1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00
Commit graph

139 commits

Author SHA1 Message Date
Felix Fontein
b711038b3b
dig lookup: deprecate DLV record type (#4618)
* Deprecate DLV record type.

* Use correct name.
2022-05-05 08:18:04 +02:00
Felix Fontein
f055f47161
Document all filter and test plugins (#4597)
* Fix/improve docs.

* Document the a_module test.

* Document the dict filter.

* Linting.

* Add more filter docs.

* More filters.

* Update BOTMETA.

* Add another plugin.

* Fix typos.

* Add explicit entries.

* Fix lookup documentation.
2022-05-02 07:25:45 +02:00
Ricky White
e7ffa76db6
Bug fix: Warns user if incorrect SDK version is installed (#4422)
* Add error handling to check correct SDK version installed

* Fix CI errors

* Added changelog fragment

* Changed exeption type

* Update changelogs fragment

Co-authored-by: Felix Fontein <felix@fontein.de>

Co-authored-by: Felix Fontein <felix@fontein.de>
2022-04-05 07:25:41 +02:00
Felix Fontein
ca2c64b5ca
Fix sanity issues. (#4346) 2022-03-14 20:56:27 +01:00
Josef Fuchs
c0415b9fae
Update doc. tss.py (env REQUESTS_CA_BUNDLE) (#4338)
* Update doc. tss.py (env REQUESTS_CA_BUNDLE)

Add a reference to environment variable REQUESTS_CA_BUNDLE to enable using self signed certificates (on-prem server) in documentation.

* Update tss.py

Remove trailing blank

* Update plugins/lookup/tss.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/lookup/tss.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/lookup/tss.py

Co-authored-by: Felix Fontein <felix@fontein.de>

Co-authored-by: Felix Fontein <felix@fontein.de>
2022-03-11 06:55:08 +01:00
grembo
2416b81aa4
passwordstore: Add configurable locking (#4194)
* passwordstore: Add configurable locking

Passwordstore cannot be accessed safely in parallel, which causes
various issues:

- When accessing the same path, multiple different secrets are
  returned when the secret didn't exist (missing=create).
- When accessing the same _or different_ paths, multiple pinentry
  dialogs will be spawned by gpg-agent sequentially, having to enter
  the password for the same gpg key multiple times in a row.
- Due to issues in gpg dependencies, accessing gpg-agent in parallel
  is not reliable, causing plays to fail (this can be fixed by adding
  `auto-expand-secmem` to _~/.gnupg/gpg-agent.conf_ though).

These problems have been described in various github issues in the past,
e.g., ansible/ansible#23816 and ansible/ansible#27277.

This cannot be worked around in playbooks by users in a non-error-prone
way.

It is addressed by adding new configuration options:

- lock:
  - readwrite: Lock all operations
  - write: Only lock write operations (default)
  - none: Disable locking
- locktimeout: Time to wait for getting a lock (s/m/h suffix)
  (defaults to 15m)

These options can also be set in ansible.cfg, e.g.:

    [passwordstore_lookup]
    lock=readwrite
    locktimeout=30s

Also, add a note about modifying gpg-agent.conf.

* Tidy up locking config

There is no reason why lock configuration should be part of self.paramvals.
Now locking and its configuration happen all in one place.

* Change timeout description wording to the suggested value.

* Rearrange plugin setup, apply PR feedback
2022-02-21 21:14:17 +01:00
grembo
77a0c139c9
passwordstore: Fix error detection for non-English locales (#4219)
The passwordstore lookup plugin depends on parsing GnuPG's
error messages in English language. As a result, detection of
a specific error failes when users set a different locale.

This change corrects this by setting the `LANGUAGE` environment
variable to `C` when invoking `pass`, as this only affects
gettext translations.

See
https://www.gnu.org/software/gettext/manual/html_node/The-LANGUAGE-variable.html
2022-02-17 22:00:02 +01:00
grembo
da49c0968d
passwordstore: Prevent using path as password (#4192)
Given a password stored in _path/to/secret_, requesting the password
_path/to_ will literally return `path/to`. This can lead to using
weak passwords by accident/mess up logic in code, based on the
state of the password store.

This is worked around by applying the same logic `pass` uses:
If a password was returned, check if there is a .gpg file it could
have come from. If not, treat it as missing.

Fixes ansible-collections/community.general#4185
2022-02-17 20:58:36 +01:00
Lee Garrett
d19ab93faf
Fix example code for flattened lookup (#4013)
Co-authored-by: Lee Garrett <lgarrett@rocketjump.eu>
2022-01-09 11:11:56 +01:00
Felix Fontein
77b7b4f75b
Get rid of distutils.spawn and distutils.util (#3934)
* Replace distutils.spawn.find_executable.

* Replace distutils.util.strtobool.
2022-01-04 06:56:28 +01:00
Felix Fontein
59bbaeed77
Docs improvements. (#3893) 2021-12-12 11:01:14 +01:00
RevBits, LLC
25e80762aa
RevBits PAM Secret Server Plugin (#3405)
* RevBits PAM Secret Server Plugin

* Update revbitspss.py

* Update plugins/lookup/revbitspss.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/lookup/revbitspss.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/lookup/revbitspss.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/lookup/revbitspss.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/lookup/revbitspss.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/lookup/revbitspss.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Fixes based on feedback from Ansible

* Fixes for auto tests

* module updated

* f string changed

* maintainer added

* maintainer added

* maintainer added

* review updates

* test added

* test added

* test added

* revisions updtes

* revisions updtes

* revisions updtes

* file removed

* unit test added

* suggestions updated

* suggestions updated

* Update plugins/lookup/revbitspss.py

* Update plugins/lookup/revbitspss.py

* Update plugins/lookup/revbitspss.py

Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Zubair Hassan <zubair.hassan@invozone.com>
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
2021-11-22 13:49:51 +01:00
Felix Fontein
5b10f8234c
Add collection_version lookup (#3633)
* Add collection_verison lookup plugin.

