sysrc: FreeBSD jail test no longer works with FreeBSD 13.1 (#7543)
Jail test no longer works with FreeBSD 13.1.
(cherry picked from commit b3c661a9f6)
Co-authored-by: Felix Fontein <felix@fontein.de>
CI: remove skip/python2.6 from aliases (#7534)
Remove skip/python2.6 from aliases.
Since 8.0.0 we no longer support any ansible-core version that supports Python 2.6.
(cherry picked from commit 89f12c87eb)
Co-authored-by: Felix Fontein <felix@fontein.de>
CI: Add rhel/9.3 for devel, remove rhel/9.2 (#7524)
* Add rhel/9.3 for devel, remove rhel/9.2.
* Also skip rhel/9.3 when skipping rhel/9.2.
* snapd is also on available on RHEL 9.3.
(cherry picked from commit 32fa588f47)
Co-authored-by: Felix Fontein <felix@fontein.de>
[ssh_config] Add support for ControlMaster (#7456)
* [ssh_config] Add support for ControlMaster
* Create separate function to convert bool
* Allow str values with yes/no options to also use bool
(cherry picked from commit c2f08c57e0)
Co-authored-by: Marcel <maleo@google.com>
timezone tests: do not restore original timezone if it wasn't known (value 'n/a') (#7476)
Do not restore original timezone if it wasn't known (value 'n/a').
(cherry picked from commit 57e36d7dc2)
Co-authored-by: Felix Fontein <felix@fontein.de>
* Fix more typos in plugins/.
* Fix typos in tests/unit/.
* Fix typos in tests/integration/.
* Fix more typos.
Co-authored-by: Sebastian Gumprich <rndmh3ro@users.noreply.github.com>
---------
Co-authored-by: Sebastian Gumprich <rndmh3ro@users.noreply.github.com>
* Add `executable` option to cargo
Add `executable` option to cargo to make the module easier to use with
cargo installed by rustup.
* Add changelog fragment
* Add license to integration test
* Do not test on CentOS 6
CentOS 6 cannot even validate the certificate in https://sh.rustup.rs.
* Fix condition to skip tests on CentOS 6
* Add version_added to path
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/cargo.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* shell → command
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* (fix) don't set version at latest at state: latest
If version is forcefully set at latest when state is latest, the package
will always be changed, as there is no version "latest" will ever be
detected. It is better to keep it None.
* (fix) fixed tests to reflect recent changes
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
* (feat) added changelog fragment for pull #7339
* (fix) apply correct punctuation to changelog
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* Add keycloak_realm_key module
* keycloak_realm_key: make "ansible-test sanity" happy
Signed-off-by: Samuli Seppänen <samuli.seppanen@puppeteers.net>
* keycloak_realm_key: support check_mode
* keycloak_realm_key: add integration tests
* keycloak_realm_key: remove FIXME comment
* keycloak_realm_key: fix EOL in integration test variables
* keycloak_realm_key: remove unused import
* keycloak_realm_key: remove integration test realm at the end of test suite
* keycloak_realm_key: add version_added metadata
* keycloak_realm_key: add documentation for end_state
* keycloak_realm_key: support the "certificate" parameter
As with "private_key" changing the certificate after creation is not possible
because we can't compare the current value to the desired value.
* keycloak_realm_key: document default for certificate parameter
Signed-off-by: Samuli Seppänen <samuli.seppanen@puppeteers.net>
* keycloak_realm_key: implement diff mode
* Update plugins/modules/keycloak_realm_key.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_realm_key.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_realm_key.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_realm_key.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_realm_key.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* keycloak_realm_key: remove note about literal linefeeds
* keycloak_realm_key: remove defaults from priority and certificate
* keycloak_realm_key: mark diff and check modes as partially supported
* keycloak_realm_key: implement "force" parameter
This ensures that the desired state is always enforced on keys that should be,
and are, present.
