Commit graph

26447 commits

Author SHA1 Message Date
James Cassell
bc4ef99533 standardize TLS connection properties (#54315)
* openstack: standardize tls params

* tower: tower_verify_ssl->validate_certs

* docker: use standard tls config params

- cacert_path -> ca_cert
- cert_path -> client_cert
- key_path -> client_key
- tls_verify -> validate_certs

* k8s: standardize tls connection params

- verify_ssl -> validate_certs
- ssl_ca_cert -> ca_cert
- cert_file -> client_cert
- key_file -> client_key

* ingate: verify_ssl -> validate_certs

* manageiq: standardize tls params

- verify_ssl -> validate_certs
- ca_bundle_path -> ca_cert

* mysql: standardize tls params

- ssl_ca -> ca_cert
- ssl_cert -> client_cert
- ssl_key -> client_key

* nios: ssl_verify -> validate_certs

* postgresql: ssl_rootcert -> ca_cert

* rabbitmq: standardize tls params

- cacert -> ca_cert
- cert -> client_cert
- key -> client_key

* rackspace: verify_ssl -> validate_certs

* vca: verify_certs -> validate_certs

* kubevirt_cdi_upload: upload_host_verify_ssl -> upload_host_validate_certs

* lxd: standardize tls params

- key_file -> client_key
- cert_file -> client_cert

* get_certificate: ca_certs -> ca_cert

* get_certificate.py: clarify one or more certs in a file

Co-Authored-By: jamescassell <code@james.cassell.me>

* zabbix: tls_issuer -> ca_cert

* bigip_device_auth_ldap: standardize tls params

- ssl_check_peer -> validate_certs
- ssl_client_cert -> client_cert
- ssl_client_key -> client_key
- ssl_ca_cert -> ca_cert

* vdirect: vdirect_validate_certs -> validate_certs

* mqtt: standardize tls params

- ca_certs -> ca_cert
- certfile -> client_cert
- keyfile -> client_key

* pulp_repo: standardize tls params

remove `importer_ssl` prefix

* rhn_register: sslcacert -> ca_cert

* yum_repository: standardize tls params

The fix for yum_repository is not straightforward since this module is
only a thin wrapper for the underlying commands and config.  In this
case, we add the new values as aliases, keeping the old as primary,
only due to the internal structure of the module.

Aliases added:
- sslcacert -> ca_cert
- sslclientcert -> client_cert
- sslclientkey -> client_key
- sslverify -> validate_certs

* gitlab_hook: enable_ssl_verification -> hook_validate_certs

* Adjust arguments for docker_swarm inventory plugin.

* foreman callback: standardize tls params

- ssl_cert -> client_cert
- ssl_key -> client_key

* grafana_annotations: validate_grafana_certs -> validate_certs

* nrdp callback: validate_nrdp_certs -> validate_certs

* kubectl connection: standardize tls params

- kubectl_cert_file -> client_cert
- kubectl_key_file -> client_key
- kubectl_ssl_ca_cert -> ca_cert
- kubectl_verify_ssl -> validate_certs

* oc connection: standardize tls params

- oc_cert_file -> client_cert
- oc_key_file -> client_key
- oc_ssl_ca_cert -> ca_cert
- oc_verify_ssl -> validate_certs

* psrp connection: cert_trust_path -> ca_cert

TODO: cert_validation -> validate_certs (multi-valued vs bool)

* k8s inventory: standardize tls params

- cert_file -> client_cert
- key_file -> client_key
- ca_cert -> ca_cert
- verify_ssl -> validate_certs

* openshift inventory: standardize tls params

- cert_file -> client_cert
- key_file -> client_key
- ca_cert -> ca_cert
- verify_ssl -> validate_certs

* tower inventory: verify_ssl -> validate_certs

* hashi_vault lookup: cacert -> ca_cert

* k8s lookup: standardize tls params

- cert_file -> client_cert
- key_file -> client_key
- ca_cert -> ca_cert
- verify_ssl -> validate_certs

* laps_passord lookup: cacert_file -> ca_cert

* changelog for TLS parameter standardization
2019-03-28 00:19:28 -05:00
Slava Maslennikov
85d836171b Add a force_replace_host flag to win_domain_membership (#53542)
* Add a force_replace_host flag to win_domain_membership

Satisfies https://github.com/ansible/ansible/issues/53539

* Rework backticks

* Bump version_added

* Check for existence of current hostname as well; use LDAPFilter during search

* Rename $force_replace_host to $allow_existing_computer_account

* Added docs, porting guide and minor nit in code
2019-03-28 14:36:26 +10:00
Simon Westphahl
a44dfed570 Catch all request timeouts for winrm connection (#54104)
* Catch all request timeouts for winrm connection

The current implementation only catches 'ConnectTimeout' exceptions.
Instead we should catch 'Timout' which also catches ReadTimeout
exceptions.

