* Fix backup issue in network config modules
* Fix `get_working_path` not found issue introduced due to
backup config code refactor (PR #50208)
* Further refactor config related action plugins to minimize
duplicate code
* Remove unwated imports in config action plugins
* Add common network class for action plugin and related code refactor
* Fix review comment
* Fix various bugs related in reboot
- Use format strings for consistency and improve debug log messages
- Use local variables instead of class attributes in order to be thread safe
- Run setup module to get distribution and version
- Run find module to get full path of shutdown command
- Use ansible_os_family and ansible_distribution to find commands and args
- Use same command for all Solaris/SunOS distributions
- Move delay calculations to properties
- Reliably check for module run failure
- Fix bug in run_test_command() that accidentally made the method work properly
- Use better exceptions rather than Exception
- Use dict literals rather than constructors
- Correct _check_delay() so it always returns a value, not None
- Don't store and return result in run_test_command() because it's not used anywhere
- add test for post reboot command that fails
- test negative values for delay parameters
Template lookup plugin now support variable_start_string and
variable_end_string, just like template module.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
Different connection plugins return different data when throwing exceptions. The Paramiko connection plugin does not return a text sting, which caused an exception.
The ssh connection plugin returns multi-line errors, which makes the debug logs harder to read. Only return the last line in that case in order to make the logs more readable.
When experiencing a connection failure, reset the connection.
Add reset() to paramiko_ssh
Indicate thet conection state is False when running close(). This is needed by the ensure_connected() decorator to work properly.
Co-authored-by: Matt Martz <matt@sivel.net>
* Always use /proc/sys/kernel/random/boot_id to confirm reboot on Linux
/proc/sys/kernel/random/boot_id is available since kernel 2.3.16 and
should be safe to rely on.
The previously used method by checking the system boot time using who -b
turned out to be unreliable: Some systems lacking an RTC report the Unix
epoch as boot time, but the code trying to detect that did't always
work.
Closes#46562
* Change DEFAULT_BOOT_TIME_COMMAND
- change to usinsg /proc by default
- add BOOT_TIME_COMMANDS for BSD, Solaris, and macOS
* win_update: Add post search category matching to support product matching
* win_updates: Return categories of each update
* win_updates: Documentation fix-up
* win_updates: Adjusted documentation to reflect regex vs sub-string match of post-cat strings
* win_updates: Sped up post-category checking
* win_updates: Updated documentation to suggest querying post-category strings
* win_updates: Simplified saving and checking post-categories
* fixed some issues and added filtered categories to return value
* win_updates: Moved all category matching to occur after initial search
* win_updates: Adjustments to satisfy PowerShell lint checks
* win_updates: Dropped category validation from action plugin
* win_updates: Documentation updates
* win_updates: Fixed plugin unit tests
* fix(tasks: synchronize): wrap in sshpass if ssh password was provided
Closes#16616
* fix(tasks: synchronize): pass rsync password to sshpass via fd
* fix(tasks: synchronize): use fail_json instead of AnsibleError
* fixup! fix(tasks: synchronize): use fail_json instead of AnsibleError
fix python2 handling
* feat(module_utils: basic: run_command): add optional arguments `pass_fds` and `before_communicate_callback`
* fix(tasks: synchronize): use module.run_command instead of subprocess.Popen
* fixup! fix(tasks: synchronize): use module.run_command instead of subprocess.Popen
remove unused import
* fixup! fixup! fix(tasks: synchronize): use module.run_command instead of subprocess.Popen
pass_fds only if they passed to run_command()
* reboot: Add timeout in error to help troubleshooting
So we've been hit by 'Timed out waiting for boot_time check' and it was
unclear what timeout was used for the boot_time check. By adding the
timeout value it is easier to understand the used value, and verify if a
change to the timeout is reflected in the output.
* Add changelog fragment
* win_reboot: Fix for ignore post_reboot_delay
This fixes an issue where win_reboot would be ignoring the provided
post_reboot_delay (and on Windows timing/waiting is everything!)
This must be backported to the v2.7 branch.
* Merge post-reboot handling into run()
* win_exec: refactor PS exec runner
* more changes for PSCore compatibility
* made some changes based on the recent review
* split up module exec scripts for smaller payload
* removed C# module support to focus on just error msg improvement
* cleaned up c# test classifier code
The stdout and stderr values returned from self._low_level_execute() are text, not bytes. This results in an error in Python 3 since str and bytes cannot be concatenated.
