Make WinRM security warning more explicit.
Currently the warning is "viewed by anyone", this is a much lower risk than arbitrary command injection. Therefore the risk should be phrased appropriately.
+label: docsite_pr
* gcp: documentation update
* Update example about dynamic inventory
* minor typo fixes in gcp_utils
* Additional information about enabling inventory plugin in ansible.cfg
partially fixes: #44404
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
Added examples in playbooks_error_handling doc for handlining
multiple conditions in changed_when and failed_when
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Add session tracing support for network_cli, netconf and httapi connection
* Add `persistent_log_messages` configuration option to log device inteaction
in log file for network_cli, netconf and httapi connection
type
* Log jsonrpc request and response in log file is configuration option
is enabled
* Update docs to talk about warning shown when persistent_log_messages is on
Without this modprobe always reports changed when modprobe-ing a builtin module.
With this, if a kernel module is a builtin, the modprobe module will:
- succeed (without incorrectly reporting changed) if ``state`` is ``present``;
- fail if ``state`` is ``absent``
The failure will have whatever error message modprobe returns when
attempting to remove a builtin module. For example:
``modprobe: ERROR: Module nfs is builtin.``
* Revert "Fix incorrect examples with random filter (#50137)"
This reverts commit 9a7dbd5213.
The correction is incomplete and also based on a 'fix' that was supposed to have been reverted already
* Revert "Added `+1` to the `end` in `random` filter so that it was inclusive (#27215)"
This reverts commit ea2b89c7ae.
reverted fix as agreed at the time, but missed by maintainers.
* win become: refactor and add support for passwordless become
* make tests more stable
* fix up dep message for Load-CommandUtils
* Add further check for System impersonation token
* re-add support for become with accounts that have no password
* doc fixes and slight code improvements
* fix doc sanity issue
* Docs: Add a separate "seealso" section to the module docs
to list related modules and/or related references. This clears up the notes
section for things that are actual notes.
So you can add a section in your module documentation and four types of
references are possible.
seealso:
# Reference by module name
- module: aci_tenant
# Reference by module name, including description
- module: aci_tenant
description: ACI module to create tenants on a Cisco ACI fabric.
# Reference by rST documentation anchor
- ref: aci_guide
description: Detailed information on how to manage your ACI infrastructure using Ansible.
# Reference by Internet resource
- name: APIC Management Information Model reference
description: Complete reference of the APIC object model.
link: https://developer.cisco.com/docs/apic-mim-ref/
This PR also includes:
- Implements ansible-doc support
- Implements schema support for the seealso options
- Updates to the development documentation
- Rename filter convert_symbols_to_format to rst_ify, cfr the existing html_ify and tty_ify filters
- This makes the existing template a lot easier to read and fixes the confusion I had myself rereading the template (again).
- We fixed the possible suboption types (which was limited to 'bool' only)
* Use latest stable instead of devel docs
* inventory plugins: try auto before ini
auto plugin should run before ini to avoid ini being able to parse
some plugin configuration YAML files successfully.
* Update comment
comment was added by 2ffe3c42bb but
related code was later removed by
506e6a0b2d.
* Add info about loop based on jinja2 loop var
* ansible_loop
* Update test count
* Add extended loop_control that defines whether ansible_loop should be added
* Extended needs to be defaulted
* Revert "Update test count"
This reverts commit f1e93ee469825f4cdcd90fb28667d29aa088275c.
* Add docs about loop_control.extended
* Add revindex and revindex0
* Document ansible_loop in special vars
* Add changelog fragment
* Add tests, change items to allitems so that dot notation works, fix logic error with previtem
It was super incomplete, and the interface was pretty strange; it had
built-in features to handle pretty bespoke workflows ("clean504",
e.g.) but was lacking lots of other useful features (like the ability
to create a webhook with a shared secret). Rather than try to update
the interface in a backwards compatible way, I've replaced it with the
more predictable, single-purpose github_webhook and
github_webhook_facts modules.
