* sefcontext: add path substitution support (#1193)
First commit for feedback, missing docs and tests.
* sefcontext: add documentation
* Add changelog fragment
* Documentation formatting
* Delete extra newline
* pep8 fixes
Fix indentation
* Add version_added to arg docs
* Add examples
* Don't delete non-matching path substitutions
* Add integration tests
* Delete only substitutions if such arg passed
Don't delete existing regular file context mappings if deletion of
a path substitution was requested with the presence of the
`equal` arg - delete only path substitutions in such case.
Path substitutions and regular mappings may overlap.
* Can only add args in minor releases
:(
* Cleanup before tests
* Fix deletion using substitution
Was comparing wrong var.
* Fix test checking wrong var
* Improve args documentation and examples
List the default values for selevel, seuser.
Add example for deleting path substitutions only.
* Add attributes documentation block
Not sure if should add become/delegate/async,
shouldn't those work just like that without any
specific code added for them?
* and fix indentation on attribute block
* Consistent indentation for attributes
Confusing, most plugins indent with 4 spaces.
But some use 2 like the rest of the code, so use 2.
* Add missing ref for attribute block
* Use correct c.g version in doc block
Co-authored-by: Felix Fontein <felix@fontein.de>
* Add full stop to changelog fragment
Co-authored-by: Felix Fontein <felix@fontein.de>
* Streamline documentation
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* Support limiting deletion to setype
Deleting file context mappings may be limited by
passing setype or equal, if neither arg is passed
then delete either setype/equal mappings that match.
* Change arg name, diff mode output fix
Change arg name from equal to substitute.
Print target = subsitute in diff mode same way as
semanage does.
Also put back platform attribute, try to improve
clumsy language in the substitute arg docs.
* Delete even if arg setype not match existing
Test 5 indicates that deletion is supposed to not check that
the arg setype passed when deleting matches the setype
of the mapping to delete.
Delete any mapping that matches target, regardless of
setype arg value.
* Update arg name in tests
* Too eager replacing
Accidentally replaced seobject function names so fix them back
* 4564: Fix invalid setype in doc example
Change from httpd_git_rw_content_t which
does not exist to httpd_sys_rw_content_t
Fixes#4564
* Fix documentation attributes
Additional fragment
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update version_added in docs
Bumping minor to 6.4.0 since it didn't make 6.3.0.
* Add more description to the new arg docs
Try to improve discoverability of the new feature and make it easier to understand without deep SELinux understanding.
* Update platform to Linux in documentation
* Add equal as alias for the new argument
Improve discoverability of the new feature by adding an alias to the new module argument. The argument name "equal" will be easy to find for users who are not familiar with SELinux and who just try to match to the CLI tool `semanage`.
* And add alias argument properly
Previous commit missed actually adding the alias (added to docs only).
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* feat(module/keycloak_group): add support for ...
... handling subgroups
* added changelog fragment and fixing sanity ...
... test issues
* more sanity fixes
* fix missing version and review issues
* added missing licence header
* fix docu
* fix line beeing too long
* replaced suboptimal string type prefixing ...
... with better subdict based approach
* fix sanity issues
* more sanity fixing
* fixed more review issues
* fix argument list too long
* why is it failing? something wrong with the docu?
* is it this line then?
* undid group attribute removing, it does not ...
... belong into this PR
* fix version_added for parents parameter
---------
Co-authored-by: Mirko Wilhelmi <Mirko.Wilhelmi@sma.de>
* Yarn module: fix state=latest not working with global=true
* fix whitespace
* add changelog fragment
* add integration test cases
* add only tests for this PR (install+upgrade)
* fix assuming default global dir
* fix list() not working when global=true and name a package with no binary
* remove ignores
* whitespace
* Update changelogs/fragments/5829-fix-yarn-global.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update changelogs/fragments/5829-fix-yarn-global.yml
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* fix(modules/keycloak_user_federation): fixes ...
... user federation creation failing when also updating/changing default
mappers at the same time
* add changelog fragment for pr
Co-authored-by: Mirko Wilhelmi <Mirko.Wilhelmi@sma.de>
* fix(modules/keycloak_user_federation): fixes ...
... federation read call not finding already existing federations
properly because of bad parametrisation
* fix(modules/keycloak_user_federation): added ...
... new integration test for module idempotency bugfix
* added changelog fragment for pr
Co-authored-by: Mirko Wilhelmi <Mirko.Wilhelmi@sma.de>
* pipx: add testcase w/ env vars PIPX_xxxx
* add note to the docs about env vars
* add note to the docs about env vars
* Apply suggestions from code review
* Update plugins/modules/pipx.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/pipx_info.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* break long lines into smaller ones
Co-authored-by: Felix Fontein <felix@fontein.de>
* Add parameter warn_mpm_module to control when warning are raised
* Remoe whitespace
* Add changelog fragment
* Add missing license
* Update changelogs/fragments/5793-apache2-module-npm-warnings.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/apache2_module.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/apache2_module.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update tests/integration/targets/apache2_module/tasks/635-apache2-misleading-warning.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Refining integration test - previous was invalid
* False to false
* refactor assertion for suse
* Revert "refactor assertion for suse"
This reverts commit 61b86e7493.
