This PR includes:
- An important fix to charset encoding of from address
- Documentation and examples cleanup
- PEP8 fixes
- Warning on insecure access
- Strict parameter typing
- More modern interface (using lists rather than comma, space or pipe-delimited strings)
- Warn on failure to send mail to some recipients
```
[WARNING]: Failed to send mail to 'foobar': 550 5.1.1 <foobar>:
Recipient address rejected: User unknown in local recipient table
```
- Warn on failure to parse some headers
```
[WARNING]: Skipping header 'Foobar', unable to parse
```
- Return failed recipients as return value
- Changed default encoding to utf-8
* Add Routing Engine Facts
- Map routing engine output information to routing_engines facts dict.
- Add fact 'has_2RE', which is a quick way to determine how many REs
the chassis has.
* Fix a typo
* Fix more typos
* Add slot number to routing_engine dict
* Add facts about the installed chassis modules
* Fix typo
* Fixed another typo
* Fix Path
* Change path again.
* More Typos
* Add some deubgging
* Add additional information for hardware components.
- Return information about the Routing Engines.
- Return a fact to easily determine if the device
has two routing engines.
- Return information about the hardware modules.
* Addressed pep8 stardard failures.
* Add unit test fixtures.
* Rename fixture.
* Fix unit test failures.
- Rename the fixture file to what the unit test expects.
- Strip out junos namespace attributes.
Rename file to match what the unit test expects.
* Scrubbed the routing engine serial numbers.
* Add unit test facts for new tests.
- Add unit test for ansible_net_routing_engines fact
- Add unit test for ansible_net_modules fact
- Add unit test for ansible_net_has_2RE
* Fixed spacing.
* win_scheduled_task: rewrite for additionality functionality and bug fixes
* fixes for docs and os version differences
* started with the testing
* doc fix
* added more tests
* added principals tests
* finished tests for win_scheduled_task rewrite
* feedback from PR
* change to fail when both new and deprecated args are set
* change diff variable to match new standard and update doc sentance
Currently, MIQ only supports an alert type of 'prometheus', so rather than have the caller of manageiq_provider pass this info, just set it as the default.
When calling manageiq_user to an already existing user (but leaving out the password so that it doesn't automatically 're-create' the user), the module fails with:
fatal: [127.0.0.1]: FAILED! => {"changed": false, "failed": true, "module_stderr": "Shared connection to 127.0.0.1 closed.\r\n", "module_stdout": "Traceback (most recent call last):\r\n File \"/tmp/ansible_Fr7Nt3/ansible_module_manageiq_user.py\", line 324, in <module>\r\n main()\r\n File \"/tmp/ansible_Fr7Nt3/ansible_module_manageiq_user.py\", line 315, in main\r\n res_args = manageiq_user.edit_user(user, name, group, password, email)\r\n File \"/tmp/ansible_Fr7Nt3/ansible_module_manageiq_user.py\", line 229, in edit_user\r\n if self.compare_user(user, name, group_id, password, email):\r\n File \"/tmp/ansible_Fr7Nt3/ansible_module_manageiq_user.py\", line 189, in compare_user\r\n (group_id and user['group']['id'] != group_id)\r\nKeyError: 'group'\r\n", "msg": "MODULE FAILURE", "rc": 0}
The 'group' field turns out to be 'current_group_id' (at least with ManageIQ 4.6). Update the comparison accordingly.
* add 'update_password' param to manageiq_user
Currently with the manageiq_user module, if you call it repeatedly while passing the 'password' parameter, it will always run the task and mark it as 'changed'.
Following the pattern of the AWS IAM module, add an 'update_password' parameter that takes 'always' (default) or 'on_create'. This will let you set an initial password when creating a user, but allow the user to modify their password and not stomp over their password changes if you re-run the playbook/task that created the user.
* don't stomp password when other fields change
Handle case where user fields change, but we don't want to stomp on a potentially user-changed password. Previously, if a non-password field changed, and the password param was passed in, it would ignore the 'update_password': 'on_create' setting (ie it would update/modify the password even if the user already exists).
Add trailing ',' to list of params.
* Fix tags in ec2_instance_facts
The method boto3_tag_list_to_ansible_dict in module_utils/ec2.py changed
and does no longer check whether the returned result of boto3 uses
"key" or "Key" as the tag key identifier.
This fixes ec2_instance_facts to make this check in its own, since boto3
may return "key" instead of "Key"
* Since the indices for the tags are already formatted to lowercase
by the snaking, we can assume, that the index for the tags are already
formatted
* timezone module: fixed platform decision rule for Linux
— For better handling of environments where timedatectl is unavailable
* timezone module: allow absence of configuration files if specific commands are available
* timezone module: remove duplicated line
* timezone module: fixed docs to clarify returned diff
* timezone module: fixed “undefined variable err”
* Revert "timezone module: fixed docs to clarify returned diff"
This reverts commit 4b783227f713eee9aa6717c0a8b9e697b939f471.
* timezone module: revert platform decision rule; just warn instead of futher command checks
* timezone module: [NosystemdTimezone] enhanced error message
As-merged, had several issues that prevented idempotent usage. Some args were defined at the wrong UI level. Dual-state args didn't match up with typical Ansible UI.
