Adding sleep 0 as workaround when copying files with kubectl exec
SUMMARY
For all the commands executed remotely, ** && sleep 0** will be
appended as a workaround for all the commands to terminate properly:
16def8050a/lib/ansible/plugins/action/__init__.py (L1243)
Workaround will be applied in case of kubectl exec too:
kubernetes.core/plugins/connection/kubectl.py
Line 300
in
b19ff9d
super(Connection, self).exec_command(cmd, in_data=in_data, sudoable=sudoable)
That is not the case in the case of the file copy executed by using kubectl exec, therefore it is possible for the kubectl exec to
terminate before dd finishes properly causing the file to be truncated.
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
changelogs/fragments/321-kubectl_sleep.yml
plugins/connection/kubectl.py
k8s_exec: Select first container from the pod
SUMMARY
kubectl command select first container from the pod in order
to execute commands on. We replicate the same behavior in k8s_exec
module.
Fixes: #358
Signed-off-by: Abhijeet Kasurde akasurde@redhat.com
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
changelogs/fragments/358-k8s_exec.yml
plugins/modules/k8s_exec.py
Reviewed-by: Mike Graves <mgraves@redhat.com>
Reviewed-by: None <None>
Use resource prefix when apiVersion is v1
SUMMARY
When getting a resource from the core api group, the prefix was not
passed, leading the lookup to happen in all api groups. This broad
search is not really necessary and leads to problems in some corner
cases, for example, when an api is deleted after the api group list is
cached.
This fix uses the 'api' prefix when the apiVersion is 'v1', as this is
almost certainly what the user wants. As a fallback, to retain backwards
compatibility, the old behavior is used if the first lookup failed to
find a resource. Given that the module defaults to 'v1' for the
apiVersion, there are likely many cases where a resource, such as
StatefulSet, is used while failing to provide an apiVersion. While
technically incorrect, this has worked in most cases, so we probably
shouldn't break this behavior.
Fixes#351
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
changelogs/fragments/364-use-resource-prefix.yaml
plugins/module_utils/common.py
helm_repository: Added support for common options
SUMMARY
Added support for host, api_key, ca_cert,
and validate_certs in helm_repository module.
Signed-off-by: Abhijeet Kasurde akasurde@redhat.com
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
changelogs/fragments/helm_repository.yml
plugins/modules/helm_repository.py
helm_template: change order of values_release and values_files
SUMMARY
This fix aligns precedence of release_values and values_files in kubernetes.core.helm_template with the one in kubernetes.core.helm.
The values in release_values are now processed last, thus with the highest precedence.
This allows overwriting of values in values_files with the values presented in release_values.
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
changelogs/fragments/348-helm_template-fix-precedence-of-release-values-over-values-files.yaml
plugins/modules/helm_template.py
tests/unit/modules/test_helm_template.py
Prepare for distutils.version being removed in Python 3.12
SUMMARY
distutils has been deprecafed and will be removed from
Python's stdlib in Python 3.12 (see python.org/dev/peps/pep-0632).
This PR replaces the use of distutils.version.LooseVersion and distutils.version.StrictVersion
with LooseVersion from the vendored copy of distutils.version
included with ansible-core 2.12 (ansible/ansible#74644) if available,
and falls back to distutils.version for ansible-core 2.11 and before.
Since ansible-core 2.11 and earlier do not support Python 3.12 (since
they use LooseVersion itself in various places), this incomplete fix
should be OK for now. Also, the way this PR works (by adding a new
module_utils version that abstracts away where LooseVersion comes from),
it is easy to also fix this for ansible-core 2.11 and earlier later on.
Signed-off-by: Abhijeet Kasurde akasurde@redhat.com
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
changelogs/fragments/disutils.version.yml
molecule/default/roles/helm/library/helm_test_version.py
plugins/module_utils/common.py
plugins/module_utils/version.py
plugins/modules/helm.py
Reviewed-by: Felix Fontein <felix@fontein.de>
Reviewed-by: Mike Graves <mgraves@redhat.com>
Reviewed-by: None <None>
Documentation update for kubernetes.core.helm
Clarify usage of the module for doing helm repo update only.
