Commit graph

1024 commits

Author SHA1 Message Date
Felix Fontein
d64b17731d docker_container: improve log_options idempotency by converting to string (#54955)
* Warn when log_options values are not strings.

* Add changelog.

* Improve message.

* Improve formatting and formulation of other messages.

* Add test for warning.

* Trying double escaping.
2019-04-12 18:36:11 -04:00
Abhijeet Kasurde
6ff4547489 VMware: get_all_host_objs accepts list of host (#55146)
vmware_portgroup accepts list of hosts, get_all_host_objs API modified
to accept list of hosts.

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2019-04-12 15:35:35 -07:00
Toshio Kuratomi
bc955b9d60 Cleanup the tree for post-2.8-branch
After branch, we do the following tasks:
* Remove all old changelog fragments.  The devel tree starts fresh.
* Remove all old generated changelog info (CHANGELOG-v2.8.rst and .changes.yaml)
* Set the new codename and version in release.py
2019-04-12 12:57:35 -07:00
Brian Coca
9f87552f06
add option to display per host start to default (#53819)
* add option to display per host start to default
2019-04-12 12:42:38 -04:00
Brian Coca
e40832df84
become mixin is no more (#54002)
* become mixin is no more
  since sudo/su keywords are removed in 2.9 .. no need to keep this code around
 * also don't need test for code that is removed
 * made preprocess_data on base noop
   its not used by anything anymore, but kept for backwards compat since other methods of same name are used
2019-04-12 12:13:55 -04:00
Jordan Borean
6039ff9a24
win_domain - fix for checking for domain on new host (#55195) 2019-04-12 14:14:49 +10:00
Brian Coca
6579dfda17
Correct plugin loader context for persistent (#54860)
* Correct plugin loader context for persistent
2019-04-11 14:32:52 -04:00
Martin Krizek
a40c1ed811
setup: properly detect is_chroot on Btrfs (#55089)
* setup: properly detect is_chroot on Btrfs

Fixes #55006

* Use get_bin_path for stat

* Remove comment
2019-04-11 11:24:08 +02:00
Tobias Rüetschi
cd00934375 Add a changelog fragment for PR 55083. (#55130) 2019-04-11 11:21:51 +02:00
Anatoly Pugachev
19f6634353 Add support of facts gathering WWNs on AIX OS (#51704)
* Extend git commit c65909d6db "Add network fact to obtain FC WWN initiator ports"
adding support of enumerating AIX device WWN ports

$ lsdev -Cc adapter -l fcs*
fcs0 Defined   00-00 8Gb PCI Express Dual Port FC Adapter (df1000f114108a03)
fcs1 Defined   00-01 8Gb PCI Express Dual Port FC Adapter (df1000f114108a03)
fcs2 Available 04-00 8Gb PCI Express Dual Port FC Adapter (df1000f114108a03)
fcs3 Available 04-01 8Gb PCI Express Dual Port FC Adapter (df1000f114108a03)

$ lscfg -vpl fcs3 | grep 'Network Address'
        Network Address.............10000090FA551509

* no self in this code

* Two fixes:

- fix run_command execution, passing 'use_unsafe_shell=True' since we have a pipe in it ( | grep )
  if we don't set unsafe shell, it will return error on execution.

- strip new line characters at the end of WWNs.

* fix pep8 , E225 missing whitespace around operator

* use module.get_bin_path() instead of hardcoded values

* move module.get_bin_path() out of for loop

* use python string parsing instead of calling external grep

* use in operator instead of find() for simplicity and readability

* add changelog fragment
2019-04-11 00:13:33 +02:00
Toshio Kuratomi
04e5c550a8 Do not look for a paramiko compat package anymore (#55106) 2019-04-10 14:51:53 -04:00
Matt Martz
e89f8bae86
Extend jinja2 nested undefined support to keys/indices (#55094) 2019-04-10 10:35:31 -05:00
Wilmar den Ouden
877ce12970 VMware: Rename results key to ansible_module_results (#55038)
* Rename results key to ansible_module_results

* Update to a better variable name

* Update example and adds change to porting guide
2019-04-10 19:58:25 +05:30
junji hashimoto
c3e50db1d5 Renamed SafeConfigParser to ConfigParser in gce inventory script (#54974) 2019-04-10 09:52:26 -04:00
Andrea Tartaglia
0303ea2bfa openssl_pkcs12: Add idempotency checks (#54633)
* Added idempotency logic to openssl_pkcs12

Also decoupled the 'parse' and 'generate' function from the file write
as they are now used in different places that do not need the file to be
written to disk.

* Added idempotency tests for openssl_pkcs12

Also adds a new test for pkcs12 files with multiple certificates

* Regenerate if parsed file is invalid

* pkcs12_other_certificates check was wrong

* Updated ca_certificates to other_certificates

ca_certificates is left as an alias to other_certificates;
friendlyname depends on private key, so it will be ignored while
checking for idempotency if the pkey is not set;
idempotency check only checks for correct certs in the stack

* use different keys for different certs

* Added other_certificates in module docs

* Added changelog and porting guide

* removed unrelated porting guide entry

* renamed ca_cert* occurrence with other_cert
2019-04-10 11:43:08 +01:00
Andreas Calminder
7adfb1f714 os_volume: Modify existing volume (#54905)
* add support for: volume resize, check_mode and diff

* add changelog fragment
2019-04-10 10:41:41 +01:00
Adam Miller
a2eb227970 facts: correctly detect xen paravirt vs hvm cpuinfo (#49320)
* facts: correctly detect xen paravirt vs hvm cpuinfo

Fixes #49039

Signed-off-by: Adam Miller <admiller@redhat.com>

* provide default val if we IndexError

Signed-off-by: Adam Miller <admiller@redhat.com>
2019-04-10 00:17:30 -04:00
Matt Davis
97446f0eca
Revert "Add a force_replace_host flag to win_domain_membership (#53542)" (#55056)
This reverts commit 85d836171b.

As discussed in WWG IRC meeting, we don't want Get-ADObject to be a dependency of win_domain_membership, and we need to be able to authenticate to the DC in some configs. We can revisit this change a different way for 2.9.
2019-04-09 13:52:23 -07:00
Sloane Hertel
ba8b5ec0d3
[ec2] Use user_data if specified (#54494)
* Use user_data if specified

* changelog
2019-04-09 15:52:49 -04:00
Adam Miller
d53c3cd4f2
Force pkg_mgr yum for rhel < 8, dnf for rhel > 8 (#54010)
* Force pkg_mgr yum for rhel < 8, dnf for rhel > 8

This solves the scenario in which someone using RHEL or a clone
decides to install dnf, which can break their system in certain ways
under certain scenarios (a dnf bug that's been resolved upstream but
left user systems broken happened recently). Currently Red Hat
provides dnf to RHEL7 in an optional Tech Preview Channel under the
YUM4 branding, as does the CentOS Content Management SIG. There may
be others in the ecosystem I'm not familiar with.

Signed-off-by: Adam Miller <admiller@redhat.com>

* add changelog

Signed-off-by: Adam Miller <admiller@redhat.com>
2019-04-09 14:32:00 -05:00
Sam Doran
3cd98a9fcc Use ansible.module_utils.six in inventory scripts (#55000)
* Use six from ansible.module_utils for inventory scripts

Remove skips from sanity test

* Change all imports of ConfigParser to use module_utils.six.moves

* Remove commented out lines

* Fix six imports
2019-04-09 13:17:59 -04:00
Brian Coca
5f69ab7f46 Better test for cache method availability (#54740)
* Better test for cache method availability

  fixes #54737

* try and ignore missing method

* avoid plugin cross contamination

* ammend clog
2019-04-09 09:32:11 -07:00
Benjamin MALYNOVYTCH
9c5275092f mysql_user: fix compatibility issues with various MySQL/MariaDB versions (#45355)
* mysql_user: fix MySQL/MariaDB version check

To handle properly user management, version check needed refacto, as well as the query used to get existing password hash

* mysql_user: break long query in multiple lines

* mysql_user: fix query fetch existing password hash

* mysql_user: MariaDB version check 100.2 != 10.2

* mysql_user: fix existing password fetch

In some cases, both columns (Password and authentication_string) may exist and be populated.
In other cases one exist, but not the second.
This fix should handle properly all situations

* mysql_user: break long queries

* mysql_user: refactor duplicated code

* mysql_user: handle updates from root with empty passwd to new passwd

* mysql_user: GC debug statement and readd trailing new line

* mysql_user: fix pep8 under indentation

* mysql_user: fix privileges management
https://github.com/ansible/ansible/pull/45355#issuecomment-428200244

* mysql_user: raise exception if exception caught doesn't match the one that is managed

* mysql_user: improve plugins output (add msg field with explicit informations)

* mysql_user: fix old / new password hash comparison

* mysql_user: fix reference to old MySQLdb lib

* mysql_user: fix cursor when root password is left empty (mysql DB invisible)

* mysql_user: add changelog

* ALL privileges comparison

* fixed blank line

* added mysql 8 fixes

* fixed version compatibility

* mysql_user: fix MySQL/MariaDB version check

To handle properly user management, version check needed refacto, as well as the query used to get existing password hash