* Document ansible-base 2.10 and ansible-core 2.11 special case.

* Add default for result_not_found.

* Simplify not existing test.

* Move metadata loading to function.

* Update plugins/lookup/collection_version.py

Co-authored-by: Brian Scholer <1260690+briantist@users.noreply.github.com>

* Extend tests.

* Fix tests for ansible-core < 2.12.

Co-authored-by: Brian Scholer <1260690+briantist@users.noreply.github.com>
2021-11-01 19:01:52 +01:00
Thomas Sjögren
c40db6789a
add random_words lookup plugin, based on the xkcdpass module (#3588)
* add random_words lookup plugin, based on the xkcdpass module

Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>

* add maintainer in BOTMETA

Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>

* Update plugins/lookup/random_words.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/lookup/random_words.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/lookup/random_words.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/lookup/random_words.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/lookup/random_words.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update tests/integration/targets/lookup_random_words/test.yml

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update tests/integration/targets/lookup_random_words/test.yml

Co-authored-by: Felix Fontein <felix@fontein.de>

* ignore E402, place imports below documentation

Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>

Co-authored-by: Felix Fontein <felix@fontein.de>
2021-10-27 22:37:28 +02:00
Felix Fontein
a68445486e
Remove and redirect all infoblox/nios content (#3592)
* Remove and redirect all infoblox/nios content.

* Remove ignore.txt entries.

* Update BOTMETA.
2021-10-21 08:02:06 +02:00
Martin Vician
dc8d076a25
tss: add option for token authorization (#3327)
* Added token parameter for AccessTokenAuthorizer

Parameters username and password are not required anymore because of
this.

* Added changelog fragments

* Apply suggestions from code review

Co-authored-by: Ajpantuso <ajpantuso@gmail.com>

* token authorizer is prioritized

token authorizer is prioritized when token parameter is set

* Apply suggestions from code review

Co-authored-by: Felix Fontein <felix@fontein.de>

* domain optional if token not provided

* Updated examples

- `base_url` is required everywhere
- examples for user, name + domain authorization included
- token authorization included

* Update 3327-tss-token-authorization.yml

* Apply suggestions from code review

Co-authored-by: Felix Fontein <felix@fontein.de>

Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
2021-09-14 13:34:59 +02:00
Ajpantuso
cbcb942b0e
tss_lookup_plugin - Refactor and decoupling (#3252)
* Initial commit

* Adding changelog fragment

* Applying initial review suggestions

* Increasing unit coverage

* Removed unneccessary constant

* Improving test readability

* Cleanup constants
2021-08-25 06:41:05 +02:00
Matt 'Archer' Vaughn
23e7ef0255
Add option for retry_servfail (#3247)
* Add option for retry_servfail

cf. https://dnspython.readthedocs.io/en/latest/resolver-class.html#dns.resolver.Resolver.retry_servfail

Setting this option to `True` allows for the possibility of the lookup plugin to retry and thereby recover from potentially transient lookup failures, which would otherwise cause the task or play to bail with an unrecoverable exception.

* Create 3247-retry_servfail-for-dig

* documentation for `retry_servfail` option

* Rename 3247-retry_servfail-for-dig to 3247-retry_servfail-for-dig.yaml

* fix whitespace

* Update plugins/lookup/dig.py

Co-authored-by: Ajpantuso <ajpantuso@gmail.com>

* Update plugins/lookup/dig.py

Co-authored-by: Ajpantuso <ajpantuso@gmail.com>

* rm try/except block

Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
2021-08-21 21:57:28 +02:00
Martin Vician
bcccf4e388
Add option for domain authorization (#3228)
Use DomainPasswordGrantAuthorizer if parameter `domain` is used.
2021-08-20 13:54:29 +02:00
Ricky White
6ac410b3f6
tss: added fix for bug report in issue #3192 (#3199)
* Added fix for bug report in issue #3192

* Added changelog fragment

* Typo fix

* Added Importerror to exception - as req by linters

* Moved the conditional import statement to try/except block
2021-08-18 09:26:44 +02:00
Alexei Znamensky
771e9de010
mass-added the utf-8 marker (#3163)
* added the utf-8 marker

* fixed the utf-8 marker where it was missde before
2021-08-08 10:40:22 +02:00
Alexei Znamensky
da11a98cb7
fixed the utf-8 marker (#3162) 2021-08-07 15:02:21 +02:00
Ricky White
a73720c103
Updated the tss lookup plugin to reflect breaking changes introduced in the underpinning SDK (#3139)
* Updated the plugin to reflect breaking changes introduced in the underlying SDK v1.0.0 update.

