Simplify regex for identifying order number in DN (#7646) (#7697)
Assume that if a string of digits occurs between curly braces anywhere
in the first component of the DN, that this is an order number. The
sequence does not necessarily have to occur after an equals sign.
(cherry picked from commit a5cd4ebea2)
Co-authored-by: Aaron Sowry <aeneby@users.noreply.github.com>
Fixes#7389 - NMCLI issue with creating a wifi bridge-slave (#7695)
* working mod
* added changelog fragment
* added link on fragment
* Update changelogs/fragments/7389-nmcli-issue-with-creating-a-wifi-bridge-slave.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* last fix
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 997e6345b5)
Co-authored-by: Gianmarco Mameli <57061995+gianmarco-mameli@users.noreply.github.com>
Consul action group (#7897)
Added action group for new style consul modules.
(cherry picked from commit afd1988810)
Co-authored-by: Florian Apolloner <florian@apolloner.eu>
Detection of already installed homebrew cask (#7870)
* fix: detect already installed cask
Use json output v2 to check if formulae and casks are installed
chore: add changelog fragment
* test: add homebrew cask specific tests
* refactor: change cask used in tests
* chore: apply suggestions to changelog fragment
(cherry picked from commit be3bfd6fa5)
Co-authored-by: João Victor Silva <160127815@aluno.unb.br>
Add new consul modules and reuse code between them. (#7878)
Refactored consul modules and added new roles.
(cherry picked from commit 29f9865497)
Co-authored-by: Florian Apolloner <florian@apolloner.eu>
fix proxmox update when setting does not already exist (#7872)
* fix proxmox update when setting does not already exist
* add changelog fragment
---------
Co-authored-by: Eric Trombly <etrombly@iomaxis.com>
(cherry picked from commit 2d3f99ec3a)
Co-authored-by: Eric Trombly <etrombly@yahoo.com>
Refactor of consul modules (#7826)
* Extract common functionality.
* Refactor duplicated code into module_utils.
* Fixed ansible-test issues.
* Address review comments.
* Revert changes to consul_acl.
It uses deprecated APIs disabled since Consul 1.11 (which is EOL), don't
bother updating the module anymore.
* Remove unused code.
* Merge token into default doc fragment.
* JSON all the way down.
* extract validation tests into custom file and prep for requests removal.
* Removed dependency on requests.
* Initial test for consul_kv.
* fixup license headers.
* Revert changes to consul.py since it utilizes python-consul.
* Disable the lookup test for now.
* Fix python 2.7 support.
* Address review comments.
* Address review comments.
* Addec changelog fragment.
* Mark ConsulModule as private.
(cherry picked from commit 44679e71a2)
Co-authored-by: Florian Apolloner <florian@apolloner.eu>
ipa_otptoken: fix wrong return value string to bool (#7795)
ipa_data is return ipatokendisable in boolean format and the module expects it as a string
this behavior causes a lack of idempotency and the get_diff module will fail in the second run.
(cherry picked from commit 31de16cee3)
Co-authored-by: Parsa Yousefi <p.yousefi97@gmail.com>
mail module/callback: allow to configure the Message-ID header's domain name (#7765)
Allow to configure the Message-ID header's domain name.