* Fix FactCache to conform to the dict API
* update needs to take a dict rather than a key and a value
* __init__ needs to allow for setting the intial dictionary
* Remove unneeded _display and _cache attributes
* Move ansible.plugins.cache.FactCache to
ansible.vars.fact_cache.FactCache because this isn't part of the cache
plugin API.
* Add backwards compatibility when calling update on the new FactCache
* Remove code for calling old FactCache. There's no way to call the old
FactCache so there's no need for backwards compatible code for calling
code. Backwards compatibility is handling things which are calling
the new FactCache.
* Port our code to the new FactCache location.
* Added recommendation about module name
Added general guidelines for naming a module.
Fixes: #19665
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
The ansible-test shell command doesn't have a --python option; you
have to specify the tox environment directly to the --tox command
Partially fixes: #49349
Currently there is no `netplan` support in open-vm-tools. Therefore it's
nice to have a quick workaround in our documentation
Signed-off-by: Christian Rebischke <chris@nullday.de>
* Add append_hash functionality to k8s module
append_hash adds a hash based on the contents of a ConfigMap
or Secret to the name - this enables immutable ConfigMaps and
Secrets.
* Provide k8s_config_resource_name plugin
The k8s_config_resource_name filter plugin provides a means of determining
the name of ConfigMaps and Secrets created with append_hash
* Add changelog fragment
* fix failing tests
* Update openshift version needed for append_hash
* Add difference tracking tool
* Improve --diff mode for docker_container.
* Improve diffs of sets by ordering the sets.
* Rewrite imports, get rid of HAS_DOCKER_PY_x variables and use docker_version instead.
* Rename container -> active (more generic).
* Add --diff for docker_volume. Change old diff output.
* Add --diff for docker_network. Change old diff output.
* Add --diff for docker_swarm_service.
* Add changelog.
* Add entry for porting guide on docker_network and docker_volume.
* XenServer related modules - initial commit
- New module_util: xenserver. Contains common module arguments, functions
and classes useful for future XenServer related modules.
- New module_docs_fragment: xenserver. Describes common module arguments.
- New module: xenserver_guest. Supports VM deployment, reconfiguration,
removal, detection of changes, state management, fact gathering and
Ansible check mode. Module is fully documented.
- Updated: developing_module_utilities.rst.
- Module params, workflow and some functions are based on or taken from
vmware_guest module.
* Implemented support for configuring custom VM params in xenserver_guest module
* Compatibility fixes and documentation update
- xenserver module_util: implemented support for XenAPI.py version older
than 7.2.
- xenserver module_util: PEP8 fixes.
- xenserver module_util: Added missing imports.
- xenserver module_util: Copyright notice fixes.
- xenserver_guest module: updated module documentation with notes regarding
module requirements and compatibility.
- xenserver_guest module: bumped version_added to 2.7.
- xenserver_guest module: minor fixes.
* VM power state management refactoring, subargument specs in xenserver_guest module, other fixes
- VM power state management code moved from xenserver_guest module to xenserver
module_util (set_vm_power_state function).
- Code for waiting for VM IP address moved from xenserver_guest module to
xenserver module_util (wait_for_vm_ip_address function).
- xenserver module_util: implemented get_object_ref function to clean up
a lot of repeated code in xenserver_guest module.
- xenserver module_util: added additional aliases 'host' and 'pool' for
'hostname' common module argument. They are more in line with what
XenServer users are familiar with.
- xenserver module_util: minor fixes.
- xenserver_guest module: removed VM state management other than 'present',
'absent' and 'poweredon'. Other states are to be managed by separate module.
- xenserver_guest module: added subargument specs and cleaned up custom code
for subargument validation.
- xenserver_guest module: reorganized code for disk and network reconfiguation
to minimize code duplication.
- xenserver_guest module: renamed 'cdrom.iso' module argument to
'cdrom.iso_name', avoids cryptic error message when parameter is
missing.
