* scaleway inventory: remove useless duplicate
* scaleway inventory: allows to connect using private ip
ansible_host was hardcoded and it was not possible to connect using
private addresses.
This allows to define multiple host variables, values are templates
which can use hosts details send by API. For example this config file
use private address and defines two variables:
plugin: scaleway
hostnames:
- hostname
variables:
ansible_host: private_ip
state: state
image: image.name
regions:
- ams1
inventory will looks like:
{
"_meta": {
"hostvars": {
"testhost": {
"ansible_host": "10.1.1.1",
"arch": "x86_64",
"commercial_type": "START1-M",
"hostname": "testhost",
"id": "af669464-0c74-4c89-8573-9fe763028448",
"image": "CentOS 7.4",
"organization": "2cc9a115-380d-4ac0-ba4b-8947eee71325",
"public_ipv4": "163.172.1.1",
"public_ipv6": "2001:bc8::1",
"state": "running",
"tags": [
"testtag"
]
}
}
},
[...]
}
* Add common and Swagger client utils for FTD modules
* Update FTD HTTP API plugin and add unit tests for it
* Add configuration layer handling object idempotency
* Add ftd_configuration module with unit tests
* Add ftd_file_download and ftd_file_upload modules with unit tests
* Validate operation data and parameters
* Fix ansible-doc, boilerplate and import errors
* Fix pip8 sanity errors
* Update object comparison to work recursively
* Add copyright
* YUM4/DNF compatibility via yum action plugin
DNF does not natively support allow_downgrade as an option, instead
that is always the default (not configurable by the administrator)
so it had to be implemented
- Fixed group actions in check mode to report correct changed state
- Better error handling for depsolve and transaction errors in DNF
- Fixed group action idempotent transactions
- Add use_backend to yum module/action plugin
- Fix dnf handling of autoremove (didn't used to work nor had a
default value specified, now does work and matches default
behavior of yum)
- Enable installroot tests for yum4(dnf) integration testing, dnf
backend now supports that
- Switch from zip to bc for certain package install/remove test
cases in yum integration tests. The dnf depsolver downgrades
python when you uninstall zip which alters the test environment
and we have no control over that.
- Add changelog fragment
- Return a pkg_mgr fact if it was not previously set.
* Share the implementation of hashing for both vars_prompt and password_hash.
* vars_prompt with encrypt does not require passlib for the algorithms
supported by crypt.
* Additional checks ensure that there is always a result.
This works around issues in the crypt.crypt python function that returns
None for algorithms it does not know.
Some modules (like user module) interprets None as no password at all,
which is misleading.
* The password_hash filter supports all parameters of passlib.
This allows users to provide a rounds parameter, fixing #15326.
* password_hash is not restricted to the subset provided by crypt.crypt,
fixing one half of #17266.
* Updated documentation fixes other half of #17266.
* password_hash does not hard-code the salt-length, which fixes bcrypt
in connection with passlib.
bcrypt requires a salt with length 22, which fixes#25347
* Salts are only generated by ansible when using crypt.crypt.
Otherwise passlib generates them.
* Avoids deprecated functionality of passlib with newer library versions.
* When no rounds are specified for sha256/sha256_crypt and sha512/sha512_crypt
always uses the default values used by crypt, i.e. 5000 rounds.
Before when installed passlibs' defaults were used.
passlib changes its defaults with newer library versions, leading to non
idempotent behavior.
NOTE: This will lead to the recalculation of existing hashes generated
with passlib and without a rounds parameter.
Yet henceforth the hashes will remain the same.
No matter the installed passlib version.
Making these hashes idempotent.
Fixes#15326Fixes#17266Fixes#25347 except bcrypt still uses 2a, instead of the suggested 2b.
* random_salt is solely handled by encrypt.py.
There is no _random_salt function there anymore.
Also the test moved to test_encrypt.py.
* Uses pytest.skip when passlib is not available, instead of a silent return.
* More checks are executed when passlib is not available.
