1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00
Commit graph

144 commits

Author SHA1 Message Date
delinea-sagar
3e56da5371
tss lookup plugin - Fetch secret by path (#6881)
* Added support to fetch secret by path

* Fixed linting issue

* Fixed PR comments

* Chnaged description of secret path
2023-07-14 19:43:14 +02:00
jantari
5365647ee7
New lookup plug-in: Bitwarden Secrets Manager (#6389)
* add Bitwarden Secrets Manager lookup

* fix pep8 and yamllint complaints

* fix version_added, add maintainer and copyright notice

* document BWS_ACCESS_TOKEN env var and declare as required

* avoid returning nested list

* update 'value of a secret' example after f6c4492c

* update copyright notice in bitwarden_secrets_manager plugin

thx felixfontein

Co-authored-by: Felix Fontein <felix@fontein.de>

* rename classes to distinguish from existing bw plugin

* use AnsibleLookupError, formatting

* bump version_added to 7.0.0

Co-authored-by: Felix Fontein <felix@fontein.de>

* ci fix: python style guide calls for excessive blank lines

https://peps.python.org/pep-0008/#blank-lines

* first attempt at unit tests for bws lookup

* ci fix: remove trailing newline

* attempt to fix tests object not callable error

* address formatting, tests and pyright suggestions

* reduce scope of mocked code for more real test coverage

only the actual bws CLI call is mocked now, this should enable the
exception thrown test to succeed if I didn't add new problems

* fix undefined variable 'expected_rc'

* fix mocked _run method to return correct data types

* keep list of one element for test case comparison

* bump version_added to 7.2.0

Co-authored-by: Felix Fontein <felix@fontein.de>

---------

Co-authored-by: jantari <jantari@github.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
2023-07-08 10:11:02 +02:00
Matthew Davis
89ad18d1a7
random_string docs to say it's cryptographically secure (#6691)
Modify random_string docs to state that randomness is cryptographically secure
2023-06-29 23:29:50 +02:00
Felix Fontein
fd63f583ef
Improve seealso (#6766)
* Improve seealso.

* Update ignore files.
2023-06-22 13:16:22 +02:00
laszlojau
6bff57ee6e
Fix multiple issues with the TSS lookup plugin when using fetch_attachments (#6720)
* Treat files as binary when downloading attachments

* Raise a warning when the attachment can't be read

* Set the 'itemValue' for files, even when they can't be read

* Always return the original secret content

* Add changelog

* Fix changelog

* Update changelog

Co-authored-by: Felix Fontein <felix@fontein.de>

* Revert "Always return the original secret content"

This reverts commit a9fb96e165.

---------

Co-authored-by: Felix Fontein <felix@fontein.de>
2023-06-20 18:23:16 +02:00
Felix Fontein
13e9e4b196
Add more semantic markup (#6744)
Add more semantic markup.
2023-06-20 08:14:02 +02:00
Dominik Haßelkuss
473e557c2f
Onepassword lookup add service accounts (#6660)
* add service account token and bypass required fields when service account token is set

* add token to base class

* add Info

* add service_account_token

* add service_account_token

* add documentation

* add service_account_token

* fix E111: indentation is not a multiple of 4

* fix lint problems

* Update plugins/lookup/onepassword_raw.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/modules/onepassword_info.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/lookup/onepassword.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* add changelog fragment

* change type service_account_token to align to domain option

* add fragment value

* Update changelogs/fragments/6660-onepassword-lookup-service-account.yaml

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/lookup/onepassword.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* remove service_account_token from onepassword_info.py

* adjust V1 to raise error if service_account_token is set

* adjust V1 to raise error if service_account_token is set

* adjust V1 to raise error if service_account_token is set

* adjust if assert_logged_in

* Update plugins/lookup/onepassword.py

Co-authored-by: Sam Doran <github@samdoran.com>

* Update plugins/lookup/onepassword.py

Co-authored-by: Sam Doran <github@samdoran.com>

* remove double return

* remove new line

* remove new line

* remove new line

* remove spaces

* remove new line

* remove spaces

* Update plugins/lookup/onepassword_raw.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* add _check_required_params

* Update plugins/lookup/onepassword.py

Co-authored-by: Sam Doran <github@samdoran.com>

* Update plugins/lookup/onepassword.py

Co-authored-by: Sam Doran <github@samdoran.com>

* remove _check_required_params

* remove spaces

* Update plugins/lookup/onepassword.py

Co-authored-by: Sam Doran <github@samdoran.com>

* remove code

---------

Co-authored-by: Jan Sagurna <jan.sagurna@sag-solutions.com>
Co-authored-by: Jan Sagurna <58932831+jansagurna@users.noreply.github.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Sam Doran <github@samdoran.com>
2023-06-15 19:18:12 +02:00
Felix Fontein
6fc1df9b83
Use semantic markup (modules a-c) (#6671)
* Use semantic markup.