Improves on: #51744

Co-Authored-By: westphahl <westphahl@gmail.com>

* Changelog for winrm error handling improvement
2019-03-28 13:44:49 +10:00
Jordan Borean
e2d2874d81
win_user_right - fix non json output issue (#54495) 2019-03-28 12:30:20 +10:00
Blue
b62ab97685 win_shell: Implement option 'profile', allowing the user to control p… (#54299)
* win_shell: Implement option 'profile', allowing the user to control powershell profile sourcing before running a command

* Set version_added to 2.8

* Make sure profile directory exists before writing profile file

* Changes to make tests immutable and align with ps args
2019-03-28 11:28:28 +10:00
Dag Wieers
e152b277cf Use locking for concurrent file access (#52567)
* Use locking for concurrent file access

This implements locking to be used for modules that are used for
concurrent file access, like lineinfile or known_hosts.

* Reinstate lock_timeout

This commit includes:
- New file locking infrastructure for modules
- Enable timeout tests
- Madifications to support concurrency with lineinfile

* Rebase, update changelog and tests

We need to specify ansible_python_interpreter to avoid running interpreter discovery and selecting the incorrect interpreter.

Remove the import of lock in known_hosts since it is not used.
2019-03-27 20:20:18 -04:00
Yuwei Zhou
dc6c0cb9f8 Add workspace module for azure (#53731)
* add workspace

* add other properties

* add facts modules

* add test

* add doc

* fix lint

* fix lint

* rename the module

* fix docs
2019-03-27 17:04:40 -07:00
Brian Coca
fee4a0df94
Handle errors correctly in rhn_channel (#54194)
* Handle errors correctly in rhn_channel

* also fail if required info is not available
2019-03-27 19:43:28 -04:00
Brian Coca
3637ce4538
Handle gracefully a bad module 'results' key (#53973)
* Handle gracefully a bad module 'results' key

  fixes #53962
2019-03-27 18:41:32 -04:00
Adam Miller
75d733afd2 Bugfix/52688 gcp compute missing image (#54468)
* adding (optionally) image information to inventory var
* add boot image mapping to gcp_compute instance data for all disk
image data in the configured zones

Signed-off-by: Adam Miller <admiller@redhat.com>
2019-03-27 17:14:20 -04:00
Brian Coca
ba50c6e06e restored configurabilty of scopes (#54485) 2019-03-27 15:59:56 -05:00
Jordan Borean
9e93a84429
win_optional_feature - support multiple feature in name (#54368) 2019-03-28 05:26:20 +10:00
Keiichi Hirobe
13b3cfc040 Add clarification to insertbefore and insertafter paramaters in lineinfile (#54409) 2019-03-27 14:13:28 -04:00
Derrick Johnson
62d3ed0e2f ACI Private_Key String to Allow for Vaulting (#54251)
* Allows the use of Private_Keys to be entered as a string instead of just a file. Making it possible to use VAULT to encrypt the key

* Fixed Issues auto check found

* Provide helpful information while avoiding credential exposure

* Restore original variable name :-)

* Fix a few other things

* Influence the default certificate_name in both cases

* Update documentation

* Add contributed docs

* Fix CI issue
2019-03-27 17:19:50 +01:00
Brian Coca
f9876f3450 fixing gcp inv plugin (#54426)
* start fixing gcp inv plugin

* minor fixes

* added clog

* ajust comments

* link indv zone/project

* separate specific zone/project from other params

* restoring zones query per project

* also work when zones given

* fixed scopes, removed incorrect docs as not option
2019-03-27 11:13:39 -05:00
Chris Archibald
8dbdd987d8 Fix .encode('hex') call for python3 (#53343)
* Revert "changes to clusteR"

This reverts commit 33ee1b71e4bc8435fb315762a871f8c4cb6c5f80.

* Revert "changes to clusteR"

This reverts commit 33ee1b71e4bc8435fb315762a871f8c4cb6c5f80.

* Revert "Revert "changes to clusteR""

This reverts commit f1104a37b42886aebb4d2b2ab27c91c96d97858a.

* Revert "Revert "changes to clusteR""

This reverts commit f1104a37b42886aebb4d2b2ab27c91c96d97858a.

* documentation changes

* Revert "documentation changes"

This reverts commit 02c369d0414fdff492d90865c903bdade3174261.

