* nxos_snmp_user: platform fixes for get_snmp_user
snmp user output behavior varies quite a bit for the different nxos platforms and required several workarounds:
- N5K/N6k
- These platforms do not support structured output for `show snmp user`.
- The current code lands in an `except` clause when the output is not structured; so I added a new `get_non_structured_snmp_user` method to scrape the state from the regular cli output if it's present.
- N9K-F
- The `group` data in the JSON output is different for this platform; it has a different key (just `group` instead of `TABLE_groups` or `group_names`) and it is not indexed
- For a single group the value is a string, for multiple groups it's a list
- sanity
- N5K/N6K/N9K-F platforms will reject `no snmp user <name> <role>` when it's the last role defined for the user.
- workaround is to use `nxos_user` to remove the user
- Changes validated on:
- `N3K, N3K-F, N35, N6K, N7K, N9K, N9K-F`
- `6.0(2)A8`
- `7.0(3)I2, 7.0(3)I4, 7.0(3)I5, 7.0(3)I6, 7.0(3)I7`
- `7.3(2)D1`
- `7.3(3)N1, 7.3(4)N1`
- `8.3(2)`
- `9.2(2), 9.2(3)`
* fix lint warning
(cherry picked from commit 8c56c116e5)
All vmware_guest_* module support for use_instance_uuid from Ansible 2.8,
somehow vmware_guest_disk missed from this change.
This fix adds support for use_instance_uuid in vmware_guest_disk.
Fixes: #56021
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 7e6be4e634)
* Add n6k support for nxos_vtp_domain
* Add n6k support for nxos_vtp_version
* Add n6k support for nxos_vtp_password
* Fix shippable error
(cherry picked from commit d55c0cf8dc)
Backport of #55678 to stable-2.8.
* XenServer: Minor changes and fixes in xenserver_guest
- xenserver_guest module: ignore wait_for_ip_address when
state=absent (fixes#55348). Module docs are updated to reflect this.
- xenserver_guest module: show proper error message when maximum number
of network interfaces is reached and multiple network interfaces are
added at once (fix for changes introduced in #54697).
- xenserver_guest module: fixed a bug in reconfigure() where VM would
be powered off even though check mode is used when reconfiguration
needs VM to be powered off.
* Added changelog fragment
(cherry picked from commit 2a39dc84b7)
* nxos_snmp_traps: fix 'group: all' for N35 platforms
- `group: all` attempts to enable traps for all features defined in the module's `feature_list`
- `N35` platforms do not support `snmp-server enable traps bfd`; so removing `bfd` from the `feature_list` for that platform
- Minor cleanup in `sanity.yaml` test file
* whitespace lint fix
(cherry picked from commit 0e0c2a7db7)
* nxos_vlan: vlan names containing regex ctl chars should be escaped (#55463)
The `nxos_vlan` module may raise with regex error `sre_constants.error: multiple repeat` in the non_structured codepath if the device has existing vlan names with certain regex control characters; e.g.
```
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Eth1/3
14 my-vlan-name-is-*** active
```
(cherry picked from commit de8ce08fd8)
* fix nxos_vlan mode idempotence bug (#55144)
* fix nxos_vlan mode idempotence bug
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* Fix CI failure
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
(cherry picked from commit 57e0567310)
* nxos_vlan fix 2.8 backport
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* `nxos_acl` may fail with `IndexError: list index out of range` while attempting to delete a non-existent ACL.
The failure occurs when the `acl` var is an empty list.
* nxos_acl: catch 501 'Structured output unsupported' when no ACLs present
With some older image versions, `show ip access-list | json` will raise a 501 error indicating `'Structured output unsupported'` when there are no access-lists configured. This change turns off the `check_rc` and then looks for the failure condition.
* Fix kwarg
* Fix lint issues
(cherry picked from commit 869fdcd7d4)
mem_reservation and memory_reservation has redundant implementation.
Combining them together.
Fixes: #54335
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 193f69064f)
* To fix the issue where nios_zone module was running second time for same object (#55595)
* fix for 55128 issue
Signed-off-by: Sumit Jaiswal <sjaiswal@redhat.com>
* review comment fix
Signed-off-by: Sumit Jaiswal <sjaiswal@redhat.com>
(cherry picked from commit 661f7be0fe)
* changelog for 2.8
Signed-off-by: Sumit Jaiswal <sjaiswal@redhat.com>
* connection/docker: add privilege escalation support (#55816)
As described in #53385 (and #31759), the docker connection driver did
not support privilege escalation. This commit is a shameless
cut-and-paste of the privilege escalation support from the `local`
connection plugin into the `docker` plugin.
