Commit graph

949 commits

Author SHA1 Message Date
Matt Clay
442af3744e Miscellaneous pylint fixes.
The following rules are no longer disabled:

- bad-format-string
- duplicate-key
- lost-exception
- trailing-newlines
- unexpected-keyword-arg
- useless-suppression
- using-constant-test
2017-09-13 01:53:08 -07:00
Matt Clay
68aeaa58a8 Fix dangerous default args. (#29839) 2017-09-12 00:11:13 -07:00
Tim Rupp
74ace093b8 Renames the bigip_configsync_actions module (#29747)
Retains the old name by making a symlink. We can remove it in a later
release.
2017-09-12 05:53:44 +01:00
Miguel Ángel Ajo
8e4f112b39 Fixes #23680 bug with py3.x due to binary string handling (#23688)
* This commit includes a unit test to exercise the _is_role
function and make sure it doesn't break in any Python version.
* Import os.path and other minor fixups
2017-09-09 18:40:07 -07:00
Toshio Kuratomi
75249e311e Fix set theory filters for python3
The set theory filters need to use lists rather than generators on python3.

Also add unit tests for most of the mathstuff filters

Fixes #26494
2017-09-09 17:38:39 -07:00
Brian Coca
fe3b4325c2 less confusing 'args' message (#29053)
* less confusing 'args' message

* fix test

* gone native
2017-09-06 18:20:06 -04:00
Nathaniel Case
f84ff216b6 Generalize nxos_bgp event-history detection (#28890)
* More general handling of event-history

* Update unit tests
2017-09-06 17:37:44 -04:00
Nathaniel Case
8bfdbd0f73 nxos_bgp_neighbor: Fix regex &report warnings (#28888)
* Fix over-detection of log-neighbor-as

* Report nxos warnings

* Update nxos_bgp_neighbor unit tests to test remove-private-as
2017-09-01 15:17:42 -04:00
Trishna Guha
252efcebf5 module should fail if eos_user is added without configured_password or nopassword or sshkey (#28780)
* module should fail if eos_user is added without configured_password or nopassword or sshkey

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>

* fix eos_user unit test

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>

* fix eos_user integration test

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
2017-08-31 15:29:57 -04:00
Felipe Garcia Bulsoni
fd304d9b5b Added support to SAN Manager resource in HPE OneView (#28787)
- Added unit tests
2017-08-30 18:32:43 +02:00
Felipe Garcia Bulsoni
1e785d4117 FcoeNetworkFactsModule for HPE OneView (#28728)
* Add FcoeNetworkFactsModule for retrieving HPE OneView FCoE Networks

- Allow querying for FCoE Network resources in HPE OneView
- Adds unit tests to new module

* Fix "required: no"
2017-08-30 16:51:28 +02:00
Felipe Garcia Bulsoni
6ea2099ee4 EthernetNetworkFactsModule for HPE OneView (#28723)
* Adds EthernetNetworkFactsModule for retrieve HPE OneView

- Allows retrieving Ethernet Network resources from HPE OneView
- Adds unit tests

* Removed required: no
2017-08-30 16:49:57 +02:00
Felipe Garcia Bulsoni
a4ae8536d9 NetworkSetFactsModule for HPE OneView (#28730)
* Add NetworkSetFactsModule for retrieving HPE OneView Network Sets

- Allow querying for Network Set resources in HPE OneView
- Adds unit tests to new module
- Updates oneview_module_loader copyright header to short GPL3 version

* Adding possibility to pass in credentials as parameters

* Removed required false and changed format of filter_by_name declaration

* Updated examples in docs to reflect new way to pass in credentials

- All examples of the oneview_network_set_facts updated to use
credential parameters
- All required=False from oneview base module removed
- Shared docs updated to bring attention to API version being used
2017-08-30 16:46:05 +02:00
jacky.chen
75998d3ca3 [cloud] Add the ability to modify shard count to kinesis_stream module (#24805)
* Add the ability to modify shard count to kinesis_stream module

* Fixed an issue in kinesis_stream where update() reports not changed when it is changed

* Remove unreachable message and make the try and catch block shorter
2017-08-29 17:13:46 -04:00
Mike Wiebe
d9fc3def94 Fixes #28779 eth_mode key error (#28782)
* Fixes #28779 eth_mode key error

* Remove unused get_config references

* Addressed PR comment
2017-08-29 17:07:46 -04:00
Nathaniel Case
64dac346c9 Fix nxos_pim_interface dr-priority handling (#28472)
* Fix nxos_pim_interface dr-priority handling

* Prefer execute_show over `| json`

* Mock get_config

* Fix sparse-mode detection
2017-08-29 14:42:09 -04:00
Brian Coca
aec1dfd1fa fix improt order to actually skip when no boto 2017-08-29 13:06:25 -04:00
Jacob McGill
1c4fe510d0 IOS Ping: Add new module to support ping tests from IOS devices (#28557)
* IOS Ping: Add new module to support ping tests from IOS devices

* Add tests

* Add fixtures for ios_ping
2017-08-29 11:21:49 -04:00
Kai
3251aecd95 Fix leading slashes being stripped from mount src (#24013)
* Tidy mount module for testing

Fix spelling mistakes in comments. I *think* the example for omitting parents
root has the wrong parent ID.

Make mountinfo file a parameter for testing.

