* Replace GigabitEthernet0/0/0/5 for GigabitEthernet0/0/0/2 in iosxr_interface intent tests (#32116)
There's no 5 interface present in CI nodes.
(cherry picked from commit f079a33563)
* Replace Gigabit0/0/0/2 for Gigabit0/0/0/1 on iosxr_interface.intent (#32120)
(cherry picked from commit a9d8157e81)
* Add ansible_ssh_port to iosxr_user auth tests (#32117)
The CI nodes listen on port 8022, we need to plumb that to avoid
test failures.
(cherry picked from commit 676d446cfc)
* Introspect the management IP on ios_ping (#31571)
On our CI we don't have external connectivity, so let's ping to
the management interface IP.
Also, ignore errors on the expected failures tests.
(cherry picked from commit c75c4cbfc8)
* Remove duped authorize on ios_ping anchored tasks (#31572)
Otherwise, we get warnings.
(cherry picked from commit ac95ecaf13)
* Introspect platform before running ios tests
* Add authorize
* Fix quotes on ios_ping test (#32131)
(cherry picked from commit ca115b0a8e)
* Fix lookup source tests on ios_system (#32254)
In IOS-XE, you need to pass an interface to lookup-source, otherwise
it fails with bad syntax.
(cherry picked from commit 4b35793f62)
* Remove ip nameservers on ios_system/set_name_servers teardown (#32239)
Not sure why lookup source-interface, the only thing tested on that
file is adding/removing name servers, no lookup is set.
(cherry picked from commit 9752ce368d)
* fix conflict
* Update CHANGELOG
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* Remove provider from ios integration test (#31037)
* Remove provider from each task as it is not required.
* Add `authorize: yes` whereever required
(cherry picked from commit 65ab37cbd3)
* CHANGELOG entry for ios tests fix
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* [cloud] Bugfix for aws_s3 empty directory creation
Backport of #32169
* Only make DeleteObject call if there are objects to delete
* Remove pauses from integration tests
* Use correct pip version in ansible-test.
* Add git fallback for validate-modules.
* Run sanity tests in a docker container.
* Use correct python version for sanity tests.
* Pin docker completion images and add default.
* Split pylint execution into multiple contexts.
* Only test .py files in use-argspec-type-path test.
* Accept identical python interpeter name or binary.
* Switch cloud tests to default container.
* Remove unused extras from pip install.
* Filter out empty pip commands.
* Don't force running of pip list.
* Support delegation for windows and network tests.
* Fix ansible-test python version usage.
* Fix ansible-test python version skipping.
* Use absolute path for log in ansible-test.
* Run vyos_command test on python 3.
* Fix windows/network instance persistence.
* Add `test/cache` dir to classification.
* Enable more python versions for network tests.
* Fix cs_router test.
(cherry picked from commit cf1337ca9a)
* Add openssh-client to default docker container.
* Include Azure requirements in default container.
To do so, handling of pip requirements was updated to install each
set of requirements separately and then run a verification pass to
make sure there are no conflicts between requirements.
* Add missing --docker-no-pull option.
* Add documentation for the azure-requirements test.
(cherry picked from commit 36b13e3e3d)
* Add nxos_file_copy IT
* Restructure nxos_igmp tests
* add nxos_igmp_interface IT
* add nxos_igmp_snooping IT
* add nxos_ntp_auth IT
* Add nxos_ntp_options IT
* update nxos.yaml with new tests
* update nxos_ntp_options test
* update nxos_ntp_auth IT
(cherry picked from commit ab84718a01)
* Correct usage for shutil.rmtree
Fix adds correct usage of shutil.rmtree in git module
Fixes: #31225
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Include archive tests so they get run
* Use new include syntax
* Cleanup syntax on git tests
- use multi-line YAML
- remove unneeded {{ }} around vars in conditionals
- remove unneeded quotes
- add task file name to task names for easier troubleshooting when things fail
* Make archive tests work for RHEL/CentOS 6
The older versions of Jinja2 in RHEL/CentOS 6 required assertion tasks using the map filter to be skipped.
The older version of git required gzip compression to be skipped on RHEL/CentOS 6.
* Account for ansible_distribution_major_version missing
(cherry picked from commit a047fe0e4c)
* Fix rollback in junos_config (#31424)
* Fix rollback in junos_config
Fixes#30778
* Call `load_configuration` with rollback id in case
the id is given as input
* Pass rollback id to `get_diff()` to fetch diff from device
* Fix unit test
(cherry picked from commit 88da95bb77)
* Update changelog
* [rpm_key] Fix to import first key on the system
Fixes: #31483
* [rpm_key] removed unsafe_shell and "throwaway" underscore
* [rpm_key] adding test to add the first key on system
(cherry picked from commit 5ccc1072ea)
* Remove sysctl entry when state=absent
* Cleanup sysctl integration test syntax
* Correct grammar on error message
* Add sysctl integration test for state=absent
(cherry picked from commit 2610b521bc)
* Add new lines to end of config file lines
* Properly write out selinux config file
Change module behavior to not always report a change but warn if a reboot is needed and return reboot_required.
Improve the output messages.
Add strip parameter to get_file_lines utility to help with parsing the selinux config file.
* Add return documentation
* Add integration tests for selinux module
* Use consistent capitalization for SELinux
* Use atomic_move in selinux module
* Don't copy the config file initially
There's no need to make a copy just for reading.