* mysql_user: break long query in multiple lines

* mysql_user: fix query fetch existing password hash

* mysql_user: MariaDB version check 100.2 != 10.2

* mysql_user: fix existing password fetch

In some cases, both columns (Password and authentication_string) may exist and be populated.
In other cases one exist, but not the second.
This fix should handle properly all situations

* mysql_user: break long queries

* mysql_user: refactor duplicated code

* mysql_user: handle updates from root with empty passwd to new passwd

* mysql_user: GC debug statement and readd trailing new line

* mysql_user: fix pep8 under indentation

* mysql_user: fix privileges management
https://github.com/ansible/ansible/pull/45355#issuecomment-428200244

* mysql_user: raise exception if exception caught doesn't match the one that is managed

* mysql_user: improve plugins output (add msg field with explicit informations)

* mysql_user: fix old / new password hash comparison

* mysql_user: fix reference to old MySQLdb lib

* mysql_user: fix cursor when root password is left empty (mysql DB invisible)

* mysql_user: add contrib

* Rename changelogs/fragments/45355-mysql_user-fix-versions-compatibilities to add YML extension
2019-04-09 16:26:45 +01:00
Abhijeet Kasurde
b142b6f0e8 Move changelog entries to fragments directory (#55017)
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2019-04-09 10:12:46 -04:00
Hideki Saito
377fba3d76 Fix handling of inventory and credential options for tower_job_launch (#54967)
- Fixed issue #25017,#37567
- Add example for prompt on launch
- Add integration test for prompt on launch

Signed-off-by: Hideki Saito <saito@fgrep.org>
2019-04-09 14:08:11 +01:00
Raymond Roelands
8edae1bc61 updated tests and changelog for 54516 (#54670)
* updated tests and changelog for 54516

* Handle errors if PG does not support partitioning.

* Check for PG > 10 in tasks

* Show changes for partitioned tables in ansible

* Added documentation in the tests

* Update test/integration/targets/postgresql/tasks/postgresql_privs.yml

Co-Authored-By: raymondroelands <raymondroelands@users.noreply.github.com>

* Update test/integration/targets/postgresql/tasks/postgresql_privs.yml

Co-Authored-By: raymondroelands <raymondroelands@users.noreply.github.com>

* Added check for 0 tables after revoking rights

* Added test and moved tests
Added check mode test and moved test right after the change.

* Rebased postgresql_privs.py
2019-04-09 13:30:06 +02:00
Christopher Snyder
09f68fc659 redhat_subscription: Fix usage of ConfigParser (#54815) 2019-04-09 09:36:51 +02:00
Jason Witkowski
87f8e37c2c Fix for neither LaunchConfigName nor LaunchTemplate existing on object (#54692) 2019-04-09 09:00:51 +10:00
Matt Martz
56ae8ebd60 Don't swallow exceptions when processing included files (#54791)
* Don't swallow exceptions when processing included files. Fixes #54786
2019-04-08 12:03:22 -04:00
Felix Fontein
7d27348356 ufw: fix default, direction is not necessary for it (#54799)
* Correct behavior so that direction isn't required for default.
* Add more tests.
* 'disabled' values cannot be changed.
* Include 'not specified' in messages.
2019-04-08 08:49:35 -04:00
Felix Fontein
e079758b31 Move refactoring steps from #54635 to own PR. (#54690) 2019-04-08 12:59:55 +01:00
Robert Osowiecki
1532e31ec0 Allow all of yum version compare operators (#54603)
* Allow all of yum version compare operators

* * yum: name="foo >= VERSION" integration test
* changelog fragment
2019-04-08 10:34:21 +02:00
Adam Miller
21d692cace fix dnf module removal in dnf upstream 4.2.2+ (#54923)
* fix dnf module removal in dnf upstream 4.2.2+

Signed-off-by: Adam Miller <admiller@redhat.com>

* Remove extra blank line in changelog fragment.
2019-04-05 14:28:24 -07:00
Toshio Kuratomi
ae667d3d86 New release v2.8.0a1 2019-04-04 16:37:20 -07:00
Felix Fontein
8cba1f9397 docker_network: add IPAM driver options support (#54632)
* Tidying up.

* Adding ipam_driver_options parameter.

* Add tests.

* Add changelog.
2019-04-04 15:44:31 -04:00
Brian Coca
bda541fa0d
fix missing attribs with dirct module execution (#53875)
* fix missing attribs with dirct module execution
* also make remote tmp handling smarter
 update tests
* set default if attrib does not exist
* add simple test
2019-04-04 09:59:52 -04:00
Sam Doran
6ce9cf7741
Change default smart connection to ssh on macOS and remove paramiko from requirements.txt (#54738)
* Remove default use of paramiko connection plugin on macOS
    This fix was originally to work around a bug that caused a kernel panic on macOS
    that has since been fixed.
* Remove paramiko from requirements.txt
* Move paramiko checking to common place
* Drop the warnings obfiscation code
* Update pip installation instructions to reflect upstream instructions
* Fix tests on CentOS 6 (Python 2.6) that now show Python deprecation warnings
* Add changelog fragment
2019-04-03 22:35:59 -04:00
Felix Fontein
e422f18898 acme_certficate: allow to write files to CWD (#54754)
* Allow to write files to CWD.

* Add changelog.
2019-04-03 19:39:10 +01:00
Martin Krizek
d15812fabf
Fix copy module to reset filesystem acls (#51868)
The controller's fixup_perms2 uses filesystem acls to make the temporary
file for copy readable by an unprivileged become user. On Python3, the
acls are then copied to the destination filename so we have to remove
them from there.

We can't remove them prior to the copy because we may not have
permission to read the file if the acls are not present. We can't
remove them in atomic_move() because the move function shouldn't know
anything about controller features. We may want to generalize this into
a helper function, though.

Fixes #44412

Co-authored-by: Toshio Kuratomi <a.badger@gmail.com>
2019-04-03 18:37:59 +02:00
Jordan Borean
e56fb48873
psrp - auth options (#54705) 2019-04-03 07:53:50 +10:00
Łukasz Szczęsny
bcdd1dc951 pamd: fix idempotence issue when removing rules (#54105) 2019-04-01 10:18:33 -04:00
Hannes Ljungberg
e58f23b73e docker_swarm: Return UnlockKey (#54490)
* Return UnlockKey

* Add changelog fragment

* Add method to check if a parameter exists in diffs

* Add method to get swarm unlock key

* Add option unlock_key

* Only return unlock key when created or changed

* Rename difference check

* Extend unlock key example

* Assert that unlock_key is a string

* Fix docker_swarm_info authors

* Don’t silence APIErrors

* Test unlock_key on unlocked swarm

* Catch APIError when retrieving unlock key

* Better return value description

* Lint

* Fix UnlockKey return value documentation

Co-Authored-By: hannseman <hannes@5monkeys.se>

* Get unlock key safely

Co-Authored-By: hannseman <hannes@5monkeys.se>

* Return None on empty UnlockKey

* Assert swarm_unlock_key is undefined if unqueried

* Add documentation about swarm_info unlock_key

* Add change log fragment for unlock_key option

* Revert "Add change log fragment for unlock_key option"

This reverts commit e3cb2325b552e5d14cc3f42b33a86bf3ee84d3b9.

* Use generator expression instead

* Restart docker more decisively

* Use systemctl kill

Co-Authored-By: hannseman <hannes@5monkeys.se>

* Try to restart docker daemon
2019-04-01 12:19:18 +01:00
Felix Fontein
fa47bed71c openssl_certificate: fix ACME provider (#54656)
* Change default of acme_chain to no.

* Stop using string command lines.

* Add changelog.

* Fix changelog.
2019-04-01 12:18:14 +01:00
René Moser
01f63ee871
cloudstack: fix E326 (#54657)
* cloudstack: remove choice list for hypervisor param

* cloudstack: streamline network_type with returned value by the API

* cloudstack: remove E326

* add changelog fragment
2019-03-31 23:36:56 +02:00
Hannes Ljungberg
833512b07c docker_swarm: Add support for default_addr_pool and subnet_size (#54642)
* Add support for default_addr_pool and subnet_size

* Add changelog fragment

* Document options only used on init / join
2019-03-31 16:56:55 -04:00
Kevin Subileau
09979e899f win_nssm: refactor to fix issues, support check mode and add more features (#45693)
* win_nssm: rename cmdlets to use approved verbs, rename service name parameters

* win_nssm: improve code style and cmdlets ordering

* win_nssm: always escape all command line parameters with Argv-ToString

fix error when the service name contains quotes

* win_nssm: use Fail-Json instead of exceptions and remove global try/catch

* win_nssm: small refactoring, inline some functions

* win_nssm: refactoring - add a generic cmdlet to idempotently set any nssm service parameter

* win_nssm: refactoring - inline some functions

To make the code more malleable for future changes

* win_nssm: change application, stdout_file and stderr_file options type to path

* win_nssm: deprecates app_parameters, rename app_parameters_free_form to arguments, and add support for list of parameters

