* Make ansible_selinux facts a consistent type
Rather than returning a bool if the Python library is missing, return a dict with one key containing a message explaining there is no way to tell the status of SELinux on the system becasue the Python library is not present.
* Fix unit test
(cherry picked from commit e7902d888c)
* Add new lines to end of config file lines
* Properly write out selinux config file
Change module behavior to not always report a change but warn if a reboot is needed and return reboot_required.
Improve the output messages.
Add strip parameter to get_file_lines utility to help with parsing the selinux config file.
* Add return documentation
* Add integration tests for selinux module
* Use consistent capitalization for SELinux
* Use atomic_move in selinux module
* Don't copy the config file initially
There's no need to make a copy just for reading.
* Put message after set_config_policy in case the change fails
* Add aliases to selinux tests
(cherry picked from commit 00df1fda10)
* win_become: move error handling to Ansible outside of shell
* trimmed the output so double newlines don't get set
* added test for non-zero exit code
* missed issue URL on test
* changed exit to SetShouldExit
(cherry picked from commit e61c2799ff)
* Update elasticsearch_plugin.py
Change module to work with Elasticsearch 2.x and 5.x automatically.
Update examples and docs.
Supersedes #21989
* Check system paths for elasticsearch-plugin binary
Use get_bin_path from basic.py for searching paths.
* Create a copy of PLUGIN_BIN_PATHS rather than modifying the global
* Use provided plugin_bin path first before trying other places
Change global PLUGIN_BIN_PATHS to a tuple
(cherry picked from commit a5ee865634)
* win_copy: fix for copying encrypted file without pass
* fix pep8 issue
* reduced the diff and fixed some minor issues
(cherry picked from commit bba941cd5b)
In cli.CLI.unfrack_path callback, special case if the
value of '--output' is '-', and avoid expanding
it to a full path.
vault cli already has special cases for '-', so it
just needs to get the original value to work.
Fixes#30550
(cherry picked from commit 278ff19bea)
* Fix fact failures cause by ordering of collectors
Some fact collectors need info collected by other facts.
(for ex, service_mgr needs to know 'ansible_system').
This info is passed to the Collector.collect method via
the 'collected_facts' info.
But, the order the fact collectors were running in is
not a set order, so collectors like service_mgr could
run before the PlatformFactCollect ('ansible_system', etc),
so the 'ansible_system' fact would not exist yet.
Depending on the collector and the deps, this can result
in incorrect behavior and wrong or missing facts.
To make the ordering of the collectors more consistent
and predictable, the code that builds that list is now
driven by the order of collectors in default_collectors.py,
and the rest of the code tries to preserve it.
* Flip the loops when building collector names
iterate over the ordered default_collectors list
selecting them for the final list in order instead
of driving it from the unordered collector_names set.
This lets the list returned by select_collector_classes
to stay in the same order as default_collectors.collectors
For collectors that have implicit deps on other fact collectors,
the default collectors can be ordered to include those early.
* default_collectors.py now uses a handful of sub lists of
collectors that can be ordered in default_collectors.collectors.
fixes#30753fixes#30623
(cherry picked from commit 95abc1d82e)
* Use vault_id when encrypted via vault-edit
On the encryption stage of
'ansible-vault edit --vault-id=someid@passfile somefile',
the vault id was not being passed to encrypt() so the files were
always saved with the default vault id in the 1.1 version format.
When trying to edit that file a second time, also with a --vault-id,
the file would be decrypted with the secret associated with the
provided vault-id, but since the encrypted file had no vault id
in the envelope there would be no match for 'default' secrets.
(Only the --vault-id was included in the potential matches, so
the vault id actually used to decrypt was not).