* Added Changelog fragment

* Updates based on feedback/review

* Added newline to pass CI

* Added whitepace for linter

* Update changelogs/fragments/3139-tss-lookup-plugin-update-to-make-compatible-with-sdk-v1.yml

Co-authored-by: Ajpantuso <ajpantuso@gmail.com>

Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
2021-08-05 19:28:32 +02:00
Alexei Znamensky
047b7ada3c
uf8 marker batch2 (#3128)
* added utf-8 markers to all .py files in plugins/filter

* added utf-8 markers to all .py files in plugins/inventory

* added utf-8 markers to all .py files in plugins/lookup
2021-08-01 12:36:53 +02:00
Felix Fontein
4982eaf935
Update BOTMETA, fix some plugin authors, improve BOTMETA extra sanity test (#3069)
* Update BOTMETA, fix some plugin authors, improve BOTMETA extra sanity test.

* Linting.
2021-07-26 11:44:41 +02:00
Felix Fontein
fafabed9e6
Replace ansible.module_utils._text by ansible.module_utils.common.text.converters (#2877)
* Replace ansible.module_utils._text by ansible.module_utils.common.text.converters.

* Also adjust tests.
2021-06-26 23:59:11 +02:00
Amin Vakil
dab5d941e6
Add domain option to onepassword lookup (#2735)
* Add domain to onepassword lookup

* Add changelog

* Add default to domain documentation

* Improve format

* Fix sanity issue

* Add option type to documentation

Co-authored-by: Felix Fontein <felix@fontein.de>

* Add domain to init

Co-authored-by: Felix Fontein <felix@fontein.de>
2021-06-08 11:41:21 +02:00
fkuep
0e6d70697c
Wire token param into consul_api #2124 (#2126)
* Wire token param into consul_api #2124

* Update changelogs/fragments/2124-consul_kv-pass-token.yml

Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>

* #2124 renamed release fragment to match pr, removed parse_params.

* putting look back in, do some linting   #2124

* try more linting

* linting

* try overwriting defaults in parse_params with get_option vals, instead of removing that function completely.

* Revert "back to start, from 2nd approach: allow keyword arguments via parse_params for compatibility."

This reverts commit 748be8e366.

* Revert " linting"

This reverts commit 1d57374c3e.

* Revert " try more linting"

This reverts commit 91c8d06e6a.

* Revert "putting look back in, do some linting   #2124"

This reverts commit 87eeec7180.

* Revert " #2124 renamed release fragment to match pr, removed parse_params."

This reverts commit d2869b2f22.

* Revert "Update changelogs/fragments/2124-consul_kv-pass-token.yml"

This reverts commit c50b1cf9d4.

* Revert "Wire token param into consul_api #2124"

This reverts commit b60b6433a8.

* minimal chnages for this PR relative to current upstream.

* superfluous newline in changlog fragment.

Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
2021-06-05 22:38:42 +02:00
Abhijeet Kasurde
43c12b82fa
random_string: a new lookup plugin (#2572)
New lookup plugin to generate random string based upon
constraints.

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2021-05-27 19:09:26 +02:00
Felix Fontein
7cd96d963e
meta/runtime.yml and __init__.py cleanup (#2632)
* Remove superfluous __init__.py files.

* Reformat and sort meta/runtime.yml.

* The ovirt modules have been removed.

* Add changelog entry.
2021-05-27 18:49:26 +02:00
Sylvia van Os
26757edfb2
Add one-liner lookup example (#2615)
* Add one-liner lookup example

* Remove trailing whitespace

* Update plugins/lookup/tss.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/lookup/tss.py

Co-authored-by: Amin Vakil <info@aminvakil.com>

Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Amin Vakil <info@aminvakil.com>
2021-05-27 07:57:06 +02:00
Jan Baier
350380ba8c
Add option missing to passwordstore lookup (#2500)
Add ability to ignore error on missing pass file to allow processing the
output further via another filters (mainly the default filter) without
updating the pass file itself.

It also contains the option to create the pass file, like the option
create=true does.

Finally, it also allows to issue a warning only, if the pass file is not
found.
2021-05-17 13:50:40 +02:00
Abhijeet Kasurde
5d0a7f40f2
random_pet: Random pet name generator (#2479)
A lookup plugin to generate random pet names based
upon criteria.

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2021-05-14 10:55:27 +02:00
Felix Fontein
ee9770cff7
Deprecate nios content (#2458)
* Deprecate nios content.

* Make 2.9's ansible-test happy.

* Add module_utils deprecation.
2021-05-13 21:50:40 +02:00
Felix Fontein
eea4f45965
Add dependent lookup plugin (#2164)
* Add dependent lookup plugin.

* Use correct YAML booleans.

* Began complete rewrite.

* Only match start of error msg.

* Improve tests.

* Work around old Jinja2 versions.

* Fix metadata.

* Fix filter name.
2021-05-11 19:27:05 +02:00
Anubhav Chakraborty
f11f6595cc
convert string returned by plugin to unicode (#2329)
* convert string returned by plugin to unicode

* add changelog fragment

* fix changelog format

* fix changelog format yet again

Co-authored-by: Anubhav Chakraborty <anubchak@cisco.com>
2021-04-24 12:20:11 +02:00
Nick
8db59ff02d
with_filetree:: use splitext for compatibility with template: (#2285)
* with_filetree: use splitext for compatibility with template

The example code given deploys files with their .j2 extensions intact, which is probably not what you want.

* Explain how templates interact with splitext|first

* Update plugins/lookup/filetree.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Don't encourage setting the mode of symlinks

On ext4, maybe most filesystems, symlinks always have the artificial mode of 0777, and `chmod $mode $symlink` *writes through* the symlink to its target file.

An effect of this is that if you deploy a file and a symlink to it (e.g. this common situation: /etc/nginx/sites-available/default and /etc/nginx/sites-enabled/default -> ../sites-available/default) then `with_filetree` will forever first deploy the file with the right mode, then corrupt its mode to 0777, and every redeploy will see a change to fix, forever in a loop.

