* task_executor.py: Raise 'conditional exception' in case of 'include_*'
Fixes#33632
Signed-off-by: Patrick Ringl <patrick_@freenet.de>
* Re-organize tests, add static include test with undefined var
* Remove unnecessary conditional
* Fixes for mode=preserve
* Document mode=preserve for template and copy
* Make mode=preserve work with remote_src for copy
* Make mode=preserve work for template
* Integration tests for copy & template mode=preserve
Fixes#39279
* Changed mode option in win_copy to hidden option as it doesn't reflect copy mode
* Fix#26755 by ensuring that the first nic in the nic list has primary set to True, and all other nics have primary set to False.
* Fix sanity issues and add test for two nics
* Fix typo in test
* fix nic list
* Ensure the niclist variable is used rather than a niclist string
* Add tests just for dual nic, reverting changes to single nic VM creation tests
* Correct idempotency test
Enable awsvpc network mode for ECS services and tasks and
their underlying task definitions
Improve test suite to thoroughly test the changes
Use runme.sh technique to run old and new versions of botocore to
ensure that the modules work with older botocore and older network modes
and fail gracefully if awsvpc network mode is used with older botocore
* add loadbalancer
* dict check nullable
* add default vallue when get list
* create backend addr pool
* fix the set
* fix to dict
* fix ideponement
* use param security group name when create
* nic can has no nsg
* add test
* fix
* fix
* fix
* fix idemponet
* add document
* fix test
* add configuration
* fix
* fix
* remove all resources
* fix
* fix test
* add version added
* fix lint
* fix lint
* fix lint
* remove new feature and only submit bugfix
* remove useless test
* fix
* psexec: new module to run commands on a remote Windows host without WinRM
* fix up sanity issue, create test firewall rule for SMB traffic
* Fixed up yaml linting issues, trying to fix on the fly firewall rule
* Added SMB exception to catch when cleaning up PAExec exe
* Don't load profile for Azure hosts when becoming another user
* Fixed up example to use correct option
* Reworded notes section of module docs
* Simplified module options around process integrity levels and the system account
* Improve ec2_ami tests
Ensure that ec2_ami_image_id fact gets set immediately after AMI
creation so that they get torn down even if tests fail
Use YAML anchor to simplify AWS credential passing
Use aws_connection_info to reduce AWS credential boilerplate
Improve exception handling when updating image attributes
Error messages weren't correctly formatted to show image ids.
* VMware: apply correct value for datacenter in TC
Signed-off-by: Tim Steinbach <tim@nequissimus.com>
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Add yarn module based off of NPM module, adjust syntax for install cmd
* Update author list
* Add Return docbloc
* Remove extra var assignment
* Always return output without emojis, small changes for yarn 0.16.1
* Move import line, add ANSIBLE_METADATA, bump version_added
* Updating module format to meet newest lint requirements. Update options and example docs.
* Bring back RETURN block and main() execution.
* All trailing whitespace removed.
* Remove json try/except.
* Add initial pass at setting up Yarn integration tests.
* Add better handling for latest and removal states. Add tests for upgrading a single package.
* Fix issue where state=latest for installing all packages caused failure.
* Set yarn bin to latest version for tests. Fix sanity tests.
* Switch template task to copy task in yarn integration tests.
* Fix the function_name handling logic for lambda_policy
Switch the logic handling function_names that are ARNs
so that ARNs are correctly handled and detected
* Add tests for lambda_policy function_arn
Ensure that function_arn works.
Needs a reasonable ansible_lambda_role.
* Skip self._parent on dynamic, defer to grandparent for attr lookup
* Revert _inheritable
* Add tests for include inheritance from static blocks
Fixes#38037#36194
If user does not specify any network type then set network type
to dhcp. There are additional checks around 'ip', 'netmask' and
'type' in network spec.
Fixes: #38466
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Include change classification data in metadata.
* Add support for disabled tests.
* Add support for unstable tests.
* Add support for unsupported tests.
* Overhaul integration aliases sanity test.
* Update Shippable scripts to handle unstable tests.
* Mark unstable Azure tests.
* Mark unstable Windows tests.