(cherry picked from commit acddb190ba)
Co-authored-by: Felix Fontein <felix@fontein.de>
Bugfix: keycloak_identity_provider does not handle mapper changes properly (#7418)
* fix keycloak_identity_provider ITs to actually pass
- wrong identityProviderAlias in mapper configuration
* kc_identity_provider: add mapper reconfiguration regression tests
* test for removing an existing mapper
* test for adding a new mapper when others already exist
* test for module idempotency when mappers not ordered by name in ascending order
* kc_identity_provider: add bugfixes for mapper reconfigurations
* removing an existing mapper
* adding a new mapper when others already exist
* module idempotency when mappers not ordered by name in ascending order
* add changelog fragment
* prevent unnecessary update_mapper calls when there is no change
* Update changelogs/fragments/7418-kc_identity_provider-mapper-reconfiguration-fixes.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update changelogs/fragments/7418-kc_identity_provider-mapper-reconfiguration-fixes.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update changelogs/fragments/7418-kc_identity_provider-mapper-reconfiguration-fixes.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_identity_provider.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* kc_identity_provider: sort changeset mappers via name OR id to prevent potential failures in case name was not specified in playbook
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit fd0d05d6f2)
Co-authored-by: Jakub Danek <danekja@users.noreply.github.com>
ipa_dnsmodule: Add support for ns record management (#7737)
* Add NS record type management to ipa_dnsrecord
* Add jwbernin to BOTMETA for ipa_ modules
* Add changelog fragment
* Rename changelog fragment with pull request number
* Commit changes suggested by felixfontein
(cherry picked from commit f79940c415)
Co-authored-by: John Berninger <john.berninger@gmail.com>
improvements to the keycloak_realm_key module (#7698)
* add support for rsa enc key usage, more algorithms, and make certficate optional
* fix formatting
* adding changelog fragment
* made suggested code changes based on review
* fix typo and be more clear
* revert certificate to previous defined settings
(cherry picked from commit 702dd9bbda)
Co-authored-by: George Bolo <george.bolo@gmail.com>
Fixed payload format (#7754)
* Fixed payload format
* added changelog fragment
* Update changelogs/fragments/7754-fixed-payload-format.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Ed Ferguson <eferguson@nrtc.coop>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 4a1006ac34)
Co-authored-by: Ed Ferguson <5855090+eeferg@users.noreply.github.com>
keycloak_user: avoid error when trying to delete a non-existing user (#7696)
* avoid error when trying to delete a non-existing user
when force is set, but the user doesn't exist yet, this fails.
* 7696-avoid-attempt-to-delete-non-existing-user
add changelog entry
* rename changelog file
* Update changelogs/fragments/7696-avoid-attempt-to-delete-non-existing-user.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 1389bba459)
Co-authored-by: Michiel Dethmers <michiel@phplist.com>
Change tab to space in SSHFP requests (#7653)
* Change tab to space in SSHFP requests
Cloudflare uses space and not tab when you search for SSHFP records
Cloudflare changes fingerprint to uppercase
Create 7653-fix-cloudflare-lookup.yml
* Update changelog fragment.
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 3d0da92784)
Co-authored-by: Kalle Møller <git@k-moeller.dk>
[proxmox_vm_info] Add ability to retrieve config (#7485)
* feat: add ability to retrieve config
Light refactor of get_vms_from_nodes function.
Added ability to retrieve configuration for existing machines (current or pending).
* Add changelog fragment
* Add changelog fragment (newline missed)
* Update changelogs/fragments/7485-proxmox_vm_info-config.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
* Replaced two bool options with one three-state option
* Module args for the three-state option
* Remove trailing newline
* Make use of dict instead of list. Fix uncalled 'get config for lxc'.
* Sanity tests
* A couple of unit tests fixed
* Unit tests fixed
* Unit tests for p2.7 fixed. Test for config parameter added.
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 68051774d8)
Co-authored-by: castorsky <csky57@gmail.com>
lvol: Change ``pvs`` argument type to list (of str) (#7676)
* lvol: Change ``pvs`` argument type to list (of str)
* Add changelog fragment
* Apply review suggestions
(cherry picked from commit a599afa384)
Co-authored-by: Laszlo Szomor <laszomor@gmail.com>
lvol: check return message in both stderr and stdout (#7601)
* lvol: check return message in both stderr and stdout
* add changelog frag
(cherry picked from commit 32558558c0)
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
git_config: support multiple values for same name (#7260)
* Refactor the existing git_config.py
* Support multiple values for same name
(cherry picked from commit 07bac1777f)
Co-authored-by: Günther Grill <guenhter@users.noreply.github.com>
Lxd instance not found fix false positives (#7521)
* lxd: Add lxc command execution debug statement.
* lxd: avoid false positives in "instance not found" detection
Due to changes over time in the error message which lxd printed when an
instance wasn't found, the detection logic in the lxd connection plugin
matched any "not found" string. Unfortunately this also false triggered
on other errors e.g. "/usr/bin/python3: not found" from the payload,
giving a confusing error message "UNREACHABLE! ... instance not found"
to the ansible user.