If that list was empty, there would be an IndexError when trying
to encrypted the changed file. This would result in the displayed
error:
ERROR! Unexpected Exception, this is probably a bug: list index out of range
Fix is two parts:
1) use the vault id when encrypting from edit
2) when matching the secret to use for encrypting after edit,
include the vault id that was used for decryption and not just
the vault id (or lack of vault id) from the envelope.
add unit tests for #30575 and intg tests for 'ansible-vault edit'
Fixes#30575
(cherry picked from commit a14d0f3586)
Allow empty wasn't breaking out of the process_dist_files
loop, so a empty /etc/arch-release would continue searching
and eventually try /etc/os-release. The os-release parsing
works, but the distro name there is 'Arch Linux' which does
not match the 2.3 behavior of 'Archlinux'
Add a OS_RELEASE_ALIAS map for the cases where we need to get
the distro name from os-release but use an alias.
We can't include 'Archlinux' in SEARCH_STRING because a name match on its keys
but without a match on the content causes a fallback to using the first
whitespace seperated item from the file content as the name.
For os-release, that is in form 'NAME=Arch Linux'
With os-release returning the right name, this also supports the
case where there is no /etc/arch-release, but there is a /etc/os-release
Fixes#30600
* pep8 and comment cleanup
(cherry picked from commit 3eab636b3f)
* Fix pkg_mgr fact on OpenBSD
Add a OpenBSDPkgMgrFactCollector that hardcodes pkg_mgr
to 'openbsd_pkg'. The ansible collector will choose the
OpenBSD collector if the system is OpenBSD and the 'Generic'
one otherwise.
This removes PkgMgrFactCollectors depenency on the
'system' fact being in collected_facts, which also
avoids ordering issues (if the pkg mgr fact is collected
before the system fact...)
Fixes#30623
(cherry picked from commit 12404f470a)
* Split ec2_elb_* modules in service of rename/interface changes (#30532)
* Undeprecate ec2_elb_*
* Make ec2_elb* full fledged modules rather than aliases
* Split tests for ec2_elb_lb and elb_classicb_lb
* Change names in documentation of old and new elb modules
Add tests for ec2_elb_lb
* Update CHANGELOG with new status of ec2_elb_* vs. elb_classic_*
* Increase persistent connection local socket
retry timeout to fix intermittent failure in
network integration test
(cherry picked from commit 869cd6f729)
This is to match the 2.3 behavior on:
ansible-vault edit encrypted_file.yml
Previously, the above command would consider that a 'new password'
scenario and prompt accordingly, ie:
$ ansible-vault edit encrypted_file.yml
New Password:
Confirm New Password:
The bug was cause by 'create_new_password' being used for
'edit' action. This also causes the previous implicit 'auto prompt'
to get triggered and prompt the user.
Fix is to make auto prompt explicit in the calling code to handle
the 'edit' case where we want to auto prompt but we do not want
to request a password confirm.
Fixes#30491
(cherry picked from commit 307be59092)
Unittests are sometimes run without network connectivity in build
systems. Make that work correctly by mocking out _get_url_data with the
expected return value.
(cherry picked from commit 0a69e27e62)
* windows: fix list type in legacy module utils
* only change the return for the list type instead of affecting it all
* additional null check when using an array
(cherry picked from commit 01563ccd5d)
* openssl_certificate: Fix parameter assertion in Python3
Parameter assertion in Python3 is broken. pyOpenSSL get_X() functions
returns b'' type string and tries to compare it with '' string, leading
to failure.
The error mentionned above has been fixed by sanitizing the inputs from
a user to the assert only backend.
Also, this error was hidden by the fact that the improper check method
was called in the generate() functions.
* Add simple integration test for openssl_certificate
* remove subject == issuer assertion
* run integration tests only on supported hosts
* change min supported version to 0.15.x
* Add test for more CSR fields
* also convert dict members to bytes
* fix version_compare
* openssl_{csr, certificate}: Fail if pyOpenSSL <= 0.15
Previous 0.13 pyOpenSSL was a C-binding, and required the parameter
passed to add_extention to be in ASN.1. This has changed with the move
to 0.14 and it is now all pythong and string based.
Previous the 0.15 release, the `get_extensions()` method didn't exist,
since the modules rely heavily on it we ensure pyOpenSSL version is at
last 0.15.0.
* check pyopenssl version in openssl_csr integration test
(cherry picked from commit 2186b04934)
As-merged, had several issues that prevented idempotent usage. Some args were defined at the wrong UI level. Dual-state args didn't match up with typical Ansible UI.
