* keycloak: fix creating a user federation w/ idempotent id
Creating a user federation while specifying an id (that doesn't exist
yet) will fail with a 404. This commits fix this behavior.
* keycloak: fix user federation mapper duplication
This commit fixes a bug where mappers are duplicated instead of
configured when creating a user federation.
When creating a user federation, some mappers are autogenerated by
keycloak. This commit lets the keycloak_user_federation module recompute
mappers final values after the user federation is created so that the
module can try to merge them by their name.
* add missing fragment for pr #4212
(cherry picked from commit c1485b885d)
Co-authored-by: Jules Lamur <jlamur@users.noreply.github.com>
* Add ArchLinux, Debian Bullseye and CentOS Stream 8 to CI.
* Add Alpine to CI matrix as well.
(cherry picked from commit a06903f33a)
Co-authored-by: Felix Fontein <felix@fontein.de>
* passwordstore: Add configurable locking
Passwordstore cannot be accessed safely in parallel, which causes
various issues:
- When accessing the same path, multiple different secrets are
returned when the secret didn't exist (missing=create).
- When accessing the same _or different_ paths, multiple pinentry
dialogs will be spawned by gpg-agent sequentially, having to enter
the password for the same gpg key multiple times in a row.
- Due to issues in gpg dependencies, accessing gpg-agent in parallel
is not reliable, causing plays to fail (this can be fixed by adding
`auto-expand-secmem` to _~/.gnupg/gpg-agent.conf_ though).
These problems have been described in various github issues in the past,
e.g., ansible/ansible#23816 and ansible/ansible#27277.
This cannot be worked around in playbooks by users in a non-error-prone
way.
It is addressed by adding new configuration options:
- lock:
- readwrite: Lock all operations
- write: Only lock write operations (default)
- none: Disable locking
- locktimeout: Time to wait for getting a lock (s/m/h suffix)
(defaults to 15m)
These options can also be set in ansible.cfg, e.g.:
[passwordstore_lookup]
lock=readwrite
locktimeout=30s
Also, add a note about modifying gpg-agent.conf.
* Tidy up locking config
There is no reason why lock configuration should be part of self.paramvals.
Now locking and its configuration happen all in one place.
* Change timeout description wording to the suggested value.
* Rearrange plugin setup, apply PR feedback
(cherry picked from commit 2416b81aa4)
Co-authored-by: grembo <freebsd@grem.de>
* pmem: Add namespace and namespace_append options
- namespace: Configure the namespace of PMem. PMem should be configured
by appdirect/memmode, or socket option in advance.
- namespace_append: Enables to append the new namespaces.
* Add changelog fragment entry
* Update the changelog fragment
* Update changelog fragment entry
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update to use human_to_bytes
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update to fix the description of namespace_append
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update to release v4.5.0
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update to fix the typo in the description of namespace_append
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 5841935e37)
Co-authored-by: mizumm <26898888+mizumm@users.noreply.github.com>
* yum_versionlock: Fix entry matching (#4183)
As an input the module receives names of packages to lock.
Those never matched existing entries and therefore always reported
changes.
For compatibility yum is symlinked to dnf on newer systems,
but versionlock entries defer. Try to parse both formats.
Signed-off-by: Florian Achleitner <flo@fopen.at>
(cherry picked from commit f5ec73735f)
* Empty commit to trigger CI.
Co-authored-by: fachleitner <flo@fopen.at>
Co-authored-by: Felix Fontein <felix@fontein.de>
* Rework of gitlab_project_variable over gitlab_group_variable
* Linting and removed unused example
* Fix test 2
* Sync from review of gitlab_project_variable #4038
* Linting, default protected True, value optional
* Next version is 4.5.0
* Roll back protected default true, and value not required
* Apply suggestions from code review
Missing check_mode
Co-authored-by: Markus Bergholz <git@osuv.de>
* Fix one unit test, comment test that requires premium gitlab
* Add changelog
* Update plugins/modules/source_control/gitlab/gitlab_group_variable.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update changelogs/fragments/4086-rework_of_gitlab_proyect_variable_over_gitlab_group_variable.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Added conditional gitlab_premium_tests variable when required
* Allow delete without value
* Fix variable name
* Linting
* Value should not be required in doc
* Linting missing new-line
* Update changelogs/fragments/4086-rework_of_gitlab_proyect_variable_over_gitlab_group_variable.yml
Co-authored-by: Markus Bergholz <git@osuv.de>
Co-authored-by: Markus Bergholz <git@osuv.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 44f9bf545d)
Co-authored-by: Sebastian Guarino <sebastian.guarino@gmail.com>
The passwordstore lookup plugin depends on parsing GnuPG's
error messages in English language. As a result, detection of
a specific error failes when users set a different locale.
