Add keycloak_authz_authorization scope module (#6256)
* Add keycloak_authz_authorization scope module
This module allows managing Keycloak client authorization scopes. The client has
to have authorization enable for this to work.
* botmeta: make mattock maintainer of keycloak_authz_authorization_scope
* botmeta: add mattock to team_keycloak
* keycloak_authz_authorization_scope: documentation and code layout fixes
* keycloak_authz_authorization_scope: do not fail on names with whitespace
* keycloak_authz_authorization_scope: use url quote method
Co-authored-by: Felix Fontein <felix@fontein.de>
* keycloak_authz_authorization_scope: style fixes to documentation
* keycloak_authz_authorization_scope: do not claim check/diff mode support
* keycloak_authz_authorization_scope: fix documentation
* keycloak_authz_authorization_scope: support check_mode and diff_mode
* keycloak_authz_authorization_scope: use more common terminology
Most keycloak modules use before_<object_type> and desired_<object_type> to
designate current and desired states of objects. Do the same for authorization
scopes.
* keycloak_authz_authorization_scope: fixes to check_mode and docs
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit bc228d82be)
Co-authored-by: Samuli Seppänen <samuli.seppanen@gmail.com>
keycloak: Add option to create authentication sub-flow of type 'form flow' (#6318)
* keycloak: Improve API error message
* keycloak: Fix API error message
They key 'provider' is undefined.
* keycloak: Allow the creation of 'form-flow' authentication sub flows
To create something like keycloak's built-in registration flow,
we need to create a subflow with the type 'form-flow'.
* Add changelog fragment 6318
* Update changelogs/fragments/6318-add-form-flow.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_authentication.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_authentication.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* keycloak_authentication: Don't compare subFlowType
It is only useful for creation.
* Update changelogs/fragments/6318-add-form-flow.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 114eb67f58)
Co-authored-by: fachleitner <flo@fopen.at>
Add a module to set the keycloak client scope type (#6322)
The module keycloak_clientscope_type allows to set the client scope
types (optional/default) either on realm or client level.
(cherry picked from commit 1f2c7b1731)
Co-authored-by: Simon Pahl <simpahl@gmail.com>
New modules btrfs_subvolume / btrfs_info (#5832)
* Initial implementation for new modules btrfs_subvolume and btrfs_info
* Improve/flesh out documentation. Add ability to target filesystem by uuid, label or device. Update tests to test targeting filesystem by each supported parameter and when only mountpoint.
* Updates for btrfs modules. Add missing copyright notices. Switch options to contains in return documentation. Update btrfs_subvolume to always use closest parent mount.
* Add maintainers for btrfs module(s) and remove unused class member cause lint failure.
* Add changelog fragment. Attempt to only run against the VMs as part of CI.
* Updates per code review. Remove changelog fragment. Switch use of map to list comprehension. Add trailing comma to last item in multi-line dicts. Clean up documentation with complete senstences for descriptions and correct/consistent use of macros.
* Improved error handling in btrfs_subvolume module: add custom exception type, favor exceptions over immediate call to fail_json and add single top level return for failure scenarios. Normalize name and snapshot_source parameters early in module execution and remove unecessary duplicate normalization throughout processing.
* Add azp/posix/3 to aliases per feedback
* Clean up automatic mounting. Prevent automount when check_mode=True. Immediately fail if a mount is identified as required and automount=True. Identify the minimal subset of subvolumes that need to be mounted instead of just finding a single common root.
* Skip btrfs_subvolume integration tests if btrfs-progs isn't successfully installed.
* Bump version_added for btrfs modules to 6.6.0. Ensure consistent trailing punctuation for module descriptions and document check_mode behavior as attribute description rather than a module level note.
* Remove unused imports from btrfs_subvolume module.
* Fix import.
* Docs improvements.
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit ae5090d90e)
Co-authored-by: Gregory Furlong <50386272+gnfzdz@users.noreply.github.com>
one_vm: fix syntax error when creating VMs with a more complex template (#6294)
* one_vm: fix syntax error when creating VMs with a more complex template
with more complex templates that make use of quoted strings the new
"render" method fails to produce a template that is accepted by
OpenNebula. ==> escape double quotes in strings to make OpenNebula
happy again.
I also tested whether newlines need to be escaped, looks like they are
fine as they are.