* Don't strip leading slash from mounts

The current code does not follow the example, it produces src=tmp/aaa instead
of src=/tmp/aaa. This causes problems with bind mounts under /rootfs.

* Use dictionary to store mounts by ID

Instead of looping over each one to check if the ID matches. This does not
preserve the order of the output on < Python3.6, but that is not necessary.

* Make linux_mounts a dict

Always accessed by 'dst', so avoid looping by just making it a key.

* Add test case for get_linux_mounts
2017-08-29 15:16:53 +02:00
Brian Coca
f9b3f4f934 make groups magic var dependant on inventory (#28677)
* make groups magic var dependant on inventory

it was overtly restricted by 'host'
minor fixes to test_var_manager.py, need to test other values also

* pepe hates extra blank line
2017-08-28 17:21:11 -04:00
Michael De La Rue
fbec5ab12d [cloud] new module lambda_policy (PR #24951)
- Fixes to lambda
- reformatting + tests for lambda_facts
- lambda module integration test
- switch lambda and lambda_facts to AnsibleAwsModule
- Get the account ID from STS, GetUser, and finally error message
2017-08-28 16:45:53 -04:00
Mike Wiebe
3d46258cff Refactor/fix nxos_nxapi to use show run (#28675)
* Refactor/fix nxos_nxapi to use show run

* Fix unit tests

* Python 3 compatibility
2017-08-28 15:00:56 -04:00
Felipe Garcia Bulsoni
791a029203 Added support to HPE Network Set resources (#28614)
- Added unit tests
2017-08-27 00:49:12 +02:00
Felipe Garcia Bulsoni
978c64afc5 Support retrieving Facts about Fibre Channel resource of HPE OneView (#28608)
* Added FcNetworkFactsModule to query FC Network Resources in HPE OneView

- Added unit tests

* Removing unnecessary quotes from example and documentation
2017-08-27 00:46:35 +02:00
George Nikolopoulos
c01dd6470c Add disable operation for netscaler_servicegroup (#28327) 2017-08-25 17:03:21 +01:00
George Nikolopoulos
2281a6676b Add enable, disable operation in netscaler_service (#28321) 2017-08-25 16:58:51 +01:00
Evgeny Fedoruk
71313ce04d Module for uploading templates into vDirect server (#27570)
* Module for uploading templates into vDirect server

Module for uploading configuration and workflow templates
into Radware vDirect server

* Module for uploading templates into vDirect server

Module for uploading configuration and workflow templates
into Radware vDirect server
2017-08-25 16:23:36 +01:00
Peter Sprygada
75293d83ca configures address-families when vrf is created (#28615)
* configures address-families when vrf is created

fixes #26725

* fix up unit test cases
2017-08-25 07:51:20 -04:00
Nicolas Porcel
ba420c47cd synchronize: Use private_key and ssh_user with delegate_to (Fixes #16215) (#21686) 2017-08-24 21:09:15 -04:00
Sloane Hertel
cf1a9d4d22 New module: Add ec2 Vpn Connection module and tests (cloud/amazon/ec2_vpc_vpn) (#24385)
* Add VPN module and unittests

* remove unnecessary imports

* fix documentation

* raise custom exception rather than passing module everywhere

* remove recordings

Rerecord tests

Fix docs

Ensure vpn_connection_id is a list of strings when checking if it exists

* fix check mode

* Rerecord tests

* remove superfluous code and comments and make exception handling uniform

fix docs

* Fix ec2_vpc_vpn documentation

* make ec2_vpc_vpn compatible with python 2.6 and make check mode logic more succinct

* fix comparison of list of dicts

* Fix typos and docstrings

make requested changes for imports

make code clearer

* Fix copyright and metadata version.
2017-08-24 12:18:40 -04:00
Felipe Garcia Bulsoni
fb6ed8d76c EthernetNetworkModule for HPE OneView (#28336)
* Adding module to manage ethernet network on HPE OneView

* Adding unit tests to EthernetNetwork module

* Added OneViewModuleException custom exceptions to module

- Removed exception imports from hpOneView
- Updated unit tests

* Fixing mock import inside ethernet network module unit test

* Fixing issues found in METADATA by CI

* Updated paths to use solution name instead of vendor name

* Fixed documentation, removed redundant if and improved readability

* Updated _bulk_present to use and return `result`, same way as _present

* Changed __ to _ in private methods following ansible style

* Fixed some example inconsistencies and turned states doc into a list

* Added adriane-cardozo to list of maintainers
2017-08-24 17:57:13 +02:00
Brian Coca
725d4d4bc8 added diff as new keyword (#28581)
added diff to fake options in ec2_vpc_nat_gateway test
2017-08-24 14:43:19 +02:00
Michael Tinning
282e743eb0 elb_application_lb: fix issue with boto parameter validation on Rules (#27333) 2017-08-23 13:49:52 -04:00
Sloane Hertel
24b49c2539 [cloud] New module: AWS Direct Connect connection (#26152)
* New module for AWS Direct Connect connections

Unittests for new module

Added utils that will be used by other Direct Connect modules

* pep8 fixes

* Correct aws_direct_connect_connection EXAMPLES to be valid yaml

* Make requested changes

* remove use of the variable changed

get rid of unnecessary parentheses

* Fix unit test

* Rename variable.

