* nxos_vlan: fix broken purge behavior (issue #57101) (#57229)
* nxos_vlan: fix broken purge behavior (issue #57101)
Symptoms/Analysis:
- `nxos_vlan` `purge: true` would fail when `purge` was trying to delete all unspecified vlans, including vlan 1.
- `nxos` devices do not allow removing vlan 1 and raise a cli exception error
- Previous fix#55144 caused a side effect when `purge` was used: vlan changes specified by `aggregate` were ignored; e.g.
- vlan 4 is not present; playbook specifies `aggregate: { vlan: 4 }, purge: true`
- results in proper purging but vlan 4 is not created
Solutions:
- ignore vlan 1 when purging
- remove the `not purge` check from state present logic
Added additional unit tests and integration tests.
Tested against all regression platforms.
* PEP fixes
* Add agg_show_vlan_brief.txt fixture
* Add warning for removing vlan 1
* change method name check
(cherry picked from commit 6bb13bbb84)
* changelog
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* Fix order for warning on templated conditionals
Fix bare variable warnings when the variable is a boolean
* changelog
* Add tests for cases that should and should not give warnings
If the behavior may change when the default behavior for CONDITIONAL_BARE_VARS becomes False there should be a warning. Boolean type conditionals will not change in behavior so don't warn.
* oops, forgot to add files
* typo
(cherry picked from commit 21cd24a0dd)
According to the OpenStack Networking API
the attribute binding:vnic_type of a port is optional.
This change enables the os_port module to handle
binding:vnic_type as optional.
(cherry picked from commit bc50a52ee2)
* Not native, but text (#55676)
* use to_text instead of to_native
* cleaned up some imports and other pyflakisms
* fix missing lib messages
(cherry picked from commit 27dcf8aaab)
* readded still used import
* docker_image: fix default handling of old docker-build options nocache and rm (#56610)
* Fix usage of nocache parameter.
* Fix defaults.
* Add changelog.
(cherry picked from commit 56e2d48612)
* docker_image: fix module failing when build option is used without specifying path (#56940)
* Fix module failing when build option is used without specifying path.
* Add changelog.
(cherry picked from commit 86928a5f74)
* Extend docker_image tests. (#57090)
(cherry picked from commit c54d79bc13)
* Update rabbitmq_queue.py (#56912)
change description for when `state=absent`
(cherry picked from commit 00067c8d54)
* Add changelog fragment for PR 56912
* text format fan info mismatch and module info check (#57009)
Signed-off-by: rohitthakur2590 <rohitthakur2590@outlook.com>
(cherry picked from commit b143918f30)
* nxos facts fix backport to stable 2.8
Signed-off-by: rohitthakur2590 <rohitthakur2590@outlook.com>
* Make second group match of ufw status output optional
Fixes#56674
* Fix comparison logic.
* Add changelog fragment
(cherry picked from commit 1d22909f7c)
* Apply tags conditionally so that the module does not throw up an error when using an older distro of openstacksdk
(cherry picked from commit c517538bd81149f5b507617e5f3385f98ec4642a)
* Update 56575-os_stack-apply_tag_conditionally_to_fix_the_module.yaml
* route53_facts: add check mode support
* route53_facts: add changelog fragment mentioning check mode support
* route53_facts: alter changelog fragment type from `minor_changes` to `bugfixes`
* Update changelogs/fragments/56900-route53-facts-check-mode.yaml
Co-Authored-By: Felix Fontein <felix@fontein.de>
* [docker_network] Fix idempotency when using aux_addresses in ipam_config (#56901)
* [docker_network] Fix idempotency when using aux_addresses in ipam_config
Mismatch between keys returned by Docker API (AuxilliaryAddresses) vs
expected by Ansible module (aux_addresses) resulted in tasks always
have status 'changed'. The existing code normalizing one set of
keys to another missed this special case where converting
CamelCase to lowercase is not sufficent.
Please see
https://github.com/moby/moby/blob/master/api/types/network/network.go
for reference.
* Correct keywords formatting in changelog file
Co-Authored-By: Felix Fontein <felix@fontein.de>
(cherry picked from commit 37df89b2d8)
* docker_network: Integration tests for IPAM config idempotence (#56975)
Integration tests for pull request #56901 which fixes found issues with idempotence.
(cherry picked from commit 6a50c6aae4)
* [stable-2.8] eos_l2_interface handle "Interface does not exist" (#56787)
* Quick and dirty attempt to handle eapi error
* Well this should probably change
* Hopefully this works correctly?