* Mark disabled tests.
* Add include_import tests for many top level include_tasks
Rename a few test playbooks to make more sense
* Use fewer include_tasks due to memory limits in CI
* get_url should accept headers as a dict, instead of only a complicated string
* update headers description text
* Add headers string and dict tests for get_url
* Add intg test for string header format parsing error
* Adjust deprecation version ahead 1 release, add the version dict format was added in to description
* Handle duplicate headers, and make it easier for users to use cookies, by providing a pre-built string
* Ensure proper cookie ordering, make key plural
* Add note about cookie sort order
* Add tests for duplicate headers and cookies_string
* Extend tests, normalize headers between py2 and py3
* Add some notes in test code
* Don't use AttributeError, use six.PY3. Use better names.
* Error if a module is found to shadow a reserved keyword
* Add test for shadowed module
* Bring in functools.wraps for the decorator
* Drop the decorator, make _find_plugin the real function, find_plugin now holds the shadow logic
* Swap order of functions for bottom to top execution order
* Only error for modules
* Add test for loading a lookup plugin that shadows a keyword
Currently, when ones run the module in check_mode it tries to retrieve
values from the actual certificate generated in the generate() function.
Since in check_mode we call dump() without calling generate(), self.cert
is None, leading to self.cert.get_notBefore(), self.cert.get_notAfter()
and self.cert.get_serial_number() raising an error.
> NoneType' object has no attribute 'get_notBefore'
The solution is to have two way to handle dump() method, whether its run
in check_mode=True or check_mode=False leading to different way the
information is retrieved.
* Required changes to support redirects on HTTP 307/308
This ensures HTTP 307 and 308 will redirect the request to the new
location without modification.
* Fix the unused newheaders reference
* Be more compliant
* Add integration tests for follow_redirects=all
* Improve other tests for new behaviour
* Make follow_redirects values more strict
* added eos_smoke tests
* removed left over file
* added note to uncomment broken eapi test when #36919 is fixed
* uncommented fixed test, added unbecome test
* skip become tests when connection=local
* Added module win_pester and relatives integration tests
* Corrected issues as stated by ansible-test
* Added defaults variable in integration tests
* Added task to install Pester if needed in the integration test
* Corrected error in win_psmodule task
* Added Pester installation with Chocolatey when Powershell version < 5
* Get facts...
* Disabled invoke-pester output
* Added pester_result type
* Added jhawkesworth changes proposal
* Corrected documentation linting
* Corrected linting
* Added dagwieers recommendations
* Added dagwieers recommendations
* Corrected linting errors and task error in integration test
* Corrected error in integration test
* Added dagwieers recommendations
* Corrected requirements in the DOCUMENTATION block
* tolerate windows line endings when loading windows module utils. Helpful for old custom windows modules.
* add test modules to demonstrate win line ending module load behaviour.
* attempt to fix sanity check failures
* pep8 fix
* explict skip of test modules from shebang check (core modules must still have expected unix style line endings)
* switch to rstrip() following core team meeting feedback
* Add aws_ses_identity_policy module for managing SES sending policies
* Add option to AnsibleAWSModule for applying a retry decorator to all calls.
* Add per-callsite opt in to retry behaviours in AnsibleAWSModule
* Update aws_ses_identity_policy module to opt in to retries at all callsites.
* Add test for aws_ses_identity_policy module with inline policy.
* Remove implicit retrys on boto resources since they're not working yet.
* Mark UCS integration tests as unsupported.
* Mark various connection tests as unsupported.
* Mark win_domain_group test as unsupported.
* Mark java_cert test as unsupported.
* Mark synchronize-buildah test as unsupported.
* Mark various AWS tests as unsupported.
* Mark azure_rm_acs test as unsupported.
* Mark GCP tests as unsupported.
