* fix sparse file creation on Alpine linux
* re-enable tests for Alpine
* remove `conv=sparse` flag (rely only on `seek=fullsize` & `count=0`)
* doc: add a reference to busybox's dd
* doc: remove restrictions for OpenBSD, Solaris & AIX (should work as
for Alpine linux now)
* add a changelog fragment
* fix typo
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
* keycloak: fix creating a user federation w/ idempotent id
Creating a user federation while specifying an id (that doesn't exist
yet) will fail with a 404. This commits fix this behavior.
* keycloak: fix user federation mapper duplication
This commit fixes a bug where mappers are duplicated instead of
configured when creating a user federation.
When creating a user federation, some mappers are autogenerated by
keycloak. This commit lets the keycloak_user_federation module recompute
mappers final values after the user federation is created so that the
module can try to merge them by their name.
* add missing fragment for pr #4212
* passwordstore: Add configurable locking
Passwordstore cannot be accessed safely in parallel, which causes
various issues:
- When accessing the same path, multiple different secrets are
returned when the secret didn't exist (missing=create).
- When accessing the same _or different_ paths, multiple pinentry
dialogs will be spawned by gpg-agent sequentially, having to enter
the password for the same gpg key multiple times in a row.
- Due to issues in gpg dependencies, accessing gpg-agent in parallel
is not reliable, causing plays to fail (this can be fixed by adding
`auto-expand-secmem` to _~/.gnupg/gpg-agent.conf_ though).
These problems have been described in various github issues in the past,
e.g., ansible/ansible#23816 and ansible/ansible#27277.
This cannot be worked around in playbooks by users in a non-error-prone
way.
It is addressed by adding new configuration options:
- lock:
- readwrite: Lock all operations
- write: Only lock write operations (default)
- none: Disable locking
- locktimeout: Time to wait for getting a lock (s/m/h suffix)
(defaults to 15m)
These options can also be set in ansible.cfg, e.g.:
[passwordstore_lookup]
lock=readwrite
locktimeout=30s
Also, add a note about modifying gpg-agent.conf.
* Tidy up locking config
There is no reason why lock configuration should be part of self.paramvals.
Now locking and its configuration happen all in one place.
* Change timeout description wording to the suggested value.
* Rearrange plugin setup, apply PR feedback
As an input the module receives names of packages to lock.
Those never matched existing entries and therefore always reported
changes.
For compatibility yum is symlinked to dnf on newer systems,
but versionlock entries defer. Try to parse both formats.
Signed-off-by: Florian Achleitner <flo@fopen.at>
* Rework of gitlab_project_variable over gitlab_group_variable
* Linting and removed unused example
* Fix test 2
* Sync from review of gitlab_project_variable #4038
* Linting, default protected True, value optional
* Next version is 4.5.0
* Roll back protected default true, and value not required
* Apply suggestions from code review
Missing check_mode
Co-authored-by: Markus Bergholz <git@osuv.de>
* Fix one unit test, comment test that requires premium gitlab
* Add changelog
* Update plugins/modules/source_control/gitlab/gitlab_group_variable.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update changelogs/fragments/4086-rework_of_gitlab_proyect_variable_over_gitlab_group_variable.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Added conditional gitlab_premium_tests variable when required
* Allow delete without value
* Fix variable name
* Linting
* Value should not be required in doc
* Linting missing new-line
* Update changelogs/fragments/4086-rework_of_gitlab_proyect_variable_over_gitlab_group_variable.yml
Co-authored-by: Markus Bergholz <git@osuv.de>
Co-authored-by: Markus Bergholz <git@osuv.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
The passwordstore lookup plugin depends on parsing GnuPG's
error messages in English language. As a result, detection of
a specific error failes when users set a different locale.
This change corrects this by setting the `LANGUAGE` environment
variable to `C` when invoking `pass`, as this only affects
gettext translations.
See
https://www.gnu.org/software/gettext/manual/html_node/The-LANGUAGE-variable.html
Given a password stored in _path/to/secret_, requesting the password
_path/to_ will literally return `path/to`. This can lead to using
weak passwords by accident/mess up logic in code, based on the
state of the password store.
This is worked around by applying the same logic `pass` uses:
If a password was returned, check if there is a .gpg file it could
have come from. If not, treat it as missing.