* E() now works better.
2023-06-15 15:46:33 +02:00
Felix Fontein
7ae8cc9902
Semantic markup: use E() in more places (#6699)
Use semantic markup.
2023-06-15 09:29:30 +02:00
Felix Fontein
011b2f8bdc
Start using semantic markup (#6627)
* Start using semantic markup.

* Forgot some places.

* Fix typo.

* Use 'ignore:' prefix until https://github.com/ansible-community/antsibull-docs/pull/155 is out.

* Break too long line.
2023-06-10 09:28:40 +02:00
delinea-sagar
eddd1ba4f2
Fetch secret id's which are in folder by folder id (#6652)
Added function to fetch secret id's by folder id
2023-06-09 17:14:05 +02:00
Chris Evich
36e8653cf7
Minor bitwarden plugin req. docs addition (#6613)
The Bitwarden CLI requires a `login` followed by an `unlock` operation.
The later will display a message regarding setting (and exporting) the
`$BW_SESSION` env. var. When using the `bitwarden` lookup plugin, having
the env. var. set and available (exported) to Ansible is critical.
Without it, the plugin will simply return the error:

`Bitwarden Vault locked. Run 'bw unlock'.`

Make this clearer in the requirement documentation.

Signed-off-by: Chris Evich <cevich@redhat.com>
2023-06-05 21:18:12 +02:00
delinea-sagar
91376f7989
tss lookup - Dev.secret (#6431)
* added support to download secret server secret attachments

* added support to download secret server secret attachments

* Fixed PR comments

* Fixed yaml lint errors

* Resolved the review comments

* Removed white space

* Added comment to explain usecase of parametrs

* Removed trailing whitespace

* Updated description of fetch_attachments variable

* Updated comment

* Fixed commnets and added changelog fragment

* Fixed lint error

* Removed the file a it's throwing lint error

* Added changelog fragment

* Fixed comment

* Fixed pr comment
2023-05-03 22:12:09 +02:00
Felix Fontein
c58dda14c2
passwordstore plugin: vendor FileLock that was removed from ansible-core devel (#6447)
Vendor FileLock that was removed from ansible-core devel.
2023-04-28 12:08:45 +02:00
Kevin P. Fleming
64e797d077
dig: Support multiple domains in a single lookup (#6334)
* dig: Support multiple domains in a single lookup (#6334)

The docs for this plugin indicated that multiple domains could be
specified at once, but the code did not support multiple domains.

* Address review feedback.
2023-04-16 14:26:44 +02:00
Roy Lenferink
05824a0754
merge_variables: Fix example section (#6250) 2023-03-26 15:42:48 +02:00
Roy Lenferink
f52dd194f9
Add new merge_variables lookup plugin (#5533)
* Add new merge_variables lookup plugin

* Add changelog fragment

* Process bot feedback

* Refactor override options and add pattern_type option

* Fix unit tests

* Changed default pattern_type and simplified plugin based on feedback

* Processed feedback for merge_variables lookup plugin

* Adjust version_added.

---------

Co-authored-by: Felix Fontein <felix@fontein.de>
2023-03-26 11:27:30 +02:00
schurzi
b64929118e
stop passing loader/dataloader since it has been deprecated by ansible (#6074)
* stop passing loader/dataloader since it has been deprecated by ansible

Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>

* add changelog fragment

Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>

* explicitly pass None to keep compatibility to older Ansible versions

Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>

* use try/except to keep things compatible

Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>

* Update plugins/lookup/cartesian.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/lookup/flattened.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/lookup/flattened.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/lookup/cartesian.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update changelogs/fragments/6074-loader_in_listify.yml.yml

Co-authored-by: Felix Fontein <felix@fontein.de>

---------

Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
2023-02-25 15:29:27 +01:00
Glenn Marcy
5648e0e2af
onepassword: ignore errors from "op account get" (#5942)
* ignore errors from "op account get"

* add changelog fragment

* Update changelogs/fragments/5942-onepassword-ignore-errors-from-op-account-get.yml

Co-authored-by: Felix Fontein <felix@fontein.de>

---------

Co-authored-by: Felix Fontein <felix@fontein.de>
2023-02-22 15:23:50 +01:00
Felix Fontein
2b8ac3c629
Remove unneccessary imports (#5940)
* Remove unneccessary imports.

* Keep unnecessary imports in module_utils - for now.

