* Adds ipa_dnszone
* Use new copyright/gpl notice
* Update metadata version
* Use native error handling
* Fix boilerplate
* Remove default false
* Use localhost
* Should be 2.5
* Fix cloudwatchevent_rule exception handling
Where it is currently present, this change fixes the exception handling.
However, there are many places that it is lacking.
Fixes#30806
* Add new exception handling for cloudwatchevent_rule
Ensure all API calls are wrapped with exception handling
* PEP8 tidy up
* Remove unnecessary HAS_BOTO3 import and checks
Tidy up documentation so that NO_QA can be removed
* timezone: Add support for macOS
On macOS, preferred way of managing timezone is via `systemsetup(8)`.
Thus, we use this command instead of relying on directly modifying
`/etc/localtime` as in other *BSDs.
* timezone: Use % instead of .format() in strings
This ensures better compatibility across different versions of Python.
* Feature to Specify AZURE blob storage type
* Feature to Specify AZURE blob storage type
* Feature to Specify AZURE blob storage type
* Revert "Feature to Specify AZURE blob storage type"
This reverts commit 1d33997769ef3763a2eb434404c918134761635f.
modified: lib/ansible/module_utils/azure_rm_common.py
* Feature to Specify AZURE blob storage type
Fix adds update_dns option for ipa_host module.This option will
update DNS records of the host which is managed by FreeIPA DNS server.
Fixes: #30627
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Fix nxos provider transport warning issue
* Add default value of transport arg in provider spec
* Remove default value if transport arg in top level spec
This ensure deprecation warning is seen only in case transport
is given as a top level arg in task
* Refactor nxos modules to reference transport value from provider
spec
* Fix unit test
* Remove transport arg assignment in nxos action plugin
* As assigning transport value is handled in provider spec
top level task arg assignment is no longer required
* win_scheduled_task_stat: add new module to get stat on scheduled tasks
* fixed up linting errors and aliases file
* I should learn how to spell
* removing URI from test
* added state information for the task
* removed argument so task stays running
* Undeprecate ec2_elb_*
* Make ec2_elb* full fledged modules rather than aliases
* Split tests for ec2_elb_lb and elb_classicb_lb
* Change names in documentation of old and new elb modules
Add tests for ec2_elb_lb
As discussed before we selected win_environment to the documentation,
and point to win_uri for a more advanced module.
If we want to make this the reference module, we have to get this one
absolutely right in every possible way.
This PR cleans up both win_environment and win_uri, and makes the
required changes to the windows module development section.
This PR includes:
- An important fix to charset encoding of from address
- Documentation and examples cleanup
- PEP8 fixes
- Warning on insecure access
- Strict parameter typing
- More modern interface (using lists rather than comma, space or pipe-delimited strings)
- Warn on failure to send mail to some recipients
```
[WARNING]: Failed to send mail to 'foobar': 550 5.1.1 <foobar>:
Recipient address rejected: User unknown in local recipient table
```
- Warn on failure to parse some headers
```
[WARNING]: Skipping header 'Foobar', unable to parse
```
- Return failed recipients as return value
- Changed default encoding to utf-8
* Add Routing Engine Facts
- Map routing engine output information to routing_engines facts dict.
- Add fact 'has_2RE', which is a quick way to determine how many REs
the chassis has.
* Fix a typo
* Fix more typos
* Add slot number to routing_engine dict
* Add facts about the installed chassis modules
* Fix typo
* Fixed another typo
* Fix Path
* Change path again.
* More Typos
* Add some deubgging
* Add additional information for hardware components.
- Return information about the Routing Engines.
- Return a fact to easily determine if the device
has two routing engines.
- Return information about the hardware modules.
* Addressed pep8 stardard failures.
* Add unit test fixtures.
* Rename fixture.
* Fix unit test failures.
- Rename the fixture file to what the unit test expects.
- Strip out junos namespace attributes.
Rename file to match what the unit test expects.
* Scrubbed the routing engine serial numbers.
* Add unit test facts for new tests.