* Fix metadata version
2017-08-23 11:56:19 -04:00
Sloane Hertel
a48e0b5101 New Module to manage AWS direct connect link aggregation groups (#27250)
* Add module_utils/aws/direct_connect.py for frequently used functions

* new AWS Direct Connect link aggregation group module with tests and placebo recordings

* remove extra argument

* Remove use of undefined var

* Fix param name for extra exception codes for AWSRetry to use.

* Fix undefined var and line length and metadata version number

* Fix copyright headers
2017-08-22 18:24:54 -04:00
Felipe Garcia Bulsoni
84005498bc Support Fibre Channel over Ethernet resource of HPE OneView (#28359)
* Added new oneview_fcoe_network module and unit tests

* Fixing metadata issues and importing unittest from ansible.compat.tests

* Fixing shebang and adding correct copyright header

* Renamed remote_management/hpe to remote_management/oneview

* Updated documentation and default state according to review comments

- Added present as the default state
- Added delegate_to: localhost in all examples
- Changed config path from a variable to illustrate a location
- Other documentation fixes
2017-08-22 22:14:10 +02:00
Sloane Hertel
7551e8c921 AWSRetry: allow retrying on additional ClientError exceptions (#28483)
* Added the ability to extend the exception list in CloudRetry

* AWSRetry boto and boto compatible

* Updated tests to reflect boto/boto3

* Added boto to shippable requirements

* Have base_class and added_exceptions default to None in CloudRetry

AWSRetry - only retry on boto3 exceptions and remove boto requirement from tests

* Make requested changes.
2017-08-22 15:31:20 -04:00
Brian Coca
788a0d1b9e skip test when no s3 lib 2017-08-22 11:51:04 -04:00
Mike Wiebe
ec11cd2696 nxos_bgp_neighbor_af fix problem with advertise-map properties (#28413)
* Fix problem with advertise-map properties

* Change limit_to back to run all tests

* Fix unit tests

* Move advertise_map out of get_custom_value
2017-08-21 15:28:02 -04:00
David Newswanger
b818e986b6 Change network *_user modules to use configured_password to set a users password (#28187)
* WIP, update eos_user args

* refactor password for ios_user

* add eos tests, fix ios tests

* fixed password check

* refactor iosxr_user password

* fixed password arg for nxos

* [WIP] fix vyos_user password

* fix vyos tests

* update docs for net_user

* fix typo

* fix eos tests

* add warning when attempting to use password arg

* fix sanity/unit tests

* fix eos unit tests

* fix vyos_user aggregate

* fix typo in eos documentation string

* re add configured_password to vyos tests after rebase
2017-08-17 19:06:44 +05:30
George Nikolopoulos
b339f23485 Various small fixes (#27766) 2017-08-16 14:14:21 -04:00
Peter Sprygada
6886153b54 refactors nxos_vrf_af module (#28208)
* refactors nxos_vrf_af module

fixes #27595

* fix up unit test cases

* add commands to result dict

* add route-target on afi create

* adds deprecation note to safi argument
2017-08-16 10:11:12 -04:00
David Newswanger
a37c5e53e6 fix prompt error when deleting ios user (#28175)
* fix prompt error when deleting ios user

* placate pep8

* wrap delete user command in function

* fix python 3 unit tests
2017-08-16 15:15:41 +05:30
Trishna Guha
ce3d1c6ba0 eos_user fix username param (#28114)
* eos_user fix username param

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>

* Add setup eos_user test and rename username for consistency

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>

* update unit test and pep8 fix

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>

* pep8 fix
2017-08-16 12:08:59 +05:30
Toshio Kuratomi
af2073d057 metadata 1.1
* Add network value to support_by field.
* New support_by value, certified
* Deprecate curated in favor of certified
* Add conversion from 1.0 to 1.1 to metadata-tool
* Add supported by Red Hat field to ansible-doc output
2017-08-15 23:12:08 -07:00
Pierre-Louis Bonicoli
c6efb81707 circonus_annotation: reason becomes a string 2017-08-15 19:07:21 -07:00
Pierre-Louis Bonicoli
2bbe99dc26 circonus_annotation: add unit tests 2017-08-15 19:07:21 -07:00
Brian Coca
f921369445 Ansible Config part2 (#27448)
* Ansible Config part2

- made dump_me nicer, added note this is not prod
- moved internal key removal function to vars
- carry tracebacks in errors we can now show tracebacks for plugins on vvv
- show inventory plugin tracebacks on vvv
- minor fixes to cg groups plugin
- draft config from plugin docs
- made search path warning 'saner' (top level dirs only)
- correctly display config entries and others
- removed unneeded code
- commented out some conn plugin specific from base.yml
- also deprecated sudo/su
- updated ssh conn docs
- shared get option method for connection plugins
- note about needing eval for defaults
- tailored yaml ext
- updated strategy entry
- for connection pliugins, options load on plugin load
- allow for long types in definitions
- better display in ansible-doc
- cleaned up/updated source docs and base.yml
- added many descriptions
- deprecated include toggles as include is
- draft backwards compat get_config
- fixes to ansible-config, added --only-changed
- some code reoorg
- small license headers
- show default in doc type
- pushed module utils details to 5vs
- work w/o config file
- PEPE ATE!
- moved loader to it's own file
- fixed rhn_register test
- fixed boto requirement in make tests
- I ate Pepe
- fixed dynamic eval of defaults
- better doc code

skip ipaddr filter tests when missing netaddr
removed devnull string from config
better becoem resolution

* killed extra space with extreeme prejudice

cause its an affront against all that is holy that 2 spaces touch each other!

shippable timing out on some images, but merging as it passes most
2017-08-15 16:38:59 -04:00
Adrian Likins
8003437ebc prompt for new pass on create/encrypt if none specified (#28185)
* prompt for new pass on create/encrypt if none specified

Make 'ansible-vault' edit or encrypt prompt for a password
if none or provided elsewhere.