* Fix check_rc handling with httpapi
* Add tests that should hopefully cover the error
* Fix warnings
* Improve tests.
(cherry picked from commit cebb363fcc)
Co-authored-by: Nathaniel Case <ncase@redhat.com>
* Add changelog
* Remove backport overreach
* Fix debug statements in new tests while I'm here
* [stable-2.8] eos_config: Fix test issues (#56180)
* Alter tests to pass
* Change diff_against to make changed work again
* Add another diff_against
* Expose supports_sessions across all EOS connection types
* Change session warning to failure
* supports_sessions needs to be a method to survive the rpc boundary
* Alter tests to match
(cherry picked from commit 0bead36)
* [stable-2.8] Don't fail trying to read boot image without enable (#56126)
Also add a message when network_os_image can't be acquired.
(cherry picked from commit 3d9da0c)
Co-authored-by: Nathaniel Case <ncase@redhat.com>
* Add changelog
* Fix changelog
- Also return url and update docs for other values to indicate they are only returned on success.
- Add integration tests
- Use info variable for common return values
- Use -1 as default status rather than None. This is lines up with with existing code in urls.py
- Add unit tests to ensure status and url are returned on failure
(cherry picked from commit 8f4f3750fe)
Co-authored-by: Sam Doran <sdoran@redhat.com>
* Make ansible adhoc work with include_role
Fix logic condition so that include_role works
without
```
ERROR! 'async_val' is not a valid attribute for a IncludeRole
The error appears to be in 'None': line 0, column 0, but may
be elsewhere in the file depending on the exact syntax problem.
(could not open file to display line)
```
* Add include_role test for adhoc
(cherry picked from commit cd95843ea5)
Avoid premature vars templating
* added tests
* avoid 'is template' warning in vars, since we want them for latter templating
(cherry picked from commit 1da47bfa8c)
* [stable-2.8] Whitelist listen as a valid keyword on TaskInclude (#56586)
* Whitelist listen as a valid keyword on TaskInclude. Fixes#56580
* Move 'listen' to HandlerTaskInclude
* Remove trailing newline
(cherry picked from commit 576593e)
Co-authored-by: Matt Martz <matt@sivel.net>
* Improvement on setting VALID_INCLUDE_KEYWORDS on HandlerTaskInclude (#56801)
(cherry picked from commit 8bb3274711)
Ensure the module still work with the ESXi where CustomFieldsManager
does not exist.
From: https://www.vmware.com/support/developer/converter-sdk/conv60_apireference/vim.CustomFieldsManager.html
The CustomFieldsManager object is used to add and remove custom fields to
managed entities.
The custom fields values set on managed entities are available through the
customValue property and through the summary objects for VirtualMachine
and HostSystem. They are not available directly through this managed object.
This functionality is only available through VirtualCenter.
Fixes: #56071
(cherry picked from commit cf78759f5b)
* Fixes Netconf_config single parameter bug (#56138)
* Fixes Netconf_config single parameter bug
Fixes 56022
fixed get_config to not require multiple parameters to just run a backup
* Add Integration test for netconf_config
Associated with #56022
tests backup through netconf only using one parameter.
* Added debug to the begin and end of file
* Fix formatting of save config. #56022
* removed blank line at end: #56022
(cherry picked from commit 647ed207af)
* Fix netconf_config backup string issue (#56175)
* Convert the ElementTree object to string
before dumping the configuration in file.
(cherry picked from commit 9c5745ad21)
* Add changelog fragment
* Fix IPv6 address parsing for py2.6, and add tests
* make sure hostname isn't None
(cherry picked from commit 493cf81)
Co-authored-by: Matt Martz <matt@sivel.net>
* Allow python_requirements_facts to cope with packages with dashes
```
python_requirements_facts:
dependencies:
- kubernetes-validate
```
should work as expected
(cherry picked from commit 5b3305c71505ffd4b0fd7dc5a6a17a4d5cb4cd77)
* Allow python_requirements_facts to cope with packages with dashes (#56166)
* Allow python_requirements_facts to cope with packages with dashes
```
python_requirements_facts:
dependencies:
- kubernetes-validate
```
should work as expected
* Ensure tests run for python_requirements_facts
(cherry picked from commit 8e1dd58c2b)
* Rewrite much of the execution of meraki_switchport
- Previous versions had problems with idempotency and allowed_vlans
* Modified payload creation
- Parameter map is used
- propsed is created using .copy()
- Much cleaner this way
* Add whitespace for lint
* Add bugfix snippet for changelog
(cherry picked from commit d59eb9edab)
* When not using file_per_task, make sure we don't prematurely close the perf files
* add changelog fragment
(cherry picked from commit 867e357)
Co-authored-by: Matt Martz <matt@sivel.net>
* fix bugs for ce (#54750)
* Update ce.py
while to_text(out, errors='surrogate_then_replace').strip().endswith(']'):
display.vvvv('wrong context, sending exit to device', self._play_context.remote_addr)
conn.exec_command('return')
out = conn.get_prompt()
connetion has no send_command function and ce device has no 'exit' command to return user-view(a correct context),but 'return' .command.