* Added nopackages option and Fix#24997
Adding a new option - nopackages.
This enables the option to add the --nopackages flag while registering a new node to RHN Satellite. We are not uploading the rpm data on our nodes and since we started utilizing ansible for nodes registration, I figures it would be useful for others as well.
Also-
Fixes#24997 (verified in my lab)
* Fixed documentation
* Documentation changes:
- typo fix in "default"
- Added "version_added" and set to 2.4
* Documentation changes:
- Removed trailing whitespaces in nopackages['version_added']
* This change is unrelated for this feature pull request and shouldn't be here (and also seems wrong, see #25079).
* Changed "version_added" to 2.5 in the module docs
It could be something like '10beta4', which StrictVersion() would
reject. When Postgres 10 is released, it will be '10', which
StrictVersion() would STILL reject.
Fortunately, psycopg2 has a 'server_version' connection attribute that
is guaranteed to be an integer like 90605 for version 9.6.5, or 100000
for version 10. We can safely use this for version-specific code.
* Replace pause in integration tests with until.
Use resource prefix instead of generating a random number
Only try to delete keys if they exist
* Add alias to tests
keyUsage and extendedKeyUsage are currently statically limited via a
static dict defined in modules_utils/crypto.py. If one specify a value
that isn't in there, idempotency won't work.
Instead of having static dict, we uses keyUsage and extendedKyeUsage
values OpenSSL NID and compare those rather than comparing strings.
Fixes: https://github.com/ansible/ansible/issues/30316
Current openssl_certificate is mistakenly taking its derivating its
version number from the csr version number.
Thos two fields are completly unrelated and hence the version number of
the certificate should be able to be directly specified (via
selfsigned_version parameter).
* Updating the nsupdate module to accept a list for 'value' instead
of a string. This is to allow manipulating 1:many DNS records.
A string can still be supplied so it should be backwards compatible.
Addresses issue #25554
* Update nsupdate.py
* Update nsupdate.py
* Update nsupdate.py
* openssl_certificate: Fix parameter assertion in Python3
Parameter assertion in Python3 is broken. pyOpenSSL get_X() functions
returns b'' type string and tries to compare it with '' string, leading
to failure.
The error mentionned above has been fixed by sanitizing the inputs from
a user to the assert only backend.
Also, this error was hidden by the fact that the improper check method
was called in the generate() functions.
* Add simple integration test for openssl_certificate
* remove subject == issuer assertion
* run integration tests only on supported hosts
* change min supported version to 0.15.x
* Add test for more CSR fields
* also convert dict members to bytes
* fix version_compare
* openssl_{csr, certificate}: Fail if pyOpenSSL <= 0.15
Previous 0.13 pyOpenSSL was a C-binding, and required the parameter
passed to add_extention to be in ASN.1. This has changed with the move
to 0.14 and it is now all pythong and string based.
Previous the 0.15 release, the `get_extensions()` method didn't exist,
since the modules rely heavily on it we ensure pyOpenSSL version is at
last 0.15.0.
* check pyopenssl version in openssl_csr integration test
* ec2_group: Handle name conflict with empty vpc_id.
If several groups exist with the same name (and vpc_id is None) then
treat the group outside the vpc as preferred (same as it would for a vpc
group with vpc_id specified). Also don't run the egress rules code in
that case.
* Handle lack of `IpPermissionsEgress` attribute on EC2 classic groups
In EC2 classic groups, the `while True` loop checking for egress
permissions will continue infinitely.
* Handle incompatible combinations of EC2 Classic + VPC groups
* Fix integration tests in accounts lacking EC2 classic
This change checks against the security group created, instead of the
module parameters, for VPC ID. This means that new accounts with a
default VPC will still wait properly for the first egress rule to
populate.
* Fix conditional for storing described groups with preference for matching VPC IDs
* Revert `vpc_id is None` on conditional to allow for default VPCs
* Clean up nxos_snmp_contact & nxos_snmp_location
* Bring nxos_snmp_community in line
* Bring nxos_snmp_host in line
* And I would have gotten away with it too,
if it weren't for those meddling sanity tests
* Bring nxos_snmp_traps & nxos_snmp_user in line
* Appease Shippable
* nxos_file_copy bug fix
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* provider gets set to None in module level when transport is cli
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* update ec2_vpc_subnet_facts module to use boto3 and support gathering updated fact items from AWS API
add version_added to new parameter
added return docs and other requested changes
removed errant extra blank line
updates per review
* update per review: fix AWSRetry backoff implementation and fix example that was not correct
* Cleanup password error handling for E-Series auth
The E-Series auth module was using some erronous behavior on handling
the status codes when updating the system password. This patch resolves
some of these issues.
* Fix validate_certs param in E-Series auth module
The auth module was ignoring the validate_certs parameter for making
HTTPS calls to the back-end API. This patch resolves the ignored
parameter.
Pull the get_poller_result inside the if block so that if the caller has
wait_for_deployment_completion=False, it doesnt block and wait for it to
finish.
