* ldap_entry - Recursive deletion
* Recursive deletion can be enabled with the `recursive` option. It is
disabled by default.
* When enabled, deletion is attempted by sending a single delete
request with the Subtree Delete control. If that request fails with
the `NOT_ALLOWED_ON_NONLEAF` error, try deleting the whole branch in
reverse order using individual delete requests.
* ldap_entry recursive deletion - Changelog fragment
* ldap_entry - Refactored to avoid lint message
* Update changelogs/fragments/4355-ldap-recursive-delete.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* ldap_entry - Add version_added to the recursive flag
Co-authored-by: Felix Fontein <felix@fontein.de>
* ldap_entry - Moved member assignment to a more suitable location
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 0b71d123d2)
Co-authored-by: Emmanuel Benoît <tseeker@nocternity.net>
* Implement change detection for update_cache=true. Add cache_updated return value.
* ...
* Make sure pacman --sync --list is called only as often as necessary.
(cherry picked from commit cf4d68ac50)
Co-authored-by: Felix Fontein <felix@fontein.de>
* Fix linode inventory filtering
There was a regression introduced in the addition of caching. The
`_consume_options` method was added and provided the `config_data`
dictionary. This `pop`s every entry, resulting in an empty `config_data`
dict, which was then reused and expected to be populated.
After reviewing, `_consume_data` doesn't need to be called. Also, once
the ``_read_config_data` method has been called, we no longer need the
config_data dict, and can instead use the `get_option` method throughout.
Once those were removed, the filtering function seemed a bit odd, since
we were no longer using the file. I used that opportunity to move the
filter calls into the populate function directly.
* Remove tests that target removed methods
This removes tests that targeted some custom methods on configuration
file handling. These are no longer necessary since they are now handled
by the BaseInventoryPlugin `_read_config_data` method.
* Add changelog entry for linode inventory bugfix
* Revert filters back to their own method
This moves filters back into their own method, but now uses the
get_option calls to pull filter configuration items.
(cherry picked from commit 386bb4bdd5)
Co-authored-by: steven jacobs <stjacobs@fastmail.fm>
* jira: Use fields in comment to merge in additional data
* changlog fragment added
* Update changelogs/fragments/4304-jira-fields-in-comment.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* updated fields documentation
* Update plugins/modules/web_infrastructure/jira.py
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 4fbba96841)
Co-authored-by: Boosai <51994151+Boosai@users.noreply.github.com>
* Add tls parameter to redis module
* Rename changelog fragment to match PR
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
* Port redis module to redis auth module util
* Update changelogs/fragments/4207-add-redis-tls-support.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/database/misc/redis.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Undo reuse of redis auth doc fragment
* Use doc fragment.
Co-authored-by: Julian Faude <julian.faude@zweiacht.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 9a74ace1e4)
Co-authored-by: jcharlytown <github@julianfau.de>
* npm - add '--production` support to 'npm ci' flag
* add changelog fragement for 4299
* Add backticks
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 43af053d73)
Co-authored-by: Daniel Miller <watermelonpizza@melonstudios.net>
* pacman: add support for remove_nosave
New parameter: remove_nosave
When enabled, will pass --nosave to pacman when removing packages.
--nosave cannot be used with --print-format and thus it couldn't be
passed via extra_args. See #4315
The code adds the option right before the actual removal of the pkgs.
(This is based on an initial diff from MorphBonehunter)
* changelog
* Update plugins/modules/packaging/os/pacman.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* wording
* ssss
* remove_package: simplify {force,extra,nosave}_args
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit c698ecd201)
Co-authored-by: Jean Raby <jean@raby.sh>
* Remove DWSR from BOTMETA.yml
I'm no longer using Ansible.
* Update .github/BOTMETA.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit ea0697601b)
Co-authored-by: Brandon McNama <brandonmcnama@outlook.com>
* pacman: don't always return changed w/ update_cache
This used to be the behavior before the recent refactoring. [1]
Allows the following to return changed only when packages were upgraded:
- pacman:
update_cache: yes
upgrade: yes
And the following to return changed only when the foo package wasn't at
the latest version:
- pacman:
name: foo
state: latest
update_cache: yes
[1] https://github.com/ansible-collections/community.general/pull/3907
* Update changelogs/fragments/4318-pacman-restore-old-changed-behavior.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit cc8151f209)
Co-authored-by: Evangelos Foutras <evangelos@foutrelis.com>
* Remove nmcli modify dependency on type parameter
* Add fragment
* Add newline for lint
* Fixed linting for tests
* Fix fragment
* Move aliases to ip_conn_type function
* Remove connection_map
* Updated fragment
* Fixed fragment
Co-authored-by: Trey West <--local>
(cherry picked from commit 1ca7894d30)
Co-authored-by: Trey West <treywest45th@gmail.com>
* s/group/groups/
Pacman accepts --group but the actual option name is --groups.
