* refactored unit tests for modules based on CmdRunner
* improved/fixed test helper
* fixed sanity
* refactored yaml spec out of the python file
* small adjustments
* [proxmox_vm_info] Return empty list when requested VM doesn't exist
* Update documentation
* Add changelog fragment
* Address review comments
* Allow to filter by empty name
* Update plugins/modules/proxmox_vm_info.py
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* [proxmox_vm_info] Re-use cluster resources API to use module without requiring node param
* More consife if
* Fix use case when requesting all vms from specific node
* Add changelog fragment
* Added support for ipv4.dns_options in nmcli module
* added support for dns6-options
* Added version added
Co-authored-by: Felix Fontein <felix@fontein.de>
* added version_added: 4.6.0 for dns6 options
* added changelog fragment
* Rename 4308-added-support-in-nmcli-for-ipvx-dns-options to 4308-added-support-in-nmcli-for-ipvx-dns-options.yml
* Update changelogs/fragments/4308-added-support-in-nmcli-for-ipvx-dns-options.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Fix and add tests
* Update PR number and version_added
---------
Co-authored-by: Matteo Caruso <m.caruso425@gmail.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
* [proxmox_vm_info] New module to retrieve virtual machines information from Proxmox VE API
* Address review comments
* Fix seealso fragment
* Update plugins/modules/proxmox_vm_info.py
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* add Bitwarden Secrets Manager lookup
* fix pep8 and yamllint complaints
* fix version_added, add maintainer and copyright notice
* document BWS_ACCESS_TOKEN env var and declare as required
* avoid returning nested list
* update 'value of a secret' example after f6c4492c
* update copyright notice in bitwarden_secrets_manager plugin
thx felixfontein
Co-authored-by: Felix Fontein <felix@fontein.de>
* rename classes to distinguish from existing bw plugin
* use AnsibleLookupError, formatting
* bump version_added to 7.0.0
Co-authored-by: Felix Fontein <felix@fontein.de>
* ci fix: python style guide calls for excessive blank lines
https://peps.python.org/pep-0008/#blank-lines
* first attempt at unit tests for bws lookup
* ci fix: remove trailing newline
* attempt to fix tests object not callable error
* address formatting, tests and pyright suggestions
* reduce scope of mocked code for more real test coverage
only the actual bws CLI call is mocked now, this should enable the
exception thrown test to succeed if I didn't add new problems
* fix undefined variable 'expected_rc'
* fix mocked _run method to return correct data types
* keep list of one element for test case comparison
* bump version_added to 7.2.0
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: jantari <jantari@github.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
* [proxmox_template] Fix error while uploading big ISO to Proxmox VE cluster
* Fix pep8 test
* Add changelog fragment
* Add notes about requests_toolbelt
* Check versions and file size
* Fix typo in notes
* Add unit test. Move try inside of each function.
* Fix sanity tests
* Add proxmoxer in requirements file
* Update integration tests
* Add proxmoxer into constraints.txt
* Address review comments
* Don't run tests on 2.6 python
* Disable Python 2.6 tests for other proxmox modules
Create a small helper class Rhsm, so all the logic related to the
interaction with subscription-manager is grouped there:
- create the Rhsm object in main(), once the initial checks are done
- search subscription-manager as required (so there is no need to
manually check it), and store its path for reuse
- store the common arguments for running subscription-manager
- move run_subscription_manager() to Rhsm as run_repos()
- get rid of the different list parameters: we list only all the
repositories, so the other cases are not needed (and can be added
easily, if needed)
- move get_repository_list() to Rhsm as list_repositories()
The execution of subscription-manager is improved as well:
- pass the arguments to run_command() directly as list, rather than
joining the arguments to string, which run_command() will need to
split again
- move the "repos" parameter directly in run_repos()
- explicitly disable the shell, already off by default
- disable the expansions of variables, as there are none
Adapt the unit test to the different way run_command() is called.
There should be no behaviour changes.
So far there are no tests for the rhsm_repository module, which makes it
difficult to do even basic changes. Hence, add an initial version of
unit tests, heavily based on the approach of the redhat_subscription
unit tests.
