Currently, MIQ only supports an alert type of 'prometheus', so rather than have the caller of manageiq_provider pass this info, just set it as the default.
When calling manageiq_user to an already existing user (but leaving out the password so that it doesn't automatically 're-create' the user), the module fails with:
fatal: [127.0.0.1]: FAILED! => {"changed": false, "failed": true, "module_stderr": "Shared connection to 127.0.0.1 closed.\r\n", "module_stdout": "Traceback (most recent call last):\r\n File \"/tmp/ansible_Fr7Nt3/ansible_module_manageiq_user.py\", line 324, in <module>\r\n main()\r\n File \"/tmp/ansible_Fr7Nt3/ansible_module_manageiq_user.py\", line 315, in main\r\n res_args = manageiq_user.edit_user(user, name, group, password, email)\r\n File \"/tmp/ansible_Fr7Nt3/ansible_module_manageiq_user.py\", line 229, in edit_user\r\n if self.compare_user(user, name, group_id, password, email):\r\n File \"/tmp/ansible_Fr7Nt3/ansible_module_manageiq_user.py\", line 189, in compare_user\r\n (group_id and user['group']['id'] != group_id)\r\nKeyError: 'group'\r\n", "msg": "MODULE FAILURE", "rc": 0}
The 'group' field turns out to be 'current_group_id' (at least with ManageIQ 4.6). Update the comparison accordingly.
* add 'update_password' param to manageiq_user
Currently with the manageiq_user module, if you call it repeatedly while passing the 'password' parameter, it will always run the task and mark it as 'changed'.
Following the pattern of the AWS IAM module, add an 'update_password' parameter that takes 'always' (default) or 'on_create'. This will let you set an initial password when creating a user, but allow the user to modify their password and not stomp over their password changes if you re-run the playbook/task that created the user.
* don't stomp password when other fields change
Handle case where user fields change, but we don't want to stomp on a potentially user-changed password. Previously, if a non-password field changed, and the password param was passed in, it would ignore the 'update_password': 'on_create' setting (ie it would update/modify the password even if the user already exists).
Add trailing ',' to list of params.
* Fix tags in ec2_instance_facts
The method boto3_tag_list_to_ansible_dict in module_utils/ec2.py changed
and does no longer check whether the returned result of boto3 uses
"key" or "Key" as the tag key identifier.
This fixes ec2_instance_facts to make this check in its own, since boto3
may return "key" instead of "Key"
* Since the indices for the tags are already formatted to lowercase
by the snaking, we can assume, that the index for the tags are already
formatted
* timezone module: fixed platform decision rule for Linux
— For better handling of environments where timedatectl is unavailable
* timezone module: allow absence of configuration files if specific commands are available
* timezone module: remove duplicated line
* timezone module: fixed docs to clarify returned diff
* timezone module: fixed “undefined variable err”
* Revert "timezone module: fixed docs to clarify returned diff"
This reverts commit 4b783227f713eee9aa6717c0a8b9e697b939f471.
* timezone module: revert platform decision rule; just warn instead of futher command checks
* timezone module: [NosystemdTimezone] enhanced error message
As-merged, had several issues that prevented idempotent usage. Some args were defined at the wrong UI level. Dual-state args didn't match up with typical Ansible UI.
* Added nopackages option and Fix#24997
Adding a new option - nopackages.
This enables the option to add the --nopackages flag while registering a new node to RHN Satellite. We are not uploading the rpm data on our nodes and since we started utilizing ansible for nodes registration, I figures it would be useful for others as well.
Also-
Fixes#24997 (verified in my lab)
* Fixed documentation
* Documentation changes:
- typo fix in "default"
- Added "version_added" and set to 2.4
* Documentation changes:
- Removed trailing whitespaces in nopackages['version_added']
* This change is unrelated for this feature pull request and shouldn't be here (and also seems wrong, see #25079).
* Changed "version_added" to 2.5 in the module docs
It could be something like '10beta4', which StrictVersion() would
reject. When Postgres 10 is released, it will be '10', which
StrictVersion() would STILL reject.
