* Change RHEL8 image name to match changes in ansible-test
Continue to use the beta version of RHEL 8 until we fix tests that are breaking with the GA version.
* Skip ufw integration test on RHEL 8 Beta
(cherry picked from commit 84075fe351)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* option is marked as required but specifies a default (#57257)
* required and default are conflicting
(cherry picked from commit 05e6339c49)
* add a changelog fragment for PR 57750.
* Bump container version.
* Use new URLs.
* Add IP certificate tests.
* Disable IPv6 IP from IP certificate.
Background: in CI, the ACME test container apparently has no IPv6 support.
Without IPv6 support, Pebble can't connect to validate, and thus validation
fails.
(cherry picked from commit c50a75a41e)
* FTD configuration module: fix a bug with response parsing (#57480)
* Update dependence's name to firepower-kickstart
* Check response type before getting attributes
* Add unit test for construct_ansible_facts method
* Update error message
(cherry picked from commit 4fa93d5b9b)
* Add backlog entry
* Adding integration test for 127.0.0.1/32 and ::1/128.
* Making sure file is not corrupted when render fails
* Fixes#56430
* Adding changelog for MR 57147/Issue 56430
Set ansible_buffer_read_timeout to be larger then
ansible_command_timeout, as both appliance / controller are on the same
physical network and we are not triggering ansible_command_timeout.
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
* ios_ntp: Switch interface to GigabitEthernet0/1 for tests
Lets use an interface we know that exists for testing, in some cases
Loopback0 maybe not be configured.
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
* ios_ntp: properly register result variable for testing
This is currently broken, and tests don't work. Fix this by properly
registering the result variable.
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
ios_user requires escalated privledges, rather then doing this in the
inventory, we can just add it into the playbook tasks.
Also add missing provider settings for authorize.
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
This was required to be installed by a human, out side of our testing.
Add it so ansible-test can now manage.
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
* Updated testcase
* Added check mode support
* Added check for mutual exclusive for Name and UUID
Fixes: #57580
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 00604d3f2c)
* preserve same order as inventory manager when using host lookup (#55331)
* preserve same order as inventory manager when using inventory_hostnames lookup
add a test
* move generic code
(cherry picked from commit afb5e02c19)
* changelog
The extant documentation says that the fingerprint return value is a
single string, but it is currently being returned as a split list.
Convert the returned value to a string as documented, and add some
basic test-case coverage for the return values.
(cherry picked from commit 6f06fc9945)
* win_chocolatey - honour version when bootstrapping chocolatey and fix package listing (#57208)
* win_chocolatey - honour version when bootstrapping chocolatey
* skip upgrade all step
* Fix install latest step
* Remove test changes now that Chocolatey is released
* tweak the package version detection
(cherry picked from commit b5b75daaa5)
* removed disabled alias
* nxos_vlan: fix broken purge behavior (issue #57101) (#57229)
* nxos_vlan: fix broken purge behavior (issue #57101)
Symptoms/Analysis:
- `nxos_vlan` `purge: true` would fail when `purge` was trying to delete all unspecified vlans, including vlan 1.
- `nxos` devices do not allow removing vlan 1 and raise a cli exception error
- Previous fix#55144 caused a side effect when `purge` was used: vlan changes specified by `aggregate` were ignored; e.g.
- vlan 4 is not present; playbook specifies `aggregate: { vlan: 4 }, purge: true`
- results in proper purging but vlan 4 is not created
Solutions:
- ignore vlan 1 when purging
- remove the `not purge` check from state present logic
Added additional unit tests and integration tests.
Tested against all regression platforms.
* PEP fixes
* Add agg_show_vlan_brief.txt fixture
* Add warning for removing vlan 1
* change method name check
(cherry picked from commit 6bb13bbb84)
* changelog
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* Fix order for warning on templated conditionals
Fix bare variable warnings when the variable is a boolean
* changelog
* Add tests for cases that should and should not give warnings
If the behavior may change when the default behavior for CONDITIONAL_BARE_VARS becomes False there should be a warning. Boolean type conditionals will not change in behavior so don't warn.
