Since https://github.com/ansible/ansible/pull/56733, we were not able to apply
firewall rules with no `allowed_hosts` key.
closes: #61332
In addition, this patch ensures the `allowed_hosts` key accepts a dict,
instead of a dict in a single entry list.
```yaml
vmware_host_firewall_manager:
esxi_hostname: "{{ esxi1 }}"
rules:
- name: NFC
enabled: True
allowed_hosts:
- all_ip: False
ip_address:
- "1.2.3.4"
```
Should be written:
```yaml
vmware_host_firewall_manager:
esxi_hostname: "{{ esxi1 }}"
rules:
- name: NFC
enabled: True
allowed_hosts:
all_ip: False
ip_address:
- "1.2.3.4"
```
(cherry picked from commit ab2aaca61d67a479626a930644fed35859365441)
Add handlers to setup_mysql_db and setup_mysql8 to remove installed packages..
(cherry picked from commit 3e4ae42256)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* [stable-2.9] Eos vlan override (#63639)
* Fix overridden & deleted in eos_vlans
* Fix vlan creation in overridden
* Right, Python 2.6
(cherry picked from commit 741d529)
Co-authored-by: Nathaniel Case <ncase@redhat.com>
* eos_vlans: Never try to set vlan_id as a property (#63689)
(cherry picked from commit d98482c294)
* Add changelog
* Move tests with docker registry into own target.
* Add docker_login tests.
* Add step which makes sure hello-world:latest is around.
* Make work inside docker container.
* Add dependency.
* Use plaintext password.
* Forgot check_mode.
* Add no_log to avoid double log output in verbose mode.
(cherry picked from commit a79f7e575a)
Improve tests
- add more unit test cases
- add specific integration test with more cases
Testing shows no major downside to calling .strip() twice in a comprehension vs. using a regular for loop and only calling .strip() once. Going with the comprehension for ease of maintenance and because comprehensions are optimized in CPython.
(cherry picked from commit 987265a6ef)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* Fix up role version pagination for Galaxy install
* Fix sanity issue
(cherry picked from commit 7acae62fa8)
Co-authored-by: Jordan Borean <jborean93@gmail.com>
This fixes a regression that was caused by switching from copy() to
deepcopy() when 'saving' variables before templating. Since HostVars
did not implement the __deepcopy__() method, deepcopy returned incorrect
results when host vars were present in the variables.
Fixes#63940
(cherry picked from commit cd8ce16d48)
* [stable-2.9] Set alter_sys=True instead of False to address backwards incompat (#64670)
* Set alter_sys=True instead of False to address backwards incompat
* ci_complete
* Add integration test
* ci_complete
* sanity
* ci_complete
* Changelog fragment
* Update import test and validate-modules to match.
(cherry picked from commit b93d92ef9a)
Co-authored-by: Matt Martz <matt@sivel.net>
* Rebase and add alter_sys to validate-modules
* Move X25519, X448, Ed25519 and Ed448 feature tests to module_utils.
* Correctly sign with Ed25519 and Ed448 keys.
* Fix public key comparison. Ed25519 and Ed448 do not have public_numbers().
* Add tests.
* Add changelog.
* Give better errors for cryptography 2.6.x and 2.7.x.
* Test for new errors.
* Forgot one.
* Used wrong private key.
* Use private key password for CA key. Add more stuff to its certificate.
(cherry picked from commit fed267df03)
- xenserver module_util: XenAPI lib import error message handling is now
ported to missing_required_lib(). Updated unit tests.
- xenserver_guest, xenserver_guest_info, xenserver_guest_powerstate modules:
docs are updated to reflect recent changes in availability of XenAPI lib
on PyPI.
- xenserver_guest, xenserver_guest_info, xenserver_guest_powerstate modules:
docs are updated to reflect recent Citrix rebranding of XenServer. Broken
URLs to external resources are fixed.
- xenserver_guest, xenserver_guest_info, xenserver_guest_powerstate modules:
more tested platforms are mentioned in docs.