Changing to unicode type allows this to work without error on Python 2 and Python 3.
* Ensure that the src file contents is converted to unicode in diff info. Fixes#45717
* Fix up and cleanup
* The diff functionality in the callback plugins should have the
to_text() calls removed since we're now doing it in ActionBase
* catching of UnicodeError and warnings in the callback diff
functionality from 61d01f549f haven't been
needed since we switched to to_text so remove them.
* Add a note to ActionBase's diff function giving an example of when the
diff function will be inaccurate and how to fix it
* Fix callback get_diff() tests
I believe the unittests of callback's get_diff() were wrong. They were
sending in a list where strings were expected. Because previous code
was transforming the lists into strings via their repr, the previous
tests did not fail but they would have formatted the test cases output
in an odd way if we had looked at it.
* win async: use async_dir for the async results file directory
* tried to unify POSIX and PowerShell async implementations of async_dir
* fix sanity issue
* reboot: Fix typo and support bare Linux systems
This fixes a problem for bare Linux systems that do not support 'who -b' or 'uptime -s'.
* Accumulate stdout and stderr information
* win_script: add support for become and centralise exec wrapper builder
* satisfying the pep8 gods
* do not scan for module dependencies when running as a script
* YUM4/DNF compatibility via yum action plugin
DNF does not natively support allow_downgrade as an option, instead
that is always the default (not configurable by the administrator)
so it had to be implemented
- Fixed group actions in check mode to report correct changed state
- Better error handling for depsolve and transaction errors in DNF
- Fixed group action idempotent transactions
- Add use_backend to yum module/action plugin
- Fix dnf handling of autoremove (didn't used to work nor had a
default value specified, now does work and matches default
behavior of yum)
- Enable installroot tests for yum4(dnf) integration testing, dnf
backend now supports that
- Switch from zip to bc for certain package install/remove test
cases in yum integration tests. The dnf depsolver downgrades
python when you uninstall zip which alters the test environment
and we have no control over that.
- Add changelog fragment
- Return a pkg_mgr fact if it was not previously set.
* Update docs
* Add reboot action plugin
Refactor win_reboot so it is subclassed from reboot
* Use new connection methods
* Test fixes
* Use better uptime command for Linux
Use who -b to get the last time the system was booted rather than uptime, which changes every second.
* Use distribution specefic commands and flags
Query the managed node to determien its distribution, then set the appropriate command and flags.
* Tune debug messages a bit
* Update module docs with details about pre_reboot_delay
s docs
* Ensure that post_reboot_delay is a positive number
* Remove the stringification
* Add integration tests
* Make sure aliases are honored
* Handle systems that have an incorrect last boot time
SystemD and fakehw-clock do not properly set the
last boot time and instead always set it to epoch.
Use a different command if that is the case.
* Copyright and encoding fixes
* Minor fixes based on feedback
* Add exponential backoff to sucess check method
* Update integration test
Skip the integration test if it would try to reboot the control node. We need a new mechanism to account for this scenario in ansible-test, so tests must currently be run manually for this plugin.
* Update integration test
Skip the integration test if it would try to reboot the control node. We need a new mechanism to account for this scenario in ansible-test, so tests must currently be run manually for this plugin.
* Fail early with running with local connection
* Update docs based on feedback
* minor refactoring, state mgmt changes
Fixes#40650Fixes#40245Fixes#41541
* Refactor netconf_config module as per proposal #104
* Update netconf_config module metadata to core network supported
* Refactor local connection to use persistent connection framework
for backward compatibility
* Update netconf connection plugin configuration varaibles (Fixes#40245)
* Add support for optional lock feature to Fixes#41541
* Add integration test for netconf_config module
* Documentation update
* Move deprecated options in netconf_config module
- support config operations for EXOS-based platforms
- add regex to detect command failure responses
- add exos action plugin for "backup" operation
- add unit tests for exos_command (currently 94% coverage of
exos_config.py)
_parsed_return_data should only be used with the return from a module.
This location was invoking a remote shell command rather than a module
so we don't want it here.
* Remove use of simplejson throughout code base. Fixes#42761
* Address failing tests
* Remove simplejson from contrib and other outlying files
* Add changelog fragment for simplejson removal
Now that we don't need to worry about python-2.4 and 2.5, we can make
some improvements to the way AnsiballZ handles modules.