* proxmox_kvm - Allow creation of VM with existing name but new vmid
* Fix pylint and pep8 errors
* Add changelog fragment
* Move status variable outside of try block
* Add assertion for calling get_vm_node function
* Use try/catch for module_utils functions
* Update changelogs/fragments/6709-proxmox-create-vm-with-existing-name.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* keycloak_client_rolemapping.py: add support for subgroups
* Add PR number after creating a PR to 6687-support-subgroups-for-keycloak-client-rolemapping.yml
* Update changelogs/fragments/6687-support-subgroups-for-keycloak-client-rolemapping.yml
Add missing URL
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_client_rolemapping.py
Set a correct version_added (previously it was a copy-paste)
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_client_rolemapping.py
Fix typo after copy-paste
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_client_rolemapping.py
Fix typo after copy-paste
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_client_rolemapping.py
Fix typo after copy-paste
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Mikhail Putilov <Mikhail.Putilov@dimoco.eu>
Co-authored-by: Felix Fontein <felix@fontein.de>
* Add composites to keycloak_role module
* Add composites support for realm role in keycloak module_utils
* Clean f.write from keycloak_role module
* keycloak_role support state for realm role composites
* Add support for composites in client role for keycloak_role module
* Add changelog fragment for keycloak role composites PR
* Fix pep8 and validate-modules tests errors
* Update changelogs/fragments/6469-add-composites-support-for-keycloak-role.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_role.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_role.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_role.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_role.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_role.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_role.py
I will try it
Co-authored-by: Felix Fontein <felix@fontein.de>
* Fix test_keycloak_role assertion
* Fix role composite compare before update in keycloak_role module
* Fix realm problem with update_role_composites in keycloak.py module_utils
* Add units tests for composites and client roles in keycloak_role module
* Update plugins/module_utils/identity/keycloak/keycloak.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/module_utils/identity/keycloak/keycloak.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Change try in is_struct_included and add unit tests for keycloak.py module_utils
* Add integration tests for composites roles and fix bug with non master roles in keycloak_role module
* Update plugins/modules/keycloak_role.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_role.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_role.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/module_utils/identity/keycloak/keycloak.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/module_utils/identity/keycloak/keycloak.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* is_struct_included refactor
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* Fix composites comparison for role in is_struct_included keycloak.py function
* Add changelog fragment and unit tests
* Update changelogs/fragments/6688-is-struct-included-bug-in-keycloak-py.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
- pass the arguments to run_command() directly as list, rather than
joining the arguments to string, which run_command() will need to
split again
- disable the expansions of variables, as there are none
Adapt the unit test to the different way run_command() is called,
factorizing the kwargs for run_command() so there is less repetition.
There should be no behaviour changes.
The two RegistrationBase & Rhsm classes were copied from the ones in the
shared module_utils.redhat module; that said:
- the versions here got improvements over the years
- the RegistrationBase in module_utils.redhat is used only by the RHN
modules, which are deprecated and slated for removal
Hence, the classes here can be kept and simplified a bit:
- fold the non-dummy content of RegistrationBase into Rhsm: there is no
more need for the separate RegistrationBase base class
- drop the init arguments "username", "password", and "token": the
instance variables of them are not used anywhere, as the needed
credentials (together with other variables) are passed to the
register() method
- create the Rhsm object later in main(), after the AnsibleModule
creation and the uid check: this avoids the creation of Rhsm with a
null module variable, changing it later
There should be no behaviour change.
* vardict: easy hadling of module variables
* fix copyright year
* initial tests passing
* small adjustments
* add tests
* add to BOTMETA
* remove unused import pytest
* Update plugins/module_utils/vardict.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* minor refactor and documentation
* minor adjustments
* rename VarDict.var() to VarDict._var()
- plus add more docs
* fix method name in tests
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* nmcli: added new module option 'slave_type' to allow create non-ethernet slave connections
* argument specs updated
* documentation updated
* examples updated
* added warning message when using type='bridge-slave'
* remove trailing whitespace
* Added warnings about rewrite 'slave-type' property when using type one of 'bond-slave', 'bridge-slave', 'team-slave'.
Added module fails when user sets contradicting values of 'slave-type' for types 'bond-slave', 'bridge-slave', 'team-slave'.
