* [stable-2.5] ignore ansible.cfg in world writable cwd (#42070)
* ignore ansible.cfg in world writable cwd
* also added 'warnings' to config
* updated man page template
(cherry picked from commit b6f2aad)
Co-authored-by: Brian Coca <bcoca@users.noreply.github.com>
* Update wrcwd_ansible.cfg.yml
Fixes#40626
* Due to issue in ncclient commit() method for Juniper
device (ncclient/ncclient#238)
add a workaround in junos netconf plugin to generate proper
commit-configuration xml and execute it using ncclient
generic `rpc()` method.
* Update junos_config doc
* Update changelog
(cherry picked from commit 88b966e23b)
* service_facts correct meaning of state for systemd service units
Fixes#40809
Previously this module used the commend `systemctl list-unit-files
--type=service` to query state of services but list-unit-files only
shows enabled vs disabled which is not what we want for "state"
Signed-off-by: Adam Miller <admiller@redhat.com>
* make sure to define service_name before referencing it
Signed-off-by: Adam Miller <admiller@redhat.com>
(cherry picked from commit bf1cc2f1f4)
* Skip if insertbefore BOF until later (#41767)
If a line match is found in the file and no regexp is specified, insertbefore would improperly try to add a line if set to BOF.
Add tests for this scenario.
(cherry picked from commit eaae1318f8)
* Add changelog fragment
* Use inventory.get_host instead of direct access to inventory.hosts (#41860)
* Use inventory.get_host instead of direct access to inventory.hosts. Fixes#32152
* Prevent potential side effect, by using self._inventory.localhost directly instead of get_host
(cherry picked from commit 1a2ef0922f)
* Add changelog for #41860
* fix minor issues with debug and item labels
- no more `item=None`, we always have a label now
- debug should only show expected information, either msg= or the var in var=
- also fixed method name, deprecated misleading _get_item
(cherry picked from commit 27c43daab8)
* Fixes#34893 (#40166)
Fixes several bugs exposed in #34893
* Fixes relative path handling in copy so that it splits directories and
reconstructs the correct file path
* Return failed in the proper circumstances
(cherry picked from commit ca4147f2cc)
* Add changelog for recursive copy fix
(cherry picked from commit cab0f21564)
* no_log even when task_result doesn't provide key
- now also checks task property
- added reproducer to tests for unreachable status on item loop
(cherry picked from commit 336b3762b2)
* Add changelog entry for the no_log fix
(cherry picked from commit 5fdd101a3e)
* cherry-picked from 89cea78e30 and fixed merge conflicts from restructuring the integration tests in devel
Fix async for aws_s3
Add a test that async is able to be used on aws_s3 tasks
(cherry picked from commit cef92e3942cdd76866c47d25f903625e6d7eb6ed)
* changelog format tweak
* Fix ec2_ami block_device_mapping volume_size to be int in 2.5 (#40938)
* fix ec2_ami block_device_mapping size to be int
* fixed cr issues
renamed `type` to `attribute_type`
reused `new_item` instead of creating new variable `value`
(cherry picked from commit ab96a84154)
* changelog
(cherry picked from commit e6cd727181cb6c7e08f9cbad44dc7d625e78406a)
* changelog format tweak
* aws_s3: don't decrypt file before uploading - fixes#39287 (#39634)
* aws_s3: do not decrypt file before uploading to bucket
* changelog
(cherry picked from commit 387c37e255)
* changelog format tweak
* Fixes to ios_logging (#41029)
* Logging size may not show up in config
* This is much simpler
* Avoid repetition in tests
* Both options of buffered are optional
(cherry picked from commit 92a95368fe)
* Added changelog
* Use _remote_is_local=True for local connection in synchronize (#40833)
* All instances of local connection should use _remote_is_local=True. Fixes#40551
* Switch to instance attribute for synchronize
* Add test that shows that synchronize _remote_is_local addresses tmpdir building
(cherry picked from commit ad7ba91f75)
* Add changelog entry for #40833
* fix become_method 'doas' support by properly specifying becomecmd
a repatch of https://github.com/ansible/ansible/pull/13451/ which was never committed to 'devel' branch.