* keycloak_realm_key: fix yaml parsing error in documentation
* keycloak_realm_key: document why check_mode support is partial
* Update plugins/modules/keycloak_realm_key.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_realm_key.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* keycloak_realm_key: documentation and metadata fixes
* keycloak_realm_key: small documentation fix
* keycloak_realm_key: change version_added to 7.5.0
* Update plugins/modules/keycloak_realm_key.py
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Signed-off-by: Samuli Seppänen <samuli.seppanen@puppeteers.net>
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update as per PR comments
* Move common code to module_utils
* Break up long import line
* Fix pipeline errors
* Inital version of check_mode support
* Fix updating a role, add tests
* Fix line spacing
* Fix line indentation
* Add consul-role tests
* Fixes for role update
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update as per MR comments
* Update as per MR comments
* Fix documentation issues
* Add types for sub-options
* Allow setting of policy, service and node id fields by specifying a value, or leaving them unchanged by omitting them
* Fix typo in test
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
* Reset and force push to get rid of merge
* Corrected unit tests
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
* Add suboptions documentation for node and service identities
* Fix PEP errors from pipeline
* Fix pipeline errors.
* Fix more pipeline errors
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
* Fix line that is too long
* Not specifying a value for description during update now leaves existing value unchanged
* Fixes for pipeline errors
* Add test cases to verify handling description works
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* Add `ignore_spaces` option to `ini_file` to ignore spacing changes
Add a new `ignore_spaces` option to the `ini_file` module which, if
true, prevents the module from changing a line in a file if the only
thing that would change by doing so is whitespace before or after the
`=`.
Also add test cases for this new functionality. There were previously
no tests for `ini_file` at all, and this doesn't attempt to fix that,
but it does add tests to ensure that the new behavior implemented here
as well as the old behavior in the affected code are correct.
Fixes#7202.
* Add changelog fragment
* pep8 / pylint
* remove unused import
* fix typo in comment in integration test file
* Add symlink tests to main.yml
It appears that #6546 added symlink tests but neglected to add them to
main.yml so they weren't being executed.
* ini_file symlink tests; create output files in correct location
* Add integration tests for ini_file ignore_spaces
* PR feedback
* cmd_runner module utils: fix bug when passing absolute path not in standard search paths
* improved tests
* changed /usr/bin/echo to /bin/echo for the sake of alpine
* fixed error messaging for last testcase
* add condition to test cases, and remove macos from troubling ones
* fix templating
* fix templating
* exclude centos 6 from testcases copying echo to tmp dir
* try different way of specifying version
* trying trick for old jinjas
* use os.path.isabs() to determine if path is absolute
* add changelog frag
* Update plugins/module_utils/cmd_runner.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update changelogs/fragments/7200-cmd-runner-abs-path.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* (feat) New module pnpm added
A new module for pnpm is added. Necessary entries were written to
BOTMETA.yml.
* (feat) Basic tests added
* (feat) reduced nesting of ifs
* (fix) trying to fix up CI pipelines
* (fix) incorrect indentation of alias fixed
* (feat) fixed further indentations
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
* (fix) various linting and CI errors fixed/ignored
* (feat) reduced restriction, new install method
Some restrictions on OS are reduced. New installation method, similar to
the official installation method, is provided.
* (fix) ignoring CentOS 6 for CI.
* retrigger checks
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* freebsd: shutdown -p ... on freebsd to power off machine
* Use shutdown -p ... on FreeBSD such that the machine is halted and
powered off (-p) otherwise the machine is halted (-h) but remains on.