* oops, forgot to add files
* typo
(cherry picked from commit 21cd24a0dd)
The erlang-solutions repository is broken for Ubuntu18 (They did not
sign their repository metadata). For now, disable the rabbitmq tests
which depend upon that. I'll open a PR with a revert of this commit.
We can watch it to see when it passes in Ci to know that the
erlang-soutions repository has been fixed
(cherry picked from commit 5f47ab9)
Co-authored-by: Toshio Kuratomi <a.badger@gmail.com>
* docker_image: fix default handling of old docker-build options nocache and rm (#56610)
* Fix usage of nocache parameter.
* Fix defaults.
* Add changelog.
(cherry picked from commit 56e2d48612)
* docker_image: fix module failing when build option is used without specifying path (#56940)
* Fix module failing when build option is used without specifying path.
* Add changelog.
(cherry picked from commit 86928a5f74)
* Extend docker_image tests. (#57090)
(cherry picked from commit c54d79bc13)
This commit fixes a non-passing junos_facts integration test, as it was
using a non-ordered frozenset to assert its result.
(cherry picked from commit 0ada6b8d8d)
* [docker_network] Fix idempotency when using aux_addresses in ipam_config (#56901)
* [docker_network] Fix idempotency when using aux_addresses in ipam_config
Mismatch between keys returned by Docker API (AuxilliaryAddresses) vs
expected by Ansible module (aux_addresses) resulted in tasks always
have status 'changed'. The existing code normalizing one set of
keys to another missed this special case where converting
CamelCase to lowercase is not sufficent.
Please see
https://github.com/moby/moby/blob/master/api/types/network/network.go
for reference.
* Correct keywords formatting in changelog file
Co-Authored-By: Felix Fontein <felix@fontein.de>
(cherry picked from commit 37df89b2d8)
* docker_network: Integration tests for IPAM config idempotence (#56975)
Integration tests for pull request #56901 which fixes found issues with idempotence.
(cherry picked from commit 6a50c6aae4)
* [stable-2.8] eos_l2_interface handle "Interface does not exist" (#56787)
* Quick and dirty attempt to handle eapi error
* Well this should probably change
* Hopefully this works correctly?
* Fix check_rc handling with httpapi
* Add tests that should hopefully cover the error
* Fix warnings
* Improve tests.
(cherry picked from commit cebb363fcc)
Co-authored-by: Nathaniel Case <ncase@redhat.com>
* Add changelog
* Remove backport overreach
* Fix debug statements in new tests while I'm here
It is possible the EOS appliance doesn't have an IP address on the
management1 interface, instead just check we have found that interface.
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
(cherry picked from commit f9589bd)
Co-authored-by: Paul Belanger <pabelanger@redhat.com>
* [stable-2.8] eos_config: Fix test issues (#56180)
* Alter tests to pass
* Change diff_against to make changed work again
* Add another diff_against
* Expose supports_sessions across all EOS connection types
* Change session warning to failure
* supports_sessions needs to be a method to survive the rpc boundary
* Alter tests to match
(cherry picked from commit 0bead36)
- Also return url and update docs for other values to indicate they are only returned on success.
- Add integration tests
- Use info variable for common return values
- Use -1 as default status rather than None. This is lines up with with existing code in urls.py
- Add unit tests to ensure status and url are returned on failure
(cherry picked from commit 8f4f3750fe)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* Make ansible adhoc work with include_role
Fix logic condition so that include_role works
without
```
ERROR! 'async_val' is not a valid attribute for a IncludeRole
The error appears to be in 'None': line 0, column 0, but may
be elsewhere in the file depending on the exact syntax problem.
(could not open file to display line)
```
* Add include_role test for adhoc
(cherry picked from commit cd95843ea5)
Avoid premature vars templating
* added tests
* avoid 'is template' warning in vars, since we want them for latter templating
(cherry picked from commit 1da47bfa8c)
* [stable-2.8] Whitelist listen as a valid keyword on TaskInclude (#56586)
* Whitelist listen as a valid keyword on TaskInclude. Fixes#56580
* Move 'listen' to HandlerTaskInclude
* Remove trailing newline
(cherry picked from commit 576593e)
Co-authored-by: Matt Martz <matt@sivel.net>
* Improvement on setting VALID_INCLUDE_KEYWORDS on HandlerTaskInclude (#56801)
(cherry picked from commit 8bb3274711)
Ensure the module still work with the ESXi where CustomFieldsManager
does not exist.