* Update changelog fragment.
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit b4a2e9da50)
Co-authored-by: Tim Small <tim@seoss.co.uk>
apt_rpm: add check if package version is upgradable (ansible-collections#7414) (#7577)
* apt_rpm: add check if package version is upgradable (ansible-collections#7414)
* add changelog fragment
* apt_rpm: apply the recommended changes and fix the sanity checks
---------
Co-authored-by: Nikolay Burykin <bne@altlinux.org>
(cherry picked from commit ecea4a2f38)
Co-authored-by: burykinne <67783534+burykinne@users.noreply.github.com>
onepassword lookup - Make section and field case insensitive (#7564)
* onepassword lookup: Make section and field case insensitive
This was a regression in behavior when adding support for op v2.
* Return a string by default to avoid an exception if a field is missing
* Use a helper function to lower a value if possible
* Update changelog
(cherry picked from commit 241cc02fa8)
Co-authored-by: Sam Doran <sdoran@redhat.com>
redhat_subscription: use D-Bus registration on RHEL 7 only on 7.4+ (#7624)
subscription-manager does not provide a D-Bus interface in versions of
RHEL 7 older than 7.4.
(cherry picked from commit af01b462d5)
Co-authored-by: Pino Toscano <ptoscano@redhat.com>
infiniband can be a slave too (#7569)
* infiniband can be a slave too
* adding changelog fragment
(cherry picked from commit 42e55e4f86)
Co-authored-by: mark-tomich <tomichms@nih.gov>
interfaces_file: filter by address_familiy when updating method (#7612)
* When updating method, check address_family if provided.
* Also test modifying 'method' without address_family filter.
(cherry picked from commit 5adb7ab948)
Co-authored-by: Felix Fontein <felix@fontein.de>
Add option to proxmox dynamic inventory to exclude nodes (#7461)
* Create option to exclude proxmox nodes
* improve node exclusion by only remove the top level group
* add fragment
* Update changelogs/fragments/7437-proxmox-inventory-add-exclude-nodes.yaml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/inventory/proxmox.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Rework node exclusion
* Update fragement PR number
* include release version in option
Co-authored-by: Felix Fontein <felix@fontein.de>
* Clarify description
* Update unit test
* Fix typos in unit test
* Fix additonal typos in test
* Fix CI
* Fixing yet another whitespace pep error
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit d05932fb2c)
Co-authored-by: IamLunchbox <56757745+IamLunchbox@users.noreply.github.com>
irc module: add validate_certs, rename use_ssl to use_tls (keeping use_ssl as an alias) (#7550)
* Rename use_ssl to use_tls, keep use_ssl as an alias.
* Add validate_certs option.
* Add changelog fragment and recommend setting TLS related settings to true.
* Fix formatting.
* Update documentation to use use_tls=true and validate_certs=true.
(cherry picked from commit f87777b9f5)
Co-authored-by: Felix Fontein <felix@fontein.de>
Set resources payload as a list (#7563)
* Set resources payload as a list
* Update changelogs/fragments/7151-fix-keycloak_authz_permission-incorrect-resource-payload.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 09b9ea466f)
Co-authored-by: fostermi <mfosterm@gmail.com>
Add support for loopback type in nmcli module (#7515)
* add support for loopback devices
* add support for loopback devices
* fix yamllint issue in changelog fragment
* Fix yamlint warning and add note about new connectin type in docs
* change order of lines in documentation so they are sorted
(cherry picked from commit 5147c49498)
Co-authored-by: Alex Groshev <38885591+haddystuff@users.noreply.github.com>
ssl.wrap_socket() was removed in Python 3.12 (#7542)
* ssl.wrap_socket() was removed in Python 3.12.
* Make code for irc module backwards-compatible.
