* nxos_snmp_user: platform fixes for get_snmp_user
snmp user output behavior varies quite a bit for the different nxos platforms and required several workarounds:
- N5K/N6k
- These platforms do not support structured output for `show snmp user`.
- The current code lands in an `except` clause when the output is not structured; so I added a new `get_non_structured_snmp_user` method to scrape the state from the regular cli output if it's present.
- N9K-F
- The `group` data in the JSON output is different for this platform; it has a different key (just `group` instead of `TABLE_groups` or `group_names`) and it is not indexed
- For a single group the value is a string, for multiple groups it's a list
- sanity
- N5K/N6K/N9K-F platforms will reject `no snmp user <name> <role>` when it's the last role defined for the user.
- workaround is to use `nxos_user` to remove the user
- Changes validated on:
- `N3K, N3K-F, N35, N6K, N7K, N9K, N9K-F`
- `6.0(2)A8`
- `7.0(3)I2, 7.0(3)I4, 7.0(3)I5, 7.0(3)I6, 7.0(3)I7`
- `7.3(2)D1`
- `7.3(3)N1, 7.3(4)N1`
- `8.3(2)`
- `9.2(2), 9.2(3)`
* fix lint warning
(cherry picked from commit 8c56c116e5)
* Add n6k support for nxos_vtp_domain
* Add n6k support for nxos_vtp_version
* Add n6k support for nxos_vtp_password
* Fix shippable error
(cherry picked from commit d55c0cf8dc)
* nxos_snmp_traps: fix 'group: all' for N35 platforms
- `group: all` attempts to enable traps for all features defined in the module's `feature_list`
- `N35` platforms do not support `snmp-server enable traps bfd`; so removing `bfd` from the `feature_list` for that platform
- Minor cleanup in `sanity.yaml` test file
* whitespace lint fix
(cherry picked from commit 0e0c2a7db7)
* nxos_vlan: vlan names containing regex ctl chars should be escaped (#55463)
The `nxos_vlan` module may raise with regex error `sre_constants.error: multiple repeat` in the non_structured codepath if the device has existing vlan names with certain regex control characters; e.g.
```
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Eth1/3
14 my-vlan-name-is-*** active
```
(cherry picked from commit de8ce08fd8)
* fix nxos_vlan mode idempotence bug (#55144)
* fix nxos_vlan mode idempotence bug
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* Fix CI failure
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
(cherry picked from commit 57e0567310)
* nxos_vlan fix 2.8 backport
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* `nxos_acl` may fail with `IndexError: list index out of range` while attempting to delete a non-existent ACL.
The failure occurs when the `acl` var is an empty list.
* nxos_acl: catch 501 'Structured output unsupported' when no ACLs present
With some older image versions, `show ip access-list | json` will raise a 501 error indicating `'Structured output unsupported'` when there are no access-lists configured. This change turns off the `check_rc` and then looks for the failure condition.
* Fix kwarg
* Fix lint issues
(cherry picked from commit 869fdcd7d4)
* sysctl will now return an error if the value is invalid
sysctl can fail to set a value even if it returns an exit status 0. More
details: https://bugzilla.redhat.com/show_bug.cgi?id=1264080. Because of
this in case of an invalid value or a read-only file system, sysctl
module would return OK, even though it didn't set anything. To be sure
that sysctl correctly applied the changes we also need to check the
output of stderr.
(cherry picked from commit 0432b7f2522dbf82c4fabdb3fd17f7ac83f34e62)
* Run sysctl with LANG=C
Because we are parsing sysctl stderr we need to make sure that errors
are persistent across different system language settings.
(cherry picked from commit a16128f778b1e7574c5986aed26e146ac0561533)
* Add changelog fragment for sysctl
(cherry picked from commit 3ad9d4d83c1d2bbfccefb8388904c596d98f8731)
This has been broken for some time, but only noticed recently. Because
vyos_command isn't supported on ansible_connection=local, update our
testing to account for that.
