always
reuse the vault secret that was used to decrypt the text.
Change cli to not check for --encrypt-vault-id on 'edit'.
VaultLib.decrypt_and_get_vault_id() was change to return
the vault secret used to decrypt (in addition to vault_id
and the plaintext).
VaultEditor.edit_file() will now use 'vault_secret_used'
as returned from decrypt_and_get_vault_id() so that
an edited file always gets reencrypted with the same
secret, regardless of any vault id configuration or
cli options.
Fixes#35834
(cherry picked from commit 6e737c8cb6)
* ovirt_host_networks: Fix idempotency
* ovirt_hosts: Fix failed_state after PM fence
* ovirt_host_networks: Fix of bond assignment (#38054)
* ovirt_host_networks: Fix of bond assignment
* ovirt_host_networks: Fix bond modes
* ovirt_host_networks: Fix incorrect prefix documentation
* ovrit_cluster: fix for CPU arch entity #37425 (#37436)
* ovrit_cluster: fix for CPU arch entity #37425
* Corrected Indentation
* Condition to check if `architecture` is defined
When looking for installed packages we do not need to query
repositories since we only care about the rpmdb. As such, we can
disable all the repositories operations in order to improve the
performance of that step
Before this patch, when using 'state: present' in the zypper module,
the operation was taking about 12 seconds to complete:
time ansible-playbook foo.yml 1>/dev/null
real 0m12.614s
user 0m10.880s
sys 0m0.683s
After this patch:
time ansible-playbook foo.yml 1>/dev/null
real 0m4.193s
user 0m2.560s
sys 0m0.575s
see:
https://bugzilla.opensuse.org/show_bug.cgi?id=1084525
(cherry picked from commit 5234b78b5f)
* fix typo (#38131)
(cherry picked from commit 1c00a14c31)
* add changelog fragment for 38131 backport to 2.5
Signed-off-by: Adam Miller <admiller@redhat.com>
* Fixes#37700 Azure image can be created with tag (#37981)
* image can be create or add
* update tags
* can remove all tags
* Update azure_rm_common.py
For connection=local check only if the transport value in
provider is cli and the respective module support cli
transport. If not report back appropriate error message.
(cherry picked from commit e10e0d42d8)
* openssl_certificate: Handle dump() in check_mode (#38386)
Currently, when ones run the module in check_mode it tries to retrieve
values from the actual certificate generated in the generate() function.
Since in check_mode we call dump() without calling generate(), self.cert
is None, leading to self.cert.get_notBefore(), self.cert.get_notAfter()
and self.cert.get_serial_number() raising an error.
> NoneType' object has no attribute 'get_notBefore'
The solution is to have two way to handle dump() method, whether its run
in check_mode=True or check_mode=False leading to different way the
information is retrieved.
(cherry picked from commit 99497ce54c)
* Eos :do not push config to device if check_mode is enabled (#37287)
* eos can not check config without config session support
* add testcase for check_mode without config session
* fix eos eapi to read use_session env var
(cherry picked from commit a1026dbce5)
* Backport/2.5/37287 - Eos do not push config is check_mode is enabled
* fixes issue when netconf would report ios is not supported
This change now will map ansible_network_os=ios to the correct netconf
plugin implementation. This will resolve an error where the netconf
connection plugin will report that ios is unsupported.
(cherry picked from commit 91a748e33b)
* Close & remove paramiko connection where appropriate (#37528)
* Update unit test
(cherry picked from commit 594840c1d6)
* Put back $PATH checking in ansible-connection call (#37933)
(cherry picked from commit 169209c32a)
`get_options` is an undefined method from CallbackBase
As a result, remove the trailing `s` letter.
Signed-off-by: Daniel Andrei Minca <mandrei17@gmail.com>
* ISSUE-37945 output not populated on failure
This always includes output, but it is empty on failure.