This change corrects this by setting the `LANGUAGE` environment
variable to `C` when invoking `pass`, as this only affects
gettext translations.
See
https://www.gnu.org/software/gettext/manual/html_node/The-LANGUAGE-variable.html
(cherry picked from commit 77a0c139c9)
Co-authored-by: grembo <freebsd@grem.de>
Given a password stored in _path/to/secret_, requesting the password
_path/to_ will literally return `path/to`. This can lead to using
weak passwords by accident/mess up logic in code, based on the
state of the password store.
This is worked around by applying the same logic `pass` uses:
If a password was returned, check if there is a .gpg file it could
have come from. If not, treat it as missing.
Fixesansible-collections/community.general#4185
(cherry picked from commit da49c0968d)
Co-authored-by: grembo <freebsd@grem.de>
* Included efidisk0 option to be able to create VMs with persitent EFI disks
* Added forgotten argument to create_vm invocation and missing test for update
* Added changelog fragment relevant to PR
* Fixed documentation issues (missing period, and added version) from review
* Removed breaking change dependency for new option, modified changelog fragment according to review
* Fixed typo in documentation
* Added examples of `efidisk0` usage
* Added examples of `efidisk0` usage
* Fixed lines containing blank spaces
* Rebased on 4.4.0, added efi option, added sanity checks on efi option
* Adjusted version_added to 4.5.0
* Corrected typo in create_vm invocation, adjusted merging of efi and efidisk0 options
* Updated efidosk0 option to dict, added flattening to str, added constraint on bios option if efidisk0 is set
* Replaced loop by list comprehension for efidisk0 flattening
* Removed unused code left over from refactor from efi/efidis0 options
(cherry picked from commit 988cc82a89)
Co-authored-by: thuttinpasseron <87776406+thuttinpasseron@users.noreply.github.com>
* Add new module: pmem
This commit introduces to pmem module to configure Intel Optane
Persistent Memory modules (PMem).
* Add botmeta
* Update plugins/modules/storage/pmem/pmem.py
* Convert to snake_case options
* Update related to xmltodict
* Update to use list instead of string
* Update to use single quote to the string
* Update plugins/modules/storage/pmem/pmem.py
(cherry picked from commit 7f793c83f1)
Co-authored-by: mizumm <26898888+mizumm@users.noreply.github.com>
* Updated keycloak.py to allow defining connection timeout value (#4168) (#2)
* Added parameter to doc_fragments and edited the changelog message (#4168)
* Added parameter to doc_fragments and edited the changelog message (#4168)
(cherry picked from commit 2498591695)
Co-authored-by: Nikolas Laskaris <laskarisn@gmail.com>
* begin add private network
* scaleway_private_network , basic add and remove ok, work in progress
* scaleway_private_network : add search in next page
* scalewy_private_network add tags
* scaleway_private_network fix correct return value for register
* scaleway_privat_network change some text
* fix some sanity
* fix line too long
* fix line too long SCALEWAY_LOCATION
* some change for sanity
* fix sanity again
* add author in BOTMETA
* fix error in name in fike BOTMETA
* Update plugins/modules/cloud/scaleway/scaleway_private_network.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/cloud/scaleway/scaleway_private_network.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/cloud/scaleway/scaleway_private_network.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/cloud/scaleway/scaleway_private_network.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/cloud/scaleway/scaleway_private_network.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/cloud/scaleway/scaleway_private_network.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/cloud/scaleway/scaleway_private_network.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/cloud/scaleway/scaleway_private_network.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/cloud/scaleway/scaleway_private_network.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* add test for scaleway_private_network
* Update plugins/modules/cloud/scaleway/scaleway_private_network.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/cloud/scaleway/scaleway_private_network.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/cloud/scaleway/scaleway_private_network.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/cloud/scaleway/scaleway_private_network.py
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 54b29208a2)
Co-authored-by: pastral <52627592+pastral@users.noreply.github.com>
* opentelemetry: enrich services for jenkins, hetzner, jira, zypper, chocolatey
* remove source and name for the time being
Those arguments can be later on in the future added, maybe with some opt-in feature, so let's only focus in the ones which are fully http based for now
* changelog fragment