* stabilize ec2_vpc_subnet module
* Add waiters for ec2_vpc_subnet
Clean up integration tests
* Reenable CI for stabilized ec2_vpc_subnet tests
* rename waiters
* Use module_json_aws where applicable
Handle WaiterError first if waiting failed
* Fix traceback when tagging with keys/values that look like booleans
* Fix check mode with tags
* Add integration tests for tags that look like booleans and check mode
* Add waiter for deleting subnet
* Sleep a few seconds after using aws command line
* Use AnsibleAWSModule to simplify AWS connection
* Add Exception handling, pagination, retries and backoff
* Allow events to be switched off
* Allow details to be obtained without having to specify services
This is required if we want to ensure that #36809 doesn't cause any
important behavioral changes.
This PR changes the uri module to support follow_redirects=urllib2
It also adds a better error message when the connection closes before
any data was returned.
* Fix apt tests
* Enable the test in CI
* Additional fixes not discovered locally
* Don't break mysql tests and fix for 14.04 upgrade
* Remove not needed when cond
* Add shebang to fix-udev script
* Remove workaround in favor of rebuilding containers
* Remove leftover script
SGs created when a VPC ID was not specified would not necessarily
get the default egress rule, even when no explicit egress rules
were set.
Add some checks for egress rules in results from existing tests
* Fix 'New Vault password' on vault 'edit'
ffe0ddea96 introduce a
change on 'ansible-vault edit' that tried to check
for --encrypt-vault-id in that mode. But '--encrypt-vault-id'
is not intended for 'edit' since the 'edit' should always
reuse the vault secret that was used to decrypt the text.
Change cli to not check for --encrypt-vault-id on 'edit'.
VaultLib.decrypt_and_get_vault_id() was change to return
the vault secret used to decrypt (in addition to vault_id
and the plaintext).
VaultEditor.edit_file() will now use 'vault_secret_used'
as returned from decrypt_and_get_vault_id() so that
an edited file always gets reencrypted with the same
secret, regardless of any vault id configuration or
cli options.
Fixes#35834
Fixes#37208
If check_mode is enabled instead of committing th config need to
discard all the chnages to cnadidate db
In case of cli to discard changes issue `rollback 0` command
and for netconf execute `discard-changes` rpc call
* Add tests using a variable in tasks_from field
Related to #32503
* Do not test using hostvars with import_role
hostvars cannot be used with import_role — use include_role instead
* template: Add integration tests for `lstrip_blocks'
Signed-off-by: Alex Tsitsimpis <alextsi@arrikto.com>
* template: Fix passing `trim_blocks' inline
Fix passing `trim_blocks' option to the template module as inline
argument. Previously passing the `trim_blocks' option inline instead of
using the YAML dictionary format resulted in it always being set to
`True', even if `trim_blocks=False' was used.
Signed-off-by: Alex Tsitsimpis <alextsi@arrikto.com>
* template: Add option to `lstrip_blocks'
Add option to set `lstrip_blocks' when using the template module to
render Jinja templates. The Jinja documentation suggests that
`trim_blocks' and `lstrip_blocks' is a great combination and the
template module already provides an option for `trim_blocks'.
Note that although `trim_blocks' in Ansible is enabled by default since
version 2.4, in order to avoid breaking things keep `lstrip_blocks'
disabled by default. Maybe in a future version it could be enabled by
default.
This seems to address issue #10725 in a more appropriate way than the
suggested.
Signed-off-by: Alex Tsitsimpis <alextsi@arrikto.com>
* template: Add integration tests for `trim_blocks'
Signed-off-by: Alex Tsitsimpis <alextsi@arrikto.com>
* template: Check Jinja2 support for `lstrip_blocks'
Since the `lstrip_blocks' option was added in Jinja2 version 2.7, raise
an exception when `lstrip_blocks' is set but Jinja2 does not support it.
Check support for `lstrip_blocks' option by checking `jinja2.defaults'
for `LSTRIP_BLOCKS' and do not use `jinja2.__version__' because the
latter is set to `unknown' in some cases, perhaps due to bug in
`pkg_resources' in Python 2.6.6.
Also update option description to state that Jinja2 version >=2.7 is
required.
Signed-off-by: Alex Tsitsimpis <alextsi@arrikto.com>
* Fix loading of filter and test plugins
Filter and test plugins are different than other plugins in that they
can have many plugins in a single file. Therefore they need to operate
a little differently. They need to have all of the potential files
returned. Then the caller takes care of passing those onto jinja2 in
order for jinja2 to make use of them.