Note: ansible-playbook does not prompt if not vault password
is provided

* dont show vault password prompts if not a tty
2017-08-15 13:09:24 -04:00
saichint
d69440c4ef Fix nxos_vpc issues (#28188)
* fix for nxos_vpc issues

* fix unit tests

* clean documentation
2017-08-15 12:08:55 -04:00
Adrian Likins
5739bb075f Vault secrets default vault ids list (#28190)
* Add config option for a default list of vault-ids

This is the vault-id equilivent of ANSIBLE_DEFAULT_PASSWORD_FILE
except ANSIBLE_DEFAULT_VAULT_IDENTITY_LIST is a list.
2017-08-15 11:56:17 -04:00
Adrian Likins
e287af1ac8 Vault secrets empty password (#28186)
* Better handling of empty/invalid passwords

empty password files are global error and cause an
exit. A warning is also emitted with more detail.

ie, if any of the password/secret sources provide
a bogus password (ie, empty) or fail (exception,
 ctrl-d, EOFError), we stop at the first error and exit. 

This makes behavior when entering empty password at
prompt match 2.3 (ie, an error)
2017-08-15 11:01:46 -04:00
3onyc
554496c404 [passwordstore] Use builtin _random_password function instead of pwgen (#25843)
* [password] _random_password -> random_password and moved to util/encrypt.py
* [passwordstore] Use built-in random_password instead of pwgen utility
* [passwordstore] Add integration tests
2017-08-14 15:19:40 -07:00
saichint
9d84a4e530 fix for nxos_ospf_vrf invalid cmd and ntp errors (#27977)
* fix for nxos_ospf_vrf invalid cmd

* fix for nxos_ntp issues
2017-08-14 16:09:16 -04:00
Toshio Kuratomi
3edac559d3 the smart transport is broken by ssh retry code
1fe67f9 introduced retries to the ssh connection put file and fetch
file.  Unfortunately, that change broke the smart transport because it
started raising exceptions instead of returning from _run().  This
breakage is documented in #23711.

An attempt to fix it was made at #23717 but the first attempt was
objected to as needing to touch too much code.  The second attmept was
objected to as smart was forced to encapsulate retries (thus retrying
a sftp "rety" times before trying scp "retry" times and then finally
moving onto piped).  This third attempt has retries encapsulate smart.
So each sub-transport is tried once and if all three fail, another retry
attempt is made which tries each of the three again.

Fixes #23711
Fixes #23717
2017-08-14 08:08:00 -07:00
Trishna Guha
60ce6438e3 fix nxos_overlay_global idempotence (#28150)
* fix nxos_overlay_global idempotence

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>

* modify nxos_overlay_global unittest

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
2017-08-14 16:09:53 +05:30
David Newswanger
a01aa6e9df Fix structured output not supported in nxos_pim_interface (#28125)
* fixed unstructured error

* fix unit tests so they accept commands in dictionary form
2017-08-14 12:34:05 +05:30
Trishna Guha
12460dd713 Add ios_vrf declarative intent config check (#28001)
* Add ios_vrf declarative intent config check

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>

* add version for delay param

* modify ios_vrf unit test
2017-08-14 12:27:03 +05:30
Pierre-Louis Bonicoli
94a327dd09 rhn_channel: add unit tests 2017-08-12 10:21:14 -07:00
Sloane Hertel
1de91a9aa0 [cloud] Convert s3 module to use boto3 (#21529)
* replace boto with boto3 for the s3 module

make s3 pep8 and remove from legacy files

fix s3 unit tests

* fix indentation

* s3 module - if we can't create an MD5 sum return None and always upload file

* remove Location.DEFAULT which isn't used in boto3 and tidy up the docs

* pep8

* s3: remove default: null, empty aliases, and required: false from documentation

fix incorrectly documented defaults

* Porting s3 to boto3. Simplify some logic and remove unused imports

* Fix s3 module variables

* Fix a typo in s3 module and remove from pep8 legacy files

* s3: add pagination for listing objects.

Fix logic and use head_object instead of get_object for efficiency.

Fix typo in unit test.

* Fix pagination to maintain backwards compatibility.

Fix incorrect conditional.

Remove redundant variable assignment.

Fix s3 list_object pagination to return all pages

* Use the revised List Objects API as recommended.

* Wrap call to paginated_list in a try/except

Also remembered to allow marker/prefix/max_keys to modify what keys are listed

* Simplify argument
2017-08-11 09:34:33 -04:00
Ganesh Nalawade
3b0e9ded91 Fix fallback and boolean check in argspec (#27994)
Fixes #27978

*  Add missing assignment for param key in fallback handling
*  Add check for frozenset type
*  Unit testcase
2017-08-10 12:10:18 -07:00
Adrian Likins
220db9cdd2 Better vault pass prompt behav on EOF, more unit tests (#27981) 2017-08-10 09:34:57 -04:00
Adrian Likins
82f550e8cd Add prompt formats for 2.3 compat ask-vault-pass (#27974)
The prompt_formats dict didn't get the 'prompt_ask_vault_pass'
item added for interactive --ask-vault-pass, which
caused "KeyError: u'prompt_ask_vault_pass'"

Fixes #27885
2017-08-10 09:34:16 -04:00
Zac Medico
501fc7a248 template: fix KeyError: 'undefined variable: 0 (#27972)
* template: fix KeyError: 'undefined variable: 0

For compatibility with the Context.get_all() implementation
in jinja 2.9, make AnsibleJ2Vars implement collections.Mapping.
Also, make AnsibleJ2Template.newcontext() handle dict type
for the 'vars' parameter.