* fix encode calls for python3

* fix small issue

* switch to to_text

* Fix string
2019-03-27 16:03:58 +00:00
dgadmin
8de00e3e1c To ipv6 network (#48572)
* Add to_ipv6_subnet function

* Use the correct function for subnet

* Corrected code style and tests

* Corrected testcase assertion

64 bits make 8 octets, or 4 hextets

* Import from correct module directly
2019-03-27 11:20:27 -04:00
Adam Miller
5ed9d819ab qradar httpapi plugin (#52690)
* qradar httpapi plugin

Signed-off-by: Adam Miller <admiller@redhat.com>

* remove no longer used get_session_uid method

Signed-off-by: Adam Miller <admiller@redhat.com>
2019-03-27 11:18:13 -04:00
Kevin Breit
17fc6c6ff1 meraki_network - Parameter change for combined network type (#49160)
* Added support for types parameter
- Parameter is used to specify multiple network types

* Fix documentation

* Apply suggestions from code review

Co-Authored-By: kbreit <kevin.breit@kevinbreit.net>

* Reworked type parameter to be a list so types isn't needed

* Re-add tags documentation

* Fix documentation around compatibility

* Convert tags to list from string

* Add changelog fragment
2019-03-27 16:10:15 +01:00
Simon Dodsley
58849ac228 Add Pure Storage FlashArray module to support Offload to NFS and S3 targets (#53664) 2019-03-27 14:56:50 +00:00
Sebastiaan Mannem
d90cb71210 Added a new module that can manage rules in pg_hba files. (#32666)
* Added a new module that can manage rules in pg_hba files.

* Adding a backup_file option
2019-03-27 15:54:20 +01:00
Olivier BLIN
1a57daf9b0 Add support for multiple IPv6 addresses in nxos_l3_interface module (#50892)
* Add support for multiple IPv6 addresses in nxos_l3_interface module

Cisco support multiple IPv6 addresses on each interface but only the first
IPv6 is considered by this module. There is no impact on the configuration
but the module is not idempotent.

* Add internal support for IPv6 list
* Fix module idempotency

* Initialize tests for nxos_l3_interface

* Fix IPv4 removal idempotency
* Fix data extraction from nxos config

* Fix silently ignored interfaces in nxos_l3_interface

* Add warning when interface does not exist in nxos config
2019-03-27 10:52:42 -04:00
Chris Archibald
68ad75a56a New Module na_elementsw_cluster_config (#52373)
* Revert "changes to clusteR"

This reverts commit 33ee1b71e4bc8435fb315762a871f8c4cb6c5f80.

* Revert "Revert "changes to clusteR""

This reverts commit f1104a37b42886aebb4d2b2ab27c91c96d97858a.

* New module

* fix author

* update copy right

* fixes
2019-03-27 14:20:52 +00:00
Chris Archibald
194af05832 bug fix (#54430) 2019-03-27 14:14:17 +00:00
Chris St. Pierre
0943e2a0df github_webhook: Fix create of new hook with existing hooks (#54458)
When creating a new webhook with existing hooks already in place, the
module would erroneously select one of the existing hooks to update
instead of creating the hook anew. This fixes that bug.
2019-03-27 10:05:34 -04:00
Thomas Stewart
f242f3475e Fix to allow Po interface descriptions (#51726)
* Fix to allow Po interface descriptions

* add absent to UNSUPPORTED_STATES for IF_TYPE_PO
2019-03-27 15:04:10 +01:00
Anil Kumar Muraleedharan
8d742d9bff Lenovo cnos user module (#53763)
* Adding cnos_user module to Ansible

* Update cnos_user.py

* Adding Functional test cases and unit test cases.

* Fixing Bug found in testing with Lenovo Mars.

* Review comments incorporated

* Review comments implemented.

* Copy paste mistake
2019-03-27 19:22:05 +05:30
Vatsal Parekh
0ab28f314a Added default openshift VM templates label (#54456) 2019-03-27 09:46:39 -04:00
Ujwal Komarla
9384773e1e Exos httpapi (#54405)
* Modify EXOS module utils to utilize 'httpapi' or 'network-cli' connection

* Changes to cliconf plugin to support 'json' or 'text' output for compatibility between network-cli and httpapi

* Add HTTPAPI plugin supportng JSONRPC and RESTCONF for EXOS

* exos_facts modify commands with run script cli2json.py to command dictionary specifying 'json' output
Load appropriate fixtures

* Update exos_config module to utilize the get_diff and get_default_flag functionality.
JSONRPC doesn't work well with pipes, regex MULTILINE

* Support for NOS agnostic 'cli_config' module by implementing 'get_default_flag' and 'get_diff' functionality

* Update Ansible Documentation regarding the connections available for EXOS
2019-03-27 14:44:04 +01:00
John McDonough
b002f3e416 Separate state from config, update ucspe link, ensure description idempotence (#54425)
* Separate state from config, update ucspe link

* Correct sanity errors

* Fix documentation link for emulator

* Fix ucspe link in documentation
2019-03-27 08:21:19 -04:00
Ondra Machacek
d155e228af kubevirt_vm: Fix waiting for ephemral VM (#54453) 2019-03-27 08:18:33 -04:00
Ludovic Rivallain
cf2f13e05d Securize the index based lookup of dict.keys() (#54452) 2019-03-27 08:02:41 -04:00
Kyryl Galanov
4a5b9bd8eb New lookup module: manifold (#50435)
* New lookup module: manifold

Add Manifold.co integration. The plugin fetches resource credentials
from Manifold service.

