keycloak: Add option to create authentication sub-flow of type 'form flow' (#6318)
* keycloak: Improve API error message
* keycloak: Fix API error message
They key 'provider' is undefined.
* keycloak: Allow the creation of 'form-flow' authentication sub flows
To create something like keycloak's built-in registration flow,
we need to create a subflow with the type 'form-flow'.
* Add changelog fragment 6318
* Update changelogs/fragments/6318-add-form-flow.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_authentication.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_authentication.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* keycloak_authentication: Don't compare subFlowType
It is only useful for creation.
* Update changelogs/fragments/6318-add-form-flow.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 114eb67f58)
Co-authored-by: fachleitner <flo@fopen.at>
Add a module to set the keycloak client scope type (#6322)
The module keycloak_clientscope_type allows to set the client scope
types (optional/default) either on realm or client level.
(cherry picked from commit 1f2c7b1731)
Co-authored-by: Simon Pahl <simpahl@gmail.com>
Redfish iDRAC: Allow for specifying an exact manager with 'resource_id' for CreateBiosConfigJob (#6370)
Allow for specifying an exact manager with 'resource_id' for CreateBiosConfigJob
Signed-off-by: Mike Raineri <michael.raineri@dell.com>
(cherry picked from commit 484f642c23)
Co-authored-by: Mike Raineri <michael.raineri@dell.com>
pipx: fix state=latest w/ install_deps=true (#6303)
* pipx and pipx_info: Document that modules require pipx 0.16.2.1 or above
Since their introduction, these modules rely on 'pipx list --json' to
return machine-readable output about installed pipx applications. That
functionality was introduced in 0.16.2, along with a critical bug fix
(invalid json) in 0.16.2.1.
* pipx: fix state=latest with install_deps=true
"pipx upgrade" stopped supporting the "--include-deps" option
("install_deps" in the ansible module) in pipx 0.15
(https://pypa.github.io/pipx/changelog/#01500).
The lack of support causes the pipx module to fail if attempting to use
state=latest with install_deps, since the parameter is passed to both
pipx install (fine) and pipx upgrade (fails).
* Add changelog fragment
(cherry picked from commit 996fc8c18e)
Co-authored-by: Paul Aurich <paul@darkrain42.org>
New modules btrfs_subvolume / btrfs_info (#5832)
* Initial implementation for new modules btrfs_subvolume and btrfs_info
* Improve/flesh out documentation. Add ability to target filesystem by uuid, label or device. Update tests to test targeting filesystem by each supported parameter and when only mountpoint.
* Updates for btrfs modules. Add missing copyright notices. Switch options to contains in return documentation. Update btrfs_subvolume to always use closest parent mount.
* Add maintainers for btrfs module(s) and remove unused class member cause lint failure.
* Add changelog fragment. Attempt to only run against the VMs as part of CI.
* Updates per code review. Remove changelog fragment. Switch use of map to list comprehension. Add trailing comma to last item in multi-line dicts. Clean up documentation with complete senstences for descriptions and correct/consistent use of macros.
* Improved error handling in btrfs_subvolume module: add custom exception type, favor exceptions over immediate call to fail_json and add single top level return for failure scenarios. Normalize name and snapshot_source parameters early in module execution and remove unecessary duplicate normalization throughout processing.
* Add azp/posix/3 to aliases per feedback
* Clean up automatic mounting. Prevent automount when check_mode=True. Immediately fail if a mount is identified as required and automount=True. Identify the minimal subset of subvolumes that need to be mounted instead of just finding a single common root.
* Skip btrfs_subvolume integration tests if btrfs-progs isn't successfully installed.
* Bump version_added for btrfs modules to 6.6.0. Ensure consistent trailing punctuation for module descriptions and document check_mode behavior as attribute description rather than a module level note.
* Remove unused imports from btrfs_subvolume module.
* Fix import.
* Docs improvements.
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit ae5090d90e)
Co-authored-by: Gregory Furlong <50386272+gnfzdz@users.noreply.github.com>
icinga2_host: make use of templates and template vars (#6286)
* icinga2_host: make use of templates, append vars instead of replacing all vars array.
* Initialize `template` variable. Add changelog fragment.