* handle the other failcases as well
(cherry picked from commit 509f52a8ed)
* issue:38167 add support for onyx version 3.6.6000 for onyx_linkagg (#38191)
Signed-off-by: Samer Deeb <samerd@mellanox.com>
(cherry picked from commit 72d42bd065)
* fragment
* issue:37307 Add support for changes in pfc output in onyx 3.6.6000 (#37651)
* issue:37307 Add support for changes in pfc output in onyx 3.6.6000
Signed-off-by: Samer Deeb <samerd@mellanox.com>
(cherry picked from commit 9dfb665e43)
* fragment
* issue:37306 Fix issue with vlan support for onyx version 3.6.6000
Signed-off-by: Samer Deeb <samerd@mellanox.com>
(cherry picked from commit a89bafce2e)
* nso_verify handle leaf-list in 4.5 and identityref (#37393)
NSO verify did not handle leaf-list value verification in 4.5 and
later due to changes made for configuration writing made.
map prefix for identityref types in verification.
(cherry picked from commit 6308047dc9)
* Remove timeout
* Add error handling for junos in case wrong connection type
Fixes#37990
If a junos module doesn't support given connection/transport type
return appropriate error message.
* Fix CI issues
* Fix review comment
(cherry picked from commit 3a4fc4af08)
* win_service: fix when dealing with paths with special chars and change WMI to CIM cmdlets (#37897)
* win_service: fix when dealing with paths with special chars and change WMI to CIM cmdlets
* compare username in lowercase for test
(cherry picked from commit f37a44430f)
* Added changelog fragment
* azure_rm_networkinterface: fixed issue when public ip address should not be created (#36824)
* fixed issue when public ip address should not be created
* adding test for public ip address
* fixed samples
* another fix to sample formatting
* fixed test
* fix test
* fixed test
* another attempt to fix test
* maybe it works now
* still wrong
* improved check per customer request
* removed stupid semicolon
* updated test to match main scenario
* changed ip configurations to list
* another attempt
(cherry picked from commit 89401f13f7)
* Added changelog fragment
include_vars and set_fact are already updating hostvars in strategy
no need to 're add again' with lower priority the same data.
fixes#37535, mostly by avoiding reprocessing and 'cleaning'
(cherry picked from commit 3bec76fc85)
* Fix redundant yaml error blurbs on ModArgs parse errors
Some of the AnsibleParserErrors from parsing.mod_args
are created with the obj=some_yaml_ds options but
some are not.
If they were, we don't want to add another yaml_ds to
it, because that will result in double yaml error blurbs.
And since we dont need to add info, we can just re raise it.
But if there is no ._obj, add it here so we get the extra
detail in the error message (see issue #14790) and raise
a new AnsibleParserError instance.
Fixes#36848
* cleanup existing test_tasks pep8/sanity issues
(cherry picked from commit e166946a0a)
* Compare byte strings to byte strings
* Fix a traceback in ansible-pull on python3 comparing output from
subprocess with a text string.
* Rename variables that hold byte strings so we are clear that those are
not text strings.
* Use to_text() to transform variable that's being displayed as it's
less fragile than str().
Fixes#36962
(cherry picked from commit b98ad3a12b)
* Add changelog entry for python3 ansible-pull fix
* Fix use of user_data field with spot_price in ec2 module (#37628)
The user_data field is base64 encoded inside of the boto library. In
Python3, base64 must be used with byte strings. So we make sure to
encode the user_data into a byte string before passing it on to the boto
library.
Fixes#34978
(cherry picked from commit 0d55081ba8)
* Python3 ec2 fix added to changelog
* Fix csvfile traceback on Python3 (#37625)
* Fix csvfile traceback on Python3
The csvfile lookup uses some custom iterators. These needed to be
ported to handle the python3 iterator protocol. In addition, the
csvfile module takes an iterator of byte strings in Python2 and an
iterator of text strings in Python3
Fixes#36808
(cherry picked from commit 09325b619e)
* Add changelog entry for csvfile python3 fix
This fix adds environment variables for connection in vmware_*
modules.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 0ae7a0e88c)
* Fix python3 interpreter issue (#34811) (#35176)
* Fix python3 interpreter issue (#34811)
* Update ansible.module_utils._text (#34811)
* Convert to text later to account for multibyte characters
(cherry picked from commit 340064bfb9)
* Add a changelog fragment for haproxy python3 fix
* continue fact gathering even without dmidecode
If dmidecode is not available we still wan to continue with fact
gathering.