Allows use of other binaries with the same CLI interface as pacman (yay)
* changelog
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
* Add note regarding pacman compat + --print-format
* Update plugins/modules/packaging/os/pacman.py
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit d4e92fc720)
Co-authored-by: Jean Raby <jean@raby.sh>
* Fix error when checking if VM exists.
* Add changelog entry.
* Reword changelog entry.
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 36ddb9b8e5)
Co-authored-by: Markus Reiter <me@reitermark.us>
* pipx: added options editable and pip_args
* added changelog fragment
* added version markers on new options
(cherry picked from commit f988eb5726)
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* pacman: re-adding support for URL based pkgs
* Update plugins/modules/packaging/os/pacman.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/packaging/os/pacman.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* cmd=cmd in every call to self.fail()
* pacman: integration test for mixed pkg sources
* Add more tests + fix minor bug with URL packages
Version checking for URL packages is left to pacman, so add a check
after the dry run to see if it would actually install anything.
* remove double templating
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit a9db4742fc)
Co-authored-by: Jean Raby <jean@raby.sh>
* zypper: support automatic removal of orphaned dependencies
* zypper: support automatic removal of orphaned dependencies
- Add support for --clean-deps option during package removal, which
will clean up packages that were only installed as dependencies
of the package being removed.
* Update changelogs/fragments/4192-zypper-add-clean-deps.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/packaging/os/zypper.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/packaging/os/zypper.py
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 9a34e97702)
Co-authored-by: Jeff Mahoney <jeffm@jeffm.io>
* Make sure that every test that uses package: requires setup_pkg_mgr.
* Upgrade system packages for Arch Linux.
* Re-enable java keytool tests on Arch.
(cherry picked from commit 274b8cceef)
Co-authored-by: Felix Fontein <felix@fontein.de>
* fix sparse file creation on Alpine linux
* re-enable tests for Alpine
* remove `conv=sparse` flag (rely only on `seek=fullsize` & `count=0`)
* doc: add a reference to busybox's dd
* doc: remove restrictions for OpenBSD, Solaris & AIX (should work as
for Alpine linux now)
* add a changelog fragment
* fix typo
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 0da8cb2e02)
Co-authored-by: quidame <quidame@poivron.org>
* s/sys-upgrade/sysupgrade/
* changelog fragment
* yamllint
* more fragment tweaks
(cherry picked from commit b9f62bb4ef)
Co-authored-by: Jean Raby <jean@raby.sh>
* keycloak: fix creating a user federation w/ idempotent id
Creating a user federation while specifying an id (that doesn't exist
yet) will fail with a 404. This commits fix this behavior.
* keycloak: fix user federation mapper duplication
This commit fixes a bug where mappers are duplicated instead of
configured when creating a user federation.
When creating a user federation, some mappers are autogenerated by
keycloak. This commit lets the keycloak_user_federation module recompute
mappers final values after the user federation is created so that the
module can try to merge them by their name.
* add missing fragment for pr #4212
(cherry picked from commit c1485b885d)
Co-authored-by: Jules Lamur <jlamur@users.noreply.github.com>
* Add ArchLinux, Debian Bullseye and CentOS Stream 8 to CI.
* Add Alpine to CI matrix as well.
(cherry picked from commit a06903f33a)
Co-authored-by: Felix Fontein <felix@fontein.de>
* passwordstore: Add configurable locking
Passwordstore cannot be accessed safely in parallel, which causes
various issues:
- When accessing the same path, multiple different secrets are
returned when the secret didn't exist (missing=create).
- When accessing the same _or different_ paths, multiple pinentry
dialogs will be spawned by gpg-agent sequentially, having to enter
the password for the same gpg key multiple times in a row.
