terraform: remote state file exists check issue (#6296)
* remote state file exists check
In the official CLI implementation of Terraform, if the state file does not exist, a new one will be created, and there is no need to check that the state file already exists and with an error if file not exists.
```bash
# Test command
terraform apply -state test.tfstate. # if state file not exists ,terraform will create a new one
terraform destroy -state test1.tfstate ### Terraform will not throw any error, the command will succeed execute, only report no resource has destroy
```
* Update terraform.py
add 1 blank line to function end
* Create 6296-LanceNero-Terraform_statefile_check
remove file exists check (https://github.com/ansible-collections/community.general/pull/6296)
* resolve if case issue
* Add blank line
* Update 6296-LanceNero-Terraform_statefile_check
* Update changelogs/fragments/6296-LanceNero-Terraform_statefile_check
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* update code style
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* Update suffix to correct CI issue
* Update Code Style
* Update bug-fix to feature release
---------
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
(cherry picked from commit bf780ea738)
Co-authored-by: LanceNero <Lance.nero@gmail.com>
dconf: three minor but useful fixes (#6206)
* dconf: Correctly handle setting a key that has no value in DB
We need to check if the value in the database is None before we try to
parse it, because the GVariant parser won't accept None as an input
value. By definition if the value is None, i.e., there's no value in
the database, than any value the user is trying to set is a change, so
just indicate that it's a change without trying to compare the None to
whatever the user specified as the value.x
* dconf: Give a more useful error when writing a key fails
if writing a key fails, then include in the error that is returned the
exact key and value aguments that were given to the dconf command, to
assist in diagnosing failures caused by providing the key or value in
the wrong format.x
* dconf: Convert boolean values into the format that dconf expects
Even though we warn users to be careful to specify GVariant strings
for values, a common error is to be trying to specify a boolean string
which ends up getting converted into a boolean by the YAML parser or
Ansible. Then it gets converted to "True" or "False", the string
representations of Python booleans, which are not valid GVariants.
Rather than just failing with an obscure error when this happens,
let's be more user-friendly and detect when the user has specified a
boolean and convert it into the correct GVariant forms, "true" or
"false", so it just works. There's no good reason to be more pedantic
than that.
(cherry picked from commit a5765143f1)
Co-authored-by: Jonathan Kamens <jik@kamens.us>
archive: Generate crc32 over 16MiB chunks (#6274)
* archive: Generate crc32 over 16MiB chunks
Running crc32 over the whole content of the compressed file potentially
requires a lot of RAM. The crc32 function in zlib allows for calculating
the checksum in chunks. This changes the code to calculate the checksum
over 16 MiB chunks instead. 16 MiB is the value also used by
shutil.copyfileobj().
* Update changelogs/fragments/6199-archive-generate-checksum-in-chunks.yml
Change the type of change to bugfix
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update changelogs/fragments/6199-archive-generate-checksum-in-chunks.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 14b19afc9a)
Co-authored-by: Nils Meyer <nils@nm.cx>
homebrew: respect greedy flag for cask upgrade_all (#6267)
* homebrew: respect greedy flag for cask upgrade_all
* homebrew: implement feedback from code review
(cherry picked from commit 6c5c05dfdc)
Co-authored-by: Claude Becker <becker@phys.ethz.ch>
pipx: Add support for system_site_packages (#6308)
* pipx: Add support for system_site_packages
* Add changelog fragment
(cherry picked from commit f93a1bf5ec)
Co-authored-by: Paul Aurich <paul@darkrain42.org>
Add support to topics on Gitlab Project module (#6278)
* add topics to gitlab_project.py
* add chngelog fragment
* fix lint error
* Update changelogs/fragments/6277-add-topics-gitlab-project.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit cee5f31b70)
Co-authored-by: Lorenzo Tanganelli <35271287+tanganellilore@users.noreply.github.com>
redhat_subscription: fix D-Bus option for environments on CentOS (#6275)
Factorize the current logic to determine whether use 'environments' as
D-Bus registration option (rather than 'environment') in an own
function, so it is easier to read it and maintain it.
With the small helper function in place, extend the logic to support
CentOS: it is in practice the same as the RHEL one, with an additional
check to support CentOS Stream 8 (which is a rolling release, and not
versioned).