* Update changelogs/fragments/6286-icinga2_host-template-and-template-vars.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 76dd465e08)
Co-authored-by: yoannlr <32494673+yoannlr@users.noreply.github.com>
redhat_subscription: document the security of the registration (#6366)
(cherry picked from commit 1aa94a5a1d)
Co-authored-by: Pino Toscano <ptoscano@redhat.com>
Redfish iDRAC: Added job_id to response for CreateBiosConfigJob (#6367)
* Redfish iDRAC: Added job_id to response for CreateBiosConfigJob
Signed-off-by: Mike Raineri <michael.raineri@dell.com>
* YAML fix to changelog fragment
Signed-off-by: Mike Raineri <michael.raineri@dell.com>
---------
Signed-off-by: Mike Raineri <michael.raineri@dell.com>
(cherry picked from commit 087c5a53d5)
Co-authored-by: Mike Raineri <michael.raineri@dell.com>
dig: Support multiple domains in a single lookup (#6334)
* dig: Support multiple domains in a single lookup (#6334)
The docs for this plugin indicated that multiple domains could be
specified at once, but the code did not support multiple domains.
* Address review feedback.
(cherry picked from commit 64e797d077)
Co-authored-by: Kevin P. Fleming <kpfleming@users.noreply.github.com>
one_vm: fix syntax error when creating VMs with a more complex template (#6294)
* one_vm: fix syntax error when creating VMs with a more complex template
with more complex templates that make use of quoted strings the new
"render" method fails to produce a template that is accepted by
OpenNebula. ==> escape double quotes in strings to make OpenNebula
happy again.
I also tested whether newlines need to be escaped, looks like they are
fine as they are.
Fixes#6225
* module_utils/opennebula: skip empty values in render
(cherry picked from commit cb3ca05bd1)
Co-authored-by: Georg Gadinger <nilsding@nilsding.org>
nmcli: Add macvlan connection type support (#6312)
* add nmcli macvlan type
* changelog
* improve docs
* macvlan params
* fix linter and improve module params
* improve_docs
* raise error if type macvlan and macvlan options not set
(cherry picked from commit 29a7d24d75)
Co-authored-by: Sergey Putko <mail@psvlan.com>
redhat_subscription: use CLI when using environments (#6319)
It turns out that the 'environments' that the D-Bus Register*() APIs
accept are the IDs of the environments, and not the user-facing names of
the environments (which is what the module has been accepting so far).
Since there is no easy way to do the mapping manually, for now use again
the subscription-manager CLI for registering when environments are
specified.
(cherry picked from commit 83994c0a2d)
Co-authored-by: Pino Toscano <ptoscano@redhat.com>
terraform: remote state file exists check issue (#6296)
* remote state file exists check
In the official CLI implementation of Terraform, if the state file does not exist, a new one will be created, and there is no need to check that the state file already exists and with an error if file not exists.
```bash
# Test command
terraform apply -state test.tfstate. # if state file not exists ,terraform will create a new one
terraform destroy -state test1.tfstate ### Terraform will not throw any error, the command will succeed execute, only report no resource has destroy
```
* Update terraform.py
add 1 blank line to function end
* Create 6296-LanceNero-Terraform_statefile_check
remove file exists check (https://github.com/ansible-collections/community.general/pull/6296)
* resolve if case issue
* Add blank line
* Update 6296-LanceNero-Terraform_statefile_check
* Update changelogs/fragments/6296-LanceNero-Terraform_statefile_check
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* update code style
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* Update suffix to correct CI issue
* Update Code Style
* Update bug-fix to feature release
---------
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
(cherry picked from commit bf780ea738)
Co-authored-by: LanceNero <Lance.nero@gmail.com>
dconf: three minor but useful fixes (#6206)
* dconf: Correctly handle setting a key that has no value in DB
We need to check if the value in the database is None before we try to
parse it, because the GVariant parser won't accept None as an input
value. By definition if the value is None, i.e., there's no value in
the database, than any value the user is trying to set is a change, so
just indicate that it's a change without trying to compare the None to
whatever the user specified as the value.x
* dconf: Give a more useful error when writing a key fails
if writing a key fails, then include in the error that is returned the
exact key and value aguments that were given to the dconf command, to
assist in diagnosing failures caused by providing the key or value in
the wrong format.x
* dconf: Convert boolean values into the format that dconf expects
Even though we warn users to be careful to specify GVariant strings
for values, a common error is to be trying to specify a boolean string
which ends up getting converted into a boolean by the YAML parser or
Ansible. Then it gets converted to "True" or "False", the string
representations of Python booleans, which are not valid GVariants.