Also, since the result contains information about the deployment, provide
None values for it in the output.(Not sure if this needs to be documented)
Fixes#26014
* Refactor E-Series LunMapping module to use module_utils
Refactor the NetApp E-Series module to utlize the common module_utils
and doc_fragments.
* Remove the default LUN number
By providing a default LUN number, it interferes with the ability of the
API to determine the appropriate LUN value.
* Fix ignored validate_certs parameter
The validate_certs parameter was not being provided to the underlying
requests method. This patch resolves the issue by passing the value to
all relevant HTTP requests.
* Create instance-store AMI instances with 'terminate' as the shutdown behavior since it is required.
* Match on the error code instead of searching for a string in the message.
* Narrow conditional to only fix shutdown behavior if fixing it would help
* Fix pep8.
* refactor firewalld module with object abstraction
This change creates a FirewallTransaction object that each
individual transaction type is a sub-class of as they all follow the
same pattern to enable or disable something in the firewall.
Also, there's a few bugfixes here:
- Fix the "source" type to handle permanent operations
- Remove ambiguity of required parameters for only specific use
cases that can lead to transactions effectively being a no-op.
Instead, pick sane defaults and document them.
- Change how imports are done so globals are no longer needed
This is based on the original feedback by Toshio from the last
refactor attempt:
https://github.com/ansible/ansible-modules-extras/pull/3383
Signed-off-by: Adam Miller <maxamillion@fedoraproject.org>
* fix line too long for pep8 for shippable tests
Signed-off-by: Adam Miller <maxamillion@fedoraproject.org>
* remove firewalld from pep8/legacy-files
Signed-off-by: Adam Miller <maxamillion@fedoraproject.org>
* Adding tls settings for Zabbix host
* Using the correct Ansible version
* Removing wildcard import
* Added module_utils package
* Set version_added for visible_name back to 2.3
* Added description for >= Zabbix 3.0; Added parameters for function
* Setting version_added --> 2.5; Removed trailing whitespace
* Remove 'required: false' statements from the argument docs
* Remove 'required=False' parameters from argument spec
* Remove 'default: null' statements from the argument docs
This adds the --syn option to filter SYN packets. Can be negated.
I added a generic append_match_flag function which can be used to add
match flags without parameters. It also allows negating the flag
if the added param allows this.
Not sure if I took the best approach here so all feedback welcome :)
* cloud: azure: fix typo introduced in commit 16d23e9
The commit "Add reference to VNET resource group (#26052)"
removed an used variable.
* network: aos: error hint never shown
The ec2_vpc_route_table module notifies about a change on the route table when the instance Id of the NAT instance has changed, but in fact, nothing changes. The module call the create_route function the AWS SDK to add a new route with the same cidr. The AWS SDK should return an error instead of nothing.
Call replace_route function instead of create_route when a route table with the same cidr but with different target destination is present.
* Update elasticsearch_plugin.py
Change module to work with Elasticsearch 2.x and 5.x automatically.
Update examples and docs.
Supersedes #21989
* Check system paths for elasticsearch-plugin binary
Use get_bin_path from basic.py for searching paths.
* Create a copy of PLUGIN_BIN_PATHS rather than modifying the global
* Use provided plugin_bin path first before trying other places
Change global PLUGIN_BIN_PATHS to a tuple
This prevents errors when adding new rules that conflict with existing
ones that will be deleted. For example this allows adding a new rule
with the same priority of a rule that will be purged.
Reid Wahl
Dag Wieers
Will Thames
Vladimir Utenkov
dteach
David Mahler
Laurent Coustet
Willem van Ketwich
Trishna Guha
s-hertel
Jordan Borean
Martin Krizek
Chrrrles Paul
Joel Diaz
Ondra Machacek
Matt Clay
Wolfgang Felbermeier
Toshio Kuratomi
Shinichi TAMURA
Scott Buchanan
Miouge1
Brian Coca
Marko Stanković
Matt Davis
Brian Coca
Nathaniel Case
René Moser
Kedar K
Moshe Shitrit
Mike Wiebe
Abhijit Menon-Sen
KrdLab
Stepan Stipl
Ganesh B. Nalawade
rahushen
mwellmeyer
Yanis Guenane
John R Barker
Ganesh Nalawade
Abhijeet Kasurde
David Critch
MarkusTeufelberger
Felipe Garcia Bulsoni
saichint
Christian Pointner
Daniel Shepherd
Pavel Zagalsky
Jacob McGill
Michael Price
Raja Venkataraman
Nicklaus McClendon
Andrea Tosatto
Tim Rupp
ABond
Adam Miller
Lorin Hochstein
Dusan Matejka
Andrea Tartaglia
Jonathan Karras
Erwin Oegema
Andreas Olsson
Andrew Saraceni
Werner Dijkerman
William Griffiths
Simon Wydooghe
Simon Wydooghe
Simon Wydooghe
Anton Baklanov
Kevin Hulquest
Joshua C. Randall
Antoine Rouaze
Gerben Geijteman
Ross Williams
Joel Thompson
Ricardo Carrillo Cruz
Sam Doran
Tomaž Šifrer
Ryan Brown
Markus Juopperi
marinus81
Roman Nozdrin