* nxos_vlan: vlan names containing regex ctl chars should be escaped (#55463)
The `nxos_vlan` module may raise with regex error `sre_constants.error: multiple repeat` in the non_structured codepath if the device has existing vlan names with certain regex control characters; e.g.
```
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Eth1/3
14 my-vlan-name-is-*** active
```
(cherry picked from commit de8ce08fd8)
* fix nxos_vlan mode idempotence bug (#55144)
* fix nxos_vlan mode idempotence bug
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* Fix CI failure
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
(cherry picked from commit 57e0567310)
* nxos_vlan fix 2.8 backport
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* `nxos_acl` may fail with `IndexError: list index out of range` while attempting to delete a non-existent ACL.
The failure occurs when the `acl` var is an empty list.
* nxos_acl: catch 501 'Structured output unsupported' when no ACLs present
With some older image versions, `show ip access-list | json` will raise a 501 error indicating `'Structured output unsupported'` when there are no access-lists configured. This change turns off the `check_rc` and then looks for the failure condition.
* Fix kwarg
* Fix lint issues
(cherry picked from commit 869fdcd7d4)
* sysctl will now return an error if the value is invalid
sysctl can fail to set a value even if it returns an exit status 0. More
details: https://bugzilla.redhat.com/show_bug.cgi?id=1264080. Because of
this in case of an invalid value or a read-only file system, sysctl
module would return OK, even though it didn't set anything. To be sure
that sysctl correctly applied the changes we also need to check the
output of stderr.
(cherry picked from commit 0432b7f2522dbf82c4fabdb3fd17f7ac83f34e62)
* Run sysctl with LANG=C
Because we are parsing sysctl stderr we need to make sure that errors
are persistent across different system language settings.
(cherry picked from commit a16128f778b1e7574c5986aed26e146ac0561533)
* Add changelog fragment for sysctl
(cherry picked from commit 3ad9d4d83c1d2bbfccefb8388904c596d98f8731)
This has been broken for some time, but only noticed recently. Because
vyos_command isn't supported on ansible_connection=local, update our
testing to account for that.
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
(cherry picked from commit 59d20e004e)
* Fix loading namespaced doc_fragments
The syntax for specifying a different fragment name was already
using '.' as a separator, so the code needed to be tweaked to
avoid choking on names like `testns.testcoll.fragname` and
`testns.testcoll.fragname.altvar`.
`get_plugin_class()` returns 'docfragment' for the fragment loader;
mangling `subdir` provides consistent alignment with the normal plugin
directory names and avoids needing special handling of plugin types
with 'module' in the name.
* Add changelog entry
(cherry picked from commit 2ef8b297ff)
Otherwise, we get the following error:
ERROR: ncclient 0.6.4 requires selectors2>=2.0.1, which is not installed.
when running ansible-test.
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
(cherry picked from commit 72bfdb38b4f935d2025928cf7a443ef31d8c23f6)
Ensure inventory plugin loading rel to play
fixes#51033
* clarify paths
* now adding dirs funciton in loader
* better warnings
* each cli should handle adding dirs depending on context
(cherry picked from commit 780ee45819)
* azure_rm_subnet: remove documentation that says it supports tags (#55233)
(cherry picked from commit 32345641e7)
* azure_rm_subnet: fix CI error for deleting the azure_tags (#55276)
(cherry picked from commit 91e808eed2)
* Use module_utils.compat.ipaddress where possible.
* Simplify reverse pointer computation.
* Use dummy for unused variables.
* Remove from ignore list.
* Adjust fix.
* Fix text handling for Python 2.
* Add changelog.
(cherry picked from commit c8a15b9dbc)
* General test improvements.
* Adjust tests to older docker-py versions.
* docker_swarm_server_info: work around problems with older docker-py versions
* Bump minimal docker-py version for options network_filters and disk_usage.
* More general test improvements.
* Correct usage of docker_image.
* Put files into output directory.
* Speed up test.
* Remove old check.
(cherry picked from commit 12d26eceb1)
* psrp - Fix raw and script tests for connection plugin
* Fix error propagation with raw in psrp
* uncomment test
(cherry picked from commit fdf9df89f5)
* postgresql_idx: improved doc, tests, remove useless lines from code (#55131)
* postgresql_idx: improve doc
* postgresql_idx: improve doc, removed unuseless rows from code
* postgresql_idx: misc doc fix
* postgresql_idx: moved common params where they were
* postgresql_idx: moved common params where they were 2
(cherry picked from commit d790285e80)
* postgresql_idx: added changelog about removing useless lines from code
* Add test for generating a CSR with everything, and testing idempotency.