(cherry picked from commit c280b793de)
Co-authored-by: Pino Toscano <ptoscano@redhat.com>
redhat_subscription: manually unregister only when registered (#6259)
When registering using D-Bus and using a version of subscription-manager
with an unimplemented 'force' option, then unregister manually the
system only if it is registered. 'subscription-manager unregister'
errors out when trying to unregister an already unregistered system.
(cherry picked from commit c9e11e5c0c)
Co-authored-by: Pino Toscano <ptoscano@redhat.com>
pipx: document parameters supported with state=latest, and fix include_injected parameter (#6212)
* pipx: Document parameters supported with state=latest
* pipx: Support "include_injected" with states "upgrade" and "latest"
- Contrary to documentation, "include_injected" doesn't appear to have
worked with state=upgrade since it was introduced.
- Add support for include_injected with "latest", since "latest" is
specified as being install+upgrade.
* Add changelog fragment
* Update plugins/modules/pipx.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update changelog fragment
Co-authored-by: Felix Fontein <felix@fontein.de>
* pipx: Update to correct target release of community.general
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 33093e9f3e)
Co-authored-by: Paul Aurich <paul@darkrain42.org>
Fixed XenOrchestra inventory plugin failing due to not checking response ID. (#6227)
* Added call method to select proper response from xo server
* Added changelog fragment
* Removed excess blank lines
* Moved period in changelog fragment
* Made suggested changes
* Remove f-strings for Python 2.7 compatibility
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Linus Kirkwood <lkirkwood@allette.com.au>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit cd706454ec)
Co-authored-by: lirkwood <linuskirkwood@gmail.com>
nmcli: add runner_fast_rate option (#6148)
* add runner_fast_rate option
* unset default value for runner_fast_rate parameter
* add some commas
* Remove default in copy of argspec.
Co-authored-by: Sam Potekhin <eax24@ya.ru>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Sam Potekhin <eax24@ya.ru>
(cherry picked from commit d4f272ba52)
Co-authored-by: Alex Groshev <38885591+haddystuff@users.noreply.github.com>
nmcli: fixed idempotency issue with 'may_fail4' when 'method' is 'disabled' (#6106)
* nmcli: fixed idempotency issue with 'may_fail4' when 'method' is 'disabled'
* added note to documentation
* updated changelog fragment
* Update changelog fragment.
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 5ee687049f)
Co-authored-by: Sam Potekhin <heaveaxy@gmail.com>
pipx: Allow injected modules to add apps (#6198)
* pipx: Allow injected modules to add apps
Add support for pipx inject's "--include-apps" parameter.
* add changelog fragment
* fix pipx test ("install_apps", not "include_apps")
* fix pipx test -- add a second invocation for install_apps
* Update changelogs/fragments/6198-pipx-inject-install-apps.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/pipx.py
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 6fa833feed)
Co-authored-by: Paul Aurich <paul@darkrain42.org>
added hpe thermal config and fan percent min (#6208)
* added hpe thermal config and fan percent min
* typo fixed
* Create 6208-hpe-thermal-fan-percent.yaml
* fixed changelog fragment
* Update 6208-hpe-thermal-fan-percent.yaml
(cherry picked from commit 33ccabed13)
Co-authored-by: ky13 <k.william.ritchie@gmail.com>
Add archive param for proxmox_kvm module (#6159)
We simply add a param to allow proxmox administrator to restore VM from
an archives. This new option will be useful to automate automatic
creation and restore of VM.
Co-authored-by: Julian Vanden Broeck <julian.vandenbroeck@dalibo.com>
(cherry picked from commit 7059789f35)
Co-authored-by: Julian <374571+l00ptr@users.noreply.github.com>
Add Gitlab group runners support (#3935)
(cherry picked from commit f3be0076af)
Co-authored-by: Léo GATELLIER <26511053+lgatellier@users.noreply.github.com>
apt_rpm: add clean, dist_upgrade and update_kernel (#5867)
* clean performs apt-get clean.
* dist_upgrade performs apt-get dist-upgrade.
* update_kernel performs update-kernel to upgrade kernel packages.
* update_cache, clean, dist_upgrade and update_kernel can be used with and without specified packages.
(cherry picked from commit b1d94385ae)
Co-authored-by: Andrey Cherepanov <sibskull@gmail.com>
redhat_subscription: require credentials only when needed (#5664)
The module currently has a static 'required_if' statement for its
parameters that forces any of 'username' or 'activationkey' or 'token'
in case state=present; while this is generally a good idea, it can be
an extra requirements in some cases. In particular, if the system is
already registered, there is no need for credentials -- some of the
operations of the module, such as manipulating pools, can be done
perfectly without credentials.
