Onepassword lookup add service accounts (#6660)
* add service account token and bypass required fields when service account token is set
* add token to base class
* add Info
* add service_account_token
* add service_account_token
* add documentation
* add service_account_token
* fix E111: indentation is not a multiple of 4
* fix lint problems
* Update plugins/lookup/onepassword_raw.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/onepassword_info.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/lookup/onepassword.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* add changelog fragment
* change type service_account_token to align to domain option
* add fragment value
* Update changelogs/fragments/6660-onepassword-lookup-service-account.yaml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/lookup/onepassword.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* remove service_account_token from onepassword_info.py
* adjust V1 to raise error if service_account_token is set
* adjust V1 to raise error if service_account_token is set
* adjust V1 to raise error if service_account_token is set
* adjust if assert_logged_in
* Update plugins/lookup/onepassword.py
Co-authored-by: Sam Doran <github@samdoran.com>
* Update plugins/lookup/onepassword.py
Co-authored-by: Sam Doran <github@samdoran.com>
* remove double return
* remove new line
* remove new line
* remove new line
* remove spaces
* remove new line
* remove spaces
* Update plugins/lookup/onepassword_raw.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* add _check_required_params
* Update plugins/lookup/onepassword.py
Co-authored-by: Sam Doran <github@samdoran.com>
* Update plugins/lookup/onepassword.py
Co-authored-by: Sam Doran <github@samdoran.com>
* remove _check_required_params
* remove spaces
* Update plugins/lookup/onepassword.py
Co-authored-by: Sam Doran <github@samdoran.com>
* remove code
---------
Co-authored-by: Jan Sagurna <jan.sagurna@sag-solutions.com>
Co-authored-by: Jan Sagurna <58932831+jansagurna@users.noreply.github.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Sam Doran <github@samdoran.com>
(cherry picked from commit 473e557c2f)
Co-authored-by: Dominik Haßelkuss <Domi-cc@users.noreply.github.com>
Use semantic markup (modules r-s) (#6683)
* Use semantic markup.
* Use 'ignore:' for alias reference.
* Ignore sanity errors for older ansible-core versions.
* Improve markup for RHSM modules.
Co-authored-by: Pino Toscano <ptoscano@redhat.com>
* 'ignore:' is no longer needed.
* E() now works better.
---------
Co-authored-by: Pino Toscano <ptoscano@redhat.com>
(cherry picked from commit eff0cb0ed9)
Co-authored-by: Felix Fontein <felix@fontein.de>
Use semantic markup (modules o-p) (#6681)
* Use semantic markup.
* Use real option, not alias.
* E() now works better.
(cherry picked from commit 45eb1e3915)
Co-authored-by: Felix Fontein <felix@fontein.de>
Use semantic markup (modules k-l) (#6678)
* Use semantic markup.
* Use option instead of alias.
(cherry picked from commit c694abbdf9)
Co-authored-by: Felix Fontein <felix@fontein.de>
Use semantic markup (modules h-j) (#6677)
* Use semantic markup.
* Use 'ignore:' until a new version of antsibull-docs is released.
* 'ignore:' is no longer needed.
* E() now works better.
(cherry picked from commit 3e0d84bdda)
Co-authored-by: Felix Fontein <felix@fontein.de>
Use semantic markup (modules d-g) (#6672)
* Use semantic markup.
* 'ignore:' is no longer needed.
* E() now works better.
(cherry picked from commit 2ed82e0318)
Co-authored-by: Felix Fontein <felix@fontein.de>
Use semantic markup (modules a-c) (#6671)
* Use semantic markup.
* E() now works better.
(cherry picked from commit 6fc1df9b83)
Co-authored-by: Felix Fontein <felix@fontein.de>
Semantic markup: use E() in more places (#6699)
Use semantic markup.
