* Adds ipa_dnszone
* Use new copyright/gpl notice
* Update metadata version
* Use native error handling
* Fix boilerplate
* Remove default false
* Use localhost
* Should be 2.5
* Fix cloudwatchevent_rule exception handling
Where it is currently present, this change fixes the exception handling.
However, there are many places that it is lacking.
Fixes#30806
* Add new exception handling for cloudwatchevent_rule
Ensure all API calls are wrapped with exception handling
* PEP8 tidy up
* Remove unnecessary HAS_BOTO3 import and checks
Tidy up documentation so that NO_QA can be removed
* Use vault_id when encrypted via vault-edit
On the encryption stage of
'ansible-vault edit --vault-id=someid@passfile somefile',
the vault id was not being passed to encrypt() so the files were
always saved with the default vault id in the 1.1 version format.
When trying to edit that file a second time, also with a --vault-id,
the file would be decrypted with the secret associated with the
provided vault-id, but since the encrypted file had no vault id
in the envelope there would be no match for 'default' secrets.
(Only the --vault-id was included in the potential matches, so
the vault id actually used to decrypt was not).
If that list was empty, there would be an IndexError when trying
to encrypted the changed file. This would result in the displayed
error:
ERROR! Unexpected Exception, this is probably a bug: list index out of range
Fix is two parts:
1) use the vault id when encrypting from edit
2) when matching the secret to use for encrypting after edit,
include the vault id that was used for decryption and not just
the vault id (or lack of vault id) from the envelope.
add unit tests for #30575 and intg tests for 'ansible-vault edit'
Fixes#30575
* timezone: Add support for macOS
On macOS, preferred way of managing timezone is via `systemsetup(8)`.
Thus, we use this command instead of relying on directly modifying
`/etc/localtime` as in other *BSDs.
* timezone: Use % instead of .format() in strings
This ensures better compatibility across different versions of Python.
* Fix 'distribution' fact for ArchLinux
Allow empty wasn't breaking out of the process_dist_files
loop, so a empty /etc/arch-release would continue searching
and eventually try /etc/os-release. The os-release parsing
works, but the distro name there is 'Arch Linux' which does
not match the 2.3 behavior of 'Archlinux'
Add a OS_RELEASE_ALIAS map for the cases where we need to get
the distro name from os-release but use an alias.
We can't include 'Archlinux' in SEARCH_STRING because a name match on its keys
but without a match on the content causes a fallback to using the first
whitespace seperated item from the file content as the name.
For os-release, that is in form 'NAME=Arch Linux'
With os-release returning the right name, this also supports the
case where there is no /etc/arch-release, but there is a /etc/os-release
Fixes#30600
* pep8 and comment cleanup
* updated docs
- for devs:
- added inventory/vars section
- made some updates to general section and other plugin types
- for users:
- added 'user' plugin section to start describing the plugins
- docs on types, what they are and how to use
- removed ref to deleted AUTHORS file
- corrected several typos/headers
- added descriptions to config.rst template
- ignore generated files for cli/plugins and config
- remove new generated files on `make clean`
- moved details from devguid and intro doc to plugin specific pages
- pretied up lookup notes
- changed precedence ref to not conflict config
- removed duplicate config data, as config is autogenerated and up to date
- put new plugins under playbooks
- added `pass` cause rst/python dislikes fractions
- removed dupe in .gitignore, alpha sorted to avoid moar dupes
- added try cause rst/python freaks out
* generate plugins into their own dir
only do plugins that support docs
use toctree from main plugins page
As reported on the mailing list, if ssh_executable (from a config
setting) contains nonascii characters then we could get a UnicodeError
here. Transform into bytes before passing to subprocess so that
subprocess doesn't transform to bytes for us.
On sparc64, /proc/cpuinfo has no usual 'model name', 'Processor', 'vendor_id', 'Vendor',
as a result "ansible_processor_vcpus" is always 1.
Add check element "ncpus active" to fix the issue.