Hence:
- change the static 'required_if' to require credentials only when
forcing the registration
- check for credentials manually when a registration is needed, i.e.
on an unregistered system; the fail message is the same as the one
shown by 'required_if'
Adapt the tests to this new situation:
- test_without_required_parameters now needs to mock an unregistered
system
- add a new version of test_without_required_parameters to test an
already registered system
- add a simple test case for only state=present usable on an already
registered system
- remove the credentials from a test case for pool attachment that
mocks an already registered system
(cherry picked from commit bbd68e26a2)
Co-authored-by: Pino Toscano <ptoscano@redhat.com>
rhsm modules: cleanly fail when not run as root (#6211)
subscription-manager on RHEL installs a symlink in /usr/bin to
console-helper (part of usermode), which triggers an interactive prompt
for root credentials when run as user. It seems that console-helper
does not handle well non-interactive contexts (e.g. without a TTY for
input), and thus it will hang waiting for input when run as user in an
Ansible task.
Since subscription-manager requires root already anyway (and it will
fail when explicitly run as user), then apply the same logic locally on
all the modules that interact with it: redhat_subscription,
rhsm_release, and rhsm_repository.
(cherry picked from commit 9f67cbbe36)
Co-authored-by: Pino Toscano <ptoscano@redhat.com>
Fix influxdb_user grants in check mode (#6111)
* Fix influxdb_user grants in check mode
When running in check mode, `influxdb_user` will return error when the user doesn't exist yet, instead of reporting `changed` state.
* Update changelogs/fragments/6111-influxdb_user-check-mode.yaml
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 3fb1ff0b72)
Co-authored-by: Petr Tichý <petr@pex.com>
Replace deprecated error with BadZipFile (#6180)
* Replace deprecated error with BadZipFile
* Use imported BadZipFile
Co-authored-by: Felix Fontein <felix@fontein.de>
* Add news fragment
* Update new fragment
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit f66cc7c933)
Co-authored-by: Hugo van Kemenade <hugovk@users.noreply.github.com>
Adding support for `-p` option to specify port(s) to scan (#6165)
* Adding support for `-p` option to specify port(s) to scan
* Adding changelog fragment file
* Corrected appending options
* Edit to doc section
* Correction in documentation type
* Fixed `:` use in doc breaking yaml
* Update changelogs/fragments/6165-nmap-port.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/inventory/nmap.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/inventory/nmap.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Adding usage example
* Adding comment to example that was missed
* Breaking line up, was too long for sanity test 160 char limit
* Still too long since spaces are counted
* Changed type to string to work for a single entry as well as comma separated values
* Update changelogs/fragments/6165-nmap-port.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/inventory/nmap.py
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit bf8f2950b4)
Co-authored-by: barloff-st <42866449+barloff-st@users.noreply.github.com>
openbsd_pkg: set TERM to 'dumb' in execute_command (#6149)
* openbsd_pkg: set TERM to 'dumb' in execute_command
Keeps pkg_add happy when someone running ansible is using a TERM that
the managed OpenBSD host does not know about.
Fixes#5738.
Selection of specific TERM from discussion at
https://marc.info/?l=openbsd-tech&m=167290482630534&w=2
* Add changelog fragment for openbsd_pkg TERM fix
* Update changelogs/fragments/6149-openbsd_pkg-term.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit b97bee3fd6)
Co-authored-by: Patrik Lundin <patrik@sigterm.se>
Updating yarn.list to not fail when when warnings are emitted (#6129)
* Updating yarn.list to not fail when when warnings are emitted
* Adding changelog fragment
* Adding _process_yarn_error function
* - Adding back changes to the changelog fragment
- Fixing formatting
* Fix trailing whitespace
* Update plugins/modules/yarn.py
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit df34569fad)
Co-authored-by: John Daly <john.daly2@gmail.com>
redhat_subscription: use D-Bus for registration if possible (#6122)
subscription-manager currently does not have a way to get credentials
(username, password, activation keys, organization ID) in a secure way:
the existing command line parameters can be easily spotted when running
a process listing while 'subscription-manager register' runs.