* Add files via upload
Some bugs fix.
* Add files via upload
fix some bugs
* fix a bug for ce_command
Running a command with prompt via ce_command, It doesn't work.The reason is that the key word for network_cli recognition is answer not response.
* fix bugs
fix bugs for ce modules
* Update ce.py
* Delete ce_ftp.py
need modify
* Delete ce_lacp.py
* Add files via upload
* Delete ce_aaa_server.py
* Delete ce_aaa_server_host.py
* Compatible with Python 3
Compatible with Python 3 and fix bugs for ce
* Update ce_aaa_server.py
* Add files via upload
modify doc
* Add files via upload
Compatible with Python 3 and fix bugs
* Add files via upload
Compatible with Python 3 and fix bugs
* Add files via upload
Cancellation of change
* Update ce_netconf.py
It is a bug that response has no xml attribute:line 183
* Add files via upload
* Add files via upload
Compatible with Python 3 and fix bugs
* updatp ce_config.py
a bug for this module.
(cherry picked from commit 1017f15c38)
* IBM_Storage: fixed a bug which caused several of our modules to pass unwanted arguments and fail
(cherry picked from commit 13f5cf4e82638be0f75205d1262a05a5c487d839)
* IBM_Storage: Added a changelog for 56357 bug
(cherry picked from commit 0de770e748923441bedef331ed60c17cd1dd1d00)
* nxos_snmp_user: platform fixes for get_snmp_user
snmp user output behavior varies quite a bit for the different nxos platforms and required several workarounds:
- N5K/N6k
- These platforms do not support structured output for `show snmp user`.
- The current code lands in an `except` clause when the output is not structured; so I added a new `get_non_structured_snmp_user` method to scrape the state from the regular cli output if it's present.
- N9K-F
- The `group` data in the JSON output is different for this platform; it has a different key (just `group` instead of `TABLE_groups` or `group_names`) and it is not indexed
- For a single group the value is a string, for multiple groups it's a list
- sanity
- N5K/N6K/N9K-F platforms will reject `no snmp user <name> <role>` when it's the last role defined for the user.
- workaround is to use `nxos_user` to remove the user
- Changes validated on:
- `N3K, N3K-F, N35, N6K, N7K, N9K, N9K-F`
- `6.0(2)A8`
- `7.0(3)I2, 7.0(3)I4, 7.0(3)I5, 7.0(3)I6, 7.0(3)I7`
- `7.3(2)D1`
- `7.3(3)N1, 7.3(4)N1`
- `8.3(2)`
- `9.2(2), 9.2(3)`
* fix lint warning
(cherry picked from commit 8c56c116e5)
All vmware_guest_* module support for use_instance_uuid from Ansible 2.8,
somehow vmware_guest_disk missed from this change.
This fix adds support for use_instance_uuid in vmware_guest_disk.
Fixes: #56021
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 7e6be4e634)
* Add n6k support for nxos_vtp_domain
* Add n6k support for nxos_vtp_version
* Add n6k support for nxos_vtp_password
* Fix shippable error
(cherry picked from commit d55c0cf8dc)
Backport of #55678 to stable-2.8.
* XenServer: Minor changes and fixes in xenserver_guest
- xenserver_guest module: ignore wait_for_ip_address when
state=absent (fixes#55348). Module docs are updated to reflect this.
- xenserver_guest module: show proper error message when maximum number
of network interfaces is reached and multiple network interfaces are
added at once (fix for changes introduced in #54697).
- xenserver_guest module: fixed a bug in reconfigure() where VM would
be powered off even though check mode is used when reconfiguration
needs VM to be powered off.