* fix play_context test for become_method doas to match new becomecmd
(cherry picked from commit be3670f528)
* Fix failing aws_ses_identity integration tests (#39560)
* Fix failing aws_ses_identity integration tests
Reduce boilerplate with yaml anchor
* remove unstable test alias
* Update feedback forwarding check to use desired state rather than
repeated API calls.
(cherry picked from commit 571c183f59)
* changelog
* Fix legacy Nexus 3k integration test and module issues. (#40322)
* Add setup ignore_errors for nxos_config test
* Fix parse_fan_info for n3k
* Skip bidir tests for N3k
* Omit vni config for n3k
* Skip unsupported nxos_vrf_af test on N3K
* Add legacy N3K platform tag
(cherry picked from commit 63e16431b7)
* Skip N35 and N3L platforms for nxos_evpn_global test (#40333)
(cherry picked from commit ad69ef88e7)
* add normalize_interface in module_utils and fix nxos_l3_interface module (#40598)
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
(cherry picked from commit 0b7932db30)
* nxos_interface: Disable switchport for loopback/svi (#40314)
* nxos_interface: Disable switchport for loopback/svi
* Replace interface_type with get_interface_type(name)
(cherry picked from commit d04a989bd2)
* fixes bug with matching nxos prompts (#40655)
This change addresses an issue where the prompt matching regular
expressions would not match a prompt if the hostname starts with a
numeric value. Before this change, the connection would fail with a
socket.timeout() error. This change updates the termnal_stdout_re
values to now check for a number.
See Github issue #38639
(cherry picked from commit d829ff6993)
* fix nxos_vrf and migrate get_interface_type to module_utils (#40825)
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
(cherry picked from commit b4baa2d484)
* nxos_vlan fix
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* changelog nxos bugfixes 2.5.4
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* Update jenkins_plugin.py
When setting state=latest, plugin are always updated because old sha1 is bytes and and is compared to new sha1 which is str (so it always detecting a sha1 change)
* Add changelog
* winrm: add better exception handling for krb5 auth with pexpect
* Added changelog fragment
* Added exception handler in case kinit path isn't valid, added test cases
* fixed for Python 2 compatibility
(cherry picked from commit 5e28e282a5)
* Get the str value of xmlrpc.client.DateTime
* get_all_records should be used instead of get_all
* Facts returned with 'ansible_facts'
* Remove some redundant code
* Add cheese as maintainer
* Add changelog entry
(cherry picked from commit d45b044992)
* Do not join flag parameters
This put a comma between every character of the tcp flag parameters, resulting in a bad iptables command.
Fixes#36490
* Use suboptions to ensure tcp_flags options are lists
* Add unit tests for tcp_flags
* Add example of how to use tcp_flags
(cherry picked from commit c9d3bb59a4)
With python 3.6 spwd.getspnam returns PermissionError instead of
KeyError if user does not have privileges
(cherry picked from commit 0023b1ee9eca1286493c56ce5e1aa1b2272c3e39)
* winrm: source user from options than remote_user (#40467)
* winrm: source user from options than remote_user
* fixed up mock for kerberos import
* Added changelog fragment
* get hostname from option as well
(cherry picked from commit 1ac180c74d)
* Also removed uneeded method that wasn't backported
* Add fallback check for IAM role temp creds (#40240)
* Add fallback check for IAM role temp creds
(cherry picked from commit d5a5e37fcf)
* changelog
* Fix changelog
* Fix fix changelog
* Fixing lack of failure when uploaded source is invalid (#37461)
Checking the response status for 400 and throwing exception.
Unit tests updated.
