* k8s*: add a reference to k8s_auth in all the modules' descriptions
* k8s_auth: new k8s module for handling auth
* k8s_auth: ignore E203
Can't use module_utils.urls, since that lacks user CA support, which is
a critical feature of what this module does.
* k8s: add k8s_kind arg to KubernetesRawModule
Single–kind k8s modules (e.g. k8s_service) do not have a module
parameter called 'kind' and need to pass a static 'kind' on
KubernetesRawModule class creation. Hence this change.
* k8s: make 'validate' and 'wait' mod params optional
Not all k8s modules utilizing KubernetesRawModule will use these.
* k8s_service: new k8s module for handling Services
* Add append_hash functionality to k8s module
append_hash adds a hash based on the contents of a ConfigMap
or Secret to the name - this enables immutable ConfigMaps and
Secrets.
* Provide k8s_config_resource_name plugin
The k8s_config_resource_name filter plugin provides a means of determining
the name of ConfigMaps and Secrets created with append_hash
* Add changelog fragment
* fix failing tests
* Update openshift version needed for append_hash
* Provide Kubernetes resource validation to k8s module
Use kubernetes-validate to validate Kubernetes resource
definitions against the published schema
* Additional tests for kubernetes-validate
* Improve k8s error messages on exceptions
Parse the response body for the message rather than returning
a JSON blob
If we've validated and there are warnings, return those too - they
can be more helpful
```
"msg": "Failed to patch object: {\"kind\":\"Status\",\"apiVersion\":\"v1\",\"metadata\":{},
\"status\":\"Failure\",\"message\":\"[pos 334]: json: decNum: got first char 'h'\",\"code\":500}\n",
```
vs
```
"msg": "Failed to patch object: [pos 334]: json: decNum: got first char 'h'\nresource
validation error at spec.replicas: 'hello' is not of type u'integer'",
```
* Update versions used
In particular openshift/origin:3.9.0
* Add changelog for k8s validate change
* Add to k8s_raw docs re: vault-encrypted files
I didn't read the examples far enough and maybe would not have tried all the examples so I ended up creating https://github.com/ansible/ansible/issues/47259 and learned that definition key with lookup works well and we agreed the docs should say something. :)
+label: docsite_pr
* Add note about ansible vault-encrypted files to src: param
* Remove trailing whitespace
* Make changes from feedback
* Make feedback changes
* Resolve invalid-unary-operand-type.
* Resolve raising-format-tuple.
* Resolve stop-iteration-return.
* Use disable comment instead of fixing logic.
The affected line in _find_address_range will only fail on Python 3.7
and later if the function is called with an empty address list. As an
internal method it is never called in this way, making it a non-issue
for use via public methods.
Using a comment to disable the rule in favor of an ignore.txt entry
since there are no plans to change the logic in the code itself. This
will also prevent any potential future issues being added in other
parts of the code when updating it based on upstream changes.
* Use a sensible default for k8s merge_type
The sensible default for merge_type is `['strategic-merge', 'merge'].
However, we can't make this the default default, as we need to support
users who are using openshift 0.6.0, where the merge_type parameter is
unsupported.
* Refactor k8s test suite for merge_type tests
Allow tests with pre-merge-type openshift and post-merge-type
openshift.
* Make merge_type a list and apply merge_type in order
Allow use case of preferring strategic-merge and failing
back to merge, or just preferring a different merge type
* Improve k8s module test coverage
`items` is a *terrible* return key for ansible as Jinja
will often think it refers to the `items()` function.
Even though you can typically work around this with
`results['items']`, sometimes even that doesn't work:
```
- name: Resources should exist
assert:
that: item.status.phase == 'Active'
loop: "{{ k8s_namespaces['items'] }}"
```
```
fatal: [testhost]: FAILED! => {"msg": "Invalid data passed to 'loop', it
requires a list, got this instead: <built-in method items of dict object
at 0x109dc9c58>. Hint: If you passed a list/dict of just one element,
try adding wantlist=True to your lookup invocation or use q/query
instead of lookup."}
```
Change it now while we still can.