* Fix pkg_mgr fact on OpenBSD
Add a OpenBSDPkgMgrFactCollector that hardcodes pkg_mgr
to 'openbsd_pkg'. The ansible collector will choose the
OpenBSD collector if the system is OpenBSD and the 'Generic'
one otherwise.
This removes PkgMgrFactCollectors depenency on the
'system' fact being in collected_facts, which also
avoids ordering issues (if the pkg mgr fact is collected
before the system fact...)
Fixes#30623
* Feature to Specify AZURE blob storage type
* Feature to Specify AZURE blob storage type
* Feature to Specify AZURE blob storage type
* Revert "Feature to Specify AZURE blob storage type"
This reverts commit 1d33997769ef3763a2eb434404c918134761635f.
modified: lib/ansible/module_utils/azure_rm_common.py
* Feature to Specify AZURE blob storage type
Fix adds update_dns option for ipa_host module.This option will
update DNS records of the host which is managed by FreeIPA DNS server.
Fixes: #30627
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Fix nxos provider transport warning issue
* Add default value of transport arg in provider spec
* Remove default value if transport arg in top level spec
This ensure deprecation warning is seen only in case transport
is given as a top level arg in task
* Refactor nxos modules to reference transport value from provider
spec
* Fix unit test
* Remove transport arg assignment in nxos action plugin
* As assigning transport value is handled in provider spec
top level task arg assignment is no longer required
* win_scheduled_task_stat: add new module to get stat on scheduled tasks
* fixed up linting errors and aliases file
* I should learn how to spell
* removing URI from test
* added state information for the task
* removed argument so task stays running
* Undeprecate ec2_elb_*
* Make ec2_elb* full fledged modules rather than aliases
* Split tests for ec2_elb_lb and elb_classicb_lb
* Change names in documentation of old and new elb modules
Add tests for ec2_elb_lb
with new configuration the sudo flags are always set and become cannot override,
switching to simle 'or' will result in become_flags working.
also sudo_flags are deprecated.
also changed from YAML null causing a 'None' str
fixes#30629
This PR includes:
- Support for loop-tasks with proper subject/error content
- Improved output (and proper indentation)
- Complex data structures are now pretty printed
- Better selection of mail subject
As discussed before we selected win_environment to the documentation,
and point to win_uri for a more advanced module.
If we want to make this the reference module, we have to get this one
absolutely right in every possible way.
This PR cleans up both win_environment and win_uri, and makes the
required changes to the windows module development section.
This PR includes:
- An important fix to charset encoding of from address
- Documentation and examples cleanup
- PEP8 fixes
- Warning on insecure access
- Strict parameter typing
- More modern interface (using lists rather than comma, space or pipe-delimited strings)
- Warn on failure to send mail to some recipients
```
[WARNING]: Failed to send mail to 'foobar': 550 5.1.1 <foobar>:
Recipient address rejected: User unknown in local recipient table
```
- Warn on failure to parse some headers
```
[WARNING]: Skipping header 'Foobar', unable to parse
```
- Return failed recipients as return value
- Changed default encoding to utf-8
* made callbacks backwards compatible
This fixes#30597 for those that were not inheriting from base.
Added deprecation notice so those callbacks get updated.
Callback must either inherit from base (directly or indirectly),
which already implements this or implement set_options themselves.
* added note about porting guide
This is to catch vault secrets from config and
cli. Previously vault_password_file in config was
missed since it was added by setup_vault_secrets,
so check after setup_vault_secrets.
* Restore correct coloring to selective callback
This fixes the bug raised in #30506
* Fix format issues for Python 2.6 & indent
Removed the zero length fields to support format under Python 2.6
Fixed E128 continuation line under-indented for visual indent issue
* Add Routing Engine Facts
- Map routing engine output information to routing_engines facts dict.
- Add fact 'has_2RE', which is a quick way to determine how many REs
the chassis has.
* Fix a typo
* Fix more typos
* Add slot number to routing_engine dict
* Add facts about the installed chassis modules
* Fix typo
* Fixed another typo
* Fix Path
* Change path again.
