**SECURITY** - CVE-2021-20180
Hide user sensitive information which is marked as ``secured``
while logging in console.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 1d0c5e2ba4)
Co-authored-by: Abhijeet Kasurde <akasurde@redhat.com>
* Provide a user friendly message by handling json decode
exception rather than providing a stacktrace
Fixes: #1614
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit a9c64655de)
Co-authored-by: Abhijeet Kasurde <akasurde@redhat.com>
* fix reconfigure option
If `init_reconfigure` is true, the init fails because it is run as:
`terraform init -input=false - r e c o n f i g u r e`
* changelog fragment
* typo
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 9f4fd4c899)
Co-authored-by: christophemorio <49184206+christophemorio@users.noreply.github.com>
**SECURITY** - CVE-2021-20178
Hide user sensitive information like `privkey` and `authkey`
while logging in console.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 3560aeb12f)
Co-authored-by: Abhijeet Kasurde <akasurde@redhat.com>
* changed make parameter from --question to -q
* changelog fragment
* Update changelogs/fragments/1574-make-question.yaml
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Abhijeet Kasurde <akasurde@redhat.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 0bd4b3cbc9)
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* Fixed bug
- The module was searching back (and forward, in the ``after`` state) for lines that were not comments, assuming it would be a valid rule or an include.
* remove the line, make yamllint happy
* Update changelogs/fragments/1394-pamd-removing-comments.yaml
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 325a19d88a)
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* add support for all monit service types
* ignore case when performing check
* add changelog
* Escape special characters before matching
Co-authored-by: Felix Fontein <felix@fontein.de>
* escape each element individually
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit bed1dc479f)
Co-authored-by: Graham Herceg <g.a.herceg@gmail.com>
* Removed the bridge-slave from list of ip based connections since nmcli does not accept IP options for bridge-slave connections.
* Update changelogs/fragments/1517-bridge-slave-from-list-of-ip-based-connections.yml
Thanks for the tip.
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit fd741ed663)
Co-authored-by: momcilo78 <momcilo@majic.rs>
Online SAS is rebranded as Scaleway in 2015. Updated
inventory documentation for the same.
Fixes: #814
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 7b529c72b3)
Co-authored-by: Abhijeet Kasurde <akasurde@redhat.com>
* updated deprecated homebrew cask commands
* added methods for brew version deprecation check
* added comments and changelog fragment
* added unit test for version comparison
* switch to use disutils LooseVersion for version comparison
* updated changelog message and minor refactor for building brew command based on version
* added caching logic for retrieval of brew version and updated PR changelog yaml
* Update changelogs/fragments/1481-deprecated-brew-cask-command.yaml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/packaging/os/homebrew_cask.py
* Update plugins/modules/packaging/os/homebrew_cask.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/packaging/os/homebrew_cask.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* switch to use subprocess.check_output instead of subprocess.run
* replace subprocess with run_command
* removed unused subprocess import
* removed error handling logic to depend on check_rc=True instead
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit ed813176ce)
Co-authored-by: Jianhao Tan <jianhao@shopback.com>
* Some improvements to the module
- Fixed examples documentation ().
- Module no longer incorrectly reports change for information gathering operations ().
- Replaced custom parameter validation with ``required_if`` ().
- Added the traceback output to ``fail_json()`` calls deriving from exceptions ().
* added PR URL to changelof frag
* Update changelogs/fragments/jira_improvements.yaml
Co-authored-by: Felix Fontein <felix@fontein.de>
* mentioned issue required for transition in chnagelog
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 5016f402a5)
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* nios_member: fix nios api member_normalize error with python 3
Force a copy of the key to allow change during iteration.
* Update - add changelog fragment
* Update - add changelog fragment
* Update changelogs/fragments/1527-fix-nios-api-member-normalize.yaml
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit c63f3f9956)
Co-authored-by: neatherweb <35084494+neatherweb@users.noreply.github.com>
* Ensured ``changed`` returns ``False``.
- Added small improvement on the ``_load_scope()`` method.
* yamllint caught it
* Rephrased changelog fragment
(cherry picked from commit 1faf8ef08b)
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* Do not remove non-ASCII Unicode from multi-line string output.
* Added basic tests.
* Add Unicode test.
* Simplify tests, avoid later Jinja features.
* Refactor.
* Make use diy tests use callback test framework as well.
* Remove color codes.
* Work around stable-2.9 bug.
* Simplify again.
(cherry picked from commit 0a7ed3b019)
Co-authored-by: Felix Fontein <felix@fontein.de>
* Some adjustments/improvements
- Added doc details for parameters ``description`` and ``objectClass``
- Added type details to argument_spec of parameters ``description`` and ``objectClass``.