* Update changelogs/fragments/7102-freebsd-shutdown-p.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* add support for percentage of origin size for creating snapshot volumes
* add changelog fragment
* add pull request link
Co-authored-by: Felix Fontein <felix@fontein.de>
* fix what's not idempotent
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* ejabberd_user: bug fixes + tests
* fix changed property
* add license to handler file
* adjustments to test
* add needs/target/setup_epel to aliases
* further adjustments to integration tests
* add target to integration tests
* add some skips to test
* skip centos as it has no ejabberd
* skip fedora as it has no ejabberd
* discard unused epel setup
* add changelog frag
* remove ejabberd before tests
* fix typo
* pacman: support yay as root
* make pylint happy
* minor adjustments
* rollback some test actions
* removal of user and pkgs in handlers
* add comment to note
* add changelog frag
* fix doc
* Update tests/integration/targets/pacman/tasks/yay-become.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update tests/integration/targets/pacman/tasks/yay-become.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* simplify pkg install in int. tests
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* snap: add track 'latest' if no track is specified
See https://snapcraft.io/docs/channels for more details.
* snap: assume track latest if channel does not specify it
* Split into separate PR
* Refactor test, add author to inactive maintainers
* Add changelog fragment and correct requirements section on module documentation
* Add changelog fragment and correct requirements section on module documentation
* Update changelogs/fragments/6755-refactor-consul-session-to-use-requests-lib-instead-of-consul.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Valerio Poggi <vrpoggigmail.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
* [proxmox_template] Fix error while uploading big ISO to Proxmox VE cluster
* Fix pep8 test
* Add changelog fragment
* Add notes about requests_toolbelt
* Check versions and file size
* Fix typo in notes
* Add unit test. Move try inside of each function.
* Fix sanity tests
* Add proxmoxer in requirements file
* Update integration tests
* Add proxmoxer into constraints.txt
* Address review comments
* Don't run tests on 2.6 python
* Disable Python 2.6 tests for other proxmox modules
* locale_gen: fix
* test working with C.UTF-8
* working with locale eo
* handle C.UTF-8 edge cases
* grammatic pedantism
* add changelog frag
* add doc about specific OS support
* update changelog frag
Needs some special requirements on Python 2.6 so that it can contact the server.
These seem to be installed when running all tests. I don't want to figure out what exactly
is missing, so let's just skip the tests on Python 2.6 for now.
* filesystem: add UUID change feature
* Add changelog fragment for 6680
* Do not test XFS filesystem UUID reset on FreeBSD
FreeBSD error: xfs_admin: only 'rewrite' supported on V5 fs
* Apply suggestions from code review #1
Co-authored-by: Felix Fontein <felix@fontein.de>
* Set filesystem UUID on FS creation
* Fix tests - switch to ansible.builtion.to_uuid
* Fix tests - Refactor to avoid FS remove tasks
* Fail if uuid option not yet supported for fstype
* Set resizefs and uuid options mutually exclusive
* Apply suggestions from code review no 2.
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* ini_file: make inactive options as active if they exist, instead of creating a new option entry
Add changelog fragment
* Update changelogs/fragments/ini_file-use-inactive-options-when-possible.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Fix test
* Update tests
* Fix spelling
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* Add more integration tests for ldap_search
* Add new page_size option to ldap_search
* Add changelog fragment
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
* Simplify if statement to reduce negatives
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* Set up secure ldap server
* ldap: Added client cert options
Shamelessly copied from https://github.com/andrewshulgin/ldap_search
* Added tests for ldap client authentication
* Add changelog fragment
* Make sure the openssl commands work on older versions of openssl
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
* Remove aliases for new arguments
* Add required_together to ldap module declerations
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* Add composites to keycloak_role module
* Add composites support for realm role in keycloak module_utils
* Clean f.write from keycloak_role module
* keycloak_role support state for realm role composites
* Add support for composites in client role for keycloak_role module
* Add changelog fragment for keycloak role composites PR
* Fix pep8 and validate-modules tests errors
* Update changelogs/fragments/6469-add-composites-support-for-keycloak-role.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_role.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_role.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_role.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_role.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_role.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_role.py