- xenserver_guest module: documentation update.
- xenserver_guest module: changes in error messages.
- xenserver_guest module: minor fixes.
* Implemented guest OS network parameter configuration and other
- xenserver module_util: moved code for validating MAC addresses from
xenserver_guest module and implemented a range of functions for validating
IP addresses and related entities and converting prefixes to netmasks and
vice versa.
- xenserver module_util: updated fact gathering code to support guest OS
network parameters.
- xenserver module_util: added docstrings.
- xenserver module_util: minor changes.
- xenserver_guest module: implemented support for guest OS network parameter
configuration.
- xenserver_guest module: changed CD-ROM handling code.
- xenserver_guest module: changed so that user friendly version of changes
list is always returned in module result.
- xenserver_guest module: error message changes.
- xenserver_guest module: added docstrings.
- xenserver_guest module: documentation update.
- xenserver_guest module: minor changes and fixes.
* Various fixes and code cleanup
- xenserver module_util: implemented get_xenserver_version function.
- xenserver module_util: moved customization agent detection code to
gather_vm_params function. customization_agent variable is now part of
vm_params. An exception in customization agent detection code that prevented
deployment of new VMs is also fixed.
- xenserver module_util: added support for alternative VM state names with
dash and underscore in set_power_state function.
- xenserver_guest module: removed customization agent detection code
as it is now implemented in xenserver module_util.
- xenserver_guest module: fixed a bug in xenserver_data update code that
occured when "networks.mac" was not specified in module params and
other fixes.
- xenserver_guest module: some code cleanup.
- xenserver_guest module: bumped version_added to 2.8.
* Support skip of platforms by version in tests.
Previously a remote platform could be skipped completely using the alias:
`skip/{platform}` such as `skip/rhel`
Now a specific platform version can be skipped using the alias:
`skip/{platform}{version}` such as `skip/rhel7.6`
This feature is available for platforms specified with the `--remote` option.
* Add skip by version to the docs.
* -Change: Include dependency role names in `role_names`.
-Add: `play_role_names` magic variable to include only explicitly named roles (formerly `role_names`).
-Add: `dependent_role_names` magic variable to include all dependency names for all roles.
* -Change: use the ansible_ prefix for new magic variables.
-Change: keep `role_names` as a deprecated variable, using the old functionality.
* -Add: changelog fragment for the role_names rework.
* -Add: Tests for the role_names (and ansible_*role_names) special variables
* -Fix: resolve erroneous documentation snippet that was introduced after rebasing.
* -Fix: explicitly sort to ensure list comparison works in test.
* docs - adapted abadger's changelog announcement email into dev process
Signed-off-by: Adam Miller <admiller@redhat.com>
* migrate changelog docs to one place, add ref to old location
Signed-off-by: Adam Miller <admiller@redhat.com>
* add changes based on feedback
Signed-off-by: Adam Miller <admiller@redhat.com>
* Refines changelog docs, minor re-org of page
* moves links and anchors for new content
* Further reorg of page
* fixes header per jamescassell
* Start of code-smell test that can find deprecated config items
* Strip deprecated.version from config item
* Don't use os.walk, rely on explictly passed list of files
* Properly disable the test
* Add docs
* Make config an orphan
* add note regarding {host,group}_vars directory lookup semantics
While the 'ansible-playbook' command will look for {host,group}_vars in
both the playbook and inventory directories, the 'ansible' command
will only look in the inventory directory. This follows from a close
reading of the documentation but isn't explicit and leads to the
perhaps unexpected result that you can run both commands with the same
configuration in the same directory and get different results.
This commit adds a note to the documentation making the difference in
behavior explicit.
Closes#48065
* incorporates bcoca feedback
From installing / Running from source.
Since the repomerge, Ansible doesn't use submodules. Also, between 2.12.0 and 2.13.0 git dropped '--recursive' in favor of '--recurse-submodules'.
