Commit graph

14378 commits

Author SHA1 Message Date
Toshio Kuratomi
22c9428776 eval() should be avoided when at all possible
eval can have security consequences.  It doesn't look bad here but it
does introduce unnecessary complexity and would make it harder if we
ever want to use static analysis to detect and prohibit eval.  So we
should get rid of it.

Note: this could be even more efficient if we combined the checks into
a single condition instead of looping but that does change the error
messages a bit.  For instance:
-        for arg in ('name', 'linode_id'):
-            if not eval(arg):
+        if not (name and linode_id):
+            module.fail_json(msg='name and linode_id are required for active state')
2017-01-05 10:41:49 -08:00
Samuel Boucher
ed624876d1 Update atomic_image.py (#19756)
Doc update typo
2017-01-05 10:33:05 -08:00
Dag Wieers
e1fe403075 Inform user that the yum metadata cache remains (#19753)
This PR improves the documentation so that it is clear that this module does
not clean the repository metadata cache on removal, and add an example
notification handler to the removal example as an extra reminder.

This fixes #19730
2017-01-05 10:30:37 -08:00
Dag Wieers
9ddcf16b4b vmware_guest: add support for more virtual NICs (#19932)
This patch adds support for all other virtual NICs, including:

 - pcnet32
 - vmxnet2
 - e1000e
 - sriov

Without this change, VMs with one of these NICs will fail with a
fault.NicSettingMismatch.summary error as it will only add interfaces,
not edit these.

This fixes #19860
2017-01-05 18:16:21 +01:00
Tyrone Tudehope
38d42e8b36 module is a property of the global object client (#19744)
Fixes #5466
2017-01-05 08:59:30 -08:00
René Moser
cb8cc51fdf cloudstack: new module cs_host (#19331) 2017-01-05 16:28:42 +01:00
Ted Timmons
12495e4b42 New module: aws_kms for managing access grants on AWS KMS keys (#19309)
New module by @tedder for handling granting/revoking access to KMS secrets. 

For example:

```
- name: grant user-style access to production secrets
  kms:
  args:
    mode: grant
    key_alias: "alias/my_production_secrets"
    role_name: "prod-appServerRole-1R5AQG2BSEL6L"
    grant_types: "role,role grant"
```
2017-01-05 09:42:59 -05:00
Peter Sprygada
5a14f1d705 adds new module ios_system (#19916)
adds new module ios_system
2017-01-05 09:02:29 -05:00
Toshio Kuratomi
cd2516bf8d Revert "Revert "Add --installroot to YUM and DNF modules, issue #11310""
This reverts commit b73ddd5212.
2017-01-05 00:24:20 -08:00
Matt Clay
b73ddd5212 Revert "Add --installroot to YUM and DNF modules, issue #11310" 2017-01-05 00:14:33 -08:00
Peter Sprygada
1c16c1db2b adds new module ios_vrf (#19915)
adds new module ios_vrf
2017-01-04 23:34:51 -05:00
Peter Sprygada
d182b271db updates netcfg and refactors Config class (#19920)
* refactors Config into network module
* fixes minor bugs with netcfg
2017-01-04 23:23:08 -05:00
Peter Sprygada
f842bc0b91 adds network_common shared module (#19919)
* support for ComplexList and ComplexDict
2017-01-04 23:17:41 -05:00
Peter Sprygada
6b7742fd75 Revert "cleans up the netcfg implementation" (#19917) 2017-01-04 22:55:16 -05:00
berenddeschouwer
1fdcda0996 Add --installroot to YUM and DNF modules, issue #11310 (#19861)
* Add --installroot to YUM and DNF modules, issue #11310

This continues ansible-modules-core#1558, and
ansible-modules-core#1669

Allow specifying installroot for the yum and dnf modules
to install and remove packages in a location other than /.

* Remove empty aliases

* Simpler installroot set default logic
2017-01-04 19:20:00 -08:00
Peter Sprygada
d424a0468a refactors ios shared module (#19850)
This allows the ios_* modules to take advantage of the new network_cli
connection plugin by refactoring the ios shared module.  Individual modules
need to be udpated as well
2017-01-04 21:52:56 -05:00
Peter Sprygada
630d10a27a updates action plugins for network_cli connection (#19849)
* net_config now subclasses action plugin network
* net_template now subclasses action plugin network

This will break existing modules until those modules have been refactored.
2017-01-04 21:52:46 -05:00
Peter Sprygada
fdb24bb5d7 cleans up the netcfg implementation (#19847)
* moves parse() into the instance
* removes old Config instance and supporting code
* adds net_common shared module
* minor tweaks to NetworkConfig class for parsing config files
2017-01-04 21:52:25 -05:00
Patrik Lundin
ee5364f983 openbsd_pkg: make "name" take a list.
This commit also adds the module to DEFAULT_SQUASH_ACTIONS which is
possible with this change.