- Due to issues in gpg dependencies, accessing gpg-agent in parallel
is not reliable, causing plays to fail (this can be fixed by adding
`auto-expand-secmem` to _~/.gnupg/gpg-agent.conf_ though).
These problems have been described in various github issues in the past,
e.g., ansible/ansible#23816 and ansible/ansible#27277.
This cannot be worked around in playbooks by users in a non-error-prone
way.
It is addressed by adding new configuration options:
- lock:
- readwrite: Lock all operations
- write: Only lock write operations (default)
- none: Disable locking
- locktimeout: Time to wait for getting a lock (s/m/h suffix)
(defaults to 15m)
These options can also be set in ansible.cfg, e.g.:
[passwordstore_lookup]
lock=readwrite
locktimeout=30s
Also, add a note about modifying gpg-agent.conf.
* Tidy up locking config
There is no reason why lock configuration should be part of self.paramvals.
Now locking and its configuration happen all in one place.
* Change timeout description wording to the suggested value.
* Rearrange plugin setup, apply PR feedback
(cherry picked from commit 2416b81aa4)
Co-authored-by: grembo <freebsd@grem.de>
* pmem: Add namespace and namespace_append options
- namespace: Configure the namespace of PMem. PMem should be configured
by appdirect/memmode, or socket option in advance.
- namespace_append: Enables to append the new namespaces.
* Add changelog fragment entry
* Update the changelog fragment
* Update changelog fragment entry
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update to use human_to_bytes
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update to fix the description of namespace_append
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update to release v4.5.0
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update to fix the typo in the description of namespace_append
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 5841935e37)
Co-authored-by: mizumm <26898888+mizumm@users.noreply.github.com>
* yum_versionlock: Fix entry matching (#4183)
As an input the module receives names of packages to lock.
Those never matched existing entries and therefore always reported
changes.
For compatibility yum is symlinked to dnf on newer systems,
but versionlock entries defer. Try to parse both formats.
Signed-off-by: Florian Achleitner <flo@fopen.at>
(cherry picked from commit f5ec73735f)
* Empty commit to trigger CI.
Co-authored-by: fachleitner <flo@fopen.at>
Co-authored-by: Felix Fontein <felix@fontein.de>
* Rework of gitlab_project_variable over gitlab_group_variable
* Linting and removed unused example
* Fix test 2
* Sync from review of gitlab_project_variable #4038
* Linting, default protected True, value optional
* Next version is 4.5.0
* Roll back protected default true, and value not required
* Apply suggestions from code review
Missing check_mode
Co-authored-by: Markus Bergholz <git@osuv.de>
* Fix one unit test, comment test that requires premium gitlab
* Add changelog
* Update plugins/modules/source_control/gitlab/gitlab_group_variable.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update changelogs/fragments/4086-rework_of_gitlab_proyect_variable_over_gitlab_group_variable.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Added conditional gitlab_premium_tests variable when required
* Allow delete without value
* Fix variable name
* Linting
* Value should not be required in doc
* Linting missing new-line
* Update changelogs/fragments/4086-rework_of_gitlab_proyect_variable_over_gitlab_group_variable.yml
Co-authored-by: Markus Bergholz <git@osuv.de>
Co-authored-by: Markus Bergholz <git@osuv.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 44f9bf545d)
Co-authored-by: Sebastian Guarino <sebastian.guarino@gmail.com>
The passwordstore lookup plugin depends on parsing GnuPG's
error messages in English language. As a result, detection of
a specific error failes when users set a different locale.
This change corrects this by setting the `LANGUAGE` environment
variable to `C` when invoking `pass`, as this only affects
gettext translations.
See
https://www.gnu.org/software/gettext/manual/html_node/The-LANGUAGE-variable.html
(cherry picked from commit 77a0c139c9)
Co-authored-by: grembo <freebsd@grem.de>
Given a password stored in _path/to/secret_, requesting the password
_path/to_ will literally return `path/to`. This can lead to using
weak passwords by accident/mess up logic in code, based on the
state of the password store.
This is worked around by applying the same logic `pass` uses:
If a password was returned, check if there is a .gpg file it could
have come from. If not, treat it as missing.
Fixesansible-collections/community.general#4185
(cherry picked from commit da49c0968d)
Co-authored-by: grembo <freebsd@grem.de>