I will try it
Co-authored-by: Felix Fontein <felix@fontein.de>
* Fix test_keycloak_role assertion
* Fix role composite compare before update in keycloak_role module
* Fix realm problem with update_role_composites in keycloak.py module_utils
* Add units tests for composites and client roles in keycloak_role module
* Update plugins/module_utils/identity/keycloak/keycloak.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/module_utils/identity/keycloak/keycloak.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Change try in is_struct_included and add unit tests for keycloak.py module_utils
* Add integration tests for composites roles and fix bug with non master roles in keycloak_role module
* Update plugins/modules/keycloak_role.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_role.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_role.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/module_utils/identity/keycloak/keycloak.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/module_utils/identity/keycloak/keycloak.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* is_struct_included refactor
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* MH mh/mixins/deps.py: prevent deprecation warning when no deps are specified
* rollback empty "patch" on license markers to prevent test error
* disable test in ansible 2.12
* add changelog frag
* [WIP] snap: aware of channel in installed snaps
* parse snap list output and assert whether channel matches
* undo test
* fail rightfully when install with different channel does not work
* transparetent refresh
* rollback comment in integration test
* rollback comment in integration test
* add changelog frag
* Update plugins/modules/snap.py
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* New Proxmox VE modules to handle pools and their membership
* Fix pep8 linting errors
* Fix pep8 and compatibility errors
* Add required fields in the documentation
* Typo fix
* Fix pylint errors
* Fix the last one error
* Address review comments
* Fix linting error
* Add integration tests playbook
* Add assert for the diff mode
* Address review comments
* Fix typo in the word
* Fail for non-empty pool even in check_mode
* ini_file: Don't creates new file instead of following symlink
This is a bug fix that address a situation where `community.general.ini_file`
was destroying symlinks instead of updating of updating their targets.
Closes: #6470
* ini_file: add the follow parameter
If `poth` points on a symlink and `follow` is true, the `ini_file` plugin
will preserve the symlink and modify the target file.
* adjust the documentation of the new key
- yes/no -> true/false.
- new key will be introduced in 7.1.0.
- clean up the `state=link` part.
* Add FreeBSD 13.2.
* Skip FreeBSD 13.2 for iso_extract tests.
* Fix autoremove test: m4 is no longer a dependency, or it was already installed beforehand.
* Also disable the jail tests for FreeBSD 13.2.
* feat: Allow non-returning SQL statements
- The current implementation fails out when certain statements or
batches do not have resultsets - this limits the usefulness of the
module
- Instead, it is known that statements without resultsets return then
OperationalError exception with text "Statement not executed or
executed statement has no resultset". We will utilize these facts to
accept these statements
- The implementation also assumes that users will always use best-
practices for the script syntax; that is, "GO" will always be
capitalized but this is not strictly required -- update to allow "GO"
to be any mixed-case
Signed-off-by: Lesley Kimmel <lesley.j.kimmel@gmail.com>
* feat: Add changelog fragment for change
- Add changelog fragment for PR 6192
Signed-off-by: Lesley Kimmel <lesley.j.kimmel@gmail.com>
* feat: Improve batching
- Previous batching had shortcomings like making strict assumptions
about the format of the incoming script and did not handle Windows-
based scripts (e.g. \r characters). It also did not handle cases where
there were trailing or leading whitespace characters round the 'GO'
- Added a special case for removing the Byte Order Mark (BOM) character
that may come as part of a script when slurped from some hosts.
Signed-off-by: Lesley Kimmel <lesley.j.kimmel@gmail.com>
* feat: Use str.splitlines()
- Use of this method is cleaner
Signed-off-by: Lesley Kimmel <lesley.j.kimmel@gmail.com>
* Update changelogs/fragments/6192-allow-empty-resultsets.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* fix: Update transcribing errors
- Replace local namespace with project namespace
- Remove 'return' statement from the module.fail_json call
Signed-off-by: Lesley Kimmel <lesley.j.kimmel@gmail.com>
---------
Signed-off-by: Lesley Kimmel <lesley.j.kimmel@gmail.com>
Co-authored-by: Lesley Kimmel <lesleyk@vmware.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
This fix ensures that in case of a project quota, the corresponding project gets initialized, if required.