* Moves tests that require passlib into their own test-function.
* Uses the six library to reraise the exception.
* Fixes integration test.
When no rounds are provided the defaults of crypt are used.
In that case the rounds are not part of the resulting MCF output.
* Update docs
* Add reboot action plugin
Refactor win_reboot so it is subclassed from reboot
* Use new connection methods
* Test fixes
* Use better uptime command for Linux
Use who -b to get the last time the system was booted rather than uptime, which changes every second.
* Use distribution specefic commands and flags
Query the managed node to determien its distribution, then set the appropriate command and flags.
* Tune debug messages a bit
* Update module docs with details about pre_reboot_delay
s docs
* Ensure that post_reboot_delay is a positive number
* Remove the stringification
* Add integration tests
* Make sure aliases are honored
* Handle systems that have an incorrect last boot time
SystemD and fakehw-clock do not properly set the
last boot time and instead always set it to epoch.
Use a different command if that is the case.
* Copyright and encoding fixes
* Minor fixes based on feedback
* Add exponential backoff to sucess check method
* Update integration test
Skip the integration test if it would try to reboot the control node. We need a new mechanism to account for this scenario in ansible-test, so tests must currently be run manually for this plugin.
* Update integration test
Skip the integration test if it would try to reboot the control node. We need a new mechanism to account for this scenario in ansible-test, so tests must currently be run manually for this plugin.
* Fail early with running with local connection
* Update docs based on feedback
* minor refactoring, state mgmt changes
The 'free' strategy still attempts to do all hosts per task before going to the next, it just doesn't wait for slow hosts,
This strategy processes each host as fast as possible to the end of the play before trying to process another host in the pool.
* Currently network_cli support multiple prompts
single answer as response. This PR adds support
for multiple answers.
* In case of multiple prompts and mulitple answers the
index of a particular prompt in the prompts list should
match with the index in the answer list.
* adding next network pluggin
* include exclude option for next_ip search
* changing example provider input
* adding new line at end
* version added info
* to fix shippable errors
* to fix shippable errors
* adding exclude option in doc section
* fix review comment
* fix review comment
Add _flushed_hosts dict to store when handlers are flushed and prevent them
to be executed too early using _filter_notified_hosts.
Add _wait_on_handler_results to wait only for handlers to be completed.
Remove only hosts that have been flushed from handler notified list.
Fix#31504, #23970
* Use newer is_sequence function instead of MutableSequence. Fixes#44327
* Add changelog for #44331
* Update changelog fragment to describe the fix in more detail
Fixes#40650Fixes#40245Fixes#41541
* Refactor netconf_config module as per proposal #104
* Update netconf_config module metadata to core network supported
* Refactor local connection to use persistent connection framework
for backward compatibility
* Update netconf connection plugin configuration varaibles (Fixes#40245)
* Add support for optional lock feature to Fixes#41541
* Add integration test for netconf_config module
* Documentation update
* Move deprecated options in netconf_config module
* Add WTI OOB and PDU Device status, control and configuration module
* reorganized module names, removed multiple modules
* Fixed sanity check failures
* Fixed sanity check failures
* Fixed sanity check failures
* Fixed sanity check failures
* moved module from network directory to remote_management.
added validate_certs parameter
added example returned data.
* pep8 issues
* cpm_status code removed from module section and placed in plugins/lookup.
Modified module code to lookup style code
* EXAMPLE spacing format error
* EXAMPLE formatting
* removed split_line parameter. Return is exclusively formatted JSON
* display edits
* delete display debug text
* Change the examples to use YAML rather than k=v shorthand
* re-enabled "required" flags for cpm_username and cpm_password
* moved redundant ansible.module_utils._text import of to_native to previous ansible.module_utils._text import line
* Got unusual error from GitHub checkin of Unstable, bump to see if it happends again.
The inventory plugin api grew a self.cache that wasn't there when we
first wrote it. There's also a need to pull in the documentation
fragments so that we have the cache parameters.