- Add unit test for ansible_net_routing_engines fact
- Add unit test for ansible_net_modules fact
- Add unit test for ansible_net_has_2RE
* Fixed spacing.
* win_scheduled_task: rewrite for additionality functionality and bug fixes
* fixes for docs and os version differences
* started with the testing
* doc fix
* added more tests
* added principals tests
* finished tests for win_scheduled_task rewrite
* feedback from PR
* change to fail when both new and deprecated args are set
* change diff variable to match new standard and update doc sentance
Currently, MIQ only supports an alert type of 'prometheus', so rather than have the caller of manageiq_provider pass this info, just set it as the default.
When calling manageiq_user to an already existing user (but leaving out the password so that it doesn't automatically 're-create' the user), the module fails with:
fatal: [127.0.0.1]: FAILED! => {"changed": false, "failed": true, "module_stderr": "Shared connection to 127.0.0.1 closed.\r\n", "module_stdout": "Traceback (most recent call last):\r\n File \"/tmp/ansible_Fr7Nt3/ansible_module_manageiq_user.py\", line 324, in <module>\r\n main()\r\n File \"/tmp/ansible_Fr7Nt3/ansible_module_manageiq_user.py\", line 315, in main\r\n res_args = manageiq_user.edit_user(user, name, group, password, email)\r\n File \"/tmp/ansible_Fr7Nt3/ansible_module_manageiq_user.py\", line 229, in edit_user\r\n if self.compare_user(user, name, group_id, password, email):\r\n File \"/tmp/ansible_Fr7Nt3/ansible_module_manageiq_user.py\", line 189, in compare_user\r\n (group_id and user['group']['id'] != group_id)\r\nKeyError: 'group'\r\n", "msg": "MODULE FAILURE", "rc": 0}
The 'group' field turns out to be 'current_group_id' (at least with ManageIQ 4.6). Update the comparison accordingly.
* add 'update_password' param to manageiq_user
Currently with the manageiq_user module, if you call it repeatedly while passing the 'password' parameter, it will always run the task and mark it as 'changed'.
Following the pattern of the AWS IAM module, add an 'update_password' parameter that takes 'always' (default) or 'on_create'. This will let you set an initial password when creating a user, but allow the user to modify their password and not stomp over their password changes if you re-run the playbook/task that created the user.
* don't stomp password when other fields change
Handle case where user fields change, but we don't want to stomp on a potentially user-changed password. Previously, if a non-password field changed, and the password param was passed in, it would ignore the 'update_password': 'on_create' setting (ie it would update/modify the password even if the user already exists).
Add trailing ',' to list of params.
* Fix tags in ec2_instance_facts
The method boto3_tag_list_to_ansible_dict in module_utils/ec2.py changed
and does no longer check whether the returned result of boto3 uses
"key" or "Key" as the tag key identifier.
This fixes ec2_instance_facts to make this check in its own, since boto3
may return "key" instead of "Key"
* Since the indices for the tags are already formatted to lowercase
by the snaking, we can assume, that the index for the tags are already
formatted
* timezone module: fixed platform decision rule for Linux
— For better handling of environments where timedatectl is unavailable
* timezone module: allow absence of configuration files if specific commands are available
* timezone module: remove duplicated line
* timezone module: fixed docs to clarify returned diff
* timezone module: fixed “undefined variable err”
* Revert "timezone module: fixed docs to clarify returned diff"
This reverts commit 4b783227f713eee9aa6717c0a8b9e697b939f471.
* timezone module: revert platform decision rule; just warn instead of futher command checks
* timezone module: [NosystemdTimezone] enhanced error message
As-merged, had several issues that prevented idempotent usage. Some args were defined at the wrong UI level. Dual-state args didn't match up with typical Ansible UI.
* Added nopackages option and Fix#24997
Adding a new option - nopackages.
This enables the option to add the --nopackages flag while registering a new node to RHN Satellite. We are not uploading the rpm data on our nodes and since we started utilizing ansible for nodes registration, I figures it would be useful for others as well.