Add back comma for required_one_of argument as it's
supposed to be an iterable of iterables.
PR #39787 by @Akasurde
Fixes: #39786
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
Allows patching of custom Kubernetes resources that
don't support strategic merge patching
Check that openshift module supports content_type param
(requires version newer than 0.6.0)
Read the Docs moved hosting to readthedocs.io instead of
readthedocs.org. Fix all links in the project.
For additional details, see:
https://blog.readthedocs.com/securing-subdomains/
> Starting today, Read the Docs will start hosting projects from
> subdomains on the domain readthedocs.io, instead of on
> readthedocs.org. This change addresses some security concerns around
> site cookies while hosting user generated data on the same domain as
> our dashboard.
* Move k8s modules to dynamic backend
* update required openshift version
* update -> patch
* use new dynamic client exceptions
* style
* guard urllib3 import
* guard ansibleerror import
* give more information about error cause
* format in variable
* style
* rename tests
* Search for provided kind in a few more places to match old behavior, properly handle failure
* make common code use fail instead of fail_json, to work for lookup plugins as well
* update docs
* move openshift_raw tests into k8s tests
* fix typo
* Use diff of response and resource to determine change, don't do any checking client-side before making requests
* remove duplicate yaml blocks
* Update porting guide for k8s module
* remove invalid doc refs
* If fuzzy searching finds a resource, update resource_definition to match proper kind and version
* remote unsupported openshift_raw variables
* properly check environment variables when determining auth method:
* Adds support to get value from Consul KV.
* Updates documentation.
* Corrects GRL copyright years.
* Resolves PEP 8 issues.
* Changes consul_kv NOT_SET value to `None`.
* Support getting Consul KV values recursively.
* Adds example of retrieving key value.
* Decodes kv values from Consul to utf-8.
* Switches to using module utils to perform text decoding.
* Adds self to authors list to help community maintenance.
Enforce module deprecation.
After module has reached the end of it's deprecation cycle we will replace it with a docs stub.
* Replace deprecated modules with docs-only sub
* Use of deprecated past deprecation cycle gives meaningful message (see examples below)
* Enforce documentation.deprecation dict via `schema.py`
* Update `ansible-doc` and web docs to display documentation.deprecation
* Document that structure in `dev_guide`
* Ensure that all modules starting with `_` have a `deprecation:` block
* Ensure `deprecation:` block is only used on modules that start with `_`
* `removed_in` A string which represents when this module needs **deleting**
* CHANGELOG.md and porting_guide_2.5.rst list removed modules as well as alternatives
* CHANGELOG.md links to porting guide index
To ensure that meaningful messages are given to the user if they try to use a module at the end of it's deprecation cycle we enforce the module to contain:
```python
if __name__ == '__main__':
removed_module()
```
* Module DOCUMENTATION should match argspec
Large update of many modules so that DOCUMENTATION option name and
aliases match those defined in the argspec.
Issues identified by https://github.com/ansible/ansible/pull/34809
In addition to many typos and missing aliases, the following notable
changes were made:
* Create `module_docs_fragments/url.py` for `url_argument_spec`
* `dellos*_command` shouldn't have ever had `waitfor` (was incorrectly copied)
* `ce_aaa_server_host.py` `s/raduis_server_type/radius_server_type/g`
* `Junos_lldp` enable should be part of `state`.
James Cassell
Fabian von Feilitzsch
Mariusz Mazur
Victor Fauth
Matt Clay
Jordan Borean
Dag Wieers
Toshio Kuratomi
Will Thames
Jasmine Hegman
Brandon Bell
Marc Sensenich
Joren Vrancken
Abhijeet Kasurde
Will Thames
Jon Dufresne
Adam Miller
Colin Nolan
Alvaro Aleman
Grigory Starinkin
Chris Houseknecht
John R Barker
Jean-Philippe Evrard