* Added basic equivalent to PowerShell modules
* changes based on latest review
* Added tests
* ignore sanity test due to how tests are set up
* Changes to work with PSCore
* Added documentation and change updated more modules
* Add some speed optimisations to AddType
* fix some issues in the doc changes
* doc changes
* Removed deprecated ANSIBLE_HOSTS
* Bump sudo/su configs to match deprecation version for cli and playbook args
* Bump include configs to match deprecation version for 'include'
* There were 2 introduction headings
line 36 was a duplicate 'introduction' heading, and the section is more of a requisites description.
+label: docsite_pr
* edit for line 32+33 & 45>50 added
* Fixes#18568
* Commit of the first set of utm modules
* added documentation line for module_utils file
* removed other utm modules for the first pr
* added maintainers to botmeta
* implemented fixes for shippable
* fixed whitespaces and newlines in included doc fragment
* added types and choices to documentation
* fix for E501
* Implemented change requests
* changed utm_utils license to BSD
* changed str() to to_native()
* added a status state that will just return information about my object
* renamed state 'status' to 'info'
* added team_e-spirit to botmeta and added the team as maintainer for the utm_utils
* only return a result if the lookup was not empty. Do not return a null result
* removed info state
* added boilerplate
* made preparation for info-only modules
* Add shorthand debugger method to recreate the task from the original ds, and re-template. Fixes#46321
* Fix rst header
* Indicate update_task was added in 2.8
* Fix prompt mismatch issue for ios
Fixes#40884#44463
* If the command prompt is matched check if data is
still pending to be read from buffer.
* This fix adds a new timer `buffer_read_timeout`
which will be trigerred after command prompt
is matched and data is attempted to be read from channel.
If not data is present of channel the timer will expire
and response we be returned to calling function.
* Fix unit test failure
* Update to make buffer timeout float
* Update doc and fix review comment
* Fix CI issues
* Update doc
* Fix review comments
* Fix review comments
* add note about named tasks in blocks
Signed-off-by: Adam Miller <admiller@redhat.com>
* adds names to tasks within example block, removes 2nd example
* removes traces of bad rebase
<!--- Your description here -->
+label: docsite_pr
Windows Subsystem for Linux is now officially supported by Microsoft. It is out of beta and will be shipping on Windows Sever 2019.
* Add symlinks sanity test.
* Replace legacy test symlinks with actual content.
* Remove dir symlink from template_jinja2_latest.
* Update import test to use generated library dir.
* Fix copy test symlink setup.
* Fix spelling of 'separate' throughout.
* Various cleanups in the User Guide for Vault.
- Fix spelling of 'algorithm'
- Fix indentation of nested list in payload format
- Fix mysterious refernce to 'b_pkey1'.
- Fix reference to newline as '\n': the backslash is lost when rendered
to the docs website. Specify the hex value for newline instead of the
backslash escape.
* Fix formatting
* Update vault.rst
* adds support for null values to the ternary filter
This change adds a third optional argument to the ternary filter to
handle a null value. If the third option is specified null and false
are treated differently.
For instance, take the following example:
{{ enabled | ternary('no shutdown', 'shutdown') }}
If enabled == True, then 'no shutdown' is used.
If enabled in (False, None), then 'shutdown' is used.