See: d67f0fd4cc
Fixes: https://github.com/ansible/ansible/issues/20494

* add units/template/test_vars

* intg tests for jinja-2.9 issues like 20494

test cases here are based on
https://github.com/ansible/ansible/issues/20494#issue-202108318
2017-08-09 18:50:53 -04:00
Nathaniel Case
a78f3faa6c nxos_bgp_neighbor_af does not want required_together (#26370)
* nxos_bgp_neighbor_af does not want required_together

* fixup tests

* Fix max_prefix_* issues

* Require address-family

* Fix idempotency for next_hop_third_party

* Fix idempotency for allowas_in*

* Fix idempotency for *_in and *_out

* Reorder command generation again

`default` is first, then `max-prefix`, then booleans
2017-08-09 15:54:34 -04:00
Nathaniel Case
c1bf74283e Network load_config: Capture configuration output and display as warnings (#27851)
* Capture configuration output and display as warnings

* Don't break on nxapi

nxapi errors very loudly instead, so no need to muck about with warnings
2017-08-09 09:43:04 -04:00
Adrian Likins
c38ff3b8f8 pylint fixes for vault related code (#27721)
* rm unneeded parens following assert
* rm unused parse_vaulttext_envelope from yaml.constructor
* No longer need index/enumerate over vault_ids
* rm unnecessary else
* rm unused VaultCli.secrets
* rm unused vault_id arg on VaultAES.decrypt()

pylint: Unused argument 'vault_id'
pylint: Unused parse_vaulttext_envelope imported from ansible.parsing.vault
pylint: Unused variable 'index'
pylint: Unnecessary parens after 'assert' keyword
pylint: Unnecessary "else" after "return" (no-else-return)
pylint: Attribute 'editor' defined outside __init__

* use 'dummy' for unused variables instead of _

Based on pylint unused variable warnings.

Existing code use '_' for this, but that is old
and busted. The hot new thing is 'dummy'. It
is so fetch.

Except for where we get warnings for reusing
the 'dummy' var name inside of a list comprehension.

* Add super().__init__ call to PromptVaultSecret.__init__
pylint: __init__ method from base class 'VaultSecret' is not called (super-init-not-called)

* Make FileVaultSecret.read_file reg method again

The base class read_file() doesnt need self but
the sub classes do.

Rm now unneeded loader arg to read_file()

* Fix err msg string literal that had no effect
pylint: String statement has no effect

The indent on the continuation of the msg_format was wrong
so the second half was dropped.

There was also no need to join() filename (copy/paste from
original with a command list I assume...)

* Use local cipher_name in VaultEditor.edit_file not instance
pylint: Unused variable 'cipher_name'
pylint: Unused variable 'b_ciphertext'

Use the local cipher_name returned from parse_vaulttext_envelope()
instead of the instance self.cipher_name var.

Since there is only one valid cipher_name either way, it was
equilivent, but it will not be with more valid cipher_names

* Rm unused b_salt arg on VaultAES256._encrypt*
pylint: Unused argument 'b_salt'

Previously the methods computed the keys and iv themselves
so needed to be passed in the salt, but now the key/iv
are built before and passed in so b_salt arg is not used
anymore.

* rm redundant import of call from subprocess
pylint: Imports from package subprocess are not grouped

use via subprocess module now instead of direct
import.

* self._bytes is set in super init now, rm dup

* Make FileVaultSecret.read_file() -> _read_file()

_read_file() is details of the implementation of
load(), so now 'private'.
2017-08-08 16:10:03 -04:00
mzizzi
4648dc9702 [cloud] Add more configurable backoff implementations to CloudRetry/AWSRetry (#27251) 2017-08-08 08:56:46 -04:00
Pilou
b57af4428d rhn_register: fix broken imports, add unit tests (#26878)
Fix 'module' object is not callable

* rhn_register: fix Python 3 compatibility
* rhn_register: update requirements
* rhn_register: add unit tests
* Add missing method name
* use a dedicated line for XML related requirements
* rhn_register: drop support for Python 2.4
* rhn_register unit tests: fix Python 3 compatibility
* refactor in order to check order of the requests
2017-08-04 10:12:27 -04:00
Philippe Dellaert
6d33e59ca1 Fix for subspec options validation issue #27715 (#27728)
* Fix for issue ansible/ansible#27715

* Also fixing mutually exclusive check

* Updating subspec checks
These changes take into account a spec with all features enabled and do
the following tests for subspecs:
1. Test proper specs
2. Test Alias
3. Test missing required param
4. Test mutually exclusive params
5. Test required if params
6. Test required one of params
7. Test required together params
8. Test required if params with a default value
9. Test basis subspec params
10. Test invalid subsec params
2017-08-04 19:10:38 +05:30
Peter Sprygada
7b604368d3 adds new filter plugins for network use cases (#27695)
* adds new filter plugins for network use cases

* adds parse_cli filter
* adds parse_cli_textfsm filter
* adds Template class to network_common
* adds conditional function to network_common

* fix up PEP8 issues
2017-08-04 07:47:12 -04:00
Sloane Hertel
467a1f54a3 s3_bucket: fix python3 sorting incompatibility (#27502)
* s3_bucket: fix policy sorting for python3 so strings are evaluated as less than tuples.