Probably `file:` should refuse `mode:` on `state: link`s, but in the meantime, avoid recommending it in `filetree`

* Use `follow: false` instead of just the mode.

This should be more cross-compatible.

https://github.com/ansible-collections/community.general/pull/2285#discussion_r616571873

* Update plugins/lookup/filetree.py

Co-authored-by: Felix Fontein <felix@fontein.de>
2021-04-21 14:04:46 +02:00
Alexei Znamensky
b97e31dd55
rewritten as list literals (#2160)
* rewritten as list literals

* added changelog fragment
2021-04-05 09:22:06 +02:00
Jim Speir
677ab8e383
Adding another example for tss lookup (#1945)
* Adding another example for tss lookup

A more detailed example using self-hosted secrets server as investigated in #1943

* Update plugins/lookup/tss.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Better line breaking

* Update plugins/lookup/tss.py

Seconded!

Co-authored-by: Felix Fontein <felix@fontein.de>

* Remove newline to pass tests

* Update plugins/lookup/tss.py

Co-authored-by: Felix Fontein <felix@fontein.de>
2021-03-02 21:58:55 +01:00
Alexei Znamensky
434f383ae9
fixed Python 3 keys() usage (#1861)
* fixed python3 keys()

* added changelog fragment

* Update plugins/modules/cloud/spotinst/spotinst_aws_elastigroup.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/cache/redis.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* rolledback redis.py per PR

* Update plugins/modules/monitoring/sensu/sensu_check.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* removed unnecessary ignore lines

* adding memcached and one case in redis is indeed necessary

* Update changelogs/fragments/1861-python3-keys.yml

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update changelogs/fragments/1861-python3-keys.yml

* Update changelogs/fragments/1861-python3-keys.yml

Co-authored-by: Felix Fontein <felix@fontein.de>

Co-authored-by: Felix Fontein <felix@fontein.de>
2021-02-23 23:19:27 +01:00
Florian Bergmann
f955a85848
Add yaml support to passwordstore. (#1681)
Co-authored-by: Florian Bergmann <Florian.Bergmann@datev.de>
2021-01-28 09:24:28 +01:00
Paul Haerle
73b3ec09e5
fix passwordstore.py to be compatible with gopass. (#1589)
* fix passwordstore.py to be compatible with gopass.

...even when used with create=true.

The same output snippet matches for both, `pass` and `gopass`, but while `pass` returns `1` on a non-existant password, `gopass` returns `10`, or `11`, depending on whether a similar named password was stored.

So I'd propose to change `e.returncode == 1` to `e.returncode != 0` to cover both cases here.

What do you think?

* Update passwordstore.py, fix typo

* Add changelog fragment.

* Update changelogs/fragments/1589-passwordstore-fix-passwordstore.py-to-be-compatible-with-gopass.yaml

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update changelogs/fragments/1589-passwordstore-fix-passwordstore.py-to-be-compatible-with-gopass.yaml

Co-authored-by: Felix Fontein <felix@fontein.de>

Co-authored-by: Felix Fontein <felix@fontein.de>
2021-01-25 12:29:46 +01:00
Roberto Aguilar
5b1bede4cb
onepassword: find the password field out of the fields list (#1610)
* Find the password field out of the fields list

With the command line utility `op` version 1.8, the password field exists, while the fields list is empty.  This will look for the desired field without it being listed in the fields list.

* Add changelog fragment

* Update changelogs/fragments/1610-bugfix-onepassword-lookup-plugin.yaml

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/lookup/onepassword.py

Co-authored-by: Felix Fontein <felix@fontein.de>

Co-authored-by: Felix Fontein <felix@fontein.de>
2021-01-20 22:37:28 +01:00
Felix Fontein
25e246bdc2
Improve readability of example. (#1648) 2021-01-19 08:24:25 +01:00
Joe Louthan
7d20ff7cac Update tss.py - multiline for an example (#1639)
* Update tss.py - multiline for an example 

Extended line runs past the side of the browser window

* Moved multiline to after the msg. 

Cannot believe I missed that again.

* Updated tss.py

Using > as multiline joiner with spaces
2021-01-19 07:01:29 +01:00
Felix Fontein
99cfb993d5
<plugin_type>: -> name: (#1541) 2021-01-12 07:12:03 +01:00
Felix Fontein
ddaad1e650
Remove hashi_vault plugin, add redirect. (#1566) 2021-01-04 10:55:14 +01:00
Eike Waldt
491b622041
fix passwordstore.py to be compatible with gopass versions (#1493)
* Be compatible to latest gopass versions.
`gopass show` is deprecated.

* add changelog fragment

* Update changelogs/fragments/1493-fix_passwordstore.py_to_be_compatible_with_gopass_versions.yml

Co-authored-by: Eike Waldt <git@yog.wtf>
Co-authored-by: Felix Fontein <felix@fontein.de>
2021-01-03 11:48:35 +01:00
David Moreau Simard
f78e08bc37
Remove google plugins and set up redirects to collections (#1319)
* Remove Google cloud plugins migrated to community.google

* Remove another symlink

* Fix typo for community.general version

* Update changelogs/fragments/1319-google-migration-removal.yml

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update changelogs/fragments/1319-google-migration-removal.yml

Co-authored-by: Felix Fontein <felix@fontein.de>

* Add fragment for inventory script

* fix yaml formatting

* adjust past relnotes in accordance with removal of google plugins

Co-authored-by: Felix Fontein <felix@fontein.de>
2020-12-29 09:46:57 +01:00
bratw0rst
28ac4b79e2
Added umask option to passwordstore lookup plugin. (#1156)
* Added umask option to passwordstore lookup plugin.