(cherry picked from commit 6b5b465125)
* Adds nxos_pim_rp_address integration test role for group_list,
prefix_list and route_map (cli and nxapi)
* * Adds explicit removal of static RP configs to match cli behaviour
* * Removes config deletion using nxos_config module (for 2.4 only)
* * Attempt short and long delete config command
* Add a platform check for N3K for bidir
(cherry picked from commit 7e58661335)
* Fix nxos_snmp_community idempotence issue
* Use passed in name to filter
* Test updates and remove unused method
(cherry picked from commit 9af6dc4751)
On setup we set it to 'switch', so teardown should be 'switch'.
Also, using inventory_hostname breaks the test, since in our CI
it's a long UUID string, which exceeds the 32 chars maximum for setting
a hostname on NXOS.
(cherry picked from commit 2304706bd3)
Using inventory_hostname breaks in our CI, as the inventory_hostname
translates to a long UUID, exceeding the maximum length for a NXOS
hostname.
(cherry picked from commit 8b6e3272f2)
* fix nxos_pim_interface
* Add integration test coverage and fix unit test
* Add clarifying comments
* Make ansibot happy
(cherry picked from commit 173c41aefe)
* Clean up nxos_snmp_contact & nxos_snmp_location
* Bring nxos_snmp_community in line
* Bring nxos_snmp_host in line
* And I would have gotten away with it too,
if it weren't for those meddling sanity tests
* Bring nxos_snmp_traps & nxos_snmp_user in line
* Appease Shippable
(cherry picked from commit 8c03609e54)
* cleanup nxos_bgp_neighbor_af tests
* add timeout and to_json to nxapi testing for nxos_command
* maintain folder naming consistency with other tests
(cherry picked from commit caafc8e591)
Fixes#29974
Add `None` check while comparing module parameter values (want) with the actual
configuration present on device (have).
(cherry picked from commit d8371cec91)
* Updated pip module to always return changed if venv is created
Fixes#23204
* Add integration test to pip (see #23204)
(cherry picked from commit 6dbc3c63f8)
* fixes#26623
* Test-Path (and thus `-type path` in Get-AnsibleParam) fail on a nonexistent drive letter, since it can't be mapped to a PSProvider.
* added support and basic smoke tests for
(cherry picked from commit 1e2ce4c8ab)
On our CI we use SSH port 8022, so parameterized the test passing
-p {{ ansible_ssh_port }}.
Also, force user/pass auth.
(cherry picked from commit b30cd60829)
* Show warning when using pylint on Python 2.6.
* Add pylint disable entries for Python 2.
* Fix unicode handling in ansible-test.
* Add missing documentation.
(cherry picked from commit 79bc49e150)
* refactor firewalld module with object abstraction
This change creates a FirewallTransaction object that each
individual transaction type is a sub-class of as they all follow the
same pattern to enable or disable something in the firewall.
Also, there's a few bugfixes here:
- Fix the "source" type to handle permanent operations
- Remove ambiguity of required parameters for only specific use
cases that can lead to transactions effectively being a no-op.
Instead, pick sane defaults and document them.
- Change how imports are done so globals are no longer needed
This is based on the original feedback by Toshio from the last
refactor attempt:
https://github.com/ansible/ansible-modules-extras/pull/3383
Signed-off-by: Adam Miller <maxamillion@fedoraproject.org>
* fix line too long for pep8 for shippable tests
Signed-off-by: Adam Miller <maxamillion@fedoraproject.org>
* remove firewalld from pep8/legacy-files
Signed-off-by: Adam Miller <maxamillion@fedoraproject.org>
(cherry picked from commit 75127092f2)
from __future__ unicode_literals leads to developer confusion as
developers no longer can tell whether a bare literal string is a byte
string or a unicode string. Explicit marking as u"" or b"" is the way
to solve the same problem in the Ansbile codebase.