* Update changelogs/fragments/4105-opentelemetry_plugin-enrich_jira_hetzner_jenkins_services.yaml
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit aa554c2887)
Co-authored-by: Victor Martinez <victormartinezrubio@gmail.com>
* Updated storage format documentation to point to PVE docs to show possible values
* Fixed trailing space
(cherry picked from commit 14b8cd9c64)
Co-authored-by: thuttinpasseron <87776406+thuttinpasseron@users.noreply.github.com>
* dconf: Skip processes that disappeared while we inspected them
Fixes#4151
* Update changelogs/fragments/4151-dconf-catch-psutil-nosuchprocess.yaml
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 9567c99c9f)
Co-authored-by: Pavol Babinčák <scroolik@gmail.com>
* pacman: rewrite with a cache to speed up execution
- Use a cache (or inventory) to speed up lookups of:
- installed packages and groups
- available packages and groups
- upgradable packages
- Call pacman with the list of pkgs instead of one call per package (for
installations, upgrades and removals)
- Use pacman [--sync|--upgrade] --print-format [...] to gather list of
changes. Parsing that instead of the regular output of pacman, which
is error prone and can be changed by user configuration.
This can introduce a TOCTOU problem but unless something else calls
pacman between the invocations, it shouldn't be a concern.
- Given the above, "check mode" code is within the function that would
carry out the actual operation. This should make it harder for the
check code and the "real code" to diverge.
- Support for specifying alternate package name formats is a bit more
robust. pacman is used to extract the name of the package when the
specified package is a file or a URL.
The "<repo>/<pkgname>" format is also supported.
For "state: latest" with a list of ~35 pkgs, this module is about 5
times faster than the original.
* Let fail() actually work
* all unhappy paths now end up calling fail()
* Update copyright
* Argument changes
update_cache_extra_args handled as a list like the others
moved the module setup to its own function for easier testing
update and upgrade have no defaults (None) to let required_one_of() do
its job properly
* update_cache exit path
Shift successful exit without name or upgrade under "update_cache".
It is an error if name or upgrade isn't specified and update_cache wasn't specified
either. (Caught by ansiblemodule required_one_of but still)
* Add pkgs to output on success only
Also align both format, only pkg name for now
* Multiple fixes
Move VersionTuple to top level for import from tests
Add removed pkgs to the exit json when removing packages
fixup list of upgraded pkgs reported on upgrades (was tuple of list for
no reason)
use list idiom for upgrades, like the rest
drop unused expand_package_groups function
skip empty lines when building inventory
* pacman: add tests
* python 2.x compat + pep8
* python 2.x some more
* Fix failure when pacman emits warnings
Add tests covering that failure case
* typo
* Whitespace
black failed me...
* Adjust documentation to fit implicit defaults
* fix test failures on older pythons
* remove file not intended for commit
* Test exception str with e.match
* Build inventory after cache update + adjust tests
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/packaging/os/pacman.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* changelog
* bump copyright year and add my name to authors
* Update changelogs/fragments/3907-pacman-speedup.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* maintainer entry
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 1580f3c2b4)
Co-authored-by: Jean Raby <jean@raby.sh>
* Update Documentation with additional example
* Added an example to have the plugin return an IP address for a Proxmox guest, instead of the name of the guest (default behavior)
* Added an example to include a string literal to every guest (to support a playbook being able to check for variable presence to identify inventory in use)
* Update for line length readability
Co-authored-by: Felix Fontein <felix@fontein.de>
* Changed to cleaner static value
* Changed text for clarity
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit c09f529f02)
Co-authored-by: IronTooch <27360514+IronTooch@users.noreply.github.com>
* Update docs helper. Automate generation of 'Merging lists of dictionaries'.
* Updated helper/lists_mergeby/playbook.yml, list of examples and
templates. See playbook.yml on how to create *.out files, test
examples and generate the REST file
filter_guide_abstract_informations_merging_lists_of_dictionaries.rst
* Generated REST file copied to directory rst
* Simplified examples. The common lists are published only once. Only
the expressions are published instead of the whole tasks.
* To change the content of the section 'Merging lists of dictionaries'
update template
filter_guide_abstract_informations_merging_lists_of_dictionaries.rst.j2
and run the playbook.