* Put message after set_config_policy in case the change fails
* Add aliases to selinux tests
(cherry picked from commit 00df1fda10)
* win_become: move error handling to Ansible outside of shell
* trimmed the output so double newlines don't get set
* added test for non-zero exit code
* missed issue URL on test
* changed exit to SetShouldExit
(cherry picked from commit e61c2799ff)
* win_copy: fix for copying encrypted file without pass
* fix pep8 issue
* reduced the diff and fixed some minor issues
(cherry picked from commit bba941cd5b)
In cli.CLI.unfrack_path callback, special case if the
value of '--output' is '-', and avoid expanding
it to a full path.
vault cli already has special cases for '-', so it
just needs to get the original value to work.
Fixes#30550
(cherry picked from commit 278ff19bea)
* Fix fact failures cause by ordering of collectors
Some fact collectors need info collected by other facts.
(for ex, service_mgr needs to know 'ansible_system').
This info is passed to the Collector.collect method via
the 'collected_facts' info.
But, the order the fact collectors were running in is
not a set order, so collectors like service_mgr could
run before the PlatformFactCollect ('ansible_system', etc),
so the 'ansible_system' fact would not exist yet.
Depending on the collector and the deps, this can result
in incorrect behavior and wrong or missing facts.
To make the ordering of the collectors more consistent
and predictable, the code that builds that list is now
driven by the order of collectors in default_collectors.py,
and the rest of the code tries to preserve it.
* Flip the loops when building collector names
iterate over the ordered default_collectors list
selecting them for the final list in order instead
of driving it from the unordered collector_names set.
This lets the list returned by select_collector_classes
to stay in the same order as default_collectors.collectors
For collectors that have implicit deps on other fact collectors,
the default collectors can be ordered to include those early.
* default_collectors.py now uses a handful of sub lists of
collectors that can be ordered in default_collectors.collectors.
fixes#30753fixes#30623
(cherry picked from commit 95abc1d82e)
* Use vault_id when encrypted via vault-edit
On the encryption stage of
'ansible-vault edit --vault-id=someid@passfile somefile',
the vault id was not being passed to encrypt() so the files were
always saved with the default vault id in the 1.1 version format.
When trying to edit that file a second time, also with a --vault-id,
the file would be decrypted with the secret associated with the
provided vault-id, but since the encrypted file had no vault id
in the envelope there would be no match for 'default' secrets.
(Only the --vault-id was included in the potential matches, so
the vault id actually used to decrypt was not).
If that list was empty, there would be an IndexError when trying
to encrypted the changed file. This would result in the displayed
error:
ERROR! Unexpected Exception, this is probably a bug: list index out of range
Fix is two parts:
1) use the vault id when encrypting from edit
2) when matching the secret to use for encrypting after edit,
include the vault id that was used for decryption and not just
the vault id (or lack of vault id) from the envelope.
add unit tests for #30575 and intg tests for 'ansible-vault edit'
Fixes#30575
(cherry picked from commit a14d0f3586)
* Split ec2_elb_* modules in service of rename/interface changes (#30532)
* Undeprecate ec2_elb_*
* Make ec2_elb* full fledged modules rather than aliases
* Split tests for ec2_elb_lb and elb_classicb_lb
* Change names in documentation of old and new elb modules
Add tests for ec2_elb_lb
* Update CHANGELOG with new status of ec2_elb_* vs. elb_classic_*
* Increase persistent connection local socket
retry timeout to fix intermittent failure in
network integration test
(cherry picked from commit 869cd6f729)
* windows: fix list type in legacy module utils
* only change the return for the list type instead of affecting it all
* additional null check when using an array
(cherry picked from commit 01563ccd5d)
* openssl_certificate: Fix parameter assertion in Python3
Parameter assertion in Python3 is broken. pyOpenSSL get_X() functions
returns b'' type string and tries to compare it with '' string, leading
to failure.
The error mentionned above has been fixed by sanitizing the inputs from
a user to the assert only backend.
Also, this error was hidden by the fact that the improper check method
was called in the generate() functions.
* Add simple integration test for openssl_certificate
* remove subject == issuer assertion
* run integration tests only on supported hosts
* change min supported version to 0.15.x
* Add test for more CSR fields
* also convert dict members to bytes
* fix version_compare
* openssl_{csr, certificate}: Fail if pyOpenSSL <= 0.15
Previous 0.13 pyOpenSSL was a C-binding, and required the parameter
passed to add_extention to be in ASN.1. This has changed with the move
to 0.14 and it is now all pythong and string based.
Previous the 0.15 release, the `get_extensions()` method didn't exist,
since the modules rely heavily on it we ensure pyOpenSSL version is at
last 0.15.0.
* check pyopenssl version in openssl_csr integration test
(cherry picked from commit 2186b04934)
As-merged, had several issues that prevented idempotent usage. Some args were defined at the wrong UI level. Dual-state args didn't match up with typical Ansible UI.
(cherry picked from commit 6b5b465125)
* Adds nxos_pim_rp_address integration test role for group_list,
prefix_list and route_map (cli and nxapi)
* * Adds explicit removal of static RP configs to match cli behaviour
* * Removes config deletion using nxos_config module (for 2.4 only)
* * Attempt short and long delete config command
* Add a platform check for N3K for bidir
(cherry picked from commit 7e58661335)