Also-
Fixes#24997 (verified in my lab)
* Fixed documentation
* Documentation changes:
- typo fix in "default"
- Added "version_added" and set to 2.4
* Documentation changes:
- Removed trailing whitespaces in nopackages['version_added']
* This change is unrelated for this feature pull request and shouldn't be here (and also seems wrong, see #25079).
* Changed "version_added" to 2.5 in the module docs
It could be something like '10beta4', which StrictVersion() would
reject. When Postgres 10 is released, it will be '10', which
StrictVersion() would STILL reject.
Fortunately, psycopg2 has a 'server_version' connection attribute that
is guaranteed to be an integer like 90605 for version 9.6.5, or 100000
for version 10. We can safely use this for version-specific code.
* Replace pause in integration tests with until.
Use resource prefix instead of generating a random number
Only try to delete keys if they exist
* Add alias to tests
keyUsage and extendedKeyUsage are currently statically limited via a
static dict defined in modules_utils/crypto.py. If one specify a value
that isn't in there, idempotency won't work.
Instead of having static dict, we uses keyUsage and extendedKyeUsage
values OpenSSL NID and compare those rather than comparing strings.
Fixes: https://github.com/ansible/ansible/issues/30316
Current openssl_certificate is mistakenly taking its derivating its
version number from the csr version number.
Thos two fields are completly unrelated and hence the version number of
the certificate should be able to be directly specified (via
selfsigned_version parameter).
* Updating the nsupdate module to accept a list for 'value' instead
of a string. This is to allow manipulating 1:many DNS records.
A string can still be supplied so it should be backwards compatible.
Addresses issue #25554
* Update nsupdate.py
* Update nsupdate.py
* Update nsupdate.py
* openssl_certificate: Fix parameter assertion in Python3
Parameter assertion in Python3 is broken. pyOpenSSL get_X() functions
returns b'' type string and tries to compare it with '' string, leading
to failure.
The error mentionned above has been fixed by sanitizing the inputs from
a user to the assert only backend.
Also, this error was hidden by the fact that the improper check method
was called in the generate() functions.
* Add simple integration test for openssl_certificate
* remove subject == issuer assertion
* run integration tests only on supported hosts
* change min supported version to 0.15.x
* Add test for more CSR fields
* also convert dict members to bytes
* fix version_compare
* openssl_{csr, certificate}: Fail if pyOpenSSL <= 0.15
Previous 0.13 pyOpenSSL was a C-binding, and required the parameter
passed to add_extention to be in ASN.1. This has changed with the move
to 0.14 and it is now all pythong and string based.
Previous the 0.15 release, the `get_extensions()` method didn't exist,
since the modules rely heavily on it we ensure pyOpenSSL version is at
last 0.15.0.
* check pyopenssl version in openssl_csr integration test
* ec2_group: Handle name conflict with empty vpc_id.
If several groups exist with the same name (and vpc_id is None) then
treat the group outside the vpc as preferred (same as it would for a vpc
group with vpc_id specified). Also don't run the egress rules code in
that case.
* Handle lack of `IpPermissionsEgress` attribute on EC2 classic groups
In EC2 classic groups, the `while True` loop checking for egress
permissions will continue infinitely.
* Handle incompatible combinations of EC2 Classic + VPC groups
* Fix integration tests in accounts lacking EC2 classic
This change checks against the security group created, instead of the
module parameters, for VPC ID. This means that new accounts with a
default VPC will still wait properly for the first egress rule to
populate.
* Fix conditional for storing described groups with preference for matching VPC IDs
* Revert `vpc_id is None` on conditional to allow for default VPCs
* Clean up nxos_snmp_contact & nxos_snmp_location
* Bring nxos_snmp_community in line
* Bring nxos_snmp_host in line
* And I would have gotten away with it too,
if it weren't for those meddling sanity tests
* Bring nxos_snmp_traps & nxos_snmp_user in line
* Appease Shippable
* nxos_file_copy bug fix
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* provider gets set to None in module level when transport is cli
Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>
* update ec2_vpc_subnet_facts module to use boto3 and support gathering updated fact items from AWS API
add version_added to new parameter
added return docs and other requested changes
removed errant extra blank line
updates per review
* update per review: fix AWSRetry backoff implementation and fix example that was not correct
* Cleanup password error handling for E-Series auth
The E-Series auth module was using some erronous behavior on handling
the status codes when updating the system password. This patch resolves
some of these issues.