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
(cherry picked from commit 59d20e004e)
* Fix loading namespaced doc_fragments
The syntax for specifying a different fragment name was already
using '.' as a separator, so the code needed to be tweaked to
avoid choking on names like `testns.testcoll.fragname` and
`testns.testcoll.fragname.altvar`.
`get_plugin_class()` returns 'docfragment' for the fragment loader;
mangling `subdir` provides consistent alignment with the normal plugin
directory names and avoids needing special handling of plugin types
with 'module' in the name.
* Add changelog entry
(cherry picked from commit 2ef8b297ff)
Otherwise, we get the following error:
ERROR: ncclient 0.6.4 requires selectors2>=2.0.1, which is not installed.
when running ansible-test.
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
(cherry picked from commit 72bfdb38b4f935d2025928cf7a443ef31d8c23f6)
Ensure inventory plugin loading rel to play
fixes#51033
* clarify paths
* now adding dirs funciton in loader
* better warnings
* each cli should handle adding dirs depending on context
(cherry picked from commit 780ee45819)
* azure_rm_subnet: remove documentation that says it supports tags (#55233)
(cherry picked from commit 32345641e7)
* azure_rm_subnet: fix CI error for deleting the azure_tags (#55276)
(cherry picked from commit 91e808eed2)
* Use module_utils.compat.ipaddress where possible.
* Simplify reverse pointer computation.
* Use dummy for unused variables.
* Remove from ignore list.
* Adjust fix.
* Fix text handling for Python 2.
* Add changelog.
(cherry picked from commit c8a15b9dbc)
* General test improvements.
* Adjust tests to older docker-py versions.
* docker_swarm_server_info: work around problems with older docker-py versions
* Bump minimal docker-py version for options network_filters and disk_usage.
* More general test improvements.
* Correct usage of docker_image.
* Put files into output directory.
* Speed up test.
* Remove old check.
(cherry picked from commit 12d26eceb1)
* psrp - Fix raw and script tests for connection plugin
* Fix error propagation with raw in psrp
* uncomment test
(cherry picked from commit fdf9df89f5)
* postgresql_idx: improved doc, tests, remove useless lines from code (#55131)
* postgresql_idx: improve doc
* postgresql_idx: improve doc, removed unuseless rows from code
* postgresql_idx: misc doc fix
* postgresql_idx: moved common params where they were
* postgresql_idx: moved common params where they were 2
(cherry picked from commit d790285e80)
* postgresql_idx: added changelog about removing useless lines from code
* Add test for generating a CSR with everything, and testing idempotency.
* Proper SAN normalization before comparison.
* Fix check in cryptography backend.
* Convert SANs to text. Update comments.
* Add changelog.
(cherry picked from commit cb5c57bcd5)
* Warn when log_options values are not strings.
* Add changelog.
* Improve message.
* Improve formatting and formulation of other messages.
* Add test for warning.
* Trying double escaping.
(cherry picked from commit d64b17731d)
* Fix ansible-test inventory and vars path handling.
* Improve explanation for missing commit.