- Removed unused import
- Simplified logic of ``LdapEntry._load_attrs()``
- Replaced parameter validation test with ``required_if``.
* Added changelog frag
(cherry picked from commit 5ee5c004b4)
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* Raises error for non-existent repo path, requires Ansible 2.10.4 or higher.
* Changes from suggestions in the PR
* Suggestion from PR
* Update changelogs/fragments/630-git_config-handling-invalid-dir.yaml
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit e9dafb3467)
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* saltstack: fix put_file to preserve checksum
Use hashutil.base64_decodefile to ensure that the file checksum
is preserved, since file.write only supports text files.
Signed-off-by: Zac Medico <zmedico@gmail.com>
* Update changelogs/fragments/1472-saltstack-fix-put_file-to-preserve-checksum.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 47b940fc63)
Co-authored-by: Zac Medico <zmedico@gmail.com>
* Document it is a dictionary to reduce confusion.
* Add variable example
(cherry picked from commit 757427cadf)
Co-authored-by: Erinn Looney-Triggs <erinn@users.noreply.github.com>
* fix for https://github.com/ansible-collections/community.general/issues/1335
* added changelog fragment
* Update changelogs/fragments/nios_host_record-fix-aliases-removal.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* extend changelog to specify CNAMES
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 496be77a2b)
Co-authored-by: Pablo Escobar Lopez <pescobar001@gmail.com>
When user provides auth URL value which does not startswith
http or https protocol schema, provide a meaningful error message
stating so.
Fixes: #331
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit f37eb12580)
Co-authored-by: Abhijeet Kasurde <akasurde@redhat.com>
* xfconf: add return values and expand test coverage
* fix pep8
* fix pylint
* fix returns yaml docs
* Add changelog fragemnt
* revert docts for `returned`
* Update changelogs/fragments/1419-xfconf-return-values.yaml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/system/xfconf.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* update return values to raw for scalar/lists
* another doc tweak: None -> none
* Break newline for pep8
* Fix merge mistake
* Back to list of strings
* fix yaml syntax
* Fall back to old way, deprecate returns, add ingores for errors
* add a note about dprecating facts
* Add depracation messages and fix docstring error
* remove deprecation of return values.
* Update plugins/modules/system/xfconf.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* drop the deprecation message too
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 8e53b3df6f)
Co-authored-by: Matthew Campbell <calvinmc@gmail.com>
* Bugfix: Fix parsing array values in osx_defaults
Unquote values and unescape double quotes when reading array values from defaults.
* Fix fragments: fix_parsing_array_values_in_osx_defaults
Co-authored-by: Felix Fontein <felix@fontein.de>
* add test code for Bugfix: Fix parsing array values from osx_defaults
* handle spaces after the comma
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 1110e93c5d)
Co-authored-by: Kazufumi NOTO <noto.kazufumi@gmail.com>
* Fix#1435: mas : Fix "invalid literal" when no app
* Add changelog fragment
* Update changelogs/fragments/1436-mas-fix-no-app-installed.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit b80854ff50)
Co-authored-by: Jean-Pierre Matsumoto <jpmat296@gmail.com>
jmespath library does not undestand custom string types
such as AnsibleUnicode, and AnsibleUnsafeText.
So user need to use ``to_json | from_json`` filter while using
functions like ``starts_with`` and ``contains`` etc.
This hack will allow user to get rid of this filter.
Fixes: #320
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 5319437bc2)
Co-authored-by: Abhijeet Kasurde <akasurde@redhat.com>
* [icinga2_host.py] Actually return codes instead of data
Currently the module tries to return the `data`, which can result in a blank message instead of the code being shown.