(cherry picked from commit 7ae8cc9902)
Co-authored-by: Felix Fontein <felix@fontein.de>
ldap: Add client certificate support (#6668)
* Set up secure ldap server
* ldap: Added client cert options
Shamelessly copied from https://github.com/andrewshulgin/ldap_search
* Added tests for ldap client authentication
* Add changelog fragment
* Make sure the openssl commands work on older versions of openssl
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
* Remove aliases for new arguments
* Add required_together to ldap module declerations
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit f3ecf4c7f8)
Co-authored-by: Gnonthgol <gnonthgol+github@gmail.com>
plugins/modules/ldap_search: Add support for multipage searches (#6648)
* Add more integration tests for ldap_search
* Add new page_size option to ldap_search
* Add changelog fragment
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
* Simplify if statement to reduce negatives
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 8801463575)
Co-authored-by: Gnonthgol <gnonthgol+github@gmail.com>
Inspq keycloak role composites (#6469)
* Add composites to keycloak_role module
* Add composites support for realm role in keycloak module_utils
* Clean f.write from keycloak_role module
* keycloak_role support state for realm role composites
* Add support for composites in client role for keycloak_role module
* Add changelog fragment for keycloak role composites PR
* Fix pep8 and validate-modules tests errors
* Update changelogs/fragments/6469-add-composites-support-for-keycloak-role.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_role.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_role.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_role.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_role.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_role.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_role.py
I will try it
Co-authored-by: Felix Fontein <felix@fontein.de>
* Fix test_keycloak_role assertion
* Fix role composite compare before update in keycloak_role module
* Fix realm problem with update_role_composites in keycloak.py module_utils
* Add units tests for composites and client roles in keycloak_role module
* Update plugins/module_utils/identity/keycloak/keycloak.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/module_utils/identity/keycloak/keycloak.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Change try in is_struct_included and add unit tests for keycloak.py module_utils
* Add integration tests for composites roles and fix bug with non master roles in keycloak_role module
* Update plugins/modules/keycloak_role.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_role.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_role.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/module_utils/identity/keycloak/keycloak.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/module_utils/identity/keycloak/keycloak.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* is_struct_included refactor
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 9395df1c6f)
Co-authored-by: Philippe Gauthier <philippe.gauthier@inspq.qc.ca>
Fix composites comparison for role in is_struct_included keycloak.py … (#6688)
* Fix composites comparison for role in is_struct_included keycloak.py function
* Add changelog fragment and unit tests
* Update changelogs/fragments/6688-is-struct-included-bug-in-keycloak-py.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 032996e005)
Co-authored-by: Philippe Gauthier <philippe.gauthier@inspq.qc.ca>
Proxmox inventory plugin: support composite variables (#6641)
* Added composite var support for proxmox inventory plugin
* Composite variables support for Proxmox nodes in dynamic inventory plugin
Fixes#6640
* Composite variables support for Proxmox nodes in dynamic inventory plugin
Fixes#6640
* Added composite var support for proxmox inventory plugin
* Added composite var support for proxmox inventory plugin
* Update changelogs/fragments/6640-proxmox-composite-variables-support.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 1f6d404deb)
Co-authored-by: Paul Levytskyi <25350788+levytskyip@users.noreply.github.com>
rhsm_repository: deprecate "state=present" and "state=absent" (#6673)
"state=present" is broken, and acts like "disabled"; also, the
subscription repositories cannot be really "added" or "removed", which
is what "present" and "absent" would imply, but only enabled or
disabled. Hence, deprecate both these states, slating them for removal
in community.general 10.0.0.
(cherry picked from commit 2dbe529a90)
Co-authored-by: Pino Toscano <ptoscano@redhat.com>
rhsm_release: improve the execution of subscription-manager (#6669)
- pass the arguments to run_command() directly as list, rather than
joining the arguments to string, which run_command() will need to
split again
- disable the expansions of variables, as there are none
Adapt the unit test to the different way run_command() is called,
factorizing the kwargs for run_command() so there is less repetition.
There should be no behaviour changes.
(cherry picked from commit 74ffb29573)
Co-authored-by: Pino Toscano <ptoscano@redhat.com>
redhat_subscription: refactor of internal Rhsm class (#6658)
The two RegistrationBase & Rhsm classes were copied from the ones in the
shared module_utils.redhat module; that said:
- the versions here got improvements over the years
- the RegistrationBase in module_utils.redhat is used only by the RHN
modules, which are deprecated and slated for removal
Hence, the classes here can be kept and simplified a bit:
- fold the non-dummy content of RegistrationBase into Rhsm: there is no
more need for the separate RegistrationBase base class
- drop the init arguments "username", "password", and "token": the
instance variables of them are not used anywhere, as the needed
credentials (together with other variables) are passed to the
register() method
- create the Rhsm object later in main(), after the AnsibleModule
creation and the uid check: this avoids the creation of Rhsm with a
null module variable, changing it later
There should be no behaviour change.
(cherry picked from commit 42f7531f21)
Co-authored-by: Pino Toscano <ptoscano@redhat.com>
Deprecate module_utils.redhat (#6663)
This module contains bits that are either unused (the Rhsm* classes), or
used only by deprecated modules (the RegistrationBase class).
Considering that the bits here have not seen updates in years, it is
unlikely that anyone is actually using them as "library".