* Excluding test on Suse
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update CI matrix.
* Disable RHEL 9.1 for tests where RHEL 9.0 was disabled as well.
* Skip iso_extract on FreeBSD 12.4.
* Fix cloud_init_data_facts test for Fedora 37.
* Do not try to install snap on RHEL 9.1.
* Skip pkgng jail tests on FreeBSD 12.4 as well.
* ansible_galaxy_install: use locale C tentatively, else en_US
* use custom exception to signal unsupported locale
* add step to remove artefacts at the end of the test
* add step to remove artefacts at the beginning of the test
* comment out context controller
* trying with temporary dir as destination
* remove collection before test with reqs file
* ensure collections are installed in temp dir in tests + check_force
* simplified the change
* added extra condition for failing locale
* improved exception handling
* add changelog fragment
* Remove superfluous VM.
* Add extra VM group.
* More platforms, add scripts.
* [REVERT THIS] Shrink matrix to only the tests we are interested in.
* Fix some tests.
* Skip snap tests on Ubuntu VMs for now.
* Skip xfs_quota tests on Alpine VMs due to ansible.posix.mount failing.
* Revert "[REVERT THIS] Shrink matrix to only the tests we are interested in."
This reverts commit 2e98e163db.
* Stick to Alpine and Ubuntu 22.04 for now.
* Add support to restrict privileges by host
* Missing comma
* Making linter happy.
* Add version 6.2.0 as when sudoers host parameter added
Co-authored-by: Felix Fontein <felix@fontein.de>
* Changelog fragment for PR #5703
* Test for sudoers host-based restriction
Co-authored-by: Felix Fontein <felix@fontein.de>
* Enhance `copr` integration tests
- Switch to a new test Copr repository. @copr/integration_tests was
removed which caused the tests to fail. I created a new one under my
account that I'll ensure stays around.
- Add basic testing to ensure that repo files are created in the correct
location and contain the correct baseurl and enabled status.
- Also run tests on Enterprise Linux.
- Test that packages from the Copr install. This has to be disabled on
EOL Fedoras that Copr does not allow building new packages for.
Resolves: https://github.com/ansible-collections/community.general/issues/5595
* copr tests: Fix ansible_python_interpreter on c8s
* copr: Don't test on alt Pythons on cs8
* Revert "copr tests: Fix ansible_python_interpreter on c8s"
This reverts commit 58e15a7ebf.
* Start using Ansible's config manager to handle options.
* Docs improvements.
* Fix documentation, make options actual lookup options.
* The cyberarkpassword lookup does too strange things.
* The onepassword lookups are converted in #4728, let's not interfere.
* Improve docs.
* Skip shelvefile as well.
* Convert lmdb_kv.
* Convert and fix credstash.
* Convert manifold.
* Drop chef_databag.
* Convert dig.
* Update examples.
* Forgot the most important part.
* Fix lmdb_kv docs.
* Python 2.6 compatibility.
* Convert AnsibleUnicode to str.
* Load lookup with lookup loader.
* Fix environment handling and error message checking.
* Improve docs formatting.
* Bump version to 6.0.0.
* sender option is now required.
* Default of want_proxmox_nodes_ansible_host changed from true to false.
* username is now an alias of user, and no longer of workspace.
* Remove deprecated return values in favor of end_state.
* Remove debug option.
* Change default of ignore_volatile_options from true to false.
* gitlab_group must now always contain the full path.
* Change default of norc from false to ture.
* Remove deprecated property.
* Add PR URL.
* Adjust bitbucket unit tests.
* Adjust module_helper integration test.
* add ansible module iso_customize.py
* rerun CI testing due to "Failed to send request to https://api.github.com/repos/ansible/ansible/issues/23642: HTTP Error 403: rate limit exceeded"
* Rerun CI testing due to "Failed to send request to https://api.github....."
* rerun CI testing due to failure "Unknown error when attempting to call Galaxy at 'https://galaxy.ansible.com/api/v2/collections/netbox/netbox/versions/3.1.0/': The read operation timed out"
* change document part as felixfontein's careful review
* modify test file as russoz's comments
* modify comment part of module
* add comment for the example
* add more tests: check the files are deleted / added in customized ISO
* fix it: failed to run ansible.posix.mount in ubuntu
* fix it: ansible.posix.mount is not working well in some OS.
* change DOCUMENTATION part
* change files according to the comment from code review
* fix issue: E231: missing whitespace after ':'
* modify the description of Document
* modify code for code review
* delete extra blank line in yml file
* Try to fix CI testing issue: "Caught \"'foo' is undefined. 'foo' is undefined\" while evaluating 'b' with item == {'a': 1}"
* delete extra blank line in the end of file
* change code as the comment from code review
* change code from code review
* change type: str to type: path
* change type:str to type:path
* delete unused variable
* fix CI testing error: return-syntax-error: RETURN.dest_iso.type: not a valid value for dictionary value @ data['dest_iso']['type']. Got 'path'
* add testcase: test add files / delete files separately
* add more testcases: test if we can catch exception from error input of users
* change code from code review
* fix issue: E231: missing whitespace after ','
* change code from code review
* add notes to document
* modify notes in document part
* /rebuild_failed
/rebuild_failed
* Try to support running testcases not only in MAC but also in other OS.