(cherry picked from commit 7afba9420a)
Add integration test for copy: deep recursive with remote_src=True
(cherry picked from commit b7e38dfa52)
Co-authored-by: Alexander Korsunsky <A.Korsunsky@gmail.com>
* Fix#63919: don't run os.makedirs on empty dir path
* integration test for lineinfile create: yes without path (Sam Doran <sdoran@redhat.com>)
(cherry picked from commit 3c978a3225)
* Make acl module to work with whitespaces in path
* Added a changelog fragment
* Add quotes to changelog fragment
(cherry picked from commit 504d76e956)
* Fix issue when setting an empty pass to no_log param (#62804)
* Fix issue when setting an empty pass to no_log param
* Fix typo
(cherry picked from commit 322e225830)
* Fix up actual get for older versions
This fixes ansible-test so it no longer tries to install sanity test dependencies on unsupported Python versions.
(cherry picked from commit 437e9b7063)
Co-authored-by: Matt Clay <matt@mystile.com>
* Fix validate-modules support for collections.
- Relative imports now work correctly.
- The collection loader is now used.
- Modules are invoked as `__main__`.
* Remove obsolete validate-modules code ignores.
* Handle sys.exit in validate-modules.
* Add check for AnsibleModule initialization.
* Remove `missing-module-utils-import` check.
This check does not support relative imports or collections.
Instead of trying to overhaul the test, we can rely on the `ansible-module-not-initialized` test instead.
* Fix badly named error codes with `c#` in the name.
The `#` conflicts with comments in the sanity test ignore files.
* Add changelog entries.
(cherry picked from commit e9f8a34dce)
Co-authored-by: Matt Clay <matt@mystile.com>
Use a separate variable for the boolean test rather than having the same variable sometimes be a boolean and sometimes be a regular expression match object
Add integration tests to cover this scenario
(cherry picked from commit 29d4d318a5)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* crypto modules: improve return value list documentation (#62929)
* Improve return value documentation by allowing entry for return values.
* Add docs formatting, adjust styling.
* Fix sample return value. (Taken from https://tools.ietf.org/html/rfc7517#appendix-A.1.)
* Work around abuse of .
(cherry picked from commit 054285c34c)
* Add changelog.
* clean "changed" after it has been processed
without this change, a loop of `debug` tasks with `changed_when`
causes the "changed" status to get lost before output
* runme.sh tests for debug loop status
(cherry picked from commit bfd32c9b00)
* Specifying IP addresses needs API version 1.22 or newer.
* Simplify code.
* Use IPAMConfig.IPv*Address instead of IPAddress and GlobalIPv6Address.
* Add changelog.
* Fix syntax errors.
* Add integration test.
* Don't rely on netaddr.
* Normalize IPv6 addresses before comparison.
* Install netaddr, and use it.
(cherry picked from commit 62c0cae29a)
* [stable-2.9] Fix various import sanity test issues.
- Relative imports are now properly recognized.
- Correct script invocation of Ansible modules is used.
- Warnings are now consistently reported as errors.
- Errors are now consistently reported with the file tested.
Resolves https://github.com/ansible/ansible/issues/62723
Resolves https://github.com/ansible/ansible/issues/61884
(cherry picked from commit 92ccdeac31)
Co-authored-by: Matt Clay <matt@mystile.com>
* Changelog entry for ansible-test sanity fixes.
(cherry picked from commit 0923ed56c7)
* AH servers include automation-hub as part of the server configuration.
So we don't need to add it here.
Fixes#63699
* Update unittests for the fix to galaxy wait_import_task
(cherry picked from commit cc1ff57)
Co-authored-by: Toshio Kuratomi <a.badger@gmail.com>
This brings in the final Python 3.8.0 release instead of a release candidate.
(cherry picked from commit 7448084858)
Co-authored-by: Matt Clay <matt@mystile.com>
* [stable-2.9] Added changelog fragment
(cherry picked from commit 7da37e5)
Co-authored-by: Andrea Tartaglia <andrea@braingap.uk>
* Fixes --version in ansible-galaxy cli
(cherry picked from commit 202ad4f89a)
* Handle galaxy v2/v3 API diffs for artifact publish response
For publishing a collection artifact
(POST /v3/collections/artifacts/), the response
format is different between v2 and v3.
For v2 galaxy, the 'task' url returned is
a full url with scheme:
{"task": "https://galaxy-dev.ansible.com/api/v2/collection-imports/35573/"}
For v3 galaxy, the task url is relative:
{"task": "/api/automation-hub/v3/imports/collections/838d1308-a8f4-402c-95cb-7823f3806cd8/"}
So check which API we are using and update the task url approriately.
* Use full url for all wait_for_import messages
Update unit tests to parameterize the expected
responses and urls.
* update explanatory comment
* Rename n_url to full_url.