* Make older sanity tests shut up.

* Also make flake8 happier.
2023-02-12 19:48:39 +01:00
Felix Fontein
451c90251a
dig lookup: support CAA record type (#5913)
* Support CAA record type.

* Update return docs.
2023-01-29 18:19:14 +01:00
Felix Fontein
3da24d50cd
dig lookup: fix DNSKEY's algorithm handling (#5914)
Fix DNSKEY's algorithm handling.
2023-01-29 18:18:27 +01:00
Piotr
7b8b73f17f
Add support to Bitwarden Lookup for filtering results by collection (#5849) (#5851)
* Add support to Bitwarden Lookup for filtering results by collection id (#5849)

* Debug

* Add support to Bitwarden Lookup for filtering results by collection id (#5849)

* Update comments

* Fix blank line issue

* Fix unit tests for bitwarden lookup plugin. Add changelog fragment file.

* Change collectionId to collection_id parameter on bitwarden plugin

* Fix collection id parameter name when used in bw cli
2023-01-28 11:28:18 +01:00
Christoph
bf117c839c
Clarify Error message when bitwarden vault not unlocked (#5811)
* Clarify Error message when vault not unlocked

You can be logged into the Bitwarden-CLI, but it can still be locked. This took me several hours to debug, since every time I ran 'bw login' it told me, that I am already logged in.
If you run 'bw unlock' without being logged in, you are prompted to log in. 
This clarifies the Error occurring and can drastically reduce debugging time, since you don't have to look into the source code to get an understanding of whats wrong.

* RM: negation

Nobody needs negation

* Update function name

* FIX: tests

* ADD: changelog

* Update changelogs/fragments/5811-clarify-bitwarden-error.yml

Co-authored-by: Felix Fontein <felix@fontein.de>

Co-authored-by: Felix Fontein <felix@fontein.de>
2023-01-22 17:29:11 +01:00
reverendj1
e3f02cb161
Add Support to Bitwarden Lookup for Custom Fields (#5694)
* Add Support to Bitwarden Lookup for Custom Fields

This adds support to the Bitwarden lookup for retrieving values from
custom fields, such as api keys.

* Need to Return Whole Record if Field is Not Defined

* whitespace

* Add Changelog Fragment

* Need to Make Sure All Login Fields are Represented

We need to make sure that all login fields are accounted for, since
there will be no other way to retrieve them with this change, and we
don't want to break backwards compatibility. Looking at this code from
the official client,
https://github.com/bitwarden/clients/blob/master/libs/common/spec/models/domain/login.spec.ts,
autofillOnPageLoad might be another login field.

* Update changelogs/fragments/5694-add-custom-fields-to-bitwarden.yml

Clarify changelog fragment

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/lookup/bitwarden.py

Fix logic. Should only error if matches were found, but are missing the custom field.

Co-authored-by: Felix Fontein <felix@fontein.de>

Co-authored-by: Felix Fontein <felix@fontein.de>
2023-01-07 10:28:05 +01:00
Felix Fontein
60c8b9a67f
dependent lookup: prevent deprecation warning with ansible-core 2.14 (#5543)
* Prevent deprecation warning.

* Improve naming and add comment.
2022-11-15 08:12:09 +01:00
Sam Doran
c604cc5ba9
onepassword_raw - Add missing parameter to doc string (#5511)
* onepassword_raw - Add missing parameter to doc string

* Remove redundant mention of default value

* Update changelogs/fragments/5506-onepassword_raw-missing-param.yml

Co-authored-by: Felix Fontein <felix@fontein.de>
2022-11-09 07:28:49 +01:00
Sam Doran
be0b5e5f8c
onepassword - Support v2 (#4728)
* Begin building out separate classes to support  different op cli versions

Create separet base classes for each major version.
Define the main interface in the base class.
Create methods for getting the current version and instantiating the
appropriate class based on the found version.

* First pass at mostly working CLI version classes

* Correct mismathched parameters

* Update _run() method to allow updating enviroment

This allows passing in the app secret as an env var, which is more
secure than using a command line arg.

* Continuing to improve the interface

* Tear existing tests down to the studs

These tests were based off of the LastPass unit tests. I’m going to
just start from scratch given the new plugin code is vastly diffenent.

* Fix sanity test

* CLI config file path can be None

* Improve required param checking

- only report missing params
- use proper grammer based on number of missing params

* Change assert_logged_in() method return value

Return a boolean value indicating whether or not account is signed in

* Improve full login for v2

Have to do a bit of a dance to avoid hitting the interactive prompt
if there are no accounts configured.