* Change AnsiballZ wrapper to use import to invoke the module
We need the module to think of itself as a script because it could be
coded as:
main()
or as:
if __name__ == '__main__':
main()
Or even as:
if __name__ == '__main__':
random_function_name()
A script will invoke all of those. Prior to this change, we invoked
a second Python interpreter on the module so that it really was
a script. However, this means that we have to run python twice (once
for the AnsiballZ wrapper and once for the module). This change makes
the module think that it is a script (because __name__ in the module ==
'__main__') but it's actually being invoked by us importing the module
code.
There's three ways we've come up to do this.
* The most elegant is to use zipimporter and tell the import mechanism
that the module being loaded is __main__:
* 5959f11c9d/lib/ansible/executor/module_common.py (L175)
* zipimporter is nice because we do not have to extract the module from
the zip file and save it to the disk when we do that. The import
machinery does it all for us.
* The drawback is that modules do not have a __file__ which points
to a real file when they do this. Modules could be using __file__
to for a variety of reasons, most of those probably have
replacements (the most common one is to find a writable directory
for temporary files. AnsibleModule.tmpdir should be used instead)
We can monkeypatch __file__ in fom AnsibleModule initialization
but that's kind of gross. There's no way I can see to do this
from the wrapper.
* Next, there's imp.load_module():
* https://github.com/abadger/ansible/blob/340edf7489/lib/ansible/executor/module_common.py#L151
* imp has the nice property of allowing us to set __name__ to
__main__ without changing the name of the file itself
* We also don't have to do anything special to set __file__ for
backwards compatibility (although the reason for that is the
drawback):
* Its drawback is that it requires the file to exist on disk so we
have to explicitly extract it from the zipfile and save it to
a temporary file
* The last choice is to use exec to execute the module:
* https://github.com/abadger/ansible/blob/f47a4ccc76/lib/ansible/executor/module_common.py#L175
* The code we would have to maintain for this looks pretty clean.
In the wrapper we create a ModuleType, set __file__ on it, read
the module's contents in from the zip file and then exec it.
* Drawbacks: We still have to explicitly extract the file's contents
from the zip archive instead of letting python's import mechanism
handle it.
* Exec also has hidden performance issues and breaks certain
assumptions that modules could be making about their own code:
http://lucumr.pocoo.org/2011/2/1/exec-in-python/
Our plan is to use imp.load_module() for now, deprecate the use of
__file__ in modules, and switch to zipimport once the deprecation
period for __file__ is over (without monkeypatching a fake __file__ in
via AnsibleModule).
* Rename the name of the AnsiBallZ wrapped module
This makes it obvious that the wrapped module isn't the module file that
we distribute. It's part of trying to mitigate the fact that the module
is now named __main)).py in tracebacks.
* Shield all wrapper symbols inside of a function
With the new import code, all symbols in the wrapper become visible in
the module. To mitigate the chance of collisions, move most symbols
into a toplevel function. The only symbols left in the global namespace
are now _ANSIBALLZ_WRAPPER and _ansiballz_main.
revised porting guide entry
Integrate code coverage collection into AnsiballZ.
ci_coverage
ci_complete
One of the earlier implementation of unified temp for 2.4 passed the
temp diretory to the remote side using this environment variable. We
later changed it to be passed via a module parameter but forgot to
remove the environment variable.
Allow specifying the source and destination files' encodings in the template module
* Added output_encoding to the template module, default to utf-8
* Added documentation for the new variables
* Leveraged the encoding argument on to_text() and to_bytes() to keep the implementation as simple as possible
* Added integration tests with files in utf-8 and windows-1252 encodings, testing all combinations
* fix bad smell test by excluding windows-1252 files from the utf8 checks
* fix bad smell test by excluding valid files from the smart quote test
* Support setting persistent command timeout per task basis
Fixes#42200
* Add variable `ansible_command_timeout` to `persistent_command_timeout`
option for `network_cli` and `netconf` connection plugin so that the
command_timeout can be set per task basis while using `connection=network_cli`
or `connection=netconf`
eg:
```
- name: run copy command
ios_command:
commands:
- show version
vars:
ansible_command_timeout: 40
```
* Modify `ansible-connection` to read command_timeout value from
connection plugin options.
* Add `ansible_command_timeout` to `persistent_command_timeout`
option in `persistent` to support `connection=local` so that
it is backward compatibilty
* To support `connection=local` pass the timeout value as variables
from persistent connection to `ansible-connection` instead of sending
it in playcontext
* Fix CI failure
* Fix review comment
This change adds a new argument to the telnet action plugin that will
cause the module to send a newline character before trying to login.