Fixes#6225
* module_utils/opennebula: skip empty values in render
(cherry picked from commit cb3ca05bd1)
Co-authored-by: Georg Gadinger <nilsding@nilsding.org>
pipx: Add support for system_site_packages (#6308)
* pipx: Add support for system_site_packages
* Add changelog fragment
(cherry picked from commit f93a1bf5ec)
Co-authored-by: Paul Aurich <paul@darkrain42.org>
pipx: Allow injected modules to add apps (#6198)
* pipx: Allow injected modules to add apps
Add support for pipx inject's "--include-apps" parameter.
* add changelog fragment
* fix pipx test ("install_apps", not "include_apps")
* fix pipx test -- add a second invocation for install_apps
* Update changelogs/fragments/6198-pipx-inject-install-apps.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/pipx.py
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 6fa833feed)
Co-authored-by: Paul Aurich <paul@darkrain42.org>
added hpe thermal config and fan percent min (#6208)
* added hpe thermal config and fan percent min
* typo fixed
* Create 6208-hpe-thermal-fan-percent.yaml
* fixed changelog fragment
* Update 6208-hpe-thermal-fan-percent.yaml
(cherry picked from commit 33ccabed13)
Co-authored-by: ky13 <k.william.ritchie@gmail.com>
keycloak_group: support keycloak subgroups (#5814)
* feat(module/keycloak_group): add support for ...
... handling subgroups
* added changelog fragment and fixing sanity ...
... test issues
* more sanity fixes
* fix missing version and review issues
* added missing licence header
* fix docu
* fix line beeing too long
* replaced suboptimal string type prefixing ...
... with better subdict based approach
* fix sanity issues
* more sanity fixing
* fixed more review issues
* fix argument list too long
* why is it failing? something wrong with the docu?
* is it this line then?
* undid group attribute removing, it does not ...
... belong into this PR
* fix version_added for parents parameter
---------
Co-authored-by: Mirko Wilhelmi <Mirko.Wilhelmi@sma.de>
(cherry picked from commit 7d3e6d1bb7)
Co-authored-by: morco <thegreatwiper@web.de>
Redfish: Removed basic auth header when performing a GET on the service root and POST to the session collection (#5903)
* Redfish: Removed basic auth header when performing a GET on the service root and POST to the session collection
* Update changelogs/fragments/5886-redfish-correct-basic-auth-usage-on-session-creation.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit ea5cbe2553)
Co-authored-by: Mike Raineri <mraineri@gmail.com>
OpenNebula/one_vm implement the one.vm.updateconf API call (#5812)
* opennebula: Add template manipulation helpers
* one_vm: Use 'updateconf' API call to modify running VMs
* one_vm: Emulate 'updateconf' API call for newly created VMs
* opennebula/one_vm: Satisfy linter checks
* opennebula/one_vm: Apply suggestions from code review
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* opennebula/one_vm: Drop 'extend' function, use 'dict_merge' instead
* Add changelog fragment
* one_vm: Refactor 'parse_updateconf' function
* opennebula/one_vm: Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
* one_vm: Allow for using updateconf in all scenarios
---------
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 8818a6f242)
Co-authored-by: Michal Opala <mopala@opennebula.io>
Remote management modules for OCAPI-based devices. (#5754)
* Remote management modules for OCAPI-based devices.
Open Composable API (OCAPI) is a REST-based API designed for data center composability. For more information, see https://www.opencompute.org/documents/open-composable-api-for-ocp-2019-06-24-pdf
This PR introduces ocapi_command and ocapi_info modules. These are based on the existing redfish_command and redfish_info modules and follow similar patterns. This initial implementation includes support for the folowing operations:
- Indicator LED toggling
- Power state toggling
- Enclosure reset (reboot)
- Firmware upload
- Firmware update
- Firmware activate
- Job deletion
- Job status
These modules have been tested against Western Digital OpenFlex(tm) Data24 storage enclosures. API reference is at https://documents.westerndigital.com/content/dam/doc-library/en_us/assets/public/western-digital/product/platforms/openflex/reference-architecture-open-composable-api.pdf
* Fix licensing issue for ocapi_utils.py
* PR Feedback
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/module_utils/ocapi_utils.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/ocapi_info.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
* PR Feedback
Use six module for urlparse
* Apply suggestions from code review
Documentation fixes.
Co-authored-by: Felix Fontein <felix@fontein.de>
* Fix sanity test line too long error.
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 59a9d34250)
Co-authored-by: Mike Moerk <michael.moerk@wdc.com>
scaleway module utils: make function private that should be removed (#5499)
* Make function private that should be removed (ref: #5497).