With this change the following is possible:
{{ enabled | ternary('no shutdown', 'shutdown', omit) }}
If enabled == True, then 'no shutdown'
If enabled == False, then 'shutdown'
If enabled == None, then omit
* update documentation with example of filter
* update filter documentation example per comments
* fix logic error in user_guide example
* win async: use async_dir for the async results file directory
* tried to unify POSIX and PowerShell async implementations of async_dir
* fix sanity issue
The documented way to execute module code locally wasn't always working:
$ python ./lib/ansible/modules/files/file.py <<< '{"ANSIBLE_MODULE_ARGS": {}}'
Traceback (most recent call last):
File "./lib/ansible/modules/files/file.py", line 177, in <module>
from ansible.module_utils.basic import AnsibleModule
File "~/ansible/lib/ansible/module_utils/basic.py", line 78, in <module>
import tempfile
File "~/ansible/lib/ansible/modules/files/tempfile.py", line 69, in <module>
from tempfile import mkstemp, mkdtemp
ImportError: cannot import name 'mkstemp'
* Add the key_name/value_name options to dict2items - as with items2dict, allow users to configure the key/value name for dict2items, add "version added" and examples
Adds the `--update` flag to automatically update the cache and the `--yes` flag to disable the Ansible repo description and skips confirmation dialog. +label: docsite_pr
* Merge issue
* Update cnos_rollback.py
* Updating license for the refactored method
* Update cnos_rollback.py
* Removing the BSD License as suggested by Legal
* To add Documentation for ENOS as well as CNOS
* Merge issue
* Revert "To add Documentation for ENOS as well as CNOS"
This reverts commit 80e6e39054be0c3a8f95d16dc39ca9d93baf8c4b.
* Adding Docs for ENOS and CNOS
* Update cnos.py
* Update cnos_rollback.py
* Update cnos.py
* Update platform_cnos.rst
* Update platform_enos.rst
* Removed version 2.7
* Removing 2.7
plugins/ is COMMUNITY
Set sensible defaults for directories
support:network for the platforms that we Networking SUPPORTS,
everything else is COMMUNITY
Mark other support:network (ansible-connection, etc)
Infoblox is support:core
contrib/ by definition should be support:community
Remove duplicated labels
Make yamllint happy(ier)
Adds sanity test to ensure BOTMETA.yml is valid
* Make the following scripts idempotent so that we only have to rebuild changed docs, not all docs:
* plugin_formatter
* generate_man
* dump_keywords.py
* dump_config.py
* testing_formatter.sh
* update porting guides
With PR #40532 `shade` library was retired and replaced with direct use
of `openstacksdk`. Porting guides and doc about dynamic inventory were
not updated.
* orphans testing pages to avoid not-in-toctree errors
* orphans various pages pending reorg
* adds module_utils and special_vars to main TOC
* uses a glob for scenario_guide TOC
* normalize and Sentence-case headings on community pages, typos
* re-orgs community TOC, adds all pages to toctree
* removes scenario guides index page
* adds style guide to community index
* basic update to style guide
* fix typo that created a new error
* removes not-in-toctree from ignore errors list
* leave removing files for future cleanup task
* Add docs on how to write changelog fragments
* Make recommended changes
* Restore lines and make recommended changes
* Add link to new style changelog
Remove redundant mention of old style changelog
* Initial commit for the Meraki scenario guide
* Added Meraki guide to indexes, fixed an error
* Added common parameters to scenario guide
* Add additional information for first draft
- Added very common parameters everyone uses.
- Documented common format for returned data from Meraki.
- High level explanation of error handling.
* Fix .rst formatting error
* Added section about handling returned data. More to come.
* Small formatting changes
* expect ssh_key_data to be a string instead of path
ssh_key_data should be a string filled with the private key
the old behavior can be archived with a lookup
Fixes#45119
* clarifies ssh_key_data description, adds newline
<!--- Your description here -->
`pip install ansible[azure]` results in `zsh: no matches found: ansible[azure]` at least in my computer (zsh on Ubuntu). I don't know if it is the case with all shells, but at least for me it is. Since square brackets `[]` are special characters in bash, I propose adding single quotes to make sure that package name is always interpreted as literal. The same error is also resolvable by setting noglob.
Correct and clarify "set_fact" example, expanding on what is happening
in the easy-to-get-wrong import mode. Add some additional links to "group_by" documentation and the main import/include discussion.
Closes: #31596
* Improve clarity of precedence when command-line parameters are used.
* Add command-line values into the precedence list.