* Deleted rst/examples/lists_mergeby. Not needed anymore.
* Update docs/docsite/helper/lists_mergeby/filter_guide_abstract_informations_merging_lists_of_dictionaries.rst.j2
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update docs/docsite/rst/filter_guide_abstract_informations_merging_lists_of_dictionaries.rst
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 15f7e25b3c)
Co-authored-by: Vladimir Botka <vbotka@gmail.com>
* value is not required when state is absent
* fix integration test. missing value
* fix condition
* add changelog fragment
* fail fast
* try required_if on suboptions
* revert
* Update plugins/modules/source_control/gitlab/gitlab_project_variable.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* fix naming in doc
* typo in name
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 69551ac325)
Co-authored-by: Markus Bergholz <git@osuv.de>
* homebrew_cask: reinstall when force is install option
* add changelog entry
* Fix OSX CI runs - run as non-root
* test with cask that has no macos dependencies
* use `brooklyn` cask to test
(cherry picked from commit 8b95c56030)
Co-authored-by: Joseph Torcasso <87090265+jatorcasso@users.noreply.github.com>
* Fully use Ansible's option handling. Deprecate not specifying sender.
* Update plugins/callback/mail.py
Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru>
Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru>
(cherry picked from commit e09254df91)
Co-authored-by: Felix Fontein <felix@fontein.de>
* Added new feature for ansible_user and ansible_port
* Replaced 'try' and 'except' with 'if' condition
* Replace '!=' with 'is not'
* Fixed if condition
* Implement the constructed interface
* Correction at the suggestion of felixfontein
* Added new options in unit test for icinga2 inventory
* Added blank lines in unit test for icinga2 inventory
* Added default filter in example
Co-authored-by: Felix Fontein <felix@fontein.de>
* Fixed variable name in example
Co-authored-by: Felix Fontein <felix@fontein.de>
* Added a changelog fragment
* Fixed changelog fragment
Co-authored-by: Felix Fontein <felix@fontein.de>
* Updated documentation options
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 969ad475e3)
Co-authored-by: Nedelin Petkov <mlg@abv.bg>
* Fix local port regex
Thsi PR fix the bug reported in #4091
* Update changelogs/fragments/4092-fix_local_ports_regex_listen_ports_facts.yaml
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 6a7811f696)
Co-authored-by: gaetan-craft <97035736+gaetan-craft@users.noreply.github.com>
When using project it will use project level runner to create runner that based on python-gitlab it will be used for enabling runner and needs a runner_id so for creating a new runner it should use gitlab level runner
Signed-off-by: Seena Fallah <seenafallah@gmail.com>
(cherry picked from commit 929136808f)
Co-authored-by: Seena Fallah <seenafallah@gmail.com>
* [inventory/cobbler] Add exclude/include_profile option
Also some minor cleanup
* Review suggestions
* Still must init cache_key
* Add note to exclude_profiles about include_profiles
* Add changelog fragment
(cherry picked from commit 0dd886bac8)
Co-authored-by: Orion Poplawski <orion@nwra.com>
* Update docs. Split fiter_guide.rst to files per sections.
* Fix docs.
* Update docs. Split filter_guide_abstract_informations.rst to files per sections.
* Create section 'Merging lists of dictionaries' from the template in helper/lists_mergeby.
* Fixed indentation. Comments and notes added.
* Revert "Fixed indentation. Comments and notes added."
This reverts commit 0f38450868.
* Revert "Create section 'Merging lists of dictionaries' from the template in helper/lists_mergeby."
This reverts commit 5b9d01ec2d.
(cherry picked from commit 9c146787f5)
Co-authored-by: Vladimir Botka <vbotka@gmail.com>
* linode: Allow templating token for dynamic inventory
Template the value for the access_token if it's a Jinja template.
Allows for looking up tokens from files or pulling from secrets stores like Vault.
* add Linode changelog fragment
* Fix lookup example for newer versions of Ansible
Co-authored-by: Felix Fontein <felix@fontein.de>
* Rename test case for clarity
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit f77a1114fb)
Co-authored-by: Will Hegedus <will@wbhegedus.me>
* PyOpenSSL 22.0.0 no longer supports Python 2.7.
* Try to make pip on CentOS 6 happy.
(cherry picked from commit 84124224ae)
Co-authored-by: Felix Fontein <felix@fontein.de>