* win_nssm: add support of check mode

* win_nssm: add working_directory option

* win_nssm: add display_name and description options

* win_nssm: minor changes

* win_nssm: remove some sanity exclusions

* win_nssm: avoid using aliases and minor style fixes

* win_nssm: doc and ui improvements

* win_nssm: remove sanity exclusions

* win_nssm: minor revision

* win_nssm: deprecates dependencies, start_mode, user and password parameters and some choices of state in favor of win_service

* win_nssm: fix style

* win_nssm: add executable option to specify the location of the NSSM utility

* win_nssm: add missing parameter types

* win_nssm: add diff mode support

* win_nssm: avoid displaying depreciation warning if default value is assigned

* win_nssm: fix variable scope

* win_nssm: use the explicit -LiteralPath parameter name instead of -Path

* win_nssm: fix documentation

* win_nssm: add porting guide entries

* win_nssm: add changelog fragment
2019-04-01 05:56:48 +10:00
Felix Fontein
188903448a openssl_*: add backup option (#54294) 2019-03-30 15:38:43 +01:00
Scott Luther
5517b0384f fix remove_orphans using APIs exposed via AnsibleDockerClient (#54316)
Co-Authored-By: sluther <neenach2002@gmail.com>
2019-03-30 14:33:17 +01:00
Kevin Breit
d16dcb8dbb meraki_device - Support for creating and modifying device notes (#51100)
* Add support for notes

* Add test for notes

* Device notes changes
- Renamed from notes to note
- Modified tests to work

* Comment device test since it only works once

* Remove assertion stanza and move assertion to existing one

* Add version_added to note documentation

* Converted from tabs to spaces

* Added changelog fragment

* Remove changelog file since it's a feature

* Add changelog fragment
2019-03-29 14:26:28 +01:00
David Passante
7c57caf8fa cs_network_offering: add a for_vpc parameter (#54551)
* cs_network_offering: add for_vpc parameter

* add changelog fragment
2019-03-28 22:37:32 +01:00
Matt Davis
f86345f777
Collection content loading (#52194)
* basic plugin loading working (with many hacks)

* task collections working

* play/block-level collection module/action working

* implement PEP302 loader

* implicit package support (no need for __init.py__ in collections)
* provides future options for secure loading of content that shouldn't execute inside controller (eg, actively ignore __init__.py on content/module paths)
* provide hook for synthetic collection setup (eg ansible.core pseudo-collection for specifying built-in plugins without legacy path, etc)

* synthetic package support

* ansible.core.plugins mapping works, others don't

* synthetic collections working for modules/actions

* fix direct-load legacy

* change base package name to ansible_collections

* note

* collection role loading

* expand paths from installed content root vars

* feature complete?

* rename ansible.core to ansible.builtin

* and various sanity fixes

* sanity tweaks

* unittest fixes

* less grabby error handler on has_plugin

* probably need to replace with a or harden callers

* fix win_ping test

* disable module test with explicit file extension; might be able to support in some scenarios, but can't see any other tests that verify that behavior...

* fix unicode conversion issues on py2

* attempt to keep things working-ish on py2.6

* python2.6 test fun round 2

* rename dirs/configs to "collections"

* add wrapper dir for content-adjacent

* fix pythoncheck to use localhost

* unicode tweaks, native/bytes string prefixing

* rename COLLECTION_PATHS to COLLECTIONS_PATHS

* switch to pathspec

* path handling cleanup

* change expensive `all` back to or chain

* unused import cleanup

* quotes tweak

* use wrapped iter/len in Jinja proxy

* var name expansion

* comment seemingly overcomplicated playbook_paths resolution

* drop unnecessary conditional nesting

* eliminate extraneous local

* zap superfluous validation function

* use slice for rolespec NS assembly

* misc naming/unicode fixes

* collection callback loader asks if valid FQ name instead of just '.'
* switch collection role resolution behavior to be internally `text` as much as possible

* misc fixmes

* to_native in exception constructor
* (slightly) detangle tuple accumulation mess in module_utils __init__ walker

* more misc fixmes

* tighten up action dispatch, add unqualified action test

* rename Collection mixin to CollectionSearch

* (attempt to) avoid potential confusion/conflict with builtin collections, etc

* stale fixmes

* tighten up pluginloader collections determination

* sanity test fixes

* ditch regex escape

* clarify comment

* update default collections paths config entry

* use PATH format instead of list

* skip integration tests on Python 2.6

ci_complete
2019-03-28 10:41:39 -07:00
Sam Doran
023c5167fd Revert "Use locking for concurrent file access (#52567)" (#54547)
This reverts commit e152b277cf.
2019-03-28 13:19:49 -04:00
James Cassell
bc4ef99533 standardize TLS connection properties (#54315)
* openstack: standardize tls params

* tower: tower_verify_ssl->validate_certs

* docker: use standard tls config params

- cacert_path -> ca_cert
- cert_path -> client_cert
- key_path -> client_key
- tls_verify -> validate_certs

* k8s: standardize tls connection params

- verify_ssl -> validate_certs
- ssl_ca_cert -> ca_cert
- cert_file -> client_cert
- key_file -> client_key

* ingate: verify_ssl -> validate_certs

* manageiq: standardize tls params

- verify_ssl -> validate_certs
- ca_bundle_path -> ca_cert

* mysql: standardize tls params

- ssl_ca -> ca_cert
- ssl_cert -> client_cert
- ssl_key -> client_key

* nios: ssl_verify -> validate_certs

* postgresql: ssl_rootcert -> ca_cert

* rabbitmq: standardize tls params

- cacert -> ca_cert
- cert -> client_cert
- key -> client_key

* rackspace: verify_ssl -> validate_certs

* vca: verify_certs -> validate_certs

* kubevirt_cdi_upload: upload_host_verify_ssl -> upload_host_validate_certs

* lxd: standardize tls params

- key_file -> client_key
- cert_file -> client_cert

* get_certificate: ca_certs -> ca_cert

* get_certificate.py: clarify one or more certs in a file

Co-Authored-By: jamescassell <code@james.cassell.me>

* zabbix: tls_issuer -> ca_cert

* bigip_device_auth_ldap: standardize tls params

- ssl_check_peer -> validate_certs
- ssl_client_cert -> client_cert
- ssl_client_key -> client_key
- ssl_ca_cert -> ca_cert

* vdirect: vdirect_validate_certs -> validate_certs

* mqtt: standardize tls params

- ca_certs -> ca_cert
- certfile -> client_cert
- keyfile -> client_key

* pulp_repo: standardize tls params

remove `importer_ssl` prefix

* rhn_register: sslcacert -> ca_cert

* yum_repository: standardize tls params

The fix for yum_repository is not straightforward since this module is
only a thin wrapper for the underlying commands and config.  In this
case, we add the new values as aliases, keeping the old as primary,
only due to the internal structure of the module.

Aliases added:
- sslcacert -> ca_cert
- sslclientcert -> client_cert
- sslclientkey -> client_key
- sslverify -> validate_certs

* gitlab_hook: enable_ssl_verification -> hook_validate_certs

* Adjust arguments for docker_swarm inventory plugin.

* foreman callback: standardize tls params

- ssl_cert -> client_cert
- ssl_key -> client_key

* grafana_annotations: validate_grafana_certs -> validate_certs

* nrdp callback: validate_nrdp_certs -> validate_certs

* kubectl connection: standardize tls params

- kubectl_cert_file -> client_cert
- kubectl_key_file -> client_key
- kubectl_ssl_ca_cert -> ca_cert
- kubectl_verify_ssl -> validate_certs

* oc connection: standardize tls params

- oc_cert_file -> client_cert
- oc_key_file -> client_key
- oc_ssl_ca_cert -> ca_cert
- oc_verify_ssl -> validate_certs

* psrp connection: cert_trust_path -> ca_cert

TODO: cert_validation -> validate_certs (multi-valued vs bool)

* k8s inventory: standardize tls params

- cert_file -> client_cert
- key_file -> client_key
- ca_cert -> ca_cert
- verify_ssl -> validate_certs

* openshift inventory: standardize tls params

- cert_file -> client_cert
- key_file -> client_key
- ca_cert -> ca_cert
- verify_ssl -> validate_certs

* tower inventory: verify_ssl -> validate_certs

* hashi_vault lookup: cacert -> ca_cert

* k8s lookup: standardize tls params

- cert_file -> client_cert
- key_file -> client_key
- ca_cert -> ca_cert
- verify_ssl -> validate_certs

* laps_passord lookup: cacert_file -> ca_cert

* changelog for TLS parameter standardization
2019-03-28 00:19:28 -05:00
Slava Maslennikov
85d836171b Add a force_replace_host flag to win_domain_membership (#53542)
* Add a force_replace_host flag to win_domain_membership

Satisfies https://github.com/ansible/ansible/issues/53539

* Rework backticks

* Bump version_added

* Check for existence of current hostname as well; use LDAPFilter during search

* Rename $force_replace_host to $allow_existing_computer_account

* Added docs, porting guide and minor nit in code
2019-03-28 14:36:26 +10:00
Simon Westphahl
a44dfed570 Catch all request timeouts for winrm connection (#54104)
* Catch all request timeouts for winrm connection

The current implementation only catches 'ConnectTimeout' exceptions.
Instead we should catch 'Timout' which also catches ReadTimeout
exceptions.