* Fix issue with overwrite of the complete path
* Fixes overwrite of the complete path in case there's extra path stored
in self.api_sever
* Normalizes the input to the wait_import_task function so it receives
the same value on both v2 and v3
Builds on #63523
* Update unittests for new call signature
* Add changelog for ansible-galaxy publish API fixes.
(cherry picked from commit 4cad7e4)
Co-authored-by: Toshio Kuratomi <a.badger@gmail.com>
* Update sros_config.py (#63132)
(cherry picked from commit b3deab4319)
* add note about collection links (#63346)
(cherry picked from commit bdd0fac606)
* Nosh module documentation update (#63303)
* detail the 'status' dictionary
* did not add individual descriptions, see nosh documentation for those
* sample: False not being rendered unless 'False' is quoted
(cherry picked from commit df283788e5)
* Move galaxy appendix info to a new Galaxy section (#63356)
* start galaxy docs restructure
* shared snippets in txt files
* moved all content to galaxy section
(cherry picked from commit ae265bc546)
* Enter should be Italics as it is a menu option (#63441)
(cherry picked from commit 7a8c909876)
* ini_file: remove incorrect documentation (#63394)
(cherry picked from commit ab249a469e)
* Changed with_items to loop in VMware example (#63022)
(cherry picked from commit 876a2d57be)
* ovirt update fetch_nested param doc (#63191)
(cherry picked from commit 0beab6bf69)
* Update 'delete' parameter description in synchronize module (#63450)
Co-Authored-By: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit da46800f1b)
* Update unarchive.py - Further clarify extra_opts (#58102)
Update the description in the options to help assist with what the module is looking for in the extra_opts. #31873 alone is not enough since if you are not familiar with the option given in the example it may not be obvious that both elements are part of the same option instead of being two different options.
Co-Authored-By: Alicia Cozine <879121+acozine@users.noreply.github.com>
(cherry picked from commit e967060b9f)
* ovirt_vm add warning about next run configuration (#63458)
(cherry picked from commit 16e49fdd44)
* Fix doc - porting_guide_2.8 value example (#63493)
(cherry picked from commit e0f67b58ce)
* Fix warnings for ufw examples (#63505)
(cherry picked from commit e4eea0510c)
* Get no_log parameters from subspec
* Add changelog and unit tests
* Handle list of dicts in suboptions
Add fancy error message (this will probably haunt me)
* Update unit tests to test for list of dicts in suboptions
* Add integration tests
* Validate parameters in dict and list
In case it comes in as a string
* Make changes based on feedback, fix tests
* Simplify validators since we only need to validate dicts
Add test for suboptions passed in as strings to ensure they get validated properly and turned into a dictionary.
ci_complete
* Add a few more integration tests
(cherry picked from commit e9d29b1fe4)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* isa string should rewrap as unsafe in get_validated_value
* _is_unsafe shouldn't be concerned with underlying types
* Start with passwords as text, instead of bytes
* Remove unused imports
* Add changelog fragment
* Update changelog with CVE
* fix default collection resolution in adhoc
* if an adhoc command is run with a playbook-dir under a configured collection, default collection resolution is used to resolve unqualified module/action names
* Set ANSIBLE_PLAYBOOK_DIR in integration tests.
* Fix config conflict in ansible integration test.
* add adhoc default collection test
* text-ify warning string
(cherry picked from commit 6d52bdf4db)
* Stop appending '/api' to galaxy server url (#63238)
* Stop appending '/api' to configured galaxy server url
Since not all galaxy REST api server URLs live
at '/api', stop always appending it to the
'url' value loaded from config.
* Add note about manually migrated galaxy configs and /api
* Add '/api/' to galaxy url and guessing if galaxy API
* Fix most unit tests (update to expect /api/)
* Fix test_initialise_unknown unit test
Since we retry now with an added /api/, mock it as well.
* Update fallback default avail_ver to new format
(cherry picked from commit bad72693e4)
* Add changelog fragment galaxy_api_config
* Fix galaxy url use everywhere when url is set in config. (#63286)
In addition to trying the configured url (for ex, a migrated
'https://galaxy.ansible.com/') there is an attempt at that
URL with '/api' postpended.
If the extended URL works, update GalaxyAPI.api_server to
use the extended URL. Previously it only used it for finding
the API root info ('available_versions', etc)
(cherry picked from commit ed203c5902)