There is a D-Bus service, which is used by e.g. cockpit and Anaconda to
interface with RHSM (at least for registration and common queries).
Try to perform the registration using D-Bus, in a way very similar to
the work done in convert2rhel [1] (with my help):
- try to do a simple signal test to check whether the system bus works;
inspired by the login in the dconf module
- pass most of the options as registration options; for the few that are
not part of the registration, execute 'subscription-manager' manually
- add quirks for differently working (or not) registration options for
the D-Bus Register*() methods depending on the version of RHEL
- 'subscription-manager register' is used only in case the signal test
is not working; silent fallback in case of D-Bus errors during the
registration is not done on purpose to avoid silent fallback to a less
secure registration
[1] https://github.com/oamg/convert2rhel/pull/540/
(cherry picked from commit e939cd07ef)
Co-authored-by: Pino Toscano <ptoscano@redhat.com>
[make] Provide built command in the module output (#6160)
It may happen operator wants to get the built command instead of all the
parameters. This change injects a new entry in the dict output, showing
what command way actually launched.
This patch also takes the opportunity to add missing dots to some
documentation lines.
(cherry picked from commit a49ad340af)
Co-authored-by: Cédric Jeanneret <39397510+cjeanner@users.noreply.github.com>
dconf: Check for changes properly despite style of quotes used by user (#6049)
dconf: parse GVariant values to check for equality whenever possible
Direct string comparisons are an inaccurate way to compare two
GVariant representations. For example, 'foo' and "foo" (including the
quote marks, which are part of the representation) are equal GVariants
but if you just do a string compare (remember, including the quotes)
they'll be interpreted.
We therefore want to use the `gi.repository` Python library to parse
GVariant representations before comparing them whenever possible.
However, we don't want to assume that this library will always be
available or require it for Ansible to function, so we use a straight
string comparison as a fallback when the library isn't available. This
may result in some false positives, i.e., Ansible thinking a value is
changing when it actually isn't, but will not result in incorrect
values being written into `dconf`.
Co-authored-by: Jonathan Kamens <jik@jik5.kamens.us>
(cherry picked from commit 627371e2d8)
Co-authored-by: Jonathan Kamens <jik@kamens.us>
Fixes#6112: community.general.gitlab_runner KeyError: 'access_level' (#6130)
The fix ensures that no 'KeyError' is raised, when 'access_level' is not provided as module parameter or when 'access_level_on_creation' is false.
Signed-off-by: Christoph Fiehe <c.fiehe@eurodata.de>
Co-authored-by: Christoph Fiehe <c.fiehe@eurodata.de>
(cherry picked from commit c077818c5d)
Co-authored-by: cfiehe <cfiehe@users.noreply.github.com>
nmcli: fixed inability to change mtu on vlan connection (#6104)
* tests updated
Co-authored-by: Sam Potekhin <heaveaxy@gmail.com>
(cherry picked from commit 2dee3464dd)
Co-authored-by: Sam Potekhin <24751685+heaveaxy@users.noreply.github.com>
Fix Yarn global not working without explicit executable path (#6138)
* Fix Yarn global not working without explicit executable path
* changelog fragment
* fix formatting and add test
* oops
(cherry picked from commit 3d67f51824)
Co-authored-by: Sargun Vohra <sargun.vohra@gmail.com>
Add 'inventory_hostname' to the jail plugin documentation (#6118)
This fixes the following warning on FreeBSD:
[WARNING]: The "jail" connection plugin has an improperly configured
remote target value, forcing "inventory_hostname" templated value
instead of the string
(cherry picked from commit 9a97bc7c11)
Co-authored-by: Giacomo Olgeni <olgeni@olgeni.com>
jenkins_plugin: avoid undefined variable when updates file is not downloaded (#6100)
Avoid undefined variable when updates file is not downloaded.
(cherry picked from commit e8bdec2733)
Co-authored-by: Felix Fontein <felix@fontein.de>
add persistent option for modprobe (#5424)
* add persistent option for modprobe
* add suggested changes + fix broken test
* change modprobe module path in tests due to rebase
* change persistent option type from bool to str with choices
* fix unused import
* add example with persistent option
* fix some minor issues after review
- move regexps compiling to __init__
- move AnsibleModule to build_module function and use this function in tests instead of AnsibleModule
- fix terminlogy issue in documentation
* fix unused-import
(cherry picked from commit 29f5033737)
Co-authored-by: Alex Groshev <38885591+haddystuff@users.noreply.github.com>
Add new project features to API (#5986)
* Add new project features to API
* add changelog fragment
* remove extra line from changelog
* Update changelog formatting
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 617be6e124)
Co-authored-by: Hemant Zope <42613258+zhemant@users.noreply.github.com>
sefcontext: add support for path substitutions (#5830)
* sefcontext: add path substitution support (#1193)
First commit for feedback, missing docs and tests.