* Maybe it works as a comment?
* Try something else.
* Ok, let's just add a comment.
* Last try: docstring instead of comment.
(cherry picked from commit c4b18361b9)
Co-authored-by: Felix Fontein <felix@fontein.de>
puppet: refactored to use CmdRunner (#5612)
* puppet: refactored to use CmdRunner
* add changelog fragment
* add more tests
(cherry picked from commit f95e0d775d)
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
respect new variable property in gitlab_group_variable and gitlab_project_variable (#5667)
* draft
* add changelog fragment
* rework
* rework group variables
* add new line at end of file
* Update plugins/module_utils/gitlab.py
Co-authored-by: Nejc Habjan <hab.nejc@gmail.com>
* rename
* revert
* return a copy
* Update plugins/modules/gitlab_project_variable.py
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Nejc Habjan <hab.nejc@gmail.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit c3bc172bf6)
Co-authored-by: Markus Bergholz <git@osuv.de>
Fix keycloak_client_rolemapping role removal and diff (#5619)
* Keycloak: Fix client rolemapping removal
Keycloak's delete_group_rolemapping API wrapper didn't pass data about
the roles to remove to keycloak, resulting in removal of all roles.
Follow the intended behaviour and delete only the roles listed in the
module invocation.
Signed-off-by: Florian Achleitner <flo@fopen.at>
* Keycloak: Fix client_rolemapping diff
The module's diff output wrongly showed the changed roles list as
'after' state. This is obviously wrong for role removal and also
wrong for role addition, if there are other roles assigned.
Use the result of the API query for 'end_state' for 'diff' as well.
Signed-off-by: Florian Achleitner <flo@fopen.at>
* Keycloak: Calculate client_rolemapping proposed state properly
Signed-off-by: Florian Achleitner <flo@fopen.at>
* Add changelog fragment
Signed-off-by: Florian Achleitner <flo@fopen.at>
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
* Fix for python2 unit test
Signed-off-by: Florian Achleitner <flo@fopen.at>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit f0b3bba030)
Co-authored-by: fachleitner <flo@fopen.at>
cmd_runner: allow bool format to pass alternate (false) value (#5647)
* allow bool format to pass alternate (false) value
* add changelog fragment
(cherry picked from commit be22ca0633)
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* Redfish: Expanded SimpleUpdate command to allow for users to monitor the progress of an update and perform follow-up operations
* Update changelogs/fragments/3910-redfish-add-operation-apply-time-to-simple-update.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/redfish_command.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update changelogs/fragments/4276-redfish-command-updates-for-full-simple-update-workflow.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Updated based on feedback and CI results
* Update plugins/modules/redfish_command.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/redfish_command.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/redfish_info.py
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 5c1c8152ec)
Co-authored-by: Mike Raineri <mraineri@gmail.com>
* gconftool2: refactored to use ModuleHelper + CmdRunner
* add changelog fragment
* removed old code commented out
(cherry picked from commit 6c7e9116e1)
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* cmd_runner module utils: fix case for as_fixed() format
* add changelog fragment
* simplified test_cmd_runner
* fix handling empty default for `as_map()`
* add changelog fragment
* MissingArgumentValue is reraised in run()
(cherry picked from commit e87ca10b61)
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* Allow for DN's to have {x} prefix on first RDN
* Update changelogs/fragments/5450-allow-for-xordered-dns.yaml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Assign attrs to throw-away var
* Update plugins/module_utils/ldap.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Escape DN before creating filter
Co-authored-by: Felix Fontein <felix@fontein.de>
* Redfish: centralize payload checking when performing modification requests to a Redfish service
* CI fixes
* Updates based on unit testing
* CI fix
* Modified vendor-specific logic to establish common pattern for workarounds
* Bump version to 6.0.0.
* sender option is now required.
* Default of want_proxmox_nodes_ansible_host changed from true to false.
* username is now an alias of user, and no longer of workspace.
* Remove deprecated return values in favor of end_state.
* Remove debug option.
* Change default of ignore_volatile_options from true to false.
* gitlab_group must now always contain the full path.
* Change default of norc from false to ture.
* Remove deprecated property.
* Add PR URL.
* Adjust bitbucket unit tests.
* Adjust module_helper integration test.
* manageiq_tags: refactor ManageIQTags class out to utils
* add manageiq_tags_info module
* refactor query_resource_id as a method in ManageIQ
* minor adjustments
* fix comments from PR
* rollback register result in examples
* add basic docs for return value