Improves on: #51744

Co-Authored-By: westphahl <westphahl@gmail.com>

* Changelog for winrm error handling improvement
2019-03-28 13:44:49 +10:00
Jordan Borean
e2d2874d81
win_user_right - fix non json output issue (#54495) 2019-03-28 12:30:20 +10:00
Dag Wieers
e152b277cf Use locking for concurrent file access (#52567)
* Use locking for concurrent file access

This implements locking to be used for modules that are used for
concurrent file access, like lineinfile or known_hosts.

* Reinstate lock_timeout

This commit includes:
- New file locking infrastructure for modules
- Enable timeout tests
- Madifications to support concurrency with lineinfile

* Rebase, update changelog and tests

We need to specify ansible_python_interpreter to avoid running interpreter discovery and selecting the incorrect interpreter.

Remove the import of lock in known_hosts since it is not used.
2019-03-27 20:20:18 -04:00
Brian Coca
fee4a0df94
Handle errors correctly in rhn_channel (#54194)
* Handle errors correctly in rhn_channel

* also fail if required info is not available
2019-03-27 19:43:28 -04:00
Brian Coca
3637ce4538
Handle gracefully a bad module 'results' key (#53973)
* Handle gracefully a bad module 'results' key

  fixes #53962
2019-03-27 18:41:32 -04:00
Adam Miller
75d733afd2 Bugfix/52688 gcp compute missing image (#54468)
* adding (optionally) image information to inventory var
* add boot image mapping to gcp_compute instance data for all disk
image data in the configured zones

Signed-off-by: Adam Miller <admiller@redhat.com>
2019-03-27 17:14:20 -04:00
Brian Coca
f9876f3450 fixing gcp inv plugin (#54426)
* start fixing gcp inv plugin

* minor fixes

* added clog

* ajust comments

* link indv zone/project

* separate specific zone/project from other params

* restoring zones query per project

* also work when zones given

* fixed scopes, removed incorrect docs as not option
2019-03-27 11:13:39 -05:00
Kevin Breit
17fc6c6ff1 meraki_network - Parameter change for combined network type (#49160)
* Added support for types parameter
- Parameter is used to specify multiple network types

* Fix documentation

* Apply suggestions from code review

Co-Authored-By: kbreit <kevin.breit@kevinbreit.net>

* Reworked type parameter to be a list so types isn't needed

* Re-add tags documentation

* Fix documentation around compatibility

* Convert tags to list from string

* Add changelog fragment
2019-03-27 16:10:15 +01:00
James Cassell
92139a01df rename dellemc_idrac_firmware -> idrac_firmware (#54421) 2019-03-26 17:47:07 -04:00
James Cassell
51f2065df5 use ANSIBLE_ prefix on all ansible-defined env vars (#54272)
mark old version deprecated in all places referenced via docs
2019-03-26 17:43:48 -04:00
James Cassell
9040fa0235 openstack: add os module_defaults group (#54319) 2019-03-26 15:37:06 -04:00
Alan Rominger
461737e2da Allow using Azure rm legacy hostnames (#54060) 2019-03-26 15:28:21 -04:00
Anton Roman
1e3428a766 fix issue in random_mac filter with short prefixes (#53928) 2019-03-26 13:49:23 -04:00
Matt Martz
6996926d89
Expose loop_control.loop_var as ansible_loop_var (#54240)
* Expose the loop_var as ansible_loop_var

* Add docs

* fix assert test

* Indicate version added
2019-03-26 11:07:54 -05:00
Evan Kaufman
cf69ec5db0 replace - fixed combined before and after usage (#31452)
When using before and after in combination, the opposite behavior was induced. This PR makes the the replacement happen between the specified patterns as intended.

* Added integration tests
* Add changelog, porting guide entry, and minor doc fixes
2019-03-26 11:49:58 -04:00
Andrea Tartaglia
df86b9ec3d openssl_pkcs12: privatekey_path and friendly_name are not always required together (#54370)
* Removed required_together, updated tests

Since required_together: privatekey_path -> friendly_name, is not always
required it has been removed.
Updated openssl_pkcs12 integration tests to be in line with other
openssl_* modules, and added a test for export with no privatekey_path.

* linter fixes

* Removed cryptography from tests

* Added changelog fragment

* Removed non-necessary select_crypto_backend
2019-03-26 15:06:00 +00:00
Hannes Ljungberg
be293fbe50 docker_swarm_service: Remove configs and secrets defaults (#54361)
* Remove defaults

* Skip redundant casting

* Indentation fix

* Use generic compare functions

* Add tests for compare functions

* Remove extra whitespace

* Add changelog fragment
2019-03-26 09:45:40 -04:00
Sloane Hertel
54be769e8d fix AWS plugin credential precedence for environment variables (#52945)
* fix AWS plugin credential precedence for environment variables

* Allow aliases in direct plugins options

Consolidate precedence fix just in the doc fragment using aliases for mismatched options

* Access options with the option name rather than alias

* fix indentation

* update unit tests

* Improve readability
2019-03-25 16:53:11 -04:00
Felix Fontein
4fac91bed5 docker_container: add networks_cli_compatible option (#54198)
* Adding networks_cli_compatible option.

* Move network tests into own test file.

* Extend tests (for networks_cli_compatible=no).

* Adding tests for networks_cli_compatible=yes.

* There seems to be no way to create a container without at least one network attached.

* Integrate networks / purge_networks with comparisons.

* Speed up tests.

* Removing double dot.

* Add changelog.

* Use comparisons value only if the networks option has been specified. purge_networks on the other hand also removes networks if it has not been specified.
2019-03-25 15:06:21 -04:00
Felix Fontein
121990d8c5 openssl_dhparam: fix state=absent (#54296)
* Fix remove.

* Add changelog.
2019-03-25 12:00:20 -05:00
Abhijeet Kasurde
5db7501ebd
VMware: Change in update tag API (#54304)
Changed update tag API as per new changes.

Fixes: #53060

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2019-03-25 21:50:46 +05:30
Felix Fontein
d7a273273a openssl_*: proper mode support (#54085)
* Add write helper.

* Adjust modules (except openssl_certificate).

* Adding tests for mode (with openssl_privatekey).

* Add openssl_certificate support.

* Never, ever remove the output file before actually trying to generate new content for it.

Removal is only allowed when state=absent, or when the object has been regenerated and the result needs to be written to that place.

* Add changelog.

* Extend test.
2019-03-25 14:20:52 +01:00
Felix Fontein
534c833bb3 openssl_certificate: fix state=absent (#54298)
* Fix state=absent.

* Add changelog.
2019-03-25 13:07:28 +01:00
Felix Fontein
752db43b2d Rename return of docker_compose. (#54171) 2019-03-23 18:35:11 +00:00
Martin Krizek
bafa291af9 uri: do not write the file after failure (#53515)
* uri: do not write the file after failure

Fixes #53491

* Add changelog
2019-03-22 09:32:43 -05:00
Martin Krizek
63ea96d5f1 assemble: avoid extra newline on Python 3 (#54176)
Fixes #44739
2019-03-22 09:14:02 -05:00
Andrea Tartaglia
36a790dcde New cryptography backend for openssl_certificate (#53924)
* New cryptography backend for openssl_certificate

load_* functions in module_utils/crypto.py now have a backend paramter
which when set to 'cryptography' will return cryptography objects so
they can be used for both pyopenssl and cryptography backends.
Added a select_message_digest function too returning a cryptography
digest hash from `cryptography.hazmat.primitives.hashes`
Added new classes for Cryptography backend

* Run test with various backends.

* Prefixing tests.

* Make sure we have the correct backend available.

* Linting (flake8).

* Moved cryptography import to separate try/except

* Make sure certificate is actually valid at some time in the past.

* Improve error handling.

* Trying to fix validation for cryptography backend.

* Fixed issue with keyUsage test in assertonly

* Fixed CI/Lint issues

* Fix private key problem for OwnCA.

* Cryptography backend doesn't support v2 certs.