Fixes#37406
(cherry picked from commit 5e990301bb)
* changelog
* [aws_s3] Fix uploading src option on the target machine to a bucket (#39023)
* Fix backward compatibility for uploading src option on the target machine to a bucket
* Allow the module to handle errors for nonexistent files
(cherry picked from commit b8a93c12e2)
* changelog
* Fix nested noop block padding in dynamic includes (#38814)
* Fix nested noop block padding in dynamic includes
* Address issues from the review
* Fix typo
(cherry picked from commit 5dd8977cfa)
* Add changelog/fragment for 38814
* [cloud] Make ec2_vpc_route_table wait for the route to propagate (#35975)
* Stabilize ec2_vpc_route_table
Wait for route table to be present before attempting to use it
Sleep before getting the final state of the route table in case modifications are incomplete
* Conditionally wait if changes were made
* Simplify logic
(cherry picked from commit 8fb31ac2f01e7c75d5181510290c99aee22be7ef)
* Route custom waiter (#36922)
This creates a way for us to use boto3's data-driven waiter support to use custom waiters where Boto3 hasn't implemented them yet.
The only waiter implemented so far is for VPC Route Tables to check that they exist, and this replaces some custom retry code.
(cherry picked from commit a40bce2bcbd5a40aee0de2b6ab5f6197bb1c5237)
* Use NormalizedOperationMethod to catch ClientErrors so the waiter can handle them properly (#37356)
(cherry picked from commit c9e8aca26cfc7559e7e8c7970acf06cd30cc7629)
* [cloud] Add custom waiters to stabilize ec2_vpc_subnet module - Fixes#36083 (#37534)
* stabilize ec2_vpc_subnet module
* Add waiters for ec2_vpc_subnet
Clean up integration tests
* Reenable CI for stabilized ec2_vpc_subnet tests
* rename waiters
* Use module_json_aws where applicable
Handle WaiterError first if waiting failed
* Fix traceback when tagging with keys/values that look like booleans
* Fix check mode with tags
* Add integration tests for tags that look like booleans and check mode
* Add waiter for deleting subnet
* Sleep a few seconds after using aws command line
(cherry picked from commit ea943e454c783c6b0ffb91b78131f27cd9bce269)
* Fix sporadic errors in ec2_vpc_subnet integration tests (#38473)
(cherry picked from commit 46f13d343786fa3985cc16cc770762984c7884ac)
* [aws] Skip ec2_vpc_subnet waiters for old botocore versions (#39171)
Fix ec2_vpc_subnet for botocore versions that do not accept the WaiterConfig parameter
(cherry picked from commit 6b91dae21c20006677e1e4adf2a9ff7ad55ca49c)
* [aws] Increase possible wait time for nonmonotonic subnet attributes (#38960)
(cherry picked from commit c4f010704890581a4974e83af03c2e81fb29e58e)
* changelog
* Exit admin mode properly on iosxr_config (#39594)
Fixes#38811
When using 'admin' in iosxr-config, we need to pass an end
to config terminal session but also pass exit so we exit admin
mode.
(cherry picked from commit 56c5567912)
* Add bugfix fragment
If a file disappears when you are removing it, this will ensure it
doesn't fail and continues as expected.
(cherry picked from commit 6a08b16c37)
Add changelog for file removal race
(cherry picked from commit 7c9122a89d)
* "route" has to be the first option in ufw command (#31756)
For supporting deletion of ufw routes, route option has to be placed before delete option
(cherry picked from commit 21004d86f9)
* Changelog
* nios lookup errors out when there are no results #37970 (#39027)
* Update nios.py
* Update nios.py
* Update nios.py
* nios lookup errors out when there are no results #37970 Open
Indentation failure issue resolved
* Returning empty list instead of None
In case of no results, res will be returned as an empty list instead of None (implementing ganeshrn comment)
(cherry picked from commit fd50248463)
* Adding changelog mesage for nios lookup error
* Only change expiration date if it is different
Modify user_info() method to also return the password expiration.
Compare current and desired expiration times and only change if they are different.
* Improve formatting on user tests
* Add integration test for expiration
* Add changelog fragment
* Improve integration test
Skip macOS and use getent module for validating expiration date.