Hence, deprecate the whole module altogether:
- the Rhsm* classes, as not used by anything, are slated for removal in
9.0.0
- the RegistrationBase class is slated for removal in 10.0.0, together
with its only user (i.e. the rhn_register module)
(cherry picked from commit 78c42def04)
Co-authored-by: Pino Toscano <ptoscano@redhat.com>
Start using semantic markup (#6627)
* Start using semantic markup.
* Forgot some places.
* Fix typo.
* Use 'ignore:' prefix until https://github.com/ansible-community/antsibull-docs/pull/155 is out.
* Break too long line.
(cherry picked from commit 011b2f8bdc)
Co-authored-by: Felix Fontein <felix@fontein.de>
Fetch secret id's which are in folder by folder id (#6652)
Added function to fetch secret id's by folder id
(cherry picked from commit eddd1ba4f2)
Co-authored-by: delinea-sagar <131447653+delinea-sagar@users.noreply.github.com>
redhat_subscription: deprecate "pool" (#6650)
The "pool" option is slower to use, and the regexp may expand to broader
results than wanted. Because of that, deprecate it in favour of the
"pool_ids" options (which is much better), slating it for removal in
community.general 10.0.0.
(cherry picked from commit 61b889749e)
Co-authored-by: Pino Toscano <ptoscano@redhat.com>
redhat_subscription: officially deprecate "autosubscribe" (#6646)
The "autosubscribe" alias for the "auto_attach" option has been
deprecated for many years, although only in the documentation.
Officially mark it as deprecated also in the module parameters spec,
slating it for removal in 9.0.0.
(cherry picked from commit 621bedf751)
Co-authored-by: Pino Toscano <ptoscano@redhat.com>
proxmox_snap: allow set retention for snapshots (#6577)
* proxmox_snap: allow to trim snapshots
* proxmox_snap: add changelog fragment for trim parameter
* proxmox_snap: fix linter issues
* Update plugins/modules/proxmox_snap.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update changelogs/fragments/6576-proxmox-snap-allow-trimming.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* proxmox_snap: rename 'trim' into 'retention'
* proxmox_snap: improve docu, as suggested by felixfontein
* proxmox_snap: rename 'trim' in changelog
* Update plugins/modules/proxmox_snap.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/proxmox_snap.py
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 7216286466)
Co-authored-by: Alexander Petermann <petermann.a@gmx.net>
MH mh/mixins/deps.py: prevent deprecation warning when no deps are specified (#6644)
* MH mh/mixins/deps.py: prevent deprecation warning when no deps are specified
* rollback empty "patch" on license markers to prevent test error
* disable test in ansible 2.12
* add changelog frag
(cherry picked from commit 494909aba5)
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
opentelemetry: add span event attributes (#6531)
* add span event attributes (task name and host name)
* add fragment
* refactor: use set_attributes
* Add same span attributes to the event
* chore: change description in the fragment
* as mentioned in the code review
* use flag to disable the attributes in logs
there are some vendors that might not require those attributes since those details are shown in the UI when accessing the spans, i.e.: jaeger
* Update plugins/callback/opentelemetry.py
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 58958fc417)
Co-authored-by: Victor Martinez <victormartinezrubio@gmail.com>
snap: aware of channel in installed snaps (#6435)
* [WIP] snap: aware of channel in installed snaps
* parse snap list output and assert whether channel matches
* undo test
* fail rightfully when install with different channel does not work
* transparetent refresh
* rollback comment in integration test
* rollback comment in integration test
* add changelog frag
* Update plugins/modules/snap.py
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit b78d1999e1)
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
New Proxmox VE modules to handle pools and their membership (#6604)
* New Proxmox VE modules to handle pools and their membership
* Fix pep8 linting errors
* Fix pep8 and compatibility errors
* Add required fields in the documentation
* Typo fix
* Fix pylint errors
* Fix the last one error
* Address review comments
* Fix linting error
* Add integration tests playbook
* Add assert for the diff mode
* Address review comments
* Fix typo in the word
* Fail for non-empty pool even in check_mode
(cherry picked from commit 16abb96bd8)
Co-authored-by: Sergei Antipov <s.antipov@mulesoft.com>
Minor bitwarden plugin req. docs addition (#6613)
The Bitwarden CLI requires a `login` followed by an `unlock` operation.
The later will display a message regarding setting (and exporting) the
`$BW_SESSION` env. var. When using the `bitwarden` lookup plugin, having
the env. var. set and available (exported) to Ansible is critical.