(cherry picked from commit ff13d58c14)
* fix sid lookup issues and update copyright/license to latest format
* simplify win_owner and win_share by removing unnecessary function
(cherry picked from commit 8f050d3719)
* This commit includes a unit test to exercise the _is_role
function and make sure it doesn't break in any Python version.
* Import os.path and other minor fixups
(cherry picked from commit 8e4f112b39)
The set theory filters need to use lists rather than generators on python3.
Also add unit tests for most of the mathstuff filters
Fixes#26494
(cherry picked from commit 75249e311e)
* win_regedit: fixed up diff output to be more representative of type
* added diff fix for creation of key and prop in one go
(cherry picked from commit 91e7c3ec81)
* Divide Windows integration tests into 2 groups.
* Support `none` for `--changed-all-target`.
* Run 2 separate Windows groups on Shippable.
* Only run smoketest and minimal for the group1 job.
* Add EOS provider options as subspec
* Add IOS provider options as subspec
* Add IOS XR provider options as subspec
* Add Junos provider options as subspec
* Add NX-OS provider options as subspec
* Add Vyos provider options as subspec
* Remove password checks from check_args
* Do the same to aireos, aruba, ce, dellos*, & sros, as they work the same way
* VyOS does not support `transport`
* module should fail if eos_user is added without configured_password or nopassword or sshkey
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* fix eos_user unit test
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* fix eos_user integration test
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
Ansible-test will consume group_vars from test/integration, as it runs
from that working directory. This causes problems if we specify vars
in inventory as they have higher precedence, plus it gives the impression
to users those group_vars can be reused.
Leaving vyos since it's configured to run in Shippable and apparently
it breaks if there are no group_vars in the test/integration folder.
* Fix junos_user pruge option failures
Fixes#25989
Add seperate handling for purge option which
fetches configured users on remote device
and delete the one not present in aggregate
list.
* Minor changes
* Remove network integration group_vars/host_vars
We use our own inventory in DCI, which is passed to ansible-test
with --inventory.
However, as the working directory of ansible-test is set to
test/integration, ansible consumes the repo group_vars/host_vars.
That imposes a problem, since they have greater precedence to
inventory variables.
Let's just remove group_vars/host_vars so end-users can assume
those vars can be used, the inventory and group/host vars are
environment dependent, each user should create their own.
* Restore files I git rm'd by mistake
* Add FcoeNetworkFactsModule for retrieving HPE OneView FCoE Networks
- Allow querying for FCoE Network resources in HPE OneView
- Adds unit tests to new module
* Fix "required: no"
* Add NetworkSetFactsModule for retrieving HPE OneView Network Sets
- Allow querying for Network Set resources in HPE OneView
- Adds unit tests to new module
- Updates oneview_module_loader copyright header to short GPL3 version
* Adding possibility to pass in credentials as parameters
* Removed required false and changed format of filter_by_name declaration
* Updated examples in docs to reflect new way to pass in credentials
- All examples of the oneview_network_set_facts updated to use
credential parameters
- All required=False from oneview base module removed
- Shared docs updated to bring attention to API version being used
* add template for az func
* (wip) add basic azure functions support
* add support to add app settings to azure function
* add support for updating based off of app settings
* add integration tests and refactor required param
* support check mode and add facts module
* add test for azure functions facts module
* add necessary checks and registrations for web client
* fix documentation
* change return type from complex to dict
* disable azure_rm_functionapp tests until stable
* remove dict comprehension for py2.6
* pepe has whitespace tumor
* Adding acs module
* linter issue
* Reduce the VM Size for the int. tests
* Short the name of the cluster
* Fixing the asserts and title
* Fixing VM Scale count in int. tests
* Changing the location of the tests
* trying eastus2
* disabling acs CI tests until stabilized
* new facts module for dns zone
integration tests and new module for dns zone facts
* use vairable for domain name
* add nondeterministic piece to domain name
* fix azure_rm_dnszone_facts examples
* create new module for record set facts
added new module to get facts for dns zone record sets
* use variable for domain name
* correct lint error
* add nondeterministic piece to name