* issue an expired cert with command when using cryptography backend

* Added warning when backend is auto and v2 cert is requested

* Bumped min cryptography version to  1.6

* Correctly check for failure when backend is cryptography and cert is v2

* Use self.backend where possible

* Use secp521r1 EC when testing on CentOS6

* Fixed pylint issue

* AcmeCertificate support for both backends

* Review fixes

* Fixed missing '(' when raising error

* Fixed date_fmt loop

* Updated docs and requirements with cryptography

* Add openssl_certificate to changelog.
2019-03-22 13:21:23 +00:00
Christian Rohmann
90c092a104 Allow configuration of connection_limit per postgresql database (postgresql_db) (#40345)
Fixes #40060

* Fix coding style errors
* Use CONNECTION LIMIT (no underscore)
* From review done by amenonsen and bcoca - Set default at None, make the change detection less confusing
* Added EXAMPLE on how to apply a database specific connection limit
* Added some basic tests for conn_limit applied to a database
* Check that conn_limit has actually been set / updated to 200
* Add changelog fragment regarding postgresql_db conn_limit parameter
2019-03-22 18:21:39 +05:30
Felix Fontein
1a94cf140c openssl_publickey: fix handling of OpenSSH private keys with passphrase (#54192)
* Cleanup.
* Make sure that OpenSSH passphrases are handled correctly.
* Add changelog.
2019-03-22 16:15:55 +05:30
David Passante
aa32164d15 cs_volume: add volumes extraction and upload features (#54111)
* cs_volume: add volumes extraction and upload features

* cs_volume: Update doc, remove deprecated code

* cs_volume: Add unit tests for extract and upload features
2019-03-22 07:09:26 +01:00
Alexander Bethke
f9c7ccbb41 Fixes flatpak module to work with flatpak >=1.2.0, fixes #51485 (#51482)
* Fixes flatpak module to work with flatpak >=1.2.0, fixes #51481

This keeps backwards-compatibility for flatpak versions before 1.2.0

* Fixes typeo

Co-Authored-By: oolongbrothers <oolongbrothers@zeibar.net>
2019-03-21 15:57:41 +00:00
tcraxs
bb61d7527f #50877: add support to postgresql_privs to use "FOR { ROLE | USER } target_role" in "ALTER DEFAULT PRIVILEGES" (#51073)
* #50877:
* add support to postgresql_privs to use "FOR { ROLE | USER } target_role"
   in "ALTER DEFAULT PRIVILEGES"

* fix sanity errors

* #50877: fix documentation and add a check for correct usage
of target_roles

*  #50877: fix missing absent option for default privs with target_role

* #50877: add clear description, when target_roles can be used

* #50877: fix conflicts, formatting, and add a changelog fragment

* #50877: fix sanity error E335

* #50877: swap conditions and fix error to warning msg

*  #50877: add tests for default privileges

* #50877: fix tests for default privileges

* #50877: fix tests for default privileges on centos 6
2019-03-21 13:26:44 +00:00
René Moser
f885717f74 fix typo (#54166) 2019-03-21 10:08:54 +01:00
Felix Fontein
8d62794f91 docker: rename docker_*_facts -> docker_*_info (#54124)
* Rename docker_*_facts -> docker_*_info.

* Add changelog.

* Update scenario guide.
2019-03-21 08:37:18 +00:00
René Moser
c5609c51bf
include_tasks: fix traceback if no file specified (#54044) 2019-03-20 19:17:20 +01:00
Martin Krizek
0e28ab4528
Template run_once for handlers (#54030)
Fixes #27237
2019-03-20 14:46:19 +01:00
Brian Coca
d1a688b1d7
dict is dict (#54057) 2019-03-20 09:37:34 -04:00
Felix Fontein
05bca95ab1 ACME: rename acme_account_facts -> acme_account_info (#54082)
* Rename acme_account_facts -> acme_account_info.

* Add changelog fragment.
2019-03-20 13:21:28 +00:00
Hannes Ljungberg
7a3f9456ef docker_swarm_service: Make resolve_image default to false (#54018)
* Make resolve_image default to false

* Check resolve_image versions regularly
2019-03-19 18:58:51 -04:00
Felix Fontein
847a86beef docker_image: allow proxy config (#53905)
* Simplify checks.

* Add use_config_proxy option.

* Add changelog.

* Avoid docker-py crash.
2019-03-19 13:58:16 -04:00
Sorin Sbarnea
014cb73694 Facts: Use vm_stat instead of sysctl for free memory (#52917)
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2019-03-19 08:52:52 +05:30
Jordan Borean
7ab77f6c8a
win_psexec - support paths with a space (#54009) 2019-03-19 12:51:30 +10:00
Jordan Borean
cf24542e9f
win_get_url - fix glob like paths (#54008) 2019-03-19 12:01:35 +10:00
Jordan Borean
eb18df1a0f
win_certificate_store - fix glob like paths (#54007) 2019-03-19 11:49:25 +10:00
Jordan Borean
2f1bc34589
win_copy - fix glob like paths (#54006) 2019-03-19 11:22:17 +10:00
Jordan Borean
8a4079ddbf
win_find - fix glob like paths (#54005) 2019-03-19 10:30:11 +10:00
Jordan Borean
c053bc1fc7
win_file - fix glob like paths (#54003) 2019-03-19 09:20:33 +10:00
Felix Fontein
e00f315358 openssl_privatekey: add backup option (#53593)
* Add backup option to openssl_privatekey.

* Add changelog fragment.

* Make module available in remove().

* Add tests for backup.

* Update lib/ansible/modules/crypto/openssl_privatekey.py

Co-Authored-By: felixfontein <felix@fontein.de>

* Update lib/ansible/modules/crypto/openssl_privatekey.py

Co-Authored-By: felixfontein <felix@fontein.de>

* Update lib/ansible/modules/crypto/openssl_privatekey.py

Co-Authored-By: felixfontein <felix@fontein.de>

* Update lib/ansible/modules/crypto/openssl_privatekey.py
2019-03-18 16:34:47 +00:00
MonsieurBon
eb790cd3c6 Added support for iptables module iprange (#53732) (#53732) 2019-03-18 13:05:04 +00:00
Felix Fontein
50d56ca89d docker_image: stop pulling by default on build (#53911)
* Prepare to change default of build.pull from yes to no in Ansible 2.12.

* Specify build.pull.

* Add changelog.

* Fix bad indent.
2019-03-18 01:34:07 -04:00
David Passante
e62fc508ad cs_network_offering: Add choice list for supported_services in arg_spec (#53901) 2019-03-16 13:43:27 +01:00
Jordan Borean
980ca564ce
windows - Fix module utils with glob paths (#53835)
* windows - Fix module utils with glob paths

* fix link util tests when using DOS 8.3 paths
2019-03-15 19:44:53 +10:00
Jordan Borean
cac3c6efcf
win_chocolatey - Fix incompatibilities with latest Chocolatey release (#53841) 2019-03-15 16:40:30 +10:00
Jordan Borean
d00418c924
win_slurp - fix glob like paths (#53831) 2019-03-15 14:59:01 +10:00
Jordan Borean
d063cefb64
win_owner - fix glob like paths (#53830)
* win_owner - fix glob like paths

* Fix issues on older PS versions
2019-03-15 14:58:15 +10:00
Jordan Borean
3cfa71bff0
win_acl_inheritance - fix glob like paths (#53829) 2019-03-15 14:57:59 +10:00
Jordan Borean
aba6f5f50d
win_acl - fix glob file paths (#53828) 2019-03-15 14:57:41 +10:00
Jordan Borean
4f9de45785
win_tempfile - return absolute path on created temp file (#53827)
* win_tempfile - return absolute path on created temp file

* Fix tests for CI
2019-03-15 14:57:27 +10:00
Sam Doran
1e595493d9
User module - Check local database when local is specified in the task (#51088)
The output of pw.getpwnam() does not distinbuish between local and remote accounts. It will return a result if an account exists locally or in the directory. When local is set to True in the task parameters, look through the local password database explicitly.

* Ensure luseradd is present for tests
* Add docs and warnings about local mode
2019-03-14 22:16:53 -04:00
Sloane Hertel
87ebc56de6 Allow parent groups to be variables or literal (#53649)
* Allow parent groups to be variables or literal, requires {{ }}
* Check strict before failing on templating errors
* Don't add a group if an invalid parent group was provided
2019-03-14 14:22:18 -04:00
Brian Coca
e280f2f7b0
Try to get correct buffer size to avoid races (#53547)
* Try to get correct buffer size to avoid races

  fixes #51393

* fix test, mock buffer function since all is mocked
2019-03-14 11:04:56 -04:00
Matteo Ferrando
86405b8fe4 (postgresql_privs) accept 'ALL_IN_SCHEMA' objs for 'function' type (#35331)
* avoid using Postgres formatting function
* add tests for ALL FUNCTIONS IN SCHEMA
* documentation and changelog
* requested changes in tests
* fixed changelog
2019-03-14 20:21:05 +05:30
Felix Fontein
fbbab7429e docker_*: report more warnings (#53710)
* More warnings.

* Add changelog.

* Improve docstring.
2019-03-14 09:55:16 +00:00
Felix Fontein
35e7fb776a docker_image: improve usage (#52894)
* Add source option.

* Split force parameter into force_source, force_absent and force_tag.

* Move all build-related options into a suboption called build.

* Add changelog.
2019-03-14 09:46:38 +00:00
Matt Clay
f6d12fc918 Fix changelog entries using strings for sections. 2019-03-13 23:43:15 -07:00
Matt Clay
7f0e09aa31
Keep existing to_yaml behavior with pyyaml >= 5.1. (#53772)
In pyyaml versions before 5.1 the default_flow_style for yaml.dump
was None. Starting with 5.1 it is now False. This change explicitly
sets the value to None to maintain the original to_yaml behavior.