* sefcontext: add documentation
* Add changelog fragment
* Documentation formatting
* Delete extra newline
* pep8 fixes
Fix indentation
* Add version_added to arg docs
* Add examples
* Don't delete non-matching path substitutions
* Add integration tests
* Delete only substitutions if such arg passed
Don't delete existing regular file context mappings if deletion of
a path substitution was requested with the presence of the
`equal` arg - delete only path substitutions in such case.
Path substitutions and regular mappings may overlap.
* Can only add args in minor releases
:(
* Cleanup before tests
* Fix deletion using substitution
Was comparing wrong var.
* Fix test checking wrong var
* Improve args documentation and examples
List the default values for selevel, seuser.
Add example for deleting path substitutions only.
* Add attributes documentation block
Not sure if should add become/delegate/async,
shouldn't those work just like that without any
specific code added for them?
* and fix indentation on attribute block
* Consistent indentation for attributes
Confusing, most plugins indent with 4 spaces.
But some use 2 like the rest of the code, so use 2.
* Add missing ref for attribute block
* Use correct c.g version in doc block
Co-authored-by: Felix Fontein <felix@fontein.de>
* Add full stop to changelog fragment
Co-authored-by: Felix Fontein <felix@fontein.de>
* Streamline documentation
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* Support limiting deletion to setype
Deleting file context mappings may be limited by
passing setype or equal, if neither arg is passed
then delete either setype/equal mappings that match.
* Change arg name, diff mode output fix
Change arg name from equal to substitute.
Print target = subsitute in diff mode same way as
semanage does.
Also put back platform attribute, try to improve
clumsy language in the substitute arg docs.
* Delete even if arg setype not match existing
Test 5 indicates that deletion is supposed to not check that
the arg setype passed when deleting matches the setype
of the mapping to delete.
Delete any mapping that matches target, regardless of
setype arg value.
* Update arg name in tests
* Too eager replacing
Accidentally replaced seobject function names so fix them back
* 4564: Fix invalid setype in doc example
Change from httpd_git_rw_content_t which
does not exist to httpd_sys_rw_content_t
Fixes#4564
* Fix documentation attributes
Additional fragment
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update version_added in docs
Bumping minor to 6.4.0 since it didn't make 6.3.0.
* Add more description to the new arg docs
Try to improve discoverability of the new feature and make it easier to understand without deep SELinux understanding.
* Update platform to Linux in documentation
* Add equal as alias for the new argument
Improve discoverability of the new feature by adding an alias to the new module argument. The argument name "equal" will be easy to find for users who are not familiar with SELinux and who just try to match to the CLI tool `semanage`.
* And add alias argument properly
Previous commit missed actually adding the alias (added to docs only).
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
(cherry picked from commit c8a2ac3a47)
Co-authored-by: bluikko <14869000+bluikko@users.noreply.github.com>
cloudflare_dns: Fix setting SRV records with a root level entry (#5972)
* cloudflare_dns: Fix setting SRV records with a root level entry
* cloudflare_dns: Remove the part which deletes the zone from the SRV record name
The cloudflare API accepts the record name + zone name to be sent. Removing that, will guarantee the module to be idempotent even though that line was added ~7 years ago for that specific reason: 7477fe5141
It seems the most logical explanition is that Cloudflare changed their API response somewhere over the last 7 years.
* cloudflare_dns: Update the changelog fragment
(cherry picked from commit 094dc6b69c)
Co-authored-by: Roy Lenferink <lenferinkroy@gmail.com>
stop passing loader/dataloader since it has been deprecated by ansible (#6074)
* stop passing loader/dataloader since it has been deprecated by ansible
Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>
* add changelog fragment
Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>
* explicitly pass None to keep compatibility to older Ansible versions
Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>
* use try/except to keep things compatible
Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>
* Update plugins/lookup/cartesian.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/lookup/flattened.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/lookup/flattened.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/lookup/cartesian.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update changelogs/fragments/6074-loader_in_listify.yml.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit b64929118e)
Co-authored-by: schurzi <github@drachen-server.de>
keycloak_group: support keycloak subgroups (#5814)
* feat(module/keycloak_group): add support for ...