Without it, the plugin will simply return the error:
`Bitwarden Vault locked. Run 'bw unlock'.`
Make this clearer in the requirement documentation.
Signed-off-by: Chris Evich <cevich@redhat.com>
(cherry picked from commit 36e8653cf7)
Co-authored-by: Chris Evich <1183438+cevich@users.noreply.github.com>
proxmox: support param `timezone` when creating container (#6510)
* proxmox: support param `timezone` when creating container
* add changelog fragments for #6510
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
* Improved param description
* Use major.minor version comparison for options
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Sergei Antipov <s.antipov@mulesoft.com>
(cherry picked from commit f71a474726)
Co-authored-by: nxet <nxet821@protonmail.com>
proxmox_kvm | Expose timeout param to stopped state (#6570)
* Expose timeout param to stopped state
Forcefully stop virtual machine using timeout param for proxmox vm
shutdown api call.
* Add changelog fragment
* Typo fix in timeout param description
* Update changelogs/fragments/6570-handle-shutdown-timeout.yaml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/proxmox_kvm.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Revert back exception message
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit b133aa40c6)
Co-authored-by: Sergei Antipov <s.antipov@mulesoft.com>
proxmox_kvm: support for tpmstate0 parameter (#6533)
* proxmox_kvm: added support for tmpstate
adds hash of options for a TPM state disk, which is required for Windows 11 installations
* updated wrong version in docs
* bump version 7.1.0 -> 7.1.1
* fixed parameter name typo
* updated to pass sanity; assumed version_added to be next major (7.2.0)
* replaced 'tpmstate' with 'tpmstate0'; added suboptions to kvm_args
* fixed line too long
* use get() instead of pop() to preserve verbose invocation.module_args
* update comment to include tpmstate0
* added changelog fragment
* Revert "bump version 7.1.0 -> 7.1.1"
This reverts commit 772ed98dba.
* Include PR link in changelog fragment
Co-authored-by: Felix Fontein <felix@fontein.de>
* Corrected version_added
Co-authored-by: Felix Fontein <felix@fontein.de>
* corrected semantic markup for option name
Co-authored-by: Felix Fontein <felix@fontein.de>
* set suboptions of tpmstate0 to required
* set default for tpmstate0.version (2.0)
* fixed typo
Co-authored-by: Felix Fontein <felix@fontein.de>
* wrapped default version string in quotes
Co-authored-by: Felix Fontein <felix@fontein.de>
* Improve changelog formatting.
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 01f21b1d46)
Co-authored-by: Jeff Turner <jeff@torusoft.com>
ini_file: Don't creates new file instead of following symlink (#6546)
* ini_file: Don't creates new file instead of following symlink
This is a bug fix that address a situation where `community.general.ini_file`
was destroying symlinks instead of updating of updating their targets.
Closes: #6470
* ini_file: add the follow parameter
If `poth` points on a symlink and `follow` is true, the `ini_file` plugin
will preserve the symlink and modify the target file.
* adjust the documentation of the new key
- yes/no -> true/false.
- new key will be introduced in 7.1.0.
- clean up the `state=link` part.
(cherry picked from commit c76af60a73)
Co-authored-by: Gonéri Le Bouder <goneri@lebouder.net>
plugins/inventory/cobbler: Add option to use system name for inventory (#6502)
* plugins/inventory/cobbler: Add option to use system name for inventory hostname (#6492)
* plugins/inventory/cobbler: Add warning for systems with empty profiles
(cherry picked from commit 8586adcd51)
Co-authored-by: Orion Poplawski <orion@nwra.com>
mas: disable sign-in check for macOS 12+ (#6520)
* disable sign-in check for macOS 12+
* move is_version_greater func outside class Mas
* fix formatting
* remove trailing whitespace
* make use of LooseVersion to compare versions
* update requirement description
Co-authored-by: Felix Fontein <felix@fontein.de>
* update requirement description link
Co-authored-by: Felix Fontein <felix@fontein.de>
* update constant of macOS version
Co-authored-by: Felix Fontein <felix@fontein.de>
* use updated constant
Co-authored-by: Felix Fontein <felix@fontein.de>
* update getting macOS version
Co-authored-by: Felix Fontein <felix@fontein.de>
* add changelog fragment
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 4373f2f33b)
Co-authored-by: Justine Jose <59870720+justinpjose@users.noreply.github.com>
opkg: remove useless default value for force (#6513)
* opkg: remove useless default value for force
* add changelog frag
* Update changelogs/fragments/6513-opkg-default-force.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* add to force param description
* typo
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit e588e675d9)
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>