The change to pyyaml was made in the following commit:

507a464ce6
2019-03-13 16:43:26 -07:00
Brian Coca
42e6700a71 Undeprecate force handlers (#53705)
* removed deprecation notice, made comment instead

* remove noisy deprecation

* space
2019-03-13 15:45:52 -05:00
David Passante
244a9a83aa cs_iso: fix missing param "is_public" (#53740)
* cs_iso: fix missing param "is_public"

* add changelog fragment
2019-03-13 19:06:44 +01:00
Andrey Klychkov
d30879a0b7 postgresql_db - Handle pg_dump return code (#52985)
Handle return code return by pg_dump command

Fixes: #40424
2019-03-13 18:01:50 +05:30
Abhijeet Kasurde
f0ef4dae05
iptables: Add support for gateway parameter (#53465)
When user specifies the JUMP value to 'tee', gateway is required.
This fix adds new parameter 'gateway' to support this functionality.

Fixes: #53170

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2019-03-13 17:47:44 +05:30
Felix Fontein
c2cb82ec14 ACME: add support for IP identifiers (#53660)
* Adding support for IP identifiers according to https://tools.ietf.org/html/draft-ietf-acme-ip-05.

* Add changelog.

* Make sure that the authorizations return value is unchanged for CSRs with DNS-only SANs.

* Remove unneeded import.

* type -> identifier_type

* Python 2.6 compatibility.

* Fix unit tests.

* Add IP address normalization.

* Extend tests.

* Move data into fixtures.

* Adjust BOTMETA.
2019-03-13 10:16:56 +01:00
Felix Fontein
028facdfed acme_challenge_cert_helper: add support for IP identifiers (#53661)
* Add IP address identifier support to acme_challenge_cert_helper.

* Add changelog.

* type -> identifier_type.
2019-03-13 10:15:57 +01:00
Jason Witkowski
acdb4c3ede Fix min_size reference where type is None (#53669) 2019-03-12 21:31:03 -04:00
Jordan Borean
3d23e47c53
win_reboot - Fix rc validation when using psrp and add extra docs (#53711)
* win_reboot - Fix rc validation when using psrp and add extra docs

* Revert boot time command and fix docs
2019-03-13 10:43:02 +10:00
Brian Coca
b793f08a92
fixes for stripping (#52930)
function changed to do in place replacement, should be less expensive even with copy as it avoids 'sub copies', can compose with module_args_copy to create replacement for old behavior

  attempt to fix #52910

* handle lists and subdicts correctly
* added  missing exception case, which was not noticed since 'cleaning' was not working
* added comments to clarify exceptions
2019-03-12 18:18:38 -04:00
Brian Coca
a8eb25ac14
clear all loader caches with new dir for plugin (#53413)
* clear all loader caches with new dir for plugin

  fixes #17078

* added toggle to revert behaviour
2019-03-12 16:19:56 -04:00
Martin Krizek
e0a7f01f0b
Add changelog for #53552 (#53695) 2019-03-12 19:09:07 +01:00
Matt Martz
77217fdd24
Fix checksum file parsing in get_url (#53685)
* Fix checksum file parsing. Fixes #48790

* guard invalid int conversion

Co-Authored-By: sivel <matt@sivel.net>

* Remove extra newline
2019-03-12 12:39:02 -05:00
Brian Coca
3e52a6a693
Overridable safety (#53458)
* create overridable sanitation function
* now used in aws, gce and azure plugins
* added new option to these plugins to work in conjunction with general toggle to make it easier
  to emulate inventory script behavior.
2019-03-12 12:03:20 -04:00
Matt Martz
e9f9bcae6a
Don't raise AnsibleConnectionFailure if the ssh process has already died. (#53534)
* Don't raise AnsibleConnectionFailure if the ssh_process has already died. Fixes #53487

* Better support for file not found messages

* Add changelog fragment
2019-03-12 10:41:30 -05:00
Sloane Hertel
4172d68dc3 use composed vars in constructed groups (#53152)
* changelog

* combine provided variables and host vars inside of constructing groups to take into account composed variables

let composed variables "win"

* fix whitespace

* Allow user to control hash behavior
2019-03-11 12:43:31 -04:00
Glandos
d784b77cb4 Remove dependency to psycopg2 with dump/restore (#53323)
* Remove dependency to psycopg2 with dump/restore

'dump' and 'restore' state only need pg_dump and pg_restore. These tools
don't use psycopg2 so this change tries to avoid the use of it in these
cases.

The db_exists test was replaced with an error detection when piping to
compression program, using a FIFO file. This effectively reverts #39483,
that was a fix for #39412.

* Fix typo

* Add changelog fragment

* Add note for dump and restore not requiring psycopg2

* Fix YAML syntax

* Update lib/ansible/modules/database/postgresql/postgresql_db.py

Co-Authored-By: Glandos <bugs-github@antipoul.fr>
2019-03-11 14:38:14 +00:00
Felix Fontein
3117900b1e docker_container: show warnings, fix/improve tests (#53440)
* Output warnings from docker daemon on container create and update.

* Accept warning for blkio_weight instead of idempotency.

* Value quoting.

* Avoid loop variable conflict.

* Add changelog.

* Make one test case faster.

* Add 'Docker warning: ' prefix.

* Add a generalized warning reporting function.
2019-03-11 19:04:06 +10:00
Hannes Ljungberg
7bb174214c docker_swarm_service: Add option rollback_config (#53594)
* Add rollback_config

* Add change log fragment

* Fix broken test

* Actually fix broken tests

* Add rollback_config example

* Default rollback_config as None

* Abort early if rollback_config does not exist
2019-03-11 18:55:41 +10:00
Jordan Borean
830a11dd38
test: optimize win_psmodule tests (#53431) 2019-03-11 05:43:21 +10:00
Hannes Ljungberg
57f706e5a0 docker_swarm_service: Extend mount options (#53559)
* Add mount options

* Remove mount readonly default

* Fix driver_config test

* Add documentation

* Add changelog fragment

* Properly indent tmpfs_ options

* Use correct service suffix for mount tests

* Check for None value on tmpfs usage check

* Document change of mounts.readonly return key

* Use correct change log type

* Really use correct change log type

* Revert changing mount.readonly to read_only
2019-03-09 14:35:57 -06:00
Felix Fontein
c75da35595 Removing a swarm node does not work with docker-py < 2.4.0, since it calls client.inspect_node(). (#53565)
For the same reason, docker_node requires docker >= 2.4.0.
2019-03-09 14:28:04 -06:00
Matt Clay
2c59d88154 Fix yamllint issue. 2019-03-08 22:42:19 -08:00
Matt Clay
0c4785720d Add extensions to changelog fragments. 2019-03-08 22:42:19 -08:00
Matt Clay
5c866fc17e Move fragment to correct location. 2019-03-08 21:38:53 -08:00
Adam Miller
7b98ff6a31 fix pkg name nevra parsing regex in dnf (#53572) 2019-03-08 20:53:46 -08:00
Jason Witkowski
be39e757e3 apply node_id parameter to swarm node removal (#53503) 2019-03-08 15:58:34 -05:00
Matt Martz
414440e323
Allow dict2items to work with hostvars (#53538) 2019-03-08 14:36:53 -06:00
Brian Coca
90bcff3d92
allow nontype configdata (#53365) 2019-03-08 13:03:46 -05:00
Felix Fontein
caf7fd2245 openssl_*: improve passphrase handling for private keys in PyOpenSSL (#53489)
* Raise OpenSSLBadPassphraseError if passphrase is wrong.

* Improve handling of passphrase errors.

Current behavior for modules is: if passphrase is wrong (or wrongly specified), fail.
Current behavior for openssl_privatekey is: if passphrase is worng (or wrongly specified), regenerate.

* Add changelog.

* Add tests.

* Adjustments for some versions of PyOpenSSL.

* Update lib/ansible/modules/crypto/openssl_certificate.py

Improve text.

Co-Authored-By: felixfontein <felix@fontein.de>
2019-03-08 16:21:18 +00:00
Sam Doran
1d91e03119
Ensure Clear Linux parsing is actually parsing a Clear Linux host and all others fall back to NA (#53298)
Fixes a bug where parse_distribution_file_ClearLinux() was called on CoreOS (and probably many other distros) and it returned True since it successfully parses the distribution file. Since this file exists on many Linux distributions and they are a very similar format, add an additional check to make sure it is Clear Linux.

Change the order in which distribution files are processed so NA is last. This prevents a match on CoreOS hosts since they also have /etc/os-release and the called matching function for NA is very general and will match CoreOS.

* Add changelog

* Add unit tests

Only add tests for Clear Linux parsing since that was the cause of this issue.
2019-03-08 10:40:49 -05:00
Bartosz Licheński
6e198487c9 postgresql_privs: Support FOREIGN DATA WRAPPER and FOREIGN SERVER (#38803)
* Support FOREIGN DATA WRAPPER and FOREIGN SERVER in postgresql_privs module
* Added available from note to fdw and fs object types
* Integration tests, examples in documentation
* Complete integration tests
2019-03-08 14:51:03 +05:30
Hannes Ljungberg
f5faf8211d docker_swarm_service: Add read_only option (#53482)
* Add read_only option

* Add changelog fragment

* Add version_added

* Fix broken test
2019-03-08 03:34:49 -05:00
Jakob Ackermann
13ab9a61a8 [docker_image] fix the changed state for tagging and pushing (#53451)
* [docker_image] fix the changed state for tagging and pushing

Signed-off-by: Jakob Ackermann <das7pad@outlook.com>

* [docker_image] add tests for (force) tagging and force pushing

Signed-off-by: Jakob Ackermann <das7pad@outlook.com>

* [docker_image] add a news fragment for the fixed force tag/push behavior

Signed-off-by: Jakob Ackermann <das7pad@outlook.com>
2019-03-08 08:28:42 +00:00
Timo Runge
b45b599433 Fix for "AttributeError: 'module' object has no attribute 'cursors'" (#49191) (#53445)
* Fix for "AttributeError: 'module' object has no attribute 'cursors'" (#49191) (#1)

* Fix for "AttributeError: 'module' object has no attribute 'cursors'" (#49191)

* Adding changelog fragment for issue #49191 and the following PR.