... handling subgroups
* added changelog fragment and fixing sanity ...
... test issues
* more sanity fixes
* fix missing version and review issues
* added missing licence header
* fix docu
* fix line beeing too long
* replaced suboptimal string type prefixing ...
... with better subdict based approach
* fix sanity issues
* more sanity fixing
* fixed more review issues
* fix argument list too long
* why is it failing? something wrong with the docu?
* is it this line then?
* undid group attribute removing, it does not ...
... belong into this PR
* fix version_added for parents parameter
---------
Co-authored-by: Mirko Wilhelmi <Mirko.Wilhelmi@sma.de>
(cherry picked from commit 7d3e6d1bb7)
Co-authored-by: morco <thegreatwiper@web.de>
github_webhook: Don't include secret in the config if it's absent (#5994)
* github_webhook: Don't include secret in the config if it's absent
* Add changelogs
* Fix indentation
* Apply suggestion to simplify the check
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: dima1206 <32818228+dima1206@users.noreply.github.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 1877ef1510)
Co-authored-by: dima1206 <32818228+dima1206@users.noreply.github.com>
zfs_delegate_admin: fix: zfs allow cannot parse unknown uid/gid (#5943)
When setting allow permissions for particular users or groups
there will be circumstances when that user is not known to the
host system.
In that case the output of `zfs allow <pool/dataset>`
looks similar to this:
$ sudo zfs allow tank/test
---- Permissions on tank/test ---------------------------------------
Local+Descendent permissions:
user (unknown: 1002) hold
user zfsuser receive
The fix in this commit removes ' (unknown: '+')' from the output
leaving only the uid/gid.
This allows the current parser to continue even if the uid/gid
is not known.
This situation occurs most often when moving a zpool from one system
to another that may not have the same users/groups. Simply adding
permissions to a user/group and then deleting the user/group
from the system will cause this situation to occur.
(cherry picked from commit 53f729730b)
Co-authored-by: Phil Kauffman <philip@kauffman.me>
nmcli: Treat order as significant when comparing address lists (#6048)
* nmcli: Treat order as significant when comparing address lists
Don't sort the old and new values for ipv4.addresses and
ipv6.addresses before comparing them, because order matters in these
parameters: the first address specified is the default source address
for outbound connections.
* Changelog fragment for #6048
* Update changelogs/fragments/6048-nmcli-addres-order.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 682c6fc967)
Co-authored-by: Jonathan Kamens <jik@kamens.us>
community.general.osx_defaults: Include stderr in error messages (#6011)
* Update osx_defaults documentation examples
* Include stderr in errors from osx_defaults
* Add Changelog Fragment
* Update changelogs/fragments/6011-osx-defaults-errors.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Change format of examples
* Update plugins/modules/osx_defaults.py
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 92544993c0)
Co-authored-by: Joseph Shanak <josephshanak@protonmail.com>
Added support for openSUSE MicroOS (#5998)
* fix(zypper): Added condition to check for transactional-update binary to support microos
closes#5615
* style(changelog): Made zypper-change uppercase
Co-authored-by: Felix Fontein <felix@fontein.de>
* fix(zypper): Removed check for /var/lib/misc/transactional-update.state
* feat(zypper): Aligned transactional-update checks with zypper's
* refactor(zypper): Removed dependency to psutil and made use of parsing /proc/mount
* refactor(zypper): Removed need for regex, plus small refactoring
---------
Co-authored-by: André Dörscheln <ad@itesign.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 2c762c4753)
Co-authored-by: andre161292 <andre161292@users.noreply.github.com>
providerType should be defaulted for keycloak_user_federation mappers (#5863)
* feat(modules/keycloak_user_federation): mapper ...
... provider type should have a default value
* add changelog fragment
---------
Co-authored-by: Mirko Wilhelmi <Mirko.Wilhelmi@sma.de>
(cherry picked from commit 95b8afdea3)
Co-authored-by: morco <thegreatwiper@web.de>
nmcli: two fixes needed to make wifi.wake-on-wlan settings work properly (#5431)
* nmcli: Convert current value of wifi.wake-on-wlan before comparing
The new value of wifi.wake-on-wlan is specified as an integer, but in
the nmcli output it's specified as a hex string followed by a textual
description of it. Therefore, to determine properly whether it's being
changed we need to pull the hex string out of the current value,
convert it into an integer, and finally convert the integer back to a
string so that we can compare it to the new specified value. Without
this change, whenever wifi.wake-on-wlan is specified in the module
arguments the module will think the value is being changed even when
it isn't.