This problem was (most recently) introduced with f921369445
This commit also restructures how we deduplicate plugins to take paths
into account. If we want to start scoping which set of modules are
loaded (due to roles, for instance) we'll need to hang on to the path
information.
* add integration test for override
* Fix style checks for bcoca code
* Implement jinja2 plugin loader as a subclass
Having a subclass allows us to customize the overriding of jinja
plugins. We can then move common parts of common code into the Loader.
* [cloud] ec2_vpc_route_table: ignore routes without DestinationCidrBlock
Add module warnings rather than silently skipping
* Permit warnings for routes tables containing vpc endpoints to be turned off
* Add tests to ensure a VPC endpoint associated with a route table does not result in a traceback
* adding possibility to specify resource group for referred virtual network
* fixed sanity issues
* removed trailing whitespace
* added test
* fixed documentation
* try to fix unstable test
* Tidied up the description of virtual_network_resource_group
* adding possibility of disabling public ip address
* fixed indent
* fixed whitespace
* fixed mistake
* try to create test with vm without public ip address
* try to fix test
* another attempt for test
* fixing test
* create vm with no ip with different name and delete it immediately
* a few additional fixes
* another attempt to pass test
* must be deleted
* simplified no ip test
* reorganised tests
* Wrapped choice in C()
* fixed issue when public ip address should not be created
* adding test for public ip address
* fixed samples
* another fix to sample formatting
* fixed test
* fix test
* fixed test
* another attempt to fix test
* maybe it works now
* still wrong
* improved check per customer request
* removed stupid semicolon
* updated test to match main scenario
* changed ip configurations to list
* another attempt
* add additional test coverage for tower modules
* add test coverage for the tower_credential module
* add test coverage for the tower_user module
* fix a bug in py3 for tower_credential when ssh_key_data is specified
* add test coverage for tower_host, tower_label, and tower_project
* add test coverage for tower_inventory and tower_job_template
* add more test coverage for tower modules
- tower_job_launch
- tower_job_list
- tower_job_wait
- tower_job_cancel
* add a check mode/version assertion for tower module integration tests
* add test coverage for the tower_role module
* add test coverage for the tower_group module
* add more integration test edge cases for various tower modules
* give the job_wait module more time before failing
* randomize passwords in the tower_user and tower_group tests
* Check that connection error msg are not unsafe
* Connection error messages are unsafe: wrap them
For example, in case of error, docker connection plugin returns exception
message containing Go template. These messages weren't tagged as unsafe
and were consequently rendered:
The conditional check 'result is failed' failed. The error was:
{
'msg': u'Docker version check ([\'/usr/bin/docker\', \'version\', \'--format\', "\'{{.Server.Version}}\'"]) failed: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.35/version: dial unix /var/run/docker.sock: connect: permission denied\n',
'failed': True
}:
template error while templating string: unexpected '.'.
String: Docker version check (['/usr/bin/docker', 'version', '--format', "'{{.Server.Version}}'"]) failed: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.35/version: dial unix /var/run/docker.sock: connect: permission denied
* eos can not check config without config session support
* add testcase for check_mode without config session
* fix eos eapi to read use_session env var
Fixes#36979
If `abort` is not issued in the top level session prompt
the existing session goes to pending state.
The fix is to come out of config mode by issuing `end` command
and again to same config session and execute `abort` which
`abort` is issued at the top level session prompt.
Fixes#35993 - Changes to update_size in commit eb4cc31 made it so
the group dict passed into update_size was not modified. As a result,
the 'replace' call does not see an updated min_size like it previously
did and doesn't pause to wait for any new instances to spin up. Instead,
it moves straight into terminating old instances. Fix is to add batch_size
to min_size when calling wait_for_new_inst.
Fixes#28087 - Make replace_all_instances and replace_instances behave
exactly the same by setting replace_instances = current list of instances
when replace_all_instances used. Root cause of issue was that without lc_check
terminate_batch will terminate all instances passed to it and after updating
the asg size we were querying the asg again for the list of instances - so terminate batch
saw the list including new ones just spun up.