* Remove unused methods

* Add some tests

* Fix linting errors

* Move fixtures to separate file

* Restructure mock test data and add more tests

* Add boilerplate

* Add test scenario for op v2 and increase coverage

* Fix up copyright statements

* Test v1 and v2 in all cases

* Use a more descriptive variable name

* Use docstrings rather than pass in abstract class

This adds coverage to abstract methods with the least amount of hackery.

* Increase test coverage for CLI classes

* Sort test parameters to avoid collection errors

* Update version tested in docs

* Revere test parameter sorting for now

The parameters need to be sorted to avoid the issue in older Python
versions in CI, but I’m having trouble working out how to do that
currently.

* Allow passing kwargs to the lookup module under test

* Favor label over id for v2 when looking for values

Add tests

* Display a warning for section on op v2 or greater

There is no “value” in section fields. If we wanted to support sections
in v2, we would also have to allow specifying the field name in
order to override “value”.

* Move test cases to their own file

Getting a bit unwieldy having it in the test file

* Move output into JSON files fore easier reuse

* Switch to using get_options()

* Add licenses for fixture files

* Use get_option() since get_options() was added in Ansible Core 2.12

* Rearrange fixtures

* Add changelog

* Move common classes to module_utils

* Move common classes back to lookup

The plugin relies on AnsibleLookupError() quite a bit which is not available
in module code.

Remove use of display for errors since section isn’t actually deprecated.

* Properly handle sections

Still room for improvement, but this is at least a start.

* Remove some comments that won’t be addressed

* Make test gathering more deterministic to avoid failures

* Update changelog fragment

* Simple fix for making tests reliable
2022-11-06 11:32:35 +01:00
Felix Fontein
faf4ec7fa6
passwordstore lookup: allow to pass options as lookup options (#5444)
* Allow to pass options as lookup options.

* Adjust tests.
2022-11-02 20:17:08 +01:00
Jan-Philipp Litza
e4b9e098c7
Clearer error logging in passwordstore lookup (#5436)
* Clearer error logging in passwordstore lookup

* Add changelog fragment for passwordstore errmsgs

Co-authored-by: Sylvia van Os <sylvia@hackerchick.me>
2022-11-02 20:12:21 +01:00
Felix Fontein
47cc2a4e8e
dnstxt lookup - add option to return empty list. (#5457) 2022-11-01 22:19:33 +01:00
Felix Fontein
e718bd8445
Lookups: use Ansible's config manager whenever possible (#5440)
* Start using Ansible's config manager to handle options.

* Docs improvements.

* Fix documentation, make options actual lookup options.

* The cyberarkpassword lookup does too strange things.

* The onepassword lookups are converted in #4728, let's not interfere.

* Improve docs.

* Skip shelvefile as well.

* Convert lmdb_kv.

* Convert and fix credstash.

* Convert manifold.

* Drop chef_databag.

* Convert dig.

* Update examples.

* Forgot the most important part.

* Fix lmdb_kv docs.

* Python 2.6 compatibility.

* Convert AnsibleUnicode to str.

* Load lookup with lookup loader.

* Fix environment handling and error message checking.

* Improve docs formatting.
2022-11-01 21:58:46 +01:00
Felix Fontein
5f4e593116 Revert "Fix non-matching defaults in docs (#5446)"
This reverts commit a978bff2c7.
2022-11-01 19:12:21 +01:00
Felix Fontein
a978bff2c7
Fix non-matching defaults in docs (#5446)
* Allow to pass options as lookup options.

* Adjust tests.

* Fix non-matching defaults.
2022-11-01 18:11:02 +01:00
Jan-Piet Mens
df34a7b0f2 add option to force dig lookup to return empty list instead of list of empty strings. (#5439)
fixes https://github.com/ansible-collections/community.general/issues/5428
2022-10-29 10:51:03 +02:00
betuxy
394647df84
bitwarden: Add field to search for all item attributes, instead of on… (#5297)
* bitwarden: Add field to search for all item attributes, instead of only name.

* bitwarden: Add change to changelog.

* bitwarden: Update changelog entry.