(cherry picked from commit 21cd65fccf)
Co-authored-by: Felix Fontein <felix@fontein.de>
Support 1Password Connect (#5588) (#7116)
* Support 1Password Connect (#5588)
- Support 1Password Connect with the opv2 client
* Follow pep8, be less explicit
* Update changelog to include PR
* 1Password Connect host and token are now also parameters
* Get argument values from the environment or lookup arguments
* Move imports
* Force using Connect token and host at the same time
* Update unit tests
* Update documentation
* Additional tests
(cherry picked from commit f8652571f7)
Co-authored-by: Xeryus Stokkel <XeryusTC@users.noreply.github.com>
Close elastic APM client to release connections (#7517)
* Close elastic APM client to release connections
* Changelog fragment
(cherry picked from commit 8d886b42ec)
Co-authored-by: Iuri de Silvio <iurisilvio@gmail.com>
Netcup DNS: Add support for additional record types (#7489)
* Netcup DNS: Add support for additional record types
* Netcup DNS: Add changelog fragment
* Netcup DNS: Include information on minimum required versions in module documentation
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit f8d8f691bc)
Co-authored-by: buzz-tee <11776936+buzz-tee@users.noreply.github.com>
infiniband and bond interfaces can receive MTU settings too (#7499)
* infiniband and bond interfaces can receive MTU settings too
* adding test for default mtu setting
* the mtu parameter for infiniband is different than for ethernet
* adding changelog fragment
* Update changelogs/fragments/7499-allow-mtu-setting-on-bond-and-infiniband-interfaces.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit d0870a022e)
Co-authored-by: mark-tomich <tomichms@nih.gov>
feat(gitlab_runner module): Add support for the new runner creation workflow (#7199)
feat(gitlab_runner module): Handle new runner creation workflow
(cherry picked from commit 6b00b76f32)
Co-authored-by: Léo GATELLIER <26511053+lgatellier@users.noreply.github.com>
Improve performance of the bitwarden lookup plugin (#7468)
* Improve performance of the bitwarden lookup plugin
When looking for items using an item id, we can access the item directly with
bw get item instead of searching through all items. This doubles the lookup
speed.
* Update changelogs/fragments/bitwarden-lookup-performance.yaml
Co-authored-by: Felix Fontein <felix@fontein.de>
* fix indentation
* Ensure backwards compatible behavior in case of errors when doing bitwarden lookup by id
* chore: Link to correct PR in changelog fragment
* Use identity check when comparing with None
---------
Co-authored-by: Richard Klose <richard.klose@gec.io>
Co-authored-by: Richard Klose <richard@klose.dev>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 65f58afbd9)
Co-authored-by: Pascal Hofmann <mail@pascalhofmann.de>
[ssh_config] Add support for ControlMaster (#7456)
* [ssh_config] Add support for ControlMaster
* Create separate function to convert bool
* Allow str values with yes/no options to also use bool
(cherry picked from commit c2f08c57e0)
Co-authored-by: Marcel <maleo@google.com>
Add options for password generation in the passwordstore module (#7426)
* feat: Add options for password generation.
* feat: Add documentations for options for password generation.
* fix: Remove newline from the end of the stored raw password
* fix: Define 'msg' variable before the reference inside the condition block
* feat: Add information when the 'timestamp' parameter was added
Co-authored-by: Felix Fontein <felix@fontein.de>
* feat: Add information when the 'preserve' parameter was added
Co-authored-by: Felix Fontein <felix@fontein.de>
* feat: Add changelog fragment for adding new parameters to the 'passwordstore' module
* feat: Change the evaluation of password modification conditions.
* feat: Change version of parameter 'timestamp' from 8.0.0 to 8.0.1
Co-authored-by: Felix Fontein <felix@fontein.de>
* feat: Change version of parameter 'preserve' from 8.0.0 to 8.0.1
Co-authored-by: Felix Fontein <felix@fontein.de>
* fix: Remove newline character from the timestamp message
Co-authored-by: Felix Fontein <felix@fontein.de>
* fix: Add newline character to the end of 'preserve' message.