* Added umask documentation and changelog fragment.

* Added default values to paramvals within the run method.

* removed blank lines (PEP8)

* Update changelogs/fragments/lookup-passwordstore-umask.yml

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/lookup/passwordstore.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update changelogs/fragments/lookup-passwordstore-umask.yml

Co-authored-by: Felix Fontein <felix@fontein.de>

* passwordstore lookup plugin: changelog fragment update

* passing environment variables to subprocess.Popen()

* Update plugins/lookup/passwordstore.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* rm trailing whitespace

* Don't force default umask in the plugin, pass will take care of this.

* remove default from the documentation string

* remove trailing whitespaces

* prevent KeyErrors when checking if key exits in paramvals.

* Update plugins/lookup/passwordstore.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Fix for TypeError

* revert back to old directory test

Co-authored-by: bratw0rst <c.chmiel@speakup.nl>
Co-authored-by: Felix Fontein <felix@fontein.de>
2020-11-24 08:05:59 +01:00
Jonathan Piron
6cec8759d0
Fix hashi_vault lookup approle authentication (#1138)
As per the plugin documentation and the Hashicorp Vault documentation (https://www.vaultproject.io/docs/auth/approle#secretid)
secret_id is not mandatory.
Moreover, using this lookup plugin without a secret_id used to work in
Ansible 2.9.

Co-authored-by: Jonathan Piron <jonathanpiron@gmail.com>
2020-11-16 16:42:42 +01:00
Erik Godding Boye
64c6f20b55
Add support for HashiCorp Vault JWT auth (#1213)
* Add support for Hashicorp Vault JWT auth

* Add support for HashiCorp Vault JWT auth (continued)

Co-authored-by: Brian Scholer <1260690+briantist@users.noreply.github.com>

Co-authored-by: Mike Brancato <mike@mikebrancato.com>
Co-authored-by: Brian Scholer <1260690+briantist@users.noreply.github.com>
2020-11-16 07:48:58 +01:00
Felix Fontein
0109310aa2 Fix gcp_storage_file lookup plugin (#1284). 2020-11-13 16:01:10 -05:00
markafarrell
3af4be34b2
Respect VAULT_SKIP_VERIFY envionment variable setting in hashi_vault lookup plugin (#1024)
* add skip_certificate_validation from env VAULT_SKIP_VERIFY

* use os.envrion.env instead of skip_certificat_validation

* fix typo in test

* add tests for different truthy options

* fix linting

* add changelog

* change precedence for validate_certs

* add precedence test

* fix inverted logic

* Fix documentation

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/lookup/hashi_vault.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* fix linting

* Update plugins/lookup/hashi_vault.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/lookup/hashi_vault.py

Co-authored-by: Felix Fontein <felix@fontein.de>

Co-authored-by: Felix Fontein <felix@fontein.de>
2020-10-09 14:23:04 +02:00
Felix Fontein
e5da25915d
Improve plugin sanity (#966)
* callback_type -> type.

* Mark authors as unknown.

* Add author field forgotten in #627.

* Fix author entries.

* Add author field forgotten in #127.

* Fix some types.
2020-09-28 21:21:51 +02:00
Brian Scholer
ba5b86cf4a
hashi_vault - Change token_path env var loading precedence (#902)
* Change how vault token is loaded

* Add changelog for PR #902

* Update changelogs/fragments/902-hashi_vault-token-path.yml

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/lookup/hashi_vault.py

Add version_added

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/lookup/hashi_vault.py

Add version_added

Co-authored-by: Felix Fontein <felix@fontein.de>

Co-authored-by: Felix Fontein <felix@fontein.de>
2020-09-18 21:59:25 +02:00
holtwilkins
1a5702cf21
Support use of VAULT_NAMESPACE env var (#929)
As per https://learn.hashicorp.com/tutorials/vault/namespaces, setting VAULT_NAMESPACE env var is a completely supported mechanism to make all vault command use said namespace, so hashi_vault lookup function should do the same.

Co-authored-by: Holt Wilkins <hwilkins@palantir.com>
2020-09-18 21:21:41 +02:00
Benoit Bayszczak
51121e54d0
[lookup_plugin/hashi_vault] add missing 'mount_point' param for approle (#897)
* [lookup_plugin/hashi_vault] add missing 'mount_point' param for approle

* [lookup_plugin/hashi_vault] add changelog fragment

* Update changelogs/fragments/897-lookup-plugin-hashivault-add-approle-mount-point.yaml

Co-authored-by: Felix Fontein <felix@fontein.de>

Co-authored-by: Benoit Bayszczak <benoit.bayszczak@adevinta.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
2020-09-17 10:19:12 +02:00
Felix Fontein
7cf472855c
Fix various sanity errors in plugins (#881)
* Fix deprecation of callables.

* Fix various sanity errors.

* Revert callback_type -> type transform.