* fix azure_rm_dnsrecordset_facts examples
* replace duff commit version of win_toast
* change expire_mins to expire_secs and add example showing use of async
* fix metadata version to keep sanity --test validate-modules happy
* code review fixes and change expire_secs to expire_seconds
* add first pass integration tests for win_toast
* win_toast no longer fails if there are no logged in users to notify (it sets a toast_sent false if this happens)
* yaml lint clean up of setup.yml in win_toast integration tests
* improve exception and stack trace if the notifier cannot be created, following feedback from dag
* removed unwanted 'echo' input parameters from return vals; added to CHANGELOG.md, removed _seconds units from module params; updated tests to match
lint
Update integration test
handle check_mode
handle warnings
Removing the empty tags check
Updating author handle
To use github handle
Changing from warn to fail
disabled tests
* First version of managed disks: Multiple methods for creating, one get and one delete
* My name is too cool to be there
* Passing pep8 test
* Create and delete empty working
* Module for testing, lacks sense of setting state changed for unchanged operations
* Checking that actual changes are done to update status changed
* First version of the integration test
* Adding the dictionary to translate the facts, without using serializer
* Adding the serializer to managed disk
* Using native serializer in managed disks facts
* Added DiskSku to pass the whole class to the disk instead of a string
* Bumping version
* Passing sanity checks
* Aparently they Id is not returned by the serilizer
* Integration test
* Latest version
* Using my own serializer, the one in commons is not working for me
* Managed disks module support for ansible
* Updating my github account username in the file
* Sanity checks were missing in facts and integration test
* Fixing typo in source_resource_uri and removed AzureHTTPErrors
* Update tags are working now
* Integration test for tags
* Added support for tags, added check mode, corrected style
* (wip) add partial loadbalancer module
* (wip) add ability to use a public ip for a load balancer
* fix shebang
* add backend address pool to load balancer
* remove unncessary error variable
* add probe support to load balancer
* add ability to add load distribution rule to load balancer
* add nat pool functionality to azure load balancer
* fix pep8 errors from sanity check
* add documentation for load balancer
* refactor imports
* fix license header copyright
* add facts module for azure load balancer
* fix ansible-test failures
* add integration tests for load balancer
* fix metadata version
* add complex integration test to azure_rm_loadbalancer
* Adds win_pagefile module
* Fixed win_pagefile doc
* Fix win_pagefile doc
* Fix win_pagefile doc variable convention
* Added check_mode
* Changed win_pagefile module&doc to the convention
* added win_pagefile integration tests
* Changed check_mode blocks to whatif, fixed a bug
* Added whatif to set-wmiinstance, changed docs
Added whatif in Set-WMIInstance
Added dots to end of decription lines
* Returns to original state at the end, more tests
Added override and no override integration tests
Pagefiles now return to same state as before at the end of the integration test
* Remove extra line
* Added test_path var to win_pagefile
* Set test_path as 'no' in integration
* Added unit to docs and enclosed exception message
* More granular try-catch blocks
* Added workaround to avoid value out of range
* Deleted wrong line ending
* Changed license to one-line
* Removed space in line ending
* Try to fix python2.6 error
* Try 2 to fix python2.6 error
* Add separating line again
* Add the ability to modify shard count to kinesis_stream module
* Fixed an issue in kinesis_stream where update() reports not changed when it is changed
* Remove unreachable message and make the try and catch block shorter
* added windows module win_power_plan with integration test
integration testing updated to handle skipping 2008 while testing that
module provides helpful error
* minor docs fix
* my fault, too many spaces
* #18807 win_firewall_rule uses HNetCfg.FwPolicy2 COM object
* Added missing tests
* Added support for InterfaceTypes property
* Added support for EdgeTraversalOptions property
* Added SecureFlags property
* Port ranges are not possible in W2K8
* Added windows version checks
* Fixed doc: removed 'force' option and all notes
* Fixed copirights and docs
* added azure vm extensions support
* added auto_update_minor_version and protected_settings
* update docs
* added get_poller_result
* fixed test failures
* remove tags and check mode
* Include Integration Tests
Include Integration Test for azure_rm_virtualmachine_extensions.py
* Correct location for integration test files