Rather than just failing with an obscure error when this happens,
let's be more user-friendly and detect when the user has specified a
boolean and convert it into the correct GVariant forms, "true" or
"false", so it just works. There's no good reason to be more pedantic
than that.
(cherry picked from commit a5765143f1)
Co-authored-by: Jonathan Kamens <jik@kamens.us>
archive: Generate crc32 over 16MiB chunks (#6274)
* archive: Generate crc32 over 16MiB chunks
Running crc32 over the whole content of the compressed file potentially
requires a lot of RAM. The crc32 function in zlib allows for calculating
the checksum in chunks. This changes the code to calculate the checksum
over 16 MiB chunks instead. 16 MiB is the value also used by
shutil.copyfileobj().
* Update changelogs/fragments/6199-archive-generate-checksum-in-chunks.yml
Change the type of change to bugfix
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update changelogs/fragments/6199-archive-generate-checksum-in-chunks.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 14b19afc9a)
Co-authored-by: Nils Meyer <nils@nm.cx>
homebrew: respect greedy flag for cask upgrade_all (#6267)
* homebrew: respect greedy flag for cask upgrade_all
* homebrew: implement feedback from code review
(cherry picked from commit 6c5c05dfdc)
Co-authored-by: Claude Becker <becker@phys.ethz.ch>
pipx: Add support for system_site_packages (#6308)
* pipx: Add support for system_site_packages
* Add changelog fragment
(cherry picked from commit f93a1bf5ec)
Co-authored-by: Paul Aurich <paul@darkrain42.org>
Add support to topics on Gitlab Project module (#6278)
* add topics to gitlab_project.py
* add chngelog fragment
* fix lint error
* Update changelogs/fragments/6277-add-topics-gitlab-project.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit cee5f31b70)
Co-authored-by: Lorenzo Tanganelli <35271287+tanganellilore@users.noreply.github.com>
redhat_subscription: fix D-Bus option for environments on CentOS (#6275)
Factorize the current logic to determine whether use 'environments' as
D-Bus registration option (rather than 'environment') in an own
function, so it is easier to read it and maintain it.
With the small helper function in place, extend the logic to support
CentOS: it is in practice the same as the RHEL one, with an additional
check to support CentOS Stream 8 (which is a rolling release, and not
versioned).
(cherry picked from commit c280b793de)
Co-authored-by: Pino Toscano <ptoscano@redhat.com>
redhat_subscription: manually unregister only when registered (#6259)
When registering using D-Bus and using a version of subscription-manager
with an unimplemented 'force' option, then unregister manually the
system only if it is registered. 'subscription-manager unregister'
errors out when trying to unregister an already unregistered system.
(cherry picked from commit c9e11e5c0c)
Co-authored-by: Pino Toscano <ptoscano@redhat.com>
pipx: document parameters supported with state=latest, and fix include_injected parameter (#6212)
* pipx: Document parameters supported with state=latest
* pipx: Support "include_injected" with states "upgrade" and "latest"
- Contrary to documentation, "include_injected" doesn't appear to have
worked with state=upgrade since it was introduced.
- Add support for include_injected with "latest", since "latest" is
specified as being install+upgrade.
* Add changelog fragment
* Update plugins/modules/pipx.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update changelog fragment
Co-authored-by: Felix Fontein <felix@fontein.de>
* pipx: Update to correct target release of community.general
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 33093e9f3e)
Co-authored-by: Paul Aurich <paul@darkrain42.org>
Add module to manipulate KDE config files using kwriteconfig (#6182)
* Add module to manipulate KDE config files using kwriteconfig
* Fix license issues
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
* Add smeso as kdeconfig.py maintainer
* Fix attributes fragment name
* Fix test
* Do not use shutil.chown
It isn't available on old Python versions
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 997761878c)
Co-authored-by: Salvatore Mesoraca <s.mesoraca16@gmail.com>
Fixed XenOrchestra inventory plugin failing due to not checking response ID. (#6227)
* Added call method to select proper response from xo server
* Added changelog fragment
* Removed excess blank lines
* Moved period in changelog fragment
* Made suggested changes
* Remove f-strings for Python 2.7 compatibility
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Linus Kirkwood <lkirkwood@allette.com.au>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit cd706454ec)
Co-authored-by: lirkwood <linuskirkwood@gmail.com>
nmcli: add runner_fast_rate option (#6148)
* add runner_fast_rate option
* unset default value for runner_fast_rate parameter
* add some commas
* Remove default in copy of argspec.