* Fix stat_result times: these are float according to https://github.com/python/typeshed/blob/master/stdlib/3/os/__init__.pyi

* Apply suggestions from code review

Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru>

Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru>
2020-09-16 11:06:45 +02:00
Abhijeet Kasurde
9e039cc4a0
dsv: Use correct dict usage (#743)
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-08-10 10:22:24 +05:30
Felix Fontein
7f37103df3
Fix author entry for dsv and tss lookup plugin. (#753) 2020-08-09 21:50:08 +02:00
Felix Fontein
ea21341686
Fix plugins (names, constants, FQCNs in examples) (#722)
* cobbler inventory: fix NAME

* oc transport: fix transport name

* Inventory plugins: fix plugin identifications

* Use FQCN in lookup plugin examples.

* Use FQCN in callback plugins.

* Add changelog fragment.

* Adjust documentation.

* Fix lookup plugin linting errors.

* Fix quotes.
2020-08-08 22:04:34 +02:00
Abhijeet Kasurde
0eb4954339
lookup: Fix minor typos (#740)
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-08-07 08:11:35 +02:00
Abhijeet Kasurde
ce48751033
filetree: Update example and documentation for plugin (#728)
Fixes: #727

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-08-04 18:30:41 +05:30
Andrew Klychkov
4c4a6ab27c
modules: fix examples to use FQCN for builtin plugins (#661) 2020-07-16 14:42:12 +03:00
Andrew Klychkov
c055340ecb
modules: fix examples to use FQCN for builtin modules (#648)
* modules: fix examples to use FQCN for builtin modules

* fix

* fix

* fix

* fix

* fix

* fix

* fix
2020-07-14 18:28:08 +03:00
Adam C. Migus
a424ee71e3
Add Thycotic DevOps Secrets Vault lookup plugin (#90)
* Add the Thycotic DevOps Secrets Vault lookup plugin.

* Update plugins/lookup/dsv.py

Co-Authored-By: Felix Fontein <felix@fontein.de>

* Update plugins/lookup/dsv.py

Co-Authored-By: Felix Fontein <felix@fontein.de>

* Update plugins/lookup/dsv.py

Co-Authored-By: Felix Fontein <felix@fontein.de>

* Fix import error check per code review.

* Apply suggestions from code review

Co-authored-by: Felix Fontein <felix@fontein.de>

* Add a unittest for plugins/lookup/dsv.py

* Add copyrights.

* Apply suggestions from code review

Co-authored-by: Felix Fontein <felix@fontein.de>

* Fixed formatting bug in test_dsv.py

* Apply suggestions from code review

Co-authored-by: Felix Fontein <felix@fontein.de>

* Apply suggestions from code review

Co-authored-by: Felix Fontein <felix@fontein.de>

Co-authored-by: Felix Fontein <felix@fontein.de>
2020-07-13 05:45:07 +00:00
Adam C. Migus
4c6e2f2a40
Add the Thycotic Secret Server lookup plugin. (#91)
* Add the Thycotic Secret Server lookup plugin.

* Update plugins/lookup/tss.py

Co-Authored-By: Felix Fontein <felix@fontein.de>

* Fix import error check per code review.

* Apply suggestions from code review

Co-Authored-By: Felix Fontein <felix@fontein.de>

* Trivial changes based on suggestions from code review.

* Add a unittest for plugins/lookup/tss.py

* Add copyrights.

* Fixed formatting bug in test_tss.py

* Fix formatting bugs in tss.py and test_tss.py

* Apply suggestions from code review

Co-authored-by: Felix Fontein <felix@fontein.de>

Co-authored-by: Felix Fontein <felix@fontein.de>
2020-07-13 07:37:20 +02:00
anshulbehl
cca84abeb5
conjur_variable: redirecting to correct collection (#570)
* - Redirecting to correct collection
- Removing the plugin and adding changelog and deprecation

* Making suggested changes

* Earlier version on leftovers

* Update changelogs/fragments/cyberarkconjur-removal.yml

Co-authored-by: Felix Fontein <felix@fontein.de>
2020-06-30 07:36:08 +02:00
Felix Fontein
097aebadb0
Fix M(). (#591)
* Fix M().

* Break long line.

* Fix the remaining M(...).

* Break long line.
2020-06-29 14:59:15 +02:00
Andrew Klychkov
21681daa01
modules: fix seealso sections (#581) 2020-06-25 13:34:46 +02:00
Denis
4c42d0971f
Fix for lookup/consul_kv environment varibles handling (#303)
* suppress exceptions for optional env variables

* Options handling switched to "get_option" approach

* Put back _raw option for documentation purposes

* Fix url option description

* remove ini section

* Docs fixed

* force rebuild to fix aix tests

* Point returned in order to have full sentence in description

* Add general arguments fix information to changelog fragments

* Add PR link to changelog fragments

Co-authored-by: Felix Fontein <felix@fontein.de>

* Fix port/scheme handlng in case they weren't provided in URL argument

* Add argument type for url

Co-authored-by: Felix Fontein <felix@fontein.de>

Co-authored-by: Denis Savenko <denis.savenko@tonicforhealth.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
2020-06-23 14:08:38 +02:00
Abhijeet Kasurde
67ae100cee
hashi_vault: Handle equal sign in secret name value (#537)
Fixes: ansible/ansible#55658

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-06-19 14:10:11 +02:00
Felix Fontein
f16a93f976
Adjust removal versions (#521)
* Adjust 2.11 and later Ansible versions to collection versions.

* Remove unnecessary changelog.

* Adjust Ansible 2.10 to community.general 0.2.0 (first 'proper' release).

* Caught some non-properly prefixed versions.