* Added changelog fragment
(cherry picked from commit 2a39dc84b7)
* nxos_snmp_traps: fix 'group: all' for N35 platforms
- `group: all` attempts to enable traps for all features defined in the module's `feature_list`
- `N35` platforms do not support `snmp-server enable traps bfd`; so removing `bfd` from the `feature_list` for that platform
- Minor cleanup in `sanity.yaml` test file
* whitespace lint fix
(cherry picked from commit 0e0c2a7db7)
* nxos_vlan: vlan names containing regex ctl chars should be escaped (#55463)
The `nxos_vlan` module may raise with regex error `sre_constants.error: multiple repeat` in the non_structured codepath if the device has existing vlan names with certain regex control characters; e.g.
```
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Eth1/3
14 my-vlan-name-is-*** active
```
(cherry picked from commit de8ce08fd8)
* fix nxos_vlan mode idempotence bug (#55144)
* fix nxos_vlan mode idempotence bug
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* Fix CI failure
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
(cherry picked from commit 57e0567310)
* nxos_vlan fix 2.8 backport
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* `nxos_acl` may fail with `IndexError: list index out of range` while attempting to delete a non-existent ACL.
The failure occurs when the `acl` var is an empty list.
* nxos_acl: catch 501 'Structured output unsupported' when no ACLs present
With some older image versions, `show ip access-list | json` will raise a 501 error indicating `'Structured output unsupported'` when there are no access-lists configured. This change turns off the `check_rc` and then looks for the failure condition.
* Fix kwarg
* Fix lint issues
(cherry picked from commit 869fdcd7d4)
mem_reservation and memory_reservation has redundant implementation.
Combining them together.
Fixes: #54335
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 193f69064f)
* To fix the issue where nios_zone module was running second time for same object (#55595)
* fix for 55128 issue
Signed-off-by: Sumit Jaiswal <sjaiswal@redhat.com>
* review comment fix
Signed-off-by: Sumit Jaiswal <sjaiswal@redhat.com>
(cherry picked from commit 661f7be0fe)
* changelog for 2.8
Signed-off-by: Sumit Jaiswal <sjaiswal@redhat.com>
* connection/docker: add privilege escalation support (#55816)
As described in #53385 (and #31759), the docker connection driver did
not support privilege escalation. This commit is a shameless
cut-and-paste of the privilege escalation support from the `local`
connection plugin into the `docker` plugin.
Closes: #53385
(cherry picked from commit 61e476b908)
* docker connection plugin: make privilege escalation code more similar to local.py (#56288)
* Make more similar to local.py
* Fix typo.
(cherry picked from commit 708bda06aa)
* sysctl will now return an error if the value is invalid
sysctl can fail to set a value even if it returns an exit status 0. More
details: https://bugzilla.redhat.com/show_bug.cgi?id=1264080. Because of
this in case of an invalid value or a read-only file system, sysctl
module would return OK, even though it didn't set anything. To be sure
that sysctl correctly applied the changes we also need to check the
output of stderr.
(cherry picked from commit 0432b7f2522dbf82c4fabdb3fd17f7ac83f34e62)
* Run sysctl with LANG=C
Because we are parsing sysctl stderr we need to make sure that errors
are persistent across different system language settings.
(cherry picked from commit a16128f778b1e7574c5986aed26e146ac0561533)
* Add changelog fragment for sysctl
(cherry picked from commit 3ad9d4d83c1d2bbfccefb8388904c596d98f8731)
* Fix loading namespaced doc_fragments
The syntax for specifying a different fragment name was already
using '.' as a separator, so the code needed to be tweaked to
avoid choking on names like `testns.testcoll.fragname` and
`testns.testcoll.fragname.altvar`.
`get_plugin_class()` returns 'docfragment' for the fragment loader;
mangling `subdir` provides consistent alignment with the normal plugin
directory names and avoids needing special handling of plugin types
with 'module' in the name.
* Add changelog entry
(cherry picked from commit 2ef8b297ff)
* Correct link to Thomas' GitHub account (#55587) from tstringer to trstringer
(cherry picked from commit 158452661a)
* Add changelog fragments for #44811 (#55427)
(cherry picked from commit 7e0603282d)
* Speed up the Sphinx documentation build (#55593)
* speeds up the docs build by changing the navigation collapse setting
(cherry picked from commit 47a440774f)
* Improve rendering of default lists (#56041)
(cherry picked from commit 53ed1bfc49)