On certain platforms dmidecode just won't work
(cherry picked from commit cbe2915ba5)
Fixes#37911
The generated file was completely unusable by the system
therefore the fix which ensures that diffing the file
prior to changes and after only shows diffs
Furthermore the code did not work for Python 3.6
> f.writelines(to_bytes(lines, errors='surrogate_or_strict'))
E TypeError: a bytes-like object is required, not 'int'
The other modifications (lambda variable renaming) is to
comply with default flake8 rules
(cherry picked from commit 612d0d6634)
Fixes#37208
If check_mode is enabled instead of committing th config need to
discard all the chnages to cnadidate db
In case of cli to discard changes issue `rollback 0` command
and for netconf execute `discard-changes` rpc call
(cherry picked from commit 8eaa9cc938)
Fixes#36979
If `abort` is not issued in the top level session prompt
the existing session goes to pending state.
The fix is to come out of config mode by issuing `end` command
and again to same config session and execute `abort` which
`abort` is issued at the top level session prompt.
(cherry picked from commit 017ea018d0)
SGs created when a VPC ID was not specified would not necessarily
get the default egress rule, even when no explicit egress rules
were set.
Add some checks for egress rules in results from existing tests
(cherry picked from commit 98b29f8ad6)
Fixes#35993 - Changes to update_size in commit eb4cc31 made it so
the group dict passed into update_size was not modified. As a result,
the 'replace' call does not see an updated min_size like it previously
did and doesn't pause to wait for any new instances to spin up. Instead,
it moves straight into terminating old instances. Fix is to add batch_size
to min_size when calling wait_for_new_inst.
Fixes#28087 - Make replace_all_instances and replace_instances behave
exactly the same by setting replace_instances = current list of instances
when replace_all_instances used. Root cause of issue was that without lc_check
terminate_batch will terminate all instances passed to it and after updating
the asg size we were querying the asg again for the list of instances - so terminate batch
saw the list including new ones just spun up.
When creating new asg with replace_all_instances: yes and lc_check: false
the instances that are initially created are then subsequently replaced.
This change makes it so replace only occurs if the asg already existed.
Add integration tests for #28087 and #35993.
(cherry picked from commit a2b3120e85)
* Fix name parameter templating in include_role module (#36372)
An IncludedFile() object built using the original_task will have
its _task bound to the original_task. The iterative reassignment of
original_task._role_name during with_item loops leaves all returned
included_files with the same ._task._role_name (the final name from
the with_items list). This commit builds IncludedFile() objects
from an original_task.copy() to avoid the problematic binding.
(cherry picked from commit 54e70fc783)
* Test include role with items in name #36372 (#37001)
* Tests for #36372
* Tests for #36372
* Tests for #36372
(cherry picked from commit 8c4f349743)
* Add changelog for #36372
This PR includes:
- A fix for multiple-choice defaults
- A fix for messed up dictionary samples
- Cleaner defaults when they don't appear part of choices
(cherry picked from commit 80ba7b7402)
* Connection error messages are unsafe: wrap them (#37329)
* Check that connection error msg are not unsafe
* Connection error messages are unsafe: wrap them
For example, in case of error, docker connection plugin returns exception
message containing Go template. These messages weren't tagged as unsafe
and were consequently rendered:
The conditional check 'result is failed' failed. The error was:
{
'msg': u'Docker version check ([\'/usr/bin/docker\', \'version\', \'--format\', "\'{{.Server.Version}}\'"]) failed: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.35/version: dial unix /var/run/docker.sock: connect: permission denied\n',
'failed': True
}:
template error while templating string: unexpected '.'.
String: Docker version check (['/usr/bin/docker', 'version', '--format', "'{{.Server.Version}}'"]) failed: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.35/version: dial unix /var/run/docker.sock: connect: permission denied
(cherry picked from commit 4378542ac7)
* Add a changelog for the no-template error message fix
Sam Doran