* Proper SAN normalization before comparison.
* Fix check in cryptography backend.
* Convert SANs to text. Update comments.
* Add changelog.
(cherry picked from commit cb5c57bcd5)
* Warn when log_options values are not strings.
* Add changelog.
* Improve message.
* Improve formatting and formulation of other messages.
* Add test for warning.
* Trying double escaping.
(cherry picked from commit d64b17731d)
* Fix ansible-test inventory and vars path handling.
* Improve explanation for missing commit.
(cherry picked from commit a4d0c24bbf)
Co-authored-by: Matt Clay <matt@mystile.com>
* Adding Support For Vxlan In Onyx Switches
Signed-off-by: Anas Badaha <anasb@mellanox.com>
* Fix Pep8 Failures in onyx_vxlan.py
Signed-off-by: Anas Badaha <anasb@mellanox.com>
* Fix Pep8 Failures in onyx_vxlan phase 2
Signed-off-by: Anas Badaha <anasb@mellanox.com>
* Fix Shippable failures
Signed-off-by: Anas Badaha <anasb@mellanox.com>
* Fix Samer's Comments on PR
Signed-off-by: Anas Badaha <anasb@mellanox.com>
* Add docker_swarm_service_info module
* Remove unused import
* Limit to retrieving info about one service
* Add exists return value
* Add yaml 3-dash
Co-Authored-By: hannseman <hannes@5monkeys.se>
* Document return value as jinja `none´
Co-Authored-By: hannseman <hannes@5monkeys.se>
* Name is required
* module_utils fixes in collections
* fixed Windows module_utils in collections
* fixed more Python module_utils cases (from X import module)
* "medium style" Ansiballz modules now work properly with collections (ie, non-replacer but also not using basic.py)
* added more tests
* split Windows/POSIX exec
* sanity
* Adding New Model for Configure Buffer Pool on Onyx Switches
Signed-off-by: Anas Badaha <anasb@mellanox.com>
* Fix Pep8 Failures in onyx_buffer_pool.py
Signed-off-by: Anas Badaha <anasb@mellanox.com>
* Add podman_image and podman_image_info modules
* Add integration test for podman_image_info
* Change parameter names per feedback
* Add integration tests for podman_image
* Make test-module use default value for interpreter
* Changing from static interpreter path to sys.executable as per #54053
* A little ntegration test for #54053
* Added idempotency logic to openssl_pkcs12
Also decoupled the 'parse' and 'generate' function from the file write
as they are now used in different places that do not need the file to be
written to disk.
* Added idempotency tests for openssl_pkcs12
Also adds a new test for pkcs12 files with multiple certificates
* Regenerate if parsed file is invalid
* pkcs12_other_certificates check was wrong
* Updated ca_certificates to other_certificates
ca_certificates is left as an alias to other_certificates;
friendlyname depends on private key, so it will be ignored while
checking for idempotency if the pkey is not set;
idempotency check only checks for correct certs in the stack
* use different keys for different certs
* Added other_certificates in module docs
* Added changelog and porting guide
* removed unrelated porting guide entry
* renamed ca_cert* occurrence with other_cert
Check allows vmware_dvs_portgroup to fail early if user
specified invalid range in VLAN id(s).
Fixes: #54927
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* win_firewall_rule only changes specified arguments
defaults are controlled by com object
integration test for built in rule
* removed ignore psaliases for win_firewall_rule
* direction and action are no longer required
program and service respect default values
documentation updated to reflect that defaults apply to rule creation
added test to disable a rule and verify other values have not changed
* fixed extra whitespace
* Move each description sentance to a new entry
This reverts commit 85d836171b.
As discussed in WWG IRC meeting, we don't want Get-ADObject to be a dependency of win_domain_membership, and we need to be able to authenticate to the DC in some configs. We can revisit this change a different way for 2.9.
* Use six from ansible.module_utils for inventory scripts
Remove skips from sanity test
* Change all imports of ConfigParser to use module_utils.six.moves
* Remove commented out lines
* Fix six imports
* Don't pollute include_variables. Fixes#51667. Fixes#54618.