* nmcli: Handle wifi options correctly when connection type not specified
When an nmcli task does not specify the connection type and the module
ask nmcli for it, the module needs to convert nmcli's
`802-11-wireless` to `wifi`, the term for this connection type used by
the module.
* nmcli: Correctly detect values changed to the integer 0
If the user specifies a value of 0 (without quotes) in a task, we
should interpret that as an actual value, not empty, when comparing
the new value to the old one. Otherwise we incorrectly conclude that
there was no change.
* Changelog fragment for #5431
(cherry picked from commit 490899f87f)
Co-authored-by: Jonathan Kamens <jik@kamens.us>
JC: Add plugin parser functionality to JC Filter Plugin (#6043)
* Add plugin parser functionality to JC Filter Plugin
The parse function was added in jc v1.18.0 which allows plugin parsers to be used. This change will try the new API if available, else fallback to the old API so there is no change in behavior.
* remove whitespace from blank line
* Add changelog fragment for JC plugin parser support
* add .yml extension to file name
* Formatting
* add period at end
(cherry picked from commit c168f9c3be)
Co-authored-by: Kelly Brazil <kellyjonbrazil@gmail.com>
Set User-Agent for API requests to DNSimple (#5927)
* Set the user-agent for API requests to DNSimple
* Update user agent format
* Add changelog fragment
* Update changelogs/fragments/5927-set-user-agent-dnsimple.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 33df7b61c0)
Co-authored-by: Ivan Bakalov <ibbakalov@gmail.com>
yarn: Fix state=latest not working with global=true (#5829)
* Yarn module: fix state=latest not working with global=true
* fix whitespace
* add changelog fragment
* add integration test cases
* add only tests for this PR (install+upgrade)
* fix assuming default global dir
* fix list() not working when global=true and name a package with no binary
* remove ignores
* whitespace
* Update changelogs/fragments/5829-fix-yarn-global.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update changelogs/fragments/5829-fix-yarn-global.yml
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
(cherry picked from commit 4c4ef80ca9)
Co-authored-by: Sargun Vohra <sargun.vohra@gmail.com>
Suppress urllib3 InsecureRequestWarnings when `validate_certs` option is false (#5931)
* Suppress urllib3 InsecureRequestWarnings when validate_certs option is false
Suppress urllib3 InsecureRequestWarnings when `validate_certs` option is false.
It's clear that the user would know the possible risk when he or she chose to turn off the option, so the warning message could be ignored and make the output clean.
* Create 5915-suppress-urllib3-insecure-request-warnings.yml
* Update changelogs/fragments/5915-suppress-urllib3-insecure-request-warnings.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Remove extra whitespaces
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit f0fd6aa97d)
Co-authored-by: Boik <qazbnm456@gmail.com>
Redfish: Removed basic auth header when performing a GET on the service root and POST to the session collection (#5903)
* Redfish: Removed basic auth header when performing a GET on the service root and POST to the session collection
* Update changelogs/fragments/5886-redfish-correct-basic-auth-usage-on-session-creation.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit ea5cbe2553)
Co-authored-by: Mike Raineri <mraineri@gmail.com>
Fixes#5907: gitlab_runner is not idempotent on first run after runner creation (#5908)
This fix introduces the new boolean option 'access_level_on_creation'. It controls, whether the value of 'access_level' is used for runner registration or not. The option 'access_level' has been ignored on registration so far and was only used on updates. The user is informed by a deprecation warning, if the option is unspecified. For reasons of compatibility 'false' is assumed in that case. The option 'access_level_on_creation' will switch to 'true' for the next major release (community.general 7.0.0)
Signed-off-by: Christoph Fiehe <c.fiehe@eurodata.de>
Co-authored-by: Christoph Fiehe <c.fiehe@eurodata.de>
(cherry picked from commit 31ff3f662d)
Co-authored-by: cfiehe <cfiehe@users.noreply.github.com>
dig lookup: support CAA record type (#5913)
* Support CAA record type.