Add tests to ensure this behavior is maintained.

* Fix s3_bucket comparison function to work on both Python 3.5 and 3.6

* s3_bucket: document that cmp_to_key is used for python 2.7.

Add another test for s3_bucket to compare policies of different sizes.

* fix pep8

* Work around code-smell grepping by not using the word 'cmp'.
2017-08-03 15:41:26 -04:00
Sloane Hertel
dbbad16385 [cloud] New module: Add module for managing AWS Datapipelines (cloud/amazon/data_pipeline) (#22878)
* New module for managing AWS Datapipelines

* Supports create/activate/deactivate and deletion
* Handles idempotent creation by embeding the version in the
uniqueId field
* Waits for requested state to be reached, as Botocore doesn't
have waiters yet for datapipelines

* rename module, fix imports, add tags option, improve exit_json results, fix a couple bugs, add a TODO so I don't forget

fix pep8

allow timeout to be used for pipeline creation

make .format syntax uniform

fix pep8

fix exception handling

allow pipeline to be modified, refactor, add some comments, remove unnecessary imports

pipeline activation may not be in the activated state long

remove datapipeline version option

change a loop to a list comprehension

create idempotence by hashing the options given to the module minus the objects (which can be modified)

small bugfix

* data_pipeline unittests

make unittests pep8

fix bug in unittests

* remove exception handling that serves no purpose

* Fix python3 incompatibilities in datapipeline tests and add placebo fixture maybe_sleep for faster tests

Fix python3 incompatibilities in data_pipeline build_unique_id()

Don't delete a pipeline in diff_pipeline() because it's unexpected

Don't use time.time() because it causes an issue with placebo testing

re-recorded tests

fix pep8 in data_pipeline

Remove disable_rollback from tests

Make sure unique identifier is a string

re-record tests

* improve documentation and add another example

* use a placebo fixture instead of redundant code in tests

fix tests for PLACEBO_RECORD=false

* Fix data_pipeline docs

use isinstance instead of type()

fix documentation

* fix documentation

* Remove use of undefined variable from data_pipeline module and fix license

* fix copyright header
2017-08-03 15:04:10 -04:00
George Nikolopoulos
31b4ae2e6a New module: manage Citrix Netscaler GSLB site configuration (network/netscaler/netscaler_gslb_site) (#27639)
* Add netscaler_gslb_site

* Lowercase enabled, disabled option values

* Add fixes in netscaler module utils needed for unit test success
2017-08-03 15:26:17 +01:00
George Nikolopoulos
d88c07a037 New module: manage Citrix Netscaler GSLB service configuration (network/netscaler/netscaler_gslb_service)) (#27638)
* Add netscaler_gslb_service

* Lowercase enabled, disabled option values

* Add fixes in netscaler module utils needed for unit test success
2017-08-03 15:26:05 +01:00
George Nikolopoulos
cd865be987 New module: manage Citrix Netscaler SSL certificate keys (network/netscaler/netscaler_ssl_certkey)) (#27641)
* Add netscaler_ssl_certkey

* Fix options

* Lowercase enabled, disabled option values

* Add fixes in netscaler module utils needed for unit test success
2017-08-03 15:24:56 +01:00
George Nikolopoulos
e2f907ae3e Add netscaler_gslb_vserver (#27640) 2017-08-03 12:32:10 +01:00
Felipe Garcia Bulsoni
b060d0ccba Initial commits for integration of HPE OneView resources with Ansible (#26026)
* Initial commit for integration of HPE OneView resources with Ansible Core. Adding FC Network and FC Network Fact modules and unit tests, and OneView base class for all OV resources.
2017-08-02 19:54:32 -07:00
Adrian Likins
27a015f0ad add a 'min' type for gather_subset to collect nothing (#27085)
previously gather_subset=['!all'] would still gather the
min set of facts, and there was no way to collect no facts.

The 'min' specifier in gather_subset is equilivent to
exclude the minimal_gather_subset facts as well.

   gather_subset=['!all', '!min'] will collect no facts

This also lets explicitly added gather_subsets override excludes.

   gather_subset=['pkg_mgr', '!all', '!min'] will collect only the pkg_mgr
fact.
2017-08-02 11:04:01 -04:00
mharista
c85f363aaa Add module cv_server_provision for integration with Arista CloudVision Portal. (#25450)
* Add module cv_server_provision for integration with Arista CloudVision Portal.

* Doc update.

* Remove shebang from test file. Update short description with company and product name.

* Update exception syntax to Python3 style.

* Remove blank line between imports.

* Remove newlines from RETURN documentation.

* Add cvprac to unittest requirements.

* Update unittest format. Add a few additional tests.

* Mock exceptions from cvprac so the library is not needed for unittests.

* Mock cvprac imports.

* Update unit tests to support python 3.5.

* Mock full cvprac library for unittests.

* Update Jinja2 import to pass updated CI checks.

* Update cvprac imports format for new CI tests.