* Update changelogs/fragments/5297-bitwarden-add-search-field.yml

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/lookup/bitwarden.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/lookup/bitwarden.py

Co-authored-by: Felix Fontein <felix@fontein.de>

Co-authored-by: Ole Pannbacker <opannbacker@cronon.net>
Co-authored-by: Felix Fontein <felix@fontein.de>
2022-10-01 18:19:39 +02:00
Felix Fontein
015566fb06
Normalize more booleans. (#5247) 2022-09-06 20:42:17 +02:00
Felix Fontein
19ce50f6b9
Adjust booleans in misc plugins. (#5161) 2022-08-24 20:00:39 +02:00
Tom Reeb
9f39294f50
adding nested try block for tss.py to import new Delinea library (#5151)
* adding nested try block to import delinea library

* whitespace

* Update plugins/lookup/tss.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* adding changelog fragment

* Update changelogs/fragments/5151-add-delinea-support-tss-lookup.yml

Co-authored-by: Felix Fontein <felix@fontein.de>

Co-authored-by: Tom Reeb <Thomas.Reeb_e@morganlewis.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
2022-08-23 21:53:06 +02:00
Michal Hybner
3c2d7eb193
dig: Fix evaluation of boolean parameters (#5129)
* Add lookup_dig tests

* Fix boolean evaluation

* Add changelog fragment

* Apply review changes

* Add license
2022-08-20 14:31:15 +02:00
Felix Fontein
424d706f92
Fix more copyright lines, add more default copyright lines (#5095)
* Fix copyright lines.

* Add default copyright line.
2022-08-08 14:24:58 +02:00
Felix Fontein
2a9fd7359f
Add more license statements (#5079)
* Add more license statements. These were modified manually incorporating existing data.

* Remove accidentally added line.
2022-08-07 13:37:23 +02:00
Felix Fontein
496bf27b5c
Fix copyright lines (make sure 'Copyright' is there). (#5083) 2022-08-05 22:12:10 +02:00
Felix Fontein
123c7efe5e
Move licenses to LICENSES/, run add-license.py, add LICENSES/MIT.txt (#5065)
* Move licenses to LICENSES/, run add-license.py, add LICENSES/MIT.txt.

* Replace 'Copyright:' with 'Copyright'

sed -i 's|Copyright:\(.*\)|Copyright\1|' $(rg -l 'Copyright:')

Co-authored-by: Maxwell G <gotmax@e.email>
2022-08-05 12:28:29 +02:00
Jonathan Lung
ab0cd83bb1
New lookup plug-in: bitwarden (#5012)
* Basic support for Bitwarden lookups

Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Sviatoslav Sydorenko <wk.cvs.github@sydorenko.org.ua>

* Update plugins/lookup/bitwarden.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/lookup/bitwarden.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/lookup/bitwarden.py

Co-authored-by: Felix Fontein <felix@fontein.de>

Co-authored-by: jonathan lung <lungj@heresjono.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Sviatoslav Sydorenko <wk.cvs.github@sydorenko.org.ua>
2022-08-01 10:00:05 +02:00
Jonathan Lung
e8e6b9bbd7
lastpass lookup: use config manager, improve documentation (#5022)
* LastPass lookup: use config manager, improve documentation

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update changelogs/fragments/5022-lastpass-lookup-cleanup.yml

Co-authored-by: Felix Fontein <felix@fontein.de>

Co-authored-by: jonathan lung <lungj@heresjono.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
2022-08-01 09:36:07 +02:00
Sylvia van Os
3eb29eb4b6
Fix returnall for gopass (#5027)
* Fix returnall for gopass

Gopass was always given the --password flag, despite there being no need for this.

* Add changelog fragment

Co-authored-by: Sylvia van Os <sylvia.van.os@politie.nl>
2022-07-29 14:24:15 +02:00
Benjamin
2662bc881f
Introduce dig lookup argument fail_on_error (#4973)
with default False for backwards compatibility.

Allows fail-fast behavior on lookup failures instead of returning strings and continuing.
2022-07-24 12:08:47 +02:00
Sylvia van Os
c31e6413f2
Fix path detection for gopass (#4955)
* Fix path detection for gopass

As per fc8c9a2286/docs/features.md (initializing-a-password-store), gopass defaults to ~/.local/share/gopass/stores/root for its password store root location.

However, the user can also override this, and this will be stored in the gopass config file (ed7451678c/docs/config.md (configuration-options)).

This patch ensures that the config setting in gopass is respected, falling back to the default gopass path. pass' behaviour remains unchanged.

* Formatting improvements

Co-authored-by: Felix Fontein <felix@fontein.de>

* Add changelog fragment

* Formatting improvement

Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>

Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
2022-07-21 07:19:31 +02:00
andrii-zakurenyi
7ffa2b525c
Do not ignore tld option in DSV lookup plugin (#4911)
* Do not ignore tld option in DSV lookup plugin

* add changelog fragment

* Update changelogs/fragments/4911-dsv-honor-tld-option.yml

Co-authored-by: Felix Fontein <felix@fontein.de>

Co-authored-by: Felix Fontein <felix@fontein.de>
2022-07-04 20:25:34 +02:00