Signed-off-by: Christoph Fiehe <c.fiehe@eurodata.de>
Co-authored-by: Christoph Fiehe <c.fiehe@eurodata.de>
* Add keycloak_authz_authorization scope module
This module allows managing Keycloak client authorization scopes. The client has
to have authorization enable for this to work.
* botmeta: make mattock maintainer of keycloak_authz_authorization_scope
* botmeta: add mattock to team_keycloak
* keycloak_authz_authorization_scope: documentation and code layout fixes
* keycloak_authz_authorization_scope: do not fail on names with whitespace
* keycloak_authz_authorization_scope: use url quote method
Co-authored-by: Felix Fontein <felix@fontein.de>
* keycloak_authz_authorization_scope: style fixes to documentation
* keycloak_authz_authorization_scope: do not claim check/diff mode support
* keycloak_authz_authorization_scope: fix documentation
* keycloak_authz_authorization_scope: support check_mode and diff_mode
* keycloak_authz_authorization_scope: use more common terminology
Most keycloak modules use before_<object_type> and desired_<object_type> to
designate current and desired states of objects. Do the same for authorization
scopes.
* keycloak_authz_authorization_scope: fixes to check_mode and docs
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* pipx and pipx_info: Document that modules require pipx 0.16.2.1 or above
Since their introduction, these modules rely on 'pipx list --json' to
return machine-readable output about installed pipx applications. That
functionality was introduced in 0.16.2, along with a critical bug fix
(invalid json) in 0.16.2.1.
* pipx: fix state=latest with install_deps=true
"pipx upgrade" stopped supporting the "--include-deps" option
("install_deps" in the ansible module) in pipx 0.15
(https://pypa.github.io/pipx/changelog/#01500).
The lack of support causes the pipx module to fail if attempting to use
state=latest with install_deps, since the parameter is passed to both
pipx install (fine) and pipx upgrade (fails).
* Add changelog fragment
* Initial implementation for new modules btrfs_subvolume and btrfs_info
* Improve/flesh out documentation. Add ability to target filesystem by uuid, label or device. Update tests to test targeting filesystem by each supported parameter and when only mountpoint.
* Updates for btrfs modules. Add missing copyright notices. Switch options to contains in return documentation. Update btrfs_subvolume to always use closest parent mount.
* Add maintainers for btrfs module(s) and remove unused class member cause lint failure.
* Add changelog fragment. Attempt to only run against the VMs as part of CI.
* Updates per code review. Remove changelog fragment. Switch use of map to list comprehension. Add trailing comma to last item in multi-line dicts. Clean up documentation with complete senstences for descriptions and correct/consistent use of macros.
* Improved error handling in btrfs_subvolume module: add custom exception type, favor exceptions over immediate call to fail_json and add single top level return for failure scenarios. Normalize name and snapshot_source parameters early in module execution and remove unecessary duplicate normalization throughout processing.
* Add azp/posix/3 to aliases per feedback
* Clean up automatic mounting. Prevent automount when check_mode=True. Immediately fail if a mount is identified as required and automount=True. Identify the minimal subset of subvolumes that need to be mounted instead of just finding a single common root.
* Skip btrfs_subvolume integration tests if btrfs-progs isn't successfully installed.
* Bump version_added for btrfs modules to 6.6.0. Ensure consistent trailing punctuation for module descriptions and document check_mode behavior as attribute description rather than a module level note.
* Remove unused imports from btrfs_subvolume module.
* Fix import.
* Docs improvements.
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* Add module to manipulate KDE config files using kwriteconfig
* Fix license issues
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
* Add smeso as kdeconfig.py maintainer
* Fix attributes fragment name
* Fix test
* Do not use shutil.chown
It isn't available on old Python versions
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* pipx: Allow injected modules to add apps
Add support for pipx inject's "--include-apps" parameter.