Fixesansible-collections/community.general#4185
* Included efidisk0 option to be able to create VMs with persitent EFI disks
* Added forgotten argument to create_vm invocation and missing test for update
* Added changelog fragment relevant to PR
* Fixed documentation issues (missing period, and added version) from review
* Removed breaking change dependency for new option, modified changelog fragment according to review
* Fixed typo in documentation
* Added examples of `efidisk0` usage
* Added examples of `efidisk0` usage
* Fixed lines containing blank spaces
* Rebased on 4.4.0, added efi option, added sanity checks on efi option
* Adjusted version_added to 4.5.0
* Corrected typo in create_vm invocation, adjusted merging of efi and efidisk0 options
* Updated efidosk0 option to dict, added flattening to str, added constraint on bios option if efidisk0 is set
* Replaced loop by list comprehension for efidisk0 flattening
* Removed unused code left over from refactor from efi/efidis0 options
* Updated keycloak.py to allow defining connection timeout value (#4168) (#2)
* Added parameter to doc_fragments and edited the changelog message (#4168)
* Added parameter to doc_fragments and edited the changelog message (#4168)
* opentelemetry: enrich services for jenkins, hetzner, jira, zypper, chocolatey
* remove source and name for the time being
Those arguments can be later on in the future added, maybe with some opt-in feature, so let's only focus in the ones which are fully http based for now
* changelog fragment
* Update changelogs/fragments/4105-opentelemetry_plugin-enrich_jira_hetzner_jenkins_services.yaml
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
* dconf: Skip processes that disappeared while we inspected them
Fixes#4151
* Update changelogs/fragments/4151-dconf-catch-psutil-nosuchprocess.yaml
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
* pacman: rewrite with a cache to speed up execution
- Use a cache (or inventory) to speed up lookups of:
- installed packages and groups
- available packages and groups
- upgradable packages
- Call pacman with the list of pkgs instead of one call per package (for
installations, upgrades and removals)
- Use pacman [--sync|--upgrade] --print-format [...] to gather list of
changes. Parsing that instead of the regular output of pacman, which
is error prone and can be changed by user configuration.
This can introduce a TOCTOU problem but unless something else calls
pacman between the invocations, it shouldn't be a concern.
- Given the above, "check mode" code is within the function that would
carry out the actual operation. This should make it harder for the
check code and the "real code" to diverge.
- Support for specifying alternate package name formats is a bit more
robust. pacman is used to extract the name of the package when the
specified package is a file or a URL.
The "<repo>/<pkgname>" format is also supported.
For "state: latest" with a list of ~35 pkgs, this module is about 5
times faster than the original.
* Let fail() actually work
* all unhappy paths now end up calling fail()
* Update copyright
* Argument changes
update_cache_extra_args handled as a list like the others
moved the module setup to its own function for easier testing
update and upgrade have no defaults (None) to let required_one_of() do
its job properly
* update_cache exit path
Shift successful exit without name or upgrade under "update_cache".
It is an error if name or upgrade isn't specified and update_cache wasn't specified
either. (Caught by ansiblemodule required_one_of but still)
* Add pkgs to output on success only
Also align both format, only pkg name for now
* Multiple fixes
Move VersionTuple to top level for import from tests
Add removed pkgs to the exit json when removing packages
fixup list of upgraded pkgs reported on upgrades (was tuple of list for
no reason)
use list idiom for upgrades, like the rest
drop unused expand_package_groups function
skip empty lines when building inventory
* pacman: add tests
* python 2.x compat + pep8
* python 2.x some more
* Fix failure when pacman emits warnings
Add tests covering that failure case
* typo
* Whitespace
black failed me...
* Adjust documentation to fit implicit defaults
* fix test failures on older pythons
* remove file not intended for commit
* Test exception str with e.match
* Build inventory after cache update + adjust tests
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/packaging/os/pacman.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* changelog
* bump copyright year and add my name to authors
* Update changelogs/fragments/3907-pacman-speedup.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* maintainer entry
Co-authored-by: Felix Fontein <felix@fontein.de>
* value is not required when state is absent
* fix integration test. missing value
* fix condition
* add changelog fragment
* fail fast
* try required_if on suboptions
* revert
* Update plugins/modules/source_control/gitlab/gitlab_project_variable.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* fix naming in doc
* typo in name
Co-authored-by: Felix Fontein <felix@fontein.de>
* homebrew_cask: reinstall when force is install option
* add changelog entry
* Fix OSX CI runs - run as non-root
* test with cask that has no macos dependencies
* use `brooklyn` cask to test
* Fully use Ansible's option handling. Deprecate not specifying sender.