(cherry picked from commit a4d0c24bbf)
Co-authored-by: Matt Clay <matt@mystile.com>
* Adding Support For Vxlan In Onyx Switches
Signed-off-by: Anas Badaha <anasb@mellanox.com>
* Fix Pep8 Failures in onyx_vxlan.py
Signed-off-by: Anas Badaha <anasb@mellanox.com>
* Fix Pep8 Failures in onyx_vxlan phase 2
Signed-off-by: Anas Badaha <anasb@mellanox.com>
* Fix Shippable failures
Signed-off-by: Anas Badaha <anasb@mellanox.com>
* Fix Samer's Comments on PR
Signed-off-by: Anas Badaha <anasb@mellanox.com>
* Add docker_swarm_service_info module
* Remove unused import
* Limit to retrieving info about one service
* Add exists return value
* Add yaml 3-dash
Co-Authored-By: hannseman <hannes@5monkeys.se>
* Document return value as jinja `none´
Co-Authored-By: hannseman <hannes@5monkeys.se>
* Name is required
* module_utils fixes in collections
* fixed Windows module_utils in collections
* fixed more Python module_utils cases (from X import module)
* "medium style" Ansiballz modules now work properly with collections (ie, non-replacer but also not using basic.py)
* added more tests
* split Windows/POSIX exec
* sanity
* Adding New Model for Configure Buffer Pool on Onyx Switches
Signed-off-by: Anas Badaha <anasb@mellanox.com>
* Fix Pep8 Failures in onyx_buffer_pool.py
Signed-off-by: Anas Badaha <anasb@mellanox.com>
* Add podman_image and podman_image_info modules
* Add integration test for podman_image_info
* Change parameter names per feedback
* Add integration tests for podman_image
* Make test-module use default value for interpreter
* Changing from static interpreter path to sys.executable as per #54053
* A little ntegration test for #54053
* Added idempotency logic to openssl_pkcs12
Also decoupled the 'parse' and 'generate' function from the file write
as they are now used in different places that do not need the file to be
written to disk.
* Added idempotency tests for openssl_pkcs12
Also adds a new test for pkcs12 files with multiple certificates
* Regenerate if parsed file is invalid
* pkcs12_other_certificates check was wrong
* Updated ca_certificates to other_certificates
ca_certificates is left as an alias to other_certificates;
friendlyname depends on private key, so it will be ignored while
checking for idempotency if the pkey is not set;
idempotency check only checks for correct certs in the stack
* use different keys for different certs
* Added other_certificates in module docs
* Added changelog and porting guide
* removed unrelated porting guide entry
* renamed ca_cert* occurrence with other_cert
Check allows vmware_dvs_portgroup to fail early if user
specified invalid range in VLAN id(s).
Fixes: #54927
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* win_firewall_rule only changes specified arguments
defaults are controlled by com object
integration test for built in rule
* removed ignore psaliases for win_firewall_rule
* direction and action are no longer required
program and service respect default values
documentation updated to reflect that defaults apply to rule creation
added test to disable a rule and verify other values have not changed
* fixed extra whitespace
* Move each description sentance to a new entry
This reverts commit 85d836171b.
As discussed in WWG IRC meeting, we don't want Get-ADObject to be a dependency of win_domain_membership, and we need to be able to authenticate to the DC in some configs. We can revisit this change a different way for 2.9.
* Use six from ansible.module_utils for inventory scripts
Remove skips from sanity test
* Change all imports of ConfigParser to use module_utils.six.moves
* Remove commented out lines
* Fix six imports
* Don't pollute include_variables. Fixes#51667. Fixes#54618.
* Rename include_variables to include_args, so we can make the distinction about what they are
* Track args and vars separately
* oops
* oops again
* linting fix
* Add test
- Fixed issue #25017,#37567
- Add example for prompt on launch
- Add integration test for prompt on launch
Signed-off-by: Hideki Saito <saito@fgrep.org>
* updated tests and changelog for 54516
* Handle errors if PG does not support partitioning.
* Check for PG > 10 in tasks
* Show changes for partitioned tables in ansible
* Added documentation in the tests
* Update test/integration/targets/postgresql/tasks/postgresql_privs.yml
Co-Authored-By: raymondroelands <raymondroelands@users.noreply.github.com>
* Update test/integration/targets/postgresql/tasks/postgresql_privs.yml
Co-Authored-By: raymondroelands <raymondroelands@users.noreply.github.com>
* Added check for 0 tables after revoking rights
* Added test and moved tests
Added check mode test and moved test right after the change.
* Rebased postgresql_privs.py
* Add win_format
* Some doc changes were missed
* Fixes for ansible-test, additional assertion for check mode
* Fix -WhatIf issues
* Support for idempotency and changes to integration tests
* Fix trailing whitespace
* Fixes from review, and added check for non-empty volumes
* Remove an extra line
* Structural changes
* Minor fixes for CI