* Update plugins/modules/database/mysql/mysql_replication.py
2020-06-16 21:24:42 +02:00
Felix Fontein
1c97afd40a
Remove sops lookup (moved to https://github.com/ansible-collections/community.sops). (#518) 2020-06-16 14:24:31 +02:00
Felix Fontein
b54ddaa28c
Clean up deprecations (#504)
* Adjust deprecation versions.

* Remove redirects that are already made in ansible/ansible's ansible_builtin_runtime.yml

* Remove modules that were moved to the google.cloud collection according to ansible/ansible's ansible_builtin_runtime.yml.

* The _info module is in google.cloud.

* The gcp doc_fragment is a copy of the one in google.cloud and is only used by one lookup. Mark as deprecated/internal.

* Remove entries of modules that no longer exist.

* Update ignore.txt.

* Try to fix test.

* Remove debug output.
2020-06-16 13:15:19 +02:00
Felix Fontein
f9589d78a8
Add version_added for all new features (#214)
* Add version_added: 1.0.0 for all new features added before pre-ansible-base.

* Add version_added: 1.0.0 for all new features.

* Next release will be 0.2.0

* Fix error.

* Remove unnecessary warnings.
2020-06-13 15:01:19 +02:00
Mike Hume
1a13287788
Add sops lookup plugin (#374)
* add sops lookup plugin

* fix pylint

* fix undefined encrypted_file variable

* decode sops output as text by default

* add variable to control decrypted content print in logs

* use Sops class decryption method

* lookup should return text, use appropriate ansible facility

* use ansible.module_utils._text.to_native

As required by Ansible documentation on [raising errors][raising-errors]
from plugins, use to_native to wrap errors to ensure string compatibility
between Python versions.

[raising-errors]: https://docs.ansible.com/ansible/latest/dev_guide/developing_plugins.html#id3

* use with_items instead of with_file in sops lookup documentation

[with_file][with-file], per Ansible documentation, returns the content of
the file. As sops is not able to decrypt a string by itself but requires
the file is passed as argument, passing the content breaks the lookup
plugin as reported by [here][bug-report].

[with_items][with-items] should be used instead.

[with-file]: https://docs.ansible.com/ansible/2.4/playbooks_loops.html#looping-over-files
[with-items]: https://docs.ansible.com/ansible/2.4/playbooks_loops.html#standard-loops
[bug-report]: https://github.com/ansible/ansible/pull/59639#issuecomment-540803722

* uniform sops exception handling between plugins

* Apply suggestions from code review

Co-Authored-By: Felix Fontein <felix@fontein.de>

* remove sops lookup plugin print option

Is no longer possible to print the decrypted secrets directly from this
plugin, but `debug` module can be used instead.

* add github handle to author

* add setup_sops integration target

* extract sops module

* add lookup_sops integration tests

* use sops module

* Update plugins/module_utils/sops.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/module_utils/sops.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/lookup/sops.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/module_utils/sops.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/module_utils/sops.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update test/integration/targets/lookup_sops/tasks/ubuntu.yml

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/module_utils/sops.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update test/integration/targets/lookup_sops/files/simple.sops.yaml

Co-authored-by: Felix Fontein <felix@fontein.de>

* Adding aliases file

* Emtpy spaces

* Update plugins/lookup/sops.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/lookup/sops.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/lookup/sops.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update test/integration/targets/lookup_sops/tasks/ubuntu.yml

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/lookup/sops.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update test/integration/targets/lookup_sops/tasks/ubuntu.yml

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update test/integration/targets/lookup_sops/tasks/ubuntu.yml

Co-authored-by: Felix Fontein <felix@fontein.de>

* gpg -> gnupg2

* with_items -> loop

* Move error logic to module_utils.

* Make Sops.decrypt() also handle errors and decode output.

* Improve error handling.

* Improve example formatting.

* Reorganize tests.

* Add test.

* Remove version_added.

Co-authored-by: Edoardo Tenani <edoardo.tenani@protonmail.com>
Co-authored-by: Edoardo Tenani <edoardo.tenani@gmail.com>
Co-authored-by: Edoardo T <endorama@users.noreply.github.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
2020-06-06 21:36:28 +02:00
Toshio Kuratomi
651065bc03 Fix the docs for dig and nios.
The return docs for both of these didn't follow what the docs build
would understand.  Changed them so that they are properly formatted.
2020-05-20 13:16:51 -07:00
Felix Fontein
72fe304b8f
gcp_storage_file: error gracefully when google.cloud is not there (#372)
* Error gracefully when google.cloud is not there.

* Add changelog fragment.
2020-05-19 23:06:40 +02:00
Andrew Klychkov
5d226f86b6
Remove ANSIBLE_METADATA (#339)
* Remove ANSIBLE_METADATA

* remove from other modules

* remove from plugins and scripts
2020-05-14 14:03:42 +01:00
Brian Scholer
eaa484eb37
hashi_vault refresh - Add AWS login methods, bugfixes, cleanup (#23)
* hashi_vault refresh from PR in ansible/ansible/#66735

* Duplicate AWS doc fragments, remove version_added

* Restore FQCNames

* Fully qualify examples

* Add changelog for #23 hash_vault refresh

* Reduce examples below 160 chars

* Address review feedback

* Update changelogs/fragments/23-hashi-vault-lookup-refresh.yaml

Use review suggestion

Co-Authored-By: flowerysong <junk+github@flowerysong.com>

Co-authored-by: flowerysong <junk+github@flowerysong.com>
2020-04-28 11:27:37 +00:00
Eric Belhomme
695eed943b
add etcd3 lookup plugin (#127)
* add etcd3 lookup plugin

