* Warn of standard behavior of 'default' key store
The default key store typically results in the key being stored as user. In instances where we're trying to install a cert to enable SSL binding in IIS, this will result in an unbind-able cert, as the IIS APPPOOL identity will not be able to read the private key, and presents a very cryptic error of 'A specified logon session does not exist'.
* specify what's required for successful iis import
- store_location's default value is currently 'LocalMachine' but if this changes it could result in the documentation being inaccurate
- key_exportable is not required for a successful IIS import
Co-Authored-By: tdietrich513 <tom.dietrich@gmail.com>
(cherry picked from commit 2b48c0187c)
* [stable-2.7] openstack: fix parameter handling when cloud provided as dict (#42899)
* openstack: fix parameter handling when cloud provided as dict
If a cloud is provided as dictionary:
* Do not assert that 'interface' parameter is None. Instead,
assert that it is 'public'.
* Assert that 'auth_type' parameter is not set.
Fixes#42858
* os_user: Include domain parameter in user lookup
If a "domain" parameter is provided, use it in looking up
whether the user already exists.
Fixes#42901
* os_user: Include domain parameter in user deletion
If a "domain" parameter is provided, use it in deleting
the user also.
Fixes#42901
(cherry picked from commit e25dac9)
Co-authored-by: Carsten Koester <carsten@ckoester.net>
* Add changelog for openstack fixes
* docker_swarm: fix minimal API version (#49691)
* Reduce minimally required docker API version to 1.25, with selective features requiring 1.30.
* Adjust test requirements.
* Forgot some imports.
(cherry picked from commit 495a426039)
* Add changelog for docker swarm minimum api fix
* ensure idempotency for user set to None
* Update `user` documentation and add changelog fragment
* clarify changelog fragments and parameters documentation
* use restructuredtext syntax in changelog fragment
(cherry picked from commit b183eb4464)
* Fix for #49363
* Replaced str() with to_text() as more python version safe
* Changed to comply to errors stragegy
(cherry picked from commit 64636d9de0)
* fix: ensure than all item of a list of excluded files aren't checked (#45122)
* fix: ensure than list of excluded files aren't checked
* test: exclude a list of files
(cherry picked from commit 4f9f1754b4)
* added changelog
When the user specified caching plugin doesn't initialize correctly, we
were falling back to a dict. however, dicts do not have the same
update() method as the FactCache. We use the update method when we
update a cache with a subsequent value. So when that combination of
things happened, the code would traceback.
In devel, we made this change to fix things: https://github.com/ansible/ansible/pull/49516
but that involves several deprecations. So we're doing this smaller
hack in 2.7 to fix the traceback without introducing those deprecations
in a stable release.
* Add passlib to RHEL test instance
This looks like the only tests instance that is missing this libary. It is needed for vars_prompt tests.
* Create setup roles for pexect and passlib
Switch to using aliases rather than installing directly in the test scripts
(cherry picked from commit 96c2375692)
* create local subversion server for tests
* fix sanity issues
* don't touch system config when bringing up site
* removed original setup files
* fix opensuse config
(cherry picked from commit 0420d606de)
* Support version 3 of the redis python library. Fixes#49341
* Document 2.4.5 minimum redis-py version
(cherry picked from commit 77de219)
Co-authored-by: Matt Martz <matt@sivel.net>
* Fix for changes in clearlinux
clearlinux is now providing /etc/os-release file and ansible is identifying as NA
then this change allow ansible to find it
Signed-off-by: Josue David Hernandez Gutierrez <josue.d.hernandez.gutierrez@intel.com>
* Add changelog fragment for clearlinux changes
Signed-off-by: Josue David Hernandez Gutierrez <josue.d.hernandez.gutierrez@intel.com>
(cherry picked from commit 6d42c5020a)
There are several services e.g. vmware-fdm, which does not have package name and
package description which will raise a error if queried for.
(cherry picked from commit b3b65d16b8)
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Fix win_nssm credentials quoting
Fix credential quoting for win_nssm after changes to the way nssm command is invoked in Ansible 2.7.1.
* Updating nssm command to update credentials to use Argv-ToString to properly escape password variable.
* Adding changelog fragment for fix of #48728.
(cherry picked from commit 15c5dbcc20)
This change address a problem where the dict_merge function would fail
due to the value being a nested dict. This will now recursively pass
the value back through the dict_merge function.
Merge to devel https://github.com/ansible/ansible/pull/41107
(cherry picked from commit 2a4be2748f)
Update changelog
Fix review comments
Different connection plugins return different data when throwing exceptions. The Paramiko connection plugin does not return a text sting, which caused an exception.
The ssh connection plugin returns multi-line errors, which makes the debug logs harder to read. Only return the last line in that case in order to make the logs more readable.
When experiencing a connection failure, reset the connection.
Add reset() to paramiko_ssh
Indicate thet conection state is False when running close(). This is needed by the ensure_connected() decorator to work properly.
Co-authored-by: Matt Martz <matt@sivel.net>
(cherry picked from commit 5eb7f5781e)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* VMware: Fix module usages in module_utils
* Skip test for Python 2.6 as SSL context is not available in Python 2.6
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 1b04571ea0)
-Add: Mention bitbucket dropping TLSv1 and TLSv1.1 support as per 01 Dec 2018, potentially causing issues with older clients.
(cherry picked from commit a6db7f7abd)
Co-authored-by: Xaroth <xaroth+github@xaroth.nl>
* Revert back to getting the AWS role name from the URI with a small change (#49113)
- The role name and instance profile name _can_ be different
- Change the delimiter to `:` for keys that are discovered through the JSON parsing (which is not a valid delimiter for AWS IAM role names), this delimiter is still converted to underscore
- Now checks for the existence of that delimiter to remove the cases where the JSON keys are appended to the role name to find the role name
(cherry picked from commit ff9b86f560)
* Changelog update