Closes: #53385
(cherry picked from commit 61e476b908)
* docker connection plugin: make privilege escalation code more similar to local.py (#56288)
* Make more similar to local.py
* Fix typo.
(cherry picked from commit 708bda06aa)
* sysctl will now return an error if the value is invalid
sysctl can fail to set a value even if it returns an exit status 0. More
details: https://bugzilla.redhat.com/show_bug.cgi?id=1264080. Because of
this in case of an invalid value or a read-only file system, sysctl
module would return OK, even though it didn't set anything. To be sure
that sysctl correctly applied the changes we also need to check the
output of stderr.
(cherry picked from commit 0432b7f2522dbf82c4fabdb3fd17f7ac83f34e62)
* Run sysctl with LANG=C
Because we are parsing sysctl stderr we need to make sure that errors
are persistent across different system language settings.
(cherry picked from commit a16128f778b1e7574c5986aed26e146ac0561533)
* Add changelog fragment for sysctl
(cherry picked from commit 3ad9d4d83c1d2bbfccefb8388904c596d98f8731)
This has been broken for some time, but only noticed recently. Because
vyos_command isn't supported on ansible_connection=local, update our
testing to account for that.
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
(cherry picked from commit 59d20e004e)
Link to ansible-bender instead of the deprecated ansible-container.
Co-Authored-By: Felix Fontein <felix@fontein.de>
(cherry picked from commit 66bfa27685)
* Fix loading namespaced doc_fragments
The syntax for specifying a different fragment name was already
using '.' as a separator, so the code needed to be tweaked to
avoid choking on names like `testns.testcoll.fragname` and
`testns.testcoll.fragname.altvar`.
`get_plugin_class()` returns 'docfragment' for the fragment loader;
mangling `subdir` provides consistent alignment with the normal plugin
directory names and avoids needing special handling of plugin types
with 'module' in the name.
* Add changelog entry
(cherry picked from commit 2ef8b297ff)
* [doc] command module: mention all parameter types (#56396)
(cherry picked from commit 8968d41599)
* update azure_rm_autoscale document (#56388)
(cherry picked from commit 49ecfdbc10)
* [doc] expect module: mention all parameter types (#56394)
(cherry picked from commit 7f41cc40e6)
* update azure_rm_appgateway document (#56339)
(cherry picked from commit 84f5666aab)
* update azure_rm_appserviceplan related module documents (#56348)
(cherry picked from commit 22d7e7ea0b)
* Small typo fix in documentation (#56480): documentation was probably C&P'd from user, leaving a "useradd" mention where a "groupadd" should be.
(cherry picked from commit 6182f368e7)
* Update ovirt_vnic_profile.py (#56466): Update documentation to reflect module name
(cherry picked from commit db42cf5873)
* clean backport of PR 56355, clarify config cli usage
(not actually cherry-picked due to conflicts, but see PR mentioned)
* gcp_compute_target_proxy does not exist, update deprecated redirect (#56496)
(cherry picked from commit 7636f36a8a)
* Update default roles_path documentation (#56320)
(cherry picked from commit c1ebc8d9c2)
* docs: Update scopes value example (#56362): example in GCE guide needs "https://" prefix
(cherry picked from commit 85fa65e5f0)
* [doc] fix example: always trigger the handler (#56384): by default, debug task result isn't changed - add 'changed_when: yes' to trigger handler
(cherry picked from commit b3ab83bc70)
* Update of Ansible 2.8 roadmap (#56436): Remove **if needed** for RC2 & RC3, correct date for RC3
(cherry picked from commit d55823b013)
* add how to create HttpApi plugins for network modules (#54340): in a developer guide for networks
(cherry picked from commit cca365061c)
* [Doc-Release-2.8] fixed broken module links in 2.8 porting guide (#56494)
(cherry picked from commit 635931051b)
This reverts commit b9dc8056d7.
Revert the revert oracle change. It's looking like we aren't going to
have an rc4 and this is a code change. So this can't go in.