```
"msg": "bad return code creating host: "
```
* add changelog fragment
* Update changelogs/fragments/335-icinga2_host-return-error-code.yaml
Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru>
* return code and data on fail
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: John R Barker <john@johnrbarker.com>
Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru>
Co-authored-by: Deric Crago <deric.crago@gmail.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 70ba401602)
Co-authored-by: Martin <spleefer90@gmail.com>
* Fixed validate-modules:mutually_exclusive-unknown for plugins/modules/packaging/os/redhat_subscription.py
* fixed validation-modules for plugins/modules/cloud/lxd/lxd_container.py
* fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_network_interface_address.py
* fixed validation-modules for plugins/modules/cloud/opennebula/one_host.py
* fixed validation-modules for plugins/modules/cloud/opennebula/one_image_info.py
* fixed validation-modules for plugins/modules/cloud/opennebula/one_image.py
* fixed validation-modules for plugins/modules/cloud/opennebula/one_service.py
* fixed validation-modules for plugins/modules/cloud/opennebula/one_vm.py
* fixed validation-modules for plugins/modules/net_tools/cloudflare_dns.py
* fixed validation-modules for plugins/modules/net_tools/ip_netns.py
* fixed validation-modules for plugins/modules/net_tools/ipinfoio_facts.py
* fixed validation-modules for plugins/modules/net_tools/netcup_dns.py
* fixed validation-modules for plugins/modules/remote_management/wakeonlan.py
* added types to plugins/modules/remote_management/stacki/stacki_host.py but still cannot remove ignore line
* added a couple of FIXME comments
* fixed validation-modules for plugins/modules/remote_management/manageiq/manageiq_provider.py
* fixed validation-modules for plugins/modules/notification/rocketchat.py
* fixed validation-modules for plugins/modules/monitoring/bigpanda.py
* fixed validation-modules for plugins/modules/identity/keycloak/keycloak_client.py
* fixed validation-modules for plugins/modules/identity/keycloak/keycloak_clienttemplate.py
* fixed validation-modules for plugins/modules/cloud/univention/udm_user.py
* fixed validation-modules for plugins/modules/cloud/univention/udm_group.py
* fixed validation-modules for plugins/modules/cloud/spotinst/spotinst_aws_elastigroup.py
* fixed validation-modules for plugins/modules/cloud/smartos/imgadm.py
* fixed validation-modules for plugins/modules/cloud/profitbricks/profitbricks_nic.py
* fixed validation-modules for plugins/modules/cloud/ovirt/ovirt_external_provider_facts.py
* Tidy up validate-modules ignores no-default-for-required-parameter + couple of other cases
* Added changelog frag
* fixed validation-modules for plugins/modules/cloud/centurylink/clc_alert_policy.py
* fixed validation-modules for plugins/modules/cloud/centurylink/clc_firewall_policy.py
* fixed validation-modules for plugins/modules/cloud/lxd/lxd_profile.py
* Typos and small fixes
* fixed validation-modules for plugins/modules/net_tools/ldap/ldap_passwd.py
* Typos and small fixes, part 2
* Fixes from PR comments
* Update plugins/modules/cloud/profitbricks/profitbricks_nic.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Rolled back the mutually-exclusive-unknown in redhat_subscription
* Update changelogs/fragments/1423-valmod_multiple_cases.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit ae0d3cb090)
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
Use of "environement" is required when mas is installed with
homebrew. I suppose most of people use homebrew.
(cherry picked from commit db61a899d5)
Co-authored-by: Jean-Pierre Matsumoto <jpmat296@gmail.com>
* Tidy up validate-modules ignores doc-required-mismatch
* Tidy up validate-modules ignores doc-required-mismatch - update on 2.11
* Fixed chengelog frag
* rolledback removal of parameter from cloud/smartos/vmadm.py
* removed changelog frag for the rollback
* Update plugins/modules/cloud/smartos/vmadm.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Revert "removed changelog frag for the rollback"
This reverts commit 56a02ead3b.
* suggestion from PR
* yet another PR suggestion
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit b69ea1dfd9)
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* fixed validation-modules for plugins/modules/cloud/lxc/lxc_container.py
* fixed validation-modules for plugins/modules/cloud/smartos/vmadm.py
* fixed validation-modules for plugins/modules/cloud/spotinst/spotinst_aws_elastigroup.py
* fixed validation-modules for plugins/modules/cloud/univention/udm_dns_record.py
* fixed validation-modules for plugins/modules/cloud/univention/udm_dns_zone.py
* fixed validation-modules for plugins/modules/cloud/lxc/lxc_container.py
* fixed validation-modules for plugins/modules/cloud/univention/udm_user.py
* fixed validation-modules for plugins/modules/clustering/etcd3.py
* fixed validation-modules for plugins/modules/clustering/znode.py
* fixed validation-modules for plugins/modules/remote_management/hpilo/hpilo_boot.py
* fixed validation-modules for plugins/modules/remote_management/ipmi/ipmi_boot.py
* fixed validation-modules for plugins/modules/remote_management/ipmi/ipmi_power.py
* fixed validation-modules for plugins/modules/remote_management/manageiq/manageiq_provider.py
* fixed validation-modules for plugins/modules/remote_management/stacki/stacki_host.py
* fixed validation-modules for plugins/modules/cloud/univention/udm_share.py