* Add __metaclass__ and __future__.
2017-08-02 15:24:52 +01:00
Adrian Likins
2b0a7338d4 Handle win style CRLF newlines in vault text (#27590)
When parsing a vaulttext blob, use .splitlines()
instead of split(b'\n') to handle \n newlines and
windows style \r\n (CRLF) new lines.

The vaulttext enevelope at this point is just the header line
and a hexlify()'ed blob, so CRLF is a valid newline here.

Fixes #22914
2017-08-01 18:53:22 -04:00
Roman Belyakovsky
42039cd436 New module: manage debian network interfaces file /etc/network/interfaces (system/interfaces_file) (#25295)
* Added new module interfaces_file

* interfaces_file: added unit tests

* interfaces_file: added golden files for unit tests

* interfaces_file: moved to system modules

* interfaces_file: fixed code formatting and convention issues
2017-08-01 12:11:43 -06:00
James Mighion
4dd8f281d6 Adding aruba_config module (#27130)
* Adding aruba_config module.

* Fixing documentation.

* Forgot action plugin.
2017-08-01 11:44:26 -06:00
George Nikolopoulos
f204e7cb33 New module: manage Citrix Netscaler content switching virtual server configuration (network/netscaler/netscaler_cs_vserver) (#26245)
* Add netscaler_cs_vserver

* Correct version_added
2017-08-01 18:43:59 +01:00
George Nikolopoulos
36537186e3 New module: manage Citrix Netscaler content switching policy configuration (network/netscaler/netscaler_cs_policy) (#26189)
* Add netscaler_cs_policy

* Correct version_added
2017-08-01 18:35:29 +01:00
George Nikolopoulos
e329c9da8c New module: manage Citrix Netscaler servicegroup configuration (network/netscaler/netscaler_servicegroup)) (#26183)
* Add netscaler_servicegroup

* Correct version_added
2017-08-01 18:34:28 +01:00
George Nikolopoulos
7df14bd2b0 New module: manage Citrix Netscaler load balancer virtual servers configuration (network/netscaler/netscaler_lb_vserver) (#26144)
* Add netscaler_lb_vserver

* Correct version_added
2017-08-01 18:33:35 +01:00
George Nikolopoulos
ac0c5dec2f Add netscaler_lb_monitor (#26143) 2017-08-01 11:30:47 -06:00
Adrian Likins
17ab546c48 Add 2.0-2.3 facts api compat (ansible_facts(), get_all_facts()) (#27294)
* Add 2.0-2.3 facts api compat (ansible_facts(), get_all_facts())

These are intended to provide compatibilty for modules that
use 'ansible.module_utils.facts.ansible_facts' and
'ansible.module_utils.facts.get_all_facts' from 2.0-2.3 facts
API.

Fixes #25686

Some related changes/fixes needed to provide the compat api:

* rm ansible.constants import from module_utils.facts.compat

Just use a hard coded default for gather_subset/gather_timeout
instead of trying to load it from non existent config if the
module params dont include it.

* include 'external' collectors in compat ansible_facts()

* Add facter/ohai back to the valid collector classes

facter/ohai had  gotten removed from the default_collectors
class used as the default list for all_collector_classes by
setup.py and compat.py

That made gather_subset['facter'] fail.
2017-08-01 12:51:33 -04:00
Ganesh Nalawade
97a34cf008 Add options sub spec validation (#27119)
* Add aggregate parameter validation

aggregate parameter validation will support checking each individual dict
to resolve conditions for aliases, no_log, mutually_exclusive,
required, type check, values, required_together, required_one_of
and required_if conditions in argspec. It will also set default values.

eg:
tasks:
  - name: Configure interface attribute with aggregate
    net_interface:
      aggregate:
        - {name: ge-0/0/1, description: test-interface-1, duplex: full, state: present}
        - {name: ge-0/0/2, description: test-interface-2, active: False}
    register: response
    purge: Yes

Usage:
```
from ansible.module_utils.network_common import AggregateCollection

transform = AggregateCollection(module)
param = transform(module.params.get('aggregate'))
```

Aggregate allows supports for `purge` parameter, it will instruct the module
to remove resources from remote device that hasn’t been explicitly
defined in aggregate. This is not supported by with_* iterators

Also, it improves performace as compared to with_* iterator for network device
that has seperate candidate and running datastore.
For with_* iteration the sequence of operartion is
load-config-1 (candidate db) -> commit (running db) -> load_config-2
(candidate db) -> commit (running db) ...

With aggregate the sequence of operation is
load-config-1 (candidate db) -> load-config-2 (candidate db) -> commit
(running db)

As commit is executed only once per task for aggregate it has
huge perfomance benefit for large configurations.

* Fix CI issues

* Fix review comments

*  Add support for options validation for aliases, no_log,
   mutually_exclusive, required, type check, value check,
   required_together, required_one_of and required_if
   conditions in sub-argspec.
*  Add unit test for options in argspec.
*  Reverted aggregate implementaion.

* Minor change

* Add multi-level argspec support

*  Multi-level argspec support with module's top most
   conditionals options.

* Fix unit test failure

* Add parent context in errors for sub options

* Resolve merge conflict

* Fix CI issue
2017-08-01 09:32:18 -07:00
Will Thames
5f73bdc3bf [cloud] Improve Camel to Snake conversion in EC2 module_utils (#25015)
* Make camel_to_snake work on capitalized plurals

`TargetGroupARNs` should become `target_group_arns`, not
`target_group_ar_ns`

Promote `camel_to_snake` to top layer function but prefix
it with an underscore.