I used collection_prep_add_docs as explained in CONTRIBUTING.md, not sure if
that's correct ?
Fixes#316
@Akasurde
Reviewed-by: Abhijeet Kasurde <None>
Reviewed-by: Mike Graves <mgraves@redhat.com>
Reviewed-by: None <None>
Add delete_emptydir_data to drain delete_options
SUMMARY
Adds delete_emptydir_data option to k8s_drain.delete_options to evict pods with an emptyDir volume attached.
ISSUE TYPE
Feature Pull Request
COMPONENT NAME
k8s_drain
ADDITIONAL INFORMATION
Be gentle, this is my first pull request 😨
Basically adds the kubectl drain <node> --delete-emptydir-data feature, including tests.
Reviewed-by: Abhijeet Kasurde <None>
Reviewed-by: Jorn Eilander <None>
Reviewed-by: None <None>
Reviewed-by: None <None>
add support for community.okd.openshift_adm_groups_sync
SUMMARY
new module community.okd.openshift_adm_group_sync requires action group
ISSUE TYPE
Feature Pull Request
COMPONENT NAME
ADDITIONAL INFORMATION
Reviewed-by: Abhijeet Kasurde <None>
Reviewed-by: Mike Graves <mgraves@redhat.com>
Reviewed-by: None <None>
k8s - add support for Server Side apply
SUMMARY
Server side apply is now support for k8s module with this Pull request.
The feature is not yet released on kubernetes-client, once this is done, we can merge this pull request.
closes#87
ISSUE TYPE
Feature Pull Request
COMPONENT NAME
k8s
ADDITIONAL INFORMATION
Reviewed-by: Mike Graves <mgraves@redhat.com>
Reviewed-by: None <None>
Reviewed-by: None <None>
Fix for common non-ASCII characters in CRDs
This should keep the module safe from digesting non-ASCII chars like here (https://github.com/projectcalico/api/pull/46/files)
SUMMARY
Add support for non-ASCII chars in manifests.
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
core.k8s module failing if resources contain non ascii chars
Reviewed-by: Abhijeet Kasurde <None>
Reviewed-by: Mike Graves <mgraves@redhat.com>
Reviewed-by: Alessandro Rossi <None>
Reviewed-by: None <None>
Return diff in helm check mode
When the helm module is executed in check mode with the helm diff plugin
installed, it now returns the diff.
SUMMARY
When the helm module is executed in check mode with the helm diff plugin
installed, it now returns the diff.
COMPONENT NAME
helm
ADDITIONAL INFORMATION
Reviewed-by: Abhijeet Kasurde <None>
Reviewed-by: Fabrice <None>
Reviewed-by: Mike Graves <mgraves@redhat.com>
Reviewed-by: None <None>
Fix k8s_drain failing when pod has local storage
SUMMARY
The module fails to define the pod_names variable before using it for
pods with local storage.
Fixes#292
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
k8s_drain
ADDITIONAL INFORMATION
Reviewed-by: Abhijeet Kasurde <None>
Reviewed-by: None <None>
Reviewed-by: None <None>
helm: add pass-credentials key
SUMMARY
In helm version v3.6.1 when downloading charts from password protected repositories that served from a different domain than the repository, need to use --pass-credentials key.
Add possibility to use the pass-credentials key in helm_repository.py
ISSUE TYPE
Feature Pull Request
COMPONENT NAME
helm_repository
Reviewed-by: None <None>
Reviewed-by: Abhijeet Kasurde <None>
Reviewed-by: Mike Graves <mgraves@redhat.com>
Reviewed-by: None <None>
add support for user impersonation for k8s modules
SUMMARY
k8s module should not allow user to perform operation using impersonation as describe here
https://kubernetes.io/docs/reference/access-authn-authz/authentication/#user-impersonation
This pull request closes#40
ISSUE TYPE
Feature Pull Request
COMPONENT NAME
ADDITIONAL INFORMATION
Reviewed-by: Mike Graves <mgraves@redhat.com>
Reviewed-by: Abhijeet Kasurde <None>
Reviewed-by: None <None>
add no_proxy support to k8s*
SUMMARY
close#271
ISSUE TYPE
Feature Pull Request
COMPONENT NAME
plugins/module_utils/args_common.py
plugins/modules/k8s*
ADDITIONAL INFORMATION
It requires latest kubernetes library(>=19.15.0) to use this feature.