The module still calls the pkg_* tools once per name internally, so the only
difference is less invocations of the module itself when using with_items.
2017-01-04 18:45:31 -08:00
Jiri Tyr
579b6a0f9d Changing author's e-mail for ldap_* modules (#19900) 2017-01-04 21:30:43 -05:00
Toshio Kuratomi
a33e34894b Move some modules into proper categories 2017-01-04 18:09:45 -08:00
Toshio Kuratomi
8469ea93d9 Remove unnecessary use of iteritems so that this compiles under python3 2017-01-04 17:39:34 -08:00
THEBAULT Julien
ee1dee08b6 Check the command result status in easy_install plugin (#16519) 2017-01-04 17:17:30 -08:00
Joe Adams
337ea4d65c Add pulp_repo module for interacting with repositories on a pulp server. 2017-01-04 17:12:49 -08:00
Ondra Machacek
8a3e80eb09 cloud: ovirt: add kernel boot parameters to vms module 2017-01-04 17:11:07 -08:00
Fabrizio Colonna
b6f9b0be1f Added arbiter support to gluster_volume module. 2017-01-04 17:09:24 -08:00
Andy Freeland
778a189a59 Fix letsencrypt remaining_days docs 2017-01-04 16:53:23 -08:00
Enis Ozgen
d4d9a48205 Fix typo in ec2_vpc_peer.py documentation 2017-01-04 16:51:26 -08:00
Paulo Matias
d51064a05e os_user: fix typo (self is not defined) 2017-01-04 16:47:43 -08:00
Sergio Millan
08b671990d Fixing Issue#18995 2017-01-04 15:24:32 -08:00
Toshio Kuratomi
f129977e2b Fix 4d355f8bf2
default values can contain nonstrings and those should not be converted
via to_text.
2017-01-04 14:35:05 -08:00
Toshio Kuratomi
91242b8cc3 Leave a comment that .format() can lead to security risks
Couldn't find any code that does this now but left a comment so that we
don't change something in the future without seeing that it could be
a problem.
2017-01-04 14:33:15 -08:00
Dag Wieers
ecaa0202b9 vmware_guest: assorted fixes and improvements (#19842)
A small collection of fixes and improvements:
- Simplify should_deploy_from_template()
- Bugfix for x.config that can be None
- Bugfix for mandatory guest_id (not when using templates)
- Simplify key testing and defaults
- Fix an incorrect reference to the last network
- Duplicate alias 'folder' removed
2017-01-04 17:25:09 -05:00
Toshio Kuratomi
02e3f4b526 Fix for atomic_move on RHEL5
When becoming an unprivileged user using non-sudo on a platform where
getlogin() failed in our situation we were not able to detect that the
user had switched.  This meant that all of our logic to use move vs copy
if the user had switched was attempting the wrong thing.  This change
tries the to do the right thing but then falls back to an acceptable
second choice if it doesn't work.

The bug wasn't easily detected because:
* sudo was not affected because sudo records that the user's have been
  switched so we were able to detect that.
* getlogin() works on most platforms.  RHEL5 with python-2.4 seems to be
  the only platform we still care about where getlogin() fails for this
  case.
* It had to be becoming an unprivileged user.  When becoming
  a privileged user, the user would be able to successfully perform the
  best case tasks.
2017-01-04 14:08:19 -08:00
Toshio Kuratomi
4d355f8bf2 Transform config values to text immediately when they enter ansible
Convert configuration values from ENV VARS, config files, and defaults
in constants.py.
2017-01-04 14:06:18 -08:00
Corwin Brown
9b7c9931db Issue #19575: Adding Dest Param to win_uri (#19577)
* Issue #19575: Adding Dest Param to win_uri

Added `dest` param to win_uri. Outputs the response body to a specified
file.

Addresses Issue #19575

* Was setting the wrong attribute
2017-01-04 13:33:47 -08:00
James Cammarata
a0b4d37dea Removing unused files in playbook/ directory 2017-01-04 15:17:15 -06:00
Brian Coca
92e8c53879 fixed id queries, should rely on effective 2017-01-04 14:23:26 -05:00
Jiri Tyr
1ff9b74e3d Adding ldap_attr module (#19286) 2017-01-04 14:11:02 -05:00
Toshio Kuratomi
e98c0a3009 Fix locale_gen to compare native strings rather than mixing byte and text strings
Fixes #19426
2017-01-04 10:11:33 -08:00
Adrian Likins
c771ab34c7 Add a encode() to AnsibleVaultEncryptedUnicode (#19840)
* Add a encode() to AnsibleVaultEncryptedUnicode

Without it, calling encode() on it results in a bytestring
of the encrypted !vault-encrypted string.

ssh connection plugin triggers this if ansible_password
is from a var using !vault-encrypted. That path ends up
calling .encode() instead of using the __str__.

Fixes #19795

* Fix str.encode() errors on py2.6

py2.6 str.encode() does not take keyword arguments.
2017-01-04 12:17:19 -05:00
James Cammarata
ac00c8a660 Fixing an iteration bug introduced by fed079e4 2017-01-04 10:34:06 -06:00
Ryan S. Brown
8772e4387b Update ec2_facts with new ap-south region 2017-01-04 10:27:48 -05:00
Kevin Houdebert
2ffb705049 Fix win_robocopy flags argument (#19603) 2017-01-04 14:27:24 +00:00
Matthew
45c57618b3 Have AnsibleModule raise a failure of git is missing in git_config module (#19676) 2017-01-04 14:23:21 +00:00
Rob
927218d99d Fix backward compat change - create custom required_together statement (#19642) 2017-01-04 14:11:56 +00:00
Kash
dceace6bb2 ecs_taskdefinition: Fix missing import camel_dict_to_snake_dict (#19560)
ecs_taskdefinition: Fix missing import camel_dict_to_snake_dict
2017-01-04 13:50:13 +00:00
Dag Wieers
fbec2ecaa8 vmware_guest: Do not match simply by folder (#19823)
This fixes #19077
2017-01-04 09:26:29 +00:00
Dag Wieers
0d9392a3bc vmware_guest: import iteritems (#19821)
Without this change you get this on Python 2.7.5:

    NameError: global name 'iteritems' is not defined
2017-01-04 09:12:29 +00:00
Toshio Kuratomi
0ca3800ae1 Fix traceback on Darwin with Python3
os.write() needs bytes objects on python3 while python2 can work with
either a byte or unicode string.  Mark the DUMMY_CA_CERT string as
a byte string so it will work.

Fixes #19265
Fixes #19266
2017-01-04 00:33:12 -08:00