This is convienent when using telnet over a console connection that
needs an initial newline character to start the login process.
This change also will cause the sent command and command response to be
displayed on stdout when running in verbose mode (5 v's).
* win_reboot: fix 2.6 issues and better handle post reboot reboot
* changed winrm _reset to reset
* Add handler to reset calls when .reset() throws an AnsibleError on older hosts
* Moving back to _reset to get the issue fixed
* Fix tmpdir on non root become
- also avoid exception if tmpdir and remote_tmp are None
- give 'None' on deescalation so tempfile will fallback to it's default behaviour
and use system dirs
- fix issue with bad tempdir (not existing/not createable/not writeable)
i.e nobody and ~/.ansible/tmp
- added tests for blockfile case
* Revert "Temporarily revert c119d54"
This reverts commit 5c614a59a6.
* changes based on PR feedback and changelog fragment
* changes based on the review
* Fix tmpdir when makedirs failed so we just use the system tmp
* Let missing remote_tmp fail
If remote_tmp is missing then there's something more basic wrong in the
communication from the controller to the module-side. It's better to
be alerted in this case than to silently ignore it.
jborean and I have independently checked what happens if the user sets
ansible_remote_tmp to empty string and !!null and both cases work fine.
(null is turned into a default value controller-side. empty string
triggers the warning because it is probably not a directory that the
become user is able to use).
* Fix fetching old style facts in junos_facts module
Fixes#42298
* To fetch old style facts from junos device it requires
login credentials in provider, hence while using
connection=nectonf do not delete provider values
as it might not be ignored
* Add `ofacts` as one of the options in `gather_subset`
* Minor update in documentation
* Fix CI failure
* ensure copy action plugin returns an invocation in result
Fixes#18232
Previously the action plugin for copy, which runs operations on the
control host to orchestrate executing both local actions on the
control host and remote actions on the remote host, is not returning
invocation dict in the result dict, this happens here where the
return from _copy_file() is None
When force is True, the _execute_module() method is called, which
returns the dict containing the invocation key. This patch ensures
there is always an invocation key.
Signed-off-by: Adam Miller <admiller@redhat.com>
* fix conditional, handle content no_log
Signed-off-by: Adam Miller <admiller@redhat.com>
Removes the SSH enforcement because it breaks situations where, for example,
an admin maintains Ansible Tower and another team needs to use Ansible
with the BIG-IP modules, but the Tower admin does not want to install
the F5-SDK on the Ansible Tower instance.
In this situation, the user needs to delegate the execution of the BIG-IP
module to another linux host that does have the dependencies installed.
Usually this is done with delegation, often over SSH. Limiting the SSH
connection here prevents this from working.
* First pass at a src parameter that can be used in place of body. Supports binary files
* Add test for uri src body
* Bump version_added to 2.6
* Close the open file handle
* Add uri action plugin that handles src/remote_src
* Document remote_src
* Remove duplicate info about remote_src
* Bump version_added to 2.7
* All instances of local connection should use _remote_is_local=True. Fixes#40551
* Switch to instance attribute for synchronize
* Add test that shows that synchronize _remote_is_local addresses tmpdir building
* Add nxos_install_os integration tests
* Update call to check timers
* Update check_ansible_timer method
* Modify network_cli integration tests
* Add timer check for nxos_install_os
* Add comments for clear_persistent_sockets
* Update connection info for tests
* More updates
* Restructure files for provider and non-provider testing
* Update env var name and add check for ISSU switchover
Steve Boyd
Ganesh Nalawade
Nilashish Chakraborty
Nathaniel Case
Toshio Kuratomi
Sam Doran
Abhijeet Kasurde
Brian Coca
Andrey Che
jpdasma
Matt Davis
Matt Martz
Tim Rupp
Martin Krizek
Matt Clay
Stefan Siegel
Michael Cassaniti
Deepak Agrawal
Yauhen Kirylau
Lindsay Hill
Hagen Kuehn
Peter Sprygada
Dag Wieers
Daniel Jakots
Jordan Borean
Adam Miller
Chris Coley
Lance Richardson
Trishna Guha
Nicolas Finné
Julien Champseix
Peter Sprygada
Jerry Chong
HD650
Andrew Gaffney
John Imison
Biao Liu
Sloane Hertel
Anil Kumar Muraleedharan
Mike Wiebe