* Update lib/ansible/module_utils/mysql.py

Co-Authored-By: timorunge <timorunge@users.noreply.github.com>
2019-03-08 08:21:56 +00:00
S
3bc474bf99 Fixed win_file crash with hidden files (#52584)
* Fixed crash with hidden files

added "-force" parameter on "Get-Item" cmdlet. this is needed to get file info if the file is "hidden" 
without this option modules like win_file, win_template, win_copy crashes on hidden files. this is because with "test-path" it sees that the file exists, but "get-item" can't get the file info. 
for more information on "-force option": https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.management/get-item

* Add changelog and integration tests

* fix tests for older Windows versions
2019-03-08 15:32:32 +10:00
Abhijeet Kasurde
a5d3647eca
include_vars: include main.yml (#51926)
Enhance the conditional check to include main.yml if it is not
from 'role/vars/'

Fixes: #29135

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2019-03-08 10:03:01 +05:30
synical
f470736476 ipa_dnsrecord: Add SRV and MX record type (#42482)
* Add dnsrecord_show method for supporting base domain record
* Replace dnsrecord_show with conditional in dnsrecord_find
* Added changelog entry for MX and SRV

Signed-off-by: synical <sjohnsondot@gmail.com>
2019-03-08 09:48:00 +05:30
Jordan Borean
8ef2e6da05 Add support for Windows hosts in the SSH connection plugin (#47732)
* Add support for Windows hosts in the SSH connection plugin

* fix Python 2.6 unit test and sanity issues

* fix up connection tests in CI, disable SCP for now

* ensure we don't pollute the existing environment during the test

* Add connection_windows_ssh to classifier

* use test dir for inventory file

* Required powershell as default shell and fix tests

* Remove exlicit become_methods on connection

* clarify console encoding comment

* ignore recent SCP errors in integration tests

* Add cmd shell type and added more tests

* Fix some doc issues

* revises windows faq

* add anchors for windows links

* revises windows setup page

* Update changelogs/fragments/windows-ssh.yaml

Co-Authored-By: jborean93 <jborean93@gmail.com>
2019-03-07 16:38:02 -08:00
Hannes Ljungberg
3d07e7241a docker_swarm_service: Documentation fixes (#53479)
* Document and validate mode choices

* Update examples

* Test cpu float values

* Test correct option

* Fix module return sample

* Add secrets and user to module return value

* Order options alphabetically

* Add changelog

* yaml indentation

* Revert "Order options alphabetically"

This reverts commit 51dabccda7930b707d5683670af7f89a68aeb577.

* Be consistent with choices type
2019-03-07 16:51:59 -06:00
Jordan Borean
008db85d44
win_domain: fix issue when running without credential delegation (#53480)
* win_domain: fix issue when running without credential delegation

* Add check for reboot is required to complete role e install

* Fix changelog sanity issue

* removed meta file accidentally committed
2019-03-08 08:44:12 +10:00
Jordan Borean
072fa54b50
win reg - Support special chars in path (#53305)
* win reg - Support special chars in path

* Added deprecation warning for path separators
2019-03-08 05:41:52 +10:00
Matt Martz
728970232e
Properly quote the username to support usernames with spaces (#53420) 2019-03-07 11:47:33 -06:00
Felix Fontein
b2e992cecd openssl_csr: improve subject validation (#53198)
* Improve subject field validation.

* Add country name idempotency test.

* Add failed country name test.

* Add changelog.
2019-03-07 15:29:35 +00:00
Matt Martz
264d9a9008
Allocate an explicit stdin in async_wrapper (#53410)
* add changelog fragment

* Add stdin async test

* Allocate an explicit stdin in async_wrapper. Fixes #50758
2019-03-07 09:28:44 -06:00
James Cassell
e55e8fe2c4 regex_escape: support POSIX basic regex (#50327) 2019-03-07 08:51:19 -05:00
Hannes Ljungberg
c563caf451 docker_swarm_service: Set minimum docker-py version to 2.0.2 (#53295)
* Fix version checks in tests

* Set minimum version to 2.0.2

* Networks can only be updated >= docker-py 2.7

* Constraints require docker-py 2.4.0

* Healthchecks require docker-py 2.6.0

* Properly run tests different docker_py_versions

* Add changelog fragment

* Specify lowest version on placement.constraints

* Fix running new tests on older docker-py

* Handle different hosts formats returned by docker

* FIx test naming

* Quote str options

* secrets options require docker-py 2.4.0
2019-03-06 20:50:05 +00:00
Sloane Hertel
9687879840
Fix inventory cache interface (#50446)
* Replace InventoryFileCacheModule with a better developer-interface

Use new interface for inventory plugins with backwards compatibility

Auto-update the backing cache-plugin if the cache has changed after parsing the inventory plugin

* Update CacheModules to use the config system and add a deprecation warning if they are being imported directly rather than using cache_loader

* Fix foreman inventory caching

* Add tests

* Add integration test to check that fact caching works normally with cache plugins using ansible.constants and inventory caching provides a helpful error for non-compatible cache plugins

* Add some developer documentation for inventory and cache plugins

* Add user documentation for inventory caching

* Add deprecation docs

* Apply suggestions from docs review

* Add changelog
2019-03-06 12:12:35 -06:00
Brian Coca
b94bfed1a6
scan_packages: made adding package managers easier (#49079)
* made adding package managers easier

  added portage support

* moar pkg mgrs and moar info

 - added 'pkg' pkg manager (freebsd)
 - added pip
 - more apt info

* updated clgo

* Updates from feedback

Co-Authored-By: bcoca <bcoca@users.noreply.github.com>

* incorporated more feedback and added docstrings

* moar from feedback

  - made manager list dynamic and names based on class
  - better not found msg
  - made abstract metaclass again
  - test is now init exception
  - module to global
  - better dedupe comments

* more targetted errors/warnings

* added strategy, reordered to conserve priority

* rpm > apt

* move break to top

* fix trate

* piping it

* lines and meta

* refactored common functions

 - moved pip into it's own module
 - cleaned up base clases
 - ensure 'lower' match in package_facts

* missing license

* avoid facts

* update clog

* addressed feedback

* fix clog

* cleanup

* upd

* removed pip as that was removed

* renamed cpan

* added a single line since 2 lines are needed to be

readabnle instead of just 1 line, it is a huge problem otherwise

* fix internal ref

* not intended in this round

* updated as per fb
2019-03-06 12:29:51 -05:00
Brian Coca
d241794daa
Add toggle to control invalid character substitution in group names (#52748)
* make add_group return proper name
* ensure central transform/check
* added 'silent' option to avoid spamming current users
  those already using the plugins were used to the transformations, so no need to alert them
* centralized valid var names
* dont display dupes
* comment on regex
* added regex tests
  ini and script will now warn about deprecation
* more complete errormsg
2019-03-06 11:49:40 -05:00
Andrea Tartaglia
5c6b16edc3 Fix ec2_instance eventual consistency when wait: false (#51885)
* Do not return 'instances' when wait is false

* Added integration tests for wait: false

* Added changelog fragment

* Fix test suite to work with ec2_instance

* Additional permissions
* Enforce boto3 version
* Fix broken tests
* Improve error messages

* fix linter issues
2019-03-06 22:46:37 +10:00
Tad Merchant
b979b26a74 Add launch type to ecs task (#49081)
* adds fargate launch_type to ecs_task module

* White space changes

* fix documentation for running ecs task on fargate

* remove extraneous example from ecs_task

* White space changes

* Adds changelog fragment

* Pluralize minor_changes in changelog fragment

* Add Stop and Start task permissions
2019-03-06 22:40:32 +10:00
Felix Fontein
61abbfc269 docker_swarm_service: rename return variable to swarm_service (#53229)
* Rename return variable to swarm_service.

* Add changelog.

* Add that old name will stay in Ansible 2.7.x.
2019-03-06 10:27:11 +00:00
Brian Coca
7a0b4a5117
Allow user to control output of verbose messages (#52948)
to stdout (default) or stderr
2019-03-05 16:08:15 -05:00
Brian Coca
949ddb48c0
make debconf compare apples to apples (booleans) (#53331)
hope to fix #25481
2019-03-05 16:03:54 -05:00
Jordan Borean
6b294eab4d
win_dsc - Add argument validation and other fixes (#53093)
* win_dsc - Add argument validation and other fixes

* Fix doc issues
2019-03-06 06:49:37 +10:00
Brian Coca
853a65eead
made chroot exe configurable (#53147)
* made chroot exe configurable

 fixes #53146

* added default for executable
2019-03-05 15:48:31 -05:00
Hannes Ljungberg
7a130d5446 docker_swarm_service: Add hosts option (#53290)
* Add hosts option

* Add changelog fragment
2019-03-05 18:59:49 +00:00
Alan Rominger
56e3597856 Add keyed_groups feature (#52045)
This implements:
- Allow creating keyed group parents
2019-03-05 12:34:34 -06:00
Felix Fontein
8c628c9b2c Simplify docker_*_facts return names (#51939)
* Simplify docker_*_facts return names.