- support config operations for EXOS-based platforms
- add regex to detect command failure responses
- add exos action plugin for "backup" operation
- add unit tests for exos_command (currently 94% coverage of
exos_config.py)
NOTE:
1. use os.open() with os.O_CREAT|os.O_EXCL to check existence
and create a lock file if not exists, it's an atomic operation
2. the fastest process will create the lock file and others will
wait until the lock file is removed
3. after the writer finished writing to the password file, all the reading
operations use built-in open so processes can read the file parallel
* Update netconf plugins for junos and iosxr
Fixes#39160
* Update api signature for netcon api's
from variable arguments to named arguments
* Udpate get default rpc supported
* Fix CI issue
* Common Rest Module using httpapi transport
* comparing json objects
* platform independant Rest Api
* FTD rest module
* Remove FTD module which will be committed later from cisco team
* remove debug code
* remove common rest module
* fix shippable errors
* Add notification users
* more shipable errors
* Hold httpapi response in BytesIO
* Let httpapi plugin deal with HTTP codes if it wants
* Python 3.5 won't json.loads() bytes
* Don't modify headers passed to send
* Move code handling back to send()
but let httpapi plugin have a say on how it happens
_parsed_return_data should only be used with the return from a module.
This location was invoking a remote shell command rather than a module
so we don't want it here.
* Remove use of simplejson throughout code base. Fixes#42761
* Address failing tests
* Remove simplejson from contrib and other outlying files
* Add changelog fragment for simplejson removal
* Change how data is sent to the persistent connection socket.
We can't rely on readline(), so send the size of the data first. We can
then read that many bytes from the stream on the recieving end.
* Set pty to noncanonical mode before sending
* Now that we send data length, we don't need a sentinel anymore
* Copy socket changes to persistent, too
* Use os.write instead of fdopen()ing and using that.
* Follow pickle with sha1sum of pickle
* Swap order of vars and init being passed to ansible-connection
Add exos_facts module. Known limitations at this time include:
- Interface MTU is not reported.
- Only primary interface IP is reported.
Add basic unit tests for the exos_facts module.
An EXOS CLI prompt can be prefixed with '! ' (shutting down), '* '
(running configuration does not match saved configuration), and
can include various status tokens within parentheses after these
prefixes. Update prompt regex to accept valid CLI prompts.
* If the remote host supports session
capability set the `supports_generate_diff`
flag to false which identifies if config diff should
be generated within module or not
According to the do_encrypt interface, encrypt arg should be the hash method name used for encrypting returning password. But in the doc and lookup code it's a boolean flag, correct it to string.
* Enable setting setting cliconf plugin options
Fixes#43367
* Add support to set configuration options for implementation plugins (eg: cliconf)
from `ansible-connection`
* Fix CI failure
* Add Ansible.ModuleUtils.PrivilegeUtil and converted code to use it
* Changed namespace and class to be a better standard and fixed some typos
* Changes from review
* changes to avoid out of bound mem of server 2008
* changes to detect failure when setting a privileged not allowed
* Implement initial RouterOS support
* Correct matchers for license prompts
* Documentation updates & mild refactor
* Remove one last Cisco function
* Sanity test fixes
* Move imports to the beginning
* Remove authorize property
* Handle ANSI codes
* Revert to_lines function
* CR fixes
* test(routeros): add unit tests
* Added another test (with ANSI colors and banner in fixture).
* Ignore CRLF line endings in system_package_print file
* fix: review by ganeshrn
* nxos cliconf plugin refactor
Fixes#39056
* Refactor nxos cliconf plugin as per new api definition
* Minor changes in ios, eos, vyos cliconf plugin
* Change nxos httpapi plugin edit_config method to be in sync with
nxos cliconf edit_config
* Fix CI failure
* Fix unit test failure and review comment
Now that we don't need to worry about python-2.4 and 2.5, we can make
some improvements to the way AnsiballZ handles modules.