pip install kubernetes>=19.15.0
then, use following snippet yaml:
- k8s:
state: present
src: "deployment.yaml"
proxy: "http://proxy.yourdomain.com:8080/"
no_proxy: "localhost,.yourdomain.com,127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192,168.0.0/16"
or use environment variable K8S_AUTH_NO_PROXY as well as K8S_AUTH_PROXY.
Reviewed-by: None <None>
Reviewed-by: None <None>
Reviewed-by: Mike Graves <mgraves@redhat.com>
Reviewed-by: None <None>
Don't wait on *List resources for info module
SUMMARY
We can't use the same wait logic on *List resources because they lack
the same metadata that other resources have. We should ensure that we
are waiting on the items in the list, but not the list itself. Waiting
on the list itself results in unexpected behavior.
This fixes the waiting logic when waiting on a list to wait until the
list being queried contains one or more items, or the wait timeout has
been reached. Each item in the list can then be waited on with the usual
wait logic.
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
ADDITIONAL INFORMATION
Reviewed-by: None <None>
Reviewed-by: Alina Buzachis <None>
Reviewed-by: None <None>
Add support for dry run
SUMMARY
Kubernetes server-side dry run will be used when the kubernetes client
version is >=18.20.0. For older versions of the client, the existing
client side speculative change implementation will be used.
The effect of this change should be mostly transparent to the end user
and is reflected in the fact the tests have not changed but should still
pass. With this change, there are a few edge cases that will be
improved. One example of these edge cases is to use check mode on an
existing Service resource. With dry run this will correctly report no
changes, while the older client side implementation will erroneously
report changes to the port spec.
ISSUE TYPE
Feature Pull Request
COMPONENT NAME
ADDITIONAL INFORMATION
Reviewed-by: Gonéri Le Bouder <goneri@lebouder.net>
Reviewed-by: Mike Graves <mgraves@redhat.com>
Reviewed-by: Alina Buzachis <None>
Reviewed-by: None <None>
Reviewed-by: None <None>
common/_wait_for: ensure label_selectors is optional
Depends-On: ansible/ansible-zuul-jobs#1125
The label_selectors is a new parameter for _wait_for that was
introduced in #158.
The value is new and it can be set to None to make it optional. It should
not be mandatory a non optional parameter.
Reviewed-by: None <None>
Reviewed-by: Alina Buzachis <None>
Reviewed-by: None <None>
fix k8s_cp uploading when deployed container's WORKDIR is other than '/'
SUMMARY
fix#222
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
k8s_cp
ADDITIONAL INFORMATION
Reviewed-by: Mike Graves <mgraves@redhat.com>
Reviewed-by: None <None>
Reviewed-by: None <None>
kustomize lookup plugin
SUMMARY
new lookup plugin to support kustomize feature for kubernetes
ISSUE TYPE
Feature Pull Request
COMPONENT NAME
ADDITIONAL INFORMATION
Reviewed-by: Abhijeet Kasurde <None>
Reviewed-by: None <None>
Reviewed-by: Mike Graves <mgraves@redhat.com>
Reviewed-by: None <None>
Fix resource cache not being used
SUMMARY
This was some bad copy/paste from the openshift client. The resource
cache was never being used resulting in unnecessary HTTP requests.
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
ADDITIONAL INFORMATION
Reviewed-by: None <None>
Reviewed-by: Gonéri Le Bouder <goneri@lebouder.net>
Reviewed-by: None <None>
add support for in-memory kubeconfig
SUMMARY
k8s module support now authentication with kubeconfig parameter as file and dict.