* module manifold: fix ansible lint warnings

* module manifold: fix false warning - split test assertion

* manifold module: fix unittest import

* manifold module: fix unittest patch

* manifold module: fix python3 requests getheader error
2019-03-27 07:20:15 -04:00
Lukas Kämmerling
3614f78bc5 Add hcloud_server_type_facts module (#53852) 2019-03-27 11:52:31 +01:00
Lukas Kämmerling
87554da4d6 Add hcloud_datacenter_facts module (#53851) 2019-03-27 11:52:04 +01:00
Lukas Kämmerling
d5ca1eed89 Add hcloud_server_facts module (#53850) 2019-03-27 11:51:36 +01:00
Lukas Kämmerling
7d0ae41901 Add hcloud_image_facts module (#53849) 2019-03-27 11:20:21 +01:00
Lukas Kämmerling
6220eafb73 Add hcloud_location_facts module (#53848) 2019-03-27 10:53:54 +01:00
Patryk D. Cichy
cdb1d02f4c Add new CloudStack module cs_physical_network (#54098) 2019-03-27 10:48:44 +01:00
John McDonough
8aaed4c856 Check for existence of object attr login_handle (#53821) 2019-03-27 08:22:02 +00:00
Bojan Vitnik
54d23a8297 XenServer: Minor changes to error messages (#54434)
Changed "." for "!" in some error messages to make error messages uniform across the code.
2019-03-27 09:57:08 +05:30
Tom Cooper
2b6413558b hashi_vault: Use mount_point kwarg for ldap/userpass login (#54358)
Fixes: #54249
2019-03-27 09:41:09 +05:30
Chris Van Heuveln
20fb77c49b nxos_interfaces_ospf: fix passive-interface states & check_mode (#54260)
* nxos_interfaces_ospf: fix passive-interface states & check_mode

This fix addresses issues #41704 and #45343.

The crux of the problem is that `passive-interface` should have been treated as a tri-state value instead of a boolean.

The `no` form of the command disables the passive state on an interface (allows it to form adjacencies and send routing updates).  It's essentially an override for `passive-interface default` which enables passive state on all OSPF interfaces.\*
This `no` config will be present in `running-config`.

   \**See `router ospf` configuration.*

Since both enable and disable states are explicit configs, the proper way to remove either of these is with the `default` syntax.

Passive-interface config syntax:
```
  ip ospf passive-interface              # enable  (nvgens)
  no ip ospf passive-interface           # disable (nvgens)
  default ip ospf passive-interface      # default (removes config, does not nvgen)
```

Code changes:

* `passive_interface` param changed from boolean to string, restricted to `true`,`false`,`default`.

* Several passive-interface specific checks were added because the existing module logic tends to test for true or false and doesn't handle the None case.

* Fixed `check_mode`.

Sanity verified on: N9K,N7K,N3K,N6K

* Fix doc header

* Unit tests for passive-interface

* doc fix #2

* Fix indent for SA

* Remove 'default' keyword, restore bool behavior

* remove changes to sanity
2019-03-27 09:15:50 +05:30
Yuwei Zhou
98a3fa2dac Fix aks failure (#54381) 2019-03-27 10:57:36 +08:00
Indrajit Raychaudhuri
cd8f8d7a3e systemd: Allow standalone 'daemon_reexec' option without using 'name' (#54424) 2019-03-26 20:50:25 -04:00
Brian Coca
bc95720780
renaming facts to info (#54432)
(cherry picked from commit c5edffcdb8042f041eee41e2f11ccd2e4567e3ee)
2019-03-26 20:30:16 -04:00
Jordan Borean
1034b892df
win_acl - remove test return values 2019-03-27 10:01:31 +10:00
Jordan Borean
10f006036c
win_acl - fix support for registry paths (#54427) 2019-03-27 09:52:39 +10:00
Brian Coca
d66f3de3dc no need to deprecate, added in 2.8 2019-03-26 17:48:09 -04:00
James Cassell
92139a01df rename dellemc_idrac_firmware -> idrac_firmware (#54421) 2019-03-26 17:47:07 -04:00