* retire version_added tag

Co-Authored-By: Felix Fontein <felix@fontein.de>

* typo fixes

Co-Authored-By: Felix Fontein <felix@fontein.de>

* fix YAML syntax in example

Co-Authored-By: Felix Fontein <felix@fontein.de>

* typo fixes

Co-Authored-By: Felix Fontein <felix@fontein.de>

* remove python shebang as it is useless in Ansible lookup module

Co-Authored-By: Felix Fontein <felix@fontein.de>

* Update plugins/lookup/etcd3.py typo

Co-Authored-By: Felix Fontein <felix@fontein.de>

* fixes:
- replaced LookupBase._display by ansible.utils.display.Display
- add regex to retrieve host and port from ETCDCTL_ENDPOINTS env
- add env support for user, password, timeout

* fixes:
- use short form for types
- update doc section with envs
- catch exceptions between etcd3 api calls

* etcd3 lookup pass ansible sanity checks
introduce ansible integration tests for etcd3 lookup

* extract etcd3 setup from existing etcd3 module integration test

* fix etcd3 module/lookup integration tests

* fixes:
- fix port option in docstring
- raise connecttion error
- fix display format issues
- fix ETCDCTL_ENDPOINTS regex
adds:
- basic unit tests

* fix sanity issues

* add etcd3 lookup plugin

* retire version_added tag

Co-Authored-By: Felix Fontein <felix@fontein.de>

* typo fixes

Co-Authored-By: Felix Fontein <felix@fontein.de>

* fix YAML syntax in example

Co-Authored-By: Felix Fontein <felix@fontein.de>

* typo fixes

Co-Authored-By: Felix Fontein <felix@fontein.de>

* remove python shebang as it is useless in Ansible lookup module

Co-Authored-By: Felix Fontein <felix@fontein.de>

* Update plugins/lookup/etcd3.py typo

Co-Authored-By: Felix Fontein <felix@fontein.de>

* fixes:
- replaced LookupBase._display by ansible.utils.display.Display
- add regex to retrieve host and port from ETCDCTL_ENDPOINTS env
- add env support for user, password, timeout

* fixes:
- use short form for types
- update doc section with envs
- catch exceptions between etcd3 api calls

* etcd3 lookup pass ansible sanity checks
introduce ansible integration tests for etcd3 lookup

* extract etcd3 setup from existing etcd3 module integration test

* fix etcd3 module/lookup integration tests

* fixes:
- fix port option in docstring
- raise connecttion error
- fix display format issues
- fix ETCDCTL_ENDPOINTS regex
adds:
- basic unit tests

* fix sanity issues

* changes:
- replace kwargs lookups with get_option()
- add 'entpoint' option for correct handling of ETCDCTL_ENDPOINTS env
- code simplification

* fix etcd3 lookup unit test:
replace LookupModule instanciation with lookup_loader

* fix sanity checks

* etcd3 changes:
- docstring documentation fixes/updates
- create etcd3 cnx object with a get_option() loop instead of copying 'private' class object
- set 'endpoints' option mutually exclusive with 'host' and 'port' (raises an AnsibleError exception)

* etcd3 changes:
- added ANSIBLE_METADATA,
- added default value for 'endpoints' option,
- removed defaults for options 'host' and 'port',
- fixed docstring links,
- added 'notes' and 'seealso' sections in doctring
- updated options code handling to reflect docstring's updates

* etcd3 changes:
- fix descriptions for endpoints, host, and port options
- update notes sections
- fix reference to etcd lookup plugin in seealso section
- fix return docstring
- remove useless logging
- obfuscates password in connection logging

* more pythonic lookup on dict keys

Co-Authored-By: Felix Fontein <felix@fontein.de>

* Update password obfuscation

Co-Authored-By: Felix Fontein <felix@fontein.de>

Co-authored-by: Felix Fontein <felix@fontein.de>
2020-04-25 10:58:06 +02:00
John R Barker
c313c825f4
[wip] Remove network content (#84)
* rebase

* remove broken symlinks

* more deletes

* restore cs_* integration tests

* More deletes - from Felix

* cs_common

* Remove some more ignores
2020-04-01 21:34:05 +02:00
Konstantin Gribov
f799aa8356
Fix example since lookup/query is not filter (#55)
See also ansible/ansible#68478
2020-03-26 13:24:06 +00:00
Felix Fontein
07ecfc940c
Fix imports, part 2 (#42)
* Recover missing netapp.ontap module doc fragments from ansible/ansible@pre-ansible-base.

* Fix PEP8 issues.

* Remove netbox empty files, and test which shouldn't be here.

* Add forgotten file for kubevirt tests.

* Fix unit test imports.

* ansible/ansible#68415 has been fixed.

* Clean up/rearrange imports.

* Update ignore.txt, fix boilerplate.

* Netapp docs fragment: fix spacing

* Forgot to adjust kubevirt tests.
2020-03-25 11:43:51 +00:00
Abhijeet Kasurde
5dbdf14908
passwordstore: Honor equal sign in userpass (#19)
passwordstore lookup plugin now can handle equal sign in user input

Fixes: ansible/ansible#68265

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-03-17 14:20:39 +00:00
Jesse Pretorius
5d47ab7096
Remove rabbitmq content (#13)
This content has been moved to:
https://github.com/ansible-collections/rabbitmq
2020-03-17 09:01:39 +00:00
Ansible Core Team
aebc1b03fd Initial commit 2020-03-09 09:11:07 +00:00