* Update return docs.
(cherry picked from commit 451c90251a)
Co-authored-by: Felix Fontein <felix@fontein.de>
OpenNebula/one_vm implement the one.vm.updateconf API call (#5812)
* opennebula: Add template manipulation helpers
* one_vm: Use 'updateconf' API call to modify running VMs
* one_vm: Emulate 'updateconf' API call for newly created VMs
* opennebula/one_vm: Satisfy linter checks
* opennebula/one_vm: Apply suggestions from code review
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* opennebula/one_vm: Drop 'extend' function, use 'dict_merge' instead
* Add changelog fragment
* one_vm: Refactor 'parse_updateconf' function
* opennebula/one_vm: Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
* one_vm: Allow for using updateconf in all scenarios
---------
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 8818a6f242)
Co-authored-by: Michal Opala <mopala@opennebula.io>
Add support to Bitwarden Lookup for filtering results by collection (#5849) (#5851)
* Add support to Bitwarden Lookup for filtering results by collection id (#5849)
* Debug
* Add support to Bitwarden Lookup for filtering results by collection id (#5849)
* Update comments
* Fix blank line issue
* Fix unit tests for bitwarden lookup plugin. Add changelog fragment file.
* Change collectionId to collection_id parameter on bitwarden plugin
* Fix collection id parameter name when used in bw cli
(cherry picked from commit 7b8b73f17f)
Co-authored-by: Piotr <skc.peter@gmail.com>
Gem: Support force flag when uninstalling (#5822)
* Gem: Support force flag when uninstalling
* Improve docs' syntax
* Add changelog fragment
(cherry picked from commit fe520a6b09)
Co-authored-by: Juan Vela <juan.vela.bcn@gmail.com>
Bugfix: proxmox_disk - read time out on import (#5803)
* Use async calls and fix docs
* Add changelog fragment
(cherry picked from commit f38bfaddf0)
Co-authored-by: castorsky <csky57@gmail.com>
Clarify Error message when bitwarden vault not unlocked (#5811)
* Clarify Error message when vault not unlocked
You can be logged into the Bitwarden-CLI, but it can still be locked. This took me several hours to debug, since every time I ran 'bw login' it told me, that I am already logged in.
If you run 'bw unlock' without being logged in, you are prompted to log in.
This clarifies the Error occurring and can drastically reduce debugging time, since you don't have to look into the source code to get an understanding of whats wrong.
* RM: negation
Nobody needs negation
* Update function name
* FIX: tests
* ADD: changelog
* Update changelogs/fragments/5811-clarify-bitwarden-error.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit bf117c839c)
Co-authored-by: Christoph <29735603+Chr1s70ph@users.noreply.github.com>
bugfixing keycloak user federation failing when updating default mapper simultaneously (#5750)
* fix(modules/keycloak_user_federation): fixes ...
... user federation creation failing when also updating/changing default
mappers at the same time
* add changelog fragment for pr
Co-authored-by: Mirko Wilhelmi <Mirko.Wilhelmi@sma.de>
(cherry picked from commit 6781dd1918)
Co-authored-by: morco <thegreatwiper@web.de>
Bugfix/keycloak userfed idempotency (#5732)
* fix(modules/keycloak_user_federation): fixes ...
... federation read call not finding already existing federations
properly because of bad parametrisation
* fix(modules/keycloak_user_federation): added ...
... new integration test for module idempotency bugfix
* added changelog fragment for pr
Co-authored-by: Mirko Wilhelmi <Mirko.Wilhelmi@sma.de>
(cherry picked from commit 0ca41dedce)
Co-authored-by: morco <thegreatwiper@web.de>
nsupdate: fix zone lookup (#5818)
The SOA record for an existing zone is returned as an answer RR and not
as an authority RR. It can be returned as an authority RR for subdomains
of a zone.
$ dig -t SOA example.com
;; ANSWER SECTION:
example.com. 3530 IN SOA ns.icann.org. noc.dns.icann.org. 2022091184 7200 3600 1209600 3600
$ dig -t SOA www.example.com
;; AUTHORITY SECTION:
example.com. 3600 IN SOA ns.icann.org. noc.dns.icann.org. 2022091184 7200 3600 1209600 3600
(cherry picked from commit 5ad703ac64)
Co-authored-by: n0p90 <36303164+n0p90@users.noreply.github.com>