Closes#139
ISSUE TYPE
Feature Pull Request
COMPONENT NAME
ADDITIONAL INFORMATION
Reviewed-by: Mike Graves <mgraves@redhat.com>
Reviewed-by: None <None>
Re-enable support for turbo mode
SUMMARY
This re-enables the ability to add turbo mode. It also adds a few more
tests to cover some cases that had been broken in turbo mode previously.
Testing with turbo mode is not currently enabled, and would fail until ansible-collections/cloud.common#69 can be merged and a new cloud.common release is done. This also does not add cloud.common to the collection dependencies until a decision has been made about how enabling/disabling turbo mode will work when cloud.common is already installed.
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
ADDITIONAL INFORMATION
Reviewed-by: Abhijeet Kasurde <None>
Reviewed-by: Mike Graves <mgraves@redhat.com>
Reviewed-by: Gonéri Le Bouder <goneri@lebouder.net>
Reviewed-by: None <None>
Fix network_sanity_ee_tests
SUMMARY
Network sanity ee tests are broken
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
ADDITIONAL INFORMATION
Reviewed-by: Abhijeet Kasurde <None>
Reviewed-by: None <None>
k8s_drain new module
SUMMARY
new module to drain, cordon or uncordon node from k8s cluster.
#141
ISSUE TYPE
New Module Pull Request
COMPONENT NAME
k8s_drain
Reviewed-by: Abhijeet Kasurde <None>
Reviewed-by: None <None>
Reviewed-by: Mike Graves <mgraves@redhat.com>
Reviewed-by: None <None>
[connection plugin] add missing information from censored command
SUMMARY
when running playbook with vvv option, the censored command display is not reflecting the execution
ISSUE TYPE
Bugfix Pull Request
Reviewed-by: Mike Graves <mgraves@redhat.com>
Reviewed-by: None <None>
Add support for waiting on a StatefulSet.
SUMMARY
This PR implements support for waiting on StatefulSet for readiness similar to how the other waiters currently work.
ISSUE TYPE
Feature Pull Request
ADDITIONAL INFORMATION
This was designed to (mostly) mimic the behaviour of the StatefulSetStatusViewer used by kubectl rollout status -w.
Reviewed-by: Abhijeet Kasurde <None>
Reviewed-by: Joshua K <None>
Reviewed-by: None <None>
Reviewed-by: Mike Graves <mgraves@redhat.com>
Reviewed-by: None <None>
k8s - add label_selectors options
SUMMARY
k8s now support label_selectors options same as k8s_info
Resolves#43
ISSUE TYPE
Feature Pull Request
COMPONENT NAME
k8s
Reviewed-by: Mike Graves <mgraves@redhat.com>
Reviewed-by: None <None>
* support diff mode for k8s module
* Update and rename 145-k8s-add-support-diff-mode.yml to 146-k8s-add-support-diff-mode.yml
* Update 146-k8s-add-support-diff-mode.yml
* Update changelogs/fragments/146-k8s-add-support-diff-mode.yml
Co-authored-by: Mike Graves <mgraves@redhat.com>
* update k8s_scale and k8s_json_patch
* diff for k8s_scale and k8s_json_patch
Co-authored-by: Mike Graves <mgraves@redhat.com>
* helm: add support for history-max parameter
The --history-max parameter allows the user to set a maximum amount of
revisions per release to be kept in the history.
By default helm keeps 10 revisions per release, which means that 10
secrets will be kept per release.
* helm: remove default for history_max
When the history_max option is not set, the module will not pass
'--history-max' to the CLI command. This ensures that the defaults of
the helm CLI will alwasy be used.
* helm: remove whitespace trail
* helm: add mutually exclusive logic
The 'history_max' parameter is not available when using the 'helm
install' command, it is only implemented for 'helm ugprade'.
The 'replace' option uses the 'install' parameter, thus 'replace' and
'history_max' have to be mutually exclusive.
* helm: formatting changes
* Support template param in other collections
The action plugin for k8s does a collection name check for the template
param, but it's missing redhat.openshift and community.kubernetes.
* Add changelog fragment
* Fix test