* Fix expiration change for FreeBSD
* Don't use datetime since the total_seconds method isn't available on CentOS 6
* Use better name for expiration index field
Use separate tasks for verifying expiration date on BSD
* Use calendar.timegm() rather than time.mktime()
calendar.timegm() is the inverse of time.gmtime() and returns a timestamp in UTC not localtime
Add tests that change the system timezone away from UTC
* Mark tests as destructive and use test for change status
* Fix account expiration for FreeBSD
Use DATE_FORMAT when setting expiration date on FreeBSD. Previously the argument passed to -e was an integer of days since epoch when the account will expire which was inserted directly into master.passwd. This value is interpreted as seconds since epoch by the system, meaning the account expiration was actually set to a few hours past epoch.
Greatly simply comparing desired and current expiration time by using the first three values of the struct_time tuple rather than doing a whole bunch of manipulations of the seconds since epoch.
(cherry picked from commit 5a6bdef76b)
* show version brief does not work on iosxr virtual (#37609)
* show version brief does not work on iosxr virtual
* ci failures fix
(cherry picked from commit 66b389a00d)
* changelog entry
* Handling of configurations blocks with end-* at the end of the block (#39673)
* handle end-policy issue
* revert changes in iosxr cliconf
* fix trailing parents not included in difference
* Moving fix to platform specific fix
* pep 8 issues
(cherry picked from commit ef577b71cc)
* changelog entry
If default option is eanbled fetch the current
running configuration by adding `all` or `full`
flag
(cherry picked from commit 09e3b5c92b)
Update Changelog
* Update vars for loop_control on each loop iteration (fixes#38899) (#39818)
(cherry picked from commit 01e8139d74)
* Changelog snippet for cherry-pick of #39818
* Make sure that the implicit async_status gets the env from a task with async. Fixes#39699 (#39764)
(cherry picked from commit 3b496db4d8)
* Add changelog for #39764
`network['vlan']` should be a VLAN ID
Integers passed around using jinja variable references are
converted to strings (see # 9362)
The # 32738 PR should allow using 'NativeType' in ansible
Explicitly converting to integer will make the module works
as expected with or without the NativeType support
`network['vlan']` can also be a VLAN NAME (fallback)
Explicitly converting to string will make the module works
as expected with or without the NativeType support
Signed-off-by: Matthieu Fronton <m@tthieu.fr>
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit a0b4462aea)
* Fixes 30786 - add server response to the failure
(cherry picked from commit 0ac885f1c7546caa5b9178b142f490d211167f5a)
* replace str(e) with to_native(e) according to code review
(cherry picked from commit e2e3bf6b9ae44d565baeaa7d7d1ab853888d8c7a)
* add changelogs/fragments
* Fix eos_vlan associated interface check
Fix eos_vlan associated interface check by comparing
the interface in want and have without converting the
interface name to lower
* Update eos_vlan docs
* Update changelog
(cherry picked from commit afdc2364f2)
There was a traceback when setting permissions on a directory tree when
there were broken symlinks inside of the tree and follow=true. chmod -R
ignores broken symlinks inside of the tree so we've fixed the file
module to do the same.
Fixes#39456
(cherry picked from commit 6b159fdb03)
* Fix for file module with symlinks to nonexistent target
When creating a symlink to a nonexistent target, creating the symlink
would work but subsequent runs of the task would fail because it was
trying to operate on the target instead of the symlink.
Fixes#39558
(cherry picked from commit 4f664f8ff6)
Fixes#27262
(cherry picked from commit 81b2529159)
Add tests for template with non-ascii filenames
This is a test in response to #27262 but I could not provoke the error
so it only shows that the current code is working with non-ascii
filenames in this case. It doesn't show whether there's some other bug
somewhere.
(cherry picked from commit f91d961cb4)
* ensure 'home' translations
* removed slash as it created issues on diff plats
(cherry picked from commit cc1c7c63db)
* fixed bug introduced by orig commit, this should only affect single ~ paths
Currently, the module fail with a error saying that --acme-dir is mandatory.
Looking at the commandline:
/usr/sbin/acme-tiny --chain --account-key /srv/letsencrypt/acme_key/acme.key
--csr /srv/letsencrypt/nginx_certs/www.example.org.csr--acme-dir /srv/letsencrypt/webroot",
We can see that the space before --acme-dir is missing.