* Removed validate-modules:doc-choices-do-not-match-spec from ignore files
* fixed alias samba_inherit_permissions in udm_share.py
* Rolled back a couple of lines
* Removed duplicate key in docs
* Rolled back a couple of troublesome lines
* Removed no-longer necessary ignore lines
* Removed no-longer necessary ignore lines on 2.11 as well
* Removed no-longer necessary ignore lines on 2.9 this time
(cherry picked from commit cff8463882)
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* a new module pagerduty_user
* fixed issues related to sanity
* fixed issues related to sanity
* modified the module
* shippable
* typo
* shippable
* removed e
* shippable
* shippable
* shippable
* updated test files
* Update plugins/modules/monitoring/pagerduty_user.py
Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru>
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru>
(cherry picked from commit 63fbcdb4b1)
Co-authored-by: Zainab Alsaffar <za5775@rit.edu>
* fixed validation-modules for plugins/modules/cloud/spotinst/spotinst_aws_elastigroup.py
* fixed validation-modules for plugins/modules/cloud/univention/udm_share.py
* fixed validation-modules for plugins/modules/net_tools/nios/nios_host_record.py
* fixed validation-modules for plugins/modules/storage/zfs/zfs_facts.py
* fixed validation-modules for plugins/modules/storage/zfs/zpool_facts.py
* Tidy up validate-modules ignores nonexistent-parameter-documented
* Adjustments per the PR
* Removed no longer needed ignore line for udm_share.py
(cherry picked from commit 7f890c4645)
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* Add another shib module identifier to apache2 module (#1379)
* Update changelogs/fragments/1383-apache2-module-amend-shib-workaround.yaml
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 382be570ec)
Co-authored-by: peter <peter-@users.noreply.github.com>
* Fix typo in redhat_subscription testcase
* Fix macports state=present matching against the wrong package name
Previous implementation returned true if the desired package name occurred anywhere in
the list of all installed packages. For example as a substring of another package name,
or even as a substring of a variant name for a different package.
Instead:
- request macports only list installed packages matching the desired package name, instead of all installed packages.
- Note `port` exits with 0 regardless of whether any packages match the requested name.
- pass `-q` flag: "Do not print the header line. This is useful when parsing the output of port installed in scripts for further processing."
- eliminate `use_unsafe_shell=True` by searching stdout contents natively in python
instead of using `grep`. This has the added benefit of eliminating any potential
misinterpretation of characters in the package name as regex special characters.
If there are zero matching installed packages, `out` is empty.
If there are one or more matches (due to multiple installed versions), the output format
is: ec8a2bc682/src/port/port.tcl (L3320-L3323)
Notably, two leading spaces, the package name, a space, and then other information.
According to blame via github, those lines haven't changed in 11 years.
* Update macports state=active to eliminate use_unsafe_shell
Similar to previous commit (for macports state=present):
- pass `-q` flag: "Do not print the header line. This is useful when parsing the output of port installed in scripts for further processing."
- search stdout contents natively in python instead of using `grep`.
- added parentheses to search string to eliminate false positives if the package name
or variants contain the word `active`. Still could fail if they contain `(active)`, but
that's less likely
If there are zero matching installed packages, `out` is empty.
If there are one or more matches (due to multiple installed versions), the output format
is: ec8a2bc682/src/port/port.tcl (L3320-L3323)
For "state=active", we're looking for a line that contains `(active)` in the output.
* Basic test case of query_port for present and active
* Attempt to fix lint errors in test
* Different mock module creation, changed test cases indentation/spacing
- picked the wrong mock code to cargo-cult. Thanks to felixfontein for this suggestion
- 4 space indentation on continuation line. I thought I had that originally, but it looks like my editor sabotaged me with mixed tabs/spaces
- Remove leading newline on multi-line test cases. I don't think it would make a difference, but I'd read up on how the python syntax works and want to more accurately represent macports output.
fingers crossed this addresses the known build errors
* Add changelog fragment
* Update tests/unit/plugins/modules/packaging/os/test_macports.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update changelogs/fragments/1307-macports-fix-status-check.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit d669e2b60d)
Co-authored-by: Dan Jackson <dan@djackson.org>
* fixed validation-modules for plugins/modules/cloud/profitbricks/profitbricks_datacenter.py
* fixed validation-modules for plugins/modules/cloud/profitbricks/profitbricks_nic.py
* fixed validation-modules for plugins/modules/cloud/profitbricks/profitbricks.py
* fixed validation-modules for plugins/modules/cloud/profitbricks/profitbricks_volume_attachments.py
* fixed validation-modules for plugins/modules/cloud/profitbricks/profitbricks_volume.py
* Tidy up validate-modules ignores for cloud/profitbricks modules
* CI errors for 2.9
(cherry picked from commit a99d011867)
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>