From: https://www.vmware.com/support/developer/converter-sdk/conv60_apireference/vim.CustomFieldsManager.html
The CustomFieldsManager object is used to add and remove custom fields to
managed entities.
The custom fields values set on managed entities are available through the
customValue property and through the summary objects for VirtualMachine
and HostSystem. They are not available directly through this managed object.
This functionality is only available through VirtualCenter.
Fixes: #56071
(cherry picked from commit cf78759f5b)
This is a sanity test cleanup to handle a known image bug with (N9K) I7 images.
The I7 image fails to enable some snmp trap link configs causing an idempotency failure in the sanity, so we're skipping the idempotence tests that involve this bug.
Tested on N9K images: 9.2(2), 7.0(3)I7.
(cherry picked from commit 4d46f44ff2)
* Fixes Netconf_config single parameter bug (#56138)
* Fixes Netconf_config single parameter bug
Fixes 56022
fixed get_config to not require multiple parameters to just run a backup
* Add Integration test for netconf_config
Associated with #56022
tests backup through netconf only using one parameter.
* Added debug to the begin and end of file
* Fix formatting of save config. #56022
* removed blank line at end: #56022
(cherry picked from commit 647ed207af)
* Fix netconf_config backup string issue (#56175)
* Convert the ElementTree object to string
before dumping the configuration in file.
(cherry picked from commit 9c5745ad21)
* Add changelog fragment
* Fix IPv6 address parsing for py2.6, and add tests
* make sure hostname isn't None
(cherry picked from commit 493cf81)
Co-authored-by: Matt Martz <matt@sivel.net>
* Allow python_requirements_facts to cope with packages with dashes
```
python_requirements_facts:
dependencies:
- kubernetes-validate
```
should work as expected
(cherry picked from commit 5b3305c71505ffd4b0fd7dc5a6a17a4d5cb4cd77)
* Allow python_requirements_facts to cope with packages with dashes (#56166)
* Allow python_requirements_facts to cope with packages with dashes
```
python_requirements_facts:
dependencies:
- kubernetes-validate
```
should work as expected
* Ensure tests run for python_requirements_facts
(cherry picked from commit 8e1dd58c2b)
* Rewrite much of the execution of meraki_switchport
- Previous versions had problems with idempotency and allowed_vlans
* Modified payload creation
- Parameter map is used
- propsed is created using .copy()
- Much cleaner this way
* Add whitespace for lint
* Add bugfix snippet for changelog
(cherry picked from commit d59eb9edab)
* nxos_ospf_vrf:sanity: ignore no default-metric idempotence tests when I7 images
This is a sanity test cleanup to handle a known image bug with (N9K) I7 images.
The I7 image rejects 'no default-metric' configs, so we're skipping the idempotence
tests that involve this bug.
Tested on N9K images: 9.2(2), 7.0(3)I7, 7.0(3)I2
* simplify check for I7
(cherry picked from commit a568e018be)
* nxos_snmp_user: platform fixes for get_snmp_user
snmp user output behavior varies quite a bit for the different nxos platforms and required several workarounds:
- N5K/N6k
- These platforms do not support structured output for `show snmp user`.
- The current code lands in an `except` clause when the output is not structured; so I added a new `get_non_structured_snmp_user` method to scrape the state from the regular cli output if it's present.
- N9K-F
- The `group` data in the JSON output is different for this platform; it has a different key (just `group` instead of `TABLE_groups` or `group_names`) and it is not indexed
- For a single group the value is a string, for multiple groups it's a list
- sanity
- N5K/N6K/N9K-F platforms will reject `no snmp user <name> <role>` when it's the last role defined for the user.