Add tests for improved `_camel_to_snake` function.

Reduce use of `re.compile` as it makes no sense when the
compilation result is not reused.

* Remove unused LooseVersion check

* Fix PLURALs case for camel_to_snake

Also renamed EXPECTED_CAMELIZATION to EXPECTED_SNAKIFICATION
2017-08-01 11:09:22 -04:00
Dag Wieers
97aaf103e8 ACI module_utils library for ACI modules (#27070)
* ACI module_utils library for ACI modules

This PR includes:
- the ACI argument_spec
- an aci_login function
- an experimental aci_request function
- an aci_response function
- included the ACI team

* New prototype using ACIModule

This PR includes:
- A new ACIModule object with various useful methods
2017-07-31 12:44:27 +01:00
Adrian Likins
934b645191 Support multiple vault passwords (#22756)
Fixes #13243

** Add --vault-id to name/identify multiple vault passwords

Use --vault-id to indicate id and path/type

 --vault-id=prompt  # prompt for default vault id password
 --vault-id=myorg@prompt  # prompt for a vault_id named 'myorg'
 --vault-id=a_password_file  # load ./a_password_file for default id
 --vault-id=myorg@a_password_file # load file for 'myorg' vault id

vault_id's are created implicitly for existing --vault-password-file
and --ask-vault-pass options.

Vault ids are just for UX purposes and bookkeeping. Only the vault
payload and the password bytestring is needed to decrypt a
vault blob.

Replace passing password around everywhere with
a VaultSecrets object.

If we specify a vault_id, mention that in password prompts

Specifying multiple -vault-password-files will
now try each until one works

** Rev vault format in a backwards compatible way

The 1.2 vault format adds the vault_id to the header line
of the vault text. This is backwards compatible with older
versions of ansible. Old versions will just ignore it and
treat it as the default (and only) vault id.

Note: only 2.4+ supports multiple vault passwords, so while
earlier ansible versions can read the vault-1.2 format, it
does not make them magically support multiple vault passwords.

use 1.1 format for 'default' vault_id

Vaulted items that need to include a vault_id will be
written in 1.2 format.

If we set a new DEFAULT_VAULT_IDENTITY, then the default will
use version 1.2

vault will only use a vault_id if one is specified. So if none
is specified and C.DEFAULT_VAULT_IDENTITY is 'default'
we use the old format.

** Changes/refactors needed to implement multiple vault passwords

raise exceptions on decrypt fail, check vault id early

split out parsing the vault plaintext envelope (with the
sha/original plaintext) to _split_plaintext_envelope()

some cli fixups for specifying multiple paths in
the unfrack_paths optparse callback

fix py3 dict.keys() 'dict_keys object is not indexable' error

pluralize cli.options.vault_password_file -> vault_password_files
pluralize cli.options.new_vault_password_file -> new_vault_password_files
pluralize cli.options.vault_id -> cli.options.vault_ids

** Add a config option (vault_id_match) to force vault id matching.

With 'vault_id_match=True' and an ansible
vault that provides a vault_id, then decryption will require
that a matching vault_id is required. (via
--vault-id=my_vault_id@password_file, for ex).

In other words, if the config option is true, then only
the vault secrets with matching vault ids are candidates for
decrypting a vault. If option is false (the default), then
all of the provided vault secrets will be selected.

If a user doesn't want all vault secrets to be tried to
decrypt any vault content, they can enable this option.

Note: The vault id used for the match is not encrypted or
cryptographically signed. It is just a label/id/nickname used
for referencing a specific vault secret.
2017-07-28 15:20:58 -04:00
James Mighion
a328e96455 Adding aireos_config module (#27408)
* Adding aireos_config module.

* Fixing pep8 W291.
2017-07-29 00:36:04 +05:30
Trishna Guha
6d1bd33aa5 fix iosxr_banner (#27378)
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
2017-07-28 17:09:04 +05:30
Trishna Guha
a49c419651 fix nxos_vrf_af nxapi & cli (#27307)
* fix nxapi failure #27142

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>

* fix nxos_vrf_af nxapi and cli

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
2017-07-28 09:02:02 +05:30
David Newswanger
81151ef02c Remove Deprecated Template network modules (#27076)
* removed deprecated networking template modules

* update changelog

* update changelog
2017-07-27 19:40:11 +01:00
saichint
9b9a8749da Add integration tests and fix nxos providers (#26913)
* fix issues with python3.x

* Add integration testa and fix for nxos_evpn_vni

* add nxos_evpn_vni to nxos.yaml

* fix get_vtp_config()

* add new integration tests

* fix rollback

* add integration test files
2017-07-27 09:32:35 -04:00
Matt Davis
3f1ec6b862 add custom module type validation (#27183)
* Module argument_spec now accepts a callable for the type argument, which is passed through and called with the value when appropriate. On validation/conversion failure, the name of the callable (or its type as a fallback) is used in the error message.
* adds basic smoke tests for custom callable validator functionality
2017-07-26 16:12:50 -07:00
Trishna Guha
41ce724801 fix nxos_hsrp (#27306)
* fix nxos_hsrp

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>

* modify nxos_hsrp test

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
2017-07-26 11:38:55 +05:30