* modify document
* change mount to ansible.posix.mount
* skip the test platform which report "Error mounting"
* fix mount failed: Operation not permitted
* change code from code review
* change document from code review
* fix CI testing issue in some platforms
* Update plugins/modules/files/iso_customize.py
* change code from code review
1) change testcase
2) try to fix "mount: not permitted"
* modify aliases file
* change document and rerun CI testing
* add skip/docker as suggested
* add debug task
* fix issue in redhat 7.9: occurred while running the lookup plugin 'file'. ..could not locate file in lookup..
* change code from the code review
* modify function "iso_rr_check_file_exist" to "iso_check_file_exists" to make it works in all types of ISO
1. modify function "iso_rr_check_file_exist" to "iso_check_file_exists" to make it works in all types of ISO
2. run main.yml with newer python 3.10.6
ansible [core 2.13.4]
config file = None
configured module search path = ['/Users/zouy/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/local/Cellar/ansible/6.4.0/libexec/lib/python3.10/site-packages/ansible
ansible collection location = /Users/zouy/.ansible/collections:/usr/share/ansible/collections
executable location = /usr/local/bin/ansible
python version = 3.10.6 (main, Aug 30 2022, 05:12:36) [Clang 13.1.6 (clang-1316.0.21.2.5)]
jinja version = 3.1.2
libyaml = True
* delete blank
* simply the code as suggested.
* Two small docs updates.
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
* Adding capability to specify complex variables type to terraform
* Terrform variable types are mapped to ansible veriable types
* Currently handles Dict, List, Str, Int, Bool types
* Updated the documentation accordingly
* Updated with an example.
* Update plugins/modules/cloud/misc/terraform.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/cloud/misc/terraform.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/cloud/misc/terraform.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/cloud/misc/terraform.py
Wonder how that missed the PEP8 checks :).
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/cloud/misc/terraform.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Adding the changelog fragment
* Update plugins/modules/cloud/misc/terraform.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Adding ``integer_types`` from ``module_utils``
Simplified the ``integer_types``, ``str`` and ``float`` value population through ``json.dumps()``. Now the strings can have special characters which can break the module execution.
* Update changelogs/fragments/4797-terraform-complex-variables.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* * Changed to approach to make the code more readble and simple to understand.
* Maintaining the original for loop for the top_level variables. Therefore the rocess_conplex_args() now only handle second level variables when the type() is either Dict or List.
* Json dumps are used only for the low level variables. Terraform CLI had issues interpreting escape sequecences from json.dumps()
* Update plugins/modules/cloud/misc/terraform.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* adding boolean explicitly, although boolean is a subclass of integer, adding this for self documentation pupose and the clarity of the code.
* fixing the doc strings
* Update terraform.py
Fixing docstrings
* * Introducing format_args funtion to simplify formatting each argument type for top_level and lower level.
* Terraform Lists of strings, numbers, objects and lists are supported.
* Adding COMMAND: to the fail_json msg, for plan failures to help troubleshoot command line arguments.
* Update plugins/modules/cloud/misc/terraform.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* * Adding full terraform command to fail_json() when the terrafor plan fails
* Fixing a spelling mistake.
* plan_command if a list, stringifying the list
* * Fixing the new line for the change fragments
* Removed CR (\r) from the output messages. Now output lines carry only LF (\n), not CRLF (\r\n).
* Added integration testing for complex variables.
* Restructured integration testing code to be more expandable.
* Update changelogs/fragments/4797-terraform-complex-variables.yml
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* Update plugins/modules/cloud/misc/terraform.py
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* double-quotes are not properly escaped in shell, and python string
escaping are nullified the way terraform handle second tier string
variables (within terraform).
* changing all the task actions to FQCN format.
* integration testing now includes:
1. Top level strings containing, special shell characters, spaces,
double-quotes.
2. Second level strings containing, special shell characters, spaces,
double-quotes repeating double-quotes to ensure proper regex
substitution.
* Adding colon ':' to string test casses.
* Added complex_vars to switch between the old and the new variable
interpretations.
Updated the documentations to reflect the changes.
Updated the examples.
Handling '\' as well with the escape sequence.
* Added tests for the new escape sequences.
Added multilines tests.
* Restructuring the documente strings to a shorter string.
Argument_spec changed to 'bool'
* Update changelogs/fragments/4797-terraform-complex-variables.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/cloud/misc/terraform.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/cloud/misc/terraform.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/cloud/misc/terraform.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/cloud/misc/terraform.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/cloud/misc/terraform.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/cloud/misc/terraform.py
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