* add changelog fragment
* fix pipx test ("install_apps", not "include_apps")
* fix pipx test -- add a second invocation for install_apps
* Update changelogs/fragments/6198-pipx-inject-install-apps.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/pipx.py
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* feat(ssh_config): proxyjump option
* feat(ssh_config: add proxyjump test
* CamelCase ProxyJump
* add changelog fragment
* Update plugins/modules/ssh_config.py
add version_added
Co-authored-by: Felix Fontein <felix@fontein.de>
* update task name to include new proxyjump option
* adding tests for proxyjump option
* fixing assert variable name
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* sefcontext: add path substitution support (#1193)
First commit for feedback, missing docs and tests.
* sefcontext: add documentation
* Add changelog fragment
* Documentation formatting
* Delete extra newline
* pep8 fixes
Fix indentation
* Add version_added to arg docs
* Add examples
* Don't delete non-matching path substitutions
* Add integration tests
* Delete only substitutions if such arg passed
Don't delete existing regular file context mappings if deletion of
a path substitution was requested with the presence of the
`equal` arg - delete only path substitutions in such case.
Path substitutions and regular mappings may overlap.
* Can only add args in minor releases
:(
* Cleanup before tests
* Fix deletion using substitution
Was comparing wrong var.
* Fix test checking wrong var
* Improve args documentation and examples
List the default values for selevel, seuser.
Add example for deleting path substitutions only.
* Add attributes documentation block
Not sure if should add become/delegate/async,
shouldn't those work just like that without any
specific code added for them?
* and fix indentation on attribute block
* Consistent indentation for attributes
Confusing, most plugins indent with 4 spaces.
But some use 2 like the rest of the code, so use 2.
* Add missing ref for attribute block
* Use correct c.g version in doc block
Co-authored-by: Felix Fontein <felix@fontein.de>
* Add full stop to changelog fragment
Co-authored-by: Felix Fontein <felix@fontein.de>
* Streamline documentation
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* Support limiting deletion to setype
Deleting file context mappings may be limited by
passing setype or equal, if neither arg is passed
then delete either setype/equal mappings that match.
* Change arg name, diff mode output fix
Change arg name from equal to substitute.
Print target = subsitute in diff mode same way as
semanage does.
Also put back platform attribute, try to improve
clumsy language in the substitute arg docs.
* Delete even if arg setype not match existing
Test 5 indicates that deletion is supposed to not check that
the arg setype passed when deleting matches the setype
of the mapping to delete.
Delete any mapping that matches target, regardless of
setype arg value.
* Update arg name in tests
* Too eager replacing
Accidentally replaced seobject function names so fix them back
* 4564: Fix invalid setype in doc example
Change from httpd_git_rw_content_t which
does not exist to httpd_sys_rw_content_t
Fixes#4564
* Fix documentation attributes
Additional fragment
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update version_added in docs
Bumping minor to 6.4.0 since it didn't make 6.3.0.
* Add more description to the new arg docs
Try to improve discoverability of the new feature and make it easier to understand without deep SELinux understanding.
* Update platform to Linux in documentation
* Add equal as alias for the new argument
Improve discoverability of the new feature by adding an alias to the new module argument. The argument name "equal" will be easy to find for users who are not familiar with SELinux and who just try to match to the CLI tool `semanage`.
* And add alias argument properly
Previous commit missed actually adding the alias (added to docs only).
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* feat(module/keycloak_group): add support for ...
... handling subgroups
* added changelog fragment and fixing sanity ...
... test issues
* more sanity fixes
* fix missing version and review issues
* added missing licence header
* fix docu
* fix line beeing too long
* replaced suboptimal string type prefixing ...
... with better subdict based approach
* fix sanity issues
* more sanity fixing
* fixed more review issues
* fix argument list too long
* why is it failing? something wrong with the docu?
* is it this line then?
* undid group attribute removing, it does not ...
... belong into this PR
* fix version_added for parents parameter
---------
Co-authored-by: Mirko Wilhelmi <Mirko.Wilhelmi@sma.de>