* Change AnsiballZ wrapper to use import to invoke the module
We need the module to think of itself as a script because it could be
coded as:
main()
or as:
if __name__ == '__main__':
main()
Or even as:
if __name__ == '__main__':
random_function_name()
A script will invoke all of those. Prior to this change, we invoked
a second Python interpreter on the module so that it really was
a script. However, this means that we have to run python twice (once
for the AnsiballZ wrapper and once for the module). This change makes
the module think that it is a script (because __name__ in the module ==
'__main__') but it's actually being invoked by us importing the module
code.
There's three ways we've come up to do this.
* The most elegant is to use zipimporter and tell the import mechanism
that the module being loaded is __main__:
* 5959f11c9d/lib/ansible/executor/module_common.py (L175)
* zipimporter is nice because we do not have to extract the module from
the zip file and save it to the disk when we do that. The import
machinery does it all for us.
* The drawback is that modules do not have a __file__ which points
to a real file when they do this. Modules could be using __file__
to for a variety of reasons, most of those probably have
replacements (the most common one is to find a writable directory
for temporary files. AnsibleModule.tmpdir should be used instead)
We can monkeypatch __file__ in fom AnsibleModule initialization
but that's kind of gross. There's no way I can see to do this
from the wrapper.
* Next, there's imp.load_module():
* https://github.com/abadger/ansible/blob/340edf7489/lib/ansible/executor/module_common.py#L151
* imp has the nice property of allowing us to set __name__ to
__main__ without changing the name of the file itself
* We also don't have to do anything special to set __file__ for
backwards compatibility (although the reason for that is the
drawback):
* Its drawback is that it requires the file to exist on disk so we
have to explicitly extract it from the zipfile and save it to
a temporary file
* The last choice is to use exec to execute the module:
* https://github.com/abadger/ansible/blob/f47a4ccc76/lib/ansible/executor/module_common.py#L175
* The code we would have to maintain for this looks pretty clean.
In the wrapper we create a ModuleType, set __file__ on it, read
the module's contents in from the zip file and then exec it.
* Drawbacks: We still have to explicitly extract the file's contents
from the zip archive instead of letting python's import mechanism
handle it.
* Exec also has hidden performance issues and breaks certain
assumptions that modules could be making about their own code:
http://lucumr.pocoo.org/2011/2/1/exec-in-python/
Our plan is to use imp.load_module() for now, deprecate the use of
__file__ in modules, and switch to zipimport once the deprecation
period for __file__ is over (without monkeypatching a fake __file__ in
via AnsibleModule).
* Rename the name of the AnsiBallZ wrapped module
This makes it obvious that the wrapped module isn't the module file that
we distribute. It's part of trying to mitigate the fact that the module
is now named __main)).py in tracebacks.
* Shield all wrapper symbols inside of a function
With the new import code, all symbols in the wrapper become visible in
the module. To mitigate the chance of collisions, move most symbols
into a toplevel function. The only symbols left in the global namespace
are now _ANSIBALLZ_WRAPPER and _ansiballz_main.
revised porting guide entry
Integrate code coverage collection into AnsiballZ.
ci_coverage
ci_complete
Nathaniel Case
Pilou
Ganesh Nalawade
Jordan Borean
Anton Nikulin
Matt Martz
Rémy Léone
Trishna Guha
Adam Miller
Matthias Fuchs
Chris Coley
Yanis Guenane
Sam Doran
Brian Coca
Matt Clay
Sloane Hertel
Dag Wieers
jctanner
Lindsay Hill
Sumit Jaiswal
Vladimir Dobriakov
Pablo
Yunfan Zhang
Joakim Israelsson
Ken Partridge
Artem Leshchev
stoned
Monty Taylor
Deepak Agrawal
Lance Richardson
Zhikang Zhang
Andrew Gaffney
ivarmu
Toshio Kuratomi
Jerry Elmore
Abhijeet Kasurde
Nicolas Finné
Sebastian Wiesinger
Bill Nottingham
Joren Vrancken
Egor Zaitsev
Artem Goncharov
Nilashish Chakraborty