When creating new asg with replace_all_instances: yes and lc_check: false
the instances that are initially created are then subsequently replaced.
This change makes it so replace only occurs if the asg already existed.
Add integration tests for #28087 and #35993.
* Remove default admin_distance and fix the idempotence thereof
Fixes#33290
* Fix tests and use yaml anchors to shorten tests
* Add test for undefined admin_distance
* Read config from `show run` if `show ip static route` fails
* Restore flags to ios.get_config & use get_config where appropriate
* win_lineinfile: fix#33858. Removed conversion from \r\n
* win_lineinfile: added test for #33858
* win_lineinfile: added documentation and more tests for change
* win_lineinfile: fixed wrong hash in testing
This fix adds datastore cluster details about datastore in returning
facts. Updated documentation and tests.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Decouple config and state check in {network_os }_vlan and { network_os }_vrf modules
Fixes#35567Fixes#34754
`interfaces` option is used for configuration as well as operational state
check. If interface is configured to given vlan or vrf but if
operational state of interface is disabled it results in module failure.
Fix is to decouple same option usage for config and state.
With this fix `interfaces` is used as config option and a new
option named `associated_interfaces` will be used for intent check
for assigned interfaces.
* Fix CI failures
* Fix review comment
* Fixed integration test failure
* ACI: Various changes to module documentation and guide
This PR includes:
- We moved the object class information to the notes
- Add version information to guide chapters
- Add generic note to modules with reference to ACI guide
- Reference known issues in aci_rest documentation
- Remove module_utils function docs from modules
- Indicate which parameters are not required for querying all objects
- Added missing RETURN information
* Fix copyright strings
* Remove aci_domain_to_encap_pool.py for v2.5
* More updates
* PEP8 fix
* Improve listings of parameters/return values
* Adding support for vApp properties.
* vm specification updated only if changes have to be applied. I.e. subsequent updates with the same data will not trigger changed state
* Auxiliary variables renamed, hope this makes the code more readable
* Integration tests changed - re-adding the same properties test not implemented, but tested on real vCenter deployment
* fixing documentation "version_added" for the feature
* Addressing reviewers comments #2:
* documentation updated with the only meaningful value for "option" attribute - "remove"
* Fixed improperly handled case when user requested "add" operation for existent property
* vApp configuration is updated only with properties that contains changes, not with all properties requested by user
* aci_spvpg: Various fixes to integration tests/modules
This PR includes:
- A fix in module_utils aci.py
- Various fixes in integration tests
* Fix typo
* Bug in del(list) logic. Say you have a list of 4 elements a[0-3]
and you have to remove index 1 and 3, if you remove index 1 first
then list is cut short a[0-2] and does not have index 3
Fix: Remove indexes in reverse sorted order e.g. 3 and 1 in above
example so that order of indexes remain preserved even after deleting
fix is to remove indexes in reverse sorted order
* Add test cases for failed case
This PR includes:
- A fix for a recently introduced issue wrt. error handling
- Added integration tests for provoked errors
- Influence standard return values using aci library for aci_rest
- Add proxy support documentation
- Documentation update related to #34175
* fix nxos_l3_interface tests as n35 doesn't support ipv6
* add terminal dont-ask to nxos_feature and nxos_lldp
* put interfaces in L2 mode for N35
* fix nxos_feature unit-tests
This fixes, cloning operation where template or existing VM
does not have network or DVPG. Also, adds some strict type checking in
network parameters.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
This PR includes:
- Rename 'protocol' parameter to 'url_protocol'
- Add limited integration tests (as we have no public firmware access)
- Add missing examples
When ACI modules are being used for querying MOs, we should not return
the previous state, as there is no previous state, there's only the
current state.
This impacts a lot of tests that were used to testing the current state
as 'previous'.
We identified an incompleteness to parameter dependencies that affects
querying all domain-related objects.
This PR also includes:
- Improvements to integration tests
- Add missing vm_provider types
- Fix examples
This relates to #36131
This PR includes:
- A fix to the module where domain_type without domain caused havoc
- A fix to the integration tests when querying all binding objects
- Improvements to integration tests