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Michal Drobny <494056@muni.cz>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 6a514b6843)
Co-authored-by: Michal Drobny <70282353+drobnymichal@users.noreply.github.com>
add template option to proxmox and proxmox_kvm (#7143)
* add template option to proxmox and proxmox_kvm
* make recommended updates
* fix tests
* resolve comments on PR
* save changes to changelog fragment
* Update changelogs/fragments/7143-proxmox-template.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Eric Trombly <etrombly@iomaxis.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 07a47c047b)
Co-authored-by: Eric Trombly <etrombly@yahoo.com>
Use isinstance() instead of type() (#7501)
* Replace type comparisons with isinstance() checks.
* Add changelog.
(cherry picked from commit 48e860be20)
Co-authored-by: Felix Fontein <felix@fontein.de>
fix vm removal in proxmox_pool_member.py (#7464)
* fix vm removal in proxmox_pool_member.py
in the original the vm doesn't get removed, always errors with "'Failed to delete a member (12345) from the pool TestPool: list.remove(x): x not in list'
* add changelog fragment
* fix linting errors in changelog
(cherry picked from commit 0304989392)
Co-authored-by: aungvari <12872375+aungvari@users.noreply.github.com>
* pass the working_dir to all composer command invocations that are not global
* add changelog fragment
* Update changelog fragment
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* plugins/module_utils/lxd: add server_cert_file and server_check_hostname params to LXDClient class
Signed-off-by: Simon Deziel <simon.deziel@canonical.com>
* plugins/inventory/lxd: add server_cert and server_check_hostname options
Signed-off-by: Simon Deziel <simon.deziel@canonical.com>
* Add changelog fragment
Signed-off-by: Simon Deziel <simon.deziel@canonical.com>
---------
Signed-off-by: Simon Deziel <simon.deziel@canonical.com>
* plugins/connection/lxd: convert FQDN to instance name
This allows to use FQDNs in the inventory and have the
connection driver do the translation when talking to
LXD that uses hostnames (no ".") for instance names.
Those are either globally unique or unique per network/
project in LXD.
```
all:
# Groups and hosts
children:
lxd_dmz:
vars:
ansible_lxd_project: dmz
hosts:
www01.dmz.example.com:
www02.dmz.example.com:
```
```
$ lxc list --project dmz
+---------+---------+----------------+------+-----------+-----------+----------+
| NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | LOCATION |
+-------+---------+------------------+------+-----------+-----------+----------+
| www01 | RUNNING | 192.0.2.1 (eth0) | | CONTAINER | 0 | t1 |
+-------+---------+------------------+------+-----------+-----------+----------+
| www02 | RUNNING | 192.0.2.2 (eth0) | | CONTAINER | 0 | t3 |
+-------+---------+------------------+------+-----------+-----------+----------+
```
Signed-off-by: Simon Deziel <simon.deziel@canonical.com>
* plugins/connection/lxd: VMs/containers are called instances
Update error string parsing to support the new format:
$ lxc stop c1 -- true
$ lxc exec c1 -- true
Error: Instance is not running
$ lxc exec does-not-exist -- true
Error: Instance not found
Signed-off-by: Simon Deziel <simon.deziel@canonical.com>
* plugins/connection/lxd: add changelog fragment
Signed-off-by: Simon Deziel <simon.deziel@canonical.com>
---------
Signed-off-by: Simon Deziel <simon.deziel@canonical.com>
* Stopped container error test
* Handle remote_addr change
Detect if the remote_addr option changed, and properly "reconnect" aka
update the internal state of the plugin instance.
* Add changelog fragment
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* Fix callback/selective task print being long
Compare against all text on the line rather than simply the task_name var,
which does not include 3 formatting characters in the string
* Add changelog fragment
---------
Co-authored-by: Aidan Houck <AidanHouck@users.noreply.github.com>
* Drop support for ansible-core 2.11 and 2.12.
Also move ansible-core 2.13 from regular CI to EOL CI.
* Remove some compatibility code.
* Remove no longer needed import.
* Update README.
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
---------
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
subscription-manager 1.29.32 renames the "type" D-Bus registration
option to "consumer_type"; this means that the right option must be
passed according to the distro type & version.
Copy the same approach done for environments, tweaking the version
needed: this change is found in RHEL 9.2+ and supported Fedora versions.
Reported-by: Radek Bíba <rbiba@redhat.com>