- workaround is to use `nxos_user` to remove the user
- Changes validated on:
- `N3K, N3K-F, N35, N6K, N7K, N9K, N9K-F`
- `6.0(2)A8`
- `7.0(3)I2, 7.0(3)I4, 7.0(3)I5, 7.0(3)I6, 7.0(3)I7`
- `7.3(2)D1`
- `7.3(3)N1, 7.3(4)N1`
- `8.3(2)`
- `9.2(2), 9.2(3)`
* fix lint warning
(cherry picked from commit 8c56c116e5)
* Add n6k support for nxos_vtp_domain
* Add n6k support for nxos_vtp_version
* Add n6k support for nxos_vtp_password
* Fix shippable error
(cherry picked from commit d55c0cf8dc)
* nxos_snmp_traps: fix 'group: all' for N35 platforms
- `group: all` attempts to enable traps for all features defined in the module's `feature_list`
- `N35` platforms do not support `snmp-server enable traps bfd`; so removing `bfd` from the `feature_list` for that platform
- Minor cleanup in `sanity.yaml` test file
* whitespace lint fix
(cherry picked from commit 0e0c2a7db7)
* nxos_vlan: vlan names containing regex ctl chars should be escaped (#55463)
The `nxos_vlan` module may raise with regex error `sre_constants.error: multiple repeat` in the non_structured codepath if the device has existing vlan names with certain regex control characters; e.g.
```
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Eth1/3
14 my-vlan-name-is-*** active
```
(cherry picked from commit de8ce08fd8)
* fix nxos_vlan mode idempotence bug (#55144)
* fix nxos_vlan mode idempotence bug
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* Fix CI failure
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
(cherry picked from commit 57e0567310)
* nxos_vlan fix 2.8 backport
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* `nxos_acl` may fail with `IndexError: list index out of range` while attempting to delete a non-existent ACL.
The failure occurs when the `acl` var is an empty list.
* nxos_acl: catch 501 'Structured output unsupported' when no ACLs present
With some older image versions, `show ip access-list | json` will raise a 501 error indicating `'Structured output unsupported'` when there are no access-lists configured. This change turns off the `check_rc` and then looks for the failure condition.
* Fix kwarg
* Fix lint issues
(cherry picked from commit 869fdcd7d4)
* sysctl will now return an error if the value is invalid
sysctl can fail to set a value even if it returns an exit status 0. More
details: https://bugzilla.redhat.com/show_bug.cgi?id=1264080. Because of
this in case of an invalid value or a read-only file system, sysctl
module would return OK, even though it didn't set anything. To be sure
that sysctl correctly applied the changes we also need to check the
output of stderr.
(cherry picked from commit 0432b7f2522dbf82c4fabdb3fd17f7ac83f34e62)
* Run sysctl with LANG=C
Because we are parsing sysctl stderr we need to make sure that errors
are persistent across different system language settings.
(cherry picked from commit a16128f778b1e7574c5986aed26e146ac0561533)
* Add changelog fragment for sysctl
(cherry picked from commit 3ad9d4d83c1d2bbfccefb8388904c596d98f8731)
This has been broken for some time, but only noticed recently. Because
vyos_command isn't supported on ansible_connection=local, update our
testing to account for that.
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
(cherry picked from commit 59d20e004e)
* Fix loading namespaced doc_fragments
The syntax for specifying a different fragment name was already
using '.' as a separator, so the code needed to be tweaked to
avoid choking on names like `testns.testcoll.fragname` and
`testns.testcoll.fragname.altvar`.
`get_plugin_class()` returns 'docfragment' for the fragment loader;
mangling `subdir` provides consistent alignment with the normal plugin
directory names and avoids needing special handling of plugin types
with 'module' in the name.
* Add changelog entry
(cherry picked from commit 2ef8b297ff)
Otherwise, we get the following error:
ERROR: ncclient 0.6.4 requires selectors2>=2.0.1, which is not installed.
when running ansible-test.
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
(cherry picked from commit 72bfdb38b4f935d2025928cf7a443ef31d8c23f6)
Ensure inventory plugin loading rel to play
fixes#51033
* clarify paths
* now adding dirs funciton in loader
* better warnings
* each cli should handle adding dirs depending on context
(cherry picked from commit 780ee45819)
* azure_rm_subnet: remove documentation that says it supports tags (#55233)
(cherry picked from commit 32345641e7)
* azure_rm_subnet: fix CI error for deleting the azure_tags (#55276)
(cherry picked from commit 91e808eed2)