* Adjust regular return values of modules to match style of docker_*_facts modules.
2019-03-05 16:09:00 +00:00
Hannes Ljungberg
139abd0849 docker_swarm_service: Add option groups (#53213)
* Add logging option

* Add limits option

* Add reservations option

* Add restart_config option

* Add update_config option

* Add placement option and remove placement_preferences

* Yaml indentation

* Use correct PR number for change log

* Handle grouper fallbacks better

* Add removed_in_version to argument spec

* Fix broken suboption usage check

* Reduce duplicate deprecated option tests

* Clearer deprecation documentation

* Compare bytes with MiB

* Use correct test service suffix
2019-03-05 16:07:27 +00:00
Felix Fontein
628326b879 openssl_csr: improve invalid SAN error messages (#53201)
* Improve invalid SAN error messages.

* Add changelog.
2019-03-05 16:07:07 +00:00
Felix Fontein
07fcb60d55 Python 2: accept both long and int for type=int (module options) (#53289)
* Added unit test
2019-03-05 09:39:03 -05:00
Viktor Utkin
b2a7561a7f [win_get_url] feature: Add support checksum to module win_get_url (#51986)
* set valid_until equal to current time + spot_wait_timeout

* Add checksum check for downloaded file.

* refactoring

* fix typo

* add fixes

* mart try,catch handling

* revert lib/ansible/modules/cloud/amazon/ec2.py from upstream

* refactoring

* remove empty lines

* add checksum verification for existing file

* fix current file check

* refactoring destination file check

* add handling exceptions

* refactoring

* Added download file hash data from url

* fix string aligning

* fix bug with uri

* Added get hash from multy-string file

* Added URI support for checksum file location

* refactoing

* Remove any non-alphanumeric characters for hash from url

* fix discussions; add support for PS3

* refactoring

* add size return value

* checkout from upstream for lib/ansible/modules/cloud/amazon/ec2.py

* add Ansible.ModuleUtils.Legacy support; refactoring

* Copyright added

* Checking files size before and after downloading added.

* remove unused code

* Corrected regexp for dotted slashed file name prefix in hash-file

* hotfix typo error; add int tests

* remove legacy module support; split checksum to checksum, checksum_algorithm, checksum_url

* changed default hash algorithm

* Fixed case for ContentLength = -1

* Old comment removed

* fix typo

* Remove file size check before downloading

* add alias to ; fix tests

* adjust tests; fix lint warnings from PSScritpAnalyzer

* workaround for bug in win_chocolatey module on win2008

* remove win_get_url.ps1 from /test/sanity/pslint/ignore.txt

* add checksum_algorithm as retuen value

* first normalise before return Result

* resolve discussions

Signed-off-by: Viktor Utkin <viktor.utkin7@yandex.ru>

* fix discussions
fix http tests as discussed

* fix last discussions

* Reduce code duplication and add idempotency check

* fix sanity issue and remove testing code

* move back to using tmp file for checksum comparison
2019-03-05 20:37:00 +10:00
Abhijeet Kasurde
d39f35c1d6
assert: allow list of strings in msg or failed_msg (#50531)
Added check for assert module for msg and failed_msg as a list or string types.

Fixes: #48547

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2019-03-05 11:12:17 +05:30
Jordan Borean
b74295d25f
win_chocolatey - add ability to pin a package (#53157)
* win_chocolatey - add ability to pin a package

* fix typoe in changelog fragment
2019-03-05 14:18:42 +10:00
Jordan Borean
be7768efc7
win_chocolatey_source - fix state=disabled with no source (#53097) 2019-03-05 14:18:00 +10:00
Jordan Borean
ae24bbff4a winrm - try and recover from a send input failure (#53187) 2019-03-04 17:31:00 -08:00
Felix Fontein
6249bb8ea4 openssl_certificate: make sure extensions are present when they are queried by assertonly (#53207)
* Make sure extensions are present when they are queried by assertonly provider.

* Add changelog.
2019-03-05 00:09:48 +01:00
Sloane Hertel
4cf7854ca3
If the private_ip has been provided for the new network interface it shouldn't also be added to top level parameters for run_instances (#52579)
changelog
2019-03-04 12:55:37 -06:00
Martin Krizek
239fb1f68d yum/dnf: Add download_dir param (#53171) 2019-03-04 13:08:58 -05:00
Felix Fontein
8e26c2dfbe docker_swarm: support older docker-py versions (#53129)
* Decreasing docker_swarm requirements.

* Fixing docker-py / docker API version requirements, and some comments.

* Add changelog.

* Only send parameters specified by user to docker daemon.

* Extend labels test: not specifying == keep labels.

* Bump minimally required docker-py version for docker_node and docker_node_facts to 2.4.0.

* Prevent crashing when publish or healthcheck is not provided.

* Similarly to docker_swarm tests, only execute docker_node tests on real VMs and restart docker daemon when tests are done.
2019-03-04 12:10:09 +01:00
Andrea Tartaglia
d5d92e4a70 openssl_certificate, fixed has_expired to check the cert expiration date (#53168) 2019-03-02 00:37:28 +01:00
Martin Krizek
66eb301cd3 profile_tasks: Fix last task time with multiple plays (#53065) 2019-03-01 10:29:33 -05:00
Sloane Hertel
8a02f894a6 replace uses of sort_json_policy_dict with compare_policies (#52943)
* replace uses of sort_json_policy_dict with compare_policies which is compatible with Python 3 and remove sort_json_policy_dict from the AWS guidelines since it only works on Python 2

* Sort any lists containing only strings

* Sort the original policy too
2019-02-28 17:09:00 -05:00
Sam Doran
1c87ea6fa6 Reboot - add parameter for paths to search for shutdown command (#51194)
* Look in /lib/molly-guard for shutdown command

Signed-off-by: Sam Doran <sdoran@redhat.com>

* Add parameter for extra_search_paths

Signed-off-by: Sam Doran <sdoran@redhat.com>

* Change option to search_paths

- Update docs
- Make the parameter replace the default values
- Add some sanity checking on the data type

Signed-off-by: Sam Doran <sdoran@redhat.com>

* Correct parameter in tests, change conditional for molly-guard tasks

Signed-off-by: Sam Doran <sdoran@redhat.com>

* Address feedback

* Simplify field validation

Needed the try except in case a non-iterable type is put in the search_paths field
2019-02-28 13:36:33 -08:00
Jiri Tyr
7739b5e96c Last two fields in fstab are optional (fixes #43855) (#43941)
* Last two fields in fstab are optional
* Add changelog
2019-02-28 14:09:30 -05:00
Brian Coca
55dc63be3a
properly convert inputs to handle bytes/unicode (#53072)
* properly convert inputs to handle bytes/unicode

  fixes #52186

* Update changelogs/fragments/nmap_bytes_fix.yml

Co-Authored-By: bcoca <bcoca@users.noreply.github.com>
2019-02-28 11:51:15 -05:00
rwagnergit
d2bdbadb03 adding quiet option to assert (ansible#27124) (#52032)
* adding quiet option to assert (ansible#27124)

* adding doc for quiet to assert.py

* fixing PEP8 failure

* improving example

* improving docs

* adding changelog fragment

* adding . at end of descriptions

* removing trailing blank line

* adding integration test for assert

* fixing CI complaints

* disabling gather_facts in quiet.yml test

* rerunning to capture skip

* cleaning up python 2 vs 3

* following rebase

* fixing CI complaints

* fixing CI complaints

* fixing CI complaints

* fixing CI complaints

* fixing CI complaints
2019-02-28 10:25:41 -05:00
Chuck Douglas
0e9a79a589 Change the retry_files_enabled to False and modify the comments to reflect that this has been disabled (#52581)
* Change the retry_files_enabled to False and modify the comments to reflect that
this has been disabled.

* Change the default action of retry_files_enabled to False

* Update porting guide to reflect change in default state of retry_files_enabled variable

* Change log documenting a change in default behaviour of retry_files_enabled

* Revert config change to comment out the retry_files_enabled line to let the user decided what is best.
Comment above still states how to change.
2019-02-28 10:13:26 -05:00
Andrey Klychkov
cf05429b3c postgresql_privs change fail to warn if role(s) does not exist (#52574)
* postgresql_privs change fail to warn if role does not exists

* postgresql_privs change fail to warn if role does not exists: fix sanity

* postgresql_privs change fail to warn if role does not exists: add changelog fragment

* postgresql_privs change fail to warn if role does not exists: fixes

* postgresql_privs change fail to warn if role does not exists: added fail_on_role param
2019-02-28 14:39:08 +01:00