* More Typos
* Add some deubgging
* Add additional information for hardware components.
- Return information about the Routing Engines.
- Return a fact to easily determine if the device
has two routing engines.
- Return information about the hardware modules.
* Addressed pep8 stardard failures.
* Add unit test fixtures.
* Rename fixture.
* Fix unit test failures.
- Rename the fixture file to what the unit test expects.
- Strip out junos namespace attributes.
Rename file to match what the unit test expects.
* Scrubbed the routing engine serial numbers.
* Add unit test facts for new tests.
- Add unit test for ansible_net_routing_engines fact
- Add unit test for ansible_net_modules fact
- Add unit test for ansible_net_has_2RE
* Fixed spacing.
* win_scheduled_task: rewrite for additionality functionality and bug fixes
* fixes for docs and os version differences
* started with the testing
* doc fix
* added more tests
* added principals tests
* finished tests for win_scheduled_task rewrite
* feedback from PR
* change to fail when both new and deprecated args are set
* change diff variable to match new standard and update doc sentance
* Don't ask for password confirm on 'ansible-vault edit'
This is to match the 2.3 behavior on:
ansible-vault edit encrypted_file.yml
Previously, the above command would consider that a 'new password'
scenario and prompt accordingly, ie:
$ ansible-vault edit encrypted_file.yml
New Password:
Confirm New Password:
The bug was cause by 'create_new_password' being used for
'edit' action. This also causes the previous implicit 'auto prompt'
to get triggered and prompt the user.
Fix is to make auto prompt explicit in the calling code to handle
the 'edit' case where we want to auto prompt but we do not want
to request a password confirm.
Fixes#30491
* finalize lookup documentation
* minor fixes to ansible-doc
- actually show which file caused error on when listing plugins
- removed redundant display of type and name
* smart quote fixes from toshio
Currently, MIQ only supports an alert type of 'prometheus', so rather than have the caller of manageiq_provider pass this info, just set it as the default.
When calling manageiq_user to an already existing user (but leaving out the password so that it doesn't automatically 're-create' the user), the module fails with:
fatal: [127.0.0.1]: FAILED! => {"changed": false, "failed": true, "module_stderr": "Shared connection to 127.0.0.1 closed.\r\n", "module_stdout": "Traceback (most recent call last):\r\n File \"/tmp/ansible_Fr7Nt3/ansible_module_manageiq_user.py\", line 324, in <module>\r\n main()\r\n File \"/tmp/ansible_Fr7Nt3/ansible_module_manageiq_user.py\", line 315, in main\r\n res_args = manageiq_user.edit_user(user, name, group, password, email)\r\n File \"/tmp/ansible_Fr7Nt3/ansible_module_manageiq_user.py\", line 229, in edit_user\r\n if self.compare_user(user, name, group_id, password, email):\r\n File \"/tmp/ansible_Fr7Nt3/ansible_module_manageiq_user.py\", line 189, in compare_user\r\n (group_id and user['group']['id'] != group_id)\r\nKeyError: 'group'\r\n", "msg": "MODULE FAILURE", "rc": 0}
The 'group' field turns out to be 'current_group_id' (at least with ManageIQ 4.6). Update the comparison accordingly.
* add 'update_password' param to manageiq_user
Currently with the manageiq_user module, if you call it repeatedly while passing the 'password' parameter, it will always run the task and mark it as 'changed'.
Following the pattern of the AWS IAM module, add an 'update_password' parameter that takes 'always' (default) or 'on_create'. This will let you set an initial password when creating a user, but allow the user to modify their password and not stomp over their password changes if you re-run the playbook/task that created the user.
* don't stomp password when other fields change
Handle case where user fields change, but we don't want to stomp on a potentially user-changed password. Previously, if a non-password field changed, and the password param was passed in, it would ignore the 'update_password': 'on_create' setting (ie it would update/modify the password even if the user already exists).
Add trailing ',' to list of params.