* Update plugins/callback/mail.py
Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru>
Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru>
* Added new feature for ansible_user and ansible_port
* Replaced 'try' and 'except' with 'if' condition
* Replace '!=' with 'is not'
* Fixed if condition
* Implement the constructed interface
* Correction at the suggestion of felixfontein
* Added new options in unit test for icinga2 inventory
* Added blank lines in unit test for icinga2 inventory
* Added default filter in example
Co-authored-by: Felix Fontein <felix@fontein.de>
* Fixed variable name in example
Co-authored-by: Felix Fontein <felix@fontein.de>
* Added a changelog fragment
* Fixed changelog fragment
Co-authored-by: Felix Fontein <felix@fontein.de>
* Updated documentation options
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
* add profile parameter for scaleway inventory
* Update doc from review and add changelog
* Update changelogs from review
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
* Fix local port regex
Thsi PR fix the bug reported in #4091
* Update changelogs/fragments/4092-fix_local_ports_regex_listen_ports_facts.yaml
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
When using project it will use project level runner to create runner that based on python-gitlab it will be used for enabling runner and needs a runner_id so for creating a new runner it should use gitlab level runner
Signed-off-by: Seena Fallah <seenafallah@gmail.com>
* [inventory/cobbler] Add exclude/include_profile option
Also some minor cleanup
* Review suggestions
* Still must init cache_key
* Add note to exclude_profiles about include_profiles
* Add changelog fragment
* linode: Allow templating token for dynamic inventory
Template the value for the access_token if it's a Jinja template.
Allows for looking up tokens from files or pulling from secrets stores like Vault.
* add Linode changelog fragment
* Fix lookup example for newer versions of Ansible
Co-authored-by: Felix Fontein <felix@fontein.de>
* Rename test case for clarity
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
* bugfix: don't overwrite results in 'mismatched'
Whichever mismatched package is evaluated last is the value stored in the
'mismatched' key. Instead, it should have a subdict for each pkg that is mismatched
to keep in line with its documented usage.
* Update changelogs/fragments/4078-python_requirements_info.yaml
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
* Fix 'changed' status for yarn global by actually expanding ~
* Ignore use-argspec-type-path test
* Add changelog fragment
* Update changelogs/fragments/4048-expand-tilde-in-yarn-global-install-folder.yaml
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
* Properly parse JSON Lines output from yarn
* Properly support output of yarn global list
* Add changelog fragment
* Check that the string starts with 'bins-'
* Fix changelog fragment
* Update changelogs/fragments/4050-properly-parse-json-lines-output-from-yarn.yaml
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
* Adding while loop to wait
* Adding changelog fragment
* Adding parameter and more docs
* Adjusting docs
Co-authored-by: Travis Scotto <tscotto@webstaurantstore.com>
* one_vm: add release action
Previously you could create VMs with the `vm_start_on_hold` parameter
but then ansible couldn't release the VMs so they would be scheduled to
run. This PR adds the ability to release VMs which are in the 'HOLD'
state.
* Add changelog fragment
* Update changelogs/fragments/4036-onevm-add-release-action.yaml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/cloud/opennebula/one_vm.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Make releasing a VM part of the running state
When `state: running` is specified the code checks if the VM is in a
'HOLD' state and will release the VM when needed.
Co-authored-by: Gerben Welter <gerben.welter@hcs-company.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
* Add functionality proposed in https://github.com/ansible-collections/community.general/issues/666
* Fix pylint errors mentioned in CI pipeline
* Fix pylint errors mentioned in CI pipeline (continued)
* Update plugins/modules/packaging/os/snap.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
* Added tests
Fixed error occurring when called without options
Added changelog snippet
* Remove changelog entry as suggested in review
Co-authored-by: Felix Fontein <felix@fontein.de>
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
* rewrite `if len(overall_options_changed) > 0` in a more Pythonic way
un-indent `if len(overall_options_changed) > 0` to only be executed after the options of all snaps have been checked
* better placement of local variable `overall_options_changed`
* Re-arrange code to reduce indentation level (suggested by reviewer)
* Re-arrange code to reduce indentation level (suggested by reviewer, continued)
* Re-arrange code to reduce indentation level (suggested by reviewer, continued)
Raise exception if option map returned by `snap set` contains list container (suggested by reviewer)
Handle Python2 type `long` correctly (suggested by reviewer)
Co-authored-by: Felix Fontein <felix@fontein.de>
* Fix detection of installed cargo packages with hyphens in name
* Add changelog fragment
* Fix outdated package detection
* Add changelog fragment for af4fae72
* One more thing
* Add idempotency tests
* dont check for urls when args is None
* add changelog fragment
* fix lint on changelog fragment
Co-authored-by: Nick Gregory <nick.gregory@openenterprise.co.uk>
* puppet: Add documentation and remove deprecation for show_diff
* Add changelog fragment
* Update changelogs/fragments/3980-puppet-show_diff.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/system/puppet.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/system/puppet.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Fixing syntax error introduced in 29298da3
* More documentation for show_diff and fix some sanity errors
* Update changelogs/fragments/3980-puppet-show_diff.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update tests/sanity/ignore-2.10.txt
Co-authored-by: Felix Fontein <felix@fontein.de>
* Add validate-modules:parameter-invalid to ignores due to invalid and depricated alias
* Keep use-argspec-type-path in ignores
* Update plugins/modules/system/puppet.py
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Benoit Vaudel <benoit@catalyst.net.nz>
Co-authored-by: Felix Fontein <felix@fontein.de>