Fortunately, psycopg2 has a 'server_version' connection attribute that
is guaranteed to be an integer like 90605 for version 9.6.5, or 100000
for version 10. We can safely use this for version-specific code.
* Replace pause in integration tests with until.
Use resource prefix instead of generating a random number
Only try to delete keys if they exist
* Add alias to tests
keyUsage and extendedKeyUsage are currently statically limited via a
static dict defined in modules_utils/crypto.py. If one specify a value
that isn't in there, idempotency won't work.
Instead of having static dict, we uses keyUsage and extendedKyeUsage
values OpenSSL NID and compare those rather than comparing strings.
Fixes: https://github.com/ansible/ansible/issues/30316
Current openssl_certificate is mistakenly taking its derivating its
version number from the csr version number.
Thos two fields are completly unrelated and hence the version number of
the certificate should be able to be directly specified (via
selfsigned_version parameter).
* Updating the nsupdate module to accept a list for 'value' instead
of a string. This is to allow manipulating 1:many DNS records.
A string can still be supplied so it should be backwards compatible.
Addresses issue #25554
* Update nsupdate.py
* Update nsupdate.py
* Update nsupdate.py
* openssl_certificate: Fix parameter assertion in Python3
Parameter assertion in Python3 is broken. pyOpenSSL get_X() functions
returns b'' type string and tries to compare it with '' string, leading
to failure.
The error mentionned above has been fixed by sanitizing the inputs from
a user to the assert only backend.
Also, this error was hidden by the fact that the improper check method
was called in the generate() functions.
* Add simple integration test for openssl_certificate
* remove subject == issuer assertion
* run integration tests only on supported hosts
* change min supported version to 0.15.x
* Add test for more CSR fields
* also convert dict members to bytes
* fix version_compare
* openssl_{csr, certificate}: Fail if pyOpenSSL <= 0.15
Previous 0.13 pyOpenSSL was a C-binding, and required the parameter
passed to add_extention to be in ASN.1. This has changed with the move
to 0.14 and it is now all pythong and string based.
Previous the 0.15 release, the `get_extensions()` method didn't exist,
since the modules rely heavily on it we ensure pyOpenSSL version is at
last 0.15.0.
* check pyopenssl version in openssl_csr integration test
* ec2_group: Handle name conflict with empty vpc_id.
If several groups exist with the same name (and vpc_id is None) then
treat the group outside the vpc as preferred (same as it would for a vpc
group with vpc_id specified). Also don't run the egress rules code in
that case.
* Handle lack of `IpPermissionsEgress` attribute on EC2 classic groups
In EC2 classic groups, the `while True` loop checking for egress
permissions will continue infinitely.
* Handle incompatible combinations of EC2 Classic + VPC groups
* Fix integration tests in accounts lacking EC2 classic
This change checks against the security group created, instead of the
module parameters, for VPC ID. This means that new accounts with a
default VPC will still wait properly for the first egress rule to
populate.
* Fix conditional for storing described groups with preference for matching VPC IDs
* Revert `vpc_id is None` on conditional to allow for default VPCs
* Clean up nxos_snmp_contact & nxos_snmp_location
* Bring nxos_snmp_community in line
* Bring nxos_snmp_host in line
* And I would have gotten away with it too,
if it weren't for those meddling sanity tests
* Bring nxos_snmp_traps & nxos_snmp_user in line
* Appease Shippable
Joel Diaz
Ondra Machacek
Matt Clay
Wolfgang Felbermeier
Toshio Kuratomi
Shinichi TAMURA
Dag Wieers
Scott Buchanan
Miouge1
Brian Coca
Marko Stanković
Matt Davis
Brian Coca
Nathaniel Case
René Moser
Kedar K
Moshe Shitrit
Mike Wiebe
Abhijit Menon-Sen
KrdLab
Sloane Hertel
Stepan Stipl
Ganesh B. Nalawade
rahushen
mwellmeyer
Yanis Guenane
John R Barker
Ganesh Nalawade
Abhijeet Kasurde
David Critch
MarkusTeufelberger
Felipe Garcia Bulsoni
Will Thames
saichint
Jordan Borean