Co-authored-by: Sam Potekhin <eax24@ya.ru>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Sam Potekhin <eax24@ya.ru>
(cherry picked from commit d4f272ba52)
Co-authored-by: Alex Groshev <38885591+haddystuff@users.noreply.github.com>
nmcli: fixed idempotency issue with 'may_fail4' when 'method' is 'disabled' (#6106)
* nmcli: fixed idempotency issue with 'may_fail4' when 'method' is 'disabled'
* added note to documentation
* updated changelog fragment
* Update changelog fragment.
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 5ee687049f)
Co-authored-by: Sam Potekhin <heaveaxy@gmail.com>
pipx: Allow injected modules to add apps (#6198)
* pipx: Allow injected modules to add apps
Add support for pipx inject's "--include-apps" parameter.
* add changelog fragment
* fix pipx test ("install_apps", not "include_apps")
* fix pipx test -- add a second invocation for install_apps
* Update changelogs/fragments/6198-pipx-inject-install-apps.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/pipx.py
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 6fa833feed)
Co-authored-by: Paul Aurich <paul@darkrain42.org>
added hpe thermal config and fan percent min (#6208)
* added hpe thermal config and fan percent min
* typo fixed
* Create 6208-hpe-thermal-fan-percent.yaml
* fixed changelog fragment
* Update 6208-hpe-thermal-fan-percent.yaml
(cherry picked from commit 33ccabed13)
Co-authored-by: ky13 <k.william.ritchie@gmail.com>
Add archive param for proxmox_kvm module (#6159)
We simply add a param to allow proxmox administrator to restore VM from
an archives. This new option will be useful to automate automatic
creation and restore of VM.
Co-authored-by: Julian Vanden Broeck <julian.vandenbroeck@dalibo.com>
(cherry picked from commit 7059789f35)
Co-authored-by: Julian <374571+l00ptr@users.noreply.github.com>
Add Gitlab group runners support (#3935)
(cherry picked from commit f3be0076af)
Co-authored-by: Léo GATELLIER <26511053+lgatellier@users.noreply.github.com>
apt_rpm: add clean, dist_upgrade and update_kernel (#5867)
* clean performs apt-get clean.
* dist_upgrade performs apt-get dist-upgrade.
* update_kernel performs update-kernel to upgrade kernel packages.
* update_cache, clean, dist_upgrade and update_kernel can be used with and without specified packages.
(cherry picked from commit b1d94385ae)
Co-authored-by: Andrey Cherepanov <sibskull@gmail.com>
redhat_subscription: require credentials only when needed (#5664)
The module currently has a static 'required_if' statement for its
parameters that forces any of 'username' or 'activationkey' or 'token'
in case state=present; while this is generally a good idea, it can be
an extra requirements in some cases. In particular, if the system is
already registered, there is no need for credentials -- some of the
operations of the module, such as manipulating pools, can be done
perfectly without credentials.
Hence:
- change the static 'required_if' to require credentials only when
forcing the registration
- check for credentials manually when a registration is needed, i.e.
on an unregistered system; the fail message is the same as the one
shown by 'required_if'
Adapt the tests to this new situation:
- test_without_required_parameters now needs to mock an unregistered
system
- add a new version of test_without_required_parameters to test an
already registered system
- add a simple test case for only state=present usable on an already
registered system
- remove the credentials from a test case for pool attachment that
mocks an already registered system
(cherry picked from commit bbd68e26a2)
Co-authored-by: Pino Toscano <ptoscano@redhat.com>
rhsm modules: cleanly fail when not run as root (#6211)
subscription-manager on RHEL installs a symlink in /usr/bin to
console-helper (part of usermode), which triggers an interactive prompt
for root credentials when run as user. It seems that console-helper
does not handle well non-interactive contexts (e.g. without a TTY for
input), and thus it will hang waiting for input when run as user in an
Ansible task.
Since subscription-manager requires root already anyway (and it will
fail when explicitly run as user), then apply the same logic locally on
all the modules that interact with it: redhat_subscription,
rhsm_release, and rhsm_repository.
(cherry picked from commit 9f67cbbe36)
Co-authored-by: Pino Toscano <ptoscano@redhat.com>