Returned back checking for types that can be a slave to assign 'master' and 'slave-type' properties.
* Extending list of slave-conn-types
* Update plugins/modules/nmcli.py
Version updated
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* Update plugins/modules/nmcli.py
Updated documentation for `slave_type`
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* Updated argspec's 'required_by' for 'master' property.
* Fixed mistake in property naming in module argspec.
* changelog fragment and module docs updated
* Validation of 'master', 'slave_type' options improved. (rebased)
* Validation of 'master' and 'slave_type' separated to special method.
* Wrote 6 tests for slave_type option behaviour
* Removed erroneously added property 'hairpin'
* Update version_added for 'slave_type'
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* Update changelogs/fragments/473-nmcli-slave-type-implemented.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Let master be without slave_type
---------
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
* gconftool2: fix change output
* add changelog frag
* gconftool2: improve visibility on the output
* fix obtaining updated value after `set`
* use issue URL in the changelog fragment
* fix further issues
* fix return value docs + changelog frag
* Update plugins/modules/gconftool2.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* fix return value doc
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* one_vm: fix syntax error when creating VMs with a more complex template
with more complex templates that make use of quoted strings the new
"render" method fails to produce a template that is accepted by
OpenNebula. ==> escape double quotes in strings to make OpenNebula
happy again.
I also tested whether newlines need to be escaped, looks like they are
fine as they are.
Fixes#6225
* module_utils/opennebula: skip empty values in render
* add nmcli macvlan type
* changelog
* improve docs
* macvlan params
* fix linter and improve module params
* improve_docs
* raise error if type macvlan and macvlan options not set
* Add Puppet skip_tags option
* Include changelog fragment
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* add runner_fast_rate option
* unset default value for runner_fast_rate parameter
* add some commas
* Remove default in copy of argspec.
Co-authored-by: Sam Potekhin <eax24@ya.ru>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Sam Potekhin <eax24@ya.ru>
The module currently has a static 'required_if' statement for its
parameters that forces any of 'username' or 'activationkey' or 'token'
in case state=present; while this is generally a good idea, it can be
an extra requirements in some cases. In particular, if the system is
already registered, there is no need for credentials -- some of the
operations of the module, such as manipulating pools, can be done
perfectly without credentials.
Hence:
- change the static 'required_if' to require credentials only when
forcing the registration
- check for credentials manually when a registration is needed, i.e.
on an unregistered system; the fail message is the same as the one
shown by 'required_if'
Adapt the tests to this new situation:
- test_without_required_parameters now needs to mock an unregistered
system
- add a new version of test_without_required_parameters to test an
already registered system
- add a simple test case for only state=present usable on an already
registered system
- remove the credentials from a test case for pool attachment that
mocks an already registered system
subscription-manager on RHEL installs a symlink in /usr/bin to
console-helper (part of usermode), which triggers an interactive prompt
for root credentials when run as user. It seems that console-helper
does not handle well non-interactive contexts (e.g. without a TTY for
input), and thus it will hang waiting for input when run as user in an
Ansible task.
Since subscription-manager requires root already anyway (and it will
fail when explicitly run as user), then apply the same logic locally on
all the modules that interact with it: redhat_subscription,
rhsm_release, and rhsm_repository.
subscription-manager currently does not have a way to get credentials
(username, password, activation keys, organization ID) in a secure way:
the existing command line parameters can be easily spotted when running
a process listing while 'subscription-manager register' runs.
There is a D-Bus service, which is used by e.g. cockpit and Anaconda to
interface with RHSM (at least for registration and common queries).
Try to perform the registration using D-Bus, in a way very similar to
the work done in convert2rhel [1] (with my help):
- try to do a simple signal test to check whether the system bus works;
inspired by the login in the dconf module
- pass most of the options as registration options; for the few that are
not part of the registration, execute 'subscription-manager' manually
- add quirks for differently working (or not) registration options for
the D-Bus Register*() methods depending on the version of RHEL
- 'subscription-manager register' is used only in case the signal test
is not working; silent fallback in case of D-Bus errors during the
registration is not done on purpose to avoid silent fallback to a less
secure registration
[1] https://github.com/oamg/convert2rhel/pull/540/