* Several sample config snippets were included without any explanation
of how those snippets would be processed. Added descriptions so that
the reader can understand what each snippet will (or won't) accomplish.
* Don't focus on inventory as much
Expand on the fact that it's the fact that a variable is set that
matters, not the source of the variable.
* fixed network automation index issues
* replace :doc: with :ref:
* fixed anchor misspelling
* fix toc/nav issue -do not put toctree under a subheader
* Share the implementation of hashing for both vars_prompt and password_hash.
* vars_prompt with encrypt does not require passlib for the algorithms
supported by crypt.
* Additional checks ensure that there is always a result.
This works around issues in the crypt.crypt python function that returns
None for algorithms it does not know.
Some modules (like user module) interprets None as no password at all,
which is misleading.
* The password_hash filter supports all parameters of passlib.
This allows users to provide a rounds parameter, fixing #15326.
* password_hash is not restricted to the subset provided by crypt.crypt,
fixing one half of #17266.
* Updated documentation fixes other half of #17266.
* password_hash does not hard-code the salt-length, which fixes bcrypt
in connection with passlib.
bcrypt requires a salt with length 22, which fixes#25347
* Salts are only generated by ansible when using crypt.crypt.
Otherwise passlib generates them.
* Avoids deprecated functionality of passlib with newer library versions.
* When no rounds are specified for sha256/sha256_crypt and sha512/sha512_crypt
always uses the default values used by crypt, i.e. 5000 rounds.
Before when installed passlibs' defaults were used.
passlib changes its defaults with newer library versions, leading to non
idempotent behavior.
NOTE: This will lead to the recalculation of existing hashes generated
with passlib and without a rounds parameter.
Yet henceforth the hashes will remain the same.
No matter the installed passlib version.
Making these hashes idempotent.
Fixes#15326Fixes#17266Fixes#25347 except bcrypt still uses 2a, instead of the suggested 2b.
* random_salt is solely handled by encrypt.py.
There is no _random_salt function there anymore.
Also the test moved to test_encrypt.py.
* Uses pytest.skip when passlib is not available, instead of a silent return.
* More checks are executed when passlib is not available.
* Moves tests that require passlib into their own test-function.
* Uses the six library to reraise the exception.
* Fixes integration test.
When no rounds are provided the defaults of crypt are used.
In that case the rounds are not part of the resulting MCF output.
Since the ACI modules (like most network-related modules) run on the
local controller, this PR adds the necessary details so users are aware
of this particular feature.
Extends `module_defaults` by adding a prefix to defaults `group/` which denotes a builtin list of modules. Initial groups are: `group/aws`, `group/azure`, and `group/gcp`
Wow, this does not seem to be an uncommon misspelling. Might be there
are some left that span over two lines. I noticed the one in the git
module and then used `grep -rw 'the the'` to find some more.
Blocks currently don't support loops such as with_items or sequence. It would be helpful to make this clear in the docs otherwise it's a bit of a gotcha.
+label: docsite_pr
Fixes#40650Fixes#40245Fixes#41541
* Refactor netconf_config module as per proposal #104
* Update netconf_config module metadata to core network supported
* Refactor local connection to use persistent connection framework
for backward compatibility
* Update netconf connection plugin configuration varaibles (Fixes#40245)
* Add support for optional lock feature to Fixes#41541
* Add integration test for netconf_config module
* Documentation update
* Move deprecated options in netconf_config module
* restore task arg splatting
* reverts #41804
* supersedes #41295
* fixes#42192
* after lots of discussion amongst the core team, we decided to preserve this feature, clarify the runtime warnings/docs, and prioritize a path toward fixing the underlying behavior that causes this feature to be insecure (un-namespaced facts).
* update faq text
note that warning is disabled when inject_facts_as_vars is
* wordsmithing FAQ entry
The "viewdocs" target was removed in
0381bc170c681b6ea8a94467c62e0694e3d9029d; running "make webdocs" gets
you the output for initial testing purposes.