* Fix validate_certs param in E-Series auth module
The auth module was ignoring the validate_certs parameter for making
HTTPS calls to the back-end API. This patch resolves the ignored
parameter.
Pull the get_poller_result inside the if block so that if the caller has
wait_for_deployment_completion=False, it doesnt block and wait for it to
finish.
Also, since the result contains information about the deployment, provide
None values for it in the output.(Not sure if this needs to be documented)
Fixes#26014
* Refactor E-Series LunMapping module to use module_utils
Refactor the NetApp E-Series module to utlize the common module_utils
and doc_fragments.
* Remove the default LUN number
By providing a default LUN number, it interferes with the ability of the
API to determine the appropriate LUN value.
* Fix ignored validate_certs parameter
The validate_certs parameter was not being provided to the underlying
requests method. This patch resolves the issue by passing the value to
all relevant HTTP requests.
* Create instance-store AMI instances with 'terminate' as the shutdown behavior since it is required.
* Match on the error code instead of searching for a string in the message.
* Narrow conditional to only fix shutdown behavior if fixing it would help
* Fix pep8.
* refactor firewalld module with object abstraction
This change creates a FirewallTransaction object that each
individual transaction type is a sub-class of as they all follow the
same pattern to enable or disable something in the firewall.
Also, there's a few bugfixes here:
- Fix the "source" type to handle permanent operations
- Remove ambiguity of required parameters for only specific use
cases that can lead to transactions effectively being a no-op.
Instead, pick sane defaults and document them.
- Change how imports are done so globals are no longer needed
This is based on the original feedback by Toshio from the last
refactor attempt:
https://github.com/ansible/ansible-modules-extras/pull/3383
Signed-off-by: Adam Miller <maxamillion@fedoraproject.org>
* fix line too long for pep8 for shippable tests
Signed-off-by: Adam Miller <maxamillion@fedoraproject.org>
* remove firewalld from pep8/legacy-files
Signed-off-by: Adam Miller <maxamillion@fedoraproject.org>
Thomas Steen Rasmussen
Thomas Krahn
Dag Wieers
Fran Fitzpatrick
Martin Krizek
Prasad Katti
Brian Coca
James Tanner
Will Thames
Kedar K
Stefan Bieler
Indrajit Raychaudhuri
Sebastien Boyron
Toshio Kuratomi
MarkusTeufelberger
Beni Cherniavsky-Paskin
jagmeetsingh91
Hervé Beraud
Abhijeet Kasurde
Ganesh Nalawade
Sebastien Boyron
Serge Nikalaichyk
Jordan Borean
Jiri Tyr
Reid Wahl
Tim Rupp
Hervé Beraud
Reid Wahl
Vladimir Utenkov
dteach
David Mahler
Laurent Coustet
Willem van Ketwich
Trishna Guha
s-hertel
Chrrrles Paul
Joel Diaz
Ondra Machacek
Matt Clay
Wolfgang Felbermeier
Shinichi TAMURA
Scott Buchanan
Miouge1
Marko Stanković
Matt Davis
Brian Coca
Nathaniel Case
René Moser
Moshe Shitrit
Mike Wiebe
Abhijit Menon-Sen
KrdLab
Stepan Stipl
Ganesh B. Nalawade
rahushen
mwellmeyer
Yanis Guenane
John R Barker
David Critch
Felipe Garcia Bulsoni
saichint
Christian Pointner
Daniel Shepherd
Pavel Zagalsky
Jacob McGill
Michael Price
Raja Venkataraman
Nicklaus McClendon
Andrea Tosatto
ABond
Adam Miller