* Rename include_variables to include_args, so we can make the distinction about what they are
* Track args and vars separately
* oops
* oops again
* linting fix
* Add test
- Fixed issue #25017,#37567
- Add example for prompt on launch
- Add integration test for prompt on launch
Signed-off-by: Hideki Saito <saito@fgrep.org>
* updated tests and changelog for 54516
* Handle errors if PG does not support partitioning.
* Check for PG > 10 in tasks
* Show changes for partitioned tables in ansible
* Added documentation in the tests
* Update test/integration/targets/postgresql/tasks/postgresql_privs.yml
Co-Authored-By: raymondroelands <raymondroelands@users.noreply.github.com>
* Update test/integration/targets/postgresql/tasks/postgresql_privs.yml
Co-Authored-By: raymondroelands <raymondroelands@users.noreply.github.com>
* Added check for 0 tables after revoking rights
* Added test and moved tests
Added check mode test and moved test right after the change.
* Rebased postgresql_privs.py
* Add win_format
* Some doc changes were missed
* Fixes for ansible-test, additional assertion for check mode
* Fix -WhatIf issues
* Support for idempotency and changes to integration tests
* Fix trailing whitespace
* Fixes from review, and added check for non-empty volumes
* Remove an extra line
* Structural changes
* Minor fixes for CI
Remove test comparing output to platform.linux_distribution() since we are relying on distro.id() and are not concerned about matching the output of platform.linux_distribution()
* Correct behavior so that direction isn't required for default.
* Add more tests.
* 'disabled' values cannot be changed.
* Include 'not specified' in messages.
* netbox_device: Allow device modification
* Add ability to update and existing device
* Allow check_mode
* Fail when device name is missing
* Fail when cannot resolve ID instead of taking ID 1 by default
* netbox_device: Add diff output
* netbox: Some refactoring
* Add diff output and check_mode to netbox_ip_address
* Deduplicate redundant code into netbox_utils
* netbox_utils: A few unit tests
* Update the default test container to 1.7.0.
* Run `pip check` after installing test requirements.
* Support older versions of pip.
* Remove obsolete pip error handler.
* fix missing attribs with dirct module execution
* also make remote tmp handling smarter
update tests
* set default if attrib does not exist
* add simple test
* Remove default use of paramiko connection plugin on macOS
This fix was originally to work around a bug that caused a kernel panic on macOS
that has since been fixed.
* Remove paramiko from requirements.txt
* Move paramiko checking to common place
* Drop the warnings obfiscation code
* Update pip installation instructions to reflect upstream instructions
* Fix tests on CentOS 6 (Python 2.6) that now show Python deprecation warnings
* Add changelog fragment
* add asa_og module
* add test
* fix pep8
* fix some sanity pylint
* fix import error order
* fix import
* replace cmd() method
* rename file and class
* add mock for connection
* fix commands in replace test function
* fix lines list
* update unit test
* fix 'and' logic for port-object command
* restore previous unit test; fix pep8 and remove debug
* other unit tests
* Add state present, absent, replace
* Update doc; add default for state
* update unit test with state present/absent
* fix typo in unit test
* fix pep8 too many blank lines
* fix show run for service object ASA Ver 8.x
* Add description field; fix bug for state present and absent
* Re-designed module structure for network, service and port objects
* update integration test for new module structure
* fix pep8
* update EXAMPLES and RETURN
* update units tests
* fix module typos in unit test
* removed provider from examples
* fix missing comma in replace test
* fix module name and remove provider
* update license
* remove register; update license; change import order; chage def state
* remove shebang
* fix doc default state
* change import order
* Update year in banner
* fix integration test as set of tasks
* remove arg_spec
* remove extends_documentation_fragment: asa
* Update DOC, remove unused import, change import order
The controller's fixup_perms2 uses filesystem acls to make the temporary
file for copy readable by an unprivileged become user. On Python3, the
acls are then copied to the destination filename so we have to remove
them from there.
We can't remove them prior to the copy because we may not have
permission to read the file if the acls are not present. We can't
remove them in atomic_move() because the move function shouldn't know
anything about controller features. We may want to generalize this into
a helper function, though.
Fixes#44412
Co-authored-by: Toshio Kuratomi <a.badger@gmail.com>